Date   

[poky][dunfell][PATCH 2/6] tzdata: Remove BSD License specifier

Nisha Parrakat
 

From: Joshua Watt <JPEWhacker@...>

The code in question is licensed under the BSD-3-Clause license, so
including the generic "BSD" license is unnecessary.

(From OE-Core rev: c39fc075ce3fd5b53c2a2fccb43500ee0a12f39d)

Signed-off-by: Joshua Watt <JPEWhacker@...>
Signed-off-by: Richard Purdie <richard.purdie@...>
Signed-off-by: Nisha Parrakat <nishaparrakat@...>
---
meta/recipes-extended/timezone/timezone.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc
index e9eb249afe..43d14d7f12 100644
--- a/meta/recipes-extended/timezone/timezone.inc
+++ b/meta/recipes-extended/timezone/timezone.inc
@@ -3,7 +3,7 @@ DESCRIPTION = "The Time Zone Database contains code and data that represent \
the history of local time for many representative locations around the globe."
HOMEPAGE = "http://www.iana.org/time-zones"
SECTION = "base"
-LICENSE = "PD & BSD & BSD-3-Clause"
+LICENSE = "PD & BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba"

PV = "2021e"
--
2.17.1


[poky][dunfell][PATCH 4/6] glib-2.0: Use specific BSD license variant

Nisha Parrakat
 

From: Joshua Watt <JPEWhacker@...>

Make the license more accurate by specifying the specific variant of BSD
license instead of the generic one. This helps with SPDX license
attribution as "BSD" is not a valid SPDX license.

(From OE-Core rev: 91cd1ef01a3f3883c04bac67af2672ec60e20fb8)

Signed-off-by: Joshua Watt <JPEWhacker@...>
Signed-off-by: Richard Purdie <richard.purdie@...>
Signed-off-by: Nisha Parrakat <nishaparrakat@...>
---
meta/recipes-core/glib-2.0/glib.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/glib-2.0/glib.inc b/meta/recipes-core/glib-2.0/glib.inc
index c3ddf18387..1849a6e05c 100644
--- a/meta/recipes-core/glib-2.0/glib.inc
+++ b/meta/recipes-core/glib-2.0/glib.inc
@@ -4,7 +4,7 @@ HOMEPAGE = "https://developer.gnome.org/glib/"

# pcre is under BSD;
# docs/reference/COPYING is with a 'public domain'-like license!
-LICENSE = "LGPLv2.1+ & BSD & PD"
+LICENSE = "LGPLv2.1+ & BSD-3-Clause & PD"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \
file://glib/glib.h;beginline=4;endline=17;md5=b88abb7f3ad09607e71cb9d530155906 \
file://gmodule/COPYING;md5=4fbd65380cdd255951079008b364516c \
--
2.17.1


[poky][dunfell][PATCH 1/6] lsof: correct LICENSE

Nisha Parrakat
 

From: Ross Burton <ross@...>

The lsof LICENSE is superficially BSD-like, but it isn't BSD. Now that
we have the full SPDX license set in oe-core, use Spencer-94.

(From OE-Core rev: 5c1d61d1d4dfacb643a366285c0392e6a31087ed)

Signed-off-by: Ross Burton <ross.burton@...>
Signed-off-by: Richard Purdie <richard.purdie@...>
Signed-off-by: Nisha Parrakat <nishaparrakat@...>
---
meta/recipes-extended/lsof/lsof_4.91.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-extended/lsof/lsof_4.91.bb b/meta/recipes-extended/lsof/lsof_4.91.bb
index b3adfd57af..7c85bf23fc 100644
--- a/meta/recipes-extended/lsof/lsof_4.91.bb
+++ b/meta/recipes-extended/lsof/lsof_4.91.bb
@@ -3,7 +3,7 @@ DESCRIPTION = "Lsof is a Unix-specific diagnostic tool. \
Its name stands for LiSt Open Files, and it does just that."
HOMEPAGE = "http://people.freebsd.org/~abe/"
SECTION = "devel"
-LICENSE = "BSD"
+LICENSE = "Spencer-94"
LIC_FILES_CHKSUM = "file://00README;beginline=645;endline=679;md5=964df275d26429ba3b39dbb9f205172a"

# Upstream lsof releases are hosted on an ftp server which times out download
--
2.17.1


[PATCH v3] yocto-check-layer: add debug output for the layers that were found

Ross Burton <ross@...>
 

When debugging weird yocto-check-layer output it is useful to know
what the tool found when looking for layers.

Signed-off-by: Ross Burton <ross.burton@...>
---
scripts/yocto-check-layer | 13 +++++++++++++
1 file changed, 13 insertions(+)

diff --git a/scripts/yocto-check-layer b/scripts/yocto-check-layer
index 2445ad5e43f..f3cf139d8a5 100755
--- a/scripts/yocto-check-layer
+++ b/scripts/yocto-check-layer
@@ -41,6 +41,12 @@ def test_layer(td, layer, test_software_layer_signatur=
es):
tc.loadTests(CASES_PATHS)
return tc.runTests()
=20
+def dump_layer_debug(layer):
+ logger.debug("Found layer %s (%s)" % (layer["name"], layer["path"]))
+ collections =3D layer.get("collections", {})
+ if collections:
+ logger.debug("%s collections: %s" % (layer["name"], ", ".join(co=
llections)))
+
def main():
parser =3D argparse.ArgumentParser(
description=3D"Yocto Project layer checking tool",
@@ -106,6 +112,13 @@ def main():
else:
dep_layers =3D layers
=20
+ logger.debug("Found additional layers:")
+ for l in additional_layers:
+ dump_layer_debug(l)
+ logger.debug("Found dependency layers:")
+ for l in dep_layers:
+ dump_layer_debug(l)
+
logger.info("Detected layers:")
for layer in layers:
if layer['type'] =3D=3D LayerType.ERROR_BSP_DISTRO:
--=20
2.25.1


Inclusive Language Proposal for YP/OE

Jon Mason
 

From the beginning, OpenEmbedded and The Yocto Project have always
strived to be as inclusive as possible to all races, sexes,
orientations, religions, nationalities, and any other thing which
might divide people. As continuation of this striving, there are
suggested changes below that are being proposed to make the projects
more inclusive and show the community as the professional, friendly,
and welcoming group that it is. There are words in use by the
projects directly or one of its derivative layers that could be
offensive to some. For more information on which words we selected
and why, please consult
https://inclusivenaming.org/word-lists/overview/

In the process of changing these, we are using this opportunity to
make the terms more obvious and useful, as well as removing cruft and
other unused code. This is the pure definition of a win-win solution.

With this in mind, a group of people have tried to identify issues and
come up with a plan to address these. We’ve divided the tasks into 3
areas: bitbake variables, oe-core variables, and everything else.

Bitbake Variables
Taking issues in turn, for bitbake:

For BB_DISKMON_DIRS, the actions "ABORT, STOPTASKS and WARN" would
become "HALT, NO_NEW_TASKS and "WARN".

BB_ENV_WHITELIST -> BB_ENV_PASSTHROUGH
BB_ENV_EXTRAWHITE -> BB_ENV_PASSTHROUGH_ADDITIONS

BB_HASHCONFIG_WHITELIST -> BB_HASHCONFIG_IGNORE_VARS
BB_SETSCENE_ENFORCE_WHITELIST -> BB_SETSCENE_ENFORCE_IGNORE_TASKS
BB_HASHBASE_WHITELIST -> BB_BASEHASH_IGNORE_VARS
MULTI_PROVIDER_WHITELIST -> BB_MULTI_PROVIDER_ALLOWED
BB_STAMP_WHITELIST and BB_STAMP_POLICY -> delete the code (already merged)

basewhitelist and taskwhitelist as used in sigdata/siginfo will need
to be renamed and older file usage of the variables renamed at import
for backwards compatibility. The variables in bitbake along with usage
of abort will be renamed as appropriate.

For most variables, errors will be shown to the user if the old
variable names are set. Mostly this can be done in event hooks but
some like the BB_ENV changes will need special handling.

These changes hopefully improve consistency (e.g. a consistent BB_
prefix and BASHHASH as terminology used elsewhere) and also improve
the description of the variables to be more understandable to users.

OE-Core Variables
For OE-Core, the proposals are:

For blacklist.bbclass, the proposal is to add the functionality to the
anonymous Python in base.bbclass instead. PNBLACKLIST[xxx] would
become SKIP_RECIPE[xxx]. INHERIT_BLACKLIST would simply be dropped.

SSTATE_DUPWHITELIST -> SSTATE_ALLOW_OVERLAP_FILES
CVE_CHECK_PN_WHITELIST -> CVE_CHECK_SKIPRECIPE
CVE_CHECK_WHITELIST -> CVE_CHECK_IGNORECVE
SYSROOT_DIRS_BLACKLIST -> SYSROOT_DIRS_IGNORE
LICENSE_FLAGS_WHITELIST -> LICENSE_FLAGS_ACCEPTED
UNKNOWN_CONFIGURE_WHITELIST -> UNKNOWN_CONFIGURE_OPT_IGNORE
SDK_LOCAL_CONF_BLACKLIST -> ESDK_LOCALCONF_REMOVE
SDK_LOCAL_CONF_WHITELIST -> ESDK_LOCALCONF_ALLOW
SDK_INHERIT_BLACKLIST -> ESDK_CLASS_INHERIT_DISABLE
TUNEABI_WHITELIST - already removed as obsolete

For the ICECC_USER_XXX and ICECC_SYSTEM_XXX, we think these can likely
be merged into single variables:

ICECC_USER_CLASS_BL -> ICECC_CLASS_DISABLE
ICECC_SYSTEM_CLASS_BL -> ICECC_CLASS_DISABLE
ICECC_USER_PACKAGE_WL -> ICECC_RECIPE_ENABLE
ICECC_USER_PACKAGE_BL -> ICECC_RECIPE_DISABLE
ICECC_SYSTEM_PACKAGE_BL -> ICECC_RECIPE_DISABLE

For license handling, we’d use the opportunity to clean up the
WHITELIST_(ANY LICENSE) syntax and replace it with a
INCOMPATIBLE_LICENSE_ALLOWED_RECIPES, which would be a list of recipes
which are of a blocked the INCOMPATIBLE_LICENSE list.

Everything else
The migration plan includes writing a script to assist with the
migration. In many cases it can likely make the translation. In cases
where that isn’t possible, it will aim to list the areas the user
needs to fix references.

A warning mechanism will be added to bitbake to detect usage of old
variable names (post parsing), except for BB_ENV issues which will
likely need special handling. A (limited) conversion script will be
created to help with the migration. For those instances where a 1-1
mapping is not achievable, a list of the occurrences and what it
should be changed to will occur.


Patch files in OE to be renamed:
11_tcpd_blacklist.patch -> 11_tcpd_blocklist.patch
mount.blacklist -> mount.disallow
0001-lxdm.conf.in-blacklist-root-for-release-images.patch ->
0001-lxdm.conf.in-deny-root-for-release-images.patch
022-RH-Remove-the-property-blacklist-exception-builtin.patch ->
022-RH-Remove-the-default-property-exception-builtin.patch
0001-Cargo.toml-do-not-abort-on-panic.patch ->
0001-Cargo.toml-do-not-exit-on-panic.patch
0004-Cargo.toml-do-not-abort-on-panic.patch ->
0004-Cargo.toml-do-not-exit-on-panic.patch
Also, there are a few others outside of OE that should probably be patched too.

Branch Names
The “master” branches on the relevant OpenEmbedded and Yocto Project
git trees will be changed to an alternative name at some point in the
future. The current preferred name is “devel”. There is no time
table for this currently, and there is no obligation or requirement to
change the branch name for any downstream project which is beyond the
project’s remit.

Similarly, there is no need to change any recipes that are using a
“master” branch as part of the SRC_URI. Those are outside the scope
of YP/OE and this effort.

Note
These changes are only to bitbake and OE-Core. There is no
requirement to change any other layers but we’d note consistency is
encouraged and helpful to users.

Helping
If you would like to help, please put your name by the items in
question on the inclusive language wiki page.
https://wiki.yoctoproject.org/wiki/Inclusive_language

Thanks
Special thanks to Richard Purdie, Michael Opdenacker. Marta
Rybczynska, Scott Murray, Jan-Simon Moeller, Saul Wold, and Armin
Kuster for providing their time, technical details, text, and feedback
on this task.


