[hardknott][PATCH 00/28] review request

[hardknott][PATCH 00/28] review request

[Anuj Mittal]

Please review these changes for hardknott. Builds cleanly on autobuilder
except for two intermittent ptest failures in lttng-tools and parted.

Thanks,

Anuj

The following changes since commit 4c2c3d3b84d883b2f1ad94095187e6b5b39e663f:

  lttng-modules: update to v2.12.6 (2021-07-02 11:14:53 +0800)

are available in the Git repository at:

  git://push.openembedded.org/openembedded-core-contrib anujm/hardknott

Andrej Valek (1):
  busybox: add tmpdir option into mktemp applet

Asfak Rahman (1):
  openssh: Remove temporary keys before generating new ones

Bruce Ashfield (6):
  linux-yocto/5.10: update to v5.10.47
  linux-yocto/5.4: update to v5.4.129
  linux-yocto/5.10: scsi-debug needs scsi-disk
  linux-yocto-dev: base AUTOREV on specified version
  kernel-devsrc: fix scripts/prepare for ARM64
  kernel-devsrc: fix scripts prepare for powerpc

Changqing Li (2):
  libconvert-asn1-perl: fix CVE-2013-7488
  boost-build-native: workaround one rarely hang problem on fedora34

Florian Amstutz (1):
  devtool: deploy-target: Fix preserving attributes when using --strip

Kai Kang (1):
  rxvt-unicode: fix CVE-2021-33477

Khairul Rohaizzat Jamaluddin (2):
  curl: Fix CVE-2021-22898
  curl: Fix CVE-2021-22897

Marek Vasut (1):
  linux-firmware: Package RSI 911x WiFi firmware

Mingli Yu (1):
  perl: correct libpth and glibpth

Richard Purdie (7):
  oeqa/selftest/runcmd: Tweal test timeouts
  sstate/staging: Handle directory creation race issue
  oeqa/selftest/archiver: Allow tests to ignore empty directories
  runqemu: Remove potential lock races around tap device handling
  glibc-testsuite: Fix build failures when directly running recipe
  oeqa/selftest/multiprocesslauch: Fix test race
  dwarfsrcfiles: Avoid races over debug-link files

Vinay Kumar (1):
  binutils: Fix CVE-2021-20197

Wadim Egorov (1):
  xserver-xorg: Fix builds without glx

wangmy (2):
  go: upgrade 1.16.3 -> 1.16.4
  go: upgrade 1.16.4 -> 1.16.5

zhengruoqin (1):
  busybox: upgrade 1.33.0 -> 1.33.1

 meta/classes/kernel-yocto.bbclass             |  24 +++
 meta/classes/sstate.bbclass                   |   8 +-
 meta/classes/staging.bbclass                  |   6 +-
 meta/lib/oeqa/selftest/cases/archiver.py      |  16 +-
 meta/lib/oeqa/selftest/cases/oelib/utils.py   |   3 +-
 meta/lib/oeqa/selftest/cases/runcmd.py        |   4 +-
 .../openssh/openssh/sshd_check_keys           |   1 +
 ...ss_gunzip-Fix-DoS-if-gzip-is-corrupt.patch |  58 -----
 .../0001-mktemp-add-tmpdir-option.patch       |  81 +++++++
 .../{busybox_1.33.0.bb => busybox_1.33.1.bb}  |   8 +-
 .../glibc/glibc-testsuite_2.33.bb             |   1 +
 .../binutils/binutils-2.36.inc                |   3 +
 .../binutils/0001-CVE-2021-20197.patch        | 201 ++++++++++++++++++
 .../binutils/0002-CVE-2021-20197.patch        | 170 +++++++++++++++
 .../binutils/0003-CVE-2021-20197.patch        | 171 +++++++++++++++
 .../dwarfsrcfiles/files/dwarfsrcfiles.c       |  13 +-
 .../go/{go-1.16.3.inc => go-1.16.5.inc}       |   4 +-
 ...e_1.16.3.bb => go-binary-native_1.16.5.bb} |   4 +-
 ..._1.16.3.bb => go-cross-canadian_1.16.5.bb} |   0
 ...{go-cross_1.16.3.bb => go-cross_1.16.5.bb} |   0
 ...osssdk_1.16.3.bb => go-crosssdk_1.16.5.bb} |   0
 ...o-native_1.16.3.bb => go-native_1.16.5.bb} |   0
 ...runtime_1.16.3.bb => go-runtime_1.16.5.bb} |   0
 .../go/{go_1.16.3.bb => go_1.16.5.bb}         |   0
 meta/recipes-devtools/perl/perl_5.32.1.bb     |   2 +
 .../libconvert-asn1-perl/CVE-2013-7488.patch  |  35 +++
 .../perl/libconvert-asn1-perl_0.27.bb         |   3 +-
 ...nd-Makefile.am-fix-build-without-glx.patch |  46 ++++
 .../xorg-xserver/xserver-xorg_1.20.10.bb      |   1 +
 .../linux-firmware/linux-firmware_20210511.bb |  11 +
 meta/recipes-kernel/linux/kernel-devsrc.bb    |  22 +-
 .../linux/linux-yocto-rt_5.10.bb              |   6 +-
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.10.bb            |   8 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb |  24 +--
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 .../rxvt-unicode-fix-CVE-2021-33477.patch     |  33 +++
 .../rxvt-unicode/rxvt-unicode_9.22.bb         |   4 +-
 .../boost/boost-build-native_4.3.0.bb         |   2 +-
 .../curl/curl/CVE-2021-22897.patch            |  72 +++++++
 .../curl/curl/CVE-2021-22898.patch            |  32 +++
 meta/recipes-support/curl/curl_7.75.0.bb      |   2 +
 scripts/lib/devtool/deploy.py                 |   2 +-
 scripts/runqemu                               |  27 ++-
 45 files changed, 1006 insertions(+), 138 deletions(-)
 delete mode 100644 meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
 create mode 100644 meta/recipes-core/busybox/busybox/0001-mktemp-add-tmpdir-option.patch
 rename meta/recipes-core/busybox/{busybox_1.33.0.bb => busybox_1.33.1.bb} (92%)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch
 rename meta/recipes-devtools/go/{go-1.16.3.inc => go-1.16.5.inc} (88%)
 rename meta/recipes-devtools/go/{go-binary-native_1.16.3.bb => go-binary-native_1.16.5.bb} (83%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.16.3.bb => go-cross-canadian_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.16.3.bb => go-cross_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.16.3.bb => go-crosssdk_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-native_1.16.3.bb => go-native_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.16.3.bb => go-runtime_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go_1.16.3.bb => go_1.16.5.bb} (100%)
 create mode 100644 meta/recipes-extended/perl/libconvert-asn1-perl/CVE-2013-7488.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch
 create mode 100644 meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22897.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22898.patch

-- 
2.31.1

[hardknott][PATCH 01/28] oeqa/selftest/runcmd: Tweal test timeouts

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Load on the autobuilder meant we see occasionaly timeout issues with these tests.
Slightly increase the test timeouts to better reflect the real world timings we
see.

[YOCTO #14262]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fccd2ade0e345625ed9a4b74a7431b000ce2214f)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oeqa/selftest/cases/runcmd.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/lib/oeqa/selftest/cases/runcmd.py b/meta/lib/oeqa/selftest/cases/runcmd.py
index fa6113d7fa..e9612389fe 100644
--- a/meta/lib/oeqa/selftest/cases/runcmd.py
+++ b/meta/lib/oeqa/selftest/cases/runcmd.py
@@ -27,8 +27,8 @@ class RunCmdTests(OESelftestTestCase):
 
     # The delta is intentionally smaller than the timeout, to detect cases where
     # we incorrectly apply the timeout more than once.
-    TIMEOUT = 5
-    DELTA = 3
+    TIMEOUT = 10
+    DELTA = 8
 
     def test_result_okay(self):
         result = runCmd("true")
-- 
2.31.1

[hardknott][PATCH 02/28] sstate/staging: Handle directory creation race issue

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

The sstate code tries to be careful about racing around directory creation.
In particular, the copyhardlinktree code creates the directory tree first
allowing for "already exists" errors and ignoring them, then hardlinks the
files in.

Unfortunately the sstate removal code can race against this since it
will try and remove empty directories. If there is some bad timing,
a newly created directory can be removed before it was populated, leading
to build failures.

We could try and add locking but this would damage performance, we've been
there before. It is also unclear where to actually place locks just based on
the contents of a manifest file which may cover multiple sstate install
locations for a given task.

Instead, lets disable directory removal in the problematic "shared" core
path. This could result in a few more empty directories being left on disk
but those should be harmless and better than locking hurting performance
or rare build races.

[YOCTO #13999]
[YOCTO #14379]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4f94d9296394bc7ce241439f00df86eb5912875f)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/sstate.bbclass  | 8 +++++---
 meta/classes/staging.bbclass | 6 +++---
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass
index 3ab6328f91..2b5d94dd1f 100644
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -483,7 +483,7 @@ def sstate_clean_cachefiles(d):
         ss = sstate_state_fromvars(ld, task)
         sstate_clean_cachefile(ss, ld)
 
-def sstate_clean_manifest(manifest, d, prefix=None):
+def sstate_clean_manifest(manifest, d, canrace=False, prefix=None):
     import oe.path
 
     mfile = open(manifest)
@@ -501,7 +501,9 @@ def sstate_clean_manifest(manifest, d, prefix=None):
             if entry.endswith("/"):
                 if os.path.islink(entry[:-1]):
                     os.remove(entry[:-1])
-                elif os.path.exists(entry) and len(os.listdir(entry)) == 0:
+                elif os.path.exists(entry) and len(os.listdir(entry)) == 0 and not canrace:
+                    # Removing directories whilst builds are in progress exposes a race. Only
+                    # do it in contexts where it is safe to do so.
                     os.rmdir(entry[:-1])
             else:
                 os.remove(entry)
@@ -539,7 +541,7 @@ def sstate_clean(ss, d):
         for lock in ss['lockfiles']:
             locks.append(bb.utils.lockfile(lock))
 
-        sstate_clean_manifest(manifest, d)
+        sstate_clean_manifest(manifest, d, canrace=True)
 
         for lock in locks:
             bb.utils.unlockfile(lock)
diff --git a/meta/classes/staging.bbclass b/meta/classes/staging.bbclass
index 806a85773a..32a615c743 100644
--- a/meta/classes/staging.bbclass
+++ b/meta/classes/staging.bbclass
@@ -409,7 +409,7 @@ python extend_recipe_sysroot() {
         if os.path.islink(f) and not os.path.exists(f):
             bb.note("%s no longer exists, removing from sysroot" % f)
             lnk = os.readlink(f.replace(".complete", ""))
-            sstate_clean_manifest(depdir + "/" + lnk, d, workdir)
+            sstate_clean_manifest(depdir + "/" + lnk, d, canrace=True, prefix=workdir)
             os.unlink(f)
             os.unlink(f.replace(".complete", ""))
 
@@ -454,7 +454,7 @@ python extend_recipe_sysroot() {
             fl = depdir + "/" + l
             bb.note("Task %s no longer depends on %s, removing from sysroot" % (mytaskname, l))
             lnk = os.readlink(fl)
-            sstate_clean_manifest(depdir + "/" + lnk, d, workdir)
+            sstate_clean_manifest(depdir + "/" + lnk, d, canrace=True, prefix=workdir)
             os.unlink(fl)
             os.unlink(fl + ".complete")
 
@@ -475,7 +475,7 @@ python extend_recipe_sysroot() {
                 continue
             else:
                 bb.note("%s exists in sysroot, but is stale (%s vs. %s), removing." % (c, lnk, c + "." + taskhash))
-                sstate_clean_manifest(depdir + "/" + lnk, d, workdir)
+                sstate_clean_manifest(depdir + "/" + lnk, d, canrace=True, prefix=workdir)
                 os.unlink(depdir + "/" + c)
                 if os.path.lexists(depdir + "/" + c + ".complete"):
                     os.unlink(depdir + "/" + c + ".complete")
-- 
2.31.1

[hardknott][PATCH 03/28] devtool: deploy-target: Fix preserving attributes when using --strip

[Anuj Mittal]

From: Florian Amstutz <florian.amstutz@scs.ch>

Commit a2db4fa127a3347fc6df31f895fb0b552669119e added ${WORKDIR}/deploy-* to
PSEUDO_IGNORE_PATHS. This breaks the --strip mode since ${D} is copied to
deploy-target-stripped. Use the directory devtool-deploy-target-stripped
instead.

[YOCTO #14451]

Signed-off-by: Florian Amstutz <florian.amstutz@scs.ch>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 02661f20faf11d0fa2f1874bd423f5d9fa7a31c9)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 scripts/lib/devtool/deploy.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/lib/devtool/deploy.py b/scripts/lib/devtool/deploy.py
index e5af2c95ae..833322571f 100644
--- a/scripts/lib/devtool/deploy.py
+++ b/scripts/lib/devtool/deploy.py
@@ -168,7 +168,7 @@ def deploy(args, config, basepath, workspace):
         if args.strip and not args.dry_run:
             # Fakeroot copy to new destination
             srcdir = recipe_outdir
-            recipe_outdir = os.path.join(rd.getVar('WORKDIR'), 'deploy-target-stripped')
+            recipe_outdir = os.path.join(rd.getVar('WORKDIR'), 'devtool-deploy-target-stripped')
             if os.path.isdir(recipe_outdir):
                 bb.utils.remove(recipe_outdir, True)
             exec_fakeroot(rd, "cp -af %s %s" % (os.path.join(srcdir, '.'), recipe_outdir), shell=True)
-- 
2.31.1

[hardknott][PATCH 04/28] oeqa/selftest/archiver: Allow tests to ignore empty directories

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

If we tweak sstate to not remove empty directories under conditions
where a race could occur, we see failures from:

"oe-selftest -r archiver.Archiver.test_archiver_filters_by_type archiver.Archiver.test_archiver_filters_by_type_and_name"

since an empty directory is left behind. Update the tests to ignore
empty directories.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 10cda713faea9a348fd278137ac75e4a6d76a71c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oeqa/selftest/cases/archiver.py | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/meta/lib/oeqa/selftest/cases/archiver.py b/meta/lib/oeqa/selftest/cases/archiver.py
index ddd08ecf84..0194ae9f69 100644
--- a/meta/lib/oeqa/selftest/cases/archiver.py
+++ b/meta/lib/oeqa/selftest/cases/archiver.py
@@ -35,11 +35,11 @@ class Archiver(OESelftestTestCase):
         src_path = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['TARGET_SYS'])
 
         # Check that include_recipe was included
-        included_present = len(glob.glob(src_path + '/%s-*' % include_recipe))
+        included_present = len(glob.glob(src_path + '/%s-*/*' % include_recipe))
         self.assertTrue(included_present, 'Recipe %s was not included.' % include_recipe)
 
         # Check that exclude_recipe was excluded
-        excluded_present = len(glob.glob(src_path + '/%s-*' % exclude_recipe))
+        excluded_present = len(glob.glob(src_path + '/%s-*/*' % exclude_recipe))
         self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % exclude_recipe)
 
     def test_archiver_filters_by_type(self):
@@ -67,11 +67,11 @@ class Archiver(OESelftestTestCase):
         src_path_native = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['BUILD_SYS'])
 
         # Check that target_recipe was included
-        included_present = len(glob.glob(src_path_target + '/%s-*' % target_recipe))
+        included_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipe))
         self.assertTrue(included_present, 'Recipe %s was not included.' % target_recipe)
 
         # Check that native_recipe was excluded
-        excluded_present = len(glob.glob(src_path_native + '/%s-*' % native_recipe))
+        excluded_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipe))
         self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % native_recipe)
 
     def test_archiver_filters_by_type_and_name(self):
@@ -104,17 +104,17 @@ class Archiver(OESelftestTestCase):
         src_path_native = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['BUILD_SYS'])
 
         # Check that target_recipe[0] and native_recipes[1] were included
-        included_present = len(glob.glob(src_path_target + '/%s-*' % target_recipes[0]))
+        included_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipes[0]))
         self.assertTrue(included_present, 'Recipe %s was not included.' % target_recipes[0])
 
-        included_present = len(glob.glob(src_path_native + '/%s-*' % native_recipes[1]))
+        included_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipes[1]))
         self.assertTrue(included_present, 'Recipe %s was not included.' % native_recipes[1])
 
         # Check that native_recipes[0] and target_recipes[1] were excluded
-        excluded_present = len(glob.glob(src_path_native + '/%s-*' % native_recipes[0]))
+        excluded_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipes[0]))
         self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % native_recipes[0])
 
-        excluded_present = len(glob.glob(src_path_target + '/%s-*' % target_recipes[1]))
+        excluded_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipes[1]))
         self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % target_recipes[1])
 
 
-- 
2.31.1

[hardknott][PATCH 05/28] openssh: Remove temporary keys before generating new ones

[Anuj Mittal]

From: Asfak Rahman <asfakr@outlook.com>

Key generation may wait for user input, due to the existence of
temporary keys resulting from power interruption in the first boot.
This prevents users from login via ssh.

