CVE: CVE-2023-4692
Crafted file system images can cause heap-based buffer
overflow and may allow arbitrary code execution and secure boot bypass.
Upstream-Status: Backport
[https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea]
CVE: CVE-2023-4693
There an out-of-bounds read at fs/ntfs.c, a physically present attacker
may leverage that by presenting a specially crafted NTFS file system
image to read arbitrary memory locations. A successful attack may allow
sensitive data cached in memory or EFI variables values to be leaked
presenting a high Confidentiality risk.
Upstream-Status: Backport
[https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0ed2458cc4eff6d9a9199527e2a0b6d445802f94]
(From OE-Core rev: 51236150a3740d95e3601499d3918af5a37f8f86)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit: a8bc6f041599ce8da275c163c87f155a2f09369c)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This reverts commit b0d96ea432196800fedb45e6d1da44a3523fad63.
This caused failures on the build performance tests on the autobuilder.
(From OE-Core rev: c337b5a45d43eefee171e7043f70cf19e6eb2cce)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Sporadic errors have been observed in autobuilder when trying to store new
tests results:
error: failed to push some refs to 'push.yoctoproject.org:yocto-testresults'
hint: Updates were rejected because the tag already exists in the remote.
The new tag name is generated by gitarchive based on known tags from the
repository (learnt with git tag). In autobuilder case, this repository is a
shallow clone, so git tag only returns most recent tags, which mean we
could miss some older tags which exist in remote but not locally. In this
case, gitarchive will likely create a tag which already exists in remote,
and so will fail to push
Fix this tag duplication by using git ls-remote to learn about existing
tags instead of git tag. To do so, create a helper ("get_tags") which
manages both nominal case (target directory is a git repository with a
proper remote) and fallback case (target directory is not from a clone, no
remote has been configured)
Fixes [YOCTO #15140]
(From OE-Core rev: b0d96ea432196800fedb45e6d1da44a3523fad63)
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9cbbe9689866158825a7ae774b7965b41ff5c461)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This reverts commit 5a0a7da85a3acfd4a20a07478eabefdab60f313a.
This caused failres on the build performance tests on the autobuilder.
(cherry picked from commit cbfa57a982c0e633e41d3ea00543f87ad818c43a)
(From OE-Core rev: 1506737eae894310bb98a82cf43c91f4b17d5878)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
https://github.com/urllib3/urllib3/releases/tag/1.26.18
Major changes in python3-urllib3 1.26.18:
- Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (CVE-2023-45803)
(From OE-Core rev: 74da05b63634c248910594456dae286947f33da5)
Signed-off-by: Tan Wen Yan <wen.yan.tan@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The backported patch fixes the following warning:
systemd-vconsole-setup[221]: Failed to import credentials, ignoring: No such file or directory
(From OE-Core rev: 07c31cd6190476d9d9a4de750a30fe0fb3a93b21)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When using debug-btf.scc in a clean workspace, the CONFIG_MODULE_ALLOW_BTF_MISMATCH cannot
apply to kernel until clean the kernel code(bitbake linux-yocto -c cleanall) and rebuild.
After tracking the code, some options depend on CONFIG_PAHOLE_VERSION, it was generated by
scripts/pahole-version.sh in kernel, but during do_kernel_configme step, the pahole-native
is not available in sysroot-native, so need to wait pahole-native install to sysroot-native
before do_kernel_configme.
(cherry picked from commit 217a4db53edbd88001f6390bbff39e5dd3d137af)
(From OE-Core rev: b535bf84a03dca7ed3f54ef1d0bc9da78756a9d8)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We don't make do_cve_check depend on do_unpack because that would be a
waste of time 99% of the time. The compromise here is that we can't
scan remote patches for issues, but this isn't a problem so downgrade
the warning to a note.
Also move the check for CVEs in the filename before the local file check
so that even with remote patches, we still check for CVE references in
the name.
(From OE-Core rev: 4f21354c7204c3404326ddc243d02056387472d3)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0251cad677579f5b4dcc25fa2f8552c6040ac2cf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Occasionally the cve-check tool will warn that it is adding the same
package twice. Knowing what this package is might be the first step
towards understanding where this message comes from.
(From OE-Core rev: 7d7d1de6211b2813c1679bb9ce35289607d66c12)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c1179faec8583a8b7df192cf1cbf221f0e3001fc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The JSON report generated by the cve-check class is basically a huge
list of packages. This list of packages is, however, unsorted.
To make things easier for people comparing the JSON, or more
specifically for git when archiving the JSON over time in a git
repository, we can sort the list by package name.
