|
[meta-python][PATCH 2/2] python3-poetry-core: Setting PIP_INSTALL_PACKAGE is no longer needed
Signed-off-by: Khem Raj <raj.khem@...>
--- .../recipes-devtools/python/python3-poetry-core_1.0.8.bb | 2 -- 1 file changed, 2 deletions(-) diff --git a/meta-python/recipes-devtools/python/python3-poetry-core_1.0.8.bb b/meta-python/recipes-devtools/python/python3-poetry-core_1.0.8.bb index 99ec763c4d..22d7076d01 100644 --- a/meta-python/recipes-devtools/python/python3-poetry-core_1.0.8.bb +++ b/meta-python/recipes-devtools/python/python3-poetry-core_1.0.8.bb @@ -23,8 +23,6 @@ SRC_URI[sha256sum] = "951fc7c1f8d710a94cb49019ee3742125039fc659675912ea614ac2aa4 inherit poetry_core pypi -PIP_INSTALL_PACKAGE = "poetry_core" - RDEPENDS:${PN}:append:class-target = "\ python3-compression \ python3-core \ -- 2.35.1 |
|
|
|
[meta-python][PATCH v2 1/2] poetry_core.bbclass: adjust for pip_install_wheel.bbclass -> python_pep517.bbclass rename
Signed-off-by: Khem Raj <raj.khem@...>
--- v2: Adjust for renamed PEP517_WHEEL_PATH meta-python/classes/poetry_core.bbclass | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta-python/classes/poetry_core.bbclass b/meta-python/classes/poetry_core.bbclass index fb37c78c78..b2b80efa4f 100644 --- a/meta-python/classes/poetry_core.bbclass +++ b/meta-python/classes/poetry_core.bbclass @@ -1,4 +1,4 @@ -inherit pip_install_wheel python3native setuptools3-base +inherit python_pep517 python3native setuptools3-base DEPENDS += "python3-poetry-core-native" @@ -8,8 +8,8 @@ poetry_core_do_configure () { # TODO: ideally this uses pypa/build poetry_core_do_compile () { - nativepython3 -c "from poetry.core.masonry import api; api.build_wheel('${PIP_INSTALL_DIST_PATH}')" + nativepython3 -c "from poetry.core.masonry import api; api.build_wheel('${PEP517_WHEEL_PATH}')" } -do_compile[cleandirs] += "${PIP_INSTALL_DIST_PATH}" +do_compile[cleandirs] += "${PEP517_WHEEL_PATH}" EXPORT_FUNCTIONS do_configure do_compile -- 2.35.1 |
|
|
|
[PATCH] poetry_core: update for renamed class pip_install_wheel to python_pep517
Ross Burton <ross@...>
Signed-off-by: Ross Burton <ross.burton@...>
--- meta-python/classes/poetry_core.bbclass | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta-python/classes/poetry_core.bbclass b/meta-python/classe= s/poetry_core.bbclass index fb37c78c78..b2b80efa4f 100644 --- a/meta-python/classes/poetry_core.bbclass +++ b/meta-python/classes/poetry_core.bbclass @@ -1,4 +1,4 @@ -inherit pip_install_wheel python3native setuptools3-base +inherit python_pep517 python3native setuptools3-base =20 DEPENDS +=3D "python3-poetry-core-native" =20 @@ -8,8 +8,8 @@ poetry_core_do_configure () { =20 # TODO: ideally this uses pypa/build poetry_core_do_compile () { - nativepython3 -c "from poetry.core.masonry import api; api.build_whe= el('${PIP_INSTALL_DIST_PATH}')" + nativepython3 -c "from poetry.core.masonry import api; api.build_whe= el('${PEP517_WHEEL_PATH}')" } -do_compile[cleandirs] +=3D "${PIP_INSTALL_DIST_PATH}" +do_compile[cleandirs] +=3D "${PEP517_WHEEL_PATH}" =20 EXPORT_FUNCTIONS do_configure do_compile --=20 2.25.1 |
|
|
|
[meta-python][PATCH] poetry_core.bbclass: adjust for pip_install_wheel.bbclass -> python_pep517.bbclass rename
Signed-off-by: Khem Raj <raj.khem@...>
--- meta-python/classes/poetry_core.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-python/classes/poetry_core.bbclass b/meta-python/classes/poetry_core.bbclass index fb37c78c78..77ccb0228b 100644 --- a/meta-python/classes/poetry_core.bbclass +++ b/meta-python/classes/poetry_core.bbclass @@ -1,4 +1,4 @@ -inherit pip_install_wheel python3native setuptools3-base +inherit python_pep517 python3native setuptools3-base DEPENDS += "python3-poetry-core-native" -- 2.35.1 |
|
|
|
[meta-oe][PATCH 4/4] rocksdb: Use new atomic builtins on powerpc as well
Signed-off-by: Khem Raj <raj.khem@...>
--- meta-oe/recipes-dbs/rocksdb/rocksdb_6.20.3.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-dbs/rocksdb/rocksdb_6.20.3.bb b/meta-oe/recipes-dbs/rocksdb/rocksdb_6.20.3.bb index 9e138d97e1..205ae1dfc9 100644 --- a/meta-oe/recipes-dbs/rocksdb/rocksdb_6.20.3.bb +++ b/meta-oe/recipes-dbs/rocksdb/rocksdb_6.20.3.bb @@ -22,6 +22,7 @@ SRC_URI = "git://github.com/facebook/${BPN}.git;branch=${SRCBRANCH};protocol=htt SRC_URI:append:riscv32 = " file://0001-replace-old-sync-with-new-atomic-builtin-equivalents.patch" SRC_URI:append:mips = " file://0001-replace-old-sync-with-new-atomic-builtin-equivalents.patch" +SRC_URI:append:powerpc = " file://0001-replace-old-sync-with-new-atomic-builtin-equivalents.patch" SRC_URI:remove:toolchain-clang:riscv32 = "file://0001-replace-old-sync-with-new-atomic-builtin-equivalents.patch" S = "${WORKDIR}/git" -- 2.35.1 |
|
|
|
[meta-oe][PATCH 3/4] capnproto: Link in libatomic on ppc
Signed-off-by: Khem Raj <raj.khem@...>
--- meta-oe/recipes-devtools/capnproto/capnproto_0.9.1.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-devtools/capnproto/capnproto_0.9.1.bb b/meta-oe/recipes-devtools/capnproto/capnproto_0.9.1.bb index 36004c53d6..d14bd843ef 100644 --- a/meta-oe/recipes-devtools/capnproto/capnproto_0.9.1.bb +++ b/meta-oe/recipes-devtools/capnproto/capnproto_0.9.1.bb @@ -14,6 +14,7 @@ S = "${WORKDIR}/git/c++" inherit cmake CXXFLAGS:append:mips = " -latomic" +CXXFLAGS:append:powerpc = " -latomic" CXXFLAGS:append:riscv32 = " -latomic" EXTRA_OECMAKE += "\ -- 2.35.1 |
|
|
|
[meta-gnome][PATCH 2/4] gimp: Disable vector icons on ppc
qemuppc segfaults building them
Signed-off-by: Khem Raj <raj.khem@...> --- meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb b/meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb index 36448b8f76..1155e0eec3 100644 --- a/meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb +++ b/meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb @@ -55,6 +55,7 @@ EXTRA_OECONF:append:toolchain-clang:arm = " --disable-vector-icons" EXTRA_OECONF:append:toolchain-clang:riscv32 = " --disable-vector-icons" EXTRA_OECONF:append:toolchain-clang:mips = " --disable-vector-icons" EXTRA_OECONF:append:toolchain-clang:x86 = " --disable-vector-icons" +EXTRA_OECONF:append:powerpc = " --disable-vector-icons" do_configure:append() { find ${B} -name Makefile | xargs sed -i s:'-I$(includedir)':'-I.':g -- 2.35.1 |
|
|
|
[meta-oe][PATCH 1/4] nodejs: Disable for powerpc
Fixes
../deps/v8/src/objects/code.h:564:2: error: #error Unknown architecture. Signed-off-by: Khem Raj <raj.khem@...> --- meta-oe/recipes-devtools/nodejs/nodejs_16.14.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_16.14.0.bb b/meta-oe/recipes-devtools/nodejs/nodejs_16.14.0.bb index 7b9644ec8d..0ab68cc608 100644 --- a/meta-oe/recipes-devtools/nodejs/nodejs_16.14.0.bb +++ b/meta-oe/recipes-devtools/nodejs/nodejs_16.14.0.bb @@ -15,6 +15,7 @@ COMPATIBLE_MACHINE:mips64 = "(!.*mips64).*" COMPATIBLE_HOST:riscv64 = "null" COMPATIBLE_HOST:riscv32 = "null" +COMPATIBLE_HOST:powerpc = "null" SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \ file://0001-Disable-running-gyp-files-for-bundled-deps.patch \ -- 2.35.1 |
|
|
|
[meta-oe][PATCH] libcereal: Link libatomics on mips for ptests
clang/mips emits calls to atomic builtins which it expects from C
runtime perhaps but compiler-rt does not provide them so link in libatomics Fixes atomic.cpp:(.text._ZN6cereal12Inpu tArchiveINS_16JSONInputArchiveELj0EE7processIRNSt3__16atomicIdEEEEvOT_[_ZN6cereal12InputArchiveINS_16JSONInputArchiveELj0EE7processIRNSt3__16atomicIdEEEEvOT_]+0x10c): undefined reference to `__atomic_store_8' Signed-off-by: Khem Raj <raj.khem@...> --- meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb b/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb index 250ea97f40..fb37de3c30 100644 --- a/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb +++ b/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb @@ -26,9 +26,10 @@ S = "${WORKDIR}/git" inherit cmake pkgconfig ptest -PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'with-tests', '', d)}" -PACKAGECONFIG[with-tests] = "-DWITH_WERROR=OFF -DBUILD_TESTS=ON,," +LIBATOMIC:mips:toolchain-clang = "${@bb.utils.contains('PTEST_ENABLED', '1', '-DCEREAL_THREAD_LIBS="-latomic"', '', d)}" +PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'with-tests', '', d)}" +PACKAGECONFIG[with-tests] = "-DWITH_WERROR=OFF -DBUILD_TESTS=ON ${LIBATOMIC},," EXTRA_OECMAKE = "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '', '-DJUST_INSTALL_CEREAL=ON', d)} \ ${@['','-DSKIP_PORTABILITY_TEST=ON'][d.getVar('SITEINFO_BITS') != '32']}" -- 2.35.1 |
|
|
|
Re: [meta-networking][PATCH] net-snmp: Avoid running `make clean` as it may fail
Peter Kjellerstedt
toggle quoted message
Show quoted text
-----Original Message-----Please cherry-pick this to Honister. //Peter |
|
|
|
[PATCH] meta-*: remove obsolete PYPA_WHEEL and PIP_INSTALL_PACKAGE assignments
Ross Burton <ross@...>
