summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README.OE-Core10
-rwxr-xr-xbitbake/bin/bitbake-worker12
-rw-r--r--bitbake/lib/bb/build.py6
-rw-r--r--bitbake/lib/bb/cache.py3
-rw-r--r--bitbake/lib/bb/cooker.py30
-rw-r--r--bitbake/lib/bb/data_smart.py4
-rw-r--r--bitbake/lib/bb/fetch2/__init__.py6
-rw-r--r--bitbake/lib/bb/fetch2/git.py25
-rw-r--r--bitbake/lib/bb/fetch2/npmsw.py4
-rw-r--r--bitbake/lib/bb/fetch2/perforce.py2
-rw-r--r--bitbake/lib/bb/fetch2/wget.py2
-rw-r--r--bitbake/lib/bb/persist_data.py5
-rw-r--r--bitbake/lib/bb/process.py2
-rw-r--r--bitbake/lib/bb/runqueue.py34
-rw-r--r--bitbake/lib/bb/server/process.py5
-rw-r--r--bitbake/lib/bb/server/xmlrpcserver.py1
-rw-r--r--bitbake/lib/bb/tests/fetch.py35
-rw-r--r--bitbake/lib/bb/tests/runqueue.py2
-rw-r--r--bitbake/lib/bb/utils.py13
-rw-r--r--bitbake/lib/hashserv/server.py4
-rw-r--r--bitbake/lib/toaster/orm/fixtures/oe-core.xml12
-rw-r--r--bitbake/lib/toaster/orm/fixtures/poky.xml18
-rw-r--r--bitbake/lib/toaster/orm/fixtures/settings.xml2
-rw-r--r--bitbake/lib/toaster/orm/models.py2
-rw-r--r--bitbake/lib/toaster/tests/builds/buildtest.py2
-rw-r--r--bitbake/lib/toaster/toastergui/templates/projectconf.html16
-rw-r--r--documentation/bsp-guide/bsp.rst6
-rw-r--r--documentation/conf.py23
-rw-r--r--documentation/overview-manual/yp-intro.rst2
-rw-r--r--documentation/poky.yaml13
-rw-r--r--documentation/ref-manual/migration-3.0.rst5
-rw-r--r--documentation/ref-manual/system-requirements.rst2
-rw-r--r--documentation/ref-manual/tasks.rst19
-rw-r--r--documentation/releases.rst38
-rw-r--r--documentation/sphinx-static/switchers.js8
-rw-r--r--meta-poky/conf/distro/include/gcsections.inc2
-rw-r--r--meta-poky/conf/distro/poky.conf4
-rw-r--r--meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb2
-rw-r--r--meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded2
-rw-r--r--meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb2
-rw-r--r--meta-selftest/recipes-test/gitrepotest/gitrepotest.bb16
-rw-r--r--meta-selftest/recipes-test/gitrepotest/gitrepotest/0001-testpatch.patch9
-rw-r--r--meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend8
-rw-r--r--meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend8
-rw-r--r--meta/classes/buildhistory.bbclass30
-rw-r--r--meta/classes/cross-canadian.bbclass2
-rw-r--r--meta/classes/cve-check.bbclass2
-rw-r--r--meta/classes/devupstream.bbclass2
-rw-r--r--meta/classes/externalsrc.bbclass9
-rw-r--r--meta/classes/mirrors.bbclass2
-rw-r--r--meta/classes/package.bbclass6
-rw-r--r--meta/classes/patch.bbclass7
-rw-r--r--meta/classes/populate_sdk_base.bbclass11
-rw-r--r--meta/classes/reproducible_build.bbclass11
-rw-r--r--meta/classes/rootfs-postcommands.bbclass2
-rw-r--r--meta/classes/sanity.bbclass2
-rw-r--r--meta/classes/sstate.bbclass30
-rw-r--r--meta/classes/testimage.bbclass7
-rw-r--r--meta/classes/toaster.bbclass8
-rw-r--r--meta/classes/uboot-sign.bbclass16
-rw-r--r--meta/classes/uninative.bbclass4
-rw-r--r--meta/conf/distro/include/cve-extra-exclusions.inc9
-rw-r--r--meta/conf/distro/include/default-distrovars.inc4
-rw-r--r--meta/conf/distro/include/maintainers.inc2
-rw-r--r--meta/conf/distro/include/yocto-uninative.inc11
-rw-r--r--meta/conf/machine/include/arm/arch-armv8-5a.inc19
-rw-r--r--meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc22
-rw-r--r--meta/conf/machine/include/tune-cortexa72.inc12
-rw-r--r--meta/conf/multilib.conf2
-rw-r--r--meta/files/toolchain-shar-relocate.sh2
-rw-r--r--meta/lib/oe/patch.py21
-rw-r--r--meta/lib/oe/reproducible.py2
-rw-r--r--meta/lib/oe/sdk.py4
-rw-r--r--meta/lib/oe/utils.py3
-rw-r--r--meta/lib/oeqa/manual/eclipse-plugin.json6
-rw-r--r--meta/lib/oeqa/runtime/cases/parselogs.py14
-rw-r--r--meta/lib/oeqa/selftest/cases/bbtests.py35
-rw-r--r--meta/lib/oeqa/selftest/cases/devtool.py9
-rw-r--r--meta/lib/oeqa/selftest/cases/fetch.py2
-rw-r--r--meta/lib/oeqa/selftest/cases/glibc.py2
-rw-r--r--meta/lib/oeqa/selftest/cases/recipetool.py8
-rw-r--r--meta/lib/oeqa/selftest/cases/reproducible.py10
-rw-r--r--meta/lib/oeqa/selftest/cases/runtime_test.py7
-rw-r--r--meta/lib/oeqa/selftest/cases/sstatetests.py2
-rw-r--r--meta/recipes-bsp/efibootmgr/efibootmgr_17.bb2
-rw-r--r--meta/recipes-bsp/efivar/efivar_37.bb2
-rw-r--r--meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch49
-rw-r--r--meta/recipes-bsp/grub/grub2.inc1
-rw-r--r--meta/recipes-bsp/opensbi/opensbi_0.9.bb2
-rw-r--r--meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb2
-rw-r--r--meta/recipes-bsp/u-boot/u-boot-common.inc2
-rw-r--r--meta/recipes-connectivity/avahi/files/local-ping.patch1
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch76
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch65
-rw-r--r--meta/recipes-connectivity/bind/bind_9.16.16.bb2
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome_0.7.bb2
-rw-r--r--meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch67
-rw-r--r--meta/recipes-connectivity/inetutils/inetutils_2.0.bb1
-rw-r--r--meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb2
-rw-r--r--meta/recipes-connectivity/libuv/libuv_1.41.0.bb2
-rw-r--r--meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb7
-rw-r--r--meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch49
-rw-r--r--meta/recipes-connectivity/openssh/openssh_8.5p1.bb1
-rw-r--r--meta/recipes-connectivity/openssl/openssl/reproducibility.patch22
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.1.1n.bb (renamed from meta/recipes-connectivity/openssl/openssl_1.1.1l.bb)4
-rw-r--r--meta/recipes-connectivity/socat/socat_1.7.4.1.bb2
-rw-r--r--meta/recipes-core/busybox/busybox-inittab_1.33.2.bb (renamed from meta/recipes-core/busybox/busybox-inittab_1.33.0.bb)0
-rw-r--r--meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch3266
-rw-r--r--meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch30
-rw-r--r--meta/recipes-core/busybox/busybox_1.33.2.bb (renamed from meta/recipes-core/busybox/busybox_1.33.1.bb)4
-rw-r--r--meta/recipes-core/dbus-wait/dbus-wait_git.bb2
-rw-r--r--meta/recipes-core/expat/expat/CVE-2021-45960.patch65
-rw-r--r--meta/recipes-core/expat/expat/CVE-2021-46143.patch49
-rw-r--r--meta/recipes-core/expat/expat/CVE-2022-22822-27.patch257
-rw-r--r--meta/recipes-core/expat/expat/CVE-2022-23852.patch33
-rw-r--r--meta/recipes-core/expat/expat/CVE-2022-23990.patch49
-rw-r--r--meta/recipes-core/expat/expat/CVE-2022-25235.patch261
-rw-r--r--meta/recipes-core/expat/expat/CVE-2022-25236-1.patch116
-rw-r--r--meta/recipes-core/expat/expat/CVE-2022-25236-2.patch232
-rw-r--r--meta/recipes-core/expat/expat_2.2.10.bb14
-rw-r--r--meta/recipes-core/fts/fts_1.2.7.bb2
-rw-r--r--meta/recipes-core/glibc/cross-localedef-native_2.33.bb2
-rw-r--r--meta/recipes-core/glibc/glibc-version.inc2
-rw-r--r--meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch40
-rw-r--r--meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch49
-rw-r--r--meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch147
-rw-r--r--meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch116
-rw-r--r--meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch58
-rw-r--r--meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch185
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch174
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2021-27645.patch51
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch76
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch61
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2021-35942.patch44
-rw-r--r--meta/recipes-core/glibc/glibc_2.33.bb12
-rw-r--r--meta/recipes-core/ifupdown/ifupdown_0.8.36.bb2
-rw-r--r--meta/recipes-core/images/build-appliance-image_15.0.0.bb2
-rwxr-xr-xmeta/recipes-core/initrdscripts/initramfs-framework/finish12
-rw-r--r--meta/recipes-core/initscripts/init-system-helpers_1.60.bb2
-rw-r--r--meta/recipes-core/libxcrypt/libxcrypt.inc2
-rw-r--r--meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch99
-rw-r--r--meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch209
-rw-r--r--meta/recipes-core/libxml/libxml2_2.9.10.bb4
-rw-r--r--meta/recipes-core/musl/libucontext_git.bb2
-rw-r--r--meta/recipes-core/musl/musl-obstack.bb2
-rw-r--r--meta/recipes-core/musl/musl-utils.bb2
-rw-r--r--meta/recipes-core/musl/musl_git.bb2
-rw-r--r--meta/recipes-core/ncurses/files/CVE-2021-39537.patch65
-rw-r--r--meta/recipes-core/ncurses/ncurses.inc2
-rw-r--r--meta/recipes-core/ncurses/ncurses_6.2.bb1
-rw-r--r--meta/recipes-core/netbase/netbase_6.2.bb2
-rw-r--r--meta/recipes-core/os-release/os-release.bb4
-rw-r--r--meta/recipes-core/psplash/psplash_git.bb2
-rw-r--r--meta/recipes-core/systemd/systemd.inc2
-rw-r--r--meta/recipes-core/update-rc.d/update-rc.d_0.8.bb2
-rw-r--r--meta/recipes-core/util-linux/util-linux_2.36.2.bb2
-rw-r--r--meta/recipes-core/zlib/zlib/CVE-2018-25032.patch347
-rw-r--r--meta/recipes-core/zlib/zlib_1.2.11.bb1
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.36.inc9
-rw-r--r--meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch201
-rw-r--r--meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch2006
-rw-r--r--meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch255
-rw-r--r--meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch170
-rw-r--r--meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch171
-rw-r--r--meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch102
-rw-r--r--meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch64
-rw-r--r--meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb8
-rw-r--r--meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb2
-rw-r--r--meta/recipes-devtools/ccache/ccache_4.2.1.bb (renamed from meta/recipes-devtools/ccache/ccache_4.2.bb)4
-rw-r--r--meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb2
-rw-r--r--meta/recipes-devtools/distcc/distcc_3.3.5.bb2
-rw-r--r--meta/recipes-devtools/dnf/dnf_4.6.0.bb2
-rw-r--r--meta/recipes-devtools/e2fsprogs/e2fsprogs.inc3
-rw-r--r--meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch66
-rw-r--r--meta/recipes-devtools/file/file_5.39.bb2
-rw-r--r--meta/recipes-devtools/gcc/gcc-10.3.inc (renamed from meta/recipes-devtools/gcc/gcc-10.2.inc)22
-rw-r--r--meta/recipes-devtools/gcc/gcc-cross-canadian_10.3.bb (renamed from meta/recipes-devtools/gcc/gcc-cross-canadian_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/gcc-cross_10.3.bb (renamed from meta/recipes-devtools/gcc/gcc-cross_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/gcc-crosssdk_10.3.bb (renamed from meta/recipes-devtools/gcc/gcc-crosssdk_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/gcc-runtime_10.3.bb (renamed from meta/recipes-devtools/gcc/gcc-runtime_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/gcc-sanitizers_10.3.bb (renamed from meta/recipes-devtools/gcc/gcc-sanitizers_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/gcc-source_10.3.bb (renamed from meta/recipes-devtools/gcc/gcc-source_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch138
-rw-r--r--meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch2906
-rw-r--r--meta/recipes-devtools/gcc/gcc/0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch66
-rw-r--r--meta/recipes-devtools/gcc/gcc/0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch202
-rw-r--r--meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch40
-rw-r--r--meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch2270
-rw-r--r--meta/recipes-devtools/gcc/gcc/0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch607
-rw-r--r--meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch103
-rw-r--r--meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch1724
-rw-r--r--meta/recipes-devtools/gcc/gcc/0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch658
-rw-r--r--meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch304
-rw-r--r--meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch138
-rw-r--r--meta/recipes-devtools/gcc/gcc/0005-CVE-2021-42574.patch575
-rw-r--r--meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch5
-rw-r--r--meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch2
-rw-r--r--meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch4
-rw-r--r--meta/recipes-devtools/gcc/gcc_10.3.bb (renamed from meta/recipes-devtools/gcc/gcc_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/libgcc-initial_10.3.bb (renamed from meta/recipes-devtools/gcc/libgcc-initial_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/libgcc_10.3.bb (renamed from meta/recipes-devtools/gcc/libgcc_10.2.bb)0
-rw-r--r--meta/recipes-devtools/gcc/libgfortran_10.3.bb (renamed from meta/recipes-devtools/gcc/libgfortran_10.2.bb)0
-rw-r--r--meta/recipes-devtools/glide/glide_0.13.3.bb2
-rw-r--r--meta/recipes-devtools/gnu-config/gnu-config_git.bb2
-rw-r--r--meta/recipes-devtools/go/go-1.16.15.inc (renamed from meta/recipes-devtools/go/go-1.16.7.inc)6
-rw-r--r--meta/recipes-devtools/go/go-binary-native_1.16.15.bb (renamed from meta/recipes-devtools/go/go-binary-native_1.16.7.bb)4
-rw-r--r--meta/recipes-devtools/go/go-cross-canadian_1.16.15.bb (renamed from meta/recipes-devtools/go/go-cross-canadian_1.16.7.bb)0
-rw-r--r--meta/recipes-devtools/go/go-cross_1.16.15.bb (renamed from meta/recipes-devtools/go/go-cross_1.16.7.bb)0
-rw-r--r--meta/recipes-devtools/go/go-crosssdk_1.16.15.bb (renamed from meta/recipes-devtools/go/go-crosssdk_1.16.7.bb)0
-rw-r--r--meta/recipes-devtools/go/go-native_1.16.15.bb (renamed from meta/recipes-devtools/go/go-native_1.16.7.bb)0
-rw-r--r--meta/recipes-devtools/go/go-runtime_1.16.15.bb (renamed from meta/recipes-devtools/go/go-runtime_1.16.7.bb)0
-rw-r--r--meta/recipes-devtools/go/go_1.16.15.bb (renamed from meta/recipes-devtools/go/go_1.16.7.bb)0
-rw-r--r--meta/recipes-devtools/libcomps/libcomps_0.1.15.bb2
-rw-r--r--meta/recipes-devtools/libdnf/libdnf_0.58.0.bb2
-rw-r--r--meta/recipes-devtools/librepo/librepo_1.13.0.bb2
-rw-r--r--meta/recipes-devtools/llvm/llvm_git.bb6
-rw-r--r--meta/recipes-devtools/m4/m4-1.4.18.inc1
-rw-r--r--meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch84
-rw-r--r--meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch431
-rw-r--r--meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb1
-rw-r--r--meta/recipes-devtools/mtd/mtd-utils_git.bb2
-rw-r--r--meta/recipes-devtools/ninja/ninja_1.10.2.bb2
-rw-r--r--meta/recipes-devtools/patchelf/patchelf/0001-merge-from-PR243.patch47
-rw-r--r--meta/recipes-devtools/patchelf/patchelf_0.12.bb3
-rwxr-xr-xmeta/recipes-devtools/pseudo/files/build-oldlibc20
-rw-r--r--meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch57
-rw-r--r--meta/recipes-devtools/pseudo/pseudo_git.bb9
-rw-r--r--meta/recipes-devtools/python-numpy/files/CVE-2021-41496.patch64
-rw-r--r--meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb1
-rw-r--r--meta/recipes-devtools/python/python3-pyelftools_0.27.bb2
-rw-r--r--meta/recipes-devtools/python/python3/0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch34
-rw-r--r--meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch20
-rw-r--r--meta/recipes-devtools/python/python3/makerace.patch23
-rw-r--r--meta/recipes-devtools/python/python3_3.9.9.bb (renamed from meta/recipes-devtools/python/python3_3.9.5.bb)4
-rw-r--r--meta/recipes-devtools/qemu/qemu.inc5
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-20196_1.patch54
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-20196_2.patch67
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch68
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch127
-rw-r--r--meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch53
-rw-r--r--meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch57
-rw-r--r--meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch28
-rw-r--r--meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch62
-rw-r--r--meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch332
-rw-r--r--meta/recipes-devtools/rpm/rpm_4.16.1.3.bb9
-rw-r--r--meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch35
-rw-r--r--meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch28
-rw-r--r--meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch28
-rw-r--r--meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch67
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch57
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch258
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch102
-rw-r--r--meta/recipes-devtools/ruby/ruby_3.0.3.bb (renamed from meta/recipes-devtools/ruby/ruby_3.0.1.bb)11
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch135
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch109
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch330
-rw-r--r--meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch316
-rw-r--r--meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb6
-rwxr-xr-xmeta/recipes-devtools/strace/strace/run-ptest9
-rw-r--r--meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb2
-rw-r--r--meta/recipes-devtools/tcf-agent/tcf-agent_git.bb2
-rw-r--r--meta/recipes-devtools/unfs3/unfs3_git.bb4
-rw-r--r--meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb2
-rw-r--r--meta/recipes-extended/bzip2/bzip2_1.0.8.bb2
-rw-r--r--meta/recipes-extended/cups/cups.inc2
-rw-r--r--meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch238
-rw-r--r--meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch65
-rw-r--r--meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch51
-rw-r--r--meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb3
