sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error
and resultant heap memory corruption for squashfs directory listing because the
path separator is not considered in a size calculation.
https://nvd.nist.gov/vuln/detail/CVE-2024-57259
(From OE-Core rev: e4b713ff07695487cc9307ffc3576a11775cde4d)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1
occur for a crafted squashfs filesystem via sbrk, via request2size,
or because ptrdiff_t is mishandled on x86_64.
https://nvd.nist.gov/vuln/detail/CVE-2024-57258
(From OE-Core rev: b4bf3ba66052db7a311ac696563a8a0f9c585600)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1
occurs via a crafted squashfs filesystem with deep symlink nesting.
https://nvd.nist.gov/vuln/detail/CVE-2024-57257
(From OE-Core rev: 5ed8ad78bcce836aa8894de7a1d7fdf719e5bbca)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1
occurs for zalloc (adding one to an le32 variable) via a crafted ext4
filesystem with an inode size of 0xffffffff, resulting in a malloc of
zero and resultant memory overwrite.
https://nvd.nist.gov/vuln/detail/CVE-2024-57256
(From OE-Core rev: 534aa63726f31241e3a9d4aa70d4005fa0300133)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1
occurs via a crafted squashfs filesystem with an inode size of 0xffffffff,
resulting in a malloc of zero and resultant memory overwrite.
https://nvd.nist.gov/vuln/detail/CVE-2024-57255
(From OE-Core rev: 687b6e0a166d7dc999b7d226a9bd68155f59a03a)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
An integer overflow in sqfs_inode_size in Das U-Boot before
2025.01-rc1 occurs in the symlink size calculation via a
crafted squashfs filesystem.
https://nvd.nist.gov/vuln/detail/CVE-2024-57254
(From OE-Core rev: 956836ab347e9112be0f8892b1b82c4bcb17990c)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This patch mitigates the vulnerability identified via CVE-2019-14196.
The previous patch was bypassed/ineffective, and now the vulnerability
is identified via CVE-2022-30767. The patch removes the sanity check
introduced to mitigate CVE-2019-14196 since it's ineffective.
filefh3_length is changed to unsigned type integer, preventing negative
numbers from being used during comparison with positive values during
size sanity checks.
(From OE-Core rev: b7072637ba110718714745a01d67e1b6b0096165)
Signed-off-by: Carlos Dominguez <carlos.dominguez@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Same was done in newer Yocto releases.
See commit: f99b25355133fe8f65a55737270e67ea10b79d52
See commit: 40cd768368167f81de5bb55e9ff0584035f4c1b4
(From OE-Core rev: 823f7ab85cff010c777616ed5db0e0c41f6cc4e6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A issue was found when I run "runqemu genericx86-64 ovmf", grub failed
to boot, it's a known issue has been fixed in grub upstream, backport
the fix.
(From OE-Core rev: 6992437d725f9cc88da4261814b69aaadc5ef0f2)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 51eab4bb0cae46c9c32d28986eb97badf47594b7)
Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Commit cc6c3e31526d ("u-boot: Move definitions to common locations") moved
UBOOT_INITIAL_ENV to uboot-config.bbclass, but it should be kept at u-boot.inc
because it encodes ${PN} in it, which should be set by the U-Boot recipe.
Currently, whatever inherits uboot-config bbclass will fill-in its own PN,
which would change the content of UBOOT_INITIAL_ENV per-package.
Cc: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
Cc: Marek Vasut <marex@denx.de>
Fixes: cc6c3e31526d ("u-boot: Move definitions to common locations")
(From OE-Core rev: 18b76259d27dc045f621cd512582c37e8bbab45c)
Signed-off-by: Fabio Estevam <festevam@denx.de>
Backported from master: 0b0c4b37d318b86f100512476ffd861e0ce1f47e
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver.
This issue may allow an attacker to present a specially crafted NTFS
filesystem image, leading to grub's heap metadata corruption. In some
circumstances, the attack may also corrupt the UEFI firmware heap metadata.
