subtree updates
poky: 14c5392fde..b89bb2651d:
Alexander Kanavin (3):
devtool: correctly handle non-standard source tree locations in upgrades
devtool: print a warning on upgrades if PREFERRED_VERSION is set
nettle: update 3.7.2 -> 3.7.3
Alexandre Belloni (1):
oeqa/runtime/cases: make date.DateTest.test_date more reliable
Anton Blanchard (1):
kmod: use nonarch_base_libdir for depmod.d and modprobe.d
Armin Kuster (1):
gnutls: Enable seccomp if FEATURE is set
Bruce Ashfield (17):
linux-yocto: add vfat KERNEL_FEATURE when MACHINE_FEATURES include vfat
linux-yocto/5.10: update to v5.10.49
linux-yocto/5.4: update to v5.4.131
linux-yocto/5.10: update to v5.10.50
linux-yocto/5.4: update to v5.4.132
linux-yocto/5.10: update to v5.10.52
linux-yocto/5.4: update to v5.4.134
linux-yocto/5.10: update to v5.10.53
linux-yocto/5.4: update to v5.4.135
linux-yocto-rt/5.10: update to -rt47
linux-yocto/5.10: enable TYPEC_TCPCI in usbc fragment
linux-yocto/5.10: update to v5.10.55
linux-yocto/5.4: update to v5.4.137
linux-yocto/5.4: update to v5.4.139
linux-yocto/5.10: update to v5.10.57
kernel-devsrc: 5.14+ updates
kernel-devsrc: fix 5.14+ objtool compilation
Changqing Li (1):
archiver.bbclass: fix do_ar_configured failure for kernel
Chen Qi (2):
systemd: fix CVE-2020-13529
zstd: fix CVE_PRODUCT
Damian Wrobel (1):
gobject-introspection: Fix the license (add MIT)
Dmitry Baryshkov (1):
linux-firmware: add more Qualcomm firmware packages
Joe Slater (2):
util-linux: fix CVE 2021-37600
terminal.bbclass: force bash for devshell
Jon Mason (1):
parselogs.py: qemuarm should be qemuarmv5
Jose Quaresma (1):
sstate.bbclass: fix error handling when sstate mirrors is ro
Khairul Rohaizzat Jamaluddin (1):
glibc: Fix CVE-2021-33574
Khem Raj (4):
ovmf: Fix VLA warnings with GCC 11
stress-ng: Drop defining daddr_t
gnutls: Point to staging area for finding seccomp libs and includes
sdk: Enable do_populate_sdk with multilibs
Lee Chee Yang (2):
aspell: fix CVE-2019-25051
qemu: fix CVE-2021-3527
Marek Vasut (1):
update-rc.d: update SRCREV to pull in fix for non-bash shell support
Marta Rybczynska (1):
lzo: add CVE_PRODUCT
Matthias Klein (1):
runqemu: Fix typo in error message
Matthias Schiffer (1):
initscripts: fix creation order for /var/log with VOLATILE_LOG_DIR=true
Michael Opdenacker (4):
oe-setup-builddir: update YP docs and OE URLs
cve-check: fix comments
cve-check: update link to NVD website for CVE details
cve-check: improve comment about CVE patch file names
Mingli Yu (3):
netbase: use git fetcher
curl: fix CVE-2021-22925
curl: fix CVES
Nicolas Dechesne (4):
yocto-check-layer: improve missed dependencies
checklayer: new function get_layer_dependencies()
checklayer: rename _find_layer_depends
yocto-check-layer: ensure that all layer dependencies are tested too
Oleksandr Kravchuk (1):
bitbake.conf: change GNOME_MIRROR to new one
Oleksandr Popovych (1):
utils: Reduce the number of calls to the "dirname" command
Patrick Williams (1):
pixman: re-disable iwmmxt
Ralph Siemsen (1):
oeqa/manual/toaster: fix small typo
Richard Purdie (6):
pseudo: Add uninative configuration sanity check
pseudo: Update to latest version including statx fix
sstate: Drop pseudo exclusion
sstate: Fix rebuilds when changing layer config
license: Exclude COPYING.MIT from pseudo
oeqa/runtime/cases/ptest: Increase test timeout from 300s to 450s
Ross Burton (9):
parted: improve ptest execution
parted: fix ptest RRECOMMENDS
parted: skip tests that need vfat support
avahi: fix CVE-2021-36217, crash on pinging '.local'
glew: fix Makefile race
qemu: fix virtio vhost-user-gpu CVEs
tar: ignore node-tar CVEs
e2fsprogs: ensure small images have 256-byte inodes
wic: don't forcibly pass -T default
Sakib Sajal (5):
go: fix CVE-2020-29509, CVE-2020-29511
qemu: fix CVE-2021-3582
qemu: fix CVE-2021-3607
qemu: fix CVE-2021-3608
go: upgrade 1.16.5 -> 1.16.7
Tony Tascioglu (6):
valgrind: skip flaky ptest fb_test_amd64
ffmpeg: fix CVE-2020-20446
ffmpeg: fix CVE-2020-20453
ffmpeg: fix CVE-2020-22015
ffmpeg: fix CVE-2020-22021
ffmpeg: fix CVE-2020-22019 and CVE-2020-22033
Trevor Gamblin (1):
python3-pip: fix CVE-2021-3572
Ulrich Ölmann (2):
initramfs-framework: fix whitespace issue
initramfs-framework/setup-live: fix shebang
Vinay Kumar (2):
glibc: Fix CVE-2021-35942
glibc: Fix CVE-2021-38604
hongxu (2):
createrepo-c: fix createrepo-c failed in nativesdk
sdk: fix relocate symlink failed
leimaohui (1):
archiver.bbclass: Fix patch error for recipes that inherit dos2unix.
wangmy (1):
gnutls: upgrade 3.7.1 -> 3.7.2
meta-openembedded: 5a4b2ab29d..5741b949a8:
Anastasios Kavoukis (1):
pm-qa: fix paths for shell scripts
Armin Kuster (1):
wireshark: update to 3.4.7
Changqing Li (2):
ndpi: fix CVE-2021-36082
linuxptp: upgrade 3.1 -> 3.1.1
Devendra Tewari (1):
Suppress eol in functionfs setup scripts (#147)
Gianfranco (1):
vboxguestdrivers: upgrade 6.1.22 -> 6.1.24
Joe Slater (1):
php: move to version 7.4.21
Kai Kang (1):
libdbi-perl: fix CVE-2014-10402
Khem Raj (2):
fvwm: Package extra files and man pages
fvwm: Fix build time paths in target perl/python scripts
Li Wang (1):
openlldp: fix segfault
Michael Opdenacker (1):
bigbuckbunny-1080p: fix sample video URL
Mingli Yu (3):
mariadb: redefine log-error item
mariadb: Update SRC_URI
polkit: fix CVE-2021-3560
Paulo Neves (1):
htop: Add ncurses-terminfo-base to RDEPENDS
Roland Hieber (2):
curlpp: fix override syntax
ldns: fix override syntax
Sakib Sajal (1):
gd: fix CVE-2021-38115
Tony Battersby (3):
net-snmp: fix QA Issue after LDFLAGS change
curlpp: fix QA Issue after LDFLAGS change
ldns: fix QA Issue after LDFLAGS change
Tony Tascioglu (1):
redis: fix CVE-2021-32625
wangmy (2):
nghttp2: upgrade 1.43.0 -> 1.44.0
libtalloc: upgrade 2.3.2 -> 2.3.3
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I12cf9ce6cd256bd08bd4e97856ba45ccb993ddc4
diff --git a/meta-openembedded/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb b/meta-openembedded/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb
index 70eb6e4..c651d81 100644
--- a/meta-openembedded/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb
+++ b/meta-openembedded/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb
@@ -3,7 +3,7 @@
# http://www.bigbuckbunny.org/index.php/about/
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/CC-BY-3.0;md5=dfa02b5755629022e267f10b9c0a2ab7"
-SRC_URI = "http://themazzone.com/big_buck_bunny_1080p_surround.avi"
+SRC_URI = "https://www.mediaspip.net/IMG/avi/big_buck_bunny_1080p_surround.avi"
SRC_URI[md5sum] = "223991c8b33564eb77988a4c13c1c76a"
SRC_URI[sha256sum] = "69fe2cfe7154a6e752688e3a0d7d6b07b1605bbaf75b56f6470dc7b4c20c06ea"
diff --git a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb
index 7c3d5ba..0150d3e 100644
--- a/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb
+++ b/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb
@@ -131,6 +131,11 @@
-e 's@[^ ]*PKG_CONFIG_LIBDIR=[^ "]*@@g' \
-i ${D}${bindir}/net-snmp-config
+ sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \
+ -i ${D}${libdir}/pkgconfig/netsnmp*.pc
+
# ${STAGING_DIR_HOST} is empty for native builds, and the sed command below
# will result in errors if run for native.
if [ "${STAGING_DIR_HOST}" ]; then
diff --git a/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch b/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch
new file mode 100644
index 0000000..bb3400c
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch
@@ -0,0 +1,331 @@
+From ed6a8e5a75f56b7034a46294a0bf2a9a7fd14fbc Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Fri, 23 Oct 2020 14:40:32 -0400
+Subject: [PATCH] lldp_head: remove all references
+
+There were a number of references missed during the module cleanup. This hits the remaining
+ones.
+
+Fixes: 07a83c583b9d ("lldp_head: rename and make extern")
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+
+Reference to upstream patch:
+https://github.com/intel/openlldp/commit/ed6a8e5a75f56b7034a46294a0bf2a9a7fd14fbc
+
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ ctrl_iface.c | 4 +---
+ lldp_8021qaz.c | 11 +++++------
+ lldp_8023.c | 6 ++----
+ lldp_basman.c | 6 ++----
+ lldp_evb.c | 6 ++----
+ lldp_evb22.c | 6 ++----
+ lldp_mand.c | 10 ++++------
+ lldp_med.c | 6 ++----
+ qbg_utils.c | 3 +--
+ 9 files changed, 21 insertions(+), 37 deletions(-)
+
+diff --git a/ctrl_iface.c b/ctrl_iface.c
+index 1734f49..666f7c8 100644
+--- a/ctrl_iface.c
++++ b/ctrl_iface.c
+@@ -53,8 +53,6 @@
+ #include "lldp_util.h"
+ #include "messages.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct ctrl_dst {
+ struct ctrl_dst *next;
+ struct sockaddr_un addr;
+@@ -116,7 +114,7 @@ int clif_iface_module(struct clif_data *clifd,
+ return cmd_invalid;
+ }
+
+- mod = find_module_by_id(&lldp_head, module_id);
++ mod = find_module_by_id(&lldp_mod_head, module_id);
+ if (mod && mod->ops && mod->ops->client_cmd)
+ return (mod->ops->client_cmd)(clifd, from, fromlen,
+ cmd_start, cmd_len, rbuf+strlen(rbuf), rlen);
+diff --git a/lldp_8021qaz.c b/lldp_8021qaz.c
+index 16ae167..e747710 100644
+--- a/lldp_8021qaz.c
++++ b/lldp_8021qaz.c
+@@ -48,7 +48,6 @@
+ #include "lldp_dcbx.h"
+
+
+-struct lldp_head lldp_head;
+ extern config_t lldpad_cfg;
+ extern bool read_only_8021qaz;
+
+@@ -84,7 +83,7 @@ static int ieee8021qaz_check_pending(struct port *port,
+ if (!port->portEnabled)
+ return 0;
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ if (iud) {
+ LIST_FOREACH(tlv, &iud->head, entry) {
+ if (!strncmp(port->ifname, tlv->ifname, IFNAMSIZ)) {
+@@ -143,7 +142,7 @@ struct ieee8021qaz_tlvs *ieee8021qaz_data(const char *ifname)
+ struct ieee8021qaz_user_data *iud;
+ struct ieee8021qaz_tlvs *tlv = NULL;
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ if (iud) {
+ LIST_FOREACH(tlv, &iud->head, entry) {
+ if (!strncmp(tlv->ifname, ifname, IFNAMSIZ))
+@@ -629,7 +628,7 @@ void ieee8021qaz_ifup(char *ifname, struct lldp_agent *agent)
+ LIST_INIT(&tlvs->app_head);
+ read_cfg_file(port->ifname, agent, tlvs);
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ LIST_INSERT_HEAD(&iud->head, tlvs, entry);
+
+ initialized:
+@@ -2179,7 +2178,7 @@ int ieee8021qaz_tlvs_rxed(const char *ifname)
+ struct ieee8021qaz_user_data *iud;
+ struct ieee8021qaz_tlvs *tlv = NULL;
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ if (iud) {
+ LIST_FOREACH(tlv, &iud->head, entry) {
+ if (!strncmp(tlv->ifname, ifname, IFNAMSIZ))
+@@ -2198,7 +2197,7 @@ int ieee8021qaz_check_active(const char *ifname)
+ struct ieee8021qaz_user_data *iud;
+ struct ieee8021qaz_tlvs *tlv = NULL;
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ if (iud) {
+ LIST_FOREACH(tlv, &iud->head, entry) {
+ if (!strncmp(tlv->ifname, ifname, IFNAMSIZ))
+diff --git a/lldp_8023.c b/lldp_8023.c
+index 422026e..8a03211 100644
+--- a/lldp_8023.c
++++ b/lldp_8023.c
+@@ -39,8 +39,6 @@
+ #include "lldp_8023_clif.h"
+ #include "lldp_8023_cmds.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct tlv_info_8023_maccfg {
+ u8 oui[3];
+ u8 sub;
+@@ -84,7 +82,7 @@ static struct ieee8023_data *ieee8023_data(const char *ifname, enum agent_type t
+ struct ieee8023_user_data *ud;
+ struct ieee8023_data *bd = NULL;
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8023);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8023);
+ if (ud) {
+ LIST_FOREACH(bd, &ud->head, entry) {
+ if (!strncmp(ifname, bd->ifname, IFNAMSIZ) &&
+@@ -456,7 +454,7 @@ void ieee8023_ifup(char *ifname, struct lldp_agent *agent)
+ goto out_err;
+ }
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8023);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8023);
+ LIST_INSERT_HEAD(&ud->head, bd, entry);
+ LLDPAD_INFO("%s:port %s added\n", __func__, ifname);
+ return;
+diff --git a/lldp_basman.c b/lldp_basman.c
+index a4f69c1..614e2a2 100644
+--- a/lldp_basman.c
++++ b/lldp_basman.c
+@@ -75,8 +75,6 @@ struct tlv_info_manaddr {
+ struct tlv_info_maoid o;
+ } __attribute__ ((__packed__));
+
+-extern struct lldp_head lldp_head;
+-
+ static const struct lldp_mod_ops basman_ops = {
+ .lldp_mod_register = basman_register,
+ .lldp_mod_unregister = basman_unregister,
+@@ -91,7 +89,7 @@ static struct basman_data *basman_data(const char *ifname, enum agent_type type)
+ struct basman_user_data *bud;
+ struct basman_data *bd = NULL;
+
+- bud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_BASIC);
++ bud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_BASIC);
+ if (bud) {
+ LIST_FOREACH(bd, &bud->head, entry) {
+ if (!strncmp(ifname, bd->ifname, IFNAMSIZ) &&
+@@ -688,7 +686,7 @@ void basman_ifup(char *ifname, struct lldp_agent *agent)
+ goto out_err;
+ }
+
+- bud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_BASIC);
++ bud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_BASIC);
+ LIST_INSERT_HEAD(&bud->head, bd, entry);
+ LLDPAD_DBG("%s:port %s added\n", __func__, ifname);
+ return;
+diff --git a/lldp_evb.c b/lldp_evb.c
+index dcdcc7e..a8f3965 100644
+--- a/lldp_evb.c
++++ b/lldp_evb.c
+@@ -36,14 +36,12 @@
+ #include "messages.h"
+ #include "config.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct evb_data *evb_data(char *ifname, enum agent_type type)
+ {
+ struct evb_user_data *ud;
+ struct evb_data *ed = NULL;
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB);
+ if (ud) {
+ LIST_FOREACH(ed, &ud->head, entry) {
+ if (!strncmp(ifname, ed->ifname, IFNAMSIZ) &&
+@@ -347,7 +345,7 @@ static void evb_ifup(char *ifname, struct lldp_agent *agent)
+
+ evb_init_tlv(ed, agent);
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB);
+ LIST_INSERT_HEAD(&ud->head, ed, entry);
+ LLDPAD_DBG("%s:%s agent %d added\n", __func__, ifname, agent->type);
+ }
+diff --git a/lldp_evb22.c b/lldp_evb22.c
+index 76ba883..6e92d9d 100644
+--- a/lldp_evb22.c
++++ b/lldp_evb22.c
+@@ -37,14 +37,12 @@
+ #include "messages.h"
+ #include "config.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct evb22_data *evb22_data(char *ifname, enum agent_type type)
+ {
+ struct evb22_user_data *ud;
+ struct evb22_data *ed = NULL;
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB22);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB22);
+ if (ud) {
+ LIST_FOREACH(ed, &ud->head, entry) {
+ if (!strncmp(ifname, ed->ifname, IFNAMSIZ) &&
+@@ -453,7 +451,7 @@ static void evb22_ifup(char *ifname, struct lldp_agent *agent)
+ STRNCPY_TERMINATED(ed->ifname, ifname, IFNAMSIZ);
+ ed->agenttype = agent->type;
+ evb22_init_tlv(ed, agent);
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB22);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB22);
+ LIST_INSERT_HEAD(&ud->head, ed, entry);
+ LLDPAD_DBG("%s:%s agent %d added\n", __func__, ifname, agent->type);
+ }
+diff --git a/lldp_mand.c b/lldp_mand.c
+index 0db63cb..b857a88 100644
+--- a/lldp_mand.c
++++ b/lldp_mand.c
+@@ -42,8 +42,6 @@
+ #include "lldp/l2_packet.h"
+ #include "lldp_tlv.h"
+
+-extern struct lldp_head lldp_head;
+-
+ static const struct lldp_mod_ops mand_ops = {
+ .lldp_mod_register = mand_register,
+ .lldp_mod_unregister = mand_unregister,
+@@ -59,7 +57,7 @@ struct mand_data *mand_data(const char *ifname, enum agent_type type)
+ struct mand_user_data *mud;
+ struct mand_data *md = NULL;
+
+- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MAND);
++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MAND);
+ if (mud) {
+ LIST_FOREACH(md, &mud->head, entry) {
+ if (!strncmp(ifname, md->ifname, IFNAMSIZ) &&
+@@ -608,7 +606,7 @@ void mand_ifup(char *ifname, struct lldp_agent *agent)
+ STRNCPY_TERMINATED(md->ifname, ifname, IFNAMSIZ);
+ md->agenttype = agent->type;
+
+- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MAND);
++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MAND);
+ LIST_INSERT_HEAD(&mud->head, md, entry);
+ }
+
+@@ -636,7 +634,7 @@ struct lldp_module *mand_register(void)
+ LLDPAD_ERR("failed to malloc LLDP Mandatory module data\n");
+ goto out_err;
+ }
+- mud = malloc(sizeof(struct mand_user_data));
++ mud = malloc(sizeof(struct mand_user_data));
+ if (!mud) {
+ free(mod);
+ LLDPAD_ERR("failed to malloc LLDP Mandatory module user data\n");
+@@ -644,8 +642,8 @@ struct lldp_module *mand_register(void)
+ }
+ LIST_INIT(&mud->head);
+ mod->id = LLDP_MOD_MAND;
++ mod->data = mud;
+ mod->ops = &mand_ops;
+- mod->data = mud;
+ LLDPAD_INFO("%s:done\n", __func__);
+ return mod;
+ out_err:
+diff --git a/lldp_med.c b/lldp_med.c
+index f6c373e..7b6996e 100644
+--- a/lldp_med.c
++++ b/lldp_med.c
+@@ -40,8 +40,6 @@
+ #include "lldp_mand_clif.h"
+ #include "lldp_med_cmds.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct tlv_info_medcaps {
+ u8 oui[OUI_SIZE];
+ u8 subtype;
+@@ -95,7 +93,7 @@ static struct med_data *med_data(const char *ifname, enum agent_type type)
+ struct med_user_data *mud;
+ struct med_data *md = NULL;
+
+- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MED);
++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MED);
+ if (mud) {
+ LIST_FOREACH(md, &mud->head, entry) {
+ if (!strncmp(ifname, md->ifname, IFNAMSIZ) &&
+@@ -914,7 +912,7 @@ void med_ifup(char *ifname, struct lldp_agent *agent)
+ free(md);
+ goto out_err;
+ }
+- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MED);
++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MED);
+ LIST_INSERT_HEAD(&mud->head, md, entry);
+ LLDPAD_INFO("%s:port %s added\n", __func__, ifname);
+ return;
+diff --git a/qbg_utils.c b/qbg_utils.c
+index 9daeade..0d40c5b 100644
+--- a/qbg_utils.c
++++ b/qbg_utils.c
+@@ -36,7 +36,6 @@
+ #include "qbg_utils.h"
+
+ extern int loglvl; /* Global lldpad log level */
+-extern struct lldp_head lldp_head;
+
+ /*
+ * hexdump_frame - print raw evb/ecp/vdp frame
+@@ -73,7 +72,7 @@ void hexdump_frame(const char *ifname, char *txt, const unsigned char *buf,
+ */
+ int modules_notify(int id, int sender_id, char *ifname, void *data)
+ {
+- struct lldp_module *mp = find_module_by_id(&lldp_head, id);
++ struct lldp_module *mp = find_module_by_id(&lldp_mod_head, id);
+ int rc = 0;
+
+ if (mp && mp->ops->lldp_mod_notify)
+--
+2.18.1
+
diff --git a/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb b/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb
index d8a0d69..ec3e557 100644
--- a/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb
+++ b/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb
@@ -27,6 +27,7 @@
file://0007-lldp_8021qaz-extern-config-object.patch \
file://0008-stringops-fix-some-string-copy-errors.patch \
file://0009-8021qaz-mark-prio-map-functions-static.patch \
+ file://lldp_head-remove-all-references.patch \
"
# Makefile.am adds -Werror to AM_CFLAGS. There are warnings so disable it.
diff --git a/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb b/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb
index 799cf86..bb1ee7d 100644
--- a/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb
+++ b/meta-openembedded/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb
@@ -16,3 +16,10 @@
inherit cmake pkgconfig binconfig
BBCLASSEXTEND = "native nativesdk"
+
+do_install_append() {
+ sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \
+ -i ${D}${libdir}/pkgconfig/*.pc
+}
diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb
similarity index 91%
rename from meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb
rename to meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb
index ae92de2..1d227da 100644
--- a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb
+++ b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb
@@ -3,14 +3,14 @@
SECTION = "libs"
LICENSE = "LGPL-3.0+ & GPL-3.0+"
LIC_FILES_CHKSUM = "file://talloc.h;beginline=3;endline=27;md5=a301712782cad6dd6d5228bfa7825249 \
- file://pytalloc.h;beginline=1;endline=18;md5=2c498cc6f2263672483237b20f46b43d"
+ file://pytalloc.h;beginline=1;endline=18;md5=21ab13bd853679d7d47a1739cb3b7db6 \
+ "
SRC_URI = "https://www.samba.org/ftp/talloc/talloc-${PV}.tar.gz \
file://options-2.2.0.patch \
"
-SRC_URI[md5sum] = "3376a86bdf9dd4abc6b8d8d645390902"
-SRC_URI[sha256sum] = "27a03ef99e384d779124df755deb229cd1761f945eca6d200e8cfd9bf5297bd7"
+SRC_URI[sha256sum] = "6be95b2368bd0af1c4cd7a88146eb6ceea18e46c3ffc9330bf6262b40d1d8aaa"
inherit waf-samba
diff --git a/meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb b/meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb
similarity index 93%
rename from meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb
rename to meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb
index 959cccf..32a9307 100644
--- a/meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb
+++ b/meta-openembedded/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb
@@ -11,7 +11,7 @@
https://github.com/nghttp2/nghttp2/releases/download/v${PV}/nghttp2-${PV}.tar.xz \
file://0001-fetch-ocsp-response-use-python3.patch \
"
-SRC_URI[sha256sum] = "f7d54fa6f8aed29f695ca44612136fa2359013547394d5dffeffca9e01a26b0f"
+SRC_URI[sha256sum] = "5699473b29941e8dafed10de5c8cb37a3581edf62ba7d04b911ca247d4de3c5d"
inherit cmake manpages python3native
PACKAGECONFIG[manpages] = ""
diff --git a/meta-openembedded/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch b/meta-openembedded/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch
new file mode 100644
index 0000000..8fdd62d
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch
@@ -0,0 +1,116 @@
+From 1ec621c85b9411cc611652fd57a892cfef478af3 Mon Sep 17 00:00:00 2001
+From: Luca Deri <deri@ntop.org>
+Date: Sat, 15 May 2021 19:53:46 +0200
+Subject: [PATCH] Added further checks
+
+Upstream-Status: Backport [https://github.com/ntop/nDPI/commit/1ec621c85b9411cc611652fd57a892cfef478af3]
+CVE: CVE-2021-36082
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+
+---
+ src/lib/protocols/netbios.c | 2 +-
+ src/lib/protocols/tls.c | 32 +++++++++++++++++---------------
+ 2 files changed, 18 insertions(+), 16 deletions(-)
+
+diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c
+index 1f3850cb..0d3b705f 100644
+--- a/src/lib/protocols/netbios.c
++++ b/src/lib/protocols/netbios.c
+@@ -42,7 +42,7 @@ int ndpi_netbios_name_interpret(char *in, size_t inlen, char *out, u_int out_len
+ int ret = 0, len, idx = inlen;
+ char *b;
+
+- len = (*in++)/2;
++ len = (*in++)/2, inlen--;
+ b = out;
+ *out = 0;
+
+diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
+index 5b572cae..c115ac08 100644
+--- a/src/lib/protocols/tls.c
++++ b/src/lib/protocols/tls.c
+@@ -994,21 +994,23 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
+ i += 4 + extension_len, offset += 4 + extension_len;
+ }
+
+- ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version);
++ ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.tls_handshake_version);
+
+- for(i=0; i<ja3.num_cipher; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]);
++ for(i=0; (i<ja3.num_cipher) && (JA3_STR_LEN > ja3_str_len); i++) {
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]);
+
+ if(rc <= 0) break; else ja3_str_len += rc;
+ }
+
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
+- if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
++ if(JA3_STR_LEN > ja3_str_len) {
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
++ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
++ }
+
+ /* ********** */
+
+- for(i=0; i<ja3.num_tls_extension; i++) {
+- int rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]);
++ for(i=0; (i<ja3.num_tls_extension) && (JA3_STR_LEN-ja3_str_len); i++) {
++ int rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]);
+
+ if(rc <= 0) break; else ja3_str_len += rc;
+ }
+@@ -1443,41 +1445,41 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
+ int rc;
+
+ compute_ja3c:
+- ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version);
++ ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.tls_handshake_version);
+
+ for(i=0; i<ja3.num_cipher; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ (i > 0) ? "-" : "", ja3.cipher[i]);
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break;
+ }
+
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
+
+ /* ********** */
+
+ for(i=0; i<ja3.num_tls_extension; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ (i > 0) ? "-" : "", ja3.tls_extension[i]);
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break;
+ }
+
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
+
+ /* ********** */
+
+ for(i=0; i<ja3.num_elliptic_curve; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ (i > 0) ? "-" : "", ja3.elliptic_curve[i]);
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break;
+ }
+
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
+
+ for(i=0; i<ja3.num_elliptic_curve_point_format; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ (i > 0) ? "-" : "", ja3.elliptic_curve_point_format[i]);
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break;
+ }
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/ntopng/ndpi_3.4.bb b/meta-openembedded/meta-networking/recipes-support/ntopng/ndpi_3.4.bb
index 22e4d8e..b90f575 100644
--- a/meta-openembedded/meta-networking/recipes-support/ntopng/ndpi_3.4.bb
+++ b/meta-openembedded/meta-networking/recipes-support/ntopng/ndpi_3.4.bb
@@ -11,6 +11,7 @@
SRCREV = "64929a75e0a7a60d864bd25a9fd97fdf9ac892a2"
SRC_URI = "git://github.com/ntop/nDPI.git;branch=3.4-stable \
file://0001-autogen.sh-not-generate-configure.patch \
+ file://CVE-2021-36082.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.6.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb
similarity index 96%
rename from meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.6.bb
rename to meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb
index 6acd849..2e0fdae 100644
--- a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.6.bb
+++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb
@@ -19,7 +19,7 @@
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
-SRC_URI[sha256sum] = "12a678208f8cb009e6b9d96026e41a6ef03c7ad086b9e1029f42053b249b4628"
+SRC_URI[sha256sum] = "6c4cee51ef997cb9d9aaee84113525a5629157d3c743d7c4e320000de804a09d"
PE = "1"
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.bb b/meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb
similarity index 73%
rename from meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.bb
rename to meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb
index c852726..6f2f1b4 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb
@@ -2,13 +2,13 @@
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "http://sourceforge.net/projects/linuxptp/files/v${PV}/linuxptp-${PV}.tgz \
+SRC_URI = "http://sourceforge.net/projects/linuxptp/files/v3.1/linuxptp-${PV}.tgz \
file://build-Allow-CC-and-prefix-to-be-overriden.patch \
file://Use-cross-cpp-in-incdefs.patch \
"
-SRC_URI[md5sum] = "2264cb69c9af947028835c12c89a7572"
-SRC_URI[sha256sum] = "f58f5b11cf14dc7c4f7c9efdfb27190e43d02cf20c3525f6639edac10528ce7d"
+SRC_URI[md5sum] = "3b79ab5e77c5b5cf06bc1c8350d405bb"
+SRC_URI[sha256sum] = "94d6855f9b7f2d8e9b0ca6d384e3fae6226ce6fc012dbad02608bdef3be1c0d9"
EXTRA_OEMAKE = "ARCH=${TARGET_ARCH} EXTRA_CFLAGS='${CFLAGS}'"
diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc
index 5787ae4..63ab940 100644
--- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc
+++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc
@@ -4,7 +4,7 @@
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b1becf0cfa3366e0f4d854d1d264f311"
-SRC_URI = "https://downloads.mariadb.org/interstitial/${BP}/source/${BP}.tar.gz \
+SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \
file://my.cnf \
file://mysqld.service \
file://install_db.service \
@@ -168,11 +168,6 @@
sed -i -e 's,@BINDIR@,${bindir},g' -e 's,@PREFIX@,${prefix},g' ${D}${systemd_unitdir}/system/mysqld.service \
${D}${systemd_unitdir}/system/install_db.service
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- install -d ${D}${sysconfdir}/tmpfiles.d
- echo "f /var/log/mysqld.err 0640 mysql mysql -" \
- > ${D}${sysconfdir}/tmpfiles.d/99-mysqld.conf
- fi
install -d ${D}${bindir}
install -m 755 ${WORKDIR}/mysql-systemd-start ${D}${bindir}
install -d ${D}${datadir}/doc/${PN}
diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/my.cnf b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/my.cnf
index dc4c172..75db46a 100644
--- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/my.cnf
+++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/my.cnf
@@ -10,7 +10,7 @@
port = 3306
socket = /var/lib/mysql/mysql.sock
pid-file = /var/lib/mysql/mysqld.pid
-log-error = /var/log/mysqld.err
+log-error = /var/log/mysqld.log
basedir = /usr
datadir = /var/lib/mysql
skip-external-locking
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-cleanup b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-cleanup
index 517227d..f27d77d 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-cleanup
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-cleanup
@@ -6,7 +6,7 @@
cd adb
-echo "" > UDC || true
+echo -n "" > UDC || true
killall adbd || true
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-setup b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-setup
index e44d1ba..dbd7115 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-setup
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-setup
@@ -23,8 +23,8 @@
mkdir functions/ffs.usb0
mkdir strings/0x409
mkdir configs/c.1/strings/0x409
-echo 0x18d1 > idVendor
-echo 0xd002 > idProduct
+echo -n 0x18d1 > idVendor
+echo -n 0xd002 > idProduct
echo "$serial" > strings/0x409/serialnumber
echo "$manufacturer" > strings/0x409/manufacturer
echo "$model" > strings/0x409/product
diff --git a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-start b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-start
index ca6c3df..d67878f 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-start
+++ b/meta-openembedded/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-start
@@ -4,4 +4,4 @@
sleep 3
-ls /sys/class/udc/ > /sys/kernel/config/usb_gadget/adb/UDC
+ls /sys/class/udc/ | xargs echo -n > /sys/kernel/config/usb_gadget/adb/UDC
diff --git a/meta-openembedded/meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb b/meta-openembedded/meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb
index 2a52dd6..8aa2eea 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb
@@ -16,3 +16,10 @@
EXTRA_OECONF = "--with-ssl=${STAGING_EXECPREFIXDIR} \
libtool=${TARGET_PREFIX}libtool"
+
+do_install_append() {
+ sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \
+ -i ${D}${libdir}/pkgconfig/*.pc
+}
diff --git a/meta-openembedded/meta-oe/recipes-devtools/perl/libdbi-perl/CVE-2014-10402.patch b/meta-openembedded/meta-oe/recipes-devtools/perl/libdbi-perl/CVE-2014-10402.patch
new file mode 100644
index 0000000..b41bbe0
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-devtools/perl/libdbi-perl/CVE-2014-10402.patch
@@ -0,0 +1,56 @@
+Backport patch to fix CVE-2014-10402.
