[meta-oe,kirkstone,14/22] iperf3: upgrade 3.14 -> 3.15

Message ID	20250929130425.2912077-15-skandigraun@gmail.com
State	New
Headers	show Return-Path: <skandigraun@gmail.com> ip: 209.85.218.44, mailfrom: skandigraun@gmail.com) From: Gyorgy Sarvari <skandigraun@gmail.com> To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 14/22] iperf3: upgrade 3.14 -> 3.15 Date: Mon, 29 Sep 2025 15:04:17 +0200 Message-ID: <20250929130425.2912077-15-skandigraun@gmail.com> In-Reply-To: <20250929130425.2912077-1-skandigraun@gmail.com> References: <20250929130425.2912077-1-skandigraun@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	Cherry-picks from Master Batch E \| expand [meta-oe,kirkstone,00/22] Cherry-picks from Master Batch E [meta-networking,kirkstone,01/22] libtalloc: upgrade 2.3.3 -> 2.3.4 [meta-networking,kirkstone,02/22] lksctp-tools: upgrade 1.0.19 -> 1.0.20 [meta-networking,kirkstone,03/22] lksctp-tools: upgrade 1.0.20 -> 1.0.21 [meta-networking,kirkstone,04/22] ndisc6: upgrade 1.0.6 -> 1.0.7 [meta-networking,kirkstone,05/22] ndisc6: upgrade 1.0.7 -> 1.0.8 [meta-networking,kirkstone,06/22] pimd: switch SRC_URI to https [meta-networking,kirkstone,07/22] ssmping: Use debian mirror for SRC_URI [meta-networking,kirkstone,08/22] tnftp: switch the SRC_URI to https [meta-networking,kirkstone,09/22] cifs-utils: upgrade 6.14 -> 6.15 [meta-networking,kirkstone,10/22] libtdb: upgrade 1.4.3 -> 1.4.7 [meta-networking,kirkstone,11/22] uftp: upgrade 5.0 -> 5.0.1 [meta-networking,kirkstone,12/22] uftp: upgrade 5.0.1 -> 5.0.2 [meta-networking,kirkstone,13/22] uftp: upgrade 5.0.2 -> 5.0.3 [meta-oe,kirkstone,14/22] iperf3: upgrade 3.14 -> 3.15 [meta-oe,kirkstone,15/22] flashrom: upgrade 1.2 -> 1.2.1 [meta-oe,kirkstone,16/22] iwd: upgrade 1.26 -> 1.27 [meta-oe,kirkstone,17/22] debootstrap: Update SRC_URI to point to valid URL [meta-oe,kirkstone,18/22] paho-mqtt-c: upgrade 1.3.10 -> 1.3.11 [meta-oe,kirkstone,19/22] paho-mqtt-c: upgrade 1.3.11 -> 1.3.12 [meta-oe,kirkstone,20/22] paho-mqtt-c: Improve the license information [meta-oe,kirkstone,21/22] recipes: Remove double protocol= from SRC_URIs [meta-oe,kirkstone,22/22] paho-mqtt-c: upgrade 1.3.12 -> 1.3.13

Message ID

20250929130425.2912077-15-skandigraun@gmail.com

State

New

Headers

From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][kirkstone][PATCH 14/22] iperf3: upgrade 3.14 -> 3.15
Date: Mon, 29 Sep 2025 15:04:17 +0200
Message-ID: <20250929130425.2912077-15-skandigraun@gmail.com>
In-Reply-To: <20250929130425.2912077-1-skandigraun@gmail.com>
References: <20250929130425.2912077-1-skandigraun@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

Cherry-picks from Master Batch E | expand

Commit Message

Gyorgy Sarvari Sept. 29, 2025, 1:04 p.m. UTC

From: Wang Mingyu <wangmy@fujitsu.com>

Changelog:
===========
  Several bugs that could allow the iperf3 server to hang waiting
  for input on the control connection has been fixed.

  A bug that caused garbled output with UDP tests on 32-bit hosts
  has been fixed (PR #1554, PR #1556). This bug was introduced in
  iperf-3.14.

  A bug in counting UDP messages has been fixed (PR #1367, PR
  #1380).

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8765f02ffb85ddff21e461b716ef3f86d368cb4e)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../iperf3/iperf3/CVE-2023-7250.patch         | 133 ------------------
 .../iperf3/{iperf3_3.14.bb => iperf3_3.15.bb} |   3 +-
 2 files changed, 1 insertion(+), 135 deletions(-)
 delete mode 100644 meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2023-7250.patch
 rename meta-oe/recipes-benchmark/iperf3/{iperf3_3.14.bb => iperf3_3.15.bb} (93%)

diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2023-7250.patch b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2023-7250.patch
deleted file mode 100644
index 6000480de7..0000000000
--- a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2023-7250.patch
+++ /dev/null
@@ -1,133 +0,0 @@ 
-From 5e3704dd850a5df2fb2b3eafd117963d017d07b4 Mon Sep 17 00:00:00 2001
-From: "Bruce A. Mah" <bmah@es.net>
-Date: Tue, 1 Aug 2023 14:02:54 -0700
-Subject: [PATCH] Implement fixes to make the control connection more robust.
-
-These include various timeouts in Nread() to guarantee that it will
-eventually exit, a 10-second timeout for each attempt to read data
-from the network and an approximately 30-second overall timeout per
-Nread() call.
-
-Also the iperf3 server now checks the length of the received session
-cookie, and errors out if this happens to be incorrect.
-
-Reported by Jorge Sancho Larraz - Canonical.
-
-CVE: CVE-2023-7250
-
-Upstream-Status: Backport [https://github.com/esnet/iperf/commit/5e3704dd850a5df2fb2b3eafd117963d017d07b4]
-
-Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
----
- src/iperf_server_api.c |  7 ++++-
- src/net.c              | 62 ++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 68 insertions(+), 1 deletion(-)
-
-diff --git a/src/iperf_server_api.c b/src/iperf_server_api.c
-index 18f105d..ae916f5 100644
---- a/src/iperf_server_api.c
-+++ b/src/iperf_server_api.c
-@@ -140,7 +140,12 @@ iperf_accept(struct iperf_test *test)
-         }
- #endif /* HAVE_TCP_USER_TIMEOUT */
- 
--        if (Nread(test->ctrl_sck, test->cookie, COOKIE_SIZE, Ptcp) < 0) {
-+        if (Nread(test->ctrl_sck, test->cookie, COOKIE_SIZE, Ptcp) != COOKIE_SIZE) {
-+            /*
-+             * Note this error covers both the case of a system error
-+             * or the inability to read the correct amount of data
-+             * (i.e. timed out).
-+             */
-             i_errno = IERECVCOOKIE;
-             return -1;
-         }
-diff --git a/src/net.c b/src/net.c
-index 1a88155..b80fb64 100644
---- a/src/net.c
-+++ b/src/net.c
-@@ -65,6 +65,9 @@
- #include "net.h"
- #include "timer.h"
- 
-+static int nread_read_timeout = 10;
-+static int nread_overall_timeout = 30;
-+
- /*
-  * Declaration of gerror in iperf_error.c.  Most other files in iperf3 can get this
-  * by including "iperf.h", but net.c lives "below" this layer.  Clearly the
-@@ -372,6 +375,32 @@ Nread(int fd, char *buf, size_t count, int prot)
- {
-     register ssize_t r;
-     register size_t nleft = count;
-+    struct iperf_time ftimeout = { 0, 0 };
-+
-+    fd_set rfdset;
-+    struct timeval timeout = { nread_read_timeout, 0 };
-+
-+    /*
-+     * fd might not be ready for reading on entry. Check for this
-+     * (with timeout) first.
-+     *
-+     * This check could go inside the while() loop below, except we're
-+     * currently considering whether it might make sense to support a
-+     * codepath that bypassese this check, for situations where we
-+     * already know that fd has data on it (for example if we'd gotten
-+     * to here as the result of a select() call.
-+     */
-+    {
-+        FD_ZERO(&rfdset);
-+        FD_SET(fd, &rfdset);
-+        r = select(fd + 1, &rfdset, NULL, NULL, &timeout);
-+        if (r < 0) {
-+            return NET_HARDERROR;
-+        }
-+        if (r == 0) {
-+            return 0;
-+        }
-+    }
- 
-     while (nleft > 0) {
-         r = read(fd, buf, nleft);
-@@ -385,6 +414,39 @@ Nread(int fd, char *buf, size_t count, int prot)
- 
-         nleft -= r;
-         buf += r;
-+
-+        /*
-+         * We need some more bytes but don't want to wait around
-+         * forever for them. In the case of partial results, we need
-+         * to be able to read some bytes every nread_timeout seconds.
-+         */
-+        if (nleft > 0) {
-+            struct iperf_time now;
-+
-+            /*
-+             * Also, we have an approximate upper limit for the total time
-+             * that a Nread call is supposed to take. We trade off accuracy
-+             * of this timeout for a hopefully lower performance impact.
-+             */
-+            iperf_time_now(&now);
-+            if (ftimeout.secs == 0) {
-+                ftimeout = now;
-+                iperf_time_add_usecs(&ftimeout, nread_overall_timeout * 1000000L);
-+            }
-+            if (iperf_time_compare(&ftimeout, &now) < 0) {
-+                break;
-+            }
-+
-+            FD_ZERO(&rfdset);
-+            FD_SET(fd, &rfdset);
-+            r = select(fd + 1, &rfdset, NULL, NULL, &timeout);
-+            if (r < 0) {
-+                return NET_HARDERROR;
-+            }
-+            if (r == 0) {
-+                break;
-+            }
-+        }
-     }
-     return count - nleft;
- }
--- 
-2.40.0
-
diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb b/meta-oe/recipes-benchmark/iperf3/iperf3_3.15.bb
similarity index 93%
rename from meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb
rename to meta-oe/recipes-benchmark/iperf3/iperf3_3.15.bb
index e93434fbf9..d708d74b38 100644
--- a/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb
+++ b/meta-oe/recipes-benchmark/iperf3/iperf3_3.15.bb
@@ -18,12 +18,11 @@  SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \
            file://0001-configure.ac-check-for-CPP-prog.patch \
            file://CVE-2025-54350.patch \
            file://CVE-2025-54349.patch \
-           file://CVE-2023-7250.patch \
            file://CVE-2024-26306.patch \
            file://CVE-2024-53580.patch \
            "
 
-SRCREV = "a0be85934144bc04712a6695b14ea6e45c379e1d"
+SRCREV = "917d2f02188f6f4cdc443df7923a4bde72017d92"
 
 S = "${WORKDIR}/git"

[meta-oe,kirkstone,14/22] iperf3: upgrade 3.14 -> 3.15

Commit Message

Patch