* [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
@ 2021-10-17 2:51 Pgowda
2021-10-17 5:05 ` [OE-core] " Khem Raj
0 siblings, 1 reply; 10+ messages in thread
From: Pgowda @ 2021-10-17 2:51 UTC (permalink / raw)
To: openembedded-core; +Cc: anuj.mittal, rwmacleod, umesh.kalappa0, Pgowda
glibc-2.33 release version of Feb 2021 is used in Hardknott branch.
There are many bug fixes in the latest glibc-2.33 version. The patch
takes the latest glibc-2.33 version commit.
Regression tested on X86-64 without any new issues.
Signed-off-by: Pgowda <pgowda.cve@gmail.com>
---
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../glibc/glibc/0001-CVE-2021-38604.patch | 40 ----
...-private-futex-optimization-BZ-27304.patch | 49 -----
.../glibc/glibc/0002-CVE-2021-38604.patch | 147 --------------
...-ISA-support-for-x86-64-level-marker.patch | 116 -----------
...ork-around-GCC-PR-98512-in-rawmemchr.patch | 58 ------
...-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch | 185 ------------------
.../glibc/glibc/CVE-2021-27318-revert.patch | 174 ++++++++++++++++
.../glibc/glibc/CVE-2021-27645.patch | 51 -----
.../glibc/glibc/CVE-2021-33574_1.patch | 76 -------
.../glibc/glibc/CVE-2021-33574_2.patch | 61 ------
.../glibc/glibc/CVE-2021-35942.patch | 44 -----
meta/recipes-core/glibc/glibc_2.33.bb | 10 -
13 files changed, 175 insertions(+), 838 deletions(-)
delete mode 100644 meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
delete mode 100644 meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
delete mode 100644 meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
delete mode 100644 meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
delete mode 100644 meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
delete mode 100644 meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
create mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 3a95173175..4d69187961 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.33/master"
PV = "2.33"
-SRCREV_glibc ?= "9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3"
+SRCREV_glibc ?= "6090cf1330faf2deb17285758f327cb23b89ebf1"
SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
deleted file mode 100644
index 8a52ac957c..0000000000
--- a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17 00:00:00 2001
-From: Nikita Popov <npv1310@gmail.com>
-Date: Mon, 9 Aug 2021 20:17:34 +0530
-Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213)
-
-Helper thread frees copied attribute on NOTIFY_REMOVED message
-received from the OS kernel. Unfortunately, it fails to check whether
-copied attribute actually exists (data.attr != NULL). This worked
-earlier because free() checks passed pointer before actually
-attempting to release corresponding memory. But
-__pthread_attr_destroy assumes pointer is not NULL.
-
-So passing NULL pointer to __pthread_attr_destroy will result in
-segmentation fault. This scenario is possible if
-notification->sigev_notify_attributes == NULL (which means default
-thread attributes should be used).
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8]
-CVE: CVE-2021-38604
-
-Signed-off-by: Nikita Popov <npv1310@gmail.com>
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- sysdeps/unix/sysv/linux/mq_notify.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
-index 6f46d29d1d..1714e1cc5f 100644
---- a/sysdeps/unix/sysv/linux/mq_notify.c
-+++ b/sysdeps/unix/sysv/linux/mq_notify.c
-@@ -132,7 +132,7 @@ helper_thread (void *arg)
- to wait until it is done with it. */
- (void) __pthread_barrier_wait (¬ify_barrier);
- }
-- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
-+ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED && data.attr != NULL)
- {
- /* The only state we keep is the copy of the thread attributes. */
- pthread_attr_destroy (data.attr);
diff --git a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch b/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
deleted file mode 100644
index 39fde5b785..0000000000
--- a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From c4ad832276f4dadfa40904109b26a521468f66bc Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Thu, 4 Feb 2021 15:00:20 +0100
-Subject: [PATCH] nptl: Remove private futex optimization [BZ #27304]
-
-It is effectively used, unexcept for pthread_cond_destroy, where we do
-not want it; see bug 27304. The internal locks do not support a
-process-shared mode.
-
-This fixes commit dc6cfdc934db9997c33728082d63552b9eee4563 ("nptl:
-Move pthread_cond_destroy implementation into libc").
-
-Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
-
-Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27304]
-Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
----
- sysdeps/nptl/lowlevellock-futex.h | 14 +-------------
- 1 file changed, 1 insertion(+), 13 deletions(-)
-
-diff --git a/sysdeps/nptl/lowlevellock-futex.h b/sysdeps/nptl/lowlevellock-futex.h
-index ecb729da6b..ca96397a4a 100644
---- a/sysdeps/nptl/lowlevellock-futex.h
-+++ b/sysdeps/nptl/lowlevellock-futex.h
-@@ -50,20 +50,8 @@
- #define LLL_SHARED FUTEX_PRIVATE_FLAG
-
- #ifndef __ASSEMBLER__
--
--# if IS_IN (libc) || IS_IN (rtld)
--/* In libc.so or ld.so all futexes are private. */
--# define __lll_private_flag(fl, private) \
-- ({ \
-- /* Prevent warnings in callers of this macro. */ \
-- int __lll_private_flag_priv __attribute__ ((unused)); \
-- __lll_private_flag_priv = (private); \
-- ((fl) | FUTEX_PRIVATE_FLAG); \
-- })
--# else
--# define __lll_private_flag(fl, private) \
-+# define __lll_private_flag(fl, private) \
- (((fl) | FUTEX_PRIVATE_FLAG) ^ (private))
--# endif
-
- # define lll_futex_syscall(nargs, futexp, op, ...) \
- ({ \
---
-2.27.0
-
diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
deleted file mode 100644
index b654cdfecb..0000000000
--- a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
+++ /dev/null
@@ -1,147 +0,0 @@
-From 4cc79c217744743077bf7a0ec5e0a4318f1e6641 Mon Sep 17 00:00:00 2001
-From: Nikita Popov <npv1310@gmail.com>
-Date: Thu, 12 Aug 2021 16:09:50 +0530
-Subject: [PATCH] librt: add test (bug 28213)
-
-This test implements following logic:
-1) Create POSIX message queue.
- Register a notification with mq_notify (using NULL attributes).
- Then immediately unregister the notification with mq_notify.
- Helper thread in a vulnerable version of glibc
- should cause NULL pointer dereference after these steps.
-2) Once again, register the same notification.
- Try to send a dummy message.
- Test is considered successfulif the dummy message
- is successfully received by the callback function.
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641]
-CVE: CVE-2021-38604
-
-Signed-off-by: Nikita Popov <npv1310@gmail.com>
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- rt/Makefile | 1 +
- rt/tst-bz28213.c | 101 +++++++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 102 insertions(+)
- create mode 100644 rt/tst-bz28213.c
-
-diff --git a/rt/Makefile b/rt/Makefile
-index 7b374f2073..c87d95793a 100644
---- a/rt/Makefile
-+++ b/rt/Makefile
-@@ -44,6 +44,7 @@ tests := tst-shm tst-timer tst-timer2 \
- tst-aio7 tst-aio8 tst-aio9 tst-aio10 \
- tst-mqueue1 tst-mqueue2 tst-mqueue3 tst-mqueue4 \
- tst-mqueue5 tst-mqueue6 tst-mqueue7 tst-mqueue8 tst-mqueue9 \
-+ tst-bz28213 \
- tst-timer3 tst-timer4 tst-timer5 \
- tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3 \
- tst-shm-cancel
-diff --git a/rt/tst-bz28213.c b/rt/tst-bz28213.c
-new file mode 100644
-index 0000000000..0c096b5a0a
---- /dev/null
-+++ b/rt/tst-bz28213.c
-@@ -0,0 +1,101 @@
-+/* Bug 28213: test for NULL pointer dereference in mq_notify.
-+ Copyright (C) The GNU Toolchain Authors.
-+ This file is part of the GNU C Library.
-+
-+ The GNU C Library is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU Lesser General Public
-+ License as published by the Free Software Foundation; either
-+ version 2.1 of the License, or (at your option) any later version.
-+
-+ The GNU C Library is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-+ Lesser General Public License for more details.
-+
-+ You should have received a copy of the GNU Lesser General Public
-+ License along with the GNU C Library; if not, see
-+ <https://www.gnu.org/licenses/>. */
-+
-+#include <errno.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <mqueue.h>
-+#include <signal.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <support/check.h>
-+
-+static mqd_t m = -1;
-+static const char msg[] = "hello";
-+
-+static void
-+check_bz28213_cb (union sigval sv)
-+{
-+ char buf[sizeof (msg)];
-+
-+ (void) sv;
-+
-+ TEST_VERIFY_EXIT ((size_t) mq_receive (m, buf, sizeof (buf), NULL)
-+ == sizeof (buf));
-+ TEST_VERIFY_EXIT (memcmp (buf, msg, sizeof (buf)) == 0);
-+
-+ exit (0);
-+}
-+
-+static void
-+check_bz28213 (void)
-+{
-+ struct sigevent sev;
-+
-+ memset (&sev, '\0', sizeof (sev));
-+ sev.sigev_notify = SIGEV_THREAD;
-+ sev.sigev_notify_function = check_bz28213_cb;
-+
-+ /* Step 1: Register & unregister notifier.
-+ Helper thread should receive NOTIFY_REMOVED notification.
-+ In a vulnerable version of glibc, NULL pointer dereference follows. */
-+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
-+ TEST_VERIFY_EXIT (mq_notify (m, NULL) == 0);
-+
-+ /* Step 2: Once again, register notification.
-+ Try to send one message.
-+ Test is considered successful, if the callback does exit (0). */
-+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
-+ TEST_VERIFY_EXIT (mq_send (m, msg, sizeof (msg), 1) == 0);
-+
-+ /* Wait... */
-+ pause ();
-+}
-+
-+static int
-+do_test (void)
-+{
-+ static const char m_name[] = "/bz28213_queue";
-+ struct mq_attr m_attr;
-+
-+ memset (&m_attr, '\0', sizeof (m_attr));
-+ m_attr.mq_maxmsg = 1;
-+ m_attr.mq_msgsize = sizeof (msg);
-+
-+ m = mq_open (m_name,
-+ O_RDWR | O_CREAT | O_EXCL,
-+ 0600,
-+ &m_attr);
-+
-+ if (m < 0)
-+ {
-+ if (errno == ENOSYS)
-+ FAIL_UNSUPPORTED ("POSIX message queues are not implemented\n");
-+ FAIL_EXIT1 ("Failed to create POSIX message queue: %m\n");
-+ }
-+
-+ TEST_VERIFY_EXIT (mq_unlink (m_name) == 0);
-+
-+ check_bz28213 ();
-+
-+ return 0;
-+}
-+
-+#include <support/test-driver.c>
diff --git a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch b/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
deleted file mode 100644
index 3cb60b2e55..0000000000
--- a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
+++ /dev/null
@@ -1,116 +0,0 @@
-From b1971f6f1331d738d1d6b376b4741668a7546125 Mon Sep 17 00:00:00 2001
-From: "H.J. Lu" <hjl.tools@gmail.com>
-Date: Tue, 2 Feb 2021 13:45:58 -0800
-Subject: [PATCH] x86: Require full ISA support for x86-64 level marker [BZ #27318]
-
-Since -march=sandybridge enables ISAs in x86-64 ISA level v3, the v3
-marker is set on libc.so. We couldn't set the needed ISA marker to v2
-since this libc won't run on all v2 machines. Technically, the v3 marker
-is correct. But the resulting libc.so won't run on Sandy Brigde, which
-is a v2 machine, even when libc is compiled with -march=sandybridge:
-
-$ ./elf/ld.so ./libc.so
-./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
-
-Instead, we require full ISA support for x86-64 level marker and disable
-x86-64 level marker for -march=sandybridge which enables ISAs between v2
-and v3.
-
-Upstream-Status: Submitted [https://sourceware.org/pipermail/libc-alpha/2021-February/122297.html]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
-
- sysdeps/x86/configure | 7 ++++++-
- sysdeps/x86/configure.ac | 2 +-
- sysdeps/x86/isa-level.c | 21 ++++++++++++++++++++-
- 3 files changed, 27 insertions(+), 3 deletions(-)
-
-diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
-index 5e32dc62b3..5b20646843 100644
---- a/sysdeps/x86/configure
-+++ b/sysdeps/x86/configure
-@@ -133,7 +133,12 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest c
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; }; then
- count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
-- if test "$count" = 1; then
-+ if test "$count" = 1 && { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c'
-+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
-+ (eval $ac_try) 2>&5
-+ ac_status=$?
-+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-+ test $ac_status = 0; }; }; then
- libc_cv_include_x86_isa_level=yes
- fi
- fi
-diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
-index f94088f377..54ecd33d2c 100644
---- a/sysdeps/x86/configure.ac
-+++ b/sysdeps/x86/configure.ac
-@@ -100,7 +100,7 @@ EOF
- libc_cv_include_x86_isa_level=no
- if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then
- count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
-- if test "$count" = 1; then
-+ if test "$count" = 1 && AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c); then
- libc_cv_include_x86_isa_level=yes
- fi
- fi
-diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
-index aaf524cb56..7f83449061 100644
---- a/sysdeps/x86/isa-level.c
-+++ b/sysdeps/x86/isa-level.c
-@@ -25,12 +25,17 @@
- License along with the GNU C Library; if not, see
- <https://www.gnu.org/licenses/>. */
-
--#include <elf.h>
-+#ifdef _LIBC
-+# include <elf.h>
-+#endif
-
- /* ELF program property for x86 ISA level. */
- #ifdef INCLUDE_X86_ISA_LEVEL
- # if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
- || defined __MMX__ || defined __SSE__ || defined __SSE2__
-+# if !defined __SSE__ || !defined __SSE2__
-+# error "Missing ISAs for x86-64 ISA level baseline"
-+# endif
- # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
- # else
- # define ISA_BASELINE 0
-@@ -40,6 +45,11 @@
- || (defined __x86_64__ && defined __LAHF_SAHF__) \
- || defined __POPCNT__ || defined __SSE3__ \
- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
-+# if !defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
-+ || !defined __POPCNT__ || !defined __SSE3__ \
-+ || !defined __SSSE3__ || !defined __SSE4_1__ || !defined __SSE4_2__
-+# error "Missing ISAs for x86-64 ISA level v2"
-+# endif
- # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
- # else
- # define ISA_V2 0
-@@ -48,6 +58,10 @@
- # if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
- || defined __XSAVE__
-+# if !defined __AVX__ || !defined __AVX2__ || !defined __F16C__ \
-+ || !defined __FMA__ || !defined __LZCNT__
-+# error "Missing ISAs for x86-64 ISA level v3"
-+# endif
- # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
- # else
- # define ISA_V3 0
-@@ -55,6 +69,11 @@
-
- # if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \
- || defined __AVX512DQ__ || defined __AVX512VL__
-+# if !defined __AVX512F__ || !defined __AVX512BW__ \
-+ || !defined __AVX512CD__ || !defined __AVX512DQ__ \
-+ || !defined __AVX512VL__
-+# error "Missing ISAs for x86-64 ISA level v4"
-+# endif
- # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
- # else
- # define ISA_V4 0
diff --git a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch b/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
deleted file mode 100644
index e904b28a05..0000000000
--- a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 044e603b698093cf48f6e6229e0b66acf05227e4 Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Fri, 19 Feb 2021 13:29:00 +0100
-Subject: [PATCH] string: Work around GCC PR 98512 in rawmemchr
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=044e603b698093cf48f6e6229e0b66acf05227e4]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- string/rawmemchr.c | 26 +++++++++++++++-----------
- 1 file changed, 15 insertions(+), 11 deletions(-)
-
-diff --git a/string/rawmemchr.c b/string/rawmemchr.c
-index 59bbeeaa42..b8523118e5 100644
---- a/string/rawmemchr.c
-+++ b/string/rawmemchr.c
-@@ -22,24 +22,28 @@
- # define RAWMEMCHR __rawmemchr
- #endif
-
--/* Find the first occurrence of C in S. */
--void *
--RAWMEMCHR (const void *s, int c)
--{
-- DIAG_PUSH_NEEDS_COMMENT;
-+/* The pragmata should be nested inside RAWMEMCHR below, but that
-+ triggers GCC PR 98512. */
-+DIAG_PUSH_NEEDS_COMMENT;
- #if __GNUC_PREREQ (7, 0)
-- /* GCC 8 warns about the size passed to memchr being larger than
-- PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
-- DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
-+/* GCC 8 warns about the size passed to memchr being larger than
-+ PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
-+DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
- #endif
- #if __GNUC_PREREQ (11, 0)
-- /* Likewise GCC 11, with a different warning option. */
-- DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
-+/* Likewise GCC 11, with a different warning option. */
-+DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
- #endif
-+
-+/* Find the first occurrence of C in S. */
-+void *
-+RAWMEMCHR (const void *s, int c)
-+{
- if (c != '\0')
- return memchr (s, c, (size_t)-1);
-- DIAG_POP_NEEDS_COMMENT;
- return (char *)s + strlen (s);
- }
- libc_hidden_def (__rawmemchr)
- weak_alias (__rawmemchr, rawmemchr)
-+
-+DIAG_POP_NEEDS_COMMENT;
---
-2.30.1
-
diff --git a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch b/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
deleted file mode 100644
index 3a004e227f..0000000000
--- a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
+++ /dev/null
@@ -1,185 +0,0 @@
-From 750b00a1ddae220403fd892a6fd4e0791ffd154a Mon Sep 17 00:00:00 2001
-From: "H.J. Lu" <hjl.tools@gmail.com>
-Date: Fri, 18 Sep 2020 07:55:14 -0700
-Subject: [PATCH] x86: Handle _SC_LEVEL1_ICACHE_LINESIZE [BZ #27444]
-
- x86: Move x86 processor cache info to cpu_features
-
-missed _SC_LEVEL1_ICACHE_LINESIZE.
-
-1. Add level1_icache_linesize to struct cpu_features.
-2. Initialize level1_icache_linesize by calling handle_intel,
-handle_zhaoxin and handle_amd with _SC_LEVEL1_ICACHE_LINESIZE.
-3. Return level1_icache_linesize for _SC_LEVEL1_ICACHE_LINESIZE.
-
-Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27444]
-Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
----
- sysdeps/x86/Makefile | 8 +++
- sysdeps/x86/cacheinfo.c | 3 +
- sysdeps/x86/dl-cacheinfo.h | 6 ++
- sysdeps/x86/include/cpu-features.h | 2 +
- .../x86/tst-sysconf-cache-linesize-static.c | 1 +
- sysdeps/x86/tst-sysconf-cache-linesize.c | 57 +++++++++++++++++++
- 6 files changed, 77 insertions(+)
- create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize-static.c
- create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize.c
-
-diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
-index dd82674342..d231263051 100644
---- a/sysdeps/x86/Makefile
-+++ b/sysdeps/x86/Makefile
-@@ -208,3 +208,11 @@ $(objpfx)check-cet.out: $(..)sysdeps/x86/check-cet.awk \
- generated += check-cet.out
- endif
- endif
-+
-+ifeq ($(subdir),posix)
-+tests += \
-+ tst-sysconf-cache-linesize \
-+ tst-sysconf-cache-linesize-static
-+tests-static += \
-+ tst-sysconf-cache-linesize-static
-+endif
-diff --git a/sysdeps/x86/cacheinfo.c b/sysdeps/x86/cacheinfo.c
-index 7b8df45e3b..5ea4723ca6 100644
---- a/sysdeps/x86/cacheinfo.c
-+++ b/sysdeps/x86/cacheinfo.c
-@@ -32,6 +32,9 @@ __cache_sysconf (int name)
- case _SC_LEVEL1_ICACHE_SIZE:
- return cpu_features->level1_icache_size;
-
-+ case _SC_LEVEL1_ICACHE_LINESIZE:
-+ return cpu_features->level1_icache_linesize;
-+
- case _SC_LEVEL1_DCACHE_SIZE:
- return cpu_features->level1_dcache_size;
-
-diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h
-index a31fa0783a..7cd00b92f1 100644
---- a/sysdeps/x86/dl-cacheinfo.h
-+++ b/sysdeps/x86/dl-cacheinfo.h
-@@ -707,6 +707,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- long int core;
- unsigned int threads = 0;
- unsigned long int level1_icache_size = -1;
-+ unsigned long int level1_icache_linesize = -1;
- unsigned long int level1_dcache_size = -1;
- unsigned long int level1_dcache_assoc = -1;
- unsigned long int level1_dcache_linesize = -1;
-@@ -726,6 +727,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
-
- level1_icache_size
- = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features);
-+ level1_icache_linesize
-+ = handle_intel (_SC_LEVEL1_ICACHE_LINESIZE, cpu_features);
- level1_dcache_size = data;
- level1_dcache_assoc
- = handle_intel (_SC_LEVEL1_DCACHE_ASSOC, cpu_features);
-@@ -753,6 +756,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE);
-
- level1_icache_size = handle_zhaoxin (_SC_LEVEL1_ICACHE_SIZE);
-+ level1_icache_linesize = handle_zhaoxin (_SC_LEVEL1_ICACHE_LINESIZE);
- level1_dcache_size = data;
- level1_dcache_assoc = handle_zhaoxin (_SC_LEVEL1_DCACHE_ASSOC);
- level1_dcache_linesize = handle_zhaoxin (_SC_LEVEL1_DCACHE_LINESIZE);
-@@ -772,6 +776,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- shared = handle_amd (_SC_LEVEL3_CACHE_SIZE);
-
- level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE);
-+ level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE);
- level1_dcache_size = data;
- level1_dcache_assoc = handle_amd (_SC_LEVEL1_DCACHE_ASSOC);
- level1_dcache_linesize = handle_amd (_SC_LEVEL1_DCACHE_LINESIZE);
-@@ -833,6 +838,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- }
-
- cpu_features->level1_icache_size = level1_icache_size;
-+ cpu_features->level1_icache_linesize = level1_icache_linesize;
- cpu_features->level1_dcache_size = level1_dcache_size;
- cpu_features->level1_dcache_assoc = level1_dcache_assoc;
- cpu_features->level1_dcache_linesize = level1_dcache_linesize;
-diff --git a/sysdeps/x86/include/cpu-features.h b/sysdeps/x86/include/cpu-features.h
-index 624736b40e..39a3f4f311 100644
---- a/sysdeps/x86/include/cpu-features.h
-+++ b/sysdeps/x86/include/cpu-features.h
-@@ -874,6 +874,8 @@ struct cpu_features
- unsigned long int rep_stosb_threshold;
- /* _SC_LEVEL1_ICACHE_SIZE. */
- unsigned long int level1_icache_size;
-+ /* _SC_LEVEL1_ICACHE_LINESIZE. */
-+ unsigned long int level1_icache_linesize;
- /* _SC_LEVEL1_DCACHE_SIZE. */
- unsigned long int level1_dcache_size;
- /* _SC_LEVEL1_DCACHE_ASSOC. */
-diff --git a/sysdeps/x86/tst-sysconf-cache-linesize-static.c b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
-new file mode 100644
-index 0000000000..152ae68821
---- /dev/null
-+++ b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
-@@ -0,0 +1 @@
-+#include "tst-sysconf-cache-linesize.c"
-diff --git a/sysdeps/x86/tst-sysconf-cache-linesize.c b/sysdeps/x86/tst-sysconf-cache-linesize.c
-new file mode 100644
-index 0000000000..642dbde5d2
---- /dev/null
-+++ b/sysdeps/x86/tst-sysconf-cache-linesize.c
-@@ -0,0 +1,57 @@
-+/* Test system cache line sizes.
-+ Copyright (C) 2021 Free Software Foundation, Inc.
-+ This file is part of the GNU C Library.
-+
-+ The GNU C Library is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU Lesser General Public
-+ License as published by the Free Software Foundation; either
-+ version 2.1 of the License, or (at your option) any later version.
-+
-+ The GNU C Library is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-+ Lesser General Public License for more details.
-+
-+ You should have received a copy of the GNU Lesser General Public
-+ License along with the GNU C Library; if not, see
-+ <https://www.gnu.org/licenses/>. */
-+
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <unistd.h>
-+#include <array_length.h>
-+
-+static struct
-+{
-+ const char *name;
-+ int _SC_val;
-+} sc_options[] =
-+ {
-+#define N(name) { "_SC_"#name, _SC_##name }
-+ N (LEVEL1_ICACHE_LINESIZE),
-+ N (LEVEL1_DCACHE_LINESIZE),
-+ N (LEVEL2_CACHE_LINESIZE)
-+ };
-+
-+static int
-+do_test (void)
-+{
-+ int result = EXIT_SUCCESS;
-+
-+ for (int i = 0; i < array_length (sc_options); ++i)
-+ {
-+ long int scret = sysconf (sc_options[i]._SC_val);
-+ if (scret < 0)
-+ {
-+ printf ("sysconf (%s) returned < 0 (%ld)\n",
-+ sc_options[i].name, scret);
-+ result = EXIT_FAILURE;
-+ }
-+ else
-+ printf ("sysconf (%s): %ld\n", sc_options[i].name, scret);
-+ }
-+
-+ return result;
-+}
-+
-+#include <support/test-driver.c>
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
new file mode 100644
index 0000000000..2f08a90dd0
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
@@ -0,0 +1,174 @@
+Since the full ISA set used in an ELF binary is unknown to compiler,
+an x86-64 ISA level marker indicates the minimum, not maximum, ISA set
+required to run such an ELF binary. We never guarantee a library with
+an x86-64 ISA level v3 marker doesn't contain other ISAs beyond x86-64
+ISA level v3, like AVX VNNI. We check the x86-64 ISA level marker for
+the minimum ISA set. Since -march=sandybridge enables only some ISAs
+in x86-64 ISA level v3, we should set the needed ISA marker to v2.
+Otherwise, libc is compiled with -march=sandybridge will fail to run on
+Sandy Bridge:
+
+$ ./elf/ld.so ./libc.so
+./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
+
+Set the minimum, instead of maximum, x86-64 ISA level marker should have
+no impact on the b-hwcaps directory assignment logic in ldconfig nor
+ld.so.
+
+(cherry picked from commit 339bf918ea4830fb35614632e96f3aab3237adce)
+---
+ config.h.in | 6 ++++++
+ sysdeps/x86/configure | 28 ++++++++++++++++++++++++++++
+ sysdeps/x86/configure.ac | 16 ++++++++++++++++
+ sysdeps/x86/isa-level.c | 25 ++++++++++++++-----------
+ 4 files changed, 64 insertions(+), 11 deletions(-)
+
+diff --git a/config.h.in b/config.h.in
+--- a/config.h.in 2021-10-16 03:28:49.447573081 -0700
++++ b/config.h.in 2021-10-16 03:29:38.626741181 -0700
+@@ -275,4 +275,10 @@
+ /* Define if x86 ISA level should be included in shared libraries. */
+ #undef INCLUDE_X86_ISA_LEVEL
+
++/* Define if -msahf is enabled by default on x86. */
++#undef HAVE_X86_LAHF_SAHF
++
++/* Define if -mmovbe is enabled by default on x86. */
++#undef HAVE_X86_MOVBE
++
+ #endif
+diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
+--- a/sysdeps/x86/configure 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/configure 2021-10-16 03:29:39.330729277 -0700
+@@ -126,6 +126,8 @@ cat > conftest2.S <<EOF
+ 4:
+ EOF
+ libc_cv_include_x86_isa_level=no
++libc_cv_have_x86_lahf_sahf=no
++libc_cv_have_x86_movbe=no
+ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+@@ -135,6 +137,24 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
+ count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
+ if test "$count" = 1; then
+ libc_cv_include_x86_isa_level=yes
++ cat > conftest.c <<EOF
++EOF
++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c'
++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++ test $ac_status = 0; }; } | grep -q "\-msahf"; then
++ libc_cv_have_x86_lahf_sahf=yes
++ fi
++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c'
++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++ test $ac_status = 0; }; } | grep -q "\-mmovbe"; then
++ libc_cv_have_x86_movbe=yes
++ fi
+ fi
+ fi
+ rm -f conftest*
+@@ -145,5 +165,13 @@ if test $libc_cv_include_x86_isa_level =
+ $as_echo "#define INCLUDE_X86_ISA_LEVEL 1" >>confdefs.h
+
+ fi
++if test $libc_cv_have_x86_lahf_sahf = yes; then
++ $as_echo "#define HAVE_X86_LAHF_SAHF 1" >>confdefs.h
++
++fi
++if test $libc_cv_have_x86_movbe = yes; then
++ $as_echo "#define HAVE_X86_MOVBE 1" >>confdefs.h
++
++fi
+ config_vars="$config_vars
+ enable-x86-isa-level = $libc_cv_include_x86_isa_level"
+diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
+--- a/sysdeps/x86/configure.ac 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/configure.ac 2021-10-16 03:29:40.038717306 -0700
+@@ -98,14 +98,30 @@ cat > conftest2.S <<EOF
+ 4:
+ EOF
+ libc_cv_include_x86_isa_level=no
++libc_cv_have_x86_lahf_sahf=no
++libc_cv_have_x86_movbe=no
+ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then
+ count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
+ if test "$count" = 1; then
+ libc_cv_include_x86_isa_level=yes
++ cat > conftest.c <<EOF
++EOF
++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-msahf"; then
++ libc_cv_have_x86_lahf_sahf=yes
++ fi
++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-mmovbe"; then
++ libc_cv_have_x86_movbe=yes
++ fi
+ fi
+ fi
+ rm -f conftest*])
+ if test $libc_cv_include_x86_isa_level = yes; then
+ AC_DEFINE(INCLUDE_X86_ISA_LEVEL)
+ fi
++if test $libc_cv_have_x86_lahf_sahf = yes; then
++ AC_DEFINE(HAVE_X86_LAHF_SAHF)
++fi
++if test $libc_cv_have_x86_movbe = yes; then
++ AC_DEFINE(HAVE_X86_MOVBE)
++fi
+ LIBC_CONFIG_VAR([enable-x86-isa-level], [$libc_cv_include_x86_isa_level])
+diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
+--- a/sysdeps/x86/isa-level.c 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/isa-level.c 2021-10-16 03:29:40.766704997 -0700
+@@ -29,32 +29,35 @@
+
+ /* ELF program property for x86 ISA level. */
+ #ifdef INCLUDE_X86_ISA_LEVEL
+-# if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
+- || defined __MMX__ || defined __SSE__ || defined __SSE2__
++# if defined __SSE__ && defined __SSE2__
++/* NB: ISAs, excluding MMX, in x86-64 ISA level baseline are used. */
+ # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
+ # else
+ # define ISA_BASELINE 0
+ # endif
+
+-# if defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
+- || (defined __x86_64__ && defined __LAHF_SAHF__) \
+- || defined __POPCNT__ || defined __SSE3__ \
+- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
++# if ISA_BASELINE && defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
++ && defined HAVE_X86_LAHF_SAHF && defined __POPCNT__ \
++ && defined __SSE3__ && defined __SSSE3__ && defined __SSE4_1__ \
++ && defined __SSE4_2__
++/* NB: ISAs in x86-64 ISA level v2 are used. */
+ # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
+ # else
+ # define ISA_V2 0
+ # endif
+
+-# if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
+- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
+- || defined __XSAVE__
++# if ISA_V2 && defined __AVX__ && defined __AVX2__ && defined __F16C__ \
++ && defined __FMA__ && defined __LZCNT__ && defined HAVE_X86_MOVBE
++/* NB: ISAs in x86-64 ISA level v3 are used. */
+ # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
+ # else
+ # define ISA_V3 0
+ # endif
+
+-# if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \
+- || defined __AVX512DQ__ || defined __AVX512VL__
++# if ISA_V3 && defined __AVX512F__ && defined __AVX512BW__ \
++ && defined __AVX512CD__ && defined __AVX512DQ__ \
++ && defined __AVX512VL__
++/* NB: ISAs in x86-64 ISA level v4 are used. */
+ # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
+ # else
+ # define ISA_V4 0
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
deleted file mode 100644
index 26c5c0d2a9..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From dca565886b5e8bd7966e15f0ca42ee5cff686673 Mon Sep 17 00:00:00 2001
-From: DJ Delorie <dj@redhat.com>
-Date: Thu, 25 Feb 2021 16:08:21 -0500
-Subject: [PATCH] nscd: Fix double free in netgroupcache [BZ #27462]
-
-In commit 745664bd798ec8fd50438605948eea594179fba1 a use-after-free
-was fixed, but this led to an occasional double-free. This patch
-tracks the "live" allocation better.
-
-Tested manually by a third party.
-
-Related: RHBZ 1927877
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Reviewed-by: Carlos O'Donell <carlos@redhat.com>
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=dca565886b5e8bd7966e15f0ca42ee5cff686673]
-
-CVE: CVE-2021-27645
-
-Reviewed-by: Carlos O'Donell <carlos@redhat.com>
-Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
----
- nscd/netgroupcache.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
-index dba6ceec1b..ad2daddafd 100644
---- a/nscd/netgroupcache.c
-+++ b/nscd/netgroupcache.c
-@@ -248,7 +248,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
- : NULL);
- ndomain = (ndomain ? newbuf + ndomaindiff
- : NULL);
-- buffer = newbuf;
-+ *tofreep = buffer = newbuf;
- }
-
- nhost = memcpy (buffer + bufused,
-@@ -319,7 +319,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
- else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)
- {
- buflen *= 2;
-- buffer = xrealloc (buffer, buflen);
-+ *tofreep = buffer = xrealloc (buffer, buflen);
- }
- else if (status == NSS_STATUS_RETURN
- || status == NSS_STATUS_NOTFOUND
---
-2.27.0
-
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
deleted file mode 100644
index 21f07ac303..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 709674ec86c3c6da4f0995897f6b0205c16d049d Mon Sep 17 00:00:00 2001
-From: Andreas Schwab <schwab@linux-m68k.org>
-Date: Thu, 27 May 2021 12:49:47 +0200
-Subject: [PATCH] Use __pthread_attr_copy in mq_notify (bug 27896)
-
-Make a deep copy of the pthread attribute object to remove a potential
-use-after-free issue.
-
-Upstream-Status: Backport
-[https://sourceware.org/git/?p=glibc.git;a=commit;h=42d359350510506b87101cf77202fefcbfc790cb]
-
-CVE:
-CVE-2021-33574
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
----
- NEWS | 4 ++++
- sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++-----
- 2 files changed, 14 insertions(+), 5 deletions(-)
-
-diff --git a/NEWS b/NEWS
-index 71f5d20324..017d656433 100644
---- a/NEWS
-+++ b/NEWS
-@@ -118,6 +118,10 @@ Security related changes:
- CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
- invoked with EUC-KR input containing invalid multibyte input sequences.