+
+CVE: CVE-2014-10402
+Upstream-Status: Backport [https://github.com/rehsack/dbi/commit/19d0fb1]
+
+Ref:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972180#12
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+
+From 19d0fb169eed475e1c053e99036b8668625cfa94 Mon Sep 17 00:00:00 2001
+From: Jens Rehsack <sno@netbsd.org>
+Date: Tue, 6 Oct 2020 10:22:17 +0200
+Subject: [PATCH] lib/DBD/File.pm: fix CVE-2014-10401
+
+Dig into the root cause of RT#99508 - which resulted in CVE-2014-10401 - and
+figure out that DBI->parse_dsn is the wrong helper to parse our attributes in
+DSN, since in DBD::dr::connect only the "dbname" remains from DSN which causes
+parse_dsn to bailout.
+
+Parsing on our own similar to parse_dsn shows the way out.
+
+Signed-off-by: Jens Rehsack <sno@netbsd.org>
+---
+ lib/DBD/File.pm | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/lib/DBD/File.pm b/lib/DBD/File.pm
+index fb14e9a..f55076f 100644
+--- a/lib/DBD/File.pm
++++ b/lib/DBD/File.pm
+@@ -109,7 +109,11 @@ sub connect
+ # We do not (yet) care about conflicting attributes here
+ # my $dbh = DBI->connect ("dbi:CSV:f_dir=test", undef, undef, { f_dir => "text" });
+ # will test here that both test and text should exist
+- if (my $attr_hash = (DBI->parse_dsn ($dbname))[3]) {
++ #
++ # Parsing on our own similar to parse_dsn to find attributes in 'dbname' parameter.
++ if ($dbname) {
++ my @attrs = split /;/ => $dbname;
++ my $attr_hash = { map { split /\s*=>?\s*|\s*,\s*/, $_} @attrs };
+ if (defined $attr_hash->{f_dir} && ! -d $attr_hash->{f_dir}) {
+ my $msg = "No such directory '$attr_hash->{f_dir}";
+ $drh->set_err (2, $msg);
+@@ -120,7 +124,6 @@ sub connect
+ if ($attr and defined $attr->{f_dir} && ! -d $attr->{f_dir}) {
+ my $msg = "No such directory '$attr->{f_dir}";
+ $drh->set_err (2, $msg);
+- $attr->{RaiseError} and croak $msg;
+ return;
+ }
+
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-oe/recipes-devtools/perl/libdbi-perl_1.643.bb b/meta-openembedded/meta-oe/recipes-devtools/perl/libdbi-perl_1.643.bb
index 75fad46..c8abae6 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/perl/libdbi-perl_1.643.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/perl/libdbi-perl_1.643.bb
@@ -9,7 +9,9 @@
LICENSE = "Artistic-1.0 | GPL-1.0+"
LIC_FILES_CHKSUM = "file://LICENSE;md5=10982c7148e0a012c0fd80534522f5c5"
-SRC_URI = "http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-${PV}.tar.gz"
+SRC_URI = "http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-${PV}.tar.gz \
+ file://CVE-2014-10402.patch \
+ "
SRC_URI[md5sum] = "352f80b1e23769c116082a90905d7398"
SRC_URI[sha256sum] = "8a2b993db560a2c373c174ee976a51027dd780ec766ae17620c20393d2e836fa"
diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.16.bb b/meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.21.bb
similarity index 98%
rename from meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.16.bb
rename to meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.21.bb
index 821d9cd..4d42725 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.16.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.21.bb
@@ -33,7 +33,8 @@
"
S = "${WORKDIR}/php-${PV}"
-SRC_URI[sha256sum] = "85710f007cfd0fae94e13a02a3a036f4e81ef43693260cae8a2e1ca93659ce3e"
+SRC_URI[sha256sum] = "36ec6102e757e2c2b7742057a700bbff77c76fa0ccbe9c860398c3d24e32822a"
+
inherit autotools pkgconfig python3native gettext
diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2021-3560.patch b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2021-3560.patch
new file mode 100644
index 0000000..daf0b1e
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2021-3560.patch
@@ -0,0 +1,31 @@
+From a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 Mon Sep 17 00:00:00 2001
+From: Jan Rybar <jrybar@redhat.com>
+Date: Wed, 2 Jun 2021 15:43:38 +0200
+Subject: [PATCH] GHSL-2021-074: authentication bypass vulnerability in polkit
+
+initial values returned if error caught
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ src/polkit/polkitsystembusname.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
+index 8daa12c..8ed1363 100644
+--- a/src/polkit/polkitsystembusname.c
++++ b/src/polkit/polkitsystembusname.c
+@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus
+ while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
+ g_main_context_iteration (tmp_context, TRUE);
+
++ if (data.caught_error)
++ goto out;
++
+ if (out_uid)
+ *out_uid = data.uid;
+ if (out_pid)
+--
+2.29.2
+
diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit_0.116.bb b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit_0.116.bb
index ad1973b13..4b6363f 100644
--- a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit_0.116.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit_0.116.bb
@@ -25,6 +25,7 @@
SRC_URI = "http://www.freedesktop.org/software/polkit/releases/polkit-${PV}.tar.gz \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
file://0003-make-netgroup-support-optional.patch \
+ file://CVE-2021-3560.patch \
"
SRC_URI[md5sum] = "4b37258583393e83069a0e2e89c0162a"
SRC_URI[sha256sum] = "88170c9e711e8db305a12fdb8234fac5706c61969b94e084d0f117d8ec5d34b1"
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-32625.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-32625.patch
new file mode 100644
index 0000000..6311a5d
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-32625.patch
@@ -0,0 +1,61 @@
+From e9a1438ac4c52aa68dfa2a8324b6419356842116 Mon Sep 17 00:00:00 2001
+From: Oran Agra <oran@redislabs.com>
+Date: Tue, 1 Jun 2021 09:12:45 +0300
+Subject: [PATCH] Fix integer overflow in STRALGO LCS (CVE-2021-32625) (#9011)
+
+An integer overflow bug in Redis version 6.0 or newer can be exploited using the
+STRALGO LCS command to corrupt the heap and potentially result with remote code
+execution. This is a result of an incomplete fix by CVE-2021-29477.
+
+(cherry picked from commit 1ddecf1958924b178b76a31d989ef1e05af81964)
+
+
+CVE: CVE-2021-32625
+Upstream-Status: Backport [e9a1438ac4c52aa68dfa2a8324b6419356842116]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ src/t_string.c | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/src/t_string.c b/src/t_string.c
+index 490d5983a..587d3aeb8 100644
+--- a/src/t_string.c
++++ b/src/t_string.c
+@@ -797,6 +797,12 @@ void stralgoLCS(client *c) {
+ goto cleanup;
+ }
+
++ /* Detect string truncation or later overflows. */
++ if (sdslen(a) >= UINT32_MAX-1 || sdslen(b) >= UINT32_MAX-1) {
++ addReplyError(c, "String too long for LCS");
++ goto cleanup;
++ }
++
+ /* Compute the LCS using the vanilla dynamic programming technique of
+ * building a table of LCS(x,y) substrings. */
+ uint32_t alen = sdslen(a);
+@@ -805,9 +811,19 @@ void stralgoLCS(client *c) {
+ /* Setup an uint32_t array to store at LCS[i,j] the length of the
+ * LCS A0..i-1, B0..j-1. Note that we have a linear array here, so
+ * we index it as LCS[j+(blen+1)*j] */
+- uint32_t *lcs = zmalloc((size_t)(alen+1)*(blen+1)*sizeof(uint32_t));
+ #define LCS(A,B) lcs[(B)+((A)*(blen+1))]
+
++ /* Try to allocate the LCS table, and abort on overflow or insufficient memory. */
++ unsigned long long lcssize = (unsigned long long)(alen+1)*(blen+1); /* Can't overflow due to the size limits above. */
++ unsigned long long lcsalloc = lcssize * sizeof(uint32_t);
++ uint32_t *lcs = NULL;
++ if (lcsalloc < SIZE_MAX && lcsalloc / lcssize == sizeof(uint32_t))
++ lcs = ztrymalloc(lcsalloc);
++ if (!lcs) {
++ addReplyError(c, "Insufficient memory");
++ goto cleanup;
++ }
++
+ /* Start building the LCS table. */
+ for (uint32_t i = 0; i <= alen; i++) {
+ for (uint32_t j = 0; j <= blen; j++) {
+--
+2.32.0
+
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.2.bb b/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.2.bb
index a36c190..a9e6eaf 100644
--- a/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.2.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.2.bb
@@ -18,6 +18,7 @@
file://0006-Define-correct-gregs-for-RISCV32.patch \
file://fix-CVE-2021-29477.patch \
file://fix-CVE-2021-29478.patch \
+ file://fix-CVE-2021-32625.patch \
"
SRC_URI[sha256sum] = "7a260bb74860f1b88c3d5942bf8ba60ca59f121c6dce42d3017bed6add0b9535"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb b/meta-openembedded/meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb
index 51f5a4e..3b01a21 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/fvwm/fvwm_2.6.9.bb
@@ -82,12 +82,17 @@
install -d -m 0755 ${D}/${datadir}/fvwm
touch ${D}/${datadir}/fvwm/ConfigFvwmDefaults
+ sed -i -e 's:${STAGING_BINDIR_NATIVE}/perl-native/perl:${USRBINPATH}/env perl:g' ${D}${bindir}/fvwm-*
+ sed -i -e 's:${STAGING_BINDIR_NATIVE}/perl-native/perl:${USRBINPATH}/env perl:g' ${D}${libexecdir}/fvwm/*/Fvwm*
+ sed -i -e 's:${STAGING_BINDIR_NATIVE}/python3-native/python3:${USRBINPATH}/env python3:g' ${D}${bindir}/fvwm-menu-desktop
}
# the only needed packages (note: locale packages are automatically generated
# as well)
PACKAGES = " \
${PN} \
+ ${PN}-extra \
+ ${PN}-doc \
${PN}-dbg \
"
@@ -98,12 +103,20 @@
${datadir}/fvwm/ConfigFvwmDefaults \
"
+FILES_${PN}-extra = " \
+ ${bindir} \
+ ${libexecdir} \
+ ${sysconfdir}/xdg/fvwm \
+"
+FILES_${PN}-doc = " \
+ ${mandir} \
+ ${datadir}/fvwm \
+"
+
RDEPENDS_${PN} = " \
xuser-account \
"
-
-# by default a lot of stuff is installed and it's not easy to control what to
-# install, so install everything, but skip the check
-INSANE_SKIP_${PN} = " \
- installed-vs-shipped \
+RDEPENDS_${PN}-extra += "\
+ perl \
+ python3-core \
"
diff --git a/meta-openembedded/meta-oe/recipes-support/gd/gd/0001-fix-read-out-of-bands-in-reading-tga-header-file.patch b/meta-openembedded/meta-oe/recipes-support/gd/gd/0001-fix-read-out-of-bands-in-reading-tga-header-file.patch
new file mode 100644
index 0000000..649b9b7
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-support/gd/gd/0001-fix-read-out-of-bands-in-reading-tga-header-file.patch
@@ -0,0 +1,33 @@
+From 8b111b2b4a4842179be66db68d84dda91a246032 Mon Sep 17 00:00:00 2001
+From: maryam ebrahimzadeh <maryam.ebr@student.sharif.edu>
+Date: Mon, 19 Jul 2021 10:07:13 +0430
+Subject: [PATCH] fix read out-of-bands in reading tga header file
+
+CVE: CVE-2021-38115
+Upstream-Status: Backport [8b111b2b4a4842179be66db68d84dda91a246032]
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ src/gd_tga.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/gd_tga.c b/src/gd_tga.c
+index cae9428..286febb 100644
+--- a/src/gd_tga.c
++++ b/src/gd_tga.c
+@@ -191,7 +191,11 @@ int read_header_tga(gdIOCtx *ctx, oTga *tga)
+ return -1;
+ }
+
+- gdGetBuf(tga->ident, tga->identsize, ctx);
++
++ if (gdGetBuf(tga->ident, tga->identsize, ctx) != tga->identsize) {
++ gd_error("fail to read header ident");
++ return -1;
++ }
+ }
+
+ return 1;
+--
+2.25.1
+
diff --git a/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.2.bb b/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.2.bb
index 3789641..557b45d 100644
--- a/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.2.bb
+++ b/meta-openembedded/meta-oe/recipes-support/gd/gd_2.3.2.bb
@@ -14,6 +14,7 @@
DEPENDS = "freetype libpng jpeg zlib tiff"
SRC_URI = "git://github.com/libgd/libgd.git;branch=master \
+ file://0001-fix-read-out-of-bands-in-reading-tga-header-file.patch \
"
SRCREV = "2e40f55bfb460fc9d8cbcd290a0c9eb908d5af7e"
diff --git a/meta-openembedded/meta-oe/recipes-support/htop/htop_3.0.5.bb b/meta-openembedded/meta-oe/recipes-support/htop/htop_3.0.5.bb
index 8e9b95d..c757f7f 100644
--- a/meta-openembedded/meta-oe/recipes-support/htop/htop_3.0.5.bb
+++ b/meta-openembedded/meta-oe/recipes-support/htop/htop_3.0.5.bb
@@ -31,3 +31,5 @@
PACKAGECONFIG[sensors] = "--with-sensors,--without-sensors,lmsensors,lmsensors-libsensors"
FILES_${PN} += "${datadir}/icons/hicolor/scalable/apps/htop.svg"
+
+RDEPENDS_${PN} += "ncurses-terminfo-base"
diff --git a/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/40-linux-5.13-support.patch b/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/40-linux-5.13-support.patch
deleted file mode 100644
index e95e240..0000000
--- a/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/40-linux-5.13-support.patch
+++ /dev/null
@@ -1,276 +0,0 @@
-Subject: Fix build errors with linux 5.13
-Origin: upstream, https://www.virtualbox.org/browser/vbox/trunk
-Bug: https://bugs.launchpad.net/bugs/1929193
-
-diff -urpN virtualbox-6.1.22-dfsg.orig/src/VBox/Additions/linux/drm/vbox_drv.h virtualbox-6.1.22-dfsg/src/VBox/Additions/linux/drm/vbox_drv.h
---- virtualbox-6.1.22-dfsg.orig/src/VBox/Additions/linux/drm/vbox_drv.h 2021-04-28 16:24:47.000000000 +0000
-+++ virtualbox-6.1.22-dfsg/src/VBox/Additions/linux/drm/vbox_drv.h 2021-06-23 10:08:44.431714404 +0000
-@@ -46,20 +41,20 @@
- * Evaluates to true if the linux kernel version is equal or higher to the
- * one specfied. */
- #define RTLNX_VER_MIN(a_Major, a_Minor, a_Patch) \
-- (LINUX_VERSION_CODE >= KERNEL_VERSION(a_Major, a_Minor, a_Patch))
-+ (LINUX_VERSION_CODE >= KERNEL_VERSION(a_Major, a_Minor, a_Patch))
-
- /** @def RTLNX_VER_MAX
- * Evaluates to true if the linux kernel version is less to the one specfied
- * (exclusive). */
- #define RTLNX_VER_MAX(a_Major, a_Minor, a_Patch) \
-- (LINUX_VERSION_CODE < KERNEL_VERSION(a_Major, a_Minor, a_Patch))
-+ (LINUX_VERSION_CODE < KERNEL_VERSION(a_Major, a_Minor, a_Patch))
-
- /** @def RTLNX_VER_RANGE
- * Evaluates to true if the linux kernel version is equal or higher to the given
- * minimum version and less (but not equal) to the maximum version (exclusive). */
- #define RTLNX_VER_RANGE(a_MajorMin, a_MinorMin, a_PatchMin, a_MajorMax, a_MinorMax, a_PatchMax) \
-- ( LINUX_VERSION_CODE >= KERNEL_VERSION(a_MajorMin, a_MinorMin, a_PatchMin) \
-- && LINUX_VERSION_CODE < KERNEL_VERSION(a_MajorMax, a_MinorMax, a_PatchMax) )
-+ ( LINUX_VERSION_CODE >= KERNEL_VERSION(a_MajorMin, a_MinorMin, a_PatchMin) \
-+ && LINUX_VERSION_CODE < KERNEL_VERSION(a_MajorMax, a_MinorMax, a_PatchMax) )
-
-
- /** @def RTLNX_RHEL_MIN
-@@ -70,7 +65,7 @@
- */
- #if defined(RHEL_MAJOR) && defined(RHEL_MINOR)
- # define RTLNX_RHEL_MIN(a_iMajor, a_iMinor) \
-- ((RHEL_MAJOR) > (a_iMajor) || ((RHEL_MAJOR) == (a_iMajor) && (RHEL_MINOR) >= (a_iMinor)))
-+ ((RHEL_MAJOR) > (a_iMajor) || ((RHEL_MAJOR) == (a_iMajor) && (RHEL_MINOR) >= (a_iMinor)))
- #else
- # define RTLNX_RHEL_MIN(a_iMajor, a_iMinor) (0)
- #endif
-@@ -83,7 +78,7 @@
- */
- #if defined(RHEL_MAJOR) && defined(RHEL_MINOR)
- # define RTLNX_RHEL_MAX(a_iMajor, a_iMinor) \
-- ((RHEL_MAJOR) < (a_iMajor) || ((RHEL_MAJOR) == (a_iMajor) && (RHEL_MINOR) < (a_iMinor)))
-+ ((RHEL_MAJOR) < (a_iMajor) || ((RHEL_MAJOR) == (a_iMajor) && (RHEL_MINOR) < (a_iMinor)))
- #else
- # define RTLNX_RHEL_MAX(a_iMajor, a_iMinor) (0)
- #endif
-@@ -95,7 +90,7 @@
- */
- #if defined(RHEL_MAJOR) && defined(RHEL_MINOR)
- # define RTLNX_RHEL_RANGE(a_iMajorMin, a_iMinorMin, a_iMajorMax, a_iMinorMax) \
-- (RTLNX_RHEL_MIN(a_iMajorMin, a_iMinorMin) && RTLNX_RHEL_MAX(a_iMajorMax, a_iMinorMax))
-+ (RTLNX_RHEL_MIN(a_iMajorMin, a_iMinorMin) && RTLNX_RHEL_MAX(a_iMajorMax, a_iMinorMax))
- #else
- # define RTLNX_RHEL_RANGE(a_iMajorMin, a_iMinorMin, a_iMajorMax, a_iMinorMax) (0)
- #endif
-@@ -173,7 +168,9 @@
- #include <drm/ttm/ttm_bo_api.h>
- #include <drm/ttm/ttm_bo_driver.h>
- #include <drm/ttm/ttm_placement.h>
-+#if RTLNX_VER_MAX(5,13,0)
- #include <drm/ttm/ttm_memory.h>
-+#endif
- #if RTLNX_VER_MAX(5,12,0)
- # include <drm/ttm/ttm_module.h>
- #endif
-@@ -222,7 +219,7 @@ static inline void drm_gem_object_put(st
- VBVA_ADAPTER_INFORMATION_SIZE)
- #define GUEST_HEAP_SIZE VBVA_ADAPTER_INFORMATION_SIZE
- #define GUEST_HEAP_USABLE_SIZE (VBVA_ADAPTER_INFORMATION_SIZE - \
-- sizeof(HGSMIHOSTFLAGS))
-+ sizeof(struct hgsmi_host_flags))
- #define HOST_FLAGS_OFFSET GUEST_HEAP_USABLE_SIZE
-
- /** How frequently we refresh if the guest is not providing dirty rectangles. */
-@@ -232,7 +229,7 @@ static inline void drm_gem_object_put(st
- static inline void *devm_kcalloc(struct device *dev, size_t n, size_t size,
- gfp_t flags)
- {
-- return devm_kzalloc(dev, n * size, flags);
-+ return devm_kzalloc(dev, n * size, flags);
- }
- #endif
-
-@@ -244,7 +241,7 @@ struct vbox_private {
- u8 __iomem *guest_heap;
- u8 __iomem *vbva_buffers;
- struct gen_pool *guest_pool;
-- struct VBVABUFFERCONTEXT *vbva_info;
-+ struct vbva_buf_context *vbva_info;
- bool any_pitch;
- u32 num_crtcs;
- /** Amount of available VRAM, including space used for buffers. */
-@@ -252,7 +249,7 @@ struct vbox_private {
- /** Amount of available VRAM, not including space used for buffers. */
- u32 available_vram_size;
- /** Array of structures for receiving mode hints. */
-- VBVAMODEHINT *last_mode_hints;
-+ struct vbva_modehint *last_mode_hints;
-
- struct vbox_fbdev *fbdev;
-
-@@ -263,7 +260,11 @@ struct vbox_private {
- struct drm_global_reference mem_global_ref;
- struct ttm_bo_global_ref bo_global_ref;
- #endif
-+#if RTLNX_VER_MIN(5,13,0)
-+ struct ttm_device bdev;
-+#else
- struct ttm_bo_device bdev;
-+#endif
- bool mm_initialised;
- } ttm;
-
-diff -urpN virtualbox-6.1.22-dfsg.orig/src/VBox/Additions/linux/drm/vbox_ttm.c virtualbox-6.1.22-dfsg/src/VBox/Additions/linux/drm/vbox_ttm.c
---- virtualbox-6.1.22-dfsg.orig/src/VBox/Additions/linux/drm/vbox_ttm.c 2021-04-28 16:24:47.000000000 +0000
-+++ virtualbox-6.1.22-dfsg/src/VBox/Additions/linux/drm/vbox_ttm.c 2021-06-23 10:08:07.164057918 +0000
-@@ -48,7 +43,11 @@
- #endif
-
-
-+#if RTLNX_VER_MIN(5,13,0)
-+static inline struct vbox_private *vbox_bdev(struct ttm_device *bd)
-+#else
- static inline struct vbox_private *vbox_bdev(struct ttm_bo_device *bd)
-+#endif
- {
- return container_of(bd, struct vbox_private, ttm.bdev);
- }
-@@ -188,7 +187,7 @@ static int vbox_ttm_io_mem_reserve(struc
- mem->bus.size = mem->num_pages << PAGE_SHIFT;
- mem->bus.base = 0;
- mem->bus.is_iomem = false;
-- if (!(man->flags & TTM_MEMTYPE_FLAG_MAPPABLE))
-+ if (!(man->flags & TTM_MEMTYPE_FLAG_MAPPABLE))
- return -EINVAL;
- switch (mem->mem_type) {
- case TTM_PL_SYSTEM:
-@@ -205,8 +204,13 @@ static int vbox_ttm_io_mem_reserve(struc
- return 0;
- }
- #else
-+# if RTLNX_VER_MAX(5,13,0)
- static int vbox_ttm_io_mem_reserve(struct ttm_bo_device *bdev,
- struct ttm_resource *mem)
-+# else /* > 5.13.0 */
-+static int vbox_ttm_io_mem_reserve(struct ttm_device *bdev,
-+ struct ttm_resource *mem)
-+# endif /* > 5.13.0 */
- {
- struct vbox_private *vbox = vbox_bdev(bdev);
- mem->bus.addr = NULL;
-@@ -241,7 +245,12 @@ static int vbox_ttm_io_mem_reserve(struc
-
-
-
--#if RTLNX_VER_MIN(5,10,0)
-+#if RTLNX_VER_MIN(5,13,0)
-+static void vbox_ttm_io_mem_free(struct ttm_device *bdev,
-+ struct ttm_resource *mem)
-+{
-+}
-+#elif RTLNX_VER_MIN(5,10,0)
- static void vbox_ttm_io_mem_free(struct ttm_bo_device *bdev,
- struct ttm_resource *mem)
- {
-@@ -253,7 +262,13 @@ static void vbox_ttm_io_mem_free(struct
- }
- #endif
-
--#if RTLNX_VER_MIN(5,10,0)
-+#if RTLNX_VER_MIN(5,13,0)
-+static void vbox_ttm_tt_destroy(struct ttm_device *bdev, struct ttm_tt *tt)
-+{
-+ ttm_tt_fini(tt);
-+ kfree(tt);
-+}
-+#elif RTLNX_VER_MIN(5,10,0)
- static void vbox_ttm_tt_destroy(struct ttm_bo_device *bdev, struct ttm_tt *tt)
- {
- ttm_tt_fini(tt);
-@@ -333,7 +348,11 @@ static int vbox_bo_move(struct ttm_buffe
- }
- #endif
-
-+#if RTLNX_VER_MIN(5,13,0)
-+static struct ttm_device_funcs vbox_bo_driver = {
-+#else /* < 5.13.0 */
- static struct ttm_bo_driver vbox_bo_driver = {
-+#endif /* < 5.13.0 */
- .ttm_tt_create = vbox_ttm_tt_create,
- #if RTLNX_VER_MIN(5,10,0)
- .ttm_tt_destroy = vbox_ttm_tt_destroy,
-@@ -370,14 +389,22 @@ int vbox_mm_init(struct vbox_private *vb
- {
- int ret;
- struct drm_device *dev = vbox->dev;
-+#if RTLNX_VER_MIN(5,13,0)
-+ struct ttm_device *bdev = &vbox->ttm.bdev;
-+#else
- struct ttm_bo_device *bdev = &vbox->ttm.bdev;
-+#endif
-
- #if RTLNX_VER_MAX(5,0,0) && !RTLNX_RHEL_MAJ_PREREQ(7,7) && !RTLNX_RHEL_MAJ_PREREQ(8,1)
- ret = vbox_ttm_global_init(vbox);
- if (ret)
- return ret;
- #endif
-+#if RTLNX_VER_MIN(5,13,0)
-+ ret = ttm_device_init(&vbox->ttm.bdev,
-+#else
- ret = ttm_bo_device_init(&vbox->ttm.bdev,
-+#endif
- #if RTLNX_VER_MAX(5,0,0) && !RTLNX_RHEL_MAJ_PREREQ(7,7) && !RTLNX_RHEL_MAJ_PREREQ(8,1)
- vbox->ttm.bo_global_ref.ref.object,
- #endif
-@@ -429,7 +456,11 @@ int vbox_mm_init(struct vbox_private *vb
- return 0;
-
- err_device_release:
-+#if RTLNX_VER_MIN(5,13,0)
-+ ttm_device_fini(&vbox->ttm.bdev);
-+#else
- ttm_bo_device_release(&vbox->ttm.bdev);
-+#endif
- #if RTLNX_VER_MAX(5,0,0) && !RTLNX_RHEL_MAJ_PREREQ(7,7) && !RTLNX_RHEL_MAJ_PREREQ(8,1)
- err_ttm_global_release:
- vbox_ttm_global_release(vbox);
-@@ -446,7 +477,11 @@ void vbox_mm_fini(struct vbox_private *v
- #else
- arch_phys_wc_del(vbox->fb_mtrr);
- #endif
-+#if RTLNX_VER_MIN(5,13,0)
-+ ttm_device_fini(&vbox->ttm.bdev);
-+#else
- ttm_bo_device_release(&vbox->ttm.bdev);
-+#endif
- #if RTLNX_VER_MAX(5,0,0) && !RTLNX_RHEL_MAJ_PREREQ(7,7) && !RTLNX_RHEL_MAJ_PREREQ(8,1)
- vbox_ttm_global_release(vbox);
- #endif
-@@ -528,7 +563,9 @@ int vbox_bo_create(struct drm_device *de
- {
- struct vbox_private *vbox = dev->dev_private;
- struct vbox_bo *vboxbo;
-+#if RTLNX_VER_MAX(5,13,0)
- size_t acc_size;
-+#endif
- int ret;
-
- vboxbo = kzalloc(sizeof(*vboxbo), GFP_KERNEL);
-@@ -551,16 +588,20 @@ int vbox_bo_create(struct drm_device *de
-
- vbox_ttm_placement(vboxbo, VBOX_MEM_TYPE_VRAM | VBOX_MEM_TYPE_SYSTEM);
-
-+#if RTLNX_VER_MAX(5,13,0)
- acc_size = ttm_bo_dma_acc_size(&vbox->ttm.bdev, size,
- sizeof(struct vbox_bo));
-+#endif
-
- ret = ttm_bo_init(&vbox->ttm.bdev, &vboxbo->bo, size,
- ttm_bo_type_device, &vboxbo->placement,
- #if RTLNX_VER_MAX(4,17,0) && !RTLNX_RHEL_MAJ_PREREQ(7,6) && !RTLNX_SUSE_MAJ_PREREQ(15,1) && !RTLNX_SUSE_MAJ_PREREQ(12,5)
- align >> PAGE_SHIFT, false, NULL, acc_size,
--#else
-+#elif RTLNX_VER_MAX(5,13,0) /* < 5.13.0 */
- align >> PAGE_SHIFT, false, acc_size,
--#endif
-+#else /* > 5.13.0 */
-+ align >> PAGE_SHIFT, false,
-+#endif /* > 5.13.0 */
- #if RTLNX_VER_MIN(3,18,0) || RTLNX_RHEL_MAJ_PREREQ(7,2)
- NULL, NULL, vbox_bo_ttm_destroy);
- #else
diff --git a/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.22.bb b/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
similarity index 93%
rename from meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.22.bb
rename to meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
index 19b8f8f..1b2fb44 100644
--- a/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.22.bb
+++ b/meta-openembedded/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
@@ -13,11 +13,11 @@
SRC_URI = "http://download.virtualbox.org/virtualbox/${PV}/${VBOX_NAME}.tar.bz2 \
file://Makefile.utils \
- file://40-linux-5.13-support.patch \
file://add__divmoddi4.patch \
"
-SRC_URI[md5sum] = "abb1a20021e5915fe38c666e8c11cf80"
-SRC_URI[sha256sum] = "99816d2a15205d49362a31e8ffeb8262d2fa0678c751dfd0a7c43b2faca8be49"
+
+SRC_URI[md5sum] = "fce04bbef244b4df1a50e53d132d3e6f"
+SRC_URI[sha256sum] = "0212602eea878d6c9fd7f4a3e0182da3e4505f31d25f5539fb8f7b1fbe366195"
S ?= "${WORKDIR}/vbox_module"
S_task-patch = "${WORKDIR}/${VBOX_NAME}"
diff --git a/meta-openembedded/meta-oe/recipes-test/pm-qa/pm-qa_git.bb b/meta-openembedded/meta-oe/recipes-test/pm-qa/pm-qa_git.bb
index 7e9971e..bb64143 100644
--- a/meta-openembedded/meta-oe/recipes-test/pm-qa/pm-qa_git.bb
+++ b/meta-openembedded/meta-oe/recipes-test/pm-qa/pm-qa_git.bb
@@ -42,6 +42,7 @@
do
# Remove hardcoded relative paths
sed -i -e 's#..\/utils\/##' ${script}
+ sed -i -e 's#. ..\/Switches#${bindir}#g' ${script}
script_basename=`basename ${script}`
install -m 0755 $script ${D}${libdir}/${BPN}/${script_basename}
@@ -54,7 +55,7 @@
# if the script includes any helper scripts from the $libdir
# directory then change the source path to the absolute path
# to reflect the install location of the helper scripts.
- sed -i -e "s#source ../include#source ${libdir}/${BPN}#g" ${script}
+ sed -i -e "s#. ../include#. ${libdir}/${BPN}#g" ${script}
# Remove hardcoded relative paths
sed -i -e 's#..\/utils\/##' ${script}
diff --git a/poky/meta/classes/archiver.bbclass b/poky/meta/classes/archiver.bbclass
index a396230..dd31dc0 100644
--- a/poky/meta/classes/archiver.bbclass
+++ b/poky/meta/classes/archiver.bbclass
@@ -281,7 +281,10 @@
# ${STAGING_DATADIR}/aclocal/libtool.m4, so we can't re-run the
# do_configure, we archive the already configured ${S} to
# instead of.
- elif pn != 'libtool-native':
+ # The kernel class functions require it to be on work-shared, we
+ # don't unpack, patch, configure again, just archive the already
+ # configured ${S}
+ elif not (pn == 'libtool-native' or is_work_shared(d)):
def runTask(task):
prefuncs = d.getVarFlag(task, 'prefuncs') or ''
for func in prefuncs.split():
@@ -483,6 +486,9 @@
src_orig = '%s.orig' % src
oe.path.copytree(src, src_orig)
+ if bb.data.inherits_class('dos2unix', d):
+ bb.build.exec_func('do_convert_crlf_to_lf', d)
+
# Make sure gcc and kernel sources are patched only once
if not (d.getVar('SRC_URI') == "" or is_work_shared(d)):
bb.build.exec_func('do_patch', d)
diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass
index 112ee33..4fa1a64 100644
--- a/poky/meta/classes/cve-check.bbclass
+++ b/poky/meta/classes/cve-check.bbclass
@@ -20,7 +20,7 @@
# the only method to check against CVEs. Running this tool
# doesn't guarantee your packages are free of CVEs.
-# The product name that the CVE database uses. Defaults to BPN, but may need to
+# The product name that the CVE database uses defaults to BPN, but may need to
# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
CVE_PRODUCT ??= "${BPN}"
CVE_VERSION ??= "${PV}"
@@ -56,11 +56,11 @@
# Layers to be excluded
CVE_CHECK_LAYER_EXCLUDELIST ??= ""
-# Layers to be included
+# Layers to be included
CVE_CHECK_LAYER_INCLUDELIST ??= ""
-# set to "alphabetical" for version using single alphabetical character as increament release
+# set to "alphabetical" for version using single alphabetical character as increment release
CVE_VERSION_SUFFIX ??= ""
python cve_save_summary_handler () {
@@ -166,9 +166,12 @@
pn = d.getVar("PN")
cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+")
- # Matches last CVE-1234-211432 in the file name, also if written
- # with small letters. Not supporting multiple CVE id's in a single
- # file name.
