openembedded-core.git, branch dylan Mirror of openembedded-core kernel.bbclass: Complete fix for modules symlink 2015-05-29T13:49:37+00:00 Paul Barker paul.barker@commagility.com 2015-05-05T17:33:01+00:00 f07a4e0d80f5e0dd94514f6aae11a7bd56034f30 The fix backported in commit aa9fc551 of oe-core does not completely fix the issue (Yocto #4595) as intended. The modules symlink is still created in the working directory instead of in the deploy directory. To fix this, we just need to use an absolute path to ${DEPLOYDIR} when creating the symlink. Signed-off-by: Paul Barker <paul.barker@commagility.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
The fix backported in commit aa9fc551 of oe-core does not completely fix the
issue (Yocto #4595) as intended. The modules symlink is still created in the
working directory instead of in the deploy directory. To fix this, we just need
to use an absolute path to ${DEPLOYDIR} when creating the symlink.

Signed-off-by: Paul Barker <paul.barker@commagility.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
binutils: backport patch to fix build with gcc-4.9 2015-04-20T11:36:09+00:00 Martin Jansa martin.jansa@gmail.com 2015-04-10T11:34:29+00:00 8c5396bd3b7f1eef3d53ebf0404189fd75f1d5e1 * backported from 2.23.2, fixes: work/x86_64-linux/binutils-native/2.23.1-r3/binutils-2.23.1/gas/write.c:409:24: error: 'dummy.fr_type' may be used uninitialized in this function [-Werror=maybe-uninitialized] gas_assert (prev_frag->fr_type != 0); ^ work/x86_64-linux/binutils-native/2.23.1-r3/binutils-2.23.1/gas/write.c:392:9: note: 'dummy' was declared here fragS dummy, *prev_frag = &dummy; ^ Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
* backported from 2.23.2, fixes:
work/x86_64-linux/binutils-native/2.23.1-r3/binutils-2.23.1/gas/write.c:409:24:
  error: 'dummy.fr_type' may be used uninitialized in this function [-Werror=maybe-uninitialized]
   gas_assert (prev_frag->fr_type != 0);
                        ^
work/x86_64-linux/binutils-native/2.23.1-r3/binutils-2.23.1/gas/write.c:392:9: note: 'dummy' was declared here
   fragS dummy, *prev_frag = &dummy;
         ^

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
binutils: Fix building nativesdk binutils with gcc 4.9 2015-04-11T15:25:33+00:00 Khem Raj raj.khem@gmail.com 2015-04-10T11:34:28+00:00 5ab846580ec2ebf13f5e4775bab45fa30518cb31 Patches explain the issue in detail but this is exposed with gcc 4.9 in binutils 2.23.2 (From OE-Core rev: fc5c467b680fc5aef4b0f689e6988e17a9322ae0) (From OE-Core rev: 4dfb8847ebf8aab90ad8888933468e2899c96998) (From OE-Core rev: af347d3298e15552d502d5b2ce497bbda9705bc7) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Patches explain the issue in detail but this is exposed
with gcc 4.9 in binutils 2.23.2

(From OE-Core rev: fc5c467b680fc5aef4b0f689e6988e17a9322ae0)

(From OE-Core rev: 4dfb8847ebf8aab90ad8888933468e2899c96998)

(From OE-Core rev: af347d3298e15552d502d5b2ce497bbda9705bc7)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
dtc: old SRC_URI died, changing to new working one 2015-03-10T12:07:38+00:00 Krzysztof Sywula krzysztof.m.sywula@intel.com 2015-03-09T20:26:32+00:00 bd2ed00b7062afbd300dc59d3f5f5ab90894d9c3 (From OE-Core rev: 131a17f014e6373dae526cc927588ccc0fedc38d) Signed-off-by: Krzysztof Sywula <krzysztof.m.sywula@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
(From OE-Core rev: 131a17f014e6373dae526cc927588ccc0fedc38d)

Signed-off-by: Krzysztof Sywula <krzysztof.m.sywula@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kernel.bbclass: Fix link for modules-${MACHINE}.tgz 2015-01-12T12:02:11+00:00 Yi Zhao yi.zhao@windriver.com 2013-06-05T09:20:50+00:00 aa9fc551a8df9ead287c0ddc18bc60a7aded1d3c The modules-${MACHINE}.tgz should link to ${MODULE_TARBALL_BASE_NAME}. But now it links to an invalid file ${MODULE_TARBALL_BASE_NAME}.bin. Remove the extra .bin suffix. [YOCTO #4595] Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> 
The modules-${MACHINE}.tgz should link to ${MODULE_TARBALL_BASE_NAME}.
But now it links to an invalid file ${MODULE_TARBALL_BASE_NAME}.bin.
Remove the extra .bin suffix.

