aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb (renamed from meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb)2
-rw-r--r--meta-oe/recipes-connectivity/krb5/krb5/CVE-2021-36222.patch121
-rw-r--r--meta-oe/recipes-connectivity/krb5/krb5_1.17.2.bb1
-rw-r--r--meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.3.6.bb (renamed from meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.3.5.bb)31
-rw-r--r--meta-oe/recipes-dbs/mysql/mariadb-native_10.5.12.bb (renamed from meta-oe/recipes-dbs/mysql/mariadb-native_10.5.11.bb)0
-rw-r--r--meta-oe/recipes-dbs/mysql/mariadb.inc2
-rw-r--r--meta-oe/recipes-dbs/mysql/mariadb/clang_version_header_conflict.patch4
-rw-r--r--meta-oe/recipes-dbs/mysql/mariadb_10.5.12.bb (renamed from meta-oe/recipes-dbs/mysql/mariadb_10.5.11.bb)0
-rw-r--r--meta-oe/recipes-devtools/cjson/cjson_1.7.15.bb (renamed from meta-oe/recipes-devtools/cjson/cjson_1.7.14.bb)2
-rw-r--r--meta-oe/recipes-extended/dlt-daemon/dlt-daemon/317.patch43
-rw-r--r--meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.7.bb (renamed from meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.6.bb)7
-rw-r--r--meta-oe/recipes-extended/redis/redis/CVE-2021-32761.patch257
-rw-r--r--meta-oe/recipes-extended/redis/redis_6.2.2.bb1
-rw-r--r--meta-oe/recipes-extended/socketcan/can-utils_git.bb5
-rw-r--r--meta-oe/recipes-kernel/crash/crash/0001-printk-add-support-for-lockless-ringbuffer.patch445
-rw-r--r--meta-oe/recipes-kernel/crash/crash/0002-printk-use-committed-finalized-state-values.patch103
-rw-r--r--meta-oe/recipes-kernel/crash/crash/donnot-extract-gdb-during-do-compile.patch19
-rw-r--r--meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch6
-rw-r--r--meta-oe/recipes-kernel/crash/crash_7.3.0.bb (renamed from meta-oe/recipes-kernel/crash/crash_7.2.9.bb)4
-rw-r--r--meta-oe/recipes-shells/dash/dash_0.5.11.5.bb (renamed from meta-oe/recipes-shells/dash/dash_0.5.11.3.bb)3
-rw-r--r--meta-oe/recipes-support/c-ares/c-ares/0001-CVE-2021-3672.patch91
-rw-r--r--meta-oe/recipes-support/c-ares/c-ares/0002-CVE-2021-3672.patch104
-rw-r--r--meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb2
-rw-r--r--meta-oe/recipes-support/dstat/dstat_0.7.4.bb2
-rw-r--r--meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/add__divmoddi4.patch36
-rw-r--r--meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb1
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2_2.4.49.bb (renamed from meta-webserver/recipes-httpd/apache2/apache2_2.4.48.bb)3
27 files changed, 667 insertions, 628 deletions
diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb
index 2e0fdae63..73ccfc5f3 100644
--- a/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb
+++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb
@@ -19,7 +19,7 @@ SRC_URI += " \
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
-SRC_URI[sha256sum] = "6c4cee51ef997cb9d9aaee84113525a5629157d3c743d7c4e320000de804a09d"
+SRC_URI[sha256sum] = "58a7fa8dfe2010a8c8b7dcf66438c653e6493d47eb936ba48ef49d4aa4dbd725"
PE = "1"
diff --git a/meta-oe/recipes-connectivity/krb5/krb5/CVE-2021-36222.patch b/meta-oe/recipes-connectivity/krb5/krb5/CVE-2021-36222.patch
new file mode 100644
index 000000000..fee6e64c1
--- /dev/null
+++ b/meta-oe/recipes-connectivity/krb5/krb5/CVE-2021-36222.patch
@@ -0,0 +1,121 @@
+From fc98f520caefff2e5ee9a0026fdf5109944b3562 Mon Sep 17 00:00:00 2001
+From: Joseph Sutton <josephsutton@catalyst.net.nz>
+Date: Wed, 7 Jul 2021 11:47:44 +1200
+Subject: [PATCH] Fix KDC null deref on bad encrypted challenge
+
+The function ec_verify() in src/kdc/kdc_preauth_ec.c contains a check
+to avoid further processing if the armor key is NULL. However, this
+check is bypassed by a call to k5memdup0() which overwrites retval
+with 0 if the allocation succeeds. If the armor key is NULL, a call
+to krb5_c_fx_cf2_simple() will then dereference it, resulting in a
+crash. Add a check before the k5memdup0() call to avoid overwriting
+retval.
+
+CVE-2021-36222:
+
+In MIT krb5 releases 1.16 and later, an unauthenticated attacker can
+cause a null dereference in the KDC by sending a request containing a
+PA-ENCRYPTED-CHALLENGE padata element without using FAST.
+
+[ghudson@mit.edu: trimmed patch; added test case; edited commit
+message]
+
+ticket: 9007 (new)
+tags: pullup
+target_version: 1.19-next
+target_version: 1.18-next
+
+CVE: CVE-2021-36222
+
+Upstream-Status: Backport
+[https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ src/kdc/kdc_preauth_ec.c | 3 ++-
+ src/tests/Makefile.in | 1 +
+ src/tests/t_cve-2021-36222.py | 46 +++++++++++++++++++++++++++++++++++
+ 3 files changed, 49 insertions(+), 1 deletion(-)
+ create mode 100644 src/tests/t_cve-2021-36222.py
+
+diff --git a/src/kdc/kdc_preauth_ec.c b/src/kdc/kdc_preauth_ec.c
+index 7e636b3f9..43a9902cc 100644
+--- a/src/kdc/kdc_preauth_ec.c
++++ b/src/kdc/kdc_preauth_ec.c
+@@ -87,7 +87,8 @@ ec_verify(krb5_context context, krb5_data *req_pkt, krb5_kdc_req *request,
+ }
+
+ /* Check for a configured FAST ec auth indicator. */
+- realmstr = k5memdup0(realm.data, realm.length, &retval);
++ if (retval == 0)
++ realmstr = k5memdup0(realm.data, realm.length, &retval);
+ if (realmstr != NULL)
+ retval = profile_get_string(context->profile, KRB5_CONF_REALMS,
+ realmstr,
+diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
+index fc6fcc0c3..1a1938306 100644
+--- a/src/tests/Makefile.in
++++ b/src/tests/Makefile.in
+@@ -166,6 +166,7 @@ check-pytests: unlockiter s4u2self
+ $(RUNPYTEST) $(srcdir)/t_cve-2012-1015.py $(PYTESTFLAGS)
+ $(RUNPYTEST) $(srcdir)/t_cve-2013-1416.py $(PYTESTFLAGS)
+ $(RUNPYTEST) $(srcdir)/t_cve-2013-1417.py $(PYTESTFLAGS)
++ $(RUNPYTEST) $(srcdir)/t_cve-2021-36222.py $(PYTESTFLAGS)
+ $(RM) au.log
+ $(RUNPYTEST) $(srcdir)/t_audit.py $(PYTESTFLAGS)
+ $(RUNPYTEST) $(srcdir)/jsonwalker.py -d $(srcdir)/au_dict.json \
+diff --git a/src/tests/t_cve-2021-36222.py b/src/tests/t_cve-2021-36222.py
+new file mode 100644
+index 000000000..57e04993b
+--- /dev/null
++++ b/src/tests/t_cve-2021-36222.py
+@@ -0,0 +1,46 @@
++import socket
++from k5test import *
++
++realm = K5Realm()
++
++# CVE-2021-36222 KDC null dereference on encrypted challenge preauth
++# without FAST
++
++s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
++a = (hostname, realm.portbase)
++
++m = ('6A81A0' '30819D' # [APPLICATION 10] SEQUENCE
++ 'A103' '0201' '05' # [1] pvno = 5
++ 'A203' '0201' '0A' # [2] msg-type = 10
++ 'A30E' '300C' # [3] padata = SEQUENCE OF
++ '300A' # SEQUENCE
++ 'A104' '0202' '008A' # [1] padata-type = PA-ENCRYPTED-CHALLENGE
++ 'A202' '0400' # [2] padata-value = ""
++ 'A48180' '307E' # [4] req-body = SEQUENCE
++ 'A007' '0305' '0000000000' # [0] kdc-options = 0
++ 'A120' '301E' # [1] cname = SEQUENCE
++ 'A003' '0201' '01' # [0] name-type = NT-PRINCIPAL
++ 'A117' '3015' # [1] name-string = SEQUENCE-OF
++ '1B06' '6B7262746774' # krbtgt
++ '1B0B' '4B5242544553542E434F4D'
++ # KRBTEST.COM
++ 'A20D' '1B0B' '4B5242544553542E434F4D'
++ # [2] realm = KRBTEST.COM
++ 'A320' '301E' # [3] sname = SEQUENCE
++ 'A003' '0201' '01' # [0] name-type = NT-PRINCIPAL
++ 'A117' '3015' # [1] name-string = SEQUENCE-OF
++ '1B06' '6B7262746774' # krbtgt
++ '1B0B' '4B5242544553542E434F4D'
++ # KRBTEST.COM
++ 'A511' '180F' '31393934303631303036303331375A'
++ # [5] till = 19940610060317Z
++ 'A703' '0201' '00' # [7] nonce = 0
++ 'A808' '3006' # [8] etype = SEQUENCE OF
++ '020112' '020111') # aes256-cts aes128-cts
++
++s.sendto(bytes.fromhex(m), a)
++
++# Make sure kinit still works.