-
-+ CVE-2021-33574: The mq_notify function has a potential use-after-free
-+ issue when using a notification type of SIGEV_THREAD and a thread
-+ attribute with a non-default affinity mask.
-+
- The following bugs are resolved with this release:
-
- [10635] libc: realpath portability patches
-diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
-index cc575a0cdd..f7ddfe5a6c 100644
---- a/sysdeps/unix/sysv/linux/mq_notify.c
-+++ b/sysdeps/unix/sysv/linux/mq_notify.c
-@@ -133,8 +133,11 @@ helper_thread (void *arg)
- (void) __pthread_barrier_wait (¬ify_barrier);
- }
- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
-- /* The only state we keep is the copy of the thread attributes. */
-- free (data.attr);
-+ {
-+ /* The only state we keep is the copy of the thread attributes. */
-+ pthread_attr_destroy (data.attr);
-+ free (data.attr);
-+ }
- }
- return NULL;
- }
-@@ -255,8 +258,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
- if (data.attr == NULL)
- return -1;
-
-- memcpy (data.attr, notification->sigev_notify_attributes,
-- sizeof (pthread_attr_t));
-+ __pthread_attr_copy (data.attr, notification->sigev_notify_attributes);
- }
-
- /* Construct the new request. */
-@@ -270,7 +272,10 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
-
- /* If it failed, free the allocated memory. */
- if (__glibc_unlikely (retval != 0))
-- free (data.attr);
-+ {
-+ pthread_attr_destroy (data.attr);
-+ free (data.attr);
-+ }
-
- return retval;
- }
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
deleted file mode 100644
index befccd7ac7..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 217b6dc298156bdb0d6aea9ea93e7e394a5ff091 Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Tue, 1 Jun 2021 17:51:41 +0200
-Subject: [PATCH] Fix use of __pthread_attr_copy in mq_notify (bug 27896)
-
-__pthread_attr_copy can fail and does not initialize the attribute
-structure in that case.
-
-If __pthread_attr_copy is never called and there is no allocated
-attribute, pthread_attr_destroy should not be called, otherwise
-there is a null pointer dereference in rt/tst-mqueue6.
-
-Fixes commit 42d359350510506b87101cf77202fefcbfc790cb
-("Use __pthread_attr_copy in mq_notify (bug 27896)").
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-
-Upstream-Status: Backport
-[https://sourceware.org/git/?p=glibc.git;a=commit;h=217b6dc298156bdb0d6aea9ea93e7e394a5ff091]
-
-CVE:
-CVE-2021-33574
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
----
- sysdeps/unix/sysv/linux/mq_notify.c | 11 +++++++++--
- 1 file changed, 9 insertions(+), 2 deletions(-)
-
-diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
-index f7ddfe5a6c..6f46d29d1d 100644
---- a/sysdeps/unix/sysv/linux/mq_notify.c
-+++ b/sysdeps/unix/sysv/linux/mq_notify.c
-@@ -258,7 +258,14 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
- if (data.attr == NULL)
- return -1;
-
-- __pthread_attr_copy (data.attr, notification->sigev_notify_attributes);
-+ int ret = __pthread_attr_copy (data.attr,
-+ notification->sigev_notify_attributes);
-+ if (ret != 0)
-+ {
-+ free (data.attr);
-+ __set_errno (ret);
-+ return -1;
-+ }
- }
-
- /* Construct the new request. */
-@@ -271,7 +278,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
- int retval = INLINE_SYSCALL (mq_notify, 2, mqdes, &se);
-
- /* If it failed, free the allocated memory. */
-- if (__glibc_unlikely (retval != 0))
-+ if (retval != 0 && data.attr != NULL)
- {
- pthread_attr_destroy (data.attr);
- free (data.attr);
---
-2.27.0
-
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch b/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
deleted file mode 100644
index 5cae1bc91c..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17 00:00:00 2001
-From: Andreas Schwab <schwab@linux-m68k.org>
-Date: Fri, 25 Jun 2021 15:02:47 +0200
-Subject: [PATCH] wordexp: handle overflow in positional parameter number (bug
- 28011)
-
-Use strtoul instead of atoi so that overflow can be detected.
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c]
-CVE: CVE-2021-35942
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- posix/wordexp-test.c | 1 +
- posix/wordexp.c | 2 +-
- 2 files changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
-index f93a546d7e..9df02dbbb3 100644
---- a/posix/wordexp-test.c
-+++ b/posix/wordexp-test.c
-@@ -183,6 +183,7 @@ struct test_case_struct
- { 0, NULL, "$var", 0, 0, { NULL, }, IFS },
- { 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS },
- { 0, NULL, "", 0, 0, { NULL, }, IFS },
-+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS },
-
- /* Flags not already covered (testit() has special handling for these) */
- { 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS },
-diff --git a/posix/wordexp.c b/posix/wordexp.c
-index bcbe96e48d..1f3b09f721 100644
---- a/posix/wordexp.c
-+++ b/posix/wordexp.c
-@@ -1399,7 +1399,7 @@ envsubst:
- /* Is it a numeric parameter? */
- else if (isdigit (env[0]))
- {
-- int n = atoi (env);
-+ unsigned long n = strtoul (env, NULL, 10);
-
- if (n >= __libc_argc)
- /* Substitute NULL. */
---
-2.17.1
-
diff --git a/meta/recipes-core/glibc/glibc_2.33.bb b/meta/recipes-core/glibc/glibc_2.33.bb
index 57a60cb9d8..ad5e2b8eb1 100644
--- a/meta/recipes-core/glibc/glibc_2.33.bb
+++ b/meta/recipes-core/glibc/glibc_2.33.bb
@@ -56,16 +56,6 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \
file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \
file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \
- file://0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch \
- file://0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch \
- file://0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch \
- file://CVE-2021-27645.patch \
- file://0001-nptl-Remove-private-futex-optimization-BZ-27304.patch \
- file://CVE-2021-33574_1.patch \
- file://CVE-2021-33574_2.patch \
- file://CVE-2021-35942.patch \
- file://0001-CVE-2021-38604.patch \
- file://0002-CVE-2021-38604.patch \
"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build-${TARGET_SYS}"
--
2.31.1
^ permalink raw reply related [flat|nested] 10+ messages in thread* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2021-10-17 2:51 [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version Pgowda
@ 2021-10-17 5:05 ` Khem Raj
2021-10-25 7:29 ` pgowda cve
0 siblings, 1 reply; 10+ messages in thread
From: Khem Raj @ 2021-10-17 5:05 UTC (permalink / raw)
To: Pgowda; +Cc: anuj.mittal, openembedded-core, rwmacleod, umesh.kalappa0
[-- Attachment #1: Type: text/plain, Size: 48678 bytes --]
This looks good to me
On Sat, Oct 16, 2021 at 7:51 PM Pgowda <pgowda.cve@gmail.com> wrote:
> glibc-2.33 release version of Feb 2021 is used in Hardknott branch.
> There are many bug fixes in the latest glibc-2.33 version. The patch
> takes the latest glibc-2.33 version commit.
> Regression tested on X86-64 without any new issues.
>
> Signed-off-by: Pgowda <pgowda.cve@gmail.com>
> ---
> meta/recipes-core/glibc/glibc-version.inc | 2 +-
> .../glibc/glibc/0001-CVE-2021-38604.patch | 40 ----
> ...-private-futex-optimization-BZ-27304.patch | 49 -----
> .../glibc/glibc/0002-CVE-2021-38604.patch | 147 --------------
> ...-ISA-support-for-x86-64-level-marker.patch | 116 -----------
> ...ork-around-GCC-PR-98512-in-rawmemchr.patch | 58 ------
> ...-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch | 185 ------------------
> .../glibc/glibc/CVE-2021-27318-revert.patch | 174 ++++++++++++++++
> .../glibc/glibc/CVE-2021-27645.patch | 51 -----
> .../glibc/glibc/CVE-2021-33574_1.patch | 76 -------
> .../glibc/glibc/CVE-2021-33574_2.patch | 61 ------
> .../glibc/glibc/CVE-2021-35942.patch | 44 -----
> meta/recipes-core/glibc/glibc_2.33.bb | 10 -
> 13 files changed, 175 insertions(+), 838 deletions(-)
> delete mode 100644 meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
> delete mode 100644
> meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
> delete mode 100644 meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
> delete mode 100644
> meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
> delete mode 100644
> meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
> delete mode 100644
> meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
> create mode 100644
> meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
>
> diff --git a/meta/recipes-core/glibc/glibc-version.inc
> b/meta/recipes-core/glibc/glibc-version.inc
> index 3a95173175..4d69187961 100644
> --- a/meta/recipes-core/glibc/glibc-version.inc
> +++ b/meta/recipes-core/glibc/glibc-version.inc
> @@ -1,6 +1,6 @@
> SRCBRANCH ?= "release/2.33/master"
> PV = "2.33"
> -SRCREV_glibc ?= "9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3"
> +SRCREV_glibc ?= "6090cf1330faf2deb17285758f327cb23b89ebf1"
> SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
>
> GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
> diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
> b/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
> deleted file mode 100644
> index 8a52ac957c..0000000000
> --- a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
> +++ /dev/null
> @@ -1,40 +0,0 @@
> -From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17 00:00:00 2001
> -From: Nikita Popov <npv1310@gmail.com>
> -Date: Mon, 9 Aug 2021 20:17:34 +0530
> -Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213)
> -
> -Helper thread frees copied attribute on NOTIFY_REMOVED message
> -received from the OS kernel. Unfortunately, it fails to check whether
> -copied attribute actually exists (data.attr != NULL). This worked
> -earlier because free() checks passed pointer before actually
> -attempting to release corresponding memory. But
> -__pthread_attr_destroy assumes pointer is not NULL.
> -
> -So passing NULL pointer to __pthread_attr_destroy will result in
> -segmentation fault. This scenario is possible if
> -notification->sigev_notify_attributes == NULL (which means default
> -thread attributes should be used).
> -
> -Upstream-Status: Backport [
> https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
> ]
> -CVE: CVE-2021-38604
> -
> -Signed-off-by: Nikita Popov <npv1310@gmail.com>
> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
> ----
> - sysdeps/unix/sysv/linux/mq_notify.c | 2 +-
> - 1 file changed, 1 insertion(+), 1 deletion(-)
> -
> -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c
> b/sysdeps/unix/sysv/linux/mq_notify.c
> -index 6f46d29d1d..1714e1cc5f 100644
> ---- a/sysdeps/unix/sysv/linux/mq_notify.c
> -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
> -@@ -132,7 +132,7 @@ helper_thread (void *arg)
> - to wait until it is done with it. */
> - (void) __pthread_barrier_wait (¬ify_barrier);
> - }
> -- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
> -+ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED &&
> data.attr != NULL)
> - {
> - /* The only state we keep is the copy of the thread attributes.
> */
> - pthread_attr_destroy (data.attr);
> diff --git
> a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
> b/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
> deleted file mode 100644
> index 39fde5b785..0000000000
> ---
> a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
> +++ /dev/null
> @@ -1,49 +0,0 @@
> -From c4ad832276f4dadfa40904109b26a521468f66bc Mon Sep 17 00:00:00 2001
> -From: Florian Weimer <fweimer@redhat.com>
> -Date: Thu, 4 Feb 2021 15:00:20 +0100
> -Subject: [PATCH] nptl: Remove private futex optimization [BZ #27304]
> -
> -It is effectively used, unexcept for pthread_cond_destroy, where we do
> -not want it; see bug 27304. The internal locks do not support a
> -process-shared mode.
> -
> -This fixes commit dc6cfdc934db9997c33728082d63552b9eee4563 ("nptl:
> -Move pthread_cond_destroy implementation into libc").
> -
> -Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> -
> -Upstream-Status: Backport [
> https://sourceware.org/bugzilla/show_bug.cgi?id=27304]
> -Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
> ----
> - sysdeps/nptl/lowlevellock-futex.h | 14 +-------------
> - 1 file changed, 1 insertion(+), 13 deletions(-)
> -
> -diff --git a/sysdeps/nptl/lowlevellock-futex.h
> b/sysdeps/nptl/lowlevellock-futex.h
> -index ecb729da6b..ca96397a4a 100644
> ---- a/sysdeps/nptl/lowlevellock-futex.h
> -+++ b/sysdeps/nptl/lowlevellock-futex.h
> -@@ -50,20 +50,8 @@
> - #define LLL_SHARED FUTEX_PRIVATE_FLAG
> -
> - #ifndef __ASSEMBLER__
> --
> --# if IS_IN (libc) || IS_IN (rtld)
> --/* In libc.so or ld.so all futexes are private. */
> --# define __lll_private_flag(fl, private) \
> -- ({ \
> -- /* Prevent warnings in callers of this macro. */ \
> -- int __lll_private_flag_priv __attribute__ ((unused)); \
> -- __lll_private_flag_priv = (private); \
> -- ((fl) | FUTEX_PRIVATE_FLAG); \
> -- })
> --# else
> --# define __lll_private_flag(fl, private) \
> -+# define __lll_private_flag(fl, private) \
> - (((fl) | FUTEX_PRIVATE_FLAG) ^ (private))
> --# endif
> -
> - # define lll_futex_syscall(nargs, futexp, op, ...) \
> - ({ \
> ---
> -2.27.0
> -
> diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
> b/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
> deleted file mode 100644
> index b654cdfecb..0000000000
> --- a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
> +++ /dev/null
> @@ -1,147 +0,0 @@
> -From 4cc79c217744743077bf7a0ec5e0a4318f1e6641 Mon Sep 17 00:00:00 2001
> -From: Nikita Popov <npv1310@gmail.com>
> -Date: Thu, 12 Aug 2021 16:09:50 +0530
> -Subject: [PATCH] librt: add test (bug 28213)
> -
> -This test implements following logic:
> -1) Create POSIX message queue.
> - Register a notification with mq_notify (using NULL attributes).
> - Then immediately unregister the notification with mq_notify.
> - Helper thread in a vulnerable version of glibc
> - should cause NULL pointer dereference after these steps.
> -2) Once again, register the same notification.
> - Try to send a dummy message.
> - Test is considered successfulif the dummy message
> - is successfully received by the callback function.
> -
> -Upstream-Status: Backport [
> https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
> ]
> -CVE: CVE-2021-38604
> -
> -Signed-off-by: Nikita Popov <npv1310@gmail.com>
> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
> ----
> - rt/Makefile | 1 +
> - rt/tst-bz28213.c | 101 +++++++++++++++++++++++++++++++++++++++++++++++
> - 2 files changed, 102 insertions(+)
> - create mode 100644 rt/tst-bz28213.c
> -
> -diff --git a/rt/Makefile b/rt/Makefile
> -index 7b374f2073..c87d95793a 100644
> ---- a/rt/Makefile
> -+++ b/rt/Makefile
> -@@ -44,6 +44,7 @@ tests := tst-shm tst-timer tst-timer2 \
> - tst-aio7 tst-aio8 tst-aio9 tst-aio10 \
> - tst-mqueue1 tst-mqueue2 tst-mqueue3 tst-mqueue4 \
> - tst-mqueue5 tst-mqueue6 tst-mqueue7 tst-mqueue8 tst-mqueue9 \
> -+ tst-bz28213 \
> - tst-timer3 tst-timer4 tst-timer5 \
> - tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3 \
> - tst-shm-cancel
> -diff --git a/rt/tst-bz28213.c b/rt/tst-bz28213.c
> -new file mode 100644
> -index 0000000000..0c096b5a0a
> ---- /dev/null
> -+++ b/rt/tst-bz28213.c
> -@@ -0,0 +1,101 @@
> -+/* Bug 28213: test for NULL pointer dereference in mq_notify.
> -+ Copyright (C) The GNU Toolchain Authors.
> -+ This file is part of the GNU C Library.
> -+
> -+ The GNU C Library is free software; you can redistribute it and/or
> -+ modify it under the terms of the GNU Lesser General Public
> -+ License as published by the Free Software Foundation; either
> -+ version 2.1 of the License, or (at your option) any later version.
> -+
> -+ The GNU C Library is distributed in the hope that it will be useful,
> -+ but WITHOUT ANY WARRANTY; without even the implied warranty of
> -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> -+ Lesser General Public License for more details.
> -+
> -+ You should have received a copy of the GNU Lesser General Public
> -+ License along with the GNU C Library; if not, see
> -+ <https://www.gnu.org/licenses/>. */
> -+
> -+#include <errno.h>
> -+#include <sys/types.h>
> -+#include <sys/stat.h>
> -+#include <fcntl.h>
> -+#include <unistd.h>
> -+#include <mqueue.h>
> -+#include <signal.h>
> -+#include <stdlib.h>
> -+#include <string.h>
> -+#include <support/check.h>
> -+
> -+static mqd_t m = -1;
> -+static const char msg[] = "hello";
> -+
> -+static void
> -+check_bz28213_cb (union sigval sv)
> -+{
> -+ char buf[sizeof (msg)];
> -+
> -+ (void) sv;
> -+
> -+ TEST_VERIFY_EXIT ((size_t) mq_receive (m, buf, sizeof (buf), NULL)
> -+ == sizeof (buf));
> -+ TEST_VERIFY_EXIT (memcmp (buf, msg, sizeof (buf)) == 0);
> -+
> -+ exit (0);
> -+}
> -+
> -+static void
> -+check_bz28213 (void)
> -+{
> -+ struct sigevent sev;
> -+
> -+ memset (&sev, '\0', sizeof (sev));
> -+ sev.sigev_notify = SIGEV_THREAD;
> -+ sev.sigev_notify_function = check_bz28213_cb;
> -+
> -+ /* Step 1: Register & unregister notifier.
> -+ Helper thread should receive NOTIFY_REMOVED notification.
> -+ In a vulnerable version of glibc, NULL pointer dereference follows.
> */
> -+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
> -+ TEST_VERIFY_EXIT (mq_notify (m, NULL) == 0);
> -+
> -+ /* Step 2: Once again, register notification.
> -+ Try to send one message.
> -+ Test is considered successful, if the callback does exit (0). */
> -+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
> -+ TEST_VERIFY_EXIT (mq_send (m, msg, sizeof (msg), 1) == 0);
> -+
> -+ /* Wait... */
> -+ pause ();
> -+}
> -+
> -+static int
> -+do_test (void)
> -+{
> -+ static const char m_name[] = "/bz28213_queue";
> -+ struct mq_attr m_attr;
> -+
> -+ memset (&m_attr, '\0', sizeof (m_attr));
> -+ m_attr.mq_maxmsg = 1;
> -+ m_attr.mq_msgsize = sizeof (msg);
> -+
> -+ m = mq_open (m_name,
> -+ O_RDWR | O_CREAT | O_EXCL,
> -+ 0600,
> -+ &m_attr);
> -+
> -+ if (m < 0)
> -+ {
> -+ if (errno == ENOSYS)
> -+ FAIL_UNSUPPORTED ("POSIX message queues are not implemented\n");
> -+ FAIL_EXIT1 ("Failed to create POSIX message queue: %m\n");
> -+ }
> -+
> -+ TEST_VERIFY_EXIT (mq_unlink (m_name) == 0);
> -+
> -+ check_bz28213 ();
> -+
> -+ return 0;
> -+}
> -+
> -+#include <support/test-driver.c>
> diff --git
> a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
> b/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
> deleted file mode 100644
> index 3cb60b2e55..0000000000
> ---
> a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
> +++ /dev/null
> @@ -1,116 +0,0 @@
> -From b1971f6f1331d738d1d6b376b4741668a7546125 Mon Sep 17 00:00:00 2001
> -From: "H.J. Lu" <hjl.tools@gmail.com>
> -Date: Tue, 2 Feb 2021 13:45:58 -0800
> -Subject: [PATCH] x86: Require full ISA support for x86-64 level marker
> [BZ #27318]
> -
> -Since -march=sandybridge enables ISAs in x86-64 ISA level v3, the v3
> -marker is set on libc.so. We couldn't set the needed ISA marker to v2
> -since this libc won't run on all v2 machines. Technically, the v3 marker
> -is correct. But the resulting libc.so won't run on Sandy Brigde, which
> -is a v2 machine, even when libc is compiled with -march=sandybridge:
> -
> -$ ./elf/ld.so ./libc.so
> -./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
> -
> -Instead, we require full ISA support for x86-64 level marker and disable
> -x86-64 level marker for -march=sandybridge which enables ISAs between v2
> -and v3.
> -
> -Upstream-Status: Submitted [
> https://sourceware.org/pipermail/libc-alpha/2021-February/122297.html]
> -Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ----
> -
> - sysdeps/x86/configure | 7 ++++++-
> - sysdeps/x86/configure.ac | 2 +-
> - sysdeps/x86/isa-level.c | 21 ++++++++++++++++++++-
> - 3 files changed, 27 insertions(+), 3 deletions(-)
> -
> -diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
> -index 5e32dc62b3..5b20646843 100644
> ---- a/sysdeps/x86/configure
> -+++ b/sysdeps/x86/configure
> -@@ -133,7 +133,12 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
> -nostartfiles -nostdlib -r -o conftest c
> - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> - test $ac_status = 0; }; }; then
> - count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 |
> wc -l`
> -- if test "$count" = 1; then
> -+ if test "$count" = 1 && { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
> -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c'
> -+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
> -+ (eval $ac_try) 2>&5
> -+ ac_status=$?
> -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> -+ test $ac_status = 0; }; }; then
> - libc_cv_include_x86_isa_level=yes
> - fi
> - fi
> -diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
> -index f94088f377..54ecd33d2c 100644
> ---- a/sysdeps/x86/configure.ac
> -+++ b/sysdeps/x86/configure.ac
> -@@ -100,7 +100,7 @@ EOF
> - libc_cv_include_x86_isa_level=no
> - if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r
> -o conftest conftest1.S conftest2.S); then
> - count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 |
> wc -l`
> -- if test "$count" = 1; then
> -+ if test "$count" = 1 && AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS
> -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c);
> then
> - libc_cv_include_x86_isa_level=yes
> - fi
> - fi
> -diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
> -index aaf524cb56..7f83449061 100644
> ---- a/sysdeps/x86/isa-level.c
> -+++ b/sysdeps/x86/isa-level.c
> -@@ -25,12 +25,17 @@
> - License along with the GNU C Library; if not, see
> - <https://www.gnu.org/licenses/>. */
> -
> --#include <elf.h>
> -+#ifdef _LIBC
> -+# include <elf.h>
> -+#endif
> -
> - /* ELF program property for x86 ISA level. */
> - #ifdef INCLUDE_X86_ISA_LEVEL
> - # if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
> - || defined __MMX__ || defined __SSE__ || defined __SSE2__
> -+# if !defined __SSE__ || !defined __SSE2__
> -+# error "Missing ISAs for x86-64 ISA level baseline"
> -+# endif
> - # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
> - # else
> - # define ISA_BASELINE 0
> -@@ -40,6 +45,11 @@
> - || (defined __x86_64__ && defined __LAHF_SAHF__) \
> - || defined __POPCNT__ || defined __SSE3__ \
> - || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
> -+# if !defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
> -+ || !defined __POPCNT__ || !defined __SSE3__ \
> -+ || !defined __SSSE3__ || !defined __SSE4_1__ || !defined __SSE4_2__
> -+# error "Missing ISAs for x86-64 ISA level v2"
> -+# endif
> - # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
> - # else
> - # define ISA_V2 0
> -@@ -48,6 +58,10 @@
> - # if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
> - || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
> - || defined __XSAVE__
> -+# if !defined __AVX__ || !defined __AVX2__ || !defined __F16C__ \
> -+ || !defined __FMA__ || !defined __LZCNT__
> -+# error "Missing ISAs for x86-64 ISA level v3"
> -+# endif
> - # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
> - # else
> - # define ISA_V3 0
> -@@ -55,6 +69,11 @@
> -
> - # if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__
> \
> - || defined __AVX512DQ__ || defined __AVX512VL__
> -+# if !defined __AVX512F__ || !defined __AVX512BW__ \
> -+ || !defined __AVX512CD__ || !defined __AVX512DQ__ \
> -+ || !defined __AVX512VL__
> -+# error "Missing ISAs for x86-64 ISA level v4"
> -+# endif
> - # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
> - # else
> - # define ISA_V4 0
> diff --git
> a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
> b/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
> deleted file mode 100644
> index e904b28a05..0000000000
> ---
> a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
> +++ /dev/null
> @@ -1,58 +0,0 @@
> -From 044e603b698093cf48f6e6229e0b66acf05227e4 Mon Sep 17 00:00:00 2001
> -From: Florian Weimer <fweimer@redhat.com>
> -Date: Fri, 19 Feb 2021 13:29:00 +0100
> -Subject: [PATCH] string: Work around GCC PR 98512 in rawmemchr
> -
> -Upstream-Status: Backport [
> https://sourceware.org/git/?p=glibc.git;a=commit;h=044e603b698093cf48f6e6229e0b66acf05227e4
> ]
> -Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ----
> - string/rawmemchr.c | 26 +++++++++++++++-----------
> - 1 file changed, 15 insertions(+), 11 deletions(-)
> -
> -diff --git a/string/rawmemchr.c b/string/rawmemchr.c
> -index 59bbeeaa42..b8523118e5 100644
> ---- a/string/rawmemchr.c
> -+++ b/string/rawmemchr.c
> -@@ -22,24 +22,28 @@
> - # define RAWMEMCHR __rawmemchr
> - #endif
> -
> --/* Find the first occurrence of C in S. */
> --void *
> --RAWMEMCHR (const void *s, int c)
> --{
> -- DIAG_PUSH_NEEDS_COMMENT;
> -+/* The pragmata should be nested inside RAWMEMCHR below, but that
> -+ triggers GCC PR 98512. */
> -+DIAG_PUSH_NEEDS_COMMENT;
> - #if __GNUC_PREREQ (7, 0)
> -- /* GCC 8 warns about the size passed to memchr being larger than
> -- PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
> -- DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
> -+/* GCC 8 warns about the size passed to memchr being larger than
> -+ PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
> -+DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
> - #endif
> - #if __GNUC_PREREQ (11, 0)
> -- /* Likewise GCC 11, with a different warning option. */
> -- DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
> -+/* Likewise GCC 11, with a different warning option. */
> -+DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
> - #endif
> -+
> -+/* Find the first occurrence of C in S. */
> -+void *
> -+RAWMEMCHR (const void *s, int c)
> -+{
> - if (c != '\0')
> - return memchr (s, c, (size_t)-1);
> -- DIAG_POP_NEEDS_COMMENT;
> - return (char *)s + strlen (s);
> - }
> - libc_hidden_def (__rawmemchr)
> - weak_alias (__rawmemchr, rawmemchr)
> -+
> -+DIAG_POP_NEEDS_COMMENT;
> ---
> -2.30.1
> -
> diff --git
> a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
> b/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
> deleted file mode 100644
> index 3a004e227f..0000000000
> ---
> a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
> +++ /dev/null
> @@ -1,185 +0,0 @@
> -From 750b00a1ddae220403fd892a6fd4e0791ffd154a Mon Sep 17 00:00:00 2001
> -From: "H.J. Lu" <hjl.tools@gmail.com>
> -Date: Fri, 18 Sep 2020 07:55:14 -0700
> -Subject: [PATCH] x86: Handle _SC_LEVEL1_ICACHE_LINESIZE [BZ #27444]
> -
> - x86: Move x86 processor cache info to cpu_features
> -
> -missed _SC_LEVEL1_ICACHE_LINESIZE.
> -
> -1. Add level1_icache_linesize to struct cpu_features.
> -2. Initialize level1_icache_linesize by calling handle_intel,
> -handle_zhaoxin and handle_amd with _SC_LEVEL1_ICACHE_LINESIZE.
> -3. Return level1_icache_linesize for _SC_LEVEL1_ICACHE_LINESIZE.
> -
> -Upstream-Status: Backport [
> https://sourceware.org/bugzilla/show_bug.cgi?id=27444]
> -Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
> ----
> - sysdeps/x86/Makefile | 8 +++
> - sysdeps/x86/cacheinfo.c | 3 +
> - sysdeps/x86/dl-cacheinfo.h | 6 ++
> - sysdeps/x86/include/cpu-features.h | 2 +
> - .../x86/tst-sysconf-cache-linesize-static.c | 1 +
> - sysdeps/x86/tst-sysconf-cache-linesize.c | 57 +++++++++++++++++++
> - 6 files changed, 77 insertions(+)
> - create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize-static.c
> - create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize.c
> -
> -diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
> -index dd82674342..d231263051 100644
> ---- a/sysdeps/x86/Makefile
> -+++ b/sysdeps/x86/Makefile
> -@@ -208,3 +208,11 @@ $(objpfx)check-cet.out:
> $(..)sysdeps/x86/check-cet.awk \
> - generated += check-cet.out
> - endif
> - endif
> -+
> -+ifeq ($(subdir),posix)
> -+tests += \
> -+ tst-sysconf-cache-linesize \
> -+ tst-sysconf-cache-linesize-static
> -+tests-static += \
> -+ tst-sysconf-cache-linesize-static
> -+endif
> -diff --git a/sysdeps/x86/cacheinfo.c b/sysdeps/x86/cacheinfo.c
> -index 7b8df45e3b..5ea4723ca6 100644
> ---- a/sysdeps/x86/cacheinfo.c
> -+++ b/sysdeps/x86/cacheinfo.c
> -@@ -32,6 +32,9 @@ __cache_sysconf (int name)
> - case _SC_LEVEL1_ICACHE_SIZE:
> - return cpu_features->level1_icache_size;
> -
> -+ case _SC_LEVEL1_ICACHE_LINESIZE:
> -+ return cpu_features->level1_icache_linesize;
> -+
> - case _SC_LEVEL1_DCACHE_SIZE:
> - return cpu_features->level1_dcache_size;
> -
> -diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h
> -index a31fa0783a..7cd00b92f1 100644
> ---- a/sysdeps/x86/dl-cacheinfo.h
> -+++ b/sysdeps/x86/dl-cacheinfo.h
> -@@ -707,6 +707,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
> - long int core;
> - unsigned int threads = 0;
> - unsigned long int level1_icache_size = -1;
> -+ unsigned long int level1_icache_linesize = -1;
> - unsigned long int level1_dcache_size = -1;
> - unsigned long int level1_dcache_assoc = -1;
> - unsigned long int level1_dcache_linesize = -1;
> -@@ -726,6 +727,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
> -
> - level1_icache_size
> - = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features);
> -+ level1_icache_linesize
> -+ = handle_intel (_SC_LEVEL1_ICACHE_LINESIZE, cpu_features);
> - level1_dcache_size = data;
> - level1_dcache_assoc
> - = handle_intel (_SC_LEVEL1_DCACHE_ASSOC, cpu_features);
> -@@ -753,6 +756,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
> - shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE);
> -
> - level1_icache_size = handle_zhaoxin (_SC_LEVEL1_ICACHE_SIZE);
> -+ level1_icache_linesize = handle_zhaoxin
> (_SC_LEVEL1_ICACHE_LINESIZE);
> - level1_dcache_size = data;
> - level1_dcache_assoc = handle_zhaoxin (_SC_LEVEL1_DCACHE_ASSOC);
> - level1_dcache_linesize = handle_zhaoxin
> (_SC_LEVEL1_DCACHE_LINESIZE);
> -@@ -772,6 +776,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
> - shared = handle_amd (_SC_LEVEL3_CACHE_SIZE);
> -
> - level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE);
> -+ level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE);
> - level1_dcache_size = data;
> - level1_dcache_assoc = handle_amd (_SC_LEVEL1_DCACHE_ASSOC);
> - level1_dcache_linesize = handle_amd (_SC_LEVEL1_DCACHE_LINESIZE);
> -@@ -833,6 +838,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
> - }
> -
> - cpu_features->level1_icache_size = level1_icache_size;
> -+ cpu_features->level1_icache_linesize = level1_icache_linesize;
> - cpu_features->level1_dcache_size = level1_dcache_size;
> - cpu_features->level1_dcache_assoc = level1_dcache_assoc;
> - cpu_features->level1_dcache_linesize = level1_dcache_linesize;
> -diff --git a/sysdeps/x86/include/cpu-features.h
> b/sysdeps/x86/include/cpu-features.h
> -index 624736b40e..39a3f4f311 100644
> ---- a/sysdeps/x86/include/cpu-features.h
> -+++ b/sysdeps/x86/include/cpu-features.h
> -@@ -874,6 +874,8 @@ struct cpu_features
> - unsigned long int rep_stosb_threshold;
> - /* _SC_LEVEL1_ICACHE_SIZE. */
> - unsigned long int level1_icache_size;
> -+ /* _SC_LEVEL1_ICACHE_LINESIZE. */
> -+ unsigned long int level1_icache_linesize;
> - /* _SC_LEVEL1_DCACHE_SIZE. */
> - unsigned long int level1_dcache_size;
> - /* _SC_LEVEL1_DCACHE_ASSOC. */
> -diff --git a/sysdeps/x86/tst-sysconf-cache-linesize-static.c
> b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
> -new file mode 100644
> -index 0000000000..152ae68821
> ---- /dev/null
> -+++ b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
> -@@ -0,0 +1 @@
> -+#include "tst-sysconf-cache-linesize.c"
> -diff --git a/sysdeps/x86/tst-sysconf-cache-linesize.c
> b/sysdeps/x86/tst-sysconf-cache-linesize.c
> -new file mode 100644
> -index 0000000000..642dbde5d2
> ---- /dev/null
> -+++ b/sysdeps/x86/tst-sysconf-cache-linesize.c
> -@@ -0,0 +1,57 @@
> -+/* Test system cache line sizes.
> -+ Copyright (C) 2021 Free Software Foundation, Inc.
> -+ This file is part of the GNU C Library.
> -+
> -+ The GNU C Library is free software; you can redistribute it and/or
> -+ modify it under the terms of the GNU Lesser General Public
> -+ License as published by the Free Software Foundation; either
> -+ version 2.1 of the License, or (at your option) any later version.
> -+
> -+ The GNU C Library is distributed in the hope that it will be useful,
> -+ but WITHOUT ANY WARRANTY; without even the implied warranty of
> -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> -+ Lesser General Public License for more details.