Signed-off-by: Asfak Rahman <asfakr@outlook.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3196249a6917a32491be56e70bbf26d3b9818e0e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-connectivity/openssh/openssh/sshd_check_keys | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
index 1931dc7153..ef117de897 100644
--- a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
+++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
@@ -6,6 +6,7 @@ generate_key() {
     local DIR="$(dirname "$FILE")"
 
     mkdir -p "$DIR"
+    rm -f ${FILE}.tmp
     ssh-keygen -q -f "${FILE}.tmp" -N '' -t $TYPE
 
     # Atomically rename file public key
-- 
2.31.1

[hardknott][PATCH 06/28] linux-yocto/5.10: update to v5.10.47

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.10 to the latest korg -stable release that comprises
the following commits:

    4357ae26d4cd Linux 5.10.47
    1573d595e239 integrity: Load mokx variables into the blacklist keyring
    c6ae6f89fc4f certs: Add ability to preload revocation certs
    72d6f5d982f0 certs: Move load_system_certificate_list to a common function
    45109066f686 certs: Add EFI_CERT_X509_GUID support for dbx entries
    0ba128fa68a4 Revert "drm: add a locked version of drm_is_current_master"
    0463b49e0239 netfs: fix test for whether we can skip read when writing beyond EOF
    e6108147dd91 swiotlb: manipulate orig_addr when tlb_addr has offset
    7570a8b5dd49 KVM: SVM: Call SEV Guest Decommission if ASID binding fails
    377a796e7a71 mm, futex: fix shared futex pgoff on shmem huge page
    ab9d178167ea mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
    915c3a262c49 mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
    90073aecc3cc mm: page_vma_mapped_walk(): get vma_address_end() earlier
    bf60fc2314b9 mm: page_vma_mapped_walk(): use goto instead of while (1)
    9f85dcaf1533 mm: page_vma_mapped_walk(): add a level of indentation
    e56bdb397663 mm: page_vma_mapped_walk(): crossing page table boundary
    8dc191ed9c5f mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
    7b55a4bcfccf mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
    1cb0b9059f9e mm: page_vma_mapped_walk(): settle PageHuge on entry
    65febb41b4d6 mm: page_vma_mapped_walk(): use page for pvmw->page
    825c28052b4d mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
    0010275ca243 mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
    38cda6b5ab83 mm/thp: fix page_address_in_vma() on file THP tails
    37ffe9f4d7ff mm/thp: fix vma_address() if virtual address below file offset
    66be14a92609 mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
    6527d8ef68c3 mm/thp: make is_huge_zero_pmd() safe and quicker
    a8f4ea1d38ac mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
    32f954e961ca mm, thp: use head page in __migration_entry_wait()
    bfd90b56d7f6 mm/rmap: use page_not_mapped in try_to_unmap()
    ff81af8259bb mm/rmap: remove unneeded semicolon in page_not_mapped()
    a0ad7ea018e7 mm: add VM_WARN_ON_ONCE_PAGE() macro
    130a1d76ee0b x86/fpu: Make init_fpstate correct with optimized XSAVE
    51d8011782ed x86/fpu: Preserve supervisor states in sanitize_restored_user_xstate()
    2b35a4eaaaae kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync()
    bfe28af78a20 kthread_worker: split code for canceling the delayed work timer
    02c303f3b9fb ceph: must hold snap_rwsem when filling inode for async create
    de0af2651daa i2c: robotfuzz-osif: fix control-request directions
    dd8ed6c9bc22 KVM: do not allow mapping valid but non-reference-counted pages
    5fd0c2cf7b11 s390/stack: fix possible register corruption with stack switch helper
    ab5bef978038 nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
    ace31c91fd59 scsi: sd: Call sd_revalidate_disk() for ioctl(BLKRRPART)
    b9e6c20d4c9d gpiolib: cdev: zero padding during conversion to gpioline_info_changed
    0221a5a4db46 i2c: i801: Ensure that SMBHSTSTS_INUSE_STS is cleared when leaving i801_access
    018d03fcf77a pinctrl: stm32: fix the reported number of GPIO lines per bank
    df654cd3d300 perf/x86: Track pmu in per-CPU cpu_hw_events
    f9e73b2967f6 net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY
    1c9cf96f5652 net: ll_temac: Add memory-barriers for TX BD access
    bafb6cdd4f70 PCI: Add AMD RS690 quirk to enable 64-bit DMA
    d91c50e6a678 recordmcount: Correct st_shndx handling
    fb71d81ccd69 mac80211: handle various extensible elements correctly
    676a7cb1a96b mac80211: reset profile_periodicity/ema_ap
    ca0e1fefbb53 net: qed: Fix memcpy() overflow of qed_dcbx_params()
    4658a8d30791 KVM: selftests: Fix kvm_check_cap() assertion
    e83e3c5d85a7 r8169: Avoid memcpy() over-reading of ETH_SS_STATS
    992b105abf57 sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS
    a10856ea6066 r8152: Avoid memcpy() over-reading of ETH_SS_STATS
    196b22ef6cd1 net/packet: annotate accesses to po->ifindex
    da8b3aeff4ad net/packet: annotate accesses to po->bind
    18ed1789bbce net: caif: fix memory leak in ldisc_open
    edcd7594ada9 riscv32: Use medany C model for modules
    47c07f919fab net: phy: dp83867: perform soft reset and retain established link
    f57132a887ea net/packet: annotate data race in packet_sendmsg()
    9707960ecfdc inet: annotate date races around sk->sk_txhash
    7293f63b7b62 net: annotate data race in sock_error()
    61b132f67c0d ping: Check return value of function 'ping_queue_rcv_skb'
    08c389de6d53 inet: annotate data race in inet_send_prepare() and inet_dgram_connect()
    c2311fd6de78 net: ethtool: clear heap allocations for ethtool function
    c2813d1966ba mac80211: drop multicast fragments
    fedc4d4f548c net: ipv4: Remove unneed BUG() function
    93c2aac13b08 dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma
    0f48f9277182 dmaengine: mediatek: do not issue a new desc if one is still current
    63fa5b2d4b55 dmaengine: mediatek: free the proper desc in desc_free handler
    78fa0f707d73 dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe()
    6a07cf36064a cfg80211: call cfg80211_leave_ocb when switching away from OCB
    a9028333001f mac80211_hwsim: drop pending frames on stop
    8cfe765afd5a mac80211: remove warning in ieee80211_get_sband()
    b671b9816982 dmaengine: xilinx: dpdma: Limit descriptor IDs to 16 bits
    524f70b30ef8 dmaengine: xilinx: dpdma: Add missing dependencies to Kconfig
    13b245a7bd59 dmaengine: stm32-mdma: fix PM reference leak in stm32_mdma_alloc_chan_resourc()
    86f3e72dcb72 dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc()
    4df9ed0edb9f perf/x86/intel/lbr: Zero the xstate buffer on allocation
    56bc20e5fc64 perf/x86/lbr: Remove cpuc->lbr_xsave allocation from atomic context
    ca2acbd5483f locking/lockdep: Improve noinstr vs errors
    59aa5c91f863 x86/xen: Fix noinstr fail in exc_xen_unknown_trap()
    cb83c99cf675 x86/entry: Fix noinstr fail in __do_fast_syscall_32()
    cf5935487594 drm/vc4: hdmi: Make sure the controller is powered in detect
    f73aca83fd83 drm/vc4: hdmi: Move the HSM clock enable to runtime_pm
    f11f9ff8a7c9 Revert "PCI: PM: Do not read power state in pci_enable_device_flags()"
    4b06ebab4a82 spi: spi-nxp-fspi: move the register operation after the clock enable
    50a1312a29d1 arm64: Force NO_BLOCK_MAPPINGS if crashkernel reservation is required
    bd5d4df4dcc1 arm64: Ignore any DMA offsets in the max_zone_phys() calculation
    3bbdf5a6fcd2 MIPS: generic: Update node names to avoid unit addresses
    03096a46019e mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
    b8fd230ae085 ARM: 9081/1: fix gcc-10 thumb2-kernel regression
    3d6c4f78ec61 drm/amdgpu: wait for moving fence after pinning
    694bb36aa75d drm/radeon: wait for moving fence after pinning
    bcfea2412f4b drm/nouveau: wait for moving fence after pinning v2
    3ef0ca0ec995 drm: add a locked version of drm_is_current_master
    fea853aca321 Revert "drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell."
    1bd81429d53d Revert "drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue."
    3051f230f19f module: limit enabling module.sig_enforce

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a2616c36cf3398ac81db0a479c45686769903159)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.10.bb              |  6 ++---
 .../linux/linux-yocto-tiny_5.10.bb            |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +++++++++----------
 3 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
index f511f233b6..1c5bb9753c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "4a59bc57b2be77da9394b10eb37067da7d63b7a4"
-SRCREV_meta ?= "b969f83647833d21d8826c4667492f58895213c3"
+SRCREV_machine ?= "42032770803ba26765376967cef09945f48abe04"
+SRCREV_meta ?= "c96c799ca3e63c0ca17e05843d3f8e7e0d6dfb31"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.10.46"
+LINUX_VERSION ?= "5.10.47"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
index f5ade2992c..bdc49fb9e2 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.10.46"
+LINUX_VERSION ?= "5.10.47"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "dd1f9602f3e4e9dc177421ba12ce073ad2099a58"
-SRCREV_machine ?= "139fe7d68413054f850e206ab749f97a968867a8"
-SRCREV_meta ?= "b969f83647833d21d8826c4667492f58895213c3"
+SRCREV_machine_qemuarm ?= "eaad1adbc817d996edf44fdd520da4810e57e66d"
+SRCREV_machine ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
+SRCREV_meta ?= "c96c799ca3e63c0ca17e05843d3f8e7e0d6dfb31"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
index dd4aef7f89..abe837c2f4 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
@@ -13,17 +13,17 @@ KBRANCH_qemux86  ?= "v5.10/standard/base"
 KBRANCH_qemux86-64 ?= "v5.10/standard/base"
 KBRANCH_qemumips64 ?= "v5.10/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "17e89ca08f67fdcbaf0a3ae4c429602f76463923"
-SRCREV_machine_qemuarm64 ?= "139fe7d68413054f850e206ab749f97a968867a8"
-SRCREV_machine_qemumips ?= "bdcaaee7b7ce0e865670a2cee55b1974eb67357b"
-SRCREV_machine_qemuppc ?= "139fe7d68413054f850e206ab749f97a968867a8"
-SRCREV_machine_qemuriscv64 ?= "139fe7d68413054f850e206ab749f97a968867a8"
-SRCREV_machine_qemuriscv32 ?= "139fe7d68413054f850e206ab749f97a968867a8"
-SRCREV_machine_qemux86 ?= "139fe7d68413054f850e206ab749f97a968867a8"
-SRCREV_machine_qemux86-64 ?= "139fe7d68413054f850e206ab749f97a968867a8"
-SRCREV_machine_qemumips64 ?= "2f11a726a60ad9e8a48de6bc2101a993b461e8d1"
-SRCREV_machine ?= "139fe7d68413054f850e206ab749f97a968867a8"
-SRCREV_meta ?= "b969f83647833d21d8826c4667492f58895213c3"
+SRCREV_machine_qemuarm ?= "8950bba5dc5b6139af3711cf82b6c35ea3ef873f"
+SRCREV_machine_qemuarm64 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
+SRCREV_machine_qemumips ?= "271e6f3b206246da2937788d83c3b4e57cb33da0"
+SRCREV_machine_qemuppc ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
+SRCREV_machine_qemuriscv64 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
+SRCREV_machine_qemuriscv32 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
+SRCREV_machine_qemux86 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
+SRCREV_machine_qemux86-64 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
+SRCREV_machine_qemumips64 ?= "1112c8f8594df02dd6f2bd1cf13848536ca3f536"
+SRCREV_machine ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
+SRCREV_meta ?= "c96c799ca3e63c0ca17e05843d3f8e7e0d6dfb31"
 
 # remap qemuarm to qemuarma15 for the 5.8 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -32,7 +32,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.10.46"
+LINUX_VERSION ?= "5.10.47"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.31.1