+ # Matches the last "CVE-YYYY-ID" in the file name, also if written
+ # in lowercase. Possible to have multiple CVE IDs in a single
+ # file name, but only the last one will be detected from the file name.
+ # However, patch files contents addressing multiple CVE IDs are supported
+ # (cve_match regular expression)
+
cve_file_name_match = re.compile(".*([Cc][Vv][Ee]\-\d{4}\-\d+)")
patched_cves = set()
@@ -230,7 +233,7 @@
return ([], [], [])
pv = d.getVar("CVE_VERSION").split("+git")[0]
- # If the recipe has been whitlisted we return empty lists
+ # If the recipe has been whitelisted we return empty lists
if pn in d.getVar("CVE_CHECK_PN_WHITELIST").split():
bb.note("Recipe has been whitelisted, skipping check")
return ([], [], [])
@@ -355,7 +358,7 @@
if include_layers and layer not in include_layers:
return
- nvd_link = "https://web.nvd.nist.gov/view/vuln/detail?vulnId="
+ nvd_link = "https://nvd.nist.gov/vuln/detail/"
write_string = ""
unpatched_cves = []
bb.utils.mkdirhier(os.path.dirname(cve_file))
diff --git a/poky/meta/classes/license.bbclass b/poky/meta/classes/license.bbclass
index f7978e2..0d0faa2 100644
--- a/poky/meta/classes/license.bbclass
+++ b/poky/meta/classes/license.bbclass
@@ -31,7 +31,7 @@
f.write("%s: %s\n" % (key, info[key]))
}
-PSEUDO_IGNORE_PATHS .= ",${@','.join(((d.getVar('COMMON_LICENSE_DIR') or '') + ' ' + (d.getVar('LICENSE_PATH') or '')).split())}"
+PSEUDO_IGNORE_PATHS .= ",${@','.join(((d.getVar('COMMON_LICENSE_DIR') or '') + ' ' + (d.getVar('LICENSE_PATH') or '') + ' ' + d.getVar('COREBASE') + '/meta/COPYING').split())}"
# it would be better to copy them in do_install_append, but find_license_filesa is python
python perform_packagecopy_prepend () {
enabled = oe.data.typed_value('LICENSE_CREATE_PACKAGE', d)
diff --git a/poky/meta/classes/multilib.bbclass b/poky/meta/classes/multilib.bbclass
index 9f726e4..2ef75c0 100644
--- a/poky/meta/classes/multilib.bbclass
+++ b/poky/meta/classes/multilib.bbclass
@@ -105,7 +105,6 @@
d.setVar("LINGUAS_INSTALL", "")
# FIXME, we need to map this to something, not delete it!
d.setVar("PACKAGE_INSTALL_ATTEMPTONLY", "")
- bb.build.deltask('do_populate_sdk', d)
bb.build.deltask('do_populate_sdk_ext', d)
return
}
diff --git a/poky/meta/classes/populate_sdk_base.bbclass b/poky/meta/classes/populate_sdk_base.bbclass
index 33ba3fc..f8072a9 100644
--- a/poky/meta/classes/populate_sdk_base.bbclass
+++ b/poky/meta/classes/populate_sdk_base.bbclass
@@ -66,7 +66,7 @@
SDK_RDEPENDS = "${TOOLCHAIN_TARGET_TASK} ${TOOLCHAIN_HOST_TASK}"
SDK_DEPENDS = "virtual/fakeroot-native ${SDK_ARCHIVE_DEPENDS} cross-localedef-native nativesdk-qemuwrapper-cross ${@' '.join(["%s-qemuwrapper-cross" % m for m in d.getVar("MULTILIB_VARIANTS").split()])} qemuwrapper-cross"
-PATH_prepend = "${STAGING_DIR_HOST}${SDKPATHNATIVE}${bindir}/crossscripts:${@":".join(all_multilib_tune_values(d, 'STAGING_BINDIR_CROSS').split())}:"
+PATH_prepend = "${WORKDIR}/recipe-sysroot/${SDKPATHNATIVE}${bindir}/crossscripts:${@":".join(all_multilib_tune_values(d, 'STAGING_BINDIR_CROSS').split())}:"
SDK_DEPENDS += "nativesdk-glibc-locale"
# We want the MULTIARCH_TARGET_SYS to point to the TUNE_PKGARCH, not PACKAGE_ARCH as it
diff --git a/poky/meta/classes/sstate.bbclass b/poky/meta/classes/sstate.bbclass
index 2b5d94d..4bf087b 100644
--- a/poky/meta/classes/sstate.bbclass
+++ b/poky/meta/classes/sstate.bbclass
@@ -123,8 +123,6 @@
python () {
if bb.data.inherits_class('native', d):
d.setVar('SSTATE_PKGARCH', d.getVar('BUILD_ARCH', False))
- if d.getVar("PN") == "pseudo-native":
- d.appendVar('SSTATE_PKGARCH', '_${ORIGNATIVELSBSTRING}')
elif bb.data.inherits_class('crosssdk', d):
d.setVar('SSTATE_PKGARCH', d.expand("${BUILD_ARCH}_${SDK_ARCH}_${SDK_OS}"))
elif bb.data.inherits_class('cross', d):
@@ -707,6 +705,7 @@
pass
except OSError as e:
# Handle read-only file systems gracefully
+ import errno
if e.errno != errno.EROFS:
raise e
@@ -1020,6 +1019,7 @@
bb.parse.siggen.checkhashes(sq_data, missed, found, d)
return found
+setscene_depvalid[vardepsexclude] = "SSTATE_EXCLUDEDEPS_SYSROOT"
BB_SETSCENE_DEPVALID = "setscene_depvalid"
@@ -1153,6 +1153,7 @@
pass
except OSError as e:
# Handle read-only file systems gracefully
+ import errno
if e.errno != errno.EROFS:
raise e
diff --git a/poky/meta/classes/terminal.bbclass b/poky/meta/classes/terminal.bbclass
index 6059ae9..a564ee7 100644
--- a/poky/meta/classes/terminal.bbclass
+++ b/poky/meta/classes/terminal.bbclass
@@ -26,6 +26,9 @@
bb.utils.mkdirhier(os.path.dirname(runfile))
with open(runfile, 'w') as script:
+ # Override the shell shell_trap_code specifies.
+ # If our shell is bash, we might well face silent death.
+ script.write("#!/bin/bash\n")
script.write(bb.build.shell_trap_code())
bb.data.emit_func(cmd_func, script, envdata)
script.write(cmd_func)
@@ -37,7 +40,7 @@
def oe_terminal(command, title, d):
import oe.data
import oe.terminal
-
+
envdata = bb.data.init()
for v in os.environ:
diff --git a/poky/meta/classes/utils.bbclass b/poky/meta/classes/utils.bbclass
index 120bcc6..072ea1f 100644
--- a/poky/meta/classes/utils.bbclass
+++ b/poky/meta/classes/utils.bbclass
@@ -214,7 +214,7 @@
#!/bin/bash
realpath=\`readlink -fn \$0\`
realdir=\`dirname \$realpath\`
-exec -a \`dirname \$realpath\`/$cmdname \`dirname \$realpath\`/$cmdname.real $cmdoptions "\$@"
+exec -a \$realdir/$cmdname \$realdir/$cmdname.real $cmdoptions "\$@"
END
chmod +x $cmd
}
diff --git a/poky/meta/conf/bitbake.conf b/poky/meta/conf/bitbake.conf
index 385fc7d..5b52e93 100644
--- a/poky/meta/conf/bitbake.conf
+++ b/poky/meta/conf/bitbake.conf
@@ -638,7 +638,7 @@
DEBIAN_MIRROR = "http://ftp.debian.org/debian/pool"
GENTOO_MIRROR = "http://distfiles.gentoo.org/distfiles"
GNOME_GIT = "git://gitlab.gnome.org/GNOME"
-GNOME_MIRROR = "https://ftp.gnome.org/pub/GNOME/sources"
+GNOME_MIRROR = "https://download.gnome.org/sources/"
GNU_MIRROR = "https://ftp.gnu.org/gnu"
GNUPG_MIRROR = "https://www.gnupg.org/ftp/gcrypt"
GPE_MIRROR = "http://gpe.linuxtogo.org/download/source"
diff --git a/poky/meta/files/toolchain-shar-relocate.sh b/poky/meta/files/toolchain-shar-relocate.sh
index 5433741..ba87337 100644
--- a/poky/meta/files/toolchain-shar-relocate.sh
+++ b/poky/meta/files/toolchain-shar-relocate.sh
@@ -72,7 +72,7 @@
# change all symlinks pointing to @SDKPATH@
for l in $($SUDO_EXEC find $native_sysroot -type l); do
- $SUDO_EXEC ln -sfn $(readlink $l|$SUDO_EXEC sed -e "s:$DEFAULT_INSTALL_DIR:$target_sdk_dir:") $l
+ $SUDO_EXEC ln -sfn $(readlink $l|$SUDO_EXEC sed -e "s:$SDK_BUILD_PATH:$target_sdk_dir:") $l
if [ $? -ne 0 ]; then
echo "Failed to setup symlinks. Relocate script failed. Abort!"
exit 1
diff --git a/poky/meta/lib/oeqa/manual/toaster-managed-mode.json b/poky/meta/lib/oeqa/manual/toaster-managed-mode.json
index 12374c7..9566d9d 100644
--- a/poky/meta/lib/oeqa/manual/toaster-managed-mode.json
+++ b/poky/meta/lib/oeqa/manual/toaster-managed-mode.json
@@ -136,7 +136,7 @@
"expected_results": ""
},
"3": {
- "action": "Check that default values are as follows: \n\tDISTRO - poky \n\tIMAGE_FSTYPES - ext3 jffs2 tar.bz2 \n\tIMAGE_INSTALL_append - \"Not set\" \n\tPACKAGE_CLASES - package_rpm \n SSTATE_DIR - /homeDirectory/poky/sstate-cache \n\n",
+ "action": "Check that default values are as follows: \n\tDISTRO - poky \n\tIMAGE_FSTYPES - ext3 jffs2 tar.bz2 \n\tIMAGE_INSTALL_append - \"Not set\" \n\tPACKAGE_CLASSES - package_rpm \n SSTATE_DIR - /homeDirectory/poky/sstate-cache \n\n",
"expected_results": ""
},
"4": {
diff --git a/poky/meta/lib/oeqa/runtime/cases/date.py b/poky/meta/lib/oeqa/runtime/cases/date.py
index e143229..bd65374 100644
--- a/poky/meta/lib/oeqa/runtime/cases/date.py
+++ b/poky/meta/lib/oeqa/runtime/cases/date.py
@@ -28,14 +28,13 @@
self.assertEqual(status, 0, msg=msg)
oldDate = output
- sampleDate = '"2016-08-09 10:00:00"'
- (status, output) = self.target.run("date -s %s" % sampleDate)
+ sampleTimestamp = 1488800000
+ (status, output) = self.target.run("date -s @%d" % sampleTimestamp)
self.assertEqual(status, 0, msg='Date set failed, output: %s' % output)
- (status, output) = self.target.run("date -R")
- p = re.match('Tue, 09 Aug 2016 10:00:.. \+0000', output)
+ (status, output) = self.target.run('date +"%s"')
msg = 'The date was not set correctly, output: %s' % output
- self.assertTrue(p, msg=msg)
+ self.assertTrue(int(output) - sampleTimestamp < 300, msg=msg)
(status, output) = self.target.run('date -s "%s"' % oldDate)
msg = 'Failed to reset date, output: %s' % output
diff --git a/poky/meta/lib/oeqa/runtime/cases/parselogs.py b/poky/meta/lib/oeqa/runtime/cases/parselogs.py
index 1bb0425..e06f927 100644
--- a/poky/meta/lib/oeqa/runtime/cases/parselogs.py
+++ b/poky/meta/lib/oeqa/runtime/cases/parselogs.py
@@ -121,7 +121,7 @@
'synth uevent: /devices/vio: failed to send uevent',
'PCI 0000:00 Cannot reserve Legacy IO [io 0x10000-0x10fff]',
] + common_errors,
- 'qemuarm' : [
+ 'qemuarmv5' : [
'mmci-pl18x: probe of fpga:05 failed with error -22',
'mmci-pl18x: probe of fpga:0b failed with error -22',
'Failed to load module "glx"',
@@ -135,6 +135,7 @@
'OF: amba_device_add() failed (-19) for /amba/fpga/sci@a000',
'Failed to initialize \'/amba/timer@101e3000\': -22',
'jitterentropy: Initialization failed with host not compliant with requirements: 2',
+ 'clcd-pl11x: probe of 10120000.display failed with error -2',
] + common_errors,
'qemuarm64' : [
'Fatal server error:',
diff --git a/poky/meta/lib/oeqa/runtime/cases/ptest.py b/poky/meta/lib/oeqa/runtime/cases/ptest.py
index 0800f3c..00742da 100644
--- a/poky/meta/lib/oeqa/runtime/cases/ptest.py
+++ b/poky/meta/lib/oeqa/runtime/cases/ptest.py
@@ -57,7 +57,7 @@
ptest_dirs = [ '/usr/lib' ]
if not libdir in ptest_dirs:
ptest_dirs.append(libdir)
- status, output = self.target.run('ptest-runner -d \"{}\"'.format(' '.join(ptest_dirs)), 0)
+ status, output = self.target.run('ptest-runner -t 450 -d \"{}\"'.format(' '.join(ptest_dirs)), 0)
os.makedirs(ptest_log_dir)
with open(ptest_runner_log, 'w') as f:
f.write(output)
diff --git a/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb b/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb
index a07cdbd..69ac35e 100644
--- a/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb
@@ -25,6 +25,7 @@
file://initscript.patch \
file://0001-Fix-opening-etc-resolv.conf-error.patch \
file://handle-hup.patch \
+ file://local-ping.patch \
"
UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/"
diff --git a/poky/meta/recipes-connectivity/avahi/files/local-ping.patch b/poky/meta/recipes-connectivity/avahi/files/local-ping.patch
new file mode 100644
index 0000000..94116ad
--- /dev/null
+++ b/poky/meta/recipes-connectivity/avahi/files/local-ping.patch
@@ -0,0 +1,152 @@
+CVE: CVE-2021-36217
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001
+From: Tommi Rantala <tommi.t.rantala@nokia.com>
+Date: Mon, 8 Feb 2021 11:04:43 +0200
+Subject: [PATCH] Fix NULL pointer crashes from #175
+
+avahi-daemon is crashing when running "ping .local".
+The crash is due to failing assertion from NULL pointer.
+Add missing NULL pointer checks to fix it.
+
+Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd
+---
+ avahi-core/browse-dns-server.c | 5 ++++-
+ avahi-core/browse-domain.c | 5 ++++-
+ avahi-core/browse-service-type.c | 3 +++
+ avahi-core/browse-service.c | 3 +++
+ avahi-core/browse.c | 3 +++
+ avahi-core/resolve-address.c | 5 ++++-
+ avahi-core/resolve-host-name.c | 5 ++++-
+ avahi-core/resolve-service.c | 5 ++++-
+ 8 files changed, 29 insertions(+), 5 deletions(-)
+
+diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c
+index 049752e9..c2d914fa 100644
+--- a/avahi-core/browse-dns-server.c
++++ b/avahi-core/browse-dns-server.c
+@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new(
+ AvahiSDNSServerBrowser* b;
+
+ b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_dns_server_browser_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
+diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c
+index f145d56a..06fa70c0 100644
+--- a/avahi-core/browse-domain.c
++++ b/avahi-core/browse-domain.c
+@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new(
+ AvahiSDomainBrowser *b;
+
+ b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_domain_browser_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
+diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c
+index fdd22dcd..b1fc7af8 100644
+--- a/avahi-core/browse-service-type.c
++++ b/avahi-core/browse-service-type.c
+@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new(
+ AvahiSServiceTypeBrowser *b;
+
+ b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_service_type_browser_start(b);
+
+ return b;
+diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
+index 5531360c..63e0275a 100644
+--- a/avahi-core/browse-service.c
++++ b/avahi-core/browse-service.c
+@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new(
+ AvahiSServiceBrowser *b;
+
+ b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_service_browser_start(b);
+
+ return b;
+diff --git a/avahi-core/browse.c b/avahi-core/browse.c
+index 2941e579..e8a915e9 100644
+--- a/avahi-core/browse.c
++++ b/avahi-core/browse.c
+@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new(
+ AvahiSRecordBrowser *b;
+
+ b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_record_browser_start_query(b);
+
+ return b;
+diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c
+index ac0b29b1..e61dd242 100644
+--- a/avahi-core/resolve-address.c
++++ b/avahi-core/resolve-address.c
+@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new(
+ AvahiSAddressResolver *b;
+
+ b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_address_resolver_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
+diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c
+index 808b0e72..4e8e5973 100644
+--- a/avahi-core/resolve-host-name.c
++++ b/avahi-core/resolve-host-name.c
+@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new(
+ AvahiSHostNameResolver *b;
+
+ b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_host_name_resolver_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
+diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c
+index 66bf3cae..43771763 100644
+--- a/avahi-core/resolve-service.c
++++ b/avahi-core/resolve-service.c
+@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new(
+ AvahiSServiceResolver *b;
+
+ b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_service_resolver_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
diff --git a/poky/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch b/poky/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
new file mode 100644
index 0000000..8a52ac9
--- /dev/null
+++ b/poky/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
@@ -0,0 +1,40 @@
+From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17 00:00:00 2001
+From: Nikita Popov <npv1310@gmail.com>
+Date: Mon, 9 Aug 2021 20:17:34 +0530
+Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213)
+
+Helper thread frees copied attribute on NOTIFY_REMOVED message
+received from the OS kernel. Unfortunately, it fails to check whether
+copied attribute actually exists (data.attr != NULL). This worked
+earlier because free() checks passed pointer before actually
+attempting to release corresponding memory. But
+__pthread_attr_destroy assumes pointer is not NULL.
+
+So passing NULL pointer to __pthread_attr_destroy will result in
+segmentation fault. This scenario is possible if
+notification->sigev_notify_attributes == NULL (which means default
+thread attributes should be used).
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8]
+CVE: CVE-2021-38604
+
+Signed-off-by: Nikita Popov <npv1310@gmail.com>
+Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
+Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
+---
+ sysdeps/unix/sysv/linux/mq_notify.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
+index 6f46d29d1d..1714e1cc5f 100644
+--- a/sysdeps/unix/sysv/linux/mq_notify.c
++++ b/sysdeps/unix/sysv/linux/mq_notify.c
+@@ -132,7 +132,7 @@ helper_thread (void *arg)
+ to wait until it is done with it. */
+ (void) __pthread_barrier_wait (¬ify_barrier);
+ }
+- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
++ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED && data.attr != NULL)
+ {
+ /* The only state we keep is the copy of the thread attributes. */
+ pthread_attr_destroy (data.attr);
diff --git a/poky/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch b/poky/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
new file mode 100644
index 0000000..b654cdf
--- /dev/null
+++ b/poky/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
@@ -0,0 +1,147 @@
+From 4cc79c217744743077bf7a0ec5e0a4318f1e6641 Mon Sep 17 00:00:00 2001
+From: Nikita Popov <npv1310@gmail.com>
+Date: Thu, 12 Aug 2021 16:09:50 +0530
+Subject: [PATCH] librt: add test (bug 28213)
+
+This test implements following logic:
+1) Create POSIX message queue.
+ Register a notification with mq_notify (using NULL attributes).
+ Then immediately unregister the notification with mq_notify.
+ Helper thread in a vulnerable version of glibc
+ should cause NULL pointer dereference after these steps.
+2) Once again, register the same notification.
+ Try to send a dummy message.
+ Test is considered successfulif the dummy message
+ is successfully received by the callback function.
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641]
+CVE: CVE-2021-38604
+
+Signed-off-by: Nikita Popov <npv1310@gmail.com>
+Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
+Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
+---
+ rt/Makefile | 1 +
+ rt/tst-bz28213.c | 101 +++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 102 insertions(+)
+ create mode 100644 rt/tst-bz28213.c
+
+diff --git a/rt/Makefile b/rt/Makefile
+index 7b374f2073..c87d95793a 100644
+--- a/rt/Makefile
++++ b/rt/Makefile
+@@ -44,6 +44,7 @@ tests := tst-shm tst-timer tst-timer2 \
+ tst-aio7 tst-aio8 tst-aio9 tst-aio10 \
+ tst-mqueue1 tst-mqueue2 tst-mqueue3 tst-mqueue4 \
+ tst-mqueue5 tst-mqueue6 tst-mqueue7 tst-mqueue8 tst-mqueue9 \
++ tst-bz28213 \
+ tst-timer3 tst-timer4 tst-timer5 \
+ tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3 \
+ tst-shm-cancel
+diff --git a/rt/tst-bz28213.c b/rt/tst-bz28213.c
+new file mode 100644
+index 0000000000..0c096b5a0a
+--- /dev/null
++++ b/rt/tst-bz28213.c
+@@ -0,0 +1,101 @@
++/* Bug 28213: test for NULL pointer dereference in mq_notify.
++ Copyright (C) The GNU Toolchain Authors.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <https://www.gnu.org/licenses/>. */
++
++#include <errno.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <fcntl.h>
++#include <unistd.h>
++#include <mqueue.h>
++#include <signal.h>
++#include <stdlib.h>
++#include <string.h>
++#include <support/check.h>
++
++static mqd_t m = -1;
++static const char msg[] = "hello";
++
++static void
++check_bz28213_cb (union sigval sv)
++{
++ char buf[sizeof (msg)];
++
++ (void) sv;
++
++ TEST_VERIFY_EXIT ((size_t) mq_receive (m, buf, sizeof (buf), NULL)
++ == sizeof (buf));
++ TEST_VERIFY_EXIT (memcmp (buf, msg, sizeof (buf)) == 0);
++
++ exit (0);
++}
++
++static void
++check_bz28213 (void)
++{
++ struct sigevent sev;
++
++ memset (&sev, '\0', sizeof (sev));
++ sev.sigev_notify = SIGEV_THREAD;
++ sev.sigev_notify_function = check_bz28213_cb;
++
++ /* Step 1: Register & unregister notifier.
++ Helper thread should receive NOTIFY_REMOVED notification.
++ In a vulnerable version of glibc, NULL pointer dereference follows. */
++ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
++ TEST_VERIFY_EXIT (mq_notify (m, NULL) == 0);
++
++ /* Step 2: Once again, register notification.
++ Try to send one message.
++ Test is considered successful, if the callback does exit (0). */
++ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
++ TEST_VERIFY_EXIT (mq_send (m, msg, sizeof (msg), 1) == 0);
++
++ /* Wait... */
++ pause ();
++}
++
++static int
++do_test (void)
++{
++ static const char m_name[] = "/bz28213_queue";
++ struct mq_attr m_attr;
++
++ memset (&m_attr, '\0', sizeof (m_attr));
++ m_attr.mq_maxmsg = 1;
++ m_attr.mq_msgsize = sizeof (msg);
++
++ m = mq_open (m_name,
++ O_RDWR | O_CREAT | O_EXCL,
++ 0600,
++ &m_attr);
++
++ if (m < 0)
++ {
++ if (errno == ENOSYS)
++ FAIL_UNSUPPORTED ("POSIX message queues are not implemented\n");
++ FAIL_EXIT1 ("Failed to create POSIX message queue: %m\n");
++ }
++
++ TEST_VERIFY_EXIT (mq_unlink (m_name) == 0);
++
++ check_bz28213 ();
++
++ return 0;
++}
++
++#include <support/test-driver.c>
diff --git a/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch b/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
new file mode 100644
index 0000000..21f07ac
--- /dev/null
+++ b/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
@@ -0,0 +1,76 @@
+From 709674ec86c3c6da4f0995897f6b0205c16d049d Mon Sep 17 00:00:00 2001
+From: Andreas Schwab <schwab@linux-m68k.org>
+Date: Thu, 27 May 2021 12:49:47 +0200
+Subject: [PATCH] Use __pthread_attr_copy in mq_notify (bug 27896)
+
+Make a deep copy of the pthread attribute object to remove a potential
+use-after-free issue.
+
+Upstream-Status: Backport
+[https://sourceware.org/git/?p=glibc.git;a=commit;h=42d359350510506b87101cf77202fefcbfc790cb]
+
+CVE:
+CVE-2021-33574
+
+Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
+Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
+---
+ NEWS | 4 ++++
+ sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++-----
+ 2 files changed, 14 insertions(+), 5 deletions(-)
+
+diff --git a/NEWS b/NEWS
+index 71f5d20324..017d656433 100644
+--- a/NEWS
++++ b/NEWS
+@@ -118,6 +118,10 @@ Security related changes:
+ CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
+ invoked with EUC-KR input containing invalid multibyte input sequences.
+
++ CVE-2021-33574: The mq_notify function has a potential use-after-free
++ issue when using a notification type of SIGEV_THREAD and a thread
++ attribute with a non-default affinity mask.
++
+ The following bugs are resolved with this release:
+
+ [10635] libc: realpath portability patches
+diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
+index cc575a0cdd..f7ddfe5a6c 100644
+--- a/sysdeps/unix/sysv/linux/mq_notify.c
++++ b/sysdeps/unix/sysv/linux/mq_notify.c
+@@ -133,8 +133,11 @@ helper_thread (void *arg)
+ (void) __pthread_barrier_wait (¬ify_barrier);
+ }
+ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
+- /* The only state we keep is the copy of the thread attributes. */
+- free (data.attr);
++ {
++ /* The only state we keep is the copy of the thread attributes. */
++ pthread_attr_destroy (data.attr);
++ free (data.attr);
++ }
+ }
+ return NULL;
+ }
+@@ -255,8 +258,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
+ if (data.attr == NULL)
+ return -1;
+
+- memcpy (data.attr, notification->sigev_notify_attributes,
+- sizeof (pthread_attr_t));
++ __pthread_attr_copy (data.attr, notification->sigev_notify_attributes);
+ }
+
+ /* Construct the new request. */
+@@ -270,7 +272,10 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
+
+ /* If it failed, free the allocated memory. */
+ if (__glibc_unlikely (retval != 0))
+- free (data.attr);
++ {
++ pthread_attr_destroy (data.attr);
++ free (data.attr);
++ }
+
+ return retval;
+ }
diff --git a/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch b/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
new file mode 100644
index 0000000..befccd7
--- /dev/null
+++ b/poky/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
@@ -0,0 +1,61 @@
+From 217b6dc298156bdb0d6aea9ea93e7e394a5ff091 Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Tue, 1 Jun 2021 17:51:41 +0200
+Subject: [PATCH] Fix use of __pthread_attr_copy in mq_notify (bug 27896)
+
+__pthread_attr_copy can fail and does not initialize the attribute
+structure in that case.
+
+If __pthread_attr_copy is never called and there is no allocated
+attribute, pthread_attr_destroy should not be called, otherwise
+there is a null pointer dereference in rt/tst-mqueue6.
+
+Fixes commit 42d359350510506b87101cf77202fefcbfc790cb
+("Use __pthread_attr_copy in mq_notify (bug 27896)").
