From patchwork Wed Mar 12 19:55:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58851 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F5D7C28B2E for ; Wed, 12 Mar 2025 19:56:07 +0000 (UTC) Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) by mx.groups.io with SMTP id smtpd.web11.4747.1741809358057089480 for ; Wed, 12 Mar 2025 12:55:58 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=buNzO5hM; spf=softfail (domain: sakoman.com, ip: 209.85.216.49, mailfrom: steve@sakoman.com) Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-2fe9759e5c1so525973a91.0 for ; Wed, 12 Mar 2025 12:55:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809357; x=1742414157; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=de21rvAWYLs8cgOvqriPIg8jh/QKgimgPxYKpGje06g=; b=buNzO5hMmS8Xqsy5RueVukLEEHwliHJ9lDHCNu3OtPFbJdBWyrl7k/808WgQEGX+mW 77f1ia2sVI1YkZRHVFNnt0H4aVbmtYxJ/yhAk4kjNSSh8nzhKApeJzwXycBDOl4yfaq+ VriUvNmnomYPcm1suB6xTW149bTqXAJ2KXFY7vXsTJ2v1LoT2dpUwYnl97v/tw3zDYCP vN/L+nn0TzDwNbnhFk8/aczptNfc87lWh0dPY95W9jgA+SiXbXuzoDgAv62MiGbmg5jA /LxapeJ87i8h8p4nQfCfbKWc/qFxouSadMsm0FtP53+Hzds56zxAFXYa0i4R+KiCBj6l +dyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809357; x=1742414157; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=de21rvAWYLs8cgOvqriPIg8jh/QKgimgPxYKpGje06g=; b=LK3Wxd4W2QeJufyav7R7o40DNyxRIsA9QRVsNOGQ1uGb5X22OFvuqw3rxUC9Wzt2gB D17A63mnfWZpvEUBie8s+3WlzEhYFbUdjGZxvBiXjjYRMb/9UugdRLAIhD/bt4bAYZIW oCVOyg+nvoTArzO3WLMWcW+kgwr6bhWdMzW8WKXWz/4o5rv1Y/PmaPV6w1sXRWxHxBrD BDIrDY2TLUaprKUGcdnQU+xgEjnr/f4SeAAuogs94KS/0PTirBJAsyh4YRieMP+LX9jn TYSUxXQRp2jG8MJCMMrTiJ4rHY+TrzxchwjiZf+WZCO1zMSzP0+zIkuu7kvXd2zrMPLq HwpA== X-Gm-Message-State: AOJu0YwP+v59nKZXaKEmQlZ/Bjp5dGjfeMc4DLRGO3u2K8ew41UJCu+l 0MlJU40s4GGX0RQmfvDnwQOwKkBRDuHl8st1uNFNdKO8ib7EySJd/9n7luGPFWobg5+cz39Znz2 w X-Gm-Gg: ASbGncvRG8XnI89hrjzuAQisrlPr97392eJGBGNHmfmF+0ZGmDAV66FYALT2BACd28d euqGxsQrVRJveE5Xic6sjn+5rOrgF5CS57/ovnM6E0eXcMtxjJy2PZdLLu4i2Omhacpb0Xg6U/n VnrTj+xEGJrFhjYS/hNUDOuu16J2ebVxumP3Dpu1+7ZeTyAJ8wc+Ksm20ykwZ318EFvDFtbnrIf +B0k1+p3j8Lq56NAhiZQUMv6p22ie9C7VSOVFR7X+saQ4ugKAmA1T80VoEpxQ7yjmyP+GTU0YgB YdR/7rCE2CxL4IsC7DZtT3/HF/dBVZlYcEbxnp+Y9E5yhA== X-Google-Smtp-Source: AGHT+IGcYJ6zRPeWFIOyHvcWvIrf9c788841o0vXDesW9p3Viq4ENcygHqgjsBGxc9H+dyS5nI5X9w== X-Received: by 2002:a05:6300:4046:b0:1f5:8754:324d with SMTP id adf61e73a8af0-1f58cad4b02mr12793361637.9.1741809357281; Wed, 12 Mar 2025 12:55:57 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.55.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:55:56 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 01/28] openssh: fix CVE-2025-26465 Date: Wed, 12 Mar 2025 12:55:22 -0700 Message-ID: <60b5df194a5bea491489fdae2f32e33ffd21c9c7.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212695 From: Archana Polampalli A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. Signed-off-by: Archana Polampalli Signed-off-by: Steve Sakoman --- .../openssh/openssh/CVE-2025-26465.patch | 169 ++++++++++++++++++ .../openssh/openssh_9.6p1.bb | 1 + 2 files changed, 170 insertions(+) create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2025-26465.patch diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2025-26465.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2025-26465.patch new file mode 100644 index 0000000000..0a3cf1496b --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2025-26465.patch @@ -0,0 +1,169 @@ +From 0832aac79517611dd4de93ad0a83577994d9c907 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Tue, 18 Feb 2025 08:02:48 +0000 +Subject: [PATCH] upstream: Fix cases where error codes were not correctly set + +Reported by the Qualys Security Advisory team. ok markus@ + +OpenBSD-Commit-ID: 7bcd4ffe0fa1e27ff98d451fb9c22f5fae6e610d + +CVE: CVE-2025-26465 + +Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/0832aac79517611dd4de93ad0a83577994d9c907] + +Signed-off-by: Archana Polampalli +--- + krl.c | 4 +++- + ssh-agent.c | 5 +++++ + ssh-sk-client.c | 4 +++- + sshconnect2.c | 5 ++++- + sshsig.c | 1 + + 5 files changed, 16 insertions(+), 3 deletions(-) + +diff --git a/krl.c b/krl.c +index e2efdf0..0d0f695 100644 +--- a/krl.c ++++ b/krl.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: krl.c,v 1.59 2023/07/17 05:22:30 djm Exp $ */ ++/* $OpenBSD: krl.c,v 1.60 2025/02/18 08:02:48 djm Exp $ */ + /* + * Copyright (c) 2012 Damien Miller + * +@@ -674,6 +674,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) + break; + case KRL_SECTION_CERT_SERIAL_BITMAP: + if (rs->lo - bitmap_start > INT_MAX) { ++ r = SSH_ERR_INVALID_FORMAT; + error_f("insane bitmap gap"); + goto out; + } +@@ -1059,6 +1060,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp) + } + + if ((krl = ssh_krl_init()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; + error_f("alloc failed"); + goto out; + } +diff --git a/ssh-agent.c b/ssh-agent.c +index b6a3f48..2d2c6fc 100644 +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -1204,6 +1204,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + "restrict-destination-v00@openssh.com") == 0) { + if (*dcsp != NULL) { + error_f("%s already set", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((r = sshbuf_froms(m, &b)) != 0) { +@@ -1213,6 +1214,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + while (sshbuf_len(b) != 0) { + if (*ndcsp >= AGENT_MAX_DEST_CONSTRAINTS) { + error_f("too many %s constraints", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + *dcsp = xrecallocarray(*dcsp, *ndcsp, *ndcsp + 1, +@@ -1230,6 +1232,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + } + if (*certs != NULL) { + error_f("%s already set", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((r = sshbuf_get_u8(m, &v)) != 0 || +@@ -1241,6 +1244,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + while (sshbuf_len(b) != 0) { + if (*ncerts >= AGENT_MAX_EXT_CERTS) { + error_f("too many %s constraints", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + *certs = xrecallocarray(*certs, *ncerts, *ncerts + 1, +@@ -1737,6 +1741,7 @@ process_ext_session_bind(SocketEntry *e) + /* record new key/sid */ + if (e->nsession_ids >= AGENT_MAX_SESSION_IDS) { + error_f("too many session IDs recorded"); ++ r = -1; + goto out; + } + e->session_ids = xrecallocarray(e->session_ids, e->nsession_ids, +diff --git a/ssh-sk-client.c b/ssh-sk-client.c +index 321fe53..06fad22 100644 +--- a/ssh-sk-client.c ++++ b/ssh-sk-client.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: ssh-sk-client.c,v 1.12 2022/01/14 03:34:00 djm Exp $ */ ++/* $OpenBSD: ssh-sk-client.c,v 1.13 2025/02/18 08:02:48 djm Exp $ */ + /* + * Copyright (c) 2019 Google LLC + * +@@ -439,6 +439,7 @@ sshsk_load_resident(const char *provider_path, const char *device, + } + if ((srk = calloc(1, sizeof(*srk))) == NULL) { + error_f("calloc failed"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + srk->key = key; +@@ -450,6 +451,7 @@ sshsk_load_resident(const char *provider_path, const char *device, + if ((tmp = recallocarray(srks, nsrks, nsrks + 1, + sizeof(*srks))) == NULL) { + error_f("recallocarray keys failed"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + debug_f("srks[%zu]: %s %s uidlen %zu", nsrks, +diff --git a/sshconnect2.c b/sshconnect2.c +index fab1e36..a5f92f0 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -101,7 +101,7 @@ verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) + options.required_rsa_size)) != 0) + fatal_r(r, "Bad server host key"); + if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, +- xxx_conn_info) == -1) ++ xxx_conn_info) != 0) + fatal("Host key verification failed."); + return 0; + } +@@ -709,6 +709,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + + if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) { + debug_f("server sent unknown pkalg %s", pkalg); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { +@@ -719,6 +720,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + error("input_userauth_pk_ok: type mismatch " + "for decoded key (received %d, expected %d)", + key->type, pktype); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + +@@ -738,6 +740,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + SSH_FP_DEFAULT); + error_f("server replied with unknown key: %s %s", + sshkey_type(key), fp == NULL ? "" : fp); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + ident = format_identity(id); +diff --git a/sshsig.c b/sshsig.c +index d50d65f..1b7f40d 100644 +--- a/sshsig.c ++++ b/sshsig.c +@@ -874,6 +874,7 @@ cert_filter_principals(const char *path, u_long linenum, + } + if ((principals = sshbuf_dup_string(nprincipals)) == NULL) { + error_f("buffer error"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + /* success */ +-- +2.40.0 diff --git a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb index ea5face097..6ae4c81a42 100644 --- a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb @@ -30,6 +30,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://CVE-2024-39894.patch \ file://0001-Fix-missing-header-for-systemd-notification.patch \ file://CVE-2025-26466.patch \ + file://CVE-2025-26465.patch \ " SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" From patchwork Wed Mar 12 19:55:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58852 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 60749C28B28 for ; Wed, 12 Mar 2025 19:56:07 +0000 (UTC) Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) by mx.groups.io with SMTP id smtpd.web10.4546.1741809360313191249 for ; Wed, 12 Mar 2025 12:56:00 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=HbPtcw+8; spf=softfail (domain: sakoman.com, ip: 209.85.214.172, mailfrom: steve@sakoman.com) Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-2255003f4c6so4952265ad.0 for ; Wed, 12 Mar 2025 12:56:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809359; x=1742414159; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=CsVu81ItEP81OA4xHrtplCVLru1/Xk2e0iSHAaD47So=; b=HbPtcw+8W+93AYxrqwxcBuMgVLCcUbFsXvs5U89t3RP+vfSf6vyLv0oHs/dHZcG6eL CKEnZOdnZSb/AADyP7+r/RnSZl1ZJwvzjJowGE8r53HjCJrejEbUKvH3RnYA6qYUn75B /aMaMp5mQZL+/VFqYZ9mJ8JgM4QVjMC1//iAIIoz+71v7n5RWoTJXDrYxm8Lh4lzxUdJ C3lUxIWR1iwmgKE8aWHYFbZCYbAwA7Cu8lvd2A06hUR0fy4XXCcoQTwm548VnZno3rnt qBt7h2OvKJlVCXXC8o7cxpxa3Rrn4JiZ3uwb5uMEbtrSbBNylq2NOXv7VZ5c1QdqJnyD IjdA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809359; x=1742414159; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CsVu81ItEP81OA4xHrtplCVLru1/Xk2e0iSHAaD47So=; b=ZHjrZrrK7wZ/pFNVlghBaktRLnZcrEpjQxR+bmdohzXfnFo2I1HsMClMbmauN4t/xm vmpm6E00TVEv5M7uf3Nqu7hKlFM6bTXwdPKEBfWt10t1K5RP/HYlRq8gQBcj8lxbVw9j jySrg0JbcqS+wVcfkSK2NNizwA6KL6OBjHPd0jKpHbv10WPZUQolhLccPtJjM8Zaqc4M pDrhv/Zmp8PjELaNEk/x5TdvZua9sgrnyvdwy3FuQ492bMPIKC8mzZQr+5bkLIDTgB2T VoWyZuukCXsAq7v0Vyc3B4wCRIy3+CJ4RMj5VIOuDrsgv2aoCCjP16NHwDwuJS//1wTZ 3DiQ== X-Gm-Message-State: AOJu0YyYue+fbv4bi8RGBJx6xf3s8wJyyniq+nKRgyg0uB4MPALL8q/8 Cd+E3mUEH9qfTFVxeDCwFJHzs3U4P70QkMX0XKakV8p/Z0RNfP0m0X0UkJ3nhjPXKLOX0AiG/mf s X-Gm-Gg: ASbGncuh467ybVeKq7H/Fj9/Gl+MaIlPGqLgwdyDZ3awXqPFhYYxNrEbhuujHeQ0hVh cRigfruSIQlbiLJOFzHazulyCWdNtPnS5gxYyftPD2E10CYUKnhFJDmnGVGgaicCH4RTKefrdNi QD43H/eRt3LeGEmPUWs7wPFQemtRzG6J+ziZoZi271HBir5vIkSQV3nOlxr7bSzNn2lPU2C53aK CtdHB+CdkeUaRko9DmM4NpeKT0PUm9WOIlluelAFPStVo8rlVhqdWu8vFOQStofkyD6Nlpg7iW1 xwIOl4XjGsdphYdG25nk3cz8zsyt2juE/8sLwRh6Pv8GpA== X-Google-Smtp-Source: AGHT+IGTVov+wqlV01Ucydbq6jGQs02b7IECPwHKgMDcwNrJrdDgVvDRNhj/WEeIF/6FH+mrAhYSkA== X-Received: by 2002:a05:6a21:7308:b0:1f5:6a1a:329b with SMTP id adf61e73a8af0-1f58cbc548fmr17155146637.32.1741809359634; Wed, 12 Mar 2025 12:55:59 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.55.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:55:59 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 02/28] ruby: Fix CVE-2025-27219 Date: Wed, 12 Mar 2025 12:55:23 -0700 Message-ID: <7e0a96b5c0b7a5ca593df83861086d0980ea72e9.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212696 From: Ashish Sharma Upstream-Status: Backport from [https://github.com/ruby/cgi/commit/9907b76dad0777ee300de236dad4b559e07596ab] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- .../ruby/ruby/CVE-2025-27219.patch | 31 +++++++++++++++++++ meta/recipes-devtools/ruby/ruby_3.3.5.bb | 1 + 2 files changed, 32 insertions(+) create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2025-27219.patch diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2025-27219.patch b/meta/recipes-devtools/ruby/ruby/CVE-2025-27219.patch new file mode 100644 index 0000000000..7813a6143c --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/CVE-2025-27219.patch @@ -0,0 +1,31 @@ +From 9907b76dad0777ee300de236dad4b559e07596ab Mon Sep 17 00:00:00 2001 +From: Hiroshi SHIBATA +Date: Fri, 21 Feb 2025 16:01:17 +0900 +Subject: [PATCH] Use String#concat instead of String#+ for reducing cpu usage + +Co-authored-by: "Yusuke Endoh" + +Upstream-Status: Backport [https://github.com/ruby/cgi/commit/9907b76dad0777ee300de236dad4b559e07596ab] +CVE: CVE-2025-27219 +Signed-off-by: Ashish Sharma + + lib/cgi/cookie.rb | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/lib/cgi/cookie.rb b/lib/cgi/cookie.rb +index 9498e2f..1c4ef6a 100644 +--- a/lib/cgi/cookie.rb ++++ b/lib/cgi/cookie.rb +@@ -190,9 +190,10 @@ def self.parse(raw_cookie) + values ||= "" + values = values.split('&').collect{|v| CGI.unescape(v,@@accept_charset) } + if cookies.has_key?(name) +- values = cookies[name].value + values ++ cookies[name].concat(values) ++ else ++ cookies[name] = Cookie.new(name, *values) + end +- cookies[name] = Cookie.new(name, *values) + end + + cookies diff --git a/meta/recipes-devtools/ruby/ruby_3.3.5.bb b/meta/recipes-devtools/ruby/ruby_3.3.5.bb index fb0d711765..4354107a85 100644 --- a/meta/recipes-devtools/ruby/ruby_3.3.5.bb +++ b/meta/recipes-devtools/ruby/ruby_3.3.5.bb @@ -26,6 +26,7 @@ SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \ file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ file://0006-Make-gemspecs-reproducible.patch \ file://0001-vm_dump.c-Define-REG_S1-and-REG_S2-for-musl-riscv.patch \ + file://CVE-2025-27219.patch \ " UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/" From patchwork Wed Mar 12 19:55:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58850 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68A37C2BA1B for ; Wed, 12 Mar 2025 19:56:07 +0000 (UTC) Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) by mx.groups.io with SMTP id smtpd.web10.4547.1741809361988076946 for ; Wed, 12 Mar 2025 12:56:02 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=H7txTJjo; spf=softfail (domain: sakoman.com, ip: 209.85.216.49, mailfrom: steve@sakoman.com) Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-2ff784dc055so483931a91.1 for ; Wed, 12 Mar 2025 12:56:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809361; x=1742414161; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=+VhVflaFJupykAbr5GMulgMwO4fH5FSAL+vOMgQ8g/Q=; b=H7txTJjoln89QlXvqw7Qupx1bnVaMWGD1WOb2sv+7FuWDITF1UvPUw2IMF7y32ECED 2u7tGKQEtgzlouNJ7QM9EUbL27KnrTFb0FNWP5JlZry5i3W2IwZQm37lhvrzXU2zYHwK 4KHeq7G04wOGOlX+P4xqmPM+qA4Mpd1Cpub0B3s/c76xeb7/6ci5Ou8eytvQqRZ91/9P gVnXC3MHg9pMHZMgaGD50fcHg3BztdAUqKusz2YB4IpCmB8syMu9SPvWCAgO0tpSJeWG yrjUOHNBrua83qFjSScBkfWL8QGUXPYR4TetgYosMrOir0ASabvXsFfDegMQb80OyIc6 69Gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809361; x=1742414161; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+VhVflaFJupykAbr5GMulgMwO4fH5FSAL+vOMgQ8g/Q=; b=Rfotyot8hGwUjLpDgQrOBf3tcNLNzSX2N+gElbhQl+8zv6ciWoNGsUvX3yhe+kTIWS mSq7dVVUtDpvV+Wprlfrmw1EKsD/ZS2ltFe0ByTIr1+am52AiQ030BRQoNeypCX4sVTc ki1JFaZHj8x9/4MKWZnwmth4T/HCsR7B0fClxAw6MVzIGSRiCY3g/W+23obMwKgk4BEA Bvd0fV7Ml4u+i338DkTO+JC7yyxXEK1K00rrVqqiv9mYdw3TLG6rrsF3wYAdiNb/BD7r ebasmUNWH7gIXmXbNl3xyL5hrxngYuthSAr0Sd+wtZbaif8N9T1nzvVPxIWFXT83jiwa ecBA== X-Gm-Message-State: AOJu0Yw0fL0qia65hiG/rgDxKrQxooVVXxgGA34OGWmqOU5mRMNGU8mc otDF9pf53MsSO03rQOTozY3zhpISySbFWGTeTVYPW+zK6q9xf03tHojPFGqMblovoFp2UfLp/SZ d X-Gm-Gg: ASbGncsgvrTWsjxO9Sta3xLcICzIG0AVj5HXe6Bv/FYTn9efA4qbtBG4MWOADSvtSoZ /buS5oTZdqDa6SiCUyLqEgrZnacLvcwoZYL+cYacl2U6Xp5zEbGDRQySsfJW88GeB+k9BmK+q4d oxM07JWjA+X2Lb5QZFHJaWnNPPbghv1KCH9WFSCG/ZOich9GueEiPZ55nRXDv+6yqJYz31S+Qxc JkhV9o/Whp3sVaamaqJJkEvE00R8mZyZx70BIO5eLkfszwBXko7VGyctyzxEy/fTN0VVCWtaVFp 6NSE6YORViKkZe7dTsgr+zhPyyoM+UYkWTE= X-Google-Smtp-Source: AGHT+IEHEesg/Ha6AtTs6K4GeP4brbda21i1LVf9uYQ90kO1PWYt9e9Uh6IUGvM5MWqjxfMPcirSnA== X-Received: by 2002:a05:6a21:700d:b0:1ee:d8c8:4b82 with SMTP id adf61e73a8af0-1f58cbb5ba7mr14992992637.31.1741809361251; Wed, 12 Mar 2025 12:56:01 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.00 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:00 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 03/28] puzzles: ignore three new CVEs for a different puzzles Date: Wed, 12 Mar 2025 12:55:24 -0700 Message-ID: <9543945bb935e9a3e2bfbf731412188fc52ad2c9.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212697 From: Ross Burton As we just match on product by default, ignore three CVEs which are for the "Puzzles" WordPress theme by ThemeREX (CPE themerex:puzzles). (From OE-Core rev: 87326573c82ac1e8dc335319442236ef2341501e) Signed-off-by: Ross Burton Signed-off-by: Richard Purdie Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-sato/puzzles/puzzles_git.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-sato/puzzles/puzzles_git.bb b/meta/recipes-sato/puzzles/puzzles_git.bb index e9403ee130..48886b3039 100644 --- a/meta/recipes-sato/puzzles/puzzles_git.bb +++ b/meta/recipes-sato/puzzles/puzzles_git.bb @@ -47,3 +47,6 @@ STOP done } +CVE_STATUS[CVE-2024-13769] = "cpe-incorrect: issue in ThemeREX's Wordpress theme Puzzles" +CVE_STATUS[CVE-2024-13770] = "cpe-incorrect: issue in ThemeREX's Wordpress theme Puzzles" +CVE_STATUS[CVE-2025-0837] = "cpe-incorrect: issue in ThemeREX's Wordpress theme Puzzles" From patchwork Wed Mar 12 19:55:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58855 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E2D6C35FF2 for ; Wed, 12 Mar 2025 19:56:07 +0000 (UTC) Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by mx.groups.io with SMTP id smtpd.web10.4549.1741809363663643562 for ; Wed, 12 Mar 2025 12:56:03 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=ZurVxqsc; spf=softfail (domain: sakoman.com, ip: 209.85.214.173, mailfrom: steve@sakoman.com) Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-22403cbb47fso5175685ad.0 for ; Wed, 12 Mar 2025 12:56:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809363; x=1742414163; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=pPsfw/k/C+zPJzZNMh2/NFPq829yoH2bzzBecVfuZ0w=; b=ZurVxqsc3gTW19gP7dVbYcjC/MEJOSYaevKPjFrOUeF/h34OpSfQ4mLxrIRphUzRIf r0pG6N4LAyTMFuSv0TPn5O3eX4KdOiloAVptjKMuWFMJCeZr+TSQi5I/tSWwbPJuFaiL lkfEY98zaOp9Q+6nSrqeCb/RSAS9GiFyxT++UKBuaAqKy4sm6OKfjcXz8n+4mpkDSihT sbQoY9BWj+/3oSIscZ+n0+LofmtjzvCzwhtbB0Ap5GdvHc0SBD3RctcxLUF4TaH1AzvM Ey0Bct/0lBZNK45vzOKy3r8eG88lCPuVZchAtOlmV6bt+xNd/R4VFOF+1rH8de1aZH3S Us1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809363; x=1742414163; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pPsfw/k/C+zPJzZNMh2/NFPq829yoH2bzzBecVfuZ0w=; b=Rs1JBofyKvRnFKhbUe0Metj6hiTYpE2N4Aanvc/MJtfRvYt3HkF/ksfOZHaq2Uon7x Rqs0VEEzOXyRyLv56DtD3FcaNOoWNbGh57/D3GZWpJP/681HEkIIddyfV5hBq8RuoDUB hbD9IYOCTlpr9rYdOLydp0X9khpXJFCc16A8NXvWZKj31WWNhgY0x6TqeD/JF6tULl7p PKCu/OjbNs5MTtFopxv+GjYPujePEr+vzV9STTtctLtbeLNXSQnV4VA67wMvMe+K5fK1 Wda1rN3ctaQcnZOk0aZ72ZE1yAg5w+6IjcUpv7hYoY2RhH1F5zOfVlVHCzRW5GmhEAsX QF0A== X-Gm-Message-State: AOJu0Yws3dHF9IL2EocJJmylB2t1+ieuNLcKpoihpGOmCS8dC88gucf5 ggCmQCAN3cwYuyqoxseB0H5e0hGbTlu69FI1TZU+2V7o4tzY1qo3qBIZqj6YVaH66v2LiQ0OSUl l X-Gm-Gg: ASbGncus6iw+zJ72ZN2PXDb0dG/4++pwRTFoifKpGpod+OChE0icg7NmhafUEXF0TJN cU5vTWqJwr/t3MnLGMo1VhY/hrNejsTL6yZQh6OGdXsDkKW1OitsxXYPx9wsqAHxr2ELdN1pihn eR9PfytzAYUTBR1aH97DZiQwqgNFCUMa10b5dqpqL1rbzZff5noMKNUC4s6J4bHUQ63HJdpX3ew Gt6iKWrzcr3W7N5lj9BL4suqBQOOkNpDMOwA61NiWph25eJZHrBnHJfeenB+kjkzlGK7uP1ABoE jSo6bgfdiZ/ak8FRTCV8wxmDVCnorU2o43c= X-Google-Smtp-Source: AGHT+IFwqSf9Jwp2Dd3MTvTz+SSKUCpRXDIiuPK9r47ir2NkssHXsaqm8F0FG8H9xov39O9G4Poytg== X-Received: by 2002:a05:6a21:b90:b0:1f5:7862:7f3a with SMTP id adf61e73a8af0-1f578628090mr20481929637.14.1741809362815; Wed, 12 Mar 2025 12:56:02 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:02 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 04/28] cve-check.bbclass: Mitigate symlink related error Date: Wed, 12 Mar 2025 12:55:25 -0700 Message-ID: <35e210e3ebe21f1f4466760076b7140618af536e.