++realm.kinit(realm.user_princ, password('user'))
++
++success('CVE-2021-36222 regression test')
+--
+2.25.1
+
diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.17.2.bb b/meta-oe/recipes-connectivity/krb5/krb5_1.17.2.bb
index 29bcb48b1..e6d9e3d62 100644
--- a/meta-oe/recipes-connectivity/krb5/krb5_1.17.2.bb
+++ b/meta-oe/recipes-connectivity/krb5/krb5_1.17.2.bb
@@ -30,6 +30,7 @@ SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}.tar.gz \
file://etc/default/krb5-admin-server \
file://krb5-kdc.service \
file://krb5-admin-server.service \
+ file://CVE-2021-36222.patch;striplevel=2 \
"
SRC_URI[md5sum] = "aa4337fffa3b61f22dbd0167f708818f"
SRC_URI[sha256sum] = "1a4bba94df92f6d39a197a10687653e8bfbc9a2076e129f6eb92766974f86134"
diff --git a/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.3.5.bb b/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.3.6.bb
index 0da9a26e8..498f33381 100644
--- a/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.3.5.bb
+++ b/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.3.6.bb
@@ -16,13 +16,9 @@ DEPENDS = " \
util-linux-libuuid \
"
-RDEPENDS_${PN} = " \
- libdevmapper \
-"
-
SRC_URI = "${KERNELORG_MIRROR}/linux/utils/${BPN}/v${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}/${BP}.tar.xz"
-SRC_URI[md5sum] = "408620e0df577ec04108ec0bc2b91dee"
-SRC_URI[sha256sum] = "ced9946f444d132536daf92fc8aca4277638a3c2d96e20540b2bae4d36fd70c1"
+SRC_URI[md5sum] = "504d1ab22cbc4d1a59a8d8c7ee5ed3bf"
+SRC_URI[sha256sum] = "b296b7a21ea576c2b180611ccb19d06aec8dddaedf7c704b0c6a81210c25635f"
inherit autotools gettext pkgconfig
@@ -54,7 +50,7 @@ PACKAGECONFIG[veritysetup] = "--enable-veritysetup,--disable-veritysetup"
PACKAGECONFIG[cryptsetup-reencrypt] = "--enable-cryptsetup-reencrypt,--disable-cryptsetup-reencrypt"
PACKAGECONFIG[integritysetup] = "--enable-integritysetup,--disable-integritysetup"
PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux"
-PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,,udev"
+PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,,udev lvm2-udevrules"
PACKAGECONFIG[kernel_crypto] = "--enable-kernel_crypto,--disable-kernel_crypto"
# gcrypt-pkbdf2 requries --with-crypto_backend=gcrypt or the flag isn't
# recognized.
@@ -71,14 +67,6 @@ PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel"
PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle"
PACKAGECONFIG[luks2] = "--with-default-luks-format=LUKS2,--with-default-luks-format=LUKS1"
-RRECOMMENDS_${PN} = "kernel-module-aes-generic \
- kernel-module-dm-crypt \
- kernel-module-md5 \
- kernel-module-cbc \
- kernel-module-sha256-generic \
- kernel-module-xts \
-"
-
EXTRA_OECONF = "--enable-static"
# Building without largefile is not supported by upstream
EXTRA_OECONF += "--enable-largefile"
@@ -89,4 +77,17 @@ EXTRA_OECONF += "--disable-libargon2"
FILES_${PN} += "${@bb.utils.contains('DISTRO_FEATURES','systemd','${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}"
+RDEPENDS_${PN} = " \
+ libdevmapper \
+"
+
+RRECOMMENDS_${PN}_class-target = " \
+ kernel-module-aes-generic \
+ kernel-module-dm-crypt \
+ kernel-module-md5 \
+ kernel-module-cbc \
+ kernel-module-sha256-generic \
+ kernel-module-xts \
+"
+
BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-oe/recipes-dbs/mysql/mariadb-native_10.5.11.bb b/meta-oe/recipes-dbs/mysql/mariadb-native_10.5.12.bb
index 73b2a0980..73b2a0980 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb-native_10.5.11.bb
+++ b/meta-oe/recipes-dbs/mysql/mariadb-native_10.5.12.bb
diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc
index 63ab94092..3ecb29256 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb.inc
+++ b/meta-oe/recipes-dbs/mysql/mariadb.inc
@@ -25,7 +25,7 @@ SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \
"
SRC_URI_append_libc-musl = " file://ppc-remove-glibc-dep.patch"
-SRC_URI[sha256sum] = "761053605fe30ce393f324852117990350840a93b3e6305ef4d2f8c8305cc47a"
+SRC_URI[sha256sum] = "ab4f1ca69a30c5372e191a68e8b543a74168327680fb1f4067e8cc0a5582e4bd"
UPSTREAM_CHECK_URI = "https://github.com/MariaDB/server/releases"
diff --git a/meta-oe/recipes-dbs/mysql/mariadb/clang_version_header_conflict.patch b/meta-oe/recipes-dbs/mysql/mariadb/clang_version_header_conflict.patch
index c77a86944..2b7afa34e 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb/clang_version_header_conflict.patch
+++ b/meta-oe/recipes-dbs/mysql/mariadb/clang_version_header_conflict.patch
@@ -15,7 +15,7 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com>
set(MRN_SOURCE_DIR ${CMAKE_SOURCE_DIR})
endif()
--file(READ ${MRN_SOURCE_DIR}/version MRN_VERSION)
+-file(READ ${MRN_SOURCE_DIR}/version_full MRN_VERSION)
+file(READ ${MRN_SOURCE_DIR}/ver MRN_VERSION)
file(READ ${MRN_SOURCE_DIR}/version_major MRN_VERSION_MAJOR)
file(READ ${MRN_SOURCE_DIR}/version_minor MRN_VERSION_MINOR)
@@ -25,7 +25,7 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com>
@@ -0,0 +1 @@
+7.07
\ No newline at end of file
---- a/storage/mroonga/version
+--- a/storage/mroonga/version_full
+++ /dev/null
@@ -1 +0,0 @@
-7.07
diff --git a/meta-oe/recipes-dbs/mysql/mariadb_10.5.11.bb b/meta-oe/recipes-dbs/mysql/mariadb_10.5.12.bb
index 57d7736ea..57d7736ea 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb_10.5.11.bb
+++ b/meta-oe/recipes-dbs/mysql/mariadb_10.5.12.bb
diff --git a/meta-oe/recipes-devtools/cjson/cjson_1.7.14.bb b/meta-oe/recipes-devtools/cjson/cjson_1.7.15.bb
index 0e33275e2..1a4e53d50 100644
--- a/meta-oe/recipes-devtools/cjson/cjson_1.7.14.bb
+++ b/meta-oe/recipes-devtools/cjson/cjson_1.7.15.bb
@@ -6,7 +6,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=218947f77e8cb8e2fa02918dc41c50d0"
SRC_URI = "git://github.com/DaveGamble/cJSON.git"
-SRCREV = "d2735278ed1c2e4556f53a7a782063b31331dbf7"
+SRCREV = "d348621ca93571343a56862df7de4ff3bc9b5667"
S = "${WORKDIR}/git"
diff --git a/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/317.patch b/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/317.patch
new file mode 100644
index 000000000..fe40334b6
--- /dev/null
+++ b/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/317.patch
@@ -0,0 +1,43 @@
+Origin: https://github.com/GENIVI/dlt-daemon/pull/317
+From 55d31216823841a1547fe261cdf8e3b1002d5f94 Mon Sep 17 00:00:00 2001
+From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
+Date: Thu, 1 Jul 2021 12:58:20 +0200
+Subject: [PATCH] dlt-control-common.c: Fix build failure due to out-of-bound
+ write -Werror=stringop-truncation
+
+cd /build/dlt-daemon-2.18.7/obj-x86_64-linux-gnu/src/console/logstorage && /usr/bin/cc -DCONFIGURATION_FILES_DIR=\"/etc\" -DDLT_DAEMON_USE_FIFO_IPC -DDLT_LIB_USE_FIFO_IPC -DDLT_NETWORK_TRACE_ENABLE -DDLT_SYSTEMD_ENABLE -DDLT_SYSTEMD_JOURNAL_ENABLE -DDLT_UNIT_TESTS -DDLT_USER_IPC_PATH=\"/tmp\" -DDLT_USE_IPv6 -DEXTENDED_FILTERING -D_GNU_SOURCE -I/build/dlt-daemon-2.18.7 -I/build/dlt-daemon-2.18.7/obj-x86_64-linux-gnu/include/dlt -I/build/dlt-daemon-2.18.7/include/dlt -I/build/dlt-daemon-2.18.7/src/shared -I/build/dlt-daemon-2.18.7/src/core_dump_handler -I/build/dlt-daemon-2.18.7/src/offlinelogstorage -I/build/dlt-daemon-2.18.7/src/lib -I/build/dlt-daemon-2.18.7/src/daemon -I/build/dlt-daemon-2.18.7/src/console -I/build/dlt-daemon-2.18.7/src/gateway -I/build/dlt-daemon-2.18.7/systemd/3rdparty -g -O2 -ffile-prefix-map=/build/dlt-daemon-2.18.7=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Werror -std=gnu99 -Wall -Wextra -Wno-variadic-macros -Wno-strict-aliasing -o CMakeFiles/dlt-logstorage-ctrl.dir/__/dlt-control-common.c.o -c /build/dlt-daemon-2.18.7/src/console/dlt-control-common.c
+make[3]: Leaving directory '/build/dlt-daemon-2.18.7/obj-x86_64-linux-gnu'
+In file included from /usr/include/string.h:495,
+ from /build/dlt-daemon-2.18.7/src/console/dlt-control-common.c:56:
+In function 'strncpy',
+ inlined from 'dlt_json_filter_load' at /build/dlt-daemon-2.18.7/src/console/dlt-control-common.c:716:13:
+/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 4 equals destination size [-Werror=stringop-truncation]
+ 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+In function 'strncpy',
+ inlined from 'dlt_json_filter_load' at /build/dlt-daemon-2.18.7/src/console/dlt-control-common.c:721:13:
+/usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 4 equals destination size [-Werror=stringop-truncation]
+ 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
+Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
+---
+ src/console/dlt-control-common.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/console/dlt-control-common.c b/src/console/dlt-control-common.c
+index 8a9d29f0..f58d8268 100644
+--- a/src/console/dlt-control-common.c
++++ b/src/console/dlt-control-common.c
+@@ -671,8 +671,8 @@ DltReturnValue dlt_json_filter_load(DltFilter *filter, const char *filename, int
+ struct json_object *j_payload_max;
+ enum json_tokener_error jerr;
+
+- char app_id[DLT_ID_SIZE] = "";
+- char context_id[DLT_ID_SIZE] = "";
++ char app_id[DLT_ID_SIZE + 1] = "";
++ char context_id[DLT_ID_SIZE + 1] = "";
+ int32_t log_level = 0;
+ int32_t payload_max = INT32_MAX;
+ int32_t payload_min = 0;
diff --git a/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.6.bb b/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.7.bb
index b3cfb4709..a16e810be 100644
--- a/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.6.bb
+++ b/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.7.bb
@@ -12,13 +12,14 @@ SECTION = "console/utils"
LICENSE = "MPLv2"
LIC_FILES_CHKSUM = "file://LICENSE;md5=8184208060df880fe3137b93eb88aeea"
-DEPENDS = "zlib gzip-native"
+DEPENDS = "zlib gzip-native json-c"
SRC_URI = "git://github.com/GENIVI/${BPN}.git;protocol=https \
file://0002-Don-t-execute-processes-as-a-specific-user.patch \
file://0004-Modify-systemd-config-directory.patch \
+ file://317.patch \
"
-SRCREV = "22715aeceaa81ace2c832312529bde3a42d0814f"
+SRCREV = "24d197214bfdcec7430d31b42e5c87df27287aaf"
S = "${WORKDIR}/git"
@@ -44,7 +45,7 @@ PACKAGECONFIG[dlt-console] = "-DWITH_DLT_CONSOLE=ON,-DWITH_DLT_CONSOLE=OFF,,dlt-
inherit autotools gettext cmake systemd
-EXTRA_OECMAKE += "-DSYSTEMD_UNITDIR=${systemd_system_unitdir}"
+EXTRA_OECMAKE += "-DWITH_EXTENDED_FILTERING=ON -DSYSTEMD_UNITDIR=${systemd_system_unitdir}"
PACKAGES += "${PN}-systemd"
SYSTEMD_PACKAGES = "${PN} ${PN}-systemd"
diff --git a/meta-oe/recipes-extended/redis/redis/CVE-2021-32761.patch b/meta-oe/recipes-extended/redis/redis/CVE-2021-32761.patch
new file mode 100644
index 000000000..14992b789
--- /dev/null
+++ b/meta-oe/recipes-extended/redis/redis/CVE-2021-32761.patch
@@ -0,0 +1,257 @@
+From 835d15b5360e277e6f95529c4d8685946a977ddd Mon Sep 17 00:00:00 2001
+From: Huang Zhw <huang_zhw@126.com>
+Date: Wed, 21 Jul 2021 21:25:19 +0800
+Subject: [PATCH 1/1] On 32 bit platform, the bit position of
+ GETBIT/SETBIT/BITFIELD/BITCOUNT,BITPOS may overflow (see CVE-2021-32761)
+ (#9191)
+
+GETBIT, SETBIT may access wrong address because of wrap.