-rw-r--r--meta/recipes-extended/go-examples/go-helloworld_0.1.bb2
-rw-r--r--meta/recipes-extended/iputils/iputils_s20200821.bb2
-rw-r--r--meta/recipes-extended/libaio/libaio_0.3.112.bb2
-rw-r--r--meta/recipes-extended/libarchive/libarchive_3.5.3.bb (renamed from meta/recipes-extended/libarchive/libarchive_3.5.1.bb)2
-rw-r--r--meta/recipes-extended/libnsl/libnsl2_git.bb2
-rw-r--r--meta/recipes-extended/libnss-nis/libnss-nis.bb2
-rw-r--r--meta/recipes-extended/libsolv/libsolv_0.7.17.bb2
-rw-r--r--meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch97
-rw-r--r--meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb1
-rw-r--r--meta/recipes-extended/ltp/ltp_20210121.bb2
-rw-r--r--meta/recipes-extended/mc/files/0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch87
-rw-r--r--meta/recipes-extended/mc/mc_4.8.26.bb5
-rw-r--r--meta/recipes-extended/net-tools/net-tools_2.10.bb2
-rw-r--r--meta/recipes-extended/newt/libnewt_0.52.21.bb2
-rw-r--r--meta/recipes-extended/pigz/files/0001-Fix-bug-when-combining-l-with-d.patch50
-rw-r--r--meta/recipes-extended/pigz/pigz_2.6.bb3
-rw-r--r--meta/recipes-extended/procps/procps_3.3.17.bb2
-rw-r--r--meta/recipes-extended/psmisc/psmisc_23.4.bb2
-rw-r--r--meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb2
-rw-r--r--meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb2
-rw-r--r--meta/recipes-extended/timezone/timezone.inc7
-rw-r--r--meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb2
-rw-r--r--meta/recipes-extended/zip/zip-3.0/0001-configure-use-correct-CPP.patch47
-rw-r--r--meta/recipes-extended/zip/zip-3.0/0002-configure-support-PIC-code-build.patch34
-rw-r--r--meta/recipes-extended/zip/zip_3.0.bb2
-rw-r--r--meta/recipes-extended/zstd/zstd_1.4.9.bb2
-rw-r--r--meta/recipes-gnome/epiphany/epiphany_3.38.2.bb1
-rw-r--r--meta/recipes-gnome/epiphany/files/encode-untrusted-data.patch707
-rw-r--r--meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb2
-rw-r--r--meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb4
-rw-r--r--meta/recipes-gnome/libhandy/libhandy_1.2.0.bb2
-rw-r--r--meta/recipes-gnome/libportal/libportal_0.3.bb2
-rw-r--r--meta/recipes-graphics/glslang/glslang_11.2.0.bb2
-rw-r--r--meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb2
-rw-r--r--meta/recipes-graphics/libfakekey/libfakekey_git.bb2
-rw-r--r--meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb2
-rw-r--r--meta/recipes-graphics/libva/libva-utils_2.10.0.bb2
-rw-r--r--meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb2
-rw-r--r--meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch52
-rw-r--r--meta/recipes-graphics/mesa/mesa.inc3
-rw-r--r--meta/recipes-graphics/mx/mx-1.0_1.4.7.bb2
-rw-r--r--meta/recipes-graphics/piglit/piglit_git.bb2
-rw-r--r--meta/recipes-graphics/spir/spirv-headers_1.5.4.bb2
-rw-r--r--meta/recipes-graphics/spir/spirv-tools_2020.7.bb2
-rw-r--r--meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0135.patch117
-rw-r--r--meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0175.patch112
-rw-r--r--meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb4
-rw-r--r--meta/recipes-graphics/vulkan/assimp_5.0.1.bb2
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb2
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb2
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-samples_git.bb2
-rw-r--r--meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb2
-rw-r--r--meta/recipes-graphics/waffle/waffle_1.6.1.bb10
-rw-r--r--meta/recipes-graphics/wayland/wayland-protocols_1.20.bb4
-rw-r--r--meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb2
-rw-r--r--meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb2
-rw-r--r--meta/recipes-graphics/xorg-font/encodings_1.0.5.bb4
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg.inc10
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4008.patch59
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4009.patch50
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4010.patch39
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4011.patch40
-rw-r--r--meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb4
-rw-r--r--meta/recipes-kernel/blktrace/blktrace_git.bb2
-rw-r--r--meta/recipes-kernel/cryptodev/cryptodev.inc2
-rw-r--r--meta/recipes-kernel/dtc/dtc.inc2
-rw-r--r--meta/recipes-kernel/kern-tools/kern-tools-native_git.bb2
-rw-r--r--meta/recipes-kernel/kmod/kmod.inc2
-rw-r--r--meta/recipes-kernel/linux-firmware/linux-firmware_20220310.bb (renamed from meta/recipes-kernel/linux-firmware/linux-firmware_20210818.bb)7
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb6
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb6
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb8
-rw-r--r--meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb8
-rw-r--r--meta/recipes-kernel/linux/linux-yocto_5.10.bb26
-rw-r--r--meta/recipes-kernel/linux/linux-yocto_5.4.bb22
-rw-r--r--meta/recipes-kernel/lttng/lttng-modules_2.12.8.bb (renamed from meta/recipes-kernel/lttng/lttng-modules_2.12.6.bb)2
-rw-r--r--meta/recipes-kernel/powertop/powertop_2.13.bb2
-rw-r--r--meta/recipes-kernel/systemtap/systemtap_git.inc2
-rw-r--r--meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.02.18.bb (renamed from meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb)6
-rw-r--r--meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb4
-rw-r--r--meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb4
-rw-r--r--meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch41
-rw-r--r--meta/recipes-multimedia/flac/flac_1.3.3.bb1
-rw-r--r--meta/recipes-multimedia/gstreamer/gst-devtools_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gst-devtools_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gst-examples_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gst-examples_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch33
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.4.bb)3
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch14
-rw-r--r--meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.6.bb (renamed from meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.4.bb)2
-rw-r--r--meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch32
-rw-r--r--meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb1
-rw-r--r--meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch30
-rw-r--r--meta/recipes-multimedia/speex/speex_1.2.0.bb4
-rw-r--r--meta/recipes-multimedia/x264/x264_git.bb2
-rw-r--r--meta/recipes-sato/l3afpad/l3afpad_git.bb2
-rw-r--r--meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb2
-rw-r--r--meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb2
-rw-r--r--meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb2
-rw-r--r--meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb2
-rw-r--r--meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb2
-rw-r--r--meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb4
-rw-r--r--meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb2
-rw-r--r--meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb2
-rw-r--r--meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb5
-rw-r--r--meta/recipes-sato/webkit/webkitgtk/CVE-2021-42762.patch468
-rw-r--r--meta/recipes-sato/webkit/webkitgtk/reproducibility.patch22
-rw-r--r--meta/recipes-sato/webkit/webkitgtk_2.30.6.bb (renamed from meta/recipes-sato/webkit/webkitgtk_2.30.5.bb)4
-rw-r--r--meta/recipes-support/bmap-tools/bmap-tools_3.6.bb2
-rw-r--r--meta/recipes-support/boost/boost-build-native_4.3.0.bb2
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch80
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch26
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch33
-rw-r--r--meta/recipes-support/ca-certificates/ca-certificates_20211016.bb (renamed from meta/recipes-support/ca-certificates/ca-certificates_20210119.bb)7
-rw-r--r--meta/recipes-support/curl/curl/CVE-2021-22945.patch35
-rw-r--r--meta/recipes-support/curl/curl/CVE-2021-22946.patch333
-rw-r--r--meta/recipes-support/curl/curl/CVE-2021-22947.patch357
-rw-r--r--meta/recipes-support/curl/curl_7.75.0.bb8
-rw-r--r--meta/recipes-support/dos2unix/dos2unix_7.4.2.bb2
-rw-r--r--meta/recipes-support/gmp/gmp/cve-2021-43618.patch27
-rw-r--r--meta/recipes-support/gmp/gmp_6.2.1.bb1
-rw-r--r--meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb2
-rw-r--r--meta/recipes-support/gnupg/gnupg_2.2.27.bb1
-rw-r--r--meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch24
-rw-r--r--meta/recipes-support/gpgme/gpgme_1.15.1.bb3
-rw-r--r--meta/recipes-support/iso-codes/iso-codes_4.6.0.bb4
-rw-r--r--meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb (renamed from meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb)2
-rw-r--r--meta/recipes-support/libgit2/libgit2_1.1.0.bb2
-rw-r--r--meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb2
-rw-r--r--meta/recipes-support/libpcre/libpcre2_10.36.bb4
-rw-r--r--meta/recipes-support/libpcre/libpcre_8.44.bb2
-rw-r--r--meta/recipes-support/libunistring/libunistring_0.9.10.bb1
-rw-r--r--meta/recipes-support/libusb/libusb1_1.0.24.bb6
-rw-r--r--meta/recipes-support/lz4/lz4_1.9.3.bb2
-rw-r--r--meta/recipes-support/numactl/numactl_git.bb2
-rw-r--r--meta/recipes-support/p11-kit/p11-kit_0.23.22.bb2
-rw-r--r--meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb2
-rw-r--r--meta/recipes-support/rng-tools/rng-tools/rngd.service1
-rw-r--r--meta/recipes-support/rng-tools/rng-tools_6.11.bb2
-rw-r--r--meta/recipes-support/shared-mime-info/shared-mime-info_git.bb2
-rw-r--r--meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch13
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3778.patch34
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3875.patch37
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3903.patch38
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3927.patch32
-rw-r--r--meta/recipes-support/vim/files/CVE-2021-3928.patch34
-rw-r--r--meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch207
-rw-r--r--meta/recipes-support/vim/files/disable_acl_header_check.patch15
-rw-r--r--meta/recipes-support/vim/files/no-path-adjust.patch8
-rw-r--r--meta/recipes-support/vim/files/racefix.patch6
-rw-r--r--meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch13
-rw-r--r--meta/recipes-support/vim/vim.inc12
-rw-r--r--meta/recipes-support/xxhash/xxhash_0.8.0.bb2
-rwxr-xr-xscripts/buildhistory-diff5
-rwxr-xr-xscripts/contrib/convert-srcuri.py77
-rw-r--r--scripts/lib/checklayer/cases/common.py2
-rw-r--r--scripts/lib/devtool/deploy.py2
-rw-r--r--scripts/lib/recipetool/create.py16
-rw-r--r--scripts/lib/recipetool/create_buildsys.py3
-rw-r--r--scripts/lib/scriptutils.py10
-rw-r--r--scripts/lib/wic/engine.py6
-rw-r--r--scripts/lib/wic/help.py4
-rw-r--r--scripts/lib/wic/misc.py4
-rw-r--r--scripts/lib/wic/pluginbase.py8
-rw-r--r--scripts/lib/wic/plugins/imager/direct.py2
-rwxr-xr-xscripts/oe-pkgdata-browser2
-rwxr-xr-xscripts/runqemu3
-rwxr-xr-xscripts/runqemu-ifdown1
-rwxr-xr-xscripts/wic7
-rwxr-xr-xscripts/yocto-check-layer13
446 files changed, 23474 insertions, 4264 deletions
diff --git a/README.OE-Core b/README.OE-Core
index 521916cd4f..2f2127fb03 100644
--- a/README.OE-Core
+++ b/README.OE-Core
@@ -6,24 +6,24 @@ of OpenEmbedded. It is distro-less (can build a functional image with
DISTRO = "nodistro") and contains only emulated machine support.
For information about OpenEmbedded, see the OpenEmbedded website:
- http://www.openembedded.org/
+ https://www.openembedded.org/
The Yocto Project has extensive documentation about OE including a reference manual
which can be found at:
- http://yoctoproject.org/documentation
+ https://docs.yoctoproject.org/
Contributing
------------
Please refer to
-http://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded
+https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded
for guidelines on how to submit patches.
Mailing list:
- http://lists.openembedded.org/mailman/listinfo/openembedded-core
+ https://lists.openembedded.org/g/openembedded-core
Source code:
- http://git.openembedded.org/openembedded-core/
+ https://git.openembedded.org/openembedded-core/
diff --git a/bitbake/bin/bitbake-worker b/bitbake/bin/bitbake-worker
index 3ca8c1853b..4318ce6116 100755
--- a/bitbake/bin/bitbake-worker
+++ b/bitbake/bin/bitbake-worker
@@ -16,6 +16,8 @@ import signal
import pickle
import traceback
import queue
+import shlex
+import subprocess
from multiprocessing import Lock
from threading import Thread
@@ -145,6 +147,7 @@ def fork_off_task(cfg, data, databuilder, workerdata, fn, task, taskname, taskha
# a fork() or exec*() activates PSEUDO...
envbackup = {}
+ fakeroot = False
fakeenv = {}
umask = None
@@ -164,6 +167,7 @@ def fork_off_task(cfg, data, databuilder, workerdata, fn, task, taskname, taskha
# We can't use the fakeroot environment in a dry run as it possibly hasn't been built
if 'fakeroot' in taskdep and taskname in taskdep['fakeroot'] and not dry_run:
+ fakeroot = True
envvars = (workerdata["fakerootenv"][fn] or "").split()
for key, value in (var.split('=') for var in envvars):
envbackup[key] = os.environ.get(key)
@@ -282,7 +286,13 @@ def fork_off_task(cfg, data, databuilder, workerdata, fn, task, taskname, taskha
try:
if dry_run:
return 0
- return bb.build.exec_task(fn, taskname, the_data, cfg.profile)
+ try:
+ ret = bb.build.exec_task(fn, taskname, the_data, cfg.profile)
+ finally:
+ if fakeroot:
+ fakerootcmd = shlex.split(the_data.getVar("FAKEROOTCMD"))
+ subprocess.run(fakerootcmd + ['-S'], check=True, stdout=subprocess.PIPE)
+ return ret
except:
os._exit(1)
if not profiling:
diff --git a/bitbake/lib/bb/build.py b/bitbake/lib/bb/build.py
index ad031cc702..163572be8c 100644
--- a/bitbake/lib/bb/build.py
+++ b/bitbake/lib/bb/build.py
@@ -298,6 +298,10 @@ def exec_func_python(func, d, runfile, cwd=None):
comp = utils.better_compile(code, func, "exec_python_func() autogenerated")
utils.better_exec(comp, {"d": d}, code, "exec_python_func() autogenerated")
finally:
+ # We want any stdout/stderr to be printed before any other log messages to make debugging
+ # more accurate. In some cases we seem to lose stdout/stderr entirely in logging tests without this.
+ sys.stdout.flush()
+ sys.stderr.flush()
bb.debug(2, "Python function %s finished" % func)
if cwd and olddir:
@@ -703,7 +707,7 @@ def _exec_task(fn, task, d, quieterr):
# logs once already so don't duplicate
if verboseStdoutLogging:
errprinted = True
- logger.error(str(exc))
+ logger.error(repr(exc))
event.fire(TaskFailed(task, fn, logfn, localdata, errprinted), localdata)
return 1
finally:
diff --git a/bitbake/lib/bb/cache.py b/bitbake/lib/bb/cache.py
index 27eb271798..5f9c0a779d 100644
--- a/bitbake/lib/bb/cache.py
+++ b/bitbake/lib/bb/cache.py
@@ -19,7 +19,8 @@
import os
import logging
import pickle
-from collections import defaultdict, Mapping
+from collections import defaultdict
+from collections.abc import Mapping
import bb.utils
from bb import PrefixLoggerAdapter
import re
diff --git a/bitbake/lib/bb/cooker.py b/bitbake/lib/bb/cooker.py
index 89f1fad083..c946800a8c 100644
--- a/bitbake/lib/bb/cooker.py
+++ b/bitbake/lib/bb/cooker.py
@@ -388,12 +388,22 @@ class BBCooker:
# Create a new hash server bound to a unix domain socket
if not self.hashserv:
dbfile = (self.data.getVar("PERSISTENT_DIR") or self.data.getVar("CACHE")) + "/hashserv.db"
+ upstream = self.data.getVar("BB_HASHSERVE_UPSTREAM") or None
+ if upstream:
+ import socket
+ try:
+ sock = socket.create_connection(upstream.split(":"), 5)
+ sock.close()
+ except socket.error as e:
+ bb.warn("BB_HASHSERVE_UPSTREAM is not valid, unable to connect hash equivalence server at '%s': %s"
+ % (upstream, repr(e)))
+
self.hashservaddr = "unix://%s/hashserve.sock" % self.data.getVar("TOPDIR")
self.hashserv = hashserv.create_server(
self.hashservaddr,
dbfile,
sync=False,
- upstream=self.data.getVar("BB_HASHSERVE_UPSTREAM") or None,
+ upstream=upstream,
)
self.hashserv.process = multiprocessing.Process(target=self.hashserv.serve_forever)
self.hashserv.process.start()
@@ -805,7 +815,9 @@ class BBCooker:
for dep in rq.rqdata.runtaskentries[tid].depends:
(depmc, depfn, _, deptaskfn) = bb.runqueue.split_tid_mcfn(dep)
deppn = self.recipecaches[depmc].pkg_fn[deptaskfn]
- depend_tree["tdepends"][dotname].append("%s.%s" % (deppn, bb.runqueue.taskname_from_tid(dep)))
+ if depmc:
+ depmc = "mc:" + depmc + ":"
+ depend_tree["tdepends"][dotname].append("%s%s.%s" % (depmc, deppn, bb.runqueue.taskname_from_tid(dep)))
if taskfn not in seen_fns:
seen_fns.append(taskfn)
packages = []
@@ -2204,21 +2216,33 @@ class CookerParser(object):
yield not cached, mc, infos
def parse_generator(self):
- while True:
+ empty = False
+ while self.processes or not empty:
+ for process in self.processes.copy():
+ if not process.is_alive():
+ process.join()
+ self.processes.remove(process)
+
if self.parsed >= self.toparse:
break
try:
result = self.result_queue.get(timeout=0.25)
except queue.Empty:
+ empty = True
pass
else:
+ empty = False
value = result[1]
if isinstance(value, BaseException):
raise value
else:
yield result
+ if not (self.parsed >= self.toparse):
+ raise bb.parse.ParseError("Not all recipes parsed, parser thread killed/died? Exiting.", None)
+
+
def parse_next(self):
result = []
parsed = None
diff --git a/bitbake/lib/bb/data_smart.py b/bitbake/lib/bb/data_smart.py
index 8291ca65e3..65857a9c79 100644
--- a/bitbake/lib/bb/data_smart.py
+++ b/bitbake/lib/bb/data_smart.py
@@ -17,7 +17,7 @@ BitBake build tools.