> -+
> -+ You should have received a copy of the GNU Lesser General Public
> -+ License along with the GNU C Library; if not, see
> -+ <https://www.gnu.org/licenses/>. */
> -+
> -+#include <stdio.h>
> -+#include <stdlib.h>
> -+#include <unistd.h>
> -+#include <array_length.h>
> -+
> -+static struct
> -+{
> -+ const char *name;
> -+ int _SC_val;
> -+} sc_options[] =
> -+ {
> -+#define N(name) { "_SC_"#name, _SC_##name }
> -+ N (LEVEL1_ICACHE_LINESIZE),
> -+ N (LEVEL1_DCACHE_LINESIZE),
> -+ N (LEVEL2_CACHE_LINESIZE)
> -+ };
> -+
> -+static int
> -+do_test (void)
> -+{
> -+ int result = EXIT_SUCCESS;
> -+
> -+ for (int i = 0; i < array_length (sc_options); ++i)
> -+ {
> -+ long int scret = sysconf (sc_options[i]._SC_val);
> -+ if (scret < 0)
> -+ {
> -+ printf ("sysconf (%s) returned < 0 (%ld)\n",
> -+ sc_options[i].name, scret);
> -+ result = EXIT_FAILURE;
> -+ }
> -+ else
> -+ printf ("sysconf (%s): %ld\n", sc_options[i].name, scret);
> -+ }
> -+
> -+ return result;
> -+}
> -+
> -+#include <support/test-driver.c>
> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
> b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
> new file mode 100644
> index 0000000000..2f08a90dd0
> --- /dev/null
> +++ b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
> @@ -0,0 +1,174 @@
> +Since the full ISA set used in an ELF binary is unknown to compiler,
> +an x86-64 ISA level marker indicates the minimum, not maximum, ISA set
> +required to run such an ELF binary. We never guarantee a library with
> +an x86-64 ISA level v3 marker doesn't contain other ISAs beyond x86-64
> +ISA level v3, like AVX VNNI. We check the x86-64 ISA level marker for
> +the minimum ISA set. Since -march=sandybridge enables only some ISAs
> +in x86-64 ISA level v3, we should set the needed ISA marker to v2.
> +Otherwise, libc is compiled with -march=sandybridge will fail to run on
> +Sandy Bridge:
> +
> +$ ./elf/ld.so ./libc.so
> +./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
> +
> +Set the minimum, instead of maximum, x86-64 ISA level marker should have
> +no impact on the b-hwcaps directory assignment logic in ldconfig nor
> +ld.so.
> +
> +(cherry picked from commit 339bf918ea4830fb35614632e96f3aab3237adce)
> +---
> + config.h.in | 6 ++++++
> + sysdeps/x86/configure | 28 ++++++++++++++++++++++++++++
> + sysdeps/x86/configure.ac | 16 ++++++++++++++++
> + sysdeps/x86/isa-level.c | 25 ++++++++++++++-----------
> + 4 files changed, 64 insertions(+), 11 deletions(-)
> +
> +diff --git a/config.h.in b/config.h.in
> +--- a/config.h.in 2021-10-16 03:28:49.447573081 -0700
> ++++ b/config.h.in 2021-10-16 03:29:38.626741181 -0700
> +@@ -275,4 +275,10 @@
> + /* Define if x86 ISA level should be included in shared libraries. */
> + #undef INCLUDE_X86_ISA_LEVEL
> +
> ++/* Define if -msahf is enabled by default on x86. */
> ++#undef HAVE_X86_LAHF_SAHF
> ++
> ++/* Define if -mmovbe is enabled by default on x86. */
> ++#undef HAVE_X86_MOVBE
> ++
> + #endif
> +diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
> +--- a/sysdeps/x86/configure 2021-10-16 03:28:49.587570713 -0700
> ++++ b/sysdeps/x86/configure 2021-10-16 03:29:39.330729277 -0700
> +@@ -126,6 +126,8 @@ cat > conftest2.S <<EOF
> + 4:
> + EOF
> + libc_cv_include_x86_isa_level=no
> ++libc_cv_have_x86_lahf_sahf=no
> ++libc_cv_have_x86_movbe=no
> + if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o
> conftest conftest1.S conftest2.S'
> + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
> + (eval $ac_try) 2>&5
> +@@ -135,6 +137,24 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
> + count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 |
> wc -l`
> + if test "$count" = 1; then
> + libc_cv_include_x86_isa_level=yes
> ++ cat > conftest.c <<EOF
> ++EOF
> ++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o -
> conftest.c'
> ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
> ++ (eval $ac_try) 2>&5
> ++ ac_status=$?
> ++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> ++ test $ac_status = 0; }; } | grep -q "\-msahf"; then
> ++ libc_cv_have_x86_lahf_sahf=yes
> ++ fi
> ++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o -
> conftest.c'
> ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
> ++ (eval $ac_try) 2>&5
> ++ ac_status=$?
> ++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> ++ test $ac_status = 0; }; } | grep -q "\-mmovbe"; then
> ++ libc_cv_have_x86_movbe=yes
> ++ fi
> + fi
> + fi
> + rm -f conftest*
> +@@ -145,5 +165,13 @@ if test $libc_cv_include_x86_isa_level =
> + $as_echo "#define INCLUDE_X86_ISA_LEVEL 1" >>confdefs.h
> +
> + fi
> ++if test $libc_cv_have_x86_lahf_sahf = yes; then
> ++ $as_echo "#define HAVE_X86_LAHF_SAHF 1" >>confdefs.h
> ++
> ++fi
> ++if test $libc_cv_have_x86_movbe = yes; then
> ++ $as_echo "#define HAVE_X86_MOVBE 1" >>confdefs.h
> ++
> ++fi
> + config_vars="$config_vars
> + enable-x86-isa-level = $libc_cv_include_x86_isa_level"
> +diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
> +--- a/sysdeps/x86/configure.ac 2021-10-16 03:28:49.587570713 -0700
> ++++ b/sysdeps/x86/configure.ac 2021-10-16 03:29:40.038717306 -0700
> +@@ -98,14 +98,30 @@ cat > conftest2.S <<EOF
> + 4:
> + EOF
> + libc_cv_include_x86_isa_level=no
> ++libc_cv_have_x86_lahf_sahf=no
> ++libc_cv_have_x86_movbe=no
> + if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r
> -o conftest conftest1.S conftest2.S); then
> + count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 |
> wc -l`
> + if test "$count" = 1; then
> + libc_cv_include_x86_isa_level=yes
> ++ cat > conftest.c <<EOF
> ++EOF
> ++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o -
> conftest.c) | grep -q "\-msahf"; then
> ++ libc_cv_have_x86_lahf_sahf=yes
> ++ fi
> ++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o -
> conftest.c) | grep -q "\-mmovbe"; then
> ++ libc_cv_have_x86_movbe=yes
> ++ fi
> + fi
> + fi
> + rm -f conftest*])
> + if test $libc_cv_include_x86_isa_level = yes; then
> + AC_DEFINE(INCLUDE_X86_ISA_LEVEL)
> + fi
> ++if test $libc_cv_have_x86_lahf_sahf = yes; then
> ++ AC_DEFINE(HAVE_X86_LAHF_SAHF)
> ++fi
> ++if test $libc_cv_have_x86_movbe = yes; then
> ++ AC_DEFINE(HAVE_X86_MOVBE)
> ++fi
> + LIBC_CONFIG_VAR([enable-x86-isa-level], [$libc_cv_include_x86_isa_level])
> +diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
> +--- a/sysdeps/x86/isa-level.c 2021-10-16 03:28:49.587570713 -0700
> ++++ b/sysdeps/x86/isa-level.c 2021-10-16 03:29:40.766704997 -0700
> +@@ -29,32 +29,35 @@
> +
> + /* ELF program property for x86 ISA level. */
> + #ifdef INCLUDE_X86_ISA_LEVEL
> +-# if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
> +- || defined __MMX__ || defined __SSE__ || defined __SSE2__
> ++# if defined __SSE__ && defined __SSE2__
> ++/* NB: ISAs, excluding MMX, in x86-64 ISA level baseline are used. */
> + # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
> + # else
> + # define ISA_BASELINE 0
> + # endif
> +
> +-# if defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
> +- || (defined __x86_64__ && defined __LAHF_SAHF__) \
> +- || defined __POPCNT__ || defined __SSE3__ \
> +- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
> ++# if ISA_BASELINE && defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
> ++ && defined HAVE_X86_LAHF_SAHF && defined __POPCNT__ \
> ++ && defined __SSE3__ && defined __SSSE3__ && defined __SSE4_1__ \
> ++ && defined __SSE4_2__
> ++/* NB: ISAs in x86-64 ISA level v2 are used. */
> + # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
> + # else
> + # define ISA_V2 0
> + # endif
> +
> +-# if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
> +- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
> +- || defined __XSAVE__
> ++# if ISA_V2 && defined __AVX__ && defined __AVX2__ && defined __F16C__ \
> ++ && defined __FMA__ && defined __LZCNT__ && defined HAVE_X86_MOVBE
> ++/* NB: ISAs in x86-64 ISA level v3 are used. */
> + # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
> + # else
> + # define ISA_V3 0
> + # endif
> +
> +-# if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__
> \
> +- || defined __AVX512DQ__ || defined __AVX512VL__
> ++# if ISA_V3 && defined __AVX512F__ && defined __AVX512BW__ \
> ++ && defined __AVX512CD__ && defined __AVX512DQ__ \
> ++ && defined __AVX512VL__
> ++/* NB: ISAs in x86-64 ISA level v4 are used. */
> + # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
> + # else
> + # define ISA_V4 0
> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
> b/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
> deleted file mode 100644
> index 26c5c0d2a9..0000000000
> --- a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
> +++ /dev/null
> @@ -1,51 +0,0 @@
> -From dca565886b5e8bd7966e15f0ca42ee5cff686673 Mon Sep 17 00:00:00 2001
> -From: DJ Delorie <dj@redhat.com>
> -Date: Thu, 25 Feb 2021 16:08:21 -0500
> -Subject: [PATCH] nscd: Fix double free in netgroupcache [BZ #27462]
> -
> -In commit 745664bd798ec8fd50438605948eea594179fba1 a use-after-free
> -was fixed, but this led to an occasional double-free. This patch
> -tracks the "live" allocation better.
> -
> -Tested manually by a third party.
> -
> -Related: RHBZ 1927877
> -
> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> -Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> -
> -Upstream-Status: Backport [
> https://sourceware.org/git/?p=glibc.git;a=commit;h=dca565886b5e8bd7966e15f0ca42ee5cff686673
> ]
> -
> -CVE: CVE-2021-27645
> -
> -Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> -Signed-off-by: Khairul Rohaizzat Jamaluddin <
> khairul.rohaizzat.jamaluddin@intel.com>
> ----
> - nscd/netgroupcache.c | 4 ++--
> - 1 file changed, 2 insertions(+), 2 deletions(-)
> -
> -diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
> -index dba6ceec1b..ad2daddafd 100644
> ---- a/nscd/netgroupcache.c
> -+++ b/nscd/netgroupcache.c
> -@@ -248,7 +248,7 @@ addgetnetgrentX (struct database_dyn *db, int fd,
> request_header *req,
> - : NULL);
> - ndomain = (ndomain ? newbuf +
> ndomaindiff
> - : NULL);
> -- buffer = newbuf;
> -+ *tofreep = buffer = newbuf;
> - }
> -
> - nhost = memcpy (buffer + bufused,
> -@@ -319,7 +319,7 @@ addgetnetgrentX (struct database_dyn *db, int fd,
> request_header *req,
> - else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)
> - {
> - buflen *= 2;
> -- buffer = xrealloc (buffer, buflen);
> -+ *tofreep = buffer = xrealloc (buffer, buflen);
> - }
> - else if (status == NSS_STATUS_RETURN
> - || status == NSS_STATUS_NOTFOUND
> ---
> -2.27.0
> -
> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
> b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
> deleted file mode 100644
> index 21f07ac303..0000000000
> --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
> +++ /dev/null
> @@ -1,76 +0,0 @@
> -From 709674ec86c3c6da4f0995897f6b0205c16d049d Mon Sep 17 00:00:00 2001
> -From: Andreas Schwab <schwab@linux-m68k.org>
> -Date: Thu, 27 May 2021 12:49:47 +0200
> -Subject: [PATCH] Use __pthread_attr_copy in mq_notify (bug 27896)
> -
> -Make a deep copy of the pthread attribute object to remove a potential
> -use-after-free issue.
> -
> -Upstream-Status: Backport
> -[
> https://sourceware.org/git/?p=glibc.git;a=commit;h=42d359350510506b87101cf77202fefcbfc790cb
> ]
> -
> -CVE:
> -CVE-2021-33574
> -
> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> -Signed-off-by: Khairul Rohaizzat Jamaluddin <
> khairul.rohaizzat.jamaluddin@intel.com>
> ----
> - NEWS | 4 ++++
> - sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++-----
> - 2 files changed, 14 insertions(+), 5 deletions(-)
> -
> -diff --git a/NEWS b/NEWS
> -index 71f5d20324..017d656433 100644
> ---- a/NEWS
> -+++ b/NEWS
> -@@ -118,6 +118,10 @@ Security related changes:
> - CVE-2019-25013: A buffer overflow has been fixed in the iconv function
> when
> - invoked with EUC-KR input containing invalid multibyte input sequences.
> -
> -+ CVE-2021-33574: The mq_notify function has a potential use-after-free
> -+ issue when using a notification type of SIGEV_THREAD and a thread
> -+ attribute with a non-default affinity mask.
> -+
> - The following bugs are resolved with this release:
> -
> - [10635] libc: realpath portability patches
> -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c
> b/sysdeps/unix/sysv/linux/mq_notify.c
> -index cc575a0cdd..f7ddfe5a6c 100644
> ---- a/sysdeps/unix/sysv/linux/mq_notify.c
> -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
> -@@ -133,8 +133,11 @@ helper_thread (void *arg)
> - (void) __pthread_barrier_wait (¬ify_barrier);
> - }
> - else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
> -- /* The only state we keep is the copy of the thread attributes. */
> -- free (data.attr);
> -+ {
> -+ /* The only state we keep is the copy of the thread attributes.
> */
> -+ pthread_attr_destroy (data.attr);
> -+ free (data.attr);
> -+ }
> - }
> - return NULL;
> - }
> -@@ -255,8 +258,7 @@ mq_notify (mqd_t mqdes, const struct sigevent
> *notification)
> - if (data.attr == NULL)
> - return -1;
> -
> -- memcpy (data.attr, notification->sigev_notify_attributes,
> -- sizeof (pthread_attr_t));
> -+ __pthread_attr_copy (data.attr,
> notification->sigev_notify_attributes);
> - }
> -
> - /* Construct the new request. */
> -@@ -270,7 +272,10 @@ mq_notify (mqd_t mqdes, const struct sigevent
> *notification)
> -
> - /* If it failed, free the allocated memory. */
> - if (__glibc_unlikely (retval != 0))
> -- free (data.attr);
> -+ {
> -+ pthread_attr_destroy (data.attr);
> -+ free (data.attr);
> -+ }
> -
> - return retval;
> - }
> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
> b/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
> deleted file mode 100644
> index befccd7ac7..0000000000
> --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
> +++ /dev/null
> @@ -1,61 +0,0 @@
> -From 217b6dc298156bdb0d6aea9ea93e7e394a5ff091 Mon Sep 17 00:00:00 2001
> -From: Florian Weimer <fweimer@redhat.com>
> -Date: Tue, 1 Jun 2021 17:51:41 +0200
> -Subject: [PATCH] Fix use of __pthread_attr_copy in mq_notify (bug 27896)
> -
> -__pthread_attr_copy can fail and does not initialize the attribute
> -structure in that case.
> -
> -If __pthread_attr_copy is never called and there is no allocated
> -attribute, pthread_attr_destroy should not be called, otherwise
> -there is a null pointer dereference in rt/tst-mqueue6.
> -
> -Fixes commit 42d359350510506b87101cf77202fefcbfc790cb
> -("Use __pthread_attr_copy in mq_notify (bug 27896)").
> -
> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> -
> -Upstream-Status: Backport
> -[
> https://sourceware.org/git/?p=glibc.git;a=commit;h=217b6dc298156bdb0d6aea9ea93e7e394a5ff091
> ]
> -
> -CVE:
> -CVE-2021-33574
> -
> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> -Signed-off-by: Khairul Rohaizzat Jamaluddin <
> khairul.rohaizzat.jamaluddin@intel.com>
> ----
> - sysdeps/unix/sysv/linux/mq_notify.c | 11 +++++++++--
> - 1 file changed, 9 insertions(+), 2 deletions(-)
> -
> -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c
> b/sysdeps/unix/sysv/linux/mq_notify.c
> -index f7ddfe5a6c..6f46d29d1d 100644
> ---- a/sysdeps/unix/sysv/linux/mq_notify.c
> -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
> -@@ -258,7 +258,14 @@ mq_notify (mqd_t mqdes, const struct sigevent
> *notification)
> - if (data.attr == NULL)
> - return -1;
> -
> -- __pthread_attr_copy (data.attr,
> notification->sigev_notify_attributes);
> -+ int ret = __pthread_attr_copy (data.attr,
> -+
> notification->sigev_notify_attributes);
> -+ if (ret != 0)
> -+ {
> -+ free (data.attr);
> -+ __set_errno (ret);
> -+ return -1;
> -+ }
> - }
> -
> - /* Construct the new request. */
> -@@ -271,7 +278,7 @@ mq_notify (mqd_t mqdes, const struct sigevent
> *notification)
> - int retval = INLINE_SYSCALL (mq_notify, 2, mqdes, &se);
> -
> - /* If it failed, free the allocated memory. */
> -- if (__glibc_unlikely (retval != 0))
> -+ if (retval != 0 && data.attr != NULL)
> - {
> - pthread_attr_destroy (data.attr);
> - free (data.attr);
> ---
> -2.27.0
> -
> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
> b/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
> deleted file mode 100644
> index 5cae1bc91c..0000000000
> --- a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
> +++ /dev/null
> @@ -1,44 +0,0 @@
> -From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17 00:00:00 2001
> -From: Andreas Schwab <schwab@linux-m68k.org>
> -Date: Fri, 25 Jun 2021 15:02:47 +0200
> -Subject: [PATCH] wordexp: handle overflow in positional parameter number
> (bug
> - 28011)
> -
> -Use strtoul instead of atoi so that overflow can be detected.
> -
> -Upstream-Status: Backport [
> https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
> ]
> -CVE: CVE-2021-35942
> -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
> ----
> - posix/wordexp-test.c | 1 +
> - posix/wordexp.c | 2 +-
> - 2 files changed, 2 insertions(+), 1 deletion(-)
> -
> -diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
> -index f93a546d7e..9df02dbbb3 100644
> ---- a/posix/wordexp-test.c
> -+++ b/posix/wordexp-test.c
> -@@ -183,6 +183,7 @@ struct test_case_struct
> - { 0, NULL, "$var", 0, 0, { NULL, }, IFS },
> - { 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS },
> - { 0, NULL, "", 0, 0, { NULL, }, IFS },
> -+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS },
> -
> - /* Flags not already covered (testit() has special handling for
> these) */
> - { 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS },
> -diff --git a/posix/wordexp.c b/posix/wordexp.c
> -index bcbe96e48d..1f3b09f721 100644
> ---- a/posix/wordexp.c
> -+++ b/posix/wordexp.c
> -@@ -1399,7 +1399,7 @@ envsubst:
> - /* Is it a numeric parameter? */
> - else if (isdigit (env[0]))
> - {
> -- int n = atoi (env);
> -+ unsigned long n = strtoul (env, NULL, 10);
> -
> - if (n >= __libc_argc)
> - /* Substitute NULL. */
> ---
> -2.17.1
> -
> diff --git a/meta/recipes-core/glibc/glibc_2.33.bb
> b/meta/recipes-core/glibc/glibc_2.33.bb
> index 57a60cb9d8..ad5e2b8eb1 100644
> --- a/meta/recipes-core/glibc/glibc_2.33.bb
> +++ b/meta/recipes-core/glibc/glibc_2.33.bb
> @@ -56,16 +56,6 @@ SRC_URI =
> "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
>
> file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \
>
> file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \
> file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch
> \
> -
> file://0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch \
> - file://0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
> \
> -
> file://0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch \
> - file://CVE-2021-27645.patch \
> -
> file://0001-nptl-Remove-private-futex-optimization-BZ-27304.patch \
> - file://CVE-2021-33574_1.patch \
> - file://CVE-2021-33574_2.patch \
> - file://CVE-2021-35942.patch \
> - file://0001-CVE-2021-38604.patch \
> - file://0002-CVE-2021-38604.patch \
> "
> S = "${WORKDIR}/git"
> B = "${WORKDIR}/build-${TARGET_SYS}"
> --
> 2.31.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#157024):
> https://lists.openembedded.org/g/openembedded-core/message/157024
> Mute This Topic: https://lists.openembedded.org/mt/86384691/1997914
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> raj.khem@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>
[-- Attachment #2: Type: text/html, Size: 60767 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2021-10-17 5:05 ` [OE-core] " Khem Raj
@ 2021-10-25 7:29 ` pgowda cve
2021-10-27 1:24 ` Mittal, Anuj
0 siblings, 1 reply; 10+ messages in thread
From: pgowda cve @ 2021-10-25 7:29 UTC (permalink / raw)
To: Khem Raj; +Cc: anuj.mittal, openembedded-core, Randy MacLeod, umesh.kalappa0
Hi,
Thanks for the comments.
Gentle ping on this patch.
Thanks,
Pgowda
On Sun, Oct 17, 2021 at 10:35 AM Khem Raj <raj.khem@gmail.com> wrote:
>
> This looks good to me
>
> On Sat, Oct 16, 2021 at 7:51 PM Pgowda <pgowda.cve@gmail.com> wrote:
>>
>> glibc-2.33 release version of Feb 2021 is used in Hardknott branch.
>> There are many bug fixes in the latest glibc-2.33 version. The patch
>> takes the latest glibc-2.33 version commit.
>> Regression tested on X86-64 without any new issues.
>>
>> Signed-off-by: Pgowda <pgowda.cve@gmail.com>
>> ---
>> meta/recipes-core/glibc/glibc-version.inc | 2 +-
>> .../glibc/glibc/0001-CVE-2021-38604.patch | 40 ----
>> ...-private-futex-optimization-BZ-27304.patch | 49 -----
>> .../glibc/glibc/0002-CVE-2021-38604.patch | 147 --------------
>> ...-ISA-support-for-x86-64-level-marker.patch | 116 -----------
>> ...ork-around-GCC-PR-98512-in-rawmemchr.patch | 58 ------
>> ...-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch | 185 ------------------
>> .../glibc/glibc/CVE-2021-27318-revert.patch | 174 ++++++++++++++++
>> .../glibc/glibc/CVE-2021-27645.patch | 51 -----
>> .../glibc/glibc/CVE-2021-33574_1.patch | 76 -------
>> .../glibc/glibc/CVE-2021-33574_2.patch | 61 ------
>> .../glibc/glibc/CVE-2021-35942.patch | 44 -----
>> meta/recipes-core/glibc/glibc_2.33.bb | 10 -
>> 13 files changed, 175 insertions(+), 838 deletions(-)
>> delete mode 100644 meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
>> create mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
>> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
>>
>> diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
>> index 3a95173175..4d69187961 100644
>> --- a/meta/recipes-core/glibc/glibc-version.inc
>> +++ b/meta/recipes-core/glibc/glibc-version.inc
>> @@ -1,6 +1,6 @@
>> SRCBRANCH ?= "release/2.33/master"
>> PV = "2.33"
>> -SRCREV_glibc ?= "9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3"
>> +SRCREV_glibc ?= "6090cf1330faf2deb17285758f327cb23b89ebf1"
>> SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
>>
>> GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
>> diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
>> deleted file mode 100644
>> index 8a52ac957c..0000000000
>> --- a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
>> +++ /dev/null
>> @@ -1,40 +0,0 @@
>> -From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17 00:00:00 2001
>> -From: Nikita Popov <npv1310@gmail.com>
>> -Date: Mon, 9 Aug 2021 20:17:34 +0530
>> -Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213)
>> -
>> -Helper thread frees copied attribute on NOTIFY_REMOVED message
>> -received from the OS kernel. Unfortunately, it fails to check whether
>> -copied attribute actually exists (data.attr != NULL). This worked
>> -earlier because free() checks passed pointer before actually
>> -attempting to release corresponding memory. But
>> -__pthread_attr_destroy assumes pointer is not NULL.
>> -
>> -So passing NULL pointer to __pthread_attr_destroy will result in
>> -segmentation fault. This scenario is possible if
>> -notification->sigev_notify_attributes == NULL (which means default
>> -thread attributes should be used).
>> -
>> -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8]
>> -CVE: CVE-2021-38604
>> -
>> -Signed-off-by: Nikita Popov <npv1310@gmail.com>
>> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
>> -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
>> ----
>> - sysdeps/unix/sysv/linux/mq_notify.c | 2 +-
>> - 1 file changed, 1 insertion(+), 1 deletion(-)
>> -
>> -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
>> -index 6f46d29d1d..1714e1cc5f 100644
>> ---- a/sysdeps/unix/sysv/linux/mq_notify.c
>> -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
>> -@@ -132,7 +132,7 @@ helper_thread (void *arg)
>> - to wait until it is done with it. */
>> - (void) __pthread_barrier_wait (¬ify_barrier);
>> - }
>> -- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
>> -+ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED && data.attr != NULL)
>> - {
>> - /* The only state we keep is the copy of the thread attributes. */
>> - pthread_attr_destroy (data.attr);
>> diff --git a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch b/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
>> deleted file mode 100644
>> index 39fde5b785..0000000000
>> --- a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
>> +++ /dev/null
>> @@ -1,49 +0,0 @@
>> -From c4ad832276f4dadfa40904109b26a521468f66bc Mon Sep 17 00:00:00 2001
>> -From: Florian Weimer <fweimer@redhat.com>
>> -Date: Thu, 4 Feb 2021 15:00:20 +0100
>> -Subject: [PATCH] nptl: Remove private futex optimization [BZ #27304]
>> -
>> -It is effectively used, unexcept for pthread_cond_destroy, where we do
>> -not want it; see bug 27304. The internal locks do not support a
>> -process-shared mode.
>> -
>> -This fixes commit dc6cfdc934db9997c33728082d63552b9eee4563 ("nptl:
>> -Move pthread_cond_destroy implementation into libc").
>> -
>> -Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
>> -
>> -Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27304]
>> -Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
>> ----
>> - sysdeps/nptl/lowlevellock-futex.h | 14 +-------------
>> - 1 file changed, 1 insertion(+), 13 deletions(-)
>> -
>> -diff --git a/sysdeps/nptl/lowlevellock-futex.h b/sysdeps/nptl/lowlevellock-futex.h
>> -index ecb729da6b..ca96397a4a 100644
>> ---- a/sysdeps/nptl/lowlevellock-futex.h
>> -+++ b/sysdeps/nptl/lowlevellock-futex.h
>> -@@ -50,20 +50,8 @@
>> - #define LLL_SHARED FUTEX_PRIVATE_FLAG
>> -
>> - #ifndef __ASSEMBLER__
>> --
>> --# if IS_IN (libc) || IS_IN (rtld)
>> --/* In libc.so or ld.so all futexes are private. */
>> --# define __lll_private_flag(fl, private) \
>> -- ({ \
>> -- /* Prevent warnings in callers of this macro. */ \
>> -- int __lll_private_flag_priv __attribute__ ((unused)); \
>> -- __lll_private_flag_priv = (private); \
>> -- ((fl) | FUTEX_PRIVATE_FLAG); \
>> -- })
>> --# else
>> --# define __lll_private_flag(fl, private) \
>> -+# define __lll_private_flag(fl, private) \
>> - (((fl) | FUTEX_PRIVATE_FLAG) ^ (private))
>> --# endif
>> -
>> - # define lll_futex_syscall(nargs, futexp, op, ...) \
>> - ({ \
>> ---
>> -2.27.0
>> -
>> diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
>> deleted file mode 100644
>> index b654cdfecb..0000000000
>> --- a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
>> +++ /dev/null
>> @@ -1,147 +0,0 @@
>> -From 4cc79c217744743077bf7a0ec5e0a4318f1e6641 Mon Sep 17 00:00:00 2001
>> -From: Nikita Popov <npv1310@gmail.com>
>> -Date: Thu, 12 Aug 2021 16:09:50 +0530
>> -Subject: [PATCH] librt: add test (bug 28213)
>> -
>> -This test implements following logic:
>> -1) Create POSIX message queue.
>> - Register a notification with mq_notify (using NULL attributes).
>> - Then immediately unregister the notification with mq_notify.
>> - Helper thread in a vulnerable version of glibc
>> - should cause NULL pointer dereference after these steps.
>> -2) Once again, register the same notification.
>> - Try to send a dummy message.
>> - Test is considered successfulif the dummy message
>> - is successfully received by the callback function.
>> -
>> -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641]
>> -CVE: CVE-2021-38604
>> -
>> -Signed-off-by: Nikita Popov <npv1310@gmail.com>
>> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
>> -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
>> ----
>> - rt/Makefile | 1 +
>> - rt/tst-bz28213.c | 101 +++++++++++++++++++++++++++++++++++++++++++++++
>> - 2 files changed, 102 insertions(+)
>> - create mode 100644 rt/tst-bz28213.c
>> -
>> -diff --git a/rt/Makefile b/rt/Makefile
>> -index 7b374f2073..c87d95793a 100644
>> ---- a/rt/Makefile
>> -+++ b/rt/Makefile
>> -@@ -44,6 +44,7 @@ tests := tst-shm tst-timer tst-timer2 \
>> - tst-aio7 tst-aio8 tst-aio9 tst-aio10 \
>> - tst-mqueue1 tst-mqueue2 tst-mqueue3 tst-mqueue4 \
>> - tst-mqueue5 tst-mqueue6 tst-mqueue7 tst-mqueue8 tst-mqueue9 \
>> -+ tst-bz28213 \
>> - tst-timer3 tst-timer4 tst-timer5 \
>> - tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3 \
>> - tst-shm-cancel
>> -diff --git a/rt/tst-bz28213.c b/rt/tst-bz28213.c
>> -new file mode 100644
>> -index 0000000000..0c096b5a0a
>> ---- /dev/null
>> -+++ b/rt/tst-bz28213.c
>> -@@ -0,0 +1,101 @@
>> -+/* Bug 28213: test for NULL pointer dereference in mq_notify.
>> -+ Copyright (C) The GNU Toolchain Authors.
>> -+ This file is part of the GNU C Library.
>> -+
>> -+ The GNU C Library is free software; you can redistribute it and/or
>> -+ modify it under the terms of the GNU Lesser General Public
>> -+ License as published by the Free Software Foundation; either
>> -+ version 2.1 of the License, or (at your option) any later version.
>> -+
>> -+ The GNU C Library is distributed in the hope that it will be useful,
>> -+ but WITHOUT ANY WARRANTY; without even the implied warranty of
>> -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>> -+ Lesser General Public License for more details.
>> -+
>> -+ You should have received a copy of the GNU Lesser General Public
>> -+ License along with the GNU C Library; if not, see
>> -+ <https://www.gnu.org/licenses/>. */
>> -+
>> -+#include <errno.h>
>> -+#include <sys/types.h>
>> -+#include <sys/stat.h>
>> -+#include <fcntl.h>
>> -+#include <unistd.h>
>> -+#include <mqueue.h>
>> -+#include <signal.h>
>> -+#include <stdlib.h>
>> -+#include <string.h>
>> -+#include <support/check.h>
>> -+
>> -+static mqd_t m = -1;
>> -+static const char msg[] = "hello";
>> -+
>> -+static void
>> -+check_bz28213_cb (union sigval sv)
>> -+{
>> -+ char buf[sizeof (msg)];
>> -+
>> -+ (void) sv;
>> -+
>> -+ TEST_VERIFY_EXIT ((size_t) mq_receive (m, buf, sizeof (buf), NULL)
>> -+ == sizeof (buf));
>> -+ TEST_VERIFY_EXIT (memcmp (buf, msg, sizeof (buf)) == 0);
>> -+
>> -+ exit (0);
>> -+}
>> -+
>> -+static void
>> -+check_bz28213 (void)
>> -+{
>> -+ struct sigevent sev;
>> -+
>> -+ memset (&sev, '\0', sizeof (sev));
>> -+ sev.sigev_notify = SIGEV_THREAD;
>> -+ sev.sigev_notify_function = check_bz28213_cb;
>> -+
>> -+ /* Step 1: Register & unregister notifier.
>> -+ Helper thread should receive NOTIFY_REMOVED notification.
>> -+ In a vulnerable version of glibc, NULL pointer dereference follows. */
>> -+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
>> -+ TEST_VERIFY_EXIT (mq_notify (m, NULL) == 0);
>> -+
>> -+ /* Step 2: Once again, register notification.
>> -+ Try to send one message.
>> -+ Test is considered successful, if the callback does exit (0). */
>> -+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
>> -+ TEST_VERIFY_EXIT (mq_send (m, msg, sizeof (msg), 1) == 0);
>> -+
>> -+ /* Wait... */
>> -+ pause ();
>> -+}
>> -+
>> -+static int
>> -+do_test (void)
>> -+{
>> -+ static const char m_name[] = "/bz28213_queue";
>> -+ struct mq_attr m_attr;
>> -+
>> -+ memset (&m_attr, '\0', sizeof (m_attr));
>> -+ m_attr.mq_maxmsg = 1;
>> -+ m_attr.mq_msgsize = sizeof (msg);
>> -+
>> -+ m = mq_open (m_name,
>> -+ O_RDWR | O_CREAT | O_EXCL,
>> -+ 0600,
>> -+ &m_attr);
>> -+
>> -+ if (m < 0)
>> -+ {
>> -+ if (errno == ENOSYS)
>> -+ FAIL_UNSUPPORTED ("POSIX message queues are not implemented\n");
>> -+ FAIL_EXIT1 ("Failed to create POSIX message queue: %m\n");
>> -+ }
>> -+
>> -+ TEST_VERIFY_EXIT (mq_unlink (m_name) == 0);
>> -+
>> -+ check_bz28213 ();
>> -+
>> -+ return 0;
>> -+}
>> -+
>> -+#include <support/test-driver.c>
>> diff --git a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch b/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
>> deleted file mode 100644
>> index 3cb60b2e55..0000000000
>> --- a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
>> +++ /dev/null
>> @@ -1,116 +0,0 @@
>> -From b1971f6f1331d738d1d6b376b4741668a7546125 Mon Sep 17 00:00:00 2001
>> -From: "H.J. Lu" <hjl.tools@gmail.com>
>> -Date: Tue, 2 Feb 2021 13:45:58 -0800
>> -Subject: [PATCH] x86: Require full ISA support for x86-64 level marker [BZ #27318]
>> -
>> -Since -march=sandybridge enables ISAs in x86-64 ISA level v3, the v3
>> -marker is set on libc.so. We couldn't set the needed ISA marker to v2
>> -since this libc won't run on all v2 machines. Technically, the v3 marker
>> -is correct. But the resulting libc.so won't run on Sandy Brigde, which
>> -is a v2 machine, even when libc is compiled with -march=sandybridge:
>> -
>> -$ ./elf/ld.so ./libc.so
>> -./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
>> -
>> -Instead, we require full ISA support for x86-64 level marker and disable
>> -x86-64 level marker for -march=sandybridge which enables ISAs between v2
>> -and v3.
