diff options
Diffstat (limited to 'poky/meta')
327 files changed, 19785 insertions, 2092 deletions
diff --git a/poky/meta/classes-recipe/cargo.bbclass b/poky/meta/classes-recipe/cargo.bbclass index 7a8cc1e751..3ef0bbbb44 100644 --- a/poky/meta/classes-recipe/cargo.bbclass +++ b/poky/meta/classes-recipe/cargo.bbclass @@ -55,7 +55,6 @@ oe_cargo_build () { do_compile[progress] = "outof:\s+(\d+)/(\d+)" cargo_do_compile () { - oe_cargo_fix_env oe_cargo_build } diff --git a/poky/meta/classes-recipe/cargo_common.bbclass b/poky/meta/classes-recipe/cargo_common.bbclass index 82ab25b59c..1ca0be471c 100644 --- a/poky/meta/classes-recipe/cargo_common.bbclass +++ b/poky/meta/classes-recipe/cargo_common.bbclass @@ -149,6 +149,10 @@ python cargo_common_do_patch_paths() { } do_configure[postfuncs] += "cargo_common_do_patch_paths" +do_compile:prepend () { + oe_cargo_fix_env +} + oe_cargo_fix_env () { export CC="${RUST_TARGET_CC}" export CXX="${RUST_TARGET_CXX}" diff --git a/poky/meta/classes-recipe/cmake.bbclass b/poky/meta/classes-recipe/cmake.bbclass index 554b948c32..2153efe5c0 100644 --- a/poky/meta/classes-recipe/cmake.bbclass +++ b/poky/meta/classes-recipe/cmake.bbclass @@ -51,17 +51,16 @@ OECMAKE_CXX_COMPILER ?= "${@oecmake_map_compiler('CXX', d)[0]}" OECMAKE_CXX_COMPILER_LAUNCHER ?= "${@oecmake_map_compiler('CXX', d)[1]}" # clear compiler vars for allarch to avoid sig hash difference -OECMAKE_C_COMPILER_allarch = "" -OECMAKE_C_COMPILER_LAUNCHER_allarch = "" -OECMAKE_CXX_COMPILER_allarch = "" -OECMAKE_CXX_COMPILER_LAUNCHER_allarch = "" +OECMAKE_C_COMPILER:allarch = "" +OECMAKE_C_COMPILER_LAUNCHER:allarch = "" +OECMAKE_CXX_COMPILER:allarch = "" +OECMAKE_CXX_COMPILER_LAUNCHER:allarch = "" OECMAKE_RPATH ?= "" OECMAKE_PERLNATIVE_DIR ??= "" OECMAKE_EXTRA_ROOT_PATH ?= "" OECMAKE_FIND_ROOT_PATH_MODE_PROGRAM = "ONLY" -OECMAKE_FIND_ROOT_PATH_MODE_PROGRAM:class-native = "BOTH" EXTRA_OECMAKE:append = " ${PACKAGECONFIG_CONFARGS}" diff --git a/poky/meta/classes-recipe/cml1.bbclass b/poky/meta/classes-recipe/cml1.bbclass index a09a042c3f..73c22f81d6 100644 --- a/poky/meta/classes-recipe/cml1.bbclass +++ b/poky/meta/classes-recipe/cml1.bbclass @@ -53,7 +53,7 @@ python do_menuconfig() { # ensure that environment variables are overwritten with this tasks 'd' values d.appendVar("OE_TERMINAL_EXPORTS", " PKG_CONFIG_DIR PKG_CONFIG_PATH PKG_CONFIG_LIBDIR PKG_CONFIG_SYSROOT_DIR") - oe_terminal("sh -c \"make %s; if [ \\$? -ne 0 ]; then echo 'Command failed.'; printf 'Press any key to continue... '; read r; fi\"" % d.getVar('KCONFIG_CONFIG_COMMAND'), + oe_terminal("sh -c 'make %s; if [ \\$? -ne 0 ]; then echo \"Command failed.\"; printf \"Press any key to continue... \"; read r; fi'" % d.getVar('KCONFIG_CONFIG_COMMAND'), d.getVar('PN') + ' Configuration', d) # FIXME this check can be removed when the minimum bitbake version has been bumped diff --git a/poky/meta/classes-recipe/image_types.bbclass b/poky/meta/classes-recipe/image_types.bbclass index bbddfaf272..023eb87537 100644 --- a/poky/meta/classes-recipe/image_types.bbclass +++ b/poky/meta/classes-recipe/image_types.bbclass @@ -148,10 +148,11 @@ IMAGE_CMD:cpio () { if [ ! -L ${IMAGE_ROOTFS}/init ] && [ ! -e ${IMAGE_ROOTFS}/init ]; then if [ -L ${IMAGE_ROOTFS}/sbin/init ] || [ -e ${IMAGE_ROOTFS}/sbin/init ]; then ln -sf /sbin/init ${WORKDIR}/cpio_append/init + touch -h -r ${IMAGE_ROOTFS}/sbin/init ${WORKDIR}/cpio_append/init else - touch ${WORKDIR}/cpio_append/init + touch -r ${IMAGE_ROOTFS} ${WORKDIR}/cpio_append/init fi - (cd ${WORKDIR}/cpio_append && echo ./init | cpio -oA -H newc -F ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio) + (cd ${WORKDIR}/cpio_append && echo ./init | cpio --reproducible -oA -H newc -F ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio) fi fi } diff --git a/poky/meta/classes-recipe/kernel-module-split.bbclass b/poky/meta/classes-recipe/kernel-module-split.bbclass index 50882c31a7..c1208d55e0 100644 --- a/poky/meta/classes-recipe/kernel-module-split.bbclass +++ b/poky/meta/classes-recipe/kernel-module-split.bbclass @@ -30,9 +30,8 @@ fi PACKAGE_WRITE_DEPS += "kmod-native depmodwrapper-cross" -do_install:append() { - install -d ${D}${sysconfdir}/modules-load.d/ ${D}${sysconfdir}/modprobe.d/ -} +modulesloaddir ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${nonarch_libdir}', '${sysconfdir}', d)}/modules-load.d" +modprobedir ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${nonarch_base_libdir}', '${sysconfdir}', d)}/modprobe.d" KERNEL_SPLIT_MODULES ?= "1" PACKAGESPLITFUNCS =+ "split_kernel_module_packages" @@ -73,9 +72,8 @@ python split_kernel_module_packages () { cmd = "%sobjcopy -j .modinfo -O binary %s %s" % (d.getVar("HOST_PREFIX") or "", file, tmpfile) subprocess.check_call(cmd, shell=True) # errors='replace': Some old kernel versions contain invalid utf-8 characters in mod descriptions (like 0xf6, 'ö') - f = open(tmpfile, errors='replace') - l = f.read().split("\000") - f.close() + with open(tmpfile, errors='replace') as f: + l = f.read().split("\000") os.close(tf[0]) os.unlink(tmpfile) if compressed: @@ -93,7 +91,7 @@ python split_kernel_module_packages () { dvar = d.getVar('PKGD') - # If autoloading is requested, output /etc/modules-load.d/<name>.conf and append + # If autoloading is requested, output ${modulesloaddir}/<name>.conf and append # appropriate modprobe commands to the postinst autoloadlist = (d.getVar("KERNEL_MODULE_AUTOLOAD") or "").split() autoload = d.getVar('module_autoload_%s' % basename) @@ -102,14 +100,18 @@ python split_kernel_module_packages () { if autoload and basename not in autoloadlist: bb.warn("module_autoload_%s is defined but '%s' isn't included in KERNEL_MODULE_AUTOLOAD, please add it there" % (basename, basename)) if basename in autoloadlist: - name = '%s/etc/modules-load.d/%s.conf' % (dvar, basename) - f = open(name, 'w') - if autoload: - for m in autoload.split(): - f.write('%s\n' % m) - else: - f.write('%s\n' % basename) - f.close() + conf = '%s/%s.conf' % (d.getVar('modulesloaddir'), basename) + name = '%s%s' % (dvar, conf) + os.makedirs(os.path.dirname(name), exist_ok=True) + with open(name, 'w') as f: + if autoload: + for m in autoload.split(): + f.write('%s\n' % m) + else: + f.write('%s\n' % basename) + conf2append = ' %s' % conf + d.appendVar('FILES:%s' % pkg, conf2append) + d.appendVar('CONFFILES:%s' % pkg, conf2append) postinst = d.getVar('pkg_postinst:%s' % pkg) if not postinst: bb.fatal("pkg_postinst:%s not defined" % pkg) @@ -120,21 +122,18 @@ python split_kernel_module_packages () { modconflist = (d.getVar("KERNEL_MODULE_PROBECONF") or "").split() modconf = d.getVar('module_conf_%s' % basename) if modconf and basename in modconflist: - name = '%s/etc/modprobe.d/%s.conf' % (dvar, basename) - f = open(name, 'w') - f.write("%s\n" % modconf) - f.close() + conf = '%s/%s.conf' % (d.getVar('modprobedir'), basename) + name = '%s%s' % (dvar, conf) + os.makedirs(os.path.dirname(name), exist_ok=True) + with open(name, 'w') as f: + f.write("%s\n" % modconf) + conf2append = ' %s' % conf + d.appendVar('FILES:%s' % pkg, conf2append) + d.appendVar('CONFFILES:%s' % pkg, conf2append) + elif modconf: bb.error("Please ensure module %s is listed in KERNEL_MODULE_PROBECONF since module_conf_%s is set" % (basename, basename)) - files = d.getVar('FILES:%s' % pkg) - files = "%s /etc/modules-load.d/%s.conf /etc/modprobe.d/%s.conf" % (files, basename, basename) - d.setVar('FILES:%s' % pkg, files) - - conffiles = d.getVar('CONFFILES:%s' % pkg) - conffiles = "%s /etc/modules-load.d/%s.conf /etc/modprobe.d/%s.conf" % (conffiles, basename, basename) - d.setVar('CONFFILES:%s' % pkg, conffiles) - if "description" in vals: old_desc = d.getVar('DESCRIPTION:' + pkg) or "" d.setVar('DESCRIPTION:' + pkg, old_desc + "; " + vals["description"]) @@ -169,8 +168,8 @@ python split_kernel_module_packages () { postrm = d.getVar('pkg_postrm:modules') if splitmods != '1': - etcdir = d.getVar('sysconfdir') - d.appendVar('FILES:' + metapkg, '%s/modules-load.d/ %s/modprobe.d/ %s/modules/' % (etcdir, etcdir, d.getVar("nonarch_base_libdir"))) + d.appendVar('FILES:' + metapkg, '%s %s %s/modules' % + (d.getVar('modulesloaddir'), d.getVar('modprobedir'), d.getVar("nonarch_base_libdir"))) d.appendVar('pkg_postinst:%s' % metapkg, postinst) d.prependVar('pkg_postrm:%s' % metapkg, postrm); return @@ -184,14 +183,6 @@ python split_kernel_module_packages () { modules = do_split_packages(d, root='${nonarch_base_libdir}/modules', file_regex=module_regex, output_pattern=module_pattern, description='%s kernel module', postinst=postinst, postrm=postrm, recursive=True, hook=frob_metadata, extra_depends='%s-%s' % (kernel_package_name, kernel_version)) if modules: d.appendVar('RDEPENDS:' + metapkg, ' '+' '.join(modules)) - - # If modules-load.d and modprobe.d are empty at this point, remove them to - # avoid warnings. removedirs only raises an OSError if an empty - # directory cannot be removed. - dvar = d.getVar('PKGD') - for dir in ["%s/etc/modprobe.d" % (dvar), "%s/etc/modules-load.d" % (dvar), "%s/etc" % (dvar)]: - if len(os.listdir(dir)) == 0: - os.rmdir(dir) } do_package[vardeps] += '${@" ".join(map(lambda s: "module_conf_" + s, (d.getVar("KERNEL_MODULE_PROBECONF") or "").split()))}' diff --git a/poky/meta/classes-recipe/kernel.bbclass b/poky/meta/classes-recipe/kernel.bbclass index 1e97de5696..3abd689794 100644 --- a/poky/meta/classes-recipe/kernel.bbclass +++ b/poky/meta/classes-recipe/kernel.bbclass @@ -181,13 +181,14 @@ do_unpack[cleandirs] += " ${S} ${STAGING_KERNEL_DIR} ${B} ${STAGING_KERNEL_BUILD do_clean[cleandirs] += " ${S} ${STAGING_KERNEL_DIR} ${B} ${STAGING_KERNEL_BUILDDIR}" python do_symlink_kernsrc () { s = d.getVar("S") - if s[-1] == '/': - # drop trailing slash, so that os.symlink(kernsrc, s) doesn't use s as directory name and fail - s=s[:-1] kernsrc = d.getVar("STAGING_KERNEL_DIR") if s != kernsrc: bb.utils.mkdirhier(kernsrc) bb.utils.remove(kernsrc, recurse=True) + if s[-1] == '/': + # drop trailing slash, so that os.symlink(kernsrc, s) doesn't use s as + # directory name and fail + s = s[:-1] if d.getVar("EXTERNALSRC"): # With EXTERNALSRC S will not be wiped so we can symlink to it os.symlink(s, kernsrc) @@ -476,9 +477,7 @@ kernel_do_install() { install -m 0644 System.map ${D}/${KERNEL_IMAGEDEST}/System.map-${KERNEL_VERSION} install -m 0644 .config ${D}/${KERNEL_IMAGEDEST}/config-${KERNEL_VERSION} install -m 0644 vmlinux ${D}/${KERNEL_IMAGEDEST}/vmlinux-${KERNEL_VERSION} - [ -e Module.symvers ] && install -m 0644 Module.symvers ${D}/${KERNEL_IMAGEDEST}/Module.symvers-${KERNEL_VERSION} - install -d ${D}${sysconfdir}/modules-load.d - install -d ${D}${sysconfdir}/modprobe.d + ! [ -e Module.symvers ] || install -m 0644 Module.symvers ${D}/${KERNEL_IMAGEDEST}/Module.symvers-${KERNEL_VERSION} } # Must be ran no earlier than after do_kernel_checkout or else Makefile won't be in ${S}/Makefile @@ -546,7 +545,7 @@ do_shared_workdir () { # Copy files required for module builds cp System.map $kerneldir/System.map-${KERNEL_VERSION} - [ -e Module.symvers ] && cp Module.symvers $kerneldir/ + ! [ -e Module.symvers ] || cp Module.symvers $kerneldir/ cp .config $kerneldir/ mkdir -p $kerneldir/include/config cp include/config/kernel.release $kerneldir/include/config/kernel.release diff --git a/poky/meta/classes-recipe/meson.bbclass b/poky/meta/classes-recipe/meson.bbclass index 48688bed75..7f5e9b1943 100644 --- a/poky/meta/classes-recipe/meson.bbclass +++ b/poky/meta/classes-recipe/meson.bbclass @@ -111,6 +111,7 @@ nm = ${@meson_array('BUILD_NM', d)} strip = ${@meson_array('BUILD_STRIP', d)} readelf = ${@meson_array('BUILD_READELF', d)} objcopy = ${@meson_array('BUILD_OBJCOPY', d)} +llvm-config = '${STAGING_BINDIR_NATIVE}/llvm-config' pkgconfig = 'pkg-config-native' ${@rust_tool(d, "BUILD_SYS")} diff --git a/poky/meta/classes-recipe/rootfs_rpm.bbclass b/poky/meta/classes-recipe/rootfs_rpm.bbclass index 6eccd5a959..55f1cc92ca 100644 --- a/poky/meta/classes-recipe/rootfs_rpm.bbclass +++ b/poky/meta/classes-recipe/rootfs_rpm.bbclass @@ -20,11 +20,9 @@ IMAGE_ROOTFS_EXTRA_SPACE:append = "${@bb.utils.contains("PACKAGE_INSTALL", "dnf" # Dnf is python based, so be sure python3-native is available to us. EXTRANATIVEPATH += "python3-native" -# opkg is needed for update-alternatives RPMROOTFSDEPENDS = "rpm-native:do_populate_sysroot \ dnf-native:do_populate_sysroot \ - createrepo-c-native:do_populate_sysroot \ - opkg-native:do_populate_sysroot" + createrepo-c-native:do_populate_sysroot" do_rootfs[depends] += "${RPMROOTFSDEPENDS}" do_populate_sdk[depends] += "${RPMROOTFSDEPENDS}" diff --git a/poky/meta/classes-recipe/rust-common.bbclass b/poky/meta/classes-recipe/rust-common.bbclass index e0cedd7aa2..878272721c 100644 --- a/poky/meta/classes-recipe/rust-common.bbclass +++ b/poky/meta/classes-recipe/rust-common.bbclass @@ -158,6 +158,10 @@ WRAPPER_TARGET_CXX = "${CXX}" WRAPPER_TARGET_CCLD = "${CCLD}" WRAPPER_TARGET_LDFLAGS = "${LDFLAGS}" WRAPPER_TARGET_EXTRALD = "" +# see recipes-devtools/gcc/gcc/0018-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch +# we need to link with ssp_nonshared on musl to avoid "undefined reference to `__stack_chk_fail_local'" +# when building MACHINE=qemux86 for musl +WRAPPER_TARGET_EXTRALD:libc-musl = "-lssp_nonshared" WRAPPER_TARGET_AR = "${AR}" # compiler is used by gcc-rs diff --git a/poky/meta/classes-recipe/testexport.bbclass b/poky/meta/classes-recipe/testexport.bbclass index 0f0c56107f..572f5d9e76 100644 --- a/poky/meta/classes-recipe/testexport.bbclass +++ b/poky/meta/classes-recipe/testexport.bbclass @@ -61,16 +61,12 @@ def testexport_main(d): d.getVar("TEST_TARGET"), None, d.getVar("TEST_TARGET_IP"), d.getVar("TEST_SERVER_IP")) - host_dumper = OERuntimeTestContextExecutor.getHostDumper( - d.getVar("testimage_dump_host"), d.getVar("TESTIMAGE_DUMP_DIR")) - image_manifest = "%s.manifest" % image_name image_packages = OERuntimeTestContextExecutor.readPackagesManifest(image_manifest) extract_dir = d.getVar("TEST_EXTRACTED_DIR") - tc = OERuntimeTestContext(td, logger, target, host_dumper, - image_packages, extract_dir) + tc = OERuntimeTestContext(td, logger, target, image_packages, extract_dir) copy_needed_files(d, tc) diff --git a/poky/meta/classes-recipe/testimage.bbclass b/poky/meta/classes-recipe/testimage.bbclass index b48cd96575..cc3650ad42 100644 --- a/poky/meta/classes-recipe/testimage.bbclass +++ b/poky/meta/classes-recipe/testimage.bbclass @@ -115,18 +115,6 @@ testimage_dump_target () { find /var/log/ -type f 2>/dev/null -exec echo "====================" \; -exec echo {} \; -exec echo "====================" \; -exec cat {} \; -exec echo "" \; } -testimage_dump_host () { - top -bn1 - iostat -x -z -N -d -p ALL 20 2 - ps -ef - free - df - memstat - dmesg - ip -s link - netstat -an -} - testimage_dump_monitor () { query-status query-block @@ -339,19 +327,13 @@ def testimage_main(d): # runtime use network for download projects for build export_proxies(d) - # we need the host dumper in test context - host_dumper = OERuntimeTestContextExecutor.getHostDumper( - d.getVar("testimage_dump_host"), - d.getVar("TESTIMAGE_DUMP_DIR")) - # the robot dance target = OERuntimeTestContextExecutor.getTarget( d.getVar("TEST_TARGET"), logger, d.getVar("TEST_TARGET_IP"), d.getVar("TEST_SERVER_IP"), **target_kwargs) # test context - tc = OERuntimeTestContext(td, logger, target, host_dumper, - image_packages, extract_dir) + tc = OERuntimeTestContext(td, logger, target, image_packages, extract_dir) # Load tests before starting the target test_paths = get_runtime_paths(d) diff --git a/poky/meta/classes-recipe/uboot-extlinux-config.bbclass b/poky/meta/classes-recipe/uboot-extlinux-config.bbclass index 86a7d30ca0..653e583663 100644 --- a/poky/meta/classes-recipe/uboot-extlinux-config.bbclass +++ b/poky/meta/classes-recipe/uboot-extlinux-config.bbclass @@ -33,11 +33,11 @@ # UBOOT_EXTLINUX_DEFAULT_LABEL ??= "Linux Default" # UBOOT_EXTLINUX_TIMEOUT ??= "30" # -# UBOOT_EXTLINUX_KERNEL_IMAGE_default ??= "../zImage" -# UBOOT_EXTLINUX_MENU_DESCRIPTION_default ??= "Linux Default" +# UBOOT_EXTLINUX_KERNEL_IMAGE:default ??= "../zImage" +# UBOOT_EXTLINUX_MENU_DESCRIPTION:default ??= "Linux Default" # -# UBOOT_EXTLINUX_KERNEL_IMAGE_fallback ??= "../zImage-fallback" -# UBOOT_EXTLINUX_MENU_DESCRIPTION_fallback ??= "Linux Fallback" +# UBOOT_EXTLINUX_KERNEL_IMAGE:fallback ??= "../zImage-fallback" +# UBOOT_EXTLINUX_MENU_DESCRIPTION:fallback ??= "Linux Fallback" # # Results: # diff --git a/poky/meta/classes/externalsrc.bbclass b/poky/meta/classes/externalsrc.bbclass index b00fdba8e9..aedd78a03a 100644 --- a/poky/meta/classes/externalsrc.bbclass +++ b/poky/meta/classes/externalsrc.bbclass @@ -75,6 +75,8 @@ python () { # Dummy value because the default function can't be called with blank SRC_URI d.setVar('SRCPV', '999') + # sstate is never going to work for external source trees, disable it + d.setVar('SSTATE_SKIP_CREATION', '1') if d.getVar('CONFIGUREOPT_DEPTRACK') == '--disable-dependency-tracking': d.setVar('CONFIGUREOPT_DEPTRACK', '') @@ -82,10 +84,7 @@ python () { tasks = filter(lambda k: d.getVarFlag(k, "task"), d.keys()) for task in tasks: - if task.endswith("_setscene"): - # sstate is never going to work for external source trees, disable it - bb.build.deltask(task, d) - elif os.path.realpath(d.getVar('S')) == os.path.realpath(d.getVar('B')): + if os.path.realpath(d.getVar('S')) == os.path.realpath(d.getVar('B')): # Since configure will likely touch ${S}, ensure only we lock so one task has access at a time d.appendVarFlag(task, "lockfiles", " ${S}/singletask.lock") diff --git a/poky/meta/classes/useradd-staticids.bbclass b/poky/meta/classes/useradd-staticids.bbclass index abe484eb46..1dbcba2bf1 100644 --- a/poky/meta/classes/useradd-staticids.bbclass +++ b/poky/meta/classes/useradd-staticids.bbclass @@ -47,7 +47,7 @@ def update_useradd_static_config(d): def handle_missing_id(id, type, pkg, files, var, value): # For backwards compatibility we accept "1" in addition to "error" error_dynamic = d.getVar('USERADD_ERROR_DYNAMIC') - msg = "%s - %s: %sname %s does not have a static ID defined." % (d.getVar('PN'), pkg, type, id) + msg = 'Recipe %s, package %s: %sname "%s" does not have a static ID defined.' % (d.getVar('PN'), pkg, type, id) if files: msg += " Add %s to one of these files: %s" % (id, files) else: diff --git a/poky/meta/conf/bitbake.conf b/poky/meta/conf/bitbake.conf index 52ef64b50a..f679a49eb0 100644 --- a/poky/meta/conf/bitbake.conf +++ b/poky/meta/conf/bitbake.conf @@ -529,7 +529,7 @@ HOSTTOOLS += " \ python3 pzstd ranlib readelf readlink realpath rm rmdir rpcgen sed seq sh \ sha1sum sha224sum sha256sum sha384sum sha512sum \ sleep sort split stat strings strip tail tar tee test touch tr true uname \ - uniq wc wget which xargs zstd \ + uniq unzstd wc wget which xargs zstd \ " # Tools needed to run testimage runtime image testing diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc index b4ce618ca0..784a4647e3 100644 --- a/poky/meta/conf/distro/include/maintainers.inc +++ b/poky/meta/conf/distro/include/maintainers.inc @@ -41,7 +41,7 @@ RECIPE_MAINTAINER:pn-alsa-utils = "Michael Opdenacker <michael.opdenacker@bootli RECIPE_MAINTAINER:pn-apmd = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-apr = "Hongxu Jia <hongxu.jia@windriver.com>" RECIPE_MAINTAINER:pn-apr-util = "Hongxu Jia <hongxu.jia@windriver.com>" -RECIPE_MAINTAINER:pn-apt = "Aníbal Limón <limon.anibal@gmail.com>" +RECIPE_MAINTAINER:pn-apt = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-argp-standalone = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-asciidoc = "Yi Zhao <yi.zhao@windriver.com>" RECIPE_MAINTAINER:pn-aspell = "Anuj Mittal <anuj.mittal@intel.com>" @@ -60,7 +60,7 @@ RECIPE_MAINTAINER:pn-base-passwd = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-bash = "Hongxu Jia <hongxu.jia@windriver.com>" RECIPE_MAINTAINER:pn-bash-completion = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-bc = "Anuj Mittal <anuj.mittal@intel.com>" -RECIPE_MAINTAINER:pn-bind = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER:pn-bind = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-binutils = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-binutils-cross-${TARGET_ARCH} = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-binutils-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <raj.khem@gmail.com>" @@ -83,7 +83,7 @@ RECIPE_MAINTAINER:pn-buildtools-extended-tarball = "Richard Purdie <richard.purd RECIPE_MAINTAINER:pn-buildtools-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>" RECIPE_MAINTAINER:pn-buildtools-docs-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>" RECIPE_MAINTAINER:pn-buildtools-make-tarball = "Richard Purdie <richard.purdie@linuxfoundation.org>" -RECIPE_MAINTAINER:pn-busybox = "Andrej Valek <andrej.valek@siemens.com>" +RECIPE_MAINTAINER:pn-busybox = "Andrej Valek <andrej.v@skyrain.eu>" RECIPE_MAINTAINER:pn-busybox-inittab = "Denys Dmytriyenko <denis@denix.org>" RECIPE_MAINTAINER:pn-bzip2 = "Denys Dmytriyenko <denis@denix.org>" RECIPE_MAINTAINER:pn-ca-certificates = "Alexander Kanavin <alex.kanavin@gmail.com>" @@ -93,8 +93,8 @@ RECIPE_MAINTAINER:pn-cantarell-fonts = "Alexander Kanavin <alex.kanavin@gmail.co RECIPE_MAINTAINER:pn-ccache = "Robert Yang <liezhi.yang@windriver.com>" RECIPE_MAINTAINER:pn-cdrtools-native = "Yi Zhao <yi.zhao@windriver.com>" RECIPE_MAINTAINER:pn-chrpath = "Yi Zhao <yi.zhao@windriver.com>" -RECIPE_MAINTAINER:pn-cmake = "Pascal Bach <pascal.bach@siemens.com>" -RECIPE_MAINTAINER:pn-cmake-native = "Pascal Bach <pascal.bach@siemens.com>" +RECIPE_MAINTAINER:pn-cmake = "Unassigned <unassigned@yoctoproject.org>" +RECIPE_MAINTAINER:pn-cmake-native = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-connman = "Changhyeok Bae <changhyeok.bae@gmail.com>" RECIPE_MAINTAINER:pn-connman-conf = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-connman-gnome = "Ross Burton <ross.burton@arm.com>" @@ -152,7 +152,7 @@ RECIPE_MAINTAINER:pn-docbook-xml-dtd4 = "Yi Zhao <yi.zhao@windriver.com>" RECIPE_MAINTAINER:pn-docbook-xsl-stylesheets = "Yi Zhao <yi.zhao@windriver.com>" RECIPE_MAINTAINER:pn-dos2unix = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-dosfstools = "Yi Zhao <yi.zhao@windriver.com>" -RECIPE_MAINTAINER:pn-dpkg = "Aníbal Limón <limon.anibal@gmail.com>" +RECIPE_MAINTAINER:pn-dpkg = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-dropbear = "Yi Zhao <yi.zhao@windriver.com>" RECIPE_MAINTAINER:pn-dtc = "Wang Mingyu <wangmy@fujitsu.com>" RECIPE_MAINTAINER:pn-dwarfsrcfiles = "Alexander Kanavin <alex.kanavin@gmail.com>" @@ -165,7 +165,7 @@ RECIPE_MAINTAINER:pn-ell = "Zang Ruochen <zangruochen@loongson.cn>" RECIPE_MAINTAINER:pn-enchant2 = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-encodings = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-epiphany = "Alexander Kanavin <alex.kanavin@gmail.com>" -RECIPE_MAINTAINER:pn-erofs-utils = "Richard Weinberger <richard@nod.at>" +RECIPE_MAINTAINER:pn-erofs-utils = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-ethtool = "Changhyeok Bae <changhyeok.bae@gmail.com>" RECIPE_MAINTAINER:pn-eudev = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-expat = "Yi Zhao <yi.zhao@windriver.com>" @@ -189,7 +189,7 @@ RECIPE_MAINTAINER:pn-gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <r RECIPE_MAINTAINER:pn-gcc-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-gcc-runtime = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-gcc-sanitizers = "Khem Raj <raj.khem@gmail.com>" -RECIPE_MAINTAINER:pn-gcc-source-12.2.0 = "Khem Raj <raj.khem@gmail.com>" +RECIPE_MAINTAINER:pn-gcc-source-12.3.0 = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-gconf = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-gcr3 = "Markus Volk <f_l_k@t-online.de>" RECIPE_MAINTAINER:pn-gcr = "Alexander Kanavin <alex.kanavin@gmail.com>" @@ -288,7 +288,7 @@ RECIPE_MAINTAINER:pn-iproute2 = "Changhyeok Bae <changhyeok.bae@gmail.com>" RECIPE_MAINTAINER:pn-iptables = "Changhyeok Bae <changhyeok.bae@gmail.com>" RECIPE_MAINTAINER:pn-iputils = "Changhyeok Bae <changhyeok.bae@gmail.com>" RECIPE_MAINTAINER:pn-iso-codes = "Wang Mingyu <wangmy@cn.fujitsu.com>" -RECIPE_MAINTAINER:pn-itstool = "Andreas Müller <schnitzeltony@gmail.com>" +RECIPE_MAINTAINER:pn-itstool = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-iw = "Changhyeok Bae <changhyeok.bae@gmail.com>" RECIPE_MAINTAINER:pn-libjpeg-turbo = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-json-c = "Yi Zhao <yi.zhao@windriver.com>" @@ -301,7 +301,7 @@ RECIPE_MAINTAINER:pn-kernel-devsrc = "Bruce Ashfield <bruce.ashfield@gmail.com>" RECIPE_MAINTAINER:pn-kexec-tools = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-keymaps = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-kmod = "Chen Qi <Qi.Chen@windriver.com>" -RECIPE_MAINTAINER:pn-kmscube = "Carlos Rafael Giani <dv@pseudoterminal.org>" +RECIPE_MAINTAINER:pn-kmscube = "Carlos Rafael Giani <crg7475@mailbox.org>" RECIPE_MAINTAINER:pn-l3afpad = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-lame = "Michael Opdenacker <michael.opdenacker@bootlin.com>" RECIPE_MAINTAINER:pn-ldconfig-native = "Khem Raj <raj.khem@gmail.com>" @@ -313,7 +313,7 @@ RECIPE_MAINTAINER:pn-libarchive = "Otavio Salvador <otavio.salvador@ossystems.co RECIPE_MAINTAINER:pn-libassuan = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libatomic-ops = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-libbsd = "Yi Zhao <yi.zhao@windriver.com>" -RECIPE_MAINTAINER:pn-libc-test = "Chase Qi <chase.qi@linaro.org>" +RECIPE_MAINTAINER:pn-libc-test = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libcap = "Yi Zhao <yi.zhao@windriver.com>" RECIPE_MAINTAINER:pn-libcap-ng = "Yi Zhao <yi.zhao@windriver.com>" RECIPE_MAINTAINER:pn-libcap-ng-python = "Yi Zhao <yi.zhao@windriver.com>" @@ -415,7 +415,7 @@ RECIPE_MAINTAINER:pn-liburcu = "Wang Mingyu <wangmy@fujitsu.com>" RECIPE_MAINTAINER:pn-liburi-perl = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-libusb1 = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-libubootenv = "Stefano Babic <sbabic@denx.de>" -RECIPE_MAINTAINER:pn-libuv = "Armin Kuster <akuster@mvista.com>" +RECIPE_MAINTAINER:pn-libuv = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libva = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-libva-initial = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-libva-utils = "Anuj Mittal <anuj.mittal@intel.com>" @@ -426,7 +426,7 @@ RECIPE_MAINTAINER:pn-libx11 = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libx11-compose-data = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libxau = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libxcb = "Unassigned <unassigned@yoctoproject.org>" -RECIPE_MAINTAINER:pn-libxcvt = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-libxcvt = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libxcomposite = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libxcursor = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-libxcrypt = "Khem Raj <raj.khem@gmail.com>" @@ -555,7 +555,7 @@ RECIPE_MAINTAINER:pn-npth = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-nss-myhostname = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-numactl = "Richard Purdie <richard.purdie@linuxfoundation.org>" RECIPE_MAINTAINER:pn-ofono = "Ross Burton <ross.burton@arm.com>" -RECIPE_MAINTAINER:pn-opensbi = "Alistair Francis <alistair.francis@wdc.com>" +RECIPE_MAINTAINER:pn-opensbi = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-openssh = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-openssl = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-opkg = "Alex Stewart <alex.stewart@ni.com>" @@ -564,8 +564,8 @@ RECIPE_MAINTAINER:pn-opkg-keyrings = "Alex Stewart <alex.stewart@ni.com>" RECIPE_MAINTAINER:pn-opkg-utils = "Alex Stewart <alex.stewart@ni.com>" RECIPE_MAINTAINER:pn-orc = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-os-release = "Ross Burton <ross.burton@arm.com>" -RECIPE_MAINTAINER:pn-ovmf = "Ricardo Neri <ricardo.neri-calderon@linux.intel.com>" -RECIPE_MAINTAINER:pn-ovmf-shell-image = "Ricardo Neri <ricardo.neri-calderon@linux.intel.com>" +RECIPE_MAINTAINER:pn-ovmf = "Unassigned <unassigned@yoctoproject.org>" +RECIPE_MAINTAINER:pn-ovmf-shell-image = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-p11-kit = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-package-index = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-pango = "Ross Burton <ross.burton@arm.com>" @@ -599,7 +599,7 @@ RECIPE_MAINTAINER:pn-ptest-runner = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-pulseaudio = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-pulseaudio-client-conf-sato = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-puzzles = "Anuj Mittal <anuj.mittal@intel.com>" -RECIPE_MAINTAINER:pn-python3 = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3 = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-alabaster = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-async = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" RECIPE_MAINTAINER:pn-python3-asn1crypto = "Tim Orling <tim.orling@konsulko.com>" @@ -613,20 +613,20 @@ RECIPE_MAINTAINER:pn-python3-cffi = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-chardet = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-cryptography = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-cryptography-vectors = "Tim Orling <tim.orling@konsulko.com>" -RECIPE_MAINTAINER:pn-python3-cython = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-cython = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-dbus = "Zang Ruochen <zangruochen@loongson.cn>" -RECIPE_MAINTAINER:pn-python3-dbusmock = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" -RECIPE_MAINTAINER:pn-python3-docutils = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-dbusmock = "Unassigned <unassigned@yoctoproject.org>" +RECIPE_MAINTAINER:pn-python3-docutils = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-dtschema = "Bruce Ashfield <bruce.ashfield@gmail.com>" RECIPE_MAINTAINER:pn-python3-dtschema-wrapper = "Bruce Ashfield <bruce.ashfield@gmail.com>" RECIPE_MAINTAINER:pn-python3-editables = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-python3-pycryptodome = "Joshua Watt <JPEWhacker@gmail.com>" RECIPE_MAINTAINER:pn-python3-pycryptodomex = "Joshua Watt <JPEWhacker@gmail.com>" RECIPE_MAINTAINER:pn-python3-pyrsistent = "Bruce Ashfield <bruce.ashfield@gmail.com>" -RECIPE_MAINTAINER:pn-python3-extras = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-extras = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-flit-core = "Tim Orling <tim.orling@konsulko.com>" -RECIPE_MAINTAINER:pn-python3-git = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" -RECIPE_MAINTAINER:pn-python3-gitdb = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-git = "Unassigned <unassigned@yoctoproject.org>" +RECIPE_MAINTAINER:pn-python3-gitdb = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-hatchling = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-python3-hatch-fancy-pypi-readme = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-python3-hatch-vcs = "Ross Burton <ross.burton@arm.com>" @@ -635,7 +635,7 @@ RECIPE_MAINTAINER:pn-python3-idna = "Bruce Ashfield <bruce.ashfield@gmail.com>" RECIPE_MAINTAINER:pn-python3-imagesize = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-importlib-metadata = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-iniconfig = "Tim Orling <tim.orling@konsulko.com>" -RECIPE_MAINTAINER:pn-python3-iniparse = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-iniparse = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-iso8601 = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-installer = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-python3-jinja2 = "Richard Purdie <richard.purdie@linuxfoundation.org>" @@ -644,12 +644,12 @@ RECIPE_MAINTAINER:pn-python3-jsonschema = "Bruce Ashfield <bruce.ashfield@gmail. RECIPE_MAINTAINER:pn-python3-libarchive-c = "Joshua Watt <JPEWhacker@gmail.com>" RECIPE_MAINTAINER:pn-python3-lxml = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER:pn-python3-magic = "Joshua Watt <JPEWhacker@gmail.com>" -RECIPE_MAINTAINER:pn-python3-mako = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-mako = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-markdown = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-python3-markupsafe = "Richard Purdie <richard.purdie@linuxfoundation.org>" RECIPE_MAINTAINER:pn-python3-more-itertools = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-ndg-httpsclient = "Tim Orling <tim.orling@konsulko.com>" -RECIPE_MAINTAINER:pn-python3-numpy = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-numpy = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-packaging = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-pathlib2 = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-pathspec = "Ross Burton <ross.burton@arm.com>" @@ -665,10 +665,10 @@ RECIPE_MAINTAINER:pn-python3-pyasn1 = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-pycairo = "Zang Ruochen <zangruochen@loongson.cn>" RECIPE_MAINTAINER:pn-python3-pycparser = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-pyelftools = "Joshua Watt <JPEWhacker@gmail.com>" -RECIPE_MAINTAINER:pn-python3-pygments = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-pygments = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-pygobject = "Zang Ruochen <zangruochen@loongson.cn>" RECIPE_MAINTAINER:pn-python3-pyopenssl = "Tim Orling <tim.orling@konsulko.com>" -RECIPE_MAINTAINER:pn-python3-pyparsing = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-pyparsing = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-pyproject-hooks = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER:pn-python3-pysocks = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-pytest = "Tim Orling <tim.orling@konsulko.com>" @@ -683,12 +683,12 @@ RECIPE_MAINTAINER:pn-python3-rfc3987 = "Bruce Ashfield <bruce.ashfield@gmail.com RECIPE_MAINTAINER:pn-python3-ruamel-yaml = "Bruce Ashfield <bruce.ashfield@gmail.com>" RECIPE_MAINTAINER:pn-python3-scons = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-semantic-version = "Tim Orling <tim.orling@konsulko.com>" -RECIPE_MAINTAINER:pn-python3-setuptools = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-setuptools = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-setuptools-rust = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-setuptools-scm = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-six = "Zang Ruochen <zangruochen@loongson.cn>" RECIPE_MAINTAINER:pn-python3-smartypants = "Alexander Kanavin <alex.kanavin@gmail.com>" -RECIPE_MAINTAINER:pn-python3-smmap = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-smmap = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-snowballstemmer = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-sortedcontainers = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-sphinx = "Tim Orling <tim.orling@konsulko.com>" @@ -699,8 +699,8 @@ RECIPE_MAINTAINER:pn-python3-sphinxcontrib-serializinghtml = "Tim Orling <tim.or RECIPE_MAINTAINER:pn-python3-sphinxcontrib-jsmath = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-sphinxcontrib-applehelp = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-sphinx-rtd-theme = "Tim Orling <tim.orling@konsulko.com>" -RECIPE_MAINTAINER:pn-python3-subunit = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" -RECIPE_MAINTAINER:pn-python3-testtools = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>" +RECIPE_MAINTAINER:pn-python3-subunit = "Unassigned <unassigned@yoctoproject.org>" +RECIPE_MAINTAINER:pn-python3-testtools = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-python3-toml = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-tomli = "Tim Orling <tim.orling@konsulko.com>" RECIPE_MAINTAINER:pn-python3-typing-extensions = "Tim Orling <tim.orling@konsulko.com>" @@ -838,7 +838,7 @@ RECIPE_MAINTAINER:pn-weston-init = "Denys Dmytriyenko <denis@denix.org>" RECIPE_MAINTAINER:pn-wget = "Yi Zhao <yi.zhao@windriver.com>" RECIPE_MAINTAINER:pn-which = "Anuj Mittal <anuj.mittal@intel.com>" RECIPE_MAINTAINER:pn-wic-tools = "Anuj Mittal <anuj.mittal@intel.com>" -RECIPE_MAINTAINER:pn-wireless-regdb = "Adrian Bunk <bunk@kernel.org>" +RECIPE_MAINTAINER:pn-wireless-regdb = "Unassigned <unassigned@yoctoproject.org>" RECIPE_MAINTAINER:pn-wpa-supplicant = "Changhyeok Bae <changhyeok.bae@gmail.com>" RECIPE_MAINTAINER:pn-wpebackend-fdo = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER:pn-x11perf = "Unassigned <unassigned@yoctoproject.org>" diff --git a/poky/meta/conf/distro/include/ptest-packagelists.inc b/poky/meta/conf/distro/include/ptest-packagelists.inc index 003348906a..674801d8b8 100644 --- a/poky/meta/conf/distro/include/ptest-packagelists.inc +++ b/poky/meta/conf/distro/include/ptest-packagelists.inc @@ -96,6 +96,7 @@ PTESTS_SLOW = "\ libgcrypt \ libmodule-build-perl \ lttng-tools \ + mdadm \ openssh \ openssl \ parted \ @@ -119,7 +120,6 @@ PTESTS_PROBLEMS:append:x86 = " valgrind" # rt-tests \ # Needs to be checked whether it runs at all # bash \ # Test outcomes are non-deterministic by design # ifupdown \ # Tested separately in lib/oeqa/selftest/cases/imagefeatures.py -# mdadm \ # Tests rely on non-deterministic sleep() amounts # libinput \ # Tests need an unloaded system to be reliable # libpam \ # Needs pam DISTRO_FEATURE # numactl \ # qemu not (yet) configured for numa; all tests are skipped @@ -132,7 +132,6 @@ PTESTS_PROBLEMS = "\ rt-tests \ bash \ ifupdown \ - mdadm \ libinput \ libpam \ libseccomp \ diff --git a/poky/meta/conf/distro/include/yocto-uninative.inc b/poky/meta/conf/distro/include/yocto-uninative.inc index ad4816a1f3..eaa3e9b31c 100644 --- a/poky/meta/conf/distro/include/yocto-uninative.inc +++ b/poky/meta/conf/distro/include/yocto-uninative.inc @@ -6,10 +6,10 @@ # to the distro running on the build machine. # -UNINATIVE_MAXGLIBCVERSION = "2.37" -UNINATIVE_VERSION = "4.0" +UNINATIVE_MAXGLIBCVERSION = "2.38" +UNINATIVE_VERSION = "4.3" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" -UNINATIVE_CHECKSUM[aarch64] ?= "7baa8418a302df52e00916193b0a04f318356d9d2670c9a2bce3e966efefd738" -UNINATIVE_CHECKSUM[i686] ?= "83114d36883d43a521e280742b9849bf85d039b2f83d8e21d480659babe75ee8" -UNINATIVE_CHECKSUM[x86_64] ?= "fd75b2a1a67a10f6b7d65afb7d0f3e71a63b0038e428f34dfe420bb37716558a" +UNINATIVE_CHECKSUM[aarch64] ?= "8df05f4a41455018b4303b2e0ea4eac5c960b5a13713f6dbb33dfdb3e32753ec" +UNINATIVE_CHECKSUM[i686] ?= "bea76b4a97c9ba0077c0dd1295f519cd599dbf71f0ca1c964471c4cdb043addd" +UNINATIVE_CHECKSUM[x86_64] ?= "1c35f09a75c4096749bbe1e009df4e3968cde151424062cf4aa3ed89db22b030" diff --git a/poky/meta/conf/layer.conf b/poky/meta/conf/layer.conf index 948ded667e..2cc7ed8415 100644 --- a/poky/meta/conf/layer.conf +++ b/poky/meta/conf/layer.conf @@ -69,6 +69,7 @@ SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS += " \ initramfs-module-install->grub \ initramfs-module-install->parted \ initramfs-module-install->util-linux \ + initramfs-module-setup-live->udev-extraconf \ grub-efi->grub-bootconf \ liberation-fonts->fontconfig \ cantarell-fonts->fontconfig \ diff --git a/poky/meta/conf/machine/include/arm/arch-arm64.inc b/poky/meta/conf/machine/include/arm/arch-arm64.inc index 0e2efb5a40..832d0000ac 100644 --- a/poky/meta/conf/machine/include/arm/arch-arm64.inc +++ b/poky/meta/conf/machine/include/arm/arch-arm64.inc @@ -37,3 +37,8 @@ TUNE_ARCH = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TUNE_ARCH_64}', TUNE_PKGARCH = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TUNE_PKGARCH_64}', '${TUNE_PKGARCH_32}', d)}" ABIEXTENSION = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${ABIEXTENSION_64}', '${ABIEXTENSION_32}', d)}" TARGET_FPU = "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', '${TARGET_FPU_64}', '${TARGET_FPU_32}', d)}" + +# Emit branch protection (PAC/BTI) instructions. On hardware that doesn't +# support these they're meaningless NOP instructions, so there's very little +# reason not to. +TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'aarch64', ' -mbranch-protection=standard', '', d)}" diff --git a/poky/meta/conf/multilib.conf b/poky/meta/conf/multilib.conf index 7f3b9463ef..ef3605a73d 100644 --- a/poky/meta/conf/multilib.conf +++ b/poky/meta/conf/multilib.conf @@ -2,6 +2,7 @@ baselib = "${@d.getVar('BASE_LIB:tune-' + (d.getVar('DEFAULTTUNE') or 'INVALID')) or d.getVar('BASELIB')}" MULTILIB_VARIANTS = "${@extend_variants(d,'MULTILIBS','multilib')}" +MULTILIB_VARIANTS[vardeps] += "MULTILIBS" MULTILIB_SAVE_VARNAME = "DEFAULTTUNE TARGET_ARCH TARGET_SYS TARGET_VENDOR" MULTILIBS ??= "multilib:lib32" diff --git a/poky/meta/lib/oe/npm_registry.py b/poky/meta/lib/oe/npm_registry.py index db581e280e..d97ced7cda 100644 --- a/poky/meta/lib/oe/npm_registry.py +++ b/poky/meta/lib/oe/npm_registry.py @@ -11,7 +11,7 @@ import subprocess _ALWAYS_SAFE = frozenset('ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' '0123456789' - '_.-~') + '_.-~()') MISSING_OK = object() diff --git a/poky/meta/lib/oe/package_manager/__init__.py b/poky/meta/lib/oe/package_manager/__init__.py index 0c313190cf..6774cdb794 100644 --- a/poky/meta/lib/oe/package_manager/__init__.py +++ b/poky/meta/lib/oe/package_manager/__init__.py @@ -470,7 +470,10 @@ def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencie # Detect bitbake -b usage nodeps = d.getVar("BB_LIMITEDDEPS") or False if nodeps or not filterbydependencies: - oe.path.symlink(deploydir, subrepo_dir, True) + for arch in d.getVar("ALL_MULTILIB_PACKAGE_ARCHS").split() + d.getVar("ALL_MULTILIB_PACKAGE_ARCHS").replace("-", "_").split(): + target = os.path.join(deploydir + "/" + arch) + if os.path.exists(target): + oe.path.symlink(target, subrepo_dir + "/" + arch, True) return start = None diff --git a/poky/meta/lib/oe/package_manager/rpm/rootfs.py b/poky/meta/lib/oe/package_manager/rpm/rootfs.py index d4c415f68c..3ba5396320 100644 --- a/poky/meta/lib/oe/package_manager/rpm/rootfs.py +++ b/poky/meta/lib/oe/package_manager/rpm/rootfs.py @@ -110,7 +110,7 @@ class PkgRootfs(Rootfs): if self.progress_reporter: self.progress_reporter.next_stage() - self._setup_dbg_rootfs(['/etc', '/var/lib/rpm', '/var/cache/dnf', '/var/lib/dnf']) + self._setup_dbg_rootfs(['/etc/rpm', '/etc/rpmrc', '/etc/dnf', '/var/lib/rpm', '/var/cache/dnf', '/var/lib/dnf']) execute_pre_post_process(self.d, rpm_post_process_cmds) diff --git a/poky/meta/lib/oe/package_manager/rpm/sdk.py b/poky/meta/lib/oe/package_manager/rpm/sdk.py index 0726a18b91..85df6e949c 100644 --- a/poky/meta/lib/oe/package_manager/rpm/sdk.py +++ b/poky/meta/lib/oe/package_manager/rpm/sdk.py @@ -112,5 +112,6 @@ class PkgSdk(Sdk): for f in glob.glob(os.path.join(self.sdk_output, "etc", "rpm*")): self.movefile(f, native_sysconf_dir) for f in glob.glob(os.path.join(self.sdk_output, "etc", "dnf", "*")): - self.movefile(f, native_sysconf_dir) + self.mkdirhier(native_sysconf_dir + "/dnf") + self.movefile(f, native_sysconf_dir + "/dnf") self.remove(os.path.join(self.sdk_output, "etc"), True) diff --git a/poky/meta/lib/oe/rootfs.py b/poky/meta/lib/oe/rootfs.py index 890ba5f039..1a48ed10b3 100644 --- a/poky/meta/lib/oe/rootfs.py +++ b/poky/meta/lib/oe/rootfs.py @@ -106,7 +106,7 @@ class Rootfs(object, metaclass=ABCMeta): def _cleanup(self): pass - def _setup_dbg_rootfs(self, dirs): + def _setup_dbg_rootfs(self, package_paths): gen_debugfs = self.d.getVar('IMAGE_GEN_DEBUGFS') or '0' if gen_debugfs != '1': return @@ -122,11 +122,12 @@ class Rootfs(object, metaclass=ABCMeta): bb.utils.mkdirhier(self.image_rootfs) bb.note(" Copying back package database...") - for dir in dirs: - if not os.path.isdir(self.image_rootfs + '-orig' + dir): - continue - bb.utils.mkdirhier(self.image_rootfs + os.path.dirname(dir)) - shutil.copytree(self.image_rootfs + '-orig' + dir, self.image_rootfs + dir, symlinks=True) + for path in package_paths: + bb.utils.mkdirhier(self.image_rootfs + os.path.dirname(path)) + if os.path.isdir(self.image_rootfs + '-orig' + path): + shutil.copytree(self.image_rootfs + '-orig' + path, self.image_rootfs + path, symlinks=True) + elif os.path.isfile(self.image_rootfs + '-orig' + path): + shutil.copyfile(self.image_rootfs + '-orig' + path, self.image_rootfs + path) # Copy files located in /usr/lib/debug or /usr/src/debug for dir in ["/usr/lib/debug", "/usr/src/debug"]: @@ -162,6 +163,13 @@ class Rootfs(object, metaclass=ABCMeta): bb.note(" Install extra debug packages...") self.pm.install(extra_debug_pkgs.split(), True) + bb.note(" Removing package database...") + for path in package_paths: + if os.path.isdir(self.image_rootfs + path): + shutil.rmtree(self.image_rootfs + path) + elif os.path.isfile(self.image_rootfs + path): + os.remove(self.image_rootfs + path) + bb.note(" Rename debug rootfs...") try: shutil.rmtree(self.image_rootfs + '-dbg') diff --git a/poky/meta/lib/oe/sdk.py b/poky/meta/lib/oe/sdk.py index 81fcf15371..3dc3672210 100644 --- a/poky/meta/lib/oe/sdk.py +++ b/poky/meta/lib/oe/sdk.py @@ -70,7 +70,7 @@ class Sdk(object, metaclass=ABCMeta): #FIXME: using umbrella exc catching because bb.utils method raises it except Exception as e: bb.debug(1, "printing the stack trace\n %s" %traceback.format_exc()) - bb.error("unable to place %s in final SDK location" % sourcefile) + bb.fatal("unable to place %s in final SDK location" % sourcefile) def mkdirhier(self, dirpath): try: diff --git a/poky/meta/lib/oeqa/core/target/qemu.py b/poky/meta/lib/oeqa/core/target/qemu.py index 79fd724f7d..6893d10226 100644 --- a/poky/meta/lib/oeqa/core/target/qemu.py +++ b/poky/meta/lib/oeqa/core/target/qemu.py @@ -22,7 +22,7 @@ supported_fstypes = ['ext3', 'ext4', 'cpio.gz', 'wic'] class OEQemuTarget(OESSHTarget): def __init__(self, logger, server_ip, timeout=300, user='root', port=None, machine='', rootfs='', kernel='', kvm=False, slirp=False, - dump_dir='', dump_host_cmds='', display='', bootlog='', + dump_dir='', display='', bootlog='', tmpdir='', dir_image='', boottime=60, serial_ports=2, boot_patterns = defaultdict(str), ovmf=False, tmpfsdir=None, **kwargs): @@ -44,8 +44,7 @@ class OEQemuTarget(OESSHTarget): self.runner = QemuRunner(machine=machine, rootfs=rootfs, tmpdir=tmpdir, deploy_dir_image=dir_image, display=display, logfile=bootlog, boottime=boottime, - use_kvm=kvm, use_slirp=slirp, dump_dir=dump_dir, - dump_host_cmds=dump_host_cmds, logger=logger, + use_kvm=kvm, use_slirp=slirp, dump_dir=dump_dir, logger=logger, serial_ports=serial_ports, boot_patterns = boot_patterns, use_ovmf=ovmf, tmpfsdir=tmpfsdir) dump_monitor_cmds = kwargs.get("testimage_dump_monitor") diff --git a/poky/meta/lib/oeqa/core/target/ssh.py b/poky/meta/lib/oeqa/core/target/ssh.py index 51079075b5..a9566d9bd6 100644 --- a/poky/meta/lib/oeqa/core/target/ssh.py +++ b/poky/meta/lib/oeqa/core/target/ssh.py @@ -250,6 +250,9 @@ def SSHCall(command, logger, timeout=None, **opts): except InterruptedError: logger.debug('InterruptedError') continue + except BlockingIOError: + logger.debug('BlockingIOError') + continue process.stdout.close() @@ -267,6 +270,7 @@ def SSHCall(command, logger, timeout=None, **opts): " running time: %d seconds." % (timeout, endtime)) logger.debug('Received data from SSH call:\n%s ' % lastline) output += lastline + process.wait() else: output_raw = process.communicate()[0] @@ -284,6 +288,7 @@ def SSHCall(command, logger, timeout=None, **opts): except OSError: logger.debug('OSError') pass + process.wait() options = { "stdout": subprocess.PIPE, @@ -310,6 +315,8 @@ def SSHCall(command, logger, timeout=None, **opts): # whilst running and ensure we don't leave a process behind. if process.poll() is None: process.kill() + if process.returncode == None: + process.wait() logger.debug('Something went wrong, killing SSH process') raise diff --git a/poky/meta/lib/oeqa/runtime/cases/ltp.py b/poky/meta/lib/oeqa/runtime/cases/ltp.py index a66d5d13d7..879f2a673c 100644 --- a/poky/meta/lib/oeqa/runtime/cases/ltp.py +++ b/poky/meta/lib/oeqa/runtime/cases/ltp.py @@ -67,7 +67,7 @@ class LtpTest(LtpTestBase): def runltp(self, ltp_group): cmd = '/opt/ltp/runltp -f %s -p -q -r /opt/ltp -l /opt/ltp/results/%s -I 1 -d /opt/ltp' % (ltp_group, ltp_group) starttime = time.time() - (status, output) = self.target.run(cmd) + (status, output) = self.target.run(cmd, timeout=1200) endtime = time.time() with open(os.path.join(self.ltptest_log_dir, "%s-raw.log" % ltp_group), 'w') as f: diff --git a/poky/meta/lib/oeqa/runtime/cases/rpm.py b/poky/meta/lib/oeqa/runtime/cases/rpm.py index fa86eb0537..a4ba4e6769 100644 --- a/poky/meta/lib/oeqa/runtime/cases/rpm.py +++ b/poky/meta/lib/oeqa/runtime/cases/rpm.py @@ -59,8 +59,8 @@ class RpmBasicTest(OERuntimeTestCase): return time.sleep(1) user_pss = [ps for ps in output.split("\n") if u + ' ' in ps] - msg = "There're %s 's process(es) still running: %s".format(u, "\n".join(user_pss)) - assertTrue(True, msg=msg) + msg = "User %s has processes still running: %s" % (u, "\n".join(user_pss)) + self.fail(msg=msg) def unset_up_test_user(u): # ensure no test1 process in running diff --git a/poky/meta/lib/oeqa/runtime/context.py b/poky/meta/lib/oeqa/runtime/context.py index 0c5d1869ab..cb7227a8df 100644 --- a/poky/meta/lib/oeqa/runtime/context.py +++ b/poky/meta/lib/oeqa/runtime/context.py @@ -10,7 +10,6 @@ import sys from oeqa.core.context import OETestContext, OETestContextExecutor from oeqa.core.target.ssh import OESSHTarget from oeqa.core.target.qemu import OEQemuTarget -from oeqa.utils.dump import HostDumper from oeqa.runtime.loader import OERuntimeTestLoader @@ -20,12 +19,11 @@ class OERuntimeTestContext(OETestContext): os.path.dirname(os.path.abspath(__file__)), "files") def __init__(self, td, logger, target, - host_dumper, image_packages, extract_dir): + image_packages, extract_dir): super(OERuntimeTestContext, self).__init__(td, logger) self.target = target self.image_packages = image_packages - self.host_dumper = host_dumper self.extract_dir = extract_dir self._set_target_cmds() @@ -199,10 +197,6 @@ class OERuntimeTestContextExecutor(OETestContextExecutor): return image_packages - @staticmethod - def getHostDumper(cmds, directory): - return HostDumper(cmds, directory) - def _process_args(self, logger, args): if not args.packages_manifest: raise TypeError('Manifest file not provided') @@ -215,9 +209,6 @@ class OERuntimeTestContextExecutor(OETestContextExecutor): self.tc_kwargs['init']['target'] = \ OERuntimeTestContextExecutor.getTarget(args.target_type, None, args.target_ip, args.server_ip, **target_kwargs) - self.tc_kwargs['init']['host_dumper'] = \ - OERuntimeTestContextExecutor.getHostDumper(None, - args.host_dumper_dir) self.tc_kwargs['init']['image_packages'] = \ OERuntimeTestContextExecutor.readPackagesManifest( args.packages_manifest) diff --git a/poky/meta/lib/oeqa/selftest/cases/bbtests.py b/poky/meta/lib/oeqa/selftest/cases/bbtests.py index 1dd2839c8d..31aa5680f0 100644 --- a/poky/meta/lib/oeqa/selftest/cases/bbtests.py +++ b/poky/meta/lib/oeqa/selftest/cases/bbtests.py @@ -188,6 +188,10 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\" self.assertTrue(find, "No version returned for searched recipe. bitbake output: %s" % result.output) def test_prefile(self): + # Test when the prefile does not exist + result = runCmd('bitbake -r conf/prefile.conf', ignore_status=True) + self.assertEqual(1, result.status, "bitbake didn't error and should have when a specified prefile didn't exist: %s" % result.output) + # Test when the prefile exists preconf = os.path.join(self.builddir, 'conf/prefile.conf') self.track_for_cleanup(preconf) ftools.write_file(preconf ,"TEST_PREFILE=\"prefile\"") @@ -198,6 +202,10 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\" self.assertIn('localconf', result.output) def test_postfile(self): + # Test when the postfile does not exist + result = runCmd('bitbake -R conf/postfile.conf', ignore_status=True) + self.assertEqual(1, result.status, "bitbake didn't error and should have when a specified postfile didn't exist: %s" % result.output) + # Test when the postfile exists postconf = os.path.join(self.builddir, 'conf/postfile.conf') self.track_for_cleanup(postconf) ftools.write_file(postconf , "TEST_POSTFILE=\"postfile\"") diff --git a/poky/meta/lib/oeqa/selftest/cases/devtool.py b/poky/meta/lib/oeqa/selftest/cases/devtool.py index f51de8efe0..7ea56d3133 100644 --- a/poky/meta/lib/oeqa/selftest/cases/devtool.py +++ b/poky/meta/lib/oeqa/selftest/cases/devtool.py @@ -366,6 +366,38 @@ class DevtoolAddTests(DevtoolBase): bindir = bindir[1:] self.assertTrue(os.path.isfile(os.path.join(installdir, bindir, 'pv')), 'pv binary not found in D') + def test_devtool_add_binary(self): + # Create a binary package containing a known test file + tempdir = tempfile.mkdtemp(prefix='devtoolqa') + self.track_for_cleanup(tempdir) + pn = 'tst-bin' + pv = '1.0' + test_file_dir = "var/lib/%s/" % pn + test_file_name = "test_file" + test_file_content = "TEST CONTENT" + test_file_package_root = os.path.join(tempdir, pn) + test_file_dir_full = os.path.join(test_file_package_root, test_file_dir) + bb.utils.mkdirhier(test_file_dir_full) + with open(os.path.join(test_file_dir_full, test_file_name), "w") as f: + f.write(test_file_content) + bin_package_path = os.path.join(tempdir, "%s.tar.gz" % pn) + runCmd("tar czf %s -C %s ." % (bin_package_path, test_file_package_root)) + + # Test devtool add -b on the binary package + self.track_for_cleanup(self.workspacedir) + self.add_command_to_tearDown('bitbake -c cleansstate %s' % pn) + self.add_command_to_tearDown('bitbake-layers remove-layer */workspace') + result = runCmd('devtool add -b %s %s' % (pn, bin_package_path)) + self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created') + + # Build the resulting recipe + result = runCmd('devtool build %s' % pn) + installdir = get_bb_var('D', pn) + self.assertTrue(installdir, 'Could not query installdir variable') + + # Check that a known file from the binary package has indeed been installed + self.assertTrue(os.path.isfile(os.path.join(installdir, test_file_dir, test_file_name)), '%s not found in D' % test_file_name) + def test_devtool_add_git_local(self): # We need dbus built so that DEPENDS recognition works bitbake('dbus') diff --git a/poky/meta/lib/oeqa/selftest/cases/glibc.py b/poky/meta/lib/oeqa/selftest/cases/glibc.py index a446543a17..924df6c5a6 100644 --- a/poky/meta/lib/oeqa/selftest/cases/glibc.py +++ b/poky/meta/lib/oeqa/selftest/cases/glibc.py @@ -28,7 +28,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase): features.append('TOOLCHAIN_TEST_HOST_USER = "root"') features.append('TOOLCHAIN_TEST_HOST_PORT = "22"') # force single threaded test execution - features.append('EGLIBCPARALLELISM_task-check:pn-glibc-testsuite = "PARALLELMFLAGS="-j1""') + features.append('EGLIBCPARALLELISM:task-check:pn-glibc-testsuite = "PARALLELMFLAGS="-j1""') self.write_config("\n".join(features)) bitbake("glibc-testsuite -c check") @@ -45,7 +45,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase): with contextlib.ExitStack() as s: # use the base work dir, as the nfs mount, since the recipe directory may not exist tmpdir = get_bb_var("BASE_WORKDIR") - nfsport, mountport = s.enter_context(unfs_server(tmpdir)) + nfsport, mountport = s.enter_context(unfs_server(tmpdir, udp = False)) # build core-image-minimal with required packages default_installed_packages = [ @@ -65,7 +65,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase): bitbake("core-image-minimal") # start runqemu - qemu = s.enter_context(runqemu("core-image-minimal", runqemuparams = "nographic")) + qemu = s.enter_context(runqemu("core-image-minimal", runqemuparams = "nographic", qemuparams = "-m 1024")) # validate that SSH is working status, _ = qemu.run("uname") @@ -74,7 +74,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase): # setup nfs mount if qemu.run("mkdir -p \"{0}\"".format(tmpdir))[0] != 0: raise Exception("Failed to setup NFS mount directory on target") - mountcmd = "mount -o noac,nfsvers=3,port={0},udp,mountport={1} \"{2}:{3}\" \"{3}\"".format(nfsport, mountport, qemu.server_ip, tmpdir) + mountcmd = "mount -o noac,nfsvers=3,port={0},mountport={1} \"{2}:{3}\" \"{3}\"".format(nfsport, mountport, qemu.server_ip, tmpdir) status, output = qemu.run(mountcmd) if status != 0: raise Exception("Failed to setup NFS mount on target ({})".format(repr(output))) diff --git a/poky/meta/lib/oeqa/targetcontrol.py b/poky/meta/lib/oeqa/targetcontrol.py index d686fe07ec..e21655c979 100644 --- a/poky/meta/lib/oeqa/targetcontrol.py +++ b/poky/meta/lib/oeqa/targetcontrol.py @@ -104,7 +104,6 @@ class QemuTarget(BaseTarget): self.kernel = os.path.join(d.getVar("DEPLOY_DIR_IMAGE"), d.getVar("KERNEL_IMAGETYPE", False) + '-' + d.getVar('MACHINE', False) + '.bin') self.qemulog = os.path.join(self.testdir, "qemu_boot_log.%s" % self.datetime) dump_target_cmds = d.getVar("testimage_dump_target") - dump_host_cmds = d.getVar("testimage_dump_host") dump_monitor_cmds = d.getVar("testimage_dump_monitor") dump_dir = d.getVar("TESTIMAGE_DUMP_DIR") if not dump_dir: @@ -141,7 +140,6 @@ class QemuTarget(BaseTarget): boottime = int(d.getVar("TEST_QEMUBOOT_TIMEOUT")), use_kvm = use_kvm, dump_dir = dump_dir, - dump_host_cmds = dump_host_cmds, logger = logger, tmpfsdir = d.getVar("RUNQEMU_TMPFS_DIR"), serial_ports = len(d.getVar("SERIAL_CONSOLES").split())) diff --git a/poky/meta/lib/oeqa/utils/dump.py b/poky/meta/lib/oeqa/utils/dump.py index d420b497f9..d4d271369f 100644 --- a/poky/meta/lib/oeqa/utils/dump.py +++ b/poky/meta/lib/oeqa/utils/dump.py @@ -51,9 +51,7 @@ class BaseDumper(object): self.dump_dir = dump_dir def _construct_filename(self, command): - if isinstance(self, HostDumper): - prefix = "host" - elif isinstance(self, TargetDumper): + if isinstance(self, TargetDumper): prefix = "target" elif isinstance(self, MonitorDumper): prefix = "qmp" @@ -76,22 +74,6 @@ class BaseDumper(object): with open(fullname, 'w') as dump_file: dump_file.write(output) -class HostDumper(BaseDumper): - """ Class to get dumps from the host running the tests """ - - def __init__(self, cmds, parent_dir): - super(HostDumper, self).__init__(cmds, parent_dir) - - def dump_host(self, dump_dir=""): - if dump_dir: - self.dump_dir = dump_dir - env = os.environ.copy() - env['PATH'] = '/usr/sbin:/sbin:/usr/bin:/bin' - env['COLUMNS'] = '9999' - for cmd in self.cmds: - result = runCmd(cmd, ignore_status=True, env=env) - self._write_dump(cmd.split()[0], result.output) - class TargetDumper(BaseDumper): """ Class to get dumps from target, it only works with QemuRunner. Will give up permanently after 5 errors from running commands over diff --git a/poky/meta/lib/oeqa/utils/gitarchive.py b/poky/meta/lib/oeqa/utils/gitarchive.py index 6e8040eb5c..73beafecb5 100644 --- a/poky/meta/lib/oeqa/utils/gitarchive.py +++ b/poky/meta/lib/oeqa/utils/gitarchive.py @@ -116,7 +116,8 @@ def expand_tag_strings(repo, name_pattern, msg_subj_pattern, msg_body_pattern, tag_re = tag_re.format(tag_number='(?P<tag_number>[0-9]{1,5})') keyws['tag_number'] = 0 - for existing_tag in repo.run_cmd('tag').splitlines(): + tags_refs = repo.run_cmd(['ls-remote', '--refs', '--tags', '-q']) + for existing_tag in ["".join(d.split()[1].split('/', 2)[2:]) for d in tags_refs.splitlines()]: match = re.match(tag_re, existing_tag) if match and int(match.group('tag_number')) >= keyws['tag_number']: @@ -181,7 +182,8 @@ def get_test_runs(log, repo, tag_name, **kwargs): # Get a list of all matching tags tag_pattern = tag_name.format(**str_fields) - tags = repo.run_cmd(['tag', '-l', tag_pattern]).splitlines() + revs = repo.run_cmd(['ls-remote', '--refs', '--tags', 'origin', '-q', tag_pattern]).splitlines() + tags = ["".join(d.split()[1].split('/', 2)[2:]) for d in revs] log.debug("Found %d tags matching pattern '%s'", len(tags), tag_pattern) # Parse undefined fields from tag names diff --git a/poky/meta/lib/oeqa/utils/nfs.py b/poky/meta/lib/oeqa/utils/nfs.py index b66ed42a58..903469bfee 100644 --- a/poky/meta/lib/oeqa/utils/nfs.py +++ b/poky/meta/lib/oeqa/utils/nfs.py @@ -12,7 +12,7 @@ from oeqa.utils.commands import bitbake, get_bb_var, Command from oeqa.utils.network import get_free_port @contextlib.contextmanager -def unfs_server(directory, logger = None): +def unfs_server(directory, logger = None, udp = True): unfs_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "unfs3-native") if not os.path.exists(os.path.join(unfs_sysroot, "usr", "bin", "unfsd")): # build native tool @@ -26,7 +26,7 @@ def unfs_server(directory, logger = None): exports.write("{0} (rw,no_root_squash,no_all_squash,insecure)\n".format(directory).encode()) # find some ports for the server - nfsport, mountport = get_free_port(udp = True), get_free_port(udp = True) + nfsport, mountport = get_free_port(udp), get_free_port(udp) nenv = dict(os.environ) nenv['PATH'] = "{0}/sbin:{0}/usr/sbin:{0}/usr/bin:".format(unfs_sysroot) + nenv.get('PATH', '') diff --git a/poky/meta/lib/oeqa/utils/qemurunner.py b/poky/meta/lib/oeqa/utils/qemurunner.py index 8bb35f5a8b..2ba0596ba1 100644 --- a/poky/meta/lib/oeqa/utils/qemurunner.py +++ b/poky/meta/lib/oeqa/utils/qemurunner.py @@ -21,7 +21,6 @@ import threading import codecs import logging import tempfile -from oeqa.utils.dump import HostDumper from collections import defaultdict import importlib @@ -33,8 +32,8 @@ re_control_char = re.compile('[%s]' % re.escape("".join(control_chars))) class QemuRunner: - def __init__(self, machine, rootfs, display, tmpdir, deploy_dir_image, logfile, boottime, dump_dir, dump_host_cmds, - use_kvm, logger, use_slirp=False, serial_ports=2, boot_patterns = defaultdict(str), use_ovmf=False, workdir=None, tmpfsdir=None): + def __init__(self, machine, rootfs, display, tmpdir, deploy_dir_image, logfile, boottime, dump_dir, use_kvm, logger, use_slirp=False, + serial_ports=2, boot_patterns = defaultdict(str), use_ovmf=False, workdir=None, tmpfsdir=None): # Popen object for runqemu self.runqemu = None @@ -69,7 +68,6 @@ class QemuRunner: if not workdir: workdir = os.getcwd() self.qemu_pidfile = workdir + '/pidfile_' + str(os.getpid()) - self.host_dumper = HostDumper(dump_host_cmds, dump_dir) self.monitorpipe = None self.logger = logger @@ -138,7 +136,6 @@ class QemuRunner: self.logger.error('runqemu exited with code %d' % self.runqemu.returncode) self.logger.error('Output from runqemu:\n%s' % self.getOutput(self.runqemu.stdout)) self.stop() - self._dump_host() def start(self, qemuparams = None, get_ip = True, extra_bootparams = None, runqemuparams='', launch_cmd=None, discard_writes=True): env = os.environ.copy() @@ -188,7 +185,7 @@ class QemuRunner: def launch(self, launch_cmd, get_ip = True, qemuparams = None, extra_bootparams = None, env = None): # use logfile to determine the recipe-sysroot-native path and # then add in the site-packages path components and add that - # to the python sys.path so qmp.py can be found. + # to the python sys.path so the qmp module can be found. python_path = os.path.dirname(os.path.dirname(self.logfile)) python_path += "/recipe-sysroot-native/usr/lib/qemu-python" sys.path.append(python_path) @@ -196,7 +193,7 @@ class QemuRunner: try: qmp = importlib.import_module("qmp") except Exception as e: - self.logger.error("qemurunner: qmp.py missing, please ensure it's installed (%s)" % str(e)) + self.logger.error("qemurunner: qmp module missing, please ensure it's installed in %s (%s)" % (python_path, str(e))) return False # Path relative to tmpdir used as cwd for qemu below to avoid unix socket path length issues qmp_file = "." + next(tempfile._get_candidate_names()) @@ -286,7 +283,6 @@ class QemuRunner: if self.runqemu.returncode: # No point waiting any longer self.logger.warning('runqemu exited with code %d' % self.runqemu.returncode) - self._dump_host() self.logger.warning("Output from runqemu:\n%s" % self.getOutput(output)) self.stop() return False @@ -314,7 +310,6 @@ class QemuRunner: ps = subprocess.Popen(['ps', 'axww', '-o', 'pid,ppid,pri,ni,command '], stdout=subprocess.PIPE).communicate()[0] processes = ps.decode("utf-8") self.logger.debug("Running processes:\n%s" % processes) - self._dump_host() op = self.getOutput(output) self.stop() if op: @@ -430,7 +425,6 @@ class QemuRunner: self.logger.error("Couldn't get ip from qemu command line and runqemu output! " "Here is the qemu command line used:\n%s\n" "and output from runqemu:\n%s" % (cmdline, out)) - self._dump_host() self.stop() return False @@ -508,7 +502,6 @@ class QemuRunner: lines = tail(bootlog if bootlog else self.msg) self.logger.warning("Last 25 lines of text (%d):\n%s" % (len(bootlog), lines)) self.logger.warning("Check full boot log: %s" % self.logfile) - self._dump_host() self.stop() return False @@ -689,13 +682,6 @@ class QemuRunner: status = 1 return (status, str(data)) - - def _dump_host(self): - self.host_dumper.create_dir("qemu") - self.logger.warning("Qemu ended unexpectedly, dump data from host" - " is in %s" % self.host_dumper.dump_dir) - self.host_dumper.dump_host() - # This class is for reading data from a socket and passing it to logfunc # to be processed. It's completely event driven and has a straightforward # event loop. The mechanism for stopping the thread is a simple pipe which diff --git a/poky/meta/recipes-bsp/grub/files/determinism.patch b/poky/meta/recipes-bsp/grub/files/determinism.patch index 2828e80975..852b95a856 100644 --- a/poky/meta/recipes-bsp/grub/files/determinism.patch +++ b/poky/meta/recipes-bsp/grub/files/determinism.patch @@ -14,7 +14,7 @@ missing sorting of the list used to generate it. Add such a sort. Also ensure the generated unidata.c file is deterministic by sorting the keys of the dict. -Upstream-Status: Pending +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/grub-devel/2023-06/index.html] Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com> --- diff --git a/poky/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb b/poky/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb index c6a4bc4932..dcc09f279e 100644 --- a/poky/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb +++ b/poky/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb @@ -19,9 +19,12 @@ PACKAGECONFIG[manpages] = "--enable-doc, --disable-doc, libxslt-native xmlto-nat RDEPENDS:${PN} = "grep bash" +EXTRA_OECONF = "--libdir=${nonarch_libdir}" + do_configure:prepend () { ( cd ${S}; autoreconf -f -i -s ) } -FILES:${PN} += "${libdir}/${BPN}/*" +FILES:${PN} += "${nonarch_libdir}/${BPN}/*" FILES:${PN}-dbg += "${datadir}/doc/pm-utils/README.debugging" +FILES:${PN}-dev += "${nonarch_libdir}/pkgconfig/pm-utils.pc" diff --git a/poky/meta/recipes-bsp/v86d/v86d_0.1.10.bb b/poky/meta/recipes-bsp/v86d/v86d_0.1.10.bb index 5f342b1120..b4fe362f8e 100644 --- a/poky/meta/recipes-bsp/v86d/v86d_0.1.10.bb +++ b/poky/meta/recipes-bsp/v86d/v86d_0.1.10.bb @@ -6,7 +6,6 @@ DESCRIPTION = "v86d provides a backend for kernel drivers that need to execute x LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://README;md5=94ac1971e4f2309dc322d598e7b1f7dd" -DEPENDS = "virtual/kernel" RRECOMMENDS:${PN} = "kernel-module-uvesafb" PR = "r2" diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch index ec1bc7b567..ec1bc7b567 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/0001-avoid-start-failure-with-bind-user.patch +++ b/poky/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch index 4c10f33f04..4c10f33f04 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/0001-named-lwresd-V-and-start-log-hide-build-options.patch +++ b/poky/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch index f1abd179e8..f1abd179e8 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ b/poky/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/bind9 b/poky/meta/recipes-connectivity/bind/bind/bind9 index 968679ff7f..968679ff7f 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/bind9 +++ b/poky/meta/recipes-connectivity/bind/bind/bind9 diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/conf.patch b/poky/meta/recipes-connectivity/bind/bind/conf.patch index aa3642acec..aa3642acec 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/conf.patch +++ b/poky/meta/recipes-connectivity/bind/bind/conf.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh index 633e29c0e6..633e29c0e6 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/generate-rndc-key.sh +++ b/poky/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch index 11db95ede1..11db95ede1 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/init.d-add-support-for-read-only-rootfs.patch +++ b/poky/meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch index 146f3e35db..146f3e35db 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/make-etc-initd-bind-stop-work.patch +++ b/poky/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.13/named.service b/poky/meta/recipes-connectivity/bind/bind/named.service index cda56ef015..cda56ef015 100644 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.13/named.service +++ b/poky/meta/recipes-connectivity/bind/bind/named.service diff --git a/poky/meta/recipes-connectivity/bind/bind_9.18.13.bb b/poky/meta/recipes-connectivity/bind/bind_9.18.19.bb index 8617137e87..6936c1c6ad 100644 --- a/poky/meta/recipes-connectivity/bind/bind_9.18.13.bb +++ b/poky/meta/recipes-connectivity/bind/bind_9.18.19.bb @@ -4,7 +4,7 @@ DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" SECTION = "console/network" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=d8cf7bd9c4fd5471a588e7e66e672408" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c7a0b6d9a1b692a5da9af9d503671f43" DEPENDS = "openssl libcap zlib libuv" @@ -20,7 +20,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://0001-avoid-start-failure-with-bind-user.patch \ " -SRC_URI[sha256sum] = "3b06b6390c1012dd3956b1479c73b2097c0b22207817e2e8aae352fd20e578c7" +SRC_URI[sha256sum] = "115e09c05439bebade1d272eda08fa88eb3b60129edef690588c87a4d27612cc" UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" # follow the ESV versions divisible by 2 @@ -39,7 +39,7 @@ PACKAGECONFIG[readline] = "--with-readline=readline,,readline" PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit" PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2" -EXTRA_OECONF = " --disable-devpoll --disable-auto-validation --enable-epoll \ +EXTRA_OECONF = " --disable-auto-validation \ --with-gssapi=no --with-lmdb=no --with-zlib \ --sysconfdir=${sysconfdir}/bind \ --with-openssl=${STAGING_DIR_HOST}${prefix} \ diff --git a/poky/meta/recipes-connectivity/connman/connman.inc b/poky/meta/recipes-connectivity/connman/connman.inc index d7af94f792..7487ca0d0c 100644 --- a/poky/meta/recipes-connectivity/connman/connman.inc +++ b/poky/meta/recipes-connectivity/connman/connman.inc @@ -27,6 +27,7 @@ EXTRA_OECONF += "\ --enable-ethernet \ --enable-tools \ --disable-polkit \ + --runstatedir=/run \ " # For smooth operation it would be best to start only one wireless daemon at a time. # If wpa-supplicant is running, connman will use it preferentially. diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch b/poky/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch new file mode 100644 index 0000000000..04fd9b1f85 --- /dev/null +++ b/poky/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch @@ -0,0 +1,284 @@ +From e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6 Mon Sep 17 00:00:00 2001 +From: Jeffrey Bencteux <jeffbencteux@gmail.com> +Date: Mon, 28 Aug 2023 15:35:19 +0000 +Subject: [PATCH] CVE-2023-40303: ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check +set*id() return values + +Several setuid(), setgid(), seteuid() and setguid() return values +were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially +leading to potential security issues. + +Signed-off-by: Jeffrey Bencteux <jeffbencteux@gmail.com> +Signed-off-by: Simon Josefsson <simon@josefsson.org> + +CVE: CVE-2023-40303 + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + ftpd/ftpd.c | 10 +++++++--- + src/rcp.c | 39 +++++++++++++++++++++++++++++++++------ + src/rlogin.c | 11 +++++++++-- + src/rsh.c | 25 +++++++++++++++++++++---- + src/rshd.c | 20 +++++++++++++++++--- + src/uucpd.c | 15 +++++++++++++-- + 6 files changed, 100 insertions(+), 20 deletions(-) + +diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c +index 92b2cca..009f3f1 100644 +--- a/ftpd/ftpd.c ++++ b/ftpd/ftpd.c +@@ -862,7 +862,9 @@ end_login (struct credentials *pcred) + char *remotehost = pcred->remotehost; + int atype = pcred->auth_type; + +- seteuid ((uid_t) 0); ++ if (seteuid ((uid_t) 0) == -1) ++ _exit (EXIT_FAILURE); ++ + if (pcred->logged_in) + { + logwtmp_keep_open (ttyline, "", ""); +@@ -1151,7 +1153,8 @@ getdatasock (const char *mode) + + if (data >= 0) + return fdopen (data, mode); +- seteuid ((uid_t) 0); ++ if (seteuid ((uid_t) 0) == -1) ++ _exit (EXIT_FAILURE); + s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0); + if (s < 0) + goto bad; +@@ -1978,7 +1981,8 @@ passive (int epsv, int af) + else /* !AF_INET6 */ + ((struct sockaddr_in *) &pasv_addr)->sin_port = 0; + +- seteuid ((uid_t) 0); ++ if (seteuid ((uid_t) 0) == -1) ++ _exit (EXIT_FAILURE); + if (bind (pdata, (struct sockaddr *) &pasv_addr, pasv_addrlen) < 0) + { + if (seteuid ((uid_t) cred.uid)) +diff --git a/src/rcp.c b/src/rcp.c +index 75adb25..f913256 100644 +--- a/src/rcp.c ++++ b/src/rcp.c +@@ -345,14 +345,23 @@ main (int argc, char *argv[]) + if (from_option) + { /* Follow "protocol", send data. */ + response (); +- setuid (userid); ++ ++ if (setuid (userid) == -1) ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); ++ } ++ + source (argc, argv); + exit (errs); + } + + if (to_option) + { /* Receive data. */ +- setuid (userid); ++ if (setuid (userid) == -1) ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); ++ } ++ + sink (argc, argv); + exit (errs); + } +@@ -537,7 +546,11 @@ toremote (char *targ, int argc, char *argv[]) + if (response () < 0) + exit (EXIT_FAILURE); + free (bp); +- setuid (userid); ++ ++ if (setuid (userid) == -1) ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); ++ } + } + source (1, argv + i); + close (rem); +@@ -630,7 +643,12 @@ tolocal (int argc, char *argv[]) + ++errs; + continue; + } +- seteuid (userid); ++ ++ if (seteuid (userid) == -1) ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); ++ } ++ + #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT + sslen = sizeof (ss); + (void) getpeername (rem, (struct sockaddr *) &ss, &sslen); +@@ -643,7 +661,12 @@ tolocal (int argc, char *argv[]) + #endif + vect[0] = target; + sink (1, vect); +- seteuid (effuid); ++ ++ if (seteuid (effuid) == -1) ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); ++ } ++ + close (rem); + rem = -1; + #ifdef SHISHI +@@ -1441,7 +1464,11 @@ susystem (char *s, int userid) + return (127); + + case 0: +- setuid (userid); ++ if (setuid (userid) == -1) ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); ++ } ++ + execl (PATH_BSHELL, "sh", "-c", s, NULL); + _exit (127); + } +diff --git a/src/rlogin.c b/src/rlogin.c +index aa6426f..9bf9645 100644 +--- a/src/rlogin.c ++++ b/src/rlogin.c +@@ -647,8 +647,15 @@ try_connect: + /* Now change to the real user ID. We have to be set-user-ID root + to get the privileged port that rcmd () uses. We now want, however, + to run as the real user who invoked us. */ +- seteuid (uid); +- setuid (uid); ++ if (seteuid (uid) == -1) ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); ++ } ++ ++ if (setuid (uid) == -1) ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); ++ } + + doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */ + +diff --git a/src/rsh.c b/src/rsh.c +index 2d622ca..7b9cf22 100644 +--- a/src/rsh.c ++++ b/src/rsh.c +@@ -276,8 +276,17 @@ main (int argc, char **argv) + { + if (asrsh) + *argv = (char *) "rlogin"; +- seteuid (getuid ()); +- setuid (getuid ()); ++ ++ if (seteuid (getuid ()) == -1) ++ { ++ error (EXIT_FAILURE, errno, "seteuid() failed"); ++ } ++ ++ if (setuid (getuid ()) == -1) ++ { ++ error (EXIT_FAILURE, errno, "setuid() failed"); ++ } ++ + execv (PATH_RLOGIN, argv); + error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN); + } +@@ -541,8 +550,16 @@ try_connect: + error (0, errno, "setsockopt DEBUG (ignored)"); + } + +- seteuid (uid); +- setuid (uid); ++ if (seteuid (uid) == -1) ++ { ++ error (EXIT_FAILURE, errno, "seteuid() failed"); ++ } ++ ++ if (setuid (uid) == -1) ++ { ++ error (EXIT_FAILURE, errno, "setuid() failed"); ++ } ++ + #ifdef HAVE_SIGACTION + sigemptyset (&sigs); + sigaddset (&sigs, SIGINT); +diff --git a/src/rshd.c b/src/rshd.c +index d1c0d0c..19d9a60 100644 +--- a/src/rshd.c ++++ b/src/rshd.c +@@ -1847,8 +1847,18 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) + pwd->pw_shell = PATH_BSHELL; + + /* Set the gid, then uid to become the user specified by "locuser" */ +- setegid ((gid_t) pwd->pw_gid); +- setgid ((gid_t) pwd->pw_gid); ++ if (setegid ((gid_t) pwd->pw_gid) == -1) ++ { ++ rshd_error ("Cannot drop privileges (setegid() failed)\n"); ++ exit (EXIT_FAILURE); ++ } ++ ++ if (setgid ((gid_t) pwd->pw_gid) == -1) ++ { ++ rshd_error ("Cannot drop privileges (setgid() failed)\n"); ++ exit (EXIT_FAILURE); ++ } ++ + #ifdef HAVE_INITGROUPS + initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */ + #endif +@@ -1870,7 +1880,11 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) + } + #endif /* WITH_PAM */ + +- setuid ((uid_t) pwd->pw_uid); ++ if (setuid ((uid_t) pwd->pw_uid) == -1) ++ { ++ rshd_error ("Cannot drop privileges (setuid() failed)\n"); ++ exit (EXIT_FAILURE); ++ } + + /* We'll execute the client's command in the home directory + * of locuser. Note, that the chdir must be executed after +diff --git a/src/uucpd.c b/src/uucpd.c +index 107589e..34be165 100644 +--- a/src/uucpd.c ++++ b/src/uucpd.c +@@ -252,7 +252,12 @@ doit (struct sockaddr *sap, socklen_t salen) + snprintf (Username, sizeof (Username), "USER=%s", user); + snprintf (Logname, sizeof (Logname), "LOGNAME=%s", user); + dologin (pw, sap, salen); +- setgid (pw->pw_gid); ++ ++ if (setgid (pw->pw_gid) == -1) ++ { ++ fprintf (stderr, "setgid() failed"); ++ return; ++ } + #ifdef HAVE_INITGROUPS + initgroups (pw->pw_name, pw->pw_gid); + #endif +@@ -261,7 +266,13 @@ doit (struct sockaddr *sap, socklen_t salen) + fprintf (stderr, "Login incorrect."); + return; + } +- setuid (pw->pw_uid); ++ ++ if (setuid (pw->pw_uid) == -1) ++ { ++ fprintf (stderr, "setuid() failed"); ++ return; ++ } ++ + execl (uucico_location, "uucico", NULL); + perror ("uucico server: execl"); + } +-- +2.40.0 diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils/0001-ftpd-telnetd-Fix-multiple-definitions-of-errcatch-an.patch b/poky/meta/recipes-connectivity/inetutils/inetutils/0001-ftpd-telnetd-Fix-multiple-definitions-of-errcatch-an.patch deleted file mode 100644 index 49d319f59d..0000000000 --- a/poky/meta/recipes-connectivity/inetutils/inetutils/0001-ftpd-telnetd-Fix-multiple-definitions-of-errcatch-an.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 7d39930468e272c740b0eed3c7e5b7fb3abf29e8 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Wed, 5 Aug 2020 10:36:22 -0700 -Subject: [PATCH] ftpd,telnetd: Fix multiple definitions of errcatch and not42 - -This helps fix build failures when -fno-common option is used - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - ftpd/extern.h | 2 +- - ftpd/ftpcmd.c | 1 + - telnetd/utility.c | 2 +- - 3 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/ftpd/extern.h b/ftpd/extern.h -index ab33cf3..91dbbee 100644 ---- a/ftpd/extern.h -+++ b/ftpd/extern.h -@@ -90,7 +90,7 @@ extern void user (const char *); - extern char *sgetsave (const char *); - - /* Exported from ftpd.c. */ --jmp_buf errcatch; -+extern jmp_buf errcatch; - extern struct sockaddr_storage data_dest; - extern socklen_t data_dest_len; - extern struct sockaddr_storage his_addr; -diff --git a/ftpd/ftpcmd.c b/ftpd/ftpcmd.c -index beb1f06..d272e9d 100644 ---- a/ftpd/ftpcmd.c -+++ b/ftpd/ftpcmd.c -@@ -106,6 +106,7 @@ - #endif - - off_t restart_point; -+jmp_buf errcatch; - - static char cbuf[512]; /* Command Buffer. */ - static char *fromname; -diff --git a/telnetd/utility.c b/telnetd/utility.c -index e7ffb8e..46bf91e 100644 ---- a/telnetd/utility.c -+++ b/telnetd/utility.c -@@ -63,7 +63,7 @@ static int ncc; - static char ptyibuf[BUFSIZ], *ptyip; - static int pcc; - --int not42; -+extern int not42; - - static int - readstream (int p, char *ibuf, int bufsize) --- -2.28.0 - diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch b/poky/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch new file mode 100644 index 0000000000..f4252b5f34 --- /dev/null +++ b/poky/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch @@ -0,0 +1,258 @@ +From 9122999252c7e21eb7774de11d539748e7bdf46d Mon Sep 17 00:00:00 2001 +From: Simon Josefsson <simon@josefsson.org> +Date: Tue, 29 Aug 2023 06:42:11 +0000 +Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit. + +CVE: CVE-2023-40303 + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + src/rcp.c | 42 ++++++++++++++++++++++++------------------ + src/rlogin.c | 12 ++++++------ + src/rsh.c | 26 +++++++++++++------------- + src/rshd.c | 24 ++++++++++++------------ + src/uucpd.c | 16 ++++++++-------- + 5 files changed, 63 insertions(+), 57 deletions(-) + +diff --git a/src/rcp.c b/src/rcp.c +index 7018e35..e504f8a 100644 +--- a/src/rcp.c ++++ b/src/rcp.c +@@ -347,9 +347,10 @@ main (int argc, char *argv[]) + response (); + + if (setuid (userid) == -1) +- { +- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); +- } ++ { ++ error (EXIT_FAILURE, 0, ++ "Could not drop privileges (setuid() failed)"); ++ } + + source (argc, argv); + exit (errs); +@@ -358,9 +359,10 @@ main (int argc, char *argv[]) + if (to_option) + { /* Receive data. */ + if (setuid (userid) == -1) +- { +- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); +- } ++ { ++ error (EXIT_FAILURE, 0, ++ "Could not drop privileges (setuid() failed)"); ++ } + + sink (argc, argv); + exit (errs); +@@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[]) + free (bp); + + if (setuid (userid) == -1) +- { +- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); +- } ++ { ++ error (EXIT_FAILURE, 0, ++ "Could not drop privileges (setuid() failed)"); ++ } + } + source (1, argv + i); + close (rem); +@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[]) + } + + if (seteuid (userid) == -1) +- { +- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); +- } ++ { ++ error (EXIT_FAILURE, 0, ++ "Could not drop privileges (seteuid() failed)"); ++ } + + #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT + sslen = sizeof (ss); +@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[]) + sink (1, vect); + + if (seteuid (effuid) == -1) +- { +- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); +- } ++ { ++ error (EXIT_FAILURE, 0, ++ "Could not drop privileges (seteuid() failed)"); ++ } + + close (rem); + rem = -1; +@@ -1465,9 +1470,10 @@ susystem (char *s, int userid) + + case 0: + if (setuid (userid) == -1) +- { +- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); +- } ++ { ++ error (EXIT_FAILURE, 0, ++ "Could not drop privileges (setuid() failed)"); ++ } + + execl (PATH_BSHELL, "sh", "-c", s, NULL); + _exit (127); +diff --git a/src/rlogin.c b/src/rlogin.c +index 9bf9645..a0c1237 100644 +--- a/src/rlogin.c ++++ b/src/rlogin.c +@@ -648,14 +648,14 @@ try_connect: + to get the privileged port that rcmd () uses. We now want, however, + to run as the real user who invoked us. */ + if (seteuid (uid) == -1) +- { +- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); +- } ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); ++ } + + if (setuid (uid) == -1) +- { +- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); +- } ++ { ++ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); ++ } + + doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */ + +diff --git a/src/rsh.c b/src/rsh.c +index 7b9cf22..c8f50d3 100644 +--- a/src/rsh.c ++++ b/src/rsh.c +@@ -278,14 +278,14 @@ main (int argc, char **argv) + *argv = (char *) "rlogin"; + + if (seteuid (getuid ()) == -1) +- { +- error (EXIT_FAILURE, errno, "seteuid() failed"); +- } +- ++ { ++ error (EXIT_FAILURE, errno, "seteuid() failed"); ++ } ++ + if (setuid (getuid ()) == -1) +- { +- error (EXIT_FAILURE, errno, "setuid() failed"); +- } ++ { ++ error (EXIT_FAILURE, errno, "setuid() failed"); ++ } + + execv (PATH_RLOGIN, argv); + error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN); +@@ -551,14 +551,14 @@ try_connect: + } + + if (seteuid (uid) == -1) +- { +- error (EXIT_FAILURE, errno, "seteuid() failed"); +- } ++ { ++ error (EXIT_FAILURE, errno, "seteuid() failed"); ++ } + + if (setuid (uid) == -1) +- { +- error (EXIT_FAILURE, errno, "setuid() failed"); +- } ++ { ++ error (EXIT_FAILURE, errno, "setuid() failed"); ++ } + + #ifdef HAVE_SIGACTION + sigemptyset (&sigs); +diff --git a/src/rshd.c b/src/rshd.c +index 707790e..df43edf 100644 +--- a/src/rshd.c ++++ b/src/rshd.c +@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) + + /* Set the gid, then uid to become the user specified by "locuser" */ + if (setegid ((gid_t) pwd->pw_gid) == -1) +- { +- rshd_error ("Cannot drop privileges (setegid() failed)\n"); +- exit (EXIT_FAILURE); +- } ++ { ++ rshd_error ("Cannot drop privileges (setegid() failed)\n"); ++ exit (EXIT_FAILURE); ++ } + + if (setgid ((gid_t) pwd->pw_gid) == -1) +- { +- rshd_error ("Cannot drop privileges (setgid() failed)\n"); +- exit (EXIT_FAILURE); +- } ++ { ++ rshd_error ("Cannot drop privileges (setgid() failed)\n"); ++ exit (EXIT_FAILURE); ++ } + + #ifdef HAVE_INITGROUPS + initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */ +@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) + #endif /* WITH_PAM */ + + if (setuid ((uid_t) pwd->pw_uid) == -1) +- { +- rshd_error ("Cannot drop privileges (setuid() failed)\n"); +- exit (EXIT_FAILURE); +- } ++ { ++ rshd_error ("Cannot drop privileges (setuid() failed)\n"); ++ exit (EXIT_FAILURE); ++ } + + /* We'll execute the client's command in the home directory + * of locuser. Note, that the chdir must be executed after +diff --git a/src/uucpd.c b/src/uucpd.c +index 29cfce3..afe24f3 100644 +--- a/src/uucpd.c ++++ b/src/uucpd.c +@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen) + dologin (pw, sap, salen); + + if (setgid (pw->pw_gid) == -1) +- { +- fprintf (stderr, "setgid() failed"); +- return; +- } ++ { ++ fprintf (stderr, "setgid() failed"); ++ return; ++ } + #ifdef HAVE_INITGROUPS + initgroups (pw->pw_name, pw->pw_gid); + #endif +@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen) + } + + if (setuid (pw->pw_uid) == -1) +- { +- fprintf (stderr, "setuid() failed"); +- return; +- } ++ { ++ fprintf (stderr, "setuid() failed"); ++ return; ++ } + + execl (uucico_location, "uucico", NULL); + perror ("uucico server: execl"); +-- +2.40.0 diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch b/poky/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch deleted file mode 100644 index a91913cb51..0000000000 --- a/poky/meta/recipes-connectivity/inetutils/inetutils/fix-buffer-fortify-tfpt.patch +++ /dev/null @@ -1,25 +0,0 @@ -tftpd: Fix abort on error path - -When trying to fetch a non existent file, the app crashes with: - -*** buffer overflow detected ***: -Aborted - - -Upstream-Status: Submitted [https://www.mail-archive.com/bug-inetutils@gnu.org/msg03036.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91205] -Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> -diff --git a/src/tftpd.c b/src/tftpd.c -index 56002a0..144012f 100644 ---- a/src/tftpd.c -+++ b/src/tftpd.c -@@ -864,9 +864,8 @@ nak (int error) - pe->e_msg = strerror (error - 100); - tp->th_code = EUNDEF; /* set 'undef' errorcode */ - } -- strcpy (tp->th_msg, pe->e_msg); - length = strlen (pe->e_msg); -- tp->th_msg[length] = '\0'; -+ memcpy(tp->th_msg, pe->e_msg, length + 1); - length += 5; - if (sendto (peer, buf, length, 0, (struct sockaddr *) &from, fromlen) != length) - syslog (LOG_ERR, "nak: %m\n"); diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils_2.4.bb b/poky/meta/recipes-connectivity/inetutils/inetutils_2.4.bb index 6519331141..032c0d6b24 100644 --- a/poky/meta/recipes-connectivity/inetutils/inetutils_2.4.bb +++ b/poky/meta/recipes-connectivity/inetutils/inetutils_2.4.bb @@ -21,6 +21,8 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \ file://tftpd.xinetd.inetutils \ file://inetutils-1.9-PATH_PROCNET_DEV.patch \ file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \ + file://0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch \ + file://0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch \ " inherit autotools gettext update-alternatives texinfo diff --git a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index e802bcee18..a4030b7b32 100644 --- a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -5,8 +5,8 @@ SECTION = "network" LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" -SRCREV = "22a5de3ef637990ce03141f786fbdb327e9c5a3f" -PV = "20221107" +SRCREV = "aae7c68671d225e6d35224613d5b98192b9b2ffe" +PV = "20230416" PE = "1" SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main" diff --git a/poky/meta/recipes-connectivity/openssh/openssh/7280401bdd77ca54be6867a154cc01e0d72612e0.patch b/poky/meta/recipes-connectivity/openssh/openssh/7280401bdd77ca54be6867a154cc01e0d72612e0.patch new file mode 100644 index 0000000000..4c8aa085f3 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssh/openssh/7280401bdd77ca54be6867a154cc01e0d72612e0.patch @@ -0,0 +1,994 @@ +From 7280401bdd77ca54be6867a154cc01e0d72612e0 Mon Sep 17 00:00:00 2001 +From: Damien Miller <djm@mindrot.org> +Date: Fri, 24 Mar 2023 13:56:25 +1100 +Subject: [PATCH] remove support for old libcrypto + +OpenSSH now requires LibreSSL 3.1.0 or greater or +OpenSSL 1.1.1 or greater + +with/ok dtucker@ + +Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/7280401bdd77ca54be6867a154cc01e0d72612e0] +Comment: Hunks are refreshed. +Signed-off-by: Riyaz Khan <Riyaz.Khan@kpit.com> + +--- + .github/workflows/c-cpp.yml | 7 - + INSTALL | 8 +- + cipher-aes.c | 2 +- + configure.ac | 96 ++--- + openbsd-compat/libressl-api-compat.c | 556 +-------------------------- + openbsd-compat/openssl-compat.h | 151 +------- + 6 files changed, 40 insertions(+), 780 deletions(-) + +diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml +index 3d9aa22dba5..d299a32468d 100644 +--- a/.github/workflows/c-cpp.yml ++++ b/.github/workflows/c-cpp.yml +@@ -47,9 +47,6 @@ jobs: + - { target: ubuntu-20.04, config: tcmalloc } + - { target: ubuntu-20.04, config: musl } + - { target: ubuntu-latest, config: libressl-master } +- - { target: ubuntu-latest, config: libressl-2.2.9 } +- - { target: ubuntu-latest, config: libressl-2.8.3 } +- - { target: ubuntu-latest, config: libressl-3.0.2 } + - { target: ubuntu-latest, config: libressl-3.2.6 } + - { target: ubuntu-latest, config: libressl-3.3.6 } + - { target: ubuntu-latest, config: libressl-3.4.3 } +@@ -58,10 +55,6 @@ jobs: + - { target: ubuntu-latest, config: libressl-3.7.0 } + - { target: ubuntu-latest, config: openssl-master } + - { target: ubuntu-latest, config: openssl-noec } +- - { target: ubuntu-latest, config: openssl-1.0.1 } +- - { target: ubuntu-latest, config: openssl-1.0.1u } +- - { target: ubuntu-latest, config: openssl-1.0.2u } +- - { target: ubuntu-latest, config: openssl-1.1.0h } + - { target: ubuntu-latest, config: openssl-1.1.1 } + - { target: ubuntu-latest, config: openssl-1.1.1k } + - { target: ubuntu-latest, config: openssl-1.1.1n } +diff --git a/INSTALL b/INSTALL +index 68b15e13190..f99d1e2a809 100644 +--- a/INSTALL ++++ b/INSTALL +@@ -21,12 +21,8 @@ https://zlib.net/ + + libcrypto from either of LibreSSL or OpenSSL. Building without libcrypto + is supported but severely restricts the available ciphers and algorithms. +- - LibreSSL (https://www.libressl.org/) +- - OpenSSL (https://www.openssl.org) with any of the following versions: +- - 1.0.x >= 1.0.1 or 1.1.0 >= 1.1.0g or any 1.1.1 +- +-Note that due to a bug in EVP_CipherInit OpenSSL 1.1 versions prior to +-1.1.0g can't be used. ++ - LibreSSL (https://www.libressl.org/) 3.1.0 or greater ++ - OpenSSL (https://www.openssl.org) 1.1.1 or greater + + LibreSSL/OpenSSL should be compiled as a position-independent library + (i.e. -fPIC, eg by configuring OpenSSL as "./config [options] -fPIC" +diff --git a/cipher-aes.c b/cipher-aes.c +index 8b101727284..87c763353d8 100644 +--- a/cipher-aes.c ++++ b/cipher-aes.c +@@ -69,7 +69,7 @@ ssh_rijndael_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, + + static int + ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, +- LIBCRYPTO_EVP_INL_TYPE len) ++ size_t len) + { + struct ssh_rijndael_ctx *c; + u_char buf[RIJNDAEL_BLOCKSIZE]; +diff --git a/configure.ac b/configure.ac +index 22fee70f604..1c0ccdf19c5 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -2802,42 +2802,40 @@ if test "x$openssl" = "xyes" ; then + #include <openssl/crypto.h> + #define DATA "conftest.ssllibver" + ]], [[ +- FILE *fd; +- int rc; ++ FILE *f; + +- fd = fopen(DATA,"w"); +- if(fd == NULL) ++ if ((f = fopen(DATA, "w")) == NULL) + exit(1); +-#ifndef OPENSSL_VERSION +-# define OPENSSL_VERSION SSLEAY_VERSION +-#endif +-#ifndef HAVE_OPENSSL_VERSION +-# define OpenSSL_version SSLeay_version +-#endif +-#ifndef HAVE_OPENSSL_VERSION_NUM +-# define OpenSSL_version_num SSLeay +-#endif +- if ((rc = fprintf(fd, "%08lx (%s)\n", ++ if (fprintf(f, "%08lx (%s)", + (unsigned long)OpenSSL_version_num(), +- OpenSSL_version(OPENSSL_VERSION))) < 0) ++ OpenSSL_version(OPENSSL_VERSION)) < 0) ++ exit(1); ++#ifdef LIBRESSL_VERSION_NUMBER ++ if (fprintf(f, " libressl-%08lx", LIBRESSL_VERSION_NUMBER) < 0) ++ exit(1); ++#endif ++ if (fputc('\n', f) == EOF || fclose(f) == EOF) + exit(1); +- + exit(0); + ]])], + [ +- ssl_library_ver=`cat conftest.ssllibver` ++ sslver=`cat conftest.ssllibver` ++ ssl_showver=`echo "$sslver" | sed 's/ libressl-.*//'` + # Check version is supported. +- case "$ssl_library_ver" in +- 10000*|0*) +- AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) +- ;; +- 100*) ;; # 1.0.x +- 101000[[0123456]]*) +- # https://github.com/openssl/openssl/pull/4613 +- AC_MSG_ERROR([OpenSSL 1.1.x versions prior to 1.1.0g have a bug that breaks their use with OpenSSH (have "$ssl_library_ver")]) ++ case "$sslver" in ++ 100*|10100*) # 1.0.x, 1.1.0x ++ AC_MSG_ERROR([OpenSSL >= 1.1.1 required (have "$ssl_showver")]) + ;; + 101*) ;; # 1.1.x +- 200*) ;; # LibreSSL ++ 200*) # LibreSSL ++ lver=`echo "$sslver" | sed 's/.*libressl-//'` ++ case "$lver" in ++ 2*|300*) # 2.x, 3.0.0 ++ AC_MSG_ERROR([LibreSSL >= 3.1.0 required (have "$ssl_showver")]) ++ ;; ++ *) ;; # Assume all other versions are good. ++ esac ++ ;; + 300*) + # OpenSSL 3; we use the 1.1x API + CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" +@@ -2847,10 +2845,10 @@ if test "x$openssl" = "xyes" ; then + CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L" + ;; + *) +- AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_library_ver")]) ++ AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_showver")]) + ;; + esac +- AC_MSG_RESULT([$ssl_library_ver]) ++ AC_MSG_RESULT([$ssl_showver]) + ], + [ + AC_MSG_RESULT([not found]) +@@ -2863,7 +2861,7 @@ if test "x$openssl" = "xyes" ; then + + case "$host" in + x86_64-*) +- case "$ssl_library_ver" in ++ case "$sslver" in + 3000004*) + AC_MSG_ERROR([OpenSSL 3.0.4 has a potential RCE in its RSA implementation (CVE-2022-2274)]) + ;; +@@ -2879,9 +2877,6 @@ if test "x$openssl" = "xyes" ; then + #include <openssl/opensslv.h> + #include <openssl/crypto.h> + ]], [[ +-#ifndef HAVE_OPENSSL_VERSION_NUM +-# define OpenSSL_version_num SSLeay +-#endif + exit(OpenSSL_version_num() == OPENSSL_VERSION_NUMBER ? 0 : 1); + ]])], + [ +@@ -2955,44 +2950,13 @@ if test "x$openssl" = "xyes" ; then + ) + ) + +- # LibreSSL/OpenSSL 1.1x API ++ # LibreSSL/OpenSSL API differences + AC_CHECK_FUNCS([ \ +- OPENSSL_init_crypto \ +- DH_get0_key \ +- DH_get0_pqg \ +- DH_set0_key \ +- DH_set_length \ +- DH_set0_pqg \ +- DSA_get0_key \ +- DSA_get0_pqg \ +- DSA_set0_key \ +- DSA_set0_pqg \ +- DSA_SIG_get0 \ +- DSA_SIG_set0 \ +- ECDSA_SIG_get0 \ +- ECDSA_SIG_set0 \ + EVP_CIPHER_CTX_iv \ + EVP_CIPHER_CTX_iv_noconst \ + EVP_CIPHER_CTX_get_iv \ + EVP_CIPHER_CTX_get_updated_iv \ + EVP_CIPHER_CTX_set_iv \ +- RSA_get0_crt_params \ +- RSA_get0_factors \ +- RSA_get0_key \ +- RSA_set0_crt_params \ +- RSA_set0_factors \ +- RSA_set0_key \ +- RSA_meth_free \ +- RSA_meth_dup \ +- RSA_meth_set1_name \ +- RSA_meth_get_finish \ +- RSA_meth_set_priv_enc \ +- RSA_meth_set_priv_dec \ +- RSA_meth_set_finish \ +- EVP_PKEY_get0_RSA \ +- EVP_MD_CTX_new \ +- EVP_MD_CTX_free \ +- EVP_chacha20 \ + ]) + + if test "x$openssl_engine" = "xyes" ; then +@@ -3050,8 +3014,8 @@ if test "x$openssl" = "xyes" ; then + ] + ) + +- # Check for SHA256, SHA384 and SHA512 support in OpenSSL +- AC_CHECK_FUNCS([EVP_sha256 EVP_sha384 EVP_sha512]) ++ # Check for various EVP support in OpenSSL ++ AC_CHECK_FUNCS([EVP_sha256 EVP_sha384 EVP_sha512 EVP_chacha20]) + + # Check complete ECC support in OpenSSL + AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) +diff --git a/openbsd-compat/libressl-api-compat.c b/openbsd-compat/libressl-api-compat.c +index 498180dc894..59be17397c5 100644 +--- a/openbsd-compat/libressl-api-compat.c ++++ b/openbsd-compat/libressl-api-compat.c +@@ -1,129 +1,5 @@ +-/* $OpenBSD: dsa_lib.c,v 1.29 2018/04/14 07:09:21 tb Exp $ */ +-/* $OpenBSD: rsa_lib.c,v 1.37 2018/04/14 07:09:21 tb Exp $ */ +-/* $OpenBSD: evp_lib.c,v 1.17 2018/09/12 06:35:38 djm Exp $ */ +-/* $OpenBSD: dh_lib.c,v 1.32 2018/05/02 15:48:38 tb Exp $ */ +-/* $OpenBSD: p_lib.c,v 1.24 2018/05/30 15:40:50 tb Exp $ */ +-/* $OpenBSD: digest.c,v 1.30 2018/04/14 07:09:21 tb Exp $ */ +-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) +- * All rights reserved. +- * +- * This package is an SSL implementation written +- * by Eric Young (eay@cryptsoft.com). +- * The implementation was written so as to conform with Netscapes SSL. +- * +- * This library is free for commercial and non-commercial use as long as +- * the following conditions are aheared to. The following conditions +- * apply to all code found in this distribution, be it the RC4, RSA, +- * lhash, DES, etc., code; not just the SSL code. The SSL documentation +- * included with this distribution is covered by the same copyright terms +- * except that the holder is Tim Hudson (tjh@cryptsoft.com). +- * +- * Copyright remains Eric Young's, and as such any Copyright notices in +- * the code are not to be removed. +- * If this package is used in a product, Eric Young should be given attribution +- * as the author of the parts of the library used. +- * This can be in the form of a textual message at program startup or +- * in documentation (online or textual) provided with the package. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * 1. Redistributions of source code must retain the copyright +- * notice, this list of conditions and the following disclaimer. +- * 2. Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in the +- * documentation and/or other materials provided with the distribution. +- * 3. All advertising materials mentioning features or use of this software +- * must display the following acknowledgement: +- * "This product includes cryptographic software written by +- * Eric Young (eay@cryptsoft.com)" +- * The word 'cryptographic' can be left out if the rouines from the library +- * being used are not cryptographic related :-). +- * 4. If you include any Windows specific code (or a derivative thereof) from +- * the apps directory (application code) you must include an acknowledgement: +- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" +- * +- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND +- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +- * SUCH DAMAGE. +- * +- * The licence and distribution terms for any publically available version or +- * derivative of this code cannot be changed. i.e. this code cannot simply be +- * copied and put under another distribution licence +- * [including the GNU Public Licence.] +- */ +- +-/* $OpenBSD: dsa_asn1.c,v 1.22 2018/06/14 17:03:19 jsing Exp $ */ +-/* $OpenBSD: ecs_asn1.c,v 1.9 2018/03/17 15:24:44 tb Exp $ */ +-/* $OpenBSD: digest.c,v 1.30 2018/04/14 07:09:21 tb Exp $ */ +-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL +- * project 2000. +- */ +-/* ==================================================================== +- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. +- * +- * Redistribution and use in source and binary forms, with or without +- * modification, are permitted provided that the following conditions +- * are met: +- * +- * 1. Redistributions of source code must retain the above copyright +- * notice, this list of conditions and the following disclaimer. +- * +- * 2. Redistributions in binary form must reproduce the above copyright +- * notice, this list of conditions and the following disclaimer in +- * the documentation and/or other materials provided with the +- * distribution. +- * +- * 3. All advertising materials mentioning features or use of this +- * software must display the following acknowledgment: +- * "This product includes software developed by the OpenSSL Project +- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" +- * +- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to +- * endorse or promote products derived from this software without +- * prior written permission. For written permission, please contact +- * licensing@OpenSSL.org. +- * +- * 5. Products derived from this software may not be called "OpenSSL" +- * nor may "OpenSSL" appear in their names without prior written +- * permission of the OpenSSL Project. +- * +- * 6. Redistributions of any form whatsoever must retain the following +- * acknowledgment: +- * "This product includes software developed by the OpenSSL Project +- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" +- * +- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY +- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR +- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +- * OF THE POSSIBILITY OF SUCH DAMAGE. +- * ==================================================================== +- * +- * This product includes cryptographic software written by Eric Young +- * (eay@cryptsoft.com). This product includes software written by Tim +- * Hudson (tjh@cryptsoft.com). +- * +- */ +- +-/* $OpenBSD: rsa_meth.c,v 1.2 2018/09/12 06:35:38 djm Exp $ */ + /* +- * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> ++ * Copyright (c) 2018 Damien Miller <djm@mindrot.