From 415294223a164a804e31e39c90043d15e9b153de Mon Sep 17 00:00:00 2001 From: Patrick Williams Date: Wed, 19 Jan 2022 11:23:10 -0600 Subject: subtree updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit meta-openembedded: f632403d18..4647e3ea37: Andreas Müller (1): udisks2: upgrade 2.9.3 -> 2.9.4 Armin Kuster (1): wireshark: update to latest stable 3.4.11 Changqing Li (1): postgresql: fix CVE-2021-23214,CVE-2021-23222 Luca Boccassi (1): lvm2: do not install systemd units/initscripts when building native SDK tools Oleksandr Kravchuk (1): fb-test: fix SRC_URI Peter Kjellerstedt (2): gattlib: Explicitly disable Python support googletest: Switch branch from master to main Ross Burton (15): imlib2: clarify license xmlrpc-c: set precise BSD license dash: set precise BSD license sg3-utils: set precise BSD license nodejs: set precise BSD license libkcapi: set precise BSD license pcsc-lite: set precise BSD license python3-cryptography: set precise BSD license python3-crypto-vectors: set precise BSD license python3-gevent: use system libraries instead of embedding python3-gevent: update license python3-lxml: set precise BSD license python3-posix-ipc: set precise BSD license python3-posix-ipc: remove spurious dependencies python3-pyzmq: set precise BSD license Sean Nyekjaer (1): msgpack-cpp: fix msgpack-cpp is a header only library Trevor Gamblin (1): python3-django: upgrade 3.2.5 -> 3.2.10 Yi Zhao (2): postfix: upgrade 3.6.2 -> 3.6.3 openipmi: upgrade 2.0.31 -> 2.0.32 wangmy (2): libfile-slurper-perl: upgrade 0.012 -> 0.013 apache2: upgrade 2.4.51 -> 2.4.52 zhengruoqin (2): openvpn: upgrade 2.5.4 -> 2.5.5 libnet-dns-perl: upgrade 1.32 -> 1.33 poky: f286eefb27..883341e9ca: Alexander Kanavin (5): systemd: update 249.3 -> 249.4 systemd: update 249.4 -> 249.5 systemd: upgrade 249.5 -> 249.6 systemd: update 249.6 -> 249.7 lib/oe/reproducible: correctly set .git location when recursively looking for git repos Alexandre Belloni (1): maintainers.inc: fix up rust-cross entry Anton Mikanovich (1): bitbake: process: Do not mix stderr with stdout Anuj Mittal (3): python3: upgrade 3.9.7 -> 3.9.9 xserver-xorg: upgrade 1.20.13 -> 1.20.14 xserver-xorg: update CVE_PRODUCT Bruce Ashfield (13): linux-yocto/5.14: update to v5.14.18 linux-yocto/5.10: update to v5.10.79 linux-yocto/5.14: update to v5.14.21 linux-yocto/5.10: update to v5.10.82 linux-yocto-rt/5.10: update to -rt56 kern-tools: bug fixes and kgit-gconfig linux-yocto/5.10: update to v5.10.84 linux-yocto/5.10: update to v5.10.85 linux-yocto/5.10: update to v5.10.87 linux-yocto/5.10: update to v5.10.89 linux-yocto/5.14: fix arm 32bit -rt warnings linux-yocto/5.10/cfg: add kcov feature fragment linux-yocto/5.10: update to v5.10.90 Chaitanya Vadrevu (1): python3-pyelftools: Depend on debugger, pprint Changqing Li (2): openssh: fix CVE-2021-41617 libsndfile1: fix CVE-2021-4156 Dhruva Gole (1): scripts/checklayer/common.py: Fixed a minor grammatical error Florian Amstutz (1): systemd: Fix systemd-journal-gateway user/groups Joshua Watt (2): classes/meson: Add optional rust definitions classes/crate-fetch: Ensure crate fetcher is available Khairul Rohaizzat Jamaluddin (1): epiphany: Update 40.3 -> 40.6 Khem Raj (1): boost: Fix build on arches with no atomics Konrad Weihmann (1): cve-check: add lockfile to task Li Wang (1): libtool: change the default AR_FLAGS from "cru" to "cr" Markus Volk (1): vulkan-loader: inherit pkgconfig Martin Jansa (1): boost: allow searching for python310 Max Krummenacher (1): ref-manual: fix patch documentation Michael Opdenacker (1): updates for recent releases Mingli Yu (4): wic: use shutil.which ncurses: fix CVE-2021-39537 bind: fix CVE-2021-25219 packagedata.py: silence a DeprecationWarning Oleksiy Obitotskyy (1): package_manager: ipk: Fix host manifest generation Pavel Zhukov (2): go: upgrade 1.16.8 -> 1.16.10 patch.py: Initialize git repo before patching Peter Kjellerstedt (1): rootfs-postcommands.bbclass: Make two comments use the new variable syntax Pgowda (3): rust-cross: Fix directory not deleted for race glibc vs. musl rust-cross: Replace TARGET_ARCH with TUNE_PKGARCH gcc: Fix CVE-2021-35465 Quentin Schulz (1): README.OE-Core.md: update URLs Richard Purdie (13): buildhistory: Fix srcrevs output glibc: Fix i586/c3 support oeqa/utils/dump: Fix typo oeqa/parselogs: Fix quoting libtool: Update patchset to match those submitted upstream gcc: Add CVE-2021-37322 to the list of CVEs to ignore oeqa/selftest/bbtests: Use YP sources mirror instead of GNU bitbake: tests/fetch: Drop gnu urls from wget connectivity test bitbake: utils: Update to use exec_module() instead of load_module() openssl: Add reproducibility fix webkitgtk: Add reproducibility fix scripts: Update to use exec_module() instead of load_module() oeqa/sstate: Fix allarch samesigs test Robert Yang (1): bitbake: lib/pyinotify.py: Remove deprecated module asyncore Ross Burton (10): gmp: fix CVE-2021-43618 vim: fix CVE-2021-3927 and CVE-2021-3928 vim: fix CVE-2021-3968 and CVE-2021-3973 recipetool: handle GitLab URLs like we do GitHub recipetool: extend curl detection when creating recipes runqemu: check the qemu PID has been set before kill()ing it oe/license: implement ast.NodeVisitor.visit_Constant license.bbclass: implement ast.NodeVisitor.visit_Constant linux-yocto: add libmpc-native to DEPENDS xserver-xorg: whitelist two CVEs Sakib Sajal (1): go: upgrade 1.16.10 -> 1.16.13 Samuli Piippo (1): rpm: remove tmp folder created during install Schmidt, Adriaan (1): wic: support rootdev identified by partition label Stefan Herbrechtsmeier (4): recipetool: Set master branch only as fallback selftest/devtool: Check branch in git fetch bitbake: fetch: npm: Quote destdir in run chmod command bitbake: fetch: npm: Use temporary file for empty user config Steve Sakoman (1): cve-extra-exclusions: add db CVEs to exclusion list Teoh Jay Shen (2): linux-yocto/5.10: update genericx86* machines to v5.10.87 linux-yocto/5.14: update genericx86* machines to v5.14.21 Thomas Perrot (1): uboot-sign: fix the concatenation when multiple U-BOOT configurations are specified Tim Orling (1): scripts/buildhistory-diff: drop use of distutils Vyacheslav Yurkov (1): rootfs-postcommands: update systemd_create_users Yongxin Liu (1): grub2: fix CVE-2021-3981 pgowda (2): gcc: Fix CVE-2021-42574 binutils: CVE-2021-42574 wangmy (3): libdrm: upgrade 2.4.107 -> 2.4.108 libdrm: upgrade 2.4.108 -> 2.4.109 linux-firmware: upgrade 20211027 -> 20211216 Signed-off-by: Patrick Williams Change-Id: I6960d05f86e29ca9b3443687be90f33c6609fa6f --- .../recipes-daemons/postfix/postfix_3.6.2.bb | 19 - .../recipes-daemons/postfix/postfix_3.6.3.bb | 19 + .../recipes-support/openipmi/openipmi_2.0.31.bb | 112 - .../recipes-support/openipmi/openipmi_2.0.32.bb | 112 + .../recipes-support/openvpn/openvpn_2.5.4.bb | 75 - .../recipes-support/openvpn/openvpn_2.5.5.bb | 75 + .../files/0004-lemon-Remove-line-directives.patch | 15 +- .../recipes-support/wireshark/wireshark_3.4.11.bb | 88 + .../recipes-support/wireshark/wireshark_3.4.8.bb | 88 - .../recipes-connectivity/gattlib/gattlib_git.bb | 1 + .../recipes-crypto/libkcapi/libkcapi_1.2.1.bb | 2 +- .../postgresql/files/CVE-2021-23214.patch | 116 + .../postgresql/files/CVE-2021-23222.patch | 131 ++ .../recipes-dbs/postgresql/postgresql_13.4.bb | 2 + .../recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb | 2 + .../recipes-devtools/nodejs/nodejs_14.17.1.bb | 2 +- .../recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb | 2 +- .../meta-oe/recipes-graphics/imlib2/imlib2_git.bb | 2 +- .../meta-oe/recipes-shells/dash/dash_0.5.11.5.bb | 2 +- .../meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb | 17 +- .../recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb | 12 +- .../recipes-support/sg3-utils/sg3-utils_1.45.bb | 2 +- .../recipes-support/udisks/udisks2_2.9.3.bb | 53 - .../recipes-support/udisks/udisks2_2.9.4.bb | 53 + .../meta-oe/recipes-test/fbtest/fb-test_1.1.0.bb | 18 + .../meta-oe/recipes-test/fbtest/fb-test_git.bb | 20 - .../recipes-test/googletest/googletest_git.bb | 2 +- .../libfile/libfile-slurper-perl_0.012.bb | 36 - .../libfile/libfile-slurper-perl_0.013.bb | 35 + .../recipes-perl/libnet/libnet-dns-perl_1.32.bb | 65 - .../recipes-perl/libnet/libnet-dns-perl_1.33.bb | 65 + .../python/python-gevent/libev-conf.patch | 26 - .../python/python3-cryptography-vectors_3.4.8.bb | 6 +- .../python/python3-cryptography_3.3.2.bb | 6 +- .../python/python3-django_3.2.10.bb | 13 + .../python/python3-django_3.2.5.bb | 13 - .../python/python3-gevent_21.8.0.bb | 29 +- .../recipes-devtools/python/python3-lxml_4.6.3.bb | 4 +- .../python/python3-posix-ipc_1.0.5.bb | 12 +- .../python/python3-pyzmq_22.3.0.bb | 2 +- .../recipes-httpd/apache2/apache2_2.4.51.bb | 225 -- .../recipes-httpd/apache2/apache2_2.4.52.bb | 225 ++ poky/README.OE-Core.md | 10 +- poky/bitbake/lib/bb/fetch2/npm.py | 16 +- poky/bitbake/lib/bb/process.py | 2 +- poky/bitbake/lib/bb/tests/fetch.py | 3 - poky/bitbake/lib/bb/utils.py | 7 +- poky/bitbake/lib/pyinotify.py | 30 - poky/documentation/conf.py | 2 +- poky/documentation/poky.yaml | 8 +- poky/documentation/ref-manual/tasks.rst | 16 +- poky/documentation/releases.rst | 8 + poky/documentation/sphinx-static/switchers.js | 4 +- .../recipes-kernel/linux/linux-yocto_5.10.bbappend | 8 +- .../recipes-kernel/linux/linux-yocto_5.14.bbappend | 8 +- poky/meta/classes/buildhistory.bbclass | 30 +- poky/meta/classes/crate-fetch.bbclass | 21 +- poky/meta/classes/cve-check.bbclass | 1 + poky/meta/classes/license.bbclass | 4 + poky/meta/classes/meson.bbclass | 11 +- poky/meta/classes/rootfs-postcommands.bbclass | 6 +- poky/meta/classes/uboot-sign.bbclass | 16 +- .../conf/distro/include/cve-extra-exclusions.inc | 9 +- poky/meta/conf/distro/include/maintainers.inc | 2 +- poky/meta/lib/oe/license.py | 6 + poky/meta/lib/oe/packagedata.py | 2 +- poky/meta/lib/oe/patch.py | 16 +- poky/meta/lib/oe/reproducible.py | 2 +- poky/meta/lib/oe/sdk.py | 4 + poky/meta/lib/oeqa/runtime/cases/parselogs.py | 14 +- poky/meta/lib/oeqa/selftest/cases/bbtests.py | 17 +- poky/meta/lib/oeqa/selftest/cases/devtool.py | 5 +- poky/meta/lib/oeqa/selftest/cases/sstatetests.py | 13 +- poky/meta/lib/oeqa/utils/dump.py | 2 +- ...b-mkconfig-Restore-umask-for-the-grub.cfg.patch | 49 + poky/meta/recipes-bsp/grub/grub2.inc | 1 + .../bind/bind-9.16.20/CVE-2021-25219-1.patch | 76 + .../bind/bind-9.16.20/CVE-2021-25219-2.patch | 65 + .../meta/recipes-connectivity/bind/bind_9.16.20.bb | 2 + .../openssh/openssh/CVE-2021-41617.patch | 48 + .../recipes-connectivity/openssh/openssh_8.7p1.bb | 1 + .../openssl/openssl/reproducibility.patch | 22 + .../recipes-connectivity/openssl/openssl_1.1.1l.bb | 1 + poky/meta/recipes-core/glibc/glibc_2.34.bb | 2 +- .../ncurses/files/CVE-2021-39537.patch | 65 + poky/meta/recipes-core/ncurses/ncurses_6.2.bb | 1 + .../recipes-core/systemd/systemd-boot_249.3.bb | 74 - .../recipes-core/systemd/systemd-boot_249.7.bb | 74 + poky/meta/recipes-core/systemd/systemd.inc | 2 +- .../0002-don-t-use-glibc-specific-qsort_r.patch | 2 +- ...e.h-add-__compare_fn_t-and-comparison_fn_.patch | 2 +- ...llback-parse_printf_format-implementation.patch | 8 +- ...asic-missing.h-check-for-missing-strndupa.patch | 24 +- .../systemd/0006-Include-netinet-if_ether.h.patch | 15 +- ...if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch | 2 +- .../0008-add-missing-FTW_-macros-for-musl.patch | 3 +- ...-of-__register_atfork-for-non-glibc-build.patch | 4 +- .../0010-Use-uintmax_t-for-handling-rlim_t.patch | 6 +- ....c-Disable-tests-for-missing-typedefs-in-.patch | 4 +- ...ass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch | 2 +- ...c-compatible-basename-for-non-glibc-syste.patch | 2 +- ...ble-buffering-when-writing-to-oom_score_a.patch | 4 +- ...-XSI-compliant-strerror_r-from-GNU-specif.patch | 2 +- ...rt_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch | 2 +- ...ing_type.h-add-__compar_d_fn_t-definition.patch | 2 +- ...id-redefinition-of-prctl_mm_map-structure.patch | 2 +- .../systemd/0019-Handle-missing-LOCK_EX.patch | 2 +- ...ompatible-pointer-type-struct-sockaddr_un.patch | 8 +- .../systemd/0021-test-json.c-define-M_PIl.patch | 2 +- ...22-do-not-disable-buffer-in-writing-files.patch | 8 +- .../systemd/0025-Handle-__cpu_mask-usage.patch | 4 +- .../systemd/0026-Handle-missing-gshadow.patch | 2 +- ...yscall.h-Define-MIPS-ABI-defines-for-musl.patch | 2 +- poky/meta/recipes-core/systemd/systemd_249.3.bb | 785 ------- poky/meta/recipes-core/systemd/systemd_249.7.bb | 785 +++++++ .../recipes-devtools/binutils/binutils-2.37.inc | 1 + .../binutils/binutils/0001-CVE-2021-42574.patch | 2001 +++++++++++++++++ poky/meta/recipes-devtools/gcc/gcc-11.2.inc | 11 + .../gcc/gcc/0001-CVE-2021-35465.patch | 138 ++ .../gcc/gcc/0001-CVE-2021-42574.patch | 2282 ++++++++++++++++++++ .../gcc/gcc/0002-CVE-2021-35465.patch | 39 + .../gcc/gcc/0002-CVE-2021-42574.patch | 1765 +++++++++++++++ .../gcc/gcc/0003-CVE-2021-35465.patch | 103 + .../gcc/gcc/0003-CVE-2021-42574.patch | 142 ++ .../gcc/gcc/0004-CVE-2021-35465.patch | 304 +++ .../gcc/gcc/0004-CVE-2021-42574.patch | 573 +++++ poky/meta/recipes-devtools/go/go-1.16.13.inc | 25 + poky/meta/recipes-devtools/go/go-1.16.8.inc | 25 - .../go/go-binary-native_1.16.13.bb | 46 + .../recipes-devtools/go/go-binary-native_1.16.8.bb | 46 - .../go/go-cross-canadian_1.16.13.bb | 2 + .../go/go-cross-canadian_1.16.8.bb | 2 - poky/meta/recipes-devtools/go/go-cross_1.16.13.bb | 2 + poky/meta/recipes-devtools/go/go-cross_1.16.8.bb | 2 - .../recipes-devtools/go/go-crosssdk_1.16.13.bb | 2 + .../meta/recipes-devtools/go/go-crosssdk_1.16.8.bb | 2 - poky/meta/recipes-devtools/go/go-native_1.16.13.bb | 59 + poky/meta/recipes-devtools/go/go-native_1.16.8.bb | 59 - .../meta/recipes-devtools/go/go-runtime_1.16.13.bb | 3 + poky/meta/recipes-devtools/go/go-runtime_1.16.8.bb | 3 - poky/meta/recipes-devtools/go/go_1.16.13.bb | 17 + poky/meta/recipes-devtools/go/go_1.16.8.bb | 17 - .../recipes-devtools/libtool/libtool-2.4.6.inc | 27 +- ...-make-sure-autoheader-run-before-autoconf.patch | 35 - ...-make-sure-autoheader-run-before-automake.patch | 35 - ...ck-for-static-libs-for-internal-compiler-.patch | 37 - ...1-libtool-Fix-support-for-NIOS2-processor.patch | 68 - ...andle-trailing-slashes-on-install-command.patch | 35 + ...Rename-the-with-sysroot-option-to-avoid-c.patch | 167 ++ ...in.in-Add-missing-sysroot-to-library-path.patch | 24 + ...ix-sysroot-paths-being-encoded-into-RPATH.patch | 50 + ...on-t-encode-RATHS-which-match-default-lin.patch | 72 + ...-libtool.m4-Handle-as-a-sysroot-correctly.patch | 44 + ...7-libtool-Fix-support-for-NIOS2-processor.patch | 69 + ...ck-for-static-libs-for-internal-compiler-.patch | 38 + ...-make-sure-autoheader-run-before-autoconf.patch | 35 + ...-make-sure-autoheader-run-before-automake.patch | 36 + ...andle-prefix-map-compiler-options-correct.patch | 26 + ...For-reproducibility-stop-encoding-hostnam.patch | 27 + .../ARFLAGS-use-cr-instead-of-cru-by-default.patch | 133 ++ .../libtool/libtool/debian-no_hostname.patch | 21 - .../libtool/libtool/fix-final-rpath.patch | 50 - .../libtool/libtool/fix-resolve-lt-sysroot.patch | 42 - .../libtool/libtool/fix-rpath.patch | 65 - .../libtool/libtool/fixinstall.patch | 6 +- .../libtool/libool.m4-add-ARFLAGS-variable.patch | 77 + .../libtool/libtool/lto-prefix.patch | 22 - .../libtool/libtool/norm-rpath.patch | 38 - .../libtool/libtool/rename-with-sysroot.patch | 166 -- .../libtool/libtool/trailingslash.patch | 35 - .../libtool/libtool/use-sysroot-in-libpath.patch | 22 - .../python/python3-pyelftools_0.27.bb | 2 + ...roper-detection-of-mips-architecture-for-.patch | 20 +- poky/meta/recipes-devtools/python/python3_3.9.7.bb | 402 ---- poky/meta/recipes-devtools/python/python3_3.9.9.bb | 402 ++++ poky/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb | 3 + poky/meta/recipes-devtools/rust/rust-cross.inc | 2 +- poky/meta/recipes-gnome/epiphany/epiphany_40.3.bb | 29 - poky/meta/recipes-gnome/epiphany/epiphany_40.6.bb | 29 + poky/meta/recipes-graphics/drm/libdrm_2.4.107.bb | 60 - poky/meta/recipes-graphics/drm/libdrm_2.4.109.bb | 60 + .../vulkan/vulkan-loader_1.2.182.0.bb | 2 +- .../recipes-graphics/xorg-xserver/xserver-xorg.inc | 10 +- .../xorg-xserver/xserver-xorg_1.20.13.bb | 33 - .../xorg-xserver/xserver-xorg_1.20.14.bb | 33 + .../kern-tools/kern-tools-native_git.bb | 5 +- .../linux-firmware/linux-firmware_20211027.bb | 1067 --------- .../linux-firmware/linux-firmware_20211216.bb | 1067 +++++++++ .../recipes-kernel/linux/linux-yocto-rt_5.10.bb | 6 +- .../recipes-kernel/linux/linux-yocto-rt_5.14.bb | 6 +- .../recipes-kernel/linux/linux-yocto-tiny_5.10.bb | 8 +- .../recipes-kernel/linux/linux-yocto-tiny_5.14.bb | 8 +- poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb | 26 +- poky/meta/recipes-kernel/linux/linux-yocto_5.14.bb | 26 +- .../libsndfile/libsndfile1/CVE-2021-4156.patch | 32 + .../libsndfile/libsndfile1_1.0.28.bb | 1 + .../webkit/webkitgtk/reproducibility.patch | 22 + poky/meta/recipes-sato/webkit/webkitgtk_2.32.3.bb | 1 + ...onfig.cmake-allow-searching-for-python310.patch | 50 + ...st_math_no_atomic_int-on-the-command-line.patch | 53 + ...s-a-soft-failure-in-bernoulli_details_hpp.patch | 151 ++ poky/meta/recipes-support/boost/boost_1.77.0.bb | 3 + .../recipes-support/gmp/gmp/cve-2021-43618.patch | 27 + poky/meta/recipes-support/gmp/gmp_6.2.1.bb | 1 + ...2.3581-reading-character-past-end-of-line.patch | 62 + ...582-reading-uninitialized-memory-when-giv.patch | 63 + ...611-crash-when-using-CTRL-W-f-without-fin.patch | 92 + poky/meta/recipes-support/vim/vim.inc | 6 + poky/scripts/buildhistory-diff | 5 - poky/scripts/lib/checklayer/cases/common.py | 2 +- poky/scripts/lib/recipetool/create.py | 17 +- poky/scripts/lib/recipetool/create_buildsys.py | 3 +- poky/scripts/lib/scriptutils.py | 7 +- poky/scripts/lib/wic/engine.py | 6 +- poky/scripts/lib/wic/misc.py | 4 +- poky/scripts/lib/wic/pluginbase.py | 8 +- poky/scripts/lib/wic/plugins/imager/direct.py | 2 + poky/scripts/runqemu | 3 +- poky/scripts/wic | 4 +- 219 files changed, 13060 insertions(+), 4318 deletions(-) delete mode 100644 meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb create mode 100644 meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb delete mode 100644 meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb create mode 100644 meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb delete mode 100644 meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb create mode 100644 meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb create mode 100644 meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb delete mode 100644 meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb create mode 100644 meta-openembedded/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch create mode 100644 meta-openembedded/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch delete mode 100644 meta-openembedded/meta-oe/recipes-support/udisks/udisks2_2.9.3.bb create mode 100644 meta-openembedded/meta-oe/recipes-support/udisks/udisks2_2.9.4.bb create mode 100644 meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_1.1.0.bb delete mode 100644 meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_git.bb delete mode 100644 meta-openembedded/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb create mode 100644 meta-openembedded/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb delete mode 100644 meta-openembedded/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb create mode 100644 meta-openembedded/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb delete mode 100644 meta-openembedded/meta-python/recipes-devtools/python/python-gevent/libev-conf.patch create mode 100644 meta-openembedded/meta-python/recipes-devtools/python/python3-django_3.2.10.bb delete mode 100644 meta-openembedded/meta-python/recipes-devtools/python/python3-django_3.2.5.bb delete mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb create mode 100644 meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb create mode 100644 poky/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.20/CVE-2021-25219-1.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.20/CVE-2021-25219-2.patch create mode 100644 poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch create mode 100644 poky/meta/recipes-connectivity/openssl/openssl/reproducibility.patch create mode 100644 poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch delete mode 100644 poky/meta/recipes-core/systemd/systemd-boot_249.3.bb create mode 100644 poky/meta/recipes-core/systemd/systemd-boot_249.7.bb delete mode 100644 poky/meta/recipes-core/systemd/systemd_249.3.bb create mode 100644 poky/meta/recipes-core/systemd/systemd_249.7.bb create mode 100644 poky/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch create mode 100644 poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch create mode 100644 poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch create mode 100644 poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch create mode 100644 poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch create mode 100644 poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch create mode 100644 poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch create mode 100644 poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch create mode 100644 poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch create mode 100644 poky/meta/recipes-devtools/go/go-1.16.13.inc delete mode 100644 poky/meta/recipes-devtools/go/go-1.16.8.inc create mode 100644 poky/meta/recipes-devtools/go/go-binary-native_1.16.13.bb delete mode 100644 poky/meta/recipes-devtools/go/go-binary-native_1.16.8.bb create mode 100644 poky/meta/recipes-devtools/go/go-cross-canadian_1.16.13.bb delete mode 100644 poky/meta/recipes-devtools/go/go-cross-canadian_1.16.8.bb create mode 100644 poky/meta/recipes-devtools/go/go-cross_1.16.13.bb delete mode 100644 poky/meta/recipes-devtools/go/go-cross_1.16.8.bb create mode 100644 poky/meta/recipes-devtools/go/go-crosssdk_1.16.13.bb delete mode 100644 poky/meta/recipes-devtools/go/go-crosssdk_1.16.8.bb create mode 100644 poky/meta/recipes-devtools/go/go-native_1.16.13.bb delete mode 100644 poky/meta/recipes-devtools/go/go-native_1.16.8.bb create mode 100644 poky/meta/recipes-devtools/go/go-runtime_1.16.13.bb delete mode 100644 poky/meta/recipes-devtools/go/go-runtime_1.16.8.bb create mode 100644 poky/meta/recipes-devtools/go/go_1.16.13.bb delete mode 100644 poky/meta/recipes-devtools/go/go_1.16.8.bb delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-automake.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/0001-libtool-Check-for-static-libs-for-internal-compiler-.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/0001-libtool-Fix-support-for-NIOS2-processor.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0001-ltmain.in-Handle-trailing-slashes-on-install-command.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0002-libtool.m4-Rename-the-with-sysroot-option-to-avoid-c.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0003-ltmain.in-Add-missing-sysroot-to-library-path.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0004-ltmain.sh-Fix-sysroot-paths-being-encoded-into-RPATH.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0005-ltmain.in-Don-t-encode-RATHS-which-match-default-lin.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0006-libtool.m4-Handle-as-a-sysroot-correctly.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0007-libtool-Fix-support-for-NIOS2-processor.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0008-libtool-Check-for-static-libs-for-internal-compiler-.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0009-Makefile.am-make-sure-autoheader-run-before-autoconf.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0010-Makefile.am-make-sure-autoheader-run-before-automake.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0011-ltmain.in-Handle-prefix-map-compiler-options-correct.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/0012-libtool.m4-For-reproducibility-stop-encoding-hostnam.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/ARFLAGS-use-cr-instead-of-cru-by-default.patch delete mode 100755 poky/meta/recipes-devtools/libtool/libtool/debian-no_hostname.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/fix-final-rpath.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/fix-resolve-lt-sysroot.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/fix-rpath.patch create mode 100644 poky/meta/recipes-devtools/libtool/libtool/libool.m4-add-ARFLAGS-variable.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/lto-prefix.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/norm-rpath.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/rename-with-sysroot.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/trailingslash.patch delete mode 100644 poky/meta/recipes-devtools/libtool/libtool/use-sysroot-in-libpath.patch delete mode 100644 poky/meta/recipes-devtools/python/python3_3.9.7.bb create mode 100644 poky/meta/recipes-devtools/python/python3_3.9.9.bb delete mode 100644 poky/meta/recipes-gnome/epiphany/epiphany_40.3.bb create mode 100644 poky/meta/recipes-gnome/epiphany/epiphany_40.6.bb delete mode 100644 poky/meta/recipes-graphics/drm/libdrm_2.4.107.bb create mode 100644 poky/meta/recipes-graphics/drm/libdrm_2.4.109.bb delete mode 100644 poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.13.bb create mode 100644 poky/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb delete mode 100644 poky/meta/recipes-kernel/linux-firmware/linux-firmware_20211027.bb create mode 100644 poky/meta/recipes-kernel/linux-firmware/linux-firmware_20211216.bb create mode 100644 poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch create mode 100644 poky/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch create mode 100644 poky/meta/recipes-support/boost/boost/0001-BoostConfig.cmake-allow-searching-for-python310.patch create mode 100644 poky/meta/recipes-support/boost/boost/0002-math-allow-definition-of-boost_math_no_atomic_int-on-the-command-line.patch create mode 100644 poky/meta/recipes-support/boost/boost/0003-math-make-no-atomics-a-soft-failure-in-bernoulli_details_hpp.patch create mode 100644 poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch create mode 100644 poky/meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch create mode 100644 poky/meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch create mode 100644 poky/meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch diff --git a/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb b/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb deleted file mode 100644 index 982544d5ca..0000000000 --- a/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb +++ /dev/null @@ -1,19 +0,0 @@ -require postfix.inc - -SRC_URI += "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-${PV}.tar.gz \ - file://makedefs.patch \ - file://install.patch \ - file://main.cf \ - file://postfix \ - file://internal_recipient \ - file://postfix.service \ - file://aliasesdb \ - file://check_hostname.sh \ - file://0001-makedefs-Use-native-compiler-to-build-makedefs.test.patch \ - file://postfix-install.patch \ - file://icu-config.patch \ - file://0001-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \ - file://0007-correct-signature-of-closefrom-API.patch \ - " -SRC_URI[sha256sum] = "507323d20d7b3f705f49cf8c07d437c6d8090bed07e15a3c0ec405edad54a7d4" -UPSTREAM_CHECK_REGEX = "postfix\-(?P3\.6(\.\d+)+).tar.gz" diff --git a/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb b/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb new file mode 100644 index 0000000000..98005797d9 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb @@ -0,0 +1,19 @@ +require postfix.inc + +SRC_URI += "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-${PV}.tar.gz \ + file://makedefs.patch \ + file://install.patch \ + file://main.cf \ + file://postfix \ + file://internal_recipient \ + file://postfix.service \ + file://aliasesdb \ + file://check_hostname.sh \ + file://0001-makedefs-Use-native-compiler-to-build-makedefs.test.patch \ + file://postfix-install.patch \ + file://icu-config.patch \ + file://0001-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \ + file://0007-correct-signature-of-closefrom-API.patch \ + " +SRC_URI[sha256sum] = "0f1241d456a0158e0c418abf62c52c2ff83f8f1dcf2fbdd4c40765b67789b1bc" +UPSTREAM_CHECK_REGEX = "postfix\-(?P3\.6(\.\d+)+).tar.gz" diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb deleted file mode 100644 index ecc98dd8be..0000000000 --- a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb +++ /dev/null @@ -1,112 +0,0 @@ -SUMMARY = "IPMI (Intelligent Platform Management Interface) library and tools" -DESCRIPTION = "OpenIPMI is an effort to create a full-function IPMI system, \ -to allow full access to all IPMI information on a server \ -and to abstract it to a level that will make it easy to use" - -HOMEPAGE = "http://openipmi.sourceforge.net" - -DEPENDS = " \ - glib-2.0 \ - ncurses \ - net-snmp \ - openssl \ - popt \ - python3 \ - swig-native \ - readline \ - " - -LICENSE = "GPLv2 & LGPLv2.1 & BSD" - -LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ - file://COPYING.LIB;md5=d8045f3b8f929c1cb29a1e3fd737b499 \ - file://COPYING.BSD;md5=4b318d4160eb69c8ee53452feb1b4cdf \ - " - -SRC_URI = "${SOURCEFORGE_MIRROR}/openipmi/OpenIPMI-${PV}.tar.gz \ - file://fix-symlink-install-error-in-cmdlang.patch \ - file://openipmi-no-openipmigui-man.patch \ - file://openipmi-remove-host-path-from-la_LDFLAGS.patch \ - file://ipmi-init-fix-the-arguments.patch \ - file://include_sys_types.patch \ - file://openipmi-helper \ - file://ipmi.service \ - " - -S = "${WORKDIR}/OpenIPMI-${PV}" - -SRC_URI[md5sum] = "ce8eb27da016dcad7543d0128fcb3b0a" -SRC_URI[sha256sum] = "7052f37726ff454b0dcac49f35dd030bc12c9570ca0ba5cd2d17774b8e9d9717" - -inherit autotools-brokensep pkgconfig python3native perlnative update-rc.d systemd cpan-base python3targetconfig - -EXTRA_OECONF = "--disable-static \ - --with-perl='${STAGING_BINDIR_NATIVE}/perl-native/perl' \ - --with-python='${STAGING_BINDIR_NATIVE}/python3-native/python3' \ - --with-pythoninstall='${PYTHON_SITEPACKAGES_DIR}' \ - --with-glibver=2.0" - -PACKAGECONFIG ??= "gdbm" -PACKAGECONFIG[gdbm] = "ac_cv_header_gdbm_h=yes,ac_cv_header_gdbm_h=no,gdbm," - -PACKAGES += "${PN}-perl ${PN}-python" -PRIVATE_LIBS:${PN}-perl = "libOpenIPMI.so.0" - -FILES:${PN}-perl = " \ - ${libdir}/perl/vendor_perl/*/OpenIPMI.pm \ - ${libdir}/perl/vendor_perl/*/auto/OpenIPMI/OpenIPMI.so \ - " - -FILES:${PN}-python = "${PYTHON_SITEPACKAGES_DIR}" - -FILES:${PN}-dbg += " \ - ${libdir}/perl/vendor_perl/*/auto/OpenIPMI/.debug \ - ${PYTHON_SITEPACKAGES_DIR}/.debug \ - " - -do_configure () { - - # Let's perform regular configuration first then handle perl issues. - autotools_do_configure - - perl_ver=`perl -V:version | cut -d\' -f 2` - - # Force openipmi perl bindings to be compiled using perl-native instead of - # the host's perl. Set the proper install directory for the resulting - # openipmi.pm and openipmi.so - for i in ${S}/swig/Makefile ${S}/swig/perl/Makefile; do - echo "SAL: i = $i" - echo "SAL: STAGING_INCDIR_NATIVE = $STAGING_INCDIR_NATIVE" - echo "SAL: libdir = $libdir" - sed -i -e "/^PERL_CFLAGS/s:-I/usr/local/include:-I${STAGING_INCDIR_NATIVE}:g" $i - sed -i -e "/^PERL_CFLAGS/s:-I .* :-I ${STAGING_LIBDIR}${PERL_OWN_DIR}/perl5/${@get_perl_version(d)}/${@get_perl_arch(d)}/CORE :g" $i - sed -i -e "/^PERL_INSTALL_DIR/s:^PERL_INSTALL_DIR = .*:PERL_INSTALL_DIR = ${libdir}/perl/vendor_perl/$perl_ver:g" $i - done -} - -do_install:append () { - echo "SAL: D = $D" - echo "SAL: libdir = $libdir" - install -m 0755 -d ${D}${sysconfdir}/sysconfig ${D}${sysconfdir}/init.d - install -m 0755 ${S}/ipmi.init ${D}${sysconfdir}/init.d/ipmi - install -m 0644 ${S}/ipmi.sysconf ${D}${sysconfdir}/sysconfig/ipmi - # SAL: mv: cannot stat `/localdisk/loadbuild/slittle1/workspace/cgts_test_build/bitbake_build/tmp/work/x86_64-wrs-linux/openipmi-2.0.19-r4/image/usr/lib64/perl5': No such file or directory - # SAL: real path to perl is /localdisk/loadbuild/slittle1/workspace/cgts_test_build/bitbake_build/tmp/work/x86_64-wrs-linux/perl-5.14.2-r8.3/package/usr/lib64/perl5 and it is a symlink to perl so no need to mv. - if [ -d ${D}${libdir}/perl5 ] - then - mv ${D}${libdir}/perl5 ${D}${libdir}/perl - fi - - # for systemd - install -d ${D}${systemd_unitdir}/system - install -m 0664 ${WORKDIR}/ipmi.service ${D}${systemd_unitdir}/system - sed -i -e "s,@LIBEXECDIR@,${libexecdir},g" ${D}${systemd_unitdir}/system/ipmi.service - install -d ${D}${libexecdir} - install -m 0755 ${WORKDIR}/openipmi-helper ${D}${libexecdir} -} - -INITSCRIPT_NAME = "ipmi" -INITSCRIPT_PARAMS = "start 30 . stop 70 0 1 2 3 4 5 6 ." - -SYSTEMD_SERVICE:${PN} = "ipmi.service" -SYSTEMD_AUTO_ENABLE = "disable" diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb new file mode 100644 index 0000000000..0b4244022e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb @@ -0,0 +1,112 @@ +SUMMARY = "IPMI (Intelligent Platform Management Interface) library and tools" +DESCRIPTION = "OpenIPMI is an effort to create a full-function IPMI system, \ +to allow full access to all IPMI information on a server \ +and to abstract it to a level that will make it easy to use" + +HOMEPAGE = "http://openipmi.sourceforge.net" + +DEPENDS = " \ + glib-2.0 \ + ncurses \ + net-snmp \ + openssl \ + popt \ + python3 \ + swig-native \ + readline \ + " + +LICENSE = "GPLv2 & LGPLv2.1 & BSD" + +LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ + file://COPYING.LIB;md5=d8045f3b8f929c1cb29a1e3fd737b499 \ + file://COPYING.BSD;md5=4b318d4160eb69c8ee53452feb1b4cdf \ + " + +SRC_URI = "${SOURCEFORGE_MIRROR}/openipmi/OpenIPMI-${PV}.tar.gz \ + file://fix-symlink-install-error-in-cmdlang.patch \ + file://openipmi-no-openipmigui-man.patch \ + file://openipmi-remove-host-path-from-la_LDFLAGS.patch \ + file://ipmi-init-fix-the-arguments.patch \ + file://include_sys_types.patch \ + file://openipmi-helper \ + file://ipmi.service \ + " + +S = "${WORKDIR}/OpenIPMI-${PV}" + +SRC_URI[md5sum] = "532404c9df7d0e8bde975b95b9e6775b" +SRC_URI[sha256sum] = "f6d0fd4c0a74b05f80907229d0b270f54ca23294bcc11979f8b8d12766786945" + +inherit autotools-brokensep pkgconfig python3native perlnative update-rc.d systemd cpan-base python3targetconfig + +EXTRA_OECONF = "--disable-static \ + --with-perl='${STAGING_BINDIR_NATIVE}/perl-native/perl' \ + --with-python='${STAGING_BINDIR_NATIVE}/python3-native/python3' \ + --with-pythoninstall='${PYTHON_SITEPACKAGES_DIR}' \ + --with-glibver=2.0" + +PACKAGECONFIG ??= "gdbm" +PACKAGECONFIG[gdbm] = "ac_cv_header_gdbm_h=yes,ac_cv_header_gdbm_h=no,gdbm," + +PACKAGES += "${PN}-perl ${PN}-python" +PRIVATE_LIBS:${PN}-perl = "libOpenIPMI.so.0" + +FILES:${PN}-perl = " \ + ${libdir}/perl/vendor_perl/*/OpenIPMI.pm \ + ${libdir}/perl/vendor_perl/*/auto/OpenIPMI/OpenIPMI.so \ + " + +FILES:${PN}-python = "${PYTHON_SITEPACKAGES_DIR}" + +FILES:${PN}-dbg += " \ + ${libdir}/perl/vendor_perl/*/auto/OpenIPMI/.debug \ + ${PYTHON_SITEPACKAGES_DIR}/.debug \ + " + +do_configure () { + + # Let's perform regular configuration first then handle perl issues. + autotools_do_configure + + perl_ver=`perl -V:version | cut -d\' -f 2` + + # Force openipmi perl bindings to be compiled using perl-native instead of + # the host's perl. Set the proper install directory for the resulting + # openipmi.pm and openipmi.so + for i in ${S}/swig/Makefile ${S}/swig/perl/Makefile; do + echo "SAL: i = $i" + echo "SAL: STAGING_INCDIR_NATIVE = $STAGING_INCDIR_NATIVE" + echo "SAL: libdir = $libdir" + sed -i -e "/^PERL_CFLAGS/s:-I/usr/local/include:-I${STAGING_INCDIR_NATIVE}:g" $i + sed -i -e "/^PERL_CFLAGS/s:-I .* :-I ${STAGING_LIBDIR}${PERL_OWN_DIR}/perl5/${@get_perl_version(d)}/${@get_perl_arch(d)}/CORE :g" $i + sed -i -e "/^PERL_INSTALL_DIR/s:^PERL_INSTALL_DIR = .*:PERL_INSTALL_DIR = ${libdir}/perl/vendor_perl/$perl_ver:g" $i + done +} + +do_install:append () { + echo "SAL: D = $D" + echo "SAL: libdir = $libdir" + install -m 0755 -d ${D}${sysconfdir}/sysconfig ${D}${sysconfdir}/init.d + install -m 0755 ${S}/ipmi.init ${D}${sysconfdir}/init.d/ipmi + install -m 0644 ${S}/ipmi.sysconf ${D}${sysconfdir}/sysconfig/ipmi + # SAL: mv: cannot stat `/localdisk/loadbuild/slittle1/workspace/cgts_test_build/bitbake_build/tmp/work/x86_64-wrs-linux/openipmi-2.0.19-r4/image/usr/lib64/perl5': No such file or directory + # SAL: real path to perl is /localdisk/loadbuild/slittle1/workspace/cgts_test_build/bitbake_build/tmp/work/x86_64-wrs-linux/perl-5.14.2-r8.3/package/usr/lib64/perl5 and it is a symlink to perl so no need to mv. + if [ -d ${D}${libdir}/perl5 ] + then + mv ${D}${libdir}/perl5 ${D}${libdir}/perl + fi + + # for systemd + install -d ${D}${systemd_unitdir}/system + install -m 0664 ${WORKDIR}/ipmi.service ${D}${systemd_unitdir}/system + sed -i -e "s,@LIBEXECDIR@,${libexecdir},g" ${D}${systemd_unitdir}/system/ipmi.service + install -d ${D}${libexecdir} + install -m 0755 ${WORKDIR}/openipmi-helper ${D}${libexecdir} +} + +INITSCRIPT_NAME = "ipmi" +INITSCRIPT_PARAMS = "start 30 . stop 70 0 1 2 3 4 5 6 ." + +SYSTEMD_SERVICE:${PN} = "ipmi.service" +SYSTEMD_AUTO_ENABLE = "disable" diff --git a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb deleted file mode 100644 index 6b588a5f50..0000000000 --- a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb +++ /dev/null @@ -1,75 +0,0 @@ -SUMMARY = "A full-featured SSL VPN solution via tun device." -HOMEPAGE = "https://openvpn.net/" -SECTION = "net" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=377a495e6f12b2a3adcee797e59540b8" -DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" - -inherit autotools systemd update-rc.d - -SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ - file://openvpn \ - file://openvpn@.service \ - file://openvpn-volatile.conf" - -UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" - -SRC_URI[sha256sum] = "f80f3c3df1b94a8892ae547df84f152583250684a24bd022ccc98ef56fa93d97" - -# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. -CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569" - -SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service" -SYSTEMD_AUTO_ENABLE = "disable" - -INITSCRIPT_PACKAGES = "${PN}" -INITSCRIPT_NAME:${PN} = "openvpn" -INITSCRIPT_PARAMS:${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ." - -CFLAGS += "-fno-inline" - -# I want openvpn to be able to read password from file (hrw) -EXTRA_OECONF += "--enable-iproute2" -EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}" - -# Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host. -EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip" - -do_install:append() { - install -d ${D}/${sysconfdir}/init.d - install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d - - install -d ${D}/${sysconfdir}/openvpn - install -d ${D}/${sysconfdir}/openvpn/sample - install -m 755 ${S}/sample/sample-config-files/loopback-server ${D}${sysconfdir}/openvpn/sample/loopback-server.conf - install -m 755 ${S}/sample/sample-config-files/loopback-client ${D}${sysconfdir}/openvpn/sample/loopback-client.conf - install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys - install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys - - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -d ${D}/${systemd_unitdir}/system - install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system - install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-server.service - install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-client.service - - install -d ${D}/${localstatedir} - install -d ${D}/${localstatedir}/lib - install -d -m 710 ${D}/${localstatedir}/lib/openvpn - - install -d ${D}${sysconfdir}/tmpfiles.d - install -m 0644 ${WORKDIR}/openvpn-volatile.conf ${D}${sysconfdir}/tmpfiles.d/openvpn.conf - sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${sysconfdir}/tmpfiles.d/openvpn.conf - fi -} - -PACKAGES =+ " ${PN}-sample " - -RRECOMMENDS:${PN} = "kernel-module-tun" - -FILES:${PN}-dbg += "${libdir}/openvpn/plugins/.debug" -FILES:${PN} += "${systemd_unitdir}/system/openvpn@.service \ - ${sysconfdir}/tmpfiles.d \ - " -FILES:${PN}-sample += "${systemd_unitdir}/system/openvpn@loopback-server.service \ - ${systemd_unitdir}/system/openvpn@loopback-client.service \ - ${sysconfdir}/openvpn/sample/" diff --git a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb new file mode 100644 index 0000000000..2dc3af6bf9 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb @@ -0,0 +1,75 @@ +SUMMARY = "A full-featured SSL VPN solution via tun device." +HOMEPAGE = "https://openvpn.net/" +SECTION = "net" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=377a495e6f12b2a3adcee797e59540b8" +DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" + +inherit autotools systemd update-rc.d + +SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ + file://openvpn \ + file://openvpn@.service \ + file://openvpn-volatile.conf" + +UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" + +SRC_URI[sha256sum] = "7500df4734173bce2e95b5039079119dacaff121650b2b6ca76d2dc68bdac1c5" + +# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. +CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569" + +SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service" +SYSTEMD_AUTO_ENABLE = "disable" + +INITSCRIPT_PACKAGES = "${PN}" +INITSCRIPT_NAME:${PN} = "openvpn" +INITSCRIPT_PARAMS:${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ." + +CFLAGS += "-fno-inline" + +# I want openvpn to be able to read password from file (hrw) +EXTRA_OECONF += "--enable-iproute2" +EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}" + +# Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host. +EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip" + +do_install:append() { + install -d ${D}/${sysconfdir}/init.d + install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d + + install -d ${D}/${sysconfdir}/openvpn + install -d ${D}/${sysconfdir}/openvpn/sample + install -m 755 ${S}/sample/sample-config-files/loopback-server ${D}${sysconfdir}/openvpn/sample/loopback-server.conf + install -m 755 ${S}/sample/sample-config-files/loopback-client ${D}${sysconfdir}/openvpn/sample/loopback-client.conf + install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys + install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys + + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}/${systemd_unitdir}/system + install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system + install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-server.service + install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-client.service + + install -d ${D}/${localstatedir} + install -d ${D}/${localstatedir}/lib + install -d -m 710 ${D}/${localstatedir}/lib/openvpn + + install -d ${D}${sysconfdir}/tmpfiles.d + install -m 0644 ${WORKDIR}/openvpn-volatile.conf ${D}${sysconfdir}/tmpfiles.d/openvpn.conf + sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${sysconfdir}/tmpfiles.d/openvpn.conf + fi +} + +PACKAGES =+ " ${PN}-sample " + +RRECOMMENDS:${PN} = "kernel-module-tun" + +FILES:${PN}-dbg += "${libdir}/openvpn/plugins/.debug" +FILES:${PN} += "${systemd_unitdir}/system/openvpn@.service \ + ${sysconfdir}/tmpfiles.d \ + " +FILES:${PN}-sample += "${systemd_unitdir}/system/openvpn@loopback-server.service \ + ${systemd_unitdir}/system/openvpn@loopback-client.service \ + ${sysconfdir}/openvpn/sample/" diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch b/meta-openembedded/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch index c1a528f90d..134633f668 100644 --- a/meta-openembedded/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch +++ b/meta-openembedded/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch @@ -12,11 +12,11 @@ Signed-off-by: Oleksiy Obitotskyy cmake/modules/UseLemon.cmake | 49 +++++++++++++++++++++++++----------- 1 file changed, 34 insertions(+), 15 deletions(-) -diff --git a/cmake/modules/UseLemon.cmake b/cmake/modules/UseLemon.cmake -index 849ffc1..ca38ab7 100644 ---- a/cmake/modules/UseLemon.cmake -+++ b/cmake/modules/UseLemon.cmake -@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated) +Index: wireshark-3.4.11/cmake/modules/UseLemon.cmake +=================================================================== +--- wireshark-3.4.11.orig/cmake/modules/UseLemon.cmake ++++ wireshark-3.4.11/cmake/modules/UseLemon.cmake +@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated SET(_out ${CMAKE_CURRENT_BINARY_DIR}/${_basename}) @@ -26,7 +26,7 @@ index 849ffc1..ca38ab7 100644 - # These files are generated as side-effect - ${_out}.h - ${_out}.out -- COMMAND lemon +- COMMAND $ - -T${_lemonpardir}/lempar.c - -d. - ${_in} @@ -72,6 +72,3 @@ index 849ffc1..ca38ab7 100644 LIST(APPEND ${_source} ${_in}) LIST(APPEND ${_generated} ${_out}.c) --- -2.26.2.Cisco - diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb new file mode 100644 index 0000000000..6fee972b2c --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb @@ -0,0 +1,88 @@ +DESCRIPTION = "wireshark - a popular network protocol analyzer" +HOMEPAGE = "http://www.wireshark.org" +SECTION = "net" +LICENSE = "GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=6e271234ba1a13c6e512e76b94ac2f77" + +DEPENDS = "pcre expat glib-2.0 glib-2.0-native libgcrypt libgpg-error libxml2 bison-native c-ares" + +DEPENDS:append:class-target = " wireshark-native chrpath-replacement-native " + +SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz" + +SRC_URI += " \ + file://0001-wireshark-src-improve-reproducibility.patch \ + file://0002-flex-Remove-line-directives.patch \ + file://0003-bison-Remove-line-directives.patch \ + file://0004-lemon-Remove-line-directives.patch \ +" + +UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" + +SRC_URI[sha256sum] = "a0e227bce2cc3a51ef3301891a0243231990b52a39b68a84a6e32f69c4e75279" + +PE = "1" + +inherit cmake pkgconfig python3native perlnative upstream-version-is-even mime mime-xdg + +PACKAGECONFIG ?= "libpcap gnutls libnl libcap sbc" + +PACKAGECONFIG:class-native = "libpcap gnutls ssl libssh" + +PACKAGECONFIG[libcap] = "-DENABLE_CAP=ON,-DENABLE_CAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON, libcap" +PACKAGECONFIG[libpcap] = "-DENABLE_PCAP=ON,-DENABLE_PCAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON , libpcap" +PACKAGECONFIG[libsmi] = "-DENABLE_SMI=ON,-DENABLE_SMI=OFF,libsmi" +PACKAGECONFIG[libnl] = ",,libnl" +PACKAGECONFIG[portaudio] = "-DENABLE_PORTAUDIO=ON,-DENABLE_PORTAUDIO=OFF, portaudio-v19" +PACKAGECONFIG[gnutls] = "-DENABLE_GNUTLS=ON,-DENABLE_GNUTLS=OFF, gnutls" +PACKAGECONFIG[ssl] = ",,openssl" +PACKAGECONFIG[krb5] = "-DENABLE_KRB5=ON,-DENABLE_KRB5=OFF, krb5" +PACKAGECONFIG[lua] = "-DENABLE_LUA=ON,-DENABLE_LUA=OFF, lua" +PACKAGECONFIG[zlib] = "-DENABLE_ZLIB=ON,-DENABLE_ZLIB=OFF, zlib" +PACKAGECONFIG[geoip] = ",, geoip" +PACKAGECONFIG[plugins] = "-DENABLE_PLUGINS=ON,-DENABLE_PLUGINS=OFF" +PACKAGECONFIG[sbc] = "-DENABLE_SBC=ON,-DENABLE_SBC=OFF, sbc" +PACKAGECONFIG[libssh] = ",,libssh2" +PACKAGECONFIG[lz4] = "-DENABLE_LZ4=ON,-DENABLE_LZ4=OFF, lz4" +PACKAGECONFIG[zstd] = "-DENABLE_STTD=ON,-DENABLE_ZSTD=OFF, zstd" + +# these next two options require addional layers +PACKAGECONFIG[c-ares] = "-DENABLE_CARES=ON,-DENABLE_CARES=OFF, c-ares" +PACKAGECONFIG[qt5] = "-DENABLE_QT5=ON -DBUILD_wireshark=ON, -DENABLE_QT5=OFF -DBUILD_wireshark=OFF, qttools-native qtmultimedia qtsvg" + +inherit ${@bb.utils.contains('PACKAGECONFIG', 'qt5', 'cmake_qt5', '', d)} + +EXTRA_OECMAKE += "-DENABLE_NETLINK=ON \ + -DBUILD_mmdbresolve=OFF \ + -DBUILD_randpktdump=OFF \ + -DBUILD_androiddump=OFF \ + -DBUILD_dcerpcidl2wrs=OFF \ + -DM_INCLUDE_DIR=${includedir} \ + -DM_LIBRARY=${libdir} \ + " +CFLAGS:append = " -lm" + +do_install:append:class-native() { + install -d ${D}${bindir} + for f in lemon + do + install -m 0755 ${B}/run/$f ${D}${bindir} + done +} + +do_install:append:class-target() { + for f in `find ${D}${libdir} ${D}${bindir} -type f -executable` + do + chrpath --delete $f + done +} + +PACKAGE_BEFORE_PN += "tshark" + +FILES:tshark = "${bindir}/tshark ${mandir}/man1/tshark.*" + +FILES:${PN} += "${datadir}*" + +RDEPENDS:tshark = "wireshark" + +BBCLASSEXTEND = "native" diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb deleted file mode 100644 index faf2a3ad1f..0000000000 --- a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb +++ /dev/null @@ -1,88 +0,0 @@ -DESCRIPTION = "wireshark - a popular network protocol analyzer" -HOMEPAGE = "http://www.wireshark.org" -SECTION = "net" -LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=6e271234ba1a13c6e512e76b94ac2f77" - -DEPENDS = "pcre expat glib-2.0 glib-2.0-native libgcrypt libgpg-error libxml2 bison-native c-ares" - -DEPENDS:append:class-target = " wireshark-native chrpath-replacement-native " - -SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz" - -SRC_URI += " \ - file://0001-wireshark-src-improve-reproducibility.patch \ - file://0002-flex-Remove-line-directives.patch \ - file://0003-bison-Remove-line-directives.patch \ - file://0004-lemon-Remove-line-directives.patch \ -" - -UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" - -SRC_URI[sha256sum] = "58a7fa8dfe2010a8c8b7dcf66438c653e6493d47eb936ba48ef49d4aa4dbd725" - -PE = "1" - -inherit cmake pkgconfig python3native perlnative upstream-version-is-even mime mime-xdg - -PACKAGECONFIG ?= "libpcap gnutls libnl libcap sbc" - -PACKAGECONFIG:class-native = "libpcap gnutls ssl libssh" - -PACKAGECONFIG[libcap] = "-DENABLE_CAP=ON,-DENABLE_CAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON, libcap" -PACKAGECONFIG[libpcap] = "-DENABLE_PCAP=ON,-DENABLE_PCAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON , libpcap" -PACKAGECONFIG[libsmi] = "-DENABLE_SMI=ON,-DENABLE_SMI=OFF,libsmi" -PACKAGECONFIG[libnl] = ",,libnl" -PACKAGECONFIG[portaudio] = "-DENABLE_PORTAUDIO=ON,-DENABLE_PORTAUDIO=OFF, portaudio-v19" -PACKAGECONFIG[gnutls] = "-DENABLE_GNUTLS=ON,-DENABLE_GNUTLS=OFF, gnutls" -PACKAGECONFIG[ssl] = ",,openssl" -PACKAGECONFIG[krb5] = "-DENABLE_KRB5=ON,-DENABLE_KRB5=OFF, krb5" -PACKAGECONFIG[lua] = "-DENABLE_LUA=ON,-DENABLE_LUA=OFF, lua" -PACKAGECONFIG[zlib] = "-DENABLE_ZLIB=ON,-DENABLE_ZLIB=OFF, zlib" -PACKAGECONFIG[geoip] = ",, geoip" -PACKAGECONFIG[plugins] = "-DENABLE_PLUGINS=ON,-DENABLE_PLUGINS=OFF" -PACKAGECONFIG[sbc] = "-DENABLE_SBC=ON,-DENABLE_SBC=OFF, sbc" -PACKAGECONFIG[libssh] = ",,libssh2" -PACKAGECONFIG[lz4] = "-DENABLE_LZ4=ON,-DENABLE_LZ4=OFF, lz4" -PACKAGECONFIG[zstd] = "-DENABLE_STTD=ON,-DENABLE_ZSTD=OFF, zstd" - -# these next two options require addional layers -PACKAGECONFIG[c-ares] = "-DENABLE_CARES=ON,-DENABLE_CARES=OFF, c-ares" -PACKAGECONFIG[qt5] = "-DENABLE_QT5=ON -DBUILD_wireshark=ON, -DENABLE_QT5=OFF -DBUILD_wireshark=OFF, qttools-native qtmultimedia qtsvg" - -inherit ${@bb.utils.contains('PACKAGECONFIG', 'qt5', 'cmake_qt5', '', d)} - -EXTRA_OECMAKE += "-DENABLE_NETLINK=ON \ - -DBUILD_mmdbresolve=OFF \ - -DBUILD_randpktdump=OFF \ - -DBUILD_androiddump=OFF \ - -DBUILD_dcerpcidl2wrs=OFF \ - -DM_INCLUDE_DIR=${includedir} \ - -DM_LIBRARY=${libdir} \ - " -CFLAGS:append = " -lm" - -do_install:append:class-native() { - install -d ${D}${bindir} - for f in lemon - do - install -m 0755 ${B}/run/$f ${D}${bindir} - done -} - -do_install:append:class-target() { - for f in `find ${D}${libdir} ${D}${bindir} -type f -executable` - do - chrpath --delete $f - done -} - -PACKAGE_BEFORE_PN += "tshark" - -FILES:tshark = "${bindir}/tshark ${mandir}/man1/tshark.*" - -FILES:${PN} += "${datadir}*" - -RDEPENDS:tshark = "wireshark" - -BBCLASSEXTEND = "native" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb b/meta-openembedded/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb index ecff79be45..3fe4c9404c 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb @@ -23,6 +23,7 @@ PACKAGECONFIG[examples] = "-DGATTLIB_BUILD_EXAMPLES=ON,-DGATTLIB_BUILD_EXAMPLES= # Set this to force use of DBus API if Bluez version is older than 5.42 PACKAGECONFIG[force-dbus] = "-DGATTLIB_FORCE_DBUS=TRUE,-DGATTLIB_FORCE_DBUS=FALSE" +EXTRA_OECMAKE += "-DGATTLIB_PYTHON_INTERFACE=OFF" EXTRA_OECMAKE += "-DGATTLIB_BUILD_DOCS=OFF" inherit pkgconfig cmake diff --git a/meta-openembedded/meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb b/meta-openembedded/meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb index a66504dd83..ad68dc926d 100644 --- a/meta-openembedded/meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb +++ b/meta-openembedded/meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb @@ -1,6 +1,6 @@ SUMMARY = "Linux Kernel Crypto API User Space Interface Library" HOMEPAGE = "http://www.chronox.de/libkcapi.html" -LICENSE = "BSD | GPL-2.0" +LICENSE = "BSD-3-Clause | GPL-2.0" LIC_FILES_CHKSUM = "file://COPYING;md5=c78be93ed8d1637f2a3f4a83ff9d5f54" DEPENDS = "libtool" diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch new file mode 100644 index 0000000000..58bf810626 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch @@ -0,0 +1,116 @@ +From 24c2b9e42edb6d2f4ef2cead3b0aa1d6196adfce Mon Sep 17 00:00:00 2001 +From: Tom Lane +Date: Mon, 8 Nov 2021 11:01:43 -0500 +Subject: [PATCH 2/2] Reject extraneous data after SSL or GSS encryption + handshake. + +The server collects up to a bufferload of data whenever it reads data +from the client socket. When SSL or GSS encryption is requested +during startup, any additional data received with the initial +request message remained in the buffer, and would be treated as +already-decrypted data once the encryption handshake completed. +Thus, a man-in-the-middle with the ability to inject data into the +TCP connection could stuff some cleartext data into the start of +a supposedly encryption-protected database session. + +This could be abused to send faked SQL commands to the server, +although that would only work if the server did not demand any +authentication data. (However, a server relying on SSL certificate +authentication might well not do so.) + +To fix, throw a protocol-violation error if the internal buffer +is not empty after the encryption handshake. + +Our thanks to Jacob Champion for reporting this problem. + +Security: CVE-2021-23214 + +Upstream-Status: Backport[https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951] +CVE: CVE-2021-23214 + +Signed-off-by: Changqing Li + +--- + src/backend/libpq/pqcomm.c | 11 +++++++++++ + src/backend/postmaster/postmaster.c | 23 ++++++++++++++++++++++- + src/include/libpq/libpq.h | 1 + + 3 files changed, 34 insertions(+), 1 deletion(-) + +diff --git a/src/backend/libpq/pqcomm.c b/src/backend/libpq/pqcomm.c +index ee2cd86..4dd1c02 100644 +--- a/src/backend/libpq/pqcomm.c ++++ b/src/backend/libpq/pqcomm.c +@@ -1183,6 +1183,17 @@ pq_getstring(StringInfo s) + } + } + ++/* ------------------------------- ++ * pq_buffer_has_data - is any buffered data available to read? ++ * ++ * This will *not* attempt to read more data. ++ * -------------------------------- ++ */ ++bool ++pq_buffer_has_data(void) ++{ ++ return (PqRecvPointer < PqRecvLength); ++} + + /* -------------------------------- + * pq_startmsgread - begin reading a message from the client. +diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c +index 5775fc0..1fcc3f8 100644 +--- a/src/backend/postmaster/postmaster.c ++++ b/src/backend/postmaster/postmaster.c +@@ -2049,6 +2049,17 @@ retry1: + return STATUS_ERROR; + #endif + ++ /* ++ * At this point we should have no data already buffered. If we do, ++ * it was received before we performed the SSL handshake, so it wasn't ++ * encrypted and indeed may have been injected by a man-in-the-middle. ++ * We report this case to the client. ++ */ ++ if (pq_buffer_has_data()) ++ ereport(FATAL, ++ (errcode(ERRCODE_PROTOCOL_VIOLATION), ++ errmsg("received unencrypted data after SSL request"), ++ errdetail("This could be either a client-software bug or evidence of an attempted man-in-the-middle attack."))); + /* + * regular startup packet, cancel, etc packet should follow, but not + * another SSL negotiation request, and a GSS request should only +@@ -2080,7 +2091,17 @@ retry1: + if (GSSok == 'G' && secure_open_gssapi(port) == -1) + return STATUS_ERROR; + #endif +- ++ /* ++ * At this point we should have no data already buffered. If we do, ++ * it was received before we performed the GSS handshake, so it wasn't ++ * encrypted and indeed may have been injected by a man-in-the-middle. ++ * We report this case to the client. ++ */ ++ if (pq_buffer_has_data()) ++ ereport(FATAL, ++ (errcode(ERRCODE_PROTOCOL_VIOLATION), ++ errmsg("received unencrypted data after GSSAPI encryption request"), ++ errdetail("This could be either a client-software bug or evidence of an attempted man-in-the-middle attack."))); + /* + * regular startup packet, cancel, etc packet should follow, but not + * another GSS negotiation request, and an SSL request should only +diff --git a/src/include/libpq/libpq.h b/src/include/libpq/libpq.h +index b115247..9969692 100644 +--- a/src/include/libpq/libpq.h ++++ b/src/include/libpq/libpq.h +@@ -73,6 +73,7 @@ extern int pq_getbyte(void); + extern int pq_peekbyte(void); + extern int pq_getbyte_if_available(unsigned char *c); + extern int pq_putbytes(const char *s, size_t len); ++extern bool pq_buffer_has_data(void); + + /* + * prototypes for functions in be-secure.c +-- +2.17.1 + diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch new file mode 100644 index 0000000000..42b78539b4 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch @@ -0,0 +1,131 @@ +From 79125ead2a6a234086844bb42f06d49603fe6ca0 Mon Sep 17 00:00:00 2001 +From: Tom Lane +Date: Mon, 8 Nov 2021 11:14:56 -0500 +Subject: [PATCH 1/2] libpq: reject extraneous data after SSL or GSS encryption + handshake. + +libpq collects up to a bufferload of data whenever it reads data from +the socket. When SSL or GSS encryption is requested during startup, +any additional data received with the server's yes-or-no reply +remained in the buffer, and would be treated as already-decrypted data +once the encryption handshake completed. Thus, a man-in-the-middle +with the ability to inject data into the TCP connection could stuff +some cleartext data into the start of a supposedly encryption-protected +database session. + +This could probably be abused to inject faked responses to the +client's first few queries, although other details of libpq's behavior +make that harder than it sounds. A different line of attack is to +exfiltrate the client's password, or other sensitive data that might +be sent early in the session. That has been shown to be possible with +a server vulnerable to CVE-2021-23214. + +To fix, throw a protocol-violation error if the internal buffer +is not empty after the encryption handshake. + +Our thanks to Jacob Champion for reporting this problem. + +Security: CVE-2021-23222 + +Upstream-Status: Backport[https://github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45] +CVE: CVE-2021-23222 + +Signed-off-by: Changqing Li +--- + doc/src/sgml/protocol.sgml | 28 ++++++++++++++++++++++++++++ + src/interfaces/libpq/fe-connect.c | 26 ++++++++++++++++++++++++++ + 2 files changed, 54 insertions(+) + +diff --git a/doc/src/sgml/protocol.sgml b/doc/src/sgml/protocol.sgml +index e26619e1b5..b692648fca 100644 +--- a/doc/src/sgml/protocol.sgml ++++ b/doc/src/sgml/protocol.sgml +@@ -1471,6 +1471,20 @@ SELCT 1/0; + and proceed without requesting SSL. + + ++ ++ When SSL encryption can be performed, the server ++ is expected to send only the single S byte and then ++ wait for the frontend to initiate an SSL handshake. ++ If additional bytes are available to read at this point, it likely ++ means that a man-in-the-middle is attempting to perform a ++ buffer-stuffing attack ++ (CVE-2021-23222). ++ Frontends should be coded either to read exactly one byte from the ++ socket before turning the socket over to their SSL library, or to ++ treat it as a protocol violation if they find they have read additional ++ bytes. ++ ++ + + An initial SSLRequest can also be used in a connection that is being + opened to send a CancelRequest message. +@@ -1532,6 +1546,20 @@ SELCT 1/0; + encryption. + + ++ ++ When GSSAPI encryption can be performed, the server ++ is expected to send only the single G byte and then ++ wait for the frontend to initiate a GSSAPI handshake. ++ If additional bytes are available to read at this point, it likely ++ means that a man-in-the-middle is attempting to perform a ++ buffer-stuffing attack ++ (CVE-2021-23222). ++ Frontends should be coded either to read exactly one byte from the ++ socket before turning the socket over to their GSSAPI library, or to ++ treat it as a protocol violation if they find they have read additional ++ bytes. ++ ++ + + An initial GSSENCRequest can also be used in a connection that is being + opened to send a CancelRequest message. +diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c +index f80f4e98d8..57aee95183 100644 +--- a/src/interfaces/libpq/fe-connect.c ++++ b/src/interfaces/libpq/fe-connect.c +@@ -3076,6 +3076,19 @@ keep_going: /* We will come back to here until there is + pollres = pqsecure_open_client(conn); + if (pollres == PGRES_POLLING_OK) + { ++ /* ++ * At this point we should have no data already buffered. ++ * If we do, it was received before we performed the SSL ++ * handshake, so it wasn't encrypted and indeed may have ++ * been injected by a man-in-the-middle. ++ */ ++ if (conn->inCursor != conn->inEnd) ++ { ++ appendPQExpBufferStr(&conn->errorMessage, ++ libpq_gettext("received unencrypted data after SSL response\n")); ++ goto error_return; ++ } ++ + /* SSL handshake done, ready to send startup packet */ + conn->status = CONNECTION_MADE; + return PGRES_POLLING_WRITING; +@@ -3175,6 +3188,19 @@ keep_going: /* We will come back to here until there is + pollres = pqsecure_open_gss(conn); + if (pollres == PGRES_POLLING_OK) + { ++ /* ++ * At this point we should have no data already buffered. ++ * If we do, it was received before we performed the GSS ++ * handshake, so it wasn't encrypted and indeed may have ++ * been injected by a man-in-the-middle. ++ */ ++ if (conn->inCursor != conn->inEnd) ++ { ++ appendPQExpBufferStr(&conn->errorMessage, ++ libpq_gettext("received unencrypted data after GSSAPI encryption response\n")); ++ goto error_return; ++ } ++ + /* All set for startup packet */ + conn->status = CONNECTION_MADE; + return PGRES_POLLING_WRITING; +-- +2.17.1 + diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb index f63d23dbef..2ed0fa49bb 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb @@ -7,6 +7,8 @@ SRC_URI += "\ file://0001-Add-support-for-RISC-V.patch \ file://0001-Improve-reproducibility.patch \ file://0001-configure.in-bypass-autoconf-2.69-version-check.patch \ + file://CVE-2021-23214.patch \ + file://CVE-2021-23222.patch \ " SRC_URI[sha256sum] = "ea93e10390245f1ce461a54eb5f99a48d8cabd3a08ce4d652ec2169a357bc0cd" diff --git a/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb b/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb index ef066753d7..25b199f572 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb @@ -19,4 +19,6 @@ S = "${WORKDIR}/git" inherit cmake pkgconfig +RDEPENDS:${PN}-dev = "" + BBCLASSEXTEND += "native nativesdk" diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb index 4715019798..47be000c9f 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb @@ -1,6 +1,6 @@ DESCRIPTION = "nodeJS Evented I/O for V8 JavaScript" HOMEPAGE = "http://nodejs.org" -LICENSE = "MIT & BSD & Artistic-2.0" +LICENSE = "MIT & ISC & BSD-2-Clause & BSD-3-Clause & Artistic-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=a1016f9b7979cfe6fc3466a9bba60b1e" DEPENDS = "openssl" diff --git a/meta-openembedded/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb b/meta-openembedded/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb index d3aa6d2ea2..e119420d2a 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb @@ -2,7 +2,7 @@ DESCRIPTION = "XML-RPC for C/C++ is programming libraries and related tools to h write an XML-RPC server or client in C or C++." HOMEPAGE = "http://xmlrpc-c.sourceforge.net/" -LICENSE = "BSD & MIT" +LICENSE = "BSD-3-Clause & MIT" LIC_FILES_CHKSUM = "file://doc/COPYING;md5=aefbf81ba0750f02176b6f86752ea951" SRC_URI = "git://github.com/mirror/xmlrpc-c.git;branch=master;protocol=https \ diff --git a/meta-openembedded/meta-oe/recipes-graphics/imlib2/imlib2_git.bb b/meta-openembedded/meta-oe/recipes-graphics/imlib2/imlib2_git.bb index 9e4daddd53..56d41cd394 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/imlib2/imlib2_git.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/imlib2/imlib2_git.bb @@ -2,7 +2,7 @@ SUMMARY = "A graphic library for file loading, saving, rendering, and manipulati HOMEPAGE = "https://sourceforge.net/projects/enlightenment/" SECTION = "libs" -LICENSE = "MIT & BSD" +LICENSE = "Imlib2" LIC_FILES_CHKSUM = "file://COPYING;md5=344895f253c32f38e182dcaf30fe8a35" DEPENDS = "freetype " diff --git a/meta-openembedded/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb b/meta-openembedded/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb index 8fe601a2d4..20f840411f 100644 --- a/meta-openembedded/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb +++ b/meta-openembedded/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb @@ -2,7 +2,7 @@ SUMMARY = "Small and fast POSIX-compliant shell" HOMEPAGE = "http://gondor.apana.org.au/~herbert/dash/" SECTION = "System Environment/Shells" -LICENSE = "BSD & GPLv2+" +LICENSE = "BSD-3-Clause & GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=b5262b4a1a1bff72b48e935531976d2e" inherit autotools update-alternatives diff --git a/meta-openembedded/meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb b/meta-openembedded/meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb index 3988d54910..a729324c9b 100644 --- a/meta-openembedded/meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb +++ b/meta-openembedded/meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb @@ -17,13 +17,16 @@ do_install:append() { install -d ${D}${sysconfdir}/lvm install -m 0644 ${WORKDIR}/lvm.conf ${D}${sysconfdir}/lvm/lvm.conf sed -i -e 's:@libdir@:${libdir}:g' ${D}${sysconfdir}/lvm/lvm.conf - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - oe_runmake 'DESTDIR=${D}' install install_systemd_units - sed -i -e 's:/usr/bin/true:${base_bindir}/true:g' ${D}${systemd_system_unitdir}/blk-availability.service - else - oe_runmake 'DESTDIR=${D}' install install_initscripts - mv ${D}${sysconfdir}/rc.d/init.d ${D}${sysconfdir}/init.d - rm -rf ${D}${sysconfdir}/rc.d + # We don't want init scripts/systemd units for native SDK utilities + if [ "${PN}" != "nativesdk-lvm2" ]; then + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + oe_runmake 'DESTDIR=${D}' install install_systemd_units + sed -i -e 's:/usr/bin/true:${base_bindir}/true:g' ${D}${systemd_system_unitdir}/blk-availability.service + else + oe_runmake 'DESTDIR=${D}' install install_initscripts + mv ${D}${sysconfdir}/rc.d/init.d ${D}${sysconfdir}/init.d + rm -rf ${D}${sysconfdir}/rc.d + fi fi } diff --git a/meta-openembedded/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb b/meta-openembedded/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb index 93b18ba1d5..d90dd43042 100644 --- a/meta-openembedded/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb @@ -1,11 +1,11 @@ SUMMARY = "PC/SC Lite smart card framework and applications" HOMEPAGE = "http://pcsclite.alioth.debian.org/" -LICENSE = "BSD & GPLv3+" -LICENSE:${PN} = "BSD" -LICENSE:${PN}-lib = "BSD" -LICENSE:${PN}-doc = "BSD" -LICENSE:${PN}-dev = "BSD" -LICENSE:${PN}-dbg = "BSD & GPLv3+" +LICENSE = "BSD-3-Clause & GPLv3+" +LICENSE:${PN} = "BSD-3-Clause" +LICENSE:${PN}-lib = "BSD-3-Clause" +LICENSE:${PN}-doc = "BSD-3-Clause" +LICENSE:${PN}-dev = "BSD-3-Clause" +LICENSE:${PN}-dbg = "BSD-3-Clause & GPLv3+" LICENSE:${PN}-spy = "GPLv3+" LICENSE:${PN}-spy-dev = "GPLv3+" LIC_FILES_CHKSUM = "file://COPYING;md5=628c01ba985ecfa21677f5ee2d5202f6" diff --git a/meta-openembedded/meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb b/meta-openembedded/meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb index 43ee19afb8..3d07c01f07 100644 --- a/meta-openembedded/meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb +++ b/meta-openembedded/meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb @@ -5,7 +5,7 @@ DESCRIPTION = "This package contains low level utilities for devices that use th HOMEPAGE = "http://sg.danny.cz/sg/sg3_utils.html" SECTION = "console/admin" -LICENSE = "GPLv2+ & BSD" +LICENSE = "GPLv2+ & BSD-2-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=f90da7fc52172599dbf082d7620f18ca" SRC_URI = "http://sg.danny.cz/sg/p/sg3_utils-${PV}.tgz \ diff --git a/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_2.9.3.bb b/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_2.9.3.bb deleted file mode 100644 index 30c00d43ca..0000000000 --- a/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_2.9.3.bb +++ /dev/null @@ -1,53 +0,0 @@ -SUMMARY = "udisks provides dbus interfaces for disks and storage devices" -LICENSE = "GPLv2+ & LGPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=dd79f6dbbffdbc8e86b086a8f0c0ef43" - -DEPENDS = " \ - glib-2.0-native \ - libxslt-native \ - acl \ - libatasmart \ - polkit \ - libgudev \ - glib-2.0 \ - dbus-glib \ - libblockdev \ -" -DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" - -RDEPENDS:${PN} = "acl" - -SRC_URI = "git://github.com/storaged-project/udisks.git;branch=2.9.x-branch;protocol=https" -SRCREV = "c430dd9a27e158693cc783e9ee91bf6e5b2a8819" -S = "${WORKDIR}/git" - -CVE_PRODUCT = "udisks" - -inherit autotools-brokensep systemd gtk-doc gobject-introspection gettext features_check - -REQUIRED_DISTRO_FEATURES = "polkit" - -EXTRA_OECONF = "--disable-man --disable-gtk-doc" - -do_configure:prepend() { - # | configure.ac:656: error: required file 'build-aux/config.rpath' not found - mkdir -p ${S}/build-aux - touch ${S}/build-aux/config.rpath -} - -FILES:${PN} += " \ - ${datadir}/dbus-1/ \ - ${datadir}/polkit-1 \ - ${datadir}/bash-completion \ - ${libdir}/polkit-1/extensions/*.so \ - ${nonarch_base_libdir}/udev/* \ - ${exec_prefix}${nonarch_base_libdir}/udisks2/* \ - ${systemd_system_unitdir} \ -" - -PACKAGES =+ "${PN}-libs" -FILES:${PN}-libs = "${libdir}/lib*${SOLIBS}" -FILES:${PN} += "${nonarch_libdir}/tmpfiles.d" - -SYSTEMD_SERVICE:${PN} = "${BPN}.service" -SYSTEMD_AUTO_ENABLE = "disable" diff --git a/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_2.9.4.bb b/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_2.9.4.bb new file mode 100644 index 0000000000..ec13cfa26b --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/udisks/udisks2_2.9.4.bb @@ -0,0 +1,53 @@ +SUMMARY = "udisks provides dbus interfaces for disks and storage devices" +LICENSE = "GPLv2+ & LGPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=dd79f6dbbffdbc8e86b086a8f0c0ef43" + +DEPENDS = " \ + glib-2.0-native \ + libxslt-native \ + acl \ + libatasmart \ + polkit \ + libgudev \ + glib-2.0 \ + dbus-glib \ + libblockdev \ +" +DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" + +RDEPENDS:${PN} = "acl" + +SRC_URI = "git://github.com/storaged-project/udisks.git;branch=2.9.x-branch;protocol=https" +SRCREV = "001c486e6d099ed33e2de4f5c73c03e3ee180f81" +S = "${WORKDIR}/git" + +CVE_PRODUCT = "udisks" + +inherit autotools-brokensep systemd gtk-doc gobject-introspection gettext features_check + +REQUIRED_DISTRO_FEATURES = "polkit" + +EXTRA_OECONF = "--disable-man --disable-gtk-doc" + +do_configure:prepend() { + # | configure.ac:656: error: required file 'build-aux/config.rpath' not found + mkdir -p ${S}/build-aux + touch ${S}/build-aux/config.rpath +} + +FILES:${PN} += " \ + ${datadir}/dbus-1/ \ + ${datadir}/polkit-1 \ + ${datadir}/bash-completion \ + ${libdir}/polkit-1/extensions/*.so \ + ${nonarch_base_libdir}/udev/* \ + ${exec_prefix}${nonarch_base_libdir}/udisks2/* \ + ${systemd_system_unitdir} \ +" + +PACKAGES =+ "${PN}-libs" +FILES:${PN}-libs = "${libdir}/lib*${SOLIBS}" +FILES:${PN} += "${nonarch_libdir}/tmpfiles.d" + +SYSTEMD_SERVICE:${PN} = "${BPN}.service" +SYSTEMD_AUTO_ENABLE = "disable" diff --git a/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_1.1.0.bb b/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_1.1.0.bb new file mode 100644 index 0000000000..14ab41b144 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_1.1.0.bb @@ -0,0 +1,18 @@ +SUMMARY = "Test suite for Linux framebuffer" + +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a" + +SRCREV = "063ec650960c2d79ac51f5c5f026cb05343a33e2" +SRC_URI = "git://github.com//ponty/fb-test-app.git;branch=master;protocol=https" + +S = "${WORKDIR}/git" + +do_install() { + install -d ${D}${bindir} + install -m 0755 fb-test ${D}${bindir} + # avoid collisions with perf (perf) and mesa-demos (offset) + for prog in perf rect offset ; do + install -m 0755 $prog ${D}${bindir}/fb-$prog + done +} diff --git a/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_git.bb b/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_git.bb deleted file mode 100644 index 2992135726..0000000000 --- a/meta-openembedded/meta-oe/recipes-test/fbtest/fb-test_git.bb +++ /dev/null @@ -1,20 +0,0 @@ -SUMMARY = "Test suite for Linux framebuffer" - -PV = "1.1.0" - -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a" - -SRCREV = "063ec650960c2d79ac51f5c5f026cb05343a33e2" -SRC_URI = "git://github.com/prpplague/fb-test-app.git;branch=master;protocol=https" - -S = "${WORKDIR}/git" - -do_install() { - install -d ${D}${bindir} - install -m 0755 fb-test ${D}${bindir} - # avoid collisions with perf (perf) and mesa-demos (offset) - for prog in perf rect offset ; do - install -m 0755 $prog ${D}${bindir}/fb-$prog - done -} diff --git a/meta-openembedded/meta-oe/recipes-test/googletest/googletest_git.bb b/meta-openembedded/meta-oe/recipes-test/googletest/googletest_git.bb index 2393f9b425..ff8191eff6 100644 --- a/meta-openembedded/meta-oe/recipes-test/googletest/googletest_git.bb +++ b/meta-openembedded/meta-oe/recipes-test/googletest/googletest_git.bb @@ -10,7 +10,7 @@ PROVIDES += "gmock gtest" S = "${WORKDIR}/git" SRCREV = "e2239ee6043f73722e7aa812a459f54a28552929" -SRC_URI = "git://github.com/google/googletest.git;branch=master;protocol=https" +SRC_URI = "git://github.com/google/googletest.git;branch=main;protocol=https" inherit cmake diff --git a/meta-openembedded/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb b/meta-openembedded/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb deleted file mode 100644 index 4a2cb73e86..0000000000 --- a/meta-openembedded/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb +++ /dev/null @@ -1,36 +0,0 @@ -SUMMARY = "A simple, sane and efficient module to slurp a file" -DESCRIPTION = "This module provides functions for fast and correct slurping and spewing. \ -All functions are optionally exported. All functions throw exceptions on \ -errors, write functions don't return any meaningful value." - -SECTION = "libs" -LICENSE = "Artistic-1.0 | GPL-1.0+" - -HOMEPAGE= "https://metacpan.org/release/File-Slurper" - -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Artistic-1.0;md5=cda03bbdc3c1951996392b872397b798 \ -file://${COMMON_LICENSE_DIR}/GPL-1.0-or-later;md5=30c0b8a5048cc2f4be5ff15ef0d8cf61" - -SRC_URI = "${CPAN_MIRROR}/authors/id/L/LE/LEONT/File-Slurper-${PV}.tar.gz" - -SRC_URI[md5sum] = "5742c63096392dfee50b8db314bcca18" -SRC_URI[sha256sum] = "4efb2ea416b110a1bda6f8133549cc6ea3676402e3caf7529fce0313250aa578" -RDEPENDS:${PN} = " \ - perl-module-carp \ - perl-module-encode \ - perl-module-exporter \ - perl-module-perlio \ - perl-module-perlio-encoding \ - perl-module-strict \ - perl-module-warnings \ -" - -RDEPENDS:${PN}-ptest += "libtest-warnings-perl \ - perl-module-test-more \ - " - -S = "${WORKDIR}/File-Slurper-${PV}" - -inherit cpan ptest-perl - -BBCLASSEXTEND = "native" diff --git a/meta-openembedded/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb b/meta-openembedded/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb new file mode 100644 index 0000000000..c7e5c56b6e --- /dev/null +++ b/meta-openembedded/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb @@ -0,0 +1,35 @@ +SUMMARY = "A simple, sane and efficient module to slurp a file" +DESCRIPTION = "This module provides functions for fast and correct slurping and spewing. \ +All functions are optionally exported. All functions throw exceptions on \ +errors, write functions don't return any meaningful value." + +SECTION = "libs" +LICENSE = "Artistic-1.0 | GPL-1.0+" + +HOMEPAGE= "https://metacpan.org/release/File-Slurper" + +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Artistic-1.0;md5=cda03bbdc3c1951996392b872397b798 \ +file://${COMMON_LICENSE_DIR}/GPL-1.0-or-later;md5=30c0b8a5048cc2f4be5ff15ef0d8cf61" + +SRC_URI = "${CPAN_MIRROR}/authors/id/L/LE/LEONT/File-Slurper-${PV}.tar.gz" + +SRC_URI[sha256sum] = "e2f6a4029a6a242d50054044f1fb86770b9b5cc4daeb1a967f91ffb42716a8c5" +RDEPENDS:${PN} = " \ + perl-module-carp \ + perl-module-encode \ + perl-module-exporter \ + perl-module-perlio \ + perl-module-perlio-encoding \ + perl-module-strict \ + perl-module-warnings \ +" + +RDEPENDS:${PN}-ptest += "libtest-warnings-perl \ + perl-module-test-more \ + " + +S = "${WORKDIR}/File-Slurper-${PV}" + +inherit cpan ptest-perl + +BBCLASSEXTEND = "native" diff --git a/meta-openembedded/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb b/meta-openembedded/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb deleted file mode 100644 index 7e485bece5..0000000000 --- a/meta-openembedded/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb +++ /dev/null @@ -1,65 +0,0 @@ -DESCRIPTION = "This package contains the DNS.pm module with friends." -HOMEPAGE = "http://www.net-dns.org/" -SECTION = "libs" -LICENSE = "MIT" - -LIC_FILES_CHKSUM = "file://README;beginline=252;endline=269;md5=27db37b42cd1a5173a53922d67072bcb" - -DEPENDS += "perl" - -SRC_URI = "http://search.cpan.org/CPAN/authors/id/N/NL/NLNETLABS/Net-DNS-${PV}.tar.gz" - -SRC_URI[sha256sum] = "b890a7b44d573f27cc713caadf1e12eaaa4478a6504d1157194df614316b5b50" - -UPSTREAM_CHECK_REGEX = "Net\-DNS\-(?P(\d+\.