As a result, arbitrary code execution and secure boot protection bypass
may be achieved.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-4692https://bugzilla.redhat.com/show_bug.cgi?id=2236613
(From OE-Core rev: c89835b37366dde6c74f8221fd5a295ecabf8225)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* LDFLAGS += "-fuse-ld=bfd" in the recipe doesn't work and
it still fails to build with ld-is-gold in DISTRO_FEATURES
removal of this line sent to master in:
https://lists.openembedded.org/g/openembedded-core/message/185167
* the most important ones are the 1st which removes --add-needed
and the last which removes src/include/workarounds.mk completely
while 2-4 patches just update src/include/workarounds.mk for the
last one to apply cleanly
* alternatively we can bump SRCREV to latest 38 as master did in:
https://git.openembedded.org/openembedded-core/commit/?id=4df808c616f847d90203582fd950a49bb8360dd0
which brings 23 commits, but instead of adding 5 more patches
allows to remove 5
(From OE-Core rev: d5c7ec0be32aa75fa7973840adf5251d22018766)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Working with enabling SPDX, an issue was observerd where v86d wasn't rebuilding
when the kernel was changed from linux-yocto to linux-yocto-rt.
This is due to the code in sstatesig.py which was seeing the RRECOMMENDS on a
kernel module and ignoring the DEPENDS. The v86d is technically a kernel module
since it uses kernel header files.
There are two ways to address this, we could inherit the module-base class and
the dependency code does the correct thing. It appears the code doesn't look into
STAGING_KERNEL_DIR though and doesn't use the kernel sources. We can therefore drop
the DEPENDS and the code will the do the correct thing.
(From OE-Core rev: b842b8b51e0819eebf1fb3a2359b8c06863e553a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 37ccd11cb0b89416b8e23160445186269b6c0c8a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
It fails to instal pm-utils and lib32-pm-utils at same time:
Error: Transaction test error:
file /usr/bin/pm-is-supported conflicts between attempted installs of lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
file /usr/sbin/pm-hibernate conflicts between attempted installs of lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
file /usr/sbin/pm-powersave conflicts between attempted installs of lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
file /usr/sbin/pm-suspend conflicts between attempted installs of lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
file /usr/sbin/pm-suspend-hybrid conflicts between attempted installs of lib32-pm-utils-1.4.1-r1.corei7_32 and pm-utils-1.4.1-r1.corei7_64
All of the conflicted files either is script which source a file in
${libdir}, or a link file to some file in ${libdir}. Compare the content
of installed files in ${libdir} exclude binaries, only the paths of
${libdir} diff. So re-define libdir with ${nonarch_libdir} to fix the
conflicts.
(From OE-Core rev: 7d99987f76c58ec1f9ee5efffee0705b2c542ad7)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f836541bcfdbf033a37537530b4e3b87b0a7f003)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since the commit 005b6aba89eaf1b79fdd7565dd028fdd9bbfcc7d
(efivar: add musl libc compatibility) efibootmgr compiles with
musl too. Update the variable to take that into account.
(From OE-Core rev: ada5e64a97d5f269886772540e0bb0c324088b21)
Signed-off-by: Marta Rybczynska <marta.rybczynska@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Splitting u-boot-configure.inc out of the base left duplicate
cml1.bbclass in the base include.
Fixes: fc9a17ad38 ("u-boot: Split do_configure logic into separate file")
(From OE-Core rev: a6506c2c0563820293031d3312c2405998c25287)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 286f91f7659307bcdf0ba541b8d6b56db5604ceb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+= allows custom layers to change the SRC_URI e.g. when
updating the whole recipe to newer u-boot version.
With :append, there is no way to change the variable
from a bbappend.