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212698 From: Niko Mauno According to Yocto reference manual, in description of the IMAGE_LINK_NAME variable, it is said that It is possible to set this to "" to disable symlink creation, however, you also need to set :term:`IMAGE_NAME` to still have a reasonable value e.g.:: IMAGE_LINK_NAME = "" IMAGE_NAME = "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${IMAGE_VERSION_SUFFIX}" However, when using following additions in local.conf file: INHERIT += "cve-check" IMAGE_LINK_NAME = "" IMAGE_NAME = "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${IMAGE_VERSION_SUFFIX}" the implicit symlink creation in cve_check_write_rootfs_manifest leads to following build failure $ bitbake core-image-minimal core-image-base ... ERROR: core-image-base-1.0-r0 do_image_complete: Recipe core-image-base is trying to install files into a shared area when those files already exist. The files and the manifests listing them are: /home/poky/build/tmp/deploy/images/qemux86-64/.json (matched in manifest-qemux86_64-core-image-minimal.image_complete) Please adjust the recipes so only one recipe provides a given file. Mitigate the issue by creating the symlink only in case IMAGE_LINK_NAME has not been set to empty string. (From OE-Core rev: 64bfec359bd909761ce0a6a716286d938ed162d1) Signed-off-by: Niko Mauno Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- meta/classes/cve-check.bbclass | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index ed219bf472..badfee550c 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -281,13 +281,15 @@ python cve_check_write_rootfs_manifest () { if enable_json: manifest_name_suffix = d.getVar("CVE_CHECK_MANIFEST_JSON_SUFFIX") - link_path = os.path.join(deploy_dir, "%s.%s" % (link_name, manifest_name_suffix)) manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON") with open(manifest_name, "w") as f: json.dump(json_data, f, indent=2) - update_symlinks(manifest_name, link_path) + if link_name: + link_path = os.path.join(deploy_dir, "%s.%s" % (link_name, manifest_name_suffix)) + update_symlinks(manifest_name, link_path) + bb.plain("Image CVE JSON report stored in: %s" % manifest_name) } From patchwork Wed Mar 12 19:55:26 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58853 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 768DDC35FF1 for ; Wed, 12 Mar 2025 19:56:07 +0000 (UTC) Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) by mx.groups.io with SMTP id smtpd.web11.4754.1741809365133914127 for ; Wed, 12 Mar 2025 12:56:05 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=bNquIi77; spf=softfail (domain: sakoman.com, ip: 209.85.214.174, mailfrom: steve@sakoman.com) Received: by mail-pl1-f174.google.com with SMTP id d9443c01a7336-2232aead377so5022735ad.0 for ; Wed, 12 Mar 2025 12:56:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809364; x=1742414164; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Wmyz566HmCyCnmaJp0xxPYc2og8s+PAO2UsFt0yrEGE=; b=bNquIi77ZERF3GQ9Me4++UHtWqbvut6eorSqNqyt25Dtw68ezIMMPqvAEeZr9fvCTK Vc/MMdRFvHeBW3BTDQ9ABypTRpgw39GSUybU6fecD+jSmL5/XxQk2yv2n5GJkU3fAMbA UZRlGF5xxsVGcKyukxLCH5f1LlxQ/6L/Cr5xRRVDTR6KS8LgT8oCadWzoV4PPqKjJGOG yw6uVwGgKbdL1WvjZxorbn1abHpy0PGhw8Y6cmlvMZuX7vPMq49l3XyCh8nOPaMrfSGZ 0WB/vxLw7aWQif4kxkDydN31lTaLBQEodSOLWEpU+hLasuADAcgJiJ2SuHOLpJZGkTPN /E9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809364; x=1742414164; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Wmyz566HmCyCnmaJp0xxPYc2og8s+PAO2UsFt0yrEGE=; b=rgzyPr9ut7xNZy0xRAOLQJIJZXXQ1uWEpGmRhk9hEVg/X+awJivzrrsLyQVYOzSGw/ u4w2OF9PpkC8YP7pctyl5Y3fjvEmiFomWT2EC8lghx6zOJLxoruL3U3mEjaHFOi/mmmv JzoWtInwRX4ccnwwvJHkdDoy/HvEA3P+SYNZt5NbcY61aXDX3PWRX9NbwCcZ8iiv0xtE ++pNzr9NbSlwWTwP9Xt7Lw80j4pQHA8xOcIHipUox0rQdpnShiOirR1iJlkNmsCB5Qu8 AQLY4JeRxsmBku4QHuW8xR2CqD7Z5Cm8MBPmqZpmlGyfOTC3uah4ZLqxDZBJgKq4OR0a wmVw== X-Gm-Message-State: AOJu0YxPFV3s8aCBPxfIbWdIEjfuSOmJ3BlBcULJSG4G+wpYSbZbjb9a cFr739cG3ytmtK2VaGYwV7QBkNQZMZZtpYP0ADe/sfnPfzL08Sj7luPe7h3N//+lSeQhEKqsVmZ q X-Gm-Gg: ASbGncuoZKWk00Dbos8ZY0PbRPSlFxjcCjDNCpbNazdVprLQVUGntqnpIofb17Wfyae GRI2Y2ES8St4Yno3GAZj5V/R7iIhepHMIzw/TCGUZZqDOYJ1/BhV7KklvZ8TIya2U6sNEuouOY3 ojrJwNtqDt3hbgdWljWU2NhNOveB4oQhQbqL66G+Y8VC/4yzbAX6Q/VvFDJuz+Jdut795aXlJK9 ccOCS2cdb59T4w2V8kryALgdy5DUuAmqyJywUO6kaaIKNVESJ7yWpOyUas7sw9hvAY+eEUgwkJk ddxQDd6HdciPtkoekK1uC42NsGwkoP4pPL8= X-Google-Smtp-Source: AGHT+IF48L7O0aaNZPNjgBrr3LaOh+DvJOSRujc9mlQa5jHUw/xX8XHU6w3PZ/H6oOmQtTJE03r/pQ== X-Received: by 2002:a05:6a20:244f:b0:1f3:486c:8509 with SMTP id adf61e73a8af0-1f544b1864dmr33252702637.25.1741809364355; Wed, 12 Mar 2025 12:56:04 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:04 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 05/28] grub: drop obsolete CVE statuses Date: Wed, 12 Mar 2025 12:55:26 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212699 From: Peter Marko CVE-2021-46705 was needed only with 2.06 CVE-2023-4692 and CVE-2023-4693 were fixed in NVD DB meanwhile Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-bsp/grub/grub2.inc | 3 --- 1 file changed, 3 deletions(-) diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 54c0e9bdd5..c160d15717 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -24,11 +24,8 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" CVE_STATUS[CVE-2019-14865] = "not-applicable-platform: applies only to RHEL" -CVE_STATUS[CVE-2021-46705] = "not-applicable-platform: Applies only to SUSE" CVE_STATUS[CVE-2023-4001] = "not-applicable-platform: Applies only to RHEL/Fedora" CVE_STATUS[CVE-2024-1048] = "not-applicable-platform: Applies only to RHEL/Fedora" -CVE_STATUS[CVE-2023-4692] = "cpe-incorrect: Fixed in version 2.12 already" -CVE_STATUS[CVE-2023-4693] = "cpe-incorrect: Fixed in version 2.12 already" DEPENDS = "flex-native bison-native gettext-native" From patchwork Wed Mar 12 19:55:27 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58854 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7C627C35FF3 for ; Wed, 12 Mar 2025 19:56:07 +0000 (UTC) Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web11.4755.1741809366549976292 for ; Wed, 12 Mar 2025 12:56:06 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=0qd2VbYV; spf=softfail (domain: sakoman.com, ip: 209.85.214.169, mailfrom: steve@sakoman.com) Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-22334203781so24983925ad.0 for ; Wed, 12 Mar 2025 12:56:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809366; x=1742414166; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Te4j0GXjZIcL6U0LhVUyzYuYC5gl5EwURZKnqjGSjjQ=; b=0qd2VbYVDyp/uI9QUcKvbutSz38/ljErwGx3Kf3pEJ2e3XgFji8UWmHiX9B0dKtTKl A0FfBY6yC1QCl4ssBScc+8L1IvA182WvN5s8WbNK+9HQFybo0v48m9NQ42wAOtdc181l iUezC0RvT6VoL7Y4tL6Z4oXItBXruQbKOybaZ7hxfbfSZRf5mlBMe2bufX44kg77iyy2 dIef/iirm1/DFOfKblLXDzjUSfMt/QKBNz2hI33OxpE646++Kr7mlmgc3AkyYK00dnot O0WNR5sR6dQ2WHY4pIh/ZEsRUtHfKvDkuYynNPJxYNIG3E0ATJpsHkY+9s8L6k9KTzmA 4AxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809366; x=1742414166; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Te4j0GXjZIcL6U0LhVUyzYuYC5gl5EwURZKnqjGSjjQ=; b=KxXFladCSNBBByfb66oZUPlnbFsyVx29BXz8HeOzpoEdNd2QtTq2Vt+GMSVnn4qHYJ 9kniiAWzu2ovr5lW7dTbyV3/lzX86rMucyQJJWiIf3Yjtt73kbAmCv5YijPYAhp+nxW8 McW4iQ/jdbkGUyqYNV2vLzP1KR8NWaiAHlVeL+Sng/GDi/UXNbQ1n8ZTxbAbjOjir0zr JwX9MD55ebOx2ZsOQSXvgElwY4W62z1Olf2kyORl5es5sLYyCzr9KKuHOUXFwBeoaFTi lMrehLmdCHPM/8cJBFw98kxe3I98F+BiML0FJFL8AtFQsazz89tV+GCeX8+UPm7T6XIU 07GQ== X-Gm-Message-State: AOJu0YwSil9SN2AFzLQRuePUaNQdhNf+XtOvFdQxnpwMAFa2iwyd8YYF X6MqvtT53wtvn0FKS6CfmBGI3iLV0Ysej3i/SUVnNTzAsQ+KLEqlu09FFdaQLhAalHMM9kVXFB2 o X-Gm-Gg: ASbGncsm/8LbapY+QPUc5VWXNulGOzV9bJEGIzcGmST5RjYHpIr+iCe+XXmeO6Q4yCG Z8qkUJsvNkv3S/bCi7E3anaoDpJUeVwvuEDPie4hV7ya3EJH4h+sp7Wwn8hXhHjAF5n49jpzEMp Xg0ixXnZQTSAOGdhsJLjjFiYe3pez/3MKX3esNEWe0/g+EOlBy586C+c5dpIpFRBLCyrVL8GqLx B2qy8+KVYaZcd00VPBU4on5hO2xxQLXS6CfRWiyo9vJDaPfdhqDrP4a7O2spKOZg4k5+Oyg2FCG XUbIDmZAmJqt//OIJvhWoe2omYxntGT9q08= X-Google-Smtp-Source: AGHT+IHFz14sf8nAo+YH4rbuyZCJ8kN+oIqKBSmG34P2ISuVsH0dJw5iRMKDlSP+YYKNjEHy0b2/nw== X-Received: by 2002:a05:6a20:7f83:b0:1ee:45a4:eb3a with SMTP id adf61e73a8af0-1f5ad3d0172mr1372119637.3.1741809365840; Wed, 12 Mar 2025 12:56:05 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:05 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 06/28] grub: backport strlcpy function Date: Wed, 12 Mar 2025 12:55:27 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212700 From: Peter Marko It is used to fix multiple CVEs. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../0001-misc-Implement-grub_strlcpy.patch | 68 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 69 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/0001-misc-Implement-grub_strlcpy.patch diff --git a/meta/recipes-bsp/grub/files/0001-misc-Implement-grub_strlcpy.patch b/meta/recipes-bsp/grub/files/0001-misc-Implement-grub_strlcpy.patch new file mode 100644 index 0000000000..0ff6dff33a --- /dev/null +++ b/meta/recipes-bsp/grub/files/0001-misc-Implement-grub_strlcpy.patch @@ -0,0 +1,68 @@ +From ea703528a8581a2ea7e0bad424a70fdf0aec7d8f Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Sat, 15 Jun 2024 02:33:08 +0100 +Subject: [PATCH 1/2] misc: Implement grub_strlcpy() + +grub_strlcpy() acts the same way as strlcpy() does on most *NIX, +returning the length of src and ensuring dest is always NUL +terminated except when size is 0. + +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=ea703528a8581a2ea7e0bad424a70fdf0aec7d8f] +Signed-off-by: Peter Marko +--- + include/grub/misc.h | 39 +++++++++++++++++++++++++++++++++++++++ + 1 file changed, 39 insertions(+) + +diff --git a/include/grub/misc.h b/include/grub/misc.h +index 1578f36c3..14d8f37ac 100644 +--- a/include/grub/misc.h ++++ b/include/grub/misc.h +@@ -64,6 +64,45 @@ grub_stpcpy (char *dest, const char *src) + return d - 1; + } + ++static inline grub_size_t ++grub_strlcpy (char *dest, const char *src, grub_size_t size) ++{ ++ char *d = dest; ++ grub_size_t res = 0; ++ /* ++ * We do not subtract one from size here to avoid dealing with underflowing ++ * the value, which is why to_copy is always checked to be greater than one ++ * throughout this function. ++ */ ++ grub_size_t to_copy = size; ++ ++ /* Copy size - 1 bytes to dest. */ ++ if (to_copy > 1) ++ while ((*d++ = *src++) != '\0' && ++res && --to_copy > 1) ++ ; ++ ++ /* ++ * NUL terminate if size != 0. The previous step may have copied a NUL byte ++ * if it reached the end of the string, but we know dest[size - 1] must always ++ * be a NUL byte. ++ */ ++ if (size != 0) ++ dest[size - 1] = '\0'; ++ ++ /* If there is still space in dest, but are here, we reached the end of src. */ ++ if (to_copy > 1) ++ return res; ++ ++ /* ++ * If we haven't reached the end of the string, iterate through to determine ++ * the strings total length. ++ */ ++ while (*src++ != '\0' && ++res) ++ ; ++ ++ return res; ++} ++ + /* XXX: If grub_memmove is too slow, we must implement grub_memcpy. */ + static inline void * + grub_memcpy (void *dest, const void *src, grub_size_t n) diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index c160d15717..f3279f7d2b 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -19,6 +19,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://grub-module-explicitly-keeps-symbole-.module_license.patch \ file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \ file://0001-RISC-V-Restore-the-typcast-to-long.patch \ + file://0001-misc-Implement-grub_strlcpy.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:28 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58858 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 761A5C28B2E for ; Wed, 12 Mar 2025 19:56:17 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web10.4551.1741809368026006171 for ; Wed, 12 Mar 2025 12:56:08 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=I0Bvz0jP; spf=softfail (domain: sakoman.com, ip: 209.85.214.170, mailfrom: steve@sakoman.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-2255003f4c6so4954615ad.0 for ; Wed, 12 Mar 2025 12:56:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809367; x=1742414167; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=tBNDhtQkJL9cDjXdk13rmy12csmg52Ggtwhk+l9JMiI=; b=I0Bvz0jPqW/EmzveFeXBxjx36L+kKXnxs5Y7Mvgwe5Y9BxZ/xlYLKskrfxi4FhoPtl Q/njBpOXujF4Bvgp+weeP0UOs73Q2u2zBBK1NDjU/y/KiyI8SOgZFT1zDavAcrQ51S2p wt4AqRwiI2D1lDOGkGQJMgFFVi0zxZVEHEmuPVE9JxteQw1kOxXTW/+xFwWDqCG2WcXh ph/0SihGX/+JUUxyxM6huhwa8mtNdNF61TeREMXwivNdu8WDGFtOP+s5i2Km07sMK7yI UZoNr6GPAZM9f4MrIHFoY1qd/JheZsUGzFIJuo49cGiAFiIsTilKgbSG5dZM7jL+naze 5m1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809367; x=1742414167; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tBNDhtQkJL9cDjXdk13rmy12csmg52Ggtwhk+l9JMiI=; b=Wpp6vyA8+ULD+D8ZHTgiCT0Xwy5IIUr6O71qJCL9wtCLkH7fggFK9eUS9NjczOvedg opwy17oCkvsqNb9zj1c+3tPMe6FxVtdzPIdnxzD6+/BsYxZI9FnMrOQeF9bPT44mD9hX Jah3n8qPUUpSq8b1pDv/6IzMO5O/7LAJcKYJ/8bm0BNvhi1cqdv9wiKADaWYvhHEV2fn QeTS2MmKMJeZPj8bDN0f4ITOyIgU3IU4WZZseSjmfw4RCV7+m+g95JTVh93xNF/gRp+9 K5SPzG6B+6lEHt1kaj/FWBXCmwlJJqAPmzZupXXecZSjhyxE94ipRhvFwvhm9BY0WdYk Up9w== X-Gm-Message-State: AOJu0YyQFT/e2m0UC24tIcICRrzaXog78lpWChsAf5RQtq1D3R0SOJi6 9PDrpCAbEkP4aCtQOG3ZDl4fs4L1970kZPLuK/nRKVw8unFywrMn/O9Lq08T4geUroaFqMsKocS B X-Gm-Gg: ASbGnct/Izpfpl0Jn0t320lUeXNWZIXbrOxAbZIA6tHSC3e0YbOI9V2bHjKHePNSemj sX5kuHAXu81+UBcv7f1oNHJGhaL+woEIUzbwyrkQACQj/nfKo+myFb/I1pr5Q03MTncxfB2fC1T MtygkEQtp5JNoaknOCsUhqVaZ0a6QCGPM1wRhPNNZk3r1aSDiYsRClaZfBJyWOSBg/Kw1i74hku G+DapN7xSYESJplTBxCi6C0AyjxQKCl3zO9USbN00oTazcyGdBdcBJrLQ50EDw+lefad1D2oeO3 E+O9iLkCbitsRcR5YgsqI/nyg4Qoko7gr8M= X-Google-Smtp-Source: AGHT+IFntT0FhsHYzkWYnzccZIF20wfsRAvG7/F70Yc1M+6j0QI3XXcG/hwuEVd/T1Md8CRyHDLDlQ== X-Received: by 2002:a05:6a21:3a41:b0:1f3:3ca3:8216 with SMTP id adf61e73a8af0-1f58caefaf0mr12103972637.5.1741809367282; Wed, 12 Mar 2025 12:56:07 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:06 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 07/28] grup: patch CVE-2024-45781 Date: Wed, 12 Mar 2025 12:55:28 -0700 Message-ID: <120d8cc7b91654557a3101a5f8fda44fb703e5b2.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212701 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2024-45781.patch | 35 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 36 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45781.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45781.patch b/meta/recipes-bsp/grub/files/CVE-2024-45781.patch new file mode 100644 index 0000000000..bd0b6aa04a --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45781.patch @@ -0,0 +1,35 @@ +From c1a291b01f4f1dcd6a22b61f1c81a45a966d16ba Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Sun, 12 May 2024 02:03:33 +0100 +Subject: [PATCH 2/2] fs/ufs: Fix a heap OOB write + +grub_strcpy() was used to copy a symlink name from the filesystem +image to a heap allocated buffer. This led to a OOB write to adjacent +heap allocations. Fix by using grub_strlcpy(). + +Fixes: CVE-2024-45781 + +Reported-by: B Horn +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +CVE: CVE-2024-45781 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=c1a291b01f4f1dcd6a22b61f1c81a45a966d16ba] +Signed-off-by: Peter Marko +--- + grub-core/fs/ufs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/grub-core/fs/ufs.c b/grub-core/fs/ufs.c +index a354c92d9..01235101b 100644 +--- a/grub-core/fs/ufs.c ++++ b/grub-core/fs/ufs.c +@@ -463,7 +463,7 @@ grub_ufs_lookup_symlink (struct grub_ufs_data *data, int ino) + /* Check against zero is paylindromic, no need to swap. */ + if (data->inode.nblocks == 0 + && INODE_SIZE (data) <= sizeof (data->inode.symlink)) +- grub_strcpy (symlink, (char *) data->inode.symlink); ++ grub_strlcpy (symlink, (char *) data->inode.symlink, sz); + else + { + if (grub_ufs_read_file (data, 0, 0, 0, sz, symlink) < 0) diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index f3279f7d2b..bace594ac4 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \ file://0001-RISC-V-Restore-the-typcast-to-long.patch \ file://0001-misc-Implement-grub_strlcpy.patch \ + file://CVE-2024-45781.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:29 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58856 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 76171C28B28 for ; Wed, 12 Mar 2025 19:56:17 +0000 (UTC) Received: from mail-pj1-f44.google.com (mail-pj1-f44.google.com [209.85.216.44]) by mx.groups.io with SMTP id smtpd.web10.4553.1741809369519533637 for ; Wed, 12 Mar 2025 12:56:09 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=z3AMqrPH; spf=softfail (domain: sakoman.com, ip: 209.85.216.44, mailfrom: steve@sakoman.com) Received: by mail-pj1-f44.google.com with SMTP id 98e67ed59e1d1-2fee4d9c2efso487140a91.3 for ; Wed, 12 Mar 2025 12:56:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809369; x=1742414169; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=865OxS4PJJAuWoe+pExYnv5PJfKYIw4ILtsLOC++dIU=; b=z3AMqrPHsErhI3Pv9X20hQOl4ONk+SFaF9uA0u5Zz2z6SoB7OGVNbz3jWpzQimgwed iGNckkVx1vvqMN6MW4oUzR63VhXlb/UjcUxN+iE6vKav9KjFsO/DWFkHdED/16UN+zrf 8CpbrfqhyC5LlEdDBDJQ25EfJIXig3qYi6bkkV7ttfGNyXAVk6Jx1VL4ut72YEu8ZM2N BRYfkhy4SwxoOjWxMCzAt0OefvcV4rZxnsrWcoExgAL7Dkv78Du/he+Kg0IAIRfw6DgU F6MWvLagmd0E77iCWTfq2ylJxVMj93Hiho1rCAaGQw5C7RapwQA8N89AqU3zUL9g9h9m TVVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809369; x=1742414169; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=865OxS4PJJAuWoe+pExYnv5PJfKYIw4ILtsLOC++dIU=; b=SSGpbxgvPXHYvsBFDqlL2CB3VYut3KA0JKqWQwEZ9nGPGw2W42NMUkCZwCmee/GfFt DfRIdJGZlX1X3mDfTnYwNkQFEMwxxJ8oPheZYZJRHhIvDRlerRVrsDoPm6wksqBb0muB tm/hZMl6G5M7O6lck9nTD/LKMD9z1XmnZs/NZgX/qoHgGK5leOFL+kLPDKSyI5ZwTnpG vz0r57QlZ9WTxKNWaZMdDqWRsJ78s2X/OHz9Jr81dEuksmXP2jCYQ77F0olIE27m08rf wmlPCGQicBTzVcDDV8g4KauoU23GIg7gSUZJMHrL+GWNpaZZBuLjwjzV96AncivQpvBt wACQ== X-Gm-Message-State: AOJu0YyOhkCyJqW2Xi5yUQcBHcvZ35ygCXX/wNqkg3mdITddnTZAJTTC IdpaadDJUk5e2zdTLB74P5S36btbYv3L9YbcLs1+INovZwBUv0TYEj2V2IfHqvdL4dX4bDxEMgP s X-Gm-Gg: ASbGncshxkK5vJGLaTdMJXNdDLENPHyVH9xRs86cBMq35ID5a5oe4y4NBanto6Yi7mY MJMbSnNozOoU2VBFHxhPjLqM23j1t1fRR4/xc0xk3i/Ta6j+yERrcrEPYisv5qE3IGWT9gw+POq /X2VszGWcxt83NxfydpVQMQP03COSe/ouoQHz3t/ldec5pLLSfKFmgxDT0dsSmTA3ytOO5s/uSL i5cDP/ZYXNunP1UoIY0H9ZdQHfYQ41Vh8ZY5wtiSMx1tJuyZxeWqUHEkWvUGbOz0Dph3sR2atb7 v06W6WoYC8lTCte5MVxKDkCOPIH+KgRX6Lk= X-Google-Smtp-Source: AGHT+IFYBs+rEws3kXv/rwTTk77aR/5rAAt9X9vt3393IJo91b8CZ0kJhs4yU4/tDmgNHmXLRcHoXw== X-Received: by 2002:a05:6a21:730a:b0:1f5:72eb:8b3f with SMTP id adf61e73a8af0-1f572eb8eaamr23339696637.24.1741809368736; Wed, 12 Mar 2025 12:56:08 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:08 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 08/28] grub: patch CVE-2024-45782 and CVE-2024-56737 Date: Wed, 12 Mar 2025 12:55:29 -0700 Message-ID: <61268080ba160a4965873ba5aad6ebbfd1ee2fe1.