[PATCH v2] yocto-check-layer: add debug output for the layers that were found

Ross Burton <ross@...>
 

When debugging weird yocto-check-layer output it is useful to know
what the tool found when looking for layers.

Signed-off-by: Ross Burton <ross.burton@...>
---
scripts/yocto-check-layer | 13 +++++++++++++
1 file changed, 13 insertions(+)

diff --git a/scripts/yocto-check-layer b/scripts/yocto-check-layer
index 2445ad5e43f..393bee794f3 100755
--- a/scripts/yocto-check-layer
+++ b/scripts/yocto-check-layer
@@ -41,6 +41,12 @@ def test_layer(td, layer, test_software_layer_signatur=
es):
tc.loadTests(CASES_PATHS)
return tc.runTests()
=20
+def dump_layer_debug(layer):
+ logger.debug("Found additional layer %s (%s)" % (layer["name"], laye=
r["path"]))
+ collections =3D layer.get("collections", {})
+ if collections:
+ logger.debug("%s collections: %s" % (layer["name"], ", ".join(co=
llections)))
+
def main():
parser =3D argparse.ArgumentParser(
description=3D"Yocto Project layer checking tool",
@@ -106,6 +112,13 @@ def main():
else:
dep_layers =3D layers
=20
+ logger.debug("Found additional layers:")
+ for l in additional_layers:
+ dump_layer_debug(l)
+ logger.debug("Found dependency layers:")
+ for l in dep_layers:
+ dump_layer_debug(l)
+
logger.info("Detected layers:")
for layer in layers:
if layer['type'] =3D=3D LayerType.ERROR_BSP_DISTRO:
--=20
2.25.1


[PATCH] yocto-check-layer: add debug output for the layers that were found

Ross Burton <ross@...>
 

When debugging weird yocto-check-layer output it is useful to know
what the tool found when looking for layers.

Signed-off-by: Ross Burton <ross.burton@...>
---
scripts/yocto-check-layer | 5 +++++
1 file changed, 5 insertions(+)

diff --git a/scripts/yocto-check-layer b/scripts/yocto-check-layer
index 2445ad5e43f..c637aad3950 100755
--- a/scripts/yocto-check-layer
+++ b/scripts/yocto-check-layer
@@ -106,6 +106,11 @@ def main():
else:
dep_layers =3D layers
=20
+ for l in additional_layers:
+ logger.debug("Found additional layer %s (%s)" % (l["name"], l["p=
ath"]))
+ for l in dep_layers:
+ logger.debug("Found dependency layer %s (%s)" % (l["name"], l["p=
ath"]))
+
logger.info("Detected layers:")
for layer in layers:
if layer['type'] =3D=3D LayerType.ERROR_BSP_DISTRO:
--=20
2.25.1


Re: [dunfell][PATCH RFC] busybox.inc: Create temporary busybox links during install

Bryan Evenson
 

Andrej,

I suspect it is still an issue in master, but I haven't been able to confirm. I'm using a third-party layer that hasn't been updated to support the new override syntax introduced in the honister release. I agree that it should be fixed in master and then backported as deemed necessary to other supported releases. I wasn’t able to do that yet but I wanted to give some visibility to the issue. I suspect that it is still a problem in master since I don't see any changes in busybox.inc between dunfell and master that I think could change this behavior.

I'll continue to work on a consistent way for others to reproduce the problem. I suspect anyone could reproduce this problem by just adding 'util-linux' to core-image-minimal and attempting an upgrade between major releases. I'll work to confirm if this is true or not.

Thanks,
Bryan

-----Original Message-----
From: Valek, Andrej <andrej.valek@...>
Sent: Saturday, January 22, 2022 2:26 AM
To: openembedded-core@...; Bryan Evenson
<bevenson@...>
Subject: Re: [dunfell][PATCH RFC] busybox.inc: Create temporary busybox
links during install

Hello again,

Maybe a general question. Is it working in current master? I do not want to
brake dunfell, just applying something, which will create a lot of divergence.

Cheers,
Andrej

On Fri, 2022-01-21 at 15:02 +0000, Bryan Evenson wrote:
Andrej,

Thanks for the response.  This is an attempt to fix a problem I am
having with automated firmware upgrades for my system.  I am using
opkg for a package manager; not sure if the same problem exists with
other package managers.  I run into problems whenever busybox is one
of the packages that needs to get updated.  I enact my distribution
firmware upgrade by calling "opkg --download-only upgrade; opkg
upgrade".  What I see happen is:

1. In the busybox pkg_prerm stage sets up some soft links for some
common applets in a temporary directory and exports a path to that
directory.  It might also setup a temporary alternative to /bin/sh if
it is the last shell.
2. After the remove stage, the busybox binary is gone.  The softlinks
created in the prerm stage are useless since they point to binary that
no longer exists.
3. opkg continues with upgrade on other packages which may depend on a
command provided by busybox in a prerm, postrm, preinst or postinst
script.  These upgrades then fail since the commands are no longer
available.
4. The busybox upgrade completes, which may or may not complete
successfully.  For what I am attempting, I am upgrading my system from
the morty branch to dunfell.  I have util-linux on my system which
shares some alternatives with busybox.  The util-linux upgrade fails
because it needs some busybox applets during its upgrade process.
Then the busybox upgrade fails because the final update- alternatives
doesn’t work; some files still exist that util-linux couldn't remove
during its upgrade that clash with busybox's alternatives.

After trying several ways to get my upgrade to work, I landed on the
approach below.  I'm creating a temporary directory and copying the
busybox binary and the busybox.links files to that directory.  I then
install an alternative for every applet for busybox listed in all of
its busybox.links files that points to the temporary copy of the
busybox binary.  This means that any package that uses a busybox
applet during its install process should still work.  Then during the
postinst step I am removing all the temporary alternative links.  I
use the temporary busybox.links files for removing the alternative
links in case the upgraded busybox is now configured with a different
set of applets.

This is a heavy handed approach, and it does extend the upgrade
process for me by a few minutes since it runs through update-
alternatives for busybox two more times.  But, the approach works for
me and I think would be more resilient than past approaches.  I tried
to mimic the existing code in my additions.  If a more widescale
rewrite makes sense than that works for me also.

Thanks,
Bryan


-----Original Message-----
From: Valek, Andrej <andrej.valek@...>
Sent: Friday, January 21, 2022 9:01 AM
To: openembedded-core@...; Bryan Evenson
<bevenson@...>
Subject: Re: [dunfell][PATCH RFC] busybox.inc: Create temporary
busybox links during install

Hi Bryan,

Sorry, maybe I didn't fully understand the use-case. Are you trying
to upgrade the busybox on demand? If yes, that is not a good idea.

I'm little bit scary about doing "export PATH=$busybox_rmdir:$PATH"
and
creating a custom locks is not a good at all.

Cheers,
Andrej

On Fri, 2022-01-21 at 13:29 +0000, Bryan Evenson wrote:
All,

Ping on this RFC.  It works for me, but I have a feeling there is
a better way to do this.  It still seems a little messy and could
probably be simplified for the same effect.

Thanks,
Bryan

-----Original Message-----
From: Bryan Evenson
Sent: Thursday, December 23, 2021 9:50 AM
To: openembedded-core@...
Subject: [dunfell][PATCH RFC] busybox.inc: Create temporary
busybox links during install

Busybox upgrades sometimes fail, especially if there is a major
distribution upgrade and all packages need to be updated.
Success
is highly dependent on the package upgrade order.

Commit [1] attempts to ensure a shell is still present by adding
an alternative to /bin/sh if busybox is the only shell.
However, if busybox is not the only shell present and the other
shells are upgrading, it may then be possible that all shells
will be removed during the upgrade process.

Commit [2] creates temporary symbolic links for all the busybox
links during busybox's postinst step.  However, this is too late
in the process as some packages attempt to use 'rm' and 'sed'
after
update-alternatives removes the old links and prior to when
busybox's postinst step runs.

This fix is similar to [2] but runs during the preinst step. For
opkg, this is the first step that is guaranteed to run from the
new package (prerm is run from the old package) and will
therefore be a backwards-compatible fix for upgrading older
systems.

Copies the existing busybox binary and the busybox.links files
to a temporary directory and then creates alternative links for
all installed busybox commands.  The temporary links and
directory are cleaned up during the postinst step.

RFC: This works for me, but there may be room for improvement. I
don't know if the current pkg_prerm steps are necessary anymore.
However, in
my testing I did need the links for update-alternatives to work
in the preinst step. I am also not certain if the
populate_packages_updatealternatives_append
step is necessary anymore.  I have also only tested this fix on
dunfell, as I don't have a working image based on master yet.
It
may be more appropriate for this to go to master and then be
backported to dunfell, but I would need assistance in testing.

[1] https://git.openembedded.org/openembedded-
core/commit/meta/recipes-
core/busybox/busybox.inc?id=a9d2af8f5b3da8239cf00a52883ca596a19ea23
a
[2] https://git.openembedded.org/openembedded-
core/commit/meta/recipes-
core/busybox/busybox.inc?id=3a035bd0a06a6ded4d0ce7e35a3bce42245727
d2

Signed-off-by: Bryan Evenson <bevenson@...>
---
 meta/recipes-core/busybox/busybox.inc | 57
++++++++++++++++++++++++++-
 1 file changed, 55 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/busybox/busybox.inc
b/meta/recipes-
core/busybox/busybox.inc index e0522be729..c85402411b 100644
--- a/meta/recipes-core/busybox/busybox.inc
+++ b/meta/recipes-core/busybox/busybox.inc
@@ -441,12 +441,28 @@ pkg_postinst_${PN}_prepend () {  }

 pkg_postinst_${PN}_append () {
-        # If busybox exists in the remove directory it is
because it was the only shell left.
         if [ "x$D" = "x" ] ; then
+           # If busybox exists in the remove directory it is
because it was the only
shell left.
            if [ "x$BUSYBOX" != "x" ] ; then
               update-alternatives --remove sh $BUSYBOX
-              rm -f $BUSYBOX
            fi
+           # Remove the temporary alternatives
+           for busybox_preinstdir in /tmp/busyboxpreinst-*; do
+               if [ "$busybox_preinstdir" !=
'/tmp/busyboxpreinst-
*' ] ; then
+                  BUSYBOX_PREINST_DIR="$busybox_preinstdir"
+                  BUSYBOX="$BUSYBOX_PREINST_DIR/busybox"
+                  if [ -e $BUSYBOX ] ; then
+                      for suffix in "" ".nosuid" ".suid"; do
+                          if [ -e
$BUSYBOX_PREINST_DIR/busybox.links$suffix ] ; then
+                              while read link; do
+                                  update-alternatives --remove
$($BUSYBOX basename
$link) $BUSYBOX
+                              done <
$BUSYBOX_PREINST_DIR/busybox.links$suffix
+                          fi
+                      done
+                  fi
+                  rm -rf $BUSYBOX_PREINST_DIR
+               fi
+           done
         fi
 }

@@ -480,6 +496,43 @@ pkg_prerm_${PN} () {
         fi
 }

+pkg_preinst_${PN} () {
+        # Create a temporary copy the busybox binary and the
links
files.  Then,
+        # install an alternative link for all the links.
Other
packages use these
+        # commands during their upgrade process.  This ensures
the
links are
available
+        # to all the other packages.  We do this in the
preinst
step because it is
+        # the first step guaranteed to be used from the new
package.  The
prerm is
+        # used from the old package.  Placing this here
ensures it
runs on
upgrade even
+        # on older systems.
+
+        if [ "x$D" = "x" ] ; then
+           # update-alternatives may need the links from
commands
added in
the prerm step
+           # to operate.  Make sure we can get to that path.
+           for busybox_rmdir in /tmp/busyboxrm-*; do
+               if [ "$busybox_rmdir" != '/tmp/busyboxrm-*' ] ;
then
+                  export PATH=$busybox_rmdir:$PATH
+               fi
+           done
+
+           # Create a temporary directory for the busybox
binary
and the link lists
+           BUSYBOX=${base_bindir}/busybox
+           BUSYBOX_TMP_DIR=`$BUSYBOX mktemp -d
/tmp/busyboxpreinst-
XXXXXX`
+           BUSYBOX_TMP_LOC="$BUSYBOX_TMP_DIR/busybox"
+           $BUSYBOX cp $BUSYBOX $BUSYBOX_TMP_LOC
+
+           # Go through all the links and install an
alternative
that points to the
temporary
+           # busybox binary.
+           for suffix in "" ".nosuid" ".suid"; do
+               if [ -e ${sysconfdir}/busybox.links$suffix ] ;
then
+                   $BUSYBOX cp
${sysconfdir}/busybox.links$suffix
$BUSYBOX_TMP_DIR
+                   while read link; do
+                       update-alternatives --install $link
$($BUSYBOX basename $link)
$BUSYBOX_TMP_LOC 1
+                   done <
$BUSYBOX_TMP_DIR/busybox.links$suffix
+               fi
+           done
+        fi
+}
+
 pkg_postrm_${PN} () {
         # Add path to remove dir in case we removed our only
grep
         if [ "x$D" = "x" ] ; then
--
2.17.1


dvb.ko for Miraclebox mbultra broken

Thomas Törnblom <thomas@...>
 
Edited

I'm the owner of two Miraclebox mbultra boxes on which I run OpenATV 6.4.