+BITCOUNT and BITPOS may return wrapped results.
+BITFIELD may access the wrong address but also allocate insufficient memory and segfault (see CVE-2021-32761).
+
+This commit uses `uint64_t` or `long long` instead of `size_t`.
+related https://github.com/redis/redis/pull/8096
+
+At 32bit platform:
+> setbit bit 4294967295 1
+(integer) 0
+> config set proto-max-bulk-len 536870913
+OK
+> append bit "\xFF"
+(integer) 536870913
+> getbit bit 4294967296
+(integer) 0
+
+When the bit index is larger than 4294967295, size_t can't hold bit index. In the past, `proto-max-bulk-len` is limit to 536870912, so there is no problem.
+
+After this commit, bit position is stored in `uint64_t` or `long long`. So when `proto-max-bulk-len > 536870912`, 32bit platforms can still be correct.
+
+For 64bit platform, this problem still exists. The major reason is bit pos 8 times of byte pos. When proto-max-bulk-len is very larger, bit pos may overflow.
+But at 64bit platform, we don't have so long string. So this bug may never happen.
+
+Additionally this commit add a test cost `512MB` memory which is tag as `large-memory`. Make freebsd ci and valgrind ci ignore this test.
+
+(cherry picked from commit 71d452876ebf8456afaadd6b3c27988abadd1148)d
+---
+
+CVE: CVE-2021-32761
+
+Upstream-Status: Backport [835d15b5360e277e6f95529c4d8685946a977ddd]
+ https://github.com/redis/redis.git
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+---
+ .github/workflows/daily.yml | 6 +++---
+ src/bitops.c | 32 ++++++++++++++++----------------
+ src/server.h | 2 +-
+ tests/unit/bitops.tcl | 28 ++++++++++++++++++++++++++++
+ 4 files changed, 48 insertions(+), 20 deletions(-)
+
+diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml
+index 9e4630e29..432971a9d 100644
+--- a/.github/workflows/daily.yml
++++ b/.github/workflows/daily.yml
+@@ -151,7 +151,7 @@ jobs:
+ run: |
+ sudo apt-get update
+ sudo apt-get install tcl8.6 valgrind -y
+- ./runtest --valgrind --verbose --clients 1 --dump-logs
++ ./runtest --valgrind --verbose --clients 1 --tags -large-memory --dump-logs
+ - name: module api test
+ run: ./runtest-moduleapi --valgrind --no-latency --verbose --clients 1
+ - name: unittest
+@@ -171,7 +171,7 @@ jobs:
+ run: |
+ sudo apt-get update
+ sudo apt-get install tcl8.6 valgrind -y
+- ./runtest --valgrind --verbose --clients 1 --dump-logs
++ ./runtest --valgrind --verbose --clients 1 --tags -large-memory --dump-logs
+ - name: module api test
+ run: ./runtest-moduleapi --valgrind --no-latency --verbose --clients 1
+
+@@ -260,7 +260,7 @@ jobs:
+ prepare: pkg install -y bash gmake lang/tcl86
+ run: >
+ gmake &&
+- ./runtest --accurate --verbose --no-latency --dump-logs &&
++ ./runtest --accurate --verbose --no-latency --tags -large-memory --dump-logs &&
+ MAKE=gmake ./runtest-moduleapi --verbose &&
+ ./runtest-sentinel &&
+ ./runtest-cluster
+diff --git a/src/bitops.c b/src/bitops.c
+index afd79ad88..f1c563a41 100644
+--- a/src/bitops.c
++++ b/src/bitops.c
+@@ -37,8 +37,8 @@
+ /* Count number of bits set in the binary array pointed by 's' and long
+ * 'count' bytes. The implementation of this function is required to
+ * work with an input string length up to 512 MB or more (server.proto_max_bulk_len) */
+-size_t redisPopcount(void *s, long count) {
+- size_t bits = 0;
++long long redisPopcount(void *s, long count) {
++ long long bits = 0;
+ unsigned char *p = s;
+ uint32_t *p4;
+ static const unsigned char bitsinbyte[256] = {0,1,1,2,1,2,2,3,1,2,2,3,2,3,3,4,1,2,2,3,2,3,3,4,2,3,3,4,3,4,4,5,1,2,2,3,2,3,3,4,2,3,3,4,3,4,4,5,2,3,3,4,3,4,4,5,3,4,4,5,4,5,5,6,1,2,2,3,2,3,3,4,2,3,3,4,3,4,4,5,2,3,3,4,3,4,4,5,3,4,4,5,4,5,5,6,2,3,3,4,3,4,4,5,3,4,4,5,4,5,5,6,3,4,4,5,4,5,5,6,4,5,5,6,5,6,6,7,1,2,2,3,2,3,3,4,2,3,3,4,3,4,4,5,2,3,3,4,3,4,4,5,3,4,4,5,4,5,5,6,2,3,3,4,3,4,4,5,3,4,4,5,4,5,5,6,3,4,4,5,4,5,5,6,4,5,5,6,5,6,6,7,2,3,3,4,3,4,4,5,3,4,4,5,4,5,5,6,3,4,4,5,4,5,5,6,4,5,5,6,5,6,6,7,3,4,4,5,4,5,5,6,4,5,5,6,5,6,6,7,4,5,5,6,5,6,6,7,5,6,6,7,6,7,7,8};
+@@ -98,11 +98,11 @@ size_t redisPopcount(void *s, long count) {
+ * no zero bit is found, it returns count*8 assuming the string is zero
+ * padded on the right. However if 'bit' is 1 it is possible that there is
+ * not a single set bit in the bitmap. In this special case -1 is returned. */
+-long redisBitpos(void *s, unsigned long count, int bit) {
++long long redisBitpos(void *s, unsigned long count, int bit) {
+ unsigned long *l;
+ unsigned char *c;
+ unsigned long skipval, word = 0, one;
+- long pos = 0; /* Position of bit, to return to the caller. */
++ long long pos = 0; /* Position of bit, to return to the caller. */
+ unsigned long j;
+ int found;
+
+@@ -410,7 +410,7 @@ void printBits(unsigned char *p, unsigned long count) {
+ * If the 'hash' argument is true, and 'bits is positive, then the command
+ * will also parse bit offsets prefixed by "#". In such a case the offset
+ * is multiplied by 'bits'. This is useful for the BITFIELD command. */
+-int getBitOffsetFromArgument(client *c, robj *o, size_t *offset, int hash, int bits) {
++int getBitOffsetFromArgument(client *c, robj *o, uint64_t *offset, int hash, int bits) {
+ long long loffset;
+ char *err = "bit offset is not an integer or out of range";
+ char *p = o->ptr;
+@@ -435,7 +435,7 @@ int getBitOffsetFromArgument(client *c, robj *o, size_t *offset, int hash, int b
+ return C_ERR;
+ }
+
+- *offset = (size_t)loffset;
++ *offset = loffset;
+ return C_OK;
+ }
+
+@@ -477,7 +477,7 @@ int getBitfieldTypeFromArgument(client *c, robj *o, int *sign, int *bits) {
+ * so that the 'maxbit' bit can be addressed. The object is finally
+ * returned. Otherwise if the key holds a wrong type NULL is returned and
+ * an error is sent to the client. */
+-robj *lookupStringForBitCommand(client *c, size_t maxbit) {
++robj *lookupStringForBitCommand(client *c, uint64_t maxbit) {
+ size_t byte = maxbit >> 3;
+ robj *o = lookupKeyWrite(c->db,c->argv[1]);
+ if (checkType(c,o,OBJ_STRING)) return NULL;
+@@ -527,7 +527,7 @@ unsigned char *getObjectReadOnlyString(robj *o, long *len, char *llbuf) {
+ void setbitCommand(client *c) {
+ robj *o;
+ char *err = "bit is not an integer or out of range";