\d+))(?!_\d+).tar" - -S = "${WORKDIR}/Net-DNS-${PV}" - -EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}" - -inherit cpan ptest-perl - -RDEPENDS:${PN} = " \ - libdigest-hmac-perl \ - perl-module-base \ - perl-module-constant \ - perl-module-digest-md5 \ - perl-module-digest-sha \ - perl-module-file-spec \ - perl-module-integer \ - perl-module-io-file \ - perl-module-io-select \ - perl-module-io-socket \ - perl-module-io-socket-ip \ - perl-module-mime-base64 \ - perl-module-scalar-util \ - perl-module-test-more \ - perl-module-time-local \ -" - -RRECOMMENDS:${PN} += " \ - libnet-dns-sec-perl \ -" - -RDEPENDS:${PN}-ptest += " \ - perl-module-encode \ - perl-module-encode-byte \ - perl-module-extutils-mm \ - perl-module-extutils-mm-unix \ - perl-module-overload \ -" - -python __anonymous () { - # rather than use "find" to determine libc-*.so, - # statically export the known paths for glibc and musl - import os - if d.getVar('TCLIBC') == "glibc": - os.environ["LIBC"] = "${STAGING_BASELIBDIR}/libc.so.6" - elif d.getVar('TCLIBC') == "musl": - os.environ["LIBC"] = "${STAGING_LIBDIR}/libc.so" - else: - raise bb.parse.SkipRecipe("incompatible with %s C library" % - d.getVar('TCLIBC')) -} - -BBCLASSEXTEND = "native" diff --git a/meta-openembedded/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb b/meta-openembedded/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb new file mode 100644 index 0000000000..2c7d793a7b --- /dev/null +++ b/meta-openembedded/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb @@ -0,0 +1,65 @@ +DESCRIPTION = "This package contains the DNS.pm module with friends." +HOMEPAGE = "http://www.net-dns.org/" +SECTION = "libs" +LICENSE = "MIT" + +LIC_FILES_CHKSUM = "file://README;beginline=252;endline=269;md5=de95b6a896d5f861d724ea854d316a0b" + +DEPENDS += "perl" + +SRC_URI = "http://search.cpan.org/CPAN/authors/id/N/NL/NLNETLABS/Net-DNS-${PV}.tar.gz" + +SRC_URI[sha256sum] = "5a40e7cf524e4bd2c33cf03b82b47d5308b712083aa5ee180b0b5af54c71fbd2" + +UPSTREAM_CHECK_REGEX = "Net\-DNS\-(?P(\d+\.\d+))(?!_\d+).tar" + +S = "${WORKDIR}/Net-DNS-${PV}" + +EXTRA_CPANFLAGS = "EXPATLIBPATH=${STAGING_LIBDIR} EXPATINCPATH=${STAGING_INCDIR}" + +inherit cpan ptest-perl + +RDEPENDS:${PN} = " \ + libdigest-hmac-perl \ + perl-module-base \ + perl-module-constant \ + perl-module-digest-md5 \ + perl-module-digest-sha \ + perl-module-file-spec \ + perl-module-integer \ + perl-module-io-file \ + perl-module-io-select \ + perl-module-io-socket \ + perl-module-io-socket-ip \ + perl-module-mime-base64 \ + perl-module-scalar-util \ + perl-module-test-more \ + perl-module-time-local \ +" + +RRECOMMENDS:${PN} += " \ + libnet-dns-sec-perl \ +" + +RDEPENDS:${PN}-ptest += " \ + perl-module-encode \ + perl-module-encode-byte \ + perl-module-extutils-mm \ + perl-module-extutils-mm-unix \ + perl-module-overload \ +" + +python __anonymous () { + # rather than use "find" to determine libc-*.so, + # statically export the known paths for glibc and musl + import os + if d.getVar('TCLIBC') == "glibc": + os.environ["LIBC"] = "${STAGING_BASELIBDIR}/libc.so.6" + elif d.getVar('TCLIBC') == "musl": + os.environ["LIBC"] = "${STAGING_LIBDIR}/libc.so" + else: + raise bb.parse.SkipRecipe("incompatible with %s C library" % + d.getVar('TCLIBC')) +} + +BBCLASSEXTEND = "native" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python-gevent/libev-conf.patch b/meta-openembedded/meta-python/recipes-devtools/python/python-gevent/libev-conf.patch deleted file mode 100644 index 79c1867ba7..0000000000 --- a/meta-openembedded/meta-python/recipes-devtools/python/python-gevent/libev-conf.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 2294734ef9d5e2efb05820e9759a1635799bdea9 Mon Sep 17 00:00:00 2001 -From: Andrej Rode -Date: Mon, 10 Apr 2017 19:25:18 -0700 -Subject: [PATCH] libev: make configure crosscompile compatible - -Signed-off-by: Andrej Rode ---- - deps/libev/configure | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/deps/libev/configure b/deps/libev/configure -index 743817e..96c2366 100755 ---- a/deps/libev/configure -+++ b/deps/libev/configure -@@ -2208,7 +2208,7 @@ fi - ac_ext=c - ac_cpp='$CPP $CPPFLAGS' - ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' --ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -+ac_link='$CC -static -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' - ac_compiler_gnu=$ac_cv_c_compiler_gnu - - --- -2.10.2 - diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb index 2fb48f3cf7..25ff63b5eb 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb @@ -1,8 +1,10 @@ SUMMARY = "Test vectors for the cryptography package." HOMEPAGE = "https://cryptography.io/" SECTION = "devel/python" -LICENSE = "Apache-2.0 | BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=8c3617db4fb6fae01f1d253ab91511e4" +LICENSE = "Apache-2.0 | BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=8c3617db4fb6fae01f1d253ab91511e4 \ + file://LICENSE.APACHE;md5=4e168cce331e5c827d4c2b68a6200e1b \ + file://LICENSE.BSD;md5=5ae30ba4123bc4f2fa49aa0b0dce887b" SRC_URI[sha256sum] = "4c84410257993d3de058b44b777a49e1da2ae35ebea2970a360c7e3aa0f580f2" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb index baec105a3e..6c70284564 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb @@ -1,8 +1,10 @@ SUMMARY = "Provides cryptographic recipes and primitives to python developers" HOMEPAGE = "https://cryptography.io/" SECTION = "devel/python" -LICENSE = "Apache-2.0 | BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=bf405a8056a6647e7d077b0e7bc36aba" +LICENSE = "Apache-2.0 | BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=bf405a8056a6647e7d077b0e7bc36aba \ + file://LICENSE.APACHE;md5=4e168cce331e5c827d4c2b68a6200e1b \ + file://LICENSE.BSD;md5=5ae30ba4123bc4f2fa49aa0b0dce887b" LDSHARED += "-pthread" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-django_3.2.10.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-django_3.2.10.bb new file mode 100644 index 0000000000..0c5fbb8c83 --- /dev/null +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-django_3.2.10.bb @@ -0,0 +1,13 @@ +require python-django.inc +inherit setuptools3 + +SRC_URI[sha256sum] = "074e8818b4b40acdc2369e67dcd6555d558329785408dcd25340ee98f1f1d5c4" + +RDEPENDS:${PN} += "\ + ${PYTHON_PN}-sqlparse \ +" + +# Set DEFAULT_PREFERENCE so that the LTS version of django is built by +# default. To build the 3.x branch, +# PREFERRED_VERSION_python3-django = "3.2.2" can be added to local.conf +DEFAULT_PREFERENCE = "-1" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-django_3.2.5.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-django_3.2.5.bb deleted file mode 100644 index c10212c4cd..0000000000 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-django_3.2.5.bb +++ /dev/null @@ -1,13 +0,0 @@ -require python-django.inc -inherit setuptools3 - -SRC_URI[sha256sum] = "3da05fea54fdec2315b54a563d5b59f3b4e2b1e69c3a5841dda35019c01855cd" - -RDEPENDS:${PN} += "\ - ${PYTHON_PN}-sqlparse \ -" - -# Set DEFAULT_PREFERENCE so that the LTS version of django is built by -# default. To build the 3.x branch, -# PREFERRED_VERSION_python3-django = "3.2.2" can be added to local.conf -DEFAULT_PREFERENCE = "-1" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb index 74ae6cf69d..7bdf126dea 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb @@ -2,32 +2,23 @@ SUMMARY = "A coroutine-based Python networking library" DESCRIPTION = "gevent is a coroutine-based Python networking library that uses greenlet to provide \ a high-level synchronous API on top of the libevent event loop." HOMEPAGE = "http://www.gevent.org" -LICENSE = "MIT & Python-2.0 & BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=4de99aac27b470c29c6c309e0c279b65 \ - file://NOTICE;md5=18108df3583462cafd457f024b9b09b5 \ - file://deps/libev/LICENSE;md5=d6ad416afd040c90698edcdf1cbee347 \ - " -DEPENDS += "libevent" -DEPENDS += "${PYTHON_PN}-greenlet" +LICENSE = "MIT & Python-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=4de99aac27b470c29c6c309e0c279b65" +DEPENDS += "${PYTHON_PN}-greenlet libev c-ares" + RDEPENDS:${PN} = "${PYTHON_PN}-greenlet \ ${PYTHON_PN}-mime \ ${PYTHON_PN}-pprint \ " -FILESEXTRAPATHS:prepend := "${THISDIR}/python-gevent:" +SRC_URI[sha256sum] = "43e93e1a4738c922a2416baf33f0afb0a20b22d3dba886720bc037cd02a98575" -SRC_URI:append = " \ - file://libev-conf.patch;patch=1;pnum=1 \ -" +inherit pypi setuptools3 -SRC_URI[sha256sum] = "43e93e1a4738c922a2416baf33f0afb0a20b22d3dba886720bc037cd02a98575" +# Don't embed libraries, link to the system instead +export GEVENTSETUP_EMBED = "0" -# The python-gevent has no autoreconf ability -# and the logic for detecting a cross compile is flawed -# so always force a cross compile +# Delete the embedded copies of libraries so we can't accidentally link to them do_configure:append() { - sed -i -e 's/^cross_compiling=no/cross_compiling=yes/' ${S}/deps/libev/configure - sed -i -e 's/^cross_compiling=no/cross_compiling=yes/' ${S}/deps/c-ares/configure + rm -rf ${S}/deps } - -inherit pypi setuptools3 diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb index 669c2eaeeb..d5594847f4 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb @@ -4,9 +4,9 @@ libxslt libraries. It provides safe and convenient access to these \ libraries using the ElementTree API. It extends the ElementTree API \ significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, \ C14N and much more." -HOMEPAGE = "http://codespeak.net/lxml" +HOMEPAGE = "https://lxml.de/" SECTION = "devel/python" -LICENSE = "BSD & GPLv2 & MIT & PSF" +LICENSE = "BSD-3-Clause & GPLv2 & MIT & PSF" LIC_FILES_CHKSUM = "file://LICENSES.txt;md5=e4c045ebad958ead4b48008f70838403 \ file://doc/licenses/elementtree.txt;md5=eb34d036a6e3d56314ee49a6852ac891 \ file://doc/licenses/BSD.txt;md5=700a1fc17f4797d4f2d34970c8ee694b \ diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb index 2377bd5258..d66ef0e3c4 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb @@ -1,7 +1,7 @@ DESCRIPTION = "POSIX IPC primitives (semaphores, shared memory and message queues) for Python" HOMEPAGE = "http://semanchuk.com/philip/posix_ipc/" SECTION = "devel/python" -LICENSE = "BSD" +LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=dc089fb2f37e90799a54c19a20c9880f" PYPI_PACKAGE = "posix_ipc" @@ -13,13 +13,3 @@ SRC_URI[md5sum] = "8c9443859492ecf3aae9182aa6b5c78c" SRC_URI[sha256sum] = "6cddb1ce2cf4aae383f2a0079c26c69bee257fe2720f372201ef047f8ceb8b97" inherit setuptools3 pypi - -# DEPENDS_default: python-pip - -DEPENDS += " \ - ${PYTHON_PN}-pip \ - " - -# RDEPENDS:default: -RDEPENDS:${PN} += " \ - " diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb index 3c91eee16f..87605c2b3e 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb @@ -1,6 +1,6 @@ SUMMARY = "Pyzmq provides Zero message queue access for the Python language" HOMEPAGE = "http://zeromq.org/bindings:python" -LICENSE = "BSD & LGPL-3.0" +LICENSE = "BSD-3-Clause & LGPL-3.0" LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=11c65680f637c3df7f58bbc8d133e96e \ file://COPYING.LESSER;md5=12c592fa0bcfff3fb0977b066e9cb69e" DEPENDS = "zeromq" diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb deleted file mode 100644 index 4b36c50d55..0000000000 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb +++ /dev/null @@ -1,225 +0,0 @@ -DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \ -extensible web server." -SUMMARY = "Apache HTTP Server" -HOMEPAGE = "http://httpd.apache.org/" -SECTION = "net" -LICENSE = "Apache-2.0" - -SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ - file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ - file://0002-apache2-bump-up-the-core-size-limit-if-CoreDumpDirec.patch \ - file://0003-apache2-do-not-export-apr-apr-util-symbols-when-usin.patch \ - file://0004-apache2-log-the-SELinux-context-at-startup.patch \ - file://0005-replace-lynx-to-curl-in-apachectl-script.patch \ - file://0006-apache2-fix-the-race-issue-of-parallel-installation.patch \ - file://0007-apache2-allow-to-disable-selinux-support.patch \ - file://apache-configure_perlbin.patch \ - file://0001-support-apxs.in-force-destdir-to-be-empty-string.patch \ - " - -SRC_URI:append:class-target = " \ - file://0008-apache2-do-not-use-relative-path-for-gen_test_char.patch \ - file://init \ - file://apache2-volatile.conf \ - file://apache2.service \ - file://volatiles.04_apache2 \ - " - -LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4" - -S = "${WORKDIR}/httpd-${PV}" - -inherit autotools update-rc.d pkgconfig systemd update-alternatives - -DEPENDS = "openssl expat pcre apr apr-util apache2-native " - -CVE_PRODUCT = "http_server" - -SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" - -PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)}" -PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux" -PACKAGECONFIG[openldap] = "--enable-ldap --enable-authnz-ldap,--disable-ldap --disable-authnz-ldap,openldap" -PACKAGECONFIG[zlib] = "--enable-deflate,,zlib,zlib" - -CFLAGS:append = " -DPATH_MAX=4096" - -EXTRA_OECONF:class-target = "\ - --enable-layout=Debian \ - --prefix=${base_prefix} \ - --exec_prefix=${exec_prefix} \ - --includedir=${includedir}/${BPN} \ - --sysconfdir=${sysconfdir}/${BPN} \ - --datadir=${datadir}/${BPN} \ - --libdir=${libdir} \ - --libexecdir=${libexecdir}/${BPN}/modules \ - --localstatedir=${localstatedir} \ - --enable-ssl \ - --with-dbm=sdbm \ - --with-gdbm=no \ - --with-ndbm=no \ - --with-berkeley-db=no \ - --enable-info \ - --enable-rewrite \ - --enable-mpms-shared \ - ap_cv_void_ptr_lt_long=no \ - ac_cv_have_threadsafe_pollset=no \ - " - -EXTRA_OECONF:class-native = "\ - --prefix=${prefix} \ - --includedir=${includedir}/${BPN} \ - --sysconfdir=${sysconfdir}/${BPN} \ - --datadir=${datadir}/${BPN} \ - --libdir=${libdir} \ - --libexecdir=${libdir}/${BPN}/modules \ - --localstatedir=${localstatedir} \ - " - -do_configure:prepend() { - sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libexecdir}/cgi-bin:g' ${S}/config.layout -} - -do_install:append:class-target() { - install -d ${D}/${sysconfdir}/init.d - - cat ${WORKDIR}/init | \ - sed -e 's,/usr/sbin/,${sbindir}/,g' \ - -e 's,/usr/bin/,${bindir}/,g' \ - -e 's,/usr/lib/,${libdir}/,g' \ - -e 's,/etc/,${sysconfdir}/,g' \ - -e 's,/usr/,${prefix}/,g' > ${D}/${sysconfdir}/init.d/${BPN} - - chmod 755 ${D}/${sysconfdir}/init.d/${BPN} - - # Remove the goofy original files... - rm -rf ${D}/${sysconfdir}/${BPN}/original - - install -d ${D}${sysconfdir}/${BPN}/conf.d - install -d ${D}${sysconfdir}/${BPN}/modules.d - - # Ensure configuration file pulls in conf.d and modules.d - printf "\nIncludeOptional ${sysconfdir}/${BPN}/conf.d/*.conf" >> ${D}/${sysconfdir}/${BPN}/httpd.conf - printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.load" >> ${D}/${sysconfdir}/${BPN}/httpd.conf - printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.conf\n\n" >> ${D}/${sysconfdir}/${BPN}/httpd.conf - - # Match with that is in init script - printf "\nPidFile /run/httpd.pid" >> ${D}/${sysconfdir}/${BPN}/httpd.conf - - # Set 'ServerName' to fix error messages when restart apache service - sed -i 's/^#ServerName www.example.com/ServerName localhost/' ${D}/${sysconfdir}/${BPN}/httpd.conf - - sed -i 's/^ServerRoot/#ServerRoot/' ${D}/${sysconfdir}/${BPN}/httpd.conf - - sed -i -e 's,${STAGING_DIR_TARGET},,g' \ - -e 's,${DEBUG_PREFIX_MAP},,g' \ - -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g; s,-ffile-prefix-map[^ ]*,,g' \ - -e 's,${HOSTTOOLS_DIR}/,,g' \ - -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ - -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' ${D}${datadir}/apache2/build/config_vars.mk - - sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ - -e 's,${DEBUG_PREFIX_MAP},,g' \ - -e 's,${RECIPE_SYSROOT},,g' \ - -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \ - -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ - -e 's,".*/configure","configure",g' ${D}${datadir}/apache2/build/config.nice - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/tmpfiles.d/ - install -m 0644 ${WORKDIR}/apache2-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ - - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/apache2.service ${D}${systemd_unitdir}/system - sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/apache2.service - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' ${D}${systemd_unitdir}/system/apache2.service - elif ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/default/volatiles - install -m 0644 ${WORKDIR}/volatiles.04_apache2 ${D}${sysconfdir}/default/volatiles/04_apache2 - fi - - rm -rf ${D}${localstatedir} ${D}${sbindir}/envvars* - chown -R root:root ${D} -} - -do_install:append:class-native() { - install -d ${D}${bindir} ${D}${libdir} - install -m 755 server/gen_test_char ${D}${bindir} -} - -SYSROOT_PREPROCESS_FUNCS:append:class-target = " apache_sysroot_preprocess" - -apache_sysroot_preprocess() { - install -d ${SYSROOT_DESTDIR}${bindir_crossscripts} - install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts} - install -d ${SYSROOT_DESTDIR}${sbindir} - install -m 755 ${D}${sbindir}/apachectl ${SYSROOT_DESTDIR}${sbindir} - sed -i 's!my $installbuilddir = .*!my $installbuilddir = "${STAGING_DIR_HOST}/${datadir}/${BPN}/build";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs - sed -i 's!my $libtool = .*!my $libtool = "${STAGING_BINDIR_CROSS}/${HOST_SYS}-libtool";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs - - sed -i 's!^APR_CONFIG = .*!APR_CONFIG = ${STAGING_BINDIR_CROSS}/apr-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^APU_CONFIG = .*!APU_CONFIG = ${STAGING_BINDIR_CROSS}/apu-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^includedir = .*!includedir = ${STAGING_INCDIR}/apache2!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^CFLAGS = -I[^ ]*!CFLAGS = -I${STAGING_INCDIR}/openssl!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^EXTRA_LDFLAGS = .*!EXTRA_LDFLAGS = -L${STAGING_LIBDIR}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!^EXTRA_INCLUDES = .*!EXTRA_INCLUDES = -I$(includedir) -I. -I${STAGING_INCDIR}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk - sed -i 's!--sysroot=[^ ]*!--sysroot=${STAGING_DIR_HOST}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk -} - -# Implications - used by update-rc.d scripts -INITSCRIPT_NAME = "apache2" -INITSCRIPT_PARAMS = "defaults 91 20" - -SYSTEMD_SERVICE:${PN} = "apache2.service" -SYSTEMD_AUTO_ENABLE:${PN} = "enable" - -ALTERNATIVE:${PN}-doc = "htpasswd.1" -ALTERNATIVE_LINK_NAME[htpasswd.1] = "${mandir}/man1/htpasswd.1" - -PACKAGES = "${PN}-scripts ${PN}-doc ${PN}-dev ${PN}-dbg ${PN}" - -CONFFILES:${PN} = "${sysconfdir}/${BPN}/httpd.conf \ - ${sysconfdir}/${BPN}/magic \ - ${sysconfdir}/${BPN}/mime.types \ - ${sysconfdir}/${BPN}/extra/*" - -# We override here rather than append so that .so links are -# included in the runtime package rather than here (-dev) -# and to get build, icons, error into the -dev package -FILES:${PN}-dev = "${datadir}/${BPN}/build \ - ${datadir}/${BPN}/icons \ - ${datadir}/${BPN}/error \ - ${includedir}/${BPN} \ - ${bindir}/apxs \ - " - -# Add the manual to -doc -FILES:${PN}-doc += " ${datadir}/${BPN}/manual" - -FILES:${PN}-scripts += "${bindir}/dbmmanage" - -# Override this too - here is the default, less datadir -FILES:${PN} = "${bindir} ${sbindir} ${libexecdir} ${libdir} \ - ${sysconfdir} ${libdir}/${BPN}" - -# We want htdocs and cgi-bin to go with the binary -FILES:${PN} += "${datadir}/${BPN}/ ${libdir}/cgi-bin" - -FILES:${PN}-dbg += "${libdir}/${BPN}/modules/.debug" - -RDEPENDS:${PN} += "openssl libgcc" -RDEPENDS:${PN}-scripts += "perl ${PN}" -RDEPENDS:${PN}-dev = "perl" - -BBCLASSEXTEND = "native" - -pkg_postinst:${PN}() { - if [ -z "$D" ]; then - if type systemd-tmpfiles >/dev/null; then - systemd-tmpfiles --create - elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then - ${sysconfdir}/init.d/populate-volatile.sh update - fi - fi -} diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb new file mode 100644 index 0000000000..0bf29a744e --- /dev/null +++ b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb @@ -0,0 +1,225 @@ +DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \ +extensible web server." +SUMMARY = "Apache HTTP Server" +HOMEPAGE = "http://httpd.apache.org/" +SECTION = "net" +LICENSE = "Apache-2.0" + +SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ + file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ + file://0002-apache2-bump-up-the-core-size-limit-if-CoreDumpDirec.patch \ + file://0003-apache2-do-not-export-apr-apr-util-symbols-when-usin.patch \ + file://0004-apache2-log-the-SELinux-context-at-startup.patch \ + file://0005-replace-lynx-to-curl-in-apachectl-script.patch \ + file://0006-apache2-fix-the-race-issue-of-parallel-installation.patch \ + file://0007-apache2-allow-to-disable-selinux-support.patch \ + file://apache-configure_perlbin.patch \ + file://0001-support-apxs.in-force-destdir-to-be-empty-string.patch \ + " + +SRC_URI:append:class-target = " \ + file://0008-apache2-do-not-use-relative-path-for-gen_test_char.patch \ + file://init \ + file://apache2-volatile.conf \ + file://apache2.service \ + file://volatiles.04_apache2 \ + " + +LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" +SRC_URI[sha256sum] = "0127f7dc497e9983e9c51474bed75e45607f2f870a7675a86dc90af6d572f5c9" + +S = "${WORKDIR}/httpd-${PV}" + +inherit autotools update-rc.d pkgconfig systemd update-alternatives + +DEPENDS = "openssl expat pcre apr apr-util apache2-native " + +CVE_PRODUCT = "http_server" + +SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" + +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)}" +PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux" +PACKAGECONFIG[openldap] = "--enable-ldap --enable-authnz-ldap,--disable-ldap --disable-authnz-ldap,openldap" +PACKAGECONFIG[zlib] = "--enable-deflate,,zlib,zlib" + +CFLAGS:append = " -DPATH_MAX=4096" + +EXTRA_OECONF:class-target = "\ + --enable-layout=Debian \ + --prefix=${base_prefix} \ + --exec_prefix=${exec_prefix} \ + --includedir=${includedir}/${BPN} \ + --sysconfdir=${sysconfdir}/${BPN} \ + --datadir=${datadir}/${BPN} \ + --libdir=${libdir} \ + --libexecdir=${libexecdir}/${BPN}/modules \ + --localstatedir=${localstatedir} \ + --enable-ssl \ + --with-dbm=sdbm \ + --with-gdbm=no \ + --with-ndbm=no \ + --with-berkeley-db=no \ + --enable-info \ + --enable-rewrite \ + --enable-mpms-shared \ + ap_cv_void_ptr_lt_long=no \ + ac_cv_have_threadsafe_pollset=no \ + " + +EXTRA_OECONF:class-native = "\ + --prefix=${prefix} \ + --includedir=${includedir}/${BPN} \ + --sysconfdir=${sysconfdir}/${BPN} \ + --datadir=${datadir}/${BPN} \ + --libdir=${libdir} \ + --libexecdir=${libdir}/${BPN}/modules \ + --localstatedir=${localstatedir} \ + " + +do_configure:prepend() { + sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libexecdir}/cgi-bin:g' ${S}/config.layout +} + +do_install:append:class-target() { + install -d ${D}/${sysconfdir}/init.d + + cat ${WORKDIR}/init | \ + sed -e 's,/usr/sbin/,${sbindir}/,g' \ + -e 's,/usr/bin/,${bindir}/,g' \ + -e 's,/usr/lib/,${libdir}/,g' \ + -e 's,/etc/,${sysconfdir}/,g' \ + -e 's,/usr/,${prefix}/,g' > ${D}/${sysconfdir}/init.d/${BPN} + + chmod 755 ${D}/${sysconfdir}/init.d/${BPN} + + # Remove the goofy original files... + rm -rf ${D}/${sysconfdir}/${BPN}/original + + install -d ${D}${sysconfdir}/${BPN}/conf.d + install -d ${D}${sysconfdir}/${BPN}/modules.d + + # Ensure configuration file pulls in conf.d and modules.d + printf "\nIncludeOptional ${sysconfdir}/${BPN}/conf.d/*.conf" >> ${D}/${sysconfdir}/${BPN}/httpd.conf + printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.load" >> ${D}/${sysconfdir}/${BPN}/httpd.conf + printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.conf\n\n" >> ${D}/${sysconfdir}/${BPN}/httpd.conf + + # Match with that is in init script + printf "\nPidFile /run/httpd.pid" >> ${D}/${sysconfdir}/${BPN}/httpd.conf + + # Set 'ServerName' to fix error messages when restart apache service + sed -i 's/^#ServerName www.example.com/ServerName localhost/' ${D}/${sysconfdir}/${BPN}/httpd.conf + + sed -i 's/^ServerRoot/#ServerRoot/' ${D}/${sysconfdir}/${BPN}/httpd.conf + + sed -i -e 's,${STAGING_DIR_TARGET},,g' \ + -e 's,${DEBUG_PREFIX_MAP},,g' \ + -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g; s,-ffile-prefix-map[^ ]*,,g' \ + -e 's,${HOSTTOOLS_DIR}/,,g' \ + -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ + -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' ${D}${datadir}/apache2/build/config_vars.mk + + sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ + -e 's,${DEBUG_PREFIX_MAP},,g' \ + -e 's,${RECIPE_SYSROOT},,g' \ + -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \ + -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ + -e 's,".*/configure","configure",g' ${D}${datadir}/apache2/build/config.nice + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d/ + install -m 0644 ${WORKDIR}/apache2-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ + + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/apache2.service ${D}${systemd_unitdir}/system + sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/apache2.service + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' ${D}${systemd_unitdir}/system/apache2.service + elif ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/default/volatiles + install -m 0644 ${WORKDIR}/volatiles.04_apache2 ${D}${sysconfdir}/default/volatiles/04_apache2 + fi + + rm -rf ${D}${localstatedir} ${D}${sbindir}/envvars* + chown -R root:root ${D} +} + +do_install:append:class-native() { + install -d ${D}${bindir} ${D}${libdir} + install -m 755 server/gen_test_char ${D}${bindir} +} + +SYSROOT_PREPROCESS_FUNCS:append:class-target = " apache_sysroot_preprocess" + +apache_sysroot_preprocess() { + install -d ${SYSROOT_DESTDIR}${bindir_crossscripts} + install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts} + install -d ${SYSROOT_DESTDIR}${sbindir} + install -m 755 ${D}${sbindir}/apachectl ${SYSROOT_DESTDIR}${sbindir} + sed -i 's!my $installbuilddir = .*!my $installbuilddir = "${STAGING_DIR_HOST}/${datadir}/${BPN}/build";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs + sed -i 's!my $libtool = .*!my $libtool = "${STAGING_BINDIR_CROSS}/${HOST_SYS}-libtool";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs + + sed -i 's!^APR_CONFIG = .*!APR_CONFIG = ${STAGING_BINDIR_CROSS}/apr-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^APU_CONFIG = .*!APU_CONFIG = ${STAGING_BINDIR_CROSS}/apu-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^includedir = .*!includedir = ${STAGING_INCDIR}/apache2!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^CFLAGS = -I[^ ]*!CFLAGS = -I${STAGING_INCDIR}/openssl!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^EXTRA_LDFLAGS = .*!EXTRA_LDFLAGS = -L${STAGING_LIBDIR}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!^EXTRA_INCLUDES = .*!EXTRA_INCLUDES = -I$(includedir) -I. -I${STAGING_INCDIR}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk + sed -i 's!--sysroot=[^ ]*!--sysroot=${STAGING_DIR_HOST}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk +} + +# Implications - used by update-rc.d scripts +INITSCRIPT_NAME = "apache2" +INITSCRIPT_PARAMS = "defaults 91 20" + +SYSTEMD_SERVICE:${PN} = "apache2.service" +SYSTEMD_AUTO_ENABLE:${PN} = "enable" + +ALTERNATIVE:${PN}-doc = "htpasswd.1" +ALTERNATIVE_LINK_NAME[htpasswd.1] = "${mandir}/man1/htpasswd.1" + +PACKAGES = "${PN}-scripts ${PN}-doc ${PN}-dev ${PN}-dbg ${PN}" + +CONFFILES:${PN} = "${sysconfdir}/${BPN}/httpd.conf \ + ${sysconfdir}/${BPN}/magic \ + ${sysconfdir}/${BPN}/mime.types \ + ${sysconfdir}/${BPN}/extra/*" + +# We override here rather than append so that .so links are +# included in the runtime package rather than here (-dev) +# and to get build, icons, error into the -dev package +FILES:${PN}-dev = "${datadir}/${BPN}/build \ + ${datadir}/${BPN}/icons \ + ${datadir}/${BPN}/error \ + ${includedir}/${BPN} \ + ${bindir}/apxs \ + " + +# Add the manual to -doc +FILES:${PN}-doc += " ${datadir}/${BPN}/manual" + +FILES:${PN}-scripts += "${bindir}/dbmmanage" + +# Override this too - here is the default, less datadir +FILES:${PN} = "${bindir} ${sbindir} ${libexecdir} ${libdir} \ + ${sysconfdir} ${libdir}/${BPN}" + +# We want htdocs and cgi-bin to go with the binary +FILES:${PN} += "${datadir}/${BPN}/ ${libdir}/cgi-bin" + +FILES:${PN}-dbg += "${libdir}/${BPN}/modules/.debug" + +RDEPENDS:${PN} += "openssl libgcc" +RDEPENDS:${PN}-scripts += "perl ${PN}" +RDEPENDS:${PN}-dev = "perl" + +BBCLASSEXTEND = "native" + +pkg_postinst:${PN}() { + if [ -z "$D" ]; then + if type systemd-tmpfiles >/dev/null; then + systemd-tmpfiles --create + elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then + ${sysconfdir}/init.d/populate-volatile.sh update + fi + fi +} diff --git a/poky/README.OE-Core.md b/poky/README.OE-Core.md index 521916cd4f..2f2127fb03 100644 --- a/poky/README.OE-Core.md +++ b/poky/README.OE-Core.md @@ -6,24 +6,24 @@ of OpenEmbedded. It is distro-less (can build a functional image with DISTRO = "nodistro") and contains only emulated machine support. For information about OpenEmbedded, see the OpenEmbedded website: - http://www.openembedded.org/ + https://www.openembedded.org/ The Yocto Project has extensive documentation about OE including a reference manual which can be found at: - http://yoctoproject.org/documentation + https://docs.yoctoproject.org/ Contributing ------------ Please refer to -http://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded +https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded for guidelines on how to submit patches. Mailing list: - http://lists.openembedded.org/mailman/listinfo/openembedded-core + https://lists.openembedded.org/g/openembedded-core Source code: - http://git.openembedded.org/openembedded-core/ + https://git.openembedded.org/openembedded-core/ diff --git a/poky/bitbake/lib/bb/fetch2/npm.py b/poky/bitbake/lib/bb/fetch2/npm.py index e497c38dc7..b3a3a444ee 100644 --- a/poky/bitbake/lib/bb/fetch2/npm.py +++ b/poky/bitbake/lib/bb/fetch2/npm.py @@ -72,23 +72,19 @@ def npm_unpack(tarball, destdir, d): cmd += " --delay-directory-restore" cmd += " --strip-components=1" runfetchcmd(cmd, d, workdir=destdir) - runfetchcmd("chmod -R +X %s" % (destdir), d, quiet=True, workdir=destdir) + runfetchcmd("chmod -R +X '%s'" % (destdir), d, quiet=True, workdir=destdir) class NpmEnvironment(object): """ Using a npm config file seems more reliable than using cli arguments. This class allows to create a controlled environment for npm commands. """ - def __init__(self, d, configs=None, npmrc=None): + def __init__(self, d, configs=[], npmrc=None): self.d = d - if configs: - self.user_config = tempfile.NamedTemporaryFile(mode="w", buffering=1) - self.user_config_name = self.user_config.name - for key, value in configs: - self.user_config.write("%s=%s\n" % (key, value)) - else: - self.user_config_name = "/dev/null" + self.user_config = tempfile.NamedTemporaryFile(mode="w", buffering=1) + for key, value in configs: + self.user_config.write("%s=%s\n" % (key, value)) if npmrc: self.global_config_name = npmrc @@ -109,7 +105,7 @@ class NpmEnvironment(object): workdir = tmpdir def _run(cmd): - cmd = "NPM_CONFIG_USERCONFIG=%s " % (self.user_config_name) + cmd + cmd = "NPM_CONFIG_USERCONFIG=%s " % (self.user_config.name) + cmd cmd = "NPM_CONFIG_GLOBALCONFIG=%s " % (self.global_config_name) + cmd return runfetchcmd(cmd, d, workdir=workdir) diff --git a/poky/bitbake/lib/bb/process.py b/poky/bitbake/lib/bb/process.py index d5a1775fce..af5d804a1d 100644 --- a/poky/bitbake/lib/bb/process.py +++ b/poky/bitbake/lib/bb/process.py @@ -60,7 +60,7 @@ class Popen(subprocess.Popen): "close_fds": True, "preexec_fn": subprocess_setup, "stdout": subprocess.PIPE, - "stderr": subprocess.STDOUT, + "stderr": subprocess.PIPE, "stdin": subprocess.PIPE, "shell": False, } diff --git a/poky/bitbake/lib/bb/tests/fetch.py b/poky/bitbake/lib/bb/tests/fetch.py index a85ebdf425..34f3a4f6a9 100644 --- a/poky/bitbake/lib/bb/tests/fetch.py +++ b/poky/bitbake/lib/bb/tests/fetch.py @@ -1378,9 +1378,6 @@ class FetchCheckStatusTest(FetcherTest): "https://downloads.yoctoproject.org/releases/opkg/opkg-0.1.7.tar.gz", "https://downloads.yoctoproject.org/releases/opkg/opkg-0.3.0.tar.gz", "ftp://sourceware.org/pub/libffi/libffi-1.20.tar.gz", - "http://ftp.gnu.org/gnu/autoconf/autoconf-2.60.tar.gz", - "https://ftp.gnu.org/gnu/chess/gnuchess-5.08.tar.gz", - "https://ftp.gnu.org/gnu/gmp/gmp-4.0.tar.gz", # GitHub releases are hosted on Amazon S3, which doesn't support HEAD "https://github.com/kergoth/tslib/releases/download/1.1/tslib-1.1.tar.xz" ] diff --git a/poky/bitbake/lib/bb/utils.py b/poky/bitbake/lib/bb/utils.py index d890ea832e..1a51589704 100644 --- a/poky/bitbake/lib/bb/utils.py +++ b/poky/bitbake/lib/bb/utils.py @@ -16,7 +16,8 @@ import bb.msg import multiprocessing import fcntl import importlib -from importlib import machinery +import importlib.machinery +import importlib.util import itertools import subprocess import glob @@ -1620,7 +1621,9 @@ def load_plugins(logger, plugins, pluginpath): logger.debug('Loading plugin %s' % name) spec = importlib.machinery.PathFinder.find_spec(name, path=[pluginpath] ) if spec: - return spec.loader.load_module() + mod = importlib.util.module_from_spec(spec) + spec.loader.exec_module(mod) + return mod logger.debug('Loading plugins from %s...' % pluginpath) diff --git a/poky/bitbake/lib/pyinotify.py b/poky/bitbake/lib/pyinotify.py index 6ae40a2d76..8c94b3e334 100644 --- a/poky/bitbake/lib/pyinotify.py +++ b/poky/bitbake/lib/pyinotify.py @@ -52,7 +52,6 @@ from collections import deque from datetime import datetime, timedelta import time import re -import asyncore import glob import locale import subprocess @@ -1475,35 +1474,6 @@ class ThreadedNotifier(threading.Thread, Notifier): self.loop() -class AsyncNotifier(asyncore.file_dispatcher, Notifier): - """ - This notifier inherits from asyncore.file_dispatcher in order to be able to - use pyinotify along with the asyncore framework. - - """ - def __init__(self, watch_manager, default_proc_fun=None, read_freq=0, - threshold=0, timeout=None, channel_map=None): - """ - Initializes the async notifier. The only additional parameter is - 'channel_map' which is the optional asyncore private map. See - Notifier class for the meaning of the others parameters. - - """ - Notifier.__init__(self, watch_manager, default_proc_fun, read_freq, - threshold, timeout) - asyncore.file_dispatcher.__init__(self, self._fd, channel_map) - - def handle_read(self): - """ - When asyncore tells us we can read from the fd, we proceed processing - events. This method can be overridden for handling a notification - differently. - - """ - self.read_events() - self.process_events() - - class TornadoAsyncNotifier(Notifier): """ Tornado ioloop adapter. diff --git a/poky/documentation/conf.py b/poky/documentation/conf.py index eff758a7b1..ef369b7f18 100644 --- a/poky/documentation/conf.py +++ b/poky/documentation/conf.py @@ -16,7 +16,7 @@ import os import sys import datetime -current_version = "3.4" +current_version = "3.4.1" bitbake_version = "1.52" # String used in sidebar diff --git a/poky/documentation/poky.yaml b/poky/documentation/poky.yaml index 392e3bd63b..11e209e307 100644 --- a/poky/documentation/poky.yaml +++ b/poky/documentation/poky.yaml @@ -1,12 +1,12 @@ -DISTRO : "3.4" +DISTRO : "3.4.1" DISTRO_NAME_NO_CAP : "honister" DISTRO_NAME : "Honister" DISTRO_NAME_NO_CAP_MINUS_ONE : "hardknott" DISTRO_NAME_NO_CAP_LTS : "dunfell" -YOCTO_DOC_VERSION : "3.4" +YOCTO_DOC_VERSION : "3.4.1" YOCTO_DOC_VERSION_MINUS_ONE : "3.3.4" -DISTRO_REL_TAG : "yocto-3.4" -POKYVERSION : "26.0.0" +DISTRO_REL_TAG : "yocto-3.4.1" +POKYVERSION : "26.0.1" YOCTO_POKY : "poky-&DISTRO_NAME_NO_CAP;-&POKYVERSION;" YOCTO_DL_URL : "https://downloads.yoctoproject.org" YOCTO_AB_URL : "https://autobuilder.yoctoproject.org" diff --git a/poky/documentation/ref-manual/tasks.rst b/poky/documentation/ref-manual/tasks.rst index 4edae33392..2438c023b4 100644 --- a/poky/documentation/ref-manual/tasks.rst +++ b/poky/documentation/ref-manual/tasks.rst @@ -326,21 +326,19 @@ file as a patch file:: file://file;apply=yes \ " -Conversely, if you have a directory full of patch files and you want to -exclude some so that the ``do_patch`` task does not apply them during -the patch phase, you can use the "apply=no" parameter with the +Conversely, if you have a file whose file type is ``.patch`` or ``.diff`` +and you want to exclude it so that the ``do_patch`` task does not apply +it during the patch phase, you can use the "apply=no" parameter with the :term:`SRC_URI` statement:: SRC_URI = " \ git://path_to_repo/some_package \ - file://path_to_lots_of_patch_files \ - file://path_to_lots_of_patch_files/patch_file5;apply=no \ + file://file1.patch \ + file://file2.patch;apply=no \ " -In the -previous example, assuming all the files in the directory holding the -patch files end with either ``.patch`` or ``.diff``, every file would be -applied as a patch by default except for the ``patch_file5`` patch. +In the previous example ``file1.patch`` would be applied as a patch by default +while ``file2.patch`` would not be applied. You can find out more about the patching process in the ":ref:`overview-manual/concepts:patching`" section in diff --git a/poky/documentation/releases.rst b/poky/documentation/releases.rst index a6c9a47b86..16ecbf712d 100644 --- a/poky/documentation/releases.rst +++ b/poky/documentation/releases.rst @@ -4,6 +4,13 @@ Supported Release Manuals =========================== +***************************** +Release Series 3.4 (honister) +***************************** + +- :yocto_docs:`3.4 Documentation ` +- :yocto_docs:`3.4.1 Documentation ` + ****************************** Release Series 3.3 (hardknott) ****************************** @@ -30,6 +37,7 @@ Release Series 3.1 (dunfell) - :yocto_docs:`3.1.9 Documentation ` - :yocto_docs:`3.1.10 Documentation ` - :yocto_docs:`3.1.11 Documentation ` +- :yocto_docs:`3.1.12 Documentation ` ========================== Outdated Release Manuals diff --git a/poky/documentation/sphinx-static/switchers.js b/poky/documentation/sphinx-static/switchers.js index b15f5b3c1b..056a8926ba 100644 --- a/poky/documentation/sphinx-static/switchers.js +++ b/poky/documentation/sphinx-static/switchers.js @@ -3,10 +3,10 @@ var all_versions = { 'dev': 'dev (3.5)', - '3.4': '3.4', + '3.4.1': '3.4.1', '3.3.4': '3.3.4', '3.2.4': '3.2.4', - '3.1.11': '3.1.11', + '3.1.12': '3.1.12', '3.0.4': '3.0.4', '2.7.4': '2.7.4', }; diff --git a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend index a7ef143dc9..9928466b27 100644 --- a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend +++ b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend @@ -7,8 +7,8 @@ KMACHINE:genericx86 ?= "common-pc" KMACHINE:genericx86-64 ?= "common-pc-64" KMACHINE:beaglebone-yocto ?= "beaglebone" -SRCREV_machine:genericx86 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4" -SRCREV_machine:genericx86-64 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4" +SRCREV_machine:genericx86 ?= "4f2bb635ea267e71f112fd11323c1d3a2f2b85d0" +SRCREV_machine:genericx86-64 ?= "4f2bb635ea267e71f112fd11323c1d3a2f2b85d0" SRCREV_machine:edgerouter ?= "4ab94e777d8b41ee1ee4c279259e9733bc8049b1" SRCREV_machine:beaglebone-yocto ?= "941cc9c3849f96f7eaf109b1e35e05ba366aca56" @@ -17,7 +17,7 @@ COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64" COMPATIBLE_MACHINE:edgerouter = "edgerouter" COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto" -LINUX_VERSION:genericx86 = "5.10.63" -LINUX_VERSION:genericx86-64 = "5.10.63" +LINUX_VERSION:genericx86 = "5.10.87" +LINUX_VERSION:genericx86-64 = "5.10.87" LINUX_VERSION:edgerouter = "5.10.63" LINUX_VERSION:beaglebone-yocto = "5.10.63" diff --git a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.14.bbappend b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.14.bbappend index 52371ff66a..af4a7392f0 100644 --- a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.14.bbappend +++ b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.14.bbappend @@ -7,8 +7,8 @@ KMACHINE:genericx86 ?= "common-pc" KMACHINE:genericx86-64 ?= "common-pc-64" KMACHINE:beaglebone-yocto ?= "beaglebone" -SRCREV_machine:genericx86 ?= "7ae156be3bdbf033839f7f3ec2e9a0ffffb18818" -SRCREV_machine:genericx86-64 ?= "7ae156be3bdbf033839f7f3ec2e9a0ffffb18818" +SRCREV_machine:genericx86 ?= "9d5572038eacda2e2a86e3f743f35ec415319fb4" +SRCREV_machine:genericx86-64 ?= "9d5572038eacda2e2a86e3f743f35ec415319fb4" SRCREV_machine:edgerouter ?= "7ae156be3bdbf033839f7f3ec2e9a0ffffb18818" SRCREV_machine:beaglebone-yocto ?= "7ae156be3bdbf033839f7f3ec2e9a0ffffb18818" @@ -17,7 +17,7 @@ COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64" COMPATIBLE_MACHINE:edgerouter = "edgerouter" COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto" -LINUX_VERSION:genericx86 = "5.14.6" -LINUX_VERSION:genericx86-64 = "5.14.6" +LINUX_VERSION:genericx86 = "5.14.21" +LINUX_VERSION:genericx86-64 = "5.14.21" LINUX_VERSION:edgerouter = "5.14.6" LINUX_VERSION:beaglebone-yocto = "5.14.6" diff --git a/poky/meta/classes/buildhistory.bbclass b/poky/meta/classes/buildhistory.bbclass index 7c44fec2d1..810c4fae73 100644 --- a/poky/meta/classes/buildhistory.bbclass +++ b/poky/meta/classes/buildhistory.bbclass @@ -979,23 +979,19 @@ def write_latest_srcrev(d, pkghistdir): value = value.replace('"', '').strip() old_tag_srcrevs[key] = value with open(srcrevfile, 'w') as f: - orig_srcrev = d.getVar('SRCREV', False) or 'INVALID' - if orig_srcrev != 'INVALID': - f.write('# SRCREV = "%s"\n' % orig_srcrev) - if len(srcrevs) > 1: - for name, srcrev in sorted(srcrevs.items()): - orig_srcrev = d.getVar('SRCREV_%s' % name, False) - if orig_srcrev: - f.write('# SRCREV_%s = "%s"\n' % (name, orig_srcrev)) - f.write('SRCREV_%s = "%s"\n' % (name, srcrev)) - else: - f.write('SRCREV = "%s"\n' % next(iter(srcrevs.values()))) - if len(tag_srcrevs) > 0: - for name, srcrev in sorted(tag_srcrevs.items()): - f.write('# tag_%s = "%s"\n' % (name, srcrev)) - if name in old_tag_srcrevs and old_tag_srcrevs[name] != srcrev: - pkg = d.getVar('PN') - bb.warn("Revision for tag %s in package %s was changed since last build (from %s to %s)" % (name, pkg, old_tag_srcrevs[name], srcrev)) + for name, srcrev in sorted(srcrevs.items()): + suffix = "_" + name + if name == "default": + suffix = "" + orig_srcrev = d.getVar('SRCREV%s' % suffix, False) + if orig_srcrev: + f.write('# SRCREV%s = "%s"\n' % (suffix, orig_srcrev)) + f.write('SRCREV%s = "%s"\n' % (suffix, srcrev)) + for name, srcrev in sorted(tag_srcrevs.items()): + f.write('# tag_%s = "%s"\n' % (name, srcrev)) + if name in old_tag_srcrevs and old_tag_srcrevs[name] != srcrev: + pkg = d.getVar('PN') + bb.warn("Revision for tag %s in package %s was changed since last build (from %s to %s)" % (name, pkg, old_tag_srcrevs[name], srcrev)) else: if os.path.exists(srcrevfile): diff --git a/poky/meta/classes/crate-fetch.bbclass b/poky/meta/classes/crate-fetch.bbclass index c0ed434a96..a7fa22b2a0 100644 --- a/poky/meta/classes/crate-fetch.bbclass +++ b/poky/meta/classes/crate-fetch.bbclass @@ -7,7 +7,22 @@ # crate:/// # -python () { - import crate - bb.fetch2.methods.append( crate.Crate() ) +def import_crate(d): + import crate + if not getattr(crate, 'imported', False): + bb.fetch2.methods.append(crate.Crate()) + crate.imported = True + +python crate_import_handler() { + import_crate(d) } + +addhandler crate_import_handler +crate_import_handler[eventmask] = "bb.event.RecipePreFinalise" + +def crate_get_srcrev(d): + import_crate(d) + return bb.fetch2.get_srcrev(d) + +# Override SRCPV to make sure it imports the fetcher first +SRCPV = "${@crate_get_srcrev(d)}" diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass index 70d1988a70..6c04ff9f09 100644 --- a/poky/meta/classes/cve-check.bbclass +++ b/poky/meta/classes/cve-check.bbclass @@ -111,6 +111,7 @@ python do_cve_check () { } addtask cve_check before do_build after do_fetch +do_cve_check[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}" do_cve_check[depends] = "cve-update-db-native:do_fetch" do_cve_check[nostamp] = "1" diff --git a/poky/meta/classes/license.bbclass b/poky/meta/classes/license.bbclass index 45d912741d..7a34e185c7 100644 --- a/poky/meta/classes/license.bbclass +++ b/poky/meta/classes/license.bbclass @@ -145,6 +145,10 @@ def find_license_files(d): find_license(node.s.replace("+", "").replace("*", "")) self.generic_visit(node) + def visit_Constant(self, node): + find_license(node.value.replace("+", "").replace("*", "")) + self.generic_visit(node) + def find_license(license_type): try: bb.utils.mkdirhier(gen_lic_dest) diff --git a/poky/meta/classes/meson.bbclass b/poky/meta/classes/meson.bbclass index 4ba70de3dc..a7981e481f 100644 --- a/poky/meta/classes/meson.bbclass +++ b/poky/meta/classes/meson.bbclass @@ -36,8 +36,15 @@ MESON_CROSS_FILE = "" MESON_CROSS_FILE:class-target = "--cross-file ${WORKDIR}/meson.cross" MESON_CROSS_FILE:class-nativesdk = "--cross-file ${WORKDIR}/meson.cross" +def rust_tool(d, target_var): + rustc = d.getVar('RUSTC') + if not rustc: + return "" + cmd = [rustc, "--target", d.getVar(target_var)] + d.getVar("RUSTFLAGS").split() + return "rust = %s" % repr(cmd) + addtask write_config before do_configure -do_write_config[vardeps] += "CC CXX LD AR NM STRIP READELF CFLAGS CXXFLAGS LDFLAGS" +do_write_config[vardeps] += "CC CXX LD AR NM STRIP READELF CFLAGS CXXFLAGS LDFLAGS RUSTC RUSTFLAGS" do_write_config() { # This needs to be Py to split the args into single-element lists cat >${WORKDIR}/meson.cross < ${UBOOT_IMAGE} + + if [ -n "${UBOOT_CONFIG}" ] + then + for config in ${UBOOT_MACHINE}; do + i=$(expr $i + 1); + for type in ${UBOOT_CONFIG}; do + j=$(expr $j + 1); + if [ $j -eq $i ] + then + cp ${UBOOT_IMAGE} ${B}/${CONFIG_B_PATH}/u-boot-$type.${UBOOT_SUFFIX} + fi + done + done + fi else bbwarn "Failure while adding public key to u-boot binary. Verified boot won't be available." fi @@ -205,7 +219,7 @@ install_helper() { fi } -# Install SPL dtb and u-boot nodtb to datadir, +# Install SPL dtb and u-boot nodtb to datadir, install_spl_helper() { if [ -f "${SPL_DIR}/${SPL_DTB_BINARY}" ]; then install -Dm 0644 ${SPL_DIR}/${SPL_DTB_BINARY} ${D}${datadir}/${SPL_DTB_IMAGE} diff --git a/poky/meta/conf/distro/include/cve-extra-exclusions.inc b/poky/meta/conf/distro/include/cve-extra-exclusions.inc index a6f52b5de7..e02a4d1fde 100644 --- a/poky/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/poky/meta/conf/distro/include/cve-extra-exclusions.inc @@ -44,7 +44,14 @@ CVE_CHECK_WHITELIST += "CVE-2010-4756" # exposing this interface in an exploitable way CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511" - +# db +# Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with +# supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed. +CVE_CHECK_WHITELIST += "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-2015-2654 \ +CVE-2015-2656 CVE-2015-4754 CVE-2015-4764 CVE-2015-4774 CVE-2015-4775 CVE-2015-4776 CVE-2015-4777 \ +CVE-2015-4778 CVE-2015-4779 CVE-2015-4780 CVE-2015-4781 CVE-2015-4782 CVE-2015-4783 CVE-2015-4784 \ +CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \ +CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981" #### CPE update pending #### diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc index 8592de5a66..b3b7711a0c 100644 --- a/poky/meta/conf/distro/include/maintainers.inc +++ b/poky/meta/conf/distro/include/maintainers.inc @@ -659,7 +659,7 @@ RECIPE_MAINTAINER:pn-ruby = "Ross Burton " RECIPE_MAINTAINER:pn-run-postinsts = "Ross Burton " RECIPE_MAINTAINER:pn-rust = "Randy MacLeod " RECIPE_MAINTAINER:pn-rustfmt = "Randy MacLeod " -RECIPE_MAINTAINER:pn-rust-cross-${TARGET_ARCH} = "Randy MacLeod " +RECIPE_MAINTAINER:pn-rust-cross-${TUNE_PKGARCH}-${TCLIBC} = "Randy MacLeod " RECIPE_MAINTAINER:pn-rust-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Randy MacLeod " RECIPE_MAINTAINER:pn-rust-hello-world = "Randy MacLeod " RECIPE_MAINTAINER:pn-rust-llvm = "Randy MacLeod " diff --git a/poky/meta/lib/oe/license.py b/poky/meta/lib/oe/license.py index 665d32ecbb..b5d378a549 100644 --- a/poky/meta/lib/oe/license.py +++ b/poky/meta/lib/oe/license.py @@ -74,6 +74,9 @@ class FlattenVisitor(LicenseVisitor): def visit_Str(self, node): self.licenses.append(node.s) + def visit_Constant(self, node): + self.licenses.append(node.value) + def visit_BinOp(self, node): if isinstance(node.op, ast.BitOr): left = FlattenVisitor(self.choose_licenses) @@ -227,6 +230,9 @@ class ListVisitor(LicenseVisitor): def visit_Str(self, node): self.licenses.add(node.s) + def visit_Constant(self, node): + self.licenses.add(node.value) + def list_licenses(licensestr): """Simply get a list of all licenses mentioned in a license string. Binary operators are not applied or taken into account in any way""" diff --git a/poky/meta/lib/oe/packagedata.py b/poky/meta/lib/oe/packagedata.py index 02c81e5a52..212f048bc6 100644 --- a/poky/meta/lib/oe/packagedata.py +++ b/poky/meta/lib/oe/packagedata.py @@ -19,7 +19,7 @@ def read_pkgdatafile(fn): import re with open(fn, 'r') as f: lines = f.readlines() - r = re.compile("(^.+?):\s+(.*)") + r = re.compile(r"(^.+?):\s+(.*)") for l in lines: m = r.match(l) if m: diff --git a/poky/meta/lib/oe/patch.py b/poky/meta/lib/oe/patch.py index fccbedb519..950fe723dc 100644 --- a/poky/meta/lib/oe/patch.py +++ b/poky/meta/lib/oe/patch.py @@ -4,6 +4,7 @@ import oe.path import oe.types +import subprocess class NotFoundError(bb.BBHandledException): def __init__(self, path): @@ -25,7 +26,6 @@ class CmdError(bb.BBHandledException): def runcmd(args, dir = None): import pipes - import subprocess if dir: olddir = os.path.abspath(os.curdir) @@ -56,6 +56,7 @@ def runcmd(args, dir = None): if dir: os.chdir(olddir) + class PatchError(Exception): def __init__(self, msg): self.msg = msg @@ -298,6 +299,19 @@ class GitApplyTree(PatchTree): PatchTree.__init__(self, dir, d) self.commituser = d.getVar('PATCH_GIT_USER_NAME') self.commitemail = d.getVar('PATCH_GIT_USER_EMAIL') + if not self._isInitialized(): + self._initRepo() + + def _isInitialized(self): + cmd = "git rev-parse --show-toplevel" + (status, output) = subprocess.getstatusoutput(cmd.split()) + ## Make sure repo is in builddir to not break top-level git repos + return status == 0 and os.path.samedir(output, self.dir) + + def _initRepo(self): + runcmd("git init".split(), self.dir) + runcmd("git add .".split(), self.dir) + runcmd("git commit -a --allow-empty -m Patching_started".split(), self.dir) @staticmethod def extractPatchHeader(patchfile): diff --git a/poky/meta/lib/oe/reproducible.py b/poky/meta/lib/oe/reproducible.py index 204b9bd734..0938e4cb39 100644 --- a/poky/meta/lib/oe/reproducible.py +++ b/poky/meta/lib/oe/reproducible.py @@ -41,7 +41,7 @@ def find_git_folder(d, sourcedir): for root, dirs, files in os.walk(workdir, topdown=True): dirs[:] = [d for d in dirs if d not in exclude] if '.git' in dirs: - return root + return os.path.join(root, ".git") bb.warn("Failed to find a git repository in WORKDIR: %s" % workdir) return None diff --git a/poky/meta/lib/oe/sdk.py b/poky/meta/lib/oe/sdk.py index 37b59afd1a..27347667e8 100644 --- a/poky/meta/lib/oe/sdk.py +++ b/poky/meta/lib/oe/sdk.py @@ -115,6 +115,10 @@ def sdk_list_installed_packages(d, target, rootfs_dir=None): rootfs_dir = [sdk_output, os.path.join(sdk_output, target_path)][target is True] + if target is False: + ipkgconf_sdk_target = d.getVar("IPKGCONF_SDK") + d.setVar("IPKGCONF_TARGET", ipkgconf_sdk_target) + img_type = d.getVar('IMAGE_PKGTYPE') import importlib cls = importlib.import_module('oe.package_manager.' + img_type) diff --git a/poky/meta/lib/oeqa/runtime/cases/parselogs.py b/poky/meta/lib/oeqa/runtime/cases/parselogs.py index 50101b7851..b81acdd18a 100644 --- a/poky/meta/lib/oeqa/runtime/cases/parselogs.py +++ b/poky/meta/lib/oeqa/runtime/cases/parselogs.py @@ -303,7 +303,7 @@ class ParseLogsTest(OERuntimeTestCase): grepcmd = 'grep ' grepcmd += '-Ei "' for error in errors: - grepcmd += '\<' + error + '\>' + '|' + grepcmd += r'\<' + error + r'\>' + '|' grepcmd = grepcmd[:-1] grepcmd += '" ' + str(log) + " | grep -Eiv \'" @@ -314,13 +314,13 @@ class ParseLogsTest(OERuntimeTestCase): errorlist = ignore_errors['default'] for ignore_error in errorlist: - ignore_error = ignore_error.replace('(', '\(') - ignore_error = ignore_error.replace(')', '\)') + ignore_error = ignore_error.replace('(', r'\(') + ignore_error = ignore_error.replace(')', r'\)') ignore_error = ignore_error.replace("'", '.') - ignore_error = ignore_error.replace('?', '\?') - ignore_error = ignore_error.replace('[', '\[') - ignore_error = ignore_error.replace(']', '\]') - ignore_error = ignore_error.replace('*', '\*') + ignore_error = ignore_error.replace('?', r'\?') + ignore_error = ignore_error.replace('[', r'\[') + ignore_error = ignore_error.replace(']', r'\]') + ignore_error = ignore_error.replace('*', r'\*') ignore_error = ignore_error.replace('0-9', '[0-9]') grepcmd += ignore_error + '|' grepcmd = grepcmd[:-1] diff --git a/poky/meta/lib/oeqa/selftest/cases/bbtests.py b/poky/meta/lib/oeqa/selftest/cases/bbtests.py index 6562364074..31962b92d7 100644 --- a/poky/meta/lib/oeqa/selftest/cases/bbtests.py +++ b/poky/meta/lib/oeqa/selftest/cases/bbtests.py @@ -163,7 +163,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\" """) self.track_for_cleanup(os.path.join(self.builddir, "download-selftest")) - data = 'SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"' + data = 'SRC_URI = "https://downloads.yoctoproject.org/mirror/sources/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"' self.write_recipeinc('aspell', data) result = bitbake('-f -c fetch aspell', ignore_status=True) self.delete_recipeinc('aspell') @@ -300,3 +300,18 @@ INHERIT:remove = \"report-error\" test_recipe_summary_after = get_bb_var('SUMMARY', test_recipe) self.assertEqual(expected_recipe_summary, test_recipe_summary_after) + + def test_git_patchtool(self): + """ PATCHTOOL=git should work with non-git sources like tarballs + test recipe for the test must NOT containt git:// repository in SRC_URI + """ + test_recipe = "man-db" + self.write_recipeinc(test_recipe, 'PATCHTOOL=\"git\"') + src = get_bb_var("SRC_URI",test_recipe) + gitscm = re.search("git://", src) + self.assertFalse(gitscm, "test_git_patchtool pre-condition failed: {} test recipe contains git repo!".format(test_recipe)) + result = bitbake('man-db -c patch', ignore_status=False) + fatal = re.search("fatal: not a git repository (or any of the parent directories)", result.output) + self.assertFalse(fatal, "Failed to patch using PATCHTOOL=\"git\"") + self.delete_recipeinc(test_recipe) + bitbake('-cclean man-db') diff --git a/poky/meta/lib/oeqa/selftest/cases/devtool.py b/poky/meta/lib/oeqa/selftest/cases/devtool.py index d2b31af80e..a2b4d7f7d1 100644 --- a/poky/meta/lib/oeqa/selftest/cases/devtool.py +++ b/poky/meta/lib/oeqa/selftest/cases/devtool.py @@ -442,6 +442,7 @@ class DevtoolAddTests(DevtoolBase): tempdir = tempfile.mkdtemp(prefix='devtoolqa') self.track_for_cleanup(tempdir) url = 'gitsm://git.yoctoproject.org/mraa' + url_branch = '%s;branch=master' % url checkrev = 'ae127b19a50aa54255e4330ccfdd9a5d058e581d' testrecipe = 'mraa' srcdir = os.path.join(tempdir, testrecipe) @@ -462,7 +463,7 @@ class DevtoolAddTests(DevtoolBase): checkvars = {} checkvars['S'] = '${WORKDIR}/git' checkvars['PV'] = '1.0+git${SRCPV}' - checkvars['SRC_URI'] = url + checkvars['SRC_URI'] = url_branch checkvars['SRCREV'] = '${AUTOREV}' self._test_recipe_contents(recipefile, checkvars, []) # Try with revision and version specified @@ -481,7 +482,7 @@ class DevtoolAddTests(DevtoolBase): checkvars = {} checkvars['S'] = '${WORKDIR}/git' checkvars['PV'] = '1.5+git${SRCPV}' - checkvars['SRC_URI'] = url + checkvars['SRC_URI'] = url_branch checkvars['SRCREV'] = checkrev self._test_recipe_contents(recipefile, checkvars, []) diff --git a/poky/meta/lib/oeqa/selftest/cases/sstatetests.py b/poky/meta/lib/oeqa/selftest/cases/sstatetests.py index 7e0ed0dac1..4b8669e9d3 100644 --- a/poky/meta/lib/oeqa/selftest/cases/sstatetests.py +++ b/poky/meta/lib/oeqa/selftest/cases/sstatetests.py @@ -347,7 +347,7 @@ TCLIBCAPPEND = \"\" MACHINE = \"qemuarm\" BB_SIGNATURE_HANDLER = "OEBasicHash" """ - self.sstate_allarch_samesigs(configA, configB) + self.sstate_common_samesigs(configA, configB, allarch=True) def test_sstate_nativesdk_samesigs_multilib(self): """ @@ -371,9 +371,9 @@ require conf/multilib.conf MULTILIBS = \"\" BB_SIGNATURE_HANDLER = "OEBasicHash" """ - self.sstate_allarch_samesigs(configA, configB) + self.sstate_common_samesigs(configA, configB) - def sstate_allarch_samesigs(self, configA, configB): + def sstate_common_samesigs(self, configA, configB, allarch=False): self.write_config(configA) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash") @@ -401,6 +401,13 @@ BB_SIGNATURE_HANDLER = "OEBasicHash" self.maxDiff = None self.assertEqual(files1, files2) + if allarch: + allarchdir = os.path.basename(glob.glob(self.topdir + "/tmp-sstatesamehash/stamps/all-*-linux")[0]) + + files1 = get_files(self.topdir + "/tmp-sstatesamehash/stamps/" + allarchdir) + files2 = get_files(self.topdir + "/tmp-sstatesamehash2/stamps/" + allarchdir) + self.assertEqual(files1, files2) + def test_sstate_sametune_samesigs(self): """ The sstate checksums of two identical machines (using the same tune) should be the diff --git a/poky/meta/lib/oeqa/utils/dump.py b/poky/meta/lib/oeqa/utils/dump.py index bb067f4846..dc8757807e 100644 --- a/poky/meta/lib/oeqa/utils/dump.py +++ b/poky/meta/lib/oeqa/utils/dump.py @@ -134,4 +134,4 @@ class MonitorDumper(BaseDumper): output = self.runner.run_monitor(cmd_name) self._write_dump(cmd_name, output) except Exception as e: - print("Failed to dump QMP CMD: %s with\nExecption: %s" % (cmd_name, e)) + print("Failed to dump QMP CMD: %s with\nException: %s" % (cmd_name, e)) diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch b/poky/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch new file mode 100644 index 0000000000..dae26fd8bb --- /dev/null +++ b/poky/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch @@ -0,0 +1,49 @@ +From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001 +From: Michael Chang +Date: Fri, 3 Dec 2021 16:13:28 +0800 +Subject: [PATCH] grub-mkconfig: Restore umask for the grub.cfg + +The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating +configuration by grub-mkconfig) has inadvertently discarded umask for +creating grub.cfg in the process of running grub-mkconfig. The resulting +wrong permission (0644) would allow unprivileged users to read GRUB +configuration file content. This presents a low confidentiality risk +as grub.cfg may contain non-secured plain-text passwords. + +This patch restores the missing umask and sets the creation file mode +to 0600 preventing unprivileged access. + +Fixes: CVE-2021-3981 + +Signed-off-by: Michael Chang +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport +CVE: CVE-2021-3981 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0adec29674561034771c13e446069b41ef41e4d4 + +Signed-off-by: Yongxin Liu +--- + util/grub-mkconfig.in | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in +index c3ea7612e..62335d027 100644 +--- a/util/grub-mkconfig.in ++++ b/util/grub-mkconfig.in +@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with + exit 1 + else + # none of the children aborted with error, install the new grub.cfg ++ oldumask=$(umask) ++ umask 077 + cat ${grub_cfg}.new > ${grub_cfg} ++ umask $oldumask + rm -f ${grub_cfg}.new + fi + fi +-- +2.31.1 + diff --git a/poky/meta/recipes-bsp/grub/grub2.inc b/poky/meta/recipes-bsp/grub/grub2.inc index bb791347dc..a72a562c5a 100644 --- a/poky/meta/recipes-bsp/grub/grub2.inc +++ b/poky/meta/recipes-bsp/grub/grub2.inc @@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \ file://determinism.patch \ file://0001-RISC-V-Restore-the-typcast-to-long.patch \ + file://CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch \ " SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f" diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.20/CVE-2021-25219-1.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.20/CVE-2021-25219-1.patch new file mode 100644 index 0000000000..f63c333264 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.20/CVE-2021-25219-1.patch @@ -0,0 +1,76 @@ +From 011e9418ce9bb25675de6ac8d47536efedeeb312 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= +Date: Fri, 24 Sep 2021 09:35:11 +0200 +Subject: [PATCH] Disable lame-ttl cache + +The lame-ttl cache is implemented in ADB as per-server locked +linked-list "indexed" with . This list has to be walked +every time there's a new query or new record added into the lame cache. +Determined attacker can use this to degrade performance of the resolver. + +Resolver testing has shown that disabling the lame cache has little +impact on the resolver performance and it's a minimal viable defense +against this kind of attack. + +CVE: CVE-2021-25219 + +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/8fe18c0566c41228a568157287f5a44f96d37662] + +Signed-off-by: Mingli Yu +--- + bin/named/config.c | 2 +- + bin/named/server.c | 7 +++++-- + doc/arm/reference.rst | 6 +++--- + 3 files changed, 9 insertions(+), 6 deletions(-) + +diff --git a/bin/named/config.c b/bin/named/config.c +index fa8473db7c..b6453b814e 100644 +--- a/bin/named/config.c ++++ b/bin/named/config.c +@@ -151,7 +151,7 @@ options {\n\ + fetches-per-server 0;\n\ + fetches-per-zone 0;\n\ + glue-cache yes;\n\ +- lame-ttl 600;\n" ++ lame-ttl 0;\n" + #ifdef HAVE_LMDB + " lmdb-mapsize 32M;\n" + #endif /* ifdef HAVE_LMDB */ +diff --git a/bin/named/server.c b/bin/named/server.c +index 638703e8c2..35ad6a0b7f 100644 +--- a/bin/named/server.c ++++ b/bin/named/server.c +@@ -4806,8 +4806,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, + result = named_config_get(maps, "lame-ttl", &obj); + INSIST(result == ISC_R_SUCCESS); + lame_ttl = cfg_obj_asduration(obj); +- if (lame_ttl > 1800) { +- lame_ttl = 1800; ++ if (lame_ttl > 0) { ++ cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING, ++ "disabling lame cache despite lame-ttl > 0 as it " ++ "may cause performance issues"); ++ lame_ttl = 0; + } + dns_resolver_setlamettl(view->resolver, lame_ttl); + +diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst +index 3bc4439745..fea854f3d1 100644 +--- a/doc/arm/reference.rst ++++ b/doc/arm/reference.rst +@@ -3358,9 +3358,9 @@ Tuning + ^^^^^^ + + ``lame-ttl`` +- This sets the number of seconds to cache a lame server indication. 0 +- disables caching. (This is **NOT** recommended.) The default is +- ``600`` (10 minutes) and the maximum value is ``1800`` (30 minutes). ++ This is always set to 0. More information is available in the ++ `security advisory for CVE-2021-25219 ++ `_. + + ``servfail-ttl`` + This sets the number of seconds to cache a SERVFAIL response due to DNSSEC +-- +2.17.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.20/CVE-2021-25219-2.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.20/CVE-2021-25219-2.patch new file mode 100644 index 0000000000..1217f7f186 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.20/CVE-2021-25219-2.patch @@ -0,0 +1,65 @@ +From 117cf776a7add27ac6d236b4062258da0d068486 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= +Date: Mon, 15 Nov 2021 16:26:52 +0800 +Subject: [PATCH] Enable lame response detection even with disabled lame cache + +Previously, when lame cache would be disabled by setting lame-ttl to 0, +it would also disable lame answer detection. In this commit, we enable +the lame response detection even when the lame cache is disabled. This +enables stopping answer processing early rather than going through the +whole answer processing flow. + +CVE: CVE-2021-25219 + +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/e4931584a34bdd0a0d18e4d918fb853bf5296787] + +Signed-off-by: Mingli Yu +--- + lib/dns/resolver.c | 23 ++++++++++++----------- + 1 file changed, 12 insertions(+), 11 deletions(-) + +diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c +index 50fadc0..9291bd4 100644 +--- a/lib/dns/resolver.c ++++ b/lib/dns/resolver.c +@@ -10217,25 +10217,26 @@ rctx_badserver(respctx_t *rctx, isc_result_t result) { + */ + static isc_result_t + rctx_lameserver(respctx_t *rctx) { +- isc_result_t result; ++ isc_result_t result = ISC_R_SUCCESS; + fetchctx_t *fctx = rctx->fctx; + resquery_t *query = rctx->query; + +- if (fctx->res->lame_ttl == 0 || ISFORWARDER(query->addrinfo) || +- !is_lame(fctx, query->rmessage)) +- { ++ if (ISFORWARDER(query->addrinfo) || !is_lame(fctx, query->rmessage)) { + return (ISC_R_SUCCESS); + } + + inc_stats(fctx->res, dns_resstatscounter_lame); + log_lame(fctx, query->addrinfo); +- result = dns_adb_marklame(fctx->adb, query->addrinfo, &fctx->name, +- fctx->type, rctx->now + fctx->res->lame_ttl); +- if (result != ISC_R_SUCCESS) { +- isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER, +- DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR, +- "could not mark server as lame: %s", +- isc_result_totext(result)); ++ if (fctx->res->lame_ttl != 0) { ++ result = dns_adb_marklame(fctx->adb, query->addrinfo, ++ &fctx->name, fctx->type, ++ rctx->now + fctx->res->lame_ttl); ++ if (result != ISC_R_SUCCESS) { ++ isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER, ++ DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR, ++ "could not mark server as lame: %s", ++ isc_result_totext(result)); ++ } + } + rctx->broken_server = DNS_R_LAME; + rctx->next_server = true; +-- +2.17.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind_9.16.20.bb b/poky/meta/recipes-connectivity/bind/bind_9.16.20.bb index ddf323fb9c..0ba0a46b15 100644 --- a/poky/meta/recipes-connectivity/bind/bind_9.16.20.bb +++ b/poky/meta/recipes-connectivity/bind/bind_9.16.20.bb @@ -18,6 +18,8 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ file://0001-avoid-start-failure-with-bind-user.patch \ + file://CVE-2021-25219-1.patch \ + file://CVE-2021-25219-2.patch \ " SRC_URI[sha256sum] = "4d0d93c0d0b63080609e84625f24ff8777f8d164e78a75b1c19c334ce42d5b58" diff --git a/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch new file mode 100644 index 0000000000..bebde7f26d --- /dev/null +++ b/poky/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch @@ -0,0 +1,48 @@ +From 1f0707e8e78ef290fd0f229df3fcd2236f29db89 Mon Sep 17 00:00:00 2001 +From: Changqing Li +Date: Thu, 28 Oct 2021 11:11:05 +0800 +Subject: [PATCH] upstream: need initgroups() before setresgid(); reported by + anton@, + +ok deraadt@ + +OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce + +CVE: CVE-2021-41617 +Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/f3cbe43e28fe71427d41cfe3a17125b972710455 +https://github.com/openssh/openssh-portable/commit/bf944e3794eff5413f2df1ef37cddf96918c6bde] + +Signed-off-by: Changqing Li +--- + misc.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/misc.c b/misc.c +index d988ce3..33eca1c 100644 +--- a/misc.c ++++ b/misc.c +@@ -56,6 +56,7 @@ + #ifdef HAVE_PATHS_H + # include + #include ++#include + #endif + #ifdef SSH_TUN_OPENBSD + #include +@@ -2629,6 +2630,13 @@ subprocess(const char *tag, const char *command, + } + closefrom(STDERR_FILENO + 1); + ++ if (geteuid() == 0 && ++ initgroups(pw->pw_name, pw->pw_gid) == -1) { ++ error("%s: initgroups(%s, %u): %s", tag, ++ pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); ++ _exit(1); ++ } ++ + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { + error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, + strerror(errno)); +-- +2.17.1 + diff --git a/poky/meta/recipes-connectivity/openssh/openssh_8.7p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_8.7p1.bb index 07cd6b74cd..d19833e56f 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh_8.7p1.bb +++ b/poky/meta/recipes-connectivity/openssh/openssh_8.7p1.bb @@ -24,6 +24,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ + file://CVE-2021-41617.patch \ " SRC_URI[sha256sum] = "7ca34b8bb24ae9e50f33792b7091b3841d7e1b440ff57bc9fabddf01e2ed1e24" diff --git a/poky/meta/recipes-connectivity/openssl/openssl/reproducibility.patch b/poky/meta/recipes-connectivity/openssl/openssl/reproducibility.patch new file mode 100644 index 0000000000..8accbc9df2 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl/reproducibility.patch @@ -0,0 +1,22 @@ +Using localtime() means the output can depend on the timezone of the build machine. +Using gmtime() is safer. For complete reproducibility use SOURCE_DATE_EPOCH if set. + +Signed-off-by: Richard Purdie +Upstream-Status: Pending [should be suitable] + +Index: openssl-3.0.1/apps/progs.pl +=================================================================== +--- openssl-3.0.1.orig/apps/progs.pl ++++ openssl-3.0.1/apps/progs.pl +@@ -21,7 +21,10 @@ die "Unrecognised option, must be -C or + my %commands = (); + my $cmdre = qr/^\s*int\s+([a-z_][a-z0-9_]*)_main\(\s*int\s+argc\s*,/; + my $apps_openssl = shift @ARGV; +-my $YEAR = [localtime()]->[5] + 1900; ++my $YEAR = [gmtime()]->[5] + 1900; ++if (defined($ENV{SOURCE_DATE_EPOCH}) && $ENV{SOURCE_DATE_EPOCH} !~ /\D/) { ++ $YEAR = [gmtime($ENV{SOURCE_DATE_EPOCH})]->[5] + 1900; ++} + + # because the program apps/openssl has object files as sources, and + # they then have the corresponding C files as source, we need to chain diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb index b241ba78bc..17c769bb56 100644 --- a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb +++ b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb @@ -17,6 +17,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://afalg.patch \ file://reproducible.patch \ + file://reproducibility.patch \ " SRC_URI:append:class-nativesdk = " \ diff --git a/poky/meta/recipes-core/glibc/glibc_2.34.bb b/poky/meta/recipes-core/glibc/glibc_2.34.bb index 7206477278..7efc1ec1ef 100644 --- a/poky/meta/recipes-core/glibc/glibc_2.34.bb +++ b/poky/meta/recipes-core/glibc/glibc_2.34.bb @@ -90,7 +90,7 @@ EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \ EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}" -EXTRA_OECONF:append:x86 = " --enable-cet" +EXTRA_OECONF:append:x86 = " ${@bb.utils.contains_any('TUNE_FEATURES', 'i586 c3', '--disable-cet', '--enable-cet', d)}" EXTRA_OECONF:append:x86-64 = " --enable-cet" PACKAGECONFIG ??