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above +@@ -147,192 +23,7 @@ + #include <stdlib.h> + #include <string.h> + +-#include <openssl/err.h> +-#include <openssl/bn.h> +-#include <openssl/dsa.h> +-#include <openssl/rsa.h> + #include <openssl/evp.h> +-#ifdef OPENSSL_HAS_ECC +-#include <openssl/ecdsa.h> +-#endif +-#include <openssl/dh.h> +- +-#ifndef HAVE_DSA_GET0_PQG +-void +-DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) +-{ +- if (p != NULL) +- *p = d->p; +- if (q != NULL) +- *q = d->q; +- if (g != NULL) +- *g = d->g; +-} +-#endif /* HAVE_DSA_GET0_PQG */ +- +-#ifndef HAVE_DSA_SET0_PQG +-int +-DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) +-{ +- if ((d->p == NULL && p == NULL) || (d->q == NULL && q == NULL) || +- (d->g == NULL && g == NULL)) +- return 0; +- +- if (p != NULL) { +- BN_free(d->p); +- d->p = p; +- } +- if (q != NULL) { +- BN_free(d->q); +- d->q = q; +- } +- if (g != NULL) { +- BN_free(d->g); +- d->g = g; +- } +- +- return 1; +-} +-#endif /* HAVE_DSA_SET0_PQG */ +- +-#ifndef HAVE_DSA_GET0_KEY +-void +-DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key) +-{ +- if (pub_key != NULL) +- *pub_key = d->pub_key; +- if (priv_key != NULL) +- *priv_key = d->priv_key; +-} +-#endif /* HAVE_DSA_GET0_KEY */ +- +-#ifndef HAVE_DSA_SET0_KEY +-int +-DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) +-{ +- if (d->pub_key == NULL && pub_key == NULL) +- return 0; +- +- if (pub_key != NULL) { +- BN_free(d->pub_key); +- d->pub_key = pub_key; +- } +- if (priv_key != NULL) { +- BN_free(d->priv_key); +- d->priv_key = priv_key; +- } +- +- return 1; +-} +-#endif /* HAVE_DSA_SET0_KEY */ +- +-#ifndef HAVE_RSA_GET0_KEY +-void +-RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) +-{ +- if (n != NULL) +- *n = r->n; +- if (e != NULL) +- *e = r->e; +- if (d != NULL) +- *d = r->d; +-} +-#endif /* HAVE_RSA_GET0_KEY */ +- +-#ifndef HAVE_RSA_SET0_KEY +-int +-RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) +-{ +- if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL)) +- return 0; +- +- if (n != NULL) { +- BN_free(r->n); +- r->n = n; +- } +- if (e != NULL) { +- BN_free(r->e); +- r->e = e; +- } +- if (d != NULL) { +- BN_free(r->d); +- r->d = d; +- } +- +- return 1; +-} +-#endif /* HAVE_RSA_SET0_KEY */ +- +-#ifndef HAVE_RSA_GET0_CRT_PARAMS +-void +-RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, +- const BIGNUM **iqmp) +-{ +- if (dmp1 != NULL) +- *dmp1 = r->dmp1; +- if (dmq1 != NULL) +- *dmq1 = r->dmq1; +- if (iqmp != NULL) +- *iqmp = r->iqmp; +-} +-#endif /* HAVE_RSA_GET0_CRT_PARAMS */ +- +-#ifndef HAVE_RSA_SET0_CRT_PARAMS +-int +-RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) +-{ +- if ((r->dmp1 == NULL && dmp1 == NULL) || +- (r->dmq1 == NULL && dmq1 == NULL) || +- (r->iqmp == NULL && iqmp == NULL)) +- return 0; +- +- if (dmp1 != NULL) { +- BN_free(r->dmp1); +- r->dmp1 = dmp1; +- } +- if (dmq1 != NULL) { +- BN_free(r->dmq1); +- r->dmq1 = dmq1; +- } +- if (iqmp != NULL) { +- BN_free(r->iqmp); +- r->iqmp = iqmp; +- } +- +- return 1; +-} +-#endif /* HAVE_RSA_SET0_CRT_PARAMS */ +- +-#ifndef HAVE_RSA_GET0_FACTORS +-void +-RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) +-{ +- if (p != NULL) +- *p = r->p; +- if (q != NULL) +- *q = r->q; +-} +-#endif /* HAVE_RSA_GET0_FACTORS */ +- +-#ifndef HAVE_RSA_SET0_FACTORS +-int +-RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) +-{ +- if ((r->p == NULL && p == NULL) || (r->q == NULL && q == NULL)) +- return 0; +- +- if (p != NULL) { +- BN_free(r->p); +- r->p = p; +- } +- if (q != NULL) { +- BN_free(r->q); +- r->q = q; +- } +- +- return 1; +-} +-#endif /* HAVE_RSA_SET0_FACTORS */ + + #ifndef HAVE_EVP_CIPHER_CTX_GET_IV + int +@@ -392,249 +83,4 @@ EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, const unsigned char *iv, size_t len) + } + #endif /* HAVE_EVP_CIPHER_CTX_SET_IV */ + +-#ifndef HAVE_DSA_SIG_GET0 +-void +-DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) +-{ +- if (pr != NULL) +- *pr = sig->r; +- if (ps != NULL) +- *ps = sig->s; +-} +-#endif /* HAVE_DSA_SIG_GET0 */ +- +-#ifndef HAVE_DSA_SIG_SET0 +-int +-DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) +-{ +- if (r == NULL || s == NULL) +- return 0; +- +- BN_clear_free(sig->r); +- sig->r = r; +- BN_clear_free(sig->s); +- sig->s = s; +- +- return 1; +-} +-#endif /* HAVE_DSA_SIG_SET0 */ +- +-#ifdef OPENSSL_HAS_ECC +-#ifndef HAVE_ECDSA_SIG_GET0 +-void +-ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) +-{ +- if (pr != NULL) +- *pr = sig->r; +- if (ps != NULL) +- *ps = sig->s; +-} +-#endif /* HAVE_ECDSA_SIG_GET0 */ +- +-#ifndef HAVE_ECDSA_SIG_SET0 +-int +-ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) +-{ +- if (r == NULL || s == NULL) +- return 0; +- +- BN_clear_free(sig->r); +- BN_clear_free(sig->s); +- sig->r = r; +- sig->s = s; +- return 1; +-} +-#endif /* HAVE_ECDSA_SIG_SET0 */ +-#endif /* OPENSSL_HAS_ECC */ +- +-#ifndef HAVE_DH_GET0_PQG +-void +-DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) +-{ +- if (p != NULL) +- *p = dh->p; +- if (q != NULL) +- *q = dh->q; +- if (g != NULL) +- *g = dh->g; +-} +-#endif /* HAVE_DH_GET0_PQG */ +- +-#ifndef HAVE_DH_SET0_PQG +-int +-DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) +-{ +- if ((dh->p == NULL && p == NULL) || (dh->g == NULL && g == NULL)) +- return 0; +- +- if (p != NULL) { +- BN_free(dh->p); +- dh->p = p; +- } +- if (q != NULL) { +- BN_free(dh->q); +- dh->q = q; +- } +- if (g != NULL) { +- BN_free(dh->g); +- dh->g = g; +- } +- +- return 1; +-} +-#endif /* HAVE_DH_SET0_PQG */ +- +-#ifndef HAVE_DH_GET0_KEY +-void +-DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) +-{ +- if (pub_key != NULL) +- *pub_key = dh->pub_key; +- if (priv_key != NULL) +- *priv_key = dh->priv_key; +-} +-#endif /* HAVE_DH_GET0_KEY */ +- +-#ifndef HAVE_DH_SET0_KEY +-int +-DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) +-{ +- if (pub_key != NULL) { +- BN_free(dh->pub_key); +- dh->pub_key = pub_key; +- } +- if (priv_key != NULL) { +- BN_free(dh->priv_key); +- dh->priv_key = priv_key; +- } +- +- return 1; +-} +-#endif /* HAVE_DH_SET0_KEY */ +- +-#ifndef HAVE_DH_SET_LENGTH +-int +-DH_set_length(DH *dh, long length) +-{ +- if (length < 0 || length > INT_MAX) +- return 0; +- +- dh->length = length; +- return 1; +-} +-#endif /* HAVE_DH_SET_LENGTH */ +- +-#ifndef HAVE_RSA_METH_FREE +-void +-RSA_meth_free(RSA_METHOD *meth) +-{ +- if (meth != NULL) { +- free((char *)meth->name); +- free(meth); +- } +-} +-#endif /* HAVE_RSA_METH_FREE */ +- +-#ifndef HAVE_RSA_METH_DUP +-RSA_METHOD * +-RSA_meth_dup(const RSA_METHOD *meth) +-{ +- RSA_METHOD *copy; +- +- if ((copy = calloc(1, sizeof(*copy))) == NULL) +- return NULL; +- memcpy(copy, meth, sizeof(*copy)); +- if ((copy->name = strdup(meth->name)) == NULL) { +- free(copy); +- return NULL; +- } +- +- return copy; +-} +-#endif /* HAVE_RSA_METH_DUP */ +- +-#ifndef HAVE_RSA_METH_SET1_NAME +-int +-RSA_meth_set1_name(RSA_METHOD *meth, const char *name) +-{ +- char *copy; +- +- if ((copy = strdup(name)) == NULL) +- return 0; +- free((char *)meth->name); +- meth->name = copy; +- return 1; +-} +-#endif /* HAVE_RSA_METH_SET1_NAME */ +- +-#ifndef HAVE_RSA_METH_GET_FINISH +-int +-(*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa) +-{ +- return meth->finish; +-} +-#endif /* HAVE_RSA_METH_GET_FINISH */ +- +-#ifndef HAVE_RSA_METH_SET_PRIV_ENC +-int +-RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen, +- const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) +-{ +- meth->rsa_priv_enc = priv_enc; +- return 1; +-} +-#endif /* HAVE_RSA_METH_SET_PRIV_ENC */ +- +-#ifndef HAVE_RSA_METH_SET_PRIV_DEC +-int +-RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen, +- const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) +-{ +- meth->rsa_priv_dec = priv_dec; +- return 1; +-} +-#endif /* HAVE_RSA_METH_SET_PRIV_DEC */ +- +-#ifndef HAVE_RSA_METH_SET_FINISH +-int +-RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa)) +-{ +- meth->finish = finish; +- return 1; +-} +-#endif /* HAVE_RSA_METH_SET_FINISH */ +- +-#ifndef HAVE_EVP_PKEY_GET0_RSA +-RSA * +-EVP_PKEY_get0_RSA(EVP_PKEY *pkey) +-{ +- if (pkey->type != EVP_PKEY_RSA) { +- /* EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); */ +- return NULL; +- } +- return pkey->pkey.rsa; +-} +-#endif /* HAVE_EVP_PKEY_GET0_RSA */ +- +-#ifndef HAVE_EVP_MD_CTX_NEW +-EVP_MD_CTX * +-EVP_MD_CTX_new(void) +-{ +- return calloc(1, sizeof(EVP_MD_CTX)); +-} +-#endif /* HAVE_EVP_MD_CTX_NEW */ +- +-#ifndef HAVE_EVP_MD_CTX_FREE +-void +-EVP_MD_CTX_free(EVP_MD_CTX *ctx) +-{ +- if (ctx == NULL) +- return; +- +- EVP_MD_CTX_cleanup(ctx); +- +- free(ctx); +-} +-#endif /* HAVE_EVP_MD_CTX_FREE */ +- + #endif /* WITH_OPENSSL */ +diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h +index 61a69dd56eb..d0dd2c3450d 100644 +--- a/openbsd-compat/openssl-compat.h ++++ b/openbsd-compat/openssl-compat.h +@@ -33,26 +33,13 @@ + int ssh_compatible_openssl(long, long); + void ssh_libcrypto_init(void); + +-#if (OPENSSL_VERSION_NUMBER < 0x1000100fL) +-# error OpenSSL 1.0.1 or greater is required ++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) ++# error OpenSSL 1.1.0 or greater is required + #endif +- +-#ifndef OPENSSL_VERSION +-# define OPENSSL_VERSION SSLEAY_VERSION +-#endif +- +-#ifndef HAVE_OPENSSL_VERSION +-# define OpenSSL_version(x) SSLeay_version(x) +-#endif +- +-#ifndef HAVE_OPENSSL_VERSION_NUM +-# define OpenSSL_version_num SSLeay +-#endif +- +-#if OPENSSL_VERSION_NUMBER < 0x10000001L +-# define LIBCRYPTO_EVP_INL_TYPE unsigned int +-#else +-# define LIBCRYPTO_EVP_INL_TYPE size_t ++#ifdef LIBRESSL_VERSION_NUMBER ++# if LIBRESSL_VERSION_NUMBER < 0x3010000fL ++# error LibreSSL 3.1.0 or greater is required ++# endif + #endif + + #ifndef OPENSSL_RSA_MAX_MODULUS_BITS +@@ -68,25 +55,6 @@ void ssh_libcrypto_init(void); + # endif + #endif + +-/* LibreSSL/OpenSSL 1.1x API compat */ +-#ifndef HAVE_DSA_GET0_PQG +-void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, +- const BIGNUM **g); +-#endif /* HAVE_DSA_GET0_PQG */ +- +-#ifndef HAVE_DSA_SET0_PQG +-int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g); +-#endif /* HAVE_DSA_SET0_PQG */ +- +-#ifndef HAVE_DSA_GET0_KEY +-void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, +- const BIGNUM **priv_key); +-#endif /* HAVE_DSA_GET0_KEY */ +- +-#ifndef HAVE_DSA_SET0_KEY +-int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key); +-#endif /* HAVE_DSA_SET0_KEY */ +- + #ifndef HAVE_EVP_CIPHER_CTX_GET_IV + # ifdef HAVE_EVP_CIPHER_CTX_GET_UPDATED_IV + # define EVP_CIPHER_CTX_get_iv EVP_CIPHER_CTX_get_updated_iv +@@ -101,112 +69,5 @@ int EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, + const unsigned char *iv, size_t len); + #endif /* HAVE_EVP_CIPHER_CTX_SET_IV */ + +-#ifndef HAVE_RSA_GET0_KEY +-void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, +- const BIGNUM **d); +-#endif /* HAVE_RSA_GET0_KEY */ +- +-#ifndef HAVE_RSA_SET0_KEY +-int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); +-#endif /* HAVE_RSA_SET0_KEY */ +- +-#ifndef HAVE_RSA_GET0_CRT_PARAMS +-void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, +- const BIGNUM **iqmp); +-#endif /* HAVE_RSA_GET0_CRT_PARAMS */ +- +-#ifndef HAVE_RSA_SET0_CRT_PARAMS +-int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); +-#endif /* HAVE_RSA_SET0_CRT_PARAMS */ +- +-#ifndef HAVE_RSA_GET0_FACTORS +-void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); +-#endif /* HAVE_RSA_GET0_FACTORS */ +- +-#ifndef HAVE_RSA_SET0_FACTORS +-int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); +-#endif /* HAVE_RSA_SET0_FACTORS */ +- +-#ifndef DSA_SIG_GET0 +-void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); +-#endif /* DSA_SIG_GET0 */ +- +-#ifndef DSA_SIG_SET0 +-int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); +-#endif /* DSA_SIG_SET0 */ +- +-#ifdef OPENSSL_HAS_ECC +-#ifndef HAVE_ECDSA_SIG_GET0 +-void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); +-#endif /* HAVE_ECDSA_SIG_GET0 */ +- +-#ifndef HAVE_ECDSA_SIG_SET0 +-int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); +-#endif /* HAVE_ECDSA_SIG_SET0 */ +-#endif /* OPENSSL_HAS_ECC */ +- +-#ifndef HAVE_DH_GET0_PQG +-void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, +- const BIGNUM **g); +-#endif /* HAVE_DH_GET0_PQG */ +- +-#ifndef HAVE_DH_SET0_PQG +-int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); +-#endif /* HAVE_DH_SET0_PQG */ +- +-#ifndef HAVE_DH_GET0_KEY +-void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); +-#endif /* HAVE_DH_GET0_KEY */ +- +-#ifndef HAVE_DH_SET0_KEY +-int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); +-#endif /* HAVE_DH_SET0_KEY */ +- +-#ifndef HAVE_DH_SET_LENGTH +-int DH_set_length(DH *dh, long length); +-#endif /* HAVE_DH_SET_LENGTH */ +- +-#ifndef HAVE_RSA_METH_FREE +-void RSA_meth_free(RSA_METHOD *meth); +-#endif /* HAVE_RSA_METH_FREE */ +- +-#ifndef HAVE_RSA_METH_DUP +-RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth); +-#endif /* HAVE_RSA_METH_DUP */ +- +-#ifndef HAVE_RSA_METH_SET1_NAME +-int RSA_meth_set1_name(RSA_METHOD *meth, const char *name); +-#endif /* HAVE_RSA_METH_SET1_NAME */ +- +-#ifndef HAVE_RSA_METH_GET_FINISH +-int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa); +-#endif /* HAVE_RSA_METH_GET_FINISH */ +- +-#ifndef HAVE_RSA_METH_SET_PRIV_ENC +-int RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen, +- const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); +-#endif /* HAVE_RSA_METH_SET_PRIV_ENC */ +- +-#ifndef HAVE_RSA_METH_SET_PRIV_DEC +-int RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen, +- const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); +-#endif /* HAVE_RSA_METH_SET_PRIV_DEC */ +- +-#ifndef HAVE_RSA_METH_SET_FINISH +-int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa)); +-#endif /* HAVE_RSA_METH_SET_FINISH */ +- +-#ifndef HAVE_EVP_PKEY_GET0_RSA +-RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); +-#endif /* HAVE_EVP_PKEY_GET0_RSA */ +- +-#ifndef HAVE_EVP_MD_CTX_new +-EVP_MD_CTX *EVP_MD_CTX_new(void); +-#endif /* HAVE_EVP_MD_CTX_new */ +- +-#ifndef HAVE_EVP_MD_CTX_free +-void EVP_MD_CTX_free(EVP_MD_CTX *ctx); +-#endif /* HAVE_EVP_MD_CTX_free */ +- + #endif /* WITH_OPENSSL */ + #endif /* _OPENSSL_COMPAT_H */ diff --git a/poky/meta/recipes-connectivity/openssh/openssh_9.3p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_9.3p2.bb index d3dedd1a5a..558e027f5d 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh_9.3p1.bb +++ b/poky/meta/recipes-connectivity/openssh/openssh_9.3p2.bb @@ -24,8 +24,9 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ + file://7280401bdd77ca54be6867a154cc01e0d72612e0.patch \ " -SRC_URI[sha256sum] = "e9baba7701a76a51f3d85a62c383a3c9dcd97fa900b859bc7db114c1868af8a8" +SRC_URI[sha256sum] = "200ebe147f6cb3f101fd0cdf9e02442af7ddca298dffd9f456878e7ccac676e8" # This CVE is specific to OpenSSH with the pam opie which we don't build/use here CVE_CHECK_IGNORE += "CVE-2007-2768" diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch index 0b7abc3a11..502a7aaf32 100644 --- a/poky/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch +++ b/poky/meta/recipes-connectivity/openssl/openssl/0001-Configure-do-not-tweak-mips-cflags.patch @@ -1,6 +1,6 @@ -From 326909baf81a638d51fa8be1d8227518784f5cc4 Mon Sep 17 00:00:00 2001 +From 0377f0d5b5c1079e3b9a80881f4dcc891cbe9f9a Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex@linutronix.de> -Date: Tue, 14 Sep 2021 12:18:25 +0200 +Date: Tue, 30 May 2023 09:11:27 -0700 Subject: [PATCH] Configure: do not tweak mips cflags This conflicts with mips machine definitons from yocto, @@ -9,20 +9,23 @@ e.g. Upstream-Status: Inappropriate [oe-core specific] Signed-off-by: Alexander Kanavin <alex@linutronix.de> + +Refreshed for openssl-3.1.1 +Signed-off-by: Tim Orling <tim.orling@konsulko.com> --- Configure | 10 ---------- 1 file changed, 10 deletions(-) -Index: openssl-3.0.4/Configure -=================================================================== ---- openssl-3.0.4.orig/Configure -+++ openssl-3.0.4/Configure -@@ -1423,16 +1423,6 @@ if ($target =~ /^mingw/ && `$config{CC} +diff --git a/Configure b/Configure +index 4569952..adf019b 100755 +--- a/Configure ++++ b/Configure +@@ -1422,16 +1422,6 @@ if ($target =~ /^mingw/ && `$config{CC} --target-help 2>&1` =~ m/-mno-cygwin/m) push @{$config{shared_ldflag}}, "-mno-cygwin"; } -if ($target =~ /linux.*-mips/ && !$disabled{asm} -- && !grep { $_ !~ /-m(ips|arch=)/ } (@{$config{CFLAGS}})) { +- && !grep { $_ =~ /-m(ips|arch=)/ } (@{$config{CFLAGS}})) { - # minimally required architecture flags for assembly modules - my $value; - $value = '-mips2' if ($target =~ /mips32/); diff --git a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2023-0464.patch b/poky/meta/recipes-connectivity/openssl/openssl/CVE-2023-0464.patch deleted file mode 100644 index 33b0bb6c79..0000000000 --- a/poky/meta/recipes-connectivity/openssl/openssl/CVE-2023-0464.patch +++ /dev/null @@ -1,226 +0,0 @@ -From 2017771e2db3e2b96f89bbe8766c3209f6a99545 Mon Sep 17 00:00:00 2001 -From: Pauli <pauli@openssl.org> -Date: Wed, 8 Mar 2023 15:28:20 +1100 -Subject: [PATCH] x509: excessive resource use verifying policy constraints - -A security vulnerability has been identified in all supported versions -of OpenSSL related to the verification of X.509 certificate chains -that include policy constraints. Attackers may be able to exploit this -vulnerability by creating a malicious certificate chain that triggers -exponential use of computational resources, leading to a denial-of-service -(DoS) attack on affected systems. - -Fixes CVE-2023-0464 - -Reviewed-by: Tomas Mraz <tomas@openssl.org> -Reviewed-by: Shane Lontis <shane.lontis@oracle.com> -(Merged from https://github.com/openssl/openssl/pull/20570) - -Upstream-Status: Backport from [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545] -CVE: CVE-2023-0464 -Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> - ---- - crypto/x509/pcy_local.h | 8 +++++++- - crypto/x509/pcy_node.c | 12 +++++++++--- - crypto/x509/pcy_tree.c | 36 ++++++++++++++++++++++++++---------- - 3 files changed, 42 insertions(+), 14 deletions(-) - -diff --git a/crypto/x509/pcy_local.h b/crypto/x509/pcy_local.h -index 18b53cc..cba107c 100644 ---- a/crypto/x509/pcy_local.h -+++ b/crypto/x509/pcy_local.h -@@ -111,6 +111,11 @@ struct X509_POLICY_LEVEL_st { - }; - - struct X509_POLICY_TREE_st { -+ /* The number of nodes in the tree */ -+ size_t node_count; -+ /* The maximum number of nodes in the tree */ -+ size_t node_maximum; -+ - /* This is the tree 'level' data */ - X509_POLICY_LEVEL *levels; - int nlevel; -@@ -157,7 +162,8 @@ X509_POLICY_NODE *ossl_policy_tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk, - X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - X509_POLICY_DATA *data, - X509_POLICY_NODE *parent, -- X509_POLICY_TREE *tree); -+ X509_POLICY_TREE *tree, -+ int extra_data); - void ossl_policy_node_free(X509_POLICY_NODE *node); - int ossl_policy_node_match(const X509_POLICY_LEVEL *lvl, - const X509_POLICY_NODE *node, const ASN1_OBJECT *oid); -diff --git a/crypto/x509/pcy_node.c b/crypto/x509/pcy_node.c -index 9d9a7ea..450f95a 100644 ---- a/crypto/x509/pcy_node.c -+++ b/crypto/x509/pcy_node.c -@@ -59,10 +59,15 @@ X509_POLICY_NODE *ossl_policy_level_find_node(const X509_POLICY_LEVEL *level, - X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - X509_POLICY_DATA *data, - X509_POLICY_NODE *parent, -- X509_POLICY_TREE *tree) -+ X509_POLICY_TREE *tree, -+ int extra_data) - { - X509_POLICY_NODE *node; - -+ /* Verify that the tree isn't too large. This mitigates CVE-2023-0464 */ -+ if (tree->node_maximum > 0 && tree->node_count >= tree->node_maximum) -+ return NULL; -+ - node = OPENSSL_zalloc(sizeof(*node)); - if (node == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); -@@ -70,7 +75,7 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - } - node->data = data; - node->parent = parent; -- if (level) { -+ if (level != NULL) { - if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) { - if (level->anyPolicy) - goto node_error; -@@ -90,7 +95,7 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - } - } - -- if (tree) { -+ if (extra_data) { - if (tree->extra_data == NULL) - tree->extra_data = sk_X509_POLICY_DATA_new_null(); - if (tree->extra_data == NULL){ -@@ -103,6 +108,7 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - } - } - -+ tree->node_count++; - if (parent) - parent->nchild++; - -diff --git a/crypto/x509/pcy_tree.c b/crypto/x509/pcy_tree.c -index fa45da5..f953a05 100644 ---- a/crypto/x509/pcy_tree.c -+++ b/crypto/x509/pcy_tree.c -@@ -14,6 +14,17 @@ - - #include "pcy_local.h" - -+/* -+ * If the maximum number of nodes in the policy tree isn't defined, set it to -+ * a generous default of 1000 nodes. -+ * -+ * Defining this to be zero means unlimited policy tree growth which opens the -+ * door on CVE-2023-0464. -+ */ -+#ifndef OPENSSL_POLICY_TREE_NODES_MAX -+# define OPENSSL_POLICY_TREE_NODES_MAX 1000 -+#endif -+ - static void expected_print(BIO *channel, - X509_POLICY_LEVEL *lev, X509_POLICY_NODE *node, - int indent) -@@ -163,6 +174,9 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, - return X509_PCY_TREE_INTERNAL; - } - -+ /* Limit the growth of the tree to mitigate CVE-2023-0464 */ -+ tree->node_maximum = OPENSSL_POLICY_TREE_NODES_MAX; -+ - /* - * http://tools.ietf.org/html/rfc5280#section-6.1.2, figure 3. - * -@@ -180,7 +194,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, - if ((data = ossl_policy_data_new(NULL, - OBJ_nid2obj(NID_any_policy), 0)) == NULL) - goto bad_tree; -- if (ossl_policy_level_add_node(level, data, NULL, tree) == NULL) { -+ if (ossl_policy_level_add_node(level, data, NULL, tree, 1) == NULL) { - ossl_policy_data_free(data); - goto bad_tree; - } -@@ -239,7 +253,8 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, - * Return value: 1 on success, 0 otherwise - */ - static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr, -- X509_POLICY_DATA *data) -+ X509_POLICY_DATA *data, -+ X509_POLICY_TREE *tree) - { - X509_POLICY_LEVEL *last = curr - 1; - int i, matched = 0; -@@ -249,13 +264,13 @@ static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr, - X509_POLICY_NODE *node = sk_X509_POLICY_NODE_value(last->nodes, i); - - if (ossl_policy_node_match(last, node, data->valid_policy)) { -- if (ossl_policy_level_add_node(curr, data, node, NULL) == NULL) -+ if (ossl_policy_level_add_node(curr, data, node, tree, 0) == NULL) - return 0; - matched = 1; - } - } - if (!matched && last->anyPolicy) { -- if (ossl_policy_level_add_node(curr, data, last->anyPolicy, NULL) == NULL) -+ if (ossl_policy_level_add_node(curr, data, last->anyPolicy, tree, 0) == NULL) - return 0; - } - return 1; -@@ -268,7 +283,8 @@ static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr, - * Return value: 1 on success, 0 otherwise. - */ - static int tree_link_nodes(X509_POLICY_LEVEL *curr, -- const X509_POLICY_CACHE *cache) -+ const X509_POLICY_CACHE *cache, -+ X509_POLICY_TREE *tree) - { - int i; - -@@ -276,7 +292,7 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr, - X509_POLICY_DATA *data = sk_X509_POLICY_DATA_value(cache->data, i); - - /* Look for matching nodes in previous level */ -- if (!tree_link_matching_nodes(curr, data)) -+ if (!tree_link_matching_nodes(curr, data, tree)) - return 0; - } - return 1; -@@ -307,7 +323,7 @@ static int tree_add_unmatched(X509_POLICY_LEVEL *curr, - /* Curr may not have anyPolicy */ - data->qualifier_set = cache->anyPolicy->qualifier_set; - data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS; -- if (ossl_policy_level_add_node(curr, data, node, tree) == NULL) { -+ if (ossl_policy_level_add_node(curr, data, node, tree, 1) == NULL) { - ossl_policy_data_free(data); - return 0; - } -@@ -370,7 +386,7 @@ static int tree_link_any(X509_POLICY_LEVEL *curr, - /* Finally add link to anyPolicy */ - if (last->anyPolicy && - ossl_policy_level_add_node(curr, cache->anyPolicy, -- last->anyPolicy, NULL) == NULL) -+ last->anyPolicy, tree, 0) == NULL) - return 0; - return 1; - } -@@ -553,7 +569,7 @@ static int tree_calculate_user_set(X509_POLICY_TREE *tree, - extra->flags = POLICY_DATA_FLAG_SHARED_QUALIFIERS - | POLICY_DATA_FLAG_EXTRA_NODE; - node = ossl_policy_level_add_node(NULL, extra, anyPolicy->parent, -- tree); -+ tree, 1); - } - if (!tree->user_policies) { - tree->user_policies = sk_X509_POLICY_NODE_new_null(); -@@ -580,7 +596,7 @@ static int tree_evaluate(X509_POLICY_TREE *tree) - - for (i = 1; i < tree->nlevel; i++, curr++) { - cache = ossl_policy_cache_set(curr->cert); -- if (!tree_link_nodes(curr, cache)) -+ if (!tree_link_nodes(curr, cache, tree)) - return X509_PCY_TREE_INTERNAL; - - if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY) --- -2.25.1 - diff --git a/poky/meta/recipes-connectivity/openssl/openssl_3.1.0.bb b/poky/meta/recipes-connectivity/openssl/openssl_3.1.2.bb index b319c66044..d55695dba4 100644 --- a/poky/meta/recipes-connectivity/openssl/openssl_3.1.0.bb +++ b/poky/meta/recipes-connectivity/openssl/openssl_3.1.2.bb @@ -12,14 +12,13 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://0001-Configure-do-not-tweak-mips-cflags.patch \ file://fix_random_labels.patch \ - file://CVE-2023-0464.patch \ " SRC_URI:append:class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[sha256sum] = "aaa925ad9828745c4cad9d9efeb273deca820f2cdcf2c3ac7d7c1212b7c497b4" +SRC_URI[sha256sum] = "a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539" inherit lib_package multilib_header multilib_script ptest perlnative MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" @@ -119,7 +118,7 @@ do_configure () { target=linux-ppc64le ;; linux-riscv32) - target=linux-generic32 + target=linux-latomic ;; linux-riscv64) target=linux-generic64 @@ -138,7 +137,9 @@ do_configure () { fi # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the # environment variables set by bitbake. Adjust the environment variables instead. - HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \ + PERLEXTERNAL="$(realpath ${S}/external/perl/Text-Template-*/lib)" + test -d "$PERLEXTERNAL" || bberror "PERLEXTERNAL '$PERLEXTERNAL' not found!" + HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="$PERLEXTERNAL" \ perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} ${DEPRECATED_CRYPTO_FLAGS} --prefix=$useprefix --openssldir=${libdir}/ssl-3 --libdir=${libdir} $target perl ${B}/configdata.pm --dump } diff --git a/poky/meta/recipes-core/busybox/busybox-inittab_1.36.0.bb b/poky/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb index 868d7a230f..868d7a230f 100644 --- a/poky/meta/recipes-core/busybox/busybox-inittab_1.36.0.bb +++ b/poky/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb diff --git a/poky/meta/recipes-core/busybox/busybox_1.36.0.bb b/poky/meta/recipes-core/busybox/busybox_1.36.1.bb index 8014a5c7bf..968dce65e4 100644 --- a/poky/meta/recipes-core/busybox/busybox_1.36.0.bb +++ b/poky/meta/recipes-core/busybox/busybox_1.36.1.bb @@ -53,4 +53,4 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ SRC_URI:append:libc-musl = " file://musl.cfg " # TODO http://lists.busybox.net/pipermail/busybox/2023-January/090078.html SRC_URI:append:x86 = " file://sha_accel.cfg" -SRC_URI[tarball.sha256sum] = "542750c8af7cb2630e201780b4f99f3dcceeb06f505b479ec68241c1e6af61a5" +SRC_URI[tarball.sha256sum] = "b8cc24c9574d809e7279c3be349795c5d5ceb6fdf19ca709f80cde50e47de314" diff --git a/poky/meta/recipes-core/dbus/dbus_1.14.6.bb b/poky/meta/recipes-core/dbus/dbus_1.14.8.bb index da25155773..b6c245d40b 100644 --- a/poky/meta/recipes-core/dbus/dbus_1.14.6.bb +++ b/poky/meta/recipes-core/dbus/dbus_1.14.8.bb @@ -16,7 +16,7 @@ SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.xz \ file://dbus-1.init \ " -SRC_URI[sha256sum] = "fd2bdf1bb89dc365a46531bff631536f22b0d1c6d5ce2c5c5e59b55265b3d66b" +SRC_URI[sha256sum] = "a6bd5bac5cf19f0c3c594bdae2565a095696980a683a0ef37cb6212e093bde35" EXTRA_OECONF = "--disable-xml-docs \ --disable-doxygen-docs \ diff --git a/poky/meta/recipes-core/dropbear/dropbear/CVE-2023-36328.patch b/poky/meta/recipes-core/dropbear/dropbear/CVE-2023-36328.patch new file mode 100644 index 0000000000..932503e507 --- /dev/null +++ b/poky/meta/recipes-core/dropbear/dropbear/CVE-2023-36328.patch @@ -0,0 +1,144 @@ +From beba892bc0d4e4ded4d667ab1d2a94f4d75109a9 Mon Sep 17 00:00:00 2001 +From: czurnieden <czurnieden@gmx.de> +Date: Fri, 8 Sep 2023 05:01:00 +0000 +Subject: [PATCH] Fix possible integer overflow + +CVE: CVE-2023-36328 + +Upstream-Status: Backport [https://github.com/libtom/libtommath/commit/beba892bc0d4e4ded4d667ab1d2a94f4d75109a9] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + libtommath/bn_mp_2expt.c | 4 ++++ + libtommath/bn_mp_grow.c | 4 ++++ + libtommath/bn_mp_init_size.c | 5 +++++ + libtommath/bn_mp_mul_2d.c | 4 ++++ + libtommath/bn_s_mp_mul_digs.c | 4 ++++ + libtommath/bn_s_mp_mul_digs_fast.c | 4 ++++ + libtommath/bn_s_mp_mul_high_digs.c | 4 ++++ + libtommath/bn_s_mp_mul_high_digs_fast.c | 4 ++++ + 8 files changed, 33 insertions(+) + +diff --git a/libtommath/bn_mp_2expt.c b/libtommath/bn_mp_2expt.c +index 0ae3df1..ca6fbc3 100644 +--- a/libtommath/bn_mp_2expt.c ++++ b/libtommath/bn_mp_2expt.c +@@ -12,6 +12,10 @@ mp_err mp_2expt(mp_int *a, int b) + { + mp_err err; + ++ if (b < 0) { ++ return MP_VAL; ++ } ++ + /* zero a as per default */ + mp_zero(a); + +diff --git a/libtommath/bn_mp_grow.c b/libtommath/bn_mp_grow.c +index 9e904c5..b9321f7 100644 +--- a/libtommath/bn_mp_grow.c ++++ b/libtommath/bn_mp_grow.c +@@ -9,6 +9,10 @@ mp_err mp_grow(mp_int *a, int size) + int i; + mp_digit *tmp; + ++ if (size < 0) { ++ return MP_VAL; ++ } ++ + /* if the alloc size is smaller alloc more ram */ + if (a->alloc < size) { + /* reallocate the array a->dp +diff --git a/libtommath/bn_mp_init_size.c b/libtommath/bn_mp_init_size.c +index d622687..5fefa96 100644 +--- a/libtommath/bn_mp_init_size.c ++++ b/libtommath/bn_mp_init_size.c +@@ -6,6 +6,11 @@ + /* init an mp_init for a given size */ + mp_err mp_init_size(mp_int *a, int size) + { ++ ++ if (size < 0) { ++ return MP_VAL; ++ } ++ + size = MP_MAX(MP_MIN_PREC, size); + + /* alloc mem */ +diff --git a/libtommath/bn_mp_mul_2d.c b/libtommath/bn_mp_mul_2d.c +index 87354de..2744163 100644 +--- a/libtommath/bn_mp_mul_2d.c ++++ b/libtommath/bn_mp_mul_2d.c +@@ -9,6 +9,10 @@ mp_err mp_mul_2d(const mp_int *a, int b, mp_int *c) + mp_digit d; + mp_err err; + ++ if (b < 0) { ++ return MP_VAL; ++ } ++ + /* copy */ + if (a != c) { + if ((err = mp_copy(a, c)) != MP_OKAY) { +diff --git a/libtommath/bn_s_mp_mul_digs.c b/libtommath/bn_s_mp_mul_digs.c +index 64509d4..2d2f5b0 100644 +--- a/libtommath/bn_s_mp_mul_digs.c ++++ b/libtommath/bn_s_mp_mul_digs.c +@@ -16,6 +16,10 @@ mp_err s_mp_mul_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs) + mp_word r; + mp_digit tmpx, *tmpt, *tmpy; + ++ if (digs < 0) { ++ return MP_VAL; ++ } ++ + /* can we use the fast multiplier? */ + if ((digs < MP_WARRAY) && + (MP_MIN(a->used, b->used) < MP_MAXFAST)) { +diff --git a/libtommath/bn_s_mp_mul_digs_fast.c b/libtommath/bn_s_mp_mul_digs_fast.c +index b2a287b..d6dd3cc 100644 +--- a/libtommath/bn_s_mp_mul_digs_fast.c ++++ b/libtommath/bn_s_mp_mul_digs_fast.c +@@ -26,6 +26,10 @@ mp_err s_mp_mul_digs_fast(const mp_int *a, const mp_int *b, mp_int *c, int digs) + mp_digit W[MP_WARRAY]; + mp_word _W; + ++ if (digs < 0) { ++ return MP_VAL; ++ } ++ + /* grow the destination as required */ + if (c->alloc < digs) { + if ((err = mp_grow(c, digs)) != MP_OKAY) { +diff --git a/libtommath/bn_s_mp_mul_high_digs.c b/libtommath/bn_s_mp_mul_high_digs.c +index 2bb2a50..860ebcb 100644 +--- a/libtommath/bn_s_mp_mul_high_digs.c ++++ b/libtommath/bn_s_mp_mul_high_digs.c +@@ -15,6 +15,10 @@ mp_err s_mp_mul_high_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs) + mp_word r; + mp_digit tmpx, *tmpt, *tmpy; + ++ if (digs < 0) { ++ return MP_VAL; ++ } ++ + /* can we use the fast multiplier? */ + if (MP_HAS(S_MP_MUL_HIGH_DIGS_FAST) + && ((a->used + b->used + 1) < MP_WARRAY) +diff --git a/libtommath/bn_s_mp_mul_high_digs_fast.c b/libtommath/bn_s_mp_mul_high_digs_fast.c +index a2c4fb6..afe3e4b 100644 +--- a/libtommath/bn_s_mp_mul_high_digs_fast.c ++++ b/libtommath/bn_s_mp_mul_high_digs_fast.c +@@ -19,6 +19,10 @@ mp_err s_mp_mul_high_digs_fast(const mp_int *a, const mp_int *b, mp_int *c, int + mp_digit W[MP_WARRAY]; + mp_word _W; + ++ if (digs < 0) { ++ return MP_VAL; ++ } ++ + /* grow the destination as required */ + pa = a->used + b->used; + if (c->alloc < pa) { +-- +2.35.5 diff --git a/poky/meta/recipes-core/dropbear/dropbear_2022.83.bb b/poky/meta/recipes-core/dropbear/dropbear_2022.83.bb index 0c7a8f4caa..12ac732f58 100644 --- a/poky/meta/recipes-core/dropbear/dropbear_2022.83.bb +++ b/poky/meta/recipes-core/dropbear/dropbear_2022.83.bb @@ -21,6 +21,7 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ file://dropbear.default \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} \ + file://CVE-2023-36328.patch \ " SRC_URI[sha256sum] = "bc5a121ffbc94b5171ad5ebe01be42746d50aa797c9549a4639894a16749443b" diff --git a/poky/meta/recipes-core/ell/ell_0.56.bb b/poky/meta/recipes-core/ell/ell_0.57.bb index 0ace622835..09a0831fbe 100644 --- a/poky/meta/recipes-core/ell/ell_0.56.bb +++ b/poky/meta/recipes-core/ell/ell_0.57.bb @@ -15,7 +15,7 @@ DEPENDS = "dbus" inherit autotools pkgconfig SRC_URI = "https://mirrors.edge.kernel.org/pub/linux/libs/${BPN}/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "58eb8b2b64087f7479d5db6a830a0656c536d93e5f11d4c9a4443ce8760a1b63" +SRC_URI[sha256sum] = "7603928ee584b758ca27c67e4dc513049a09b038d7d28459a9440f8443c91018" do_configure:prepend () { mkdir -p ${S}/build-aux diff --git a/poky/meta/recipes-core/glib-networking/glib-networking/eagain.patch b/poky/meta/recipes-core/glib-networking/glib-networking/eagain.patch index ac6592ffef..ee5b6a7beb 100644 --- a/poky/meta/recipes-core/glib-networking/glib-networking/eagain.patch +++ b/poky/meta/recipes-core/glib-networking/glib-networking/eagain.patch @@ -21,7 +21,7 @@ Index: glib-networking-2.74.0/tls/tests/connection.c MIN (TEST_DATA_LENGTH / 2, TEST_DATA_LENGTH - test->nread), NULL, &error); + -+ if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_BUSY)) ++ if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_WOULD_BLOCK)) + continue; + g_assert_no_error (error); diff --git a/poky/meta/recipes-core/glibc/glibc-locale.inc b/poky/meta/recipes-core/glibc/glibc-locale.inc index 760de9437b..289f58d4df 100644 --- a/poky/meta/recipes-core/glibc/glibc-locale.inc +++ b/poky/meta/recipes-core/glibc/glibc-locale.inc @@ -37,22 +37,22 @@ PACKAGES_DYNAMIC = "^locale-base-.* \ # Create a glibc-binaries package ALLOW_EMPTY:${BPN}-binaries = "1" PACKAGES += "${BPN}-binaries" -RRECOMMENDS:${BPN}-binaries = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-binary") != -1])}" +RRECOMMENDS:${BPN}-binaries = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-binary-") != -1])}" # Create a glibc-charmaps package ALLOW_EMPTY:${BPN}-charmaps = "1" PACKAGES += "${BPN}-charmaps" -RRECOMMENDS:${BPN}-charmaps = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-charmap") != -1])}" +RRECOMMENDS:${BPN}-charmaps = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-charmap-") != -1])}" # Create a glibc-gconvs package ALLOW_EMPTY:${BPN}-gconvs = "1" PACKAGES += "${BPN}-gconvs" -RRECOMMENDS:${BPN}-gconvs = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-gconv") != -1])}" +RRECOMMENDS:${BPN}-gconvs = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-gconv-") != -1])}" # Create a glibc-localedatas package ALLOW_EMPTY:${BPN}-localedatas = "1" PACKAGES += "${BPN}-localedatas" -RRECOMMENDS:${BPN}-localedatas = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-localedata") != -1])}" +RRECOMMENDS:${BPN}-localedatas = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-localedata-") != -1])}" DESCRIPTION:localedef = "glibc: compile locale definition files" diff --git a/poky/meta/recipes-core/glibc/glibc-testsuite_2.37.bb b/poky/meta/recipes-core/glibc/glibc-testsuite_2.37.bb index e8ad2a938b..2e076f4b0f 100644 --- a/poky/meta/recipes-core/glibc/glibc-testsuite_2.37.bb +++ b/poky/meta/recipes-core/glibc/glibc-testsuite_2.37.bb @@ -16,6 +16,7 @@ TOOLCHAIN_TEST_HOST_USER ??= "root" TOOLCHAIN_TEST_HOST_PORT ??= "2222" do_check[nostamp] = "1" +do_check[network] = "1" do_check:append () { chmod 0755 ${WORKDIR}/check-test-wrapper diff --git a/poky/meta/recipes-core/glibc/glibc-version.inc b/poky/meta/recipes-core/glibc/glibc-version.inc index 37bb9fd34f..ff2b2ade9d 100644 --- a/poky/meta/recipes-core/glibc/glibc-version.inc +++ b/poky/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.37/master" PV = "2.37" -SRCREV_glibc ?= "d8e1a7590d375159fb5aac07ad8111ab4699e994" +SRCREV_glibc ?= "58f7431fd77c0a6dd8df08d50c51ee3e7f09825f" SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" diff --git a/poky/meta/recipes-core/glibc/glibc/0023-CVE-2023-4527.patch b/poky/meta/recipes-core/glibc/glibc/0023-CVE-2023-4527.patch new file mode 100644 index 0000000000..211249211a --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0023-CVE-2023-4527.patch @@ -0,0 +1,219 @@ +From 4ea972b7edd7e36610e8cde18bf7a8149d7bac4f Mon Sep 17 00:00:00 2001 +From: Florian Weimer <fweimer@redhat.com> +Date: Wed, 13 Sep 2023 14:10:56 +0200 +Subject: [PATCH] CVE-2023-4527: Stack read overflow with large TCP responses + in no-aaaa mode + +Without passing alt_dns_packet_buffer, __res_context_search can only +store 2048 bytes (what fits into dns_packet_buffer). However, +the function returns the total packet size, and the subsequent +DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end +of the stack-allocated buffer. + +Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa +stub resolver option") and bug 30842. + +(cherry picked from commit bd77dd7e73e3530203be1c52c8a29d08270cb25d) + +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=4ea972b7edd7e36610e8cde18bf7a8149d7bac4f] +CVE: CVE-2023-4527 + +Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> + +--- + NEWS | 7 ++ + resolv/Makefile | 2 + + resolv/nss_dns/dns-host.c | 2 +- + resolv/tst-resolv-noaaaa-vc.c | 129 ++++++++++++++++++++++++++++++++++ + 4 files changed, 139 insertions(+), 1 deletion(-) + create mode 100644 resolv/tst-resolv-noaaaa-vc.c + +diff --git a/NEWS b/NEWS +--- a/NEWS ++++ b/NEWS +@@ -25,6 +25,7 @@ + [30101] gmon: fix memory corruption issues + [30125] dynamic-link: [regression, bisected] glibc-2.37 creates new + symlink for libraries without soname ++ [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) + [30151] gshadow: Matching sgetsgent, sgetsgent_r ERANGE handling + [30163] posix: Fix system blocks SIGCHLD erroneously + [30305] x86_64: Fix asm constraints in feraiseexcept +@@ -54,6 +55,12 @@ + heap and prints it to the target log file, potentially revealing a + portion of the contents of the heap. + ++ CVE-2023-4527: If the system is configured in no-aaaa mode via ++ /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address ++ family, and a DNS response is received over TCP that is larger than ++ 2048 bytes, getaddrinfo may potentially disclose stack contents via ++ the returned address data, or crash. ++ + The following bugs are resolved with this release: + + [12154] network: Cannot resolve hosts which have wildcard aliases +diff --git a/resolv/Makefile b/resolv/Makefile +--- a/resolv/Makefile ++++ b/resolv/Makefile +@@ -101,6 +101,7 @@ + tst-resolv-invalid-cname \ + tst-resolv-network \ + tst-resolv-noaaaa \ ++ tst-resolv-noaaaa-vc \ + tst-resolv-nondecimal \ + tst-resolv-res_init-multi \ + tst-resolv-search \ +@@ -292,6 +293,7 @@ + $(objpfx)tst-resolv-invalid-cname: $(objpfx)libresolv.so \ + $(shared-thread-library) + $(objpfx)tst-resolv-noaaaa: $(objpfx)libresolv.so $(shared-thread-library) ++$(objpfx)tst-resolv-noaaaa-vc: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) + $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library) +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c +--- a/resolv/nss_dns/dns-host.c ++++ b/resolv/nss_dns/dns-host.c +@@ -427,7 +427,7 @@ + { + n = __res_context_search (ctx, name, C_IN, T_A, + dns_packet_buffer, sizeof (dns_packet_buffer), +- NULL, NULL, NULL, NULL, NULL); ++ &alt_dns_packet_buffer, NULL, NULL, NULL, NULL); + if (n >= 0) + status = gaih_getanswer_noaaaa (alt_dns_packet_buffer, n, + &abuf, pat, errnop, herrnop, ttlp); +diff --git a/resolv/tst-resolv-noaaaa-vc.c b/resolv/tst-resolv-noaaaa-vc.c +new file mode 100644 +--- /dev/null ++++ b/resolv/tst-resolv-noaaaa-vc.c +@@ -0,0 +1,129 @@ ++/* Test the RES_NOAAAA resolver option with a large response. ++ Copyright (C) 2022-2023 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ <https://www.gnu.org/licenses/>. */ ++ ++#include <errno.h> ++#include <netdb.h> ++#include <resolv.h> ++#include <stdbool.h> ++#include <stdlib.h> ++#include <support/check.h> ++#include <support/check_nss.h> ++#include <support/resolv_test.h> ++#include <support/support.h> ++#include <support/xmemstream.h> ++ ++/* Used to keep track of the number of queries. */ ++static volatile unsigned int queries; ++ ++/* If true, add a large TXT record at the start of the answer section. */ ++static volatile bool stuff_txt; ++ ++static void ++response (const struct resolv_response_context *ctx, ++ struct resolv_response_builder *b, ++ const char *qname, uint16_t qclass, uint16_t qtype) ++{ ++ /* If not using TCP, just force its use. */ ++ if (!ctx->tcp) ++ { ++ struct resolv_response_flags flags = {.tc = true}; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ return; ++ } ++ ++ /* The test needs to send four queries, the first three are used to ++ grow the NSS buffer via the ERANGE handshake. */ ++ ++queries; ++ TEST_VERIFY (queries <= 4); ++ ++ /* AAAA queries are supposed to be disabled. */ ++ TEST_COMPARE (qtype, T_A); ++ TEST_COMPARE (qclass, C_IN); ++ TEST_COMPARE_STRING (qname, "example.com"); ++ ++ struct resolv_response_flags flags = {}; ++ resolv_response_init (b, flags); ++ resolv_response_add_question (b, qname, qclass, qtype); ++ ++ resolv_response_section (b, ns_s_an); ++ ++ if (stuff_txt) ++ { ++ resolv_response_open_record (b, qname, qclass, T_TXT, 60); ++ int zero = 0; ++ for (int i = 0; i <= 15000; ++i) ++ resolv_response_add_data (b, &zero, sizeof (zero)); ++ resolv_response_close_record (b); ++ } ++ ++ for (int i = 0; i < 200; ++i) ++ { ++ resolv_response_open_record (b, qname, qclass, qtype, 60); ++ char ipv4[4] = {192, 0, 2, i + 1}; ++ resolv_response_add_data (b, &ipv4, sizeof (ipv4)); ++ resolv_response_close_record (b); ++ } ++} ++ ++static int ++do_test (void) ++{ ++ struct resolv_test *obj = resolv_test_start ++ ((struct resolv_redirect_config) ++ { ++ .response_callback = response ++ }); ++ ++ _res.options |= RES_NOAAAA; ++ ++ for (int do_stuff_txt = 0; do_stuff_txt < 2; ++do_stuff_txt) ++ { ++ queries = 0; ++ stuff_txt = do_stuff_txt; ++ ++ struct addrinfo *ai = NULL; ++ int ret; ++ ret = getaddrinfo ("example.com", "80", ++ &(struct addrinfo) ++ { ++ .ai_family = AF_UNSPEC, ++ .ai_socktype = SOCK_STREAM, ++ }, &ai); ++ ++ char *expected_result; ++ { ++ struct xmemstream mem; ++ xopen_memstream (&mem); ++ for (int i = 0; i < 200; ++i) ++ fprintf (mem.out, "address: STREAM/TCP 192.0.2.%d 80\n", i + 1); ++ xfclose_memstream (&mem); ++ expected_result = mem.buffer; ++ } ++ ++ check_addrinfo ("example.com", ai, ret, expected_result); ++ ++ free (expected_result); ++ freeaddrinfo (ai); ++ } ++ ++ resolv_test_end (obj); ++ return 0; ++} ++ ++#include <support/test-driver.c> diff --git a/poky/meta/recipes-core/glibc/glibc/check-test-wrapper b/poky/meta/recipes-core/glibc/glibc/check-test-wrapper index 6ec9b9b29e..5cc993f718 100644 --- a/poky/meta/recipes-core/glibc/glibc/check-test-wrapper +++ b/poky/meta/recipes-core/glibc/glibc/check-test-wrapper @@ -58,7 +58,7 @@ elif targettype == "ssh": user = os.environ.get("SSH_HOST_USER", None) port = os.environ.get("SSH_HOST_PORT", None) - command = ["ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no"] + command = ["ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "LogLevel=quiet"] if port: command += ["-p", str(port)] if not host: diff --git a/poky/meta/recipes-core/glibc/glibc_2.37.bb b/poky/meta/recipes-core/glibc/glibc_2.37.bb index b27f98fb19..caf454f368 100644 --- a/poky/meta/recipes-core/glibc/glibc_2.37.bb +++ b/poky/meta/recipes-core/glibc/glibc_2.37.bb @@ -49,6 +49,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0020-tzselect.ksh-Use-bin-sh-default-shell-interpreter.patch \ file://0021-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \ file://0022-Avoid-hardcoded-build-time-paths-in-the-output-binar.patch \ + file://0023-CVE-2023-4527.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" @@ -103,10 +104,12 @@ do_configure () { # version check and doesn't really help with anything (cd ${S} && gnu-configize) || die "failure in running gnu-configize" find ${S} -name "configure" | xargs touch - CPPFLAGS="" oe_runconf + CPPFLAGS="" LD="${HOST_PREFIX}ld.bfd ${TOOLCHAIN_OPTIONS}" oe_runconf } LDFLAGS += "-fuse-ld=bfd" +CC += "-fuse-ld=bfd" + do_compile () { base_do_compile echo "Adjust ldd script" diff --git a/poky/meta/recipes-core/ifupdown/ifupdown_0.8.41.bb b/poky/meta/recipes-core/ifupdown/ifupdown_0.8.41.bb index 5dbd6193b8..16425ea9e4 100644 --- a/poky/meta/recipes-core/ifupdown/ifupdown_0.8.41.bb +++ b/poky/meta/recipes-core/ifupdown/ifupdown_0.8.41.bb @@ -42,6 +42,11 @@ do_install () { install -m 0644 ifup.8 ${D}${mandir}/man8 install -m 0644 interfaces.5 ${D}${mandir}/man5 cd ${D}${mandir}/man8 && ln -s ifup.8 ifdown.8 + + install -d ${D}${sysconfdir}/network/if-pre-up.d + install -d ${D}${sysconfdir}/network/if-up.d + install -d ${D}${sysconfdir}/network/if-down.d + install -d ${D}${sysconfdir}/network/if-post-down.d } do_install_ptest () { diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 7ac9fddf2d..a70d2d16bb 100644 --- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -26,7 +26,7 @@ inherit core-image setuptools3 features_check REQUIRED_DISTRO_FEATURES += "xattr" -SRCREV ?= "ad1f61d8667b7f3663883112e0cd36112659b603" +SRCREV ?= "500101cc152bdba0c69936be8d71682a731cf21d" SRC_URI = "git://git.yoctoproject.org/poky;branch=mickledore \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ diff --git a/poky/meta/recipes-core/images/core-image-ptest.bb b/poky/meta/recipes-core/images/core-image-ptest.bb index 90c26641ba..ddc56c8f9f 100644 --- a/poky/meta/recipes-core/images/core-image-ptest.bb +++ b/poky/meta/recipes-core/images/core-image-ptest.bb @@ -19,6 +19,7 @@ BBCLASSEXTEND = "${@' '.join(['mcextend:'+x for x in d.getVar('PTESTS').split()] # strace-ptest in particular needs more than 500MB IMAGE_OVERHEAD_FACTOR = "1.0" IMAGE_ROOTFS_EXTRA_SPACE = "324288" +IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-mdadm = "1524288" IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-strace = "1024288" IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-lttng-tools = "1524288" diff --git a/poky/meta/recipes-core/libxcrypt/libxcrypt.inc b/poky/meta/recipes-core/libxcrypt/libxcrypt.inc index 61b0381076..454a55d73d 100644 --- a/poky/meta/recipes-core/libxcrypt/libxcrypt.inc +++ b/poky/meta/recipes-core/libxcrypt/libxcrypt.inc @@ -17,12 +17,6 @@ SRC_URI += "file://fix_cflags_handling.patch" PROVIDES = "virtual/crypt" -FILES:${PN} = "${libdir}/libcrypt*.so.* \ - ${libdir}/libcrypt-*.so \ - ${libdir}/libowcrypt*.so.* \ - ${libdir}/libowcrypt-*.so \ -" - S = "${WORKDIR}/git" BUILD_CPPFLAGS = "-I${STAGING_INCDIR_NATIVE}" diff --git a/poky/meta/recipes-core/libxml/libxml2_2.10.3.bb b/poky/meta/recipes-core/libxml/libxml2_2.10.4.bb index 0ccd48964f..4f3b17093e 100644 --- a/poky/meta/recipes-core/libxml/libxml2_2.10.3.bb +++ b/poky/meta/recipes-core/libxml/libxml2_2.10.4.bb @@ -21,7 +21,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20130923.tar;subdir=${BP};name=testt file://libxml-m4-use-pkgconfig.patch \ " -SRC_URI[archive.sha256sum] = "5d2cc3d78bec3dbe212a9d7fa629ada25a7da928af432c93060ff5c17ee28a9c" +SRC_URI[archive.sha256sum] = "ed0c91c5845008f1936739e4eee2035531c1c94742c6541f44ee66d885948d45" SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273" BINCONFIG = "${bindir}/xml2-config" @@ -40,6 +40,8 @@ inherit autotools pkgconfig binconfig-disabled ptest inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3targetconfig', '', d)} +LDFLAGS:append:riscv64 = "${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-lld ptest', ' -fuse-ld=bfd', '', d)}" + RDEPENDS:${PN}-ptest += "bash make locale-base-en-us ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}" RDEPENDS:${PN}-python += "${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3-core', '', d)}" diff --git a/poky/meta/recipes-core/meta/build-sysroots.bb b/poky/meta/recipes-core/meta/build-sysroots.bb index ad22a75eb2..1a3b692a1b 100644 --- a/poky/meta/recipes-core/meta/build-sysroots.bb +++ b/poky/meta/recipes-core/meta/build-sysroots.bb @@ -1,5 +1,6 @@ -INHIBIT_DEFAULT_DEPS = "1" LICENSE = "MIT" +SUMMARY = "Build old style sysroot based on everything in the components directory that matches the current MACHINE" +INHIBIT_DEFAULT_DEPS = "1" STANDALONE_SYSROOT = "${STAGING_DIR}/${MACHINE}" STANDALONE_SYSROOT_NATIVE = "${STAGING_DIR}/${BUILD_ARCH}" @@ -16,6 +17,10 @@ deltask configure deltask compile deltask install deltask populate_sysroot +deltask create_spdx +deltask collect_spdx_deps +deltask create_runtime_spdx +deltask recipe_qa python do_build_native_sysroot () { targetsysroot = d.getVar("STANDALONE_SYSROOT") diff --git a/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb b/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb index 2b585983ac..2f7dad7e82 100644 --- a/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb @@ -17,6 +17,10 @@ deltask do_populate_sysroot NVDCVE_URL ?= "https://services.nvd.nist.gov/rest/json/cves/2.0" +# If you have a NVD API key (https://nvd.nist.gov/developers/request-an-api-key) +# then setting this to get higher rate limits. +NVDCVE_API_KEY ?= "" + # CVE database update interval, in seconds. By default: once a day (24*60*60). # Use 0 to force the update # Use a negative value to skip the update @@ -119,18 +123,16 @@ def nvd_request_next(url, api_key, args): import urllib.parse import gzip import http + import time - headers = {} + request = urllib.request.Request(url + "?" + urllib.parse.urlencode(args)) if api_key: - headers['apiKey'] = api_key - - data = urllib.parse.urlencode(args) - - full_request = url + '?' + data + request.add_header("apiKey", api_key) + bb.note("Requesting %s" % request.full_url) - for attempt in range(3): + for attempt in range(5): try: - r = urllib.request.urlopen(full_request) + r = urllib.request.urlopen(request) if (r.headers['content-encoding'] == 'gzip'): buf = r.read() @@ -140,13 +142,9 @@ def nvd_request_next(url, api_key, args): r.close() - except UnicodeDecodeError: - # Received garbage, retry - bb.debug(2, "CVE database: received malformed data, retrying (request: %s)" %(full_request)) - pass - except http.client.IncompleteRead: - # Read incomplete, let's try again - bb.debug(2, "CVE database: received incomplete data, retrying (request: %s)" %(full_request)) + except Exception as e: + bb.note("CVE database: received error (%s), retrying" % (e)) + time.sleep(6) pass else: return raw_data @@ -172,11 +170,11 @@ def update_db_file(db_tmp_file, d, database_time): # The maximum range for time is 120 days # Force a complete update if our range is longer if (database_time != 0): - database_date = datetime.datetime.combine(datetime.date.fromtimestamp(database_time), datetime.time()) - today_date = datetime.datetime.combine(datetime.date.today(), datetime.time()) + database_date = datetime.datetime.fromtimestamp(database_time, tz=datetime.timezone.utc) + today_date = datetime.datetime.now(tz=datetime.timezone.utc) delta = today_date - database_date if delta.days < 120: - bb.debug(2, "CVE database: performing partial update") + bb.note("CVE database: performing partial update") req_args['lastModStartDate'] = database_date.isoformat() req_args['lastModEndDate'] = today_date.isoformat() else: @@ -184,12 +182,14 @@ def update_db_file(db_tmp_file, d, database_time): with bb.progress.ProgressHandler(d) as ph, open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') as cve_f: - bb.debug(2, "Updating entries") + bb.note("Updating entries") index = 0 url = d.getVar("NVDCVE_URL") + api_key = d.getVar("NVDCVE_API_KEY") or None + while True: req_args['startIndex'] = index - raw_data = nvd_request_next(url, None, req_args) + raw_data = nvd_request_next(url, api_key, req_args) if raw_data is None: # We haven't managed to download data return False @@ -199,7 +199,7 @@ def update_db_file(db_tmp_file, d, database_time): index = data["startIndex"] total = data["totalResults"] per_page = data["resultsPerPage"] - + bb.note("Got %d entries" % per_page) for cve in data["vulnerabilities"]: update_db(conn, cve) @@ -312,22 +312,30 @@ def update_db(conn, elt): cvssv2 = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['baseScore'] except KeyError: cvssv2 = 0.0 + cvssv3 = None try: - accessVector = accessVector or elt['impact']['baseMetricV3']['cvssV3']['attackVector'] - cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore'] + accessVector = accessVector or elt['cve']['metrics']['cvssMetricV30'][0]['cvssData']['attackVector'] + cvssv3 = elt['cve']['metrics']['cvssMetricV30'][0]['cvssData']['baseScore'] except KeyError: - accessVector = accessVector or "UNKNOWN" - cvssv3 = 0.0 + pass + try: + accessVector = accessVector or elt['cve']['metrics']['cvssMetricV31'][0]['cvssData']['attackVector'] + cvssv3 = cvssv3 or elt['cve']['metrics']['cvssMetricV31'][0]['cvssData']['baseScore'] + except KeyError: + pass + accessVector = accessVector or "UNKNOWN" + cvssv3 = cvssv3 or 0.0 conn.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close() try: - configurations = elt['cve']['configurations'][0]['nodes'] - for config in configurations: - parse_node_and_insert(conn, config, cveId) + for config in elt['cve']['configurations']: + # This is suboptimal as it doesn't handle AND/OR and negate, but is better than nothing + for node in config["nodes"]: + parse_node_and_insert(conn, node, cveId) except KeyError: - bb.debug(2, "Entry without a configuration") + bb.note("CVE %s has no configurations" % cveId) do_fetch[nostamp] = "1" diff --git a/poky/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch b/poky/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch new file mode 100644 index 0000000000..1232c8c2a8 --- /dev/null +++ b/poky/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch @@ -0,0 +1,462 @@ +From 3d54a41f12e9aa059f06e66e72d872f2283395b6 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Sun, 30 Jul 2023 21:14:00 -0700 +Subject: [PATCH] Fix CVE-2023-29491 + +CVE: CVE-2023-29491 + +Upstream-Status: Backport [http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + ncurses/tinfo/lib_tgoto.c | 10 +++- + ncurses/tinfo/lib_tparm.c | 116 ++++++++++++++++++++++++++++++++----- + ncurses/tinfo/read_entry.c | 3 + + progs/tic.c | 6 ++ + progs/tparm_type.c | 9 +++ + progs/tparm_type.h | 2 + + progs/tput.c | 61 ++++++++++++++++--- + 7 files changed, 185 insertions(+), 22 deletions(-) + +diff --git a/ncurses/tinfo/lib_tgoto.c b/ncurses/tinfo/lib_tgoto.c +index 9cf5e100..c50ed4df 100644 +--- a/ncurses/tinfo/lib_tgoto.c ++++ b/ncurses/tinfo/lib_tgoto.c +@@ -207,6 +207,14 @@ tgoto(const char *string, int x, int y) + result = tgoto_internal(string, x, y); + else + #endif +- result = TIPARM_2(string, y, x); ++ if ((result = TIPARM_2(string, y, x)) == NULL) { ++ /* ++ * Because termcap did not provide a more general solution such as ++ * tparm(), it was necessary to handle single-parameter capabilities ++ * using tgoto(). The internal _nc_tiparm() function returns a NULL ++ * for that case; retry for the single-parameter case. ++ */ ++ result = TIPARM_1(string, y); ++ } + returnPtr(result); + } +diff --git a/ncurses/tinfo/lib_tparm.c b/ncurses/tinfo/lib_tparm.c +index d9bdfd8f..a10a3877 100644 +--- a/ncurses/tinfo/lib_tparm.c ++++ b/ncurses/tinfo/lib_tparm.c +@@ -1086,6 +1086,64 @@ tparam_internal(TPARM_STATE *tps, const char *string, TPARM_DATA *data) + return (TPS(out_buff)); + } + ++#ifdef CUR ++/* ++ * Only a few standard capabilities accept string parameters. The others that ++ * are parameterized accept only numeric parameters. ++ */ ++static bool ++check_string_caps(TPARM_DATA *data, const char *string) ++{ ++ bool result = FALSE; ++ ++#define CHECK_CAP(name) (VALID_STRING(name) && !strcmp(name, string)) ++ ++ /* ++ * Disallow string parameters unless we can check them against a terminal ++ * description. ++ */ ++ if (cur_term != NULL) { ++ int want_type = 0; ++ ++ if (CHECK_CAP(pkey_key)) ++ want_type = 2; /* function key #1, type string #2 */ ++ else if (CHECK_CAP(pkey_local)) ++ want_type = 2; /* function key #1, execute string #2 */ ++ else if (CHECK_CAP(pkey_xmit)) ++ want_type = 2; /* function key #1, transmit string #2 */ ++ else if (CHECK_CAP(plab_norm)) ++ want_type = 2; /* label #1, show string #2 */ ++ else if (CHECK_CAP(pkey_plab)) ++ want_type = 6; /* function key #1, type string #2, show string #3 */ ++#if NCURSES_XNAMES ++ else { ++ char *check; ++ ++ check = tigetstr("Cs"); ++ if (CHECK_CAP(check)) ++ want_type = 1; /* style #1 */ ++ ++ check = tigetstr("Ms"); ++ if (CHECK_CAP(check)) ++ want_type = 3; /* storage unit #1, content #2 */ ++ } ++#endif ++ ++ if (want_type == data->tparm_type) { ++ result = TRUE; ++ } else { ++ T(("unexpected string-parameter")); ++ } ++ } ++ return result; ++} ++ ++#define ValidCap() (myData.tparm_type == 0 || \ ++ check_string_caps(&myData, string)) ++#else ++#define ValidCap() 1 ++#endif ++ + #if NCURSES_TPARM_VARARGS + + NCURSES_EXPORT(char *) +@@ -1100,7 +1158,7 @@ tparm(const char *string, ...) + tps->tname = "tparm"; + #endif /* TRACE */ + +- if (tparm_setup(cur_term, string, &myData) == OK) { ++ if (tparm_setup(cur_term, string, &myData) == OK && ValidCap()) { + va_list ap; + + va_start(ap, string); +@@ -1135,7 +1193,7 @@ tparm(const char *string, + tps->tname = "tparm"; + #endif /* TRACE */ + +- if (tparm_setup(cur_term, string, &myData) == OK) { ++ if (tparm_setup(cur_term, string, &myData) == OK && ValidCap()) { + + myData.param[0] = a1; + myData.param[1] = a2; +@@ -1166,7 +1224,7 @@ tiparm(const char *string, ...) + tps->tname = "tiparm"; + #endif /* TRACE */ + +- if (tparm_setup(cur_term, string, &myData) == OK) { ++ if (tparm_setup(cur_term, string, &myData) == OK && ValidCap()) { + va_list ap; + + va_start(ap, string); +@@ -1179,7 +1237,25 @@ tiparm(const char *string, ...) + } + + /* +- * The internal-use flavor ensures that the parameters are numbers, not strings ++ * The internal-use flavor ensures that parameters are numbers, not strings. ++ * In addition to ensuring that they are numbers, it ensures that the parameter ++ * count is consistent with intended usage. ++ * ++ * Unlike the general-purpose tparm/tiparm, these internal calls are fairly ++ * well defined: ++ * ++ * expected == 0 - not applicable ++ * expected == 1 - set color, or vertical/horizontal addressing ++ * expected == 2 - cursor addressing ++ * expected == 4 - initialize color or color pair ++ * expected == 9 - set attributes ++ * ++ * Only for the last case (set attributes) should a parameter be optional. ++ * Also, a capability which calls for more parameters than expected should be ++ * ignored. ++ * ++ * Return a null if the parameter-checks fail. Otherwise, return a pointer to ++ * the formatted capability string. + */ + NCURSES_EXPORT(char *) + _nc_tiparm(int expected, const char *string, ...) +@@ -1189,22 +1265,36 @@ _nc_tiparm(int expected, const char *string, ...) + char *result = NULL; + + _nc_tparm_err = 0; ++ T((T_CALLED("_nc_tiparm(%d, %s, ...)"), expected, _nc_visbuf(string))); + #ifdef TRACE + tps->tname = "_nc_tiparm"; + #endif /* TRACE */ + +- if (tparm_setup(cur_term, string, &myData) == OK +- && myData.num_actual <= expected +- && myData.tparm_type == 0) { +- va_list ap; ++ if (tparm_setup(cur_term, string, &myData) == OK && ValidCap()) { ++ if (myData.num_actual == 0) { ++ T(("missing parameter%s, expected %s%d", ++ expected > 1 ? "s" : "", ++ expected == 9 ? "up to " : "", ++ expected)); ++ } else if (myData.num_actual > expected) { ++ T(("too many parameters, have %d, expected %d", ++ myData.num_actual, ++ expected)); ++ } else if (expected != 9 && myData.num_actual != expected) { ++ T(("expected %d parameters, have %d", ++ myData.num_actual, ++ expected)); ++ } else { ++ va_list ap; + +- va_start(ap, string); +- tparm_copy_valist(&myData, FALSE, ap); +- va_end(ap); ++ va_start(ap, string); ++ tparm_copy_valist(&myData, FALSE, ap); ++ va_end(ap); + +- result = tparam_internal(tps, string, &myData); ++ result = tparam_internal(tps, string, &myData); ++ } + } +- return result; ++ returnPtr(result); + } + + /* +diff --git a/ncurses/tinfo/read_entry.c b/ncurses/tinfo/read_entry.c +index 2b1875ed..341337d2 100644 +--- a/ncurses/tinfo/read_entry.c ++++ b/ncurses/tinfo/read_entry.c +@@ -323,6 +323,9 @@ _nc_read_termtype(TERMTYPE2 *ptr, char *buffer, int limit) + || bool_count < 0 + || num_count < 0 + || str_count < 0 ++ || bool_count > BOOLCOUNT ++ || num_count > NUMCOUNT ++ || str_count > STRCOUNT + || str_size < 0) { + returnDB(TGETENT_NO); + } +diff --git a/progs/tic.c b/progs/tic.c +index 93a0b491..888927e2 100644 +--- a/progs/tic.c ++++ b/progs/tic.c +@@ -2270,9 +2270,15 @@ check_1_infotocap(const char *name, NCURSES_CONST char *value, int count) + + _nc_reset_tparm(NULL); + switch (actual) { ++ case Str: ++ result = TPARM_1(value, strings[1]); ++ break; + case Num_Str: + result = TPARM_2(value, numbers[1], strings[2]); + break; ++ case Str_Str: ++ result = TPARM_2(value, strings[1], strings[2]); ++ break; + case Num_Str_Str: + result = TPARM_3(value, numbers[1], strings[2], strings[3]); + break; +diff --git a/progs/tparm_type.c b/progs/tparm_type.c +index 3da4a077..644aa62a 100644 +--- a/progs/tparm_type.c ++++ b/progs/tparm_type.c +@@ -47,6 +47,7 @@ tparm_type(const char *name) + {code, {longname} }, \ + {code, {ti} }, \ + {code, {tc} } ++#define XD(code, onlyname) TD(code, onlyname, onlyname, onlyname) + TParams result = Numbers; + /* *INDENT-OFF* */ + static const struct { +@@ -58,6 +59,10 @@ tparm_type(const char *name) + TD(Num_Str, "pkey_xmit", "pfx", "px"), + TD(Num_Str, "plab_norm", "pln", "pn"), + TD(Num_Str_Str, "pkey_plab", "pfxl", "xl"), ++#if NCURSES_XNAMES ++ XD(Str, "Cs"), ++ XD(Str_Str, "Ms"), ++#endif + }; + /* *INDENT-ON* */ + +@@ -80,12 +85,16 @@ guess_tparm_type(int nparam, char **p_is_s) + case 1: + if (!p_is_s[0]) + result = Numbers; ++ if (p_is_s[0]) ++ result = Str; + break; + case 2: + if (!p_is_s[0] && !p_is_s[1]) + result = Numbers; + if (!p_is_s[0] && p_is_s[1]) + result = Num_Str; ++ if (p_is_s[0] && p_is_s[1]) ++ result = Str_Str; + break; + case 3: + if (!p_is_s[0] && !p_is_s[1] && !p_is_s[2]) +diff --git a/progs/tparm_type.h b/progs/tparm_type.h +index 7c102a30..af5bcf0f 100644 +--- a/progs/tparm_type.h ++++ b/progs/tparm_type.h +@@ -45,8 +45,10 @@ + typedef enum { + Other = -1 + ,Numbers = 0 ++ ,Str + ,Num_Str + ,Num_Str_Str ++ ,Str_Str + } TParams; + + extern TParams tparm_type(const char *name); +diff --git a/progs/tput.c b/progs/tput.c +index 4cd0c5ba..41508b72 100644 +--- a/progs/tput.c ++++ b/progs/tput.c +@@ -1,5 +1,5 @@ + /**************************************************************************** +- * Copyright 2018-2021,2022 Thomas E. Dickey * ++ * Copyright 2018-2022,2023 Thomas E. Dickey * + * Copyright 1998-2016,2017 Free Software Foundation, Inc. * + * * + * Permission is hereby granted, free of charge, to any person obtaining a * +@@ -47,12 +47,15 @@ + #include <transform.h> + #include <tty_settings.h> + +-MODULE_ID("$Id: tput.c,v 1.99 2022/02/26 23:19:31 tom Exp $") ++MODULE_ID("$Id: tput.c,v 1.102 2023/04/08 16:26:36 tom Exp $") + + #define PUTS(s) fputs(s, stdout) + + const char *_nc_progname = "tput"; + ++static bool opt_v = FALSE; /* quiet, do not show warnings */ ++static bool opt_x = FALSE; /* clear scrollback if possible */ ++ + static bool is_init = FALSE; + static bool is_reset = FALSE; + static bool is_clear = FALSE; +@@ -81,6 +84,7 @@ usage(const char *optstring) + KEEP(" -S << read commands from standard input") + KEEP(" -T TERM use this instead of $TERM") + KEEP(" -V print curses-version") ++ KEEP(" -v verbose, show warnings") + KEEP(" -x do not try to clear scrollback") + KEEP("") + KEEP("Commands:") +@@ -148,7 +152,7 @@ exit_code(int token, int value) + * Returns nonzero on error. + */ + static int +-tput_cmd(int fd, TTY * settings, bool opt_x, int argc, char **argv, int *used) ++tput_cmd(int fd, TTY * settings, int argc, char **argv, int *used) + { + NCURSES_CONST char *name; + char *s; +@@ -231,7 +235,9 @@ tput_cmd(int fd, TTY * settings, bool opt_x, int argc, char **argv, int *used) + } else if (VALID_STRING(s)) { + if (argc > 1) { + int k; ++ int narg; + int analyzed; ++ int provided; + int popcount; + long numbers[1 + NUM_PARM]; + char *strings[1 + NUM_PARM]; +@@ -271,14 +277,45 @@ tput_cmd(int fd, TTY * settings, bool opt_x, int argc, char **argv, int *used) + + popcount = 0; + _nc_reset_tparm(NULL); ++ /* ++ * Count the number of numeric parameters which are provided. ++ */ ++ provided = 0; ++ for (narg = 1; narg < argc; ++narg) { ++ char *ending = NULL; ++ long check = strtol(argv[narg], &ending, 10); ++ if (check < 0 || ending == argv[narg] || *ending != '\0') ++ break; ++ provided = narg; ++ } + switch (paramType) { ++ case Str: ++ s = TPARM_1(s, strings[1]); ++ analyzed = 1; ++ if (provided == 0 && argc >= 1) ++ provided++; ++ break; ++ case Str_Str: ++ s = TPARM_2(s, strings[1], strings[2]); ++ analyzed = 2; ++ if (provided == 0 && argc >= 1) ++ provided++; ++ if (provided == 1 && argc >= 2) ++ provided++; ++ break; + case Num_Str: + s = TPARM_2(s, numbers[1], strings[2]); + analyzed = 2; ++ if (provided == 1 && argc >= 2) ++ provided++; + break; + case Num_Str_Str: + s = TPARM_3(s, numbers[1], strings[2], strings[3]); + analyzed = 3; ++ if (provided == 1 && argc >= 2) ++ provided++; ++ if (provided == 2 && argc >= 3) ++ provided++; + break; + case Numbers: + analyzed = _nc_tparm_analyze(NULL, s, p_is_s, &popcount); +@@ -316,7 +353,13 @@ tput_cmd(int fd, TTY * settings, bool opt_x, int argc, char **argv, int *used) + if (analyzed < popcount) { + analyzed = popcount; + } +- *used += analyzed; ++ if (opt_v && (analyzed != provided)) { ++ fprintf(stderr, "%s: %s parameters for \"%s\"\n", ++ _nc_progname, ++ (analyzed < provided ? "extra" : "missing"), ++ argv[0]); ++ } ++ *used += provided; + } + + /* use putp() in order to perform padding */ +@@ -339,7 +382,6 @@ main(int argc, char **argv) + int used; + TTY old_settings; + TTY tty_settings; +- bool opt_x = FALSE; /* clear scrollback if possible */ + bool is_alias; + bool need_tty; + +@@ -348,7 +390,7 @@ main(int argc, char **argv) + + term = getenv("TERM"); + +- while ((c = getopt(argc, argv, is_alias ? "T:Vx" : "ST:Vx")) != -1) { ++ while ((c = getopt(argc, argv, is_alias ? "T:Vvx" : "ST:Vvx")) != -1) { + switch (c) { + case 'S': + cmdline = FALSE; +@@ -361,6 +403,9 @@ main(int argc, char **argv) + case 'V': + puts(curses_version()); + ExitProgram(EXIT_SUCCESS); ++ case 'v': /* verbose */ ++ opt_v = TRUE; ++ break; + case 'x': /* do not try to clear scrollback */ + opt_x = TRUE; + break; +@@ -404,7 +449,7 @@ main(int argc, char **argv) + usage(NULL); + while (argc > 0) { + tty_settings = old_settings; +- code = tput_cmd(fd, &tty_settings, opt_x, argc, argv, &used); ++ code = tput_cmd(fd, &tty_settings, argc, argv, &used); + if (code != 0) + break; + argc -= used; +@@ -439,7 +484,7 @@ main(int argc, char **argv) + while (argnum > 0) { + int code; + tty_settings = old_settings; +- code = tput_cmd(fd, &tty_settings, opt_x, argnum, argnow, &used); ++ code = tput_cmd(fd, &tty_settings, argnum, argnow, &used); + if (code != 0) { + if (result == 0) + result = ErrSystem(0); /* will return value >4 */ +-- +2.40.0 + diff --git a/poky/meta/recipes-core/ncurses/ncurses_6.4.bb b/poky/meta/recipes-core/ncurses/ncurses_6.4.bb index 1eb15673d1..388cd8d407 100644 --- a/poky/meta/recipes-core/ncurses/ncurses_6.4.bb +++ b/poky/meta/recipes-core/ncurses/ncurses_6.4.bb @@ -4,6 +4,7 @@ SRC_URI += "file://0001-tic-hang.patch \ file://0002-configure-reproducible.patch \ file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \ file://exit_prototype.patch \ + file://0001-Fix-CVE-2023-29491.patch \ " # commit id corresponds to the revision in package version SRCREV = "79b9071f2be20a24c7be031655a5638f6032f29f" diff --git a/poky/meta/recipes-core/newlib/libgloss/fix_makefile_include_arm_h.patch b/poky/meta/recipes-core/newlib/libgloss/fix_makefile_include_arm_h.patch deleted file mode 100644 index 7645be7314..0000000000 --- a/poky/meta/recipes-core/newlib/libgloss/fix_makefile_include_arm_h.patch +++ /dev/null @@ -1,30 +0,0 @@ -Upstream-Status: Inappropriate [OE-Specific] - -When trying to build libgloss for an arm target, the build system -complains about missing some include files: - -| fatal error: acle-compiat.h: No such file or directory -| #include "acle-compat.h" -| ^~~~~~~~~~~~~~~ -| compilation terminated. - -These include files come from the newlib source, but since we -are building libgloss separately from newlib, libgloss is unaware -of where they are, this patch fixes the INCLUDES so the build system -can find such files. - -Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com> - -Index: newlib-3.0.0/libgloss/config/default.mh -=================================================================== ---- newlib-3.0.0.orig/libgloss/config/default.mh -+++ newlib-3.0.0/libgloss/config/default.mh -@@ -1,7 +1,7 @@ - NEWLIB_CFLAGS = `if [ -d ${objroot}/newlib ]; then echo -I${objroot}/newlib/targ-include -I${srcroot}/newlib/libc/include; fi` - NEWLIB_LDFLAGS = `if [ -d ${objroot}/newlib ]; then echo -B${objroot}/newlib/ -L${objroot}/newlib/; fi` - --INCLUDES = -I. -I$(srcdir)/.. -+INCLUDES = -I. -I$(srcdir)/.. -I$(srcdir)/../newlib/libc/machine/arm - # Note that when building the library, ${MULTILIB} is not the way multilib - # options are passed; they're passed in $(CFLAGS). - CFLAGS_FOR_TARGET = -O2 -g ${MULTILIB} ${INCLUDES} ${NEWLIB_CFLAGS} diff --git a/poky/meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb b/poky/meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb index c90a02f131..fd72cf4165 100644 --- a/poky/meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb +++ b/poky/meta/recipes-core/sysfsutils/sysfsutils_2.1.0.bb @@ -10,18 +10,14 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=3d06403ea54c7574a9e581c6478cc393 \ file://lib/LGPL;md5=b75d069791103ffe1c0d6435deeff72e" PR = "r5" -SRC_URI = "${SOURCEFORGE_MIRROR}/linux-diag/sysfsutils-${PV}.tar.gz \ +SRC_URI = "git://github.com/linux-ras/sysfsutils.git;protocol=https;branch=master \ file://sysfsutils-2.0.0-class-dup.patch \ file://obsolete_automake_macros.patch \ file://separatebuild.patch" -SRC_URI[md5sum] = "14e7dcd0436d2f49aa403f67e1ef7ddc" -SRC_URI[sha256sum] = "e865de2c1f559fff0d3fc936e660c0efaf7afe662064f2fb97ccad1ec28d208a" +SRCREV = "0d5456e1c9d969cdad6accef2ae2d4881d5db085" -UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/linux-diag/files/sysfsutils/" -UPSTREAM_CHECK_REGEX = "/sysfsutils/(?P<pver>(\d+[\.\-_]*)+)/" - -S = "${WORKDIR}/sysfsutils-${PV}" +S = "${WORKDIR}/git" inherit autotools diff --git a/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl b/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl index b45a2dc2f7..7fe751b397 100755 --- a/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl +++ b/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl @@ -201,13 +201,8 @@ class SystemdUnit(): target = ROOT / location.relative_to(self.root) try: for dependent in config.get('Install', prop): - # determine whether or not dependent is a template with an actual - # instance (i.e. a '@%i') - dependent_is_template = re.match(r"[^@]+@(?P<instance>[^\.]*)\.", dependent) - if dependent_is_template: - # if so, replace with the actual instance to achieve - # svc-wants@a.service.wants/svc-wanted-by@a.service - dependent = re.sub(dependent_is_template.group('instance'), instance, dependent, 1) + # expand any %i to instance (ignoring escape sequence %%) + dependent = re.sub("([^%](%%)*)%i", "\\g<1>{}".format(instance), dependent) wants = systemdir / "{}.{}".format(dependent, dirstem) / service add_link(wants, target) diff --git a/poky/meta/recipes-core/systemd/systemd/0007-Add-sys-stat.h-for-S_IFDIR.patch b/poky/meta/recipes-core/systemd/systemd/0007-Add-sys-stat.h-for-S_IFDIR.patch deleted file mode 100644 index 479b9a1ca1..0000000000 --- a/poky/meta/recipes-core/systemd/systemd/0007-Add-sys-stat.h-for-S_IFDIR.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 1480ef4ea9f71befbc22272c219b62ee5cd71d43 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Fri, 21 Jan 2022 15:17:37 -0800 -Subject: [PATCH] Add sys/stat.h for S_IFDIR - -../git/src/shared/mkdir-label.c:13:61: error: use of undeclared identifier 'S_IFDIR' - r = mac_selinux_create_file_prepare_at(dirfd, path, S_IFDIR); - -Upstream-Status: Backport [29b7114c5d9624002aa7c17748d960cd1e45362d] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/shared/mkdir-label.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/shared/mkdir-label.c b/src/shared/mkdir-label.c -index e3afc2b666..f1df778966 100644 ---- a/src/shared/mkdir-label.c -+++ b/src/shared/mkdir-label.c -@@ -7,6 +7,7 @@ - #include "selinux-util.h" - #include "smack-util.h" - #include "user-util.h" -+#include <sys/stat.h> - - int mkdirat_label(int dirfd, const char *path, mode_t mode) { - int r; --- -2.39.2 - diff --git a/poky/meta/recipes-core/systemd/systemd_253.1.bb b/poky/meta/recipes-core/systemd/systemd_253.1.bb index 9c2b96d3c1..f306765168 100644 --- a/poky/meta/recipes-core/systemd/systemd_253.1.bb +++ b/poky/meta/recipes-core/systemd/systemd_253.1.bb @@ -47,7 +47,6 @@ SRC_URI_MUSL = "\ file://0023-Handle-missing-gshadow.patch \ file://0024-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch \ file://0005-pass-correct-parameters-to-getdents64.patch \ - file://0007-Add-sys-stat.h-for-S_IFDIR.patch \ file://0001-Adjust-for-musl-headers.patch \ file://0006-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch \ file://0003-errno-util-Make-STRERROR-portable-for-musl.patch \ diff --git a/poky/meta/recipes-core/util-linux/util-linux_2.38.1.bb b/poky/meta/recipes-core/util-linux/util-linux_2.38.1.bb index 9ea7a04e8a..c81405533c 100644 --- a/poky/meta/recipes-core/util-linux/util-linux_2.38.1.bb +++ b/poky/meta/recipes-core/util-linux/util-linux_2.38.1.bb @@ -234,6 +234,8 @@ ALTERNATIVE_TARGET[getty] = "${base_sbindir}/agetty" ALTERNATIVE_LINK_NAME[hexdump] = "${bindir}/hexdump" ALTERNATIVE_LINK_NAME[hwclock] = "${base_sbindir}/hwclock" ALTERNATIVE_LINK_NAME[ionice] = "${bindir}/ionice" +ALTERNATIVE_LINK_NAME[ipcrm] = "${bindir}/ipcrm" +ALTERNATIVE_LINK_NAME[ipcs] = "${bindir}/ipcs" ALTERNATIVE_LINK_NAME[kill] = "${base_bindir}/kill" ALTERNATIVE:${PN}-last = "last lastb" ALTERNATIVE_LINK_NAME[last] = "${bindir}/last" diff --git a/poky/meta/recipes-devtools/automake/automake/buildtest.patch b/poky/meta/recipes-devtools/automake/automake/buildtest.patch index b88b9e8693..c43a4ac8f3 100644 --- a/poky/meta/recipes-devtools/automake/automake/buildtest.patch +++ b/poky/meta/recipes-devtools/automake/automake/buildtest.patch @@ -36,7 +36,7 @@ index e0db651..de137fa 100644 -check-TESTS: $(TESTS) +AM_RECURSIVE_TARGETS += buildtest runtest + -+buildtest-TESTS: $(TESTS) ++buildtest-TESTS: $(TESTS) $(check_PROGRAMS) + +check-TESTS: buildtest-TESTS + $(MAKE) $(AM_MAKEFLAGS) runtest-TESTS diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.40.inc b/poky/meta/recipes-devtools/binutils/binutils-2.40.inc index dbb43044a4..424cfc48fc 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.40.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.40.inc @@ -18,7 +18,7 @@ SRCBRANCH ?= "binutils-2_40-branch" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)" -SRCREV ?= "4671be001eb5a899ecac3e2686a92934000f8262" +SRCREV ?= "391fd4d9ee5d2b78244cbcd57fc405738359b70b" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https" SRC_URI = "\ ${BINUTILS_GIT_URI} \ @@ -34,5 +34,7 @@ SRC_URI = "\ file://0013-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \ file://0015-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \ file://0016-CVE-2023-25586.patch \ + file://0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch \ + file://0017-CVE-2023-39128.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/binutils/binutils.inc b/poky/meta/recipes-devtools/binutils/binutils.inc index c69d29448f..e176b5cff1 100644 --- a/poky/meta/recipes-devtools/binutils/binutils.inc +++ b/poky/meta/recipes-devtools/binutils/binutils.inc @@ -33,6 +33,8 @@ FILES:${PN}-dev = " \ ${libdir}/libctf-nobfd.so \ ${libdir}/libopcodes.so" +FILES:${PN}-staticdev += "${libdir}/gprofng/*.a" + # Rather than duplicating multiple entries for these, make one # list and reuse it. diff --git a/poky/meta/recipes-devtools/binutils/binutils/0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch b/poky/meta/recipes-devtools/binutils/binutils/0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch new file mode 100644 index 0000000000..31157cacd2 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch @@ -0,0 +1,43 @@ +From c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Thu, 30 Mar 2023 10:10:09 +0100 +Subject: [PATCH] Fix an illegal memory access when an accessing a + zer0-lengthverdef table. + + PR 30285 + * elf.c (_bfd_elf_slurp_version_tables): Fail if no version definitions are allocated. + +CVE: CVE-2023-1972 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + bfd/ChangeLog | 6 ++++++ + bfd/elf.c | 5 +++++ + 2 files changed, 11 insertions(+) + +diff --git a/bfd/elf.c b/bfd/elf.c +index 027d0143735..185028cbd97 100644 +--- a/bfd/elf.c ++++ b/bfd/elf.c +@@ -9030,6 +9030,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver) + bfd_set_error (bfd_error_file_too_big); + goto error_return_verdef; + } ++ ++ if (amt == 0) ++ goto error_return_verdef; + elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt); + if (elf_tdata (abfd)->verdef == NULL) + goto error_return_verdef; +@@ -9133,6 +9136,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver) + bfd_set_error (bfd_error_file_too_big); + goto error_return; + } ++ if (amt == 0) ++ goto error_return; + elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt); + if (elf_tdata (abfd)->verdef == NULL) + goto error_return; +-- +2.34.1 + diff --git a/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2023-39128.patch b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2023-39128.patch new file mode 100644 index 0000000000..cd81a52b15 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0017-CVE-2023-39128.patch @@ -0,0 +1,74 @@ +From: Tom Tromey <tromey@adacore.com> +Date: Wed, 16 Aug 2023 17:29:19 +0000 (-0600) +Subject: Avoid buffer overflow in ada_decode +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=033bc52bb6190393c8eed80925fa78cc35b40c6d + +Avoid buffer overflow in ada_decode + +A bug report pointed out a buffer overflow in ada_decode, which Keith +helpfully analyzed. ada_decode had a logic error when the input was +all digits. While this isn't valid -- and would probably only appear +in fuzzer tests -- it still should be handled properly. + +This patch adds a missing bounds check. Tested with the self-tests in +an asan build. + +Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30639 +Reviewed-by: Keith Seitz <keiths@redhat.com> +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=033bc52bb6190393c8eed80925fa78cc35b40c6d] + +CVE: CVE-2023-39128 + +Signed-off-by: Sanjana Venkatesh <Sanjana.Venkatesh@windriver.com> + +--- + +diff --git a/gdb/ada-lang.c b/gdb/ada-lang.c +index 4a9a6e0f38f..2f934b1e79a 100644 +--- a/gdb/ada-lang.c ++++ b/gdb/ada-lang.c +@@ -57,6 +57,7 @@ + #include "cli/cli-utils.h" + #include "gdbsupport/function-view.h" + #include "gdbsupport/byte-vector.h" ++#include "gdbsupport/selftest.h" + #include <algorithm> + #include "ada-exp.h" + #include "charset.h" +@@ -1377,7 +1378,7 @@ ada_decode (const char *encoded, bool wrap, bool operators) + i -= 1; + if (i > 1 && encoded[i] == '_' && encoded[i - 1] == '_') + len0 = i - 1; +- else if (encoded[i] == '$') ++ else if (i >= 0 && encoded[i] == '$') + len0 = i; + } + +@@ -1574,6 +1575,18 @@ Suppress: + return decoded; + } + ++#ifdef GDB_SELF_TEST ++ ++static void ++ada_decode_tests () ++{ ++ /* This isn't valid, but used to cause a crash. PR gdb/30639. The ++ result does not really matter very much. */ ++ SELF_CHECK (ada_decode ("44") == "44"); ++} ++ ++#endif ++ + /* Table for keeping permanent unique copies of decoded names. Once + allocated, names in this table are never released. While this is a + storage leak, it should not be significant unless there are massive +@@ -13984,4 +13997,8 @@ DWARF attribute."), + gdb::observers::new_objfile.attach (ada_new_objfile_observer, "ada-lang"); + gdb::observers::free_objfile.attach (ada_free_objfile_observer, "ada-lang"); + gdb::observers::inferior_exit.attach (ada_inferior_exit, "ada-lang"); ++ ++#ifdef GDB_SELF_TEST ++ selftests::register_test ("ada-decode", ada_decode_tests); ++#endif + } diff --git a/poky/meta/recipes-devtools/binutils/binutils_2.40.bb b/poky/meta/recipes-devtools/binutils/binutils_2.40.bb index 9fe4bf5ae3..4ce1b4bec2 100644 --- a/poky/meta/recipes-devtools/binutils/binutils_2.40.bb +++ b/poky/meta/recipes-devtools/binutils/binutils_2.40.bb @@ -67,7 +67,6 @@ FILES:libbfd = "${libdir}/libbfd-*.so.* ${libdir}/libbfd-*.so" FILES:libopcodes = "${libdir}/libopcodes-*.so.* ${libdir}/libopcodes-*.so" FILES:gprofng = "${sysconfdir}/gprofng.rc ${libdir}/gprofng/libgp-*.so ${libdir}/gprofng/libgprofng.so.* ${bindir}/gp-* ${bindir}/gprofng" FILES:${PN}-dev += "${libdir}/libgprofng.so ${libdir}/libsframe.so" -FILES:${PN}-staticdev += "${libdir}/gprofng/*.a" SRC_URI:append:class-nativesdk = " file://0003-binutils-nativesdk-Search-for-alternative-ld.so.conf.patch " USE_ALTERNATIVES_FOR:class-nativesdk = "" diff --git a/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_1.patch b/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_1.patch new file mode 100644 index 0000000000..53480d6299 --- /dev/null +++ b/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_1.patch @@ -0,0 +1,237 @@ +From d8cfbc808f387e87091c25e7d5b8c2bb348bb206 Mon Sep 17 00:00:00 2001 +From: Jean Delvare <jdelvare@suse.de> +Date: Tue, 27 Jun 2023 09:40:23 +0000 +Subject: [PATCH] dmidecode: Write the whole dump file at once + +When option --dump-bin is used, write the whole dump file at once, +instead of opening and closing the file separately for the table +and then for the entry point. + +As the file writing function is no longer generic, it gets moved +from util.c to dmidecode.c. + +One minor functional change resulting from the new implementation is +that the entry point is written first now, so the messages printed +are swapped. + +Signed-off-by: Jean Delvare <jdelvare@suse.de> +Reviewed-by: Jerry Hoemann <jerry.hoemann@hpe.com> + +CVE: CVE-2023-30630 + +Reference: https://github.com/mirror/dmidecode/commit/39b2dd7b6ab719b920e96ed832cfb4bdd664e808 + +Upstream-Status: Backport [https://github.com/mirror/dmidecode/commit/d8cfbc808f387e87091c25e7d5b8c2bb348bb206] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + dmidecode.c | 79 +++++++++++++++++++++++++++++++++++++++-------------- + util.c | 40 --------------------------- + util.h | 1 - + 3 files changed, 58 insertions(+), 62 deletions(-) + +diff --git a/dmidecode.c b/dmidecode.c +index 9aeff91..5477309 100644 +--- a/dmidecode.c ++++ b/dmidecode.c +@@ -5427,11 +5427,56 @@ static void dmi_table_string(const struct dmi_header *h, const u8 *data, u16 ver + } + } + +-static void dmi_table_dump(const u8 *buf, u32 len) ++static int dmi_table_dump(const u8 *ep, u32 ep_len, const u8 *table, ++ u32 table_len) + { ++ FILE *f; ++ ++ f = fopen(opt.dumpfile, "wb"); ++ if (!f) ++ { ++ fprintf(stderr, "%s: ", opt.dumpfile); ++ perror("fopen"); ++ return -1; ++ } ++ ++ if (!(opt.flags & FLAG_QUIET)) ++ pr_comment("Writing %d bytes to %s.", ep_len, opt.dumpfile); ++ if (fwrite(ep, ep_len, 1, f) != 1) ++ { ++ fprintf(stderr, "%s: ", opt.dumpfile); ++ perror("fwrite"); ++ goto err_close; ++ } ++ ++ if (fseek(f, 32, SEEK_SET) != 0) ++ { ++ fprintf(stderr, "%s: ", opt.dumpfile); ++ perror("fseek"); ++ goto err_close; ++ } ++ + if (!(opt.flags & FLAG_QUIET)) +- pr_comment("Writing %d bytes to %s.", len, opt.dumpfile); +- write_dump(32, len, buf, opt.dumpfile, 0); ++ pr_comment("Writing %d bytes to %s.", table_len, opt.dumpfile); ++ if (fwrite(table, table_len, 1, f) != 1) ++ { ++ fprintf(stderr, "%s: ", opt.dumpfile); ++ perror("fwrite"); ++ goto err_close; ++ } ++ ++ if (fclose(f)) ++ { ++ fprintf(stderr, "%s: ", opt.dumpfile); ++ perror("fclose"); ++ return -1; ++ } ++ ++ return 0; ++ ++err_close: ++ fclose(f); ++ return -1; + } + + static void dmi_table_decode(u8 *buf, u32 len, u16 num, u16 ver, u32 flags) +@@ -5648,11 +5693,6 @@ static void dmi_table(off_t base, u32 len, u16 num, u32 ver, const char *devmem, + return; + } + +- if (opt.flags & FLAG_DUMP_BIN) +- dmi_table_dump(buf, len); +- else +- dmi_table_decode(buf, len, num, ver >> 8, flags); +- + free(buf); + } + +@@ -5688,8 +5728,9 @@ static void overwrite_smbios3_address(u8 *buf) + + static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) + { +- u32 ver; ++ u32 ver, len; + u64 offset; ++ u8 *table; + + /* Don't let checksum run beyond the buffer */ + if (buf[0x06] > 0x20) +@@ -5725,10 +5766,7 @@ static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) + memcpy(crafted, buf, 32); + overwrite_smbios3_address(crafted); + +- if (!(opt.flags & FLAG_QUIET)) +- pr_comment("Writing %d bytes to %s.", crafted[0x06], +- opt.dumpfile); +- write_dump(0, crafted[0x06], crafted, opt.dumpfile, 1); ++ dmi_table_dump(crafted, crafted[0x06], table, len); + } + + return 1; +@@ -5737,6 +5775,8 @@ static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) + static int smbios_decode(u8 *buf, const char *devmem, u32 flags) + { + u16 ver; ++ u32 len; ++ u8 *table; + + /* Don't let checksum run beyond the buffer */ + if (buf[0x05] > 0x20) +@@ -5786,10 +5826,7 @@ static int smbios_decode(u8 *buf, const char *devmem, u32 flags) + memcpy(crafted, buf, 32); + overwrite_dmi_address(crafted + 0x10); + +- if (!(opt.flags & FLAG_QUIET)) +- pr_comment("Writing %d bytes to %s.", crafted[0x05], +- opt.dumpfile); +- write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1); ++ dmi_table_dump(crafted, crafted[0x05], table, len); + } + + return 1; +@@ -5797,6 +5834,9 @@ static int smbios_decode(u8 *buf, const char *devmem, u32 flags) + + static int legacy_decode(u8 *buf, const char *devmem, u32 flags) + { ++ u32 len; ++ u8 *table; ++ + if (!checksum(buf, 0x0F)) + return 0; + +@@ -5815,10 +5855,7 @@ static int legacy_decode(u8 *buf, const char *devmem, u32 flags) + memcpy(crafted, buf, 16); + overwrite_dmi_address(crafted); + +- if (!(opt.flags & FLAG_QUIET)) +- pr_comment("Writing %d bytes to %s.", 0x0F, +- opt.dumpfile); +- write_dump(0, 0x0F, crafted, opt.dumpfile, 1); ++ dmi_table_dump(crafted, 0x0F, table, len); + } + + return 1; +diff --git a/util.c b/util.c +index 04aaadd..1547096 100644 +--- a/util.c ++++ b/util.c +@@ -259,46 +259,6 @@ out: + return p; + } + +-int write_dump(size_t base, size_t len, const void *data, const char *dumpfile, int add) +-{ +- FILE *f; +- +- f = fopen(dumpfile, add ? "r+b" : "wb"); +- if (!f) +- { +- fprintf(stderr, "%s: ", dumpfile); +- perror("fopen"); +- return -1; +- } +- +- if (fseek(f, base, SEEK_SET) != 0) +- { +- fprintf(stderr, "%s: ", dumpfile); +- perror("fseek"); +- goto err_close; +- } +- +- if (fwrite(data, len, 1, f) != 1) +- { +- fprintf(stderr, "%s: ", dumpfile); +- perror("fwrite"); +- goto err_close; +- } +- +- if (fclose(f)) +- { +- fprintf(stderr, "%s: ", dumpfile); +- perror("fclose"); +- return -1; +- } +- +- return 0; +- +-err_close: +- fclose(f); +- return -1; +-} +- + /* Returns end - start + 1, assuming start < end */ + u64 u64_range(u64 start, u64 end) + { +diff --git a/util.h b/util.h +index 3094cf8..ef24eb9 100644 +--- a/util.h ++++ b/util.h +@@ -27,5 +27,4 @@ + int checksum(const u8 *buf, size_t len); + void *read_file(off_t base, size_t *len, const char *filename); + void *mem_chunk(off_t base, size_t len, const char *devmem); +-int write_dump(size_t base, size_t len, const void *data, const char *dumpfile, int add); + u64 u64_range(u64 start, u64 end); +-- +2.35.5 diff --git a/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_2.patch b/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_2.patch new file mode 100644 index 0000000000..dcc87d2326 --- /dev/null +++ b/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_2.patch @@ -0,0 +1,81 @@ +From 6ca381c1247c81f74e1ca4e7706f70bdda72e6f2 Mon Sep 17 00:00:00 2001 +From: Jean Delvare <jdelvare@suse.de> +Date: Tue, 27 Jun 2023 10:03:53 +0000 +Subject: [PATCH] dmidecode: Do not let --dump-bin overwrite an existing file + +Make sure that the file passed to option --dump-bin does not already +exist. In practice, it is rather unlikely that an honest user would +want to overwrite an existing dump file, while this possibility +could be used by a rogue user to corrupt a system file. + +Signed-off-by: Jean Delvare <jdelvare@suse.de> +Reviewed-by: Jerry Hoemann <jerry.hoemann@hpe.com> + +CVE: CVE-2023-30630 + +Upstream-Status: Backport +[https://github.com/mirror/dmidecode/commit/6ca381c1247c81f74e1ca4e7706f70bdda72e6f2] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + dmidecode.c | 14 ++++++++++++-- + man/dmidecode.8 | 3 ++- + 2 files changed, 14 insertions(+), 3 deletions(-) + +diff --git a/dmidecode.c b/dmidecode.c +index 5477309..98f9692 100644 +--- a/dmidecode.c ++++ b/dmidecode.c +@@ -60,6 +60,7 @@ + * https://www.dmtf.org/sites/default/files/DSP0270_1.0.1.pdf + */ + ++#include <fcntl.h> + #include <stdio.h> + #include <string.h> + #include <strings.h> +@@ -5430,13 +5431,22 @@ static void dmi_table_string(const struct dmi_header *h, const u8 *data, u16 ver + static int dmi_table_dump(const u8 *ep, u32 ep_len, const u8 *table, + u32 table_len) + { ++ int fd; + FILE *f; + +- f = fopen(opt.dumpfile, "wb"); ++ fd = open(opt.dumpfile, O_WRONLY|O_CREAT|O_EXCL, 0666); ++ if (fd == -1) ++ { ++ fprintf(stderr, "%s: ", opt.dumpfile); ++ perror("open"); ++ return -1; ++ } ++ ++ f = fdopen(fd, "wb"); + if (!f) + { + fprintf(stderr, "%s: ", opt.dumpfile); +- perror("fopen"); ++ perror("fdopen"); + return -1; + } + +diff --git a/man/dmidecode.8 b/man/dmidecode.8 +index ed066b3..3a732c0 100644 +--- a/man/dmidecode.8 ++++ b/man/dmidecode.8 +@@ -1,4 +1,4 @@ +-.TH DMIDECODE 8 "January 2019" "dmidecode" ++.TH DMIDECODE 8 "February 2023" "dmidecode" + .\" + .SH NAME + dmidecode \- \s-1DMI\s0 table decoder +@@ -159,6 +159,7 @@ hexadecimal and \s-1ASCII\s0. This option is mainly useful for debugging. + Do not decode the entries, instead dump the DMI data to a file in binary + form. The generated file is suitable to pass to \fB--from-dump\fP + later. ++\fIFILE\fP must not exist. + .TP + .BR " " " " "--from-dump \fIFILE\fP" + Read the DMI data from a binary file previously generated using +-- +2.35.5 diff --git a/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_3.patch b/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_3.patch new file mode 100644 index 0000000000..01d0d1f867 --- /dev/null +++ b/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_3.patch @@ -0,0 +1,69 @@ +From c76ddda0ba0aa99a55945e3290095c2ec493c892 Mon Sep 17 00:00:00 2001 +From: Jean Delvare <jdelvare@suse.de> +Date: Tue, 27 Jun 2023 10:25:50 +0000 +Subject: [PATCH] Consistently use read_file() when reading from a dump file + +Use read_file() instead of mem_chunk() to read the entry point from a +dump file. This is faster, and consistent with how we then read the +actual DMI table from that dump file. + +This made no functional difference so far, which is why it went +unnoticed for years. But now that a file type check was added to the +mem_chunk() function, we must stop using it to read from regular +files. + +This will again allow root to use the --from-dump option. + +Signed-off-by: Jean Delvare <jdelvare@suse.de> +Tested-by: Jerry Hoemann <jerry.hoemann@hpe.com> + +CVE: CVE-2023-30630 + +Upstream-Status: Backport [https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=c76ddda0ba0aa99a55945e3290095c2ec493c892] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + dmidecode.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/dmidecode.c b/dmidecode.c +index 98f9692..b4dbc9d 100644 +--- a/dmidecode.c ++++ b/dmidecode.c +@@ -5997,17 +5997,25 @@ int main(int argc, char * const argv[]) + pr_comment("dmidecode %s", VERSION); + + /* Read from dump if so instructed */ ++ size = 0x20; + if (opt.flags & FLAG_FROM_DUMP) + { + if (!(opt.flags & FLAG_QUIET)) + pr_info("Reading SMBIOS/DMI data from file %s.", + opt.dumpfile); +- if ((buf = mem_chunk(0, 0x20, opt.dumpfile)) == NULL) ++ if ((buf = read_file(0, &size, opt.dumpfile)) == NULL) + { + ret = 1; + goto exit_free; + } + ++ /* Truncated entry point can't be processed */ ++ if (size < 0x20) ++ { ++ ret = 1; ++ goto done; ++ } ++ + if (memcmp(buf, "_SM3_", 5) == 0) + { + if (smbios3_decode(buf, opt.dumpfile, 0)) +@@ -6031,7 +6039,6 @@ int main(int argc, char * const argv[]) + * contain one of several types of entry points, so read enough for + * the largest one, then determine what type it contains. + */ +- size = 0x20; + if (!(opt.flags & FLAG_NO_SYSFS) + && (buf = read_file(0, &size, SYS_ENTRY_FILE)) != NULL) + { +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_4.patch b/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_4.patch new file mode 100644 index 0000000000..5fa72b4f9b --- /dev/null +++ b/poky/meta/recipes-devtools/dmidecode/dmidecode/CVE-2023-30630_4.patch @@ -0,0 +1,137 @@ +From 2b83c4b898f8325313162f588765411e8e3e5561 Mon Sep 17 00:00:00 2001 +From: Jean Delvare <jdelvare@suse.de> +Date: Tue, 27 Jun 2023 10:58:11 +0000 +Subject: [PATCH] Don't read beyond sysfs entry point buffer + +Functions smbios_decode() and smbios3_decode() include a check +against buffer overrun. This check assumes that the buffer length is +always 32 bytes. This is true when reading from /dev/mem or from a +dump file, however when reading from sysfs, the buffer length is the +size of the actual sysfs attribute file, typically 31 bytes for an +SMBIOS 2.x entry point and 24 bytes for an SMBIOS 3.x entry point. + +In the unlikely event of a malformed entry point, with encoded length +larger than expected but smaller than or equal to 32, we would hit a +buffer overrun. So properly pass the actual buffer length as an +argument and perform the check against it. + +In practice, this will never happen, because on the Linux kernel +side, the size of the sysfs attribute file is decided from the entry +point length field. So it is technically impossible for them not to +match. But user-space code should not make such assumptions. + +Signed-off-by: Jean Delvare <jdelvare@suse.de> + +CVE: CVE-2023-30630 + +Upstream-Status: Backport +[https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=2b83c4b898f8325313162f588765411e8e3e5561] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + dmidecode.c | 24 ++++++++++++------------ + 1 file changed, 12 insertions(+), 12 deletions(-) + +diff --git a/dmidecode.c b/dmidecode.c +index b4dbc9d..870d94e 100644 +--- a/dmidecode.c ++++ b/dmidecode.c +@@ -5736,14 +5736,14 @@ static void overwrite_smbios3_address(u8 *buf) + buf[0x17] = 0; + } + +-static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) ++static int smbios3_decode(u8 *buf, size_t buf_len, const char *devmem, u32 flags) + { + u32 ver, len; + u64 offset; + u8 *table; + + /* Don't let checksum run beyond the buffer */ +- if (buf[0x06] > 0x20) ++ if (buf[0x06] > buf_len) + { + fprintf(stderr, + "Entry point length too large (%u bytes, expected %u).\n", +@@ -5782,14 +5782,14 @@ static int smbios3_decode(u8 *buf, const char *devmem, u32 flags) + return 1; + } + +-static int smbios_decode(u8 *buf, const char *devmem, u32 flags) ++static int smbios_decode(u8 *buf, size_t buf_len, const char *devmem, u32 flags) + { + u16 ver; + u32 len; + u8 *table; + + /* Don't let checksum run beyond the buffer */ +- if (buf[0x05] > 0x20) ++ if (buf[0x05] > buf_len) + { + fprintf(stderr, + "Entry point length too large (%u bytes, expected %u).\n", +@@ -6018,12 +6018,12 @@ int main(int argc, char * const argv[]) + + if (memcmp(buf, "_SM3_", 5) == 0) + { +- if (smbios3_decode(buf, opt.dumpfile, 0)) ++ if (smbios3_decode(buf, size, opt.dumpfile, 0)) + found++; + } + else if (memcmp(buf, "_SM_", 4) == 0) + { +- if (smbios_decode(buf, opt.dumpfile, 0)) ++ if (smbios_decode(buf, size, opt.dumpfile, 0)) + found++; + } + else if (memcmp(buf, "_DMI_", 5) == 0) +@@ -6046,12 +6046,12 @@ int main(int argc, char * const argv[]) + pr_info("Getting SMBIOS data from sysfs."); + if (size >= 24 && memcmp(buf, "_SM3_", 5) == 0) + { +- if (smbios3_decode(buf, SYS_TABLE_FILE, FLAG_NO_FILE_OFFSET)) ++ if (smbios3_decode(buf, size, SYS_TABLE_FILE, FLAG_NO_FILE_OFFSET)) + found++; + } + else if (size >= 31 && memcmp(buf, "_SM_", 4) == 0) + { +- if (smbios_decode(buf, SYS_TABLE_FILE, FLAG_NO_FILE_OFFSET)) ++ if (smbios_decode(buf, size, SYS_TABLE_FILE, FLAG_NO_FILE_OFFSET)) + found++; + } + else if (size >= 15 && memcmp(buf, "_DMI_", 5) == 0) +@@ -6088,12 +6088,12 @@ int main(int argc, char * const argv[]) + + if (memcmp(buf, "_SM3_", 5) == 0) + { +- if (smbios3_decode(buf, opt.devmem, 0)) ++ if (smbios3_decode(buf, 0x20, opt.devmem, 0)) + found++; + } + else if (memcmp(buf, "_SM_", 4) == 0) + { +- if (smbios_decode(buf, opt.devmem, 0)) ++ if (smbios_decode(buf, 0x20, opt.devmem, 0)) + found++; + } + goto done; +@@ -6114,7 +6114,7 @@ memory_scan: + { + if (memcmp(buf + fp, "_SM3_", 5) == 0) + { +- if (smbios3_decode(buf + fp, opt.devmem, 0)) ++ if (smbios3_decode(buf + fp, 0x20, opt.devmem, 0)) + { + found++; + goto done; +@@ -6127,7 +6127,7 @@ memory_scan: + { + if (memcmp(buf + fp, "_SM_", 4) == 0 && fp <= 0xFFE0) + { +- if (smbios_decode(buf + fp, opt.devmem, 0)) ++ if (smbios_decode(buf + fp, 0x20, opt.devmem, 0)) + { + found++; + goto done; +-- +2.35.5 diff --git a/poky/meta/recipes-devtools/dmidecode/dmidecode_3.4.bb b/poky/meta/recipes-devtools/dmidecode/dmidecode_3.4.bb index bc741046dd..4d5255df64 100644 --- a/poky/meta/recipes-devtools/dmidecode/dmidecode_3.4.bb +++ b/poky/meta/recipes-devtools/dmidecode/dmidecode_3.4.bb @@ -6,6 +6,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/dmidecode/${BP}.tar.xz \ file://0001-Committing-changes-from-do_unpack_extra.patch \ + file://CVE-2023-30630_1.patch \ + file://CVE-2023-30630_2.patch \ + file://CVE-2023-30630_3.patch \ + file://CVE-2023-30630_4.patch \ " COMPATIBLE_HOST = "(i.86|x86_64|aarch64|arm|powerpc|powerpc64).*-linux" diff --git a/poky/meta/recipes-devtools/dnf/dnf_4.14.0.bb b/poky/meta/recipes-devtools/dnf/dnf_4.14.0.bb index 62df8c4ace..95007c9c4b 100644 --- a/poky/meta/recipes-devtools/dnf/dnf_4.14.0.bb +++ b/poky/meta/recipes-devtools/dnf/dnf_4.14.0.bb @@ -15,9 +15,10 @@ SRC_URI = "git://github.com/rpm-software-management/dnf.git;branch=master;protoc file://0029-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ file://0030-Run-python-scripts-using-env.patch \ file://0001-set-python-path-for-completion_helper.patch \ - file://0001-dnf-write-the-log-lock-to-root.patch \ " +SRC_URI:append:class-native = "file://0001-dnf-write-the-log-lock-to-root.patch" + SRCREV = "e50875b3f5790f70720bdb670e1dd2bf4d828744" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)" diff --git a/poky/meta/recipes-devtools/dpkg/dpkg_1.21.21.bb b/poky/meta/recipes-devtools/dpkg/dpkg_1.21.22.bb index a19a96ef06..04bcc93321 100644 --- a/poky/meta/recipes-devtools/dpkg/dpkg_1.21.21.bb +++ b/poky/meta/recipes-devtools/dpkg/dpkg_1.21.22.bb @@ -18,6 +18,6 @@ SRC_URI = "git://salsa.debian.org/dpkg-team/dpkg.git;protocol=https;branch=1.21. SRC_URI:append:class-native = " file://0001-build.c-ignore-return-of-1-from-tar-cf.patch" -SRCREV = "9ef736b7b3a5fa0d6e991e8475eb2e3151fec345" +SRCREV = "48482e4f16467e05a08aa3b3b8048e08f0024609" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33551.patch b/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33551.patch new file mode 100644 index 0000000000..9ed77d921f --- /dev/null +++ b/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33551.patch @@ -0,0 +1,80 @@ +From 5782f0d47df99dcfc743aa138361336e9a4ac966 Mon Sep 17 00:00:00 2001 +From: Gao Xiang <hsiangkao@linux.alibaba.com> +Date: Fri, 2 Jun 2023 13:52:56 +0800 +Subject: [PATCH 1/4] erofs-utils: fsck: block insane long paths when + extracting images + +Since some crafted EROFS filesystem images could have insane deep +hierarchy (or may form directory loops) which triggers the +PATH_MAX-sized path buffer OR stack overflow. + +Actually some crafted images cannot be deemed as real corrupted +images but over-PATH_MAX paths are not something that we'd like to +support for now. + +CVE: CVE-2023-33551 +Closes: https://nvd.nist.gov/vuln/detail/CVE-2023-33551 +Reported-by: Chaoming Yang <lometsj@live.com> +Fixes: f44043561491 ("erofs-utils: introduce fsck.erofs") +Fixes: b11f84f593f9 ("erofs-utils: fsck: convert to use erofs_iterate_dir()") +Fixes: 412c8f908132 ("erofs-utils: fsck: add --extract=X support to extract to path X") +Signeo-off-by: Gao Xiang <hsiangkao@linux.alibaba.com> +Link: https://lore.kernel.org/r/20230602055256.18061-1-hsiangkao@linux.alibaba.com + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/patch/?id=27aeef179bf17d5f1d98f827e93d24839a6d4176] +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + fsck/main.c | 23 +++++++++++++++-------- + 1 file changed, 15 insertions(+), 8 deletions(-) + +diff --git a/fsck/main.c b/fsck/main.c +index 5a2f659..2b6a6dd 100644 +--- a/fsck/main.c ++++ b/fsck/main.c +@@ -679,28 +679,35 @@ again: + static int erofsfsck_dirent_iter(struct erofs_dir_context *ctx) + { + int ret; +- size_t prev_pos = fsckcfg.extract_pos; ++ size_t prev_pos, curr_pos; + + if (ctx->dot_dotdot) + return 0; + +- if (fsckcfg.extract_path) { +- size_t curr_pos = prev_pos; ++ prev_pos = fsckcfg.extract_pos; ++ curr_pos = prev_pos; ++ ++ if (prev_pos + ctx->de_namelen >= PATH_MAX) { ++ erofs_err("unable to fsck since the path is too long (%u)", ++ curr_pos + ctx->de_namelen); ++ return -EOPNOTSUPP; ++ } + ++ if (fsckcfg.extract_path) { + fsckcfg.extract_path[curr_pos++] = '/'; + strncpy(fsckcfg.extract_path + curr_pos, ctx->dname, + ctx->de_namelen); + curr_pos += ctx->de_namelen; + fsckcfg.extract_path[curr_pos] = '\0'; +- fsckcfg.extract_pos = curr_pos; ++ } else { ++ curr_pos += ctx->de_namelen; + } +- ++ fsckcfg.extract_pos = curr_pos; + ret = erofsfsck_check_inode(ctx->dir->nid, ctx->de_nid); + +- if (fsckcfg.extract_path) { ++ if (fsckcfg.extract_path) + fsckcfg.extract_path[prev_pos] = '\0'; +- fsckcfg.extract_pos = prev_pos; +- } ++ fsckcfg.extract_pos = prev_pos; + return ret; + } + +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-1.patch b/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-1.patch new file mode 100644 index 0000000000..011ca1cd5e --- /dev/null +++ b/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-1.patch @@ -0,0 +1,221 @@ +From 8aef6015a03242a7d13467d23ad52b5427bf5247 Mon Sep 17 00:00:00 2001 +From: Yue Hu <huyue2@coolpad.com> +Date: Wed, 11 Jan 2023 09:49:26 +0800 +Subject: [PATCH] erofs-utils: lib: export parts of erofs_pread() + +Export parts of erofs_pread() to avoid duplicated code in +erofs_verify_inode_data(). Let's make two helpers for this. + +Signed-off-by: Yue Hu <huyue2@coolpad.com> +Link: https://lore.kernel.org/r/ff560da9c798b2ca1f1a663a000501486d865487.1673401718.git.huyue2@coolpad.com +Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com> + +CVE: CVE-2023-33552 +Upstream-Status: Backport [https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/commit/?id=4c0fb15a5d85378debe9d10d96cd643d167300ca] +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + include/erofs/internal.h | 5 ++ + lib/data.c | 108 ++++++++++++++++++++++++--------------- + 2 files changed, 71 insertions(+), 42 deletions(-) + +diff --git a/include/erofs/internal.h b/include/erofs/internal.h +index d3b2986..28d0e68 100644 +--- a/include/erofs/internal.h ++++ b/include/erofs/internal.h +@@ -335,6 +335,11 @@ int erofs_pread(struct erofs_inode *inode, char *buf, + int erofs_map_blocks(struct erofs_inode *inode, + struct erofs_map_blocks *map, int flags); + int erofs_map_dev(struct erofs_sb_info *sbi, struct erofs_map_dev *map); ++int erofs_read_one_data(struct erofs_map_blocks *map, char *buffer, u64 offset, ++ size_t len); ++int z_erofs_read_one_data(struct erofs_inode *inode, ++ struct erofs_map_blocks *map, char *raw, char *buffer, ++ erofs_off_t skip, erofs_off_t length, bool trimmed); + + static inline int erofs_get_occupied_size(const struct erofs_inode *inode, + erofs_off_t *size) +diff --git a/lib/data.c b/lib/data.c +index 6bc554d..2a7fdd5 100644 +--- a/lib/data.c ++++ b/lib/data.c +@@ -158,19 +158,38 @@ int erofs_map_dev(struct erofs_sb_info *sbi, struct erofs_map_dev *map) + return 0; + } + ++int erofs_read_one_data(struct erofs_map_blocks *map, char *buffer, u64 offset, ++ size_t len) ++{ ++ struct erofs_map_dev mdev; ++ int ret; ++ ++ mdev = (struct erofs_map_dev) { ++ .m_deviceid = map->m_deviceid, ++ .m_pa = map->m_pa, ++ }; ++ ret = erofs_map_dev(&sbi, &mdev); ++ if (ret) ++ return ret; ++ ++ ret = dev_read(mdev.m_deviceid, buffer, mdev.m_pa + offset, len); ++ if (ret < 0) ++ return -EIO; ++ return 0; ++} ++ + static int erofs_read_raw_data(struct erofs_inode *inode, char *buffer, + erofs_off_t size, erofs_off_t offset) + { + struct erofs_map_blocks map = { + .index = UINT_MAX, + }; +- struct erofs_map_dev mdev; + int ret; + erofs_off_t ptr = offset; + + while (ptr < offset + size) { + char *const estart = buffer + ptr - offset; +- erofs_off_t eend; ++ erofs_off_t eend, moff = 0; + + map.m_la = ptr; + ret = erofs_map_blocks(inode, &map, 0); +@@ -179,14 +198,6 @@ static int erofs_read_raw_data(struct erofs_inode *inode, char *buffer, + + DBG_BUGON(map.m_plen != map.m_llen); + +- mdev = (struct erofs_map_dev) { +- .m_deviceid = map.m_deviceid, +- .m_pa = map.m_pa, +- }; +- ret = erofs_map_dev(&sbi, &mdev); +- if (ret) +- return ret; +- + /* trim extent */ + eend = min(offset + size, map.m_la + map.m_llen); + DBG_BUGON(ptr < map.m_la); +@@ -204,19 +215,54 @@ static int erofs_read_raw_data(struct erofs_inode *inode, char *buffer, + } + + if (ptr > map.m_la) { +- mdev.m_pa += ptr - map.m_la; ++ moff = ptr - map.m_la; + map.m_la = ptr; + } + +- ret = dev_read(mdev.m_deviceid, estart, mdev.m_pa, +- eend - map.m_la); +- if (ret < 0) +- return -EIO; ++ ret = erofs_read_one_data(&map, estart, moff, eend - map.m_la); ++ if (ret) ++ return ret; + ptr = eend; + } + return 0; + } + ++int z_erofs_read_one_data(struct erofs_inode *inode, ++ struct erofs_map_blocks *map, char *raw, char *buffer, ++ erofs_off_t skip, erofs_off_t length, bool trimmed) ++{ ++ struct erofs_map_dev mdev; ++ int ret = 0; ++ ++ /* no device id here, thus it will always succeed */ ++ mdev = (struct erofs_map_dev) { ++ .m_pa = map->m_pa, ++ }; ++ ret = erofs_map_dev(&sbi, &mdev); ++ if (ret) { ++ DBG_BUGON(1); ++ return ret; ++ } ++ ++ ret = dev_read(mdev.m_deviceid, raw, mdev.m_pa, map->m_plen); ++ if (ret < 0) ++ return ret; ++ ++ ret = z_erofs_decompress(&(struct z_erofs_decompress_req) { ++ .in = raw, ++ .out = buffer, ++ .decodedskip = skip, ++ .inputsize = map->m_plen, ++ .decodedlength = length, ++ .alg = map->m_algorithmformat, ++ .partial_decoding = trimmed ? true : ++ !(map->m_flags & EROFS_MAP_FULL_MAPPED) ++ }); ++ if (ret < 0) ++ return ret; ++ return 0; ++} ++ + static int z_erofs_read_data(struct erofs_inode *inode, char *buffer, + erofs_off_t size, erofs_off_t offset) + { +@@ -224,8 +270,7 @@ static int z_erofs_read_data(struct erofs_inode *inode, char *buffer, + struct erofs_map_blocks map = { + .index = UINT_MAX, + }; +- struct erofs_map_dev mdev; +- bool partial; ++ bool trimmed; + unsigned int bufsize = 0; + char *raw = NULL; + int ret = 0; +@@ -238,27 +283,17 @@ static int z_erofs_read_data(struct erofs_inode *inode, char *buffer, + if (ret) + break; + +- /* no device id here, thus it will always succeed */ +- mdev = (struct erofs_map_dev) { +- .m_pa = map.m_pa, +- }; +- ret = erofs_map_dev(&sbi, &mdev); +- if (ret) { +- DBG_BUGON(1); +- break; +- } +- + /* + * trim to the needed size if the returned extent is quite + * larger than requested, and set up partial flag as well. + */ + if (end < map.m_la + map.m_llen) { + length = end - map.m_la; +- partial = true; ++ trimmed = true; + } else { + DBG_BUGON(end != map.m_la + map.m_llen); + length = map.m_llen; +- partial = !