# Based on functions from the base bb module, Copyright 2003 Holger Schurig
import copy, re, sys, traceback
-from collections import MutableMapping
+from collections.abc import MutableMapping
import logging
import hashlib
import bb, bb.codeparser
@@ -403,7 +403,7 @@ class DataSmart(MutableMapping):
s = __expand_python_regexp__.sub(varparse.python_sub, s)
except SyntaxError as e:
# Likely unmatched brackets, just don't expand the expression
- if e.msg != "EOL while scanning string literal":
+ if e.msg != "EOL while scanning string literal" and not e.msg.startswith("unterminated string literal"):
raise
if s == olds:
break
diff --git a/bitbake/lib/bb/fetch2/__init__.py b/bitbake/lib/bb/fetch2/__init__.py
index c8e91262a9..1005ec10c6 100644
--- a/bitbake/lib/bb/fetch2/__init__.py
+++ b/bitbake/lib/bb/fetch2/__init__.py
@@ -430,6 +430,7 @@ def uri_replace(ud, uri_find, uri_replace, replacements, d, mirrortarball=None):
uri_replace_decoded = list(decodeurl(uri_replace))
logger.debug2("For url %s comparing %s to %s" % (uri_decoded, uri_find_decoded, uri_replace_decoded))
result_decoded = ['', '', '', '', '', {}]
+ # 0 - type, 1 - host, 2 - path, 3 - user, 4- pswd, 5 - params
for loc, i in enumerate(uri_find_decoded):
result_decoded[loc] = uri_decoded[loc]
regexp = i
@@ -449,6 +450,9 @@ def uri_replace(ud, uri_find, uri_replace, replacements, d, mirrortarball=None):
for l in replacements:
uri_replace_decoded[loc][k] = uri_replace_decoded[loc][k].replace(l, replacements[l])
result_decoded[loc][k] = uri_replace_decoded[loc][k]
+ elif (loc == 3 or loc == 4) and uri_replace_decoded[loc]:
+ # User/password in the replacement is just a straight replacement
+ result_decoded[loc] = uri_replace_decoded[loc]
elif (re.match(regexp, uri_decoded[loc])):
if not uri_replace_decoded[loc]:
result_decoded[loc] = ""
@@ -871,7 +875,7 @@ def runfetchcmd(cmd, d, quiet=False, cleanup=None, log=None, workdir=None):
(output, errors) = bb.process.run(cmd, log=log, shell=True, stderr=subprocess.PIPE, cwd=workdir)
success = True
except bb.process.NotFoundError as e:
- error_message = "Fetch command %s" % (e.command)
+ error_message = "Fetch command %s not found" % (e.command)
except bb.process.ExecutionError as e:
if e.stdout:
output = "output:\n%s\n%s" % (e.stdout, e.stderr)
diff --git a/bitbake/lib/bb/fetch2/git.py b/bitbake/lib/bb/fetch2/git.py
index cf7424ebf4..d17e2f07b8 100644
--- a/bitbake/lib/bb/fetch2/git.py
+++ b/bitbake/lib/bb/fetch2/git.py
@@ -68,6 +68,7 @@ import subprocess
import tempfile
import bb
import bb.progress
+from contextlib import contextmanager
from bb.fetch2 import FetchMethod
from bb.fetch2 import runfetchcmd
from bb.fetch2 import logger
@@ -141,6 +142,10 @@ class Git(FetchMethod):
ud.proto = 'file'
else:
ud.proto = "git"
+ if ud.host == "github.com" and ud.proto == "git":
+ # github stopped supporting git protocol
+ # https://github.blog/2021-09-01-improving-git-protocol-security-github/#no-more-unauthenticated-git
+ ud.proto = "https"
if not ud.proto in ('git', 'file', 'ssh', 'http', 'https', 'rsync'):
raise bb.fetch2.ParameterError("Invalid protocol type", ud.url)
@@ -414,6 +419,20 @@ class Git(FetchMethod):
bb.utils.remove(tmpdir, recurse=True)
def build_mirror_data(self, ud, d):
+
+ # Create as a temp file and move atomically into position to avoid races
+ @contextmanager
+ def create_atomic(filename):
+ fd, tfile = tempfile.mkstemp(dir=os.path.dirname(filename))
+ try:
+ yield tfile
+ umask = os.umask(0o666)
+ os.umask(umask)
+ os.chmod(tfile, (0o666 & ~umask))
+ os.rename(tfile, filename)
+ finally:
+ os.close(fd)
+
if ud.shallow and ud.write_shallow_tarballs:
if not os.path.exists(ud.fullshallow):
if os.path.islink(ud.fullshallow):
@@ -424,7 +443,8 @@ class Git(FetchMethod):
self.clone_shallow_local(ud, shallowclone, d)
logger.info("Creating tarball of git repository")
- runfetchcmd("tar -czf %s ." % ud.fullshallow, d, workdir=shallowclone)
+ with create_atomic(ud.fullshallow) as tfile:
+ runfetchcmd("tar -czf %s ." % tfile, d, workdir=shallowclone)
runfetchcmd("touch %s.done" % ud.fullshallow, d)
finally:
bb.utils.remove(tempdir, recurse=True)
@@ -433,7 +453,8 @@ class Git(FetchMethod):
os.unlink(ud.fullmirror)
logger.info("Creating tarball of git repository")
- runfetchcmd("tar -czf %s ." % ud.fullmirror, d, workdir=ud.clonedir)
+ with create_atomic(ud.fullmirror) as tfile:
+ runfetchcmd("tar -czf %s ." % tfile, d, workdir=ud.clonedir)
runfetchcmd("touch %s.done" % ud.fullmirror, d)
def clone_shallow_local(self, ud, dest, d):
diff --git a/bitbake/lib/bb/fetch2/npmsw.py b/bitbake/lib/bb/fetch2/npmsw.py
index 0c3511d8ab..fdecbc6db6 100644
--- a/bitbake/lib/bb/fetch2/npmsw.py
+++ b/bitbake/lib/bb/fetch2/npmsw.py
@@ -29,6 +29,8 @@ from bb.fetch2.npm import npm_integrity
from bb.fetch2.npm import npm_localfile
from bb.fetch2.npm import npm_unpack
from bb.utils import is_semver
+from bb.utils import lockfile
+from bb.utils import unlockfile
def foreach_dependencies(shrinkwrap, callback=None, dev=False):
"""
@@ -187,7 +189,9 @@ class NpmShrinkWrap(FetchMethod):
proxy_ud = ud.proxy.ud[proxy_url]
proxy_d = ud.proxy.d
proxy_ud.setup_localpath(proxy_d)
+ lf = lockfile(proxy_ud.lockfile)
returns.append(handle(proxy_ud.method, proxy_ud, proxy_d))
+ unlockfile(lf)
return returns
def verify_donestamp(self, ud, d):
diff --git a/bitbake/lib/bb/fetch2/perforce.py b/bitbake/lib/bb/fetch2/perforce.py
index e2a41a4a12..3b6fa4b1ec 100644
--- a/bitbake/lib/bb/fetch2/perforce.py
+++ b/bitbake/lib/bb/fetch2/perforce.py
@@ -134,7 +134,7 @@ class Perforce(FetchMethod):
ud.setup_revisions(d)
- ud.localfile = d.expand('%s_%s_%s_%s.tar.gz' % (cleanedhost, cleanedpath, cleandedmodule, ud.revision))
+ ud.localfile = d.expand('%s_%s_%s_%s.tar.gz' % (cleanedhost, cleanedpath, cleanedmodule, ud.revision))
def _buildp4command(self, ud, d, command, depot_filename=None):
"""
diff --git a/bitbake/lib/bb/fetch2/wget.py b/bitbake/lib/bb/fetch2/wget.py
index 784df70c9f..7fa2a87ffd 100644
--- a/bitbake/lib/bb/fetch2/wget.py
+++ b/bitbake/lib/bb/fetch2/wget.py
@@ -322,7 +322,7 @@ class Wget(FetchMethod):
except (TypeError, ImportError, IOError, netrc.NetrcParseError):
pass
- with opener.open(r) as response:
+ with opener.open(r, timeout=30) as response:
pass
except urllib.error.URLError as e:
if try_again:
diff --git a/bitbake/lib/bb/persist_data.py b/bitbake/lib/bb/persist_data.py
index c6a209fb3f..6f32d81afe 100644
--- a/bitbake/lib/bb/persist_data.py
+++ b/bitbake/lib/bb/persist_data.py
@@ -12,6 +12,7 @@ currently, providing a key/value store accessed by 'domain'.
#
import collections
+import collections.abc
import contextlib
import functools
import logging
@@ -19,7 +20,7 @@ import os.path
import sqlite3
import sys
import warnings
-from collections import Mapping
+from collections.abc import Mapping
sqlversion = sqlite3.sqlite_version_info
if sqlversion[0] < 3 or (sqlversion[0] == 3 and sqlversion[1] < 3):
@@ -29,7 +30,7 @@ if sqlversion[0] < 3 or (sqlversion[0] == 3 and sqlversion[1] < 3):
logger = logging.getLogger("BitBake.PersistData")
@functools.total_ordering
-class SQLTable(collections.MutableMapping):
+class SQLTable(collections.abc.MutableMapping):
class _Decorators(object):
@staticmethod
def retry(*, reconnect=True):
diff --git a/bitbake/lib/bb/process.py b/bitbake/lib/bb/process.py
index d5a1775fce..af5d804a1d 100644
--- a/bitbake/lib/bb/process.py
+++ b/bitbake/lib/bb/process.py
@@ -60,7 +60,7 @@ class Popen(subprocess.Popen):
"close_fds": True,
"preexec_fn": subprocess_setup,
"stdout": subprocess.PIPE,
- "stderr": subprocess.STDOUT,
+ "stderr": subprocess.PIPE,
"stdin": subprocess.PIPE,
"shell": False,
}
diff --git a/bitbake/lib/bb/runqueue.py b/bitbake/lib/bb/runqueue.py
index 10511a09dc..cd10da8b3a 100644
--- a/bitbake/lib/bb/runqueue.py
+++ b/bitbake/lib/bb/runqueue.py
@@ -926,38 +926,36 @@ class RunQueueData:
#
# Once all active tasks are marked, prune the ones we don't need.
- delcount = {}
- for tid in list(self.runtaskentries.keys()):
- if tid not in runq_build:
- delcount[tid] = self.runtaskentries[tid]
- del self.runtaskentries[tid]
-
# Handle --runall
if self.cooker.configuration.runall:
# re-run the mark_active and then drop unused tasks from new list
+ reduced_tasklist = set(self.runtaskentries.keys())
+ for tid in list(self.runtaskentries.keys()):
+ if tid not in runq_build:
+ reduced_tasklist.remove(tid)
runq_build = {}
for task in self.cooker.configuration.runall:
if not task.startswith("do_"):
task = "do_{0}".format(task)
runall_tids = set()
- for tid in list(self.runtaskentries):
+ for tid in reduced_tasklist:
wanttid = "{0}:{1}".format(fn_from_tid(tid), task)
- if wanttid in delcount:
- self.runtaskentries[wanttid] = delcount[wanttid]
if wanttid in self.runtaskentries:
runall_tids.add(wanttid)
for tid in list(runall_tids):
- mark_active(tid,1)
+ mark_active(tid, 1)
if self.cooker.configuration.force:
invalidate_task(tid, False)
- for tid in list(self.runtaskentries.keys()):
- if tid not in runq_build:
- delcount[tid] = self.runtaskentries[tid]
- del self.runtaskentries[tid]
+ delcount = set()
+ for tid in list(self.runtaskentries.keys()):
+ if tid not in runq_build:
+ delcount.add(tid)
+ del self.runtaskentries[tid]
+ if self.cooker.configuration.runall:
if len(self.runtaskentries) == 0:
bb.msg.fatal("RunQueue", "Could not find any tasks with the tasknames %s to run within the recipes of the taskgraphs of the targets %s" % (str(self.cooker.configuration.runall), str(self.targets)))
@@ -971,16 +969,16 @@ class RunQueueData:
for task in self.cooker.configuration.runonly:
if not task.startswith("do_"):
task = "do_{0}".format(task)
- runonly_tids = { k: v for k, v in self.runtaskentries.items() if taskname_from_tid(k) == task }
+ runonly_tids = [k for k in self.runtaskentries.keys() if taskname_from_tid(k) == task]
- for tid in list(runonly_tids):
- mark_active(tid,1)
+ for tid in runonly_tids:
+ mark_active(tid, 1)
if self.cooker.configuration.force:
invalidate_task(tid, False)
for tid in list(self.runtaskentries.keys()):
if tid not in runq_build:
- delcount[tid] = self.runtaskentries[tid]
+ delcount.add(tid)
del self.runtaskentries[tid]
if len(self.runtaskentries) == 0:
diff --git a/bitbake/lib/bb/server/process.py b/bitbake/lib/bb/server/process.py
index 07bb785a18..b11c903e08 100644
--- a/bitbake/lib/bb/server/process.py
+++ b/bitbake/lib/bb/server/process.py
@@ -26,6 +26,7 @@ import errno
import re
import datetime
import pickle
+import gc
import bb.server.xmlrpcserver
from bb import daemonize
from multiprocessing import queues
@@ -659,7 +660,7 @@ class BBUIEventQueue:
self.reader = ConnectionReader(readfd)
self.t = threading.Thread()
- self.t.setDaemon(True)
+ self.t.daemon = True
self.t.run = self.startCallbackHandler
self.t.start()
@@ -737,8 +738,10 @@ class ConnectionWriter(object):
def send(self, obj):
obj = multiprocessing.reduction.ForkingPickler.dumps(obj)
+ gc.disable()
with self.wlock:
self.writer.send_bytes(obj)
+ gc.enable()
def fileno(self):
return self.writer.fileno()
diff --git a/bitbake/lib/bb/server/xmlrpcserver.py b/bitbake/lib/bb/server/xmlrpcserver.py
index 2fa71be667..01f55538ae 100644
--- a/bitbake/lib/bb/server/xmlrpcserver.py
+++ b/bitbake/lib/bb/server/xmlrpcserver.py
@@ -11,6 +11,7 @@ import hashlib
import time
import inspect
from xmlrpc.server import SimpleXMLRPCServer, SimpleXMLRPCRequestHandler
+import bb.server.xmlrpcclient
import bb
diff --git a/bitbake/lib/bb/tests/fetch.py b/bitbake/lib/bb/tests/fetch.py
index 53bfc2ad68..19ea725ac6 100644
--- a/bitbake/lib/bb/tests/fetch.py
+++ b/bitbake/lib/bb/tests/fetch.py
@@ -431,6 +431,10 @@ class MirrorUriTest(FetcherTest):
("git://someserver.org/bitbake;tag=1234567890123456789012345678901234567890;branch=master", "git://someserver.org/bitbake;branch=master", "git://git.openembedded.org/bitbake;protocol=http")
: "git://git.openembedded.org/bitbake;tag=1234567890123456789012345678901234567890;branch=master;protocol=http",
+ ("git://user1@someserver.org/bitbake;tag=1234567890123456789012345678901234567890;branch=master", "git://someserver.org/bitbake;branch=master", "git://user2@git.openembedded.org/bitbake;protocol=http")
+ : "git://user2@git.openembedded.org/bitbake;tag=1234567890123456789012345678901234567890;branch=master;protocol=http",
+
+
#Renaming files doesn't work
#("http://somewhere.org/somedir1/somefile_1.2.3.tar.gz", "http://somewhere.org/somedir1/somefile_1.2.3.tar.gz", "http://somewhere2.org/somedir3/somefile_2.3.4.tar.gz") : "http://somewhere2.org/somedir3/somefile_2.3.4.tar.gz"
#("file://sstate-xyz.tgz", "file://.*/.*", "file:///somewhere/1234/sstate-cache") : "file:///somewhere/1234/sstate-cache/sstate-xyz.tgz",
@@ -491,7 +495,7 @@ class GitDownloadDirectoryNamingTest(FetcherTest):
super(GitDownloadDirectoryNamingTest, self).setUp()
self.recipe_url = "git://git.openembedded.org/bitbake"
self.recipe_dir = "git.openembedded.org.bitbake"
- self.mirror_url = "git://github.com/openembedded/bitbake.git"
+ self.mirror_url = "git://github.com/openembedded/bitbake.git;protocol=https"
self.mirror_dir = "github.com.openembedded.bitbake.git"
self.d.setVar('SRCREV', '82ea737a0b42a8b53e11c9cde141e9e9c0bd8c40')
@@ -539,7 +543,7 @@ class TarballNamingTest(FetcherTest):
super(TarballNamingTest, self).setUp()
self.recipe_url = "git://git.openembedded.org/bitbake"
self.recipe_tarball = "git2_git.openembedded.org.bitbake.tar.gz"
- self.mirror_url = "git://github.com/openembedded/bitbake.git"
+ self.mirror_url = "git://github.com/openembedded/bitbake.git;protocol=https"
self.mirror_tarball = "git2_github.com.openembedded.bitbake.git.tar.gz"
self.d.setVar('BB_GENERATE_MIRROR_TARBALLS', '1')
@@ -573,7 +577,7 @@ class GitShallowTarballNamingTest(FetcherTest):
super(GitShallowTarballNamingTest, self).setUp()
self.recipe_url = "git://git.openembedded.org/bitbake"
self.recipe_tarball = "gitshallow_git.openembedded.org.bitbake_82ea737-1_master.tar.gz"
- self.mirror_url = "git://github.com/openembedded/bitbake.git"
+ self.mirror_url = "git://github.com/openembedded/bitbake.git;protocol=https"
self.mirror_tarball = "gitshallow_github.com.openembedded.bitbake.git_82ea737-1_master.tar.gz"
self.d.setVar('BB_GIT_SHALLOW', '1')
@@ -985,7 +989,7 @@ class FetcherNetworkTest(FetcherTest):
def test_git_submodule_dbus_broker(self):
# The following external repositories have show failures in fetch and unpack operations
# We want to avoid regressions!
- url = "gitsm://github.com/bus1/dbus-broker;protocol=git;rev=fc874afa0992d0c75ec25acb43d344679f0ee7d2;branch=main"
+ url = "gitsm://github.com/bus1/dbus-broker;protocol=https;rev=fc874afa0992d0c75ec25acb43d344679f0ee7d2;branch=main"
fetcher = bb.fetch.Fetch([url], self.d)
fetcher.download()
# Previous cwd has been deleted
@@ -1001,7 +1005,7 @@ class FetcherNetworkTest(FetcherTest):
@skipIfNoNetwork()
def test_git_submodule_CLI11(self):
- url = "gitsm://github.com/CLIUtils/CLI11;protocol=git;rev=bd4dc911847d0cde7a6b41dfa626a85aab213baf"
+ url = "gitsm://github.com/CLIUtils/CLI11;protocol=https;rev=bd4dc911847d0cde7a6b41dfa626a85aab213baf;branch=main"
fetcher = bb.fetch.Fetch([url], self.d)
fetcher.download()
# Previous cwd has been deleted
@@ -1016,12 +1020,12 @@ class FetcherNetworkTest(FetcherTest):
@skipIfNoNetwork()
def test_git_submodule_update_CLI11(self):
""" Prevent regression on update detection not finding missing submodule, or modules without needed commits """
- url = "gitsm://github.com/CLIUtils/CLI11;protocol=git;rev=cf6a99fa69aaefe477cc52e3ef4a7d2d7fa40714"
+ url = "gitsm://github.com/CLIUtils/CLI11;protocol=https;rev=cf6a99fa69aaefe477cc52e3ef4a7d2d7fa40714;branch=main"
fetcher = bb.fetch.Fetch([url], self.d)
fetcher.download()
# CLI11 that pulls in a newer nlohmann-json
- url = "gitsm://github.com/CLIUtils/CLI11;protocol=git;rev=49ac989a9527ee9bb496de9ded7b4872c2e0e5ca"
+ url = "gitsm://github.com/CLIUtils/CLI11;protocol=https;rev=49ac989a9527ee9bb496de9ded7b4872c2e0e5ca;branch=main"
fetcher = bb.fetch.Fetch([url], self.d)
fetcher.download()
# Previous cwd has been deleted
@@ -1035,7 +1039,7 @@ class FetcherNetworkTest(FetcherTest):
@skipIfNoNetwork()
def test_git_submodule_aktualizr(self):
- url = "gitsm://github.com/advancedtelematic/aktualizr;branch=master;protocol=git;rev=d00d1a04cc2366d1a5f143b84b9f507f8bd32c44"
+ url = "gitsm://github.com/advancedtelematic/aktualizr;branch=master;protocol=https;rev=d00d1a04cc2366d1a5f143b84b9f507f8bd32c44"
fetcher = bb.fetch.Fetch([url], self.d)
fetcher.download()
# Previous cwd has been deleted
@@ -1055,7 +1059,7 @@ class FetcherNetworkTest(FetcherTest):
""" Prevent regression on deeply nested submodules not being checked out properly, even though they were fetched. """
# This repository also has submodules where the module (name), path and url do not align
- url = "gitsm://github.com/azure/iotedge.git;protocol=git;rev=d76e0316c6f324345d77c48a83ce836d09392699"
+ url = "gitsm://github.com/azure/iotedge.git;protocol=https;rev=d76e0316c6f324345d77c48a83ce836d09392699;branch=main"
fetcher = bb.fetch.Fetch([url], self.d)
fetcher.download()
# Previous cwd has been deleted
@@ -1113,7 +1117,7 @@ class SVNTest(FetcherTest):
bb.process.run("svn co %s svnfetch_co" % self.repo_url, cwd=self.tempdir)