+
+Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
+
+Upstream-Status: Backport
+[https://sourceware.org/git/?p=glibc.git;a=commit;h=217b6dc298156bdb0d6aea9ea93e7e394a5ff091]
+
+CVE:
+CVE-2021-33574
+
+Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
+Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
+---
+ sysdeps/unix/sysv/linux/mq_notify.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
+index f7ddfe5a6c..6f46d29d1d 100644
+--- a/sysdeps/unix/sysv/linux/mq_notify.c
++++ b/sysdeps/unix/sysv/linux/mq_notify.c
+@@ -258,7 +258,14 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
+ if (data.attr == NULL)
+ return -1;
+
+- __pthread_attr_copy (data.attr, notification->sigev_notify_attributes);
++ int ret = __pthread_attr_copy (data.attr,
++ notification->sigev_notify_attributes);
++ if (ret != 0)
++ {
++ free (data.attr);
++ __set_errno (ret);
++ return -1;
++ }
+ }
+
+ /* Construct the new request. */
+@@ -271,7 +278,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
+ int retval = INLINE_SYSCALL (mq_notify, 2, mqdes, &se);
+
+ /* If it failed, free the allocated memory. */
+- if (__glibc_unlikely (retval != 0))
++ if (retval != 0 && data.attr != NULL)
+ {
+ pthread_attr_destroy (data.attr);
+ free (data.attr);
+--
+2.27.0
+
diff --git a/poky/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch b/poky/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
new file mode 100644
index 0000000..5cae1bc
--- /dev/null
+++ b/poky/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
@@ -0,0 +1,44 @@
+From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17 00:00:00 2001
+From: Andreas Schwab <schwab@linux-m68k.org>
+Date: Fri, 25 Jun 2021 15:02:47 +0200
+Subject: [PATCH] wordexp: handle overflow in positional parameter number (bug
+ 28011)
+
+Use strtoul instead of atoi so that overflow can be detected.
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c]
+CVE: CVE-2021-35942
+Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
+---
+ posix/wordexp-test.c | 1 +
+ posix/wordexp.c | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
+index f93a546d7e..9df02dbbb3 100644
+--- a/posix/wordexp-test.c
++++ b/posix/wordexp-test.c
+@@ -183,6 +183,7 @@ struct test_case_struct
+ { 0, NULL, "$var", 0, 0, { NULL, }, IFS },
+ { 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS },
+ { 0, NULL, "", 0, 0, { NULL, }, IFS },
++ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS },
+
+ /* Flags not already covered (testit() has special handling for these) */
+ { 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS },
+diff --git a/posix/wordexp.c b/posix/wordexp.c
+index bcbe96e48d..1f3b09f721 100644
+--- a/posix/wordexp.c
++++ b/posix/wordexp.c
+@@ -1399,7 +1399,7 @@ envsubst:
+ /* Is it a numeric parameter? */
+ else if (isdigit (env[0]))
+ {
+- int n = atoi (env);
++ unsigned long n = strtoul (env, NULL, 10);
+
+ if (n >= __libc_argc)
+ /* Substitute NULL. */
+--
+2.17.1
+
diff --git a/poky/meta/recipes-core/glibc/glibc_2.33.bb b/poky/meta/recipes-core/glibc/glibc_2.33.bb
index 75a1f36..57a60cb 100644
--- a/poky/meta/recipes-core/glibc/glibc_2.33.bb
+++ b/poky/meta/recipes-core/glibc/glibc_2.33.bb
@@ -61,6 +61,11 @@
file://0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch \
file://CVE-2021-27645.patch \
file://0001-nptl-Remove-private-futex-optimization-BZ-27304.patch \
+ file://CVE-2021-33574_1.patch \
+ file://CVE-2021-33574_2.patch \
+ file://CVE-2021-35942.patch \
+ file://0001-CVE-2021-38604.patch \
+ file://0002-CVE-2021-38604.patch \
"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build-${TARGET_SYS}"
diff --git a/poky/meta/recipes-core/initrdscripts/initramfs-framework/setup-live b/poky/meta/recipes-core/initrdscripts/initramfs-framework/setup-live
index 4c79f41..7e92f93 100644
--- a/poky/meta/recipes-core/initrdscripts/initramfs-framework/setup-live
+++ b/poky/meta/recipes-core/initrdscripts/initramfs-framework/setup-live
@@ -1,4 +1,4 @@
-#/bin/sh
+#!/bin/sh
# Copyright (C) 2011 O.S. Systems Software LTDA.
# Licensed on MIT
diff --git a/poky/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb b/poky/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
index c53a0c0..fe24215 100644
--- a/poky/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
+++ b/poky/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
@@ -31,7 +31,7 @@
install -m 0755 ${WORKDIR}/rootfs ${D}/init.d/90-rootfs
install -m 0755 ${WORKDIR}/finish ${D}/init.d/99-finish
- # exec
+ # exec
install -m 0755 ${WORKDIR}/exec ${D}/init.d/89-exec
# mdev
diff --git a/poky/meta/recipes-core/initscripts/initscripts_1.0.bb b/poky/meta/recipes-core/initscripts/initscripts_1.0.bb
index 5e994f2..65f9c0a 100644
--- a/poky/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/poky/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -106,7 +106,8 @@
install -m 0755 ${WORKDIR}/save-rtc.sh ${D}${sysconfdir}/init.d
install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/00_core
if [ ${@ oe.types.boolean('${VOLATILE_LOG_DIR}') } = True ]; then
- echo "l root root 0755 /var/log /var/volatile/log" >> ${D}${sysconfdir}/default/volatiles/00_core
+ sed -i -e '\@^d root root 0755 /var/volatile/log none$@ a\l root root 0755 /var/log /var/volatile/log' \
+ ${D}${sysconfdir}/default/volatiles/00_core
fi
install -m 0755 ${WORKDIR}/dmesg.sh ${D}${sysconfdir}/init.d
install -m 0644 ${WORKDIR}/logrotate-dmesg.conf ${D}${sysconfdir}/
diff --git a/poky/meta/recipes-core/netbase/netbase_6.2.bb b/poky/meta/recipes-core/netbase/netbase_6.2.bb
index a54d2e7..c016d32 100644
--- a/poky/meta/recipes-core/netbase/netbase_6.2.bb
+++ b/poky/meta/recipes-core/netbase/netbase_6.2.bb
@@ -6,11 +6,12 @@
LIC_FILES_CHKSUM = "file://debian/copyright;md5=3dd6192d306f582dee7687da3d8748ab"
PE = "1"
-SRC_URI = "${DEBIAN_MIRROR}/main/n/${BPN}/${BPN}_${PV}.tar.xz"
+SRC_URI = "git://salsa.debian.org/md/netbase.git;protocol=https"
+SRCREV = "1c892c96a078ef28ec1a94681b3a0da7a3d545f7"
inherit allarch
-SRC_URI[sha256sum] = "309a24146a06347d654b261e9e07a82fab844b173674a42e223803dd8258541e"
+S = "${WORKDIR}/git"
UPSTREAM_CHECK_URI = "${DEBIAN_MIRROR}/main/n/netbase/"
diff --git a/poky/meta/recipes-core/ovmf/ovmf/0001-Fix-VLA-parameter-warning.patch b/poky/meta/recipes-core/ovmf/ovmf/0001-Fix-VLA-parameter-warning.patch
new file mode 100644
index 0000000..d658123
--- /dev/null
+++ b/poky/meta/recipes-core/ovmf/ovmf/0001-Fix-VLA-parameter-warning.patch
@@ -0,0 +1,51 @@
+From 498627ebda6271b59920f43a0b9b6187edeb7b09 Mon Sep 17 00:00:00 2001
+From: Adrian Herrera <adr.her.arc.95@gmail.com>
+Date: Mon, 22 Mar 2021 21:06:47 +0000
+Subject: [PATCH] Fix VLA parameter warning
+
+Make VLA buffer types consistent in declarations and definitions.
+Resolves build crash when using -Werror due to "vla-parameter" warning.
+
+Upstream-Status: Submitted [https://github.com/google/brotli/pull/893]
+Signed-off-by: Adrian Herrera <adr.her.arc.95@gmail.com>
+---
+ c/dec/decode.c | 6 ++++--
+ c/enc/encode.c | 5 +++--
+ 2 files changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c b/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c
+index 114c505..bb6f1ab 100644
+--- a/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c
++++ b/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c
+@@ -2030,8 +2030,10 @@ static BROTLI_NOINLINE BrotliDecoderErrorCode SafeProcessCommands(
+ }
+
+ BrotliDecoderResult BrotliDecoderDecompress(
+- size_t encoded_size, const uint8_t* encoded_buffer, size_t* decoded_size,
+- uint8_t* decoded_buffer) {
++ size_t encoded_size,
++ const uint8_t encoded_buffer[BROTLI_ARRAY_PARAM(encoded_size)],
++ size_t* decoded_size,
++ uint8_t decoded_buffer[BROTLI_ARRAY_PARAM(*decoded_size)]) {
+ BrotliDecoderState s;
+ BrotliDecoderResult result;
+ size_t total_out = 0;
+diff --git a/c/enc/encode.c b/c/enc/encode.c
+index 68548ef..ab0a490 100644
+--- a/BaseTools/Source/C/BrotliCompress/brotli/c/enc/encode.c
++++ c/BaseTools/Source/C/BrotliCompress/brotli/c/enc/encode.c
+@@ -1470,8 +1470,9 @@ static size_t MakeUncompressedStream(
+
+ BROTLI_BOOL BrotliEncoderCompress(
+ int quality, int lgwin, BrotliEncoderMode mode, size_t input_size,
+- const uint8_t* input_buffer, size_t* encoded_size,
+- uint8_t* encoded_buffer) {
++ const uint8_t input_buffer[BROTLI_ARRAY_PARAM(input_size)],
++ size_t* encoded_size,
++ uint8_t encoded_buffer[BROTLI_ARRAY_PARAM(*encoded_size)]) {
+ BrotliEncoderState* s;
+ size_t out_size = *encoded_size;
+ const uint8_t* input_start = input_buffer;
+--
+2.31.1
+
diff --git a/poky/meta/recipes-core/ovmf/ovmf_git.bb b/poky/meta/recipes-core/ovmf/ovmf_git.bb
index 896b3b6..9a1bfbd 100644
--- a/poky/meta/recipes-core/ovmf/ovmf_git.bb
+++ b/poky/meta/recipes-core/ovmf/ovmf_git.bb
@@ -17,6 +17,7 @@
file://0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch \
file://0004-ovmf-Update-to-latest.patch \
file://zero.patch \
+ file://0001-Fix-VLA-parameter-warning.patch \
"
PV = "edk2-stable202102"
diff --git a/poky/meta/recipes-core/systemd/systemd/0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch b/poky/meta/recipes-core/systemd/systemd/0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch
new file mode 100644
index 0000000..ff877d9
--- /dev/null
+++ b/poky/meta/recipes-core/systemd/systemd/0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch
@@ -0,0 +1,172 @@
+From ac6c7f2d2389c5c0ae90554a58f1c75f60cc8e5a Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Jun 2021 00:48:23 +0900
+Subject: [PATCH] sd-dhcp-client: check error earlier and reduce indentation
+
+Upstream-Status: Backport
+CVE: CVE-2020-13529
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/libsystemd-network/sd-dhcp-client.c | 128 ++++++++++++------------
+ 1 file changed, 64 insertions(+), 64 deletions(-)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index d472fcd941..86bc3c6181 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1770,21 +1770,21 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ case DHCP_STATE_SELECTING:
+
+ r = client_handle_offer(client, message, len);
+- if (r >= 0) {
++ if (r == -ENOMSG)
++ return 0; /* invalid message, let's ignore it */
++ if (r < 0)
++ goto error;
+
+- client->state = DHCP_STATE_REQUESTING;
+- client->attempt = 0;
++ client->state = DHCP_STATE_REQUESTING;
++ client->attempt = 0;
+
+- r = event_reset_time(client->event, &client->timeout_resend,
+- clock_boottime_or_monotonic(),
+- 0, 0,
+- client_timeout_resend, client,
+- client->event_priority, "dhcp4-resend-timer", true);
+- if (r < 0)
+- goto error;
+- } else if (r == -ENOMSG)
+- /* invalid message, let's ignore it */
+- return 0;
++ r = event_reset_time(client->event, &client->timeout_resend,
++ clock_boottime_or_monotonic(),
++ 0, 0,
++ client_timeout_resend, client,
++ client->event_priority, "dhcp4-resend-timer", true);
++ if (r < 0)
++ goto error;
+
+ break;
+
+@@ -1794,47 +1794,9 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ case DHCP_STATE_REBINDING:
+
+ r = client_handle_ack(client, message, len);
+- if (r >= 0) {
+- client->start_delay = 0;
+- (void) event_source_disable(client->timeout_resend);
+- client->receive_message =
+- sd_event_source_unref(client->receive_message);
+- client->fd = safe_close(client->fd);
+-
+- if (IN_SET(client->state, DHCP_STATE_REQUESTING,
+- DHCP_STATE_REBOOTING))
+- notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
+- else if (r != SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
+- notify_event = r;
+-
+- client->state = DHCP_STATE_BOUND;
+- client->attempt = 0;
+-
+- client->last_addr = client->lease->address;
+-
+- r = client_set_lease_timeouts(client);
+- if (r < 0) {
+- log_dhcp_client(client, "could not set lease timeouts");
+- goto error;
+- }
+-
+- r = dhcp_network_bind_udp_socket(client->ifindex, client->lease->address, client->port, client->ip_service_type);
+- if (r < 0) {
+- log_dhcp_client(client, "could not bind UDP socket");
+- goto error;
+- }
+-
+- client->fd = r;
+-
+- client_initialize_io_events(client, client_receive_message_udp);
+-
+- if (notify_event) {
+- client_notify(client, notify_event);
+- if (client->state == DHCP_STATE_STOPPED)
+- return 0;
+- }
+-
+- } else if (r == -EADDRNOTAVAIL) {
++ if (r == -ENOMSG)
++ return 0; /* invalid message, let's ignore it */
++ if (r == -EADDRNOTAVAIL) {
+ /* got a NAK, let's restart the client */
+ client_notify(client, SD_DHCP_CLIENT_EVENT_EXPIRED);
+
+@@ -1853,21 +1815,59 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ RESTART_AFTER_NAK_MIN_USEC, RESTART_AFTER_NAK_MAX_USEC);
+
+ return 0;
+- } else if (r == -ENOMSG)
+- /* invalid message, let's ignore it */
+- return 0;
++ }
++ if (r < 0)
++ goto error;
++
++ client->start_delay = 0;
++ (void) event_source_disable(client->timeout_resend);
++ client->receive_message = sd_event_source_unref(client->receive_message);
++ client->fd = safe_close(client->fd);
++
++ if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
++ notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
++ else if (r != SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
++ notify_event = r;
++
++ client->state = DHCP_STATE_BOUND;
++ client->attempt = 0;
++
++ client->last_addr = client->lease->address;
++
++ r = client_set_lease_timeouts(client);
++ if (r < 0) {
++ log_dhcp_client(client, "could not set lease timeouts");
++ goto error;
++ }
++
++ r = dhcp_network_bind_udp_socket(client->ifindex, client->lease->address, client->port, client->ip_service_type);
++ if (r < 0) {
++ log_dhcp_client(client, "could not bind UDP socket");
++ goto error;
++ }
++
++ client->fd = r;
++
++ client_initialize_io_events(client, client_receive_message_udp);
++
++ if (notify_event) {
++ client_notify(client, notify_event);
++ if (client->state == DHCP_STATE_STOPPED)
++ return 0;
++ }
+
+ break;
+
+ case DHCP_STATE_BOUND:
+ r = client_handle_forcerenew(client, message, len);
+- if (r >= 0) {
+- r = client_timeout_t1(NULL, 0, client);
+- if (r < 0)
+- goto error;
+- } else if (r == -ENOMSG)
+- /* invalid message, let's ignore it */
+- return 0;
++ if (r == -ENOMSG)
++ return 0; /* invalid message, let's ignore it */
++ if (r < 0)
++ goto error;
++
++ r = client_timeout_t1(NULL, 0, client);
++ if (r < 0)
++ goto error;
+
+ break;
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0002-sd-dhcp-client-shorten-code-a-bit.patch b/poky/meta/recipes-core/systemd/systemd/0002-sd-dhcp-client-shorten-code-a-bit.patch
new file mode 100644
index 0000000..41d0c7b
--- /dev/null
+++ b/poky/meta/recipes-core/systemd/systemd/0002-sd-dhcp-client-shorten-code-a-bit.patch
@@ -0,0 +1,66 @@
+From 875f3773e383d99e7d43020f02acad7681a05914 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Jun 2021 00:51:52 +0900
+Subject: [PATCH] sd-dhcp-client: shorten code a bit
+
+Upstream-Status: Backport
+CVE: CVE-2020-13529
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/libsystemd-network/sd-dhcp-client.c | 13 ++++---------
+ 1 file changed, 4 insertions(+), 9 deletions(-)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index 86bc3c6181..ef3a7d2c6b 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1760,7 +1760,7 @@ static int client_set_lease_timeouts(sd_dhcp_client *client) {
+ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, int len) {
+ DHCP_CLIENT_DONT_DESTROY(client);
+ char time_string[FORMAT_TIMESPAN_MAX];
+- int r = 0, notify_event = 0;
++ int r, notify_event = 0;
+
+ assert(client);
+ assert(client->event);
+@@ -1783,9 +1783,6 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ 0, 0,
+ client_timeout_resend, client,
+ client->event_priority, "dhcp4-resend-timer", true);
+- if (r < 0)
+- goto error;
+-
+ break;
+
+ case DHCP_STATE_REBOOTING:
+@@ -1813,7 +1810,6 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+
+ client->start_delay = CLAMP(client->start_delay * 2,
+ RESTART_AFTER_NAK_MIN_USEC, RESTART_AFTER_NAK_MAX_USEC);
+-
+ return 0;
+ }
+ if (r < 0)
+@@ -1866,19 +1862,18 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ goto error;
+
+ r = client_timeout_t1(NULL, 0, client);
+- if (r < 0)
+- goto error;
+-
+ break;
+
+ case DHCP_STATE_INIT:
+ case DHCP_STATE_INIT_REBOOT:
+-
++ r = 0;
+ break;
+
+ case DHCP_STATE_STOPPED:
+ r = -EINVAL;
+ goto error;
++ default:
++ assert_not_reached("invalid state");
+ }
+
+ error:
diff --git a/poky/meta/recipes-core/systemd/systemd/0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch b/poky/meta/recipes-core/systemd/systemd/0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch
new file mode 100644
index 0000000..07c7da8
--- /dev/null
+++ b/poky/meta/recipes-core/systemd/systemd/0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch
@@ -0,0 +1,69 @@
+From 0ad3b0fffe622bffbe9f380c3e4cb99b0961bef5 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Jun 2021 01:14:12 +0900
+Subject: [PATCH] sd-dhcp-client: logs when dhcp client unexpectedly gains a
+ new lease
+
+Previously, such situation is handled silently.
+
+Upstream-Status: Backport
+CVE: CVE-2020-13529
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/libsystemd-network/sd-dhcp-client.c | 23 ++++++++++++-----------
+ 1 file changed, 12 insertions(+), 11 deletions(-)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index ef3a7d2c6b..04a75c6966 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1760,7 +1760,7 @@ static int client_set_lease_timeouts(sd_dhcp_client *client) {
+ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, int len) {
+ DHCP_CLIENT_DONT_DESTROY(client);
+ char time_string[FORMAT_TIMESPAN_MAX];
+- int r, notify_event = 0;
++ int r, notify_event;
+
+ assert(client);
+ assert(client->event);
+@@ -1815,16 +1815,16 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ if (r < 0)
+ goto error;
+
++ if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
++ notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
++ else
++ notify_event = r;
++
+ client->start_delay = 0;
+ (void) event_source_disable(client->timeout_resend);
+ client->receive_message = sd_event_source_unref(client->receive_message);
+ client->fd = safe_close(client->fd);
+
+- if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
+- notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
+- else if (r != SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
+- notify_event = r;
+-
+ client->state = DHCP_STATE_BOUND;
+ client->attempt = 0;
+
+@@ -1846,12 +1846,13 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+
+ client_initialize_io_events(client, client_receive_message_udp);
+
+- if (notify_event) {
++ if (IN_SET(client->state, DHCP_STATE_RENEWING, DHCP_STATE_REBINDING) &&
++ notify_event == SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
++ /* FIXME: hmm, maybe this is a bug... */
++ log_dhcp_client(client, "client_handle_ack() returned SD_DHCP_CLIENT_EVENT_IP_ACQUIRE while DHCP client is %s the address, skipping callback.",
++ client->state == DHCP_STATE_RENEWING ? "renewing" : "rebinding");
++ else
+ client_notify(client, notify_event);
+- if (client->state == DHCP_STATE_STOPPED)
+- return 0;
+- }
+-
+ break;
+
+ case DHCP_STATE_BOUND:
diff --git a/poky/meta/recipes-core/systemd/systemd/0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch b/poky/meta/recipes-core/systemd/systemd/0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch
new file mode 100644
index 0000000..c65fb45
--- /dev/null
+++ b/poky/meta/recipes-core/systemd/systemd/0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch
@@ -0,0 +1,42 @@
+From ae18277a6cfd04af8a914780f04a867254ab2341 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Jun 2021 01:22:07 +0900
+Subject: [PATCH] sd-dhcp-client: tentatively ignore FORCERENEW command
+
+This makes DHCP client ignore FORCERENEW requests, as unauthenticated
+FORCERENEW requests causes a security issue (TALOS-2020-1142, CVE-2020-13529).
+
+Let's re-enable this after RFC3118 (Authentication for DHCP Messages)
+and/or RFC6704 (Forcerenew Nonce Authentication) are implemented.
+
+Fixes #16774.
+
+Upstream-Status: Backport
+CVE: CVE-2020-13529
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/libsystemd-network/sd-dhcp-client.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index 04a75c6966..54eb3a2ab0 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1536,9 +1536,17 @@ static int client_handle_forcerenew(sd_dhcp_client *client, DHCPMessage *force,
+ if (r != DHCP_FORCERENEW)
+ return -ENOMSG;
+
++#if 0
+ log_dhcp_client(client, "FORCERENEW");
+
+ return 0;
++#else
++ /* FIXME: Ignore FORCERENEW requests until we implement RFC3118 (Authentication for DHCP
++ * Messages) and/or RFC6704 (Forcerenew Nonce Authentication), as unauthenticated FORCERENEW
++ * requests causes a security issue (TALOS-2020-1142, CVE-2020-13529). */
++ log_dhcp_client(client, "Received FORCERENEW, ignoring.");
++ return -ENOMSG;
++#endif
+ }
+
+ static bool lease_equal(const sd_dhcp_lease *a, const sd_dhcp_lease *b) {
diff --git a/poky/meta/recipes-core/systemd/systemd_247.6.bb b/poky/meta/recipes-core/systemd/systemd_247.6.bb
index 32afa15..f1db1e9 100644
--- a/poky/meta/recipes-core/systemd/systemd_247.6.bb
+++ b/poky/meta/recipes-core/systemd/systemd_247.6.bb
@@ -27,6 +27,10 @@
file://0001-logind-Restore-chvt-as-non-root-user-without-polkit.patch \
file://0027-proc-dont-trigger-mount-error-with-invalid-options-o.patch \
file://0001-analyze-resolve-executable-path-if-it-is-relative.patch \
+ file://0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch \
+ file://0002-sd-dhcp-client-shorten-code-a-bit.patch \
+ file://0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch \
+ file://0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch \
"
# patches needed by musl
diff --git a/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb b/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
index 75632d9..da71667 100644
--- a/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
+++ b/poky/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
@@ -7,7 +7,7 @@
LIC_FILES_CHKSUM = "file://update-rc.d;beginline=5;endline=15;md5=d40a07c27f535425934bb5001f2037d9"
SRC_URI = "git://git.yoctoproject.org/update-rc.d"
-SRCREV = "4b150b25b38de688d25cde2b2d22c268ed65a748"
+SRCREV = "8636cf478d426b568c1be11dbd9346f67e03adac"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/poky/meta/recipes-core/util-linux/util-linux.inc b/poky/meta/recipes-core/util-linux/util-linux.inc
index 6b47f41..b21d6d4 100644
--- a/poky/meta/recipes-core/util-linux/util-linux.inc
+++ b/poky/meta/recipes-core/util-linux/util-linux.inc
@@ -36,5 +36,6 @@
file://display_testname_for_subtest.patch \
file://avoid_parallel_tests.patch \
file://Automake-use-EXTRA_LTLIBRARIES-instead-of-noinst_LTL.patch \
+ file://CVE-2021-37600.patch \
"
SRC_URI[sha256sum] = "f7516ba9d8689343594356f0e5e1a5f0da34adfbc89023437735872bb5024c5f"
diff --git a/poky/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch b/poky/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
new file mode 100644
index 0000000..11934ee
--- /dev/null
+++ b/poky/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
@@ -0,0 +1,38 @@
+From 1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Tue, 27 Jul 2021 11:58:31 +0200
+Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64
+ nmembs
+
+Fix: https://github.com/karelzak/util-linux/issues/1395
+Signed-off-by: Karel Zak <kzak@redhat.com>
+
+CVE: CVE-2021-37600
+
+after version 2.37.1
+https://github.com/karelzak/util-linux.git 1c9143d0c1d...
+unmodified
+
+Upstream-Status: Backport
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+---
+ sys-utils/ipcutils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c
+index e784c4d..18868cf 100644
+--- a/sys-utils/ipcutils.c
++++ b/sys-utils/ipcutils.c
+@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p)
+ {
+ size_t i;
+
+- if (!p || !p->sem_nsems || p->sem_perm.id < 0)
++ if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0)
+ return;
+
+ p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem));
+--
+2.7.4
+
diff --git a/poky/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb b/poky/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
index e043380..7480aff 100644
--- a/poky/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
+++ b/poky/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
@@ -33,8 +33,8 @@
do_install_append_class-nativesdk() {
create_wrapper ${D}/${bindir}/createrepo_c \
RPM_CONFIGDIR=${SDKPATHNATIVE}${libdir_nativesdk}/rpm \
- MAGIC=${SDKPATHNATIVE}${datadir}/misc/magic.mgc
+ MAGIC=${datadir}/misc/magic.mgc
create_wrapper ${D}/${bindir}/modifyrepo_c \
- MAGIC=${SDKPATHNATIVE}${datadir}/misc/magic.mgc
+ MAGIC=${datadir}/misc/magic.mgc
rm -rf ${D}/etc
}
diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/big-inodes-for-small-fs.patch b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/big-inodes-for-small-fs.patch
new file mode 100644
index 0000000..caeb560
--- /dev/null
+++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs/big-inodes-for-small-fs.patch
@@ -0,0 +1,22 @@
+Ensure "small" file systems also have the default inode size (256 bytes) so that
+can store 64-bit timestamps and work past 2038.
+
+The "small" type is any size >3MB and <512MB, which covers a lot of relatively
+small filesystems built by OE, especially when they're sized to fit the contents
+and expand to the storage on boot.
+
+Upstream-Status: Inappropriate
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+diff --git a/misc/mke2fs.conf.in b/misc/mke2fs.conf.in
+index 01e35cf8..29f41dc0 100644
+--- a/misc/mke2fs.conf.in
++++ b/misc/mke2fs.conf.in
+@@ -16,7 +16,6 @@
+ }
+ small = {
+ blocksize = 1024
+- inode_size = 128
+ inode_ratio = 4096
+ }
+ floppy = {
diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb
index be8b67c..ddc9bfe 100644
--- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb
+++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb
@@ -8,6 +8,7 @@
SRC_URI_append_class-native = " file://e2fsprogs-fix-missing-check-for-permission-denied.patch \
file://quiet-debugfs.patch \
+ file://big-inodes-for-small-fs.patch \
"
diff --git a/poky/meta/recipes-devtools/go/go-1.16.5.inc b/poky/meta/recipes-devtools/go/go-1.16.7.inc
similarity index 81%
rename from poky/meta/recipes-devtools/go/go-1.16.5.inc
rename to poky/meta/recipes-devtools/go/go-1.16.7.inc
index bd928e4..ed2d946 100644
--- a/poky/meta/recipes-devtools/go/go-1.16.5.inc
+++ b/poky/meta/recipes-devtools/go/go-1.16.7.inc
@@ -1,7 +1,7 @@
require go-common.inc
GO_BASEVERSION = "1.16"
-PV = "1.16.5"
+PV = "1.16.7"
FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
@@ -16,5 +16,6 @@
file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
+ file://0001-encoding-xml-handle-leading-trailing-or-double-colon.patch \
"
-SRC_URI[main.sha256sum] = "7bfa7e5908c7cc9e75da5ddf3066d7cbcf3fd9fa51945851325eebc17f50ba80"
+SRC_URI[main.sha256sum] = "1a9f2894d3d878729f7045072f30becebe243524cf2fce4e0a7b248b1e0654ac"
diff --git a/poky/meta/recipes-devtools/go/go-1.16/0001-encoding-xml-handle-leading-trailing-or-double-colon.patch b/poky/meta/recipes-devtools/go/go-1.16/0001-encoding-xml-handle-leading-trailing-or-double-colon.patch
new file mode 100644
index 0000000..3c47157
--- /dev/null
+++ b/poky/meta/recipes-devtools/go/go-1.16/0001-encoding-xml-handle-leading-trailing-or-double-colon.patch
@@ -0,0 +1,123 @@
+From 4d014e723165f28b34458edb4aa9136e0fb4c702 Mon Sep 17 00:00:00 2001
+From: Filippo Valsorda <filippo@golang.org>
+Date: Tue, 27 Oct 2020 00:17:15 +0100
+Subject: [PATCH] encoding/xml: handle leading, trailing, or double colons in
+ names
+
+Before this change, <:name> would parse as <name>, which could cause
+issues in applications that rely on the parse-encode cycle to
+round-trip. Similarly, <x name:=""> would parse as expected but then
+have the attribute dropped when serializing because its name was empty.
+Finally, <a:b:c> would parse and get serialized incorrectly. All these
+values are invalid XML, but to minimize the impact of this change, we
+parse them whole into Name.Local.
+
+This issue was reported by Juho Nurminen of Mattermost as it leads to
+round-trip mismatches. See #43168. It's not being fixed in a security
+release because round-trip stability is not a currently supported
+security property of encoding/xml, and we don't believe these fixes
+would be sufficient to reliably guarantee it in the future.