(map.m_flags & EROFS_MAP_FULL_MAPPED); ++ trimmed = false; + } + + if (map.m_la < offset) { +@@ -283,19 +318,8 @@ static int z_erofs_read_data(struct erofs_inode *inode, char *buffer, + break; + } + } +- ret = dev_read(mdev.m_deviceid, raw, mdev.m_pa, map.m_plen); +- if (ret < 0) +- break; +- +- ret = z_erofs_decompress(&(struct z_erofs_decompress_req) { +- .in = raw, +- .out = buffer + end - offset, +- .decodedskip = skip, +- .inputsize = map.m_plen, +- .decodedlength = length, +- .alg = map.m_algorithmformat, +- .partial_decoding = partial +- }); ++ ret = z_erofs_read_one_data(inode, &map, raw, ++ buffer + end - offset, skip, length, trimmed); + if (ret < 0) + break; + } +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-2.patch b/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-2.patch new file mode 100644 index 0000000000..4d190363b9 --- /dev/null +++ b/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-2.patch @@ -0,0 +1,97 @@ +From 3a360e01058467573bd7239fa430d8dc5fbd60f4 Mon Sep 17 00:00:00 2001 +From: Yue Hu <huyue2@coolpad.com> +Date: Wed, 11 Jan 2023 09:49:27 +0800 +Subject: [PATCH 3/4] erofs-utils: fsck: cleanup erofs_verify_inode_data() + +Diretly call {z_}erofs_read_one_data() to avoid duplicated code. +Accordingly, fragment and partial-referenced plusters are also supported +after this change. + +Signed-off-by: Yue Hu <huyue2@coolpad.com> +Link: https://lore.kernel.org/r/115e61fc9c2d34cab6d3dd78383ac57c94a491fc.1673401718.git.huyue2@coolpad.com +Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com> + +CVE: CVE-2023-33552 +Upstream-Status: Backport [https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/commit/?id=87430c69e1d542928c4519e8fabfd6348a741999] +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + fsck/main.c | 53 ++++++++++------------------------------------------- + 1 file changed, 10 insertions(+), 43 deletions(-) + +diff --git a/fsck/main.c b/fsck/main.c +index 2b6a6dd..92ef17a 100644 +--- a/fsck/main.c ++++ b/fsck/main.c +@@ -366,7 +366,6 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd) + struct erofs_map_blocks map = { + .index = UINT_MAX, + }; +- struct erofs_map_dev mdev; + int ret = 0; + bool compressed; + erofs_off_t pos = 0; +@@ -427,51 +426,19 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd) + BUG_ON(!raw); + } + +- mdev = (struct erofs_map_dev) { +- .m_deviceid = map.m_deviceid, +- .m_pa = map.m_pa, +- }; +- ret = erofs_map_dev(&sbi, &mdev); +- if (ret) { +- erofs_err("failed to map device of m_pa %" PRIu64 ", m_deviceid %u @ nid %llu: %d", +- map.m_pa, map.m_deviceid, inode->nid | 0ULL, +- ret); +- goto out; +- } +- +- if (compressed && map.m_llen > buffer_size) { +- buffer_size = map.m_llen; +- buffer = realloc(buffer, buffer_size); +- BUG_ON(!buffer); +- } +- +- ret = dev_read(mdev.m_deviceid, raw, mdev.m_pa, map.m_plen); +- if (ret < 0) { +- erofs_err("failed to read data of m_pa %" PRIu64 ", m_plen %" PRIu64 " @ nid %llu: %d", +- mdev.m_pa, map.m_plen, inode->nid | 0ULL, +- ret); +- goto out; +- } +- + if (compressed) { +- struct z_erofs_decompress_req rq = { +- .in = raw, +- .out = buffer, +- .decodedskip = 0, +- .inputsize = map.m_plen, +- .decodedlength = map.m_llen, +- .alg = map.m_algorithmformat, +- .partial_decoding = 0 +- }; +- +- ret = z_erofs_decompress(&rq); +- if (ret < 0) { +- erofs_err("failed to decompress data of m_pa %" PRIu64 ", m_plen %" PRIu64 " @ nid %llu: %s", +- mdev.m_pa, map.m_plen, +- inode->nid | 0ULL, strerror(-ret)); +- goto out; ++ if (map.m_llen > buffer_size) { ++ buffer_size = map.m_llen; ++ buffer = realloc(buffer, buffer_size); ++ BUG_ON(!buffer); + } ++ ret = z_erofs_read_one_data(inode, &map, raw, buffer, ++ 0, map.m_llen, false); ++ } else { ++ ret = erofs_read_one_data(&map, raw, 0, map.m_plen); + } ++ if (ret) ++ goto out; + + if (outfd >= 0 && write(outfd, compressed ? buffer : raw, + map.m_llen) < 0) { +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-3.patch b/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-3.patch new file mode 100644 index 0000000000..c05d62c5dd --- /dev/null +++ b/poky/meta/recipes-devtools/erofs-utils/erofs-utils/CVE-2023-33552-3.patch @@ -0,0 +1,127 @@ +From b4e155ba759ae389c5f71cd13d97eb3bcf2c1adf Mon Sep 17 00:00:00 2001 +From: Gao Xiang <hsiangkao@linux.alibaba.com> +Date: Fri, 2 Jun 2023 11:05:19 +0800 +Subject: [PATCH] erofs-utils: fsck: don't allocate/read too large extents + +Since some crafted EROFS filesystem images could have insane large +extents, which causes unexpected bahaviors when extracting data. + +Fix it by extracting large extents with a buffer of a reasonable +maximum size limit and reading multiple times instead. + +Note that only `--extract` option is impacted. + +CVE: CVE-2023-33552 +Closes: https://nvd.nist.gov/vuln/detail/CVE-2023-33552 +Reported-by: Chaoming Yang <lometsj@live.com> +Fixes: 412c8f908132 ("erofs-utils: fsck: add --extract=X support to extract to path X") +Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com> +Link: https://lore.kernel.org/r/20230602030519.117071-1-hsiangkao@linux.alibaba.com + +CVE: CVE-2023-33552 +Upstream-Status: Backport [https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/patch/?id=2145dff03dd3f3f74bcda3b52160fbad37f7fcfe] +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + fsck/main.c | 64 ++++++++++++++++++++++++++++++++++++++++------------- + 1 file changed, 49 insertions(+), 15 deletions(-) + +diff --git a/fsck/main.c b/fsck/main.c +index 92ef17a..1bd1117 100644 +--- a/fsck/main.c ++++ b/fsck/main.c +@@ -392,6 +392,8 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd) + } + + while (pos < inode->i_size) { ++ unsigned int alloc_rawsize; ++ + map.m_la = pos; + if (compressed) + ret = z_erofs_map_blocks_iter(inode, &map, +@@ -420,10 +422,28 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd) + if (!(map.m_flags & EROFS_MAP_MAPPED) || !fsckcfg.check_decomp) + continue; + +- if (map.m_plen > raw_size) { +- raw_size = map.m_plen; +- raw = realloc(raw, raw_size); +- BUG_ON(!raw); ++ if (map.m_plen > Z_EROFS_PCLUSTER_MAX_SIZE) { ++ if (compressed) { ++ erofs_err("invalid pcluster size %" PRIu64 " @ offset %" PRIu64 " of nid %" PRIu64, ++ map.m_plen, map.m_la, ++ inode->nid | 0ULL); ++ ret = -EFSCORRUPTED; ++ goto out; ++ } ++ alloc_rawsize = Z_EROFS_PCLUSTER_MAX_SIZE; ++ } else { ++ alloc_rawsize = map.m_plen; ++ } ++ ++ if (alloc_rawsize > raw_size) { ++ char *newraw = realloc(raw, alloc_rawsize); ++ ++ if (!newraw) { ++ ret = -ENOMEM; ++ goto out; ++ } ++ raw = newraw; ++ raw_size = alloc_rawsize; + } + + if (compressed) { +@@ -434,18 +454,26 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd) + } + ret = z_erofs_read_one_data(inode, &map, raw, buffer, + 0, map.m_llen, false); +- } else { +- ret = erofs_read_one_data(&map, raw, 0, map.m_plen); +- } +- if (ret) +- goto out; ++ if (ret) ++ goto out; + +- if (outfd >= 0 && write(outfd, compressed ? buffer : raw, +- map.m_llen) < 0) { +- erofs_err("I/O error occurred when verifying data chunk @ nid %llu", +- inode->nid | 0ULL); +- ret = -EIO; +- goto out; ++ if (outfd >= 0 && write(outfd, buffer, map.m_llen) < 0) ++ goto fail_eio; ++ } else { ++ u64 p = 0; ++ do { ++ u64 count = min_t(u64, alloc_rawsize, ++ map.m_llen); ++ ++ ret = erofs_read_one_data(&map, raw, p, count); ++ if (ret) ++ goto out; ++ ++ if (outfd >= 0 && write(outfd, raw, count) < 0) ++ goto fail_eio; ++ map.m_llen -= count; ++ p += count; ++ } while (map.m_llen); + } + } + +@@ -461,6 +489,12 @@ out: + if (buffer) + free(buffer); + return ret < 0 ? ret : 0; ++ ++fail_eio: ++ erofs_err("I/O error occurred when verifying data chunk @ nid %llu", ++ inode->nid | 0ULL); ++ ret = -EIO; ++ goto out; + } + + static inline int erofs_extract_dir(struct erofs_inode *inode) +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.5.bb b/poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.5.bb index 2b5861882d..d7e646a66c 100644 --- a/poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.5.bb +++ b/poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.5.bb @@ -10,6 +10,10 @@ SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git;b file://0001-configure-use-AC_SYS_LARGEFILE.patch \ file://0002-erofs-replace-l-stat64-by-equivalent-l-stat.patch \ file://0003-internal.h-Make-LFS-mandatory-for-all-usecases.patch \ + file://CVE-2023-33551.patch \ + file://CVE-2023-33552-1.patch \ + file://CVE-2023-33552-2.patch \ + file://CVE-2023-33552-3.patch \ " UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>(\d+(\.\d+)+))" diff --git a/poky/meta/recipes-devtools/file/file_5.44.bb b/poky/meta/recipes-devtools/file/file_5.45.bb index 3090d346ed..a7127023cb 100644 --- a/poky/meta/recipes-devtools/file/file_5.44.bb +++ b/poky/meta/recipes-devtools/file/file_5.45.bb @@ -13,7 +13,7 @@ DEPENDS:class-native = "bzip2-replacement-native" SRC_URI = "git://github.com/file/file.git;branch=master;protocol=https" -SRCREV = "b92eed41b1bc0739c5c5d70c444e0c574429321b" +SRCREV = "4cbd5c8f0851201d203755b76cb66ba991ffd8be" S = "${WORKDIR}/git" inherit autotools update-alternatives @@ -45,9 +45,10 @@ do_install:append:class-native() { } do_install:append:class-nativesdk() { + create_wrapper ${D}/${bindir}/file MAGIC=${datadir}/misc/magic.mgc mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d cat <<- EOF > ${D}${SDKPATHNATIVE}/environment-setup.d/file.sh - export MAGIC="$OECORE_NATIVE_SYSROOT${datadir}/misc/magic.mgc" + export MAGIC="${datadir}/misc/magic.mgc" EOF } diff --git a/poky/meta/recipes-devtools/gcc/gcc-12.2.inc b/poky/meta/recipes-devtools/gcc/gcc-12.3.inc index 0dbbecad4a..5655b6f46d 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-12.2.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-12.3.inc @@ -2,11 +2,11 @@ require gcc-common.inc # Third digit in PV should be incremented after a minor release -PV = "12.2.0" +PV = "12.3.0" # BINV should be incremented to a revision after a minor gcc release -BINV = "12.2.0" +BINV = "12.3.0" FILESEXTRAPATHS =. "${FILE_DIRNAME}/gcc:${FILE_DIRNAME}/gcc/backport:" @@ -63,8 +63,10 @@ SRC_URI = "${BASEURI} \ file://0026-rust-recursion-limit.patch \ file://prefix-map-realpath.patch \ file://hardcoded-paths.patch \ + file://CVE-2023-4039.patch \ + file://0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch \ " -SRC_URI[sha256sum] = "e549cf9cf3594a00e27b6589d4322d70e0720cdd213f39beb4181e06926230ff" +SRC_URI[sha256sum] = "949a5d4f99e786421a93b532b22ffab5578de7321369975b91aec97adfda8c3b" S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/${SOURCEDIR}" B = "${WORKDIR}/gcc-${PV}/build.${HOST_SYS}.${TARGET_SYS}" diff --git a/poky/meta/recipes-devtools/gcc/gcc-configure-common.inc b/poky/meta/recipes-devtools/gcc/gcc-configure-common.inc index e4cdb73f0a..dba25eb754 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-configure-common.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-configure-common.inc @@ -40,7 +40,6 @@ EXTRA_OECONF = "\ ${@get_gcc_mips_plt_setting(bb, d)} \ ${@get_gcc_ppc_plt_settings(bb, d)} \ ${@get_gcc_multiarch_setting(bb, d)} \ - --enable-standard-branch-protection \ " # glibc version is a minimum controlling whether features are enabled. diff --git a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_12.2.bb b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_12.3.bb index bf53c5cd78..bf53c5cd78 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-cross-canadian_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-cross_12.2.bb b/poky/meta/recipes-devtools/gcc/gcc-cross_12.3.bb index b43cca0c52..b43cca0c52 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-cross_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-cross_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-crosssdk.inc b/poky/meta/recipes-devtools/gcc/gcc-crosssdk.inc index bd2e71d63f..74c4537f4f 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-crosssdk.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-crosssdk.inc @@ -10,3 +10,5 @@ GCCMULTILIB = "--disable-multilib" DEPENDS = "virtual/${TARGET_PREFIX}binutils-crosssdk gettext-native ${NATIVEDEPS}" PROVIDES = "virtual/${TARGET_PREFIX}gcc-crosssdk virtual/${TARGET_PREFIX}g++-crosssdk" + +gcc_multilib_setup[vardepsexclude] = "MULTILIB_VARIANTS" diff --git a/poky/meta/recipes-devtools/gcc/gcc-crosssdk_12.2.bb b/poky/meta/recipes-devtools/gcc/gcc-crosssdk_12.3.bb index 40a6c4feff..40a6c4feff 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-crosssdk_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-crosssdk_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-runtime_12.2.bb b/poky/meta/recipes-devtools/gcc/gcc-runtime_12.3.bb index dd430b57eb..dd430b57eb 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-runtime_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-runtime_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-sanitizers_12.2.bb b/poky/meta/recipes-devtools/gcc/gcc-sanitizers_12.3.bb index 8bda2ccad6..8bda2ccad6 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-sanitizers_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-sanitizers_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-source_12.2.bb b/poky/meta/recipes-devtools/gcc/gcc-source_12.3.bb index b890fa33ea..b890fa33ea 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-source_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc-source_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/gcc-testsuite.inc b/poky/meta/recipes-devtools/gcc/gcc-testsuite.inc index f68fec58ed..64f60c730f 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-testsuite.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-testsuite.inc @@ -51,9 +51,10 @@ python check_prepare() { # enable all valid instructions, since the test suite itself does not # limit itself to the target cpu options. # - valid for x86*, powerpc, arm, arm64 - if qemu_binary.lstrip("qemu-") in ["x86_64", "i386", "ppc", "arm", "aarch64"]: + if qemu_binary.lstrip("qemu-") in ["x86_64", "i386", "arm", "aarch64"]: args += ["-cpu", "max"] - + elif qemu_binary.lstrip("qemu-") in ["ppc"]: + args += d.getVar("QEMU_EXTRAOPTIONS_%s" % d.getVar('PACKAGE_ARCH')).split() sysroot = d.getVar("RECIPE_SYSROOT") args += ["-L", sysroot] # lib paths are static here instead of using $libdir since this is used by a -cross recipe diff --git a/poky/meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch b/poky/meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch new file mode 100644 index 0000000000..a408a98698 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch @@ -0,0 +1,117 @@ +From adb60dc78e0da4877747f32347cee339364775be Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Fri, 15 Sep 2023 09:19:14 +0100 +Subject: [PATCH] aarch64: Fix loose ldpstp check [PR111411] + +aarch64_operands_ok_for_ldpstp contained the code: + + /* One of the memory accesses must be a mempair operand. + If it is not the first one, they need to be swapped by the + peephole. */ + if (!aarch64_mem_pair_operand (mem_1, GET_MODE (mem_1)) + && !aarch64_mem_pair_operand (mem_2, GET_MODE (mem_2))) + return false; + +But the requirement isn't just that one of the accesses must be a +valid mempair operand. It's that the lower access must be, since +that's the access that will be used for the instruction operand. + +gcc/ + PR target/111411 + * config/aarch64/aarch64.cc (aarch64_operands_ok_for_ldpstp): Require + the lower memory access to a mem-pair operand. + +gcc/testsuite/ + PR target/111411 + * gcc.dg/rtl/aarch64/pr111411.c: New test. + +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=2d38f45bcca62ca0c7afef4b579f82c5c2a01610] +Signed-off-by: Martin Jansa <martin.jansa@gmail.com> +--- + gcc/config/aarch64/aarch64.cc | 8 ++- + gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c | 57 +++++++++++++++++++++ + 2 files changed, 60 insertions(+), 5 deletions(-) + create mode 100644 gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 6118a3354ac..9b1f791ca8b 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -26154,11 +26154,9 @@ aarch64_operands_ok_for_ldpstp (rtx *operands, bool load, + gcc_assert (known_eq (GET_MODE_SIZE (GET_MODE (mem_1)), + GET_MODE_SIZE (GET_MODE (mem_2)))); + +- /* One of the memory accesses must be a mempair operand. +- If it is not the first one, they need to be swapped by the +- peephole. */ +- if (!aarch64_mem_pair_operand (mem_1, GET_MODE (mem_1)) +- && !aarch64_mem_pair_operand (mem_2, GET_MODE (mem_2))) ++ /* The lower memory access must be a mem-pair operand. */ ++ rtx lower_mem = reversed ? mem_2 : mem_1; ++ if (!aarch64_mem_pair_operand (lower_mem, GET_MODE (lower_mem))) + return false; + + if (REG_P (reg_1) && FP_REGNUM_P (REGNO (reg_1))) +diff --git a/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c b/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c +new file mode 100644 +index 00000000000..ad07e9c6c89 +--- /dev/null ++++ b/gcc/testsuite/gcc.dg/rtl/aarch64/pr111411.c +@@ -0,0 +1,57 @@ ++/* { dg-do compile { target aarch64*-*-* } } */ ++/* { dg-require-effective-target lp64 } */ ++/* { dg-options "-O -fdisable-rtl-postreload -fpeephole2 -fno-schedule-fusion" } */ ++ ++extern int data[]; ++ ++void __RTL (startwith ("ira")) foo (void *ptr) ++{ ++ (function "foo" ++ (param "ptr" ++ (DECL_RTL (reg/v:DI <0> [ ptr ])) ++ (DECL_RTL_INCOMING (reg/v:DI x0 [ ptr ])) ++ ) ;; param "ptr" ++ (insn-chain ++ (block 2 ++ (edge-from entry (flags "FALLTHRU")) ++ (cnote 3 [bb 2] NOTE_INSN_BASIC_BLOCK) ++ (insn 4 (set (reg:DI <0>) (reg:DI x0))) ++ (insn 5 (set (reg:DI <1>) ++ (plus:DI (reg:DI <0>) (const_int 768)))) ++ (insn 6 (set (mem:SI (plus:DI (reg:DI <0>) ++ (const_int 508)) [1 &data+508 S4 A4]) ++ (const_int 0))) ++ (insn 7 (set (mem:SI (plus:DI (reg:DI <1>) ++ (const_int -256)) [1 &data+512 S4 A4]) ++ (const_int 0))) ++ (edge-to exit (flags "FALLTHRU")) ++ ) ;; block 2 ++ ) ;; insn-chain ++ ) ;; function ++} ++ ++void __RTL (startwith ("ira")) bar (void *ptr) ++{ ++ (function "bar" ++ (param "ptr" ++ (DECL_RTL (reg/v:DI <0> [ ptr ])) ++ (DECL_RTL_INCOMING (reg/v:DI x0 [ ptr ])) ++ ) ;; param "ptr" ++ (insn-chain ++ (block 2 ++ (edge-from entry (flags "FALLTHRU")) ++ (cnote 3 [bb 2] NOTE_INSN_BASIC_BLOCK) ++ (insn 4 (set (reg:DI <0>) (reg:DI x0))) ++ (insn 5 (set (reg:DI <1>) ++ (plus:DI (reg:DI <0>) (const_int 768)))) ++ (insn 6 (set (mem:SI (plus:DI (reg:DI <1>) ++ (const_int -256)) [1 &data+512 S4 A4]) ++ (const_int 0))) ++ (insn 7 (set (mem:SI (plus:DI (reg:DI <0>) ++ (const_int 508)) [1 &data+508 S4 A4]) ++ (const_int 0))) ++ (edge-to exit (flags "FALLTHRU")) ++ ) ;; block 2 ++ ) ;; insn-chain ++ ) ;; function ++} diff --git a/poky/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch b/poky/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch new file mode 100644 index 0000000000..8cb52849cd --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/CVE-2023-4039.patch @@ -0,0 +1,3093 @@ +From: Richard Sandiford <richard.sandiford@arm.com> +Subject: [PATCH 00/19] aarch64: Fix -fstack-protector issue +Date: Tue, 12 Sep 2023 16:25:10 +0100 + +This series of patches fixes deficiencies in GCC's -fstack-protector +implementation for AArch64 when using dynamically allocated stack space. +This is CVE-2023-4039. See: + +https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 +https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf + +for more details. + +The fix is to put the saved registers above the locals area when +-fstack-protector is used. + +The series also fixes a stack-clash problem that I found while working +on the CVE. In unpatched sources, the stack-clash problem would only +trigger for unrealistic numbers of arguments (8K 64-bit arguments, or an +equivalent). But it would be a more significant issue with the new +-fstack-protector frame layout. It's therefore important that both +problems are fixed together. + +Some reorganisation of the code seemed necessary to fix the problems in a +cleanish way. The series is therefore quite long, but only a handful of +patches should have any effect on code generation. + +See the individual patches for a detailed description. + +Tested on aarch64-linux-gnu. Pushed to trunk and to all active branches. +I've also pushed backports to GCC 7+ to vendors/ARM/heads/CVE-2023-4039. + +CVE: CVE-2023-4039 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> + + +From 62fbb215cc817e9f2c1ca80282a64f4ee30806bc Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:48 +0100 +Subject: [PATCH 01/19] aarch64: Use local frame vars in shrink-wrapping code + +aarch64_layout_frame uses a shorthand for referring to +cfun->machine->frame: + + aarch64_frame &frame = cfun->machine->frame; + +This patch does the same for some other heavy users of the structure. +No functional change intended. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_save_callee_saves): Use + a local shorthand for cfun->machine->frame. + (aarch64_restore_callee_saves, aarch64_get_separate_components): + (aarch64_process_components): Likewise. + (aarch64_allocate_and_probe_stack_space): Likewise. + (aarch64_expand_prologue, aarch64_expand_epilogue): Likewise. + (aarch64_layout_frame): Use existing shorthand for one more case. +--- + gcc/config/aarch64/aarch64.cc | 123 ++++++++++++++++++---------------- + 1 file changed, 64 insertions(+), 59 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 226dc9dffd4..ae42ffdedbe 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8351,7 +8351,7 @@ aarch64_layout_frame (void) + frame.is_scs_enabled + = (!crtl->calls_eh_return + && sanitize_flags_p (SANITIZE_SHADOW_CALL_STACK) +- && known_ge (cfun->machine->frame.reg_offset[LR_REGNUM], 0)); ++ && known_ge (frame.reg_offset[LR_REGNUM], 0)); + + /* When shadow call stack is enabled, the scs_pop in the epilogue will + restore x30, and we don't need to pop x30 again in the traditional +@@ -8763,6 +8763,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, + unsigned start, unsigned limit, bool skip_wb, + bool hard_fp_valid_p) + { ++ aarch64_frame &frame = cfun->machine->frame; + rtx_insn *insn; + unsigned regno; + unsigned regno2; +@@ -8777,8 +8778,8 @@ aarch64_save_callee_saves (poly_int64 start_offset, + bool frame_related_p = aarch64_emit_cfi_for_reg_p (regno); + + if (skip_wb +- && (regno == cfun->machine->frame.wb_push_candidate1 +- || regno == cfun->machine->frame.wb_push_candidate2)) ++ && (regno == frame.wb_push_candidate1 ++ || regno == frame.wb_push_candidate2)) + continue; + + if (cfun->machine->reg_is_wrapped_separately[regno]) +@@ -8786,7 +8787,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, + + machine_mode mode = aarch64_reg_save_mode (regno); + reg = gen_rtx_REG (mode, regno); +- offset = start_offset + cfun->machine->frame.reg_offset[regno]; ++ offset = start_offset + frame.reg_offset[regno]; + rtx base_rtx = stack_pointer_rtx; + poly_int64 sp_offset = offset; + +@@ -8799,7 +8800,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, + { + gcc_assert (known_eq (start_offset, 0)); + poly_int64 fp_offset +- = cfun->machine->frame.below_hard_fp_saved_regs_size; ++ = frame.below_hard_fp_saved_regs_size; + if (hard_fp_valid_p) + base_rtx = hard_frame_pointer_rtx; + else +@@ -8821,8 +8822,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, + && (regno2 = aarch64_next_callee_save (regno + 1, limit)) <= limit + && !cfun->machine->reg_is_wrapped_separately[regno2] + && known_eq (GET_MODE_SIZE (mode), +- cfun->machine->frame.reg_offset[regno2] +- - cfun->machine->frame.reg_offset[regno])) ++ frame.reg_offset[regno2] - frame.reg_offset[regno])) + { + rtx reg2 = gen_rtx_REG (mode, regno2); + rtx mem2; +@@ -8872,6 +8872,7 @@ static void + aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, + unsigned limit, bool skip_wb, rtx *cfi_ops) + { ++ aarch64_frame &frame = cfun->machine->frame; + unsigned regno; + unsigned regno2; + poly_int64 offset; +@@ -8888,13 +8889,13 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, + rtx reg, mem; + + if (skip_wb +- && (regno == cfun->machine->frame.wb_pop_candidate1 +- || regno == cfun->machine->frame.wb_pop_candidate2)) ++ && (regno == frame.wb_pop_candidate1 ++ || regno == frame.wb_pop_candidate2)) + continue; + + machine_mode mode = aarch64_reg_save_mode (regno); + reg = gen_rtx_REG (mode, regno); +- offset = start_offset + cfun->machine->frame.reg_offset[regno]; ++ offset = start_offset + frame.reg_offset[regno]; + rtx base_rtx = stack_pointer_rtx; + if (mode == VNx2DImode && BYTES_BIG_ENDIAN) + aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, +@@ -8905,8 +8906,7 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, + && (regno2 = aarch64_next_callee_save (regno + 1, limit)) <= limit + && !cfun->machine->reg_is_wrapped_separately[regno2] + && known_eq (GET_MODE_SIZE (mode), +- cfun->machine->frame.reg_offset[regno2] +- - cfun->machine->frame.reg_offset[regno])) ++ frame.reg_offset[regno2] - frame.reg_offset[regno])) + { + rtx reg2 = gen_rtx_REG (mode, regno2); + rtx mem2; +@@ -9011,6 +9011,7 @@ offset_12bit_unsigned_scaled_p (machine_mode mode, poly_int64 offset) + static sbitmap + aarch64_get_separate_components (void) + { ++ aarch64_frame &frame = cfun->machine->frame; + sbitmap components = sbitmap_alloc (LAST_SAVED_REGNUM + 1); + bitmap_clear (components); + +@@ -9027,18 +9028,18 @@ aarch64_get_separate_components (void) + if (mode == VNx2DImode && BYTES_BIG_ENDIAN) + continue; + +- poly_int64 offset = cfun->machine->frame.reg_offset[regno]; ++ poly_int64 offset = frame.reg_offset[regno]; + + /* If the register is saved in the first SVE save slot, we use + it as a stack probe for -fstack-clash-protection. */ + if (flag_stack_clash_protection +- && maybe_ne (cfun->machine->frame.below_hard_fp_saved_regs_size, 0) ++ && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) + && known_eq (offset, 0)) + continue; + + /* Get the offset relative to the register we'll use. */ + if (frame_pointer_needed) +- offset -= cfun->machine->frame.below_hard_fp_saved_regs_size; ++ offset -= frame.below_hard_fp_saved_regs_size; + else + offset += crtl->outgoing_args_size; + +@@ -9057,11 +9058,11 @@ aarch64_get_separate_components (void) + /* If the spare predicate register used by big-endian SVE code + is call-preserved, it must be saved in the main prologue + before any saves that use it. */ +- if (cfun->machine->frame.spare_pred_reg != INVALID_REGNUM) +- bitmap_clear_bit (components, cfun->machine->frame.spare_pred_reg); ++ if (frame.spare_pred_reg != INVALID_REGNUM) ++ bitmap_clear_bit (components, frame.spare_pred_reg); + +- unsigned reg1 = cfun->machine->frame.wb_push_candidate1; +- unsigned reg2 = cfun->machine->frame.wb_push_candidate2; ++ unsigned reg1 = frame.wb_push_candidate1; ++ unsigned reg2 = frame.wb_push_candidate2; + /* If registers have been chosen to be stored/restored with + writeback don't interfere with them to avoid having to output explicit + stack adjustment instructions. */ +@@ -9170,6 +9171,7 @@ aarch64_get_next_set_bit (sbitmap bmp, unsigned int start) + static void + aarch64_process_components (sbitmap components, bool prologue_p) + { ++ aarch64_frame &frame = cfun->machine->frame; + rtx ptr_reg = gen_rtx_REG (Pmode, frame_pointer_needed + ? HARD_FRAME_POINTER_REGNUM + : STACK_POINTER_REGNUM); +@@ -9184,9 +9186,9 @@ aarch64_process_components (sbitmap components, bool prologue_p) + machine_mode mode = aarch64_reg_save_mode (regno); + + rtx reg = gen_rtx_REG (mode, regno); +- poly_int64 offset = cfun->machine->frame.reg_offset[regno]; ++ poly_int64 offset = frame.reg_offset[regno]; + if (frame_pointer_needed) +- offset -= cfun->machine->frame.below_hard_fp_saved_regs_size; ++ offset -= frame.below_hard_fp_saved_regs_size; + else + offset += crtl->outgoing_args_size; + +@@ -9211,14 +9213,14 @@ aarch64_process_components (sbitmap components, bool prologue_p) + break; + } + +- poly_int64 offset2 = cfun->machine->frame.reg_offset[regno2]; ++ poly_int64 offset2 = frame.reg_offset[regno2]; + /* The next register is not of the same class or its offset is not + mergeable with the current one into a pair. */ + if (aarch64_sve_mode_p (mode) + || !satisfies_constraint_Ump (mem) + || GP_REGNUM_P (regno) != GP_REGNUM_P (regno2) + || (crtl->abi->id () == ARM_PCS_SIMD && FP_REGNUM_P (regno)) +- || maybe_ne ((offset2 - cfun->machine->frame.reg_offset[regno]), ++ || maybe_ne ((offset2 - frame.reg_offset[regno]), + GET_MODE_SIZE (mode))) + { + insn = emit_insn (set); +@@ -9240,7 +9242,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) + /* REGNO2 can be saved/restored in a pair with REGNO. */ + rtx reg2 = gen_rtx_REG (mode, regno2); + if (frame_pointer_needed) +- offset2 -= cfun->machine->frame.below_hard_fp_saved_regs_size; ++ offset2 -= frame.below_hard_fp_saved_regs_size; + else + offset2 += crtl->outgoing_args_size; + rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); +@@ -9335,6 +9337,7 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + bool frame_related_p, + bool final_adjustment_p) + { ++ aarch64_frame &frame = cfun->machine->frame; + HOST_WIDE_INT guard_size + = 1 << param_stack_clash_protection_guard_size; + HOST_WIDE_INT guard_used_by_caller = STACK_CLASH_CALLER_GUARD; +@@ -9355,25 +9358,25 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + register as a probe. We can't assume that LR was saved at position 0 + though, so treat any space below it as unprobed. */ + if (final_adjustment_p +- && known_eq (cfun->machine->frame.below_hard_fp_saved_regs_size, 0)) ++ && known_eq (frame.below_hard_fp_saved_regs_size, 0)) + { +- poly_int64 lr_offset = cfun->machine->frame.reg_offset[LR_REGNUM]; ++ poly_int64 lr_offset = frame.reg_offset[LR_REGNUM]; + if (known_ge (lr_offset, 0)) + min_probe_threshold -= lr_offset.to_constant (); + else + gcc_assert (!flag_stack_clash_protection || known_eq (poly_size, 0)); + } + +- poly_int64 frame_size = cfun->machine->frame.frame_size; ++ poly_int64 frame_size = frame.frame_size; + + /* We should always have a positive probe threshold. */ + gcc_assert (min_probe_threshold > 0); + + if (flag_stack_clash_protection && !final_adjustment_p) + { +- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; +- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; +- poly_int64 final_adjust = cfun->machine->frame.final_adjust; ++ poly_int64 initial_adjust = frame.initial_adjust; ++ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; ++ poly_int64 final_adjust = frame.final_adjust; + + if (known_eq (frame_size, 0)) + { +@@ -9662,17 +9665,18 @@ aarch64_epilogue_uses (int regno) + void + aarch64_expand_prologue (void) + { +- poly_int64 frame_size = cfun->machine->frame.frame_size; +- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; +- HOST_WIDE_INT callee_adjust = cfun->machine->frame.callee_adjust; +- poly_int64 final_adjust = cfun->machine->frame.final_adjust; +- poly_int64 callee_offset = cfun->machine->frame.callee_offset; +- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; ++ aarch64_frame &frame = cfun->machine->frame; ++ poly_int64 frame_size = frame.frame_size; ++ poly_int64 initial_adjust = frame.initial_adjust; ++ HOST_WIDE_INT callee_adjust = frame.callee_adjust; ++ poly_int64 final_adjust = frame.final_adjust; ++ poly_int64 callee_offset = frame.callee_offset; ++ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; + poly_int64 below_hard_fp_saved_regs_size +- = cfun->machine->frame.below_hard_fp_saved_regs_size; +- unsigned reg1 = cfun->machine->frame.wb_push_candidate1; +- unsigned reg2 = cfun->machine->frame.wb_push_candidate2; +- bool emit_frame_chain = cfun->machine->frame.emit_frame_chain; ++ = frame.below_hard_fp_saved_regs_size; ++ unsigned reg1 = frame.wb_push_candidate1; ++ unsigned reg2 = frame.wb_push_candidate2; ++ bool emit_frame_chain = frame.emit_frame_chain; + rtx_insn *insn; + + if (flag_stack_clash_protection && known_eq (callee_adjust, 0)) +@@ -9703,7 +9707,7 @@ aarch64_expand_prologue (void) + } + + /* Push return address to shadow call stack. */ +- if (cfun->machine->frame.is_scs_enabled) ++ if (frame.is_scs_enabled) + emit_insn (gen_scs_push ()); + + if (flag_stack_usage_info) +@@ -9742,7 +9746,7 @@ aarch64_expand_prologue (void) + + /* The offset of the frame chain record (if any) from the current SP. */ + poly_int64 chain_offset = (initial_adjust + callee_adjust +- - cfun->machine->frame.hard_fp_offset); ++ - frame.hard_fp_offset); + gcc_assert (known_ge (chain_offset, 0)); + + /* The offset of the bottom of the save area from the current SP. */ +@@ -9845,16 +9849,17 @@ aarch64_use_return_insn_p (void) + void + aarch64_expand_epilogue (bool for_sibcall) + { +- poly_int64 initial_adjust = cfun->machine->frame.initial_adjust; +- HOST_WIDE_INT callee_adjust = cfun->machine->frame.callee_adjust; +- poly_int64 final_adjust = cfun->machine->frame.final_adjust; +- poly_int64 callee_offset = cfun->machine->frame.callee_offset; +- poly_int64 sve_callee_adjust = cfun->machine->frame.sve_callee_adjust; ++ aarch64_frame &frame = cfun->machine->frame; ++ poly_int64 initial_adjust = frame.initial_adjust; ++ HOST_WIDE_INT callee_adjust = frame.callee_adjust; ++ poly_int64 final_adjust = frame.final_adjust; ++ poly_int64 callee_offset = frame.callee_offset; ++ poly_int64 sve_callee_adjust = frame.sve_callee_adjust; + poly_int64 below_hard_fp_saved_regs_size +- = cfun->machine->frame.below_hard_fp_saved_regs_size; +- unsigned reg1 = cfun->machine->frame.wb_pop_candidate1; +- unsigned reg2 = cfun->machine->frame.wb_pop_candidate2; +- unsigned int last_gpr = (cfun->machine->frame.is_scs_enabled ++ = frame.below_hard_fp_saved_regs_size; ++ unsigned reg1 = frame.wb_pop_candidate1; ++ unsigned reg2 = frame.wb_pop_candidate2; ++ unsigned int last_gpr = (frame.is_scs_enabled + ? R29_REGNUM : R30_REGNUM); + rtx cfi_ops = NULL; + rtx_insn *insn; +@@ -9888,7 +9893,7 @@ aarch64_expand_epilogue (bool for_sibcall) + /* We need to add memory barrier to prevent read from deallocated stack. */ + bool need_barrier_p + = maybe_ne (get_frame_size () +- + cfun->machine->frame.saved_varargs_size, 0); ++ + frame.saved_varargs_size, 0); + + /* Emit a barrier to prevent loads from a deallocated stack. */ + if (maybe_gt (final_adjust, crtl->outgoing_args_size) +@@ -9969,7 +9974,7 @@ aarch64_expand_epilogue (bool for_sibcall) + } + + /* Pop return address from shadow call stack. */ +- if (cfun->machine->frame.is_scs_enabled) ++ if (frame.is_scs_enabled) + { + machine_mode mode = aarch64_reg_save_mode (R30_REGNUM); + rtx reg = gen_rtx_REG (mode, R30_REGNUM); +@@ -12564,24 +12569,24 @@ aarch64_can_eliminate (const int from ATTRIBUTE_UNUSED, const int to) + poly_int64 + aarch64_initial_elimination_offset (unsigned from, unsigned to) + { ++ aarch64_frame &frame = cfun->machine->frame; ++ + if (to == HARD_FRAME_POINTER_REGNUM) + { + if (from == ARG_POINTER_REGNUM) +- return cfun->machine->frame.hard_fp_offset; ++ return frame.hard_fp_offset; + + if (from == FRAME_POINTER_REGNUM) +- return cfun->machine->frame.hard_fp_offset +- - cfun->machine->frame.locals_offset; ++ return frame.hard_fp_offset - frame.locals_offset; + } + + if (to == STACK_POINTER_REGNUM) + { + if (from == FRAME_POINTER_REGNUM) +- return cfun->machine->frame.frame_size +- - cfun->machine->frame.locals_offset; ++ return frame.frame_size - frame.locals_offset; + } + +- return cfun->machine->frame.frame_size; ++ return frame.frame_size; + } + + +-- +2.34.1 + + +From 12a8889de169f892d2e927584c00d20b8b7e456f Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:49 +0100 +Subject: [PATCH 02/19] aarch64: Avoid a use of callee_offset + +When we emit the frame chain, i.e. when we reach Here in this statement +of aarch64_expand_prologue: + + if (emit_frame_chain) + { + // Here + ... + } + +the stack is in one of two states: + +- We've allocated up to the frame chain, but no more. + +- We've allocated the whole frame, and the frame chain is within easy + reach of the new SP. + +The offset of the frame chain from the current SP is available +in aarch64_frame as callee_offset. It is also available as the +chain_offset local variable, where the latter is calculated from other +data. (However, chain_offset is not always equal to callee_offset when +!emit_frame_chain, so chain_offset isn't redundant.) + +In c600df9a4060da3c6121ff4d0b93f179eafd69d1 I switched to using +chain_offset for the initialisation of the hard frame pointer: + + aarch64_add_offset (Pmode, hard_frame_pointer_rtx, +- stack_pointer_rtx, callee_offset, ++ stack_pointer_rtx, chain_offset, + tmp1_rtx, tmp0_rtx, frame_pointer_needed); + +But the later REG_CFA_ADJUST_CFA handling still used callee_offset. + +I think the difference is harmless, but it's more logical for the +CFA note to be in sync, and it's more convenient for later patches +if it uses chain_offset. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_expand_prologue): Use + chain_offset rather than callee_offset. +--- + gcc/config/aarch64/aarch64.cc | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index ae42ffdedbe..79253322fd7 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -9670,7 +9670,6 @@ aarch64_expand_prologue (void) + poly_int64 initial_adjust = frame.initial_adjust; + HOST_WIDE_INT callee_adjust = frame.callee_adjust; + poly_int64 final_adjust = frame.final_adjust; +- poly_int64 callee_offset = frame.callee_offset; + poly_int64 sve_callee_adjust = frame.sve_callee_adjust; + poly_int64 below_hard_fp_saved_regs_size + = frame.below_hard_fp_saved_regs_size; +@@ -9783,8 +9782,7 @@ aarch64_expand_prologue (void) + implicit. */ + if (!find_reg_note (insn, REG_CFA_ADJUST_CFA, NULL_RTX)) + { +- rtx src = plus_constant (Pmode, stack_pointer_rtx, +- callee_offset); ++ rtx src = plus_constant (Pmode, stack_pointer_rtx, chain_offset); + add_reg_note (insn, REG_CFA_ADJUST_CFA, + gen_rtx_SET (hard_frame_pointer_rtx, src)); + } +-- +2.34.1 + + +From 03d5e89e7f3be53fd7142556e8e0a2774c653dca Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:49 +0100 +Subject: [PATCH 03/19] aarch64: Explicitly handle frames with no saved + registers + +If a frame has no saved registers, it can be allocated in one go. +There is no need to treat the areas below and above the saved +registers as separate. + +And if we allocate the frame in one go, it should be allocated +as the initial_adjust rather than the final_adjust. This allows the +frame size to grow to guard_size - guard_used_by_caller before a stack +probe is needed. (A frame with no register saves is necessarily a +leaf frame.) + +This is a no-op as thing stand, since a leaf function will have +no outgoing arguments, and so all the frame will be above where +the saved registers normally go. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_layout_frame): Explicitly + allocate the frame in one go if there are no saved registers. +--- + gcc/config/aarch64/aarch64.cc | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 79253322fd7..e1f21230c15 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8378,9 +8378,11 @@ aarch64_layout_frame (void) + + HOST_WIDE_INT const_size, const_outgoing_args_size, const_fp_offset; + HOST_WIDE_INT const_saved_regs_size; +- if (frame.frame_size.is_constant (&const_size) +- && const_size < max_push_offset +- && known_eq (frame.hard_fp_offset, const_size)) ++ if (known_eq (frame.saved_regs_size, 0)) ++ frame.initial_adjust = frame.frame_size; ++ else if (frame.frame_size.is_constant (&const_size) ++ && const_size < max_push_offset ++ && known_eq (frame.hard_fp_offset, const_size)) + { + /* Simple, small frame with no outgoing arguments: + +-- +2.34.1 + + +From 49c2eb7616756c323b7f6b18d8616ec945eb1263 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:49 +0100 +Subject: [PATCH 04/19] aarch64: Add bytes_below_saved_regs to frame info + +The frame layout code currently hard-codes the assumption that +the number of bytes below the saved registers is equal to the +size of the outgoing arguments. This patch abstracts that +value into a new field of aarch64_frame. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame::bytes_below_saved_regs): New + field. + * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize it, + and use it instead of crtl->outgoing_args_size. + (aarch64_get_separate_components): Use bytes_below_saved_regs instead + of outgoing_args_size. + (aarch64_process_components): Likewise. +--- + gcc/config/aarch64/aarch64.cc | 71 ++++++++++++++++++----------------- + gcc/config/aarch64/aarch64.h | 5 +++ + 2 files changed, 41 insertions(+), 35 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index e1f21230c15..94e1b686584 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8217,6 +8217,8 @@ aarch64_layout_frame (void) + gcc_assert (crtl->is_leaf + || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); + ++ frame.bytes_below_saved_regs = crtl->outgoing_args_size; ++ + /* Now assign stack slots for the registers. Start with the predicate + registers, since predicate LDR and STR have a relatively small + offset range. These saves happen below the hard frame pointer. */ +@@ -8321,18 +8323,18 @@ aarch64_layout_frame (void) + + poly_int64 varargs_and_saved_regs_size = offset + frame.saved_varargs_size; + +- poly_int64 above_outgoing_args ++ poly_int64 saved_regs_and_above + = aligned_upper_bound (varargs_and_saved_regs_size + + get_frame_size (), + STACK_BOUNDARY / BITS_PER_UNIT); + + frame.hard_fp_offset +- = above_outgoing_args - frame.below_hard_fp_saved_regs_size; ++ = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; + + /* Both these values are already aligned. */ +- gcc_assert (multiple_p (crtl->outgoing_args_size, ++ gcc_assert (multiple_p (frame.bytes_below_saved_regs, + STACK_BOUNDARY / BITS_PER_UNIT)); +- frame.frame_size = above_outgoing_args + crtl->outgoing_args_size; ++ frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; + + frame.locals_offset = frame.saved_varargs_size; + +@@ -8376,7 +8378,7 @@ aarch64_layout_frame (void) + else if (frame.wb_pop_candidate1 != INVALID_REGNUM) + max_push_offset = 256; + +- HOST_WIDE_INT const_size, const_outgoing_args_size, const_fp_offset; ++ HOST_WIDE_INT const_size, const_below_saved_regs, const_fp_offset; + HOST_WIDE_INT const_saved_regs_size; + if (known_eq (frame.saved_regs_size, 0)) + frame.initial_adjust = frame.frame_size; +@@ -8384,31 +8386,31 @@ aarch64_layout_frame (void) + && const_size < max_push_offset + && known_eq (frame.hard_fp_offset, const_size)) + { +- /* Simple, small frame with no outgoing arguments: ++ /* Simple, small frame with no data below the saved registers. + + stp reg1, reg2, [sp, -frame_size]! + stp reg3, reg4, [sp, 16] */ + frame.callee_adjust = const_size; + } +- else if (crtl->outgoing_args_size.is_constant (&const_outgoing_args_size) ++ else if (frame.bytes_below_saved_regs.is_constant (&const_below_saved_regs) + && frame.saved_regs_size.is_constant (&const_saved_regs_size) +- && const_outgoing_args_size + const_saved_regs_size < 512 +- /* We could handle this case even with outgoing args, provided +- that the number of args left us with valid offsets for all +- predicate and vector save slots. It's such a rare case that +- it hardly seems worth the effort though. */ +- && (!saves_below_hard_fp_p || const_outgoing_args_size == 0) ++ && const_below_saved_regs + const_saved_regs_size < 512 ++ /* We could handle this case even with data below the saved ++ registers, provided that that data left us with valid offsets ++ for all predicate and vector save slots. It's such a rare ++ case that it hardly seems worth the effort though. */ ++ && (!saves_below_hard_fp_p || const_below_saved_regs == 0) + && !(cfun->calls_alloca + && frame.hard_fp_offset.is_constant (&const_fp_offset) + && const_fp_offset < max_push_offset)) + { +- /* Frame with small outgoing arguments: ++ /* Frame with small area below the saved registers: + + sub sp, sp, frame_size +- stp reg1, reg2, [sp, outgoing_args_size] +- stp reg3, reg4, [sp, outgoing_args_size + 16] */ ++ stp reg1, reg2, [sp, bytes_below_saved_regs] ++ stp reg3, reg4, [sp, bytes_below_saved_regs + 16] */ + frame.initial_adjust = frame.frame_size; +- frame.callee_offset = const_outgoing_args_size; ++ frame.callee_offset = const_below_saved_regs; + } + else if (saves_below_hard_fp_p + && known_eq (frame.saved_regs_size, +@@ -8418,30 +8420,29 @@ aarch64_layout_frame (void) + + sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size + save SVE registers relative to SP +- sub sp, sp, outgoing_args_size */ ++ sub sp, sp, bytes_below_saved_regs */ + frame.initial_adjust = (frame.hard_fp_offset + + frame.below_hard_fp_saved_regs_size); +- frame.final_adjust = crtl->outgoing_args_size; ++ frame.final_adjust = frame.bytes_below_saved_regs; + } + else if (frame.hard_fp_offset.is_constant (&const_fp_offset) + && const_fp_offset < max_push_offset) + { +- /* Frame with large outgoing arguments or SVE saves, but with +- a small local area: ++ /* Frame with large area below the saved registers, or with SVE saves, ++ but with a small area above: + + stp reg1, reg2, [sp, -hard_fp_offset]! + stp reg3, reg4, [sp, 16] + [sub sp, sp, below_hard_fp_saved_regs_size] + [save SVE registers relative to SP] +- sub sp, sp, outgoing_args_size */ ++ sub sp, sp, bytes_below_saved_regs */ + frame.callee_adjust = const_fp_offset; + frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; +- frame.final_adjust = crtl->outgoing_args_size; ++ frame.final_adjust = frame.bytes_below_saved_regs; + } + else + { +- /* Frame with large local area and outgoing arguments or SVE saves, +- using frame pointer: ++ /* General case: + + sub sp, sp, hard_fp_offset + stp x29, x30, [sp, 0] +@@ -8449,10 +8450,10 @@ aarch64_layout_frame (void) + stp reg3, reg4, [sp, 16] + [sub sp, sp, below_hard_fp_saved_regs_size] + [save SVE registers relative to SP] +- sub sp, sp, outgoing_args_size */ ++ sub sp, sp, bytes_below_saved_regs */ + frame.initial_adjust = frame.hard_fp_offset; + frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; +- frame.final_adjust = crtl->outgoing_args_size; ++ frame.final_adjust = frame.bytes_below_saved_regs; + } + + /* Make sure the individual adjustments add up to the full frame size. */ +@@ -9043,7 +9044,7 @@ aarch64_get_separate_components (void) + if (frame_pointer_needed) + offset -= frame.below_hard_fp_saved_regs_size; + else +- offset += crtl->outgoing_args_size; ++ offset += frame.bytes_below_saved_regs; + + /* Check that we can access the stack slot of the register with one + direct load with no adjustments needed. */ +@@ -9192,7 +9193,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) + if (frame_pointer_needed) + offset -= frame.below_hard_fp_saved_regs_size; + else +- offset += crtl->outgoing_args_size; ++ offset += frame.bytes_below_saved_regs; + + rtx addr = plus_constant (Pmode, ptr_reg, offset); + rtx mem = gen_frame_mem (mode, addr); +@@ -9246,7 +9247,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) + if (frame_pointer_needed) + offset2 -= frame.below_hard_fp_saved_regs_size; + else +- offset2 += crtl->outgoing_args_size; ++ offset2 += frame.bytes_below_saved_regs; + rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); + rtx mem2 = gen_frame_mem (mode, addr2); + rtx set2 = prologue_p ? gen_rtx_SET (mem2, reg2) +@@ -9320,10 +9321,10 @@ aarch64_stack_clash_protection_alloca_probe_range (void) + registers. If POLY_SIZE is not large enough to require a probe this function + will only adjust the stack. When allocating the stack space + FRAME_RELATED_P is then used to indicate if the allocation is frame related. +- FINAL_ADJUSTMENT_P indicates whether we are allocating the outgoing +- arguments. If we are then we ensure that any allocation larger than the ABI +- defined buffer needs a probe so that the invariant of having a 1KB buffer is +- maintained. ++ FINAL_ADJUSTMENT_P indicates whether we are allocating the area below ++ the saved registers. If we are then we ensure that any allocation ++ larger than the ABI defined buffer needs a probe so that the ++ invariant of having a 1KB buffer is maintained. + + We emit barriers after each stack adjustment to prevent optimizations from + breaking the invariant that we never drop the stack more than a page. This +@@ -9532,7 +9533,7 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + /* Handle any residuals. Residuals of at least MIN_PROBE_THRESHOLD have to + be probed. This maintains the requirement that each page is probed at + least once. For initial probing we probe only if the allocation is +- more than GUARD_SIZE - buffer, and for the outgoing arguments we probe ++ more than GUARD_SIZE - buffer, and below the saved registers we probe + if the amount is larger than buffer. GUARD_SIZE - buffer + buffer == + GUARD_SIZE. This works that for any allocation that is large enough to + trigger a probe here, we'll have at least one, and if they're not large +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index 6834c3e9922..1e105e12db8 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -871,6 +871,11 @@ struct GTY (()) aarch64_frame + /* The size of the callee-save registers with a slot in REG_OFFSET. */ + poly_int64 saved_regs_size; + ++ /* The number of bytes between the bottom of the static frame (the bottom ++ of the outgoing arguments) and the bottom of the register save area. ++ This value is always a multiple of STACK_BOUNDARY. */ ++ poly_int64 bytes_below_saved_regs; ++ + /* The size of the callee-save registers with a slot in REG_OFFSET that + are saved below the hard frame pointer. */ + poly_int64 below_hard_fp_saved_regs_size; +-- +2.34.1 + + +From 34081079ea4de0c98331843f574b5f6f94d7b234 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:50 +0100 +Subject: [PATCH 05/19] aarch64: Add bytes_below_hard_fp to frame info + +Following on from the previous bytes_below_saved_regs patch, this one +records the number of bytes that are below the hard frame pointer. +This eventually replaces below_hard_fp_saved_regs_size. + +If a frame pointer is not needed, the epilogue adds final_adjust +to the stack pointer before restoring registers: + + aarch64_add_sp (tmp1_rtx, tmp0_rtx, final_adjust, true); + +Therefore, if the epilogue needs to restore the stack pointer from +the hard frame pointer, the directly corresponding offset is: + + -bytes_below_hard_fp + final_adjust + +i.e. go from the hard frame pointer to the bottom of the frame, +then add the same amount as if we were using the stack pointer +from the outset. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame::bytes_below_hard_fp): New + field. + * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize it. + (aarch64_expand_epilogue): Use it instead of + below_hard_fp_saved_regs_size. +--- + gcc/config/aarch64/aarch64.cc | 6 +++--- + gcc/config/aarch64/aarch64.h | 5 +++++ + 2 files changed, 8 insertions(+), 3 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 94e1b686584..c7d84245fbf 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8269,6 +8269,7 @@ aarch64_layout_frame (void) + of the callee save area. */ + bool saves_below_hard_fp_p = maybe_ne (offset, 0); + frame.below_hard_fp_saved_regs_size = offset; ++ frame.bytes_below_hard_fp = offset + frame.bytes_below_saved_regs; + if (frame.emit_frame_chain) + { + /* FP and LR are placed in the linkage record. */ +@@ -9856,8 +9857,7 @@ aarch64_expand_epilogue (bool for_sibcall) + poly_int64 final_adjust = frame.final_adjust; + poly_int64 callee_offset = frame.callee_offset; + poly_int64 sve_callee_adjust = frame.sve_callee_adjust; +- poly_int64 below_hard_fp_saved_regs_size +- = frame.below_hard_fp_saved_regs_size; ++ poly_int64 bytes_below_hard_fp = frame.bytes_below_hard_fp; + unsigned reg1 = frame.wb_pop_candidate1; + unsigned reg2 = frame.wb_pop_candidate2; + unsigned int last_gpr = (frame.is_scs_enabled +@@ -9915,7 +9915,7 @@ aarch64_expand_epilogue (bool for_sibcall) + is restored on the instruction doing the writeback. */ + aarch64_add_offset (Pmode, stack_pointer_rtx, + hard_frame_pointer_rtx, +- -callee_offset - below_hard_fp_saved_regs_size, ++ -bytes_below_hard_fp + final_adjust, + tmp1_rtx, tmp0_rtx, callee_adjust == 0); + else + /* The case where we need to re-use the register here is very rare, so +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index 1e105e12db8..de68ff7202f 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -880,6 +880,11 @@ struct GTY (()) aarch64_frame + are saved below the hard frame pointer. */ + poly_int64 below_hard_fp_saved_regs_size; + ++ /* The number of bytes between the bottom of the static frame (the bottom ++ of the outgoing arguments) and the hard frame pointer. This value is ++ always a multiple of STACK_BOUNDARY. */ ++ poly_int64 bytes_below_hard_fp; ++ + /* Offset from the base of the frame (incomming SP) to the + top of the locals area. This value is always a multiple of + STACK_BOUNDARY. */ +-- +2.34.1 + + +From 187861af7c51db9eddc6f954b589c121b210fc74 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:50 +0100 +Subject: [PATCH 06/19] aarch64: Tweak aarch64_save/restore_callee_saves + +aarch64_save_callee_saves and aarch64_restore_callee_saves took +a parameter called start_offset that gives the offset of the +bottom of the saved register area from the current stack pointer. +However, it's more convenient for later patches if we use the +bottom of the entire frame as the reference point, rather than +the bottom of the saved registers. + +Doing that removes the need for the callee_offset field. +Other than that, this is not a win on its own. It only really +makes sense in combination with the follow-on patches. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame::callee_offset): Delete. + * config/aarch64/aarch64.cc (aarch64_layout_frame): Remove + callee_offset handling. + (aarch64_save_callee_saves): Replace the start_offset parameter + with a bytes_below_sp parameter. + (aarch64_restore_callee_saves): Likewise. + (aarch64_expand_prologue): Update accordingly. + (aarch64_expand_epilogue): Likewise. +--- + gcc/config/aarch64/aarch64.cc | 56 +++++++++++++++++------------------ + gcc/config/aarch64/aarch64.h | 4 --- + 2 files changed, 28 insertions(+), 32 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index c7d84245fbf..e79551af41d 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8343,7 +8343,6 @@ aarch64_layout_frame (void) + frame.final_adjust = 0; + frame.callee_adjust = 0; + frame.sve_callee_adjust = 0; +- frame.callee_offset = 0; + + frame.wb_pop_candidate1 = frame.wb_push_candidate1; + frame.wb_pop_candidate2 = frame.wb_push_candidate2; +@@ -8411,7 +8410,6 @@ aarch64_layout_frame (void) + stp reg1, reg2, [sp, bytes_below_saved_regs] + stp reg3, reg4, [sp, bytes_below_saved_regs + 16] */ + frame.initial_adjust = frame.frame_size; +- frame.callee_offset = const_below_saved_regs; + } + else if (saves_below_hard_fp_p + && known_eq (frame.saved_regs_size, +@@ -8758,12 +8756,13 @@ aarch64_add_cfa_expression (rtx_insn *insn, rtx reg, + } + + /* Emit code to save the callee-saved registers from register number START +- to LIMIT to the stack at the location starting at offset START_OFFSET, +- skipping any write-back candidates if SKIP_WB is true. HARD_FP_VALID_P +- is true if the hard frame pointer has been set up. */ ++ to LIMIT to the stack. The stack pointer is currently BYTES_BELOW_SP ++ bytes above the bottom of the static frame. Skip any write-back ++ candidates if SKIP_WB is true. HARD_FP_VALID_P is true if the hard ++ frame pointer has been set up. */ + + static void +-aarch64_save_callee_saves (poly_int64 start_offset, ++aarch64_save_callee_saves (poly_int64 bytes_below_sp, + unsigned start, unsigned limit, bool skip_wb, + bool hard_fp_valid_p) + { +@@ -8791,7 +8790,9 @@ aarch64_save_callee_saves (poly_int64 start_offset, + + machine_mode mode = aarch64_reg_save_mode (regno); + reg = gen_rtx_REG (mode, regno); +- offset = start_offset + frame.reg_offset[regno]; ++ offset = (frame.reg_offset[regno] ++ + frame.bytes_below_saved_regs ++ - bytes_below_sp); + rtx base_rtx = stack_pointer_rtx; + poly_int64 sp_offset = offset; + +@@ -8802,9 +8803,7 @@ aarch64_save_callee_saves (poly_int64 start_offset, + else if (GP_REGNUM_P (regno) + && (!offset.is_constant (&const_offset) || const_offset >= 512)) + { +- gcc_assert (known_eq (start_offset, 0)); +- poly_int64 fp_offset +- = frame.below_hard_fp_saved_regs_size; ++ poly_int64 fp_offset = frame.bytes_below_hard_fp - bytes_below_sp; + if (hard_fp_valid_p) + base_rtx = hard_frame_pointer_rtx; + else +@@ -8868,12 +8867,13 @@ aarch64_save_callee_saves (poly_int64 start_offset, + } + + /* Emit code to restore the callee registers from register number START +- up to and including LIMIT. Restore from the stack offset START_OFFSET, +- skipping any write-back candidates if SKIP_WB is true. Write the +- appropriate REG_CFA_RESTORE notes into CFI_OPS. */ ++ up to and including LIMIT. The stack pointer is currently BYTES_BELOW_SP ++ bytes above the bottom of the static frame. Skip any write-back ++ candidates if SKIP_WB is true. Write the appropriate REG_CFA_RESTORE ++ notes into CFI_OPS. */ + + static void +-aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, ++aarch64_restore_callee_saves (poly_int64 bytes_below_sp, unsigned start, + unsigned limit, bool skip_wb, rtx *cfi_ops) + { + aarch64_frame &frame = cfun->machine->frame; +@@ -8899,7 +8899,9 @@ aarch64_restore_callee_saves (poly_int64 start_offset, unsigned start, + + machine_mode mode = aarch64_reg_save_mode (regno); + reg = gen_rtx_REG (mode, regno); +- offset = start_offset + frame.reg_offset[regno]; ++ offset = (frame.reg_offset[regno] ++ + frame.bytes_below_saved_regs ++ - bytes_below_sp); + rtx base_rtx = stack_pointer_rtx; + if (mode == VNx2DImode && BYTES_BIG_ENDIAN) + aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, +@@ -9675,8 +9677,6 @@ aarch64_expand_prologue (void) + HOST_WIDE_INT callee_adjust = frame.callee_adjust; + poly_int64 final_adjust = frame.final_adjust; + poly_int64 sve_callee_adjust = frame.sve_callee_adjust; +- poly_int64 below_hard_fp_saved_regs_size +- = frame.below_hard_fp_saved_regs_size; + unsigned reg1 = frame.wb_push_candidate1; + unsigned reg2 = frame.wb_push_candidate2; + bool emit_frame_chain = frame.emit_frame_chain; +@@ -9752,8 +9752,8 @@ aarch64_expand_prologue (void) + - frame.hard_fp_offset); + gcc_assert (known_ge (chain_offset, 0)); + +- /* The offset of the bottom of the save area from the current SP. */ +- poly_int64 saved_regs_offset = chain_offset - below_hard_fp_saved_regs_size; ++ /* The offset of the current SP from the bottom of the static frame. */ ++ poly_int64 bytes_below_sp = frame_size - initial_adjust - callee_adjust; + + if (emit_frame_chain) + { +@@ -9761,7 +9761,7 @@ aarch64_expand_prologue (void) + { + reg1 = R29_REGNUM; + reg2 = R30_REGNUM; +- aarch64_save_callee_saves (saved_regs_offset, reg1, reg2, ++ aarch64_save_callee_saves (bytes_below_sp, reg1, reg2, + false, false); + } + else +@@ -9801,7 +9801,7 @@ aarch64_expand_prologue (void) + emit_insn (gen_stack_tie (stack_pointer_rtx, hard_frame_pointer_rtx)); + } + +- aarch64_save_callee_saves (saved_regs_offset, R0_REGNUM, R30_REGNUM, ++ aarch64_save_callee_saves (bytes_below_sp, R0_REGNUM, R30_REGNUM, + callee_adjust != 0 || emit_frame_chain, + emit_frame_chain); + if (maybe_ne (sve_callee_adjust, 0)) +@@ -9811,16 +9811,17 @@ aarch64_expand_prologue (void) + aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, + sve_callee_adjust, + !frame_pointer_needed, false); +- saved_regs_offset += sve_callee_adjust; ++ bytes_below_sp -= sve_callee_adjust; + } +- aarch64_save_callee_saves (saved_regs_offset, P0_REGNUM, P15_REGNUM, ++ aarch64_save_callee_saves (bytes_below_sp, P0_REGNUM, P15_REGNUM, + false, emit_frame_chain); +- aarch64_save_callee_saves (saved_regs_offset, V0_REGNUM, V31_REGNUM, ++ aarch64_save_callee_saves (bytes_below_sp, V0_REGNUM, V31_REGNUM, + callee_adjust != 0 || emit_frame_chain, + emit_frame_chain); + + /* We may need to probe the final adjustment if it is larger than the guard + that is assumed by the called. */ ++ gcc_assert (known_eq (bytes_below_sp, final_adjust)); + aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, final_adjust, + !frame_pointer_needed, true); + } +@@ -9855,7 +9856,6 @@ aarch64_expand_epilogue (bool for_sibcall) + poly_int64 initial_adjust = frame.initial_adjust; + HOST_WIDE_INT callee_adjust = frame.callee_adjust; + poly_int64 final_adjust = frame.final_adjust; +- poly_int64 callee_offset = frame.callee_offset; + poly_int64 sve_callee_adjust = frame.sve_callee_adjust; + poly_int64 bytes_below_hard_fp = frame.bytes_below_hard_fp; + unsigned reg1 = frame.wb_pop_candidate1; +@@ -9925,9 +9925,9 @@ aarch64_expand_epilogue (bool for_sibcall) + + /* Restore the vector registers before the predicate registers, + so that we can use P4 as a temporary for big-endian SVE frames. */ +- aarch64_restore_callee_saves (callee_offset, V0_REGNUM, V31_REGNUM, ++ aarch64_restore_callee_saves (final_adjust, V0_REGNUM, V31_REGNUM, + callee_adjust != 0, &cfi_ops); +- aarch64_restore_callee_saves (callee_offset, P0_REGNUM, P15_REGNUM, ++ aarch64_restore_callee_saves (final_adjust, P0_REGNUM, P15_REGNUM, + false, &cfi_ops); + if (maybe_ne (sve_callee_adjust, 0)) + aarch64_add_sp (NULL_RTX, NULL_RTX, sve_callee_adjust, true); +@@ -9935,7 +9935,7 @@ aarch64_expand_epilogue (bool for_sibcall) + /* When shadow call stack is enabled, the scs_pop in the epilogue will + restore x30, we don't need to restore x30 again in the traditional + way. */ +- aarch64_restore_callee_saves (callee_offset - sve_callee_adjust, ++ aarch64_restore_callee_saves (final_adjust + sve_callee_adjust, + R0_REGNUM, last_gpr, + callee_adjust != 0, &cfi_ops); + +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index de68ff7202f..94fca4b9471 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -907,10 +907,6 @@ struct GTY (()) aarch64_frame + It is zero when no push is used. */ + HOST_WIDE_INT callee_adjust; + +- /* The offset from SP to the callee-save registers after initial_adjust. +- It may be non-zero if no push is used (ie. callee_adjust == 0). */ +- poly_int64 callee_offset; +- + /* The size of the stack adjustment before saving or after restoring + SVE registers. */ + poly_int64 sve_callee_adjust; +-- +2.34.1 + + +From 2b983f9064d808daf909bde1d4a13980934a7e6e Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:51 +0100 +Subject: [PATCH 07/19] aarch64: Only calculate chain_offset if there is a + chain + +After previous patches, it is no longer necessary to calculate +a chain_offset in cases where there is no chain record. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_expand_prologue): Move the + calculation of chain_offset into the emit_frame_chain block. +--- + gcc/config/aarch64/aarch64.cc | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index e79551af41d..d71a042d611 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -9747,16 +9747,16 @@ aarch64_expand_prologue (void) + if (callee_adjust != 0) + aarch64_push_regs (reg1, reg2, callee_adjust); + +- /* The offset of the frame chain record (if any) from the current SP. */ +- poly_int64 chain_offset = (initial_adjust + callee_adjust +- - frame.hard_fp_offset); +- gcc_assert (known_ge (chain_offset, 0)); +- + /* The offset of the current SP from the bottom of the static frame. */ + poly_int64 bytes_below_sp = frame_size - initial_adjust - callee_adjust; + + if (emit_frame_chain) + { ++ /* The offset of the frame chain record (if any) from the current SP. */ ++ poly_int64 chain_offset = (initial_adjust + callee_adjust ++ - frame.hard_fp_offset); ++ gcc_assert (known_ge (chain_offset, 0)); ++ + if (callee_adjust == 0) + { + reg1 = R29_REGNUM; +-- +2.34.1 + + +From 0a0a824808d1dec51004fb5805c1a0ae2a35433f Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:51 +0100 +Subject: [PATCH 08/19] aarch64: Rename locals_offset to bytes_above_locals +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +locals_offset was described as: + + /* Offset from the base of the frame (incomming SP) to the + top of the locals area. This value is always a multiple of + STACK_BOUNDARY. */ + +This is implicitly an “upside down” view of the frame: the incoming +SP is at offset 0, and anything N bytes below the incoming SP is at +offset N (rather than -N). + +However, reg_offset instead uses a “right way up” view; that is, +it views offsets in address terms. Something above X is at a +positive offset from X and something below X is at a negative +offset from X. + +Also, even on FRAME_GROWS_DOWNWARD targets like AArch64, +target-independent code views offsets in address terms too: +locals are allocated at negative offsets to virtual_stack_vars. + +It seems confusing to have *_offset fields of the same structure +using different polarities like this. This patch tries to avoid +that by renaming locals_offset to bytes_above_locals. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame::locals_offset): Rename to... + (aarch64_frame::bytes_above_locals): ...this. + * config/aarch64/aarch64.cc (aarch64_layout_frame) + (aarch64_initial_elimination_offset): Update accordingly. +--- + gcc/config/aarch64/aarch64.cc | 6 +++--- + gcc/config/aarch64/aarch64.h | 6 +++--- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index d71a042d611..d4ec352ba98 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8337,7 +8337,7 @@ aarch64_layout_frame (void) + STACK_BOUNDARY / BITS_PER_UNIT)); + frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; + +- frame.locals_offset = frame.saved_varargs_size; ++ frame.bytes_above_locals = frame.saved_varargs_size; + + frame.initial_adjust = 0; + frame.final_adjust = 0; +@@ -12578,13 +12578,13 @@ aarch64_initial_elimination_offset (unsigned from, unsigned to) + return frame.hard_fp_offset; + + if (from == FRAME_POINTER_REGNUM) +- return frame.hard_fp_offset - frame.locals_offset; ++ return frame.hard_fp_offset - frame.bytes_above_locals; + } + + if (to == STACK_POINTER_REGNUM) + { + if (from == FRAME_POINTER_REGNUM) +- return frame.frame_size - frame.locals_offset; ++ return frame.frame_size - frame.bytes_above_locals; + } + + return frame.frame_size; +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index 94fca4b9471..bf46e6124aa 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -885,10 +885,10 @@ struct GTY (()) aarch64_frame + always a multiple of STACK_BOUNDARY. */ + poly_int64 bytes_below_hard_fp; + +- /* Offset from the base of the frame (incomming SP) to the +- top of the locals area. This value is always a multiple of ++ /* The number of bytes between the top of the locals area and the top ++ of the frame (the incomming SP). This value is always a multiple of + STACK_BOUNDARY. */ +- poly_int64 locals_offset; ++ poly_int64 bytes_above_locals; + + /* Offset from the base of the frame (incomming SP) to the + hard_frame_pointer. This value is always a multiple of +-- +2.34.1 + + +From 3fbf0789202b30a67b12e1fb785c7130f098d665 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:52 +0100 +Subject: [PATCH 09/19] aarch64: Rename hard_fp_offset to bytes_above_hard_fp +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Similarly to the previous locals_offset patch, hard_fp_offset +was described as: + + /* Offset from the base of the frame (incomming SP) to the + hard_frame_pointer. This value is always a multiple of + STACK_BOUNDARY. */ + poly_int64 hard_fp_offset; + +which again took an “upside-down” view: higher offsets meant lower +addresses. This patch renames the field to bytes_above_hard_fp instead. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame::hard_fp_offset): Rename + to... + (aarch64_frame::bytes_above_hard_fp): ...this. + * config/aarch64/aarch64.cc (aarch64_layout_frame) + (aarch64_expand_prologue): Update accordingly. + (aarch64_initial_elimination_offset): Likewise. +--- + gcc/config/aarch64/aarch64.cc | 26 +++++++++++++------------- + gcc/config/aarch64/aarch64.h | 6 +++--- + 2 files changed, 16 insertions(+), 16 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index d4ec352ba98..3c4052740e7 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8329,7 +8329,7 @@ aarch64_layout_frame (void) + + get_frame_size (), + STACK_BOUNDARY / BITS_PER_UNIT); + +- frame.hard_fp_offset ++ frame.bytes_above_hard_fp + = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; + + /* Both these values are already aligned. */ +@@ -8378,13 +8378,13 @@ aarch64_layout_frame (void) + else if (frame.wb_pop_candidate1 != INVALID_REGNUM) + max_push_offset = 256; + +- HOST_WIDE_INT const_size, const_below_saved_regs, const_fp_offset; ++ HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; + HOST_WIDE_INT const_saved_regs_size; + if (known_eq (frame.saved_regs_size, 0)) + frame.initial_adjust = frame.frame_size; + else if (frame.frame_size.is_constant (&const_size) + && const_size < max_push_offset +- && known_eq (frame.hard_fp_offset, const_size)) ++ && known_eq (frame.bytes_above_hard_fp, const_size)) + { + /* Simple, small frame with no data below the saved registers. + +@@ -8401,8 +8401,8 @@ aarch64_layout_frame (void) + case that it hardly seems worth the effort though. */ + && (!saves_below_hard_fp_p || const_below_saved_regs == 0) + && !(cfun->calls_alloca +- && frame.hard_fp_offset.is_constant (&const_fp_offset) +- && const_fp_offset < max_push_offset)) ++ && frame.bytes_above_hard_fp.is_constant (&const_above_fp) ++ && const_above_fp < max_push_offset)) + { + /* Frame with small area below the saved registers: + +@@ -8420,12 +8420,12 @@ aarch64_layout_frame (void) + sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size + save SVE registers relative to SP + sub sp, sp, bytes_below_saved_regs */ +- frame.initial_adjust = (frame.hard_fp_offset ++ frame.initial_adjust = (frame.bytes_above_hard_fp + + frame.below_hard_fp_saved_regs_size); + frame.final_adjust = frame.bytes_below_saved_regs; + } +- else if (frame.hard_fp_offset.is_constant (&const_fp_offset) +- && const_fp_offset < max_push_offset) ++ else if (frame.bytes_above_hard_fp.is_constant (&const_above_fp) ++ && const_above_fp < max_push_offset) + { + /* Frame with large area below the saved registers, or with SVE saves, + but with a small area above: +@@ -8435,7 +8435,7 @@ aarch64_layout_frame (void) + [sub sp, sp, below_hard_fp_saved_regs_size] + [save SVE registers relative to SP] + sub sp, sp, bytes_below_saved_regs */ +- frame.callee_adjust = const_fp_offset; ++ frame.callee_adjust = const_above_fp; + frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; + frame.final_adjust = frame.bytes_below_saved_regs; + } +@@ -8450,7 +8450,7 @@ aarch64_layout_frame (void) + [sub sp, sp, below_hard_fp_saved_regs_size] + [save SVE registers relative to SP] + sub sp, sp, bytes_below_saved_regs */ +- frame.initial_adjust = frame.hard_fp_offset; ++ frame.initial_adjust = frame.bytes_above_hard_fp; + frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; + frame.final_adjust = frame.bytes_below_saved_regs; + } +@@ -9754,7 +9754,7 @@ aarch64_expand_prologue (void) + { + /* The offset of the frame chain record (if any) from the current SP. */ + poly_int64 chain_offset = (initial_adjust + callee_adjust +- - frame.hard_fp_offset); ++ - frame.bytes_above_hard_fp); + gcc_assert (known_ge (chain_offset, 0)); + + if (callee_adjust == 0) +@@ -12575,10 +12575,10 @@ aarch64_initial_elimination_offset (unsigned from, unsigned to) + if (to == HARD_FRAME_POINTER_REGNUM) + { + if (from == ARG_POINTER_REGNUM) +- return frame.hard_fp_offset; ++ return frame.bytes_above_hard_fp; + + if (from == FRAME_POINTER_REGNUM) +- return frame.hard_fp_offset - frame.bytes_above_locals; ++ return frame.bytes_above_hard_fp - frame.bytes_above_locals; + } + + if (to == STACK_POINTER_REGNUM) +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index bf46e6124aa..dd1f403f939 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -890,10 +890,10 @@ struct GTY (()) aarch64_frame + STACK_BOUNDARY. */ + poly_int64 bytes_above_locals; + +- /* Offset from the base of the frame (incomming SP) to the +- hard_frame_pointer. This value is always a multiple of ++ /* The number of bytes between the hard_frame_pointer and the top of ++ the frame (the incomming SP). This value is always a multiple of + STACK_BOUNDARY. */ +- poly_int64 hard_fp_offset; ++ poly_int64 bytes_above_hard_fp; + + /* The size of the frame. This value is the offset from base of the + frame (incomming SP) to the stack_pointer. This value is always +-- +2.34.1 + + +From aac8b31379ac3bbd14fc6427dce23f56e54e8485 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:52 +0100 +Subject: [PATCH 10/19] aarch64: Tweak frame_size comment +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch fixes another case in which a value was described with +an “upside-down” view. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame::frame_size): Tweak comment. +--- + gcc/config/aarch64/aarch64.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index dd1f403f939..700524ae22b 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -895,8 +895,8 @@ struct GTY (()) aarch64_frame + STACK_BOUNDARY. */ + poly_int64 bytes_above_hard_fp; + +- /* The size of the frame. This value is the offset from base of the +- frame (incomming SP) to the stack_pointer. This value is always ++ /* The size of the frame, i.e. the number of bytes between the bottom ++ of the outgoing arguments and the incoming SP. This value is always + a multiple of STACK_BOUNDARY. */ + poly_int64 frame_size; + +-- +2.34.1 + + +From 8d5506a8aeb8dd7e8b209a3663b07688478f76b9 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:53 +0100 +Subject: [PATCH 11/19] aarch64: Measure reg_offset from the bottom of the + frame + +reg_offset was measured from the bottom of the saved register area. +This made perfect sense with the original layout, since the bottom +of the saved register area was also the hard frame pointer address. +It became slightly less obvious with SVE, since we save SVE +registers below the hard frame pointer, but it still made sense. + +However, if we want to allow different frame layouts, it's more +convenient and obvious to measure reg_offset from the bottom of +the frame. After previous patches, it's also a slight simplification +in its own right. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame): Add comment above + reg_offset. + * config/aarch64/aarch64.cc (aarch64_layout_frame): Walk offsets + from the bottom of the frame, rather than the bottom of the saved + register area. Measure reg_offset from the bottom of the frame + rather than the bottom of the saved register area. + (aarch64_save_callee_saves): Update accordingly. + (aarch64_restore_callee_saves): Likewise. + (aarch64_get_separate_components): Likewise. + (aarch64_process_components): Likewise. +--- + gcc/config/aarch64/aarch64.cc | 53 ++++++++++++++++------------------- + gcc/config/aarch64/aarch64.h | 3 ++ + 2 files changed, 27 insertions(+), 29 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 3c4052740e7..97dd077844b 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8139,7 +8139,6 @@ aarch64_needs_frame_chain (void) + static void + aarch64_layout_frame (void) + { +- poly_int64 offset = 0; + int regno, last_fp_reg = INVALID_REGNUM; + machine_mode vector_save_mode = aarch64_reg_save_mode (V8_REGNUM); + poly_int64 vector_save_size = GET_MODE_SIZE (vector_save_mode); +@@ -8217,7 +8216,9 @@ aarch64_layout_frame (void) + gcc_assert (crtl->is_leaf + || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); + +- frame.bytes_below_saved_regs = crtl->outgoing_args_size; ++ poly_int64 offset = crtl->outgoing_args_size; ++ gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); ++ frame.bytes_below_saved_regs = offset; + + /* Now assign stack slots for the registers. Start with the predicate + registers, since predicate LDR and STR have a relatively small +@@ -8229,7 +8230,8 @@ aarch64_layout_frame (void) + offset += BYTES_PER_SVE_PRED; + } + +- if (maybe_ne (offset, 0)) ++ poly_int64 saved_prs_size = offset - frame.bytes_below_saved_regs; ++ if (maybe_ne (saved_prs_size, 0)) + { + /* If we have any vector registers to save above the predicate registers, + the offset of the vector register save slots need to be a multiple +@@ -8247,10 +8249,10 @@ aarch64_layout_frame (void) + offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); + else + { +- if (known_le (offset, vector_save_size)) +- offset = vector_save_size; +- else if (known_le (offset, vector_save_size * 2)) +- offset = vector_save_size * 2; ++ if (known_le (saved_prs_size, vector_save_size)) ++ offset = frame.bytes_below_saved_regs + vector_save_size; ++ else if (known_le (saved_prs_size, vector_save_size * 2)) ++ offset = frame.bytes_below_saved_regs + vector_save_size * 2; + else + gcc_unreachable (); + } +@@ -8267,9 +8269,10 @@ aarch64_layout_frame (void) + + /* OFFSET is now the offset of the hard frame pointer from the bottom + of the callee save area. */ +- bool saves_below_hard_fp_p = maybe_ne (offset, 0); +- frame.below_hard_fp_saved_regs_size = offset; +- frame.bytes_below_hard_fp = offset + frame.bytes_below_saved_regs; ++ frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; ++ bool saves_below_hard_fp_p ++ = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); ++ frame.bytes_below_hard_fp = offset; + if (frame.emit_frame_chain) + { + /* FP and LR are placed in the linkage record. */ +@@ -8320,9 +8323,10 @@ aarch64_layout_frame (void) + + offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); + +- frame.saved_regs_size = offset; ++ frame.saved_regs_size = offset - frame.bytes_below_saved_regs; + +- poly_int64 varargs_and_saved_regs_size = offset + frame.saved_varargs_size; ++ poly_int64 varargs_and_saved_regs_size ++ = frame.saved_regs_size + frame.saved_varargs_size; + + poly_int64 saved_regs_and_above + = aligned_upper_bound (varargs_and_saved_regs_size +@@ -8790,9 +8794,7 @@ aarch64_save_callee_saves (poly_int64 bytes_below_sp, + + machine_mode mode = aarch64_reg_save_mode (regno); + reg = gen_rtx_REG (mode, regno); +- offset = (frame.reg_offset[regno] +- + frame.bytes_below_saved_regs +- - bytes_below_sp); ++ offset = frame.reg_offset[regno] - bytes_below_sp; + rtx base_rtx = stack_pointer_rtx; + poly_int64 sp_offset = offset; + +@@ -8899,9 +8901,7 @@ aarch64_restore_callee_saves (poly_int64 bytes_below_sp, unsigned start, + + machine_mode mode = aarch64_reg_save_mode (regno); + reg = gen_rtx_REG (mode, regno); +- offset = (frame.reg_offset[regno] +- + frame.bytes_below_saved_regs +- - bytes_below_sp); ++ offset = frame.reg_offset[regno] - bytes_below_sp; + rtx base_rtx = stack_pointer_rtx; + if (mode == VNx2DImode && BYTES_BIG_ENDIAN) + aarch64_adjust_sve_callee_save_base (mode, base_rtx, anchor_reg, +@@ -9040,14 +9040,12 @@ aarch64_get_separate_components (void) + it as a stack probe for -fstack-clash-protection. */ + if (flag_stack_clash_protection + && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) +- && known_eq (offset, 0)) ++ && known_eq (offset, frame.bytes_below_saved_regs)) + continue; + + /* Get the offset relative to the register we'll use. */ + if (frame_pointer_needed) +- offset -= frame.below_hard_fp_saved_regs_size; +- else +- offset += frame.bytes_below_saved_regs; ++ offset -= frame.bytes_below_hard_fp; + + /* Check that we can access the stack slot of the register with one + direct load with no adjustments needed. */ +@@ -9194,9 +9192,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) + rtx reg = gen_rtx_REG (mode, regno); + poly_int64 offset = frame.reg_offset[regno]; + if (frame_pointer_needed) +- offset -= frame.below_hard_fp_saved_regs_size; +- else +- offset += frame.bytes_below_saved_regs; ++ offset -= frame.bytes_below_hard_fp; + + rtx addr = plus_constant (Pmode, ptr_reg, offset); + rtx mem = gen_frame_mem (mode, addr); +@@ -9248,9 +9244,7 @@ aarch64_process_components (sbitmap components, bool prologue_p) + /* REGNO2 can be saved/restored in a pair with REGNO. */ + rtx reg2 = gen_rtx_REG (mode, regno2); + if (frame_pointer_needed) +- offset2 -= frame.below_hard_fp_saved_regs_size; +- else +- offset2 += frame.bytes_below_saved_regs; ++ offset2 -= frame.bytes_below_hard_fp; + rtx addr2 = plus_constant (Pmode, ptr_reg, offset2); + rtx mem2 = gen_frame_mem (mode, addr2); + rtx set2 = prologue_p ? gen_rtx_SET (mem2, reg2) +@@ -9366,7 +9360,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + if (final_adjustment_p + && known_eq (frame.below_hard_fp_saved_regs_size, 0)) + { +- poly_int64 lr_offset = frame.reg_offset[LR_REGNUM]; ++ poly_int64 lr_offset = (frame.reg_offset[LR_REGNUM] ++ - frame.bytes_below_saved_regs); + if (known_ge (lr_offset, 0)) + min_probe_threshold -= lr_offset.to_constant (); + else +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index 700524ae22b..b6135837073 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -860,6 +860,9 @@ extern enum aarch64_processor aarch64_tune; + #ifdef HAVE_POLY_INT_H + struct GTY (()) aarch64_frame + { ++ /* The offset from the bottom of the static frame (the bottom of the ++ outgoing arguments) of each register save slot, or -2 if no save is ++ needed. */ + poly_int64 reg_offset[LAST_SAVED_REGNUM + 1]; + + /* The number of extra stack bytes taken up by register varargs. +-- +2.34.1 + + +From b47766614df3b9df878262efb2ad73aaac108363 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:53 +0100 +Subject: [PATCH 12/19] aarch64: Simplify top of frame allocation + +After previous patches, it no longer really makes sense to allocate +the top of the frame in terms of varargs_and_saved_regs_size and +saved_regs_and_above. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_layout_frame): Simplify + the allocation of the top of the frame. +--- + gcc/config/aarch64/aarch64.cc | 23 ++++++++--------------- + 1 file changed, 8 insertions(+), 15 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 97dd077844b..81935852d5b 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8325,23 +8325,16 @@ aarch64_layout_frame (void) + + frame.saved_regs_size = offset - frame.bytes_below_saved_regs; + +- poly_int64 varargs_and_saved_regs_size +- = frame.saved_regs_size + frame.saved_varargs_size; +- +- poly_int64 saved_regs_and_above +- = aligned_upper_bound (varargs_and_saved_regs_size +- + get_frame_size (), +- STACK_BOUNDARY / BITS_PER_UNIT); +- +- frame.bytes_above_hard_fp +- = saved_regs_and_above - frame.below_hard_fp_saved_regs_size; ++ offset += get_frame_size (); ++ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); ++ auto top_of_locals = offset; + +- /* Both these values are already aligned. */ +- gcc_assert (multiple_p (frame.bytes_below_saved_regs, +- STACK_BOUNDARY / BITS_PER_UNIT)); +- frame.frame_size = saved_regs_and_above + frame.bytes_below_saved_regs; ++ offset += frame.saved_varargs_size; ++ gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); ++ frame.frame_size = offset; + +- frame.bytes_above_locals = frame.saved_varargs_size; ++ frame.bytes_above_hard_fp = frame.frame_size - frame.bytes_below_hard_fp; ++ frame.bytes_above_locals = frame.frame_size - top_of_locals; + + frame.initial_adjust = 0; + frame.final_adjust = 0; +-- +2.34.1 + + +From 08f71b4bb28fb74d20e8d2927a557e8119ce9f4d Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:54 +0100 +Subject: [PATCH 13/19] aarch64: Minor initial adjustment tweak + +This patch just changes a calculation of initial_adjust +to one that makes it slightly more obvious that the total +adjustment is frame.frame_size. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_layout_frame): Tweak + calculation of initial_adjust for frames in which all saves + are SVE saves. +--- + gcc/config/aarch64/aarch64.cc | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 81935852d5b..4d9fcf3d162 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8414,11 +8414,10 @@ aarch64_layout_frame (void) + { + /* Frame in which all saves are SVE saves: + +- sub sp, sp, hard_fp_offset + below_hard_fp_saved_regs_size ++ sub sp, sp, frame_size - bytes_below_saved_regs + save SVE registers relative to SP + sub sp, sp, bytes_below_saved_regs */ +- frame.initial_adjust = (frame.bytes_above_hard_fp +- + frame.below_hard_fp_saved_regs_size); ++ frame.initial_adjust = frame.frame_size - frame.bytes_below_saved_regs; + frame.final_adjust = frame.bytes_below_saved_regs; + } + else if (frame.bytes_above_hard_fp.is_constant (&const_above_fp) +-- +2.34.1 + + +From f22315d5c19e8310e4dc880fd509678fd291fca8 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:54 +0100 +Subject: [PATCH 14/19] aarch64: Tweak stack clash boundary condition + +The AArch64 ABI says that, when stack clash protection is used, +there can be a maximum of 1KiB of unprobed space at sp on entry +to a function. Therefore, we need to probe when allocating +>= guard_size - 1KiB of data (>= rather than >). This is what +GCC does. + +If an allocation is exactly guard_size bytes, it is enough to allocate +those bytes and probe once at offset 1024. It isn't possible to use a +single probe at any other offset: higher would conmplicate later code, +by leaving more unprobed space than usual, while lower would risk +leaving an entire page unprobed. For simplicity, the code probes all +allocations at offset 1024. + +Some register saves also act as probes. If we need to allocate +more space below the last such register save probe, we need to +probe the allocation if it is > 1KiB. Again, this allocation is +then sometimes (but not always) probed at offset 1024. This sort of +allocation is currently only used for outgoing arguments, which are +rarely this big. + +However, the code also probed if this final outgoing-arguments +allocation was == 1KiB, rather than just > 1KiB. This isn't +necessary, since the register save then probes at offset 1024 +as required. Continuing to probe allocations of exactly 1KiB +would complicate later patches. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_allocate_and_probe_stack_space): + Don't probe final allocations that are exactly 1KiB in size (after + unprobed space above the final allocation has been deducted). + +gcc/testsuite/ + * gcc.target/aarch64/stack-check-prologue-17.c: New test. +--- + gcc/config/aarch64/aarch64.cc | 4 +- + .../aarch64/stack-check-prologue-17.c | 55 +++++++++++++++++++ + 2 files changed, 58 insertions(+), 1 deletion(-) + create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 4d9fcf3d162..34c1d8614cd 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -9333,9 +9333,11 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + HOST_WIDE_INT guard_size + = 1 << param_stack_clash_protection_guard_size; + HOST_WIDE_INT guard_used_by_caller = STACK_CLASH_CALLER_GUARD; ++ HOST_WIDE_INT byte_sp_alignment = STACK_BOUNDARY / BITS_PER_UNIT; ++ gcc_assert (multiple_p (poly_size, byte_sp_alignment)); + HOST_WIDE_INT min_probe_threshold + = (final_adjustment_p +- ? guard_used_by_caller ++ ? guard_used_by_caller + byte_sp_alignment + : guard_size - guard_used_by_caller); + /* When doing the final adjustment for the outgoing arguments, take into + account any unprobed space there is above the current SP. There are +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c +new file mode 100644 +index 00000000000..0d8a25d73a2 +--- /dev/null ++++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c +@@ -0,0 +1,55 @@ ++/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12" } */ ++/* { dg-final { check-function-bodies "**" "" } } */ ++ ++void f(int, ...); ++void g(); ++ ++/* ++** test1: ++** ... ++** str x30, \[sp\] ++** sub sp, sp, #1024 ++** cbnz w0, .* ++** bl g ++** ... ++*/ ++int test1(int z) { ++ __uint128_t x = 0; ++ int y[0x400]; ++ if (z) ++ { ++ f(0, 0, 0, 0, 0, 0, 0, &y, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); ++ } ++ g(); ++ return 1; ++} ++ ++/* ++** test2: ++** ... ++** str x30, \[sp\] ++** sub sp, sp, #1040 ++** str xzr, \[sp\] ++** cbnz w0, .* ++** bl g ++** ... ++*/ ++int test2(int z) { ++ __uint128_t x = 0; ++ int y[0x400]; ++ if (z) ++ { ++ f(0, 0, 0, 0, 0, 0, 0, &y, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x); ++ } ++ g(); ++ return 1; ++} +-- +2.34.1 + + +From 15e18831bf98fd25af098b970ebf0c9a6200a34b Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:55 +0100 +Subject: [PATCH 15/19] aarch64: Put LR save probe in first 16 bytes + +-fstack-clash-protection uses the save of LR as a probe for the next +allocation. The next allocation could be: + +* another part of the static frame, e.g. when allocating SVE save slots + or outgoing arguments + +* an alloca in the same function + +* an allocation made by a callee function + +However, when -fomit-frame-pointer is used, the LR save slot is placed +above the other GPR save slots. It could therefore be up to 80 bytes +above the base of the GPR save area (which is also the hard fp address). + +aarch64_allocate_and_probe_stack_space took this into account when +deciding how much subsequent space could be allocated without needing +a probe. However, it interacted badly with: + + /* If doing a small final adjustment, we always probe at offset 0. + This is done to avoid issues when LR is not at position 0 or when + the final adjustment is smaller than the probing offset. */ + else if (final_adjustment_p && rounded_size == 0) + residual_probe_offset = 0; + +which forces any allocation that is smaller than the guard page size +to be probed at offset 0 rather than the usual offset 1024. It was +therefore possible to construct cases in which we had: + +* a probe using LR at SP + 80 bytes (or some other value >= 16) +* an allocation of the guard page size - 16 bytes +* a probe at SP + 0 + +which allocates guard page size + 64 consecutive unprobed bytes. + +This patch requires the LR probe to be in the first 16 bytes of the +save area when stack clash protection is active. Doing it +unconditionally would cause code-quality regressions. + +Putting LR before other registers prevents push/pop allocation +when shadow call stacks are enabled, since LR is restored +separately from the other callee-saved registers. + +The new comment doesn't say that the probe register is required +to be LR, since a later patch removes that restriction. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_layout_frame): Ensure that + the LR save slot is in the first 16 bytes of the register save area. + Only form STP/LDP push/pop candidates if both registers are valid. + (aarch64_allocate_and_probe_stack_space): Remove workaround for + when LR was not in the first 16 bytes. + +gcc/testsuite/ + * gcc.target/aarch64/stack-check-prologue-18.c: New test. + * gcc.target/aarch64/stack-check-prologue-19.c: Likewise. + * gcc.target/aarch64/stack-check-prologue-20.c: Likewise. +--- + gcc/config/aarch64/aarch64.cc | 72 ++++++------- + .../aarch64/stack-check-prologue-18.c | 100 ++++++++++++++++++ + .../aarch64/stack-check-prologue-19.c | 100 ++++++++++++++++++ + .../aarch64/stack-check-prologue-20.c | 3 + + 4 files changed, 233 insertions(+), 42 deletions(-) + create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c + create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c + create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 34c1d8614cd..16433fb70f4 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8273,26 +8273,34 @@ aarch64_layout_frame (void) + bool saves_below_hard_fp_p + = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); + frame.bytes_below_hard_fp = offset; ++ ++ auto allocate_gpr_slot = [&](unsigned int regno) ++ { ++ frame.reg_offset[regno] = offset; ++ if (frame.wb_push_candidate1 == INVALID_REGNUM) ++ frame.wb_push_candidate1 = regno; ++ else if (frame.wb_push_candidate2 == INVALID_REGNUM) ++ frame.wb_push_candidate2 = regno; ++ offset += UNITS_PER_WORD; ++ }; ++ + if (frame.emit_frame_chain) + { + /* FP and LR are placed in the linkage record. */ +- frame.reg_offset[R29_REGNUM] = offset; +- frame.wb_push_candidate1 = R29_REGNUM; +- frame.reg_offset[R30_REGNUM] = offset + UNITS_PER_WORD; +- frame.wb_push_candidate2 = R30_REGNUM; +- offset += 2 * UNITS_PER_WORD; ++ allocate_gpr_slot (R29_REGNUM); ++ allocate_gpr_slot (R30_REGNUM); + } ++ else if (flag_stack_clash_protection ++ && known_eq (frame.reg_offset[R30_REGNUM], SLOT_REQUIRED)) ++ /* Put the LR save slot first, since it makes a good choice of probe ++ for stack clash purposes. The idea is that the link register usually ++ has to be saved before a call anyway, and so we lose little by ++ stopping it from being individually shrink-wrapped. */ ++ allocate_gpr_slot (R30_REGNUM); + + for (regno = R0_REGNUM; regno <= R30_REGNUM; regno++) + if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) +- { +- frame.reg_offset[regno] = offset; +- if (frame.wb_push_candidate1 == INVALID_REGNUM) +- frame.wb_push_candidate1 = regno; +- else if (frame.wb_push_candidate2 == INVALID_REGNUM) +- frame.wb_push_candidate2 = regno; +- offset += UNITS_PER_WORD; +- } ++ allocate_gpr_slot (regno); + + poly_int64 max_int_offset = offset; + offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); +@@ -8370,10 +8378,13 @@ aarch64_layout_frame (void) + max_push_offset to 0, because no registers are popped at this time, + so callee_adjust cannot be adjusted. */ + HOST_WIDE_INT max_push_offset = 0; +- if (frame.wb_pop_candidate2 != INVALID_REGNUM) +- max_push_offset = 512; +- else if (frame.wb_pop_candidate1 != INVALID_REGNUM) +- max_push_offset = 256; ++ if (frame.wb_pop_candidate1 != INVALID_REGNUM) ++ { ++ if (frame.wb_pop_candidate2 != INVALID_REGNUM) ++ max_push_offset = 512; ++ else ++ max_push_offset = 256; ++ } + + HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; + HOST_WIDE_INT const_saved_regs_size; +@@ -9339,29 +9350,6 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + = (final_adjustment_p + ? guard_used_by_caller + byte_sp_alignment + : guard_size - guard_used_by_caller); +- /* When doing the final adjustment for the outgoing arguments, take into +- account any unprobed space there is above the current SP. There are +- two cases: +- +- - When saving SVE registers below the hard frame pointer, we force +- the lowest save to take place in the prologue before doing the final +- adjustment (i.e. we don't allow the save to be shrink-wrapped). +- This acts as a probe at SP, so there is no unprobed space. +- +- - When there are no SVE register saves, we use the store of the link +- register as a probe. We can't assume that LR was saved at position 0 +- though, so treat any space below it as unprobed. */ +- if (final_adjustment_p +- && known_eq (frame.below_hard_fp_saved_regs_size, 0)) +- { +- poly_int64 lr_offset = (frame.reg_offset[LR_REGNUM] +- - frame.bytes_below_saved_regs); +- if (known_ge (lr_offset, 0)) +- min_probe_threshold -= lr_offset.to_constant (); +- else +- gcc_assert (!flag_stack_clash_protection || known_eq (poly_size, 0)); +- } +- + poly_int64 frame_size = frame.frame_size; + + /* We should always have a positive probe threshold. */ +@@ -9541,8 +9529,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + if (final_adjustment_p && rounded_size != 0) + min_probe_threshold = 0; + /* If doing a small final adjustment, we always probe at offset 0. +- This is done to avoid issues when LR is not at position 0 or when +- the final adjustment is smaller than the probing offset. */ ++ This is done to avoid issues when the final adjustment is smaller ++ than the probing offset. */ + else if (final_adjustment_p && rounded_size == 0) + residual_probe_offset = 0; + +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c +new file mode 100644 +index 00000000000..82447d20fff +--- /dev/null ++++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c +@@ -0,0 +1,100 @@ ++/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12" } */ ++/* { dg-final { check-function-bodies "**" "" } } */ ++ ++void f(int, ...); ++void g(); ++ ++/* ++** test1: ++** ... ++** str x30, \[sp\] ++** sub sp, sp, #4064 ++** str xzr, \[sp\] ++** cbnz w0, .* ++** bl g ++** ... ++** str x26, \[sp, #?4128\] ++** ... ++*/ ++int test1(int z) { ++ __uint128_t x = 0; ++ int y[0x400]; ++ if (z) ++ { ++ asm volatile ("" ::: ++ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); ++ f(0, 0, 0, 0, 0, 0, 0, &y, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x); ++ } ++ g(); ++ return 1; ++} ++ ++/* ++** test2: ++** ... ++** str x30, \[sp\] ++** sub sp, sp, #1040 ++** str xzr, \[sp\] ++** cbnz w0, .* ++** bl g ++** ... ++*/ ++int test2(int z) { ++ __uint128_t x = 0; ++ int y[0x400]; ++ if (z) ++ { ++ asm volatile ("" ::: ++ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); ++ f(0, 0, 0, 0, 0, 0, 0, &y, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x); ++ } ++ g(); ++ return 1; ++} ++ ++/* ++** test3: ++** ... ++** str x30, \[sp\] ++** sub sp, sp, #1024 ++** cbnz w0, .* ++** bl g ++** ... ++*/ ++int test3(int z) { ++ __uint128_t x = 0; ++ int y[0x400]; ++ if (z) ++ { ++ asm volatile ("" ::: ++ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); ++ f(0, 0, 0, 0, 0, 0, 0, &y, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); ++ } ++ g(); ++ return 1; ++} +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c +new file mode 100644 +index 00000000000..73ac3e4e4eb +--- /dev/null ++++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c +@@ -0,0 +1,100 @@ ++/* { dg-options "-O2 -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12 -fsanitize=shadow-call-stack -ffixed-x18" } */ ++/* { dg-final { check-function-bodies "**" "" } } */ ++ ++void f(int, ...); ++void g(); ++ ++/* ++** test1: ++** ... ++** str x30, \[sp\] ++** sub sp, sp, #4064 ++** str xzr, \[sp\] ++** cbnz w0, .* ++** bl g ++** ... ++** str x26, \[sp, #?4128\] ++** ... ++*/ ++int test1(int z) { ++ __uint128_t x = 0; ++ int y[0x400]; ++ if (z) ++ { ++ asm volatile ("" ::: ++ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); ++ f(0, 0, 0, 0, 0, 0, 0, &y, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x); ++ } ++ g(); ++ return 1; ++} ++ ++/* ++** test2: ++** ... ++** str x30, \[sp\] ++** sub sp, sp, #1040 ++** str xzr, \[sp\] ++** cbnz w0, .* ++** bl g ++** ... ++*/ ++int test2(int z) { ++ __uint128_t x = 0; ++ int y[0x400]; ++ if (z) ++ { ++ asm volatile ("" ::: ++ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); ++ f(0, 0, 0, 0, 0, 0, 0, &y, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x); ++ } ++ g(); ++ return 1; ++} ++ ++/* ++** test3: ++** ... ++** str x30, \[sp\] ++** sub sp, sp, #1024 ++** cbnz w0, .* ++** bl g ++** ... ++*/ ++int test3(int z) { ++ __uint128_t x = 0; ++ int y[0x400]; ++ if (z) ++ { ++ asm volatile ("" ::: ++ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"); ++ f(0, 0, 0, 0, 0, 0, 0, &y, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, ++ x, x, x, x, x, x, x, x, x, x, x, x, x, x, x, x); ++ } ++ g(); ++ return 1; ++} +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c +new file mode 100644 +index 00000000000..690aae8dfd5 +--- /dev/null ++++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-20.c +@@ -0,0 +1,3 @@ ++/* { dg-options "-O2 -fstack-protector-all -fstack-clash-protection -fomit-frame-pointer --param stack-clash-protection-guard-size=12 -fsanitize=shadow-call-stack -ffixed-x18" } */ ++ ++#include "stack-check-prologue-19.c" +-- +2.34.1 + + +From c4f0e121faa36342f1d21919e54a05ad841c4f86 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:55 +0100 +Subject: [PATCH 16/19] aarch64: Simplify probe of final frame allocation + +Previous patches ensured that the final frame allocation only needs +a probe when the size is strictly greater than 1KiB. It's therefore +safe to use the normal 1024 probe offset in all cases. + +The main motivation for doing this is to simplify the code and +remove the number of special cases. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_allocate_and_probe_stack_space): + Always probe the residual allocation at offset 1024, asserting + that that is in range. + +gcc/testsuite/ + * gcc.target/aarch64/stack-check-prologue-17.c: Expect the probe + to be at offset 1024 rather than offset 0. + * gcc.target/aarch64/stack-check-prologue-18.c: Likewise. + * gcc.target/aarch64/stack-check-prologue-19.c: Likewise. +--- + gcc/config/aarch64/aarch64.cc | 12 ++++-------- + .../gcc.target/aarch64/stack-check-prologue-17.c | 2 +- + .../gcc.target/aarch64/stack-check-prologue-18.c | 4 ++-- + .../gcc.target/aarch64/stack-check-prologue-19.c | 4 ++-- + 4 files changed, 9 insertions(+), 13 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 16433fb70f4..8abf3d7a1e2 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -9523,16 +9523,12 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + are still safe. */ + if (residual) + { +- HOST_WIDE_INT residual_probe_offset = guard_used_by_caller; ++ gcc_assert (guard_used_by_caller + byte_sp_alignment <= size); ++ + /* If we're doing final adjustments, and we've done any full page + allocations then any residual needs to be probed. */ + if (final_adjustment_p && rounded_size != 0) + min_probe_threshold = 0; +- /* If doing a small final adjustment, we always probe at offset 0. +- This is done to avoid issues when the final adjustment is smaller +- than the probing offset. */ +- else if (final_adjustment_p && rounded_size == 0) +- residual_probe_offset = 0; + + aarch64_sub_sp (temp1, temp2, residual, frame_related_p); + if (residual >= min_probe_threshold) +@@ -9543,8 +9539,8 @@ aarch64_allocate_and_probe_stack_space (rtx temp1, rtx temp2, + HOST_WIDE_INT_PRINT_DEC " bytes, probing will be required." + "\n", residual); + +- emit_stack_probe (plus_constant (Pmode, stack_pointer_rtx, +- residual_probe_offset)); ++ emit_stack_probe (plus_constant (Pmode, stack_pointer_rtx, ++ guard_used_by_caller)); + emit_insn (gen_blockage ()); + } + } +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c +index 0d8a25d73a2..f0ec1389771 100644 +--- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c ++++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-17.c +@@ -33,7 +33,7 @@ int test1(int z) { + ** ... + ** str x30, \[sp\] + ** sub sp, sp, #1040 +-** str xzr, \[sp\] ++** str xzr, \[sp, #?1024\] + ** cbnz w0, .* + ** bl g + ** ... +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c +index 82447d20fff..6383bec5ebc 100644 +--- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c ++++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-18.c +@@ -9,7 +9,7 @@ void g(); + ** ... + ** str x30, \[sp\] + ** sub sp, sp, #4064 +-** str xzr, \[sp\] ++** str xzr, \[sp, #?1024\] + ** cbnz w0, .* + ** bl g + ** ... +@@ -50,7 +50,7 @@ int test1(int z) { + ** ... + ** str x30, \[sp\] + ** sub sp, sp, #1040 +-** str xzr, \[sp\] ++** str xzr, \[sp, #?1024\] + ** cbnz w0, .* + ** bl g + ** ... +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c +index 73ac3e4e4eb..562039b5e9b 100644 +--- a/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c ++++ b/gcc/testsuite/gcc.target/aarch64/stack-check-prologue-19.c +@@ -9,7 +9,7 @@ void g(); + ** ... + ** str x30, \[sp\] + ** sub sp, sp, #4064 +-** str xzr, \[sp\] ++** str xzr, \[sp, #?1024\] + ** cbnz w0, .* + ** bl g + ** ... +@@ -50,7 +50,7 @@ int test1(int z) { + ** ... + ** str x30, \[sp\] + ** sub sp, sp, #1040 +-** str xzr, \[sp\] ++** str xzr, \[sp, #?1024\] + ** cbnz w0, .* + ** bl g + ** ... +-- +2.34.1 + + +From 6f0ab0a9f46a17b68349ff6035aa776bf65f0575 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:56 +0100 +Subject: [PATCH 17/19] aarch64: Explicitly record probe registers in frame + info + +The stack frame is currently divided into three areas: + +A: the area above the hard frame pointer +B: the SVE saves below the hard frame pointer +C: the outgoing arguments + +If the stack frame is allocated in one chunk, the allocation needs a +probe if the frame size is >= guard_size - 1KiB. In addition, if the +function is not a leaf function, it must probe an address no more than +1KiB above the outgoing SP. We ensured the second condition by + +(1) using single-chunk allocations for non-leaf functions only if + the link register save slot is within 512 bytes of the bottom + of the frame; and + +(2) using the link register save as a probe (meaning, for instance, + that it can't be individually shrink wrapped) + +If instead the stack is allocated in multiple chunks, then: + +* an allocation involving only the outgoing arguments (C above) requires + a probe if the allocation size is > 1KiB + +* any other allocation requires a probe if the allocation size + is >= guard_size - 1KiB + +* second and subsequent allocations require the previous allocation + to probe at the bottom of the allocated area, regardless of the size + of that previous allocation + +The final point means that, unlike for single allocations, +it can be necessary to have both a non-SVE register probe and +an SVE register probe. For example: + +* allocate A, probe using a non-SVE register save +* allocate B, probe using an SVE register save +* allocate C + +The non-SVE register used in this case was again the link register. +It was previously used even if the link register save slot was some +bytes above the bottom of the non-SVE register saves, but an earlier +patch avoided that by putting the link register save slot first. + +As a belt-and-braces fix, this patch explicitly records which +probe registers we're using and allows the non-SVE probe to be +whichever register comes first (as for SVE). + +The patch also avoids unnecessary probes in sve/pcs/stack_clash_3.c. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame::sve_save_and_probe) + (aarch64_frame::hard_fp_save_and_probe): New fields. + * config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize them. + Rather than asserting that a leaf function saves LR, instead assert + that a leaf function saves something. + (aarch64_get_separate_components): Prevent the chosen probe + registers from being individually shrink-wrapped. + (aarch64_allocate_and_probe_stack_space): Remove workaround for + probe registers that aren't at the bottom of the previous allocation. + +gcc/testsuite/ + * gcc.target/aarch64/sve/pcs/stack_clash_3.c: Avoid redundant probes. +--- + gcc/config/aarch64/aarch64.cc | 68 +++++++++++++++---- + gcc/config/aarch64/aarch64.h | 8 +++ + .../aarch64/sve/pcs/stack_clash_3.c | 6 +- + 3 files changed, 64 insertions(+), 18 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index 8abf3d7a1e2..a8d907df884 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8210,15 +8210,11 @@ aarch64_layout_frame (void) + && !crtl->abi->clobbers_full_reg_p (regno)) + frame.reg_offset[regno] = SLOT_REQUIRED; + +- /* With stack-clash, LR must be saved in non-leaf functions. The saving of +- LR counts as an implicit probe which allows us to maintain the invariant +- described in the comment at expand_prologue. */ +- gcc_assert (crtl->is_leaf +- || maybe_ne (frame.reg_offset[R30_REGNUM], SLOT_NOT_REQUIRED)); + + poly_int64 offset = crtl->outgoing_args_size; + gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); + frame.bytes_below_saved_regs = offset; ++ frame.sve_save_and_probe = INVALID_REGNUM; + + /* Now assign stack slots for the registers. Start with the predicate + registers, since predicate LDR and STR have a relatively small +@@ -8226,6 +8222,8 @@ aarch64_layout_frame (void) + for (regno = P0_REGNUM; regno <= P15_REGNUM; regno++) + if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) + { ++ if (frame.sve_save_and_probe == INVALID_REGNUM) ++ frame.sve_save_and_probe = regno; + frame.reg_offset[regno] = offset; + offset += BYTES_PER_SVE_PRED; + } +@@ -8263,6 +8261,8 @@ aarch64_layout_frame (void) + for (regno = V0_REGNUM; regno <= V31_REGNUM; regno++) + if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) + { ++ if (frame.sve_save_and_probe == INVALID_REGNUM) ++ frame.sve_save_and_probe = regno; + frame.reg_offset[regno] = offset; + offset += vector_save_size; + } +@@ -8272,10 +8272,18 @@ aarch64_layout_frame (void) + frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; + bool saves_below_hard_fp_p + = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); ++ gcc_assert (!saves_below_hard_fp_p ++ || (frame.sve_save_and_probe != INVALID_REGNUM ++ && known_eq (frame.reg_offset[frame.sve_save_and_probe], ++ frame.bytes_below_saved_regs))); ++ + frame.bytes_below_hard_fp = offset; ++ frame.hard_fp_save_and_probe = INVALID_REGNUM; + + auto allocate_gpr_slot = [&](unsigned int regno) + { ++ if (frame.hard_fp_save_and_probe == INVALID_REGNUM) ++ frame.hard_fp_save_and_probe = regno; + frame.reg_offset[regno] = offset; + if (frame.wb_push_candidate1 == INVALID_REGNUM) + frame.wb_push_candidate1 = regno; +@@ -8309,6 +8317,8 @@ aarch64_layout_frame (void) + for (regno = V0_REGNUM; regno <= V31_REGNUM; regno++) + if (known_eq (frame.reg_offset[regno], SLOT_REQUIRED)) + { ++ if (frame.hard_fp_save_and_probe == INVALID_REGNUM) ++ frame.hard_fp_save_and_probe = regno; + /* If there is an alignment gap between integer and fp callee-saves, + allocate the last fp register to it if possible. */ + if (regno == last_fp_reg +@@ -8332,6 +8342,17 @@ aarch64_layout_frame (void) + offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); + + frame.saved_regs_size = offset - frame.bytes_below_saved_regs; ++ gcc_assert (known_eq (frame.saved_regs_size, ++ frame.below_hard_fp_saved_regs_size) ++ || (frame.hard_fp_save_and_probe != INVALID_REGNUM ++ && known_eq (frame.reg_offset[frame.hard_fp_save_and_probe], ++ frame.bytes_below_hard_fp))); ++ ++ /* With stack-clash, a register must be saved in non-leaf functions. ++ The saving of the bottommost register counts as an implicit probe, ++ which allows us to maintain the invariant described in the comment ++ at expand_prologue. */ ++ gcc_assert (crtl->is_leaf || maybe_ne (frame.saved_regs_size, 0)); + + offset += get_frame_size (); + offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); +@@ -8462,6 +8483,25 @@ aarch64_layout_frame (void) + frame.final_adjust = frame.bytes_below_saved_regs; + } + ++ /* The frame is allocated in pieces, with each non-final piece ++ including a register save at offset 0 that acts as a probe for ++ the following piece. In addition, the save of the bottommost register ++ acts as a probe for callees and allocas. Roll back any probes that ++ aren't needed. ++ ++ A probe isn't needed if it is associated with the final allocation ++ (including callees and allocas) that happens before the epilogue is ++ executed. */ ++ if (crtl->is_leaf ++ && !cfun->calls_alloca ++ && known_eq (frame.final_adjust, 0)) ++ { ++ if (maybe_ne (frame.sve_callee_adjust, 0)) ++ frame.sve_save_and_probe = INVALID_REGNUM; ++ else ++ frame.hard_fp_save_and_probe = INVALID_REGNUM; ++ } ++ + /* Make sure the individual adjustments add up to the full frame size. */ + gcc_assert (known_eq (frame.initial_adjust + + frame.callee_adjust +@@ -9039,13 +9079,6 @@ aarch64_get_separate_components (void) + + poly_int64 offset = frame.reg_offset[regno]; + +- /* If the register is saved in the first SVE save slot, we use +- it as a stack probe for -fstack-clash-protection. */ +- if (flag_stack_clash_protection +- && maybe_ne (frame.below_hard_fp_saved_regs_size, 0) +- && known_eq (offset, frame.bytes_below_saved_regs)) +- continue; +- + /* Get the offset relative to the register we'll use. */ + if (frame_pointer_needed) + offset -= frame.bytes_below_hard_fp; +@@ -9080,6 +9113,13 @@ aarch64_get_separate_components (void) + + bitmap_clear_bit (components, LR_REGNUM); + bitmap_clear_bit (components, SP_REGNUM); ++ if (flag_stack_clash_protection) ++ { ++ if (frame.sve_save_and_probe != INVALID_REGNUM) ++ bitmap_clear_bit (components, frame.sve_save_and_probe); ++ if (frame.hard_fp_save_and_probe != INVALID_REGNUM) ++ bitmap_clear_bit (components, frame.hard_fp_save_and_probe); ++ } + + return components; + } +@@ -9616,8 +9656,8 @@ aarch64_epilogue_uses (int regno) + When probing is needed, we emit a probe at the start of the prologue + and every PARAM_STACK_CLASH_PROTECTION_GUARD_SIZE bytes thereafter. + +- We have to track how much space has been allocated and the only stores +- to the stack we track as implicit probes are the FP/LR stores. ++ We can also use register saves as probes. These are stored in ++ sve_save_and_probe and hard_fp_save_and_probe. + + For outgoing arguments we probe if the size is larger than 1KB, such that + the ABI specified buffer is maintained for the next callee. +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index b6135837073..46d4693e206 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -957,6 +957,14 @@ struct GTY (()) aarch64_frame + This is the register they should use. */ + unsigned spare_pred_reg; + ++ /* An SVE register that is saved below the hard frame pointer and that acts ++ as a probe for later allocations, or INVALID_REGNUM if none. */ ++ unsigned sve_save_and_probe; ++ ++ /* A register that is saved at the hard frame pointer and that acts ++ as a probe for later allocations, or INVALID_REGNUM if none. */ ++ unsigned hard_fp_save_and_probe; ++ + bool laid_out; + + /* True if shadow call stack should be enabled for the current function. */ +diff --git a/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c b/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c +index 3e01ec36c3a..3530a0d504b 100644 +--- a/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c ++++ b/gcc/testsuite/gcc.target/aarch64/sve/pcs/stack_clash_3.c +@@ -11,11 +11,10 @@ + ** mov x11, sp + ** ... + ** sub sp, sp, x13 +-** str p4, \[sp\] + ** cbz w0, [^\n]* ++** str p4, \[sp\] + ** ... + ** ptrue p0\.b, all +-** ldr p4, \[sp\] + ** addvl sp, sp, #1 + ** ldr x24, \[sp\], 32 + ** ret +@@ -39,13 +38,12 @@ test_1 (int n) + ** mov x11, sp + ** ... + ** sub sp, sp, x13 +-** str p4, \[sp\] + ** cbz w0, [^\n]* ++** str p4, \[sp\] + ** str p5, \[sp, #1, mul vl\] + ** str p6, \[sp, #2, mul vl\] + ** ... + ** ptrue p0\.b, all +-** ldr p4, \[sp\] + ** addvl sp, sp, #1 + ** ldr x24, \[sp\], 32 + ** ret +-- +2.34.1 + + +From 8254e1b9cd500e0c278465a3657543477e9d1250 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:56 +0100 +Subject: [PATCH 18/19] aarch64: Remove below_hard_fp_saved_regs_size + +After previous patches, it's no longer necessary to store +saved_regs_size and below_hard_fp_saved_regs_size in the frame info. +All measurements instead use the top or bottom of the frame as +reference points. + +gcc/ + * config/aarch64/aarch64.h (aarch64_frame::saved_regs_size) + (aarch64_frame::below_hard_fp_saved_regs_size): Delete. + * config/aarch64/aarch64.cc (aarch64_layout_frame): Update accordingly. +--- + gcc/config/aarch64/aarch64.cc | 45 ++++++++++++++++------------------- + gcc/config/aarch64/aarch64.h | 7 ------ + 2 files changed, 21 insertions(+), 31 deletions(-) + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index a8d907df884..ac3d3b336a3 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8269,9 +8269,8 @@ aarch64_layout_frame (void) + + /* OFFSET is now the offset of the hard frame pointer from the bottom + of the callee save area. */ +- frame.below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; +- bool saves_below_hard_fp_p +- = maybe_ne (frame.below_hard_fp_saved_regs_size, 0); ++ auto below_hard_fp_saved_regs_size = offset - frame.bytes_below_saved_regs; ++ bool saves_below_hard_fp_p = maybe_ne (below_hard_fp_saved_regs_size, 0); + gcc_assert (!saves_below_hard_fp_p + || (frame.sve_save_and_probe != INVALID_REGNUM + && known_eq (frame.reg_offset[frame.sve_save_and_probe], +@@ -8341,9 +8340,8 @@ aarch64_layout_frame (void) + + offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); + +- frame.saved_regs_size = offset - frame.bytes_below_saved_regs; +- gcc_assert (known_eq (frame.saved_regs_size, +- frame.below_hard_fp_saved_regs_size) ++ auto saved_regs_size = offset - frame.bytes_below_saved_regs; ++ gcc_assert (known_eq (saved_regs_size, below_hard_fp_saved_regs_size) + || (frame.hard_fp_save_and_probe != INVALID_REGNUM + && known_eq (frame.reg_offset[frame.hard_fp_save_and_probe], + frame.bytes_below_hard_fp))); +@@ -8352,7 +8350,7 @@ aarch64_layout_frame (void) + The saving of the bottommost register counts as an implicit probe, + which allows us to maintain the invariant described in the comment + at expand_prologue. */ +- gcc_assert (crtl->is_leaf || maybe_ne (frame.saved_regs_size, 0)); ++ gcc_assert (crtl->is_leaf || maybe_ne (saved_regs_size, 0)); + + offset += get_frame_size (); + offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); +@@ -8409,7 +8407,7 @@ aarch64_layout_frame (void) + + HOST_WIDE_INT const_size, const_below_saved_regs, const_above_fp; + HOST_WIDE_INT const_saved_regs_size; +- if (known_eq (frame.saved_regs_size, 0)) ++ if (known_eq (saved_regs_size, 0)) + frame.initial_adjust = frame.frame_size; + else if (frame.frame_size.is_constant (&const_size) + && const_size < max_push_offset +@@ -8422,7 +8420,7 @@ aarch64_layout_frame (void) + frame.callee_adjust = const_size; + } + else if (frame.bytes_below_saved_regs.is_constant (&const_below_saved_regs) +- && frame.saved_regs_size.is_constant (&const_saved_regs_size) ++ && saved_regs_size.is_constant (&const_saved_regs_size) + && const_below_saved_regs + const_saved_regs_size < 512 + /* We could handle this case even with data below the saved + registers, provided that that data left us with valid offsets +@@ -8441,8 +8439,7 @@ aarch64_layout_frame (void) + frame.initial_adjust = frame.frame_size; + } + else if (saves_below_hard_fp_p +- && known_eq (frame.saved_regs_size, +- frame.below_hard_fp_saved_regs_size)) ++ && known_eq (saved_regs_size, below_hard_fp_saved_regs_size)) + { + /* Frame in which all saves are SVE saves: + +@@ -8464,7 +8461,7 @@ aarch64_layout_frame (void) + [save SVE registers relative to SP] + sub sp, sp, bytes_below_saved_regs */ + frame.callee_adjust = const_above_fp; +- frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; ++ frame.sve_callee_adjust = below_hard_fp_saved_regs_size; + frame.final_adjust = frame.bytes_below_saved_regs; + } + else +@@ -8479,7 +8476,7 @@ aarch64_layout_frame (void) + [save SVE registers relative to SP] + sub sp, sp, bytes_below_saved_regs */ + frame.initial_adjust = frame.bytes_above_hard_fp; +- frame.sve_callee_adjust = frame.below_hard_fp_saved_regs_size; ++ frame.sve_callee_adjust = below_hard_fp_saved_regs_size; + frame.final_adjust = frame.bytes_below_saved_regs; + } + +@@ -9621,17 +9618,17 @@ aarch64_epilogue_uses (int regno) + | local variables | <-- frame_pointer_rtx + | | + +-------------------------------+ +- | padding | \ +- +-------------------------------+ | +- | callee-saved registers | | frame.saved_regs_size +- +-------------------------------+ | +- | LR' | | +- +-------------------------------+ | +- | FP' | | +- +-------------------------------+ |<- hard_frame_pointer_rtx (aligned) +- | SVE vector registers | | \ +- +-------------------------------+ | | below_hard_fp_saved_regs_size +- | SVE predicate registers | / / ++ | padding | ++ +-------------------------------+ ++ | callee-saved registers | ++ +-------------------------------+ ++ | LR' | ++ +-------------------------------+ ++ | FP' | ++ +-------------------------------+ <-- hard_frame_pointer_rtx (aligned) ++ | SVE vector registers | ++ +-------------------------------+ ++ | SVE predicate registers | + +-------------------------------+ + | dynamic allocation | + +-------------------------------+ +diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h +index 46d4693e206..01f7751bc78 100644 +--- a/gcc/config/aarch64/aarch64.h ++++ b/gcc/config/aarch64/aarch64.h +@@ -871,18 +871,11 @@ struct GTY (()) aarch64_frame + STACK_BOUNDARY. */ + HOST_WIDE_INT saved_varargs_size; + +- /* The size of the callee-save registers with a slot in REG_OFFSET. */ +- poly_int64 saved_regs_size; +- + /* The number of bytes between the bottom of the static frame (the bottom + of the outgoing arguments) and the bottom of the register save area. + This value is always a multiple of STACK_BOUNDARY. */ + poly_int64 bytes_below_saved_regs; + +- /* The size of the callee-save registers with a slot in REG_OFFSET that +- are saved below the hard frame pointer. */ +- poly_int64 below_hard_fp_saved_regs_size; +- + /* The number of bytes between the bottom of the static frame (the bottom + of the outgoing arguments) and the hard frame pointer. This value is + always a multiple of STACK_BOUNDARY. */ +-- +2.34.1 + + +From 75c37e031408262263442f5b4cdb83d3777b6422 Mon Sep 17 00:00:00 2001 +From: Richard Sandiford <richard.sandiford@arm.com> +Date: Tue, 12 Sep 2023 16:08:57 +0100 +Subject: [PATCH 19/19] aarch64: Make stack smash canary protect saved + registers + +AArch64 normally puts the saved registers near the bottom of the frame, +immediately above any dynamic allocations. But this means that a +stack-smash attack on those dynamic allocations could overwrite the +saved registers without needing to reach as far as the stack smash +canary. + +The same thing could also happen for variable-sized arguments that are +passed by value, since those are allocated before a call and popped on +return. + +This patch avoids that by putting the locals (and thus the canary) below +the saved registers when stack smash protection is active. + +The patch fixes CVE-2023-4039. + +gcc/ + * config/aarch64/aarch64.cc (aarch64_save_regs_above_locals_p): + New function. + (aarch64_layout_frame): Use it to decide whether locals should + go above or below the saved registers. + (aarch64_expand_prologue): Update stack layout comment. + Emit a stack tie after the final adjustment. + +gcc/testsuite/ + * gcc.target/aarch64/stack-protector-8.c: New test. + * gcc.target/aarch64/stack-protector-9.c: Likewise. +--- + gcc/config/aarch64/aarch64.cc | 46 +++++++-- + .../gcc.target/aarch64/stack-protector-8.c | 95 +++++++++++++++++++ + .../gcc.target/aarch64/stack-protector-9.c | 33 +++++++ + 3 files changed, 168 insertions(+), 6 deletions(-) + create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-protector-8.c + create mode 100644 gcc/testsuite/gcc.target/aarch64/stack-protector-9.c + +diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc +index ac3d3b336a3..96c3f48fdc4 100644 +--- a/gcc/config/aarch64/aarch64.cc ++++ b/gcc/config/aarch64/aarch64.cc +@@ -8133,6 +8133,20 @@ aarch64_needs_frame_chain (void) + return aarch64_use_frame_pointer; + } + ++/* Return true if the current function should save registers above ++ the locals area, rather than below it. */ ++ ++static bool ++aarch64_save_regs_above_locals_p () ++{ ++ /* When using stack smash protection, make sure that the canary slot ++ comes between the locals and the saved registers. Otherwise, ++ it would be possible for a carefully sized smash attack to change ++ the saved registers (particularly LR and FP) without reaching the ++ canary. */ ++ return crtl->stack_protect_guard; ++} ++ + /* Mark the registers that need to be saved by the callee and calculate + the size of the callee-saved registers area and frame record (both FP + and LR may be omitted). */ +@@ -8144,6 +8158,7 @@ aarch64_layout_frame (void) + poly_int64 vector_save_size = GET_MODE_SIZE (vector_save_mode); + bool frame_related_fp_reg_p = false; + aarch64_frame &frame = cfun->machine->frame; ++ poly_int64 top_of_locals = -1; + + frame.emit_frame_chain = aarch64_needs_frame_chain (); + +@@ -8210,9 +8225,16 @@ aarch64_layout_frame (void) + && !crtl->abi->clobbers_full_reg_p (regno)) + frame.reg_offset[regno] = SLOT_REQUIRED; + ++ bool regs_at_top_p = aarch64_save_regs_above_locals_p (); + + poly_int64 offset = crtl->outgoing_args_size; + gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); ++ if (regs_at_top_p) ++ { ++ offset += get_frame_size (); ++ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); ++ top_of_locals = offset; ++ } + frame.bytes_below_saved_regs = offset; + frame.sve_save_and_probe = INVALID_REGNUM; + +@@ -8352,15 +8374,18 @@ aarch64_layout_frame (void) + at expand_prologue. */ + gcc_assert (crtl->is_leaf || maybe_ne (saved_regs_size, 0)); + +- offset += get_frame_size (); +- offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); +- auto top_of_locals = offset; +- ++ if (!regs_at_top_p) ++ { ++ offset += get_frame_size (); ++ offset = aligned_upper_bound (offset, STACK_BOUNDARY / BITS_PER_UNIT); ++ top_of_locals = offset; ++ } + offset += frame.saved_varargs_size; + gcc_assert (multiple_p (offset, STACK_BOUNDARY / BITS_PER_UNIT)); + frame.frame_size = offset; + + frame.bytes_above_hard_fp = frame.frame_size - frame.bytes_below_hard_fp; ++ gcc_assert (known_ge (top_of_locals, 0)); + frame.bytes_above_locals = frame.frame_size - top_of_locals; + + frame.initial_adjust = 0; +@@ -9615,10 +9640,10 @@ aarch64_epilogue_uses (int regno) + | for register varargs | + | | + +-------------------------------+ +- | local variables | <-- frame_pointer_rtx ++ | local variables (1) | <-- frame_pointer_rtx + | | + +-------------------------------+ +- | padding | ++ | padding (1) | + +-------------------------------+ + | callee-saved registers | + +-------------------------------+ +@@ -9630,6 +9655,10 @@ aarch64_epilogue_uses (int regno) + +-------------------------------+ + | SVE predicate registers | + +-------------------------------+ ++ | local variables (2) | ++ +-------------------------------+ ++ | padding (2) | ++ +-------------------------------+ + | dynamic allocation | + +-------------------------------+ + | padding | +@@ -9639,6 +9668,9 @@ aarch64_epilogue_uses (int regno) + +-------------------------------+ + | | <-- stack_pointer_rtx (aligned) + ++ The regions marked (1) and (2) are mutually exclusive. (2) is used ++ when aarch64_save_regs_above_locals_p is true. ++ + Dynamic stack allocations via alloca() decrease stack_pointer_rtx + but leave frame_pointer_rtx and hard_frame_pointer_rtx + unchanged. +@@ -9834,6 +9866,8 @@ aarch64_expand_prologue (void) + gcc_assert (known_eq (bytes_below_sp, final_adjust)); + aarch64_allocate_and_probe_stack_space (tmp1_rtx, tmp0_rtx, final_adjust, + !frame_pointer_needed, true); ++ if (emit_frame_chain && maybe_ne (final_adjust, 0)) ++ emit_insn (gen_stack_tie (stack_pointer_rtx, hard_frame_pointer_rtx)); + } + + /* Return TRUE if we can use a simple_return insn. +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c b/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c +new file mode 100644 +index 00000000000..e71d820e365 +--- /dev/null ++++ b/gcc/testsuite/gcc.target/aarch64/stack-protector-8.c +@@ -0,0 +1,95 @@ ++/* { dg-options " -O -fstack-protector-strong -mstack-protector-guard=sysreg -mstack-protector-guard-reg=tpidr2_el0 -mstack-protector-guard-offset=16" } */ ++/* { dg-final { check-function-bodies "**" "" } } */ ++ ++void g(void *); ++__SVBool_t *h(void *); ++ ++/* ++** test1: ++** sub sp, sp, #288 ++** stp x29, x30, \[sp, #?272\] ++** add x29, sp, #?272 ++** mrs (x[0-9]+), tpidr2_el0 ++** ldr (x[0-9]+), \[\1, #?16\] ++** str \2, \[sp, #?264\] ++** mov \2, #?0 ++** add x0, sp, #?8 ++** bl g ++** ... ++** mrs .* ++** ... ++** bne .* ++** ... ++** ldp x29, x30, \[sp, #?272\] ++** add sp, sp, #?288 ++** ret ++** bl __stack_chk_fail ++*/ ++int test1() { ++ int y[0x40]; ++ g(y); ++ return 1; ++} ++ ++/* ++** test2: ++** stp x29, x30, \[sp, #?-16\]! ++** mov x29, sp ++** sub sp, sp, #1040 ++** mrs (x[0-9]+), tpidr2_el0 ++** ldr (x[0-9]+), \[\1, #?16\] ++** str \2, \[sp, #?1032\] ++** mov \2, #?0 ++** add x0, sp, #?8 ++** bl g ++** ... ++** mrs .* ++** ... ++** bne .* ++** ... ++** add sp, sp, #?1040 ++** ldp x29, x30, \[sp\], #?16 ++** ret ++** bl __stack_chk_fail ++*/ ++int test2() { ++ int y[0x100]; ++ g(y); ++ return 1; ++} ++ ++#pragma GCC target "+sve" ++ ++/* ++** test3: ++** stp x29, x30, \[sp, #?-16\]! ++** mov x29, sp ++** addvl sp, sp, #-18 ++** ... ++** str p4, \[sp\] ++** ... ++** sub sp, sp, #272 ++** mrs (x[0-9]+), tpidr2_el0 ++** ldr (x[0-9]+), \[\1, #?16\] ++** str \2, \[sp, #?264\] ++** mov \2, #?0 ++** add x0, sp, #?8 ++** bl h ++** ... ++** mrs .* ++** ... ++** bne .* ++** ... ++** add sp, sp, #?272 ++** ... ++** ldr p4, \[sp\] ++** ... ++** addvl sp, sp, #18 ++** ldp x29, x30, \[sp\], #?16 ++** ret ++** bl __stack_chk_fail ++*/ ++__SVBool_t test3() { ++ int y[0x40]; ++ return *h(y); ++} +diff --git a/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c b/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c +new file mode 100644 +index 00000000000..58f322aa480 +--- /dev/null ++++ b/gcc/testsuite/gcc.target/aarch64/stack-protector-9.c +@@ -0,0 +1,33 @@ ++/* { dg-options "-O2 -mcpu=neoverse-v1 -fstack-protector-all" } */ ++/* { dg-final { check-function-bodies "**" "" } } */ ++ ++/* ++** main: ++** ... ++** stp x29, x30, \[sp, #?-[0-9]+\]! ++** ... ++** sub sp, sp, #[0-9]+ ++** ... ++** str x[0-9]+, \[x29, #?-8\] ++** ... ++*/ ++int f(const char *); ++void g(void *); ++int main(int argc, char* argv[]) ++{ ++ int a; ++ int b; ++ char c[2+f(argv[1])]; ++ int d[0x100]; ++ char y; ++ ++ y=42; a=4; b=10; ++ c[0] = 'h'; c[1] = '\0'; ++ ++ c[f(argv[2])] = '\0'; ++ ++ __builtin_printf("%d %d\n%s\n", a, b, c); ++ g(d); ++ ++ return 0; ++} +-- +2.34.1 + diff --git a/poky/meta/recipes-devtools/gcc/gcc_12.2.bb b/poky/meta/recipes-devtools/gcc/gcc_12.3.bb index 255fe552bd..255fe552bd 100644 --- a/poky/meta/recipes-devtools/gcc/gcc_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/gcc_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/libgcc-initial_12.2.bb b/poky/meta/recipes-devtools/gcc/libgcc-initial_12.3.bb index a259082b47..a259082b47 100644 --- a/poky/meta/recipes-devtools/gcc/libgcc-initial_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/libgcc-initial_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/libgcc_12.2.bb b/poky/meta/recipes-devtools/gcc/libgcc_12.3.bb index f88963b0a4..f88963b0a4 100644 --- a/poky/meta/recipes-devtools/gcc/libgcc_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/libgcc_12.3.bb diff --git a/poky/meta/recipes-devtools/gcc/libgfortran_12.2.bb b/poky/meta/recipes-devtools/gcc/libgfortran_12.3.bb index 71dd8b4bdc..71dd8b4bdc 100644 --- a/poky/meta/recipes-devtools/gcc/libgfortran_12.2.bb +++ b/poky/meta/recipes-devtools/gcc/libgfortran_12.3.bb diff --git a/poky/meta/recipes-devtools/gdb/gdb-cross-canadian_13.1.bb b/poky/meta/recipes-devtools/gdb/gdb-cross-canadian_13.2.bb index 4ab2b7156d..4ab2b7156d 100644 --- a/poky/meta/recipes-devtools/gdb/gdb-cross-canadian_13.1.bb +++ b/poky/meta/recipes-devtools/gdb/gdb-cross-canadian_13.2.bb diff --git a/poky/meta/recipes-devtools/gdb/gdb-cross_13.1.bb b/poky/meta/recipes-devtools/gdb/gdb-cross_13.2.bb index 3b654a2f0d..3b654a2f0d 100644 --- a/poky/meta/recipes-devtools/gdb/gdb-cross_13.1.bb +++ b/poky/meta/recipes-devtools/gdb/gdb-cross_13.2.bb diff --git a/poky/meta/recipes-devtools/gdb/gdb.inc b/poky/meta/recipes-devtools/gdb/gdb.inc index 8589de62ff..2437a96ae7 100644 --- a/poky/meta/recipes-devtools/gdb/gdb.inc +++ b/poky/meta/recipes-devtools/gdb/gdb.inc @@ -13,10 +13,9 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \ file://0006-resolve-restrict-keyword-conflict.patch \ file://0007-Fix-invalid-sigprocmask-call.patch \ file://0008-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \ - file://0009-gdbserver-linux-low.cc-Fix-a-typo-in-ternary-operato.patch \ file://add-missing-ldflags.patch \ - file://0001-aarch64-Check-for-valid-inferior-thread-regcache-bef.patch \ + file://0009-CVE-2023-39128.patch \ " -SRC_URI[sha256sum] = "115ad5c18d69a6be2ab15882d365dda2a2211c14f480b3502c6eba576e2e95a0" +SRC_URI[sha256sum] = "fd5bebb7be1833abdb6e023c2f498a354498281df9d05523d8915babeb893f0a" TOOLCHAIN = "gcc" diff --git a/poky/meta/recipes-devtools/gdb/gdb/0001-aarch64-Check-for-valid-inferior-thread-regcache-bef.patch b/poky/meta/recipes-devtools/gdb/gdb/0001-aarch64-Check-for-valid-inferior-thread-regcache-bef.patch deleted file mode 100644 index 9adf4a4db5..0000000000 --- a/poky/meta/recipes-devtools/gdb/gdb/0001-aarch64-Check-for-valid-inferior-thread-regcache-bef.patch +++ /dev/null @@ -1,286 +0,0 @@ -From b3eff3e15576229af9bae026c5c23ee694b90389 Mon Sep 17 00:00:00 2001 -From: Luis Machado <luis.machado@arm.com> -Date: Fri, 24 Mar 2023 07:58:38 +0000 -Subject: [PATCH] aarch64: Check for valid inferior thread/regcache before - reading pauth registers - -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> - -There were reports of gdb throwing internal errors when calling -inferior_thread ()/get_current_regcache () on a system with -Pointer Authentication enabled. - -In such cases, gdb produces the following backtrace, or a variation -of it (for gdb's with the non-address removal implemented only in -the aarch64-linux-tdep.c file). - -../../../repos/binutils-gdb/gdb/thread.c:86: internal-error: inferior_thread: Assertion `current_thread_ != nullptr' failed. -A problem internal to GDB has been detected, -further debugging may prove unreliable. ------ Backtrace ----- -0xaaaae04a571f gdb_internal_backtrace_1 - ../../../repos/binutils-gdb/gdb/bt-utils.c:122 -0xaaaae04a57f3 _Z22gdb_internal_backtracev - ../../../repos/binutils-gdb/gdb/bt-utils.c:168 -0xaaaae0b52ccf internal_vproblem - ../../../repos/binutils-gdb/gdb/utils.c:401 -0xaaaae0b5310b _Z15internal_verrorPKciS0_St9__va_list - ../../../repos/binutils-gdb/gdb/utils.c:481 -0xaaaae0e24b8f _Z18internal_error_locPKciS0_z - ../../../repos/binutils-gdb/gdbsupport/errors.cc:58 -0xaaaae0a88983 _Z15inferior_threadv - ../../../repos/binutils-gdb/gdb/thread.c:86 -0xaaaae0956c87 _Z20get_current_regcachev - ../../../repos/binutils-gdb/gdb/regcache.c:428 -0xaaaae035223f aarch64_remove_non_address_bits - ../../../repos/binutils-gdb/gdb/aarch64-tdep.c:3572 -0xaaaae03e8abb _Z31gdbarch_remove_non_address_bitsP7gdbarchm - ../../../repos/binutils-gdb/gdb/gdbarch.c:3109 -0xaaaae0a692d7 memory_xfer_partial - ../../../repos/binutils-gdb/gdb/target.c:1620 -0xaaaae0a695e3 _Z19target_xfer_partialP10target_ops13target_objectPKcPhPKhmmPm - ../../../repos/binutils-gdb/gdb/target.c:1684 -0xaaaae0a69e9f target_read_partial - ../../../repos/binutils-gdb/gdb/target.c:1937 -0xaaaae0a69fdf _Z11target_readP10target_ops13target_objectPKcPhml - ../../../repos/binutils-gdb/gdb/target.c:1977 -0xaaaae0a69937 _Z18target_read_memorymPhl - ../../../repos/binutils-gdb/gdb/target.c:1773 -0xaaaae08be523 ps_xfer_memory - ../../../repos/binutils-gdb/gdb/proc-service.c:90 -0xaaaae08be6db ps_pdread - ../../../repos/binutils-gdb/gdb/proc-service.c:124 -0x40001ed7c3b3 _td_fetch_value - /build/glibc-RIFKjK/glibc-2.31/nptl_db/fetch-value.c:115 -0x40001ed791ef td_ta_map_lwp2thr - /build/glibc-RIFKjK/glibc-2.31/nptl_db/td_ta_map_lwp2thr.c:194 -0xaaaae07f4473 thread_from_lwp - ../../../repos/binutils-gdb/gdb/linux-thread-db.c:413 -0xaaaae07f6d6f _ZN16thread_db_target4waitE6ptid_tP17target_waitstatus10enum_flagsI16target_wait_flagE - ../../../repos/binutils-gdb/gdb/linux-thread-db.c:1420 -0xaaaae0a6b33b _Z11target_wait6ptid_tP17target_waitstatus10enum_flagsI16target_wait_flagE - ../../../repos/binutils-gdb/gdb/target.c:2586 -0xaaaae0789cf7 do_target_wait_1 - ../../../repos/binutils-gdb/gdb/infrun.c:3825 -0xaaaae0789e6f operator() - ../../../repos/binutils-gdb/gdb/infrun.c:3884 -0xaaaae078a167 do_target_wait - ../../../repos/binutils-gdb/gdb/infrun.c:3903 -0xaaaae078b0af _Z20fetch_inferior_eventv - ../../../repos/binutils-gdb/gdb/infrun.c:4314 -0xaaaae076652f _Z22inferior_event_handler19inferior_event_type - ../../../repos/binutils-gdb/gdb/inf-loop.c:41 -0xaaaae07dc68b handle_target_event - ../../../repos/binutils-gdb/gdb/linux-nat.c:4206 -0xaaaae0e25fbb handle_file_event - ../../../repos/binutils-gdb/gdbsupport/event-loop.cc:573 -0xaaaae0e264f3 gdb_wait_for_event - ../../../repos/binutils-gdb/gdbsupport/event-loop.cc:694 -0xaaaae0e24f9b _Z16gdb_do_one_eventi - ../../../repos/binutils-gdb/gdbsupport/event-loop.cc:217 -0xaaaae080f033 start_event_loop - ../../../repos/binutils-gdb/gdb/main.c:411 -0xaaaae080f1b7 captured_command_loop - ../../../repos/binutils-gdb/gdb/main.c:475 -0xaaaae0810b97 captured_main - ../../../repos/binutils-gdb/gdb/main.c:1318 -0xaaaae0810c1b _Z8gdb_mainP18captured_main_args - ../../../repos/binutils-gdb/gdb/main.c:1337 -0xaaaae0338453 main - ../../../repos/binutils-gdb/gdb/gdb.c:32 ---------------------- -../../../repos/binutils-gdb/gdb/thread.c:86: internal-error: inferior_thread: Assertion `current_thread_ != nullptr' failed. -A problem internal to GDB has been detected, -further debugging may prove unreliable. -Quit this debugging session? (y or n) - -We also see failures across the testsuite if the tests get executed on a target -that has native support for the pointer authentication feature. But -gdb.base/break.exp and gdb.base/access-mem-running.exp are two examples of -tests that run into errors and internal errors. - -This issue started after commit d88cb738e6a7a7179dfaff8af78d69250c852af1, which -enabled more broad use of pointer authentication masks to remove non-address -bits of pointers, but wasn't immediately detected because systems with native -support for pointer authentication are not that common yet. - -The above crash happens because gdb is in the middle of handling an event, -and do_target_wait_1 calls switch_to_inferior_no_thread, nullifying the -current thread. This means a call to inferior_thread () will assert, and -attempting to call get_current_regcache () will also call inferior_thread (), -resulting in an assertion as well. - -target_has_registers was one function that seemed useful for detecting these -types of situation where we don't have a register cache. The problem with that -is the inconsistent state of inferior_ptid, which is used by -target_has_registers. - -Despite the call to switch_to_no_thread in switch_to_inferior_no_thread from -do_target_wait_1 in the backtrace above clearing inferior_ptid, the call to -ps_xfer_memory sets inferior_ptid momentarily before reading memory: - -static ps_err_e -ps_xfer_memory (const struct ps_prochandle *ph, psaddr_t addr, - gdb_byte *buf, size_t len, int write) -{ - scoped_restore_current_inferior restore_inferior; - set_current_inferior (ph->thread->inf); - - scoped_restore_current_program_space restore_current_progspace; - set_current_program_space (ph->thread->inf->pspace); - - scoped_restore save_inferior_ptid = make_scoped_restore (&inferior_ptid); - inferior_ptid = ph->thread->ptid; - - CORE_ADDR core_addr = ps_addr_to_core_addr (addr); - - int ret; - if (write) - ret = target_write_memory (core_addr, buf, len); - else - ret = target_read_memory (core_addr, buf, len); - return (ret == 0 ? PS_OK : PS_ERR); -} - -Maybe this shouldn't happen, or maybe it is just an unfortunate state to be -in. But this prevents the use of target_has_registers to guard against the -lack of registers, since, although current_thread_ is still nullptr, -inferior_ptid is valid and is not null_ptid. - -There is another crash scenario after we kill a previously active inferior, in -which case the gdbarch will still say we support pointer authentication but we -will also have no current thread (inferior_thread () will assert etc). - -If the target has support for pointer authentication, gdb needs to use -a couple (or 4, for bare-metal) mask registers to mask off some bits of -pointers, and for that it needs to access the registers. - -At some points, like the one from the backtrace above, there is no active -thread/current regcache because gdb is in the middle of doing event handling -and switching between threads. - -Simon suggested the use of inferior_ptid to fetch the register cache, as -opposed to relying on the current register cache. Though we need to make sure -inferior_ptid is valid (not null_ptid), I think this works nicely. - -With inferior_ptid, we can do safety checks along the way, making sure we have -a thread to fetch a register cache from and checking if the thread is actually -stopped or running. - -The following patch implements this idea with safety checks to make sure we -don't run into assertions or errors. If any of the checks fail, we fallback to -using a default mask to remove non-address bits of a pointer. - -I discussed with Pedro the possibility of caching the mask register values -(which are per-process and can change mid-execution), but there isn't a good -spot to cache those values. Besides, the mask registers can change constantly -for bare-metal debugging when switching between exception levels. - -In some cases, it is just not possible to get access to these mask registers, -like the case where threads are running. In those cases, using a default mask -to remove the non-address bits should be enough. - -This can happen when we let threads run in the background and then we attempt -to access a memory address (now that gdb is capable of reading memory even -with threads running). Thus gdb will attempt to remove non-address bits -of that memory access, will attempt to access registers, running into errors. - -Regression-tested on aarch64-linux Ubuntu 20.04. ---- - gdb/aarch64-linux-tdep.c | 64 ++++++++++++++++++++++++++++++---------- - 1 file changed, 49 insertions(+), 15 deletions(-) - -diff --git a/gdb/aarch64-linux-tdep.c b/gdb/aarch64-linux-tdep.c -index 20a041c599e..4b2915b8e99 100644 ---- a/gdb/aarch64-linux-tdep.c -+++ b/gdb/aarch64-linux-tdep.c -@@ -57,6 +57,9 @@ - #include "elf/common.h" - #include "elf/aarch64.h" - -+/* For inferior_ptid and current_inferior (). */ -+#include "inferior.h" -+ - /* Signal frame handling. - - +------------+ ^ -@@ -1986,29 +1989,60 @@ aarch64_linux_decode_memtag_section (struct gdbarch *gdbarch, - static CORE_ADDR - aarch64_remove_non_address_bits (struct gdbarch *gdbarch, CORE_ADDR pointer) - { -- aarch64_gdbarch_tdep *tdep = gdbarch_tdep<aarch64_gdbarch_tdep> (gdbarch); -- - /* By default, we assume TBI and discard the top 8 bits plus the VA range -- select bit (55). */ -+ select bit (55). Below we try to fetch information about pointer -+ authentication masks in order to make non-address removal more -+ precise. */ - CORE_ADDR mask = AARCH64_TOP_BITS_MASK; - -- if (tdep->has_pauth ()) -+ /* Check if we have an inferior first. If not, just use the default -+ mask. -+ -+ We use the inferior_ptid here because the pointer authentication masks -+ should be the same across threads of a process. Since we may not have -+ access to the current thread (gdb may have switched to no inferiors -+ momentarily), we use the inferior ptid. */ -+ if (inferior_ptid != null_ptid) - { -- /* Fetch the PAC masks. These masks are per-process, so we can just -- fetch data from whatever thread we have at the moment. -+ /* If we do have an inferior, attempt to fetch its thread's thread_info -+ struct. */ -+ thread_info *thread -+ = find_thread_ptid (current_inferior ()->process_target (), -+ inferior_ptid); - -- Also, we have both a code mask and a data mask. For now they are the -- same, but this may change in the future. */ -- struct regcache *regs = get_current_regcache (); -- CORE_ADDR cmask, dmask; -+ /* If the thread is running, we will not be able to fetch the mask -+ registers. */ -+ if (thread != nullptr && thread->state != THREAD_RUNNING) -+ { -+ /* Otherwise, fetch the register cache and the masks. */ -+ struct regcache *regs -+ = get_thread_regcache (current_inferior ()->process_target (), -+ inferior_ptid); -+ -+ /* Use the gdbarch from the register cache to check for pointer -+ authentication support, as it matches the features found in -+ that particular thread. */ -+ aarch64_gdbarch_tdep *tdep -+ = gdbarch_tdep<aarch64_gdbarch_tdep> (regs->arch ()); -+ -+ /* Is there pointer authentication support? */ -+ if (tdep->has_pauth ()) -+ { -+ /* We have both a code mask and a data mask. For now they are -+ the same, but this may change in the future. */ -+ CORE_ADDR cmask, dmask; - -- if (regs->cooked_read (tdep->pauth_reg_base, &dmask) != REG_VALID) -- dmask = mask; -+ if (regs->cooked_read (tdep->pauth_reg_base, &dmask) -+ != REG_VALID) -+ dmask = mask; - -- if (regs->cooked_read (tdep->pauth_reg_base + 1, &cmask) != REG_VALID) -- cmask = mask; -+ if (regs->cooked_read (tdep->pauth_reg_base + 1, &cmask) -+ != REG_VALID) -+ cmask = mask; - -- mask |= aarch64_mask_from_pac_registers (cmask, dmask); -+ mask |= aarch64_mask_from_pac_registers (cmask, dmask); -+ } -+ } - } - - return aarch64_remove_top_bits (pointer, mask); --- -2.34.1 - diff --git a/poky/meta/recipes-devtools/gdb/gdb/0009-CVE-2023-39128.patch b/poky/meta/recipes-devtools/gdb/gdb/0009-CVE-2023-39128.patch new file mode 100644 index 0000000000..88e39eaa59 --- /dev/null +++ b/poky/meta/recipes-devtools/gdb/gdb/0009-CVE-2023-39128.patch @@ -0,0 +1,75 @@ +From 033bc52bb6190393c8eed80925fa78cc35b40c6d Mon Sep 17 00:00:00 2001 +From: Tom Tromey <tromey@adacore.com> +Date: Wed, 16 Aug 2023 11:29:19 -0600 +Subject: [PATCH] Avoid buffer overflow in ada_decode + +A bug report pointed out a buffer overflow in ada_decode, which Keith +helpfully analyzed. ada_decode had a logic error when the input was +all digits. While this isn't valid -- and would probably only appear +in fuzzer tests -- it still should be handled properly. + +This patch adds a missing bounds check. Tested with the self-tests in +an asan build. + +Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30639 +Reviewed-by: Keith Seitz <keiths@redhat.com> + +Upstream-Status: Backport from [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=033bc52bb6190393c8eed80925fa78cc35b40c6d] +CVE: CVE-2023-39128 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + gdb/ada-lang.c | 19 ++++++++++++++++++- + 1 file changed, 18 insertions(+), 1 deletion(-) + +diff --git a/gdb/ada-lang.c b/gdb/ada-lang.c +index 40f8591..06ac46b 100644 +--- a/gdb/ada-lang.c ++++ b/gdb/ada-lang.c +@@ -57,6 +57,7 @@ + #include "cli/cli-utils.h" + #include "gdbsupport/function-view.h" + #include "gdbsupport/byte-vector.h" ++#include "gdbsupport/selftest.h" + #include <algorithm> + #include "ada-exp.h" + #include "charset.h" +@@ -1388,7 +1389,7 @@ ada_decode (const char *encoded, bool wrap, bool operators) + i -= 1; + if (i > 1 && encoded[i] == '_' && encoded[i - 1] == '_') + len0 = i - 1; +- else if (encoded[i] == '$') ++ else if (i >= 0 && encoded[i] == '$') + len0 = i; + } + +@@ -1585,6 +1586,18 @@ ada_decode (const char *encoded, bool wrap, bool operators) + return decoded; + } + ++#ifdef GDB_SELF_TEST ++ ++static void ++ada_decode_tests () ++{ ++ /* This isn't valid, but used to cause a crash. PR gdb/30639. The ++ result does not really matter very much. */ ++ SELF_CHECK (ada_decode ("44") == "44"); ++} ++ ++#endif ++ + /* Table for keeping permanent unique copies of decoded names. Once + allocated, names in this table are never released. While this is a + storage leak, it should not be significant unless there are massive +@@ -14084,4 +14097,8 @@ DWARF attribute."), + gdb::observers::new_objfile.attach (ada_new_objfile_observer, "ada-lang"); + gdb::observers::free_objfile.attach (ada_free_objfile_observer, "ada-lang"); + gdb::observers::inferior_exit.attach (ada_inferior_exit, "ada-lang"); ++ ++#ifdef GDB_SELF_TEST ++ selftests::register_test ("ada-decode", ada_decode_tests); ++#endif + } +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/gdb/gdb/0009-gdbserver-linux-low.cc-Fix-a-typo-in-ternary-operato.patch b/poky/meta/recipes-devtools/gdb/gdb/0009-gdbserver-linux-low.cc-Fix-a-typo-in-ternary-operato.patch deleted file mode 100644 index 32eba089bc..0000000000 --- a/poky/meta/recipes-devtools/gdb/gdb/0009-gdbserver-linux-low.cc-Fix-a-typo-in-ternary-operato.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 9a85132c4ba7d37a5df146239b3ab1a5854ce478 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Wed, 22 Feb 2023 16:24:07 -0800 -Subject: [PATCH] gdbserver/linux-low.cc: Fix a typo in ternary operator - -Upstream-Status: Submitted [https://sourceware.org/pipermail/gdb-patches/2023-February/197298.html] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - gdbserver/linux-low.cc | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gdbserver/linux-low.cc b/gdbserver/linux-low.cc -index 7e1de397893..95ec871d436 100644 ---- a/gdbserver/linux-low.cc -+++ b/gdbserver/linux-low.cc -@@ -5390,7 +5390,7 @@ proc_xfer_memory (CORE_ADDR memaddr, unsigned char *readbuf, - if (lseek (fd, memaddr, SEEK_SET) != -1) - bytes = (readbuf != nullptr - ? read (fd, readbuf, len) -- ? write (fd, writebuf, len)); -+ : write (fd, writebuf, len)); - #endif - - if (bytes < 0) diff --git a/poky/meta/recipes-devtools/gdb/gdb_13.1.bb b/poky/meta/recipes-devtools/gdb/gdb_13.2.bb index 9c6db4ca2c..9c6db4ca2c 100644 --- a/poky/meta/recipes-devtools/gdb/gdb_13.1.bb +++ b/poky/meta/recipes-devtools/gdb/gdb_13.2.bb diff --git a/poky/meta/recipes-devtools/git/git_2.39.2.bb b/poky/meta/recipes-devtools/git/git_2.39.3.bb index 9fac9d13f8..6fdf1caa74 100644 --- a/poky/meta/recipes-devtools/git/git_2.39.2.bb +++ b/poky/meta/recipes-devtools/git/git_2.39.3.bb @@ -170,4 +170,4 @@ EXTRA_OECONF += "ac_cv_snprintf_returns_bogus=no \ " EXTRA_OEMAKE += "NO_GETTEXT=1" -SRC_URI[tarball.sha256sum] = "fb6807d1eb4094bb2349ab97d203fe1e6c3eb28af73ea391decfbd3a03c02e85" +SRC_URI[tarball.sha256sum] = "2f9aa93c548941cc5aff641cedc24add15b912ad8c9b36ff5a41b1a9dcad783e" diff --git a/poky/meta/recipes-devtools/go/go-1.20.4.inc b/poky/meta/recipes-devtools/go/go-1.20.7.inc index 05bc168e0c..009a67e89e 100644 --- a/poky/meta/recipes-devtools/go/go-1.20.4.inc +++ b/poky/meta/recipes-devtools/go/go-1.20.7.inc @@ -14,5 +14,7 @@ SRC_URI += "\ file://0007-exec.go-do-not-write-linker-flags-into-buildids.patch \ file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \ + file://CVE-2023-24531_1.patch \ + file://CVE-2023-24531_2.patch \ " -SRC_URI[main.sha256sum] = "9f34ace128764b7a3a4b238b805856cc1b2184304df9e5690825b0710f4202d6" +SRC_URI[main.sha256sum] = "2c5ee9c9ec1e733b0dbbc2bdfed3f62306e51d8172bf38f4f4e542b27520f597" diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.20.4.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.20.7.bb index 87ce8a558f..3decde1954 100644 --- a/poky/meta/recipes-devtools/go/go-binary-native_1.20.4.bb +++ b/poky/meta/recipes-devtools/go/go-binary-native_1.20.7.bb @@ -9,9 +9,9 @@ PROVIDES = "go-native" # Checksums available at https://go.dev/dl/ SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "698ef3243972a51ddb4028e4a1ac63dc6d60821bf18e59a807e051fee0a385bd" -SRC_URI[go_linux_arm64.sha256sum] = "105889992ee4b1d40c7c108555222ca70ae43fccb42e20fbf1eebb822f5e72c6" -SRC_URI[go_linux_ppc64le.sha256sum] = "8c6f44b96c2719c90eebabe2dd866f9c39538648f7897a212cac448587e9a408" +SRC_URI[go_linux_amd64.sha256sum] = "f0a87f1bcae91c4b69f8dc2bc6d7e6bfcd7524fceec130af525058c0c17b1b44" +SRC_URI[go_linux_arm64.sha256sum] = "44781ae3b153c3b07651d93b6bc554e835a36e2d72a696281c1e4dad9efffe43" +SRC_URI[go_linux_ppc64le.sha256sum] = "6318a1db307c12b8afe68808bd6fae4fba1e558a85b958216096869ed506dcb3" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.20.4.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.20.7.bb index 7ac9449e47..7ac9449e47 100644 --- a/poky/meta/recipes-devtools/go/go-cross-canadian_1.20.4.bb +++ b/poky/meta/recipes-devtools/go/go-cross-canadian_1.20.7.bb diff --git a/poky/meta/recipes-devtools/go/go-cross_1.20.4.bb b/poky/meta/recipes-devtools/go/go-cross_1.20.7.bb index 80b5a03f6c..80b5a03f6c 100644 --- a/poky/meta/recipes-devtools/go/go-cross_1.20.4.bb +++ b/poky/meta/recipes-devtools/go/go-cross_1.20.7.bb diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.20.4.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.20.7.bb index 1857c8a577..1857c8a577 100644 --- a/poky/meta/recipes-devtools/go/go-crosssdk_1.20.4.bb +++ b/poky/meta/recipes-devtools/go/go-crosssdk_1.20.7.bb diff --git a/poky/meta/recipes-devtools/go/go-native_1.20.4.bb b/poky/meta/recipes-devtools/go/go-native_1.20.7.bb index ddf25b2c9b..ddf25b2c9b 100644 --- a/poky/meta/recipes-devtools/go/go-native_1.20.4.bb +++ b/poky/meta/recipes-devtools/go/go-native_1.20.7.bb diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.20.4.bb b/poky/meta/recipes-devtools/go/go-runtime_1.20.7.bb index 63464a1501..63464a1501 100644 --- a/poky/meta/recipes-devtools/go/go-runtime_1.20.4.bb +++ b/poky/meta/recipes-devtools/go/go-runtime_1.20.7.bb diff --git a/poky/meta/recipes-devtools/go/go/CVE-2023-24531_1.patch b/poky/meta/recipes-devtools/go/go/CVE-2023-24531_1.patch new file mode 100644 index 0000000000..9de701b64b --- /dev/null +++ b/poky/meta/recipes-devtools/go/go/CVE-2023-24531_1.patch @@ -0,0 +1,266 @@ +From c5463ec922a57d8b175c6639186ba9cbe15e6bc1 Mon Sep 17 00:00:00 2001 +From: Michael Matloob <matloob@golang.org> +Date: Mon, 24 Apr 2023 16:57:28 -0400 +Subject: [PATCH 1/2] cmd/go: sanitize go env outputs + +go env, without any arguments, outputs the environment variables in +the form of a script that can be run on the host OS. On Unix, single +quote the strings and place single quotes themselves outside the +single quoted strings. On windows use the set "var=val" syntax with +the quote starting before the variable. + +Fixes #58508 + +Change-Id: Iecd379a4af7285ea9b2024f0202250c74fd9a2bd +Reviewed-on: https://go-review.googlesource.com/c/go/+/488375 +TryBot-Result: Gopher Robot <gobot@golang.org> +Reviewed-by: Michael Matloob <matloob@golang.org> +Reviewed-by: Damien Neil <dneil@google.com> +Run-TryBot: Michael Matloob <matloob@golang.org> +Reviewed-by: Bryan Mills <bcmills@google.com> +Reviewed-by: Quim Muntal <quimmuntal@gmail.com> + +CVE: CVE-2023-24531 +Upstream-Status: Backport [f379e78951a405e7e99a60fb231eeedbf976c108] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/cmd/go/internal/envcmd/env.go | 60 ++++++++++++- + src/cmd/go/internal/envcmd/env_test.go | 94 +++++++++++++++++++++ + src/cmd/go/testdata/script/env_sanitize.txt | 5 ++ + src/cmd/go/testdata/script/work_env.txt | 2 +- + 4 files changed, 158 insertions(+), 3 deletions(-) + create mode 100644 src/cmd/go/internal/envcmd/env_test.go + create mode 100644 src/cmd/go/testdata/script/env_sanitize.txt + +diff --git a/src/cmd/go/internal/envcmd/env.go b/src/cmd/go/internal/envcmd/env.go +index fb7448a..5b52fad 100644 +--- a/src/cmd/go/internal/envcmd/env.go ++++ b/src/cmd/go/internal/envcmd/env.go +@@ -6,6 +6,7 @@ + package envcmd + + import ( ++ "bytes" + "context" + "encoding/json" + "fmt" +@@ -17,6 +18,7 @@ import ( + "runtime" + "sort" + "strings" ++ "unicode" + "unicode/utf8" + + "cmd/go/internal/base" +@@ -413,9 +415,12 @@ func checkBuildConfig(add map[string]string, del map[string]bool) error { + func PrintEnv(w io.Writer, env []cfg.EnvVar) { + for _, e := range env { + if e.Name != "TERM" { ++ if runtime.GOOS != "plan9" && bytes.Contains([]byte(e.Value), []byte{0}) { ++ base.Fatalf("go: internal error: encountered null byte in environment variable %s on non-plan9 platform", e.Name) ++ } + switch runtime.GOOS { + default: +- fmt.Fprintf(w, "%s=\"%s\"\n", e.Name, e.Value) ++ fmt.Fprintf(w, "%s=%s\n", e.Name, shellQuote(e.Value)) + case "plan9": + if strings.IndexByte(e.Value, '\x00') < 0 { + fmt.Fprintf(w, "%s='%s'\n", e.Name, strings.ReplaceAll(e.Value, "'", "''")) +@@ -426,17 +431,68 @@ func PrintEnv(w io.Writer, env []cfg.EnvVar) { + if x > 0 { + fmt.Fprintf(w, " ") + } ++ // TODO(#59979): Does this need to be quoted like above? + fmt.Fprintf(w, "%s", s) + } + fmt.Fprintf(w, ")\n") + } + case "windows": +- fmt.Fprintf(w, "set %s=%s\n", e.Name, e.Value) ++ if hasNonGraphic(e.Value) { ++ base.Errorf("go: stripping unprintable or unescapable characters from %%%q%%", e.Name) ++ } ++ fmt.Fprintf(w, "set %s=%s\n", e.Name, batchEscape(e.Value)) + } + } + } + } + ++func hasNonGraphic(s string) bool { ++ for _, c := range []byte(s) { ++ if c == '\r' || c == '\n' || (!unicode.IsGraphic(rune(c)) && !unicode.IsSpace(rune(c))) { ++ return true ++ } ++ } ++ return false ++} ++ ++func shellQuote(s string) string { ++ var b bytes.Buffer ++ b.WriteByte('\'') ++ for _, x := range []byte(s) { ++ if x == '\'' { ++ // Close the single quoted string, add an escaped single quote, ++ // and start another single quoted string. ++ b.WriteString(`'\''`) ++ } else { ++ b.WriteByte(x) ++ } ++ } ++ b.WriteByte('\'') ++ return b.String() ++} ++ ++func batchEscape(s string) string { ++ var b bytes.Buffer ++ for _, x := range []byte(s) { ++ if x == '\r' || x == '\n' || (!unicode.IsGraphic(rune(x)) && !unicode.IsSpace(rune(x))) { ++ b.WriteRune(unicode.ReplacementChar) ++ continue ++ } ++ switch x { ++ case '%': ++ b.WriteString("%%") ++ case '<', '>', '|', '&', '^': ++ // These are special characters that need to be escaped with ^. See ++ // https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/set_1. ++ b.WriteByte('^') ++ b.WriteByte(x) ++ default: ++ b.WriteByte(x) ++ } ++ } ++ return b.String() ++} ++ + func printEnvAsJSON(env []cfg.EnvVar) { + m := make(map[string]string) + for _, e := range env { +diff --git a/src/cmd/go/internal/envcmd/env_test.go b/src/cmd/go/internal/envcmd/env_test.go +new file mode 100644 +index 0000000..32d99fd +--- /dev/null ++++ b/src/cmd/go/internal/envcmd/env_test.go +@@ -0,0 +1,94 @@ ++// Copyright 2022 The Go Authors. All rights reserved. ++// Use of this source code is governed by a BSD-style ++// license that can be found in the LICENSE file. ++ ++//go:build unix || windows ++ ++package envcmd ++ ++import ( ++ "bytes" ++ "cmd/go/internal/cfg" ++ "fmt" ++ "internal/testenv" ++ "os" ++ "os/exec" ++ "path/filepath" ++ "runtime" ++ "testing" ++ "unicode" ++) ++ ++func FuzzPrintEnvEscape(f *testing.F) { ++ f.Add(`$(echo 'cc"'; echo 'OOPS="oops')`) ++ f.Add("$(echo shell expansion 1>&2)") ++ f.Add("''") ++ f.Add(`C:\"Program Files"\`) ++ f.Add(`\\"Quoted Host"\\share`) ++ f.Add("\xfb") ++ f.Add("0") ++ f.Add("") ++ f.Add("''''''''") ++ f.Add("\r") ++ f.Add("\n") ++ f.Add("E,%") ++ f.Fuzz(func(t *testing.T, s string) { ++ t.Parallel() ++ ++ for _, c := range []byte(s) { ++ if c == 0 { ++ t.Skipf("skipping %q: contains a null byte. Null bytes can't occur in the environment"+ ++ " outside of Plan 9, which has different code path than Windows and Unix that this test"+ ++ " isn't testing.", s) ++ } ++ if c > unicode.MaxASCII { ++ t.Skipf("skipping %#q: contains a non-ASCII character %q", s, c) ++ } ++ if !unicode.IsGraphic(rune(c)) && !unicode.IsSpace(rune(c)) { ++ t.Skipf("skipping %#q: contains non-graphic character %q", s, c) ++ } ++ if runtime.GOOS == "windows" && c == '\r' || c == '\n' { ++ t.Skipf("skipping %#q on Windows: contains unescapable character %q", s, c) ++ } ++ } ++ ++ var b bytes.Buffer ++ if runtime.GOOS == "windows" { ++ b.WriteString("@echo off\n") ++ } ++ PrintEnv(&b, []cfg.EnvVar{{Name: "var", Value: s}}) ++ var want string ++ if runtime.GOOS == "windows" { ++ fmt.Fprintf(&b, "echo \"%%var%%\"\n") ++ want += "\"" + s + "\"\r\n" ++ } else { ++ fmt.Fprintf(&b, "printf '%%s\\n' \"$var\"\n") ++ want += s + "\n" ++ } ++ scriptfilename := "script.sh" ++ if runtime.GOOS == "windows" { ++ scriptfilename = "script.bat" ++ } ++ scriptfile := filepath.Join(t.TempDir(), scriptfilename) ++ if err := os.WriteFile(scriptfile, b.Bytes(), 0777); err != nil { ++ t.Fatal(err) ++ } ++ t.Log(b.String()) ++ var cmd *exec.Cmd ++ if runtime.GOOS == "windows" { ++ cmd = testenv.Command(t, "cmd.exe", "/C", scriptfile) ++ } else { ++ cmd = testenv.Command(t, "sh", "-c", scriptfile) ++ } ++ out, err := cmd.Output() ++ t.Log(string(out)) ++ if err != nil { ++ t.Fatal(err) ++ } ++ ++ if string(out) != want { ++ t.Fatalf("output of running PrintEnv script and echoing variable: got: %q, want: %q", ++ string(out), want) ++ } ++ }) ++} +diff --git a/src/cmd/go/testdata/script/env_sanitize.txt b/src/cmd/go/testdata/script/env_sanitize.txt +new file mode 100644 +index 0000000..cc4d23a +--- /dev/null ++++ b/src/cmd/go/testdata/script/env_sanitize.txt +@@ -0,0 +1,5 @@ ++env GOFLAGS='$(echo ''cc"''; echo ''OOPS="oops'')' ++go env ++[GOOS:darwin] stdout 'GOFLAGS=''\$\(echo ''\\''''cc"''\\''''; echo ''\\''''OOPS="oops''\\''''\)''' ++[GOOS:linux] stdout 'GOFLAGS=''\$\(echo ''\\''''cc"''\\''''; echo ''\\''''OOPS="oops''\\''''\)''' ++[GOOS:windows] stdout 'set GOFLAGS=\$\(echo ''cc"''; echo ''OOPS="oops''\)' +diff --git a/src/cmd/go/testdata/script/work_env.txt b/src/cmd/go/testdata/script/work_env.txt +index 511bb4e..8b1779e 100644 +--- a/src/cmd/go/testdata/script/work_env.txt ++++ b/src/cmd/go/testdata/script/work_env.txt +@@ -1,7 +1,7 @@ + go env GOWORK + stdout '^'$GOPATH'[\\/]src[\\/]go.work$' + go env +-stdout '^(set )?GOWORK="?'$GOPATH'[\\/]src[\\/]go.work"?$' ++stdout '^(set )?GOWORK=''?'$GOPATH'[\\/]src[\\/]go.work''?$' + + cd .. + go env GOWORK +-- +2.39.0 + diff --git a/poky/meta/recipes-devtools/go/go/CVE-2023-24531_2.patch b/poky/meta/recipes-devtools/go/go/CVE-2023-24531_2.patch new file mode 100644 index 0000000000..dec36f9d42 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go/CVE-2023-24531_2.patch @@ -0,0 +1,47 @@ +From 24f1def536c5344e0067a3119790b83ee6224058 Mon Sep 17 00:00:00 2001 +From: miller <millerresearch@gmail.com> +Date: Mon, 8 May 2023 16:56:21 +0100 +Subject: [PATCH 2/2] cmd/go: quote entries in list-valued variables for go env + in plan9 + +When 'go env' without an argument prints environment variables as +a script which can be executed by the shell, variables with a +list value in Plan 9 (such as GOPATH) need to be printed with each +element enclosed in single quotes in case it contains characters +significant to the Plan 9 shell (such as ' ' or '='). + +For #58508 + +Change-Id: Ia30f51307cc6d07a7e3ada6bf9d60bf9951982ff +Reviewed-on: https://go-review.googlesource.com/c/go/+/493535 +Run-TryBot: Cherry Mui <cherryyz@google.com> +Reviewed-by: Cherry Mui <cherryyz@google.com> +Reviewed-by: Russ Cox <rsc@golang.org> +TryBot-Result: Gopher Robot <gobot@golang.org> +Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> + +CVE: CVE-2023-24531 +Upstream-Status: Backport [05cc9e55876874462a4726ca0101c970838c80e5] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + src/cmd/go/internal/envcmd/env.go | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/cmd/go/internal/envcmd/env.go b/src/cmd/go/internal/envcmd/env.go +index 5b52fad..d4fc399 100644 +--- a/src/cmd/go/internal/envcmd/env.go ++++ b/src/cmd/go/internal/envcmd/env.go +@@ -431,8 +431,7 @@ func PrintEnv(w io.Writer, env []cfg.EnvVar) { + if x > 0 { + fmt.Fprintf(w, " ") + } +- // TODO(#59979): Does this need to be quoted like above? +- fmt.Fprintf(w, "%s", s) ++ fmt.Fprintf(w, "'%s'", strings.ReplaceAll(s, "'", "''")) + } + fmt.Fprintf(w, ")\n") + } +-- +2.39.0 + diff --git a/poky/meta/recipes-devtools/go/go_1.20.4.bb b/poky/meta/recipes-devtools/go/go_1.20.7.bb index 46f5fbc6be..46f5fbc6be 100644 --- a/poky/meta/recipes-devtools/go/go_1.20.4.bb +++ b/poky/meta/recipes-devtools/go/go_1.20.7.bb diff --git a/poky/meta/recipes-devtools/libdnf/libdnf_0.70.0.bb b/poky/meta/recipes-devtools/libdnf/libdnf_0.70.1.bb index 14d6a37de1..c44ae2729b 100644 --- a/poky/meta/recipes-devtools/libdnf/libdnf_0.70.0.bb +++ b/poky/meta/recipes-devtools/libdnf/libdnf_0.70.1.bb @@ -12,7 +12,7 @@ SRC_URI = "git://github.com/rpm-software-management/libdnf;branch=dnf-4-master;p file://0001-drop-FindPythonInstDir.cmake.patch \ " -SRCREV = "93759bc5cac262906e52b6a173d7b157914ec29e" +SRCREV = "3b8e59ad8ed3a3eb736d8a2e16b4fc04313d1f12" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(?!4\.90)\d+(\.\d+)+)" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/ninja/ninja_1.11.1.bb b/poky/meta/recipes-devtools/ninja/ninja_1.11.1.bb index 255f5efb70..83d2f01263 100644 --- a/poky/meta/recipes-devtools/ninja/ninja_1.11.1.bb +++ b/poky/meta/recipes-devtools/ninja/ninja_1.11.1.bb @@ -29,3 +29,6 @@ do_install() { } BBCLASSEXTEND = "native nativesdk" + +# This is a different Ninja +CVE_CHECK_IGNORE += "CVE-2021-4336" diff --git a/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.5.0.bb b/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.6.2.bb index b27e3ded33..eb88b9b734 100644 --- a/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.5.0.bb +++ b/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.6.2.bb @@ -10,7 +10,7 @@ PROVIDES += "${@bb.utils.contains('PACKAGECONFIG', 'update-alternatives', 'virtu SRC_URI = "git://git.yoctoproject.org/opkg-utils;protocol=https;branch=master \ file://0001-update-alternatives-correctly-match-priority.patch \ " -SRCREV = "9239541f14a2529b9d01c0a253ab11afa2822dab" +SRCREV = "67994e62dc598282830385da75ba9b1abbbda941" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/opkg/opkg/0001-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch b/poky/meta/recipes-devtools/opkg/opkg/0001-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch deleted file mode 100644 index 3406878a1d..0000000000 --- a/poky/meta/recipes-devtools/opkg/opkg/0001-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 4089affd371e6d62dd8c1e57b344f8cc329005ea Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sat, 14 Jan 2023 23:11:08 -0800 -Subject: [PATCH] Define alignof using _Alignof when using C11 or newer - -WG14 N2350 made very clear that it is an UB having type definitions -within "offsetof" [1]. This patch enhances the implementation of macro -alignof_slot to use builtin "_Alignof" to avoid undefined behavior on -when using std=c11 or newer - -clang 16+ has started to flag this [2] - -Fixes build when using -std >= gnu11 and using clang16+ - -Older compilers gcc < 4.9 or clang < 8 has buggy _Alignof even though it -may support C11, exclude those compilers too - -[1] https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2350.htm -[2] https://reviews.llvm.org/D133574 - -Upstream-Status: Submitted [https://groups.google.com/g/opkg-devel/c/gjcQPZgT_jI] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - libopkg/md5.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/libopkg/md5.c b/libopkg/md5.c -index 981b9b8..ccb645e 100644 ---- a/libopkg/md5.c -+++ b/libopkg/md5.c -@@ -237,7 +237,17 @@ void md5_process_bytes(const void *buffer, size_t len, struct md5_ctx *ctx) - /* Process available complete blocks. */ - if (len >= 64) { - #if !_STRING_ARCH_unaligned -+/* GCC releases before GCC 4.9 had a bug in _Alignof. See GCC bug 52023 -+ <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52023>. -+ clang versions < 8.0.0 have the same bug. */ -+#if (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112 \ -+ || (defined __GNUC__ && __GNUC__ < 4 + (__GNUC_MINOR__ < 9) \ -+ && !defined __clang__) \ -+ || (defined __clang__ && __clang_major__ < 8)) - #define alignof(type) offsetof (struct { char c; type x; }, x) -+#else -+#define alignof(type) _Alignof(type) -+#endif - #define UNALIGNED_P(p) (((size_t) p) % alignof (uint32_t) != 0) - if (UNALIGNED_P(buffer)) - while (len > 64) { --- -2.39.0 - diff --git a/poky/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch b/poky/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch deleted file mode 100644 index f216950002..0000000000 --- a/poky/meta/recipes-devtools/opkg/opkg/0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch +++ /dev/null @@ -1,34 +0,0 @@ -From a658e6402382250f0164c5b47b744740e04f3611 Mon Sep 17 00:00:00 2001 -From: Charlie Johnston <charlie.johnston@ni.com> -Date: Fri, 30 Dec 2022 15:21:14 -0600 -Subject: [PATCH] opkg-key: Remove --no-options flag from gpg calls. - -The opkg-key script was always passing the --no-options -flag to gpg, which uses /dev/null as the options file. -As a result, the opkg gpg.conf file was not getting -used. This change removes that flag so that gpg.conf -in the GPGHOMEDIR for opkg (currently /etc/opkg/gpg/) -will be used if present. - -Upstream-Status: Accepted [https://git.yoctoproject.org/opkg/commit/?id=cee294e72d257417b5e55ef7a76a0fd15313e46b] -Signed-off-by: Charlie Johnston <charlie.johnston@ni.com> ---- - utils/opkg-key | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/utils/opkg-key b/utils/opkg-key -index e395a59..8645ebc 100755 ---- a/utils/opkg-key -+++ b/utils/opkg-key -@@ -53,7 +53,7 @@ else - exit 1 - fi - --GPG="$GPGCMD --no-options --homedir $GPGHOMEDIR" -+GPG="$GPGCMD --homedir $GPGHOMEDIR" - - # Gpg home dir isn't created automatically when --homedir option is used - if [ ! -e "$GPGHOMEDIR" ]; then --- -2.30.2 - diff --git a/poky/meta/recipes-devtools/opkg/opkg_0.6.1.bb b/poky/meta/recipes-devtools/opkg/opkg_0.6.2.bb index 4c25fe963a..46be137354 100644 --- a/poky/meta/recipes-devtools/opkg/opkg_0.6.1.bb +++ b/poky/meta/recipes-devtools/opkg/opkg_0.6.2.bb @@ -15,12 +15,10 @@ PE = "1" SRC_URI = "http://downloads.yoctoproject.org/releases/${BPN}/${BPN}-${PV}.tar.gz \ file://opkg.conf \ file://0001-opkg_conf-create-opkg.lock-in-run-instead-of-var-run.patch \ - file://0002-opkg-key-remove-no-options-flag-from-gpg-calls.patch \ - file://0001-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \ file://run-ptest \ -" + " -SRC_URI[sha256sum] = "e87fccb575c64d3ac0559444016a2795f12125986a0da896bab97c4a1a2f1b2a" +SRC_URI[sha256sum] = "ac73a90a2549cd04948e563d915912c78e1b8ba0f43af75c5a53fcca474adbd5" # This needs to be before ptest inherit, otherwise all ptest files end packaged # in libopkg package if OPKGLIBDIR == libdir, because default diff --git a/poky/meta/recipes-devtools/perl/files/CVE-2023-31484.patch b/poky/meta/recipes-devtools/perl/files/CVE-2023-31484.patch new file mode 100644 index 0000000000..1f7cbd0da1 --- /dev/null +++ b/poky/meta/recipes-devtools/perl/files/CVE-2023-31484.patch @@ -0,0 +1,29 @@ +From a625ec2cc3a0b6116c1f8b831d3480deb621c245 Mon Sep 17 00:00:00 2001 +From: Stig Palmquist <git@stig.io> +Date: Tue, 28 Feb 2023 11:54:06 +0100 +Subject: [PATCH] Add verify_SSL=>1 to HTTP::Tiny to verify https server + identity + +Upstream-Status: Backport [https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0] + +CVE: CVE-2023-31484 + +Signed-off-by: Soumya <soumya.sambu@windriver.com> +--- + cpan/CPAN/lib/CPAN/HTTP/Client.pm | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/cpan/CPAN/lib/CPAN/HTTP/Client.pm b/cpan/CPAN/lib/CPAN/HTTP/Client.pm +index 4fc792c..a616fee 100644 +--- a/cpan/CPAN/lib/CPAN/HTTP/Client.pm ++++ b/cpan/CPAN/lib/CPAN/HTTP/Client.pm +@@ -32,6 +32,7 @@ sub mirror { + + my $want_proxy = $self->_want_proxy($uri); + my $http = HTTP::Tiny->new( ++ verify_SSL => 1, + $want_proxy ? (proxy => $self->{proxy}) : () + ); + +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch b/poky/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch new file mode 100644 index 0000000000..e2a2216a0d --- /dev/null +++ b/poky/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch @@ -0,0 +1,217 @@ +From e1ca8defeff496000fc96600ebfca7250065c1f1 Mon Sep 17 00:00:00 2001 +From: Stig Palmquist <git@stig.io> +Date: Thu, 29 Jun 2023 14:36:05 +0000 +Subject: [PATCH] Change verify_SSL default to 1, add ENV var to enable + insecure default + +- Changes the `verify_SSL` default parameter from `0` to `1` + + Based on patch by Dominic Hargreaves: + https://salsa.debian.org/perl-team/interpreter/perl/-/commit/1490431e40e22052f75a0b3449f1f53cbd27ba92 + + Fixes CVE-2023-31486 + +- Add check for `$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}` that + enables the previous insecure default behaviour if set to `1`. + + This provides a workaround for users who encounter problems with the + new `verify_SSL` default. + + Example to disable certificate checks: + ``` + $ PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 ./script.pl + ``` + +- Updates to documentation: + - Describe changing the verify_SSL value + - Describe the escape-hatch environment variable + - Remove rationale for not enabling verify_SSL + - Add missing certificate search paths + - Replace "SSL" with "TLS/SSL" where appropriate + - Use "machine-in-the-middle" instead of "man-in-the-middle" + +Upstream-Status: Backport [https://github.com/chansen/p5-http-tiny/commit/77f557ef84698efeb6eed04e4a9704eaf85b741d] + +Signed-off-by: Soumya <soumya.sambu@windriver.com> +--- + cpan/HTTP-Tiny/lib/HTTP/Tiny.pm | 86 ++++++++++++++++++++++----------- + 1 file changed, 57 insertions(+), 29 deletions(-) + +diff --git a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +index 83ca06d..5f6ced8 100644 +--- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm ++++ b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +@@ -40,10 +40,14 @@ sub _croak { require Carp; Carp::croak(@_) } + #pod * C<timeout> — Request timeout in seconds (default is 60) If a socket open, + #pod read or write takes longer than the timeout, the request response status code + #pod will be 599. +-#pod * C<verify_SSL> — A boolean that indicates whether to validate the SSL +-#pod certificate of an C<https> — connection (default is false) ++#pod * C<verify_SSL> — A boolean that indicates whether to validate the TLS/SSL ++#pod certificate of an C<https> — connection (default is true). Changed from false ++#pod to true in version 0.083. + #pod * C<SSL_options> — A hashref of C<SSL_*> — options to pass through to + #pod L<IO::Socket::SSL> ++#pod * C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> - Changes the default ++#pod certificate verification behavior to not check server identity if set to 1. ++#pod Only effective if C<verify_SSL> is not set. Added in version 0.083. + #pod + #pod An accessor/mutator method exists for each attribute. + #pod +@@ -111,11 +115,17 @@ sub timeout { + sub new { + my($class, %args) = @_; + ++ # Support lower case verify_ssl argument, but only if verify_SSL is not ++ # true. ++ if ( exists $args{verify_ssl} ) { ++ $args{verify_SSL} ||= $args{verify_ssl}; ++ } ++ + my $self = { + max_redirect => 5, + timeout => defined $args{timeout} ? $args{timeout} : 60, + keep_alive => 1, +- verify_SSL => $args{verify_SSL} || $args{verify_ssl} || 0, # no verification by default ++ verify_SSL => defined $args{verify_SSL} ? $args{verify_SSL} : _verify_SSL_default(), + no_proxy => $ENV{no_proxy}, + }; + +@@ -134,6 +144,13 @@ sub new { + return $self; + } + ++sub _verify_SSL_default { ++ my ($self) = @_; ++ # Check if insecure default certificate verification behaviour has been ++ # changed by the user by setting PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 ++ return (($ENV{PERL_HTTP_TINY_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1; ++} ++ + sub _set_proxies { + my ($self) = @_; + +@@ -1055,7 +1072,7 @@ sub new { + timeout => 60, + max_line_size => 16384, + max_header_lines => 64, +- verify_SSL => 0, ++ verify_SSL => HTTP::Tiny::_verify_SSL_default(), + SSL_options => {}, + %args + }, $class; +@@ -2043,11 +2060,11 @@ proxy + timeout + verify_SSL + +-=head1 SSL SUPPORT ++=head1 TLS/SSL SUPPORT + + Direct C<https> connections are supported only if L<IO::Socket::SSL> 1.56 or + greater and L<Net::SSLeay> 1.49 or greater are installed. An error will occur +-if new enough versions of these modules are not installed or if the SSL ++if new enough versions of these modules are not installed or if the TLS + encryption fails. You can also use C<HTTP::Tiny::can_ssl()> utility function + that returns boolean to see if the required modules are installed. + +@@ -2055,7 +2072,7 @@ An C<https> connection may be made via an C<http> proxy that supports the CONNEC + command (i.e. RFC 2817). You may not proxy C<https> via a proxy that itself + requires C<https> to communicate. + +-SSL provides two distinct capabilities: ++TLS/SSL provides two distinct capabilities: + + =over 4 + +@@ -2069,24 +2086,17 @@ Verification of server identity + + =back + +-B<By default, HTTP::Tiny does not verify server identity>. +- +-Server identity verification is controversial and potentially tricky because it +-depends on a (usually paid) third-party Certificate Authority (CA) trust model +-to validate a certificate as legitimate. This discriminates against servers +-with self-signed certificates or certificates signed by free, community-driven +-CA's such as L<CAcert.org|http://cacert.org>. ++B<By default, HTTP::Tiny verifies server identity>. + +-By default, HTTP::Tiny does not make any assumptions about your trust model, +-threat level or risk tolerance. It just aims to give you an encrypted channel +-when you need one. ++This was changed in version 0.083 due to security concerns. The previous default ++behavior can be enabled by setting C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> ++to 1. + +-Setting the C<verify_SSL> attribute to a true value will make HTTP::Tiny verify +-that an SSL connection has a valid SSL certificate corresponding to the host +-name of the connection and that the SSL certificate has been verified by a CA. +-Assuming you trust the CA, this will protect against a L<man-in-the-middle +-attack|http://en.wikipedia.org/wiki/Man-in-the-middle_attack>. If you are +-concerned about security, you should enable this option. ++Verification is done by checking that that the TLS/SSL connection has a valid ++certificate corresponding to the host name of the connection and that the ++certificate has been verified by a CA. Assuming you trust the CA, this will ++protect against L<machine-in-the-middle ++attacks|http://en.wikipedia.org/wiki/Machine-in-the-middle_attack>. + + Certificate verification requires a file containing trusted CA certificates. + +@@ -2094,9 +2104,7 @@ If the environment variable C<SSL_CERT_FILE> is present, HTTP::Tiny + will try to find a CA certificate file in that location. + + If the L<Mozilla::CA> module is installed, HTTP::Tiny will use the CA file +-included with it as a source of trusted CA's. (This means you trust Mozilla, +-the author of Mozilla::CA, the CPAN mirror where you got Mozilla::CA, the +-toolchain used to install it, and your operating system security, right?) ++included with it as a source of trusted CA's. + + If that module is not available, then HTTP::Tiny will search several + system-specific default locations for a CA certificate file: +@@ -2115,13 +2123,33 @@ system-specific default locations for a CA certificate file: + + /etc/ssl/ca-bundle.pem + ++=item * ++ ++/etc/openssl/certs/ca-certificates.crt ++ ++=item * ++ ++/etc/ssl/cert.pem ++ ++=item * ++ ++/usr/local/share/certs/ca-root-nss.crt ++ ++=item * ++ ++/etc/pki/tls/cacert.pem ++ ++=item * ++ ++/etc/certs/ca-certificates.crt ++ + =back + + An error will be occur if C<verify_SSL> is true and no CA certificate file + is available. + +-If you desire complete control over SSL connections, the C<SSL_options> attribute +-lets you provide a hash reference that will be passed through to ++If you desire complete control over TLS/SSL connections, the C<SSL_options> ++attribute lets you provide a hash reference that will be passed through to + C<IO::Socket::SSL::start_SSL()>, overriding any options set by HTTP::Tiny. For + example, to provide your own trusted CA file: + +@@ -2131,7 +2159,7 @@ example, to provide your own trusted CA file: + + The C<SSL_options> attribute could also be used for such things as providing a + client certificate for authentication to a server or controlling the choice of +-cipher used for the SSL connection. See L<IO::Socket::SSL> documentation for ++cipher used for the TLS/SSL connection. See L<IO::Socket::SSL> documentation for + details. + + =head1 PROXY SUPPORT +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch b/poky/meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch new file mode 100644 index 0000000000..e41e140cf9 --- /dev/null +++ b/poky/meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch @@ -0,0 +1,30 @@ +commit a22785783b17cbaa28afaee4a024d81a1903701d +From: Stig Palmquist <git@stig.io> +Date: Sun Jun 18 11:36:05 2023 +0200 + + Fix incorrect env var name for verify_SSL default + + The variable to override the verify_SSL default differed slightly in the + documentation from what was checked for in the code. + + This commit makes the code use `PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT` + as documented, instead of `PERL_HTTP_TINY_INSECURE_BY_DEFAULT` which was + missing `SSL_` + +Upstream-Status: Backport [https://github.com/chansen/p5-http-tiny/commit/a22785783b17cbaa28afaee4a024d81a1903701d] + +Signed-off-by: Soumya <soumya.sambu@windriver.com> +--- +diff --git a/lib/HTTP/Tiny.pm b/lib/HTTP/Tiny.pm +index bf455b6..7240b65 100644 +--- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm ++++ b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +@@ -149,7 +149,7 @@ sub _verify_SSL_default { + my ($self) = @_; + # Check if insecure default certificate verification behaviour has been + # changed by the user by setting PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 +- return (($ENV{PERL_HTTP_TINY_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1; ++ return (($ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1; + } + + sub _set_proxies { diff --git a/poky/meta/recipes-devtools/perl/perl_5.36.0.bb b/poky/meta/recipes-devtools/perl/perl_5.36.0.bb index b8dba00f18..c3ca28ed23 100644 --- a/poky/meta/recipes-devtools/perl/perl_5.36.0.bb +++ b/poky/meta/recipes-devtools/perl/perl_5.36.0.bb @@ -18,6 +18,9 @@ SRC_URI = "https://www.cpan.org/src/5.0/perl-${PV}.tar.gz;name=perl \ file://determinism.patch \ file://0001-cpan-Sys-Syslog-Makefile.PL-Fix-_PATH_LOG-for-determ.patch \ file://0001-Fix-build-with-gcc-12.patch \ + file://CVE-2023-31484.patch \ + file://CVE-2023-31486-0001.patch \ + file://CVE-2023-31486-0002.patch \ " SRC_URI:append:class-native = " \ file://perl-configpm-switch.patch \ diff --git a/poky/meta/recipes-devtools/pkgconf/pkgconf_1.9.4.bb b/poky/meta/recipes-devtools/pkgconf/pkgconf_1.9.5.bb index ab0f371093..ab1d1c84e8 100644 --- a/poky/meta/recipes-devtools/pkgconf/pkgconf_1.9.4.bb +++ b/poky/meta/recipes-devtools/pkgconf/pkgconf_1.9.5.bb @@ -15,12 +15,12 @@ LICENSE = "pkgconf" LIC_FILES_CHKSUM = "file://COPYING;md5=2214222ec1a820bd6cc75167a56925e0" SRC_URI = "\ - https://distfiles.dereferenced.org/pkgconf/pkgconf-${PV}.tar.xz \ + https://distfiles.ariadne.space/pkgconf/pkgconf-${PV}.tar.xz \ file://pkg-config-wrapper \ file://pkg-config-native.in \ file://pkg-config-esdk.in \ " -SRC_URI[sha256sum] = "daccf1bbe5a30d149b556c7d2ffffeafd76d7b514e249271abdd501533c1d8ae" +SRC_URI[sha256sum] = "1ac1656debb27497563036f7bffc281490f83f9b8457c0d60bcfb638fb6b6171" inherit autotools diff --git a/poky/meta/recipes-devtools/pseudo/files/glibc238.patch b/poky/meta/recipes-devtools/pseudo/files/glibc238.patch new file mode 100644 index 0000000000..76ca8c11eb --- /dev/null +++ b/poky/meta/recipes-devtools/pseudo/files/glibc238.patch @@ -0,0 +1,72 @@ +glibc 2.38 would include __isoc23_strtol and similar symbols. This is trggerd by +_GNU_SOURCE but we have to set that for other definitions. Therefore play with defines +to turn this off within pseudo_wrappers.c. Elsewhere we can switch to _DEFAULT_SOURCE +rather than _GNU_SOURCE. + +Upstream-Status: Pending + +Index: git/pseudo_wrappers.c +=================================================================== +--- git.orig/pseudo_wrappers.c ++++ git/pseudo_wrappers.c +@@ -6,6 +6,15 @@ + * SPDX-License-Identifier: LGPL-2.1-only + * + */ ++/* glibc 2.38 would include __isoc23_strtol and similar symbols. This is trggerd by ++ * _GNU_SOURCE but we have to set that for other definitions. Therefore play with defines ++ * to turn this off. ++ */ ++#include <features.h> ++#undef __GLIBC_USE_ISOC2X ++#undef __GLIBC_USE_C2X_STRTOL ++#define __GLIBC_USE_C2X_STRTOL 0 ++ + #include <assert.h> + #include <stdlib.h> + #include <limits.h> +Index: git/pseudo_util.c +=================================================================== +--- git.orig/pseudo_util.c ++++ git/pseudo_util.c +@@ -8,6 +8,14 @@ + */ + /* we need access to RTLD_NEXT for a horrible workaround */ + #define _GNU_SOURCE ++/* glibc 2.38 would include __isoc23_strtol and similar symbols. This is trggerd by ++ * _GNU_SOURCE but we have to set that for other definitions. Therefore play with defines ++ * to turn this off. ++ */ ++#include <features.h> ++#undef __GLIBC_USE_ISOC2X ++#undef __GLIBC_USE_C2X_STRTOL ++#define __GLIBC_USE_C2X_STRTOL 0 + + #include <ctype.h> + #include <errno.h> +Index: git/pseudolog.c +=================================================================== +--- git.orig/pseudolog.c ++++ git/pseudolog.c +@@ -8,7 +8,7 @@ + */ + /* We need _XOPEN_SOURCE for strptime(), but if we define that, + * we then don't get S_IFSOCK... _GNU_SOURCE turns on everything. */ +-#define _GNU_SOURCE ++#define _DEFAULT_SOURCE + + #include <ctype.h> + #include <limits.h> +Index: git/pseudo_client.c +=================================================================== +--- git.orig/pseudo_client.c ++++ git/pseudo_client.c +@@ -6,7 +6,7 @@ + * SPDX-License-Identifier: LGPL-2.1-only + * + */ +-#define _GNU_SOURCE ++#define _DEFAULT_SOURCE + + #include <stdio.h> + #include <signal.h> diff --git a/poky/meta/recipes-devtools/pseudo/pseudo_git.bb b/poky/meta/recipes-devtools/pseudo/pseudo_git.bb index c3c4bb0ed9..9260a3faa3 100644 --- a/poky/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/poky/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -2,6 +2,7 @@ require pseudo.inc SRC_URI = "git://git.yoctoproject.org/pseudo;branch=master;protocol=https \ file://0001-configure-Prune-PIE-flags.patch \ + file://glibc238.patch \ file://fallback-passwd \ file://fallback-group \ " diff --git a/poky/meta/recipes-devtools/python/python3-bcrypt_4.0.1.bb b/poky/meta/recipes-devtools/python/python3-bcrypt_4.0.1.bb index 9f5b81330b..42d5d4dfce 100644 --- a/poky/meta/recipes-devtools/python/python3-bcrypt_4.0.1.bb +++ b/poky/meta/recipes-devtools/python/python3-bcrypt_4.0.1.bb @@ -4,6 +4,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=8f7bb094c7232b058c7e9f2e431f389c" HOMEPAGE = "https://pypi.org/project/bcrypt/" DEPENDS += "${PYTHON_PN}-cffi-native" +LDFLAGS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', ' -fuse-ld=bfd', '', d)}" SRC_URI[sha256sum] = "27d375903ac8261cfe4047f6709d16f7d18d39b1ec92aaf72af989552a650ebd" diff --git a/poky/meta/recipes-devtools/python/python3-certifi_2022.12.7.bb b/poky/meta/recipes-devtools/python/python3-certifi_2023.7.22.bb index dca3d26811..f63b0b6cb8 100644 --- a/poky/meta/recipes-devtools/python/python3-certifi_2022.12.7.bb +++ b/poky/meta/recipes-devtools/python/python3-certifi_2023.7.22.bb @@ -7,7 +7,7 @@ HOMEPAGE = " http://certifi.io/" LICENSE = "ISC" LIC_FILES_CHKSUM = "file://LICENSE;md5=3c2b7404369c587c3559afb604fce2f2" -SRC_URI[sha256sum] = "35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3" +SRC_URI[sha256sum] = "539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082" inherit pypi setuptools3 diff --git a/poky/meta/recipes-devtools/python/python3-git_3.1.31.bb b/poky/meta/recipes-devtools/python/python3-git_3.1.37.bb index 08b9f66bcb..56a335a79e 100644 --- a/poky/meta/recipes-devtools/python/python3-git_3.1.31.bb +++ b/poky/meta/recipes-devtools/python/python3-git_3.1.37.bb @@ -6,13 +6,13 @@ access with big-files support." HOMEPAGE = "http://github.com/gitpython-developers/GitPython" SECTION = "devel/python" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=8b8d26c37c1d5a04f9b0186edbebc183" +LIC_FILES_CHKSUM = "file://LICENSE;md5=5279a7ab369ba336989dcf2a107e5c8e" PYPI_PACKAGE = "GitPython" inherit pypi python_setuptools_build_meta -SRC_URI[sha256sum] = "8ce3bcf69adfdf7c7d503e78fd3b1c492af782d58893b650adb2ac8912ddd573" +SRC_URI[sha256sum] = "f9b9ddc0761c125d5780eab2d64be4873fc6817c2899cbcb34b02344bdc7bc54" DEPENDS += " ${PYTHON_PN}-gitdb" diff --git a/poky/meta/recipes-devtools/python/python3-numpy/0001-simd.inc.src-Change-NPY_INLINE-to-inline.patch b/poky/meta/recipes-devtools/python/python3-numpy/0001-simd.inc.src-Change-NPY_INLINE-to-inline.patch new file mode 100644 index 0000000000..d733dda333 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-numpy/0001-simd.inc.src-Change-NPY_INLINE-to-inline.patch @@ -0,0 +1,135 @@ +From f2a722aa30a29709bb9b5f60fc6d20a10fe6b4f5 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <mingli.yu@windriver.com> +Date: Wed, 28 Jun 2023 17:58:52 +0800 +Subject: [PATCH] simd.inc.src: Change NPY_INLINE to inline +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fixes: + | numpy/core/src/umath/simd.inc.src:977:20: note: called from here + | 977 | @vtype@ zeros = _mm512_setzero_@vsuffix@(); + | ^~~~~~~~~~~~~~~~~~~ + | numpy/core/src/umath/simd.inc.src:596:1: error: inlining failed in call to ‘always_inline’ ‘avx512_get_full_load_mask_ps’: target specific option mismatch + 596 | avx512_get_full_load_mask_ps(void) + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ + | numpy/core/src/umath/simd.inc.src:976:27: note: called from here + 976 | @mask@ load_mask = avx512_get_full_load_mask_@vsuffix@(); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + | /usr/lib/gcc/x86_64-redhat-linux/13/include/avx512fintrin.h:6499:1: error: inlining failed in call to ‘always_inline’ ‘_mm512_loadu_si512’: target specific option mismatch + +Upstream-Status: Inappropriate [The file simd.inc.src have been removed in new version as + https://github.com/numpy/numpy/commit/640e85017aa8eac3e9be68b475acf27d623b16b7] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + numpy/core/src/umath/simd.inc.src | 24 ++++++++++++------------ + 1 file changed, 12 insertions(+), 12 deletions(-) + +diff --git a/numpy/core/src/umath/simd.inc.src b/numpy/core/src/umath/simd.inc.src +index d6c9a7e..39aec9a 100644 +--- a/numpy/core/src/umath/simd.inc.src ++++ b/numpy/core/src/umath/simd.inc.src +@@ -61,11 +61,11 @@ + */ + + #if defined HAVE_ATTRIBUTE_TARGET_AVX512F_WITH_INTRINSICS && defined NPY_HAVE_SSE2_INTRINSICS +-static NPY_INLINE NPY_GCC_TARGET_AVX512F void ++static inline NPY_GCC_TARGET_AVX512F void + AVX512F_@func@_@TYPE@(@type@*, @type@*, const npy_intp n, const npy_intp stride); + #endif + +-static NPY_INLINE int ++static inline int + run_unary_avx512f_@func@_@TYPE@(char **args, const npy_intp *dimensions, const npy_intp *steps) + { + #if defined HAVE_ATTRIBUTE_TARGET_AVX512F_WITH_INTRINSICS && defined NPY_HAVE_SSE2_INTRINSICS +@@ -99,11 +99,11 @@ run_unary_avx512f_@func@_@TYPE@(char **args, const npy_intp *dimensions, const n + */ + + #if defined HAVE_ATTRIBUTE_TARGET_AVX512_SKX_WITH_INTRINSICS && defined NPY_HAVE_SSE2_INTRINSICS && @EXISTS@ +-static NPY_INLINE NPY_GCC_TARGET_AVX512_SKX void ++static inline NPY_GCC_TARGET_AVX512_SKX void + AVX512_SKX_@func@_@TYPE@(npy_bool*, @type@*, const npy_intp n, const npy_intp stride); + #endif + +-static NPY_INLINE int ++static inline int + run_@func@_avx512_skx_@TYPE@(char **args, npy_intp const *dimensions, npy_intp const *steps) + { + #if defined HAVE_ATTRIBUTE_TARGET_AVX512_SKX_WITH_INTRINSICS && defined NPY_HAVE_SSE2_INTRINSICS && @EXISTS@ +@@ -144,7 +144,7 @@ sse2_@func@_@TYPE@(@type@ *, @type@ *, const npy_intp n); + + #endif + +-static NPY_INLINE int ++static inline int + run_@name@_simd_@func@_@TYPE@(char **args, npy_intp const *dimensions, npy_intp const *steps) + { + #if @vector@ && defined NPY_HAVE_SSE2_INTRINSICS +@@ -169,7 +169,7 @@ sse2_@kind@_@TYPE@(npy_bool * op, @type@ * ip1, npy_intp n); + + #endif + +-static NPY_INLINE int ++static inline int + run_@kind@_simd_@TYPE@(char **args, npy_intp const *dimensions, npy_intp const *steps) + { + #if @vector@ && defined NPY_HAVE_SSE2_INTRINSICS +@@ -205,7 +205,7 @@ static void + sse2_reduce_@kind@_BOOL(npy_bool * op, npy_bool * ip, npy_intp n); + #endif + +-static NPY_INLINE int ++static inline int + run_binary_simd_@kind@_BOOL(char **args, npy_intp const *dimensions, npy_intp const *steps) + { + #if defined NPY_HAVE_SSE2_INTRINSICS +@@ -220,7 +220,7 @@ run_binary_simd_@kind@_BOOL(char **args, npy_intp const *dimensions, npy_intp co + } + + +-static NPY_INLINE int ++static inline int + run_reduce_simd_@kind@_BOOL(char **args, npy_intp const *dimensions, npy_intp const *steps) + { + #if defined NPY_HAVE_SSE2_INTRINSICS +@@ -245,7 +245,7 @@ static void + sse2_@kind@_BOOL(npy_bool *, npy_bool *, const npy_intp n); + #endif + +-static NPY_INLINE int ++static inline int + run_unary_simd_@kind@_BOOL(char **args, npy_intp const *dimensions, npy_intp const *steps) + { + #if defined NPY_HAVE_SSE2_INTRINSICS +@@ -875,7 +875,7 @@ NPY_FINLINE NPY_GCC_OPT_3 NPY_GCC_TARGET_@ISA@ @vtype@d + */ + + #if defined HAVE_ATTRIBUTE_TARGET_AVX512_SKX_WITH_INTRINSICS && defined NPY_HAVE_SSE2_INTRINSICS +-static NPY_INLINE NPY_GCC_TARGET_AVX512_SKX void ++static inline NPY_GCC_TARGET_AVX512_SKX void + AVX512_SKX_@func@_@TYPE@(npy_bool* op, @type@* ip, const npy_intp array_size, const npy_intp steps) + { + const npy_intp stride_ip = steps/(npy_intp)sizeof(@type@); +@@ -954,7 +954,7 @@ AVX512_SKX_@func@_@TYPE@(npy_bool* op, @type@* ip, const npy_intp array_size, co + */ + + #if defined HAVE_ATTRIBUTE_TARGET_AVX512F_WITH_INTRINSICS && defined NPY_HAVE_SSE2_INTRINSICS +-static NPY_GCC_OPT_3 NPY_INLINE NPY_GCC_TARGET_AVX512F void ++static NPY_GCC_OPT_3 inline NPY_GCC_TARGET_AVX512F void + AVX512F_@func@_@TYPE@(@type@ * op, + @type@ * ip, + const npy_intp array_size, +@@ -1001,7 +1001,7 @@ AVX512F_@func@_@TYPE@(@type@ * op, + /**end repeat1**/ + + #if defined HAVE_ATTRIBUTE_TARGET_AVX512F_WITH_INTRINSICS && defined NPY_HAVE_SSE2_INTRINSICS +-static NPY_GCC_OPT_3 NPY_INLINE NPY_GCC_TARGET_AVX512F void ++static NPY_GCC_OPT_3 inline NPY_GCC_TARGET_AVX512F void + AVX512F_absolute_@TYPE@(@type@ * op, + @type@ * ip, + const npy_intp array_size, +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/python/python3-numpy_1.24.2.bb b/poky/meta/recipes-devtools/python/python3-numpy_1.24.2.bb index bfcfc52729..5f88948de2 100644 --- a/poky/meta/recipes-devtools/python/python3-numpy_1.24.2.bb +++ b/poky/meta/recipes-devtools/python/python3-numpy_1.24.2.bb @@ -10,6 +10,7 @@ SRCNAME = "numpy" SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/${SRCNAME}-${PV}.tar.gz \ file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \ file://0001-numpy-core-Define-RISCV-32-support.patch \ + file://0001-simd.inc.src-Change-NPY_INLINE-to-inline.patch \ file://run-ptest \ " SRC_URI[sha256sum] = "003a9f530e880cb2cd177cba1af7220b9aa42def9c4afc2a2fc3ee6be7eb2b22" diff --git a/poky/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0001.patch b/poky/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0001.patch new file mode 100644 index 0000000000..d7fc87fec8 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0001.patch @@ -0,0 +1,49 @@ +From 9a73f2a80e5cf869d473ddcbfceaab229fb99b5e Mon Sep 17 00:00:00 2001 +From: Narpat Mali <narpat.mali@windriver.com> +Date: Mon, 28 Aug 2023 15:04:14 +0000 +Subject: [PATCH] SQL+Jinja: use a simpler regex in analyse_text + +Fixes catastrophic backtracking + +Fixes #2355 + +CVE: CVE-2022-40896 + +Upstream-Status: Backport [https://github.com/pygments/pygments/commit/97eb3d5ec7c1b3ea4fcf9dee30a2309cf92bd194] + +Signed-off-by: Narpat Mali <narpat.mali@windriver.com> +--- + CHANGES | 1 + + pygments/lexers/templates.py | 6 +----- + 2 files changed, 2 insertions(+), 5 deletions(-) + +diff --git a/CHANGES b/CHANGES +index 2aa54fa..4c84fa6 100644 +--- a/CHANGES ++++ b/CHANGES +@@ -61,6 +61,7 @@ Version 2.14.0 + * Spice: Add ``enum`` keyword and fix a bug regarding binary, + hexadecimal and octal number tokens (#2227) + * YAML: Accept colons in key names (#2277) ++ * SQL+Jinja (``analyse_text`` method): fix catastrophic backtracking [Backported] + + - Fix `make mapfiles` when Pygments is not installed in editable mode + (#2223) +diff --git a/pygments/lexers/templates.py b/pygments/lexers/templates.py +index 1fcf708..1066294 100644 +--- a/pygments/lexers/templates.py ++++ b/pygments/lexers/templates.py +@@ -2291,10 +2291,6 @@ class SqlJinjaLexer(DelegatingLexer): + if re.search(r'\{\{\s*source\(.*\)\s*\}\}', text): + rv += 0.25 + # Jinja macro +- if re.search( +- r'\{%-?\s*macro \w+\(.*\)\s*-?%\}\s+.*\s+\{%-?\s*endmacro\s*-?%\}', +- text, +- re.S, +- ): ++ if re.search(r'\{%-?\s*macro \w+\(.*\)\s*-?%\}', text): + rv += 0.15 + return rv +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0002.patch b/poky/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0002.patch new file mode 100644 index 0000000000..61ebe5dad5 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-pygments/CVE-2022-40896-0002.patch @@ -0,0 +1,301 @@ +From 45ff8eabe0363f829c397372aefc3b23aeb135b3 Mon Sep 17 00:00:00 2001 +From: Narpat Mali <narpat.mali@windriver.com> +Date: Tue, 29 Aug 2023 10:45:34 +0000 +Subject: [PATCH] Improve Java properties lexer (#2404) + +Use special lexer rules for escapes; fixes catastrophic backtracking, +and highlights them too. + +Fixes #2356 + +CVE: CVE-2022-40896 + +Upstream-Status: Backport [https://github.com/pygments/pygments/commit/fdf182a7af85b1deeeb637ca970d31935e7c9d52] + +Signed-off-by: Narpat Mali <narpat.mali@windriver.com> +--- + pygments/lexers/configs.py | 50 +++++--- + tests/examplefiles/properties/java.properties | 11 ++ + .../properties/java.properties.output | 110 +++++++++++++++--- + .../test_escaped_space_in_value.txt | 4 +- + .../properties/test_just_key_with_space.txt | 4 +- + 5 files changed, 143 insertions(+), 36 deletions(-) + +diff --git a/pygments/lexers/configs.py b/pygments/lexers/configs.py +index e04c722..b28b56a 100644 +--- a/pygments/lexers/configs.py ++++ b/pygments/lexers/configs.py +@@ -129,26 +129,42 @@ class PropertiesLexer(RegexLexer): + + tokens = { + 'root': [ +- (r'\s+', Whitespace), ++ # comments + (r'[!#].*|/{2}.*', Comment.Single), +- # search for first separator +- (r'([^\\\n]|\\.)*?(?=[ \f\t=:])', Name.Attribute, "separator"), +- # empty key +- (r'.+?$', Name.Attribute), ++ # ending a comment or whitespace-only line ++ (r'\n', Whitespace), ++ # eat whitespace at the beginning of a line ++ (r'^[^\S\n]+', Whitespace), ++ # start lexing a key ++ default('key'), + ], +- 'separator': [ +- # search for line continuation escape +- (r'([ \f\t]*)([=:]*)([ \f\t]*)(.*(?<!\\)(?:\\{2})*)(\\)(?!\\)$', +- bygroups(Whitespace, Operator, Whitespace, String, Text), "value", "#pop"), +- (r'([ \f\t]*)([=:]*)([ \f\t]*)(.*)', +- bygroups(Whitespace, Operator, Whitespace, String), "#pop"), ++ 'key': [ ++ # non-escaped key characters ++ (r'[^\\:=\s]+', Name.Attribute), ++ # escapes ++ include('escapes'), ++ # separator is the first non-escaped whitespace or colon or '=' on the line; ++ # if it's whitespace, = and : are gobbled after it ++ (r'([^\S\n]*)([:=])([^\S\n]*)', ++ bygroups(Whitespace, Operator, Whitespace), ++ ('#pop', 'value')), ++ (r'[^\S\n]+', Whitespace, ('#pop', 'value')), ++ # maybe we got no value after all ++ (r'\n', Whitespace, '#pop'), + ], +- 'value': [ # line continuation +- (r'\s+', Whitespace), +- # search for line continuation escape +- (r'(\s*)(.*(?<!\\)(?:\\{2})*)(\\)(?!\\)([ \t]*)', +- bygroups(Whitespace, String, Text, Whitespace)), +- (r'.*$', String, "#pop"), ++ 'value': [ ++ # non-escaped value characters ++ (r'[^\\\n]+', String), ++ # escapes ++ include('escapes'), ++ # end the value on an unescaped newline ++ (r'\n', Whitespace, '#pop'), ++ ], ++ 'escapes': [ ++ # line continuations; these gobble whitespace at the beginning of the next line ++ (r'(\\\n)([^\S\n]*)', bygroups(String.Escape, Whitespace)), ++ # other escapes ++ (r'\\(.|\n)', String.Escape), + ], + } + +diff --git a/tests/examplefiles/properties/java.properties b/tests/examplefiles/properties/java.properties +index d5b594e..7fe915c 100644 +--- a/tests/examplefiles/properties/java.properties ++++ b/tests/examplefiles/properties/java.properties +@@ -14,6 +14,8 @@ key = \ + and value2\\ + key\ 2 = value + key\\ 3 = value3 ++key \ ++ = value + + ! empty keys and edge cases + key1 = +@@ -22,3 +24,12 @@ key3 the value3 + key4 the:value4 + key5 the=value5 + key6=the value6 ++ ++! escapes in keys ++key\ with\ spaces = value ++key\nwith\nnewlines = value\nwith\nnewlines ++ ++ ! indented comment ++ ++! line continuations do \ ++not = work for comments +diff --git a/tests/examplefiles/properties/java.properties.output b/tests/examplefiles/properties/java.properties.output +index 0c1fdee..4822575 100644 +--- a/tests/examplefiles/properties/java.properties.output ++++ b/tests/examplefiles/properties/java.properties.output +@@ -2,13 +2,17 @@ + '\n' Text.Whitespace + + '# mixing spaces' Comment.Single +-'\n\t' Text.Whitespace ++'\n' Text.Whitespace ++ ++'\t' Text.Whitespace + 'Truth' Name.Attribute + ' ' Text.Whitespace + '=' Operator + ' ' Text.Whitespace + 'Beauty' Literal.String +-'\n ' Text.Whitespace ++'\n' Text.Whitespace ++ ++' ' Text.Whitespace + 'Truth' Name.Attribute + ':' Operator + 'Beauty' Literal.String +@@ -23,18 +27,24 @@ + ' ' Text.Whitespace + ':' Operator + 'Beauty' Literal.String +-'\n \n' Text.Whitespace ++'\n' Text.Whitespace ++ ++'\n' Text.Whitespace + + '! line continuations and escapes' Comment.Single +-'\n ' Text.Whitespace ++'\n' Text.Whitespace ++ ++' ' Text.Whitespace + 'fruits' Name.Attribute + ' ' Text.Whitespace + 'apple, banana, pear, ' Literal.String +-'\\' Text +-'\n ' Text.Whitespace ++'\\\n' Literal.String.Escape ++ ++' ' Text.Whitespace + 'cantaloupe, watermelon, ' Literal.String +-'\\' Text +-'\n ' Text.Whitespace ++'\\\n' Literal.String.Escape ++ ++' ' Text.Whitespace + 'kiwi, mango' Literal.String + '\n' Text.Whitespace + +@@ -42,25 +52,42 @@ + ' ' Text.Whitespace + '=' Operator + ' ' Text.Whitespace +-'\\' Text +-'\n ' Text.Whitespace +-'value1 \\\\' Literal.String +-'\\' Text +-'\n ' Text.Whitespace +-'and value2\\\\' Literal.String ++'\\\n' Literal.String.Escape ++ ++' ' Text.Whitespace ++'value1 ' Literal.String ++'\\\\' Literal.String.Escape ++'\\\n' Literal.String.Escape ++ ++' ' Text.Whitespace ++'and value2' Literal.String ++'\\\\' Literal.String.Escape + '\n' Text.Whitespace + +-'key\\ 2' Name.Attribute ++'key' Name.Attribute ++'\\ ' Literal.String.Escape ++'2' Name.Attribute + ' ' Text.Whitespace + '=' Operator + ' ' Text.Whitespace + 'value' Literal.String + '\n' Text.Whitespace + +-'key\\\\' Name.Attribute ++'key' Name.Attribute ++'\\\\' Literal.String.Escape + ' ' Text.Whitespace + '3 = value3' Literal.String +-'\n\n' Text.Whitespace ++'\n' Text.Whitespace ++ ++'key' Name.Attribute ++' ' Text.Whitespace ++'\\\n' Literal.String.Escape ++ ++' ' Text.Whitespace ++'= value' Literal.String ++'\n' Text.Whitespace ++ ++'\n' Text.Whitespace + + '! empty keys and edge cases' Comment.Single + '\n' Text.Whitespace +@@ -92,3 +119,52 @@ + '=' Operator + 'the value6' Literal.String + '\n' Text.Whitespace ++ ++'\n' Text.Whitespace ++ ++'! escapes in keys' Comment.Single ++'\n' Text.Whitespace ++ ++'key' Name.Attribute ++'\\ ' Literal.String.Escape ++'with' Name.Attribute ++'\\ ' Literal.String.Escape ++'spaces' Name.Attribute ++' ' Text.Whitespace ++'=' Operator ++' ' Text.Whitespace ++'value' Literal.String ++'\n' Text.Whitespace ++ ++'key' Name.Attribute ++'\\n' Literal.String.Escape ++'with' Name.Attribute ++'\\n' Literal.String.Escape ++'newlines' Name.Attribute ++' ' Text.Whitespace ++'=' Operator ++' ' Text.Whitespace ++'value' Literal.String ++'\\n' Literal.String.Escape ++'with' Literal.String ++'\\n' Literal.String.Escape ++'newlines' Literal.String ++'\n' Text.Whitespace ++ ++'\n' Text.Whitespace ++ ++' ' Text.Whitespace ++'! indented comment' Comment.Single ++'\n' Text.Whitespace ++ ++'\n' Text.Whitespace ++ ++'! line continuations do \\' Comment.Single ++'\n' Text.Whitespace ++ ++'not' Name.Attribute ++' ' Text.Whitespace ++'=' Operator ++' ' Text.Whitespace ++'work for comments' Literal.String ++'\n' Text.Whitespace +diff --git a/tests/snippets/properties/test_escaped_space_in_value.txt b/tests/snippets/properties/test_escaped_space_in_value.txt +index f76507f..44772d8 100644 +--- a/tests/snippets/properties/test_escaped_space_in_value.txt ++++ b/tests/snippets/properties/test_escaped_space_in_value.txt +@@ -6,5 +6,7 @@ key = doubleword\ value + ' ' Text.Whitespace + '=' Operator + ' ' Text.Whitespace +-'doubleword\\ value' Literal.String ++'doubleword' Literal.String ++'\\ ' Literal.String.Escape ++'value' Literal.String + '\n' Text.Whitespace +diff --git a/tests/snippets/properties/test_just_key_with_space.txt b/tests/snippets/properties/test_just_key_with_space.txt +index 660c37c..833fe40 100644 +--- a/tests/snippets/properties/test_just_key_with_space.txt ++++ b/tests/snippets/properties/test_just_key_with_space.txt +@@ -2,5 +2,7 @@ + just\ key + + ---tokens--- +-'just\\ key' Name.Attribute ++'just' Name.Attribute ++'\\ ' Literal.String.Escape ++'key' Name.Attribute + '\n' Text.Whitespace +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/python/python3-pygments_2.14.0.bb b/poky/meta/recipes-devtools/python/python3-pygments_2.14.0.bb index 16769e9263..b5b8abc113 100644 --- a/poky/meta/recipes-devtools/python/python3-pygments_2.14.0.bb +++ b/poky/meta/recipes-devtools/python/python3-pygments_2.14.0.bb @@ -7,6 +7,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=36a13c90514e2899f1eba7f41c3ee592" inherit setuptools3 SRC_URI[sha256sum] = "b3ed06a9e8ac9a9aae5a6f5dbe78a8a58655d17b43b93c078f094ddc476ae297" +SRC_URI += "file://CVE-2022-40896-0001.patch \ + file://CVE-2022-40896-0002.patch \ + " + DEPENDS += "\ ${PYTHON_PN} \ " diff --git a/poky/meta/recipes-devtools/python/python3-requests/CVE-2023-32681.patch b/poky/meta/recipes-devtools/python/python3-requests/CVE-2023-32681.patch new file mode 100644 index 0000000000..0110615572 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-requests/CVE-2023-32681.patch @@ -0,0 +1,61 @@ +From 74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5 Mon Sep 17 00:00:00 2001 +From: Nate Prewitt <nate.prewitt@gmail.com> +Date: Mon, 22 May 2023 08:08:57 -0700 +Subject: [PATCH] Merge pull request from GHSA-j8r2-6x86-q33q + +CVE: CVE-2023-32681 +Upstream-Status: Backport +[https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + +--- + requests/sessions.py | 4 +++- + tests/test_requests.py | 20 ++++++++++++++++++++ + 2 files changed, 23 insertions(+), 1 deletion(-) + +diff --git a/requests/sessions.py b/requests/sessions.py +index 6cb3b4dae3..dbcf2a7b0e 100644 +--- a/requests/sessions.py ++++ b/requests/sessions.py +@@ -324,7 +324,9 @@ def rebuild_proxies(self, prepared_request, proxies): + except KeyError: + username, password = None, None + +- if username and password: ++ # urllib3 handles proxy authorization for us in the standard adapter. ++ # Avoid appending this to TLS tunneled requests where it may be leaked. ++ if not scheme.startswith('https') and username and password: + headers["Proxy-Authorization"] = _basic_auth_str(username, password) + + return new_proxies +diff --git a/tests/test_requests.py b/tests/test_requests.py +index b1c8dd4534..b420c44d73 100644 +--- a/tests/test_requests.py ++++ b/tests/test_requests.py +@@ -647,6 +647,26 @@ def test_proxy_authorization_preserved_on_request(self, httpbin): + + assert sent_headers.get("Proxy-Authorization") == proxy_auth_value + ++ ++ @pytest.mark.parametrize( ++ "url,has_proxy_auth", ++ ( ++ ('http://example.com', True), ++ ('https://example.com', False), ++ ), ++ ) ++ def test_proxy_authorization_not_appended_to_https_request(self, url, has_proxy_auth): ++ session = requests.Session() ++ proxies = { ++ 'http': 'http://test:pass@localhost:8080', ++ 'https': 'http://test:pass@localhost:8090', ++ } ++ req = requests.Request('GET', url) ++ prep = req.prepare() ++ session.rebuild_proxies(prep, proxies) ++ ++ assert ('Proxy-Authorization' in prep.headers) is has_proxy_auth ++ + def test_basicauth_with_netrc(self, httpbin): + auth = ("user", "pass") + wrong_auth = ("wronguser", "wrongpass") diff --git a/poky/meta/recipes-devtools/python/python3-requests_2.28.2.bb b/poky/meta/recipes-devtools/python/python3-requests_2.28.2.bb index 2f397ddaad..b57f71673c 100644 --- a/poky/meta/recipes-devtools/python/python3-requests_2.28.2.bb +++ b/poky/meta/recipes-devtools/python/python3-requests_2.28.2.bb @@ -5,6 +5,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=34400b68072d710fecd0a2940a0d1658" SRC_URI[sha256sum] = "98b1b2782e3c6c4904938b84c0eb932721069dfdb9134313beff7c83c2df24bf" +SRC_URI += " file://CVE-2023-32681.patch" + inherit pypi setuptools3 RDEPENDS:${PN} += " \ diff --git a/poky/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch b/poky/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch index 96e5e81342..222a567dd5 100644 --- a/poky/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch +++ b/poky/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch @@ -1,4 +1,4 @@ -From 7d296dc635ad3ac2792955ce37e140a4104b098f Mon Sep 17 00:00:00 2001 +From aa8f1709c54557d2b51a9a37d15ccc3de62e90cb Mon Sep 17 00:00:00 2001 From: Jeremy Puhlman <jpuhlman@mvista.com> Date: Wed, 4 Mar 2020 00:06:42 +0000 Subject: [PATCH] Don't search system for headers/libraries diff --git a/poky/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch b/poky/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch index df5179e877..07c6aef9b9 100644 --- a/poky/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch +++ b/poky/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch @@ -1,4 +1,4 @@ -From 86061629f4a179e740a17e53dd2c98ab47af2fe2 Mon Sep 17 00:00:00 2001 +From 7b0a14e7320078ac891d415cab9b7568e3f52ad8 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex@linutronix.de> Date: Thu, 16 Sep 2021 16:35:37 +0200 Subject: [PATCH] Lib/pty.py: handle stdin I/O errors same way as master I/O @@ -30,18 +30,18 @@ Signed-off-by: Alexander Kanavin <alex@linutronix.de> 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Lib/pty.py b/Lib/pty.py -index 8d8ce40..35439c6 100644 +index fefb63a..4cef056 100644 --- a/Lib/pty.py +++ b/Lib/pty.py -@@ -154,7 +154,10 @@ def _copy(master_fd, master_read=_read, stdin_read=_read): - os.write(STDOUT_FILENO, data) +@@ -184,7 +184,10 @@ def _copy(master_fd, master_read=_read, stdin_read=_read): + i_buf = i_buf[n:] - if STDIN_FILENO in rfds: + if stdin_avail and STDIN_FILENO in rfds: - data = stdin_read(STDIN_FILENO) + try: + data = stdin_read(STDIN_FILENO) + except OSError: + data = b"" if not data: - fds.remove(STDIN_FILENO) + stdin_avail = False else: diff --git a/poky/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch b/poky/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch index 86971f4048..a0f3d72992 100644 --- a/poky/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch +++ b/poky/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch @@ -1,4 +1,4 @@ -From cab8b8b1390165a93dfb27c48c1cc4c3e4280dfd Mon Sep 17 00:00:00 2001 +From 512c617bd00b74b30a80dd56a12391de46e2b6cf Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex@linutronix.de> Date: Fri, 10 Sep 2021 12:28:31 +0200 Subject: [PATCH] Lib/sysconfig.py: use prefix value from build configuration diff --git a/poky/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch b/poky/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch index e080b5c562..bbdd8b586e 100644 --- a/poky/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch +++ b/poky/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch @@ -1,4 +1,4 @@ -From 79e7ed59750612e57647847957ab85709307ea38 Mon Sep 17 00:00:00 2001 +From 843574d5a5b0818e83e20f8c0389d567bd4733fb Mon Sep 17 00:00:00 2001 From: Khem Raj <raj.khem@gmail.com> Date: Tue, 14 May 2013 15:00:26 -0700 Subject: [PATCH] python3: Add target and native recipes diff --git a/poky/meta/recipes-devtools/python/python3/get_module_deps3.py b/poky/meta/recipes-devtools/python/python3/get_module_deps3.py index 0ca687d2eb..8e432b49af 100644 --- a/poky/meta/recipes-devtools/python/python3/get_module_deps3.py +++ b/poky/meta/recipes-devtools/python/python3/get_module_deps3.py @@ -32,7 +32,7 @@ def fix_path(dep_path): dep_path = dep_path[dep_path.find(pivot)+len(pivot):] if '/usr/bin' in dep_path: - dep_path = dep_path.replace('/usr/bin''${bindir}') + dep_path = dep_path.replace('/usr/bin','${bindir}') # Handle multilib, is there a better way? if '/usr/lib32' in dep_path: diff --git a/poky/meta/recipes-devtools/python/python3/makerace.patch b/poky/meta/recipes-devtools/python/python3/makerace.patch index 979fc9dc36..c71c1e15de 100644 --- a/poky/meta/recipes-devtools/python/python3/makerace.patch +++ b/poky/meta/recipes-devtools/python/python3/makerace.patch @@ -1,4 +1,4 @@ -From 4f52aaf2a548b3356c6f1369c62b11335dc27464 Mon Sep 17 00:00:00 2001 +From dde5cb74f55b6dd39d25cff639d16940d9dad505 Mon Sep 17 00:00:00 2001 From: Richard Purdie <richard.purdie@linuxfoundation.org> Date: Tue, 13 Jul 2021 23:19:29 +0100 Subject: [PATCH] python3: Fix make race @@ -18,11 +18,11 @@ Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.pre.in b/Makefile.pre.in -index 7558f0c..8cec819 100644 +index c6d7e85..205af6c 100644 --- a/Makefile.pre.in +++ b/Makefile.pre.in -@@ -2005,7 +2005,7 @@ TESTSUBDIRS= ctypes/test \ - unittest/test unittest/test/testmock +@@ -2045,7 +2045,7 @@ TESTSUBDIRS= ctypes/test \ + unittest/test/testmock TEST_MODULES=@TEST_MODULES@ -libinstall: all $(srcdir)/Modules/xxmodule.c diff --git a/poky/meta/recipes-devtools/python/python3_3.11.2.bb b/poky/meta/recipes-devtools/python/python3_3.11.5.bb index 5bd8d32b14..b1ab307804 100644 --- a/poky/meta/recipes-devtools/python/python3_3.11.2.bb +++ b/poky/meta/recipes-devtools/python/python3_3.11.5.bb @@ -39,7 +39,7 @@ SRC_URI:append:class-native = " \ file://12-distutils-prefix-is-inside-staging-area.patch \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[sha256sum] = "29e4b8f5f1658542a8c13e2dd277358c9c48f2b2f7318652ef1675e402b9d2af" +SRC_URI[sha256sum] = "85cd12e9cf1d6d5a45f17f7afe1cebe7ee628d3282281c492e86adf636defa3f" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" @@ -56,6 +56,8 @@ CVE_CHECK_IGNORE += "CVE-2020-15523 CVE-2022-26488" # The mailcap module is insecure by design, so this can't be fixed in a meaningful way. # The module will be removed in the future and flaws documented. CVE_CHECK_IGNORE += "CVE-2015-20107" +# Not an issue, in fact expected behaviour +CVE_CHECK_IGNORE += "CVE-2023-36632" PYTHON_MAJMIN = "3.11" diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index 4c9be91cb0..c8e1d28654 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -36,6 +36,11 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://qemu-guest-agent.init \ file://qemu-guest-agent.udev \ file://ppc.patch \ + file://CVE-2023-0330.patch \ + file://CVE-2023-3301.patch \ + file://CVE-2023-3255.patch \ + file://CVE-2023-2861.patch \ + file://CVE-2023-3354.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/poky/meta/recipes-devtools/qemu/qemu/0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch b/poky/meta/recipes-devtools/qemu/qemu/0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch index 5ef1184e3c..36c537eee1 100644 --- a/poky/meta/recipes-devtools/qemu/qemu/0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch +++ b/poky/meta/recipes-devtools/qemu/qemu/0001-tracetool-use-relative-paths-for-line-preprocessor-d.patch @@ -8,7 +8,7 @@ The event filename is an absolute path. Convert it to a relative path when writing '#line' directives, to preserve reproducibility of the generated output when different base paths are used. -Upstream-Status: Pending +Upstream-Status: Accepted [https://gitlab.com/qemu-project/qemu/-/commit/9d672e290475001fcecdcc9dc79ad088ff89d17f] --- scripts/tracetool/backend/ftrace.py | 4 +++- diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch new file mode 100644 index 0000000000..f609ea29b4 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-0330.patch @@ -0,0 +1,75 @@ +From b987718bbb1d0eabf95499b976212dd5f0120d75 Mon Sep 17 00:00:00 2001 +From: Thomas Huth <thuth@redhat.com> +Date: Mon, 22 May 2023 11:10:11 +0200 +Subject: [PATCH] hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI + controller (CVE-2023-0330) + +We cannot use the generic reentrancy guard in the LSI code, so +we have to manually prevent endless reentrancy here. The problematic +lsi_execute_script() function has already a way to detect whether +too many instructions have been executed - we just have to slightly +change the logic here that it also takes into account if the function +has been called too often in a reentrant way. + +The code in fuzz-lsi53c895a-test.c has been taken from an earlier +patch by Mauro Matteo Cascella. + +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1563 +Message-Id: <20230522091011.1082574-1-thuth@redhat.com> +Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> +Reviewed-by: Alexander Bulekov <alxndr@bu.edu> +Signed-off-by: Thomas Huth <thuth@redhat.com> + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/b987718bbb1d0eabf95499b976212dd5f0120d75] +CVE: CVE-2023-0330 + +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + hw/scsi/lsi53c895a.c | 23 +++++++++++++++------ + tests/qtest/fuzz-lsi53c895a-test.c | 33 ++++++++++++++++++++++++++++++ + 2 files changed, 50 insertions(+), 6 deletions(-) + +diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c +index 048436352b7a..f7d45b0b20fb 100644 +--- a/hw/scsi/lsi53c895a.c ++++ b/hw/scsi/lsi53c895a.c +@@ -1134,15 +1134,24 @@ static void lsi_execute_script(LSIState *s) + uint32_t addr, addr_high; + int opcode; + int insn_processed = 0; ++ static int reentrancy_level; ++ ++ reentrancy_level++; + + s->istat1 |= LSI_ISTAT1_SRUN; + again: +- if (++insn_processed > LSI_MAX_INSN) { +- /* Some windows drivers make the device spin waiting for a memory +- location to change. If we have been executed a lot of code then +- assume this is the case and force an unexpected device disconnect. +- This is apparently sufficient to beat the drivers into submission. +- */ ++ /* ++ * Some windows drivers make the device spin waiting for a memory location ++ * to change. If we have executed more than LSI_MAX_INSN instructions then ++ * assume this is the case and force an unexpected device disconnect. This ++ * is apparently sufficient to beat the drivers into submission. ++ * ++ * Another issue (CVE-2023-0330) can occur if the script is programmed to ++ * trigger itself again and again. Avoid this problem by stopping after ++ * being called multiple times in a reentrant way (8 is an arbitrary value ++ * which should be enough for all valid use cases). ++ */ ++ if (++insn_processed > LSI_MAX_INSN || reentrancy_level > 8) { + if (!