= "nscd memory-tagging" diff --git a/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch b/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch new file mode 100644 index 0000000000..d63bf57e8d --- /dev/null +++ b/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch @@ -0,0 +1,65 @@ +From e83ecbd26252bac163fc4377ef30edbd4acb0bad Mon Sep 17 00:00:00 2001 +From: Sven Joachim +Date: Mon, 1 Jun 2020 08:03:52 +0200 +Subject: [PATCH] Import upstream patch 20200531 + +20200531 + + correct configure version-check/warnng for g++ to allow for 10.x + + re-enable "bel" in konsole-base (report by Nia Huang) + + add linux-s entry (patch by Alexandre Montaron). + + drop long-obsolete convert_configure.pl + + add test/test_parm.c, for checking tparm changes. + + improve parameter-checking for tparm, adding function _nc_tiparm() to + handle the most-used case, which accepts only numeric parameters + (report/testcase by "puppet-meteor"). + + use a more conservative estimate of the buffer-size in lib_tparm.c's + save_text() and save_number(), in case the sprintf() function + passes-through unexpected characters from a format specifier + (report/testcase by "puppet-meteor"). + + add a check for end-of-string in cvtchar to handle a malformed + string in infotocap (report/testcase by "puppet-meteor"). + +CVE: CVE-2021-39537 + +Upstream-Status: Backport [https://github.com/mirror/ncurses/commit/790a85dbd4a81d5f5d8dd02a44d84f01512ef443] + +Signed-off-by: Mingli Yu +--- + ncurses/tinfo/captoinfo.c | 11 +- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/ncurses/tinfo/captoinfo.c b/ncurses/tinfo/captoinfo.c +index 8b3b83d1..9362105a 100644 +--- a/ncurses/tinfo/captoinfo.c ++++ b/ncurses/tinfo/captoinfo.c +@@ -98,7 +98,7 @@ + #include + #include + +-MODULE_ID("$Id: captoinfo.c,v 1.98 2020/02/02 23:34:34 tom Exp $") ++MODULE_ID("$Id: captoinfo.c,v 1.99 2020/05/25 21:28:29 tom Exp $") + + #if 0 + #define DEBUG_THIS(p) DEBUG(9, p) +@@ -216,12 +216,15 @@ cvtchar(register const char *sp) + } + break; + case '^': ++ len = 2; + c = UChar(*++sp); +- if (c == '?') ++ if (c == '?') { + c = 127; +- else ++ } else if (c == '\0') { ++ len = 1; ++ } else { + c &= 0x1f; +- len = 2; ++ } + break; + default: + c = UChar(*sp); +-- +2.17.1 + diff --git a/poky/meta/recipes-core/ncurses/ncurses_6.2.bb b/poky/meta/recipes-core/ncurses/ncurses_6.2.bb index e7d7396a20..598c51b00b 100644 --- a/poky/meta/recipes-core/ncurses/ncurses_6.2.bb +++ b/poky/meta/recipes-core/ncurses/ncurses_6.2.bb @@ -3,6 +3,7 @@ require ncurses.inc SRC_URI += "file://0001-tic-hang.patch \ file://0002-configure-reproducible.patch \ file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \ + file://CVE-2021-39537.patch \ " # commit id corresponds to the revision in package version SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4" diff --git a/poky/meta/recipes-core/systemd/systemd-boot_249.3.bb b/poky/meta/recipes-core/systemd/systemd-boot_249.3.bb deleted file mode 100644 index b3d4e31e08..0000000000 --- a/poky/meta/recipes-core/systemd/systemd-boot_249.3.bb +++ /dev/null @@ -1,74 +0,0 @@ -require systemd.inc -FILESEXTRAPATHS =. "${FILE_DIRNAME}/systemd:" - -require conf/image-uefi.conf - -DEPENDS = "intltool-native libcap util-linux gnu-efi gperf-native python3-jinja2-native" - -inherit meson pkgconfig gettext -inherit deploy - -LDFLAGS:prepend = "${@ " ".join(d.getVar('LD').split()[1:])} " - -do_write_config[vardeps] += "CC OBJCOPY" -do_write_config:append() { - cat >${WORKDIR}/meson-${PN}.cross <${WORKDIR}/meson-${PN}.cross < Date: Mon, 25 Feb 2019 13:41:41 +0800 Subject: [PATCH] don't use glibc-specific qsort_r diff --git a/poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch b/poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch index d0110a2388..eca52d0bda 100644 --- a/poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch +++ b/poky/meta/recipes-core/systemd/systemd/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch @@ -1,4 +1,4 @@ -From 2a2f95b6dc16d2ea7a8e9349c6b19cc50c34777b Mon Sep 17 00:00:00 2001 +From 3b42a888685aee1776a12cff84a5fe0063378483 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 13:55:12 +0800 Subject: [PATCH] missing_type.h: add __compare_fn_t and comparison_fn_t diff --git a/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch b/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch index 1d61367da4..40ee43b155 100644 --- a/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch +++ b/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch @@ -1,4 +1,4 @@ -From b19f800e178516d4f4d344457647e4a018bd6855 Mon Sep 17 00:00:00 2001 +From 3e0df2c22bfd37bc62bf09a01ec498e40d3599de Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Sat, 22 May 2021 20:26:24 +0200 Subject: [PATCH] add fallback parse_printf_format implementation @@ -23,7 +23,7 @@ Signed-off-by: Scott Murray create mode 100644 src/basic/parse-printf-format.h diff --git a/meson.build b/meson.build -index 738879eb21..1aa20b8246 100644 +index 5bdfd9753d..3421da3a4d 100644 --- a/meson.build +++ b/meson.build @@ -656,6 +656,7 @@ endif @@ -35,10 +35,10 @@ index 738879eb21..1aa20b8246 100644 'valgrind/memcheck.h', 'valgrind/valgrind.h', diff --git a/src/basic/meson.build b/src/basic/meson.build -index 9b016ce5e8..a9ce21b02e 100644 +index 452b965db3..4e64d883dc 100644 --- a/src/basic/meson.build +++ b/src/basic/meson.build -@@ -322,6 +322,11 @@ endforeach +@@ -321,6 +321,11 @@ endforeach basic_sources += generated_gperf_headers diff --git a/poky/meta/recipes-core/systemd/systemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch b/poky/meta/recipes-core/systemd/systemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch index 0462d52d5e..efdd43708b 100644 --- a/poky/meta/recipes-core/systemd/systemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch +++ b/poky/meta/recipes-core/systemd/systemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch @@ -1,4 +1,4 @@ -From db6551741a3654d8e75aff93ea00fbff579f7b02 Mon Sep 17 00:00:00 2001 +From cef23a651ea200e30e1e6ed2a2564505e3a42d46 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 14:18:21 +0800 Subject: [PATCH] src/basic/missing.h: check for missing strndupa @@ -73,7 +73,7 @@ Signed-off-by: Luca Boccassi 51 files changed, 62 insertions(+) diff --git a/meson.build b/meson.build -index 1aa20b8246..aafee71eb4 100644 +index 3421da3a4d..ddef6fba91 100644 --- a/meson.build +++ b/meson.build @@ -480,6 +480,7 @@ foreach ident : ['secure_getenv', '__secure_getenv'] @@ -109,7 +109,7 @@ index 1ff6160dc8..c9efd862a2 100644 static int cg_enumerate_items(const char *controller, const char *path, FILE **_f, const char *item) { _cleanup_free_ char *fs = NULL; diff --git a/src/basic/env-util.c b/src/basic/env-util.c -index 81b1e3f10e..8fedcfd1cd 100644 +index 1ca445dab4..1f5a212d4e 100644 --- a/src/basic/env-util.c +++ b/src/basic/env-util.c @@ -18,6 +18,7 @@ @@ -165,7 +165,7 @@ index f91f8f7a08..fb31596216 100644 int mkdir_safe_internal( const char *path, diff --git a/src/basic/mountpoint-util.c b/src/basic/mountpoint-util.c -index 8c836a1b74..2eb7e5a634 100644 +index 7e57d9a226..c0e64f2aca 100644 --- a/src/basic/mountpoint-util.c +++ b/src/basic/mountpoint-util.c @@ -11,6 +11,7 @@ @@ -273,7 +273,7 @@ index 84c3caf3a5..0fa84eaa38 100644 BUS_DEFINE_PROPERTY_GET(bus_property_get_tasks_max, "t", TasksMax, tasks_max_resolve); diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c -index 50daef6702..1cc6d91e64 100644 +index 902e074bd2..ac15b944e6 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -42,6 +42,7 @@ @@ -297,7 +297,7 @@ index ca9b399d8c..b864480a8c 100644 int bus_property_get_triggered_unit( sd_bus *bus, diff --git a/src/core/execute.c b/src/core/execute.c -index 2a337b55a2..2a64675c5f 100644 +index 2f2de4d9cf..515b2fe748 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -98,6 +98,7 @@ @@ -321,7 +321,7 @@ index a56f12f47f..6b8729ef67 100644 #if HAVE_KMOD #include "module-util.h" diff --git a/src/core/service.c b/src/core/service.c -index cb0a528f0d..740d305710 100644 +index 7b90822f68..4af076eeba 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -41,6 +41,7 @@ @@ -357,7 +357,7 @@ index ae1d43756a..24de98c9f3 100644 #define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-remote.pem" #define CERT_FILE CERTIFICATE_ROOT "/certs/journal-remote.pem" diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c -index c8fb726d42..858a425d12 100644 +index 3eac97510d..db6913bc7a 100644 --- a/src/journal/journalctl.c +++ b/src/journal/journalctl.c @@ -72,6 +72,7 @@ @@ -393,7 +393,7 @@ index bfd42aea7d..daefc56e3e 100644 static int node_vtable_get_userdata( sd_bus *bus, diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c -index 378774fe8b..2694c177d5 100644 +index 09eb49c37f..82f1b3d1be 100644 --- a/src/libsystemd/sd-bus/bus-socket.c +++ b/src/libsystemd/sd-bus/bus-socket.c @@ -27,6 +27,7 @@ @@ -405,7 +405,7 @@ index 378774fe8b..2694c177d5 100644 #define SNDBUF_SIZE (8*1024*1024) diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c -index a32e2f5e20..97fd3aec82 100644 +index ab8d4e4a60..7e35fbe9e6 100644 --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@ -42,6 +42,7 @@ @@ -429,7 +429,7 @@ index 13c08fe295..9aae83486e 100644 #define MAX_SIZE (2*1024*1024) diff --git a/src/libsystemd/sd-journal/sd-journal.c b/src/libsystemd/sd-journal/sd-journal.c -index 5728c537bc..94885b0bf6 100644 +index b3240177cb..7e3ae2d24f 100644 --- a/src/libsystemd/sd-journal/sd-journal.c +++ b/src/libsystemd/sd-journal/sd-journal.c @@ -40,6 +40,7 @@ @@ -669,7 +669,7 @@ index 65c40de4c8..4ef9a0c6c8 100644 _printf_(2,3) static void path_prepend(char **path, const char *fmt, ...) { diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c -index b28089be71..a7e2232299 100644 +index 9854270b27..71b5fab1e7 100644 --- a/src/udev/udev-event.c +++ b/src/udev/udev-event.c @@ -34,6 +34,7 @@ diff --git a/poky/meta/recipes-core/systemd/systemd/0006-Include-netinet-if_ether.h.patch b/poky/meta/recipes-core/systemd/systemd/0006-Include-netinet-if_ether.h.patch index 855607e6a8..3875753ff4 100644 --- a/poky/meta/recipes-core/systemd/systemd/0006-Include-netinet-if_ether.h.patch +++ b/poky/meta/recipes-core/systemd/systemd/0006-Include-netinet-if_ether.h.patch @@ -1,4 +1,4 @@ -From d7ae3aadc70555932e03349907f8be04d03a50ee Mon Sep 17 00:00:00 2001 +From a3be3b7160856ffb8259ede9e2e0168d74bf126e Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Thu, 26 Oct 2017 22:10:42 -0700 Subject: [PATCH] Include netinet/if_ether.h @@ -103,7 +103,7 @@ index 5ad396a57e..1dc007fe13 100644 -#endif /* _UAPI_LINUX_IN6_H */ +#endif /* _LINUX_IN6_H */ diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c -index e8c47f429a..359922c1b3 100644 +index efbf7d7df3..86906332b6 100644 --- a/src/libsystemd-network/sd-dhcp6-client.c +++ b/src/libsystemd-network/sd-dhcp6-client.c @@ -5,7 +5,6 @@ @@ -274,12 +274,13 @@ index 2b72b618fc..d0d4cfb384 100644 #include "sd-dhcp6-client.h" diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c -index 9421ce1aa6..3e37cbcc39 100644 +index 20675f2306..2884511ff3 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c -@@ -1,8 +1,8 @@ +@@ -1,9 +1,9 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ + #include +#include #include #include @@ -299,7 +300,7 @@ index 850b4f449e..6f85d41328 100644 #include #include diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c -index 77a93beca9..3bf9ae8837 100644 +index eeba31c45d..0a2b0ed42b 100644 --- a/src/network/networkd-route.c +++ b/src/network/networkd-route.c @@ -1,5 +1,6 @@ @@ -310,7 +311,7 @@ index 77a93beca9..3bf9ae8837 100644 #include #include diff --git a/src/network/networkd-setlink.c b/src/network/networkd-setlink.c -index 10c312c480..e44fbb5c35 100644 +index 13c4cedd10..6558d551ab 100644 --- a/src/network/networkd-setlink.c +++ b/src/network/networkd-setlink.c @@ -1,8 +1,8 @@ @@ -369,7 +370,7 @@ index 8dfe23691b..e269856337 100644 #include #include diff --git a/src/udev/udev-builtin-net_setup_link.c b/src/udev/udev-builtin-net_setup_link.c -index d40251331c..89566c05f5 100644 +index 5964e30bf1..52a18d7a7f 100644 --- a/src/udev/udev-builtin-net_setup_link.c +++ b/src/udev/udev-builtin-net_setup_link.c @@ -1,5 +1,6 @@ diff --git a/poky/meta/recipes-core/systemd/systemd/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch b/poky/meta/recipes-core/systemd/systemd/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch index 28846935e0..1d8c481467 100644 --- a/poky/meta/recipes-core/systemd/systemd/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch +++ b/poky/meta/recipes-core/systemd/systemd/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch @@ -1,4 +1,4 @@ -From e2d70a1735fc6b9d3c079814831ab0b1b2a9d1e0 Mon Sep 17 00:00:00 2001 +From fb068403b25002156435350165ea418a6338a313 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 14:56:21 +0800 Subject: [PATCH] don't fail if GLOB_BRACE and GLOB_ALTDIRFUNC is not defined diff --git a/poky/meta/recipes-core/systemd/systemd/0008-add-missing-FTW_-macros-for-musl.patch b/poky/meta/recipes-core/systemd/systemd/0008-add-missing-FTW_-macros-for-musl.patch index 444e123854..c613581ef9 100644 --- a/poky/meta/recipes-core/systemd/systemd/0008-add-missing-FTW_-macros-for-musl.patch +++ b/poky/meta/recipes-core/systemd/systemd/0008-add-missing-FTW_-macros-for-musl.patch @@ -1,4 +1,4 @@ -From 3410d82c9d07aee3e951fc6ae0b41fc1a594e00d Mon Sep 17 00:00:00 2001 +From 7ca9887f84adba065dc2e59b3de55ace2fc72ec0 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:00:06 +0800 Subject: [PATCH] add missing FTW_ macros for musl @@ -10,6 +10,7 @@ This is to avoid build failures like below for musl. Upstream-Status: Inappropriate [musl specific] Signed-off-by: Chen Qi + --- src/basic/missing_type.h | 20 ++++++++++++++++++++ src/shared/mount-setup.c | 1 + diff --git a/poky/meta/recipes-core/systemd/systemd/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch b/poky/meta/recipes-core/systemd/systemd/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch index 4670c232a5..0fc320420e 100644 --- a/poky/meta/recipes-core/systemd/systemd/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch +++ b/poky/meta/recipes-core/systemd/systemd/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch @@ -1,4 +1,4 @@ -From 1e3bc870ded807cff0d3771dd89a850d020df032 Mon Sep 17 00:00:00 2001 +From c7453b716ae308b89cf4b2b231a36ddd38a49752 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:03:47 +0800 Subject: [PATCH] fix missing of __register_atfork for non-glibc builds @@ -12,7 +12,7 @@ Signed-off-by: Chen Qi 1 file changed, 7 insertions(+) diff --git a/src/basic/process-util.c b/src/basic/process-util.c -index 14259ea8df..18681838ef 100644 +index 461bbfe9a5..2d06f9f60a 100644 --- a/src/basic/process-util.c +++ b/src/basic/process-util.c @@ -18,6 +18,9 @@ diff --git a/poky/meta/recipes-core/systemd/systemd/0010-Use-uintmax_t-for-handling-rlim_t.patch b/poky/meta/recipes-core/systemd/systemd/0010-Use-uintmax_t-for-handling-rlim_t.patch index e6bb37a65e..ff981b8c74 100644 --- a/poky/meta/recipes-core/systemd/systemd/0010-Use-uintmax_t-for-handling-rlim_t.patch +++ b/poky/meta/recipes-core/systemd/systemd/0010-Use-uintmax_t-for-handling-rlim_t.patch @@ -1,4 +1,4 @@ -From eeacb75025d8f537d54c35256c5730c9aab15cde Mon Sep 17 00:00:00 2001 +From 856010e268a6aca8e5f02502457afe289bd877f1 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:12:41 +0800 Subject: [PATCH] Use uintmax_t for handling rlim_t @@ -87,10 +87,10 @@ index 23d108d5df..3e6fb438d7 100644 return 1; } diff --git a/src/core/execute.c b/src/core/execute.c -index 2a64675c5f..dca1e0e3b6 100644 +index 515b2fe748..7693f2d9a0 100644 --- a/src/core/execute.c +++ b/src/core/execute.c -@@ -5391,9 +5391,9 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) { +@@ -5395,9 +5395,9 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) { for (unsigned i = 0; i < RLIM_NLIMITS; i++) if (c->rlimit[i]) { fprintf(f, "%sLimit%s: " RLIM_FMT "\n", diff --git a/poky/meta/recipes-core/systemd/systemd/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch b/poky/meta/recipes-core/systemd/systemd/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch index 897e332f33..0ee871c92d 100644 --- a/poky/meta/recipes-core/systemd/systemd/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch +++ b/poky/meta/recipes-core/systemd/systemd/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch @@ -1,4 +1,4 @@ -From fa29a572faaeb6fb9ed0bc6802d17139773e1908 Mon Sep 17 00:00:00 2001 +From ad395dda5db9b1ae156be121cfc8a38960de6c55 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Wed, 28 Feb 2018 21:25:22 -0800 Subject: [PATCH] test-sizeof.c: Disable tests for missing typedefs in musl @@ -13,7 +13,7 @@ Signed-off-by: Chen Qi 1 file changed, 4 insertions(+) diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c -index 3c9dc180fa..e1a59d408c 100644 +index e36bee4e8f..4403c0aa52 100644 --- a/src/test/test-sizeof.c +++ b/src/test/test-sizeof.c @@ -55,8 +55,10 @@ int main(void) { diff --git a/poky/meta/recipes-core/systemd/systemd/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch b/poky/meta/recipes-core/systemd/systemd/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch index 3bf706fc55..12a92b8739 100644 --- a/poky/meta/recipes-core/systemd/systemd/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch +++ b/poky/meta/recipes-core/systemd/systemd/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch @@ -1,4 +1,4 @@ -From 88c8922f9e4d221402d9cb2e04b9c82e89125827 Mon Sep 17 00:00:00 2001 +From 5d4c6b2f4b88b69b31f967371d2a6136c65dc3fd Mon Sep 17 00:00:00 2001 From: Andre McCurdy Date: Tue, 10 Oct 2017 14:33:30 -0700 Subject: [PATCH] don't pass AT_SYMLINK_NOFOLLOW flag to faccessat() diff --git a/poky/meta/recipes-core/systemd/systemd/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch b/poky/meta/recipes-core/systemd/systemd/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch index 74008714c1..bd7a0c4e8e 100644 --- a/poky/meta/recipes-core/systemd/systemd/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch +++ b/poky/meta/recipes-core/systemd/systemd/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch @@ -1,4 +1,4 @@ -From e07e9b998ad61b09555bc809aa15de9d2516787a Mon Sep 17 00:00:00 2001 +From 1803ea271b93370fdcf7ec497277344f1e775429 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 27 May 2018 08:36:44 -0700 Subject: [PATCH] Define glibc compatible basename() for non-glibc systems diff --git a/poky/meta/recipes-core/systemd/systemd/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch b/poky/meta/recipes-core/systemd/systemd/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch index c5e20cbb80..7933b9e76e 100644 --- a/poky/meta/recipes-core/systemd/systemd/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch +++ b/poky/meta/recipes-core/systemd/systemd/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch @@ -1,4 +1,4 @@ -From 2f048d13e100158320bda248635b3c533ac9717b Mon Sep 17 00:00:00 2001 +From 30b08f76ea7f5c324afedf97f0867b76dac9f128 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Wed, 4 Jul 2018 15:00:44 +0800 Subject: [PATCH] Do not disable buffering when writing to oom_score_adj @@ -25,7 +25,7 @@ Signed-off-by: Scott Murray 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/basic/process-util.c b/src/basic/process-util.c -index 18681838ef..0fa71ccce0 100644 +index 2d06f9f60a..f86bd0b7dc 100644 --- a/src/basic/process-util.c +++ b/src/basic/process-util.c @@ -1606,7 +1606,7 @@ int set_oom_score_adjust(int value) { diff --git a/poky/meta/recipes-core/systemd/systemd/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch b/poky/meta/recipes-core/systemd/systemd/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch index 39804bd364..0b0d2a6431 100644 --- a/poky/meta/recipes-core/systemd/systemd/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch +++ b/poky/meta/recipes-core/systemd/systemd/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch @@ -1,4 +1,4 @@ -From 45148529792c0cda32fdd61610c8d5a700d541fa Mon Sep 17 00:00:00 2001 +From 873202f63f9f117c6e5a98e444cc709057042979 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Tue, 10 Jul 2018 15:40:17 +0800 Subject: [PATCH] distinguish XSI-compliant strerror_r from GNU-specifi diff --git a/poky/meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch b/poky/meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch index 365e2a36f1..e6507c5f89 100644 --- a/poky/meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch +++ b/poky/meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch @@ -1,4 +1,4 @@ -From 02a2772889d6cb08c9ca0561b52e7a9a80e50497 Mon Sep 17 00:00:00 2001 +From e7441559266074e7a33e3c11ff5cdaf5ba9c0e24 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:18:00 +0800 Subject: [PATCH] Hide __start_BUS_ERROR_MAP and __stop_BUS_ERROR_MAP diff --git a/poky/meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch b/poky/meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch index 8a6c03f312..eeff693bc4 100644 --- a/poky/meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch +++ b/poky/meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch @@ -1,4 +1,4 @@ -From 47c4ac80689077b1eb86cf05b4326b1ac345aedf Mon Sep 17 00:00:00 2001 +From 64f4d2eb976b9f23ce85b3655a876f7299eafd58 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:27:54 +0800 Subject: [PATCH] missing_type.h: add __compar_d_fn_t definition diff --git a/poky/meta/recipes-core/systemd/systemd/0018-avoid-redefinition-of-prctl_mm_map-structure.patch b/poky/meta/recipes-core/systemd/systemd/0018-avoid-redefinition-of-prctl_mm_map-structure.patch index e75935a280..5ca5386289 100644 --- a/poky/meta/recipes-core/systemd/systemd/0018-avoid-redefinition-of-prctl_mm_map-structure.patch +++ b/poky/meta/recipes-core/systemd/systemd/0018-avoid-redefinition-of-prctl_mm_map-structure.patch @@ -1,4 +1,4 @@ -From 2cb33d8896a4ad2d3b489fed51f17d5e45dfb4fc Mon Sep 17 00:00:00 2001 +From d95330f328c23c1cd6c51aeca43f081746cf2899 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:44:54 +0800 Subject: [PATCH] avoid redefinition of prctl_mm_map structure diff --git a/poky/meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch b/poky/meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch index 629c103627..d51ac4265a 100644 --- a/poky/meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch +++ b/poky/meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch @@ -1,4 +1,4 @@ -From 200a2a2e4f04a7b7078dd455fafbd6774240e30b Mon Sep 17 00:00:00 2001 +From 2284f2f44b1b30f10b9196e0f5c6d0a2e0c1871f Mon Sep 17 00:00:00 2001 From: Alex Kiernan Date: Fri, 7 Aug 2020 15:19:27 +0000 Subject: [PATCH] Handle missing LOCK_EX diff --git a/poky/meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch b/poky/meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch index ea6e82f466..2d272ed3e8 100644 --- a/poky/meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch +++ b/poky/meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch @@ -1,4 +1,4 @@ -From 6445b7737a89256f35adc56701a5c47b48618ced Mon Sep 17 00:00:00 2001 +From a6a25e1ecae91f48a4f87bf0cc17eaaf0a919ffe Mon Sep 17 00:00:00 2001 From: Alex Kiernan Date: Fri, 7 Aug 2020 15:20:17 +0000 Subject: [PATCH] Fix incompatible pointer type struct sockaddr_un * @@ -24,15 +24,15 @@ Signed-off-by: Alex Kiernan 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 04685fecba..90b12bb5bd 100644 +index 575b9da447..ff08ed23cc 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -5354,7 +5354,7 @@ static int cant_be_in_netns(void) { if (fd < 0) return log_error_errno(errno, "Failed to allocate udev control socket: %m"); -- if (connect(fd, &sa.un, SOCKADDR_UN_LEN(sa.un)) < 0) { -+ if (connect(fd, (struct sockaddr *)&sa.un, SOCKADDR_UN_LEN(sa.un)) < 0) { +- if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) { ++ if (connect(fd, (struct sockaddr *)&sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) { if (errno == ENOENT || ERRNO_IS_DISCONNECT(errno)) return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), diff --git a/poky/meta/recipes-core/systemd/systemd/0021-test-json.c-define-M_PIl.patch b/poky/meta/recipes-core/systemd/systemd/0021-test-json.c-define-M_PIl.patch index 60c12b0740..3fe5aeab13 100644 --- a/poky/meta/recipes-core/systemd/systemd/0021-test-json.c-define-M_PIl.patch +++ b/poky/meta/recipes-core/systemd/systemd/0021-test-json.c-define-M_PIl.patch @@ -1,4 +1,4 @@ -From ae71bf2b97dc9d4760defd83463c1d305f332f22 Mon Sep 17 00:00:00 2001 +From 47472da6e8900773c26da8fd26699367447d97a6 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 16:53:06 +0800 Subject: [PATCH] test-json.c: define M_PIl diff --git a/poky/meta/recipes-core/systemd/systemd/0022-do-not-disable-buffer-in-writing-files.patch b/poky/meta/recipes-core/systemd/systemd/0022-do-not-disable-buffer-in-writing-files.patch index 6998bf0dd0..4df35d81d1 100644 --- a/poky/meta/recipes-core/systemd/systemd/0022-do-not-disable-buffer-in-writing-files.patch +++ b/poky/meta/recipes-core/systemd/systemd/0022-do-not-disable-buffer-in-writing-files.patch @@ -1,4 +1,4 @@ -From 3198690c2dbb4b457a04ef21914dc4d531540273 Mon Sep 17 00:00:00 2001 +From 0f9422780a569c79a4b28e44c79c70b4a354bd92 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Fri, 1 Mar 2019 15:22:15 +0800 Subject: [PATCH] do not disable buffer in writing files @@ -134,7 +134,7 @@ index 955b18bd2a..6d89c90176 100644 log_debug_errno(r, "Failed to turn off coredumps, ignoring: %m"); } diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c -index 29530bb691..3ecf6a45a2 100644 +index 981218f52f..436aaaddb4 100644 --- a/src/binfmt/binfmt.c +++ b/src/binfmt/binfmt.c @@ -48,7 +48,7 @@ static int delete_rule(const char *rule) { @@ -165,7 +165,7 @@ index 29530bb691..3ecf6a45a2 100644 STRV_FOREACH(f, files) { k = apply_file(*f, true); diff --git a/src/core/main.c b/src/core/main.c -index b32a19a1d8..4e1238853e 100644 +index c64c73883e..1ac185e946 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -1402,7 +1402,7 @@ static int bump_unix_max_dgram_qlen(void) { @@ -252,7 +252,7 @@ index cb01b25bc6..e92051268b 100644 log_error_errno(r, "Failed to move process: %m"); goto finish; diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 90b12bb5bd..6a1dafa094 100644 +index ff08ed23cc..e7c4a874a9 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -2751,7 +2751,7 @@ static int reset_audit_loginuid(void) { diff --git a/poky/meta/recipes-core/systemd/systemd/0025-Handle-__cpu_mask-usage.patch b/poky/meta/recipes-core/systemd/systemd/0025-Handle-__cpu_mask-usage.patch index 06702765ee..e001ed59e8 100644 --- a/poky/meta/recipes-core/systemd/systemd/0025-Handle-__cpu_mask-usage.patch +++ b/poky/meta/recipes-core/systemd/systemd/0025-Handle-__cpu_mask-usage.patch @@ -1,4 +1,4 @@ -From b04518c464b526f8b9adc9ce3c08b1881db47989 Mon Sep 17 00:00:00 2001 +From e4f9ef547fa342102db15188544daa18e71e9c66 Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Fri, 13 Sep 2019 19:26:27 -0400 Subject: [PATCH] Handle __cpu_mask usage @@ -38,7 +38,7 @@ index 3c63a58826..4c2d4347fc 100644 typedef struct CPUSet { cpu_set_t *set; diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c -index e1a59d408c..c269ea6e8c 100644 +index 4403c0aa52..e7e4ae112d 100644 --- a/src/test/test-sizeof.c +++ b/src/test/test-sizeof.c @@ -1,6 +1,5 @@ diff --git a/poky/meta/recipes-core/systemd/systemd/0026-Handle-missing-gshadow.patch b/poky/meta/recipes-core/systemd/systemd/0026-Handle-missing-gshadow.patch index dc63305825..e9b7c1c078 100644 --- a/poky/meta/recipes-core/systemd/systemd/0026-Handle-missing-gshadow.patch +++ b/poky/meta/recipes-core/systemd/systemd/0026-Handle-missing-gshadow.patch @@ -1,4 +1,4 @@ -From 0c8935128b39864b07dfee39cfa9d35d48f056aa Mon Sep 17 00:00:00 2001 +From 66a926cf906260c2fb5ea851e55efe03edd444dc Mon Sep 17 00:00:00 2001 From: Alex Kiernan Date: Tue, 10 Mar 2020 11:05:20 +0000 Subject: [PATCH] Handle missing gshadow diff --git a/poky/meta/recipes-core/systemd/systemd/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch b/poky/meta/recipes-core/systemd/systemd/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch index ff96a720c5..b7fd3cddbb 100644 --- a/poky/meta/recipes-core/systemd/systemd/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch +++ b/poky/meta/recipes-core/systemd/systemd/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch @@ -1,4 +1,4 @@ -From f5d7fee9620cbcf52be8f8ba477890d28cadfbc8 Mon Sep 17 00:00:00 2001 +From 6f0dd2ba75b68036d7b4ebfe47ac5eaf44d26f06 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 12 Apr 2021 23:44:53 -0700 Subject: [PATCH] missing_syscall.h: Define MIPS ABI defines for musl diff --git a/poky/meta/recipes-core/systemd/systemd_249.3.bb b/poky/meta/recipes-core/systemd/systemd_249.3.bb deleted file mode 100644 index f8c85dabf0..0000000000 --- a/poky/meta/recipes-core/systemd/systemd_249.3.bb +++ /dev/null @@ -1,785 +0,0 @@ -require systemd.inc - -PROVIDES = "udev" - -PE = "1" - -DEPENDS = "intltool-native gperf-native libcap util-linux python3-jinja2-native" - -SECTION = "base/shell" - -inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages features_check - -# As this recipe builds udev, respect systemd being in DISTRO_FEATURES so -# that we don't build both udev and systemd in world builds. -REQUIRED_DISTRO_FEATURES = "systemd" - -SRC_URI += "file://touchscreen.rules \ - file://00-create-volatile.conf \ - ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', 'file://org.freedesktop.hostname1_no_polkit.conf', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', 'file://00-hostnamed-network-user.conf', '', d)} \ - file://init \ - file://99-default.preset \ - file://systemd-pager.sh \ - file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \ - file://0003-implment-systemd-sysv-install-for-OE.patch \ - file://0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch \ - file://0001-test-parse-argument-Include-signal.h.patch \ - " - -# patches needed by musl -SRC_URI:append:libc-musl = " ${SRC_URI_MUSL}" -SRC_URI_MUSL = "\ - file://0002-don-t-use-glibc-specific-qsort_r.patch \ - file://0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch \ - file://0004-add-fallback-parse_printf_format-implementation.patch \ - file://0005-src-basic-missing.h-check-for-missing-strndupa.patch \ - file://0006-Include-netinet-if_ether.h.patch \ - file://0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch \ - file://0008-add-missing-FTW_-macros-for-musl.patch \ - file://0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch \ - file://0010-Use-uintmax_t-for-handling-rlim_t.patch \ - file://0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch \ - file://0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \ - file://0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch \ - file://0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \ - file://0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \ - file://0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch \ - file://0017-missing_type.h-add-__compar_d_fn_t-definition.patch \ - file://0018-avoid-redefinition-of-prctl_mm_map-structure.patch \ - file://0019-Handle-missing-LOCK_EX.patch \ - file://0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch \ - file://0021-test-json.c-define-M_PIl.patch \ - file://0022-do-not-disable-buffer-in-writing-files.patch \ - file://0025-Handle-__cpu_mask-usage.patch \ - file://0026-Handle-missing-gshadow.patch \ - file://0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch \ - " - -PAM_PLUGINS = " \ - pam-plugin-unix \ - pam-plugin-loginuid \ - pam-plugin-keyinit \ -" - -PACKAGECONFIG ??= " \ - ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit efi ldconfig pam selinux smack usrmerge polkit seccomp', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \ - backlight \ - binfmt \ - gshadow \ - hibernate \ - hostnamed \ - idn \ - ima \ - kmod \ - localed \ - logind \ - machined \ - myhostname \ - networkd \ - nss \ - nss-mymachines \ - nss-resolve \ - quotacheck \ - randomseed \ - resolved \ - set-time-epoch \ - sysusers \ - sysvinit \ - timedated \ - timesyncd \ - userdb \ - utmp \ - vconsole \ - wheel-group \ - zstd \ -" - -PACKAGECONFIG:remove:libc-musl = " \ - gshadow \ - idn \ - localed \ - myhostname \ - nss \ - nss-mymachines \ - nss-resolve \ - sysusers \ - userdb \ - utmp \ -" - -CFLAGS:append:libc-musl = " -D__UAPI_DEF_ETHHDR=0 " - -# Some of the dependencies are weak-style recommends - if not available at runtime, -# systemd won't fail but the library-related feature will be skipped with a warning. - -# Use the upstream systemd serial-getty@.service and rely on -# systemd-getty-generator instead of using the OE-core specific -# systemd-serialgetty.bb - not enabled by default. -PACKAGECONFIG[serial-getty-generator] = "" - -PACKAGECONFIG[acl] = "-Dacl=true,-Dacl=false,acl" -PACKAGECONFIG[audit] = "-Daudit=true,-Daudit=false,audit" -PACKAGECONFIG[backlight] = "-Dbacklight=true,-Dbacklight=false" -PACKAGECONFIG[binfmt] = "-Dbinfmt=true,-Dbinfmt=false" -PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" -PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" -PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" -PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" -PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" -PACKAGECONFIG[dbus] = "-Ddbus=true,-Ddbus=false,dbus" -PACKAGECONFIG[efi] = "-Defi=true,-Defi=false" -PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-includedir=${STAGING_INCDIR}/efi,-Dgnu-efi=false,gnu-efi" -PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" -PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" -PACKAGECONFIG[repart] = "-Drepart=true,-Drepart=false" -PACKAGECONFIG[homed] = "-Dhomed=true,-Dhomed=false" -# Sign the journal for anti-tampering -PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" -PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" -PACKAGECONFIG[gshadow] = "-Dgshadow=true,-Dgshadow=false" -PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false" -PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false" -PACKAGECONFIG[idn] = "-Didn=true,-Didn=false" -PACKAGECONFIG[ima] = "-Dima=true,-Dima=false" -# importd requires journal-upload/xz/zlib/bzip2/gcrypt -PACKAGECONFIG[importd] = "-Dimportd=true,-Dimportd=false" -# Update NAT firewall rules -PACKAGECONFIG[iptc] = "-Dlibiptc=true,-Dlibiptc=false,iptables" -PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl" -PACKAGECONFIG[kmod] = "-Dkmod=true,-Dkmod=false,kmod" -PACKAGECONFIG[ldconfig] = "-Dldconfig=true,-Dldconfig=false,,ldconfig" -PACKAGECONFIG[libidn] = "-Dlibidn=true,-Dlibidn=false,libidn,,libidn" -PACKAGECONFIG[libidn2] = "-Dlibidn2=true,-Dlibidn2=false,libidn2,,libidn2" -PACKAGECONFIG[localed] = "-Dlocaled=true,-Dlocaled=false" -PACKAGECONFIG[logind] = "-Dlogind=true,-Dlogind=false" -PACKAGECONFIG[lz4] = "-Dlz4=true,-Dlz4=false,lz4" -PACKAGECONFIG[machined] = "-Dmachined=true,-Dmachined=false" -PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,libxslt-native xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" -PACKAGECONFIG[microhttpd] = "-Dmicrohttpd=true,-Dmicrohttpd=false,libmicrohttpd" -PACKAGECONFIG[myhostname] = "-Dnss-myhostname=true,-Dnss-myhostname=false,,libnss-myhostname" -PACKAGECONFIG[networkd] = "-Dnetworkd=true,-Dnetworkd=false" -PACKAGECONFIG[nss] = "-Dnss-systemd=true,-Dnss-systemd=false" -PACKAGECONFIG[nss-mymachines] = "-Dnss-mymachines=true,-Dnss-mymachines=false" -PACKAGECONFIG[nss-resolve] = "-Dnss-resolve=true,-Dnss-resolve=false" -PACKAGECONFIG[oomd] = "-Doomd=true,-Doomd=false" -PACKAGECONFIG[openssl] = "-Dopenssl=true,-Dopenssl=false,openssl" -PACKAGECONFIG[pam] = "-Dpam=true,-Dpam=false,libpam,${PAM_PLUGINS}" -PACKAGECONFIG[pcre2] = "-Dpcre2=true,-Dpcre2=false,libpcre2" -PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false" -# If polkit is disabled and networkd+hostnamed are in use, enabling this option and -# using dbus-broker will allow networkd to be authorized to change the -# hostname without acquiring additional privileges -PACKAGECONFIG[polkit_hostnamed_fallback] = ",,,,dbus-broker,polkit" -PACKAGECONFIG[portabled] = "-Dportabled=true,-Dportabled=false" -PACKAGECONFIG[qrencode] = "-Dqrencode=true,-Dqrencode=false,qrencode,,qrencode" -PACKAGECONFIG[quotacheck] = "-Dquotacheck=true,-Dquotacheck=false" -PACKAGECONFIG[randomseed] = "-Drandomseed=true,-Drandomseed=false" -PACKAGECONFIG[resolved] = "-Dresolve=true,-Dresolve=false" -PACKAGECONFIG[rfkill] = "-Drfkill=true,-Drfkill=false" -PACKAGECONFIG[seccomp] = "-Dseccomp=true,-Dseccomp=false,libseccomp" -PACKAGECONFIG[selinux] = "-Dselinux=true,-Dselinux=false,libselinux,initscripts-sushell" -PACKAGECONFIG[smack] = "-Dsmack=true,-Dsmack=false" -PACKAGECONFIG[sysusers] = "-Dsysusers=true,-Dsysusers=false" -PACKAGECONFIG[sysvinit] = "-Dsysvinit-path=${sysconfdir}/init.d -Dsysvrcnd-path=${sysconfdir},-Dsysvinit-path= -Dsysvrcnd-path=,,systemd-compat-units update-rc.d" -# When enabled use reproducble build timestamp if set as time epoch, -# or build time if not. When disabled, time epoch is unset. -def build_epoch(d): - epoch = d.getVar('SOURCE_DATE_EPOCH') or "-1" - return '-Dtime-epoch=%d' % int(epoch) -PACKAGECONFIG[set-time-epoch] = "${@build_epoch(d)},-Dtime-epoch=0" -PACKAGECONFIG[timedated] = "-Dtimedated=true,-Dtimedated=false" -PACKAGECONFIG[timesyncd] = "-Dtimesyncd=true,-Dtimesyncd=false" -PACKAGECONFIG[usrmerge] = "-Dsplit-usr=false,-Dsplit-usr=true" -PACKAGECONFIG[sbinmerge] = "-Dsplit-bin=false,-Dsplit-bin=true" -PACKAGECONFIG[userdb] = "-Duserdb=true,-Duserdb=false" -PACKAGECONFIG[utmp] = "-Dutmp=true,-Dutmp=false" -PACKAGECONFIG[valgrind] = "-DVALGRIND=1,,valgrind" -PACKAGECONFIG[vconsole] = "-Dvconsole=true,-Dvconsole=false,,${PN}-vconsole-setup" -PACKAGECONFIG[wheel-group] = "-Dwheel-group=true, -Dwheel-group=false" -PACKAGECONFIG[xdg-autostart] = "-Dxdg-autostart=true,-Dxdg-autostart=false" -# Verify keymaps on locale change -PACKAGECONFIG[xkbcommon] = "-Dxkbcommon=true,-Dxkbcommon=false,libxkbcommon" -PACKAGECONFIG[xz] = "-Dxz=true,-Dxz=false,xz" -PACKAGECONFIG[zlib] = "-Dzlib=true,-Dzlib=false,zlib" -PACKAGECONFIG[zstd] = "-Dzstd=true,-Dzstd=false,zstd" - -# Helper variables to clarify locations. This mirrors the logic in systemd's -# build system. -rootprefix ?= "${root_prefix}" -rootlibdir ?= "${base_libdir}" -rootlibexecdir = "${rootprefix}/lib" - -# This links udev statically with systemd helper library. -# Otherwise udev package would depend on systemd package (which has the needed shared library), -# and always pull it into images. -EXTRA_OEMESON += "-Dlink-udev-shared=false" - -EXTRA_OEMESON += "-Dnobody-user=nobody \ - -Dnobody-group=nobody \ - -Drootlibdir=${rootlibdir} \ - -Drootprefix=${rootprefix} \ - -Ddefault-locale=C \ - -Dmode=release \ - -Dsystem-alloc-uid-min=101 \ - -Dsystem-uid-max=999 \ - -Dsystem-alloc-gid-min=101 \ - -Dsystem-gid-max=999 \ - " - -# Hardcode target binary paths to avoid using paths from sysroot -EXTRA_OEMESON += "-Dkexec-path=${sbindir}/kexec \ - -Dkmod-path=${base_bindir}/kmod \ - -Dmount-path=${base_bindir}/mount \ - -Dquotacheck-path=${sbindir}/quotacheck \ - -Dquotaon-path=${sbindir}/quotaon \ - -Dsulogin-path=${base_sbindir}/sulogin \ - -Dnologin-path=${base_sbindir}/nologin \ - -Dumount-path=${base_bindir}/umount" - -do_install() { - meson_do_install - install -d ${D}/${base_sbindir} - if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then - # Provided by a separate recipe - rm ${D}${systemd_system_unitdir}/serial-getty* -f - fi - - # Provide support for initramfs - [ ! -e ${D}/init ] && ln -s ${rootlibexecdir}/systemd/systemd ${D}/init - [ ! -e ${D}/${base_sbindir}/udevd ] && ln -s ${rootlibexecdir}/systemd/systemd-udevd ${D}/${base_sbindir}/udevd - - install -d ${D}${sysconfdir}/udev/rules.d/ - install -d ${D}${sysconfdir}/tmpfiles.d - for rule in $(find ${WORKDIR} -maxdepth 1 -type f -name "*.rules"); do - install -m 0644 $rule ${D}${sysconfdir}/udev/rules.d/ - done - - install -m 0644 ${WORKDIR}/00-create-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ - - if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/systemd-udevd - sed -i s%@UDEVD@%${rootlibexecdir}/systemd/systemd-udevd% ${D}${sysconfdir}/init.d/systemd-udevd - install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON ${D}${systemd_system_unitdir}d-sysv-install - fi - - chown root:systemd-journal ${D}/${localstatedir}/log/journal - - # Delete journal README, as log can be symlinked inside volatile. - rm -f ${D}/${localstatedir}/log/README - - # journal-remote creates this at start - rm -rf ${D}/${localstatedir}/log/journal/remote - - install -d ${D}${systemd_system_unitdir}/graphical.target.wants - install -d ${D}${systemd_system_unitdir}/multi-user.target.wants - install -d ${D}${systemd_system_unitdir}/poweroff.target.wants - install -d ${D}${systemd_system_unitdir}/reboot.target.wants - install -d ${D}${systemd_system_unitdir}/rescue.target.wants - - # Create symlinks for systemd-update-utmp-runlevel.service - if ${@bb.utils.contains('PACKAGECONFIG', 'utmp', 'true', 'false', d)}; then - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/graphical.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/multi-user.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/poweroff.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/reboot.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/rescue.target.wants/systemd-update-utmp-runlevel.service - fi - - # this file is needed to exist if networkd is disabled but timesyncd is still in use since timesyncd checks it - # for existence else it fails - if [ -s ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf ]; then - ${@bb.utils.contains('PACKAGECONFIG', 'networkd', ':', 'sed -i -e "\$ad /run/systemd/netif/links 0755 root root -" ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf', d)} - fi - if ! ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'true', 'false', d)}; then - echo 'L! ${sysconfdir}/resolv.conf - - - - ../run/systemd/resolve/resolv.conf' >>${D}${exec_prefix}/lib/tmpfiles.d/etc.conf - echo 'd /run/systemd/resolve 0755 root root -' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf - echo 'f /run/systemd/resolve/resolv.conf 0644 root root' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf - ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd - else - sed -i -e "s%^L! /etc/resolv.conf.*$%L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf%g" ${D}${exec_prefix}/lib/tmpfiles.d/etc.conf - ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd - fi - if ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'false', 'true', d)}; then - rm ${D}${exec_prefix}/lib/tmpfiles.d/x11.conf - rm -r ${D}${sysconfdir}/X11 - fi - - # If polkit is setup fixup permissions and ownership - if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then - if [ -d ${D}${datadir}/polkit-1/rules.d ]; then - chmod 700 ${D}${datadir}/polkit-1/rules.d - chown polkitd:root ${D}${datadir}/polkit-1/rules.d - fi - fi - - # If polkit is not available and a fallback was requested, install a drop-in that allows networkd to - # request hostname changes via DBUS without elevating its privileges - if ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', 'true', 'false', d)}; then - install -d ${D}${systemd_system_unitdir}/systemd-hostnamed.service.d/ - install -m 0644 ${WORKDIR}/00-hostnamed-network-user.conf ${D}${systemd_system_unitdir}/systemd-hostnamed.service.d/ - install -d ${D}${datadir}/dbus-1/system.d/ - install -m 0644 ${WORKDIR}/org.freedesktop.hostname1_no_polkit.conf ${D}${datadir}/dbus-1/system.d/ - fi - - # create link for existing udev rules - ln -s ${base_bindir}/udevadm ${D}${base_sbindir}/udevadm - - # duplicate udevadm for postinst script - install -d ${D}${libexecdir} - ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm - - # install default policy for presets - # https://www.freedesktop.org/wiki/Software/systemd/Preset/#howto - install -Dm 0644 ${WORKDIR}/99-default.preset ${D}${systemd_system_unitdir}-preset/99-default.preset - - # add a profile fragment to disable systemd pager with busybox less - install -Dm 0644 ${WORKDIR}/systemd-pager.sh ${D}${sysconfdir}/profile.d/systemd-pager.sh -} - -python populate_packages:prepend (){ - systemdlibdir = d.getVar("rootlibdir") - do_split_packages(d, systemdlibdir, '^lib(.*)\.so\.*', 'lib%s', 'Systemd %s library', extra_depends='', allow_links=True) -} -PACKAGES_DYNAMIC += "^lib(udev|systemd|nss).*" - -PACKAGE_BEFORE_PN = "\ - ${PN}-gui \ - ${PN}-vconsole-setup \ - ${PN}-initramfs \ - ${PN}-analyze \ - ${PN}-kernel-install \ - ${PN}-rpm-macros \ - ${PN}-binfmt \ - ${PN}-zsh-completion \ - ${PN}-container \ - ${PN}-journal-gatewayd \ - ${PN}-journal-upload \ - ${PN}-journal-remote \ - ${PN}-extra-utils \ - ${PN}-udev-rules \ - udev \ - udev-hwdb \ -" - -SUMMARY:${PN}-container = "Tools for containers and VMs" -DESCRIPTION:${PN}-container = "Systemd tools to spawn and manage containers and virtual machines." - -SUMMARY:${PN}-journal-gatewayd = "HTTP server for journal events" -DESCRIPTION:${PN}-journal-gatewayd = "systemd-journal-gatewayd serves journal events over the network. Clients must connect using HTTP. The server listens on port 19531 by default." - -SUMMARY:${PN}-journal-upload = "Send journal messages over the network" -DESCRIPTION:${PN}-journal-upload = "systemd-journal-upload uploads journal entries to a specified URL." - -SUMMARY:${PN}-journal-remote = "Receive journal messages over the network" -DESCRIPTION:${PN}-journal-remote = "systemd-journal-remote is a command to receive serialized journal events and store them to journal files." - -SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfmt', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ -" -SYSTEMD_SERVICE:${PN}-binfmt = "systemd-binfmt.service" - -USERADD_PACKAGES = "${PN} ${PN}-extra-utils \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gateway', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ -" -GROUPADD_PARAM:${PN} = "-r systemd-journal;" -GROUPADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', '-r systemd-hostname;', '', d)}" -USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /sbin/nologin systemd-coredump;', '', d)}" -USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /sbin/nologin systemd-network;', '', d)}" -USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" -USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /sbin/nologin systemd-resolve;', '', d)}" -USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /sbin/nologin systemd-timesync;', '', d)}" -USERADD_PARAM:${PN}-extra-utils = "--system -d / -M --shell /sbin/nologin systemd-bus-proxy" -USERADD_PARAM:${PN}-journal-gateway = "--system -d / -M --shell /sbin/nologin systemd-journal-gateway" -USERADD_PARAM:${PN}-journal-remote = "--system -d / -M --shell /sbin/nologin systemd-journal-remote" -USERADD_PARAM:${PN}-journal-upload = "--system -d / -M --shell /sbin/nologin systemd-journal-upload" - -FILES:${PN}-analyze = "${bindir}/systemd-analyze" - -FILES:${PN}-initramfs = "/init" -RDEPENDS:${PN}-initramfs = "${PN}" - -FILES:${PN}-gui = "${bindir}/systemadm" - -FILES:${PN}-vconsole-setup = "${rootlibexecdir}/systemd/systemd-vconsole-setup \ - ${systemd_system_unitdir}/systemd-vconsole-setup.service \ - ${systemd_system_unitdir}/sysinit.target.wants/systemd-vconsole-setup.service" - -RDEPENDS:${PN}-kernel-install += "bash" -FILES:${PN}-kernel-install = "${bindir}/kernel-install \ - ${sysconfdir}/kernel/ \ - ${exec_prefix}/lib/kernel \ - " -FILES:${PN}-rpm-macros = "${exec_prefix}/lib/rpm \ - " - -FILES:${PN}-zsh-completion = "${datadir}/zsh/site-functions" - -FILES:${PN}-binfmt = "${sysconfdir}/binfmt.d/ \ - ${exec_prefix}/lib/binfmt.d \ - ${rootlibexecdir}/systemd/systemd-binfmt \ - ${systemd_system_unitdir}/proc-sys-fs-binfmt_misc.* \ - ${systemd_system_unitdir}/systemd-binfmt.service" -RRECOMMENDS:${PN}-binfmt = "kernel-module-binfmt-misc" - -RRECOMMENDS:${PN}-vconsole-setup = "kbd kbd-consolefonts kbd-keymaps" - - -FILES:${PN}-journal-gatewayd = "${rootlibexecdir}/systemd/systemd-journal-gatewayd \ - ${systemd_system_unitdir}/systemd-journal-gatewayd.service \ - ${systemd_system_unitdir}/systemd-journal-gatewayd.socket \ - ${systemd_system_unitdir}/sockets.target.wants/systemd-journal-gatewayd.socket \ - ${datadir}/systemd/gatewayd/browse.html \ - " -SYSTEMD_SERVICE:${PN}-journal-gatewayd = "systemd-journal-gatewayd.socket" - -FILES:${PN}-journal-upload = "${rootlibexecdir}/systemd/systemd-journal-upload \ - ${systemd_system_unitdir}/systemd-journal-upload.service \ - ${sysconfdir}/systemd/journal-upload.conf \ - " -SYSTEMD_SERVICE:${PN}-journal-upload = "systemd-journal-upload.service" - -FILES:${PN}-journal-remote = "${rootlibexecdir}/systemd/systemd-journal-remote \ - ${sysconfdir}/systemd/journal-remote.conf \ - ${systemd_system_unitdir}/systemd-journal-remote.service \ - ${systemd_system_unitdir}/systemd-journal-remote.socket \ - " -SYSTEMD_SERVICE:${PN}-journal-remote = "systemd-journal-remote.socket" - - -FILES:${PN}-container = "${sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf \ - ${sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf \ - ${sysconfdir}/systemd/system/multi-user.target.wants/machines.target \ - ${base_bindir}/machinectl \ - ${bindir}/systemd-nspawn \ - ${nonarch_libdir}/systemd/import-pubring.gpg \ - ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.import1.busname \ - ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.machine1.busname \ - ${systemd_system_unitdir}/local-fs.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/machines.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/remote-fs.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/machine.slice \ - ${systemd_system_unitdir}/machines.target \ - ${systemd_system_unitdir}/org.freedesktop.import1.busname \ - ${systemd_system_unitdir}/org.freedesktop.machine1.busname \ - ${systemd_system_unitdir}/systemd-importd.service \ - ${systemd_system_unitdir}/systemd-machined.service \ - ${systemd_system_unitdir}/dbus-org.freedesktop.machine1.service \ - ${systemd_system_unitdir}/var-lib-machines.mount \ - ${rootlibexecdir}/systemd/systemd-import \ - ${rootlibexecdir}/systemd/systemd-importd \ - ${rootlibexecdir}/systemd/systemd-machined \ - ${rootlibexecdir}/systemd/systemd-pull \ - ${exec_prefix}/lib/tmpfiles.d/systemd-nspawn.conf \ - ${exec_prefix}/lib/tmpfiles.d/README \ - ${systemd_system_unitdir}/systemd-nspawn@.service \ - ${libdir}/libnss_mymachines.so.2 \ - ${datadir}/dbus-1/system-services/org.freedesktop.import1.service \ - ${datadir}/dbus-1/system-services/org.freedesktop.machine1.service \ - ${datadir}/dbus-1/system.d/org.freedesktop.import1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.machine1.conf \ - ${datadir}/polkit-1/actions/org.freedesktop.import1.policy \ - ${datadir}/polkit-1/actions/org.freedesktop.machine1.policy \ - " - -# "machinectl import-tar" uses "tar --numeric-owner", not supported by busybox. -RRECOMMENDS:${PN}-container += "\ - ${PN}-journal-gatewayd \ - ${PN}-journal-remote \ - ${PN}-journal-upload \ - kernel-module-dm-mod \ - kernel-module-loop \ - kernel-module-tun \ - tar \ - " - -FILES:${PN}-extra-utils = "\ - ${base_bindir}/systemd-escape \ - ${base_bindir}/systemd-inhibit \ - ${bindir}/systemd-detect-virt \ - ${bindir}/systemd-dissect \ - ${bindir}/systemd-path \ - ${bindir}/systemd-run \ - ${bindir}/systemd-cat \ - ${bindir}/systemd-delta \ - ${bindir}/systemd-cgls \ - ${bindir}/systemd-cgtop \ - ${bindir}/systemd-stdio-bridge \ - ${bindir}/systemd-sysext \ - ${base_bindir}/systemd-ask-password \ - ${base_bindir}/systemd-tty-ask-password-agent \ - ${systemd_system_unitdir}/systemd-ask-password-console.path \ - ${systemd_system_unitdir}/systemd-ask-password-console.service \ - ${systemd_system_unitdir}/systemd-ask-password-wall.path \ - ${systemd_system_unitdir}/systemd-ask-password-wall.service \ - ${systemd_system_unitdir}/sysinit.target.wants/systemd-ask-password-console.path \ - ${systemd_system_unitdir}/sysinit.target.wants/systemd-ask-password-wall.path \ - ${systemd_system_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path \ - ${rootlibexecdir}/systemd/systemd-resolve-host \ - ${rootlibexecdir}/systemd/systemd-ac-power \ - ${rootlibexecdir}/systemd/systemd-activate \ - ${rootlibexecdir}/systemd/systemd-bus-proxyd \ - ${systemd_system_unitdir}/systemd-bus-proxyd.service \ - ${systemd_system_unitdir}/systemd-bus-proxyd.socket \ - ${rootlibexecdir}/systemd/systemd-socket-proxyd \ - ${rootlibexecdir}/systemd/systemd-reply-password \ - ${rootlibexecdir}/systemd/systemd-sleep \ - ${rootlibexecdir}/systemd/system-sleep \ - ${systemd_system_unitdir}/systemd-hibernate.service \ - ${systemd_system_unitdir}/systemd-hybrid-sleep.service \ - ${systemd_system_unitdir}/systemd-suspend.service \ - ${systemd_system_unitdir}/sleep.target \ - ${rootlibexecdir}/systemd/systemd-initctl \ - ${systemd_system_unitdir}/systemd-initctl.service \ - ${systemd_system_unitdir}/systemd-initctl.socket \ - ${systemd_system_unitdir}/sockets.target.wants/systemd-initctl.socket \ - ${rootlibexecdir}/systemd/system-generators/systemd-gpt-auto-generator \ - ${rootlibexecdir}/systemd/systemd-cgroups-agent \ -" - -FILES:${PN}-udev-rules = "\ - ${rootlibexecdir}/udev/rules.d/70-uaccess.rules \ - ${rootlibexecdir}/udev/rules.d/71-seat.rules \ - ${rootlibexecdir}/udev/rules.d/73-seat-late.rules \ - ${rootlibexecdir}/udev/rules.d/99-systemd.rules \ -" - -CONFFILES:${PN} = "${sysconfdir}/systemd/coredump.conf \ - ${sysconfdir}/systemd/journald.conf \ - ${sysconfdir}/systemd/logind.conf \ - ${sysconfdir}/systemd/networkd.conf \ - ${sysconfdir}/systemd/pstore.conf \ - ${sysconfdir}/systemd/resolved.conf \ - ${sysconfdir}/systemd/sleep.conf \ - ${sysconfdir}/systemd/system.conf \ - ${sysconfdir}/systemd/timesyncd.conf \ - ${sysconfdir}/systemd/user.conf \ -" - -FILES:${PN} = " ${base_bindir}/* \ - ${base_sbindir}/shutdown \ - ${base_sbindir}/halt \ - ${base_sbindir}/poweroff \ - ${base_sbindir}/runlevel \ - ${base_sbindir}/telinit \ - ${base_sbindir}/resolvconf \ - ${base_sbindir}/reboot \ - ${base_sbindir}/init \ - ${datadir}/dbus-1/services \ - ${datadir}/dbus-1/system-services \ - ${datadir}/polkit-1 \ - ${datadir}/${BPN} \ - ${datadir}/factory \ - ${sysconfdir}/dbus-1/ \ - ${sysconfdir}/modules-load.d/ \ - ${sysconfdir}/pam.d/ \ - ${sysconfdir}/profile.d/ \ - ${sysconfdir}/sysctl.d/ \ - ${sysconfdir}/systemd/ \ - ${sysconfdir}/tmpfiles.d/ \ - ${sysconfdir}/xdg/ \ - ${sysconfdir}/init.d/README \ - ${sysconfdir}/resolv-conf.systemd \ - ${sysconfdir}/X11/xinit/xinitrc.d/* \ - ${rootlibexecdir}/systemd/* \ - ${libdir}/pam.d \ - ${nonarch_libdir}/pam.d \ - ${systemd_unitdir}/* \ - ${base_libdir}/security/*.so \ - /cgroup \ - ${bindir}/systemd* \ - ${bindir}/busctl \ - ${bindir}/coredumpctl \ - ${bindir}/localectl \ - ${bindir}/hostnamectl \ - ${bindir}/resolvectl \ - ${bindir}/timedatectl \ - ${bindir}/bootctl \ - ${bindir}/oomctl \ - ${exec_prefix}/lib/tmpfiles.d/*.conf \ - ${exec_prefix}/lib/systemd \ - ${exec_prefix}/lib/modules-load.d \ - ${exec_prefix}/lib/sysctl.d \ - ${exec_prefix}/lib/sysusers.d \ - ${exec_prefix}/lib/environment.d \ - ${localstatedir} \ - ${rootlibexecdir}/modprobe.d/systemd.conf \ - ${rootlibexecdir}/modprobe.d/README \ - ${datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.locale1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.network1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf \ - ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', '${datadir}/dbus-1/system.d/org.freedesktop.hostname1_no_polkit.conf', '', d)} \ - ${datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.login1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.oom1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.home1.conf \ - " - -FILES:${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" - -RDEPENDS:${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) systemd-udev-rules util-linux-agetty util-linux-fsck" -RDEPENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}" -RDEPENDS:${PN} += "volatile-binds" - -RRECOMMENDS:${PN} += "systemd-extra-utils \ - udev-hwdb \ - e2fsprogs-e2fsck \ - kernel-module-autofs4 kernel-module-unix kernel-module-ipv6 kernel-module-sch-fq-codel \ - os-release \ - systemd-conf \ -" - -INSANE_SKIP:${PN} += "dev-so libdir" -INSANE_SKIP:${PN}-dbg += "libdir" -INSANE_SKIP:${PN}-doc += " libdir" - -RPROVIDES:udev = "hotplug" - -RDEPENDS:udev-hwdb += "udev" - -FILES:udev += "${base_sbindir}/udevd \ - ${rootlibexecdir}/systemd/network/99-default.link \ - ${rootlibexecdir}/systemd/systemd-udevd \ - ${rootlibexecdir}/udev/accelerometer \ - ${rootlibexecdir}/udev/ata_id \ - ${rootlibexecdir}/udev/cdrom_id \ - ${rootlibexecdir}/udev/collect \ - ${rootlibexecdir}/udev/dmi_memory_id \ - ${rootlibexecdir}/udev/fido_id \ - ${rootlibexecdir}/udev/findkeyboards \ - ${rootlibexecdir}/udev/keyboard-force-release.sh \ - ${rootlibexecdir}/udev/keymap \ - ${rootlibexecdir}/udev/mtd_probe \ - ${rootlibexecdir}/udev/scsi_id \ - ${rootlibexecdir}/udev/v4l_id \ - ${rootlibexecdir}/udev/keymaps \ - ${rootlibexecdir}/udev/rules.d/50-udev-default.rules \ - ${rootlibexecdir}/udev/rules.d/60-autosuspend.rules \ - ${rootlibexecdir}/udev/rules.d/60-autosuspend-chromiumos.rules \ - ${rootlibexecdir}/udev/rules.d/60-block.rules \ - ${rootlibexecdir}/udev/rules.d/60-cdrom_id.rules \ - ${rootlibexecdir}/udev/rules.d/60-drm.rules \ - ${rootlibexecdir}/udev/rules.d/60-evdev.rules \ - ${rootlibexecdir}/udev/rules.d/60-fido-id.rules \ - ${rootlibexecdir}/udev/rules.d/60-input-id.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-alsa.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-input.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-storage.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-storage-tape.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-v4l.rules \ - ${rootlibexecdir}/udev/rules.d/60-sensor.rules \ - ${rootlibexecdir}/udev/rules.d/60-serial.rules \ - ${rootlibexecdir}/udev/rules.d/61-autosuspend-manual.rules \ - ${rootlibexecdir}/udev/rules.d/64-btrfs.rules \ - ${rootlibexecdir}/udev/rules.d/70-joystick.rules \ - ${rootlibexecdir}/udev/rules.d/70-memory.rules \ - ${rootlibexecdir}/udev/rules.d/70-mouse.rules \ - ${rootlibexecdir}/udev/rules.d/70-power-switch.rules \ - ${rootlibexecdir}/udev/rules.d/70-touchpad.rules \ - ${rootlibexecdir}/udev/rules.d/75-net-description.rules \ - ${rootlibexecdir}/udev/rules.d/75-probe_mtd.rules \ - ${rootlibexecdir}/udev/rules.d/78-sound-card.rules \ - ${rootlibexecdir}/udev/rules.d/80-drivers.rules \ - ${rootlibexecdir}/udev/rules.d/80-net-setup-link.rules \ - ${rootlibexecdir}/udev/rules.d/81-net-dhcp.rules \ - ${rootlibexecdir}/udev/rules.d/90-vconsole.rules \ - ${rootlibexecdir}/udev/rules.d/README \ - ${sysconfdir}/udev \ - ${sysconfdir}/init.d/systemd-udevd \ - ${systemd_system_unitdir}/*udev* \ - ${systemd_system_unitdir}/*.wants/*udev* \ - ${base_bindir}/systemd-hwdb \ - ${base_bindir}/udevadm \ - ${base_sbindir}/udevadm \ - ${libexecdir}/${MLPREFIX}udevadm \ - ${datadir}/bash-completion/completions/udevadm \ - ${systemd_system_unitdir}/systemd-hwdb-update.service \ - " - -FILES:udev-hwdb = "${rootlibexecdir}/udev/hwdb.d \ - " - -RCONFLICTS:${PN} = "tiny-init ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolvconf', '', d)}" - -INITSCRIPT_PACKAGES = "udev" -INITSCRIPT_NAME:udev = "systemd-udevd" -INITSCRIPT_PARAMS:udev = "start 03 S ." - -python __anonymous() { - if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): - d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") - - if bb.utils.contains('PACKAGECONFIG', 'repart', True, False, d) and not bb.utils.contains('PACKAGECONFIG', 'openssl', True, False, d): - bb.error("PACKAGECONFIG[repart] requires PACKAGECONFIG[openssl]") - - if bb.utils.contains('PACKAGECONFIG', 'homed', True, False, d) and not bb.utils.contains('PACKAGECONFIG', 'userdb openssl cryptsetup', True, False, d): - bb.error("PACKAGECONFIG[homed] requires PACKAGECONFIG[userdb], PACKAGECONFIG[openssl] and PACKAGECONFIG[cryptsetup]") -} - -python do_warn_musl() { - if d.getVar('TCLIBC') == "musl": - bb.warn("Using systemd with musl is not recommended since it is not supported upstream and some patches are known to be problematic.") -} -addtask warn_musl before do_configure - -ALTERNATIVE:${PN} = "halt reboot shutdown poweroff runlevel ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolv-conf', '', d)}" - -ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd" -ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" -ALTERNATIVE_PRIORITY[resolv-conf] ?= "50" - -ALTERNATIVE_TARGET[halt] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[halt] = "${base_sbindir}/halt" -ALTERNATIVE_PRIORITY[halt] ?= "300" - -ALTERNATIVE_TARGET[reboot] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[reboot] = "${base_sbindir}/reboot" -ALTERNATIVE_PRIORITY[reboot] ?= "300" - -ALTERNATIVE_TARGET[shutdown] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[shutdown] = "${base_sbindir}/shutdown" -ALTERNATIVE_PRIORITY[shutdown] ?= "300" - -ALTERNATIVE_TARGET[poweroff] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[poweroff] = "${base_sbindir}/poweroff" -ALTERNATIVE_PRIORITY[poweroff] ?= "300" - -ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel" -ALTERNATIVE_PRIORITY[runlevel] ?= "300" - -pkg_postinst:${PN}:libc-glibc () { - sed -e '/^hosts:/s/\s*\//' \ - -e 's/\(^hosts:.*\)\(\\)\(.*\)\(\\)\(.*\)/\1\2 myhostname \3\4\5/' \ - -i $D${sysconfdir}/nsswitch.conf -} - -pkg_prerm:${PN}:libc-glibc () { - sed -e '/^hosts:/s/\s*\//' \ - -e '/^hosts:/s/\s*myhostname//' \ - -i $D${sysconfdir}/nsswitch.conf -} - -PACKAGE_WRITE_DEPS += "qemu-native" -pkg_postinst:udev-hwdb () { - if test -n "$D"; then - $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" - else - udevadm hwdb --update - fi -} - -pkg_prerm:udev-hwdb () { - rm -f $D${sysconfdir}/udev/hwdb.bin -} diff --git a/poky/meta/recipes-core/systemd/systemd_249.7.bb b/poky/meta/recipes-core/systemd/systemd_249.7.bb new file mode 100644 index 0000000000..c94a18140e --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd_249.7.bb @@ -0,0 +1,785 @@ +require systemd.inc + +PROVIDES = "udev" + +PE = "1" + +DEPENDS = "intltool-native gperf-native libcap util-linux python3-jinja2-native" + +SECTION = "base/shell" + +inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages features_check + +# As this recipe builds udev, respect systemd being in DISTRO_FEATURES so +# that we don't build both udev and systemd in world builds. +REQUIRED_DISTRO_FEATURES = "systemd" + +SRC_URI += "file://touchscreen.rules \ + file://00-create-volatile.conf \ + ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', 'file://org.freedesktop.hostname1_no_polkit.conf', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', 'file://00-hostnamed-network-user.conf', '', d)} \ + file://init \ + file://99-default.preset \ + file://systemd-pager.sh \ + file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \ + file://0003-implment-systemd-sysv-install-for-OE.patch \ + file://0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch \ + file://0001-test-parse-argument-Include-signal.h.patch \ + " + +# patches needed by musl +SRC_URI:append:libc-musl = " ${SRC_URI_MUSL}" +SRC_URI_MUSL = "\ + file://0002-don-t-use-glibc-specific-qsort_r.patch \ + file://0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch \ + file://0004-add-fallback-parse_printf_format-implementation.patch \ + file://0005-src-basic-missing.h-check-for-missing-strndupa.patch \ + file://0006-Include-netinet-if_ether.h.patch \ + file://0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch \ + file://0008-add-missing-FTW_-macros-for-musl.patch \ + file://0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch \ + file://0010-Use-uintmax_t-for-handling-rlim_t.patch \ + file://0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch \ + file://0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \ + file://0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch \ + file://0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \ + file://0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \ + file://0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch \ + file://0017-missing_type.h-add-__compar_d_fn_t-definition.patch \ + file://0018-avoid-redefinition-of-prctl_mm_map-structure.patch \ + file://0019-Handle-missing-LOCK_EX.patch \ + file://0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch \ + file://0021-test-json.c-define-M_PIl.patch \ + file://0022-do-not-disable-buffer-in-writing-files.patch \ + file://0025-Handle-__cpu_mask-usage.patch \ + file://0026-Handle-missing-gshadow.patch \ + file://0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch \ + " + +PAM_PLUGINS = " \ + pam-plugin-unix \ + pam-plugin-loginuid \ + pam-plugin-keyinit \ +" + +PACKAGECONFIG ??= " \ + ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit efi ldconfig pam selinux smack usrmerge polkit seccomp', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \ + backlight \ + binfmt \ + gshadow \ + hibernate \ + hostnamed \ + idn \ + ima \ + kmod \ + localed \ + logind \ + machined \ + myhostname \ + networkd \ + nss \ + nss-mymachines \ + nss-resolve \ + quotacheck \ + randomseed \ + resolved \ + set-time-epoch \ + sysusers \ + sysvinit \ + timedated \ + timesyncd \ + userdb \ + utmp \ + vconsole \ + wheel-group \ + zstd \ +" + +PACKAGECONFIG:remove:libc-musl = " \ + gshadow \ + idn \ + localed \ + myhostname \ + nss \ + nss-mymachines \ + nss-resolve \ + sysusers \ + userdb \ + utmp \ +" + +CFLAGS:append:libc-musl = " -D__UAPI_DEF_ETHHDR=0 " + +# Some of the dependencies are weak-style recommends - if not available at runtime, +# systemd won't fail but the library-related feature will be skipped with a warning. + +# Use the upstream systemd serial-getty@.service and rely on +# systemd-getty-generator instead of using the OE-core specific +# systemd-serialgetty.bb - not enabled by default. +PACKAGECONFIG[serial-getty-generator] = "" + +PACKAGECONFIG[acl] = "-Dacl=true,-Dacl=false,acl" +PACKAGECONFIG[audit] = "-Daudit=true,-Daudit=false,audit" +PACKAGECONFIG[backlight] = "-Dbacklight=true,-Dbacklight=false" +PACKAGECONFIG[binfmt] = "-Dbinfmt=true,-Dbinfmt=false" +PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" +PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" +PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" +PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" +PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" +PACKAGECONFIG[dbus] = "-Ddbus=true,-Ddbus=false,dbus" +PACKAGECONFIG[efi] = "-Defi=true,-Defi=false" +PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-includedir=${STAGING_INCDIR}/efi,-Dgnu-efi=false,gnu-efi" +PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" +PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" +PACKAGECONFIG[repart] = "-Drepart=true,-Drepart=false" +PACKAGECONFIG[homed] = "-Dhomed=true,-Dhomed=false" +# Sign the journal for anti-tampering +PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" +PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" +PACKAGECONFIG[gshadow] = "-Dgshadow=true,-Dgshadow=false" +PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false" +PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false" +PACKAGECONFIG[idn] = "-Didn=true,-Didn=false" +PACKAGECONFIG[ima] = "-Dima=true,-Dima=false" +# importd requires journal-upload/xz/zlib/bzip2/gcrypt +PACKAGECONFIG[importd] = "-Dimportd=true,-Dimportd=false" +# Update NAT firewall rules +PACKAGECONFIG[iptc] = "-Dlibiptc=true,-Dlibiptc=false,iptables" +PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl" +PACKAGECONFIG[kmod] = "-Dkmod=true,-Dkmod=false,kmod" +PACKAGECONFIG[ldconfig] = "-Dldconfig=true,-Dldconfig=false,,ldconfig" +PACKAGECONFIG[libidn] = "-Dlibidn=true,-Dlibidn=false,libidn,,libidn" +PACKAGECONFIG[libidn2] = "-Dlibidn2=true,-Dlibidn2=false,libidn2,,libidn2" +PACKAGECONFIG[localed] = "-Dlocaled=true,-Dlocaled=false" +PACKAGECONFIG[logind] = "-Dlogind=true,-Dlogind=false" +PACKAGECONFIG[lz4] = "-Dlz4=true,-Dlz4=false,lz4" +PACKAGECONFIG[machined] = "-Dmachined=true,-Dmachined=false" +PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,libxslt-native xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" +PACKAGECONFIG[microhttpd] = "-Dmicrohttpd=true,-Dmicrohttpd=false,libmicrohttpd" +PACKAGECONFIG[myhostname] = "-Dnss-myhostname=true,-Dnss-myhostname=false,,libnss-myhostname" +PACKAGECONFIG[networkd] = "-Dnetworkd=true,-Dnetworkd=false" +PACKAGECONFIG[nss] = "-Dnss-systemd=true,-Dnss-systemd=false" +PACKAGECONFIG[nss-mymachines] = "-Dnss-mymachines=true,-Dnss-mymachines=false" +PACKAGECONFIG[nss-resolve] = "-Dnss-resolve=true,-Dnss-resolve=false" +PACKAGECONFIG[oomd] = "-Doomd=true,-Doomd=false" +PACKAGECONFIG[openssl] = "-Dopenssl=true,-Dopenssl=false,openssl" +PACKAGECONFIG[pam] = "-Dpam=true,-Dpam=false,libpam,${PAM_PLUGINS}" +PACKAGECONFIG[pcre2] = "-Dpcre2=true,-Dpcre2=false,libpcre2" +PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false" +# If polkit is disabled and networkd+hostnamed are in use, enabling this option and +# using dbus-broker will allow networkd to be authorized to change the +# hostname without acquiring additional privileges +PACKAGECONFIG[polkit_hostnamed_fallback] = ",,,,dbus-broker,polkit" +PACKAGECONFIG[portabled] = "-Dportabled=true,-Dportabled=false" +PACKAGECONFIG[qrencode] = "-Dqrencode=true,-Dqrencode=false,qrencode,,qrencode" +PACKAGECONFIG[quotacheck] = "-Dquotacheck=true,-Dquotacheck=false" +PACKAGECONFIG[randomseed] = "-Drandomseed=true,-Drandomseed=false" +PACKAGECONFIG[resolved] = "-Dresolve=true,-Dresolve=false" +PACKAGECONFIG[rfkill] = "-Drfkill=true,-Drfkill=false" +PACKAGECONFIG[seccomp] = "-Dseccomp=true,-Dseccomp=false,libseccomp" +PACKAGECONFIG[selinux] = "-Dselinux=true,-Dselinux=false,libselinux,initscripts-sushell" +PACKAGECONFIG[smack] = "-Dsmack=true,-Dsmack=false" +PACKAGECONFIG[sysusers] = "-Dsysusers=true,-Dsysusers=false" +PACKAGECONFIG[sysvinit] = "-Dsysvinit-path=${sysconfdir}/init.d -Dsysvrcnd-path=${sysconfdir},-Dsysvinit-path= -Dsysvrcnd-path=,,systemd-compat-units update-rc.d" +# When enabled use reproducble build timestamp if set as time epoch, +# or build time if not. When disabled, time epoch is unset. +def build_epoch(d): + epoch = d.getVar('SOURCE_DATE_EPOCH') or "-1" + return '-Dtime-epoch=%d' % int(epoch) +PACKAGECONFIG[set-time-epoch] = "${@build_epoch(d)},-Dtime-epoch=0" +PACKAGECONFIG[timedated] = "-Dtimedated=true,-Dtimedated=false" +PACKAGECONFIG[timesyncd] = "-Dtimesyncd=true,-Dtimesyncd=false" +PACKAGECONFIG[usrmerge] = "-Dsplit-usr=false,-Dsplit-usr=true" +PACKAGECONFIG[sbinmerge] = "-Dsplit-bin=false,-Dsplit-bin=true" +PACKAGECONFIG[userdb] = "-Duserdb=true,-Duserdb=false" +PACKAGECONFIG[utmp] = "-Dutmp=true,-Dutmp=false" +PACKAGECONFIG[valgrind] = "-DVALGRIND=1,,valgrind" +PACKAGECONFIG[vconsole] = "-Dvconsole=true,-Dvconsole=false,,${PN}-vconsole-setup" +PACKAGECONFIG[wheel-group] = "-Dwheel-group=true, -Dwheel-group=false" +PACKAGECONFIG[xdg-autostart] = "-Dxdg-autostart=true,-Dxdg-autostart=false" +# Verify keymaps on locale change +PACKAGECONFIG[xkbcommon] = "-Dxkbcommon=true,-Dxkbcommon=false,libxkbcommon" +PACKAGECONFIG[xz] = "-Dxz=true,-Dxz=false,xz" +PACKAGECONFIG[zlib] = "-Dzlib=true,-Dzlib=false,zlib" +PACKAGECONFIG[zstd] = "-Dzstd=true,-Dzstd=false,zstd" + +# Helper variables to clarify locations. This mirrors the logic in systemd's +# build system. +rootprefix ?= "${root_prefix}" +rootlibdir ?= "${base_libdir}" +rootlibexecdir = "${rootprefix}/lib" + +# This links udev statically with systemd helper library. +# Otherwise udev package would depend on systemd package (which has the needed shared library), +# and always pull it into images. +EXTRA_OEMESON += "-Dlink-udev-shared=false" + +EXTRA_OEMESON += "-Dnobody-user=nobody \ + -Dnobody-group=nobody \ + -Drootlibdir=${rootlibdir} \ + -Drootprefix=${rootprefix} \ + -Ddefault-locale=C \ + -Dmode=release \ + -Dsystem-alloc-uid-min=101 \ + -Dsystem-uid-max=999 \ + -Dsystem-alloc-gid-min=101 \ + -Dsystem-gid-max=999 \ + " + +# Hardcode target binary paths to avoid using paths from sysroot +EXTRA_OEMESON += "-Dkexec-path=${sbindir}/kexec \ + -Dkmod-path=${base_bindir}/kmod \ + -Dmount-path=${base_bindir}/mount \ + -Dquotacheck-path=${sbindir}/quotacheck \ + -Dquotaon-path=${sbindir}/quotaon \ + -Dsulogin-path=${base_sbindir}/sulogin \ + -Dnologin-path=${base_sbindir}/nologin \ + -Dumount-path=${base_bindir}/umount" + +do_install() { + meson_do_install + install -d ${D}/${base_sbindir} + if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then + # Provided by a separate recipe + rm ${D}${systemd_system_unitdir}/serial-getty* -f + fi + + # Provide support for initramfs + [ ! -e ${D}/init ] && ln -s ${rootlibexecdir}/systemd/systemd ${D}/init + [ ! -e ${D}/${base_sbindir}/udevd ] && ln -s ${rootlibexecdir}/systemd/systemd-udevd ${D}/${base_sbindir}/udevd + + install -d ${D}${sysconfdir}/udev/rules.d/ + install -d ${D}${sysconfdir}/tmpfiles.d + for rule in $(find ${WORKDIR} -maxdepth 1 -type f -name "*.rules"); do + install -m 0644 $rule ${D}${sysconfdir}/udev/rules.d/ + done + + install -m 0644 ${WORKDIR}/00-create-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ + + if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/systemd-udevd + sed -i s%@UDEVD@%${rootlibexecdir}/systemd/systemd-udevd% ${D}${sysconfdir}/init.d/systemd-udevd + install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON ${D}${systemd_system_unitdir}d-sysv-install + fi + + chown root:systemd-journal ${D}/${localstatedir}/log/journal + + # Delete journal README, as log can be symlinked inside volatile. + rm -f ${D}/${localstatedir}/log/README + + # journal-remote creates this at start + rm -rf ${D}/${localstatedir}/log/journal/remote + + install -d ${D}${systemd_system_unitdir}/graphical.target.wants + install -d ${D}${systemd_system_unitdir}/multi-user.target.wants + install -d ${D}${systemd_system_unitdir}/poweroff.target.wants + install -d ${D}${systemd_system_unitdir}/reboot.target.wants + install -d ${D}${systemd_system_unitdir}/rescue.target.wants + + # Create symlinks for systemd-update-utmp-runlevel.service + if ${@bb.utils.contains('PACKAGECONFIG', 'utmp', 'true', 'false', d)}; then + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/graphical.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/multi-user.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/poweroff.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/reboot.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_system_unitdir}/rescue.target.wants/systemd-update-utmp-runlevel.service + fi + + # this file is needed to exist if networkd is disabled but timesyncd is still in use since timesyncd checks it + # for existence else it fails + if [ -s ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf ]; then + ${@bb.utils.contains('PACKAGECONFIG', 'networkd', ':', 'sed -i -e "\$ad /run/systemd/netif/links 0755 root root -" ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf', d)} + fi + if ! ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'true', 'false', d)}; then + echo 'L! ${sysconfdir}/resolv.conf - - - - ../run/systemd/resolve/resolv.conf' >>${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + echo 'd /run/systemd/resolve 0755 root root -' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf + echo 'f /run/systemd/resolve/resolv.conf 0644 root root' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd + else + sed -i -e "s%^L! /etc/resolv.conf.*$%L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf%g" ${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd + fi + if ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'false', 'true', d)}; then + rm ${D}${exec_prefix}/lib/tmpfiles.d/x11.conf + rm -r ${D}${sysconfdir}/X11 + fi + + # If polkit is setup fixup permissions and ownership + if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then + if [ -d ${D}${datadir}/polkit-1/rules.d ]; then + chmod 700 ${D}${datadir}/polkit-1/rules.d + chown polkitd:root ${D}${datadir}/polkit-1/rules.d + fi + fi + + # If polkit is not available and a fallback was requested, install a drop-in that allows networkd to + # request hostname changes via DBUS without elevating its privileges + if ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', 'true', 'false', d)}; then + install -d ${D}${systemd_system_unitdir}/systemd-hostnamed.service.d/ + install -m 0644 ${WORKDIR}/00-hostnamed-network-user.conf ${D}${systemd_system_unitdir}/systemd-hostnamed.service.d/ + install -d ${D}${datadir}/dbus-1/system.d/ + install -m 0644 ${WORKDIR}/org.freedesktop.hostname1_no_polkit.conf ${D}${datadir}/dbus-1/system.d/ + fi + + # create link for existing udev rules + ln -s ${base_bindir}/udevadm ${D}${base_sbindir}/udevadm + + # duplicate udevadm for postinst script + install -d ${D}${libexecdir} + ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm + + # install default policy for presets + # https://www.freedesktop.org/wiki/Software/systemd/Preset/#howto + install -Dm 0644 ${WORKDIR}/99-default.preset ${D}${systemd_system_unitdir}-preset/99-default.preset + + # add a profile fragment to disable systemd pager with busybox less + install -Dm 0644 ${WORKDIR}/systemd-pager.sh ${D}${sysconfdir}/profile.d/systemd-pager.sh +} + +python populate_packages:prepend (){ + systemdlibdir = d.getVar("rootlibdir") + do_split_packages(d, systemdlibdir, '^lib(.*)\.so\.*', 'lib%s', 'Systemd %s library', extra_depends='', allow_links=True) +} +PACKAGES_DYNAMIC += "^lib(udev|systemd|nss).*" + +PACKAGE_BEFORE_PN = "\ + ${PN}-gui \ + ${PN}-vconsole-setup \ + ${PN}-initramfs \ + ${PN}-analyze \ + ${PN}-kernel-install \ + ${PN}-rpm-macros \ + ${PN}-binfmt \ + ${PN}-zsh-completion \ + ${PN}-container \ + ${PN}-journal-gatewayd \ + ${PN}-journal-upload \ + ${PN}-journal-remote \ + ${PN}-extra-utils \ + ${PN}-udev-rules \ + udev \ + udev-hwdb \ +" + +SUMMARY:${PN}-container = "Tools for containers and VMs" +DESCRIPTION:${PN}-container = "Systemd tools to spawn and manage containers and virtual machines." + +SUMMARY:${PN}-journal-gatewayd = "HTTP server for journal events" +DESCRIPTION:${PN}-journal-gatewayd = "systemd-journal-gatewayd serves journal events over the network. Clients must connect using HTTP. The server listens on port 19531 by default." + +SUMMARY:${PN}-journal-upload = "Send journal messages over the network" +DESCRIPTION:${PN}-journal-upload = "systemd-journal-upload uploads journal entries to a specified URL." + +SUMMARY:${PN}-journal-remote = "Receive journal messages over the network" +DESCRIPTION:${PN}-journal-remote = "systemd-journal-remote is a command to receive serialized journal events and store them to journal files." + +SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfmt', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +SYSTEMD_SERVICE:${PN}-binfmt = "systemd-binfmt.service" + +USERADD_PACKAGES = "${PN} ${PN}-extra-utils \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +GROUPADD_PARAM:${PN} = "-r systemd-journal;" +GROUPADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', '-r systemd-hostname;', '', d)}" +USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /sbin/nologin systemd-coredump;', '', d)}" +USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /sbin/nologin systemd-network;', '', d)}" +USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" +USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /sbin/nologin systemd-resolve;', '', d)}" +USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /sbin/nologin systemd-timesync;', '', d)}" +USERADD_PARAM:${PN}-extra-utils = "--system -d / -M --shell /sbin/nologin systemd-bus-proxy" +USERADD_PARAM:${PN}-journal-gatewayd = "--system -d / -M --shell /sbin/nologin systemd-journal-gateway" +USERADD_PARAM:${PN}-journal-remote = "--system -d / -M --shell /sbin/nologin systemd-journal-remote" +USERADD_PARAM:${PN}-journal-upload = "--system -d / -M --shell /sbin/nologin systemd-journal-upload" + +FILES:${PN}-analyze = "${bindir}/systemd-analyze" + +FILES:${PN}-initramfs = "/init" +RDEPENDS:${PN}-initramfs = "${PN}" + +FILES:${PN}-gui = "${bindir}/systemadm" + +FILES:${PN}-vconsole-setup = "${rootlibexecdir}/systemd/systemd-vconsole-setup \ + ${systemd_system_unitdir}/systemd-vconsole-setup.service \ + ${systemd_system_unitdir}/sysinit.target.wants/systemd-vconsole-setup.service" + +RDEPENDS:${PN}-kernel-install += "bash" +FILES:${PN}-kernel-install = "${bindir}/kernel-install \ + ${sysconfdir}/kernel/ \ + ${exec_prefix}/lib/kernel \ + " +FILES:${PN}-rpm-macros = "${exec_prefix}/lib/rpm \ + " + +FILES:${PN}-zsh-completion = "${datadir}/zsh/site-functions" + +FILES:${PN}-binfmt = "${sysconfdir}/binfmt.d/ \ + ${exec_prefix}/lib/binfmt.d \ + ${rootlibexecdir}/systemd/systemd-binfmt \ + ${systemd_system_unitdir}/proc-sys-fs-binfmt_misc.* \ + ${systemd_system_unitdir}/systemd-binfmt.service" +RRECOMMENDS:${PN}-binfmt = "kernel-module-binfmt-misc" + +RRECOMMENDS:${PN}-vconsole-setup = "kbd kbd-consolefonts kbd-keymaps" + + +FILES:${PN}-journal-gatewayd = "${rootlibexecdir}/systemd/systemd-journal-gatewayd \ + ${systemd_system_unitdir}/systemd-journal-gatewayd.service \ + ${systemd_system_unitdir}/systemd-journal-gatewayd.socket \ + ${systemd_system_unitdir}/sockets.target.wants/systemd-journal-gatewayd.socket \ + ${datadir}/systemd/gatewayd/browse.html \ + " +SYSTEMD_SERVICE:${PN}-journal-gatewayd = "systemd-journal-gatewayd.socket" + +FILES:${PN}-journal-upload = "${rootlibexecdir}/systemd/systemd-journal-upload \ + ${systemd_system_unitdir}/systemd-journal-upload.service \ + ${sysconfdir}/systemd/journal-upload.conf \ + " +SYSTEMD_SERVICE:${PN}-journal-upload = "systemd-journal-upload.service" + +FILES:${PN}-journal-remote = "${rootlibexecdir}/systemd/systemd-journal-remote \ + ${sysconfdir}/systemd/journal-remote.conf \ + ${systemd_system_unitdir}/systemd-journal-remote.service \ + ${systemd_system_unitdir}/systemd-journal-remote.socket \ + " +SYSTEMD_SERVICE:${PN}-journal-remote = "systemd-journal-remote.socket" + + +FILES:${PN}-container = "${sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf \ + ${sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf \ + ${sysconfdir}/systemd/system/multi-user.target.wants/machines.target \ + ${base_bindir}/machinectl \ + ${bindir}/systemd-nspawn \ + ${nonarch_libdir}/systemd/import-pubring.gpg \ + ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.import1.busname \ + ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.machine1.busname \ + ${systemd_system_unitdir}/local-fs.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/machines.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/remote-fs.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/machine.slice \ + ${systemd_system_unitdir}/machines.target \ + ${systemd_system_unitdir}/org.freedesktop.import1.busname \ + ${systemd_system_unitdir}/org.freedesktop.machine1.busname \ + ${systemd_system_unitdir}/systemd-importd.service \ + ${systemd_system_unitdir}/systemd-machined.service \ + ${systemd_system_unitdir}/dbus-org.freedesktop.machine1.service \ + ${systemd_system_unitdir}/var-lib-machines.mount \ + ${rootlibexecdir}/systemd/systemd-import \ + ${rootlibexecdir}/systemd/systemd-importd \ + ${rootlibexecdir}/systemd/systemd-machined \ + ${rootlibexecdir}/systemd/systemd-pull \ + ${exec_prefix}/lib/tmpfiles.d/systemd-nspawn.conf \ + ${exec_prefix}/lib/tmpfiles.d/README \ + ${systemd_system_unitdir}/systemd-nspawn@.service \ + ${libdir}/libnss_mymachines.so.2 \ + ${datadir}/dbus-1/system-services/org.freedesktop.import1.service \ + ${datadir}/dbus-1/system-services/org.freedesktop.machine1.service \ + ${datadir}/dbus-1/system.d/org.freedesktop.import1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.machine1.conf \ + ${datadir}/polkit-1/actions/org.freedesktop.import1.policy \ + ${datadir}/polkit-1/actions/org.freedesktop.machine1.policy \ + " + +# "machinectl import-tar" uses "tar --numeric-owner", not supported by busybox. +RRECOMMENDS:${PN}-container += "\ + ${PN}-journal-gatewayd \ + ${PN}-journal-remote \ + ${PN}-journal-upload \ + kernel-module-dm-mod \ + kernel-module-loop \ + kernel-module-tun \ + tar \ + " + +FILES:${PN}-extra-utils = "\ + ${base_bindir}/systemd-escape \ + ${base_bindir}/systemd-inhibit \ + ${bindir}/systemd-detect-virt \ + ${bindir}/systemd-dissect \ + ${bindir}/systemd-path \ + ${bindir}/systemd-run \ + ${bindir}/systemd-cat \ + ${bindir}/systemd-delta \ + ${bindir}/systemd-cgls \ + ${bindir}/systemd-cgtop \ + ${bindir}/systemd-stdio-bridge \ + ${bindir}/systemd-sysext \ + ${base_bindir}/systemd-ask-password \ + ${base_bindir}/systemd-tty-ask-password-agent \ + ${systemd_system_unitdir}/systemd-ask-password-console.path \ + ${systemd_system_unitdir}/systemd-ask-password-console.service \ + ${systemd_system_unitdir}/systemd-ask-password-wall.path \ + ${systemd_system_unitdir}/systemd-ask-password-wall.service \ + ${systemd_system_unitdir}/sysinit.target.wants/systemd-ask-password-console.path \ + ${systemd_system_unitdir}/sysinit.target.wants/systemd-ask-password-wall.path \ + ${systemd_system_unitdir}/multi-user.target.wants/systemd-ask-password-wall.path \ + ${rootlibexecdir}/systemd/systemd-resolve-host \ + ${rootlibexecdir}/systemd/systemd-ac-power \ + ${rootlibexecdir}/systemd/systemd-activate \ + ${rootlibexecdir}/systemd/systemd-bus-proxyd \ + ${systemd_system_unitdir}/systemd-bus-proxyd.service \ + ${systemd_system_unitdir}/systemd-bus-proxyd.socket \ + ${rootlibexecdir}/systemd/systemd-socket-proxyd \ + ${rootlibexecdir}/systemd/systemd-reply-password \ + ${rootlibexecdir}/systemd/systemd-sleep \ + ${rootlibexecdir}/systemd/system-sleep \ + ${systemd_system_unitdir}/systemd-hibernate.service \ + ${systemd_system_unitdir}/systemd-hybrid-sleep.service \ + ${systemd_system_unitdir}/systemd-suspend.service \ + ${systemd_system_unitdir}/sleep.target \ + ${rootlibexecdir}/systemd/systemd-initctl \ + ${systemd_system_unitdir}/systemd-initctl.service \ + ${systemd_system_unitdir}/systemd-initctl.socket \ + ${systemd_system_unitdir}/sockets.target.wants/systemd-initctl.socket \ + ${rootlibexecdir}/systemd/system-generators/systemd-gpt-auto-generator \ + ${rootlibexecdir}/systemd/systemd-cgroups-agent \ +" + +FILES:${PN}-udev-rules = "\ + ${rootlibexecdir}/udev/rules.d/70-uaccess.rules \ + ${rootlibexecdir}/udev/rules.d/71-seat.rules \ + ${rootlibexecdir}/udev/rules.d/73-seat-late.rules \ + ${rootlibexecdir}/udev/rules.d/99-systemd.rules \ +" + +CONFFILES:${PN} = "${sysconfdir}/systemd/coredump.conf \ + ${sysconfdir}/systemd/journald.conf \ + ${sysconfdir}/systemd/logind.conf \ + ${sysconfdir}/systemd/networkd.conf \ + ${sysconfdir}/systemd/pstore.conf \ + ${sysconfdir}/systemd/resolved.conf \ + ${sysconfdir}/systemd/sleep.conf \ + ${sysconfdir}/systemd/system.conf \ + ${sysconfdir}/systemd/timesyncd.conf \ + ${sysconfdir}/systemd/user.conf \ +" + +FILES:${PN} = " ${base_bindir}/* \ + ${base_sbindir}/shutdown \ + ${base_sbindir}/halt \ + ${base_sbindir}/poweroff \ + ${base_sbindir}/runlevel \ + ${base_sbindir}/telinit \ + ${base_sbindir}/resolvconf \ + ${base_sbindir}/reboot \ + ${base_sbindir}/init \ + ${datadir}/dbus-1/services \ + ${datadir}/dbus-1/system-services \ + ${datadir}/polkit-1 \ + ${datadir}/${BPN} \ + ${datadir}/factory \ + ${sysconfdir}/dbus-1/ \ + ${sysconfdir}/modules-load.d/ \ + ${sysconfdir}/pam.d/ \ + ${sysconfdir}/profile.d/ \ + ${sysconfdir}/sysctl.d/ \ + ${sysconfdir}/systemd/ \ + ${sysconfdir}/tmpfiles.d/ \ + ${sysconfdir}/xdg/ \ + ${sysconfdir}/init.d/README \ + ${sysconfdir}/resolv-conf.systemd \ + ${sysconfdir}/X11/xinit/xinitrc.d/* \ + ${rootlibexecdir}/systemd/* \ + ${libdir}/pam.d \ + ${nonarch_libdir}/pam.d \ + ${systemd_unitdir}/* \ + ${base_libdir}/security/*.so \ + /cgroup \ + ${bindir}/systemd* \ + ${bindir}/busctl \ + ${bindir}/coredumpctl \ + ${bindir}/localectl \ + ${bindir}/hostnamectl \ + ${bindir}/resolvectl \ + ${bindir}/timedatectl \ + ${bindir}/bootctl \ + ${bindir}/oomctl \ + ${exec_prefix}/lib/tmpfiles.d/*.conf \ + ${exec_prefix}/lib/systemd \ + ${exec_prefix}/lib/modules-load.d \ + ${exec_prefix}/lib/sysctl.d \ + ${exec_prefix}/lib/sysusers.d \ + ${exec_prefix}/lib/environment.d \ + ${localstatedir} \ + ${rootlibexecdir}/modprobe.d/systemd.conf \ + ${rootlibexecdir}/modprobe.d/README \ + ${datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.locale1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.network1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf \ + ${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', '${datadir}/dbus-1/system.d/org.freedesktop.hostname1_no_polkit.conf', '', d)} \ + ${datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.login1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.oom1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.home1.conf \ + " + +FILES:${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" + +RDEPENDS:${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) systemd-udev-rules util-linux-agetty util-linux-fsck" +RDEPENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}" +RDEPENDS:${PN} += "volatile-binds" + +RRECOMMENDS:${PN} += "systemd-extra-utils \ + udev-hwdb \ + e2fsprogs-e2fsck \ + kernel-module-autofs4 kernel-module-unix kernel-module-ipv6 kernel-module-sch-fq-codel \ + os-release \ + systemd-conf \ +" + +INSANE_SKIP:${PN} += "dev-so libdir" +INSANE_SKIP:${PN}-dbg += "libdir" +INSANE_SKIP:${PN}-doc += " libdir" + +RPROVIDES:udev = "hotplug" + +RDEPENDS:udev-hwdb += "udev" + +FILES:udev += "${base_sbindir}/udevd \ + ${rootlibexecdir}/systemd/network/99-default.link \ + ${rootlibexecdir}/systemd/systemd-udevd \ + ${rootlibexecdir}/udev/accelerometer \ + ${rootlibexecdir}/udev/ata_id \ + ${rootlibexecdir}/udev/cdrom_id \ + ${rootlibexecdir}/udev/collect \ + ${rootlibexecdir}/udev/dmi_memory_id \ + ${rootlibexecdir}/udev/fido_id \ + ${rootlibexecdir}/udev/findkeyboards \ + ${rootlibexecdir}/udev/keyboard-force-release.sh \ + ${rootlibexecdir}/udev/keymap \ + ${rootlibexecdir}/udev/mtd_probe \ + ${rootlibexecdir}/udev/scsi_id \ + ${rootlibexecdir}/udev/v4l_id \ + ${rootlibexecdir}/udev/keymaps \ + ${rootlibexecdir}/udev/rules.d/50-udev-default.rules \ + ${rootlibexecdir}/udev/rules.d/60-autosuspend.rules \ + ${rootlibexecdir}/udev/rules.d/60-autosuspend-chromiumos.rules \ + ${rootlibexecdir}/udev/rules.d/60-block.rules \ + ${rootlibexecdir}/udev/rules.d/60-cdrom_id.rules \ + ${rootlibexecdir}/udev/rules.d/60-drm.rules \ + ${rootlibexecdir}/udev/rules.d/60-evdev.rules \ + ${rootlibexecdir}/udev/rules.d/60-fido-id.rules \ + ${rootlibexecdir}/udev/rules.d/60-input-id.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-alsa.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-input.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-storage.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-storage-tape.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-v4l.rules \ + ${rootlibexecdir}/udev/rules.d/60-sensor.rules \ + ${rootlibexecdir}/udev/rules.d/60-serial.rules \ + ${rootlibexecdir}/udev/rules.d/61-autosuspend-manual.rules \ + ${rootlibexecdir}/udev/rules.d/64-btrfs.rules \ + ${rootlibexecdir}/udev/rules.d/70-joystick.rules \ + ${rootlibexecdir}/udev/rules.d/70-memory.rules \ + ${rootlibexecdir}/udev/rules.d/70-mouse.rules \ + ${rootlibexecdir}/udev/rules.d/70-power-switch.rules \ + ${rootlibexecdir}/udev/rules.d/70-touchpad.rules \ + ${rootlibexecdir}/udev/rules.d/75-net-description.rules \ + ${rootlibexecdir}/udev/rules.d/75-probe_mtd.rules \ + ${rootlibexecdir}/udev/rules.d/78-sound-card.rules \ + ${rootlibexecdir}/udev/rules.d/80-drivers.rules \ + ${rootlibexecdir}/udev/rules.d/80-net-setup-link.rules \ + ${rootlibexecdir}/udev/rules.d/81-net-dhcp.rules \ + ${rootlibexecdir}/udev/rules.d/90-vconsole.rules \ + ${rootlibexecdir}/udev/rules.d/README \ + ${sysconfdir}/udev \ + ${sysconfdir}/init.d/systemd-udevd \ + ${systemd_system_unitdir}/*udev* \ + ${systemd_system_unitdir}/*.wants/*udev* \ + ${base_bindir}/systemd-hwdb \ + ${base_bindir}/udevadm \ + ${base_sbindir}/udevadm \ + ${libexecdir}/${MLPREFIX}udevadm \ + ${datadir}/bash-completion/completions/udevadm \ + ${systemd_system_unitdir}/systemd-hwdb-update.service \ + " + +FILES:udev-hwdb = "${rootlibexecdir}/udev/hwdb.d \ + " + +RCONFLICTS:${PN} = "tiny-init ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolvconf', '', d)}" + +INITSCRIPT_PACKAGES = "udev" +INITSCRIPT_NAME:udev = "systemd-udevd" +INITSCRIPT_PARAMS:udev = "start 03 S ." + +python __anonymous() { + if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): + d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") + + if bb.utils.contains('PACKAGECONFIG', 'repart', True, False, d) and not bb.utils.contains('PACKAGECONFIG', 'openssl', True, False, d): + bb.error("PACKAGECONFIG[repart] requires PACKAGECONFIG[openssl]") + + if bb.utils.contains('PACKAGECONFIG', 'homed', True, False, d) and not bb.utils.contains('PACKAGECONFIG', 'userdb openssl cryptsetup', True, False, d): + bb.error("PACKAGECONFIG[homed] requires PACKAGECONFIG[userdb], PACKAGECONFIG[openssl] and PACKAGECONFIG[cryptsetup]") +} + +python do_warn_musl() { + if d.getVar('TCLIBC') == "musl": + bb.warn("Using systemd with musl is not recommended since it is not supported upstream and some patches are known to be problematic.") +} +addtask warn_musl before do_configure + +ALTERNATIVE:${PN} = "halt reboot shutdown poweroff runlevel ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolv-conf', '', d)}" + +ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd" +ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" +ALTERNATIVE_PRIORITY[resolv-conf] ?= "50" + +ALTERNATIVE_TARGET[halt] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[halt] = "${base_sbindir}/halt" +ALTERNATIVE_PRIORITY[halt] ?= "300" + +ALTERNATIVE_TARGET[reboot] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[reboot] = "${base_sbindir}/reboot" +ALTERNATIVE_PRIORITY[reboot] ?= "300" + +ALTERNATIVE_TARGET[shutdown] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[shutdown] = "${base_sbindir}/shutdown" +ALTERNATIVE_PRIORITY[shutdown] ?= "300" + +ALTERNATIVE_TARGET[poweroff] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[poweroff] = "${base_sbindir}/poweroff" +ALTERNATIVE_PRIORITY[poweroff] ?= "300" + +ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel" +ALTERNATIVE_PRIORITY[runlevel] ?= "300" + +pkg_postinst:${PN}:libc-glibc () { + sed -e '/^hosts:/s/\s*\//' \ + -e 's/\(^hosts:.*\)\(\\)\(.*\)\(\\)\(.*\)/\1\2 myhostname \3\4\5/' \ + -i $D${sysconfdir}/nsswitch.conf +} + +pkg_prerm:${PN}:libc-glibc () { + sed -e '/^hosts:/s/\s*\//' \ + -e '/^hosts:/s/\s*myhostname//' \ + -i $D${sysconfdir}/nsswitch.conf +} + +PACKAGE_WRITE_DEPS += "qemu-native" +pkg_postinst:udev-hwdb () { + if test -n "$D"; then + $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" + else + udevadm hwdb --update + fi +} + +pkg_prerm:udev-hwdb () { + rm -f $D${sysconfdir}/udev/hwdb.bin +} diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.37.inc b/poky/meta/recipes-devtools/binutils/binutils-2.37.inc index 6093558e4b..be0a0a5539 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.37.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.37.inc @@ -36,5 +36,6 @@ SRC_URI = "\ file://0015-sync-with-OE-libtool-changes.patch \ file://0016-Check-for-clang-before-checking-gcc-version.patch \ file://0017-bfd-Close-the-file-descriptor-if-there-is-no-archive.patch \ + file://0001-CVE-2021-42574.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch b/poky/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch new file mode 100644 index 0000000000..0622ae389e --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch @@ -0,0 +1,2001 @@ +From b3aa80b45c4f46029efeb204bb9f2d2c4278a0e5 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Tue, 9 Nov 2021 13:25:42 +0000 +Subject: [PATCH] Add --unicode option to control how unicode characters are + handled by display tools. + + * nm.c: Add --unicode option to control how unicode characters are + handled. + * objdump.c: Likewise. + * readelf.c: Likewise. + * strings.c: Likewise. + * binutils.texi: Document the new feature. + * NEWS: Document the new feature. + * testsuite/binutils-all/unicode.exp: New file. + * testsuite/binutils-all/nm.hex.unicode + * testsuite/binutils-all/strings.escape.unicode + * testsuite/binutils-all/objdump.highlight.unicode + * testsuite/binutils-all/readelf.invalid.unicode + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=b3aa80b45c4f46029efeb204bb9f2d2c4278a0e5] + +RP: Added tweak uint -> unsigned int partial backport of +https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=795588aec4f894206863c938bd6d716895886009 + +Signed-off-by: pgowda +--- + binutils/ChangeLog | 15 + + binutils/NEWS | 9 + + binutils/doc/binutils.texi | 78 ++++ + binutils/nm.c | 228 ++++++++++- + binutils/objdump.c | 235 ++++++++++-- + binutils/readelf.c | 190 +++++++++- + binutils/strings.c | 757 ++++++++++++++++++++++++++++++++++--- + 7 files changed, 1409 insertions(+), 103 deletions(-) + +diff --git a/binutils/ChangeLog b/binutils/ChangeLog +--- a/binutils/ChangeLog 2021-12-19 19:00:27.038540406 -0800 ++++ b/binutils/ChangeLog 2021-12-19 19:28:42.733565078 -0800 +@@ -1,3 +1,18 @@ ++2021-11-09 Nick Clifton ++ ++ * nm.c: Add --unicode option to control how unicode characters are ++ handled. ++ * objdump.c: Likewise. ++ * readelf.c: Likewise. ++ * strings.c: Likewise. ++ * binutils.texi: Document the new feature. ++ * NEWS: Document the new feature. ++ * testsuite/binutils-all/unicode.exp: New file. ++ * testsuite/binutils-all/nm.hex.unicode ++ * testsuite/binutils-all/strings.escape.unicode ++ * testsuite/binutils-all/objdump.highlight.unicode ++ * testsuite/binutils-all/readelf.invalid.unicode ++ + 2021-07-16 Nick Clifton + + * po/sv.po: Updated Swedish translation. +diff --git a/binutils/doc/binutils.texi b/binutils/doc/binutils.texi +--- a/binutils/doc/binutils.texi 2021-12-19 19:00:27.042540338 -0800 ++++ b/binutils/doc/binutils.texi 2021-12-19 19:27:56.526354667 -0800 +@@ -812,6 +812,7 @@ nm [@option{-A}|@option{-o}|@option{--pr + [@option{-s}|@option{--print-armap}] + [@option{-t} @var{radix}|@option{--radix=}@var{radix}] + [@option{-u}|@option{--undefined-only}] ++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}] + [@option{-V}|@option{--version}] + [@option{-X 32_64}] + [@option{--defined-only}] +@@ -1132,6 +1133,21 @@ Use @var{radix} as the radix for printin + @cindex undefined symbols + Display only undefined symbols (those external to each object file). + ++@item -U @var{[d|i|l|e|x|h]} ++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]} ++Controls the display of UTF-8 encoded mulibyte characters in strings. ++The default (@option{--unicode=default}) is to give them no special ++treatment. The @option{--unicode=locale} option displays the sequence ++in the current locale, which may or may not support them. The options ++@option{--unicode=hex} and @option{--unicode=invalid} display them as ++hex byte sequences enclosed by either angle brackets or curly braces. ++ ++The @option{--unicode=escape} option displays them as escape sequences ++(@var{\uxxxx}) and the @option{--unicode=highlight} option displays ++them as escape sequences highlighted in red (if supported by the ++output device). The colouring is intended to draw attention to the ++presence of unicode sequences where they might not be expected. ++ + @item -V + @itemx --version + Show the version number of @command{nm} and exit. +@@ -2247,6 +2263,7 @@ objdump [@option{-a}|@option{--archive-h + [@option{--prefix-strip=}@var{level}] + [@option{--insn-width=}@var{width}] + [@option{--visualize-jumps[=color|=extended-color|=off]} ++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}] + [@option{-V}|@option{--version}] + [@option{-H}|@option{--help}] + @var{objfile}@dots{} +@@ -2921,6 +2938,21 @@ When displaying symbols include those wh + special in some way and which would not normally be of interest to the + user. + ++@item -U @var{[d|i|l|e|x|h]} ++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]} ++Controls the display of UTF-8 encoded mulibyte characters in strings. ++The default (@option{--unicode=default}) is to give them no special ++treatment. The @option{--unicode=locale} option displays the sequence ++in the current locale, which may or may not support them. The options ++@option{--unicode=hex} and @option{--unicode=invalid} display them as ++hex byte sequences enclosed by either angle brackets or curly braces. ++ ++The @option{--unicode=escape} option displays them as escape sequences ++(@var{\uxxxx}) and the @option{--unicode=highlight} option displays ++them as escape sequences highlighted in red (if supported by the ++output device). The colouring is intended to draw attention to the ++presence of unicode sequences where they might not be expected. ++ + @item -V + @itemx --version + Print the version number of @command{objdump} and exit. +@@ -3197,6 +3229,7 @@ strings [@option{-afovV}] [@option{-}@va + [@option{-n} @var{min-len}] [@option{--bytes=}@var{min-len}] + [@option{-t} @var{radix}] [@option{--radix=}@var{radix}] + [@option{-e} @var{encoding}] [@option{--encoding=}@var{encoding}] ++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}] + [@option{-}] [@option{--all}] [@option{--print-file-name}] + [@option{-T} @var{bfdname}] [@option{--target=}@var{bfdname}] + [@option{-w}] [@option{--include-all-whitespace}] +@@ -3288,6 +3321,28 @@ single-8-bit-byte characters, @samp{b} = + littleendian. Useful for finding wide character strings. (@samp{l} + and @samp{b} apply to, for example, Unicode UTF-16/UCS-2 encodings). + ++@item -U @var{[d|i|l|e|x|h]} ++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]} ++Controls the display of UTF-8 encoded mulibyte characters in strings. ++The default (@option{--unicode=default}) is to give them no special ++treatment, and instead rely upon the setting of the ++@option{--encoding} option. The other values for this option ++automatically enable @option{--encoding=S}. ++ ++The @option{--unicode=invalid} option treats them as non-graphic ++characters and hence not part of a valid string. All the remaining ++options treat them as valid string characters. ++ ++The @option{--unicode=locale} option displays them in the current ++locale, which may or may not support UTF-8 encoding. The ++@option{--unicode=hex} option displays them as hex byte sequences ++enclosed between @var{<>} characters. The @option{--unicode=escape} ++option displays them as escape sequences (@var{\uxxxx}) and the ++@option{--unicode=highlight} option displays them as escape sequences ++highlighted in red (if supported by the output device). The colouring ++is intended to draw attention to the presence of unicode sequences ++where they might not be expected. ++ + @item -T @var{bfdname} + @itemx --target=@var{bfdname} + @cindex object code format +@@ -4796,6 +4851,7 @@ readelf [@option{-a}|@option{--all}] + [@option{--demangle@var{=style}}|@option{--no-demangle}] + [@option{--quiet}] + [@option{--recurse-limit}|@option{--no-recurse-limit}] ++ [@option{-U} @var{method}|@option{--unicode=}@var{method}] + [@option{-n}|@option{--notes}] + [@option{-r}|@option{--relocs}] + [@option{-u}|@option{--unwind}] +@@ -4962,6 +5018,28 @@ necessary in order to demangle truly com + that if the recursion limit is disabled then stack exhaustion is + possible and any bug reports about such an event will be rejected. + ++@item -U @var{[d|i|l|e|x|h]} ++@itemx --unicode=[default|invalid|locale|escape|hex|highlight] ++Controls the display of non-ASCII characters in identifier names. ++The default (@option{--unicode=locale} or @option{--unicode=default}) is ++to treat them as multibyte characters and display them in the current ++locale. All other versions of this option treat the bytes as UTF-8 ++encoded values and attempt to interpret them. If they cannot be ++interpreted or if the @option{--unicode=invalid} option is used then ++they are displayed as a sequence of hex bytes, encloses in curly ++parethesis characters. ++ ++Using the @option{--unicode=escape} option will display the characters ++as as unicode escape sequences (@var{\uxxxx}). Using the ++@option{--unicode=hex} will display the characters as hex byte ++sequences enclosed between angle brackets. ++ ++Using the @option{--unicode=highlight} will display the characters as ++unicode escape sequences but it will also highlighted them in red, ++assuming that colouring is supported by the output device. The ++colouring is intended to draw attention to the presence of unicode ++sequences when they might not be expected. ++ + @item -e + @itemx --headers + Display all the headers in the file. Equivalent to @option{-h -l -S}. +diff --git a/binutils/NEWS b/binutils/NEWS +--- a/binutils/NEWS 2021-12-19 19:00:27.038540406 -0800 ++++ b/binutils/NEWS 2021-12-19 19:30:04.764162972 -0800 +@@ -1,5 +1,14 @@ + -*- text -*- + ++* Tools which display symbols or strings (readelf, strings, nm, objdump) ++ have a new command line option which controls how unicode characters are ++ handled. By default they are treated as normal for the tool. Using ++ --unicode=locale will display them according to the current locale. ++ Using --unicode=hex will display them as hex byte values, whilst ++ --unicode=escape will display them as escape sequences. In addition ++ using --unicode=highlight will display them as unicode escape sequences ++ highlighted in red (if supported by the output device). ++ + Changes in 2.37: + + * The readelf tool has a new command line option which can be used to specify +diff --git a/binutils/nm.c b/binutils/nm.c +--- a/binutils/nm.c 2021-12-19 19:00:27.046540270 -0800 ++++ b/binutils/nm.c 2021-12-19 19:36:34.797491555 -0800 +@@ -38,6 +38,11 @@ + #include "bucomm.h" + #include "plugin-api.h" + #include "plugin.h" ++#include "safe-ctype.h" ++ ++#ifndef streq ++#define streq(a,b) (strcmp ((a),(b)) == 0) ++#endif + + /* When sorting by size, we use this structure to hold the size and a + pointer to the minisymbol. */ +@@ -216,6 +221,18 @@ static const char *plugin_target = NULL; + static bfd *lineno_cache_bfd; + static bfd *lineno_cache_rel_bfd; + ++typedef enum unicode_display_type ++{ ++ unicode_default = 0, ++ unicode_locale, ++ unicode_escape, ++ unicode_hex, ++ unicode_highlight, ++ unicode_invalid ++} unicode_display_type; ++ ++static unicode_display_type unicode_display = unicode_default; ++ + enum long_option_values + { + OPTION_TARGET = 200, +@@ -260,6 +277,7 @@ static struct option long_options[] = + {"target", required_argument, 0, OPTION_TARGET}, + {"defined-only", no_argument, &defined_only, 1}, + {"undefined-only", no_argument, &undefined_only, 1}, ++ {"unicode", required_argument, NULL, 'U'}, + {"version", no_argument, &show_version, 1}, + {"with-symbol-versions", no_argument, &with_symbol_versions, 1}, + {"without-symbol-versions", no_argument, &with_symbol_versions, 0}, +@@ -313,6 +331,8 @@ usage (FILE *stream, int status) + -t, --radix=RADIX Use RADIX for printing symbol values\n\ + --target=BFDNAME Specify the target object format as BFDNAME\n\ + -u, --undefined-only Display only undefined symbols\n\ ++ -U {d|s|i|x|e|h} Specify how to treat UTF-8 encoded unicode characters\n\ ++ --unicode={default|show|invalid|hex|escape|highlight}\n\ + --with-symbol-versions Display version strings after symbol names\n\ + -X 32_64 (ignored)\n\ + @FILE Read options from FILE\n\ +@@ -432,6 +452,187 @@ get_coff_symbol_type (const struct inter + return bufp; + } + ++/* Convert a potential UTF-8 encoded sequence in IN into characters in OUT. ++ The conversion format is controlled by the unicode_display variable. ++ Returns the number of characters added to OUT. ++ Returns the number of bytes consumed from IN in CONSUMED. ++ Always consumes at least one byte and displays at least one character. */ ++ ++static unsigned int ++display_utf8 (const unsigned char * in, char * out, unsigned int * consumed) ++{ ++ char * orig_out = out; ++ unsigned int nchars = 0; ++ unsigned int j; ++ ++ if (unicode_display == unicode_default) ++ goto invalid; ++ ++ if (in[0] < 0xc0) ++ goto invalid; ++ ++ if ((in[1] & 0xc0) != 0x80) ++ goto invalid; ++ ++ if ((in[0] & 0x20) == 0) ++ { ++ nchars = 2; ++ goto valid; ++ } ++ ++ if ((in[2] & 0xc0) != 0x80) ++ goto invalid; ++ ++ if ((in[0] & 0x10) == 0) ++ { ++ nchars = 3; ++ goto valid; ++ } ++ ++ if ((in[3] & 0xc0) != 0x80) ++ goto invalid; ++ ++ nchars = 4; ++ ++ valid: ++ switch (unicode_display) ++ { ++ case unicode_locale: ++ /* Copy the bytes into the output buffer as is. */ ++ memcpy (out, in, nchars); ++ out += nchars; ++ break; ++ ++ case unicode_invalid: ++ case unicode_hex: ++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '<' : '{'); ++ out += sprintf (out, "0x"); ++ for (j = 0; j < nchars; j++) ++ out += sprintf (out, "%02x", in [j]); ++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '>' : '}'); ++ break; ++ ++ case unicode_highlight: ++ if (isatty (1)) ++ out += sprintf (out, "\x1B[31;47m"); /* Red. */ ++ /* Fall through. */ ++ case unicode_escape: ++ switch (nchars) ++ { ++ case 2: ++ out += sprintf (out, "\\u%02x%02x", ++ ((in[0] & 0x1c) >> 2), ++ ((in[0] & 0x03) << 6) | (in[1] & 0x3f)); ++ break; ++ ++ case 3: ++ out += sprintf (out, "\\u%02x%02x", ++ ((in[0] & 0x0f) << 4) | ((in[1] & 0x3c) >> 2), ++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3f))); ++ break; ++ ++ case 4: ++ out += sprintf (out, "\\u%02x%02x%02x", ++ ((in[0] & 0x07) << 6) | ((in[1] & 0x3c) >> 2), ++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3c) >> 2), ++ ((in[2] & 0x03) << 6) | ((in[3] & 0x3f))); ++ break; ++ default: ++ /* URG. */ ++ break; ++ } ++ ++ if (unicode_display == unicode_highlight && isatty (1)) ++ out += sprintf (out, "\033[0m"); /* Default colour. */ ++ break; ++ ++ default: ++ /* URG */ ++ break; ++ } ++ ++ * consumed = nchars; ++ return out - orig_out; ++ ++ invalid: ++ /* Not a valid UTF-8 sequence. */ ++ *out = *in; ++ * consumed = 1; ++ return 1; ++} ++ ++/* Convert any UTF-8 encoded characters in NAME into the form specified by ++ unicode_display. Also converts control characters. Returns a static ++ buffer if conversion was necessary. ++ Code stolen from objdump.c:sanitize_string(). */ ++ ++static const char * ++convert_utf8 (const char * in) ++{ ++ static char * buffer = NULL; ++ static size_t buffer_len = 0; ++ const char * original = in; ++ char * out; ++ ++ /* Paranoia. */ ++ if (in == NULL) ++ return ""; ++ ++ /* See if any conversion is necessary. ++ In the majority of cases it will not be needed. */ ++ do ++ { ++ unsigned char c = *in++; ++ ++ if (c == 0) ++ return original; ++ ++ if (ISCNTRL (c)) ++ break; ++ ++ if (unicode_display != unicode_default && c >= 0xc0) ++ break; ++ } ++ while (1); ++ ++ /* Copy the input, translating as needed. */ ++ in = original; ++ if (buffer_len < (strlen (in) * 9)) ++ { ++ free ((void *) buffer); ++ buffer_len = strlen (in) * 9; ++ buffer = xmalloc (buffer_len + 1); ++ } ++ ++ out = buffer; ++ do ++ { ++ unsigned char c = *in++; ++ ++ if (c == 0) ++ break; ++ ++ if (ISCNTRL (c)) ++ { ++ *out++ = '^'; ++ *out++ = c + 0x40; ++ } ++ else if (unicode_display != unicode_default && c >= 0xc0) ++ { ++ unsigned int num_consumed; ++ ++ out += display_utf8 ((const unsigned char *)(in - 1), out, & num_consumed); ++ in += num_consumed - 1; ++ } ++ else ++ *out++ = c; ++ } ++ while (1); ++ ++ *out = 0; ++ return buffer; ++} ++ + /* Print symbol name NAME, read from ABFD, with printf format FORM, + demangling it if requested. */ + +@@ -444,6 +645,7 @@ print_symname (const char *form, struct + + if (name == NULL) + name = info->sinfo->name; ++ + if (!with_symbol_versions + && bfd_get_flavour (abfd) == bfd_target_elf_flavour) + { +@@ -451,6 +653,7 @@ print_symname (const char *form, struct + if (atver) + *atver = 0; + } ++ + if (do_demangle && *name) + { + alloc = bfd_demangle (abfd, name, demangle_flags); +@@ -458,6 +661,11 @@ print_symname (const char *form, struct + name = alloc; + } + ++ if (unicode_display != unicode_default) ++ { ++ name = convert_utf8 (name); ++ } ++ + if (info != NULL && info->elfinfo && with_symbol_versions) + { + const char *version_string; +@@ -1807,7 +2015,7 @@ main (int argc, char **argv) + fatal (_("fatal error: libbfd ABI mismatch")); + set_default_bfd_target (); + +- while ((c = getopt_long (argc, argv, "aABCDef:gHhjJlnopPrSst:uvVvX:", ++ while ((c = getopt_long (argc, argv, "aABCDef:gHhjJlnopPrSst:uU:vVvX:", + long_options, (int *) 0)) != EOF) + { + switch (c) +@@ -1900,6 +2108,24 @@ main (int argc, char **argv) + case 'u': + undefined_only = 1; + break; ++ ++ case 'U': ++ if (streq (optarg, "default") || streq (optarg, "d")) ++ unicode_display = unicode_default; ++ else if (streq (optarg, "locale") || streq (optarg, "l")) ++ unicode_display = unicode_locale; ++ else if (streq (optarg, "escape") || streq (optarg, "e")) ++ unicode_display = unicode_escape; ++ else if (streq (optarg, "invalid") || streq (optarg, "i")) ++ unicode_display = unicode_invalid; ++ else if (streq (optarg, "hex") || streq (optarg, "x")) ++ unicode_display = unicode_hex; ++ else if (streq (optarg, "highlight") || streq (optarg, "h")) ++ unicode_display = unicode_highlight; ++ else ++ fatal (_("invalid argument to -U/--unicode: %s"), optarg); ++ break; ++ + case 'V': + show_version = 1; + break; +diff --git a/binutils/objdump.c b/binutils/objdump.c +--- a/binutils/objdump.c 2021-12-19 19:00:27.046540270 -0800 ++++ b/binutils/objdump.c 2021-12-19 19:43:09.438736729 -0800 +@@ -204,6 +204,18 @@ static const struct objdump_private_desc + + /* The list of detected jumps inside a function. */ + static struct jump_info *detected_jumps = NULL; ++ ++typedef enum unicode_display_type ++{ ++ unicode_default = 0, ++ unicode_locale, ++ unicode_escape, ++ unicode_hex, ++ unicode_highlight, ++ unicode_invalid ++} unicode_display_type; ++ ++static unicode_display_type unicode_display = unicode_default; + + static void usage (FILE *, int) ATTRIBUTE_NORETURN; + static void +@@ -330,6 +342,9 @@ usage (FILE *stream, int status) + fprintf (stream, _("\ + -w, --wide Format output for more than 80 columns\n")); + fprintf (stream, _("\ ++ -U[d|l|i|x|e|h] Controls the display of UTF-8 unicode characters\n\ ++ --unicode=[default|locale|invalid|hex|escape|highlight]\n")); ++ fprintf (stream, _("\ + -z, --disassemble-zeroes Do not skip blocks of zeroes when disassembling\n")); + fprintf (stream, _("\ + --start-address=ADDR Only process data whose address is >= ADDR\n")); +@@ -420,17 +435,23 @@ static struct option long_options[]= + { + {"adjust-vma", required_argument, NULL, OPTION_ADJUST_VMA}, + {"all-headers", no_argument, NULL, 'x'}, +- {"private-headers", no_argument, NULL, 'p'}, +- {"private", required_argument, NULL, 'P'}, + {"architecture", required_argument, NULL, 'm'}, + {"archive-headers", no_argument, NULL, 'a'}, ++#ifdef ENABLE_LIBCTF ++ {"ctf", required_argument, NULL, OPTION_CTF}, ++ {"ctf-parent", required_argument, NULL, OPTION_CTF_PARENT}, ++#endif + {"debugging", no_argument, NULL, 'g'}, + {"debugging-tags", no_argument, NULL, 'e'}, + {"demangle", optional_argument, NULL, 'C'}, + {"disassemble", optional_argument, NULL, 'd'}, + {"disassemble-all", no_argument, NULL, 'D'}, +- {"disassembler-options", required_argument, NULL, 'M'}, + {"disassemble-zeroes", no_argument, NULL, 'z'}, ++ {"disassembler-options", required_argument, NULL, 'M'}, ++ {"dwarf", optional_argument, NULL, OPTION_DWARF}, ++ {"dwarf-check", no_argument, 0, OPTION_DWARF_CHECK}, ++ {"dwarf-depth", required_argument, 0, OPTION_DWARF_DEPTH}, ++ {"dwarf-start", required_argument, 0, OPTION_DWARF_START}, + {"dynamic-reloc", no_argument, NULL, 'R'}, + {"dynamic-syms", no_argument, NULL, 'T'}, + {"endian", required_argument, NULL, OPTION_ENDIAN}, +@@ -440,16 +461,23 @@ static struct option long_options[]= + {"full-contents", no_argument, NULL, 's'}, + {"headers", no_argument, NULL, 'h'}, + {"help", no_argument, NULL, 'H'}, ++ {"include", required_argument, NULL, 'I'}, + {"info", no_argument, NULL, 'i'}, ++ {"inlines", no_argument, 0, OPTION_INLINES}, ++ {"insn-width", required_argument, NULL, OPTION_INSN_WIDTH}, + {"line-numbers", no_argument, NULL, 'l'}, +- {"no-show-raw-insn", no_argument, &show_raw_insn, -1}, + {"no-addresses", no_argument, &no_addresses, 1}, +- {"process-links", no_argument, &process_links, true}, ++ {"no-recurse-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT}, ++ {"no-recursion-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT}, ++ {"no-show-raw-insn", no_argument, &show_raw_insn, -1}, ++ {"prefix", required_argument, NULL, OPTION_PREFIX}, + {"prefix-addresses", no_argument, &prefix_addresses, 1}, ++ {"prefix-strip", required_argument, NULL, OPTION_PREFIX_STRIP}, ++ {"private", required_argument, NULL, 'P'}, ++ {"private-headers", no_argument, NULL, 'p'}, ++ {"process-links", no_argument, &process_links, true}, + {"recurse-limit", no_argument, NULL, OPTION_RECURSE_LIMIT}, + {"recursion-limit", no_argument, NULL, OPTION_RECURSE_LIMIT}, +- {"no-recurse-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT}, +- {"no-recursion-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT}, + {"reloc", no_argument, NULL, 'r'}, + {"section", required_argument, NULL, 'j'}, + {"section-headers", no_argument, NULL, 'h'}, +@@ -457,28 +485,16 @@ static struct option long_options[]= + {"source", no_argument, NULL, 'S'}, + {"source-comment", optional_argument, NULL, OPTION_SOURCE_COMMENT}, + {"special-syms", no_argument, &dump_special_syms, 1}, +- {"include", required_argument, NULL, 'I'}, +- {"dwarf", optional_argument, NULL, OPTION_DWARF}, +-#ifdef ENABLE_LIBCTF +- {"ctf", required_argument, NULL, OPTION_CTF}, +- {"ctf-parent", required_argument, NULL, OPTION_CTF_PARENT}, +-#endif + {"stabs", no_argument, NULL, 'G'}, + {"start-address", required_argument, NULL, OPTION_START_ADDRESS}, + {"stop-address", required_argument, NULL, OPTION_STOP_ADDRESS}, + {"syms", no_argument, NULL, 't'}, + {"target", required_argument, NULL, 'b'}, ++ {"unicode", required_argument, NULL, 'U'}, + {"version", no_argument, NULL, 'V'}, +- {"wide", no_argument, NULL, 'w'}, +- {"prefix", required_argument, NULL, OPTION_PREFIX}, +- {"prefix-strip", required_argument, NULL, OPTION_PREFIX_STRIP}, +- {"insn-width", required_argument, NULL, OPTION_INSN_WIDTH}, +- {"dwarf-depth", required_argument, 0, OPTION_DWARF_DEPTH}, +- {"dwarf-start", required_argument, 0, OPTION_DWARF_START}, +- {"dwarf-check", no_argument, 0, OPTION_DWARF_CHECK}, +- {"inlines", no_argument, 0, OPTION_INLINES}, + {"visualize-jumps", optional_argument, 0, OPTION_VISUALIZE_JUMPS}, +- {0, no_argument, 0, 0} ++ {"wide", no_argument, NULL, 'w'}, ++ {NULL, no_argument, NULL, 0} + }; + + static void +@@ -488,9 +504,121 @@ nonfatal (const char *msg) + exit_status = 1; + } + ++/* Convert a potential UTF-8 encoded sequence in IN into characters in OUT. ++ The conversion format is controlled by the unicode_display variable. ++ Returns the number of characters added to OUT. ++ Returns the number of bytes consumed from IN in CONSUMED. ++ Always consumes at least one byte and displays at least one character. */ ++ ++static unsigned int ++display_utf8 (const unsigned char * in, char * out, unsigned int * consumed) ++{ ++ char * orig_out = out; ++ unsigned int nchars = 0; ++ unsigned int j; ++ ++ if (unicode_display == unicode_default) ++ goto invalid; ++ ++ if (in[0] < 0xc0) ++ goto invalid; ++ ++ if ((in[1] & 0xc0) != 0x80) ++ goto invalid; ++ ++ if ((in[0] & 0x20) == 0) ++ { ++ nchars = 2; ++ goto valid; ++ } ++ ++ if ((in[2] & 0xc0) != 0x80) ++ goto invalid; ++ ++ if ((in[0] & 0x10) == 0) ++ { ++ nchars = 3; ++ goto valid; ++ } ++ ++ if ((in[3] & 0xc0) != 0x80) ++ goto invalid; ++ ++ nchars = 4; ++ ++ valid: ++ switch (unicode_display) ++ { ++ case unicode_locale: ++ /* Copy the bytes into the output buffer as is. */ ++ memcpy (out, in, nchars); ++ out += nchars; ++ break; ++ ++ case unicode_invalid: ++ case unicode_hex: ++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '<' : '{'); ++ out += sprintf (out, "0x"); ++ for (j = 0; j < nchars; j++) ++ out += sprintf (out, "%02x", in [j]); ++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '>' : '}'); ++ break; ++ ++ case unicode_highlight: ++ if (isatty (1)) ++ out += sprintf (out, "\x1B[31;47m"); /* Red. */ ++ /* Fall through. */ ++ case unicode_escape: ++ switch (nchars) ++ { ++ case 2: ++ out += sprintf (out, "\\u%02x%02x", ++ ((in[0] & 0x1c) >> 2), ++ ((in[0] & 0x03) << 6) | (in[1] & 0x3f)); ++ break; ++ ++ case 3: ++ out += sprintf (out, "\\u%02x%02x", ++ ((in[0] & 0x0f) << 4) | ((in[1] & 0x3c) >> 2), ++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3f))); ++ break; ++ ++ case 4: ++ out += sprintf (out, "\\u%02x%02x%02x", ++ ((in[0] & 0x07) << 6) | ((in[1] & 0x3c) >> 2), ++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3c) >> 2), ++ ((in[2] & 0x03) << 6) | ((in[3] & 0x3f))); ++ break; ++ default: ++ /* URG. */ ++ break; ++ } ++ ++ if (unicode_display == unicode_highlight && isatty (1)) ++ out += sprintf (out, "\033[0m"); /* Default colour. */ ++ break; ++ ++ default: ++ /* URG */ ++ break; ++ } ++ ++ * consumed = nchars; ++ return out - orig_out; ++ ++ invalid: ++ /* Not a valid UTF-8 sequence. */ ++ *out = *in; ++ * consumed = 1; ++ return 1; ++} ++ + /* Returns a version of IN with any control characters + replaced by escape sequences. Uses a static buffer +- if necessary. */ ++ if necessary. ++ ++ If unicode display is enabled, then also handles the ++ conversion of unicode characters. */ + + static const char * + sanitize_string (const char * in) +@@ -508,40 +636,50 @@ sanitize_string (const char * in) + of cases it will not be needed. */ + do + { +- char c = *in++; ++ unsigned char c = *in++; + + if (c == 0) + return original; + + if (ISCNTRL (c)) + break; ++ ++ if (unicode_display != unicode_default && c >= 0xc0) ++ break; + } + while (1); + + /* Copy the input, translating as needed. */ + in = original; +- if (buffer_len < (strlen (in) * 2)) ++ if (buffer_len < (strlen (in) * 9)) + { + free ((void *) buffer); +- buffer_len = strlen (in) * 2; ++ buffer_len = strlen (in) * 9; + buffer = xmalloc (buffer_len + 1); + } + + out = buffer; + do + { +- char c = *in++; ++ unsigned char c = *in++; + + if (c == 0) + break; + +- if (!ISCNTRL (c)) +- *out++ = c; +- else ++ if (ISCNTRL (c)) + { + *out++ = '^'; + *out++ = c + 0x40; + } ++ else if (unicode_display != unicode_default && c >= 0xc0) ++ { ++ unsigned int num_consumed; ++ ++ out += display_utf8 ((const unsigned char *)(in - 1), out, & num_consumed); ++ in += num_consumed - 1; ++ } ++ else ++ *out++ = c; + } + while (1); + +@@ -4529,6 +4667,24 @@ dump_symbols (bfd *abfd ATTRIBUTE_UNUSED + free (alloc); + } + } ++ else if (unicode_display != unicode_default ++ && name != NULL && *name != '\0') ++ { ++ const char * sanitized_name; ++ ++ /* If we want to sanitize the name, we do it here, and ++ temporarily clobber it while calling bfd_print_symbol. ++ FIXME: This is a gross hack. */ ++ sanitized_name = sanitize_string (name); ++ if (sanitized_name != name) ++ (*current)->name = sanitized_name; ++ else ++ sanitized_name = NULL; ++ bfd_print_symbol (cur_bfd, stdout, *current, ++ bfd_print_symbol_all); ++ if (sanitized_name != NULL) ++ (*current)->name = name; ++ } + else + bfd_print_symbol (cur_bfd, stdout, *current, + bfd_print_symbol_all); +@@ -5212,7 +5368,7 @@ main (int argc, char **argv) + set_default_bfd_target (); + + while ((c = getopt_long (argc, argv, +- "pP:ib:m:M:VvCdDlfFaHhrRtTxsSI:j:wE:zgeGW::", ++ "CDE:FGHI:LM:P:RSTU:VW::ab:defghij:lm:prstvwxz", + long_options, (int *) 0)) + != EOF) + { +@@ -5495,6 +5651,23 @@ main (int argc, char **argv) + seenflag = true; + break; + ++ case 'U': ++ if (streq (optarg, "default") || streq (optarg, "d")) ++ unicode_display = unicode_default; ++ else if (streq (optarg, "locale") || streq (optarg, "l")) ++ unicode_display = unicode_locale; ++ else if (streq (optarg, "escape") || streq (optarg, "e")) ++ unicode_display = unicode_escape; ++ else if (streq (optarg, "invalid") || streq (optarg, "i")) ++ unicode_display = unicode_invalid; ++ else if (streq (optarg, "hex") || streq (optarg, "x")) ++ unicode_display = unicode_hex; ++ else if (streq (optarg, "highlight") || streq (optarg, "h")) ++ unicode_display = unicode_highlight; ++ else ++ fatal (_("invalid argument to -U/--unicode: %s"), optarg); ++ break; ++ + case 'H': + usage (stdout, 0); + /* No need to set seenflag or to break - usage() does not return. */ +diff --git a/binutils/readelf.c b/binutils/readelf.c +--- a/binutils/readelf.c 2021-12-19 19:00:27.058540065 -0800 ++++ b/binutils/readelf.c 2021-12-19 19:27:56.538354462 -0800 +@@ -328,6 +328,19 @@ typedef enum print_mode + } + print_mode; + ++typedef enum unicode_display_type ++{ ++ unicode_default = 0, ++ unicode_locale, ++ unicode_escape, ++ unicode_hex, ++ unicode_highlight, ++ unicode_invalid ++} unicode_display_type; ++ ++static unicode_display_type unicode_display = unicode_default; ++ ++ + /* Versioned symbol info. */ + enum versioned_symbol_info + { +@@ -632,11 +645,18 @@ print_symbol (signed int width, const ch + if (c == 0) + break; + +- /* Do not print control characters directly as they can affect terminal +- settings. Such characters usually appear in the names generated +- by the assembler for local labels. */ +- if (ISCNTRL (c)) ++ if (ISPRINT (c)) ++ { ++ putchar (c); ++ width_remaining --; ++ num_printed ++; ++ } ++ else if (ISCNTRL (c)) + { ++ /* Do not print control characters directly as they can affect terminal ++ settings. Such characters usually appear in the names generated ++ by the assembler for local labels. */ ++ + if (width_remaining < 2) + break; + +@@ -644,11 +664,137 @@ print_symbol (signed int width, const ch + width_remaining -= 2; + num_printed += 2; + } +- else if (ISPRINT (c)) ++ else if (c == 0x7f) + { +- putchar (c); +- width_remaining --; +- num_printed ++; ++ if (width_remaining < 5) ++ break; ++ printf (""); ++ width_remaining -= 5; ++ num_printed += 5; ++ } ++ else if (unicode_display != unicode_locale ++ && unicode_display != unicode_default) ++ { ++ /* Display unicode characters as something else. */ ++ unsigned char bytes[4]; ++ bool is_utf8; ++ unsigned int nbytes; ++ ++ bytes[0] = c; ++ ++ if (bytes[0] < 0xc0) ++ { ++ nbytes = 1; ++ is_utf8 = false; ++ } ++ else ++ { ++ bytes[1] = *symbol++; ++ ++ if ((bytes[1] & 0xc0) != 0x80) ++ { ++ is_utf8 = false; ++ /* Do not consume this character. It may only ++ be the first byte in the sequence that was ++ corrupt. */ ++ --symbol; ++ nbytes = 1; ++ } ++ else if ((bytes[0] & 0x20) == 0) ++ { ++ is_utf8 = true; ++ nbytes = 2; ++ } ++ else ++ { ++ bytes[2] = *symbol++; ++ ++ if ((bytes[2] & 0xc0) != 0x80) ++ { ++ is_utf8 = false; ++ symbol -= 2; ++ nbytes = 1; ++ } ++ else if ((bytes[0] & 0x10) == 0) ++ { ++ is_utf8 = true; ++ nbytes = 3; ++ } ++ else ++ { ++ bytes[3] = *symbol++; ++ ++ nbytes = 4; ++ ++ if ((bytes[3] & 0xc0) != 0x80) ++ { ++ is_utf8 = false; ++ symbol -= 3; ++ nbytes = 1; ++ } ++ else ++ is_utf8 = true; ++ } ++ } ++ } ++ ++ if (unicode_display == unicode_invalid) ++ is_utf8 = false; ++ ++ if (unicode_display == unicode_hex || ! is_utf8) ++ { ++ unsigned int i; ++ ++ if (width_remaining < (nbytes * 2) + 2) ++ break; ++ ++ putchar (is_utf8 ? '<' : '{'); ++ printf ("0x"); ++ for (i = 0; i < nbytes; i++) ++ printf ("%02x", bytes[i]); ++ putchar (is_utf8 ? '>' : '}'); ++ } ++ else ++ { ++ if (unicode_display == unicode_highlight && isatty (1)) ++ printf ("\x1B[31;47m"); /* Red. */ ++ ++ switch (nbytes) ++ { ++ case 2: ++ if (width_remaining < 6) ++ break; ++ printf ("\\u%02x%02x", ++ (bytes[0] & 0x1c) >> 2, ++ ((bytes[0] & 0x03) << 6) | (bytes[1] & 0x3f)); ++ break; ++ case 3: ++ if (width_remaining < 6) ++ break; ++ printf ("\\u%02x%02x", ++ ((bytes[0] & 0x0f) << 4) | ((bytes[1] & 0x3c) >> 2), ++ ((bytes[1] & 0x03) << 6) | (bytes[2] & 0x3f)); ++ break; ++ case 4: ++ if (width_remaining < 8) ++ break; ++ printf ("\\u%02x%02x%02x", ++ ((bytes[0] & 0x07) << 6) | ((bytes[1] & 0x3c) >> 2), ++ ((bytes[1] & 0x03) << 6) | ((bytes[2] & 0x3c) >> 2), ++ ((bytes[2] & 0x03) << 6) | (bytes[3] & 0x3f)); ++ ++ break; ++ default: ++ /* URG. */ ++ break; ++ } ++ ++ if (unicode_display == unicode_highlight && isatty (1)) ++ printf ("\033[0m"); /* Default colour. */ ++ } ++ ++ if (bytes[nbytes - 1] == 0) ++ break; + } + else + { +@@ -4668,6 +4814,7 @@ static struct option options[] = + {"syms", no_argument, 0, 's'}, + {"silent-truncation",no_argument, 0, 'T'}, + {"section-details", no_argument, 0, 't'}, ++ {"unicode", required_argument, NULL, 'U'}, + {"unwind", no_argument, 0, 'u'}, + {"version-info", no_argument, 0, 'V'}, + {"version", no_argument, 0, 'v'}, +@@ -4744,6 +4891,12 @@ usage (FILE * stream) + fprintf (stream, _("\ + --no-recurse-limit Disable a demangling recursion limit\n")); + fprintf (stream, _("\ ++ -U[dlexhi] --unicode=[default|locale|escape|hex|highlight|invalid]\n\ ++ Display unicode characters as determined by the current locale\n\ ++ (default), escape sequences, \"\", highlighted\n\ ++ escape sequences, or treat them as invalid and display as\n\ ++ \"{hex sequences}\"\n")); ++ fprintf (stream, _("\ + -n --notes Display the core notes (if present)\n")); + fprintf (stream, _("\ + -r --relocs Display the relocations (if present)\n")); +@@ -4928,7 +5081,7 @@ parse_args (struct dump_data *dumpdata, + usage (stderr); + + while ((c = getopt_long +- (argc, argv, "ACDHILNPR:STVWacdeghi:lnp:rstuvw::x:z", options, NULL)) != EOF) ++ (argc, argv, "ACDHILNPR:STU:VWacdeghi:lnp:rstuvw::x:z", options, NULL)) != EOF) + { + switch (c) + { +@@ -5130,6 +5283,25 @@ parse_args (struct dump_data *dumpdata, + /* Ignored for backward compatibility. */ + break; + ++ case 'U': ++ if (optarg == NULL) ++ error (_("Missing arg to -U/--unicode")); /* Can this happen ? */ ++ else if (streq (optarg, "default") || streq (optarg, "d")) ++ unicode_display = unicode_default; ++ else if (streq (optarg, "locale") || streq (optarg, "l")) ++ unicode_display = unicode_locale; ++ else if (streq (optarg, "escape") || streq (optarg, "e")) ++ unicode_display = unicode_escape; ++ else if (streq (optarg, "invalid") || streq (optarg, "i")) ++ unicode_display = unicode_invalid; ++ else if (streq (optarg, "hex") || streq (optarg, "x")) ++ unicode_display = unicode_hex; ++ else if (streq (optarg, "highlight") || streq (optarg, "h")) ++ unicode_display = unicode_highlight; ++ else ++ error (_("invalid argument to -U/--unicode: %s"), optarg); ++ break; ++ + case OPTION_SYM_BASE: + sym_base = 0; + if (optarg != NULL) +diff --git a/binutils/strings.c b/binutils/strings.c +--- a/binutils/strings.c 2021-12-19 19:00:27.058540065 -0800 ++++ b/binutils/strings.c 2021-12-19 19:48:26.205313218 -0800 +@@ -55,6 +55,19 @@ + -T {bfdname} + Specify a non-default object file format. + ++ --unicode={default|locale|invalid|hex|escape|highlight} ++ -u {d|l|i|x|e|h} ++ Determine how to handle UTF-8 unicode characters. The default ++ is no special treatment. All other versions of this option ++ only apply if the encoding is valid and enabling the option ++ implies --encoding=S. ++ The 'locale' option displays the characters according to the ++ current locale. The 'invalid' option treats them as ++ non-string characters. The 'hex' option displays them as hex ++ byte sequences. The 'escape' option displays them as escape ++ sequences and the 'highlight' option displays them as ++ coloured escape sequences. ++ + --output-separator=sep_string + -s sep_string String used to separate parsed strings in output. + Default is newline. +@@ -76,6 +89,22 @@ + #include "safe-ctype.h" + #include "bucomm.h" + ++#ifndef streq ++#define streq(a,b) (strcmp ((a),(b)) == 0) ++#endif ++ ++typedef enum unicode_display_type ++{ ++ unicode_default = 0, ++ unicode_locale, ++ unicode_escape, ++ unicode_hex, ++ unicode_highlight, ++ unicode_invalid ++} unicode_display_type; ++ ++static unicode_display_type unicode_display = unicode_default; ++ + #define STRING_ISGRAPHIC(c) \ + ( (c) >= 0 \ + && (c) <= 255 \ +@@ -94,7 +123,7 @@ extern int errno; + static int address_radix; + + /* Minimum length of sequence of graphic chars to trigger output. */ +-static int string_min; ++static unsigned int string_min; + + /* Whether or not we include all whitespace as a graphic char. */ + static bool include_all_whitespace; +@@ -121,21 +150,22 @@ static char *output_separator; + static struct option long_options[] = + { + {"all", no_argument, NULL, 'a'}, ++ {"bytes", required_argument, NULL, 'n'}, + {"data", no_argument, NULL, 'd'}, ++ {"encoding", required_argument, NULL, 'e'}, ++ {"help", no_argument, NULL, 'h'}, ++ {"include-all-whitespace", no_argument, NULL, 'w'}, ++ {"output-separator", required_argument, NULL, 's'}, + {"print-file-name", no_argument, NULL, 'f'}, +- {"bytes", required_argument, NULL, 'n'}, + {"radix", required_argument, NULL, 't'}, +- {"include-all-whitespace", no_argument, NULL, 'w'}, +- {"encoding", required_argument, NULL, 'e'}, + {"target", required_argument, NULL, 'T'}, +- {"output-separator", required_argument, NULL, 's'}, +- {"help", no_argument, NULL, 'h'}, ++ {"unicode", required_argument, NULL, 'U'}, + {"version", no_argument, NULL, 'v'}, + {NULL, 0, NULL, 0} + }; + + static bool strings_file (char *); +-static void print_strings (const char *, FILE *, file_ptr, int, int, char *); ++static void print_strings (const char *, FILE *, file_ptr, int, char *); + static void usage (FILE *, int) ATTRIBUTE_NORETURN; + + int main (int, char **); +@@ -171,7 +201,7 @@ main (int argc, char **argv) + encoding = 's'; + output_separator = NULL; + +- while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:s:Vv0123456789", ++ while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:s:U:Vv0123456789", + long_options, (int *) 0)) != EOF) + { + switch (optc) +@@ -244,6 +274,23 @@ main (int argc, char **argv) + output_separator = optarg; + break; + ++ case 'U': ++ if (streq (optarg, "default") || streq (optarg, "d")) ++ unicode_display = unicode_default; ++ else if (streq (optarg, "locale") || streq (optarg, "l")) ++ unicode_display = unicode_locale; ++ else if (streq (optarg, "escape") || streq (optarg, "e")) ++ unicode_display = unicode_escape; ++ else if (streq (optarg, "invalid") || streq (optarg, "i")) ++ unicode_display = unicode_invalid; ++ else if (streq (optarg, "hex") || streq (optarg, "x")) ++ unicode_display = unicode_hex; ++ else if (streq (optarg, "highlight") || streq (optarg, "h")) ++ unicode_display = unicode_highlight; ++ else ++ fatal (_("invalid argument to -U/--unicode: %s"), optarg); ++ break; ++ + case 'V': + case 'v': + print_version ("strings"); +@@ -258,6 +305,9 @@ main (int argc, char **argv) + } + } + ++ if (unicode_display != unicode_default) ++ encoding = 'S'; ++ + if (numeric_opt != 0) + { + string_min = (int) strtoul (argv[numeric_opt - 1] + 1, &s, 0); +@@ -293,14 +343,14 @@ main (int argc, char **argv) + { + datasection_only = false; + SET_BINARY (fileno (stdin)); +- print_strings ("{standard input}", stdin, 0, 0, 0, (char *) NULL); ++ print_strings ("{standard input}", stdin, 0, 0, (char *) NULL); + files_given = true; + } + else + { + for (; optind < argc; ++optind) + { +- if (strcmp (argv[optind], "-") == 0) ++ if (streq (argv[optind], "-")) + datasection_only = false; + else + { +@@ -342,7 +392,7 @@ strings_a_section (bfd *abfd, asection * + } + + *got_a_section = true; +- print_strings (filename, NULL, sect->filepos, 0, sectsize, (char *) mem); ++ print_strings (filename, NULL, sect->filepos, sectsize, (char *) mem); + free (mem); + } + +@@ -427,7 +477,7 @@ strings_file (char *file) + return false; + } + +- print_strings (file, stream, (file_ptr) 0, 0, 0, (char *) 0); ++ print_strings (file, stream, (file_ptr) 0, 0, (char *) NULL); + + if (fclose (stream) == EOF) + { +@@ -551,6 +601,626 @@ unget_part_char (long c, file_ptr *addre + } + } + } ++ ++static void ++print_filename_and_address (const char * filename, file_ptr address) ++{ ++ if (print_filenames) ++ printf ("%s: ", filename); ++ ++ if (! print_addresses) ++ return; ++ ++ switch (address_radix) ++ { ++ case 8: ++ if (sizeof (address) > sizeof (long)) ++ { ++#ifndef __MSVCRT__ ++ printf ("%7llo ", (unsigned long long) address); ++#else ++ printf ("%7I64o ", (unsigned long long) address); ++#endif ++ } ++ else ++ printf ("%7lo ", (unsigned long) address); ++ break; ++ ++ case 10: ++ if (sizeof (address) > sizeof (long)) ++ { ++#ifndef __MSVCRT__ ++ printf ("%7llu ", (unsigned long long) address); ++#else ++ printf ("%7I64d ", (unsigned long long) address); ++#endif ++ } ++ else ++ printf ("%7ld ", (long) address); ++ break; ++ ++ case 16: ++ if (sizeof (address) > sizeof (long)) ++ { ++#ifndef __MSVCRT__ ++ printf ("%7llx ", (unsigned long long) address); ++#else ++ printf ("%7I64x ", (unsigned long long) address); ++#endif ++ } ++ else ++ printf ("%7lx ", (unsigned long) address); ++ break; ++ } ++} ++ ++/* Return non-zero if the bytes starting at BUFFER form a valid UTF-8 encoding. ++ If the encoding is valid then returns the number of bytes it uses. */ ++ ++static unsigned int ++is_valid_utf8 (const unsigned char * buffer, unsigned long buflen) ++{ ++ if (buffer[0] < 0xc0) ++ return 0; ++ ++ if (buflen < 2) ++ return 0; ++ ++ if ((buffer[1] & 0xc0) != 0x80) ++ return 0; ++ ++ if ((buffer[0] & 0x20) == 0) ++ return 2; ++ ++ if (buflen < 3) ++ return 0; ++ ++ if ((buffer[2] & 0xc0) != 0x80) ++ return 0; ++ ++ if ((buffer[0] & 0x10) == 0) ++ return 3; ++ ++ if (buflen < 4) ++ return 0; ++ ++ if ((buffer[3] & 0xc0) != 0x80) ++ return 0; ++ ++ return 4; ++} ++ ++/* Display a UTF-8 encoded character in BUFFER according to the setting ++ of unicode_display. The character is known to be valid. ++ Returns the number of bytes consumed. */ ++ ++static unsigned int ++display_utf8_char (const unsigned char * buffer) ++{ ++ unsigned int j; ++ unsigned int utf8_len; ++ ++ switch (buffer[0] & 0x30) ++ { ++ case 0x00: ++ case 0x10: ++ utf8_len = 2; ++ break; ++ case 0x20: ++ utf8_len = 3; ++ break; ++ default: ++ utf8_len = 4; ++ } ++ ++ switch (unicode_display) ++ { ++ default: ++ fprintf (stderr, "ICE: unexpected unicode display type\n"); ++ break; ++ ++ case unicode_escape: ++ case unicode_highlight: ++ if (unicode_display == unicode_highlight && isatty (1)) ++ printf ("\x1B[31;47m"); /* Red. */ ++ ++ switch (utf8_len) ++ { ++ case 2: ++ printf ("\\u%02x%02x", ++ ((buffer[0] & 0x1c) >> 2), ++ ((buffer[0] & 0x03) << 6) | (buffer[1] & 0x3f)); ++ break; ++ ++ case 3: ++ printf ("\\u%02x%02x", ++ ((buffer[0] & 0x0f) << 4) | ((buffer[1] & 0x3c) >> 2), ++ ((buffer[1] & 0x03) << 6) | ((buffer[2] & 0x3f))); ++ break; ++ ++ case 4: ++ printf ("\\u%02x%02x%02x", ++ ((buffer[0] & 0x07) << 6) | ((buffer[1] & 0x3c) >> 2), ++ ((buffer[1] & 0x03) << 6) | ((buffer[2] & 0x3c) >> 2), ++ ((buffer[2] & 0x03) << 6) | ((buffer[3] & 0x3f))); ++ break; ++ default: ++ /* URG. */ ++ break; ++ } ++ ++ if (unicode_display == unicode_highlight && isatty (1)) ++ printf ("\033[0m"); /* Default colour. */ ++ break; ++ ++ case unicode_hex: ++ putchar ('<'); ++ printf ("0x"); ++ for (j = 0; j < utf8_len; j++) ++ printf ("%02x", buffer [j]); ++ putchar ('>'); ++ break; ++ ++ case unicode_locale: ++ printf ("%.1s", buffer); ++ break; ++ } ++ ++ return utf8_len; ++} ++ ++/* Display strings in BUFFER. Treat any UTF-8 encoded characters encountered ++ according to the setting of the unicode_display variable. The buffer ++ contains BUFLEN bytes. ++ ++ Display the characters as if they started at ADDRESS and are contained in ++ FILENAME. */ ++ ++static void ++print_unicode_buffer (const char * filename, ++ file_ptr address, ++ const unsigned char * buffer, ++ unsigned long buflen) ++{ ++ /* Paranoia checks... */ ++ if (filename == NULL ++ || buffer == NULL ++ || unicode_display == unicode_default ++ || encoding != 'S' ++ || encoding_bytes != 1) ++ { ++ fprintf (stderr, "ICE: bad arguments to print_unicode_buffer\n"); ++ return; ++ } ++ ++ if (buflen == 0) ++ return; ++ ++ /* We must only display strings that are at least string_min *characters* ++ long. So we scan the buffer in two stages. First we locate the start ++ of a potential string. Then we walk along it until we have found ++ string_min characters. Then we go back to the start point and start ++ displaying characters according to the unicode_display setting. */ ++ ++ unsigned long start_point = 0; ++ unsigned long i = 0; ++ unsigned int char_len = 1; ++ unsigned int num_found = 0; ++ ++ for (i = 0; i < buflen; i += char_len) ++ { ++ int c = buffer[i]; ++ ++ char_len = 1; ++ ++ /* Find the first potential character of a string. */ ++ if (! STRING_ISGRAPHIC (c)) ++ { ++ num_found = 0; ++ continue; ++ } ++ ++ if (c > 126) ++ { ++ if (c < 0xc0) ++ { ++ num_found = 0; ++ continue; ++ } ++ ++ if ((char_len = is_valid_utf8 (buffer + i, buflen - i)) == 0) ++ { ++ char_len = 1; ++ num_found = 0; ++ continue; ++ } ++ ++ if (unicode_display == unicode_invalid) ++ { ++ /* We have found a valid UTF-8 character, but we treat it as non-graphic. */ ++ num_found = 0; ++ continue; ++ } ++ } ++ ++ if (num_found == 0) ++ /* We have found a potential starting point for a string. */ ++ start_point = i; ++ ++ ++ num_found; ++ ++ if (num_found >= string_min) ++ break; ++ } ++ ++ if (num_found < string_min) ++ return; ++ ++ print_filename_and_address (filename, address + start_point); ++ ++ /* We have found string_min characters. Display them and any ++ more that follow. */ ++ for (i = start_point; i < buflen; i += char_len) ++ { ++ int c = buffer[i]; ++ ++ char_len = 1; ++ ++ if (! STRING_ISGRAPHIC (c)) ++ break; ++ else if (c < 127) ++ putchar (c); ++ else if (! is_valid_utf8 (buffer + i, buflen - i)) ++ break; ++ else if (unicode_display == unicode_invalid) ++ break; ++ else ++ char_len = display_utf8_char (buffer + i); ++ } ++ ++ if (output_separator) ++ fputs (output_separator, stdout); ++ else ++ putchar ('\n'); ++ ++ /* FIXME: Using tail recursion here is lazy programming... */ ++ print_unicode_buffer (filename, address + i, buffer + i, buflen - i); ++} ++ ++static int ++get_unicode_byte (FILE * stream, ++ unsigned char * putback, ++ unsigned int * num_putback, ++ unsigned int * num_read) ++{ ++ if (* num_putback > 0) ++ { ++ * num_putback = * num_putback - 1; ++ return putback [* num_putback]; ++ } ++ ++ * num_read = * num_read + 1; ++ ++#if defined(HAVE_GETC_UNLOCKED) && HAVE_DECL_GETC_UNLOCKED ++ return getc_unlocked (stream); ++#else ++ return getc (stream); ++#endif ++} ++ ++/* Helper function for print_unicode_stream. */ ++ ++static void ++print_unicode_stream_body (const char * filename, ++ file_ptr address, ++ FILE * stream, ++ unsigned char * putback_buf, ++ unsigned int num_putback, ++ unsigned char * print_buf) ++{ ++ /* It would be nice if we could just read the stream into a buffer ++ and then process if with print_unicode_buffer. But the input ++ might be huge or it might time-locked (eg stdin). So instead ++ we go one byte at a time... */ ++ ++ file_ptr start_point = 0; ++ unsigned int num_read = 0; ++ unsigned int num_chars = 0; ++ unsigned int num_print = 0; ++ int c = 0; ++ ++ /* Find a series of string_min characters. Put them into print_buf. */ ++ do ++ { ++ if (num_chars >= string_min) ++ break; ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ ++ if (! STRING_ISGRAPHIC (c)) ++ { ++ num_chars = num_print = 0; ++ continue; ++ } ++ ++ if (num_chars == 0) ++ start_point = num_read - 1; ++ ++ if (c < 127) ++ { ++ print_buf[num_print] = c; ++ num_chars ++; ++ num_print ++; ++ continue; ++ } ++ ++ if (c < 0xc0) ++ { ++ num_chars = num_print = 0; ++ continue; ++ } ++ ++ /* We *might* have a UTF-8 sequence. Time to start peeking. */ ++ char utf8[4]; ++ ++ utf8[0] = c; ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[1] = c; ++ ++ if ((utf8[1] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ continue; ++ } ++ else if ((utf8[0] & 0x20) == 0) ++ { ++ /* A valid 2-byte UTF-8 encoding. */ ++ if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ } ++ else ++ { ++ print_buf[num_print ++] = utf8[0]; ++ print_buf[num_print ++] = utf8[1]; ++ num_chars ++; ++ } ++ continue; ++ } ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[2] = c; ++ ++ if ((utf8[2] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ continue; ++ } ++ else if ((utf8[0] & 0x10) == 0) ++ { ++ /* A valid 3-byte UTF-8 encoding. */ ++ if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ } ++ else ++ { ++ print_buf[num_print ++] = utf8[0]; ++ print_buf[num_print ++] = utf8[1]; ++ print_buf[num_print ++] = utf8[2]; ++ num_chars ++; ++ } ++ continue; ++ } ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[3] = c; ++ ++ if ((utf8[3] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[3]; ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ } ++ /* We have a valid 4-byte UTF-8 encoding. */ ++ else if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[3]; ++ putback_buf[num_putback++] = utf8[1]; ++ putback_buf[num_putback++] = utf8[2]; ++ num_chars = num_print = 0; ++ } ++ else ++ { ++ print_buf[num_print ++] = utf8[0]; ++ print_buf[num_print ++] = utf8[1]; ++ print_buf[num_print ++] = utf8[2]; ++ print_buf[num_print ++] = utf8[3]; ++ num_chars ++; ++ } ++ } ++ while (1); ++ ++ if (num_chars >= string_min) ++ { ++ /* We know that we have string_min valid characters in print_buf, ++ and there may be more to come in the stream. Start displaying ++ them. */ ++ ++ print_filename_and_address (filename, address + start_point); ++ ++ unsigned int i; ++ for (i = 0; i < num_print;) ++ { ++ if (print_buf[i] < 127) ++ putchar (print_buf[i++]); ++ else ++ i += display_utf8_char (print_buf + i); ++ } ++ ++ /* OK so now we have to start read unchecked bytes. */ ++ ++ /* Find a series of string_min characters. Put them into print_buf. */ ++ do ++ { ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ ++ if (! STRING_ISGRAPHIC (c)) ++ break; ++ ++ if (c < 127) ++ { ++ putchar (c); ++ continue; ++ } ++ ++ if (c < 0xc0) ++ break; ++ ++ /* We *might* have a UTF-8 sequence. Time to start peeking. */ ++ unsigned char utf8[4]; ++ ++ utf8[0] = c; ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[1] = c; ++ ++ if ((utf8[1] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else if ((utf8[0] & 0x20) == 0) ++ { ++ /* Valid 2-byte UTF-8. */ ++ if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else ++ { ++ (void) display_utf8_char (utf8); ++ continue; ++ } ++ } ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[2] = c; ++ ++ if ((utf8[2] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else if ((utf8[0] & 0x10) == 0) ++ { ++ /* Valid 3-byte UTF-8. */ ++ if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else ++ { ++ (void) display_utf8_char (utf8); ++ continue; ++ } ++ } ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[3] = c; ++ ++ if ((utf8[3] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[3]; ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[3]; ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else ++ /* A valid 4-byte UTF-8 encoding. */ ++ (void) display_utf8_char (utf8); ++ } ++ while (1); ++ ++ if (output_separator) ++ fputs (output_separator, stdout); ++ else ++ putchar ('\n'); ++ } ++ ++ if (c != EOF) ++ /* FIXME: Using tail recursion here is lazy, but it works. */ ++ print_unicode_stream_body (filename, address + num_read, stream, putback_buf, num_putback, print_buf); ++} ++ ++/* Display strings read in from STREAM. Treat any UTF-8 encoded characters ++ encountered according to the setting of the unicode_display variable. ++ The stream is positioned at ADDRESS and is attached to FILENAME. */ ++ ++static void ++print_unicode_stream (const char * filename, ++ file_ptr address, ++ FILE * stream) ++{ ++ /* Paranoia checks... */ ++ if (filename == NULL ++ || stream == NULL ++ || unicode_display == unicode_default ++ || encoding != 'S' ++ || encoding_bytes != 1) ++ { ++ fprintf (stderr, "ICE: bad arguments to print_unicode_stream\n"); ++ return; ++ } ++ ++ /* Allocate space for string_min 4-byte utf-8 characters. */ ++ unsigned char * print_buf = xmalloc ((4 * string_min) + 1); ++ /* We should never have to put back more than 4 bytes. */ ++ unsigned char putback_buf[5]; ++ unsigned int num_putback = 0; ++ ++ print_unicode_stream_body (filename, address, stream, putback_buf, num_putback, print_buf); ++ free (print_buf); ++} + + /* Find the strings in file FILENAME, read from STREAM. + Assume that STREAM is positioned so that the next byte read +@@ -566,20 +1236,29 @@ unget_part_char (long c, file_ptr *addre + + static void + print_strings (const char *filename, FILE *stream, file_ptr address, +- int stop_point, int magiccount, char *magic) ++ int magiccount, char *magic) + { ++ if (unicode_display != unicode_default) ++ { ++ if (magic != NULL) ++ print_unicode_buffer (filename, address, ++ (const unsigned char *) magic, magiccount); ++ ++ if (stream != NULL) ++ print_unicode_stream (filename, address, stream); ++ return; ++ } ++ + char *buf = (char *) xmalloc (sizeof (char) * (string_min + 1)); + + while (1) + { + file_ptr start; +- int i; ++ unsigned int i; + long c; + + /* See if the next `string_min' chars are all graphic chars. */ + tryline: +- if (stop_point && address >= stop_point) +- break; + start = address; + for (i = 0; i < string_min; i++) + { +@@ -601,51 +1280,7 @@ print_strings (const char *filename, FIL + + /* We found a run of `string_min' graphic characters. Print up + to the next non-graphic character. */ +- +- if (print_filenames) +- printf ("%s: ", filename); +- if (print_addresses) +- switch (address_radix) +- { +- case 8: +- if (sizeof (start) > sizeof (long)) +- { +-#ifndef __MSVCRT__ +- printf ("%7llo ", (unsigned long long) start); +-#else +- printf ("%7I64o ", (unsigned long long) start); +-#endif +- } +- else +- printf ("%7lo ", (unsigned long) start); +- break; +- +- case 10: +- if (sizeof (start) > sizeof (long)) +- { +-#ifndef __MSVCRT__ +- printf ("%7llu ", (unsigned long long) start); +-#else +- printf ("%7I64d ", (unsigned long long) start); +-#endif +- } +- else +- printf ("%7ld ", (long) start); +- break; +- +- case 16: +- if (sizeof (start) > sizeof (long)) +- { +-#ifndef __MSVCRT__ +- printf ("%7llx ", (unsigned long long) start); +-#else +- printf ("%7I64x ", (unsigned long long) start); +-#endif +- } +- else +- printf ("%7lx ", (unsigned long) start); +- break; +- } ++ print_filename_and_address (filename, start); + + buf[i] = '\0'; + fputs (buf, stdout); +@@ -697,6 +1332,8 @@ usage (FILE *stream, int status) + -T --target= Specify the binary file format\n\ + -e --encoding={s,S,b,l,B,L} Select character size and endianness:\n\ + s = 7-bit, S = 8-bit, {b,l} = 16-bit, {B,L} = 32-bit\n\ ++ --unicode={default|show|invalid|hex|escape|highlight}\n\ ++ -u {d|s|i|x|e|h} Specify how to treat UTF-8 encoded unicode characters\n\ + -s --output-separator= String used to separate strings in output.