+
+Fixes CVE-2020-29509
+Fixes CVE-2020-29511
+Updates #43168
+
+Change-Id: I68321c4d867305046f664347192948a889af3c7f
+Reviewed-on: https://go-review.googlesource.com/c/go/+/277892
+Run-TryBot: Filippo Valsorda <filippo@golang.org>
+TryBot-Result: Go Bot <gobot@golang.org>
+Trust: Filippo Valsorda <filippo@golang.org>
+Reviewed-by: Katie Hockman <katie@golang.org>
+
+CVE: CVE-2020-29509 CVE-2020-29511
+Upstream-Status: Backport [4d014e723165f28b34458edb4aa9136e0fb4c702]
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ src/encoding/xml/xml.go | 5 ++--
+ src/encoding/xml/xml_test.go | 56 ++++++++++++++++++++++++++++++++++++
+ 2 files changed, 59 insertions(+), 2 deletions(-)
+
+diff --git a/src/encoding/xml/xml.go b/src/encoding/xml/xml.go
+index 384d6ad4b8..c902f1295a 100644
+--- a/src/encoding/xml/xml.go
++++ b/src/encoding/xml/xml.go
+@@ -1156,8 +1156,9 @@ func (d *Decoder) nsname() (name Name, ok bool) {
+ if !ok {
+ return
+ }
+- i := strings.Index(s, ":")
+- if i < 0 {
++ if strings.Count(s, ":") > 1 {
++ name.Local = s
++ } else if i := strings.Index(s, ":"); i < 1 || i > len(s)-2 {
+ name.Local = s
+ } else {
+ name.Space = s[0:i]
+diff --git a/src/encoding/xml/xml_test.go b/src/encoding/xml/xml_test.go
+index 5a10f5309d..47d0c39167 100644
+--- a/src/encoding/xml/xml_test.go
++++ b/src/encoding/xml/xml_test.go
+@@ -1003,3 +1003,59 @@ func TestTokenUnmarshaler(t *testing.T) {
+ d := NewTokenDecoder(tokReader{})
+ d.Decode(&Failure{})
+ }
++
++func testRoundTrip(t *testing.T, input string) {
++ d := NewDecoder(strings.NewReader(input))
++ var tokens []Token
++ var buf bytes.Buffer
++ e := NewEncoder(&buf)
++ for {
++ tok, err := d.Token()
++ if err == io.EOF {
++ break
++ }
++ if err != nil {
++ t.Fatalf("invalid input: %v", err)
++ }
++ if err := e.EncodeToken(tok); err != nil {
++ t.Fatalf("failed to re-encode input: %v", err)
++ }
++ tokens = append(tokens, CopyToken(tok))
++ }
++ if err := e.Flush(); err != nil {
++ t.Fatal(err)
++ }
++
++ d = NewDecoder(&buf)
++ for {
++ tok, err := d.Token()
++ if err == io.EOF {
++ break
++ }
++ if err != nil {
++ t.Fatalf("failed to decode output: %v", err)
++ }
++ if len(tokens) == 0 {
++ t.Fatalf("unexpected token: %#v", tok)
++ }
++ a, b := tokens[0], tok
++ if !reflect.DeepEqual(a, b) {
++ t.Fatalf("token mismatch: %#v vs %#v", a, b)
++ }
++ tokens = tokens[1:]
++ }
++ if len(tokens) > 0 {
++ t.Fatalf("lost tokens: %#v", tokens)
++ }
++}
++
++func TestRoundTrip(t *testing.T) {
++ tests := map[string]string{
++ "leading colon": `<::Test ::foo="bar"><:::Hello></:::Hello><Hello></Hello></::Test>`,
++ "trailing colon": `<foo abc:="x"></foo>`,
++ "double colon": `<x:y:foo></x:y:foo>`,
++ }
++ for name, input := range tests {
++ t.Run(name, func(t *testing.T) { testRoundTrip(t, input) })
++ }
++}
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.16.5.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.16.7.bb
similarity index 83%
rename from poky/meta/recipes-devtools/go/go-binary-native_1.16.5.bb
rename to poky/meta/recipes-devtools/go/go-binary-native_1.16.7.bb
index b3e2b6a..cb54c28 100644
--- a/poky/meta/recipes-devtools/go/go-binary-native_1.16.5.bb
+++ b/poky/meta/recipes-devtools/go/go-binary-native_1.16.7.bb
@@ -8,8 +8,8 @@
PROVIDES = "go-native"
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "b12c23023b68de22f74c0524f10b753e7b08b1504cb7e417eccebdd3fae49061"
-SRC_URI[go_linux_arm64.sha256sum] = "d5446b46ef6f36fdffa852f73dfbbe78c1ddf010b99fa4964944b9ae8b4d6799"
+SRC_URI[go_linux_amd64.sha256sum] = "7fe7a73f55ba3e2285da36f8b085e5c0159e9564ef5f63ee0ed6b818ade8ef04"
+SRC_URI[go_linux_arm64.sha256sum] = "63d6b53ecbd2b05c1f0e9903c92042663f2f68afdbb67f4d0d12700156869bac"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.16.5.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.16.7.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-cross-canadian_1.16.5.bb
rename to poky/meta/recipes-devtools/go/go-cross-canadian_1.16.7.bb
diff --git a/poky/meta/recipes-devtools/go/go-cross_1.16.5.bb b/poky/meta/recipes-devtools/go/go-cross_1.16.7.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-cross_1.16.5.bb
rename to poky/meta/recipes-devtools/go/go-cross_1.16.7.bb
diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.16.5.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.16.7.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-crosssdk_1.16.5.bb
rename to poky/meta/recipes-devtools/go/go-crosssdk_1.16.7.bb
diff --git a/poky/meta/recipes-devtools/go/go-native_1.16.5.bb b/poky/meta/recipes-devtools/go/go-native_1.16.7.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-native_1.16.5.bb
rename to poky/meta/recipes-devtools/go/go-native_1.16.7.bb
diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.16.5.bb b/poky/meta/recipes-devtools/go/go-runtime_1.16.7.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-runtime_1.16.5.bb
rename to poky/meta/recipes-devtools/go/go-runtime_1.16.7.bb
diff --git a/poky/meta/recipes-devtools/go/go_1.16.5.bb b/poky/meta/recipes-devtools/go/go_1.16.7.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go_1.16.5.bb
rename to poky/meta/recipes-devtools/go/go_1.16.7.bb
diff --git a/poky/meta/recipes-devtools/pseudo/pseudo.inc b/poky/meta/recipes-devtools/pseudo/pseudo.inc
index 65d6e50..e6512bc 100644
--- a/poky/meta/recipes-devtools/pseudo/pseudo.inc
+++ b/poky/meta/recipes-devtools/pseudo/pseudo.inc
@@ -112,6 +112,19 @@
fi
}
+do_compile_append_class-native () {
+ if [ '${@bb.data.inherits_class('uninative', d)}' = 'True' ]; then
+ for i in PSEUDO_PORT_UNIX_SYNCFS PSEUDO_PORT_UIDS_GENERIC PSEUDO_PORT_LINUX_NEWCLONE PSEUDO_PORT_LINUX_XATTR PSEUDO_PORT_LINUX_STATVFS; do
+ grep $i.1 ${S}/pseudo_ports.h
+ if [ $? != 0 ]; then
+ echo "$i not enabled in pseudo which is incompatible with uninative"
+ exit 1
+ fi
+ done
+ fi
+}
+
+
do_install () {
oe_runmake 'DESTDIR=${D}' ${MAKEOPTS} 'LIB=lib/pseudo/lib$(MARK64)' install
}
diff --git a/poky/meta/recipes-devtools/pseudo/pseudo_git.bb b/poky/meta/recipes-devtools/pseudo/pseudo_git.bb
index 4eab133..0ba460f 100644
--- a/poky/meta/recipes-devtools/pseudo/pseudo_git.bb
+++ b/poky/meta/recipes-devtools/pseudo/pseudo_git.bb
@@ -6,7 +6,7 @@
file://fallback-group \
"
-SRCREV = "ee24ebec9e5a11dd5208c9be2870f35eab3b9e20"
+SRCREV = "b988b0a6b8afd8d459bc9a2528e834f63a3d59b2"
S = "${WORKDIR}/git"
PV = "1.9.0+git${SRCPV}"
diff --git a/poky/meta/recipes-devtools/python/python3-pip/0001-Don-t-split-git-references-on-unicode-separators.patch b/poky/meta/recipes-devtools/python/python3-pip/0001-Don-t-split-git-references-on-unicode-separators.patch
new file mode 100644
index 0000000..f853536
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3-pip/0001-Don-t-split-git-references-on-unicode-separators.patch
@@ -0,0 +1,40 @@
+From 25c1b92b1add0b81afe2fc6f9e82f66738a2d800 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <trevor.gamblin@windriver.com>
+Date: Thu, 22 Jul 2021 09:57:53 -0400
+Subject: [PATCH] Don't split git references on unicode separators
+
+Upstream-Status: Backport
+(https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b)
+
+CVE: CVE-2021-3572
+
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+---
+ src/pip/_internal/vcs/git.py | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/src/pip/_internal/vcs/git.py b/src/pip/_internal/vcs/git.py
+index 7483303a9..d706064e7 100644
+--- a/src/pip/_internal/vcs/git.py
++++ b/src/pip/_internal/vcs/git.py
+@@ -137,9 +137,15 @@ class Git(VersionControl):
+ output = cls.run_command(['show-ref', rev], cwd=dest,
+ show_stdout=False, on_returncode='ignore')
+ refs = {}
+- for line in output.strip().splitlines():
++ # NOTE: We do not use splitlines here since that would split on other
++ # unicode separators, which can be maliciously used to install a
++ # different revision.
++ for line in output.strip().split("\n"):
++ line = line.rstrip("\r")
++ if not line:
++ continue
+ try:
+- sha, ref = line.split()
++ sha, ref = line.split(" ", maxsplit=2)
+ except ValueError:
+ # Include the offending line to simplify troubleshooting if
+ # this error ever occurs.
+--
+2.31.1
+
diff --git a/poky/meta/recipes-devtools/python/python3-pip_20.0.2.bb b/poky/meta/recipes-devtools/python/python3-pip_20.0.2.bb
index 99eeea2..9242d0e 100644
--- a/poky/meta/recipes-devtools/python/python3-pip_20.0.2.bb
+++ b/poky/meta/recipes-devtools/python/python3-pip_20.0.2.bb
@@ -6,7 +6,9 @@
DEPENDS += "python3 python3-setuptools-native"
-SRC_URI += "file://0001-change-shebang-to-python3.patch"
+SRC_URI += "file://0001-change-shebang-to-python3.patch \
+ file://0001-Don-t-split-git-references-on-unicode-separators.patch \
+ "
SRC_URI[md5sum] = "7d42ba49b809604f0df3d55df1c3fd86"
SRC_URI[sha256sum] = "7db0c8ea4c7ea51c8049640e8e6e7fde949de672bfa4949920675563a5a6967f"
diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc
index 3921546..c3eecea 100644
--- a/poky/meta/recipes-devtools/qemu/qemu.inc
+++ b/poky/meta/recipes-devtools/qemu/qemu.inc
@@ -57,6 +57,18 @@
file://CVE-2020-27821.patch \
file://CVE-2021-20263.patch \
file://CVE-2021-3392.patch \
+ file://0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch \
+ file://0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch \
+ file://0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch \
+ file://0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch \
+ file://0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch \
+ file://0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch \
+ file://0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch \
+ file://CVE-2021-3527-1.patch \
+ file://CVE-2021-3527-2.patch \
+ file://CVE-2021-3582.patch \
+ file://CVE-2021-3607.patch \
+ file://CVE-2021-3608.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/poky/meta/recipes-devtools/qemu/qemu/0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch b/poky/meta/recipes-devtools/qemu/qemu/0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch
new file mode 100644
index 0000000..981c237
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch
@@ -0,0 +1,43 @@
+CVE: CVE-2021-3545
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 121841b25d72d13f8cad554363138c360f1250ea Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:03:56 -0700
+Subject: [PATCH 1/7] vhost-user-gpu: fix memory disclosure in
+ virgl_cmd_get_capset_info (CVE-2021-3545)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Otherwise some of the 'resp' will be leaked to guest.
+
+Fixes: CVE-2021-3545
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 42a8dadc74 ("virtio-gpu: fix information leak
+in getting capset info dispatch")
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-2-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/virgl.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c
+index 9e6660c7ab..6a332d601f 100644
+--- a/contrib/vhost-user-gpu/virgl.c
++++ b/contrib/vhost-user-gpu/virgl.c
+@@ -128,6 +128,7 @@ virgl_cmd_get_capset_info(VuGpu *g,
+
+ VUGPU_FILL_CMD(info);
+
++ memset(&resp, 0, sizeof(resp));
+ if (info.capset_index == 0) {
+ resp.capset_id = VIRTIO_GPU_CAPSET_VIRGL;
+ virgl_renderer_get_cap_set(resp.capset_id,
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch b/poky/meta/recipes-devtools/qemu/qemu/0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch
new file mode 100644
index 0000000..a9aee47
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch
@@ -0,0 +1,41 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 86dd8fac2acc366930a5dc08d3fb1b1e816f4e1e Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:03:57 -0700
+Subject: [PATCH 2/7] vhost-user-gpu: fix resource leak in
+ 'vg_resource_create_2d' (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Call 'vugbm_buffer_destroy' in error path to avoid resource leak.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-3-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/vhost-user-gpu.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/contrib/vhost-user-gpu/vhost-user-gpu.c b/contrib/vhost-user-gpu/vhost-user-gpu.c
+index f73f292c9f..b5e153d0d6 100644
+--- a/contrib/vhost-user-gpu/vhost-user-gpu.c
++++ b/contrib/vhost-user-gpu/vhost-user-gpu.c
+@@ -349,6 +349,7 @@ vg_resource_create_2d(VuGpu *g,
+ g_critical("%s: resource creation failed %d %d %d",
+ __func__, c2d.resource_id, c2d.width, c2d.height);
+ g_free(res);
++ vugbm_buffer_destroy(&res->buffer);
+ cmd->error = VIRTIO_GPU_RESP_ERR_OUT_OF_MEMORY;
+ return;
+ }
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch b/poky/meta/recipes-devtools/qemu/qemu/0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch
new file mode 100644
index 0000000..1718486
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch
@@ -0,0 +1,48 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From b9f79858a614d95f5de875d0ca31096eaab72c3b Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:03:58 -0700
+Subject: [PATCH 3/7] vhost-user-gpu: fix memory leak in
+ vg_resource_attach_backing (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Check whether the 'res' has already been attach_backing to avoid
+memory leak.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 204f01b309 ("virtio-gpu: fix memory leak
+in resource attach backing")
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-4-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/vhost-user-gpu.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/contrib/vhost-user-gpu/vhost-user-gpu.c b/contrib/vhost-user-gpu/vhost-user-gpu.c
+index b5e153d0d6..0437e52b64 100644
+--- a/contrib/vhost-user-gpu/vhost-user-gpu.c
++++ b/contrib/vhost-user-gpu/vhost-user-gpu.c
+@@ -489,6 +489,11 @@ vg_resource_attach_backing(VuGpu *g,
+ return;
+ }
+
++ if (res->iov) {
++ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
++ return;
++ }
++
+ ret = vg_create_mapping_iov(g, &ab, cmd, &res->iov);
+ if (ret != 0) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch b/poky/meta/recipes-devtools/qemu/qemu/0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch
new file mode 100644
index 0000000..9fc2faf
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch
@@ -0,0 +1,50 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From b7afebcf9e6ecf3cf9b5a9b9b731ed04bca6aa3e Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:03:59 -0700
+Subject: [PATCH 4/7] vhost-user-gpu: fix memory leak while calling
+ 'vg_resource_unref' (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If the guest trigger following sequences, the attach_backing will be leaked:
+
+ vg_resource_create_2d
+ vg_resource_attach_backing
+ vg_resource_unref
+
+This patch fix this by freeing 'res->iov' in vg_resource_destroy.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 5e8e3c4c75 ("virtio-gpu: fix resource leak
+in virgl_cmd_resource_unref")
+
+Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-5-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/vhost-user-gpu.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/contrib/vhost-user-gpu/vhost-user-gpu.c b/contrib/vhost-user-gpu/vhost-user-gpu.c
+index 0437e52b64..770dfad529 100644
+--- a/contrib/vhost-user-gpu/vhost-user-gpu.c
++++ b/contrib/vhost-user-gpu/vhost-user-gpu.c
+@@ -400,6 +400,7 @@ vg_resource_destroy(VuGpu *g,
+ }
+
+ vugbm_buffer_destroy(&res->buffer);
++ g_free(res->iov);
+ pixman_image_unref(res->image);
+ QTAILQ_REMOVE(&g->reslist, res, next);
+ g_free(res);
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch b/poky/meta/recipes-devtools/qemu/qemu/0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch
new file mode 100644
index 0000000..e70f3c0
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch
@@ -0,0 +1,58 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From f6091d86ba9ea05f4e111b9b42ee0005c37a6779 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:04:00 -0700
+Subject: [PATCH 5/7] vhost-user-gpu: fix memory leak in
+ 'virgl_cmd_resource_unref' (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The 'res->iov' will be leaked if the guest trigger following sequences:
+
+ virgl_cmd_create_resource_2d
+ virgl_resource_attach_backing
+ virgl_cmd_resource_unref
+
+This patch fixes this.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 5e8e3c4c75 ("virtio-gpu: fix resource leak
+in virgl_cmd_resource_unref"
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-6-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/virgl.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c
+index 6a332d601f..c669d73a1d 100644
+--- a/contrib/vhost-user-gpu/virgl.c
++++ b/contrib/vhost-user-gpu/virgl.c
+@@ -108,9 +108,16 @@ virgl_cmd_resource_unref(VuGpu *g,
+ struct virtio_gpu_ctrl_command *cmd)
+ {
+ struct virtio_gpu_resource_unref unref;
++ struct iovec *res_iovs = NULL;
++ int num_iovs = 0;
+
+ VUGPU_FILL_CMD(unref);
+
++ virgl_renderer_resource_detach_iov(unref.resource_id,
++ &res_iovs,
++ &num_iovs);
++ g_free(res_iovs);
++
+ virgl_renderer_resource_unref(unref.resource_id);
+ }
+
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch b/poky/meta/recipes-devtools/qemu/qemu/0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch
new file mode 100644
index 0000000..5efb87c
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch
@@ -0,0 +1,49 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 63736af5a6571d9def93769431e0d7e38c6677bf Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:04:01 -0700
+Subject: [PATCH 6/7] vhost-user-gpu: fix memory leak in
+ 'virgl_resource_attach_backing' (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If 'virgl_renderer_resource_attach_iov' failed, the 'res_iovs' will
+be leaked.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 33243031da ("virtio-gpu-3d: fix memory leak
+in resource attach backing")
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-7-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/virgl.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c
+index c669d73a1d..a16a311d80 100644
+--- a/contrib/vhost-user-gpu/virgl.c
++++ b/contrib/vhost-user-gpu/virgl.c
+@@ -287,8 +287,11 @@ virgl_resource_attach_backing(VuGpu *g,
+ return;
+ }
+
+- virgl_renderer_resource_attach_iov(att_rb.resource_id,
++ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id,
+ res_iovs, att_rb.nr_entries);
++ if (ret != 0) {
++ g_free(res_iovs);
++ }
+ }
+
+ static void
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch b/poky/meta/recipes-devtools/qemu/qemu/0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch
new file mode 100644
index 0000000..33e6a66
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch
@@ -0,0 +1,49 @@
+CVE: CVE-2021-3546
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 9f22893adcb02580aee5968f32baa2cd109b3ec2 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:04:02 -0700
+Subject: [PATCH 7/7] vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset'
+ (CVE-2021-3546)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If 'virgl_cmd_get_capset' set 'max_size' to 0,
+the 'virgl_renderer_fill_caps' will write the data after the 'resp'.
+This patch avoid this by checking the returned 'max_size'.
+
+virtio-gpu fix: abd7f08b23 ("display: virtio-gpu-3d: check
+virgl capabilities max_size")
+
+Fixes: CVE-2021-3546
+Reported-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-8-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/virgl.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c
+index a16a311d80..7172104b19 100644
+--- a/contrib/vhost-user-gpu/virgl.c
++++ b/contrib/vhost-user-gpu/virgl.c
+@@ -177,6 +177,10 @@ virgl_cmd_get_capset(VuGpu *g,
+
+ virgl_renderer_get_cap_set(gc.capset_id, &max_ver,
+ &max_size);
++ if (!max_size) {
++ cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER;
++ return;
++ }
+ resp = g_malloc0(sizeof(*resp) + max_size);
+
+ resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET;
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch
new file mode 100644
index 0000000..77a5385
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch
@@ -0,0 +1,42 @@
+From 05a40b172e4d691371534828078be47e7fff524c Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Mon, 3 May 2021 15:29:15 +0200
+Subject: [PATCH] usb: limit combined packets to 1 MiB (CVE-2021-3527)
+
+usb-host and usb-redirect try to batch bulk transfers by combining many
+small usb packets into a single, large transfer request, to reduce the
+overhead and improve performance.
+
+This patch adds a size limit of 1 MiB for those combined packets to
+restrict the host resources the guest can bind that way.
+
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Message-Id: <20210503132915.2335822-6-kraxel@redhat.com>
+
+Upstream-Status: Backport
+https://gitlab.com/qemu-project/qemu/-/commit/05a40b172e4d691371534828078be47e7fff524c
+CVE: CVE-2021-3527
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ hw/usb/combined-packet.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/hw/usb/combined-packet.c b/hw/usb/combined-packet.c
+index 5d57e883dc..e56802f89a 100644
+--- a/hw/usb/combined-packet.c
++++ b/hw/usb/combined-packet.c
+@@ -171,7 +171,9 @@ void usb_ep_combine_input_packets(USBEndpoint *ep)
+ if ((p->iov.size % ep->max_packet_size) != 0 || !p->short_not_ok ||
+ next == NULL ||
+ /* Work around for Linux usbfs bulk splitting + migration */
+- (totalsize == (16 * KiB - 36) && p->int_req)) {
++ (totalsize == (16 * KiB - 36) && p->int_req) ||
++ /* Next package may grow combined package over 1MiB */
++ totalsize > 1 * MiB - ep->max_packet_size) {
+ usb_device_handle_data(ep->dev, first);
+ assert(first->status == USB_RET_ASYNC);
+ if (first->combined) {
+--
+GitLab
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch
new file mode 100644
index 0000000..6371ace
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch
@@ -0,0 +1,59 @@
+From 7ec54f9eb62b5d177e30eb8b1cad795a5f8d8986 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Mon, 3 May 2021 15:29:12 +0200
+Subject: [PATCH] usb/redir: avoid dynamic stack allocation (CVE-2021-3527)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Use autofree heap allocation instead.
+
+Fixes: 4f4321c11ff ("usb: use iovecs in USBPacket")
+Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Message-Id: <20210503132915.2335822-3-kraxel@redhat.com>
+
+Upstream-Status: Backport
+https://gitlab.com/qemu-project/qemu/-/commit/7ec54f9eb62b5d177e30eb8b1cad795a5f8d8986
+CVE: CVE-2021-3527
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ hw/usb/redirect.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
+index 17f06f3417..6a75b0dc4a 100644
+--- a/hw/usb/redirect.c
++++ b/hw/usb/redirect.c
+@@ -620,7 +620,7 @@ static void usbredir_handle_iso_data(USBRedirDevice *dev, USBPacket *p,
+ .endpoint = ep,
+ .length = p->iov.size
+ };
+- uint8_t buf[p->iov.size];
++ g_autofree uint8_t *buf = g_malloc(p->iov.size);
+ /* No id, we look at the ep when receiving a status back */
+ usb_packet_copy(p, buf, p->iov.size);
+ usbredirparser_send_iso_packet(dev->parser, 0, &iso_packet,
+@@ -818,7 +818,7 @@ static void usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p,
+ usbredirparser_send_bulk_packet(dev->parser, p->id,
+ &bulk_packet, NULL, 0);
+ } else {
+- uint8_t buf[size];
++ g_autofree uint8_t *buf = g_malloc(size);
+ usb_packet_copy(p, buf, size);
+ usbredir_log_data(dev, "bulk data out:", buf, size);
+ usbredirparser_send_bulk_packet(dev->parser, p->id,
+@@ -923,7 +923,7 @@ static void usbredir_handle_interrupt_out_data(USBRedirDevice *dev,
+ USBPacket *p, uint8_t ep)
+ {
+ struct usb_redir_interrupt_packet_header interrupt_packet;
+- uint8_t buf[p->iov.size];
++ g_autofree uint8_t *buf = g_malloc(p->iov.size);
+
+ DPRINTF("interrupt-out ep %02X len %zd id %"PRIu64"\n", ep,
+ p->iov.size, p->id);
+--
+GitLab
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch
new file mode 100644
index 0000000..7a88e29
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch
@@ -0,0 +1,47 @@
+From 284f191b4abad213aed04cb0458e1600fd18d7c4 Mon Sep 17 00:00:00 2001
+From: Marcel Apfelbaum <marcel@redhat.com>
+Date: Wed, 16 Jun 2021 14:06:00 +0300
+Subject: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device
+ (CVE-2021-3582)
+
+Ensure mremap boundaries not trusting the guest kernel to
+pass the correct buffer length.
+
+Fixes: CVE-2021-3582
+Reported-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Tested-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
+Message-Id: <20210616110600.20889-1-marcel.apfelbaum@gmail.com>
+Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+
+CVE: CVE-2021-3582
+Upstream-Status: Backport [284f191b4abad213aed04cb0458e1600fd18d7c4]
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/rdma/vmw/pvrdma_cmd.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/hw/rdma/vmw/pvrdma_cmd.c b/hw/rdma/vmw/pvrdma_cmd.c
+index f59879e257..da7ddfa548 100644
+--- a/hw/rdma/vmw/pvrdma_cmd.c
++++ b/hw/rdma/vmw/pvrdma_cmd.c
+@@ -38,6 +38,13 @@ static void *pvrdma_map_to_pdir(PCIDevice *pdev, uint64_t pdir_dma,
+ return NULL;
+ }
+
++ length = ROUND_UP(length, TARGET_PAGE_SIZE);
++ if (nchunks * TARGET_PAGE_SIZE != length) {
++ rdma_error_report("Invalid nchunks/length (%u, %lu)", nchunks,
++ (unsigned long)length);
++ return NULL;
++ }
++
+ dir = rdma_pci_dma_map(pdev, pdir_dma, TARGET_PAGE_SIZE);
+ if (!dir) {
+ rdma_error_report("Failed to map to page directory");
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch
new file mode 100644
index 0000000..0547c74
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch
@@ -0,0 +1,43 @@
+From 32e5703cfea07c91e6e84bcb0313f633bb146534 Mon Sep 17 00:00:00 2001
+From: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+Date: Wed, 30 Jun 2021 14:46:34 +0300
+Subject: [PATCH] pvrdma: Ensure correct input on ring init (CVE-2021-3607)
+
+Check the guest passed a non zero page count
+for pvrdma device ring buffers.
+
+Fixes: CVE-2021-3607
+Reported-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Reviewed-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
+Message-Id: <20210630114634.2168872-1-marcel@redhat.com>
+Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+
+CVE: CVE-2021-3607
+Upstream-Status: Backport [32e5703cfea07c91e6e84bcb0313f633bb146534]
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/rdma/vmw/pvrdma_main.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c
+index 84ae8024fc..7c0c3551a8 100644
+--- a/hw/rdma/vmw/pvrdma_main.c
++++ b/hw/rdma/vmw/pvrdma_main.c
+@@ -92,6 +92,11 @@ static int init_dev_ring(PvrdmaRing *ring, PvrdmaRingState **ring_state,
+ uint64_t *dir, *tbl;
+ int rc = 0;
+
++ if (!num_pages) {
++ rdma_error_report("Ring pages count must be strictly positive");
++ return -EINVAL;
++ }
++
+ dir = rdma_pci_dma_map(pci_dev, dir_addr, TARGET_PAGE_SIZE);
+ if (!dir) {
+ rdma_error_report("Failed to map to page directory (ring %s)", name);
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch
new file mode 100644
index 0000000..22d68b0
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch
@@ -0,0 +1,43 @@
+From 66ae37d8cc313f89272e711174a846a229bcdbd3 Mon Sep 17 00:00:00 2001
+From: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+Date: Wed, 30 Jun 2021 14:52:46 +0300
+Subject: [PATCH] pvrdma: Fix the ring init error flow (CVE-2021-3608)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Do not unmap uninitialized dma addresses.
+
+Fixes: CVE-2021-3608
+Reviewed-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Tested-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
+Message-Id: <20210630115246.2178219-1-marcel@redhat.com>
+Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+
+CVE: CVE-2021-3608
+Upstream-Status: Backport [66ae37d8cc313f89272e711174a846a229bcdbd3]
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/rdma/vmw/pvrdma_dev_ring.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/rdma/vmw/pvrdma_dev_ring.c b/hw/rdma/vmw/pvrdma_dev_ring.c
+index 074ac59b84..42130667a7 100644
+--- a/hw/rdma/vmw/pvrdma_dev_ring.c
++++ b/hw/rdma/vmw/pvrdma_dev_ring.c
+@@ -41,7 +41,7 @@ int pvrdma_ring_init(PvrdmaRing *ring, const char *name, PCIDevice *dev,
+ qatomic_set(&ring->ring_state->cons_head, 0);
+ */
+ ring->npages = npages;
+- ring->pages = g_malloc(npages * sizeof(void *));
++ ring->pages = g_malloc0(npages * sizeof(void *));
+
+ for (i = 0; i < npages; i++) {
+ if (!tbl[i]) {
+--
+2.25.1
+
diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all
index d6a85c4..0427790 100644
--- a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all
+++ b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all
@@ -1,2 +1,3 @@
drd/tests/bar_bad
drd/tests/bar_bad_xml
+none/tests/amd64/fb_test_amd64
diff --git a/poky/meta/recipes-extended/parted/files/check-vfat.patch b/poky/meta/recipes-extended/parted/files/check-vfat.patch
new file mode 100644
index 0000000..c64130a
--- /dev/null
+++ b/poky/meta/recipes-extended/parted/files/check-vfat.patch
@@ -0,0 +1,51 @@
+Add checks for both mkfs.vfat and the vfat file system in the kernel before
+running tests.