[YOCTO #4595]

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
sstate: Fix the relative symlink replacement code 2014-12-08T09:20:38+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2013-08-23T09:02:21+00:00 67831122fce62b71263b85592c8d1de4e7deabd2 ant reported on irc that the sstate absolute to relative symlink creation code wasn't working in klibc. He was correct although the level of breakage is rather surprising since it only worked for one level of symlink (usr/include) with everything else being broken. The reason is probably that nothing really uses absolute paths, we use relative paths where at all possible already. Nothing in the target sysroot should use absolute paths for a start. In this regard, the klibc-dev package is broken and needs fixing. It will currently break when building for one machine, then switching to another of the same TUNE_PKGARCH and installing from sstate but that is a separate issue. This patch fixes the symlink creation code by firstly passing in the correct value we need (where the symlink will end up) and seccondly, actually using it. I've also tweaked the debug message to contain appropriate information and got right of the double "//" value the existing code created in favour of the form './..' which looks neater. (From OE-Core rev: 9b05c65450526522d7358d0c0901b594de546748) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
ant reported on irc that the sstate absolute to relative symlink creation
code wasn't working in klibc. He was correct although the level of breakage is
rather surprising since it only worked for one level of symlink (usr/include) with
everything else being broken.

The reason is probably that nothing really uses absolute paths, we use relative
paths where at all possible already. Nothing in the target sysroot should use
absolute paths for a start. In this regard, the klibc-dev package is broken and
needs fixing. It will currently break when building for one machine, then switching
to another of the same TUNE_PKGARCH and installing from sstate but that is a
separate issue.

This patch fixes the symlink creation code by firstly passing in the correct
value we need (where the symlink will end up) and seccondly, actually using it.

I've also tweaked the debug message to contain appropriate information and got
right of the double "//" value the existing code created in favour of the form
'./..' which looks neater.

(From OE-Core rev: 9b05c65450526522d7358d0c0901b594de546748)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bash: Fix-for-CVE-2014-6278 2014-10-12T20:29:14+00:00 Catalin Popeanga Catalin.Popeanga@enea.com 2014-10-09T12:25:15+00:00 32e6864323cf2e4405b835cf474bcdf6fd572961 This vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277 See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 (From OE-Core daisy rev: de596b5f31e837dcd2ce991245eb5548f12d72ae) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> 
This vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277

See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278

(From OE-Core daisy rev: de596b5f31e837dcd2ce991245eb5548f12d72ae)

Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
bash: Fix for CVE-2014-6277 2014-10-12T20:29:14+00:00 Catalin Popeanga Catalin.Popeanga@enea.com 2014-10-09T12:24:53+00:00 ae653aed4c6b7d8075cd464edcd2e01237bfc105 Follow up bash42-049 to parse properly function definitions in the values of environment variables, to not allow remote attackers to execute arbitrary code or to cause a denial of service. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 (From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> 
Follow up bash42-049 to parse properly function definitions in the
values of environment variables, to not allow remote attackers to
execute arbitrary code or to cause a denial of service.

See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277

(From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa)

Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
bash: Fix for CVE-2014-7186 and CVE-2014-7187 2014-10-12T20:29:14+00:00 Catalin Popeanga Catalin.Popeanga@enea.com 2014-10-09T12:24:29+00:00 32818a104ae99a5795d91a2960d48d433d542dee This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187 (From OE-Core daisy rev: 153d1125659df9e5c09e35a58bd51be184cb13c1) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> 
This is a followup patch to incomplete CVE-2014-6271 fix code execution via
specially-crafted environment

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187

(From OE-Core daisy rev: 153d1125659df9e5c09e35a58bd51be184cb13c1)

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
bash: Fix for exported function namespace change 2014-10-12T20:29:14+00:00 Catalin Popeanga Catalin.Popeanga@enea.com 2014-10-09T12:23:24+00:00 998cd2c6dd3709ae0d47c845dff227680bda96f5 This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment This patch changes the encoding bash uses for exported functions to avoid clashes with shell variables and to avoid depending only on an environment variable's contents to determine whether or not to interpret it as a shell function. (From OE-Core daisy rev: 6c51cc96d03df26d1c10867633e7a10dfbec7c45) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> 
This is a followup patch to incomplete CVE-2014-6271 fix code execution via
specially-crafted environment

This patch changes the encoding bash uses for exported functions to avoid
clashes with shell variables and to avoid depending only on an environment
variable's contents to determine whether or not to interpret it as a shell
function.

(From OE-Core daisy rev: 6c51cc96d03df26d1c10867633e7a10dfbec7c45)

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>