Both of them have one DVB-S2 and one DVB-T/DVB-T2 tuners installed.

Since many years the driver /lib/modules/3.14.2/extra/dvb.ko has issues with a few DVB-T2 channels in Sweden and I have had to replace the file with an older one from an old openmb distro every time I upgrade to a newer OpenATV version.

Would it be possible to have you bundle that older module instead of the broken one you are distributing now? I can provide the module in case you have difficulty finding a working one.

The build date on the working module is: Feb 20 2014

The build date on the broken one you ship is: Aug 22 2014

Thanks,
Thomas


[PATCH 2/2] glibc : Fix CVE-2021-3999

Pgowda
 

Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=8c8a71c85f2ed5cc90d08d82ce645513fc907cb6]
Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=472e799a5f2102bc0c3206dbd5a801765fceb39c]

Signed-off-by: pgowda <pgowda.cve@...>
---
.../glibc/glibc/0001-CVE-2021-3999.patch | 36 ++
.../glibc/glibc/0002-CVE-2021-3999.patch | 357 ++++++++++++++++++
meta/recipes-core/glibc/glibc_2.34.bb | 2 +
3 files changed, 395 insertions(+)
create mode 100644 meta/recipes-core/glibc/glibc/0001-CVE-2021-3999.patch
create mode 100644 meta/recipes-core/glibc/glibc/0002-CVE-2021-3999.patch

diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-3999.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-3999.patch
new file mode 100644
index 0000000000..64749390b5
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/0001-CVE-2021-3999.patch
@@ -0,0 +1,36 @@
+From 8c8a71c85f2ed5cc90d08d82ce645513fc907cb6 Mon Sep 17 00:00:00 2001
+From: Siddhesh Poyarekar <siddhesh@...>
+Date: Mon, 24 Jan 2022 10:57:09 +0530
+Subject: [PATCH] tst-realpath-toolong: Fix hurd build
+
+Define PATH_MAX to a constant if it isn't already defined, like in hurd.
+
+Signed-off-by: Siddhesh Poyarekar <siddhesh@...>
+(cherry picked from commit 976db046bc3a3738f69255ae00b0a09b8e77fd9c)
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=8c8a71c85f2ed5cc90d08d82ce645513fc907cb6]
+CVE: CVE-2021-3999
+
+Signed-off-by: Pgowda <pgowda.cve@...>
+---
+ stdlib/tst-realpath-toolong.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/stdlib/tst-realpath-toolong.c b/stdlib/tst-realpath-toolong.c
+index 8bed772460..4388890294 100644
+--- a/stdlib/tst-realpath-toolong.c
++++ b/stdlib/tst-realpath-toolong.c
+@@ -29,6 +29,10 @@
+
+ #define BASENAME "tst-realpath-toolong."
+
++#ifndef PATH_MAX
++# define PATH_MAX 1024
++#endif
++
+ int
+ do_test (void)
+ {
+--
+2.27.0
+
diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-3999.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-3999.patch
new file mode 100644
index 0000000000..ef3a504fdf
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/0002-CVE-2021-3999.patch
@@ -0,0 +1,357 @@
+From 472e799a5f2102bc0c3206dbd5a801765fceb39c Mon Sep 17 00:00:00 2001
+From: Siddhesh Poyarekar <siddhesh@...>
+Date: Fri, 21 Jan 2022 23:32:56 +0530
+Subject: [PATCH] getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999)
+
+No valid path returned by getcwd would fit into 1 byte, so reject the
+size early and return NULL with errno set to ERANGE. This change is
+prompted by CVE-2021-3999, which describes a single byte buffer
+underflow and overflow when all of the following conditions are met:
+
+- The buffer size (i.e. the second argument of getcwd) is 1 byte
+- The current working directory is too long
+- '/' is also mounted on the current working directory
+
+Sequence of events:
+
+- In sysdeps/unix/sysv/linux/getcwd.c, the syscall returns ENAMETOOLONG
+ because the linux kernel checks for name length before it checks
+ buffer size
+
+- The code falls back to the generic getcwd in sysdeps/posix
+
+- In the generic func, the buf[0] is set to '\0' on line 250
+
+- this while loop on line 262 is bypassed:
+
+ while (!(thisdev == rootdev && thisino == rootino))
+
+ since the rootfs (/) is bind mounted onto the directory and the flow
+ goes on to line 449, where it puts a '/' in the byte before the
+ buffer.
+
+- Finally on line 458, it moves 2 bytes (the underflowed byte and the
+ '\0') to the buf[0] and buf[1], resulting in a 1 byte buffer overflow.
+
+- buf is returned on line 469 and errno is not set.
+
+This resolves BZ #28769.
+
+Reviewed-by: Andreas Schwab <schwab@...>
+Reviewed-by: Adhemerval Zanella <adhemerval.zanella@...>
+Signed-off-by: Qualys Security Advisory <qsa@...>
+Signed-off-by: Siddhesh Poyarekar <siddhesh@...>
+(cherry picked from commit 23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e)
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=472e799a5f2102bc0c3206dbd5a801765fceb39c]
+CVE: CVE-2021-3999
+
+Signed-off-by: Pgowda <pgowda.cve@...>
+---
+ NEWS | 6 +
+ sysdeps/posix/getcwd.c | 7 +
+ sysdeps/unix/sysv/linux/Makefile | 7 +-
+ .../unix/sysv/linux/tst-getcwd-smallbuff.c | 241 ++++++++++++++++++
+ 4 files changed, 260 insertions(+), 1 deletion(-)
+ create mode 100644 sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c
+
+diff --git a/NEWS b/NEWS
+index b4f81c2668..8d7467d2c1 100644
+--- a/NEWS
++++ b/NEWS
+@@ -214,6 +214,12 @@ Security related changes:
+ function could result in a memory leak and potential access of
+ uninitialized memory. Reported by Qualys.
+
++ CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd
++ function may result in an off-by-one buffer underflow and overflow
++ when the current working directory is longer than PATH_MAX and also
++ corresponds to the / directory through an unprivileged mount
++ namespace. Reported by Qualys.
++
+ The following bugs are resolved with this release:
+
+ [4737] libc: fork is not async-signal-safe
+diff --git a/sysdeps/posix/getcwd.c b/sysdeps/posix/getcwd.c
+index 13680026ff..b6984a382c 100644
+--- a/sysdeps/posix/getcwd.c
++++ b/sysdeps/posix/getcwd.c
+@@ -187,6 +187,13 @@ __getcwd_generic (char *buf, size_t size
+ size_t allocated = size;
+ size_t used;
+
++ /* A size of 1 byte is never useful. */
++ if (allocated == 1)
++ {
++ __set_errno (ERANGE);
++ return NULL;
++ }
++
+ #if HAVE_MINIMALLY_WORKING_GETCWD
+ /* If AT_FDCWD is not defined, the algorithm below is O(N**2) and
+ this is much slower than the system getcwd (at least on
+diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile
+index 76ad06361c..9380d3848d 100644
+--- a/sysdeps/unix/sysv/linux/Makefile
++++ b/sysdeps/unix/sysv/linux/Makefile
+@@ -331,7 +331,12 @@ sysdep_routines += xstatconv internal_st
+
+ sysdep_headers += bits/fcntl-linux.h
+
+-tests += tst-fallocate tst-fallocate64 tst-o_path-locks
++tests += \
++ tst-fallocate \
++ tst-fallocate64 \
++ tst-getcwd-smallbuff \
++ tst-o_path-locks \
++# tests
+ endif
+
+ ifeq ($(subdir),elf)
+diff --git a/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c b/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c
+new file mode 100644
+index 0000000000..d460d6e766
+--- /dev/null
++++ b/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c
+@@ -0,0 +1,241 @@
++/* Verify that getcwd returns ERANGE for size 1 byte and does not underflow
++ buffer when the CWD is too long and is also a mount target of /. See bug
++ #28769 or CVE-2021-3999 for more context.
++ Copyright The GNU Toolchain Authors.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <https://www.gnu.org/licenses/>. */
++
++#include <errno.h>
++#include <fcntl.h>
++#include <intprops.h>
++#include <limits.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <sys/mount.h>
++#include <sys/stat.h>
++#include <sys/types.h>
++#include <sys/wait.h>
++
++#include <sys/socket.h>
++#include <sys/un.h>
++#include <support/check.h>
++#include <support/temp_file.h>
++#include <support/xsched.h>
++#include <support/xunistd.h>
++
++static char *base;
++#define BASENAME "tst-getcwd-smallbuff"
++#define MOUNT_NAME "mpoint"
++static int sockfd[2];
++
++static void
++do_cleanup (void)
++{
++ support_chdir_toolong_temp_directory (base);
++ TEST_VERIFY_EXIT (rmdir (MOUNT_NAME) == 0);
++ free (base);
++}
++
++static void
++send_fd (const int sock, const int fd)
++{
++ struct msghdr msg = {0};
++ union
++ {
++ struct cmsghdr hdr;
++ char buf[CMSG_SPACE (sizeof (int))];
++ } cmsgbuf = {0};
++ struct cmsghdr *cmsg;
++ struct iovec vec;
++ char ch = 'A';
++ ssize_t n;
++
++ msg.msg_control = &cmsgbuf.buf;
++ msg.msg_controllen = sizeof (cmsgbuf.buf);
++
++ cmsg = CMSG_FIRSTHDR (&msg);
++ cmsg->cmsg_len = CMSG_LEN (sizeof (int));
++ cmsg->cmsg_level = SOL_SOCKET;
++ cmsg->cmsg_type = SCM_RIGHTS;
++ memcpy (CMSG_DATA (cmsg), &fd, sizeof (fd));
++
++ vec.iov_base = &ch;
++ vec.iov_len = 1;
++ msg.msg_iov = &vec;
++ msg.msg_iovlen = 1;
++
++ while ((n = sendmsg (sock, &msg, 0)) == -1 && errno == EINTR);
++
++ TEST_VERIFY_EXIT (n == 1);
++}
++
++static int
++recv_fd (const int sock)
++{
++ struct msghdr msg = {0};
++ union
++ {
++ struct cmsghdr hdr;
++ char buf[CMSG_SPACE(sizeof(int))];
++ } cmsgbuf = {0};
++ struct cmsghdr *cmsg;
++ struct iovec vec;
++ ssize_t n;
++ char ch = '\0';
++ int fd = -1;
++
++ vec.iov_base = &ch;
++ vec.iov_len = 1;
++ msg.msg_iov = &vec;
++ msg.msg_iovlen = 1;
++
++ msg.msg_control = &cmsgbuf.buf;
++ msg.msg_controllen = sizeof (cmsgbuf.buf);
++
++ while ((n = recvmsg (sock, &msg, 0)) == -1 && errno == EINTR);
++ if (n != 1 || ch != 'A')
++ return -1;
++
++ cmsg = CMSG_FIRSTHDR (&msg);
++ if (cmsg == NULL)
++ return -1;
++ if (cmsg->cmsg_type != SCM_RIGHTS)
++ return -1;
++ memcpy (&fd, CMSG_DATA (cmsg), sizeof (fd));
++ if (fd < 0)
++ return -1;
++ return fd;
++}
++
++static int
++child_func (void * const arg)
++{
++ xclose (sockfd[0]);
++ const int sock = sockfd[1];
++ char ch;
++
++ TEST_VERIFY_EXIT (read (sock, &ch, 1) == 1);
++ TEST_VERIFY_EXIT (ch == '1');
++
++ if (mount ("/", MOUNT_NAME, NULL, MS_BIND | MS_REC, NULL))
++ FAIL_EXIT1 ("mount failed: %m\n");
++ const int fd = xopen ("mpoint",
++ O_RDONLY | O_PATH | O_DIRECTORY | O_NOFOLLOW, 0);
++
++ send_fd (sock, fd);
++ xclose (fd);
++
++ TEST_VERIFY_EXIT (read (sock, &ch, 1) == 1);
++ TEST_VERIFY_EXIT (ch == 'a');
++
++ xclose (sock);
++ return 0;
++}
++
++static void
++update_map (char * const mapping, const char * const map_file)
++{
++ const size_t map_len = strlen (mapping);
++
++ const int fd = xopen (map_file, O_WRONLY, 0);
++ xwrite (fd, mapping, map_len);
++ xclose (fd);
++}
++
++static void
++proc_setgroups_write (const long child_pid, const char * const str)
++{
++ const size_t str_len = strlen(str);
++
++ char setgroups_path[sizeof ("/proc//setgroups") + INT_STRLEN_BOUND (long)];
++
++ snprintf (setgroups_path, sizeof (setgroups_path),
++ "/proc/%ld/setgroups", child_pid);
++
++ const int fd = open (setgroups_path, O_WRONLY);
++
++ if (fd < 0)
++ {
++ TEST_VERIFY_EXIT (errno == ENOENT);
++ FAIL_UNSUPPORTED ("/proc/%ld/setgroups not found\n", child_pid);
++ }
++
++ xwrite (fd, str, str_len);
++ xclose(fd);
++}
++
++static char child_stack[1024 * 1024];
++
++int
++do_test (void)
++{
++ base = support_create_and_chdir_toolong_temp_directory (BASENAME);
++
++ xmkdir (MOUNT_NAME, S_IRWXU);
++ atexit (do_cleanup);
++
++ TEST_VERIFY_EXIT (socketpair (AF_UNIX, SOCK_STREAM, 0, sockfd) == 0);
++ pid_t child_pid = xclone (child_func, NULL, child_stack,
++ sizeof (child_stack),
++ CLONE_NEWUSER | CLONE_NEWNS | SIGCHLD);
++
++ xclose (sockfd[1]);
++ const int sock = sockfd[0];
++
++ char map_path[sizeof ("/proc//uid_map") + INT_STRLEN_BOUND (long)];
++ char map_buf[sizeof ("0 1") + INT_STRLEN_BOUND (long)];
++
++ snprintf (map_path, sizeof (map_path), "/proc/%ld/uid_map",
++ (long) child_pid);
++ snprintf (map_buf, sizeof (map_buf), "0 %ld 1", (long) getuid());
++ update_map (map_buf, map_path);
++
++ proc_setgroups_write ((long) child_pid, "deny");
++ snprintf (map_path, sizeof (map_path), "/proc/%ld/gid_map",
++ (long) child_pid);
++ snprintf (map_buf, sizeof (map_buf), "0 %ld 1", (long) getgid());
++ update_map (map_buf, map_path);
++
++ TEST_VERIFY_EXIT (send (sock, "1", 1, MSG_NOSIGNAL) == 1);
++ const int fd = recv_fd (sock);
++ TEST_VERIFY_EXIT (fd >= 0);
++ TEST_VERIFY_EXIT (fchdir (fd) == 0);
++
++ static char buf[2 * 10 + 1];
++ memset (buf, 'A', sizeof (buf));
++
++ /* Finally, call getcwd and check if it resulted in a buffer underflow. */
++ char * cwd = getcwd (buf + sizeof (buf) / 2, 1);
++ TEST_VERIFY (cwd == NULL);
++ TEST_VERIFY (errno == ERANGE);
++
++ for (int i = 0; i < sizeof (buf); i++)
++ if (buf[i] != 'A')
++ {
++ printf ("buf[%d] = %02x\n", i, (unsigned int) buf[i]);
++ support_record_failure ();
++ }
++
++ TEST_VERIFY_EXIT (send (sock, "a", 1, MSG_NOSIGNAL) == 1);
++ xclose (sock);
++ TEST_VERIFY_EXIT (xwaitpid (child_pid, NULL, 0) == child_pid);
++
++ return 0;
++}
++
++#define CLEANUP_HANDLER do_cleanup
++#include <support/test-driver.c>
diff --git a/meta/recipes-core/glibc/glibc_2.34.bb b/meta/recipes-core/glibc/glibc_2.34.bb
index 304cbf7ba3..f67ef7818c 100644
--- a/meta/recipes-core/glibc/glibc_2.34.bb
+++ b/meta/recipes-core/glibc/glibc_2.34.bb
@@ -59,6 +59,8 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
file://0002-CVE-2022-23219.patch \
file://0001-CVE-2021-3998.patch \
file://0002-CVE-2021-3998.patch \
+ file://0001-CVE-2021-3999.patch \
+ file://0002-CVE-2021-3999.patch \
"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build-${TARGET_SYS}"
--
2.31.1