+
+Upstream-Status: Pending
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+diff --git a/tests/t-lib-helpers.sh b/tests/t-lib-helpers.sh
+index 4c6c75f..2cc7577 100644
+--- a/tests/t-lib-helpers.sh
++++ b/tests/t-lib-helpers.sh
+@@ -418,3 +418,13 @@ require_64bit_()
+ ;;
+ esac
+ }
++
++# Check if the specified filesystem is either built into the kernel, or can be loaded
++# as a module
++# Usage: has_filesystem vfat
++# Ruturns 0 if the filesystem is available, otherwise skips the test
++require_filesystem_()
++{
++ grep -q $1 /proc/filesystems && return 0
++ modprobe --quiet --dry-run $1 || skip_ "this test requires kernel support for $1"
++}
+diff --git a/tests/t1100-busy-label.sh b/tests/t1100-busy-label.sh
+index f1a13df..0f47b08 100755
+--- a/tests/t1100-busy-label.sh
++++ b/tests/t1100-busy-label.sh
+@@ -19,6 +19,9 @@
+ . "${srcdir=.}/init.sh"; path_prepend_ ../parted
+ require_root_
+ require_scsi_debug_module_
++require_fat_
++require_filesystem_ vfat
++
+ ss=$sector_size_
+
+ scsi_debug_setup_ sector_size=$ss dev_size_mb=90 > dev-name ||
+diff --git a/tests/t1101-busy-partition.sh b/tests/t1101-busy-partition.sh
+index e35e6f0..c813848 100755
+--- a/tests/t1101-busy-partition.sh
++++ b/tests/t1101-busy-partition.sh
+@@ -22,6 +22,8 @@ test "$VERBOSE" = yes && parted --version
+
+ require_root_
+ require_scsi_debug_module_
++require_fat_
++require_filesystem_ vfat
+
+ # create memory-backed device
+ scsi_debug_setup_ dev_size_mb=80 > dev-name ||
diff --git a/poky/meta/recipes-extended/parted/files/run-ptest b/poky/meta/recipes-extended/parted/files/run-ptest
index 374f1bf..c3d6fca 100644
--- a/poky/meta/recipes-extended/parted/files/run-ptest
+++ b/poky/meta/recipes-extended/parted/files/run-ptest
@@ -2,6 +2,6 @@
mkdir -p /etc/udev/mount.blacklist.d
echo /dev/sda1 >> /etc/udev/mount.blacklist.d/parted-tmp
-rm -f *.log
+rm -f tests/*.log
make -C tests test-suite.log
rm /etc/udev/mount.blacklist.d/parted-tmp
diff --git a/poky/meta/recipes-extended/parted/parted_3.4.bb b/poky/meta/recipes-extended/parted/parted_3.4.bb
index c15f5ae..4260f3a 100644
--- a/poky/meta/recipes-extended/parted/parted_3.4.bb
+++ b/poky/meta/recipes-extended/parted/parted_3.4.bb
@@ -11,6 +11,7 @@
file://fix-doc-mandir.patch \
file://0002-libparted_fs_resize-link-against-libuuid-explicitly-.patch \
file://run-ptest \
+ file://check-vfat.patch \
"
SRC_URI[md5sum] = "357d19387c6e7bc4a8a90fe2d015fe80"
@@ -35,10 +36,13 @@
cp ${S}/build-aux/test-driver $t/build-aux/
cp -r ${S}/tests $t
cp ${B}/tests/Makefile $t/tests/
+ mkdir $t/lib
+ cp ${B}/lib/config.h $t/lib
sed -i "s|^VERSION.*|VERSION = ${PV}|g" $t/tests/Makefile
sed -i "s|^srcdir =.*|srcdir = \.|g" $t/tests/Makefile
sed -i "s|^abs_srcdir =.*|abs_srcdir = \.|g" $t/tests/Makefile
- sed -i "s|^abs_top_srcdir =.*|abs_top_srcdir = \.\.|g" $t/tests/Makefile
+ sed -i "s|^abs_top_srcdir =.*|abs_top_srcdir = "${PTEST_PATH}"|g" $t/tests/Makefile
+ sed -i "s|^abs_top_builddir =.*|abs_top_builddir = "${PTEST_PATH}"|g" $t/tests/Makefile
sed -i "s|^Makefile:.*|Makefile:|g" $t/tests/Makefile
sed -i "/^BUILDINFO.*$/d" $t/tests/Makefile
for i in print-align print-max print-flags dup-clobber duplicate fs-resize; \
@@ -47,8 +51,8 @@
sed -e 's| ../parted||' -i $t/tests/*.sh
}
-RDEPENDS_${PN}-ptest = "bash coreutils perl util-linux-losetup python3 make gawk e2fsprogs-mke2fs python3-core"
-RRECOMMENDS_${PN}-ptest = "kernel-module-scsi-debug"
+RDEPENDS_${PN}-ptest = "bash coreutils perl util-linux-losetup util-linux-mkswap python3 make gawk e2fsprogs-mke2fs e2fsprogs-tune2fs python3-core dosfstools"
+RRECOMMENDS_${PN}-ptest += "kernel-module-scsi-debug kernel-module-loop kernel-module-vfat"
RDEPENDS_${PN}-ptest_append_libc-glibc = "\
glibc-utils \
locale-base-en-us \
diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng/no_daddr_t.patch b/poky/meta/recipes-extended/stress-ng/stress-ng/no_daddr_t.patch
deleted file mode 100644
index dba4494..0000000
--- a/poky/meta/recipes-extended/stress-ng/stress-ng/no_daddr_t.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 55e11765af2bdc8adfac87dab1fb2682f7e6c236 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 9 Jun 2020 22:10:28 -0700
-Subject: [PATCH] Define daddr_t if __DADDR_T_TYPE is not defined
-
-glibc defined daddr_t but musl does not, ideally it should not be used
-and simple int type is enough. However, its better to leave glibc behavior
-as it is and only define it to int if daddr_t is not provided by libc
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
----
- stress-ng.h | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/stress-ng.h b/stress-ng.h
-index 1a66293..802dc25 100644
---- a/stress-ng.h
-+++ b/stress-ng.h
-@@ -3763,6 +3763,10 @@ struct shim_statx {
- uint64_t __spare2[14];
- };
-
-+#ifndef __DADDR_T_TYPE
-+typedef int daddr_t;
-+#endif
-+
- /* old ustat struct */
- struct shim_ustat {
- #if defined(HAVE_DADDR_T)
diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb b/poky/meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb
index eb6bdb4..3770ba9 100644
--- a/poky/meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb
+++ b/poky/meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb
@@ -7,7 +7,6 @@
SRC_URI = "https://kernel.ubuntu.com/~cking/tarballs/${BPN}/${BP}.tar.xz \
file://0001-Do-not-preserve-ownership-when-installing-example-jo.patch \
- file://no_daddr_t.patch \
"
SRC_URI[sha256sum] = "af7779aee38e6d94726ed7d5cf36384a64d50c86e42fff89c141d8609913f425"
@@ -24,4 +23,3 @@
oe_runmake DESTDIR=${D} install
ln -s stress-ng ${D}${bindir}/stress
}
-
diff --git a/poky/meta/recipes-extended/tar/tar_1.34.bb b/poky/meta/recipes-extended/tar/tar_1.34.bb
index af04919..66c11cb 100644
--- a/poky/meta/recipes-extended/tar/tar_1.34.bb
+++ b/poky/meta/recipes-extended/tar/tar_1.34.bb
@@ -61,3 +61,6 @@
NATIVE_PACKAGE_PATH_SUFFIX = "/${PN}"
BBCLASSEXTEND = "native nativesdk"
+
+# These are both specific to the NPM package node-tar
+CVE_CHECK_WHITELIST += "CVE-2021-32803 CVE-2021-32804"
diff --git a/poky/meta/recipes-extended/zstd/zstd_1.4.9.bb b/poky/meta/recipes-extended/zstd/zstd_1.4.9.bb
index b86fdf8..44224ec 100644
--- a/poky/meta/recipes-extended/zstd/zstd_1.4.9.bb
+++ b/poky/meta/recipes-extended/zstd/zstd_1.4.9.bb
@@ -16,6 +16,8 @@
SRCREV = "e4558ffd1dc49399faf4ee5d85abed4386b4dcf5"
UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"
+CVE_PRODUCT = "zstandard"
+
S = "${WORKDIR}/git"
PACKAGECONFIG ??= ""
diff --git a/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb b/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
index ebac8d3..3b884f0 100644
--- a/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
+++ b/poky/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
@@ -6,7 +6,7 @@
HOMEPAGE = "https://wiki.gnome.org/action/show/Projects/GObjectIntrospection"
BUGTRACKER = "https://gitlab.gnome.org/GNOME/gobject-introspection/issues"
SECTION = "libs"
-LICENSE = "LGPLv2+ & GPLv2+"
+LICENSE = "LGPLv2+ & GPLv2+ & MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=c434e8128a68bedd59b80b2ac1eb1c4a \
file://tools/compiler.c;endline=20;md5=fc5007fc20022720e6c0b0cdde41fabd \
file://giscanner/sourcescanner.c;endline=22;md5=194d6e0c1d00662f32d030ce44de8d39 \
diff --git a/poky/meta/recipes-graphics/glew/glew/0001-Fix-build-race-in-Makefile.patch b/poky/meta/recipes-graphics/glew/glew/0001-Fix-build-race-in-Makefile.patch
new file mode 100644
index 0000000..7edcfe8
--- /dev/null
+++ b/poky/meta/recipes-graphics/glew/glew/0001-Fix-build-race-in-Makefile.patch
@@ -0,0 +1,56 @@
+Upstream-Status: Submitted [https://github.com/nigels-com/glew/pull/311]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 0ce0a85597db48a2fca619bd95e34af091e54ae8 Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@arm.com>
+Date: Thu, 22 Jul 2021 16:31:11 +0100
+Subject: [PATCH] Fix build race in Makefile
+
+The current rule for the binaries is:
+
+glew.bin: glew.lib bin bin/$(GLEWINFO.BIN) bin/$(VISUALINFO.BIN)
+
+In parallel builds, all of those targets happen at the same time. This
+means that 'bin' can happen *after* 'bin/$(GLEWINFO.BIN)', which is a
+problem as the 'bin' target's responsibility is to create the directory
+that the other target writes into.
+
+Solve this by not having a separate 'create directory' target which is
+fundamentally racy, and simply mkdir in each target which writes into it.
+---
+ Makefile | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index d0e4614..04af44c 100644
+--- a/Makefile
++++ b/Makefile
+@@ -171,21 +171,20 @@ VISUALINFO.BIN.OBJ := $(VISUALINFO.BIN.OBJ:.c=.o)
+ # Don't build glewinfo or visualinfo for NaCL, yet.
+
+ ifneq ($(filter nacl%,$(SYSTEM)),)
+-glew.bin: glew.lib bin
++glew.bin: glew.lib
+ else
+-glew.bin: glew.lib bin bin/$(GLEWINFO.BIN) bin/$(VISUALINFO.BIN)
++glew.bin: glew.lib bin/$(GLEWINFO.BIN) bin/$(VISUALINFO.BIN)
+ endif
+
+-bin:
+- mkdir bin
+-
+ bin/$(GLEWINFO.BIN): $(GLEWINFO.BIN.OBJ) $(LIB.SHARED.DIR)/$(LIB.SHARED)
++ @mkdir -p $(dir $@)
+ $(CC) $(CFLAGS) -o $@ $(GLEWINFO.BIN.OBJ) $(BIN.LIBS)
+ ifneq ($(STRIP),)
+ $(STRIP) -x $@
+ endif
+
+ bin/$(VISUALINFO.BIN): $(VISUALINFO.BIN.OBJ) $(LIB.SHARED.DIR)/$(LIB.SHARED)
++ @mkdir -p $(dir $@)
+ $(CC) $(CFLAGS) -o $@ $(VISUALINFO.BIN.OBJ) $(BIN.LIBS)
+ ifneq ($(STRIP),)
+ $(STRIP) -x $@
+--
+2.25.1
+
diff --git a/poky/meta/recipes-graphics/glew/glew_2.2.0.bb b/poky/meta/recipes-graphics/glew/glew_2.2.0.bb
index 8948444..92b6083 100644
--- a/poky/meta/recipes-graphics/glew/glew_2.2.0.bb
+++ b/poky/meta/recipes-graphics/glew/glew_2.2.0.bb
@@ -6,6 +6,7 @@
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=2ac251558de685c6b9478d89be3149c2"
SRC_URI = "${SOURCEFORGE_MIRROR}/project/glew/glew/${PV}/glew-${PV}.tgz \
+ file://0001-Fix-build-race-in-Makefile.patch \
file://no-strip.patch"
SRC_URI[md5sum] = "3579164bccaef09e36c0af7f4fd5c7c7"
diff --git a/poky/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb b/poky/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
index 5a3bb22..00dd680 100644
--- a/poky/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
+++ b/poky/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
@@ -31,5 +31,7 @@
# ld: pixman/libpixman-mmx.a(pixman-mmx.c.o):
# linking mips:loongson_2f module with previous mips:isa64 modules
EXTRA_OEMESON += "-Dloongson-mmi=disabled"
+# disable iwmmxt due to compile fails on most arm platforms.
+EXTRA_OEMESON += "-Diwmmxt=disabled"
BBCLASSEXTEND = "native nativesdk"
diff --git a/poky/meta/recipes-kernel/kmod/kmod_git.bb b/poky/meta/recipes-kernel/kmod/kmod_git.bb
index 4f2b037..f6fe049 100644
--- a/poky/meta/recipes-kernel/kmod/kmod_git.bb
+++ b/poky/meta/recipes-kernel/kmod/kmod_git.bb
@@ -24,13 +24,13 @@
lnr ${D}${base_bindir}/kmod ${D}${base_sbindir}/${tool}
done
# configuration directories
- install -dm755 ${D}${base_libdir}/depmod.d
- install -dm755 ${D}${base_libdir}/modprobe.d
+ install -dm755 ${D}${nonarch_base_libdir}/depmod.d
+ install -dm755 ${D}${nonarch_base_libdir}/modprobe.d
install -dm755 ${D}${sysconfdir}/depmod.d
install -dm755 ${D}${sysconfdir}/modprobe.d
# install depmod.d file for search/ dir
- install -Dm644 "${WORKDIR}/depmod-search.conf" "${D}${base_libdir}/depmod.d/search.conf"
+ install -Dm644 "${WORKDIR}/depmod-search.conf" "${D}${nonarch_base_libdir}/depmod.d/search.conf"
}
do_compile_prepend() {
@@ -57,6 +57,6 @@
PACKAGES =+ "libkmod"
FILES_libkmod = "${base_libdir}/libkmod*${SOLIBS} ${libdir}/libkmod*${SOLIBS}"
-FILES_${PN} += "${base_libdir}/depmod.d ${base_libdir}/modprobe.d"
+FILES_${PN} += "${nonarch_base_libdir}/depmod.d ${nonarch_base_libdir}/modprobe.d"
BBCLASSEXTEND = "nativesdk"
diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb
index 26091fb..5139329 100644
--- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb
+++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb
@@ -303,8 +303,11 @@
${PN}-qat ${PN}-qat-license \
${PN}-qcom-license \
${PN}-qcom-venus-1.8 ${PN}-qcom-venus-4.2 ${PN}-qcom-venus-5.2 ${PN}-qcom-venus-5.4 \
- ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a530 ${PN}-qcom-adreno-a630 \
+ ${PN}-qcom-vpu-1.0 ${PN}-qcom-vpu-2.0 \
+ ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a530 \
+ ${PN}-qcom-adreno-a630 ${PN}-qcom-adreno-a650 ${PN}-qcom-adreno-a660 \
${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \
+ ${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \
${PN}-amlogic-vdec-license ${PN}-amlogic-vdec \
${PN}-lt9611uxc ${PN}-lontium-license \
${PN}-whence-license \
@@ -952,22 +955,34 @@
FILES_${PN}-qcom-venus-4.2 = "${nonarch_base_libdir}/firmware/qcom/venus-4.2/*"
FILES_${PN}-qcom-venus-5.2 = "${nonarch_base_libdir}/firmware/qcom/venus-5.2/*"
FILES_${PN}-qcom-venus-5.4 = "${nonarch_base_libdir}/firmware/qcom/venus-5.4/*"
+FILES_${PN}-qcom-vpu-1.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-1.0/*"
+FILES_${PN}-qcom-vpu-2.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-2.0/*"
FILES_${PN}-qcom-adreno-a3xx = "${nonarch_base_libdir}/firmware/qcom/a300_*.fw ${nonarch_base_libdir}/firmware/a300_*.fw"
FILES_${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.*"
FILES_${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*"
+FILES_${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.* ${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*"
+FILES_${PN}-qcom-adreno-a660 = "${nonarch_base_libdir}/firmware/qcom/a660*.*"
FILES_${PN}-qcom-sdm845-audio = "${nonarch_base_libdir}/firmware/qcom/sdm845/adsp*.*"
FILES_${PN}-qcom-sdm845-compute = "${nonarch_base_libdir}/firmware/qcom/sdm845/cdsp*.*"
FILES_${PN}-qcom-sdm845-modem = "${nonarch_base_libdir}/firmware/qcom/sdm845/mba.mbn ${nonarch_base_libdir}/firmware/qcom/sdm845/modem*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/wlanmdsp.mbn"
+FILES_${PN}-qcom-sm8250-audio = "${nonarch_base_libdir}/firmware/qcom/sm8250/adsp*.*"
+FILES_${PN}-qcom-sm8250-compute = "${nonarch_base_libdir}/firmware/qcom/sm8250/cdsp*.*"
RDEPENDS_${PN}-qcom-venus-1.8 = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-venus-4.2 = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-venus-5.2 = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-venus-5.4 = "${PN}-qcom-license"
+RDEPENDS_${PN}-qcom-vpu-1.0 = "${PN}-qcom-license"
+RDEPENDS_${PN}-qcom-vpu-2.0 = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-adreno-a3xx = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-adreno-a530 = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-adreno-a630 = "${PN}-qcom-license"
+RDEPENDS_${PN}-qcom-adreno-a650 = "${PN}-qcom-license"
+RDEPENDS_${PN}-qcom-adreno-a660 = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-sdm845-audio = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-sdm845-compute = "${PN}-qcom-license"
RDEPENDS_${PN}-qcom-sdm845-modem = "${PN}-qcom-license"
+RDEPENDS_${PN}-qcom-sm8250-audio = "${PN}-qcom-license"
+RDEPENDS_${PN}-qcom-sm8250-compute = "${PN}-qcom-license"
FILES_${PN}-liquidio = "${nonarch_base_libdir}/firmware/liquidio"
diff --git a/poky/meta/recipes-kernel/linux/kernel-devsrc.bb b/poky/meta/recipes-kernel/linux/kernel-devsrc.bb
index 92076ac..a5eba7c 100644
--- a/poky/meta/recipes-kernel/linux/kernel-devsrc.bb
+++ b/poky/meta/recipes-kernel/linux/kernel-devsrc.bb
@@ -218,10 +218,10 @@
if [ "${ARCH}" = "x86" ]; then
# files for 'make prepare' to succeed with kernel-devel
- cp -a --parents $(find arch/x86 -type f -name "syscall_32.tbl") $kerneldir/build/
- cp -a --parents $(find arch/x86 -type f -name "syscalltbl.sh") $kerneldir/build/
- cp -a --parents $(find arch/x86 -type f -name "syscallhdr.sh") $kerneldir/build/
- cp -a --parents $(find arch/x86 -type f -name "syscall_64.tbl") $kerneldir/build/
+ cp -a --parents $(find arch/x86 -type f -name "syscall_32.tbl") $kerneldir/build/ 2>/dev/null || :
+ cp -a --parents $(find arch/x86 -type f -name "syscalltbl.sh") $kerneldir/build/ 2>/dev/null || :
+ cp -a --parents $(find arch/x86 -type f -name "syscallhdr.sh") $kerneldir/build/ 2>/dev/null || :
+ cp -a --parents $(find arch/x86 -type f -name "syscall_64.tbl") $kerneldir/build/ 2>/dev/null || :
cp -a --parents arch/x86/tools/relocs_32.c $kerneldir/build/
cp -a --parents arch/x86/tools/relocs_64.c $kerneldir/build/
cp -a --parents arch/x86/tools/relocs.c $kerneldir/build/
@@ -320,7 +320,7 @@
# 4.15+ needs these next two RDEPENDS
RDEPENDS_${PN} += "openssl-dev util-linux"
# and x86 needs a bit more for 4.15+
-RDEPENDS_${PN} += "${@bb.utils.contains('ARCH', 'x86', 'elfutils', '', d)}"
+RDEPENDS_${PN} += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-dev', '', d)}"
# 5.8+ needs gcc-plugins libmpc-dev
RDEPENDS_${PN} += "gcc-plugins libmpc-dev"
# 5.13+ needs awk for arm64
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
index e0d8280..351970c 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
@@ -11,13 +11,13 @@
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "42032770803ba26765376967cef09945f48abe04"
-SRCREV_meta ?= "82899c6a7119b9668be9ae508159f5ac96554cc2"
+SRCREV_machine ?= "9ad4f13ee44c39e890638d8a2157adcf830fc7bc"
+SRCREV_meta ?= "22257690910a1befc2ed8a98ef218bd0c5cfd844"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.10.47"
+LINUX_VERSION ?= "5.10.57"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 7a42675..e810132 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "c86c4081f4764f57bbb26df8a9202c01799c3771"
-SRCREV_meta ?= "c5e5dc4e13bd4882a8ed96b8026e6fd268b68f8a"
+SRCREV_machine ?= "0ad6f2204daf35fb25df5e9b52383507df813bb4"
+SRCREV_meta ?= "98ba88191b7c489bc0d83b6c87a31b2330fcd886"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.4.129"
+LINUX_VERSION ?= "5.4.139"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
index 6b71573..b035ed3 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
@@ -6,7 +6,7 @@
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.10.47"
+LINUX_VERSION ?= "5.10.57"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "eaad1adbc817d996edf44fdd520da4810e57e66d"
-SRCREV_machine ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_meta ?= "82899c6a7119b9668be9ae508159f5ac96554cc2"
+SRCREV_machine_qemuarm ?= "60d8a10a1e8acdabbd61f3705b67b2112e7866e0"
+SRCREV_machine ?= "df4ea731a9dc6e1076f3e2935d6689668d8f58ac"
+SRCREV_meta ?= "22257690910a1befc2ed8a98ef218bd0c5cfd844"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 5d487ac..c734ce8 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.4.129"
+LINUX_VERSION ?= "5.4.139"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "ca636d1a2ccbb2626c4eacbdb0da2c30654b108c"
-SRCREV_machine ?= "d46f8ecb3f81bdba8131b90dc90174ecb36a1b78"
-SRCREV_meta ?= "c5e5dc4e13bd4882a8ed96b8026e6fd268b68f8a"
+SRCREV_machine_qemuarm ?= "a80ea6be16b19c18855f831333c93d4f3b55e58a"
+SRCREV_machine ?= "405fce9e3f0314767e38b5e8295b34a24cd97a46"
+SRCREV_meta ?= "98ba88191b7c489bc0d83b6c87a31b2330fcd886"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto.inc b/poky/meta/recipes-kernel/linux/linux-yocto.inc
index a852809..eb3081e 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto.inc
+++ b/poky/meta/recipes-kernel/linux/linux-yocto.inc
@@ -34,6 +34,7 @@
KERNEL_FEATURES_append_qemuall=" features/debug/printk.scc"
KERNEL_FEATURES_append = " ${@bb.utils.contains('MACHINE_FEATURES', 'numa', 'features/numa/numa.scc', '', d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains('MACHINE_FEATURES', 'vfat', 'cfg/fs/vfat.scc', '', d)}"
# A KMACHINE is the mapping of a yocto $MACHINE to what is built
# by the kernel. This is typically the branch that should be built,
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb
index 0315808..05cfa54 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.10.bb
@@ -13,17 +13,17 @@
KBRANCH_qemux86-64 ?= "v5.10/standard/base"
KBRANCH_qemumips64 ?= "v5.10/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "8950bba5dc5b6139af3711cf82b6c35ea3ef873f"
-SRCREV_machine_qemuarm64 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_machine_qemumips ?= "271e6f3b206246da2937788d83c3b4e57cb33da0"
-SRCREV_machine_qemuppc ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_machine_qemuriscv64 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_machine_qemuriscv32 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_machine_qemux86 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_machine_qemux86-64 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_machine_qemumips64 ?= "1112c8f8594df02dd6f2bd1cf13848536ca3f536"
-SRCREV_machine ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_meta ?= "82899c6a7119b9668be9ae508159f5ac96554cc2"
+SRCREV_machine_qemuarm ?= "21075c593dd7a09fc2e0fe4c1f751999fee1127a"
+SRCREV_machine_qemuarm64 ?= "e32f43fed15419c8461207c4d2b76879920d5928"
+SRCREV_machine_qemumips ?= "127501aba35af6e38f50ecd814da4416f361fd84"
+SRCREV_machine_qemuppc ?= "219057449c55acde1060af4b63c2d1ba5ec19978"
+SRCREV_machine_qemuriscv64 ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
+SRCREV_machine_qemuriscv32 ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
+SRCREV_machine_qemux86 ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
+SRCREV_machine_qemux86-64 ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
+SRCREV_machine_qemumips64 ?= "dd28c0cc8a79329b8b724821e7c09b210a2e2948"
+SRCREV_machine ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
+SRCREV_meta ?= "22257690910a1befc2ed8a98ef218bd0c5cfd844"
# remap qemuarm to qemuarma15 for the 5.8 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -32,7 +32,7 @@
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.10.47"
+LINUX_VERSION ?= "5.10.57"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 94605b3..fcf6514 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "dfb964733268c1e6f932900a384a793a0ca8de34"
-SRCREV_machine_qemuarm64 ?= "7d3eac73a6edc8fdcd701bbb0aa8c21030eb2027"
-SRCREV_machine_qemumips ?= "a40b68f2f4be601dfe020940ad29ac894cc31298"
-SRCREV_machine_qemuppc ?= "a3258c8b1690ecfa620eae9552a75cec9224ecd4"
-SRCREV_machine_qemuriscv64 ?= "e211c039dcd85ad2d4c1f1a70909d0eefef49778"
-SRCREV_machine_qemux86 ?= "e211c039dcd85ad2d4c1f1a70909d0eefef49778"
-SRCREV_machine_qemux86-64 ?= "e211c039dcd85ad2d4c1f1a70909d0eefef49778"
-SRCREV_machine_qemumips64 ?= "dded4f6e58cd90c7333b5257c9327e5e30f78e26"
-SRCREV_machine ?= "e211c039dcd85ad2d4c1f1a70909d0eefef49778"
-SRCREV_meta ?= "c5e5dc4e13bd4882a8ed96b8026e6fd268b68f8a"
+SRCREV_machine_qemuarm ?= "3d243cfd29a57dfe6b04a6a6cf1b1088d107f1f6"
+SRCREV_machine_qemuarm64 ?= "dcac97a2b4469136189f86fe42703026693384be"
+SRCREV_machine_qemumips ?= "ee74231b68518107954078d03d0606910603cf7a"
+SRCREV_machine_qemuppc ?= "76c51679aa6b9c25fe2b5c2052e84197ff2e4e2d"
+SRCREV_machine_qemuriscv64 ?= "807b4668ff7fe3be031ace442a84d70821ef9571"
+SRCREV_machine_qemux86 ?= "807b4668ff7fe3be031ace442a84d70821ef9571"
+SRCREV_machine_qemux86-64 ?= "807b4668ff7fe3be031ace442a84d70821ef9571"
+SRCREV_machine_qemumips64 ?= "3396071f8ce8ca148231fee4d2130feeead41926"
+SRCREV_machine ?= "807b4668ff7fe3be031ace442a84d70821ef9571"
+SRCREV_meta ?= "98ba88191b7c489bc0d83b6c87a31b2330fcd886"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.129"
+LINUX_VERSION ?= "5.4.139"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch
new file mode 100644
index 0000000..4fe80cf
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch
@@ -0,0 +1,35 @@
+From 073bad2fcae5be78c11a1623a20319107dfae9f8 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Fri, 28 May 2021 20:18:25 +0200
+Subject: [PATCH 1/5] avcodec/aacpsy: Avoid floating point division by 0 of
+ norm_fac
+
+Fixes: Ticket7995
+Fixes: CVE-2020-20446
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-20446
+Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavcodec/aacpsy.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavcodec/aacpsy.c b/libavcodec/aacpsy.c
+index fca692cb15..bd444fecdc 100644
+--- a/libavcodec/aacpsy.c
++++ b/libavcodec/aacpsy.c
+@@ -794,7 +794,7 @@ static void psy_3gpp_analyze_channel(FFPsyContext *ctx, int channel,
+
+ if (pe < 1.15f * desired_pe) {
+ /* 6.6.1.3.6 "Final threshold modification by linearization" */
+- norm_fac = 1.0f / norm_fac;
++ norm_fac = norm_fac ? 1.0f / norm_fac : 0;
+ for (w = 0; w < wi->num_windows*16; w += 16) {
+ for (g = 0; g < num_bands; g++) {
+ AacPsyBand *band = &pch->band[w+g];
+--
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch
new file mode 100644
index 0000000..4e43072
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch
@@ -0,0 +1,42 @@
+From 80f9cbee46757430af0769ec999ca702be652f7f Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Fri, 28 May 2021 21:37:26 +0200
+Subject: [PATCH 2/5] avcodec/aacenc: Avoid 0 lambda
+
+Fixes: Ticket8003
+Fixes: CVE-2020-20453
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-20453
+Upstream-Status: Backport [a7a7f32c8ad0179a1a85d0a8cff35924e6d90be8]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavcodec/aacenc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libavcodec/aacenc.c b/libavcodec/aacenc.c
+index db11e0ca29..9c6cb75be4 100644
+--- a/libavcodec/aacenc.c
++++ b/libavcodec/aacenc.c
+@@ -28,6 +28,7 @@
+ * TODOs:
+ * add sane pulse detection
+ ***********************************/
++#include <float.h>
+
+ #include "libavutil/libm.h"
+ #include "libavutil/thread.h"
+@@ -856,7 +857,7 @@ static int aac_encode_frame(AVCodecContext *avctx, AVPacket *avpkt,
+ /* Not so fast though */
+ ratio = sqrtf(ratio);
+ }
+- s->lambda = FFMIN(s->lambda * ratio, 65536.f);
++ s->lambda = av_clipf(s->lambda * ratio, FLT_MIN, 65536.f);
+
+ /* Keep iterating if we must reduce and lambda is in the sky */
+ if (ratio > 0.9f && ratio < 1.1f) {
+--
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch
new file mode 100644
index 0000000..1fdb31d
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch
@@ -0,0 +1,44 @@
+From dce5d2c2ee991f8cd96ab74d51a2d1a134a1a645 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 09:22:27 +0200
+Subject: [PATCH 3/5] avformat/movenc: Check pal_size before use
+
+Fixes: assertion failure
+Fixes: out of array read
+Fixes: Ticket8190
+Fixes: CVE-2020-22015
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+
+CVE: CVE-2020-22015
+Upstream-Status: Backport [4c1afa292520329eecd1cc7631bc59a8cca95c46]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavformat/movenc.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/libavformat/movenc.c b/libavformat/movenc.c
+index c34d86522a..9603704083 100644
+--- a/libavformat/movenc.c
++++ b/libavformat/movenc.c
+@@ -2094,11 +2094,13 @@ static int mov_write_video_tag(AVFormatContext *s, AVIOContext *pb, MOVMuxContex
+ avio_wb16(pb, 0x18); /* Reserved */
+
+ if (track->mode == MODE_MOV && track->par->format == AV_PIX_FMT_PAL8) {
+- int pal_size = 1 << track->par->bits_per_coded_sample;
+- int i;
++ int pal_size, i;
+ avio_wb16(pb, 0); /* Color table ID */
+ avio_wb32(pb, 0); /* Color table seed */
+ avio_wb16(pb, 0x8000); /* Color table flags */
++ if (track->par->bits_per_coded_sample < 0 || track->par->bits_per_coded_sample > 8)
++ return AVERROR(EINVAL);
++ pal_size = 1 << track->par->bits_per_coded_sample;
+ avio_wb16(pb, pal_size - 1); /* Color table size (zero-relative) */
+ for (i = 0; i < pal_size; i++) {
+ uint32_t rgb = track->palette[i];
+--
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch
new file mode 100644
index 0000000..05cba73
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch
@@ -0,0 +1,87 @@
+From 384177ca945395c8cf0ebbddd4b8b1eae64e900f Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 11:17:35 +0200
+Subject: [PATCH 4/5] avfilter/vf_yadif: Fix handing of tiny images
+
+Fixes: out of array access
+Fixes: Ticket8240
+Fixes: CVE-2020-22021
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-22021
+Upstream-Status: Backport [7971f62120a55c141ec437aa3f0bacc1c1a3526b]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavfilter/vf_yadif.c | 32 ++++++++++++++++++--------------
+ 1 file changed, 18 insertions(+), 14 deletions(-)
+
+diff --git a/libavfilter/vf_yadif.c b/libavfilter/vf_yadif.c
+index 43dea67add..06fd24ecfa 100644
+--- a/libavfilter/vf_yadif.c
++++ b/libavfilter/vf_yadif.c
+@@ -123,20 +123,22 @@ static void filter_edges(void *dst1, void *prev1, void *cur1, void *next1,
+ uint8_t *next2 = parity ? cur : next;
+
+ const int edge = MAX_ALIGN - 1;
++ int offset = FFMAX(w - edge, 3);
+
+ /* Only edge pixels need to be processed here. A constant value of false
+ * for is_not_edge should let the compiler ignore the whole branch. */
+- FILTER(0, 3, 0)
++ FILTER(0, FFMIN(3, w), 0)
+
+- dst = (uint8_t*)dst1 + w - edge;
+- prev = (uint8_t*)prev1 + w - edge;
+- cur = (uint8_t*)cur1 + w - edge;
+- next = (uint8_t*)next1 + w - edge;
++ dst = (uint8_t*)dst1 + offset;
++ prev = (uint8_t*)prev1 + offset;
++ cur = (uint8_t*)cur1 + offset;
++ next = (uint8_t*)next1 + offset;
+ prev2 = (uint8_t*)(parity ? prev : cur);
+ next2 = (uint8_t*)(parity ? cur : next);
+
+- FILTER(w - edge, w - 3, 1)
+- FILTER(w - 3, w, 0)
++ FILTER(offset, w - 3, 1)
++ offset = FFMAX(offset, w - 3);
++ FILTER(offset, w, 0)
+ }
+
+
+@@ -170,21 +172,23 @@ static void filter_edges_16bit(void *dst1, void *prev1, void *cur1, void *next1,
+ uint16_t *next2 = parity ? cur : next;
+
+ const int edge = MAX_ALIGN / 2 - 1;
++ int offset = FFMAX(w - edge, 3);
+
+ mrefs /= 2;
+ prefs /= 2;
+
+- FILTER(0, 3, 0)
++ FILTER(0, FFMIN(3, w), 0)
+
+- dst = (uint16_t*)dst1 + w - edge;
+- prev = (uint16_t*)prev1 + w - edge;
+- cur = (uint16_t*)cur1 + w - edge;
+- next = (uint16_t*)next1 + w - edge;
++ dst = (uint16_t*)dst1 + offset;
++ prev = (uint16_t*)prev1 + offset;
++ cur = (uint16_t*)cur1 + offset;
++ next = (uint16_t*)next1 + offset;
+ prev2 = (uint16_t*)(parity ? prev : cur);
+ next2 = (uint16_t*)(parity ? cur : next);
+
+- FILTER(w - edge, w - 3, 1)
+- FILTER(w - 3, w, 0)
++ FILTER(offset, w - 3, 1)
++ offset = FFMAX(offset, w - 3);
++ FILTER(offset, w, 0)
+ }
+
+ static int filter_slice(AVFilterContext *ctx, void *arg, int jobnr, int nb_jobs)
+--
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch
new file mode 100644
index 0000000..e98ddaa
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch
@@ -0,0 +1,39 @@
+From 2f3bf456fa641edf154a99c4586d7bf52c02a495 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 09:58:31 +0200
+Subject: [PATCH 5/5] avfilter/vf_vmafmotion: Check dimensions
+
+Fixes: out of array access
+Fixes: Ticket8241
+Fixes: Ticket8246
+Fixes: CVE-2020-22019
+Fixes: CVE-2020-22033
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-22033
+CVE: CVE-2020-22019
+Upstream-Status: Backport [82ad1b76751bcfad5005440db48c46a4de5d6f02]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavfilter/vf_vmafmotion.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libavfilter/vf_vmafmotion.c b/libavfilter/vf_vmafmotion.c
+index 88d0b35095..0730147e7d 100644
+--- a/libavfilter/vf_vmafmotion.c
++++ b/libavfilter/vf_vmafmotion.c
+@@ -238,6 +238,9 @@ int ff_vmafmotion_init(VMAFMotionData *s,
+ int i;
+ const AVPixFmtDescriptor *desc = av_pix_fmt_desc_get(fmt);
+
++ if (w < 3 || h < 3)
++ return AVERROR(EINVAL);
++
+ s->width = w;
+ s->height = h;
+ s->stride = FFALIGN(w * sizeof(uint16_t), 32);
+--
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
index 08be38c..0a49493 100644
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
@@ -26,6 +26,11 @@
SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://mips64_cpu_detection.patch \
file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
+ file://fix-CVE-2020-20446.patch \
+ file://fix-CVE-2020-20453.patch \
+ file://fix-CVE-2020-22015.patch \
+ file://fix-CVE-2020-22021.patch \
+ file://fix-CVE-2020-22033-CVE-2020-22019.patch \
"
SRC_URI[sha256sum] = "46e4e64f1dd0233cbc0934b9f1c0da676008cad34725113fb7f802cfa84ccddb"
diff --git a/poky/meta/recipes-support/aspell/aspell_0.60.8.bb b/poky/meta/recipes-support/aspell/aspell_0.60.8.bb
index 6548c54..9147c82 100644
--- a/poky/meta/recipes-support/aspell/aspell_0.60.8.bb
+++ b/poky/meta/recipes-support/aspell/aspell_0.60.8.bb
@@ -13,7 +13,9 @@
LICENSE = "LGPLv2 | LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34"
-SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz"
+SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz \
+ file://CVE-2019-25051.patch \
+"
SRC_URI[md5sum] = "012fa9209203ae4e5a61c2a668fd10e3"
SRC_URI[sha256sum] = "f9b77e515334a751b2e60daab5db23499e26c9209f5e7b7443b05235ad0226f2"
diff --git a/poky/meta/recipes-support/aspell/files/CVE-2019-25051.patch b/poky/meta/recipes-support/aspell/files/CVE-2019-25051.patch
new file mode 100644
index 0000000..8513f6d
--- /dev/null
+++ b/poky/meta/recipes-support/aspell/files/CVE-2019-25051.patch
@@ -0,0 +1,101 @@
+From 0718b375425aad8e54e1150313b862e4c6fd324a Mon Sep 17 00:00:00 2001
+From: Kevin Atkinson <kevina@gnu.org>
+Date: Sat, 21 Dec 2019 20:32:47 +0000
+Subject: [PATCH] objstack: assert that the alloc size will fit within a chunk
+ to prevent a buffer overflow
+
+Bug found using OSS-Fuze.