>> -
>> -Upstream-Status: Submitted [https://sourceware.org/pipermail/libc-alpha/2021-February/122297.html]
>> -Signed-off-by: Khem Raj <raj.khem@gmail.com>
>> ----
>> -
>> - sysdeps/x86/configure | 7 ++++++-
>> - sysdeps/x86/configure.ac | 2 +-
>> - sysdeps/x86/isa-level.c | 21 ++++++++++++++++++++-
>> - 3 files changed, 27 insertions(+), 3 deletions(-)
>> -
>> -diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
>> -index 5e32dc62b3..5b20646843 100644
>> ---- a/sysdeps/x86/configure
>> -+++ b/sysdeps/x86/configure
>> -@@ -133,7 +133,12 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest c
>> - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
>> - test $ac_status = 0; }; }; then
>> - count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
>> -- if test "$count" = 1; then
>> -+ if test "$count" = 1 && { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c'
>> -+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
>> -+ (eval $ac_try) 2>&5
>> -+ ac_status=$?
>> -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
>> -+ test $ac_status = 0; }; }; then
>> - libc_cv_include_x86_isa_level=yes
>> - fi
>> - fi
>> -diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
>> -index f94088f377..54ecd33d2c 100644
>> ---- a/sysdeps/x86/configure.ac
>> -+++ b/sysdeps/x86/configure.ac
>> -@@ -100,7 +100,7 @@ EOF
>> - libc_cv_include_x86_isa_level=no
>> - if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then
>> - count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
>> -- if test "$count" = 1; then
>> -+ if test "$count" = 1 && AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c); then
>> - libc_cv_include_x86_isa_level=yes
>> - fi
>> - fi
>> -diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
>> -index aaf524cb56..7f83449061 100644
>> ---- a/sysdeps/x86/isa-level.c
>> -+++ b/sysdeps/x86/isa-level.c
>> -@@ -25,12 +25,17 @@
>> - License along with the GNU C Library; if not, see
>> - <https://www.gnu.org/licenses/>. */
>> -
>> --#include <elf.h>
>> -+#ifdef _LIBC
>> -+# include <elf.h>
>> -+#endif
>> -
>> - /* ELF program property for x86 ISA level. */
>> - #ifdef INCLUDE_X86_ISA_LEVEL
>> - # if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
>> - || defined __MMX__ || defined __SSE__ || defined __SSE2__
>> -+# if !defined __SSE__ || !defined __SSE2__
>> -+# error "Missing ISAs for x86-64 ISA level baseline"
>> -+# endif
>> - # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
>> - # else
>> - # define ISA_BASELINE 0
>> -@@ -40,6 +45,11 @@
>> - || (defined __x86_64__ && defined __LAHF_SAHF__) \
>> - || defined __POPCNT__ || defined __SSE3__ \
>> - || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
>> -+# if !defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
>> -+ || !defined __POPCNT__ || !defined __SSE3__ \
>> -+ || !defined __SSSE3__ || !defined __SSE4_1__ || !defined __SSE4_2__
>> -+# error "Missing ISAs for x86-64 ISA level v2"
>> -+# endif
>> - # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
>> - # else
>> - # define ISA_V2 0
>> -@@ -48,6 +58,10 @@
>> - # if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
>> - || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
>> - || defined __XSAVE__
>> -+# if !defined __AVX__ || !defined __AVX2__ || !defined __F16C__ \
>> -+ || !defined __FMA__ || !defined __LZCNT__
>> -+# error "Missing ISAs for x86-64 ISA level v3"
>> -+# endif
>> - # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
>> - # else
>> - # define ISA_V3 0
>> -@@ -55,6 +69,11 @@
>> -
>> - # if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \
>> - || defined __AVX512DQ__ || defined __AVX512VL__
>> -+# if !defined __AVX512F__ || !defined __AVX512BW__ \
>> -+ || !defined __AVX512CD__ || !defined __AVX512DQ__ \
>> -+ || !defined __AVX512VL__
>> -+# error "Missing ISAs for x86-64 ISA level v4"
>> -+# endif
>> - # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
>> - # else
>> - # define ISA_V4 0
>> diff --git a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch b/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
>> deleted file mode 100644
>> index e904b28a05..0000000000
>> --- a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
>> +++ /dev/null
>> @@ -1,58 +0,0 @@
>> -From 044e603b698093cf48f6e6229e0b66acf05227e4 Mon Sep 17 00:00:00 2001
>> -From: Florian Weimer <fweimer@redhat.com>
>> -Date: Fri, 19 Feb 2021 13:29:00 +0100
>> -Subject: [PATCH] string: Work around GCC PR 98512 in rawmemchr
>> -
>> -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=044e603b698093cf48f6e6229e0b66acf05227e4]
>> -Signed-off-by: Khem Raj <raj.khem@gmail.com>
>> ----
>> - string/rawmemchr.c | 26 +++++++++++++++-----------
>> - 1 file changed, 15 insertions(+), 11 deletions(-)
>> -
>> -diff --git a/string/rawmemchr.c b/string/rawmemchr.c
>> -index 59bbeeaa42..b8523118e5 100644
>> ---- a/string/rawmemchr.c
>> -+++ b/string/rawmemchr.c
>> -@@ -22,24 +22,28 @@
>> - # define RAWMEMCHR __rawmemchr
>> - #endif
>> -
>> --/* Find the first occurrence of C in S. */
>> --void *
>> --RAWMEMCHR (const void *s, int c)
>> --{
>> -- DIAG_PUSH_NEEDS_COMMENT;
>> -+/* The pragmata should be nested inside RAWMEMCHR below, but that
>> -+ triggers GCC PR 98512. */
>> -+DIAG_PUSH_NEEDS_COMMENT;
>> - #if __GNUC_PREREQ (7, 0)
>> -- /* GCC 8 warns about the size passed to memchr being larger than
>> -- PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
>> -- DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
>> -+/* GCC 8 warns about the size passed to memchr being larger than
>> -+ PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
>> -+DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
>> - #endif
>> - #if __GNUC_PREREQ (11, 0)
>> -- /* Likewise GCC 11, with a different warning option. */
>> -- DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
>> -+/* Likewise GCC 11, with a different warning option. */
>> -+DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
>> - #endif
>> -+
>> -+/* Find the first occurrence of C in S. */
>> -+void *
>> -+RAWMEMCHR (const void *s, int c)
>> -+{
>> - if (c != '\0')
>> - return memchr (s, c, (size_t)-1);
>> -- DIAG_POP_NEEDS_COMMENT;
>> - return (char *)s + strlen (s);
>> - }
>> - libc_hidden_def (__rawmemchr)
>> - weak_alias (__rawmemchr, rawmemchr)
>> -+
>> -+DIAG_POP_NEEDS_COMMENT;
>> ---
>> -2.30.1
>> -
>> diff --git a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch b/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
>> deleted file mode 100644
>> index 3a004e227f..0000000000
>> --- a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
>> +++ /dev/null
>> @@ -1,185 +0,0 @@
>> -From 750b00a1ddae220403fd892a6fd4e0791ffd154a Mon Sep 17 00:00:00 2001
>> -From: "H.J. Lu" <hjl.tools@gmail.com>
>> -Date: Fri, 18 Sep 2020 07:55:14 -0700
>> -Subject: [PATCH] x86: Handle _SC_LEVEL1_ICACHE_LINESIZE [BZ #27444]
>> -
>> - x86: Move x86 processor cache info to cpu_features
>> -
>> -missed _SC_LEVEL1_ICACHE_LINESIZE.
>> -
>> -1. Add level1_icache_linesize to struct cpu_features.
>> -2. Initialize level1_icache_linesize by calling handle_intel,
>> -handle_zhaoxin and handle_amd with _SC_LEVEL1_ICACHE_LINESIZE.
>> -3. Return level1_icache_linesize for _SC_LEVEL1_ICACHE_LINESIZE.
>> -
>> -Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27444]
>> -Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
>> ----
>> - sysdeps/x86/Makefile | 8 +++
>> - sysdeps/x86/cacheinfo.c | 3 +
>> - sysdeps/x86/dl-cacheinfo.h | 6 ++
>> - sysdeps/x86/include/cpu-features.h | 2 +
>> - .../x86/tst-sysconf-cache-linesize-static.c | 1 +
>> - sysdeps/x86/tst-sysconf-cache-linesize.c | 57 +++++++++++++++++++
>> - 6 files changed, 77 insertions(+)
>> - create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize-static.c
>> - create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize.c
>> -
>> -diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
>> -index dd82674342..d231263051 100644
>> ---- a/sysdeps/x86/Makefile
>> -+++ b/sysdeps/x86/Makefile
>> -@@ -208,3 +208,11 @@ $(objpfx)check-cet.out: $(..)sysdeps/x86/check-cet.awk \
>> - generated += check-cet.out
>> - endif
>> - endif
>> -+
>> -+ifeq ($(subdir),posix)
>> -+tests += \
>> -+ tst-sysconf-cache-linesize \
>> -+ tst-sysconf-cache-linesize-static
>> -+tests-static += \
>> -+ tst-sysconf-cache-linesize-static
>> -+endif
>> -diff --git a/sysdeps/x86/cacheinfo.c b/sysdeps/x86/cacheinfo.c
>> -index 7b8df45e3b..5ea4723ca6 100644
>> ---- a/sysdeps/x86/cacheinfo.c
>> -+++ b/sysdeps/x86/cacheinfo.c
>> -@@ -32,6 +32,9 @@ __cache_sysconf (int name)
>> - case _SC_LEVEL1_ICACHE_SIZE:
>> - return cpu_features->level1_icache_size;
>> -
>> -+ case _SC_LEVEL1_ICACHE_LINESIZE:
>> -+ return cpu_features->level1_icache_linesize;
>> -+
>> - case _SC_LEVEL1_DCACHE_SIZE:
>> - return cpu_features->level1_dcache_size;
>> -
>> -diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h
>> -index a31fa0783a..7cd00b92f1 100644
>> ---- a/sysdeps/x86/dl-cacheinfo.h
>> -+++ b/sysdeps/x86/dl-cacheinfo.h
>> -@@ -707,6 +707,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
>> - long int core;
>> - unsigned int threads = 0;
>> - unsigned long int level1_icache_size = -1;
>> -+ unsigned long int level1_icache_linesize = -1;
>> - unsigned long int level1_dcache_size = -1;
>> - unsigned long int level1_dcache_assoc = -1;
>> - unsigned long int level1_dcache_linesize = -1;
>> -@@ -726,6 +727,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
>> -
>> - level1_icache_size
>> - = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features);
>> -+ level1_icache_linesize
>> -+ = handle_intel (_SC_LEVEL1_ICACHE_LINESIZE, cpu_features);
>> - level1_dcache_size = data;
>> - level1_dcache_assoc
>> - = handle_intel (_SC_LEVEL1_DCACHE_ASSOC, cpu_features);
>> -@@ -753,6 +756,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
>> - shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE);
>> -
>> - level1_icache_size = handle_zhaoxin (_SC_LEVEL1_ICACHE_SIZE);
>> -+ level1_icache_linesize = handle_zhaoxin (_SC_LEVEL1_ICACHE_LINESIZE);
>> - level1_dcache_size = data;
>> - level1_dcache_assoc = handle_zhaoxin (_SC_LEVEL1_DCACHE_ASSOC);
>> - level1_dcache_linesize = handle_zhaoxin (_SC_LEVEL1_DCACHE_LINESIZE);
>> -@@ -772,6 +776,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
>> - shared = handle_amd (_SC_LEVEL3_CACHE_SIZE);
>> -
>> - level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE);
>> -+ level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE);
>> - level1_dcache_size = data;
>> - level1_dcache_assoc = handle_amd (_SC_LEVEL1_DCACHE_ASSOC);
>> - level1_dcache_linesize = handle_amd (_SC_LEVEL1_DCACHE_LINESIZE);
>> -@@ -833,6 +838,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
>> - }
>> -
>> - cpu_features->level1_icache_size = level1_icache_size;
>> -+ cpu_features->level1_icache_linesize = level1_icache_linesize;
>> - cpu_features->level1_dcache_size = level1_dcache_size;
>> - cpu_features->level1_dcache_assoc = level1_dcache_assoc;
>> - cpu_features->level1_dcache_linesize = level1_dcache_linesize;
>> -diff --git a/sysdeps/x86/include/cpu-features.h b/sysdeps/x86/include/cpu-features.h
>> -index 624736b40e..39a3f4f311 100644
>> ---- a/sysdeps/x86/include/cpu-features.h
>> -+++ b/sysdeps/x86/include/cpu-features.h
>> -@@ -874,6 +874,8 @@ struct cpu_features
>> - unsigned long int rep_stosb_threshold;
>> - /* _SC_LEVEL1_ICACHE_SIZE. */
>> - unsigned long int level1_icache_size;
>> -+ /* _SC_LEVEL1_ICACHE_LINESIZE. */
>> -+ unsigned long int level1_icache_linesize;
>> - /* _SC_LEVEL1_DCACHE_SIZE. */
>> - unsigned long int level1_dcache_size;
>> - /* _SC_LEVEL1_DCACHE_ASSOC. */
>> -diff --git a/sysdeps/x86/tst-sysconf-cache-linesize-static.c b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
>> -new file mode 100644
>> -index 0000000000..152ae68821
>> ---- /dev/null
>> -+++ b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
>> -@@ -0,0 +1 @@
>> -+#include "tst-sysconf-cache-linesize.c"
>> -diff --git a/sysdeps/x86/tst-sysconf-cache-linesize.c b/sysdeps/x86/tst-sysconf-cache-linesize.c
>> -new file mode 100644
>> -index 0000000000..642dbde5d2
>> ---- /dev/null
>> -+++ b/sysdeps/x86/tst-sysconf-cache-linesize.c
>> -@@ -0,0 +1,57 @@
>> -+/* Test system cache line sizes.
>> -+ Copyright (C) 2021 Free Software Foundation, Inc.
>> -+ This file is part of the GNU C Library.
>> -+
>> -+ The GNU C Library is free software; you can redistribute it and/or
>> -+ modify it under the terms of the GNU Lesser General Public
>> -+ License as published by the Free Software Foundation; either
>> -+ version 2.1 of the License, or (at your option) any later version.
>> -+
>> -+ The GNU C Library is distributed in the hope that it will be useful,
>> -+ but WITHOUT ANY WARRANTY; without even the implied warranty of
>> -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>> -+ Lesser General Public License for more details.
>> -+
>> -+ You should have received a copy of the GNU Lesser General Public
>> -+ License along with the GNU C Library; if not, see
>> -+ <https://www.gnu.org/licenses/>. */
>> -+
>> -+#include <stdio.h>
>> -+#include <stdlib.h>
>> -+#include <unistd.h>
>> -+#include <array_length.h>
>> -+
>> -+static struct
>> -+{
>> -+ const char *name;
>> -+ int _SC_val;
>> -+} sc_options[] =
>> -+ {
>> -+#define N(name) { "_SC_"#name, _SC_##name }
>> -+ N (LEVEL1_ICACHE_LINESIZE),
>> -+ N (LEVEL1_DCACHE_LINESIZE),
>> -+ N (LEVEL2_CACHE_LINESIZE)
>> -+ };
>> -+
>> -+static int
>> -+do_test (void)
>> -+{
>> -+ int result = EXIT_SUCCESS;
>> -+
>> -+ for (int i = 0; i < array_length (sc_options); ++i)
>> -+ {
>> -+ long int scret = sysconf (sc_options[i]._SC_val);
>> -+ if (scret < 0)
>> -+ {
>> -+ printf ("sysconf (%s) returned < 0 (%ld)\n",
>> -+ sc_options[i].name, scret);
>> -+ result = EXIT_FAILURE;
>> -+ }
>> -+ else
>> -+ printf ("sysconf (%s): %ld\n", sc_options[i].name, scret);
>> -+ }
>> -+
>> -+ return result;
>> -+}
>> -+
>> -+#include <support/test-driver.c>
>> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
>> new file mode 100644
>> index 0000000000..2f08a90dd0
>> --- /dev/null
>> +++ b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
>> @@ -0,0 +1,174 @@
>> +Since the full ISA set used in an ELF binary is unknown to compiler,
>> +an x86-64 ISA level marker indicates the minimum, not maximum, ISA set
>> +required to run such an ELF binary. We never guarantee a library with
>> +an x86-64 ISA level v3 marker doesn't contain other ISAs beyond x86-64
>> +ISA level v3, like AVX VNNI. We check the x86-64 ISA level marker for
>> +the minimum ISA set. Since -march=sandybridge enables only some ISAs
>> +in x86-64 ISA level v3, we should set the needed ISA marker to v2.
>> +Otherwise, libc is compiled with -march=sandybridge will fail to run on
>> +Sandy Bridge:
>> +
>> +$ ./elf/ld.so ./libc.so
>> +./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
>> +
>> +Set the minimum, instead of maximum, x86-64 ISA level marker should have
>> +no impact on the b-hwcaps directory assignment logic in ldconfig nor
>> +ld.so.
>> +
>> +(cherry picked from commit 339bf918ea4830fb35614632e96f3aab3237adce)
>> +---
>> + config.h.in | 6 ++++++
>> + sysdeps/x86/configure | 28 ++++++++++++++++++++++++++++
>> + sysdeps/x86/configure.ac | 16 ++++++++++++++++
>> + sysdeps/x86/isa-level.c | 25 ++++++++++++++-----------
>> + 4 files changed, 64 insertions(+), 11 deletions(-)
>> +
>> +diff --git a/config.h.in b/config.h.in
>> +--- a/config.h.in 2021-10-16 03:28:49.447573081 -0700
>> ++++ b/config.h.in 2021-10-16 03:29:38.626741181 -0700
>> +@@ -275,4 +275,10 @@
>> + /* Define if x86 ISA level should be included in shared libraries. */
>> + #undef INCLUDE_X86_ISA_LEVEL
>> +
>> ++/* Define if -msahf is enabled by default on x86. */
>> ++#undef HAVE_X86_LAHF_SAHF
>> ++
>> ++/* Define if -mmovbe is enabled by default on x86. */
>> ++#undef HAVE_X86_MOVBE
>> ++
>> + #endif
>> +diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
>> +--- a/sysdeps/x86/configure 2021-10-16 03:28:49.587570713 -0700
>> ++++ b/sysdeps/x86/configure 2021-10-16 03:29:39.330729277 -0700
>> +@@ -126,6 +126,8 @@ cat > conftest2.S <<EOF
>> + 4:
>> + EOF
>> + libc_cv_include_x86_isa_level=no
>> ++libc_cv_have_x86_lahf_sahf=no
>> ++libc_cv_have_x86_movbe=no
>> + if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S'
>> + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
>> + (eval $ac_try) 2>&5
>> +@@ -135,6 +137,24 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
>> + count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
>> + if test "$count" = 1; then
>> + libc_cv_include_x86_isa_level=yes
>> ++ cat > conftest.c <<EOF
>> ++EOF
>> ++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c'
>> ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
>> ++ (eval $ac_try) 2>&5
>> ++ ac_status=$?
>> ++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
>> ++ test $ac_status = 0; }; } | grep -q "\-msahf"; then
>> ++ libc_cv_have_x86_lahf_sahf=yes
>> ++ fi
>> ++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c'
>> ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
>> ++ (eval $ac_try) 2>&5
>> ++ ac_status=$?
>> ++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
>> ++ test $ac_status = 0; }; } | grep -q "\-mmovbe"; then
>> ++ libc_cv_have_x86_movbe=yes
>> ++ fi
>> + fi
>> + fi
>> + rm -f conftest*
>> +@@ -145,5 +165,13 @@ if test $libc_cv_include_x86_isa_level =
>> + $as_echo "#define INCLUDE_X86_ISA_LEVEL 1" >>confdefs.h
>> +
>> + fi
>> ++if test $libc_cv_have_x86_lahf_sahf = yes; then
>> ++ $as_echo "#define HAVE_X86_LAHF_SAHF 1" >>confdefs.h
>> ++
>> ++fi
>> ++if test $libc_cv_have_x86_movbe = yes; then
>> ++ $as_echo "#define HAVE_X86_MOVBE 1" >>confdefs.h
>> ++
>> ++fi
>> + config_vars="$config_vars
>> + enable-x86-isa-level = $libc_cv_include_x86_isa_level"
>> +diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
>> +--- a/sysdeps/x86/configure.ac 2021-10-16 03:28:49.587570713 -0700
>> ++++ b/sysdeps/x86/configure.ac 2021-10-16 03:29:40.038717306 -0700
>> +@@ -98,14 +98,30 @@ cat > conftest2.S <<EOF
>> + 4:
>> + EOF
>> + libc_cv_include_x86_isa_level=no
>> ++libc_cv_have_x86_lahf_sahf=no
>> ++libc_cv_have_x86_movbe=no
>> + if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then
>> + count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
>> + if test "$count" = 1; then
>> + libc_cv_include_x86_isa_level=yes
>> ++ cat > conftest.c <<EOF
>> ++EOF
>> ++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-msahf"; then
>> ++ libc_cv_have_x86_lahf_sahf=yes
>> ++ fi
>> ++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-mmovbe"; then
>> ++ libc_cv_have_x86_movbe=yes
>> ++ fi
>> + fi
>> + fi
>> + rm -f conftest*])
>> + if test $libc_cv_include_x86_isa_level = yes; then
>> + AC_DEFINE(INCLUDE_X86_ISA_LEVEL)
>> + fi
>> ++if test $libc_cv_have_x86_lahf_sahf = yes; then
>> ++ AC_DEFINE(HAVE_X86_LAHF_SAHF)
>> ++fi
>> ++if test $libc_cv_have_x86_movbe = yes; then
>> ++ AC_DEFINE(HAVE_X86_MOVBE)
>> ++fi
>> + LIBC_CONFIG_VAR([enable-x86-isa-level], [$libc_cv_include_x86_isa_level])
>> +diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
>> +--- a/sysdeps/x86/isa-level.c 2021-10-16 03:28:49.587570713 -0700
>> ++++ b/sysdeps/x86/isa-level.c 2021-10-16 03:29:40.766704997 -0700
>> +@@ -29,32 +29,35 @@
>> +
>> + /* ELF program property for x86 ISA level. */
>> + #ifdef INCLUDE_X86_ISA_LEVEL
>> +-# if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
>> +- || defined __MMX__ || defined __SSE__ || defined __SSE2__
>> ++# if defined __SSE__ && defined __SSE2__
>> ++/* NB: ISAs, excluding MMX, in x86-64 ISA level baseline are used. */
>> + # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
>> + # else
>> + # define ISA_BASELINE 0
>> + # endif
>> +
>> +-# if defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
>> +- || (defined __x86_64__ && defined __LAHF_SAHF__) \
>> +- || defined __POPCNT__ || defined __SSE3__ \
>> +- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
>> ++# if ISA_BASELINE && defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
>> ++ && defined HAVE_X86_LAHF_SAHF && defined __POPCNT__ \
>> ++ && defined __SSE3__ && defined __SSSE3__ && defined __SSE4_1__ \
>> ++ && defined __SSE4_2__
>> ++/* NB: ISAs in x86-64 ISA level v2 are used. */
>> + # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
>> + # else
>> + # define ISA_V2 0
>> + # endif
>> +
>> +-# if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
>> +- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
>> +- || defined __XSAVE__
>> ++# if ISA_V2 && defined __AVX__ && defined __AVX2__ && defined __F16C__ \
>> ++ && defined __FMA__ && defined __LZCNT__ && defined HAVE_X86_MOVBE
>> ++/* NB: ISAs in x86-64 ISA level v3 are used. */
>> + # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
>> + # else
>> + # define ISA_V3 0
>> + # endif
>> +
>> +-# if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \
>> +- || defined __AVX512DQ__ || defined __AVX512VL__
>> ++# if ISA_V3 && defined __AVX512F__ && defined __AVX512BW__ \
>> ++ && defined __AVX512CD__ && defined __AVX512DQ__ \
>> ++ && defined __AVX512VL__
>> ++/* NB: ISAs in x86-64 ISA level v4 are used. */
>> + # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
>> + # else
>> + # define ISA_V4 0
>> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
>> deleted file mode 100644
>> index 26c5c0d2a9..0000000000
>> --- a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
>> +++ /dev/null
>> @@ -1,51 +0,0 @@
>> -From dca565886b5e8bd7966e15f0ca42ee5cff686673 Mon Sep 17 00:00:00 2001
>> -From: DJ Delorie <dj@redhat.com>
>> -Date: Thu, 25 Feb 2021 16:08:21 -0500
>> -Subject: [PATCH] nscd: Fix double free in netgroupcache [BZ #27462]
>> -
>> -In commit 745664bd798ec8fd50438605948eea594179fba1 a use-after-free
>> -was fixed, but this led to an occasional double-free. This patch
>> -tracks the "live" allocation better.
>> -
>> -Tested manually by a third party.
>> -
>> -Related: RHBZ 1927877
>> -
>> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
>> -Reviewed-by: Carlos O'Donell <carlos@redhat.com>
>> -
>> -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=dca565886b5e8bd7966e15f0ca42ee5cff686673]
>> -
>> -CVE: CVE-2021-27645
>> -
>> -Reviewed-by: Carlos O'Donell <carlos@redhat.com>
>> -Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
>> ----
>> - nscd/netgroupcache.c | 4 ++--
>> - 1 file changed, 2 insertions(+), 2 deletions(-)
>> -
>> -diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
>> -index dba6ceec1b..ad2daddafd 100644
>> ---- a/nscd/netgroupcache.c
>> -+++ b/nscd/netgroupcache.c
>> -@@ -248,7 +248,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
>> - : NULL);
>> - ndomain = (ndomain ? newbuf + ndomaindiff
>> - : NULL);
>> -- buffer = newbuf;
>> -+ *tofreep = buffer = newbuf;
>> - }
>> -
>> - nhost = memcpy (buffer + bufused,
>> -@@ -319,7 +319,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
>> - else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)
>> - {
>> - buflen *= 2;
>> -- buffer = xrealloc (buffer, buflen);
>> -+ *tofreep = buffer = xrealloc (buffer, buflen);
>> - }
>> - else if (status == NSS_STATUS_RETURN
>> - || status == NSS_STATUS_NOTFOUND
>> ---
>> -2.27.0
>> -
>> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
>> deleted file mode 100644
>> index 21f07ac303..0000000000
>> --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
>> +++ /dev/null
>> @@ -1,76 +0,0 @@
>> -From 709674ec86c3c6da4f0995897f6b0205c16d049d Mon Sep 17 00:00:00 2001
>> -From: Andreas Schwab <schwab@linux-m68k.org>
>> -Date: Thu, 27 May 2021 12:49:47 +0200
>> -Subject: [PATCH] Use __pthread_attr_copy in mq_notify (bug 27896)
>> -
>> -Make a deep copy of the pthread attribute object to remove a potential
>> -use-after-free issue.
>> -
>> -Upstream-Status: Backport
>> -[https://sourceware.org/git/?p=glibc.git;a=commit;h=42d359350510506b87101cf77202fefcbfc790cb]
>> -
>> -CVE:
>> -CVE-2021-33574
>> -
>> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
>> -Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
>> ----
>> - NEWS | 4 ++++
>> - sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++-----
>> - 2 files changed, 14 insertions(+), 5 deletions(-)
>> -
>> -diff --git a/NEWS b/NEWS
>> -index 71f5d20324..017d656433 100644
>> ---- a/NEWS
>> -+++ b/NEWS
>> -@@ -118,6 +118,10 @@ Security related changes:
>> - CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
>> - invoked with EUC-KR input containing invalid multibyte input sequences.
>> -
>> -+ CVE-2021-33574: The mq_notify function has a potential use-after-free
>> -+ issue when using a notification type of SIGEV_THREAD and a thread
>> -+ attribute with a non-default affinity mask.
>> -+
>> - The following bugs are resolved with this release:
>> -
>> - [10635] libc: realpath portability patches
>> -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
>> -index cc575a0cdd..f7ddfe5a6c 100644
>> ---- a/sysdeps/unix/sysv/linux/mq_notify.c
>> -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
>> -@@ -133,8 +133,11 @@ helper_thread (void *arg)
>> - (void) __pthread_barrier_wait (¬ify_barrier);
>> - }
>> - else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
>> -- /* The only state we keep is the copy of the thread attributes. */
>> -- free (data.attr);
>> -+ {
>> -+ /* The only state we keep is the copy of the thread attributes. */
>> -+ pthread_attr_destroy (data.attr);
>> -+ free (data.attr);
>> -+ }
>> - }
>> - return NULL;
>> - }
>> -@@ -255,8 +258,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
>> - if (data.attr == NULL)
>> - return -1;
>> -
>> -- memcpy (data.attr, notification->sigev_notify_attributes,
>> -- sizeof (pthread_attr_t));
>> -+ __pthread_attr_copy (data.attr, notification->sigev_notify_attributes);
>> - }
>> -
>> - /* Construct the new request. */
>> -@@ -270,7 +272,10 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
>> -
>> - /* If it failed, free the allocated memory. */
>> - if (__glibc_unlikely (retval != 0))
>> -- free (data.attr);
>> -+ {
>> -+ pthread_attr_destroy (data.attr);
>> -+ free (data.attr);
>> -+ }
>> -
>> - return retval;
>> - }
>> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
>> deleted file mode 100644
>> index befccd7ac7..0000000000
>> --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
>> +++ /dev/null
>> @@ -1,61 +0,0 @@
>> -From 217b6dc298156bdb0d6aea9ea93e7e394a5ff091 Mon Sep 17 00:00:00 2001
>> -From: Florian Weimer <fweimer@redhat.com>
>> -Date: Tue, 1 Jun 2021 17:51:41 +0200
>> -Subject: [PATCH] Fix use of __pthread_attr_copy in mq_notify (bug 27896)
>> -
>> -__pthread_attr_copy can fail and does not initialize the attribute
>> -structure in that case.
>> -
>> -If __pthread_attr_copy is never called and there is no allocated
>> -attribute, pthread_attr_destroy should not be called, otherwise
>> -there is a null pointer dereference in rt/tst-mqueue6.
>> -
>> -Fixes commit 42d359350510506b87101cf77202fefcbfc790cb
>> -("Use __pthread_attr_copy in mq_notify (bug 27896)").
>> -
>> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
>> -
>> -Upstream-Status: Backport
>> -[https://sourceware.org/git/?p=glibc.git;a=commit;h=217b6dc298156bdb0d6aea9ea93e7e394a5ff091]
>> -
>> -CVE:
>> -CVE-2021-33574
>> -
>> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
>> -Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
>> ----
>> - sysdeps/unix/sysv/linux/mq_notify.c | 11 +++++++++--
>> - 1 file changed, 9 insertions(+), 2 deletions(-)
>> -
>> -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
>> -index f7ddfe5a6c..6f46d29d1d 100644
>> ---- a/sysdeps/unix/sysv/linux/mq_notify.c
>> -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
>> -@@ -258,7 +258,14 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
>> - if (data.attr == NULL)
>> - return -1;
>> -
>> -- __pthread_attr_copy (data.attr, notification->sigev_notify_attributes);
>> -+ int ret = __pthread_attr_copy (data.attr,
>> -+ notification->sigev_notify_attributes);
>> -+ if (ret != 0)
>> -+ {
>> -+ free (data.attr);
>> -+ __set_errno (ret);
>> -+ return -1;
>> -+ }
>> - }
>> -
>> - /* Construct the new request. */
>> -@@ -271,7 +278,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
>> - int retval = INLINE_SYSCALL (mq_notify, 2, mqdes, &se);
>> -
>> - /* If it failed, free the allocated memory. */
>> -- if (__glibc_unlikely (retval != 0))
>> -+ if (retval != 0 && data.attr != NULL)
>> - {
>> - pthread_attr_destroy (data.attr);
>> - free (data.attr);
>> ---
>> -2.27.0
>> -
>> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch b/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
>> deleted file mode 100644
>> index 5cae1bc91c..0000000000
>> --- a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
>> +++ /dev/null
>> @@ -1,44 +0,0 @@
>> -From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17 00:00:00 2001
>> -From: Andreas Schwab <schwab@linux-m68k.org>
>> -Date: Fri, 25 Jun 2021 15:02:47 +0200
>> -Subject: [PATCH] wordexp: handle overflow in positional parameter number (bug
>> - 28011)
>> -
>> -Use strtoul instead of atoi so that overflow can be detected.
>> -
>> -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c]
>> -CVE: CVE-2021-35942
>> -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
>> ----
>> - posix/wordexp-test.c | 1 +
>> - posix/wordexp.c | 2 +-
>> - 2 files changed, 2 insertions(+), 1 deletion(-)
>> -
>> -diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
>> -index f93a546d7e..9df02dbbb3 100644
>> ---- a/posix/wordexp-test.c
>> -+++ b/posix/wordexp-test.c
>> -@@ -183,6 +183,7 @@ struct test_case_struct
>> - { 0, NULL, "$var", 0, 0, { NULL, }, IFS },
>> - { 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS },
>> - { 0, NULL, "", 0, 0, { NULL, }, IFS },
>> -+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS },
>> -
>> - /* Flags not already covered (testit() has special handling for these) */
>> - { 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS },
>> -diff --git a/posix/wordexp.c b/posix/wordexp.c
>> -index bcbe96e48d..1f3b09f721 100644
>> ---- a/posix/wordexp.c
>> -+++ b/posix/wordexp.c
>> -@@ -1399,7 +1399,7 @@ envsubst:
>> - /* Is it a numeric parameter? */
>> - else if (isdigit (env[0]))
>> - {
>> -- int n = atoi (env);
>> -+ unsigned long n = strtoul (env, NULL, 10);
>> -
>> - if (n >= __libc_argc)
>> - /* Substitute NULL. */
>> ---
>> -2.17.1
>> -
>> diff --git a/meta/recipes-core/glibc/glibc_2.33.bb b/meta/recipes-core/glibc/glibc_2.33.bb
>> index 57a60cb9d8..ad5e2b8eb1 100644
>> --- a/meta/recipes-core/glibc/glibc_2.33.bb
>> +++ b/meta/recipes-core/glibc/glibc_2.33.bb
>> @@ -56,16 +56,6 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
>> file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \
>> file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \
>> file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \
>> - file://0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch \
>> - file://0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch \
>> - file://0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch \
>> - file://CVE-2021-27645.patch \
>> - file://0001-nptl-Remove-private-futex-optimization-BZ-27304.patch \
>> - file://CVE-2021-33574_1.patch \
>> - file://CVE-2021-33574_2.patch \
>> - file://CVE-2021-35942.patch \
>> - file://0001-CVE-2021-38604.patch \
>> - file://0002-CVE-2021-38604.patch \
>> "
>> S = "${WORKDIR}/git"
>> B = "${WORKDIR}/build-${TARGET_SYS}"
>> --
>> 2.31.1
>>
>>
>> -=-=-=-=-=-=-=-=-=-=-=-
>> Links: You receive all messages sent to this group.