These variables are no longer used by pip_install_wheel, so remove them
from all recipes that set them. Signed-off-by: Ross Burton <ross.burton@...> --- meta-networking/recipes-connectivity/bluepy/bluepy_git.bb | 2 -- .../recipes-devtools/python/python3-scapy_2.4.5.bb | 2 -- meta-oe/recipes-devtools/guider/guider_3.9.8.bb | 1 - meta-oe/recipes-devtools/python/python3-apt_2.3.0.bb | 2 -- meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb | 3 --- .../python/python3-flask-versioned_0.9.4-20101221.bb | 7 ------- meta-python/recipes-devtools/python/python3-path_16.4.0.bb | 1 - 7 files changed, 18 deletions(-) diff --git a/meta-networking/recipes-connectivity/bluepy/bluepy_git.bb b/= meta-networking/recipes-connectivity/bluepy/bluepy_git.bb index ba5d9ac0e6..8e164708ed 100644 --- a/meta-networking/recipes-connectivity/bluepy/bluepy_git.bb +++ b/meta-networking/recipes-connectivity/bluepy/bluepy_git.bb @@ -15,8 +15,6 @@ S =3D "${WORKDIR}/git" =20 inherit setuptools3 pkgconfig =20 -PYPA_WHEEL =3D "${PIP_INSTALL_DIST_PATH}/${PIP_INSTALL_PACKAGE}-*-*.whl" - RDEPENDS:${PN} =3D "bluez5" =20 TARGET_CC_ARCH +=3D "${LDFLAGS}" diff --git a/meta-networking/recipes-devtools/python/python3-scapy_2.4.5.= bb b/meta-networking/recipes-devtools/python/python3-scapy_2.4.5.bb index 53c2ce3d8e..0f66dfd784 100644 --- a/meta-networking/recipes-devtools/python/python3-scapy_2.4.5.bb +++ b/meta-networking/recipes-devtools/python/python3-scapy_2.4.5.bb @@ -25,8 +25,6 @@ S =3D "${WORKDIR}/git" UPSTREAM_CHECK_COMMITS =3D "1" =20 inherit setuptools3 ptest -PIP_INSTALL_PACKAGE =3D "scapy" -PYPA_WHEEL =3D "${PIP_INSTALL_DIST_PATH}/${PIP_INSTALL_PACKAGE}-*-*.whl" =20 do_install:append() { mv ${D}${bindir}/scapy ${D}${bindir}/scapy3 diff --git a/meta-oe/recipes-devtools/guider/guider_3.9.8.bb b/meta-oe/re= cipes-devtools/guider/guider_3.9.8.bb index c519fa02a3..30d17c84b3 100644 --- a/meta-oe/recipes-devtools/guider/guider_3.9.8.bb +++ b/meta-oe/recipes-devtools/guider/guider_3.9.8.bb @@ -14,7 +14,6 @@ SRCREV =3D "a502cd93b13235b7539557a91328de00b7c51bc3" S =3D "${WORKDIR}/git" =20 inherit setuptools3 -PYPA_WHEEL =3D "${PIP_INSTALL_DIST_PATH}/${PIP_INSTALL_PACKAGE}-3.9.8-*.= whl" =20 RDEPENDS:${PN} =3D "python3 python3-core \ python3-ctypes python3-shell python3-json" diff --git a/meta-oe/recipes-devtools/python/python3-apt_2.3.0.bb b/meta-= oe/recipes-devtools/python/python3-apt_2.3.0.bb index e17e773cb4..ec1539b442 100644 --- a/meta-oe/recipes-devtools/python/python3-apt_2.3.0.bb +++ b/meta-oe/recipes-devtools/python/python3-apt_2.3.0.bb @@ -10,8 +10,6 @@ SRCREV =3D "6145b6484d220685edfd922d364afbf065127efe" S =3D "${WORKDIR}/git" =20 inherit setuptools3 -PIP_INSTALL_PACKAGE =3D "python_apt" -PYPA_WHEEL =3D "${PIP_INSTALL_DIST_PATH}/${PIP_INSTALL_PACKAGE}-0.0.0-*.= whl" =20 DEPENDS +=3D "apt" RDEPENDS:${PN} +=3D "apt python3-core" diff --git a/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb b/meta-oe/= recipes-extended/sanlock/sanlock_3.8.4.bb index d8cb24cab0..ecbfad394d 100644 --- a/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb +++ b/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb @@ -26,9 +26,6 @@ DEPENDS =3D "libaio util-linux" inherit setuptools3 useradd =20 SETUPTOOLS_SETUP_PATH =3D "${S}/python" -PIP_INSTALL_DIST_PATH =3D "${B}/python/dist" -PIP_INSTALL_PACKAGE =3D "sanlock_python" -PYPA_WHEEL =3D "${PIP_INSTALL_DIST_PATH}/${PIP_INSTALL_PACKAGE}-3.8.4-*.= whl" =20 do_compile:prepend () { oe_runmake -C ${S}/wdmd CMD_LDFLAGS=3D"${LDFLAGS}" LIB_LDFLAGS=3D"${= LDFLAGS}" diff --git a/meta-python/recipes-devtools/python/python3-flask-versioned_= 0.9.4-20101221.bb b/meta-python/recipes-devtools/python/python3-flask-ver= sioned_0.9.4-20101221.bb index 04493b21d4..7aaf439b83 100644 --- a/meta-python/recipes-devtools/python/python3-flask-versioned_0.9.4-2= 0101221.bb +++ b/meta-python/recipes-devtools/python/python3-flask-versioned_0.9.4-2= 0101221.bb @@ -7,10 +7,3 @@ PYPI_PACKAGE =3D "Flask-Versioned" SRC_URI[sha256sum] =3D "516694dc860a1bc4f22ab60b324a85083c0150522be10928= 2a3bed681057fd34" =20 inherit pypi setuptools3 - -def get_pypa_wheel_name(d): - return (d.getVar('PIP_INSTALL_DIST_PATH') + '/' + \ - d.getVar('PIP_INSTALL_PACKAGE') + '-' + \ - d.getVar('PV').replace('-', '.post') + '-*.whl') - -PYPA_WHEEL =3D "${@get_pypa_wheel_name(d)}" diff --git a/meta-python/recipes-devtools/python/python3-path_16.4.0.bb b= /meta-python/recipes-devtools/python/python3-path_16.4.0.bb index 0fc0a33b2b..60ac948cf4 100644 --- a/meta-python/recipes-devtools/python/python3-path_16.4.0.bb +++ b/meta-python/recipes-devtools/python/python3-path_16.4.0.bb @@ -5,6 +5,5 @@ LIC_FILES_CHKSUM =3D "file://LICENSE;md5=3D7a7126e0682062= 90f3fe9f8d6c713ea6" SRC_URI[sha256sum] =3D "baf2e757c4b19be8208f9e67e48fb475b4a577d5613590ce= 46693bdbdf082f52" =20 inherit pypi setuptools_build_meta -PYPA_WHEEL =3D "${PIP_INSTALL_DIST_PATH}/${PIP_INSTALL_PACKAGE}-0.0.0-*.= whl" =20 BBCLASSEXTEND =3D "nativesdk native" --=20 2.25.1 |
|
|
|
[meta-oe][PATCH] libcereal: Link libatomics on mips for ptests
clang/mips emits calls to atomic builtins which it expects from C
runtime perhaps but compiler-rt does not provide them so link in libatomics Fixes atomic.cpp:(.text._ZN6cereal12Inpu tArchiveINS_16JSONInputArchiveELj0EE7processIRNSt3__16atomicIdEEEEvOT_[_ZN6cereal12InputArchiveINS_16JSONInputArchiveELj0EE7processIRNSt3__16atomicIdEEEEvOT_]+0x10c): undefined reference to `__atomic_store_8' Signed-off-by: Khem Raj <raj.khem@...> --- meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb b/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb index 250ea97f40..fb37de3c30 100644 --- a/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb +++ b/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb @@ -26,9 +26,10 @@ S = "${WORKDIR}/git" inherit cmake pkgconfig ptest -PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'with-tests', '', d)}" -PACKAGECONFIG[with-tests] = "-DWITH_WERROR=OFF -DBUILD_TESTS=ON,," +LIBATOMIC:mips:toolchain-clang = "${@bb.utils.contains('PTEST_ENABLED', '1', '-DCEREAL_THREAD_LIBS="-latomic"', '', d)}" +PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'with-tests', '', d)}" +PACKAGECONFIG[with-tests] = "-DWITH_WERROR=OFF -DBUILD_TESTS=ON ${LIBATOMIC},," EXTRA_OECMAKE = "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '', '-DJUST_INSTALL_CEREAL=ON', d)} \ ${@['','-DSKIP_PORTABILITY_TEST=ON'][d.getVar('SITEINFO_BITS') != '32']}" -- 2.35.1 |
|
|
|
[meta-oe][PATCH] libcereal: Disable Werror with ptests
skip portability tests on 64bit targets since we do not have 32bit
multilib enabled in compiler Signed-off-by: Khem Raj <raj.khem@...> --- meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb b/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb index fc58a42d28..250ea97f40 100644 --- a/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb +++ b/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb @@ -27,9 +27,10 @@ S = "${WORKDIR}/git" inherit cmake pkgconfig ptest PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'with-tests', '', d)}" -PACKAGECONFIG[with-tests] = "-DBUILD_TESTS=ON -DSKIP_PORTABILITY_TEST=ON,," +PACKAGECONFIG[with-tests] = "-DWITH_WERROR=OFF -DBUILD_TESTS=ON,," -EXTRA_OECMAKE = "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '', '-DJUST_INSTALL_CEREAL=ON', d)}" +EXTRA_OECMAKE = "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '', '-DJUST_INSTALL_CEREAL=ON', d)} \ + ${@['','-DSKIP_PORTABILITY_TEST=ON'][d.getVar('SITEINFO_BITS') != '32']}" do_install_ptest() { install -d ${D}${PTEST_PATH}/tests -- 2.35.1 |
|
|
|
[meta-oe][PATCH] nlohmann-json: Set CVE_PRODUCT according to NVD
Julian Haller
From: Julian Haller <julian.haller@...>
NVD uses 'json-for-modern-cpp' as product name for nlohmann-json. See https://nvd.nist.gov/products/cpe/detail/394565?namingFormat=2.3&orderBy=CPEURI&keyword=json-for-modern-cpp&status=FINAL Signed-off-by: Julian Haller <julian.haller@...> --- meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb b/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb index a69c5c7e58..0cf6fd36bc 100644 --- a/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb +++ b/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb @@ -4,6 +4,8 @@ SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.MIT;md5=f969127d7b7ed0a8a63c2bbeae002588" +CVE_PRODUCT = "json-for-modern-cpp" + SRC_URI = "git://github.com/nlohmann/json.git;nobranch=1;protocol=https \ " -- 2.25.1 |
|
|
|
Re: [hardknott][PATCH 2/2] expat: fix CVE-2022-25236
Kai Kang
On 3/11/22 9:46 PM, kai wrote:
From: Kai Kang <kai.kang@...> Backport patches to fix CVE-2022-25236 for expat. CVE: CVE-2022-25236 Signed-off-by: Kai Kang <kai.kang@...> Ooooops. Wrong mailllist. Sorry for inconvenience. Kai --- .../expat/expat/CVE-2022-25236-1.patch | 116 +++++++++ .../expat/expat/CVE-2022-25236-2.patch | 232 ++++++++++++++++++ meta/recipes-core/expat/expat_2.2.10.bb | 2 + 3 files changed, 350 insertions(+) create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25236-1.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25236-2.patch diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch new file mode 100644 index 0000000000..ab53d99c8f --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch @@ -0,0 +1,116 @@ +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/2cc97e87] +CVE: CVE-2022-25236 + +The commit is a merge commit, and this patch is created by: + +$ git diff -p --stat 2cc97e87~ 2cc97e87 + +Remove modification for expat/Changes which fails to be applied. + +Signed-off-by: Kai Kang <kai.kang@...> + +commit 2cc97e875ef84da4bcf55156c83599116f7523b4 (from d477fdd284468f2ab822024e75702f2c1b254f42) +Merge: d477fdd2 e4d7e497 +Author: Sebastian Pipping <sebastian@...> +Date: Fri Feb 18 18:01:27 2022 +0100 + + Merge pull request #561 from libexpat/namesep-security + + [CVE-2022-25236] lib: Protect against insertion of namesep characters into namespace URIs + +--- + expat/Changes | 16 ++++++++++++++++ + expat/lib/xmlparse.c | 17 +++++++++++++---- + expat/tests/runtests.c | 30 ++++++++++++++++++++++++++++++ + 3 files changed, 59 insertions(+), 4 deletions(-) + +diff --git a/lib/xmlparse.c b/lib/xmlparse.c +index 7376aab1..c98e2e9f 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -718,8 +718,7 @@ XML_ParserCreate(const XML_Char *encodingName) { + + XML_Parser XMLCALL + XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep) { +- XML_Char tmp[2]; +- *tmp = nsSep; ++ XML_Char tmp[2] = {nsSep, 0}; + return XML_ParserCreate_MM(encodingName, NULL, tmp); + } + +@@ -1344,8 +1343,7 @@ XML_ExternalEntityParserCreate(XML_Parser oldParser, const XML_Char *context, + would be otherwise. + */ + if (parser->m_ns) { +- XML_Char tmp[2]; +- *tmp = parser->m_namespaceSeparator; ++ XML_Char tmp[2] = {parser->m_namespaceSeparator, 0}; + parser = parserCreate(encodingName, &parser->m_mem, tmp, newDtd); + } else { + parser = parserCreate(encodingName, &parser->m_mem, NULL, newDtd); +@@ -3761,6 +3759,17 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + if (! mustBeXML && isXMLNS + && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) + isXMLNS = XML_FALSE; ++ ++ // NOTE: While Expat does not validate namespace URIs against RFC 3986, ++ // we have to at least make sure that the XML processor on top of ++ // Expat (that is splitting tag names by namespace separator into ++ // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused ++ // by an attacker putting additional namespace separator characters ++ // into namespace declarations. That would be ambiguous and not to ++ // be expected. ++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { ++ return XML_ERROR_SYNTAX; ++ } + } + isXML = isXML && len == xmlLen; + isXMLNS = isXMLNS && len == xmlnsLen; +diff --git a/tests/runtests.c b/tests/runtests.c +index d07203f2..bc5344b1 100644 +--- a/tests/runtests.c ++++ b/tests/runtests.c +@@ -7220,6 +7220,35 @@ START_TEST(test_ns_double_colon_doctype) { + } + END_TEST + ++START_TEST(test_ns_separator_in_uri) { ++ struct test_case { ++ enum XML_Status expectedStatus; ++ const char *doc; ++ }; ++ struct test_case cases[] = { ++ {XML_STATUS_OK, "<doc xmlns='one_two' />"}, ++ {XML_STATUS_ERROR, "<doc xmlns='one
two' />"}, ++ }; ++ ++ size_t i = 0; ++ size_t failCount = 0; ++ for (; i < sizeof(cases) / sizeof(cases[0]); i++) { ++ XML_Parser parser = XML_ParserCreateNS(NULL, '\n'); ++ XML_SetElementHandler(parser, dummy_start_element, dummy_end_element); ++ if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc), ++ /*isFinal*/ XML_TRUE) ++ != cases[i].expectedStatus) { ++ failCount++; ++ } ++ XML_ParserFree(parser); ++ } ++ ++ if (failCount) { ++ fail("Namespace separator handling is broken"); ++ } ++} ++END_TEST ++ + /* Control variable; the number of times duff_allocator() will successfully + * allocate */ + #define ALLOC_ALWAYS_SUCCEED (-1) +@@ -11905,6 +11934,7 @@ make_suite(void) { + tcase_add_test(tc_namespace, test_ns_utf16_doctype); + tcase_add_test(tc_namespace, test_ns_invalid_doctype); + tcase_add_test(tc_namespace, test_ns_double_colon_doctype); ++ tcase_add_test(tc_namespace, test_ns_separator_in_uri); + + suite_add_tcase(s, tc_misc); + tcase_add_checked_fixture(tc_misc, NULL, basic_teardown); diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch new file mode 100644 index 0000000000..0f14c9631b --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch @@ -0,0 +1,232 @@ +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/f178826b] +CVE: CVE-2022-25236 + +The commit is a merge commit, and this patch is created by: + +$ git show -m -p --stat f178826b + +Remove changes for expat/Changes and reference.html which fail to be applied. + +Signed-off-by: Kai Kang <kai.kang@...> + +commit f178826bb1e9c8ee23202f1be55ad4ac7b649e84 (from c99e0e7f2b15b48848038992ecbb4480f957cfe9) +Merge: c99e0e7f 9579f7ea +Author: Sebastian Pipping <sebastian@...> +Date: Fri Mar 4 18:43:39 2022 +0100 + + Merge pull request #577 from libexpat/namesep + + lib: Relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters (fixes #572) +--- + expat/Changes | 16 ++++++ + expat/doc/reference.html | 8 +++ + expat/lib/expat.h | 11 ++++ + expat/lib/xmlparse.c | 139 ++++++++++++++++++++++++++++++++++++++++++++--- + expat/tests/runtests.c | 8 ++- + 5 files changed, 171 insertions(+), 11 deletions(-) + +diff --git a/lib/expat.h b/lib/expat.h +index 5ab493f7..181fc960 100644 +--- a/lib/expat.h ++++ b/lib/expat.h +@@ -239,6 +239,17 @@ XML_ParserCreate(const XML_Char *encoding); + and the local part will be concatenated without any separator. + It is a programming error to use the separator '\0' with namespace + triplets (see XML_SetReturnNSTriplet). ++ If a namespace separator is chosen that can be part of a URI or ++ part of an XML name, splitting an expanded name back into its ++ 1, 2 or 3 original parts on application level in the element handler ++ may end up vulnerable, so these are advised against; sane choices for ++ a namespace separator are e.g. '\n' (line feed) and '|' (pipe). ++ ++ Note that Expat does not validate namespace URIs (beyond encoding) ++ against RFC 3986 today (and is not required to do so with regard to ++ the XML 1.0 namespaces specification) but it may start doing that ++ in future releases. Before that, an application using Expat must ++ be ready to receive namespace URIs containing non-URI characters. + */ + XMLPARSEAPI(XML_Parser) + XML_ParserCreateNS(const XML_Char *encoding, XML_Char namespaceSeparator); +diff --git a/lib/xmlparse.c b/lib/xmlparse.c +index 59da19c8..6fe2cf1e 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -3705,6 +3705,117 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + return XML_ERROR_NONE; + } + ++static XML_Bool ++is_rfc3986_uri_char(XML_Char candidate) { ++ // For the RFC 3986 ANBF grammar see ++ // https://datatracker.ietf.org/doc/html/rfc3986#appendix-A ++ ++ switch (candidate) { ++ // From rule "ALPHA" (uppercase half) ++ case 'A': ++ case 'B': ++ case 'C': ++ case 'D': ++ case 'E': ++ case 'F': ++ case 'G': ++ case 'H': ++ case 'I': ++ case 'J': ++ case 'K': ++ case 'L': ++ case 'M': ++ case 'N': ++ case 'O': ++ case 'P': ++ case 'Q': ++ case 'R': ++ case 'S': ++ case 'T': ++ case 'U': ++ case 'V': ++ case 'W': ++ case 'X': ++ case 'Y': ++ case 'Z': ++ ++ // From rule "ALPHA" (lowercase half) ++ case 'a': ++ case 'b': ++ case 'c': ++ case 'd': ++ case 'e': ++ case 'f': ++ case 'g': ++ case 'h': ++ case 'i': ++ case 'j': ++ case 'k': ++ case 'l': ++ case 'm': ++ case 'n': ++ case 'o': ++ case 'p': ++ case 'q': ++ case 'r': ++ case 's': ++ case 't': ++ case 'u': ++ case 'v': ++ case 'w': ++ case 'x': ++ case 'y': ++ case 'z': ++ ++ // From rule "DIGIT" ++ case '0': ++ case '1': ++ case '2': ++ case '3': ++ case '4': ++ case '5': ++ case '6': ++ case '7': ++ case '8': ++ case '9': ++ ++ // From rule "pct-encoded" ++ case '%': ++ ++ // From rule "unreserved" ++ case '-': ++ case '.': ++ case '_': ++ case '~': ++ ++ // From rule "gen-delims" ++ case ':': ++ case '/': ++ case '?': ++ case '#': ++ case '[': ++ case ']': ++ case '@': ++ ++ // From rule "sub-delims" ++ case '!': ++ case '$': ++ case '&': ++ case '\'': ++ case '(': ++ case ')': ++ case '*': ++ case '+': ++ case ',': ++ case ';': ++ case '=': ++ return XML_TRUE; ++ ++ default: ++ return XML_FALSE; ++ } ++} ++ + /* addBinding() overwrites the value of prefix->binding without checking. + Therefore one must keep track of the old value outside of addBinding(). + */ +@@ -3763,14 +3874,26 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) + isXMLNS = XML_FALSE; + +- // NOTE: While Expat does not validate namespace