\n\ + @ Read options from \n\ + -h --help Display this information\n\ diff --git a/poky/meta/recipes-devtools/gcc/gcc-11.2.inc b/poky/meta/recipes-devtools/gcc/gcc-11.2.inc index 9fd30f52a8..886ef3c35b 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-11.2.inc +++ b/poky/meta/recipes-devtools/gcc/gcc-11.2.inc @@ -68,6 +68,14 @@ SRC_URI = "\ file://0036-mingw32-Enable-operation_not_supported.patch \ file://0037-libatomic-Do-not-enforce-march-on-aarch64.patch \ file://0041-apply-debug-prefix-maps-before-checksumming-DIEs.patch \ + file://0001-CVE-2021-35465.patch \ + file://0002-CVE-2021-35465.patch \ + file://0003-CVE-2021-35465.patch \ + file://0004-CVE-2021-35465.patch \ + file://0001-CVE-2021-42574.patch \ + file://0002-CVE-2021-42574.patch \ + file://0003-CVE-2021-42574.patch \ + file://0004-CVE-2021-42574.patch \ " SRC_URI[sha256sum] = "d08edc536b54c372a1010ff6619dd274c0f1603aa49212ba20f7aa2cda36fa8b" @@ -117,3 +125,6 @@ EXTRA_OECONF_PATHS = "\ --with-sysroot=/not/exist \ --with-build-sysroot=${STAGING_DIR_TARGET} \ " + +# Is a binutils 2.26 issue, not gcc +CVE_CHECK_WHITELIST += "CVE-2021-37322" diff --git a/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch b/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch new file mode 100644 index 0000000000..6b1d4e3fce --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch @@ -0,0 +1,138 @@ +From 3929bca9ca95de9d35e82ae8828b188029e3eb70 Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw +Date: Fri, 11 Jun 2021 16:02:05 +0100 +Subject: [PATCH] arm: Add command-line option for enabling CVE-2021-35465 + mitigation [PR102035] + +Add a new option, -mfix-cmse-cve-2021-35465 and document it. Enable it +automatically for cortex-m33, cortex-m35p and cortex-m55. + +gcc: + PR target/102035 + * config/arm/arm.opt (mfix-cmse-cve-2021-35465): New option. + * doc/invoke.texi (Arm Options): Document it. + * config/arm/arm-cpus.in (quirk_vlldm): New feature bit. + (ALL_QUIRKS): Add quirk_vlldm. + (cortex-m33): Add quirk_vlldm. + (cortex-m35p, cortex-m55): Likewise. + * config/arm/arm.c (arm_option_override): Enable fix_vlldm if + targetting an affected CPU and not explicitly controlled on + the command line. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70] +Signed-off-by: Pgowda + +--- + gcc/config/arm/arm-cpus.in | 9 +++++++-- + gcc/config/arm/arm.c | 9 +++++++++ + gcc/config/arm/arm.opt | 4 ++++ + gcc/doc/invoke.texi | 9 +++++++++ + 4 files changed, 29 insertions(+), 2 deletions(-) + +diff --git a/gcc/config/arm/arm.c b/gcc/config/arm/arm.c +--- a/gcc/config/arm/arm.c 2021-11-15 02:13:11.100579812 -0800 ++++ b/gcc/config/arm/arm.c 2021-11-15 02:17:36.988237692 -0800 +@@ -3610,6 +3610,15 @@ arm_option_override (void) + fix_cm3_ldrd = 0; + } + ++ /* Enable fix_vlldm by default if required. */ ++ if (fix_vlldm == 2) ++ { ++ if (bitmap_bit_p (arm_active_target.isa, isa_bit_quirk_vlldm)) ++ fix_vlldm = 1; ++ else ++ fix_vlldm = 0; ++ } ++ + /* Hot/Cold partitioning is not currently supported, since we can't + handle literal pool placement in that case. */ + if (flag_reorder_blocks_and_partition) +diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in +--- a/gcc/config/arm/arm-cpus.in 2021-11-15 02:13:11.104579747 -0800 ++++ b/gcc/config/arm/arm-cpus.in 2021-11-15 02:17:36.984237757 -0800 +@@ -186,6 +186,9 @@ define feature quirk_armv6kz + # Cortex-M3 LDRD quirk. + define feature quirk_cm3_ldrd + ++# v8-m/v8.1-m VLLDM errata. ++define feature quirk_vlldm ++ + # Don't use .cpu assembly directive + define feature quirk_no_asmcpu + +@@ -322,7 +325,7 @@ define implied vfp_base MVE MVE_FP ALL_F + # architectures. + # xscale isn't really a 'quirk', but it isn't an architecture either and we + # need to ignore it for matching purposes. +-define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd xscale quirk_no_asmcpu ++define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu + + define fgroup IGNORE_FOR_MULTILIB cdecp0 cdecp1 cdecp2 cdecp3 cdecp4 cdecp5 cdecp6 cdecp7 + +@@ -1570,6 +1573,7 @@ begin cpu cortex-m33 + architecture armv8-m.main+dsp+fp + option nofp remove ALL_FP + option nodsp remove armv7em ++ isa quirk_vlldm + costs v7m + end cpu cortex-m33 + +@@ -1579,6 +1583,7 @@ begin cpu cortex-m35p + architecture armv8-m.main+dsp+fp + option nofp remove ALL_FP + option nodsp remove armv7em ++ isa quirk_vlldm + costs v7m + end cpu cortex-m35p + +@@ -1590,7 +1595,7 @@ begin cpu cortex-m55 + option nomve remove mve mve_float + option nofp remove ALL_FP mve_float + option nodsp remove MVE mve_float +- isa quirk_no_asmcpu ++ isa quirk_no_asmcpu quirk_vlldm + costs v7m + vendor 41 + end cpu cortex-m55 +diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt +--- a/gcc/config/arm/arm.opt 2021-11-15 02:13:11.104579747 -0800 ++++ b/gcc/config/arm/arm.opt 2021-11-15 02:17:36.988237692 -0800 +@@ -268,6 +268,10 @@ Target Var(fix_cm3_ldrd) Init(2) + Avoid overlapping destination and address registers on LDRD instructions + that may trigger Cortex-M3 errata. + ++mfix-cmse-cve-2021-35465 ++Target Var(fix_vlldm) Init(2) ++Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465). ++ + munaligned-access + Target Var(unaligned_access) Init(2) Save + Enable unaligned word and halfword accesses to packed data. +diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +--- a/gcc/doc/invoke.texi 2021-11-15 02:13:11.112579616 -0800 ++++ b/gcc/doc/invoke.texi 2021-11-15 02:17:36.996237562 -0800 +@@ -804,6 +804,7 @@ Objective-C and Objective-C++ Dialects}. + -mverbose-cost-dump @gol + -mpure-code @gol + -mcmse @gol ++-mfix-cmse-cve-2021-35465 @gol + -mfdpic} + + @emph{AVR Options} +@@ -20487,6 +20488,14 @@ Generate secure code as per the "ARMv8-M + Development Tools Engineering Specification", which can be found on + @url{https://developer.arm.com/documentation/ecm0359818/latest/}. + ++@item -mfix-cmse-cve-2021-35465 ++@opindex mfix-cmse-cve-2021-35465 ++Mitigate against a potential security issue with the @code{VLLDM} instruction ++in some M-profile devices when using CMSE (CVE-2021-365465). This option is ++enabled by default when the option @option{-mcpu=} is used with ++@code{cortex-m33}, @code{cortex-m35p} or @code{cortex-m55}. The option ++@option{-mno-fix-cmse-cve-2021-35465} can be used to disable the mitigation. ++ + @item -mfdpic + @itemx -mno-fdpic + @opindex mfdpic diff --git a/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch b/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch new file mode 100644 index 0000000000..4d680ccc8f --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch @@ -0,0 +1,2282 @@ +From bd5e882cf6e0def3dd1bc106075d59a303fe0d1e Mon Sep 17 00:00:00 2001 +From: David Malcolm +Date: Mon, 18 Oct 2021 18:55:31 -0400 +Subject: [PATCH] diagnostics: escape non-ASCII source bytes for certain + diagnostics +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +This patch adds support to GCC's diagnostic subsystem for escaping certain +bytes and Unicode characters when quoting source code. + +Specifically, this patch adds a new flag rich_location::m_escape_on_output +which is a hint from a diagnostic that non-ASCII bytes in the pertinent +lines of the user's source code should be escaped when printed. + +The patch sets this for the following diagnostics: +- when complaining about stray bytes in the program (when these +are non-printable) +- when complaining about "null character(s) ignored"); +- for -Wnormalized= (and generate source ranges for such warnings) + +The escaping is controlled by a new option: + -fdiagnostics-escape-format=[unicode|bytes] + +For example, consider a diagnostic involing a source line containing the +string "before" followed by the Unicode character U+03C0 ("GREEK SMALL +LETTER PI", with UTF-8 encoding 0xCF 0x80) followed by the byte 0xBF +(a stray UTF-8 trailing byte), followed by the string "after", where the +diagnostic highlights the U+03C0 character. + +By default, this line will be printed verbatim to the user when +reporting a diagnostic at it, as: + + beforeÏXafter + ^ + +(using X for the stray byte to avoid putting invalid UTF-8 in this +commit message) + +If the diagnostic sets the "escape" flag, it will be printed as: + + beforeafter + ^~~~~~~~ + +with -fdiagnostics-escape-format=unicode (the default), or as: + + before<80>after + ^~~~~~~~ + +if the user supplies -fdiagnostics-escape-format=bytes. + +This only affects how the source is printed; it does not affect +how column numbers that are printed (as per -fdiagnostics-column-unit= +and -fdiagnostics-column-origin=). + +gcc/c-family/ChangeLog: + * c-lex.c (c_lex_with_flags): When complaining about non-printable + CPP_OTHER tokens, set the "escape on output" flag. + +gcc/ChangeLog: + * common.opt (fdiagnostics-escape-format=): New. + (diagnostics_escape_format): New enum. + (DIAGNOSTICS_ESCAPE_FORMAT_UNICODE): New enum value. + (DIAGNOSTICS_ESCAPE_FORMAT_BYTES): Likewise. + * diagnostic-format-json.cc (json_end_diagnostic): Add + "escape-source" attribute. + * diagnostic-show-locus.c + (exploc_with_display_col::exploc_with_display_col): Replace + "tabstop" param with a cpp_char_column_policy and add an "aspect" + param. Use these to compute m_display_col accordingly. + (struct char_display_policy): New struct. + (layout::m_policy): New field. + (layout::m_escape_on_output): New field. + (def_policy): New function. + (make_range): Update for changes to exploc_with_display_col ctor. + (default_print_decoded_ch): New. + (width_per_escaped_byte): New. + (escape_as_bytes_width): New. + (escape_as_bytes_print): New. + (escape_as_unicode_width): New. + (escape_as_unicode_print): New. + (make_policy): New. + (layout::layout): Initialize new fields. Update m_exploc ctor + call for above change to ctor. + (layout::maybe_add_location_range): Update for changes to + exploc_with_display_col ctor. + (layout::calculate_x_offset_display): Update for change to + cpp_display_width. + (layout::print_source_line): Pass policy + to cpp_display_width_computation. Capture cpp_decoded_char when + calling process_next_codepoint. Move printing of source code to + m_policy.m_print_cb. + (line_label::line_label): Pass in policy rather than context. + (layout::print_any_labels): Update for change to line_label ctor. + (get_affected_range): Pass in policy rather than context, updating + calls to location_compute_display_column accordingly. + (get_printed_columns): Likewise, also for cpp_display_width. + (correction::correction): Pass in policy rather than tabstop. + (correction::compute_display_cols): Pass m_policy rather than + m_tabstop to cpp_display_width. + (correction::m_tabstop): Replace with... + (correction::m_policy): ...this. + (line_corrections::line_corrections): Pass in policy rather than + context. + (line_corrections::m_context): Replace with... + (line_corrections::m_policy): ...this. + (line_corrections::add_hint): Update to use m_policy rather than + m_context. + (line_corrections::add_hint): Likewise. + (layout::print_trailing_fixits): Likewise. + (selftest::test_display_widths): New. + (selftest::test_layout_x_offset_display_utf8): Update to use + policy rather than tabstop. + (selftest::test_one_liner_labels_utf8): Add test of escaping + source lines. + (selftest::test_diagnostic_show_locus_one_liner_utf8): Update to + use policy rather than tabstop. + (selftest::test_overlapped_fixit_printing): Likewise. + (selftest::test_overlapped_fixit_printing_utf8): Likewise. + (selftest::test_overlapped_fixit_printing_2): Likewise. + (selftest::test_tab_expansion): Likewise. + (selftest::test_escaping_bytes_1): New. + (selftest::test_escaping_bytes_2): New. + (selftest::diagnostic_show_locus_c_tests): Call the new tests. + * diagnostic.c (diagnostic_initialize): Initialize + context->escape_format. + (convert_column_unit): Update to use default character width policy. + (selftest::test_diagnostic_get_location_text): Likewise. + * diagnostic.h (enum diagnostics_escape_format): New enum. + (diagnostic_context::escape_format): New field. + * doc/invoke.texi (-fdiagnostics-escape-format=): New option. + (-fdiagnostics-format=): Add "escape-source" attribute to examples + of JSON output, and document it. + * input.c (location_compute_display_column): Pass in "policy" + rather than "tabstop", passing to + cpp_byte_column_to_display_column. + (selftest::test_cpp_utf8): Update to use cpp_char_column_policy. + * input.h (class cpp_char_column_policy): New forward decl. + (location_compute_display_column): Pass in "policy" rather than + "tabstop". + * opts.c (common_handle_option): Handle + OPT_fdiagnostics_escape_format_. + * selftest.c (temp_source_file::temp_source_file): New ctor + overload taking a size_t. + * selftest.h (temp_source_file::temp_source_file): Likewise. + +gcc/testsuite/ChangeLog: + * c-c++-common/diagnostic-format-json-1.c: Add regexp to consume + "escape-source" attribute. + * c-c++-common/diagnostic-format-json-2.c: Likewise. + * c-c++-common/diagnostic-format-json-3.c: Likewise. + * c-c++-common/diagnostic-format-json-4.c: Likewise, twice. + * c-c++-common/diagnostic-format-json-5.c: Likewise. + * gcc.dg/cpp/warn-normalized-4-bytes.c: New test. + * gcc.dg/cpp/warn-normalized-4-unicode.c: New test. + * gcc.dg/encoding-issues-bytes.c: New test. + * gcc.dg/encoding-issues-unicode.c: New test. + * gfortran.dg/diagnostic-format-json-1.F90: Add regexp to consume + "escape-source" attribute. + * gfortran.dg/diagnostic-format-json-2.F90: Likewise. + * gfortran.dg/diagnostic-format-json-3.F90: Likewise. + +libcpp/ChangeLog: + * charset.c (convert_escape): Use encoding_rich_location when + complaining about nonprintable unknown escape sequences. + (cpp_display_width_computation::::cpp_display_width_computation): + Pass in policy rather than tabstop. + (cpp_display_width_computation::process_next_codepoint): Add "out" + param and populate *out if non-NULL. + (cpp_display_width_computation::advance_display_cols): Pass NULL + to process_next_codepoint. + (cpp_byte_column_to_display_column): Pass in policy rather than + tabstop. Pass NULL to process_next_codepoint. + (cpp_display_column_to_byte_column): Pass in policy rather than + tabstop. + * errors.c (cpp_diagnostic_get_current_location): New function, + splitting out the logic from... + (cpp_diagnostic): ...here. + (cpp_warning_at): New function. + (cpp_pedwarning_at): New function. + * include/cpplib.h (cpp_warning_at): New decl for rich_location. + (cpp_pedwarning_at): Likewise. + (struct cpp_decoded_char): New. + (struct cpp_char_column_policy): New. + (cpp_display_width_computation::cpp_display_width_computation): + Replace "tabstop" param with "policy". + (cpp_display_width_computation::process_next_codepoint): Add "out" + param. + (cpp_display_width_computation::m_tabstop): Replace with... + (cpp_display_width_computation::m_policy): ...this. + (cpp_byte_column_to_display_column): Replace "tabstop" param with + "policy". + (cpp_display_width): Likewise. + (cpp_display_column_to_byte_column): Likewise. + * include/line-map.h (rich_location::escape_on_output_p): New. + (rich_location::set_escape_on_output): New. + (rich_location::m_escape_on_output): New. + * internal.h (cpp_diagnostic_get_current_location): New decl. + (class encoding_rich_location): New. + * lex.c (skip_whitespace): Use encoding_rich_location when + complaining about null characters. + (warn_about_normalization): Generate a source range when + complaining about improperly normalized tokens, rather than just a + point, and use encoding_rich_location so that the source code + is escaped on printing. + * line-map.c (rich_location::rich_location): Initialize + m_escape_on_output. + +Signed-off-by: David Malcolm + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=bd5e882cf6e0def3dd1bc106075d59a303fe0d1e] +Signed-off-by: Pgowda + +--- + gcc/c-family/c-lex.c | 6 +- + gcc/common.opt | 13 + + gcc/diagnostic-format-json.cc | 3 + + gcc/diagnostic-show-locus.c | 580 +++++++++++++++--- + gcc/diagnostic.c | 10 +- + gcc/diagnostic.h | 18 + + gcc/doc/invoke.texi | 43 +- + gcc/input.c | 62 +- + gcc/input.h | 7 +- + gcc/opts.c | 4 + + gcc/selftest.c | 15 + + gcc/selftest.h | 2 + + .../c-c++-common/diagnostic-format-json-1.c | 1 + + .../c-c++-common/diagnostic-format-json-2.c | 1 + + .../c-c++-common/diagnostic-format-json-3.c | 1 + + .../c-c++-common/diagnostic-format-json-4.c | 2 + + .../c-c++-common/diagnostic-format-json-5.c | 1 + + .../gcc.dg/cpp/warn-normalized-4-bytes.c | 21 + + .../gcc.dg/cpp/warn-normalized-4-unicode.c | 19 + + gcc/testsuite/gcc.dg/encoding-issues-bytes.c | Bin 0 -> 595 bytes + .../gcc.dg/encoding-issues-unicode.c | Bin 0 -> 613 bytes + .../gfortran.dg/diagnostic-format-json-1.F90 | 1 + + .../gfortran.dg/diagnostic-format-json-2.F90 | 1 + + .../gfortran.dg/diagnostic-format-json-3.F90 | 1 + + libcpp/charset.c | 63 +- + libcpp/errors.c | 82 ++- + libcpp/include/cpplib.h | 76 ++- + libcpp/include/line-map.h | 13 + + libcpp/internal.h | 23 + + libcpp/lex.c | 38 +- + libcpp/line-map.c | 3 +- + 31 files changed, 942 insertions(+), 168 deletions(-) + create mode 100644 gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c + create mode 100644 gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c + create mode 100644 gcc/testsuite/gcc.dg/encoding-issues-bytes.c + create mode 100644 gcc/testsuite/gcc.dg/encoding-issues-unicode.c + +diff --git a/gcc/c-family/c-lex.c b/gcc/c-family/c-lex.c +--- a/gcc/c-family/c-lex.c 2021-07-27 23:55:06.980283060 -0700 ++++ b/gcc/c-family/c-lex.c 2021-12-14 01:16:01.541943272 -0800 +@@ -603,7 +603,11 @@ c_lex_with_flags (tree *value, location_ + else if (ISGRAPH (c)) + error_at (*loc, "stray %qc in program", (int) c); + else +- error_at (*loc, "stray %<\\%o%> in program", (int) c); ++ { ++ rich_location rich_loc (line_table, *loc); ++ rich_loc.set_escape_on_output (true); ++ error_at (&rich_loc, "stray %<\\%o%> in program", (int) c); ++ } + } + goto retry; + +diff --git a/gcc/common.opt b/gcc/common.opt +--- a/gcc/common.opt 2021-12-13 22:08:44.939137107 -0800 ++++ b/gcc/common.opt 2021-12-14 01:16:01.541943272 -0800 +@@ -1348,6 +1348,10 @@ fdiagnostics-format= + Common Joined RejectNegative Enum(diagnostics_output_format) + -fdiagnostics-format=[text|json] Select output format. + ++fdiagnostics-escape-format= ++Common Joined RejectNegative Enum(diagnostics_escape_format) ++-fdiagnostics-escape-format=[unicode|bytes] Select how to escape non-printable-ASCII bytes in the source for diagnostics that suggest it. ++ + ; Required for these enum values. + SourceInclude + diagnostic.h +@@ -1362,6 +1366,15 @@ EnumValue + Enum(diagnostics_column_unit) String(byte) Value(DIAGNOSTICS_COLUMN_UNIT_BYTE) + + Enum ++Name(diagnostics_escape_format) Type(int) ++ ++EnumValue ++Enum(diagnostics_escape_format) String(unicode) Value(DIAGNOSTICS_ESCAPE_FORMAT_UNICODE) ++ ++EnumValue ++Enum(diagnostics_escape_format) String(bytes) Value(DIAGNOSTICS_ESCAPE_FORMAT_BYTES) ++ ++Enum + Name(diagnostics_output_format) Type(int) + + EnumValue +diff --git a/gcc/diagnostic.c b/gcc/diagnostic.c +--- a/gcc/diagnostic.c 2021-07-27 23:55:07.232286576 -0700 ++++ b/gcc/diagnostic.c 2021-12-14 01:16:01.545943202 -0800 +@@ -230,6 +230,7 @@ diagnostic_initialize (diagnostic_contex + context->column_unit = DIAGNOSTICS_COLUMN_UNIT_DISPLAY; + context->column_origin = 1; + context->tabstop = 8; ++ context->escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; + context->edit_context_ptr = NULL; + context->diagnostic_group_nesting_depth = 0; + context->diagnostic_group_emission_count = 0; +@@ -382,7 +383,10 @@ convert_column_unit (enum diagnostics_co + gcc_unreachable (); + + case DIAGNOSTICS_COLUMN_UNIT_DISPLAY: +- return location_compute_display_column (s, tabstop); ++ { ++ cpp_char_column_policy policy (tabstop, cpp_wcwidth); ++ return location_compute_display_column (s, policy); ++ } + + case DIAGNOSTICS_COLUMN_UNIT_BYTE: + return s.column; +@@ -2275,8 +2279,8 @@ test_diagnostic_get_location_text () + const char *const content = "smile \xf0\x9f\x98\x82\n"; + const int line_bytes = strlen (content) - 1; + const int def_tabstop = 8; +- const int display_width = cpp_display_width (content, line_bytes, +- def_tabstop); ++ const cpp_char_column_policy policy (def_tabstop, cpp_wcwidth); ++ const int display_width = cpp_display_width (content, line_bytes, policy); + ASSERT_EQ (line_bytes - 2, display_width); + temp_source_file tmp (SELFTEST_LOCATION, ".c", content); + const char *const fname = tmp.get_filename (); +diff --git a/gcc/diagnostic-format-json.cc b/gcc/diagnostic-format-json.cc +--- a/gcc/diagnostic-format-json.cc 2021-07-27 23:55:07.232286576 -0700 ++++ b/gcc/diagnostic-format-json.cc 2021-12-14 01:16:01.541943272 -0800 +@@ -264,6 +264,9 @@ json_end_diagnostic (diagnostic_context + json::value *path_value = context->make_json_for_path (context, path); + diag_obj->set ("path", path_value); + } ++ ++ diag_obj->set ("escape-source", ++ new json::literal (richloc->escape_on_output_p ())); + } + + /* No-op implementation of "begin_group_cb" for JSON output. */ +diff --git a/gcc/diagnostic.h b/gcc/diagnostic.h +--- a/gcc/diagnostic.h 2021-07-27 23:55:07.236286632 -0700 ++++ b/gcc/diagnostic.h 2021-12-14 01:16:01.545943202 -0800 +@@ -38,6 +38,20 @@ enum diagnostics_column_unit + DIAGNOSTICS_COLUMN_UNIT_BYTE + }; + ++/* An enum for controlling how to print non-ASCII characters/bytes when ++ a diagnostic suggests escaping the source code on output. */ ++ ++enum diagnostics_escape_format ++{ ++ /* Escape non-ASCII Unicode characters in the form and ++ non-UTF-8 bytes in the form . */ ++ DIAGNOSTICS_ESCAPE_FORMAT_UNICODE, ++ ++ /* Escape non-ASCII bytes in the form (thus showing the underlying ++ encoding of non-ASCII Unicode characters). */ ++ DIAGNOSTICS_ESCAPE_FORMAT_BYTES ++}; ++ + /* Enum for overriding the standard output format. */ + + enum diagnostics_output_format +@@ -320,6 +334,10 @@ struct diagnostic_context + /* The size of the tabstop for tab expansion. */ + int tabstop; + ++ /* How should non-ASCII/non-printable bytes be escaped when ++ a diagnostic suggests escaping the source code on output. */ ++ enum diagnostics_escape_format escape_format; ++ + /* If non-NULL, an edit_context to which fix-it hints should be + applied, for generating patches. */ + edit_context *edit_context_ptr; +diff --git a/gcc/diagnostic-show-locus.c b/gcc/diagnostic-show-locus.c +--- a/gcc/diagnostic-show-locus.c 2021-07-27 23:55:07.232286576 -0700 ++++ b/gcc/diagnostic-show-locus.c 2021-12-14 01:16:01.545943202 -0800 +@@ -175,10 +175,26 @@ enum column_unit { + class exploc_with_display_col : public expanded_location + { + public: +- exploc_with_display_col (const expanded_location &exploc, int tabstop) +- : expanded_location (exploc), +- m_display_col (location_compute_display_column (exploc, tabstop)) +- {} ++ exploc_with_display_col (const expanded_location &exploc, ++ const cpp_char_column_policy &policy, ++ enum location_aspect aspect) ++ : expanded_location (exploc), ++ m_display_col (location_compute_display_column (exploc, policy)) ++ { ++ if (exploc.column > 0) ++ { ++ /* m_display_col is now the final column of the byte. ++ If escaping has happened, we may want the first column instead. */ ++ if (aspect != LOCATION_ASPECT_FINISH) ++ { ++ expanded_location prev_exploc (exploc); ++ prev_exploc.column--; ++ int prev_display_col ++ = (location_compute_display_column (prev_exploc, policy)); ++ m_display_col = prev_display_col + 1; ++ } ++ } ++ } + + int m_display_col; + }; +@@ -313,6 +329,31 @@ test_line_span () + + #endif /* #if CHECKING_P */ + ++/* A bundle of information containing how to print unicode ++ characters and bytes when quoting source code. ++ ++ Provides a unified place to support escaping some subset ++ of characters to some format. ++ ++ Extends char_column_policy; printing is split out to avoid ++ libcpp having to know about pretty_printer. */ ++ ++struct char_display_policy : public cpp_char_column_policy ++{ ++ public: ++ char_display_policy (int tabstop, ++ int (*width_cb) (cppchar_t c), ++ void (*print_cb) (pretty_printer *pp, ++ const cpp_decoded_char &cp)) ++ : cpp_char_column_policy (tabstop, width_cb), ++ m_print_cb (print_cb) ++ { ++ } ++ ++ void (*m_print_cb) (pretty_printer *pp, ++ const cpp_decoded_char &cp); ++}; ++ + /* A class to control the overall layout when printing a diagnostic. + + The layout is determined within the constructor. +@@ -345,6 +386,8 @@ class layout + + void print_line (linenum_type row); + ++ void on_bad_codepoint (const char *ptr, cppchar_t ch, size_t ch_sz); ++ + private: + bool will_show_line_p (linenum_type row) const; + void print_leading_fixits (linenum_type row); +@@ -386,6 +429,7 @@ class layout + private: + diagnostic_context *m_context; + pretty_printer *m_pp; ++ char_display_policy m_policy; + location_t m_primary_loc; + exploc_with_display_col m_exploc; + colorizer m_colorizer; +@@ -398,6 +442,7 @@ class layout + auto_vec m_line_spans; + int m_linenum_width; + int m_x_offset_display; ++ bool m_escape_on_output; + }; + + /* Implementation of "class colorizer". */ +@@ -646,6 +691,11 @@ layout_range::intersects_line_p (linenum + /* Default for when we don't care what the tab expansion is set to. */ + static const int def_tabstop = 8; + ++static cpp_char_column_policy def_policy () ++{ ++ return cpp_char_column_policy (8, cpp_wcwidth); ++} ++ + /* Create some expanded locations for testing layout_range. The filename + member of the explocs is set to the empty string. This member will only be + inspected by the calls to location_compute_display_column() made from the +@@ -662,10 +712,13 @@ make_range (int start_line, int start_co + = {"", start_line, start_col, NULL, false}; + const expanded_location finish_exploc + = {"", end_line, end_col, NULL, false}; +- return layout_range (exploc_with_display_col (start_exploc, def_tabstop), +- exploc_with_display_col (finish_exploc, def_tabstop), ++ return layout_range (exploc_with_display_col (start_exploc, def_policy (), ++ LOCATION_ASPECT_START), ++ exploc_with_display_col (finish_exploc, def_policy (), ++ LOCATION_ASPECT_FINISH), + SHOW_RANGE_WITHOUT_CARET, +- exploc_with_display_col (start_exploc, def_tabstop), ++ exploc_with_display_col (start_exploc, def_policy (), ++ LOCATION_ASPECT_CARET), + 0, NULL); + } + +@@ -959,6 +1012,164 @@ fixit_cmp (const void *p_a, const void * + return hint_a->get_start_loc () - hint_b->get_start_loc (); + } + ++/* Callbacks for use when not escaping the source. */ ++ ++/* The default callback for char_column_policy::m_width_cb is cpp_wcwidth. */ ++ ++/* Callback for char_display_policy::m_print_cb for printing source chars ++ when not escaping the source. */ ++ ++static void ++default_print_decoded_ch (pretty_printer *pp, ++ const cpp_decoded_char &decoded_ch) ++{ ++ for (const char *ptr = decoded_ch.m_start_byte; ++ ptr != decoded_ch.m_next_byte; ptr++) ++ { ++ if (*ptr == '\0' || *ptr == '\r') ++ { ++ pp_space (pp); ++ continue; ++ } ++ ++ pp_character (pp, *ptr); ++ } ++} ++ ++/* Callbacks for use with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */ ++ ++static const int width_per_escaped_byte = 4; ++ ++/* Callback for char_column_policy::m_width_cb for determining the ++ display width when escaping with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */ ++ ++static int ++escape_as_bytes_width (cppchar_t ch) ++{ ++ if (ch < 0x80 && ISPRINT (ch)) ++ return cpp_wcwidth (ch); ++ else ++ { ++ if (ch <= 0x7F) return 1 * width_per_escaped_byte; ++ if (ch <= 0x7FF) return 2 * width_per_escaped_byte; ++ if (ch <= 0xFFFF) return 3 * width_per_escaped_byte; ++ return 4 * width_per_escaped_byte; ++ } ++} ++ ++/* Callback for char_display_policy::m_print_cb for printing source chars ++ when escaping with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */ ++ ++static void ++escape_as_bytes_print (pretty_printer *pp, ++ const cpp_decoded_char &decoded_ch) ++{ ++ if (!decoded_ch.m_valid_ch) ++ { ++ for (const char *iter = decoded_ch.m_start_byte; ++ iter != decoded_ch.m_next_byte; ++iter) ++ { ++ char buf[16]; ++ sprintf (buf, "<%02x>", (unsigned char)*iter); ++ pp_string (pp, buf); ++ } ++ return; ++ } ++ ++ cppchar_t ch = decoded_ch.m_ch; ++ if (ch < 0x80 && ISPRINT (ch)) ++ pp_character (pp, ch); ++ else ++ { ++ for (const char *iter = decoded_ch.m_start_byte; ++ iter < decoded_ch.m_next_byte; ++iter) ++ { ++ char buf[16]; ++ sprintf (buf, "<%02x>", (unsigned char)*iter); ++ pp_string (pp, buf); ++ } ++ } ++} ++ ++/* Callbacks for use with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */ ++ ++/* Callback for char_column_policy::m_width_cb for determining the ++ display width when escaping with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */ ++ ++static int ++escape_as_unicode_width (cppchar_t ch) ++{ ++ if (ch < 0x80 && ISPRINT (ch)) ++ return cpp_wcwidth (ch); ++ else ++ { ++ // Width of "" ++ if (ch > 0xfffff) ++ return 10; ++ else if (ch > 0xffff) ++ return 9; ++ else ++ return 8; ++ } ++} ++ ++/* Callback for char_display_policy::m_print_cb for printing source chars ++ when escaping with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */ ++ ++static void ++escape_as_unicode_print (pretty_printer *pp, ++ const cpp_decoded_char &decoded_ch) ++{ ++ if (!decoded_ch.m_valid_ch) ++ { ++ escape_as_bytes_print (pp, decoded_ch); ++ return; ++ } ++ ++ cppchar_t ch = decoded_ch.m_ch; ++ if (ch < 0x80 && ISPRINT (ch)) ++ pp_character (pp, ch); ++ else ++ { ++ char buf[16]; ++ sprintf (buf, "", ch); ++ pp_string (pp, buf); ++ } ++} ++ ++/* Populate a char_display_policy based on DC and RICHLOC. */ ++ ++static char_display_policy ++make_policy (const diagnostic_context &dc, ++ const rich_location &richloc) ++{ ++ /* The default is to not escape non-ASCII bytes. */ ++ char_display_policy result ++ (dc.tabstop, cpp_wcwidth, default_print_decoded_ch); ++ ++ /* If the diagnostic suggests escaping non-ASCII bytes, then ++ use policy from user-supplied options. */ ++ if (richloc.escape_on_output_p ()) ++ { ++ result.m_undecoded_byte_width = width_per_escaped_byte; ++ switch (dc.escape_format) ++ { ++ default: ++ gcc_unreachable (); ++ case DIAGNOSTICS_ESCAPE_FORMAT_UNICODE: ++ result.m_width_cb = escape_as_unicode_width; ++ result.m_print_cb = escape_as_unicode_print; ++ break; ++ case DIAGNOSTICS_ESCAPE_FORMAT_BYTES: ++ result.m_width_cb = escape_as_bytes_width; ++ result.m_print_cb = escape_as_bytes_print; ++ break; ++ } ++ } ++ ++ return result; ++} ++ + /* Implementation of class layout. */ + + /* Constructor for class layout. +@@ -975,8 +1186,10 @@ layout::layout (diagnostic_context * con + diagnostic_t diagnostic_kind) + : m_context (context), + m_pp (context->printer), ++ m_policy (make_policy (*context, *richloc)), + m_primary_loc (richloc->get_range (0)->m_loc), +- m_exploc (richloc->get_expanded_location (0), context->tabstop), ++ m_exploc (richloc->get_expanded_location (0), m_policy, ++ LOCATION_ASPECT_CARET), + m_colorizer (context, diagnostic_kind), + m_colorize_source_p (context->colorize_source_p), + m_show_labels_p (context->show_labels_p), +@@ -986,7 +1199,8 @@ layout::layout (diagnostic_context * con + m_fixit_hints (richloc->get_num_fixit_hints ()), + m_line_spans (1 + richloc->get_num_locations ()), + m_linenum_width (0), +- m_x_offset_display (0) ++ m_x_offset_display (0), ++ m_escape_on_output (richloc->escape_on_output_p ()) + { + for (unsigned int idx = 0; idx < richloc->get_num_locations (); idx++) + { +@@ -1072,10 +1286,13 @@ layout::maybe_add_location_range (const + + /* Everything is now known to be in the correct source file, + but it may require further sanitization. */ +- layout_range ri (exploc_with_display_col (start, m_context->tabstop), +- exploc_with_display_col (finish, m_context->tabstop), ++ layout_range ri (exploc_with_display_col (start, m_policy, ++ LOCATION_ASPECT_START), ++ exploc_with_display_col (finish, m_policy, ++ LOCATION_ASPECT_FINISH), + loc_range->m_range_display_kind, +- exploc_with_display_col (caret, m_context->tabstop), ++ exploc_with_display_col (caret, m_policy, ++ LOCATION_ASPECT_CARET), + original_idx, loc_range->m_label); + + /* If we have a range that finishes before it starts (perhaps +@@ -1409,7 +1626,7 @@ layout::calculate_x_offset_display () + = get_line_bytes_without_trailing_whitespace (line.get_buffer (), + line.length ()); + int eol_display_column +- = cpp_display_width (line.get_buffer (), line_bytes, m_context->tabstop); ++ = cpp_display_width (line.get_buffer (), line_bytes, m_policy); + if (caret_display_column > eol_display_column + || !caret_display_column) + { +@@ -1488,7 +1705,7 @@ layout::print_source_line (linenum_type + /* This object helps to keep track of which display column we are at, which is + necessary for computing the line bounds in display units, for doing + tab expansion, and for implementing m_x_offset_display. */ +- cpp_display_width_computation dw (line, line_bytes, m_context->tabstop); ++ cpp_display_width_computation dw (line, line_bytes, m_policy); + + /* Skip the first m_x_offset_display display columns. In case the leading + portion that will be skipped ends with a character with wcwidth > 1, then +@@ -1536,7 +1753,8 @@ layout::print_source_line (linenum_type + tabs and replacing some control bytes with spaces as necessary. */ + const char *c = dw.next_byte (); + const int start_disp_col = dw.display_cols_processed () + 1; +- const int this_display_width = dw.process_next_codepoint (); ++ cpp_decoded_char cp; ++ const int this_display_width = dw.process_next_codepoint (&cp); + if (*c == '\t') + { + /* The returned display width is the number of spaces into which the +@@ -1545,15 +1763,6 @@ layout::print_source_line (linenum_type + pp_space (m_pp); + continue; + } +- if (*c == '\0' || *c == '\r') +- { +- /* cpp_wcwidth() promises to return 1 for all control bytes, and we +- want to output these as a single space too, so this case is +- actually the same as the '\t' case. */ +- gcc_assert (this_display_width == 1); +- pp_space (m_pp); +- continue; +- } + + /* We have a (possibly multibyte) character to output; update the line + bounds if it is not whitespace. */ +@@ -1565,7 +1774,8 @@ layout::print_source_line (linenum_type + } + + /* Output the character. */ +- while (c != dw.next_byte ()) pp_character (m_pp, *c++); ++ m_policy.m_print_cb (m_pp, cp); ++ c = dw.next_byte (); + } + print_newline (); + return lbounds; +@@ -1664,14 +1874,14 @@ layout::print_annotation_line (linenum_t + class line_label + { + public: +- line_label (diagnostic_context *context, int state_idx, int column, ++ line_label (const cpp_char_column_policy &policy, ++ int state_idx, int column, + label_text text) + : m_state_idx (state_idx), m_column (column), + m_text (text), m_label_line (0), m_has_vbar (true) + { + const int bytes = strlen (text.m_buffer); +- m_display_width +- = cpp_display_width (text.m_buffer, bytes, context->tabstop); ++ m_display_width = cpp_display_width (text.m_buffer, bytes, policy); + } + + /* Sorting is primarily by column, then by state index. */ +@@ -1731,7 +1941,7 @@ layout::print_any_labels (linenum_type r + if (text.m_buffer == NULL) + continue; + +- labels.safe_push (line_label (m_context, i, disp_col, text)); ++ labels.safe_push (line_label (m_policy, i, disp_col, text)); + } + } + +@@ -2011,7 +2221,7 @@ public: + + /* Get the range of bytes or display columns that HINT would affect. */ + static column_range +-get_affected_range (diagnostic_context *context, ++get_affected_range (const cpp_char_column_policy &policy, + const fixit_hint *hint, enum column_unit col_unit) + { + expanded_location exploc_start = expand_location (hint->get_start_loc ()); +@@ -2022,13 +2232,11 @@ get_affected_range (diagnostic_context * + int finish_column; + if (col_unit == CU_DISPLAY_COLS) + { +- start_column +- = location_compute_display_column (exploc_start, context->tabstop); ++ start_column = location_compute_display_column (exploc_start, policy); + if (hint->insertion_p ()) + finish_column = start_column - 1; + else +- finish_column +- = location_compute_display_column (exploc_finish, context->tabstop); ++ finish_column = location_compute_display_column (exploc_finish, policy); + } + else + { +@@ -2041,12 +2249,13 @@ get_affected_range (diagnostic_context * + /* Get the range of display columns that would be printed for HINT. */ + + static column_range +-get_printed_columns (diagnostic_context *context, const fixit_hint *hint) ++get_printed_columns (const cpp_char_column_policy &policy, ++ const fixit_hint *hint) + { + expanded_location exploc = expand_location (hint->get_start_loc ()); +- int start_column = location_compute_display_column (exploc, context->tabstop); ++ int start_column = location_compute_display_column (exploc, policy); + int hint_width = cpp_display_width (hint->get_string (), hint->get_length (), +- context->tabstop); ++ policy); + int final_hint_column = start_column + hint_width - 1; + if (hint->insertion_p ()) + { +@@ -2056,8 +2265,7 @@ get_printed_columns (diagnostic_context + { + exploc = expand_location (hint->get_next_loc ()); + --exploc.column; +- int finish_column +- = location_compute_display_column (exploc, context->tabstop); ++ int finish_column = location_compute_display_column (exploc, policy); + return column_range (start_column, + MAX (finish_column, final_hint_column)); + } +@@ -2075,13 +2283,13 @@ public: + column_range affected_columns, + column_range printed_columns, + const char *new_text, size_t new_text_len, +- int tabstop) ++ const cpp_char_column_policy &policy) + : m_affected_bytes (affected_bytes), + m_affected_columns (affected_columns), + m_printed_columns (printed_columns), + m_text (xstrdup (new_text)), + m_byte_length (new_text_len), +- m_tabstop (tabstop), ++ m_policy (policy), + m_alloc_sz (new_text_len + 1) + { + compute_display_cols (); +@@ -2099,7 +2307,7 @@ public: + + void compute_display_cols () + { +- m_display_cols = cpp_display_width (m_text, m_byte_length, m_tabstop); ++ m_display_cols = cpp_display_width (m_text, m_byte_length, m_policy); + } + + void overwrite (int dst_offset, const char_span &src_span) +@@ -2127,7 +2335,7 @@ public: + char *m_text; + size_t m_byte_length; /* Not including null-terminator. */ + int m_display_cols; +- int m_tabstop; ++ const cpp_char_column_policy &m_policy; + size_t m_alloc_sz; + }; + +@@ -2163,15 +2371,16 @@ correction::ensure_terminated () + class line_corrections + { + public: +- line_corrections (diagnostic_context *context, const char *filename, ++ line_corrections (const char_display_policy &policy, ++ const char *filename, + linenum_type row) +- : m_context (context), m_filename (filename), m_row (row) ++ : m_policy (policy), m_filename (filename), m_row (row) + {} + ~line_corrections (); + + void add_hint (const fixit_hint *hint); + +- diagnostic_context *m_context; ++ const char_display_policy &m_policy; + const char *m_filename; + linenum_type m_row; + auto_vec m_corrections; +@@ -2217,10 +2426,10 @@ source_line::source_line (const char *fi + void + line_corrections::add_hint (const fixit_hint *hint) + { +- column_range affected_bytes = get_affected_range (m_context, hint, CU_BYTES); +- column_range affected_columns = get_affected_range (m_context, hint, ++ column_range affected_bytes = get_affected_range (m_policy, hint, CU_BYTES); ++ column_range affected_columns = get_affected_range (m_policy, hint, + CU_DISPLAY_COLS); +- column_range printed_columns = get_printed_columns (m_context, hint); ++ column_range printed_columns = get_printed_columns (m_policy, hint); + + /* Potentially consolidate. */ + if (!m_corrections.is_empty ()) +@@ -2289,7 +2498,7 @@ line_corrections::add_hint (const fixit_ + printed_columns, + hint->get_string (), + hint->get_length (), +- m_context->tabstop)); ++ m_policy)); + } + + /* If there are any fixit hints on source line ROW, print them. +@@ -2303,7 +2512,7 @@ layout::print_trailing_fixits (linenum_t + { + /* Build a list of correction instances for the line, + potentially consolidating hints (for the sake of readability). */ +- line_corrections corrections (m_context, m_exploc.file, row); ++ line_corrections corrections (m_policy, m_exploc.file, row); + for (unsigned int i = 0; i < m_fixit_hints.length (); i++) + { + const fixit_hint *hint = m_fixit_hints[i]; +@@ -2646,6 +2855,59 @@ namespace selftest { + + /* Selftests for diagnostic_show_locus. */ + ++/* Verify that cpp_display_width correctly handles escaping. */ ++ ++static void ++test_display_widths () ++{ ++ gcc_rich_location richloc (UNKNOWN_LOCATION); ++ ++ /* U+03C0 "GREEK SMALL LETTER PI". */ ++ const char *pi = "\xCF\x80"; ++ /* U+1F642 "SLIGHTLY SMILING FACE". */ ++ const char *emoji = "\xF0\x9F\x99\x82"; ++ /* Stray trailing byte of a UTF-8 character. */ ++ const char *stray = "\xBF"; ++ /* U+10FFFF. */ ++ const char *max_codepoint = "\xF4\x8F\xBF\xBF"; ++ ++ /* No escaping. */ ++ { ++ test_diagnostic_context dc; ++ char_display_policy policy (make_policy (dc, richloc)); ++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 1); ++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 2); ++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 1); ++ /* Don't check width of U+10FFFF; it's in a private use plane. */ ++ } ++ ++ richloc.set_escape_on_output (true); ++ ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; ++ char_display_policy policy (make_policy (dc, richloc)); ++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 8); ++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 9); ++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 4); ++ ASSERT_EQ (cpp_display_width (max_codepoint, strlen (max_codepoint), ++ policy), ++ strlen ("")); ++ } ++ ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES; ++ char_display_policy policy (make_policy (dc, richloc)); ++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 8); ++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 16); ++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 4); ++ ASSERT_EQ (cpp_display_width (max_codepoint, strlen (max_codepoint), ++ policy), ++ 16); ++ } ++} ++ + /* For precise tests of the layout, make clear where the source line will + start. test_left_margin sets the total byte count from the left side of the + screen to the start of source lines, after the line number and the separator, +@@ -2715,10 +2977,10 @@ test_layout_x_offset_display_utf8 (const + char_span lspan = location_get_source_line (tmp.get_filename (), 1); + ASSERT_EQ (line_display_cols, + cpp_display_width (lspan.get_buffer (), lspan.length (), +- def_tabstop)); ++ def_policy ())); + ASSERT_EQ (line_display_cols, + location_compute_display_column (expand_location (line_end), +- def_tabstop)); ++ def_policy ())); + ASSERT_EQ (0, memcmp (lspan.get_buffer () + (emoji_col - 1), + "\xf0\x9f\x98\x82\xf0\x9f\x98\x82", 8)); + +@@ -2866,12 +3128,13 @@ test_layout_x_offset_display_tab (const + ASSERT_EQ ('\t', *(lspan.get_buffer () + (tab_col - 1))); + for (int tabstop = 1; tabstop != num_tabstops; ++tabstop) + { ++ cpp_char_column_policy policy (tabstop, cpp_wcwidth); + ASSERT_EQ (line_bytes + extra_width[tabstop], + cpp_display_width (lspan.get_buffer (), lspan.length (), +- tabstop)); ++ policy)); + ASSERT_EQ (line_bytes + extra_width[tabstop], + location_compute_display_column (expand_location (line_end), +- tabstop)); ++ policy)); + } + + /* Check that the tab is expanded to the expected number of spaces. */ +@@ -4003,6 +4266,43 @@ test_one_liner_labels_utf8 () + " bb\xf0\x9f\x98\x82\xf0\x9f\x98\x82\n", + pp_formatted_text (dc.printer)); + } ++ ++ /* Example of escaping the source lines. */ ++ { ++ text_range_label label0 ("label 0\xf0\x9f\x98\x82"); ++ text_range_label label1 ("label 1\xcf\x80"); ++ text_range_label label2 ("label 2\xcf\x80"); ++ gcc_rich_location richloc (foo, &label0); ++ richloc.add_range (bar, SHOW_RANGE_WITHOUT_CARET, &label1); ++ richloc.add_range (field, SHOW_RANGE_WITHOUT_CARET, &label2); ++ richloc.set_escape_on_output (true); ++ ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" _foo = _bar._field;\n" ++ " ^~~~~~~~~~~~~ ~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~\n" ++ " | | |\n" ++ " | | label 2\xcf\x80\n" ++ " | label 1\xcf\x80\n" ++ " label 0\xf0\x9f\x98\x82\n", ++ pp_formatted_text (dc.printer)); ++ } ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ ++ (" <9f><98><82>_foo = <80>_bar.<9f><98><82>_field<80>;\n" ++ " ^~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n" ++ " | | |\n" ++ " | | label 2\xcf\x80\n" ++ " | label 1\xcf\x80\n" ++ " label 0\xf0\x9f\x98\x82\n", ++ pp_formatted_text (dc.printer)); ++ } ++ } + } + + /* Make sure that colorization codes don't interrupt a multibyte +@@ -4057,9 +4357,9 @@ test_diagnostic_show_locus_one_liner_utf + + char_span lspan = location_get_source_line (tmp.get_filename (), 1); + ASSERT_EQ (25, cpp_display_width (lspan.get_buffer (), lspan.length (), +- def_tabstop)); ++ def_policy ())); + ASSERT_EQ (25, location_compute_display_column (expand_location (line_end), +- def_tabstop)); ++ def_policy ())); + + test_one_liner_simple_caret_utf8 (); + test_one_liner_caret_and_range_utf8 (); +@@ -4445,30 +4745,31 @@ test_overlapped_fixit_printing (const li + pp_formatted_text (dc.printer)); + + /* Unit-test the line_corrections machinery. */ ++ char_display_policy policy (make_policy (dc, richloc)); + ASSERT_EQ (3, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); + ASSERT_EQ (column_range (12, 12), +- get_affected_range (&dc, hint_0, CU_BYTES)); ++ get_affected_range (policy, hint_0, CU_BYTES)); + ASSERT_EQ (column_range (12, 12), +- get_affected_range (&dc, hint_0, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0)); ++ get_affected_range (policy, hint_0, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (12, 22), get_printed_columns (policy, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); + ASSERT_EQ (column_range (18, 18), +- get_affected_range (&dc, hint_1, CU_BYTES)); ++ get_affected_range (policy, hint_1, CU_BYTES)); + ASSERT_EQ (column_range (18, 18), +- get_affected_range (&dc, hint_1, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1)); ++ get_affected_range (policy, hint_1, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (18, 20), get_printed_columns (policy, hint_1)); + const fixit_hint *hint_2 = richloc.get_fixit_hint (2); + ASSERT_EQ (column_range (29, 28), +- get_affected_range (&dc, hint_2, CU_BYTES)); ++ get_affected_range (policy, hint_2, CU_BYTES)); + ASSERT_EQ (column_range (29, 28), +- get_affected_range (&dc, hint_2, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (29, 29), get_printed_columns (&dc, hint_2)); ++ get_affected_range (policy, hint_2, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (29, 29), get_printed_columns (policy, hint_2)); + + /* Add each hint in turn to a line_corrections instance, + and verify that they are consolidated into one correction instance + as expected. */ +- line_corrections lc (&dc, tmp.get_filename (), 1); ++ line_corrections lc (policy, tmp.get_filename (), 1); + + /* The first replace hint by itself. */ + lc.add_hint (hint_0); +@@ -4660,30 +4961,31 @@ test_overlapped_fixit_printing_utf8 (con + pp_formatted_text (dc.printer)); + + /* Unit-test the line_corrections machinery. */ ++ char_display_policy policy (make_policy (dc, richloc)); + ASSERT_EQ (3, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); + ASSERT_EQ (column_range (14, 14), +- get_affected_range (&dc, hint_0, CU_BYTES)); ++ get_affected_range (policy, hint_0, CU_BYTES)); + ASSERT_EQ (column_range (12, 12), +- get_affected_range (&dc, hint_0, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0)); ++ get_affected_range (policy, hint_0, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (12, 22), get_printed_columns (policy, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); + ASSERT_EQ (column_range (22, 22), +- get_affected_range (&dc, hint_1, CU_BYTES)); ++ get_affected_range (policy, hint_1, CU_BYTES)); + ASSERT_EQ (column_range (18, 18), +- get_affected_range (&dc, hint_1, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1)); ++ get_affected_range (policy, hint_1, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (18, 20), get_printed_columns (policy, hint_1)); + const fixit_hint *hint_2 = richloc.get_fixit_hint (2); + ASSERT_EQ (column_range (35, 34), +- get_affected_range (&dc, hint_2, CU_BYTES)); ++ get_affected_range (policy, hint_2, CU_BYTES)); + ASSERT_EQ (column_range (30, 29), +- get_affected_range (&dc, hint_2, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (30, 30), get_printed_columns (&dc, hint_2)); ++ get_affected_range (policy, hint_2, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (30, 30), get_printed_columns (policy, hint_2)); + + /* Add each hint in turn to a line_corrections instance, + and verify that they are consolidated into one correction instance + as expected. */ +- line_corrections lc (&dc, tmp.get_filename (), 1); ++ line_corrections lc (policy, tmp.get_filename (), 1); + + /* The first replace hint by itself. */ + lc.add_hint (hint_0); +@@ -4877,15 +5179,16 @@ test_overlapped_fixit_printing_2 (const + richloc.add_fixit_insert_before (col_21, "}"); + + /* These fixits should be accepted; they can't be consolidated. */ ++ char_display_policy policy (make_policy (dc, richloc)); + ASSERT_EQ (2, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); + ASSERT_EQ (column_range (23, 22), +- get_affected_range (&dc, hint_0, CU_BYTES)); +- ASSERT_EQ (column_range (23, 23), get_printed_columns (&dc, hint_0)); ++ get_affected_range (policy, hint_0, CU_BYTES)); ++ ASSERT_EQ (column_range (23, 23), get_printed_columns (policy, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); + ASSERT_EQ (column_range (21, 20), +- get_affected_range (&dc, hint_1, CU_BYTES)); +- ASSERT_EQ (column_range (21, 21), get_printed_columns (&dc, hint_1)); ++ get_affected_range (policy, hint_1, CU_BYTES)); ++ ASSERT_EQ (column_range (21, 21), get_printed_columns (policy, hint_1)); + + /* Verify that they're printed correctly. */ + diagnostic_show_locus (&dc, &richloc, DK_ERROR); +@@ -5152,10 +5455,11 @@ test_tab_expansion (const line_table_cas + ....................123 45678901234 56789012345 columns */ + + const int tabstop = 8; ++ cpp_char_column_policy policy (tabstop, cpp_wcwidth); + const int first_non_ws_byte_col = 7; + const int right_quote_byte_col = 15; + const int last_byte_col = 25; +- ASSERT_EQ (35, cpp_display_width (content, last_byte_col, tabstop)); ++ ASSERT_EQ (35, cpp_display_width (content, last_byte_col, policy)); + + temp_source_file tmp (SELFTEST_LOCATION, ".c", content); + line_table_test ltt (case_); +@@ -5198,6 +5502,114 @@ test_tab_expansion (const line_table_cas + } + } + ++/* Verify that the escaping machinery can cope with a variety of different ++ invalid bytes. */ ++ ++static void ++test_escaping_bytes_1 (const line_table_case &case_) ++{ ++ const char content[] = "before\0\1\2\3\r\x80\xff""after\n"; ++ const size_t sz = sizeof (content); ++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content, sz); ++ line_table_test ltt (case_); ++ const line_map_ordinary *ord_map = linemap_check_ordinary ++ (linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 0)); ++ linemap_line_start (line_table, 1, 100); ++ ++ location_t finish ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, ++ strlen (content)); ++ ++ if (finish > LINE_MAP_MAX_LOCATION_WITH_COLS) ++ return; ++ ++ /* Locations of the NUL and \r bytes. */ ++ location_t nul_loc ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 7); ++ location_t r_loc ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 11); ++ gcc_rich_location richloc (nul_loc); ++ richloc.add_range (r_loc); ++ ++ { ++ test_diagnostic_context dc; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" before \1\2\3 \x80\xff""after\n" ++ " ^ ~\n", ++ pp_formatted_text (dc.printer)); ++ } ++ richloc.set_escape_on_output (true); ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ ++ (" before<80>after\n" ++ " ^~~~~~~~ ~~~~~~~~\n", ++ pp_formatted_text (dc.printer)); ++ } ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" before<00><01><02><03><0d><80>after\n" ++ " ^~~~ ~~~~\n", ++ pp_formatted_text (dc.printer)); ++ } ++} ++ ++/* As above, but verify that we handle the initial byte of a line ++ correctly. */ ++ ++static void ++test_escaping_bytes_2 (const line_table_case &case_) ++{ ++ const char content[] = "\0after\n"; ++ const size_t sz = sizeof (content); ++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content, sz); ++ line_table_test ltt (case_); ++ const line_map_ordinary *ord_map = linemap_check_ordinary ++ (linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 0)); ++ linemap_line_start (line_table, 1, 100); ++ ++ location_t finish ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, ++ strlen (content)); ++ ++ if (finish > LINE_MAP_MAX_LOCATION_WITH_COLS) ++ return; ++ ++ /* Location of the NUL byte. */ ++ location_t nul_loc ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 1); ++ gcc_rich_location richloc (nul_loc); ++ ++ { ++ test_diagnostic_context dc; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" after\n" ++ " ^\n", ++ pp_formatted_text (dc.printer)); ++ } ++ richloc.set_escape_on_output (true); ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" after\n" ++ " ^~~~~~~~\n", ++ pp_formatted_text (dc.printer)); ++ } ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" <00>after\n" ++ " ^~~~\n", ++ pp_formatted_text (dc.printer)); ++ } ++} ++ + /* Verify that line numbers are correctly printed for the case of + a multiline range in which the width of the line numbers changes + (e.g. from "9" to "10"). */ +@@ -5254,6 +5666,8 @@ diagnostic_show_locus_c_tests () + test_layout_range_for_single_line (); + test_layout_range_for_multiple_lines (); + ++ test_display_widths (); ++ + for_each_line_table_case (test_layout_x_offset_display_utf8); + for_each_line_table_case (test_layout_x_offset_display_tab); + +@@ -5274,6 +5688,8 @@ diagnostic_show_locus_c_tests () + for_each_line_table_case (test_fixit_replace_containing_newline); + for_each_line_table_case (test_fixit_deletion_affecting_newline); + for_each_line_table_case (test_tab_expansion); ++ for_each_line_table_case (test_escaping_bytes_1); ++ for_each_line_table_case (test_escaping_bytes_2); + + test_line_numbers_multiline_range (); + } +diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +--- a/gcc/doc/invoke.texi 2021-12-13 23:23:05.764437151 -0800 ++++ b/gcc/doc/invoke.texi 2021-12-14 01:16:01.553943061 -0800 +@@ -312,7 +312,8 @@ Objective-C and Objective-C++ Dialects}. + -fdiagnostics-show-path-depths @gol + -fno-show-column @gol + -fdiagnostics-column-unit=@r{[}display@r{|}byte@r{]} @gol +--fdiagnostics-column-origin=@var{origin}} ++-fdiagnostics-column-origin=@var{origin} @gol ++-fdiagnostics-escape-format=@r{[}unicode@r{|}bytes@r{]}} + + @item Warning Options + @xref{Warning Options,,Options to Request or Suppress Warnings}. +@@ -5083,6 +5084,38 @@ first column. The default value of 1 co + behavior and to the GNU style guide. Some utilities may perform better with an + origin of 0; any non-negative value may be specified. + ++@item -fdiagnostics-escape-format=@var{FORMAT} ++@opindex fdiagnostics-escape-format ++When GCC prints pertinent source lines for a diagnostic it normally attempts ++to print the source bytes directly. However, some diagnostics relate to encoding ++issues in the source file, such as malformed UTF-8, or issues with Unicode ++normalization. These diagnostics are flagged so that GCC will escape bytes ++that are not printable ASCII when printing their pertinent source lines. ++ ++This option controls how such bytes should be escaped. ++ ++The default @var{FORMAT}, @samp{unicode} displays Unicode characters that ++are not printable ASCII in the form @samp{}, and bytes that do not ++correspond to a Unicode character validly-encoded in UTF-8-encoded will be ++displayed as hexadecimal in the form @samp{}. ++ ++For example, a source line containing the string @samp{before} followed by the ++Unicode character U+03C0 (``GREEK SMALL LETTER PI'', with UTF-8 encoding ++0xCF 0x80) followed by the byte 0xBF (a stray UTF-8 trailing byte), followed by ++the string @samp{after} will be printed for such a diagnostic as: ++ ++@smallexample ++ beforeafter ++@end smallexample ++ ++Setting @var{FORMAT} to @samp{bytes} will display all non-printable-ASCII bytes ++in the form @samp{}, thus showing the underlying encoding of non-ASCII ++Unicode characters. For the example above, the following will be printed: ++ ++@smallexample ++ before<80>after ++@end smallexample ++ + @item -fdiagnostics-format=@var{FORMAT} + @opindex fdiagnostics-format + Select a different format for printing diagnostics. +@@ -5150,9 +5183,11 @@ might be printed in JSON form (after for + @} + @} + ], ++ "escape-source": false, + "message": "...this statement, but the latter is @dots{}" + @} + ] ++ "escape-source": false, + "column-origin": 1, + @}, + @dots{} +@@ -5239,6 +5274,7 @@ of the expression, which have labels. I + "label": "T @{aka struct t@}" + @} + ], ++ "escape-source": false, + "message": "invalid operands to binary + @dots{}" + @} + @end smallexample +@@ -5292,6 +5328,7 @@ might be printed in JSON form as: + @} + @} + ], ++ "escape-source": false, + "message": "\u2018struct s\u2019 has no member named @dots{}" + @} + @end smallexample +@@ -5349,6 +5386,10 @@ For example, the intraprocedural example + ] + @end smallexample + ++Diagnostics have a boolean attribute @code{escape-source}, hinting whether ++non-ASCII bytes should be escaped when printing the pertinent lines of ++source code (@code{true} for diagnostics involving source encoding issues). ++ + @end table + + @node Warning Options +diff --git a/gcc/input.c b/gcc/input.c +--- a/gcc/input.c 2021-07-27 23:55:07.328287915 -0700 ++++ b/gcc/input.c 2021-12-14 01:16:01.553943061 -0800 +@@ -913,7 +913,8 @@ make_location (location_t caret, source_ + source line in order to calculate the display width. If that cannot be done + for any reason, then returns the byte column as a fallback. */ + int +-location_compute_display_column (expanded_location exploc, int tabstop) ++location_compute_display_column (expanded_location exploc, ++ const cpp_char_column_policy &policy) + { + if (!(exploc.file && *exploc.file && exploc.line && exploc.column)) + return exploc.column; +@@ -921,7 +922,7 @@ location_compute_display_column (expande + /* If line is NULL, this function returns exploc.column which is the + desired fallback. */ + return cpp_byte_column_to_display_column (line.get_buffer (), line.length (), +- exploc.column, tabstop); ++ exploc.column, policy); + } + + /* Dump statistics to stderr about the memory usage of the line_table +@@ -3611,43 +3612,50 @@ test_line_offset_overflow () + void test_cpp_utf8 () + { + const int def_tabstop = 8; ++ cpp_char_column_policy policy (def_tabstop, cpp_wcwidth); ++ + /* Verify that wcwidth of invalid UTF-8 or control bytes is 1. */ + { +- int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8, def_tabstop); ++ int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8, policy); + ASSERT_EQ (8, w_bad); +- int w_ctrl = cpp_display_width ("\r\n\v\0\1", 5, def_tabstop); ++ int w_ctrl = cpp_display_width ("\r\n\v\0\1", 5, policy); + ASSERT_EQ (5, w_ctrl); + } + + /* Verify that wcwidth of valid UTF-8 is as expected. */ + { +- const int w_pi = cpp_display_width ("\xcf\x80", 2, def_tabstop); ++ const int w_pi = cpp_display_width ("\xcf\x80", 2, policy); + ASSERT_EQ (1, w_pi); +- const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4, def_tabstop); ++ const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4, policy); + ASSERT_EQ (2, w_emoji); + const int w_umlaut_precomposed = cpp_display_width ("\xc3\xbf", 2, +- def_tabstop); ++ policy); + ASSERT_EQ (1, w_umlaut_precomposed); + const int w_umlaut_combining = cpp_display_width ("y\xcc\x88", 3, +- def_tabstop); ++ policy); + ASSERT_EQ (1, w_umlaut_combining); +- const int w_han = cpp_display_width ("\xe4\xb8\xba", 3, def_tabstop); ++ const int w_han = cpp_display_width ("\xe4\xb8\xba", 3, policy); + ASSERT_EQ (2, w_han); +- const int w_ascii = cpp_display_width ("GCC", 3, def_tabstop); ++ const int w_ascii = cpp_display_width ("GCC", 3, policy); + ASSERT_EQ (3, w_ascii); + const int w_mixed = cpp_display_width ("\xcf\x80 = 3.14 \xf0\x9f\x98\x82" + "\x9f! \xe4\xb8\xba y\xcc\x88", +- 24, def_tabstop); ++ 24, policy); + ASSERT_EQ (18, w_mixed); + } + + /* Verify that display width properly expands tabs. */ + { + const char *tstr = "\tabc\td"; +- ASSERT_EQ (6, cpp_display_width (tstr, 6, 1)); +- ASSERT_EQ (10, cpp_display_width (tstr, 6, 3)); +- ASSERT_EQ (17, cpp_display_width (tstr, 6, 8)); +- ASSERT_EQ (1, cpp_display_column_to_byte_column (tstr, 6, 7, 8)); ++ ASSERT_EQ (6, cpp_display_width (tstr, 6, ++ cpp_char_column_policy (1, cpp_wcwidth))); ++ ASSERT_EQ (10, cpp_display_width (tstr, 6, ++ cpp_char_column_policy (3, cpp_wcwidth))); ++ ASSERT_EQ (17, cpp_display_width (tstr, 6, ++ cpp_char_column_policy (8, cpp_wcwidth))); ++ ASSERT_EQ (1, ++ cpp_display_column_to_byte_column ++ (tstr, 6, 7, cpp_char_column_policy (8, cpp_wcwidth))); + } + + /* Verify that cpp_byte_column_to_display_column can go past the end, +@@ -3660,13 +3668,13 @@ void test_cpp_utf8 () + /* 111122223456 + Byte columns. */ + +- ASSERT_EQ (5, cpp_display_width (str, 6, def_tabstop)); ++ ASSERT_EQ (5, cpp_display_width (str, 6, policy)); + ASSERT_EQ (105, +- cpp_byte_column_to_display_column (str, 6, 106, def_tabstop)); ++ cpp_byte_column_to_display_column (str, 6, 106, policy)); + ASSERT_EQ (10000, +- cpp_byte_column_to_display_column (NULL, 0, 10000, def_tabstop)); ++ cpp_byte_column_to_display_column (NULL, 0, 10000, policy)); + ASSERT_EQ (0, +- cpp_byte_column_to_display_column (NULL, 10000, 0, def_tabstop)); ++ cpp_byte_column_to_display_column (NULL, 10000, 0, policy)); + } + + /* Verify that cpp_display_column_to_byte_column can go past the end, +@@ -3680,25 +3688,25 @@ void test_cpp_utf8 () + /* 000000000000000000000000000000000111111 + 111122223333444456666777788889999012345 + Byte columns. */ +- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2, def_tabstop)); ++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2, policy)); + ASSERT_EQ (15, +- cpp_display_column_to_byte_column (str, 15, 11, def_tabstop)); ++ cpp_display_column_to_byte_column (str, 15, 11, policy)); + ASSERT_EQ (115, +- cpp_display_column_to_byte_column (str, 15, 111, def_tabstop)); ++ cpp_display_column_to_byte_column (str, 15, 111, policy)); + ASSERT_EQ (10000, +- cpp_display_column_to_byte_column (NULL, 0, 10000, def_tabstop)); ++ cpp_display_column_to_byte_column (NULL, 0, 10000, policy)); + ASSERT_EQ (0, +- cpp_display_column_to_byte_column (NULL, 10000, 0, def_tabstop)); ++ cpp_display_column_to_byte_column (NULL, 10000, 0, policy)); + + /* Verify that we do not interrupt a UTF-8 sequence. */ +- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1, def_tabstop)); ++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1, policy)); + + for (int byte_col = 1; byte_col <= 15; ++byte_col) + { + const int disp_col +- = cpp_byte_column_to_display_column (str, 15, byte_col, def_tabstop); ++ = cpp_byte_column_to_display_column (str, 15, byte_col, policy); + const int byte_col2 +- = cpp_display_column_to_byte_column (str, 15, disp_col, def_tabstop); ++ = cpp_display_column_to_byte_column (str, 15, disp_col, policy); + + /* If we ask for the display column in the middle of a UTF-8 + sequence, it will return the length of the partial sequence, +diff --git a/gcc/input.h b/gcc/input.h +--- a/gcc/input.h 2021-07-27 23:55:07.328287915 -0700 ++++ b/gcc/input.h 2021-12-14 01:16:01.553943061 -0800 +@@ -39,8 +39,11 @@ STATIC_ASSERT (BUILTINS_LOCATION < RESER + extern bool is_location_from_builtin_token (location_t); + extern expanded_location expand_location (location_t); + +-extern int location_compute_display_column (expanded_location exploc, +- int tabstop); ++class cpp_char_column_policy; ++ ++extern int ++location_compute_display_column (expanded_location exploc, ++ const cpp_char_column_policy &policy); + + /* A class capturing the bounds of a buffer, to allow for run-time + bounds-checking in a checked build. */ +diff --git a/gcc/opts.c b/gcc/opts.c +--- a/gcc/opts.c 2021-07-27 23:55:07.364288417 -0700 ++++ b/gcc/opts.c 2021-12-14 01:16:01.553943061 -0800 +@@ -2573,6 +2573,10 @@ common_handle_option (struct gcc_options + dc->column_origin = value; + break; + ++ case OPT_fdiagnostics_escape_format_: ++ dc->escape_format = (enum diagnostics_escape_format)value; ++ break; ++ + case OPT_fdiagnostics_show_cwe: + dc->show_cwe = value; + break; +diff --git a/gcc/selftest.c b/gcc/selftest.c +--- a/gcc/selftest.c 2021-07-27 23:55:07.500290315 -0700 ++++ b/gcc/selftest.c 2021-12-14 01:16:01.557942991 -0800 +@@ -193,6 +193,21 @@ temp_source_file::temp_source_file (cons + fclose (out); + } + ++/* As above, but with a size, to allow for NUL bytes in CONTENT. */ ++ ++temp_source_file::temp_source_file (const location &loc, ++ const char *suffix, ++ const char *content, ++ size_t sz) ++: named_temp_file (suffix) ++{ ++ FILE *out = fopen (get_filename (), "w"); ++ if (!out) ++ fail_formatted (loc, "unable to open tempfile: %s", get_filename ()); ++ fwrite (content, sz, 1, out); ++ fclose (out); ++} ++ + /* Avoid introducing locale-specific differences in the results + by hardcoding open_quote and close_quote. */ + +diff --git a/gcc/selftest.h b/gcc/selftest.h +--- a/gcc/selftest.h 2021-07-27 23:55:07.500290315 -0700 ++++ b/gcc/selftest.h 2021-12-14 01:16:01.557942991 -0800 +@@ -112,6 +112,8 @@ class temp_source_file : public named_te + public: + temp_source_file (const location &loc, const char *suffix, + const char *content); ++ temp_source_file (const location &loc, const char *suffix, ++ const char *content, size_t sz); + }; + + /* RAII-style class for avoiding introducing locale-specific differences +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2021-07-27 23:55:07.596291654 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2021-12-14 01:16:01.557942991 -0800 +@@ -9,6 +9,7 @@ + + /* { dg-regexp "\"kind\": \"error\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"message\": \"#error message\"" } */ + + /* { dg-regexp "\"caret\": \{" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2021-07-27 23:55:07.596291654 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2021-12-14 01:16:01.557942991 -0800 +@@ -9,6 +9,7 @@ + + /* { dg-regexp "\"kind\": \"warning\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"message\": \"#warning message\"" } */ + /* { dg-regexp "\"option\": \"-Wcpp\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2021-07-27 23:55:07.596291654 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2021-12-14 01:16:01.557942991 -0800 +@@ -9,6 +9,7 @@ + + /* { dg-regexp "\"kind\": \"error\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"message\": \"#warning message\"" } */ + /* { dg-regexp "\"option\": \"-Werror=cpp\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2021-07-27 23:55:07.596291654 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2021-12-14 01:16:01.557942991 -0800 +@@ -19,6 +19,7 @@ int test (void) + + /* { dg-regexp "\"kind\": \"note\"" } */ + /* { dg-regexp "\"message\": \"...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'\"" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + + /* { dg-regexp "\"caret\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */ +@@ -39,6 +40,7 @@ int test (void) + /* { dg-regexp "\"kind\": \"warning\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ + /* { dg-regexp "\"message\": \"this 'if' clause does not guard...\"" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"option\": \"-Wmisleading-indentation\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wmisleading-indentation\"" } */ + +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2021-07-27 23:55:07.596291654 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2021-12-14 01:16:01.557942991 -0800 +@@ -14,6 +14,7 @@ int test (struct s *ptr) + + /* { dg-regexp "\"kind\": \"error\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"message\": \".