+- size_t bitoffset;
++ uint64_t bitoffset;
+ ssize_t byte, bit;
+ int byteval, bitval;
+ long on;
+@@ -566,7 +566,7 @@ void setbitCommand(client *c) {
+ void getbitCommand(client *c) {
+ robj *o;
+ char llbuf[32];
+- size_t bitoffset;
++ uint64_t bitoffset;
+ size_t byte, bit;
+ size_t bitval = 0;
+
+@@ -888,7 +888,7 @@ void bitposCommand(client *c) {
+ addReplyLongLong(c, -1);
+ } else {
+ long bytes = end-start+1;
+- long pos = redisBitpos(p+start,bytes,bit);
++ long long pos = redisBitpos(p+start,bytes,bit);
+
+ /* If we are looking for clear bits, and the user specified an exact
+ * range with start-end, we can't consider the right of the range as
+@@ -897,11 +897,11 @@ void bitposCommand(client *c) {
+ * So if redisBitpos() returns the first bit outside the range,
+ * we return -1 to the caller, to mean, in the specified range there
+ * is not a single "0" bit. */
+- if (end_given && bit == 0 && pos == bytes*8) {
++ if (end_given && bit == 0 && pos == (long long)bytes<<3) {
+ addReplyLongLong(c,-1);
+ return;
+ }
+- if (pos != -1) pos += start*8; /* Adjust for the bytes we skipped. */
++ if (pos != -1) pos += (long long)start<<3; /* Adjust for the bytes we skipped. */
+ addReplyLongLong(c,pos);
+ }
+ }
+@@ -933,12 +933,12 @@ struct bitfieldOp {
+ * GET subcommand is allowed, other subcommands will return an error. */
+ void bitfieldGeneric(client *c, int flags) {
+ robj *o;
+- size_t bitoffset;
++ uint64_t bitoffset;
+ int j, numops = 0, changes = 0;
+ struct bitfieldOp *ops = NULL; /* Array of ops to execute at end. */
+ int owtype = BFOVERFLOW_WRAP; /* Overflow type. */
+ int readonly = 1;
+- size_t highest_write_offset = 0;
++ uint64_t highest_write_offset = 0;
+
+ for (j = 2; j < c->argc; j++) {
+ int remargs = c->argc-j-1; /* Remaining args other than current. */
+@@ -1128,9 +1128,9 @@ void bitfieldGeneric(client *c, int flags) {
+ * object boundaries. */
+ memset(buf,0,9);
+ int i;
+- size_t byte = thisop->offset >> 3;
++ uint64_t byte = thisop->offset >> 3;
+ for (i = 0; i < 9; i++) {
+- if (src == NULL || i+byte >= (size_t)strlen) break;
++ if (src == NULL || i+byte >= (uint64_t)strlen) break;
+ buf[i] = src[i+byte];
+ }
+
+diff --git a/src/server.h b/src/server.h
+index 67541fe60..caf9df31c 100644
+--- a/src/server.h
++++ b/src/server.h
+@@ -1795,7 +1795,7 @@ void getRandomHexChars(char *p, size_t len);
+ void getRandomBytes(unsigned char *p, size_t len);
+ uint64_t crc64(uint64_t crc, const unsigned char *s, uint64_t l);
+ void exitFromChild(int retcode);
+-size_t redisPopcount(void *s, long count);
++long long redisPopcount(void *s, long count);
+ int redisSetProcTitle(char *title);
+ int validateProcTitleTemplate(const char *template);
+ int redisCommunicateSystemd(const char *sd_notify_msg);
+diff --git a/tests/unit/bitops.tcl b/tests/unit/bitops.tcl
+index 926f38295..534832974 100644
+--- a/tests/unit/bitops.tcl
++++ b/tests/unit/bitops.tcl
+@@ -349,3 +349,31 @@ start_server {tags {"bitops"}} {
+ }
+ }
+ }
++
++start_server {tags {"bitops large-memory"}} {
++ test "BIT pos larger than UINT_MAX" {
++ set bytes [expr (1 << 29) + 1]
++ set bitpos [expr (1 << 32)]
++ set oldval [lindex [r config get proto-max-bulk-len] 1]
++ r config set proto-max-bulk-len $bytes
++ r setbit mykey $bitpos 1
++ assert_equal $bytes [r strlen mykey]
++ assert_equal 1 [r getbit mykey $bitpos]
++ assert_equal [list 128 128 -1] [r bitfield mykey get u8 $bitpos set u8 $bitpos 255 get i8 $bitpos]
++ assert_equal $bitpos [r bitpos mykey 1]
++ assert_equal $bitpos [r bitpos mykey 1 [expr $bytes - 1]]
++ if {$::accurate} {
++ # set all bits to 1
++ set mega [expr (1 << 23)]
++ set part [string repeat "\xFF" $mega]
++ for {set i 0} {$i < 64} {incr i} {
++ r setrange mykey [expr $i * $mega] $part
++ }
++ r setrange mykey [expr $bytes - 1] "\xFF"
++ assert_equal [expr $bitpos + 8] [r bitcount mykey]
++ assert_equal -1 [r bitpos mykey 0 0 [expr $bytes - 1]]
++ }
++ r config set proto-max-bulk-len $oldval
++ r del mykey
++ } {1}
++}
+--
+2.24.1
+
diff --git a/meta-oe/recipes-extended/redis/redis_6.2.2.bb b/meta-oe/recipes-extended/redis/redis_6.2.2.bb
index a9e6eaffa..ad675e9e0 100644
--- a/meta-oe/recipes-extended/redis/redis_6.2.2.bb
+++ b/meta-oe/recipes-extended/redis/redis_6.2.2.bb
@@ -19,6 +19,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
file://fix-CVE-2021-29477.patch \
file://fix-CVE-2021-29478.patch \
file://fix-CVE-2021-32625.patch \
+ file://CVE-2021-32761.patch \
"
SRC_URI[sha256sum] = "7a260bb74860f1b88c3d5942bf8ba60ca59f121c6dce42d3017bed6add0b9535"
diff --git a/meta-oe/recipes-extended/socketcan/can-utils_git.bb b/meta-oe/recipes-extended/socketcan/can-utils_git.bb
index 3b2b6a9da..78caa5be2 100644
--- a/meta-oe/recipes-extended/socketcan/can-utils_git.bb
+++ b/meta-oe/recipes-extended/socketcan/can-utils_git.bb
@@ -45,3 +45,8 @@ ALTERNATIVE_${PN} = "candump cansend cansequence"
ALTERNATIVE_LINK_NAME[candump] = "${bindir}/candump"
ALTERNATIVE_LINK_NAME[cansend] = "${bindir}/cansend"
ALTERNATIVE_LINK_NAME[cansequence] = "${bindir}/cansequence"
+
+# busybox ip fails to configure can interfaces, so we need iproute2 to do so.
+# See details in http://www.armadeus.com/wiki/index.php?title=CAN_bus_Linux_driver.
+RRECOMMENDS:${PN} += "iproute2"
+
diff --git a/meta-oe/recipes-kernel/crash/crash/0001-printk-add-support-for-lockless-ringbuffer.patch b/meta-oe/recipes-kernel/crash/crash/0001-printk-add-support-for-lockless-ringbuffer.patch
deleted file mode 100644
index 1aaf1e6b0..000000000
--- a/meta-oe/recipes-kernel/crash/crash/0001-printk-add-support-for-lockless-ringbuffer.patch
+++ /dev/null
@@ -1,445 +0,0 @@
-From a5531b24750e7949c35640d996ea14c0587938bc Mon Sep 17 00:00:00 2001
-From: John Ogness <john.ogness@linutronix.de>
-Date: Fri, 20 Nov 2020 05:56:59 +0000
-Subject: [PATCH 1/2] printk: add support for lockless ringbuffer
-
-Linux 5.10 introduces a new lockless ringbuffer. The new ringbuffer
-is structured completely different to the previous iterations.
-Add support for dumping the ringbuffer with the "log" command.
-The new ringbuffer is detected based on the availability of
-the "prb" symbol.