[hardknott][PATCH 07/28] linux-yocto/5.4: update to v5.4.129

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    82ffbc138a1f Linux 5.4.129
    9011aaab90b8 certs: Move load_system_certificate_list to a common function
    e20b90e4f81b certs: Add EFI_CERT_X509_GUID support for dbx entries
    06ab9df09eb3 x86/efi: move common keyring handler functions to new file
    ac7d3f554472 certs: Add wrapper function to check blacklisted binary hash
    61168eafe024 mm, futex: fix shared futex pgoff on shmem huge page
    a33b70d62552 mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
    e045e9e79d2a mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
    037a1d67d236 mm: page_vma_mapped_walk(): get vma_address_end() earlier
    fa89d536948a mm: page_vma_mapped_walk(): use goto instead of while (1)
    a499febd9935 mm: page_vma_mapped_walk(): add a level of indentation
    b1783bf8c8e4 mm: page_vma_mapped_walk(): crossing page table boundary
    80b2270a14b8 mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
    ef161ccaca70 mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
    4961160272b7 mm: page_vma_mapped_walk(): settle PageHuge on entry
    52e2b20fb5e4 mm: page_vma_mapped_walk(): use page for pvmw->page
    82ee7326af7a mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
    bd4389215227 mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
    b767134ec30a mm/thp: fix page_address_in_vma() on file THP tails
    41432a8a6776 mm/thp: fix vma_address() if virtual address below file offset
    4b0a34e222e5 mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
    bd092a0f1942 mm/thp: make is_huge_zero_pmd() safe and quicker
    4c37d7f269f8 mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
    7ce4b73d349b mm, thp: use head page in __migration_entry_wait()
    68ce37ebe0f2 mm/rmap: use page_not_mapped in try_to_unmap()
    432b61863ac7 mm/rmap: remove unneeded semicolon in page_not_mapped()
    cfe575954ddd mm: add VM_WARN_ON_ONCE_PAGE() macro
    42f11f0fe977 kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync()
    06ab015d1849 kthread_worker: split code for canceling the delayed work timer
    d77c9c8537db i2c: robotfuzz-osif: fix control-request directions
    bb85717e3797 KVM: do not allow mapping valid but non-reference-counted pages
    d6f751ecccfb nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
    702acfcbfa68 pinctrl: stm32: fix the reported number of GPIO lines per bank
    76c10e10ba7b net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY
    aa00b9780482 net: ll_temac: Add memory-barriers for TX BD access
    d807b93f9bca PCI: Add AMD RS690 quirk to enable 64-bit DMA
    5830f2081d98 recordmcount: Correct st_shndx handling
    70866199220e net: qed: Fix memcpy() overflow of qed_dcbx_params()
    b7168ec176fd KVM: selftests: Fix kvm_check_cap() assertion
    58687d143515 r8169: Avoid memcpy() over-reading of ETH_SS_STATS
    cb4a2e4e224a sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS
    97e0102e1824 r8152: Avoid memcpy() over-reading of ETH_SS_STATS
    f12a5b48bcc8 net/packet: annotate accesses to po->ifindex
    cdcedd3c8683 net/packet: annotate accesses to po->bind
    343406f9c198 net: caif: fix memory leak in ldisc_open
    8707ce86e927 net: phy: dp83867: perform soft reset and retain established link
    9f2d04dfb3c4 inet: annotate date races around sk->sk_txhash
    d40ff07a7b7d ping: Check return value of function 'ping_queue_rcv_skb'
    9df4f031536b net: ethtool: clear heap allocations for ethtool function
    62aed2df294a mac80211: drop multicast fragments
    eb2b1216bc8f net: ipv4: Remove unneed BUG() function
    e0c950d2fddb dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma
    f7b1926c7c5d dmaengine: mediatek: do not issue a new desc if one is still current
    3d995587c3ea dmaengine: mediatek: free the proper desc in desc_free handler
    c09af3877b53 dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe()
    f2c027a7750f cfg80211: call cfg80211_leave_ocb when switching away from OCB
    78bf3c613148 mac80211_hwsim: drop pending frames on stop
    ae9de9444b54 mac80211: remove warning in ieee80211_get_sband()
    0e486713779a dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc()
    456367b24190 Revert "PCI: PM: Do not read power state in pci_enable_device_flags()"
    1442186236ad spi: spi-nxp-fspi: move the register operation after the clock enable
    7bc73260c4b1 MIPS: generic: Update node names to avoid unit addresses
    0855fe6d8835 arm64: link with -z norelro for LLD or aarch64-elf
    3173390b8dbc kbuild: add CONFIG_LD_IS_LLD
    3450f5eb8c9e mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
    48a5449c0be1 ARM: 9081/1: fix gcc-10 thumb2-kernel regression
    4a8e89e0fd0b drm/radeon: wait for moving fence after pinning
    4577708b2a22 drm/nouveau: wait for moving fence after pinning v2
    c77c617e26e2 Revert "drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell."
    6bd0da6c9b12 Revert "drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue."
    e2dc07ca4e01 module: limit enabling module.sig_enforce

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d621feee60e71bea68c853626e74669b9d953346)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 3e97058f68..7a4267531f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "f3ac47f313e4ce608b3567c006f61d1d8b820ae2"
-SRCREV_meta ?= "78949176d073f5cf04c9e0c4be699e39528f2880"
+SRCREV_machine ?= "c86c4081f4764f57bbb26df8a9202c01799c3771"
+SRCREV_meta ?= "c5e5dc4e13bd4882a8ed96b8026e6fd268b68f8a"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.128"
+LINUX_VERSION ?= "5.4.129"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 2eb5ebdbbd..5d487ac23f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.128"
+LINUX_VERSION ?= "5.4.129"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "987d6fd6c916297cde5cc7e988c28ef1e458f1cf"
-SRCREV_machine ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011"
-SRCREV_meta ?= "78949176d073f5cf04c9e0c4be699e39528f2880"
+SRCREV_machine_qemuarm ?= "ca636d1a2ccbb2626c4eacbdb0da2c30654b108c"
+SRCREV_machine ?= "d46f8ecb3f81bdba8131b90dc90174ecb36a1b78"
+SRCREV_meta ?= "c5e5dc4e13bd4882a8ed96b8026e6fd268b68f8a"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 5a7e9f0a35..94605b3942 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "69874edb0838e4d26002a8d30e14a5e1b355e397"
-SRCREV_machine_qemuarm64 ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011"
-SRCREV_machine_qemumips ?= "1bfafb3ce048d4a30aca35e847168855980f5dbc"
-SRCREV_machine_qemuppc ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011"
-SRCREV_machine_qemuriscv64 ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011"
-SRCREV_machine_qemux86 ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011"
-SRCREV_machine_qemux86-64 ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011"
-SRCREV_machine_qemumips64 ?= "2a0ea1bced3f4b8ebebb19debc19b7930a4924a8"
-SRCREV_machine ?= "befa5fba9b9f972f68acc891f2ca143d6b3e4011"
-SRCREV_meta ?= "78949176d073f5cf04c9e0c4be699e39528f2880"
+SRCREV_machine_qemuarm ?= "dfb964733268c1e6f932900a384a793a0ca8de34"
+SRCREV_machine_qemuarm64 ?= "7d3eac73a6edc8fdcd701bbb0aa8c21030eb2027"
+SRCREV_machine_qemumips ?= "a40b68f2f4be601dfe020940ad29ac894cc31298"
+SRCREV_machine_qemuppc ?= "a3258c8b1690ecfa620eae9552a75cec9224ecd4"
+SRCREV_machine_qemuriscv64 ?= "e211c039dcd85ad2d4c1f1a70909d0eefef49778"
+SRCREV_machine_qemux86 ?= "e211c039dcd85ad2d4c1f1a70909d0eefef49778"
+SRCREV_machine_qemux86-64 ?= "e211c039dcd85ad2d4c1f1a70909d0eefef49778"
+SRCREV_machine_qemumips64 ?= "dded4f6e58cd90c7333b5257c9327e5e30f78e26"
+SRCREV_machine ?= "e211c039dcd85ad2d4c1f1a70909d0eefef49778"
+SRCREV_meta ?= "c5e5dc4e13bd4882a8ed96b8026e6fd268b68f8a"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.128"
+LINUX_VERSION ?= "5.4.129"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.31.1

[hardknott][PATCH 08/28] linux-yocto/5.10: scsi-debug needs scsi-disk

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

It was pointed out that the default scsi-debug feature didn't behave
the same as other distros, since it doesn't have disk supporrt enabled.
We already have a disk.cfg for scsi so we include it into the debug
fragment to get the support we want.

Integrating the following commit(s) to linux-yocto/.:

    66a4b5fc619 scsi: debug needs disk support

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8c3ca417a7e9e3c670f1cbff2352c8761b60caff)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
index 1c5bb9753c..e0d8280128 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "42032770803ba26765376967cef09945f48abe04"
-SRCREV_meta ?= "c96c799ca3e63c0ca17e05843d3f8e7e0d6dfb31"
+SRCREV_meta ?= "82899c6a7119b9668be9ae508159f5ac96554cc2"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
index bdc49fb9e2..6b71573a39 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "eaad1adbc817d996edf44fdd520da4810e57e66d"
 SRCREV_machine ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_meta ?= "c96c799ca3e63c0ca17e05843d3f8e7e0d6dfb31"
+SRCREV_meta ?= "82899c6a7119b9668be9ae508159f5ac96554cc2"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
index abe837c2f4..0315808989 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
@@ -23,7 +23,7 @@ SRCREV_machine_qemux86 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
 SRCREV_machine_qemux86-64 ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
 SRCREV_machine_qemumips64 ?= "1112c8f8594df02dd6f2bd1cf13848536ca3f536"
 SRCREV_machine ?= "52bcc5b2342739bbfc8fc385d151616883c4425c"
-SRCREV_meta ?= "c96c799ca3e63c0ca17e05843d3f8e7e0d6dfb31"
+SRCREV_meta ?= "82899c6a7119b9668be9ae508159f5ac96554cc2"
 
 # remap qemuarm to qemuarma15 for the 5.8 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.31.1

[hardknott][PATCH 09/28] linux-firmware: Package RSI 911x WiFi firmware

[Anuj Mittal]

From: Marek Vasut <marex@denx.de>

The RSI 911x WiFi firmware is already part of the linux-firmware
repository, package it to make it easily available.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cc44b71f6ea68ca0f483d635df7dc7b9905b1593)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux-firmware/linux-firmware_20210511.bb         | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb
index ed6e78175a..26091fba70 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20210511.bb
@@ -229,6 +229,7 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \
              ${PN}-sd8887 ${PN}-sd8897 ${PN}-sd8997 ${PN}-usb8997 \
              ${PN}-ti-connectivity-license ${PN}-wlcommon ${PN}-wl12xx ${PN}-wl18xx \
              ${PN}-vt6656-license ${PN}-vt6656 \
+             ${PN}-rs9113 ${PN}-rs9116 \
              ${PN}-rtl-license ${PN}-rtl8188 ${PN}-rtl8192cu ${PN}-rtl8192ce ${PN}-rtl8192su ${PN}-rtl8723 ${PN}-rtl8821 \
              ${PN}-rtl8168 \
              ${PN}-cypress-license \
@@ -529,6 +530,16 @@ RDEPENDS_${PN}-nvidia-gpu += "${PN}-nvidia-license"
 RDEPENDS_${PN}-nvidia-tegra += "${PN}-nvidia-license"
 RDEPENDS_${PN}-nvidia-tegra-k1 += "${PN}-nvidia-license"
 
+# For RSI RS911x WiFi
+LICENSE_${PN}-rs9113 = "WHENCE"
+LICENSE_${PN}-rs9116 = "WHENCE"
+
+FILES_${PN}-rs9113 = " ${nonarch_base_libdir}/firmware/rsi/rs9113*.rps "
+FILES_${PN}-rs9116 = " ${nonarch_base_libdir}/firmware/rsi/rs9116*.rps "
+
+RDEPENDS_${PN}-rs9113 += "${PN}-whence-license"
+RDEPENDS_${PN}-rs9116 += "${PN}-whence-license"
+
 # For rtl
 LICENSE_${PN}-rtl8188 = "Firmware-rtlwifi_firmware"
 LICENSE_${PN}-rtl8192cu = "Firmware-rtlwifi_firmware"
-- 
2.31.1

[hardknott][PATCH 10/28] libconvert-asn1-perl: fix CVE-2013-7488

[Anuj Mittal]

From: Changqing Li <changqing.li@windriver.com>

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../libconvert-asn1-perl/CVE-2013-7488.patch  | 35 +++++++++++++++++++
 .../perl/libconvert-asn1-perl_0.27.bb         |  3 +-
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-extended/perl/libconvert-asn1-perl/CVE-2013-7488.patch

diff --git a/meta/recipes-extended/perl/libconvert-asn1-perl/CVE-2013-7488.patch b/meta/recipes-extended/perl/libconvert-asn1-perl/CVE-2013-7488.patch
new file mode 100644
index 0000000000..d0aca65393
--- /dev/null
+++ b/meta/recipes-extended/perl/libconvert-asn1-perl/CVE-2013-7488.patch
@@ -0,0 +1,35 @@
+From 8070c6a4931801b6550c79c5766dfd3a99976036 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 8 Jul 2021 14:48:36 +0800
+Subject: [PATCH] Merge pull request #15 from danaj/danaj/unsafe-decoding
+
+Upstream-Status: Backport[https://github.com/gbarr/perl-Convert-ASN1/commit/108e784417db7893f348c381c837537c3bd39373]
+CVE: CVE-2013-7488
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ lib/Convert/ASN1/_decode.pm | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/Convert/ASN1/_decode.pm b/lib/Convert/ASN1/_decode.pm
+index cd173f9..495e1bf 100644
+--- a/lib/Convert/ASN1/_decode.pm
++++ b/lib/Convert/ASN1/_decode.pm
+@@ -683,12 +683,14 @@ sub _scan_indef {
+       $pos += 2;
+       next;
+     }
++    return if $pos >= $end;
+ 
+     my $tag = substr($_[0], $pos++, 1);
+ 
+     if((unpack("C",$tag) & 0x1f) == 0x1f) {
+       my $b;
+       do {
++        return if $pos >= $end;
+ 	$tag .= substr($_[0],$pos++,1);
+ 	$b = ord substr($tag,-1);
+       } while($b & 0x80);
+-- 
+2.17.1
+
diff --git a/meta/recipes-extended/perl/libconvert-asn1-perl_0.27.bb b/meta/recipes-extended/perl/libconvert-asn1-perl_0.27.bb
index 409a8f3896..8ec96860ad 100644
--- a/meta/recipes-extended/perl/libconvert-asn1-perl_0.27.bb
+++ b/meta/recipes-extended/perl/libconvert-asn1-perl_0.27.bb
@@ -5,7 +5,8 @@ DESCRIPTION = "Convert::ASN1 is a perl library for encoding/decoding data using
 LICENSE = "Artistic-1.0 | GPL-1.0+"
 LIC_FILES_CHKSUM = "file://README.md;beginline=91;endline=97;md5=ceff7fd286eb6d8e8e0d3d23e096a63f"
 
-SRC_URI = "http://search.cpan.org/CPAN/authors/id/G/GB/GBARR/Convert-ASN1-${PV}.tar.gz"
+SRC_URI = "http://search.cpan.org/CPAN/authors/id/G/GB/GBARR/Convert-ASN1-${PV}.tar.gz \
+           file://CVE-2013-7488.patch"
 
 SRC_URI[md5sum] = "68723e96be0b258a9e20480276e8a62c"
 SRC_URI[sha256sum] = "74a4a78ae0c5e973100ac0a8f203a110f76fb047b79dae4fc1fd7d6814d3d58a"
-- 
2.31.1

[hardknott][PATCH 11/28] busybox: upgrade 1.33.0 -> 1.33.1

[Anuj Mittal]

From: zhengruoqin <zhengrq.fnst@fujitsu.com>

0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
removed since it is included in 1.33.1