# Github will emulate SVN. Use this to check if we're downloding...
- bb.process.run("svn propset svn:externals 'bitbake svn://vcs.pcre.org/pcre2/code' .",
+ bb.process.run("svn propset svn:externals 'bitbake https://github.com/PhilipHazel/pcre2.git' .",
cwd=os.path.join(self.tempdir, 'svnfetch_co', 'trunk'))
bb.process.run("svn commit --non-interactive -m 'Add external'",
cwd=os.path.join(self.tempdir, 'svnfetch_co', 'trunk'))
@@ -1231,7 +1235,7 @@ class FetchLatestVersionTest(FetcherTest):
test_git_uris = {
# version pattern "X.Y.Z"
- ("mx-1.0", "git://github.com/clutter-project/mx.git;branch=mx-1.4", "9b1db6b8060bd00b121a692f942404a24ae2960f", "")
+ ("mx-1.0", "git://github.com/clutter-project/mx.git;branch=mx-1.4;protocol=https", "9b1db6b8060bd00b121a692f942404a24ae2960f", "")
: "1.99.4",
# version pattern "vX.Y"
# mirror of git.infradead.org since network issues interfered with testing
@@ -1258,9 +1262,9 @@ class FetchLatestVersionTest(FetcherTest):
: "0.4.3",
("build-appliance-image", "git://git.yoctoproject.org/poky", "b37dd451a52622d5b570183a81583cc34c2ff555", "(?P<pver>(([0-9][\.|_]?)+[0-9]))")
: "11.0.0",
- ("chkconfig-alternatives-native", "git://github.com/kergoth/chkconfig;branch=sysroot", "cd437ecbd8986c894442f8fce1e0061e20f04dee", "chkconfig\-(?P<pver>((\d+[\.\-_]*)+))")
+ ("chkconfig-alternatives-native", "git://github.com/kergoth/chkconfig;branch=sysroot;protocol=https", "cd437ecbd8986c894442f8fce1e0061e20f04dee", "chkconfig\-(?P<pver>((\d+[\.\-_]*)+))")
: "1.3.59",
- ("remake", "git://github.com/rocky/remake.git", "f05508e521987c8494c92d9c2871aec46307d51d", "(?P<pver>(\d+\.(\d+\.)*\d*(\+dbg\d+(\.\d+)*)*))")
+ ("remake", "git://github.com/rocky/remake.git;protocol=https", "f05508e521987c8494c92d9c2871aec46307d51d", "(?P<pver>(\d+\.(\d+\.)*\d*(\+dbg\d+(\.\d+)*)*))")
: "3.82+dbg0.9",
}
@@ -1354,9 +1358,6 @@ class FetchCheckStatusTest(FetcherTest):
"http://downloads.yoctoproject.org/releases/opkg/opkg-0.1.7.tar.gz",
"http://downloads.yoctoproject.org/releases/opkg/opkg-0.3.0.tar.gz",
"ftp://sourceware.org/pub/libffi/libffi-1.20.tar.gz",
- "http://ftp.gnu.org/gnu/autoconf/autoconf-2.60.tar.gz",
- "https://ftp.gnu.org/gnu/chess/gnuchess-5.08.tar.gz",
- "https://ftp.gnu.org/gnu/gmp/gmp-4.0.tar.gz",
# GitHub releases are hosted on Amazon S3, which doesn't support HEAD
"https://github.com/kergoth/tslib/releases/download/1.1/tslib-1.1.tar.xz"
]
@@ -2047,7 +2048,7 @@ class GitShallowTest(FetcherTest):
@skipIfNoNetwork()
def test_bitbake(self):
- self.git('remote add --mirror=fetch origin git://github.com/openembedded/bitbake', cwd=self.srcdir)
+ self.git('remote add --mirror=fetch origin https://github.com/openembedded/bitbake', cwd=self.srcdir)
self.git('config core.bare true', cwd=self.srcdir)
self.git('fetch', cwd=self.srcdir)
diff --git a/bitbake/lib/bb/tests/runqueue.py b/bitbake/lib/bb/tests/runqueue.py
index 3d51779d6c..4f335b8f19 100644
--- a/bitbake/lib/bb/tests/runqueue.py
+++ b/bitbake/lib/bb/tests/runqueue.py
@@ -361,7 +361,7 @@ class RunQueueTests(unittest.TestCase):
def shutdown(self, tempdir):
# Wait for the hashserve socket to disappear else we'll see races with the tempdir cleanup
- while os.path.exists(tempdir + "/hashserve.sock"):
+ while (os.path.exists(tempdir + "/hashserve.sock") or os.path.exists(tempdir + "cache/hashserv.db-wal")):
time.sleep(0.5)
diff --git a/bitbake/lib/bb/utils.py b/bitbake/lib/bb/utils.py
index b282d09abf..2a150fe9c7 100644
--- a/bitbake/lib/bb/utils.py
+++ b/bitbake/lib/bb/utils.py
@@ -16,7 +16,8 @@ import bb.msg
import multiprocessing
import fcntl
import importlib
-from importlib import machinery
+import importlib.machinery
+import importlib.util
import itertools
import subprocess
import glob
@@ -451,6 +452,10 @@ def lockfile(name, shared=False, retry=True, block=False):
consider the possibility of sending a signal to the process to break
out - at which point you want block=True rather than retry=True.
"""
+ if len(name) > 255:
+ root, ext = os.path.splitext(name)
+ name = root[:255 - len(ext)] + ext
+
dirname = os.path.dirname(name)
mkdirhier(dirname)
@@ -487,7 +492,7 @@ def lockfile(name, shared=False, retry=True, block=False):
return lf
lf.close()
except OSError as e:
- if e.errno == errno.EACCES:
+ if e.errno == errno.EACCES or e.errno == errno.ENAMETOOLONG:
logger.error("Unable to acquire lock '%s', %s",
e.strerror, name)
sys.exit(1)
@@ -1616,7 +1621,9 @@ def load_plugins(logger, plugins, pluginpath):
logger.debug('Loading plugin %s' % name)
spec = importlib.machinery.PathFinder.find_spec(name, path=[pluginpath] )
if spec:
- return spec.loader.load_module()
+ mod = importlib.util.module_from_spec(spec)
+ spec.loader.exec_module(mod)
+ return mod
logger.debug('Loading plugins from %s...' % pluginpath)
diff --git a/bitbake/lib/hashserv/server.py b/bitbake/lib/hashserv/server.py
index a0dc0c170f..df0fa0a079 100644
--- a/bitbake/lib/hashserv/server.py
+++ b/bitbake/lib/hashserv/server.py
@@ -521,7 +521,7 @@ class Server(object):
def start_tcp_server(self, host, port):
self.server = self.loop.run_until_complete(
- asyncio.start_server(self.handle_client, host, port, loop=self.loop)
+ asyncio.start_server(self.handle_client, host, port)
)
for s in self.server.sockets:
@@ -546,7 +546,7 @@ class Server(object):
# Work around path length limits in AF_UNIX
os.chdir(os.path.dirname(path))
self.server = self.loop.run_until_complete(
- asyncio.start_unix_server(self.handle_client, os.path.basename(path), loop=self.loop)
+ asyncio.start_unix_server(self.handle_client, os.path.basename(path))
)
finally:
os.chdir(cwd)
diff --git a/bitbake/lib/toaster/orm/fixtures/oe-core.xml b/bitbake/lib/toaster/orm/fixtures/oe-core.xml
index 026d94869a..bb58c6f1bb 100644
--- a/bitbake/lib/toaster/orm/fixtures/oe-core.xml
+++ b/bitbake/lib/toaster/orm/fixtures/oe-core.xml
@@ -23,9 +23,9 @@
<field type="CharField" name="branch">master</field>
</object>
<object model="orm.bitbakeversion" pk="4">
- <field type="CharField" name="name">gatesgarth</field>
+ <field type="CharField" name="name">hardknott</field>
<field type="CharField" name="giturl">git://git.openembedded.org/bitbake</field>
- <field type="CharField" name="branch">1.48</field>
+ <field type="CharField" name="branch">1.50</field>
</object>
<!-- Releases available -->
@@ -51,11 +51,11 @@
<field type="TextField" name="helptext">Toaster will run your builds using the tip of the &lt;a href=\"http://cgit.openembedded.org/openembedded-core/log/\"&gt;OpenEmbedded master&lt;/a&gt; branch.</field>
</object>
<object model="orm.release" pk="4">
- <field type="CharField" name="name">gatesgarth</field>
- <field type="CharField" name="description">Openembedded Gatesgarth</field>
+ <field type="CharField" name="name">hardknott</field>
+ <field type="CharField" name="description">Openembedded Hardknott</field>
<field rel="ManyToOneRel" to="orm.bitbakeversion" name="bitbake_version">4</field>
- <field type="CharField" name="branch_name">gatesgarth</field>
- <field type="TextField" name="helptext">Toaster will run your builds using the tip of the &lt;a href=\"http://cgit.openembedded.org/openembedded-core/log/?h=gatesgarth\"&gt;OpenEmbedded Gatesgarth&lt;/a&gt; branch.</field>
+ <field type="CharField" name="branch_name">hardknott</field>
+ <field type="TextField" name="helptext">Toaster will run your builds using the tip of the &lt;a href=\"http://cgit.openembedded.org/openembedded-core/log/?h=hardknott\"&gt;OpenEmbedded Hardknott&lt;/a&gt; branch.</field>
</object>
<!-- Default layers for each release -->
diff --git a/bitbake/lib/toaster/orm/fixtures/poky.xml b/bitbake/lib/toaster/orm/fixtures/poky.xml
index a468a54c49..483d9d8fb4 100644
--- a/bitbake/lib/toaster/orm/fixtures/poky.xml
+++ b/bitbake/lib/toaster/orm/fixtures/poky.xml
@@ -26,9 +26,9 @@
<field type="CharField" name="dirpath">bitbake</field>
</object>
<object model="orm.bitbakeversion" pk="4">
- <field type="CharField" name="name">gatesgarth</field>
+ <field type="CharField" name="name">hardknott</field>
<field type="CharField" name="giturl">git://git.yoctoproject.org/poky</field>
- <field type="CharField" name="branch">gatesgarth</field>
+ <field type="CharField" name="branch">hardknott</field>
<field type="CharField" name="dirpath">bitbake</field>
</object>
@@ -56,11 +56,11 @@
<field type="TextField" name="helptext">Toaster will run your builds using the tip of the &lt;a href="http://git.yoctoproject.org/cgit/cgit.cgi/poky/log/"&gt;Yocto Project Master branch&lt;/a&gt;.</field>
</object>
<object model="orm.release" pk="4">
- <field type="CharField" name="name">gatesgarth</field>
- <field type="CharField" name="description">Yocto Project 3.2 "Gatesgarth"</field>
+ <field type="CharField" name="name">hardknott</field>
+ <field type="CharField" name="description">Yocto Project 3.2 "Hardknott"</field>
<field rel="ManyToOneRel" to="orm.bitbakeversion" name="bitbake_version">4</field>
- <field type="CharField" name="branch_name">gatesgarth</field>
- <field type="TextField" name="helptext">Toaster will run your builds using the tip of the &lt;a href="http://git.yoctoproject.org/cgit/cgit.cgi/poky/log/?h=gatesgarth"&gt;Yocto Project Gatesgarth branch&lt;/a&gt;.</field>
+ <field type="CharField" name="branch_name">hardknott</field>
+ <field type="TextField" name="helptext">Toaster will run your builds using the tip of the &lt;a href="http://git.yoctoproject.org/cgit/cgit.cgi/poky/log/?h=hardknott"&gt;Yocto Project Hardknott branch&lt;/a&gt;.</field>
</object>
<!-- Default project layers for each release -->
@@ -152,7 +152,7 @@
<field rel="ManyToOneRel" to="orm.layer" name="layer">1</field>
<field type="IntegerField" name="layer_source">0</field>
<field rel="ManyToOneRel" to="orm.release" name="release">4</field>
- <field type="CharField" name="branch">gatesgarth</field>
+ <field type="CharField" name="branch">hardknott</field>
<field type="CharField" name="dirpath">meta</field>
</object>
@@ -190,7 +190,7 @@
<field rel="ManyToOneRel" to="orm.layer" name="layer">2</field>
<field type="IntegerField" name="layer_source">0</field>
<field rel="ManyToOneRel" to="orm.release" name="release">4</field>
- <field type="CharField" name="branch">gatesgarth</field>
+ <field type="CharField" name="branch">hardknott</field>
<field type="CharField" name="dirpath">meta-poky</field>
</object>
@@ -228,7 +228,7 @@
<field rel="ManyToOneRel" to="orm.layer" name="layer">3</field>
<field type="IntegerField" name="layer_source">0</field>
<field rel="ManyToOneRel" to="orm.release" name="release">4</field>
- <field type="CharField" name="branch">gatesgarth</field>
+ <field type="CharField" name="branch">hardknott</field>
<field type="CharField" name="dirpath">meta-yocto-bsp</field>
</object>
</django-objects>
diff --git a/bitbake/lib/toaster/orm/fixtures/settings.xml b/bitbake/lib/toaster/orm/fixtures/settings.xml
index 78c0fdca7f..ab3ea021f5 100644
--- a/bitbake/lib/toaster/orm/fixtures/settings.xml
+++ b/bitbake/lib/toaster/orm/fixtures/settings.xml
@@ -19,7 +19,7 @@
<field type="CharField" name="value">${TOPDIR}/../sstate-cache</field>
</object>
<object model="orm.toastersetting" pk="6">
- <field type="CharField" name="name">DEFCONF_IMAGE_INSTALL_append</field>
+ <field type="CharField" name="name">DEFCONF_IMAGE_INSTALL:append</field>
<field type="CharField" name="value"></field>
</object>
<object model="orm.toastersetting" pk="7">
diff --git a/bitbake/lib/toaster/orm/models.py b/bitbake/lib/toaster/orm/models.py
index 7f7e922ade..f73951e213 100644
--- a/bitbake/lib/toaster/orm/models.py
+++ b/bitbake/lib/toaster/orm/models.py
@@ -1717,7 +1717,7 @@ class CustomImageRecipe(Recipe):
def generate_recipe_file_contents(self):
"""Generate the contents for the recipe file."""
- # If we have no excluded packages we only need to _append
+ # If we have no excluded packages we only need to :append
if self.excludes_set.count() == 0:
packages_conf = "IMAGE_INSTALL_append = \" "
diff --git a/bitbake/lib/toaster/tests/builds/buildtest.py b/bitbake/lib/toaster/tests/builds/buildtest.py
index 872bbd3775..13b51fb0d8 100644
--- a/bitbake/lib/toaster/tests/builds/buildtest.py
+++ b/bitbake/lib/toaster/tests/builds/buildtest.py
@@ -119,7 +119,7 @@ class BuildTest(unittest.TestCase):
if os.environ.get("TOASTER_TEST_USE_SSTATE_MIRROR"):
ProjectVariable.objects.get_or_create(
name="SSTATE_MIRRORS",
- value="file://.* http://autobuilder.yoctoproject.org/pub/sstate/PATH;downloadfilename=PATH",
+ value="file://.* http://sstate.yoctoproject.org/PATH;downloadfilename=PATH",
project=project)
ProjectTarget.objects.create(project=project,
diff --git a/bitbake/lib/toaster/toastergui/templates/projectconf.html b/bitbake/lib/toaster/toastergui/templates/projectconf.html
index bd49f1f585..c74adf0a7e 100644
--- a/bitbake/lib/toaster/toastergui/templates/projectconf.html
+++ b/bitbake/lib/toaster/toastergui/templates/projectconf.html
@@ -73,7 +73,7 @@
{% if image_install_append_defined %}
<dt>
- <span class="js-config-var-name js-config-var-managed-name">IMAGE_INSTALL_append</span>
+ <span class="js-config-var-name js-config-var-managed-name">IMAGE_INSTALL:append</span>
<span class="glyphicon glyphicon-question-sign get-help" title="Specifies additional packages to install into an image. If your build creates more than one image, the packages will be installed in all of them"></span>
</dt>
<dd class="variable-list">
@@ -83,7 +83,7 @@
<form id="change-image_install-form" class="form-inline" style="display:none;">
<div class="row">
<div class="col-md-4">
- <span class="help-block">To set IMAGE_INSTALL_append to more than one package, type the package names separated by a space.</span>
+ <span class="help-block">To set IMAGE_INSTALL:append to more than one package, type the package names separated by a space.</span>
</div>
</div>
<div class="form-group">
@@ -771,10 +771,10 @@ $(document).ready(function() {
{% if image_install_append_defined %}
- // init IMAGE_INSTALL_append trash icon
+ // init IMAGE_INSTALL:append trash icon
setDeleteTooltip($('#delete-image_install-icon'));
- // change IMAGE_INSTALL_append variable
+ // change IMAGE_INSTALL:append variable
$('#change-image_install-icon').click(function() {
// preset the edit value
var current_val = $("span#image_install").text().trim();
@@ -814,7 +814,7 @@ $(document).ready(function() {
$('#apply-change-image_install').click(function(){
// insure these non-empty values have single space prefix
var value = " " + $('#new-image_install').val().trim();
- postEditAjaxRequest({"configvarChange" : 'IMAGE_INSTALL_append:'+value});
+ postEditAjaxRequest({"configvarChange" : 'IMAGE_INSTALL:append:'+value});
$('#image_install').text(value);
$('#image_install').removeClass('text-muted');
$("#change-image_install-form").slideUp(function () {
@@ -826,10 +826,10 @@ $(document).ready(function() {
});
});
- // delete IMAGE_INSTALL_append variable value
+ // delete IMAGE_INSTALL:append variable value
$('#delete-image_install-icon').click(function(){
$(this).tooltip('hide');
- postEditAjaxRequest({"configvarChange" : 'IMAGE_INSTALL_append:'+''});
+ postEditAjaxRequest({"configvarChange" : 'IMAGE_INSTALL:append:'+''});
$('#image_install').parent().fadeOut(1000, function(){
$('#image_install').addClass('text-muted');
$('#image_install').text('Not set');
@@ -1011,7 +1011,7 @@ $(document).ready(function() {
$(".save").attr("disabled","disabled");
// Reload page if admin-removed core managed value is manually added back in
- if (0 <= " DISTRO DL_DIR IMAGE_FSTYPES IMAGE_INSTALL_append PACKAGE_CLASSES SSTATE_DIR ".indexOf( " "+variable+" " )) {
+ if (0 <= " DISTRO DL_DIR IMAGE_FSTYPES IMAGE_INSTALL:append PACKAGE_CLASSES SSTATE_DIR ".indexOf( " "+variable+" " )) {
// delayed reload to avoid race condition with postEditAjaxRequest
do_reload=true;
}
diff --git a/documentation/bsp-guide/bsp.rst b/documentation/bsp-guide/bsp.rst
index 89f1564422..daa7ba4bb2 100644
--- a/documentation/bsp-guide/bsp.rst
+++ b/documentation/bsp-guide/bsp.rst
@@ -166,8 +166,8 @@ section.