[PATCH 1/2] glibc : Fix CVE-2021-3998

Pgowda
 

Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=062ff490c1467059f6cd64bb9c3d85f6cc6cf97a]
Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=f7a79879c0b2bef0dadd6caaaeeb0d26423e04e5]

Signed-off-by: pgowda <pgowda.cve@...>
---
.../glibc/glibc/0001-CVE-2021-3998.patch | 282 ++++++++++++++++++
.../glibc/glibc/0002-CVE-2021-3998.patch | 138 +++++++++
meta/recipes-core/glibc/glibc_2.34.bb | 2 +
3 files changed, 422 insertions(+)
create mode 100644 meta/recipes-core/glibc/glibc/0001-CVE-2021-3998.patch
create mode 100644 meta/recipes-core/glibc/glibc/0002-CVE-2021-3998.patch

diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-3998.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-3998.patch
new file mode 100644
index 0000000000..c6bd5916e3
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/0001-CVE-2021-3998.patch
@@ -0,0 +1,282 @@
+From fb7bff12e81c677a6622f724edd4d4987dd9d971 Mon Sep 17 00:00:00 2001
+From: Siddhesh Poyarekar <siddhesh@...>
+Date: Tue, 18 Jan 2022 13:29:36 +0530
+Subject: [PATCH] support: Add helpers to create paths longer than PATH_MAX
+
+Add new helpers support_create_and_chdir_toolong_temp_directory and
+support_chdir_toolong_temp_directory to create and descend into
+directory trees longer than PATH_MAX.
+
+Reviewed-by: Adhemerval Zanella <adhemerval.zanella@...>
+Signed-off-by: Siddhesh Poyarekar <siddhesh@...>
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=062ff490c1467059f6cd64bb9c3d85f6cc6cf97a]
+CVE: CVE-2021-3998
+
+Signed-off-by: Pgowda <pgowda.cve@...>
+---
+ support/temp_file.c | 159 +++++++++++++++++++++++++++++++++++++++++---
+ support/temp_file.h | 9 +++
+ 2 files changed, 159 insertions(+), 9 deletions(-)
+
+diff --git a/support/temp_file.c b/support/temp_file.c
+index e7bb8aadb9..e41128c2d4 100644
+--- a/support/temp_file.c
++++ b/support/temp_file.c
+@@ -1,5 +1,6 @@
+ /* Temporary file handling for tests.
+ Copyright (C) 1998-2021 Free Software Foundation, Inc.
++ Copyright The GNU Tools Authors.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+@@ -20,15 +21,17 @@
+ some 32-bit platforms. */
+ #define _FILE_OFFSET_BITS 64
+
++#include <support/check.h>
+ #include <support/temp_file.h>
+ #include <support/temp_file-internal.h>
+ #include <support/support.h>
+
++#include <errno.h>
+ #include <paths.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-#include <unistd.h>
++#include <xunistd.h>
+
+ /* List of temporary files. */
+ static struct temp_name_list
+@@ -36,14 +39,20 @@ static struct temp_name_list
+ struct temp_name_list *next;
+ char *name;
+ pid_t owner;
++ bool toolong;
+ } *temp_name_list;
+
+ /* Location of the temporary files. Set by the test skeleton via
+ support_set_test_dir. The string is not be freed. */
+ static const char *test_dir = _PATH_TMP;
+
+-void
+-add_temp_file (const char *name)
++/* Name of subdirectories in a too long temporary directory tree. */
++static char toolong_subdir[NAME_MAX + 1];
++static bool toolong_initialized;
++static size_t toolong_path_max;
++
++static void
++add_temp_file_internal (const char *name, bool toolong)
+ {
+ struct temp_name_list *newp
+ = (struct temp_name_list *) xcalloc (sizeof (*newp), 1);
+@@ -53,12 +62,19 @@ add_temp_file (const char *name)
+ newp->name = newname;
+ newp->next = temp_name_list;
+ newp->owner = getpid ();
++ newp->toolong = toolong;
+ temp_name_list = newp;
+ }
+ else
+ free (newp);
+ }
+
++void
++add_temp_file (const char *name)
++{
++ add_temp_file_internal (name, false);
++}
++
+ int
+ create_temp_file_in_dir (const char *base, const char *dir, char **filename)
+ {
+@@ -90,8 +106,8 @@ create_temp_file (const char *base, char
+ return create_temp_file_in_dir (base, test_dir, filename);
+ }
+
+-char *
+-support_create_temp_directory (const char *base)
++static char *
++create_temp_directory_internal (const char *base, bool toolong)
+ {
+ char *path = xasprintf ("%s/%sXXXXXX", test_dir, base);
+ if (mkdtemp (path) == NULL)
+@@ -99,16 +115,132 @@ support_create_temp_directory (const cha
+ printf ("error: mkdtemp (\"%s\"): %m", path);
+ exit (1);
+ }
+- add_temp_file (path);
++ add_temp_file_internal (path, toolong);
+ return path;
+ }
+
+-/* Helper functions called by the test skeleton follow. */
++char *
++support_create_temp_directory (const char *base)
++{
++ return create_temp_directory_internal (base, false);
++}
++
++static void
++ensure_toolong_initialized (void)
++{
++ if (!toolong_initialized)
++ FAIL_EXIT1 ("uninitialized toolong directory tree\n");
++}
++
++static void
++initialize_toolong (const char *base)
++{
++ long name_max = pathconf (base, _PC_NAME_MAX);
++ name_max = (name_max < 0 ? 64
++ : (name_max < sizeof (toolong_subdir) ? name_max
++ : sizeof (toolong_subdir) - 1));
++
++ long path_max = pathconf (base, _PC_PATH_MAX);
++ path_max = (path_max < 0 ? 1024
++ : path_max <= PTRDIFF_MAX ? path_max : PTRDIFF_MAX);
++
++ /* Sanity check to ensure that the test does not create temporary directories
++ in different filesystems because this API doesn't support it. */
++ if (toolong_initialized)
++ {
++ if (name_max != strlen (toolong_subdir))
++ FAIL_UNSUPPORTED ("name_max: Temporary directories in different"
++ " filesystems not supported yet\n");
++ if (path_max != toolong_path_max)
++ FAIL_UNSUPPORTED ("path_max: Temporary directories in different"
++ " filesystems not supported yet\n");
++ return;
++ }
++
++ toolong_path_max = path_max;
++
++ size_t len = name_max;
++ memset (toolong_subdir, 'X', len);
++ toolong_initialized = true;
++}
++
++char *
++support_create_and_chdir_toolong_temp_directory (const char *basename)
++{
++ char *base = create_temp_directory_internal (basename, true);
++ xchdir (base);
++
++ initialize_toolong (base);
++
++ size_t sz = strlen (toolong_subdir);
++
++ /* Create directories and descend into them so that the final path is larger
++ than PATH_MAX. */
++ for (size_t i = 0; i <= toolong_path_max / sz; i++)
++ {
++ int ret = mkdir (toolong_subdir, S_IRWXU);
++ if (ret != 0 && errno == ENAMETOOLONG)
++ FAIL_UNSUPPORTED ("Filesystem does not support creating too long "
++ "directory trees\n");
++ else if (ret != 0)
++ FAIL_EXIT1 ("Failed to create directory tree: %m\n");
++ xchdir (toolong_subdir);
++ }
++ return base;
++}
+
+ void
+-support_set_test_dir (const char *path)
++support_chdir_toolong_temp_directory (const char *base)
+ {
+- test_dir = path;
++ ensure_toolong_initialized ();
++
++ xchdir (base);
++
++ size_t sz = strlen (toolong_subdir);
++ for (size_t i = 0; i <= toolong_path_max / sz; i++)
++ xchdir (toolong_subdir);
++}
++
++/* Helper functions called by the test skeleton follow. */
++
++static void
++remove_toolong_subdirs (const char *base)
++{
++ ensure_toolong_initialized ();
++
++ if (chdir (base) != 0)
++ {
++ printf ("warning: toolong cleanup base failed: chdir (\"%s\"): %m\n",
++ base);
++ return;
++ }
++
++ /* Descend. */
++ int levels = 0;
++ size_t sz = strlen (toolong_subdir);
++ for (levels = 0; levels <= toolong_path_max / sz; levels++)
++ if (chdir (toolong_subdir) != 0)
++ {
++ printf ("warning: toolong cleanup failed: chdir (\"%s\"): %m\n",
++ toolong_subdir);
++ break;
++ }
++
++ /* Ascend and remove. */
++ while (--levels >= 0)
++ {
++ if (chdir ("..") != 0)
++ {
++ printf ("warning: toolong cleanup failed: chdir (\"..\"): %m\n");
++ return;
++ }
++ if (remove (toolong_subdir) != 0)
++ {
++ printf ("warning: could not remove subdirectory: %s: %m\n",
++ toolong_subdir);
++ return;
++ }
++ }
+ }
+
+ void
+@@ -123,6 +255,9 @@ support_delete_temp_files (void)
+ around, to prevent PID reuse.) */
+ if (temp_name_list->owner == pid)
+ {
++ if (temp_name_list->toolong)
++ remove_toolong_subdirs (temp_name_list->name);
++
+ if (remove (temp_name_list->name) != 0)
+ printf ("warning: could not remove temporary file: %s: %m\n",
+ temp_name_list->name);
+@@ -147,3 +282,9 @@ support_print_temp_files (FILE *f)
+ fprintf (f, ")\n");
+ }
+ }
++
++void
++support_set_test_dir (const char *path)
++{
++ test_dir = path;
++}
+diff --git a/support/temp_file.h b/support/temp_file.h
+index 50a443abe4..8459ddda72 100644
+--- a/support/temp_file.h
++++ b/support/temp_file.h
+@@ -44,6 +44,15 @@ int create_temp_file_in_dir (const char