>> View/Reply Online (#157024): https://lists.openembedded.org/g/openembedded-core/message/157024
>> Mute This Topic: https://lists.openembedded.org/mt/86384691/1997914
>> Group Owner: openembedded-core+owner@lists.openembedded.org
>> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [raj.khem@gmail.com]
>> -=-=-=-=-=-=-=-=-=-=-=-
>>
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2021-10-25 7:29 ` pgowda cve
@ 2021-10-27 1:24 ` Mittal, Anuj
0 siblings, 0 replies; 10+ messages in thread
From: Mittal, Anuj @ 2021-10-27 1:24 UTC (permalink / raw)
To: pgowda.cve, raj.khem; +Cc: openembedded-core, rwmacleod, umesh.kalappa0
On Mon, 2021-10-25 at 12:59 +0530, pgowda cve wrote:
> Hi,
>
> Thanks for the comments.
>
> Gentle ping on this patch.
Sorry for the delay. It's in my queue but there are some issues, not
related to this patch, that I am trying to debug. It should get merged
soon.
Thanks,
Anuj
>
> Thanks,
> Pgowda
>
> On Sun, Oct 17, 2021 at 10:35 AM Khem Raj <raj.khem@gmail.com> wrote:
> >
> > This looks good to me
> >
> > On Sat, Oct 16, 2021 at 7:51 PM Pgowda <pgowda.cve@gmail.com>
> > wrote:
> > >
> > > glibc-2.33 release version of Feb 2021 is used in Hardknott
> > > branch.
> > > There are many bug fixes in the latest glibc-2.33 version. The
> > > patch
> > > takes the latest glibc-2.33 version commit.
> > > Regression tested on X86-64 without any new issues.
> > >
> > > Signed-off-by: Pgowda <pgowda.cve@gmail.com>
> > > ---
> > > meta/recipes-core/glibc/glibc-version.inc | 2 +-
> > > .../glibc/glibc/0001-CVE-2021-38604.patch | 40 ----
> > > ...-private-futex-optimization-BZ-27304.patch | 49 -----
> > > .../glibc/glibc/0002-CVE-2021-38604.patch | 147 ------------
> > > --
> > > ...-ISA-support-for-x86-64-level-marker.patch | 116 -----------
> > > ...ork-around-GCC-PR-98512-in-rawmemchr.patch | 58 ------
> > > ...-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch | 185 ------------
> > > ------
> > > .../glibc/glibc/CVE-2021-27318-revert.patch | 174
> > > ++++++++++++++++
> > > .../glibc/glibc/CVE-2021-27645.patch | 51 -----
> > > .../glibc/glibc/CVE-2021-33574_1.patch | 76 -------
> > > .../glibc/glibc/CVE-2021-33574_2.patch | 61 ------
> > > .../glibc/glibc/CVE-2021-35942.patch | 44 -----
> > > meta/recipes-core/glibc/glibc_2.33.bb | 10 -
> > > 13 files changed, 175 insertions(+), 838 deletions(-)
> > > delete mode 100644 meta/recipes-core/glibc/glibc/0001-CVE-2021-
> > > 38604.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/0001-nptl-
> > > Remove-private-futex-optimization-BZ-27304.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/0002-CVE-2021-
> > > 38604.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/0031-x86-
> > > Require-full-ISA-support-for-x86-64-level-marker.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/0032-string-
> > > Work-around-GCC-PR-98512-in-rawmemchr.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/0033-x86-
> > > Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
> > > create mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-27318-
> > > revert.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-
> > > 27645.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-
> > > 33574_1.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-
> > > 33574_2.patch
> > > delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2021-
> > > 35942.patch
> > >
> > > diff --git a/meta/recipes-core/glibc/glibc-version.inc
> > > b/meta/recipes-core/glibc/glibc-version.inc
> > > index 3a95173175..4d69187961 100644
> > > --- a/meta/recipes-core/glibc/glibc-version.inc
> > > +++ b/meta/recipes-core/glibc/glibc-version.inc
> > > @@ -1,6 +1,6 @@
> > > SRCBRANCH ?= "release/2.33/master"
> > > PV = "2.33"
> > > -SRCREV_glibc ?= "9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3"
> > > +SRCREV_glibc ?= "6090cf1330faf2deb17285758f327cb23b89ebf1"
> > > SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
> > >
> > > GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
> > > diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-
> > > 38604.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-
> > > 38604.patch
> > > deleted file mode 100644
> > > index 8a52ac957c..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
> > > +++ /dev/null
> > > @@ -1,40 +0,0 @@
> > > -From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17
> > > 00:00:00 2001
> > > -From: Nikita Popov <npv1310@gmail.com>
> > > -Date: Mon, 9 Aug 2021 20:17:34 +0530
> > > -Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213)
> > > -
> > > -Helper thread frees copied attribute on NOTIFY_REMOVED message
> > > -received from the OS kernel. Unfortunately, it fails to check
> > > whether
> > > -copied attribute actually exists (data.attr != NULL). This
> > > worked
> > > -earlier because free() checks passed pointer before actually
> > > -attempting to release corresponding memory. But
> > > -__pthread_attr_destroy assumes pointer is not NULL.
> > > -
> > > -So passing NULL pointer to __pthread_attr_destroy will result in
> > > -segmentation fault. This scenario is possible if
> > > -notification->sigev_notify_attributes == NULL (which means
> > > default
> > > -thread attributes should be used).
> > > -
> > > -Upstream-Status: Backport
> > > [https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
> > > ]
> > > -CVE: CVE-2021-38604
> > > -
> > > -Signed-off-by: Nikita Popov <npv1310@gmail.com>
> > > -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> > > -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
> > > ----
> > > - sysdeps/unix/sysv/linux/mq_notify.c | 2 +-
> > > - 1 file changed, 1 insertion(+), 1 deletion(-)
> > > -
> > > -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c
> > > b/sysdeps/unix/sysv/linux/mq_notify.c
> > > -index 6f46d29d1d..1714e1cc5f 100644
> > > ---- a/sysdeps/unix/sysv/linux/mq_notify.c
> > > -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
> > > -@@ -132,7 +132,7 @@ helper_thread (void *arg)
> > > - to wait until it is done with it. */
> > > - (void) __pthread_barrier_wait (¬ify_barrier);
> > > - }
> > > -- else if (data.raw[NOTIFY_COOKIE_LEN - 1] ==
> > > NOTIFY_REMOVED)
> > > -+ else if (data.raw[NOTIFY_COOKIE_LEN - 1] ==
> > > NOTIFY_REMOVED && data.attr != NULL)
> > > - {
> > > - /* The only state we keep is the copy of the thread
> > > attributes. */
> > > - pthread_attr_destroy (data.attr);
> > > diff --git a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-
> > > private-futex-optimization-BZ-27304.patch b/meta/recipes-
> > > core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-
> > > 27304.patch
> > > deleted file mode 100644
> > > index 39fde5b785..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-
> > > futex-optimization-BZ-27304.patch
> > > +++ /dev/null
> > > @@ -1,49 +0,0 @@
> > > -From c4ad832276f4dadfa40904109b26a521468f66bc Mon Sep 17
> > > 00:00:00 2001
> > > -From: Florian Weimer <fweimer@redhat.com>
> > > -Date: Thu, 4 Feb 2021 15:00:20 +0100
> > > -Subject: [PATCH] nptl: Remove private futex optimization [BZ
> > > #27304]
> > > -
> > > -It is effectively used, unexcept for pthread_cond_destroy, where
> > > we do
> > > -not want it; see bug 27304. The internal locks do not support a
> > > -process-shared mode.
> > > -
> > > -This fixes commit dc6cfdc934db9997c33728082d63552b9eee4563
> > > ("nptl:
> > > -Move pthread_cond_destroy implementation into libc").
> > > -
> > > -Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> > > -
> > > -Upstream-Status: Backport
> > > [https://sourceware.org/bugzilla/show_bug.cgi?id=27304]
> > > -Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
> > > ----
> > > - sysdeps/nptl/lowlevellock-futex.h | 14 +-------------
> > > - 1 file changed, 1 insertion(+), 13 deletions(-)
> > > -
> > > -diff --git a/sysdeps/nptl/lowlevellock-futex.h
> > > b/sysdeps/nptl/lowlevellock-futex.h
> > > -index ecb729da6b..ca96397a4a 100644
> > > ---- a/sysdeps/nptl/lowlevellock-futex.h
> > > -+++ b/sysdeps/nptl/lowlevellock-futex.h
> > > -@@ -50,20 +50,8 @@
> > > - #define LLL_SHARED FUTEX_PRIVATE_FLAG
> > > -
> > > - #ifndef __ASSEMBLER__
> > > --
> > > --# if IS_IN (libc) || IS_IN (rtld)
> > > --/* In libc.so or ld.so all futexes are private. */
> > > --# define __lll_private_flag(fl, private) \
> > > -- ({ \
> > > -- /* Prevent warnings in callers of this macro. */ \
> > > -- int __lll_private_flag_priv __attribute__ ((unused)); \
> > > -- __lll_private_flag_priv = (private); \
> > > -- ((fl) | FUTEX_PRIVATE_FLAG); \
> > > -- })
> > > --# else
> > > --# define __lll_private_flag(fl, private) \
> > > -+# define __lll_private_flag(fl, private) \
> > > - (((fl) | FUTEX_PRIVATE_FLAG) ^ (private))
> > > --# endif
> > > -
> > > - # define lll_futex_syscall(nargs, futexp, op,
> > > ...) \
> > > -
> > > ({
> > > \
> > > ---
> > > -2.27.0
> > > -
> > > diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-
> > > 38604.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-
> > > 38604.patch
> > > deleted file mode 100644
> > > index b654cdfecb..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
> > > +++ /dev/null
> > > @@ -1,147 +0,0 @@
> > > -From 4cc79c217744743077bf7a0ec5e0a4318f1e6641 Mon Sep 17
> > > 00:00:00 2001
> > > -From: Nikita Popov <npv1310@gmail.com>
> > > -Date: Thu, 12 Aug 2021 16:09:50 +0530
> > > -Subject: [PATCH] librt: add test (bug 28213)
> > > -
> > > -This test implements following logic:
> > > -1) Create POSIX message queue.
> > > - Register a notification with mq_notify (using NULL
> > > attributes).
> > > - Then immediately unregister the notification with mq_notify.
> > > - Helper thread in a vulnerable version of glibc
> > > - should cause NULL pointer dereference after these steps.
> > > -2) Once again, register the same notification.
> > > - Try to send a dummy message.
> > > - Test is considered successfulif the dummy message
> > > - is successfully received by the callback function.
> > > -
> > > -Upstream-Status: Backport
> > > [https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
> > > ]
> > > -CVE: CVE-2021-38604
> > > -
> > > -Signed-off-by: Nikita Popov <npv1310@gmail.com>
> > > -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> > > -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
> > > ----
> > > - rt/Makefile | 1 +
> > > - rt/tst-bz28213.c | 101
> > > +++++++++++++++++++++++++++++++++++++++++++++++
> > > - 2 files changed, 102 insertions(+)
> > > - create mode 100644 rt/tst-bz28213.c
> > > -
> > > -diff --git a/rt/Makefile b/rt/Makefile
> > > -index 7b374f2073..c87d95793a 100644
> > > ---- a/rt/Makefile
> > > -+++ b/rt/Makefile
> > > -@@ -44,6 +44,7 @@ tests := tst-shm tst-timer tst-timer2 \
> > > - tst-aio7 tst-aio8 tst-aio9 tst-aio10 \
> > > - tst-mqueue1 tst-mqueue2 tst-mqueue3 tst-mqueue4 \
> > > - tst-mqueue5 tst-mqueue6 tst-mqueue7 tst-mqueue8 tst-
> > > mqueue9 \
> > > -+ tst-bz28213 \
> > > - tst-timer3 tst-timer4 tst-timer5 \
> > > - tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3
> > > \
> > > - tst-shm-cancel
> > > -diff --git a/rt/tst-bz28213.c b/rt/tst-bz28213.c
> > > -new file mode 100644
> > > -index 0000000000..0c096b5a0a
> > > ---- /dev/null
> > > -+++ b/rt/tst-bz28213.c
> > > -@@ -0,0 +1,101 @@
> > > -+/* Bug 28213: test for NULL pointer dereference in mq_notify.
> > > -+ Copyright (C) The GNU Toolchain Authors.
> > > -+ This file is part of the GNU C Library.
> > > -+
> > > -+ The GNU C Library is free software; you can redistribute it
> > > and/or
> > > -+ modify it under the terms of the GNU Lesser General Public
> > > -+ License as published by the Free Software Foundation; either
> > > -+ version 2.1 of the License, or (at your option) any later
> > > version.
> > > -+
> > > -+ The GNU C Library is distributed in the hope that it will be
> > > useful,
> > > -+ but WITHOUT ANY WARRANTY; without even the implied warranty
> > > of
> > > -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
> > > the GNU
> > > -+ Lesser General Public License for more details.
> > > -+
> > > -+ You should have received a copy of the GNU Lesser General
> > > Public
> > > -+ License along with the GNU C Library; if not, see
> > > -+ <https://www.gnu.org/licenses/>. */
> > > -+
> > > -+#include <errno.h>
> > > -+#include <sys/types.h>
> > > -+#include <sys/stat.h>
> > > -+#include <fcntl.h>
> > > -+#include <unistd.h>
> > > -+#include <mqueue.h>
> > > -+#include <signal.h>
> > > -+#include <stdlib.h>
> > > -+#include <string.h>
> > > -+#include <support/check.h>
> > > -+
> > > -+static mqd_t m = -1;
> > > -+static const char msg[] = "hello";
> > > -+
> > > -+static void
> > > -+check_bz28213_cb (union sigval sv)
> > > -+{
> > > -+ char buf[sizeof (msg)];
> > > -+
> > > -+ (void) sv;
> > > -+
> > > -+ TEST_VERIFY_EXIT ((size_t) mq_receive (m, buf, sizeof (buf),
> > > NULL)
> > > -+ == sizeof (buf));
> > > -+ TEST_VERIFY_EXIT (memcmp (buf, msg, sizeof (buf)) == 0);
> > > -+
> > > -+ exit (0);
> > > -+}
> > > -+
> > > -+static void
> > > -+check_bz28213 (void)
> > > -+{
> > > -+ struct sigevent sev;
> > > -+
> > > -+ memset (&sev, '\0', sizeof (sev));
> > > -+ sev.sigev_notify = SIGEV_THREAD;
> > > -+ sev.sigev_notify_function = check_bz28213_cb;
> > > -+
> > > -+ /* Step 1: Register & unregister notifier.
> > > -+ Helper thread should receive NOTIFY_REMOVED notification.
> > > -+ In a vulnerable version of glibc, NULL pointer dereference
> > > follows. */
> > > -+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
> > > -+ TEST_VERIFY_EXIT (mq_notify (m, NULL) == 0);
> > > -+
> > > -+ /* Step 2: Once again, register notification.
> > > -+ Try to send one message.
> > > -+ Test is considered successful, if the callback does exit
> > > (0). */
> > > -+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
> > > -+ TEST_VERIFY_EXIT (mq_send (m, msg, sizeof (msg), 1) == 0);
> > > -+
> > > -+ /* Wait... */
> > > -+ pause ();
> > > -+}
> > > -+
> > > -+static int
> > > -+do_test (void)
> > > -+{
> > > -+ static const char m_name[] = "/bz28213_queue";
> > > -+ struct mq_attr m_attr;
> > > -+
> > > -+ memset (&m_attr, '\0', sizeof (m_attr));
> > > -+ m_attr.mq_maxmsg = 1;
> > > -+ m_attr.mq_msgsize = sizeof (msg);
> > > -+
> > > -+ m = mq_open (m_name,
> > > -+ O_RDWR | O_CREAT | O_EXCL,
> > > -+ 0600,
> > > -+ &m_attr);
> > > -+
> > > -+ if (m < 0)
> > > -+ {
> > > -+ if (errno == ENOSYS)
> > > -+ FAIL_UNSUPPORTED ("POSIX message queues are not
> > > implemented\n");
> > > -+ FAIL_EXIT1 ("Failed to create POSIX message queue:
> > > %m\n");
> > > -+ }
> > > -+
> > > -+ TEST_VERIFY_EXIT (mq_unlink (m_name) == 0);
> > > -+
> > > -+ check_bz28213 ();
> > > -+
> > > -+ return 0;
> > > -+}
> > > -+
> > > -+#include <support/test-driver.c>
> > > diff --git a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-
> > > ISA-support-for-x86-64-level-marker.patch b/meta/recipes-
> > > core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-
> > > level-marker.patch
> > > deleted file mode 100644
> > > index 3cb60b2e55..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-
> > > support-for-x86-64-level-marker.patch
> > > +++ /dev/null
> > > @@ -1,116 +0,0 @@
> > > -From b1971f6f1331d738d1d6b376b4741668a7546125 Mon Sep 17
> > > 00:00:00 2001
> > > -From: "H.J. Lu" <hjl.tools@gmail.com>
> > > -Date: Tue, 2 Feb 2021 13:45:58 -0800
> > > -Subject: [PATCH] x86: Require full ISA support for x86-64 level
> > > marker [BZ #27318]
> > > -
> > > -Since -march=sandybridge enables ISAs in x86-64 ISA level v3,
> > > the v3
> > > -marker is set on libc.so. We couldn't set the needed ISA marker
> > > to v2
> > > -since this libc won't run on all v2 machines. Technically, the
> > > v3 marker
> > > -is correct. But the resulting libc.so won't run on Sandy
> > > Brigde, which
> > > -is a v2 machine, even when libc is compiled with -
> > > march=sandybridge:
> > > -
> > > -$ ./elf/ld.so ./libc.so
> > > -./libc.so: (p) CPU ISA level is lower than required: needed: 7;
> > > got: 3
> > > -
> > > -Instead, we require full ISA support for x86-64 level marker and
> > > disable
> > > -x86-64 level marker for -march=sandybridge which enables ISAs
> > > between v2
> > > -and v3.
> > > -
> > > -Upstream-Status: Submitted
> > > [https://sourceware.org/pipermail/libc-alpha/2021-February/122297.html
> > > ]
> > > -Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > > ----
> > > -
> > > - sysdeps/x86/configure | 7 ++++++-
> > > - sysdeps/x86/configure.ac | 2 +-
> > > - sysdeps/x86/isa-level.c | 21 ++++++++++++++++++++-
> > > - 3 files changed, 27 insertions(+), 3 deletions(-)
> > > -
> > > -diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
> > > -index 5e32dc62b3..5b20646843 100644
> > > ---- a/sysdeps/x86/configure
> > > -+++ b/sysdeps/x86/configure
> > > -@@ -133,7 +133,12 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -
> > > nostartfiles -nostdlib -r -o conftest c
> > > - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> > > - test $ac_status = 0; }; }; then
> > > - count=`LC_ALL=C $READELF -n conftest | grep
> > > NT_GNU_PROPERTY_TYPE_0 | wc -l`
> > > -- if test "$count" = 1; then
> > > -+ if test "$count" = 1 && { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
> > > -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-
> > > level.c'
> > > -+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}:
> > > \"$ac_try\""; } >&5
> > > -+ (eval $ac_try) 2>&5
> > > -+ ac_status=$?
> > > -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> > > -+ test $ac_status = 0; }; }; then
> > > - libc_cv_include_x86_isa_level=yes
> > > - fi
> > > - fi
> > > -diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
> > > -index f94088f377..54ecd33d2c 100644
> > > ---- a/sysdeps/x86/configure.ac
> > > -+++ b/sysdeps/x86/configure.ac
> > > -@@ -100,7 +100,7 @@ EOF
> > > - libc_cv_include_x86_isa_level=no
> > > - if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -
> > > nostdlib -r -o conftest conftest1.S conftest2.S); then
> > > - count=`LC_ALL=C $READELF -n conftest | grep
> > > NT_GNU_PROPERTY_TYPE_0 | wc -l`
> > > -- if test "$count" = 1; then
> > > -+ if test "$count" = 1 && AC_TRY_COMMAND(${CC-cc} $CFLAGS
> > > $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s
> > > $srcdir/sysdeps/x86/isa-level.c); then
> > > - libc_cv_include_x86_isa_level=yes
> > > - fi
> > > - fi
> > > -diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
> > > -index aaf524cb56..7f83449061 100644
> > > ---- a/sysdeps/x86/isa-level.c
> > > -+++ b/sysdeps/x86/isa-level.c
> > > -@@ -25,12 +25,17 @@
> > > - License along with the GNU C Library; if not, see
> > > - <https://www.gnu.org/licenses/>. */
> > > -
> > > --#include <elf.h>
> > > -+#ifdef _LIBC
> > > -+# include <elf.h>
> > > -+#endif
> > > -
> > > - /* ELF program property for x86 ISA level. */
> > > - #ifdef INCLUDE_X86_ISA_LEVEL
> > > - # if defined __x86_64__ || defined __FXSR__ || !defined
> > > _SOFT_FLOAT \
> > > - || defined __MMX__ || defined __SSE__ || defined __SSE2__
> > > -+# if !defined __SSE__ || !defined __SSE2__
> > > -+# error "Missing ISAs for x86-64 ISA level baseline"
> > > -+# endif
> > > - # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
> > > - # else
> > > - # define ISA_BASELINE 0
> > > -@@ -40,6 +45,11 @@
> > > - || (defined __x86_64__ && defined __LAHF_SAHF__) \
> > > - || defined __POPCNT__ || defined __SSE3__ \
> > > - || defined __SSSE3__ || defined __SSE4_1__ || defined
> > > __SSE4_2__
> > > -+# if !defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
> > > -+ || !defined __POPCNT__ || !defined __SSE3__ \
> > > -+ || !defined __SSSE3__ || !defined __SSE4_1__ || !defined
> > > __SSE4_2__
> > > -+# error "Missing ISAs for x86-64 ISA level v2"
> > > -+# endif
> > > - # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
> > > - # else
> > > - # define ISA_V2 0
> > > -@@ -48,6 +58,10 @@
> > > - # if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
> > > - || defined __FMA__ || defined __LZCNT__ || defined
> > > __MOVBE__ \
> > > - || defined __XSAVE__
> > > -+# if !defined __AVX__ || !defined __AVX2__ || !defined __F16C__
> > > \
> > > -+ || !defined __FMA__ || !defined __LZCNT__
> > > -+# error "Missing ISAs for x86-64 ISA level v3"
> > > -+# endif
> > > - # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
> > > - # else
> > > - # define ISA_V3 0
> > > -@@ -55,6 +69,11 @@
> > > -
> > > - # if defined __AVX512F__ || defined __AVX512BW__ || defined
> > > __AVX512CD__ \
> > > - || defined __AVX512DQ__ || defined __AVX512VL__
> > > -+# if !defined __AVX512F__ || !defined __AVX512BW__ \
> > > -+ || !defined __AVX512CD__ || !defined __AVX512DQ__ \
> > > -+ || !defined __AVX512VL__
> > > -+# error "Missing ISAs for x86-64 ISA level v4"
> > > -+# endif
> > > - # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
> > > - # else
> > > - # define ISA_V4 0
> > > diff --git a/meta/recipes-core/glibc/glibc/0032-string-Work-
> > > around-GCC-PR-98512-in-rawmemchr.patch b/meta/recipes-
> > > core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-
> > > rawmemchr.patch
> > > deleted file mode 100644
> > > index e904b28a05..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-
> > > PR-98512-in-rawmemchr.patch
> > > +++ /dev/null
> > > @@ -1,58 +0,0 @@
> > > -From 044e603b698093cf48f6e6229e0b66acf05227e4 Mon Sep 17
> > > 00:00:00 2001
> > > -From: Florian Weimer <fweimer@redhat.com>
> > > -Date: Fri, 19 Feb 2021 13:29:00 +0100
> > > -Subject: [PATCH] string: Work around GCC PR 98512 in rawmemchr
> > > -
> > > -Upstream-Status: Backport
> > > [https://sourceware.org/git/?p=glibc.git;a=commit;h=044e603b698093cf48f6e6229e0b66acf05227e4
> > > ]
> > > -Signed-off-by: Khem Raj <raj.khem@gmail.com>
> > > ----
> > > - string/rawmemchr.c | 26 +++++++++++++++-----------
> > > - 1 file changed, 15 insertions(+), 11 deletions(-)
> > > -
> > > -diff --git a/string/rawmemchr.c b/string/rawmemchr.c
> > > -index 59bbeeaa42..b8523118e5 100644
> > > ---- a/string/rawmemchr.c
> > > -+++ b/string/rawmemchr.c
> > > -@@ -22,24 +22,28 @@
> > > - # define RAWMEMCHR __rawmemchr
> > > - #endif
> > > -
> > > --/* Find the first occurrence of C in S. */
> > > --void *
> > > --RAWMEMCHR (const void *s, int c)
> > > --{
> > > -- DIAG_PUSH_NEEDS_COMMENT;
> > > -+/* The pragmata should be nested inside RAWMEMCHR below, but
> > > that
> > > -+ triggers GCC PR 98512. */
> > > -+DIAG_PUSH_NEEDS_COMMENT;
> > > - #if __GNUC_PREREQ (7, 0)
> > > -- /* GCC 8 warns about the size passed to memchr being larger
> > > than
> > > -- PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
> > > -- DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
> > > -+/* GCC 8 warns about the size passed to memchr being larger
> > > than
> > > -+ PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
> > > -+DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
> > > - #endif
> > > - #if __GNUC_PREREQ (11, 0)
> > > -- /* Likewise GCC 11, with a different warning option. */
> > > -- DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
> > > -+/* Likewise GCC 11, with a different warning option. */
> > > -+DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
> > > - #endif
> > > -+
> > > -+/* Find the first occurrence of C in S. */
> > > -+void *
> > > -+RAWMEMCHR (const void *s, int c)
> > > -+{
> > > - if (c != '\0')
> > > - return memchr (s, c, (size_t)-1);
> > > -- DIAG_POP_NEEDS_COMMENT;
> > > - return (char *)s + strlen (s);
> > > - }
> > > - libc_hidden_def (__rawmemchr)
> > > - weak_alias (__rawmemchr, rawmemchr)
> > > -+
> > > -+DIAG_POP_NEEDS_COMMENT;
> > > ---
> > > -2.30.1
> > > -
> > > diff --git a/meta/recipes-core/glibc/glibc/0033-x86-Handle-
> > > _SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch b/meta/recipes-
> > > core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-
> > > 27444.patch
> > > deleted file mode 100644
> > > index 3a004e227f..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/0033-x86-Handle-
> > > _SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
> > > +++ /dev/null
> > > @@ -1,185 +0,0 @@
> > > -From 750b00a1ddae220403fd892a6fd4e0791ffd154a Mon Sep 17
> > > 00:00:00 2001
> > > -From: "H.J. Lu" <hjl.tools@gmail.com>
> > > -Date: Fri, 18 Sep 2020 07:55:14 -0700
> > > -Subject: [PATCH] x86: Handle _SC_LEVEL1_ICACHE_LINESIZE [BZ
> > > #27444]
> > > -
> > > - x86: Move x86 processor cache info to cpu_features
> > > -
> > > -missed _SC_LEVEL1_ICACHE_LINESIZE.
> > > -
> > > -1. Add level1_icache_linesize to struct cpu_features.
> > > -2. Initialize level1_icache_linesize by calling handle_intel,
> > > -handle_zhaoxin and handle_amd with _SC_LEVEL1_ICACHE_LINESIZE.
> > > -3. Return level1_icache_linesize for _SC_LEVEL1_ICACHE_LINESIZE.
> > > -
> > > -Upstream-Status: Backport
> > > [https://sourceware.org/bugzilla/show_bug.cgi?id=27444]
> > > -Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
> > > ----
> > > - sysdeps/x86/Makefile | 8 +++
> > > - sysdeps/x86/cacheinfo.c | 3 +
> > > - sysdeps/x86/dl-cacheinfo.h | 6 ++
> > > - sysdeps/x86/include/cpu-features.h | 2 +
> > > - .../x86/tst-sysconf-cache-linesize-static.c | 1 +
> > > - sysdeps/x86/tst-sysconf-cache-linesize.c | 57
> > > +++++++++++++++++++
> > > - 6 files changed, 77 insertions(+)
> > > - create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize-
> > > static.c
> > > - create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize.c
> > > -
> > > -diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
> > > -index dd82674342..d231263051 100644
> > > ---- a/sysdeps/x86/Makefile
> > > -+++ b/sysdeps/x86/Makefile
> > > -@@ -208,3 +208,11 @@ $(objpfx)check-cet.out:
> > > $(..)sysdeps/x86/check-cet.awk \
> > > - generated += check-cet.out
> > > - endif
> > > - endif
> > > -+
> > > -+ifeq ($(subdir),posix)
> > > -+tests += \
> > > -+ tst-sysconf-cache-linesize \
> > > -+ tst-sysconf-cache-linesize-static
> > > -+tests-static += \
> > > -+ tst-sysconf-cache-linesize-static
> > > -+endif
> > > -diff --git a/sysdeps/x86/cacheinfo.c b/sysdeps/x86/cacheinfo.c
> > > -index 7b8df45e3b..5ea4723ca6 100644
> > > ---- a/sysdeps/x86/cacheinfo.c
> > > -+++ b/sysdeps/x86/cacheinfo.c
> > > -@@ -32,6 +32,9 @@ __cache_sysconf (int name)
> > > - case _SC_LEVEL1_ICACHE_SIZE:
> > > - return cpu_features->level1_icache_size;
> > > -
> > > -+ case _SC_LEVEL1_ICACHE_LINESIZE:
> > > -+ return cpu_features->level1_icache_linesize;
> > > -+
> > > - case _SC_LEVEL1_DCACHE_SIZE:
> > > - return cpu_features->level1_dcache_size;
> > > -
> > > -diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-
> > > cacheinfo.h
> > > -index a31fa0783a..7cd00b92f1 100644
> > > ---- a/sysdeps/x86/dl-cacheinfo.h
> > > -+++ b/sysdeps/x86/dl-cacheinfo.h
> > > -@@ -707,6 +707,7 @@ dl_init_cacheinfo (struct cpu_features
> > > *cpu_features)
> > > - long int core;
> > > - unsigned int threads = 0;
> > > - unsigned long int level1_icache_size = -1;
> > > -+ unsigned long int level1_icache_linesize = -1;
> > > - unsigned long int level1_dcache_size = -1;
> > > - unsigned long int level1_dcache_assoc = -1;
> > > - unsigned long int level1_dcache_linesize = -1;
> > > -@@ -726,6 +727,8 @@ dl_init_cacheinfo (struct cpu_features
> > > *cpu_features)
> > > -
> > > - level1_icache_size
> > > - = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features);
> > > -+ level1_icache_linesize
> > > -+ = handle_intel (_SC_LEVEL1_ICACHE_LINESIZE,
> > > cpu_features);
> > > - level1_dcache_size = data;
> > > - level1_dcache_assoc
> > > - = handle_intel (_SC_LEVEL1_DCACHE_ASSOC, cpu_features);
> > > -@@ -753,6 +756,7 @@ dl_init_cacheinfo (struct cpu_features
> > > *cpu_features)
> > > - shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE);
> > > -
> > > - level1_icache_size = handle_zhaoxin
> > > (_SC_LEVEL1_ICACHE_SIZE);
> > > -+ level1_icache_linesize = handle_zhaoxin
> > > (_SC_LEVEL1_ICACHE_LINESIZE);
> > > - level1_dcache_size = data;
> > > - level1_dcache_assoc = handle_zhaoxin
> > > (_SC_LEVEL1_DCACHE_ASSOC);
> > > - level1_dcache_linesize = handle_zhaoxin
> > > (_SC_LEVEL1_DCACHE_LINESIZE);
> > > -@@ -772,6 +776,7 @@ dl_init_cacheinfo (struct cpu_features
> > > *cpu_features)
> > > - shared = handle_amd (_SC_LEVEL3_CACHE_SIZE);
> > > -
> > > - level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE);
> > > -+ level1_icache_linesize = handle_amd
> > > (_SC_LEVEL1_ICACHE_LINESIZE);
> > > - level1_dcache_size = data;
> > > - level1_dcache_assoc = handle_amd
> > > (_SC_LEVEL1_DCACHE_ASSOC);
> > > - level1_dcache_linesize = handle_amd
> > > (_SC_LEVEL1_DCACHE_LINESIZE);
> > > -@@ -833,6 +838,7 @@ dl_init_cacheinfo (struct cpu_features
> > > *cpu_features)
> > > - }
> > > -
> > > - cpu_features->level1_icache_size = level1_icache_size;
> > > -+ cpu_features->level1_icache_linesize =
> > > level1_icache_linesize;
> > > - cpu_features->level1_dcache_size = level1_dcache_size;
> > > - cpu_features->level1_dcache_assoc = level1_dcache_assoc;
> > > - cpu_features->level1_dcache_linesize =
> > > level1_dcache_linesize;
> > > -diff --git a/sysdeps/x86/include/cpu-features.h
> > > b/sysdeps/x86/include/cpu-features.h
> > > -index 624736b40e..39a3f4f311 100644
> > > ---- a/sysdeps/x86/include/cpu-features.h
> > > -+++ b/sysdeps/x86/include/cpu-features.h
> > > -@@ -874,6 +874,8 @@ struct cpu_features
> > > - unsigned long int rep_stosb_threshold;
> > > - /* _SC_LEVEL1_ICACHE_SIZE. */
> > > - unsigned long int level1_icache_size;
> > > -+ /* _SC_LEVEL1_ICACHE_LINESIZE. */
> > > -+ unsigned long int level1_icache_linesize;
> > > - /* _SC_LEVEL1_DCACHE_SIZE. */
> > > - unsigned long int level1_dcache_size;
> > > - /* _SC_LEVEL1_DCACHE_ASSOC. */
> > > -diff --git a/sysdeps/x86/tst-sysconf-cache-linesize-static.c
> > > b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
> > > -new file mode 100644
> > > -index 0000000000..152ae68821
> > > ---- /dev/null
> > > -+++ b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
> > > -@@ -0,0 +1 @@
> > > -+#include "tst-sysconf-cache-linesize.c"
> > > -diff --git a/sysdeps/x86/tst-sysconf-cache-linesize.c
> > > b/sysdeps/x86/tst-sysconf-cache-linesize.c
> > > -new file mode 100644
> > > -index 0000000000..642dbde5d2
> > > ---- /dev/null
> > > -+++ b/sysdeps/x86/tst-sysconf-cache-linesize.c
> > > -@@ -0,0 +1,57 @@
> > > -+/* Test system cache line sizes.