(s->sien0 & LSI_SIST0_UDC)) { + qemu_log_mask(LOG_GUEST_ERROR, + "lsi_scsi: inf. loop with UDC masked"); +@@ -1596,6 +1605,8 @@ static void lsi_execute_script(LSIState *s) + } + } + trace_lsi_execute_script_stop(); ++ ++ reentrancy_level--; + } + + static uint8_t lsi_reg_readb(LSIState *s, int offset) diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-2861.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-2861.patch new file mode 100644 index 0000000000..34be8afe16 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-2861.patch @@ -0,0 +1,171 @@ +From f6b0de53fb87ddefed348a39284c8e2f28dc4eda Mon Sep 17 00:00:00 2001 +From: Christian Schoenebeck <qemu_oss@crudebyte.com> +Date: Wed, 2 Aug 2023 13:02:55 +0000 +Subject: [PATCH] 9pfs: prevent opening special files (CVE-2023-2861) + +The 9p protocol does not specifically define how server shall behave when +client tries to open a special file, however from security POV it does +make sense for 9p server to prohibit opening any special file on host side +in general. A sane Linux 9p client for instance would never attempt to +open a special file on host side, it would always handle those exclusively +on its guest side. A malicious client however could potentially escape +from the exported 9p tree by creating and opening a device file on host +side. + +With QEMU this could only be exploited in the following unsafe setups: + + - Running QEMU binary as root AND 9p 'local' fs driver AND 'passthrough' + security model. + +or + + - Using 9p 'proxy' fs driver (which is running its helper daemon as + root). + +These setups were already discouraged for safety reasons before, +however for obvious reasons we are now tightening behaviour on this. + +Fixes: CVE-2023-2861 +Reported-by: Yanwu Shen <ywsPlz@gmail.com> +Reported-by: Jietao Xiao <shawtao1125@gmail.com> +Reported-by: Jinku Li <jkli@xidian.edu.cn> +Reported-by: Wenbo Shen <shenwenbo@zju.edu.cn> +Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com> +Reviewed-by: Greg Kurz <groug@kaod.org> +Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> +Message-Id: <E1q6w7r-0000Q0-NM@lizzy.crudebyte.com> + +CVE: CVE-2023-2861 + +Upstream-Status: Backport [https://github.com/qemu/qemu/commit/10fad73a2bf1c76c8aa9d6322755e5f877d83ce5] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + fsdev/virtfs-proxy-helper.c | 27 ++++++++++++++++++++++++-- + hw/9pfs/9p-util.h | 38 +++++++++++++++++++++++++++++++++++++ + 2 files changed, 63 insertions(+), 2 deletions(-) + +diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c +index 5cafcd770..d9511f429 100644 +--- a/fsdev/virtfs-proxy-helper.c ++++ b/fsdev/virtfs-proxy-helper.c +@@ -26,6 +26,7 @@ + #include "qemu/xattr.h" + #include "9p-iov-marshal.h" + #include "hw/9pfs/9p-proxy.h" ++#include "hw/9pfs/9p-util.h" + #include "fsdev/9p-iov-marshal.h" + + #define PROGNAME "virtfs-proxy-helper" +@@ -338,6 +339,28 @@ static void resetugid(int suid, int sgid) + } + } + ++/* ++ * Open regular file or directory. Attempts to open any special file are ++ * rejected. ++ * ++ * returns file descriptor or -1 on error ++ */ ++static int open_regular(const char *pathname, int flags, mode_t mode) ++{ ++ int fd; ++ ++ fd = open(pathname, flags, mode); ++ if (fd < 0) { ++ return fd; ++ } ++ ++ if (close_if_special_file(fd) < 0) { ++ return -1; ++ } ++ ++ return fd; ++} ++ + /* + * send response in two parts + * 1) ProxyHeader +@@ -682,7 +705,7 @@ static int do_create(struct iovec *iovec) + if (ret < 0) { + goto unmarshal_err_out; + } +- ret = open(path.data, flags, mode); ++ ret = open_regular(path.data, flags, mode); + if (ret < 0) { + ret = -errno; + } +@@ -707,7 +730,7 @@ static int do_open(struct iovec *iovec) + if (ret < 0) { + goto err_out; + } +- ret = open(path.data, flags); ++ ret = open_regular(path.data, flags, 0); + if (ret < 0) { + ret = -errno; + } +diff --git a/hw/9pfs/9p-util.h b/hw/9pfs/9p-util.h +index c3526144c..6b44e5f7a 100644 +--- a/hw/9pfs/9p-util.h ++++ b/hw/9pfs/9p-util.h +@@ -13,6 +13,8 @@ + #ifndef QEMU_9P_UTIL_H + #define QEMU_9P_UTIL_H + ++#include "qemu/error-report.h" ++ + #ifdef O_PATH + #define O_PATH_9P_UTIL O_PATH + #else +@@ -112,6 +114,38 @@ static inline void close_preserve_errno(int fd) + errno = serrno; + } + ++/** ++ * close_if_special_file() - Close @fd if neither regular file nor directory. ++ * ++ * @fd: file descriptor of open file ++ * Return: 0 on regular file or directory, -1 otherwise ++ * ++ * CVE-2023-2861: Prohibit opening any special file directly on host ++ * (especially device files), as a compromised client could potentially gain ++ * access outside exported tree under certain, unsafe setups. We expect ++ * client to handle I/O on special files exclusively on guest side. ++ */ ++static inline int close_if_special_file(int fd) ++{ ++ struct stat stbuf; ++ ++ if (fstat(fd, &stbuf) < 0) { ++ close_preserve_errno(fd); ++ return -1; ++ } ++ if (!S_ISREG(stbuf.st_mode) && !S_ISDIR(stbuf.st_mode)) { ++ error_report_once( ++ "9p: broken or compromised client detected; attempt to open " ++ "special file (i.e. neither regular file, nor directory)" ++ ); ++ close(fd); ++ errno = ENXIO; ++ return -1; ++ } ++ ++ return 0; ++} ++ + static inline int openat_dir(int dirfd, const char *name) + { + return openat(dirfd, name, +@@ -146,6 +180,10 @@ again: + return -1; + } + ++ if (close_if_special_file(fd) < 0) { ++ return -1; ++ } ++ + serrno = errno; + /* O_NONBLOCK was only needed to open the file. Let's drop it. We don't + * do that with O_PATH since fcntl(F_SETFL) isn't supported, and openat() +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3255.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3255.patch new file mode 100644 index 0000000000..661af629b0 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3255.patch @@ -0,0 +1,65 @@ +From d921fea338c1059a27ce7b75309d7a2e485f710b Mon Sep 17 00:00:00 2001 +From: Mauro Matteo Cascella <mcascell@redhat.com> +Date: Wed, 2 Aug 2023 12:29:55 +0000 +Subject: [PATCH] ui/vnc-clipboard: fix infinite loop in inflate_buffer + (CVE-2023-3255) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 + Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Content-Type: text/plain; + charset=UTF-8 Content-Transfer-Encoding: 8bit +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +A wrong exit condition may lead to an infinite loop when inflating a +valid zlib buffer containing some extra bytes in the `inflate_buffer` +function. The bug only occurs post-authentication. Return the buffer +immediately if the end of the compressed data has been reached +(Z_STREAM_END). + +Fixes: CVE-2023-3255 +Fixes: 0bf41cab ("ui/vnc: clipboard support") +Reported-by: Kevin Denis <kevin.denis@synacktiv.com> +Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com> +Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> +Tested-by: Marc-André Lureau <marcandre.lureau@redhat.com> +Message-ID: <20230704084210.101822-1-mcascell@redhat.com> + +CVE: CVE-2023-3255 + +Upstream-Status: Backport [https://github.com/qemu/qemu/commit/d921fea338c1059a27ce7b75309d7a2e485f710b] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + ui/vnc-clipboard.c | 10 ++++------ + 1 file changed, 4 insertions(+), 6 deletions(-) + +diff --git a/ui/vnc-clipboard.c b/ui/vnc-clipboard.c +index 8aeadfaa2..c759be343 100644 +--- a/ui/vnc-clipboard.c ++++ b/ui/vnc-clipboard.c +@@ -50,8 +50,11 @@ static uint8_t *inflate_buffer(uint8_t *in, uint32_t in_len, uint32_t *size) + ret = inflate(&stream, Z_FINISH); + switch (ret) { + case Z_OK: +- case Z_STREAM_END: + break; ++ case Z_STREAM_END: ++ *size = stream.total_out; ++ inflateEnd(&stream); ++ return out; + case Z_BUF_ERROR: + out_len <<= 1; + if (out_len > (1 << 20)) { +@@ -66,11 +69,6 @@ static uint8_t *inflate_buffer(uint8_t *in, uint32_t in_len, uint32_t *size) + } + } + +- *size = stream.total_out; +- inflateEnd(&stream); +- +- return out; +- + err_end: + inflateEnd(&stream); + err: +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3301.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3301.patch new file mode 100644 index 0000000000..977f017ed2 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3301.patch @@ -0,0 +1,65 @@ +From a0d7215e339b61c7d7a7b3fcf754954d80d93eb8 Sep 17 00:00:00 2001 +From: Ani Sinha <anisinha@redhat.com> +Date: Wed, 2 Aug 2023 09:25:27 +0000 +Subject: [PATCH] vhost-vdpa: do not cleanup the vdpa/vhost-net structures if + peer nic is present + +When a peer nic is still attached to the vdpa backend, it is too early to free +up the vhost-net and vdpa structures. If these structures are freed here, then +QEMU crashes when the guest is being shut down. The following call chain +would result in an assertion failure since the pointer returned from +vhost_vdpa_get_vhost_net() would be NULL: + +do_vm_stop() -> vm_state_notify() -> virtio_set_status() -> +virtio_net_vhost_status() -> get_vhost_net(). + +Therefore, we defer freeing up the structures until at guest shutdown +time when qemu_cleanup() calls net_cleanup() which then calls +qemu_del_net_client() which would eventually call vhost_vdpa_cleanup() +again to free up the structures. This time, the loop in net_cleanup() +ensures that vhost_vdpa_cleanup() will be called one last time when +all the peer nics are detached and freed. + +All unit tests pass with this change. + +CC: imammedo@redhat.com +CC: jusual@redhat.com +CC: mst@redhat.com +Fixes: CVE-2023-3301 +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2128929 +Signed-off-by: Ani Sinha <anisinha@redhat.com> +Message-Id: <20230619065209.442185-1-anisinha@redhat.com> +Reviewed-by: Michael S. Tsirkin <mst@redhat.com> +Signed-off-by: Michael S. Tsirkin <mst@redhat.com> + +CVE: CVE-2023-3301 + +Upstream-Status: Backport [https://github.com/qemu/qemu/commit/a0d7215e339b61c7d7a7b3fcf754954d80d93eb8] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + net/vhost-vdpa.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/net/vhost-vdpa.c b/net/vhost-vdpa.c +index 2b4b85d8f..8dbe929c1 100644 +--- a/net/vhost-vdpa.c ++++ b/net/vhost-vdpa.c +@@ -158,6 +158,15 @@ err_init: + static void vhost_vdpa_cleanup(NetClientState *nc) + { + VhostVDPAState *s = DO_UPCAST(VhostVDPAState, nc, nc); ++ ++ /* ++ * If a peer NIC is attached, do not cleanup anything. ++ * Cleanup will happen as a part of qemu_cleanup() -> net_cleanup() ++ * when the guest is shutting down. ++ */ ++ if (nc->peer && nc->peer->info->type == NET_CLIENT_DRIVER_NIC) { ++ return; ++ } + struct vhost_dev *dev = &s->vhost_net->dev; + + qemu_vfree(s->cvq_cmd_out_buffer); +-- +2.40.0 diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3354.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3354.patch new file mode 100644 index 0000000000..b3958ecbf5 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-3354.patch @@ -0,0 +1,88 @@ +From 10be627d2b5ec2d6b3dce045144aa739eef678b4 Mon Sep 17 00:00:00 2001 +From: Daniel P. Berrangé <berrange@redhat.com> +Date: Tue, 12 Sep 2023 06:38:03 +0000 +Subject: [PATCH] io: remove io watch if TLS channel is closed during handshake +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The TLS handshake make take some time to complete, during which time an +I/O watch might be registered with the main loop. If the owner of the +I/O channel invokes qio_channel_close() while the handshake is waiting +to continue the I/O watch must be removed. Failing to remove it will +later trigger the completion callback which the owner is not expecting +to receive. In the case of the VNC server, this results in a SEGV as +vnc_disconnect_start() tries to shutdown a client connection that is +already gone / NULL. + +CVE-2023-3354 +Reported-by: jiangyegen <jiangyegen@huawei.com> +Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> + +CVE: CVE-2023-3354 + +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/10be627d2b5ec2d6b3dce045144aa739eef678b4] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + include/io/channel-tls.h | 1 + + io/channel-tls.c | 18 ++++++++++++------ + 2 files changed, 13 insertions(+), 6 deletions(-) + +diff --git a/include/io/channel-tls.h b/include/io/channel-tls.h +index 5672479e9..ccd510ade 100644 +--- a/include/io/channel-tls.h ++++ b/include/io/channel-tls.h +@@ -48,6 +48,7 @@ struct QIOChannelTLS { + QIOChannel *master; + QCryptoTLSSession *session; + QIOChannelShutdown shutdown; ++ guint hs_ioc_tag; + }; + + /** +diff --git a/io/channel-tls.c b/io/channel-tls.c +index 4ce890a53..17d73f02e 100644 +--- a/io/channel-tls.c ++++ b/io/channel-tls.c +@@ -195,12 +195,13 @@ static void qio_channel_tls_handshake_task(QIOChannelTLS *ioc, + } + + trace_qio_channel_tls_handshake_pending(ioc, status); +- qio_channel_add_watch_full(ioc->master, +- condition, +- qio_channel_tls_handshake_io, +- data, +- NULL, +- context); ++ ioc->hs_ioc_tag = ++ qio_channel_add_watch_full(ioc->master, ++ condition, ++ qio_channel_tls_handshake_io, ++ data, ++ NULL, ++ context); + } + } + +@@ -215,6 +216,7 @@ static gboolean qio_channel_tls_handshake_io(QIOChannel *ioc, + QIOChannelTLS *tioc = QIO_CHANNEL_TLS( + qio_task_get_source(task)); + ++ tioc->hs_ioc_tag = 0; + g_free(data); + qio_channel_tls_handshake_task(tioc, task, context); + +@@ -374,6 +376,10 @@ static int qio_channel_tls_close(QIOChannel *ioc, + { + QIOChannelTLS *tioc = QIO_CHANNEL_TLS(ioc); + ++ if (tioc->hs_ioc_tag) { ++ g_clear_handle_id(&tioc->hs_ioc_tag, g_source_remove); ++ } ++ + return qio_channel_close(tioc->master, errp); + } + +-- +2.35.5 diff --git a/poky/meta/recipes-devtools/qemu/qemu/qemu-7.0.0-glibc-2.36.patch b/poky/meta/recipes-devtools/qemu/qemu/qemu-7.0.0-glibc-2.36.patch deleted file mode 100644 index abad1cfeeb..0000000000 --- a/poky/meta/recipes-devtools/qemu/qemu/qemu-7.0.0-glibc-2.36.patch +++ /dev/null @@ -1,46 +0,0 @@ -Avoid conflicts between sys/mount.h and linux/mount.h that are seen -with glibc 2.36 - -Source: https://github.com/archlinux/svntogit-packages/blob/packages/qemu/trunk/qemu-7.0.0-glibc-2.36.patch - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- a/linux-user/syscall.c -+++ b/linux-user/syscall.c -@@ -95,7 +95,25 @@ - #include <linux/soundcard.h> - #include <linux/kd.h> - #include <linux/mtio.h> -+ -+#ifdef HAVE_SYS_MOUNT_FSCONFIG -+/* -+ * glibc >= 2.36 linux/mount.h conflicts with sys/mount.h, -+ * which in turn prevents use of linux/fs.h. So we have to -+ * define the constants ourselves for now. -+ */ -+#define FS_IOC_GETFLAGS _IOR('f', 1, long) -+#define FS_IOC_SETFLAGS _IOW('f', 2, long) -+#define FS_IOC_GETVERSION _IOR('v', 1, long) -+#define FS_IOC_SETVERSION _IOW('v', 2, long) -+#define FS_IOC_FIEMAP _IOWR('f', 11, struct fiemap) -+#define FS_IOC32_GETFLAGS _IOR('f', 1, int) -+#define FS_IOC32_SETFLAGS _IOW('f', 2, int) -+#define FS_IOC32_GETVERSION _IOR('v', 1, int) -+#define FS_IOC32_SETVERSION _IOW('v', 2, int) -+#else - #include <linux/fs.h> -+#endif - #include <linux/fd.h> - #if defined(CONFIG_FIEMAP) - #include <linux/fiemap.h> ---- a/meson.build -+++ b/meson.build -@@ -1686,6 +1686,8 @@ config_host_data.set('HAVE_OPTRESET', - cc.has_header_symbol('getopt.h', 'optreset')) - config_host_data.set('HAVE_IPPROTO_MPTCP', - cc.has_header_symbol('netinet/in.h', 'IPPROTO_MPTCP')) -+config_host_data.set('HAVE_SYS_MOUNT_FSCONFIG', -+ cc.has_header_symbol('sys/mount.h', 'FSCONFIG_SET_FLAG')) - - # has_member - config_host_data.set('HAVE_SIGEV_NOTIFY_THREAD_ID', diff --git a/poky/meta/recipes-devtools/rpm/rpm_4.18.1.bb b/poky/meta/recipes-devtools/rpm/rpm_4.18.1.bb index 6da2edddf3..83537d4761 100644 --- a/poky/meta/recipes-devtools/rpm/rpm_4.18.1.bb +++ b/poky/meta/recipes-devtools/rpm/rpm_4.18.1.bb @@ -134,8 +134,8 @@ do_install:append:class-target() { do_install:append:class-nativesdk() { rm -rf ${D}${SDKPATHNATIVE}/var # Ensure find-debuginfo is located correctly inside SDK - mkdir -p ${D}${SDKPATHNATIVE}/etc/rpm - echo "%__find_debuginfo ${SDKPATHNATIVE}/usr/bin/find-debuginfo" >> ${D}${SDKPATHNATIVE}/etc/rpm/macros + mkdir -p ${D}${libdir}/rpm + echo "%__find_debuginfo ${SDKPATHNATIVE}/usr/bin/find-debuginfo" >> ${D}${libdir}/rpm/macros } do_install:append () { @@ -173,7 +173,6 @@ FILES:${PN}-build = "\ ${libdir}/rpm/macros.p* \ ${libdir}/rpm/fileattrs/* \ " -FILES:${PN}-build:append:class-nativesdk = " ${SDKPATHNATIVE}/etc/rpm/macros" FILES:${PN}-sign = "\ ${bindir}/rpmsign \ diff --git a/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch b/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch new file mode 100644 index 0000000000..17c7e30176 --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch @@ -0,0 +1,56 @@ +From 2ebb50d2dc302917a6f57c1239dc9e700dfe0e34 Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada <nobu@ruby-lang.org> +Date: Thu, 27 Jul 2023 15:53:01 +0800 +Subject: [PATCH] Fix quadratic backtracking on invalid relative URI + +https://hackerone.com/reports/1958260 + +CVE: CVE-2023-36617 + +Upstream-Status: Backport [https://github.com/ruby/uri/commit/9010ee2536adda10a0555ae1ed6fe2f5808e6bf1] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + lib/uri/rfc2396_parser.rb | 4 ++-- + test/uri/test_parser.rb | 12 ++++++++++++ + 2 files changed, 14 insertions(+), 2 deletions(-) + +diff --git a/lib/uri/rfc2396_parser.rb b/lib/uri/rfc2396_parser.rb +index 76a8f99..00c66cf 100644 +--- a/lib/uri/rfc2396_parser.rb ++++ b/lib/uri/rfc2396_parser.rb +@@ -497,8 +497,8 @@ module URI + ret = {} + + # for URI::split +- ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) +- ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) ++ ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED) ++ ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED) + + # for URI::extract + ret[:URI_REF] = Regexp.new(pattern[:URI_REF]) +diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb +index 72fb590..721e05e 100644 +--- a/test/uri/test_parser.rb ++++ b/test/uri/test_parser.rb +@@ -79,4 +79,16 @@ class URI::TestParser < Test::Unit::TestCase + assert_equal([nil, nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("//example.com")) + assert_equal([nil, nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("//[0::0]")) + end ++ ++ def test_rfc2822_parse_relative_uri ++ pre = ->(length) { ++ " " * length + "\0" ++ } ++ parser = URI::RFC2396_Parser.new ++ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |uri| ++ assert_raise(URI::InvalidURIError) do ++ parser.split(uri) ++ end ++ end ++ end + end +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch b/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch new file mode 100644 index 0000000000..7c51deaa42 --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch @@ -0,0 +1,52 @@ +From eea5868120509c245216c4b5c2d4b5db1c593d0e Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada <nobu@ruby-lang.org> +Date: Thu, 27 Jul 2023 16:16:30 +0800 +Subject: [PATCH] Fix quadratic backtracking on invalid port number + +https://hackerone.com/reports/1958260 + +CVE: CVE-2023-36617 + +Upstream-Status: Backport [https://github.com/ruby/uri/commit/9d7bcef1e6ad23c9c6e4932f297fb737888144c8] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + lib/uri/rfc3986_parser.rb | 2 +- + test/uri/test_parser.rb | 10 ++++++++++ + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb +index dd24a40..9b1663d 100644 +--- a/lib/uri/rfc3986_parser.rb ++++ b/lib/uri/rfc3986_parser.rb +@@ -100,7 +100,7 @@ module URI + QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, + FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/, + OPAQUE: /\A(?:[^\/].*)?\z/, +- PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/, ++ PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/, + } + end + +diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb +index 721e05e..cee0acb 100644 +--- a/test/uri/test_parser.rb ++++ b/test/uri/test_parser.rb +@@ -91,4 +91,14 @@ class URI::TestParser < Test::Unit::TestCase + end + end + end ++ ++ def test_rfc3986_port_check ++ pre = ->(length) {"\t" * length + "a"} ++ uri = URI.parse("http://my.example.com") ++ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |port| ++ assert_raise(URI::InvalidComponentError) do ++ uri.port = port ++ end ++ end ++ end + end +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/ruby/ruby_3.2.2.bb b/poky/meta/recipes-devtools/ruby/ruby_3.2.2.bb index 481fe7c23d..d1359e388c 100644 --- a/poky/meta/recipes-devtools/ruby/ruby_3.2.2.bb +++ b/poky/meta/recipes-devtools/ruby/ruby_3.2.2.bb @@ -31,6 +31,8 @@ SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \ file://0006-Make-gemspecs-reproducible.patch \ file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \ file://0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch \ + file://CVE-2023-36617_1.patch \ + file://CVE-2023-36617_2.patch \ " UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/" diff --git a/poky/meta/recipes-devtools/rust/rust-source.inc b/poky/meta/recipes-devtools/rust/rust-source.inc index b25b5c17e8..0534e59c35 100644 --- a/poky/meta/recipes-devtools/rust/rust-source.inc +++ b/poky/meta/recipes-devtools/rust/rust-source.inc @@ -17,8 +17,3 @@ export TARGET_VENDOR UPSTREAM_CHECK_URI = "https://forge.rust-lang.org/infra/other-installation-methods.html" UPSTREAM_CHECK_REGEX = "rustc-(?P<pver>\d+(\.\d+)+)-src" - -# see recipes-devtools/gcc/gcc/0018-Add-ssp_nonshared-to-link-commandline-for-musl-targe.patch -# we need to link with ssp_nonshared on musl to avoid "undefined reference to `__stack_chk_fail_local'" -# when building MACHINE=qemux86 for musl -WRAPPER_TARGET_EXTRALD:libc-musl = "-lssp_nonshared" diff --git a/poky/meta/recipes-devtools/strace/strace/0001-caps-abbrev.awk-fix-gawk-s-path.patch b/poky/meta/recipes-devtools/strace/strace/0001-caps-abbrev.awk-fix-gawk-s-path.patch deleted file mode 100644 index 235e803641..0000000000 --- a/poky/meta/recipes-devtools/strace/strace/0001-caps-abbrev.awk-fix-gawk-s-path.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 597cc206d982e7237eb93fdc33e8c4bb6bb2d796 Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Thu, 9 Feb 2017 01:27:49 -0800 -Subject: [PATCH] caps-abbrev.awk: fix gawk's path - -It should be /usr/bin/gawk as other scripts use in this package. - -Upstream-Status: Pending - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> - ---- - tests-m32/caps-abbrev.awk | 2 +- - tests-mx32/caps-abbrev.awk | 2 +- - tests/caps-abbrev.awk | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/tests-m32/caps-abbrev.awk b/tests-m32/caps-abbrev.awk -index c00023b..a56cd56 100644 ---- a/tests-m32/caps-abbrev.awk -+++ b/tests-m32/caps-abbrev.awk -@@ -1,4 +1,4 @@ --#!/bin/gawk -+#!/usr/bin/gawk - # - # This file is part of caps strace test. - # -diff --git a/tests-mx32/caps-abbrev.awk b/tests-mx32/caps-abbrev.awk -index c00023b..a56cd56 100644 ---- a/tests-mx32/caps-abbrev.awk -+++ b/tests-mx32/caps-abbrev.awk -@@ -1,4 +1,4 @@ --#!/bin/gawk -+#!/usr/bin/gawk - # - # This file is part of caps strace test. - # -diff --git a/tests/caps-abbrev.awk b/tests/caps-abbrev.awk -index c00023b..a56cd56 100644 ---- a/tests/caps-abbrev.awk -+++ b/tests/caps-abbrev.awk -@@ -1,4 +1,4 @@ --#!/bin/gawk -+#!/usr/bin/gawk - # - # This file is part of caps strace test. - # diff --git a/poky/meta/recipes-devtools/strace/strace/3bbfb541b258baec9eba674b5d8dc30007a61542.patch b/poky/meta/recipes-devtools/strace/strace/3bbfb541b258baec9eba674b5d8dc30007a61542.patch new file mode 100644 index 0000000000..b4c6ff99de --- /dev/null +++ b/poky/meta/recipes-devtools/strace/strace/3bbfb541b258baec9eba674b5d8dc30007a61542.patch @@ -0,0 +1,50 @@ +From 3bbfb541b258baec9eba674b5d8dc30007a61542 Mon Sep 17 00:00:00 2001 +From: "Dmitry V. Levin" <ldv@strace.io> +Date: Wed, 21 Jun 2023 08:00:00 +0000 +Subject: [PATCH] net: enhance getsockopt decoding + +When getsockopt syscall fails the kernel sometimes updates the optlen +argument, for example, NETLINK_LIST_MEMBERSHIPS updates it even if +optval is not writable. + +* src/net.c (SYS_FUNC(getsockopt)): Try to fetch and print optlen +argument on exiting syscall regardless of getsockopt exit status. + +Upstream-Status: Backport +--- + src/net.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/src/net.c b/src/net.c +index f68ccb947..7244b5e57 100644 +--- a/src/net.c ++++ b/src/net.c +@@ -1038,7 +1038,7 @@ SYS_FUNC(getsockopt) + } else { + ulen = get_tcb_priv_ulong(tcp); + +- if (syserror(tcp) || umove(tcp, tcp->u_arg[4], &rlen) < 0) { ++ if (umove(tcp, tcp->u_arg[4], &rlen) < 0) { + /* optval */ + printaddr(tcp->u_arg[3]); + tprint_arg_next(); +@@ -1047,6 +1047,19 @@ SYS_FUNC(getsockopt) + tprint_indirect_begin(); + PRINT_VAL_D(ulen); + tprint_indirect_end(); ++ } else if (syserror(tcp)) { ++ /* optval */ ++ printaddr(tcp->u_arg[3]); ++ tprint_arg_next(); ++ ++ /* optlen */ ++ tprint_indirect_begin(); ++ if (ulen != rlen) { ++ PRINT_VAL_D(ulen); ++ tprint_value_changed(); ++ } ++ PRINT_VAL_D(rlen); ++ tprint_indirect_end(); + } else { + /* optval */ + print_getsockopt(tcp, tcp->u_arg[1], tcp->u_arg[2], diff --git a/poky/meta/recipes-devtools/strace/strace/f31c2f4494779e5c5f170ad10539bfc2dfafe967.patch b/poky/meta/recipes-devtools/strace/strace/f31c2f4494779e5c5f170ad10539bfc2dfafe967.patch new file mode 100644 index 0000000000..a0843836c2 --- /dev/null +++ b/poky/meta/recipes-devtools/strace/strace/f31c2f4494779e5c5f170ad10539bfc2dfafe967.patch @@ -0,0 +1,50 @@ +From f31c2f4494779e5c5f170ad10539bfc2dfafe967 Mon Sep 17 00:00:00 2001 +From: "Dmitry V. Levin" <ldv@strace.io> +Date: Sat, 24 Jun 2023 08:00:00 +0000 +Subject: [PATCH] tests: update sockopt-sol_netlink test + +Update sockopt-sol_netlink test that started to fail, likely +due to recent linux kernel commit f4e4534850a9 ("net/netlink: fix +NETLINK_LIST_MEMBERSHIPS length report"). + +* tests/sockopt-sol_netlink.c (main): Always print changing optlen value +on exiting syscall. + +Reported-by: Alexander Gordeev <agordeev@linux.ibm.com> +--- + tests/sockopt-sol_netlink.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +Upstream-Status: Backport + +diff --git a/tests/sockopt-sol_netlink.c b/tests/sockopt-sol_netlink.c +index 82b98adc23..1c33219ac5 100644 +--- a/tests/sockopt-sol_netlink.c ++++ b/tests/sockopt-sol_netlink.c +@@ -94,7 +94,10 @@ main(void) + printf("%p", val); + else + printf("[%d]", *val); +- printf(", [%d]) = %s\n", *len, errstr); ++ printf(", [%d", (int) sizeof(*val)); ++ if ((int) sizeof(*val) != *len) ++ printf(" => %d", *len); ++ printf("]) = %s\n", errstr); + + /* optlen larger than necessary - shortened */ + *len = sizeof(*val) + 1; +@@ -150,8 +153,12 @@ main(void) + /* optval EFAULT - print address */ + *len = sizeof(*val); + get_sockopt(fd, names[i].val, efault, len); +- printf("getsockopt(%d, SOL_NETLINK, %s, %p, [%d]) = %s\n", +- fd, names[i].str, efault, *len, errstr); ++ printf("getsockopt(%d, SOL_NETLINK, %s, %p", ++ fd, names[i].str, efault); ++ printf(", [%d", (int) sizeof(*val)); ++ if ((int) sizeof(*val) != *len) ++ printf(" => %d", *len); ++ printf("]) = %s\n", errstr); + + /* optlen EFAULT - print address */ + get_sockopt(fd, names[i].val, val, len + 1); diff --git a/poky/meta/recipes-devtools/strace/strace/update-gawk-paths.patch b/poky/meta/recipes-devtools/strace/strace/update-gawk-paths.patch index 0c683496ae..a16ede95c2 100644 --- a/poky/meta/recipes-devtools/strace/strace/update-gawk-paths.patch +++ b/poky/meta/recipes-devtools/strace/strace/update-gawk-paths.patch @@ -125,3 +125,33 @@ index dce78f5..573d9ea 100644 # # Copyright (c) 2014-2015 Dmitry V. Levin <ldv@strace.io> # Copyright (c) 2016 Elvira Khabirova <lineprinter0@gmail.com> +diff --git a/tests-m32/caps-abbrev.awk b/tests-m32/caps-abbrev.awk +index c00023b..a56cd56 100644 +--- a/tests-m32/caps-abbrev.awk ++++ b/tests-m32/caps-abbrev.awk +@@ -1,4 +1,4 @@ +-#!/bin/gawk ++#!/usr/bin/gawk + # + # This file is part of caps strace test. + # +diff --git a/tests-mx32/caps-abbrev.awk b/tests-mx32/caps-abbrev.awk +index c00023b..a56cd56 100644 +--- a/tests-mx32/caps-abbrev.awk ++++ b/tests-mx32/caps-abbrev.awk +@@ -1,4 +1,4 @@ +-#!/bin/gawk ++#!/usr/bin/gawk + # + # This file is part of caps strace test. + # +diff --git a/tests/caps-abbrev.awk b/tests/caps-abbrev.awk +index c00023b..a56cd56 100644 +--- a/tests/caps-abbrev.awk ++++ b/tests/caps-abbrev.awk +@@ -1,4 +1,4 @@ +-#!/bin/gawk ++#!/usr/bin/gawk + # + # This file is part of caps strace test. + # diff --git a/poky/meta/recipes-devtools/strace/strace_6.2.bb b/poky/meta/recipes-devtools/strace/strace_6.2.bb index dc01b57d80..e7a34bbf66 100644 --- a/poky/meta/recipes-devtools/strace/strace_6.2.bb +++ b/poky/meta/recipes-devtools/strace/strace_6.2.bb @@ -9,12 +9,13 @@ SRC_URI = "https://strace.io/files/${PV}/strace-${PV}.tar.xz \ file://update-gawk-paths.patch \ file://Makefile-ptest.patch \ file://run-ptest \ - file://0001-caps-abbrev.awk-fix-gawk-s-path.patch \ file://ptest-spacesave.patch \ file://0001-strace-fix-reproducibilty-issues.patch \ file://skip-load.patch \ file://0001-configure-Use-autoconf-macro-to-detect-largefile-sup.patch \ file://0002-tests-Replace-off64_t-with-off_t.patch \ + file://f31c2f4494779e5c5f170ad10539bfc2dfafe967.patch \ + file://3bbfb541b258baec9eba674b5d8dc30007a61542.patch \ " SRC_URI[sha256sum] = "0c7d38a449416268d3004029a220a15a77c2206a03cc88120f37f46e949177e8" diff --git a/poky/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb b/poky/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb index 9e77f12b53..7d151d4642 100644 --- a/poky/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb +++ b/poky/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb @@ -6,8 +6,8 @@ BUGTRACKER = "https://bugs.eclipse.org/bugs/" LICENSE = "EPL-1.0 | EDL-1.0" LIC_FILES_CHKSUM = "file://edl-v10.html;md5=522a390a83dc186513f0500543ad3679" -SRCREV = "4a2c4baaccbc8c29ce0297705de9a4e096d57ce5" -PV = "1.7.0+git${SRCPV}" +SRCREV = "1f11747e83ebf4f53e8d17f430136f92ec378709" +PV = "1.8.0+git${SRCPV}" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" SRC_URI = "git://git.eclipse.org/r/tcf/org.eclipse.tcf.agent.git;protocol=https;branch=master \ diff --git a/poky/meta/recipes-devtools/tcltk/tcl_8.6.13.bb b/poky/meta/recipes-devtools/tcltk/tcl_8.6.13.bb index 982f370edb..921ea7a01d 100644 --- a/poky/meta/recipes-devtools/tcltk/tcl_8.6.13.bb +++ b/poky/meta/recipes-devtools/tcltk/tcl_8.6.13.bb @@ -45,6 +45,12 @@ inherit autotools ptest binconfig AUTOTOOLS_SCRIPT_PATH = "${S}/unix" EXTRA_OECONF = "--enable-threads --disable-rpath --enable-man-suffix" +# Prevent installing copy of tzdata based on tzdata installation on the build host +# It doesn't install tzdata if one of the following files exist on the host: +# /usr/share/zoneinfo/UTC /usr/share/zoneinfo/GMT /usr/share/lib/zoneinfo/UTC /usr/share/lib/zoneinfo/GMT /usr/lib/zoneinfo/UTC /usr/lib/zoneinfo/GMT +# otherwise "/usr/lib/tcl8.6/tzdata" is included in tcl package +EXTRA_OECONF += "--with-tzdata=no" + do_install() { autotools_do_install oe_runmake 'DESTDIR=${D}' install-private-headers diff --git a/poky/meta/recipes-extended/acpica/acpica_20220331.bb b/poky/meta/recipes-extended/acpica/acpica_20220331.bb index 2c554f863a..73b9154ee7 100644 --- a/poky/meta/recipes-extended/acpica/acpica_20220331.bb +++ b/poky/meta/recipes-extended/acpica/acpica_20220331.bb @@ -16,7 +16,7 @@ COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" DEPENDS = "m4-native flex-native bison-native" -SRC_URI = "https://acpica.org/sites/acpica/files/acpica-unix-${PV}.tar.gz" +SRC_URI = "https://downloadmirror.intel.com/774879/acpica-unix-${PV}.tar.gz" SRC_URI[sha256sum] = "acaff68b14f1e0804ebbfc4b97268a4ccbefcfa053b02ed9924f2b14d8a98e21" UPSTREAM_CHECK_URI = "https://acpica.org/downloads" diff --git a/poky/meta/recipes-extended/baremetal-example/baremetal-helloworld_git.bb b/poky/meta/recipes-extended/baremetal-example/baremetal-helloworld_git.bb index 82b2901d51..c5d3e04ed5 100644 --- a/poky/meta/recipes-extended/baremetal-example/baremetal-helloworld_git.bb +++ b/poky/meta/recipes-extended/baremetal-example/baremetal-helloworld_git.bb @@ -4,10 +4,10 @@ DESCRIPTION = "These are introductory examples to showcase the use of QEMU to ru LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=39346640a23c701e4f459e05f56f4449" -SRCREV = "22016ecbb9fb6c5f3a7a06698aea7ff8a701c166" +SRCREV = "fc7c43d138185028b6ac14c83f6492fce26eca95" PV = "0.1+git${SRCPV}" -SRC_URI = "git://github.com/aehs29/baremetal-helloqemu.git;protocol=https;branch=master" +SRC_URI = "git://github.com/ahcbb6/baremetal-helloqemu.git;protocol=https;branch=master" UPSTREAM_VERSION_UNKNOWN="1" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/cups/cups.inc b/poky/meta/recipes-extended/cups/cups.inc index da320b1085..c6a676b747 100644 --- a/poky/meta/recipes-extended/cups/cups.inc +++ b/poky/meta/recipes-extended/cups/cups.inc @@ -15,6 +15,8 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/cups-${PV}-source.tar.gz \ file://0004-cups-fix-multilib-install-file-conflicts.patch \ file://volatiles.99_cups \ file://cups-volatiles.conf \ + file://CVE-2023-32324.patch \ + file://CVE-2023-34241.patch \ " GITHUB_BASE_URI = "https://github.com/OpenPrinting/cups/releases" diff --git a/poky/meta/recipes-extended/cups/cups/CVE-2023-32324.patch b/poky/meta/recipes-extended/cups/cups/CVE-2023-32324.patch new file mode 100644 index 0000000000..40b89c9899 --- /dev/null +++ b/poky/meta/recipes-extended/cups/cups/CVE-2023-32324.patch @@ -0,0 +1,36 @@ +From 07cbffd11107eed3aaf1c64e35552aec20f792da Mon Sep 17 00:00:00 2001 +From: Zdenek Dohnal <zdohnal@redhat.com> +Date: Thu, 1 Jun 2023 12:04:00 +0200 +Subject: [PATCH] cups/string.c: Return if `size` is 0 (fixes CVE-2023-32324) + +CVE: CVE-2023-32324 +Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/fd8bc2d32589] + +(cherry picked from commit fd8bc2d32589d1fd91fe1c0521be2a7c0462109e) +Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> +--- + cups/string.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/cups/string.c b/cups/string.c +index 93cdad19..6ef58515 100644 +--- a/cups/string.c ++++ b/cups/string.c +@@ -1,6 +1,7 @@ + /* + * String functions for CUPS. + * ++ * Copyright © 2023 by OpenPrinting. + * Copyright © 2007-2019 by Apple Inc. + * Copyright © 1997-2007 by Easy Software Products. + * +@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */ + size_t srclen; /* Length of source string */ + + ++ if (size == 0) ++ return (0); ++ + /* + * Figure out how much room is needed... + */ diff --git a/poky/meta/recipes-extended/cups/cups/CVE-2023-34241.patch b/poky/meta/recipes-extended/cups/cups/CVE-2023-34241.patch new file mode 100644 index 0000000000..4950ca341d --- /dev/null +++ b/poky/meta/recipes-extended/cups/cups/CVE-2023-34241.patch @@ -0,0 +1,70 @@ +From ffd290b4ab247f82722927ba9b21358daa16dbf1 Mon Sep 17 00:00:00 2001 +From: Rose <83477269+AtariDreams@users.noreply.github.com> +Date: Thu, 1 Jun 2023 11:33:39 -0400 +Subject: [PATCH] Log result of httpGetHostname BEFORE closing the connection + +httpClose frees the memory of con->http. This is problematic because httpGetHostname then tries to access the memory it points to. + +We have to log the hostname first. + +CVE: CVE-2023-34241 + +Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + scheduler/client.c | 16 +++++++--------- + 1 file changed, 7 insertions(+), 9 deletions(-) + +diff --git a/scheduler/client.c b/scheduler/client.c +index 91e441188..327473a4d 100644 +--- a/scheduler/client.c ++++ b/scheduler/client.c +@@ -193,13 +193,11 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */ + /* + * Can't have an unresolved IP address with double-lookups enabled... + */ +- +- httpClose(con->http); +- + cupsdLogClient(con, CUPSD_LOG_WARN, +- "Name lookup failed - connection from %s closed!", ++ "Name lookup failed - closing connection from %s!", + httpGetHostname(con->http, NULL, 0)); + ++ httpClose(con->http); + free(con); + return; + } +@@ -235,11 +233,11 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */ + * with double-lookups enabled... + */ + +- httpClose(con->http); +- + cupsdLogClient(con, CUPSD_LOG_WARN, +- "IP lookup failed - connection from %s closed!", ++ "IP lookup failed - closing connection from %s!", + httpGetHostname(con->http, NULL, 0)); ++ ++ httpClose(con->http); + free(con); + return; + } +@@ -256,11 +254,11 @@ cupsdAcceptClient(cupsd_listener_t *lis)/* I - Listener socket */ + + if (!hosts_access(&wrap_req)) + { +- httpClose(con->http); +- + cupsdLogClient(con, CUPSD_LOG_WARN, + "Connection from %s refused by /etc/hosts.allow and " + "/etc/hosts.deny rules.", httpGetHostname(con->http, NULL, 0)); ++ ++ httpClose(con->http); + free(con); + return; + } +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/diffutils/diffutils/0001-Skip-strip-trailing-cr-test-case.patch b/poky/meta/recipes-extended/diffutils/diffutils/0001-Skip-strip-trailing-cr-test-case.patch index 8b88c308f2..32793233f9 100644 --- a/poky/meta/recipes-extended/diffutils/diffutils/0001-Skip-strip-trailing-cr-test-case.patch +++ b/poky/meta/recipes-extended/diffutils/diffutils/0001-Skip-strip-trailing-cr-test-case.patch @@ -1,4 +1,4 @@ -From 027229d25392b22d7280c0abbc3efde4f467d167 Mon Sep 17 00:00:00 2001 +From f31395c931bc633206eccfcfaaaa5d15021a3e86 Mon Sep 17 00:00:00 2001 From: Peiran Hong <peiran.hong@windriver.com> Date: Thu, 5 Sep 2019 15:42:22 -0400 Subject: [PATCH] Skip strip-trailing-cr test case @@ -12,23 +12,18 @@ Upstream-Status: Inappropriate [embedded specific] Signed-off-by: Peiran Hong <peiran.hong@windriver.com> --- - tests/Makefile.am | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) + tests/Makefile.am | 1 - + 1 file changed, 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am -index d98df82..757ea52 100644 +index 79bacfb..4adb4d7 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -21,9 +21,11 @@ TESTS = \ +@@ -22,7 +22,6 @@ TESTS = \ stdin \ strcoll-0-names \ filename-quoting \ - strip-trailing-cr \ timezone \ - colors -+# Skipping this test since it requires valgrind -+# and thus is too heavy for diffutils package -+# strip-trailing-cr - - XFAIL_TESTS = large-subopt - + colors \ + y2038-vs-32bit diff --git a/poky/meta/recipes-extended/diffutils/diffutils_3.9.bb b/poky/meta/recipes-extended/diffutils/diffutils_3.10.bb index 2bb9e6f32d..08e8305612 100644 --- a/poky/meta/recipes-extended/diffutils/diffutils_3.9.bb +++ b/poky/meta/recipes-extended/diffutils/diffutils_3.10.bb @@ -8,7 +8,7 @@ SRC_URI = "${GNU_MIRROR}/diffutils/diffutils-${PV}.tar.xz \ file://0001-Skip-strip-trailing-cr-test-case.patch \ " -SRC_URI[sha256sum] = "d80d3be90a201868de83d78dad3413ad88160cc53bcc36eb9eaf7c20dbf023f1" +SRC_URI[sha256sum] = "90e5e93cc724e4ebe12ede80df1634063c7a855692685919bfe60b556c9bd09e" EXTRA_OECONF += "ac_cv_path_PR_PROGRAM=${bindir}/pr --without-libsigsegv-prefix" diff --git a/poky/meta/recipes-extended/gawk/gawk_5.2.1.bb b/poky/meta/recipes-extended/gawk/gawk_5.2.2.bb index 768c8eb364..3c18b6911a 100644 --- a/poky/meta/recipes-extended/gawk/gawk_5.2.1.bb +++ b/poky/meta/recipes-extended/gawk/gawk_5.2.2.bb @@ -19,7 +19,7 @@ SRC_URI = "${GNU_MIRROR}/gawk/gawk-${PV}.tar.gz \ file://run-ptest \ " -SRC_URI[sha256sum] = "529e7c8c6acf21ff3a6183f4d763c632810908989c24675c77995d51ac37b79c" +SRC_URI[sha256sum] = "945aef7ccff101f20b22a10802bc005e994ab2b8ea3e724cc1a197c62f41f650" inherit autotools gettext texinfo update-alternatives diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-38559.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-38559.patch new file mode 100644 index 0000000000..4ef71cba7b --- /dev/null +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-38559.patch @@ -0,0 +1,31 @@ +CVE: CVE-2023-38559 +Upstream-Status: Backport [ https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=d81b82c70bc1 ] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + +From d81b82c70bc1fb9991bb95f1201abb5dea55f57f Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Mon, 17 Jul 2023 14:06:37 +0100 +Subject: [PATCH] Bug 706897: Copy pcx buffer overrun fix from + devices/gdevpcx.c + +Bounds check the buffer, before dereferencing the pointer. +--- + base/gdevdevn.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/base/gdevdevn.c b/base/gdevdevn.c +index 7b14d9c71..6351fb77a 100644 +--- a/base/gdevdevn.c ++++ b/base/gdevdevn.c +@@ -1983,7 +1983,7 @@ devn_pcx_write_rle(const byte * from, const byte * end, int step, gp_file * file + byte data = *from; + + from += step; +- if (data != *from || from == end) { ++ if (from >= end || data != *from) { + if (data >= 0xc0) + gp_fputc(0xc1, file); + } else { +-- +2.34.1 + diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/cve-2023-36664.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/cve-2023-36664.patch new file mode 100644 index 0000000000..fea0665523 --- /dev/null +++ b/poky/meta/recipes-extended/ghostscript/ghostscript/cve-2023-36664.patch @@ -0,0 +1,165 @@ +From 6f244ecef4a740b3b2dde15303b13a93a83706c1 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Wed, 7 Jun 2023 10:23:06 +0100 +Subject: [PATCH] Bug 706761: Don't "reduce" %pipe% file names for permission + validation + +For regular file names, we try to simplfy relative paths before we use them. + +Because the %pipe% device can, effectively, accept command line calls, we +shouldn't be simplifying that string, because the command line syntax can end +up confusing the path simplifying code. That can result in permitting a pipe +command which does not match what was originally permitted. + +Special case "%pipe" in the validation code so we always deal with the entire +string. + +Bug 706778: 706761 revisit + +Two problems with the original commit. The first a silly typo inverting the +logic of a test. + +The second was forgetting that we actually actually validate two candidate +strings for pipe devices. One with the expected "%pipe%" prefix, the other +using the pipe character prefix: "|". + +This addresses both those. +--- +CVE: CVE-2023-36664 + +Upstream-Status: Backport [see text] + +From git://git.ghostscript.com/ghostpdl + commit 5e65eeae225c7d02d447de5abaf4a8e6d234fcea + commit fb342fdb60391073a69147cb71af1ac416a81099 + +The second commit fixes errors in the first one, so we combine them. + +Signed-off-by: Joe Slater <joe.slater@windriver.com> +--- + base/gpmisc.c | 31 +++++++++++++++++++-------- + base/gslibctx.c | 56 ++++++++++++++++++++++++++++++++++++------------- + 2 files changed, 64 insertions(+), 23 deletions(-) + +diff --git a/base/gpmisc.c b/base/gpmisc.c +index 3d878ac..f9a9230 100644 +--- a/base/gpmisc.c ++++ b/base/gpmisc.c +@@ -1076,16 +1076,29 @@ gp_validate_path_len(const gs_memory_t *mem, + && !memcmp(path + cdirstrl, dirsepstr, dirsepstrl)) { + prefix_len = 0; + } +- rlen = len+1; +- bufferfull = (char *)gs_alloc_bytes(mem->thread_safe_memory, rlen + prefix_len, "gp_validate_path"); +- if (bufferfull == NULL) +- return gs_error_VMerror; +- +- buffer = bufferfull + prefix_len; +- if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) +- return gs_error_invalidfileaccess; +- buffer[rlen] = 0; + ++ /* "%pipe%" do not follow the normal rules for path definitions, so we ++ don't "reduce" them to avoid unexpected results ++ */ ++ if (path[0] == '|' || (len > 5 && memcmp(path, "%pipe", 5) == 0)) { ++ bufferfull = buffer = (char *)gs_alloc_bytes(mem->thread_safe_memory, len + 1, "gp_validate_path"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ memcpy(buffer, path, len); ++ buffer[len] = 0; ++ rlen = len; ++ } ++ else { ++ rlen = len+1; ++ bufferfull = (char *)gs_alloc_bytes(mem->thread_safe_memory, rlen + prefix_len, "gp_validate_path"); ++ if (bufferfull == NULL) ++ return gs_error_VMerror; ++ ++ buffer = bufferfull + prefix_len; ++ if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) ++ return gs_error_invalidfileaccess; ++ buffer[rlen] = 0; ++ } + while (1) { + switch (mode[0]) + { +diff --git a/base/gslibctx.c b/base/gslibctx.c +index 1862482..8bfe4bb 100644 +--- a/base/gslibctx.c ++++ b/base/gslibctx.c +@@ -740,14 +740,28 @@ gs_add_control_path_len_flags(const gs_memory_t *mem, gs_path_control_t type, co + return gs_error_rangecheck; + } + +- rlen = len+1; +- buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gp_validate_path"); +- if (buffer == NULL) +- return gs_error_VMerror; ++ /* "%pipe%" do not follow the normal rules for path definitions, so we ++ don't "reduce" them to avoid unexpected results ++ */ ++ if (path[0] == '|' || (len > 5 && memcmp(path, "%pipe", 5) == 0)) { ++ buffer = (char *)gs_alloc_bytes(core->memory, len + 1, "gs_add_control_path_len"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ memcpy(buffer, path, len); ++ buffer[len] = 0; ++ rlen = len; ++ } ++ else { ++ rlen = len + 1; + +- if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) +- return gs_error_invalidfileaccess; +- buffer[rlen] = 0; ++ buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gs_add_control_path_len"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ ++ if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) ++ return gs_error_invalidfileaccess; ++ buffer[rlen] = 0; ++ } + + n = control->num; + for (i = 0; i < n; i++) +@@ -833,14 +847,28 @@ gs_remove_control_path_len_flags(const gs_memory_t *mem, gs_path_control_t type, + return gs_error_rangecheck; + } + +- rlen = len+1; +- buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gp_validate_path"); +- if (buffer == NULL) +- return gs_error_VMerror; ++ /* "%pipe%" do not follow the normal rules for path definitions, so we ++ don't "reduce" them to avoid unexpected results ++ */ ++ if (path[0] == '|' || (len > 5 && memcmp(path, "%pipe", 5) == 0)) { ++ buffer = (char *)gs_alloc_bytes(core->memory, len + 1, "gs_remove_control_path_len"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ memcpy(buffer, path, len); ++ buffer[len] = 0; ++ rlen = len; ++ } ++ else { ++ rlen = len+1; + +- if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) +- return gs_error_invalidfileaccess; +- buffer[rlen] = 0; ++ buffer = (char *)gs_alloc_bytes(core->memory, rlen, "gs_remove_control_path_len"); ++ if (buffer == NULL) ++ return gs_error_VMerror; ++ ++ if (gp_file_name_reduce(path, (uint)len, buffer, &rlen) != gp_combine_success) ++ return gs_error_invalidfileaccess; ++ buffer[rlen] = 0; ++ } + + n = control->num; + for (i = 0; i < n; i++) { +-- +2.35.5 + diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript_10.0.0.bb b/poky/meta/recipes-extended/ghostscript/ghostscript_10.0.0.bb index 86ecdbe24a..9e2cd01ff4 100644 --- a/poky/meta/recipes-extended/ghostscript/ghostscript_10.0.0.bb +++ b/poky/meta/recipes-extended/ghostscript/ghostscript_10.0.0.bb @@ -35,6 +35,8 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d file://mkdir-p.patch \ file://cross-compile.patch \ file://cve-2023-28879.patch \ + file://cve-2023-36664.patch \ + file://CVE-2023-38559.patch \ " SRC_URI = "${SRC_URI_BASE} \ diff --git a/poky/meta/recipes-extended/libarchive/libarchive_3.6.2.bb b/poky/meta/recipes-extended/libarchive/libarchive_3.6.2.bb index aafede3da8..6e0bc426f5 100644 --- a/poky/meta/recipes-extended/libarchive/libarchive_3.6.2.bb +++ b/poky/meta/recipes-extended/libarchive/libarchive_3.6.2.bb @@ -33,6 +33,9 @@ UPSTREAM_CHECK_URI = "http://libarchive.org/" SRC_URI[sha256sum] = "ba6d02f15ba04aba9c23fd5f236bb234eab9d5209e95d1c4df85c44d5f19b9b3" +# upstream-wontfix: upstream has documented that reported function is not thread-safe +CVE_CHECK_IGNORE += "CVE-2023-30571" + inherit autotools update-alternatives pkgconfig CPPFLAGS += "-I${WORKDIR}/extra-includes" diff --git a/poky/meta/recipes-extended/libnss-nis/libnss-nis.bb b/poky/meta/recipes-extended/libnss-nis/libnss-nis.bb index d0afb3ca0a..f0e687c330 100644 --- a/poky/meta/recipes-extended/libnss-nis/libnss-nis.bb +++ b/poky/meta/recipes-extended/libnss-nis/libnss-nis.bb @@ -13,9 +13,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" SECTION = "libs" DEPENDS += "libtirpc libnsl2" -PV = "3.1+git${SRCPV}" +PV = "3.2" -SRCREV = "062f31999b35393abf7595cb89dfc9590d5a42ad" +SRCREV = "cd0d391af9535b56e612ed227c1b89be269f3d59" SRC_URI = "git://github.com/thkukuk/libnss_nis;branch=master;protocol=https \ " diff --git a/poky/meta/recipes-extended/logrotate/logrotate_3.21.0.bb b/poky/meta/recipes-extended/logrotate/logrotate_3.21.0.bb index 4e4ea10628..44d86a8f8d 100644 --- a/poky/meta/recipes-extended/logrotate/logrotate_3.21.0.bb +++ b/poky/meta/recipes-extended/logrotate/logrotate_3.21.0.bb @@ -64,7 +64,6 @@ do_install(){ install -p -m 644 ${S}/examples/logrotate.conf ${D}${sysconfdir}/logrotate.conf install -p -m 644 ${S}/examples/btmp ${D}${sysconfdir}/logrotate.d/btmp install -p -m 644 ${S}/examples/wtmp ${D}${sysconfdir}/logrotate.d/wtmp - touch ${D}${localstatedir}/lib/logrotate.status if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -d ${D}${systemd_system_unitdir} diff --git a/poky/meta/recipes-extended/ltp/ltp_20230127.bb b/poky/meta/recipes-extended/ltp/ltp_20230127.bb index 4325aa6672..79c64ca579 100644 --- a/poky/meta/recipes-extended/ltp/ltp_20230127.bb +++ b/poky/meta/recipes-extended/ltp/ltp_20230127.bb @@ -92,6 +92,7 @@ RDEPENDS:${PN} = "\ e2fsprogs-mke2fs \ expect \ file \ + findutils \ gawk \ gdb \ gzip \ @@ -110,6 +111,8 @@ RDEPENDS:${PN} = "\ tar \ " +RRECOMMENDS:${PN} += "kernel-module-loop" + FILES:${PN} += "${prefix}/* ${prefix}/runtest/* ${prefix}/scenario_groups/* ${prefix}/testcases/bin/* ${prefix}/testcases/bin/*/bin/* ${prefix}/testscripts/* ${prefix}/testcases/open_posix_testsuite/* ${prefix}/testcases/open_posix_testsuite/conformance/* ${prefix}/testcases/open_posix_testsuite/Documentation/* ${prefix}/testcases/open_posix_testsuite/functional/* ${prefix}/testcases/open_posix_testsuite/include/* ${prefix}/testcases/open_posix_testsuite/scripts/* ${prefix}/testcases/open_posix_testsuite/stress/* ${prefix}/testcases/open_posix_testsuite/tools/* ${prefix}/testcases/data/nm01/lib.a ${prefix}/lib/libmem.a" # Avoid stripping some generated binaries otherwise some of the ltp tests such as ldd01 & nm01 fail diff --git a/poky/meta/recipes-extended/mdadm/files/0001-DDF-Cleanup-validate_geometry_ddf_container.patch b/poky/meta/recipes-extended/mdadm/files/0001-DDF-Cleanup-validate_geometry_ddf_container.patch new file mode 100644 index 0000000000..cea435f83b --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-DDF-Cleanup-validate_geometry_ddf_container.patch @@ -0,0 +1,148 @@ +From ca458f4dcc4de9403298f67543466ce4bbc8f8ae Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:07 -0600 +Subject: [PATCH 1/4] DDF: Cleanup validate_geometry_ddf_container() + +Move the function up so that the function declaration is not necessary +and remove the unused arguments to the function. + +No functional changes are intended but will help with a bug fix in the +next patch. + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=679bd9508a30 + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + super-ddf.c | 88 ++++++++++++++++++++++++----------------------------- + 1 file changed, 39 insertions(+), 49 deletions(-) + +diff --git a/super-ddf.c b/super-ddf.c +index 3f304cd..65cf727 100644 +--- a/super-ddf.c ++++ b/super-ddf.c +@@ -503,13 +503,6 @@ struct ddf_super { + static int load_super_ddf_all(struct supertype *st, int fd, + void **sbp, char *devname); + static int get_svd_state(const struct ddf_super *, const struct vcl *); +-static int +-validate_geometry_ddf_container(struct supertype *st, +- int level, int layout, int raiddisks, +- int chunk, unsigned long long size, +- unsigned long long data_offset, +- char *dev, unsigned long long *freesize, +- int verbose); + + static int validate_geometry_ddf_bvd(struct supertype *st, + int level, int layout, int raiddisks, +@@ -3322,6 +3315,42 @@ static int reserve_space(struct supertype *st, int raiddisks, + return 1; + } + ++static int ++validate_geometry_ddf_container(struct supertype *st, ++ int level, int raiddisks, ++ unsigned long long data_offset, ++ char *dev, unsigned long long *freesize, ++ int verbose) ++{ ++ int fd; ++ unsigned long long ldsize; ++ ++ if (level != LEVEL_CONTAINER) ++ return 0; ++ if (!dev) ++ return 1; ++ ++ fd = dev_open(dev, O_RDONLY|O_EXCL); ++ if (fd < 0) { ++ if (verbose) ++ pr_err("ddf: Cannot open %s: %s\n", ++ dev, strerror(errno)); ++ return 0; ++ } ++ if (!get_dev_size(fd, dev, &ldsize)) { ++ close(fd); ++ return 0; ++ } ++ close(fd); ++ if (freesize) { ++ *freesize = avail_size_ddf(st, ldsize >> 9, INVALID_SECTORS); ++ if (*freesize == 0) ++ return 0; ++ } ++ ++ return 1; ++} ++ + static int validate_geometry_ddf(struct supertype *st, + int level, int layout, int raiddisks, + int *chunk, unsigned long long size, +@@ -3347,11 +3376,9 @@ static int validate_geometry_ddf(struct supertype *st, + level = LEVEL_CONTAINER; + if (level == LEVEL_CONTAINER) { + /* Must be a fresh device to add to a container */ +- return validate_geometry_ddf_container(st, level, layout, +- raiddisks, *chunk, +- size, data_offset, dev, +- freesize, +- verbose); ++ return validate_geometry_ddf_container(st, level, raiddisks, ++ data_offset, dev, ++ freesize, verbose); + } + + if (!dev) { +@@ -3449,43 +3476,6 @@ static int validate_geometry_ddf(struct supertype *st, + return 1; + } + +-static int +-validate_geometry_ddf_container(struct supertype *st, +- int level, int layout, int raiddisks, +- int chunk, unsigned long long size, +- unsigned long long data_offset, +- char *dev, unsigned long long *freesize, +- int verbose) +-{ +- int fd; +- unsigned long long ldsize; +- +- if (level != LEVEL_CONTAINER) +- return 0; +- if (!dev) +- return 1; +- +- fd = dev_open(dev, O_RDONLY|O_EXCL); +- if (fd < 0) { +- if (verbose) +- pr_err("ddf: Cannot open %s: %s\n", +- dev, strerror(errno)); +- return 0; +- } +- if (!get_dev_size(fd, dev, &ldsize)) { +- close(fd); +- return 0; +- } +- close(fd); +- if (freesize) { +- *freesize = avail_size_ddf(st, ldsize >> 9, INVALID_SECTORS); +- if (*freesize == 0) +- return 0; +- } +- +- return 1; +-} +- + static int validate_geometry_ddf_bvd(struct supertype *st, + int level, int layout, int raiddisks, + int *chunk, unsigned long long size, +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch b/poky/meta/recipes-extended/mdadm/files/0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch new file mode 100644 index 0000000000..5a6bf9e4bd --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch @@ -0,0 +1,39 @@ +From ee594b1a12833c06102de888248a361bc49cea09 Mon Sep 17 00:00:00 2001 +From: Ovidiu Panait <ovidiu.panait@windriver.com> +Date: Fri, 18 Aug 2023 12:20:40 +0300 +Subject: [PATCH] tests: add .broken files for 04update-uuid and + 07revert-inplace + +04update-uuid and 07revert-inplace tests are unreliable and fail intermittently +on the autobuilder. Unfortunately, the failures cannot be reproduced locally +and the logs cannot be retrieved from the AB. + +Mark the testcases as BROKEN to skip them when running ptest. + +Upstream-Status: Inappropriate + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + tests/04update-uuid.broken | 1 + + tests/07revert-inplace.broken | 1 + + 2 files changed, 2 insertions(+) + create mode 100644 tests/04update-uuid.broken + create mode 100644 tests/07revert-inplace.broken + +diff --git a/tests/04update-uuid.broken b/tests/04update-uuid.broken +new file mode 100644 +index 0000000..197b35b +--- /dev/null ++++ b/tests/04update-uuid.broken +@@ -0,0 +1 @@ ++fails infrequently +diff --git a/tests/07revert-inplace.broken b/tests/07revert-inplace.broken +new file mode 100644 +index 0000000..197b35b +--- /dev/null ++++ b/tests/07revert-inplace.broken +@@ -0,0 +1 @@ ++fails infrequently +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch b/poky/meta/recipes-extended/mdadm/files/0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch new file mode 100644 index 0000000000..fafe88b49c --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch @@ -0,0 +1,56 @@ +From 14f110f0286d38e29ef5e51d7f72e049c2f18323 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:08 -0600 +Subject: [PATCH 2/4] DDF: Fix NULL pointer dereference in + validate_geometry_ddf() + +A relatively recent patch added a call to validate_geometry() in +Manage_add() that has level=LEVEL_CONTAINER and chunk=NULL. + +This causes some ddf tests to segfault which aborts the test suite. + +To fix this, avoid dereferencing chunk when the level is +LEVEL_CONTAINER or LEVEL_NONE. + +Fixes: 1f5d54a06df0 ("Manage: Call validate_geometry when adding drive to external container") +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=2b93288a5650 + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + super-ddf.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/super-ddf.c b/super-ddf.c +index 65cf727..3ef1293 100644 +--- a/super-ddf.c ++++ b/super-ddf.c +@@ -3369,9 +3369,6 @@ static int validate_geometry_ddf(struct supertype *st, + * If given BVDs, we make an SVD, changing all the GUIDs in the process. + */ + +- if (*chunk == UnSet) +- *chunk = DEFAULT_CHUNK; +- + if (level == LEVEL_NONE) + level = LEVEL_CONTAINER; + if (level == LEVEL_CONTAINER) { +@@ -3381,6 +3378,9 @@ static int validate_geometry_ddf(struct supertype *st, + freesize, verbose); + } + ++ if (*chunk == UnSet) ++ *chunk = DEFAULT_CHUNK; ++ + if (!dev) { + mdu_array_info_t array = { + .level = level, +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch b/poky/meta/recipes-extended/mdadm/files/0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch new file mode 100644 index 0000000000..a954ab027a --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch @@ -0,0 +1,91 @@ +From bd064da1469a6a07331b076a0294a8c6c3c38526 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:09 -0600 +Subject: [PATCH 3/4] mdadm/Grow: Fix use after close bug by closing after fork + +The test 07reshape-grow fails most of the time. But it succeeds around +1 in 5 times. When it does succeed, it causes the tests to die because +mdadm has segfaulted. + +The segfault was caused by mdadm attempting to repoen a file +descriptor that was already closed. The backtrace of the segfault +was: + + #0 __strncmp_avx2 () at ../sysdeps/x86_64/multiarch/strcmp-avx2.S:101 + #1 0x000056146e31d44b in devnm2devid (devnm=0x0) at util.c:956 + #2 0x000056146e31dab4 in open_dev_flags (devnm=0x0, flags=0) + at util.c:1072 + #3 0x000056146e31db22 in open_dev (devnm=0x0) at util.c:1079 + #4 0x000056146e3202e8 in reopen_mddev (mdfd=4) at util.c:2244 + #5 0x000056146e329f36 in start_array (mdfd=4, + mddev=0x7ffc55342450 "/dev/md0", content=0x7ffc55342860, + st=0x56146fc78660, ident=0x7ffc55342f70, best=0x56146fc6f5d0, + bestcnt=10, chosen_drive=0, devices=0x56146fc706b0, okcnt=5, + sparecnt=0, rebuilding_cnt=0, journalcnt=0, c=0x7ffc55342e90, + clean=1, avail=0x56146fc78720 "\001\001\001\001\001", + start_partial_ok=0, err_ok=0, was_forced=0) + at Assemble.c:1206 + #6 0x000056146e32c36e in Assemble (st=0x56146fc78660, + mddev=0x7ffc55342450 "/dev/md0", ident=0x7ffc55342f70, + devlist=0x56146fc6e2d0, c=0x7ffc55342e90) + at Assemble.c:1914 + #7 0x000056146e312ac9 in main (argc=11, argv=0x7ffc55343238) + at mdadm.c:1510 + +The file descriptor was closed early in Grow_continue(). The noted commit +moved the close() call to close the fd above the fork which caused the +parent process to return with a closed fd. + +This meant reshape_array() and Grow_continue() would return in the parent +with the fd forked. The fd would eventually be passed to reopen_mddev() +which returned an unhandled NULL from fd2devnm() which would then be +dereferenced in devnm2devid. + +Fix this by moving the close() call below the fork. This appears to +fix the 07revert-grow test. While we're at it, switch to using +close_fd() to invalidate the file descriptor. + +Fixes: 77b72fa82813 ("mdadm/Grow: prevent md's fd from being occupied during delayed time") +Cc: Alex Wu <alexwu@synology.com> +Cc: BingJing Chang <bingjingc@synology.com> +Cc: Danny Shih <dannyshih@synology.com> +Cc: ChangSyun Peng <allenpeng@synology.com> +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=548e9b916f86 + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + Grow.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/Grow.c b/Grow.c +index 9c6fc95..a8e4e83 100644 +--- a/Grow.c ++++ b/Grow.c +@@ -3501,7 +3501,6 @@ started: + return 0; + } + +- close(fd); + /* Now we just need to kick off the reshape and watch, while + * handling backups of the data... + * This is all done by a forked background process. +@@ -3522,6 +3521,9 @@ started: + break; + } + ++ /* Close unused file descriptor in the forked process */ ++ close_fd(&fd); ++ + /* If another array on the same devices is busy, the + * reshape will wait for them. This would mean that + * the first section that we suspend will stay suspended +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch b/poky/meta/recipes-extended/mdadm/files/0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch new file mode 100644 index 0000000000..72cb40f782 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch @@ -0,0 +1,42 @@ +From 2296a4a441b4b8546e2eb32403930f1bb8f3ee4a Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:10 -0600 +Subject: [PATCH 4/4] monitor: Avoid segfault when calling NULL get_bad_blocks + +Not all struct superswitch implement a get_bad_blocks() function, +yet mdmon seems to call it without checking for NULL and thus +occasionally segfaults in the test 10ddf-geometry. + +Fix this by checking for NULL before calling it. + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=9ae62977b51d + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + monitor.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/monitor.c b/monitor.c +index afc3e50..8e43c0d 100644 +--- a/monitor.c ++++ b/monitor.c +@@ -312,6 +312,9 @@ static int check_for_cleared_bb(struct active_array *a, struct mdinfo *mdi) + struct md_bb *bb; + int i; + ++ if (!ss->get_bad_blocks) ++ return -1; ++ + /* + * Get a list of bad blocks for an array, then read list of + * acknowledged bad blocks from kernel and compare it against metadata +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch b/poky/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch new file mode 100644 index 0000000000..c55bfb125b --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch @@ -0,0 +1,128 @@ +From feab1f72fcf032a4d21d0a69eb61b23a5ddb3352 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:18 -0600 +Subject: [PATCH 5/6] mdadm/test: Mark and ignore broken test failures + +Add functionality to continue if a test marked as broken fails. + +To mark a test as broken, a file with the same name but with the suffix +'.broken' should exist. The first line in the file will be printed with +a KNOWN BROKEN message; the rest of the file can describe the how the +test is broken. + +Also adds --skip-broken and --skip-always-broken to skip all the tests +that have a .broken file or to skip all tests whose .broken file's first +line contains the keyword always. + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=28520bf114b3 + +[OP: adjusted context for mdadm-4.2] +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + test | 37 +++++++++++++++++++++++++++++++++++-- + 1 file changed, 35 insertions(+), 2 deletions(-) + +diff --git a/test b/test +index 8f189d9..ee8fba1 100755 +--- a/test ++++ b/test +@@ -10,6 +10,8 @@ devlist= + + savelogs=0 + exitonerror=1 ++ctrl_c_error=0 ++skipbroken=0 + prefix='[0-9][0-9]' + + # use loop devices by default if doesn't specify --dev +@@ -35,6 +37,7 @@ die() { + + ctrl_c() { + exitonerror=1 ++ ctrl_c_error=1 + } + + # mdadm always adds --quiet, and we want to see any unexpected messages +@@ -79,8 +82,21 @@ mdadm() { + do_test() { + _script=$1 + _basename=`basename $_script` ++ _broken=0 ++ + if [ -f "$_script" ] + then ++ if [ -f "${_script}.broken" ]; then ++ _broken=1 ++ _broken_msg=$(head -n1 "${_script}.broken" | tr -d '\n') ++ if [ "$skipbroken" == "all" ]; then ++ return ++ elif [ "$skipbroken" == "always" ] && ++ [[ "$_broken_msg" == *always* ]]; then ++ return ++ fi ++ fi ++ + rm -f $targetdir/stderr + # this might have been reset: restore the default. + echo 2000 > /proc/sys/dev/raid/speed_limit_max +@@ -97,10 +113,15 @@ do_test() { + else + save_log fail + _fail=1 ++ if [ "$_broken" == "1" ]; then ++ echo " (KNOWN BROKEN TEST: $_broken_msg)" ++ fi + fi + [ "$savelogs" == "1" ] && + mv -f $targetdir/log $logdir/$_basename.log +- [ "$_fail" == "1" -a "$exitonerror" == "1" ] && exit 1 ++ [ "$ctrl_c_error" == "1" ] && exit 1 ++ [ "$_fail" == "1" -a "$exitonerror" == "1" \ ++ -a "$_broken" == "0" ] && exit 1 + fi + } + +@@ -117,6 +138,8 @@ do_help() { + --logdir=directory Directory to save all logfiles in + --save-logs Usually use with --logdir together + --keep-going | --no-error Don't stop on error, ie. run all tests ++ --skip-broken Skip tests that are known to be broken ++ --skip-always-broken Skip tests that are known to always fail + --dev=loop|lvm|ram|disk Use loop devices (default), LVM, RAM or disk + --disks= Provide a bunch of physical devices for test + --volgroup=name LVM volume group for LVM test +@@ -211,6 +234,12 @@ parse_args() { + --keep-going | --no-error ) + exitonerror=0 + ;; ++ --skip-broken ) ++ skipbroken=all ++ ;; ++ --skip-always-broken ) ++ skipbroken=always ++ ;; + --disable-multipath ) + unset MULTIPATH + ;; +@@ -275,7 +304,11 @@ main() { + if [ $script == "$testdir/11spare-migration" ];then + continue + fi +- do_test $script ++ case $script in ++ *.broken) ;; ++ *) ++ do_test $script ++ esac + done + fi + +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/0006-tests-Add-broken-files-for-all-broken-tests.patch b/poky/meta/recipes-extended/mdadm/files/0006-tests-Add-broken-files-for-all-broken-tests.patch new file mode 100644 index 0000000000..115b23bac5 --- /dev/null +++ b/poky/meta/recipes-extended/mdadm/files/0006-tests-Add-broken-files-for-all-broken-tests.patch @@ -0,0 +1,454 @@ +From fd1c26ba129b069d9f73afaefdbe53683de3814a Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe <logang@deltatee.com> +Date: Wed, 22 Jun 2022 14:25:19 -0600 +Subject: [PATCH 6/6] tests: Add broken files for all broken tests + +Each broken file contains the rough frequency of brokeness as well +as a brief explanation of what happens when it breaks. Estimates +of failure rates are not statistically significant and can vary +run to run. + +This is really just a view from my window. Tests were done on a +small VM with the default loop devices, not real hardware. We've +seen different kernel configurations can cause bugs to appear as well +(ie. different block schedulers). It may also be that different race +conditions will be seen on machines with different performance +characteristics. + +These annotations were done with the kernel currently in md/md-next: + + facef3b96c5b ("md: Notify sysfs sync_completed in md_reap_sync_thread()") + +Signed-off-by: Logan Gunthorpe <logang@deltatee.com> +Signed-off-by: Jes Sorensen <jes@trained-monkey.org> + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=daa86d663476 + +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +--- + tests/01r5integ.broken | 7 ++++ + tests/01raid6integ.broken | 7 ++++ + tests/04r5swap.broken | 7 ++++ + tests/07autoassemble.broken | 8 ++++ + tests/07autodetect.broken | 5 +++ + tests/07changelevelintr.broken | 9 +++++ + tests/07changelevels.broken | 9 +++++ + tests/07reshape5intr.broken | 45 ++++++++++++++++++++++ + tests/07revert-grow.broken | 31 +++++++++++++++ + tests/07revert-shrink.broken | 9 +++++ + tests/07testreshape5.broken | 12 ++++++ + tests/09imsm-assemble.broken | 6 +++ + tests/09imsm-create-fail-rebuild.broken | 5 +++ + tests/09imsm-overlap.broken | 7 ++++ + tests/10ddf-assemble-missing.broken | 6 +++ + tests/10ddf-fail-create-race.broken | 7 ++++ + tests/10ddf-fail-two-spares.broken | 5 +++ + tests/10ddf-incremental-wrong-order.broken | 9 +++++ + tests/14imsm-r1_2d-grow-r1_3d.broken | 5 +++ + tests/14imsm-r1_2d-takeover-r0_2d.broken | 6 +++ + tests/18imsm-r10_4d-takeover-r0_2d.broken | 5 +++ + tests/18imsm-r1_2d-takeover-r0_1d.broken | 6 +++ + tests/19raid6auto-repair.broken | 5 +++ + tests/19raid6repair.broken | 5 +++ + 24 files changed, 226 insertions(+) + create mode 100644 tests/01r5integ.broken + create mode 100644 tests/01raid6integ.broken + create mode 100644 tests/04r5swap.broken + create mode 100644 tests/07autoassemble.broken + create mode 100644 tests/07autodetect.broken + create mode 100644 tests/07changelevelintr.broken + create mode 100644 tests/07changelevels.broken + create mode 100644 tests/07reshape5intr.broken + create mode 100644 tests/07revert-grow.broken + create mode 100644 tests/07revert-shrink.broken + create mode 100644 tests/07testreshape5.broken + create mode 100644 tests/09imsm-assemble.broken + create mode 100644 tests/09imsm-create-fail-rebuild.broken + create mode 100644 tests/09imsm-overlap.broken + create mode 100644 tests/10ddf-assemble-missing.broken + create mode 100644 tests/10ddf-fail-create-race.broken + create mode 100644 tests/10ddf-fail-two-spares.broken + create mode 100644 tests/10ddf-incremental-wrong-order.broken + create mode 100644 tests/14imsm-r1_2d-grow-r1_3d.broken + create mode 100644 tests/14imsm-r1_2d-takeover-r0_2d.broken + create mode 100644 tests/18imsm-r10_4d-takeover-r0_2d.broken + create mode 100644 tests/18imsm-r1_2d-takeover-r0_1d.broken + create mode 100644 tests/19raid6auto-repair.broken + create mode 100644 tests/19raid6repair.broken + +diff --git a/tests/01r5integ.broken b/tests/01r5integ.broken +new file mode 100644 +index 0000000..2073763 +--- /dev/null ++++ b/tests/01r5integ.broken +@@ -0,0 +1,7 @@ ++fails rarely ++ ++Fails about 1 in every 30 runs with a sha mismatch error: ++ ++ c49ab26e1b01def7874af9b8a6d6d0c29fdfafe6 /dev/md0 does not match ++ 15dc2f73262f811ada53c65e505ceec9cf025cb9 /dev/md0 with /dev/loop3 ++ missing +diff --git a/tests/01raid6integ.broken b/tests/01raid6integ.broken +new file mode 100644 +index 0000000..1df735f +--- /dev/null ++++ b/tests/01raid6integ.broken +@@ -0,0 +1,7 @@ ++fails infrequently ++ ++Fails about 1 in 5 with a sha mismatch: ++ ++ 8286c2bc045ae2cfe9f8b7ae3a898fa25db6926f /dev/md0 does not match ++ a083a0738b58caab37fd568b91b177035ded37df /dev/md0 with /dev/loop2 and ++ /dev/loop3 missing +diff --git a/tests/04r5swap.broken b/tests/04r5swap.broken +new file mode 100644 +index 0000000..e38987d +--- /dev/null ++++ b/tests/04r5swap.broken +@@ -0,0 +1,7 @@ ++always fails ++ ++Fails with errors: ++ ++ mdadm: /dev/loop0 has no superblock - assembly aborted ++ ++ ERROR: no recovery happening +diff --git a/tests/07autoassemble.broken b/tests/07autoassemble.broken +new file mode 100644 +index 0000000..8be0940 +--- /dev/null ++++ b/tests/07autoassemble.broken +@@ -0,0 +1,8 @@ ++always fails ++ ++Prints lots of messages, but the array doesn't assemble. Error ++possibly related to: ++ ++ mdadm: /dev/md/1 is busy - skipping ++ mdadm: no recogniseable superblock on /dev/md/testing:0 ++ mdadm: /dev/md/2 is busy - skipping +diff --git a/tests/07autodetect.broken b/tests/07autodetect.broken +new file mode 100644 +index 0000000..294954a +--- /dev/null ++++ b/tests/07autodetect.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with error: ++ ++ ERROR: no resync happening +diff --git a/tests/07changelevelintr.broken b/tests/07changelevelintr.broken +new file mode 100644 +index 0000000..284b490 +--- /dev/null ++++ b/tests/07changelevelintr.broken +@@ -0,0 +1,9 @@ ++always fails ++ ++Fails with errors: ++ ++ mdadm: this change will reduce the size of the array. ++ use --grow --array-size first to truncate array. ++ e.g. mdadm --grow /dev/md0 --array-size 56832 ++ ++ ERROR: no reshape happening +diff --git a/tests/07changelevels.broken b/tests/07changelevels.broken +new file mode 100644 +index 0000000..9b930d9 +--- /dev/null ++++ b/tests/07changelevels.broken +@@ -0,0 +1,9 @@ ++always fails ++ ++Fails with errors: ++ ++ mdadm: /dev/loop0 is smaller than given size. 18976K < 19968K + metadata ++ mdadm: /dev/loop1 is smaller than given size. 18976K < 19968K + metadata ++ mdadm: /dev/loop2 is smaller than given size. 18976K < 19968K + metadata ++ ++ ERROR: /dev/md0 isn't a block device. +diff --git a/tests/07reshape5intr.broken b/tests/07reshape5intr.broken +new file mode 100644 +index 0000000..efe52a6 +--- /dev/null ++++ b/tests/07reshape5intr.broken +@@ -0,0 +1,45 @@ ++always fails ++ ++This patch, recently added to md-next causes the test to always fail: ++ ++7e6ba434cc60 ("md: don't unregister sync_thread with reconfig_mutex ++held") ++ ++The new error is simply: ++ ++ ERROR: no reshape happening ++ ++Before the patch, the error seen is below. ++ ++-- ++ ++fails infrequently ++ ++Fails roughly 1 in 4 runs with errors: ++ ++ mdadm: Merging with already-assembled /dev/md/0 ++ mdadm: cannot re-read metadata from /dev/loop6 - aborting ++ ++ ERROR: no reshape happening ++ ++Also have seen a random deadlock: ++ ++ INFO: task mdadm:109702 blocked for more than 30 seconds. ++ Not tainted 5.18.0-rc3-eid-vmlocalyes-dbg-00095-g3c2b5427979d #2040 ++ "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. ++ task:mdadm state:D stack: 0 pid:109702 ppid: 1 flags:0x00004000 ++ Call Trace: ++ <TASK> ++ __schedule+0x67e/0x13b0 ++ schedule+0x82/0x110 ++ mddev_suspend+0x2e1/0x330 ++ suspend_lo_store+0xbd/0x140 ++ md_attr_store+0xcb/0x130 ++ sysfs_kf_write+0x89/0xb0 ++ kernfs_fop_write_iter+0x202/0x2c0 ++ new_sync_write+0x222/0x330 ++ vfs_write+0x3bc/0x4d0 ++ ksys_write+0xd9/0x180 ++ __x64_sys_write+0x43/0x50 ++ do_syscall_64+0x3b/0x90 ++ entry_SYSCALL_64_after_hwframe+0x44/0xae +diff --git a/tests/07revert-grow.broken b/tests/07revert-grow.broken +new file mode 100644 +index 0000000..9b6db86 +--- /dev/null ++++ b/tests/07revert-grow.broken +@@ -0,0 +1,31 @@ ++always fails ++ ++This patch, recently added to md-next causes the test to always fail: ++ ++7e6ba434cc60 ("md: don't unregister sync_thread with reconfig_mutex held") ++ ++The errors are: ++ ++ mdadm: No active reshape to revert on /dev/loop0 ++ ERROR: active raid5 not found ++ ++Before the patch, the error seen is below. ++ ++-- ++ ++fails rarely ++ ++Fails about 1 in every 30 runs with errors: ++ ++ mdadm: Merging with already-assembled /dev/md/0 ++ mdadm: backup file /tmp/md-backup inaccessible: No such file or directory ++ mdadm: failed to add /dev/loop1 to /dev/md/0: Invalid argument ++ mdadm: failed to add /dev/loop2 to /dev/md/0: Invalid argument ++ mdadm: failed to add /dev/loop3 to /dev/md/0: Invalid argument ++ mdadm: failed to add /dev/loop0 to /dev/md/0: Invalid argument ++ mdadm: /dev/md/0 assembled from 1 drive - need all 5 to start it ++ (use --run to insist). ++ ++ grep: /sys/block/md*/md/sync_action: No such file or directory ++ ++ ERROR: active raid5 not found +diff --git a/tests/07revert-shrink.broken b/tests/07revert-shrink.broken +new file mode 100644 +index 0000000..c33c39e +--- /dev/null ++++ b/tests/07revert-shrink.broken +@@ -0,0 +1,9 @@ ++always fails ++ ++Fails with errors: ++ ++ mdadm: this change will reduce the size of the array. ++ use --grow --array-size first to truncate array. ++ e.g. mdadm --grow /dev/md0 --array-size 53760 ++ ++ ERROR: active raid5 not found +diff --git a/tests/07testreshape5.broken b/tests/07testreshape5.broken +new file mode 100644 +index 0000000..a8ce03e +--- /dev/null ++++ b/tests/07testreshape5.broken +@@ -0,0 +1,12 @@ ++always fails ++ ++Test seems to run 'test_stripe' at $dir directory, but $dir is never ++set. If $dir is adjusted to $PWD, the test still fails with: ++ ++ mdadm: /dev/loop2 is not suitable for this array. ++ mdadm: create aborted ++ ++ return 1 ++ ++ cmp -s -n 8192 /dev/md0 /tmp/RandFile ++ ++ echo cmp failed ++ cmp failed ++ ++ exit 2 +diff --git a/tests/09imsm-assemble.broken b/tests/09imsm-assemble.broken +new file mode 100644 +index 0000000..a6d4d5c +--- /dev/null ++++ b/tests/09imsm-assemble.broken +@@ -0,0 +1,6 @@ ++fails infrequently ++ ++Fails roughly 1 in 10 runs with errors: ++ ++ mdadm: /dev/loop2 is still in use, cannot remove. ++ /dev/loop2 removal from /dev/md/container should have succeeded +diff --git a/tests/09imsm-create-fail-rebuild.broken b/tests/09imsm-create-fail-rebuild.broken +new file mode 100644 +index 0000000..40c4b29 +--- /dev/null ++++ b/tests/09imsm-create-fail-rebuild.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with error: ++ ++ **Error**: Array size mismatch - expected 3072, actual 16384 +diff --git a/tests/09imsm-overlap.broken b/tests/09imsm-overlap.broken +new file mode 100644 +index 0000000..e7ccab7 +--- /dev/null ++++ b/tests/09imsm-overlap.broken +@@ -0,0 +1,7 @@ ++always fails ++ ++Fails with errors: ++ ++ **Error**: Offset mismatch - expected 15360, actual 0 ++ **Error**: Offset mismatch - expected 15360, actual 0 ++ /dev/md/vol3 failed check +diff --git a/tests/10ddf-assemble-missing.broken b/tests/10ddf-assemble-missing.broken +new file mode 100644 +index 0000000..bfd8d10 +--- /dev/null ++++ b/tests/10ddf-assemble-missing.broken +@@ -0,0 +1,6 @@ ++always fails ++ ++Fails with errors: ++ ++ ERROR: /dev/md/vol0 has unexpected state on /dev/loop10 ++ ERROR: unexpected number of online disks on /dev/loop10 +diff --git a/tests/10ddf-fail-create-race.broken b/tests/10ddf-fail-create-race.broken +new file mode 100644 +index 0000000..6c0df02 +--- /dev/null ++++ b/tests/10ddf-fail-create-race.broken +@@ -0,0 +1,7 @@ ++usually fails ++ ++Fails about 9 out of 10 times with many errors: ++ ++ mdadm: cannot open MISSING: No such file or directory ++ ERROR: non-degraded array found ++ ERROR: disk 0 not marked as failed in meta data +diff --git a/tests/10ddf-fail-two-spares.broken b/tests/10ddf-fail-two-spares.broken +new file mode 100644 +index 0000000..eeea56d +--- /dev/null ++++ b/tests/10ddf-fail-two-spares.broken +@@ -0,0 +1,5 @@ ++fails infrequently ++ ++Fails roughly 1 in 3 with error: ++ ++ ERROR: /dev/md/vol1 should be optimal in meta data +diff --git a/tests/10ddf-incremental-wrong-order.broken b/tests/10ddf-incremental-wrong-order.broken +new file mode 100644 +index 0000000..a5af3ba +--- /dev/null ++++ b/tests/10ddf-incremental-wrong-order.broken +@@ -0,0 +1,9 @@ ++always fails ++ ++Fails with errors: ++ ERROR: sha1sum of /dev/md/vol0 has changed ++ ERROR: /dev/md/vol0 has unexpected state on /dev/loop10 ++ ERROR: unexpected number of online disks on /dev/loop10 ++ ERROR: /dev/md/vol0 has unexpected state on /dev/loop8 ++ ERROR: unexpected number of online disks on /dev/loop8 ++ ERROR: sha1sum of /dev/md/vol0 has changed +diff --git a/tests/14imsm-r1_2d-grow-r1_3d.broken b/tests/14imsm-r1_2d-grow-r1_3d.broken +new file mode 100644 +index 0000000..4ef1d40 +--- /dev/null ++++ b/tests/14imsm-r1_2d-grow-r1_3d.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with error: ++ ++ mdadm/tests/func.sh: line 325: dvsize/chunk: division by 0 (error token is "chunk") +diff --git a/tests/14imsm-r1_2d-takeover-r0_2d.broken b/tests/14imsm-r1_2d-takeover-r0_2d.broken +new file mode 100644 +index 0000000..89cd4e5 +--- /dev/null ++++ b/tests/14imsm-r1_2d-takeover-r0_2d.broken +@@ -0,0 +1,6 @@ ++always fails ++ ++Fails with error: ++ ++ tests/func.sh: line 325: dvsize/chunk: division by 0 (error token ++ is "chunk") +diff --git a/tests/18imsm-r10_4d-takeover-r0_2d.broken b/tests/18imsm-r10_4d-takeover-r0_2d.broken +new file mode 100644 +index 0000000..a27399f +--- /dev/null ++++ b/tests/18imsm-r10_4d-takeover-r0_2d.broken +@@ -0,0 +1,5 @@ ++fails rarely ++ ++Fails about 1 run in 100 with message: ++ ++ ERROR: size is wrong for /dev/md/vol0: 2 * 5120 (chunk=128) = 20480, not 0 +diff --git a/tests/18imsm-r1_2d-takeover-r0_1d.broken b/tests/18imsm-r1_2d-takeover-r0_1d.broken +new file mode 100644 +index 0000000..aa1982e +--- /dev/null ++++ b/tests/18imsm-r1_2d-takeover-r0_1d.broken +@@ -0,0 +1,6 @@ ++always fails ++ ++Fails with error: ++ ++ tests/func.sh: line 325: dvsize/chunk: division by 0 (error token ++ is "chunk") +diff --git a/tests/19raid6auto-repair.broken b/tests/19raid6auto-repair.broken +new file mode 100644 +index 0000000..e91a142 +--- /dev/null ++++ b/tests/19raid6auto-repair.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with: ++ ++ "should detect errors" +diff --git a/tests/19raid6repair.broken b/tests/19raid6repair.broken +new file mode 100644 +index 0000000..e91a142 +--- /dev/null ++++ b/tests/19raid6repair.broken +@@ -0,0 +1,5 @@ ++always fails ++ ++Fails with: ++ ++ "should detect errors" +-- +2.39.1 + diff --git a/poky/meta/recipes-extended/mdadm/files/run-ptest b/poky/meta/recipes-extended/mdadm/files/run-ptest index fae8071d43..2380c322a9 100644 --- a/poky/meta/recipes-extended/mdadm/files/run-ptest +++ b/poky/meta/recipes-extended/mdadm/files/run-ptest @@ -2,6 +2,6 @@ mkdir -p /mdadm-testing-dir # make the test continue to execute even one fail -dir=. ./test --keep-going --disable-integrity +dir=. ./test --keep-going --disable-integrity --skip-broken rm -rf /mdadm-testing-dir/* diff --git a/poky/meta/recipes-extended/mdadm/mdadm_4.2.bb b/poky/meta/recipes-extended/mdadm/mdadm_4.2.bb index 14de9d88c2..c367b633a3 100644 --- a/poky/meta/recipes-extended/mdadm/mdadm_4.2.bb +++ b/poky/meta/recipes-extended/mdadm/mdadm_4.2.bb @@ -32,6 +32,13 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/raid/mdadm/${BPN}-${PV}.tar.xz \ file://0001-tests-fix-raid0-tests-for-0.90-metadata.patch \ file://0001-tests-00readonly-Run-udevadm-settle-before-setting-r.patch \ file://0001-tests-04update-metadata-avoid-passing-chunk-size-to.patch \ + file://0001-DDF-Cleanup-validate_geometry_ddf_container.patch \ + file://0002-DDF-Fix-NULL-pointer-dereference-in-validate_geometr.patch \ + file://0003-mdadm-Grow-Fix-use-after-close-bug-by-closing-after-.patch \ + file://0004-monitor-Avoid-segfault-when-calling-NULL-get_bad_blo.patch \ + file://0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch \ + file://0006-tests-Add-broken-files-for-all-broken-tests.patch \ + file://0001-tests-add-.broken-files-for-04update-uuid-and-07reve.patch \ " SRC_URI[sha256sum] = "461c215670864bb74a4d1a3620684aa2b2f8296dffa06743f26dda5557acf01d" @@ -101,10 +108,16 @@ do_install_ptest() { } RDEPENDS:${PN} += "bash" -RDEPENDS:${PN}-ptest += "bash e2fsprogs-mke2fs" +RDEPENDS:${PN}-ptest += " \ + bash \ + e2fsprogs-mke2fs \ + util-linux-lsblk \ + util-linux-losetup \ + util-linux-blockdev \ + strace \ +" RRECOMMENDS:${PN}-ptest += " \ coreutils \ - util-linux \ kernel-module-loop \ kernel-module-linear \ kernel-module-raid0 \ diff --git a/poky/meta/recipes-extended/minicom/minicom/0001-Drop-superfluous-global-variable-definitions.patch b/poky/meta/recipes-extended/minicom/minicom/0001-Drop-superfluous-global-variable-definitions.patch deleted file mode 100644 index 01b23898e7..0000000000 --- a/poky/meta/recipes-extended/minicom/minicom/0001-Drop-superfluous-global-variable-definitions.patch +++ /dev/null @@ -1,35 +0,0 @@ -From b65152ebc03832972115e6d98e50cb6190d01793 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com> -Date: Mon, 3 Feb 2020 13:18:13 +0100 -Subject: [PATCH 1/3] Drop superfluous global variable definitions - -The file minicom.c, by including the minicom.h header, already defines -the global variables 'dial_user' and 'dial_pass'. The object file -minicom.o is always linked to dial.o. Thus the definitions in dial.c -can be dropped. - -This fixes linking with gcc 10 which uses -fno-common by default, -disallowing multiple global variable definitions. - -Upstream-Status: Backport [https://salsa.debian.org/minicom-team/minicom/-/commit/db269bba2a68fde03f5df45ac8372a8f1248ca96] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/dial.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/src/dial.c b/src/dial.c -index eada5ee..d9d481f 100644 ---- a/src/dial.c -+++ b/src/dial.c -@@ -146,8 +146,6 @@ static int newtype; - /* Access to ".dialdir" denied? */ - static int dendd = 0; - static char *tagged; --char *dial_user; --char *dial_pass; - - /* Change the baud rate. Treat all characters in the given array as if - * they were key presses within the comm parameters dialog (C-A P) and --- -2.24.1 - diff --git a/poky/meta/recipes-extended/minicom/minicom/0002-Drop-superfluous-global-variable-definitions.patch b/poky/meta/recipes-extended/minicom/minicom/0002-Drop-superfluous-global-variable-definitions.patch deleted file mode 100644 index e86b470b7e..0000000000 --- a/poky/meta/recipes-extended/minicom/minicom/0002-Drop-superfluous-global-variable-definitions.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 924bd2da3a00e030e29d82b74ef82900bd50b475 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com> -Date: Mon, 3 Feb 2020 13:18:33 +0100 -Subject: [PATCH 2/3] Drop superfluous global variable definitions - -The only place where the EXTERN macro mechanism is used to define the -global variables 'vt_outmap' and 'vt_inmap' is minicom.c (by defining -an empty EXTERN macro and including the minicom.h header). The file -vt100.c already defines these variables. The vt100.o object file is -always linked to minicom.o. Thus it is safe not to define the -variables in minicom.c and only declare them in the minicom.h header. - -This fixes linking with gcc 10 which uses -fno-common by default, -disallowing multiple global variable definitions. - -Upstream-Status: Backport [https://salsa.debian.org/minicom-team/minicom/-/commit/c69cad5b5dda85d361a3a0c1fddc65e933f26d11] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/minicom.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/minicom.h b/src/minicom.h -index 061c013..0f9693b 100644 ---- a/src/minicom.h -+++ b/src/minicom.h -@@ -141,7 +141,7 @@ EXTERN int sbcolor; /* Status Bar Background Color */ - EXTERN int st_attr; /* Status Bar attributes. */ - - /* jl 04.09.97 conversion tables */ --EXTERN unsigned char vt_outmap[256], vt_inmap[256]; -+extern unsigned char vt_outmap[256], vt_inmap[256]; - - /* MARK updated 02/17/95 - history buffer */ - EXTERN int num_hist_lines; /* History buffer size */ --- -2.24.1 - diff --git a/poky/meta/recipes-extended/minicom/minicom/0003-Drop-superfluous-global-variable-definitions.patch b/poky/meta/recipes-extended/minicom/minicom/0003-Drop-superfluous-global-variable-definitions.patch deleted file mode 100644 index 3225a0c32a..0000000000 --- a/poky/meta/recipes-extended/minicom/minicom/0003-Drop-superfluous-global-variable-definitions.patch +++ /dev/null @@ -1,42 +0,0 @@ -From a4fc603b3641d2efe31479116eb7ba66932901c7 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com> -Date: Mon, 3 Feb 2020 13:21:41 +0100 -Subject: [PATCH 3/3] Drop superfluous global variable definitions - -The only place where the EXTERN macro mechanism is used to define the -global variables 'portfd_is_socket', 'portfd_is_connected' and -'portfd_sock_addr' is minicom.c (by defining an empty EXTERN macro and -including the minicom.h header). The source file sysdep1_s.c already -defines these variables. The sysdep1_s.o object file is always linked -to minicom.o. Thus it is safe to drop the definitions from minicom.c -and only declare the variables in the minicom.h header. - -This fixes linking with gcc 10 which uses -fno-common by default, -disallowing multiple global variable definitions. - -Upstream-Status: Backport [https://salsa.debian.org/minicom-team/minicom/-/commit/c8382374c5d340aa4115d527aed76e876ee5456b] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - src/minicom.h | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/minicom.h b/src/minicom.h -index 0f9693b..1e7cb8c 100644 ---- a/src/minicom.h -+++ b/src/minicom.h -@@ -113,9 +113,9 @@ EXTERN char *dial_user; /* Our username there */ - EXTERN char *dial_pass; /* Our password */ - - #ifdef USE_SOCKET --EXTERN int portfd_is_socket; /* File descriptor is a unix socket */ --EXTERN int portfd_is_connected; /* 1 if the socket is connected */ --EXTERN struct sockaddr_un portfd_sock_addr; /* the unix socket address */ -+extern int portfd_is_socket; /* File descriptor is a unix socket */ -+extern int portfd_is_connected; /* 1 if the socket is connected */ -+extern struct sockaddr_un portfd_sock_addr; /* the unix socket address */ - #define portfd_connected ((portfd_is_socket && !portfd_is_connected) \ - ? -1 : portfd) - #else --- -2.24.1 - diff --git a/poky/meta/recipes-extended/parted/files/0001-fs-Add-libuuid-to-linker-flags-for-libparted-fs-resi.patch b/poky/meta/recipes-extended/parted/files/0001-fs-Add-libuuid-to-linker-flags-for-libparted-fs-resi.patch new file mode 100644 index 0000000000..10354f1ed9 --- /dev/null +++ b/poky/meta/recipes-extended/parted/files/0001-fs-Add-libuuid-to-linker-flags-for-libparted-fs-resi.patch @@ -0,0 +1,34 @@ +From 1fc88332f7e906294fd889287b9e84cefc7f1586 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 12 Jun 2023 10:40:07 -0700 +Subject: [PATCH] fs: Add libuuid to linker flags for libparted-fs-resize + library + +This library uses uuid_generate function which comes from libuuid and +hence it should be mentioned on linker cmdline + +fixes +| aarch64-yoe-linux-ld.lld: error: undefined reference due to --no-allow-shlib-undefined: uuid_generate +| >>> referenced by /mnt/b/yoe/master/build/tmp/work/cortexa72-cortexa53-crypto-yoe-linux/fatresize/1.1.0-r0/recipe-sysroot/usr/lib/libparted-fs-resize.so + +Upstream-Status: Submitted [https://alioth-lists.debian.net/pipermail/parted-devel/2023-June/005873.html] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + libparted/fs/Makefile.am | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/libparted/fs/Makefile.am b/libparted/fs/Makefile.am +index 2f345f3..a8970eb 100644 +--- a/libparted/fs/Makefile.am ++++ b/libparted/fs/Makefile.am +@@ -75,6 +75,7 @@ libparted_fs_resize_la_LDFLAGS = \ + EXTRA_DIST += fsresize.sym + libparted_fs_resize_la_DEPENDENCIES = $(sym_file) + ++libparted_fs_resize_la_LIBADD = $(UUID_LIBS) + libparted_fs_resize_la_SOURCES = \ + r/filesys.c \ + r/fat/bootsector.c \ +-- +2.41.0 + diff --git a/poky/meta/recipes-extended/parted/parted_3.5.bb b/poky/meta/recipes-extended/parted/parted_3.5.bb index ea2b68bbd8..ca35852eb0 100644 --- a/poky/meta/recipes-extended/parted/parted_3.5.bb +++ b/poky/meta/recipes-extended/parted/parted_3.5.bb @@ -8,6 +8,7 @@ DEPENDS = "ncurses util-linux virtual/libiconv" SRC_URI = "${GNU_MIRROR}/parted/parted-${PV}.tar.xz \ file://fix-doc-mandir.patch \ + file://0001-fs-Add-libuuid-to-linker-flags-for-libparted-fs-resi.patch \ file://run-ptest \ " diff --git a/poky/meta/recipes-extended/procps/procps/CVE-2023-4016.patch b/poky/meta/recipes-extended/procps/procps/CVE-2023-4016.patch new file mode 100644 index 0000000000..202fea91f1 --- /dev/null +++ b/poky/meta/recipes-extended/procps/procps/CVE-2023-4016.patch @@ -0,0 +1,73 @@ +From 2c933ecba3bb1d3041a5a7a53a7b4078a6003413 Mon Sep 17 00:00:00 2001 +From: Craig Small <csmall@dropbear.xyz> +Date: Thu, 10 Aug 2023 21:18:38 +1000 +Subject: [PATCH] ps: Fix possible buffer overflow in -C option + +ps allocates memory using malloc(length of arg * len of struct). +In certain strange circumstances, the arg length could be very large +and the multiplecation will overflow, allocating a small amount of +memory. + +Subsequent strncpy() will then write into unallocated memory. +The fix is to use calloc. It's slower but this is a one-time +allocation. Other malloc(x * y) calls have also been replaced +by calloc(x, y) + +References: + https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016 + https://nvd.nist.gov/vuln/detail/CVE-2023-4016 + https://gitlab.com/procps-ng/procps/-/issues/297 + https://bugs.debian.org/1042887 + +Signed-off-by: Craig Small <csmall@dropbear.xyz> + +CVE: CVE-2023-4016 +Upstream-Status: Backport [https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + NEWS | 1 + + src/ps/parser.c | 8 ++++---- + 2 files changed, 5 insertions(+), 4 deletions(-) + +diff --git a/src/ps/parser.c b/src/ps/parser.c +index 248aa741..15873dfa 100644 +--- a/src/ps/parser.c ++++ b/src/ps/parser.c +@@ -189,7 +189,6 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s + const char *err; /* error code that could or did happen */ + /*** prepare to operate ***/ + node = xmalloc(sizeof(selection_node)); +- node->u = xmalloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */ + node->n = 0; + buf = strdup(arg); + /*** sanity check and count items ***/ +@@ -210,6 +209,7 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s + } while (*++walk); + if(need_item) goto parse_error; + node->n = items; ++ node->u = xcalloc(items, sizeof(sel_union)); + /*** actually parse the list ***/ + walk = buf; + while(items--){ +@@ -1050,15 +1050,15 @@ static const char *parse_trailing_pids(void){ + thisarg = ps_argc - 1; /* we must be at the end now */ + + pidnode = xmalloc(sizeof(selection_node)); +- pidnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ ++ pidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */ + pidnode->n = 0; + + grpnode = xmalloc(sizeof(selection_node)); +- grpnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ ++ grpnode->u = xcalloc(i,sizeof(sel_union)); /* waste is insignificant */ + grpnode->n = 0; + + sidnode = xmalloc(sizeof(selection_node)); +- sidnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ ++ sidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */ + sidnode->n = 0; + + while(i--){ +-- +GitLab + diff --git a/poky/meta/recipes-extended/procps/procps_4.0.3.bb b/poky/meta/recipes-extended/procps/procps_4.0.3.bb index cc3420df4e..140e7bfd22 100644 --- a/poky/meta/recipes-extended/procps/procps_4.0.3.bb +++ b/poky/meta/recipes-extended/procps/procps_4.0.3.bb @@ -15,6 +15,7 @@ inherit autotools gettext pkgconfig update-alternatives SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \ file://sysctl.conf \ file://0001-src-w.c-use-utmp.h-only.patch \ + file://CVE-2023-4016.patch \ " SRCREV = "806eb270f217ff7e1e745c7bda2b002b5be74be4" diff --git a/poky/meta/recipes-extended/psmisc/psmisc.inc b/poky/meta/recipes-extended/psmisc/psmisc.inc index a429c2ee96..23e98d21be 100644 --- a/poky/meta/recipes-extended/psmisc/psmisc.inc +++ b/poky/meta/recipes-extended/psmisc/psmisc.inc @@ -55,3 +55,5 @@ ALTERNATIVE_PRIORITY = "90" ALTERNATIVE:killall = "killall" ALTERNATIVE:fuser = "fuser" + +ALTERNATIVE:pstree = "pstree" diff --git a/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb b/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb index 00919a3d70..20933153a3 100644 --- a/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb +++ b/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb @@ -15,13 +15,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=0daaf958d5531ab86169ec6e275e1517" SECTION = "libs" DEPENDS += "rpcsvc-proto-native" -PV = "1.4.3" +PV = "1.4.4" -SRCREV = "71e0a12c04d130a78674ac6309eefffa6ecee612" +SRCREV = "c65926005e50da02a4da3e26abc42eded36cd19d" SRC_URI = "git://github.com/thkukuk/${BPN};branch=master;protocol=https \ file://0001-Use-cross-compiled-rpcgen.patch \ - file://0001-Use-AC_SYS_LARGEFILE-macro-to-control-largefile-supp.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto/0001-Use-AC_SYS_LARGEFILE-macro-to-control-largefile-supp.patch b/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto/0001-Use-AC_SYS_LARGEFILE-macro-to-control-largefile-supp.patch deleted file mode 100644 index f07866d55a..0000000000 --- a/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto/0001-Use-AC_SYS_LARGEFILE-macro-to-control-largefile-supp.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 6820c53c3952f78185beb59f767c372fc745dcf3 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sun, 11 Dec 2022 21:42:59 -0800 -Subject: [PATCH] Use AC_SYS_LARGEFILE macro to control largefile support - -The autoconf macro AC_SYS_LARGEFILE defines _FILE_OFFSET_BITS=64 -where necessary to ensure that off_t and all interfaces using off_t -are 64bit, even on 32bit systems. - -replace stat64 by equivalent stat struct/func - -Upstream-Status: Accepted [https://github.com/thkukuk/rpcsvc-proto/pull/15] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - configure.ac | 1 + - rpcgen/rpc_main.c | 16 +++++----------- - 2 files changed, 6 insertions(+), 11 deletions(-) - -diff --git a/configure.ac b/configure.ac -index bacc2fb..a9fc730 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -8,6 +8,7 @@ AC_PREFIX_DEFAULT(/usr) - AC_SUBST(PACKAGE) - AC_SUBST(VERSION) - -+AC_SYS_LARGEFILE - AC_PROG_CC - AC_GNU_SOURCE - AM_PROG_CC_C_O -diff --git a/rpcgen/rpc_main.c b/rpcgen/rpc_main.c -index 277adc6..fd7dea9 100644 ---- a/rpcgen/rpc_main.c -+++ b/rpcgen/rpc_main.c -@@ -62,12 +62,6 @@ - #define EXTEND 1 /* alias for TRUE */ - #define DONT_EXTEND 0 /* alias for FALSE */ - --#ifdef __APPLE__ --# if __DARWIN_ONLY_64_BIT_INO_T --# define stat64 stat --# endif --#endif -- - struct commandline - { - int cflag; /* xdr C routines */ -@@ -337,9 +331,9 @@ clear_args (void) - static void - find_cpp (void) - { -- struct stat64 buf; -+ struct stat buf; - -- if (stat64 (CPP, &buf) == 0) -+ if (stat (CPP, &buf) == 0) - return; - - if (cppDefined) /* user specified cpp but it does not exist */ -@@ -1125,17 +1119,17 @@ putarg (int whereto, const char *cp) - static void - checkfiles (const char *infile, const char *outfile) - { -- struct stat64 buf; -+ struct stat buf; - - if (infile) /* infile ! = NULL */ -- if (stat64 (infile, &buf) < 0) -+ if (stat (infile, &buf) < 0) - { - perror (infile); - crash (); - } - if (outfile) - { -- if (stat64 (outfile, &buf) < 0) -+ if (stat (outfile, &buf) < 0) - return; /* file does not exist */ - else - { diff --git a/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto/0001-Use-cross-compiled-rpcgen.patch b/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto/0001-Use-cross-compiled-rpcgen.patch index 208974004b..8e459b5634 100644 --- a/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto/0001-Use-cross-compiled-rpcgen.patch +++ b/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto/0001-Use-cross-compiled-rpcgen.patch @@ -10,14 +10,11 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com> rpcsvc/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -Index: git/rpcsvc/Makefile.am -=================================================================== ---- git.orig/rpcsvc/Makefile.am -+++ git/rpcsvc/Makefile.am -@@ -12,5 +12,5 @@ nodist_rpcsvc_HEADERS = klm_prot.h nlm_p +--- a/rpcsvc/Makefile.am ++++ b/rpcsvc/Makefile.am +@@ -12,4 +12,4 @@ nodist_rpcsvc_HEADERS = klm_prot.h nlm_p nfs_prot.h rquota.h sm_inter.h - %.h: %.x + .x.h: - $(top_builddir)/rpcgen/rpcgen -h -o $@ $< + rpcgen -h -o $@ $< - diff --git a/poky/meta/recipes-extended/shadow/files/login.defs_shadow-sysroot b/poky/meta/recipes-extended/shadow/files/login.defs_shadow-sysroot index 8a68dd341a..09df77d2e7 100644 --- a/poky/meta/recipes-extended/shadow/files/login.defs_shadow-sysroot +++ b/poky/meta/recipes-extended/shadow/files/login.defs_shadow-sysroot @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: BSD-3-Clause OR Artistic-1.0 # # /etc/login.defs - Configuration control definitions for the shadow package. # diff --git a/poky/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb b/poky/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb index e05fa237a2..6580bd9166 100644 --- a/poky/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb +++ b/poky/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb @@ -3,7 +3,7 @@ HOMEPAGE = "http://github.com/shadow-maint/shadow" BUGTRACKER = "http://github.com/shadow-maint/shadow/issues" SECTION = "base utils" LICENSE = "BSD-3-Clause | Artistic-1.0" -LIC_FILES_CHKSUM = "file://login.defs_shadow-sysroot;md5=25e2f2de4dfc8f966ac5cdfce45cd7d5" +LIC_FILES_CHKSUM = "file://login.defs_shadow-sysroot;endline=1;md5=ceddfb61608e4db87012499555184aed" DEPENDS = "base-passwd" diff --git a/poky/meta/recipes-extended/tar/tar/CVE-2022-48303.patch b/poky/meta/recipes-extended/tar/tar/CVE-2022-48303.patch deleted file mode 100644 index b2f40f3e64..0000000000 --- a/poky/meta/recipes-extended/tar/tar/CVE-2022-48303.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 3da78400eafcccb97e2f2fd4b227ea40d794ede8 Mon Sep 17 00:00:00 2001 -From: Sergey Poznyakoff <gray@gnu.org> -Date: Sat, 11 Feb 2023 11:57:39 +0200 -Subject: Fix boundary checking in base-256 decoder - -* src/list.c (from_header): Base-256 encoding is at least 2 bytes -long. - -Upstream-Status: Backport [see reference below] -CVE: CVE-2022-48303 - -Reference to upstream patch: -https://savannah.gnu.org/bugs/?62387 -https://git.savannah.gnu.org/cgit/tar.git/patch/src/list.c?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8 - -Signed-off-by: Rodolfo Quesada Zumbado <rodolfo.zumbado@windriver.com> -Signed-off-by: Joe Slater <joe.slater@windriver.com> ---- - src/list.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-)Signed-off-by: Rodolfo Quesada Zumbado <rodolfo.zumbado@windriver.com> - - -(limited to 'src/list.c') - -diff --git a/src/list.c b/src/list.c -index 9fafc42..86bcfdd 100644 ---- a/src/list.c -+++ b/src/list.c -@@ -881,8 +881,9 @@ from_header (char const *where0, size_t digs, char const *type, - where++; - } - } -- else if (*where == '\200' /* positive base-256 */ -- || *where == '\377' /* negative base-256 */) -+ else if (where <= lim - 2 -+ && (*where == '\200' /* positive base-256 */ -+ || *where == '\377' /* negative base-256 */)) - { - /* Parse base-256 output. A nonnegative number N is - represented as (256**DIGS)/2 + N; a negative number -N is --- -cgit v1.1 - diff --git a/poky/meta/recipes-extended/tar/tar_1.34.bb b/poky/meta/recipes-extended/tar/tar_1.35.bb index 1ef5fe221e..4dbd418b60 100644 --- a/poky/meta/recipes-extended/tar/tar_1.34.bb +++ b/poky/meta/recipes-extended/tar/tar_1.35.bb @@ -4,13 +4,11 @@ or disk archive, and can restore individual files from the archive." HOMEPAGE = "http://www.gnu.org/software/tar/" SECTION = "base" LICENSE = "GPL-3.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" +LIC_FILES_CHKSUM = "file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464" -SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ - file://CVE-2022-48303.patch \ -" +SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2" -SRC_URI[sha256sum] = "b44cc67f8a1f6b0250b7c860e952b37e8ed932a90bd9b1862a511079255646ff" +SRC_URI[sha256sum] = "7edb8886a3dc69420a1446e1e2d061922b642f1cf632d2cd0f9ee7e690775985" inherit autotools gettext texinfo diff --git a/poky/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch b/poky/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch new file mode 100644 index 0000000000..2fa7f481b7 --- /dev/null +++ b/poky/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch @@ -0,0 +1,103 @@ +From 5cbf901b5c3b6a7d1d0ed91b6df4194bb6d25a40 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Thu, 15 Jun 2023 07:14:17 -0700 +Subject: [PATCH] unix/configure: fix detection for cross compilation + +We're doing cross compilation, running a cross-compiled problem +on host to detemine feature is not correct. So we change runtime +check into compile-time check to detect the features. + +Upstream-Status: Inactive-Upstream + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + unix/configure | 44 +++++++++++++++----------------------------- + 1 file changed, 15 insertions(+), 29 deletions(-) + +diff --git a/unix/configure b/unix/configure +index 8fd82dd..68dee98 100755 +--- a/unix/configure ++++ b/unix/configure +@@ -259,6 +259,10 @@ cat > conftest.c << _EOF_ + #include <sys/stat.h> + #include <unistd.h> + #include <stdio.h> ++ ++_Static_assert(sizeof(off_t) < 8, "sizeof off_t < 8 failed"); ++_Static_assert(sizeof((struct stat){0}.st_size) < 8, "sizeof st_size < 8 failed"); ++ + int main() + { + off_t offset; +@@ -278,21 +282,10 @@ _EOF_ + # compile it + $CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then +- echo -- no Large File Support ++ echo -- yes we have Large File Support! ++ CFLAGSR="${CFLAGSR} -DLARGE_FILE_SUPPORT" + else +-# run it +- ./conftest +- r=$? +- if [ $r -eq 1 ]; then +- echo -- no Large File Support - no 64-bit off_t +- elif [ $r -eq 2 ]; then +- echo -- no Large File Support - no 64-bit stat +- elif [ $r -eq 3 ]; then +- echo -- yes we have Large File Support! +- CFLAGSR="${CFLAGSR} -DLARGE_FILE_SUPPORT" +- else +- echo -- no Large File Support - conftest returned $r +- fi ++ echo -- no Large File Support + fi + + # Added 11/24/2005 EG +@@ -302,6 +295,11 @@ cat > conftest.c << _EOF_ + #include <stdlib.h> + #include <stdio.h> + #include <wchar.h> ++ ++#ifndef __STDC_ISO_10646__ ++#error "__STDC_ISO_10646__ not defined ++#endif ++ + int main() + { + size_t wsize; +@@ -327,19 +325,8 @@ if [ $? -ne 0 ]; then + echo "-- no Unicode (wchar_t) support" + else + # have wide char support +-# run it +- ./conftest +- r=$? +- if [ $r -eq 0 ]; then +- echo -- no Unicode wchar_t support - wchar_t allocation error +- elif [ $r -eq 1 ]; then +- echo -- no Unicode support - wchar_t encoding unspecified +- elif [ $r -eq 2 ]; then +- echo -- have wchar_t with known UCS encoding - enabling Unicode support! +- CFLAGSR="${CFLAGSR} -DUNICODE_SUPPORT -DUNICODE_WCHAR" +- else +- echo "-- no Unicode (wchar_t) support - conftest returned $r" +- fi ++ echo -- have wchar_t with known UCS encoding - enabling Unicode support! ++ CFLAGSR="${CFLAGSR} -DUNICODE_SUPPORT -DUNICODE_WCHAR" + fi + + echo "Check for setlocale support (needed for UNICODE Native check)" +@@ -418,8 +405,7 @@ temp_link="link_$$" + echo "int main() { lchmod(\"${temp_file}\", 0666); }" \ + ) > conftest.c + ln -s "${temp_link}" "${temp_file}" && \ +- $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null && \ +- ./conftest ++ $CC -Werror=implicit-function-declaration $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null + [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_LCHMOD" + rm -f "${temp_file}" + +-- +2.34.1 + diff --git a/poky/meta/recipes-extended/unzip/unzip_6.0.bb b/poky/meta/recipes-extended/unzip/unzip_6.0.bb index a4d10c30aa..3051e9b5bc 100644 --- a/poky/meta/recipes-extended/unzip/unzip_6.0.bb +++ b/poky/meta/recipes-extended/unzip/unzip_6.0.bb @@ -32,6 +32,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/ file://CVE-2022-0529.patch \ file://CVE-2022-0530.patch \ file://0001-configure-Add-correct-system-headers-and-prototypes-.patch \ + file://0001-unix-configure-fix-detection-for-cross-compilation.patch \ " UPSTREAM_VERSION_UNKNOWN = "1" @@ -46,9 +47,6 @@ UPSTREAM_CHECK_REGEX = "unzip(?P<pver>(?!552).