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 544236b12a72ee5be5ef0147249ead112082b871)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 ...ss_gunzip-Fix-DoS-if-gzip-is-corrupt.patch | 58 -------------------
 .../{busybox_1.33.0.bb => busybox_1.33.1.bb}  |  3 +-
 2 files changed, 1 insertion(+), 60 deletions(-)
 delete mode 100644 meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
 rename meta/recipes-core/busybox/{busybox_1.33.0.bb => busybox_1.33.1.bb} (92%)

diff --git a/meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch b/meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
deleted file mode 100644
index 67c9f189cc..0000000000
--- a/meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From fe791386ebc270219ca00406c9fdadc5130b64ee Mon Sep 17 00:00:00 2001
-From: Samuel Sapalski <samuel.sapalski@nokia.com>
-Date: Wed, 3 Mar 2021 16:31:22 +0100
-Subject: [PATCH] decompress_gunzip: Fix DoS if gzip is corrupt
-
-On certain corrupt gzip files, huft_build will set the error bit on
-the result pointer. If afterwards abort_unzip is called huft_free
-might run into a segmentation fault or an invalid pointer to
-free(p).
-
-In order to mitigate this, we check in huft_free if the error bit
-is set and clear it before the linked list is freed.
-
-Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
-Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-
-Upstream-Status: Backport
-CVE: CVE-2021-28831
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- archival/libarchive/decompress_gunzip.c | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/archival/libarchive/decompress_gunzip.c b/archival/libarchive/decompress_gunzip.c
-index eb3b64930..e93cd5005 100644
---- a/archival/libarchive/decompress_gunzip.c
-+++ b/archival/libarchive/decompress_gunzip.c
-@@ -220,10 +220,20 @@ static const uint8_t border[] ALIGN1 = {
-  * each table.
-  * t: table to free
-  */
-+#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
-+#define ERR_RET     ((huft_t*)(uintptr_t)1)
- static void huft_free(huft_t *p)
- {
- 	huft_t *q;
- 
-+	/*
-+	 * If 'p' has the error bit set we have to clear it, otherwise we might run
-+	 * into a segmentation fault or an invalid pointer to free(p)
-+	 */
-+	if (BAD_HUFT(p)) {
-+		p = (huft_t*)((uintptr_t)(p) ^ (uintptr_t)(ERR_RET));
-+	}
-+
- 	/* Go through linked list, freeing from the malloced (t[-1]) address. */
- 	while (p) {
- 		q = (--p)->v.t;
-@@ -289,8 +299,6 @@ static unsigned fill_bitbuffer(STATE_PARAM unsigned bitbuffer, unsigned *current
-  * or a valid pointer to a Huffman table, ORed with 0x1 if incompete table
-  * is given: "fixed inflate" decoder feeds us such data.
-  */
--#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
--#define ERR_RET     ((huft_t*)(uintptr_t)1)
- static huft_t* huft_build(const unsigned *b, const unsigned n,
- 			const unsigned s, const struct cp_ext *cp_ext,
- 			unsigned *m)
diff --git a/meta/recipes-core/busybox/busybox_1.33.0.bb b/meta/recipes-core/busybox/busybox_1.33.1.bb
similarity index 92%
rename from meta/recipes-core/busybox/busybox_1.33.0.bb
rename to meta/recipes-core/busybox/busybox_1.33.1.bb
index b2a30ba16f..3a70a8056e 100644
--- a/meta/recipes-core/busybox/busybox_1.33.0.bb
+++ b/meta/recipes-core/busybox/busybox_1.33.1.bb
@@ -46,9 +46,8 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
            file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \
            file://rev.cfg \
            file://pgrep.cfg \
-           file://0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch \
            file://0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch \
            "
 SRC_URI_append_libc-musl = " file://musl.cfg "
 
-SRC_URI[tarball.sha256sum] = "d568681c91a85edc6710770cebc1e80e042ad74d305b5c2e6d57a5f3de3b8fbd"
+SRC_URI[tarball.sha256sum] = "12cec6bd2b16d8a9446dd16130f2b92982f1819f6e1c5f5887b6db03f5660d28"
-- 
2.31.1

[hardknott][PATCH 12/28] perl: correct libpth and glibpth

[Anuj Mittal]

From: Mingli Yu <mingli.yu@windriver.com>

Previouly there is a logic as below used to set libpth in config.sh.
libpth='@LIBDIR@ @BASELIBDIR@'

But after the below commits introduced, the above logic is dropped.
52f2828314 perl: add a version that builds the recipe using perl-cross, and update to 5.28.1
68552c3532 perl: remove the previous version of the recipe

So correct the value of libpth and glibpth to add the dropped logic
back to avoid confusing.

Before the patch(on 64bits system):
 # perl -V:libpth
 libpth='/usr/lib /lib';

After the patch(on 64bits system):
 # perl -V:libpth
 libpth='/usr/lib64 /lib64';

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a494de43c3ccdcf7af988765ae5c3a95bc20c567)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-devtools/perl/perl_5.32.1.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-devtools/perl/perl_5.32.1.bb b/meta/recipes-devtools/perl/perl_5.32.1.bb
index b28040c7fb..f8893af3e2 100644
--- a/meta/recipes-devtools/perl/perl_5.32.1.bb
+++ b/meta/recipes-devtools/perl/perl_5.32.1.bb
@@ -62,6 +62,8 @@ do_configure_class-target() {
     -Dsoname=libperl.so.5 \
     -Dvendorprefix=${prefix} \
     -Darchlibexp=${STAGING_LIBDIR}/perl5/${PV}/${TARGET_ARCH}-linux \
+    -Dlibpth='${libdir} ${base_libdir}' \
+    -Dglibpth='${libdir} ${base_libdir}' \
     ${PACKAGECONFIG_CONFARGS}
 
     #perl.c uses an ARCHLIB_EXP define to generate compile-time code that
-- 
2.31.1

[hardknott][PATCH 13/28] rxvt-unicode: fix CVE-2021-33477

[Anuj Mittal]

From: Kai Kang <kai.kang@windriver.com>

Backport patch to fix CVE-2021-33477 for rxvt-unicode.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../rxvt-unicode-fix-CVE-2021-33477.patch     | 33 +++++++++++++++++++
 .../rxvt-unicode/rxvt-unicode_9.22.bb         |  4 ++-
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch

diff --git a/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch b/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch
new file mode 100644
index 0000000000..6c3590c311
--- /dev/null
+++ b/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch
@@ -0,0 +1,33 @@
+Backport patch to fix CVE-2021-33477.
+
+CVE: CVE-2021-33477
+
+Upstream-Status: Backport [http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+ src/command.C | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/command.C b/src/command.C
+index 7b79f51..2f7de60 100644
+--- a/src/command.C
++++ b/src/command.C
+@@ -2725,7 +2725,7 @@ rxvt_term::process_escape_seq ()
+         /* kidnapped escape sequence: Should be 8.3.48 */
+       case C1_ESA:		/* ESC G */
+         // used by original rxvt for rob nations own graphics mode
+-        if (cmd_getc () == 'Q')
++        if (cmd_getc () == 'Q' && option (Opt_insecure))
+           tt_printf ("\033G0\012");	/* query graphics - no graphics */
+         break;
+ 
+@@ -2944,7 +2944,7 @@ rxvt_term::process_csi_seq ()
+         break;
+ 
+       case CSI_CUB:		/* 8.3.18: (1) CURSOR LEFT */
+-      case CSI_HPB: 		/* 8.3.59: (1) CHARACTER POSITION BACKWARD */
++      case CSI_HPB:		/* 8.3.59: (1) CHARACTER POSITION BACKWARD */
+ #ifdef ISO6429
+         arg[0] = -arg[0];
+ #else				/* emulate common DEC VTs */
diff --git a/meta/recipes-sato/rxvt-unicode/rxvt-unicode_9.22.bb b/meta/recipes-sato/rxvt-unicode/rxvt-unicode_9.22.bb
index 283e8d7751..dee549cc78 100644
--- a/meta/recipes-sato/rxvt-unicode/rxvt-unicode_9.22.bb
+++ b/meta/recipes-sato/rxvt-unicode/rxvt-unicode_9.22.bb
@@ -4,7 +4,9 @@ LICENSE = "GPLv3"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \
                     file://src/main.C;beginline=1;endline=31;md5=d3600d7ee1062667fcd1193fbe6485f6"
 
-SRC_URI += "file://0001-libev-remove-deprecated-throw-specification.patch"
+SRC_URI += "file://0001-libev-remove-deprecated-throw-specification.patch \
+            file://rxvt-unicode-fix-CVE-2021-33477.patch \
+            "
 
 SRC_URI[sha256sum] = "e94628e9bcfa0adb1115d83649f898d6edb4baced44f5d5b769c2eeb8b95addd"
 
-- 
2.31.1

[hardknott][PATCH 14/28] binutils: Fix CVE-2021-20197

[Anuj Mittal]

From: Vinay Kumar <vinay.m.engg@gmail.com>

Source: git://sourceware.org/git/binutils-gdb.git
Tracking -- https://sourceware.org/bugzilla/show_bug.cgi?id=26945

Backported upstream commit id d3edaa91d4cf7202ec14342410194841e2f67f12
and its dependent commits 8e03235147a9e774d3ba084e93c2da1aa94d1cec and
8b69e61d4be276bb862698aaafddc3e779d23c8f to binutils-2.36 source.

Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8e03235147a9e774d3ba084e93c2da1aa94d1cec]
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3edaa91d4cf7202ec14342410194841e2f67f12]
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8b69e61d4be276bb862698aaafddc3e779d23c8f]

Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../binutils/binutils-2.36.inc                |   3 +
 .../binutils/0001-CVE-2021-20197.patch        | 201 ++++++++++++++++++
 .../binutils/0002-CVE-2021-20197.patch        | 170 +++++++++++++++
 .../binutils/0003-CVE-2021-20197.patch        | 171 +++++++++++++++
 4 files changed, 545 insertions(+)
 create mode 100644 meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch
 create mode 100644 meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch

diff --git a/meta/recipes-devtools/binutils/binutils-2.36.inc b/meta/recipes-devtools/binutils/binutils-2.36.inc
index 2968291889..9d770db5a8 100644
--- a/meta/recipes-devtools/binutils/binutils-2.36.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.36.inc
@@ -41,5 +41,8 @@ SRC_URI = "\
      file://0014-Fix-rpath-in-libtool-when-sysroot-is-enabled.patch \
      file://0015-sync-with-OE-libtool-changes.patch \
      file://0016-Check-for-clang-before-checking-gcc-version.patch \
+     file://0001-CVE-2021-20197.patch \
+     file://0002-CVE-2021-20197.patch \
+     file://0003-CVE-2021-20197.patch \
 "
 S  = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch
new file mode 100644
index 0000000000..2b4eaba26d
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch
@@ -0,0 +1,201 @@
+From 8e03235147a9e774d3ba084e93c2da1aa94d1cec Mon Sep 17 00:00:00 2001
+From: Siddhesh Poyarekar <siddhesh@gotplt.org>
+Date: Mon, 22 Feb 2021 20:45:50 +0530
+Subject: [PATCH] binutils: Avoid renaming over existing files
+
+Renaming over existing files needs additional care to restore
+permissions and ownership, which may not always succeed.
+Additionally, other properties of the file such as extended attributes
+may be lost, making the operation flaky.
+
+For predictable results, resort to rename() only if the file does not
+exist, otherwise copy the file contents into the existing file.  This
+ensures that no additional tricks are needed to retain file
+properties.
+
+This also allows dropping of the redundant set_times on the tmpfile in
+objcopy/strip since now we no longer rename over existing files.
+
+binutils/
+
+	* ar.c (write_archive): Adjust call to SMART_RENAME.
+	* arsup.c (ar_save): Likewise.
+	* objcopy (strip_main): Don't set times on temporary file and
+	adjust call to SMART_RENAME.
+	(copy_main): Likewise.
+	* rename.c [!S_ISLNK]: Remove definitions.
+	(try_preserve_permissions): Remove function.
+	(smart_rename): Replace PRESERVE_DATES argument with
+	TARGET_STAT.  Use rename system call only if TO does not exist.
+	* bucomm.h (smart_rename): Adjust declaration.
+
+(cherry picked from commit 3685de750e6a091663a0abe42528cad29e960e35)
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8e03235147a9e774d3ba084e93c2da1aa94d1cec]
+CVE: CVE-2021-20197
+Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
+---
+ binutils/ar.c      |  2 +-
+ binutils/arsup.c   |  2 +-
+ binutils/bucomm.h  |  3 ++-
+ binutils/objcopy.c |  8 ++-----
+ binutils/rename.c  | 55 +++++++++-------------------------------------
+ 6 files changed, 29 insertions(+), 54 deletions(-)
+
+diff --git a/binutils/ar.c b/binutils/ar.c
+index 45a34e3a6cf..3a91708b51c 100644
+--- a/binutils/ar.c
++++ b/binutils/ar.c
+@@ -1308,7 +1308,7 @@ write_archive (bfd *iarch)
+   /* We don't care if this fails; we might be creating the archive.  */
+   bfd_close (iarch);
+ 
+-  if (smart_rename (new_name, old_name, 0) != 0)
++  if (smart_rename (new_name, old_name, NULL) != 0)
+     xexit (1);
+   free (old_name);
+   free (new_name);
+diff --git a/binutils/arsup.c b/binutils/arsup.c
+index 5403a0c5d74..0a1f63f6456 100644
+--- a/binutils/arsup.c
++++ b/binutils/arsup.c
+@@ -351,7 +351,7 @@ ar_save (void)
+ 
+       bfd_close (obfd);
+ 
+-      smart_rename (ofilename, real_name, 0);
++      smart_rename (ofilename, real_name, NULL);
+       obfd = 0;
+       free (ofilename);
+     }
+diff --git a/binutils/bucomm.h b/binutils/bucomm.h
+index 91f6a5b228f..aa7e33d8cd1 100644
+--- a/binutils/bucomm.h
++++ b/binutils/bucomm.h
+@@ -71,7 +71,8 @@ extern void print_version (const char *);
+ /* In rename.c.  */
+ extern void set_times (const char *, const struct stat *);
+ 
+-extern int smart_rename (const char *, const char *, int);
++extern int smart_rename (const char *, const char *, struct stat *);
++
+ 
+ /* In libiberty.  */
+ void *xmalloc (size_t);
+diff --git a/binutils/objcopy.c b/binutils/objcopy.c
+index eab3b6db585..07a872b5a80 100644
+--- a/binutils/objcopy.c
++++ b/binutils/objcopy.c
+@@ -4861,12 +4861,10 @@ strip_main (int argc, char *argv[])
+ 		 output_target, NULL);
+       if (status == 0)
+ 	{
+-	  if (preserve_dates)
+-	    set_times (tmpname, &statbuf);
+ 	  if (output_file != tmpname)
+ 	    status = (smart_rename (tmpname,
+ 				    output_file ? output_file : argv[i],
+-				    preserve_dates) != 0);
++				    preserve_dates ? &statbuf : NULL) != 0);
+ 	  if (status == 0)
+ 	    status = hold_status;
+ 	}
+@@ -5931,11 +5929,9 @@ copy_main (int argc, char *argv[])
+ 	     output_target, input_arch);
+   if (status == 0)
+     {
+-      if (preserve_dates)
+-	set_times (tmpname, &statbuf);
+       if (tmpname != output_filename)
+ 	status = (smart_rename (tmpname, input_filename,
+-				preserve_dates) != 0);
++				preserve_dates ? &statbuf : NULL) != 0);
+     }
+   else
+     unlink_if_ordinary (tmpname);
+diff --git a/binutils/rename.c b/binutils/rename.c
+index 65ad5bf52c4..f471b45fd3f 100644
+--- a/binutils/rename.c
++++ b/binutils/rename.c
+@@ -122,20 +122,13 @@ set_times (const char *destination, const struct stat *statbuf)
+     non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno));
+ }
+ 
+-#ifndef S_ISLNK
+-#ifdef S_IFLNK
+-#define S_ISLNK(m) (((m) & S_IFMT) == S_IFLNK)
+-#else
+-#define S_ISLNK(m) 0
+-#define lstat stat
+-#endif
+-#endif
+-
+-/* Rename FROM to TO, copying if TO is a link.
+-   Return 0 if ok, -1 if error.  */
++/* Rename FROM to TO, copying if TO exists.  TARGET_STAT has the file status
++   that, if non-NULL, is used to fix up timestamps after rename.  Return 0 if
++   ok, -1 if error.  */
+ 
+ int
+-smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNUSED)
++smart_rename (const char *from, const char *to,
++	      struct stat *target_stat ATTRIBUTE_UNUSED)
+ {
+   bfd_boolean exists;
+   struct stat s;
+@@ -158,38 +151,10 @@ smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNU
+       unlink (from);
+     }
+ #else
+-  /* Use rename only if TO is not a symbolic link and has
+-     only one hard link, and we have permission to write to it.  */
+-  if (! exists
+-      || (!S_ISLNK (s.st_mode)
+-	  && S_ISREG (s.st_mode)
+-	  && (s.st_mode & S_IWUSR)
+-	  && s.st_nlink == 1)
+-      )
++  /* Avoid a full copy and use rename if TO does not exist.  */
++  if (!exists)
+     {
+-      ret = rename (from, to);
+-      if (ret == 0)
+-	{
+-	  if (exists)
+-	    {
+-	      /* Try to preserve the permission bits and ownership of
+-		 TO.  First get the mode right except for the setuid
+-		 bit.  Then change the ownership.  Then fix the setuid
+-		 bit.  We do the chmod before the chown because if the
+-		 chown succeeds, and we are a normal user, we won't be
+-		 able to do the chmod afterward.  We don't bother to
+-		 fix the setuid bit first because that might introduce
+-		 a fleeting security problem, and because the chown
+-		 will clear the setuid bit anyhow.  We only fix the
+-		 setuid bit if the chown succeeds, because we don't
+-		 want to introduce an unexpected setuid file owned by
+-		 the user running objcopy.  */
+-	      chmod (to, s.st_mode & 0777);
+-	      if (chown (to, s.st_uid, s.st_gid) >= 0)
+-		chmod (to, s.st_mode & 07777);
+-	    }
+-	}
+-      else
++      if ((ret = rename (from, to)) != 0)
+ 	{
+ 	  /* We have to clean up here.  */
+ 	  non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno));
+@@ -202,8 +167,8 @@ smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNU
+       if (ret != 0)
+ 	non_fatal (_("unable to copy file '%s'; reason: %s"), to, strerror (errno));
+ 
+-      if (preserve_dates)
+-	set_times (to, &s);
++      if (target_stat != NULL)
++	set_times (to, target_stat);
+       unlink (from);
+     }
+ #endif /* _WIN32 && !__CYGWIN32__ */
+-- 
+2.31.1
+
diff --git a/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch
new file mode 100644
index 0000000000..3771f571eb
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch
@@ -0,0 +1,170 @@
+From d3edaa91d4cf7202ec14342410194841e2f67f12 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Fri, 26 Feb 2021 11:30:32 +1030
+Subject: [PATCH] Reinstate various pieces backed out from smart_rename changes
+
+In the interests of a stable release various last minute smart_rename
+patches were backed out of the 2.36 branch.  The main reason to
+reinstate some of those backed out changes here is to make necessary
+followup fixes to commit 8e03235147a9 simple cherry-picks from
+mainline.  A secondary reason is that ar -M support isn't fixed for
+pr26945 without this patch.
+
+	PR 26945
+	* ar.c: Don't include libbfd.h.
+	(write_archive): Replace xmalloc+strcpy with xstrdup.
+	* arsup.c (temp_name, real_ofd): New static variables.
+	(ar_open): Use make_tempname and bfd_fdopenw.
+	(ar_save): Adjust to suit ar_open changes.
+	* objcopy.c: Don't include libbfd.h.
+	* rename.c: Rename and reorder variables.
+
+(cherry picked from commit 95b91a043aeaeb546d2fea556d84a2de1e917770)
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3edaa91d4cf7202ec14342410194841e2f67f12]
+CVE: CVE-2021-20197
+Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
+---
+ binutils/ar.c      |  4 +---
+ binutils/arsup.c   | 37 +++++++++++++++++++++++++------------
+ binutils/objcopy.c |  1 -
+ binutils/rename.c  |  6 +++---
+ 5 files changed, 42 insertions(+), 19 deletions(-)
+
+diff --git a/binutils/ar.c b/binutils/ar.c
+index 3a91708b51c..44df48c5c67 100644
+--- a/binutils/ar.c
++++ b/binutils/ar.c
+@@ -25,7 +25,6 @@
+ 
+ #include "sysdep.h"
+ #include "bfd.h"
+-#include "libbfd.h"
+ #include "libiberty.h"
+ #include "progress.h"
+ #include "getopt.h"
+@@ -1255,8 +1254,7 @@ write_archive (bfd *iarch)
+   bfd *contents_head = iarch->archive_next;
+   int ofd = -1;
+ 
+-  old_name = (char *) xmalloc (strlen (bfd_get_filename (iarch)) + 1);
+-  strcpy (old_name, bfd_get_filename (iarch));
++  old_name = xstrdup (bfd_get_filename (iarch));
+   new_name = make_tempname (old_name, &ofd);
+ 
+   if (new_name == NULL)
+diff --git a/binutils/arsup.c b/binutils/arsup.c
+index 0a1f63f6456..f7ce8f0bc82 100644
+--- a/binutils/arsup.c
++++ b/binutils/arsup.c
+@@ -42,6 +42,8 @@ extern int deterministic;
+ 
+ static bfd *obfd;
+ static char *real_name;
++static char *temp_name;
++static int real_ofd;
+ static FILE *outfile;
+ 
+ static void
+@@ -149,27 +151,24 @@ maybequit (void)
+ void
+ ar_open (char *name, int t)
+ {
+-  char *tname;
+-  const char *bname = lbasename (name);
+-  real_name = name;
++  real_name = xstrdup (name);
++  temp_name = make_tempname (real_name, &real_ofd);
+ 
+-  /* Prepend tmp- to the beginning, to avoid file-name clashes after
+-     truncation on filesystems with limited namespaces (DOS).  */
+-  if (asprintf (&tname, "%.*stmp-%s", (int) (bname - name), name, bname) == -1)
++  if (temp_name == NULL)
+     {
+-      fprintf (stderr, _("%s: Can't allocate memory for temp name (%s)\n"),
++      fprintf (stderr, _("%s: Can't open temporary file (%s)\n"),
+ 	       program_name, strerror(errno));
+       maybequit ();
+       return;
+     }
+ 
+-  obfd = bfd_openw (tname, NULL);
++  obfd = bfd_fdopenw (temp_name, NULL, real_ofd);
+ 
+   if (!obfd)
+     {
+       fprintf (stderr,
+ 	       _("%s: Can't open output archive %s\n"),
+-	       program_name,  tname);
++	       program_name, temp_name);
+ 
+       maybequit ();
+     }
+@@ -344,16 +343,30 @@ ar_save (void)
+     }
+   else
+     {
+-      char *ofilename = xstrdup (bfd_get_filename (obfd));
++      struct stat target_stat;
+ 
+       if (deterministic > 0)
+         obfd->flags |= BFD_DETERMINISTIC_OUTPUT;
+ 
+       bfd_close (obfd);
+ 
+-      smart_rename (ofilename, real_name, NULL);
++      if (stat (real_name, &target_stat) != 0)
++	{
++	  /* The temp file created in ar_open has mode 0600 as per mkstemp.
++	     Create the real empty output file here so smart_rename will
++	     update the mode according to the process umask.  */
++	  obfd = bfd_openw (real_name, NULL);
++	  if (obfd != NULL)
++	    {
++	      bfd_set_format (obfd, bfd_archive);
++	      bfd_close (obfd);
++	    }
++	}
++
++      smart_rename (temp_name, real_name, NULL);
+       obfd = 0;
+-      free (ofilename);
++      free (temp_name);
++      free (real_name);
+     }
+ }
+ 
+diff --git a/binutils/objcopy.c b/binutils/objcopy.c
+index 07a872b5a80..73aa8bc2514 100644
+--- a/binutils/objcopy.c
++++ b/binutils/objcopy.c
+@@ -20,7 +20,6 @@
+ \f
+ #include "sysdep.h"
+ #include "bfd.h"
+-#include "libbfd.h"
+ #include "progress.h"
+ #include "getopt.h"
+ #include "libiberty.h"
+diff --git a/binutils/rename.c b/binutils/rename.c
+index f471b45fd3f..2ff092ee22b 100644
+--- a/binutils/rename.c
++++ b/binutils/rename.c
+@@ -130,11 +130,11 @@ int
+ smart_rename (const char *from, const char *to,
+ 	      struct stat *target_stat ATTRIBUTE_UNUSED)
+ {
+-  bfd_boolean exists;
+-  struct stat s;
+   int ret = 0;
++  struct stat to_stat;
++  bfd_boolean exists;
+ 
+-  exists = lstat (to, &s) == 0;
++  exists = lstat (to, &to_stat) == 0;
+ 
+ #if defined (_WIN32) && !defined (__CYGWIN32__)
+   /* Win32, unlike unix, will not erase `to' in `rename(from, to)' but
+-- 
+2.31.1
+
diff --git a/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch
new file mode 100644
index 0000000000..082b28b29c
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch
@@ -0,0 +1,171 @@
+From 8b69e61d4be276bb862698aaafddc3e779d23c8f Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Tue, 23 Feb 2021 09:37:39 +1030
+Subject: [PATCH] PR27456, lstat in rename.c on MinGW
+
+	PR 27456
+	* rename.c: Tidy throughout.
+	(smart_rename): Always copy.  Remove windows specific code.
+
+(cherry picked from commit cca8873dd5a6015d5557ea44bc1ea9c252435a29)
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8b69e61d4be276bb862698aaafddc3e779d23c8f]
+CVE: CVE-2021-20197
+Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
+---
+ binutils/rename.c  | 111 ++++++++++++++-------------------------------
+ 2 files changed, 40 insertions(+), 76 deletions(-)
+
+diff --git a/binutils/rename.c b/binutils/rename.c
+index 2ff092ee22b..72a9323d72c 100644
+--- a/binutils/rename.c
++++ b/binutils/rename.c
+@@ -24,14 +24,9 @@
+ 
+ #ifdef HAVE_GOOD_UTIME_H
+ #include <utime.h>
+-#else /* ! HAVE_GOOD_UTIME_H */
+-#ifdef HAVE_UTIMES
++#elif defined HAVE_UTIMES
+ #include <sys/time.h>
+-#endif /* HAVE_UTIMES */
+-#endif /* ! HAVE_GOOD_UTIME_H */
+-
+-#if ! defined (_WIN32) || defined (__CYGWIN32__)
+-static int simple_copy (const char *, const char *);
++#endif
+ 
+ /* The number of bytes to copy at once.  */
+ #define COPY_BUF 8192
+@@ -82,7 +77,6 @@ simple_copy (const char *from, const char *to)
+     }
+   return 0;
+ }
+-#endif /* __CYGWIN32__ or not _WIN32 */
+ 
+ /* Set the times of the file DESTINATION to be the same as those in
+    STATBUF.  */
+@@ -91,87 +85,52 @@ void
+ set_times (const char *destination, const struct stat *statbuf)
+ {
+   int result;
+-
+-  {
+ #ifdef HAVE_GOOD_UTIME_H
+-    struct utimbuf tb;
+-
+-    tb.actime = statbuf->st_atime;
+-    tb.modtime = statbuf->st_mtime;
+-    result = utime (destination, &tb);
+-#else /* ! HAVE_GOOD_UTIME_H */
+-#ifndef HAVE_UTIMES
+-    long tb[2];
+-
+-    tb[0] = statbuf->st_atime;
+-    tb[1] = statbuf->st_mtime;
+-    result = utime (destination, tb);
+-#else /* HAVE_UTIMES */
+-    struct timeval tv[2];
+-
+-    tv[0].tv_sec = statbuf->st_atime;
+-    tv[0].tv_usec = 0;
+-    tv[1].tv_sec = statbuf->st_mtime;
+-    tv[1].tv_usec = 0;
+-    result = utimes (destination, tv);
+-#endif /* HAVE_UTIMES */
+-#endif /* ! HAVE_GOOD_UTIME_H */
+-  }
++  struct utimbuf tb;
++
++  tb.actime = statbuf->st_atime;
++  tb.modtime = statbuf->st_mtime;
++  result = utime (destination, &tb);
++#elif defined HAVE_UTIMES
++  struct timeval tv[2];
++
++  tv[0].tv_sec = statbuf->st_atime;
++  tv[0].tv_usec = 0;
++  tv[1].tv_sec = statbuf->st_mtime;
++  tv[1].tv_usec = 0;
++  result = utimes (destination, tv);
++#else
++  long tb[2];
++
++  tb[0] = statbuf->st_atime;
++  tb[1] = statbuf->st_mtime;
++  result = utime (destination, tb);
++#endif
+ 
+   if (result != 0)
+     non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno));
+ }
+ 
+-/* Rename FROM to TO, copying if TO exists.  TARGET_STAT has the file status
+-   that, if non-NULL, is used to fix up timestamps after rename.  Return 0 if
+-   ok, -1 if error.  */
++/* Copy FROM to TO.  TARGET_STAT has the file status that, if non-NULL,
++   is used to fix up timestamps.  Return 0 if ok, -1 if error.
++   At one time this function renamed files, but file permissions are
++   tricky to update given the number of different schemes used by
++   various systems.  So now we just copy.  */
+ 
+ int
+ smart_rename (const char *from, const char *to,
+-	      struct stat *target_stat ATTRIBUTE_UNUSED)
++	      struct stat *target_stat)
+ {
+-  int ret = 0;
+-  struct stat to_stat;
+-  bfd_boolean exists;
+-
+-  exists = lstat (to, &to_stat) == 0;
+-
+-#if defined (_WIN32) && !defined (__CYGWIN32__)
+-  /* Win32, unlike unix, will not erase `to' in `rename(from, to)' but
+-     fail instead.  Also, chown is not present.  */
+-
+-  if (exists)
+-    remove (to);
++  int ret;
+ 
+-  ret = rename (from, to);
++  ret = simple_copy (from, to);
+   if (ret != 0)
+-    {
+-      /* We have to clean up here.  */
+-      non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno));
+-      unlink (from);
+-    }
+-#else
+-  /* Avoid a full copy and use rename if TO does not exist.  */
+-  if (!exists)
+-    {
+-      if ((ret = rename (from, to)) != 0)
+-	{
+-	  /* We have to clean up here.  */
+-	  non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno));
+-	  unlink (from);
+-	}
+-    }
+-  else
+-    {
+-      ret = simple_copy (from, to);
+-      if (ret != 0)
+-	non_fatal (_("unable to copy file '%s'; reason: %s"), to, strerror (errno));
++    non_fatal (_("unable to copy file '%s'; reason: %s"),
++	       to, strerror (errno));
+ 
+-      if (target_stat != NULL)
+-	set_times (to, target_stat);
+-      unlink (from);
+-    }
+-#endif /* _WIN32 && !__CYGWIN32__ */
++  if (target_stat != NULL)
++    set_times (to, target_stat);
++  unlink (from);
+ 
+   return ret;
+ }
+-- 
+2.31.1
+
-- 
2.31.1

[hardknott][PATCH 15/28] runqemu: Remove potential lock races around tap device handling

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

The qemu tap device handling is potentially race ridden. We pass the
fd to the main qemu subprocess which is good as it means the lock is held
as long as the qemu process exists. This means we shouldn't unlock it
ourselves though, only close the file. We also can't delete the file
as we have no idea if qemu is still using it. We could try and obtain
an exclusive new lock, then the file would be safe to unlink but it
doesn't seem worth it.