(From OE-Core rev: e32b4655e79561dd9c38efdf99858372bde806b0)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e9861be0e5020830c2ecc24fd091f4f5b05da036)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This issue relates to a floating point exception in stress-test, which
is an unlikely security exploit at the best of times, but the test is
not installed so isn't relevant.
(From OE-Core rev: 3625bed6d7432091bfb144314b8ef979b5246e4c)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a36d62a06be6cce1a438f8f2178eb60aad6b7267)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Now that https://bugzilla.yoctoproject.org/show_bug.cgi?id=14481
is closed.
(From yocto-docs rev: 91a29ca94314c87fd3dc68601cd4932bdfffde35)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add the initial version of the section on vulnerability reports,
operations of the Security Team with a
transcription of https://wiki.yoctoproject.org/wiki/Security_private_reporting
(From yocto-docs rev: 763d66c72bf60dc06195acc6168a9535fdf7b302)
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Error occured while running bitbake on cephfs:
WARNING: The free inode of path is running low (-0.001K left)
ERROR: Immediately halt since the disk space monitor action is "HALT"!
(Bitbake rev: c7e094ec3beccef0bbbf67c100147c449d9c6836)
Signed-off-by: Samantha Jalabert <samantha.jalabert@syslinbit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Remove a reference to a web resource which is clearly marked as obsolete.
Replace the unnecessarily verbose note by just links to the mentioned tools.
[YOCTO #15233]
(From yocto-docs rev: f7e57707a08a9a86ea146722e481ef2e7f362277)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Recommended instead of the Yocto Project mirror, because expected
to be faster. Make sure you only set one such mirror.
(From yocto-docs rev: fbf020e19a47b4a4bf6c4f12ecabab6fce572d66)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
CC: richard.purdie@linuxfoundation.org
Signed-off-by: Steve Sakoman <steve@sakoman.com>
As discussed before with Richard Purdie, the code supports this but the documentation does not.
Developers in general will not notice this or focus on it because they do not mess with the
layer.conf template file, but in my opinion I think more details can help.
(From yocto-docs rev: 635b198dfeb8147728a610b710fbc8ce77859389)
Signed-off-by: Talel BELHAJSALEM <bhstalel@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
COMPATIBLE_MACHINE is used to forbid the use of a recipe or its packages
for a specific set of machines.
In some cases, it may make more sense to have the logic inverted and
have the recipe always forbidden except for hand-picked machines. Such
could be the case for pieces of software that only support some
architectures. In that scenario, it is sometimes a bit easier on the eye
and for maintenance to use the OVERRIDES mechanism but for that, a
default should be set.
COMPATIBLE_MACHINE:aarch64 = "^(aarch64)$"
COMPATIBLE_MACHINE:mips64 = "^(mips64)$"
wouldn't do much because if COMPATIBLE_MACHINE isn't set, the recipe is
assumed compatible and therefore, if no default is provided we enter
that case.
Hence, we need to add
COMPATIBLE_MACHINE = "^$"
as default so that it only matches the empty string, which isn't
possible for MACHINEOVERRIDES.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 051f868d1da1cbcd5726eb4c1e3f25946ce690e3)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Various aesthetic cleanups of section 1 of that manual, including:
* replace 'HOWTO' with manual
* add more examples of sdk-related images
* font fixes
(From yocto-docs rev: 55ce55247ab3238d69c165a01da1689158d8967a)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
PACKAGECONFIG's first and second flag value will be added to PACKAGECONFIG_CONFARGS
and then it will be added to the appropriate variable (EXTRA_OECMAKE, or ...)
So we need to only mention PACKAGECONFIG_CONFARGS and it will lead to other variables.
I added a custom example that can help understanding very well PACKAGECONFIG.
(From yocto-docs rev: 1bf0ac5c208d2d9609649bae681f37e3b4281c63)
Signed-off-by: Talel BELHAJSALEM <bhstalel@gmail.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Add missing parenthesis, and another example of a compressed patch filename.
(From yocto-docs rev: 3b770bd5699706f7b843d579cb6a8ba796a3e54e)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(From yocto-docs rev: 47980f9769b75b88a1525069b2c63c79515c4a31)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This script is not always called with /sbin and /usr/sbin in the PATH
already, for example when called via ssh. Explicitly set PATH to make
sure it includes /sbin and /usr/sbin since that's where start-stop-daemon
is located.