(From OE-Core rev: be96b384ce964ff14536d3bc40c89851a12dfb60)
(From OE-Core rev: aa0e319fe07c0ac807a6963ac47fe5e70a0b6fff)
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit be267f6169)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport CVE patches from upstream to fix:
CVE-2021-3695
CVE-2021-3696
CVE-2021-3697
CVE-2022-28733
CVE-2022-28734
CVE-2022-28735
Backport the following 5 patches to make CVE patches be applied smoothly.
video-Remove-trailing-whitespaces.patch
video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
(From OE-Core rev: 5e99aaaa4f36aacaf005d9721c3b6cd7c9526943)
Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit db43401a3a4c201f02f4128fa4bac8ce993bfec0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* add GPL license because of alsa-state-init file
* gpl link points to gpl3, but at time of adding this file was actually
pointing to gpl2, so should correspond to SPDX GPL-2.0-or-later
* remove date as the file was already changed several times since then
(From OE-Core rev: 7c3d9c5d72f1e832697b51a89e284e0b1e041f38)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ca73ff0d9930d545ce8cb8a62e259c0b43310f99)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patch to get efivar working with musl.
Upstream issue:
https://github.com/rhboot/efivar/issues/202
After commit meta-oe/1582f81805ee3114bc1a44bd5cf52d21f96702ca
fwupd gives an error when trying to build with musl because
efivar is not compatible. This fixes the issue.
(From OE-Core rev: a121d2dd5d1e47072cb1419c9cbe9ef345de8e02)
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 005b6aba89eaf1b79fdd7565dd028fdd9bbfcc7d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
pkg-config is used by the Makefiles, and thus pkgconfig needs to be
inherited.
(From OE-Core rev: 91bfc749de1530065d2cd8ecb4c8d16c458ade56)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6148ac9bc5d3e0d0ffdbbd6695acd96ca1836b78)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This avoids a redirect.
(From OE-Core rev: 4e4c668960414818b312d689d203897edd556a6f)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 879bc5098943cf6977c32555ac31cb21be7b46ae)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The license is clear, add an SPDX license identification header to the script
and drop the weird patch, we don't need it.
(From OE-Core rev: 17d981005a0c0c97702ad88602b7181b69bcc9eb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is specific to SUSE Linux.
(From OE-Core rev: 594baef3b08d40fbbf1899f4cadeb9931c035c1a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Include all available modules If 'all' is present in GRUB_BUILDIN variable.
To achieve this we need to search for all .mod files in ${B}/grub-core/ and
pass them to grub-mkimage command.
Also, add the verbose option to grub-mkimage.
(From OE-Core rev: ed1bf9aa0af8c12905cf8332bbbb212ab158fe3c)
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In commit ceda3238 (meta/meta-selftest/meta-skeleton: Update LICENSE
variable to use SPDX license identifiers) all LICENSE variables were
updated to only use SPDX license identifiers.
This does the same for comments and other variables where it is
appropriate to use the official SPDX license identifiers. There are
still references to, e.g., "GPLv3", but they are then typically in
descriptive text where they refer to the license in a generic sense.
(From OE-Core rev: 165759dced7fbe73b1db2ede67047896071dc6d0)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ensure right ABI and march is used which matches OE core settings
(From OE-Core rev: 17cd727f333580c6fd7ff20c90ede9ccce9ef60b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop OE specific patch to shunt march/mabi
this seems to work fine now.
unset CLANG_TARGET so it can compile with OE produced clang toolchain
which provides --target itself
(From OE-Core rev: c48b57aa68149f5bdca80cadbf5b426c209ca94e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some auxiliary u-boot recipes may need u-boot properly configured
(including *.cfg additions via bbappends) but aren't necessarily
building u-boot itself; to support such situations, here we split the
u-boot do_configure() out of u-boot.inc and into its own
u-boot-configure.inc.
(From OE-Core rev: e55e6fb4983a41f74c0e457bf54bd8dfa5608daa)
Signed-off-by: Zev Weiss <zev@bewilderbeest.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop determinism.patch, resolved by
641a162654
Drop no-werror.patch, can now be replaced by ERRORS= in make invocation.
Add a patch to efibootmgr to address build failures with new version.
(From OE-Core rev: 60665cdd6b1bbed29b919328ab34827c055ed729)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
'xen-boot' module is available only for aarch64.
(From OE-Core rev: bfabc6d4f8742cc1fdeb49c180b0f78faf5739a2)
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