Also fix the same issue in the port lock code.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a87bddabf816d09ec801e33972879e6983627eb)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 scripts/runqemu | 27 ++++++++++++++++++---------
 1 file changed, 18 insertions(+), 9 deletions(-)

diff --git a/scripts/runqemu b/scripts/runqemu
index edd17d09c4..c985f4e75a 100755
--- a/scripts/runqemu
+++ b/scripts/runqemu
@@ -232,9 +232,12 @@ class BaseConfig(object):
     def release_taplock(self):
         if self.taplock_descriptor:
             logger.debug("Releasing lockfile for tap device '%s'" % self.tap)
-            fcntl.flock(self.taplock_descriptor, fcntl.LOCK_UN)
+            # We pass the fd to the qemu process and if we unlock here, it would unlock for
+            # that too. Therefore don't unlock, just close
+            # fcntl.flock(self.taplock_descriptor, fcntl.LOCK_UN)
             self.taplock_descriptor.close()
-            os.remove(self.taplock)
+            # Removing the file is a potential race, don't do that either
+            # os.remove(self.taplock)
             self.taplock_descriptor = None
 
     def check_free_port(self, host, port, lockdir):
@@ -272,17 +275,23 @@ class BaseConfig(object):
 
     def release_portlock(self, lockfile=None):
         if lockfile != None:
-           logger.debug("Releasing lockfile '%s'" % lockfile)
-           fcntl.flock(self.portlocks[lockfile], fcntl.LOCK_UN)
-           self.portlocks[lockfile].close()
-           os.remove(lockfile)
-           del self.portlocks[lockfile]
+            logger.debug("Releasing lockfile '%s'" % lockfile)
+            # We pass the fd to the qemu process and if we unlock here, it would unlock for
+            # that too. Therefore don't unlock, just close
+            # fcntl.flock(self.portlocks[lockfile], fcntl.LOCK_UN)
+            self.portlocks[lockfile].close()
+            # Removing the file is a potential race, don't do that either
+            # os.remove(lockfile)
+            del self.portlocks[lockfile]
         elif len(self.portlocks):
             for lockfile, descriptor in self.portlocks.items():
                 logger.debug("Releasing lockfile '%s'" % lockfile)
-                fcntl.flock(descriptor, fcntl.LOCK_UN)
+                # We pass the fd to the qemu process and if we unlock here, it would unlock for
+                # that too. Therefore don't unlock, just close
+                # fcntl.flock(descriptor, fcntl.LOCK_UN)
                 descriptor.close()
-                os.remove(lockfile)
+                # Removing the file is a potential race, don't do that either
+                # os.remove(lockfile)
             self.portlocks = {}
 
     def get(self, key):
-- 
2.31.1

[hardknott][PATCH 16/28] glibc-testsuite: Fix build failures when directly running recipe

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

If you try and run the glibc-testsuite's build task, you see failures
as do_populate_sysroot can't work. We don't have a do_install, get
rid of do_populate_sysroot as well.

The recipe is not included in world builds by default which is why
we don't see the issue more widely.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f7de32dfcc2e6b1872fbd5ea61dcba944d5553a8)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-core/glibc/glibc-testsuite_2.33.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-core/glibc/glibc-testsuite_2.33.bb b/meta/recipes-core/glibc/glibc-testsuite_2.33.bb
index d887aeff79..659d3132fa 100644
--- a/meta/recipes-core/glibc/glibc-testsuite_2.33.bb
+++ b/meta/recipes-core/glibc/glibc-testsuite_2.33.bb
@@ -61,3 +61,4 @@ addtask do_check after do_compile
 inherit nopackages
 deltask do_stash_locale
 deltask do_install
+deltask do_populate_sysroot
-- 
2.31.1

[hardknott][PATCH 17/28] boost-build-native: workaround one rarely hang problem on fedora34

[Anuj Mittal]

From: Changqing Li <changqing.li@windriver.com>

Reproduce scenes:
* On fedora34
* autofs.service is started
* test is nis user, which mounted at /nis by autofs
* under /nis/test, there are symlinks point to another nis mount point /nis/yan

Result:
task boost-build-native:do_install hang forever

NOTE: recipe ovmf-edk2-stable202102-r0: task do_package_write_rpm: Succeeded
NOTE: Running noexec task 8124 of 8152 (/layers/oe-core/meta/recipes-core/ovmf/ovmf_git.bb:do_build)
Bitbake still alive (5000s)
Bitbake still alive (10000s)
Bitbake still alive (15000s)
Bitbake still alive (20000s)
Bitbake still alive (25000s)
Bitbake still alive (30000s)
Bitbake still alive (35000s)
Bitbake still alive (40000s)
Bitbake still alive (45000s)
Bitbake still alive (50000s)

$ps aux | grep b2
test 2773444 0.0 0.0 13532 2748 ? D Jul01 0:00 ./b2 install --prefix=/build/tmp-glibc/work/x86_64-linux/boost-build-native/4.4.1-r0/recipe-sysroot-native/usr staging-prefix=/build/tmp-glibc/work/x86_64-linux/boost-build-native/4.4.1-r0/image/build/tmp-glibc/work/x86_64-linux/boost-build-native/4.4.1-r0/recipe-sysroot-native/usr

$ sudo cat /proc/2773444/stack
[<0>] autofs_wait+0x257/0x720
[<0>] autofs_mount_wait+0x49/0xf0
[<0>] autofs_d_manage+0x76/0x1a0
[<0>] __traverse_mounts+0xd9/0x220
[<0>] step_into+0x3ad/0x6d0
[<0>] walk_component+0x62/0x190
[<0>] link_path_walk.part.0.constprop.0+0x20d/0x350
[<0>] path_lookupat+0x3a/0x1b0
[<0>] filename_lookup+0x9b/0x180
[<0>] vfs_statx+0x64/0x100
[<0>] __do_sys_newfstatat+0x1e/0x40
[<0>] do_syscall_64+0x33/0x40
[<0>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

$ dmesg
[1559743.424610] autofs4:pid:2773444:autofs_mount_wait: waiting for mount name=yan
[1559743.424621] autofs4:pid:2773444:autofs_wait: existing wait id = 0x00000056, name = yan, nfy=1
[1560001.400440] autofs4:pid:2774530:autofs_mount_wait: waiting for mount name=yan
[1560001.400452] autofs4:pid:2774530:autofs_wait: existing wait id = 0x00000056, name = yan, nfy=1
[1560022.493282] autofs4:pid:2774537:autofs_mount_wait: waiting for mount name=yan
[1560022.493292] autofs4:pid:2774537:autofs_wait: existing wait id = 0x00000056, name = yan, nfy=1
[1560122.076589] autofs4:pid:3979116:autofs_mount_wait: mount wait done status=-4
[1560162.222374] autofs4:pid:2774530:autofs_mount_wait: mount wait done status=-4
[1560167.116188] autofs4:pid:2774537:autofs_mount_wait: mount wait done status=-4
[1560188.140532] autofs4:pid:2774671:autofs_mount_wait: waiting for mount name=yan
[1560188.140540] autofs4:pid:2774671:autofs_wait: existing wait id = 0x00000056, name = yan, nfy=1
[1560189.651905] autofs4:pid:2774671:autofs_mount_wait: mount wait done status=-4

Analyzation:
b2 will walk the HOME dir, when access the symlink point to /nis/yan,
autofs hang at autofs_wait.  the process stay at D stat forever. This
maybe caused by abnormal status of autofs.service. The problem cannot
reproduce after restart autofs.service. There should be an autofs bug.
and there is an autofs hang problem bug on fedora34 on it's bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1953390

Workaround:
Since b2 don't actually write something to HOME dir, change HOME dir to
/var/run, a dir not mounted by autofs.

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7ff692d2e9787bb5b36929a208597595473db0c7)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-support/boost/boost-build-native_4.3.0.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-support/boost/boost-build-native_4.3.0.bb b/meta/recipes-support/boost/boost-build-native_4.3.0.bb
index 19e991e65f..00f3a86dd6 100644
--- a/meta/recipes-support/boost/boost-build-native_4.3.0.bb
+++ b/meta/recipes-support/boost/boost-build-native_4.3.0.bb
@@ -20,7 +20,7 @@ do_compile() {
 }
 
 do_install() {
-    ./b2 install --prefix=${prefix} staging-prefix=${D}${prefix}
+    HOME=/var/run ./b2 install --prefix=${prefix} staging-prefix=${D}${prefix}
 }
 
 # The build is either release mode (pre-stripped) or debug (-O0).
-- 
2.31.1

[hardknott][PATCH 18/28] linux-yocto-dev: base AUTOREV on specified version

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

linux-yocto-dev tracks the latest mainline kernel, and uses
standard/* for that support.

Archived -dev versions are under v<kernel version>/standard/base.

This policy works, except that a released branch will still follow
the new kernel versions, causing potential breakage with newer
kernels than are supported in that release.

Rather than lock the SRCREVs and update branches in old releases,
we can preserve the AUTOREV nature of -dev, and allow them to
switch automatically to the archived branch based on the LINUX_VERSION
in the -dev recipe (which is unchanged in the release branch).

This is consistent with the other branch switching done for the
kernels and with the -dev workflow.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 84e14b6116a7d1e52051c5c80be2d8e3db67c2d7)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/kernel-yocto.bbclass | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/meta/classes/kernel-yocto.bbclass b/meta/classes/kernel-yocto.bbclass
index 30f07de4ca..d38b60f519 100644
--- a/meta/classes/kernel-yocto.bbclass
+++ b/meta/classes/kernel-yocto.bbclass
@@ -614,7 +614,31 @@ do_validate_branches() {
 	# if SRCREV is AUTOREV it shows up as AUTOINC there's nothing to
 	# check and we can exit early
 	if [ "${machine_srcrev}" = "AUTOINC" ]; then
+	    linux_yocto_dev='${@oe.utils.conditional("PREFERRED_PROVIDER_virtual/kernel", "linux-yocto-dev", "1", "", d)}'
+	    if [ -n "$linux_yocto_dev" ]; then
+		git checkout -q -f ${machine_branch}
+		ver=$(grep "^VERSION =" ${S}/Makefile | sed s/.*=\ *//)
+		patchlevel=$(grep "^PATCHLEVEL =" ${S}/Makefile | sed s/.*=\ *//)
+		sublevel=$(grep "^SUBLEVEL =" ${S}/Makefile | sed s/.*=\ *//)
+		kver="$ver.$patchlevel"
+		bbnote "dev kernel: performing version -> branch -> SRCREV validation"
+		bbnote "dev kernel: recipe version ${LINUX_VERSION}, src version: $kver"
+		echo "${LINUX_VERSION}" | grep -q $kver
+		if [ $? -ne 0 ]; then
+		    version="$(echo ${LINUX_VERSION} | sed 's/\+.*$//g')"
+		    versioned_branch="v$version/$machine_branch"
+
+		    machine_branch=$versioned_branch
+		    force_srcrev="$(git rev-parse $machine_branch 2> /dev/null)"
+		    if [ $? -ne 0 ]; then
+			bbfatal "kernel version mismatch detected, and no valid branch $machine_branch detected"
+		    fi
+
+		    bbnote "dev kernel: adjusting branch to $machine_branch, srcrev to: $force_srcrev"
+		fi
+	    else
 		bbnote "SRCREV validation is not required for AUTOREV"
+	    fi
 	elif [ "${machine_srcrev}" = "" ]; then
 		if [ "${SRCREV}" != "AUTOINC" ] && [ "${SRCREV}" != "INVALID" ]; then
 		       # SRCREV_machine_<MACHINE> was not set. This means that a custom recipe
-- 
2.31.1

[hardknott][PATCH 19/28] go: upgrade 1.16.3 -> 1.16.4

[Anuj Mittal]

From: wangmy <wangmy@fujitsu.com>

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1e280a596293976ac835b557dcaaa56972682480)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-devtools/go/{go-1.16.3.inc => go-1.16.4.inc}     | 4 ++--
 ...{go-binary-native_1.16.3.bb => go-binary-native_1.16.4.bb} | 4 ++--
 ...o-cross-canadian_1.16.3.bb => go-cross-canadian_1.16.4.bb} | 0
 .../go/{go-cross_1.16.3.bb => go-cross_1.16.4.bb}             | 0
 .../go/{go-crosssdk_1.16.3.bb => go-crosssdk_1.16.4.bb}       | 0
 .../go/{go-native_1.16.3.bb => go-native_1.16.4.bb}           | 0
 .../go/{go-runtime_1.16.3.bb => go-runtime_1.16.4.bb}         | 0
 meta/recipes-devtools/go/{go_1.16.3.bb => go_1.16.4.bb}       | 0
 8 files changed, 4 insertions(+), 4 deletions(-)
 rename meta/recipes-devtools/go/{go-1.16.3.inc => go-1.16.4.inc} (88%)
 rename meta/recipes-devtools/go/{go-binary-native_1.16.3.bb => go-binary-native_1.16.4.bb} (83%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.16.3.bb => go-cross-canadian_1.16.4.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.16.3.bb => go-cross_1.16.4.bb} (100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.16.3.bb => go-crosssdk_1.16.4.bb} (100%)
 rename meta/recipes-devtools/go/{go-native_1.16.3.bb => go-native_1.16.4.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.16.3.bb => go-runtime_1.16.4.bb} (100%)
 rename meta/recipes-devtools/go/{go_1.16.3.bb => go_1.16.4.bb} (100%)

diff --git a/meta/recipes-devtools/go/go-1.16.3.inc b/meta/recipes-devtools/go/go-1.16.4.inc
similarity index 88%
rename from meta/recipes-devtools/go/go-1.16.3.inc
rename to meta/recipes-devtools/go/go-1.16.4.inc
index ebd25a5eaa..71c17de310 100644
--- a/meta/recipes-devtools/go/go-1.16.3.inc
+++ b/meta/recipes-devtools/go/go-1.16.4.inc
@@ -1,7 +1,7 @@
 require go-common.inc
 
 GO_BASEVERSION = "1.16"
-PV = "1.16.3"
+PV = "1.16.4"
 FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
@@ -17,4 +17,4 @@ SRC_URI += "\
     file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
     file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
 "
-SRC_URI[main.sha256sum] = "b298d29de9236ca47a023e382313bcc2d2eed31dfa706b60a04103ce83a71a25"
+SRC_URI[main.sha256sum] = "ae4f6b6e2a1677d31817984655a762074b5356da50fb58722b99104870d43503"
diff --git a/meta/recipes-devtools/go/go-binary-native_1.16.3.bb b/meta/recipes-devtools/go/go-binary-native_1.16.4.bb
similarity index 83%
rename from meta/recipes-devtools/go/go-binary-native_1.16.3.bb
rename to meta/recipes-devtools/go/go-binary-native_1.16.4.bb
index d01a2bd8f1..8c046e8e53 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.16.3.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.16.4.bb
@@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
 PROVIDES = "go-native"
 
 SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "951a3c7c6ce4e56ad883f97d9db74d3d6d80d5fec77455c6ada6c1f7ac4776d2"
-SRC_URI[go_linux_arm64.sha256sum] = "566b1d6f17d2bc4ad5f81486f0df44f3088c3ed47a3bec4099d8ed9939e90d5d"
+SRC_URI[go_linux_amd64.sha256sum] = "7154e88f5a8047aad4b80ebace58a059e36e7e2e4eb3b383127a28c711b4ff59"
+SRC_URI[go_linux_arm64.sha256sum] = "8b18eb05ddda2652d69ab1b1dd1f40dd731799f43c6a58b512ad01ae5b5bba21"
 
 UPSTREAM_CHECK_URI = "https://golang.org/dl/"
 UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.16.3.bb b/meta/recipes-devtools/go/go-cross-canadian_1.16.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.16.3.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.16.4.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.16.3.bb b/meta/recipes-devtools/go/go-cross_1.16.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.16.3.bb
rename to meta/recipes-devtools/go/go-cross_1.16.4.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.16.3.bb b/meta/recipes-devtools/go/go-crosssdk_1.16.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.16.3.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.16.4.bb
diff --git a/meta/recipes-devtools/go/go-native_1.16.3.bb b/meta/recipes-devtools/go/go-native_1.16.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-native_1.16.3.bb
rename to meta/recipes-devtools/go/go-native_1.16.4.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.16.3.bb b/meta/recipes-devtools/go/go-runtime_1.16.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.16.3.bb
rename to meta/recipes-devtools/go/go-runtime_1.16.4.bb
diff --git a/meta/recipes-devtools/go/go_1.16.3.bb b/meta/recipes-devtools/go/go_1.16.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.16.3.bb
rename to meta/recipes-devtools/go/go_1.16.4.bb
-- 
2.31.1

[hardknott][PATCH 20/28] go: upgrade 1.16.4 -> 1.16.5

[Anuj Mittal]