+ returns. The caller should free this string. */
+ char *support_create_temp_directory (const char *base);
+
++/* Create a temporary directory tree that is longer than PATH_MAX and schedule
++ it for deletion. BASENAME is used as a prefix for the unique directory
++ name, which the function returns. The caller should free this string. */
++char *support_create_and_chdir_toolong_temp_directory (const char *basename);
++
++/* Change into the innermost directory of the directory tree BASE, which was
++ created using support_create_and_chdir_toolong_temp_directory. */
++void support_chdir_toolong_temp_directory (const char *base);
++
+ __END_DECLS
+
+ #endif /* SUPPORT_TEMP_FILE_H */
diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-3998.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-3998.patch
new file mode 100644
index 0000000000..0a4c34452d
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/0002-CVE-2021-3998.patch
@@ -0,0 +1,138 @@
+From f7a79879c0b2bef0dadd6caaaeeb0d26423e04e5 Mon Sep 17 00:00:00 2001
+From: Siddhesh Poyarekar <siddhesh@...>
+Date: Thu, 13 Jan 2022 11:28:36 +0530
+Subject: [PATCH] realpath: Set errno to ENAMETOOLONG for result larger than
+ PATH_MAX [BZ #28770]
+
+realpath returns an allocated string when the result exceeds PATH_MAX,
+which is unexpected when its second argument is not NULL. This results
+in the second argument (resolved) being uninitialized and also results
+in a memory leak since the caller expects resolved to be the same as the
+returned value.
+
+Return NULL and set errno to ENAMETOOLONG if the result exceeds
+PATH_MAX. This fixes [BZ #28770], which is CVE-2021-3998.
+
+Reviewed-by: Adhemerval Zanella <adhemerval.zanella@...>
+Signed-off-by: Siddhesh Poyarekar <siddhesh@...>
+(cherry picked from commit ee8d5e33adb284601c00c94687bc907e10aec9bb)
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=f7a79879c0b2bef0dadd6caaaeeb0d26423e04e5]
+CVE: CVE-2021-3998
+
+Signed-off-by: Pgowda <pgowda.cve@...>
+---
+ NEWS | 4 +++
+ stdlib/Makefile | 1 +
+ stdlib/canonicalize.c | 12 +++++++--
+ stdlib/tst-realpath-toolong.c | 49 +++++++++++++++++++++++++++++++++++
+ 4 files changed, 64 insertions(+), 2 deletions(-)
+ create mode 100644 stdlib/tst-realpath-toolong.c
+
+diff --git a/NEWS b/NEWS
+index 7e773bd005..b4f81c2668 100644
+--- a/NEWS
++++ b/NEWS
+@@ -210,6 +210,10 @@ Security related changes:
+ legacy function could result in a stack-based buffer overflow when
+ using the "unix" protocol. Reported by Martin Sebor.
+
++ CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath
++ function could result in a memory leak and potential access of
++ uninitialized memory. Reported by Qualys.
++
+ The following bugs are resolved with this release:
+
+ [4737] libc: fork is not async-signal-safe
+diff --git a/stdlib/canonicalize.c b/stdlib/canonicalize.c
+index 698f9ede25..7a23a51b3a 100644
+--- a/stdlib/canonicalize.c
++++ b/stdlib/canonicalize.c
+@@ -400,8 +400,16 @@ realpath_stk (const char *name, char *re
+
+ error:
+ *dest++ = '\0';
+- if (resolved != NULL && dest - rname <= get_path_max ())
+- rname = strcpy (resolved, rname);
++ if (resolved != NULL)
++ {
++ if (dest - rname <= get_path_max ())
++ rname = strcpy (resolved, rname);
++ else
++ {
++ failed = true;
++ __set_errno (ENAMETOOLONG);
++ }
++ }
+
+ error_nomem:
+ scratch_buffer_free (&extra_buffer);
+diff --git a/stdlib/Makefile b/stdlib/Makefile
+index 9bb5c221e8..a4ac30d1f6 100644
+--- a/stdlib/Makefile
++++ b/stdlib/Makefile
+@@ -88,7 +88,8 @@ tests := tst-strtol tst-strtod testmb t
+ tst-swapcontext1 tst-setcontext4 tst-setcontext5 \
+ tst-setcontext6 tst-setcontext7 tst-setcontext8 \
+ tst-setcontext9 tst-bz20544 tst-canon-bz26341 \
+- tst-realpath
++ tst-realpath \
++ tst-realpath-toolong
+
+ tests-internal := tst-strtod1i tst-strtod3 tst-strtod4 tst-strtod5i \
+ tst-tls-atexit tst-tls-atexit-nodelete
+diff --git a/stdlib/tst-realpath-toolong.c b/stdlib/tst-realpath-toolong.c
+new file mode 100644
+index 0000000000..8bed772460
+--- /dev/null
++++ b/stdlib/tst-realpath-toolong.c
+@@ -0,0 +1,49 @@
++/* Verify that realpath returns NULL with ENAMETOOLONG if the result exceeds
++ NAME_MAX.
++ Copyright The GNU Toolchain Authors.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <https://www.gnu.org/licenses/>. */
++
++#include <errno.h>
++#include <limits.h>
++#include <stdlib.h>
++#include <string.h>
++#include <unistd.h>
++#include <support/check.h>
++#include <support/temp_file.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++
++#define BASENAME "tst-realpath-toolong."
++
++int
++do_test (void)
++{
++ char *base = support_create_and_chdir_toolong_temp_directory (BASENAME);
++
++ char buf[PATH_MAX + 1];
++ const char *res = realpath (".", buf);
++
++ /* canonicalize.c states that if the real path is >= PATH_MAX, then
++ realpath returns NULL and sets ENAMETOOLONG. */
++ TEST_VERIFY (res == NULL);
++ TEST_VERIFY (errno == ENAMETOOLONG);
++
++ free (base);
++ return 0;
++}
++
++#include <support/test-driver.c>
diff --git a/meta/recipes-core/glibc/glibc_2.34.bb b/meta/recipes-core/glibc/glibc_2.34.bb
index 235fc37243..304cbf7ba3 100644
--- a/meta/recipes-core/glibc/glibc_2.34.bb
+++ b/meta/recipes-core/glibc/glibc_2.34.bb
@@ -57,6 +57,8 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
file://0002-CVE-2022-23218.patch \
file://0001-CVE-2022-23219.patch \
file://0002-CVE-2022-23219.patch \
+ file://0001-CVE-2021-3998.patch \
+ file://0002-CVE-2021-3998.patch \
"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build-${TARGET_SYS}"
--
2.31.1


[PATCH v3] icu: fix make_icudata dependencies

Kory Maincent
 

The make_icudata task is set before the configure task then the
dependencies for this task are not populate yet.

Fixed it by adding do_prepare_recipe_sysroot task dependency to the
make_icudata task.

Signed-off-by: Kory Maincent <kory.maincent@...>
---

Change in v2:
Use deptask flag instead of setting manually the task dependencies with
depends flag.

Change in v3:
Add do_prepare_recipe_sysroot task dependency in place of using deptask
flags.

meta/recipes-support/icu/icu_70.1.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-support/icu/icu_70.1.bb b/meta/recipes-support/icu/icu_70.1.bb
index 0988ae8b8e..dd684fe5b9 100644
--- a/meta/recipes-support/icu/icu_70.1.bb
+++ b/meta/recipes-support/icu/icu_70.1.bb
@@ -147,4 +147,4 @@ do_make_icudata() {
:
}

-addtask make_icudata before do_configure after do_patch
+addtask make_icudata before do_configure after do_patch do_prepare_recipe_sysroot
--
2.25.1


Re: [PATCH meta-oe] rtc-tool: Add a recipe

Christian Eggers
 

Hi Fabio,

from my experience, custom build systems (including "bare" Makefiles)
are often hard to integrate/maintain for distributors.

What about using CMake instead?

regards
Christian


On Sunday, 23 January 2022, 16:03:58 CET, Fabio Estevam wrote:
> From: Fabio Estevam <festevam@...>
>
> rtc-tools is a useful utility developed by Alexandre Belloni
> for testing RTC kernel drivers, such as y2038 support.
>
> Based on the initial recipe from Heiko Schocher <hs@...>.
>
> Signed-off-by: Fabio Estevam <festevam@...>
> ---
> .../0001-rtc-tools-Add-a-Makefile.patch | 52 +++++++++++++++++++
> .../rtc-tools/rtc-tools_1.0.0.bb | 19 +++++++
> 2 files changed, 71 insertions(+)
> create mode 100644 meta-oe/recipes-support/rtc-tools/rtc-tools/0001-rtc-tools-Add-a-Makefile.patch
> create mode 100644 meta-oe/recipes-support/rtc-tools/rtc-tools_1.0.0.bb
>
> diff --git a/meta-oe/recipes-support/rtc-tools/rtc-tools/0001-rtc-tools-Add-a-Makefile.patch b/meta-oe/recipes-support/rtc-tools/rtc-tools/0001-rtc-tools-Add-a-Makefile.patch
> new file mode 100644
> index 000000000000..a372e390efb9
> --- /dev/null
> +++ b/meta-oe/recipes-support/rtc-tools/rtc-tools/0001-rtc-tools-Add-a-Makefile.patch
> @@ -0,0 +1,52 @@
> +From faa6dd2e4d063afcaa19f16740a3fc413a399e60 Mon Sep 17 00:00:00 2001
> +
_______________________________________________________
Christian 
Eggers
Software Engineer
ARRI
Arnold & Richter Cine Technik GmbH & Co. Betriebs KG 
Arriweg 17
83071 
Stephanskirchen
www.arri.com 

+49 8036 3009-3118
CEggers@...

Orbiter Docking Ring
Get all the latest information from www.arri.comFacebookTwitterInstagram and YouTube.