-
-Upstream-Status: Backport [https://github.com/crash-utility/crash/commit/a5531b24750e7949c35640d996ea14c0587938bc]
-
-Signed-off-by: John Ogness <john.ogness@linutronix.de>
-Signed-off-by: Kazuhito Hagio <k-hagio-ab@nec.com>
-Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
----
- Makefile | 5 ++
- defs.h | 30 +++++++
- kernel.c | 7 +-
- printk.c | 256 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
- symbols.c | 27 ++++++
- 5 files changed, 324 insertions(+), 1 deletion(-)
- create mode 100644 printk.c
-
-diff --git a/Makefile b/Makefile
-index d185719..f66eba7 100644
---- a/Makefile
-+++ b/Makefile
-@@ -61,6 +61,7 @@ VMWARE_HFILES=vmware_vmss.h
-
- CFILES=main.c tools.c global_data.c memory.c filesys.c help.c task.c \
- kernel.c test.c gdb_interface.c configure.c net.c dev.c bpf.c \
-+ printk.c \
- alpha.c x86.c ppc.c ia64.c s390.c s390x.c s390dbf.c ppc64.c x86_64.c \
- arm.c arm64.c mips.c sparc64.c \
- extensions.c remote.c va_server.c va_server_v1.c symbols.c cmdline.c \
-@@ -80,6 +81,7 @@ SOURCE_FILES=${CFILES} ${GENERIC_HFILES} ${MCORE_HFILES} \
-
- OBJECT_FILES=main.o tools.o global_data.o memory.o filesys.o help.o task.o \
- build_data.o kernel.o test.o gdb_interface.o net.o dev.o bpf.o \
-+ printk.o \
- alpha.o x86.o ppc.o ia64.o s390.o s390x.o s390dbf.o ppc64.o x86_64.o \
- arm.o arm64.o mips.o sparc64.o \
- extensions.o remote.o va_server.o va_server_v1.o symbols.o cmdline.o \
-@@ -363,6 +365,9 @@ task.o: ${GENERIC_HFILES} task.c
- kernel.o: ${GENERIC_HFILES} kernel.c
- ${CC} -c ${CRASH_CFLAGS} kernel.c ${WARNING_OPTIONS} ${WARNING_ERROR}
-
-+printk.o: ${GENERIC_HFILES} printk.c
-+ ${CC} -c ${CRASH_CFLAGS} printk.c ${WARNING_OPTIONS} ${WARNING_ERROR}
-+
- gdb_interface.o: ${GENERIC_HFILES} gdb_interface.c
- ${CC} -c ${CRASH_CFLAGS} gdb_interface.c ${WARNING_OPTIONS} ${WARNING_ERROR}
-
-diff --git a/defs.h b/defs.h
-index 9594950..e1a18e9 100644
---- a/defs.h
-+++ b/defs.h
-@@ -2106,6 +2106,28 @@ struct offset_table { /* stash of commonly-used offsets */
- long irq_common_data_affinity;
- long irq_desc_irq_common_data;
- long uts_namespace_name;
-+ long printk_info_seq;
-+ long printk_info_ts_nsec;
-+ long printk_info_text_len;
-+ long printk_info_level;
-+ long printk_info_caller_id;
-+ long printk_info_dev_info;
-+ long dev_printk_info_subsystem;
-+ long dev_printk_info_device;
-+ long prb_desc_ring;
-+ long prb_text_data_ring;
-+ long prb_desc_ring_count_bits;
-+ long prb_desc_ring_descs;
-+ long prb_desc_ring_infos;
-+ long prb_desc_ring_head_id;
-+ long prb_desc_ring_tail_id;
-+ long prb_desc_state_var;
-+ long prb_desc_text_blk_lpos;
-+ long prb_data_blk_lpos_begin;
-+ long prb_data_blk_lpos_next;
-+ long prb_data_ring_size_bits;
-+ long prb_data_ring_data;
-+ long atomic_long_t_counter;
- };
-
- struct size_table { /* stash of commonly-used sizes */
-@@ -2265,6 +2287,9 @@ struct size_table { /* stash of commonly-used sizes */
- long xa_node;
- long zram_table_entry;
- long irq_common_data;
-+ long printk_info;
-+ long printk_ringbuffer;
-+ long prb_desc;
- };
-
- struct array_table {
-@@ -6696,6 +6721,11 @@ int vmware_guestdump_memory_dump(FILE *);
- */
- int calc_kaslr_offset(ulong *, ulong *);
-
-+/*
-+ * printk.c
-+ */
-+void dump_lockless_record_log(int);
-+
- /*
- * gnu_binutils.c
- */
-diff --git a/kernel.c b/kernel.c
-index 9871637..e722ff9 100644
---- a/kernel.c
-+++ b/kernel.c
-@@ -5042,6 +5042,11 @@ dump_log(int msg_flags)
- struct syment *nsp;
- int log_wrap, loglevel, log_buf_len;
-
-+ if (kernel_symbol_exists("prb")) {
-+ dump_lockless_record_log(msg_flags);
-+ return;
-+ }
-+
- if (kernel_symbol_exists("log_first_idx") &&
- kernel_symbol_exists("log_next_idx")) {
- dump_variable_length_record_log(msg_flags);
-@@ -5289,7 +5294,7 @@ dump_log_entry(char *logptr, int msg_flags)
- }
-
- /*
-- * Handle the new variable-length-record log_buf.
-+ * Handle the variable-length-record log_buf.
- */
- static void
- dump_variable_length_record_log(int msg_flags)
-diff --git a/printk.c b/printk.c
-new file mode 100644
-index 0000000..f6d54ce
---- /dev/null
-+++ b/printk.c
-@@ -0,0 +1,256 @@
-+#include "defs.h"
-+#include <ctype.h>
-+
-+#define DESC_SV_BITS (sizeof(unsigned long) * 8)
-+#define DESC_COMMITTED_MASK (1UL << (DESC_SV_BITS - 1))
-+#define DESC_REUSE_MASK (1UL << (DESC_SV_BITS - 2))
-+#define DESC_FLAGS_MASK (DESC_COMMITTED_MASK | DESC_REUSE_MASK)
-+#define DESC_ID_MASK (~DESC_FLAGS_MASK)
-+
-+/* convenience struct for passing many values to helper functions */
-+struct prb_map {
-+ char *prb;
-+
-+ char *desc_ring;
-+ unsigned long desc_ring_count;
-+ char *descs;
-+ char *infos;
-+
-+ char *text_data_ring;
-+ unsigned long text_data_ring_size;
-+ char *text_data;
-+};
-+
-+static void
-+init_offsets(void)
-+{
-+ char *n;
-+
-+ n = "printk_info";
-+ STRUCT_SIZE_INIT(printk_info, n);
-+ MEMBER_OFFSET_INIT(printk_info_seq, n, "seq");
-+ MEMBER_OFFSET_INIT(printk_info_ts_nsec, n, "ts_nsec");
-+ MEMBER_OFFSET_INIT(printk_info_text_len, n, "text_len");
-+ MEMBER_OFFSET_INIT(printk_info_level, n, "level");
-+ MEMBER_OFFSET_INIT(printk_info_caller_id, n, "caller_id");
-+ MEMBER_OFFSET_INIT(printk_info_dev_info, n, "dev_info");
-+
-+ n = "dev_printk_info";
-+ MEMBER_OFFSET_INIT(dev_printk_info_subsystem, n, "subsystem");
-+ MEMBER_OFFSET_INIT(dev_printk_info_device, n, "device");
-+
-+ n = "printk_ringbuffer";
-+ STRUCT_SIZE_INIT(printk_ringbuffer, n);
-+ MEMBER_OFFSET_INIT(prb_desc_ring, n, "desc_ring");
-+ MEMBER_OFFSET_INIT(prb_text_data_ring, n, "text_data_ring");
-+
-+ n = "prb_desc_ring";
-+ MEMBER_OFFSET_INIT(prb_desc_ring_count_bits, n, "count_bits");
-+ MEMBER_OFFSET_INIT(prb_desc_ring_descs, n, "descs");
-+ MEMBER_OFFSET_INIT(prb_desc_ring_infos, n, "infos");
-+ MEMBER_OFFSET_INIT(prb_desc_ring_head_id, n, "head_id");
-+ MEMBER_OFFSET_INIT(prb_desc_ring_tail_id, n, "tail_id");
-+
-+ n = "prb_desc";
-+ STRUCT_SIZE_INIT(prb_desc, n);
-+ MEMBER_OFFSET_INIT(prb_desc_state_var, n, "state_var");
-+ MEMBER_OFFSET_INIT(prb_desc_text_blk_lpos, n, "text_blk_lpos");
-+
-+ n = "prb_data_blk_lpos";
-+ MEMBER_OFFSET_INIT(prb_data_blk_lpos_begin, n, "begin");
-+ MEMBER_OFFSET_INIT(prb_data_blk_lpos_next, n, "next");
-+
-+ n = "prb_data_ring";
-+ MEMBER_OFFSET_INIT(prb_data_ring_size_bits, n, "size_bits");
-+ MEMBER_OFFSET_INIT(prb_data_ring_data, n, "data");
-+
-+ n = "atomic_long_t";
-+ MEMBER_OFFSET_INIT(atomic_long_t_counter, n, "counter");
-+}
-+
-+static void
-+dump_record(struct prb_map *m, unsigned long id, int msg_flags)
-+{
-+ unsigned short text_len;
-+ unsigned long state_var;
-+ unsigned int caller_id;
-+ unsigned char level;
-+ unsigned long begin;
-+ unsigned long next;
-+ char buf[BUFSIZE];
-+ uint64_t ts_nsec;
-+ ulonglong nanos;
-+ ulonglong seq;
-+ int ilen = 0, i;
-+ char *desc, *info, *text, *p;
-+ ulong rem;
-+
-+ desc = m->descs + ((id % m->desc_ring_count) * SIZE(prb_desc));
-+
-+ /* skip non-committed record */
-+ state_var = ULONG(desc + OFFSET(prb_desc_state_var) +
-+ OFFSET(atomic_long_t_counter));
-+ if ((state_var & DESC_FLAGS_MASK) != DESC_COMMITTED_MASK)
-+ return;
-+
-+ info = m->infos + ((id % m->desc_ring_count) * SIZE(printk_info));
-+
-+ seq = ULONGLONG(info + OFFSET(printk_info_seq));
-+ caller_id = UINT(info + OFFSET(printk_info_caller_id));
-+ if (CRASHDEBUG(1))
-+ fprintf(fp, "seq: %llu caller_id: %x (%s: %u)\n", seq, caller_id,
-+ caller_id & 0x80000000 ? "cpu" : "pid", caller_id & ~0x80000000);
-+
-+ text_len = USHORT(info + OFFSET(printk_info_text_len));
-+
-+ begin = ULONG(desc + OFFSET(prb_desc_text_blk_lpos) +
-+ OFFSET(prb_data_blk_lpos_begin)) %
-+ m->text_data_ring_size;
-+ next = ULONG(desc + OFFSET(prb_desc_text_blk_lpos) +
-+ OFFSET(prb_data_blk_lpos_next)) %
-+ m->text_data_ring_size;
-+
-+ /* skip data-less text blocks */
-+ if (begin == next)
-+ goto out;
-+
-+ if ((msg_flags & SHOW_LOG_TEXT) == 0) {
-+ ts_nsec = ULONGLONG(info + OFFSET(printk_info_ts_nsec));
-+ nanos = (ulonglong)ts_nsec / (ulonglong)1000000000;
-+ rem = (ulonglong)ts_nsec % (ulonglong)1000000000;
-+ if (msg_flags & SHOW_LOG_CTIME) {
-+ time_t t = kt->boot_date.tv_sec + nanos;
-+ sprintf(buf, "[%s] ", ctime_tz(&t));
-+ } else
-+ sprintf(buf, "[%5lld.%06ld] ", nanos, rem/1000);
-+
-+ ilen += strlen(buf);
-+ fprintf(fp, "%s", buf);
-+ }
-+
-+ if (msg_flags & SHOW_LOG_LEVEL) {
-+ level = UCHAR(info + OFFSET(printk_info_level)) >> 5;
-+ sprintf(buf, "<%x>", level);
-+ ilen += strlen(buf);
-+ fprintf(fp, "%s", buf);
-+ }
-+
-+ /* handle wrapping data block */
-+ if (begin > next)
-+ begin = 0;
-+
-+ /* skip over descriptor ID */
-+ begin += sizeof(unsigned long);
-+
-+ /* handle truncated messages */
-+ if (next - begin < text_len)
-+ text_len = next - begin;
-+
-+ text = m->text_data + begin;
-+
-+ for (i = 0, p = text; i < text_len; i++, p++) {
-+ if (*p == '\n')
-+ fprintf(fp, "\n%s", space(ilen));
-+ else if (isprint(*p) || isspace(*p))
-+ fputc(*p, fp);
-+ else
-+ fputc('.', fp);
-+ }
-+
-+ if (msg_flags & SHOW_LOG_DICT) {
-+ text = info + OFFSET(printk_info_dev_info) +
-+ OFFSET(dev_printk_info_subsystem);
-+ if (strlen(text))
-+ fprintf(fp, "\n%sSUBSYSTEM=%s", space(ilen), text);
-+
-+ text = info + OFFSET(printk_info_dev_info) +
-+ OFFSET(dev_printk_info_device);
-+ if (strlen(text))
-+ fprintf(fp, "\n%sDEVICE=%s", space(ilen), text);
-+ }
-+out:
-+ fprintf(fp, "\n");
-+}
-+
-+/*
-+ * Handle the lockless printk_ringbuffer.