URIs against RFC 3986, +- // we have to at least make sure that the XML processor on top of +- // Expat (that is splitting tag names by namespace separator into +- // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused +- // by an attacker putting additional namespace separator characters +- // into namespace declarations. That would be ambiguous and not to +- // be expected. +- if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { ++ // NOTE: While Expat does not validate namespace URIs against RFC 3986 ++ // today (and is not REQUIRED to do so with regard to the XML 1.0 ++ // namespaces specification) we have to at least make sure, that ++ // the application on top of Expat (that is likely splitting expanded ++ // element names ("qualified names") of form ++ // "[uri sep] local [sep prefix] '\0'" back into 1, 2 or 3 pieces ++ // in its element handler code) cannot be confused by an attacker ++ // putting additional namespace separator characters into namespace ++ // declarations. That would be ambiguous and not to be expected. ++ // ++ // While the HTML API docs of function XML_ParserCreateNS have been ++ // advising against use of a namespace separator character that can ++ // appear in a URI for >20 years now, some widespread applications ++ // are using URI characters (':' (colon) in particular) for a ++ // namespace separator, in practice. To keep these applications ++ // functional, we only reject namespaces URIs containing the ++ // application-chosen namespace separator if the chosen separator ++ // is a non-URI character with regard to RFC 3986. ++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator) ++ && ! is_rfc3986_uri_char(uri[len])) { + return XML_ERROR_SYNTAX; + } + } +diff --git a/tests/runtests.c b/tests/runtests.c +index 60da868e..712706c4 100644 +--- a/tests/runtests.c ++++ b/tests/runtests.c +@@ -7406,16 +7406,18 @@ START_TEST(test_ns_separator_in_uri) { + struct test_case { + enum XML_Status expectedStatus; + const char *doc; ++ XML_Char namesep; + }; + struct test_case cases[] = { +- {XML_STATUS_OK, "<doc xmlns='one_two' />"}, +- {XML_STATUS_ERROR, "<doc xmlns='one
two' />"}, ++ {XML_STATUS_OK, "<doc xmlns='one_two' />", XCS('\n')}, ++ {XML_STATUS_ERROR, "<doc xmlns='one
two' />", XCS('\n')}, ++ {XML_STATUS_OK, "<doc xmlns='one:two' />", XCS(':')}, + }; + + size_t i = 0; + size_t failCount = 0; + for (; i < sizeof(cases) / sizeof(cases[0]); i++) { +- XML_Parser parser = XML_ParserCreateNS(NULL, '\n'); ++ XML_Parser parser = XML_ParserCreateNS(NULL, cases[i].namesep); + XML_SetElementHandler(parser, dummy_start_element, dummy_end_element); + if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc), + /*isFinal*/ XML_TRUE) diff --git a/meta/recipes-core/expat/expat_2.2.10.bb b/meta/recipes-core/expat/expat_2.2.10.bb index 0b3331981c..f99fa7edb6 100644 --- a/meta/recipes-core/expat/expat_2.2.10.bb +++ b/meta/recipes-core/expat/expat_2.2.10.bb @@ -18,6 +18,8 @@ SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TA file://CVE-2022-23852.patch \ file://CVE-2022-23990.patch \ file://CVE-2022-25235.patch \ + file://CVE-2022-25236-1.patch \ + file://CVE-2022-25236-2.patch \ " UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/"
-- Kai Kang Wind River Linux |
|
|
|
[hardknott][PATCH 2/2] expat: fix CVE-2022-25236
Kai Kang
From: Kai Kang <kai.kang@...>
Backport patches to fix CVE-2022-25236 for expat. CVE: CVE-2022-25236 Signed-off-by: Kai Kang <kai.kang@...> --- .../expat/expat/CVE-2022-25236-1.patch | 116 +++++++++ .../expat/expat/CVE-2022-25236-2.patch | 232 ++++++++++++++++++ meta/recipes-core/expat/expat_2.2.10.bb | 2 + 3 files changed, 350 insertions(+) create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25236-1.patch create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25236-2.patch diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch new file mode 100644 index 0000000000..ab53d99c8f --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch @@ -0,0 +1,116 @@ +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/2cc97e87] +CVE: CVE-2022-25236 + +The commit is a merge commit, and this patch is created by: + +$ git diff -p --stat 2cc97e87~ 2cc97e87 + +Remove modification for expat/Changes which fails to be applied. + +Signed-off-by: Kai Kang <kai.kang@...> + +commit 2cc97e875ef84da4bcf55156c83599116f7523b4 (from d477fdd284468f2ab822024e75702f2c1b254f42) +Merge: d477fdd2 e4d7e497 +Author: Sebastian Pipping <sebastian@...> +Date: Fri Feb 18 18:01:27 2022 +0100 + + Merge pull request #561 from libexpat/namesep-security + + [CVE-2022-25236] lib: Protect against insertion of namesep characters into namespace URIs + +--- + expat/Changes | 16 ++++++++++++++++ + expat/lib/xmlparse.c | 17 +++++++++++++---- + expat/tests/runtests.c | 30 ++++++++++++++++++++++++++++++ + 3 files changed, 59 insertions(+), 4 deletions(-) + +diff --git a/lib/xmlparse.c b/lib/xmlparse.c +index 7376aab1..c98e2e9f 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -718,8 +718,7 @@ XML_ParserCreate(const XML_Char *encodingName) { + + XML_Parser XMLCALL + XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep) { +- XML_Char tmp[2]; +- *tmp = nsSep; ++ XML_Char tmp[2] = {nsSep, 0}; + return XML_ParserCreate_MM(encodingName, NULL, tmp); + } + +@@ -1344,8 +1343,7 @@ XML_ExternalEntityParserCreate(XML_Parser oldParser, const XML_Char *context, + would be otherwise. + */ + if (parser->m_ns) { +- XML_Char tmp[2]; +- *tmp = parser->m_namespaceSeparator; ++ XML_Char tmp[2] = {parser->m_namespaceSeparator, 0}; + parser = parserCreate(encodingName, &parser->m_mem, tmp, newDtd); + } else { + parser = parserCreate(encodingName, &parser->m_mem, NULL, newDtd); +@@ -3761,6 +3759,17 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + if (! mustBeXML && isXMLNS + && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) + isXMLNS = XML_FALSE; ++ ++ // NOTE: While Expat does not validate namespace URIs against RFC 3986, ++ // we have to at least make sure that the XML processor on top of ++ // Expat (that is splitting tag names by namespace separator into ++ // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused ++ // by an attacker putting additional namespace separator characters ++ // into namespace declarations. That would be ambiguous and not to ++ // be expected. ++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { ++ return XML_ERROR_SYNTAX; ++ } + } + isXML = isXML && len == xmlLen; + isXMLNS = isXMLNS && len == xmlnsLen; +diff --git a/tests/runtests.c b/tests/runtests.c +index d07203f2..bc5344b1 100644 +--- a/tests/runtests.c ++++ b/tests/runtests.c +@@ -7220,6 +7220,35 @@ START_TEST(test_ns_double_colon_doctype) { + } + END_TEST + ++START_TEST(test_ns_separator_in_uri) { ++ struct test_case { ++ enum XML_Status expectedStatus; ++ const char *doc; ++ }; ++ struct test_case cases[] = { ++ {XML_STATUS_OK, "<doc xmlns='one_two' />"}, ++ {XML_STATUS_ERROR, "<doc xmlns='one
two' />"}, ++ }; ++ ++ size_t i = 0; ++ size_t failCount = 0; ++ for (; i < sizeof(cases) / sizeof(cases[0]); i++) { ++ XML_Parser parser = XML_ParserCreateNS(NULL, '\n'); ++ XML_SetElementHandler(parser, dummy_start_element, dummy_end_element); ++ if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc), ++ /*isFinal*/ XML_TRUE) ++ != cases[i].expectedStatus) { ++ failCount++; ++ } ++ XML_ParserFree(parser); ++ } ++ ++ if (failCount) { ++ fail("Namespace separator handling is broken"); ++ } ++} ++END_TEST ++ + /* Control variable; the number of times duff_allocator() will successfully + * allocate */ + #define ALLOC_ALWAYS_SUCCEED (-1) +@@ -11905,6 +11934,7 @@ make_suite(void) { + tcase_add_test(tc_namespace, test_ns_utf16_doctype); + tcase_add_test(tc_namespace, test_ns_invalid_doctype); + tcase_add_test(tc_namespace, test_ns_double_colon_doctype); ++ tcase_add_test(tc_namespace, test_ns_separator_in_uri); + + suite_add_tcase(s, tc_misc); + tcase_add_checked_fixture(tc_misc, NULL, basic_teardown); diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch new file mode 100644 index 0000000000..0f14c9631b --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch @@ -0,0 +1,232 @@ +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/f178826b] +CVE: CVE-2022-25236 + +The commit is a merge commit, and this patch is created by: + +$ git show -m -p --stat f178826b + +Remove changes for expat/Changes and reference.html which fail to be applied. + +Signed-off-by: Kai Kang <kai.kang@...> + +commit f178826bb1e9c8ee23202f1be55ad4ac7b649e84 (from c99e0e7f2b15b48848038992ecbb4480f957cfe9) +Merge: c99e0e7f 9579f7ea +Author: Sebastian Pipping <sebastian@...