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212702 From: Peter Marko Cherry-pick patch mentioning these CVEs. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../files/CVE-2024-45782_CVE-2024-56737.patch | 36 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45782_CVE-2024-56737.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45782_CVE-2024-56737.patch b/meta/recipes-bsp/grub/files/CVE-2024-45782_CVE-2024-56737.patch new file mode 100644 index 0000000000..41cc025b81 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45782_CVE-2024-56737.patch @@ -0,0 +1,36 @@ +From 417547c10410b714e43f08f74137c24015f8f4c3 Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Sun, 12 May 2024 02:48:33 +0100 +Subject: [PATCH] fs/hfs: Fix stack OOB write with grub_strcpy() + +Replaced with grub_strlcpy(). + +Fixes: CVE-2024-45782 +Fixes: CVE-2024-56737 +Fixes: https://savannah.gnu.org/bugs/?66599 + +Reported-by: B Horn +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +CVE: CVE-2024-45782 +CVE: CVE-2024-56737 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=417547c10410b714e43f08f74137c24015f8f4c3] +Signed-off-by: Peter Marko +--- + grub-core/fs/hfs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/grub-core/fs/hfs.c b/grub-core/fs/hfs.c +index 91dc0e69c..920112b03 100644 +--- a/grub-core/fs/hfs.c ++++ b/grub-core/fs/hfs.c +@@ -379,7 +379,7 @@ grub_hfs_mount (grub_disk_t disk) + volume name. */ + key.parent_dir = grub_cpu_to_be32_compile_time (1); + key.strlen = data->sblock.volname[0]; +- grub_strcpy ((char *) key.str, (char *) (data->sblock.volname + 1)); ++ grub_strlcpy ((char *) key.str, (char *) (data->sblock.volname + 1), sizeof (key.str)); + + if (grub_hfs_find_node (data, (char *) &key, data->cat_root, + 0, (char *) &dir, sizeof (dir)) == 0) diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index bace594ac4..8146ead5db 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -21,6 +21,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://0001-RISC-V-Restore-the-typcast-to-long.patch \ file://0001-misc-Implement-grub_strlcpy.patch \ file://CVE-2024-45781.patch \ + file://CVE-2024-45782_CVE-2024-56737.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:30 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58857 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7DEF0C35FF1 for ; Wed, 12 Mar 2025 19:56:17 +0000 (UTC) Received: from mail-pj1-f53.google.com (mail-pj1-f53.google.com [209.85.216.53]) by mx.groups.io with SMTP id smtpd.web10.4554.1741809371338247717 for ; Wed, 12 Mar 2025 12:56:11 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=diBA16Xw; spf=softfail (domain: sakoman.com, ip: 209.85.216.53, mailfrom: steve@sakoman.com) Received: by mail-pj1-f53.google.com with SMTP id 98e67ed59e1d1-2fee4d9c2efso487176a91.3 for ; Wed, 12 Mar 2025 12:56:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809370; x=1742414170; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Ami0/Av9bOjw7AJqBEH4v50NSG4KG+m71xxHAcr6zI8=; b=diBA16XwB75sAcBUDLdqmh6odaKBogmi4yzAgjBjPBxxopuHLZBVdhV9V5g4LATAHw rjcNjBvZNm5Qz6QgSfmP0ZNEPbc/Jet3FHBdQ6S+DqPr218D0IiYpl2laKQygtLooyt1 ae/9bJOgptAmxu8YU0a6Yj4NY9CLUg5tQl1kkUPAaDRb5uWRI28DlCMMNePxhN9vBKtL oTsN5nz+t4sA5cq6HnF/jBUZGaVmSLFWsukNJ39AKlQ3+nN/7GzxMzStczZDajpt3tNt XJWFgz8DpQrk+PR6HOWvUo6CymFoPRiiJBONTJaskLvxPg0FxtSh0+Ndy4kqp0uqjnDu tlpg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809370; x=1742414170; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ami0/Av9bOjw7AJqBEH4v50NSG4KG+m71xxHAcr6zI8=; b=udqed+Y/9MhGD5SoXHoc/zfuf/wBt+MMoTedoh3xhknYXkiiDX/J/D0Ammx+dTSOn2 DfSV+THVuKgsj+sDBp9lFFCml0xAxXpt3p3X8Bn2UHxC3TA9IWwmlKIsLFbQg60+w3VE eqSGjj6OZ19frObTLY/jgf1L4+tWfYGcclwqc1O8cASQDlDvORZIEMhqvJSuhqjOXeEk 5HltZ+8FqPYUfRYOcOWYVUI8KY0skRblN6Y9yew0DOQwcK9XBmLd7akhB5FODViPuoIz tZSs0CPcXft6av2JvA/x1NhVfGJTbzZoZvWgFTQPC0luM46T31O68XKHWZTDoymUxSvq WXPw== X-Gm-Message-State: AOJu0YyNGKnrCo0RziHRK6tqgjHY0QVDwrtwMN7QDSOGGyzLdagqfDek ZOTombwOuFV9ml1/4n2QQ6eyVa0sgB4bwRZvK/fOjAKIsADRpu86L7AhiBmbqDvRxgcgDL+vM4i u X-Gm-Gg: ASbGncsfvKrxjve+nTLqFodG3xgRRdVZw3Yv26ssG35gAf8XBjt9kmW9TXMSRYxXysd o6bZ/p52ySlOwOogOmKVoaQ2SNm3N3nXi/jJEVYI9JsU9Xa5wIRPb7SII0dc4RVGzVkdFqAEI4S smsoP1la+t/e2lVo3sjw3oEIsb9LinOiJkepGI9qf4Ci6U1Kj7XYlGo4OL1dz8TM/pUvWD9okgs RzU5q8aQu3pToxyL26dl4n/vtRrn3XaMwNAFF3m3Fb8PWHtDVtxPB3MhaPMgo+qO1rm9zNkIi6v uCVjrG0kGxGHEmstXNhTD9mKGuPGB1B9alpbsMU96VC2fA== X-Google-Smtp-Source: AGHT+IFFEhqgNblYskM7HVEZ9/oo7doo+PmDf15NZAjlpbKCWB02BAZQ4V3E33jDS2etwiMNLBXn2A== X-Received: by 2002:a05:6a21:7a41:b0:1f5:8d3b:e294 with SMTP id adf61e73a8af0-1f58d3bec3amr13686231637.16.1741809370533; Wed, 12 Mar 2025 12:56:10 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:10 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 09/28] grub: patch CVE-2024-45780 Date: Wed, 12 Mar 2025 12:55:30 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212703 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2024-45780.patch | 93 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 94 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45780.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45780.patch b/meta/recipes-bsp/grub/files/CVE-2024-45780.patch new file mode 100644 index 0000000000..1de0099f94 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45780.patch @@ -0,0 +1,93 @@ +From 0087bc6902182fe5cedce2d034c75a79cf6dd4f3 Mon Sep 17 00:00:00 2001 +From: Lidong Chen +Date: Fri, 22 Nov 2024 06:27:58 +0000 +Subject: [PATCH] fs/tar: Integer overflow leads to heap OOB write + +Both namesize and linksize are derived from hd.size, a 12-digit octal +number parsed by read_number(). Later direct arithmetic calculation like +"namesize + 1" and "linksize + 1" may exceed the maximum value of +grub_size_t leading to heap OOB write. This patch fixes the issue by +using grub_add() and checking for an overflow. + +Fixes: CVE-2024-45780 + +Reported-by: Nils Langius +Signed-off-by: Lidong Chen +Reviewed-by: Daniel Kiper +Reviewed-by: Alec Brown + +CVE: CVE-2024-45780 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0087bc6902182fe5cedce2d034c75a79cf6dd4f3] +Signed-off-by: Peter Marko +--- + grub-core/fs/tar.c | 23 ++++++++++++++++++----- + 1 file changed, 18 insertions(+), 5 deletions(-) + +diff --git a/grub-core/fs/tar.c b/grub-core/fs/tar.c +index 646bce5eb..386c09022 100644 +--- a/grub-core/fs/tar.c ++++ b/grub-core/fs/tar.c +@@ -25,6 +25,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -76,6 +77,7 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name, + { + struct head hd; + int reread = 0, have_longname = 0, have_longlink = 0; ++ grub_size_t sz; + + data->hofs = data->next_hofs; + +@@ -97,7 +99,11 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name, + { + grub_err_t err; + grub_size_t namesize = read_number (hd.size, sizeof (hd.size)); +- *name = grub_malloc (namesize + 1); ++ ++ if (grub_add (namesize, 1, &sz)) ++ return grub_error (GRUB_ERR_BAD_FS, N_("name size overflow")); ++ ++ *name = grub_malloc (sz); + if (*name == NULL) + return grub_errno; + err = grub_disk_read (data->disk, 0, +@@ -117,15 +123,19 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name, + { + grub_err_t err; + grub_size_t linksize = read_number (hd.size, sizeof (hd.size)); +- if (data->linkname_alloc < linksize + 1) ++ ++ if (grub_add (linksize, 1, &sz)) ++ return grub_error (GRUB_ERR_BAD_FS, N_("link size overflow")); ++ ++ if (data->linkname_alloc < sz) + { + char *n; +- n = grub_calloc (2, linksize + 1); ++ n = grub_calloc (2, sz); + if (!n) + return grub_errno; + grub_free (data->linkname); + data->linkname = n; +- data->linkname_alloc = 2 * (linksize + 1); ++ data->linkname_alloc = 2 * (sz); + } + + err = grub_disk_read (data->disk, 0, +@@ -148,7 +158,10 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name, + while (extra_size < sizeof (hd.prefix) + && hd.prefix[extra_size]) + extra_size++; +- *name = grub_malloc (sizeof (hd.name) + extra_size + 2); ++ ++ if (grub_add (sizeof (hd.name) + 2, extra_size, &sz)) ++ return grub_error (GRUB_ERR_BAD_FS, N_("long name size overflow")); ++ *name = grub_malloc (sz); + if (*name == NULL) + return grub_errno; + if (hd.prefix[0]) diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 8146ead5db..6fa096c57b 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -22,6 +22,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://0001-misc-Implement-grub_strlcpy.patch \ file://CVE-2024-45781.patch \ file://CVE-2024-45782_CVE-2024-56737.patch \ + file://CVE-2024-45780.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58859 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 82F6CC2BA1B for ; Wed, 12 Mar 2025 19:56:17 +0000 (UTC) Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by mx.groups.io with SMTP id smtpd.web10.4556.1741809372941143880 for ; Wed, 12 Mar 2025 12:56:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=O7veqJhd; spf=softfail (domain: sakoman.com, ip: 209.85.214.175, mailfrom: steve@sakoman.com) Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-224191d92e4so4660565ad.3 for ; Wed, 12 Mar 2025 12:56:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809372; x=1742414172; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=2e51UW24XYR+n17o67gk7ZtywxYcOoCqo/ZkymCj1Fs=; b=O7veqJhdu8M5eX6qgYqnoczbwPEgw/yVMdrBDa/UgwtdwGvuMA8sk8nAzyLT9QLvT3 kj4iuzkC7LUS8yJcJeDZzcsGWbS+PULB4oy4Uugtm+vMtCgzgSrpemzZBwnYg21lL9/9 GH8Que9XUSC92T4XAF1HVt7O2zY7c9FP9uXmLnbewckshDNk063KIPwvXp1q1gVt/tab LcOdxRA0rpKM7VWfEqGhmUuSzYgmfaRxqf5/riuRtwQF2GSM2rKY0BRT56tyJoejD1IT JbIVRTeAyaKQBbVF4iiMBn0cMbVqYexa/gBrDhbW5//GrjOIPnRGRRlC4XJJ/FMg9dQW yrwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809372; x=1742414172; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2e51UW24XYR+n17o67gk7ZtywxYcOoCqo/ZkymCj1Fs=; b=j5cBba4lVpccovRuXHhJJyALd/Xq15i4Nqm5p0sy6SusE7buZb2MxyC07Y9RVv/SUj b9GWNyk+IPSDjHMkWt95aWTHJhu+zkWUsNGqia5s2e94TT1tNayU0XWfrAfsJAw8WSUd hGLYrhMyqybGQqQO2xTh9ZKo4/Nf81uTpWW2Le1Yarl2golamVUy6n9eai0lZ25xYi6A ZrVtuIKVgWFqw1b2OqYQAU2jXZ4kreDKUCvMrV9vAaClqp+2vB0+ntyDK5kg2/NDZvsQ e2iez/pOIJh27ZGv/sNLccQ9Jal6DCf0w25v6cWHbblNwaVSHaUAKS8Mf+DBo0AsiUqf LSZw== X-Gm-Message-State: AOJu0Yx6TH16rQU1wWBvGvk7LxXHKJLj+/pFh72Ao8i6kF0RaMuoW0DN FTjKtm1U5y0ecgFiLUUFS+1tquqDgV6ZGA7josOo2zfLMpLP9MCFWB3YgIBxzNl613fUrlUAPvo J X-Gm-Gg: ASbGncs5zisZ5X5tXSvk+XWOWvpQB4W1oUT5iQXrNpRKKiGLmxyMzgG198GIqrZSFmg p7ZbLua8/XgF0Jr1O98rwJ+6cUKzhxWSL1bqMmJi1GyBGLhieKk/D55KfYfLr9l5jjc3u0oDPBz xPQCVoHO4CT4Jmqty1yZYCJlDVHAg1w+MjfuynFTEM0cEjYaRcVcNRIjfhlbNDjXcCaNUnZIhnq WhSgkFKGt+sqBU1ReVxFe7Ib8tsX/cCShAkjdwVxKyvTYvw986qMVloTq3CbCXRPlBGQX2QdPiS AIlo5qk+o4vkRNrbPD3fu9rWgJCIT/hv4c8= X-Google-Smtp-Source: AGHT+IEWhs7g/ikY2eFvVyFl6WFNupo2FvmmeEngaFvn8kv/IoYonpOJLYK3mjahX9T7TcCIgRuerQ== X-Received: by 2002:a05:6a21:6f07:b0:1f5:79c4:5da2 with SMTP id adf61e73a8af0-1f579c473bdmr22610462637.31.1741809372254; Wed, 12 Mar 2025 12:56:12 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:11 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 10/28] grub: patch CVE-2024-45783 Date: Wed, 12 Mar 2025 12:55:31 -0700 Message-ID: <70a15bc790025e3241274d3e92674928c41537b6.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212704 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2024-45783.patch | 39 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 40 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45783.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45783.patch b/meta/recipes-bsp/grub/files/CVE-2024-45783.patch new file mode 100644 index 0000000000..99c769961b --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45783.patch @@ -0,0 +1,39 @@ +From f7c070a2e28dfab7137db0739fb8db1dc02d8898 Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Sun, 12 May 2024 06:22:51 +0100 +Subject: [PATCH] fs/hfsplus: Set a grub_errno if mount fails + +It was possible for mount to fail but not set grub_errno. This led to +a possible double decrement of the module reference count if the NULL +page was mapped. + +Fixing in general as a similar bug was fixed in commit 61b13c187 +(fs/hfsplus: Set grub_errno to prevent NULL pointer access) and there +are likely more variants around. + +Fixes: CVE-2024-45783 + +Reported-by: B Horn +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +CVE: CVE-2024-45783 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=f7c070a2e28dfab7137db0739fb8db1dc02d8898] +Signed-off-by: Peter Marko +--- + grub-core/fs/hfsplus.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c +index 295822f69..de71fd486 100644 +--- a/grub-core/fs/hfsplus.c ++++ b/grub-core/fs/hfsplus.c +@@ -405,7 +405,7 @@ grub_hfsplus_mount (grub_disk_t disk) + + fail: + +- if (grub_errno == GRUB_ERR_OUT_OF_RANGE) ++ if (grub_errno == GRUB_ERR_OUT_OF_RANGE || grub_errno == GRUB_ERR_NONE) + grub_error (GRUB_ERR_BAD_FS, "not a HFS+ filesystem"); + + grub_free (data); diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 6fa096c57b..604c2fe568 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -23,6 +23,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2024-45781.patch \ file://CVE-2024-45782_CVE-2024-56737.patch \ file://CVE-2024-45780.patch \ + file://CVE-2024-45783.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:32 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58860 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8AD7DC35FF2 for ; Wed, 12 Mar 2025 19:56:17 +0000 (UTC) Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by mx.groups.io with SMTP id smtpd.web10.4558.1741809374415301518 for ; Wed, 12 Mar 2025 12:56:14 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Vd29Bkp7; spf=softfail (domain: sakoman.com, ip: 209.85.214.182, mailfrom: steve@sakoman.com) Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-22355618fd9so4853795ad.3 for ; Wed, 12 Mar 2025 12:56:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809374; x=1742414174; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=FmSZqAgK1aEc974gYVMnErfQQO9yEgayfV/lf5Fud6w=; b=Vd29Bkp7+Cz0zYCPl5KDk5r52SInfUl+wcMhOcS428LS/xSoPTw2gAHYl5r/5vHxNK L9+edcxuoP9zlyutZbuW0ETwtOJjkEQvIZt0LM9016f8XYxkL9POooSp4WZjYFYAnHwu mhUJzIU+lwh/3k9mZrmDV6KRWUjK+k7YlijMfWz4VFTJn5ghPTNQ10vI3DQA28yB+dC6 tzkseiWMfTrTzHFCjXZL984f11S90SfreS/GCrd/Y6Hly+jYwQ3IIL+VljJ/D8BMb6jf Big07sUd34f2a/2G2zZLHobrUp9ooJplJZh1q6yTz50UZlo9zwuU+vmWV5WqGqscZsmn vqxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809374; x=1742414174; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FmSZqAgK1aEc974gYVMnErfQQO9yEgayfV/lf5Fud6w=; b=EwM3acUI2hPYkTlgHr48w/3aNHrDV1nHLRFSaLLWNr2opK/LKk2l/XcerADvHvuSib jHzyHg4XKg0o6sL2HRHUm7/mE6VPTTIJP4eoVQ71TWN/GhM6CxeZ1GwANPjYOFdV8tH7 Dm6r67tolZobjA+p2wuwVnhyH80pphtsOhJ5oQKOzTPa6HwlyoiZZ1KpV+LhCK4xV/Hc cYrVooVlxIhCNP3g50uk4MvWIejGP9JLBnmpHdlTO8hVX0WRIxLB3mE3duGlc+Z/6VTE KS63crIfkjTH5BnsmNcun+64h0P5UxEcHtmdkvTkigQByJ0cvfn9QlYluLiRnDi5spCF I4uw== X-Gm-Message-State: AOJu0YzfxIWJxvhcmLLHma4fwoCPZv2g/OAWulpj1WJnPBDHx5foHXuI 2hkEN/UAfHPFRV9Yd9PL1EkagfY1SRNT/se6wclIcJboxorp2PXKninIwDrm/MDuX6tK89TFWRo J X-Gm-Gg: ASbGncsugAOoCGycG1MhUV5AOuPWWDeCJXBVhvMm4NfOzKQeoNcvOph8mrcSfdpUlIS EN2oScfgVkMjaa4HaMVe0QQIAihGuGBfV18rF7Z3uYnDwKMK5B/lgagAukwctCzdmI89Ug4oV99 8aUPsna8nhwoiowyYpobEKaP6qgOHX3eU2W3aEu7ttqR4LB/9H9e1VDtaEPxCQA+6ITf+qmlACR pOLV9Ily6ZGSk8yafQ/KekTbNG6uTMQaScZIUi8jWreV0VDC+HXzj8627GOAWiDA0Wj364fUQl5 V7AZVNNTVnvq2H+oALgkqZFY67E6nNxeong= X-Google-Smtp-Source: AGHT+IEfQLL2p2ZSb4dqjsgjGDKq/GSYAVO6MbSNtIX3ddR5+ELz3tgBFJMkfFMIOU9rzncfxBHvXQ== X-Received: by 2002:a05:6a21:3a85:b0:1f3:40a9:2c36 with SMTP id adf61e73a8af0-1f58cb20502mr13596415637.10.1741809373747; Wed, 12 Mar 2025 12:56:13 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:13 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 11/28] grub: patch CVE-2025-0624 Date: Wed, 12 Mar 2025 12:55:32 -0700 Message-ID: <0c860bf1765b49a7540ae3cb206ce09cf25f30a7.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212705 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2025-0624.patch | 84 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 85 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0624.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2025-0624.patch b/meta/recipes-bsp/grub/files/CVE-2025-0624.patch new file mode 100644 index 0000000000..229fe6399e --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2025-0624.patch @@ -0,0 +1,84 @@ +From 5eef88152833062a3f7e017535372d64ac8ef7e1 Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Fri, 15 Nov 2024 13:12:09 +0000 +Subject: [PATCH] net: Fix OOB write in grub_net_search_config_file() + +The function included a call to grub_strcpy() which copied data from an +environment variable to a buffer allocated in grub_cmd_normal(). The +grub_cmd_normal() didn't consider the length of the environment variable. +So, the copy operation could exceed the allocation and lead to an OOB +write. Fix the issue by replacing grub_strcpy() with grub_strlcpy() and +pass the underlying buffers size to the grub_net_search_config_file(). + +Fixes: CVE-2025-0624 + +Reported-by: B Horn +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +CVE: CVE-2025-0624 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=5eef88152833062a3f7e017535372d64ac8ef7e1] +Signed-off-by: Peter Marko +--- + grub-core/net/net.c | 7 ++++--- + grub-core/normal/main.c | 2 +- + include/grub/net.h | 2 +- + 3 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/grub-core/net/net.c b/grub-core/net/net.c +index 0e41e21a5..9939ff601 100644 +--- a/grub-core/net/net.c ++++ b/grub-core/net/net.c +@@ -1909,14 +1909,15 @@ grub_config_search_through (char *config, char *suffix, + } + + grub_err_t +-grub_net_search_config_file (char *config) ++grub_net_search_config_file (char *config, grub_size_t config_buf_len) + { +- grub_size_t config_len; ++ grub_size_t config_len, suffix_len; + char *suffix; + + config_len = grub_strlen (config); + config[config_len] = '-'; + suffix = config + config_len + 1; ++ suffix_len = config_buf_len - (config_len + 1); + + struct grub_net_network_level_interface *inf; + FOR_NET_NETWORK_LEVEL_INTERFACES (inf) +@@ -1942,7 +1943,7 @@ grub_net_search_config_file (char *config) + + if (client_uuid) + { +- grub_strcpy (suffix, client_uuid); ++ grub_strlcpy (suffix, client_uuid, suffix_len); + if (grub_config_search_through (config, suffix, 1, 0) == 0) + return GRUB_ERR_NONE; + } +diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c +index 90879dc21..838f57fa5 100644 +--- a/grub-core/normal/main.c ++++ b/grub-core/normal/main.c +@@ -344,7 +344,7 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)), + + if (grub_strncmp (prefix + 1, "tftp", sizeof ("tftp") - 1) == 0 && + !disable_net_search) +- grub_net_search_config_file (config); ++ grub_net_search_config_file (config, config_len); + + grub_enter_normal_mode (config); + grub_free (config); +diff --git a/include/grub/net.h b/include/grub/net.h +index 228d04963..58a4f83fc 100644 +--- a/include/grub/net.h ++++ b/include/grub/net.h +@@ -579,7 +579,7 @@ void + grub_net_remove_dns_server (const struct grub_net_network_level_address *s); + + grub_err_t +-grub_net_search_config_file (char *config); ++grub_net_search_config_file (char *config, grub_size_t config_buf_len); + + extern char *grub_net_default_server; + diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 604c2fe568..9e037e953e 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -24,6 +24,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2024-45782_CVE-2024-56737.patch \ file://CVE-2024-45780.patch \ file://CVE-2024-45783.patch \ + file://CVE-2025-0624.