*\"" } */ + + /* Verify fix-it hints. */ +diff --git a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c +--- a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c 2021-12-14 01:16:01.557942991 -0800 +@@ -0,0 +1,21 @@ ++// { dg-do preprocess } ++// { dg-options "-std=gnu99 -Werror=normalized=nfc -fdiagnostics-show-caret -fdiagnostics-escape-format=bytes" } ++/* { dg-message "some warnings being treated as errors" "" {target "*-*-*"} 0 } */ ++ ++/* འ= U+0F43 TIBETAN LETTER GHA, which has decomposition "0F42 0FB7" i.e. ++ U+0F42 TIBETAN LETTER GA: འ++ U+0FB7 TIBETAN SUBJOINED LETTER HA: ྷ ++ ++ The UTF-8 encoding of U+0F43 TIBETAN LETTER GHA is: E0 BD 83. */ ++ ++foo before_\u0F43_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." } ++/* { dg-begin-multiline-output "" } ++ foo before_\u0F43_after bar ++ ^~~~~~~~~~~~~~~~~~~ ++ { dg-end-multiline-output "" } */ ++ ++foo before_à½_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." } ++/* { dg-begin-multiline-output "" } ++ foo before_<83>_after bar ++ ^~~~~~~~~~~~~~~~~~~~~~~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c +--- a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c 2021-12-14 01:16:01.557942991 -0800 +@@ -0,0 +1,19 @@ ++// { dg-do preprocess } ++// { dg-options "-std=gnu99 -Werror=normalized=nfc -fdiagnostics-show-caret -fdiagnostics-escape-format=unicode" } ++/* { dg-message "some warnings being treated as errors" "" {target "*-*-*"} 0 } */ ++ ++/* འ= U+0F43 TIBETAN LETTER GHA, which has decomposition "0F42 0FB7" i.e. ++ U+0F42 TIBETAN LETTER GA: འ++ U+0FB7 TIBETAN SUBJOINED LETTER HA: ྷ */ ++ ++foo before_\u0F43_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." } ++/* { dg-begin-multiline-output "" } ++ foo before_\u0F43_after bar ++ ^~~~~~~~~~~~~~~~~~~ ++ { dg-end-multiline-output "" } */ ++ ++foo before_à½_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." } ++/* { dg-begin-multiline-output "" } ++ foo before__after bar ++ ^~~~~~~~~~~~~~~~~~~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2021-07-27 23:55:08.472303878 -0700 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2021-12-14 01:16:01.557942991 -0800 +@@ -9,6 +9,7 @@ + + ! { dg-regexp "\"kind\": \"error\"" } + ! { dg-regexp "\"column-origin\": 1" } ++! { dg-regexp "\"escape-source\": false" } + ! { dg-regexp "\"message\": \"#error message\"" } + + ! { dg-regexp "\"caret\": \{" } +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2021-07-27 23:55:08.472303878 -0700 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2021-12-14 01:16:01.557942991 -0800 +@@ -9,6 +9,7 @@ + + ! { dg-regexp "\"kind\": \"warning\"" } + ! { dg-regexp "\"column-origin\": 1" } ++! { dg-regexp "\"escape-source\": false" } + ! { dg-regexp "\"message\": \"#warning message\"" } + ! { dg-regexp "\"option\": \"-Wcpp\"" } + ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" } +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2021-07-27 23:55:08.472303878 -0700 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2021-12-14 01:16:01.557942991 -0800 +@@ -9,6 +9,7 @@ + + ! { dg-regexp "\"kind\": \"error\"" } + ! { dg-regexp "\"column-origin\": 1" } ++! { dg-regexp "\"escape-source\": false" } + ! { dg-regexp "\"message\": \"#warning message\"" } + ! { dg-regexp "\"option\": \"-Werror=cpp\"" } + ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" } +diff --git a/libcpp/charset.c b/libcpp/charset.c +--- a/libcpp/charset.c 2021-07-27 23:55:08.712307227 -0700 ++++ b/libcpp/charset.c 2021-12-14 01:16:01.557942991 -0800 +@@ -1552,12 +1552,14 @@ convert_escape (cpp_reader *pfile, const + "unknown escape sequence: '\\%c'", (int) c); + else + { ++ encoding_rich_location rich_loc (pfile); ++ + /* diagnostic.c does not support "%03o". When it does, this + code can use %03o directly in the diagnostic again. */ + char buf[32]; + sprintf(buf, "%03o", (int) c); +- cpp_error (pfile, CPP_DL_PEDWARN, +- "unknown escape sequence: '\\%s'", buf); ++ cpp_error_at (pfile, CPP_DL_PEDWARN, &rich_loc, ++ "unknown escape sequence: '\\%s'", buf); + } + } + +@@ -2280,14 +2282,16 @@ cpp_string_location_reader::get_next () + } + + cpp_display_width_computation:: +-cpp_display_width_computation (const char *data, int data_length, int tabstop) : ++cpp_display_width_computation (const char *data, int data_length, ++ const cpp_char_column_policy &policy) : + m_begin (data), + m_next (m_begin), + m_bytes_left (data_length), +- m_tabstop (tabstop), ++ m_policy (policy), + m_display_cols (0) + { +- gcc_assert (m_tabstop > 0); ++ gcc_assert (policy.m_tabstop > 0); ++ gcc_assert (policy.m_width_cb); + } + + +@@ -2299,19 +2303,28 @@ cpp_display_width_computation (const cha + point to a valid UTF-8-encoded sequence, then it will be treated as a single + byte with display width 1. m_cur_display_col is the current display column, + relative to which tab stops should be expanded. Returns the display width of +- the codepoint just processed. */ ++ the codepoint just processed. ++ If OUT is non-NULL, it is populated. */ + + int +-cpp_display_width_computation::process_next_codepoint () ++cpp_display_width_computation::process_next_codepoint (cpp_decoded_char *out) + { + cppchar_t c; + int next_width; + ++ if (out) ++ out->m_start_byte = m_next; ++ + if (*m_next == '\t') + { + ++m_next; + --m_bytes_left; +- next_width = m_tabstop - (m_display_cols % m_tabstop); ++ next_width = m_policy.m_tabstop - (m_display_cols % m_policy.m_tabstop); ++ if (out) ++ { ++ out->m_ch = '\t'; ++ out->m_valid_ch = true; ++ } + } + else if (one_utf8_to_cppchar ((const uchar **) &m_next, &m_bytes_left, &c) + != 0) +@@ -2321,14 +2334,24 @@ cpp_display_width_computation::process_n + of one. */ + ++m_next; + --m_bytes_left; +- next_width = 1; ++ next_width = m_policy.m_undecoded_byte_width; ++ if (out) ++ out->m_valid_ch = false; + } + else + { + /* one_utf8_to_cppchar() has updated m_next and m_bytes_left for us. */ +- next_width = cpp_wcwidth (c); ++ next_width = m_policy.m_width_cb (c); ++ if (out) ++ { ++ out->m_ch = c; ++ out->m_valid_ch = true; ++ } + } + ++ if (out) ++ out->m_next_byte = m_next; ++ + m_display_cols += next_width; + return next_width; + } +@@ -2344,7 +2367,7 @@ cpp_display_width_computation::advance_d + const int start = m_display_cols; + const int target = start + n; + while (m_display_cols < target && !done ()) +- process_next_codepoint (); ++ process_next_codepoint (NULL); + return m_display_cols - start; + } + +@@ -2352,29 +2375,33 @@ cpp_display_width_computation::advance_d + how many display columns are occupied by the first COLUMN bytes. COLUMN + may exceed DATA_LENGTH, in which case the phantom bytes at the end are + treated as if they have display width 1. Tabs are expanded to the next tab +- stop, relative to the start of DATA. */ ++ stop, relative to the start of DATA, and non-printable-ASCII characters ++ will be escaped as per POLICY. */ + + int + cpp_byte_column_to_display_column (const char *data, int data_length, +- int column, int tabstop) ++ int column, ++ const cpp_char_column_policy &policy) + { + const int offset = MAX (0, column - data_length); +- cpp_display_width_computation dw (data, column - offset, tabstop); ++ cpp_display_width_computation dw (data, column - offset, policy); + while (!dw.done ()) +- dw.process_next_codepoint (); ++ dw.process_next_codepoint (NULL); + return dw.display_cols_processed () + offset; + } + + /* For the string of length DATA_LENGTH bytes that begins at DATA, compute + the least number of bytes that will result in at least DISPLAY_COL display + columns. The return value may exceed DATA_LENGTH if the entire string does +- not occupy enough display columns. */ ++ not occupy enough display columns. Non-printable-ASCII characters ++ will be escaped as per POLICY. */ + + int + cpp_display_column_to_byte_column (const char *data, int data_length, +- int display_col, int tabstop) ++ int display_col, ++ const cpp_char_column_policy &policy) + { +- cpp_display_width_computation dw (data, data_length, tabstop); ++ cpp_display_width_computation dw (data, data_length, policy); + const int avail_display = dw.advance_display_cols (display_col); + return dw.bytes_processed () + MAX (0, display_col - avail_display); + } +diff --git a/libcpp/errors.c b/libcpp/errors.c +--- a/libcpp/errors.c 2021-07-27 23:55:08.712307227 -0700 ++++ b/libcpp/errors.c 2021-12-14 01:16:01.557942991 -0800 +@@ -27,6 +27,31 @@ along with this program; see the file CO + #include "cpplib.h" + #include "internal.h" + ++/* Get a location_t for the current location in PFILE, ++ generally that of the previously lexed token. */ ++ ++location_t ++cpp_diagnostic_get_current_location (cpp_reader *pfile) ++{ ++ if (CPP_OPTION (pfile, traditional)) ++ { ++ if (pfile->state.in_directive) ++ return pfile->directive_line; ++ else ++ return pfile->line_table->highest_line; ++ } ++ /* We don't want to refer to a token before the beginning of the ++ current run -- that is invalid. */ ++ else if (pfile->cur_token == pfile->cur_run->base) ++ { ++ return 0; ++ } ++ else ++ { ++ return pfile->cur_token[-1].src_loc; ++ } ++} ++ + /* Print a diagnostic at the given location. */ + + ATTRIBUTE_FPTR_PRINTF(5,0) +@@ -52,25 +77,7 @@ cpp_diagnostic (cpp_reader * pfile, enum + enum cpp_warning_reason reason, + const char *msgid, va_list *ap) + { +- location_t src_loc; +- +- if (CPP_OPTION (pfile, traditional)) +- { +- if (pfile->state.in_directive) +- src_loc = pfile->directive_line; +- else +- src_loc = pfile->line_table->highest_line; +- } +- /* We don't want to refer to a token before the beginning of the +- current run -- that is invalid. */ +- else if (pfile->cur_token == pfile->cur_run->base) +- { +- src_loc = 0; +- } +- else +- { +- src_loc = pfile->cur_token[-1].src_loc; +- } ++ location_t src_loc = cpp_diagnostic_get_current_location (pfile); + rich_location richloc (pfile->line_table, src_loc); + return cpp_diagnostic_at (pfile, level, reason, &richloc, msgid, ap); + } +@@ -142,6 +149,43 @@ cpp_warning_syshdr (cpp_reader * pfile, + + va_end (ap); + return ret; ++} ++ ++/* As cpp_warning above, but use RICHLOC as the location of the diagnostic. */ ++ ++bool cpp_warning_at (cpp_reader *pfile, enum cpp_warning_reason reason, ++ rich_location *richloc, const char *msgid, ...) ++{ ++ va_list ap; ++ bool ret; ++ ++ va_start (ap, msgid); ++ ++ ret = cpp_diagnostic_at (pfile, CPP_DL_WARNING, reason, richloc, ++ msgid, &ap); ++ ++ va_end (ap); ++ return ret; ++ ++} ++ ++/* As cpp_pedwarning above, but use RICHLOC as the location of the ++ diagnostic. */ ++ ++bool ++cpp_pedwarning_at (cpp_reader * pfile, enum cpp_warning_reason reason, ++ rich_location *richloc, const char *msgid, ...) ++{ ++ va_list ap; ++ bool ret; ++ ++ va_start (ap, msgid); ++ ++ ret = cpp_diagnostic_at (pfile, CPP_DL_PEDWARN, reason, richloc, ++ msgid, &ap); ++ ++ va_end (ap); ++ return ret; + } + + /* Print a diagnostic at a specific location. */ +diff --git a/libcpp/include/cpplib.h b/libcpp/include/cpplib.h +--- a/libcpp/include/cpplib.h 2021-12-13 23:23:05.768437079 -0800 ++++ b/libcpp/include/cpplib.h 2021-12-14 01:20:16.189507386 -0800 +@@ -1275,6 +1275,14 @@ extern bool cpp_warning_syshdr (cpp_read + const char *msgid, ...) + ATTRIBUTE_PRINTF_3; + ++/* As their counterparts above, but use RICHLOC. */ ++extern bool cpp_warning_at (cpp_reader *, enum cpp_warning_reason, ++ rich_location *richloc, const char *msgid, ...) ++ ATTRIBUTE_PRINTF_4; ++extern bool cpp_pedwarning_at (cpp_reader *, enum cpp_warning_reason, ++ rich_location *richloc, const char *msgid, ...) ++ ATTRIBUTE_PRINTF_4; ++ + /* Output a diagnostic with "MSGID: " preceding the + error string of errno. No location is printed. */ + extern bool cpp_errno (cpp_reader *, enum cpp_diagnostic_level, +@@ -1435,42 +1443,95 @@ extern const char * cpp_get_userdef_suff + + /* In charset.c */ + ++/* The result of attempting to decode a run of UTF-8 bytes. */ ++ ++struct cpp_decoded_char ++{ ++ const char *m_start_byte; ++ const char *m_next_byte; ++ ++ bool m_valid_ch; ++ cppchar_t m_ch; ++}; ++ ++/* Information for mapping between code points and display columns. ++ ++ This is a tabstop value, along with a callback for getting the ++ widths of characters. Normally this callback is cpp_wcwidth, but we ++ support other schemes for escaping non-ASCII unicode as a series of ++ ASCII chars when printing the user's source code in diagnostic-show-locus.c ++ ++ For example, consider: ++ - the Unicode character U+03C0 "GREEK SMALL LETTER PI" (UTF-8: 0xCF 0x80) ++ - the Unicode character U+1F642 "SLIGHTLY SMILING FACE" ++ (UTF-8: 0xF0 0x9F 0x99 0x82) ++ - the byte 0xBF (a stray trailing byte of a UTF-8 character) ++ Normally U+03C0 would occupy one display column, U+1F642 ++ would occupy two display columns, and the stray byte would be ++ printed verbatim as one display column. ++ ++ However when escaping them as unicode code points as "" ++ and "" they occupy 8 and 9 display columns respectively, ++ and when escaping them as bytes as "<80>" and "<9F><99><82>" ++ they occupy 8 and 16 display columns respectively. In both cases ++ the stray byte is escaped to as 4 display columns. */ ++ ++struct cpp_char_column_policy ++{ ++ cpp_char_column_policy (int tabstop, ++ int (*width_cb) (cppchar_t c)) ++ : m_tabstop (tabstop), ++ m_undecoded_byte_width (1), ++ m_width_cb (width_cb) ++ {} ++ ++ int m_tabstop; ++ /* Width in display columns of a stray byte that isn't decodable ++ as UTF-8. */ ++ int m_undecoded_byte_width; ++ int (*m_width_cb) (cppchar_t c); ++}; ++ + /* A class to manage the state while converting a UTF-8 sequence to cppchar_t + and computing the display width one character at a time. */ + class cpp_display_width_computation { + public: + cpp_display_width_computation (const char *data, int data_length, +- int tabstop); ++ const cpp_char_column_policy &policy); + const char *next_byte () const { return m_next; } + int bytes_processed () const { return m_next - m_begin; } + int bytes_left () const { return m_bytes_left; } + bool done () const { return !bytes_left (); } + int display_cols_processed () const { return m_display_cols; } + +- int process_next_codepoint (); ++ int process_next_codepoint (cpp_decoded_char *out); + int advance_display_cols (int n); + + private: + const char *const m_begin; + const char *m_next; + size_t m_bytes_left; +- const int m_tabstop; ++ const cpp_char_column_policy &m_policy; + int m_display_cols; + }; + + /* Convenience functions that are simple use cases for class + cpp_display_width_computation. Tab characters will be expanded to spaces +- as determined by TABSTOP. */ ++ as determined by POLICY.m_tabstop, and non-printable-ASCII characters ++ will be escaped as per POLICY. */ ++ + int cpp_byte_column_to_display_column (const char *data, int data_length, +- int column, int tabstop); ++ int column, ++ const cpp_char_column_policy &policy); + inline int cpp_display_width (const char *data, int data_length, +- int tabstop) ++ const cpp_char_column_policy &policy) + { + return cpp_byte_column_to_display_column (data, data_length, data_length, +- tabstop); ++ policy); + } + int cpp_display_column_to_byte_column (const char *data, int data_length, +- int display_col, int tabstop); ++ int display_col, ++ const cpp_char_column_policy &policy); + int cpp_wcwidth (cppchar_t c); + + #endif /* ! LIBCPP_CPPLIB_H */ +diff --git a/libcpp/include/line-map.h b/libcpp/include/line-map.h +--- a/libcpp/include/line-map.h 2021-07-27 23:55:08.716307283 -0700 ++++ b/libcpp/include/line-map.h 2021-12-14 01:16:01.557942991 -0800 +@@ -1781,6 +1781,18 @@ class rich_location + const diagnostic_path *get_path () const { return m_path; } + void set_path (const diagnostic_path *path) { m_path = path; } + ++ /* A flag for hinting that the diagnostic involves character encoding ++ issues, and thus that it will be helpful to the user if we show some ++ representation of how the characters in the pertinent source lines ++ are encoded. ++ The default is false (i.e. do not escape). ++ When set to true, non-ASCII bytes in the pertinent source lines will ++ be escaped in a manner controlled by the user-supplied option ++ -fdiagnostics-escape-format=, so that the user can better understand ++ what's going on with the encoding in their source file. */ ++ bool escape_on_output_p () const { return m_escape_on_output; } ++ void set_escape_on_output (bool flag) { m_escape_on_output = flag; } ++ + private: + bool reject_impossible_fixit (location_t where); + void stop_supporting_fixits (); +@@ -1807,6 +1819,7 @@ protected: + bool m_fixits_cannot_be_auto_applied; + + const diagnostic_path *m_path; ++ bool m_escape_on_output; + }; + + /* A struct for the result of range_label::get_text: a NUL-terminated buffer +diff --git a/libcpp/internal.h b/libcpp/internal.h +--- a/libcpp/internal.h 2021-12-13 23:23:05.768437079 -0800 ++++ b/libcpp/internal.h 2021-12-14 01:16:01.557942991 -0800 +@@ -776,6 +776,9 @@ extern void _cpp_do_file_change (cpp_rea + extern void _cpp_pop_buffer (cpp_reader *); + extern char *_cpp_bracket_include (cpp_reader *); + ++/* In errors.c */ ++extern location_t cpp_diagnostic_get_current_location (cpp_reader *); ++ + /* In traditional.c. */ + extern bool _cpp_scan_out_logical_line (cpp_reader *, cpp_macro *, bool); + extern bool _cpp_read_logical_line_trad (cpp_reader *); +@@ -942,6 +945,26 @@ int linemap_get_expansion_line (class li + const char* linemap_get_expansion_filename (class line_maps *, + location_t); + ++/* A subclass of rich_location for emitting a diagnostic ++ at the current location of the reader, but flagging ++ it with set_escape_on_output (true). */ ++class encoding_rich_location : public rich_location ++{ ++ public: ++ encoding_rich_location (cpp_reader *pfile) ++ : rich_location (pfile->line_table, ++ cpp_diagnostic_get_current_location (pfile)) ++ { ++ set_escape_on_output (true); ++ } ++ ++ encoding_rich_location (cpp_reader *pfile, location_t loc) ++ : rich_location (pfile->line_table, loc) ++ { ++ set_escape_on_output (true); ++ } ++}; ++ + #ifdef __cplusplus + } + #endif +diff --git a/libcpp/lex.c b/libcpp/lex.c +--- a/libcpp/lex.c 2021-12-14 01:14:48.435225968 -0800 ++++ b/libcpp/lex.c 2021-12-14 01:24:37.220995816 -0800 +@@ -1774,7 +1774,11 @@ skip_whitespace (cpp_reader *pfile, cppc + while (is_nvspace (c)); + + if (saw_NUL) +- cpp_error (pfile, CPP_DL_WARNING, "null character(s) ignored"); ++ { ++ encoding_rich_location rich_loc (pfile); ++ cpp_error_at (pfile, CPP_DL_WARNING, &rich_loc, ++ "null character(s) ignored"); ++ } + + buffer->cur--; + } +@@ -1803,6 +1807,28 @@ warn_about_normalization (cpp_reader *pf + if (CPP_OPTION (pfile, warn_normalize) < NORMALIZE_STATE_RESULT (s) + && !pfile->state.skipping) + { ++ location_t loc = token->src_loc; ++ ++ /* If possible, create a location range for the token. */ ++ if (loc >= RESERVED_LOCATION_COUNT ++ && token->type != CPP_EOF ++ /* There must be no line notes to process. */ ++ && (!(pfile->buffer->cur ++ >= pfile->buffer->notes[pfile->buffer->cur_note].pos ++ && !pfile->overlaid_buffer))) ++ { ++ source_range tok_range; ++ tok_range.m_start = loc; ++ tok_range.m_finish ++ = linemap_position_for_column (pfile->line_table, ++ CPP_BUF_COLUMN (pfile->buffer, ++ pfile->buffer->cur)); ++ loc = COMBINE_LOCATION_DATA (pfile->line_table, ++ loc, tok_range, NULL); ++ } ++ ++ encoding_rich_location rich_loc (pfile, loc); ++ + /* Make sure that the token is printed using UCNs, even + if we'd otherwise happily print UTF-8. */ + unsigned char *buf = XNEWVEC (unsigned char, cpp_token_len (token)); +@@ -1810,11 +1836,11 @@ warn_about_normalization (cpp_reader *pf + + sz = cpp_spell_token (pfile, token, buf, false) - buf; + if (NORMALIZE_STATE_RESULT (s) == normalized_C) +- cpp_warning_with_line (pfile, CPP_W_NORMALIZE, token->src_loc, 0, +- "`%.*s' is not in NFKC", (int) sz, buf); ++ cpp_warning_at (pfile, CPP_W_NORMALIZE, &rich_loc, ++ "`%.*s' is not in NFKC", (int) sz, buf); + else +- cpp_warning_with_line (pfile, CPP_W_NORMALIZE, token->src_loc, 0, +- "`%.*s' is not in NFC", (int) sz, buf); ++ cpp_warning_at (pfile, CPP_W_NORMALIZE, &rich_loc, ++ "`%.*s' is not in NFC", (int) sz, buf); + free (buf); + } + } +diff --git a/libcpp/line-map.c b/libcpp/line-map.c +--- a/libcpp/line-map.c 2021-07-27 23:55:08.716307283 -0700 ++++ b/libcpp/line-map.c 2021-12-14 01:16:01.561942921 -0800 +@@ -2086,7 +2086,8 @@ rich_location::rich_location (line_maps + m_fixit_hints (), + m_seen_impossible_fixit (false), + m_fixits_cannot_be_auto_applied (false), +- m_path (NULL) ++ m_path (NULL), ++ m_escape_on_output (false) + { + add_range (loc, SHOW_RANGE_WITH_CARET, label); + } diff --git a/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch b/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch new file mode 100644 index 0000000000..98841e6d7c --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch @@ -0,0 +1,39 @@ +From 574e7950bd6b34e9e2cacce18c802b45505d1d0a Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw +Date: Fri, 18 Jun 2021 17:16:25 +0100 +Subject: [PATCH] arm: add erratum mitigation to __gnu_cmse_nonsecure_call + [PR102035] + +Add the recommended erratum mitigation sequence to +__gnu_cmse_nonsecure_call for use on Armv8-m.main devices. Since this +is in the library code we cannot know in advance whether the core we +are running on will be affected by this, so always enable it. + +libgcc: + PR target/102035 + * config/arm/cmse_nonsecure_call.S (__gnu_cmse_nonsecure_call): + Add vlldm erratum work-around. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a] +Signed-off-by: Pgowda + +--- + libgcc/config/arm/cmse_nonsecure_call.S | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/libgcc/config/arm/cmse_nonsecure_call.S b/libgcc/config/arm/cmse_nonsecure_call.S +--- a/libgcc/config/arm/cmse_nonsecure_call.S ++++ b/libgcc/config/arm/cmse_nonsecure_call.S +@@ -102,6 +102,11 @@ blxns r4 + #ifdef __ARM_PCS_VFP + vpop.f64 {d8-d15} + #else ++/* VLLDM erratum mitigation sequence. */ ++mrs r5, control ++tst r5, #8 /* CONTROL_S.SFPA */ ++it ne ++.inst.w 0xeeb00a40 /* vmovne s0, s0 */ + vlldm sp /* Lazy restore of d0-d16 and FPSCR. */ + add sp, sp, #0x88 /* Free space used to save floating point registers. */ + #endif /* __ARM_PCS_VFP */ diff --git a/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch b/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch new file mode 100644 index 0000000000..9bad81d4d0 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch @@ -0,0 +1,1765 @@ +From 51c500269bf53749b107807d84271385fad35628 Mon Sep 17 00:00:00 2001 +From: Marek Polacek +Date: Wed, 6 Oct 2021 14:33:59 -0400 +Subject: [PATCH] libcpp: Implement -Wbidi-chars for CVE-2021-42574 [PR103026] + +From a link below: +"An issue was discovered in the Bidirectional Algorithm in the Unicode +Specification through 14.0. It permits the visual reordering of +characters via control sequences, which can be used to craft source code +that renders different logic than the logical ordering of tokens +ingested by compilers and interpreters. Adversaries can leverage this to +encode source code for compilers accepting Unicode such that targeted +vulnerabilities are introduced invisibly to human reviewers." + +More info: +https://nvd.nist.gov/vuln/detail/CVE-2021-42574 +https://trojansource.codes/ + +This is not a compiler bug. However, to mitigate the problem, this patch +implements -Wbidi-chars=[none|unpaired|any] to warn about possibly +misleading Unicode bidirectional control characters the preprocessor may +encounter. + +The default is =unpaired, which warns about improperly terminated +bidirectional control characters; e.g. a LRE without its corresponding PDF. +The level =any warns about any use of bidirectional control characters. + +This patch handles both UCNs and UTF-8 characters. UCNs designating +bidi characters in identifiers are accepted since r204886. Then r217144 +enabled -fextended-identifiers by default. Extended characters in C/C++ +identifiers have been accepted since r275979. However, this patch still +warns about mixing UTF-8 and UCN bidi characters; there seems to be no +good reason to allow mixing them. + +We warn in different contexts: comments (both C and C++-style), string +literals, character constants, and identifiers. Expectedly, UCNs are ignored +in comments and raw string literals. The bidirectional control characters +can nest so this patch handles that as well. + +I have not included nor tested this at all with Fortran (which also has +string literals and line comments). + +Dave M. posted patches improving diagnostic involving Unicode characters. +This patch does not make use of this new infrastructure yet. + + PR preprocessor/103026 + +gcc/c-family/ChangeLog: + + * c.opt (Wbidi-chars, Wbidi-chars=): New option. + +gcc/ChangeLog: + + * doc/invoke.texi: Document -Wbidi-chars. + +libcpp/ChangeLog: + + * include/cpplib.h (enum cpp_bidirectional_level): New. + (struct cpp_options): Add cpp_warn_bidirectional. + (enum cpp_warning_reason): Add CPP_W_BIDIRECTIONAL. + * internal.h (struct cpp_reader): Add warn_bidi_p member + function. + * init.c (cpp_create_reader): Set cpp_warn_bidirectional. + * lex.c (bidi): New namespace. + (get_bidi_utf8): New function. + (get_bidi_ucn): Likewise. + (maybe_warn_bidi_on_close): Likewise. + (maybe_warn_bidi_on_char): Likewise. + (_cpp_skip_block_comment): Implement warning about bidirectional + control characters. + (skip_line_comment): Likewise. + (forms_identifier_p): Likewise. + (lex_identifier): Likewise. + (lex_string): Likewise. + (lex_raw_string): Likewise. + +gcc/testsuite/ChangeLog: + + * c-c++-common/Wbidi-chars-1.c: New test. + * c-c++-common/Wbidi-chars-2.c: New test. + * c-c++-common/Wbidi-chars-3.c: New test. + * c-c++-common/Wbidi-chars-4.c: New test. + * c-c++-common/Wbidi-chars-5.c: New test. + * c-c++-common/Wbidi-chars-6.c: New test. + * c-c++-common/Wbidi-chars-7.c: New test. + * c-c++-common/Wbidi-chars-8.c: New test. + * c-c++-common/Wbidi-chars-9.c: New test. + * c-c++-common/Wbidi-chars-10.c: New test. + * c-c++-common/Wbidi-chars-11.c: New test. + * c-c++-common/Wbidi-chars-12.c: New test. + * c-c++-common/Wbidi-chars-13.c: New test. + * c-c++-common/Wbidi-chars-14.c: New test. + * c-c++-common/Wbidi-chars-15.c: New test. + * c-c++-common/Wbidi-chars-16.c: New test. + * c-c++-common/Wbidi-chars-17.c: New test. + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=51c500269bf53749b107807d84271385fad35628] +Signed-off-by: Pgowda + +--- + gcc/c-family/c.opt | 24 ++ + gcc/doc/invoke.texi | 21 +- + gcc/testsuite/c-c++-common/Wbidi-chars-1.c | 12 + + gcc/testsuite/c-c++-common/Wbidi-chars-10.c | 27 ++ + gcc/testsuite/c-c++-common/Wbidi-chars-11.c | 13 + + gcc/testsuite/c-c++-common/Wbidi-chars-12.c | 19 + + gcc/testsuite/c-c++-common/Wbidi-chars-13.c | 17 + + gcc/testsuite/c-c++-common/Wbidi-chars-14.c | 38 ++ + gcc/testsuite/c-c++-common/Wbidi-chars-15.c | 59 +++ + gcc/testsuite/c-c++-common/Wbidi-chars-16.c | 26 ++ + gcc/testsuite/c-c++-common/Wbidi-chars-17.c | 30 ++ + gcc/testsuite/c-c++-common/Wbidi-chars-2.c | 9 + + gcc/testsuite/c-c++-common/Wbidi-chars-3.c | 11 + + gcc/testsuite/c-c++-common/Wbidi-chars-4.c | 188 +++++++++ + gcc/testsuite/c-c++-common/Wbidi-chars-5.c | 188 +++++++++ + gcc/testsuite/c-c++-common/Wbidi-chars-6.c | 155 ++++++++ + gcc/testsuite/c-c++-common/Wbidi-chars-7.c | 9 + + gcc/testsuite/c-c++-common/Wbidi-chars-8.c | 13 + + gcc/testsuite/c-c++-common/Wbidi-chars-9.c | 29 ++ + libcpp/include/cpplib.h | 18 +- + libcpp/init.c | 1 + + libcpp/internal.h | 7 + + libcpp/lex.c | 408 +++++++++++++++++++- + 23 files changed, 1315 insertions(+), 7 deletions(-) + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-1.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-10.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-11.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-12.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-13.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-14.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-15.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-16.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-17.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-2.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-3.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-4.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-5.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-6.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-7.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-8.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-9.c + +diff --git a/gcc/c-family/c.opt b/gcc/c-family/c.opt +index 8a4cd634f77..3976fc368db 100644 +--- a/gcc/c-family/c.opt ++++ b/gcc/c-family/c.opt +@@ -370,6 +370,30 @@ Wbad-function-cast + C ObjC Var(warn_bad_function_cast) Warning + Warn about casting functions to incompatible types. + ++Wbidi-chars ++C ObjC C++ ObjC++ Warning Alias(Wbidi-chars=,any,none) ++; ++ ++Wbidi-chars= ++C ObjC C++ ObjC++ RejectNegative Joined Warning CPP(cpp_warn_bidirectional) CppReason(CPP_W_BIDIRECTIONAL) Var(warn_bidirectional) Init(bidirectional_unpaired) Enum(cpp_bidirectional_level) ++-Wbidi-chars=[none|unpaired|any] Warn about UTF-8 bidirectional control characters. ++ ++; Required for these enum values. ++SourceInclude ++cpplib.h ++ ++Enum ++Name(cpp_bidirectional_level) Type(int) UnknownError(argument %qs to %<-Wbidi-chars%> not recognized) ++ ++EnumValue ++Enum(cpp_bidirectional_level) String(none) Value(bidirectional_none) ++ ++EnumValue ++Enum(cpp_bidirectional_level) String(unpaired) Value(bidirectional_unpaired) ++ ++EnumValue ++Enum(cpp_bidirectional_level) String(any) Value(bidirectional_any) ++ + Wbool-compare + C ObjC C++ ObjC++ Var(warn_bool_compare) Warning LangEnabledBy(C ObjC C++ ObjC++,Wall) + Warn about boolean expression compared with an integer value different from true/false. +diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +index 6070288856c..a22758d18ee 100644 +--- a/gcc/doc/invoke.texi ++++ b/gcc/doc/invoke.texi +@@ -326,7 +326,9 @@ Objective-C and Objective-C++ Dialects}. + -Warith-conversion @gol + -Warray-bounds -Warray-bounds=@var{n} @gol + -Wno-attributes -Wattribute-alias=@var{n} -Wno-attribute-alias @gol +--Wno-attribute-warning -Wbool-compare -Wbool-operation @gol ++-Wno-attribute-warning @gol ++-Wbidi-chars=@r{[}none@r{|}unpaired@r{|}any@r{]} @gol ++-Wbool-compare -Wbool-operation @gol + -Wno-builtin-declaration-mismatch @gol + -Wno-builtin-macro-redefined -Wc90-c99-compat -Wc99-c11-compat @gol + -Wc11-c2x-compat @gol +@@ -7559,6 +7561,23 @@ Attributes considered include @code{allo + This is the default. You can disable these warnings with either + @option{-Wno-attribute-alias} or @option{-Wattribute-alias=0}. + ++@item -Wbidi-chars=@r{[}none@r{|}unpaired@r{|}any@r{]} ++@opindex Wbidi-chars= ++@opindex Wbidi-chars ++@opindex Wno-bidi-chars ++Warn about possibly misleading UTF-8 bidirectional control characters in ++comments, string literals, character constants, and identifiers. Such ++characters can change left-to-right writing direction into right-to-left ++(and vice versa), which can cause confusion between the logical order and ++visual order. This may be dangerous; for instance, it may seem that a piece ++of code is not commented out, whereas it in fact is. ++ ++There are three levels of warning supported by GCC@. The default is ++@option{-Wbidi-chars=unpaired}, which warns about improperly terminated ++bidi contexts. @option{-Wbidi-chars=none} turns the warning off. ++@option{-Wbidi-chars=any} warns about any use of bidirectional control ++characters. ++ + @item -Wbool-compare + @opindex Wno-bool-compare + @opindex Wbool-compare +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-10.c b/gcc/testsuite/c-c++-common/Wbidi-chars-10.c +new file mode 100644 +index 00000000000..34f5ac19271 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-10.c +@@ -0,0 +1,27 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* More nesting testing. */ ++ ++/* RLEâ« LRI⦠PDF⬠PDIâ©*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int LRE_\u202a_PDF_\u202c; ++int LRE_\u202a_PDF_\u202c_LRE_\u202a_PDF_\u202c; ++int LRE_\u202a_LRI_\u2066_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLE_\u202b_RLI_\u2067_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLE_\u202b_RLI_\u2067_PDI_\u2069_PDF_\u202c; ++int FSI_\u2068_LRO_\u202d_PDI_\u2069_PDF_\u202c; ++int FSI_\u2068; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int FSI_\u2068_PDI_\u2069; ++int FSI_\u2068_FSI_\u2068_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069; ++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDF_\u202c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_FSI_\u2068_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-11.c b/gcc/testsuite/c-c++-common/Wbidi-chars-11.c +new file mode 100644 +index 00000000000..270ce2368a9 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-11.c +@@ -0,0 +1,13 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test that we warn when mixing UCN and UTF-8. */ ++ ++int LRE_âª_PDF_\u202c; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++int LRE_\u202a_PDF_â¬_; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++const char *s1 = "LRE_âª_PDF_\u202c"; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++const char *s2 = "LRE_\u202a_PDF_â¬"; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-12.c b/gcc/testsuite/c-c++-common/Wbidi-chars-12.c +new file mode 100644 +index 00000000000..b07eec1da91 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-12.c +@@ -0,0 +1,19 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile { target { c || c++11 } } } */ ++/* { dg-options "-Wbidi-chars=any" } */ ++/* Test raw strings. */ ++ ++const char *s1 = R"(a b c LRE⪠1 2 3 PDF⬠x y z)"; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++const char *s2 = R"(a b c RLEâ« 1 2 3 PDF⬠x y z)"; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++const char *s3 = R"(a b c LROâ­ 1 2 3 PDF⬠x y z)"; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++const char *s4 = R"(a b c RLOâ® 1 2 3 PDF⬠x y z)"; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++const char *s7 = R"(a b c FSI⨠1 2 3 PDIâ© x y) z"; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++const char *s8 = R"(a b c PDIâ© x y )z"; ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++const char *s9 = R"(a b c PDF⬠x y z)"; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ +diff -uprN '-x*.orig' '-x*.rej' del/gcc-11.2.0/gcc/testsuite/c-c++-common/Wbidi-chars-13.c gcc-11.2.0/gcc/testsuite/c-c++-common/Wbidi-chars-13.c +--- del/gcc-11.2.0/gcc/testsuite/c-c++-common/Wbidi-chars-13.c 1969-12-31 16:00:00.000000000 -0800 ++++ gcc-11.2.0/gcc/testsuite/c-c++-common/Wbidi-chars-13.c 2021-12-13 23:11:22.328439287 -0800 +@@ -0,0 +1,17 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile { target { c || c++11 } } } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test raw strings. */ ++ ++const char *s1 = R"(a b c LRE⪠1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s2 = R"(a b c RLEâ« 1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s3 = R"(a b c LROâ­ 1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s4 = R"(a b c FSI⨠1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s5 = R"(a b c LRI⦠1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s6 = R"(a b c RLI⧠1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-14.c b/gcc/testsuite/c-c++-common/Wbidi-chars-14.c +new file mode 100644 +index 00000000000..ba5f75d9553 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-14.c +@@ -0,0 +1,38 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test PDI handling, which also pops any subsequent LREs, RLEs, LROs, ++ or RLOs. */ ++ ++/* LRI_â¦_LRI_â¦_RLE_â«_RLE_â«_RLE_â«_PDI_â©*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// LRI_â¦_RLE_â«_RLE_â«_RLE_â«_PDI_â© ++// LRI_â¦_RLO_â®_RLE_â«_RLE_â«_PDI_â© ++// LRI_â¦_RLO_â®_RLE_â«_PDI_â© ++// FSI_â¨_RLO_â®_PDI_â© ++// FSI_â¨_FSI_â¨_RLO_â®_PDI_â© ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++int LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069_PDI_\u2069; ++int LRI_\u2066_LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int PDI_\u2069; ++int LRI_\u2066_PDI_\u2069; ++int RLI_\u2067_PDI_\u2069; ++int LRE_\u202a_LRI_\u2066_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int LRI_\u2066_LRE_\u202a_PDF_\u202c_PDI_\u2069; ++int LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069; ++int RLI_\u2067_LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int FSI_\u2068_LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLO_\u202e_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLI_\u2067_PDI_\u2069_RLI_\u2067; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int FSI_\u2068_PDF_\u202c_PDI_\u2069; ++int FSI_\u2068_FSI_\u2068_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-15.c b/gcc/testsuite/c-c++-common/Wbidi-chars-15.c +new file mode 100644 +index 00000000000..a0ce8ff5e2c +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-15.c +@@ -0,0 +1,59 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test unpaired bidi control chars in multiline comments. */ ++ ++/* ++ * LRE⪠end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * RLEâ« end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * LROâ­ end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * RLOâ® end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * LRI⦠end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * RLI⧠end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * FSI⨠end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* LRE⪠++ PDF⬠*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* FSI⨠++ PDIâ© */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++ ++/* LRE<âª> ++ * ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-3 } */ ++ ++/* ++ * LRE<âª> ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++ ++/* ++ * ++ * LRE<âª> */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* RLI<â§> */ /* PDI<â©> */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* LRE<âª> */ /* PDF<â¬> */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-16.c b/gcc/testsuite/c-c++-common/Wbidi-chars-16.c +new file mode 100644 +index 00000000000..baa0159861c +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-16.c +@@ -0,0 +1,26 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=any" } */ ++/* Test LTR/RTL chars. */ ++ ++/* LTR<â> */ ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++// LTR<â> ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++/* RTL<â> */ ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ ++// RTL<â> ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ ++ ++const char *s1 = "LTR<â>"; ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++const char *s2 = "LTR\u200e"; ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++const char *s3 = "LTR\u200E"; ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++const char *s4 = "RTL<â>"; ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ ++const char *s5 = "RTL\u200f"; ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ ++const char *s6 = "RTL\u200F"; ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-17.c b/gcc/testsuite/c-c++-common/Wbidi-chars-17.c +new file mode 100644 +index 00000000000..07cb4321f96 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-17.c +@@ -0,0 +1,30 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test LTR/RTL chars. */ ++ ++/* LTR<â> */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// LTR<â> ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* RTL<â> */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// RTL<â> ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int ltr_\u200e; ++/* { dg-error "universal character " "" { target *-*-* } .-1 } */ ++int rtl_\u200f; ++/* { dg-error "universal character " "" { target *-*-* } .-1 } */ ++ ++const char *s1 = "LTR<â>"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s2 = "LTR\u200e"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s3 = "LTR\u200E"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s4 = "RTL<â>"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s5 = "RTL\u200f"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s6 = "RTL\u200F"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-1.c b/gcc/testsuite/c-c++-common/Wbidi-chars-1.c +new file mode 100644 +index 00000000000..2340374f276 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-1.c +@@ -0,0 +1,12 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++ ++int main() { ++ int isAdmin = 0; ++ /*â® } â¦if (isAdmin)⩠⦠begin admins only */ ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++ __builtin_printf("You are an admin.\n"); ++ /* end admins only â® { â¦*/ ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++ return 0; ++} +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-2.c b/gcc/testsuite/c-c++-common/Wbidi-chars-2.c +new file mode 100644 +index 00000000000..2340374f276 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-2.c +@@ -0,0 +1,9 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++ ++int main() { ++ /* Say hello; newlineâ§/*/ return 0 ; ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++ __builtin_printf("Hello world.\n"); ++ return 0; ++} +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-3.c b/gcc/testsuite/c-c++-common/Wbidi-chars-3.c +new file mode 100644 +index 00000000000..9dc7edb6e64 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-3.c +@@ -0,0 +1,11 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++ ++int main() { ++ const char* access_level = "user"; ++ if (__builtin_strcmp(access_level, "userâ® â¦// Check if adminâ© â¦")) { ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++ __builtin_printf("You are an admin.\n"); ++ } ++ return 0; ++} +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-4.c b/gcc/testsuite/c-c++-common/Wbidi-chars-4.c +new file mode 100644 +index 00000000000..639e5c62e88 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-4.c +@@ -0,0 +1,188 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=any -Wno-multichar -Wno-overflow" } */ ++/* Test all bidi chars in various contexts (identifiers, comments, ++ string literals, character constants), both UCN and UTF-8. The bidi ++ chars here are properly terminated, except for the character constants. */ ++ ++/* a b c LRE⪠1 2 3 PDF⬠x y z */ ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++/* a b c RLEâ« 1 2 3 PDF⬠x y z */ ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++/* a b c LROâ­ 1 2 3 PDF⬠x y z */ ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++/* a b c RLOâ® 1 2 3 PDF⬠x y z */ ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++/* a b c LRI⦠1 2 3 PDIâ© x y z */ ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++/* a b c RLI⧠1 2 3 PDIâ© x y */ ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++/* a b c FSI⨠1 2 3 PDIâ© x y z */ ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++ ++/* Same but C++ comments instead. */ ++// a b c LRE⪠1 2 3 PDF⬠x y z ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++// a b c RLEâ« 1 2 3 PDF⬠x y z ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++// a b c LROâ­ 1 2 3 PDF⬠x y z ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++// a b c RLOâ® 1 2 3 PDF⬠x y z ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++// a b c LRI⦠1 2 3 PDIâ© x y z ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++// a b c RLI⧠1 2 3 PDIâ© x y ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++// a b c FSI⨠1 2 3 PDIâ© x y z ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++ ++/* Here we're closing an unopened context, warn when =any. */ ++/* a b c PDIâ© x y z */ ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++/* a b c PDF⬠x y z */ ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++// a b c PDIâ© x y z ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++// a b c PDF⬠x y z ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++ ++/* Multiline comments. */ ++/* a b c PDIâ© x y z ++ */ ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-2 } */ ++/* a b c PDF⬠x y z ++ */ ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDIâ© x y z ++ */ ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDF⬠x y z ++ */ ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDIâ© x y z */ ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++/* first ++ a b c PDF⬠x y z */ ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++ ++void ++g1 () ++{ ++ const char *s1 = "a b c LRE⪠1 2 3 PDF⬠x y z"; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char *s2 = "a b c RLEâ« 1 2 3 PDF⬠x y z"; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char *s3 = "a b c LROâ­ 1 2 3 PDF⬠x y z"; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char *s4 = "a b c RLOâ® 1 2 3 PDF⬠x y z"; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char *s5 = "a b c LRI⦠1 2 3 PDIâ© x y z"; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++ const char *s6 = "a b c RLI⧠1 2 3 PDIâ© x y z"; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++ const char *s7 = "a b c FSI⨠1 2 3 PDIâ© x y z"; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++ const char *s8 = "a b c PDIâ© x y z"; ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++ const char *s9 = "a b c PDF⬠x y z"; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++ ++ const char *s10 = "a b c LRE\u202a 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char *s11 = "a b c LRE\u202A 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char *s12 = "a b c RLE\u202b 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char *s13 = "a b c RLE\u202B 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char *s14 = "a b c LRO\u202d 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char *s15 = "a b c LRO\u202D 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char *s16 = "a b c RLO\u202e 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char *s17 = "a b c RLO\u202E 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char *s18 = "a b c LRI\u2066 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++ const char *s19 = "a b c RLI\u2067 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++ const char *s20 = "a b c FSI\u2068 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++} ++ ++void ++g2 () ++{ ++ const char c1 = '\u202a'; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char c2 = '\u202A'; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char c3 = '\u202b'; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char c4 = '\u202B'; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char c5 = '\u202d'; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char c6 = '\u202D'; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char c7 = '\u202e'; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char c8 = '\u202E'; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char c9 = '\u2066'; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++ const char c10 = '\u2067'; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++ const char c11 = '\u2068'; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++} ++ ++int aâªbâ¬c; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int aâ«bâ¬c; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++int aâ­bâ¬c; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++int aâ®bâ¬c; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++int aâ¦bâ©c; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++int aâ§bâ©c; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++int aâ¨bâ©c; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++int Aâ¬X; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++int A\u202cY; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++int A\u202CY2; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++ ++int d\u202ae\u202cf; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int d\u202Ae\u202cf2; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int d\u202be\u202cf; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++int d\u202Be\u202cf2; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++int d\u202de\u202cf; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++int d\u202De\u202cf2; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++int d\u202ee\u202cf; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++int d\u202Ee\u202cf2; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++int d\u2066e\u2069f; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++int d\u2067e\u2069f; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++int d\u2068e\u2069f; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++int X\u2069; ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-5.c b/gcc/testsuite/c-c++-common/Wbidi-chars-5.c +new file mode 100644 +index 00000000000..68cb053144b +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-5.c +@@ -0,0 +1,188 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired -Wno-multichar -Wno-overflow" } */ ++/* Test all bidi chars in various contexts (identifiers, comments, ++ string literals, character constants), both UCN and UTF-8. The bidi ++ chars here are properly terminated, except for the character constants. */ ++ ++/* a b c LRE⪠1 2 3 PDF⬠x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLEâ« 1 2 3 PDF⬠x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c LROâ­ 1 2 3 PDF⬠x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLOâ® 1 2 3 PDF⬠x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c LRI⦠1 2 3 PDIâ© x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLI⧠1 2 3 PDIâ© x y */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c FSI⨠1 2 3 PDIâ© x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* Same but C++ comments instead. */ ++// a b c LRE⪠1 2 3 PDF⬠x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLEâ« 1 2 3 PDF⬠x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c LROâ­ 1 2 3 PDF⬠x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLOâ® 1 2 3 PDF⬠x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c LRI⦠1 2 3 PDIâ© x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLI⧠1 2 3 PDIâ© x y ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c FSI⨠1 2 3 PDIâ© x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* Here we're closing an unopened context, warn when =any. */ ++/* a b c PDIâ© x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c PDF⬠x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c PDIâ© x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c PDF⬠x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* Multiline comments. */ ++/* a b c PDIâ© x y z ++ */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */ ++/* a b c PDF⬠x y z ++ */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDIâ© x y z ++ */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDF⬠x y z ++ */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDIâ© x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* first ++ a b c PDF⬠x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++void ++g1 () ++{ ++ const char *s1 = "a b c LRE⪠1 2 3 PDF⬠x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s2 = "a b c RLEâ« 1 2 3 PDF⬠x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s3 = "a b c LROâ­ 1 2 3 PDF⬠x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s4 = "a b c RLOâ® 1 2 3 PDF⬠x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s5 = "a b c LRI⦠1 2 3 PDIâ© x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s6 = "a b c RLI⧠1 2 3 PDIâ© x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s7 = "a b c FSI⨠1 2 3 PDIâ© x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s8 = "a b c PDIâ© x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s9 = "a b c PDF⬠x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++ const char *s10 = "a b c LRE\u202a 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s11 = "a b c LRE\u202A 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s12 = "a b c RLE\u202b 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s13 = "a b c RLE\u202B 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s14 = "a b c LRO\u202d 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s15 = "a b c LRO\u202D 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s16 = "a b c RLO\u202e 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s17 = "a b c RLO\u202E 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s18 = "a b c LRI\u2066 1 2 3 PDI\u2069 x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s19 = "a b c RLI\u2067 1 2 3 PDI\u2069 x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s20 = "a b c FSI\u2068 1 2 3 PDI\u2069 x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++} ++ ++void ++g2 () ++{ ++ const char c1 = '\u202a'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c2 = '\u202A'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c3 = '\u202b'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c4 = '\u202B'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c5 = '\u202d'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c6 = '\u202D'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c7 = '\u202e'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c8 = '\u202E'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c9 = '\u2066'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c10 = '\u2067'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c11 = '\u2068'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++} ++ ++int aâªbâ¬c; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int aâ«bâ¬c; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int aâ­bâ¬c; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int aâ®bâ¬c; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int aâ¦bâ©c; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int aâ§bâ©c; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int aâ¨bâ©c; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int Aâ¬X; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int A\u202cY; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int A\u202CY2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++int d\u202ae\u202cf; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202Ae\u202cf2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202be\u202cf; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202Be\u202cf2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202de\u202cf; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202De\u202cf2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202ee\u202cf; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202Ee\u202cf2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u2066e\u2069f; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u2067e\u2069f; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u2068e\u2069f; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int X\u2069; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-6.c b/gcc/testsuite/c-c++-common/Wbidi-chars-6.c +new file mode 100644 +index 00000000000..0ce6fff2dee +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-6.c +@@ -0,0 +1,155 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test nesting of bidi chars in various contexts. */ ++ ++/* Terminated by the wrong char: */ ++/* a b c LRE⪠1 2 3 PDIâ© x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLEâ« 1 2 3 PDIâ© x y z*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c LROâ­ 1 2 3 PDIâ© x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLOâ® 1 2 3 PDIâ© x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c LRI⦠1 2 3 PDF⬠x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLI⧠1 2 3 PDF⬠x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c FSI⨠1 2 3 PDF⬠x y z*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* LRE⪠PDF⬠*/ ++/* LRE⪠LRE⪠PDF⬠PDF⬠*/ ++/* PDF⬠LRE⪠PDF⬠*/ ++/* LRE⪠PDF⬠LRE⪠PDF⬠*/ ++/* LRE⪠LRE⪠PDF⬠*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* PDF⬠LRE⪠*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++// a b c LRE⪠1 2 3 PDIâ© x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLEâ« 1 2 3 PDIâ© x y z*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c LROâ­ 1 2 3 PDIâ© x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLOâ® 1 2 3 PDIâ© x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c LRI⦠1 2 3 PDF⬠x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLI⧠1 2 3 PDF⬠x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c FSI⨠1 2 3 PDF⬠x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++// LRE⪠PDF⬠++// LRE⪠LRE⪠PDF⬠PDF⬠++// PDF⬠LRE⪠PDF⬠++// LRE⪠PDF⬠LRE⪠PDF⬠++// LRE⪠LRE⪠PDF⬠++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// PDF⬠LRE⪠++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++void ++g1 () ++{ ++ const char *s1 = "a b c LRE⪠1 2 3 PDIâ© x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s2 = "a b c LRE\u202a 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s3 = "a b c RLEâ« 1 2 3 PDIâ© x y "; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s4 = "a b c RLE\u202b 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s5 = "a b c LROâ­ 1 2 3 PDIâ© x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s6 = "a b c LRO\u202d 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s7 = "a b c RLOâ® 1 2 3 PDIâ© x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s8 = "a b c RLO\u202e 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s9 = "a b c LRI⦠1 2 3 PDF⬠x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s10 = "a b c LRI\u2066 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s11 = "a b c RLI⧠1 2 3 PDF⬠x y z\ ++ "; ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++ const char *s12 = "a b c RLI\u2067 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s13 = "a b c FSI⨠1 2 3 PDF⬠x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s14 = "a b c FSI\u2068 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s15 = "PDF⬠LREâª"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s16 = "PDF\u202c LRE\u202a"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s17 = "LRE⪠PDFâ¬"; ++ const char *s18 = "LRE\u202a PDF\u202c"; ++ const char *s19 = "LRE⪠LRE⪠PDF⬠PDFâ¬"; ++ const char *s20 = "LRE\u202a LRE\u202a PDF\u202c PDF\u202c"; ++ const char *s21 = "PDF⬠LRE⪠PDFâ¬"; ++ const char *s22 = "PDF\u202c LRE\u202a PDF\u202c"; ++ const char *s23 = "LRE⪠LRE⪠PDFâ¬"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s24 = "LRE\u202a LRE\u202a PDF\u202c"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s25 = "PDF⬠LREâª"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s26 = "PDF\u202c LRE\u202a"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s27 = "PDF⬠LRE\u202a"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s28 = "PDF\u202c LREâª"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++} ++ ++int aLREâªbPDIâ©; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int A\u202aB\u2069C; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aRLEâ«bPDIâ©; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u202bB\u2069c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aLROâ­bPDIâ©; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u202db\u2069c2; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aRLOâ®bPDIâ©; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u202eb\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aLRIâ¦bPDFâ¬; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u2066b\u202c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aRLIâ§bPDFâ¬c ++; ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++int a\u2067b\u202c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aFSIâ¨bPDFâ¬; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u2068b\u202c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aFSIâ¨bPD\u202C; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aFSI\u2068bPDFâ¬_; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aLREâªbPDFâ¬b; ++int A\u202aB\u202c; ++int a_LREâª_LREâª_b_PDFâ¬_PDFâ¬; ++int A\u202aA\u202aB\u202cB\u202c; ++int aPDFâ¬bLREadPDFâ¬; ++int a_\u202C_\u202a_\u202c; ++int a_LREâª_b_PDFâ¬_c_LREâª_PDFâ¬; ++int a_\u202a_\u202c_\u202a_\u202c_; ++int a_LREâª_b_PDFâ¬_c_LREâª; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a_\u202a_\u202c_\u202a_; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-7.c b/gcc/testsuite/c-c++-common/Wbidi-chars-7.c +new file mode 100644 +index 00000000000..d012d420ec0 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-7.c +@@ -0,0 +1,9 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=any" } */ ++/* Test we ignore UCNs in comments. */ ++ ++// a b c \u202a 1 2 3 ++// a b c \u202A 1 2 3 ++/* a b c \u202a 1 2 3 */ ++/* a b c \u202A 1 2 3 */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-8.c b/gcc/testsuite/c-c++-common/Wbidi-chars-8.c +new file mode 100644 +index 00000000000..4f54c5092ec +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-8.c +@@ -0,0 +1,13 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=any" } */ ++/* Test \u vs \U. */ ++ ++int a_\u202A; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int a_\u202a_2; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int a_\U0000202A_3; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int a_\U0000202a_4; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-9.c b/gcc/testsuite/c-c++-common/Wbidi-chars-9.c +new file mode 100644 +index 00000000000..e2af1b1ca97 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-9.c +@@ -0,0 +1,29 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test that we properly separate bidi contexts (comment/identifier/character ++ constant/string literal). */ ++ ++/* LRE ->âª<- */ int pdf_\u202c_1; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* RLE ->â«<- */ int pdf_\u202c_2; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* LRO ->â­<- */ int pdf_\u202c_3; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* RLO ->â®<- */ int pdf_\u202c_4; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* LRI ->â¦<-*/ int pdi_\u2069_1; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* RLI ->â§<- */ int pdi_\u2069_12; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* FSI ->â¨<- */ int pdi_\u2069_3; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++const char *s1 = "LRE\u202a"; /* PDF ->â¬<- */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* LRE ->âª<- */ const char *s2 = "PDF\u202c"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s3 = "LRE\u202a"; int pdf_\u202c_5; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int lre_\u202a; const char *s4 = "PDF\u202c"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/libcpp/include/cpplib.h b/libcpp/include/cpplib.h +index 176f8c5bbce..112b9c24751 100644 +--- a/libcpp/include/cpplib.h ++++ b/libcpp/include/cpplib.h +@@ -318,6 +318,17 @@ enum cpp_main_search + CMS_system, /* Search the system INCLUDE path. */ + }; + ++/* The possible bidirectional control characters checking levels, from least ++ restrictive to most. */ ++enum cpp_bidirectional_level { ++ /* No checking. */ ++ bidirectional_none, ++ /* Only detect unpaired uses of bidirectional control characters. */ ++ bidirectional_unpaired, ++ /* Detect any use of bidirectional control characters. */ ++ bidirectional_any ++}; ++ + /* This structure is nested inside struct cpp_reader, and + carries all the options visible to the command line. */ + struct cpp_options +@@ -531,6 +542,10 @@ struct cpp_options + /* True if warn about differences between C++98 and C++11. */ + bool cpp_warn_cxx11_compat; + ++ /* Nonzero if bidirectional control characters checking is on. See enum ++ cpp_bidirectional_level. */ ++ unsigned char cpp_warn_bidirectional; ++ + /* Dependency generation. */ + struct + { +@@ -635,7 +650,8 @@ enum cpp_warning_reason { + CPP_W_C90_C99_COMPAT, + CPP_W_C11_C2X_COMPAT, + CPP_W_CXX11_COMPAT, +- CPP_W_EXPANSION_TO_DEFINED ++ CPP_W_EXPANSION_TO_DEFINED, ++ CPP_W_BIDIRECTIONAL + }; + + /* Callback for header lookup for HEADER, which is the name of a +diff --git a/libcpp/init.c b/libcpp/init.c +index 5a424e23553..f9a8f5f088f 100644 +--- a/libcpp/init.c ++++ b/libcpp/init.c +@@ -219,6 +219,7 @@ cpp_create_reader (enum c_lang lang, cpp + = ENABLE_CANONICAL_SYSTEM_HEADERS; + CPP_OPTION (pfile, ext_numeric_literals) = 1; + CPP_OPTION (pfile, warn_date_time) = 0; ++ CPP_OPTION (pfile, cpp_warn_bidirectional) = bidirectional_unpaired; + + /* Default CPP arithmetic to something sensible for the host for the + benefit of dumb users like fix-header. */ +diff --git a/libcpp/internal.h b/libcpp/internal.h +index 8577cab6c83..0ce0246c5a2 100644 +--- a/libcpp/internal.h ++++ b/libcpp/internal.h +@@ -597,6 +597,13 @@ struct cpp_reader + /* Location identifying the main source file -- intended to be line + zero of said file. */ + location_t main_loc; ++ ++ /* Returns true iff we should warn about UTF-8 bidirectional control ++ characters. */ ++ bool warn_bidi_p () const ++ { ++ return CPP_OPTION (this, cpp_warn_bidirectional) != bidirectional_none; ++ } + }; + + /* Character classes. Based on the more primitive macros in safe-ctype.h. +diff --git a/libcpp/lex.c b/libcpp/lex.c +index fa2253d41c3..6a4fbce6030 100644 +--- a/libcpp/lex.c ++++ b/libcpp/lex.c +@@ -1164,6 +1164,324 @@ _cpp_process_line_notes (cpp_reader *pfi + } + } + ++namespace bidi { ++ enum class kind { ++ NONE, LRE, RLE, LRO, RLO, LRI, RLI, FSI, PDF, PDI, LTR, RTL ++ }; ++ ++ /* All the UTF-8 encodings of bidi characters start with E2. */ ++ constexpr uchar utf8_start = 0xe2; ++ ++ /* A vector holding currently open bidi contexts. We use a char for ++ each context, its LSB is 1 if it represents a PDF context, 0 if it ++ represents a PDI context. The next bit is 1 if this context was open ++ by a bidi character written as a UCN, and 0 when it was UTF-8. */ ++ semi_embedded_vec vec; ++ ++ /* Close the whole comment/identifier/string literal/character constant ++ context. */ ++ void on_close () ++ { ++ vec.truncate (0); ++ } ++ ++ /* Pop the last element in the vector. */ ++ void pop () ++ { ++ unsigned int len = vec.count (); ++ gcc_checking_assert (len > 0); ++ vec.truncate (len - 1); ++ } ++ ++ /* Return the context of the Ith element. */ ++ kind ctx_at (unsigned int i) ++ { ++ return (vec[i] & 1) ? kind::PDF : kind::PDI; ++ } ++ ++ /* Return which context is currently opened. */ ++ kind current_ctx () ++ { ++ unsigned int len = vec.count (); ++ if (len == 0) ++ return kind::NONE; ++ return ctx_at (len - 1); ++ } ++ ++ /* Return true if the current context comes from a UCN origin, that is, ++ the bidi char which started this bidi context was written as a UCN. */ ++ bool current_ctx_ucn_p () ++ { ++ unsigned int len = vec.count (); ++ gcc_checking_assert (len > 0); ++ return (vec[len - 1] >> 1) & 1; ++ } ++ ++ /* We've read a bidi char, update the current vector as necessary. */ ++ void on_char (kind k, bool ucn_p) ++ { ++ switch (k) ++ { ++ case kind::LRE: ++ case kind::RLE: ++ case kind::LRO: ++ case kind::RLO: ++ vec.push (ucn_p ? 3u : 1u); ++ break; ++ case kind::LRI: ++ case kind::RLI: ++ case kind::FSI: ++ vec.push (ucn_p ? 2u : 0u); ++ break; ++ /* PDF terminates the scope of the last LRE, RLE, LRO, or RLO ++ whose scope has not yet been terminated. */ ++ case kind::PDF: ++ if (current_ctx () == kind::PDF) ++ pop (); ++ break; ++ /* PDI terminates the scope of the last LRI, RLI, or FSI whose ++ scope has not yet been terminated, as well as the scopes of ++ any subsequent LREs, RLEs, LROs, or RLOs whose scopes have not ++ yet been terminated. */ ++ case kind::PDI: ++ for (int i = vec.count () - 1; i >= 0; --i) ++ if (ctx_at (i) == kind::PDI) ++ { ++ vec.truncate (i); ++ break; ++ } ++ break; ++ case kind::LTR: ++ case kind::RTL: ++ /* These aren't popped by a PDF/PDI. */ ++ break; ++ [[likely]] case kind::NONE: ++ break; ++ default: ++ abort (); ++ } ++ } ++ ++ /* Return a descriptive string for K. */ ++ const char *to_str (kind k) ++ { ++ switch (k) ++ { ++ case kind::LRE: ++ return "U+202A (LEFT-TO-RIGHT EMBEDDING)"; ++ case kind::RLE: ++ return "U+202B (RIGHT-TO-LEFT EMBEDDING)"; ++ case kind::LRO: ++ return "U+202D (LEFT-TO-RIGHT OVERRIDE)"; ++ case kind::RLO: ++ return "U+202E (RIGHT-TO-LEFT OVERRIDE)"; ++ case kind::LRI: ++ return "U+2066 (LEFT-TO-RIGHT ISOLATE)"; ++ case kind::RLI: ++ return "U+2067 (RIGHT-TO-LEFT ISOLATE)"; ++ case kind::FSI: ++ return "U+2068 (FIRST STRONG ISOLATE)"; ++ case kind::PDF: ++ return "U+202C (POP DIRECTIONAL FORMATTING)"; ++ case kind::PDI: ++ return "U+2069 (POP DIRECTIONAL ISOLATE)"; ++ case kind::LTR: ++ return "U+200E (LEFT-TO-RIGHT MARK)"; ++ case kind::RTL: ++ return "U+200F (RIGHT-TO-LEFT MARK)"; ++ default: ++ abort (); ++ } ++ } ++} ++ ++/* Parse a sequence of 3 bytes starting with P and return its bidi code. */ ++ ++static bidi::kind ++get_bidi_utf8 (const unsigned char *const p) ++{ ++ gcc_checking_assert (p[0] == bidi::utf8_start); ++ ++ if (p[1] == 0x80) ++ switch (p[2]) ++ { ++ case 0xaa: ++ return bidi::kind::LRE; ++ case 0xab: ++ return bidi::kind::RLE; ++ case 0xac: ++ return bidi::kind::PDF; ++ case 0xad: ++ return bidi::kind::LRO; ++ case 0xae: ++ return bidi::kind::RLO; ++ case 0x8e: ++ return bidi::kind::LTR; ++ case 0x8f: ++ return bidi::kind::RTL; ++ default: ++ break; ++ } ++ else if (p[1] == 0x81) ++ switch (p[2]) ++ { ++ case 0xa6: ++ return bidi::kind::LRI; ++ case 0xa7: ++ return bidi::kind::RLI; ++ case 0xa8: ++ return bidi::kind::FSI; ++ case 0xa9: ++ return bidi::kind::PDI; ++ default: ++ break; ++ } ++ ++ return bidi::kind::NONE; ++} ++ ++/* Parse a UCN where P points just past \u or \U and return its bidi code. */ ++ ++static bidi::kind ++get_bidi_ucn (const unsigned char *p, bool is_U) ++{ ++ /* 6.4.3 Universal Character Names ++ \u hex-quad ++ \U hex-quad hex-quad ++ where \unnnn means \U0000nnnn. */ ++ ++ if (is_U) ++ { ++ if (p[0] != '0' || p[1] != '0' || p[2] != '0' || p[3] != '0') ++ return bidi::kind::NONE; ++ /* Skip 4B so we can treat \u and \U the same below. */ ++ p += 4; ++ } ++ ++ /* All code points we are looking for start with 20xx. */ ++ if (p[0] != '2' || p[1] != '0') ++ return bidi::kind::NONE; ++ else if (p[2] == '2') ++ switch (p[3]) ++ { ++ case 'a': ++ case 'A': ++ return bidi::kind::LRE; ++ case 'b': ++ case 'B': ++ return bidi::kind::RLE; ++ case 'c': ++ case 'C': ++ return bidi::kind::PDF; ++ case 'd': ++ case 'D': ++ return bidi::kind::LRO; ++ case 'e': ++ case 'E': ++ return bidi::kind::RLO; ++ default: ++ break; ++ } ++ else if (p[2] == '6') ++ switch (p[3]) ++ { ++ case '6': ++ return bidi::kind::LRI; ++ case '7': ++ return bidi::kind::RLI; ++ case '8': ++ return bidi::kind::FSI; ++ case '9': ++ return bidi::kind::PDI; ++ default: ++ break; ++ } ++ else if (p[2] == '0') ++ switch (p[3]) ++ { ++ case 'e': ++ case 'E': ++ return bidi::kind::LTR; ++ case 'f': ++ case 'F': ++ return bidi::kind::RTL; ++ default: ++ break; ++ } ++ ++ return bidi::kind::NONE; ++} ++ ++/* We're closing a bidi context, that is, we've encountered a newline, ++ are closing a C-style comment, or are at the end of a string literal, ++ character constant, or identifier. Warn if this context was not ++ properly terminated by a PDI or PDF. P points to the last character ++ in this context. */ ++ ++static void ++maybe_warn_bidi_on_close (cpp_reader *pfile, const uchar *p) ++{ ++ if (CPP_OPTION (pfile, cpp_warn_bidirectional) == bidirectional_unpaired ++ && bidi::vec.count () > 0) ++ { ++ const location_t loc ++ = linemap_position_for_column (pfile->line_table, ++ CPP_BUF_COLUMN (pfile->buffer, p)); ++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, ++ "unpaired UTF-8 bidirectional control character " ++ "detected"); ++ } ++ /* We're done with this context. */ ++ bidi::on_close (); ++} ++ ++/* We're at the beginning or in the middle of an identifier/comment/string ++ literal/character constant. Warn if we've encountered a bidi character. ++ KIND says which bidi character it was; P points to it in the character ++ stream. UCN_P is true iff this bidi character was written as a UCN. */ ++ ++static void ++maybe_warn_bidi_on_char (cpp_reader *pfile, const uchar *p, bidi::kind kind, ++ bool ucn_p) ++{ ++ if (__builtin_expect (kind == bidi::kind::NONE, 1)) ++ return; ++ ++ const auto warn_bidi = CPP_OPTION (pfile, cpp_warn_bidirectional); ++ ++ if (warn_bidi != bidirectional_none) ++ { ++ const location_t loc ++ = linemap_position_for_column (pfile->line_table, ++ CPP_BUF_COLUMN (pfile->buffer, p)); ++ /* It seems excessive to warn about a PDI/PDF that is closing ++ an opened context because we've already warned about the ++ opening character. Except warn when we have a UCN x UTF-8 ++ mismatch. */ ++ if (kind == bidi::current_ctx ()) ++ { ++ if (warn_bidi == bidirectional_unpaired ++ && bidi::current_ctx_ucn_p () != ucn_p) ++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, ++ "UTF-8 vs UCN mismatch when closing " ++ "a context by \"%s\"", bidi::to_str (kind)); ++ } ++ else if (warn_bidi == bidirectional_any) ++ { ++ if (kind == bidi::kind::PDF || kind == bidi::kind::PDI) ++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, ++ "\"%s\" is closing an unopened context", ++ bidi::to_str (kind)); ++ else ++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, ++ "found problematic Unicode character \"%s\"", ++ bidi::to_str (kind)); ++ } ++ } ++ /* We're done with this context. */ ++ bidi::on_char (kind, ucn_p); ++} ++ + /* Skip a C-style block comment. We find the end of the comment by + seeing if an asterisk is before every '/' we encounter. Returns + nonzero if comment terminated by EOF, zero otherwise. +@@ -1175,6 +1493,7 @@ _cpp_skip_block_comment (cpp_reader *pfi + cpp_buffer *buffer = pfile->buffer; + const uchar *cur = buffer->cur; + uchar c; ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + + cur++; + if (*cur == '/') +@@ -1189,7 +1508,11 @@ _cpp_skip_block_comment (cpp_reader *pfi + if (c == '/') + { + if (cur[-2] == '*') +- break; ++ { ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, cur); ++ break; ++ } + + /* Warn about potential nested comments, but not if the '/' + comes immediately before the true comment delimiter. +@@ -1208,6 +1531,8 @@ _cpp_skip_block_comment (cpp_reader *pfi + { + unsigned int cols; + buffer->cur = cur - 1; ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, cur); + _cpp_process_line_notes (pfile, true); + if (buffer->next_line >= buffer->rlimit) + return true; +@@ -1218,6 +1543,13 @@ _cpp_skip_block_comment (cpp_reader *pfi + + cur = buffer->cur; + } ++ /* If this is a beginning of a UTF-8 encoding, it might be ++ a bidirectional control character. */ ++ else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_utf8 (cur - 1); ++ maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/false); ++ } + } + + buffer->cur = cur; +@@ -1233,9 +1565,31 @@ skip_line_comment (cpp_reader *pfile) + { + cpp_buffer *buffer = pfile->buffer; + location_t orig_line = pfile->line_table->highest_line; ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + +- while (*buffer->cur != '\n') +- buffer->cur++; ++ if (!warn_bidi_p) ++ while (*buffer->cur != '\n') ++ buffer->cur++; ++ else ++ { ++ while (*buffer->cur != '\n' ++ && *buffer->cur != bidi::utf8_start) ++ buffer->cur++; ++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0)) ++ { ++ while (*buffer->cur != '\n') ++ { ++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0)) ++ { ++ bidi::kind kind = get_bidi_utf8 (buffer->cur); ++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind, ++ /*ucn_p=*/false); ++ } ++ buffer->cur++; ++ } ++ maybe_warn_bidi_on_close (pfile, buffer->cur); ++ } ++ } + + _cpp_process_line_notes (pfile, true); + return orig_line != pfile->line_table->highest_line; +@@ -1317,11 +1671,13 @@ static const cppchar_t utf8_signifier = + + /* Returns TRUE if the sequence starting at buffer->cur is valid in + an identifier. FIRST is TRUE if this starts an identifier. */ ++ + static bool + forms_identifier_p (cpp_reader *pfile, int first, + struct normalize_state *state) + { + cpp_buffer *buffer = pfile->buffer; ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + + if (*buffer->cur == '$') + { +@@ -1344,6 +1700,13 @@ forms_identifier_p (cpp_reader *pfile, i + cppchar_t s; + if (*buffer->cur >= utf8_signifier) + { ++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0) ++ && warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_utf8 (buffer->cur); ++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind, ++ /*ucn_p=*/false); ++ } + if (_cpp_valid_utf8 (pfile, &buffer->cur, buffer->rlimit, 1 + !first, + state, &s)) + return true; +@@ -1352,6 +1715,13 @@ forms_identifier_p (cpp_reader *pfile, i + && (buffer->cur[1] == 'u' || buffer->cur[1] == 'U')) + { + buffer->cur += 2; ++ if (warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_ucn (buffer->cur, ++ buffer->cur[-1] == 'U'); ++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind, ++ /*ucn_p=*/true); ++ } + if (_cpp_valid_ucn (pfile, &buffer->cur, buffer->rlimit, 1 + !first, + state, &s, NULL, NULL)) + return true; +@@ -1460,6 +1830,7 @@ lex_identifier (cpp_reader *pfile, const + const uchar *cur; + unsigned int len; + unsigned int hash = HT_HASHSTEP (0, *base); ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + + cur = pfile->buffer->cur; + if (! starts_ucn) +@@ -1483,6 +1854,8 @@ lex_identifier (cpp_reader *pfile, const + pfile->buffer->cur++; + } + } while (forms_identifier_p (pfile, false, nst)); ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, pfile->buffer->cur); + result = _cpp_interpret_identifier (pfile, base, + pfile->buffer->cur - base); + *spelling = cpp_lookup (pfile, base, pfile->buffer->cur - base); +@@ -1719,6 +2092,7 @@ static void + lex_raw_string (cpp_reader *pfile, cpp_token *token, const uchar *base) + { + const uchar *pos = base; ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + + /* 'tis a pity this information isn't passed down from the lexer's + initial categorization of the token. */ +@@ -1955,8 +2329,15 @@ lex_raw_string (cpp_reader *pfile, cpp_t + pos = base = pfile->buffer->cur; + note = &pfile->buffer->notes[pfile->buffer->cur_note]; + } ++ else if (__builtin_expect ((unsigned char) c == bidi::utf8_start, 0) ++ && warn_bidi_p) ++ maybe_warn_bidi_on_char (pfile, pos - 1, get_bidi_utf8 (pos - 1), ++ /*ucn_p=*/false); + } + ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, pos); ++ + if (CPP_OPTION (pfile, user_literals)) + { + /* If a string format macro, say from inttypes.h, is placed touching +@@ -2051,15 +2432,27 @@ lex_string (cpp_reader *pfile, cpp_token + else + terminator = '>', type = CPP_HEADER_NAME; + ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + for (;;) + { + cppchar_t c = *cur++; + + /* In #include-style directives, terminators are not escapable. */ + if (c == '\\' && !pfile->state.angled_headers && *cur != '\n') +- cur++; ++ { ++ if ((cur[0] == 'u' || cur[0] == 'U') && warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_ucn (cur + 1, cur[0] == 'U'); ++ maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/true); ++ } ++ cur++; ++ } + else if (c == terminator) +- break; ++ { ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, cur - 1); ++ break; ++ } + else if (c == '\n') + { + cur--; +@@ -2076,6 +2469,11 @@ lex_string (cpp_reader *pfile, cpp_token + } + else if (c == '\0') + saw_NUL = true; ++ else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_utf8 (cur - 1); ++ maybe_warn_bidi_on_char (pfile, cur - 1, kind, /*ucn_p=*/false); ++ } + } + + if (saw_NUL && !pfile->state.skipping) diff --git a/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch b/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch new file mode 100644 index 0000000000..d87be19866 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch @@ -0,0 +1,103 @@ +From 30461cf8dba3d3adb15a125e4da48800eb2b9b8f Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw +Date: Fri, 18 Jun 2021 17:18:37 +0100 +Subject: [PATCH] arm: fix vlldm erratum for Armv8.1-m [PR102035] + +For Armv8.1-m we generate code that emits VLLDM directly and do not +rely on support code in the library, so emit the mitigation directly +as well, when required. In this case, we can use the compiler options +to determine when to apply the fix and when it is safe to omit it. + +gcc: + PR target/102035 + * config/arm/arm.md (attribute arch): Add fix_vlldm. + (arch_enabled): Use it. + * config/arm/vfp.md (lazy_store_multiple_insn): Add alternative to + use when erratum mitigation is needed. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=30461cf8dba3d3adb15a125e4da48800eb2b9b8f] +Signed-off-by: Pgowda + +--- + gcc/config/arm/arm.md | 11 +++++++++-- + gcc/config/arm/vfp.md | 10 +++++++--- + 2 files changed, 16 insertions(+), 5 deletions(-) + +diff -upr a/gcc/config/arm/arm.md b/gcc/config/arm/arm.md +--- a/gcc/config/arm/arm.md 2020-07-22 23:35:17.344384552 -0700 ++++ b/gcc/config/arm/arm.md 2021-11-11 20:33:58.431543947 -0800 +@@ -132,9 +132,12 @@ + ; TARGET_32BIT, "t1" or "t2" to specify a specific Thumb mode. "v6" + ; for ARM or Thumb-2 with arm_arch6, and nov6 for ARM without + ; arm_arch6. "v6t2" for Thumb-2 with arm_arch6 and "v8mb" for ARMv8-M +-; Baseline. This attribute is used to compute attribute "enabled", ++; Baseline. "fix_vlldm" is for fixing the v8-m/v8.1-m VLLDM erratum. ++; This attribute is used to compute attribute "enabled", + ; use type "any" to enable an alternative in all cases. +-(define_attr "arch" "any,a,t,32,t1,t2,v6,nov6,v6t2,v8mb,iwmmxt,iwmmxt2,armv6_or_vfpv3,neon,mve" ++(define_attr "arch" "any, a, t, 32, t1, t2, v6,nov6, v6t2, \ ++ v8mb, fix_vlldm, iwmmxt, iwmmxt2, armv6_or_vfpv3, \ ++ neon, mve" + (const_string "any")) + + (define_attr "arch_enabled" "no,yes" +@@ -177,6 +180,10 @@ + (match_test "TARGET_THUMB1 && arm_arch8")) + (const_string "yes") + ++ (and (eq_attr "arch" "fix_vlldm") ++ (match_test "fix_vlldm")) ++ (const_string "yes") ++ + (and (eq_attr "arch" "iwmmxt2") + (match_test "TARGET_REALLY_IWMMXT2")) + (const_string "yes") +diff -upr a/gcc/config/arm/vfp.md b/gcc/config/arm/vfp.md +--- a/gcc/config/arm/vfp.md 2020-07-22 23:35:17.356384684 -0700 ++++ b/gcc/config/arm/vfp.md 2021-11-11 20:33:58.431543947 -0800 +@@ -1703,12 +1703,15 @@ + (set_attr "type" "mov_reg")] + ) + ++;; Both this and the next instruction are treated by GCC in the same ++;; way as a blockage pattern. That's perhaps stronger than it needs ++;; to be, but we do not want accesses to the VFP register bank to be ++;; moved across either instruction. ++ + (define_insn "lazy_store_multiple_insn" +- [(set (match_operand:SI 0 "s_register_operand" "+&rk") +- (post_dec:SI (match_dup 0))) +- (unspec_volatile [(const_int 0) +- (mem:SI (post_dec:SI (match_dup 0)))] +- VUNSPEC_VLSTM)] ++ [(unspec_volatile ++ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk"))] ++ VUNSPEC_VLSTM)] + "use_cmse && reload_completed" + "vlstm%?\\t%0" + [(set_attr "predicable" "yes") +@@ -1716,14 +1719,16 @@ + ) + + (define_insn "lazy_load_multiple_insn" +- [(set (match_operand:SI 0 "s_register_operand" "+&rk") +- (post_inc:SI (match_dup 0))) +- (unspec_volatile:SI [(const_int 0) +- (mem:SI (match_dup 0))] +- VUNSPEC_VLLDM)] ++ [(unspec_volatile ++ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk,rk"))] ++ VUNSPEC_VLLDM)] + "use_cmse && reload_completed" +- "vlldm%?\\t%0" +- [(set_attr "predicable" "yes") ++ "@ ++ vscclrm\\t{vpr}\;vlldm\\t%0 ++ vlldm\\t%0" ++ [(set_attr "arch" "fix_vlldm,*") ++ (set_attr "predicable" "no") ++ (set_attr "length" "8,4") + (set_attr "type" "load_4")] + ) + diff --git a/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch b/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch new file mode 100644 index 0000000000..2995a6fc61 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch @@ -0,0 +1,142 @@ +From 1a7f2c0774129750fdf73e9f1b78f0ce983c9ab3 Mon Sep 17 00:00:00 2001 +From: David Malcolm +Date: Tue, 2 Nov 2021 09:54:32 -0400 +Subject: [PATCH] libcpp: escape non-ASCII source bytes in -Wbidi-chars= + [PR103026] +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +This flags rich_locations associated with -Wbidi-chars= so that +non-ASCII bytes will be escaped when printing the source lines +(using the diagnostics support I added in +r12-4825-gbd5e882cf6e0def3dd1bc106075d59a303fe0d1e). + +In particular, this ensures that the printed source lines will +be pure ASCII, and thus the visual ordering of the characters +will be the same as the logical ordering. + +Before: + + Wbidi-chars-1.c: In function âmainâ: + Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 6 | /*â® } â¦if (isAdmin)⩠⦠begin admins only */ + | ^ + Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 9 | /* end admins only â® { â¦*/ + | ^ + + Wbidi-chars-11.c:6:15: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 6 | int LRE_âª_PDF_\u202c; + | ^ + Wbidi-chars-11.c:8:19: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 8 | int LRE_\u202a_PDF_â¬_; + | ^ + Wbidi-chars-11.c:10:28: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 10 | const char *s1 = "LRE_âª_PDF_\u202c"; + | ^ + Wbidi-chars-11.c:12:33: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 12 | const char *s2 = "LRE_\u202a_PDF_â¬"; + | ^ + +After: + + Wbidi-chars-1.c: In function âmainâ: + Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 6 | /* } if (isAdmin) begin admins only */ + | ^ + Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 9 | /* end admins only { */ + | ^ + + Wbidi-chars-11.c:6:15: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 6 | int LRE__PDF_\u202c; + | ^ + Wbidi-chars-11.c:8:19: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 8 | int LRE_\u202a_PDF__; + | ^ + Wbidi-chars-11.c:10:28: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 10 | const char *s1 = "LRE__PDF_\u202c"; + | ^ + Wbidi-chars-11.c:12:33: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 12 | const char *s2 = "LRE_\u202a_PDF_"; + | ^ + +libcpp/ChangeLog: + PR preprocessor/103026 + * lex.c (maybe_warn_bidi_on_close): Use a rich_location + and call set_escape_on_output (true) on it. + (maybe_warn_bidi_on_char): Likewise. + +Signed-off-by: David Malcolm + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a7f2c0774129750fdf73e9f1b78f0ce983c9ab3] +Signed-off-by: Pgowda + +--- + libcpp/lex.c | 29 +++++++++++++++++------------ + 1 file changed, 17 insertions(+), 12 deletions(-) + +diff --git a/libcpp/lex.c b/libcpp/lex.c +index 8188e33b07d..2421d6c0f40 100644 +--- a/libcpp/lex.c ++++ b/libcpp/lex.c +@@ -1427,9 +1427,11 @@ maybe_warn_bidi_on_close (cpp_reader *pfile, const uchar *p) + const location_t loc + = linemap_position_for_column (pfile->line_table, + CPP_BUF_COLUMN (pfile->buffer, p)); +- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, +- "unpaired UTF-8 bidirectional control character " +- "detected"); ++ rich_location rich_loc (pfile->line_table, loc); ++ rich_loc.set_escape_on_output (true); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "unpaired UTF-8 bidirectional control character " ++ "detected"); + } + /* We're done with this context. */ + bidi::on_close (); +@@ -1454,6 +1456,9 @@ maybe_warn_bidi_on_char (cpp_reader *pfile, const uchar *p, bidi::kind kind, + const location_t loc + = linemap_position_for_column (pfile->line_table, + CPP_BUF_COLUMN (pfile->buffer, p)); ++ rich_location rich_loc (pfile->line_table, loc); ++ rich_loc.set_escape_on_output (true); ++ + /* It seems excessive to warn about a PDI/PDF that is closing + an opened context because we've already warned about the + opening character. Except warn when we have a UCN x UTF-8 +@@ -1462,20 +1467,20 @@ maybe_warn_bidi_on_char (cpp_reader *pfile, const uchar *p, bidi::kind kind, + { + if (warn_bidi == bidirectional_unpaired + && bidi::current_ctx_ucn_p () != ucn_p) +- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, +- "UTF-8 vs UCN mismatch when closing " +- "a context by \"%s\"", bidi::to_str (kind)); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "UTF-8 vs UCN mismatch when closing " ++ "a context by \"%s\"", bidi::to_str (kind)); + } + else if (warn_bidi == bidirectional_any) + { + if (kind == bidi::kind::PDF || kind == bidi::kind::PDI) +- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, +- "\"%s\" is closing an unopened context", +- bidi::to_str (kind)); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "\"%s\" is closing an unopened context", ++ bidi::to_str (kind)); + else +- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, +- "found problematic Unicode character \"%s\"", +- bidi::to_str (kind)); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "found problematic Unicode character \"%s\"", ++ bidi::to_str (kind)); + } + } + /* We're done with this context. */ +-- +2.27.0 + diff --git a/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch b/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch new file mode 100644 index 0000000000..12dfe682fa --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch @@ -0,0 +1,304 @@ +From 809330ab8450261e05919b472783bf15e4b000f7 Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw +Date: Tue, 6 Jul 2021 15:10:18 +0100 +Subject: [PATCH] arm: Add tests for VLLDM mitigation [PR102035] + +New tests for the erratum mitigation. + +gcc/testsuite: + PR target/102035 + * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c: New test. + * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c: Likewise. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=809330ab8450261e05919b472783bf15e4b000f7] +Signed-off-by: Pgowda + +--- + .../arm/cmse/mainline/8_1m/soft/cmse-13a.c | 31 +++++++++++++++++++ + .../arm/cmse/mainline/8_1m/soft/cmse-7a.c | 28 +++++++++++++++++ + .../arm/cmse/mainline/8_1m/soft/cmse-8a.c | 30 ++++++++++++++++++ + .../cmse/mainline/8_1m/softfp-sp/cmse-7a.c | 27 ++++++++++++++++ + .../cmse/mainline/8_1m/softfp-sp/cmse-8a.c | 29 +++++++++++++++++ + .../arm/cmse/mainline/8_1m/softfp/cmse-13a.c | 30 ++++++++++++++++++ + .../arm/cmse/mainline/8_1m/softfp/cmse-7a.c | 27 ++++++++++++++++ + .../arm/cmse/mainline/8_1m/softfp/cmse-8a.c | 29 +++++++++++++++++ + 8 files changed, 231 insertions(+) + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c + +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 2021-11-15 02:30:37.210637445 -0800 +@@ -0,0 +1,31 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */ ++ ++#include "../../../cmse-13.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler-not "vmov" } } */ ++/* { dg-final { scan-assembler-not "vmsr" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 2021-11-15 02:30:37.210637445 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */ ++ ++#include "../../../cmse-7.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler-not "vmov" } } */ ++/* { dg-final { scan-assembler-not "vmsr" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 2021-11-15 02:30:37.210637445 -0800 +@@ -0,0 +1,30 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */ ++ ++#include "../../../cmse-8.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler-not "vmov" } } */ ++/* { dg-final { scan-assembler-not "vmsr" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 2021-11-15 02:30:37.210637445 -0800 +@@ -0,0 +1,30 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */ ++ ++#include "../../../cmse-13.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 2021-11-15 02:30:37.210637445 -0800 +@@ -0,0 +1,27 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */ ++ ++#include "../../../cmse-7.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 2021-11-15 02:30:37.210637445 -0800 +@@ -0,0 +1,29 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */ ++ ++#include "../../../cmse-8.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 2021-11-15 02:30:37.210637445 -0800 +@@ -0,0 +1,27 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */ ++ ++#include "../../../cmse-7.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 2021-11-15 02:30:37.210637445 -0800 +@@ -0,0 +1,29 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */ ++ ++#include "../../../cmse-8.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ diff --git a/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch b/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch new file mode 100644 index 0000000000..4999c71b64 --- /dev/null +++ b/poky/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch @@ -0,0 +1,573 @@ +From bef32d4a28595e933f24fef378cf052a30b674a7 Mon Sep 17 00:00:00 2001 +From: David Malcolm +Date: Tue, 2 Nov 2021 15:45:22 -0400 +Subject: [PATCH] libcpp: capture and underline ranges in -Wbidi-chars= + [PR103026] +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +This patch converts the bidi::vec to use a struct so that we can +capture location_t values for the bidirectional control characters. + +Before: + + Wbidi-chars-1.c: In function âmainâ: + Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 6 | /* } if (isAdmin) begin admins only */ + | ^ + Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 9 | /* end admins only { */ + | ^ + +After: + + Wbidi-chars-1.c: In function âmainâ: + Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control characters detected [-Wbidi-chars=] + 6 | /* } if (isAdmin) begin admins only */ + | ~~~~~~~~ ~~~~~~~~ ^ + | | | | + | | | end of bidirectional context + | U+202E (RIGHT-TO-LEFT OVERRIDE) U+2066 (LEFT-TO-RIGHT ISOLATE) + Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control characters detected [-Wbidi-chars=] + 9 | /* end admins only { */ + | ~~~~~~~~ ~~~~~~~~ ^ + | | | | + | | | end of bidirectional context + | | U+2066 (LEFT-TO-RIGHT ISOLATE) + | U+202E (RIGHT-TO-LEFT OVERRIDE) + +Signed-off-by: David Malcolm + +gcc/testsuite/ChangeLog: + PR preprocessor/103026 + * c-c++-common/Wbidi-chars-ranges.c: New test. + +libcpp/ChangeLog: + PR preprocessor/103026 + * lex.c (struct bidi::context): New. + (bidi::vec): Convert to a vec of context rather than unsigned + char. + (bidi::ctx_at): Rename to... + (bidi::pop_kind_at): ...this and reimplement for above change. + (bidi::current_ctx): Update for change to vec. + (bidi::current_ctx_ucn_p): Likewise. + (bidi::current_ctx_loc): New. + (bidi::on_char): Update for usage of context struct. Add "loc" + param and pass it when pushing contexts. + (get_location_for_byte_range_in_cur_line): New. + (get_bidi_utf8): Rename to... + (get_bidi_utf8_1): ...this, reintroducing... + (get_bidi_utf8): ...as a wrapper, setting *OUT when the result is + not NONE. + (get_bidi_ucn): Rename to... + (get_bidi_ucn_1): ...this, reintroducing... + (get_bidi_ucn): ...as a wrapper, setting *OUT when the result is + not NONE. + (class unpaired_bidi_rich_location): New. + (maybe_warn_bidi_on_close): Use unpaired_bidi_rich_location when + reporting on unpaired bidi chars. Split into singular vs plural + spellings. + (maybe_warn_bidi_on_char): Pass in a location_t rather than a + const uchar * and use it when emitting warnings, and when calling + bidi::on_char. + (_cpp_skip_block_comment): Capture location when kind is not NONE + and pass it to maybe_warn_bidi_on_char. + (skip_line_comment): Likewise. + (forms_identifier_p): Likewise. + (lex_raw_string): Likewise. + (lex_string): Likewise. + +Signed-off-by: David Malcolm + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=bef32d4a28595e933f24fef378cf052a30b674a7] +Signed-off-by: Pgowda + +--- + .../c-c++-common/Wbidi-chars-ranges.c | 54 ++++ + libcpp/lex.c | 251 ++++++++++++++---- + 2 files changed, 257 insertions(+), 48 deletions(-) + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c + +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c b/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c +new file mode 100644 +index 00000000000..298750a2a64 +--- /dev/null ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c +@@ -0,0 +1,54 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired -fdiagnostics-show-caret" } */ ++/* Verify that we escape and underline pertinent bidirectional ++ control characters when quoting the source. */ ++ ++int test_unpaired_bidi () { ++ int isAdmin = 0; ++ /*â® } â¦if (isAdmin)⩠⦠begin admins only */ ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++#if 0 ++ { dg-begin-multiline-output "" } ++ /* } if (isAdmin) begin admins only */ ++ ~~~~~~~~ ~~~~~~~~ ^ ++ | | | ++ | | end of bidirectional context ++ U+202E (RIGHT-TO-LEFT OVERRIDE) U+2066 (LEFT-TO-RIGHT ISOLATE) ++ { dg-end-multiline-output "" } ++#endif ++ ++ __builtin_printf("You are an admin.\n"); ++ /* end admins only â® { â¦*/ ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++#if 0 ++ { dg-begin-multiline-output "" } ++ /* end admins only { */ ++ ~~~~~~~~ ~~~~~~~~ ^ ++ | | | ++ | | end of bidirectional context ++ | U+2066 (LEFT-TO-RIGHT ISOLATE) ++ U+202E (RIGHT-TO-LEFT OVERRIDE) ++ { dg-end-multiline-output "" } ++#endif ++ ++ return 0; ++} ++ ++int LRE_âª_PDF_\u202c; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++#if 0 ++ { dg-begin-multiline-output "" } ++ int LRE__PDF_\u202c; ++ ~~~~~~~~ ^~~~~~ ++ { dg-end-multiline-output "" } ++#endif ++ ++const char *s1 = "LRE_âª_PDF_\u202c"; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++#if 0 ++ { dg-begin-multiline-output "" } ++ const char *s1 = "LRE__PDF_\u202c"; ++ ~~~~~~~~ ^~~~~~ ++ { dg-end-multiline-output "" } ++#endif +diff --git a/libcpp/lex.c b/libcpp/lex.c +index 2421d6c0f40..94c36f0d014 100644 +--- a/libcpp/lex.c ++++ b/libcpp/lex.c +@@ -1172,11 +1172,34 @@ namespace bidi { + /* All the UTF-8 encodings of bidi characters start with E2. */ + constexpr uchar utf8_start = 0xe2; + ++ struct context ++ { ++ context () {} ++ context (location_t loc, kind k, bool pdf, bool ucn) ++ : m_loc (loc), m_kind (k), m_pdf (pdf), m_ucn (ucn) ++ { ++ } ++ ++ kind get_pop_kind () const ++ { ++ return m_pdf ? kind::PDF : kind::PDI; ++ } ++ bool ucn_p () const ++ { ++ return m_ucn; ++ } ++ ++ location_t m_loc; ++ kind m_kind; ++ unsigned m_pdf : 1; ++ unsigned m_ucn : 1; ++ }; ++ + /* A vector holding currently open bidi contexts. We use a char for + each context, its LSB is 1 if it represents a PDF context, 0 if it + represents a PDI context. The next bit is 1 if this context was open + by a bidi character written as a UCN, and 0 when it was UTF-8. */ +- semi_embedded_vec vec; ++ semi_embedded_vec vec; + + /* Close the whole comment/identifier/string literal/character constant + context. */ +@@ -1193,19 +1216,19 @@ namespace bidi { + vec.truncate (len - 1); + } + +- /* Return the context of the Ith element. */ +- kind ctx_at (unsigned int i) ++ /* Return the pop kind of the context of the Ith element. */ ++ kind pop_kind_at (unsigned int i) + { +- return (vec[i] & 1) ? kind::PDF : kind::PDI; ++ return vec[i].get_pop_kind (); + } + +- /* Return which context is currently opened. */ ++ /* Return the pop kind of the context that is currently opened. */ + kind current_ctx () + { + unsigned int len = vec.count (); + if (len == 0) + return kind::NONE; +- return ctx_at (len - 1); ++ return vec[len - 1].get_pop_kind (); + } + + /* Return true if the current context comes from a UCN origin, that is, +@@ -1214,11 +1237,19 @@ namespace bidi { + { + unsigned int len = vec.count (); + gcc_checking_assert (len > 0); +- return (vec[len - 1] >> 1) & 1; ++ return vec[len - 1].m_ucn; + } + +- /* We've read a bidi char, update the current vector as necessary. */ +- void on_char (kind k, bool ucn_p) ++ location_t current_ctx_loc () ++ { ++ unsigned int len = vec.count (); ++ gcc_checking_assert (len > 0); ++ return vec[len - 1].m_loc; ++ } ++ ++ /* We've read a bidi char, update the current vector as necessary. ++ LOC is only valid when K is not kind::NONE. */ ++ void on_char (kind k, bool ucn_p, location_t loc) + { + switch (k) + { +@@ -1226,12 +1257,12 @@ namespace bidi { + case kind::RLE: + case kind::LRO: + case kind::RLO: +- vec.push (ucn_p ? 3u : 1u); ++ vec.push (context (loc, k, true, ucn_p)); + break; + case kind::LRI: + case kind::RLI: + case kind::FSI: +- vec.push (ucn_p ? 2u : 0u); ++ vec.push (context (loc, k, false, ucn_p)); + break; + /* PDF terminates the scope of the last LRE, RLE, LRO, or RLO + whose scope has not yet been terminated. */ +@@ -1245,7 +1276,7 @@ namespace bidi { + yet been terminated. */ + case kind::PDI: + for (int i = vec.count () - 1; i >= 0; --i) +- if (ctx_at (i) == kind::PDI) ++ if (pop_kind_at (i) == kind::PDI) + { + vec.truncate (i); + break; +@@ -1295,10 +1326,47 @@ namespace bidi { + } + } + ++/* Get location_t for the range of bytes [START, START + NUM_BYTES) ++ within the current line in FILE, with the caret at START. */ ++ ++static location_t ++get_location_for_byte_range_in_cur_line (cpp_reader *pfile, ++ const unsigned char *const start, ++ size_t num_bytes) ++{ ++ gcc_checking_assert (num_bytes > 0); ++ ++ /* CPP_BUF_COLUMN and linemap_position_for_column both refer ++ to offsets in bytes, but CPP_BUF_COLUMN is 0-based, ++ whereas linemap_position_for_column is 1-based. */ ++ ++ /* Get 0-based offsets within the line. */ ++ size_t start_offset = CPP_BUF_COLUMN (pfile->buffer, start); ++ size_t end_offset = start_offset + num_bytes - 1; ++ ++ /* Now convert to location_t, where "columns" are 1-based byte offsets. */ ++ location_t start_loc = linemap_position_for_column (pfile->line_table, ++ start_offset + 1); ++ location_t end_loc = linemap_position_for_column (pfile->line_table, ++ end_offset + 1); ++ ++ if (start_loc == end_loc) ++ return start_loc; ++ ++ source_range src_range; ++ src_range.m_start = start_loc; ++ src_range.m_finish = end_loc; ++ location_t combined_loc = COMBINE_LOCATION_DATA (pfile->line_table, ++ start_loc, ++ src_range, ++ NULL); ++ return combined_loc; ++} ++ + /* Parse a sequence of 3 bytes starting with P and return its bidi code. */ + + static bidi::kind +-get_bidi_utf8 (const unsigned char *const p) ++get_bidi_utf8_1 (const unsigned char *const p) + { + gcc_checking_assert (p[0] == bidi::utf8_start); + +@@ -1340,10 +1408,25 @@ get_bidi_utf8 (const unsigned char *cons + return bidi::kind::NONE; + } + ++/* Parse a sequence of 3 bytes starting with P and return its bidi code. ++ If the kind is not NONE, write the location to *OUT.*/ ++ ++static bidi::kind ++get_bidi_utf8 (cpp_reader *pfile, const unsigned char *const p, location_t *out) ++{ ++ bidi::kind result = get_bidi_utf8_1 (p); ++ if (result != bidi::kind::NONE) ++ { ++ /* We have a sequence of 3 bytes starting at P. */ ++ *out = get_location_for_byte_range_in_cur_line (pfile, p, 3); ++ } ++ return result; ++} ++ + /* Parse a UCN where P points just past \u or \U and return its bidi code. */ + + static bidi::kind +-get_bidi_ucn (const unsigned char *p, bool is_U) ++get_bidi_ucn_1 (const unsigned char *p, bool is_U) + { + /* 6.4.3 Universal Character Names + \u hex-quad +@@ -1412,6 +1495,62 @@ get_bidi_ucn (const unsigned char *p, bo + return bidi::kind::NONE; + } + ++/* Parse a UCN where P points just past \u or \U and return its bidi code. ++ If the kind is not NONE, write the location to *OUT.*/ ++ ++static bidi::kind ++get_bidi_ucn (cpp_reader *pfile, const unsigned char *p, bool is_U, ++ location_t *out) ++{ ++ bidi::kind result = get_bidi_ucn_1 (p, is_U); ++ if (result != bidi::kind::NONE) ++ { ++ const unsigned char *start = p - 2; ++ size_t num_bytes = 2 + (is_U ? 8 : 4); ++ *out = get_location_for_byte_range_in_cur_line (pfile, start, num_bytes); ++ } ++ return result; ++} ++ ++/* Subclass of rich_location for reporting on unpaired UTF-8 ++ bidirectional control character(s). ++ Escape the source lines on output, and show all unclosed ++ bidi context, labelling everything. */ ++ ++class unpaired_bidi_rich_location : public rich_location ++{ ++ public: ++ class custom_range_label : public range_label ++ { ++ public: ++ label_text get_text (unsigned range_idx) const FINAL OVERRIDE ++ { ++ /* range 0 is the primary location; each subsequent range i + 1 ++ is for bidi::vec[i]. */ ++ if (range_idx > 0) ++ { ++ const bidi::context &ctxt (bidi::vec[range_idx - 1]); ++ return label_text::borrow (bidi::to_str (ctxt.m_kind)); ++ } ++ else ++ return label_text::borrow (_("end of bidirectional context")); ++ } ++ }; ++ ++ unpaired_bidi_rich_location (cpp_reader *pfile, location_t loc) ++ : rich_location (pfile->line_table, loc, &m_custom_label) ++ { ++ set_escape_on_output (true); ++ for (unsigned i = 0; i < bidi::vec.count (); i++) ++ add_range (bidi::vec[i].m_loc, ++ SHOW_RANGE_WITHOUT_CARET, ++ &m_custom_label); ++ } ++ ++ private: ++ custom_range_label m_custom_label; ++}; ++ + /* We're closing a bidi context, that is, we've encountered a newline, + are closing a C-style comment, or are at the end of a string literal, + character constant, or identifier. Warn if this context was not +@@ -1427,11 +1566,17 @@ maybe_warn_bidi_on_close (cpp_reader *pf + const location_t loc + = linemap_position_for_column (pfile->line_table, + CPP_BUF_COLUMN (pfile->buffer, p)); +- rich_location rich_loc (pfile->line_table, loc); +- rich_loc.set_escape_on_output (true); +- cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, +- "unpaired UTF-8 bidirectional control character " +- "detected"); ++ unpaired_bidi_rich_location rich_loc (pfile, loc); ++ /* cpp_callbacks doesn't yet have a way to handle singular vs plural ++ forms of a diagnostic, so fake it for now. */ ++ if (bidi::vec.count () > 1) ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "unpaired UTF-8 bidirectional control characters " ++ "detected"); ++ else ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "unpaired UTF-8 bidirectional control character " ++ "detected"); + } + /* We're done with this context. */ + bidi::on_close (); +@@ -1439,12 +1584,13 @@ maybe_warn_bidi_on_close (cpp_reader *pf + + /* We're at the beginning or in the middle of an identifier/comment/string + literal/character constant. Warn if we've encountered a bidi character. +- KIND says which bidi character it was; P points to it in the character +- stream. UCN_P is true iff this bidi character was written as a UCN. */ ++ KIND says which bidi control character it was; UCN_P is true iff this bidi ++ control character was written as a UCN. LOC is the location of the ++ character, but is only valid if KIND != bidi::kind::NONE. */ + + static void +-maybe_warn_bidi_on_char (cpp_reader *pfile, const uchar *p, bidi::kind kind, +- bool ucn_p) ++maybe_warn_bidi_on_char (cpp_reader *pfile, bidi::kind kind, ++ bool ucn_p, location_t loc) + { + if (__builtin_expect (kind == bidi::kind::NONE, 1)) + return; +@@ -1453,9 +1599,6 @@ maybe_warn_bidi_on_char (cpp_reader *pfi + + if (warn_bidi != bidirectional_none) + { +- const location_t loc +- = linemap_position_for_column (pfile->line_table, +- CPP_BUF_COLUMN (pfile->buffer, p)); + rich_location rich_loc (pfile->line_table, loc); + rich_loc.set_escape_on_output (true); + +@@ -1467,9 +1610,12 @@ maybe_warn_bidi_on_char (cpp_reader *pfi + { + if (warn_bidi == bidirectional_unpaired + && bidi::current_ctx_ucn_p () != ucn_p) +- cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, +- "UTF-8 vs UCN mismatch when closing " +- "a context by \"%s\"", bidi::to_str (kind)); ++ { ++ rich_loc.add_range (bidi::current_ctx_loc ()); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "UTF-8 vs UCN mismatch when closing " ++ "a context by \"%s\"", bidi::to_str (kind)); ++ } + } + else if (warn_bidi == bidirectional_any) + { +@@ -1484,7 +1630,7 @@ maybe_warn_bidi_on_char (cpp_reader *pfi + } + } + /* We're done with this context. */ +- bidi::on_char (kind, ucn_p); ++ bidi::on_char (kind, ucn_p, loc); + } + + /* Skip a C-style block comment. We find the end of the comment by +@@ -1552,8 +1698,9 @@ _cpp_skip_block_comment (cpp_reader *pfi + a bidirectional control character. */ + else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p) + { +- bidi::kind kind = get_bidi_utf8 (cur - 1); +- maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/false); ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, cur - 1, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); + } + } + +@@ -1586,9 +1733,9 @@ skip_line_comment (cpp_reader *pfile) + { + if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0)) + { +- bidi::kind kind = get_bidi_utf8 (buffer->cur); +- maybe_warn_bidi_on_char (pfile, buffer->cur, kind, +- /*ucn_p=*/false); ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, buffer->cur, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); + } + buffer->cur++; + } +@@ -1708,9 +1855,9 @@ forms_identifier_p (cpp_reader *pfile, i + if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0) + && warn_bidi_p) + { +- bidi::kind kind = get_bidi_utf8 (buffer->cur); +- maybe_warn_bidi_on_char (pfile, buffer->cur, kind, +- /*ucn_p=*/false); ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, buffer->cur, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); + } + if (_cpp_valid_utf8 (pfile, &buffer->cur, buffer->rlimit, 1 + !first, + state, &s)) +@@ -1722,10 +1869,12 @@ forms_identifier_p (cpp_reader *pfile, i + buffer->cur += 2; + if (warn_bidi_p) + { +- bidi::kind kind = get_bidi_ucn (buffer->cur, +- buffer->cur[-1] == 'U'); +- maybe_warn_bidi_on_char (pfile, buffer->cur, kind, +- /*ucn_p=*/true); ++ location_t loc; ++ bidi::kind kind = get_bidi_ucn (pfile, ++ buffer->cur, ++ buffer->cur[-1] == 'U', ++ &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/true, loc); + } + if (_cpp_valid_ucn (pfile, &buffer->cur, buffer->rlimit, 1 + !first, + state, &s, NULL, NULL)) +@@ -2336,8 +2485,11 @@ lex_raw_string (cpp_reader *pfile, cpp_t + } + else if (__builtin_expect ((unsigned char) c == bidi::utf8_start, 0) + && warn_bidi_p) +- maybe_warn_bidi_on_char (pfile, pos - 1, get_bidi_utf8 (pos - 1), +- /*ucn_p=*/false); ++ { ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, pos - 1, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); ++ } + } + + if (warn_bidi_p) +@@ -2447,8 +2599,10 @@ lex_string (cpp_reader *pfile, cpp_token + { + if ((cur[0] == 'u' || cur[0] == 'U') && warn_bidi_p) + { +- bidi::kind kind = get_bidi_ucn (cur + 1, cur[0] == 'U'); +- maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/true); ++ location_t loc; ++ bidi::kind kind = get_bidi_ucn (pfile, cur + 1, cur[0] == 'U', ++ &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/true, loc); + } + cur++; + } +@@ -2476,8 +2630,9 @@ lex_string (cpp_reader *pfile, cpp_token + saw_NUL = true; + else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p) + { +- bidi::kind kind = get_bidi_utf8 (cur - 1); +- maybe_warn_bidi_on_char (pfile, cur - 1, kind, /*ucn_p=*/false); ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, cur - 1, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); + } + } + diff --git a/poky/meta/recipes-devtools/go/go-1.16.13.inc b/poky/meta/recipes-devtools/go/go-1.16.13.inc new file mode 100644 index 0000000000..46c6528dc4 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-1.16.13.inc @@ -0,0 +1,25 @@ +require go-common.inc + +GO_BASEVERSION = "1.16" +PV = "1.16.13" +FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" + +LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" + +SRC_URI += "\ + file://0001-allow-CC-and-CXX-to-have-multiple-words.patch \ + file://0002-cmd-go-make-content-based-hash-generation-less-pedan.patch \ + file://0003-allow-GOTOOLDIR-to-be-overridden-in-the-environment.patch \ + file://0004-ld-add-soname-to-shareable-objects.patch \ + file://0005-make.bash-override-CC-when-building-dist-and-go_boot.patch \ + file://0006-cmd-dist-separate-host-and-target-builds.patch \ + file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ + file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ + file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \ +" +SRC_URI[main.sha256sum] = "b0926654eaeb01ef43816638f42d7b1681f2d3f41b9559f07735522b7afad41a" + +# Upstream don't believe it is a signifiant real world issue and will only +# fix in 1.17 onwards where we can drop this. +# https://github.com/golang/go/issues/30999#issuecomment-910470358 +CVE_CHECK_WHITELIST += "CVE-2021-29923" diff --git a/poky/meta/recipes-devtools/go/go-1.16.8.inc b/poky/meta/recipes-devtools/go/go-1.16.8.inc deleted file mode 100644 index 925bf46965..0000000000 --- a/poky/meta/recipes-devtools/go/go-1.16.8.inc +++ /dev/null @@ -1,25 +0,0 @@ -require go-common.inc - -GO_BASEVERSION = "1.16" -PV = "1.16.8" -FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" - -SRC_URI += "\ - file://0001-allow-CC-and-CXX-to-have-multiple-words.patch \ - file://0002-cmd-go-make-content-based-hash-generation-less-pedan.patch \ - file://0003-allow-GOTOOLDIR-to-be-overridden-in-the-environment.patch \ - file://0004-ld-add-soname-to-shareable-objects.patch \ - file://0005-make.bash-override-CC-when-building-dist-and-go_boot.patch \ - file://0006-cmd-dist-separate-host-and-target-builds.patch \ - file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ - file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ - file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \ -" -SRC_URI[main.sha256sum] = "8f2a8c24b793375b3243df82fdb0c8387486dcc8a892ca1c991aa99ace086b98" - -# Upstream don't believe it is a signifiant real world issue and will only -# fix in 1.17 onwards where we can drop this. -# https://github.com/golang/go/issues/30999#issuecomment-910470358 -CVE_CHECK_WHITELIST += "CVE-2021-29923" diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.16.13.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.16.13.bb new file mode 100644 index 0000000000..6e498a17be --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-binary-native_1.16.13.bb @@ -0,0 +1,46 @@ +# This recipe is for bootstrapping our go-cross from a prebuilt binary of Go from golang.org. + +SUMMARY = "Go programming language compiler (upstream binary for bootstrap)" +HOMEPAGE = " http://golang.org/" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" + +PROVIDES = "go-native" + +SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" +SRC_URI[go_linux_amd64.sha256sum] = "275fc03c90c13b0bbff13125a43f1f7a9f9c00a0d5a9f2d5b16dbc2fa2c6e12a" +SRC_URI[go_linux_arm64.sha256sum] = "3dd8e14837105cbfedf7124c7f8c524ce492748c370036c7316ef99e18d116d7" + +UPSTREAM_CHECK_URI = "https://golang.org/dl/" +UPSTREAM_CHECK_REGEX = "go(?P\d+(\.\d+)+)\.linux" + +S = "${WORKDIR}/go" + +inherit goarch native + +do_compile() { + : +} + +make_wrapper() { + rm -f ${D}${bindir}/$1 + cat <${D}${bindir}/$1 +#!/bin/bash +here=\`dirname \$0\` +export GOROOT="${GOROOT:-\`readlink -f \$here/../lib/go\`}" +\$here/../lib/go/bin/$1 "\$@" +END + chmod +x ${D}${bindir}/$1 +} + +do_install() { + find ${S} -depth -type d -name testdata -exec rm -rf {} + + + install -d ${D}${bindir} ${D}${libdir}/go + cp --preserve=mode,timestamps -R ${S}/ ${D}${libdir}/ + + for f in ${S}/bin/* + do + make_wrapper `basename $f` + done +} diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.16.8.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.16.8.bb deleted file mode 100644 index 926222089d..0000000000 --- a/poky/meta/recipes-devtools/go/go-binary-native_1.16.8.bb +++ /dev/null @@ -1,46 +0,0 @@ -# This recipe is for bootstrapping our go-cross from a prebuilt binary of Go from golang.org. - -SUMMARY = "Go programming language compiler (upstream binary for bootstrap)" -HOMEPAGE = " http://golang.org/" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" - -PROVIDES = "go-native" - -SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "f32501aeb8b7b723bc7215f6c373abb6981bbc7e1c7b44e9f07317e1a300dce2" -SRC_URI[go_linux_arm64.sha256sum] = "430dbe185417204f6788913197ab3b189b6deae9c9b524f262858e53dab239c2" - -UPSTREAM_CHECK_URI = "https://golang.org/dl/" -UPSTREAM_CHECK_REGEX = "go(?P\d+(\.\d+)+)\.linux" - -S = "${WORKDIR}/go" - -inherit goarch native - -do_compile() { - : -} - -make_wrapper() { - rm -f ${D}${bindir}/$1 - cat <${D}${bindir}/$1 -#!/bin/bash -here=\`dirname \$0\` -export GOROOT="${GOROOT:-\`readlink -f \$here/../lib/go\`}" -\$here/../lib/go/bin/$1 "\$@" -END - chmod +x ${D}${bindir}/$1 -} - -do_install() { - find ${S} -depth -type d -name testdata -exec rm -rf {} + - - install -d ${D}${bindir} ${D}${libdir}/go - cp --preserve=mode,timestamps -R ${S}/ ${D}${libdir}/ - - for f in ${S}/bin/* - do - make_wrapper `basename $f` - done -} diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.16.13.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.16.13.bb new file mode 100644 index 0000000000..7ac9449e47 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-cross-canadian_1.16.13.bb @@ -0,0 +1,2 @@ +require go-cross-canadian.inc +require go-${PV}.inc diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.16.8.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.16.8.bb deleted file mode 100644 index 7ac9449e47..0000000000 --- a/poky/meta/recipes-devtools/go/go-cross-canadian_1.16.8.bb +++ /dev/null @@ -1,2 +0,0 @@ -require go-cross-canadian.inc -require go-${PV}.inc diff --git a/poky/meta/recipes-devtools/go/go-cross_1.16.13.bb b/poky/meta/recipes-devtools/go/go-cross_1.16.13.bb new file mode 100644 index 0000000000..80b5a03f6c --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-cross_1.16.13.bb @@ -0,0 +1,2 @@ +require go-cross.inc +require go-${PV}.inc diff --git a/poky/meta/recipes-devtools/go/go-cross_1.16.8.bb b/poky/meta/recipes-devtools/go/go-cross_1.16.8.bb deleted file mode 100644 index 80b5a03f6c..0000000000 --- a/poky/meta/recipes-devtools/go/go-cross_1.16.8.bb +++ /dev/null @@ -1,2 +0,0 @@ -require go-cross.inc -require go-${PV}.inc diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.16.13.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.16.13.bb new file mode 100644 index 0000000000..1857c8a577 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-crosssdk_1.16.13.bb @@ -0,0 +1,2 @@ +require go-crosssdk.inc +require go-${PV}.inc diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.16.8.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.16.8.bb deleted file mode 100644 index 1857c8a577..0000000000 --- a/poky/meta/recipes-devtools/go/go-crosssdk_1.16.8.bb +++ /dev/null @@ -1,2 +0,0 @@ -require go-crosssdk.inc -require go-${PV}.inc diff --git a/poky/meta/recipes-devtools/go/go-native_1.16.13.bb b/poky/meta/recipes-devtools/go/go-native_1.16.13.bb new file mode 100644 index 0000000000..ffe4ef3523 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-native_1.16.13.bb @@ -0,0 +1,59 @@ +# This recipe builds a native Go (written in Go) by first building an old Go 1.4 +# (written in C). However this old Go does not support all hosts platforms. + +require go-${PV}.inc + +inherit native + +SRC_URI:append = " https://dl.google.com/go/go1.4-bootstrap-20171003.tar.gz;name=bootstrap;subdir=go1.4" +SRC_URI[bootstrap.sha256sum] = "f4ff5b5eb3a3cae1c993723f3eab519c5bae18866b5e5f96fe1102f0cb5c3e52" + +export GOOS = "${BUILD_GOOS}" +export GOARCH = "${BUILD_GOARCH}" +CC = "${@d.getVar('BUILD_CC').strip()}" + +GOMAKEARGS ?= "--no-banner" + +do_configure() { + cd ${WORKDIR}/go1.4/go/src + CGO_ENABLED=0 GOROOT=${WORKDIR}/go1.4/go ./make.bash +} + +do_compile() { + export GOROOT_FINAL="${libdir_native}/go" + export GOROOT_BOOTSTRAP="${WORKDIR}/go1.4/go" + + cd src + ./make.bash ${GOMAKEARGS} + cd ${B} +} +do_compile[dirs] =+ "${GOTMPDIR} ${B}/bin" +do_compile[cleandirs] += "${GOTMPDIR} ${B}/bin" + +make_wrapper() { + rm -f ${D}${bindir}/$2$3 + cat <${D}${bindir}/$2$3 +#!/bin/bash +here=\`dirname \$0\` +export GOROOT="${GOROOT:-\`readlink -f \$here/../lib/go\`}" +\$here/../lib/go/bin/$1 "\$@" +END + chmod +x ${D}${bindir}/$2 +} + +do_install() { + install -d ${D}${libdir}/go + cp --preserve=mode,timestamps -R ${B}/pkg ${D}${libdir}/go/ + install -d ${D}${libdir}/go/src + (cd ${S}/src; for d in *; do \ + [ -d $d ] && cp -a ${S}/src/$d ${D}${libdir}/go/src/; \ + done) + find ${D}${libdir}/go/src -depth -type d -name testdata -exec rm -rf {} \; + install -d ${D}${bindir} ${D}${libdir}/go/bin + for f in ${B}/bin/* + do + base=`basename $f` + install -m755 $f ${D}${libdir}/go/bin + make_wrapper $base $base + done +} diff --git a/poky/meta/recipes-devtools/go/go-native_1.16.8.bb b/poky/meta/recipes-devtools/go/go-native_1.16.8.bb deleted file mode 100644 index ffe4ef3523..0000000000 --- a/poky/meta/recipes-devtools/go/go-native_1.16.8.bb +++ /dev/null @@ -1,59 +0,0 @@ -# This recipe builds a native Go (written in Go) by first building an old Go 1.4 -# (written in C). However this old Go does not support all hosts platforms. - -require go-${PV}.inc - -inherit native - -SRC_URI:append = " https://dl.google.com/go/go1.4-bootstrap-20171003.tar.gz;name=bootstrap;subdir=go1.4" -SRC_URI[bootstrap.sha256sum] = "f4ff5b5eb3a3cae1c993723f3eab519c5bae18866b5e5f96fe1102f0cb5c3e52" - -export GOOS = "${BUILD_GOOS}" -export GOARCH = "${BUILD_GOARCH}" -CC = "${@d.getVar('BUILD_CC').strip()}" - -GOMAKEARGS ?= "--no-banner" - -do_configure() { - cd ${WORKDIR}/go1.4/go/src - CGO_ENABLED=0 GOROOT=${WORKDIR}/go1.4/go ./make.bash -} - -do_compile() { - export GOROOT_FINAL="${libdir_native}/go" - export GOROOT_BOOTSTRAP="${WORKDIR}/go1.4/go" - - cd src - ./make.bash ${GOMAKEARGS} - cd ${B} -} -do_compile[dirs] =+ "${GOTMPDIR} ${B}/bin" -do_compile[cleandirs] += "${GOTMPDIR} ${B}/bin" - -make_wrapper() { - rm -f ${D}${bindir}/$2$3 - cat <${D}${bindir}/$2$3 -#!/bin/bash -here=\`dirname \$0\` -export GOROOT="${GOROOT:-\`readlink -f \$here/../lib/go\`}" -\$here/../lib/go/bin/$1 "\$@" -END - chmod +x ${D}${bindir}/$2 -} - -do_install() { - install -d ${D}${libdir}/go - cp --preserve=mode,timestamps -R ${B}/pkg ${D}${libdir}/go/ - install -d ${D}${libdir}/go/src - (cd ${S}/src; for d in *; do \ - [ -d $d ] && cp -a ${S}/src/$d ${D}${libdir}/go/src/; \ - done) - find ${D}${libdir}/go/src -depth -type d -name testdata -exec rm -rf {} \; - install -d ${D}${bindir} ${D}${libdir}/go/bin - for f in ${B}/bin/* - do - base=`basename $f` - install -m755 $f ${D}${libdir}/go/bin - make_wrapper $base $base - done -} diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.16.13.bb b/poky/meta/recipes-devtools/go/go-runtime_1.16.13.bb new file mode 100644 index 0000000000..63464a1501 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-runtime_1.16.13.bb @@ -0,0 +1,3 @@ +require go-${PV}.inc +require go-runtime.inc + diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.16.8.bb b/poky/meta/recipes-devtools/go/go-runtime_1.16.8.bb deleted file mode 100644 index 63464a1501..0000000000 --- a/poky/meta/recipes-devtools/go/go-runtime_1.16.8.bb +++ /dev/null @@ -1,3 +0,0 @@ -require go-${PV}.inc -require go-runtime.inc - diff --git a/poky/meta/recipes-devtools/go/go_1.16.13.bb b/poky/meta/recipes-devtools/go/go_1.16.13.bb new file mode 100644 index 0000000000..34dc89bb0c --- /dev/null +++ b/poky/meta/recipes-devtools/go/go_1.16.13.bb @@ -0,0 +1,17 @@ +require go-${PV}.inc +require go-target.inc + +inherit linuxloader + +export GOBUILDMODE="" +export GO_LDSO = "${@get_linuxloader(d)}" +export CC_FOR_TARGET = "gcc" +export CXX_FOR_TARGET = "g++" + +# mips/rv64 doesn't support -buildmode=pie, so skip the QA checking for mips/riscv32 and its +# variants. +python() { + if 'mips' in d.getVar('TARGET_ARCH',True) or 'riscv32' in d.getVar('TARGET_ARCH',True): + d.appendVar('INSANE_SKIP:%s' % d.getVar('PN',True), " textrel") +} + diff --git a/poky/meta/recipes-devtools/go/go_1.16.8.bb b/poky/meta/recipes-devtools/go/go_1.16.8.bb deleted file mode 100644 index 34dc89bb0c..0000000000 --- a/poky/meta/recipes-devtools/go/go_1.16.8.bb +++ /dev/null @@ -1,17 +0,0 @@ -require go-${PV}.inc -require go-target.inc - -inherit linuxloader - -export GOBUILDMODE="" -export GO_LDSO = "${@get_linuxloader(d)}" -export CC_FOR_TARGET = "gcc" -export CXX_FOR_TARGET = "g++" - -# mips/rv64 doesn't support -buildmode=pie, so skip the QA checking for mips/riscv32 and its -# variants. -python() { - if 'mips' in d.getVar('TARGET_ARCH',True) or 'riscv32' in d.getVar('TARGET_ARCH',True): - d.appendVar('INSANE_SKIP:%s' % d.getVar('PN',True), " textrel") -} - diff --git a/poky/meta/recipes-devtools/libtool/libtool-2.4.6.inc b/poky/meta/recipes-devtools/libtool/libtool-2.4.6.inc index 7104c98c20..a636926ef9 100644 --- a/poky/meta/recipes-devtools/libtool/libtool-2.4.6.inc +++ b/poky/meta/recipes-devtools/libtool/libtool-2.4.6.inc @@ -9,22 +9,23 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://libltdl/COPYING.LIB;md5=4fbd65380cdd255951079008b364516c " SRC_URI = "${GNU_MIRROR}/libtool/libtool-${PV}.tar.gz \ - file://trailingslash.patch \ - file://rename-with-sysroot.patch \ - file://use-sysroot-in-libpath.patch \ - file://fix-final-rpath.patch \ - file://fix-rpath.patch \ - file://norm-rpath.patch \ + file://0001-ltmain.in-Handle-trailing-slashes-on-install-command.patch \ + file://0002-libtool.m4-Rename-the-with-sysroot-option-to-avoid-c.patch \ + file://0003-ltmain.in-Add-missing-sysroot-to-library-path.patch \ + file://0004-ltmain.sh-Fix-sysroot-paths-being-encoded-into-RPATH.patch \ + file://0005-ltmain.in-Don-t-encode-RATHS-which-match-default-lin.patch \ file://dont-depend-on-help2man.patch \ - file://fix-resolve-lt-sysroot.patch \ + file://0006-libtool.m4-Handle-as-a-sysroot-correctly.patch \ file://nohardcodepaths.patch \ file://unwind-opt-parsing.patch \ - file://0001-libtool-Fix-support-for-NIOS2-processor.patch \ - file://0001-libtool-Check-for-static-libs-for-internal-compiler-.patch \ - file://0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch \ - file://0001-Makefile.am-make-sure-autoheader-run-before-automake.patch \ - file://lto-prefix.patch \ - file://debian-no_hostname.patch \ + file://0007-libtool-Fix-support-for-NIOS2-processor.patch \ + file://0008-libtool-Check-for-static-libs-for-internal-compiler-.patch \ + file://0009-Makefile.am-make-sure-autoheader-run-before-autoconf.patch \ + file://0010-Makefile.am-make-sure-autoheader-run-before-automake.patch \ + file://0011-ltmain.in-Handle-prefix-map-compiler-options-correct.patch \ + file://0012-libtool.m4-For-reproducibility-stop-encoding-hostnam.patch \ + file://libool.m4-add-ARFLAGS-variable.patch \ + file://ARFLAGS-use-cr-instead-of-cru-by-default.patch \ " SRC_URI[md5sum] = "addf44b646ddb4e3919805aa88fa7c5e" diff --git a/poky/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch b/poky/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch deleted file mode 100644 index 2e9908725e..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-autoconf.patch +++ /dev/null @@ -1,35 +0,0 @@ -From dfbbbd359e43e0a55fbea06f2647279ad8761cb9 Mon Sep 17 00:00:00 2001 -From: Mingli Yu -Date: Wed, 24 Mar 2021 03:04:13 +0000 -Subject: [PATCH] Makefile.am: make sure autoheader run before autoconf - -autoheader will update ../libtool-2.4.6/libltdl/config-h.in which -autoconf needs, so there comes a race sometimes as below: - | configure.ac:45: error: required file 'config-h.in' not found - | touch '../libtool-2.4.6/libltdl/config-h.in' - -So make sure autoheader run before autoconf to avoid this race. - -Upstream-Status: Submitted [libtool-patches@gnu.org maillist] - -Signed-off-by: Mingli Yu ---- - Makefile.am | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile.am b/Makefile.am -index 4142c90..fe1a9fc 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -365,7 +365,7 @@ lt_configure_deps = $(lt_aclocal_m4) $(lt_aclocal_m4_deps) - $(lt_aclocal_m4): $(lt_aclocal_m4_deps) - $(AM_V_GEN)cd '$(srcdir)/$(ltdl_dir)' && $(ACLOCAL) -I ../m4 - --$(lt_configure): $(lt_configure_deps) -+$(lt_configure): $(lt_configure_deps) $(lt_config_h_in) - $(AM_V_GEN)cd '$(srcdir)/$(ltdl_dir)' && $(AUTOCONF) - - $(lt_config_h_in): $(lt_configure_deps) --- -2.29.2 - diff --git a/poky/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-automake.patch b/poky/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-automake.patch deleted file mode 100644 index 87f8492346..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/0001-Makefile.am-make-sure-autoheader-run-before-automake.patch +++ /dev/null @@ -1,35 +0,0 @@ -From e82c06584f02e3e4487aa73aa05981e2a35dc6d1 Mon Sep 17 00:00:00 2001 -From: Mingli Yu -Date: Tue, 13 Apr 2021 07:17:29 +0000 -Subject: [PATCH] Makefile.am: make sure autoheader run before automake - -When use automake to generate Makefile.in from Makefile.am, there -comes below race: - | configure.ac:45: error: required file 'config-h.in' not found - -It is because the file config-h.in in updating process by autoheader, -so make automake run after autoheader to avoid the above race. - -Upstream-Status: Submitted [libtool-patches@gnu.org maillist] - -Signed-off-by: Mingli Yu ---- - Makefile.am | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile.am b/Makefile.am -index 2752ecc..29950db 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -328,7 +328,7 @@ EXTRA_DIST += $(lt_aclocal_m4) \ - $(lt_obsolete_m4) \ - $(stamp_mk) - --$(lt_Makefile_in): $(lt_Makefile_am) $(lt_aclocal_m4) -+$(lt_Makefile_in): $(lt_Makefile_am) $(lt_aclocal_m4) $(lt_config_h_in) - $(AM_V_GEN)cd '$(srcdir)/$(ltdl_dir)' && $(AUTOMAKE) Makefile - - # Don't let unused scripts leak into the libltdl Makefile --- -2.29.2 - diff --git a/poky/meta/recipes-devtools/libtool/libtool/0001-libtool-Check-for-static-libs-for-internal-compiler-.patch b/poky/meta/recipes-devtools/libtool/libtool/0001-libtool-Check-for-static-libs-for-internal-compiler-.patch deleted file mode 100644 index 8c7c39feb6..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/0001-libtool-Check-for-static-libs-for-internal-compiler-.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 40a2da75e6d95cc7c498ebda95ab19ae0db2ebfb Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Sat, 26 Jan 2019 12:54:26 -0800 -Subject: [PATCH] libtool: Check for static libs for internal compiler - libraries - -Libtool checks only for libraries linked as -l* when trying to -find internal compiler libraries. Clang, however uses the absolute -path to link its internal libraries e.g. compiler_rt. This patch -handles clang's statically linked libraries when finding internal -compiler libraries. - -https://crbug.com/749263 - -Upstream-Status: Submitted [https://debbugs.gnu.org/cgi/bugreport.cgi?bug=27866] - -Signed-off-by: Khem Raj ---- - m4/libtool.m4 | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/m4/libtool.m4 b/m4/libtool.m4 -index d0389a0..9619c57 100644 ---- a/m4/libtool.m4 -+++ b/m4/libtool.m4 -@@ -7536,7 +7536,7 @@ if AC_TRY_EVAL(ac_compile); then - for p in `eval "$output_verbose_link_cmd"`; do - case $prev$p in - -- -L* | -R* | -l*) -+ -L* | -R* | -l* | */libclang_rt.*.a) - # Some compilers place space between "-{L,R}" and the path. - # Remove the space. - if test x-L = "$p" || --- -2.20.1 - diff --git a/poky/meta/recipes-devtools/libtool/libtool/0001-libtool-Fix-support-for-NIOS2-processor.patch b/poky/meta/recipes-devtools/libtool/libtool/0001-libtool-Fix-support-for-NIOS2-processor.patch deleted file mode 100644 index bbd36d8dc1..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/0001-libtool-Fix-support-for-NIOS2-processor.patch +++ /dev/null @@ -1,68 +0,0 @@ -From df2cd898e48208f26320d40c3ed6b19c75c27142 Mon Sep 17 00:00:00 2001 -From: Marek Vasut -Date: Thu, 17 Sep 2015 00:43:15 +0200 -Subject: [PATCH] libtool: Fix support for NIOS2 processor - -The name of the system contains the string "nios2". This string -is caught by the some of the greedy checks for OS/2 in libtool, -in particular the *os2* branches of switch statements match for -the nios2 string, which results in incorrect behavior of libtool. - -This patch adds an explicit check for *nios2* before the *os2* -checks to prevent the OS/2 check incorrectly trapping the nios2 -as well. - -Signed-off-by: Marek Vasut -Upstream-Status: Submitted ---- - build-aux/ltmain.in | 20 ++++++++++++++++++++ - 1 file changed, 20 insertions(+) - -diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in -index d5cf07a..4164284 100644 ---- a/build-aux/ltmain.in -+++ b/build-aux/ltmain.in -@@ -504,6 +504,12 @@ libtool_validate_options () - test : = "$debug_cmd" || func_append preserve_args " --debug" - - case $host in -+ # For NIOS2, we want to make sure that it's not caught by the -+ # more general OS/2 check below. Otherwise, NIOS2 is the same -+ # as the default option. -+ *nios2*) -+ opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps -+ ;; - # Solaris2 added to fix http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16452 - # see also: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59788 - *cygwin* | *mingw* | *pw32* | *cegcc* | *solaris2* | *os2*) -@@ -6220,6 +6226,15 @@ func_mode_link () - if test -n "$library_names" && - { test no = "$use_static_libs" || test -z "$old_library"; }; then - case $host in -+ *nios2*) -+ # For NIOS2, we want to make sure that it's not caught by the -+ # more general OS/2 check below. Otherwise, NIOS2 is the same -+ # as the default option. -+ if test no = "$installed"; then -+ func_append notinst_deplibs " $lib" -+ need_relink=yes -+ fi -+ ;; - *cygwin* | *mingw* | *cegcc* | *os2*) - # No point in relinking DLLs because paths are not encoded - func_append notinst_deplibs " $lib" -@@ -6290,6 +6305,11 @@ func_mode_link () - elif test -n "$soname_spec"; then - # bleh windows - case $host in -+ *nios2*) -+ # For NIOS2, we want to make sure that it's not caught by the -+ # more general OS/2 check below. Otherwise, NIOS2 is the same -+ # as the default option. -+ ;; - *cygwin* | mingw* | *cegcc* | *os2*) - func_arith $current - $age - major=$func_arith_result --- -2.5.1 - diff --git a/poky/meta/recipes-devtools/libtool/libtool/0001-ltmain.in-Handle-trailing-slashes-on-install-command.patch b/poky/meta/recipes-devtools/libtool/libtool/0001-ltmain.in-Handle-trailing-slashes-on-install-command.patch new file mode 100644 index 0000000000..eeb5ebf416 --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0001-ltmain.in-Handle-trailing-slashes-on-install-command.patch @@ -0,0 +1,35 @@ +From: Richard Purdie +Subject: [PATCH 01/12] ltmain.in: Handle trailing slashes on install commands correctly + +A command like: + +libtool --mode=install /usr/bin/install -c gck-roots-store-standalone.la '/image/usr/lib/gnome-keyring/standalone/' + +where the path ends with a trailing slash currently fails. This occurs in +software like gnome-keyring or pulseaudio and is because the comparision +code doesn't see the paths as equal. Strip both paths to ensure this works +reliably. + +Signed-off-by: Richard Purdie + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00010.html] + +diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in +--- a/build-aux/ltmain.in ++++ b/build-aux/ltmain.in +@@ -2356,8 +2356,14 @@ func_mode_install () + func_append dir "$objdir" + + if test -n "$relink_command"; then ++ # Strip any trailing slash from the destination. ++ func_stripname '' '/' "$libdir" ++ destlibdir=$func_stripname_result ++ func_stripname '' '/' "$destdir" ++ s_destdir=$func_stripname_result ++ + # Determine the prefix the user has applied to our future dir. +- inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"` ++ inst_prefix_dir=`$ECHO "X$s_destdir" | $Xsed -e "s%$destlibdir\$%%"` + + # Don't allow the user to place us outside of our expected + # location b/c this prevents finding dependent libraries that diff --git a/poky/meta/recipes-devtools/libtool/libtool/0002-libtool.m4-Rename-the-with-sysroot-option-to-avoid-c.patch b/poky/meta/recipes-devtools/libtool/libtool/0002-libtool.m4-Rename-the-with-sysroot-option-to-avoid-c.patch new file mode 100644 index 0000000000..6da283959e --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0002-libtool.m4-Rename-the-with-sysroot-option-to-avoid-c.patch @@ -0,0 +1,167 @@ +From: Khem Raj +Subject: [PATCH 02/12] libtool.m4: Rename the --with-sysroot option to avoid conflict with gcc/binutils + +This patch renames the --with-sysroot option to --with-libtool-sysroot +to avoid namespace conflict with binutils, gcc and other toolchain +components since these componets also add that option to configure +and this becomes confusing and conflicting otherwise. + +Signed-off-by: Richard Purdie + +Upstream report: +http://lists.gnu.org/archive/html/libtool/2010-10/msg00048.html + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00014.html] + +diff --git a/m4/libtool.m4 b/m4/libtool.m4 +--- a/m4/libtool.m4 ++++ b/m4/libtool.m4 +@@ -1215,28 +1215,28 @@ _LT_DECL([], [ECHO], [1], [An echo program that protects backslashes]) + # ---------------- + AC_DEFUN([_LT_WITH_SYSROOT], + [AC_MSG_CHECKING([for sysroot]) +-AC_ARG_WITH([sysroot], +-[AS_HELP_STRING([--with-sysroot@<:@=DIR@:>@], ++AC_ARG_WITH([libtool-sysroot], ++[AS_HELP_STRING([--with-libtool-sysroot@<:@=DIR@:>@], + [Search for dependent libraries within DIR (or the compiler's sysroot + if not specified).])], +-[], [with_sysroot=no]) ++[], [with_libtool_sysroot=no]) + + dnl lt_sysroot will always be passed unquoted. We quote it here + dnl in case the user passed a directory name. + lt_sysroot= +-case $with_sysroot in #( ++case $with_libtool_sysroot in #( + yes) + if test yes = "$GCC"; then + lt_sysroot=`$CC --print-sysroot 2>/dev/null` + fi + ;; #( + /*) +- lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` ++ lt_sysroot=`echo "$with_libtool_sysroot" | sed -e "$sed_quote_subst"` + ;; #( + no|'') + ;; #( + *) +- AC_MSG_RESULT([$with_sysroot]) ++ AC_MSG_RESULT([$with_libtool_sysroot]) + AC_MSG_ERROR([The sysroot must be an absolute path.]) + ;; + esac +diff --git a/tests/sysroot.at b/tests/sysroot.at +--- a/tests/sysroot.at ++++ b/tests/sysroot.at +@@ -64,7 +64,7 @@ while read file; do + done]) + + LDFLAGS="$LDFLAGS --sysroot=$sysroot -no-undefined" +-configure_options="$configure_options --with-sysroot=$sysroot --prefix=$prefix" ++configure_options="$configure_options --with-libtool-sysroot=$sysroot --prefix=$prefix" + + #??? + if test PATH = "$shlibpath_var"; then +@@ -114,7 +114,7 @@ AM_INIT_AUTOMAKE([foreign]) + AC_PROG_CC + AC_CONFIG_SRCDIR([lib2.c]) + LT_INIT +-sysroot=$with_sysroot ++sysroot=$with_libtool_sysroot + AC_SUBST([sysroot]) + AC_OUTPUT(Makefile) + ]]) +@@ -155,7 +155,7 @@ AM_INIT_AUTOMAKE([foreign]) + AC_PROG_CC + AC_CONFIG_SRCDIR([prog.c]) + LT_INIT +-sysroot=$with_sysroot ++sysroot=$with_libtool_sysroot + AC_SUBST([sysroot]) + AC_OUTPUT(Makefile) + ]]) +diff --git a/tests/testsuite b/tests/testsuite +--- a/tests/testsuite ++++ b/tests/testsuite +@@ -48945,7 +48945,7 @@ $at_traceon; } + + + LDFLAGS="$LDFLAGS --sysroot=$sysroot -no-undefined" +-configure_options="$configure_options --with-sysroot=$sysroot --prefix=$prefix" ++configure_options="$configure_options --with-libtool-sysroot=$sysroot --prefix=$prefix" + + #??? + if test PATH = "$shlibpath_var"; then +@@ -49154,7 +49154,7 @@ AM_INIT_AUTOMAKE([foreign]) + AC_PROG_CC + AC_CONFIG_SRCDIR([lib2.c]) + LT_INIT +-sysroot=$with_sysroot ++sysroot=$with_libtool_sysroot + AC_SUBST([sysroot]) + AC_OUTPUT(Makefile) + _ATEOF +@@ -49342,7 +49342,7 @@ AM_INIT_AUTOMAKE([foreign]) + AC_PROG_CC + AC_CONFIG_SRCDIR([prog.c]) + LT_INIT +-sysroot=$with_sysroot ++sysroot=$with_libtool_sysroot + AC_SUBST([sysroot]) + AC_OUTPUT(Makefile) + _ATEOF +@@ -49694,7 +49694,7 @@ $at_traceon; } + + + LDFLAGS="$LDFLAGS --sysroot=$sysroot -no-undefined" +-configure_options="$configure_options --with-sysroot=$sysroot --prefix=$prefix" ++configure_options="$configure_options --with-libtool-sysroot=$sysroot --prefix=$prefix" + + #??? + if test PATH = "$shlibpath_var"; then +@@ -49903,7 +49903,7 @@ AM_INIT_AUTOMAKE([foreign]) + AC_PROG_CC + AC_CONFIG_SRCDIR([lib2.c]) + LT_INIT +-sysroot=$with_sysroot ++sysroot=$with_libtool_sysroot + AC_SUBST([sysroot]) + AC_OUTPUT(Makefile) + _ATEOF +@@ -50091,7 +50091,7 @@ AM_INIT_AUTOMAKE([foreign]) + AC_PROG_CC + AC_CONFIG_SRCDIR([prog.c]) + LT_INIT +-sysroot=$with_sysroot ++sysroot=$with_libtool_sysroot + AC_SUBST([sysroot]) + AC_OUTPUT(Makefile) + _ATEOF +@@ -50443,7 +50443,7 @@ $at_traceon; } + + + LDFLAGS="$LDFLAGS --sysroot=$sysroot -no-undefined" +-configure_options="$configure_options --with-sysroot=$sysroot --prefix=$prefix" ++configure_options="$configure_options --with-libtool-sysroot=$sysroot --prefix=$prefix" + + #??? + if test PATH = "$shlibpath_var"; then +@@ -50652,7 +50652,7 @@ AM_INIT_AUTOMAKE([foreign]) + AC_PROG_CC + AC_CONFIG_SRCDIR([lib2.c]) + LT_INIT +-sysroot=$with_sysroot ++sysroot=$with_libtool_sysroot + AC_SUBST([sysroot]) + AC_OUTPUT(Makefile) + _ATEOF +@@ -50840,7 +50840,7 @@ AM_INIT_AUTOMAKE([foreign]) + AC_PROG_CC + AC_CONFIG_SRCDIR([prog.c]) + LT_INIT +-sysroot=$with_sysroot ++sysroot=$with_libtool_sysroot + AC_SUBST([sysroot]) + AC_OUTPUT(Makefile) + _ATEOF diff --git a/poky/meta/recipes-devtools/libtool/libtool/0003-ltmain.in-Add-missing-sysroot-to-library-path.patch b/poky/meta/recipes-devtools/libtool/libtool/0003-ltmain.in-Add-missing-sysroot-to-library-path.patch new file mode 100644 index 0000000000..0103a00451 --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0003-ltmain.in-Add-missing-sysroot-to-library-path.patch @@ -0,0 +1,24 @@ +From: Khem Raj +Subject: [PATCH 03/12] ltmain.in: Add missing sysroot to library path + +When using a sysroot we should append it to libdir, which is helpful in +cross builds as the system is staged in the sysroot. For normal builds, +i.e. when lt_sysroot is not set, it will still behave the same and add +-L/usr/lib to the relink command. + +Signed-off-by: Richard Purdie + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00017.html] + +diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in +--- a/build-aux/ltmain.in ++++ b/build-aux/ltmain.in +@@ -6421,7 +6421,7 @@ func_mode_link () + fi + else + # We cannot seem to hardcode it, guess we'll fake it. +- add_dir=-L$libdir ++ add_dir="-L$lt_sysroot$libdir" + # Try looking first in the location we're being installed to. + if test -n "$inst_prefix_dir"; then + case $libdir in diff --git a/poky/meta/recipes-devtools/libtool/libtool/0004-ltmain.sh-Fix-sysroot-paths-being-encoded-into-RPATH.patch b/poky/meta/recipes-devtools/libtool/libtool/0004-ltmain.sh-Fix-sysroot-paths-being-encoded-into-RPATH.patch new file mode 100644 index 0000000000..21b3dfe306 --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0004-ltmain.sh-Fix-sysroot-paths-being-encoded-into-RPATH.patch @@ -0,0 +1,50 @@ +From: Richard Purdie +Subject: [PATCH 04/12] ltmain.sh: Fix sysroot paths being encoded into RPATHs + +There is a bug where RPATHs could end up containing sysroot values when +cross compiling which is obviously incorrect. Strip out sysroot components +from libdir when building RPATH values to avoid this. + +Signed-off-by: Richard Purdie + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00009.html] + +diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in +--- a/build-aux/ltmain.in ++++ b/build-aux/ltmain.in +@@ -7569,9 +7569,11 @@ EOF + test relink = "$opt_mode" || rpath=$compile_rpath$rpath + for libdir in $rpath; do + if test -n "$hardcode_libdir_flag_spec"; then ++ func_replace_sysroot "$libdir" ++ libdir=$func_replace_sysroot_result ++ func_stripname '=' '' "$libdir" ++ libdir=$func_stripname_result + if test -n "$hardcode_libdir_separator"; then +- func_replace_sysroot "$libdir" +- libdir=$func_replace_sysroot_result + if test -z "$hardcode_libdirs"; then + hardcode_libdirs=$libdir + else +@@ -8301,6 +8303,10 @@ EOF + hardcode_libdirs= + for libdir in $compile_rpath $finalize_rpath; do + if test -n "$hardcode_libdir_flag_spec"; then ++ func_replace_sysroot "$libdir" ++ libdir=$func_replace_sysroot_result ++ func_stripname '=' '' "$libdir" ++ libdir=$func_stripname_result + if test -n "$hardcode_libdir_separator"; then + if test -z "$hardcode_libdirs"; then + hardcode_libdirs=$libdir +@@ -8352,6 +8358,10 @@ EOF + hardcode_libdirs= + for libdir in $finalize_rpath; do + if test -n "$hardcode_libdir_flag_spec"; then ++ func_replace_sysroot "$libdir" ++ libdir=$func_replace_sysroot_result ++ func_stripname '=' '' "$libdir" ++ libdir=$func_stripname_result + if test -n "$hardcode_libdir_separator"; then + if test -z "$hardcode_libdirs"; then + hardcode_libdirs=$libdir diff --git a/poky/meta/recipes-devtools/libtool/libtool/0005-ltmain.in-Don-t-encode-RATHS-which-match-default-lin.patch b/poky/meta/recipes-devtools/libtool/libtool/0005-ltmain.in-Don-t-encode-RATHS-which-match-default-lin.patch new file mode 100644 index 0000000000..50d47d9f7a --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0005-ltmain.in-Don-t-encode-RATHS-which-match-default-lin.patch @@ -0,0 +1,72 @@ +From: Richard Purdie +Subject: [PATCH 05/12] ltmain.in: Don't encode RATHS which match default linker paths + +We don't want to add RPATHS which match default linker search paths, they're +a waste of space. This patch filters libtools list of paths to encoode and +removes the ones we don't need. + +Libtool may be passed link paths of the form "/usr/lib/../lib" so normalize +the paths before comparision. + +Signed-off-by: Richard Purdie + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00013.html] + +diff -u b/build-aux/ltmain.in b/build-aux/ltmain.in +--- b/build-aux/ltmain.in ++++ b/build-aux/ltmain.in 2012-08-22 11:01:34.191345989 -0700 +@@ -7286,8 +7286,16 @@ + esac + fi + else +- eval flag=\"$hardcode_libdir_flag_spec\" +- func_append dep_rpath " $flag" ++ # We only want to hardcode in an rpath if it isn't in the ++ # default dlsearch path. ++ func_normal_abspath "$libdir" ++ libdir_norm=$func_normal_abspath_result ++ case " $sys_lib_dlsearch_path " in ++ *" $libdir_norm "*) ;; ++ *) eval flag=\"$hardcode_libdir_flag_spec\" ++ func_append dep_rpath " $flag" ++ ;; ++ esac + fi + elif test -n "$runpath_var"; then + case "$perm_rpath " in +@@ -8019,8 +8027,16 @@ + esac + fi + else +- eval flag=\"$hardcode_libdir_flag_spec\" +- func_append rpath " $flag" ++ # We only want to hardcode in an rpath if it isn't in the ++ # default dlsearch path. ++ func_normal_abspath "$libdir" ++ libdir_norm=$func_normal_abspath_result ++ case " $sys_lib_dlsearch_path " in ++ *" $libdir_norm "*) ;; ++ *) eval flag=\"$hardcode_libdir_flag_spec\" ++ rpath+=" $flag" ++ ;; ++ esac + fi + elif test -n "$runpath_var"; then + case "$perm_rpath " in +@@ -8070,8 +8086,14 @@ + esac + fi + else +- eval flag=\"$hardcode_libdir_flag_spec\" +- func_append rpath " $flag" ++ # We only want to hardcode in an rpath if it isn't in the ++ # default dlsearch path. ++ case " $sys_lib_dlsearch_path " in ++ *" $libdir "*) ;; ++ *) eval flag=\"$hardcode_libdir_flag_spec\" ++ func_append rpath " $flag" ++ ;; ++ esac + fi + elif test -n "$runpath_var"; then + case "$finalize_perm_rpath " in diff --git a/poky/meta/recipes-devtools/libtool/libtool/0006-libtool.m4-Handle-as-a-sysroot-correctly.patch b/poky/meta/recipes-devtools/libtool/libtool/0006-libtool.m4-Handle-as-a-sysroot-correctly.patch new file mode 100644 index 0000000000..999971241f --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0006-libtool.m4-Handle-as-a-sysroot-correctly.patch @@ -0,0 +1,44 @@ +From: Richard Purdie +Subject: [PATCH 06/12] libtool.m4: Handle "/" as a sysroot correctly + +Update libtool.m4 to resolve a problem with lt_sysroot not being properly +updated if the option '--with[-libtool]-sysroot' is not provided when +running the 'configure' script for a package so that "/" as a sysroot +is handled correctly by libtool. + +Signed-off-by: Richard Purdie + +Upstream Report: +http://lists.gnu.org/archive/html/bug-libtool/2013-09/msg00005.html + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00018.html] + +--- +diff --git a/m4/libtool.m4 b/m4/libtool.m4 +--- a/m4/libtool.m4 ++++ b/m4/libtool.m4 +@@ -1225,16 +1225,21 @@ dnl lt_sysroot will always be passed unquoted. We quote it here + dnl in case the user passed a directory name. + lt_sysroot= + case $with_libtool_sysroot in #( +- yes) ++ no) + if test yes = "$GCC"; then + lt_sysroot=`$CC --print-sysroot 2>/dev/null` ++ # Treat "/" the same a an unset sysroot. It seems to be more ++ # compatible across host platforms that way!? ++ if test "$lt_sysroot" = /; then ++ lt_sysroot= ++ fi + fi + ;; #( ++ yes|''|/) ++ ;; #( + /*) + lt_sysroot=`echo "$with_libtool_sysroot" | sed -e "$sed_quote_subst"` + ;; #( +- no|'') +- ;; #( + *) + AC_MSG_RESULT([$with_libtool_sysroot]) + AC_MSG_ERROR([The sysroot must be an absolute path.]) diff --git a/poky/meta/recipes-devtools/libtool/libtool/0007-libtool-Fix-support-for-NIOS2-processor.patch b/poky/meta/recipes-devtools/libtool/libtool/0007-libtool-Fix-support-for-NIOS2-processor.patch new file mode 100644 index 0000000000..395464e908 --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0007-libtool-Fix-support-for-NIOS2-processor.patch @@ -0,0 +1,69 @@ +From: Marek Vasut +Subject: [PATCH 07/12] libtool: Fix support for NIOS2 processor + +The name of the system contains the string "nios2". This string +is caught by the some of the greedy checks for OS/2 in libtool, +in particular the *os2* branches of switch statements match for +the nios2 string, which results in incorrect behavior of libtool. + +This patch adds an explicit check for *nios2* before the *os2* +checks to prevent the OS/2 check incorrectly trapping the nios2 +as well. + +Signed-off-by: Marek Vasut +Signed-off-by: Richard Purdie + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00021.html] + +--- + build-aux/ltmain.in | 20 ++++++++++++++++++++ + 1 file changed, 20 insertions(+) + +diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in +index d5cf07a..4164284 100644 +--- a/build-aux/ltmain.in ++++ b/build-aux/ltmain.in +@@ -504,6 +504,12 @@ libtool_validate_options () + test : = "$debug_cmd" || func_append preserve_args " --debug" + + case $host in ++ # For NIOS2, we want to make sure that it's not caught by the ++ # more general OS/2 check below. Otherwise, NIOS2 is the same ++ # as the default option. ++ *nios2*) ++ opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps ++ ;; + # Solaris2 added to fix http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16452 + # see also: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59788 + *cygwin* | *mingw* | *pw32* | *cegcc* | *solaris2* | *os2*) +@@ -6220,6 +6226,15 @@ func_mode_link () + if test -n "$library_names" && + { test no = "$use_static_libs" || test -z "$old_library"; }; then + case $host in ++ *nios2*) ++ # For NIOS2, we want to make sure that it's not caught by the ++ # more general OS/2 check below. Otherwise, NIOS2 is the same ++ # as the default option. ++ if test no = "$installed"; then ++ func_append notinst_deplibs " $lib" ++ need_relink=yes ++ fi ++ ;; + *cygwin* | *mingw* | *cegcc* | *os2*) + # No point in relinking DLLs because paths are not encoded + func_append notinst_deplibs " $lib" +@@ -6290,6 +6305,11 @@ func_mode_link () + elif test -n "$soname_spec"; then + # bleh windows + case $host in ++ *nios2*) ++ # For NIOS2, we want to make sure that it's not caught by the ++ # more general OS/2 check below. Otherwise, NIOS2 is the same ++ # as the default option. ++ ;; + *cygwin* | mingw* | *cegcc* | *os2*) + func_arith $current - $age + major=$func_arith_result +-- +2.5.1 + diff --git a/poky/meta/recipes-devtools/libtool/libtool/0008-libtool-Check-for-static-libs-for-internal-compiler-.patch b/poky/meta/recipes-devtools/libtool/libtool/0008-libtool-Check-for-static-libs-for-internal-compiler-.patch new file mode 100644 index 0000000000..afffdb9fd4 --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0008-libtool-Check-for-static-libs-for-internal-compiler-.patch @@ -0,0 +1,38 @@ +From b9993338080325a6e2b2ec94ca0ece80e7fa3fb6 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sat, 26 Jan 2019 12:54:26 -0800 +Subject: [PATCH 08/12] libtool: Check for static libs for internal compiler libraries + +Libtool checks only for libraries linked as -l* when trying to +find internal compiler libraries. Clang, however uses the absolute +path to link its internal libraries e.g. compiler_rt. This patch +handles clang's statically linked libraries when finding internal +compiler libraries. + +Signed-off-by: Khem Raj +Signed-off-by: Richard Purdie + +https://crbug.com/749263 +https://debbugs.gnu.org/cgi/bugreport.cgi?bug=27866 + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00016.html] +--- + m4/libtool.m4 | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/m4/libtool.m4 b/m4/libtool.m4 +index d0389a0..9619c57 100644 +--- a/m4/libtool.m4 ++++ b/m4/libtool.m4 +@@ -7536,7 +7536,7 @@ if AC_TRY_EVAL(ac_compile); then + for p in `eval "$output_verbose_link_cmd"`; do + case $prev$p in + +- -L* | -R* | -l*) ++ -L* | -R* | -l* | */libclang_rt.