+)\.tgz" S = "${WORKDIR}/unzip60" -# Enable largefile support -CFLAGS += "-DLARGE_FILE_SUPPORT" - # Makefile uses CF_NOOPT instead of CFLAGS. We lifted the values from # Makefile and add CFLAGS. Optimization will be overriden by unzip # configure to be -O3. diff --git a/poky/meta/recipes-extended/wget/wget.inc b/poky/meta/recipes-extended/wget/wget.inc index d31756dbc8..51926e7296 100644 --- a/poky/meta/recipes-extended/wget/wget.inc +++ b/poky/meta/recipes-extended/wget/wget.inc @@ -7,7 +7,7 @@ FTP sites" HOMEPAGE = "https://www.gnu.org/software/wget/" SECTION = "console/network" LICENSE = "GPL-3.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=c678957b0c8e964aa6c70fd77641a71e" +LIC_FILES_CHKSUM = "file://COPYING;md5=6f65012d1daf98cb09b386cfb68df26b" inherit autotools gettext texinfo update-alternatives pkgconfig diff --git a/poky/meta/recipes-extended/wget/wget_1.21.3.bb b/poky/meta/recipes-extended/wget/wget_1.21.4.bb index f176a1546c..1d31b0116d 100644 --- a/poky/meta/recipes-extended/wget/wget_1.21.3.bb +++ b/poky/meta/recipes-extended/wget/wget_1.21.4.bb @@ -2,6 +2,6 @@ SRC_URI = "${GNU_MIRROR}/wget/wget-${PV}.tar.gz \ file://0002-improve-reproducibility.patch \ " -SRC_URI[sha256sum] = "5726bb8bc5ca0f6dc7110f6416e4bb7019e2d2ff5bf93d1ca2ffcc6656f220e5" +SRC_URI[sha256sum] = "81542f5cefb8faacc39bbbc6c82ded80e3e4a88505ae72ea51df27525bcde04c" require wget.inc diff --git a/poky/meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch b/poky/meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch new file mode 100644 index 0000000000..106f246a7c --- /dev/null +++ b/poky/meta/recipes-extended/zip/zip-3.0/0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch @@ -0,0 +1,96 @@ +From 9916fc6f1f93f3e092e3c6937c30dc8137c26d34 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Thu, 15 Jun 2023 18:31:26 +0800 +Subject: [PATCH] unix/configure: use _Static_assert to do correct detection + +We're doing cross compilation, running a cross-compiled problem +on host to detemine feature is not correct. Use _Static_assert +to do the detection correctly. + +Upstream-Status: Inactive-Upstream + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + unix/configure | 42 ++++++++++++------------------------------ + 1 file changed, 12 insertions(+), 30 deletions(-) + +diff --git a/unix/configure b/unix/configure +index f2b3d02..f917086 100644 +--- a/unix/configure ++++ b/unix/configure +@@ -361,6 +361,10 @@ cat > conftest.c << _EOF_ + #include <sys/stat.h> + #include <unistd.h> + #include <stdio.h> ++ ++_Static_assert(sizeof((struct stat){0}.st_uid) == 2, "sizeof st_uid is not 16 bit"); ++_Static_assert(sizeof((struct stat){0}.st_gid) == 2, "sizeof st_gid is not 16 bit"); ++ + int main() + { + struct stat s; +@@ -385,21 +389,7 @@ if [ $? -ne 0 ]; then + echo -- UID/GID test failed on compile - disabling old 16-bit UID/GID support + CFLAGS="${CFLAGS} -DUIDGID_NOT_16BIT" + else +-# run it +- ./conftest +- r=$? +- if [ $r -eq 1 ]; then +- echo -- UID not 2 bytes - disabling old 16-bit UID/GID support +- CFLAGS="${CFLAGS} -DUIDGID_NOT_16BIT" +- elif [ $r -eq 2 ]; then +- echo -- GID not 2 bytes - disabling old 16-bit UID/GID support +- CFLAGS="${CFLAGS} -DUIDGID_NOT_16BIT" +- elif [ $r -eq 3 ]; then +- echo -- 16-bit UIDs and GIDs - keeping old 16-bit UID/GID support +- else +- echo -- test failed - conftest returned $r - disabling old 16-bit UID/GID support +- CFLAGS="${CFLAGS} -DUIDGID_NOT_16BIT" +- fi ++ echo -- 16-bit UIDs and GIDs - keeping old 16-bit UID/GID support + fi + + +@@ -417,6 +407,10 @@ cat > conftest.c << _EOF_ + #include <sys/stat.h> + #include <unistd.h> + #include <stdio.h> ++ ++_Static_assert(sizeof(off_t) < 8, "sizeof off_t < 8 failed"); ++_Static_assert(sizeof((struct stat){0}.st_size) < 8, "sizeof st_size < 8 failed"); ++ + int main() + { + off_t offset; +@@ -436,24 +430,12 @@ _EOF_ + # compile it + $CC -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then +- echo -- no Large File Support ++ echo -- yes we have Large File Support! ++ CFLAGS="${CFLAGS} -DLARGE_FILE_SUPPORT" + else +-# run it +- ./conftest +- r=$? +- if [ $r -eq 1 ]; then +- echo -- no Large File Support - no 64-bit off_t +- elif [ $r -eq 2 ]; then +- echo -- no Large File Support - no 64-bit stat +- elif [ $r -eq 3 ]; then +- echo -- yes we have Large File Support! +- CFLAGS="${CFLAGS} -DLARGE_FILE_SUPPORT" +- else +- echo -- no Large File Support - conftest returned $r +- fi ++ echo -- no Large File Support + fi + +- + # Check for wide char for Unicode support + # Added 11/24/2005 EG + +-- +2.34.1 + diff --git a/poky/meta/recipes-extended/zip/zip_3.0.bb b/poky/meta/recipes-extended/zip/zip_3.0.bb index 1930a40140..82153131b4 100644 --- a/poky/meta/recipes-extended/zip/zip_3.0.bb +++ b/poky/meta/recipes-extended/zip/zip_3.0.bb @@ -19,6 +19,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/Zip%203.x%20%28latest%29/3.0/zip30.tar. file://0001-configure-Use-CFLAGS-and-LDFLAGS-when-doing-link-tes.patch \ file://0001-configure-Specify-correct-function-signatures-and-de.patch \ file://0002-unix.c-Do-not-redefine-DIR-as-FILE.patch \ + file://0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch \ " UPSTREAM_VERSION_UNKNOWN = "1" @@ -31,9 +32,6 @@ CVE_CHECK_IGNORE += "CVE-2018-13410" # Not for zip but for smart contract implementation for it CVE_CHECK_IGNORE += "CVE-2018-13684" -# Enable largefile support -CFLAGS += "-DLARGE_FILE_SUPPORT" - # zip.inc sets CFLAGS, but what Makefile actually uses is # CFLAGS_NOOPT. It will also force -O3 optimization, overriding # whatever we set. diff --git a/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.74.0.bb b/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.74.0.bb index d3a7ce2fd9..15265d1dc4 100644 --- a/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.74.0.bb +++ b/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.74.0.bb @@ -27,7 +27,7 @@ GTKDOC_MESON_OPTION = "gtk_doc" MULTILIB_SCRIPTS = "${PN}:${bindir}/g-ir-annotation-tool ${PN}:${bindir}/g-ir-scanner" -DEPENDS += " libffi zlib glib-2.0 python3 flex-native bison-native autoconf-archive-native" +DEPENDS += " libffi zlib glib-2.0 python3 flex-native bison-native" # target build needs qemu to run temporary introspection binaries created # on the fly by g-ir-scanner and a native version of itself to run diff --git a/poky/meta/recipes-gnome/gtk+/gtk4_4.10.3.bb b/poky/meta/recipes-gnome/gtk+/gtk4_4.10.5.bb index 9aa33e6851..85fff6c61e 100644 --- a/poky/meta/recipes-gnome/gtk+/gtk4_4.10.3.bb +++ b/poky/meta/recipes-gnome/gtk+/gtk4_4.10.5.bb @@ -37,7 +37,7 @@ MAJ_VER = "${@oe.utils.trim_version("${PV}", 2)}" UPSTREAM_CHECK_REGEX = "gtk-(?P<pver>\d+\.(\d*[02468])+(\.\d+)+)\.tar.xz" SRC_URI = "http://ftp.gnome.org/pub/gnome/sources/gtk/${MAJ_VER}/gtk-${PV}.tar.xz" -SRC_URI[sha256sum] = "4545441ad79e377eb6e0a705026dc7a46886e46a1b034db40912909da801cea9" +SRC_URI[sha256sum] = "9bd5e437e41d48e3d6a224c336b0fd3fd490036dceb8956ed74b956369af609b" S = "${WORKDIR}/gtk-${PV}" diff --git a/poky/meta/recipes-gnome/librsvg/librsvg_2.54.5.bb b/poky/meta/recipes-gnome/librsvg/librsvg_2.54.6.bb index 59278d1b16..b917b76041 100644 --- a/poky/meta/recipes-gnome/librsvg/librsvg_2.54.5.bb +++ b/poky/meta/recipes-gnome/librsvg/librsvg_2.54.6.bb @@ -20,7 +20,7 @@ SRC_URI += "file://0001-Makefile.am-pass-rust-target-to-cargo-also-when-not-.pat file://0001-system-deps-src-lib.rs-do-not-probe-into-harcoded-li.patch \ " -SRC_URI[archive.sha256sum] = "4f03190f45324d1fa1f52a79dfcded1f64eaf49b3ae2f88eedab0c07617cae6e" +SRC_URI[archive.sha256sum] = "0ee6174140b5fc017e19a75c26e8c3324a560bf2c37f7abd3da06bd58542bb03" # librsvg is still autotools-based, but is calling cargo from its automake-driven makefiles # so we cannot use cargo class directly, but still need bits and pieces from it diff --git a/poky/meta/recipes-graphics/freetype/freetype_2.13.0.bb b/poky/meta/recipes-graphics/freetype/freetype_2.13.1.bb index 514672c0ee..5b1c520944 100644 --- a/poky/meta/recipes-graphics/freetype/freetype_2.13.0.bb +++ b/poky/meta/recipes-graphics/freetype/freetype_2.13.1.bb @@ -14,7 +14,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.TXT;md5=843b6efc16f6b1652ec97f89d5a516c0 \ " SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/${BPN}/${BP}.tar.xz" -SRC_URI[sha256sum] = "5ee23abd047636c24b2d43c6625dcafc66661d1aca64dec9e0d05df29592624c" +SRC_URI[sha256sum] = "ea67e3b019b1104d1667aa274f5dc307d8cbd606b399bc32df308a77f1a564bf" UPSTREAM_CHECK_REGEX = "freetype-(?P<pver>\d+(\.\d+)+)" diff --git a/poky/meta/recipes-graphics/graphene/files/float-div.patch b/poky/meta/recipes-graphics/graphene/files/float-div.patch new file mode 100644 index 0000000000..bf74101b1c --- /dev/null +++ b/poky/meta/recipes-graphics/graphene/files/float-div.patch @@ -0,0 +1,28 @@ +From c19d1f4a7e44e071df3a2612ae2eb20c84e831a6 Mon Sep 17 00:00:00 2001 +From: Emmanuele Bassi <ebassi@gnome.org> +Date: Thu, 10 Aug 2023 12:44:49 +0100 +Subject: [PATCH] build: Allow host builds when cross-compiling + +Environments that set up execution wrappers when cross-compiling should +be allowed to run code. We only fall back on external properties if we +really can't run any native code on the host machine. + +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/meson.build b/meson.build +index 48f22d7..7dcb9e6 100644 +--- a/meson.build ++++ b/meson.build +@@ -270,7 +270,7 @@ int main() { + return 0; + } + ''' +-if meson.is_cross_build() ++if not meson.can_run_host_binaries() + ieee754_float_div = meson.get_external_property('ieee754_float_div', cc.get_id() in ['gcc', 'clang']) + message('Cross-building, assuming IEEE 754 division:', ieee754_float_div) + else diff --git a/poky/meta/recipes-graphics/graphene/graphene_1.10.8.bb b/poky/meta/recipes-graphics/graphene/graphene_1.10.8.bb index 9f5b4d0e2d..55d8a2d74e 100644 --- a/poky/meta/recipes-graphics/graphene/graphene_1.10.8.bb +++ b/poky/meta/recipes-graphics/graphene/graphene_1.10.8.bb @@ -7,6 +7,8 @@ GNOMEBASEBUILDCLASS = "meson" inherit gnomebase gobject-introspection gtk-doc +SRC_URI += "file://float-div.patch" + SRC_URI[archive.sha256sum] = "a37bb0e78a419dcbeaa9c7027bcff52f5ec2367c25ec859da31dfde2928f279a" # Disable neon support by default on ARM-32 platforms because of the diff --git a/poky/meta/recipes-graphics/jpeg/files/CVE-2023-2804-1.patch b/poky/meta/recipes-graphics/jpeg/files/CVE-2023-2804-1.patch new file mode 100644 index 0000000000..fd8a66bca7 --- /dev/null +++ b/poky/meta/recipes-graphics/jpeg/files/CVE-2023-2804-1.patch @@ -0,0 +1,103 @@ +From 42ce199c9cfe129e5e21afd48dfe757a6acf87c4 Mon Sep 17 00:00:00 2001 +From: DRC <information@libjpeg-turbo.org> +Date: Tue, 4 Apr 2023 19:06:20 -0500 +Subject: [PATCH] Decomp: Don't enable 2-pass color quant w/ RGB565 + +The 2-pass color quantization algorithm assumes 3-sample pixels. RGB565 +is the only 3-component colorspace that doesn't have 3-sample pixels, so +we need to treat it as a special case when determining whether to enable +2-pass color quantization. Otherwise, attempting to initialize 2-pass +color quantization with an RGB565 output buffer could cause +prescan_quantize() to read from uninitialized memory and subsequently +underflow/overflow the histogram array. + +djpeg is supposed to fail gracefully if both -rgb565 and -colors are +specified, because none of its destination managers (image writers) +support color quantization with RGB565. However, prescan_quantize() was +called before that could occur. It is possible but very unlikely that +these issues could have been reproduced in applications other than +djpeg. The issues involve the use of two features (12-bit precision and +RGB565) that are incompatible, and they also involve the use of two +rarely-used legacy features (RGB565 and color quantization) that don't +make much sense when combined. + +Fixes #668 +Fixes #671 +Fixes #680 + +CVE: CVE-2023-2804 +Upstream-Status: Backport [https://github.com/libjpeg-turbo/libjpeg-turbo/commit/42ce199c9cfe129e5e21afd48dfe757a6acf87c4] + +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + ChangeLog.md | 12 ++++++++++++ + jdmaster.c | 5 +++-- + jquant2.c | 5 +++-- + 3 files changed, 18 insertions(+), 4 deletions(-) + +diff --git a/ChangeLog.md b/ChangeLog.md +index 1c1e6538a..f1bfb3d87 100644 +--- a/ChangeLog.md ++++ b/ChangeLog.md +@@ -1,3 +1,15 @@ ++2.1.6 ++===== ++ ++### Significant changes relative to 2.1.5.1: ++ ++1. Fixed an oversight in 1.4 beta1[8] that caused various segfaults and buffer ++overruns when attempting to decompress various specially-crafted malformed ++12-bit-per-component JPEG images using a 12-bit-per-component build of djpeg ++(`-DWITH_12BIT=1`) with both color quantization and RGB565 color conversion ++enabled. ++ ++ + 2.1.5.1 + ======= + +diff --git a/jdmaster.c b/jdmaster.c +index a3690bf56..a9446adfd 100644 +--- a/jdmaster.c ++++ b/jdmaster.c +@@ -5,7 +5,7 @@ + * Copyright (C) 1991-1997, Thomas G. Lane. + * Modified 2002-2009 by Guido Vollbeding. + * libjpeg-turbo Modifications: +- * Copyright (C) 2009-2011, 2016, 2019, 2022, D. R. Commander. ++ * Copyright (C) 2009-2011, 2016, 2019, 2022-2023, D. R. Commander. + * Copyright (C) 2013, Linaro Limited. + * Copyright (C) 2015, Google, Inc. + * For conditions of distribution and use, see the accompanying README.ijg +@@ -480,7 +480,8 @@ master_selection(j_decompress_ptr cinfo) + if (cinfo->raw_data_out) + ERREXIT(cinfo, JERR_NOTIMPL); + /* 2-pass quantizer only works in 3-component color space. */ +- if (cinfo->out_color_components != 3) { ++ if (cinfo->out_color_components != 3 || ++ cinfo->out_color_space == JCS_RGB565) { + cinfo->enable_1pass_quant = TRUE; + cinfo->enable_external_quant = FALSE; + cinfo->enable_2pass_quant = FALSE; +diff --git a/jquant2.c b/jquant2.c +index 44efb18ca..1c14ef763 100644 +--- a/jquant2.c ++++ b/jquant2.c +@@ -4,7 +4,7 @@ + * This file was part of the Independent JPEG Group's software: + * Copyright (C) 1991-1996, Thomas G. Lane. + * libjpeg-turbo Modifications: +- * Copyright (C) 2009, 2014-2015, 2020, D. R. Commander. ++ * Copyright (C) 2009, 2014-2015, 2020, 2023, D. R. Commander. + * For conditions of distribution and use, see the accompanying README.ijg + * file. + * +@@ -1230,7 +1230,8 @@ jinit_2pass_quantizer(j_decompress_ptr cinfo) + cquantize->error_limiter = NULL; + + /* Make sure jdmaster didn't give me a case I can't handle */ +- if (cinfo->out_color_components != 3) ++ if (cinfo->out_color_components != 3 || ++ cinfo->out_color_space == JCS_RGB565) + ERREXIT(cinfo, JERR_NOTIMPL); + + /* Allocate the histogram/inverse colormap storage */ diff --git a/poky/meta/recipes-graphics/jpeg/files/CVE-2023-2804-2.patch b/poky/meta/recipes-graphics/jpeg/files/CVE-2023-2804-2.patch new file mode 100644 index 0000000000..af955a72f6 --- /dev/null +++ b/poky/meta/recipes-graphics/jpeg/files/CVE-2023-2804-2.patch @@ -0,0 +1,75 @@ +From 2e1b8a462f7f9f9bf6cd25a8516caa8203cc4593 Mon Sep 17 00:00:00 2001 +From: DRC <information@libjpeg-turbo.org> +Date: Thu, 6 Apr 2023 18:33:41 -0500 +Subject: [PATCH] jpeg_crop_scanline: Fix calc w/sclg + 2x4,4x2 samp + +When computing the downsampled width for a particular component, +jpeg_crop_scanline() needs to take into account the fact that the +libjpeg code uses a combination of IDCT scaling and upsampling to +implement 4x2 and 2x4 upsampling with certain decompression scaling +factors. Failing to account for that led to incomplete upsampling of +4x2- or 2x4-subsampled components, which caused the color converter to +read from uninitialized memory. With 12-bit data precision, this caused +a buffer overrun or underrun and subsequent segfault if the +uninitialized memory contained a value that was outside of the valid +sample range (because the color converter uses the value as an array +index.) + +Fixes #669 + +CVE: CVE-2023-2804 +Upstream-Status: Backport [https://github.com/libjpeg-turbo/libjpeg-turbo/commit/2e1b8a462f7f9f9bf6cd25a8516caa8203cc4593] + +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + ChangeLog.md | 8 ++++++++ + jdapistd.c | 10 ++++++---- + 2 files changed, 14 insertions(+), 4 deletions(-) + +diff --git a/ChangeLog.md b/ChangeLog.md +index f1bfb3d87..0a075c3c5 100644 +--- a/ChangeLog.md ++++ b/ChangeLog.md +@@ -9,6 +9,14 @@ overruns when attempting to decompress various specially-crafted malformed + (`-DWITH_12BIT=1`) with both color quantization and RGB565 color conversion + enabled. + ++2. Fixed an issue whereby `jpeg_crop_scanline()` sometimes miscalculated the ++downsampled width for components with 4x2 or 2x4 subsampling factors if ++decompression scaling was enabled. This caused the components to be upsampled ++incompletely, which caused the color converter to read from uninitialized ++memory. With 12-bit data precision, this caused a buffer overrun or underrun ++and subsequent segfault if the sample value read from unitialized memory was ++outside of the valid sample range. ++ + + 2.1.5.1 + ======= +diff --git a/jdapistd.c b/jdapistd.c +index 02cd0cb93..96cded112 100644 +--- a/jdapistd.c ++++ b/jdapistd.c +@@ -4,7 +4,7 @@ + * This file was part of the Independent JPEG Group's software: + * Copyright (C) 1994-1996, Thomas G. Lane. + * libjpeg-turbo Modifications: +- * Copyright (C) 2010, 2015-2020, 2022, D. R. Commander. ++ * Copyright (C) 2010, 2015-2020, 2022-2023, D. R. Commander. + * Copyright (C) 2015, Google, Inc. + * For conditions of distribution and use, see the accompanying README.ijg + * file. +@@ -236,9 +236,11 @@ jpeg_crop_scanline(j_decompress_ptr cinfo, JDIMENSION *xoffset, + /* Set downsampled_width to the new output width. */ + orig_downsampled_width = compptr->downsampled_width; + compptr->downsampled_width = +- (JDIMENSION)jdiv_round_up((long)(cinfo->output_width * +- compptr->h_samp_factor), +- (long)cinfo->max_h_samp_factor); ++ (JDIMENSION)jdiv_round_up((long)cinfo->output_width * ++ (long)(compptr->h_samp_factor * ++ compptr->_DCT_scaled_size), ++ (long)(cinfo->max_h_samp_factor * ++ cinfo->_min_DCT_scaled_size)); + if (compptr->downsampled_width < 2 && orig_downsampled_width >= 2) + reinit_upsampler = TRUE; + diff --git a/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.1.5.1.bb b/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.1.5.1.bb index e086830c02..86bf471eea 100644 --- a/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.1.5.1.bb +++ b/poky/meta/recipes-graphics/jpeg/libjpeg-turbo_2.1.5.1.bb @@ -12,6 +12,8 @@ DEPENDS:append:x86:class-target = " nasm-native" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \ file://0001-libjpeg-turbo-fix-package_qa-error.patch \ + file://CVE-2023-2804-1.patch \ + file://CVE-2023-2804-2.patch \ " SRC_URI[sha256sum] = "2fdc3feb6e9deb17adec9bafa3321419aa19f8f4e5dea7bf8486844ca22207bf" diff --git a/poky/meta/recipes-graphics/wayland/weston-init.bb b/poky/meta/recipes-graphics/wayland/weston-init.bb index 77dda03cf5..99b99f72f1 100644 --- a/poky/meta/recipes-graphics/wayland/weston-init.bb +++ b/poky/meta/recipes-graphics/wayland/weston-init.bb @@ -9,6 +9,7 @@ SRC_URI = "file://init \ file://weston.ini \ file://weston.service \ file://weston.socket \ + file://weston-socket.sh \ file://weston-autologin \ file://weston-start" @@ -25,28 +26,34 @@ DEFAULTBACKEND ??= "" DEFAULTBACKEND:qemuall ?= "drm" do_install() { - if [ "${VIRTUAL-RUNTIME_init_manager}" != "systemd" ]; then + # Install weston-start script + if [ "${VIRTUAL-RUNTIME_init_manager}" != "systemd" ]; then + install -Dm755 ${WORKDIR}/weston-start ${D}${bindir}/weston-start + sed -i 's,@DATADIR@,${datadir},g' ${D}${bindir}/weston-start + sed -i 's,@LOCALSTATEDIR@,${localstatedir},g' ${D}${bindir}/weston-start install -Dm755 ${WORKDIR}/init ${D}/${sysconfdir}/init.d/weston sed -i 's#ROOTHOME#${ROOT_HOME}#' ${D}/${sysconfdir}/init.d/weston - fi - install -D -p -m0644 ${WORKDIR}/weston.ini ${D}${sysconfdir}/xdg/weston/weston.ini - install -Dm644 ${WORKDIR}/weston.env ${D}${sysconfdir}/default/weston + fi # Install Weston systemd service and accompanying udev rule - install -D -p -m0644 ${WORKDIR}/weston.service ${D}${systemd_system_unitdir}/weston.service - install -D -p -m0644 ${WORKDIR}/weston.socket ${D}${systemd_system_unitdir}/weston.socket - if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -D -p -m0644 ${WORKDIR}/weston.service ${D}${systemd_system_unitdir}/weston.service + install -D -p -m0644 ${WORKDIR}/weston.socket ${D}${systemd_system_unitdir}/weston.socket + install -D -p -m0644 ${WORKDIR}/weston-socket.sh ${D}${sysconfdir}/profile.d/weston-socket.sh + sed -i -e s:/etc:${sysconfdir}:g \ + -e s:/usr/bin:${bindir}:g \ + -e s:/var:${localstatedir}:g \ + ${D}${systemd_system_unitdir}/weston.service + fi + + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then install -D -p -m0644 ${WORKDIR}/weston-autologin ${D}${sysconfdir}/pam.d/weston-autologin - fi - sed -i -e s:/etc:${sysconfdir}:g \ - -e s:/usr/bin:${bindir}:g \ - -e s:/var:${localstatedir}:g \ - ${D}${systemd_system_unitdir}/weston.service - # Install weston-start script - install -Dm755 ${WORKDIR}/weston-start ${D}${bindir}/weston-start - sed -i 's,@DATADIR@,${datadir},g' ${D}${bindir}/weston-start - sed -i 's,@LOCALSTATEDIR@,${localstatedir},g' ${D}${bindir}/weston-start - if [ -n "${DEFAULTBACKEND}" ]; then + fi + + install -D -p -m0644 ${WORKDIR}/weston.ini ${D}${sysconfdir}/xdg/weston/weston.ini + install -Dm644 ${WORKDIR}/weston.env ${D}${sysconfdir}/default/weston + + if [ -n "${DEFAULTBACKEND}" ]; then sed -i -e "/^\[core\]/a backend=${DEFAULTBACKEND}-backend.so" ${D}${sysconfdir}/xdg/weston/weston.ini fi @@ -82,6 +89,7 @@ INITSCRIPT_PARAMS = "start 9 5 2 . stop 20 0 1 6 ." FILES:${PN} += "\ ${sysconfdir}/xdg/weston/weston.ini \ + ${sysconfdir}/profile.d/weston-socket.sh \ ${systemd_system_unitdir}/weston.service \ ${systemd_system_unitdir}/weston.socket \ ${sysconfdir}/default/weston \ @@ -92,6 +100,6 @@ FILES:${PN} += "\ CONFFILES:${PN} += "${sysconfdir}/xdg/weston/weston.ini ${sysconfdir}/default/weston" SYSTEMD_SERVICE:${PN} = "weston.service weston.socket" -USERADD_PARAM:${PN} = "--home /home/weston --shell /bin/sh --user-group -G video,input weston" -GROUPADD_PARAM:${PN} = "-r wayland" +USERADD_PARAM:${PN} = "--home /home/weston --shell /bin/sh --user-group -G video,input,render,wayland weston" +GROUPADD_PARAM:${PN} = "-r wayland; -r render" diff --git a/poky/meta/recipes-graphics/wayland/weston-init/weston-socket.sh b/poky/meta/recipes-graphics/wayland/weston-init/weston-socket.sh new file mode 100755 index 0000000000..86389d63a3 --- /dev/null +++ b/poky/meta/recipes-graphics/wayland/weston-init/weston-socket.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +# set weston variables for use with global weston socket +global_socket="/run/wayland-0" +if [ -e "$global_socket" ]; then + weston_group=$(stat -c "%G" "$global_socket") + if [ "$(id -u)" = "0" ]; then + export WAYLAND_DISPLAY="$global_socket" + else + case "$(groups "$USER")" in + *"$weston_group"*) + export WAYLAND_DISPLAY="$global_socket" + ;; + *) + ;; + esac + fi + unset weston_group +fi +unset global_socket diff --git a/poky/meta/recipes-graphics/wayland/weston_11.0.1.bb b/poky/meta/recipes-graphics/wayland/weston_11.0.1.bb index 4f6ce19915..0838791a6b 100644 --- a/poky/meta/recipes-graphics/wayland/weston_11.0.1.bb +++ b/poky/meta/recipes-graphics/wayland/weston_11.0.1.bb @@ -57,7 +57,7 @@ PACKAGECONFIG[kms] = "-Dbackend-drm=true,-Dbackend-drm=false,drm udev virtual/eg # Weston on Wayland (nested Weston) PACKAGECONFIG[wayland] = "-Dbackend-wayland=true,-Dbackend-wayland=false,virtual/egl virtual/libgles2" # Weston on X11 -PACKAGECONFIG[x11] = "-Dbackend-x11=true,-Dbackend-x11=false,virtual/libx11 libxcb libxcb libxcursor cairo" +PACKAGECONFIG[x11] = "-Dbackend-x11=true,-Dbackend-x11=false,virtual/libx11 libxcb libxcursor" # Headless Weston PACKAGECONFIG[headless] = "-Dbackend-headless=true,-Dbackend-headless=false" # Weston on RDP @@ -73,7 +73,7 @@ PACKAGECONFIG[webp] = "-Dimage-webp=true,-Dimage-webp=false,libwebp" # Weston with systemd-login support PACKAGECONFIG[systemd] = "-Dsystemd=true -Dlauncher-logind=true,-Dsystemd=false -Dlauncher-logind=false,systemd dbus" # Weston with Xwayland support (requires X11 and Wayland) -PACKAGECONFIG[xwayland] = "-Dxwayland=true,-Dxwayland=false,xwayland" +PACKAGECONFIG[xwayland] = "-Dxwayland=true,-Dxwayland=false,libxcb libxcursor xwayland" # colord CMS support PACKAGECONFIG[colord] = "-Ddeprecated-color-management-colord=true,-Ddeprecated-color-management-colord=false,colord" # Clients support diff --git a/poky/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb b/poky/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.4.bb index e75a840b7d..aaa8aa8903 100644 --- a/poky/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.3.bb +++ b/poky/meta/recipes-graphics/xorg-app/xdpyinfo_1.3.4.bb @@ -15,6 +15,6 @@ PE = "1" SRC_URI += "file://disable-xkb.patch" SRC_URI_EXT = "xz" -SRC_URI[sha256sum] = "356d5fd62f3e98ee36d6becf1b32d4ab6112d618339fb4b592ccffbd9e0fc206" +SRC_URI[sha256sum] = "a8ada581dbd7266440d7c3794fa89edf6b99b8857fc2e8c31042684f3af4822b" EXTRA_OECONF = "--disable-xkb" diff --git a/poky/meta/recipes-graphics/xorg-lib/libx11/0001-fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch b/poky/meta/recipes-graphics/xorg-lib/libx11/0001-fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch deleted file mode 100644 index 722116c07e..0000000000 --- a/poky/meta/recipes-graphics/xorg-lib/libx11/0001-fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch +++ /dev/null @@ -1,57 +0,0 @@ -CVE: CVE-2022-3554 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> - -From 1d11822601fd24a396b354fa616b04ed3df8b4ef Mon Sep 17 00:00:00 2001 -From: "Thomas E. Dickey" <dickey@invisible-island.net> -Date: Tue, 4 Oct 2022 18:26:17 -0400 -Subject: [PATCH] fix a memory leak in XRegisterIMInstantiateCallback - -Analysis: - - _XimRegisterIMInstantiateCallback() opens an XIM and closes it using - the internal function pointers, but the internal close function does - not free the pointer to the XIM (this would be done in XCloseIM()). - -Report/patch: - - Date: Mon, 03 Oct 2022 18:47:32 +0800 - From: Po Lu <luangruo@yahoo.com> - To: xorg-devel@lists.x.org - Subject: Re: Yet another leak in Xlib - - For reference, here's how I'm calling XRegisterIMInstantiateCallback: - - XSetLocaleModifiers (""); - XRegisterIMInstantiateCallback (compositor.display, - XrmGetDatabase (compositor.display), - (char *) compositor.resource_name, - (char *) compositor.app_name, - IMInstantiateCallback, NULL); - - and XMODIFIERS is: - - @im=ibus - -Signed-off-by: Thomas E. Dickey <dickey@invisible-island.net> ---- - modules/im/ximcp/imInsClbk.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/modules/im/ximcp/imInsClbk.c b/modules/im/ximcp/imInsClbk.c -index 95b379cb..c10e347f 100644 ---- a/modules/im/ximcp/imInsClbk.c -+++ b/modules/im/ximcp/imInsClbk.c -@@ -212,6 +212,9 @@ _XimRegisterIMInstantiateCallback( - if( xim ) { - lock = True; - xim->methods->close( (XIM)xim ); -+ /* XIMs must be freed manually after being opened; close just -+ does the protocol to deinitialize the IM. */ -+ XFree( xim ); - lock = False; - icb->call = True; - callback( display, client_data, NULL ); --- -2.34.1 - diff --git a/poky/meta/recipes-graphics/xorg-lib/libx11_1.8.4.bb b/poky/meta/recipes-graphics/xorg-lib/libx11_1.8.6.bb index 7831b4986a..1cfa56b21e 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libx11_1.8.4.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libx11_1.8.6.bb @@ -18,15 +18,13 @@ DEPENDS += "xorgproto \ PROVIDES = "virtual/libx11" -FILESEXTRAPATHS =. "${FILE_DIRNAME}/libx11:" - PE = "1" XORG_PN = "libX11" -SRC_URI += "file://disable_tests.patch \ - " -SRC_URI[sha256sum] = "c9a287a5aefa9804ce3cfafcf516fe96ed3f7e8e45c0e2ee59e84c86757df518" +SRC_URI += "file://disable_tests.patch" + +SRC_URI[sha256sum] = "59535b7cc6989ba806a022f7e8533b28c4397b9d86e9d07b6df0c0703fa25cc9" inherit gettext diff --git a/poky/meta/recipes-graphics/xorg-lib/libxft_2.3.7.bb b/poky/meta/recipes-graphics/xorg-lib/libxft_2.3.8.bb index ad126d2092..2699c1dfd7 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libxft_2.3.7.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libxft_2.3.8.bb @@ -20,7 +20,7 @@ PROVIDES = "xft" PE = "1" -SRC_URI[sha256sum] = "79f0b37c45007381c371a790c2754644ad955166dbf2a48e3625032e9bdd4f71" +SRC_URI[sha256sum] = "5e8c3c4bc2d4c0a40aef6b4b38ed2fb74301640da29f6528154b5009b1c6dd49" XORG_PN = "libXft" diff --git a/poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.15.bb b/poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb index 32a2b35356..c3d01f1bb3 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.15.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb @@ -22,6 +22,6 @@ PACKAGES =+ "sxpm cxpm" FILES:cxpm = "${bindir}/cxpm" FILES:sxpm = "${bindir}/sxpm" -SRC_URI[sha256sum] = "60bb906c5c317a6db863e39b69c4a83fdbd2ae2154fcf47640f8fefc9fdfd1c1" +SRC_URI[sha256sum] = "e6bc5da7a69dbd9bcc67e87c93d4904fe2f5177a0711c56e71fa2f6eff649f51" BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-graphics/xorg-lib/pixman_0.42.2.bb b/poky/meta/recipes-graphics/xorg-lib/pixman_0.42.2.bb index d26d7f581a..a580d73185 100644 --- a/poky/meta/recipes-graphics/xorg-lib/pixman_0.42.2.bb +++ b/poky/meta/recipes-graphics/xorg-lib/pixman_0.42.2.bb @@ -17,7 +17,7 @@ UPSTREAM_CHECK_REGEX = "pixman-(?P<pver>\d+\.(\d*[02468])+(\.\d+)+)" PE = "1" -LICENSE = "MIT & MIT & PD" +LICENSE = "MIT & PD" LIC_FILES_CHKSUM = "file://COPYING;md5=14096c769ae0cbb5fcb94ec468be11b3 \ file://pixman/pixman-matrix.c;endline=21;md5=4a018dff3e4e25302724c88ff95c2456 \ file://pixman/pixman-arm-neon-asm.h;endline=24;md5=9a9cc1e51abbf1da58f4d9528ec9d49b \ diff --git a/poky/meta/recipes-kernel/blktrace/blktrace/0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch b/poky/meta/recipes-kernel/blktrace/blktrace/0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch new file mode 100644 index 0000000000..a3b8a98589 --- /dev/null +++ b/poky/meta/recipes-kernel/blktrace/blktrace/0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch @@ -0,0 +1,35 @@ +From b8d9618cbbec5a04cf6dede0a6ceda41021b92ae Mon Sep 17 00:00:00 2001 +From: Sakib Sajal <sakib.sajal@windriver.com> +Date: Mon, 26 Jun 2023 17:34:01 -0400 +Subject: [PATCH] bno_plot.py, btt_plot.py: Ask for python3 specifically + +python2 is deprecated, use python3. + +Upstream-Status: Denied [https://www.spinics.net/lists/linux-btrace/msg01364.html] + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + btt/bno_plot.py | 2 +- + btt/btt_plot.py | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/btt/bno_plot.py b/btt/bno_plot.py +index 3aa4e19..d7d7159 100644 +--- a/btt/bno_plot.py ++++ b/btt/bno_plot.py +@@ -1,4 +1,4 @@ +-#! /usr/bin/env python ++#! /usr/bin/env python3 + # + # btt blkno plotting interface + # +diff --git a/btt/btt_plot.py b/btt/btt_plot.py +index 40bc71f..8620d31 100755 +--- a/btt/btt_plot.py ++++ b/btt/btt_plot.py +@@ -1,4 +1,4 @@ +-#! /usr/bin/env python ++#! /usr/bin/env python3 + # + # btt_plot.py: Generate matplotlib plots for BTT generate data files + # diff --git a/poky/meta/recipes-kernel/blktrace/blktrace_git.bb b/poky/meta/recipes-kernel/blktrace/blktrace_git.bb index d0eeba3208..288784236a 100644 --- a/poky/meta/recipes-kernel/blktrace/blktrace_git.bb +++ b/poky/meta/recipes-kernel/blktrace/blktrace_git.bb @@ -14,7 +14,9 @@ SRCREV = "366d30b9cdb20345c5d064af850d686da79b89eb" PV = "1.3.0+git${SRCPV}" -SRC_URI = "git://git.kernel.dk/blktrace.git;branch=master;protocol=https" +SRC_URI = "git://git.kernel.dk/blktrace.git;branch=master;protocol=https \ + file://0001-bno_plot.py-btt_plot.py-Ask-for-python3-specifically.patch \ + " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-kernel/kmod/kmod/ptest.patch b/poky/meta/recipes-kernel/kmod/kmod/ptest.patch deleted file mode 100644 index 831dbcb909..0000000000 --- a/poky/meta/recipes-kernel/kmod/kmod/ptest.patch +++ /dev/null @@ -1,25 +0,0 @@ -Add 'install-ptest' rule. - -Signed-off-by: Tudor Florea <tudor.florea@enea.com> -Upstream-Status: Pending - -diff -ruN a/Makefile.am b/Makefile.am ---- a/Makefile.am 2013-07-12 17:11:05.278331557 +0200 -+++ b/Makefile.am 2013-07-12 17:14:27.033788016 +0200 -@@ -204,6 +204,16 @@ - - distclean-local: $(DISTCLEAN_LOCAL_HOOKS) - -+install-ptest: -+ @$(MKDIR_P) $(DESTDIR)/testsuite -+ @for file in $(TESTSUITE); do \ -+ install $$file $(DESTDIR)/testsuite; \ -+ done; -+ @sed -e 's/^Makefile/_Makefile/' < Makefile > $(DESTDIR)/Makefile -+ @$(MKDIR_P) $(DESTDIR)/tools -+ @cp $(noinst_SCRIPTS) $(noinst_PROGRAMS) $(DESTDIR)/tools -+ @cp -r testsuite/rootfs testsuite/.libs $(DESTDIR)/testsuite -+ - # ------------------------------------------------------------------------------ - # custom release helpers - # ------------------------------------------------------------------------------ diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230404.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb index 7412c022ba..6765226b9d 100644 --- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230404.bb +++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb @@ -134,7 +134,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ " # WHENCE checksum is defined separately to ease overriding it if # class-devupstream is selected. -WHENCE_CHKSUM = "0782deea054d4b1b7f10c92c3a245da4" +WHENCE_CHKSUM = "57bf874056926f12aec2405d3fc390d9" # These are not common licenses, set NO_GENERIC_LICENSE for them # so that the license files will be copied from fetched source @@ -212,7 +212,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw # Pin this to the 20220509 release, override this in local.conf SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae" -SRC_URI[sha256sum] = "c3f9ad2bb5311cce2490f37a8052f836703d6936aabd840246b6576f1f71f607" +SRC_URI[sha256sum] = "87597111c0d4b71b31e53cb85a92c386921b84c825a402db8c82e0e86015500d" inherit allarch @@ -241,6 +241,7 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \ ${PN}-rtl-license ${PN}-rtl8188 ${PN}-rtl8192cu ${PN}-rtl8192ce ${PN}-rtl8192su ${PN}-rtl8723 ${PN}-rtl8821 \ ${PN}-rtl8761 \ ${PN}-rtl8168 \ + ${PN}-rtl8822 \ ${PN}-cypress-license \ ${PN}-broadcom-license \ ${PN}-bcm-0bb4-0306 \ @@ -315,14 +316,15 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \ ${PN}-qcom-vpu-1.0 ${PN}-qcom-vpu-2.0 \ ${PN}-qcom-adreno-a2xx ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a4xx ${PN}-qcom-adreno-a530 \ ${PN}-qcom-adreno-a630 ${PN}-qcom-adreno-a650 ${PN}-qcom-adreno-a660 \ - ${PN}-qcom-apq8096-audio ${PN}-qcom-apq8096-modem \ + ${PN}-qcom-apq8016-modem ${PN}-qcom-apq8016-wifi \ + ${PN}-qcom-apq8096-adreno ${PN}-qcom-apq8096-audio ${PN}-qcom-apq8096-modem \ ${PN}-qcom-sc8280xp-lenovo-x13s-compat \ ${PN}-qcom-sc8280xp-lenovo-x13s-audio \ ${PN}-qcom-sc8280xp-lenovo-x13s-adreno \ ${PN}-qcom-sc8280xp-lenovo-x13s-compute \ ${PN}-qcom-sc8280xp-lenovo-x13s-sensors \ - ${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \ - ${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \ + ${PN}-qcom-sdm845-adreno ${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \ + ${PN}-qcom-sm8250-adreno ${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \ ${PN}-amlogic-vdec-license ${PN}-amlogic-vdec \ ${PN}-lt9611uxc ${PN}-lontium-license \ ${PN}-whence-license \ @@ -417,7 +419,7 @@ LICENSE:${PN}-mt7601u-license = "Firmware-ralink_a_mediatek_company_firmware" FILES:${PN}-mt7601u-license = "${nonarch_base_libdir}/firmware/LICENCE.ralink_a_mediatek_company_firmware" FILES:${PN}-mt7601u = " \ - ${nonarch_base_libdir}/firmware/mt7601u.bin \ + ${nonarch_base_libdir}/firmware/mediatek/mt7601u.bin \ " RDEPENDS:${PN}-mt7601u += "${PN}-mt7601u-license" @@ -581,6 +583,7 @@ LICENSE:${PN}-rtl8192su = "Firmware-rtlwifi_firmware" LICENSE:${PN}-rtl8723 = "Firmware-rtlwifi_firmware" LICENSE:${PN}-rtl8761 = "Firmware-rtlwifi_firmware" LICENSE:${PN}-rtl8821 = "Firmware-rtlwifi_firmware" +LICENSE:${PN}-rtl8822 = "Firmware-rtlwifi_firmware" LICENSE:${PN}-rtl-license = "Firmware-rtlwifi_firmware" LICENSE:${PN}-rtl8168 = "WHENCE" @@ -611,6 +614,11 @@ FILES:${PN}-rtl8761 = " \ FILES:${PN}-rtl8168 = " \ ${nonarch_base_libdir}/firmware/rtl_nic/rtl8168*.fw \ " +FILES:${PN}-rtl8822 = " \ + ${nonarch_base_libdir}/firmware/rtl_bt/rtl8822*.bin \ + ${nonarch_base_libdir}/firmware/rtw88/rtw8822*.bin \ + ${nonarch_base_libdir}/firmware/rtlwifi/rtl8822*.bin \ +" RDEPENDS:${PN}-rtl8188 += "${PN}-rtl-license" RDEPENDS:${PN}-rtl8192ce += "${PN}-rtl-license" @@ -619,6 +627,7 @@ RDEPENDS:${PN}-rtl8192su = "${PN}-rtl-license" RDEPENDS:${PN}-rtl8723 += "${PN}-rtl-license" RDEPENDS:${PN}-rtl8821 += "${PN}-rtl-license" RDEPENDS:${PN}-rtl8761 += "${PN}-rtl-license" +RDEPENDS:${PN}-rtl8822 += "${PN}-rtl-license" RDEPENDS:${PN}-rtl8168 += "${PN}-whence-license" # For ti-connectivity @@ -1000,16 +1009,21 @@ LICENSE:${PN}-qcom-adreno-a530 = "Firmware-qcom" LICENSE:${PN}-qcom-adreno-a630 = "Firmware-qcom" LICENSE:${PN}-qcom-adreno-a650 = "Firmware-qcom" LICENSE:${PN}-qcom-adreno-a660 = "Firmware-qcom" +LICENSE:${PN}-qcom-apq8016-modem = "Firmware-qcom" +LICENSE:${PN}-qcom-apq8016-wifi = "Firmware-qcom" LICENSE:${PN}-qcom-apq8096-audio = "Firmware-qcom" +LICENSE:${PN}-qcom-apq8096-adreno = "Firmware-qcom" LICENSE:${PN}-qcom-apq8096-modem = "Firmware-qcom" LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "Firmware-qcom" LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-adreno = "Firmware-qcom" LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-compute = "Firmware-qcom" LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-sensors = "Firmware-qcom" LICENSE:${PN}-qcom-sdm845-audio = "Firmware-qcom" +LICENSE:${PN}-qcom-sdm845-adreno = "Firmware-qcom" LICENSE:${PN}-qcom-sdm845-compute = "Firmware-qcom" LICENSE:${PN}-qcom-sdm845-modem = "Firmware-qcom" LICENSE:${PN}-qcom-sm8250-audio = "Firmware-qcom" +LICENSE:${PN}-qcom-sm8250-adreno = "Firmware-qcom" LICENSE:${PN}-qcom-sm8250-compute = "Firmware-qcom" FILES:${PN}-qcom-license = "${nonarch_base_libdir}/firmware/LICENSE.qcom ${nonarch_base_libdir}/firmware/qcom/NOTICE.txt" @@ -1023,10 +1037,13 @@ FILES:${PN}-qcom-vpu-2.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-2.0/*" FILES:${PN}-qcom-adreno-a2xx = "${nonarch_base_libdir}/firmware/qcom/leia_*.fw ${nonarch_base_libdir}/firmware/qcom/yamato_*.fw" FILES:${PN}-qcom-adreno-a3xx = "${nonarch_base_libdir}/firmware/qcom/a3*_*.fw ${nonarch_base_libdir}/firmware/a300_*.fw" FILES:${PN}-qcom-adreno-a4xx = "${nonarch_base_libdir}/firmware/qcom/a4*_*.fw" -FILES:${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.* ${nonarch_base_libdir}/firmware/qcom/apq8096/a530*.*" -FILES:${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*" -FILES:${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.* ${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*" +FILES:${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.fw*" +FILES:${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.*" +FILES:${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.*" FILES:${PN}-qcom-adreno-a660 = "${nonarch_base_libdir}/firmware/qcom/a660*.*" +FILES:${PN}-qcom-apq8016-modem = "${nonarch_base_libdir}/firmware/qcom/apq8016/mba.mbn ${nonarch_base_libdir}/firmware/qcom/apq8016/modem.mbn" +FILES:${PN}-qcom-apq8016-wifi = "${nonarch_base_libdir}/firmware/qcom/apq8016/wcnss.mbn ${nonarch_base_libdir}/firmware/qcom/apq8016/WCNSS*" +FILES:${PN}-qcom-apq8096-adreno = "${nonarch_base_libdir}/firmware/qcom/apq8096/a530_zap.mbn ${nonarch_base_libdir}/firmware/qcom/a530_zap.mdt" FILES:${PN}-qcom-apq8096-audio = "${nonarch_base_libdir}/firmware/qcom/apq8096/adsp*.*" FILES:${PN}-qcom-apq8096-modem = "${nonarch_base_libdir}/firmware/qcom/apq8096/mba.mbn ${nonarch_base_libdir}/firmware/qcom/apq8096/modem*.* ${nonarch_base_libdir}/firmware/qcom/apq8096/wlanmdsp.mbn" FILES:${PN}-qcom-sc8280xp-lenovo-x13s-compat = "${nonarch_base_libdir}/firmware/qcom/LENOVO/21BX" @@ -1034,9 +1051,11 @@ FILES:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "${nonarch_base_libdir}/firmware/q FILES:${PN}-qcom-sc8280xp-lenovo-x13s-adreno = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/qcdxkmsuc8280.mbn" FILES:${PN}-qcom-sc8280xp-lenovo-x13s-compute = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/*cdsp*.*" FILES:${PN}-qcom-sc8280xp-lenovo-x13s-sensors = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/*slpi*.*" +FILES:${PN}-qcom-sdm845-adreno = "${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*" FILES:${PN}-qcom-sdm845-audio = "${nonarch_base_libdir}/firmware/qcom/sdm845/adsp*.*" FILES:${PN}-qcom-sdm845-compute = "${nonarch_base_libdir}/firmware/qcom/sdm845/cdsp*.*" FILES:${PN}-qcom-sdm845-modem = "${nonarch_base_libdir}/firmware/qcom/sdm845/mba.mbn ${nonarch_base_libdir}/firmware/qcom/sdm845/modem*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/wlanmdsp.mbn" +FILES:${PN}-qcom-sm8250-adreno = "${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*" FILES:${PN}-qcom-sm8250-audio = "${nonarch_base_libdir}/firmware/qcom/sm8250/adsp*.*" FILES:${PN}-qcom-sm8250-compute = "${nonarch_base_libdir}/firmware/qcom/sm8250/cdsp*.*" @@ -1053,6 +1072,8 @@ RDEPENDS:${PN}-qcom-adreno-a530 = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-adreno-a630 = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-adreno-a650 = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-adreno-a660 = "${PN}-qcom-license" +RDEPENDS:${PN}-qcom-apq8016-modem = "${PN}-qcom-license" +RDEPENDS:${PN}-qcom-apq8016-wifi = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-apq8096-audio = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-apq8096-modem = "${PN}-qcom-license" RDEPENDS:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "${PN}-qcom-license" diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 4cc151901b..1656ffc8b5 100644 --- a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -1,36 +1,7315 @@ -# https://nvd.nist.gov/vuln/detail/CVE-2022-3523 -# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 -# Patched in kernel since v6.1 16ce101db85db694a91380aa4c89b25530871d33 + +# Auto-generated CVE metadata, DO NOT EDIT BY HAND. +# Generated at 2023-09-23 10:45:45.248445 for version 6.1.46 + +python check_kernel_cve_status_version() { + this_version = "6.1.46" + kernel_version = d.getVar("LINUX_VERSION") + if kernel_version != this_version: + bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) +} +do_cve_check[prefuncs] += "check_kernel_cve_status_version" + +# fixed-version: Fixed after version 2.6.12rc2 +CVE_CHECK_IGNORE += "CVE-2003-1604" + +# fixed-version: Fixed after version 3.6rc1 +CVE_CHECK_IGNORE += "CVE-2004-0230" + +# CVE-2005-3660 has no known resolution + +# fixed-version: Fixed after version 2.6.26rc5 +CVE_CHECK_IGNORE += "CVE-2006-3635" + +# fixed-version: Fixed after version 2.6.19rc3 +CVE_CHECK_IGNORE += "CVE-2006-5331" + +# fixed-version: Fixed after version 2.6.19rc2 +CVE_CHECK_IGNORE += "CVE-2006-6128" + +# CVE-2007-3719 has no known resolution + +# fixed-version: Fixed after version 2.6.12rc2 +CVE_CHECK_IGNORE += "CVE-2007-4774" + +# fixed-version: Fixed after version 2.6.24rc6 +CVE_CHECK_IGNORE += "CVE-2007-6761" + +# fixed-version: Fixed after version 2.6.20rc5 +CVE_CHECK_IGNORE += "CVE-2007-6762" + +# CVE-2008-2544 has no known resolution + +# CVE-2008-4609 has no known resolution + +# fixed-version: Fixed after version 2.6.25rc1 +CVE_CHECK_IGNORE += "CVE-2008-7316" + +# fixed-version: Fixed after version 2.6.31rc6 +CVE_CHECK_IGNORE += "CVE-2009-2692" + +# fixed-version: Fixed after version 2.6.23rc9 +CVE_CHECK_IGNORE += "CVE-2010-0008" + +# fixed-version: Fixed after version 2.6.36rc5 +CVE_CHECK_IGNORE += "CVE-2010-3432" + +# CVE-2010-4563 has no known resolution + +# fixed-version: Fixed after version 2.6.37rc6 +CVE_CHECK_IGNORE += "CVE-2010-4648" + +# fixed-version: Fixed after version 2.6.38rc1 +CVE_CHECK_IGNORE += "CVE-2010-5313" + +# CVE-2010-5321 has no known resolution + +# fixed-version: Fixed after version 2.6.35rc1 +CVE_CHECK_IGNORE += "CVE-2010-5328" + +# fixed-version: Fixed after version 2.6.39rc1 +CVE_CHECK_IGNORE += "CVE-2010-5329" + +# fixed-version: Fixed after version 2.6.34rc7 +CVE_CHECK_IGNORE += "CVE-2010-5331" + +# fixed-version: Fixed after version 2.6.37rc1 +CVE_CHECK_IGNORE += "CVE-2010-5332" + +# fixed-version: Fixed after version 3.2rc1 +CVE_CHECK_IGNORE += "CVE-2011-4098" + +# fixed-version: Fixed after version 3.3rc1 +CVE_CHECK_IGNORE += "CVE-2011-4131" + +# fixed-version: Fixed after version 3.2rc1 +CVE_CHECK_IGNORE += "CVE-2011-4915" + +# CVE-2011-4916 has no known resolution + +# CVE-2011-4917 has no known resolution + +# fixed-version: Fixed after version 3.2rc1 +CVE_CHECK_IGNORE += "CVE-2011-5321" + +# fixed-version: Fixed after version 3.1rc1 +CVE_CHECK_IGNORE += "CVE-2011-5327" + +# fixed-version: Fixed after version 3.7rc2 +CVE_CHECK_IGNORE += "CVE-2012-0957" + +# fixed-version: Fixed after version 3.5rc1 +CVE_CHECK_IGNORE += "CVE-2012-2119" + +# fixed-version: Fixed after version 3.5rc1 +CVE_CHECK_IGNORE += "CVE-2012-2136" + +# fixed-version: Fixed after version 3.5rc2 +CVE_CHECK_IGNORE += "CVE-2012-2137" + +# fixed-version: Fixed after version 3.4rc6 +CVE_CHECK_IGNORE += "CVE-2012-2313" + +# fixed-version: Fixed after version 3.4rc6 +CVE_CHECK_IGNORE += "CVE-2012-2319" + +# fixed-version: Fixed after version 3.13rc4 +CVE_CHECK_IGNORE += "CVE-2012-2372" + +# fixed-version: Fixed after version 3.4rc1 +CVE_CHECK_IGNORE += "CVE-2012-2375" + +# fixed-version: Fixed after version 3.5rc1 +CVE_CHECK_IGNORE += "CVE-2012-2390" + +# fixed-version: Fixed after version 3.5rc4 +CVE_CHECK_IGNORE += "CVE-2012-2669" + +# fixed-version: Fixed after version 2.6.34rc1 +CVE_CHECK_IGNORE += "CVE-2012-2744" + +# fixed-version: Fixed after version 3.4rc3 +CVE_CHECK_IGNORE += "CVE-2012-2745" + +# fixed-version: Fixed after version 3.5rc6 +CVE_CHECK_IGNORE += "CVE-2012-3364" + +# fixed-version: Fixed after version 3.4rc5 +CVE_CHECK_IGNORE += "CVE-2012-3375" + +# fixed-version: Fixed after version 3.5rc5 +CVE_CHECK_IGNORE += "CVE-2012-3400" + +# fixed-version: Fixed after version 3.6rc2 +CVE_CHECK_IGNORE += "CVE-2012-3412" + +# fixed-version: Fixed after version 3.6rc1 +CVE_CHECK_IGNORE += "CVE-2012-3430" + +# fixed-version: Fixed after version 2.6.19rc4 +CVE_CHECK_IGNORE += "CVE-2012-3510" + +# fixed-version: Fixed after version 3.5rc6 +CVE_CHECK_IGNORE += "CVE-2012-3511" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-3520" + +# fixed-version: Fixed after version 3.0rc1 +CVE_CHECK_IGNORE += "CVE-2012-3552" + +# Skipping CVE-2012-4220, no affected_versions + +# Skipping CVE-2012-4221, no affected_versions + +# Skipping CVE-2012-4222, no affected_versions + +# fixed-version: Fixed after version 3.4rc1 +CVE_CHECK_IGNORE += "CVE-2012-4398" + +# fixed-version: Fixed after version 2.6.36rc4 +CVE_CHECK_IGNORE += "CVE-2012-4444" + +# fixed-version: Fixed after version 3.7rc6 +CVE_CHECK_IGNORE += "CVE-2012-4461" + +# fixed-version: Fixed after version 3.6rc5 +CVE_CHECK_IGNORE += "CVE-2012-4467" + +# fixed-version: Fixed after version 3.7rc3 +CVE_CHECK_IGNORE += "CVE-2012-4508" + +# fixed-version: Fixed after version 3.8rc1 +CVE_CHECK_IGNORE += "CVE-2012-4530" + +# CVE-2012-4542 has no known resolution + +# fixed-version: Fixed after version 3.7rc4 +CVE_CHECK_IGNORE += "CVE-2012-4565" + +# fixed-version: Fixed after version 3.8rc1 +CVE_CHECK_IGNORE += "CVE-2012-5374" + +# fixed-version: Fixed after version 3.8rc1 +CVE_CHECK_IGNORE += "CVE-2012-5375" + +# fixed-version: Fixed after version 3.6rc1 +CVE_CHECK_IGNORE += "CVE-2012-5517" + +# fixed-version: Fixed after version 3.6rc7 +CVE_CHECK_IGNORE += "CVE-2012-6536" + +# fixed-version: Fixed after version 3.6rc7 +CVE_CHECK_IGNORE += "CVE-2012-6537" + +# fixed-version: Fixed after version 3.6rc7 +CVE_CHECK_IGNORE += "CVE-2012-6538" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-6539" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-6540" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-6541" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-6542" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-6543" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-6544" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-6545" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2012-6546" + +# fixed-version: Fixed after version 3.6rc1 +CVE_CHECK_IGNORE += "CVE-2012-6547" + +# fixed-version: Fixed after version 3.6rc1 +CVE_CHECK_IGNORE += "CVE-2012-6548" + +# fixed-version: Fixed after version 3.6rc1 +CVE_CHECK_IGNORE += "CVE-2012-6549" + +# fixed-version: Fixed after version 3.3rc1 +CVE_CHECK_IGNORE += "CVE-2012-6638" + +# fixed-version: Fixed after version 3.6rc2 +CVE_CHECK_IGNORE += "CVE-2012-6647" + +# fixed-version: Fixed after version 3.6 +CVE_CHECK_IGNORE += "CVE-2012-6657" + +# fixed-version: Fixed after version 3.6rc5 +CVE_CHECK_IGNORE += "CVE-2012-6689" + +# fixed-version: Fixed after version 3.5rc1 +CVE_CHECK_IGNORE += "CVE-2012-6701" + +# fixed-version: Fixed after version 3.7rc1 +CVE_CHECK_IGNORE += "CVE-2012-6703" + +# fixed-version: Fixed after version 3.5rc1 +CVE_CHECK_IGNORE += "CVE-2012-6704" + +# fixed-version: Fixed after version 3.4rc1 +CVE_CHECK_IGNORE += "CVE-2012-6712" + +# fixed-version: Fixed after version 3.9rc1 +CVE_CHECK_IGNORE += "CVE-2013-0160" + +# fixed-version: Fixed after version 3.8rc5 +CVE_CHECK_IGNORE += "CVE-2013-0190" + +# fixed-version: Fixed after version 3.8rc7 +CVE_CHECK_IGNORE += "CVE-2013-0216" + +# fixed-version: Fixed after version 3.8rc7 +CVE_CHECK_IGNORE += "CVE-2013-0217" + +# fixed-version: Fixed after version 3.8 +CVE_CHECK_IGNORE += "CVE-2013-0228" + +# fixed-version: Fixed after version 3.8rc7 +CVE_CHECK_IGNORE += "CVE-2013-0231" + +# fixed-version: Fixed after version 3.8rc6 +CVE_CHECK_IGNORE += "CVE-2013-0268" + +# fixed-version: Fixed after version 3.8 +CVE_CHECK_IGNORE += "CVE-2013-0290" + +# fixed-version: Fixed after version 3.7rc1 +CVE_CHECK_IGNORE += "CVE-2013-0309" + +# fixed-version: Fixed after version 3.5 +CVE_CHECK_IGNORE += "CVE-2013-0310" + +# fixed-version: Fixed after version 3.7rc8 +CVE_CHECK_IGNORE += "CVE-2013-0311" + +# fixed-version: Fixed after version 3.8rc5 +CVE_CHECK_IGNORE += "CVE-2013-0313" + +# fixed-version: Fixed after version 3.11rc7 +CVE_CHECK_IGNORE += "CVE-2013-0343" + +# fixed-version: Fixed after version 3.8rc6 +CVE_CHECK_IGNORE += "CVE-2013-0349" + +# fixed-version: Fixed after version 3.8rc5 +CVE_CHECK_IGNORE += "CVE-2013-0871" + +# fixed-version: Fixed after version 3.9rc4 +CVE_CHECK_IGNORE += "CVE-2013-0913" + +# fixed-version: Fixed after version 3.9rc3 +CVE_CHECK_IGNORE += "CVE-2013-0914" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-1059" + +# fixed-version: Fixed after version 3.9rc1 +CVE_CHECK_IGNORE += "CVE-2013-1763" + +# fixed-version: Fixed after version 3.9rc1 +CVE_CHECK_IGNORE += "CVE-2013-1767" + +# fixed-version: Fixed after version 3.5rc1 +CVE_CHECK_IGNORE += "CVE-2013-1772" + +# fixed-version: Fixed after version 3.3rc1 +CVE_CHECK_IGNORE += "CVE-2013-1773" + +# fixed-version: Fixed after version 3.8rc5 +CVE_CHECK_IGNORE += "CVE-2013-1774" + +# fixed-version: Fixed after version 3.9rc3 +CVE_CHECK_IGNORE += "CVE-2013-1792" + +# fixed-version: Fixed after version 3.9rc4 +CVE_CHECK_IGNORE += "CVE-2013-1796" + +# fixed-version: Fixed after version 3.9rc4 +CVE_CHECK_IGNORE += "CVE-2013-1797" + +# fixed-version: Fixed after version 3.9rc4 +CVE_CHECK_IGNORE += "CVE-2013-1798" + +# fixed-version: Fixed after version 3.8rc6 +CVE_CHECK_IGNORE += "CVE-2013-1819" + +# fixed-version: Fixed after version 3.6rc7 +CVE_CHECK_IGNORE += "CVE-2013-1826" + +# fixed-version: Fixed after version 3.6rc3 +CVE_CHECK_IGNORE += "CVE-2013-1827" + +# fixed-version: Fixed after version 3.9rc2 +CVE_CHECK_IGNORE += "CVE-2013-1828" + +# fixed-version: Fixed after version 3.9rc3 +CVE_CHECK_IGNORE += "CVE-2013-1848" + +# fixed-version: Fixed after version 3.9rc3 +CVE_CHECK_IGNORE += "CVE-2013-1858" + +# fixed-version: Fixed after version 3.9rc3 +CVE_CHECK_IGNORE += "CVE-2013-1860" + +# fixed-version: Fixed after version 3.7rc3 +CVE_CHECK_IGNORE += "CVE-2013-1928" + +# fixed-version: Fixed after version 3.9rc6 +CVE_CHECK_IGNORE += "CVE-2013-1929" + +# Skipping CVE-2013-1935, no affected_versions + +# fixed-version: Fixed after version 3.0rc1 +CVE_CHECK_IGNORE += "CVE-2013-1943" + +# fixed-version: Fixed after version 3.9rc5 +CVE_CHECK_IGNORE += "CVE-2013-1956" + +# fixed-version: Fixed after version 3.9rc5 +CVE_CHECK_IGNORE += "CVE-2013-1957" + +# fixed-version: Fixed after version 3.9rc5 +CVE_CHECK_IGNORE += "CVE-2013-1958" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-1959" + +# fixed-version: Fixed after version 3.9rc8 +CVE_CHECK_IGNORE += "CVE-2013-1979" + +# fixed-version: Fixed after version 3.8rc2 +CVE_CHECK_IGNORE += "CVE-2013-2015" + +# fixed-version: Fixed after version 2.6.34 +CVE_CHECK_IGNORE += "CVE-2013-2017" + +# fixed-version: Fixed after version 3.8rc4 +CVE_CHECK_IGNORE += "CVE-2013-2058" + +# fixed-version: Fixed after version 3.9rc8 +CVE_CHECK_IGNORE += "CVE-2013-2094" + +# fixed-version: Fixed after version 2.6.34rc4 +CVE_CHECK_IGNORE += "CVE-2013-2128" + +# fixed-version: Fixed after version 3.11rc3 +CVE_CHECK_IGNORE += "CVE-2013-2140" + +# fixed-version: Fixed after version 3.9rc8 +CVE_CHECK_IGNORE += "CVE-2013-2141" + +# fixed-version: Fixed after version 3.9rc8 +CVE_CHECK_IGNORE += "CVE-2013-2146" + +# fixed-version: Fixed after version 3.12rc3 +CVE_CHECK_IGNORE += "CVE-2013-2147" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-2148" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-2164" + +# Skipping CVE-2013-2188, no affected_versions + +# fixed-version: Fixed after version 3.9rc4 +CVE_CHECK_IGNORE += "CVE-2013-2206" + +# Skipping CVE-2013-2224, no affected_versions + +# fixed-version: Fixed after version 3.10 +CVE_CHECK_IGNORE += "CVE-2013-2232" + +# fixed-version: Fixed after version 3.10 +CVE_CHECK_IGNORE += "CVE-2013-2234" + +# fixed-version: Fixed after version 3.9rc6 +CVE_CHECK_IGNORE += "CVE-2013-2237" + +# Skipping CVE-2013-2239, no affected_versions + +# fixed-version: Fixed after version 3.9rc1 +CVE_CHECK_IGNORE += "CVE-2013-2546" + +# fixed-version: Fixed after version 3.9rc1 +CVE_CHECK_IGNORE += "CVE-2013-2547" + +# fixed-version: Fixed after version 3.9rc1 +CVE_CHECK_IGNORE += "CVE-2013-2548" + +# fixed-version: Fixed after version 3.9rc8 +CVE_CHECK_IGNORE += "CVE-2013-2596" + +# fixed-version: Fixed after version 3.9rc3 +CVE_CHECK_IGNORE += "CVE-2013-2634" + +# fixed-version: Fixed after version 3.9rc3 +CVE_CHECK_IGNORE += "CVE-2013-2635" + +# fixed-version: Fixed after version 3.9rc3 +CVE_CHECK_IGNORE += "CVE-2013-2636" + +# fixed-version: Fixed after version 3.10rc4 +CVE_CHECK_IGNORE += "CVE-2013-2850" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-2851" + +# fixed-version: Fixed after version 3.10rc6 +CVE_CHECK_IGNORE += "CVE-2013-2852" + +# fixed-version: Fixed after version 3.12rc1 +CVE_CHECK_IGNORE += "CVE-2013-2888" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-2889" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-2890" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-2891" + +# fixed-version: Fixed after version 3.12rc1 +CVE_CHECK_IGNORE += "CVE-2013-2892" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-2893" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-2894" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-2895" + +# fixed-version: Fixed after version 3.12rc1 +CVE_CHECK_IGNORE += "CVE-2013-2896" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-2897" + +# fixed-version: Fixed after version 3.12rc1 +CVE_CHECK_IGNORE += "CVE-2013-2898" + +# fixed-version: Fixed after version 3.12rc1 +CVE_CHECK_IGNORE += "CVE-2013-2899" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-2929" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-2930" + +# fixed-version: Fixed after version 3.9 +CVE_CHECK_IGNORE += "CVE-2013-3076" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3222" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3223" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3224" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3225" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3226" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3227" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3228" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3229" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3230" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3231" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3232" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3233" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3234" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3235" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3236" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3237" + +# fixed-version: Fixed after version 3.9rc7 +CVE_CHECK_IGNORE += "CVE-2013-3301" + +# fixed-version: Fixed after version 3.8rc3 +CVE_CHECK_IGNORE += "CVE-2013-3302" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-4125" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-4127" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-4129" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-4162" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2013-4163" + +# fixed-version: Fixed after version 3.11rc5 +CVE_CHECK_IGNORE += "CVE-2013-4205" + +# fixed-version: Fixed after version 3.10rc4 +CVE_CHECK_IGNORE += "CVE-2013-4220" + +# fixed-version: Fixed after version 3.10rc5 +CVE_CHECK_IGNORE += "CVE-2013-4247" + +# fixed-version: Fixed after version 3.11rc6 +CVE_CHECK_IGNORE += "CVE-2013-4254" + +# fixed-version: Fixed after version 3.12rc4 +CVE_CHECK_IGNORE += "CVE-2013-4270" + +# fixed-version: Fixed after version 3.12rc6 +CVE_CHECK_IGNORE += "CVE-2013-4299" + +# fixed-version: Fixed after version 3.11 +CVE_CHECK_IGNORE += "CVE-2013-4300" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2013-4312" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-4343" + +# fixed-version: Fixed after version 3.13rc2 +CVE_CHECK_IGNORE += "CVE-2013-4345" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-4348" + +# fixed-version: Fixed after version 3.12rc2 +CVE_CHECK_IGNORE += "CVE-2013-4350" + +# fixed-version: Fixed after version 3.12rc4 +CVE_CHECK_IGNORE += "CVE-2013-4387" + +# fixed-version: Fixed after version 3.12rc7 +CVE_CHECK_IGNORE += "CVE-2013-4470" + +# fixed-version: Fixed after version 3.10rc1 +CVE_CHECK_IGNORE += "CVE-2013-4483" + +# fixed-version: Fixed after version 3.12 +CVE_CHECK_IGNORE += "CVE-2013-4511" + +# fixed-version: Fixed after version 3.12 +CVE_CHECK_IGNORE += "CVE-2013-4512" + +# fixed-version: Fixed after version 3.12 +CVE_CHECK_IGNORE += "CVE-2013-4513" + +# fixed-version: Fixed after version 3.12 +CVE_CHECK_IGNORE += "CVE-2013-4514" + +# fixed-version: Fixed after version 3.12 +CVE_CHECK_IGNORE += "CVE-2013-4515" + +# fixed-version: Fixed after version 3.12 +CVE_CHECK_IGNORE += "CVE-2013-4516" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-4563" + +# fixed-version: Fixed after version 3.13rc7 +CVE_CHECK_IGNORE += "CVE-2013-4579" + +# fixed-version: Fixed after version 3.13rc4 +CVE_CHECK_IGNORE += "CVE-2013-4587" + +# fixed-version: Fixed after version 2.6.33rc4 +CVE_CHECK_IGNORE += "CVE-2013-4588" + +# fixed-version: Fixed after version 3.8rc1 +CVE_CHECK_IGNORE += "CVE-2013-4591" + +# fixed-version: Fixed after version 3.7rc1 +CVE_CHECK_IGNORE += "CVE-2013-4592" + +# Skipping CVE-2013-4737, no affected_versions + +# Skipping CVE-2013-4738, no affected_versions + +# Skipping CVE-2013-4739, no affected_versions + +# fixed-version: Fixed after version 3.10rc5 +CVE_CHECK_IGNORE += "CVE-2013-5634" + +# fixed-version: Fixed after version 3.6rc6 +CVE_CHECK_IGNORE += "CVE-2013-6282" + +# fixed-version: Fixed after version 3.13rc4 +CVE_CHECK_IGNORE += "CVE-2013-6367" + +# fixed-version: Fixed after version 3.13rc4 +CVE_CHECK_IGNORE += "CVE-2013-6368" + +# fixed-version: Fixed after version 3.13rc4 +CVE_CHECK_IGNORE += "CVE-2013-6376" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-6378" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-6380" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-6381" + +# fixed-version: Fixed after version 3.13rc4 +CVE_CHECK_IGNORE += "CVE-2013-6382" + +# fixed-version: Fixed after version 3.12 +CVE_CHECK_IGNORE += "CVE-2013-6383" + +# Skipping CVE-2013-6392, no affected_versions + +# fixed-version: Fixed after version 3.12rc1 +CVE_CHECK_IGNORE += "CVE-2013-6431" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-6432" + +# fixed-version: Fixed after version 3.14rc1 +CVE_CHECK_IGNORE += "CVE-2013-6885" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7026" + +# fixed-version: Fixed after version 3.12rc7 +CVE_CHECK_IGNORE += "CVE-2013-7027" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7263" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7264" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7265" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7266" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7267" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7268" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7269" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7270" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7271" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7281" + +# fixed-version: Fixed after version 3.13rc7 +CVE_CHECK_IGNORE += "CVE-2013-7339" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2013-7348" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2013-7421" + +# CVE-2013-7445 has no known resolution + +# fixed-version: Fixed after version 4.4rc4 +CVE_CHECK_IGNORE += "CVE-2013-7446" + +# fixed-version: Fixed after version 3.12rc7 +CVE_CHECK_IGNORE += "CVE-2013-7470" + +# fixed-version: Fixed after version 3.14rc1 +CVE_CHECK_IGNORE += "CVE-2014-0038" + +# fixed-version: Fixed after version 3.14rc5 +CVE_CHECK_IGNORE += "CVE-2014-0049" + +# fixed-version: Fixed after version 3.14 +CVE_CHECK_IGNORE += "CVE-2014-0055" + +# fixed-version: Fixed after version 3.14rc4 +CVE_CHECK_IGNORE += "CVE-2014-0069" + +# fixed-version: Fixed after version 3.14 +CVE_CHECK_IGNORE += "CVE-2014-0077" + +# fixed-version: Fixed after version 3.14rc7 +CVE_CHECK_IGNORE += "CVE-2014-0100" + +# fixed-version: Fixed after version 3.14rc6 +CVE_CHECK_IGNORE += "CVE-2014-0101" + +# fixed-version: Fixed after version 3.14rc6 +CVE_CHECK_IGNORE += "CVE-2014-0102" + +# fixed-version: Fixed after version 3.14rc7 +CVE_CHECK_IGNORE += "CVE-2014-0131" + +# fixed-version: Fixed after version 3.15rc2 +CVE_CHECK_IGNORE += "CVE-2014-0155" + +# fixed-version: Fixed after version 3.15rc5 +CVE_CHECK_IGNORE += "CVE-2014-0181" + +# fixed-version: Fixed after version 3.15rc5 +CVE_CHECK_IGNORE += "CVE-2014-0196" + +# fixed-version: Fixed after version 2.6.33rc5 +CVE_CHECK_IGNORE += "CVE-2014-0203" + +# fixed-version: Fixed after version 2.6.37rc1 +CVE_CHECK_IGNORE += "CVE-2014-0205" + +# fixed-version: Fixed after version 3.16rc3 +CVE_CHECK_IGNORE += "CVE-2014-0206" + +# Skipping CVE-2014-0972, no affected_versions + +# fixed-version: Fixed after version 3.13 +CVE_CHECK_IGNORE += "CVE-2014-1438" + +# fixed-version: Fixed after version 3.12rc7 +CVE_CHECK_IGNORE += "CVE-2014-1444" + +# fixed-version: Fixed after version 3.12rc7 +CVE_CHECK_IGNORE += "CVE-2014-1445" + +# fixed-version: Fixed after version 3.13rc7 +CVE_CHECK_IGNORE += "CVE-2014-1446" + +# fixed-version: Fixed after version 3.13rc8 +CVE_CHECK_IGNORE += "CVE-2014-1690" + +# fixed-version: Fixed after version 3.15rc5 +CVE_CHECK_IGNORE += "CVE-2014-1737" + +# fixed-version: Fixed after version 3.15rc5 +CVE_CHECK_IGNORE += "CVE-2014-1738" + +# fixed-version: Fixed after version 3.15rc6 +CVE_CHECK_IGNORE += "CVE-2014-1739" + +# fixed-version: Fixed after version 3.14rc2 +CVE_CHECK_IGNORE += "CVE-2014-1874" + +# fixed-version: Fixed after version 3.14rc1 +CVE_CHECK_IGNORE += "CVE-2014-2038" + +# fixed-version: Fixed after version 3.14rc3 +CVE_CHECK_IGNORE += "CVE-2014-2039" + +# fixed-version: Fixed after version 3.14rc7 +CVE_CHECK_IGNORE += "CVE-2014-2309" + +# fixed-version: Fixed after version 3.14rc1 +CVE_CHECK_IGNORE += "CVE-2014-2523" + +# fixed-version: Fixed after version 3.14 +CVE_CHECK_IGNORE += "CVE-2014-2568" + +# fixed-version: Fixed after version 3.15rc1 +CVE_CHECK_IGNORE += "CVE-2014-2580" + +# fixed-version: Fixed after version 3.14rc6 +CVE_CHECK_IGNORE += "CVE-2014-2672" + +# fixed-version: Fixed after version 3.14rc6 +CVE_CHECK_IGNORE += "CVE-2014-2673" + +# fixed-version: Fixed after version 3.15rc1 +CVE_CHECK_IGNORE += "CVE-2014-2678" + +# fixed-version: Fixed after version 3.14rc6 +CVE_CHECK_IGNORE += "CVE-2014-2706" + +# fixed-version: Fixed after version 3.15rc1 +CVE_CHECK_IGNORE += "CVE-2014-2739" + +# fixed-version: Fixed after version 3.15rc2 +CVE_CHECK_IGNORE += "CVE-2014-2851" + +# fixed-version: Fixed after version 3.2rc7 +CVE_CHECK_IGNORE += "CVE-2014-2889" + +# fixed-version: Fixed after version 3.15rc1 +CVE_CHECK_IGNORE += "CVE-2014-3122" + +# fixed-version: Fixed after version 3.15rc2 +CVE_CHECK_IGNORE += "CVE-2014-3144" + +# fixed-version: Fixed after version 3.15rc2 +CVE_CHECK_IGNORE += "CVE-2014-3145" + +# fixed-version: Fixed after version 3.15 +CVE_CHECK_IGNORE += "CVE-2014-3153" + +# fixed-version: Fixed after version 3.17rc4 +CVE_CHECK_IGNORE += "CVE-2014-3180" + +# fixed-version: Fixed after version 3.17rc3 +CVE_CHECK_IGNORE += "CVE-2014-3181" + +# fixed-version: Fixed after version 3.17rc2 +CVE_CHECK_IGNORE += "CVE-2014-3182" + +# fixed-version: Fixed after version 3.17rc2 +CVE_CHECK_IGNORE += "CVE-2014-3183" + +# fixed-version: Fixed after version 3.17rc2 +CVE_CHECK_IGNORE += "CVE-2014-3184" + +# fixed-version: Fixed after version 3.17rc3 +CVE_CHECK_IGNORE += "CVE-2014-3185" + +# fixed-version: Fixed after version 3.17rc3 +CVE_CHECK_IGNORE += "CVE-2014-3186" + +# Skipping CVE-2014-3519, no affected_versions + +# fixed-version: Fixed after version 3.16rc7 +CVE_CHECK_IGNORE += "CVE-2014-3534" + +# fixed-version: Fixed after version 2.6.36rc1 +CVE_CHECK_IGNORE += "CVE-2014-3535" + +# fixed-version: Fixed after version 3.17rc2 +CVE_CHECK_IGNORE += "CVE-2014-3601" + +# fixed-version: Fixed after version 3.18rc2 +CVE_CHECK_IGNORE += "CVE-2014-3610" + +# fixed-version: Fixed after version 3.18rc2 +CVE_CHECK_IGNORE += "CVE-2014-3611" + +# fixed-version: Fixed after version 3.17rc5 +CVE_CHECK_IGNORE += "CVE-2014-3631" + +# fixed-version: Fixed after version 3.12rc1 +CVE_CHECK_IGNORE += "CVE-2014-3645" + +# fixed-version: Fixed after version 3.18rc2 +CVE_CHECK_IGNORE += "CVE-2014-3646" + +# fixed-version: Fixed after version 3.18rc2 +CVE_CHECK_IGNORE += "CVE-2014-3647" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-3673" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-3687" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-3688" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-3690" + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2014-3917" + +# fixed-version: Fixed after version 3.15 +CVE_CHECK_IGNORE += "CVE-2014-3940" + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2014-4014" + +# fixed-version: Fixed after version 3.14rc1 +CVE_CHECK_IGNORE += "CVE-2014-4027" + +# fixed-version: Fixed after version 3.15rc1 +CVE_CHECK_IGNORE += "CVE-2014-4157" + +# fixed-version: Fixed after version 3.16rc3 +CVE_CHECK_IGNORE += "CVE-2014-4171" + +# Skipping CVE-2014-4322, no affected_versions + +# Skipping CVE-2014-4323, no affected_versions + +# fixed-version: Fixed after version 3.16rc3 +CVE_CHECK_IGNORE += "CVE-2014-4508" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-4608" + +# fixed-version: Fixed after version 3.16rc3 +CVE_CHECK_IGNORE += "CVE-2014-4611" + +# fixed-version: Fixed after version 3.16rc2 +CVE_CHECK_IGNORE += "CVE-2014-4652" + +# fixed-version: Fixed after version 3.16rc2 +CVE_CHECK_IGNORE += "CVE-2014-4653" + +# fixed-version: Fixed after version 3.16rc2 +CVE_CHECK_IGNORE += "CVE-2014-4654" + +# fixed-version: Fixed after version 3.16rc2 +CVE_CHECK_IGNORE += "CVE-2014-4655" + +# fixed-version: Fixed after version 3.16rc2 +CVE_CHECK_IGNORE += "CVE-2014-4656" + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2014-4667" + +# fixed-version: Fixed after version 3.16rc4 +CVE_CHECK_IGNORE += "CVE-2014-4699" + +# fixed-version: Fixed after version 3.16rc6 +CVE_CHECK_IGNORE += "CVE-2014-4943" + +# fixed-version: Fixed after version 3.16rc7 +CVE_CHECK_IGNORE += "CVE-2014-5045" + +# fixed-version: Fixed after version 3.16 +CVE_CHECK_IGNORE += "CVE-2014-5077" + +# fixed-version: Fixed after version 3.17rc1 +CVE_CHECK_IGNORE += "CVE-2014-5206" + +# fixed-version: Fixed after version 3.17rc1 +CVE_CHECK_IGNORE += "CVE-2014-5207" + +# Skipping CVE-2014-5332, no affected_versions + +# fixed-version: Fixed after version 3.17rc2 +CVE_CHECK_IGNORE += "CVE-2014-5471" + +# fixed-version: Fixed after version 3.17rc2 +CVE_CHECK_IGNORE += "CVE-2014-5472" + +# fixed-version: Fixed after version 3.17rc5 +CVE_CHECK_IGNORE += "CVE-2014-6410" + +# fixed-version: Fixed after version 3.17rc5 +CVE_CHECK_IGNORE += "CVE-2014-6416" + +# fixed-version: Fixed after version 3.17rc5 +CVE_CHECK_IGNORE += "CVE-2014-6417" + +# fixed-version: Fixed after version 3.17rc5 +CVE_CHECK_IGNORE += "CVE-2014-6418" + +# fixed-version: Fixed after version 3.17rc2 +CVE_CHECK_IGNORE += "CVE-2014-7145" + +# Skipping CVE-2014-7207, no affected_versions + +# fixed-version: Fixed after version 3.15rc1 +CVE_CHECK_IGNORE += "CVE-2014-7283" + +# fixed-version: Fixed after version 3.15rc7 +CVE_CHECK_IGNORE += "CVE-2014-7284" + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2014-7822" + +# fixed-version: Fixed after version 3.18rc3 +CVE_CHECK_IGNORE += "CVE-2014-7825" + +# fixed-version: Fixed after version 3.18rc3 +CVE_CHECK_IGNORE += "CVE-2014-7826" + +# fixed-version: Fixed after version 3.18rc5 +CVE_CHECK_IGNORE += "CVE-2014-7841" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-7842" + +# fixed-version: Fixed after version 3.18rc5 +CVE_CHECK_IGNORE += "CVE-2014-7843" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-7970" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-7975" + +# fixed-version: Fixed after version 3.18rc3 +CVE_CHECK_IGNORE += "CVE-2014-8086" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-8133" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-8134" + +# fixed-version: Fixed after version 4.0rc7 +CVE_CHECK_IGNORE += "CVE-2014-8159" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-8160" + +# fixed-version: Fixed after version 3.12rc1 +CVE_CHECK_IGNORE += "CVE-2014-8171" + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2014-8172" + +# fixed-version: Fixed after version 3.13rc5 +CVE_CHECK_IGNORE += "CVE-2014-8173" + +# Skipping CVE-2014-8181, no affected_versions + +# fixed-version: Fixed after version 3.18rc2 +CVE_CHECK_IGNORE += "CVE-2014-8369" + +# fixed-version: Fixed after version 3.18rc2 +CVE_CHECK_IGNORE += "CVE-2014-8480" + +# fixed-version: Fixed after version 3.18rc2 +CVE_CHECK_IGNORE += "CVE-2014-8481" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-8559" + +# fixed-version: Fixed after version 3.14rc3 +CVE_CHECK_IGNORE += "CVE-2014-8709" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2014-8884" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-8989" + +# fixed-version: Fixed after version 3.18rc6 +CVE_CHECK_IGNORE += "CVE-2014-9090" + +# fixed-version: Fixed after version 3.18rc6 +CVE_CHECK_IGNORE += "CVE-2014-9322" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-9419" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-9420" + +# fixed-version: Fixed after version 3.19rc3 +CVE_CHECK_IGNORE += "CVE-2014-9428" + +# fixed-version: Fixed after version 3.19rc4 +CVE_CHECK_IGNORE += "CVE-2014-9529" + +# fixed-version: Fixed after version 3.19rc3 +CVE_CHECK_IGNORE += "CVE-2014-9584" + +# fixed-version: Fixed after version 3.19rc4 +CVE_CHECK_IGNORE += "CVE-2014-9585" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-9644" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-9683" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-9710" + +# fixed-version: Fixed after version 3.15rc1 +CVE_CHECK_IGNORE += "CVE-2014-9715" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2014-9717" + +# fixed-version: Fixed after version 3.19rc3 +CVE_CHECK_IGNORE += "CVE-2014-9728" + +# fixed-version: Fixed after version 3.19rc3 +CVE_CHECK_IGNORE += "CVE-2014-9729" + +# fixed-version: Fixed after version 3.19rc3 +CVE_CHECK_IGNORE += "CVE-2014-9730" + +# fixed-version: Fixed after version 3.19rc3 +CVE_CHECK_IGNORE += "CVE-2014-9731" + +# Skipping CVE-2014-9777, no affected_versions + +# Skipping CVE-2014-9778, no affected_versions + +# Skipping CVE-2014-9779, no affected_versions + +# Skipping CVE-2014-9780, no affected_versions + +# Skipping CVE-2014-9781, no affected_versions + +# Skipping CVE-2014-9782, no affected_versions + +# Skipping CVE-2014-9783, no affected_versions + +# Skipping CVE-2014-9784, no affected_versions + +# Skipping CVE-2014-9785, no affected_versions + +# Skipping CVE-2014-9786, no affected_versions + +# Skipping CVE-2014-9787, no affected_versions + +# Skipping CVE-2014-9788, no affected_versions + +# Skipping CVE-2014-9789, no affected_versions + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2014-9803" + +# Skipping CVE-2014-9863, no affected_versions + +# Skipping CVE-2014-9864, no affected_versions + +# Skipping CVE-2014-9865, no affected_versions + +# Skipping CVE-2014-9866, no affected_versions + +# Skipping CVE-2014-9867, no affected_versions + +# Skipping CVE-2014-9868, no affected_versions + +# Skipping CVE-2014-9869, no affected_versions + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2014-9870" + +# Skipping CVE-2014-9871, no affected_versions + +# Skipping CVE-2014-9872, no affected_versions + +# Skipping CVE-2014-9873, no affected_versions + +# Skipping CVE-2014-9874, no affected_versions + +# Skipping CVE-2014-9875, no affected_versions + +# Skipping CVE-2014-9876, no affected_versions + +# Skipping CVE-2014-9877, no affected_versions + +# Skipping CVE-2014-9878, no affected_versions + +# Skipping CVE-2014-9879, no affected_versions + +# Skipping CVE-2014-9880, no affected_versions + +# Skipping CVE-2014-9881, no affected_versions + +# Skipping CVE-2014-9882, no affected_versions + +# Skipping CVE-2014-9883, no affected_versions + +# Skipping CVE-2014-9884, no affected_versions + +# Skipping CVE-2014-9885, no affected_versions + +# Skipping CVE-2014-9886, no affected_versions + +# Skipping CVE-2014-9887, no affected_versions + +# fixed-version: Fixed after version 3.13rc1 +CVE_CHECK_IGNORE += "CVE-2014-9888" + +# Skipping CVE-2014-9889, no affected_versions + +# Skipping CVE-2014-9890, no affected_versions + +# Skipping CVE-2014-9891, no affected_versions + +# Skipping CVE-2014-9892, no affected_versions + +# Skipping CVE-2014-9893, no affected_versions + +# Skipping CVE-2014-9894, no affected_versions + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2014-9895" + +# Skipping CVE-2014-9896, no affected_versions + +# Skipping CVE-2014-9897, no affected_versions + +# Skipping CVE-2014-9898, no affected_versions + +# Skipping CVE-2014-9899, no affected_versions + +# Skipping CVE-2014-9900, no affected_versions + +# fixed-version: Fixed after version 3.14rc4 +CVE_CHECK_IGNORE += "CVE-2014-9903" + +# fixed-version: Fixed after version 3.17rc1 +CVE_CHECK_IGNORE += "CVE-2014-9904" + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2014-9914" + +# fixed-version: Fixed after version 3.18rc2 +CVE_CHECK_IGNORE += "CVE-2014-9922" + +# fixed-version: Fixed after version 3.19rc1 +CVE_CHECK_IGNORE += "CVE-2014-9940" + +# fixed-version: Fixed after version 3.19rc6 +CVE_CHECK_IGNORE += "CVE-2015-0239" + +# fixed-version: Fixed after version 3.15rc5 +CVE_CHECK_IGNORE += "CVE-2015-0274" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-0275" + +# Skipping CVE-2015-0777, no affected_versions + +# Skipping CVE-2015-1328, no affected_versions + +# fixed-version: Fixed after version 4.2rc5 +CVE_CHECK_IGNORE += "CVE-2015-1333" + +# fixed-version: Fixed after version 4.4rc5 +CVE_CHECK_IGNORE += "CVE-2015-1339" + +# fixed-version: Fixed after version 4.9rc1 +CVE_CHECK_IGNORE += "CVE-2015-1350" + +# fixed-version: Fixed after version 4.1rc7 +CVE_CHECK_IGNORE += "CVE-2015-1420" + +# fixed-version: Fixed after version 3.19rc7 +CVE_CHECK_IGNORE += "CVE-2015-1421" + +# fixed-version: Fixed after version 3.19rc7 +CVE_CHECK_IGNORE += "CVE-2015-1465" + +# fixed-version: Fixed after version 3.19rc5 +CVE_CHECK_IGNORE += "CVE-2015-1573" + +# fixed-version: Fixed after version 4.0rc1 +CVE_CHECK_IGNORE += "CVE-2015-1593" + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2015-1805" + +# fixed-version: Fixed after version 3.19rc7 +CVE_CHECK_IGNORE += "CVE-2015-2041" + +# fixed-version: Fixed after version 3.19 +CVE_CHECK_IGNORE += "CVE-2015-2042" + +# fixed-version: Fixed after version 4.0rc4 +CVE_CHECK_IGNORE += "CVE-2015-2150" + +# fixed-version: Fixed after version 4.0rc1 +CVE_CHECK_IGNORE += "CVE-2015-2666" + +# fixed-version: Fixed after version 4.0rc3 +CVE_CHECK_IGNORE += "CVE-2015-2672" + +# fixed-version: Fixed after version 4.0rc6 +CVE_CHECK_IGNORE += "CVE-2015-2686" + +# fixed-version: Fixed after version 4.0rc3 +CVE_CHECK_IGNORE += "CVE-2015-2830" + +# CVE-2015-2877 has no known resolution + +# fixed-version: Fixed after version 4.0rc7 +CVE_CHECK_IGNORE += "CVE-2015-2922" + +# fixed-version: Fixed after version 4.3rc1 +CVE_CHECK_IGNORE += "CVE-2015-2925" + +# fixed-version: Fixed after version 4.2rc1 +CVE_CHECK_IGNORE += "CVE-2015-3212" + +# fixed-version: Fixed after version 2.6.33rc8 +CVE_CHECK_IGNORE += "CVE-2015-3214" + +# fixed-version: Fixed after version 4.2rc2 +CVE_CHECK_IGNORE += "CVE-2015-3288" + +# fixed-version: Fixed after version 4.2rc3 +CVE_CHECK_IGNORE += "CVE-2015-3290" + +# fixed-version: Fixed after version 4.2rc3 +CVE_CHECK_IGNORE += "CVE-2015-3291" + +# fixed-version: Fixed after version 4.0rc5 +CVE_CHECK_IGNORE += "CVE-2015-3331" + +# Skipping CVE-2015-3332, no affected_versions + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-3339" + +# fixed-version: Fixed after version 4.1rc2 +CVE_CHECK_IGNORE += "CVE-2015-3636" + +# fixed-version: Fixed after version 4.1rc7 +CVE_CHECK_IGNORE += "CVE-2015-4001" + +# fixed-version: Fixed after version 4.1rc7 +CVE_CHECK_IGNORE += "CVE-2015-4002" + +# fixed-version: Fixed after version 4.1rc7 +CVE_CHECK_IGNORE += "CVE-2015-4003" + +# fixed-version: Fixed after version 4.3rc1 +CVE_CHECK_IGNORE += "CVE-2015-4004" + +# fixed-version: Fixed after version 4.0rc1 +CVE_CHECK_IGNORE += "CVE-2015-4036" + +# fixed-version: Fixed after version 4.0rc1 +CVE_CHECK_IGNORE += "CVE-2015-4167" + +# fixed-version: Fixed after version 3.13rc5 +CVE_CHECK_IGNORE += "CVE-2015-4170" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-4176" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-4177" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-4178" + +# fixed-version: Fixed after version 4.2rc1 +CVE_CHECK_IGNORE += "CVE-2015-4692" + +# fixed-version: Fixed after version 4.1rc6 +CVE_CHECK_IGNORE += "CVE-2015-4700" + +# fixed-version: Fixed after version 4.2rc7 +CVE_CHECK_IGNORE += "CVE-2015-5156" + +# fixed-version: Fixed after version 4.2rc3 +CVE_CHECK_IGNORE += "CVE-2015-5157" + +# fixed-version: Fixed after version 4.3rc3 +CVE_CHECK_IGNORE += "CVE-2015-5257" + +# fixed-version: Fixed after version 4.3rc3 +CVE_CHECK_IGNORE += "CVE-2015-5283" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-5307" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-5327" + +# fixed-version: Fixed after version 4.1rc7 +CVE_CHECK_IGNORE += "CVE-2015-5364" + +# fixed-version: Fixed after version 4.1rc7 +CVE_CHECK_IGNORE += "CVE-2015-5366" + +# fixed-version: Fixed after version 4.2rc6 +CVE_CHECK_IGNORE += "CVE-2015-5697" + +# fixed-version: Fixed after version 4.1rc3 +CVE_CHECK_IGNORE += "CVE-2015-5706" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-5707" + +# fixed-version: Fixed after version 4.2rc5 +CVE_CHECK_IGNORE += "CVE-2015-6252" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-6526" + +# CVE-2015-6619 has no known resolution + +# CVE-2015-6646 has no known resolution + +# fixed-version: Fixed after version 4.3rc1 +CVE_CHECK_IGNORE += "CVE-2015-6937" + +# Skipping CVE-2015-7312, no affected_versions + +# fixed-version: Fixed after version 3.7rc1 +CVE_CHECK_IGNORE += "CVE-2015-7509" + +# fixed-version: Fixed after version 4.4rc7 +CVE_CHECK_IGNORE += "CVE-2015-7513" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-7515" + +# fixed-version: Fixed after version 4.4rc8 +CVE_CHECK_IGNORE += "CVE-2015-7550" + +# Skipping CVE-2015-7553, no affected_versions + +# fixed-version: Fixed after version 4.5rc2 +CVE_CHECK_IGNORE += "CVE-2015-7566" + +# fixed-version: Fixed after version 4.3rc4 +CVE_CHECK_IGNORE += "CVE-2015-7613" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-7799" + +# fixed-version: Fixed after version 4.6rc6 +CVE_CHECK_IGNORE += "CVE-2015-7833" + +# Skipping CVE-2015-7837, no affected_versions + +# fixed-version: Fixed after version 4.3rc7 +CVE_CHECK_IGNORE += "CVE-2015-7872" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-7884" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-7885" + +# fixed-version: Fixed after version 4.4rc4 +CVE_CHECK_IGNORE += "CVE-2015-7990" + +# Skipping CVE-2015-8019, no affected_versions + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-8104" + +# fixed-version: Fixed after version 4.0rc3 +CVE_CHECK_IGNORE += "CVE-2015-8215" + +# fixed-version: Fixed after version 2.6.34rc1 +CVE_CHECK_IGNORE += "CVE-2015-8324" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-8374" + +# fixed-version: Fixed after version 4.4rc3 +CVE_CHECK_IGNORE += "CVE-2015-8539" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-8543" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-8550" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-8551" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-8552" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-8553" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-8569" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-8575" + +# fixed-version: Fixed after version 4.4rc4 +CVE_CHECK_IGNORE += "CVE-2015-8660" + +# fixed-version: Fixed after version 4.10rc1 +CVE_CHECK_IGNORE += "CVE-2015-8709" + +# fixed-version: Fixed after version 4.3rc1 +CVE_CHECK_IGNORE += "CVE-2015-8746" + +# fixed-version: Fixed after version 4.3rc4 +CVE_CHECK_IGNORE += "CVE-2015-8767" + +# fixed-version: Fixed after version 4.4rc5 +CVE_CHECK_IGNORE += "CVE-2015-8785" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-8787" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2015-8812" + +# fixed-version: Fixed after version 4.4rc6 +CVE_CHECK_IGNORE += "CVE-2015-8816" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-8830" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2015-8839" + +# fixed-version: Fixed after version 4.4rc3 +CVE_CHECK_IGNORE += "CVE-2015-8844" + +# fixed-version: Fixed after version 4.4rc3 +CVE_CHECK_IGNORE += "CVE-2015-8845" + +# Skipping CVE-2015-8937, no affected_versions + +# Skipping CVE-2015-8938, no affected_versions + +# Skipping CVE-2015-8939, no affected_versions + +# Skipping CVE-2015-8940, no affected_versions + +# Skipping CVE-2015-8941, no affected_versions + +# Skipping CVE-2015-8942, no affected_versions + +# Skipping CVE-2015-8943, no affected_versions + +# Skipping CVE-2015-8944, no affected_versions + +# fixed-version: Fixed after version 4.1rc2 +CVE_CHECK_IGNORE += "CVE-2015-8950" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2015-8952" + +# fixed-version: Fixed after version 4.3 +CVE_CHECK_IGNORE += "CVE-2015-8953" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2015-8955" + +# fixed-version: Fixed after version 4.2rc1 +CVE_CHECK_IGNORE += "CVE-2015-8956" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-8961" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2015-8962" + +# fixed-version: Fixed after version 4.4 +CVE_CHECK_IGNORE += "CVE-2015-8963" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2015-8964" + +# fixed-version: Fixed after version 4.4rc8 +CVE_CHECK_IGNORE += "CVE-2015-8966" + +# fixed-version: Fixed after version 4.0rc1 +CVE_CHECK_IGNORE += "CVE-2015-8967" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2015-8970" + +# fixed-version: Fixed after version 3.19rc7 +CVE_CHECK_IGNORE += "CVE-2015-9004" + +# fixed-version: Fixed after version 4.3rc1 +CVE_CHECK_IGNORE += "CVE-2015-9016" + +# fixed-version: Fixed after version 4.2rc1 +CVE_CHECK_IGNORE += "CVE-2015-9289" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-0617" + +# fixed-version: Fixed after version 4.5rc2 +CVE_CHECK_IGNORE += "CVE-2016-0723" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-0728" + +# fixed-version: Fixed after version 4.6 +CVE_CHECK_IGNORE += "CVE-2016-0758" + +# Skipping CVE-2016-0774, no affected_versions + +# fixed-version: Fixed after version 4.3rc1 +CVE_CHECK_IGNORE += "CVE-2016-0821" + +# fixed-version: Fixed after version 4.0rc5 +CVE_CHECK_IGNORE += "CVE-2016-0823" + +# fixed-version: Fixed after version 4.8rc7 +CVE_CHECK_IGNORE += "CVE-2016-10044" + +# fixed-version: Fixed after version 4.10rc1 +CVE_CHECK_IGNORE += "CVE-2016-10088" + +# fixed-version: Fixed after version 4.9 +CVE_CHECK_IGNORE += "CVE-2016-10147" + +# fixed-version: Fixed after version 4.9rc8 +CVE_CHECK_IGNORE += "CVE-2016-10150" + +# fixed-version: Fixed after version 4.10rc1 +CVE_CHECK_IGNORE += "CVE-2016-10153" + +# fixed-version: Fixed after version 4.10rc1 +CVE_CHECK_IGNORE += "CVE-2016-10154" + +# fixed-version: Fixed after version 4.9rc7 +CVE_CHECK_IGNORE += "CVE-2016-10200" + +# fixed-version: Fixed after version 4.10rc1 +CVE_CHECK_IGNORE += "CVE-2016-10208" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-10229" + +# fixed-version: Fixed after version 4.8rc6 +CVE_CHECK_IGNORE += "CVE-2016-10318" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2016-10723" + +# fixed-version: Fixed after version 4.10rc1 +CVE_CHECK_IGNORE += "CVE-2016-10741" + +# fixed-version: Fixed after version 4.10rc1 +CVE_CHECK_IGNORE += "CVE-2016-10764" + +# fixed-version: Fixed after version 4.8rc1 +CVE_CHECK_IGNORE += "CVE-2016-10905" + +# fixed-version: Fixed after version 4.5rc6 +CVE_CHECK_IGNORE += "CVE-2016-10906" + +# fixed-version: Fixed after version 4.9rc1 +CVE_CHECK_IGNORE += "CVE-2016-10907" + +# fixed-version: Fixed after version 4.7rc5 +CVE_CHECK_IGNORE += "CVE-2016-1237" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-1575" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-1576" + +# fixed-version: Fixed after version 4.7rc3 +CVE_CHECK_IGNORE += "CVE-2016-1583" + +# fixed-version: Fixed after version 4.3rc1 +CVE_CHECK_IGNORE += "CVE-2016-2053" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2069" + +# fixed-version: Fixed after version 4.4 +CVE_CHECK_IGNORE += "CVE-2016-2070" + +# fixed-version: Fixed after version 4.5rc4 +CVE_CHECK_IGNORE += "CVE-2016-2085" + +# fixed-version: Fixed after version 4.6rc5 +CVE_CHECK_IGNORE += "CVE-2016-2117" + +# fixed-version: Fixed after version 4.5 +CVE_CHECK_IGNORE += "CVE-2016-2143" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-2184" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-2185" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-2186" + +# fixed-version: Fixed after version 4.6rc5 +CVE_CHECK_IGNORE += "CVE-2016-2187" + +# fixed-version: Fixed after version 4.11rc2 +CVE_CHECK_IGNORE += "CVE-2016-2188" + +# fixed-version: Fixed after version 4.5rc4 +CVE_CHECK_IGNORE += "CVE-2016-2383" + +# fixed-version: Fixed after version 4.5rc4 +CVE_CHECK_IGNORE += "CVE-2016-2384" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2543" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2544" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2545" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2546" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2547" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2548" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2549" + +# fixed-version: Fixed after version 4.5rc4 +CVE_CHECK_IGNORE += "CVE-2016-2550" + +# fixed-version: Fixed after version 4.5rc2 +CVE_CHECK_IGNORE += "CVE-2016-2782" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2016-2847" + +# Skipping CVE-2016-2853, no affected_versions + +# Skipping CVE-2016-2854, no affected_versions + +# fixed-version: Fixed after version 4.5 +CVE_CHECK_IGNORE += "CVE-2016-3044" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2016-3070" + +# fixed-version: Fixed after version 4.6rc2 +CVE_CHECK_IGNORE += "CVE-2016-3134" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-3135" + +# fixed-version: Fixed after version 4.6rc3 +CVE_CHECK_IGNORE += "CVE-2016-3136" + +# fixed-version: Fixed after version 4.6rc3 +CVE_CHECK_IGNORE += "CVE-2016-3137" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-3138" + +# fixed-version: Fixed after version 3.17rc1 +CVE_CHECK_IGNORE += "CVE-2016-3139" + +# fixed-version: Fixed after version 4.6rc3 +CVE_CHECK_IGNORE += "CVE-2016-3140" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-3156" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-3157" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-3672" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-3689" + +# Skipping CVE-2016-3695, no affected_versions + +# Skipping CVE-2016-3699, no affected_versions + +# Skipping CVE-2016-3707, no affected_versions + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-3713" + +# CVE-2016-3775 has no known resolution + +# CVE-2016-3802 has no known resolution + +# CVE-2016-3803 has no known resolution + +# fixed-version: Fixed after version 4.4rc4 +CVE_CHECK_IGNORE += "CVE-2016-3841" + +# fixed-version: Fixed after version 4.8rc2 +CVE_CHECK_IGNORE += "CVE-2016-3857" + +# fixed-version: Fixed after version 4.5 +CVE_CHECK_IGNORE += "CVE-2016-3951" + +# fixed-version: Fixed after version 4.6rc3 +CVE_CHECK_IGNORE += "CVE-2016-3955" + +# fixed-version: Fixed after version 4.6rc5 +CVE_CHECK_IGNORE += "CVE-2016-3961" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-4440" + +# fixed-version: Fixed after version 4.7rc4 +CVE_CHECK_IGNORE += "CVE-2016-4470" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-4482" + +# fixed-version: Fixed after version 4.6 +CVE_CHECK_IGNORE += "CVE-2016-4485" + +# fixed-version: Fixed after version 4.6 +CVE_CHECK_IGNORE += "CVE-2016-4486" + +# fixed-version: Fixed after version 4.6rc6 +CVE_CHECK_IGNORE += "CVE-2016-4557" + +# fixed-version: Fixed after version 4.6rc7 +CVE_CHECK_IGNORE += "CVE-2016-4558" + +# fixed-version: Fixed after version 4.6rc6 +CVE_CHECK_IGNORE += "CVE-2016-4565" + +# fixed-version: Fixed after version 4.6rc6 +CVE_CHECK_IGNORE += "CVE-2016-4568" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-4569" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-4578" + +# fixed-version: Fixed after version 4.6 +CVE_CHECK_IGNORE += "CVE-2016-4580" + +# fixed-version: Fixed after version 4.6rc7 +CVE_CHECK_IGNORE += "CVE-2016-4581" + +# fixed-version: Fixed after version 4.7rc4 +CVE_CHECK_IGNORE += "CVE-2016-4794" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-4805" + +# fixed-version: Fixed after version 4.6 +CVE_CHECK_IGNORE += "CVE-2016-4913" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-4951" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-4997" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-4998" + +# fixed-version: Fixed after version 4.9rc2 +CVE_CHECK_IGNORE += "CVE-2016-5195" + +# fixed-version: Fixed after version 4.7rc3 +CVE_CHECK_IGNORE += "CVE-2016-5243" + +# fixed-version: Fixed after version 4.7rc3 +CVE_CHECK_IGNORE += "CVE-2016-5244" + +# Skipping CVE-2016-5340, no affected_versions + +# Skipping CVE-2016-5342, no affected_versions + +# Skipping CVE-2016-5343, no affected_versions + +# Skipping CVE-2016-5344, no affected_versions + +# fixed-version: Fixed after version 4.7 +CVE_CHECK_IGNORE += "CVE-2016-5400" + +# fixed-version: Fixed after version 4.8rc1 +CVE_CHECK_IGNORE += "CVE-2016-5412" + +# fixed-version: Fixed after version 4.7 +CVE_CHECK_IGNORE += "CVE-2016-5696" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-5728" + +# fixed-version: Fixed after version 4.7rc6 +CVE_CHECK_IGNORE += "CVE-2016-5828" + +# fixed-version: Fixed after version 4.7rc5 +CVE_CHECK_IGNORE += "CVE-2016-5829" + +# CVE-2016-5870 has no known resolution + +# fixed-version: Fixed after version 4.6rc6 +CVE_CHECK_IGNORE += "CVE-2016-6130" + +# fixed-version: Fixed after version 4.8rc1 +CVE_CHECK_IGNORE += "CVE-2016-6136" + +# fixed-version: Fixed after version 4.7rc7 +CVE_CHECK_IGNORE += "CVE-2016-6156" + +# fixed-version: Fixed after version 4.7 +CVE_CHECK_IGNORE += "CVE-2016-6162" + +# fixed-version: Fixed after version 4.7rc7 +CVE_CHECK_IGNORE += "CVE-2016-6187" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-6197" + +# fixed-version: Fixed after version 4.6 +CVE_CHECK_IGNORE += "CVE-2016-6198" + +# fixed-version: Fixed after version 4.9rc1 +CVE_CHECK_IGNORE += "CVE-2016-6213" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-6327" + +# fixed-version: Fixed after version 4.8rc3 +CVE_CHECK_IGNORE += "CVE-2016-6480" + +# fixed-version: Fixed after version 4.8rc1 +CVE_CHECK_IGNORE += "CVE-2016-6516" + +# Skipping CVE-2016-6753, no affected_versions + +# fixed-version: Fixed after version 4.0rc1 +CVE_CHECK_IGNORE += "CVE-2016-6786" + +# fixed-version: Fixed after version 4.0rc1 +CVE_CHECK_IGNORE += "CVE-2016-6787" + +# fixed-version: Fixed after version 4.8rc5 +CVE_CHECK_IGNORE += "CVE-2016-6828" + +# fixed-version: Fixed after version 4.9rc4 +CVE_CHECK_IGNORE += "CVE-2016-7039" + +# fixed-version: Fixed after version 4.9rc3 +CVE_CHECK_IGNORE += "CVE-2016-7042" + +# fixed-version: Fixed after version 4.9rc1 +CVE_CHECK_IGNORE += "CVE-2016-7097" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-7117" + +# Skipping CVE-2016-7118, no affected_versions + +# fixed-version: Fixed after version 4.9rc1 +CVE_CHECK_IGNORE += "CVE-2016-7425" + +# fixed-version: Fixed after version 4.8rc1 +CVE_CHECK_IGNORE += "CVE-2016-7910" + +# fixed-version: Fixed after version 4.7rc7 +CVE_CHECK_IGNORE += "CVE-2016-7911" + +# fixed-version: Fixed after version 4.6rc5 +CVE_CHECK_IGNORE += "CVE-2016-7912" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-7913" + +# fixed-version: Fixed after version 4.6rc4 +CVE_CHECK_IGNORE += "CVE-2016-7914" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-7915" + +# fixed-version: Fixed after version 4.6rc7 +CVE_CHECK_IGNORE += "CVE-2016-7916" + +# fixed-version: Fixed after version 4.5rc6 +CVE_CHECK_IGNORE += "CVE-2016-7917" + +# fixed-version: Fixed after version 4.9 +CVE_CHECK_IGNORE += "CVE-2016-8399" + +# Skipping CVE-2016-8401, no affected_versions + +# Skipping CVE-2016-8402, no affected_versions + +# Skipping CVE-2016-8403, no affected_versions + +# Skipping CVE-2016-8404, no affected_versions + +# fixed-version: Fixed after version 4.10rc6 +CVE_CHECK_IGNORE += "CVE-2016-8405" + +# Skipping CVE-2016-8406, no affected_versions + +# Skipping CVE-2016-8407, no affected_versions + +# fixed-version: Fixed after version 4.9rc4 +CVE_CHECK_IGNORE += "CVE-2016-8630" + +# fixed-version: Fixed after version 4.9rc8 +CVE_CHECK_IGNORE += "CVE-2016-8632" + +# fixed-version: Fixed after version 4.9rc4 +CVE_CHECK_IGNORE += "CVE-2016-8633" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2016-8636" + +# fixed-version: Fixed after version 4.9rc6 +CVE_CHECK_IGNORE += "CVE-2016-8645" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2016-8646" + +# fixed-version: Fixed after version 4.9rc7 +CVE_CHECK_IGNORE += "CVE-2016-8650" + +# fixed-version: Fixed after version 4.9rc8 +CVE_CHECK_IGNORE += "CVE-2016-8655" + +# fixed-version: Fixed after version 4.8rc7 +CVE_CHECK_IGNORE += "CVE-2016-8658" + +# CVE-2016-8660 has no known resolution + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-8666" + +# fixed-version: Fixed after version 4.9rc4 +CVE_CHECK_IGNORE += "CVE-2016-9083" + +# fixed-version: Fixed after version 4.9rc4 +CVE_CHECK_IGNORE += "CVE-2016-9084" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-9120" + +# fixed-version: Fixed after version 4.8rc7 +CVE_CHECK_IGNORE += "CVE-2016-9178" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2016-9191" + +# fixed-version: Fixed after version 4.9rc3 +CVE_CHECK_IGNORE += "CVE-2016-9313" + +# fixed-version: Fixed after version 4.9rc4 +CVE_CHECK_IGNORE += "CVE-2016-9555" + +# fixed-version: Fixed after version 4.9 +CVE_CHECK_IGNORE += "CVE-2016-9576" + +# fixed-version: Fixed after version 4.10rc1 +CVE_CHECK_IGNORE += "CVE-2016-9588" + +# fixed-version: Fixed after version 4.11rc8 +CVE_CHECK_IGNORE += "CVE-2016-9604" + +# Skipping CVE-2016-9644, no affected_versions + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2016-9685" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-9754" + +# fixed-version: Fixed after version 4.9rc8 +CVE_CHECK_IGNORE += "CVE-2016-9755" + +# fixed-version: Fixed after version 4.9rc7 +CVE_CHECK_IGNORE += "CVE-2016-9756" + +# fixed-version: Fixed after version 4.9rc7 +CVE_CHECK_IGNORE += "CVE-2016-9777" + +# fixed-version: Fixed after version 4.9rc8 +CVE_CHECK_IGNORE += "CVE-2016-9793" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-9794" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2016-9806" + +# fixed-version: Fixed after version 4.9rc8 +CVE_CHECK_IGNORE += "CVE-2016-9919" + +# Skipping CVE-2017-0403, no affected_versions + +# Skipping CVE-2017-0404, no affected_versions + +# Skipping CVE-2017-0426, no affected_versions + +# Skipping CVE-2017-0427, no affected_versions + +# CVE-2017-0507 has no known resolution + +# CVE-2017-0508 has no known resolution + +# Skipping CVE-2017-0510, no affected_versions + +# Skipping CVE-2017-0528, no affected_versions + +# Skipping CVE-2017-0537, no affected_versions + +# CVE-2017-0564 has no known resolution + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-0605" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2017-0627" + +# CVE-2017-0630 has no known resolution + +# CVE-2017-0749 has no known resolution + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2017-0750" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2017-0786" + +# fixed-version: Fixed after version 4.15rc3 +CVE_CHECK_IGNORE += "CVE-2017-0861" + +# fixed-version: Fixed after version 4.13rc5 +CVE_CHECK_IGNORE += "CVE-2017-1000" + +# fixed-version: Fixed after version 4.13rc5 +CVE_CHECK_IGNORE += "CVE-2017-1000111" + +# fixed-version: Fixed after version 4.13rc5 +CVE_CHECK_IGNORE += "CVE-2017-1000112" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2017-1000251" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2017-1000252" + +# fixed-version: Fixed after version 4.1rc1 +CVE_CHECK_IGNORE += "CVE-2017-1000253" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-1000255" + +# fixed-version: Fixed after version 4.12rc2 +CVE_CHECK_IGNORE += "CVE-2017-1000363" + +# fixed-version: Fixed after version 4.12rc6 +CVE_CHECK_IGNORE += "CVE-2017-1000364" + +# fixed-version: Fixed after version 4.12rc7 +CVE_CHECK_IGNORE += "CVE-2017-1000365" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-1000370" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-1000371" + +# fixed-version: Fixed after version 4.12rc6 +CVE_CHECK_IGNORE += "CVE-2017-1000379" + +# fixed-version: Fixed after version 4.12rc5 +CVE_CHECK_IGNORE += "CVE-2017-1000380" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2017-1000405" + +# fixed-version: Fixed after version 4.15rc3 +CVE_CHECK_IGNORE += "CVE-2017-1000407" + +# fixed-version: Fixed after version 4.15rc8 +CVE_CHECK_IGNORE += "CVE-2017-1000410" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-10661" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-10662" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-10663" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-10810" + +# fixed-version: Fixed after version 4.12rc7 +CVE_CHECK_IGNORE += "CVE-2017-10911" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-11089" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-11176" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-11472" + +# fixed-version: Fixed after version 4.13rc2 +CVE_CHECK_IGNORE += "CVE-2017-11473" + +# fixed-version: Fixed after version 4.13 +CVE_CHECK_IGNORE += "CVE-2017-11600" + +# fixed-version: Fixed after version 4.13rc6 +CVE_CHECK_IGNORE += "CVE-2017-12134" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-12146" + +# fixed-version: Fixed after version 4.14rc2 +CVE_CHECK_IGNORE += "CVE-2017-12153" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2017-12154" + +# fixed-version: Fixed after version 4.9rc6 +CVE_CHECK_IGNORE += "CVE-2017-12168" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-12188" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-12190" + +# fixed-version: Fixed after version 4.14rc3 +CVE_CHECK_IGNORE += "CVE-2017-12192" + +# fixed-version: Fixed after version 4.14rc7 +CVE_CHECK_IGNORE += "CVE-2017-12193" + +# fixed-version: Fixed after version 4.13rc4 +CVE_CHECK_IGNORE += "CVE-2017-12762" + +# fixed-version: Fixed after version 4.14rc6 +CVE_CHECK_IGNORE += "CVE-2017-13080" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2017-13166" + +# fixed-version: Fixed after version 4.5rc4 +CVE_CHECK_IGNORE += "CVE-2017-13167" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2017-13168" + +# fixed-version: Fixed after version 4.5rc1 +CVE_CHECK_IGNORE += "CVE-2017-13215" + +# fixed-version: Fixed after version 4.15rc8 +CVE_CHECK_IGNORE += "CVE-2017-13216" + +# fixed-version: Fixed after version 3.19rc3 +CVE_CHECK_IGNORE += "CVE-2017-13220" + +# CVE-2017-13221 has no known resolution + +# CVE-2017-13222 has no known resolution + +# fixed-version: Fixed after version 4.12rc5 +CVE_CHECK_IGNORE += "CVE-2017-13305" + +# fixed-version: Fixed after version 4.13rc7 +CVE_CHECK_IGNORE += "CVE-2017-13686" + +# CVE-2017-13693 has no known resolution + +# CVE-2017-13694 has no known resolution + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2017-13695" + +# fixed-version: Fixed after version 4.3rc1 +CVE_CHECK_IGNORE += "CVE-2017-13715" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2017-14051" + +# fixed-version: Fixed after version 4.12rc3 +CVE_CHECK_IGNORE += "CVE-2017-14106" + +# fixed-version: Fixed after version 4.13rc6 +CVE_CHECK_IGNORE += "CVE-2017-14140" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2017-14156" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2017-14340" + +# fixed-version: Fixed after version 4.14rc3 +CVE_CHECK_IGNORE += "CVE-2017-14489" + +# fixed-version: Fixed after version 4.13 +CVE_CHECK_IGNORE += "CVE-2017-14497" + +# fixed-version: Fixed after version 4.14rc3 +CVE_CHECK_IGNORE += "CVE-2017-14954" + +# fixed-version: Fixed after version 4.14rc2 +CVE_CHECK_IGNORE += "CVE-2017-14991" + +# fixed-version: Fixed after version 4.9rc1 +CVE_CHECK_IGNORE += "CVE-2017-15102" + +# fixed-version: Fixed after version 4.14rc6 +CVE_CHECK_IGNORE += "CVE-2017-15115" + +# fixed-version: Fixed after version 4.2rc1 +CVE_CHECK_IGNORE += "CVE-2017-15116" + +# fixed-version: Fixed after version 3.