-+ */
-+void
-+dump_lockless_record_log(int msg_flags)
-+{
-+ unsigned long head_id;
-+ unsigned long tail_id;
-+ unsigned long kaddr;
-+ unsigned long id;
-+ struct prb_map m;
-+
-+ if (INVALID_SIZE(printk_info))
-+ init_offsets();
-+
-+ /* setup printk_ringbuffer */
-+ get_symbol_data("prb", sizeof(char *), &kaddr);
-+ m.prb = GETBUF(SIZE(printk_ringbuffer));
-+ if (!readmem(kaddr, KVADDR, m.prb, SIZE(printk_ringbuffer),
-+ "printk_ringbuffer contents", RETURN_ON_ERROR|QUIET)) {
-+ error(WARNING, "\ncannot read printk_ringbuffer contents\n");
-+ goto out_prb;
-+ }
-+
-+ /* setup descriptor ring */
-+ m.desc_ring = m.prb + OFFSET(prb_desc_ring);
-+ m.desc_ring_count = 1 << UINT(m.desc_ring + OFFSET(prb_desc_ring_count_bits));
-+
-+ kaddr = ULONG(m.desc_ring + OFFSET(prb_desc_ring_descs));
-+ m.descs = GETBUF(SIZE(prb_desc) * m.desc_ring_count);
-+ if (!readmem(kaddr, KVADDR, m.descs, SIZE(prb_desc) * m.desc_ring_count,
-+ "prb_desc_ring contents", RETURN_ON_ERROR|QUIET)) {
-+ error(WARNING, "\ncannot read prb_desc_ring contents\n");
-+ goto out_descs;
-+ }
-+
-+ kaddr = ULONG(m.desc_ring + OFFSET(prb_desc_ring_infos));
-+ m.infos = GETBUF(SIZE(printk_info) * m.desc_ring_count);
-+ if (!readmem(kaddr, KVADDR, m.infos, SIZE(printk_info) * m.desc_ring_count,
-+ "prb_info_ring contents", RETURN_ON_ERROR|QUIET)) {
-+ error(WARNING, "\ncannot read prb_info_ring contents\n");
-+ goto out_infos;
-+ }
-+
-+ /* setup text data ring */
-+ m.text_data_ring = m.prb + OFFSET(prb_text_data_ring);
-+ m.text_data_ring_size = 1 << UINT(m.text_data_ring + OFFSET(prb_data_ring_size_bits));
-+
-+ kaddr = ULONG(m.text_data_ring + OFFSET(prb_data_ring_data));
-+ m.text_data = GETBUF(m.text_data_ring_size);
-+ if (!readmem(kaddr, KVADDR, m.text_data, m.text_data_ring_size,
-+ "prb_text_data_ring contents", RETURN_ON_ERROR|QUIET)) {
-+ error(WARNING, "\ncannot read prb_text_data_ring contents\n");
-+ goto out_text_data;
-+ }
-+
-+ /* ready to go */
-+
-+ tail_id = ULONG(m.desc_ring + OFFSET(prb_desc_ring_tail_id) +
-+ OFFSET(atomic_long_t_counter));
-+ head_id = ULONG(m.desc_ring + OFFSET(prb_desc_ring_head_id) +
-+ OFFSET(atomic_long_t_counter));
-+
-+ hq_open();
-+
-+ for (id = tail_id; id != head_id; id = (id + 1) & DESC_ID_MASK)
-+ dump_record(&m, id, msg_flags);
-+
-+ /* dump head record */
-+ dump_record(&m, id, msg_flags);
-+
-+ hq_close();
-+
-+out_text_data:
-+ FREEBUF(m.text_data);
-+out_infos:
-+ FREEBUF(m.infos);
-+out_descs:
-+ FREEBUF(m.descs);
-+out_prb:
-+ FREEBUF(m.prb);
-+}
-diff --git a/symbols.c b/symbols.c
-index b2f4eb5..a51078d 100644
---- a/symbols.c
-+++ b/symbols.c
-@@ -10426,6 +10426,30 @@ dump_offset_table(char *spec, ulong makestruct)
- OFFSET(log_level));
- fprintf(fp, " log_flags_level: %ld\n",
- OFFSET(log_flags_level));
-+
-+ fprintf(fp, " printk_info_seq: %ld\n", OFFSET(printk_info_seq));
-+ fprintf(fp, " printk_info_ts_nseq: %ld\n", OFFSET(printk_info_ts_nsec));
-+ fprintf(fp, " printk_info_text_len: %ld\n", OFFSET(printk_info_text_len));
-+ fprintf(fp, " printk_info_level: %ld\n", OFFSET(printk_info_level));
-+ fprintf(fp, " printk_info_caller_id: %ld\n", OFFSET(printk_info_caller_id));
-+ fprintf(fp, " printk_info_dev_info: %ld\n", OFFSET(printk_info_dev_info));
-+ fprintf(fp, " dev_printk_info_subsystem: %ld\n", OFFSET(dev_printk_info_subsystem));
-+ fprintf(fp, " dev_printk_info_device: %ld\n", OFFSET(dev_printk_info_device));
-+ fprintf(fp, " prb_desc_ring: %ld\n", OFFSET(prb_desc_ring));
-+ fprintf(fp, " prb_text_data_ring: %ld\n", OFFSET(prb_text_data_ring));
-+ fprintf(fp, " prb_desc_ring_count_bits: %ld\n", OFFSET(prb_desc_ring_count_bits));
-+ fprintf(fp, " prb_desc_ring_descs: %ld\n", OFFSET(prb_desc_ring_descs));
-+ fprintf(fp, " prb_desc_ring_infos: %ld\n", OFFSET(prb_desc_ring_infos));
-+ fprintf(fp, " prb_desc_ring_head_id: %ld\n", OFFSET(prb_desc_ring_head_id));
-+ fprintf(fp, " prb_desc_ring_tail_id: %ld\n", OFFSET(prb_desc_ring_tail_id));
-+ fprintf(fp, " prb_desc_state_var: %ld\n", OFFSET(prb_desc_state_var));
-+ fprintf(fp, " prb_desc_text_blk_lpos: %ld\n", OFFSET(prb_desc_text_blk_lpos));
-+ fprintf(fp, " prb_data_blk_lpos_begin: %ld\n", OFFSET(prb_data_blk_lpos_begin));
-+ fprintf(fp, " prb_data_blk_lpos_next: %ld\n", OFFSET(prb_data_blk_lpos_next));
-+ fprintf(fp, " prb_data_ring_size_bits: %ld\n", OFFSET(prb_data_ring_size_bits));
-+ fprintf(fp, " prb_data_ring_data: %ld\n", OFFSET(prb_data_ring_data));
-+ fprintf(fp, " atomit_long_t_counter: %ld\n", OFFSET(atomic_long_t_counter));
-+
- fprintf(fp, " sched_rt_entity_my_q: %ld\n",
- OFFSET(sched_rt_entity_my_q));
- fprintf(fp, " task_group_parent: %ld\n",
-@@ -10850,6 +10874,9 @@ dump_offset_table(char *spec, ulong makestruct)
- SIZE(xarray));
- fprintf(fp, " xa_node: %ld\n",
- SIZE(xa_node));
-+ fprintf(fp, " printk_info: %ld\n", SIZE(printk_info));
-+ fprintf(fp, " printk_ringbuffer: %ld\n", SIZE(printk_ringbuffer));
-+ fprintf(fp, " prb_desc: %ld\n", SIZE(prb_desc));
-
-
- fprintf(fp, "\n array_table:\n");
---
-2.17.1
-
diff --git a/meta-oe/recipes-kernel/crash/crash/0002-printk-use-committed-finalized-state-values.patch b/meta-oe/recipes-kernel/crash/crash/0002-printk-use-committed-finalized-state-values.patch
deleted file mode 100644
index 5213195c7..000000000
--- a/meta-oe/recipes-kernel/crash/crash/0002-printk-use-committed-finalized-state-values.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-From 71e159c64000467e94e08aefc144f5e1cdaa4aa0 Mon Sep 17 00:00:00 2001
-From: John Ogness <john.ogness@linutronix.de>
-Date: Wed, 25 Nov 2020 05:27:53 +0106
-Subject: [PATCH 2/2] printk: use committed/finalized state values
-
-An addendum to the previous crash commit a5531b24750e.
-The ringbuffer entries use 2 state values (committed and finalized)
-rather than a single flag to represent being available for reading.
-Copy the definitions and state lookup function directly from the
-kernel source and use the new states.