> > > -+ Copyright (C) 2021 Free Software Foundation, Inc.
> > > -+ This file is part of the GNU C Library.
> > > -+
> > > -+ The GNU C Library is free software; you can redistribute it
> > > and/or
> > > -+ modify it under the terms of the GNU Lesser General Public
> > > -+ License as published by the Free Software Foundation; either
> > > -+ version 2.1 of the License, or (at your option) any later
> > > version.
> > > -+
> > > -+ The GNU C Library is distributed in the hope that it will be
> > > useful,
> > > -+ but WITHOUT ANY WARRANTY; without even the implied warranty
> > > of
> > > -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
> > > the GNU
> > > -+ Lesser General Public License for more details.
> > > -+
> > > -+ You should have received a copy of the GNU Lesser General
> > > Public
> > > -+ License along with the GNU C Library; if not, see
> > > -+ <https://www.gnu.org/licenses/>. */
> > > -+
> > > -+#include <stdio.h>
> > > -+#include <stdlib.h>
> > > -+#include <unistd.h>
> > > -+#include <array_length.h>
> > > -+
> > > -+static struct
> > > -+{
> > > -+ const char *name;
> > > -+ int _SC_val;
> > > -+} sc_options[] =
> > > -+ {
> > > -+#define N(name) { "_SC_"#name, _SC_##name }
> > > -+ N (LEVEL1_ICACHE_LINESIZE),
> > > -+ N (LEVEL1_DCACHE_LINESIZE),
> > > -+ N (LEVEL2_CACHE_LINESIZE)
> > > -+ };
> > > -+
> > > -+static int
> > > -+do_test (void)
> > > -+{
> > > -+ int result = EXIT_SUCCESS;
> > > -+
> > > -+ for (int i = 0; i < array_length (sc_options); ++i)
> > > -+ {
> > > -+ long int scret = sysconf (sc_options[i]._SC_val);
> > > -+ if (scret < 0)
> > > -+ {
> > > -+ printf ("sysconf (%s) returned < 0 (%ld)\n",
> > > -+ sc_options[i].name, scret);
> > > -+ result = EXIT_FAILURE;
> > > -+ }
> > > -+ else
> > > -+ printf ("sysconf (%s): %ld\n", sc_options[i].name,
> > > scret);
> > > -+ }
> > > -+
> > > -+ return result;
> > > -+}
> > > -+
> > > -+#include <support/test-driver.c>
> > > diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27318-
> > > revert.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27318-
> > > revert.patch
> > > new file mode 100644
> > > index 0000000000..2f08a90dd0
> > > --- /dev/null
> > > +++ b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
> > > @@ -0,0 +1,174 @@
> > > +Since the full ISA set used in an ELF binary is unknown to
> > > compiler,
> > > +an x86-64 ISA level marker indicates the minimum, not maximum,
> > > ISA set
> > > +required to run such an ELF binary. We never guarantee a
> > > library with
> > > +an x86-64 ISA level v3 marker doesn't contain other ISAs beyond
> > > x86-64
> > > +ISA level v3, like AVX VNNI. We check the x86-64 ISA level
> > > marker for
> > > +the minimum ISA set. Since -march=sandybridge enables only some
> > > ISAs
> > > +in x86-64 ISA level v3, we should set the needed ISA marker to
> > > v2.
> > > +Otherwise, libc is compiled with -march=sandybridge will fail to
> > > run on
> > > +Sandy Bridge:
> > > +
> > > +$ ./elf/ld.so ./libc.so
> > > +./libc.so: (p) CPU ISA level is lower than required: needed: 7;
> > > got: 3
> > > +
> > > +Set the minimum, instead of maximum, x86-64 ISA level marker
> > > should have
> > > +no impact on the b-hwcaps directory assignment logic in ldconfig
> > > nor
> > > +ld.so.
> > > +
> > > +(cherry picked from commit
> > > 339bf918ea4830fb35614632e96f3aab3237adce)
> > > +---
> > > + config.h.in | 6 ++++++
> > > + sysdeps/x86/configure | 28 ++++++++++++++++++++++++++++
> > > + sysdeps/x86/configure.ac | 16 ++++++++++++++++
> > > + sysdeps/x86/isa-level.c | 25 ++++++++++++++-----------
> > > + 4 files changed, 64 insertions(+), 11 deletions(-)
> > > +
> > > +diff --git a/config.h.in b/config.h.in
> > > +--- a/config.h.in 2021-10-16 03:28:49.447573081 -0700
> > > ++++ b/config.h.in 2021-10-16 03:29:38.626741181 -0700
> > > +@@ -275,4 +275,10 @@
> > > + /* Define if x86 ISA level should be included in shared
> > > libraries. */
> > > + #undef INCLUDE_X86_ISA_LEVEL
> > > +
> > > ++/* Define if -msahf is enabled by default on x86. */
> > > ++#undef HAVE_X86_LAHF_SAHF
> > > ++
> > > ++/* Define if -mmovbe is enabled by default on x86. */
> > > ++#undef HAVE_X86_MOVBE
> > > ++
> > > + #endif
> > > +diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
> > > +--- a/sysdeps/x86/configure 2021-10-16 03:28:49.587570713 -
> > > 0700
> > > ++++ b/sysdeps/x86/configure 2021-10-16 03:29:39.330729277 -
> > > 0700
> > > +@@ -126,6 +126,8 @@ cat > conftest2.S <<EOF
> > > + 4:
> > > + EOF
> > > + libc_cv_include_x86_isa_level=no
> > > ++libc_cv_have_x86_lahf_sahf=no
> > > ++libc_cv_have_x86_movbe=no
> > > + if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib
> > > -r -o conftest conftest1.S conftest2.S'
> > > + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}:
> > > \"$ac_try\""; } >&5
> > > + (eval $ac_try) 2>&5
> > > +@@ -135,6 +137,24 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
> > > + count=`LC_ALL=C $READELF -n conftest | grep
> > > NT_GNU_PROPERTY_TYPE_0 | wc -l`
> > > + if test "$count" = 1; then
> > > + libc_cv_include_x86_isa_level=yes
> > > ++ cat > conftest.c <<EOF
> > > ++EOF
> > > ++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o
> > > - conftest.c'
> > > ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}:
> > > \"$ac_try\""; } >&5
> > > ++ (eval $ac_try) 2>&5
> > > ++ ac_status=$?
> > > ++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> > > ++ test $ac_status = 0; }; } | grep -q "\-msahf"; then
> > > ++ libc_cv_have_x86_lahf_sahf=yes
> > > ++ fi
> > > ++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o
> > > - conftest.c'
> > > ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}:
> > > \"$ac_try\""; } >&5
> > > ++ (eval $ac_try) 2>&5
> > > ++ ac_status=$?
> > > ++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
> > > ++ test $ac_status = 0; }; } | grep -q "\-mmovbe"; then
> > > ++ libc_cv_have_x86_movbe=yes
> > > ++ fi
> > > + fi
> > > + fi
> > > + rm -f conftest*
> > > +@@ -145,5 +165,13 @@ if test $libc_cv_include_x86_isa_level =
> > > + $as_echo "#define INCLUDE_X86_ISA_LEVEL 1" >>confdefs.h
> > > +
> > > + fi
> > > ++if test $libc_cv_have_x86_lahf_sahf = yes; then
> > > ++ $as_echo "#define HAVE_X86_LAHF_SAHF 1" >>confdefs.h
> > > ++
> > > ++fi
> > > ++if test $libc_cv_have_x86_movbe = yes; then
> > > ++ $as_echo "#define HAVE_X86_MOVBE 1" >>confdefs.h
> > > ++
> > > ++fi
> > > + config_vars="$config_vars
> > > + enable-x86-isa-level = $libc_cv_include_x86_isa_level"
> > > +diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
> > > +--- a/sysdeps/x86/configure.ac 2021-10-16 03:28:49.587570713 -
> > > 0700
> > > ++++ b/sysdeps/x86/configure.ac 2021-10-16 03:29:40.038717306 -
> > > 0700
> > > +@@ -98,14 +98,30 @@ cat > conftest2.S <<EOF
> > > + 4:
> > > + EOF
> > > + libc_cv_include_x86_isa_level=no
> > > ++libc_cv_have_x86_lahf_sahf=no
> > > ++libc_cv_have_x86_movbe=no
> > > + if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -
> > > nostdlib -r -o conftest conftest1.S conftest2.S); then
> > > + count=`LC_ALL=C $READELF -n conftest | grep
> > > NT_GNU_PROPERTY_TYPE_0 | wc -l`
> > > + if test "$count" = 1; then
> > > + libc_cv_include_x86_isa_level=yes
> > > ++ cat > conftest.c <<EOF
> > > ++EOF
> > > ++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm
> > > -S -o - conftest.c) | grep -q "\-msahf"; then
> > > ++ libc_cv_have_x86_lahf_sahf=yes
> > > ++ fi
> > > ++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm
> > > -S -o - conftest.c) | grep -q "\-mmovbe"; then
> > > ++ libc_cv_have_x86_movbe=yes
> > > ++ fi
> > > + fi
> > > + fi
> > > + rm -f conftest*])
> > > + if test $libc_cv_include_x86_isa_level = yes; then
> > > + AC_DEFINE(INCLUDE_X86_ISA_LEVEL)
> > > + fi
> > > ++if test $libc_cv_have_x86_lahf_sahf = yes; then
> > > ++ AC_DEFINE(HAVE_X86_LAHF_SAHF)
> > > ++fi
> > > ++if test $libc_cv_have_x86_movbe = yes; then
> > > ++ AC_DEFINE(HAVE_X86_MOVBE)
> > > ++fi
> > > + LIBC_CONFIG_VAR([enable-x86-isa-level],
> > > [$libc_cv_include_x86_isa_level])
> > > +diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
> > > +--- a/sysdeps/x86/isa-level.c 2021-10-16 03:28:49.587570713 -
> > > 0700
> > > ++++ b/sysdeps/x86/isa-level.c 2021-10-16 03:29:40.766704997 -
> > > 0700
> > > +@@ -29,32 +29,35 @@
> > > +
> > > + /* ELF program property for x86 ISA level. */
> > > + #ifdef INCLUDE_X86_ISA_LEVEL
> > > +-# if defined __x86_64__ || defined __FXSR__ || !defined
> > > _SOFT_FLOAT \
> > > +- || defined __MMX__ || defined __SSE__ || defined __SSE2__
> > > ++# if defined __SSE__ && defined __SSE2__
> > > ++/* NB: ISAs, excluding MMX, in x86-64 ISA level baseline are
> > > used. */
> > > + # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
> > > + # else
> > > + # define ISA_BASELINE 0
> > > + # endif
> > > +
> > > +-# if defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
> > > +- || (defined __x86_64__ && defined __LAHF_SAHF__) \
> > > +- || defined __POPCNT__ || defined __SSE3__ \
> > > +- || defined __SSSE3__ || defined __SSE4_1__ || defined
> > > __SSE4_2__
> > > ++# if ISA_BASELINE && defined
> > > __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
> > > ++ && defined HAVE_X86_LAHF_SAHF && defined __POPCNT__ \
> > > ++ && defined __SSE3__ && defined __SSSE3__ && defined
> > > __SSE4_1__ \
> > > ++ && defined __SSE4_2__
> > > ++/* NB: ISAs in x86-64 ISA level v2 are used. */
> > > + # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
> > > + # else
> > > + # define ISA_V2 0
> > > + # endif
> > > +
> > > +-# if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
> > > +- || defined __FMA__ || defined __LZCNT__ || defined
> > > __MOVBE__ \
> > > +- || defined __XSAVE__
> > > ++# if ISA_V2 && defined __AVX__ && defined __AVX2__ && defined
> > > __F16C__ \
> > > ++ && defined __FMA__ && defined __LZCNT__ && defined
> > > HAVE_X86_MOVBE
> > > ++/* NB: ISAs in x86-64 ISA level v3 are used. */
> > > + # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
> > > + # else
> > > + # define ISA_V3 0
> > > + # endif
> > > +
> > > +-# if defined __AVX512F__ || defined __AVX512BW__ || defined
> > > __AVX512CD__ \
> > > +- || defined __AVX512DQ__ || defined __AVX512VL__
> > > ++# if ISA_V3 && defined __AVX512F__ && defined __AVX512BW__ \
> > > ++ && defined __AVX512CD__ && defined __AVX512DQ__ \
> > > ++ && defined __AVX512VL__
> > > ++/* NB: ISAs in x86-64 ISA level v4 are used. */
> > > + # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
> > > + # else
> > > + # define ISA_V4 0
> > > diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
> > > b/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
> > > deleted file mode 100644
> > > index 26c5c0d2a9..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
> > > +++ /dev/null
> > > @@ -1,51 +0,0 @@
> > > -From dca565886b5e8bd7966e15f0ca42ee5cff686673 Mon Sep 17
> > > 00:00:00 2001
> > > -From: DJ Delorie <dj@redhat.com>
> > > -Date: Thu, 25 Feb 2021 16:08:21 -0500
> > > -Subject: [PATCH] nscd: Fix double free in netgroupcache [BZ
> > > #27462]
> > > -
> > > -In commit 745664bd798ec8fd50438605948eea594179fba1 a use-after-
> > > free
> > > -was fixed, but this led to an occasional double-free. This
> > > patch
> > > -tracks the "live" allocation better.
> > > -
> > > -Tested manually by a third party.
> > > -
> > > -Related: RHBZ 1927877
> > > -
> > > -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> > > -Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> > > -
> > > -Upstream-Status: Backport
> > > [https://sourceware.org/git/?p=glibc.git;a=commit;h=dca565886b5e8bd7966e15f0ca42ee5cff686673
> > > ]
> > > -
> > > -CVE: CVE-2021-27645
> > > -
> > > -Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> > > -Signed-off-by: Khairul Rohaizzat Jamaluddin
> > > <khairul.rohaizzat.jamaluddin@intel.com>
> > > ----
> > > - nscd/netgroupcache.c | 4 ++--
> > > - 1 file changed, 2 insertions(+), 2 deletions(-)
> > > -
> > > -diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
> > > -index dba6ceec1b..ad2daddafd 100644
> > > ---- a/nscd/netgroupcache.c
> > > -+++ b/nscd/netgroupcache.c
> > > -@@ -248,7 +248,7 @@ addgetnetgrentX (struct database_dyn *db,
> > > int fd, request_header *req,
> > > - : NULL);
> > > - ndomain = (ndomain ? newbuf +
> > > ndomaindiff
> > > - : NULL);
> > > -- buffer = newbuf;
> > > -+ *tofreep = buffer = newbuf;
> > > - }
> > > -
> > > - nhost = memcpy (buffer + bufused,
> > > -@@ -319,7 +319,7 @@ addgetnetgrentX (struct database_dyn *db,
> > > int fd, request_header *req,
> > > - else if (status == NSS_STATUS_TRYAGAIN && e
> > > == ERANGE)
> > > - {
> > > - buflen *= 2;
> > > -- buffer = xrealloc (buffer, buflen);
> > > -+ *tofreep = buffer = xrealloc (buffer,
> > > buflen);
> > > - }
> > > - else if (status == NSS_STATUS_RETURN
> > > - || status == NSS_STATUS_NOTFOUND
> > > ---
> > > -2.27.0
> > > -
> > > diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
> > > b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
> > > deleted file mode 100644
> > > index 21f07ac303..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
> > > +++ /dev/null
> > > @@ -1,76 +0,0 @@
> > > -From 709674ec86c3c6da4f0995897f6b0205c16d049d Mon Sep 17
> > > 00:00:00 2001
> > > -From: Andreas Schwab <schwab@linux-m68k.org>
> > > -Date: Thu, 27 May 2021 12:49:47 +0200
> > > -Subject: [PATCH] Use __pthread_attr_copy in mq_notify (bug
> > > 27896)
> > > -
> > > -Make a deep copy of the pthread attribute object to remove a
> > > potential
> > > -use-after-free issue.
> > > -
> > > -Upstream-Status: Backport
> > > -
> > > [https://sourceware.org/git/?p=glibc.git;a=commit;h=42d359350510506b87101cf77202fefcbfc790cb
> > > ]
> > > -
> > > -CVE:
> > > -CVE-2021-33574
> > > -
> > > -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> > > -Signed-off-by: Khairul Rohaizzat Jamaluddin
> > > <khairul.rohaizzat.jamaluddin@intel.com>
> > > ----
> > > - NEWS | 4 ++++
> > > - sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++-----
> > > - 2 files changed, 14 insertions(+), 5 deletions(-)
> > > -
> > > -diff --git a/NEWS b/NEWS
> > > -index 71f5d20324..017d656433 100644
> > > ---- a/NEWS
> > > -+++ b/NEWS
> > > -@@ -118,6 +118,10 @@ Security related changes:
> > > - CVE-2019-25013: A buffer overflow has been fixed in the iconv
> > > function when
> > > - invoked with EUC-KR input containing invalid multibyte input
> > > sequences.
> > > -
> > > -+ CVE-2021-33574: The mq_notify function has a potential use-
> > > after-free
> > > -+ issue when using a notification type of SIGEV_THREAD and a
> > > thread
> > > -+ attribute with a non-default affinity mask.
> > > -+
> > > - The following bugs are resolved with this release:
> > > -
> > > - [10635] libc: realpath portability patches
> > > -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c
> > > b/sysdeps/unix/sysv/linux/mq_notify.c
> > > -index cc575a0cdd..f7ddfe5a6c 100644
> > > ---- a/sysdeps/unix/sysv/linux/mq_notify.c
> > > -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
> > > -@@ -133,8 +133,11 @@ helper_thread (void *arg)
> > > - (void) __pthread_barrier_wait (¬ify_barrier);
> > > - }
> > > - else if (data.raw[NOTIFY_COOKIE_LEN - 1] ==
> > > NOTIFY_REMOVED)
> > > -- /* The only state we keep is the copy of the thread
> > > attributes. */
> > > -- free (data.attr);
> > > -+ {
> > > -+ /* The only state we keep is the copy of the thread
> > > attributes. */
> > > -+ pthread_attr_destroy (data.attr);
> > > -+ free (data.attr);
> > > -+ }
> > > - }
> > > - return NULL;
> > > - }
> > > -@@ -255,8 +258,7 @@ mq_notify (mqd_t mqdes, const struct
> > > sigevent *notification)
> > > - if (data.attr == NULL)
> > > - return -1;
> > > -
> > > -- memcpy (data.attr, notification->sigev_notify_attributes,
> > > -- sizeof (pthread_attr_t));
> > > -+ __pthread_attr_copy (data.attr, notification-
> > > >sigev_notify_attributes);
> > > - }
> > > -
> > > - /* Construct the new request. */
> > > -@@ -270,7 +272,10 @@ mq_notify (mqd_t mqdes, const struct
> > > sigevent *notification)
> > > -
> > > - /* If it failed, free the allocated memory. */
> > > - if (__glibc_unlikely (retval != 0))
> > > -- free (data.attr);
> > > -+ {
> > > -+ pthread_attr_destroy (data.attr);
> > > -+ free (data.attr);
> > > -+ }
> > > -
> > > - return retval;
> > > - }
> > > diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
> > > b/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
> > > deleted file mode 100644
> > > index befccd7ac7..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
> > > +++ /dev/null
> > > @@ -1,61 +0,0 @@
> > > -From 217b6dc298156bdb0d6aea9ea93e7e394a5ff091 Mon Sep 17
> > > 00:00:00 2001
> > > -From: Florian Weimer <fweimer@redhat.com>
> > > -Date: Tue, 1 Jun 2021 17:51:41 +0200
> > > -Subject: [PATCH] Fix use of __pthread_attr_copy in mq_notify
> > > (bug 27896)
> > > -
> > > -__pthread_attr_copy can fail and does not initialize the
> > > attribute
> > > -structure in that case.
> > > -
> > > -If __pthread_attr_copy is never called and there is no allocated
> > > -attribute, pthread_attr_destroy should not be called, otherwise
> > > -there is a null pointer dereference in rt/tst-mqueue6.
> > > -
> > > -Fixes commit 42d359350510506b87101cf77202fefcbfc790cb
> > > -("Use __pthread_attr_copy in mq_notify (bug 27896)").
> > > -
> > > -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> > > -
> > > -Upstream-Status: Backport
> > > -
> > > [https://sourceware.org/git/?p=glibc.git;a=commit;h=217b6dc298156bdb0d6aea9ea93e7e394a5ff091
> > > ]
> > > -
> > > -CVE:
> > > -CVE-2021-33574
> > > -
> > > -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> > > -Signed-off-by: Khairul Rohaizzat Jamaluddin
> > > <khairul.rohaizzat.jamaluddin@intel.com>
> > > ----
> > > - sysdeps/unix/sysv/linux/mq_notify.c | 11 +++++++++--
> > > - 1 file changed, 9 insertions(+), 2 deletions(-)
> > > -
> > > -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c
> > > b/sysdeps/unix/sysv/linux/mq_notify.c
> > > -index f7ddfe5a6c..6f46d29d1d 100644
> > > ---- a/sysdeps/unix/sysv/linux/mq_notify.c
> > > -+++ b/sysdeps/unix/sysv/linux/mq_notify.c
> > > -@@ -258,7 +258,14 @@ mq_notify (mqd_t mqdes, const struct
> > > sigevent *notification)
> > > - if (data.attr == NULL)
> > > - return -1;
> > > -
> > > -- __pthread_attr_copy (data.attr, notification-
> > > >sigev_notify_attributes);
> > > -+ int ret = __pthread_attr_copy (data.attr,
> > > -+ notification-
> > > >sigev_notify_attributes);
> > > -+ if (ret != 0)
> > > -+ {
> > > -+ free (data.attr);
> > > -+ __set_errno (ret);
> > > -+ return -1;
> > > -+ }
> > > - }
> > > -
> > > - /* Construct the new request. */
> > > -@@ -271,7 +278,7 @@ mq_notify (mqd_t mqdes, const struct
> > > sigevent *notification)
> > > - int retval = INLINE_SYSCALL (mq_notify, 2, mqdes, &se);
> > > -
> > > - /* If it failed, free the allocated memory. */
> > > -- if (__glibc_unlikely (retval != 0))
> > > -+ if (retval != 0 && data.attr != NULL)
> > > - {
> > > - pthread_attr_destroy (data.attr);
> > > - free (data.attr);
> > > ---
> > > -2.27.0
> > > -
> > > diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
> > > b/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
> > > deleted file mode 100644
> > > index 5cae1bc91c..0000000000
> > > --- a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
> > > +++ /dev/null
> > > @@ -1,44 +0,0 @@
> > > -From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17
> > > 00:00:00 2001
> > > -From: Andreas Schwab <schwab@linux-m68k.org>
> > > -Date: Fri, 25 Jun 2021 15:02:47 +0200
> > > -Subject: [PATCH] wordexp: handle overflow in positional
> > > parameter number (bug
> > > - 28011)
> > > -
> > > -Use strtoul instead of atoi so that overflow can be detected.
> > > -
> > > -Upstream-Status: Backport
> > > [https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
> > > ]
> > > -CVE: CVE-2021-35942
> > > -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
> > > ----
> > > - posix/wordexp-test.c | 1 +
> > > - posix/wordexp.c | 2 +-
> > > - 2 files changed, 2 insertions(+), 1 deletion(-)
> > > -
> > > -diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
> > > -index f93a546d7e..9df02dbbb3 100644
> > > ---- a/posix/wordexp-test.c
> > > -+++ b/posix/wordexp-test.c
> > > -@@ -183,6 +183,7 @@ struct test_case_struct
> > > - { 0, NULL, "$var", 0, 0, { NULL, }, IFS },
> > > - { 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS },
> > > - { 0, NULL, "", 0, 0, { NULL, }, IFS },
> > > -+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, },
> > > IFS },
> > > -
> > > - /* Flags not already covered (testit() has special handling
> > > for these) */
> > > - { 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", },
> > > IFS },
> > > -diff --git a/posix/wordexp.c b/posix/wordexp.c
> > > -index bcbe96e48d..1f3b09f721 100644
> > > ---- a/posix/wordexp.c
> > > -+++ b/posix/wordexp.c
> > > -@@ -1399,7 +1399,7 @@ envsubst:
> > > - /* Is it a numeric parameter? */
> > > - else if (isdigit (env[0]))
> > > - {
> > > -- int n = atoi (env);
> > > -+ unsigned long n = strtoul (env, NULL, 10);
> > > -
> > > - if (n >= __libc_argc)
> > > - /* Substitute NULL. */
> > > ---
> > > -2.17.1
> > > -
> > > diff --git a/meta/recipes-core/glibc/glibc_2.33.bb
> > > b/meta/recipes-core/glibc/glibc_2.33.bb
> > > index 57a60cb9d8..ad5e2b8eb1 100644
> > > --- a/meta/recipes-core/glibc/glibc_2.33.bb
> > > +++ b/meta/recipes-core/glibc/glibc_2.33.bb
> > > @@ -56,16 +56,6 @@ SRC_URI =
> > > "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
> > >
> > > file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch
> > > \
> > >
> > > file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
> > > \
> > >
> > > file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \
> > > -
> > > file://0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
> > > \
> > > -
> > > file://0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch \
> > > -
> > > file://0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
> > > \
> > > - file://CVE-2021-27645.patch \
> > > -
> > > file://0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
> > > \
> > > - file://CVE-2021-33574_1.patch \
> > > - file://CVE-2021-33574_2.patch \
> > > - file://CVE-2021-35942.patch \
> > > - file://0001-CVE-2021-38604.patch \
> > > - file://0002-CVE-2021-38604.patch \
> > > "
> > > S = "${WORKDIR}/git"
> > > B = "${WORKDIR}/build-${TARGET_SYS}"
> > > --
> > > 2.31.1
> > >
> > >
> > > -=-=-=-=-=-=-=-=-=-=-=-
> > > Links: You receive all messages sent to this group.
> > > View/Reply Online (#157024):
> > > https://lists.openembedded.org/g/openembedded-core/message/157024
> > > Mute This Topic:
> > > https://lists.openembedded.org/mt/86384691/1997914
> > > Group Owner: openembedded-core+owner@lists.openembedded.org
> > > Unsubscribe:
> > > https://lists.openembedded.org/g/openembedded-core/unsub [
> > > raj.khem@gmail.com]
> > > -=-=-=-=-=-=-=-=-=-=-=-
> > >
^ permalink raw reply [flat|nested] 10+ messages in thread
* [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
@ 2022-01-30 6:20 pgowda
2022-04-20 14:35 ` [OE-core] " Randy MacLeod
0 siblings, 1 reply; 10+ messages in thread
From: pgowda @ 2022-01-30 6:20 UTC (permalink / raw)
To: openembedded-core; +Cc: anuj.mittal, rwmacleod, umesh.kalappa0, pgowda
glibc-2.33 has been upgraded to latest version that includes many CVE and
other bug fixes. Ran the regressions and results are better.
Signed-off-by: pgowda <pgowda.cve@gmail.com>
---
meta/recipes-core/glibc/glibc-version.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 63241ee951..e1eefdee49 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.33/master"
PV = "2.33"
-SRCREV_glibc ?= "55b99e9ed07688019609bd4dcd17d3ebf4572948"
+SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323"
SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
--
2.31.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2022-01-30 6:20 pgowda
@ 2022-04-20 14:35 ` Randy MacLeod
2022-04-20 15:30 ` pgowda cve
0 siblings, 1 reply; 10+ messages in thread
From: Randy MacLeod @ 2022-04-20 14:35 UTC (permalink / raw)
To: Pgowda, openembedded-core; +Cc: anuj.mittal, rwmacleod, umesh.kalappa0
On 2022-01-30 01:20, Pgowda wrote:
> glibc-2.33 has been upgraded to latest version that includes many CVE and
> other bug fixes. Ran the regressions and results are better.
>
> Signed-off-by: pgowda <pgowda.cve@gmail.com>
> ---
> meta/recipes-core/glibc/glibc-version.inc | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
> index 63241ee951..e1eefdee49 100644
> --- a/meta/recipes-core/glibc/glibc-version.inc
> +++ b/meta/recipes-core/glibc/glibc-version.inc
> @@ -1,6 +1,6 @@
> SRCBRANCH ?= "release/2.33/master"
> PV = "2.33"
> -SRCREV_glibc ?= "55b99e9ed07688019609bd4dcd17d3ebf4572948"
> +SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323"
> SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
>
> GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#161106): https://lists.openembedded.org/g/openembedded-core/message/161106
> Mute This Topic: https://lists.openembedded.org/mt/88782078/3616765
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
Naveen, Anuj, Richard,
Is there time to do this one last time for hardknott to pick up these
67 bug fixes in glibc?
We're particularily interested in:
78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
condition [BZ #28353]
but there seem to be many good bug fixes and optimizations in the list.
Naveen, please try it and test ASAP.
../Randy
5eddc29c92 2022-04-13 (HEAD -> release/2.33/master,
origin/release/2.33/master) S390: Add new s390 platform z16.
c78ad8eb47 2022-03-15 hppa: Use END instead of PSEUDO_END in
swapcontext.S
32f74d4f14 2022-03-15 hppa: Implement swapcontext in assembler (bug
28960)
baa74e8589 2022-03-06 hppa: Fix warnings from _dl_lookup_address
6d9525b620 2022-02-28 nptl: Fix cleanups for stack grows up [BZ# 28899]
8f56ecc19b 2022-02-22 hppa: Revise gettext trampoline design
ea94346dbe 2022-02-18 hppa: Fix swapcontext
aeab7584c2 2022-03-06 Fix elf/tst-audit2 on hppa
f341ab08fc 2022-02-18 NEWS: Add a bug fix entry for BZ #28896
24e95955aa 2022-02-18 x86: Fix TEST_NAME to make it a string in
tst-strncmp-rtm.c
6f8e99b567 2022-02-18 x86: Test wcscmp RTM in the wcsncmp overflow
case [BZ #28896]
a3cd0fe201 2022-02-15 x86: Fallback {str|wcs}cmp RTM in the ncmp
overflow case [BZ #28896]
cb922428dc 2022-02-17 string: Add a testcase for wcsncmp with
SIZE_MAX [BZ #28755]
211cce703d 2021-02-02 <bits/platform/x86.h>: Correct x86_cpu_TBM
55446dd8a2 2021-11-22 socket: Do not use AF_NETLINK in __opensock
9495d729f6 2021-10-18 hurd if_index: Explicitly use AF_INET for if
index discovery
78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
condition [BZ #28353]
1956ad4930 2021-07-08 x86-64: Test strlen and wcslen with 0 in the
RSI register [BZ #28064]
260360e89b 2021-07-08 x86: Remove wcsnlen-sse4_1 from wcslen
ifunc-impl-list [BZ #28064]
1b8f2456b9 2022-01-24 x86: Use CHECK_FEATURE_PRESENT to check HLE
[BZ #27398]
54fdfa2b33 2022-01-14 x86: Black list more Intel CPUs for TSX [BZ
#27398]
0a5f5e2dc1 2021-06-30 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
5cb6edb6cd 2021-06-23 x86: Copy IBT and SHSTK usable only if CET is
enabled
3e2a15c666 2021-04-19 x86-64: Require BMI2 for __strlen_evex and
__strnlen_evex
25941de34e 2022-01-27 NEWS: Add a bug fix entry for BZ #27974
2b00ee820a 2021-06-09 String: Add overflow tests for strnlen,
memchr, and strncat [BZ #27974]
8a3a0177c7 2021-04-19 x86: Optimize strlen-evex.S
cef3bffade 2021-06-23 x86: Fix overflow bug in wcsnlen-sse4_1 and
wcsnlen-avx2 [BZ #27974]
3ac5a7fe8b 2021-06-23 x86-64: Add wcslen optimize for sse4.1
5697e2dda8 2021-06-22 x86-64: Move strlen.S to multiarch/strlen-vec.S
3dea108f60 2021-05-07 x86-64: Fix an unknown vector operation in
memchr-evex.S
355afae940 2021-05-03 x86: Optimize memchr-evex.S
b72b89705e 2021-04-19 x86: Optimize strlen-avx2.S
453ed0a0f2 2021-06-09 x86: Fix overflow bug with wmemchr-sse2 and
wmemchr-avx2 [BZ #27974]
e09c377806 2021-05-03 x86: Optimize memchr-avx2.S
902af2f5ee 2022-01-27 NEWS: Add a bug fix entry for BZ #27457
31dd3e3cb3 2021-04-01 x86-64: Fix ifdef indentation in strlen-evex.S
d49105cc7a 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memmove
family functions
763cea698b 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memset
family functions
82f1ba9af7 2021-02-23 x86: Add string/memory function tests in RTM
region
0598a25cbe 2021-03-05 x86-64: Add AVX optimized string/memory
functions for RTM
15bae38c8b 2021-03-05 x86-64: Add memcmp family functions with
256-bit EVEX
47bf9f38bb 2021-03-05 x86-64: Add memset family functions with
256-bit EVEX
1697e739ef 2021-03-05 x86-64: Add memmove family functions with
256-bit EVEX
06d1aed51b 2021-03-05 x86-64: Add strcpy family functions with
256-bit EVEX
9cee072f8f 2021-03-05 x86-64: Add ifunc-avx2.h functions with
256-bit EVEX
f0a2b67147 2021-02-26 x86: Set Prefer_No_VZEROUPPER and add
Prefer_AVX2_STRCMP
a744a0a3fe 2021-03-27 test-strnlen.c: Check that strnlen won't go
beyond the maximum length
6b7b6c7514 2021-03-27 test-strnlen.c: Initialize wchar_t string with
wmemset [BZ #27655]
86c153d092 2022-01-26 NEWS: Add a bug fix entry for BZ #28755
3d52239b30 2022-01-09 x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ#
28755]
d251ad533e 2021-06-01 aarch64: align stack in clone [BZ #27939]
06ce5fbd6d 2021-06-25 support: Fix xclone build failures on ia64 and
hppa
48d9161e02 2022-01-24 Linux: Detect user namespace support in
io/tst-getcwd-smallbuff
41980af2d7 2022-01-24 realpath: Avoid overwriting preexisting error
(CVE-2021-3998)
bcdde07537 2022-01-21 getcwd: Set errno to ERANGE for size == 1
(CVE-2021-3999)
46a70c49ba 2021-03-10 support: Add xclone
f63cb3cf72 2022-01-24 tst-realpath-toolong: Fix hurd build
e41e5b97e3 2022-01-13 realpath: Set errno to ENAMETOOLONG for result
larger than PATH_MAX [BZ #28770]
e081bafcb1 2022-01-18 support: Add helpers to create paths longer
than PATH_MAX
ac148bdd88 2021-06-25 elf: Fix glibc-hwcaps priorities with cache
flags mismatches [BZ #27046]
5cab4e3f3a 2021-09-25 powerpc: Fix unrecognized instruction errors
with recent binutils
0f70b829f8 2022-01-17 CVE-2022-23218: Buffer overflow in sunrpc
svcunix_create (bug 28768)
4f4452721d 2021-03-09 <shlib-compat.h>: Support
compat_symbol_reference for _ISOMAC
dae9a8e7f6 2022-01-17 sunrpc: Test case for clnt_create "unix"
buffer overflow (bug 22542)
4653cd9e36 2022-01-17 CVE-2022-23219: Buffer overflow in sunrpc
clnt_create for "unix" (bug 22542)
f10e992e8d 2022-01-17 socket: Add the __sockaddr_un_set function
a51b76b71e 2022-01-17 x86: use default cache size if it cannot be
determined [BZ #28784]
--
# Randy MacLeod
# Wind River Linux
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2022-04-20 14:35 ` [OE-core] " Randy MacLeod
@ 2022-04-20 15:30 ` pgowda cve
2022-04-20 15:41 ` Randy MacLeod
0 siblings, 1 reply; 10+ messages in thread
From: pgowda cve @ 2022-04-20 15:30 UTC (permalink / raw)
To: Randy MacLeod
Cc: Patches and discussions about the oe-core layer, Mittal, Anuj,
Randy MacLeod, umesh kalappa0
Hi Randy,
The GLIBC was already updated to the latest version on top of [BZ #28353].