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-15121" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2017-15126" + +# fixed-version: Fixed after version 4.13rc5 +CVE_CHECK_IGNORE += "CVE-2017-15127" + +# fixed-version: Fixed after version 4.14rc8 +CVE_CHECK_IGNORE += "CVE-2017-15128" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-15129" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-15265" + +# fixed-version: Fixed after version 4.12rc5 +CVE_CHECK_IGNORE += "CVE-2017-15274" + +# fixed-version: Fixed after version 4.14rc6 +CVE_CHECK_IGNORE += "CVE-2017-15299" + +# fixed-version: Fixed after version 4.14rc7 +CVE_CHECK_IGNORE += "CVE-2017-15306" + +# fixed-version: Fixed after version 4.14rc3 +CVE_CHECK_IGNORE += "CVE-2017-15537" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2017-15649" + +# fixed-version: Fixed after version 3.19rc3 +CVE_CHECK_IGNORE += "CVE-2017-15868" + +# fixed-version: Fixed after version 4.14rc6 +CVE_CHECK_IGNORE += "CVE-2017-15951" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-16525" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2017-16526" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-16527" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2017-16528" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2017-16529" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2017-16530" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2017-16531" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-16532" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-16533" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2017-16534" + +# fixed-version: Fixed after version 4.14rc6 +CVE_CHECK_IGNORE += "CVE-2017-16535" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-16536" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-16537" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2017-16538" + +# fixed-version: Fixed after version 4.14rc7 +CVE_CHECK_IGNORE += "CVE-2017-16643" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2017-16644" + +# fixed-version: Fixed after version 4.14rc6 +CVE_CHECK_IGNORE += "CVE-2017-16645" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-16646" + +# fixed-version: Fixed after version 4.14 +CVE_CHECK_IGNORE += "CVE-2017-16647" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-16648" + +# fixed-version: Fixed after version 4.14 +CVE_CHECK_IGNORE += "CVE-2017-16649" + +# fixed-version: Fixed after version 4.14 +CVE_CHECK_IGNORE += "CVE-2017-16650" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-16911" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-16912" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-16913" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-16914" + +# fixed-version: Fixed after version 4.14rc7 +CVE_CHECK_IGNORE += "CVE-2017-16939" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-16994" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-16995" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-16996" + +# fixed-version: Fixed after version 4.13rc7 +CVE_CHECK_IGNORE += "CVE-2017-17052" + +# fixed-version: Fixed after version 4.13rc7 +CVE_CHECK_IGNORE += "CVE-2017-17053" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-17448" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-17449" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-17450" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-17558" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-17712" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17741" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-17805" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-17806" + +# fixed-version: Fixed after version 4.15rc3 +CVE_CHECK_IGNORE += "CVE-2017-17807" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17852" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17853" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17854" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17855" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17856" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17857" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-17862" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17863" + +# fixed-version: Fixed after version 4.15rc5 +CVE_CHECK_IGNORE += "CVE-2017-17864" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2017-17975" + +# fixed-version: Fixed after version 4.11rc7 +CVE_CHECK_IGNORE += "CVE-2017-18017" + +# fixed-version: Fixed after version 4.15rc7 +CVE_CHECK_IGNORE += "CVE-2017-18075" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-18079" + +# CVE-2017-18169 has no known resolution + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2017-18174" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-18193" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-18200" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2017-18202" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-18203" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-18204" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2017-18208" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-18216" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-18218" + +# fixed-version: Fixed after version 4.12rc4 +CVE_CHECK_IGNORE += "CVE-2017-18221" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-18222" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-18224" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2017-18232" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-18241" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-18249" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-18255" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-18257" + +# fixed-version: Fixed after version 4.13rc6 +CVE_CHECK_IGNORE += "CVE-2017-18261" + +# fixed-version: Fixed after version 4.14rc3 +CVE_CHECK_IGNORE += "CVE-2017-18270" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2017-18344" + +# fixed-version: Fixed after version 4.12rc2 +CVE_CHECK_IGNORE += "CVE-2017-18360" + +# fixed-version: Fixed after version 4.14rc3 +CVE_CHECK_IGNORE += "CVE-2017-18379" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-18509" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-18549" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-18550" + +# fixed-version: Fixed after version 4.15rc9 +CVE_CHECK_IGNORE += "CVE-2017-18551" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-18552" + +# fixed-version: Fixed after version 4.15rc6 +CVE_CHECK_IGNORE += "CVE-2017-18595" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2017-2583" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2017-2584" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-2596" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2017-2618" + +# fixed-version: Fixed after version 2.6.25rc1 +CVE_CHECK_IGNORE += "CVE-2017-2634" + +# fixed-version: Fixed after version 4.11rc2 +CVE_CHECK_IGNORE += "CVE-2017-2636" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2017-2647" + +# fixed-version: Fixed after version 4.11rc6 +CVE_CHECK_IGNORE += "CVE-2017-2671" + +# fixed-version: Fixed after version 4.14rc5 +CVE_CHECK_IGNORE += "CVE-2017-5123" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2017-5546" + +# fixed-version: Fixed after version 4.10rc5 +CVE_CHECK_IGNORE += "CVE-2017-5547" + +# fixed-version: Fixed after version 4.10rc5 +CVE_CHECK_IGNORE += "CVE-2017-5548" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2017-5549" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2017-5550" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2017-5551" + +# fixed-version: Fixed after version 4.10rc6 +CVE_CHECK_IGNORE += "CVE-2017-5576" + +# fixed-version: Fixed after version 4.10rc6 +CVE_CHECK_IGNORE += "CVE-2017-5577" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-5669" + +# fixed-version: Fixed after version 4.15rc8 +CVE_CHECK_IGNORE += "CVE-2017-5715" + +# fixed-version: Fixed after version 4.15rc8 +CVE_CHECK_IGNORE += "CVE-2017-5753" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2017-5754" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2017-5897" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-5967" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2017-5970" + +# fixed-version: Fixed after version 4.4rc1 +CVE_CHECK_IGNORE += "CVE-2017-5972" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2017-5986" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2017-6001" + +# fixed-version: Fixed after version 4.10 +CVE_CHECK_IGNORE += "CVE-2017-6074" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2017-6214" + +# fixed-version: Fixed after version 4.10 +CVE_CHECK_IGNORE += "CVE-2017-6345" + +# fixed-version: Fixed after version 4.10 +CVE_CHECK_IGNORE += "CVE-2017-6346" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-6347" + +# fixed-version: Fixed after version 4.10 +CVE_CHECK_IGNORE += "CVE-2017-6348" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-6353" + +# fixed-version: Fixed after version 4.11rc2 +CVE_CHECK_IGNORE += "CVE-2017-6874" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2017-6951" + +# fixed-version: Fixed after version 4.11rc5 +CVE_CHECK_IGNORE += "CVE-2017-7184" + +# fixed-version: Fixed after version 4.11rc5 +CVE_CHECK_IGNORE += "CVE-2017-7187" + +# fixed-version: Fixed after version 4.11rc6 +CVE_CHECK_IGNORE += "CVE-2017-7261" + +# fixed-version: Fixed after version 4.10rc4 +CVE_CHECK_IGNORE += "CVE-2017-7273" + +# fixed-version: Fixed after version 4.11rc4 +CVE_CHECK_IGNORE += "CVE-2017-7277" + +# fixed-version: Fixed after version 4.11rc6 +CVE_CHECK_IGNORE += "CVE-2017-7294" + +# fixed-version: Fixed after version 4.11rc6 +CVE_CHECK_IGNORE += "CVE-2017-7308" + +# fixed-version: Fixed after version 4.12rc5 +CVE_CHECK_IGNORE += "CVE-2017-7346" + +# CVE-2017-7369 has no known resolution + +# fixed-version: Fixed after version 4.11rc4 +CVE_CHECK_IGNORE += "CVE-2017-7374" + +# fixed-version: Fixed after version 4.11rc8 +CVE_CHECK_IGNORE += "CVE-2017-7472" + +# fixed-version: Fixed after version 4.11 +CVE_CHECK_IGNORE += "CVE-2017-7477" + +# fixed-version: Fixed after version 4.12rc7 +CVE_CHECK_IGNORE += "CVE-2017-7482" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-7487" + +# fixed-version: Fixed after version 4.7rc1 +CVE_CHECK_IGNORE += "CVE-2017-7495" + +# fixed-version: Fixed after version 4.12rc7 +CVE_CHECK_IGNORE += "CVE-2017-7518" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-7533" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-7541" + +# fixed-version: Fixed after version 4.13rc2 +CVE_CHECK_IGNORE += "CVE-2017-7542" + +# fixed-version: Fixed after version 4.13 +CVE_CHECK_IGNORE += "CVE-2017-7558" + +# fixed-version: Fixed after version 4.11rc6 +CVE_CHECK_IGNORE += "CVE-2017-7616" + +# fixed-version: Fixed after version 4.11rc8 +CVE_CHECK_IGNORE += "CVE-2017-7618" + +# fixed-version: Fixed after version 4.11 +CVE_CHECK_IGNORE += "CVE-2017-7645" + +# fixed-version: Fixed after version 4.11rc7 +CVE_CHECK_IGNORE += "CVE-2017-7889" + +# fixed-version: Fixed after version 4.11 +CVE_CHECK_IGNORE += "CVE-2017-7895" + +# fixed-version: Fixed after version 4.11rc8 +CVE_CHECK_IGNORE += "CVE-2017-7979" + +# fixed-version: Fixed after version 4.11rc4 +CVE_CHECK_IGNORE += "CVE-2017-8061" + +# fixed-version: Fixed after version 4.11rc2 +CVE_CHECK_IGNORE += "CVE-2017-8062" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-8063" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-8064" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-8065" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-8066" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2017-8067" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2017-8068" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2017-8069" + +# fixed-version: Fixed after version 4.10rc8 +CVE_CHECK_IGNORE += "CVE-2017-8070" + +# fixed-version: Fixed after version 4.10rc7 +CVE_CHECK_IGNORE += "CVE-2017-8071" + +# fixed-version: Fixed after version 4.10rc7 +CVE_CHECK_IGNORE += "CVE-2017-8072" + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2017-8106" + +# fixed-version: Fixed after version 3.19rc6 +CVE_CHECK_IGNORE += "CVE-2017-8240" + +# CVE-2017-8242 has no known resolution + +# CVE-2017-8244 has no known resolution + +# CVE-2017-8245 has no known resolution + +# CVE-2017-8246 has no known resolution + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-8797" + +# fixed-version: Fixed after version 4.15rc3 +CVE_CHECK_IGNORE += "CVE-2017-8824" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-8831" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-8890" + +# fixed-version: Fixed after version 4.11rc2 +CVE_CHECK_IGNORE += "CVE-2017-8924" + +# fixed-version: Fixed after version 4.11rc2 +CVE_CHECK_IGNORE += "CVE-2017-8925" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-9059" + +# fixed-version: Fixed after version 4.12rc2 +CVE_CHECK_IGNORE += "CVE-2017-9074" + +# fixed-version: Fixed after version 4.12rc2 +CVE_CHECK_IGNORE += "CVE-2017-9075" + +# fixed-version: Fixed after version 4.12rc2 +CVE_CHECK_IGNORE += "CVE-2017-9076" + +# fixed-version: Fixed after version 4.12rc2 +CVE_CHECK_IGNORE += "CVE-2017-9077" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2017-9150" + +# fixed-version: Fixed after version 4.12rc3 +CVE_CHECK_IGNORE += "CVE-2017-9211" + +# fixed-version: Fixed after version 4.12rc3 +CVE_CHECK_IGNORE += "CVE-2017-9242" + +# fixed-version: Fixed after version 4.12rc5 +CVE_CHECK_IGNORE += "CVE-2017-9605" + +# fixed-version: Fixed after version 4.3rc7 +CVE_CHECK_IGNORE += "CVE-2017-9725" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-9984" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2017-9985" + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2017-9986" + +# fixed-version: Fixed after version 4.15rc9 +CVE_CHECK_IGNORE += "CVE-2018-1000004" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2018-1000026" + +# fixed-version: Fixed after version 4.15 +CVE_CHECK_IGNORE += "CVE-2018-1000028" + +# fixed-version: Fixed after version 4.16 +CVE_CHECK_IGNORE += "CVE-2018-1000199" + +# fixed-version: Fixed after version 4.17rc5 +CVE_CHECK_IGNORE += "CVE-2018-1000200" + +# fixed-version: Fixed after version 4.17rc7 +CVE_CHECK_IGNORE += "CVE-2018-1000204" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2018-10021" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2018-10074" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2018-10087" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2018-10124" + +# fixed-version: Fixed after version 4.17rc4 +CVE_CHECK_IGNORE += "CVE-2018-10322" + +# fixed-version: Fixed after version 4.17rc4 +CVE_CHECK_IGNORE += "CVE-2018-10323" + +# fixed-version: Fixed after version 4.16rc3 +CVE_CHECK_IGNORE += "CVE-2018-1065" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2018-1066" + +# fixed-version: Fixed after version 4.13rc6 +CVE_CHECK_IGNORE += "CVE-2018-10675" + +# fixed-version: Fixed after version 4.16rc5 +CVE_CHECK_IGNORE += "CVE-2018-1068" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-10840" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-10853" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2018-1087" + +# CVE-2018-10872 has no known resolution + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-10876" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-10877" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-10878" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-10879" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-10880" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-10881" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-10882" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-10883" + +# fixed-version: Fixed after version 2.6.36rc1 +CVE_CHECK_IGNORE += "CVE-2018-10901" + +# fixed-version: Fixed after version 4.18rc6 +CVE_CHECK_IGNORE += "CVE-2018-10902" + +# fixed-version: Fixed after version 4.14rc2 +CVE_CHECK_IGNORE += "CVE-2018-1091" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2018-1092" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2018-1093" + +# fixed-version: Fixed after version 4.13rc5 +CVE_CHECK_IGNORE += "CVE-2018-10938" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2018-1094" + +# fixed-version: Fixed after version 4.17rc3 +CVE_CHECK_IGNORE += "CVE-2018-10940" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2018-1095" + +# fixed-version: Fixed after version 4.17rc2 +CVE_CHECK_IGNORE += "CVE-2018-1108" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-1118" + +# fixed-version: Fixed after version 4.17rc6 +CVE_CHECK_IGNORE += "CVE-2018-1120" + +# CVE-2018-1121 has no known resolution + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2018-11232" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-1128" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-1129" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2018-1130" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-11412" + +# fixed-version: Fixed after version 4.17rc7 +CVE_CHECK_IGNORE += "CVE-2018-11506" + +# fixed-version: Fixed after version 4.17rc5 +CVE_CHECK_IGNORE += "CVE-2018-11508" + +# CVE-2018-11987 has no known resolution + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2018-12126" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2018-12127" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2018-12130" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2018-12207" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-12232" + +# fixed-version: Fixed after version 4.18rc2 +CVE_CHECK_IGNORE += "CVE-2018-12233" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-12633" + +# fixed-version: Fixed after version 4.18rc2 +CVE_CHECK_IGNORE += "CVE-2018-12714" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-12896" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-12904" + +# CVE-2018-12928 has no known resolution + +# CVE-2018-12929 has no known resolution + +# CVE-2018-12930 has no known resolution + +# CVE-2018-12931 has no known resolution + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-13053" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-13093" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-13094" + +# fixed-version: Fixed after version 4.18rc3 +CVE_CHECK_IGNORE += "CVE-2018-13095" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-13096" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-13097" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-13098" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-13099" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-13100" + +# fixed-version: Fixed after version 4.18rc4 +CVE_CHECK_IGNORE += "CVE-2018-13405" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-13406" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14609" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14610" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14611" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14612" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14613" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14614" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14615" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14616" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-14617" + +# fixed-version: Fixed after version 4.15rc4 +CVE_CHECK_IGNORE += "CVE-2018-14619" + +# fixed-version: Fixed after version 4.20rc6 +CVE_CHECK_IGNORE += "CVE-2018-14625" + +# fixed-version: Fixed after version 4.19rc6 +CVE_CHECK_IGNORE += "CVE-2018-14633" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2018-14634" + +# fixed-version: Fixed after version 4.19rc4 +CVE_CHECK_IGNORE += "CVE-2018-14641" + +# fixed-version: Fixed after version 4.15rc8 +CVE_CHECK_IGNORE += "CVE-2018-14646" + +# fixed-version: Fixed after version 4.19rc2 +CVE_CHECK_IGNORE += "CVE-2018-14656" + +# fixed-version: Fixed after version 4.18rc8 +CVE_CHECK_IGNORE += "CVE-2018-14678" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-14734" + +# fixed-version: Fixed after version 4.19rc7 +CVE_CHECK_IGNORE += "CVE-2018-15471" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-15572" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-15594" + +# fixed-version: Fixed after version 4.18rc5 +CVE_CHECK_IGNORE += "CVE-2018-16276" + +# fixed-version: Fixed after version 4.8rc1 +CVE_CHECK_IGNORE += "CVE-2018-16597" + +# fixed-version: Fixed after version 4.19rc2 +CVE_CHECK_IGNORE += "CVE-2018-16658" + +# fixed-version: Fixed after version 4.20rc5 +CVE_CHECK_IGNORE += "CVE-2018-16862" + +# fixed-version: Fixed after version 4.20rc3 +CVE_CHECK_IGNORE += "CVE-2018-16871" + +# fixed-version: Fixed after version 5.0rc5 +CVE_CHECK_IGNORE += "CVE-2018-16880" + +# fixed-version: Fixed after version 4.20 +CVE_CHECK_IGNORE += "CVE-2018-16882" + +# fixed-version: Fixed after version 5.0rc1 +CVE_CHECK_IGNORE += "CVE-2018-16884" + +# CVE-2018-16885 has no known resolution + +# fixed-version: Fixed after version 4.19rc4 +CVE_CHECK_IGNORE += "CVE-2018-17182" + +# fixed-version: Fixed after version 4.19rc7 +CVE_CHECK_IGNORE += "CVE-2018-17972" + +# CVE-2018-17977 has no known resolution + +# fixed-version: Fixed after version 4.19rc7 +CVE_CHECK_IGNORE += "CVE-2018-18021" + +# fixed-version: Fixed after version 4.19 +CVE_CHECK_IGNORE += "CVE-2018-18281" + +# fixed-version: Fixed after version 4.15rc6 +CVE_CHECK_IGNORE += "CVE-2018-18386" + +# fixed-version: Fixed after version 4.20rc5 +CVE_CHECK_IGNORE += "CVE-2018-18397" + +# fixed-version: Fixed after version 4.19rc7 +CVE_CHECK_IGNORE += "CVE-2018-18445" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2018-18559" + +# CVE-2018-18653 has no known resolution + +# fixed-version: Fixed after version 4.17rc4 +CVE_CHECK_IGNORE += "CVE-2018-18690" + +# fixed-version: Fixed after version 4.20rc1 +CVE_CHECK_IGNORE += "CVE-2018-18710" + +# fixed-version: Fixed after version 4.20rc2 +CVE_CHECK_IGNORE += "CVE-2018-18955" + +# fixed-version: Fixed after version 4.20rc5 +CVE_CHECK_IGNORE += "CVE-2018-19406" + +# fixed-version: Fixed after version 4.20rc5 +CVE_CHECK_IGNORE += "CVE-2018-19407" + +# fixed-version: Fixed after version 4.20rc6 +CVE_CHECK_IGNORE += "CVE-2018-19824" + +# fixed-version: Fixed after version 4.20rc3 +CVE_CHECK_IGNORE += "CVE-2018-19854" + +# fixed-version: Fixed after version 4.20 +CVE_CHECK_IGNORE += "CVE-2018-19985" + +# fixed-version: Fixed after version 4.20rc6 +CVE_CHECK_IGNORE += "CVE-2018-20169" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2018-20449" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2018-20509" + +# fixed-version: Fixed after version 4.16rc3 +CVE_CHECK_IGNORE += "CVE-2018-20510" + +# fixed-version: Fixed after version 4.19rc5 +CVE_CHECK_IGNORE += "CVE-2018-20511" + +# fixed-version: Fixed after version 5.0rc1 +CVE_CHECK_IGNORE += "CVE-2018-20669" + +# fixed-version: Fixed after version 5.0rc1 +CVE_CHECK_IGNORE += "CVE-2018-20784" + +# fixed-version: Fixed after version 4.20rc1 +CVE_CHECK_IGNORE += "CVE-2018-20836" + +# fixed-version: Fixed after version 4.20rc1 +CVE_CHECK_IGNORE += "CVE-2018-20854" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-20855" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-20856" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2018-20961" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-20976" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2018-21008" + +# fixed-version: Fixed after version 4.15rc9 +CVE_CHECK_IGNORE += "CVE-2018-25015" + +# fixed-version: Fixed after version 4.17rc7 +CVE_CHECK_IGNORE += "CVE-2018-25020" + +# CVE-2018-3574 has no known resolution + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-3620" + +# fixed-version: Fixed after version 4.17rc7 +CVE_CHECK_IGNORE += "CVE-2018-3639" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-3646" + +# fixed-version: Fixed after version 3.7rc1 +CVE_CHECK_IGNORE += "CVE-2018-3665" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-3693" + +# fixed-version: Fixed after version 4.15rc8 +CVE_CHECK_IGNORE += "CVE-2018-5332" + +# fixed-version: Fixed after version 4.15rc8 +CVE_CHECK_IGNORE += "CVE-2018-5333" + +# fixed-version: Fixed after version 4.15rc8 +CVE_CHECK_IGNORE += "CVE-2018-5344" + +# fixed-version: Fixed after version 4.18rc7 +CVE_CHECK_IGNORE += "CVE-2018-5390" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-5391" + +# fixed-version: Fixed after version 4.16rc5 +CVE_CHECK_IGNORE += "CVE-2018-5703" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2018-5750" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2018-5803" + +# fixed-version: Fixed after version 4.17rc6 +CVE_CHECK_IGNORE += "CVE-2018-5814" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2018-5848" + +# Skipping CVE-2018-5856, no affected_versions + +# fixed-version: Fixed after version 4.11rc8 +CVE_CHECK_IGNORE += "CVE-2018-5873" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2018-5953" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2018-5995" + +# fixed-version: Fixed after version 4.16rc5 +CVE_CHECK_IGNORE += "CVE-2018-6412" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2018-6554" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2018-6555" + +# CVE-2018-6559 has no known resolution + +# fixed-version: Fixed after version 4.15rc9 +CVE_CHECK_IGNORE += "CVE-2018-6927" + +# fixed-version: Fixed after version 4.14rc6 +CVE_CHECK_IGNORE += "CVE-2018-7191" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2018-7273" + +# fixed-version: Fixed after version 4.11rc1 +CVE_CHECK_IGNORE += "CVE-2018-7480" + +# fixed-version: Fixed after version 4.15rc3 +CVE_CHECK_IGNORE += "CVE-2018-7492" + +# fixed-version: Fixed after version 4.16rc2 +CVE_CHECK_IGNORE += "CVE-2018-7566" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2018-7740" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2018-7754" + +# fixed-version: Fixed after version 4.19rc5 +CVE_CHECK_IGNORE += "CVE-2018-7755" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2018-7757" + +# fixed-version: Fixed after version 4.16rc5 +CVE_CHECK_IGNORE += "CVE-2018-7995" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2018-8043" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2018-8087" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2018-8781" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2018-8822" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2018-8897" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2018-9363" + +# fixed-version: Fixed after version 4.17rc3 +CVE_CHECK_IGNORE += "CVE-2018-9385" + +# fixed-version: Fixed after version 4.17rc3 +CVE_CHECK_IGNORE += "CVE-2018-9415" + +# fixed-version: Fixed after version 4.6rc1 +CVE_CHECK_IGNORE += "CVE-2018-9422" + +# fixed-version: Fixed after version 4.15rc6 +CVE_CHECK_IGNORE += "CVE-2018-9465" + +# fixed-version: Fixed after version 4.18rc5 +CVE_CHECK_IGNORE += "CVE-2018-9516" + +# fixed-version: Fixed after version 4.14rc1 +CVE_CHECK_IGNORE += "CVE-2018-9517" + +# fixed-version: Fixed after version 4.16rc3 +CVE_CHECK_IGNORE += "CVE-2018-9518" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2018-9568" + +# fixed-version: Fixed after version 5.2rc6 +CVE_CHECK_IGNORE += "CVE-2019-0136" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-0145" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-0146" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-0147" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-0148" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-0149" + +# fixed-version: Fixed after version 5.4rc8 +CVE_CHECK_IGNORE += "CVE-2019-0154" + +# fixed-version: Fixed after version 5.4rc8 +CVE_CHECK_IGNORE += "CVE-2019-0155" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-10124" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-10125" + +# fixed-version: Fixed after version 5.2rc6 +CVE_CHECK_IGNORE += "CVE-2019-10126" + +# CVE-2019-10140 has no known resolution + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-10142" + +# fixed-version: Fixed after version 5.3rc3 +CVE_CHECK_IGNORE += "CVE-2019-10207" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-10220" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-10638" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-10639" + +# fixed-version: Fixed after version 5.0rc3 +CVE_CHECK_IGNORE += "CVE-2019-11085" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-11091" + +# fixed-version: Fixed after version 5.4rc8 +CVE_CHECK_IGNORE += "CVE-2019-11135" + +# fixed-version: Fixed after version 4.8rc5 +CVE_CHECK_IGNORE += "CVE-2019-11190" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-11191" + +# fixed-version: Fixed after version 5.3rc4 +CVE_CHECK_IGNORE += "CVE-2019-1125" + +# fixed-version: Fixed after version 5.2rc6 +CVE_CHECK_IGNORE += "CVE-2019-11477" + +# fixed-version: Fixed after version 5.2rc6 +CVE_CHECK_IGNORE += "CVE-2019-11478" + +# fixed-version: Fixed after version 5.2rc6 +CVE_CHECK_IGNORE += "CVE-2019-11479" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-11486" + +# fixed-version: Fixed after version 5.1rc5 +CVE_CHECK_IGNORE += "CVE-2019-11487" + +# fixed-version: Fixed after version 5.1rc6 +CVE_CHECK_IGNORE += "CVE-2019-11599" + +# fixed-version: Fixed after version 5.1 +CVE_CHECK_IGNORE += "CVE-2019-11683" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-11810" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-11811" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-11815" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-11833" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-11884" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2019-12378" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-12379" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2019-12380" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2019-12381" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-12382" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-12454" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-12455" + +# CVE-2019-12456 has no known resolution + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-12614" + +# fixed-version: Fixed after version 5.2rc4 +CVE_CHECK_IGNORE += "CVE-2019-12615" + +# fixed-version: Fixed after version 5.2rc7 +CVE_CHECK_IGNORE += "CVE-2019-12817" + +# fixed-version: Fixed after version 5.0 +CVE_CHECK_IGNORE += "CVE-2019-12818" + +# fixed-version: Fixed after version 5.0rc8 +CVE_CHECK_IGNORE += "CVE-2019-12819" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2019-12881" + +# fixed-version: Fixed after version 5.2rc6 +CVE_CHECK_IGNORE += "CVE-2019-12984" + +# fixed-version: Fixed after version 5.2rc4 +CVE_CHECK_IGNORE += "CVE-2019-13233" + +# fixed-version: Fixed after version 5.2 +CVE_CHECK_IGNORE += "CVE-2019-13272" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-13631" + +# fixed-version: Fixed after version 5.3rc2 +CVE_CHECK_IGNORE += "CVE-2019-13648" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-14283" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-14284" + +# fixed-version: Fixed after version 5.5rc7 +CVE_CHECK_IGNORE += "CVE-2019-14615" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2019-14763" + +# fixed-version: Fixed after version 5.3 +CVE_CHECK_IGNORE += "CVE-2019-14814" + +# fixed-version: Fixed after version 5.3 +CVE_CHECK_IGNORE += "CVE-2019-14815" + +# fixed-version: Fixed after version 5.3 +CVE_CHECK_IGNORE += "CVE-2019-14816" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-14821" + +# fixed-version: Fixed after version 5.3 +CVE_CHECK_IGNORE += "CVE-2019-14835" + +# fixed-version: Fixed after version 5.5rc3 +CVE_CHECK_IGNORE += "CVE-2019-14895" + +# fixed-version: Fixed after version 5.5 +CVE_CHECK_IGNORE += "CVE-2019-14896" + +# fixed-version: Fixed after version 5.5 +CVE_CHECK_IGNORE += "CVE-2019-14897" + +# CVE-2019-14898 has no known resolution + +# fixed-version: Fixed after version 5.5rc3 +CVE_CHECK_IGNORE += "CVE-2019-14901" + +# fixed-version: Fixed after version 5.3rc8 +CVE_CHECK_IGNORE += "CVE-2019-15030" + +# fixed-version: Fixed after version 5.3rc8 +CVE_CHECK_IGNORE += "CVE-2019-15031" + +# fixed-version: Fixed after version 5.2rc2 +CVE_CHECK_IGNORE += "CVE-2019-15090" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-15098" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-15099" + +# fixed-version: Fixed after version 5.3rc5 +CVE_CHECK_IGNORE += "CVE-2019-15117" + +# fixed-version: Fixed after version 5.3rc5 +CVE_CHECK_IGNORE += "CVE-2019-15118" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-15211" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2019-15212" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-15213" + +# fixed-version: Fixed after version 5.1rc6 +CVE_CHECK_IGNORE += "CVE-2019-15214" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-15215" + +# fixed-version: Fixed after version 5.1 +CVE_CHECK_IGNORE += "CVE-2019-15216" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-15217" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2019-15218" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2019-15219" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-15220" + +# fixed-version: Fixed after version 5.2 +CVE_CHECK_IGNORE += "CVE-2019-15221" + +# fixed-version: Fixed after version 5.3rc3 +CVE_CHECK_IGNORE += "CVE-2019-15222" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2019-15223" + +# CVE-2019-15239 has no known resolution + +# CVE-2019-15290 has no known resolution + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-15291" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-15292" + +# fixed-version: Fixed after version 5.3 +CVE_CHECK_IGNORE += "CVE-2019-15504" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-15505" + +# fixed-version: Fixed after version 5.3rc6 +CVE_CHECK_IGNORE += "CVE-2019-15538" + +# fixed-version: Fixed after version 5.1 +CVE_CHECK_IGNORE += "CVE-2019-15666" + +# CVE-2019-15791 has no known resolution + +# CVE-2019-15792 has no known resolution + +# CVE-2019-15793 has no known resolution + +# fixed-version: Fixed after version 5.12 +CVE_CHECK_IGNORE += "CVE-2019-15794" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2019-15807" + +# CVE-2019-15902 has no known resolution + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-15916" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-15917" + +# fixed-version: Fixed after version 5.1rc6 +CVE_CHECK_IGNORE += "CVE-2019-15918" + +# fixed-version: Fixed after version 5.1rc6 +CVE_CHECK_IGNORE += "CVE-2019-15919" + +# fixed-version: Fixed after version 5.1rc6 +CVE_CHECK_IGNORE += "CVE-2019-15920" + +# fixed-version: Fixed after version 5.1rc3 +CVE_CHECK_IGNORE += "CVE-2019-15921" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-15922" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-15923" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-15924" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-15925" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-15926" + +# fixed-version: Fixed after version 5.0rc2 +CVE_CHECK_IGNORE += "CVE-2019-15927" + +# CVE-2019-16089 has no known resolution + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-16229" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-16230" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-16231" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-16232" + +# fixed-version: Fixed after version 5.4rc5 +CVE_CHECK_IGNORE += "CVE-2019-16233" + +# fixed-version: Fixed after version 5.4rc4 +CVE_CHECK_IGNORE += "CVE-2019-16234" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-16413" + +# fixed-version: Fixed after version 5.3rc7 +CVE_CHECK_IGNORE += "CVE-2019-16714" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-16746" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2019-16921" + +# fixed-version: Fixed after version 5.0 +CVE_CHECK_IGNORE += "CVE-2019-16994" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-16995" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-17052" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-17053" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-17054" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-17055" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-17056" + +# fixed-version: Fixed after version 5.4rc3 +CVE_CHECK_IGNORE += "CVE-2019-17075" + +# fixed-version: Fixed after version 5.4rc4 +CVE_CHECK_IGNORE += "CVE-2019-17133" + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-17351" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-17666" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-18198" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-18282" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-18660" + +# fixed-version: Fixed after version 4.17rc5 +CVE_CHECK_IGNORE += "CVE-2019-18675" + +# CVE-2019-18680 has no known resolution + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-18683" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-18786" + +# fixed-version: Fixed after version 5.1rc7 +CVE_CHECK_IGNORE += "CVE-2019-18805" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-18806" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-18807" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-18808" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-18809" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-18810" + +# fixed-version: Fixed after version 5.4rc7 +CVE_CHECK_IGNORE += "CVE-2019-18811" + +# fixed-version: Fixed after version 5.4rc7 +CVE_CHECK_IGNORE += "CVE-2019-18812" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-18813" + +# fixed-version: Fixed after version 5.7rc7 +CVE_CHECK_IGNORE += "CVE-2019-18814" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-18885" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19036" + +# fixed-version: Fixed after version 5.5rc3 +CVE_CHECK_IGNORE += "CVE-2019-19037" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2019-19039" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19043" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-19044" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-19045" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19046" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-19047" + +# fixed-version: Fixed after version 5.4rc3 +CVE_CHECK_IGNORE += "CVE-2019-19048" + +# fixed-version: Fixed after version 5.4rc5 +CVE_CHECK_IGNORE += "CVE-2019-19049" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19050" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-19051" + +# fixed-version: Fixed after version 5.4rc7 +CVE_CHECK_IGNORE += "CVE-2019-19052" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19053" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19054" + +# fixed-version: Fixed after version 5.4rc4 +CVE_CHECK_IGNORE += "CVE-2019-19055" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19056" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19057" + +# fixed-version: Fixed after version 5.4rc4 +CVE_CHECK_IGNORE += "CVE-2019-19058" + +# fixed-version: Fixed after version 5.4rc4 +CVE_CHECK_IGNORE += "CVE-2019-19059" + +# fixed-version: Fixed after version 5.4rc3 +CVE_CHECK_IGNORE += "CVE-2019-19060" + +# fixed-version: Fixed after version 5.4rc3 +CVE_CHECK_IGNORE += "CVE-2019-19061" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19062" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19063" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19064" + +# fixed-version: Fixed after version 5.4rc3 +CVE_CHECK_IGNORE += "CVE-2019-19065" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19066" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-19067" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19068" + +# fixed-version: Fixed after version 5.4rc3 +CVE_CHECK_IGNORE += "CVE-2019-19069" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19070" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19071" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19072" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19073" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19074" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-19075" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19076" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19077" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19078" + +# fixed-version: Fixed after version 5.3 +CVE_CHECK_IGNORE += "CVE-2019-19079" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19080" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19081" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19082" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-19083" + +# fixed-version: Fixed after version 5.1rc3 +CVE_CHECK_IGNORE += "CVE-2019-19227" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19241" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19252" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19318" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-19319" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19332" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19338" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2019-19377" + +# CVE-2019-19378 has no known resolution + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19447" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2019-19448" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2019-19449" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2019-19462" + +# fixed-version: Fixed after version 5.4rc3 +CVE_CHECK_IGNORE += "CVE-2019-19523" + +# fixed-version: Fixed after version 5.4rc8 +CVE_CHECK_IGNORE += "CVE-2019-19524" + +# fixed-version: Fixed after version 5.4rc2 +CVE_CHECK_IGNORE += "CVE-2019-19525" + +# fixed-version: Fixed after version 5.4rc4 +CVE_CHECK_IGNORE += "CVE-2019-19526" + +# fixed-version: Fixed after version 5.3rc4 +CVE_CHECK_IGNORE += "CVE-2019-19527" + +# fixed-version: Fixed after version 5.4rc3 +CVE_CHECK_IGNORE += "CVE-2019-19528" + +# fixed-version: Fixed after version 5.4rc7 +CVE_CHECK_IGNORE += "CVE-2019-19529" + +# fixed-version: Fixed after version 5.3rc5 +CVE_CHECK_IGNORE += "CVE-2019-19530" + +# fixed-version: Fixed after version 5.3rc4 +CVE_CHECK_IGNORE += "CVE-2019-19531" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2019-19532" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19533" + +# fixed-version: Fixed after version 5.4rc7 +CVE_CHECK_IGNORE += "CVE-2019-19534" + +# fixed-version: Fixed after version 5.3rc4 +CVE_CHECK_IGNORE += "CVE-2019-19535" + +# fixed-version: Fixed after version 5.3rc4 +CVE_CHECK_IGNORE += "CVE-2019-19536" + +# fixed-version: Fixed after version 5.3rc5 +CVE_CHECK_IGNORE += "CVE-2019-19537" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-19543" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19602" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2019-19767" + +# fixed-version: Fixed after version 5.6rc4 +CVE_CHECK_IGNORE += "CVE-2019-19768" + +# fixed-version: Fixed after version 5.6rc5 +CVE_CHECK_IGNORE += "CVE-2019-19769" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2019-19770" + +# fixed-version: Fixed after version 5.4rc7 +CVE_CHECK_IGNORE += "CVE-2019-19807" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-19813" + +# CVE-2019-19814 has no known resolution + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2019-19815" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-19816" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-19922" + +# fixed-version: Fixed after version 5.1rc6 +CVE_CHECK_IGNORE += "CVE-2019-19927" + +# fixed-version: Fixed after version 5.5rc3 +CVE_CHECK_IGNORE += "CVE-2019-19947" + +# fixed-version: Fixed after version 5.5rc2 +CVE_CHECK_IGNORE += "CVE-2019-19965" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-19966" + +# fixed-version: Fixed after version 5.1rc3 +CVE_CHECK_IGNORE += "CVE-2019-1999" + +# fixed-version: Fixed after version 5.1rc3 +CVE_CHECK_IGNORE += "CVE-2019-20054" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-20095" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-20096" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2019-2024" + +# fixed-version: Fixed after version 4.20rc5 +CVE_CHECK_IGNORE += "CVE-2019-2025" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-20422" + +# fixed-version: Fixed after version 4.8rc1 +CVE_CHECK_IGNORE += "CVE-2019-2054" + +# fixed-version: Fixed after version 5.5rc6 +CVE_CHECK_IGNORE += "CVE-2019-20636" + +# CVE-2019-20794 has no known resolution + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-20806" + +# fixed-version: Fixed after version 5.6rc1 +CVE_CHECK_IGNORE += "CVE-2019-20810" + +# fixed-version: Fixed after version 5.1rc3 +CVE_CHECK_IGNORE += "CVE-2019-20811" + +# fixed-version: Fixed after version 5.5rc3 +CVE_CHECK_IGNORE += "CVE-2019-20812" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2019-20908" + +# fixed-version: Fixed after version 5.3rc2 +CVE_CHECK_IGNORE += "CVE-2019-20934" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-2101" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-2181" + +# fixed-version: Fixed after version 4.16rc3 +CVE_CHECK_IGNORE += "CVE-2019-2182" + +# fixed-version: Fixed after version 5.2rc6 +CVE_CHECK_IGNORE += "CVE-2019-2213" + +# fixed-version: Fixed after version 5.3rc2 +CVE_CHECK_IGNORE += "CVE-2019-2214" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2019-2215" + +# fixed-version: Fixed after version 5.2rc4 +CVE_CHECK_IGNORE += "CVE-2019-25044" + +# fixed-version: Fixed after version 5.1 +CVE_CHECK_IGNORE += "CVE-2019-25045" + +# fixed-version: Fixed after version 5.6rc1 +CVE_CHECK_IGNORE += "CVE-2019-3016" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-3459" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-3460" + +# fixed-version: Fixed after version 5.0rc3 +CVE_CHECK_IGNORE += "CVE-2019-3701" + +# fixed-version: Fixed after version 5.0rc6 +CVE_CHECK_IGNORE += "CVE-2019-3819" + +# fixed-version: Fixed after version 3.18rc1 +CVE_CHECK_IGNORE += "CVE-2019-3837" + +# fixed-version: Fixed after version 5.2rc6 +CVE_CHECK_IGNORE += "CVE-2019-3846" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-3874" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-3882" + +# fixed-version: Fixed after version 5.1rc4 +CVE_CHECK_IGNORE += "CVE-2019-3887" + +# fixed-version: Fixed after version 5.1rc6 +CVE_CHECK_IGNORE += "CVE-2019-3892" + +# fixed-version: Fixed after version 2.6.35rc1 +CVE_CHECK_IGNORE += "CVE-2019-3896" + +# fixed-version: Fixed after version 5.2rc4 +CVE_CHECK_IGNORE += "CVE-2019-3900" + +# fixed-version: Fixed after version 4.6rc6 +CVE_CHECK_IGNORE += "CVE-2019-3901" + +# fixed-version: Fixed after version 5.3 +CVE_CHECK_IGNORE += "CVE-2019-5108" + +# Skipping CVE-2019-5489, no affected_versions + +# fixed-version: Fixed after version 5.0rc2 +CVE_CHECK_IGNORE += "CVE-2019-6133" + +# fixed-version: Fixed after version 5.0rc6 +CVE_CHECK_IGNORE += "CVE-2019-6974" + +# fixed-version: Fixed after version 5.0rc6 +CVE_CHECK_IGNORE += "CVE-2019-7221" + +# fixed-version: Fixed after version 5.0rc6 +CVE_CHECK_IGNORE += "CVE-2019-7222" + +# fixed-version: Fixed after version 5.0rc3 +CVE_CHECK_IGNORE += "CVE-2019-7308" + +# fixed-version: Fixed after version 5.0rc8 +CVE_CHECK_IGNORE += "CVE-2019-8912" + +# fixed-version: Fixed after version 5.0rc6 +CVE_CHECK_IGNORE += "CVE-2019-8956" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-8980" + +# fixed-version: Fixed after version 5.0rc4 +CVE_CHECK_IGNORE += "CVE-2019-9003" + +# fixed-version: Fixed after version 5.0rc7 +CVE_CHECK_IGNORE += "CVE-2019-9162" + +# fixed-version: Fixed after version 5.0 +CVE_CHECK_IGNORE += "CVE-2019-9213" + +# fixed-version: Fixed after version 5.0rc1 +CVE_CHECK_IGNORE += "CVE-2019-9245" + +# fixed-version: Fixed after version 4.15rc2 +CVE_CHECK_IGNORE += "CVE-2019-9444" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-9445" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2019-9453" + +# fixed-version: Fixed after version 4.15rc9 +CVE_CHECK_IGNORE += "CVE-2019-9454" + +# fixed-version: Fixed after version 5.0rc1 +CVE_CHECK_IGNORE += "CVE-2019-9455" + +# fixed-version: Fixed after version 4.16rc6 +CVE_CHECK_IGNORE += "CVE-2019-9456" + +# fixed-version: Fixed after version 4.13rc1 +CVE_CHECK_IGNORE += "CVE-2019-9457" + +# fixed-version: Fixed after version 4.19rc7 +CVE_CHECK_IGNORE += "CVE-2019-9458" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-9466" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-9500" + +# fixed-version: Fixed after version 5.1rc1 +CVE_CHECK_IGNORE += "CVE-2019-9503" + +# fixed-version: Fixed after version 5.2 +CVE_CHECK_IGNORE += "CVE-2019-9506" + +# fixed-version: Fixed after version 5.1rc2 +CVE_CHECK_IGNORE += "CVE-2019-9857" + +# fixed-version: Fixed after version 5.6rc3 +CVE_CHECK_IGNORE += "CVE-2020-0009" + +# fixed-version: Fixed after version 4.16rc3 +CVE_CHECK_IGNORE += "CVE-2020-0030" + +# fixed-version: Fixed after version 5.5rc2 +CVE_CHECK_IGNORE += "CVE-2020-0041" + +# fixed-version: Fixed after version 4.3rc7 +CVE_CHECK_IGNORE += "CVE-2020-0066" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2020-0067" + +# fixed-version: Fixed after version 5.6rc2 +CVE_CHECK_IGNORE += "CVE-2020-0110" + +# fixed-version: Fixed after version 5.7rc4 +CVE_CHECK_IGNORE += "CVE-2020-0255" + +# fixed-version: Fixed after version 5.5rc6 +CVE_CHECK_IGNORE += "CVE-2020-0305" + +# CVE-2020-0347 has no known resolution + +# fixed-version: Fixed after version 5.6rc1 +CVE_CHECK_IGNORE += "CVE-2020-0404" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-0423" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2020-0427" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2020-0429" + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2020-0430" + +# fixed-version: Fixed after version 5.5rc6 +CVE_CHECK_IGNORE += "CVE-2020-0431" + +# fixed-version: Fixed after version 5.6rc1 +CVE_CHECK_IGNORE += "CVE-2020-0432" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2020-0433" + +# fixed-version: Fixed after version 4.19rc1 +CVE_CHECK_IGNORE += "CVE-2020-0435" + +# fixed-version: Fixed after version 5.6rc4 +CVE_CHECK_IGNORE += "CVE-2020-0444" + +# fixed-version: Fixed after version 5.9rc4 +CVE_CHECK_IGNORE += "CVE-2020-0465" + +# fixed-version: Fixed after version 5.9rc2 +CVE_CHECK_IGNORE += "CVE-2020-0466" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-0543" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-10135" + +# fixed-version: Fixed after version 5.5rc5 +CVE_CHECK_IGNORE += "CVE-2020-10690" + +# CVE-2020-10708 has no known resolution + +# fixed-version: Fixed after version 5.7rc6 +CVE_CHECK_IGNORE += "CVE-2020-10711" + +# fixed-version: Fixed after version 5.2rc3 +CVE_CHECK_IGNORE += "CVE-2020-10720" + +# fixed-version: Fixed after version 5.7 +CVE_CHECK_IGNORE += "CVE-2020-10732" + +# fixed-version: Fixed after version 3.16rc1 +CVE_CHECK_IGNORE += "CVE-2020-10742" + +# fixed-version: Fixed after version 5.7rc4 +CVE_CHECK_IGNORE += "CVE-2020-10751" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-10757" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-10766" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-10767" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-10768" + +# fixed-version: Fixed after version 5.0rc3 +CVE_CHECK_IGNORE += "CVE-2020-10769" + +# fixed-version: Fixed after version 5.4rc6 +CVE_CHECK_IGNORE += "CVE-2020-10773" + +# CVE-2020-10774 has no known resolution + +# fixed-version: Fixed after version 5.8rc6 +CVE_CHECK_IGNORE += "CVE-2020-10781" + +# fixed-version: Fixed after version 5.6rc4 +CVE_CHECK_IGNORE += "CVE-2020-10942" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-11494" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-11565" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-11608" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-11609" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-11668" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2020-11669" + +# CVE-2020-11725 has no known resolution + +# fixed-version: Fixed after version 5.7rc4 +CVE_CHECK_IGNORE += "CVE-2020-11884" + +# CVE-2020-11935 has no known resolution + +# fixed-version: Fixed after version 5.3rc1 +CVE_CHECK_IGNORE += "CVE-2020-12114" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-12351" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-12352" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-12362" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-12363" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-12364" + +# fixed-version: Fixed after version 5.7rc3 +CVE_CHECK_IGNORE += "CVE-2020-12464" + +# fixed-version: Fixed after version 5.6rc6 +CVE_CHECK_IGNORE += "CVE-2020-12465" + +# fixed-version: Fixed after version 5.5rc7 +CVE_CHECK_IGNORE += "CVE-2020-12652" + +# fixed-version: Fixed after version 5.6rc1 +CVE_CHECK_IGNORE += "CVE-2020-12653" + +# fixed-version: Fixed after version 5.6rc1 +CVE_CHECK_IGNORE += "CVE-2020-12654" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-12655" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-12656" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-12657" + +# fixed-version: Fixed after version 5.7rc2 +CVE_CHECK_IGNORE += "CVE-2020-12659" + +# fixed-version: Fixed after version 5.6rc4 +CVE_CHECK_IGNORE += "CVE-2020-12768" + +# fixed-version: Fixed after version 5.5rc6 +CVE_CHECK_IGNORE += "CVE-2020-12769" + +# fixed-version: Fixed after version 5.7rc3 +CVE_CHECK_IGNORE += "CVE-2020-12770" + +# fixed-version: Fixed after version 5.8rc2 +CVE_CHECK_IGNORE += "CVE-2020-12771" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-12826" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-12888" + +# fixed-version: Fixed after version 5.10rc4 +CVE_CHECK_IGNORE += "CVE-2020-12912" + +# fixed-version: Fixed after version 5.7rc6 +CVE_CHECK_IGNORE += "CVE-2020-13143" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-13974" + +# CVE-2020-14304 has no known resolution + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2020-14305" + +# fixed-version: Fixed after version 5.9rc2 +CVE_CHECK_IGNORE += "CVE-2020-14314" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2020-14331" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-14351" + +# fixed-version: Fixed after version 4.14rc3 +CVE_CHECK_IGNORE += "CVE-2020-14353" + +# fixed-version: Fixed after version 5.8rc5 +CVE_CHECK_IGNORE += "CVE-2020-14356" + +# fixed-version: Fixed after version 5.6rc6 +CVE_CHECK_IGNORE += "CVE-2020-14381" + +# fixed-version: Fixed after version 5.9rc4 +CVE_CHECK_IGNORE += "CVE-2020-14385" + +# fixed-version: Fixed after version 5.9rc4 +CVE_CHECK_IGNORE += "CVE-2020-14386" + +# fixed-version: Fixed after version 5.9rc6 +CVE_CHECK_IGNORE += "CVE-2020-14390" + +# fixed-version: Fixed after version 5.5 +CVE_CHECK_IGNORE += "CVE-2020-14416" + +# fixed-version: Fixed after version 5.8rc3 +CVE_CHECK_IGNORE += "CVE-2020-15393" + +# fixed-version: Fixed after version 5.8rc2 +CVE_CHECK_IGNORE += "CVE-2020-15436" + +# fixed-version: Fixed after version 5.8rc7 +CVE_CHECK_IGNORE += "CVE-2020-15437" + +# fixed-version: Fixed after version 5.8rc3 +CVE_CHECK_IGNORE += "CVE-2020-15780" + +# CVE-2020-15802 has no known resolution + +# fixed-version: Fixed after version 5.8rc6 +CVE_CHECK_IGNORE += "CVE-2020-15852" + +# fixed-version: Fixed after version 5.15rc2 +CVE_CHECK_IGNORE += "CVE-2020-16119" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-16120" + +# fixed-version: Fixed after version 5.8 +CVE_CHECK_IGNORE += "CVE-2020-16166" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2020-1749" + +# fixed-version: Fixed after version 5.8rc4 +CVE_CHECK_IGNORE += "CVE-2020-24394" + +# fixed-version: Fixed after version 5.8 +CVE_CHECK_IGNORE += "CVE-2020-24490" + +# CVE-2020-24502 has no known resolution + +# CVE-2020-24503 has no known resolution + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2020-24504" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2020-24586" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2020-24587" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2020-24588" + +# fixed-version: Fixed after version 5.9rc7 +CVE_CHECK_IGNORE += "CVE-2020-25211" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2020-25212" + +# CVE-2020-25220 has no known resolution + +# fixed-version: Fixed after version 5.9rc4 +CVE_CHECK_IGNORE += "CVE-2020-25221" + +# fixed-version: Fixed after version 5.9rc5 +CVE_CHECK_IGNORE += "CVE-2020-25284" + +# fixed-version: Fixed after version 5.9rc4 +CVE_CHECK_IGNORE += "CVE-2020-25285" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2020-25639" + +# fixed-version: Fixed after version 5.9rc4 +CVE_CHECK_IGNORE += "CVE-2020-25641" + +# fixed-version: Fixed after version 5.9rc7 +CVE_CHECK_IGNORE += "CVE-2020-25643" + +# fixed-version: Fixed after version 5.9rc7 +CVE_CHECK_IGNORE += "CVE-2020-25645" + +# fixed-version: Fixed after version 5.10rc2 +CVE_CHECK_IGNORE += "CVE-2020-25656" + +# CVE-2020-25661 has no known resolution + +# CVE-2020-25662 has no known resolution + +# fixed-version: Fixed after version 5.10rc3 +CVE_CHECK_IGNORE += "CVE-2020-25668" + +# fixed-version: Fixed after version 5.10rc5 +CVE_CHECK_IGNORE += "CVE-2020-25669" + +# fixed-version: Fixed after version 5.12rc7 +CVE_CHECK_IGNORE += "CVE-2020-25670" + +# fixed-version: Fixed after version 5.12rc7 +CVE_CHECK_IGNORE += "CVE-2020-25671" + +# fixed-version: Fixed after version 5.12rc7 +CVE_CHECK_IGNORE += "CVE-2020-25672" + +# fixed-version: Fixed after version 5.12rc7 +CVE_CHECK_IGNORE += "CVE-2020-25673" + +# fixed-version: Fixed after version 5.10rc3 +CVE_CHECK_IGNORE += "CVE-2020-25704" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-25705" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2020-26088" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2020-26139" + +# CVE-2020-26140 has no known resolution + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2020-26141" + +# CVE-2020-26142 has no known resolution + +# CVE-2020-26143 has no known resolution + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2020-26145" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2020-26147" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2020-26541" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2020-26555" + +# CVE-2020-26556 has no known resolution + +# CVE-2020-26557 has no known resolution + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2020-26558" + +# CVE-2020-26559 has no known resolution + +# CVE-2020-26560 has no known resolution + +# fixed-version: Fixed after version 5.6 +CVE_CHECK_IGNORE += "CVE-2020-27066" + +# fixed-version: Fixed after version 4.14rc4 +CVE_CHECK_IGNORE += "CVE-2020-27067" + +# fixed-version: Fixed after version 5.6rc2 +CVE_CHECK_IGNORE += "CVE-2020-27068" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-27152" + +# fixed-version: Fixed after version 5.12rc5 +CVE_CHECK_IGNORE += "CVE-2020-27170" + +# fixed-version: Fixed after version 5.12rc5 +CVE_CHECK_IGNORE += "CVE-2020-27171" + +# fixed-version: Fixed after version 5.9 +CVE_CHECK_IGNORE += "CVE-2020-27194" + +# fixed-version: Fixed after version 5.6rc4 +CVE_CHECK_IGNORE += "CVE-2020-2732" + +# CVE-2020-27418 has no known resolution + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-27673" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-27675" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-27777" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-27784" + +# fixed-version: Fixed after version 5.7rc6 +CVE_CHECK_IGNORE += "CVE-2020-27786" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-27815" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2020-27820" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-27825" + +# fixed-version: Fixed after version 5.10rc7 +CVE_CHECK_IGNORE += "CVE-2020-27830" + +# fixed-version: Fixed after version 5.10rc6 +CVE_CHECK_IGNORE += "CVE-2020-27835" + +# fixed-version: Fixed after version 5.9rc6 +CVE_CHECK_IGNORE += "CVE-2020-28097" + +# fixed-version: Fixed after version 5.11rc4 +CVE_CHECK_IGNORE += "CVE-2020-28374" + +# fixed-version: Fixed after version 5.10rc7 +CVE_CHECK_IGNORE += "CVE-2020-28588" + +# fixed-version: Fixed after version 5.9 +CVE_CHECK_IGNORE += "CVE-2020-28915" + +# fixed-version: Fixed after version 5.10rc5 +CVE_CHECK_IGNORE += "CVE-2020-28941" + +# fixed-version: Fixed after version 5.10rc3 +CVE_CHECK_IGNORE += "CVE-2020-28974" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-29368" + +# fixed-version: Fixed after version 5.8rc7 +CVE_CHECK_IGNORE += "CVE-2020-29369" + +# fixed-version: Fixed after version 5.6rc7 +CVE_CHECK_IGNORE += "CVE-2020-29370" + +# fixed-version: Fixed after version 5.9rc2 +CVE_CHECK_IGNORE += "CVE-2020-29371" + +# fixed-version: Fixed after version 5.7rc3 +CVE_CHECK_IGNORE += "CVE-2020-29372" + +# fixed-version: Fixed after version 5.6rc2 +CVE_CHECK_IGNORE += "CVE-2020-29373" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-29374" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-29534" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-29568" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-29569" + +# fixed-version: Fixed after version 5.10rc7 +CVE_CHECK_IGNORE += "CVE-2020-29660" + +# fixed-version: Fixed after version 5.10rc7 +CVE_CHECK_IGNORE += "CVE-2020-29661" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-35499" + +# CVE-2020-35501 has no known resolution + +# fixed-version: Fixed after version 5.10rc3 +CVE_CHECK_IGNORE += "CVE-2020-35508" + +# fixed-version: Fixed after version 4.17rc1 +CVE_CHECK_IGNORE += "CVE-2020-35513" + +# fixed-version: Fixed after version 5.10rc7 +CVE_CHECK_IGNORE += "CVE-2020-35519" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-36158" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-36310" + +# fixed-version: Fixed after version 5.9rc5 +CVE_CHECK_IGNORE += "CVE-2020-36311" + +# fixed-version: Fixed after version 5.9rc5 +CVE_CHECK_IGNORE += "CVE-2020-36312" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-36313" + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2020-36322" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2020-36385" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2020-36386" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2020-36387" + +# fixed-version: Fixed after version 5.17rc2 +CVE_CHECK_IGNORE += "CVE-2020-36516" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-36557" + +# fixed-version: Fixed after version 5.6rc3 +CVE_CHECK_IGNORE += "CVE-2020-36558" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2020-36691" + +# fixed-version: Fixed after version 5.10 +CVE_CHECK_IGNORE += "CVE-2020-36694" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2020-3702" + +# fixed-version: Fixed after version 5.10rc5 +CVE_CHECK_IGNORE += "CVE-2020-4788" + +# fixed-version: Fixed after version 5.2rc1 +CVE_CHECK_IGNORE += "CVE-2020-7053" + +# fixed-version: Fixed after version 5.5 +CVE_CHECK_IGNORE += "CVE-2020-8428" + +# fixed-version: Fixed after version 5.6rc5 +CVE_CHECK_IGNORE += "CVE-2020-8647" + +# fixed-version: Fixed after version 5.6rc3 +CVE_CHECK_IGNORE += "CVE-2020-8648" + +# fixed-version: Fixed after version 5.6rc5 +CVE_CHECK_IGNORE += "CVE-2020-8649" + +# fixed-version: Fixed after version 5.10rc4 +CVE_CHECK_IGNORE += "CVE-2020-8694" + +# CVE-2020-8832 has no known resolution + +# fixed-version: Fixed after version 4.18rc1 +CVE_CHECK_IGNORE += "CVE-2020-8834" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2020-8835" + +# fixed-version: Fixed after version 5.6rc2 +CVE_CHECK_IGNORE += "CVE-2020-8992" + +# fixed-version: Fixed after version 5.6rc4 +CVE_CHECK_IGNORE += "CVE-2020-9383" + +# fixed-version: Fixed after version 5.6rc3 +CVE_CHECK_IGNORE += "CVE-2020-9391" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-0129" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2021-0342" + +# CVE-2021-0399 has no known resolution + +# fixed-version: Fixed after version 4.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-0447" + +# fixed-version: Fixed after version 5.9rc7 +CVE_CHECK_IGNORE += "CVE-2021-0448" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-0512" + +# fixed-version: Fixed after version 5.8 +CVE_CHECK_IGNORE += "CVE-2021-0605" + +# CVE-2021-0606 has no known resolution + +# CVE-2021-0695 has no known resolution + +# fixed-version: Fixed after version 5.11rc3 +CVE_CHECK_IGNORE += "CVE-2021-0707" + +# fixed-version: Fixed after version 5.14rc4 +CVE_CHECK_IGNORE += "CVE-2021-0920" + +# CVE-2021-0924 has no known resolution + +# fixed-version: Fixed after version 5.6rc1 +CVE_CHECK_IGNORE += "CVE-2021-0929" + +# fixed-version: Fixed after version 4.16rc7 +CVE_CHECK_IGNORE += "CVE-2021-0935" + +# CVE-2021-0936 has no known resolution + +# fixed-version: Fixed after version 5.12rc8 +CVE_CHECK_IGNORE += "CVE-2021-0937" + +# fixed-version: Fixed after version 5.10rc4 +CVE_CHECK_IGNORE += "CVE-2021-0938" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-0941" + +# CVE-2021-0961 has no known resolution + +# fixed-version: Fixed after version 5.9rc4 +CVE_CHECK_IGNORE += "CVE-2021-1048" + +# fixed-version: Fixed after version 5.5rc1 +CVE_CHECK_IGNORE += "CVE-2021-20177" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2021-20194" + +# CVE-2021-20219 has no known resolution + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2021-20226" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2021-20239" + +# fixed-version: Fixed after version 4.5rc5 +CVE_CHECK_IGNORE += "CVE-2021-20261" + +# fixed-version: Fixed after version 4.5rc3 +CVE_CHECK_IGNORE += "CVE-2021-20265" + +# fixed-version: Fixed after version 5.11rc5 +CVE_CHECK_IGNORE += "CVE-2021-20268" + +# fixed-version: Fixed after version 5.9rc1 +CVE_CHECK_IGNORE += "CVE-2021-20292" + +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2021-20317" + +# fixed-version: Fixed after version 5.15rc3 +CVE_CHECK_IGNORE += "CVE-2021-20320" + +# fixed-version: Fixed after version 5.15rc5 +CVE_CHECK_IGNORE += "CVE-2021-20321" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-20322" + +# fixed-version: Fixed after version 5.11rc7 +CVE_CHECK_IGNORE += "CVE-2021-21781" + +# fixed-version: Fixed after version 5.13 +CVE_CHECK_IGNORE += "CVE-2021-22543" + +# fixed-version: Fixed after version 5.12rc8 +CVE_CHECK_IGNORE += "CVE-2021-22555" + +# fixed-version: Fixed after version 5.16rc6 +CVE_CHECK_IGNORE += "CVE-2021-22600" + +# fixed-version: Fixed after version 5.12rc8 +CVE_CHECK_IGNORE += "CVE-2021-23133" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-23134" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2021-26401" + +# fixed-version: Fixed after version 5.11rc7 +CVE_CHECK_IGNORE += "CVE-2021-26708" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-26930" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-26931" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-26932" + +# CVE-2021-26934 has no known resolution + +# fixed-version: Fixed after version 5.12rc2 +CVE_CHECK_IGNORE += "CVE-2021-27363" + +# fixed-version: Fixed after version 5.12rc2 +CVE_CHECK_IGNORE += "CVE-2021-27364" + +# fixed-version: Fixed after version 5.12rc2 +CVE_CHECK_IGNORE += "CVE-2021-27365" + +# fixed-version: Fixed after version 5.12rc2 +CVE_CHECK_IGNORE += "CVE-2021-28038" + +# fixed-version: Fixed after version 5.12rc2 +CVE_CHECK_IGNORE += "CVE-2021-28039" + +# fixed-version: Fixed after version 5.12rc3 +CVE_CHECK_IGNORE += "CVE-2021-28375" + +# fixed-version: Fixed after version 5.12rc3 +CVE_CHECK_IGNORE += "CVE-2021-28660" + +# fixed-version: Fixed after version 5.12rc6 +CVE_CHECK_IGNORE += "CVE-2021-28688" + +# fixed-version: Fixed after version 5.13rc6 +CVE_CHECK_IGNORE += "CVE-2021-28691" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2021-28711" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2021-28712" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2021-28713" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2021-28714" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2021-28715" + +# fixed-version: Fixed after version 5.12rc4 +CVE_CHECK_IGNORE += "CVE-2021-28950" + +# fixed-version: Fixed after version 5.12rc2 +CVE_CHECK_IGNORE += "CVE-2021-28951" + +# fixed-version: Fixed after version 5.12rc4 +CVE_CHECK_IGNORE += "CVE-2021-28952" + +# fixed-version: Fixed after version 5.12rc4 +CVE_CHECK_IGNORE += "CVE-2021-28964" + +# fixed-version: Fixed after version 5.12rc4 +CVE_CHECK_IGNORE += "CVE-2021-28971" + +# fixed-version: Fixed after version 5.12rc4 +CVE_CHECK_IGNORE += "CVE-2021-28972" + +# fixed-version: Fixed after version 5.12rc7 +CVE_CHECK_IGNORE += "CVE-2021-29154" + +# fixed-version: Fixed after version 5.12rc8 +CVE_CHECK_IGNORE += "CVE-2021-29155" + +# fixed-version: Fixed after version 5.12rc3 +CVE_CHECK_IGNORE += "CVE-2021-29264" + +# fixed-version: Fixed after version 5.12rc3 +CVE_CHECK_IGNORE += "CVE-2021-29265" + +# fixed-version: Fixed after version 5.12rc4 +CVE_CHECK_IGNORE += "CVE-2021-29266" + +# fixed-version: Fixed after version 5.12rc5 +CVE_CHECK_IGNORE += "CVE-2021-29646" + +# fixed-version: Fixed after version 5.12rc5 +CVE_CHECK_IGNORE += "CVE-2021-29647" + +# fixed-version: Fixed after version 5.12rc5 +CVE_CHECK_IGNORE += "CVE-2021-29648" + +# fixed-version: Fixed after version 5.12rc5 +CVE_CHECK_IGNORE += "CVE-2021-29649" + +# fixed-version: Fixed after version 5.12rc5 +CVE_CHECK_IGNORE += "CVE-2021-29650" + +# fixed-version: Fixed after version 5.12rc6 +CVE_CHECK_IGNORE += "CVE-2021-29657" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-30002" + +# fixed-version: Fixed after version 5.12rc2 +CVE_CHECK_IGNORE += "CVE-2021-30178" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-31440" + +# fixed-version: Fixed after version 5.11rc5 +CVE_CHECK_IGNORE += "CVE-2021-3178" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-31829" + +# fixed-version: Fixed after version 5.12rc5 +CVE_CHECK_IGNORE += "CVE-2021-31916" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-32078" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-32399" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2021-32606" + +# fixed-version: Fixed after version 5.12rc3 +CVE_CHECK_IGNORE += "CVE-2021-33033" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-33034" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2021-33061" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2021-33098" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2021-33135" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2021-33200" + +# fixed-version: Fixed after version 5.11rc6 +CVE_CHECK_IGNORE += "CVE-2021-3347" + +# fixed-version: Fixed after version 5.11rc6 +CVE_CHECK_IGNORE += "CVE-2021-3348" + +# fixed-version: Fixed after version 5.13rc7 +CVE_CHECK_IGNORE += "CVE-2021-33624" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2021-33655" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-33656" + +# fixed-version: Fixed after version 5.14rc3 +CVE_CHECK_IGNORE += "CVE-2021-33909" + +# fixed-version: Fixed after version 5.10 +CVE_CHECK_IGNORE += "CVE-2021-3411" + +# fixed-version: Fixed after version 5.9rc2 +CVE_CHECK_IGNORE += "CVE-2021-3428" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-3444" + +# fixed-version: Fixed after version 5.14rc4 +CVE_CHECK_IGNORE += "CVE-2021-34556" + +# fixed-version: Fixed after version 5.13rc7 +CVE_CHECK_IGNORE += "CVE-2021-34693" + +# fixed-version: Fixed after version 5.12rc6 +CVE_CHECK_IGNORE += "CVE-2021-3483" + +# fixed-version: Fixed after version 5.14 +CVE_CHECK_IGNORE += "CVE-2021-34866" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2021-3489" + +# fixed-version: Fixed after version 5.13rc4 +CVE_CHECK_IGNORE += "CVE-2021-3490" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-3491" + +# CVE-2021-3492 has no known resolution + +# fixed-version: Fixed after version 5.11rc1 +CVE_CHECK_IGNORE += "CVE-2021-3493" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-34981" + +# fixed-version: Fixed after version 5.12rc8 +CVE_CHECK_IGNORE += "CVE-2021-3501" + +# fixed-version: Fixed after version 5.13 +CVE_CHECK_IGNORE += "CVE-2021-35039" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-3506" + +# CVE-2021-3542 has no known resolution + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-3543" + +# fixed-version: Fixed after version 5.14rc4 +CVE_CHECK_IGNORE += "CVE-2021-35477" + +# fixed-version: Fixed after version 5.13rc5 +CVE_CHECK_IGNORE += "CVE-2021-3564" + +# fixed-version: Fixed after version 5.13rc5 +CVE_CHECK_IGNORE += "CVE-2021-3573" + +# fixed-version: Fixed after version 5.13rc5 +CVE_CHECK_IGNORE += "CVE-2021-3587" + +# fixed-version: Fixed after version 5.11 +CVE_CHECK_IGNORE += "CVE-2021-3600" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-3609" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-3612" + +# fixed-version: Fixed after version 5.5rc7 +CVE_CHECK_IGNORE += "CVE-2021-3635" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2021-3640" + +# fixed-version: Fixed after version 5.14rc7 +CVE_CHECK_IGNORE += "CVE-2021-3653" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-3655" + +# fixed-version: Fixed after version 5.14rc7 +CVE_CHECK_IGNORE += "CVE-2021-3656" + +# fixed-version: Fixed after version 5.12rc7 +CVE_CHECK_IGNORE += "CVE-2021-3659" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-3669" + +# fixed-version: Fixed after version 5.14rc3 +CVE_CHECK_IGNORE += "CVE-2021-3679" + +# CVE-2021-3714 has no known resolution + +# fixed-version: Fixed after version 5.6 +CVE_CHECK_IGNORE += "CVE-2021-3715" + +# fixed-version: Fixed after version 5.14rc3 +CVE_CHECK_IGNORE += "CVE-2021-37159" + +# fixed-version: Fixed after version 5.14rc6 +CVE_CHECK_IGNORE += "CVE-2021-3732" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-3736" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-3739" + +# fixed-version: Fixed after version 5.13rc7 +CVE_CHECK_IGNORE += "CVE-2021-3743" + +# fixed-version: Fixed after version 5.15rc4 +CVE_CHECK_IGNORE += "CVE-2021-3744" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2021-3752" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-3753" + +# fixed-version: Fixed after version 5.14rc3 +CVE_CHECK_IGNORE += "CVE-2021-37576" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-3759" + +# fixed-version: Fixed after version 5.15rc6 +CVE_CHECK_IGNORE += "CVE-2021-3760" + +# fixed-version: Fixed after version 5.15rc4 +CVE_CHECK_IGNORE += "CVE-2021-3764" + +# fixed-version: Fixed after version 5.15 +CVE_CHECK_IGNORE += "CVE-2021-3772" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-38160" + +# fixed-version: Fixed after version 5.14rc6 +CVE_CHECK_IGNORE += "CVE-2021-38166" + +# fixed-version: Fixed after version 5.13rc6 +CVE_CHECK_IGNORE += "CVE-2021-38198" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-38199" + +# fixed-version: Fixed after version 5.13rc7 +CVE_CHECK_IGNORE += "CVE-2021-38200" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-38201" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-38202" + +# fixed-version: Fixed after version 5.14rc2 +CVE_CHECK_IGNORE += "CVE-2021-38203" + +# fixed-version: Fixed after version 5.14rc3 +CVE_CHECK_IGNORE += "CVE-2021-38204" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-38205" + +# fixed-version: Fixed after version 5.13rc7 +CVE_CHECK_IGNORE += "CVE-2021-38206" + +# fixed-version: Fixed after version 5.13rc7 +CVE_CHECK_IGNORE += "CVE-2021-38207" + +# fixed-version: Fixed after version 5.13rc5 +CVE_CHECK_IGNORE += "CVE-2021-38208" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-38209" + +# fixed-version: Fixed after version 5.15rc4 +CVE_CHECK_IGNORE += "CVE-2021-38300" + +# CVE-2021-3847 has no known resolution + +# CVE-2021-3864 has no known resolution + +# CVE-2021-3892 has no known resolution + +# fixed-version: Fixed after version 5.15rc6 +CVE_CHECK_IGNORE += "CVE-2021-3894" + +# fixed-version: Fixed after version 5.15rc6 +CVE_CHECK_IGNORE += "CVE-2021-3896" + +# fixed-version: Fixed after version 5.16 +CVE_CHECK_IGNORE += "CVE-2021-3923" + +# fixed-version: Fixed after version 5.14 +CVE_CHECK_IGNORE += "CVE-2021-39633" + +# fixed-version: Fixed after version 5.9rc8 +CVE_CHECK_IGNORE += "CVE-2021-39634" + +# fixed-version: Fixed after version 4.16rc1 +CVE_CHECK_IGNORE += "CVE-2021-39636" + +# fixed-version: Fixed after version 5.11rc3 +CVE_CHECK_IGNORE += "CVE-2021-39648" + +# fixed-version: Fixed after version 5.12rc3 +CVE_CHECK_IGNORE += "CVE-2021-39656" + +# fixed-version: Fixed after version 5.11rc4 +CVE_CHECK_IGNORE += "CVE-2021-39657" + +# fixed-version: Fixed after version 5.16rc5 +CVE_CHECK_IGNORE += "CVE-2021-39685" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2021-39686" + +# fixed-version: Fixed after version 5.16rc5 +CVE_CHECK_IGNORE += "CVE-2021-39698" + +# fixed-version: Fixed after version 4.18rc6 +CVE_CHECK_IGNORE += "CVE-2021-39711" + +# fixed-version: Fixed after version 4.20rc1 +CVE_CHECK_IGNORE += "CVE-2021-39713" + +# fixed-version: Fixed after version 4.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-39714" + +# CVE-2021-39800 has no known resolution + +# CVE-2021-39801 has no known resolution + +# CVE-2021-39802 has no known resolution + +# fixed-version: Fixed after version 5.16rc2 +CVE_CHECK_IGNORE += "CVE-2021-4001" + +# fixed-version: Fixed after version 5.16rc3 +CVE_CHECK_IGNORE += "CVE-2021-4002" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-4023" + +# fixed-version: Fixed after version 5.15rc4 +CVE_CHECK_IGNORE += "CVE-2021-4028" + +# fixed-version: Fixed after version 5.15rc7 +CVE_CHECK_IGNORE += "CVE-2021-4032" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2021-4037" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-40490" + +# fixed-version: Fixed after version 5.16rc4 +CVE_CHECK_IGNORE += "CVE-2021-4083" + +# fixed-version: Fixed after version 5.16rc2 +CVE_CHECK_IGNORE += "CVE-2021-4090" + +# fixed-version: Fixed after version 5.15rc7 +CVE_CHECK_IGNORE += "CVE-2021-4093" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2021-4095" + +# fixed-version: Fixed after version 5.15rc2 +CVE_CHECK_IGNORE += "CVE-2021-41073" + +# fixed-version: Fixed after version 5.16rc6 +CVE_CHECK_IGNORE += "CVE-2021-4135" + +# fixed-version: Fixed after version 5.15 +CVE_CHECK_IGNORE += "CVE-2021-4148" + +# fixed-version: Fixed after version 5.15rc6 +CVE_CHECK_IGNORE += "CVE-2021-4149" + +# fixed-version: Fixed after version 5.15rc7 +CVE_CHECK_IGNORE += "CVE-2021-4150" + +# fixed-version: Fixed after version 5.14rc2 +CVE_CHECK_IGNORE += "CVE-2021-4154" + +# fixed-version: Fixed after version 5.16 +CVE_CHECK_IGNORE += "CVE-2021-4155" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-4157" + +# fixed-version: Fixed after version 5.7rc1 +CVE_CHECK_IGNORE += "CVE-2021-4159" + +# fixed-version: Fixed after version 5.15rc5 +CVE_CHECK_IGNORE += "CVE-2021-41864" + +# fixed-version: Fixed after version 5.16 +CVE_CHECK_IGNORE += "CVE-2021-4197" + +# fixed-version: Fixed after version 5.14rc7 +CVE_CHECK_IGNORE += "CVE-2021-42008" + +# fixed-version: Fixed after version 5.16rc2 +CVE_CHECK_IGNORE += "CVE-2021-4202" + +# fixed-version: Fixed after version 5.15rc4 +CVE_CHECK_IGNORE += "CVE-2021-4203" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2021-4204" + +# fixed-version: Fixed after version 5.8rc1 +CVE_CHECK_IGNORE += "CVE-2021-4218" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2021-42252" + +# fixed-version: Fixed after version 5.15 +CVE_CHECK_IGNORE += "CVE-2021-42327" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2021-42739" + +# fixed-version: Fixed after version 5.15rc6 +CVE_CHECK_IGNORE += "CVE-2021-43056" + +# fixed-version: Fixed after version 5.15rc3 +CVE_CHECK_IGNORE += "CVE-2021-43057" + +# fixed-version: Fixed after version 5.15 +CVE_CHECK_IGNORE += "CVE-2021-43267" + +# fixed-version: Fixed after version 5.15rc6 +CVE_CHECK_IGNORE += "CVE-2021-43389" + +# fixed-version: Fixed after version 5.16rc2 +CVE_CHECK_IGNORE += "CVE-2021-43975" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2021-43976" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2021-44733" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2021-44879" + +# fixed-version: Fixed after version 5.16rc6 +CVE_CHECK_IGNORE += "CVE-2021-45095" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2021-45100" + +# fixed-version: Fixed after version 5.16rc6 +CVE_CHECK_IGNORE += "CVE-2021-45402" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2021-45469" + +# fixed-version: Fixed after version 5.16rc6 +CVE_CHECK_IGNORE += "CVE-2021-45480" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2021-45485" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2021-45486" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2021-45868" + +# fixed-version: Fixed after version 5.13rc7 +CVE_CHECK_IGNORE += "CVE-2021-46283" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-0001" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-0002" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-0168" + +# fixed-version: Fixed after version 5.18rc4 +CVE_CHECK_IGNORE += "CVE-2022-0171" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-0185" + +# fixed-version: Fixed after version 5.16rc6 +CVE_CHECK_IGNORE += "CVE-2022-0264" + +# fixed-version: Fixed after version 5.14rc2 +CVE_CHECK_IGNORE += "CVE-2022-0286" + +# fixed-version: Fixed after version 5.15rc6 +CVE_CHECK_IGNORE += "CVE-2022-0322" + +# fixed-version: Fixed after version 5.17rc2 +CVE_CHECK_IGNORE += "CVE-2022-0330" + +# fixed-version: Fixed after version 5.16 +CVE_CHECK_IGNORE += "CVE-2022-0382" + +# CVE-2022-0400 has no known resolution + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-0433" + +# fixed-version: Fixed after version 5.17rc4 +CVE_CHECK_IGNORE += "CVE-2022-0435" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2022-0480" + +# fixed-version: Fixed after version 5.17rc4 +CVE_CHECK_IGNORE += "CVE-2022-0487" + +# fixed-version: Fixed after version 5.17rc3 +CVE_CHECK_IGNORE += "CVE-2022-0492" + +# fixed-version: Fixed after version 5.17rc5 +CVE_CHECK_IGNORE += "CVE-2022-0494" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-0500" + +# fixed-version: Fixed after version 5.17rc4 +CVE_CHECK_IGNORE += "CVE-2022-0516" + +# fixed-version: Fixed after version 5.17rc2 +CVE_CHECK_IGNORE += "CVE-2022-0617" + +# fixed-version: Fixed after version 5.15rc7 +CVE_CHECK_IGNORE += "CVE-2022-0644" + +# fixed-version: Fixed after version 5.17rc5 +CVE_CHECK_IGNORE += "CVE-2022-0646" + +# fixed-version: Fixed after version 5.17rc7 +CVE_CHECK_IGNORE += "CVE-2022-0742" + +# fixed-version: Fixed after version 5.8rc6 +CVE_CHECK_IGNORE += "CVE-2022-0812" + +# fixed-version: Fixed after version 5.17rc6 +CVE_CHECK_IGNORE += "CVE-2022-0847" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2022-0850" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-0854" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-0995" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-0998" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-1011" + +# fixed-version: Fixed after version 5.18rc6 +CVE_CHECK_IGNORE += "CVE-2022-1012" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1015" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1016" + +# fixed-version: Fixed after version 5.14rc7 +CVE_CHECK_IGNORE += "CVE-2022-1043" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1048" + +# fixed-version: Fixed after version 5.17rc3 +CVE_CHECK_IGNORE += "CVE-2022-1055" + +# CVE-2022-1116 has no known resolution + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1158" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-1184" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2022-1195" + +# fixed-version: Fixed after version 5.17rc6 +CVE_CHECK_IGNORE += "CVE-2022-1198" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-1199" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1204" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1205" + +# CVE-2022-1247 has no known resolution + +# fixed-version: Fixed after version 5.18rc3 +CVE_CHECK_IGNORE += "CVE-2022-1263" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2022-1280" + +# fixed-version: Fixed after version 5.17 +CVE_CHECK_IGNORE += "CVE-2022-1353" + +# fixed-version: Fixed after version 5.6rc2 +CVE_CHECK_IGNORE += "CVE-2022-1419" + +# fixed-version: Fixed after version 5.19rc7 +CVE_CHECK_IGNORE += "CVE-2022-1462" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2022-1508" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1516" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1651" + +# fixed-version: Fixed after version 5.18rc6 +CVE_CHECK_IGNORE += "CVE-2022-1652" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-1671" + +# fixed-version: Fixed after version 4.20rc1 +CVE_CHECK_IGNORE += "CVE-2022-1678" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-1679" + +# fixed-version: Fixed after version 5.18 +CVE_CHECK_IGNORE += "CVE-2022-1729" + +# fixed-version: Fixed after version 5.18rc6 +CVE_CHECK_IGNORE += "CVE-2022-1734" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2022-1786" + +# fixed-version: Fixed after version 5.18 +CVE_CHECK_IGNORE += "CVE-2022-1789" + +# fixed-version: Fixed after version 5.18rc5 +CVE_CHECK_IGNORE += "CVE-2022-1836" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-1852" + +# fixed-version: Fixed after version 5.19rc8 +CVE_CHECK_IGNORE += "CVE-2022-1882" + +# fixed-version: Fixed after version 5.18rc7 +CVE_CHECK_IGNORE += "CVE-2022-1943" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-1966" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-1972" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-1973" + +# fixed-version: Fixed after version 5.18rc6 +CVE_CHECK_IGNORE += "CVE-2022-1974" + +# fixed-version: Fixed after version 5.18rc6 +CVE_CHECK_IGNORE += "CVE-2022-1975" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-1976" + +# fixed-version: Fixed after version 5.17rc3 +CVE_CHECK_IGNORE += "CVE-2022-1998" + +# fixed-version: Fixed after version 5.17rc5 +CVE_CHECK_IGNORE += "CVE-2022-20008" + +# fixed-version: Fixed after version 5.16rc5 +CVE_CHECK_IGNORE += "CVE-2022-20132" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2022-20141" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2022-20148" + +# fixed-version: Fixed after version 5.13rc1 +CVE_CHECK_IGNORE += "CVE-2022-20153" + +# fixed-version: Fixed after version 5.16rc8 +CVE_CHECK_IGNORE += "CVE-2022-20154" + +# fixed-version: Fixed after version 5.17 +CVE_CHECK_IGNORE += "CVE-2022-20158" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2022-20166" + +# fixed-version: Fixed after version 5.17 +CVE_CHECK_IGNORE += "CVE-2022-20368" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-20369" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2022-20409" + +# fixed-version: Fixed after version 6.0rc4 +CVE_CHECK_IGNORE += "CVE-2022-20421" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-20422" + +# fixed-version: Fixed after version 5.17 +CVE_CHECK_IGNORE += "CVE-2022-20423" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2022-20424" + +# fixed-version: Fixed after version 5.9rc4 +CVE_CHECK_IGNORE += "CVE-2022-20565" + +# fixed-version: Fixed after version 5.19 +CVE_CHECK_IGNORE += "CVE-2022-20566" + +# fixed-version: Fixed after version 4.16rc5 +CVE_CHECK_IGNORE += "CVE-2022-20567" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2022-20568" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-20572" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-2078" + +# fixed-version: Fixed after version 5.19rc3 +CVE_CHECK_IGNORE += "CVE-2022-21123" + +# fixed-version: Fixed after version 5.19rc3 +CVE_CHECK_IGNORE += "CVE-2022-21125" + +# fixed-version: Fixed after version 5.19rc3 +CVE_CHECK_IGNORE += "CVE-2022-21166" + +# fixed-version: Fixed after version 4.20 +CVE_CHECK_IGNORE += "CVE-2022-21385" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-21499" + +# fixed-version: Fixed after version 5.19rc8 +CVE_CHECK_IGNORE += "CVE-2022-21505" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-2153" + +# cpe-stable-backport: Backported in 6.1.14 +CVE_CHECK_IGNORE += "CVE-2022-2196" + +# CVE-2022-2209 has no known resolution + +# fixed-version: Fixed after version 5.17rc2 +CVE_CHECK_IGNORE += "CVE-2022-22942" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-23036" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-23037" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-23038" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-23039" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-23040" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-23041" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-23042" + +# fixed-version: Fixed after version 6.0 +CVE_CHECK_IGNORE += "CVE-2022-2308" + +# fixed-version: Fixed after version 5.19rc5 +CVE_CHECK_IGNORE += "CVE-2022-2318" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-23222" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2022-2327" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-2380" + +# fixed-version: Fixed after version 5.19rc7 +CVE_CHECK_IGNORE += "CVE-2022-23816" + +# CVE-2022-23825 has no known resolution + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-23960" + +# fixed-version: Fixed after version 5.17rc2 +CVE_CHECK_IGNORE += "CVE-2022-24122" + +# fixed-version: Fixed after version 5.17rc2 +CVE_CHECK_IGNORE += "CVE-2022-24448" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-24958" + +# fixed-version: Fixed after version 5.17rc2 +CVE_CHECK_IGNORE += "CVE-2022-24959" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-2503" + +# fixed-version: Fixed after version 5.17rc4 +CVE_CHECK_IGNORE += "CVE-2022-25258" + +# CVE-2022-25265 has no known resolution + +# fixed-version: Fixed after version 5.17rc4 +CVE_CHECK_IGNORE += "CVE-2022-25375" + +# fixed-version: Fixed after version 5.17rc6 +CVE_CHECK_IGNORE += "CVE-2022-25636" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-2585" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-2586" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-2588" + +# fixed-version: Fixed after version 6.0rc3 +CVE_CHECK_IGNORE += "CVE-2022-2590" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-2602" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-26365" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-26373" + +# fixed-version: Fixed after version 5.18rc4 +CVE_CHECK_IGNORE += "CVE-2022-2639" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-26490" + +# fixed-version: Fixed after version 6.0rc5 +CVE_CHECK_IGNORE += "CVE-2022-2663" + +# CVE-2022-26878 has no known resolution + +# fixed-version: Fixed after version 5.17rc6 +CVE_CHECK_IGNORE += "CVE-2022-26966" + +# fixed-version: Fixed after version 5.17rc6 +CVE_CHECK_IGNORE += "CVE-2022-27223" + +# fixed-version: Fixed after version 5.17rc8 +CVE_CHECK_IGNORE += "CVE-2022-27666" + +# cpe-stable-backport: Backported in 6.1.12 +CVE_CHECK_IGNORE += "CVE-2022-27672" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-2785" + +# fixed-version: Fixed after version 5.17rc5 +CVE_CHECK_IGNORE += "CVE-2022-27950" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-28356" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-28388" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-28389" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-28390" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-2873" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-28796" + +# fixed-version: Fixed after version 5.18rc2 +CVE_CHECK_IGNORE += "CVE-2022-28893" + +# fixed-version: Fixed after version 6.0rc4 +CVE_CHECK_IGNORE += "CVE-2022-2905" + +# fixed-version: Fixed after version 5.17rc6 +CVE_CHECK_IGNORE += "CVE-2022-29156" + +# fixed-version: Fixed after version 5.17rc2 +CVE_CHECK_IGNORE += "CVE-2022-2938" + +# fixed-version: Fixed after version 5.18rc4 +CVE_CHECK_IGNORE += "CVE-2022-29581" + +# fixed-version: Fixed after version 5.18rc2 +CVE_CHECK_IGNORE += "CVE-2022-29582" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-2959" + +# CVE-2022-2961 has no known resolution + +# fixed-version: Fixed after version 5.17rc4 +CVE_CHECK_IGNORE += "CVE-2022-2964" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-2977" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-2978" + +# fixed-version: Fixed after version 5.19rc7 +CVE_CHECK_IGNORE += "CVE-2022-29900" + +# fixed-version: Fixed after version 5.19rc7 +CVE_CHECK_IGNORE += "CVE-2022-29901" + +# fixed-version: Fixed after version 5.15rc1 +CVE_CHECK_IGNORE += "CVE-2022-2991" + +# fixed-version: Fixed after version 5.18rc5 +CVE_CHECK_IGNORE += "CVE-2022-29968" + +# fixed-version: Fixed after version 6.0rc3 +CVE_CHECK_IGNORE += "CVE-2022-3028" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-30594" + +# fixed-version: Fixed after version 5.18rc5 +CVE_CHECK_IGNORE += "CVE-2022-3061" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-3077" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-3078" + +# fixed-version: Fixed after version 6.0rc3 +CVE_CHECK_IGNORE += "CVE-2022-3103" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-3104" + +# fixed-version: Fixed after version 5.16 +CVE_CHECK_IGNORE += "CVE-2022-3105" + +# fixed-version: Fixed after version 5.16rc6 +CVE_CHECK_IGNORE += "CVE-2022-3106" + +# fixed-version: Fixed after version 5.17 +CVE_CHECK_IGNORE += "CVE-2022-3107" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-3108" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-3110" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-3111" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-3112" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-3113" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-3114" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-3115" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3169" + +# fixed-version: Fixed after version 6.0rc4 +CVE_CHECK_IGNORE += "CVE-2022-3170" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2022-3176" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-3202" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-32250" + +# fixed-version: Fixed after version 5.18rc6 +CVE_CHECK_IGNORE += "CVE-2022-32296" + +# CVE-2022-3238 has no known resolution + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2022-3239" + +# fixed-version: Fixed after version 5.19rc2 +CVE_CHECK_IGNORE += "CVE-2022-32981" + +# fixed-version: Fixed after version 6.0rc5 +CVE_CHECK_IGNORE += "CVE-2022-3303" + +# fixed-version: Fixed after version 6.1rc7 +CVE_CHECK_IGNORE += "CVE-2022-3344" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-33740" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-33741" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-33742" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-33743" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-33744" + +# fixed-version: Fixed after version 5.18rc5 +CVE_CHECK_IGNORE += "CVE-2022-33981" + +# cpe-stable-backport: Backported in 6.1.2 +CVE_CHECK_IGNORE += "CVE-2022-3424" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3435" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-34494" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-34495" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-34918" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3521" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3522" + +# fixed-version: Fixed after version 6.1rc1 CVE_CHECK_IGNORE += "CVE-2022-3523" -# https://nvd.nist.gov/vuln/detail/CVE-2022-3566 -# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 -# Patched in kernel since v6.1 f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57 +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3524" + +# fixed-version: Fixed after version 5.18rc3 +CVE_CHECK_IGNORE += "CVE-2022-3526" + +# cpe-stable-backport: Backported in 6.1.2 +CVE_CHECK_IGNORE += "CVE-2022-3531" + +# cpe-stable-backport: Backported in 6.1.2 +CVE_CHECK_IGNORE += "CVE-2022-3532" + +# CVE-2022-3533 has no known resolution + +# cpe-stable-backport: Backported in 6.1.2 +CVE_CHECK_IGNORE += "CVE-2022-3534" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3535" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3541" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3542" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3543" + +# CVE-2022-3544 has no known resolution + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-3545" + +# fixed-version: Fixed after version 6.1rc4 +CVE_CHECK_IGNORE += "CVE-2022-3564" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3565" + +# fixed-version: Fixed after version 6.1rc1 CVE_CHECK_IGNORE += "CVE-2022-3566" -# https://nvd.nist.gov/vuln/detail/CVE-2022-3567 -# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 -# Patched in kernel since v6.1 364f997b5cfe1db0d63a390fe7c801fa2b3115f6 +# fixed-version: Fixed after version 6.1rc1 CVE_CHECK_IGNORE += "CVE-2022-3567" +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-3577" + +# fixed-version: Fixed after version 6.0rc5 +CVE_CHECK_IGNORE += "CVE-2022-3586" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3594" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3595" + +# CVE-2022-3606 has no known resolution + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-36123" + +# fixed-version: Fixed after version 6.1rc4 +CVE_CHECK_IGNORE += "CVE-2022-3619" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3621" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3623" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-3624" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-3625" + +# fixed-version: Fixed after version 6.1rc5 +CVE_CHECK_IGNORE += "CVE-2022-3628" + +# cpe-stable-backport: Backported in 6.1.4 +CVE_CHECK_IGNORE += "CVE-2022-36280" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-3629" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-3630" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-3633" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-3635" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-3636" + +# fixed-version: Fixed after version 6.1rc4 +CVE_CHECK_IGNORE += "CVE-2022-3640" + +# CVE-2022-36402 has no known resolution + +# CVE-2022-3642 has no known resolution + +# fixed-version: Fixed after version 6.1 +CVE_CHECK_IGNORE += "CVE-2022-3643" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3646" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3649" -# 2023 - -# https://nvd.nist.gov/vuln/detail/CVE-2022-38457 -# https://nvd.nist.gov/vuln/detail/CVE-2022-40133 -# Both CVE-2022-38457 & CVE-2022-40133 are fixed by the same commit: -# Introduced in version v4.20 e14c02e6b6990e9f6ee18a214a22ac26bae1b25e -# Patched in kernel since v6.2 a309c7194e8a2f8bd4539b9449917913f6c2cd50 -# Backported in version v6.1.7 7ac9578e45b20e3f3c0c8eb71f5417a499a7226a -# See: -# * https://www.linuxkernelcves.com/cves/CVE-2022-38457 -# * https://www.linuxkernelcves.com/cves/CVE-2022-40133 -# * https://lore.kernel.org/all/CAODzB9q3OBD0k6W2bcWrSZo2jC3EvV0PrLyWmO07rxR4nQgkJA@mail.gmail.com/T/ -CVE_CHECK_IGNORE += "CVE-2022-38457 CVE-2022-40133" - -# https://nvd.nist.gov/vuln/detail/CVE-2023-1075 -# Introduced in v4.20 a42055e8d2c30d4decfc13ce943d09c7b9dad221 -# Patched in kernel v6.2 ffe2a22562444720b05bdfeb999c03e810d84cbb -# Backported in version 6.1.11 37c0cdf7e4919e5f76381ac60817b67bcbdacb50 -# 5.15 still has issue, include/net/tls.h:is_tx_ready() would need patch +# fixed-version: Fixed after version 5.19rc8 +CVE_CHECK_IGNORE += "CVE-2022-36879" + +# fixed-version: Fixed after version 5.19 +CVE_CHECK_IGNORE += "CVE-2022-36946" + +# cpe-stable-backport: Backported in 6.1.5 +CVE_CHECK_IGNORE += "CVE-2022-3707" + +# CVE-2022-38096 has no known resolution + +# cpe-stable-backport: Backported in 6.1.7 +CVE_CHECK_IGNORE += "CVE-2022-38457" + +# fixed-version: Fixed after version 6.1rc2 +CVE_CHECK_IGNORE += "CVE-2022-3903" + +# fixed-version: Fixed after version 6.0rc6 +CVE_CHECK_IGNORE += "CVE-2022-3910" + +# fixed-version: Fixed after version 5.19rc8 +CVE_CHECK_IGNORE += "CVE-2022-39188" + +# fixed-version: Fixed after version 5.19rc2 +CVE_CHECK_IGNORE += "CVE-2022-39189" + +# fixed-version: Fixed after version 6.0rc3 +CVE_CHECK_IGNORE += "CVE-2022-39190" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-3977" + +# fixed-version: Fixed after version 5.19rc4 +CVE_CHECK_IGNORE += "CVE-2022-39842" + +# cpe-stable-backport: Backported in 6.1.7 +CVE_CHECK_IGNORE += "CVE-2022-40133" + +# fixed-version: Fixed after version 6.0rc5 +CVE_CHECK_IGNORE += "CVE-2022-40307" + +# fixed-version: Fixed after version 5.19rc4 +CVE_CHECK_IGNORE += "CVE-2022-40476" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-40768" + +# fixed-version: Fixed after version 6.0rc4 +CVE_CHECK_IGNORE += "CVE-2022-4095" + +# cpe-stable-backport: Backported in 6.1.44 +CVE_CHECK_IGNORE += "CVE-2022-40982" + +# cpe-stable-backport: Backported in 6.1.4 +CVE_CHECK_IGNORE += "CVE-2022-41218" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2022-41222" + +# fixed-version: Fixed after version 5.19rc6 +CVE_CHECK_IGNORE += "CVE-2022-4127" + +# fixed-version: Fixed after version 5.19rc7 +CVE_CHECK_IGNORE += "CVE-2022-4128" + +# fixed-version: Fixed after version 6.1rc6 +CVE_CHECK_IGNORE += "CVE-2022-4129" + +# fixed-version: Fixed after version 6.1rc8 +CVE_CHECK_IGNORE += "CVE-2022-4139" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-41674" + +# CVE-2022-41848 has no known resolution + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-41849" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-41850" + +# fixed-version: Fixed after version 5.18rc2 +CVE_CHECK_IGNORE += "CVE-2022-41858" + +# fixed-version: Fixed after version 6.1 +CVE_CHECK_IGNORE += "CVE-2022-42328" + +# fixed-version: Fixed after version 6.1 +CVE_CHECK_IGNORE += "CVE-2022-42329" + +# fixed-version: Fixed after version 6.0rc7 +CVE_CHECK_IGNORE += "CVE-2022-42432" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2022-4269" + +# fixed-version: Fixed after version 6.0rc4 +CVE_CHECK_IGNORE += "CVE-2022-42703" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-42719" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-42720" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-42721" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-42722" + +# fixed-version: Fixed after version 6.1rc4 +CVE_CHECK_IGNORE += "CVE-2022-42895" + +# fixed-version: Fixed after version 6.1rc4 +CVE_CHECK_IGNORE += "CVE-2022-42896" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-43750" + +# fixed-version: Fixed after version 6.1 +CVE_CHECK_IGNORE += "CVE-2022-4378" + +# cpe-stable-backport: Backported in 6.1.3 +CVE_CHECK_IGNORE += "CVE-2022-4379" + +# cpe-stable-backport: Backported in 6.1.8 +CVE_CHECK_IGNORE += "CVE-2022-4382" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2022-43945" + +# CVE-2022-44032 needs backporting (fixed from 6.4rc1) + +# CVE-2022-44033 needs backporting (fixed from 6.4rc1) + +# CVE-2022-44034 has no known resolution + +# CVE-2022-4543 has no known resolution + +# fixed-version: Fixed after version 6.1rc7 +CVE_CHECK_IGNORE += "CVE-2022-45869" + +# CVE-2022-45884 has no known resolution + +# CVE-2022-45885 has no known resolution + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2022-45886" + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2022-45887" + +# CVE-2022-45888 needs backporting (fixed from 6.2rc1) + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2022-45919" + +# fixed-version: Fixed after version 6.1 +CVE_CHECK_IGNORE += "CVE-2022-45934" + +# fixed-version: Fixed after version 6.0rc4 +CVE_CHECK_IGNORE += "CVE-2022-4662" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2022-4696" + +# fixed-version: Fixed after version 5.16rc7 +CVE_CHECK_IGNORE += "CVE-2022-4744" + +# fixed-version: Fixed after version 6.1rc8 +CVE_CHECK_IGNORE += "CVE-2022-47518" + +# fixed-version: Fixed after version 6.1rc8 +CVE_CHECK_IGNORE += "CVE-2022-47519" + +# fixed-version: Fixed after version 6.1rc8 +CVE_CHECK_IGNORE += "CVE-2022-47520" + +# fixed-version: Fixed after version 6.1rc8 +CVE_CHECK_IGNORE += "CVE-2022-47521" + +# cpe-stable-backport: Backported in 6.1.6 +CVE_CHECK_IGNORE += "CVE-2022-47929" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-47938" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-47939" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2022-47940" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-47941" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-47942" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2022-47943" + +# fixed-version: Fixed after version 5.12rc2 +CVE_CHECK_IGNORE += "CVE-2022-47946" + +# cpe-stable-backport: Backported in 6.1.8 +CVE_CHECK_IGNORE += "CVE-2022-4842" + +# cpe-stable-backport: Backported in 6.1.3 +CVE_CHECK_IGNORE += "CVE-2022-48423" + +# cpe-stable-backport: Backported in 6.1.3 +CVE_CHECK_IGNORE += "CVE-2022-48424" + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2022-48425" + +# cpe-stable-backport: Backported in 6.1.40 +CVE_CHECK_IGNORE += "CVE-2022-48502" + +# fixed-version: Fixed after version 5.0rc1 +CVE_CHECK_IGNORE += "CVE-2023-0030" + +# cpe-stable-backport: Backported in 6.1.5 +CVE_CHECK_IGNORE += "CVE-2023-0045" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2023-0047" + +# fixed-version: Fixed after version 6.0rc4 +CVE_CHECK_IGNORE += "CVE-2023-0122" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-0160" + +# cpe-stable-backport: Backported in 6.1.7 +CVE_CHECK_IGNORE += "CVE-2023-0179" + +# cpe-stable-backport: Backported in 6.1.5 +CVE_CHECK_IGNORE += "CVE-2023-0210" + +# fixed-version: Fixed after version 5.10rc1 +CVE_CHECK_IGNORE += "CVE-2023-0240" + +# cpe-stable-backport: Backported in 6.1.6 +CVE_CHECK_IGNORE += "CVE-2023-0266" + +# cpe-stable-backport: Backported in 6.1.9 +CVE_CHECK_IGNORE += "CVE-2023-0386" + +# cpe-stable-backport: Backported in 6.1.7 +CVE_CHECK_IGNORE += "CVE-2023-0394" + +# cpe-stable-backport: Backported in 6.1.8 +CVE_CHECK_IGNORE += "CVE-2023-0458" + +# cpe-stable-backport: Backported in 6.1.14 +CVE_CHECK_IGNORE += "CVE-2023-0459" + +# cpe-stable-backport: Backported in 6.1.5 +CVE_CHECK_IGNORE += "CVE-2023-0461" + +# fixed-version: Fixed after version 6.1rc7 +CVE_CHECK_IGNORE += "CVE-2023-0468" + +# fixed-version: Fixed after version 6.1rc7 +CVE_CHECK_IGNORE += "CVE-2023-0469" + +# fixed-version: Fixed after version 6.1rc2 +CVE_CHECK_IGNORE += "CVE-2023-0590" + +# CVE-2023-0597 needs backporting (fixed from 6.2rc1) + +# fixed-version: Fixed after version 6.1rc3 +CVE_CHECK_IGNORE += "CVE-2023-0615" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-1032" + +# cpe-stable-backport: Backported in 6.1.9 +CVE_CHECK_IGNORE += "CVE-2023-1073" + +# cpe-stable-backport: Backported in 6.1.9 +CVE_CHECK_IGNORE += "CVE-2023-1074" + +# cpe-stable-backport: Backported in 6.1.11 CVE_CHECK_IGNORE += "CVE-2023-1075" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-1076" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-1077" + +# cpe-stable-backport: Backported in 6.1.12 +CVE_CHECK_IGNORE += "CVE-2023-1078" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-1079" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2023-1095" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-1118" + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2023-1192" + +# CVE-2023-1193 has no known resolution + +# CVE-2023-1194 has no known resolution + +# fixed-version: Fixed after version 6.1rc3 +CVE_CHECK_IGNORE += "CVE-2023-1195" + +# cpe-stable-backport: Backported in 6.1.43 +CVE_CHECK_IGNORE += "CVE-2023-1206" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2023-1249" + +# fixed-version: Fixed after version 5.16rc1 +CVE_CHECK_IGNORE += "CVE-2023-1252" + +# cpe-stable-backport: Backported in 6.1.13 +CVE_CHECK_IGNORE += "CVE-2023-1281" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2023-1295" + +# cpe-stable-backport: Backported in 6.1.27 +CVE_CHECK_IGNORE += "CVE-2023-1380" + +# fixed-version: Fixed after version 6.1rc7 +CVE_CHECK_IGNORE += "CVE-2023-1382" + +# fixed-version: Fixed after version 5.11rc4 +CVE_CHECK_IGNORE += "CVE-2023-1390" + +# cpe-stable-backport: Backported in 6.1.13 +CVE_CHECK_IGNORE += "CVE-2023-1513" + +# fixed-version: Fixed after version 5.17rc4 +CVE_CHECK_IGNORE += "CVE-2023-1582" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-1583" + +# cpe-stable-backport: Backported in 6.1.23 +CVE_CHECK_IGNORE += "CVE-2023-1611" + +# fixed-version: Fixed after version 5.18rc2 +CVE_CHECK_IGNORE += "CVE-2023-1637" + +# cpe-stable-backport: Backported in 6.1.9 +CVE_CHECK_IGNORE += "CVE-2023-1652" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-1670" + +# cpe-stable-backport: Backported in 6.1.18 +CVE_CHECK_IGNORE += "CVE-2023-1829" + +# fixed-version: Fixed after version 5.18 +CVE_CHECK_IGNORE += "CVE-2023-1838" + +# cpe-stable-backport: Backported in 6.1.21 +CVE_CHECK_IGNORE += "CVE-2023-1855" + +# cpe-stable-backport: Backported in 6.1.25 +CVE_CHECK_IGNORE += "CVE-2023-1859" + +# fixed-version: Fixed after version 5.18rc2 +CVE_CHECK_IGNORE += "CVE-2023-1872" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-1989" + +# cpe-stable-backport: Backported in 6.1.21 +CVE_CHECK_IGNORE += "CVE-2023-1990" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-1998" + +# cpe-stable-backport: Backported in 6.1.27 +CVE_CHECK_IGNORE += "CVE-2023-2002" + +# fixed-version: Fixed after version 6.1rc7 +CVE_CHECK_IGNORE += "CVE-2023-2006" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2023-2007" + +# fixed-version: Fixed after version 5.19rc4 +CVE_CHECK_IGNORE += "CVE-2023-2008" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2023-2019" + +# cpe-stable-backport: Backported in 6.1.44 +CVE_CHECK_IGNORE += "CVE-2023-20569" + +# cpe-stable-backport: Backported in 6.1.45 +CVE_CHECK_IGNORE += "CVE-2023-20588" + +# cpe-stable-backport: Backported in 6.1.41 +CVE_CHECK_IGNORE += "CVE-2023-20593" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2023-20928" + +# CVE-2023-20937 has no known resolution + +# fixed-version: Fixed after version 5.18rc5 +CVE_CHECK_IGNORE += "CVE-2023-20938" + +# CVE-2023-20941 has no known resolution + +# cpe-stable-backport: Backported in 6.1.8 +CVE_CHECK_IGNORE += "CVE-2023-21102" + +# cpe-stable-backport: Backported in 6.1.9 +CVE_CHECK_IGNORE += "CVE-2023-21106" + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2023-2124" + +# cpe-stable-backport: Backported in 6.1.31 +CVE_CHECK_IGNORE += "CVE-2023-21255" + +# CVE-2023-21264 needs backporting (fixed from 6.4rc5) + +# CVE-2023-21400 has no known resolution + +# cpe-stable-backport: Backported in 6.1.26 +CVE_CHECK_IGNORE += "CVE-2023-2156" + +# cpe-stable-backport: Backported in 6.1.11 +CVE_CHECK_IGNORE += "CVE-2023-2162" + +# cpe-stable-backport: Backported in 6.1.26 +CVE_CHECK_IGNORE += "CVE-2023-2163" + +# fixed-version: Fixed after version 6.1 +CVE_CHECK_IGNORE += "CVE-2023-2166" + +# CVE-2023-2176 needs backporting (fixed from 6.3rc1) + +# fixed-version: Fixed after version 5.19 +CVE_CHECK_IGNORE += "CVE-2023-2177" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-2194" + +# cpe-stable-backport: Backported in 6.1.21 +CVE_CHECK_IGNORE += "CVE-2023-2235" + +# fixed-version: Fixed after version 6.1rc7 +CVE_CHECK_IGNORE += "CVE-2023-2236" + +# cpe-stable-backport: Backported in 6.1.26 +CVE_CHECK_IGNORE += "CVE-2023-2248" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-2269" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2023-22995" + +# fixed-version: Fixed after version 5.18rc1 +CVE_CHECK_IGNORE += "CVE-2023-22996" + +# cpe-stable-backport: Backported in 6.1.2 +CVE_CHECK_IGNORE += "CVE-2023-22997" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2023-22998" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2023-22999" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2023-23000" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2023-23001" + +# fixed-version: Fixed after version 5.17rc1 +CVE_CHECK_IGNORE += "CVE-2023-23002" + +# fixed-version: Fixed after version 5.16rc6 +CVE_CHECK_IGNORE += "CVE-2023-23003" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2023-23004" + +# CVE-2023-23005 needs backporting (fixed from 6.2rc1) + +# fixed-version: Fixed after version 5.16rc8 +CVE_CHECK_IGNORE += "CVE-2023-23006" + +# CVE-2023-23039 has no known resolution + +# cpe-stable-backport: Backported in 6.1.5 +CVE_CHECK_IGNORE += "CVE-2023-23454" + +# cpe-stable-backport: Backported in 6.1.5 +CVE_CHECK_IGNORE += "CVE-2023-23455" + +# cpe-stable-backport: Backported in 6.1.9 +CVE_CHECK_IGNORE += "CVE-2023-23559" + +# fixed-version: Fixed after version 5.12rc1 +CVE_CHECK_IGNORE += "CVE-2023-23586" + +# CVE-2023-2430 needs backporting (fixed from 6.1.50) + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-2483" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-25012" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2023-2513" + +# CVE-2023-25775 needs backporting (fixed from 6.1.53) + +# fixed-version: only affects 6.3rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-2598" + +# CVE-2023-26242 has no known resolution + +# CVE-2023-2640 has no known resolution + +# cpe-stable-backport: Backported in 6.1.3 +CVE_CHECK_IGNORE += "CVE-2023-26544" + +# cpe-stable-backport: Backported in 6.1.13 +CVE_CHECK_IGNORE += "CVE-2023-26545" + +# fixed-version: Fixed after version 6.1rc7 +CVE_CHECK_IGNORE += "CVE-2023-26605" + +# cpe-stable-backport: Backported in 6.1.2 +CVE_CHECK_IGNORE += "CVE-2023-26606" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2023-26607" + +# fixed-version: Fixed after version 6.1 +CVE_CHECK_IGNORE += "CVE-2023-28327" + +# cpe-stable-backport: Backported in 6.1.2 +CVE_CHECK_IGNORE += "CVE-2023-28328" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2023-28410" + +# fixed-version: only affects 6.3rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-28464" + +# cpe-stable-backport: Backported in 6.1.20 +CVE_CHECK_IGNORE += "CVE-2023-28466" + +# fixed-version: Fixed after version 6.0rc5 +CVE_CHECK_IGNORE += "CVE-2023-2860" + +# fixed-version: Fixed after version 5.14rc1 +CVE_CHECK_IGNORE += "CVE-2023-28772" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-28866" + +# cpe-stable-backport: Backported in 6.1.39 +CVE_CHECK_IGNORE += "CVE-2023-2898" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-2985" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2023-3006" + +# Skipping CVE-2023-3022, no affected_versions + +# cpe-stable-backport: Backported in 6.1.21 +CVE_CHECK_IGNORE += "CVE-2023-30456" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-30772" + +# cpe-stable-backport: Backported in 6.1.30 +CVE_CHECK_IGNORE += "CVE-2023-3090" + +# fixed-version: Fixed after version 4.8rc7 +CVE_CHECK_IGNORE += "CVE-2023-3106" + +# Skipping CVE-2023-3108, no affected_versions + +# CVE-2023-31081 has no known resolution + +# CVE-2023-31082 has no known resolution + +# CVE-2023-31083 needs backporting (fixed from 6.6rc1) + +# CVE-2023-31084 needs backporting (fixed from 6.4rc3) + +# CVE-2023-31085 has no known resolution + +# fixed-version: Fixed after version 6.0rc2 +CVE_CHECK_IGNORE += "CVE-2023-3111" + +# cpe-stable-backport: Backported in 6.1.35 +CVE_CHECK_IGNORE += "CVE-2023-3117" + +# cpe-stable-backport: Backported in 6.1.39 +CVE_CHECK_IGNORE += "CVE-2023-31248" + +# cpe-stable-backport: Backported in 6.1.30 +CVE_CHECK_IGNORE += "CVE-2023-3141" + +# cpe-stable-backport: Backported in 6.1.26 +CVE_CHECK_IGNORE += "CVE-2023-31436" + +# fixed-version: Fixed after version 5.18rc6 +CVE_CHECK_IGNORE += "CVE-2023-3159" + +# cpe-stable-backport: Backported in 6.1.11 +CVE_CHECK_IGNORE += "CVE-2023-3161" + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2023-3212" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-3220" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-32233" + +# cpe-stable-backport: Backported in 6.1.29 +CVE_CHECK_IGNORE += "CVE-2023-32247" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-32248" + +# cpe-stable-backport: Backported in 6.1.29 +CVE_CHECK_IGNORE += "CVE-2023-32250" + +# cpe-stable-backport: Backported in 6.1.29 +CVE_CHECK_IGNORE += "CVE-2023-32252" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-32254" + +# cpe-stable-backport: Backported in 6.1.29 +CVE_CHECK_IGNORE += "CVE-2023-32257" + +# cpe-stable-backport: Backported in 6.1.29 +CVE_CHECK_IGNORE += "CVE-2023-32258" + +# cpe-stable-backport: Backported in 6.1.11 +CVE_CHECK_IGNORE += "CVE-2023-32269" + +# CVE-2023-32629 has no known resolution + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-3268" + +# cpe-stable-backport: Backported in 6.1.37 +CVE_CHECK_IGNORE += "CVE-2023-3269" + +# fixed-version: only affects 6.2rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-3312" + +# fixed-version: only affects 6.2rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-3317" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-33203" + +# fixed-version: only affects 6.2rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-33250" + +# cpe-stable-backport: Backported in 6.1.22 +CVE_CHECK_IGNORE += "CVE-2023-33288" + +# fixed-version: Fixed after version 6.1rc1 +CVE_CHECK_IGNORE += "CVE-2023-3338" + +# cpe-stable-backport: Backported in 6.1.16 +CVE_CHECK_IGNORE += "CVE-2023-3355" + +# cpe-stable-backport: Backported in 6.1.2 +CVE_CHECK_IGNORE += "CVE-2023-3357" + +# cpe-stable-backport: Backported in 6.1.9 +CVE_CHECK_IGNORE += "CVE-2023-3358" + +# cpe-stable-backport: Backported in 6.1.11 +CVE_CHECK_IGNORE += "CVE-2023-3359" + +# fixed-version: Fixed after version 6.0rc1 +CVE_CHECK_IGNORE += "CVE-2023-3389" + +# cpe-stable-backport: Backported in 6.1.35 +CVE_CHECK_IGNORE += "CVE-2023-3390" + +# cpe-stable-backport: Backported in 6.1.13 +CVE_CHECK_IGNORE += "CVE-2023-33951" + +# cpe-stable-backport: Backported in 6.1.13 +CVE_CHECK_IGNORE += "CVE-2023-33952" + +# CVE-2023-3397 has no known resolution + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2023-34255" + +# cpe-stable-backport: Backported in 6.1.29 +CVE_CHECK_IGNORE += "CVE-2023-34256" + +# cpe-stable-backport: Backported in 6.1.44 +CVE_CHECK_IGNORE += "CVE-2023-34319" + +# fixed-version: Fixed after version 5.18rc5 +CVE_CHECK_IGNORE += "CVE-2023-3439" + +# cpe-stable-backport: Backported in 6.1.39 +CVE_CHECK_IGNORE += "CVE-2023-35001" + +# cpe-stable-backport: Backported in 6.1.11 +CVE_CHECK_IGNORE += "CVE-2023-3567" + +# CVE-2023-35693 has no known resolution + +# cpe-stable-backport: Backported in 6.1.33 +CVE_CHECK_IGNORE += "CVE-2023-35788" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-35823" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-35824" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-35826" + +# CVE-2023-35827 has no known resolution + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-35828" + +# cpe-stable-backport: Backported in 6.1.28 +CVE_CHECK_IGNORE += "CVE-2023-35829" + +# cpe-stable-backport: Backported in 6.1.35 +CVE_CHECK_IGNORE += "CVE-2023-3609" + +# cpe-stable-backport: Backported in 6.1.36 +CVE_CHECK_IGNORE += "CVE-2023-3610" + +# cpe-stable-backport: Backported in 6.1.40 +CVE_CHECK_IGNORE += "CVE-2023-3611" + +# CVE-2023-3640 has no known resolution + +# fixed-version: only affects 6.3rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-37453" + +# CVE-2023-37454 has no known resolution + +# CVE-2023-3772 needs backporting (fixed from 6.1.47) + +# CVE-2023-3773 needs backporting (fixed from 6.1.47) + +# cpe-stable-backport: Backported in 6.1.40 +CVE_CHECK_IGNORE += "CVE-2023-3776" + +# cpe-stable-backport: Backported in 6.1.42 +CVE_CHECK_IGNORE += "CVE-2023-3777" + +# fixed-version: Fixed after version 6.1rc4 +CVE_CHECK_IGNORE += "CVE-2023-3812" + +# cpe-stable-backport: Backported in 6.1.25 +CVE_CHECK_IGNORE += "CVE-2023-38409" + +# cpe-stable-backport: Backported in 6.1.30 +CVE_CHECK_IGNORE += "CVE-2023-38426" + +# cpe-stable-backport: Backported in 6.1.34 +CVE_CHECK_IGNORE += "CVE-2023-38427" + +# cpe-stable-backport: Backported in 6.1.30 +CVE_CHECK_IGNORE += "CVE-2023-38428" + +# cpe-stable-backport: Backported in 6.1.30 +CVE_CHECK_IGNORE += "CVE-2023-38429" + +# cpe-stable-backport: Backported in 6.1.35 +CVE_CHECK_IGNORE += "CVE-2023-38430" + +# cpe-stable-backport: Backported in 6.1.34 +CVE_CHECK_IGNORE += "CVE-2023-38431" + +# cpe-stable-backport: Backported in 6.1.36 +CVE_CHECK_IGNORE += "CVE-2023-38432" + +# cpe-stable-backport: Backported in 6.1.39 +CVE_CHECK_IGNORE += "CVE-2023-3863" + +# cpe-stable-backport: Backported in 6.1.36 +CVE_CHECK_IGNORE += "CVE-2023-3865" + +# cpe-stable-backport: Backported in 6.1.36 +CVE_CHECK_IGNORE += "CVE-2023-3866" + +# cpe-stable-backport: Backported in 6.1.40 +CVE_CHECK_IGNORE += "CVE-2023-3867" + +# cpe-stable-backport: Backported in 6.1.42 +CVE_CHECK_IGNORE += "CVE-2023-4004" + +# CVE-2023-4010 has no known resolution + +# cpe-stable-backport: Backported in 6.1.43 +CVE_CHECK_IGNORE += "CVE-2023-4015" + +# cpe-stable-backport: Backported in 6.1.45 +CVE_CHECK_IGNORE += "CVE-2023-40283" + +# cpe-stable-backport: Backported in 6.1.45 +CVE_CHECK_IGNORE += "CVE-2023-4128" + +# cpe-stable-backport: Backported in 6.1.39 +CVE_CHECK_IGNORE += "CVE-2023-4132" + +# CVE-2023-4133 needs backporting (fixed from 6.3) + +# CVE-2023-4134 needs backporting (fixed from 6.5rc1) + +# cpe-stable-backport: Backported in 6.1.43 +CVE_CHECK_IGNORE += "CVE-2023-4147" + +# cpe-stable-backport: Backported in 6.1.46 +CVE_CHECK_IGNORE += "CVE-2023-4155" + +# fixed-version: only affects 6.3rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-4194" + +# cpe-stable-backport: Backported in 6.1.45 +CVE_CHECK_IGNORE += "CVE-2023-4206" + +# cpe-stable-backport: Backported in 6.1.45 +CVE_CHECK_IGNORE += "CVE-2023-4207" + +# cpe-stable-backport: Backported in 6.1.45 +CVE_CHECK_IGNORE += "CVE-2023-4208" + +# CVE-2023-4244 needs backporting (fixed from 6.5rc7) + +# cpe-stable-backport: Backported in 6.1.45 +CVE_CHECK_IGNORE += "CVE-2023-4273" + +# fixed-version: Fixed after version 5.19rc1 +CVE_CHECK_IGNORE += "CVE-2023-4385" + +# fixed-version: Fixed after version 5.18 +CVE_CHECK_IGNORE += "CVE-2023-4387" + +# fixed-version: Fixed after version 5.18rc3 +CVE_CHECK_IGNORE += "CVE-2023-4389" + +# fixed-version: Fixed after version 6.0rc3 +CVE_CHECK_IGNORE += "CVE-2023-4394" + +# fixed-version: Fixed after version 5.18 +CVE_CHECK_IGNORE += "CVE-2023-4459" + +# CVE-2023-4563 needs backporting (fixed from 6.5rc6) + +# CVE-2023-4569 needs backporting (fixed from 6.1.47) + +# fixed-version: only affects 6.4rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-4611" + +# CVE-2023-4622 needs backporting (fixed from 6.5rc1) + +# CVE-2023-4623 needs backporting (fixed from 6.1.53) + +# CVE-2023-4881 needs backporting (fixed from 6.6rc1) + +# CVE-2023-4921 needs backporting (fixed from 6.6rc1) + diff --git a/poky/meta/recipes-kernel/linux/generate-cve-exclusions.py b/poky/meta/recipes-kernel/linux/generate-cve-exclusions.py new file mode 100755 index 0000000000..b9b87f245d --- /dev/null +++ b/poky/meta/recipes-kernel/linux/generate-cve-exclusions.py @@ -0,0 +1,101 @@ +#! /usr/bin/env python3 + +# Generate granular CVE status metadata for a specific version of the kernel +# using data from linuxkernelcves.com. +# +# SPDX-License-Identifier: GPL-2.0-only + +import argparse +import datetime +import json +import pathlib +import re + +from packaging.version import Version + + +def parse_version(s): + """ + Parse the version string and either return a packaging.version.Version, or + None if the string was unset or "unk". + """ + if s and s != "unk": + # packaging.version.Version doesn't approve of versions like v5.12-rc1-dontuse + s = s.replace("-dontuse", "") + return Version(s) + return None + + +def main(argp=None): + parser = argparse.ArgumentParser() + parser.add_argument("datadir", type=pathlib.Path, help="Path to a clone of https://github.com/nluedtke/linux_kernel_cves") + parser.add_argument("version", type=Version, help="Kernel version number to generate data for, such as 6.1.38") + + args = parser.parse_args(argp) + datadir = args.datadir + version = args.version + base_version = f"{version.major}.