#. *Determine the BSP Layer You Want:* The Yocto Project supports many
BSPs, which are maintained in their own layers or in layers designed
to contain several BSPs. To get an idea of machine support through
- BSP layers, you can look at the `index of
- machines <&YOCTO_RELEASE_DL_URL;/machines>`__ for the release.
+ BSP layers, you can look at the :yocto_dl:`index of machines
+ </releases/yocto/&DISTRO_REL_TAG;/machines>`
#. *Optionally Clone the meta-intel BSP Layer:* If your hardware is
based on current Intel CPUs and devices, you can leverage this BSP
@@ -879,7 +879,7 @@ Yocto Project:
your BSP layer as listed in the ``recipes.txt`` file, which is found
in ``poky/meta`` directory of the :term:`Source Directory`
or in the OpenEmbedded-Core Layer (``openembedded-core``) at
- https://git.openembedded.org/openembedded-core/tree/meta.
+ :oe_git:`/openembedded-core/tree/meta`.
You should place recipes (``*.bb`` files) and recipe modifications
(``*.bbappend`` files) into ``recipes-*`` subdirectories by
diff --git a/documentation/conf.py b/documentation/conf.py
index d1c08a9c98..d2478ae00b 100644
--- a/documentation/conf.py
+++ b/documentation/conf.py
@@ -15,8 +15,27 @@
import os
import sys
import datetime
+try:
+ import yaml
+except ImportError:
+ sys.stderr.write("The Yocto Project Sphinx documentation requires PyYAML.\
+ \nPlease make sure to install pyyaml python package.\n")
+ sys.exit(1)
-current_version = "3.3.3"
+# current_version = "dev"
+# bitbake_version = "" # Leave empty for development branch
+# Obtain versions from poky.yaml instead
+with open("poky.yaml") as data:
+ buff = data.read()
+ subst_vars = yaml.safe_load(buff)
+ if "DOCCONF_VERSION" not in subst_vars:
+ sys.stderr.write("Please set DOCCONF_VERSION in poky.yaml")
+ sys.exit(1)
+ current_version = subst_vars["DOCCONF_VERSION"]
+ if "BITBAKE_SERIES" not in subst_vars:
+ sys.stderr.write("Please set BITBAKE_SERIES in poky.yaml")
+ sys.exit(1)
+ bitbake_version = subst_vars["BITBAKE_SERIES"]
# String used in sidebar
version = 'Version: ' + current_version
@@ -89,7 +108,7 @@ extlinks = {
# Intersphinx config to use cross reference with Bitbake user manual
intersphinx_mapping = {
- 'bitbake': ('https://docs.yoctoproject.org/bitbake/', None)
+ 'bitbake': ('https://docs.yoctoproject.org/bitbake/' + bitbake_version, None)
}
# -- Options for HTML output -------------------------------------------------
diff --git a/documentation/overview-manual/yp-intro.rst b/documentation/overview-manual/yp-intro.rst
index fca02e4cec..8e0c6a8cb1 100644
--- a/documentation/overview-manual/yp-intro.rst
+++ b/documentation/overview-manual/yp-intro.rst
@@ -221,7 +221,7 @@ your Metadata, the easier it is to cope with future changes.
possible.
- Familiarize yourself with the `Yocto Project curated layer
- index <https://www.yoctoproject.org/software-overview/layers/>`__
+ index :yocto_home:`/software-overview/layers/`
or the :oe_layerindex:`OpenEmbedded layer index <>`.
The latter contains more layers but they are less universally
validated.
diff --git a/documentation/poky.yaml b/documentation/poky.yaml
index 02c9bf3dcb..d57b4d7101 100644
--- a/documentation/poky.yaml
+++ b/documentation/poky.yaml
@@ -1,12 +1,14 @@
-DISTRO : "3.3.3"
+DISTRO : "3.3.6"
DISTRO_NAME_NO_CAP : "hardknott"
DISTRO_NAME : "Hardknott"
DISTRO_NAME_NO_CAP_MINUS_ONE : "gatesgarth"
DISTRO_NAME_NO_CAP_LTS : "gatesgarth"
-YOCTO_DOC_VERSION : "3.3.3"
+YOCTO_DOC_VERSION : "3.3.6"
YOCTO_DOC_VERSION_MINUS_ONE : "3.2.4"
-DISTRO_REL_TAG : "yocto-3.3.3"
-POKYVERSION : "25.0.3"
+DISTRO_REL_TAG : "yocto-3.3.6"
+DOCCONF_VERSION : "3.3.6"
+BITBAKE_SERIES : "1.50"
+POKYVERSION : "25.0.6"
YOCTO_POKY : "poky-&DISTRO_NAME_NO_CAP;-&POKYVERSION;"
YOCTO_DL_URL : "https://downloads.yoctoproject.org"
YOCTO_AB_URL : "https://autobuilder.yoctoproject.org"
@@ -19,7 +21,8 @@ FEDORA_HOST_PACKAGES_ESSENTIAL : "gawk make wget tar bzip2 gzip python3 unzip pe
diffutils diffstat git cpp gcc gcc-c++ glibc-devel texinfo chrpath \
ccache perl-Data-Dumper perl-Text-ParseWords perl-Thread-Queue perl-bignum socat \
python3-pexpect findutils which file cpio python python3-pip xz python3-GitPython \
- python3-jinja2 SDL-devel xterm rpcgen mesa-libGL-devel"
+ python3-jinja2 SDL-devel xterm rpcgen mesa-libGL-devel perl-FindBin perl-File-Compare \
+ perl-File-Copy perl-locale"
OPENSUSE_HOST_PACKAGES_ESSENTIAL : "python gcc gcc-c++ git chrpath make wget python-xml \
diffstat makeinfo python-curses patch socat python3 python3-curses tar python3-pip \
python3-pexpect xz which python3-Jinja2 Mesa-libEGL1 libSDL-devel xterm rpcgen Mesa-dri-devel
diff --git a/documentation/ref-manual/migration-3.0.rst b/documentation/ref-manual/migration-3.0.rst
index f3d20e2eda..2a475fc6f4 100644
--- a/documentation/ref-manual/migration-3.0.rst
+++ b/documentation/ref-manual/migration-3.0.rst
@@ -184,9 +184,8 @@ The following BitBake changes have occurred.
exceptions. Remove this argument in any calls to
``bb.build.exec_func()`` in custom classes or scripts.
-- The
- :term:`bitbake:BB_SETSCENE_VERIFY_FUNCTION2`
- is no longer used. In the unlikely event that you have any references
+- The ``BB_SETSCENE_VERIFY_FUNCTION2`` variable is no longer used.
+ In the unlikely event that you have any references
to it, they should be removed.
- The ``RunQueueExecuteScenequeue`` and ``RunQueueExecuteTasks`` events
diff --git a/documentation/ref-manual/system-requirements.rst b/documentation/ref-manual/system-requirements.rst
index 80378cedb7..38a3974a30 100644
--- a/documentation/ref-manual/system-requirements.rst
+++ b/documentation/ref-manual/system-requirements.rst
@@ -339,7 +339,7 @@ If you would prefer not to use the ``install-buildtools`` script, you can instea
download and run a pre-built buildtools installer yourself with the following
steps:
-1. Locate and download the ``*.sh`` at &YOCTO_RELEASE_DL_URL;/buildtools/
+1. Locate and download the ``*.sh`` at :yocto_dl:`/releases/yocto/&DISTRO_REL_TAG;/buildtools/`
2. Execute the installation script. Here is an example for the
traditional installer:
diff --git a/documentation/ref-manual/tasks.rst b/documentation/ref-manual/tasks.rst
index 9fe1c296aa..ca19908bc9 100644
--- a/documentation/ref-manual/tasks.rst
+++ b/documentation/ref-manual/tasks.rst
@@ -331,22 +331,19 @@ file as a patch file:
file://file;apply=yes \
"
-Conversely, if you have a directory full of patch files and you want to
-exclude some so that the ``do_patch`` task does not apply them during
-the patch phase, you can use the "apply=no" parameter with the
-``SRC_URI`` statement:
-::
+Conversely, if you have a file whose file type is ``.patch`` or ``.diff``
+and you want to exclude it so that the ``do_patch`` task does not apply
+it during the patch phase, you can use the "apply=no" parameter with the
+:term:`SRC_URI` statement::
SRC_URI = " \
git://path_to_repo/some_package \
- file://path_to_lots_of_patch_files \
- file://path_to_lots_of_patch_files/patch_file5;apply=no \
+ file://file1.patch \
+ file://file2.patch;apply=no \
"
-In the
-previous example, assuming all the files in the directory holding the
-patch files end with either ``.patch`` or ``.diff``, every file would be
-applied as a patch by default except for the ``patch_file5`` patch.
+In the previous example ``file1.patch`` would be applied as a patch by default
+while ``file2.patch`` would not be applied.
You can find out more about the patching process in the
":ref:`overview-manual/concepts:patching`" section in
diff --git a/documentation/releases.rst b/documentation/releases.rst
index 2b17cd6359..233448c68a 100644
--- a/documentation/releases.rst
+++ b/documentation/releases.rst
@@ -5,6 +5,15 @@
=========================
*******************************
+3.4 'honister' Release Series
+*******************************
+
+- :yocto_docs:`3.4 Documentation </3.4>`
+- :yocto_docs:`3.4.1 Documentation </3.4.1>`
+- :yocto_docs:`3.4.2 Documentation </3.4.2>`
+- :yocto_docs:`3.4.3 Documentation </3.4.3>`
+
+*******************************
3.3 'hardknott' Release Series
*******************************
@@ -12,17 +21,9 @@
- :yocto_docs:`3.3.1 Documentation </3.3.1>`
- :yocto_docs:`3.3.2 Documentation </3.3.2>`
- :yocto_docs:`3.3.3 Documentation </3.3.3>`
-
-
-*******************************
-3.2 'gatesgarth' Release Series
-*******************************
-
-- :yocto_docs:`3.2 Documentation </3.2>`
-- :yocto_docs:`3.2.1 Documentation </3.2.1>`
-- :yocto_docs:`3.2.2 Documentation </3.2.2>`
-- :yocto_docs:`3.2.3 Documentation </3.2.3>`
-- :yocto_docs:`3.2.4 Documentation </3.2.4>`
+- :yocto_docs:`3.3.4 Documentation </3.3.4>`
+- :yocto_docs:`3.3.5 Documentation </3.3.5>`
+- :yocto_docs:`3.3.6 Documentation </3.3.6>`
****************************
3.1 'dunfell' Release Series
@@ -39,11 +40,26 @@
- :yocto_docs:`3.1.8 Documentation </3.1.8>`
- :yocto_docs:`3.1.9 Documentation </3.1.9>`
- :yocto_docs:`3.1.10 Documentation </3.1.10>`
+- :yocto_docs:`3.1.11 Documentation </3.1.11>`
+- :yocto_docs:`3.1.12 Documentation </3.1.12>`
+- :yocto_docs:`3.1.13 Documentation </3.1.13>`
+- :yocto_docs:`3.1.14 Documentation </3.1.14>`
+- :yocto_docs:`3.1.15 Documentation </3.1.15>`
==========================
Previous Release Manuals
==========================
+*******************************
+3.2 'gatesgarth' Release Series
+*******************************
+
+- :yocto_docs:`3.2 Documentation </3.2>`
+- :yocto_docs:`3.2.1 Documentation </3.2.1>`
+- :yocto_docs:`3.2.2 Documentation </3.2.2>`
+- :yocto_docs:`3.2.3 Documentation </3.2.3>`
+- :yocto_docs:`3.2.4 Documentation </3.2.4>`
+
*************************
3.0 'zeus' Release Series
*************************
diff --git a/documentation/sphinx-static/switchers.js b/documentation/sphinx-static/switchers.js
index 7a4edc9e77..056a8926ba 100644
--- a/documentation/sphinx-static/switchers.js
+++ b/documentation/sphinx-static/switchers.js
@@ -2,9 +2,11 @@
'use strict';
var all_versions = {
- 'dev': 'dev (3.3)',
- '3.2.3': '3.2.3',
- '3.1.6': '3.1.6',
+ 'dev': 'dev (3.5)',
+ '3.4.1': '3.4.1',
+ '3.3.4': '3.3.4',
+ '3.2.4': '3.2.4',
+ '3.1.12': '3.1.12',
'3.0.4': '3.0.4',
'2.7.4': '2.7.4',
};
diff --git a/meta-poky/conf/distro/include/gcsections.inc b/meta-poky/conf/distro/include/gcsections.inc
index 7157373aa8..75d8613794 100644
--- a/meta-poky/conf/distro/include/gcsections.inc
+++ b/meta-poky/conf/distro/include/gcsections.inc
@@ -16,6 +16,8 @@ LDFLAGS_SECTION_REMOVAL_pn-grub = ""
# SDK packages with build problems using sections
CFLAGS_SECTION_REMOVAL_pn-nativesdk-glibc = ""
LDFLAGS_SECTION_REMOVAL_pn-nativesdk-glibc = ""
+CFLAGS_SECTION_REMOVAL_pn-nativesdk-cairo = ""
+LDFLAGS_SECTION_REMOVAL_pn-nativesdk-cairo = ""
CFLAGS_SECTION_REMOVAL_pn-nativesdk-mingw-w64-runtime = ""
LDFLAGS_SECTION_REMOVAL_pn-nativesdk-mingw-w64-runtime = ""
CFLAGS_SECTION_REMOVAL_pn-nativesdk-perl = ""
diff --git a/meta-poky/conf/distro/poky.conf b/meta-poky/conf/distro/poky.conf
index d3685618cf..0b78d65f18 100644
--- a/meta-poky/conf/distro/poky.conf
+++ b/meta-poky/conf/distro/poky.conf
@@ -1,6 +1,6 @@
DISTRO = "poky"
DISTRO_NAME = "Poky (Yocto Project Reference Distro)"
-DISTRO_VERSION = "3.3.3"
+DISTRO_VERSION = "3.3.6"
DISTRO_CODENAME = "hardknott"
SDK_VENDOR = "-pokysdk"
SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${METADATA_REVISION}', 'snapshot')}"
@@ -49,11 +49,13 @@ SANITY_TESTED_DISTROS ?= " \
fedora-31 \n \
fedora-32 \n \
fedora-33 \n \
+ fedora-34 \n \
centos-7 \n \
centos-8 \n \
debian-8 \n \
debian-9 \n \
debian-10 \n \
+ debian-11 \n \
opensuseleap-15.1 \n \
opensuseleap-15.2 \n \
"
diff --git a/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb b/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb
index 07b83276fb..8a27e3a791 100644
--- a/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb
+++ b/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb
@@ -11,7 +11,7 @@ SRCREV = "1a3e1343761b30750bed70e0fd688f6d3c7b3717"
PV = "0.1+git${SRCPV}"
PR = "r2"
-SRC_URI = "git://git.yoctoproject.org/dbus-wait"
+SRC_URI = "git://git.yoctoproject.org/dbus-wait;branch=master"
UPSTREAM_CHECK_COMMITS = "1"
RECIPE_NO_UPDATE_REASON = "This recipe is used to test devtool upgrade feature"
diff --git a/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded b/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded
index 32ec4b14fa..fbe90d6c6b 100644
--- a/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded
+++ b/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded
@@ -10,7 +10,7 @@ DEPENDS = "dbus"
SRCREV = "6cc6077a36fe2648a5f993fe7c16c9632f946517"
PV = "0.1+git${SRCPV}"
-SRC_URI = "git://git.yoctoproject.org/dbus-wait"
+SRC_URI = "git://git.yoctoproject.org/dbus-wait;branch=master"
UPSTREAM_CHECK_COMMITS = "1"
RECIPE_NO_UPDATE_REASON = "This recipe is used to test devtool upgrade feature"
diff --git a/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb b/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
index 9429564df4..cc5d7eae5a 100644
--- a/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
+++ b/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
@@ -5,5 +5,5 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda
INHIBIT_DEFAULT_DEPS = "1"
-SRC_URI = "gitsm://git.yoctoproject.org/git-submodule-test"
+SRC_URI = "gitsm://git.yoctoproject.org/git-submodule-test;branch=master"
SRCREV = "a2885dd7d25380d23627e7544b7bbb55014b16ee"
diff --git a/meta-selftest/recipes-test/gitrepotest/gitrepotest.bb b/meta-selftest/recipes-test/gitrepotest/gitrepotest.bb
new file mode 100644
index 0000000000..f1b6c55833
--- /dev/null
+++ b/meta-selftest/recipes-test/gitrepotest/gitrepotest.bb
@@ -0,0 +1,16 @@
+SUMMARY = "Test recipe for git repo initialization"
+HOMEPAGE = "https://git.yoctoproject.org/git/matchbox-panel-2"
+LICENSE = "GPL-2.0-or-later"
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
+
+INHIBIT_DEFAULT_DEPS = "1"
+
+PATCHTOOL="git"
+
+SRC_URI = "git://git.yoctoproject.org/git/matchbox-panel-2;branch=master;protocol=https \
+ file://0001-testpatch.patch \
+ "
+
+SRCREV = "f82ca3f42510fb3ef10f598b393eb373a2c34ca7"
+
+S = "${WORKDIR}/git"
diff --git a/meta-selftest/recipes-test/gitrepotest/gitrepotest/0001-testpatch.patch b/meta-selftest/recipes-test/gitrepotest/gitrepotest/0001-testpatch.patch
new file mode 100644
index 0000000000..bccda17ee9
--- /dev/null
+++ b/meta-selftest/recipes-test/gitrepotest/gitrepotest/0001-testpatch.patch
@@ -0,0 +1,9 @@
+diff --git a/Makefile.am b/Makefile.am
+index 432a9b4..bbf7c74 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -1,3 +1,4 @@
++## This is useless comment to test if patch works
+ ACLOCAL_AMFLAGS = -I m4
+
+ SUBDIRS = matchbox-panel applets data po
diff --git a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend
index 347a411341..b9bb9a087c 100644
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.10.bbappend
@@ -7,8 +7,8 @@ KMACHINE_genericx86 ?= "common-pc"
KMACHINE_genericx86-64 ?= "common-pc-64"