Please find the commit which had [BZ #28353] patch along with others.
https://git.openembedded.org/openembedded-core/commit/?h=hardknott&id=d5bdff460cc8b0f38177f1f38d625eeda729b459
Thanks,
Pgowda
On Wed, Apr 20, 2022 at 8:05 PM Randy MacLeod
<randy.macleod@windriver.com> wrote:
>
> On 2022-01-30 01:20, Pgowda wrote:
> > glibc-2.33 has been upgraded to latest version that includes many CVE and
> > other bug fixes. Ran the regressions and results are better.
> >
> > Signed-off-by: pgowda <pgowda.cve@gmail.com>
> > ---
> > meta/recipes-core/glibc/glibc-version.inc | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
> > index 63241ee951..e1eefdee49 100644
> > --- a/meta/recipes-core/glibc/glibc-version.inc
> > +++ b/meta/recipes-core/glibc/glibc-version.inc
> > @@ -1,6 +1,6 @@
> > SRCBRANCH ?= "release/2.33/master"
> > PV = "2.33"
> > -SRCREV_glibc ?= "55b99e9ed07688019609bd4dcd17d3ebf4572948"
> > +SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323"
> > SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
> >
> > GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#161106): https://lists.openembedded.org/g/openembedded-core/message/161106
> > Mute This Topic: https://lists.openembedded.org/mt/88782078/3616765
> > Group Owner: openembedded-core+owner@lists.openembedded.org
> > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
>
> Naveen, Anuj, Richard,
>
> Is there time to do this one last time for hardknott to pick up these
> 67 bug fixes in glibc?
>
> We're particularily interested in:
>
> 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
> condition [BZ #28353]
>
> but there seem to be many good bug fixes and optimizations in the list.
>
> Naveen, please try it and test ASAP.
>
> ../Randy
>
> 5eddc29c92 2022-04-13 (HEAD -> release/2.33/master,
> origin/release/2.33/master) S390: Add new s390 platform z16.
> c78ad8eb47 2022-03-15 hppa: Use END instead of PSEUDO_END in
> swapcontext.S
> 32f74d4f14 2022-03-15 hppa: Implement swapcontext in assembler (bug
> 28960)
> baa74e8589 2022-03-06 hppa: Fix warnings from _dl_lookup_address
> 6d9525b620 2022-02-28 nptl: Fix cleanups for stack grows up [BZ# 28899]
> 8f56ecc19b 2022-02-22 hppa: Revise gettext trampoline design
> ea94346dbe 2022-02-18 hppa: Fix swapcontext
> aeab7584c2 2022-03-06 Fix elf/tst-audit2 on hppa
> f341ab08fc 2022-02-18 NEWS: Add a bug fix entry for BZ #28896
> 24e95955aa 2022-02-18 x86: Fix TEST_NAME to make it a string in
> tst-strncmp-rtm.c
> 6f8e99b567 2022-02-18 x86: Test wcscmp RTM in the wcsncmp overflow
> case [BZ #28896]
> a3cd0fe201 2022-02-15 x86: Fallback {str|wcs}cmp RTM in the ncmp
> overflow case [BZ #28896]
> cb922428dc 2022-02-17 string: Add a testcase for wcsncmp with
> SIZE_MAX [BZ #28755]
> 211cce703d 2021-02-02 <bits/platform/x86.h>: Correct x86_cpu_TBM
> 55446dd8a2 2021-11-22 socket: Do not use AF_NETLINK in __opensock
> 9495d729f6 2021-10-18 hurd if_index: Explicitly use AF_INET for if
> index discovery
> 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
> condition [BZ #28353]
> 1956ad4930 2021-07-08 x86-64: Test strlen and wcslen with 0 in the
> RSI register [BZ #28064]
> 260360e89b 2021-07-08 x86: Remove wcsnlen-sse4_1 from wcslen
> ifunc-impl-list [BZ #28064]
> 1b8f2456b9 2022-01-24 x86: Use CHECK_FEATURE_PRESENT to check HLE
> [BZ #27398]
> 54fdfa2b33 2022-01-14 x86: Black list more Intel CPUs for TSX [BZ
> #27398]
> 0a5f5e2dc1 2021-06-30 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
> 5cb6edb6cd 2021-06-23 x86: Copy IBT and SHSTK usable only if CET is
> enabled
> 3e2a15c666 2021-04-19 x86-64: Require BMI2 for __strlen_evex and
> __strnlen_evex
> 25941de34e 2022-01-27 NEWS: Add a bug fix entry for BZ #27974
> 2b00ee820a 2021-06-09 String: Add overflow tests for strnlen,
> memchr, and strncat [BZ #27974]
> 8a3a0177c7 2021-04-19 x86: Optimize strlen-evex.S
> cef3bffade 2021-06-23 x86: Fix overflow bug in wcsnlen-sse4_1 and
> wcsnlen-avx2 [BZ #27974]
> 3ac5a7fe8b 2021-06-23 x86-64: Add wcslen optimize for sse4.1
> 5697e2dda8 2021-06-22 x86-64: Move strlen.S to multiarch/strlen-vec.S
> 3dea108f60 2021-05-07 x86-64: Fix an unknown vector operation in
> memchr-evex.S
> 355afae940 2021-05-03 x86: Optimize memchr-evex.S
> b72b89705e 2021-04-19 x86: Optimize strlen-avx2.S
> 453ed0a0f2 2021-06-09 x86: Fix overflow bug with wmemchr-sse2 and
> wmemchr-avx2 [BZ #27974]
> e09c377806 2021-05-03 x86: Optimize memchr-avx2.S
> 902af2f5ee 2022-01-27 NEWS: Add a bug fix entry for BZ #27457
> 31dd3e3cb3 2021-04-01 x86-64: Fix ifdef indentation in strlen-evex.S
> d49105cc7a 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memmove
> family functions
> 763cea698b 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memset
> family functions
> 82f1ba9af7 2021-02-23 x86: Add string/memory function tests in RTM
> region
> 0598a25cbe 2021-03-05 x86-64: Add AVX optimized string/memory
> functions for RTM
> 15bae38c8b 2021-03-05 x86-64: Add memcmp family functions with
> 256-bit EVEX
> 47bf9f38bb 2021-03-05 x86-64: Add memset family functions with
> 256-bit EVEX
> 1697e739ef 2021-03-05 x86-64: Add memmove family functions with
> 256-bit EVEX
> 06d1aed51b 2021-03-05 x86-64: Add strcpy family functions with
> 256-bit EVEX
> 9cee072f8f 2021-03-05 x86-64: Add ifunc-avx2.h functions with
> 256-bit EVEX
> f0a2b67147 2021-02-26 x86: Set Prefer_No_VZEROUPPER and add
> Prefer_AVX2_STRCMP
> a744a0a3fe 2021-03-27 test-strnlen.c: Check that strnlen won't go
> beyond the maximum length
> 6b7b6c7514 2021-03-27 test-strnlen.c: Initialize wchar_t string with
> wmemset [BZ #27655]
> 86c153d092 2022-01-26 NEWS: Add a bug fix entry for BZ #28755
> 3d52239b30 2022-01-09 x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ#
> 28755]
> d251ad533e 2021-06-01 aarch64: align stack in clone [BZ #27939]
> 06ce5fbd6d 2021-06-25 support: Fix xclone build failures on ia64 and
> hppa
> 48d9161e02 2022-01-24 Linux: Detect user namespace support in
> io/tst-getcwd-smallbuff
> 41980af2d7 2022-01-24 realpath: Avoid overwriting preexisting error
> (CVE-2021-3998)
> bcdde07537 2022-01-21 getcwd: Set errno to ERANGE for size == 1
> (CVE-2021-3999)
> 46a70c49ba 2021-03-10 support: Add xclone
> f63cb3cf72 2022-01-24 tst-realpath-toolong: Fix hurd build
> e41e5b97e3 2022-01-13 realpath: Set errno to ENAMETOOLONG for result
> larger than PATH_MAX [BZ #28770]
> e081bafcb1 2022-01-18 support: Add helpers to create paths longer
> than PATH_MAX
> ac148bdd88 2021-06-25 elf: Fix glibc-hwcaps priorities with cache
> flags mismatches [BZ #27046]
> 5cab4e3f3a 2021-09-25 powerpc: Fix unrecognized instruction errors
> with recent binutils
> 0f70b829f8 2022-01-17 CVE-2022-23218: Buffer overflow in sunrpc
> svcunix_create (bug 28768)
> 4f4452721d 2021-03-09 <shlib-compat.h>: Support
> compat_symbol_reference for _ISOMAC
> dae9a8e7f6 2022-01-17 sunrpc: Test case for clnt_create "unix"
> buffer overflow (bug 22542)
> 4653cd9e36 2022-01-17 CVE-2022-23219: Buffer overflow in sunrpc
> clnt_create for "unix" (bug 22542)
> f10e992e8d 2022-01-17 socket: Add the __sockaddr_un_set function
> a51b76b71e 2022-01-17 x86: use default cache size if it cannot be
> determined [BZ #28784]
>
> --
> # Randy MacLeod
> # Wind River Linux
>
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2022-04-20 15:30 ` pgowda cve
@ 2022-04-20 15:41 ` Randy MacLeod
2022-04-20 16:14 ` pgowda cve
0 siblings, 1 reply; 10+ messages in thread
From: Randy MacLeod @ 2022-04-20 15:41 UTC (permalink / raw)
To: pgowda cve
Cc: Patches and discussions about the oe-core layer, Mittal, Anuj,
Randy MacLeod, umesh kalappa0
On 2022-04-20 11:30, pgowda cve wrote:
> Hi Randy,
>
> The GLIBC was already updated to the latest version on top of [BZ #28353].
>
> Please find the commit which had [BZ #28353] patch along with others.
> https://git.openembedded.org/openembedded-core/commit/?h=hardknott&id=d5bdff460cc8b0f38177f1f38d625eeda729b459
>
> Thanks,
> Pgowda
Ah good. I'm not sue why my repo seemed to be behind.
There are still 23 commits that could be picked up, several of which
are marked as bug fixes but since we have the patch that was my main
concern, I'll leave it up to Anuj to see if he wants the update for 3.3.6.
Naveen,
We'll need that update regardless for WR Linux so please test it.
Thanks,
../Randy
git log --oneline 3e2a15c666e40e5ee740e5079c56d83469280323...
5eddc29c92 (HEAD -> release/2.33/master, origin/release/2.33/master)
S390: Add new s390 platform z16.
c78ad8eb47 hppa: Use END instead of PSEUDO_END in swapcontext.S
32f74d4f14 hppa: Implement swapcontext in assembler (bug 28960)
baa74e8589 hppa: Fix warnings from _dl_lookup_address
6d9525b620 nptl: Fix cleanups for stack grows up [BZ# 28899]
8f56ecc19b hppa: Revise gettext trampoline design
ea94346dbe hppa: Fix swapcontext
aeab7584c2 Fix elf/tst-audit2 on hppa
f341ab08fc NEWS: Add a bug fix entry for BZ #28896
24e95955aa x86: Fix TEST_NAME to make it a string in tst-strncmp-rtm.c
6f8e99b567 x86: Test wcscmp RTM in the wcsncmp overflow case [BZ #28896]
a3cd0fe201 x86: Fallback {str|wcs}cmp RTM in the ncmp overflow case [BZ
#28896]
cb922428dc string: Add a testcase for wcsncmp with SIZE_MAX [BZ #28755]
211cce703d <bits/platform/x86.h>: Correct x86_cpu_TBM
55446dd8a2 socket: Do not use AF_NETLINK in __opensock
9495d729f6 hurd if_index: Explicitly use AF_INET for if index discovery
78d25827ae Linux: Simplify __opensock and fix race condition [BZ #28353]
1956ad4930 x86-64: Test strlen and wcslen with 0 in the RSI register [BZ
#28064]
260360e89b x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list [BZ
#28064]
1b8f2456b9 x86: Use CHECK_FEATURE_PRESENT to check HLE [BZ #27398]
54fdfa2b33 x86: Black list more Intel CPUs for TSX [BZ #27398]
0a5f5e2dc1 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
5cb6edb6cd x86: Copy IBT and SHSTK usable only if CET is enabled
$ git log --oneline 3e2a15c666e40e5ee740e5079c56d83469280323... | wc -l
23
>
> On Wed, Apr 20, 2022 at 8:05 PM Randy MacLeod
> <randy.macleod@windriver.com> wrote:
>> On 2022-01-30 01:20, Pgowda wrote:
>>> glibc-2.33 has been upgraded to latest version that includes many CVE and
>>> other bug fixes. Ran the regressions and results are better.
>>>
>>> Signed-off-by: pgowda <pgowda.cve@gmail.com>
>>> ---
>>> meta/recipes-core/glibc/glibc-version.inc | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
>>> index 63241ee951..e1eefdee49 100644
>>> --- a/meta/recipes-core/glibc/glibc-version.inc
>>> +++ b/meta/recipes-core/glibc/glibc-version.inc
>>> @@ -1,6 +1,6 @@
>>> SRCBRANCH ?= "release/2.33/master"
>>> PV = "2.33"
>>> -SRCREV_glibc ?= "55b99e9ed07688019609bd4dcd17d3ebf4572948"
>>> +SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323"
>>> SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
>>>
>>> GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
>>>
>>> -=-=-=-=-=-=-=-=-=-=-=-
>>> Links: You receive all messages sent to this group.
>>> View/Reply Online (#161106): https://lists.openembedded.org/g/openembedded-core/message/161106
>>> Mute This Topic: https://lists.openembedded.org/mt/88782078/3616765
>>> Group Owner: openembedded-core+owner@lists.openembedded.org
>>> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
>>> -=-=-=-=-=-=-=-=-=-=-=-
>>>
>> Naveen, Anuj, Richard,
>>
>> Is there time to do this one last time for hardknott to pick up these
>> 67 bug fixes in glibc?
>>
>> We're particularily interested in:
>>
>> 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
>> condition [BZ #28353]
>>
>> but there seem to be many good bug fixes and optimizations in the list.
>>
>> Naveen, please try it and test ASAP.
>>
>> ../Randy
>>
>> 5eddc29c92 2022-04-13 (HEAD -> release/2.33/master,
>> origin/release/2.33/master) S390: Add new s390 platform z16.
>> c78ad8eb47 2022-03-15 hppa: Use END instead of PSEUDO_END in
>> swapcontext.S
>> 32f74d4f14 2022-03-15 hppa: Implement swapcontext in assembler (bug
>> 28960)
>> baa74e8589 2022-03-06 hppa: Fix warnings from _dl_lookup_address
>> 6d9525b620 2022-02-28 nptl: Fix cleanups for stack grows up [BZ# 28899]
>> 8f56ecc19b 2022-02-22 hppa: Revise gettext trampoline design
>> ea94346dbe 2022-02-18 hppa: Fix swapcontext
>> aeab7584c2 2022-03-06 Fix elf/tst-audit2 on hppa
>> f341ab08fc 2022-02-18 NEWS: Add a bug fix entry for BZ #28896
>> 24e95955aa 2022-02-18 x86: Fix TEST_NAME to make it a string in
>> tst-strncmp-rtm.c
>> 6f8e99b567 2022-02-18 x86: Test wcscmp RTM in the wcsncmp overflow
>> case [BZ #28896]
>> a3cd0fe201 2022-02-15 x86: Fallback {str|wcs}cmp RTM in the ncmp
>> overflow case [BZ #28896]
>> cb922428dc 2022-02-17 string: Add a testcase for wcsncmp with
>> SIZE_MAX [BZ #28755]
>> 211cce703d 2021-02-02 <bits/platform/x86.h>: Correct x86_cpu_TBM
>> 55446dd8a2 2021-11-22 socket: Do not use AF_NETLINK in __opensock
>> 9495d729f6 2021-10-18 hurd if_index: Explicitly use AF_INET for if
>> index discovery
>> 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
>> condition [BZ #28353]
>> 1956ad4930 2021-07-08 x86-64: Test strlen and wcslen with 0 in the
>> RSI register [BZ #28064]
>> 260360e89b 2021-07-08 x86: Remove wcsnlen-sse4_1 from wcslen
>> ifunc-impl-list [BZ #28064]
>> 1b8f2456b9 2022-01-24 x86: Use CHECK_FEATURE_PRESENT to check HLE
>> [BZ #27398]
>> 54fdfa2b33 2022-01-14 x86: Black list more Intel CPUs for TSX [BZ
>> #27398]
>> 0a5f5e2dc1 2021-06-30 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
>> 5cb6edb6cd 2021-06-23 x86: Copy IBT and SHSTK usable only if CET is
>> enabled
>> 3e2a15c666 2021-04-19 x86-64: Require BMI2 for __strlen_evex and
>> __strnlen_evex
>> 25941de34e 2022-01-27 NEWS: Add a bug fix entry for BZ #27974
>> 2b00ee820a 2021-06-09 String: Add overflow tests for strnlen,
>> memchr, and strncat [BZ #27974]
>> 8a3a0177c7 2021-04-19 x86: Optimize strlen-evex.S
>> cef3bffade 2021-06-23 x86: Fix overflow bug in wcsnlen-sse4_1 and
>> wcsnlen-avx2 [BZ #27974]
>> 3ac5a7fe8b 2021-06-23 x86-64: Add wcslen optimize for sse4.1
>> 5697e2dda8 2021-06-22 x86-64: Move strlen.S to multiarch/strlen-vec.S
>> 3dea108f60 2021-05-07 x86-64: Fix an unknown vector operation in
>> memchr-evex.S
>> 355afae940 2021-05-03 x86: Optimize memchr-evex.S
>> b72b89705e 2021-04-19 x86: Optimize strlen-avx2.S
>> 453ed0a0f2 2021-06-09 x86: Fix overflow bug with wmemchr-sse2 and
>> wmemchr-avx2 [BZ #27974]
>> e09c377806 2021-05-03 x86: Optimize memchr-avx2.S
>> 902af2f5ee 2022-01-27 NEWS: Add a bug fix entry for BZ #27457
>> 31dd3e3cb3 2021-04-01 x86-64: Fix ifdef indentation in strlen-evex.S
>> d49105cc7a 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memmove
>> family functions
>> 763cea698b 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memset
>> family functions
>> 82f1ba9af7 2021-02-23 x86: Add string/memory function tests in RTM
>> region
>> 0598a25cbe 2021-03-05 x86-64: Add AVX optimized string/memory
>> functions for RTM
>> 15bae38c8b 2021-03-05 x86-64: Add memcmp family functions with
>> 256-bit EVEX
>> 47bf9f38bb 2021-03-05 x86-64: Add memset family functions with
>> 256-bit EVEX
>> 1697e739ef 2021-03-05 x86-64: Add memmove family functions with
>> 256-bit EVEX
>> 06d1aed51b 2021-03-05 x86-64: Add strcpy family functions with
>> 256-bit EVEX
>> 9cee072f8f 2021-03-05 x86-64: Add ifunc-avx2.h functions with
>> 256-bit EVEX
>> f0a2b67147 2021-02-26 x86: Set Prefer_No_VZEROUPPER and add
>> Prefer_AVX2_STRCMP
>> a744a0a3fe 2021-03-27 test-strnlen.c: Check that strnlen won't go
>> beyond the maximum length
>> 6b7b6c7514 2021-03-27 test-strnlen.c: Initialize wchar_t string with
>> wmemset [BZ #27655]
>> 86c153d092 2022-01-26 NEWS: Add a bug fix entry for BZ #28755
>> 3d52239b30 2022-01-09 x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ#
>> 28755]
>> d251ad533e 2021-06-01 aarch64: align stack in clone [BZ #27939]
>> 06ce5fbd6d 2021-06-25 support: Fix xclone build failures on ia64 and
>> hppa
>> 48d9161e02 2022-01-24 Linux: Detect user namespace support in
>> io/tst-getcwd-smallbuff
>> 41980af2d7 2022-01-24 realpath: Avoid overwriting preexisting error
>> (CVE-2021-3998)
>> bcdde07537 2022-01-21 getcwd: Set errno to ERANGE for size == 1
>> (CVE-2021-3999)
>> 46a70c49ba 2021-03-10 support: Add xclone
>> f63cb3cf72 2022-01-24 tst-realpath-toolong: Fix hurd build
>> e41e5b97e3 2022-01-13 realpath: Set errno to ENAMETOOLONG for result
>> larger than PATH_MAX [BZ #28770]
>> e081bafcb1 2022-01-18 support: Add helpers to create paths longer
>> than PATH_MAX
>> ac148bdd88 2021-06-25 elf: Fix glibc-hwcaps priorities with cache
>> flags mismatches [BZ #27046]
>> 5cab4e3f3a 2021-09-25 powerpc: Fix unrecognized instruction errors
>> with recent binutils
>> 0f70b829f8 2022-01-17 CVE-2022-23218: Buffer overflow in sunrpc
>> svcunix_create (bug 28768)
>> 4f4452721d 2021-03-09 <shlib-compat.h>: Support
>> compat_symbol_reference for _ISOMAC
>> dae9a8e7f6 2022-01-17 sunrpc: Test case for clnt_create "unix"
>> buffer overflow (bug 22542)
>> 4653cd9e36 2022-01-17 CVE-2022-23219: Buffer overflow in sunrpc
>> clnt_create for "unix" (bug 22542)
>> f10e992e8d 2022-01-17 socket: Add the __sockaddr_un_set function
>> a51b76b71e 2022-01-17 x86: use default cache size if it cannot be
>> determined [BZ #28784]
>>
>> --
>> # Randy MacLeod
>> # Wind River Linux
>>
--
# Randy MacLeod
# Wind River Linux
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2022-04-20 15:41 ` Randy MacLeod
@ 2022-04-20 16:14 ` pgowda cve
2022-04-20 16:53 ` Randy MacLeod
0 siblings, 1 reply; 10+ messages in thread
From: pgowda cve @ 2022-04-20 16:14 UTC (permalink / raw)
To: Randy MacLeod
Cc: Patches and discussions about the oe-core layer, Mittal, Anuj,
Randy MacLeod, umesh kalappa0
Hi Randy,
Sorry for the misunderstanding from my side.
I am going through the list again and it seems like the required patch
was not part of the Hardknott.
It was rather a part of the Master branch.
@Mittal, Anuj , @Randy MacLeod
Please let me know if I can upgrade the GLIBC Hardknott to the latest
version of glibc-2.33?
Thanks,
Pgowda
On Wed, Apr 20, 2022 at 9:11 PM Randy MacLeod
<randy.macleod@windriver.com> wrote:
>
> On 2022-04-20 11:30, pgowda cve wrote:
> > Hi Randy,
> >
> > The GLIBC was already updated to the latest version on top of [BZ #28353].
> >
> > Please find the commit which had [BZ #28353] patch along with others.
> > https://git.openembedded.org/openembedded-core/commit/?h=hardknott&id=d5bdff460cc8b0f38177f1f38d625eeda729b459
> >
> > Thanks,
> > Pgowda
>
>
> Ah good. I'm not sue why my repo seemed to be behind.
>
> There are still 23 commits that could be picked up, several of which
> are marked as bug fixes but since we have the patch that was my main
> concern, I'll leave it up to Anuj to see if he wants the update for 3.3.6.
>
> Naveen,
>
> We'll need that update regardless for WR Linux so please test it.
>
>
> Thanks,
>
> ../Randy
>
>
> git log --oneline 3e2a15c666e40e5ee740e5079c56d83469280323...
> 5eddc29c92 (HEAD -> release/2.33/master, origin/release/2.33/master)
> S390: Add new s390 platform z16.
> c78ad8eb47 hppa: Use END instead of PSEUDO_END in swapcontext.S
> 32f74d4f14 hppa: Implement swapcontext in assembler (bug 28960)
> baa74e8589 hppa: Fix warnings from _dl_lookup_address
> 6d9525b620 nptl: Fix cleanups for stack grows up [BZ# 28899]
> 8f56ecc19b hppa: Revise gettext trampoline design
> ea94346dbe hppa: Fix swapcontext
> aeab7584c2 Fix elf/tst-audit2 on hppa
> f341ab08fc NEWS: Add a bug fix entry for BZ #28896
> 24e95955aa x86: Fix TEST_NAME to make it a string in tst-strncmp-rtm.c
> 6f8e99b567 x86: Test wcscmp RTM in the wcsncmp overflow case [BZ #28896]
> a3cd0fe201 x86: Fallback {str|wcs}cmp RTM in the ncmp overflow case [BZ
> #28896]
> cb922428dc string: Add a testcase for wcsncmp with SIZE_MAX [BZ #28755]
> 211cce703d <bits/platform/x86.h>: Correct x86_cpu_TBM
> 55446dd8a2 socket: Do not use AF_NETLINK in __opensock
> 9495d729f6 hurd if_index: Explicitly use AF_INET for if index discovery
> 78d25827ae Linux: Simplify __opensock and fix race condition [BZ #28353]
> 1956ad4930 x86-64: Test strlen and wcslen with 0 in the RSI register [BZ
> #28064]
> 260360e89b x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list [BZ
> #28064]
> 1b8f2456b9 x86: Use CHECK_FEATURE_PRESENT to check HLE [BZ #27398]
> 54fdfa2b33 x86: Black list more Intel CPUs for TSX [BZ #27398]
> 0a5f5e2dc1 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
> 5cb6edb6cd x86: Copy IBT and SHSTK usable only if CET is enabled
>
> $ git log --oneline 3e2a15c666e40e5ee740e5079c56d83469280323... | wc -l
> 23
>
>
>
> >
> > On Wed, Apr 20, 2022 at 8:05 PM Randy MacLeod
> > <randy.macleod@windriver.com> wrote:
> >> On 2022-01-30 01:20, Pgowda wrote:
> >>> glibc-2.33 has been upgraded to latest version that includes many CVE and
> >>> other bug fixes. Ran the regressions and results are better.
> >>>
> >>> Signed-off-by: pgowda <pgowda.cve@gmail.com>
> >>> ---
> >>> meta/recipes-core/glibc/glibc-version.inc | 2 +-
> >>> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>>
> >>> diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
> >>> index 63241ee951..e1eefdee49 100644
> >>> --- a/meta/recipes-core/glibc/glibc-version.inc
> >>> +++ b/meta/recipes-core/glibc/glibc-version.inc
> >>> @@ -1,6 +1,6 @@
> >>> SRCBRANCH ?= "release/2.33/master"
> >>> PV = "2.33"
> >>> -SRCREV_glibc ?= "55b99e9ed07688019609bd4dcd17d3ebf4572948"
> >>> +SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323"
> >>> SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
> >>>
> >>> GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
> >>>
> >>> -=-=-=-=-=-=-=-=-=-=-=-
> >>> Links: You receive all messages sent to this group.
> >>> View/Reply Online (#161106): https://lists.openembedded.org/g/openembedded-core/message/161106
> >>> Mute This Topic: https://lists.openembedded.org/mt/88782078/3616765
> >>> Group Owner: openembedded-core+owner@lists.openembedded.org
> >>> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
> >>> -=-=-=-=-=-=-=-=-=-=-=-
> >>>
> >> Naveen, Anuj, Richard,
> >>
> >> Is there time to do this one last time for hardknott to pick up these
> >> 67 bug fixes in glibc?
> >>
> >> We're particularily interested in:
> >>
> >> 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
> >> condition [BZ #28353]
> >>
> >> but there seem to be many good bug fixes and optimizations in the list.
> >>
> >> Naveen, please try it and test ASAP.
> >>
> >> ../Randy
> >>
> >> 5eddc29c92 2022-04-13 (HEAD -> release/2.33/master,
> >> origin/release/2.33/master) S390: Add new s390 platform z16.
> >> c78ad8eb47 2022-03-15 hppa: Use END instead of PSEUDO_END in
> >> swapcontext.S
> >> 32f74d4f14 2022-03-15 hppa: Implement swapcontext in assembler (bug
> >> 28960)
> >> baa74e8589 2022-03-06 hppa: Fix warnings from _dl_lookup_address
> >> 6d9525b620 2022-02-28 nptl: Fix cleanups for stack grows up [BZ# 28899]
> >> 8f56ecc19b 2022-02-22 hppa: Revise gettext trampoline design
> >> ea94346dbe 2022-02-18 hppa: Fix swapcontext
> >> aeab7584c2 2022-03-06 Fix elf/tst-audit2 on hppa
> >> f341ab08fc 2022-02-18 NEWS: Add a bug fix entry for BZ #28896
> >> 24e95955aa 2022-02-18 x86: Fix TEST_NAME to make it a string in
> >> tst-strncmp-rtm.c
> >> 6f8e99b567 2022-02-18 x86: Test wcscmp RTM in the wcsncmp overflow
> >> case [BZ #28896]
> >> a3cd0fe201 2022-02-15 x86: Fallback {str|wcs}cmp RTM in the ncmp
> >> overflow case [BZ #28896]
> >> cb922428dc 2022-02-17 string: Add a testcase for wcsncmp with
> >> SIZE_MAX [BZ #28755]
> >> 211cce703d 2021-02-02 <bits/platform/x86.h>: Correct x86_cpu_TBM
> >> 55446dd8a2 2021-11-22 socket: Do not use AF_NETLINK in __opensock
> >> 9495d729f6 2021-10-18 hurd if_index: Explicitly use AF_INET for if
> >> index discovery
> >> 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
> >> condition [BZ #28353]
> >> 1956ad4930 2021-07-08 x86-64: Test strlen and wcslen with 0 in the
> >> RSI register [BZ #28064]
> >> 260360e89b 2021-07-08 x86: Remove wcsnlen-sse4_1 from wcslen
> >> ifunc-impl-list [BZ #28064]
> >> 1b8f2456b9 2022-01-24 x86: Use CHECK_FEATURE_PRESENT to check HLE
> >> [BZ #27398]
> >> 54fdfa2b33 2022-01-14 x86: Black list more Intel CPUs for TSX [BZ
> >> #27398]
> >> 0a5f5e2dc1 2021-06-30 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
> >> 5cb6edb6cd 2021-06-23 x86: Copy IBT and SHSTK usable only if CET is
> >> enabled
> >> 3e2a15c666 2021-04-19 x86-64: Require BMI2 for __strlen_evex and
> >> __strnlen_evex
> >> 25941de34e 2022-01-27 NEWS: Add a bug fix entry for BZ #27974
> >> 2b00ee820a 2021-06-09 String: Add overflow tests for strnlen,
> >> memchr, and strncat [BZ #27974]
> >> 8a3a0177c7 2021-04-19 x86: Optimize strlen-evex.S
> >> cef3bffade 2021-06-23 x86: Fix overflow bug in wcsnlen-sse4_1 and
> >> wcsnlen-avx2 [BZ #27974]
> >> 3ac5a7fe8b 2021-06-23 x86-64: Add wcslen optimize for sse4.1
> >> 5697e2dda8 2021-06-22 x86-64: Move strlen.S to multiarch/strlen-vec.S
> >> 3dea108f60 2021-05-07 x86-64: Fix an unknown vector operation in
> >> memchr-evex.S
> >> 355afae940 2021-05-03 x86: Optimize memchr-evex.S
> >> b72b89705e 2021-04-19 x86: Optimize strlen-avx2.S
> >> 453ed0a0f2 2021-06-09 x86: Fix overflow bug with wmemchr-sse2 and
> >> wmemchr-avx2 [BZ #27974]
> >> e09c377806 2021-05-03 x86: Optimize memchr-avx2.S
> >> 902af2f5ee 2022-01-27 NEWS: Add a bug fix entry for BZ #27457
> >> 31dd3e3cb3 2021-04-01 x86-64: Fix ifdef indentation in strlen-evex.S
> >> d49105cc7a 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memmove
> >> family functions
> >> 763cea698b 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memset
> >> family functions
> >> 82f1ba9af7 2021-02-23 x86: Add string/memory function tests in RTM
> >> region
> >> 0598a25cbe 2021-03-05 x86-64: Add AVX optimized string/memory
> >> functions for RTM
> >> 15bae38c8b 2021-03-05 x86-64: Add memcmp family functions with
> >> 256-bit EVEX
> >> 47bf9f38bb 2021-03-05 x86-64: Add memset family functions with
> >> 256-bit EVEX
> >> 1697e739ef 2021-03-05 x86-64: Add memmove family functions with
> >> 256-bit EVEX
> >> 06d1aed51b 2021-03-05 x86-64: Add strcpy family functions with
> >> 256-bit EVEX
> >> 9cee072f8f 2021-03-05 x86-64: Add ifunc-avx2.h functions with
> >> 256-bit EVEX
> >> f0a2b67147 2021-02-26 x86: Set Prefer_No_VZEROUPPER and add
> >> Prefer_AVX2_STRCMP
> >> a744a0a3fe 2021-03-27 test-strnlen.c: Check that strnlen won't go
> >> beyond the maximum length
> >> 6b7b6c7514 2021-03-27 test-strnlen.c: Initialize wchar_t string with
> >> wmemset [BZ #27655]
> >> 86c153d092 2022-01-26 NEWS: Add a bug fix entry for BZ #28755
> >> 3d52239b30 2022-01-09 x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ#
> >> 28755]
> >> d251ad533e 2021-06-01 aarch64: align stack in clone [BZ #27939]
> >> 06ce5fbd6d 2021-06-25 support: Fix xclone build failures on ia64 and
> >> hppa
> >> 48d9161e02 2022-01-24 Linux: Detect user namespace support in
> >> io/tst-getcwd-smallbuff
> >> 41980af2d7 2022-01-24 realpath: Avoid overwriting preexisting error
> >> (CVE-2021-3998)
> >> bcdde07537 2022-01-21 getcwd: Set errno to ERANGE for size == 1
> >> (CVE-2021-3999)
> >> 46a70c49ba 2021-03-10 support: Add xclone
> >> f63cb3cf72 2022-01-24 tst-realpath-toolong: Fix hurd build
> >> e41e5b97e3 2022-01-13 realpath: Set errno to ENAMETOOLONG for result
> >> larger than PATH_MAX [BZ #28770]
> >> e081bafcb1 2022-01-18 support: Add helpers to create paths longer
> >> than PATH_MAX
> >> ac148bdd88 2021-06-25 elf: Fix glibc-hwcaps priorities with cache
> >> flags mismatches [BZ #27046]
> >> 5cab4e3f3a 2021-09-25 powerpc: Fix unrecognized instruction errors
> >> with recent binutils
> >> 0f70b829f8 2022-01-17 CVE-2022-23218: Buffer overflow in sunrpc
> >> svcunix_create (bug 28768)
> >> 4f4452721d 2021-03-09 <shlib-compat.h>: Support
> >> compat_symbol_reference for _ISOMAC
> >> dae9a8e7f6 2022-01-17 sunrpc: Test case for clnt_create "unix"
> >> buffer overflow (bug 22542)
> >> 4653cd9e36 2022-01-17 CVE-2022-23219: Buffer overflow in sunrpc
> >> clnt_create for "unix" (bug 22542)
> >> f10e992e8d 2022-01-17 socket: Add the __sockaddr_un_set function
> >> a51b76b71e 2022-01-17 x86: use default cache size if it cannot be
> >> determined [BZ #28784]
> >>
> >> --
> >> # Randy MacLeod
> >> # Wind River Linux
> >>
>
> --
> # Randy MacLeod
> # Wind River Linux
>
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2022-04-20 16:14 ` pgowda cve
@ 2022-04-20 16:53 ` Randy MacLeod
2022-04-20 23:18 ` Mittal, Anuj
0 siblings, 1 reply; 10+ messages in thread
From: Randy MacLeod @ 2022-04-20 16:53 UTC (permalink / raw)
To: pgowda cve
Cc: Patches and discussions about the oe-core layer, Mittal, Anuj,
Randy MacLeod, umesh kalappa0
On 2022-04-20 12:14, pgowda cve wrote:
> Hi Randy,
>
> Sorry for the misunderstanding from my side.