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:33 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58861 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 90256C35FF4 for ; Wed, 12 Mar 2025 19:56:17 +0000 (UTC) Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) by mx.groups.io with SMTP id smtpd.web10.4559.1741809375884490500 for ; Wed, 12 Mar 2025 12:56:15 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=rM+1/9g8; spf=softfail (domain: sakoman.com, ip: 209.85.216.49, mailfrom: steve@sakoman.com) Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-3011737dda0so517936a91.1 for ; Wed, 12 Mar 2025 12:56:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809375; x=1742414175; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=E5igRJZmNKCmHGf3VIiHpHjwWCllLCz7YQ2NSZntBNs=; b=rM+1/9g8XApJwKilKt08TTE1Vdl2EebjJ/kGa7Ro0QhL0vlhOb+SozhBf6T7J844cX 7QsreO26hv6vu88Kv6Y5hlTR64FYNCSpKQzERJeSH2p6PbCkviwj5u8+BxEpo8mztH5I wHPcZY6ZD7fKJkZz8NtLh6V5g2/OOqqY8OjVAaOuZwCEpKg4QvA1LKiwOUVomWCY2rvN MQRxd8jeHLguUFAWh7fyZIM5DSmD+fxC1e+CqO9gSNccORtkiCYmqxALaGSH9Yw/J9pf fbNxD5WFG0hqaOGAH4Q+2UHk/m2nFs8yo7TxJn+nI8x61dfv32+HOwaEI9mcUYWSipi2 Lnrw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809375; x=1742414175; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=E5igRJZmNKCmHGf3VIiHpHjwWCllLCz7YQ2NSZntBNs=; b=YorZBY4vK2nqfBf0qqKvWM3gwcll0AtDZZIdjX8avzusOQfFBfEfHsoEehynUYsLMt flTbR8jVQyRlO8iasi9IpBCRdZ2UyZH3Wc0iZ8ZrpnDEq68t3cEhT0QfFHm4YaFYyFr9 c3ifHpt2+B+3sXKCpGT9Nh1uVs3v8nAvYW7mOk5uNiGoXpPDgGWLFWU8c1mx76wEcfRp X0JjCF9KivT5+g82udzUtuEKMxDBcV/j9rYYo55UCu+Rrs/vp0lLXGQmVMinJWG8qlMX U9g2aHvnvJ4x6BP3Bni3zm6vCicgEyka3DXcIB0/b7tDp7xY7VvrhMSrWKLxzApgclYj uTKA== X-Gm-Message-State: AOJu0Yx3xMt+34YID+A9uLwT8iPi2JVNsHOL8nEE05IiYdDOOAqvpxUj YL+8YoJRxpnL8eEKbO8VZa5Yo71qN+BFbh5MPGle4nO6UdWnK0O3ecp21tK2sGA8osn2nWXm6I7 q X-Gm-Gg: ASbGncvgtmzc+rPRQYUFVHhNIOIXJBhkW2MnbK1Sr7wXQNsa00yzYCq3yKHdvNIfS22 ZJG8gAgW9Bunqan5diciuEt5BtZAgCNjY6ERcD7hVlc5bfPnuORqnsP9U+WEL7AeyqH0RCySda0 xIOLahFND4eeB42LIGzP9H3tzhY3VZWzsQ0bTM7WLsI4z0NcOVPlI5+on5E+wKi5eedK9G04BDS HkNN4/9T714s4wGMl26qtJjj5cTelaio/8mw394t7OuIopUQhGzscOHtllQHcSXPv7yU++3NkDi Cf4WPliMDuZ7DkP3u0P6hYNmttTcGlNe++w= X-Google-Smtp-Source: AGHT+IGjsJr+Nd66gRWBwuH6rnvRwfkWD9p45XIreAC8jK2kYmNK+6eUNdFRjSLZt6B/AsiaAm+kYg== X-Received: by 2002:a05:6a21:2d86:b0:1f5:852a:dd8a with SMTP id adf61e73a8af0-1f5852ae201mr17665483637.28.1741809375147; Wed, 12 Mar 2025 12:56:15 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:14 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 12/28] grub: patch CVE-2024-45774 Date: Wed, 12 Mar 2025 12:55:33 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212706 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2024-45774.patch | 37 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45774.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45774.patch b/meta/recipes-bsp/grub/files/CVE-2024-45774.patch new file mode 100644 index 0000000000..55aecc17d7 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45774.patch @@ -0,0 +1,37 @@ +From 2c34af908ebf4856051ed29e46d88abd2b20387f Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Fri, 8 Mar 2024 22:47:20 +1100 +Subject: [PATCH] video/readers/jpeg: Do not permit duplicate SOF0 markers in + JPEG + +Otherwise a subsequent header could change the height and width +allowing future OOB writes. + +Fixes: CVE-2024-45774 + +Reported-by: Nils Langius +Signed-off-by: Daniel Axtens +Reviewed-by: Daniel Kiper + +CVE: CVE-2024-45774 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=2c34af908ebf4856051ed29e46d88abd2b20387f] +Signed-off-by: Peter Marko +--- + grub-core/video/readers/jpeg.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c +index ae634fd41..631a89356 100644 +--- a/grub-core/video/readers/jpeg.c ++++ b/grub-core/video/readers/jpeg.c +@@ -339,6 +339,10 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data) + if (grub_errno != GRUB_ERR_NONE) + return grub_errno; + ++ if (data->image_height != 0 || data->image_width != 0) ++ return grub_error (GRUB_ERR_BAD_FILE_TYPE, ++ "jpeg: cannot have duplicate SOF0 markers"); ++ + if (grub_jpeg_get_byte (data) != 8) + return grub_error (GRUB_ERR_BAD_FILE_TYPE, + "jpeg: only 8-bit precision is supported"); diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 9e037e953e..4e13b0eb43 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -25,6 +25,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2024-45780.patch \ file://CVE-2024-45783.patch \ file://CVE-2025-0624.patch \ + file://CVE-2024-45774.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:34 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58862 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8AE3FC28B2E for ; Wed, 12 Mar 2025 19:56:27 +0000 (UTC) Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by mx.groups.io with SMTP id smtpd.web11.4758.1741809377644092371 for ; Wed, 12 Mar 2025 12:56:17 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=YmIvKh57; spf=softfail (domain: sakoman.com, ip: 209.85.216.47, mailfrom: steve@sakoman.com) Received: by mail-pj1-f47.google.com with SMTP id 98e67ed59e1d1-2ff799d99dcso586319a91.1 for ; Wed, 12 Mar 2025 12:56:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809377; x=1742414177; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Jnb6jY0ft7m18MRl4JJk8nQn+dYCq4+zek518ewF4OI=; b=YmIvKh57OtsgA6Xgtu5J+mlkgPTRv3SfUz0hE1OlSCxMtwO145Vq82kn2ul++OKg/d JoWIYeASbllgGCmsCd35VEjljQc+fqmn3OzNaFD/gqS58EQ3Wc0I0aU8b7AzH58a05F+ v142rprK62N+vc2l26aIbKyNzHFKR5X8N7zqnLW08z1fx0p/r7ZldpdFLmQadA7tHJcS Flt7WoxVh6AT22HBv3Y45RAE1e9wq9VRQ+LSJUyLIXhSs4Ww2IxdTg3gtgNMArTqCHWF vaHIhfFNFkfNDvnb6/AJwAxkiJvp75gmmKWQubus86iqWPWzNUDkFgMyUBOClNqVFxWC nmmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809377; x=1742414177; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Jnb6jY0ft7m18MRl4JJk8nQn+dYCq4+zek518ewF4OI=; b=wlu+iaI+4MzNrIy5LM8c0GlFN0Rif75ilDd9qoYHzgxbfwdJm5wNsl3ORV4Dhdfcx5 XtfrnkuJn8y7KSoNb9zTk37ZJNQcgEUSVDSuY7RGKoxVtDGFXqhqMfPjZsmsUlLtwES5 tNIKqF7zAiI3y2GUlvRaaOMBDjyE7gsCyp4+npbwoyhTog49eIYt42TX3Njd3TKfzI3T TlLVTAyXXJjsGV0C8DFgjP3MiNuzEYIRIH/Ul7+CDjbHq/Wk4JP3UE+pvmPZsdyRSCym wjb6u41Ug7lkhrP2WX2Jech+ewOVJ/d2ey+lUPxnhOjLjLOCQkm4QkY9GQdf/3RRiM6H SIHQ== X-Gm-Message-State: AOJu0Yxa8nwAAtISh2k4+DdzKDJZI54JPrOpqwnbKk8sABHIfhLJyoKl CZRaNCtffJjoETjiC0Xa+CHzWv0r0Jw1PMI9dhC0zPZTIa2+zSqndt9vPvrowFA5u5OlULCVRvR d X-Gm-Gg: ASbGncuN7Zk/0BUtnW4QFB/BxxczschMfGPyWjylU+4nc/yLK8ODNGU/j5wtaxvg0qI m9r4LZa+8hgKEVc9owEI/ia37X6cXJgmMvIzHCIFZesDInq2Dg5esjD2RZmWyQSkz4YSzDyD+vK hCzlrBP26q1QAtiIh4cBCuE14qujy1T2j0B3GTEree0NgWUaYcqp6dDgPHij+5OCZGXM7KMXNOx VuyHd8srmghu9Kud0MQSICSwlwBuzoNb1TONKuJpDp+SUHPEA2jTvKV9rNOmlfAWmvgGQJ8Tk4a Q0OUFDb/+a0jGGhqXdM9OQ0UVgp7tAcakJI= X-Google-Smtp-Source: AGHT+IHBJbnI+ZLPcc2jbH589DUAZz2oTseBNg5MG5vPsXY9GMfKx5G74zmCoqyAA4mG+W6kmO1H5w== X-Received: by 2002:a05:6a20:c79a:b0:1f5:8153:9407 with SMTP id adf61e73a8af0-1f5815394eamr19324350637.20.1741809376917; Wed, 12 Mar 2025 12:56:16 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:16 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 13/28] grub: patch CVE-2024-45775 Date: Wed, 12 Mar 2025 12:55:34 -0700 Message-ID: <4e01993bf71d3b8e2375ab43857b671738953507.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212707 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2024-45775.patch | 38 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45775.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45775.patch b/meta/recipes-bsp/grub/files/CVE-2024-45775.patch new file mode 100644 index 0000000000..70492b8c2e --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45775.patch @@ -0,0 +1,38 @@ +From 05be856a8c3aae41f5df90cab7796ab7ee34b872 Mon Sep 17 00:00:00 2001 +From: Lidong Chen +Date: Fri, 22 Nov 2024 06:27:55 +0000 +Subject: [PATCH] commands/extcmd: Missing check for failed allocation + +The grub_extcmd_dispatcher() calls grub_arg_list_alloc() to allocate +a grub_arg_list struct but it does not verify the allocation was successful. +In case of failed allocation the NULL state pointer can be accessed in +parse_option() through grub_arg_parse() which may lead to a security issue. + +Fixes: CVE-2024-45775 + +Reported-by: Nils Langius +Signed-off-by: Lidong Chen +Reviewed-by: Daniel Kiper +Reviewed-by: Alec Brown + +CVE: CVE-2024-45775 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=05be856a8c3aae41f5df90cab7796ab7ee34b872] +Signed-off-by: Peter Marko +--- + grub-core/commands/extcmd.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/grub-core/commands/extcmd.c b/grub-core/commands/extcmd.c +index 90a5ca24a..c236be13a 100644 +--- a/grub-core/commands/extcmd.c ++++ b/grub-core/commands/extcmd.c +@@ -49,6 +49,9 @@ grub_extcmd_dispatcher (struct grub_command *cmd, int argc, char **args, + } + + state = grub_arg_list_alloc (ext, argc, args); ++ if (state == NULL) ++ return grub_errno; ++ + if (grub_arg_parse (ext, argc, args, state, &new_args, &new_argc)) + { + context.state = state; diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 4e13b0eb43..0378d5ee72 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -26,6 +26,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2024-45783.patch \ file://CVE-2025-0624.patch \ file://CVE-2024-45774.patch \ + file://CVE-2024-45775.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:35 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58863 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8AD48C28B28 for ; Wed, 12 Mar 2025 19:56:27 +0000 (UTC) Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by mx.groups.io with SMTP id smtpd.web11.4759.1741809379093592235 for ; Wed, 12 Mar 2025 12:56:19 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=DAF21yZ1; spf=softfail (domain: sakoman.com, ip: 209.85.214.175, mailfrom: steve@sakoman.com) Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-223fb0f619dso4729095ad.1 for ; Wed, 12 Mar 2025 12:56:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809378; x=1742414178; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=TxcEsmrb4toFcDaBjli3XzhmWVwT2dpnJv4yxX3YDug=; b=DAF21yZ1oYaE5LEgiJpMI4DUcmrCD8XDcxKGQ9XTAnHCyExw5Vn2FPZdSBIlS6lj+Z qvoc/pR+VGjtBxqIPOc8XB4oIHmfqIUgeV9irTHJfh5d89EVxNyy175hvfNcBe+mzfwY fNKz4FXqffTzQKB/KZ5tGrRUquJyEHMc2Y/2ICFYdjS4uzB9A+yVW6U+3Hdfg3gCGoML LrFVSDqRMwlCfgJoDGpIAej6I9Mvx69FKuYSWEgxjWSoraECH/2nf493ggztM0SShYoG nNiGLM32JEVMDwKqAjduYRlNc37FNoJe5xMnq6a40D/zVP2gGwA4j+PL7NH+styglao9 33qg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809378; x=1742414178; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TxcEsmrb4toFcDaBjli3XzhmWVwT2dpnJv4yxX3YDug=; b=W3NAJ6dY1w/5e7rCwV+ZTFmTR4Y5aK7IX50Na6/erCrkAEjEdqfq4AHmOM5UbI/QaU AaCRJsgtQIH+x4plF8+awYGn+Xb/ByWgoIWw4GFM3L/Wfcn7XjVaRER5r4CbxjavZHJ0 USkLV6As5JxPtGmZ4SaCeA8YoZldBVcin5sX9OWSiBKtD4Is/wOQn6cFd+NLTln5TgY2 9li+ppdV40XANByuJ/gHS8nUo0FaG9/NU4ZqCgUGI1EtlFlldhNox3L+wLJ9coc9TcWZ BSSdc444zzLxzLBI2LdMn3c1YQPMRJqZW5xVxLgOYXk+sc5XUukU5/9b4FzlTa2VLaZU bhSw== X-Gm-Message-State: AOJu0YyAUrYmADgc/KKAQ+C71WO4gH1c9Qqy0l7LoLBUb9OXWIMu5cMP dWv5m7ybMZLyLCR8AV4zDumeSX4R6Zbm8ViMt6/18MxDyFH9jKh2xxZTx8KdT+d6Q3ZHFbzw3QV e X-Gm-Gg: ASbGncskyRgjFoJ8Ckd1nft27OrQkLppmFi2alST3ThGD1HKzDCpu3Qb7e8lMYjG5Ok slohjF2n0V8oAMIIV0qEbRnQbGET+/ZpI0wxEwC3yP6E5J9D57b1a0ty6msoLeAIO0mswdcIxXl DTCQETA+KMhrJDj4prKsgx2/jCdSeoQPCQdyiiCIB4kOibIA5r62yh6dqcDY1EEUyUEo5dknO1w DRJ48fxF6vOxkiMNxTBP124v91WXhV0Kqqh48hbOqDYgjLhaJau4V5uDZ/O4AHFzC8hWc4Tsgpi objOi/u5DC5cn5YPoaN4aLN1r6/nWHGpkCY= X-Google-Smtp-Source: AGHT+IGsQWZDJ2K6C3K8FHkYLEkAHl041L6JXNaCCZLP4TFJOK/3WBZb6KwQnPSzy9+5SIoOk3J8LA== X-Received: by 2002:a05:6a20:d806:b0:1ee:b8bc:3d2e with SMTP id adf61e73a8af0-1f58caf4cabmr14900156637.8.1741809378306; Wed, 12 Mar 2025 12:56:18 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:18 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 14/28] grub: patch CVE-2025-0622 Date: Wed, 12 Mar 2025 12:55:35 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212708 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2025-0622-01.patch | 35 ++++++++++++++++ .../grub/files/CVE-2025-0622-02.patch | 41 +++++++++++++++++++ .../grub/files/CVE-2025-0622-03.patch | 38 +++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 3 ++ 4 files changed, 117 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-01.patch create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-02.patch create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-03.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2025-0622-01.patch b/meta/recipes-bsp/grub/files/CVE-2025-0622-01.patch new file mode 100644 index 0000000000..09dbfce5f8 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2025-0622-01.patch @@ -0,0 +1,35 @@ +From 2123c5bca7e21fbeb0263df4597ddd7054700726 Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Fri, 1 Nov 2024 19:24:29 +0000 +Subject: [PATCH 1/3] commands/pgp: Unregister the "check_signatures" hooks on + module unload + +If the hooks are not removed they can be called after the module has +been unloaded leading to an use-after-free. + +Fixes: CVE-2025-0622 + +Reported-by: B Horn +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +CVE: CVE-2025-0622 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=2123c5bca7e21fbeb0263df4597ddd7054700726] +Signed-off-by: Peter Marko +--- + grub-core/commands/pgp.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c +index c6766f044..5fadc33c4 100644 +--- a/grub-core/commands/pgp.c ++++ b/grub-core/commands/pgp.c +@@ -1010,6 +1010,8 @@ GRUB_MOD_INIT(pgp) + + GRUB_MOD_FINI(pgp) + { ++ grub_register_variable_hook ("check_signatures", NULL, NULL); ++ grub_env_unset ("check_signatures"); + grub_verifier_unregister (&grub_pubkey_verifier); + grub_unregister_extcmd (cmd); + grub_unregister_extcmd (cmd_trust); diff --git a/meta/recipes-bsp/grub/files/CVE-2025-0622-02.patch b/meta/recipes-bsp/grub/files/CVE-2025-0622-02.patch new file mode 100644 index 0000000000..be01da3355 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2025-0622-02.patch @@ -0,0 +1,41 @@ +From 9c16197734ada8d0838407eebe081117799bfe67 Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Fri, 1 Nov 2024 23:46:55 +0000 +Subject: [PATCH 2/3] normal: Remove variables hooks on module unload + +The normal module does not entirely cleanup after itself in +its GRUB_MOD_FINI() leaving a few variables hooks in place. +It is not possible to unload normal module now but fix the +issues for completeness. + +On the occasion replace 0s with NULLs for "pager" variable +hooks unregister. + +Fixes: CVE-2025-0622 + +Reported-by: B Horn +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +CVE: CVE-2025-0622 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9c16197734ada8d0838407eebe081117799bfe67] +Signed-off-by: Peter Marko +--- + grub-core/normal/main.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c +index 838f57fa5..04d058f55 100644 +--- a/grub-core/normal/main.c ++++ b/grub-core/normal/main.c +@@ -582,7 +582,9 @@ GRUB_MOD_FINI(normal) + grub_xputs = grub_xputs_saved; + + grub_set_history (0); +- grub_register_variable_hook ("pager", 0, 0); ++ grub_register_variable_hook ("pager", NULL, NULL); ++ grub_register_variable_hook ("color_normal", NULL, NULL); ++ grub_register_variable_hook ("color_highlight", NULL, NULL); + grub_fs_autoload_hook = 0; + grub_unregister_command (cmd_clear); + } diff --git a/meta/recipes-bsp/grub/files/CVE-2025-0622-03.patch b/meta/recipes-bsp/grub/files/CVE-2025-0622-03.patch new file mode 100644 index 0000000000..79078a4350 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2025-0622-03.patch @@ -0,0 +1,38 @@ +From 7580addfc8c94cedb0cdfd7a1fd65b539215e637 Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Fri, 1 Nov 2024 23:52:06 +0000 +Subject: [PATCH 3/3] gettext: Remove variables hooks on module unload + +The gettext module does not entirely cleanup after itself in +its GRUB_MOD_FINI() leaving a few variables hooks in place. +It is not possible to unload gettext module because normal +module depends on it. Though fix the issues for completeness. + +Fixes: CVE-2025-0622 + +Reported-by: B Horn +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +CVE: CVE-2025-0622 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=7580addfc8c94cedb0cdfd7a1fd65b539215e637] +Signed-off-by: Peter Marko +--- + grub-core/gettext/gettext.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c +index 7a1c14e4f..e4f4f8ee6 100644 +--- a/grub-core/gettext/gettext.c ++++ b/grub-core/gettext/gettext.c +@@ -535,6 +535,10 @@ GRUB_MOD_INIT (gettext) + + GRUB_MOD_FINI (gettext) + { ++ grub_register_variable_hook ("locale_dir", NULL, NULL); ++ grub_register_variable_hook ("secondary_locale_dir", NULL, NULL); ++ grub_register_variable_hook ("lang", NULL, NULL); ++ + grub_gettext_delete_list (&main_context); + grub_gettext_delete_list (&secondary_context); + diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 0378d5ee72..3c8860948c 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -27,6 +27,9 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2025-0624.patch \ file://CVE-2024-45774.patch \ file://CVE-2024-45775.patch \ + file://CVE-2025-0622-01.patch \ + file://CVE-2025-0622-02.patch \ + file://CVE-2025-0622-03.