*.a) + # Some compilers place space between "-{L,R}" and the path. + # Remove the space. + if test x-L = "$p" || +-- +2.20.1 + diff --git a/poky/meta/recipes-devtools/libtool/libtool/0009-Makefile.am-make-sure-autoheader-run-before-autoconf.patch b/poky/meta/recipes-devtools/libtool/libtool/0009-Makefile.am-make-sure-autoheader-run-before-autoconf.patch new file mode 100644 index 0000000000..348cd3c1ae --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0009-Makefile.am-make-sure-autoheader-run-before-autoconf.patch @@ -0,0 +1,35 @@ +From: Mingli Yu +Subject: [PATCH 09/12] Makefile.am: make sure autoheader run before autoconf + +autoheader will update ../libtool-2.4.6/libltdl/config-h.in which +autoconf needs, so there comes a race sometimes as below: + | configure.ac:45: error: required file 'config-h.in' not found + | touch '../libtool-2.4.6/libltdl/config-h.in' + +So make sure autoheader run before autoconf to avoid this race. + +Signed-off-by: Mingli Yu +Signed-off-by: Richard Purdie + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00015.html] + +--- + Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile.am b/Makefile.am +index 4142c90..fe1a9fc 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -365,7 +365,7 @@ lt_configure_deps = $(lt_aclocal_m4) $(lt_aclocal_m4_deps) + $(lt_aclocal_m4): $(lt_aclocal_m4_deps) + $(AM_V_GEN)cd '$(srcdir)/$(ltdl_dir)' && $(ACLOCAL) -I ../m4 + +-$(lt_configure): $(lt_configure_deps) ++$(lt_configure): $(lt_configure_deps) $(lt_config_h_in) + $(AM_V_GEN)cd '$(srcdir)/$(ltdl_dir)' && $(AUTOCONF) + + $(lt_config_h_in): $(lt_configure_deps) +-- +2.29.2 + diff --git a/poky/meta/recipes-devtools/libtool/libtool/0010-Makefile.am-make-sure-autoheader-run-before-automake.patch b/poky/meta/recipes-devtools/libtool/libtool/0010-Makefile.am-make-sure-autoheader-run-before-automake.patch new file mode 100644 index 0000000000..cd963ef1be --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0010-Makefile.am-make-sure-autoheader-run-before-automake.patch @@ -0,0 +1,36 @@ +From: Mingli Yu +Subject: [PATCH 10/12] Makefile.am: make sure autoheader run before automake + +When use automake to generate Makefile.in from Makefile.am, there +comes below race: + | configure.ac:45: error: required file 'config-h.in' not found + +It is because the file config-h.in in updating process by autoheader, +so make automake run after autoheader to avoid the above race. + +Signed-off-by: Mingli Yu +Signed-off-by: Richard Purdie + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00020.html] + +Signed-off-by: Mingli Yu +--- + Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile.am b/Makefile.am +index 2752ecc..29950db 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -328,7 +328,7 @@ EXTRA_DIST += $(lt_aclocal_m4) \ + $(lt_obsolete_m4) \ + $(stamp_mk) + +-$(lt_Makefile_in): $(lt_Makefile_am) $(lt_aclocal_m4) ++$(lt_Makefile_in): $(lt_Makefile_am) $(lt_aclocal_m4) $(lt_config_h_in) + $(AM_V_GEN)cd '$(srcdir)/$(ltdl_dir)' && $(AUTOMAKE) Makefile + + # Don't let unused scripts leak into the libltdl Makefile +-- +2.29.2 + diff --git a/poky/meta/recipes-devtools/libtool/libtool/0011-ltmain.in-Handle-prefix-map-compiler-options-correct.patch b/poky/meta/recipes-devtools/libtool/libtool/0011-ltmain.in-Handle-prefix-map-compiler-options-correct.patch new file mode 100644 index 0000000000..b121a3c750 --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0011-ltmain.in-Handle-prefix-map-compiler-options-correct.patch @@ -0,0 +1,26 @@ +From: Richard Purdie +Subject: [PATCH 11/12] ltmain.in: Handle prefix-map compiler options correctly + +If lto is enabled, we need the prefix-map variables to be passed to the linker. +Add these to the list of options libtool passes through. + +Signed-off-by: Richard Purdie + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00019.html] + +Index: libtool-2.4.6/build-aux/ltmain.in +=================================================================== +--- libtool-2.4.6.orig/build-aux/ltmain.in ++++ libtool-2.4.6/build-aux/ltmain.in +@@ -5424,9 +5424,10 @@ func_mode_link () + # --sysroot=* for sysroot support + # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization + # -stdlib=* select c++ std lib with clang ++ # -f*-prefix-map* needed for lto linking + -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ + -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ +- -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*) ++ -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*|-f*-prefix-map*) + func_quote_for_eval "$arg" + arg=$func_quote_for_eval_result + func_append compile_command " $arg" diff --git a/poky/meta/recipes-devtools/libtool/libtool/0012-libtool.m4-For-reproducibility-stop-encoding-hostnam.patch b/poky/meta/recipes-devtools/libtool/libtool/0012-libtool.m4-For-reproducibility-stop-encoding-hostnam.patch new file mode 100644 index 0000000000..64f911d46c --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/0012-libtool.m4-For-reproducibility-stop-encoding-hostnam.patch @@ -0,0 +1,27 @@ +From: Richard Purdie +Subject: [PATCH 12/12] libtool.m4: For reproducibility stop encoding hostname in libtool script + +For reproducibilty, stop encoding the hostname into the libtool script, this isn't +really adding much to debugging and most distros are carrying such a patch now as +reproducibility is important. + +Signed-off-by: Richard Purdie + +https://sources.debian.org/data/main/libt/libtool/2.4.6-10/debian/patches/ + no_hostname.patch + +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/libtool-patches/2021-10/msg00011.html] + +--- +Index: libtool-2.4.6/m4/libtool.m4 +=================================================================== +--- libtool-2.4.6.orig/m4/libtool.m4 ++++ libtool-2.4.6/m4/libtool.m4 +@@ -728,7 +728,6 @@ _LT_CONFIG_SAVE_COMMANDS([ + cat <<_LT_EOF >> "$cfgfile" + #! $SHELL + # Generated automatically by $as_me ($PACKAGE) $VERSION +-# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: + # NOTE: Changes made to this file will be lost: look at ltmain.sh. + + # Provide generalized library-building support services. diff --git a/poky/meta/recipes-devtools/libtool/libtool/ARFLAGS-use-cr-instead-of-cru-by-default.patch b/poky/meta/recipes-devtools/libtool/libtool/ARFLAGS-use-cr-instead-of-cru-by-default.patch new file mode 100644 index 0000000000..447640cef6 --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/ARFLAGS-use-cr-instead-of-cru-by-default.patch @@ -0,0 +1,133 @@ +From 418129bc63afc312701e84cb8afa5ca413df1ab5 Mon Sep 17 00:00:00 2001 +From: Pavel Raiskup +Date: Fri, 17 Apr 2015 16:54:58 +0200 +Subject: ARFLAGS: use 'cr' instead of 'cru' by default + +In some GNU/Linux distributions people started to compile 'ar' +binary with --enable-deterministic-archives (binutils project). +That, however, in combination with our previous long time working +default AR_FLAGS=cru causes warnings on such installations: +ar: `u' modifier ignored since `D' is the default (see `U') + +The 'u' option (at least with GNU binutils) did small optimization +during repeated builds because it instructed 'ar' to not +open/close unchanged *.o files and to rather read their contents +from old archive file. However, its removal should not cause a +big performance hit for usual workflows. + +Distributions started using --enable-deterministic-archives +knowing that it would disable the 'u', just to rather have a bit +more deterministic builds. + +Also, to justify this change a bit more, keeping 'u' in ARFLAGS +could only result in many per-project changes to override +Libtool's ARFLAGS default, just to silent such warnings. + +Fixes bug#19967. Reported by Eric Blake. + +* m4/libtool.m4 (_LT_PROG_AR): Default AR_FLAGS to 'cr'. +(_LT_REQUIRED_DARWIN_CHECKS): Use $AR_FLAGS instead 'cru' string. +* doc/libtool.texi: Do 's/ar cru/ar cr/' in whole documentation. +* NEWS: Document. + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/libtool.git/commit/?id=418129bc63afc312701e84cb8afa5ca413df1ab5] + +Signed-off-by: Li Wang +Signed-off-by: Changqing Li +--- + NEWS | 4 ++++ + doc/libtool.texi | 10 +++++----- + m4/libtool.m4 | 6 +++--- + 3 files changed, 12 insertions(+), 8 deletions(-) + +diff --git a/NEWS b/NEWS +index 71a932d..1518f09 100644 +--- a/NEWS ++++ b/NEWS +@@ -13,6 +13,10 @@ NEWS - list of user-visible changes between releases of GNU Libtool + variable, which obsoletes AR_FLAGS. This is due to naming conventions + among other *FLAGS and to be consistent with Automake's ARFLAGS. + ++** Important incompatible changes: ++ ++ - Libtool changed ARFLAGS/AR_FLAGS default from 'cru' to 'cr'. ++ + ** Bug fixes: + + - Fix a race condition in ltdl dryrun test that would cause spurious +diff --git a/doc/libtool.texi b/doc/libtool.texi +index 0298627..4c664bb 100644 +--- a/doc/libtool.texi ++++ b/doc/libtool.texi +@@ -602,7 +602,7 @@ Without libtool, the programmer would invoke the @command{ar} command to + create a static library: + + @example +-burger$ @kbd{ar cru libhello.a hello.o foo.o} ++burger$ @kbd{ar cr libhello.a hello.o foo.o} + burger$ + @end example + +@@ -632,7 +632,7 @@ libtool are the same ones you would use to produce an executable named + a23$ @kbd{libtool --mode=link gcc -g -O -o libhello.la foo.o hello.o} + *** Warning: Linking the shared library libhello.la against the + *** non-libtool objects foo.o hello.o is not portable! +-ar cru .libs/libhello.a ++ar cr .libs/libhello.a + ranlib .libs/libhello.a + creating libhello.la + (cd .libs && rm -f libhello.la && ln -s ../libhello.la libhello.la) +@@ -662,7 +662,7 @@ archive, not a shared library (@pxref{Static libraries}).}: + @example + a23$ @kbd{libtool --mode=link gcc -g -O -o libhello.la foo.lo hello.lo \ + -rpath /usr/local/lib -lm} +-ar cru @value{objdir}/libhello.a foo.o hello.o ++ar cr @value{objdir}/libhello.a foo.o hello.o + ranlib @value{objdir}/libhello.a + creating libhello.la + (cd @value{objdir} && rm -f libhello.la && ln -s ../libhello.la libhello.la) +@@ -676,7 +676,7 @@ burger$ @kbd{libtool --mode=link gcc -g -O -o libhello.la foo.lo hello.lo \ + -rpath /usr/local/lib -lm} + rm -fr @value{objdir}/libhello.a @value{objdir}/libhello.la + ld -Bshareable -o @value{objdir}/libhello.so.0.0 @value{objdir}/foo.o @value{objdir}/hello.o -lm +-ar cru @value{objdir}/libhello.a foo.o hello.o ++ar cr @value{objdir}/libhello.a foo.o hello.o + ranlib @value{objdir}/libhello.a + creating libhello.la + (cd @value{objdir} && rm -f libhello.la && ln -s ../libhello.la libhello.la) +@@ -6001,7 +6001,7 @@ in cases where it is necessary. + @subsection Archivers + + On all known systems, building a static library can be accomplished by +-running @kbd{ar cru lib@var{name}.a @var{obj1}.o @var{obj2}.o @dots{}}, ++running @kbd{ar cr lib@var{name}.a @var{obj1}.o @var{obj2}.o @dots{}}, + where the @file{.a} file is the output library, and each @file{.o} file is an + object file. + +diff --git a/m4/libtool.m4 b/m4/libtool.m4 +index 6514196..add06ee 100644 +--- a/m4/libtool.m4 ++++ b/m4/libtool.m4 +@@ -1041,8 +1041,8 @@ int forced_loaded() { return 2;} + _LT_EOF + echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD + $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD +- echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD +- $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD ++ echo "$AR $AR_FLAGS libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD ++ $AR $AR_FLAGS libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD + echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD + $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD + cat > conftest.c << _LT_EOF +@@ -1505,7 +1505,7 @@ _LT_DECL([], [AR], [1], [The archiver]) + # ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS + # variable obsoleted/removed. + +-test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cru} ++test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cr} + lt_ar_flags=$AR_FLAGS + _LT_DECL([], [lt_ar_flags], [0], [Flags to create an archive (by configure)]) + +-- +2.23.0 + diff --git a/poky/meta/recipes-devtools/libtool/libtool/debian-no_hostname.patch b/poky/meta/recipes-devtools/libtool/libtool/debian-no_hostname.patch deleted file mode 100755 index 5add0cca3b..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/debian-no_hostname.patch +++ /dev/null @@ -1,21 +0,0 @@ -libtool: remove host specific info from header file - -https://sources.debian.org/data/main/libt/libtool/2.4.6-10/debian/patches/ - no_hostname.patch - -Upstream-Status: Inappropriate [not author] -Signed-off-by: Joe Slater - ---- -Index: libtool-2.4.6/m4/libtool.m4 -=================================================================== ---- libtool-2.4.6.orig/m4/libtool.m4 -+++ libtool-2.4.6/m4/libtool.m4 -@@ -728,7 +728,6 @@ _LT_CONFIG_SAVE_COMMANDS([ - cat <<_LT_EOF >> "$cfgfile" - #! $SHELL - # Generated automatically by $as_me ($PACKAGE) $VERSION --# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - # NOTE: Changes made to this file will be lost: look at ltmain.sh. - - # Provide generalized library-building support services. diff --git a/poky/meta/recipes-devtools/libtool/libtool/fix-final-rpath.patch b/poky/meta/recipes-devtools/libtool/libtool/fix-final-rpath.patch deleted file mode 100644 index 5c9f8cc9c0..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/fix-final-rpath.patch +++ /dev/null @@ -1,50 +0,0 @@ -Upstream-Status: Inappropriate [embedded specific] - -Enalbing sysroot support exposed a bug where the final library -had an RPATH encoded into it which still pointed to the sysroot. -This works around the issue until it gets sorted out upstream. - -Fix suggested by Richard Purdie -Signed-off-by: Scott Garman -Signed-off-by: Randy Witt -Updated by: Robert Yang - -diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in ---- a/build-aux/ltmain.in -+++ b/build-aux/ltmain.in -@@ -7569,9 +7569,11 @@ EOF - test relink = "$opt_mode" || rpath=$compile_rpath$rpath - for libdir in $rpath; do - if test -n "$hardcode_libdir_flag_spec"; then -+ func_replace_sysroot "$libdir" -+ libdir=$func_replace_sysroot_result -+ func_stripname '=' '' "$libdir" -+ libdir=$func_stripname_result - if test -n "$hardcode_libdir_separator"; then -- func_replace_sysroot "$libdir" -- libdir=$func_replace_sysroot_result - if test -z "$hardcode_libdirs"; then - hardcode_libdirs=$libdir - else -@@ -8301,6 +8303,10 @@ EOF - hardcode_libdirs= - for libdir in $compile_rpath $finalize_rpath; do - if test -n "$hardcode_libdir_flag_spec"; then -+ func_replace_sysroot "$libdir" -+ libdir=$func_replace_sysroot_result -+ func_stripname '=' '' "$libdir" -+ libdir=$func_stripname_result - if test -n "$hardcode_libdir_separator"; then - if test -z "$hardcode_libdirs"; then - hardcode_libdirs=$libdir -@@ -8352,6 +8358,10 @@ EOF - hardcode_libdirs= - for libdir in $finalize_rpath; do - if test -n "$hardcode_libdir_flag_spec"; then -+ func_replace_sysroot "$libdir" -+ libdir=$func_replace_sysroot_result -+ func_stripname '=' '' "$libdir" -+ libdir=$func_stripname_result - if test -n "$hardcode_libdir_separator"; then - if test -z "$hardcode_libdirs"; then - hardcode_libdirs=$libdir diff --git a/poky/meta/recipes-devtools/libtool/libtool/fix-resolve-lt-sysroot.patch b/poky/meta/recipes-devtools/libtool/libtool/fix-resolve-lt-sysroot.patch deleted file mode 100644 index 1bd95980c0..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/fix-resolve-lt-sysroot.patch +++ /dev/null @@ -1,42 +0,0 @@ -Upstream-Status: Pending - -This patch updates libtool.m4 (and its output) to resolve a problem -with variable 'lt_sysroot' not being properly updated if the option -'--with[-libtool]-sysroot' is not provided when running the 'configure' -script for a package. - -I have also reported the problem to libtool here - -http://lists.gnu.org/archive/html/bug-libtool/2013-09/msg00005.html - -Signed-off-by: Hans Beckerus -Updated by: Robert Yang ---- -diff --git a/m4/libtool.m4 b/m4/libtool.m4 ---- a/m4/libtool.m4 -+++ b/m4/libtool.m4 -@@ -1225,16 +1225,21 @@ dnl lt_sysroot will always be passed unquoted. We quote it here - dnl in case the user passed a directory name. - lt_sysroot= - case $with_libtool_sysroot in #( -- yes) -+ no) - if test yes = "$GCC"; then - lt_sysroot=`$CC --print-sysroot 2>/dev/null` -+ # Treat "/" the same a an unset sysroot. It seems to be more -+ # compatible across host platforms that way!? -+ if test "$lt_sysroot" = /; then -+ lt_sysroot= -+ fi - fi - ;; #( -+ yes|''|/) -+ ;; #( - /*) - lt_sysroot=`echo "$with_libtool_sysroot" | sed -e "$sed_quote_subst"` - ;; #( -- no|'') -- ;; #( - *) - AC_MSG_RESULT([$with_libtool_sysroot]) - AC_MSG_ERROR([The sysroot must be an absolute path.]) diff --git a/poky/meta/recipes-devtools/libtool/libtool/fix-rpath.patch b/poky/meta/recipes-devtools/libtool/libtool/fix-rpath.patch deleted file mode 100644 index a2ec9473e7..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/fix-rpath.patch +++ /dev/null @@ -1,65 +0,0 @@ -We don't want to add RPATHS which match default linker -search paths, they're a waste of space. This patch -filters libtools list and removes the ones we don't need. - -RP 23/9/2011 - -Upstream-Status: Pending - -Updated by: Robert Yang - -Index: libtool-2.4.2/build-aux/ltmain.in -=================================================================== ---- libtool-2.4.2.orig/build-aux/ltmain.in -+++ libtool-2.4.2/build-aux/ltmain.in -@@ -7286,8 +7286,14 @@ EOF - esac - fi - else -- eval flag=\"$hardcode_libdir_flag_spec\" -- func_append dep_rpath " $flag" -+ # We only want to hardcode in an rpath if it isn't in the -+ # default dlsearch path. -+ case " $sys_lib_dlsearch_path " in -+ *" $libdir "*) ;; -+ *) eval flag=\"$hardcode_libdir_flag_spec\" -+ func_append dep_rpath " $flag" -+ ;; -+ esac - fi - elif test -n "$runpath_var"; then - case "$perm_rpath " in -@@ -8019,8 +8025,14 @@ EOF - esac - fi - else -- eval flag=\"$hardcode_libdir_flag_spec\" -- func_append rpath " $flag" -+ # We only want to hardcode in an rpath if it isn't in the -+ # default dlsearch path. -+ case " $sys_lib_dlsearch_path " in -+ *" $libdir "*) ;; -+ *) eval flag=\"$hardcode_libdir_flag_spec\" -+ rpath+=" $flag" -+ ;; -+ esac - fi - elif test -n "$runpath_var"; then - case "$perm_rpath " in -@@ -8070,8 +8082,14 @@ EOF - esac - fi - else -- eval flag=\"$hardcode_libdir_flag_spec\" -- func_append rpath " $flag" -+ # We only want to hardcode in an rpath if it isn't in the -+ # default dlsearch path. -+ case " $sys_lib_dlsearch_path " in -+ *" $libdir "*) ;; -+ *) eval flag=\"$hardcode_libdir_flag_spec\" -+ func_append rpath " $flag" -+ ;; -+ esac - fi - elif test -n "$runpath_var"; then - case "$finalize_perm_rpath " in diff --git a/poky/meta/recipes-devtools/libtool/libtool/fixinstall.patch b/poky/meta/recipes-devtools/libtool/libtool/fixinstall.patch index 8f343bf436..48330d82fb 100644 --- a/poky/meta/recipes-devtools/libtool/libtool/fixinstall.patch +++ b/poky/meta/recipes-devtools/libtool/libtool/fixinstall.patch @@ -27,9 +27,9 @@ diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in - if test -n "$relink_command"; then + if test "$fast_install" = no && test -n "$relink_command"; then - # Strip any trailing slash from the destination. - func_stripname '' '/' "$libdir" - destlibdir=$func_stripname_result + # Strip any trailing slash from the destination. + func_stripname '' '/' "$libdir" + destlibdir=$func_stripname_result @@ -2394,7 +2394,7 @@ func_mode_install () shift diff --git a/poky/meta/recipes-devtools/libtool/libtool/libool.m4-add-ARFLAGS-variable.patch b/poky/meta/recipes-devtools/libtool/libtool/libool.m4-add-ARFLAGS-variable.patch new file mode 100644 index 0000000000..bb11887cda --- /dev/null +++ b/poky/meta/recipes-devtools/libtool/libtool/libool.m4-add-ARFLAGS-variable.patch @@ -0,0 +1,77 @@ +From 4335de1dfb7d2ec728427e07a54136b94a2d40f6 Mon Sep 17 00:00:00 2001 +From: Pavel Raiskup +Date: Fri, 17 Apr 2015 15:05:42 +0200 +Subject: libool.m4: add ARFLAGS variable + +Libtool has used $AR_FLAGS since 2000-05-29 commit +8300de4c54e6f04f0d, Automake ARFLAGS since 2003-04-06 commit +a71b3490639831ca. Even though ARFLAGS is younger, it sounds like +better name according GNU Coding Standards. + +Related to bug#20082. + +* m4/libtool.m4 (_LT_PROG_AR): Copy ARFLAGS value into AR_FLAGS +variable if AR_FLAGS is not set. Add new _LT_DECL'ed variable +'lt_ar_flags' to keep the configure-time value of AR_FLAGS. The +new 'lt_ar_flags' is to be used as the default value for AR_FLAGS +at libtool-runtime. +* NEWS: Document. + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/libtool.git/commit/?id=4335de1dfb7d2ec728427e07a54136b94a2d40f6] + +Signed-off-by: Li Wang +Signed-off-by: Changqing Li +--- + NEWS | 6 ++++++ + m4/libtool.m4 | 17 +++++++++++++++-- + 2 files changed, 21 insertions(+), 2 deletions(-) + +diff --git a/NEWS b/NEWS +index d7ca434..71a932d 100644 +--- a/NEWS ++++ b/NEWS +@@ -7,6 +7,12 @@ NEWS - list of user-visible changes between releases of GNU Libtool + - LT_SYS_LIBRARY_PATH can be set in config.site, or at configure time + and persists correctly in the generated libtool script. + ++** New features: ++ ++ - Libtool script now supports (configure-time and runtime) ARFLAGS ++ variable, which obsoletes AR_FLAGS. This is due to naming conventions ++ among other *FLAGS and to be consistent with Automake's ARFLAGS. ++ + ** Bug fixes: + + - Fix a race condition in ltdl dryrun test that would cause spurious +diff --git a/m4/libtool.m4 b/m4/libtool.m4 +index 63acd09..6514196 100644 +--- a/m4/libtool.m4 ++++ b/m4/libtool.m4 +@@ -1497,9 +1497,22 @@ need_locks=$enable_libtool_lock + m4_defun([_LT_PROG_AR], + [AC_CHECK_TOOLS(AR, [ar], false) + : ${AR=ar} +-: ${AR_FLAGS=cru} + _LT_DECL([], [AR], [1], [The archiver]) +-_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive]) ++ ++# Use ARFLAGS variable as AR's operation code to sync the variable naming with ++# Automake. If both AR_FLAGS and ARFLAGS are specified, AR_FLAGS should have ++# higher priority because thats what people were doing historically (setting ++# ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS ++# variable obsoleted/removed. ++ ++test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cru} ++lt_ar_flags=$AR_FLAGS ++_LT_DECL([], [lt_ar_flags], [0], [Flags to create an archive (by configure)]) ++ ++# Make AR_FLAGS overridable by 'make ARFLAGS='. Don't try to run-time override ++# by AR_FLAGS because that was never working and AR_FLAGS is about to die. ++_LT_DECL([], [AR_FLAGS], [\@S|@{ARFLAGS-"\@S|@lt_ar_flags"}], ++ [Flags to create an archive]) + + AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file], + [lt_cv_ar_at_file=no +-- +2.23.0 + diff --git a/poky/meta/recipes-devtools/libtool/libtool/lto-prefix.patch b/poky/meta/recipes-devtools/libtool/libtool/lto-prefix.patch deleted file mode 100644 index 2bd010b8e4..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/lto-prefix.patch +++ /dev/null @@ -1,22 +0,0 @@ -If lto is enabled, we need the prefix-map variables to be passed to the linker. -Add these to the list of options libtool passes through. - -Upstream-Status: Pending -Signed-off-by: Richard Purdie - -Index: libtool-2.4.6/build-aux/ltmain.in -=================================================================== ---- libtool-2.4.6.orig/build-aux/ltmain.in -+++ libtool-2.4.6/build-aux/ltmain.in -@@ -5424,9 +5424,10 @@ func_mode_link () - # --sysroot=* for sysroot support - # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization - # -stdlib=* select c++ std lib with clang -+ # -f*-prefix-map* needed for lto linking - -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ - -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ -- -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*) -+ -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*|-f*-prefix-map*) - func_quote_for_eval "$arg" - arg=$func_quote_for_eval_result - func_append compile_command " $arg" diff --git a/poky/meta/recipes-devtools/libtool/libtool/norm-rpath.patch b/poky/meta/recipes-devtools/libtool/libtool/norm-rpath.patch deleted file mode 100644 index 1e4c65e024..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/norm-rpath.patch +++ /dev/null @@ -1,38 +0,0 @@ -libtool: normalize link paths before considering for RPATH - -Libtool may be passed link paths of the form "/usr/lib/../lib", which -fool its detection code into thinking it should be included as an -RPATH in the generated binary. Normalize before comparision. - -Signed-off-by: Andy Ross -Upstream-Status: Pending - -Updated by: Robert Yang - -diff -ur a/build-aux/ltmain.in b/build-aux/ltmain.in ---- a/build-aux/ltmain.in 2012-08-16 13:58:55.058900363 -0700 -+++ b/build-aux/ltmain.in 2012-08-22 11:01:34.191345989 -0700 -@@ -7288,8 +7288,10 @@ - else - # We only want to hardcode in an rpath if it isn't in the - # default dlsearch path. -+ func_normal_abspath "$libdir" -+ libdir_norm=$func_normal_abspath_result - case " $sys_lib_dlsearch_path " in -- *" $libdir "*) ;; -+ *" $libdir_norm "*) ;; - *) eval flag=\"$hardcode_libdir_flag_spec\" - func_append dep_rpath " $flag" - ;; -@@ -8027,8 +8029,10 @@ - else - # We only want to hardcode in an rpath if it isn't in the - # default dlsearch path. -+ func_normal_abspath "$libdir" -+ libdir_norm=$func_normal_abspath_result - case " $sys_lib_dlsearch_path " in -- *" $libdir "*) ;; -+ *" $libdir_norm "*) ;; - *) eval flag=\"$hardcode_libdir_flag_spec\" - rpath+=" $flag" - ;; diff --git a/poky/meta/recipes-devtools/libtool/libtool/rename-with-sysroot.patch b/poky/meta/recipes-devtools/libtool/libtool/rename-with-sysroot.patch deleted file mode 100644 index ad2b110530..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/rename-with-sysroot.patch +++ /dev/null @@ -1,166 +0,0 @@ -Upstream-Status: Pending - -This patch renames the --with-sysroot option to --with-libtool-sysroot -to avoid namespace conflict with binutils, gcc and other toolchain -components. - -I also reported the problem to libtool here - -http://lists.gnu.org/archive/html/libtool/2010-10/msg00048.html - --Khem Raj - -Updated by: Robert Yang - -diff --git a/m4/libtool.m4 b/m4/libtool.m4 ---- a/m4/libtool.m4 -+++ b/m4/libtool.m4 -@@ -1215,28 +1215,28 @@ _LT_DECL([], [ECHO], [1], [An echo program that protects backslashes]) - # ---------------- - AC_DEFUN([_LT_WITH_SYSROOT], - [AC_MSG_CHECKING([for sysroot]) --AC_ARG_WITH([sysroot], --[AS_HELP_STRING([--with-sysroot@<:@=DIR@:>@], -+AC_ARG_WITH([libtool-sysroot], -+[AS_HELP_STRING([--with-libtool-sysroot@<:@=DIR@:>@], - [Search for dependent libraries within DIR (or the compiler's sysroot - if not specified).])], --[], [with_sysroot=no]) -+[], [with_libtool_sysroot=no]) - - dnl lt_sysroot will always be passed unquoted. We quote it here - dnl in case the user passed a directory name. - lt_sysroot= --case $with_sysroot in #( -+case $with_libtool_sysroot in #( - yes) - if test yes = "$GCC"; then - lt_sysroot=`$CC --print-sysroot 2>/dev/null` - fi - ;; #( - /*) -- lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` -+ lt_sysroot=`echo "$with_libtool_sysroot" | sed -e "$sed_quote_subst"` - ;; #( - no|'') - ;; #( - *) -- AC_MSG_RESULT([$with_sysroot]) -+ AC_MSG_RESULT([$with_libtool_sysroot]) - AC_MSG_ERROR([The sysroot must be an absolute path.]) - ;; - esac -diff --git a/tests/sysroot.at b/tests/sysroot.at ---- a/tests/sysroot.at -+++ b/tests/sysroot.at -@@ -64,7 +64,7 @@ while read file; do - done]) - - LDFLAGS="$LDFLAGS --sysroot=$sysroot -no-undefined" --configure_options="$configure_options --with-sysroot=$sysroot --prefix=$prefix" -+configure_options="$configure_options --with-libtool-sysroot=$sysroot --prefix=$prefix" - - #??? - if test PATH = "$shlibpath_var"; then -@@ -114,7 +114,7 @@ AM_INIT_AUTOMAKE([foreign]) - AC_PROG_CC - AC_CONFIG_SRCDIR([lib2.c]) - LT_INIT --sysroot=$with_sysroot -+sysroot=$with_libtool_sysroot - AC_SUBST([sysroot]) - AC_OUTPUT(Makefile) - ]]) -@@ -155,7 +155,7 @@ AM_INIT_AUTOMAKE([foreign]) - AC_PROG_CC - AC_CONFIG_SRCDIR([prog.c]) - LT_INIT --sysroot=$with_sysroot -+sysroot=$with_libtool_sysroot - AC_SUBST([sysroot]) - AC_OUTPUT(Makefile) - ]]) -diff --git a/tests/testsuite b/tests/testsuite ---- a/tests/testsuite -+++ b/tests/testsuite -@@ -48945,7 +48945,7 @@ $at_traceon; } - - - LDFLAGS="$LDFLAGS --sysroot=$sysroot -no-undefined" --configure_options="$configure_options --with-sysroot=$sysroot --prefix=$prefix" -+configure_options="$configure_options --with-libtool-sysroot=$sysroot --prefix=$prefix" - - #??? - if test PATH = "$shlibpath_var"; then -@@ -49154,7 +49154,7 @@ AM_INIT_AUTOMAKE([foreign]) - AC_PROG_CC - AC_CONFIG_SRCDIR([lib2.c]) - LT_INIT --sysroot=$with_sysroot -+sysroot=$with_libtool_sysroot - AC_SUBST([sysroot]) - AC_OUTPUT(Makefile) - _ATEOF -@@ -49342,7 +49342,7 @@ AM_INIT_AUTOMAKE([foreign]) - AC_PROG_CC - AC_CONFIG_SRCDIR([prog.c]) - LT_INIT --sysroot=$with_sysroot -+sysroot=$with_libtool_sysroot - AC_SUBST([sysroot]) - AC_OUTPUT(Makefile) - _ATEOF -@@ -49694,7 +49694,7 @@ $at_traceon; } - - - LDFLAGS="$LDFLAGS --sysroot=$sysroot -no-undefined" --configure_options="$configure_options --with-sysroot=$sysroot --prefix=$prefix" -+configure_options="$configure_options --with-libtool-sysroot=$sysroot --prefix=$prefix" - - #??? - if test PATH = "$shlibpath_var"; then -@@ -49903,7 +49903,7 @@ AM_INIT_AUTOMAKE([foreign]) - AC_PROG_CC - AC_CONFIG_SRCDIR([lib2.c]) - LT_INIT --sysroot=$with_sysroot -+sysroot=$with_libtool_sysroot - AC_SUBST([sysroot]) - AC_OUTPUT(Makefile) - _ATEOF -@@ -50091,7 +50091,7 @@ AM_INIT_AUTOMAKE([foreign]) - AC_PROG_CC - AC_CONFIG_SRCDIR([prog.c]) - LT_INIT --sysroot=$with_sysroot -+sysroot=$with_libtool_sysroot - AC_SUBST([sysroot]) - AC_OUTPUT(Makefile) - _ATEOF -@@ -50443,7 +50443,7 @@ $at_traceon; } - - - LDFLAGS="$LDFLAGS --sysroot=$sysroot -no-undefined" --configure_options="$configure_options --with-sysroot=$sysroot --prefix=$prefix" -+configure_options="$configure_options --with-libtool-sysroot=$sysroot --prefix=$prefix" - - #??? - if test PATH = "$shlibpath_var"; then -@@ -50652,7 +50652,7 @@ AM_INIT_AUTOMAKE([foreign]) - AC_PROG_CC - AC_CONFIG_SRCDIR([lib2.c]) - LT_INIT --sysroot=$with_sysroot -+sysroot=$with_libtool_sysroot - AC_SUBST([sysroot]) - AC_OUTPUT(Makefile) - _ATEOF -@@ -50840,7 +50840,7 @@ AM_INIT_AUTOMAKE([foreign]) - AC_PROG_CC - AC_CONFIG_SRCDIR([prog.c]) - LT_INIT --sysroot=$with_sysroot -+sysroot=$with_libtool_sysroot - AC_SUBST([sysroot]) - AC_OUTPUT(Makefile) - _ATEOF diff --git a/poky/meta/recipes-devtools/libtool/libtool/trailingslash.patch b/poky/meta/recipes-devtools/libtool/libtool/trailingslash.patch deleted file mode 100644 index e8824d7db9..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/trailingslash.patch +++ /dev/null @@ -1,35 +0,0 @@ -Upstream-Status: Pending - -A command like /bin/sh ../../i586-poky-linux-libtool --mode=install /usr/bin/install -c gck-roots-store-standalone.la '/media/data1/builds/poky1/tmp/work/core2-poky-linux/gnome-keyring-2.26.1-r1/image/usr/lib/gnome-keyring/standalone/' fails (e.g. gnome-keyring or pulseaudio) - -This is because libdir has a trailing slash which breaks the comparision. - -RP 2/1/10 - -Merged a patch received from Gary Thomas - -Date: 2010/07/12 -Nitin A Kamble - -Updated by: Robert Yang - -diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in ---- a/build-aux/ltmain.in -+++ b/build-aux/ltmain.in -@@ -2356,8 +2356,15 @@ func_mode_install () - func_append dir "$objdir" - - if test -n "$relink_command"; then -+ # Strip any trailing slash from the destination. -+ func_stripname '' '/' "$libdir" -+ destlibdir=$func_stripname_result -+ -+ func_stripname '' '/' "$destdir" -+ s_destdir=$func_stripname_result -+ - # Determine the prefix the user has applied to our future dir. -- inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"` -+ inst_prefix_dir=`$ECHO "X$s_destdir" | $Xsed -e "s%$destlibdir\$%%"` - - # Don't allow the user to place us outside of our expected - # location b/c this prevents finding dependent libraries that diff --git a/poky/meta/recipes-devtools/libtool/libtool/use-sysroot-in-libpath.patch b/poky/meta/recipes-devtools/libtool/libtool/use-sysroot-in-libpath.patch deleted file mode 100644 index 6af99f327c..0000000000 --- a/poky/meta/recipes-devtools/libtool/libtool/use-sysroot-in-libpath.patch +++ /dev/null @@ -1,22 +0,0 @@ -Upstream-Status: Pending - -When using sysroot we should append it to libdir, which is helpful in -cross builds as the system is staged in the sysroot. For normal builds, -i.e. when lt_sysroot is not set, it will still behave the same and add --L/usr/lib to the relink command. - --Khem Raj -Updated by: Robert Yang - -diff --git a/build-aux/ltmain.in b/build-aux/ltmain.in ---- a/build-aux/ltmain.in -+++ b/build-aux/ltmain.in -@@ -6421,7 +6421,7 @@ func_mode_link () - fi - else - # We cannot seem to hardcode it, guess we'll fake it. -- add_dir=-L$libdir -+ add_dir="-L$lt_sysroot$libdir" - # Try looking first in the location we're being installed to. - if test -n "$inst_prefix_dir"; then - case $libdir in diff --git a/poky/meta/recipes-devtools/python/python3-pyelftools_0.27.bb b/poky/meta/recipes-devtools/python/python3-pyelftools_0.27.bb index 0cfd99504b..e2d0e18277 100644 --- a/poky/meta/recipes-devtools/python/python3-pyelftools_0.27.bb +++ b/poky/meta/recipes-devtools/python/python3-pyelftools_0.27.bb @@ -11,3 +11,5 @@ PYPI_PACKAGE = "pyelftools" inherit pypi setuptools3 BBCLASSEXTEND = "native" + +RDEPENDS:${PN} += "${PYTHON_PN}-debugger ${PYTHON_PN}-pprint" diff --git a/poky/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch b/poky/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch index c4fae09a5b..99968b81de 100644 --- a/poky/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch +++ b/poky/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch @@ -1,7 +1,8 @@ -From 1ad771d86728ee2ed30e202e9768d8d825f96467 Mon Sep 17 00:00:00 2001 +From d9eb634b3d2e6ba831e864c50f6a37c48edfc4f3 Mon Sep 17 00:00:00 2001 From: Matthias Schoepfer Date: Fri, 31 May 2019 15:34:34 +0200 Subject: [PATCH] bpo-36852: proper detection of mips architecture for soft + float When (cross) compiling for softfloat mips, __mips_hard_float will not be @@ -13,18 +14,18 @@ to do this in a more autoconf/autotools manner. Upstream-Status: Submitted [https://github.com/python/cpython/pull/13196] Signed-off-by: Matthias Schoepfer -%% original patch: 0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch + --- configure.ac | 175 +++++++-------------------------------------------- 1 file changed, 21 insertions(+), 154 deletions(-) diff --git a/configure.ac b/configure.ac -index ede710e..bc81b0b 100644 +index e2979a8..337182d 100644 --- a/configure.ac +++ b/configure.ac -@@ -710,160 +710,27 @@ fi - MULTIARCH=$($CC --print-multiarch 2>/dev/null) - AC_SUBST(MULTIARCH) +@@ -728,160 +728,27 @@ then + fi + -AC_MSG_CHECKING([for the platform triplet based on compiler characteristics]) -cat >> conftest.c </dev/null) diff --git a/poky/meta/recipes-devtools/python/python3_3.9.7.bb b/poky/meta/recipes-devtools/python/python3_3.9.7.bb deleted file mode 100644 index 772dcb8d9d..0000000000 --- a/poky/meta/recipes-devtools/python/python3_3.9.7.bb +++ /dev/null @@ -1,402 +0,0 @@ -SUMMARY = "The Python Programming Language" -HOMEPAGE = "http://www.python.org" -DESCRIPTION = "Python is a programming language that lets you work more quickly and integrate your systems more effectively." -LICENSE = "PSFv2" -SECTION = "devel/python" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=c22d2438294c784731bf9dd224a467b7" - -SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ - file://run-ptest \ - file://create_manifest3.py \ - file://get_module_deps3.py \ - file://python3-manifest.json \ - file://check_build_completeness.py \ - file://reformat_sysconfig.py \ - file://cgi_py.patch \ - file://0001-Do-not-add-usr-lib-termcap-to-linker-flags-to-avoid-.patch \ - ${@bb.utils.contains('PACKAGECONFIG', 'tk', '', 'file://avoid_warning_about_tkinter.patch', d)} \ - file://0001-Do-not-use-the-shell-version-of-python-config-that-w.patch \ - file://python-config.patch \ - file://0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch \ - file://0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch \ - file://0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch \ - file://crosspythonpath.patch \ - file://0001-Use-FLAG_REF-always-for-interned-strings.patch \ - file://0001-test_locale.py-correct-the-test-output-format.patch \ - file://0017-setup.py-do-not-report-missing-dependencies-for-disa.patch \ - file://0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch \ - file://0001-Makefile-do-not-compile-.pyc-in-parallel.patch \ - file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \ - file://0001-Lib-sysconfig.py-use-libdir-values-from-configuratio.patch \ - file://0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch \ - file://0001-test_ctypes.test_find-skip-without-tools-sdk.patch \ - file://makerace.patch \ - " - -SRC_URI:append:class-native = " \ - file://0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch \ - file://12-distutils-prefix-is-inside-staging-area.patch \ - file://0001-Don-t-search-system-for-headers-libraries.patch \ - " -SRC_URI[sha256sum] = "f8145616e68c00041d1a6399b76387390388f8359581abc24432bb969b5e3c57" - -# exclude pre-releases for both python 2.x and 3.x -UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar" -UPSTREAM_CHECK_URI = "https://www.python.org/downloads/source/" - -CVE_PRODUCT = "python" - -# Upstream consider this expected behaviour -CVE_CHECK_WHITELIST += "CVE-2007-4559" -# This is not exploitable when glibc has CVE-2016-10739 fixed. -CVE_CHECK_WHITELIST += "CVE-2019-18348" - -# This is windows only issue. -CVE_CHECK_WHITELIST += "CVE-2020-15523" - -PYTHON_MAJMIN = "3.9" - -S = "${WORKDIR}/Python-${PV}" - -BBCLASSEXTEND = "native nativesdk" - -inherit autotools pkgconfig qemu ptest multilib_header update-alternatives - -MULTILIB_SUFFIX = "${@d.getVar('base_libdir',1).split('/')[-1]}" - -ALTERNATIVE:${PN}-dev = "python3-config" -ALTERNATIVE_LINK_NAME[python3-config] = "${bindir}/python${PYTHON_MAJMIN}-config" -ALTERNATIVE_TARGET[python3-config] = "${bindir}/python${PYTHON_MAJMIN}-config-${MULTILIB_SUFFIX}" - - -DEPENDS = "bzip2-replacement-native libffi bzip2 openssl sqlite3 zlib virtual/libintl xz virtual/crypt util-linux libtirpc libnsl2 autoconf-archive-native" -DEPENDS:append:class-target = " python3-native" -DEPENDS:append:class-nativesdk = " python3-native" - -# force to use the mutex+cond implementation (https://bugs.python.org/issue41710) -CFLAGS += "-DHAVE_BROKEN_POSIX_SEMAPHORES" - -EXTRA_OECONF = " --without-ensurepip --enable-shared --with-platlibdir=${baselib}" -EXTRA_OECONF:append:class-native = " --bindir=${bindir}/${PN}" - -export CROSSPYTHONPATH="${STAGING_LIBDIR_NATIVE}/python${PYTHON_MAJMIN}/lib-dynload/" - -EXTRANATIVEPATH += "python3-native" - -# LTO will be enabled via packageconfig depending upong distro features -LTO:class-target = "" - -CACHED_CONFIGUREVARS = " \ - ac_cv_file__dev_ptmx=yes \ - ac_cv_file__dev_ptc=no \ - ac_cv_working_tzset=yes \ -" - -def possibly_include_pgo(d): - # PGO currently causes builds to not be reproducible, so disable it for - # now. See YOCTO #13407 - if bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', True, False, d) and d.getVar('BUILD_REPRODUCIBLE_BINARIES') != '1': - return 'pgo' - - return '' - -PACKAGECONFIG:class-target ??= "readline ${@possibly_include_pgo(d)} gdbm ${@bb.utils.filter('DISTRO_FEATURES', 'lto', d)}" -PACKAGECONFIG:class-native ??= "readline gdbm" -PACKAGECONFIG:class-nativesdk ??= "readline gdbm" -PACKAGECONFIG[readline] = ",,readline" -# Use profile guided optimisation by running PyBench inside qemu-user -PACKAGECONFIG[pgo] = "--enable-optimizations,,qemu-native" -PACKAGECONFIG[tk] = ",,tk" -PACKAGECONFIG[gdbm] = ",,gdbm" -PACKAGECONFIG[lto] = "--with-lto,," - -do_configure:prepend () { - mkdir -p ${B}/Modules - cat > ${B}/Modules/Setup.local << EOF -*disabled* -${@bb.utils.contains('PACKAGECONFIG', 'gdbm', '', '_gdbm _dbm', d)} -${@bb.utils.contains('PACKAGECONFIG', 'readline', '', 'readline', d)} -EOF -} - -CPPFLAGS:append = " -I${STAGING_INCDIR}/ncursesw -I${STAGING_INCDIR}/uuid" - -EXTRA_OEMAKE = '\ - STAGING_LIBDIR=${STAGING_LIBDIR} \ - STAGING_INCDIR=${STAGING_INCDIR} \ - LIB=${baselib} \ -' - -do_compile:prepend:class-target() { - if ${@bb.utils.contains('PACKAGECONFIG', 'pgo', 'true', 'false', d)}; then - qemu_binary="${@qemu_wrapper_cmdline(d, '${STAGING_DIR_TARGET}', ['${B}', '${STAGING_DIR_TARGET}/${base_libdir}'])}" - cat >pgo-wrapper < ${B}/Modules/Setup.local << EOF +*disabled* +${@bb.utils.contains('PACKAGECONFIG', 'gdbm', '', '_gdbm _dbm', d)} +${@bb.utils.contains('PACKAGECONFIG', 'readline', '', 'readline', d)} +EOF +} + +CPPFLAGS:append = " -I${STAGING_INCDIR}/ncursesw -I${STAGING_INCDIR}/uuid" + +EXTRA_OEMAKE = '\ + STAGING_LIBDIR=${STAGING_LIBDIR} \ + STAGING_INCDIR=${STAGING_INCDIR} \ + LIB=${baselib} \ +' + +do_compile:prepend:class-target() { + if ${@bb.utils.contains('PACKAGECONFIG', 'pgo', 'true', 'false', d)}; then + qemu_binary="${@qemu_wrapper_cmdline(d, '${STAGING_DIR_TARGET}', ['${B}', '${STAGING_DIR_TARGET}/${base_libdir}'])}" + cat >pgo-wrapper </base branch, which is pure upstream -stable, and the same @@ -31,7 +31,7 @@ SRCREV_meta ?= "b3ac9c40a22d6b00545b7ce51ef6dfb0cb9d2933" # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" DEFAULT_PREFERENCE:class-devupstream = "-1" -SRCREV_machine:class-devupstream ?= "3dfa869cb79d60a2fe66efb4a11517ec7c89de16" +SRCREV_machine:class-devupstream ?= "545728d9e08593767dd55192b0324dd4f9b71151" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v5.14/base" @@ -42,7 +42,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.14;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.14.17" +LINUX_VERSION ?= "5.14.21" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch new file mode 100644 index 0000000000..b0ff1a0885 --- /dev/null +++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch @@ -0,0 +1,32 @@ +From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001 +From: Changqing Li +Date: Thu, 13 Jan 2022 16:45:59 +0800 +Subject: [PATCH] flac: Fix improper buffer reusing + +CVE: CVE-2021-4156.patch +Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/issues/731] + +Signed-off-by: Changqing Li +--- + src/flac.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/flac.c b/src/flac.c +index 0be82ac..6548bba 100644 +--- a/src/flac.c ++++ b/src/flac.c +@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len) + /* Decode some more. */ + while (pflac->pos < pflac->len) + { if (FLAC__stream_decoder_process_single (pflac->fsd) == 0) ++ { psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ; ++ /* Current frame is busted, so NULL the pointer. */ ++ pflac->frame = NULL ; + break ; ++ } + state = FLAC__stream_decoder_get_state (pflac->fsd) ; + if (state >= FLAC__STREAM_DECODER_END_OF_STREAM) + { psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ; +-- +2.17.1 + diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb index 443ca95e32..884d680fbe 100644 --- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb +++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb @@ -20,6 +20,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ file://CVE-2017-12562.patch \ file://CVE-2018-19758.patch \ file://CVE-2019-3832.patch \ + file://CVE-2021-4156.patch \ " SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c" diff --git a/poky/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch b/poky/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch new file mode 100644 index 0000000000..e866a1a193 --- /dev/null +++ b/poky/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch @@ -0,0 +1,22 @@ +Injection a year based on the current date isn't reproducible. Hack this +to a specific year for now for reproducibilty and to avoid autobuilder failures. + +The correct fix would be to use SOURCE_DATE_EPOCH from the environment and +then this could be submitted upstream, sadly my ruby isn't up to that. + +Upstream-Status: Pending [could be reworked] +Signed-off-by: Richard Purdie + +Index: webkitgtk-2.34.2/Source/JavaScriptCore/generator/GeneratedFile.rb +=================================================================== +--- webkitgtk-2.34.2.orig/Source/JavaScriptCore/generator/GeneratedFile.rb ++++ webkitgtk-2.34.2/Source/JavaScriptCore/generator/GeneratedFile.rb +@@ -25,7 +25,7 @@ require 'date' + require 'digest' + + $LICENSE = <<-EOF +-Copyright (C) #{Date.today.year} Apple Inc. All rights reserved. ++Copyright (C) 2021 Apple Inc. All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.32.3.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.32.3.bb index 1f3f7a9c00..bab1c17902 100644 --- a/poky/meta/recipes-sato/webkit/webkitgtk_2.32.3.bb +++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.32.3.bb @@ -19,6 +19,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://reduce-memory-overheads.patch \ file://musl-lower-stack-usage.patch \ file://0001-MiniBrowser-Fix-reproduciblity.patch \ + file://reproducibility.patch \ " SRC_URI[sha256sum] = "c1f496f5ac654efe4cef62fbd4f2fbeeef265a07c5e7419e5d2900bfeea52cbc" diff --git a/poky/meta/recipes-support/boost/boost/0001-BoostConfig.cmake-allow-searching-for-python310.patch b/poky/meta/recipes-support/boost/boost/0001-BoostConfig.cmake-allow-searching-for-python310.patch new file mode 100644 index 0000000000..0a9ee2cc95 --- /dev/null +++ b/poky/meta/recipes-support/boost/boost/0001-BoostConfig.cmake-allow-searching-for-python310.patch @@ -0,0 +1,50 @@ +From e193f080c7d209516ac9b712fa0c50bb08026fa2 Mon Sep 17 00:00:00 2001 +From: Martin Jansa +Date: Tue, 19 Oct 2021 12:24:31 +0000 +Subject: [PATCH] BoostConfig.cmake: allow searching for python310 + +* accept double digits in Python3_VERSION_MINOR + +* if someone is using e.g.: + find_package(Python3 REQUIRED) + find_package(Boost REQUIRED python${Python3_VERSION_MAJOR}${Python3_VERSION_MINOR}) + + with python-3.10 then it currently fails with: + + -- Found PythonLibs: /usr/lib/libpython3.10.so (found version "3.10.0") + -- Found Python3: -native/usr/bin/python3-native/python3 (found version "3.10.0") found components: Interpreter + CMake Error at /usr/lib/cmake/Boost-1.77.0/BoostConfig.cmake:141 (find_package): + Could not find a package configuration file provided by "boost_python310" + (requested version 1.77.0) with any of the following names: + + boost_python310Config.cmake + boost_python310-config.cmake + + Add the installation prefix of "boost_python310" to CMAKE_PREFIX_PATH or + set "boost_python310_DIR" to a directory containing one of the above files. + If "boost_python310" provides a separate development package or SDK, be + sure it has been installed. + Call Stack (most recent call first): + /usr/lib/cmake/Boost-1.77.0/BoostConfig.cmake:258 (boost_find_component) + /usr/share/cmake-3.21/Modules/FindBoost.cmake:594 (find_package) + CMakeLists.txt:18 (find_package) + +Upstream-Status: Submitted [https://github.com/boostorg/boost_install/pull/53] +Signed-off-by: Martin Jansa +--- + tools/boost_install/BoostConfig.cmake | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tools/boost_install/BoostConfig.cmake b/tools/boost_install/BoostConfig.cmake +index fd17821..5dffa58 100644 +--- a/tools/boost_install/BoostConfig.cmake ++++ b/tools/boost_install/BoostConfig.cmake +@@ -113,7 +113,7 @@ macro(boost_find_component comp required quiet) + set(_BOOST_REQUIRED REQUIRED) + endif() + +- if("${comp}" MATCHES "^(python|numpy|mpi_python)([1-9])([0-9])$") ++ if("${comp}" MATCHES "^(python|numpy|mpi_python)([1-9])([0-9][0-9]?)$") + + # handle pythonXY and numpyXY versioned components for compatibility + diff --git a/poky/meta/recipes-support/boost/boost/0002-math-allow-definition-of-boost_math_no_atomic_int-on-the-command-line.patch b/poky/meta/recipes-support/boost/boost/0002-math-allow-definition-of-boost_math_no_atomic_int-on-the-command-line.patch new file mode 100644 index 0000000000..b05b795084 --- /dev/null +++ b/poky/meta/recipes-support/boost/boost/0002-math-allow-definition-of-boost_math_no_atomic_int-on-the-command-line.patch @@ -0,0 +1,53 @@ +From 32bd6197353f6ea8e5bef01f09e25c944141acfc Mon Sep 17 00:00:00 2001 +From: jzmaddock +Date: Wed, 1 Sep 2021 18:54:54 +0100 +Subject: [PATCH] Allow definition of BOOST_MATH_NO_ATOMIC_INT on the command + line. Allows us to test/emulate platforms with no atomic integers. + +[buildroot@heine.tech: + - backport from boostorg/math 32bd6197353f6ea8e5bef01f09e25c944141acfc + - alter path to match boost release +] +Signed-off-by: Michael Nosthoff +--- +Upstream-Status: Backport [https://github.com/boostorg/math/pull/684/commits/32bd6197353f6ea8e5bef01f09e25c944141acfc] + boost/math/tools/atomic.hpp | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/boost/math/tools/atomic.hpp b/boost/math/tools/atomic.hpp +index cc76ed269f..e3cbf5db89 100644 +--- a/boost/math/tools/atomic.hpp ++++ b/boost/math/tools/atomic.hpp +@@ -16,27 +16,27 @@ + namespace boost { + namespace math { + namespace detail { +-#if ATOMIC_INT_LOCK_FREE == 2 ++#if (ATOMIC_INT_LOCK_FREE == 2) && !defined(BOOST_MATH_NO_ATOMIC_INT) + typedef std::atomic atomic_counter_type; + typedef std::atomic atomic_unsigned_type; + typedef int atomic_integer_type; + typedef unsigned atomic_unsigned_integer_type; +-#elif ATOMIC_SHORT_LOCK_FREE == 2 ++#elif (ATOMIC_SHORT_LOCK_FREE == 2) && !defined(BOOST_MATH_NO_ATOMIC_INT) + typedef std::atomic atomic_counter_type; + typedef std::atomic atomic_unsigned_type; + typedef short atomic_integer_type; + typedef unsigned short atomic_unsigned_type; +-#elif ATOMIC_LONG_LOCK_FREE == 2 ++#elif (ATOMIC_LONG_LOCK_FREE == 2) && !defined(BOOST_MATH_NO_ATOMIC_INT) + typedef std::atomic atomic_unsigned_integer_type; + typedef std::atomic atomic_unsigned_type; + typedef unsigned long atomic_unsigned_type; + typedef long atomic_integer_type; +-#elif ATOMIC_LLONG_LOCK_FREE == 2 ++#elif (ATOMIC_LLONG_LOCK_FREE == 2) && !defined(BOOST_MATH_NO_ATOMIC_INT) + typedef std::atomic atomic_unsigned_integer_type; + typedef std::atomic atomic_unsigned_type; + typedef long long atomic_integer_type; + typedef unsigned long long atomic_unsigned_integer_type; +-#else ++#elif !defined(BOOST_MATH_NO_ATOMIC_INT) + # define BOOST_MATH_NO_ATOMIC_INT + #endif + } // Namespace detail diff --git a/poky/meta/recipes-support/boost/boost/0003-math-make-no-atomics-a-soft-failure-in-bernoulli_details_hpp.patch b/poky/meta/recipes-support/boost/boost/0003-math-make-no-atomics-a-soft-failure-in-bernoulli_details_hpp.patch new file mode 100644 index 0000000000..f69e4f21f3 --- /dev/null +++ b/poky/meta/recipes-support/boost/boost/0003-math-make-no-atomics-a-soft-failure-in-bernoulli_details_hpp.patch @@ -0,0 +1,151 @@ +From 7d482f6ebc356e6ec455ccb5f51a23971bf6ce5b Mon Sep 17 00:00:00 2001 +From: jzmaddock +Date: Wed, 1 Sep 2021 20:31:53 +0100 +Subject: [PATCH] Make no atomics a soft failure in bernoulli_details.hpp. + Include an "escape macro" so thread safety can be disabled if certain + bernoulli features are to be used in a no-atomics environment. Fixes + https://github.com/boostorg/math/issues/673. + +[buildroot@heine.tech: + - backport from boostorg/math 7d482f6ebc356e6ec455ccb5f51a23971bf6ce5b + - alter path to match boost release +] +Signed-off-by: Michael Nosthoff +--- +Upstream-Status: Backport [https://github.com/boostorg/math/pull/684/commits/7d482f6ebc356e6ec455ccb5f51a23971bf6ce5b] + .../detail/bernoulli_details.hpp | 10 +++++++--- + libs/math/test/Jamfile.v2 | 3 +++ + test/compile_test/bernoulli_no_atomic_d.cpp | 14 ++++++++++++++ + test/compile_test/bernoulli_no_atomic_fail.cpp | 15 +++++++++++++++ + test/compile_test/bernoulli_no_atomic_mp.cpp | 16 ++++++++++++++++ + 5 files changed, 55 insertions(+), 3 deletions(-) + create mode 100644 test/compile_test/bernoulli_no_atomic_d.cpp + create mode 100644 test/compile_test/bernoulli_no_atomic_fail.cpp + create mode 100644 test/compile_test/bernoulli_no_atomic_mp.cpp + +diff --git a/boost/math/special_functions/detail/bernoulli_details.hpp b/boost/math/special_functions/detail/bernoulli_details.hpp +index cf35545264..8519b7c89c 100644 +--- a/boost/math/special_functions/detail/bernoulli_details.hpp ++++ b/boost/math/special_functions/detail/bernoulli_details.hpp +@@ -360,7 +360,7 @@ class bernoulli_numbers_cache + return out; + } + +- #ifndef BOOST_HAS_THREADS ++ #if !defined(BOOST_HAS_THREADS) || defined(BOOST_MATH_BERNOULLI_UNTHREADED) + // + // Single threaded code, very simple: + // +@@ -382,6 +382,8 @@ class bernoulli_numbers_cache + *out = (i >= m_overflow_limit) ? policies::raise_overflow_error("boost::math::bernoulli_b2n<%1%>(std::size_t)", 0, T(i), pol) : bn[i]; + ++out; + } ++ #elif defined(BOOST_MATH_NO_ATOMIC_INT) ++ static_assert(sizeof(T) == 1, "Unsupported configuration: your platform appears to have no atomic integers. If you are happy with thread-unsafe code, then you may define BOOST_MATH_BERNOULLI_UNTHREADED to suppress this error."); + #else + // + // Double-checked locking pattern, lets us access cached already cached values +@@ -464,7 +466,7 @@ class bernoulli_numbers_cache + return out; + } + +- #ifndef BOOST_HAS_THREADS ++ #if !defined(BOOST_HAS_THREADS) || defined(BOOST_MATH_BERNOULLI_UNTHREADED) + // + // Single threaded code, very simple: + // +@@ -494,6 +496,8 @@ class bernoulli_numbers_cache + } + ++out; + } ++ #elif defined(BOOST_MATH_NO_ATOMIC_INT) ++ static_assert(sizeof(T) == 1, "Unsupported configuration: your platform appears to have no atomic integers. If you are happy with thread-unsafe code, then you may define BOOST_MATH_BERNOULLI_UNTHREADED to suppress this error."); + #else + // + // Double-checked locking pattern, lets us access cached already cached values +@@ -555,7 +559,7 @@ class bernoulli_numbers_cache + // The value at which we know overflow has already occurred for the Bn: + std::size_t m_overflow_limit; + +- #ifdef BOOST_HAS_THREADS ++ #if defined(BOOST_HAS_THREADS) && !defined(BOOST_MATH_NO_ATOMIC_INT) + std::mutex m_mutex; + atomic_counter_type m_counter, m_current_precision; + #else +diff --git a/libs/math/test/Jamfile.v2 b/libs/math/test/Jamfile.v2 +index 52fb87f5e5..3ac63f9279 100644 +--- a/libs/math/test/Jamfile.v2 ++++ b/libs/math/test/Jamfile.v2 +@@ -1137,6 +1137,9 @@ test-suite misc : + + # [ run __temporary_test.cpp test_instances//test_instances : : : always_show_run_output off ] + [ compile test_no_long_double_policy.cpp ] ++ [ compile compile_test/bernoulli_no_atomic_d.cpp ] ++ [ compile compile_test/bernoulli_no_atomic_mp.cpp ] ++ [ compile-fail compile_test/bernoulli_no_atomic_fail.cpp ] + ; + + test-suite interpolators : +diff --git a/test/compile_test/bernoulli_no_atomic_d.cpp b/test/compile_test/bernoulli_no_atomic_d.cpp +new file mode 100644 +index 0000000000..61926f7e1f +--- /dev/null ++++ b/test/compile_test/bernoulli_no_atomic_d.cpp +@@ -0,0 +1,14 @@ ++// (C) Copyright John Maddock 2021. ++// Use, modification and distribution are subject to the ++// Boost Software License, Version 1.0. (See accompanying file ++// LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) ++ ++#define BOOST_MATH_NO_ATOMIC_INT ++ ++#include ++#include "test_compile_result.hpp" ++ ++void compile_and_link_test() ++{ ++ check_result(boost::math::bernoulli_b2n(4)); ++} +diff --git a/test/compile_test/bernoulli_no_atomic_fail.cpp b/test/compile_test/bernoulli_no_atomic_fail.cpp +new file mode 100644 +index 0000000000..bbd7152412 +--- /dev/null ++++ b/test/compile_test/bernoulli_no_atomic_fail.cpp +@@ -0,0 +1,15 @@ ++// (C) Copyright John Maddock 2021. ++// Use, modification and distribution are subject to the ++// Boost Software License, Version 1.0. (See accompanying file ++// LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) ++ ++#define BOOST_MATH_NO_ATOMIC_INT ++ ++#include ++#include ++#include "test_compile_result.hpp" ++ ++void compile_and_link_test() ++{ ++ check_result(boost::math::bernoulli_b2n(4)); ++} +diff --git a/test/compile_test/bernoulli_no_atomic_mp.cpp b/test/compile_test/bernoulli_no_atomic_mp.cpp +new file mode 100644 +index 0000000000..8d5a6e78e6 +--- /dev/null ++++ b/test/compile_test/bernoulli_no_atomic_mp.cpp +@@ -0,0 +1,16 @@ ++// (C) Copyright John Maddock 2021. ++// Use, modification and distribution are subject to the ++// Boost Software License, Version 1.0. (See accompanying file ++// LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) ++ ++#define BOOST_MATH_NO_ATOMIC_INT ++#define BOOST_MATH_BERNOULLI_UNTHREADED ++ ++#include ++#include ++#include "test_compile_result.hpp" ++ ++void compile_and_link_test() ++{ ++ check_result(boost::math::bernoulli_b2n(4)); ++} diff --git a/poky/meta/recipes-support/boost/boost_1.77.0.bb b/poky/meta/recipes-support/boost/boost_1.77.0.bb index df8e08ad76..bde6b14a79 100644 --- a/poky/meta/recipes-support/boost/boost_1.77.0.bb +++ b/poky/meta/recipes-support/boost/boost_1.77.0.bb @@ -6,4 +6,7 @@ SRC_URI += "file://boost-CVE-2012-2677.patch \ file://0001-Don-t-set-up-arch-instruction-set-flags-we-do-that-o.patch \ file://0001-dont-setup-compiler-flags-m32-m64.patch \ file://0001-fiber-libs-Define-SYS_futex-if-it-does-not-exist.patch \ + file://0001-BoostConfig.cmake-allow-searching-for-python310.patch \ + file://0002-math-allow-definition-of-boost_math_no_atomic_int-on-the-command-line.patch \ + file://0003-math-make-no-atomics-a-soft-failure-in-bernoulli_details_hpp.patch \ " diff --git a/poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch b/poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch new file mode 100644 index 0000000000..095fb21eaa --- /dev/null +++ b/poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch @@ -0,0 +1,27 @@ +CVE: CVE-2021-43618 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +# HG changeset patch +# User Marco Bodrato +# Date 1634836009 -7200 +# Node ID 561a9c25298e17bb01896801ff353546c6923dbd +# Parent e1fd9db13b475209a864577237ea4b9105b3e96e +mpz/inp_raw.c: Avoid bit size overflows + +diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c +--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100 ++++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200 +@@ -88,8 +88,11 @@ + + abs_csize = ABS (csize); + ++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) ++ return 0; /* Bit size overflows */ ++ + /* round up to a multiple of limbs */ +- abs_xsize = BITS_TO_LIMBS (abs_csize*8); ++ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8); + + if (abs_xsize != 0) + { diff --git a/poky/meta/recipes-support/gmp/gmp_6.2.1.bb b/poky/meta/recipes-support/gmp/gmp_6.2.1.bb index d5996abd00..e61582afdf 100644 --- a/poky/meta/recipes-support/gmp/gmp_6.2.1.bb +++ b/poky/meta/recipes-support/gmp/gmp_6.2.1.bb @@ -12,6 +12,7 @@ SRC_URI = "https://gmplib.org/download/${BPN}/${BP}${REVISION}.tar.bz2 \ file://use-includedir.patch \ file://0001-Append-the-user-provided-flags-to-the-auto-detected-.patch \ file://0001-confiure.ac-Believe-the-cflags-from-environment.patch \ + file://cve-2021-43618.patch \ " SRC_URI[md5sum] = "28971fc21cf028042d4897f02fd355ea" SRC_URI[sha256sum] = "eae9326beb4158c386e39a356818031bd28f3124cf915f8c5b1dc4c7a36b4d7c" diff --git a/poky/meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch b/poky/meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch new file mode 100644 index 0000000000..28c61cd782 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0001-patch-8.2.3581-reading-character-past-end-of-line.patch @@ -0,0 +1,62 @@ +CVE: CVE-2021-3927 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From 93b427c6e729260d0700c3b2804ec153bc8284fa Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Thu, 4 Nov 2021 15:10:11 +0000 +Subject: [PATCH] patch 8.2.3581: reading character past end of line + +Problem: Reading character past end of line. +Solution: Correct the cursor column. +--- + src/ex_docmd.c | 1 + + src/testdir/test_put.vim | 12 ++++++++++++ + src/version.c | 2 ++ + 3 files changed, 15 insertions(+) + +diff --git a/src/ex_docmd.c b/src/ex_docmd.c +index fde726477..59e245bee 100644 +--- a/src/ex_docmd.c ++++ b/src/ex_docmd.c +@@ -6905,6 +6905,7 @@ ex_put(exarg_T *eap) + eap->forceit = TRUE; + } + curwin->w_cursor.lnum = eap->line2; ++ check_cursor_col(); + do_put(eap->regname, eap->forceit ? BACKWARD : FORWARD, 1L, + PUT_LINE|PUT_CURSLINE); + } +diff --git a/src/testdir/test_put.vim b/src/testdir/test_put.vim +index 225ebd1f3..922e5b269 100644 +--- a/src/testdir/test_put.vim ++++ b/src/testdir/test_put.vim +@@ -113,3 +113,15 @@ func Test_put_p_indent_visual() + call assert_equal('select that text', getline(2)) + bwipe! + endfunc ++ ++func Test_put_above_first_line() ++ new ++ let @" = 'text' ++ silent! normal 0o00 ++ 0put ++ call assert_equal('text', getline(1)) ++ bwipe! ++endfunc ++ ++ ++" vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index a9e8be0e7..df4ec9a47 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3581, + /**/ + 3564, + /**/ diff --git a/poky/meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch new file mode 100644 index 0000000000..d117a98893 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch @@ -0,0 +1,63 @@ +CVE: CVE-2021-3928 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From ade0f0481969f1453c60e7c8354b00dfe4238739 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Thu, 4 Nov 2021 15:46:05 +0000 +Subject: [PATCH] patch 8.2.3582: reading uninitialized memory when giving + spell suggestions + +Problem: Reading uninitialized memory when giving spell suggestions. +Solution: Check that preword is not empty. +--- + src/spellsuggest.c | 2 +- + src/testdir/test_spell.vim | 8 ++++++++ + src/version.c | 2 ++ + 3 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/spellsuggest.c b/src/spellsuggest.c +index 9d6df7930..8615d5280 100644 +--- a/src/spellsuggest.c ++++ b/src/spellsuggest.c +@@ -1600,7 +1600,7 @@ suggest_trie_walk( + // char, e.g., "thes," -> "these". + p = fword + sp->ts_fidx; + MB_PTR_BACK(fword, p); +- if (!spell_iswordp(p, curwin)) ++ if (!spell_iswordp(p, curwin) && *preword != NUL) + { + p = preword + STRLEN(preword); + MB_PTR_BACK(preword, p); +diff --git a/src/testdir/test_spell.vim b/src/testdir/test_spell.vim +index 79fb8927c..e435e9172 100644 +--- a/src/testdir/test_spell.vim ++++ b/src/testdir/test_spell.vim +@@ -498,6 +498,14 @@ func Test_spell_screendump() + call delete('XtestSpell') + endfunc + ++func Test_spell_single_word() ++ new ++ silent! norm 0R00 ++ spell! ß ++ silent 0norm 0r$ Dvz= ++ bwipe! ++endfunc ++ + let g:test_data_aff1 = [ + \"SET ISO8859-1", + \"TRY esianrtolcdugmphbyfvkwjkqxz-\xEB\xE9\xE8\xEA\xEF\xEE\xE4\xE0\xE2\xF6\xFC\xFB'ESIANRTOLCDUGMPHBYFVKWJKQXZ", +diff --git a/src/version.c b/src/version.c +index df4ec9a47..e1bc0d09b 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3582, + /**/ + 3581, + /**/ diff --git a/poky/meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch new file mode 100644 index 0000000000..58d3442677 --- /dev/null +++ b/poky/meta/recipes-support/vim/files/0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch @@ -0,0 +1,92 @@ +CVE: CVE-2021-3973 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From b6154e9f530544ddc3130d981caae0dabc053757 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Wed, 17 Nov 2021 18:00:31 +0000 +Subject: [PATCH] patch 8.2.3611: crash when using CTRL-W f without finding a + file name Problem: Crash when using CTRL-W f without finding + a file name. Solution: Bail out when the file name length is zero. + +--- + src/findfile.c | 8 ++++++++ + src/normal.c | 6 ++++-- + src/testdir/test_visual.vim | 8 ++++++++ + src/version.c | 2 ++ + 4 files changed, 22 insertions(+), 2 deletions(-) + +diff --git a/src/findfile.c b/src/findfile.c +index dba547da1..5764fd7b8 100644 +--- a/src/findfile.c ++++ b/src/findfile.c +@@ -1727,6 +1727,9 @@ find_file_in_path_option( + proc->pr_WindowPtr = (APTR)-1L; + # endif + ++ if (len == 0) ++ return NULL; ++ + if (first == TRUE) + { + // copy file name into NameBuff, expanding environment variables +@@ -2094,7 +2097,12 @@ find_file_name_in_path( + int c; + # if defined(FEAT_FIND_ID) && defined(FEAT_EVAL) + char_u *tofree = NULL; ++# endif + ++ if (len == 0) ++ return NULL; ++ ++# if defined(FEAT_FIND_ID) && defined(FEAT_EVAL) + if ((options & FNAME_INCL) && *curbuf->b_p_inex != NUL) + { + tofree = eval_includeexpr(ptr, len); +diff --git a/src/normal.c b/src/normal.c +index 7cb959257..f0084f2ac 100644 +--- a/src/normal.c ++++ b/src/normal.c +@@ -3778,8 +3778,10 @@ get_visual_text( + *pp = ml_get_pos(&VIsual); + *lenp = curwin->w_cursor.col - VIsual.col + 1; + } +- if (has_mbyte) +- // Correct the length to include the whole last character. ++ if (**pp == NUL) ++ *lenp = 0; ++ if (has_mbyte && *lenp > 0) ++ // Correct the length to include all bytes of the last character. + *lenp += (*mb_ptr2len)(*pp + (*lenp - 1)) - 1; + } + reset_VIsual_and_resel(); +diff --git a/src/testdir/test_visual.vim b/src/testdir/test_visual.vim +index ae281238e..0705fdb57 100644 +--- a/src/testdir/test_visual.vim ++++ b/src/testdir/test_visual.vim +@@ -894,4 +894,12 @@ func Test_block_insert_replace_tabs() + bwipe! + endfunc + ++func Test_visual_block_ctrl_w_f() ++ " Emtpy block selected in new buffer should not result in an error. ++ au! BufNew foo sil norm f ++ edit foo ++ ++ au! BufNew ++endfunc ++ + " vim: shiftwidth=2 sts=2 expandtab +diff --git a/src/version.c b/src/version.c +index 52be3c39d..59a314b3a 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -742,6 +742,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 3611, + /**/ + 3582, + /**/ diff --git a/poky/meta/recipes-support/vim/vim.inc b/poky/meta/recipes-support/vim/vim.inc index 943856e07c..6cdf157cb6 100644 --- a/poky/meta/recipes-support/vim/vim.inc +++ b/poky/meta/recipes-support/vim/vim.inc @@ -23,6 +23,9 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://0003-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch \ file://0004-patch-8.2.3489-ml_get-error-after-search-with-range.patch \ file://0005-patch-8.2.3564-invalid-memory-access-when-scrolling-.patch \ + file://0001-patch-8.2.3581-reading-character-past-end-of-line.patch \ + file://0002-patch-8.2.3582-reading-uninitialized-memory-when-giv.patch \ + file://0002-patch-8.2.3611-crash-when-using-CTRL-W-f-without-fin.patch \ " SRCREV = "98056533b96b6b5d8849641de93185dd7bcadc44" @@ -30,6 +33,9 @@ SRCREV = "98056533b96b6b5d8849641de93185dd7bcadc44" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+)\.0" +# CVE-2021-3968 is related to an issue which was introduced after 8.2, this can be removed after 8.3. +CVE_CHECK_WHITELIST += "CVE-2021-3968" + S = "${WORKDIR}/git" VIMDIR = "vim${@d.getVar('PV').split('.')[0]}${@d.getVar('PV').split('.')[1]}" diff --git a/poky/scripts/buildhistory-diff b/poky/scripts/buildhistory-diff index 3bd40a2a1e..a6e785aa23 100755 --- a/poky/scripts/buildhistory-diff +++ b/poky/scripts/buildhistory-diff @@ -11,7 +11,6 @@ import sys import os import argparse -from distutils.version import LooseVersion # Ensure PythonGit is installed (buildhistory_analysis needs it) try: @@ -73,10 +72,6 @@ def main(): parser = get_args_parser() args = parser.parse_args() - if LooseVersion(git.__version__) < '0.3.1': - sys.stderr.write("Version of GitPython is too old, please install GitPython (python-git) 0.3.1 or later in order to use this script\n") - sys.exit(1) - if len(args.revisions) > 2: sys.stderr.write('Invalid argument(s) specified: %s\n\n' % ' '.join(args.revisions[2:])) parser.print_help() diff --git a/poky/scripts/lib/checklayer/cases/common.py b/poky/scripts/lib/checklayer/cases/common.py index b82304e361..4495f71b24 100644 --- a/poky/scripts/lib/checklayer/cases/common.py +++ b/poky/scripts/lib/checklayer/cases/common.py @@ -14,7 +14,7 @@ class CommonCheckLayer(OECheckLayerTestCase): # The top-level README file may have a suffix (like README.rst or README.txt). readme_files = glob.glob(os.path.join(self.tc.layer['path'], '[Rr][Ee][Aa][Dd][Mm][Ee]*')) self.assertTrue(len(readme_files) > 0, - msg="Layer doesn't contains README file.") + msg="Layer doesn't contain a README file.") # There might be more than one file matching the file pattern above # (for example, README.rst and README-COPYING.rst). The one with the shortest diff --git a/poky/scripts/lib/recipetool/create.py b/poky/scripts/lib/recipetool/create.py index a6607b97c6..63e7f0658b 100644 --- a/poky/scripts/lib/recipetool/create.py +++ b/poky/scripts/lib/recipetool/create.py @@ -366,7 +366,7 @@ def supports_srcrev(uri): def reformat_git_uri(uri): '''Convert any http[s]://....git URI into git://...;protocol=http[s]''' checkuri = uri.split(';', 1)[0] - if checkuri.endswith('.git') or '/git/' in checkuri or re.match('https?://github.com/[^/]+/[^/]+/?$', checkuri): + if checkuri.endswith('.git') or '/git/' in checkuri or re.match('https?://git(hub|lab).com/[^/]+/[^/]+/?$', checkuri): # Appends scheme if the scheme is missing if not '://' in uri: uri = 'git://' + uri @@ -389,9 +389,6 @@ def reformat_git_uri(uri): parms.update({('protocol', 'ssh')}) elif (scheme == "http" or scheme == 'https' or scheme == 'ssh') and not ('protocol' in parms): parms.update({('protocol', scheme)}) - # We assume 'master' branch if not set - if not 'branch' in parms: - parms.update({('branch', 'master')}) # Always append 'git://' fUrl = bb.fetch2.encodeurl(('git', host, path, user, pswd, parms)) return fUrl @@ -481,6 +478,9 @@ def create_recipe(args): storeTagName = params['tag'] params['nobranch'] = '1' del params['tag'] + # Assume 'master' branch if not set + if scheme in ['git', 'gitsm'] and 'branch' not in params and 'nobranch' not in params: + params['branch'] = 'master' fetchuri = bb.fetch2.encodeurl((scheme, network, path, user, passwd, params)) tmpparent = tinfoil.config_data.getVar('BASE_WORKDIR') @@ -530,10 +530,9 @@ def create_recipe(args): # Remove HEAD reference point and drop remote prefix get_branch = [x.split('/', 1)[1] for x in get_branch if not x.startswith('origin/HEAD')] if 'master' in get_branch: - # If it is master, we do not need to append 'branch=master' as this is default. # Even with the case where get_branch has multiple objects, if 'master' is one # of them, we should default take from 'master' - srcbranch = '' + srcbranch = 'master' elif len(get_branch) == 1: # If 'master' isn't in get_branch and get_branch contains only ONE object, then store result into 'srcbranch' srcbranch = get_branch[0] @@ -546,8 +545,8 @@ def create_recipe(args): # Since we might have a value in srcbranch, we need to # recontruct the srcuri to include 'branch' in params. scheme, network, path, user, passwd, params = bb.fetch2.decodeurl(srcuri) - if srcbranch: - params['branch'] = srcbranch + if scheme in ['git', 'gitsm']: + params['branch'] = srcbranch or 'master' if storeTagName and scheme in ['git', 'gitsm']: # Check srcrev using tag and check validity of the tag @@ -606,7 +605,7 @@ def create_recipe(args): splitline = line.split() if len(splitline) > 1: if splitline[0] == 'origin' and scriptutils.is_src_url(splitline[1]): - srcuri = reformat_git_uri(splitline[1]) + srcuri = reformat_git_uri(splitline[1]) + ';branch=master' srcsubdir = 'git' break diff --git a/poky/scripts/lib/recipetool/create_buildsys.py b/poky/scripts/lib/recipetool/create_buildsys.py index 35a97c9345..5015634476 100644 --- a/poky/scripts/lib/recipetool/create_buildsys.py +++ b/poky/scripts/lib/recipetool/create_buildsys.py @@ -545,7 +545,7 @@ class AutotoolsRecipeHandler(RecipeHandler): deps.append('zlib') elif keyword in ('AX_CHECK_OPENSSL', 'AX_LIB_CRYPTO'): deps.append('openssl') - elif keyword == 'AX_LIB_CURL': + elif keyword in ('AX_LIB_CURL', 'LIBCURL_CHECK_CONFIG'): deps.append('curl') elif keyword == 'AX_LIB_BEECRYPT': deps.append('beecrypt') @@ -624,6 +624,7 @@ class AutotoolsRecipeHandler(RecipeHandler): 'AX_CHECK_OPENSSL', 'AX_LIB_CRYPTO', 'AX_LIB_CURL', + 'LIBCURL_CHECK_CONFIG', 'AX_LIB_BEECRYPT', 'AX_LIB_EXPAT', 'AX_LIB_GCRYPT', diff --git a/poky/scripts/lib/scriptutils.py b/poky/scripts/lib/scriptutils.py index 3164171eb2..47a08194d0 100644 --- a/poky/scripts/lib/scriptutils.py +++ b/poky/scripts/lib/scriptutils.py @@ -18,7 +18,8 @@ import sys import tempfile import threading import importlib -from importlib import machinery +import importlib.machinery +import importlib.util class KeepAliveStreamHandler(logging.StreamHandler): def __init__(self, keepalive=True, **kwargs): @@ -82,7 +83,9 @@ def load_plugins(logger, plugins, pluginpath): logger.debug('Loading plugin %s' % name) spec = importlib.machinery.PathFinder.find_spec(name, path=[pluginpath] ) if spec: - return spec.loader.load_module() + mod = importlib.util.module_from_spec(spec) + spec.loader.exec_module(mod) + return mod def plugin_name(filename): return os.path.splitext(os.path.basename(filename))[0] diff --git a/poky/scripts/lib/wic/engine.py b/poky/scripts/lib/wic/engine.py index 018815b966..674ccfc244 100644 --- a/poky/scripts/lib/wic/engine.py +++ b/poky/scripts/lib/wic/engine.py @@ -19,10 +19,10 @@ import os import tempfile import json import subprocess +import shutil import re from collections import namedtuple, OrderedDict -from distutils.spawn import find_executable from wic import WicError from wic.filemap import sparse_copy @@ -245,7 +245,7 @@ class Disk: for path in pathlist.split(':'): self.paths = "%s%s:%s" % (native_sysroot, path, self.paths) - self.parted = find_executable("parted", self.paths) + self.parted = shutil.which("parted", path=self.paths) if not self.parted: raise WicError("Can't find executable parted") @@ -283,7 +283,7 @@ class Disk: "resize2fs", "mkswap", "mkdosfs", "debugfs","blkid"): aname = "_%s" % name if aname not in self.__dict__: - setattr(self, aname, find_executable(name, self.paths)) + setattr(self, aname, shutil.which(name, path=self.paths)) if aname not in self.__dict__ or self.__dict__[aname] is None: raise WicError("Can't find executable '{}'".format(name)) return self.__dict__[aname] diff --git a/poky/scripts/lib/wic/misc.py b/poky/scripts/lib/wic/misc.py index 57c042c503..3e11822996 100644 --- a/poky/scripts/lib/wic/misc.py +++ b/poky/scripts/lib/wic/misc.py @@ -16,9 +16,9 @@ import logging import os import re import subprocess +import shutil from collections import defaultdict -from distutils import spawn from wic import WicError @@ -122,7 +122,7 @@ def find_executable(cmd, paths): if provided and "%s-native" % recipe in provided: return True - return spawn.find_executable(cmd, paths) + return shutil.which(cmd, path=paths) def exec_native_cmd(cmd_and_args, native_sysroot, pseudo=""): """ diff --git a/poky/scripts/lib/wic/pluginbase.py b/poky/scripts/lib/wic/pluginbase.py index d9b4e57747..b64568339b 100644 --- a/poky/scripts/lib/wic/pluginbase.py +++ b/poky/scripts/lib/wic/pluginbase.py @@ -9,9 +9,11 @@ __all__ = ['ImagerPlugin', 'SourcePlugin'] import os import logging +import types from collections import defaultdict -from importlib.machinery import SourceFileLoader +import importlib +import importlib.util from wic import WicError from wic.misc import get_bitbake_var @@ -54,7 +56,9 @@ class PluginMgr: mname = fname[:-3] mpath = os.path.join(ppath, fname) logger.debug("loading plugin module %s", mpath) - SourceFileLoader(mname, mpath).load_module() + spec = importlib.util.spec_from_file_location(mname, mpath) + module = importlib.util.module_from_spec(spec) + spec.loader.exec_module(module) return PLUGINS.get(ptype) diff --git a/poky/scripts/lib/wic/plugins/imager/direct.py b/poky/scripts/lib/wic/plugins/imager/direct.py index 495518fac8..e57fba9c12 100644 --- a/poky/scripts/lib/wic/plugins/imager/direct.py +++ b/poky/scripts/lib/wic/plugins/imager/direct.py @@ -259,6 +259,8 @@ class DirectPlugin(ImagerPlugin): if part.mountpoint == "/": if part.uuid: return "PARTUUID=%s" % part.uuid + elif part.label: + return "PARTLABEL=%s" % part.label else: suffix = 'p' if part.disk.startswith('mmcblk') else '' return "/dev/%s%s%-d" % (part.disk, suffix, part.realnum) diff --git a/poky/scripts/runqemu b/poky/scripts/runqemu index c467b0eb19..66e035c9af 100755 --- a/poky/scripts/runqemu +++ b/poky/scripts/runqemu @@ -1580,7 +1580,8 @@ def main(): def sigterm_handler(signum, frame): logger.info("SIGTERM received") - os.kill(config.qemupid, signal.SIGTERM) + if config.qemupid: + os.kill(config.qemupid, signal.SIGTERM) config.cleanup() # Deliberately ignore the return code of 'tput smam'. subprocess.call(["tput", "smam"]) diff --git a/poky/scripts/wic b/poky/scripts/wic index 57197c2048..4bcff8f79c 100755 --- a/poky/scripts/wic +++ b/poky/scripts/wic @@ -22,9 +22,9 @@ import sys import argparse import logging import subprocess +import shutil from collections import namedtuple -from distutils import spawn # External modules scripts_path = os.path.dirname(os.path.realpath(__file__)) @@ -47,7 +47,7 @@ if os.environ.get('SDKTARGETSYSROOT'): break sdkroot = os.path.dirname(sdkroot) -bitbake_exe = spawn.find_executable('bitbake') +bitbake_exe = shutil.which('bitbake') if bitbake_exe: bitbake_path = scriptpath.add_bitbake_lib_path() import bb -- cgit v1.2.3