Arnold & Richter Cine Technik GmbH & Co. Betriebs KG
Sitz: München ‑ Registergericht: Amtsgericht München ‑ Handelsregisternummer: HRA 57918
Persönlich haftender Gesellschafter: Arnold & Richter Cine Technik GmbH
Sitz: München ‑ Registergericht: Amtsgericht München ‑ Handelsregisternummer: HRB 54477
Geschäftsführer: Dr. Michael Neuhäuser; Stephan Schenk; Walter Trauninger; Markus Zeiler


From: Fabio Estevam <festevam@...>
> +Date: Sun, 23 Jan 2022 09:22:19 -0300
> +Subject: [PATCH rtc-tools] rtc-tools: Add a Makefile
> +
> +Add a Makefile to make installation and uninstallation
> +process easier.
> +
> +Upstream-Status: Submitted [https://marc.info/?l=linux-rtc&m=164294073129803&w=2]
> +Signed-off-by: Fabio Estevam <festevam@...>
> +---
> + Makefile | 29 +++++++++++++++++++++++++++++
> + 1 file changed, 29 insertions(+)
> + create mode 100644 Makefile
> +
> +diff --git a/Makefile b/Makefile
> +new file mode 100644
> +index 000000000000..4f244d9289f1
> +--- /dev/null
> ++++ b/Makefile
> +@@ -0,0 +1,29 @@
> ++prefix ?= /usr
> ++bindir ?= $(prefix)/bin
> ++
> ++EXEC = rtc-range rtc rtc-sync
> ++
> ++all: $(EXEC)
> ++
> ++rtc-range: rtc-range.c
> ++ $(CC) $(CFLAGS) -o $@ rtc-range.c
> ++
> ++rtc: rtc.c
> ++ $(CC) $(CFLAGS) -o $@ rtc.c
> ++
> ++rtc-sync: rtc-sync.c
> ++ $(CC) $(CFLAGS) -o $@ rtc-sync.c
> ++
> ++clean:
> ++ rm -f $(EXEC)
> ++
> ++install: rtc-range rtc rtc-sync
> ++ mkdir -p '$(DESTDIR)$(bindir)'
> ++ install -m755 rtc-range '$(DESTDIR)$(bindir)/rtc-range'
> ++ install -m755 rtc '$(DESTDIR)$(bindir)/rtc'
> ++ install -m755 rtc-sync '$(DESTDIR)$(bindir)/rtc-sync'
> ++
> ++uninstall:
> ++ rm -rf '$(DESTDIR)$(bindir)/rtc-range'
> ++ rm -rf '$(DESTDIR)$(bindir)/rtc'
> ++ rm -rf '$(DESTDIR)$(bindir)/rtc-sync'
> +--
> +2.25.1
> diff --git a/meta-oe/recipes-support/rtc-tools/rtc-tools_1.0.0.bb b/meta-oe/recipes-support/rtc-tools/rtc-tools_1.0.0.bb
> new file mode 100644
> index 000000000000..8f0326829d8c
> --- /dev/null
> +++ b/meta-oe/recipes-support/rtc-tools/rtc-tools_1.0.0.bb
> @@ -0,0 +1,19 @@
> +DESCRIPTION = "Useful programs to test rtc drivers"
> +LICENSE = "GPLv2"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=74274e8a218423e49eefdea80bc55038"
> +
> +SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/rtc-tools.git;protocol=https;branch=master \
> + file://0001-rtc-tools-Add-a-Makefile.patch \
> + "
> +SRCREV ?= "acc442e7af4e1e783432a43d37f1a7938c692659"
> +
> +S = "${WORKDIR}/git"
> +
> +TARGET_CC_ARCH += "${LDFLAGS}"
> +EXTRA_OEMAKE = " \
> + DESTDIR=${D} \
> + all \
> + "
> +do_install() {
> + oe_runmake install
> +}
>





Re: [PATCH] kernel: add missing path to search for debug files

Andrej Valek
 

Hello Richard,

Fine, that we have it, but are you going to take a look on the patch :)
?

Regards,
Andrej

On Fri, 2022-01-21 at 10:18 +0100, Michael Opdenacker wrote:

On 1/19/22 5:48 PM, Richard Purdie wrote:
On Wed, 2022-01-19 at 12:57 +0100, Andrej Valek wrote:
Since explicit debug package creation via ${KERNEL_PACKAGE_NAME}-
dbg has
been added to kernel, it has to cover all
PACKAGE_DEBUG_SPLIT_STYLE
options. For ex. when the variable "debug-file-directory" package
search
path has to be set explicitly, otherwise it will not find any
files.

Signed-off-by: Andrej Valek <andrej.valek@...>
---
 meta/classes/kernel.bbclass | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/classes/kernel.bbclass
b/meta/classes/kernel.bbclass
index 473e28be47..9ea201c936 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -647,6 +647,7 @@ FILES:${KERNEL_PACKAGE_NAME}-image = ""
 FILES:${KERNEL_PACKAGE_NAME}-dev = "/boot/System.map*
/boot/Module.symvers* /boot/config* ${KERNEL_SRC_PATH}
${nonarch_base_libdir}/modules/${KERNEL_VERSION}/build"
 FILES:${KERNEL_PACKAGE_NAME}-vmlinux = "/boot/vmlinux-
${KERNEL_VERSION_NAME}"
 FILES:${KERNEL_PACKAGE_NAME}-modules = ""
+FILES:${KERNEL_PACKAGE_NAME}-dbg = "/usr/lib/debug
/usr/src/debug"
This seems to highlight that we have no tests for
KERNEL_PACKAGE_NAME. At the
very least we need a bugzilla entry for creating some...

Done: https://bugzilla.yoctoproject.org/show_bug.cgi?id=14700
Cheers
Michael


[PATCH] busybox: refresh defconfig

Andrej Valek
 

- extend find command
- disable rootfs skip
- busybox-inittab_1.34.1 -> busybox-inittab_1.35.0

Signed-off-by: Andrej Valek <andrej.valek@...>
---
...ab_1.34.1.bb => busybox-inittab_1.35.0.bb} | 0
meta/recipes-core/busybox/busybox/defconfig | 70 +++++++++++--------
2 files changed, 39 insertions(+), 31 deletions(-)
rename meta/recipes-core/busybox/{busybox-inittab_1.34.1.bb => busybox-inittab_1.35.0.bb} (100%)

diff --git a/meta/recipes-core/busybox/busybox-inittab_1.34.1.bb b/meta/recipes-core/busybox/busybox-inittab_1.35.0.bb
similarity index 100%
rename from meta/recipes-core/busybox/busybox-inittab_1.34.1.bb
rename to meta/recipes-core/busybox/busybox-inittab_1.35.0.bb
diff --git a/meta/recipes-core/busybox/busybox/defconfig b/meta/recipes-core/busybox/busybox/defconfig
index 16c61a84b2..5e1e1f5638 100644
--- a/meta/recipes-core/busybox/busybox/defconfig
+++ b/meta/recipes-core/busybox/busybox/defconfig
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Busybox version: 1.34.0
-# Wed Aug 23 09:07:25 2021
+# Busybox version: 1.35.0
+# Sun Dec 26 16:55:55 2021
#
CONFIG_HAVE_DOT_CONFIG=y

@@ -94,9 +94,12 @@ CONFIG_FEATURE_BUFFERS_USE_MALLOC=y
CONFIG_PASSWORD_MINLEN=6
CONFIG_MD5_SMALL=1
CONFIG_SHA3_SMALL=1
-CONFIG_FEATURE_FAST_TOP=y
-# CONFIG_FEATURE_ETC_NETWORKS is not set
-# CONFIG_FEATURE_ETC_SERVICES is not set
+CONFIG_FEATURE_NON_POSIX_CP=y
+# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set
+CONFIG_FEATURE_USE_SENDFILE=y
+CONFIG_FEATURE_COPYBUF_KB=4
+CONFIG_MONOTONIC_SYSCALL=y
+CONFIG_IOCTL_HEX2STR_ERROR=y
CONFIG_FEATURE_EDITING=y
CONFIG_FEATURE_EDITING_MAX_LEN=1024
# CONFIG_FEATURE_EDITING_VI is not set
@@ -120,14 +123,6 @@ CONFIG_UNICODE_WIDE_WCHARS=y
# CONFIG_UNICODE_BIDI_SUPPORT is not set
# CONFIG_UNICODE_NEUTRAL_TABLE is not set
# CONFIG_UNICODE_PRESERVE_BROKEN is not set
-CONFIG_FEATURE_NON_POSIX_CP=y
-# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set
-CONFIG_FEATURE_USE_SENDFILE=y
-CONFIG_FEATURE_COPYBUF_KB=4
-CONFIG_FEATURE_SKIP_ROOTFS=y
-CONFIG_MONOTONIC_SYSCALL=y
-CONFIG_IOCTL_HEX2STR_ERROR=y
-CONFIG_FEATURE_HWIB=y

#
# Applets
@@ -162,6 +157,8 @@ CONFIG_FEATURE_BZIP2_DECOMPRESS=y
CONFIG_CPIO=y
# CONFIG_FEATURE_CPIO_O is not set
# CONFIG_FEATURE_CPIO_P is not set
+# CONFIG_FEATURE_CPIO_IGNORE_DEVNO is not set
+# CONFIG_FEATURE_CPIO_RENUMBER_INODES is not set
# CONFIG_DPKG is not set
# CONFIG_DPKG_DEB is not set
CONFIG_GZIP=y
@@ -197,6 +194,22 @@ CONFIG_FEATURE_UNZIP_CDF=y
#
# Coreutils
#
+CONFIG_FEATURE_VERBOSE=y
+
+#
+# Common options for date and touch
+#
+# CONFIG_FEATURE_TIMEZONE is not set
+
+#
+# Common options for cp and mv
+#
+# CONFIG_FEATURE_PRESERVE_HARDLINKS is not set
+
+#
+# Common options for df, du, ls
+#
+CONFIG_FEATURE_HUMAN_READABLE=y
CONFIG_BASENAME=y
CONFIG_CAT=y
CONFIG_FEATURE_CATN=y
@@ -225,6 +238,7 @@ CONFIG_FEATURE_DD_SIGNAL_HANDLING=y
# CONFIG_FEATURE_DD_STATUS is not set
CONFIG_DF=y
# CONFIG_FEATURE_DF_FANCY is not set
+# CONFIG_FEATURE_SKIP_ROOTFS is not set
CONFIG_DIRNAME=y
# CONFIG_DOS2UNIX is not set
# CONFIG_UNIX2DOS is not set
@@ -343,21 +357,6 @@ CONFIG_USERS=y
CONFIG_WHOAMI=y
CONFIG_YES=y

-#
-# Common options
-#
-CONFIG_FEATURE_VERBOSE=y
-
-#
-# Common options for cp and mv
-#
-# CONFIG_FEATURE_PRESERVE_HARDLINKS is not set
-
-#
-# Common options for df, du, ls
-#
-CONFIG_FEATURE_HUMAN_READABLE=y
-
#
# Console Utilities
#
@@ -448,7 +447,11 @@ CONFIG_FEATURE_ALLOW_EXEC=y
CONFIG_FIND=y
CONFIG_FEATURE_FIND_PRINT0=y
CONFIG_FEATURE_FIND_MTIME=y
+CONFIG_FEATURE_FIND_ATIME=y
+CONFIG_FEATURE_FIND_CTIME=y
CONFIG_FEATURE_FIND_MMIN=y
+CONFIG_FEATURE_FIND_AMIN=y
+CONFIG_FEATURE_FIND_CMIN=y
CONFIG_FEATURE_FIND_PERM=y
CONFIG_FEATURE_FIND_TYPE=y
CONFIG_FEATURE_FIND_EXECUTABLE=y
@@ -456,6 +459,7 @@ CONFIG_FEATURE_FIND_XDEV=y
CONFIG_FEATURE_FIND_MAXDEPTH=y
CONFIG_FEATURE_FIND_NEWER=y
# CONFIG_FEATURE_FIND_INUM is not set
+CONFIG_FEATURE_FIND_SAMEFILE=y
CONFIG_FEATURE_FIND_EXEC=y
CONFIG_FEATURE_FIND_EXEC_PLUS=y
CONFIG_FEATURE_FIND_USER=y
@@ -851,6 +855,9 @@ CONFIG_FEATURE_IPV6=y
# CONFIG_FEATURE_UNIX_LOCAL is not set
CONFIG_FEATURE_PREFER_IPV4_ADDRESS=y
# CONFIG_VERBOSE_RESOLUTION_ERRORS is not set
+# CONFIG_FEATURE_ETC_NETWORKS is not set
+# CONFIG_FEATURE_ETC_SERVICES is not set
+CONFIG_FEATURE_HWIB=y
# CONFIG_FEATURE_TLS_SHA1 is not set
# CONFIG_ARP is not set
# CONFIG_ARPING is not set
@@ -1024,17 +1031,19 @@ CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS="-R -b"
#
# Mail Utilities
#
+CONFIG_FEATURE_MIME_CHARSET=""
# CONFIG_MAKEMIME is not set
# CONFIG_POPMAILDIR is not set
# CONFIG_FEATURE_POPMAILDIR_DELIVERY is not set
# CONFIG_REFORMIME is not set
# CONFIG_FEATURE_REFORMIME_COMPAT is not set
# CONFIG_SENDMAIL is not set
-CONFIG_FEATURE_MIME_CHARSET=""