> I am going through the list again and it seems like the required patch
> was not part of the Hardknott.
> It was rather a part of the Master branch.
I thought so! ;-)
>
> @Mittal, Anuj , @Randy MacLeod
> Please let me know if I can upgrade the GLIBC Hardknott to the latest
> version of glibc-2.33?
Richard told me in IRC that the 3.3.6 build has happened and is in QA
now so let's handle this glibc update in WR Linux/LTS21.
../Randy
>
> Thanks,
> Pgowda
>
>
>
> On Wed, Apr 20, 2022 at 9:11 PM Randy MacLeod
> <randy.macleod@windriver.com> wrote:
>>
>> On 2022-04-20 11:30, pgowda cve wrote:
>>> Hi Randy,
>>>
>>> The GLIBC was already updated to the latest version on top of [BZ #28353].
>>>
>>> Please find the commit which had [BZ #28353] patch along with others.
>>> https://git.openembedded.org/openembedded-core/commit/?h=hardknott&id=d5bdff460cc8b0f38177f1f38d625eeda729b459
>>>
>>> Thanks,
>>> Pgowda
>>
>>
>> Ah good. I'm not sue why my repo seemed to be behind.
>>
>> There are still 23 commits that could be picked up, several of which
>> are marked as bug fixes but since we have the patch that was my main
>> concern, I'll leave it up to Anuj to see if he wants the update for 3.3.6.
>>
>> Naveen,
>>
>> We'll need that update regardless for WR Linux so please test it.
>>
>>
>> Thanks,
>>
>> ../Randy
>>
>>
>> git log --oneline 3e2a15c666e40e5ee740e5079c56d83469280323...
>> 5eddc29c92 (HEAD -> release/2.33/master, origin/release/2.33/master)
>> S390: Add new s390 platform z16.
>> c78ad8eb47 hppa: Use END instead of PSEUDO_END in swapcontext.S
>> 32f74d4f14 hppa: Implement swapcontext in assembler (bug 28960)
>> baa74e8589 hppa: Fix warnings from _dl_lookup_address
>> 6d9525b620 nptl: Fix cleanups for stack grows up [BZ# 28899]
>> 8f56ecc19b hppa: Revise gettext trampoline design
>> ea94346dbe hppa: Fix swapcontext
>> aeab7584c2 Fix elf/tst-audit2 on hppa
>> f341ab08fc NEWS: Add a bug fix entry for BZ #28896
>> 24e95955aa x86: Fix TEST_NAME to make it a string in tst-strncmp-rtm.c
>> 6f8e99b567 x86: Test wcscmp RTM in the wcsncmp overflow case [BZ #28896]
>> a3cd0fe201 x86: Fallback {str|wcs}cmp RTM in the ncmp overflow case [BZ
>> #28896]
>> cb922428dc string: Add a testcase for wcsncmp with SIZE_MAX [BZ #28755]
>> 211cce703d <bits/platform/x86.h>: Correct x86_cpu_TBM
>> 55446dd8a2 socket: Do not use AF_NETLINK in __opensock
>> 9495d729f6 hurd if_index: Explicitly use AF_INET for if index discovery
>> 78d25827ae Linux: Simplify __opensock and fix race condition [BZ #28353]
>> 1956ad4930 x86-64: Test strlen and wcslen with 0 in the RSI register [BZ
>> #28064]
>> 260360e89b x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list [BZ
>> #28064]
>> 1b8f2456b9 x86: Use CHECK_FEATURE_PRESENT to check HLE [BZ #27398]
>> 54fdfa2b33 x86: Black list more Intel CPUs for TSX [BZ #27398]
>> 0a5f5e2dc1 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
>> 5cb6edb6cd x86: Copy IBT and SHSTK usable only if CET is enabled
>>
>> $ git log --oneline 3e2a15c666e40e5ee740e5079c56d83469280323... | wc -l
>> 23
>>
>>
>>
>>>
>>> On Wed, Apr 20, 2022 at 8:05 PM Randy MacLeod
>>> <randy.macleod@windriver.com> wrote:
>>>> On 2022-01-30 01:20, Pgowda wrote:
>>>>> glibc-2.33 has been upgraded to latest version that includes many CVE and
>>>>> other bug fixes. Ran the regressions and results are better.
>>>>>
>>>>> Signed-off-by: pgowda <pgowda.cve@gmail.com>
>>>>> ---
>>>>> meta/recipes-core/glibc/glibc-version.inc | 2 +-
>>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
>>>>> index 63241ee951..e1eefdee49 100644
>>>>> --- a/meta/recipes-core/glibc/glibc-version.inc
>>>>> +++ b/meta/recipes-core/glibc/glibc-version.inc
>>>>> @@ -1,6 +1,6 @@
>>>>> SRCBRANCH ?= "release/2.33/master"
>>>>> PV = "2.33"
>>>>> -SRCREV_glibc ?= "55b99e9ed07688019609bd4dcd17d3ebf4572948"
>>>>> +SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323"
>>>>> SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
>>>>>
>>>>> GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
>>>>>
>>>>> -=-=-=-=-=-=-=-=-=-=-=-
>>>>> Links: You receive all messages sent to this group.
>>>>> View/Reply Online (#161106): https://lists.openembedded.org/g/openembedded-core/message/161106
>>>>> Mute This Topic: https://lists.openembedded.org/mt/88782078/3616765
>>>>> Group Owner: openembedded-core+owner@lists.openembedded.org
>>>>> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
>>>>> -=-=-=-=-=-=-=-=-=-=-=-
>>>>>
>>>> Naveen, Anuj, Richard,
>>>>
>>>> Is there time to do this one last time for hardknott to pick up these
>>>> 67 bug fixes in glibc?
>>>>
>>>> We're particularily interested in:
>>>>
>>>> 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
>>>> condition [BZ #28353]
>>>>
>>>> but there seem to be many good bug fixes and optimizations in the list.
>>>>
>>>> Naveen, please try it and test ASAP.
>>>>
>>>> ../Randy
>>>>
>>>> 5eddc29c92 2022-04-13 (HEAD -> release/2.33/master,
>>>> origin/release/2.33/master) S390: Add new s390 platform z16.
>>>> c78ad8eb47 2022-03-15 hppa: Use END instead of PSEUDO_END in
>>>> swapcontext.S
>>>> 32f74d4f14 2022-03-15 hppa: Implement swapcontext in assembler (bug
>>>> 28960)
>>>> baa74e8589 2022-03-06 hppa: Fix warnings from _dl_lookup_address
>>>> 6d9525b620 2022-02-28 nptl: Fix cleanups for stack grows up [BZ# 28899]
>>>> 8f56ecc19b 2022-02-22 hppa: Revise gettext trampoline design
>>>> ea94346dbe 2022-02-18 hppa: Fix swapcontext
>>>> aeab7584c2 2022-03-06 Fix elf/tst-audit2 on hppa
>>>> f341ab08fc 2022-02-18 NEWS: Add a bug fix entry for BZ #28896
>>>> 24e95955aa 2022-02-18 x86: Fix TEST_NAME to make it a string in
>>>> tst-strncmp-rtm.c
>>>> 6f8e99b567 2022-02-18 x86: Test wcscmp RTM in the wcsncmp overflow
>>>> case [BZ #28896]
>>>> a3cd0fe201 2022-02-15 x86: Fallback {str|wcs}cmp RTM in the ncmp
>>>> overflow case [BZ #28896]
>>>> cb922428dc 2022-02-17 string: Add a testcase for wcsncmp with
>>>> SIZE_MAX [BZ #28755]
>>>> 211cce703d 2021-02-02 <bits/platform/x86.h>: Correct x86_cpu_TBM
>>>> 55446dd8a2 2021-11-22 socket: Do not use AF_NETLINK in __opensock
>>>> 9495d729f6 2021-10-18 hurd if_index: Explicitly use AF_INET for if
>>>> index discovery
>>>> 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix race
>>>> condition [BZ #28353]
>>>> 1956ad4930 2021-07-08 x86-64: Test strlen and wcslen with 0 in the
>>>> RSI register [BZ #28064]
>>>> 260360e89b 2021-07-08 x86: Remove wcsnlen-sse4_1 from wcslen
>>>> ifunc-impl-list [BZ #28064]
>>>> 1b8f2456b9 2022-01-24 x86: Use CHECK_FEATURE_PRESENT to check HLE
>>>> [BZ #27398]
>>>> 54fdfa2b33 2022-01-14 x86: Black list more Intel CPUs for TSX [BZ
>>>> #27398]
>>>> 0a5f5e2dc1 2021-06-30 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
>>>> 5cb6edb6cd 2021-06-23 x86: Copy IBT and SHSTK usable only if CET is
>>>> enabled
>>>> 3e2a15c666 2021-04-19 x86-64: Require BMI2 for __strlen_evex and
>>>> __strnlen_evex
>>>> 25941de34e 2022-01-27 NEWS: Add a bug fix entry for BZ #27974
>>>> 2b00ee820a 2021-06-09 String: Add overflow tests for strnlen,
>>>> memchr, and strncat [BZ #27974]
>>>> 8a3a0177c7 2021-04-19 x86: Optimize strlen-evex.S
>>>> cef3bffade 2021-06-23 x86: Fix overflow bug in wcsnlen-sse4_1 and
>>>> wcsnlen-avx2 [BZ #27974]
>>>> 3ac5a7fe8b 2021-06-23 x86-64: Add wcslen optimize for sse4.1
>>>> 5697e2dda8 2021-06-22 x86-64: Move strlen.S to multiarch/strlen-vec.S
>>>> 3dea108f60 2021-05-07 x86-64: Fix an unknown vector operation in
>>>> memchr-evex.S
>>>> 355afae940 2021-05-03 x86: Optimize memchr-evex.S
>>>> b72b89705e 2021-04-19 x86: Optimize strlen-avx2.S
>>>> 453ed0a0f2 2021-06-09 x86: Fix overflow bug with wmemchr-sse2 and
>>>> wmemchr-avx2 [BZ #27974]
>>>> e09c377806 2021-05-03 x86: Optimize memchr-avx2.S
>>>> 902af2f5ee 2022-01-27 NEWS: Add a bug fix entry for BZ #27457
>>>> 31dd3e3cb3 2021-04-01 x86-64: Fix ifdef indentation in strlen-evex.S
>>>> d49105cc7a 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memmove
>>>> family functions
>>>> 763cea698b 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512 memset
>>>> family functions
>>>> 82f1ba9af7 2021-02-23 x86: Add string/memory function tests in RTM
>>>> region
>>>> 0598a25cbe 2021-03-05 x86-64: Add AVX optimized string/memory
>>>> functions for RTM
>>>> 15bae38c8b 2021-03-05 x86-64: Add memcmp family functions with
>>>> 256-bit EVEX
>>>> 47bf9f38bb 2021-03-05 x86-64: Add memset family functions with
>>>> 256-bit EVEX
>>>> 1697e739ef 2021-03-05 x86-64: Add memmove family functions with
>>>> 256-bit EVEX
>>>> 06d1aed51b 2021-03-05 x86-64: Add strcpy family functions with
>>>> 256-bit EVEX
>>>> 9cee072f8f 2021-03-05 x86-64: Add ifunc-avx2.h functions with
>>>> 256-bit EVEX
>>>> f0a2b67147 2021-02-26 x86: Set Prefer_No_VZEROUPPER and add
>>>> Prefer_AVX2_STRCMP
>>>> a744a0a3fe 2021-03-27 test-strnlen.c: Check that strnlen won't go
>>>> beyond the maximum length
>>>> 6b7b6c7514 2021-03-27 test-strnlen.c: Initialize wchar_t string with
>>>> wmemset [BZ #27655]
>>>> 86c153d092 2022-01-26 NEWS: Add a bug fix entry for BZ #28755
>>>> 3d52239b30 2022-01-09 x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ#
>>>> 28755]
>>>> d251ad533e 2021-06-01 aarch64: align stack in clone [BZ #27939]
>>>> 06ce5fbd6d 2021-06-25 support: Fix xclone build failures on ia64 and
>>>> hppa
>>>> 48d9161e02 2022-01-24 Linux: Detect user namespace support in
>>>> io/tst-getcwd-smallbuff
>>>> 41980af2d7 2022-01-24 realpath: Avoid overwriting preexisting error
>>>> (CVE-2021-3998)
>>>> bcdde07537 2022-01-21 getcwd: Set errno to ERANGE for size == 1
>>>> (CVE-2021-3999)
>>>> 46a70c49ba 2021-03-10 support: Add xclone
>>>> f63cb3cf72 2022-01-24 tst-realpath-toolong: Fix hurd build
>>>> e41e5b97e3 2022-01-13 realpath: Set errno to ENAMETOOLONG for result
>>>> larger than PATH_MAX [BZ #28770]
>>>> e081bafcb1 2022-01-18 support: Add helpers to create paths longer
>>>> than PATH_MAX
>>>> ac148bdd88 2021-06-25 elf: Fix glibc-hwcaps priorities with cache
>>>> flags mismatches [BZ #27046]
>>>> 5cab4e3f3a 2021-09-25 powerpc: Fix unrecognized instruction errors
>>>> with recent binutils
>>>> 0f70b829f8 2022-01-17 CVE-2022-23218: Buffer overflow in sunrpc
>>>> svcunix_create (bug 28768)
>>>> 4f4452721d 2021-03-09 <shlib-compat.h>: Support
>>>> compat_symbol_reference for _ISOMAC
>>>> dae9a8e7f6 2022-01-17 sunrpc: Test case for clnt_create "unix"
>>>> buffer overflow (bug 22542)
>>>> 4653cd9e36 2022-01-17 CVE-2022-23219: Buffer overflow in sunrpc
>>>> clnt_create for "unix" (bug 22542)
>>>> f10e992e8d 2022-01-17 socket: Add the __sockaddr_un_set function
>>>> a51b76b71e 2022-01-17 x86: use default cache size if it cannot be
>>>> determined [BZ #28784]
>>>>
>>>> --
>>>> # Randy MacLeod
>>>> # Wind River Linux
>>>>
>>
>> --
>> # Randy MacLeod
>> # Wind River Linux
>>
--
# Randy MacLeod
# Wind River Linux
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [OE-core] [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version
2022-04-20 16:53 ` Randy MacLeod
@ 2022-04-20 23:18 ` Mittal, Anuj
0 siblings, 0 replies; 10+ messages in thread
From: Mittal, Anuj @ 2022-04-20 23:18 UTC (permalink / raw)
To: pgowda.cve, randy.macleod; +Cc: openembedded-core, rwmacleod, umesh.kalappa0
On Wed, 2022-04-20 at 12:53 -0400, Randy MacLeod wrote:
> On 2022-04-20 12:14, pgowda cve wrote:
> > Hi Randy,
> >
> > Sorry for the misunderstanding from my side.
> > I am going through the list again and it seems like the required
> > patch
> > was not part of the Hardknott.
> > It was rather a part of the Master branch.
>
> I thought so! ;-)
>
> >
> > @Mittal, Anuj , @Randy MacLeod
> > Please let me know if I can upgrade the GLIBC Hardknott to the
> > latest
> > version of glibc-2.33?
>
>
> Richard told me in IRC that the 3.3.6 build has happened and is in QA
> now so let's handle this glibc update in WR Linux/LTS21.
Yes, the build is in QA now. This specific update is available in
hardknott though.
Thanks,
Anuj
>
> ../Randy
>
>
> >
> > Thanks,
> > Pgowda
> >
> >
> >
> > On Wed, Apr 20, 2022 at 9:11 PM Randy MacLeod
> > <randy.macleod@windriver.com> wrote:
> > >
> > > On 2022-04-20 11:30, pgowda cve wrote:
> > > > Hi Randy,
> > > >
> > > > The GLIBC was already updated to the latest version on top of
> > > > [BZ #28353].
> > > >
> > > > Please find the commit which had [BZ #28353] patch along with
> > > > others.
> > > > https://git.openembedded.org/openembedded-core/commit/?h=hardknott&id=d5bdff460cc8b0f38177f1f38d625eeda729b459
> > > >
> > > > Thanks,
> > > > Pgowda
> > >
> > >
> > > Ah good. I'm not sue why my repo seemed to be behind.
> > >
> > > There are still 23 commits that could be picked up, several of
> > > which
> > > are marked as bug fixes but since we have the patch that was my
> > > main
> > > concern, I'll leave it up to Anuj to see if he wants the update
> > > for 3.3.6.
> > >
> > > Naveen,
> > >
> > > We'll need that update regardless for WR Linux so please test it.
> > >
> > >
> > > Thanks,
> > >
> > > ../Randy
> > >
> > >
> > > git log --oneline 3e2a15c666e40e5ee740e5079c56d83469280323...
> > > 5eddc29c92 (HEAD -> release/2.33/master,
> > > origin/release/2.33/master)
> > > S390: Add new s390 platform z16.
> > > c78ad8eb47 hppa: Use END instead of PSEUDO_END in swapcontext.S
> > > 32f74d4f14 hppa: Implement swapcontext in assembler (bug 28960)
> > > baa74e8589 hppa: Fix warnings from _dl_lookup_address
> > > 6d9525b620 nptl: Fix cleanups for stack grows up [BZ# 28899]
> > > 8f56ecc19b hppa: Revise gettext trampoline design
> > > ea94346dbe hppa: Fix swapcontext
> > > aeab7584c2 Fix elf/tst-audit2 on hppa
> > > f341ab08fc NEWS: Add a bug fix entry for BZ #28896
> > > 24e95955aa x86: Fix TEST_NAME to make it a string in tst-strncmp-
> > > rtm.c
> > > 6f8e99b567 x86: Test wcscmp RTM in the wcsncmp overflow case [BZ
> > > #28896]
> > > a3cd0fe201 x86: Fallback {str|wcs}cmp RTM in the ncmp overflow
> > > case [BZ
> > > #28896]
> > > cb922428dc string: Add a testcase for wcsncmp with SIZE_MAX [BZ
> > > #28755]
> > > 211cce703d <bits/platform/x86.h>: Correct x86_cpu_TBM
> > > 55446dd8a2 socket: Do not use AF_NETLINK in __opensock
> > > 9495d729f6 hurd if_index: Explicitly use AF_INET for if index
> > > discovery
> > > 78d25827ae Linux: Simplify __opensock and fix race condition [BZ
> > > #28353]
> > > 1956ad4930 x86-64: Test strlen and wcslen with 0 in the RSI
> > > register [BZ
> > > #28064]
> > > 260360e89b x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list
> > > [BZ
> > > #28064]
> > > 1b8f2456b9 x86: Use CHECK_FEATURE_PRESENT to check HLE [BZ
> > > #27398]
> > > 54fdfa2b33 x86: Black list more Intel CPUs for TSX [BZ #27398]
> > > 0a5f5e2dc1 x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]
> > > 5cb6edb6cd x86: Copy IBT and SHSTK usable only if CET is enabled
> > >
> > > $ git log --oneline 3e2a15c666e40e5ee740e5079c56d83469280323... |
> > > wc -l
> > > 23
> > >
> > >
> > >
> > > >
> > > > On Wed, Apr 20, 2022 at 8:05 PM Randy MacLeod
> > > > <randy.macleod@windriver.com> wrote:
> > > > > On 2022-01-30 01:20, Pgowda wrote:
> > > > > > glibc-2.33 has been upgraded to latest version that
> > > > > > includes many CVE and
> > > > > > other bug fixes. Ran the regressions and results are
> > > > > > better.
> > > > > >
> > > > > > Signed-off-by: pgowda <pgowda.cve@gmail.com>
> > > > > > ---
> > > > > > meta/recipes-core/glibc/glibc-version.inc | 2 +-
> > > > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > > > >
> > > > > > diff --git a/meta/recipes-core/glibc/glibc-version.inc
> > > > > > b/meta/recipes-core/glibc/glibc-version.inc
> > > > > > index 63241ee951..e1eefdee49 100644
> > > > > > --- a/meta/recipes-core/glibc/glibc-version.inc
> > > > > > +++ b/meta/recipes-core/glibc/glibc-version.inc
> > > > > > @@ -1,6 +1,6 @@
> > > > > > SRCBRANCH ?= "release/2.33/master"
> > > > > > PV = "2.33"
> > > > > > -SRCREV_glibc ?= "55b99e9ed07688019609bd4dcd17d3ebf4572948"
> > > > > > +SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323"
> > > > > > SRCREV_localedef ?=
> > > > > > "bd644c9e6f3e20c5504da1488448173c69c56c28"
> > > > > >
> > > > > > GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
> > > > > >
> > > > > >
> > > > > >
> > > > > Naveen, Anuj, Richard,
> > > > >
> > > > > Is there time to do this one last time for hardknott to pick
> > > > > up these
> > > > > 67 bug fixes in glibc?
> > > > >
> > > > > We're particularily interested in:
> > > > >
> > > > > 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix
> > > > > race
> > > > > condition [BZ #28353]
> > > > >
> > > > > but there seem to be many good bug fixes and optimizations in
> > > > > the list.
> > > > >
> > > > > Naveen, please try it and test ASAP.
> > > > >
> > > > > ../Randy
> > > > >
> > > > > 5eddc29c92 2022-04-13 (HEAD -> release/2.33/master,
> > > > > origin/release/2.33/master) S390: Add new s390 platform z16.
> > > > > c78ad8eb47 2022-03-15 hppa: Use END instead of PSEUDO_END
> > > > > in
> > > > > swapcontext.S
> > > > > 32f74d4f14 2022-03-15 hppa: Implement swapcontext in
> > > > > assembler (bug
> > > > > 28960)
> > > > > baa74e8589 2022-03-06 hppa: Fix warnings from
> > > > > _dl_lookup_address
> > > > > 6d9525b620 2022-02-28 nptl: Fix cleanups for stack grows
> > > > > up [BZ# 28899]
> > > > > 8f56ecc19b 2022-02-22 hppa: Revise gettext trampoline
> > > > > design
> > > > > ea94346dbe 2022-02-18 hppa: Fix swapcontext
> > > > > aeab7584c2 2022-03-06 Fix elf/tst-audit2 on hppa
> > > > > f341ab08fc 2022-02-18 NEWS: Add a bug fix entry for BZ
> > > > > #28896
> > > > > 24e95955aa 2022-02-18 x86: Fix TEST_NAME to make it a
> > > > > string in
> > > > > tst-strncmp-rtm.c
> > > > > 6f8e99b567 2022-02-18 x86: Test wcscmp RTM in the wcsncmp
> > > > > overflow
> > > > > case [BZ #28896]
> > > > > a3cd0fe201 2022-02-15 x86: Fallback {str|wcs}cmp RTM in
> > > > > the ncmp
> > > > > overflow case [BZ #28896]
> > > > > cb922428dc 2022-02-17 string: Add a testcase for wcsncmp
> > > > > with
> > > > > SIZE_MAX [BZ #28755]
> > > > > 211cce703d 2021-02-02 <bits/platform/x86.h>: Correct
> > > > > x86_cpu_TBM
> > > > > 55446dd8a2 2021-11-22 socket: Do not use AF_NETLINK in
> > > > > __opensock
> > > > > 9495d729f6 2021-10-18 hurd if_index: Explicitly use
> > > > > AF_INET for if
> > > > > index discovery
> > > > > 78d25827ae 2021-09-28 Linux: Simplify __opensock and fix
> > > > > race
> > > > > condition [BZ #28353]
> > > > > 1956ad4930 2021-07-08 x86-64: Test strlen and wcslen with
> > > > > 0 in the
> > > > > RSI register [BZ #28064]
> > > > > 260360e89b 2021-07-08 x86: Remove wcsnlen-sse4_1 from
> > > > > wcslen
> > > > > ifunc-impl-list [BZ #28064]
> > > > > 1b8f2456b9 2022-01-24 x86: Use CHECK_FEATURE_PRESENT to
> > > > > check HLE
> > > > > [BZ #27398]
> > > > > 54fdfa2b33 2022-01-14 x86: Black list more Intel CPUs for
> > > > > TSX [BZ
> > > > > #27398]
> > > > > 0a5f5e2dc1 2021-06-30 x86: Check RTM_ALWAYS_ABORT for RTM
> > > > > [BZ #28033]
> > > > > 5cb6edb6cd 2021-06-23 x86: Copy IBT and SHSTK usable only
> > > > > if CET is
> > > > > enabled
> > > > > 3e2a15c666 2021-04-19 x86-64: Require BMI2 for
> > > > > __strlen_evex and
> > > > > __strnlen_evex
> > > > > 25941de34e 2022-01-27 NEWS: Add a bug fix entry for BZ
> > > > > #27974
> > > > > 2b00ee820a 2021-06-09 String: Add overflow tests for
> > > > > strnlen,
> > > > > memchr, and strncat [BZ #27974]
> > > > > 8a3a0177c7 2021-04-19 x86: Optimize strlen-evex.S
> > > > > cef3bffade 2021-06-23 x86: Fix overflow bug in wcsnlen-
> > > > > sse4_1 and
> > > > > wcsnlen-avx2 [BZ #27974]
> > > > > 3ac5a7fe8b 2021-06-23 x86-64: Add wcslen optimize for
> > > > > sse4.1
> > > > > 5697e2dda8 2021-06-22 x86-64: Move strlen.S to
> > > > > multiarch/strlen-vec.S
> > > > > 3dea108f60 2021-05-07 x86-64: Fix an unknown vector
> > > > > operation in
> > > > > memchr-evex.S
> > > > > 355afae940 2021-05-03 x86: Optimize memchr-evex.S
> > > > > b72b89705e 2021-04-19 x86: Optimize strlen-avx2.S
> > > > > 453ed0a0f2 2021-06-09 x86: Fix overflow bug with wmemchr-
> > > > > sse2 and
> > > > > wmemchr-avx2 [BZ #27974]
> > > > > e09c377806 2021-05-03 x86: Optimize memchr-avx2.S
> > > > > 902af2f5ee 2022-01-27 NEWS: Add a bug fix entry for BZ
> > > > > #27457
> > > > > 31dd3e3cb3 2021-04-01 x86-64: Fix ifdef indentation in
> > > > > strlen-evex.S
> > > > > d49105cc7a 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512
> > > > > memmove
> > > > > family functions
> > > > > 763cea698b 2021-03-07 x86-64: Use ZMM16-ZMM31 in AVX512
> > > > > memset
> > > > > family functions
> > > > > 82f1ba9af7 2021-02-23 x86: Add string/memory function
> > > > > tests in RTM
> > > > > region
> > > > > 0598a25cbe 2021-03-05 x86-64: Add AVX optimized
> > > > > string/memory
> > > > > functions for RTM
> > > > > 15bae38c8b 2021-03-05 x86-64: Add memcmp family functions
> > > > > with
> > > > > 256-bit EVEX
> > > > > 47bf9f38bb 2021-03-05 x86-64: Add memset family functions
> > > > > with
> > > > > 256-bit EVEX
> > > > > 1697e739ef 2021-03-05 x86-64: Add memmove family
> > > > > functions with
> > > > > 256-bit EVEX
> > > > > 06d1aed51b 2021-03-05 x86-64: Add strcpy family functions
> > > > > with
> > > > > 256-bit EVEX
> > > > > 9cee072f8f 2021-03-05 x86-64: Add ifunc-avx2.h functions
> > > > > with
> > > > > 256-bit EVEX
> > > > > f0a2b67147 2021-02-26 x86: Set Prefer_No_VZEROUPPER and
> > > > > add
> > > > > Prefer_AVX2_STRCMP
> > > > > a744a0a3fe 2021-03-27 test-strnlen.c: Check that strnlen
> > > > > won't go
> > > > > beyond the maximum length
> > > > > 6b7b6c7514 2021-03-27 test-strnlen.c: Initialize wchar_t
> > > > > string with
> > > > > wmemset [BZ #27655]
> > > > > 86c153d092 2022-01-26 NEWS: Add a bug fix entry for BZ
> > > > > #28755
> > > > > 3d52239b30 2022-01-09 x86: Fix __wcsncmp_avx2 in strcmp-
> > > > > avx2.S [BZ#
> > > > > 28755]
> > > > > d251ad533e 2021-06-01 aarch64: align stack in clone [BZ
> > > > > #27939]
> > > > > 06ce5fbd6d 2021-06-25 support: Fix xclone build failures
> > > > > on ia64 and
> > > > > hppa
> > > > > 48d9161e02 2022-01-24 Linux: Detect user namespace
> > > > > support in
> > > > > io/tst-getcwd-smallbuff
> > > > > 41980af2d7 2022-01-24 realpath: Avoid overwriting
> > > > > preexisting error
> > > > > (CVE-2021-3998)
> > > > > bcdde07537 2022-01-21 getcwd: Set errno to ERANGE for
> > > > > size == 1
> > > > > (CVE-2021-3999)
> > > > > 46a70c49ba 2021-03-10 support: Add xclone
> > > > > f63cb3cf72 2022-01-24 tst-realpath-toolong: Fix hurd
> > > > > build
> > > > > e41e5b97e3 2022-01-13 realpath: Set errno to ENAMETOOLONG
> > > > > for result
> > > > > larger than PATH_MAX [BZ #28770]
> > > > > e081bafcb1 2022-01-18 support: Add helpers to create
> > > > > paths longer
> > > > > than PATH_MAX
> > > > > ac148bdd88 2021-06-25 elf: Fix glibc-hwcaps priorities
> > > > > with cache
> > > > > flags mismatches [BZ #27046]
> > > > > 5cab4e3f3a 2021-09-25 powerpc: Fix unrecognized
> > > > > instruction errors
> > > > > with recent binutils
> > > > > 0f70b829f8 2022-01-17 CVE-2022-23218: Buffer overflow in
> > > > > sunrpc
> > > > > svcunix_create (bug 28768)
> > > > > 4f4452721d 2021-03-09 <shlib-compat.h>: Support
> > > > > compat_symbol_reference for _ISOMAC
> > > > > dae9a8e7f6 2022-01-17 sunrpc: Test case for clnt_create
> > > > > "unix"
> > > > > buffer overflow (bug 22542)
> > > > > 4653cd9e36 2022-01-17 CVE-2022-23219: Buffer overflow in
> > > > > sunrpc
> > > > > clnt_create for "unix" (bug 22542)
> > > > > f10e992e8d 2022-01-17 socket: Add the __sockaddr_un_set
> > > > > function
> > > > > a51b76b71e 2022-01-17 x86: use default cache size if it
> > > > > cannot be
> > > > > determined [BZ #28784]
> > > > >
> > > > > --
> > > > > # Randy MacLeod
> > > > > # Wind River Linux
> > > > >
> > >
> > > --
> > > # Randy MacLeod
> > > # Wind River Linux
> > >
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164719):
> https://lists.openembedded.org/g/openembedded-core/message/164719
> Mute This Topic: https://lists.openembedded.org/mt/88782078/3616702
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe:
> https://lists.openembedded.org/g/openembedded-core/unsub [
> anuj.mittal@intel.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2022-04-21 16:46 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-17 2:51 [hardknott][PATCH] glibc: upgrade glibc-2.33 to latest version Pgowda
2021-10-17 5:05 ` [OE-core] " Khem Raj
2021-10-25 7:29 ` pgowda cve
2021-10-27 1:24 ` Mittal, Anuj
2022-01-30 6:20 pgowda
2022-04-20 14:35 ` [OE-core] " Randy MacLeod
2022-04-20 15:30 ` pgowda cve
2022-04-20 15:41 ` Randy MacLeod
2022-04-20 16:14 ` pgowda cve
2022-04-20 16:53 ` Randy MacLeod
2022-04-20 23:18 ` Mittal, Anuj
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).