KMACHINE_beaglebone-yocto ?= "beaglebone"
-SRCREV_machine_genericx86 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4"
-SRCREV_machine_genericx86-64 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4"
+SRCREV_machine_genericx86 ?= "84f6a75f64961e59d61bf3d70ab17e8bb430386b"
+SRCREV_machine_genericx86-64 ?= "84f6a75f64961e59d61bf3d70ab17e8bb430386b"
SRCREV_machine_edgerouter ?= "4ab94e777d8b41ee1ee4c279259e9733bc8049b1"
SRCREV_machine_beaglebone-yocto ?= "941cc9c3849f96f7eaf109b1e35e05ba366aca56"
@@ -17,7 +17,7 @@ COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64"
COMPATIBLE_MACHINE_edgerouter = "edgerouter"
COMPATIBLE_MACHINE_beaglebone-yocto = "beaglebone-yocto"
-LINUX_VERSION_genericx86 = "5.10.63"
-LINUX_VERSION_genericx86-64 = "5.10.63"
+LINUX_VERSION_genericx86 = "5.10.99"
+LINUX_VERSION_genericx86-64 = "5.10.99"
LINUX_VERSION_edgerouter = "5.10.63"
LINUX_VERSION_beaglebone-yocto = "5.10.63"
diff --git a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
index 35147d2da8..b2824cbb1d 100644
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_5.4.bbappend
@@ -7,8 +7,8 @@ KMACHINE_genericx86 ?= "common-pc"
KMACHINE_genericx86-64 ?= "common-pc-64"
KMACHINE_beaglebone-yocto ?= "beaglebone"
-SRCREV_machine_genericx86 ?= "31db2b47ac7d8508080fbb7344399b501216de66"
-SRCREV_machine_genericx86-64 ?= "31db2b47ac7d8508080fbb7344399b501216de66"
+SRCREV_machine_genericx86 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064"
+SRCREV_machine_genericx86-64 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064"
SRCREV_machine_edgerouter ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd"
SRCREV_machine_beaglebone-yocto ?= "706efec4c1e270ec5dda92275898cd465dfdc7dd"
@@ -17,7 +17,7 @@ COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64"
COMPATIBLE_MACHINE_edgerouter = "edgerouter"
COMPATIBLE_MACHINE_beaglebone-yocto = "beaglebone-yocto"
-LINUX_VERSION_genericx86 = "5.4.94"
-LINUX_VERSION_genericx86-64 = "5.4.94"
+LINUX_VERSION_genericx86 = "5.4.178"
+LINUX_VERSION_genericx86-64 = "5.4.178"
LINUX_VERSION_edgerouter = "5.4.58"
LINUX_VERSION_beaglebone-yocto = "5.4.58"
diff --git a/meta/classes/buildhistory.bbclass b/meta/classes/buildhistory.bbclass
index 49af61c9c5..b2cf9aa28a 100644
--- a/meta/classes/buildhistory.bbclass
+++ b/meta/classes/buildhistory.bbclass
@@ -960,23 +960,19 @@ def write_latest_srcrev(d, pkghistdir):
value = value.replace('"', '').strip()
old_tag_srcrevs[key] = value
with open(srcrevfile, 'w') as f:
- orig_srcrev = d.getVar('SRCREV', False) or 'INVALID'
- if orig_srcrev != 'INVALID':
- f.write('# SRCREV = "%s"\n' % orig_srcrev)
- if len(srcrevs) > 1:
- for name, srcrev in sorted(srcrevs.items()):
- orig_srcrev = d.getVar('SRCREV_%s' % name, False)
- if orig_srcrev:
- f.write('# SRCREV_%s = "%s"\n' % (name, orig_srcrev))
- f.write('SRCREV_%s = "%s"\n' % (name, srcrev))
- else:
- f.write('SRCREV = "%s"\n' % next(iter(srcrevs.values())))
- if len(tag_srcrevs) > 0:
- for name, srcrev in sorted(tag_srcrevs.items()):
- f.write('# tag_%s = "%s"\n' % (name, srcrev))
- if name in old_tag_srcrevs and old_tag_srcrevs[name] != srcrev:
- pkg = d.getVar('PN')
- bb.warn("Revision for tag %s in package %s was changed since last build (from %s to %s)" % (name, pkg, old_tag_srcrevs[name], srcrev))
+ for name, srcrev in sorted(srcrevs.items()):
+ suffix = "_" + name
+ if name == "default":
+ suffix = ""
+ orig_srcrev = d.getVar('SRCREV%s' % suffix, False)
+ if orig_srcrev:
+ f.write('# SRCREV%s = "%s"\n' % (suffix, orig_srcrev))
+ f.write('SRCREV%s = "%s"\n' % (suffix, srcrev))
+ for name, srcrev in sorted(tag_srcrevs.items()):
+ f.write('# tag_%s = "%s"\n' % (name, srcrev))
+ if name in old_tag_srcrevs and old_tag_srcrevs[name] != srcrev:
+ pkg = d.getVar('PN')
+ bb.warn("Revision for tag %s in package %s was changed since last build (from %s to %s)" % (name, pkg, old_tag_srcrevs[name], srcrev))
else:
if os.path.exists(srcrevfile):
diff --git a/meta/classes/cross-canadian.bbclass b/meta/classes/cross-canadian.bbclass
index f5c9f61595..3fc9cac442 100644
--- a/meta/classes/cross-canadian.bbclass
+++ b/meta/classes/cross-canadian.bbclass
@@ -155,7 +155,7 @@ libexecdir = "${exec_prefix}/libexec/${TARGET_ARCH}${TARGET_VENDOR}-${TARGET_OS}
FILES_${PN} = "${prefix}"
-export PKG_CONFIG_DIR = "${STAGING_DIR_HOST}${layout_libdir}/pkgconfig"
+export PKG_CONFIG_DIR = "${STAGING_DIR_HOST}${exec_prefix}/lib/pkgconfig"
export PKG_CONFIG_SYSROOT_DIR = "${STAGING_DIR_HOST}"
do_populate_sysroot[stamp-extra-info] = ""
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 4fa1a64f85..a95e810605 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -110,6 +110,7 @@ python do_cve_check () {
}
addtask cve_check before do_build after do_fetch
+do_cve_check[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}"
do_cve_check[depends] = "cve-update-db-native:do_fetch"
do_cve_check[nostamp] = "1"
@@ -142,6 +143,7 @@ python cve_check_write_rootfs_manifest () {
manifest_name = d.getVar("CVE_CHECK_MANIFEST")
cve_tmp_file = d.getVar("CVE_CHECK_TMP_FILE")
+ bb.utils.mkdirhier(os.path.dirname(manifest_name))
shutil.copyfile(cve_tmp_file, manifest_name)
if manifest_name and os.path.exists(manifest_name):
diff --git a/meta/classes/devupstream.bbclass b/meta/classes/devupstream.bbclass
index 7780c5482c..97e137cb40 100644
--- a/meta/classes/devupstream.bbclass
+++ b/meta/classes/devupstream.bbclass
@@ -4,7 +4,7 @@
#
# Usage:
# BBCLASSEXTEND = "devupstream:target"
-# SRC_URI_class-devupstream = "git://git.example.com/example"
+# SRC_URI_class-devupstream = "git://git.example.com/example;branch=master"
# SRCREV_class-devupstream = "abcdef"
#
# If the first entry in SRC_URI is a git: URL then S is rewritten to
diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass
index 3d6b80bee2..9fe9d36f76 100644
--- a/meta/classes/externalsrc.bbclass
+++ b/meta/classes/externalsrc.bbclass
@@ -109,6 +109,15 @@ python () {
if local_srcuri and task in fetch_tasks:
continue
bb.build.deltask(task, d)
+ if bb.data.inherits_class('reproducible_build', d) and task == 'do_unpack':
+ # The reproducible_build's create_source_date_epoch_stamp function must
+ # be run after the source is available and before the
+ # do_deploy_source_date_epoch task. In the normal case, it's attached
+ # to do_unpack as a postfuncs, but since we removed do_unpack (above)
+ # we need to move the function elsewhere. The easiest thing to do is
+ # move it into the prefuncs of the do_deploy_source_date_epoch task.
+ # This is safe, as externalsrc runs with the source already unpacked.
+ d.prependVarFlag('do_deploy_source_date_epoch', 'prefuncs', 'create_source_date_epoch_stamp ')
d.prependVarFlag('do_compile', 'prefuncs', "externalsrc_compile_prefunc ")
d.prependVarFlag('do_configure', 'prefuncs', "externalsrc_configure_prefunc ")
diff --git a/meta/classes/mirrors.bbclass b/meta/classes/mirrors.bbclass
index 87bba41472..8a2c153d9b 100644
--- a/meta/classes/mirrors.bbclass
+++ b/meta/classes/mirrors.bbclass
@@ -62,6 +62,8 @@ ftp://.*/.* http://sources.openembedded.org/ \n \
npm://.*/?.* http://sources.openembedded.org/ \n \
${CPAN_MIRROR} http://cpan.metacpan.org/ \n \
${CPAN_MIRROR} http://search.cpan.org/CPAN/ \n \
+https?$://downloads.yoctoproject.org/releases/uninative/ https://mirrors.kernel.org/yocto/uninative/ \n \
+https?://downloads.yoctoproject.org/mirror/sources/ https://mirrors.kernel.org/yocto-sources/ \
"
# Use MIRRORS to provide git repo fallbacks using the https protocol, for cases
diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
index e3f0a7060b..5e51b89184 100644
--- a/meta/classes/package.bbclass
+++ b/meta/classes/package.bbclass
@@ -2079,12 +2079,12 @@ python package_do_pkgconfig () {
for pkg in packages.split():
pkgconfig_provided[pkg] = []
pkgconfig_needed[pkg] = []
- for file in pkgfiles[pkg]:
+ for file in sorted(pkgfiles[pkg]):
m = pc_re.match(file)
if m:
pd = bb.data.init()
name = m.group(1)
- pkgconfig_provided[pkg].append(name)
+ pkgconfig_provided[pkg].append(os.path.basename(name))
if not os.access(file, os.R_OK):
continue
with open(file, 'r') as f:
@@ -2107,7 +2107,7 @@ python package_do_pkgconfig () {
pkgs_file = os.path.join(shlibswork_dir, pkg + ".pclist")
if pkgconfig_provided[pkg] != []:
with open(pkgs_file, 'w') as f:
- for p in pkgconfig_provided[pkg]:
+ for p in sorted(pkgconfig_provided[pkg]):
f.write('%s\n' % p)
# Go from least to most specific since the last one found wins
diff --git a/meta/classes/patch.bbclass b/meta/classes/patch.bbclass
index cd491a563d..72bb1eb946 100644
--- a/meta/classes/patch.bbclass
+++ b/meta/classes/patch.bbclass
@@ -131,6 +131,9 @@ python patch_do_patch() {
patchdir = parm["patchdir"]
if not os.path.isabs(patchdir):
patchdir = os.path.join(s, patchdir)
+ if not os.path.isdir(patchdir):
+ bb.fatal("Target directory '%s' not found, patchdir '%s' is incorrect in patch file '%s'" %
+ (patchdir, parm["patchdir"], parm['patchname']))
else:
patchdir = s
@@ -147,12 +150,12 @@ python patch_do_patch() {
patchset.Import({"file":local, "strippath": parm['striplevel']}, True)
except Exception as exc:
bb.utils.remove(process_tmpdir, True)
- bb.fatal(str(exc))
+ bb.fatal("Importing patch '%s' with striplevel '%s'\n%s" % (parm['patchname'], parm['striplevel'], str(exc)))
try:
resolver.Resolve()
except bb.BBHandledException as e:
bb.utils.remove(process_tmpdir, True)
- bb.fatal(str(e))
+ bb.fatal("Applying patch '%s' on target directory '%s'\n%s" % (parm['patchname'], patchdir, str(e)))
bb.utils.remove(process_tmpdir, True)
del os.environ['TMPDIR']
diff --git a/meta/classes/populate_sdk_base.bbclass b/meta/classes/populate_sdk_base.bbclass
index 2d33611ddd..76757a3a9d 100644
--- a/meta/classes/populate_sdk_base.bbclass
+++ b/meta/classes/populate_sdk_base.bbclass
@@ -90,6 +90,8 @@ SDK_HOST_MANIFEST = "${SDKDEPLOYDIR}/${TOOLCHAIN_OUTPUTNAME}.host.manifest"
SDK_EXT_TARGET_MANIFEST = "${SDK_DEPLOY}/${TOOLCHAINEXT_OUTPUTNAME}.target.manifest"
SDK_EXT_HOST_MANIFEST = "${SDK_DEPLOY}/${TOOLCHAINEXT_OUTPUTNAME}.host.manifest"
+SDK_PRUNE_SYSROOT_DIRS ?= "/dev"
+
python write_target_sdk_manifest () {
from oe.sdk import sdk_list_installed_packages
from oe.utils import format_pkg_list
@@ -101,6 +103,12 @@ python write_target_sdk_manifest () {
output.write(format_pkg_list(pkgs, 'ver'))
}
+sdk_prune_dirs () {
+ for d in ${SDK_PRUNE_SYSROOT_DIRS}; do
+ rm -rf ${SDK_OUTPUT}${SDKTARGETSYSROOT}$d
+ done
+}
+
python write_sdk_test_data() {
from oe.data import export2json
testdata = "%s/%s.testdata.json" % (d.getVar('SDKDEPLOYDIR'), d.getVar('TOOLCHAIN_OUTPUTNAME'))
@@ -120,8 +128,9 @@ python write_host_sdk_manifest () {
}
POPULATE_SDK_POST_TARGET_COMMAND_append = " write_sdk_test_data ; "
-POPULATE_SDK_POST_TARGET_COMMAND_append_task-populate-sdk = " write_target_sdk_manifest ; "
+POPULATE_SDK_POST_TARGET_COMMAND_append_task-populate-sdk = " write_target_sdk_manifest; sdk_prune_dirs; "
POPULATE_SDK_POST_HOST_COMMAND_append_task-populate-sdk = " write_host_sdk_manifest; "
+
SDK_PACKAGING_COMMAND = "${@'${SDK_PACKAGING_FUNC};' if '${SDK_PACKAGING_FUNC}' else ''}"
SDK_POSTPROCESS_COMMAND = " create_sdk_files; check_sdk_sysroots; archive_sdk; ${SDK_PACKAGING_COMMAND} "
diff --git a/meta/classes/reproducible_build.bbclass b/meta/classes/reproducible_build.bbclass
index 1277764fab..62655c2a5b 100644
--- a/meta/classes/reproducible_build.bbclass
+++ b/meta/classes/reproducible_build.bbclass
@@ -90,11 +90,14 @@ python create_source_date_epoch_stamp() {
}
def get_source_date_epoch_value(d):
- cached = d.getVar('__CACHED_SOURCE_DATE_EPOCH')
- if cached:
+ epochfile = d.getVar('SDE_FILE')
+ cached, efile = d.getVar('__CACHED_SOURCE_DATE_EPOCH') or (None, None)
+ if cached and efile == epochfile:
return cached
- epochfile = d.getVar('SDE_FILE')
+ if cached and epochfile != efile:
+ bb.debug(1, "Epoch file changed from %s to %s" % (efile, epochfile))
+
source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK'))
try:
with open(epochfile, 'r') as f:
@@ -112,7 +115,7 @@ def get_source_date_epoch_value(d):
except FileNotFoundError:
bb.debug(1, "Cannot find %s. SOURCE_DATE_EPOCH will default to %d" % (epochfile, source_date_epoch))
- d.setVar('__CACHED_SOURCE_DATE_EPOCH', str(source_date_epoch))
+ d.setVar('__CACHED_SOURCE_DATE_EPOCH', (str(source_date_epoch), epochfile))
return str(source_date_epoch)
export SOURCE_DATE_EPOCH ?= "${@get_source_date_epoch_value(d)}"
diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass
index e66ed5938b..87b5751e24 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -60,7 +60,7 @@ python () {
}
systemd_create_users () {
- for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do
+ for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/*.conf; do
[ -e $conffile ] || continue
grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do
if [ "$type" = "u" ]; then
diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass
index a2ac4eeb80..c8a42dc8bf 100644
--- a/meta/classes/sanity.bbclass
+++ b/meta/classes/sanity.bbclass
@@ -395,7 +395,7 @@ def check_connectivity(d):
msg += " Please ensure your host's network is configured correctly.\n"
msg += " If your ISP or network is blocking the above URL,\n"
msg += " try with another domain name, for example by setting:\n"
- msg += " CONNECTIVITY_CHECK_URIS = \"https://www.yoctoproject.org/\""
+ msg += " CONNECTIVITY_CHECK_URIS = \"https://www.example.com/\""
msg += " You could also set BB_NO_NETWORK = \"1\" to disable network\n"
msg += " access if all required sources are on local disk.\n"
retval = msg
diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass
index 8b4bfc25b7..de6e7fa960 100644
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -20,7 +20,7 @@ def generate_sstatefn(spec, hash, taskname, siginfo, d):
components = spec.split(":")
# Fields 0,5,6 are mandatory, 1 is most useful, 2,3,4 are just for information
# 7 is for the separators
- avail = (254 - len(hash + "_" + taskname + extension) - len(components[0]) - len(components[1]) - len(components[5]) - len(components[6]) - 7) // 3
+ avail = (limit - len(hash + "_" + taskname + extension) - len(components[0]) - len(components[1]) - len(components[5]) - len(components[6]) - 7) // 3
components[2] = components[2][:avail]
components[3] = components[3][:avail]
components[4] = components[4][:avail]
@@ -800,7 +800,7 @@ sstate_task_postfunc[dirs] = "${WORKDIR}"
sstate_create_package () {
# Exit early if it already exists
if [ -e ${SSTATE_PKG} ]; then
- [ ! -w ${SSTATE_PKG} ] || touch ${SSTATE_PKG}
+ touch ${SSTATE_PKG} 2>/dev/null || true
return
fi
@@ -827,14 +827,18 @@ sstate_create_package () {
fi
chmod 0664 $TFILE
# Skip if it was already created by some other process
- if [ ! -e ${SSTATE_PKG} ]; then
+ if [ -h ${SSTATE_PKG} ] && [ ! -e ${SSTATE_PKG} ]; then
+ # There is a symbolic link, but it links to nothing.
+ # Forcefully replace it with the new file.