#
# Process Utilities
#
+CONFIG_FEATURE_FAST_TOP=y
+# CONFIG_FEATURE_SHOW_THREADS is not set
CONFIG_FREE=y
CONFIG_FUSER=y
# CONFIG_IOSTAT is not set
@@ -1073,7 +1082,6 @@ CONFIG_FEATURE_TOP_CPU_GLOBAL_PERCENTS=y
CONFIG_UPTIME=y
# CONFIG_FEATURE_UPTIME_UTMP_SUPPORT is not set
CONFIG_WATCH=y
-# CONFIG_FEATURE_SHOW_THREADS is not set

#
# Runit Utilities
@@ -1138,8 +1146,8 @@ CONFIG_ASH_CMDCMD=y
# CONFIG_SHELL_HUSH is not set
# CONFIG_HUSH_BASH_COMPAT is not set
# CONFIG_HUSH_BRACE_EXPANSION is not set
-# CONFIG_HUSH_LINENO_VAR is not set
# CONFIG_HUSH_BASH_SOURCE_CURDIR is not set
+# CONFIG_HUSH_LINENO_VAR is not set
# CONFIG_HUSH_INTERACTIVE is not set
# CONFIG_HUSH_SAVEHISTORY is not set
# CONFIG_HUSH_JOB is not set
--
2.34.1


[dunfell][PATCH v2] ghostscript: fix CVE-2021-45949

Minjae Kim
 

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish
(called from sampled_data_continue and interp).

To apply the CVE-2021-45949 patch,
check-stack-limits-after-function-evalution.patch should be applied first.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-45949

Signed-off-by: Minjae Kim <flowergom@...>
---
.../ghostscript/CVE-2021-45949.patch | 68 +++++++++++++++++++
...tack-limits-after-function-evalution.patch | 51 ++++++++++++++
.../ghostscript/ghostscript_9.52.bb | 2 +
3 files changed, 121 insertions(+)
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch

diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch
new file mode 100644
index 0000000000..605155342e
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch
@@ -0,0 +1,68 @@
+From 2a3129365d3bc0d4a41f107ef175920d1505d1f7 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@...>
+Date: Tue, 1 Jun 2021 19:57:16 +0100
+Subject: [PATCH] Bug 703902: Fix op stack management in
+ sampled_data_continue()
+
+Replace pop() (which does no checking, and doesn't handle stack extension
+blocks) with ref_stack_pop() which does do all that.
+
+We still use pop() in one case (it's faster), but we have to later use
+ref_stack_pop() before calling sampled_data_sample() which also accesses the
+op stack.
+
+Fixes:
+https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675
+
+Upstream-Status: Backported [https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=2a3129365d3bc0d4a41f107ef175920d1505d1f7]
+CVE: CVE-2021-45949
+Signed-off-by: Minjae Kim <flowergom@...>
+---
+ psi/zfsample.c | 16 ++++++++++------
+ 1 file changed, 10 insertions(+), 6 deletions(-)
+
+diff --git a/psi/zfsample.c b/psi/zfsample.c
+index 0e8e4bc8d..00cd0cfdd 100644
+--- a/psi/zfsample.c
++++ b/psi/zfsample.c
+@@ -533,15 +533,19 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ for (j = 0; j < bps; j++)
+ data_ptr[bps * i + j] = (byte)(cv >> ((bps - 1 - j) * 8)); /* MSB first */
+ }
+- pop(num_out); /* Move op to base of result values */
+
+- /* Check if we are done collecting data. */
++ pop(num_out); /* Move op to base of result values */
+
++ /* From here on, we have to use ref_stack_pop() rather than pop()
++ so that it handles stack extension blocks properly, before calling
++ sampled_data_sample() which also uses the op stack.
++ */
++ /* Check if we are done collecting data. */
+ if (increment_cube_indexes(params, penum->indexes)) {
+ if (stack_depth_adjust == 0)
+- pop(O_STACK_PAD); /* Remove spare stack space */
++ ref_stack_pop(&o_stack, O_STACK_PAD); /* Remove spare stack space */
+ else
+- pop(stack_depth_adjust - num_out);
++ ref_stack_pop(&o_stack, stack_depth_adjust - num_out);
+ /* Execute the closing procedure, if given */
+ code = 0;
+ if (esp_finish_proc != 0)
+@@ -554,11 +558,11 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
+ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
+ check_op(stack_depth_adjust);
+- pop(stack_depth_adjust);
++ ref_stack_pop(&o_stack, stack_depth_adjust);
+ }
+ else {
+ check_ostack(O_STACK_PAD - stack_depth_adjust);
+- push(O_STACK_PAD - stack_depth_adjust);
++ ref_stack_push(&o_stack, O_STACK_PAD - stack_depth_adjust);
+ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
+ make_null(op - i);
+ }
+--
+2.25.1
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch b/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch
new file mode 100644
index 0000000000..722bab4ddb
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch
@@ -0,0 +1,51 @@
+From 7861fcad13c497728189feafb41cd57b5b50ea25 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@...>
+Date: Fri, 12 Feb 2021 10:34:23 +0000
+Subject: [PATCH] oss-fuzz 30715: Check stack limits after function evaluation.
+
+During function result sampling, after the callout to the Postscript
+interpreter, make sure there is enough stack space available before pushing
+or popping entries.
+
+In thise case, the Postscript procedure for the "function" is totally invalid
+(as a function), and leaves the op stack in an unrecoverable state (as far as
+function evaluation is concerned). We end up popping more entries off the
+stack than are available.
+
+To cope, add in stack limit checking to throw an appropriate error when this
+happens.
+
+Upstream-Status: Backported [https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=7861fcad13c497728189feafb41cd57b5b50ea25]
+Signed-off-by: Minjae Kim <flowergom@...>
+---
+ psi/zfsample.c | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/psi/zfsample.c b/psi/zfsample.c
+index 290809405..652ae02c6 100644
+--- a/psi/zfsample.c
++++ b/psi/zfsample.c
+@@ -551,9 +551,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ } else {
+ if (stack_depth_adjust) {
+ stack_depth_adjust -= num_out;
+- push(O_STACK_PAD - stack_depth_adjust);
+- for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
+- make_null(op - i);
++ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
++ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
++ check_op(stack_depth_adjust);
++ pop(stack_depth_adjust);
++ }
++ else {
++ check_ostack(O_STACK_PAD - stack_depth_adjust);
++ push(O_STACK_PAD - stack_depth_adjust);
++ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
++ make_null(op - i);
++ }
+ }
+ }
+
+--
+2.25.1
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
index 32346e6811..ac3d0dca43 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
@@ -39,6 +39,8 @@ SRC_URI = "${SRC_URI_BASE} \
file://ghostscript-9.21-prevent_recompiling.patch \
file://cups-no-gcrypt.patch \
file://CVE-2020-15900.patch \
+ file://check-stack-limits-after-function-evalution.patch \
+ file://CVE-2021-45949.patch \
"

SRC_URI_class-native = "${SRC_URI_BASE} \
--
2.17.1


Re: [PATCH] nghttp2: fix for multilib support

Changqing Li
 


On 1/17/22 5:12 PM, Changqing Li wrote:

On 1/13/22 11:26 PM, Richard Purdie wrote:
[Please note: This e-mail is from an EXTERNAL e-mail address]

On Thu, 2022-01-13 at 11:44 +0800, Changqing Li wrote:
From: Changqing Li <changqing.li@...>

correct the package name

Signed-off-by: Changqing Li <changqing.li@...>
---
  meta/recipes-support/nghttp2/nghttp2_1.46.0.bb | 4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-support/nghttp2/nghttp2_1.46.0.bb b/meta/recipes-support/nghttp2/nghttp2_1.46.0.bb
index 972ff2d60a..a5f0be856f 100644
--- a/meta/recipes-support/nghttp2/nghttp2_1.46.0.bb
+++ b/meta/recipes-support/nghttp2/nghttp2_1.46.0.bb
@@ -19,7 +19,7 @@ PACKAGECONFIG[manpages] = ""
  # first place
  EXTRA_OECMAKE = "-DENABLE_EXAMPLES=OFF -DENABLE_APP=OFF -DENABLE_HPACK_TOOLS=OFF"

-PACKAGES =+ "lib${PN} ${PN}-client ${PN}-proxy ${PN}-server"
+PACKAGES =+ "lib${BPN} ${PN}-client ${PN}-proxy ${PN}-server"

  RDEPENDS:${PN} = "${PN}-client (>= ${PV}) ${PN}-proxy (>= ${PV}) ${PN}-server (>= ${PV})"
  RDEPENDS:${PN}:class-native = ""
@@ -27,7 +27,7 @@ RDEPENDS:${PN}-proxy = "openssl python3-core python3-io python3-shell"

  ALLOW_EMPTY:${PN} = "1"
  FILES:${PN} = ""
-FILES:lib${PN} = "${libdir}/*${SOLIBS}"
+FILES:${MLPREFIX}lib${BPN} = "${libdir}/*${SOLIBS}"
  FILES:${PN}-client = "${bindir}/h2load ${bindir}/nghttp"
  FILES:${PN}-proxy = "${bindir}/nghttpx ${datadir}/${BPN}/fetch-ocsp-response"
  FILES:${PN}-server = "${bindir}/nghttpd"
This doesn't look correct, particularly using with MLPREFIX in one location and
not in the other...

PACKAGES =+ "lib${PN} ${PN}-client ${PN}-proxy ${PN}-server"

the first package lib${PN}  is not correct. when enable multilib,
for lib64, ${PN} is nghttp2,       lib${PN}=libnghttp2,
for lib32, ${PN} is lib32-nghttp2, lib${PN}=liblib32-nghttp2,
but I think it should be lib32-libnghttp2. so change it to lib${BPN}.

for PACKAGES, it will be extend by classextended.py
#   prepend /yocto/poky/meta/recipes-support/nghttp2/nghttp2_1.46.0.bb:22
#     "lib${BPN} ${PN}-client ${PN}-proxy ${PN}-server"
#   rename (to) classextend.py:127 [rename_packages]
#     "PACKAGES_NONML"
#   set classextend.py:128 [rename_packages]
#     "${@oe.classextend.get_packages(d)}"
# pre-expansion value:
#   "${@oe.classextend.get_packages(d)}"
PACKAGES="lib32-libnghttp2 lib32-nghttp2-client lib32-nghttp2-proxy lib32-nghttp2-server lib32-nghttp2-src lib32-nghttp2-dbg lib32-nghttp2-staticdev lib32-nghttp2-dev lib32-nghttp2-doc lib32-nghttp2-locale lib32-nghttp2"

for FILES, other packages start with ${PN} aleady extened with lib32-,  so don't need MLPREFIX. but lib${BPN} need to add it manually.

ping



Cheers,

Richard





[dunfell][PATCH] ghostscript: fix CVE-2021-45949

Minjae Kim
 

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish
(called from sampled_data_continue and interp).