From: wangmy <wangmy@fujitsu.com>

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c0c567ed2fb092cde97d03cb658d8bae93d9b28c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-devtools/go/{go-1.16.4.inc => go-1.16.5.inc}     | 4 ++--
 ...{go-binary-native_1.16.4.bb => go-binary-native_1.16.5.bb} | 4 ++--
 ...o-cross-canadian_1.16.4.bb => go-cross-canadian_1.16.5.bb} | 0
 .../go/{go-cross_1.16.4.bb => go-cross_1.16.5.bb}             | 0
 .../go/{go-crosssdk_1.16.4.bb => go-crosssdk_1.16.5.bb}       | 0
 .../go/{go-native_1.16.4.bb => go-native_1.16.5.bb}           | 0
 .../go/{go-runtime_1.16.4.bb => go-runtime_1.16.5.bb}         | 0
 meta/recipes-devtools/go/{go_1.16.4.bb => go_1.16.5.bb}       | 0
 8 files changed, 4 insertions(+), 4 deletions(-)
 rename meta/recipes-devtools/go/{go-1.16.4.inc => go-1.16.5.inc} (88%)
 rename meta/recipes-devtools/go/{go-binary-native_1.16.4.bb => go-binary-native_1.16.5.bb} (83%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.16.4.bb => go-cross-canadian_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.16.4.bb => go-cross_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.16.4.bb => go-crosssdk_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-native_1.16.4.bb => go-native_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.16.4.bb => go-runtime_1.16.5.bb} (100%)
 rename meta/recipes-devtools/go/{go_1.16.4.bb => go_1.16.5.bb} (100%)

diff --git a/meta/recipes-devtools/go/go-1.16.4.inc b/meta/recipes-devtools/go/go-1.16.5.inc
similarity index 88%
rename from meta/recipes-devtools/go/go-1.16.4.inc
rename to meta/recipes-devtools/go/go-1.16.5.inc
index 71c17de310..bd928e44f8 100644
--- a/meta/recipes-devtools/go/go-1.16.4.inc
+++ b/meta/recipes-devtools/go/go-1.16.5.inc
@@ -1,7 +1,7 @@
 require go-common.inc
 
 GO_BASEVERSION = "1.16"
-PV = "1.16.4"
+PV = "1.16.5"
 FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
@@ -17,4 +17,4 @@ SRC_URI += "\
     file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
     file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
 "
-SRC_URI[main.sha256sum] = "ae4f6b6e2a1677d31817984655a762074b5356da50fb58722b99104870d43503"
+SRC_URI[main.sha256sum] = "7bfa7e5908c7cc9e75da5ddf3066d7cbcf3fd9fa51945851325eebc17f50ba80"
diff --git a/meta/recipes-devtools/go/go-binary-native_1.16.4.bb b/meta/recipes-devtools/go/go-binary-native_1.16.5.bb
similarity index 83%
rename from meta/recipes-devtools/go/go-binary-native_1.16.4.bb
rename to meta/recipes-devtools/go/go-binary-native_1.16.5.bb
index 8c046e8e53..b3e2b6a60e 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.16.4.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.16.5.bb
@@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
 PROVIDES = "go-native"
 
 SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "7154e88f5a8047aad4b80ebace58a059e36e7e2e4eb3b383127a28c711b4ff59"
-SRC_URI[go_linux_arm64.sha256sum] = "8b18eb05ddda2652d69ab1b1dd1f40dd731799f43c6a58b512ad01ae5b5bba21"
+SRC_URI[go_linux_amd64.sha256sum] = "b12c23023b68de22f74c0524f10b753e7b08b1504cb7e417eccebdd3fae49061"
+SRC_URI[go_linux_arm64.sha256sum] = "d5446b46ef6f36fdffa852f73dfbbe78c1ddf010b99fa4964944b9ae8b4d6799"
 
 UPSTREAM_CHECK_URI = "https://golang.org/dl/"
 UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.16.4.bb b/meta/recipes-devtools/go/go-cross-canadian_1.16.5.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.16.4.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.16.5.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.16.4.bb b/meta/recipes-devtools/go/go-cross_1.16.5.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.16.4.bb
rename to meta/recipes-devtools/go/go-cross_1.16.5.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.16.4.bb b/meta/recipes-devtools/go/go-crosssdk_1.16.5.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.16.4.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.16.5.bb
diff --git a/meta/recipes-devtools/go/go-native_1.16.4.bb b/meta/recipes-devtools/go/go-native_1.16.5.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-native_1.16.4.bb
rename to meta/recipes-devtools/go/go-native_1.16.5.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.16.4.bb b/meta/recipes-devtools/go/go-runtime_1.16.5.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.16.4.bb
rename to meta/recipes-devtools/go/go-runtime_1.16.5.bb
diff --git a/meta/recipes-devtools/go/go_1.16.4.bb b/meta/recipes-devtools/go/go_1.16.5.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.16.4.bb
rename to meta/recipes-devtools/go/go_1.16.5.bb
-- 
2.31.1

[hardknott][PATCH 21/28] curl: Fix CVE-2021-22898

[Anuj Mittal]

From: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>

CVE:
CVE-2021-22898

Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../curl/curl/CVE-2021-22898.patch            | 32 +++++++++++++++++++
 meta/recipes-support/curl/curl_7.75.0.bb      |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22898.patch

diff --git a/meta/recipes-support/curl/curl/CVE-2021-22898.patch b/meta/recipes-support/curl/curl/CVE-2021-22898.patch
new file mode 100644
index 0000000000..1a9cd7289e
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2021-22898.patch
@@ -0,0 +1,32 @@
+From 39ce47f219b09c380b81f89fe54ac586c8db6bde Mon Sep 17 00:00:00 2001
+From: Harry Sintonen <sintonen@iki.fi>
+Date: Fri, 7 May 2021 13:09:57 +0200
+Subject: [PATCH] telnet: check sscanf() for correct number of matches
+
+CVE-2021-22898
+
+Bug: https://curl.se/docs/CVE-2021-22898.html
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde]
+
+CVE: CVE-2021-22898
+
+Signed-off-by: Harry Sintonen <sintonen@iki.fi>
+Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
+---
+ lib/telnet.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/telnet.c b/lib/telnet.c
+index 26e0658ba9cc..fdd137fb0c04 100644
+--- a/lib/telnet.c
++++ b/lib/telnet.c
+@@ -922,7 +922,7 @@ static void suboption(struct Curl_easy *data)
+         size_t tmplen = (strlen(v->data) + 1);
+         /* Add the variable only if it fits */
+         if(len + tmplen < (int)sizeof(temp)-6) {
+-          if(sscanf(v->data, "%127[^,],%127s", varname, varval)) {
++          if(sscanf(v->data, "%127[^,],%127s", varname, varval) == 2) {
+             msnprintf((char *)&temp[len], sizeof(temp) - len,
+                       "%c%s%c%s", CURL_NEW_ENV_VAR, varname,
+                       CURL_NEW_ENV_VALUE, varval);
diff --git a/meta/recipes-support/curl/curl_7.75.0.bb b/meta/recipes-support/curl/curl_7.75.0.bb
index f7a8202bc9..433037f564 100644
--- a/meta/recipes-support/curl/curl_7.75.0.bb
+++ b/meta/recipes-support/curl/curl_7.75.0.bb
@@ -15,6 +15,7 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \
            file://0002-transfer-strip-credentials-from-the-auto-referer-hea.patch \
            file://vtls-fix-addsessionid.patch \
            file://vtls-fix-warning.patch \
+           file://CVE-2021-22898.patch \
 "
 
 SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb316d026"
-- 
2.31.1

[hardknott][PATCH 22/28] curl: Fix CVE-2021-22897

[Anuj Mittal]

From: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>

CVE:
CVE-2021-22897

Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../curl/curl/CVE-2021-22897.patch            | 72 +++++++++++++++++++
 meta/recipes-support/curl/curl_7.75.0.bb      |  1 +
 2 files changed, 73 insertions(+)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22897.patch

diff --git a/meta/recipes-support/curl/curl/CVE-2021-22897.patch b/meta/recipes-support/curl/curl/CVE-2021-22897.patch
new file mode 100644
index 0000000000..fcd11b7674
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2021-22897.patch
@@ -0,0 +1,72 @@
+From bbb71507b7bab52002f9b1e0880bed6a32834511 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Fri, 23 Apr 2021 10:54:10 +0200
+Subject: [PATCH] schannel: don't use static to store selected ciphers
+
+CVE-2021-22897
+
+Bug: https://curl.se/docs/CVE-2021-22897.html
+
+Upstream-Status: Backport
+[https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511]
+
+CVE: CVE-2021-22897
+
+Signed-off-by: Daniel Stenberg <daniel@haxx.se>
+Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
+---
+ lib/vtls/schannel.c | 9 +++++----
+ lib/vtls/schannel.h | 3 +++
+ 2 files changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
+index 8c25ac5dd5a5..dba7072273a9 100644
+--- a/lib/vtls/schannel.c
++++ b/lib/vtls/schannel.c
+@@ -328,12 +328,12 @@ get_alg_id_by_name(char *name)
+ }
+ 
+ static CURLcode
+-set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers)
++set_ssl_ciphers(SCHANNEL_CRED *schannel_cred, char *ciphers,
++                int *algIds)
+ {
+   char *startCur = ciphers;
+   int algCount = 0;
+-  static ALG_ID algIds[45]; /*There are 45 listed in the MS headers*/
+-  while(startCur && (0 != *startCur) && (algCount < 45)) {
++  while(startCur && (0 != *startCur) && (algCount < NUMOF_CIPHERS)) {
+     long alg = strtol(startCur, 0, 0);
+     if(!alg)
+       alg = get_alg_id_by_name(startCur);
+@@ -593,7 +593,8 @@ schannel_connect_step1(struct Curl_easy *data, struct connectdata *conn,
+     }
+ 
+     if(SSL_CONN_CONFIG(cipher_list)) {
+-      result = set_ssl_ciphers(&schannel_cred, SSL_CONN_CONFIG(cipher_list));
++      result = set_ssl_ciphers(&schannel_cred, SSL_CONN_CONFIG(cipher_list),
++                               BACKEND->algIds);
+       if(CURLE_OK != result) {
+         failf(data, "Unable to set ciphers to passed via SSL_CONN_CONFIG");
+         return result;
+diff --git a/lib/vtls/schannel.h b/lib/vtls/schannel.h
+index 2952caa1a5a1..77853aa30f96 100644
+--- a/lib/vtls/schannel.h
++++ b/lib/vtls/schannel.h
+@@ -71,6 +71,8 @@ CURLcode Curl_verify_certificate(struct Curl_easy *data,
+ #endif
+ #endif
+ 
++#define NUMOF_CIPHERS 45 /* There are 45 listed in the MS headers */
++
+ struct Curl_schannel_cred {
+   CredHandle cred_handle;
+   TimeStamp time_stamp;
+@@ -102,6 +104,7 @@ struct ssl_backend_data {
+ #ifdef HAS_MANUAL_VERIFY_API
+   bool use_manual_cred_validation; /* true if manual cred validation is used */
+ #endif
++  ALG_ID algIds[NUMOF_CIPHERS];
+ };
+ #endif /* EXPOSE_SCHANNEL_INTERNAL_STRUCTS */
+ 
diff --git a/meta/recipes-support/curl/curl_7.75.0.bb b/meta/recipes-support/curl/curl_7.75.0.bb
index 433037f564..42be2eb0b5 100644
--- a/meta/recipes-support/curl/curl_7.75.0.bb
+++ b/meta/recipes-support/curl/curl_7.75.0.bb
@@ -16,6 +16,7 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \
            file://vtls-fix-addsessionid.patch \
            file://vtls-fix-warning.patch \
            file://CVE-2021-22898.patch \
+           file://CVE-2021-22897.patch \
 "
 
 SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb316d026"
-- 
2.31.1

[hardknott][PATCH 23/28] oeqa/selftest/multiprocesslauch: Fix test race

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Having two possible failures in multiprocesslauch creates a race where one failure
may occur and stop processes being lanuched meaning the second failure may not
be seen. Rather than having periodic races appearing on the autobuilder, only
have one failure, making the test much more deterministic.

[YOCTO #13054]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 31e9dcda40aae3ce0801580c838928956e1455e3)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oeqa/selftest/cases/oelib/utils.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/meta/lib/oeqa/selftest/cases/oelib/utils.py b/meta/lib/oeqa/selftest/cases/oelib/utils.py
index a7214beb4c..bbf67bf9c9 100644
--- a/meta/lib/oeqa/selftest/cases/oelib/utils.py
+++ b/meta/lib/oeqa/selftest/cases/oelib/utils.py
@@ -64,7 +64,7 @@ class TestMultiprocessLaunch(TestCase):
         import bb
 
         def testfunction(item, d):
-            if item == "2" or item == "1":
+            if item == "2":
                 raise KeyError("Invalid number %s" % item)
             return "Found %s" % item
 
@@ -99,5 +99,4 @@ class TestMultiprocessLaunch(TestCase):
         # Assert the function prints exceptions
         with captured_output() as (out, err):
             self.assertRaises(bb.BBHandledException, multiprocess_launch, testfunction, ["1", "2", "3", "4", "5", "6"], d, extraargs=(d,))
-        self.assertIn("KeyError: 'Invalid number 1'", out.getvalue())
         self.assertIn("KeyError: 'Invalid number 2'", out.getvalue())
-- 
2.31.1

[hardknott][PATCH 24/28] dwarfsrcfiles: Avoid races over debug-link files

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

We use dwarfsrcfiles in package.bbclass to list the source files used by a binary.
This is done before they're stripped and linked to debug symbols in separate files.

It is possible a binary may already have a link to separate debug symbols, e.g.
some of the test binaries in lttng-tools ptest. In those cases, the linked binary
may be changed by package.bbclass code whilst dwarfsrcfiles is reading it. That
would result in a rare SIGBUS race causing the binary to fail.

To avoid this, break the debug file search path so no other binaries are found.

Also fix a segfault if no binary is specified while here.

[YOCTO #14400]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit efef732859e265533acf16f2f4da3b29d50e0df4)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../dwarfsrcfiles/files/dwarfsrcfiles.c             | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-devtools/dwarfsrcfiles/files/dwarfsrcfiles.c b/meta/recipes-devtools/dwarfsrcfiles/files/dwarfsrcfiles.c
index af7af524eb..9eb5ca807a 100644
--- a/meta/recipes-devtools/dwarfsrcfiles/files/dwarfsrcfiles.c
+++ b/meta/recipes-devtools/dwarfsrcfiles/files/dwarfsrcfiles.c
@@ -9,6 +9,7 @@
 
 #include <argp.h>
 #include <stdio.h>
+#include <stdlib.h>
 
 #include <dwarf.h>
 #include <elfutils/libdw.h>
@@ -83,13 +84,15 @@ process_cu (Dwarf_Die *cu_die)
 int
 main (int argc, char **argv)
 {
-  char* args[3];
+  char* args[5];
   int res = 0;
   Dwfl *dwfl;
   Dwarf_Addr bias;
   
-  if (argc != 2)
+  if (argc != 2) {
     fprintf(stderr, "Usage %s <file>", argv[0]);
+    exit(EXIT_FAILURE);
+  }
   
   // Pretend "dwarfsrcfiles -e <file>" was given, so we can use standard
   // dwfl argp parser to open the file for us and get our Dwfl. Useful
@@ -98,8 +101,12 @@ main (int argc, char **argv)
   args[0] = argv[0];
   args[1] = "-e";
   args[2] = argv[1];
+  // We don't want to follow debug linked files due to the way OE processes
+  // files, could race against changes in the linked binary (e.g. objcopy on it)
+  args[3] = "--debuginfo-path";
+  args[4] = "/not/exist";
   
-  argp_parse (dwfl_standard_argp (), 3, args, 0, NULL, &dwfl);
+  argp_parse (dwfl_standard_argp (), 5, args, 0, NULL, &dwfl);
   
   Dwarf_Die *cu = NULL;
   while ((cu = dwfl_nextcu (dwfl, cu, &bias)) != NULL)
-- 
2.31.1

[hardknott][PATCH 25/28] kernel-devsrc: fix scripts/prepare for ARM64

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

There are two new tools in 5.13+ required for on target
recreation of the build environment.