> +Date: Fri Mar 4 18:43:39 2022 +0100 + + Merge pull request #577 from libexpat/namesep + + lib: Relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters (fixes #572) +--- + expat/Changes | 16 ++++++ + expat/doc/reference.html | 8 +++ + expat/lib/expat.h | 11 ++++ + expat/lib/xmlparse.c | 139 ++++++++++++++++++++++++++++++++++++++++++++--- + expat/tests/runtests.c | 8 ++- + 5 files changed, 171 insertions(+), 11 deletions(-) + +diff --git a/lib/expat.h b/lib/expat.h +index 5ab493f7..181fc960 100644 +--- a/lib/expat.h ++++ b/lib/expat.h +@@ -239,6 +239,17 @@ XML_ParserCreate(const XML_Char *encoding); + and the local part will be concatenated without any separator. + It is a programming error to use the separator '\0' with namespace + triplets (see XML_SetReturnNSTriplet). ++ If a namespace separator is chosen that can be part of a URI or ++ part of an XML name, splitting an expanded name back into its ++ 1, 2 or 3 original parts on application level in the element handler ++ may end up vulnerable, so these are advised against; sane choices for ++ a namespace separator are e.g. '\n' (line feed) and '|' (pipe). ++ ++ Note that Expat does not validate namespace URIs (beyond encoding) ++ against RFC 3986 today (and is not required to do so with regard to ++ the XML 1.0 namespaces specification) but it may start doing that ++ in future releases. Before that, an application using Expat must ++ be ready to receive namespace URIs containing non-URI characters. + */ + XMLPARSEAPI(XML_Parser) + XML_ParserCreateNS(const XML_Char *encoding, XML_Char namespaceSeparator); +diff --git a/lib/xmlparse.c b/lib/xmlparse.c +index 59da19c8..6fe2cf1e 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -3705,6 +3705,117 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + return XML_ERROR_NONE; + } + ++static XML_Bool ++is_rfc3986_uri_char(XML_Char candidate) { ++ // For the RFC 3986 ANBF grammar see ++ // https://datatracker.ietf.org/doc/html/rfc3986#appendix-A ++ ++ switch (candidate) { ++ // From rule "ALPHA" (uppercase half) ++ case 'A': ++ case 'B': ++ case 'C': ++ case 'D': ++ case 'E': ++ case 'F': ++ case 'G': ++ case 'H': ++ case 'I': ++ case 'J': ++ case 'K': ++ case 'L': ++ case 'M': ++ case 'N': ++ case 'O': ++ case 'P': ++ case 'Q': ++ case 'R': ++ case 'S': ++ case 'T': ++ case 'U': ++ case 'V': ++ case 'W': ++ case 'X': ++ case 'Y': ++ case 'Z': ++ ++ // From rule "ALPHA" (lowercase half) ++ case 'a': ++ case 'b': ++ case 'c': ++ case 'd': ++ case 'e': ++ case 'f': ++ case 'g': ++ case 'h': ++ case 'i': ++ case 'j': ++ case 'k': ++ case 'l': ++ case 'm': ++ case 'n': ++ case 'o': ++ case 'p': ++ case 'q': ++ case 'r': ++ case 's': ++ case 't': ++ case 'u': ++ case 'v': ++ case 'w': ++ case 'x': ++ case 'y': ++ case 'z': ++ ++ // From rule "DIGIT" ++ case '0': ++ case '1': ++ case '2': ++ case '3': ++ case '4': ++ case '5': ++ case '6': ++ case '7': ++ case '8': ++ case '9': ++ ++ // From rule "pct-encoded" ++ case '%': ++ ++ // From rule "unreserved" ++ case '-': ++ case '.': ++ case '_': ++ case '~': ++ ++ // From rule "gen-delims" ++ case ':': ++ case '/': ++ case '?': ++ case '#': ++ case '[': ++ case ']': ++ case '@': ++ ++ // From rule "sub-delims" ++ case '!': ++ case '$': ++ case '&': ++ case '\'': ++ case '(': ++ case ')': ++ case '*': ++ case '+': ++ case ',': ++ case ';': ++ case '=': ++ return XML_TRUE; ++ ++ default: ++ return XML_FALSE; ++ } ++} ++ + /* addBinding() overwrites the value of prefix->binding without checking. + Therefore one must keep track of the old value outside of addBinding(). + */ +@@ -3763,14 +3874,26 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) + isXMLNS = XML_FALSE; + +- // NOTE: While Expat does not validate namespace URIs against RFC 3986, +- // we have to at least make sure that the XML processor on top of +- // Expat (that is splitting tag names by namespace separator into +- // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused +- // by an attacker putting additional namespace separator characters +- // into namespace declarations. That would be ambiguous and not to +- // be expected. +- if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { ++ // NOTE: While Expat does not validate namespace URIs against RFC 3986 ++ // today (and is not REQUIRED to do so with regard to the XML 1.0 ++ // namespaces specification) we have to at least make sure, that ++ // the application on top of Expat (that is likely splitting expanded ++ // element names ("qualified names") of form ++ // "[uri sep] local [sep prefix] '\0'" back into 1, 2 or 3 pieces ++ // in its element handler code) cannot be confused by an attacker ++ // putting additional namespace separator characters into namespace ++ // declarations. That would be ambiguous and not to be expected. ++ // ++ // While the HTML API docs of function XML_ParserCreateNS have been ++ // advising against use of a namespace separator character that can ++ // appear in a URI for >20 years now, some widespread applications ++ // are using URI characters (':' (colon) in particular) for a ++ // namespace separator, in practice. To keep these applications ++ // functional, we only reject namespaces URIs containing the ++ // application-chosen namespace separator if the chosen separator ++ // is a non-URI character with regard to RFC 3986. ++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator) ++ && ! is_rfc3986_uri_char(uri[len])) { + return XML_ERROR_SYNTAX; + } + } +diff --git a/tests/runtests.c b/tests/runtests.c +index 60da868e..712706c4 100644 +--- a/tests/runtests.c ++++ b/tests/runtests.c +@@ -7406,16 +7406,18 @@ START_TEST(test_ns_separator_in_uri) { + struct test_case { + enum XML_Status expectedStatus; + const char *doc; ++ XML_Char namesep; + }; + struct test_case cases[] = { +- {XML_STATUS_OK, "<doc xmlns='one_two' />"}, +- {XML_STATUS_ERROR, "<doc xmlns='one
two' />"}, ++ {XML_STATUS_OK, "<doc xmlns='one_two' />", XCS('\n')}, ++ {XML_STATUS_ERROR, "<doc xmlns='one
two' />", XCS('\n')}, ++ {XML_STATUS_OK, "<doc xmlns='one:two' />", XCS(':')}, + }; + + size_t i = 0; + size_t failCount = 0; + for (; i < sizeof(cases) / sizeof(cases[0]); i++) { +- XML_Parser parser = XML_ParserCreateNS(NULL, '\n'); ++ XML_Parser parser = XML_ParserCreateNS(NULL, cases[i].namesep); + XML_SetElementHandler(parser, dummy_start_element, dummy_end_element); + if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc), + /*isFinal*/ XML_TRUE) diff --git a/meta/recipes-core/expat/expat_2.2.10.bb b/meta/recipes-core/expat/expat_2.2.10.bb index 0b3331981c..f99fa7edb6 100644 --- a/meta/recipes-core/expat/expat_2.2.10.bb +++ b/meta/recipes-core/expat/expat_2.2.10.bb @@ -18,6 +18,8 @@ SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TA file://CVE-2022-23852.patch \ file://CVE-2022-23990.patch \ file://CVE-2022-25235.patch \ + file://CVE-2022-25236-1.patch \ + file://CVE-2022-25236-2.patch \ " UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" -- 2.17.1 |
|
|
|
[hardknott][PATCH 1/2] expat: fix CVE-2022-25235
Kai Kang
From: Kai Kang <kai.kang@...>
Backport patch to fix CVE-2022-25235 for expat. CVE: CVE-2022-25235 Signed-off-by: Kai Kang <kai.kang@...> --- .../expat/expat/CVE-2022-25235.patch | 261 ++++++++++++++++++ meta/recipes-core/expat/expat_2.2.10.bb | 1 + 2 files changed, 262 insertions(+) create mode 100644 meta/recipes-core/expat/expat/CVE-2022-25235.patch diff --git a/meta/recipes-core/expat/expat/CVE-2022-25235.patch b/meta/recipes-core/expat/expat/CVE-2022-25235.patch new file mode 100644 index 0000000000..9febeae609 --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25235.patch @@ -0,0 +1,261 @@ +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/306b721] +CVE: CVE-2022-25235 + +The commit is a merge commit, and this patch is created by: + +$ git show -m -p --stat 306b72134f157bbfd1637b20a22cabf4acfa136a + +Remove modification for expat/Changes which fails to be applied. + +Signed-off-by: Kai Kang <kai.kang@...> + +commit 306b72134f157bbfd1637b20a22cabf4acfa136a (from 2cc97e875ef84da4bcf55156c83599116f7523b4) +Merge: 2cc97e87 c16300f0 +Author: Sebastian Pipping <sebastian@...