To apply the CVE-2021-45849 patch,
check-stack-limits-after-function-evalution.patch should be applied first.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-45949

Signed-off-by: Minjae Kim <flowergom@...>
---
.../ghostscript/CVE-2021-45949.patch | 68 +++++++++++++++++++
...tack-limits-after-function-evalution.patch | 51 ++++++++++++++
.../ghostscript/ghostscript_9.52.bb | 2 +
3 files changed, 121 insertions(+)
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch

diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch
new file mode 100644
index 0000000000..605155342e
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch
@@ -0,0 +1,68 @@
+From 2a3129365d3bc0d4a41f107ef175920d1505d1f7 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@...>
+Date: Tue, 1 Jun 2021 19:57:16 +0100
+Subject: [PATCH] Bug 703902: Fix op stack management in
+ sampled_data_continue()
+
+Replace pop() (which does no checking, and doesn't handle stack extension
+blocks) with ref_stack_pop() which does do all that.
+
+We still use pop() in one case (it's faster), but we have to later use
+ref_stack_pop() before calling sampled_data_sample() which also accesses the
+op stack.
+
+Fixes:
+https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675
+
+Upstream-Status: Backported [https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=2a3129365d3bc0d4a41f107ef175920d1505d1f7]
+CVE: CVE-2021-45949
+Signed-off-by: Minjae Kim <flowergom@...>
+---
+ psi/zfsample.c | 16 ++++++++++------
+ 1 file changed, 10 insertions(+), 6 deletions(-)
+
+diff --git a/psi/zfsample.c b/psi/zfsample.c
+index 0e8e4bc8d..00cd0cfdd 100644
+--- a/psi/zfsample.c
++++ b/psi/zfsample.c
+@@ -533,15 +533,19 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ for (j = 0; j < bps; j++)
+ data_ptr[bps * i + j] = (byte)(cv >> ((bps - 1 - j) * 8)); /* MSB first */
+ }
+- pop(num_out); /* Move op to base of result values */
+
+- /* Check if we are done collecting data. */
++ pop(num_out); /* Move op to base of result values */
+
++ /* From here on, we have to use ref_stack_pop() rather than pop()
++ so that it handles stack extension blocks properly, before calling
++ sampled_data_sample() which also uses the op stack.
++ */
++ /* Check if we are done collecting data. */
+ if (increment_cube_indexes(params, penum->indexes)) {
+ if (stack_depth_adjust == 0)
+- pop(O_STACK_PAD); /* Remove spare stack space */
++ ref_stack_pop(&o_stack, O_STACK_PAD); /* Remove spare stack space */
+ else
+- pop(stack_depth_adjust - num_out);
++ ref_stack_pop(&o_stack, stack_depth_adjust - num_out);
+ /* Execute the closing procedure, if given */
+ code = 0;
+ if (esp_finish_proc != 0)
+@@ -554,11 +558,11 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
+ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
+ check_op(stack_depth_adjust);
+- pop(stack_depth_adjust);
++ ref_stack_pop(&o_stack, stack_depth_adjust);
+ }
+ else {
+ check_ostack(O_STACK_PAD - stack_depth_adjust);
+- push(O_STACK_PAD - stack_depth_adjust);
++ ref_stack_push(&o_stack, O_STACK_PAD - stack_depth_adjust);
+ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
+ make_null(op - i);
+ }
+--
+2.25.1
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch b/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch
new file mode 100644
index 0000000000..722bab4ddb
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch
@@ -0,0 +1,51 @@
+From 7861fcad13c497728189feafb41cd57b5b50ea25 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@...>
+Date: Fri, 12 Feb 2021 10:34:23 +0000
+Subject: [PATCH] oss-fuzz 30715: Check stack limits after function evaluation.
+
+During function result sampling, after the callout to the Postscript
+interpreter, make sure there is enough stack space available before pushing
+or popping entries.
+
+In thise case, the Postscript procedure for the "function" is totally invalid
+(as a function), and leaves the op stack in an unrecoverable state (as far as
+function evaluation is concerned). We end up popping more entries off the
+stack than are available.
+
+To cope, add in stack limit checking to throw an appropriate error when this
+happens.
+
+Upstream-Status: Backported [https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=7861fcad13c497728189feafb41cd57b5b50ea25]
+Signed-off-by: Minjae Kim <flowergom@...>
+---
+ psi/zfsample.c | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/psi/zfsample.c b/psi/zfsample.c
+index 290809405..652ae02c6 100644
+--- a/psi/zfsample.c
++++ b/psi/zfsample.c
+@@ -551,9 +551,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ } else {
+ if (stack_depth_adjust) {
+ stack_depth_adjust -= num_out;
+- push(O_STACK_PAD - stack_depth_adjust);
+- for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
+- make_null(op - i);
++ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
++ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
++ check_op(stack_depth_adjust);
++ pop(stack_depth_adjust);
++ }
++ else {
++ check_ostack(O_STACK_PAD - stack_depth_adjust);
++ push(O_STACK_PAD - stack_depth_adjust);
++ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
++ make_null(op - i);
++ }
+ }
+ }
+
+--
+2.25.1
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
index 32346e6811..ac3d0dca43 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
@@ -39,6 +39,8 @@ SRC_URI = "${SRC_URI_BASE} \
file://ghostscript-9.21-prevent_recompiling.patch \
file://cups-no-gcrypt.patch \
file://CVE-2020-15900.patch \
+ file://check-stack-limits-after-function-evalution.patch \
+ file://CVE-2021-45949.patch \
"

SRC_URI_class-native = "${SRC_URI_BASE} \
--
2.17.1


OE-core CVE metrics for honister on Sun 23 Jan 2022 05:30:01 AM HST

Steve Sakoman
 

Branch: honister

New this week: 3 CVEs
CVE-2022-22844: tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22844 *
CVE-2022-23218: glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23218 *
CVE-2022-23219: glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23219 *

Removed this week: 8 CVEs
CVE-2011-4613: xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4613 *
CVE-2020-25697: xserver-xorg https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25697 *
CVE-2021-44716: go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44716 *
CVE-2021-44717: go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44717 *
CVE-2021-45085: epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 *
CVE-2021-45086: epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 *
CVE-2021-45087: epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 *
CVE-2021-45088: epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 *

Full list: Found 44 unpatched CVEs
CVE-2016-20012: openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-20012 *
CVE-2019-12067: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067 *
CVE-2020-18974: nasm:nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18974 *
CVE-2020-35503: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 *
CVE-2021-20255: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255 *
CVE-2021-31879: wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 *
CVE-2021-3507: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3507 *
CVE-2021-36976: libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36976 *
CVE-2021-3713: qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3713 *
CVE-2021-3974: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3974 *
CVE-2021-3984: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3984 *
CVE-2021-4019: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4019 *
CVE-2021-4069: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4069 *
CVE-2021-4136: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4136 *
CVE-2021-4166: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4166 *
CVE-2021-4173: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4173 *
CVE-2021-41817: ruby:ruby-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41817 *
CVE-2021-41819: ruby:ruby-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41819 *
CVE-2021-4187: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4187 *
CVE-2021-4192: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4192 *
CVE-2021-4193: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4193 *
CVE-2021-42762: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 *
CVE-2021-43400: bluez5 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43400 *
CVE-2021-45078: binutils:binutils-cross-testsuite:binutils-cross-x86_64:binutils-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45078 *
CVE-2021-45481: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 *
CVE-2021-45482: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 *
CVE-2021-45483: webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 *
CVE-2021-45931: harfbuzz:harfbuzz-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45931 *
CVE-2021-45949: ghostscript:ghostscript-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45949 *
CVE-2021-45960: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45960 *
CVE-2021-46143: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46143 *
CVE-2022-0128: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0128 *
CVE-2022-0156: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0156 *
CVE-2022-0158: vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0158 *
CVE-2022-22707: lighttpd https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22707 *
CVE-2022-22822: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22822 *
CVE-2022-22823: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22823 *
CVE-2022-22824: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22824 *
CVE-2022-22825: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22825 *
CVE-2022-22826: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22826 *
CVE-2022-22827: expat:expat-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22827 *
CVE-2022-22844: tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22844 *
CVE-2022-23218: glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23218 *
CVE-2022-23219: glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23219 *


[PATCH meta-oe] rtc-tool: Add a recipe

Fabio Estevam
 

From: Fabio Estevam <festevam@...>

rtc-tools is a useful utility developed by Alexandre Belloni
for testing RTC kernel drivers, such as y2038 support.

Based on the initial recipe from Heiko Schocher <hs@...>.

Signed-off-by: Fabio Estevam <festevam@...>
---
.../0001-rtc-tools-Add-a-Makefile.patch | 52 +++++++++++++++++++
.../rtc-tools/rtc-tools_1.0.0.bb | 19 +++++++
2 files changed, 71 insertions(+)
create mode 100644 meta-oe/recipes-support/rtc-tools/rtc-tools/0001-rtc-tools-Add-a-Makefile.patch
create mode 100644 meta-oe/recipes-support/rtc-tools/rtc-tools_1.0.0.bb

diff --git a/meta-oe/recipes-support/rtc-tools/rtc-tools/0001-rtc-tools-Add-a-Makefile.patch b/meta-oe/recipes-support/rtc-tools/rtc-tools/0001-rtc-tools-Add-a-Makefile.patch
new file mode 100644
index 000000000000..a372e390efb9
--- /dev/null
+++ b/meta-oe/recipes-support/rtc-tools/rtc-tools/0001-rtc-tools-Add-a-Makefile.patch
@@ -0,0 +1,52 @@
+From faa6dd2e4d063afcaa19f16740a3fc413a399e60 Mon Sep 17 00:00:00 2001
+From: Fabio Estevam <festevam@...>
+Date: Sun, 23 Jan 2022 09:22:19 -0300
+Subject: [PATCH rtc-tools] rtc-tools: Add a Makefile
+
+Add a Makefile to make installation and uninstallation
+process easier.
+
+Upstream-Status: Submitted [https://marc.info/?l=linux-rtc&m=164294073129803&w=2]
+Signed-off-by: Fabio Estevam <festevam@...>
+---
+ Makefile | 29 +++++++++++++++++++++++++++++
+ 1 file changed, 29 insertions(+)
+ create mode 100644 Makefile
+
+diff --git a/Makefile b/Makefile
+new file mode 100644
+index 000000000000..4f244d9289f1
+--- /dev/null
++++ b/Makefile
+@@ -0,0 +1,29 @@
++prefix ?= /usr
++bindir ?= $(prefix)/bin
++
++EXEC = rtc-range rtc rtc-sync
++
++all: $(EXEC)
++
++rtc-range: rtc-range.c
++ $(CC) $(CFLAGS) -o $@ rtc-range.c
++
++rtc: rtc.c
++ $(CC) $(CFLAGS) -o $@ rtc.c
++
++rtc-sync: rtc-sync.c
++ $(CC) $(CFLAGS) -o $@ rtc-sync.c
++
++clean:
++ rm -f $(EXEC)
++
++install: rtc-range rtc rtc-sync
++ mkdir -p '$(DESTDIR)$(bindir)'
++ install -m755 rtc-range '$(DESTDIR)$(bindir)/rtc-range'
++ install -m755 rtc '$(DESTDIR)$(bindir)/rtc'
++ install -m755 rtc-sync '$(DESTDIR)$(bindir)/rtc-sync'
++
++uninstall:
++ rm -rf '$(DESTDIR)$(bindir)/rtc-range'
++ rm -rf '$(DESTDIR)$(bindir)/rtc'
++ rm -rf '$(DESTDIR)$(bindir)/rtc-sync'
+--
+2.25.1
diff --git a/meta-oe/recipes-support/rtc-tools/rtc-tools_1.0.0.bb b/meta-oe/recipes-support/rtc-tools/rtc-tools_1.0.0.bb
new file mode 100644
index 000000000000..8f0326829d8c
--- /dev/null
+++ b/meta-oe/recipes-support/rtc-tools/rtc-tools_1.0.0.bb
@@ -0,0 +1,19 @@
+DESCRIPTION = "Useful programs to test rtc drivers"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=74274e8a218423e49eefdea80bc55038"
+
+SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/rtc-tools.git;protocol=https;branch=master \
+ file://0001-rtc-tools-Add-a-Makefile.patch \
+ "
+SRCREV ?= "acc442e7af4e1e783432a43d37f1a7938c692659"
+
+S = "${WORKDIR}/git"
+
+TARGET_CC_ARCH += "${LDFLAGS}"
+EXTRA_OEMAKE = " \
+ DESTDIR=${D} \
+ all \
+ "
+do_install() {
+ oe_runmake install
+}
--
2.25.1

8181 - 8200 of 169058