-
-Upstream-Status: Backport [https://github.com/crash-utility/crash/commit/71e159c64000467e94e08aefc144f5e1cdaa4aa0]
-
-Signed-off-by: John Ogness <john.ogness@linutronix.de>
-Signed-off-by: Nikolay Borisov <nborisov@suse.com>
-Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
----
- printk.c | 48 +++++++++++++++++++++++++++++++++++++++++-------
- 1 file changed, 41 insertions(+), 7 deletions(-)
-
-diff --git a/printk.c b/printk.c
-index f6d54ce..8658016 100644
---- a/printk.c
-+++ b/printk.c
-@@ -1,12 +1,6 @@
- #include "defs.h"
- #include <ctype.h>
-
--#define DESC_SV_BITS (sizeof(unsigned long) * 8)
--#define DESC_COMMITTED_MASK (1UL << (DESC_SV_BITS - 1))
--#define DESC_REUSE_MASK (1UL << (DESC_SV_BITS - 2))
--#define DESC_FLAGS_MASK (DESC_COMMITTED_MASK | DESC_REUSE_MASK)
--#define DESC_ID_MASK (~DESC_FLAGS_MASK)
--
- /* convenience struct for passing many values to helper functions */
- struct prb_map {
- char *prb;
-@@ -21,6 +15,44 @@ struct prb_map {
- char *text_data;
- };
-
-+/*
-+ * desc_state and DESC_* definitions taken from kernel source:
-+ *
-+ * kernel/printk/printk_ringbuffer.h
-+ */
-+
-+/* The possible responses of a descriptor state-query. */
-+enum desc_state {
-+ desc_miss = -1, /* ID mismatch (pseudo state) */
-+ desc_reserved = 0x0, /* reserved, in use by writer */
-+ desc_committed = 0x1, /* committed by writer, could get reopened */
-+ desc_finalized = 0x2, /* committed, no further modification allowed */
-+ desc_reusable = 0x3, /* free, not yet used by any writer */
-+};
-+
-+#define DESC_SV_BITS (sizeof(unsigned long) * 8)
-+#define DESC_FLAGS_SHIFT (DESC_SV_BITS - 2)
-+#define DESC_FLAGS_MASK (3UL << DESC_FLAGS_SHIFT)
-+#define DESC_STATE(sv) (3UL & (sv >> DESC_FLAGS_SHIFT))
-+#define DESC_ID_MASK (~DESC_FLAGS_MASK)
-+#define DESC_ID(sv) ((sv) & DESC_ID_MASK)
-+
-+/*
-+ * get_desc_state() taken from kernel source:
-+ *
-+ * kernel/printk/printk_ringbuffer.c
-+ */
-+
-+/* Query the state of a descriptor. */
-+static enum desc_state get_desc_state(unsigned long id,
-+ unsigned long state_val)
-+{
-+ if (id != DESC_ID(state_val))
-+ return desc_miss;
-+
-+ return DESC_STATE(state_val);
-+}
-+
- static void
- init_offsets(void)
- {
-@@ -74,6 +106,7 @@ dump_record(struct prb_map *m, unsigned long id, int msg_flags)
- unsigned short text_len;
- unsigned long state_var;
- unsigned int caller_id;
-+ enum desc_state state;
- unsigned char level;
- unsigned long begin;
- unsigned long next;
-@@ -90,7 +123,8 @@ dump_record(struct prb_map *m, unsigned long id, int msg_flags)
- /* skip non-committed record */
- state_var = ULONG(desc + OFFSET(prb_desc_state_var) +
- OFFSET(atomic_long_t_counter));
-- if ((state_var & DESC_FLAGS_MASK) != DESC_COMMITTED_MASK)
-+ state = get_desc_state(id, state_var);
-+ if (state != desc_committed && state != desc_finalized)
- return;
-
- info = m->infos + ((id % m->desc_ring_count) * SIZE(printk_info));
---
-2.17.1
-
diff --git a/meta-oe/recipes-kernel/crash/crash/donnot-extract-gdb-during-do-compile.patch b/meta-oe/recipes-kernel/crash/crash/donnot-extract-gdb-during-do-compile.patch
index e254fe877..7133cf0aa 100644
--- a/meta-oe/recipes-kernel/crash/crash/donnot-extract-gdb-during-do-compile.patch
+++ b/meta-oe/recipes-kernel/crash/crash/donnot-extract-gdb-during-do-compile.patch
@@ -9,7 +9,7 @@ diff --git a/Makefile b/Makefile
index bb0a34e..5eb7604 100644
--- a/Makefile
+++ b/Makefile
-@@ -226,7 +226,7 @@ all: make_configure
+@@ -228,7 +228,7 @@ all: make_configure
# @make --no-print-directory extensions
gdb_merge: force
@@ -18,15 +18,16 @@ index bb0a34e..5eb7604 100644
make --no-print-directory gdb_unzip; fi
@echo "${LDFLAGS} -lz -ldl -rdynamic" > ${GDB}/gdb/mergelibs
@echo "../../${PROGRAM} ../../${PROGRAM}lib.a" > ${GDB}/gdb/mergeobj
-@@ -253,11 +253,6 @@ gdb_unzip:
- @rm -f gdb.files
- @for FILE in ${GDB_FILES} dummy; do\
- echo $$FILE >> gdb.files; done
+@@ -255,12 +255,6 @@ gdb_unzip:
+ @rm -f gdb.files
+ @for FILE in ${GDB_FILES} dummy; do\
+ echo $$FILE >> gdb.files; done
- @if [ ! -f ${GDB}.tar.gz ] && [ ! -f /usr/bin/wget ]; then \
- echo /usr/bin/wget is required to download ${GDB}.tar.gz; echo; exit 1; fi
- @if [ ! -f ${GDB}.tar.gz ] && [ -f /usr/bin/wget ]; then \
-- wget http://ftp.gnu.org/gnu/gdb/${GDB}.tar.gz; fi
-- @tar --exclude-from gdb.files -xvzmf ${GDB}.tar.gz
- @make --no-print-directory gdb_patch
-
+- [ ! -t 2 ] && WGET_OPTS="--progress=dot:mega"; \
+- wget $$WGET_OPTS http://ftp.gnu.org/gnu/gdb/${GDB}.tar.gz; fi
+- @tar --exclude-from gdb.files -xzmf ${GDB}.tar.gz
+ @make --no-print-directory gdb_patch
+
gdb_patch:
diff --git a/meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch b/meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch
index 905b4c2cd..37d43b888 100644
--- a/meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch
+++ b/meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch
@@ -13,16 +13,16 @@ diff --git a/configure.c b/configure.c
index cf1973b..71e97b3 100644
--- a/configure.c
+++ b/configure.c
-@@ -151,7 +151,7 @@ void add_extra_lib(char *);
+@@ -155,7 +155,7 @@ void add_extra_lib(char *);
#define TARGET_CFLAGS_PPC64_ON_X86_64 "TARGET_CFLAGS="
#define TARGET_CFLAGS_MIPS "TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64"
#define TARGET_CFLAGS_MIPS_ON_X86 "TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64"
-#define TARGET_CFLAGS_MIPS_ON_X86_64 "TARGET_CFLAGS=-m32 -D_FILE_OFFSET_BITS=64"
+#define TARGET_CFLAGS_MIPS_ON_X86_64 "TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64"
+ #define TARGET_CFLAGS_MIPS64 "TARGET_CFLAGS="
#define TARGET_CFLAGS_SPARC64 "TARGET_CFLAGS="
- #define GDB_TARGET_DEFAULT "GDB_CONF_FLAGS="
-@@ -162,7 +162,7 @@ void add_extra_lib(char *);
+@@ -167,7 +167,7 @@ void add_extra_lib(char *);
#define GDB_TARGET_ARM64_ON_X86_64 "GDB_CONF_FLAGS=--target=aarch64-elf-linux" /* TBD */
#define GDB_TARGET_PPC64_ON_X86_64 "GDB_CONF_FLAGS=--target=powerpc64le-unknown-linux-gnu"
#define GDB_TARGET_MIPS_ON_X86 "GDB_CONF_FLAGS=--target=mipsel-elf-linux"
diff --git a/meta-oe/recipes-kernel/crash/crash_7.2.9.bb b/meta-oe/recipes-kernel/crash/crash_7.3.0.bb
index 0b6883a49..fcd4f2d61 100644
--- a/meta-oe/recipes-kernel/crash/crash_7.2.9.bb
+++ b/meta-oe/recipes-kernel/crash/crash_7.3.0.bb
@@ -25,10 +25,8 @@ SRC_URI = "git://github.com/crash-utility/${BPN}.git \
file://remove-unrecognized-gcc-option-m32-for-mips.patch \
file://0002-crash-fix-build-error-unknown-type-name-gdb_fpregset.patch \
file://0003-crash-detect-the-sysroot-s-glibc-header-file.patch \
- file://0001-printk-add-support-for-lockless-ringbuffer.patch \
- file://0002-printk-use-committed-finalized-state-values.patch \
"
-SRCREV = "a25aa4b649d339dd25c20d5413d81b851a77e0b2"
+SRCREV = "2a3e546942ab560f050ab77e8c7828b06513b3f0"
SRC_URI[gdb.md5sum] = "a9836707337e5f7bf76a009a8904f470"
SRC_URI[gdb.sha256sum] = "8070389a5dcc104eb0be483d582729f98ed4d761ad19cedd3f17b5d2502faa36"
diff --git a/meta-oe/recipes-shells/dash/dash_0.5.11.3.bb b/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb
index 92d9bc83d..c2d01986e 100644
--- a/meta-oe/recipes-shells/dash/dash_0.5.11.3.bb
+++ b/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb
@@ -8,8 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b5262b4a1a1bff72b48e935531976d2e"
inherit autotools update-alternatives
SRC_URI = "http://gondor.apana.org.au/~herbert/${BPN}/files/${BP}.tar.gz"
-SRC_URI[md5sum] = "c7016b513f701d88c70b3082eb183581"
-SRC_URI[sha256sum] = "62b9f1676ba6a7e8eaec541a39ea037b325253240d1f378c72360baa1cbcbc2a"
+SRC_URI[sha256sum] = "db778110891f7937985f29bf23410fe1c5d669502760f584e54e0e7b29e123bd"
EXTRA_OECONF += "--bindir=${base_bindir}"
diff --git a/meta-oe/recipes-support/c-ares/c-ares/0001-CVE-2021-3672.patch b/meta-oe/recipes-support/c-ares/c-ares/0001-CVE-2021-3672.patch
new file mode 100644
index 000000000..93afb838f
--- /dev/null
+++ b/meta-oe/recipes-support/c-ares/c-ares/0001-CVE-2021-3672.patch
@@ -0,0 +1,91 @@
+From 13363ab0eb3f5a3223571d073888816bd3e650f9 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Tue, 14 Sep 2021 13:49:11 +0800
+Subject: [PATCH 1/2] ares_expand_name() should escape more characters
+
+RFC1035 5.1 specifies some reserved characters and escaping sequences
+that are allowed to be specified. Expand the list of reserved characters
+and also escape non-printable characters using the \DDD format as
+specified in the RFC.