+
+Upstream-Status: Backport
+[https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a]
+CVE: CVE-2019-25051
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ common/objstack.hpp | 18 ++++++++++++++----
+ 1 file changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/common/objstack.hpp b/common/objstack.hpp
+index 3997bf7..bd97ccd 100644
+--- a/common/objstack.hpp
++++ b/common/objstack.hpp
+@@ -5,6 +5,7 @@
+ #include "parm_string.hpp"
+ #include <stdlib.h>
+ #include <assert.h>
++#include <stddef.h>
+
+ namespace acommon {
+
+@@ -26,6 +27,12 @@ class ObjStack
+ byte * temp_end;
+ void setup_chunk();
+ void new_chunk();
++ bool will_overflow(size_t sz) const {
++ return offsetof(Node,data) + sz > chunk_size;
++ }
++ void check_size(size_t sz) {
++ assert(!will_overflow(sz));
++ }
+
+ ObjStack(const ObjStack &);
+ void operator=(const ObjStack &);
+@@ -56,7 +63,7 @@ class ObjStack
+ void * alloc_bottom(size_t size) {
+ byte * tmp = bottom;
+ bottom += size;
+- if (bottom > top) {new_chunk(); tmp = bottom; bottom += size;}
++ if (bottom > top) {check_size(size); new_chunk(); tmp = bottom; bottom += size;}
+ return tmp;
+ }
+ // This alloc_bottom will insure that the object is aligned based on the
+@@ -66,7 +73,7 @@ class ObjStack
+ align_bottom(align);
+ byte * tmp = bottom;
+ bottom += size;
+- if (bottom > top) {new_chunk(); goto loop;}
++ if (bottom > top) {check_size(size); new_chunk(); goto loop;}
+ return tmp;
+ }
+ char * dup_bottom(ParmString str) {
+@@ -79,7 +86,7 @@ class ObjStack
+ // always be aligned as such.
+ void * alloc_top(size_t size) {
+ top -= size;
+- if (top < bottom) {new_chunk(); top -= size;}
++ if (top < bottom) {check_size(size); new_chunk(); top -= size;}
+ return top;
+ }
+ // This alloc_top will insure that the object is aligned based on
+@@ -88,7 +95,7 @@ class ObjStack
+ {loop:
+ top -= size;
+ align_top(align);
+- if (top < bottom) {new_chunk(); goto loop;}
++ if (top < bottom) {check_size(size); new_chunk(); goto loop;}
+ return top;
+ }
+ char * dup_top(ParmString str) {
+@@ -117,6 +124,7 @@ class ObjStack
+ void * alloc_temp(size_t size) {
+ temp_end = bottom + size;
+ if (temp_end > top) {
++ check_size(size);
+ new_chunk();
+ temp_end = bottom + size;
+ }
+@@ -131,6 +139,7 @@ class ObjStack
+ } else {
+ size_t s = temp_end - bottom;
+ byte * p = bottom;
++ check_size(size);
+ new_chunk();
+ memcpy(bottom, p, s);
+ temp_end = bottom + size;
+@@ -150,6 +159,7 @@ class ObjStack
+ } else {
+ size_t s = temp_end - bottom;
+ byte * p = bottom;
++ check_size(size);
+ new_chunk();
+ memcpy(bottom, p, s);
+ temp_end = bottom + size;
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2021-22901.patch b/poky/meta/recipes-support/curl/curl/CVE-2021-22901.patch
new file mode 100644
index 0000000..c5775c6
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2021-22901.patch
@@ -0,0 +1,453 @@
+From a801ebdc2b1c008fa72c31f1bf7773d99e6e2a2d Mon Sep 17 00:00:00 2001
+From: Harry Sintonen <sintonen@iki.fi>
+Date: Tue, 3 Aug 2021 08:41:45 +0000
+Subject: [PATCH] openssl: associate/detach the transfer from connection
+
+CVE-2021-22901
+
+Bug: https://curl.se/docs/CVE-2021-22901.html
+
+CVE: CVE-2021-22901
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/multi.c | 5 +-
+ lib/vtls/gskit.c | 4 +-
+ lib/vtls/gtls.c | 4 +-
+ lib/vtls/mbedtls.c | 4 +-
+ lib/vtls/mesalink.c | 4 +-
+ lib/vtls/nss.c | 4 +-
+ lib/vtls/openssl.c | 146 +++++++++++++++++++++++++++++++------------
+ lib/vtls/schannel.c | 6 +-
+ lib/vtls/sectransp.c | 4 +-
+ lib/vtls/vtls.c | 23 ++++++-
+ lib/vtls/vtls.h | 12 ++++
+ lib/vtls/wolfssl.c | 4 +-
+ 12 files changed, 170 insertions(+), 50 deletions(-)
+
+diff --git a/lib/multi.c b/lib/multi.c
+index 85707a1..a4ff9ac 100644
+--- a/lib/multi.c
++++ b/lib/multi.c
+@@ -875,8 +875,10 @@ bool Curl_multiplex_wanted(const struct Curl_multi *multi)
+ void Curl_detach_connnection(struct Curl_easy *data)
+ {
+ struct connectdata *conn = data->conn;
+- if(conn)
++ if(conn) {
+ Curl_llist_remove(&conn->easyq, &data->conn_queue, NULL);
++ Curl_ssl_detach_conn(data, conn);
++ }
+ data->conn = NULL;
+ }
+
+@@ -893,6 +895,7 @@ void Curl_attach_connnection(struct Curl_easy *data,
+ data->conn = conn;
+ Curl_llist_insert_next(&conn->easyq, conn->easyq.tail, data,
+ &data->conn_queue);
++ Curl_ssl_associate_conn(data, conn);
+ }
+
+ static int waitconnect_getsock(struct connectdata *conn,
+diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c
+index 9b5f649..bd9c602 100644
+--- a/lib/vtls/gskit.c
++++ b/lib/vtls/gskit.c
+@@ -1282,7 +1282,9 @@ const struct Curl_ssl Curl_ssl_gskit = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ Curl_none_false_start, /* false_start */
+- NULL /* sha256sum */
++ NULL, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ #endif /* USE_GSKIT */
+diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
+index 28ca528..24e036b 100644
+--- a/lib/vtls/gtls.c
++++ b/lib/vtls/gtls.c
+@@ -1683,7 +1683,9 @@ const struct Curl_ssl Curl_ssl_gnutls = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ Curl_none_false_start, /* false_start */
+- gtls_sha256sum /* sha256sum */
++ gtls_sha256sum, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ #endif /* USE_GNUTLS */
+diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
+index bd0e080..fc973c7 100644
+--- a/lib/vtls/mbedtls.c
++++ b/lib/vtls/mbedtls.c
+@@ -1112,7 +1112,9 @@ const struct Curl_ssl Curl_ssl_mbedtls = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ Curl_none_false_start, /* false_start */
+- mbedtls_sha256sum /* sha256sum */
++ mbedtls_sha256sumi, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ #endif /* USE_MBEDTLS */
+diff --git a/lib/vtls/mesalink.c b/lib/vtls/mesalink.c
+index ad807d3..8a91487 100644
+--- a/lib/vtls/mesalink.c
++++ b/lib/vtls/mesalink.c
+@@ -666,7 +666,9 @@ const struct Curl_ssl Curl_ssl_mesalink = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ Curl_none_false_start, /* false_start */
+- NULL /* sha256sum */
++ NULL, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ #endif
+diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
+index e5ab71c..fb9f763 100644
+--- a/lib/vtls/nss.c
++++ b/lib/vtls/nss.c
+@@ -2444,7 +2444,9 @@ const struct Curl_ssl Curl_ssl_nss = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ nss_false_start, /* false_start */
+- nss_sha256sum /* sha256sum */
++ nss_sha256sum, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ #endif /* USE_NSS */
+diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
+index 8304264..946b4c5 100644
+--- a/lib/vtls/openssl.c
++++ b/lib/vtls/openssl.c
+@@ -244,6 +244,10 @@ struct ssl_backend_data {
+ #endif
+ };
+
++static void ossl_associate_connection(struct Curl_easy *data,
++ struct connectdata *conn,
++ int sockindex);
++
+ /*
+ * Number of bytes to read from the random number seed file. This must be
+ * a finite value (because some entropy "files" like /dev/urandom have
+@@ -2527,6 +2531,7 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
+ curl_socket_t sockfd = conn->sock[sockindex];
+ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ ctx_option_t ctx_options = 0;
++ void *ssl_sessionid = NULL;
+
+ #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+ bool sni;
+@@ -3224,46 +3229,23 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
+ }
+ #endif
+
+- /* Check if there's a cached ID we can/should use here! */
+- if(SSL_SET_OPTION(primary.sessionid)) {
+- void *ssl_sessionid = NULL;
+- int data_idx = ossl_get_ssl_data_index();
+- int connectdata_idx = ossl_get_ssl_conn_index();
+- int sockindex_idx = ossl_get_ssl_sockindex_index();
+- int proxy_idx = ossl_get_proxy_index();
+-
+- if(data_idx >= 0 && connectdata_idx >= 0 && sockindex_idx >= 0 &&
+- proxy_idx >= 0) {
+- /* Store the data needed for the "new session" callback.
+- * The sockindex is stored as a pointer to an array element. */
+- SSL_set_ex_data(backend->handle, data_idx, data);
+- SSL_set_ex_data(backend->handle, connectdata_idx, conn);
+- SSL_set_ex_data(backend->handle, sockindex_idx, conn->sock + sockindex);
+-#ifndef CURL_DISABLE_PROXY
+- SSL_set_ex_data(backend->handle, proxy_idx, SSL_IS_PROXY() ? (void *) 1:
+- NULL);
+-#else
+- SSL_set_ex_data(backend->handle, proxy_idx, NULL);
+-#endif
+-
+- }
++ ossl_associate_connection(data, conn, sockindex);
+
+- Curl_ssl_sessionid_lock(data);
+- if(!Curl_ssl_getsessionid(data, conn, SSL_IS_PROXY() ? TRUE : FALSE,
+- &ssl_sessionid, NULL, sockindex)) {
+- /* we got a session id, use it! */
+- if(!SSL_set_session(backend->handle, ssl_sessionid)) {
+- Curl_ssl_sessionid_unlock(data);
+- failf(data, "SSL: SSL_set_session failed: %s",
+- ossl_strerror(ERR_get_error(), error_buffer,
+- sizeof(error_buffer)));
+- return CURLE_SSL_CONNECT_ERROR;
+- }
+- /* Informational message */
+- infof(data, "SSL re-using session ID\n");
++ Curl_ssl_sessionid_lock(data);
++ if(!Curl_ssl_getsessionid(data, conn, SSL_IS_PROXY() ? TRUE : FALSE,
++ &ssl_sessionid, NULL, sockindex)) {
++ /* we got a session id, use it! */
++ if(!SSL_set_session(backend->handle, ssl_sessionid)) {
++ Curl_ssl_sessionid_unlock(data);
++ failf(data, "SSL: SSL_set_session failed: %s",
++ ossl_strerror(ERR_get_error(), error_buffer,
++ sizeof(error_buffer)));
++ return CURLE_SSL_CONNECT_ERROR;
+ }
+- Curl_ssl_sessionid_unlock(data);
++ /* Informational message */
++ infof(data, "SSL re-using session ID\n");
+ }
++ Curl_ssl_sessionid_unlock(data);
+
+ #ifndef CURL_DISABLE_PROXY
+ if(conn->proxy_ssl[sockindex].use) {
+@@ -4481,6 +4463,90 @@ static void *ossl_get_internals(struct ssl_connect_data *connssl,
+ (void *)backend->ctx : (void *)backend->handle;
+ }
+
++static void ossl_associate_connection(struct Curl_easy *data,
++ struct connectdata *conn,
++ int sockindex)
++{
++ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
++ struct ssl_backend_data *backend = connssl->backend;
++
++ /* If we don't have SSL context, do nothing. */
++ if(!backend->handle)
++ return;
++
++ if(SSL_SET_OPTION(primary.sessionid)) {
++ int data_idx = ossl_get_ssl_data_index();
++ int connectdata_idx = ossl_get_ssl_conn_index();
++ int sockindex_idx = ossl_get_ssl_sockindex_index();
++ int proxy_idx = ossl_get_proxy_index();
++
++ if(data_idx >= 0 && connectdata_idx >= 0 && sockindex_idx >= 0 &&
++ proxy_idx >= 0) {
++ /* Store the data needed for the "new session" callback.
++ * The sockindex is stored as a pointer to an array element. */
++ SSL_set_ex_data(backend->handle, data_idx, data);
++ SSL_set_ex_data(backend->handle, connectdata_idx, conn);
++ SSL_set_ex_data(backend->handle, sockindex_idx, conn->sock + sockindex);
++#ifndef CURL_DISABLE_PROXY
++ SSL_set_ex_data(backend->handle, proxy_idx, SSL_IS_PROXY() ? (void *) 1:
++ NULL);
++#else
++ SSL_set_ex_data(backend->handle, proxy_idx, NULL);
++#endif
++ }
++ }
++}
++
++/*
++ * Starting with TLS 1.3, the ossl_new_session_cb callback gets called after
++ * the handshake. If the transfer that sets up the callback gets killed before
++ * this callback arrives, we must make sure to properly clear the data to
++ * avoid UAF problems. A future optimization could be to instead store another
++ * transfer that might still be using the same connection.
++ */
++
++static void ossl_disassociate_connection(struct Curl_easy *data,
++ int sockindex)
++{
++ struct connectdata *conn = data->conn;
++ struct ssl_connect_data *connssl = &conn->ssl[sockindex];
++ struct ssl_backend_data *backend = connssl->backend;
++
++ /* If we don't have SSL context, do nothing. */
++ if(!backend->handle)
++ return;
++
++ if(SSL_SET_OPTION(primary.sessionid)) {
++ bool isproxy = FALSE;
++ bool incache;
++ void *old_ssl_sessionid = NULL;
++ int data_idx = ossl_get_ssl_data_index();
++ int connectdata_idx = ossl_get_ssl_conn_index();
++ int sockindex_idx = ossl_get_ssl_sockindex_index();
++ int proxy_idx = ossl_get_proxy_index();
++
++ if(data_idx >= 0 && connectdata_idx >= 0 && sockindex_idx >= 0 &&
++ proxy_idx >= 0) {
++ /* Invalidate the session cache entry, if any */
++ isproxy = SSL_get_ex_data(backend->handle, proxy_idx) ? TRUE : FALSE;
++
++ /* Disable references to data in "new session" callback to avoid
++ * accessing a stale pointer. */
++ SSL_set_ex_data(backend->handle, data_idx, NULL);
++ SSL_set_ex_data(backend->handle, connectdata_idx, NULL);
++ SSL_set_ex_data(backend->handle, sockindex_idx, NULL);
++ SSL_set_ex_data(backend->handle, proxy_idx, NULL);
++ }
++
++ Curl_ssl_sessionid_lock(data);
++ incache = !(Curl_ssl_getsessionid(data, conn, isproxy,
++ &old_ssl_sessionid, NULL, sockindex));
++ if(incache)
++ Curl_ssl_delsessionid(data, old_ssl_sessionid);
++ Curl_ssl_sessionid_unlock(data);
++ }
++}
++
+ const struct Curl_ssl Curl_ssl_openssl = {
+ { CURLSSLBACKEND_OPENSSL, "openssl" }, /* info */
+
+@@ -4514,10 +4580,12 @@ const struct Curl_ssl Curl_ssl_openssl = {
+ ossl_engines_list, /* engines_list */
+ Curl_none_false_start, /* false_start */
+ #if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && !defined(OPENSSL_NO_SHA256)
+- ossl_sha256sum /* sha256sum */
++ ossl_sha256sum, /* sha256sum */
+ #else
+- NULL /* sha256sum */
++ NULL, /* sha256sum */
+ #endif
++ ossl_associate_connection, /* associate_connection */
++ ossl_disassociate_connection /* disassociate_connection */
+ };
+
+ #endif /* USE_OPENSSL */
+diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
+index 670310d..596106a 100644
+--- a/lib/vtls/schannel.c
++++ b/lib/vtls/schannel.c
+@@ -325,7 +325,7 @@ get_alg_id_by_name(char *name)
+
+ static CURLcode
+ set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers,
+- int *algIds)
++ ALG_ID *algIds)
+ {
+ char *startCur = ciphers;
+ int algCount = 0;
+@@ -2429,7 +2429,9 @@ const struct Curl_ssl Curl_ssl_schannel = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ Curl_none_false_start, /* false_start */
+- schannel_sha256sum /* sha256sum */
++ schannel_sha256sum, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ #endif /* USE_SCHANNEL */
+diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
+index 6d1ea7e..37b41f8 100644
+--- a/lib/vtls/sectransp.c
++++ b/lib/vtls/sectransp.c
+@@ -3311,7 +3311,9 @@ const struct Curl_ssl Curl_ssl_sectransp = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ sectransp_false_start, /* false_start */
+- sectransp_sha256sum /* sha256sum */
++ sectransp_sha256sum, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ #ifdef __clang__
+diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
+index 00b6268..59a7efb 100644
+--- a/lib/vtls/vtls.c
++++ b/lib/vtls/vtls.c
+@@ -579,6 +579,25 @@ CURLcode Curl_ssl_addsessionid(struct Curl_easy *data,
+ return CURLE_OK;
+ }
+
++void Curl_ssl_associate_conn(struct Curl_easy *data,
++ struct connectdata *conn)
++{
++ if(Curl_ssl->associate_connection) {
++ Curl_ssl->associate_connection(data, conn, FIRSTSOCKET);
++ if(conn->sock[SECONDARYSOCKET] && conn->bits.sock_accepted)
++ Curl_ssl->associate_connection(data, conn, SECONDARYSOCKET);
++ }
++}
++
++void Curl_ssl_detach_conn(struct Curl_easy *data,
++ struct connectdata *conn)
++{
++ if(Curl_ssl->disassociate_connection) {
++ Curl_ssl->disassociate_connection(data, FIRSTSOCKET);
++ if(conn->sock[SECONDARYSOCKET] && conn->bits.sock_accepted)
++ Curl_ssl->disassociate_connection(data, SECONDARYSOCKET);
++ }
++}
+
+ void Curl_ssl_close_all(struct Curl_easy *data)
+ {
+@@ -1212,7 +1231,9 @@ static const struct Curl_ssl Curl_ssl_multi = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ Curl_none_false_start, /* false_start */
+- NULL /* sha256sum */
++ NULL, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ const struct Curl_ssl *Curl_ssl =
+diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
+index 1351215..94049f9 100644
+--- a/lib/vtls/vtls.h
++++ b/lib/vtls/vtls.h
+@@ -75,6 +75,11 @@ struct Curl_ssl {
+ bool (*false_start)(void);
+ CURLcode (*sha256sum)(const unsigned char *input, size_t inputlen,
+ unsigned char *sha256sum, size_t sha256sumlen);
++
++ void (*associate_connection)(struct Curl_easy *data,
++ struct connectdata *conn,
++ int sockindex);
++ void (*disassociate_connection)(struct Curl_easy *data, int sockindex);
+ };
+
+ #ifdef USE_SSL
+@@ -264,6 +269,11 @@ bool Curl_ssl_cert_status_request(void);
+
+ bool Curl_ssl_false_start(void);
+
++void Curl_ssl_associate_conn(struct Curl_easy *data,
++ struct connectdata *conn);
++void Curl_ssl_detach_conn(struct Curl_easy *data,
++ struct connectdata *conn);
++
+ #define SSL_SHUTDOWN_TIMEOUT 10000 /* ms */
+
+ #else /* if not USE_SSL */
+@@ -290,6 +300,8 @@ bool Curl_ssl_false_start(void);
+ #define Curl_ssl_cert_status_request() FALSE
+ #define Curl_ssl_false_start() FALSE
+ #define Curl_ssl_tls13_ciphersuites() FALSE
++#define Curl_ssl_associate_conn(a,b) Curl_nop_stmt
++#define Curl_ssl_detach_conn(a,b) Curl_nop_stmt
+ #endif
+
+ #endif /* HEADER_CURL_VTLS_H */
+diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
+index f1b12b1..f734a84 100644
+--- a/lib/vtls/wolfssl.c
++++ b/lib/vtls/wolfssl.c
+@@ -1165,7 +1165,9 @@ const struct Curl_ssl Curl_ssl_wolfssl = {
+ Curl_none_set_engine_default, /* set_engine_default */
+ Curl_none_engines_list, /* engines_list */
+ Curl_none_false_start, /* false_start */
+- wolfssl_sha256sum /* sha256sum */
++ wolfssl_sha256sum, /* sha256sum */
++ NULL, /* associate_connection */
++ NULL /* disassociate_connection */
+ };
+
+ #endif
+--
+2.31.1
+
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2021-22924.patch b/poky/meta/recipes-support/curl/curl/CVE-2021-22924.patch
new file mode 100644
index 0000000..f09704c
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2021-22924.patch
@@ -0,0 +1,298 @@
+From 205cf19fc374ee8eb848c5448e31fa703392832e Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 4 Aug 2021 01:52:40 +0000
+Subject: [PATCH] vtls: fix connection reuse checks for issuer cert and case
+ sensitivity
+
+CVE-2021-22924
+
+Reported-by: Harry Sintonen
+Bug: https://curl.se/docs/CVE-2021-22924.html
+
+CVE: CVE-2021-22924
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/5ea3145850ebff1dc2b13d17440300a01ca38161]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/url.c | 10 ++++++----
+ lib/urldata.h | 6 ++++--
+ lib/vtls/gtls.c | 10 +++++-----
+ lib/vtls/nss.c | 4 ++--
+ lib/vtls/openssl.c | 18 +++++++++---------
+ lib/vtls/vtls.c | 26 +++++++++++++++++++++-----
+ 6 files changed, 47 insertions(+), 27 deletions(-)
+
+diff --git a/lib/url.c b/lib/url.c
+index c02d2c2..474c53b 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -3695,6 +3695,8 @@ static CURLcode create_conn(struct Curl_easy *data,
+ */
+ data->set.ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_ORIG];
+ data->set.ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_ORIG];
++ data->set.ssl.primary.issuercert = data->set.str[STRING_SSL_ISSUERCERT];
++ data->set.ssl.primary.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT];
+ data->set.ssl.primary.random_file = data->set.str[STRING_SSL_RANDOM_FILE];
+ data->set.ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
+ data->set.ssl.primary.cipher_list =
+@@ -3719,8 +3721,11 @@ static CURLcode create_conn(struct Curl_easy *data,
+ data->set.proxy_ssl.primary.pinned_key =
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY];
+ data->set.proxy_ssl.primary.cert_blob = data->set.blobs[BLOB_CERT_PROXY];
++ data->set.proxy_ssl.primary.issuercert =
++ data->set.str[STRING_SSL_ISSUERCERT_PROXY];
++ data->set.proxy_ssl.primary.issuercert_blob =
++ data->set.blobs[BLOB_SSL_ISSUERCERT_PROXY];
+ data->set.proxy_ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY];
+- data->set.proxy_ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_PROXY];
+ data->set.proxy_ssl.cert_type = data->set.str[STRING_CERT_TYPE_PROXY];
+ data->set.proxy_ssl.key = data->set.str[STRING_KEY_PROXY];
+ data->set.proxy_ssl.key_type = data->set.str[STRING_KEY_TYPE_PROXY];
+@@ -3729,7 +3734,6 @@ static CURLcode create_conn(struct Curl_easy *data,
+ data->set.proxy_ssl.key_blob = data->set.blobs[BLOB_KEY_PROXY];
+ #endif
+ data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_ORIG];
+- data->set.ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_ORIG];
+ data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE_ORIG];
+ data->set.ssl.key = data->set.str[STRING_KEY_ORIG];
+ data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE_ORIG];
+@@ -3743,9 +3747,7 @@ static CURLcode create_conn(struct Curl_easy *data,
+ data->set.proxy_ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];
+ #endif
+ #endif
+-
+ data->set.ssl.key_blob = data->set.blobs[BLOB_KEY_ORIG];
+- data->set.ssl.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT_ORIG];
+
+ if(!Curl_clone_primary_ssl_config(&data->set.ssl.primary,
+ &conn->ssl_config)) {
+diff --git a/lib/urldata.h b/lib/urldata.h
+index f7d60b2..7d01874 100644
+--- a/lib/urldata.h
++++ b/lib/urldata.h
+@@ -246,6 +246,7 @@ struct ssl_primary_config {
+ long version_max; /* max supported version the client wants to use*/
+ char *CApath; /* certificate dir (doesn't work on windows) */
+ char *CAfile; /* certificate to verify peer against */
++ char *issuercert; /* optional issuer certificate filename */
+ char *clientcert;
+ char *random_file; /* path to file containing "random" data */
+ char *egdsocket; /* path to file containing the EGD daemon socket */
+@@ -253,6 +254,7 @@ struct ssl_primary_config {
+ char *cipher_list13; /* list of TLS 1.3 cipher suites to use */
+ char *pinned_key;
+ struct curl_blob *cert_blob;
++ struct curl_blob *issuercert_blob;
+ char *curves; /* list of curves to use */
+ BIT(verifypeer); /* set TRUE if this is desired */
+ BIT(verifyhost); /* set TRUE if CN/SAN must match hostname */
+@@ -264,8 +266,6 @@ struct ssl_config_data {
+ struct ssl_primary_config primary;
+ long certverifyresult; /* result from the certificate verification */
+ char *CRLfile; /* CRL to check certificate revocation */
+- char *issuercert;/* optional issuer certificate filename */
+- struct curl_blob *issuercert_blob;
+ curl_ssl_ctx_callback fsslctx; /* function to initialize ssl ctx */
+ void *fsslctxp; /* parameter for call back */
+ char *cert_type; /* format for certificate (default: PEM)*/
+@@ -1545,6 +1545,7 @@ enum dupstring {
+ STRING_SSL_CRLFILE_ORIG, /* crl file to check certificate */
+ STRING_SSL_CRLFILE_PROXY, /* crl file to check certificate */
+ STRING_SSL_ISSUERCERT_ORIG, /* issuer cert file to check certificate */
++ STRING_SSL_ISSUERCERT, /* issuer cert file to check certificate */
+ STRING_SSL_ISSUERCERT_PROXY, /* issuer cert file to check certificate */
+ STRING_SSL_ENGINE, /* name of ssl engine */
+ STRING_USERNAME, /* <username>, if used */
+@@ -1600,6 +1601,7 @@ enum dupblob {
+ BLOB_CERT_PROXY,
+ BLOB_KEY_ORIG,
+ BLOB_KEY_PROXY,
++ BLOB_SSL_ISSUERCERT,
+ BLOB_SSL_ISSUERCERT_ORIG,
+ BLOB_SSL_ISSUERCERT_PROXY,
+ BLOB_LAST
+diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
+index 2c65ba0..d1c3919 100644
+--- a/lib/vtls/gtls.c
++++ b/lib/vtls/gtls.c
+@@ -855,7 +855,7 @@ gtls_connect_step3(struct Curl_easy *data,
+ if(!chainp) {
+ if(SSL_CONN_CONFIG(verifypeer) ||
+ SSL_CONN_CONFIG(verifyhost) ||
+- SSL_SET_OPTION(issuercert)) {
++ SSL_CONN_CONFIG(issuercert)) {
+ #ifdef HAVE_GNUTLS_SRP
+ if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP
+ && SSL_SET_OPTION(username) != NULL
+@@ -1039,21 +1039,21 @@ gtls_connect_step3(struct Curl_easy *data,