{version.minor}" + + with open(datadir / "data" / "kernel_cves.json", "r") as f: + cve_data = json.load(f) + + with open(datadir / "data" / "stream_fixes.json", "r") as f: + stream_data = json.load(f) + + print(f""" +# Auto-generated CVE metadata, DO NOT EDIT BY HAND. +# Generated at {datetime.datetime.now()} for version {version} + +python check_kernel_cve_status_version() {{ + this_version = "{version}" + kernel_version = d.getVar("LINUX_VERSION") + if kernel_version != this_version: + bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) +}} +do_cve_check[prefuncs] += "check_kernel_cve_status_version" +""") + + for cve, data in cve_data.items(): + if "affected_versions" not in data: + print(f"# Skipping {cve}, no affected_versions") + print() + continue + + affected = data["affected_versions"] + first_affected, last_affected = re.search(r"(.+) to (.+)", affected).groups() + first_affected = parse_version(first_affected) + last_affected = parse_version(last_affected) + + handled = False + if not last_affected: + print(f"# {cve} has no known resolution") + elif first_affected and version < first_affected: + print(f"# fixed-version: only affects {first_affected} onwards") + handled = True + elif last_affected < version: + print(f"# fixed-version: Fixed after version {last_affected}") + handled = True + else: + if cve in stream_data: + backport_data = stream_data[cve] + if base_version in backport_data: + backport_ver = Version(backport_data[base_version]["fixed_version"]) + if backport_ver <= version: + print(f"# cpe-stable-backport: Backported in {backport_ver}") + handled = True + else: + # TODO print a note that the kernel needs bumping + print(f"# {cve} needs backporting (fixed from {backport_ver})") + else: + print(f"# {cve} needs backporting (fixed from {last_affected})") + else: + print(f"# {cve} needs backporting (fixed from {last_affected})") + + if handled: + print(f'CVE_CHECK_IGNORE += "{cve}"') + + print() + + +if __name__ == "__main__": + main() diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb index f49623a2cc..be5dd5efec 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "613a261b361c2f0d1e1428ad02dffe4e81d1a24b" -SRCREV_meta ?= "957ddf5f9d4bf5791e88a46ce9ec4352a6d0a171" +SRCREV_machine ?= "0ac91942af8fec31671ffe62e9518aaf15f110b3" +SRCREV_meta ?= "f484a7f175b4f3c4f7d2b553cde232bd41f757d8" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA};protocol=https" -LINUX_VERSION ?= "5.15.113" +LINUX_VERSION ?= "5.15.124" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb index 20d2729371..d13722b32f 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb @@ -14,13 +14,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "f974a72071f8b481fc4e38517219bc5c503e14f6" -SRCREV_meta ?= "36901b5b298e601fe73dd79aaff8b615a7762013" +SRCREV_machine ?= "9d355978d3a95f5c190a21d95ebb2a5d0e638537" +SRCREV_meta ?= "295d37e268bc02070da670e46456227bee38795b" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https" -LINUX_VERSION ?= "6.1.25" +LINUX_VERSION ?= "6.1.46" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb index 1981d6e5ac..b8f3d71a72 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb @@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.15.113" +LINUX_VERSION ?= "5.15.124" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "cad8d3fd06feec26840453ddfd483216b4cf5b51" -SRCREV_meta ?= "957ddf5f9d4bf5791e88a46ce9ec4352a6d0a171" +SRCREV_machine ?= "cdb289c798fe1fc9f259a08c32e2dd9516ccb7a4" +SRCREV_meta ?= "f484a7f175b4f3c4f7d2b553cde232bd41f757d8" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb index 47d77404d0..a77bd9d183 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb @@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc # CVE exclusions include recipes-kernel/linux/cve-exclusion_6.1.inc -LINUX_VERSION ?= "6.1.25" +LINUX_VERSION ?= "6.1.46" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_meta ?= "36901b5b298e601fe73dd79aaff8b615a7762013" +SRCREV_machine ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_meta ?= "295d37e268bc02070da670e46456227bee38795b" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb index 6213763295..a15284fb4b 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.15.bb @@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base" KBRANCH:qemux86-64 ?= "v5.15/standard/base" KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "8f55d1b405ec36812e15592bec1a471c4afa8dfa" -SRCREV_machine:qemuarm64 ?= "6f43cd2bf083a3a6d77edd2ddd275b9c6c3adf63" -SRCREV_machine:qemumips ?= "942912a383bbb5b1edb362c1da8f328c50e8e16a" -SRCREV_machine:qemuppc ?= "9b2cc2b52ad546d07bcef0d6c76e657ff46140ce" -SRCREV_machine:qemuriscv64 ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91" -SRCREV_machine:qemuriscv32 ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91" -SRCREV_machine:qemux86 ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91" -SRCREV_machine:qemux86-64 ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91" -SRCREV_machine:qemumips64 ?= "570b02954e1cf598ba8792aa6127ddde7f2af647" -SRCREV_machine ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91" -SRCREV_meta ?= "957ddf5f9d4bf5791e88a46ce9ec4352a6d0a171" +SRCREV_machine:qemuarm ?= "676a22c65ec0f8bb5dc7e13d130f6e3764959d75" +SRCREV_machine:qemuarm64 ?= "f0e7afd5948f71be062cd9194b56cd03de94b7cb" +SRCREV_machine:qemumips ?= "0f1ceb9008f182cd7f21420bbec6f21a67da8397" +SRCREV_machine:qemuppc ?= "4ec9fc13283ce01627ef8c32617a1eb71e127c62" +SRCREV_machine:qemuriscv64 ?= "1c09be01f4b87f60ea64136459167d73502a118f" +SRCREV_machine:qemuriscv32 ?= "1c09be01f4b87f60ea64136459167d73502a118f" +SRCREV_machine:qemux86 ?= "1c09be01f4b87f60ea64136459167d73502a118f" +SRCREV_machine:qemux86-64 ?= "1c09be01f4b87f60ea64136459167d73502a118f" +SRCREV_machine:qemumips64 ?= "fad09cc6acf2175aa6b5979ef48cd5f05afc3da0" +SRCREV_machine ?= "1c09be01f4b87f60ea64136459167d73502a118f" +SRCREV_meta ?= "f484a7f175b4f3c4f7d2b553cde232bd41f757d8" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "1fe619a7d25218e9b9fdcce9fcac6a05cd62abed" +SRCREV_machine:class-devupstream ?= "38d4ca22a5288c4bae7e6d62a1728b0718d51866" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.15/base" @@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA};protocol=https" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.15.113" +LINUX_VERSION ?= "5.15.124" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb index 6640000d83..df477b7dee 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb @@ -17,25 +17,25 @@ KBRANCH:qemux86-64 ?= "v6.1/standard/base" KBRANCH:qemuloongarch64 ?= "v6.1/standard/base" KBRANCH:qemumips64 ?= "v6.1/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "0b80e90b38ae1735c7dab701ca3d0b2447376ccc" -SRCREV_machine:qemuarm64 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_machine:qemuloongarch64 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_machine:qemumips ?= "db61d7fe3540904fbe77b532ce3e37aeb737524a" -SRCREV_machine:qemuppc ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_machine:qemuriscv64 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_machine:qemuriscv32 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_machine:qemux86 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_machine:qemux86-64 ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_machine:qemumips64 ?= "aacc52b6216955723cebb5bc493a4210357b23b2" -SRCREV_machine ?= "581dc1aa2f340fff2cc010067257185fa2c993f9" -SRCREV_meta ?= "36901b5b298e601fe73dd79aaff8b615a7762013" +SRCREV_machine:qemuarm ?= "4e49d63e747e81aebad5ce6091ba6de09f09d46f" +SRCREV_machine:qemuarm64 ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_machine:qemuloongarch64 ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_machine:qemumips ?= "e527feb9cd8acbcbcd7115f51cf71166fdbce11a" +SRCREV_machine:qemuppc ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_machine:qemuriscv64 ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_machine:qemuriscv32 ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_machine:qemux86 ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_machine:qemux86-64 ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_machine:qemumips64 ?= "296b096f4c747e4c4b31b1708fc8a0acb1dac04e" +SRCREV_machine ?= "44fd0c7a5a7955282a1ab24bf3dcdee068839ad2" +SRCREV_meta ?= "295d37e268bc02070da670e46456227bee38795b" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "f17b0ab65d17988d5e6d6fe22f708ef3721080bf" +SRCREV_machine:class-devupstream ?= "6c44e13dc284f7f4db17706ca48fd016d6b3d49a" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v6.1/base" @@ -43,7 +43,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "6.1.25" +LINUX_VERSION ?= "6.1.46" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb b/poky/meta/recipes-kernel/lttng/babeltrace2_2.0.5.bb index 16d8b945a4..9a4007fb25 100644 --- a/poky/meta/recipes-kernel/lttng/babeltrace2_2.0.4.bb +++ b/poky/meta/recipes-kernel/lttng/babeltrace2_2.0.5.bb @@ -12,7 +12,7 @@ SRC_URI = "git://git.efficios.com/babeltrace.git;branch=stable-2.0;protocol=http file://0001-tests-do-not-run-test-applications-from-.libs.patch \ file://0001-Make-manpages-multilib-identical.patch \ " -SRCREV = "23e8cf4e6fdc1d0b230e964dafac08a57e6228e6" +SRCREV = "66e76d1ea601705928899138f02730a3a2a3153d" UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>2(\.\d+)+)$" S = "${WORKDIR}/git" @@ -28,6 +28,7 @@ FILES:${PN}-staticdev += "${libdir}/babeltrace2/plugins/*.a" FILES:${PN} += "${libdir}/babeltrace2/plugins/*.so" ASNEEDED = "" +LDFLAGS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-lld ptest', ' -fuse-ld=bfd ', '', d)}" # coreutils since we need full mktemp RDEPENDS:${PN}-ptest += "bash gawk python3 make grep coreutils findutils" diff --git a/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.5.bb b/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.6.bb index 916408bff0..424b0fa645 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.5.bb +++ b/poky/meta/recipes-kernel/lttng/lttng-ust_2.13.6.bb @@ -34,7 +34,7 @@ SRC_URI = "https://lttng.org/files/lttng-ust/lttng-ust-${PV}.tar.bz2 \ file://0001-Makefile.am-update-rpath-link.patch \ " -SRC_URI[sha256sum] = "f1d7bb4984a3dc5dacd3b7bcb4c10c04b041b0eecd7cba1fef3d8f86aff02bd6" +SRC_URI[sha256sum] = "e7e04596dd73ac7aa99e27cd000f949dbb0fed51bd29099f9b08a25c1df0ced5" CVE_PRODUCT = "ust" diff --git a/poky/meta/recipes-kernel/perf/perf.bb b/poky/meta/recipes-kernel/perf/perf.bb index 5fce30862e..297b42aebb 100644 --- a/poky/meta/recipes-kernel/perf/perf.bb +++ b/poky/meta/recipes-kernel/perf/perf.bb @@ -135,6 +135,10 @@ PERF_EXTRA_LDFLAGS:mipsarchn64el = "-m elf64ltsmip" do_compile() { # Linux kernel build system is expected to do the right thing unset CFLAGS + test -e ${S}/tools/lib/traceevent/plugins/Makefile && \ + sed -i -e 's|\$(libdir)/traceevent/plugins|\$(libdir)/traceevent_${KERNEL_VERSION}/plugins|g' ${S}/tools/lib/traceevent/plugins/Makefile + test -e ${S}/tools/perf/Makefile.config && \ + sed -i -e 's|\$(libdir)/traceevent/plugins|\$(libdir)/traceevent_${KERNEL_VERSION}/plugins|g' ${S}/tools/perf/Makefile.config oe_runmake all } @@ -361,7 +365,7 @@ RSUGGESTS_SCRIPTING = "${@bb.utils.contains('PACKAGECONFIG', 'scripting', '${PN} RSUGGESTS:${PN} += "${PN}-archive ${PN}-tests ${RSUGGESTS_SCRIPTING}" FILES_SOLIBSDEV = "" -FILES:${PN} += "${libexecdir}/perf-core ${exec_prefix}/libexec/perf-core ${libdir}/traceevent ${libdir}/libperf-jvmti.so" +FILES:${PN} += "${libexecdir}/perf-core ${exec_prefix}/libexec/perf-core ${libdir}/traceevent* ${libdir}/libperf-jvmti.so" FILES:${PN}-archive = "${libdir}/perf/perf-core/perf-archive" FILES:${PN}-tests = "${libdir}/perf/perf-core/tests ${libexecdir}/perf-core/tests" FILES:${PN}-python = " \ diff --git a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.02.13.bb b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.05.03.bb index ce60154f1e..cd3f52fc76 100644 --- a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.02.13.bb +++ b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2023.05.03.bb @@ -5,7 +5,7 @@ LICENSE = "ISC" LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz" -SRC_URI[sha256sum] = "fe81e8a8694dc4753a45087a1c4c7e1b48dee5a59f5f796ce374ea550f0b2e73" +SRC_URI[sha256sum] = "f254d08ab3765aeae2b856222e11a95d44aef519a6663877c71ef68fae4c8c12" inherit bin_package allarch diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch deleted file mode 100644 index 2775a81cc8..0000000000 --- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch +++ /dev/null @@ -1,89 +0,0 @@ -From 92f9b28ed84a77138105475beba16c146bdaf984 Mon Sep 17 00:00:00 2001 -From: Paul B Mahol <onemda@gmail.com> -Date: Sat, 12 Nov 2022 16:12:00 +0100 -Subject: [PATCH] avcodec/rpzaenc: stop accessing out of bounds frame - -Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/92f9b28ed84a77138105475beba16c146bdaf984] - -Signed-off-by: <narpat.mali@windriver.com> - ---- - libavcodec/rpzaenc.c | 22 +++++++++++++++------- - 1 file changed, 15 insertions(+), 7 deletions(-) - -diff --git a/libavcodec/rpzaenc.c b/libavcodec/rpzaenc.c -index d710eb4f82..4ced9523e2 100644 ---- a/libavcodec/rpzaenc.c -+++ b/libavcodec/rpzaenc.c -@@ -205,7 +205,7 @@ static void get_max_component_diff(const BlockInfo *bi, const uint16_t *block_pt - - // loop thru and compare pixels - for (y = 0; y < bi->block_height; y++) { -- for (x = 0; x < bi->block_width; x++){ -+ for (x = 0; x < bi->block_width; x++) { - // TODO: optimize - min_r = FFMIN(R(block_ptr[x]), min_r); - min_g = FFMIN(G(block_ptr[x]), min_g); -@@ -278,7 +278,7 @@ static int leastsquares(const uint16_t *block_ptr, const BlockInfo *bi, - return -1; - - for (i = 0; i < bi->block_height; i++) { -- for (j = 0; j < bi->block_width; j++){ -+ for (j = 0; j < bi->block_width; j++) { - x = GET_CHAN(block_ptr[j], xchannel); - y = GET_CHAN(block_ptr[j], ychannel); - sumx += x; -@@ -325,7 +325,7 @@ static int calc_lsq_max_fit_error(const uint16_t *block_ptr, const BlockInfo *bi - int max_err = 0; - - for (i = 0; i < bi->block_height; i++) { -- for (j = 0; j < bi->block_width; j++){ -+ for (j = 0; j < bi->block_width; j++) { - int x_inc, lin_y, lin_x; - x = GET_CHAN(block_ptr[j], xchannel); - y = GET_CHAN(block_ptr[j], ychannel); -@@ -420,7 +420,9 @@ static void update_block_in_prev_frame(const uint16_t *src_pixels, - uint16_t *dest_pixels, - const BlockInfo *bi, int block_counter) - { -- for (int y = 0; y < 4; y++) { -+ const int y_size = FFMIN(4, bi->image_height - bi->row * 4); -+ -+ for (int y = 0; y < y_size; y++) { - memcpy(dest_pixels, src_pixels, 8); - dest_pixels += bi->rowstride; - src_pixels += bi->rowstride; -@@ -730,14 +732,15 @@ post_skip : - - if (err > s->sixteen_color_thresh) { // DO SIXTEEN COLOR BLOCK - uint16_t *row_ptr; -- int rgb555; -+ int y_size, rgb555; - - block_offset = get_block_info(&bi, block_counter); - - row_ptr = &src_pixels[block_offset]; -+ y_size = FFMIN(4, bi.image_height - bi.row * 4); - -- for (int y = 0; y < 4; y++) { -- for (int x = 0; x < 4; x++){ -+ for (int y = 0; y < y_size; y++) { -+ for (int x = 0; x < 4; x++) { - rgb555 = row_ptr[x] & ~0x8000; - - put_bits(&s->pb, 16, rgb555); -@@ -745,6 +748,11 @@ post_skip : - row_ptr += bi.rowstride; - } - -+ for (int y = y_size; y < 4; y++) { -+ for (int x = 0; x < 4; x++) -+ put_bits(&s->pb, 16, 0); -+ } -+ - block_counter++; - } else { // FOUR COLOR BLOCK - block_counter += encode_four_color_block(min_color, max_color, --- -2.34.1 - diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch deleted file mode 100644 index 923fc6a9c1..0000000000 --- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 13c13109759090b7f7182480d075e13b36ed8edd Mon Sep 17 00:00:00 2001 -From: Paul B Mahol <onemda@gmail.com> -Date: Sat, 12 Nov 2022 15:19:21 +0100 -Subject: [PATCH] avcodec/smcenc: stop accessing out of bounds frame - -Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/13c13109759090b7f7182480d075e13b36ed8edd] - -Signed-off-by: <narpat.mali@windriver.com> - ---- - libavcodec/smcenc.c | 18 ++++++++++++++---- - 1 file changed, 14 insertions(+), 4 deletions(-) - -diff --git a/libavcodec/smcenc.c b/libavcodec/smcenc.c -index f3d26a4e8d..33549b8ab4 100644 ---- a/libavcodec/smcenc.c -+++ b/libavcodec/smcenc.c -@@ -61,6 +61,7 @@ typedef struct SMCContext { - { \ - row_ptr += stride * 4; \ - pixel_ptr = row_ptr; \ -+ cur_y += 4; \ - } \ - } \ - } -@@ -117,6 +118,7 @@ static void smc_encode_stream(SMCContext *s, const AVFrame *frame, - const uint8_t *prev_pixels = (const uint8_t *)s->prev_frame->data[0]; - uint8_t *distinct_values = s->distinct_values; - const uint8_t *pixel_ptr, *row_ptr; -+ const int height = frame->height; - const int width = frame->width; - uint8_t block_values[16]; - int block_counter = 0; -@@ -125,13 +127,14 @@ static void smc_encode_stream(SMCContext *s, const AVFrame *frame, - int color_octet_index = 0; - int color_table_index; /* indexes to color pair, quad, or octet tables */ - int total_blocks; -+ int cur_y = 0; - - memset(s->color_pairs, 0, sizeof(s->color_pairs)); - memset(s->color_quads, 0, sizeof(s->color_quads)); - memset(s->color_octets, 0, sizeof(s->color_octets)); - - /* Number of 4x4 blocks in frame. */ -- total_blocks = ((frame->width + 3) / 4) * ((frame->height + 3) / 4); -+ total_blocks = ((width + 3) / 4) * ((height + 3) / 4); - - pixel_ptr = row_ptr = src_pixels; - -@@ -145,11 +148,13 @@ static void smc_encode_stream(SMCContext *s, const AVFrame *frame, - int cache_index; - int distinct = 0; - int blocks = 0; -+ int frame_y = cur_y; - - while (prev_pixels && s->key_frame == 0 && block_counter + inter_skip_blocks < total_blocks) { -+ const int y_size = FFMIN(4, height - cur_y); - int compare = 0; - -- for (int y = 0; y < 4; y++) { -+ for (int y = 0; y < y_size; y++) { - const ptrdiff_t offset = pixel_ptr - src_pixels; - const uint8_t *prev_pixel_ptr = prev_pixels + offset; - -@@ -170,8 +175,10 @@ static void smc_encode_stream(SMCContext *s, const AVFrame *frame, - - pixel_ptr = xpixel_ptr; - row_ptr = xrow_ptr; -+ cur_y = frame_y; - - while (block_counter > 0 && block_counter + intra_skip_blocks < total_blocks) { -+ const int y_size = FFMIN(4, height - cur_y); - const ptrdiff_t offset = pixel_ptr - src_pixels; - const int sy = offset / stride; - const int sx = offset % stride; -@@ -180,7 +187,7 @@ static void smc_encode_stream(SMCContext *s, const AVFrame *frame, - const uint8_t *old_pixel_ptr = src_pixels + nx + ny * stride; - int compare = 0; - -- for (int y = 0; y < 4; y++) { -+ for (int y = 0; y < y_size; y++) { - compare |= memcmp(old_pixel_ptr + y * stride, pixel_ptr + y * stride, 4); - if (compare) - break; -@@ -197,9 +204,11 @@ static void smc_encode_stream(SMCContext *s, const AVFrame *frame, - - pixel_ptr = xpixel_ptr; - row_ptr = xrow_ptr; -+ cur_y = frame_y; - - while (block_counter + coded_blocks < total_blocks && coded_blocks < 256) { -- for (int y = 0; y < 4; y++) -+ const int y_size = FFMIN(4, height - cur_y); -+ for (int y = 0; y < y_size; y++) - memcpy(block_values + y * 4, pixel_ptr + y * stride, 4); - - qsort(block_values, 16, sizeof(block_values[0]), smc_cmp_values); -@@ -224,6 +233,7 @@ static void smc_encode_stream(SMCContext *s, const AVFrame *frame, - - pixel_ptr = xpixel_ptr; - row_ptr = xrow_ptr; -+ cur_y = frame_y; - - blocks = coded_blocks; - distinct = coded_distinct; --- -2.34.1 - diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/ffmpeg-fix-vulkan.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/ffmpeg-fix-vulkan.patch deleted file mode 100644 index 95bd608a27..0000000000 --- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/ffmpeg-fix-vulkan.patch +++ /dev/null @@ -1,34 +0,0 @@ -From: Lynne <dev@lynne.ee> -Date: Sun, 25 Dec 2022 00:03:30 +0000 (+0100) -Subject: hwcontext_vulkan: remove optional encode/decode extensions from the list -X-Git-Url: http://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff_plain/eb0455d64690 - -hwcontext_vulkan: remove optional encode/decode extensions from the list - -They're not currently used, so they don't need to be there. -Vulkan stabilized the decode extensions less than a week ago, and their -name prefixes were changed from EXT to KHR. It's a bit too soon to be -depending on it, so rather than bumping, just remove these for now. - -Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff_plain/eb0455d64690] ---- - -diff --git a/libavutil/hwcontext_vulkan.c b/libavutil/hwcontext_vulkan.c -index f1db1c7291..2a9b5f4aac 100644 ---- a/libavutil/hwcontext_vulkan.c -+++ b/libavutil/hwcontext_vulkan.c -@@ -358,14 +358,6 @@ static const VulkanOptExtension optional_device_exts[] = { - { VK_KHR_EXTERNAL_MEMORY_WIN32_EXTENSION_NAME, FF_VK_EXT_EXTERNAL_WIN32_MEMORY }, - { VK_KHR_EXTERNAL_SEMAPHORE_WIN32_EXTENSION_NAME, FF_VK_EXT_EXTERNAL_WIN32_SEM }, - #endif -- -- /* Video encoding/decoding */ -- { VK_KHR_VIDEO_QUEUE_EXTENSION_NAME, FF_VK_EXT_NO_FLAG }, -- { VK_KHR_VIDEO_DECODE_QUEUE_EXTENSION_NAME, FF_VK_EXT_NO_FLAG }, -- { VK_KHR_VIDEO_ENCODE_QUEUE_EXTENSION_NAME, FF_VK_EXT_NO_FLAG }, -- { VK_EXT_VIDEO_ENCODE_H264_EXTENSION_NAME, FF_VK_EXT_NO_FLAG }, -- { VK_EXT_VIDEO_DECODE_H264_EXTENSION_NAME, FF_VK_EXT_NO_FLAG }, -- { VK_EXT_VIDEO_DECODE_H265_EXTENSION_NAME, FF_VK_EXT_NO_FLAG }, - }; - - /* Converts return values to strings */ diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.3.bb index cccd9f65ab..9899e570ad 100644 --- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.3.bb @@ -23,12 +23,15 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://COPYING.LGPLv3;md5=e6a600fd5e1d9cbde2d983680233ad02" SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ - file://0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch \ - file://0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch \ - file://ffmpeg-fix-vulkan.patch \ " -SRC_URI[sha256sum] = "619e706d662c8420859832ddc259cd4d4096a48a2ce1eefd052db9e440eef3dc" +SRC_URI[sha256sum] = "1b113593ff907293be7aed95acdda5e785dd73616d7d4ec90a0f6adbc5a0312e" + +# CVE-2023-39018 issue belongs to ffmpeg-cli-wrapper (Java wrapper around the FFmpeg CLI) +# and not ffmepg itself. +# https://security-tracker.debian.org/tracker/CVE-2023-39018 +# https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018 +CVE_CHECK_IGNORE += "CVE-2023-39018" # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717 ARM_INSTRUCTION_SET:armv4 = "arm" diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.5.bb index 8b282bbb7b..3e029396a6 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.5.bb @@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV} file://0001-connect-has-a-different-signature-on-musl.patch \ " -SRC_URI[sha256sum] = "eb62726d3e27a8782369a24fd6364a8885ed2462b3bbdab091dffc8139ee06d8" +SRC_URI[sha256sum] = "2add1519aa6eeb01d544cb94293688ee3bc2079f6bca6075bf5c23d00a0921be" DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base" RRECOMMENDS:${PN} = "git" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.5.bb index ed3dbaca22..af9dc5d2d5 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.5.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \ " SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz" -SRC_URI[sha256sum] = "fcaaf9878fe8f3bc82317ef13a1558824cb68df1f8968c6797f556c5e33bcffd" +SRC_URI[sha256sum] = "8583f0c1f4fcb01eed11fa1e3c21126543a8bd739ed4fc1db31f756a5ab01d9a" S = "${WORKDIR}/gst-libav-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.5.bb index d2d23050d9..5d99810cd4 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.5.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz" -SRC_URI[sha256sum] = "1b0c57f2cc4ddeec5e7f0c436e502f06665c4e93c73261855b94e04fc94337b2" +SRC_URI[sha256sum] = "cf0cb9c4de06c5d62eef77cb31238bbaf257dc88802010072eedd1c168f136a4" S = "${WORKDIR}/gst-omx-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.5.bb index 6260f9586b..94e5bb894c 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.5.bb @@ -10,7 +10,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad file://0002-avoid-including-sys-poll.h-directly.patch \ file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \ " -SRC_URI[sha256sum] = "3d8faf1ce3402c8535ce3a8c4e1a6c960e4b5655dbda6b55943db9ac79022d0f" +SRC_URI[sha256sum] = "e64e75cdafd7ff2fc7fc34e855b06b1e3ed227cc06fa378d17bbcd76780c338c" S = "${WORKDIR}/gst-plugins-bad-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.5.bb index c1e5d0cd09..74105a44e7 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.5.bb @@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba file://0003-viv-fb-Make-sure-config.h-is-included.patch \ file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \ " -SRC_URI[sha256sum] = "eb65120c4ee79b7a153c3c1972d5c0158c2151877cc51ec7725bba5749679d49" +SRC_URI[sha256sum] = "edd4338b45c26a9af28c0d35aab964a024c3884ba6f520d8428df04212c8c93a" S = "${WORKDIR}/gst-plugins-base-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.5.bb index a9352949b5..93f0e76ee9 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.5.bb @@ -8,7 +8,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-go file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \ file://0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch" -SRC_URI[sha256sum] = "7c8cc59425f2b232f60ca7d13e56edd615da4f711e73dd01a7cffa46e6bc0cdd" +SRC_URI[sha256sum] = "b67b31313a54c6929b82969d41d3cfdf2f58db573fb5f491e6bba5d84aea0778" S = "${WORKDIR}/gst-plugins-good-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.5.bb index dc81bf27f6..29d705aaaf 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.5.bb @@ -14,7 +14,7 @@ LICENSE_FLAGS = "commercial" SRC_URI = " \ https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "8f30f44db0bd063709bf6fbe55138e3a98af0abcb61c360f35582bbe10e80691" +SRC_URI[sha256sum] = "2680473b218158f18467cac3e1c50291b7ff4e0710dd350a59eaacbc29c09a54" S = "${WORKDIR}/gst-plugins-ugly-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.5.bb index ab1600db41..be817bf3f5 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.5.bb @@ -8,7 +8,7 @@ LICENSE = "LGPL-2.1-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "bef2b3d82ce4be46b775b1bb56305c1003ee01b535a53a82f9fe8924972153ad" +SRC_URI[sha256sum] = "bf05232415cf6018142ae51dd3b897bb73432687b5ce1786bf46edc6298ce5b0" DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.5.bb index 02c2badc2a..84c51e8a6c 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.5.bb @@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "2be4aecfb88710100ea7115ed0216403e8094344ebf146094271b8d4d73828bf" +SRC_URI[sha256sum] = "f343eb54964ebd4d8c071be5eecad586f28feb0156e036e06b148d0e7febb1c0" S = "${WORKDIR}/${PNREAL}-${PV}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.5.bb index 6111720976..231d252323 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.5.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "d2e642f9745f97d9f73a7f5085e7659a9a31fe209b774e6e45dae041b435df06" +SRC_URI[sha256sum] = "a9a550267c9584df0e8c70434d30476e8fd0018b733c1c1ee33deaf422bdb24b" S = "${WORKDIR}/${REALPN}-${PV}" DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.2.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.5.bb index f6dd2c168e..2dacf037f8 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.2.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.5.bb @@ -22,7 +22,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x file://0003-tests-use-a-dictionaries-for-environment.patch;striplevel=3 \ file://0004-tests-add-helper-script-to-run-the-installed_tests.patch;striplevel=3 \ " -SRC_URI[sha256sum] = "b2afe73603921c608ba48969dbb7d743776744bfe5d8059ece241137b7f88e21" +SRC_URI[sha256sum] = "4408d7930f381809e85917acc19712f173261ba85bdf20c5567b2a21b1193b61" PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \ check \ diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch deleted file mode 100644 index e356d377ea..0000000000 --- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch +++ /dev/null @@ -1,29 +0,0 @@ -CVE: CVE-2022-48281 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> - -From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001 -From: Su Laus <sulau@freenet.de> -Date: Sat, 21 Jan 2023 15:58:10 +0000 -Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488. - ---- - tools/tiffcrop.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c -index 14fa18da..7db69883 100644 ---- a/tools/tiffcrop.c -+++ b/tools/tiffcrop.c -@@ -8591,7 +8591,7 @@ static int processCropSelections(struct image_data *image, - cropsize + NUM_BUFF_OVERSIZE_BYTES); - else - { -- prev_cropsize = seg_buffs[0].size; -+ prev_cropsize = seg_buffs[i].size; - if (prev_cropsize < cropsize) - { - next_buff = _TIFFrealloc( --- -GitLab - diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.5.1.bb index f8a2482a84..5af3f84265 100644 --- a/poky/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb +++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.5.1.bb @@ -8,10 +8,9 @@ LIC_FILES_CHKSUM = "file://LICENSE.md;md5=a3e32d664d6db1386b4689c8121531c3" CVE_PRODUCT = "libtiff" -SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ - file://CVE-2022-48281.patch" +SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz" -SRC_URI[sha256sum] = "c7a1d9296649233979fa3eacffef3fa024d73d05d589cb622727b5b08c423464" +SRC_URI[sha256sum] = "d7f38b6788e4a8f5da7940c5ac9424f494d8a79eba53d555f4a507167dca5e2b" # exclude betas UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar" @@ -19,11 +18,6 @@ UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar" # Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 # and 4.3.0 doesn't have the issue CVE_CHECK_IGNORE += "CVE-2015-7313" -# These issues only affect libtiff post-4.3.0 but before 4.4.0, -# caused by 3079627e and fixed by b4e79bfa. -CVE_CHECK_IGNORE += "CVE-2022-1622 CVE-2022-1623" -# Issue is in jbig which we don't enable -CVE_CHECK_IGNORE += "CVE-2022-1210" inherit autotools multilib_header diff --git a/poky/meta/recipes-multimedia/webp/libwebp_1.3.0.bb b/poky/meta/recipes-multimedia/webp/libwebp_1.3.1.bb index 7b4d138d2c..0a345498c1 100644 --- a/poky/meta/recipes-multimedia/webp/libwebp_1.3.0.bb +++ b/poky/meta/recipes-multimedia/webp/libwebp_1.3.1.bb @@ -14,7 +14,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6e8dee932c26f2dab503abf70c96d8bb \ file://PATENTS;md5=c6926d0cb07d296f886ab6e0cc5a85b7" SRC_URI = "http://downloads.webmproject.org/releases/webp/${BP}.tar.gz" -SRC_URI[sha256sum] = "64ac4614db292ae8c5aa26de0295bf1623dbb3985054cb656c55e67431def17c" +SRC_URI[sha256sum] = "b3779627c2dfd31e3d8c4485962c2efe17785ef975e2be5c8c0c9e6cd3c4ef66" UPSTREAM_CHECK_URI = "http://downloads.webmproject.org/releases/webp/index.html" diff --git a/poky/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32435.patch b/poky/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32435.patch new file mode 100644 index 0000000000..c6ac6b4a1c --- /dev/null +++ b/poky/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32435.patch @@ -0,0 +1,59 @@ +CVE: CVE-2023-32435 + +Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/50c7aae] + +Backport and rebase patch to fix CVE-2023-32435 for webkitgtk 2.38.6: + +* drop the patches for the files WasmAirIRGenerator64.cpp and + WasmAirIRGeneratorBase.h which are involved in 2.40.0 +* drop test cases as well + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 50c7aaec2f53ab3b960f1b299aad5009df6f1967 Mon Sep 17 00:00:00 2001 +From: Justin Michaud <justin_michaud@apple.com> +Date: Wed, 8 Feb 2023 14:41:34 -0800 +Subject: [PATCH] Fixup air pointer args if they are not valid in BBQ + https://bugs.webkit.org/show_bug.cgi?id=251890 rdar://105079565 + +Reviewed by Mark Lam and Yusuke Suzuki. + +We are not fixing up air args if their offsets don't fit into the instruction +in a few cases. + +Here are some examples: + +MoveDouble 28480(%sp), %q16 ; too big +MoveVector 248(%sp), %q16 ; not 16-byte aligned + +Let's fix up these arguments. We also fix a missing validation check +when parsing exception tags exposed by this test. + +* Source/JavaScriptCore/wasm/WasmAirIRGenerator64.cpp: +(JSC::Wasm::AirIRGenerator64::addReturn): +* Source/JavaScriptCore/wasm/WasmAirIRGeneratorBase.h: +(JSC::Wasm::AirIRGeneratorBase::emitPatchpoint): + +oops + +Canonical link: https://commits.webkit.org/260038@main +--- + Source/JavaScriptCore/wasm/WasmSectionParser.cpp | 2 + + 1 files changed, 2 insertions(+), 0 deletions(-) + +diff --git a/Source/JavaScriptCore/wasm/WasmSectionParser.cpp b/Source/JavaScriptCore/wasm/WasmSectionParser.cpp +index 6b8f9016..a5f3a88b 100644 +--- a/Source/JavaScriptCore/wasm/WasmSectionParser.cpp ++++ b/Source/JavaScriptCore/wasm/WasmSectionParser.cpp +@@ -917,6 +917,8 @@ auto SectionParser::parseException() -> PartialResult + WASM_PARSER_FAIL_IF(!parseVarUInt32(typeNumber), "can't get ", exceptionNumber, "th Exception's type number"); + WASM_PARSER_FAIL_IF(typeNumber >= m_info->typeCount(), exceptionNumber, "th Exception type number is invalid ", typeNumber); + TypeIndex typeIndex = TypeInformation::get(m_info->typeSignatures[typeNumber]); ++ auto signature = TypeInformation::getFunctionSignature(typeIndex); ++ WASM_PARSER_FAIL_IF(!signature.returnsVoid(), exceptionNumber, "th Exception type cannot have a non-void return type ", typeNumber); + m_info->internalExceptionTypeIndices.uncheckedAppend(typeIndex); + } + +-- +2.34.1 + diff --git a/poky/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32439.patch b/poky/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32439.patch new file mode 100644 index 0000000000..5c240011e0 --- /dev/null +++ b/poky/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32439.patch @@ -0,0 +1,128 @@ +CVE: CVE-2023-32439 + +Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/ebefb9e] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From ebefb9e6b7e7440ab6bb29452f4ac6350bd8b975 Mon Sep 17 00:00:00 2001 +From: Yijia Huang <yijia_huang@apple.com> +Date: Wed, 10 May 2023 09:41:48 -0700 +Subject: [PATCH] Cherry-pick 263909@main (52fe95e5805c). + https://bugs.webkit.org/show_bug.cgi?id=256567 + + EnumeratorNextUpdateIndexAndMode and HasIndexedProperty should have different heap location kinds + https://bugs.webkit.org/show_bug.cgi?id=256567 + rdar://109089013 + + Reviewed by Yusuke Suzuki. + + EnumeratorNextUpdateIndexAndMode and HasIndexedProperty are different DFG nodes. However, + they might introduce the same heap location kind in DFGClobberize.h which might lead to + hash collision. We should introduce a new locationn kind for EnumeratorNextUpdateIndexAndMode. + + * JSTests/stress/heap-location-collision-dfg-clobberize.js: Added. + (foo): + * Source/JavaScriptCore/dfg/DFGClobberize.h: + (JSC::DFG::clobberize): + * Source/JavaScriptCore/dfg/DFGHeapLocation.cpp: + (WTF::printInternal): + * Source/JavaScriptCore/dfg/DFGHeapLocation.h: + + Canonical link: https://commits.webkit.org/263909@main + +Canonical link: https://commits.webkit.org/260527.376@webkitglib/2.40 +--- + .../stress/heap-location-collision-dfg-clobberize.js | 12 ++++++++++++ + Source/JavaScriptCore/dfg/DFGClobberize.h | 7 ++++--- + Source/JavaScriptCore/dfg/DFGHeapLocation.cpp | 4 ++++ + Source/JavaScriptCore/dfg/DFGHeapLocation.h | 1 + + 4 files changed, 21 insertions(+), 3 deletions(-) + create mode 100644 JSTests/stress/heap-location-collision-dfg-clobberize.js + +diff --git a/JSTests/stress/heap-location-collision-dfg-clobberize.js b/JSTests/stress/heap-location-collision-dfg-clobberize.js +new file mode 100644 +index 000000000000..ed40601ea37f +--- /dev/null ++++ b/JSTests/stress/heap-location-collision-dfg-clobberize.js +@@ -0,0 +1,12 @@ ++//@ runDefault("--watchdog=300", "--watchdog-exception-ok") ++const arr = [0]; ++ ++function foo() { ++ for (let _ in arr) { ++ 0 in arr; ++ while(1); ++ } ++} ++ ++ ++foo(); +diff --git a/Source/JavaScriptCore/dfg/DFGClobberize.h b/Source/JavaScriptCore/dfg/DFGClobberize.h +index e4db64155316..5ec334787c0c 100644 +--- a/Source/JavaScriptCore/dfg/DFGClobberize.h ++++ b/Source/JavaScriptCore/dfg/DFGClobberize.h +@@ -383,6 +383,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu + + read(JSObject_butterfly); + ArrayMode mode = node->arrayMode(); ++ LocationKind locationKind = node->op() == EnumeratorNextUpdateIndexAndMode ? EnumeratorNextUpdateIndexAndModeLoc : HasIndexedPropertyLoc; + switch (mode.type()) { + case Array::ForceExit: { + write(SideState); +@@ -392,7 +393,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu + if (mode.isInBounds()) { + read(Butterfly_publicLength); + read(IndexedInt32Properties); +- def(HeapLocation(HasIndexedPropertyLoc, IndexedInt32Properties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); ++ def(HeapLocation(locationKind, IndexedInt32Properties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); + return; + } + break; +@@ -402,7 +403,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu + if (mode.isInBounds()) { + read(Butterfly_publicLength); + read(IndexedDoubleProperties); +- def(HeapLocation(HasIndexedPropertyLoc, IndexedDoubleProperties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); ++ def(HeapLocation(locationKind, IndexedDoubleProperties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); + return; + } + break; +@@ -412,7 +413,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu + if (mode.isInBounds()) { + read(Butterfly_publicLength); + read(IndexedContiguousProperties); +- def(HeapLocation(HasIndexedPropertyLoc, IndexedContiguousProperties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); ++ def(HeapLocation(locationKind, IndexedContiguousProperties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); + return; + } + break; +diff --git a/Source/JavaScriptCore/dfg/DFGHeapLocation.cpp b/Source/JavaScriptCore/dfg/DFGHeapLocation.cpp +index 0661e5b826b7..698a6d4b6062 100644 +--- a/Source/JavaScriptCore/dfg/DFGHeapLocation.cpp ++++ b/Source/JavaScriptCore/dfg/DFGHeapLocation.cpp +@@ -134,6 +134,10 @@ void printInternal(PrintStream& out, LocationKind kind) + out.print("HasIndexedPorpertyLoc"); + return; + ++ case EnumeratorNextUpdateIndexAndModeLoc: ++ out.print("EnumeratorNextUpdateIndexAndModeLoc"); ++ return; ++ + case IndexedPropertyDoubleLoc: + out.print("IndexedPropertyDoubleLoc"); + return; +diff --git a/Source/JavaScriptCore/dfg/DFGHeapLocation.h b/Source/JavaScriptCore/dfg/DFGHeapLocation.h +index 40fb71673284..7238491b02c9 100644 +--- a/Source/JavaScriptCore/dfg/DFGHeapLocation.h ++++ b/Source/JavaScriptCore/dfg/DFGHeapLocation.h +@@ -46,6 +46,7 @@ enum LocationKind { + DirectArgumentsLoc, + GetterLoc, + GlobalVariableLoc, ++ EnumeratorNextUpdateIndexAndModeLoc, + HasIndexedPropertyLoc, + IndexedPropertyDoubleLoc, + IndexedPropertyDoubleSaneChainLoc, +-- +2.34.1 + diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.38.5.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb index 36c6233b33..813198df5f 100644 --- a/poky/meta/recipes-sato/webkit/webkitgtk_2.38.5.bb +++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb @@ -14,8 +14,10 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://reproducibility.patch \ file://0d3344e17d258106617b0e6d783d073b188a2548.patch \ file://d318bb461f040b90453bc4e100dcf967243ecd98.patch \ + file://CVE-2023-32435.patch \ + file://CVE-2023-32439.patch \ " -SRC_URI[sha256sum] = "40c20c43022274df5893f22b1054fa894c3eea057389bb08aee08c5b0bb0c1a7" +SRC_URI[sha256sum] = "1c614c9589389db1a79ea9ba4293bbe8ac3ab0a2234cac700935fae0724ad48b" inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gi-docgen diff --git a/poky/meta/recipes-support/apr/apr_1.7.3.bb b/poky/meta/recipes-support/apr/apr_1.7.4.bb index 9a93fe0967..e571469341 100644 --- a/poky/meta/recipes-support/apr/apr_1.7.3.bb +++ b/poky/meta/recipes-support/apr/apr_1.7.4.bb @@ -24,7 +24,7 @@ SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.bz2 \ file://0001-configure-Remove-runtime-test-for-mmap-that-can-map-.patch \ " -SRC_URI[sha256sum] = "455e218c060c474f2c834816873f6ed69c0cf0e4cfee54282cc93e8e989ee59e" +SRC_URI[sha256sum] = "fc648de983f3a2a6c9e78dea1f180639bd2fad6c06d556d4367a701fe5c35577" inherit autotools-brokensep lib_package binconfig multilib_header ptest multilib_script diff --git a/poky/meta/recipes-support/curl/curl/CVE-2023-28319.patch b/poky/meta/recipes-support/curl/curl/CVE-2023-28319.patch new file mode 100644 index 0000000000..c843a18174 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2023-28319.patch @@ -0,0 +1,38 @@ +From 8e21b1a05f3c0ee098dbcb6c3d84cb61f102a122 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Mon, 8 May 2023 14:33:54 +0200 +Subject: [PATCH] libssh2: free fingerprint better + +Reported-by: Wei Chong Tan +Closes #11088 + +CVE: CVE-2023-28319 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/8e21b1a05f3c0ee098dbcb6c] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> + +--- + lib/vssh/libssh2.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c +index bfcc94e16..dd39a844c 100644 +--- a/lib/vssh/libssh2.c ++++ b/lib/vssh/libssh2.c +@@ -728,11 +728,10 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data) + */ + if((pub_pos != b64_pos) || + strncmp(fingerprint_b64, pubkey_sha256, pub_pos)) { +- free(fingerprint_b64); +- + failf(data, + "Denied establishing ssh session: mismatch sha256 fingerprint. " + "Remote %s is not equal to %s", fingerprint_b64, pubkey_sha256); ++ free(fingerprint_b64); + state(data, SSH_SESSION_FREE); + sshc->actualcode = CURLE_PEER_FAILED_VERIFICATION; + return sshc->actualcode; +-- +2.25.1 + diff --git a/poky/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch b/poky/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch new file mode 100644 index 0000000000..3c06d8c518 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch @@ -0,0 +1,80 @@ +From e442feb37ba25c80b8480b908d1c570fd9f41c5e Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Tue, 16 May 2023 23:40:42 +0200 +Subject: [PATCH] hostip: include easy_lock.h before using + GLOBAL_INIT_IS_THREADSAFE + +Since that header file is the only place that define can be defined. + +Reported-by: Marc Deslauriers + +Follow-up to 13718030ad4b3209 + +Closes #11121 + +CVE: CVE-2023-28320 +Upstream-Status: Backport [https://github.com/curl/curl/commit/f446258f0269] + +(cherry picked from commit f446258f0269a62289cca0210157cb8558d0edc3) +Signed-off-by: Sanjay Chitroda <sanjay.chitroda@einfochips.com> + +--- + lib/hostip.c | 10 ++++------ + lib/hostip.h | 9 --------- + 2 files changed, 4 insertions(+), 15 deletions(-) + +diff --git a/lib/hostip.c b/lib/hostip.c +index d6906a2e8..2d26b5628 100644 +--- a/lib/hostip.c ++++ b/lib/hostip.c +@@ -70,6 +70,8 @@ + #include <SystemConfiguration/SCDynamicStoreCopySpecific.h> + #endif + ++#include "easy_lock.h" ++ + #if defined(CURLRES_SYNCH) && \ + defined(HAVE_ALARM) && \ + defined(SIGALRM) && \ +@@ -79,10 +81,6 @@ + #define USE_ALARM_TIMEOUT + #endif + +-#ifdef USE_ALARM_TIMEOUT +-#include "easy_lock.h" +-#endif +- + #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */ + + /* +@@ -265,8 +263,8 @@ void Curl_hostcache_prune(struct Curl_easy *data) + /* Beware this is a global and unique instance. This is used to store the + return address that we can jump back to from inside a signal handler. This + is not thread-safe stuff. */ +-sigjmp_buf curl_jmpenv; +-curl_simple_lock curl_jmpenv_lock; ++static sigjmp_buf curl_jmpenv; ++static curl_simple_lock curl_jmpenv_lock; + #endif + + /* lookup address, returns entry if found and not stale */ +diff --git a/lib/hostip.h b/lib/hostip.h +index 4b5481f65..0dd19e87c 100644 +--- a/lib/hostip.h ++++ b/lib/hostip.h +@@ -186,15 +186,6 @@ Curl_cache_addr(struct Curl_easy *data, struct Curl_addrinfo *addr, + #define CURL_INADDR_NONE INADDR_NONE + #endif + +-#ifdef HAVE_SIGSETJMP +-/* Forward-declaration of variable defined in hostip.c. Beware this +- * is a global and unique instance. This is used to store the return +- * address that we can jump back to from inside a signal handler. +- * This is not thread-safe stuff. +- */ +-extern sigjmp_buf curl_jmpenv; +-#endif +- + /* + * Function provided by the resolver backend to set DNS servers to use. + */ diff --git a/poky/meta/recipes-support/curl/curl/CVE-2023-28320.patch b/poky/meta/recipes-support/curl/curl/CVE-2023-28320.patch new file mode 100644 index 0000000000..c7cfd6a42f --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2023-28320.patch @@ -0,0 +1,88 @@ +From 13718030ad4b3209a7583b4f27f683cd3a6fa5f2 Mon Sep 17 00:00:00 2001 +From: Harry Sintonen <sintonen@iki.fi> +Date: Tue, 25 Apr 2023 09:22:26 +0200 +Subject: [PATCH] hostip: add locks around use of global buffer for alarm() + +When building with the sync name resolver and timeout ability we now +require thread-safety to be present to enable it. + +Closes #11030 + +CVE: CVE-2023-28320 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/13718030ad4b3209a7583b] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + lib/hostip.c | 19 +++++++++++++++---- + 1 file changed, 15 insertions(+), 4 deletions(-) + +diff --git a/lib/hostip.c b/lib/hostip.c +index 2381290fd..e410cda69 100644 +--- a/lib/hostip.c ++++ b/lib/hostip.c +@@ -70,12 +70,19 @@ + #include <SystemConfiguration/SCDynamicStoreCopySpecific.h> + #endif + +-#if defined(CURLRES_SYNCH) && \ +- defined(HAVE_ALARM) && defined(SIGALRM) && defined(HAVE_SIGSETJMP) ++#if defined(CURLRES_SYNCH) && \ ++ defined(HAVE_ALARM) && \ ++ defined(SIGALRM) && \ ++ defined(HAVE_SIGSETJMP) && \ ++ defined(GLOBAL_INIT_IS_THREADSAFE) + /* alarm-based timeouts can only be used with all the dependencies satisfied */ + #define USE_ALARM_TIMEOUT + #endif + ++#ifdef USE_ALARM_TIMEOUT ++#include "easy_lock.h" ++#endif ++ + #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */ + + /* +@@ -254,11 +261,12 @@ void Curl_hostcache_prune(struct Curl_easy *data) + Curl_share_unlock(data, CURL_LOCK_DATA_DNS); + } + +-#ifdef HAVE_SIGSETJMP ++#ifdef USE_ALARM_TIMEOUT + /* Beware this is a global and unique instance. This is used to store the + return address that we can jump back to from inside a signal handler. This + is not thread-safe stuff. */ + sigjmp_buf curl_jmpenv; ++curl_simple_lock curl_jmpenv_lock; + #endif + + /* lookup address, returns entry if found and not stale */ +@@ -832,7 +840,6 @@ enum resolve_t Curl_resolv(struct Curl_easy *data, + static + void alarmfunc(int sig) + { +- /* this is for "-ansi -Wall -pedantic" to stop complaining! (rabe) */ + (void)sig; + siglongjmp(curl_jmpenv, 1); + } +@@ -912,6 +919,8 @@ enum resolve_t Curl_resolv_timeout(struct Curl_easy *data, + This should be the last thing we do before calling Curl_resolv(), + as otherwise we'd have to worry about variables that get modified + before we invoke Curl_resolv() (and thus use "volatile"). */ ++ curl_simple_lock_lock(&curl_jmpenv_lock); ++ + if(sigsetjmp(curl_jmpenv, 1)) { + /* this is coming from a siglongjmp() after an alarm signal */ + failf(data, "name lookup timed out"); +@@ -980,6 +989,8 @@ clean_up: + #endif + #endif /* HAVE_SIGACTION */ + ++ curl_simple_lock_unlock(&curl_jmpenv_lock); ++ + /* switch back the alarm() to either zero or to what it was before minus + the time we spent until now! */ + if(prev_alarm) { +-- +2.25.1 + diff --git a/poky/meta/recipes-support/curl/curl/CVE-2023-28321.patch b/poky/meta/recipes-support/curl/curl/CVE-2023-28321.patch new file mode 100644 index 0000000000..d328d83afa --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2023-28321.patch @@ -0,0 +1,111 @@ +From 199f2d440d8659b42670c1b796220792b01a97bf Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Mon, 24 Apr 2023 21:07:02 +0200 +Subject: [PATCH] hostcheck: fix host name wildcard checking + +The leftmost "label" of the host name can now only match against single +'*'. Like the browsers have worked for a long time. + +Reported-by: Hiroki Kurosawa +Closes #11018 + +CVE: CVE-2023-28321 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/199f2d440d8659b42] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + lib/vtls/hostcheck.c | 50 +++++++-------- + 1 file changed, 202 insertions(+), 180 deletions(-) + +diff --git a/lib/vtls/hostcheck.c b/lib/vtls/hostcheck.c +index e827dc58f..d061c6356 100644 +--- a/lib/vtls/hostcheck.c ++++ b/lib/vtls/hostcheck.c +@@ -71,7 +71,12 @@ static bool pmatch(const char *hostname, size_t hostlen, + * apparent distinction between a name and an IP. We need to detect the use of + * an IP address and not wildcard match on such names. + * ++ * Only match on "*" being used for the leftmost label, not "a*", "a*b" nor ++ * "*b". ++ * + * Return TRUE on a match. FALSE if not. ++ * ++ * @unittest: 1397 + */ + + static bool hostmatch(const char *hostname, +@@ -79,53 +84,42 @@ static bool hostmatch(const char *hostname, + const char *pattern, + size_t patternlen) + { +- const char *pattern_label_end, *wildcard, *hostname_label_end; +- size_t prefixlen, suffixlen; ++ const char *pattern_label_end; + +- /* normalize pattern and hostname by stripping off trailing dots */ ++ DEBUGASSERT(pattern); + DEBUGASSERT(patternlen); ++ DEBUGASSERT(hostname); ++ DEBUGASSERT(hostlen); ++ ++ /* normalize pattern and hostname by stripping off trailing dots */ + if(hostname[hostlen-1]=='.') + hostlen--; + if(pattern[patternlen-1]=='.') + patternlen--; + +- wildcard = memchr(pattern, '*', patternlen); +- if(!wildcard) ++ if(strncmp(pattern, "*.", 2)) + return pmatch(hostname, hostlen, pattern, patternlen); + + /* detect IP address as hostname and fail the match if so */ +- if(Curl_host_is_ipnum(hostname)) ++ else if(Curl_host_is_ipnum(hostname)) + return FALSE; + + /* We require at least 2 dots in the pattern to avoid too wide wildcard + match. */ + pattern_label_end = memchr(pattern, '.', patternlen); + if(!pattern_label_end || +- (memrchr(pattern, '.', patternlen) == pattern_label_end) || +- strncasecompare(pattern, "xn--", 4)) ++ (memrchr(pattern, '.', patternlen) == pattern_label_end)) + return pmatch(hostname, hostlen, pattern, patternlen); +- +- hostname_label_end = memchr(hostname, '.', hostlen); +- if(!hostname_label_end) +- return FALSE; + else { +- size_t skiphost = hostname_label_end - hostname; +- size_t skiplen = pattern_label_end - pattern; +- if(!pmatch(hostname_label_end, hostlen - skiphost, +- pattern_label_end, patternlen - skiplen)) +- return FALSE; ++ const char *hostname_label_end = memchr(hostname, '.', hostlen); ++ if(hostname_label_end) { ++ size_t skiphost = hostname_label_end - hostname; ++ size_t skiplen = pattern_label_end - pattern; ++ return pmatch(hostname_label_end, hostlen - skiphost, ++ pattern_label_end, patternlen - skiplen); ++ } + } +- /* The wildcard must match at least one character, so the left-most +- label of the hostname is at least as large as the left-most label +- of the pattern. */ +- if(hostname_label_end - hostname < pattern_label_end - pattern) +- return FALSE; +- +- prefixlen = wildcard - pattern; +- suffixlen = pattern_label_end - (wildcard + 1); +- return strncasecompare(pattern, hostname, prefixlen) && +- strncasecompare(wildcard + 1, hostname_label_end - suffixlen, +- suffixlen) ? TRUE : FALSE; ++ return FALSE; + } + + /* +-- +2.25.1 + diff --git a/poky/meta/recipes-support/curl/curl/CVE-2023-28322.patch b/poky/meta/recipes-support/curl/curl/CVE-2023-28322.patch new file mode 100644 index 0000000000..d0786d7a4b --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2023-28322.patch @@ -0,0 +1,441 @@ +From 7815647d6582c0a4900be2e1de6c5e61272c496b Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Tue, 25 Apr 2023 08:28:01 +0200 +Subject: [PATCH] lib: unify the upload/method handling + +By making sure we set state.upload based on the set.method value and not +independently as set.upload, we reduce confusion and mixup risks, both +internally and externally. + +Closes #11017 + +CVE: CVE-2023-28322 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/7815647d6582c0a4900be2e1de] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> + +--- + lib/curl_rtmp.c | 4 ++-- + lib/file.c | 4 ++-- + lib/ftp.c | 8 ++++---- + lib/http.c | 4 ++-- + lib/imap.c | 6 +++--- + lib/rtsp.c | 4 ++-- + lib/setopt.c | 6 ++---- + lib/smb.c | 6 +++--- + lib/smtp.c | 4 ++-- + lib/tftp.c | 8 ++++---- + lib/transfer.c | 4 ++-- + lib/urldata.h | 2 +- + lib/vssh/libssh.c | 6 +++--- + lib/vssh/libssh2.c | 6 +++--- + lib/vssh/wolfssh.c | 2 +- + 15 files changed, 36 insertions(+), 38 deletions(-) + +diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c +index 2679a2cdc..406fb42ac 100644 +--- a/lib/curl_rtmp.c ++++ b/lib/curl_rtmp.c +@@ -231,7 +231,7 @@ static CURLcode rtmp_connect(struct Curl_easy *data, bool *done) + /* We have to know if it's a write before we send the + * connect request packet + */ +- if(data->set.upload) ++ if(data->state.upload) + r->Link.protocol |= RTMP_FEATURE_WRITE; + + /* For plain streams, use the buffer toggle trick to keep data flowing */ +@@ -263,7 +263,7 @@ static CURLcode rtmp_do(struct Curl_easy *data, bool *done) + if(!RTMP_ConnectStream(r, 0)) + return CURLE_FAILED_INIT; + +- if(data->set.upload) { ++ if(data->state.upload) { + Curl_pgrsSetUploadSize(data, data->state.infilesize); + Curl_setup_transfer(data, -1, -1, FALSE, FIRSTSOCKET); + } +diff --git a/lib/file.c b/lib/file.c +index 51c5d07ce..c751e8861 100644 +--- a/lib/file.c ++++ b/lib/file.c +@@ -240,7 +240,7 @@ static CURLcode file_connect(struct Curl_easy *data, bool *done) + file->freepath = real_path; /* free this when done */ + + file->fd = fd; +- if(!data->set.upload && (fd == -1)) { ++ if(!data->state.upload && (fd == -1)) { + failf(data, "Couldn't open file %s", data->state.up.path); + file_done(data, CURLE_FILE_COULDNT_READ_FILE, FALSE); + return CURLE_FILE_COULDNT_READ_FILE; +@@ -422,7 +422,7 @@ static CURLcode file_do(struct Curl_easy *data, bool *done) + + Curl_pgrsStartNow(data); + +- if(data->set.upload) ++ if(data->state.upload) + return file_upload(data); + + file = data->req.p.file; +diff --git a/lib/ftp.c b/lib/ftp.c +index f50d7baf6..4ff68cc45 100644 +--- a/lib/ftp.c ++++ b/lib/ftp.c +@@ -1348,7 +1348,7 @@ static CURLcode ftp_state_prepare_transfer(struct Curl_easy *data) + data->set.str[STRING_CUSTOMREQUEST]? + data->set.str[STRING_CUSTOMREQUEST]: + (data->state.list_only?"NLST":"LIST")); +- else if(data->set.upload) ++ else if(data->state.upload) + result = Curl_pp_sendf(data, &ftpc->pp, "PRET STOR %s", + conn->proto.ftpc.file); + else +@@ -3384,7 +3384,7 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status, + /* the response code from the transfer showed an error already so no + use checking further */ + ; +- else if(data->set.upload) { ++ else if(data->state.upload) { + if((-1 != data->state.infilesize) && + (data->state.infilesize != data->req.writebytecount) && + !data->set.crlf && +@@ -3640,7 +3640,7 @@ static CURLcode ftp_do_more(struct Curl_easy *data, int *completep) + connected back to us */ + } + } +- else if(data->set.upload) { ++ else if(data->state.upload) { + result = ftp_nb_type(data, conn, data->state.prefer_ascii, + FTP_STOR_TYPE); + if(result) +@@ -4225,7 +4225,7 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data) + ftpc->file = NULL; /* instead of point to a zero byte, + we make it a NULL pointer */ + +- if(data->set.upload && !ftpc->file && (ftp->transfer == PPTRANSFER_BODY)) { ++ if(data->state.upload && !ftpc->file && (ftp->transfer == PPTRANSFER_BODY)) { + /* We need a file name when uploading. Return error! */ + failf(data, "Uploading to a URL without a file name"); + free(rawPath); +diff --git a/lib/http.c b/lib/http.c +index 80e43f6f3..bffdd3468 100644 +--- a/lib/http.c ++++ b/lib/http.c +@@ -2112,7 +2112,7 @@ void Curl_http_method(struct Curl_easy *data, struct connectdata *conn, + Curl_HttpReq httpreq = (Curl_HttpReq)data->state.httpreq; + const char *request; + if((conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_FTP)) && +- data->set.upload) ++ data->state.upload) + httpreq = HTTPREQ_PUT; + + /* Now set the 'request' pointer to the proper request string */ +@@ -2423,7 +2423,7 @@ CURLcode Curl_http_body(struct Curl_easy *data, struct connectdata *conn, + if((conn->handler->protocol & PROTO_FAMILY_HTTP) && + (((httpreq == HTTPREQ_POST_MIME || httpreq == HTTPREQ_POST_FORM) && + http->postsize < 0) || +- ((data->set.upload || httpreq == HTTPREQ_POST) && ++ ((data->state.upload || httpreq == HTTPREQ_POST) && + data->state.infilesize == -1))) { + if(conn->bits.authneg) + /* don't enable chunked during auth neg */ +diff --git a/lib/imap.c b/lib/imap.c +index c2f675d4b..1952e66a1 100644 +--- a/lib/imap.c ++++ b/lib/imap.c +@@ -1511,11 +1511,11 @@ static CURLcode imap_done(struct Curl_easy *data, CURLcode status, + result = status; /* use the already set error code */ + } + else if(!data->set.connect_only && !imap->custom && +- (imap->uid || imap->mindex || data->set.upload || ++ (imap->uid || imap->mindex || data->state.upload || + data->set.mimepost.kind != MIMEKIND_NONE)) { + /* Handle responses after FETCH or APPEND transfer has finished */ + +- if(!data->set.upload && data->set.mimepost.kind == MIMEKIND_NONE) ++ if(!data->state.upload && data->set.mimepost.kind == MIMEKIND_NONE) + state(data, IMAP_FETCH_FINAL); + else { + /* End the APPEND command first by sending an empty line */ +@@ -1581,7 +1581,7 @@ static CURLcode imap_perform(struct Curl_easy *data, bool *connected, + selected = TRUE; + + /* Start the first command in the DO phase */ +- if(data->set.upload || data->set.mimepost.kind != MIMEKIND_NONE) ++ if(data->state.upload || data->set.mimepost.kind != MIMEKIND_NONE) + /* APPEND can be executed directly */ + result = imap_perform_append(data); + else if(imap->custom && (selected || !imap->mailbox)) +diff --git a/lib/rtsp.c b/lib/rtsp.c +index ea99d720e..ccd7264b0 100644 +--- a/lib/rtsp.c ++++ b/lib/rtsp.c +@@ -493,7 +493,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) + rtspreq == RTSPREQ_SET_PARAMETER || + rtspreq == RTSPREQ_GET_PARAMETER) { + +- if(data->set.upload) { ++ if(data->state.upload) { + putsize = data->state.infilesize; + data->state.httpreq = HTTPREQ_PUT; + +@@ -512,7 +512,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) + result = + Curl_dyn_addf(&req_buffer, + "Content-Length: %" CURL_FORMAT_CURL_OFF_T"\r\n", +- (data->set.upload ? putsize : postsize)); ++ (data->state.upload ? putsize : postsize)); + if(result) + return result; + } +diff --git a/lib/setopt.c b/lib/setopt.c +index 38f5711e4..0c3b9634d 100644 +--- a/lib/setopt.c ++++ b/lib/setopt.c +@@ -333,8 +333,8 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) + * We want to sent data to the remote host. If this is HTTP, that equals + * using the PUT request. + */ +- data->set.upload = (0 != va_arg(param, long)) ? TRUE : FALSE; +- if(data->set.upload) { ++ arg = va_arg(param, long); ++ if(arg) { + /* If this is HTTP, PUT is what's needed to "upload" */ + data->set.method = HTTPREQ_PUT; + data->set.opt_no_body = FALSE; /* this is implied */ +@@ -664,7 +664,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) + } + else + data->set.method = HTTPREQ_GET; +- data->set.upload = FALSE; + break; + + #ifndef CURL_DISABLE_MIME +@@ -888,7 +887,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) + */ + if(va_arg(param, long)) { + data->set.method = HTTPREQ_GET; +- data->set.upload = FALSE; /* switch off upload */ + data->set.opt_no_body = FALSE; /* this is implied */ + } + break; +diff --git a/lib/smb.c b/lib/smb.c +index a1e444ee6..d68222135 100644 +--- a/lib/smb.c ++++ b/lib/smb.c +@@ -530,7 +530,7 @@ static CURLcode smb_send_open(struct Curl_easy *data) + byte_count = strlen(req->path); + msg.name_length = smb_swap16((unsigned short)byte_count); + msg.share_access = smb_swap32(SMB_FILE_SHARE_ALL); +- if(data->set.upload) { ++ if(data->state.upload) { + msg.access = smb_swap32(SMB_GENERIC_READ | SMB_GENERIC_WRITE); + msg.create_disposition = smb_swap32(SMB_FILE_OVERWRITE_IF); + } +@@ -762,7 +762,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done) + void *msg = NULL; + const struct smb_nt_create_response *smb_m; + +- if(data->set.upload && (data->state.infilesize < 0)) { ++ if(data->state.upload && (data->state.infilesize < 0)) { + failf(data, "SMB upload needs to know the size up front"); + return CURLE_SEND_ERROR; + } +@@ -813,7 +813,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done) + smb_m = (const struct smb_nt_create_response*) msg; + req->fid = smb_swap16(smb_m->fid); + data->req.offset = 0; +- if(data->set.upload) { ++ if(data->state.upload) { + data->req.size = data->state.infilesize; + Curl_pgrsSetUploadSize(data, data->req.size); + next_state = SMB_UPLOAD; +diff --git a/lib/smtp.c b/lib/smtp.c +index 7a030308d..c182cace7 100644 +--- a/lib/smtp.c ++++ b/lib/smtp.c +@@ -1419,7 +1419,7 @@ static CURLcode smtp_done(struct Curl_easy *data, CURLcode status, + result = status; /* use the already set error code */ + } + else if(!data->set.connect_only && data->set.mail_rcpt && +- (data->set.upload || data->set.mimepost.kind)) { ++ (data->state.upload || data->set.mimepost.kind)) { + /* Calculate the EOB taking into account any terminating CRLF from the + previous line of the email or the CRLF of the DATA command when there + is "no mail data". RFC-5321, sect. 4.1.1.4. +@@ -1511,7 +1511,7 @@ static CURLcode smtp_perform(struct Curl_easy *data, bool *connected, + smtp->eob = 2; + + /* Start the first command in the DO phase */ +- if((data->set.upload || data->set.mimepost.kind) && data->set.mail_rcpt) ++ if((data->state.upload || data->set.mimepost.kind) && data->set.mail_rcpt) + /* MAIL transfer */ + result = smtp_perform_mail(data); + else +diff --git a/lib/tftp.c b/lib/tftp.c +index 164d3c723..8ed1b887b 100644 +--- a/lib/tftp.c ++++ b/lib/tftp.c +@@ -370,7 +370,7 @@ static CURLcode tftp_parse_option_ack(struct tftp_state_data *state, + + /* tsize should be ignored on upload: Who cares about the size of the + remote file? */ +- if(!data->set.upload) { ++ if(!data->state.upload) { + if(!tsize) { + failf(data, "invalid tsize -:%s:- value in OACK packet", value); + return CURLE_TFTP_ILLEGAL; +@@ -451,7 +451,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state, + return result; + } + +- if(data->set.upload) { ++ if(data->state.upload) { + /* If we are uploading, send an WRQ */ + setpacketevent(&state->spacket, TFTP_EVENT_WRQ); + state->data->req.upload_fromhere = +@@ -486,7 +486,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state, + if(!data->set.tftp_no_options) { + char buf[64]; + /* add tsize option */ +- if(data->set.upload && (data->state.infilesize != -1)) ++ if(data->state.upload && (data->state.infilesize != -1)) + msnprintf(buf, sizeof(buf), "%" CURL_FORMAT_CURL_OFF_T, + data->state.infilesize); + else +@@ -540,7 +540,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state, + break; + + case TFTP_EVENT_OACK: +- if(data->set.upload) { ++ if(data->state.upload) { + result = tftp_connect_for_tx(state, event); + } + else { +diff --git a/lib/transfer.c b/lib/transfer.c +index e9ab8fbf0..cb69f3365 100644 +--- a/lib/transfer.c ++++ b/lib/transfer.c +@@ -1293,6 +1293,7 @@ void Curl_init_CONNECT(struct Curl_easy *data) + { + data->state.fread_func = data->set.fread_func_set; + data->state.in = data->set.in_set; ++ data->state.upload = (data->state.httpreq == HTTPREQ_PUT); + } + + /* +@@ -1732,7 +1733,6 @@ CURLcode Curl_follow(struct Curl_easy *data, + data->state.httpreq != HTTPREQ_POST_MIME) || + !(data->set.keep_post & CURL_REDIR_POST_303))) { + data->state.httpreq = HTTPREQ_GET; +- data->set.upload = false; + infof(data, "Switch to %s", + data->req.no_body?"HEAD":"GET"); + } +@@ -1770,7 +1770,7 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url) + + /* if we're talking upload, we can't do the checks below, unless the protocol + is HTTP as when uploading over HTTP we will still get a response */ +- if(data->set.upload && ++ if(data->state.upload && + !(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP))) + return CURLE_OK; + +diff --git a/lib/urldata.h b/lib/urldata.h +index cca992a02..a8580bdb6 100644 +--- a/lib/urldata.h ++++ b/lib/urldata.h +@@ -1462,6 +1462,7 @@ struct UrlState { + BIT(rewindbeforesend);/* TRUE when the sending couldn't be stopped even + though it will be discarded. We must call the data + rewind callback before trying to send again. */ ++ BIT(upload); /* upload request */ + }; + + /* +@@ -1838,7 +1839,6 @@ struct UserDefined { + BIT(http_auto_referer); /* set "correct" referer when following + location: */ + BIT(opt_no_body); /* as set with CURLOPT_NOBODY */ +- BIT(upload); /* upload request */ + BIT(verbose); /* output verbosity */ + BIT(krb); /* Kerberos connection requested */ + BIT(reuse_forbid); /* forbidden to be reused, close after use */ +diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c +index b31f741ba..d60edaa30 100644 +--- a/lib/vssh/libssh.c ++++ b/lib/vssh/libssh.c +@@ -1209,7 +1209,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block) + } + + case SSH_SFTP_TRANS_INIT: +- if(data->set.upload) ++ if(data->state.upload) + state(data, SSH_SFTP_UPLOAD_INIT); + else { + if(protop->path[strlen(protop->path)-1] == '/') +@@ -1802,7 +1802,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block) + /* Functions from the SCP subsystem cannot handle/return SSH_AGAIN */ + ssh_set_blocking(sshc->ssh_session, 1); + +- if(data->set.upload) { ++ if(data->state.upload) { + if(data->state.infilesize < 0) { + failf(data, "SCP requires a known file size for upload"); + sshc->actualcode = CURLE_UPLOAD_FAILED; +@@ -1907,7 +1907,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block) + break; + } + case SSH_SCP_DONE: +- if(data->set.upload) ++ if(data->state.upload) + state(data, SSH_SCP_SEND_EOF); + else + state(data, SSH_SCP_CHANNEL_FREE); +diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c +index f1154dc47..f2e5352d1 100644 +--- a/lib/vssh/libssh2.c ++++ b/lib/vssh/libssh2.c +@@ -2019,7 +2019,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) + } + + case SSH_SFTP_TRANS_INIT: +- if(data->set.upload) ++ if(data->state.upload) + state(data, SSH_SFTP_UPLOAD_INIT); + else { + if(sshp->path[strlen(sshp->path)-1] == '/') +@@ -2691,7 +2691,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) + break; + } + +- if(data->set.upload) { ++ if(data->state.upload) { + if(data->state.infilesize < 0) { + failf(data, "SCP requires a known file size for upload"); + sshc->actualcode = CURLE_UPLOAD_FAILED; +@@ -2831,7 +2831,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) + break; + + case SSH_SCP_DONE: +- if(data->set.upload) ++ if(data->state.upload) + state(data, SSH_SCP_SEND_EOF); + else + state(data, SSH_SCP_CHANNEL_FREE); +diff --git a/lib/vssh/wolfssh.c b/lib/vssh/wolfssh.c +index 17d59ecd2..2ca91b736 100644 +--- a/lib/vssh/wolfssh.c ++++ b/lib/vssh/wolfssh.c +@@ -557,7 +557,7 @@ static CURLcode wssh_statemach_act(struct Curl_easy *data, bool *block) + } + break; + case SSH_SFTP_TRANS_INIT: +- if(data->set.upload) ++ if(data->state.upload) + state(data, SSH_SFTP_UPLOAD_INIT); + else { + if(sftp_scp->path[strlen(sftp_scp->path)-1] == '/') +-- +2.25.1 + diff --git a/poky/meta/recipes-support/curl/curl/CVE-2023-32001.patch b/poky/meta/recipes-support/curl/curl/CVE-2023-32001.patch new file mode 100644 index 0000000000..c9ca3ae514 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2023-32001.patch @@ -0,0 +1,39 @@ +CVE: CVE-2023-32001 +Upstream-Status: Backport [https://github.com/curl/curl/commit/0c667188e0c6cda615a036b8a2b4125f2c404dde] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + + +From 0c667188e0c6cda615a036b8a2b4125f2c404dde Mon Sep 17 00:00:00 2001 +From: SaltyMilk <soufiane.elmelcaoui@gmail.com> +Date: Mon, 10 Jul 2023 21:43:28 +0200 +Subject: [PATCH] fopen: optimize + +Closes #11419 +--- + lib/fopen.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/lib/fopen.c b/lib/fopen.c +index c9c9e3d6e73a2..b6e3cadddef65 100644 +--- a/lib/fopen.c ++++ b/lib/fopen.c +@@ -56,13 +56,13 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, + int fd = -1; + *tempname = NULL; + +- if(stat(filename, &sb) == -1 || !S_ISREG(sb.st_mode)) { +- /* a non-regular file, fallback to direct fopen() */ +- *fh = fopen(filename, FOPEN_WRITETEXT); +- if(*fh) +- return CURLE_OK; ++ *fh = fopen(filename, FOPEN_WRITETEXT); ++ if(!*fh) + goto fail; +- } ++ if(fstat(fileno(*fh), &sb) == -1 || !S_ISREG(sb.st_mode)) ++ return CURLE_OK; ++ fclose(*fh); ++ *fh = NULL; + + result = Curl_rand_hex(data, randsuffix, sizeof(randsuffix)); + if(result) diff --git a/poky/meta/recipes-support/curl/curl/disable-tests b/poky/meta/recipes-support/curl/curl/disable-tests index 92056bd8ca..b687b2bb76 100644 --- a/poky/meta/recipes-support/curl/curl/disable-tests +++ b/poky/meta/recipes-support/curl/curl/disable-tests @@ -18,6 +18,8 @@ 1165 # This CRL test is looking for src files 1185 +# This test is scanning the source tree +1222 # These CRL tests need --libcurl option to be enabled 1400 1401 diff --git a/poky/meta/recipes-support/curl/curl/run-ptest b/poky/meta/recipes-support/curl/curl/run-ptest index 614e822922..2c74c58f5d 100644 --- a/poky/meta/recipes-support/curl/curl/run-ptest +++ b/poky/meta/recipes-support/curl/curl/run-ptest @@ -1,6 +1,6 @@ #!/bin/sh cd tests -./runtests.pl -a -n -s | sed \ +{ ./runtests.pl -a -n -s || echo "FAIL: curl" ; } | sed \ -e 's|\([^ ]* *\) \([^ ]* *\)...OK|PASS: \1 \2|' \ -e 's|\([^ ]* *\) \([^ ]* *\)...FAILED|FAIL: \1 \2|' \ -e 's/Warning: test[0-9]\+ not present in tests\/data\/Makefile.inc//' diff --git a/poky/meta/recipes-support/curl/curl_8.0.1.bb b/poky/meta/recipes-support/curl/curl_8.0.1.bb index 5cf044615f..708f622fe1 100644 --- a/poky/meta/recipes-support/curl/curl_8.0.1.bb +++ b/poky/meta/recipes-support/curl/curl_8.0.1.bb @@ -13,6 +13,12 @@ SRC_URI = " \ https://curl.se/download/${BP}.tar.xz \ file://run-ptest \ file://disable-tests \ + file://CVE-2023-28322.patch \ + file://CVE-2023-28319.patch \ + file://CVE-2023-28320.patch \ + file://CVE-2023-28321.patch \ + file://CVE-2023-32001.patch \ + file://CVE-2023-28320-fol1.patch \ " SRC_URI[sha256sum] = "0a381cd82f4d00a9a334438b8ca239afea5bfefcfa9a1025f2bf118e79e0b5f0" diff --git a/poky/meta/recipes-support/fribidi/fribidi_1.0.12.bb b/poky/meta/recipes-support/fribidi/fribidi_1.0.13.bb index 9e46d958e9..5d0476a375 100644 --- a/poky/meta/recipes-support/fribidi/fribidi_1.0.12.bb +++ b/poky/meta/recipes-support/fribidi/fribidi_1.0.13.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a916467b91076e631dd8edb7424769c7" SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/${BP}.tar.xz \ " -SRC_URI[sha256sum] = "0cd233f97fc8c67bb3ac27ce8440def5d3ffacf516765b91c2cc654498293495" +SRC_URI[sha256sum] = "7fa16c80c81bd622f7b198d31356da139cc318a63fc7761217af4130903f54a2" inherit meson lib_package pkgconfig github-releases diff --git a/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch b/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch index 0cd4c45907..81aeaf5d3a 100644 --- a/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch +++ b/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch @@ -1,4 +1,4 @@ -From 346a6b17a07b658954db65f814461b59824d9fcd Mon Sep 17 00:00:00 2001 +From 8b9e3d286e87bc978ec6bb9cfd790d8d253b79c3 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Mon, 22 Jan 2018 18:00:21 +0200 Subject: [PATCH] configure.ac: use a custom value for the location of @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 099c6a8..e8cf408 100644 +index a547401..60bc2c5 100644 --- a/configure.ac +++ b/configure.ac -@@ -1935,7 +1935,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf", +@@ -1922,7 +1922,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf", AC_DEFINE_UNQUOTED(GPGTAR_NAME, "gpgtar", [The name of the gpgtar tool]) diff --git a/poky/meta/recipes-support/gnupg/gnupg/relocate.patch b/poky/meta/recipes-support/gnupg/gnupg/relocate.patch index 071dd93ff5..f7dd12fbcc 100644 --- a/poky/meta/recipes-support/gnupg/gnupg/relocate.patch +++ b/poky/meta/recipes-support/gnupg/gnupg/relocate.patch @@ -1,4 +1,4 @@ -From b1117adeb476304ce2792814516a5b7cd44d0d38 Mon Sep 17 00:00:00 2001 +From c4ddea8e6070d1df51058aac08088e27c37e7e73 Mon Sep 17 00:00:00 2001 From: Ross Burton <ross.burton@intel.com> Date: Wed, 19 Sep 2018 14:44:40 +0100 Subject: [PATCH] Allow the environment to override where gnupg looks for its @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin <alex@linutronix.de> 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/common/homedir.c b/common/homedir.c -index 67bbde8..7f360ba 100644 +index 286685f..212a945 100644 --- a/common/homedir.c +++ b/common/homedir.c -@@ -1171,7 +1171,7 @@ gnupg_socketdir (void) +@@ -1213,7 +1213,7 @@ gnupg_socketdir (void) if (!name) { unsigned int dummy; @@ -26,7 +26,7 @@ index 67bbde8..7f360ba 100644 gpgrt_annotate_leaked_object (name); } -@@ -1203,7 +1203,7 @@ gnupg_sysconfdir (void) +@@ -1245,7 +1245,7 @@ gnupg_sysconfdir (void) if (dir) return dir; else @@ -35,7 +35,7 @@ index 67bbde8..7f360ba 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1239,7 +1239,7 @@ gnupg_bindir (void) +@@ -1281,7 +1281,7 @@ gnupg_bindir (void) return name; } else @@ -44,7 +44,7 @@ index 67bbde8..7f360ba 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1266,7 +1266,7 @@ gnupg_libexecdir (void) +@@ -1308,7 +1308,7 @@ gnupg_libexecdir (void) return name; } else @@ -53,7 +53,7 @@ index 67bbde8..7f360ba 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1296,7 +1296,7 @@ gnupg_libdir (void) +@@ -1338,7 +1338,7 @@ gnupg_libdir (void) return name; } else @@ -62,7 +62,7 @@ index 67bbde8..7f360ba 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1327,7 +1327,7 @@ gnupg_datadir (void) +@@ -1369,7 +1369,7 @@ gnupg_datadir (void) return name; } else @@ -71,7 +71,7 @@ index 67bbde8..7f360ba 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -1359,7 +1359,7 @@ gnupg_localedir (void) +@@ -1401,7 +1401,7 @@ gnupg_localedir (void) return name; } else diff --git a/poky/meta/recipes-support/gnupg/gnupg_2.4.0.bb b/poky/meta/recipes-support/gnupg/gnupg_2.4.2.bb index 900aa8ad73..631df8ac9d 100644 --- a/poky/meta/recipes-support/gnupg/gnupg_2.4.0.bb +++ b/poky/meta/recipes-support/gnupg/gnupg_2.4.2.bb @@ -23,7 +23,7 @@ SRC_URI:append:class-native = " file://0001-configure.ac-use-a-custom-value-for- file://relocate.patch" SRC_URI:append:class-nativesdk = " file://relocate.patch" -SRC_URI[sha256sum] = "1d79158dd01d992431dd2e3facb89fdac97127f89784ea2cb610c600fb0c1483" +SRC_URI[sha256sum] = "97eb47df8ae5a3ff744f868005a090da5ab45cb48ee9836dbf5ee739a4e5cf49" EXTRA_OECONF = "--disable-ldap \ --disable-ccid-driver \ @@ -33,6 +33,8 @@ EXTRA_OECONF = "--disable-ldap \ --with-mailprog=${sbindir}/sendmail \ --enable-gpg-is-gpg2 \ " +# yat2m can be found from recipe-sysroot-native non-deterministically with different versioning otherwise +CACHED_CONFIGUREVARS += "ac_cv_path_YAT2M=./yat2m" # A minimal package containing just enough to run gpg+gpgagent (E.g. use gpgme in opkg) PACKAGES =+ "${PN}-gpg" diff --git a/poky/meta/recipes-support/libassuan/libassuan_2.5.5.bb b/poky/meta/recipes-support/libassuan/libassuan_2.5.6.bb index 2bab3ac955..7e899e7399 100644 --- a/poky/meta/recipes-support/libassuan/libassuan_2.5.5.bb +++ b/poky/meta/recipes-support/libassuan/libassuan_2.5.6.bb @@ -20,7 +20,7 @@ SRC_URI = "${GNUPG_MIRROR}/libassuan/libassuan-${PV}.tar.bz2 \ file://libassuan-add-pkgconfig-support.patch \ " -SRC_URI[sha256sum] = "8e8c2fcc982f9ca67dcbb1d95e2dc746b1739a4668bc20b3a3c5be632edb34e4" +SRC_URI[sha256sum] = "e9fd27218d5394904e4e39788f9b1742711c3e6b41689a31aa3380bd5aa4f426" BINCONFIG = "${bindir}/libassuan-config" diff --git a/poky/meta/recipes-support/libksba/libksba_1.6.3.bb b/poky/meta/recipes-support/libksba/libksba_1.6.4.bb index dc39693be4..f9636f9433 100644 --- a/poky/meta/recipes-support/libksba/libksba_1.6.3.bb +++ b/poky/meta/recipes-support/libksba/libksba_1.6.4.bb @@ -24,7 +24,7 @@ UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ file://ksba-add-pkgconfig-support.patch" -SRC_URI[sha256sum] = "3f72c68db30971ebbf14367527719423f0a4d5f8103fc9f4a1c01a9fa440de5c" +SRC_URI[sha256sum] = "bbb43f032b9164d86c781ffe42213a83bf4f2fee91455edfa4654521b8b03b6b" do_configure:prepend () { # Else these could be used in preference to those in aclocal-copy diff --git a/poky/meta/recipes-support/libmicrohttpd/libmicrohttpd_0.9.76.bb b/poky/meta/recipes-support/libmicrohttpd/libmicrohttpd_0.9.77.bb index 7bd66f63cf..16159a0fd8 100644 --- a/poky/meta/recipes-support/libmicrohttpd/libmicrohttpd_0.9.76.bb +++ b/poky/meta/recipes-support/libmicrohttpd/libmicrohttpd_0.9.77.bb @@ -7,7 +7,7 @@ SECTION = "net" DEPENDS = "file" SRC_URI = "${GNU_MIRROR}/libmicrohttpd/${BPN}-${PV}.tar.gz" -SRC_URI[sha256sum] = "f0b1547b5a42a6c0f724e8e1c1cb5ce9c4c35fb495e7d780b9930d35011ceb4c" +SRC_URI[sha256sum] = "9e7023a151120060d2806a6ea4c13ca9933ece4eacfc5c9464d20edddb76b0a0" inherit autotools lib_package pkgconfig gettext diff --git a/poky/meta/recipes-support/libproxy/libproxy_0.4.18.bb b/poky/meta/recipes-support/libproxy/libproxy_0.4.18.bb index 01ba2a6fe9..748b1bd2c0 100644 --- a/poky/meta/recipes-support/libproxy/libproxy_0.4.18.bb +++ b/poky/meta/recipes-support/libproxy/libproxy_0.4.18.bb @@ -12,10 +12,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ DEPENDS = "glib-2.0" -SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.xz" -SRC_URI[sha256sum] = "69b5856e9ea42c38ac77e6b8c92ffc86a71d341fef74e77bef85f9cc6c47a4b1" +SRC_URI = "git://github.com/libproxy/libproxy;protocol=https;branch=main" +SRCREV = "caccaf28e3df6ea612d2d4b39f781c4324019fdb" +S = "${WORKDIR}/git" -inherit cmake pkgconfig github-releases +inherit cmake pkgconfig PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'gnome', '', d)} gnome3" PACKAGECONFIG[gnome] = "-DWITH_GNOME=yes,-DWITH_GNOME=no,gconf" diff --git a/poky/meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch b/poky/meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch new file mode 100644 index 0000000000..066233fcae --- /dev/null +++ b/poky/meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch @@ -0,0 +1,34 @@ +CVE: CVE-2020-22218 +Upstream-Status: Backport [ https://github.com/libssh2/libssh2/commit/642eec48ff3adfdb7a9e562b6d7fc865d1733f45 ] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + + +From 642eec48ff3adfdb7a9e562b6d7fc865d1733f45 Mon Sep 17 00:00:00 2001 +From: lutianxiong <lutianxiong@huawei.com> +Date: Fri, 29 May 2020 01:25:40 +0800 +Subject: [PATCH] transport.c: fix use-of-uninitialized-value (#476) + +file:transport.c + +notes: +return error if malloc(0) + +credit: +lutianxiong +--- + src/transport.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/transport.c b/src/transport.c +index 96fca6b8cc..adf96c2437 100644 +--- a/src/transport.c ++++ b/src/transport.c +@@ -472,7 +472,7 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) + /* Get a packet handle put data into. We get one to + hold all data, including padding and MAC. */ + p->payload = LIBSSH2_ALLOC(session, total_num); +- if(!p->payload) { ++ if(total_num == 0 || !p->payload) { + return LIBSSH2_ERROR_ALLOC; + } + p->total_num = total_num; diff --git a/poky/meta/recipes-support/libssh2/libssh2_1.10.0.bb b/poky/meta/recipes-support/libssh2/libssh2_1.10.0.bb index d5513373b0..8483a292c2 100644 --- a/poky/meta/recipes-support/libssh2/libssh2_1.10.0.bb +++ b/poky/meta/recipes-support/libssh2/libssh2_1.10.0.bb @@ -10,6 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=3e089ad0cf27edf1e7f261dfcd06acc7" SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz \ file://fix-ssh2-test.patch \ file://run-ptest \ + file://CVE-2020-22218.patch \ " SRC_URI[sha256sum] = "2d64e90f3ded394b91d3a2e774ca203a4179f69aebee03003e5a6fa621e41d51" diff --git a/poky/meta/recipes-support/nghttp2/nghttp2/CVE-2023-35945.patch b/poky/meta/recipes-support/nghttp2/nghttp2/CVE-2023-35945.patch new file mode 100644 index 0000000000..04d2086e1c --- /dev/null +++ b/poky/meta/recipes-support/nghttp2/nghttp2/CVE-2023-35945.patch @@ -0,0 +1,151 @@ +From ce385d3f55a4b76da976b3bdf71fe2deddf315ba Mon Sep 17 00:00:00 2001 +From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com> +Date: Mon, 4 Sep 2023 06:48:30 +0000 +Subject: [PATCH] Fix memory leak + +This commit fixes memory leak that happens when PUSH_PROMISE or +HEADERS frame cannot be sent, and nghttp2_on_stream_close_callback +fails with a fatal error. For example, if GOAWAY frame has been +received, a HEADERS frame that opens new stream cannot be sent. + +This issue has already been made public via CVE-2023-35945 [1] issued +by envoyproxy/envoy project. During embargo period, the patch to fix +this bug was accidentally submitted to nghttp2/nghttp2 repository [2]. +And they decided to disclose CVE early. I was notified just 1.5 hours +before disclosure. I had no time to respond. + +PoC described in [1] is quite simple, but I think it is not enough to +trigger this bug. While it is true that receiving GOAWAY prevents a +client from opening new stream, and nghttp2 enters error handling +branch, in order to cause the memory leak, +nghttp2_session_close_stream function must return a fatal error. +nghttp2 defines 2 fatal error codes: + +- NGHTTP2_ERR_NOMEM +- NGHTTP2_ERR_CALLBACK_FAILURE + +NGHTTP2_ERR_NOMEM, as its name suggests, indicates out of memory. It +is unlikely that a process gets short of memory with this simple PoC +scenario unless application does something memory heavy processing. + +NGHTTP2_ERR_CALLBACK_FAILURE is returned from application defined +callback function (nghttp2_on_stream_close_callback, in this case), +which indicates something fatal happened inside a callback, and a +connection must be closed immediately without any further action. As +nghttp2_on_stream_close_error_callback documentation says, any error +code other than 0 or NGHTTP2_ERR_CALLBACK_FAILURE is treated as fatal +error code. More specifically, it is treated as if +NGHTTP2_ERR_CALLBACK_FAILURE is returned. I guess that envoy returns +NGHTTP2_ERR_CALLBACK_FAILURE or other error code which is translated +into NGHTTP2_ERR_CALLBACK_FAILURE. + +[1] https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r +[2] https://github.com/nghttp2/nghttp2/pull/1929 + +CVE: CVE-2023-35945 + +Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/ce385d3f55a4b76da976b3bdf71fe2deddf315ba] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + lib/nghttp2_session.c | 10 +++++----- + tests/nghttp2_session_test.c | 34 ++++++++++++++++++++++++++++++++++ + 2 files changed, 39 insertions(+), 5 deletions(-) + +diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c +index 93f3f07..9bb32b2 100644 +--- a/lib/nghttp2_session.c ++++ b/lib/nghttp2_session.c +@@ -3300,6 +3300,7 @@ static ssize_t nghttp2_session_mem_send_internal(nghttp2_session *session, + if (rv < 0) { + int32_t opened_stream_id = 0; + uint32_t error_code = NGHTTP2_INTERNAL_ERROR; ++ int rv2 = 0; + + DEBUGF("send: frame preparation failed with %s\n", + nghttp2_strerror(rv)); +@@ -3342,19 +3343,18 @@ static ssize_t nghttp2_session_mem_send_internal(nghttp2_session *session, + } + if (opened_stream_id) { + /* careful not to override rv */ +- int rv2; + rv2 = nghttp2_session_close_stream(session, opened_stream_id, + error_code); +- +- if (nghttp2_is_fatal(rv2)) { +- return rv2; +- } + } + + nghttp2_outbound_item_free(item, mem); + nghttp2_mem_free(mem, item); + active_outbound_item_reset(aob, mem); + ++ if (nghttp2_is_fatal(rv2)) { ++ return rv2; ++ } ++ + if (rv == NGHTTP2_ERR_HEADER_COMP) { + /* If header compression error occurred, should terminiate + connection. */ +diff --git a/tests/nghttp2_session_test.c b/tests/nghttp2_session_test.c +index 08152d4..14ab132 100644 +--- a/tests/nghttp2_session_test.c ++++ b/tests/nghttp2_session_test.c +@@ -585,6 +585,15 @@ static int on_stream_close_callback(nghttp2_session *session, int32_t stream_id, + return 0; + } + ++static int fatal_error_on_stream_close_callback(nghttp2_session *session, ++ int32_t stream_id, ++ uint32_t error_code, ++ void *user_data) { ++ on_stream_close_callback(session, stream_id, error_code, user_data); ++ ++ return NGHTTP2_ERR_CALLBACK_FAILURE; ++} ++ + static ssize_t pack_extension_callback(nghttp2_session *session, uint8_t *buf, + size_t len, const nghttp2_frame *frame, + void *user_data) { +@@ -4297,6 +4306,8 @@ void test_nghttp2_session_on_goaway_received(void) { + nghttp2_frame frame; + int i; + nghttp2_mem *mem; ++ const uint8_t *data; ++ ssize_t datalen; + + mem = nghttp2_mem_default(); + user_data.frame_recv_cb_called = 0; +@@ -4338,6 +4349,29 @@ void test_nghttp2_session_on_goaway_received(void) { + + nghttp2_frame_goaway_free(&frame.goaway, mem); + nghttp2_session_del(session); ++ ++ /* Make sure that no memory leak when stream_close callback fails ++ with a fatal error */ ++ memset(&callbacks, 0, sizeof(nghttp2_session_callbacks)); ++ callbacks.on_stream_close_callback = fatal_error_on_stream_close_callback; ++ ++ memset(&user_data, 0, sizeof(user_data)); ++ ++ nghttp2_session_client_new(&session, &callbacks, &user_data); ++ ++ nghttp2_frame_goaway_init(&frame.goaway, 0, NGHTTP2_NO_ERROR, NULL, 0); ++ ++ CU_ASSERT(0 == nghttp2_session_on_goaway_received(session, &frame)); ++ ++ nghttp2_submit_request(session, NULL, reqnv, ARRLEN(reqnv), NULL, NULL); ++ ++ datalen = nghttp2_session_mem_send(session, &data); ++ ++ CU_ASSERT(NGHTTP2_ERR_CALLBACK_FAILURE == datalen); ++ CU_ASSERT(1 == user_data.stream_close_cb_called); ++ ++ nghttp2_frame_goaway_free(&frame.goaway, mem); ++ nghttp2_session_del(session); + } + + void test_nghttp2_session_on_window_update_received(void) { +-- +2.35.5 diff --git a/poky/meta/recipes-support/nghttp2/nghttp2_1.52.0.bb b/poky/meta/recipes-support/nghttp2/nghttp2_1.52.0.bb index f57a15954d..0fba554919 100644 --- a/poky/meta/recipes-support/nghttp2/nghttp2_1.52.0.bb +++ b/poky/meta/recipes-support/nghttp2/nghttp2_1.52.0.bb @@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=764abdf30b2eadd37ce47dcbce0ea1ec" SRC_URI = "\ ${GITHUB_BASE_URI}/download/v${PV}/nghttp2-${PV}.tar.xz \ file://0001-fetch-ocsp-response-use-python3.patch \ + file://CVE-2023-35945.patch \ " SRC_URI[sha256sum] = "3ea9f0439e60469ad4d39cb349938684ffb929dd7e8e06a7bffe9f9d21f8ba7d" diff --git a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb index ff5629c6f9..60918a3892 100644 --- a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb +++ b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb @@ -7,7 +7,7 @@ HOMEPAGE = "http://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/about/" LICENSE = "GPL-2.0-or-later" LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" -SRCREV = "bcb82804daa8f725b6add259dcef2067e61a75aa" +SRCREV = "4148e75284e443fc8ffaef425c467aa5523528ff" PV .= "+git${SRCPV}" SRC_URI = "git://git.yoctoproject.org/ptest-runner2;branch=master;protocol=https \ diff --git a/poky/meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch b/poky/meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch deleted file mode 100644 index 4a5832ac1a..0000000000 --- a/poky/meta/recipes-support/serf/serf/0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 99f6e1b0d68281b63218d6adfe68cd9e331ac5be Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 3 Sep 2018 10:50:08 -0700 -Subject: [PATCH] Fix syntax of a print() in the scons file to unbreak building - with most recent scons version. - -* SConstruct Use Python 3.0 valid syntax to make Scons 3.0.0 happy on both python - 3.0 and 2.7. - -Upstream-Status: Backport -[https://svn.apache.org/viewvc/serf/trunk/SConstruct?r1=1809132&r2=1811083&diff_format=h] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - SConstruct | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/SConstruct b/SConstruct -index 1670459..18a45fa 100644 ---- a/SConstruct -+++ b/SConstruct -@@ -184,7 +184,7 @@ CALLOUT_OKAY = not (env.GetOption('clean') or env.GetOption('help')) - - unknown = opts.UnknownVariables() - if unknown: -- print 'Warning: Used unknown variables:', ', '.join(unknown.keys()) -+ print('Warning: Used unknown variables:', ', '.join(unknown.keys())) - - apr = str(env['APR']) - apu = str(env['APU']) diff --git a/poky/meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch b/poky/meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch deleted file mode 100644 index 91ccc8a474..0000000000 --- a/poky/meta/recipes-support/serf/serf/0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 2f45711a66ff99886b6e4a5708e2db01a63e5af4 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin <alex@linutronix.de> -Date: Fri, 10 Sep 2021 11:05:10 +0200 -Subject: [PATCH] buckets/ssl_buckets.c: do not use ERR_GET_FUNC - -Upstream removed it in -https://github.com/openssl/openssl/pull/16004 - -Upstream-Status: Inactive-Upstream [lastrelease: 2015, lastcommit: 2019] -Signed-off-by: Alexander Kanavin <alex@linutronix.de> ---- - buckets/ssl_buckets.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/buckets/ssl_buckets.c b/buckets/ssl_buckets.c -index b01e535..9801f87 100644 ---- a/buckets/ssl_buckets.c -+++ b/buckets/ssl_buckets.c -@@ -1325,8 +1325,7 @@ static int ssl_need_client_cert(SSL *ssl, X509 **cert, EVP_PKEY **pkey) - return 0; - } - else { -- printf("OpenSSL cert error: %d %d %d\n", ERR_GET_LIB(err), -- ERR_GET_FUNC(err), -+ printf("OpenSSL cert error: %d %d\n", ERR_GET_LIB(err), - ERR_GET_REASON(err)); - PKCS12_free(p12); - bio_meth_free(biom); diff --git a/poky/meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch b/poky/meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch deleted file mode 100644 index 02fa9e3a06..0000000000 --- a/poky/meta/recipes-support/serf/serf/0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 565211fd082ef653ca9c44a345350fc1451f5a0f Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 3 Sep 2018 11:12:38 -0700 -Subject: [PATCH] Follow-up to r1811083 fix building with scons 3.0.0 and - Python3 - -* SConstruct: Append decode('utf-8) to FILE.get_contents() to avoid - TypeError: cannot use a string pattern on a bytes-like object - -Upstream-Status: Backport -[https://svn.apache.org/viewvc/serf/trunk/SConstruct?r1=1811088&r2=1814604] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - SConstruct | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/SConstruct b/SConstruct -index 877731e..7678bb1 100644 ---- a/SConstruct -+++ b/SConstruct -@@ -169,7 +169,7 @@ env.Append(BUILDERS = { - match = re.search('SERF_MAJOR_VERSION ([0-9]+).*' - 'SERF_MINOR_VERSION ([0-9]+).*' - 'SERF_PATCH_VERSION ([0-9]+)', -- env.File('serf.h').get_contents(), -+ env.File('serf.h').get_contents().decode('utf-8'), - re.DOTALL) - MAJOR, MINOR, PATCH = [int(x) for x in match.groups()] - env.Append(MAJOR=str(MAJOR)) diff --git a/poky/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch b/poky/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch index 4105868a7e..91640d6044 100644 --- a/poky/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch +++ b/poky/meta/recipes-support/serf/serf/SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch @@ -31,7 +31,7 @@ ERROR: scons install execution failed. and the installed paths (including the paths inside libserf*.pc) look correct -Upstream-Status: Inactive-Upstream [lastrelease: 2015, lastcommit: 2019] +Upstream-Status: Pending Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> diff --git a/poky/meta/recipes-support/serf/serf_1.3.9.bb b/poky/meta/recipes-support/serf/serf_1.3.10.bb index 669f42b8e7..c6b51452aa 100644 --- a/poky/meta/recipes-support/serf/serf_1.3.9.bb +++ b/poky/meta/recipes-support/serf/serf_1.3.10.bb @@ -7,16 +7,12 @@ HOMEPAGE = "http://serf.apache.org/" SRC_URI = "${APACHE_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ file://norpath.patch \ file://env.patch \ - file://0001-Fix-syntax-of-a-print-in-the-scons-file-to-unbreak-b.patch \ file://0002-SConstruct-Fix-path-quoting-for-.def-generator.patch \ file://0003-gen_def.patch \ - file://0004-Follow-up-to-r1811083-fix-building-with-scons-3.0.0-.patch \ file://SConstruct.stop.creating.directories.without.sandbox-install.prefix.patch \ - file://0001-buckets-ssl_buckets.c-do-not-use-ERR_GET_FUNC.patch \ " -SRC_URI[md5sum] = "370a6340ff20366ab088012cd13f2b57" -SRC_URI[sha256sum] = "549c2d21c577a8a9c0450facb5cca809f26591f048e466552240947bdf7a87cc" +SRC_URI[sha256sum] = "be81ef08baa2516ecda76a77adf7def7bc3227eeb578b9a33b45f7b41dc064e6" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" diff --git a/poky/meta/recipes-support/taglib/taglib_1.13.bb b/poky/meta/recipes-support/taglib/taglib_1.13.1.bb index 6560bc3660..3f0a759f95 100644 --- a/poky/meta/recipes-support/taglib/taglib_1.13.bb +++ b/poky/meta/recipes-support/taglib/taglib_1.13.1.bb @@ -11,7 +11,7 @@ DEPENDS = "zlib" SRC_URI = "http://taglib.github.io/releases/${BP}.tar.gz" -SRC_URI[sha256sum] = "58f08b4db3dc31ed152c04896ee9172d22052bc7ef12888028c01d8b1d60ade0" +SRC_URI[sha256sum] = "c8da2b10f1bfec2cd7dbfcd33f4a2338db0765d851a50583d410bacf055cfd0b" UPSTREAM_CHECK_URI = "https://taglib.org/" diff --git a/poky/meta/recipes-support/vim/vim.inc b/poky/meta/recipes-support/vim/vim.inc index e1d2563316..5f55f590e6 100644 --- a/poky/meta/recipes-support/vim/vim.inc +++ b/poky/meta/recipes-support/vim/vim.inc @@ -10,7 +10,7 @@ DEPENDS = "ncurses gettext-native" RSUGGESTS:${PN} = "diffutils" LICENSE = "Vim" -LIC_FILES_CHKSUM = "file://LICENSE;md5=6b30ea4fa660c483b619924bc709ef99" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d1a651ab770b45d41c0f8cb5a8ca930e" SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://disable_acl_header_check.patch \ @@ -19,14 +19,13 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://no-path-adjust.patch \ " -PV .= ".1527" -SRCREV = "c28e7a2b2f23dbd246a1ad7ad7aaa6f7ab2e5887" - -# Remove when 8.3 is out -UPSTREAM_VERSION_UNKNOWN = "1" +PV .= ".1894" +SRCREV = "e5f7cd0a60d0eeab84f7aeb35c13d3af7e50072e" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0" +# Ignore that the upstream version .z in x.y.z is always newer +UPSTREAM_VERSION_UNKNOWN = "1" S = "${WORKDIR}/git" |