> +Date: Fri Feb 18 20:12:32 2022 +0100 + + Merge pull request #562 from libexpat/utf8-security + + [CVE-2022-25235] lib: Protect against malformed encoding (e.g. malformed UTF-8) +--- + expat/Changes | 7 ++++ + expat/lib/xmltok.c | 5 --- + expat/lib/xmltok_impl.c | 18 ++++---- + expat/tests/runtests.c | 109 ++++++++++++++++++++++++++++++++++++++++++++++++ + 4 files changed, 127 insertions(+), 12 deletions(-) + +diff --git a/lib/xmltok.c b/lib/xmltok.c +index a72200e8..3bddf125 100644 +--- a/lib/xmltok.c ++++ b/lib/xmltok.c +@@ -98,11 +98,6 @@ + + ((((byte)[1]) & 3) << 1) + ((((byte)[2]) >> 5) & 1)] \ + & (1u << (((byte)[2]) & 0x1F))) + +-#define UTF8_GET_NAMING(pages, p, n) \ +- ((n) == 2 \ +- ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \ +- : ((n) == 3 ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) : 0)) +- + /* Detection of invalid UTF-8 sequences is based on Table 3.1B + of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/ + with the additional restriction of not allowing the Unicode +diff --git a/lib/xmltok_impl.c b/lib/xmltok_impl.c +index 0430591b..84ff35f9 100644 +--- a/lib/xmltok_impl.c ++++ b/lib/xmltok_impl.c +@@ -69,7 +69,7 @@ + case BT_LEAD##n: \ + if (end - ptr < n) \ + return XML_TOK_PARTIAL_CHAR; \ +- if (! IS_NAME_CHAR(enc, ptr, n)) { \ ++ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NAME_CHAR(enc, ptr, n)) { \ + *nextTokPtr = ptr; \ + return XML_TOK_INVALID; \ + } \ +@@ -98,7 +98,7 @@ + case BT_LEAD##n: \ + if (end - ptr < n) \ + return XML_TOK_PARTIAL_CHAR; \ +- if (! IS_NMSTRT_CHAR(enc, ptr, n)) { \ ++ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \ + *nextTokPtr = ptr; \ + return XML_TOK_INVALID; \ + } \ +@@ -1142,6 +1142,10 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end, + case BT_LEAD##n: \ + if (end - ptr < n) \ + return XML_TOK_PARTIAL_CHAR; \ ++ if (IS_INVALID_CHAR(enc, ptr, n)) { \ ++ *nextTokPtr = ptr; \ ++ return XML_TOK_INVALID; \ ++ } \ + if (IS_NMSTRT_CHAR(enc, ptr, n)) { \ + ptr += n; \ + tok = XML_TOK_NAME; \ +@@ -1270,7 +1274,7 @@ PREFIX(attributeValueTok)(const ENCODING *enc, const char *ptr, const char *end, + switch (BYTE_TYPE(enc, ptr)) { + # define LEAD_CASE(n) \ + case BT_LEAD##n: \ +- ptr += n; \ ++ ptr += n; /* NOTE: The encoding has already been validated. */ \ + break; + LEAD_CASE(2) + LEAD_CASE(3) +@@ -1339,7 +1343,7 @@ PREFIX(entityValueTok)(const ENCODING *enc, const char *ptr, const char *end, + switch (BYTE_TYPE(enc, ptr)) { + # define LEAD_CASE(n) \ + case BT_LEAD##n: \ +- ptr += n; \ ++ ptr += n; /* NOTE: The encoding has already been validated. */ \ + break; + LEAD_CASE(2) + LEAD_CASE(3) +@@ -1518,7 +1522,7 @@ PREFIX(getAtts)(const ENCODING *enc, const char *ptr, int attsMax, + state = inName; \ + } + # define LEAD_CASE(n) \ +- case BT_LEAD##n: \ ++ case BT_LEAD##n: /* NOTE: The encoding has already been validated. */ \ + START_NAME ptr += (n - MINBPC(enc)); \ + break; + LEAD_CASE(2) +@@ -1730,7 +1734,7 @@ PREFIX(nameLength)(const ENCODING *enc, const char *ptr) { + switch (BYTE_TYPE(enc, ptr)) { + # define LEAD_CASE(n) \ + case BT_LEAD##n: \ +- ptr += n; \ ++ ptr += n; /* NOTE: The encoding has already been validated. */ \ + break; + LEAD_CASE(2) + LEAD_CASE(3) +@@ -1775,7 +1779,7 @@ PREFIX(updatePosition)(const ENCODING *enc, const char *ptr, const char *end, + switch (BYTE_TYPE(enc, ptr)) { + # define LEAD_CASE(n) \ + case BT_LEAD##n: \ +- ptr += n; \ ++ ptr += n; /* NOTE: The encoding has already been validated. */ \ + pos->columnNumber++; \ + break; + LEAD_CASE(2) +diff --git a/tests/runtests.c b/tests/runtests.c +index bc5344b1..9b155b82 100644 +--- a/tests/runtests.c ++++ b/tests/runtests.c +@@ -5998,6 +5998,105 @@ START_TEST(test_utf8_in_cdata_section_2) { + } + END_TEST + ++START_TEST(test_utf8_in_start_tags) { ++ struct test_case { ++ bool goodName; ++ bool goodNameStart; ++ const char *tagName; ++ }; ++ ++ // The idea with the tests below is this: ++ // We want to cover 1-, 2- and 3-byte sequences, 4-byte sequences ++ // go to isNever and are hence not a concern. ++ // ++ // We start with a character that is a valid name character ++ // (or even name-start character, see XML 1.0r4 spec) and then we flip ++ // single bits at places where (1) the result leaves the UTF-8 encoding space ++ // and (2) we stay in the same n-byte sequence family. ++ // ++ // The flipped bits are highlighted in angle brackets in comments, ++ // e.g. "[<1>011 1001]" means we had [0011 1001] but we now flipped ++ // the most significant bit to 1 to leave UTF-8 encoding space. ++ struct test_case cases[] = { ++ // 1-byte UTF-8: [0xxx xxxx] ++ {true, true, "\x3A"}, // [0011 1010] = ASCII colon ':' ++ {false, false, "\xBA"}, // [<1>011 1010] ++ {true, false, "\x39"}, // [0011 1001] = ASCII nine '9' ++ {false, false, "\xB9"}, // [<1>011 1001] ++ ++ // 2-byte UTF-8: [110x xxxx] [10xx xxxx] ++ {true, true, "\xDB\xA5"}, // [1101 1011] [1010 0101] = ++ // Arabic small waw U+06E5 ++ {false, false, "\x9B\xA5"}, // [1<0>01 1011] [1010 0101] ++ {false, false, "\xDB\x25"}, // [1101 1011] [<0>010 0101] ++ {false, false, "\xDB\xE5"}, // [1101 1011] [1<1>10 0101] ++ {true, false, "\xCC\x81"}, // [1100 1100] [1000 0001] = ++ // combining char U+0301 ++ {false, false, "\x8C\x81"}, // [1<0>00 1100] [1000 0001] ++ {false, false, "\xCC\x01"}, // [1100 1100] [<0>000 0001] ++ {false, false, "\xCC\xC1"}, // [1100 1100] [1<1>00 0001] ++ ++ // 3-byte UTF-8: [1110 xxxx] [10xx xxxx] [10xxxxxx] ++ {true, true, "\xE0\xA4\x85"}, // [1110 0000] [1010 0100] [1000 0101] = ++ // Devanagari Letter A U+0905 ++ {false, false, "\xA0\xA4\x85"}, // [1<0>10 0000] [1010 0100] [1000 0101] ++ {false, false, "\xE0\x24\x85"}, // [1110 0000] [<0>010 0100] [1000 0101] ++ {false, false, "\xE0\xE4\x85"}, // [1110 0000] [1<1>10 0100] [1000 0101] ++ {false, false, "\xE0\xA4\x05"}, // [1110 0000] [1010 0100] [<0>000 0101] ++ {false, false, "\xE0\xA4\xC5"}, // [1110 0000] [1010 0100] [1<1>00 0101] ++ {true, false, "\xE0\xA4\x81"}, // [1110 0000] [1010 0100] [1000 0001] = ++ // combining char U+0901 ++ {false, false, "\xA0\xA4\x81"}, // [1<0>10 0000] [1010 0100] [1000 0001] ++ {false, false, "\xE0\x24\x81"}, // [1110 0000] [<0>010 0100] [1000 0001] ++ {false, false, "\xE0\xE4\x81"}, // [1110 0000] [1<1>10 0100] [1000 0001] ++ {false, false, "\xE0\xA4\x01"}, // [1110 0000] [1010 0100] [<0>000 0001] ++ {false, false, "\xE0\xA4\xC1"}, // [1110 0000] [1010 0100] [1<1>00 0001] ++ }; ++ const bool atNameStart[] = {true, false}; ++ ++ size_t i = 0; ++ char doc[1024]; ++ size_t failCount = 0; ++ ++ for (; i < sizeof(cases) / sizeof(cases[0]); i++) { ++ size_t j = 0; ++ for (; j < sizeof(atNameStart) / sizeof(atNameStart[0]); j++) { ++ const bool expectedSuccess ++ = atNameStart[j] ? cases[i].goodNameStart : cases[i].goodName; ++ sprintf(doc, "<%s%s><!--", atNameStart[j] ? "" : "a", cases[i].tagName); ++ XML_Parser parser = XML_ParserCreate(NULL); ++ ++ const enum XML_Status status ++ = XML_Parse(parser, doc, (int)strlen(doc), /*isFinal=*/XML_FALSE); ++ ++ bool success = true; ++ if ((status == XML_STATUS_OK) != expectedSuccess) { ++ success = false; ++ } ++ if ((status == XML_STATUS_ERROR) ++ && (XML_GetErrorCode(parser) != XML_ERROR_INVALID_TOKEN)) { ++ success = false; ++ } ++ ++ if (! success) { ++ fprintf( ++ stderr, ++ "FAIL case %2u (%sat name start, %u-byte sequence, error code %d)\n", ++ (unsigned)i + 1u, atNameStart[j] ? " " : "not ", ++ (unsigned)strlen(cases[i].tagName), XML_GetErrorCode(parser)); ++ failCount++; ++ } ++ ++ XML_ParserFree(parser); ++ } ++ } ++ ++ if (failCount > 0) { ++ fail("UTF-8 regression detected"); ++ } ++} ++END_TEST ++ + /* Test trailing spaces in elements are accepted */ + static void XMLCALL + record_element_end_handler(void *userData, const XML_Char *name) { +@@ -6175,6 +6274,14 @@ START_TEST(test_bad_doctype) { + } + END_TEST + ++START_TEST(test_bad_doctype_utf8) { ++ const char *text = "<!DOCTYPE \xDB\x25" ++ "doc><doc/>"; // [1101 1011] [<0>010 0101] ++ expect_failure(text, XML_ERROR_INVALID_TOKEN, ++ "Invalid UTF-8 in DOCTYPE not faulted"); ++} ++END_TEST ++ + START_TEST(test_bad_doctype_utf16) { + const char text[] = + /* <!DOCTYPE doc [ \x06f2 ]><doc/> +@@ -11870,6 +11977,7 @@ make_suite(void) { + tcase_add_test(tc_basic, test_ext_entity_utf8_non_bom); + tcase_add_test(tc_basic, test_utf8_in_cdata_section); + tcase_add_test(tc_basic, test_utf8_in_cdata_section_2); ++ tcase_add_test(tc_basic, test_utf8_in_start_tags); + tcase_add_test(tc_basic, test_trailing_spaces_in_elements); + tcase_add_test(tc_basic, test_utf16_attribute); + tcase_add_test(tc_basic, test_utf16_second_attr); +@@ -11878,6 +11986,7 @@ make_suite(void) { + tcase_add_test(tc_basic, test_bad_attr_desc_keyword); + tcase_add_test(tc_basic, test_bad_attr_desc_keyword_utf16); + tcase_add_test(tc_basic, test_bad_doctype); ++ tcase_add_test(tc_basic, test_bad_doctype_utf8); + tcase_add_test(tc_basic, test_bad_doctype_utf16); + tcase_add_test(tc_basic, test_bad_doctype_plus); + tcase_add_test(tc_basic, test_bad_doctype_star); diff --git a/meta/recipes-core/expat/expat_2.2.10.bb b/meta/recipes-core/expat/expat_2.2.10.bb index a851e54b2a..0b3331981c 100644 --- a/meta/recipes-core/expat/expat_2.2.10.bb +++ b/meta/recipes-core/expat/expat_2.2.10.bb @@ -17,6 +17,7 @@ SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TA file://CVE-2021-46143.patch \ file://CVE-2022-23852.patch \ file://CVE-2022-23990.patch \ + file://CVE-2022-25235.patch \ " UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" -- 2.17.1 |
|
|
|
[meta-oe][PATCH] android-tools: adb: add u3 ss descriptor support
Macpaul Lin
Porting u3 Superspeed descriptor support to open-embedded android-tools package.