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:36 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58865 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91771C35FF1 for ; Wed, 12 Mar 2025 19:56:27 +0000 (UTC) Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by mx.groups.io with SMTP id smtpd.web10.4561.1741809381904640800 for ; Wed, 12 Mar 2025 12:56:21 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=JxtYgTnS; spf=softfail (domain: sakoman.com, ip: 209.85.214.173, mailfrom: steve@sakoman.com) Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-22401f4d35aso4633845ad.2 for ; Wed, 12 Mar 2025 12:56:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809381; x=1742414181; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=01BfnFctnzUzL7xhjNoXRVdzWijj1LaOv/5VT1VEaRU=; b=JxtYgTnSMnJZs3c+iGH57undmVQCcK/QDUcLIMko8E+Jp2B4ZhjcQQALsXvUozRoUH A8bjWlDL2SBVod7EsvZM0geeNPEb2M1YYOzGwkau5Hn5t7iJq2Xn6q2HZwee8pEBeN+3 uqNf9mLqCHO3fYErhS9wd4LWWY8lEPe9bxYzNmDN75QBVzusU0ZrNHZHlR28w1/7zGsU Os7hLCH/xxUxVCHvu6ot/s/LYt1YqCyIU+s76lQVrUo+i/piKAvazeGpZviZOZoPq2jJ 2Y94TZ2ZW+9HIqOj/DTeZwMkujldXs/WrNH86LAiXbSoTDQarwvTZhTgIQPEizAhsTiS 8XbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809381; x=1742414181; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=01BfnFctnzUzL7xhjNoXRVdzWijj1LaOv/5VT1VEaRU=; b=Y2vcrAzgFsHvzXZObqjsxgzG+MS9NV/6jzYa/4KZWAiuXx+E8KnCYYT5KE8LTrHVrp ulSlpJ63TyQ8P87QmLHv2zRhbxEuo4YI6OD+hMuXB3FuU7pmO8sz8WOTW38jvsup84vH ax6idoC1ZGgQQZh/E1+rT55b+/04AQmHCU4YLRJY+qX0FFYLMP1MmZc4A/CZYWSMYc/D SYVfwjwoK9oNoGxv2n/G05pU7S7/kdlNFFbWNP/4euqQU4Hb3zpCBwRbM0y3Yc6GrZUE ZJvwpnL5LBwl/U+1JaArLd7LsHR3ZR5SXoVVXd7fvcU6eyTgqbNX7os9MOGi60c0NQKQ /WFg== X-Gm-Message-State: AOJu0Yw7arb5xR4u94gvtpXVz3mx91WW7cjg0wrvkLrlehRXfrKW/6qS WRTRXZddtb9uotrWsPXHbSz+R5OhjHhXNZW+ed2pSIetODyZDITSOVvBG3/CI6Zry6NI9TknGM0 / X-Gm-Gg: ASbGncubAD9qDPHvFAINRDisHnQTWE/Urb6Z75iLhzNp9h6mTnhDMCokuGMXyUHK7tP JLuyDDFfSnG6nlyVc3gvuvf3mVtlCCoIAf4955zCMCq86195VAdC0V6Q50X/6gY1BHrDXfeRM+w ucYvExzzkU7/spHpcyU6ocwMFj2/ccjKQHfsAEMVj0ulouGE05kqywf8tTQCRhwH4WB0k6cixl5 cTl+MXMNndBVNAO6aW7MHebjOR12pZRdTLEhAY8LXOS0HCZAVUABpnLUWxOH1tqPprWLmnkyCSc oatDwrSD7OZqd31IDE8l69+HVn5dNq7CDa8= X-Google-Smtp-Source: AGHT+IGpHVTxRXHwcCDSE2HcYLdKoKWwvEWIfc03Zl8t604fInwQBErlxFbz0fhP7Vn1MkyT5dh0cA== X-Received: by 2002:a05:6a20:ce4b:b0:1ee:e96a:d9ed with SMTP id adf61e73a8af0-1f58cad4a5dmr14187775637.7.1741809379744; Wed, 12 Mar 2025 12:56:19 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:19 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 15/28] grub: patch CVE-2024-45776 Date: Wed, 12 Mar 2025 12:55:36 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212709 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2024-45776.patch | 39 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 40 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45776.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45776.patch b/meta/recipes-bsp/grub/files/CVE-2024-45776.patch new file mode 100644 index 0000000000..8deea958b8 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45776.patch @@ -0,0 +1,39 @@ +From 09bd6eb58b0f71ec273916070fa1e2de16897a91 Mon Sep 17 00:00:00 2001 +From: Lidong Chen +Date: Fri, 22 Nov 2024 06:27:56 +0000 +Subject: [PATCH] gettext: Integer overflow leads to heap OOB write or read + +Calculation of ctx->grub_gettext_msg_list size in grub_mofile_open() may +overflow leading to subsequent OOB write or read. This patch fixes the +issue by replacing grub_zalloc() and explicit multiplication with +grub_calloc() which does the same thing in safe manner. + +Fixes: CVE-2024-45776 + +Reported-by: Nils Langius +Signed-off-by: Lidong Chen +Reviewed-by: Daniel Kiper +Reviewed-by: Alec Brown + +CVE: CVE-2024-45776 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=09bd6eb58b0f71ec273916070fa1e2de16897a91] +Signed-off-by: Peter Marko +--- + grub-core/gettext/gettext.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c +index e4f4f8ee6..63bb1ab73 100644 +--- a/grub-core/gettext/gettext.c ++++ b/grub-core/gettext/gettext.c +@@ -323,8 +323,8 @@ grub_mofile_open (struct grub_gettext_context *ctx, + for (ctx->grub_gettext_max_log = 0; ctx->grub_gettext_max >> ctx->grub_gettext_max_log; + ctx->grub_gettext_max_log++); + +- ctx->grub_gettext_msg_list = grub_zalloc (ctx->grub_gettext_max +- * sizeof (ctx->grub_gettext_msg_list[0])); ++ ctx->grub_gettext_msg_list = grub_calloc (ctx->grub_gettext_max, ++ sizeof (ctx->grub_gettext_msg_list[0])); + if (!ctx->grub_gettext_msg_list) + { + grub_file_close (fd); diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 3c8860948c..e4dca6613c 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -30,6 +30,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2025-0622-01.patch \ file://CVE-2025-0622-02.patch \ file://CVE-2025-0622-03.patch \ + file://CVE-2024-45776.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:37 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58864 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9A142C35FF2 for ; Wed, 12 Mar 2025 19:56:27 +0000 (UTC) Received: from mail-pj1-f48.google.com (mail-pj1-f48.google.com [209.85.216.48]) by mx.groups.io with SMTP id smtpd.web10.4562.1741809382102474856 for ; Wed, 12 Mar 2025 12:56:22 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=n0QTno5s; spf=softfail (domain: sakoman.com, ip: 209.85.216.48, mailfrom: steve@sakoman.com) Received: by mail-pj1-f48.google.com with SMTP id 98e67ed59e1d1-2ff6ae7667dso632843a91.0 for ; Wed, 12 Mar 2025 12:56:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809381; x=1742414181; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=jDZZDwW1eMZ3z1M58WPbv0FrrbMdrP6OXFRNwKq4tSY=; b=n0QTno5s0l70I62rcONok3n9132kd8AA5hSsiLiADs8ia1r74L6gKZa68aKnn9OH8w 2UhwjKOOVXevKQUGaFBXtwohxWZwL/Fu3GKPEorhkDMvS9fxZg7N6eLDydHBhOYJMIrj Z2E7IHqXPCUQ6yptkGhuB2QSn9d1/Wqx1Sm2yy2ifYW7Z3z8c1F0rqJ7d0YEvrivlnaY M1C7AsyYWI0c+rMi/ryRO7FAS/sYWLP9PuZ86dwozjjxlQKSs8wr1AISTlr4bwqftR4s Uh43nwMm4YnEF6ts0juzXG3EGVef+EI22OvgD08GcvXuykV/l76cf9q4Z1aqH3cooJwD 2pWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809381; x=1742414181; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jDZZDwW1eMZ3z1M58WPbv0FrrbMdrP6OXFRNwKq4tSY=; b=DkKB/YfaMyMwOlvoR1/3yxJ7OFThUpdyT2e25fMt4TJ4A8Jve8lc1qDp3zSxBS8Il7 g32BkAIWUBGsT8zJgIc2L0hLprqG8G7bQhSrP88jy+iyX/qjcR6p1m3z1MrxTczZJZSq 3yrxw8a2tsPSWVyjC3ojdxM6qHMcXgsdkkljiUNEuNOLf/pTvxa/Y++2BmD54GA4hOUk 9BI9lFAXucsOExdXnhC3RiuHjGwbJLcoWdGp/GUVuly4elSJTCor96ueGjueYPIhcelT 6bG37sz3FkGkjL6xe7zBNDnvatQTSNqA7qsyu3r6ZV+Mo5JjGzw2TIeySvjECME0iRYl KJnA== X-Gm-Message-State: AOJu0YwXKoBlYGJCis0GBfdXhKXHqDhGe6Gk5ZcYYz7JcXh9maMHz44o VOgt0SH2GUOS9+VBXUmNGA8yPhFb2kYMdZvM4nnFJIvyzKIWWBfW2tcL5eKvGbXtm9IIEOF+n4m / X-Gm-Gg: ASbGncsD/3af8KtPG0TYTQtJy4c24wnKITWDMwA0AxUo5OH3Qo/uNaq5RtN5GJcXqHb PRgTd07oOkeqouE2Hfyjwex4TH9VGJ5uFiHy3uNG/x9LrnCZlvzeCkLCVx4096cvEv5Ntcb+LiZ zk0Qa0zipa/xFgD3WxTEZBtCA/vvWebGdh+HNXp0TdzcU6VmSDHv/2uLUhxwRaZoQRZqczNvWmM fnrZNWZSXhGoBDYL3ng00uAWDM45i7+JqNeUpUefSkAxPrNvoslCPvSmmtTrrwJQT+MlhclU8xo QPUtj4hGkbUA0Y+kCHDZs3jiD1jpywDqe3Q= X-Google-Smtp-Source: AGHT+IGqXfmk+eqtJZtUbsoGYd8xboGTWMnObLWI7JFmE4T/laWui+Jv3d9pYQdry+kfTCGKgfX+vA== X-Received: by 2002:a05:6a20:6f88:b0:1f3:2c55:8d8a with SMTP id adf61e73a8af0-1f544aedaebmr33823842637.12.1741809381353; Wed, 12 Mar 2025 12:56:21 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:21 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 16/28] grub: patch CVE-2024-45777 Date: Wed, 12 Mar 2025 12:55:37 -0700 Message-ID: <2ec4bcda16b92cabf7cf5cb7c68cbe45da269364.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212710 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2024-45777.patch | 57 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 58 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45777.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45777.patch b/meta/recipes-bsp/grub/files/CVE-2024-45777.patch new file mode 100644 index 0000000000..0305a95fd5 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45777.patch @@ -0,0 +1,57 @@ +From b970a5ed967816bbca8225994cd0ee2557bad515 Mon Sep 17 00:00:00 2001 +From: Lidong Chen +Date: Fri, 22 Nov 2024 06:27:57 +0000 +Subject: [PATCH] gettext: Integer overflow leads to heap OOB write + +The size calculation of the translation buffer in +grub_gettext_getstr_from_position() may overflow +to 0 leading to heap OOB write. This patch fixes +the issue by using grub_add() and checking for +an overflow. + +Fixes: CVE-2024-45777 + +Reported-by: Nils Langius +Signed-off-by: Lidong Chen +Reviewed-by: Daniel Kiper +Reviewed-by: Alec Brown + +CVE: CVE-2024-45777 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b970a5ed967816bbca8225994cd0ee2557bad515] +Signed-off-by: Peter Marko +--- + grub-core/gettext/gettext.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c +index 63bb1ab73..9ffc73428 100644 +--- a/grub-core/gettext/gettext.c ++++ b/grub-core/gettext/gettext.c +@@ -26,6 +26,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -99,6 +100,7 @@ grub_gettext_getstr_from_position (struct grub_gettext_context *ctx, + char *translation; + struct string_descriptor desc; + grub_err_t err; ++ grub_size_t alloc_sz; + + internal_position = (off + position * sizeof (desc)); + +@@ -109,7 +111,10 @@ grub_gettext_getstr_from_position (struct grub_gettext_context *ctx, + length = grub_cpu_to_le32 (desc.length); + offset = grub_cpu_to_le32 (desc.offset); + +- translation = grub_malloc (length + 1); ++ if (grub_add (length, 1, &alloc_sz)) ++ return NULL; ++ ++ translation = grub_malloc (alloc_sz); + if (!translation) + return NULL; + diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index e4dca6613c..fb33c2bd98 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -31,6 +31,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2025-0622-02.patch \ file://CVE-2025-0622-03.patch \ file://CVE-2024-45776.patch \ + file://CVE-2024-45777.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:38 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58866 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A989BC2BA1B for ; Wed, 12 Mar 2025 19:56:27 +0000 (UTC) Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) by mx.groups.io with SMTP id smtpd.web10.4563.1741809383605079613 for ; Wed, 12 Mar 2025 12:56:23 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=H6CS6iKl; spf=softfail (domain: sakoman.com, ip: 209.85.214.180, mailfrom: steve@sakoman.com) Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-224191d92e4so4663115ad.3 for ; Wed, 12 Mar 2025 12:56:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809383; x=1742414183; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=qqOaiilGoEFE7Rfbl+anfrPqnTYE6HjeRpWvb9c9JY0=; b=H6CS6iKl7xmJCGWq9ubNg//cFzz8EUpb34Txy6Bf8XbxMNh+Ow/U6FGm7a8JMtX0iF 2LSmpFkTAgDNCVBw5liuKAvykFlE6ElrW2mVrrhb1F3bpUq4UKi+6al+YIGCBdG+gJz/ 87evXPyZBZmQgHuIvVjSQpv5iSy3RIYKyP32PoILB8iPFTKQbitl7cO+VOmC4lBYH7n3 P1K1AP1UvMCRevGThJDtPhTU2bIEF5RrVfWWsbRb4XPkMJzXhB6JDoCGDY4JTfaiLgwi +R20WGGTkjZtVXE3k3Io8BRHDfYc9PhlnTmSDznOZJ/yEol5p9Bv+MuK3beBj/3mouOo VH0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809383; x=1742414183; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qqOaiilGoEFE7Rfbl+anfrPqnTYE6HjeRpWvb9c9JY0=; b=L/8P/tjlL7wWwv7WZQ5TUe5Dm4ZSZw3pNCaikyMRa+Cv4qEBD9tZJ4FQ0rLwTgC1Ge RAjBoICV2RpBhmrShLm80PNUcvV/YIWHmjwcCZQhm2FL0JPEUKhTST++oClAnuEvIUAy VOFCxxNUuPC7IkyFUfnjpFirXZXfrPUaInWTAiZlDQtU1yKWFvQneUrQUkNXed4LXRCb 6VkAvOQdMvlw4uOrtkqT2+DsGVSZNfEkW1Q2X5EfYos9bQDXNoq2XGB8FlXuL9rqsv4G e7x9qtP1H8Hj40S3tC9iUufolM02TW4bGlvfANRK4X2q7NQOnTV1O/vRMGAuP0stH6zR F7Ew== X-Gm-Message-State: AOJu0YyOjGySyZtfskh7K+6DXaeSNtu/T0OyXqNiHASRBr26YLrJVwH4 5ZyvY4bD7sPoY/o3gt3bVKU1QgH1FYClDXqepdyH7aqWhhaq9Gc6nKoqrUqbkVrBpZbOypCxh+e F X-Gm-Gg: ASbGncvPCvoMXAM8bhD8vUU6+egUiTskQIiC26G9hFovKwGLr6VUHWknRSRPNgxiMfh 4yKXzoAgum7+nh9fX6rFA6tB7zoXY/xZ/GFA6wVWetuV9X1EcQYPFNRSPkJu/d1DNrK4TPooGt0 OOeluS/w3trcTAWU7mkVe5oc6pbHop84p4HL7FuBK5PzvX/MVOY9+YM1W7jC1E+I1ho/dcD6ExB 5sxvx/wu/Cc9gGAXsVYAmMMt7eYSCMQEgzw7xJKWrK0SlqXr5is9EPOTS5kwuXDEmQHkKWHx6Qn Fs04aHs8tuUkZPPkNBrmjQIONCbqEpnfHVA= X-Google-Smtp-Source: AGHT+IGNDl+8wROx01l2De/pevBgokN5tTaZTyIe/4CGB0dqujSRWxGO+6qqxDfS5Ky8uZ9/WBrh1w== X-Received: by 2002:a05:6a21:6011:b0:1f5:8714:8147 with SMTP id adf61e73a8af0-1f587149dbemr16938009637.23.1741809382843; Wed, 12 Mar 2025 12:56:22 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:22 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 17/28] grub: patch CVE-2025-0690 Date: Wed, 12 Mar 2025 12:55:38 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212711 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2025-0690.patch | 73 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 74 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0690.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2025-0690.patch b/meta/recipes-bsp/grub/files/CVE-2025-0690.patch new file mode 100644 index 0000000000..be585c96ad --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2025-0690.patch @@ -0,0 +1,73 @@ +From dad8f502974ed9ad0a70ae6820d17b4b142558fc Mon Sep 17 00:00:00 2001 +From: Jonathan Bar Or +Date: Thu, 23 Jan 2025 19:17:05 +0100 +Subject: [PATCH] commands/read: Fix an integer overflow when supplying more + than 2^31 characters + +The grub_getline() function currently has a signed integer variable "i" +that can be overflown when user supplies more than 2^31 characters. +It results in a memory corruption of the allocated line buffer as well +as supplying large negative values to grub_realloc(). + +Fixes: CVE-2025-0690 + +Reported-by: Jonathan Bar Or +Signed-off-by: Jonathan Bar Or +Reviewed-by: Daniel Kiper + +CVE: CVE-2025-0690 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=dad8f502974ed9ad0a70ae6820d17b4b142558fc] +Signed-off-by: Peter Marko +--- + grub-core/commands/read.c | 19 +++++++++++++++---- + 1 file changed, 15 insertions(+), 4 deletions(-) + +diff --git a/grub-core/commands/read.c b/grub-core/commands/read.c +index 597c90706..8d72e45c9 100644 +--- a/grub-core/commands/read.c ++++ b/grub-core/commands/read.c +@@ -25,6 +25,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -37,13 +38,14 @@ static const struct grub_arg_option options[] = + static char * + grub_getline (int silent) + { +- int i; ++ grub_size_t i; + char *line; + char *tmp; + int c; ++ grub_size_t alloc_size; + + i = 0; +- line = grub_malloc (1 + i + sizeof('\0')); ++ line = grub_malloc (1 + sizeof('\0')); + if (! line) + return NULL; + +@@ -59,8 +61,17 @@ grub_getline (int silent) + line[i] = (char) c; + if (!silent) + grub_printf ("%c", c); +- i++; +- tmp = grub_realloc (line, 1 + i + sizeof('\0')); ++ if (grub_add (i, 1, &i)) ++ { ++ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected")); ++ return NULL; ++ } ++ if (grub_add (i, 1 + sizeof('\0'), &alloc_size)) ++ { ++ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected")); ++ return NULL; ++ } ++ tmp = grub_realloc (line, alloc_size); + if (! tmp) + { + grub_free (line); diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index fb33c2bd98..af6f434c5f 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -32,6 +32,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2025-0622-03.patch \ file://CVE-2024-45776.patch \ file://CVE-2024-45777.patch \ + file://CVE-2025-0690.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:39 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58867 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id AA709C35FF3 for ; Wed, 12 Mar 2025 19:56:27 +0000 (UTC) Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) by mx.groups.io with SMTP id smtpd.web10.4564.1741809384959341163 for ; Wed, 12 Mar 2025 12:56:25 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=cZbrMrpo; spf=softfail (domain: sakoman.com, ip: 209.85.216.49, mailfrom: steve@sakoman.com) Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-2ff6a98c638so651773a91.0 for ; Wed, 12 Mar 2025 12:56:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809384; x=1742414184; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=UfeTsJ5mdzgTAnl7ddV+3ek1P6VCIp6nUgxzCWtjUW8=; b=cZbrMrpoI9JrJ+i/sYiNY+9zqzILht7E51PDGbcLVgxbFndRv+/8JdfPgiK8YFrO0g LfN3nlGK+g0tNCJQM8F7MeEDhBgY9ivNTNBsvmtoSZ8rZrjUqiZ5gPFIA6+8IbMvWUcU D3WzgQRcVMbdoB8f/OIdNz76OtNR4HPSS1ztZRVA2uXrv3KSExa/38c1X2veIfbvzwNm EerB9Qny0W7rg9nqd5qQ/FhoIDanJSXsp0LZSpvxmKVMmxElplLb7RzbrEC5Ju6Y2IMr MYiVz9T2rVa/x5nl+QfRmhyK2HQGJ2Xo4ehvfxcZTtBWMWKkuYlcXwUK2VfHhYab4Fe+ uRZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809384; x=1742414184; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UfeTsJ5mdzgTAnl7ddV+3ek1P6VCIp6nUgxzCWtjUW8=; b=s/ejXeB3wu3oigwSWDx+QOjTnmVhPBDtFQn/7LnycVlhOLv+594NVQ3xhxsFs2lsvE 09+Y5IDGfCu/quhHIrH5ngTNZu3v/pnkTzzeGa9iO6x6qH35SSLo1Hy4hKK5RjUmQDhj 6/evge5wNU8Pm6urs3yRF2T3BU/UE9YCY1MsN08Zr/l8RukTgpcE/SpZarwi9WbOK9QZ g7b4ThZUxUQOjdxDbTv1k91N0mDJ0jx/bL6ym5el97M8vKCHRzVZJOh0LG9iJCOVg8su k/jGQm9/AU5fdURUubMsKMVioSnWMQMvOljiLFcwWlCxnJ4vomjWu1eYi6fIa1tJZ1QB VF2g== X-Gm-Message-State: AOJu0YzzuKwpRd794UUuqYmbWc6TEDYCH5He/U8VAY15U7SDsUuYSSh7 bHwg+mPRiznESbyvMIMlrAWSC8kiV9YlXO8R41742PDz/4E7C3VbWRPyClZPi2FX4pDC8A0oo1Q K X-Gm-Gg: ASbGncu4TVeDtre8LkIla3ebjw2OC35YgOpV9J0LV7s8DBXFwjwuSze+ogzWAKPi6aU M4HbDmspeFGo2E6rA6i0Z35pWbIfZxPSn3rnSw9CXEZFYfMF0oFic67P//QmIFPRsJus/WZCLnw GI+t7fY5kOdCBx7ME2HzTbi8y9nrqLkJ/hlezg2jnsz0s02OHHuo5ThjdWFuq3Bmq02TZqVzjJd q/cL8zvbaQYLX2apgMr3FlRDaUkoYp6SkqufCiKBwtkQ2HtVn9VmwbaIcKmNeSwB9J7Sx5JcuXP ZzHKqlz4eLsixAhQufW9Fde7A3thKpj3Awo= X-Google-Smtp-Source: AGHT+IFZVM2TAllvu+tgTM286NisU8fUJdRcrRuBWcvRqcwxvzZuGwi3IXT2OElk8b/+XCAqwQknTA== X-Received: by 2002:a05:6a20:9c92:b0:1f5:92ac:d6b7 with SMTP id adf61e73a8af0-1f592acd7fcmr10490720637.4.1741809384256; Wed, 12 Mar 2025 12:56:24 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:23 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 18/28] grub: patch CVE-2025-1118 Date: Wed, 12 Mar 2025 12:55:39 -0700 Message-ID: <77abb78b5d4dd0e54b656170c03ac68b919b8784.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212712 From: Peter Marko Cherry-pick patch mentioning this CVE. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2025-1118.patch | 37 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-1118.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2025-1118.patch b/meta/recipes-bsp/grub/files/CVE-2025-1118.patch new file mode 100644 index 0000000000..e6906d909c --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2025-1118.patch @@ -0,0 +1,37 @@ +From 34824806ac6302f91e8cabaa41308eaced25725f Mon Sep 17 00:00:00 2001 +From: B Horn +Date: Thu, 18 Apr 2024 20:29:39 +0100 +Subject: [PATCH] commands/minicmd: Block the dump command in lockdown mode + +The dump enables a user to read memory which should not be possible +in lockdown mode. + +Fixes: CVE-2025-1118 + +Reported-by: B Horn +Reported-by: Jonathan Bar Or +Signed-off-by: B Horn +Reviewed-by: Daniel Kiper + +CVE: CVE-2025-1118 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=34824806ac6302f91e8cabaa41308eaced25725f] +Signed-off-by: Peter Marko +--- + grub-core/commands/minicmd.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/grub-core/commands/minicmd.c b/grub-core/commands/minicmd.c +index 286290866..8c5ee3e60 100644 +--- a/grub-core/commands/minicmd.c ++++ b/grub-core/commands/minicmd.c +@@ -203,8 +203,8 @@ GRUB_MOD_INIT(minicmd) + grub_register_command ("help", grub_mini_cmd_help, + 0, N_("Show this message.")); + cmd_dump = +- grub_register_command ("dump", grub_mini_cmd_dump, +- N_("ADDR [SIZE]"), N_("Show memory contents.")); ++ grub_register_command_lockdown ("dump", grub_mini_cmd_dump, ++ N_("ADDR [SIZE]"), N_("Show memory contents.")); + cmd_rmmod = + grub_register_command ("rmmod", grub_mini_cmd_rmmod, + N_("MODULE"), N_("Remove a module.")); diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index af6f434c5f..dbceaf9931 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -33,6 +33,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2024-45776.patch \ file://CVE-2024-45777.patch \ file://CVE-2025-0690.patch \ + file://CVE-2025-1118.