+
+Bug Reported By: philipp.jeitner@sit.fraunhofer.de
+Fix By: Brad House (@bradh352)
+
+Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/362f91d807d293791008cdb7616d40f7784ece83]
+CVE: CVE-2021-3672
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ ares_expand_name.c | 41 ++++++++++++++++++++++++++++++++++++++---
+ 1 file changed, 38 insertions(+), 3 deletions(-)
+
+diff --git a/ares_expand_name.c b/ares_expand_name.c
+index 3a38e67..8604543 100644
+--- a/ares_expand_name.c
++++ b/ares_expand_name.c
+@@ -38,6 +38,26 @@
+ static int name_length(const unsigned char *encoded, const unsigned char *abuf,
+ int alen);
+
++/* Reserved characters for names that need to be escaped */
++static int is_reservedch(int ch)
++{
++ switch (ch) {
++ case '"':
++ case '.':
++ case ';':
++ case '\\':
++ case '(':
++ case ')':
++ case '@':
++ case '$':
++ return 1;
++ default:
++ break;
++ }
++
++ return 0;
++}
++
+ /* Expand an RFC1035-encoded domain name given by encoded. The
+ * containing message is given by abuf and alen. The result given by
+ * *s, which is set to a NUL-terminated allocated buffer. *enclen is
+@@ -117,9 +137,18 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
+ p++;
+ while (len--)
+ {
+- if (*p == '.' || *p == '\\')
++ if (!isprint(*p)) {
++ /* Output as \DDD for consistency with RFC1035 5.1 */
++ *q++ = '\\';
++ *q++ = '0' + *p / 100;
++ *q++ = '0' + (*p % 100) / 10;
++ *q++ = '0' + (*p % 10);
++ } else if (is_reservedch(*p)) {
+ *q++ = '\\';
+- *q++ = *p;
++ *q++ = *p;
++ } else {
++ *q++ = *p;
++ }
+ p++;
+ }
+ *q++ = '.';
+@@ -177,7 +206,13 @@ static int name_length(const unsigned char *encoded, const unsigned char *abuf,
+ encoded++;
+ while (offset--)
+ {
+- n += (*encoded == '.' || *encoded == '\\') ? 2 : 1;
++ if (!isprint(*encoded)) {
++ n += 4;
++ } else if (is_reservedch(*encoded)) {
++ n += 2;
++ } else {
++ n += 1;
++ }
+ encoded++;
+ }
+ n++;
+--
+2.17.1
+
diff --git a/meta-oe/recipes-support/c-ares/c-ares/0002-CVE-2021-3672.patch b/meta-oe/recipes-support/c-ares/c-ares/0002-CVE-2021-3672.patch
new file mode 100644
index 000000000..e3b32f5fe
--- /dev/null
+++ b/meta-oe/recipes-support/c-ares/c-ares/0002-CVE-2021-3672.patch
@@ -0,0 +1,104 @@
+From 446225e54b4f23c08a07968433b39d62ed65afd1 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Tue, 14 Sep 2021 13:59:28 +0800
+Subject: [PATCH 2/2] ares_expand_name(): fix formatting and handling of root
+ name response
+
+Fixes issue introduced in prior commit with formatting and handling
+of parsing a root name response which should not be escaped.
+
+Fix By: Brad House
+
+Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/44c009b8e62ea1929de68e3f438181bea469ec14]
+CVE: CVE-2021-3672
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ ares_expand_name.c | 56 +++++++++++++++++++++++++++++-----------------
+ 1 file changed, 35 insertions(+), 21 deletions(-)
+
+diff --git a/ares_expand_name.c b/ares_expand_name.c
+index 8604543..af0c2e8 100644
+--- a/ares_expand_name.c
++++ b/ares_expand_name.c
+@@ -133,22 +133,30 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
+ }
+ else
+ {
+- len = *p;
++ int name_len = *p;
++ len = name_len;
+ p++;
+ while (len--)
+ {
+- if (!isprint(*p)) {
+- /* Output as \DDD for consistency with RFC1035 5.1 */
+- *q++ = '\\';
+- *q++ = '0' + *p / 100;
+- *q++ = '0' + (*p % 100) / 10;
+- *q++ = '0' + (*p % 10);
+- } else if (is_reservedch(*p)) {
+- *q++ = '\\';
+- *q++ = *p;
+- } else {
+- *q++ = *p;
+- }
++ /* Output as \DDD for consistency with RFC1035 5.1, except
++ * for the special case of a root name response */
++ if (!isprint(*p) && !(name_len == 1 && *p == 0))
++ {
++
++ *q++ = '\\';
++ *q++ = '0' + *p / 100;
++ *q++ = '0' + (*p % 100) / 10;
++ *q++ = '0' + (*p % 10);
++ }
++ else if (is_reservedch(*p))
++ {
++ *q++ = '\\';
++ *q++ = *p;
++ }
++ else
++ {
++ *q++ = *p;
++ }
+ p++;
+ }
+ *q++ = '.';
+@@ -200,19 +208,25 @@ static int name_length(const unsigned char *encoded, const unsigned char *abuf,
+ }
+ else if (top == 0x00)
+ {
+- offset = *encoded;
++ int name_len = *encoded;
++ offset = name_len;
+ if (encoded + offset + 1 >= abuf + alen)
+ return -1;
+ encoded++;
+ while (offset--)
+ {
+- if (!isprint(*encoded)) {
+- n += 4;
+- } else if (is_reservedch(*encoded)) {
+- n += 2;
+- } else {
+- n += 1;
+- }
++ if (!isprint(*encoded) && !(name_len == 1 && *encoded == 0))
++ {
++ n += 4;
++ }
++ else if (is_reservedch(*encoded))
++ {
++ n += 2;
++ }
++ else
++ {
++ n += 1;
++ }
+ encoded++;
+ }
+ n++;
+--
+2.17.1
+
diff --git a/meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb b/meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb
index 67dd70180..afcc1cc4b 100644
--- a/meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb
+++ b/meta-oe/recipes-support/c-ares/c-ares_1.16.1.bb
@@ -11,6 +11,8 @@ SRC_URI = "\
git://github.com/c-ares/c-ares.git \
file://cmake-install-libcares.pc.patch \
file://0001-fix-configure-error-mv-libcares.pc.cmakein-to-libcar.patch \
+ file://0001-CVE-2021-3672.patch \
+ file://0002-CVE-2021-3672.patch \
"
SRCREV = "74a1426ba60e2cd7977e53a22ef839c87415066e"
diff --git a/meta-oe/recipes-support/dstat/dstat_0.7.4.bb b/meta-oe/recipes-support/dstat/dstat_0.7.4.bb
index 74af54ca5..a1076ccf9 100644
--- a/meta-oe/recipes-support/dstat/dstat_0.7.4.bb
+++ b/meta-oe/recipes-support/dstat/dstat_0.7.4.bb
@@ -21,4 +21,4 @@ do_install() {
oe_runmake 'DESTDIR=${D}' install
}
-RDEPENDS_${PN} += "python3-core python3-misc python3-resource python3-shell python3-unixadmin"
+RDEPENDS:${PN} += "python3-core python3-misc python3-resource python3-shell python3-six python3-unixadmin"
diff --git a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/add__divmoddi4.patch b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/add__divmoddi4.patch
deleted file mode 100644
index 8dd30a20e..000000000
--- a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/add__divmoddi4.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-add __divmoddi4 builtin
-
-GCC 11 will generate it in code
-
-void foo(unsigned char *u8Second, unsigned int *u32Nanosecond, long long timeSpec)
-{
- long long i64Div;
- int i32Div;
- int i32Rem;
- i64Div = timeSpec;
- i32Rem = (int)(i64Div % 1000000000);
- i64Div /= 1000000000;
- *u32Nanosecond = i32Rem;
- i32Rem = (int)(i64Div % 60);
- *u8Second = i32Rem;
-}
-
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
---- a/src/VBox/Runtime/common/math/gcc/divdi3.c
-+++ b/src/VBox/Runtime/common/math/gcc/divdi3.c
-@@ -68,3 +68,12 @@ __divdi3(a, b)
- uq = - uq;
- return uq;
- }
-+
-+quad_t
-+__divmoddi4(quad_t a, quad_t b, quad_t* rem)
-+{
-+ quad_t d = __divdi3(a,b);
-+ *rem = a - (d*b);
-+ return d;
-+}
-+
diff --git a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
index 1b2fb4403..d1e42a4d7 100644
--- a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
+++ b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
@@ -13,7 +13,6 @@ VBOX_NAME = "VirtualBox-${PV}"
SRC_URI = "http://download.virtualbox.org/virtualbox/${PV}/${VBOX_NAME}.tar.bz2 \
file://Makefile.utils \
- file://add__divmoddi4.patch \
"
SRC_URI[md5sum] = "fce04bbef244b4df1a50e53d132d3e6f"
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.48.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.49.bb
index 7af824dd1..7e52d1db4 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.48.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.49.bb
@@ -26,8 +26,7 @@ SRC_URI_append_class-target = " \
"
LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"
-SRC_URI[md5sum] = "a7088cec171b0d00bf43394ce64d3909"
-SRC_URI[sha256sum] = "1bc826e7b2e88108c7e4bf43c026636f77a41d849cfb667aa7b5c0b86dbf966c"
+SRC_URI[sha256sum] = "65b965d6890ea90d9706595e4b7b9365b5060bec8ea723449480b4769974133b"
S = "${WORKDIR}/httpd-${PV}"