This patch origins from the the patch in android project [1], but has been modified for backporting to android-tools_5.1.1.r37. [1] https://android.googlesource.com/platform/system/core/+/d6ee9f26a5163af4121f4380264fcbd4e6851a17%5E%21 Signed-off-by: Macpaul Lin <macpaul.lin@...> Signed-off-by: Jiacheng Liu <jiacheng.liu@...> --- ...add-u3-ss-descriptor-support-for-adb.patch | 342 ++++++++++++++++++ .../android-tools/android-tools_5.1.1.r37.bb | 1 + 2 files changed, 343 insertions(+) create mode 100644 meta-oe/recipes-devtools/android-tools/android-tools/core/0014-add-u3-ss-descriptor-support-for-adb.patch diff --git a/meta-oe/recipes-devtools/android-tools/android-tools/core/0014-add-u3-ss-descriptor-support-for-adb.patch b/meta-oe/recipes-devtools/android-tools/android-tools/core/0014-add-u3-ss-descriptor-support-for-adb.patch new file mode 100644 index 000000000..05973aaaf --- /dev/null +++ b/meta-oe/recipes-devtools/android-tools/android-tools/core/0014-add-u3-ss-descriptor-support-for-adb.patch @@ -0,0 +1,342 @@ +From dae9a11f3a158357966399aef97c48b5f16934d9 Mon Sep 17 00:00:00 2001 +From: Jiacheng Liu <jiacheng.liu@...> +Date: Sat, 24 Jul 2021 11:01:18 +0800 +Subject: [PATCH] android-tools: adb: add u3 ss descriptor support + +Porting u3 Superspeed descriptor support to open-embedded android-tools package. +This patch origins from the the patch in android project [1], but has been +modified for backporting to android-tools_5.1.1.r37. + +[1] https://android.googlesource.com/platform/system/core/+/d6ee9f26a5163af4121f4380264fcbd4e6851a17%5E%21 + +Signed-off-by: Macpaul Lin <macpaul.lin@...> +Signed-off-by: Jiacheng Liu <jiacheng.liu@...> +--- + adb/usb_linux_client.c | 275 +++++++++++++++++++++++++++++++---------- + 1 file changed, 207 insertions(+), 68 deletions(-) + +diff --git a/adb/usb_linux_client.c b/adb/usb_linux_client.c +index 6e8b5bb..884e85e 100644 +--- a/adb/usb_linux_client.c ++++ b/adb/usb_linux_client.c +@@ -31,8 +31,10 @@ + #define TRACE_TAG TRACE_USB + #include "adb.h" + ++#define USB_EXT_PROP_UNICODE 1 + #define MAX_PACKET_SIZE_FS 64 + #define MAX_PACKET_SIZE_HS 512 ++#define MAX_PACKET_SIZE_SS 1024 + + #if __BYTE_ORDER == __LITTLE_ENDIAN + # define cpu_to_le16(x) (x) +@@ -62,74 +64,185 @@ struct usb_handle + int bulk_in; /* "in" from the host's perspective => sink for adbd */ + }; + +-static const struct { +- struct usb_functionfs_descs_head header; +- struct { +- struct usb_interface_descriptor intf; +- struct usb_endpoint_descriptor_no_audio source; +- struct usb_endpoint_descriptor_no_audio sink; +- } __attribute__((packed)) fs_descs, hs_descs; +-} __attribute__((packed)) descriptors = { +- .header = { +- .magic = cpu_to_le32(FUNCTIONFS_DESCRIPTORS_MAGIC), +- .length = cpu_to_le32(sizeof(descriptors)), +- .fs_count = 3, +- .hs_count = 3, ++struct func_desc { ++ struct usb_interface_descriptor intf; ++ struct usb_endpoint_descriptor_no_audio source; ++ struct usb_endpoint_descriptor_no_audio sink; ++} __attribute__((packed)); ++ ++struct ss_func_desc { ++ struct usb_interface_descriptor intf; ++ struct usb_endpoint_descriptor_no_audio source; ++ struct usb_ss_ep_comp_descriptor source_comp; ++ struct usb_endpoint_descriptor_no_audio sink; ++ struct usb_ss_ep_comp_descriptor sink_comp; ++} __attribute__((packed)); ++ ++struct desc_v1 { ++ struct usb_functionfs_descs_head_v1 { ++ __le32 magic; ++ __le32 length; ++ __le32 fs_count; ++ __le32 hs_count; ++ } __attribute__((packed)) header; ++ struct func_desc fs_descs, hs_descs; ++} __attribute__((packed)); ++ ++struct usb_os_desc_ext_prop { ++ uint32_t dwSize; ++ uint32_t dwPropertyDataType; ++ ++ // Property name and value are transmitted as UTF-16, but the kernel only ++ // accepts ASCII values and performs the conversion for us. ++ uint16_t wPropertyNameLength; ++ char bPropertyName[20]; ++ ++ uint32_t dwPropertyDataLength; ++ char bProperty[39]; ++} __attribute__((packed)) os_desc_guid = { ++ .dwSize = sizeof(struct usb_os_desc_ext_prop), ++ .dwPropertyDataType = cpu_to_le32(USB_EXT_PROP_UNICODE), ++ .wPropertyNameLength = cpu_to_le16(20), ++ .bPropertyName = "DeviceInterfaceGUID", ++ .dwPropertyDataLength = cpu_to_le32(39), ++ .bProperty = "{F72FE0D4-CBCB-407D-8814-9ED673D0DD6B}", ++}; ++ ++struct usb_ext_prop_values { ++ struct usb_os_desc_ext_prop guid; ++} __attribute__((packed)); ++ ++struct desc_v2 { ++ struct usb_functionfs_descs_head_v2 header; ++ // The rest of the structure depends on the flags in the header. ++ __le32 fs_count; ++ __le32 hs_count; ++ __le32 ss_count; ++ __le32 os_count; ++ struct func_desc fs_descs, hs_descs; ++ struct ss_func_desc ss_descs; ++ struct usb_os_desc_header os_header; ++ struct usb_ext_compat_desc os_desc; ++ struct usb_os_desc_header os_prop_header; ++ struct usb_ext_prop_values os_prop_values; ++} __attribute__((packed)); ++ ++static struct func_desc fs_descriptors = { ++ .intf = { ++ .bLength = sizeof(fs_descriptors.intf), ++ .bDescriptorType = USB_DT_INTERFACE, ++ .bInterfaceNumber = 0, ++ .bNumEndpoints = 2, ++ .bInterfaceClass = ADB_CLASS, ++ .bInterfaceSubClass = ADB_SUBCLASS, ++ .bInterfaceProtocol = ADB_PROTOCOL, ++ .iInterface = 1, /* first string from the provided table */ ++ }, ++ .source = { ++ .bLength = sizeof(fs_descriptors.source), ++ .bDescriptorType = USB_DT_ENDPOINT, ++ .bEndpointAddress = 1 | USB_DIR_OUT, ++ .bmAttributes = USB_ENDPOINT_XFER_BULK, ++ .wMaxPacketSize = MAX_PACKET_SIZE_FS, ++ }, ++ .sink = { ++ .bLength = sizeof(fs_descriptors.sink), ++ .bDescriptorType = USB_DT_ENDPOINT, ++ .bEndpointAddress = 2 | USB_DIR_IN, ++ .bmAttributes = USB_ENDPOINT_XFER_BULK, ++ .wMaxPacketSize = MAX_PACKET_SIZE_FS, ++ }, ++}; ++ ++static struct func_desc hs_descriptors = { ++ .intf = { ++ .bLength = sizeof(hs_descriptors.intf), ++ .bDescriptorType = USB_DT_INTERFACE, ++ .bInterfaceNumber = 0, ++ .bNumEndpoints = 2, ++ .bInterfaceClass = ADB_CLASS, ++ .bInterfaceSubClass = ADB_SUBCLASS, ++ .bInterfaceProtocol = ADB_PROTOCOL, ++ .iInterface = 1, /* first string from the provided table */ ++ }, ++ .source = { ++ .bLength = sizeof(hs_descriptors.source), ++ .bDescriptorType = USB_DT_ENDPOINT, ++ .bEndpointAddress = 1 | USB_DIR_OUT, ++ .bmAttributes = USB_ENDPOINT_XFER_BULK, ++ .wMaxPacketSize = MAX_PACKET_SIZE_HS, ++ }, ++ .sink = { ++ .bLength = sizeof(hs_descriptors.sink), ++ .bDescriptorType = USB_DT_ENDPOINT, ++ .bEndpointAddress = 2 | USB_DIR_IN, ++ .bmAttributes = USB_ENDPOINT_XFER_BULK, ++ .wMaxPacketSize = MAX_PACKET_SIZE_HS, ++ }, ++}; ++ ++static struct ss_func_desc ss_descriptors = { ++ .intf = { ++ .bLength = sizeof(ss_descriptors.intf), ++ .bDescriptorType = USB_DT_INTERFACE, ++ .bInterfaceNumber = 0, ++ .bNumEndpoints = 2, ++ .bInterfaceClass = ADB_CLASS, ++ .bInterfaceSubClass = ADB_SUBCLASS, ++ .bInterfaceProtocol = ADB_PROTOCOL, ++ .iInterface = 1, /* first string from the provided table */ ++ }, ++ .source = { ++ .bLength = sizeof(ss_descriptors.source), ++ .bDescriptorType = USB_DT_ENDPOINT, ++ .bEndpointAddress = 1 | USB_DIR_OUT, ++ .bmAttributes = USB_ENDPOINT_XFER_BULK, ++ .wMaxPacketSize = MAX_PACKET_SIZE_SS, ++ }, ++ .source_comp = { ++ .bLength = sizeof(ss_descriptors.source_comp), ++ .bDescriptorType = USB_DT_SS_ENDPOINT_COMP, ++ .bMaxBurst = 4, + }, +- .fs_descs = { +- .intf = { +- .bLength = sizeof(descriptors.fs_descs.intf), +- .bDescriptorType = USB_DT_INTERFACE, +- .bInterfaceNumber = 0, +- .bNumEndpoints = 2, +- .bInterfaceClass = ADB_CLASS, +- .bInterfaceSubClass = ADB_SUBCLASS, +- .bInterfaceProtocol = ADB_PROTOCOL, +- .iInterface = 1, /* first string from the provided table */ +- }, +- .source = { +- .bLength = sizeof(descriptors.fs_descs.source), +- .bDescriptorType = USB_DT_ENDPOINT, +- .bEndpointAddress = 1 | USB_DIR_OUT, +- .bmAttributes = USB_ENDPOINT_XFER_BULK, +- .wMaxPacketSize = MAX_PACKET_SIZE_FS, +- }, +- .sink = { +- .bLength = sizeof(descriptors.fs_descs.sink), +- .bDescriptorType = USB_DT_ENDPOINT, +- .bEndpointAddress = 2 | USB_DIR_IN, +- .bmAttributes = USB_ENDPOINT_XFER_BULK, +- .wMaxPacketSize = MAX_PACKET_SIZE_FS, +- }, ++ .sink = { ++ .bLength = sizeof(ss_descriptors.sink), ++ .bDescriptorType = USB_DT_ENDPOINT, ++ .bEndpointAddress = 2 | USB_DIR_IN, ++ .bmAttributes = USB_ENDPOINT_XFER_BULK, ++ .wMaxPacketSize = MAX_PACKET_SIZE_SS, + }, +- .hs_descs = { +- .intf = { +- .bLength = sizeof(descriptors.hs_descs.intf), +- .bDescriptorType = USB_DT_INTERFACE, +- .bInterfaceNumber = 0, +- .bNumEndpoints = 2, +- .bInterfaceClass = ADB_CLASS, +- .bInterfaceSubClass = ADB_SUBCLASS, +- .bInterfaceProtocol = ADB_PROTOCOL, +- .iInterface = 1, /* first string from the provided table */ +- }, +- .source = { +- .bLength = sizeof(descriptors.hs_descs.source), +- .bDescriptorType = USB_DT_ENDPOINT, +- .bEndpointAddress = 1 | USB_DIR_OUT, +- .bmAttributes = USB_ENDPOINT_XFER_BULK, +- .wMaxPacketSize = MAX_PACKET_SIZE_HS, +- }, +- .sink = { +- .bLength = sizeof(descriptors.hs_descs.sink), +- .bDescriptorType = USB_DT_ENDPOINT, +- .bEndpointAddress = 2 | USB_DIR_IN, +- .bmAttributes = USB_ENDPOINT_XFER_BULK, +- .wMaxPacketSize = MAX_PACKET_SIZE_HS, +- }, ++ .sink_comp = { ++ .bLength = sizeof(ss_descriptors.sink_comp), ++ .bDescriptorType = USB_DT_SS_ENDPOINT_COMP, ++ .bMaxBurst = 4, + }, + }; + ++struct usb_ext_compat_desc os_desc_compat = { ++ .bFirstInterfaceNumber = 0, ++ .Reserved1 = cpu_to_le32(1), ++ .CompatibleID = { 'W', 'I', 'N', 'U', 'S', 'B', '\0', '\0'}, ++ .SubCompatibleID = {0}, ++ .Reserved2 = {0}, ++}; ++ ++static struct usb_os_desc_header os_desc_header = { ++ .interface = cpu_to_le32(0), ++ .dwLength = cpu_to_le32(sizeof(os_desc_header) + sizeof(os_desc_compat)), ++ .bcdVersion = cpu_to_le32(1), ++ .wIndex = cpu_to_le32(4), ++ .bCount = cpu_to_le32(1), ++ .Reserved = cpu_to_le32(0), ++}; ++ ++static struct usb_os_desc_header os_prop_header = { ++ .interface = cpu_to_le32(0), ++ .dwLength = cpu_to_le32(sizeof(os_desc_header) + sizeof(struct usb_ext_prop_values)), ++ .bcdVersion = cpu_to_le32(1), ++ .wIndex = cpu_to_le32(5), ++ .wCount = cpu_to_le16(1), ++}; ++ + #define STR_INTERFACE_ "ADB Interface" + + static const struct { +@@ -151,8 +264,6 @@ static const struct { + }, + }; + +- +- + static void *usb_adb_open_thread(void *x) + { + struct usb_handle *usb = (struct usb_handle *)x; +@@ -270,6 +381,24 @@ static void usb_adb_init() + static void init_functionfs(struct usb_handle *h) + { + ssize_t ret; ++ struct desc_v1 v1_descriptor = {}; ++ struct desc_v2 v2_descriptor = {}; ++ ++ v2_descriptor.header.magic = cpu_to_le32(FUNCTIONFS_DESCRIPTORS_MAGIC_V2); ++ v2_descriptor.header.length = cpu_to_le32(sizeof(v2_descriptor)); ++ v2_descriptor.header.flags = FUNCTIONFS_HAS_FS_DESC | FUNCTIONFS_HAS_HS_DESC | ++ FUNCTIONFS_HAS_SS_DESC | FUNCTIONFS_HAS_MS_OS_DESC; ++ v2_descriptor.fs_count = 3; ++ v2_descriptor.hs_count = 3; ++ v2_descriptor.ss_count = 5; ++ v2_descriptor.os_count = 2; ++ v2_descriptor.fs_descs = fs_descriptors; ++ v2_descriptor.hs_descs = hs_descriptors; ++ v2_descriptor.ss_descs = ss_descriptors; ++ v2_descriptor.os_header = os_desc_header; ++ v2_descriptor.os_desc = os_desc_compat; ++ v2_descriptor.os_prop_header = os_prop_header; ++ v2_descriptor.os_prop_values.guid = os_desc_guid; + + if (h->control < 0) { // might have already done this before + D("OPENING %s\n", USB_FFS_ADB_EP0); +@@ -279,10 +408,20 @@ static void init_functionfs(struct usb_handle *h) + goto err; + } + +- ret = adb_write(h->control, &descriptors, sizeof(descriptors)); ++ ret = adb_write(h->control, &v2_descriptor, sizeof(v2_descriptor)); + if (ret < 0) { +- D("[ %s: write descriptors failed: errno=%d ]\n", USB_FFS_ADB_EP0, errno); +- goto err; ++ D("[ %s: write v2_descriptor failed: errno=%d ]\n", USB_FFS_ADB_EP0, errno); ++ v1_descriptor.header.magic = cpu_to_le32(FUNCTIONFS_DESCRIPTORS_MAGIC); ++ v1_descriptor.header.length = cpu_to_le32(sizeof(v1_descriptor)); ++ v1_descriptor.header.fs_count = 3; ++ v1_descriptor.header.hs_count = 3; ++ v1_descriptor.fs_descs = fs_descriptors; ++ v1_descriptor.hs_descs = hs_descriptors; ++ ret = adb_write(h->control, &v1_descriptor, sizeof(v1_descriptor)); ++ if (ret < 0) { ++ D("[ %s: failed to write USB descriptors]\n", USB_FFS_ADB_EP0); ++ goto err; ++ } + } + + ret = adb_write(h->control, &strings, sizeof(strings)); +-- +2.18.0 + diff --git a/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb b/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb index ef440471b..b6c788388 100644 --- a/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb +++ b/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb @@ -40,6 +40,7 @@ SRC_URI = " \ file://core/0012-Fix-implicit-declaration-of-stlcat-strlcopy-function.patch;patchdir=system/core \ file://core/adb_libssl_11.diff;patchdir=system/core \ file://core/0013-adb-Support-riscv64.patch;patchdir=system/core \ + file://core/0014-add-u3-ss-descriptor-support-for-adb.patch;patchdir=system/core \ file://extras/0001-ext4_utils-remove-selinux-extensions.patch;patchdir=system/extras \ file://extras/0002-ext4_utils-add-o-argument-to-preserve-ownership.patch;patchdir=system/extras \ file://libselinux/0001-Remove-bionic-specific-calls.patch;patchdir=external/libselinux \ -- 2.18.0 |
|
|
|
Re: [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist
Marta Rybczynska
On Fri, Mar 11, 2022, 05:14 Matsunaga-Shinji <shin.matsunaga@...> wrote: Patch for CVE-2016-1572 is applied in version 109. Wouldn't it be better to report this to the NVD and do the fix in the database instead? Regards Marta |
|
|
|
Re: [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist
I guess this belongs to meta-security, please prefix the patch subject
with layer name [meta-security] in this case. On Thu, Mar 10, 2022 at 8:14 PM Matsunaga-Shinji <shin.matsunaga@...> wrote:
|
|
|