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:40 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58868 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7A7FC35FF5 for ; Wed, 12 Mar 2025 19:56:27 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web11.4764.1741809386403064878 for ; Wed, 12 Mar 2025 12:56:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=X9pIMQSK; spf=softfail (domain: sakoman.com, ip: 209.85.214.181, mailfrom: steve@sakoman.com) Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-2239c066347so4677585ad.2 for ; Wed, 12 Mar 2025 12:56:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809386; x=1742414186; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=OO+MqLQvTB6vyzMl1J0lxHzxYWly6GZ6GSOjUZWomeQ=; b=X9pIMQSKdR6cTCzhiTT3uzatGe9IkpKXOjH/3Pg/zf7DPvY0EC8BrqA3gZUvHZkp91 /ei5YuuKhF2A+M2KmFpXdj16fLhjl+AC3RmjlAFyYTieYAH3YrHCovHyB3wBlb41vs4p kv7YgTTOr/6mNpEj3WK7cZ6fOtLgiRDTvXJ5y9Rl+OmctXiRWM+7hapD3ht4j9QyO80b MjV9yvqrABVCGej9+/QFMmMGIbUeCpOvbdfdLbgvqs1H7M7hgFbBz5wYG9tTmC7Shie+ 3PxY73dp0PUOo/pZZLr3XF0QIXVsJGPHIAvAKD7iT6jSh6MzxzxaHEn5hzGwVoagj1yT QTNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809386; x=1742414186; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OO+MqLQvTB6vyzMl1J0lxHzxYWly6GZ6GSOjUZWomeQ=; b=FdU2OB86QPkyokBJeNAibKZ1Ay6tXeQFcvISky8Nzd14Go9kEe4J+RDPHQUsrKJmrS InMRrZ/z+TKofuAY9+0IhuXxuYSz0FWF58KvMhh1ZkfY+tQQk/Y6tN40pzXADyVNPHH6 9TgCRJ+nXExHm7K+uOuAKmvr1SXpimNrqE5ly6Py4Vl7GI+ik1gLI5E0BlvC97oRoonS ogZvQTrCjDHvcKZXW/FBnijgz4D5cSZ7+f63YDp0Qtq0H1wcwoqBXG+LFyvNP8mcI2ED 79yAdwjOUUqZLsbA2QsMz3IuBw5aVzZDpPvL9j0kQs1mzddUz+QHln5R6/72pxtCa32l lQ4w== X-Gm-Message-State: AOJu0YxT3LfG9jEDH5IgbmVGITXfmVTen6PGxNVSmVR3b1p5vm52vtx6 IO3VG4/DsvGioA0KrRvo5ygSDb3fpjv9/N1czLPWATYgffkCawMmxB5qNXJNad/3SzU6Hs2vd9G u X-Gm-Gg: ASbGnctBeHWbrydr82R/dag8bo49Cwtz8dHCqvXRGQZ9zHqlkRsMgqXBDg0Dxd+LKae 22N4Tfbdgm3VRSxZw3YkIFmj0Sj1wUshWNmof2EGGKAAnsEyYbmxBjG1l5AxP8m3gYjsYA+Wn3O 2TedJHFOGkXmvzgWrH9lIV2vS+5o8Q+Hr4A9xH3KJ20XpaMM5mDh7RuDD7ngBZ4r/AtyP1s80EB diWpnDUOdV6cO2FDkoP6mKhLS4+5gBAsekczduL71fpoiyqIEFy7JmTPjvjbB/NpD2bvFJ0hpji v+VZ56DkhdUc5UrKi8rVHxLhF/Xg/tSFSeqfffV68b2rTw== X-Google-Smtp-Source: AGHT+IHu52GPxTztgwxrizz5UiaxRx/atwYHhOtuo/PympDGZOv2UqP6IBAkOe2rHhchqVrnYnxCig== X-Received: by 2002:a05:6a21:6011:b0:1f5:8714:8147 with SMTP id adf61e73a8af0-1f587149dbemr16938183637.23.1741809385649; Wed, 12 Mar 2025 12:56:25 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:25 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 19/28] grub: patch CVE-2024-45778 and CVE-2024-45779 Date: Wed, 12 Mar 2025 12:55:40 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212713 From: Peter Marko Cherry-pick patch mentioning these CVEs. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../files/CVE-2024-45778_CVE-2024-45779.patch | 55 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 56 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45778_CVE-2024-45779.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2024-45778_CVE-2024-45779.patch b/meta/recipes-bsp/grub/files/CVE-2024-45778_CVE-2024-45779.patch new file mode 100644 index 0000000000..eba013897f --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2024-45778_CVE-2024-45779.patch @@ -0,0 +1,55 @@ +From 26db6605036bd9e5b16d9068a8cc75be63b8b630 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Sat, 23 Mar 2024 15:59:43 +1100 +Subject: [PATCH] fs/bfs: Disable under lockdown + +The BFS is not fuzz-clean. Don't allow it to be loaded under lockdown. +This will also disable the AFS. + +Fixes: CVE-2024-45778 +Fixes: CVE-2024-45779 + +Reported-by: Nils Langius +Signed-off-by: Daniel Axtens +Reviewed-by: Daniel Kiper + +CVE: CVE-2024-45778 +CVE: CVE-2024-45779 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=] +Signed-off-by: Peter Marko +--- + grub-core/fs/bfs.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/grub-core/fs/bfs.c b/grub-core/fs/bfs.c +index 022f69fe2..78aeb051f 100644 +--- a/grub-core/fs/bfs.c ++++ b/grub-core/fs/bfs.c +@@ -30,6 +30,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -1106,7 +1107,10 @@ GRUB_MOD_INIT (bfs) + { + COMPILE_TIME_ASSERT (1 << LOG_EXTENT_SIZE == + sizeof (struct grub_bfs_extent)); +- grub_fs_register (&grub_bfs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_bfs_fs); ++ } + } + + #ifdef MODE_AFS +@@ -1115,5 +1119,6 @@ GRUB_MOD_FINI (afs) + GRUB_MOD_FINI (bfs) + #endif + { +- grub_fs_unregister (&grub_bfs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_bfs_fs); + } diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index dbceaf9931..ef16242ed3 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -34,6 +34,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2024-45777.patch \ file://CVE-2025-0690.patch \ file://CVE-2025-1118.patch \ + file://CVE-2024-45778_CVE-2024-45779.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58870 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B11F5C28B28 for ; Wed, 12 Mar 2025 19:56:37 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web11.4767.1741809388254401616 for ; Wed, 12 Mar 2025 12:56:28 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=XWp2YTwJ; spf=softfail (domain: sakoman.com, ip: 209.85.214.176, mailfrom: steve@sakoman.com) Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-224171d6826so4967075ad.3 for ; Wed, 12 Mar 2025 12:56:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809387; x=1742414187; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=UMciZspJfEGczp1hRPm2rmRkqv3Wfx0CKbyugyS9RpY=; b=XWp2YTwJk2+zUOASkf6Jcm3VvskQNm63z7BlICQd3cgVw4ctcrexi9ikgtGfAefoqf YDJEvK0gfwhx+wllvqy4vb69MGL76kY6f8HhIs7XxZkzaQT/N3ay769M0SBLyEmg3Kyl 65O9pdnSYdRJNEOu0mCZBXQsfC6DQjEF9zaSfPkG446igDvZ77Sjo1OMLRJa93bxRWc7 aXI+X7mxwa7q3570Zzlbi7PIHr2O5nWl13R7DcC+faSRQXdffTK+aJ20nn1qIN4GLXgb DugPuvm0lvhJOPYVDgaRX+lf0rc5BNj4TiPwbYhdd60lXZm5GNBPAb+LmQUrn6qzH01H iFwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809387; x=1742414187; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UMciZspJfEGczp1hRPm2rmRkqv3Wfx0CKbyugyS9RpY=; b=Wj0EdleTGAPZbDbsPkJ07sFoVYHpi7e3FtRdIPSqjhEWqHqXBvccGXBiJhEeOfK6mC xhllJuGyQB+se1MBbcTOYKC2ybtb5h6C7l7UkeJYxBwuVT/5rw4Uyp2NsIj9Yx8bQqws Qrke0bIKwLn3bEh2KwoC2m4Hg6aQ3FpPJvqWiwH3RMP6jbQ5wwU1GjMLgCS1NG1le3jC bt9S9VqN4tGRbM1Lv3+IyhqFzKJRXVUK7l00nLux6ZNuEEfpW/CbjXrVbsLUwFapub6K JlAiff44MdXutAVgVAver6r0wc/V6Bgj+BHBS1pVmVeeZRqEFXQELRhbmc2b5ntcjuET DyvQ== X-Gm-Message-State: AOJu0YyExvrMJ0ln6jrBt4NnD9wRobxbZBo3m7FPRJRuuRupKLovVUVv qL/3LWoyQYwO1JEtPjKQ7/CjhOlNXqqVdbibqhtgWuqgAvICUGL42/RIxZ37xF96AP7ZRs8ldcT J X-Gm-Gg: ASbGnctcnMBzwFDOQN6+0u/ip/MR6xHJ96x7zvmCmL8B+Cqdvb1FETonOVWRZ6cI5mA 3UI3MuMCTTObOkVwora/FOc82ggeL36gGeFjV9YrWnv/C3zzm5dUm7utNTcoJtWilxUdVzp4xlK 8mFyeCOzOEZgsXles69degI1MnorO1xYTuJvXYWDQFFq5LfDud8fkU0SVf/KUH43W7Hw/ZKYVcr 6cwLbCcyRkwNIcISylB+wzZSE28kQAkF/mmczBZYVM3PkO4cLBBivjVaE0tJqvz6YH87/a+4GOy uQz3R1QXvjRgODZ5MywyVzIbIY0qY7hH7owlNHdiV0NMdw== X-Google-Smtp-Source: AGHT+IGOWigZcn+Pj5YntAH6ssT9hg6KG8VjoXTp1XyXmbQ/FqUMqs9UZWXHY+PqLgtZuAMuop1twA== X-Received: by 2002:a05:6a21:1519:b0:1f5:7280:1cdb with SMTP id adf61e73a8af0-1f572802b7amr21606698637.16.1741809387338; Wed, 12 Mar 2025 12:56:27 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:26 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 20/28] grub: patch CVE-2025-0677, CVE-2025-0684, CVE-2025-0685, CVE-2025-0686 and CVE-2025-0689 Date: Wed, 12 Mar 2025 12:55:41 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212714 From: Peter Marko Cherry-pick patch mentioning these CVEs. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- ...025-0685_CVE-2025-0686_CVE-2025-0689.patch | 377 ++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 378 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch b/meta/recipes-bsp/grub/files/CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch new file mode 100644 index 0000000000..d5563cecc4 --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch @@ -0,0 +1,377 @@ +From 47b2dfc7953f70f98ddf35dfdd6e7f4f20283b10 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens +Date: Sat, 23 Mar 2024 16:20:45 +1100 +Subject: [PATCH] fs: Disable many filesystems under lockdown + +The idea is to permit the following: btrfs, cpio, exfat, ext, f2fs, fat, +hfsplus, iso9660, squash4, tar, xfs and zfs. + +The JFS, ReiserFS, romfs, UDF and UFS security vulnerabilities were +reported by Jonathan Bar Or . + +Fixes: CVE-2025-0677 +Fixes: CVE-2025-0684 +Fixes: CVE-2025-0685 +Fixes: CVE-2025-0686 +Fixes: CVE-2025-0689 + +Suggested-by: Daniel Axtens +Signed-off-by: Daniel Axtens +Reviewed-by: Daniel Kiper + +CVE: CVE-2025-0677 +CVE: CVE-2025-0684 +CVE: CVE-2025-0685 +CVE: CVE-2025-0686 +CVE: CVE-2025-0689 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=47b2dfc7953f70f98ddf35dfdd6e7f4f20283b10] +Signed-off-by: Peter Marko +--- + grub-core/fs/affs.c | 9 +++++++-- + grub-core/fs/cbfs.c | 9 +++++++-- + grub-core/fs/jfs.c | 9 +++++++-- + grub-core/fs/minix.c | 9 +++++++-- + grub-core/fs/nilfs2.c | 9 +++++++-- + grub-core/fs/ntfs.c | 9 +++++++-- + grub-core/fs/reiserfs.c | 9 +++++++-- + grub-core/fs/romfs.c | 9 +++++++-- + grub-core/fs/sfs.c | 9 +++++++-- + grub-core/fs/udf.c | 9 +++++++-- + grub-core/fs/ufs.c | 9 +++++++-- + 11 files changed, 77 insertions(+), 22 deletions(-) + +diff --git a/grub-core/fs/affs.c b/grub-core/fs/affs.c +index ed606b3f1..352f5d232 100644 +--- a/grub-core/fs/affs.c ++++ b/grub-core/fs/affs.c +@@ -26,6 +26,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -703,11 +704,15 @@ static struct grub_fs grub_affs_fs = + + GRUB_MOD_INIT(affs) + { +- grub_fs_register (&grub_affs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_affs_fs); ++ } + my_mod = mod; + } + + GRUB_MOD_FINI(affs) + { +- grub_fs_unregister (&grub_affs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_affs_fs); + } +diff --git a/grub-core/fs/cbfs.c b/grub-core/fs/cbfs.c +index 8ab7106af..f6349df34 100644 +--- a/grub-core/fs/cbfs.c ++++ b/grub-core/fs/cbfs.c +@@ -26,6 +26,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -390,12 +391,16 @@ GRUB_MOD_INIT (cbfs) + #if (defined (__i386__) || defined (__x86_64__)) && !defined (GRUB_UTIL) && !defined (GRUB_MACHINE_EMU) && !defined (GRUB_MACHINE_XEN) + init_cbfsdisk (); + #endif +- grub_fs_register (&grub_cbfs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_cbfs_fs); ++ } + } + + GRUB_MOD_FINI (cbfs) + { +- grub_fs_unregister (&grub_cbfs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_cbfs_fs); + #if (defined (__i386__) || defined (__x86_64__)) && !defined (GRUB_UTIL) && !defined (GRUB_MACHINE_EMU) && !defined (GRUB_MACHINE_XEN) + fini_cbfsdisk (); + #endif +diff --git a/grub-core/fs/jfs.c b/grub-core/fs/jfs.c +index 6f7c43904..c0bbab8a9 100644 +--- a/grub-core/fs/jfs.c ++++ b/grub-core/fs/jfs.c +@@ -26,6 +26,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -963,11 +964,15 @@ static struct grub_fs grub_jfs_fs = + + GRUB_MOD_INIT(jfs) + { +- grub_fs_register (&grub_jfs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_jfs_fs); ++ } + my_mod = mod; + } + + GRUB_MOD_FINI(jfs) + { +- grub_fs_unregister (&grub_jfs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_jfs_fs); + } +diff --git a/grub-core/fs/minix.c b/grub-core/fs/minix.c +index 5354951d1..c267298b5 100644 +--- a/grub-core/fs/minix.c ++++ b/grub-core/fs/minix.c +@@ -25,6 +25,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -734,7 +735,10 @@ GRUB_MOD_INIT(minix) + #endif + #endif + { +- grub_fs_register (&grub_minix_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_minix_fs); ++ } + my_mod = mod; + } + +@@ -756,5 +760,6 @@ GRUB_MOD_FINI(minix) + #endif + #endif + { +- grub_fs_unregister (&grub_minix_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_minix_fs); + } +diff --git a/grub-core/fs/nilfs2.c b/grub-core/fs/nilfs2.c +index fc7374ead..08abf173f 100644 +--- a/grub-core/fs/nilfs2.c ++++ b/grub-core/fs/nilfs2.c +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -1231,11 +1232,15 @@ GRUB_MOD_INIT (nilfs2) + grub_nilfs2_dat_entry)); + COMPILE_TIME_ASSERT (1 << LOG_INODE_SIZE + == sizeof (struct grub_nilfs2_inode)); +- grub_fs_register (&grub_nilfs2_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_nilfs2_fs); ++ } + my_mod = mod; + } + + GRUB_MOD_FINI (nilfs2) + { +- grub_fs_unregister (&grub_nilfs2_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_nilfs2_fs); + } +diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c +index de435aa14..8cc2ba3d5 100644 +--- a/grub-core/fs/ntfs.c ++++ b/grub-core/fs/ntfs.c +@@ -27,6 +27,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -1320,11 +1321,15 @@ static struct grub_fs grub_ntfs_fs = + + GRUB_MOD_INIT (ntfs) + { +- grub_fs_register (&grub_ntfs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_ntfs_fs); ++ } + my_mod = mod; + } + + GRUB_MOD_FINI (ntfs) + { +- grub_fs_unregister (&grub_ntfs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_ntfs_fs); + } +diff --git a/grub-core/fs/reiserfs.c b/grub-core/fs/reiserfs.c +index 36b26ac98..cdef2eba0 100644 +--- a/grub-core/fs/reiserfs.c ++++ b/grub-core/fs/reiserfs.c +@@ -39,6 +39,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -1417,11 +1418,15 @@ static struct grub_fs grub_reiserfs_fs = + + GRUB_MOD_INIT(reiserfs) + { +- grub_fs_register (&grub_reiserfs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_reiserfs_fs); ++ } + my_mod = mod; + } + + GRUB_MOD_FINI(reiserfs) + { +- grub_fs_unregister (&grub_reiserfs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_reiserfs_fs); + } +diff --git a/grub-core/fs/romfs.c b/grub-core/fs/romfs.c +index 1f7dcfca1..acf8dd21e 100644 +--- a/grub-core/fs/romfs.c ++++ b/grub-core/fs/romfs.c +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -475,10 +476,14 @@ static struct grub_fs grub_romfs_fs = + + GRUB_MOD_INIT(romfs) + { +- grub_fs_register (&grub_romfs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_romfs_fs); ++ } + } + + GRUB_MOD_FINI(romfs) + { +- grub_fs_unregister (&grub_romfs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_romfs_fs); + } +diff --git a/grub-core/fs/sfs.c b/grub-core/fs/sfs.c +index 983e88008..f64bdd2df 100644 +--- a/grub-core/fs/sfs.c ++++ b/grub-core/fs/sfs.c +@@ -26,6 +26,7 @@ + #include + #include + #include ++#include + #include + + GRUB_MOD_LICENSE ("GPLv3+"); +@@ -779,11 +780,15 @@ static struct grub_fs grub_sfs_fs = + + GRUB_MOD_INIT(sfs) + { +- grub_fs_register (&grub_sfs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_sfs_fs); ++ } + my_mod = mod; + } + + GRUB_MOD_FINI(sfs) + { +- grub_fs_unregister (&grub_sfs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_sfs_fs); + } +diff --git a/grub-core/fs/udf.c b/grub-core/fs/udf.c +index b836e6107..a60643be1 100644 +--- a/grub-core/fs/udf.c ++++ b/grub-core/fs/udf.c +@@ -27,6 +27,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -1455,11 +1456,15 @@ static struct grub_fs grub_udf_fs = { + + GRUB_MOD_INIT (udf) + { +- grub_fs_register (&grub_udf_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_udf_fs); ++ } + my_mod = mod; + } + + GRUB_MOD_FINI (udf) + { +- grub_fs_unregister (&grub_udf_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_udf_fs); + } +diff --git a/grub-core/fs/ufs.c b/grub-core/fs/ufs.c +index 01235101b..6b496e7b8 100644 +--- a/grub-core/fs/ufs.c ++++ b/grub-core/fs/ufs.c +@@ -25,6 +25,7 @@ + #include + #include + #include ++#include + + GRUB_MOD_LICENSE ("GPLv3+"); + +@@ -899,7 +900,10 @@ GRUB_MOD_INIT(ufs1) + #endif + #endif + { +- grub_fs_register (&grub_ufs_fs); ++ if (!grub_is_lockdown ()) ++ { ++ grub_fs_register (&grub_ufs_fs); ++ } + my_mod = mod; + } + +@@ -913,6 +917,7 @@ GRUB_MOD_FINI(ufs1) + #endif + #endif + { +- grub_fs_unregister (&grub_ufs_fs); ++ if (!grub_is_lockdown ()) ++ grub_fs_unregister (&grub_ufs_fs); + } + diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index ef16242ed3..f34b5ee50e 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -35,6 +35,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2025-0690.patch \ file://CVE-2025-1118.patch \ file://CVE-2024-45778_CVE-2024-45779.patch \ + file://CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:42 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58869 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4614C28B2E for ; Wed, 12 Mar 2025 19:56:37 +0000 (UTC) Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web10.4569.1741809390050761393 for ; Wed, 12 Mar 2025 12:56:30 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=OI9PGB2U; spf=softfail (domain: sakoman.com, ip: 209.85.214.178, mailfrom: steve@sakoman.com) Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-22185cddbffso25467555ad.1 for ; Wed, 12 Mar 2025 12:56:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809389; x=1742414189; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=xgSYaY5zmafAx0lOv/DyDCE5B4m05JkbJmAXZve20TQ=; b=OI9PGB2UveuQi9OGK2vN+fZchkwlniHKxpQiizSv/f5Y7mTeikkjPj2cCMhQjChm1d LVOk12voV/4ofYyAGSpT9Dlxo9jGCT9sFOmFeAlq+0gZWnAbUChcSzJXfZntoiQfiiKU 7L+c+a5Y+UGc0Jpt7z43F/Ou85jmEwMSKUwUVViLjUBhDOFAimAh53LyVHUAb7B6Mf/h HXR3t4/aziawkLjx96E27HR1hxjb4+dmlYYs7uH2nSy3nLwyv/ZXrL0BYZubgS8LbQSs yuCGeUOp0jQDsl+TylSQU+S3/GtPrRXuloI9ba62Pvl7SFQLdOtrKwG/yAi+Ix6IKHX8 N8LA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809389; x=1742414189; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xgSYaY5zmafAx0lOv/DyDCE5B4m05JkbJmAXZve20TQ=; b=bNTB79iHEBLnQStLH7F+BD1ep1AGlgVQaGRKpNpBSL0G39EjTWu2R9JIBg1Rg3MSws rQ/J/Xc7rJrsHy6VHj/DYN1ikMM/UTyONq0Avwyhk+HdBdxM39K82ATKx9SQCKMYJ7gd SNP5iTtCZoDl9fzbPPmTzAIDQjwKJXhbQrKput2urwbt/VYs8qBTMt1S5raINacZ/7JA lAtevdQEuGKeK4Vrzj05DYXZ26P7nwvBIodk1RFyh3OD/0Eyl9Uq2/ll7pficodCbQ6V /TZodZ2jdvPSVaekSSOE9DF+khrPM0DfFITfO0/n4sdjI1cbYmoPCAbljtlonFRqeFX3 IiiQ== X-Gm-Message-State: AOJu0Yy0ZcSu/IAxtYOit2/Tf/6eXwhNr7IUxLITO1GMhYrxgqr/mhKr UCAJ4ZAgR0rv3zcXMG5j49lIEPe9RiUjutsbTaMN/6VF/0Bi5Tl1igaBTlI3Je4JnmRSlVGut+l w X-Gm-Gg: ASbGncsoY3NXuA8G6aQfagVHDbFHPwJkclaNoCoUecSSu/HYzAOoVHqW+m/TNeE6t6S yMGptaZ6yjahp9iQ4nznsrKPuqX2fDQIvtiUz7YHy35ejuh0vtb0LPdgvssRbvMKIb7yhb6j9OU A31TeFBLm87Ut0KT9cJk5Y9/7lpehHKf78Ducw+HX3nCYsx/V8vWDOpTdoIKvu5MNnpwAt0R10y CdqKbI6qC9WDgCYv3nxwf/LaurmYqFxa3oeAHWBDNaivkzkoxGjdf3bZZ8+AkxxLzz/+x5RkIpV y8VLwZrjUVKRkR3YvpdtVg/Co/M85WtXFVc= X-Google-Smtp-Source: AGHT+IFosjis9aM4hr2bBRkvPViCSLNFCMWlVZFCwngZKlOXDf2lWnWII/xX7VAnuCBxJoscM+QRjQ== X-Received: by 2002:a05:6a20:8425:b0:1ee:ab52:b8cc with SMTP id adf61e73a8af0-1f5ad6a3937mr968404637.21.1741809389178; Wed, 12 Mar 2025 12:56:29 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:28 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 21/28] grub: patch CVE-2025-0678 and CVE-2025-1125 Date: Wed, 12 Mar 2025 12:55:42 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212715 From: Peter Marko Cherry-pick patch mentioning these CVEs. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../files/CVE-2025-0678_CVE-2025-1125.patch | 87 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 88 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0678_CVE-2025-1125.