+ ln -f $TFILE ${SSTATE_PKG} || true
+ elif [ ! -e ${SSTATE_PKG} ]; then
# Move into place using ln to attempt an atomic op.
# Abort if it already exists
- ln $TFILE ${SSTATE_PKG} && rm $TFILE
+ ln $TFILE ${SSTATE_PKG} || true
else
- rm $TFILE
+ touch ${SSTATE_PKG} 2>/dev/null || true
fi
- [ ! -w ${SSTATE_PKG} ] || touch ${SSTATE_PKG}
+ rm $TFILE
}
python sstate_sign_package () {
@@ -863,12 +867,12 @@ python sstate_report_unihash() {
#
sstate_unpack_package () {
tar -xvzf ${SSTATE_PKG}
- # update .siginfo atime on local/NFS mirror
- [ -O ${SSTATE_PKG}.siginfo ] && [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo
- # Use "! -w ||" to return true for read only files
- [ ! -w ${SSTATE_PKG} ] || touch --no-dereference ${SSTATE_PKG}
- [ ! -w ${SSTATE_PKG}.sig ] || [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig
- [ ! -w ${SSTATE_PKG}.siginfo ] || [ ! -e ${SSTATE_PKG}.siginfo ] || touch --no-dereference ${SSTATE_PKG}.siginfo
+ # update .siginfo atime on local/NFS mirror if it is a symbolic link
+ [ ! -h ${SSTATE_PKG}.siginfo ] || [ ! -e ${SSTATE_PKG}.siginfo ] || touch -a ${SSTATE_PKG}.siginfo 2>/dev/null || true
+ # update each symbolic link instead of any referenced file
+ touch --no-dereference ${SSTATE_PKG} 2>/dev/null || true
+ [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig 2>/dev/null || true
+ [ ! -e ${SSTATE_PKG}.siginfo ] || touch --no-dereference ${SSTATE_PKG}.siginfo 2>/dev/null || true
}
BB_HASHCHECK_FUNCTION = "sstate_checkhashes"
@@ -946,7 +950,7 @@ def sstate_checkhashes(sq_data, d, siginfo=False, currentcount=0, summary=True,
localdata2 = bb.data.createCopy(localdata)
srcuri = "file://" + sstatefile
- localdata.setVar('SRC_URI', srcuri)
+ localdata2.setVar('SRC_URI', srcuri)
bb.debug(2, "SState: Attempting to fetch %s" % srcuri)
try:
diff --git a/meta/classes/testimage.bbclass b/meta/classes/testimage.bbclass
index e613759503..538ec4fc8a 100644
--- a/meta/classes/testimage.bbclass
+++ b/meta/classes/testimage.bbclass
@@ -230,9 +230,10 @@ def testimage_main(d):
tdname = "%s.testdata.json" % image_name
try:
- td = json.load(open(tdname, "r"))
- except (FileNotFoundError) as err:
- bb.fatal('File %s Not Found. Have you built the image with INHERIT+="testimage" in the conf/local.conf?' % tdname)
+ with open(tdname, "r") as f:
+ td = json.load(f)
+ except FileNotFoundError as err:
+ bb.fatal('File %s not found (%s).\nHave you built the image with INHERIT += "testimage" in the conf/local.conf?' % (tdname, err))
# Some variables need to be updates (mostly paths) with the
# ones of the current environment because some tests require them.
diff --git a/meta/classes/toaster.bbclass b/meta/classes/toaster.bbclass
index 9518ddf7a4..f365c09142 100644
--- a/meta/classes/toaster.bbclass
+++ b/meta/classes/toaster.bbclass
@@ -101,12 +101,12 @@ def _toaster_load_pkgdatafile(dirpath, filepath):
for line in fin:
try:
kn, kv = line.strip().split(": ", 1)
- m = re.match(r"^PKG_([^A-Z:]*)", kn)
+ m = re.match(r"^PKG:([^A-Z:]*)", kn)
if m:
pkgdata['OPKGN'] = m.group(1)
- kn = "_".join([x for x in kn.split("_") if x.isupper()])
- pkgdata[kn] = kv.strip()
- if kn == 'FILES_INFO':
+ kn = kn.split(":")[0]
+ pkgdata[kn] = kv
+ if kn.startswith('FILES_INFO'):
pkgdata[kn] = json.loads(kv)
except ValueError:
diff --git a/meta/classes/uboot-sign.bbclass b/meta/classes/uboot-sign.bbclass
index ba48f24b10..fca9de2934 100644
--- a/meta/classes/uboot-sign.bbclass
+++ b/meta/classes/uboot-sign.bbclass
@@ -131,6 +131,20 @@ concat_dtb_helper() {
elif [ -e "${DEPLOYDIR}/${UBOOT_NODTB_IMAGE}" -a -e "$deployed_uboot_dtb_binary" ]; then
cd ${DEPLOYDIR}
cat ${UBOOT_NODTB_IMAGE} $deployed_uboot_dtb_binary | tee ${B}/${CONFIG_B_PATH}/${UBOOT_BINARY} > ${UBOOT_IMAGE}
+
+ if [ -n "${UBOOT_CONFIG}" ]
+ then
+ for config in ${UBOOT_MACHINE}; do
+ i=$(expr $i + 1);
+ for type in ${UBOOT_CONFIG}; do
+ j=$(expr $j + 1);
+ if [ $j -eq $i ]
+ then
+ cp ${UBOOT_IMAGE} ${B}/${CONFIG_B_PATH}/u-boot-$type.${UBOOT_SUFFIX}
+ fi
+ done
+ done
+ fi
else
bbwarn "Failure while adding public key to u-boot binary. Verified boot won't be available."
fi
@@ -205,7 +219,7 @@ install_helper() {
fi
}
-# Install SPL dtb and u-boot nodtb to datadir,
+# Install SPL dtb and u-boot nodtb to datadir,
install_spl_helper() {
if [ -f "${SPL_DIR}/${SPL_DTB_BINARY}" ]; then
install -Dm 0644 ${SPL_DIR}/${SPL_DTB_BINARY} ${D}${datadir}/${SPL_DTB_IMAGE}
diff --git a/meta/classes/uninative.bbclass b/meta/classes/uninative.bbclass
index 1e19917a97..4412d7c567 100644
--- a/meta/classes/uninative.bbclass
+++ b/meta/classes/uninative.bbclass
@@ -2,7 +2,7 @@ UNINATIVE_LOADER ?= "${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux/lib/
UNINATIVE_STAGING_DIR ?= "${STAGING_DIR}"
UNINATIVE_URL ?= "unset"
-UNINATIVE_TARBALL ?= "${BUILD_ARCH}-nativesdk-libc.tar.xz"
+UNINATIVE_TARBALL ?= "${BUILD_ARCH}-nativesdk-libc-${UNINATIVE_VERSION}.tar.xz"
# Example checksums
#UNINATIVE_CHECKSUM[aarch64] = "dead"
#UNINATIVE_CHECKSUM[i686] = "dead"
@@ -100,7 +100,7 @@ ${UNINATIVE_STAGING_DIR}-uninative/relocate_sdk.py \
${UNINATIVE_LOADER} \
${UNINATIVE_LOADER} \
${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux/${bindir_native}/patchelf-uninative \
- ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so" % chksum)
+ ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so*" % chksum)
subprocess.check_output(cmd, shell=True)
with open(loaderchksum, "w") as f:
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index 561386b706..0b8bec312b 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -43,3 +43,12 @@ CVE_CHECK_WHITELIST += "CVE-2010-4756"
# CVE applies to a netapp product as well as flagging a general issue. We don't ship anything
# exposing this interface in an exploitable way
CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511"
+
+# db
+# Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with
+# supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed.
+CVE_CHECK_WHITELIST += "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-2015-2654 \
+CVE-2015-2656 CVE-2015-4754 CVE-2015-4764 CVE-2015-4774 CVE-2015-4775 CVE-2015-4776 CVE-2015-4777 \
+CVE-2015-4778 CVE-2015-4779 CVE-2015-4780 CVE-2015-4781 CVE-2015-4782 CVE-2015-4783 CVE-2015-4784 \
+CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \
+CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981"
diff --git a/meta/conf/distro/include/default-distrovars.inc b/meta/conf/distro/include/default-distrovars.inc
index 433d4b6651..038acc1504 100644
--- a/meta/conf/distro/include/default-distrovars.inc
+++ b/meta/conf/distro/include/default-distrovars.inc
@@ -47,5 +47,5 @@ KERNEL_IMAGETYPES ??= "${KERNEL_IMAGETYPE}"
# The CONNECTIVITY_CHECK_URIS are used to test whether we can succesfully
# fetch from the network (and warn you if not). To disable the test set
# the variable to be empty.
-# Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master
-CONNECTIVITY_CHECK_URIS ?= "https://www.example.com/"
+# Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master;branch=master
+CONNECTIVITY_CHECK_URIS ?= "https://yoctoproject.org/connectivity.html"
diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index 5d453a6fcd..5064ee6b79 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -191,7 +191,7 @@ RECIPE_MAINTAINER_pn-gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <r
RECIPE_MAINTAINER_pn-gcc-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER_pn-gcc-runtime = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER_pn-gcc-sanitizers = "Khem Raj <raj.khem@gmail.com>"
-RECIPE_MAINTAINER_pn-gcc-source-10.2.0 = "Khem Raj <raj.khem@gmail.com>"
+RECIPE_MAINTAINER_pn-gcc-source-10.3.0 = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER_pn-gconf = "Ross Burton <ross.burton@arm.com>"
RECIPE_MAINTAINER_pn-gcr = "Alexander Kanavin <alex.kanavin@gmail.com>"
RECIPE_MAINTAINER_pn-gdb = "Khem Raj <raj.khem@gmail.com>"
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index 740cca0ecf..bfe05ce1eb 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,9 +6,10 @@
# to the distro running on the build machine.
#
-UNINATIVE_MAXGLIBCVERSION = "2.33"
+UNINATIVE_MAXGLIBCVERSION = "2.35"
+UNINATIVE_VERSION = "3.5"
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.2/"
-UNINATIVE_CHECKSUM[aarch64] ?= "4f0872cdca2775b637a8a99815ca5c8dd42146abe903a24a50ee0448358c764b"
-UNINATIVE_CHECKSUM[i686] ?= "e2eeab92e67263db37d9bb6d4c58579abd1f47ff4cded3171bde572fece124b2"
-UNINATIVE_CHECKSUM[x86_64] ?= "3ee8c7d55e2d4c7ae3887cddb97219f97b94efddfeee2e24923c0cb0e8ce84c6"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/"
+UNINATIVE_CHECKSUM[aarch64] ?= "6de0771bd21e0fcb5e80388e5b561a8023b24083bcbf46e056a089982aff75d7"
+UNINATIVE_CHECKSUM[i686] ?= "8c8745becbfa1c341bae839c7eab56ddf17ce36c303bcd73d3b2f2f788b631c2"
+UNINATIVE_CHECKSUM[x86_64] ?= "e8047a5748e6f266165da141eb6d08b23674f30e477b0e5505b6403d50fbc4b2"
diff --git a/meta/conf/machine/include/arm/arch-armv8-5a.inc b/meta/conf/machine/include/arm/arch-armv8-5a.inc
new file mode 100644
index 0000000000..44c3b5bd22
--- /dev/null
+++ b/meta/conf/machine/include/arm/arch-armv8-5a.inc
@@ -0,0 +1,19 @@
+DEFAULTTUNE ?= "armv8-5a"
+
+TUNEVALID[armv8-5a] = "Enable instructions for ARMv8.5-a"
+TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'armv8-5a', ' -march=armv8.5-a', '', d)}"
+# TUNE crypto will be handled by arch-armv8a.inc below
+MACHINEOVERRIDES =. "${@bb.utils.contains('TUNE_FEATURES', 'armv8-5a', 'armv8-5a:', '', d)}"
+
+require conf/machine/include/arm/arch-armv8a.inc
+
+# Little Endian base configs
+AVAILTUNES += "armv8-5a armv8-5a-crypto"
+ARMPKGARCH_tune-armv8-5a ?= "armv8-5a"
+ARMPKGARCH_tune-armv8-5a-crypto ?= "armv8-5a"
+TUNE_FEATURES_tune-armv8-5a = "aarch64 armv8-5a"
+TUNE_FEATURES_tune-armv8-5a-crypto = "${TUNE_FEATURES_tune-armv8-5a} crypto"
+PACKAGE_EXTRA_ARCHS_tune-armv8-5a = "${PACKAGE_EXTRA_ARCHS_tune-armv8a} armv8-5a"
+PACKAGE_EXTRA_ARCHS_tune-armv8-5a-crypto = "${PACKAGE_EXTRA_ARCHS_tune-armv8-5a} armv8-5a-crypto"
+BASE_LIB_tune-armv8-5a = "lib64"
+BASE_LIB_tune-armv8-5a-crypto = "lib64"
diff --git a/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc b/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc
new file mode 100644
index 0000000000..dedabcf46e
--- /dev/null
+++ b/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc
@@ -0,0 +1,22 @@
+#
+# Tune Settings for Neoverse-N2
+#
+DEFAULTTUNE ?= "neoversen2"
+
+TUNEVALID[neoversen2] = "Enable Neoverse-N2 specific processor optimizations"
+TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'neoversen2', ' -mcpu=neoverse-n2', '', d)}"
+
+# Even though the Neoverse N2 core implemnts the Arm v9.0-A architecture,
+# but the support of it in GCC is based on the Arm v8.5-A architecture.
+require conf/machine/include/arm/arch-armv8-5a.inc
+
+# Little Endian base configs
+AVAILTUNES += "neoversen2 neoversen2-crypto"
+ARMPKGARCH_tune-neoversen2 = "neoversen2"
+ARMPKGARCH_tune-neoversen2-crypto = "neoversen2-crypto"
+TUNE_FEATURES_tune-neoversen2 = "${TUNE_FEATURES_tune-armv8-5a} neoversen2"
+TUNE_FEATURES_tune-neoversen2-crypto = "${TUNE_FEATURES_tune-neoversen2} crypto"
+PACKAGE_EXTRA_ARCHS_tune-neoversen2 = "${PACKAGE_EXTRA_ARCHS_tune-armv8-5a} neoversen2"
+PACKAGE_EXTRA_ARCHS_tune-neoversen2-crypto = "${PACKAGE_EXTRA_ARCHS_tune-armv8-5a-crypto} neoversen2 neoversen2-crypto"
+BASE_LIB_tune-neoversen2 = "lib64"
+BASE_LIB_tune-neoversen2-crypto = "lib64"
diff --git a/meta/conf/machine/include/tune-cortexa72.inc b/meta/conf/machine/include/tune-cortexa72.inc
index b3f68ab6e3..efb71ee0a1 100644
--- a/meta/conf/machine/include/tune-cortexa72.inc
+++ b/meta/conf/machine/include/tune-cortexa72.inc
@@ -6,8 +6,12 @@ TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'cortexa72', ' -mcpu=corte
require conf/machine/include/arm/arch-armv8a.inc
# Little Endian base configs
-AVAILTUNES += "cortexa72"
+AVAILTUNES += "cortexa72 cortexa72-crypto"
ARMPKGARCH_tune-cortexa72 = "cortexa72"
-TUNE_FEATURES_tune-cortexa72 = "${TUNE_FEATURES_tune-armv8a-crc-crypto} cortexa72"
-PACKAGE_EXTRA_ARCHS_tune-cortexa72 = "${PACKAGE_EXTRA_ARCHS_tune-armv8a-crc-crypto} cortexa72"
-BASE_LIB_tune-cortexa72 = "lib64"
+ARMPKGARCH_tune-cortexa72-crypto = "cortexa72"
+TUNE_FEATURES_tune-cortexa72 = "${TUNE_FEATURES_tune-armv8a-crc} cortexa72"
+TUNE_FEATURES_tune-cortexa72-crypto = "${TUNE_FEATURES_tune-cortexa72} crypto"
+PACKAGE_EXTRA_ARCHS_tune-cortexa72 = "${PACKAGE_EXTRA_ARCHS_tune-armv8-crc} cortexa72"
+PACKAGE_EXTRA_ARCHS_tune-cortexa72-crypto = "${PACKAGE_EXTRA_ARCHS_tune-armv8a-crc-crypto} cortexa72 cortexa72-crypto"
+BASE_LIB_tune-cortexa72 = "lib64"
+BASE_LIB_tune-cortexa72-crypto = "lib64"
diff --git a/meta/conf/multilib.conf b/meta/conf/multilib.conf
index d231107f8b..e9767c73b6 100644
--- a/meta/conf/multilib.conf
+++ b/meta/conf/multilib.conf
@@ -11,6 +11,8 @@ STAGING_DIR_TARGET = "${WORKDIR}/${MLPREFIX}recipe-sysroot"
RECIPE_SYSROOT = "${WORKDIR}/${MLPREFIX}recipe-sysroot"
RECIPE_SYSROOT_class-native = "${WORKDIR}/recipe-sysroot"
+PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/${MLPREFIX}recipe-sysroot"
+
INHERIT += "multilib_global"
BBCLASSEXTEND_append = " ${MULTILIBS}"
diff --git a/meta/files/toolchain-shar-relocate.sh b/meta/files/toolchain-shar-relocate.sh
index 3ece04db0a..cee9adbf39 100644
--- a/meta/files/toolchain-shar-relocate.sh
+++ b/meta/files/toolchain-shar-relocate.sh
@@ -5,7 +5,7 @@ fi
# fix dynamic loader paths in all ELF SDK binaries
native_sysroot=$($SUDO_EXEC cat $env_setup_script |grep 'OECORE_NATIVE_SYSROOT='|cut -d'=' -f2|tr -d '"')
-dl_path=$($SUDO_EXEC find $native_sysroot/lib -name "ld-linux*")
+dl_path=$($SUDO_EXEC find $native_sysroot/lib -maxdepth 1 -name "ld-linux*")
if [ "$dl_path" = "" ] ; then
echo "SDK could not be set up. Relocate script unable to find ld-linux.so. Abort!"
exit 1
diff --git a/meta/lib/oe/patch.py b/meta/lib/oe/patch.py
index fccbedb519..9034fcae03 100644
--- a/meta/lib/oe/patch.py
+++ b/meta/lib/oe/patch.py
@@ -4,6 +4,7 @@
import oe.path
import oe.types
+import subprocess
class NotFoundError(bb.BBHandledException):
def __init__(self, path):
@@ -25,7 +26,6 @@ class CmdError(bb.BBHandledException):
def runcmd(args, dir = None):
import pipes
- import subprocess
if dir:
olddir = os.path.abspath(os.curdir)
@@ -56,6 +56,7 @@ def runcmd(args, dir = None):
if dir:
os.chdir(olddir)
+
class PatchError(Exception):
def __init__(self, msg):
self.msg = msg
@@ -298,6 +299,24 @@ class GitApplyTree(PatchTree):
PatchTree.__init__(self, dir, d)
self.commituser = d.getVar('PATCH_GIT_USER_NAME')
self.commitemail = d.getVar('PATCH_GIT_USER_EMAIL')
+ if not self._isInitialized():
+ self._initRepo()
+
+ def _isInitialized(self):
+ cmd = "git rev-parse --show-toplevel"
+ try:
+ output = runcmd(cmd.split(), self.dir).strip()
+ except CmdError as err:
+ ## runcmd returned non-zero which most likely means 128
+ ## Not a git directory
+ return False
+ ## Make sure repo is in builddir to not break top-level git repos
+ return os.path.samefile(output, self.dir)
+
+ def _initRepo(self):
+ runcmd("git init".split(), self.dir)
+ runcmd("git add .".split(), self.dir)
+ runcmd("git commit -a --allow-empty -m bitbake_patching_started".split(), self.dir)
@staticmethod
def extractPatchHeader(patchfile):
diff --git a/meta/lib/oe/reproducible.py b/meta/lib/oe/reproducible.py
index 204b9bd734..0938e4cb39 100644
--- a/meta/lib/oe/reproducible.py
+++ b/meta/lib/oe/reproducible.py
@@ -41,7 +41,7 @@ def find_git_folder(d, sourcedir):
for root, dirs, files in os.walk(workdir, topdown=True):
dirs[:] = [d for d in dirs if d not in exclude]
if '.git' in dirs:
- return root
+ return os.path.join(root, ".git")
bb.warn("Failed to find a git repository in WORKDIR: %s" % workdir)
return None
diff --git a/meta/lib/oe/sdk.py b/meta/lib/oe/sdk.py
index 37b59afd1a..27347667e8 100644
--- a/meta/lib/oe/sdk.py
+++ b/meta/lib/oe/sdk.py
@@ -115,6 +115,10 @@ def sdk_list_installed_packages(d, target, rootfs_dir=None):
rootfs_dir = [sdk_output, os.path.join(sdk_output, target_path)][target is True]
+ if target is False:
+ ipkgconf_sdk_target = d.getVar("IPKGCONF_SDK")
+ d.setVar("IPKGCONF_TARGET", ipkgconf_sdk_target)
+
img_type = d.getVar('IMAGE_PKGTYPE')
import importlib
cls = importlib.import_module('oe.package_manager.' + img_type)
diff --git a/meta/lib/oe/utils.py b/meta/lib/oe/utils.py
index a84039f585..2a8771dc28 100644
--- a/meta/lib/oe/utils.py
+++ b/meta/lib/oe/utils.py
@@ -480,7 +480,8 @@ class ThreadedWorker(Thread):
try:
func(self, *args, **kargs)
except Exception as e:
- print(e)
+ # Eat all exceptions
+ bb.mainlogger.debug("Worker task raised %s" % e, exc_info=e)
finally:
self.tasks.task_done()
diff --git a/meta/lib/oeqa/manual/eclipse-plugin.json b/meta/lib/oeqa/manual/eclipse-plugin.json
index d77d0e673b..6c110d0656 100644
--- a/meta/lib/oeqa/manual/eclipse-plugin.json
+++ b/meta/lib/oeqa/manual/eclipse-plugin.json
@@ -44,7 +44,7 @@
"expected_results": ""
},
"2": {
- "action": "wget autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/qemu (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk \n\n",
+ "action": "wget https://downloads.yoctoproject.org/releases/yocto/yocto-$VERSION/machines/qemu/qemux86/ (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk \n\n",
"expected_results": " Qemu can be lauched normally."