We conditionally add them to the devsrc recipe to support
both 5.13 and older kernels.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cb1b7e76f20dc7f11a667fa00958ab56e680c632)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-kernel/linux/kernel-devsrc.bb | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/meta/recipes-kernel/linux/kernel-devsrc.bb b/meta/recipes-kernel/linux/kernel-devsrc.bb
index 84e99233e6..b1837b3a51 100644
--- a/meta/recipes-kernel/linux/kernel-devsrc.bb
+++ b/meta/recipes-kernel/linux/kernel-devsrc.bb
@@ -163,6 +163,14 @@ do_install() {
             cp -a --parents arch/arm64/kernel/vdso/gen_vdso_offsets.sh $kerneldir/build/
 
             cp -a --parents arch/arm64/kernel/module.lds $kerneldir/build/ 2>/dev/null || :
+
+            # 5.13+ needs these tools
+            cp -a --parents arch/arm64/tools/gen-cpucaps.awk $kerneldir/build/ 2>/dev/null || :
+            cp -a --parents arch/arm64/tools/cpucaps $kerneldir/build/ 2>/dev/null || :
+
+            if [ -e $kerneldir/build/arch/arm64/tools/gen-cpucaps.awk ]; then
+                 sed -i -e "s,#!.*awk.*,#!${USRBINPATH}/env awk," $kerneldir/build/arch/arm64/tools/gen-cpucaps.awk
+            fi
 	fi
 
 	if [ "${ARCH}" = "powerpc" ]; then
@@ -307,3 +315,5 @@ RDEPENDS_${PN} += "openssl-dev util-linux"
 RDEPENDS_${PN} += "${@bb.utils.contains('ARCH', 'x86', 'elfutils', '', d)}"
 # 5.8+ needs gcc-plugins libmpc-dev
 RDEPENDS_${PN} += "gcc-plugins libmpc-dev"
+# 5.13+ needs awk for arm64
+RDEPENDS_${PN}_append_aarch64 = " gawk"
-- 
2.31.1

[hardknott][PATCH 26/28] kernel-devsrc: fix scripts prepare for powerpc

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

5.13 introduces some new tweaks required to get on target scripts
and prepare working for powerpc:

  - 'nm' is detected as 'nm --synthetic', so we adjust our replacement
  - more vdso is required on target, so we copy those files (like arm64
    does)
  - grep is required during processing, so we add it to the redpends

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c43baf3a0e41b41a64f450fd03810306c8ddd314)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-kernel/linux/kernel-devsrc.bb | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-kernel/linux/kernel-devsrc.bb b/meta/recipes-kernel/linux/kernel-devsrc.bb
index b1837b3a51..92076ac8b0 100644
--- a/meta/recipes-kernel/linux/kernel-devsrc.bb
+++ b/meta/recipes-kernel/linux/kernel-devsrc.bb
@@ -112,6 +112,9 @@ do_install() {
 	if [ "${ARCH}" = "arm64" ]; then
 	    cp -a --parents arch/arm64/kernel/vdso/vdso.lds $kerneldir/build/
 	fi
+	if [ "${ARCH}" = "powerpc" ]; then
+	    cp -a --parents arch/powerpc/kernel/vdso32/vdso32.lds $kerneldir/build 2>/dev/null || :
+	fi
 
 	cp -a include $kerneldir/build/include
 
@@ -178,6 +181,7 @@ do_install() {
 	    cp -a --parents arch/${ARCH}/kernel/syscalls/syscall.tbl $kerneldir/build/ 2>/dev/null || :
 	    cp -a --parents arch/${ARCH}/kernel/syscalls/syscalltbl.sh $kerneldir/build/ 2>/dev/null || :
 	    cp -a --parents arch/${ARCH}/kernel/syscalls/syscallhdr.sh $kerneldir/build/ 2>/dev/null || :
+	    cp -a --parents arch/${ARCH}/kernel/vdso32/* $kerneldir/build/ 2>/dev/null || :
 	fi
 
 	# include the machine specific headers for ARM variants, if available.
@@ -281,7 +285,11 @@ do_install() {
         sed -i 's/ifneq "$(LD)" ".*-linux-.*ld.bfd.*$/ifneq "$(LD)" "ld"/' "$kerneldir/build/include/config/auto.conf.cmd"
         sed -i 's/ifneq "$(AR)" ".*-linux-.*ar.*$/ifneq "$(AR)" "ar"/' "$kerneldir/build/include/config/auto.conf.cmd"
         sed -i 's/ifneq "$(OBJCOPY)" ".*-linux-.*objcopy.*$/ifneq "$(OBJCOPY)" "objcopy"/' "$kerneldir/build/include/config/auto.conf.cmd"
-        sed -i 's/ifneq "$(NM)" ".*-linux-.*nm.*$/ifneq "$(NM)" "nm"/' "$kerneldir/build/include/config/auto.conf.cmd"
+        if [ "${ARCH}" = "powerpc" ]; then
+            sed -i 's/ifneq "$(NM)" ".*-linux-.*nm.*$/ifneq "$(NM)" "nm --synthetic"/' "$kerneldir/build/include/config/auto.conf.cmd"
+        else
+            sed -i 's/ifneq "$(NM)" ".*-linux-.*nm.*$/ifneq "$(NM)" "nm"/' "$kerneldir/build/include/config/auto.conf.cmd"
+        fi
         sed -i 's/ifneq "$(HOSTCXX)" ".*$/ifneq "$(HOSTCXX)" "g++"/' "$kerneldir/build/include/config/auto.conf.cmd"
         sed -i 's/ifneq "$(HOSTCC)" ".*$/ifneq "$(HOSTCC)" "gcc"/' "$kerneldir/build/include/config/auto.conf.cmd"
         sed -i 's/ifneq "$(CC_VERSION_TEXT)".*\(gcc.*\)"/ifneq "$(CC_VERSION_TEXT)" "\1"/' "$kerneldir/build/include/config/auto.conf.cmd"
@@ -317,3 +325,5 @@ RDEPENDS_${PN} += "${@bb.utils.contains('ARCH', 'x86', 'elfutils', '', d)}"
 RDEPENDS_${PN} += "gcc-plugins libmpc-dev"
 # 5.13+ needs awk for arm64
 RDEPENDS_${PN}_append_aarch64 = " gawk"
+# 5.13+ needs grep for powerpc
+RDEPENDS_${PN}_append_powerpc = " grep"
-- 
2.31.1

[hardknott][PATCH 27/28] busybox: add tmpdir option into mktemp applet

[Anuj Mittal]

From: Andrej Valek <andrej.valek@siemens.com>

- Make mktemp applet compatible with --tmpdir option in ca-certificate
update script.

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3d969e482d29da29828d1510f106f161d2b3d3c0)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../0001-mktemp-add-tmpdir-option.patch       | 81 +++++++++++++++++++
 meta/recipes-core/busybox/busybox_1.33.1.bb   |  5 +-
 2 files changed, 84 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-core/busybox/busybox/0001-mktemp-add-tmpdir-option.patch

diff --git a/meta/recipes-core/busybox/busybox/0001-mktemp-add-tmpdir-option.patch b/meta/recipes-core/busybox/busybox/0001-mktemp-add-tmpdir-option.patch
new file mode 100644
index 0000000000..4a1960dff2
--- /dev/null
+++ b/meta/recipes-core/busybox/busybox/0001-mktemp-add-tmpdir-option.patch
@@ -0,0 +1,81 @@
+From ceb378209f953ea745ed93a8645567196380ce3c Mon Sep 17 00:00:00 2001
+From: Andrej Valek <andrej.valek@siemens.com>
+Date: Thu, 24 Jun 2021 19:13:22 +0200
+Subject: [PATCH] mktemp: add tmpdir option
+
+Make mktemp more compatible with coreutils.
+- add "--tmpdir" option
+- add long variants for "d,q,u" options
+
+Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2021-June/088932.html]
+
+Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ coreutils/mktemp.c | 26 ++++++++++++++++++--------
+ 1 file changed, 18 insertions(+), 8 deletions(-)
+
+diff --git a/coreutils/mktemp.c b/coreutils/mktemp.c
+index 5393320a5..05c6d98c6 100644
+--- a/coreutils/mktemp.c
++++ b/coreutils/mktemp.c
+@@ -39,16 +39,17 @@
+ //kbuild:lib-$(CONFIG_MKTEMP) += mktemp.o
+ 
+ //usage:#define mktemp_trivial_usage
+-//usage:       "[-dt] [-p DIR] [TEMPLATE]"
++//usage:       "[-dt] [-p DIR, --tmpdir[=DIR]] [TEMPLATE]"
+ //usage:#define mktemp_full_usage "\n\n"
+ //usage:       "Create a temporary file with name based on TEMPLATE and print its name.\n"
+ //usage:       "TEMPLATE must end with XXXXXX (e.g. [/dir/]nameXXXXXX).\n"
+ //usage:       "Without TEMPLATE, -t tmp.XXXXXX is assumed.\n"
+-//usage:     "\n	-d	Make directory, not file"
+-//usage:     "\n	-q	Fail silently on errors"
+-//usage:     "\n	-t	Prepend base directory name to TEMPLATE"
+-//usage:     "\n	-p DIR	Use DIR as a base directory (implies -t)"
+-//usage:     "\n	-u	Do not create anything; print a name"
++//usage:     "\n	-d			Make directory, not file"
++//usage:     "\n	-q			Fail silently on errors"
++//usage:     "\n	-t			Prepend base directory name to TEMPLATE"
++//usage:     "\n	-p DIR, --tmpdir[=DIR]	Use DIR as a base directory (implies -t)"
++//usage:     "\n				For --tmpdir is a optional one."
++//usage:     "\n	-u			Do not create anything; print a name"
+ //usage:     "\n"
+ //usage:     "\nBase directory is: -p DIR, else $TMPDIR, else /tmp"
+ //usage:
+@@ -72,13 +73,22 @@ int mktemp_main(int argc UNUSED_PARAM, char **argv)
+ 		OPT_t = 1 << 2,
+ 		OPT_p = 1 << 3,
+ 		OPT_u = 1 << 4,
++		OPT_td = 1 << 5,
+ 	};
+ 
+ 	path = getenv("TMPDIR");
+ 	if (!path || path[0] == '\0')
+ 		path = "/tmp";
+ 
+-	opts = getopt32(argv, "^" "dqtp:u" "\0" "?1"/*1 arg max*/, &path);
++	opts = getopt32long(argv, "^"
++	       "dqtp:u\0"
++	       "?1" /* 1 arg max */,
++	       "directory\0" No_argument       "d"
++	       "quiet\0"     No_argument       "q"
++	       "dry-run\0"   No_argument       "u"
++	       "tmpdir\0"    Optional_argument "\xff"
++	       , &path, &path
++	);
+ 
+ 	chp = argv[optind];
+ 	if (!chp) {
+@@ -95,7 +105,7 @@ int mktemp_main(int argc UNUSED_PARAM, char **argv)
+ 		goto error;
+ 	}
+ #endif
+-	if (opts & (OPT_t|OPT_p))
++	if (opts & (OPT_t|OPT_p|OPT_td))
+ 		chp = concat_path_file(path, chp);
+ 
+ 	if (opts & OPT_u) {
+-- 
+2.11.0
+
diff --git a/meta/recipes-core/busybox/busybox_1.33.1.bb b/meta/recipes-core/busybox/busybox_1.33.1.bb
index 3a70a8056e..4002d6a5c6 100644
--- a/meta/recipes-core/busybox/busybox_1.33.1.bb
+++ b/meta/recipes-core/busybox/busybox_1.33.1.bb
@@ -37,6 +37,8 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
            ${@["", "file://mdev.cfg"][(d.getVar('VIRTUAL-RUNTIME_dev_manager') == 'busybox-mdev')]} \
            file://syslog.cfg \
            file://unicode.cfg \
+           file://rev.cfg \
+           file://pgrep.cfg \
            file://rcS \
            file://rcK \
            file://makefile-libbb-race.patch \
@@ -44,9 +46,8 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
            file://0001-testsuite-use-www.example.org-for-wget-test-cases.patch \
            file://0001-du-l-works-fix-to-use-145-instead-of-144.patch \
            file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \
-           file://rev.cfg \
-           file://pgrep.cfg \
            file://0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch \
+           file://0001-mktemp-add-tmpdir-option.patch \
            "
 SRC_URI_append_libc-musl = " file://musl.cfg "
 
-- 
2.31.1

[hardknott][PATCH 28/28] xserver-xorg: Fix builds without glx

[Anuj Mittal]

From: Wadim Egorov <w.egorov@phytec.de>

Signed-off-by: Wadim Egorov <w.egorov@phytec.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 ...nd-Makefile.am-fix-build-without-glx.patch | 46 +++++++++++++++++++
 .../xorg-xserver/xserver-xorg_1.20.10.bb      |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch
new file mode 100644
index 0000000000..4c9cb0ebb2
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch
@@ -0,0 +1,46 @@
+From 836f93de99b35050d78d61d3654f7c5655184144 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Fri, 19 Apr 2019 10:19:50 +0200
+Subject: [PATCH] hw/xwayland/Makefile.am: fix build without glx
+
+Commit d8ec33fe0542141aed1d9016d2ecaf52da944b4b added libglxvnd.la to
+Xwayland_LDFLAGS but GLX can be disabled through --disable-glx.
+In this case, build fails on:
+
+make[3]: *** No rule to make target '../../glx/libglxvnd.la', needed by 'Xwayland'.  Stop.
+make[3]: *** Waiting for unfinished jobs....
+
+Fixes:
+ - http://autobuild.buildroot.org/results/397f8098c57fc6c88aa12dc8d35ebb1b933d52ef
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/836f93de99b35050d78d61d3654f7c5655184144]
+Signed-off-by: Wadim Egorov <w.egorov@phytec.de>
+---
+ hw/xwayland/Makefile.am | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/hw/xwayland/Makefile.am b/hw/xwayland/Makefile.am
+index bc1cb8506..502879e2a 100644
+--- a/hw/xwayland/Makefile.am
++++ b/hw/xwayland/Makefile.am
+@@ -21,10 +21,14 @@ Xwayland_SOURCES =				\
+ 	$(top_srcdir)/Xi/stubs.c		\
+ 	$(top_srcdir)/mi/miinitext.c
+ 
++if GLX
++GLXVND_LIB = $(top_builddir)/glx/libglxvnd.la
++endif
++
+ Xwayland_LDADD =				\
+ 	$(glamor_lib)				\
+ 	$(XWAYLAND_LIBS)			\
+-	$(top_builddir)/glx/libglxvnd.la	\
++	$(GLXVND_LIB)				\
+ 	$(XWAYLAND_SYS_LIBS)			\
+ 	$(top_builddir)/Xext/libXvidmode.la	\
+ 	$(XSERVER_SYS_LIBS)
+-- 
+2.25.1
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
index 755a762a73..e0551fa999 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
@@ -8,6 +8,7 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat
            file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \
            file://0001-Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch \
            file://CVE-2021-3472.patch \
+           file://0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch \
            "
 SRC_URI[sha256sum] = "977420c082450dc808de301ef56af4856d653eea71519a973c3490a780cb7c99"
 
-- 
2.31.1