(From OE-Core rev: e9ca1405b732720ff72d379e0262a78bfd2e7d53)
Signed-off-by: Martijn de Gouw <martijn.de.gouw@prodrive-technologies.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fa53f898eaba15dff030f9eadf86e5bca7d954fa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The original solution replaced all overrides with the package name that
was being checked. This can have unforseen consequences where some
variable involved in defining the value for the PKG:<package> variable
may rely on some override which is not set as expected. It also meant
that any PKG variable set using an override would not be caught, e.g.,
PKG:${PN}:${MACHINE} = "${PN}-dev" (made up example that would always
fail with the old code).
(From OE-Core rev: 3fc3e55933716ce9cfa8b2e8e4cc8fa2e94a0061)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit de62d538dbfe6caf123ff366643f893077175583)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fix warnings from oe-selftest -j:
/usr/lib/python3.10/os.py:1030: RuntimeWarning: line buffering (buffering=1) isn't supported in binary mode, the default buffer size will be used
return io.open(fd, mode, buffering, encoding, *args, **kwargs)
Remove the option since it clearly doesn't do much.
(From OE-Core rev: bd487f92103acd7e97d7815c8c6e233932f6f1f1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6b872ee72942951fd464c4c6cb9eadcb9b4749c1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Debug message about using custom configuration file includes file name
with incorrect extension. Correct file name to "extlinux.conf".
(From OE-Core rev: bb063e8b461b8c3c0b5b6965f26a555781dc94b7)
Signed-off-by: Daniel Semkowicz <dse@thaumatec.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dd63e1520454b2d53a48b72eaae126059af9809b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The test results repository contains tags like:
master/64501-g65c94ca3196e5ef3344a469fea8e30444f2e967a/0
master/1-g65c94ca3196e5ef3344a469fea8e30444f2e967a/3
master/1-g65c94ca3196e5ef3344a469fea8e30444f2e967a/2
master/1-g65c94ca3196e5ef3344a469fea8e30444f2e967a/1
master/1-g65c94ca3196e5ef3344a469fea8e30444f2e967a/0
where the commit count is correct in one case and not in the others. This causes
assertion errors in the current code.
Add in some code to work around these historical issues where the commit counts are low.
(From OE-Core rev: 27c1ad02b9479f30ad8eacdee1cdad79cab5269d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit d51fc5c8c469730885af7bbde7122032de411d89)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The test above this removal correctly looks at symlinks however to
remove a symlink we should call unlink(), not remove(). This avoids
some build failures/tracebacks.
(From OE-Core rev: 830412641abe8c7a3ad5eb1709c8372c796a7760)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dbdb6e73b0f52bc5f9429aca47802d51edbbc834)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Operating systems limit the shebang to a maximum number of bytes.
This patch makes the shebang-size check count raw bytes instead of UTF-8 characters.
(From OE-Core rev: 76efaa1e177a5051cfec87f288c8c7372f142fe2)
Signed-off-by: Jan Garcia <j@n-garcia.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d4ac66c5cdaf971fb717cc5c5bf9aa51a787d412)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
* this caused liberation-font-native to depend on TUNE_PKGARCH target fontconfig
because ${MLPREFIX}fontconfig-utils is added to RDEPENDS in anonymous python
* the dependency tree for liberation-font-native got much shorter
(just quilt-native and liberation-font-native itself):
2 after/pn-buildlist
78 before/pn-buildlist
* fixes graphviz-native signature issue as well as detected with sstate-diff-machines.sh
$ bitbake-diffsigs \
sstate-after/mako/x86_64-linux/graphviz-native/8.1.0.do_populate_sysroot.sigdata.184d4fd355f1e7a2d7d929ef4b5f62b94e2071df9dd674b2067ec21bfc7bcc1b \
sstate-after/qemux86-64/x86_64-linux/graphviz-native/8.1.0.do_populate_sysroot.sigdata.35da674d2dbc275bac02869dfce4165466315023910bdef65a6026e2cb942a46
Hash for task dependency liberation-fonts-native:do_populate_sysroot changed from 310d3da04ad9abf8ee99997e53d1ffa71c2b7d9d60fb0e8de85171a9ab6a77d3 to 048420ad1410c2b8d95498fc3c11681207335a2c722836f1f3e683cc449814da
(From OE-Core rev: 7956db86a7377bc3afefcbbb6f92aae9161df715)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 998d4da9d89aea77dc0f2cbac60ea64258331756)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Replace "Accepted" by "Backport" as specified on
https://docs.yoctoproject.org/migration-guides/migration-3.2.html#miscellaneous-changes
(From OE-Core rev: 2d789678cf430683fc24995514414ddfe32c22b5)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 945f1106de1fc1b08921e05aa0f871092c2c116d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