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2025-0678_CVE-2025-1125.patch b/meta/recipes-bsp/grub/files/CVE-2025-0678_CVE-2025-1125.patch new file mode 100644 index 0000000000..14e67cf35b --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2025-0678_CVE-2025-1125.patch @@ -0,0 +1,87 @@ +From 84bc0a9a68835952ae69165c11709811dae7634e Mon Sep 17 00:00:00 2001 +From: Lidong Chen +Date: Tue, 21 Jan 2025 19:02:37 +0000 +Subject: [PATCH] fs: Prevent overflows when allocating memory for arrays + +Use grub_calloc() when allocating memory for arrays to ensure proper +overflow checks are in place. + +The HFS+ and squash4 security vulnerabilities were reported by +Jonathan Bar Or . + +Fixes: CVE-2025-0678 +Fixes: CVE-2025-1125 + +Signed-off-by: Lidong Chen +Reviewed-by: Daniel Kiper + +CVE: CVE-2025-0678 +CVE: CVE-2025-1125 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=84bc0a9a68835952ae69165c11709811dae7634e] +Signed-off-by: Peter Marko +--- + grub-core/fs/btrfs.c | 4 ++-- + grub-core/fs/hfspluscomp.c | 9 +++++++-- + grub-core/fs/squash4.c | 8 ++++---- + 3 files changed, 13 insertions(+), 8 deletions(-) + +diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c +index 0625b1166..9c1e925c9 100644 +--- a/grub-core/fs/btrfs.c ++++ b/grub-core/fs/btrfs.c +@@ -1276,8 +1276,8 @@ grub_btrfs_mount (grub_device_t dev) + } + + data->n_devices_allocated = 16; +- data->devices_attached = grub_malloc (sizeof (data->devices_attached[0]) +- * data->n_devices_allocated); ++ data->devices_attached = grub_calloc (data->n_devices_allocated, ++ sizeof (data->devices_attached[0])); + if (!data->devices_attached) + { + grub_free (data); +diff --git a/grub-core/fs/hfspluscomp.c b/grub-core/fs/hfspluscomp.c +index 48ae438d8..a80954ee6 100644 +--- a/grub-core/fs/hfspluscomp.c ++++ b/grub-core/fs/hfspluscomp.c +@@ -244,14 +244,19 @@ hfsplus_open_compressed_real (struct grub_hfsplus_file *node) + return 0; + } + node->compress_index_size = grub_le_to_cpu32 (index_size); +- node->compress_index = grub_malloc (node->compress_index_size +- * sizeof (node->compress_index[0])); ++ node->compress_index = grub_calloc (node->compress_index_size, ++ sizeof (node->compress_index[0])); + if (!node->compress_index) + { + node->compressed = 0; + grub_free (attr_node); + return grub_errno; + } ++ ++ /* ++ * The node->compress_index_size * sizeof (node->compress_index[0]) is safe here ++ * due to relevant checks done in grub_calloc() above. ++ */ + if (grub_hfsplus_read_file (node, 0, 0, + 0x104 + sizeof (index_size), + node->compress_index_size +diff --git a/grub-core/fs/squash4.c b/grub-core/fs/squash4.c +index f91ff3bfa..cf2bca822 100644 +--- a/grub-core/fs/squash4.c ++++ b/grub-core/fs/squash4.c +@@ -816,10 +816,10 @@ direct_read (struct grub_squash_data *data, + break; + } + total_blocks = ((total_size + data->blksz - 1) >> data->log2_blksz); +- ino->block_sizes = grub_malloc (total_blocks +- * sizeof (ino->block_sizes[0])); +- ino->cumulated_block_sizes = grub_malloc (total_blocks +- * sizeof (ino->cumulated_block_sizes[0])); ++ ino->block_sizes = grub_calloc (total_blocks, ++ sizeof (ino->block_sizes[0])); ++ ino->cumulated_block_sizes = grub_calloc (total_blocks, ++ sizeof (ino->cumulated_block_sizes[0])); + if (!ino->block_sizes || !ino->cumulated_block_sizes) + { + grub_free (ino->block_sizes); diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index f34b5ee50e..7c83febaa2 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -36,6 +36,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2025-1118.patch \ file://CVE-2024-45778_CVE-2024-45779.patch \ file://CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch \ + file://CVE-2025-0678_CVE-2025-1125.patch \ " SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91" From patchwork Wed Mar 12 19:55:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58871 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0FF8C2BA1B for ; Wed, 12 Mar 2025 19:56:37 +0000 (UTC) Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web11.4768.1741809392842610534 for ; Wed, 12 Mar 2025 12:56:32 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=m9YPdiwp; spf=softfail (domain: sakoman.com, ip: 209.85.214.177, mailfrom: steve@sakoman.com) Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-224191d92e4so4665455ad.3 for ; Wed, 12 Mar 2025 12:56:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809392; x=1742414192; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=PViJimqJpiRT2Y2pgSizK7mdFdDRBw0tedw/N4iN1nA=; b=m9YPdiwpiArqaFQcnpSkXSRPF/kZXtiSp9GfsZCU7HP2eOAONbvSBoChSrguLAd4qS h/AeD15tWejw5qcs0ZglIYLvVbbeifHAmoKkReI5hHyDQmnJRdHTo7ox5wZgpa2SB2Y3 NeBwzF8vE7n8M4ns0hbQGch+oQjAm7CfZhDgGSXLnYePX6PATIiDQ9zxzFES3wyy0bK4 YYVUdPZrgh1l5MWckpCCAhjUHPGJ9S/Q3BoUNbc2CsFhUtQjS3vn/NWAHVK9BGfMx9a+ PY0DNb3HzPLS3GnSuQEO8Dy9t61/lGTsaAlSKbjnWW0jdwUeUQXPPdmhcA87Nl88rirQ PbbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809392; x=1742414192; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PViJimqJpiRT2Y2pgSizK7mdFdDRBw0tedw/N4iN1nA=; b=tff+R8tO4z4f5uPcFQKTN119IGXhRS1gcZ0ItYQjtBsin7KjhYokxMaSR5Y9sRceaD /PGa5yDfkCXOFHNAawzfclZNh0Za0pR/ueqLPeHtFG+Ck87uYw9fLDi2NA9+fcp4aNh/ WNOmDokEB71WIi4oH9uJUPvxVRVixB+f/E/aHUEczEsm7ilHAadJ6SM4FYXDIpeIQ22w tENWFp7zDSvYog4KPurt825B5/dYnKkRGDq9R1yj26zisKZ5W3hI8Oqx0Yb3TbSjreZO nfMjhFFBySx6BqNKYTdLnHG8Fa02EQvPPTVCuTxbUSmpRIamLmQxa0eTfdeqPa6ZCZPH U2Wg== X-Gm-Message-State: AOJu0YwYBFW04Pxr5ja4l7VtG0Mx9We7RErGeB9UsrtsaZVrJZWORwQe QONliLVmWHCcnVwKRcfvgw43Wvex/GPaMbIwi47lL0HfJda3J18FxvgdTB0T5bxXrwxuzGHcMYL F X-Gm-Gg: ASbGncv1/8J085UJh0PryqUO0RjBjNxZz8gW6BkY2Egoxdr4zkSUZn2cbE1JohVmmka wdOu6zLVP/2m5+Ua1GI47aJ3/hx48Aq1AO4cegKtoCvDxcVUidj9B5kd7rF+DM7j4NVtBNAaMzW Xm1S63E6sd1kyK8WjajzEg4k6iTM1G15Rmvw2vXVZVLdj80hcroUbc54t940Dds7KB3Ebs+MNZQ qpf69Fz+UJYdFOj4OIlesjlwYWQccjnx+9yl4gXyWPe7tM5OSCWba6rYV9JYlVy2kFaRGeEuDQf p1o9zvB55Y2i5qsN+10btj3bxt3S/m+e14s= X-Google-Smtp-Source: AGHT+IF/J4lIHubV2/JYynhbX1S4M1fNapLsWx8Blsj3DTP2PDfgm675+PkWH0uL4WhtTCNXT224OQ== X-Received: by 2002:a05:6a20:ac43:b0:1f5:63f9:9ea1 with SMTP id adf61e73a8af0-1f563f9a1a8mr26757399637.13.1741809390665; Wed, 12 Mar 2025 12:56:30 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:30 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 22/28] vim: Upgrade 9.1.1043 -> 9.1.1115 Date: Wed, 12 Mar 2025 12:55:43 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212717 From: Divya Chellam This includes CVE-fix for CVE-2025-26603 and CVE-2025-1215 Changes between 9.1.1043 -> 9.1.1115 ==================================== https://github.com/vim/vim/compare/v9.1.1043...v9.1.1115 Signed-off-by: Divya Chellam Signed-off-by: Steve Sakoman --- meta/recipes-support/vim/vim.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index 4ac9c58c80..823cfe24c7 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -18,8 +18,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://no-path-adjust.patch \ " -PV .= ".1043" -SRCREV = "9d1bed5eccdbb46a26b8a484f5e9163c40e63919" +PV .= ".1115" +SRCREV = "c0f0e2380e5954f4a52a131bf6b8499838ad1dae" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+)\.0" From patchwork Wed Mar 12 19:55:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58872 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BA51BC35FF1 for ; Wed, 12 Mar 2025 19:56:37 +0000 (UTC) Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web10.4571.1741809392731538758 for ; Wed, 12 Mar 2025 12:56:32 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=n1OGJ4nV; spf=softfail (domain: sakoman.com, ip: 209.85.214.169, mailfrom: steve@sakoman.com) Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-22580c9ee0aso4385565ad.2 for ; Wed, 12 Mar 2025 12:56:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809392; x=1742414192; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=fKH+A6TkiIAbQS8ss2jBCgemCB8K+maPmwTWN2EsumE=; b=n1OGJ4nVz6xCL0NYtIWNsqdO1ZAYD3+aN5ITd/kI1HBLkdeR1yqICCsH5rWeBB2IR9 s+Ra+TvDdeDYEaSAeIvG12S0bZATXxay2KnUvjea7Z7n4VhCGMIVF3gI8NsCcg0W4LVs ZwURS8shikWrzt1GdYst9eqZ9oXHb8ORbDimCUFclgmI37MHqW26uWWYzytdAI3Shjfp we312b2g6NrmY0tNbxtzDvQA/XrwOIpypjI30ef7PCqt+W5/4qx+vn4gQsPhc80Qr+OV CSVWaH3VgWI74+1w0Jvm/HdJfHX35TiG2DVtAf5fqYlVA1/dj09lNYJYlJwJ6cHpFlgD HSkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809392; x=1742414192; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fKH+A6TkiIAbQS8ss2jBCgemCB8K+maPmwTWN2EsumE=; b=DEnsvEk0iU7WANXF7vJqLY1U5zpm00eNsl83J8Hb+J31vdKPundAb7vJHcj2dd8Eyz NZa4twU7pWZCZpTcyQ+dHuk+sUFuMV5eYpIgYxdFCyx9AuQSQKQcBZ8Aoutx4KU5vrur i7bXtsedNIGohJ7kx7NLtVbeE1E2t5weVdX8zAE68gkQqGsUjaxguqNF5DVqrYYxP6aG 54sMByuavbg+Nv37HkG7C8oqcThhGsU+GgFj2qrOtFsht4oxolCc3LmwfNKbuvE5EfvT K/yKoqwsFpa6BIotL6OgcFAsIIlMnDP22JedIv+I8Za3sYffg302MJrHODeF5myLoK7M pIfw== X-Gm-Message-State: AOJu0YyCOaMEKaRu6bTdzd5t/gpkvyK4EFcoH59EWbNYROYprAStXgoj 47icZgPNvJfZv0GgBGqkTKo5iIaZZLRV0ONAMYnL/RLOfbuBjmEaEs9elycSLpY5+9ribP0Cwzw 9 X-Gm-Gg: ASbGnctIypw/7GAT3nojMSEuF/s/U6e1gGAl7d734612pS+ak9dqm84LTFkQT7/BYBf nU0R+B9IorQbsHfC4PEH+/0+RXz8QdCcZ5DGr5nbJsWxzqX+yslOU2tyULfiClsO8HUK2lD9n7l KaXhP4cWaIGXz4SId89QAQ0tzgx2TX8Wh9GDZIFaeUyVZrMjhxcageSVFr/jt6zRAIlW+cPo1eX 9MtLYqLUIxH3D8vBKMx2Kt0vWOcgXrZysBFBQHuaomsb+cxK0Ny5vCFd0TrJxSvN4nI8htDlsu5 XVrAhk0ZO/5y5SzepKZOaf2i1ZniYiSbxCE= X-Google-Smtp-Source: AGHT+IH89JdWtvgDXaTtou11I1CL3Uy7fbzwYC9eceDNPMJEdAbEpUoAUzHB4XjV3OE7h6DwtFdN7Q== X-Received: by 2002:a05:6a21:7109:b0:1f5:8179:242f with SMTP id adf61e73a8af0-1f581792752mr20885393637.30.1741809392017; Wed, 12 Mar 2025 12:56:32 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:31 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 23/28] xserver-xorg: upgrade 21.1.14 -> 21.1.15 Date: Wed, 12 Mar 2025 12:55:44 -0700 Message-ID: <1fdd0a6824f34ce18c4adac8f0014935896b3e21.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212716 From: Wang Mingyu Signed-off-by: Wang Mingyu Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie (cherry picked from commit ba94110d70ebfb1b4798ecf05389f7ea602b1f55) Signed-off-by: Steve Sakoman --- .../{xserver-xorg_21.1.14.bb => xserver-xorg_21.1.15.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.14.bb => xserver-xorg_21.1.15.bb} (92%) diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.14.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.15.bb similarity index 92% rename from meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.14.bb rename to meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.15.bb index 28c98eb527..080e6d220e 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.14.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.15.bb @@ -3,7 +3,7 @@ require xserver-xorg.inc SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ " -SRC_URI[sha256sum] = "8f2102cebdc4747d1656c1099ef610f5063c7422c24a177e300de569b354ee35" +SRC_URI[sha256sum] = "841c82901282902725762df03adbbcd68153d4cdfb0d61df0cfd73ad677ae089" # These extensions are now integrated into the server, so declare the migration # path for in-place upgrades. From patchwork Wed Mar 12 19:55:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58873 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7639C35FF3 for ; Wed, 12 Mar 2025 19:56:37 +0000 (UTC) Received: from mail-pj1-f42.google.com (mail-pj1-f42.google.com [209.85.216.42]) by mx.groups.io with SMTP id smtpd.web11.4770.1741809394220825772 for ; Wed, 12 Mar 2025 12:56:34 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=VSjBRVsp; spf=softfail (domain: sakoman.com, ip: 209.85.216.42, mailfrom: steve@sakoman.com) Received: by mail-pj1-f42.google.com with SMTP id 98e67ed59e1d1-2ff85fec403so2522586a91.1 for ; Wed, 12 Mar 2025 12:56:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809393; x=1742414193; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=z7uGmV81eLBKCxePPBXK7iojRz9BU4UStlYEf5THvtg=; b=VSjBRVspSFk0cvqN+3dkXnPnc5i9d//PkJoAmrN2bLeNkg+3SrIPDqeJ4UNqPM6lFE FltSZnrBHqWz3JNZ6kU8y70jDwxHYxmlLWvzagMmnbFTotF9OKwNTOsBcq4zD8OVZ+fi CMJ3DZNRvaVCR0kQ/3F8WbdKDIF4wwlAj8ETtag4HLk37Lnp78uC+d0M4Y2uqyiZvVfm 5J+vfBujM36rScgjY8II88yyIQXVxkK3w4JtVfuhVlpvWluseR/YuDLn/ZptQzIygVNK HkHiYaaAaTD0WcLGmHpCcTGOyEi5qxw//6gjf+eEjcrhovUoD86cVk86WJrj2ffnj51n O5cA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809393; x=1742414193; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=z7uGmV81eLBKCxePPBXK7iojRz9BU4UStlYEf5THvtg=; b=Z1uBXEItGEZLPHU8bhl/VwvTwFaPdIcx3+R9jizQGgXzY+EloBfm7Y2LS8WpOdZsZz UWc9MACqve9SAq5ZVJo3GwSbvtFzSrmC9ReYan07UE4E4ycQcYnPQkmyLWskjzDtTtgZ VXBuQOK/20PIoJZnxp2+xRbMMzR+15zJbsXNlo2ioM+OpWrRPWYFKUBMrO0+rraWYEK0 LwXDkE5UAzZV9zDQEWsnVzSyOSZ1WQ7xIpcS15envgOo6mm26JM8wOXGkdjaOOd7bVtK YwL+7wdXmCubflJHiY2LJAJ3zJ+g41xDiaWdLBFKQbUTFqrcwR6sJzrA5umAOBUXU0Xi SOUQ== X-Gm-Message-State: AOJu0Yz4IWZqDsiRWTaj5E9YOUOKKTNW+XriBB1dli7tH7YHlhEEVB17 m3KlYw1TNNV/0/qACnN83h/C6ocENXAcVH7JMJsSNY+INfxg9F5E5yAWgjbvZK2OB4soYkzMv/e w X-Gm-Gg: ASbGnctWMbxFqEXaWVn29LfCJOboQIA0Qjg1CBP1RONyPAuX6sbjCp8m9sESZ6n6XFS 8R6EyaTQttWFiPMw0ABgXvQ0uD6r/oMRsFEMVVFrg6bENjQViuza2z9Q2no7KYy7ZjTgyinwpJq ZmbDvhQ+Icr8hgbu4zSVcpDTZNVeYbZNSIa7JROkGfjwrCUZL8AY6wO7kpDh+NUzCU7wmS58mGJ 8RvLvpd6ZhuwgUMtGTSjrEGSgIXZpc1tuDzl5UzLGijszPvYUdCDDkuOiAGwCGJApmyrbrv2oFz pdAFVyv6ayh7cTQQ+USA6e5mBmsQtpATQ58= X-Google-Smtp-Source: AGHT+IHK/ijXVkE7DANorBP+Ay47qutG2m360uwD04H08BQT7G69Vd3WscxfFezRt5vHP0N5opStPg== X-Received: by 2002:a05:6a21:483:b0:1db:822f:36d8 with SMTP id adf61e73a8af0-1f5ad77d725mr1427690637.3.1741809393431; Wed, 12 Mar 2025 12:56:33 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:33 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 24/28] xserver-xf86-config: add a configuration fragment to disable screen blanking Date: Wed, 12 Mar 2025 12:55:45 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212718 From: Ross Burton Add a configuration fragment that disables screen blanking, and add it to all qemu machines. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 780a5ccaa51d5aed18200883a686387e70847e4b) Signed-off-by: Steve Sakoman --- .../xorg-xserver/xserver-xf86-config/qemuall/noblank.conf | 7 +++++++ .../xorg-xserver/xserver-xf86-config_0.1.bb | 6 ++++++ 2 files changed, 13 insertions(+) create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuall/noblank.conf diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuall/noblank.conf b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuall/noblank.conf new file mode 100644 index 0000000000..9d40a9599a --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuall/noblank.conf @@ -0,0 +1,7 @@ +# Disable screen blanking +Section "ServerFlags" + Option "BlankTime" "0" + Option "StandbyTime" "0" + Option "SuspendTime" "0" + Option "OffTime" "0" +EndSection diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config_0.1.bb b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config_0.1.bb index 03f14cef2b..841d931e82 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config_0.1.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config_0.1.bb @@ -5,6 +5,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" SRC_URI = "file://xorg.conf" +SRC_URI:append:qemuall = " file://noblank.conf" S = "${WORKDIR}" @@ -18,4 +19,9 @@ do_install () { install -d ${D}/${sysconfdir}/X11 install -m 0644 ${WORKDIR}/xorg.conf ${D}/${sysconfdir}/X11/ fi + + if test -s ${S}/noblank.conf; then + install -d ${D}/${sysconfdir}/X11/xorg.conf.d + install -m 0644 ${S}/noblank.conf ${D}/${sysconfdir}/X11/xorg.conf.d/ + fi } From patchwork Wed Mar 12 19:55:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58876 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7580C28B2E for ; Wed, 12 Mar 2025 19:56:47 +0000 (UTC) Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com [209.85.216.52]) by mx.groups.io with SMTP id smtpd.web10.4578.1741809397986903171 for ; Wed, 12 Mar 2025 12:56:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=eekLfVAz; spf=softfail (domain: sakoman.com, ip: 209.85.216.52, mailfrom: steve@sakoman.com) Received: by mail-pj1-f52.google.com with SMTP id 98e67ed59e1d1-2ff65d88103so474396a91.2 for ; Wed, 12 Mar 2025 12:56:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809397; x=1742414197; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=xwCY3/Dt0bi3hQjfeUAJOjCoE/Ao8NdT0f7z//fPoAU=; b=eekLfVAzzx0WEwDtpD2tpsCyg5p4qsyLTm8L9ru6/zY+szUvietzcdZIxMwrLMzAgM 78PHFshiGpvnc1QFk2TQ6jCjxxfxtvb9sBng7nqYs4v0OyUp7Xi4QVN7XRQvFr6p9tqz oCdAR6edwurWiRukuz3uBosO9KKixg9oUnWd6lVY6f9EW5WO1gUqtr5ntmcjL4mSk6hV Xdv01iUtM764ltTt1oTPy98bot4KtS2rmHSmuAhjjZwn06wJ3eug+Tz6JKeG8m6SYEhw lRjkClID43uY1UvI7fM/l2ToqW++bcFCxzbzF5kyLFm6hA0uODMB/dbukOpi+7Cjfx6D YkEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809397; x=1742414197; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xwCY3/Dt0bi3hQjfeUAJOjCoE/Ao8NdT0f7z//fPoAU=; b=iIciWqozAszxtyq1uv1JPjALR5SRe7KjNF4wraqBLULFaxiDscU4Q9xEcEVAyyVJIn kFkyux1v3rzB2rihOsRxotGYtPR3BGJz3F9UQD9xqJxpujuu9fvdGNWcJNlJeIvr0GdE 5/AB2swRZyDOBPU2tTowC3T6AXJpKs5ozv9wc/x3ibtLOPkjhkKG6T9/RbhVAUOUywIx M8faQ1SYC8OZawLQMTe/oGXjG3trzepMgJ9dnWlYGtNzQ64yyXGimuHDu4AW9WFdzq8s kEfCbNhPUpVEDLv5ENjTr3pCAKEgoz+UWshdfPADSDusPH1TPqtRKtDJLaX6GhOx8XPk mFzg== X-Gm-Message-State: AOJu0YywhcrG4XhODTj6mxxlBb4kDBz93tTDnBFhqTIN7v3RINfO5gOE SoGf3dKQMivT41FeaGQXrnLsmSNs/E0n5FljnfFVGC79PyxKhbrSjebmEvSdr2e3O5lflyrkHRt U X-Gm-Gg: ASbGnctFz75Wa3YlDVISCjCRlnAbguKRIuSucFDlCTxe+IIGYipNvgiB8jQAYDPrMwj kJetXc0Rq/AA2AODKzYiJuTvYWEcQWze8z9V1p7Q16xKU4GBUhm/WCeXUpdDM1o4r/fdqMoNZgI lhu1yXWmcPNlatAPnX8RTcvCQEv3ynLnmNS+HQH9qOVcII8KIiDMM+3kkKX5kc492nvRRDswqvl p+zV5xpjX4qoRNMieoTt0vBDgxOmOyGAAx4urpKINKb2/M/VRIJU2Uqe60gNoNTnNnP0vUopBwO c32sw3ciQVhCdaC5LopKrCyO2Svv3gGJjjo= X-Google-Smtp-Source: AGHT+IHRD14KbESPaHIGXqGVkN951Y/BdaEa0l46u9bfGgcIexako8v5XbuxedFcdxBQ6aJ/MXCusQ== X-Received: by 2002:a05:6a21:48c:b0:1f5:8f34:bf82 with SMTP id adf61e73a8af0-1f58f34c20dmr14921861637.36.1741809394967; Wed, 12 Mar 2025 12:56:34 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:34 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 25/28] xserver-xf86-config: remove obsolete configuration files Date: Wed, 12 Mar 2025 12:55:46 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212720 From: Ross Burton For reasons we have explicit xorg.conf files for a number of the qemu machines, but not all of them. These mainly disabled screen blanking (which is now down with a separate fragment) but also explictly set the device driver to fbdev which meant they didn't use the modesettings driver as they should (with the virtio framebuffer from qemu). This is the root cause of why the xserver 21.1.16 upgrade doesn't work on a number of machines: the /sys probing changed and the fbdev driver now refuses to use the PCI framebuffer device as there are better drivers, but we've explictly told xorg to use the wrong driver. For more details, see https://gitlab.freedesktop.org/xorg/xserver/-/issues/1798. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 8c8039bf4c2d011e3d12c970ce45036b184902a9) Signed-off-by: Steve Sakoman --- .../xserver-xf86-config/qemuarm/xorg.conf | 42 ------------------- .../xserver-xf86-config/qemuppc/xorg.conf | 42 ------------------- .../xserver-xf86-config/qemush4/xorg.conf | 42 ------------------- .../xserver-xf86-config/qemux86-64/xorg.conf | 37 ---------------- .../xserver-xf86-config/qemux86/xorg.conf | 37 ---------------- 5 files changed, 200 deletions(-) delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuarm/xorg.conf delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuppc/xorg.conf delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemush4/xorg.conf delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemux86-64/xorg.conf delete mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemux86/xorg.conf diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuarm/xorg.conf b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuarm/xorg.conf deleted file mode 100644 index 3eb380a0a4..0000000000 --- a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuarm/xorg.conf +++ /dev/null @@ -1,42 +0,0 @@ - -Section "Files" -EndSection - -Section "Device" - Identifier "Graphics Controller" - Driver "fbdev" -EndSection - -Section "Monitor" - Identifier "Generic Monitor" - Option "DPMS" - # 1024x600 59.85 Hz (CVT) hsync: 37.35 kHz; pclk: 49.00 MHz - Modeline "1024x600_60.00" 49.00 1024 1072 1168 1312 600 603 613 624 -hsync +vsync - # 640x480 @ 60Hz (Industry standard) hsync: 31.5kHz - ModeLine "640x480" 25.2 640 656 752 800 480 490 492 525 -hsync -vsync - # 640x480 @ 72Hz (VESA) hsync: 37.9kHz - ModeLine "640x480" 31.5 640 664 704 832 480 489 491 520 -hsync -vsync - # 640x480 @ 75Hz (VESA) hsync: 37.5kHz - ModeLine "640x480" 31.5 640 656 720 840 480 481 484 500 -hsync -vsync - # 640x480 @ 85Hz (VESA) hsync: 43.3kHz - ModeLine "640x480" 36.0 640 696 752 832 480 481 484 509 -hsync -vsync -EndSection - -Section "Screen" - Identifier "Default Screen" - Device "Graphics Controller" - Monitor "Generic Monitor" - SubSection "Display" - Modes "640x480" - EndSubSection -EndSection - -Section "ServerLayout" - Identifier "Default Layout" - Screen "Default Screen" - Option "AllowEmptyInput" "no" - Option "BlankTime" "0" - Option "StandbyTime" "0" - Option "SuspendTime" "0" - Option "OffTime" "0" -EndSection diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuppc/xorg.conf b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuppc/xorg.conf deleted file mode 100644 index 3eb380a0a4..0000000000 --- a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemuppc/xorg.conf +++ /dev/null @@ -1,42 +0,0 @@ - -Section "Files" -EndSection - -Section "Device" - Identifier "Graphics Controller" - Driver "fbdev" -EndSection - -Section "Monitor" - Identifier "Generic Monitor" - Option "DPMS" - # 1024x600 59.85 Hz (CVT) hsync: 37.35 kHz; pclk: 49.00 MHz - Modeline "1024x600_60.00" 49.00 1024 1072 1168 1312 600 603 613 624 -hsync +vsync - # 640x480 @ 60Hz (Industry standard) hsync: 31.5kHz - ModeLine "640x480" 25.2 640 656 752 800 480 490 492 525 -hsync -vsync - # 640x480 @ 72Hz (VESA) hsync: 37.9kHz - ModeLine "640x480" 31.5 640 664 704 832 480 489 491 520 -hsync -vsync - # 640x480 @ 75Hz (VESA) hsync: 37.5kHz - ModeLine "640x480" 31.5 640 656 720 840 480 481 484 500 -hsync -vsync - # 640x480 @ 85Hz (VESA) hsync: 43.3kHz - ModeLine "640x480" 36.0 640 696 752 832 480 481 484 509 -hsync -vsync -EndSection - -Section "Screen" - Identifier "Default Screen" - Device "Graphics Controller" - Monitor "Generic Monitor" - SubSection "Display" - Modes "640x480" - EndSubSection -EndSection - -Section "ServerLayout" - Identifier "Default Layout" - Screen "Default Screen" - Option "AllowEmptyInput" "no" - Option "BlankTime" "0" - Option "StandbyTime" "0" - Option "SuspendTime" "0" - Option "OffTime" "0" -EndSection diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemush4/xorg.conf b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemush4/xorg.conf deleted file mode 100644 index 3eb380a0a4..0000000000 --- a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemush4/xorg.conf +++ /dev/null @@ -1,42 +0,0 @@ - -Section "Files" -EndSection - -Section "Device" - Identifier "Graphics Controller" - Driver "fbdev" -EndSection - -Section "Monitor" - Identifier "Generic Monitor" - Option "DPMS" - # 1024x600 59.85 Hz (CVT) hsync: 37.35 kHz; pclk: 49.00 MHz - Modeline "1024x600_60.00" 49.00 1024 1072 1168 1312 600 603 613 624 -hsync +vsync - # 640x480 @ 60Hz (Industry standard) hsync: 31.5kHz - ModeLine "640x480" 25.2 640 656 752 800 480 490 492 525 -hsync -vsync - # 640x480 @ 72Hz (VESA) hsync: 37.9kHz - ModeLine "640x480" 31.5 640 664 704 832 480 489 491 520 -hsync -vsync - # 640x480 @ 75Hz (VESA) hsync: 37.5kHz - ModeLine "640x480" 31.5 640 656 720 840 480 481 484 500 -hsync -vsync - # 640x480 @ 85Hz (VESA) hsync: 43.3kHz - ModeLine "640x480" 36.0 640 696 752 832 480 481 484 509 -hsync -vsync -EndSection - -Section "Screen" - Identifier "Default Screen" - Device "Graphics Controller" - Monitor "Generic Monitor" - SubSection "Display" - Modes "640x480" - EndSubSection -EndSection - -Section "ServerLayout" - Identifier "Default Layout" - Screen "Default Screen" - Option "AllowEmptyInput" "no" - Option "BlankTime" "0" - Option "StandbyTime" "0" - Option "SuspendTime" "0" - Option "OffTime" "0" -EndSection diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemux86-64/xorg.conf b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemux86-64/xorg.conf deleted file mode 100644 index c01c3331c5..0000000000 --- a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemux86-64/xorg.conf +++ /dev/null @@ -1,37 +0,0 @@ - -Section "Files" -EndSection - -Section "Monitor" - Identifier "Generic Monitor" - Option "DPMS" - # 1024x600 59.85 Hz (CVT) hsync: 37.35 kHz; pclk: 49.00 MHz - Modeline "1024x600_60.00" 49.00 1024 1072 1168 1312 600 603 613 624 -hsync +vsync - # 640x480 @ 60Hz (Industry standard) hsync: 31.5kHz - ModeLine "640x480" 25.2 640 656 752 800 480 490 492 525 -hsync -vsync - # 640x480 @ 72Hz (VESA) hsync: 37.9kHz - ModeLine "640x480" 31.5 640 664 704 832 480 489 491 520 -hsync -vsync - # 640x480 @ 75Hz (VESA) hsync: 37.5kHz - ModeLine "640x480" 31.5 640 656 720 840 480 481 484 500 -hsync -vsync - # 640x480 @ 85Hz (VESA) hsync: 43.3kHz - ModeLine "640x480" 36.0 640 696 752 832 480 481 484 509 -hsync -vsync -EndSection - -Section "Screen" - Identifier "Default Screen" - Device "Graphics Controller" - Monitor "Generic Monitor" - SubSection "Display" - Modes "640x480" - EndSubSection -EndSection - -Section "ServerLayout" - Identifier "Default Layout" - Screen "Default Screen" - Option "AllowEmptyInput" "no" - Option "BlankTime" "0" - Option "StandbyTime" "0" - Option "SuspendTime" "0" - Option "OffTime" "0" -EndSection diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemux86/xorg.conf b/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemux86/xorg.conf deleted file mode 100644 index c01c3331c5..0000000000 --- a/meta/recipes-graphics/xorg-xserver/xserver-xf86-config/qemux86/xorg.conf +++ /dev/null @@ -1,37 +0,0 @@ - -Section "Files" -EndSection - -Section "Monitor" - Identifier "Generic Monitor" - Option "DPMS" - # 1024x600 59.85 Hz (CVT) hsync: 37.35 kHz; pclk: 49.00 MHz - Modeline "1024x600_60.00" 49.00 1024 1072 1168 1312 600 603 613 624 -hsync +vsync - # 640x480 @ 60Hz (Industry standard) hsync: 31.5kHz - ModeLine "640x480" 25.2 640 656 752 800 480 490 492 525 -hsync -vsync - # 640x480 @ 72Hz (VESA) hsync: 37.9kHz - ModeLine "640x480" 31.5 640 664 704 832 480 489 491 520 -hsync -vsync - # 640x480 @ 75Hz (VESA) hsync: 37.5kHz - ModeLine "640x480" 31.5 640 656 720 840 480 481 484 500 -hsync -vsync - # 640x480 @ 85Hz (VESA) hsync: 43.3kHz - ModeLine "640x480" 36.0 640 696 752 832 480 481 484 509 -hsync -vsync -EndSection - -Section "Screen" - Identifier "Default Screen" - Device "Graphics Controller" - Monitor "Generic Monitor" - SubSection "Display" - Modes "640x480" - EndSubSection -EndSection - -Section "ServerLayout" - Identifier "Default Layout" - Screen "Default Screen" - Option "AllowEmptyInput" "no" - Option "BlankTime" "0" - Option "StandbyTime" "0" - Option "SuspendTime" "0" - Option "OffTime" "0" -EndSection From patchwork Wed Mar 12 19:55:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58874 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id CE255C35FF2 for ; Wed, 12 Mar 2025 19:56:37 +0000 (UTC) Received: from mail-pj1-f51.google.com (mail-pj1-f51.google.com [209.85.216.51]) by mx.groups.io with SMTP id smtpd.web10.4575.1741809396925887860 for ; Wed, 12 Mar 2025 12:56:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=r+5R40Lj; spf=softfail (domain: sakoman.com, ip: 209.85.216.51, mailfrom: steve@sakoman.com) Received: by mail-pj1-f51.google.com with SMTP id 98e67ed59e1d1-3012a0c8496so455897a91.2 for ; Wed, 12 Mar 2025 12:56:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809396; x=1742414196; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=LqaGDWL1LA4bzyNnKe0URkDxVdSOOF7B0ZbEAFVf1jo=; b=r+5R40LjSwhtIE23nzTlADSJov+fkpG5yFVU+KO4jLv23QZSzNwSAcASw30KTT1LMm mmPOTmATXEOXs+IHv2/dBL20zqXcAuCksYN77RQTV12ULEKD1gpV8xR/H/y10kVdmJB0 B1rxZxjyFPN6Ai3MA0mZAPrWDpEGsEm7X8NbnbuLOeRK4ygMayIUGNuQeFzTw3SO9Feh tvVxiWKOi6wsIhmf6fjEmFDmDzs1YwD3rw2LHPWrQ+ChLE6K08rIMHRSgn81Zo6Rj81W IrBC5cprxAkG7h+a+o3/WgIhPjHV8H+Lw8+8xmvIQwtcZ0DROc0tPZ1qsJCe6PljlOBO X1Lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809396; x=1742414196; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LqaGDWL1LA4bzyNnKe0URkDxVdSOOF7B0ZbEAFVf1jo=; b=PHUo03AB8pJGyLHMgJPv2H0/rGmKhnVM5XJLsgKErd79zctrwP290GoA673oMCQIhk /18KvB0ndCB+hW9CyV88ob4qxIGzL3SYl+NxYrMu/06NcMEdQtwigxHpyIxSv81cH9BY 94qgsLVTq3OdRrwiOFwilMDMlDOy354RSDpbQVOFzLl5v1bMqTYXYLI5CD6/RxXOy7H9 +R5uJRC1gGjIjA7dqTgVs5Pz5IxxCfqDKYVAohQZOPWnN3jh2PDAdlRJLFlvPJAHI1yC zLV09BRiH5TZlp/JdxUIuwytyk2MP2RhUULAi64E6v2WRmI9NKdYPJCkClAEAvG1r+cG ORwA== X-Gm-Message-State: AOJu0YzK8IbceB3zu43wG7fg+kJI6CP9bN9h507nhn/taU2QCtP66F66 PW9MtTpITTx1AQpbjiSD0uizlj+X8uuzRyiJXnZLJKJScCV2QAO04gPZryk+lOACmzYX9upvvMz Q X-Gm-Gg: ASbGncvwUKPoBKkG6IyqDKk2NFtCaxW1FRlSa9MSit95jjm38DTzlZ85pJW/0eQ0pju FVNUVdGGharDeKdxkL2rMI0lZn6yzLSmzlnsx29HbXH+/jUktRRp/o99kf6AtI7llKa/k77w1wr WmPon7oWb+SZ69rEhNCPnAvjSVRawwMf9vNGO3iJOBHZBDPNxrzeyeDHMYHQyiQ/wRw2Q7v2GMr IRIAb6oI5J9iOONhoIqbCMrVBkGYYzYWSa0mOqfuvzN1bstPy10PwQLXL6h2DwGEGNw0s+yfQ2b 0NQVzvkSeOb4PsUSZr5sKB7ouRLHPpYCMjs= X-Google-Smtp-Source: AGHT+IEfFOEvaXkrnu/K6sqFpy1G4nntIUfSmrdaxtcYalWJ4O04lkAmXK7cUJp/vi0IRW7NtczH7g== X-Received: by 2002:a05:6a21:7116:b0:1f5:8479:dfe2 with SMTP id adf61e73a8af0-1f58479e277mr19184497637.6.1741809396230; Wed, 12 Mar 2025 12:56:36 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:35 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 26/28] xserver-xorg: upgrade 21.1.15 -> 21.1.16 Date: Wed, 12 Mar 2025 12:55:47 -0700 Message-ID: <60d1d54a1c23f007434a1f2c1940fd8ccabe656f.1741809252.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212719 From: Vijay Anusuri Includes security fix * CVE-2025-26594 * CVE-2025-26595 * CVE-2025-26596 * CVE-2025-26597 * CVE-2025-26598 * CVE-2025-26599 * CVE-2025-26600 * CVE-2025-26601 Ref: https://lists.x.org/archives/xorg-announce/2025-February/003584.html https://lists.x.org/archives/xorg-announce/2025-February/003585.html Signed-off-by: Vijay Anusuri Signed-off-by: Richard Purdie (cherry picked from commit b5491688a045e52b2a1a00d04b746ed6af456784) Signed-off-by: Steve Sakoman --- .../{xserver-xorg_21.1.15.bb => xserver-xorg_21.1.16.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-graphics/xorg-xserver/{xserver-xorg_21.1.15.bb => xserver-xorg_21.1.16.bb} (92%) diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.15.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.16.bb similarity index 92% rename from meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.15.bb rename to meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.16.bb index 080e6d220e..38c81f2372 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.15.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.16.bb @@ -3,7 +3,7 @@ require xserver-xorg.inc SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ " -SRC_URI[sha256sum] = "841c82901282902725762df03adbbcd68153d4cdfb0d61df0cfd73ad677ae089" +SRC_URI[sha256sum] = "b14a116d2d805debc5b5b2aac505a279e69b217dae2fae2dfcb62400471a9970" # These extensions are now integrated into the server, so declare the migration # path for in-place upgrades. From patchwork Wed Mar 12 19:55:48 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58877 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C18FAC28B28 for ; Wed, 12 Mar 2025 19:56:47 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web11.4771.1741809398198200390 for ; Wed, 12 Mar 2025 12:56:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=jJ+kIGOK; spf=softfail (domain: sakoman.com, ip: 209.85.214.170, mailfrom: steve@sakoman.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-22403cbb47fso5183585ad.0 for ; Wed, 12 Mar 2025 12:56:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809397; x=1742414197; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ipvEK2pxxK2Ysg2Jejg/pXVtvwxTSI0VAU8MeamhKto=; b=jJ+kIGOKHT0RGL4ZKdCYcnWAf4CMheh0TEde9UC6rrMBtDGrn5achMc3KdLDZIj9zB aE9nuCO4YMnpjZAhUXurxN5nNVcOSg7PpUztCh67LNPBx258cpMdr6USfzjZvLqCOWq7 xF8LSCnpWWmHnzoA85775t3xP4duh1PFlFvx4K8ZPEskJuXOllJ4qlfdKlD6g3pfIbc2 oaKPGwIk7tlB30dEspcJ5GRWTJitqEYFo1hJfHofToxCAveNU+pn4E32PzfhXYWyC4qO VoDcww7KqHNX+OuiXe8tbjECjiWHKEiCX84+/DIuLBeSMFOF+ZRp3KqnXkACi28AwajQ +KnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809397; x=1742414197; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ipvEK2pxxK2Ysg2Jejg/pXVtvwxTSI0VAU8MeamhKto=; b=SXBkmcaB4NUapzzY/Uk5sFdph8qFFgE7dIvhNX/dWhsXPQ2+ZcD4SUOk3CLPtjlP3s YiNyyuvgUOeOSrfUORxsm7ySlr9gxVI8kVR0eEDYKkTAChToKvAIHIEi4WErZxyYSgOj mCR3bvSolbkFWAuZFmNhMxaHB8iVT3xH2yz3HXp2LsrFcTUWxrT2JWUCi7p1dBxHgixX IUTSD/5iMihAMTr2J41bxmJ+I2wpsStDnabozZ4D0dANOJPrFH9q+s4+VXue5hUMVLN0 a8ZaavuX/YkT5ktRzmPbeTbH26MgsLgYqHjsmRCOx8jyjtKn4D9HoKMr8twJYjh+1XI5 1YLg== X-Gm-Message-State: AOJu0Yxlfl0Nbc2xzl1/KCAmEBwt0JT2vAwL72NkvNNHd5799Hs91D/8 tUWnk8ZN65fpI4yFjRQ0WObIzc2TNxyZ/DecR8EGjAU2MFS77pbyQyIsck6oPjSuXZ7r+u/JiY/ C X-Gm-Gg: ASbGncvQt91klnFS6uxr3YucAKzhOpeDgYbG6Xn65RDrQaD2XRqkwyoh/ugrWih/qmG wgb+aMsVRJdDKCRBMZkPBniAKgmOgMreFrqpCm+gIUB54o09JKEeB/qYlZX7Uce7YrYHDlOQI2r /IWy+fH+l4NIUqp7gzXLHku8Lk0HhjXeftLi7Xu5IWceX6F8h65ZUTt/eRCdEJvfAhqRGcLREI1 GXy0eFpbMWx+PCvMEmuhdvqkqZPIOjAZsIbneVpChn2+mTkoYIFo4oVCJnEwsTYEPJJ64jCvWwb vCFM9bQZ4H2WQ9gopJwtEayq7kLMHgK/UonWmuckqL+QZg== X-Google-Smtp-Source: AGHT+IG3Iu1L+//Hv0Sl5j1NcWczhBEloY0ViZssvhveCgsXe8eaeY1J0AkhkU3GVre9zGOUWnUzbw== X-Received: by 2002:a05:6a21:4cc2:b0:1f5:8220:7452 with SMTP id adf61e73a8af0-1f582207511mr18998294637.24.1741809397474; Wed, 12 Mar 2025 12:56:37 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:37 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 27/28] babeltrace: extend to nativesdk Date: Wed, 12 Mar 2025 12:55:48 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212721 From: Changqing Li This allows anyone using the SDK to be able to analyze the logs collected on target Signed-off-by: Changqing Li Signed-off-by: Steve Sakoman --- meta/recipes-kernel/lttng/babeltrace_1.5.11.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-kernel/lttng/babeltrace_1.5.11.bb b/meta/recipes-kernel/lttng/babeltrace_1.5.11.bb index f4d9b5e42a..2585747fb6 100644 --- a/meta/recipes-kernel/lttng/babeltrace_1.5.11.bb +++ b/meta/recipes-kernel/lttng/babeltrace_1.5.11.bb @@ -96,3 +96,5 @@ do_install_ptest () { sed -i 's:^BTBIN.*:BTBIN=/usr/bin/babeltrace:' ${f} done } + +BBCLASSEXTEND = "nativesdk" From patchwork Wed Mar 12 19:55:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58875 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id CF195C35FF1 for ; Wed, 12 Mar 2025 19:56:47 +0000 (UTC) Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web10.4579.1741809399848040693 for ; Wed, 12 Mar 2025 12:56:39 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=tY23V+VT; spf=softfail (domain: sakoman.com, ip: 209.85.214.169, mailfrom: steve@sakoman.com) Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-22355618fd9so4858855ad.3 for ; Wed, 12 Mar 2025 12:56:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741809399; x=1742414199; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=3bzI5G6skpy45IDrUE1yESEk2OaqPv5Xv17PqFl2+fU=; b=tY23V+VTd4SphWhg5XV/UJlJWthlobzpPiA6S5IhgBF8CqjfU66T58+5UylYuHtxAZ eDmZ08vJ1e7hpi/DBmtyJQdwGqf3c2HUrHtVShVDaV3Ca1e9TOlqdOSg0I44FyuxlCid 9yLsMbbFlBaZElIlJMbsQXPs+06O+rZUJ5uM+nWkEwPhpS4XRn4cXV1RbZDmUApRrCh7 jU7duodYozjCdWFIEyX/IttI4/w6e9PGlUxvCuHhz/Zaui+YuTyGCyxLlTG6kNJSgu7/ nloEeSm6ZvEUdIBh1gmBE5xECvJDe4rJIginY8p3Ic0idyYyLYauDosJYaaU9t9kJDOh At/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741809399; x=1742414199; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3bzI5G6skpy45IDrUE1yESEk2OaqPv5Xv17PqFl2+fU=; b=Ru6RCW3wRimALdwYmZHmZy9srD2bcvhnmuGwFscIbphqQ1ugaBuQSxbU+sCYfmSfMN shSb7ZcLYArK4PxKesbSOPGkpsNvuouMCX8Das1an0f5hR1tRAgM7WdPyVleIHaOL+oP oXcrdjjS1EMXGjm/dUpWAZRkYRv9dULt75+wqTUsAD4jJF6/0BJqoxkrpfJzRk5lHwXj N9Im75UmuLEbtKpH7ZLtuTt+rqGo63FX8s8i9hqMXzpOFMqjAmCsyHADp92ejZvNxIl6 MljRpdnUX0syNAaT8K7UyVaIM0Yx2Go49RLYBcQBl2VtGwjyZFRNxgT1tLmj4sIJhTAM aRqQ== X-Gm-Message-State: AOJu0YzJ+aDzZk/fC0KX38IZblup5sG4oPI7uSXP+UMom+39u3OWJOpq idW5S5P1xRXWzSisFWXTzBSRWzn+5LIzmISQ/cV/6kSMnuss4ZZg0V4hZpunc5bxoSKhcpR5AgU f X-Gm-Gg: ASbGncugJlunoTHBn3l52K6rPeRccGmobessR1zb1fVApR+8vSD6+O1p573cfRIWqDb HgudB2CddyGryyp9rmRYbVdqx1zP1EN/YXOz+/fFWJ1tJaehGUOHoUcBo3p5eybOfnDBqqzNty5 zVx2DkWNj9BHl43cohShJH2GDZEf9rs7glae1EbxuVU3PZMKcXpjhYhal8HlFMqd97J8qQB3clQ Tpty9Anp8n1RiMEING42fNmezsw496o1bBWaXkqG+fOO4KC8Ul4g7mmkj5iI+UjE6KiYj8QbbJ/ 33imcYPtX9CXU4n+wEnIMwRpZ6pFW2MkOJar4Wmr18Y8DQ== X-Google-Smtp-Source: AGHT+IHzMptrN3sr8biRuk6RsSWCjNfoV9hjHTHAlzSpANQZosI1lEfCMy6eyqgiADIPo/dJ4NqJLw== X-Received: by 2002:a05:6a21:4cc7:b0:1f3:36f7:c0d2 with SMTP id adf61e73a8af0-1f58cbf3befmr14052688637.41.1741809399065; Wed, 12 Mar 2025 12:56:39 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:5779:a397:ba1c:2b0]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-af281287c10sm9830332a12.78.2025.03.12.12.56.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Mar 2025 12:56:38 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 28/28] babeltrace2: extend to nativesdk Date: Wed, 12 Mar 2025 12:55:49 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 12 Mar 2025 19:56:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212722 From: Changqing Li This allows anyone using the SDK to be able to analyze the logs collected on target Signed-off-by: Changqing Li Signed-off-by: Steve Sakoman --- meta/recipes-kernel/lttng/babeltrace2_2.0.6.bb | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/meta/recipes-kernel/lttng/babeltrace2_2.0.6.bb b/meta/recipes-kernel/lttng/babeltrace2_2.0.6.bb index d6c75d7580..bd6eb9ba1c 100644 --- a/meta/recipes-kernel/lttng/babeltrace2_2.0.6.bb +++ b/meta/recipes-kernel/lttng/babeltrace2_2.0.6.bb @@ -93,3 +93,15 @@ do_install_ptest () { # Remove architechture specific testfiles rm -rf ${D}${PTEST_PATH}/tests/data/plugins/flt.lttng-utils.debug-info/* } + +do_install:append:class-nativesdk() { + mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d + cat <<- EOF > ${D}${SDKPATHNATIVE}/environment-setup.d/babeltrace2.sh + export BABELTRACE_PLUGIN_PATH="${libdir}/babeltrace2/plugins" + export LIBBABELTRACE2_PLUGIN_PROVIDER_DIR="${libdir}/babeltrace2/plugin-providers" + EOF +} + +FILES:${PN}:append:class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/babeltrace2.sh" + +BBCLASSEXTEND = "nativesdk"