+ gnutls_x509_crt_t format */
+ gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER);
+
+- if(SSL_SET_OPTION(issuercert)) {
++ if(SSL_CONN_CONFIG(issuercert)) {
+ gnutls_x509_crt_init(&x509_issuer);
+- issuerp = load_file(SSL_SET_OPTION(issuercert));
++ issuerp = load_file(SSL_CONN_CONFIG(issuercert));
+ gnutls_x509_crt_import(x509_issuer, &issuerp, GNUTLS_X509_FMT_PEM);
+ rc = gnutls_x509_crt_check_issuer(x509_cert, x509_issuer);
+ gnutls_x509_crt_deinit(x509_issuer);
+ unload_file(issuerp);
+ if(rc <= 0) {
+ failf(data, "server certificate issuer check failed (IssuerCert: %s)",
+- SSL_SET_OPTION(issuercert)?SSL_SET_OPTION(issuercert):"none");
++ SSL_CONN_CONFIG(issuercert)?SSL_CONN_CONFIG(issuercert):"none");
+ gnutls_x509_crt_deinit(x509_cert);
+ return CURLE_SSL_ISSUER_ERROR;
+ }
+ infof(data, "\t server certificate issuer check OK (Issuer Cert: %s)\n",
+- SSL_SET_OPTION(issuercert)?SSL_SET_OPTION(issuercert):"none");
++ SSL_CONN_CONFIG(issuercert)?SSL_CONN_CONFIG(issuercert):"none");
+ }
+
+ size = sizeof(certname);
+diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
+index fb9f763..dab12b6 100644
+--- a/lib/vtls/nss.c
++++ b/lib/vtls/nss.c
+@@ -2159,9 +2159,9 @@ static CURLcode nss_do_connect(struct Curl_easy *data,
+ if(result)
+ goto error;
+
+- if(SSL_SET_OPTION(issuercert)) {
++ if(SSL_CONN_CONFIG(issuercert)) {
+ SECStatus ret = SECFailure;
+- char *nickname = dup_nickname(data, SSL_SET_OPTION(issuercert));
++ char *nickname = dup_nickname(data, SSL_CONN_CONFIG(issuercert));
+ if(nickname) {
+ /* we support only nicknames in case of issuercert for now */
+ ret = check_issuer_cert(backend->handle, nickname);
+diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
+index 946b4c5..85e1ee5 100644
+--- a/lib/vtls/openssl.c
++++ b/lib/vtls/openssl.c
+@@ -3881,10 +3881,10 @@ static CURLcode servercert(struct Curl_easy *data,
+ deallocating the certificate. */
+
+ /* e.g. match issuer name with provided issuer certificate */
+- if(SSL_SET_OPTION(issuercert) || SSL_SET_OPTION(issuercert_blob)) {
+- if(SSL_SET_OPTION(issuercert_blob))
+- fp = BIO_new_mem_buf(SSL_SET_OPTION(issuercert_blob)->data,
+- (int)SSL_SET_OPTION(issuercert_blob)->len);
++ if(SSL_CONN_CONFIG(issuercert) || SSL_CONN_CONFIG(issuercert_blob)) {
++ if(SSL_CONN_CONFIG(issuercert_blob))
++ fp = BIO_new_mem_buf(SSL_CONN_CONFIG(issuercert_blob)->data,
++ (int)SSL_CONN_CONFIG(issuercert_blob)->len);
+ else {
+ fp = BIO_new(BIO_s_file());
+ if(fp == NULL) {
+@@ -3898,10 +3898,10 @@ static CURLcode servercert(struct Curl_easy *data,
+ return CURLE_OUT_OF_MEMORY;
+ }
+
+- if(BIO_read_filename(fp, SSL_SET_OPTION(issuercert)) <= 0) {
++ if(BIO_read_filename(fp, SSL_CONN_CONFIG(issuercert)) <= 0) {
+ if(strict)
+ failf(data, "SSL: Unable to open issuer cert (%s)",
+- SSL_SET_OPTION(issuercert));
++ SSL_CONN_CONFIG(issuercert));
+ BIO_free(fp);
+ X509_free(backend->server_cert);
+ backend->server_cert = NULL;
+@@ -3913,7 +3913,7 @@ static CURLcode servercert(struct Curl_easy *data,
+ if(!issuer) {
+ if(strict)
+ failf(data, "SSL: Unable to read issuer cert (%s)",
+- SSL_SET_OPTION(issuercert));
++ SSL_CONN_CONFIG(issuercert));
+ BIO_free(fp);
+ X509_free(issuer);
+ X509_free(backend->server_cert);
+@@ -3924,7 +3924,7 @@ static CURLcode servercert(struct Curl_easy *data,
+ if(X509_check_issued(issuer, backend->server_cert) != X509_V_OK) {
+ if(strict)
+ failf(data, "SSL: Certificate issuer check failed (%s)",
+- SSL_SET_OPTION(issuercert));
++ SSL_CONN_CONFIG(issuercert));
+ BIO_free(fp);
+ X509_free(issuer);
+ X509_free(backend->server_cert);
+@@ -3933,7 +3933,7 @@ static CURLcode servercert(struct Curl_easy *data,
+ }
+
+ infof(data, " SSL certificate issuer check ok (%s)\n",
+- SSL_SET_OPTION(issuercert));
++ SSL_CONN_CONFIG(issuercert));
+ BIO_free(fp);
+ X509_free(issuer);
+ }
+diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
+index 59a7efb..eb885da 100644
+--- a/lib/vtls/vtls.c
++++ b/lib/vtls/vtls.c
+@@ -125,6 +125,16 @@ static bool blobcmp(struct curl_blob *first, struct curl_blob *second)
+ return !memcmp(first->data, second->data, first->len); /* same data */
+ }
+
++static bool safecmp(char *a, char *b)
++{
++ if(a && b)
++ return !strcmp(a, b);
++ else if(!a && !b)
++ return TRUE; /* match */
++ return FALSE; /* no match */
++}
++
++
+ bool
+ Curl_ssl_config_matches(struct ssl_primary_config *data,
+ struct ssl_primary_config *needle)
+@@ -135,11 +145,13 @@ Curl_ssl_config_matches(struct ssl_primary_config *data,
+ (data->verifyhost == needle->verifyhost) &&
+ (data->verifystatus == needle->verifystatus) &&
+ blobcmp(data->cert_blob, needle->cert_blob) &&
+- Curl_safe_strcasecompare(data->CApath, needle->CApath) &&
+- Curl_safe_strcasecompare(data->CAfile, needle->CAfile) &&
+- Curl_safe_strcasecompare(data->clientcert, needle->clientcert) &&
+- Curl_safe_strcasecompare(data->random_file, needle->random_file) &&
+- Curl_safe_strcasecompare(data->egdsocket, needle->egdsocket) &&
++ blobcmp(data->issuercert_blob, needle->issuercert_blob) &&
++ safecmp(data->CApath, needle->CApath) &&
++ safecmp(data->CAfile, needle->CAfile) &&
++ safecmp(data->issuercert, needle->issuercert) &&
++ safecmp(data->clientcert, needle->clientcert) &&
++ safecmp(data->random_file, needle->random_file) &&
++ safecmp(data->egdsocket, needle->egdsocket) &&
+ Curl_safe_strcasecompare(data->cipher_list, needle->cipher_list) &&
+ Curl_safe_strcasecompare(data->cipher_list13, needle->cipher_list13) &&
+ Curl_safe_strcasecompare(data->curves, needle->curves) &&
+@@ -161,8 +173,10 @@ Curl_clone_primary_ssl_config(struct ssl_primary_config *source,
+ dest->sessionid = source->sessionid;
+
+ CLONE_BLOB(cert_blob);
++ CLONE_BLOB(issuercert_blob);
+ CLONE_STRING(CApath);
+ CLONE_STRING(CAfile);
++ CLONE_STRING(issuercert);
+ CLONE_STRING(clientcert);
+ CLONE_STRING(random_file);
+ CLONE_STRING(egdsocket);
+@@ -178,6 +192,7 @@ void Curl_free_primary_ssl_config(struct ssl_primary_config *sslc)
+ {
+ Curl_safefree(sslc->CApath);
+ Curl_safefree(sslc->CAfile);
++ Curl_safefree(sslc->issuercert);
+ Curl_safefree(sslc->clientcert);
+ Curl_safefree(sslc->random_file);
+ Curl_safefree(sslc->egdsocket);
+@@ -185,6 +200,7 @@ void Curl_free_primary_ssl_config(struct ssl_primary_config *sslc)
+ Curl_safefree(sslc->cipher_list13);
+ Curl_safefree(sslc->pinned_key);
+ Curl_safefree(sslc->cert_blob);
++ Curl_safefree(sslc->issuercert_blob);
+ Curl_safefree(sslc->curves);
+ }
+
+--
+2.31.1
+
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2021-22925.patch b/poky/meta/recipes-support/curl/curl/CVE-2021-22925.patch
new file mode 100644
index 0000000..e3009c9
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2021-22925.patch
@@ -0,0 +1,50 @@
+From 894f6ec730597eb243618d33cc84d71add8d6a8a Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Sat, 12 Jun 2021 18:25:15 +0200
+Subject: [PATCH] telnet: fix option parser to not send uninitialized contents
+
+CVE-2021-22925
+
+Reported-by: Red Hat Product Security
+Bug: https://curl.se/docs/CVE-2021-22925.html
+
+CVE: CVE-2021-22925
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/894f6ec730597eb243618d33cc84d71add8d6a8a]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/telnet.c | 17 +++++++++++------
+ 1 file changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/lib/telnet.c b/lib/telnet.c
+index 1d3024ec4..a81bb81c3 100644
+--- a/lib/telnet.c
++++ b/lib/telnet.c
+@@ -920,12 +920,17 @@ static void suboption(struct Curl_easy *data)
+ size_t tmplen = (strlen(v->data) + 1);
+ /* Add the variable only if it fits */
+ if(len + tmplen < (int)sizeof(temp)-6) {
+- if(sscanf(v->data, "%127[^,],%127s", varname, varval) == 2) {
+- msnprintf((char *)&temp[len], sizeof(temp) - len,
+- "%c%s%c%s", CURL_NEW_ENV_VAR, varname,
+- CURL_NEW_ENV_VALUE, varval);
+- len += tmplen;
+- }
++ int rv;
++ char sep[2] = "";
++ varval[0] = 0;
++ rv = sscanf(v->data, "%127[^,]%1[,]%127s", varname, sep, varval);
++ if(rv == 1)
++ len += msnprintf((char *)&temp[len], sizeof(temp) - len,
++ "%c%s", CURL_NEW_ENV_VAR, varname);
++ else if(rv >= 2)
++ len += msnprintf((char *)&temp[len], sizeof(temp) - len,
++ "%c%s%c%s", CURL_NEW_ENV_VAR, varname,
++ CURL_NEW_ENV_VALUE, varval);
+ }
+ }
+ msnprintf((char *)&temp[len], sizeof(temp) - len,
+--
+2.17.1
+
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2021-22926.patch b/poky/meta/recipes-support/curl/curl/CVE-2021-22926.patch
new file mode 100644
index 0000000..3a803bc
--- /dev/null
+++ b/poky/meta/recipes-support/curl/curl/CVE-2021-22926.patch
@@ -0,0 +1,79 @@
+From 6180ef7c19defa9f77ae166acb8b63ed98a9c09a Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 4 Aug 2021 03:05:45 +0000
+Subject: [PATCH] sectransp: check for client certs by name first, then file
+
+CVE-2021-22926
+
+Bug: https://curl.se/docs/CVE-2021-22926.html
+
+Assisted-by: Daniel Gustafsson
+Reported-by: Harry Sintonen
+
+CVE: CVE-2021-22926
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/fd9b40bf8dfd43edcbc0d254d613d95a11061c05]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/vtls/sectransp.c | 33 +++++++++++++++++++--------------
+ 1 file changed, 19 insertions(+), 14 deletions(-)
+
+diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
+index 37b41f8..f8effde 100644
+--- a/lib/vtls/sectransp.c
++++ b/lib/vtls/sectransp.c
+@@ -32,6 +32,7 @@
+ #include "curl_base64.h"
+ #include "strtok.h"
+ #include "multiif.h"
++#include "strcase.h"
+
+ #ifdef USE_SECTRANSP
+
+@@ -1648,24 +1649,28 @@ static CURLcode sectransp_connect_step1(struct Curl_easy *data,
+ bool is_cert_file = (!is_cert_data) && is_file(ssl_cert);
+ SecIdentityRef cert_and_key = NULL;
+
+- /* User wants to authenticate with a client cert. Look for it:
+- If we detect that this is a file on disk, then let's load it.
+- Otherwise, assume that the user wants to use an identity loaded
+- from the Keychain. */
+- if(is_cert_file || is_cert_data) {
++ /* User wants to authenticate with a client cert. Look for it. Assume that
++ the user wants to use an identity loaded from the Keychain. If not, try
++ it as a file on disk */
++
++ if(!is_cert_data)
++ err = CopyIdentityWithLabel(ssl_cert, &cert_and_key);
++ else
++ err = !noErr;
++ if((err != noErr) && (is_cert_file || is_cert_data)) {
+ if(!SSL_SET_OPTION(cert_type))
+- infof(data, "WARNING: SSL: Certificate type not set, assuming "
+- "PKCS#12 format.\n");
+- else if(strncmp(SSL_SET_OPTION(cert_type), "P12",
+- strlen(SSL_SET_OPTION(cert_type))) != 0)
+- infof(data, "WARNING: SSL: The Security framework only supports "
+- "loading identities that are in PKCS#12 format.\n");
++ infof(data, "SSL: Certificate type not set, assuming "
++ "PKCS#12 format.");
++ else if(!strcasecompare(SSL_SET_OPTION(cert_type), "P12")) {
++ failf(data, "SSL: The Security framework only supports "
++ "loading identities that are in PKCS#12 format.");
++ return CURLE_SSL_CERTPROBLEM;
++ }
+
+ err = CopyIdentityFromPKCS12File(ssl_cert, ssl_cert_blob,
+- SSL_SET_OPTION(key_passwd), &cert_and_key);
++ SSL_SET_OPTION(key_passwd),
++ &cert_and_key);
+ }
+- else
+- err = CopyIdentityWithLabel(ssl_cert, &cert_and_key);
+
+ if(err == noErr && cert_and_key) {
+ SecCertificateRef cert = NULL;
+--
+2.31.1
+
diff --git a/poky/meta/recipes-support/curl/curl_7.75.0.bb b/poky/meta/recipes-support/curl/curl_7.75.0.bb
index 42be2eb..d64e5e1 100644
--- a/poky/meta/recipes-support/curl/curl_7.75.0.bb
+++ b/poky/meta/recipes-support/curl/curl_7.75.0.bb
@@ -17,6 +17,10 @@
file://vtls-fix-warning.patch \
file://CVE-2021-22898.patch \
file://CVE-2021-22897.patch \
+ file://CVE-2021-22925.patch \
+ file://CVE-2021-22901.patch \
+ file://CVE-2021-22924.patch \
+ file://CVE-2021-22926.patch \
"
SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb316d026"
diff --git a/poky/meta/recipes-support/gnutls/gnutls_3.7.1.bb b/poky/meta/recipes-support/gnutls/gnutls_3.7.2.bb
similarity index 88%
rename from poky/meta/recipes-support/gnutls/gnutls_3.7.1.bb
rename to poky/meta/recipes-support/gnutls/gnutls_3.7.2.bb
index 51d472c..430d1f2 100644
--- a/poky/meta/recipes-support/gnutls/gnutls_3.7.1.bb
+++ b/poky/meta/recipes-support/gnutls/gnutls_3.7.2.bb
@@ -23,15 +23,15 @@
file://arm_eabi.patch \
"
-SRC_URI[sha256sum] = "3777d7963eca5e06eb315686163b7b3f5045e2baac5e54e038ace9835e5cac6f"
+SRC_URI[sha256sum] = "646e6c5a9a185faa4cea796d378a1ba8e1148dbb197ca6605f95986a25af2752"
inherit autotools texinfo pkgconfig gettext lib_package gtk-doc
-PACKAGECONFIG ??= "libidn"
+PACKAGECONFIG ??= "libidn ${@bb.utils.filter('DISTRO_FEATURES', 'seccomp', d)}"
# You must also have CONFIG_SECCOMP enabled in the kernel for
# seccomp to work.
-PACKAGECONFIG[seccomp] = "ac_cv_libseccomp=yes,ac_cv_libseccomp=no,libseccomp"
+PACKAGECONFIG[seccomp] = "--with-libseccomp-prefix=${STAGING_EXECPREFIXDIR},ac_cv_libseccomp=no,libseccomp"
PACKAGECONFIG[libidn] = "--with-idn,--without-idn,libidn2"
PACKAGECONFIG[libtasn1] = "--with-included-libtasn1=no,--with-included-libtasn1,libtasn1"
PACKAGECONFIG[p11-kit] = "--with-p11-kit,--without-p11-kit,p11-kit"
diff --git a/poky/meta/recipes-support/lzo/lzo_2.10.bb b/poky/meta/recipes-support/lzo/lzo_2.10.bb
index 85b14b3..f0c8631 100644
--- a/poky/meta/recipes-support/lzo/lzo_2.10.bb
+++ b/poky/meta/recipes-support/lzo/lzo_2.10.bb
@@ -18,6 +18,8 @@
inherit autotools ptest
+CVE_PRODUCT = "lzo oberhumer:lzo2"
+
EXTRA_OECONF = "--enable-shared"
do_install_ptest() {
diff --git a/poky/meta/recipes-support/nettle/nettle_3.7.2.bb b/poky/meta/recipes-support/nettle/nettle_3.7.3.bb
similarity index 95%
rename from poky/meta/recipes-support/nettle/nettle_3.7.2.bb
rename to poky/meta/recipes-support/nettle/nettle_3.7.3.bb
index f8f3360..031500d 100644
--- a/poky/meta/recipes-support/nettle/nettle_3.7.2.bb
+++ b/poky/meta/recipes-support/nettle/nettle_3.7.3.bb
@@ -24,7 +24,7 @@
file://dlopen-test.patch \
"
-SRC_URI[sha256sum] = "8d2a604ef1cde4cd5fb77e422531ea25ad064679ff0adf956e78b3352e0ef162"
+SRC_URI[sha256sum] = "661f5eb03f048a3b924c3a8ad2515d4068e40f67e774e8a26827658007e3bcf0"
UPSTREAM_CHECK_REGEX = "nettle-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/poky/scripts/lib/checklayer/__init__.py b/poky/scripts/lib/checklayer/__init__.py
index fe54560..e69a10f 100644
--- a/poky/scripts/lib/checklayer/__init__.py
+++ b/poky/scripts/lib/checklayer/__init__.py
@@ -146,7 +146,7 @@
return layers
-def _find_layer_depends(depend, layers):
+def _find_layer(depend, layers):
for layer in layers:
if 'collections' not in layer:
continue
@@ -156,7 +156,7 @@
return layer
return None
-def add_layer_dependencies(bblayersconf, layer, layers, logger):
+def get_layer_dependencies(layer, layers, logger):
def recurse_dependencies(depends, layer, layers, logger, ret = []):
logger.debug('Processing dependencies %s for layer %s.' % \
(depends, layer['name']))
@@ -166,7 +166,7 @@
if depend == 'core':
continue
- layer_depend = _find_layer_depends(depend, layers)
+ layer_depend = _find_layer(depend, layers)
if not layer_depend:
logger.error('Layer %s depends on %s and isn\'t found.' % \
(layer['name'], depend))
@@ -203,6 +203,11 @@
layer_depends = recurse_dependencies(depends, layer, layers, logger, layer_depends)
# Note: [] (empty) is allowed, None is not!
+ return layer_depends
+
+def add_layer_dependencies(bblayersconf, layer, layers, logger):
+
+ layer_depends = get_layer_dependencies(layer, layers, logger)
if layer_depends is None:
return False
else:
diff --git a/poky/scripts/lib/devtool/upgrade.py b/poky/scripts/lib/devtool/upgrade.py
index 4605355..834589f 100644
--- a/poky/scripts/lib/devtool/upgrade.py
+++ b/poky/scripts/lib/devtool/upgrade.py
@@ -520,6 +520,15 @@
else:
srctree = standard.get_default_srctree(config, pn)
+ # Check that recipe isn't using a shared workdir
+ s = os.path.abspath(rd.getVar('S'))
+ workdir = os.path.abspath(rd.getVar('WORKDIR'))
+ srctree_s = srctree
+ if s.startswith(workdir) and s != workdir and os.path.dirname(s) != workdir:
+ # Handle if S is set to a subdirectory of the source
+ srcsubdir = os.path.relpath(s, workdir).split(os.sep, 1)[1]
+ srctree_s = os.path.join(srctree, srcsubdir)
+
# try to automatically discover latest version and revision if not provided on command line
if not args.version and not args.srcrev:
version_info = oe.recipeutils.get_recipe_upstream_version(rd)
@@ -549,12 +558,12 @@
try:
logger.info('Extracting current version source...')
rev1, srcsubdir1 = standard._extract_source(srctree, False, 'devtool-orig', False, config, basepath, workspace, args.fixed_setup, rd, tinfoil, no_overrides=args.no_overrides)
- old_licenses = _extract_licenses(srctree, (rd.getVar('LIC_FILES_CHKSUM') or ""))
+ old_licenses = _extract_licenses(srctree_s, (rd.getVar('LIC_FILES_CHKSUM') or ""))
logger.info('Extracting upgraded version source...')
rev2, md5, sha256, srcbranch, srcsubdir2 = _extract_new_source(args.version, srctree, args.no_patch,
args.srcrev, args.srcbranch, args.branch, args.keep_temp,
tinfoil, rd)
- new_licenses = _extract_licenses(srctree, (rd.getVar('LIC_FILES_CHKSUM') or ""))
+ new_licenses = _extract_licenses(srctree_s, (rd.getVar('LIC_FILES_CHKSUM') or ""))
license_diff = _generate_license_diff(old_licenses, new_licenses)
rf, copied = _create_new_recipe(args.version, md5, sha256, args.srcrev, srcbranch, srcsubdir1, srcsubdir2, config.workspace_path, tinfoil, rd, license_diff, new_licenses, srctree, args.keep_failure)
except bb.process.CmdError as e:
@@ -563,7 +572,7 @@
_upgrade_error(e, rf, srctree, args.keep_failure)
standard._add_md5(config, pn, os.path.dirname(rf))
- af = _write_append(rf, srctree, args.same_dir, args.no_same_dir, rev2,
+ af = _write_append(rf, srctree_s, args.same_dir, args.no_same_dir, rev2,
copied, config.workspace_path, rd)
standard._add_md5(config, pn, af)
@@ -573,6 +582,9 @@
logger.info('New recipe is %s' % rf)
if license_diff:
logger.info('License checksums have been updated in the new recipe; please refer to it for the difference between the old and the new license texts.')
+ preferred_version = rd.getVar('PREFERRED_VERSION_%s' % rd.getVar('PN'))
+ if preferred_version:
+ logger.warning('Version is pinned to %s via PREFERRED_VERSION; it may need adjustment to match the new version before any further steps are taken' % preferred_version)
finally:
tinfoil.shutdown()
return 0
diff --git a/poky/scripts/lib/wic/canned-wks/common.wks.inc b/poky/scripts/lib/wic/canned-wks/common.wks.inc
index 4fd29fa..89880b4 100644
--- a/poky/scripts/lib/wic/canned-wks/common.wks.inc
+++ b/poky/scripts/lib/wic/canned-wks/common.wks.inc
@@ -1,3 +1,3 @@
# This file is included into 3 canned wks files from this directory
part /boot --source bootimg-pcbios --ondisk sda --label boot --active --align 1024
-part / --source rootfs --use-uuid --fstype=ext4 --mkfs-extraopts "-T default" --label platform --align 1024
+part / --source rootfs --use-uuid --fstype=ext4 --label platform --align 1024
diff --git a/poky/scripts/lib/wic/canned-wks/directdisk-gpt.wks b/poky/scripts/lib/wic/canned-wks/directdisk-gpt.wks
index cf16c0c..8d7d8de 100644
--- a/poky/scripts/lib/wic/canned-wks/directdisk-gpt.wks
+++ b/poky/scripts/lib/wic/canned-wks/directdisk-gpt.wks
@@ -4,7 +4,7 @@
part /boot --source bootimg-pcbios --ondisk sda --label boot --active --align 1024
-part / --source rootfs --ondisk sda --fstype=ext4 --mkfs-extraopts "-T default" --label platform --align 1024 --use-uuid
+part / --source rootfs --ondisk sda --fstype=ext4 --label platform --align 1024 --use-uuid
bootloader --ptable gpt --timeout=0 --append="rootwait rootfstype=ext4 video=vesafb vga=0x318 console=tty0 console=ttyS0,115200n8"
diff --git a/poky/scripts/lib/wic/canned-wks/mkefidisk.wks b/poky/scripts/lib/wic/canned-wks/mkefidisk.wks
index d1878e2..9f534fe 100644
--- a/poky/scripts/lib/wic/canned-wks/mkefidisk.wks
+++ b/poky/scripts/lib/wic/canned-wks/mkefidisk.wks
@@ -4,7 +4,7 @@
part /boot --source bootimg-efi --sourceparams="loader=grub-efi" --ondisk sda --label msdos --active --align 1024
-part / --source rootfs --ondisk sda --fstype=ext4 --mkfs-extraopts "-T default" --label platform --align 1024 --use-uuid
+part / --source rootfs --ondisk sda --fstype=ext4 --label platform --align 1024 --use-uuid
part swap --ondisk sda --size 44 --label swap1 --fstype=swap
diff --git a/poky/scripts/oe-setup-builddir b/poky/scripts/oe-setup-builddir
index 30eaa8e..5a51fa7 100755
--- a/poky/scripts/oe-setup-builddir
+++ b/poky/scripts/oe-setup-builddir
@@ -113,10 +113,10 @@
cat <<EOM
The Yocto Project has extensive documentation about OE including a reference
manual which can be found at:
- http://yoctoproject.org/documentation
+ https://docs.yoctoproject.org
For more information about OpenEmbedded see their website:
- http://www.openembedded.org/
+ https://www.openembedded.org/
EOM
# unset SHOWYPDOC
diff --git a/poky/scripts/runqemu b/poky/scripts/runqemu
index c985f4e..f3527a4 100755
--- a/poky/scripts/runqemu
+++ b/poky/scripts/runqemu
@@ -775,7 +775,7 @@
raise RunQemuError('BIOS not found: %s' % bios_match_name)
if not os.path.exists(self.bios):
- raise RunQemuError("KERNEL %s not found" % self.bios)
+ raise RunQemuError("BIOS %s not found" % self.bios)
def check_mem(self):
diff --git a/poky/scripts/yocto-check-layer b/poky/scripts/yocto-check-layer
index deba3cb..6975b09 100755
--- a/poky/scripts/yocto-check-layer
+++ b/poky/scripts/yocto-check-layer
@@ -24,7 +24,7 @@
scriptpath.add_oe_lib_path()
scriptpath.add_bitbake_lib_path()
-from checklayer import LayerType, detect_layers, add_layers, add_layer_dependencies, get_signatures, check_bblayers
+from checklayer import LayerType, detect_layers, add_layers, add_layer_dependencies, get_layer_dependencies, get_signatures, check_bblayers
from oeqa.utils.commands import get_bb_vars
PROGNAME = 'yocto-check-layer'
@@ -51,6 +51,8 @@
help='File to output log (optional)', action='store')
parser.add_argument('--dependency', nargs="+",
help='Layers to process for dependencies', action='store')
+ parser.add_argument('--no-auto-dependency', help='Disable automatic testing of dependencies',
+ action='store_true')
parser.add_argument('--machines', nargs="+",
help='List of MACHINEs to be used during testing', action='store')
parser.add_argument('--additional-layers', nargs="+",
@@ -121,6 +123,21 @@
if not layers:
return 1
+ # Find all dependencies, and get them checked too
+ if not args.no_auto_dependency:
+ depends = []
+ for layer in layers:
+ layer_depends = get_layer_dependencies(layer, dep_layers, logger)
+ if layer_depends:
+ for d in layer_depends:
+ if d not in depends:
+ depends.append(d)
+
+ for d in depends:
+ if d not in layers:
+ logger.info("Adding %s to the list of layers to test, as a dependency", d['name'])
+ layers.append(d)
+
shutil.copyfile(bblayersconf, bblayersconf + '.backup')
def cleanup_bblayers(signum, frame):
shutil.copyfile(bblayersconf + '.backup', bblayersconf)
@@ -160,9 +177,7 @@
if not add_layer_dependencies(bblayersconf, additional_layer, dep_layers, logger):
missing_dependencies = True
break
- if not add_layer_dependencies(bblayersconf, layer, dep_layers, logger) or \
- any(map(lambda additional_layer: not add_layer_dependencies(bblayersconf, additional_layer, dep_layers, logger),
- additional_layers)):
+ if missing_dependencies:
logger.info('Skipping %s due to missing dependencies.' % layer['name'])
results[layer['name']] = None
results_status[layer['name']] = 'SKIPPED (Missing dependencies)'