},
"3": {
@@ -60,7 +60,7 @@
"expected_results": ""
},
"6": {
- "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n wget autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/bzImage-qemux86.bin \n e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin \n\n",
+ "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n wget https://downloads.yoctoproject.org/releases/yocto/yocto-$VERSION/machines/qemu/qemux86/bzImage-qemux86.bin \n e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin \n\n",
"expected_results": ""
},
"7": {
@@ -247,7 +247,7 @@
"execution": {
"1": {
"action": "Clone eclipse-poky source. \n \n - git clone git://git.yoctoproject.org/eclipse-poky \n\n",
- "expected_results": "Eclipse plugin is successfully installed \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on http://autobuilder.yoctoproject.org/pub/releases/yocto-2.0.1/eclipse-plugin/mars/ archive with documentation like org.yocto.doc-development-$date.zip \n \n"
+ "expected_results": "Eclipse plugin is successfully installed \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on https://downloads.yoctoproject.org/releases/yocto/yocto-2.0.1/eclipse-plugin/mars/ archive with documentation like org.yocto.doc-development-$date.zip \n \n"
},
"2": {
"action": "Checkout correct tag. \n\n - git checkout <eclipse-version>/<yocto-version> \n\n",
diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py b/meta/lib/oeqa/runtime/cases/parselogs.py
index 01b633d89e..c842f95c34 100644
--- a/meta/lib/oeqa/runtime/cases/parselogs.py
+++ b/meta/lib/oeqa/runtime/cases/parselogs.py
@@ -302,7 +302,7 @@ class ParseLogsTest(OERuntimeTestCase):
grepcmd = 'grep '
grepcmd += '-Ei "'
for error in errors:
- grepcmd += '\<' + error + '\>' + '|'
+ grepcmd += r'\<' + error + r'\>' + '|'
grepcmd = grepcmd[:-1]
grepcmd += '" ' + str(log) + " | grep -Eiv \'"
@@ -313,13 +313,13 @@ class ParseLogsTest(OERuntimeTestCase):
errorlist = ignore_errors['default']
for ignore_error in errorlist:
- ignore_error = ignore_error.replace('(', '\(')
- ignore_error = ignore_error.replace(')', '\)')
+ ignore_error = ignore_error.replace('(', r'\(')
+ ignore_error = ignore_error.replace(')', r'\)')
ignore_error = ignore_error.replace("'", '.')
- ignore_error = ignore_error.replace('?', '\?')
- ignore_error = ignore_error.replace('[', '\[')
- ignore_error = ignore_error.replace(']', '\]')
- ignore_error = ignore_error.replace('*', '\*')
+ ignore_error = ignore_error.replace('?', r'\?')
+ ignore_error = ignore_error.replace('[', r'\[')
+ ignore_error = ignore_error.replace(']', r'\]')
+ ignore_error = ignore_error.replace('*', r'\*')
ignore_error = ignore_error.replace('0-9', '[0-9]')
grepcmd += ignore_error + '|'
grepcmd = grepcmd[:-1]
diff --git a/meta/lib/oeqa/selftest/cases/bbtests.py b/meta/lib/oeqa/selftest/cases/bbtests.py
index 79390acc0d..4187cb840a 100644
--- a/meta/lib/oeqa/selftest/cases/bbtests.py
+++ b/meta/lib/oeqa/selftest/cases/bbtests.py
@@ -83,8 +83,10 @@ class BitbakeTests(OESelftestTestCase):
def test_force_task_1(self):
# test 1 from bug 5875
+ import uuid
test_recipe = 'zlib'
- test_data = "Microsoft Made No Profit From Anyone's Zunes Yo"
+ # Need to use uuid otherwise hash equivlance would change the workflow
+ test_data = "Microsoft Made No Profit From Anyone's Zunes Yo %s" % uuid.uuid1()
bb_vars = get_bb_vars(['D', 'PKGDEST', 'mandir'], test_recipe)
image_dir = bb_vars['D']
pkgsplit_dir = bb_vars['PKGDEST']
@@ -161,7 +163,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\"
""")
self.track_for_cleanup(os.path.join(self.builddir, "download-selftest"))
- data = 'SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"'
+ data = 'SRC_URI = "https://downloads.yoctoproject.org/mirror/sources/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"'
self.write_recipeinc('aspell', data)
result = bitbake('-f -c fetch aspell', ignore_status=True)
self.delete_recipeinc('aspell')
@@ -298,3 +300,32 @@ INHERIT_remove = \"report-error\"
test_recipe_summary_after = get_bb_var('SUMMARY', test_recipe)
self.assertEqual(expected_recipe_summary, test_recipe_summary_after)
+
+ def test_git_patchtool(self):
+ """ PATCHTOOL=git should work with non-git sources like tarballs
+ test recipe for the test must NOT containt git:// repository in SRC_URI
+ """
+ test_recipe = "man-db"
+ self.write_recipeinc(test_recipe, 'PATCHTOOL=\"git\"')
+ src = get_bb_var("SRC_URI",test_recipe)
+ gitscm = re.search("git://", src)
+ self.assertFalse(gitscm, "test_git_patchtool pre-condition failed: {} test recipe contains git repo!".format(test_recipe))
+ result = bitbake('{} -c patch'.format(test_recipe), ignore_status=False)
+ fatal = re.search("fatal: not a git repository (or any of the parent directories)", result.output)
+ self.assertFalse(fatal, "Failed to patch using PATCHTOOL=\"git\"")
+ self.delete_recipeinc(test_recipe)
+ bitbake('-cclean {}'.format(test_recipe))
+
+ def test_git_patchtool2(self):
+ """ Test if PATCHTOOL=git works with git repo and doesn't reinitialize it
+ """
+ test_recipe = "gitrepotest"
+ src = get_bb_var("SRC_URI",test_recipe)
+ gitscm = re.search("git://", src)
+ self.assertTrue(gitscm, "test_git_patchtool pre-condition failed: {} test recipe doesn't contains git repo!".format(test_recipe))
+ result = bitbake('{} -c patch'.format(test_recipe), ignore_status=False)
+ srcdir = get_bb_var('S', test_recipe)
+ result = runCmd("git log", cwd = srcdir)
+ self.assertFalse("bitbake_patching_started" in result.output, msg = "Repository has been reinitialized. {}".format(srcdir))
+ self.delete_recipeinc(test_recipe)
+ bitbake('-cclean {}'.format(test_recipe))
diff --git a/meta/lib/oeqa/selftest/cases/devtool.py b/meta/lib/oeqa/selftest/cases/devtool.py
index 3385546e8e..7ac1fcfbeb 100644
--- a/meta/lib/oeqa/selftest/cases/devtool.py
+++ b/meta/lib/oeqa/selftest/cases/devtool.py
@@ -340,7 +340,7 @@ class DevtoolAddTests(DevtoolBase):
checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263'
checkvars['S'] = '${WORKDIR}/git'
checkvars['PV'] = '0.1+git${SRCPV}'
- checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https'
+ checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https;branch=master'
checkvars['SRCREV'] = srcrev
checkvars['DEPENDS'] = set(['dbus'])
self._test_recipe_contents(recipefile, checkvars, [])
@@ -442,6 +442,7 @@ class DevtoolAddTests(DevtoolBase):
tempdir = tempfile.mkdtemp(prefix='devtoolqa')
self.track_for_cleanup(tempdir)
url = 'gitsm://git.yoctoproject.org/mraa'
+ url_branch = '%s;branch=master' % url
checkrev = 'ae127b19a50aa54255e4330ccfdd9a5d058e581d'
testrecipe = 'mraa'
srcdir = os.path.join(tempdir, testrecipe)
@@ -462,7 +463,7 @@ class DevtoolAddTests(DevtoolBase):
checkvars = {}
checkvars['S'] = '${WORKDIR}/git'
checkvars['PV'] = '1.0+git${SRCPV}'
- checkvars['SRC_URI'] = url
+ checkvars['SRC_URI'] = url_branch
checkvars['SRCREV'] = '${AUTOREV}'
self._test_recipe_contents(recipefile, checkvars, [])
# Try with revision and version specified
@@ -481,7 +482,7 @@ class DevtoolAddTests(DevtoolBase):
checkvars = {}
checkvars['S'] = '${WORKDIR}/git'
checkvars['PV'] = '1.5+git${SRCPV}'
- checkvars['SRC_URI'] = url
+ checkvars['SRC_URI'] = url_branch
checkvars['SRCREV'] = checkrev
self._test_recipe_contents(recipefile, checkvars, [])
@@ -904,7 +905,7 @@ class DevtoolUpdateTests(DevtoolBase):
self._check_repo_status(os.path.dirname(recipefile), expected_status)
result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile))
- addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git"']
+ addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master"']
srcurilines = src_uri.split()
srcurilines[0] = 'SRC_URI = "' + srcurilines[0]
srcurilines.append('"')
diff --git a/meta/lib/oeqa/selftest/cases/fetch.py b/meta/lib/oeqa/selftest/cases/fetch.py
index cd15f65129..d2f0c38ef4 100644
--- a/meta/lib/oeqa/selftest/cases/fetch.py
+++ b/meta/lib/oeqa/selftest/cases/fetch.py
@@ -99,7 +99,7 @@ class Dependencies(OESelftestTestCase):
r = """
LICENSE="CLOSED"
- SRC_URI="git://example.com/repo"
+ SRC_URI="git://example.com/repo;branch=master"
"""
f = self.write_recipe(textwrap.dedent(r), tempdir)
d = tinfoil.parse_recipe_file(f)
diff --git a/meta/lib/oeqa/selftest/cases/glibc.py b/meta/lib/oeqa/selftest/cases/glibc.py
index c687f6ef93..cf8c92887b 100644
--- a/meta/lib/oeqa/selftest/cases/glibc.py
+++ b/meta/lib/oeqa/selftest/cases/glibc.py
@@ -33,7 +33,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
ptestsuite = "glibc-user" if ssh is None else "glibc"
self.ptest_section(ptestsuite)
- with open(os.path.join(builddir, "tests.sum"), "r") as f:
+ with open(os.path.join(builddir, "tests.sum"), "r", errors='replace') as f:
for test, result in parse_values(f):
self.ptest_result(ptestsuite, test, result)
diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py b/meta/lib/oeqa/selftest/cases/recipetool.py
index 9d56e9e1e3..4f283cdc03 100644
--- a/meta/lib/oeqa/selftest/cases/recipetool.py
+++ b/meta/lib/oeqa/selftest/cases/recipetool.py
@@ -357,7 +357,7 @@ class RecipetoolTests(RecipetoolBase):
tempsrc = os.path.join(self.tempdir, 'srctree')
os.makedirs(tempsrc)
recipefile = os.path.join(self.tempdir, 'libmatchbox.bb')
- srcuri = 'git://git.yoctoproject.org/libmatchbox'
+ srcuri = 'git://git.yoctoproject.org/libmatchbox;branch=master'
result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri + ";rev=9f7cf8895ae2d39c465c04cc78e918c157420269", '-x', tempsrc])
self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output)
checkvars = {}
@@ -375,7 +375,7 @@ class RecipetoolTests(RecipetoolBase):
temprecipe = os.path.join(self.tempdir, 'recipe')
os.makedirs(temprecipe)
pv = '1.7.3.0'
- srcuri = 'http://www.dest-unreach.org/socat/download/socat-%s.tar.bz2' % pv
+ srcuri = 'http://www.dest-unreach.org/socat/download/Archive/socat-%s.tar.bz2' % pv
result = runCmd('recipetool create %s -o %s' % (srcuri, temprecipe))
dirlist = os.listdir(temprecipe)
if len(dirlist) > 1:
@@ -447,7 +447,7 @@ class RecipetoolTests(RecipetoolBase):
self.assertTrue(os.path.isfile(recipefile))
checkvars = {}
checkvars['LICENSE'] = set(['Apache-2.0'])
- checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https'
+ checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https;branch=master'
inherits = ['setuptools3']
self._test_recipe_contents(recipefile, checkvars, inherits)
@@ -514,7 +514,7 @@ class RecipetoolTests(RecipetoolBase):
self.assertTrue(os.path.isfile(recipefile))
checkvars = {}
checkvars['LICENSE'] = set(['GPLv2'])
- checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http'
+ checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http;branch=master'
inherits = ['pkgconfig', 'autotools']
self._test_recipe_contents(recipefile, checkvars, inherits)
diff --git a/meta/lib/oeqa/selftest/cases/reproducible.py b/meta/lib/oeqa/selftest/cases/reproducible.py
index a62757399b..546dc91120 100644
--- a/meta/lib/oeqa/selftest/cases/reproducible.py
+++ b/meta/lib/oeqa/selftest/cases/reproducible.py
@@ -114,8 +114,9 @@ def compare_file(reference, test, diffutils_sysroot):
result.status = SAME
return result
-def run_diffoscope(a_dir, b_dir, html_dir, **kwargs):
- return runCmd(['diffoscope', '--no-default-limits', '--exclude-directory-metadata', 'yes', '--html-dir', html_dir, a_dir, b_dir],
+def run_diffoscope(a_dir, b_dir, html_dir, max_report_size=0, **kwargs):
+ return runCmd(['diffoscope', '--no-default-limits', '--max-report-size', str(max_report_size),
+ '--exclude-directory-metadata', 'yes', '--html-dir', html_dir, a_dir, b_dir],
**kwargs)
class DiffoscopeTests(OESelftestTestCase):
@@ -145,6 +146,9 @@ class ReproducibleTests(OESelftestTestCase):
package_classes = ['deb', 'ipk', 'rpm']
+ # Maximum report size, in bytes
+ max_report_size = 250 * 1024 * 1024
+
# targets are the things we want to test the reproducibility of
targets = ['core-image-minimal', 'core-image-sato', 'core-image-full-cmdline', 'core-image-weston', 'world']
# sstate targets are things to pull from sstate to potentially cut build/debugging time
@@ -321,7 +325,7 @@ class ReproducibleTests(OESelftestTestCase):
# Copy jquery to improve the diffoscope output usability
self.copy_file(os.path.join(jquery_sysroot, 'usr/share/javascript/jquery/jquery.min.js'), os.path.join(package_html_dir, 'jquery.js'))
- run_diffoscope('reproducibleA', 'reproducibleB', package_html_dir,
+ run_diffoscope('reproducibleA', 'reproducibleB', package_html_dir, max_report_size=self.max_report_size,
native_sysroot=diffoscope_sysroot, ignore_status=True, cwd=package_dir)
if fails:
diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
index b20c5b427b..f9649339e5 100644
--- a/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -185,6 +185,10 @@ class TestImage(OESelftestTestCase):
self.skipTest('virgl isn\'t working with Debian 9')
if distro and distro == 'centos-7':
self.skipTest('virgl isn\'t working with Centos 7')
+ if distro and distro == 'centos-8':
+ self.skipTest('virgl isn\'t working with Centos 8')
+ if distro and distro == 'fedora-34':
+ self.skipTest('virgl isn\'t working with Fedora 34')
if distro and distro == 'opensuseleap-15.0':
self.skipTest('virgl isn\'t working with Opensuse 15.0')
@@ -228,6 +232,9 @@ class TestImage(OESelftestTestCase):
dripath = subprocess.check_output("pkg-config --variable=dridriverdir dri", shell=True)
except subprocess.CalledProcessError as e:
self.skipTest("Could not determine the path to dri drivers on the host via pkg-config.\nPlease install Mesa development files (particularly, dri.pc) on the host machine.")
+ distro = oe.lsb.distro_identifier()
+ if distro and distro == 'fedora-34':
+ self.skipTest('virgl isn\'t working with Fedora 34')
qemu_distrofeatures = get_bb_var('DISTRO_FEATURES', 'qemu-system-native')
features = 'INHERIT += "testimage"\n'
if 'opengl' not in qemu_distrofeatures:
diff --git a/meta/lib/oeqa/selftest/cases/sstatetests.py b/meta/lib/oeqa/selftest/cases/sstatetests.py
index c46e8ba489..e2fe38be87 100644
--- a/meta/lib/oeqa/selftest/cases/sstatetests.py
+++ b/meta/lib/oeqa/selftest/cases/sstatetests.py
@@ -39,7 +39,7 @@ class SStateTests(SStateBase):
recipefile = os.path.join(tempdir, "recipes-test", "dbus-wait-test", 'dbus-wait-test_git.bb')
os.makedirs(os.path.dirname(recipefile))
- srcuri = 'git://' + srcdir + ';protocol=file'
+ srcuri = 'git://' + srcdir + ';protocol=file;branch=master'
result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri])
self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output)
diff --git a/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb b/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb
index 5d6f200a73..e9dfa0770e 100644
--- a/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb
+++ b/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb
@@ -10,7 +10,7 @@ DEPENDS = "efivar popt"
COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
-SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https \
+SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https;branch=master \
file://0001-remove-extra-decl.patch \
file://97668ae0bce776a36ea2001dea63d376be8274ac.patch \
"
diff --git a/meta/recipes-bsp/efivar/efivar_37.bb b/meta/recipes-bsp/efivar/efivar_37.bb
index 5bf121ff6e..fa1fe1ecdf 100644
--- a/meta/recipes-bsp/efivar/efivar_37.bb
+++ b/meta/recipes-bsp/efivar/efivar_37.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6626bb1e20189cfa95f2c508ba286393"
COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
-SRC_URI = "git://github.com/rhinstaller/efivar.git \
+SRC_URI = "git://github.com/rhinstaller/efivar.git;branch=master;protocol=https \
file://determinism.patch \
file://no-werror.patch"
SRCREV = "c1d6b10e1ed4ba2be07f385eae5bceb694478a10"
diff --git a/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch b/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch
new file mode 100644
index 0000000000..dae26fd8bb
--- /dev/null
+++ b/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch
@@ -0,0 +1,49 @@
+From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001
+From: Michael Chang <mchang@suse.com>
+Date: Fri, 3 Dec 2021 16:13:28 +0800
+Subject: [PATCH] grub-mkconfig: Restore umask for the grub.cfg
+
+The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating
+configuration by grub-mkconfig) has inadvertently discarded umask for
+creating grub.cfg in the process of running grub-mkconfig. The resulting
+wrong permission (0644) would allow unprivileged users to read GRUB
+configuration file content. This presents a low confidentiality risk
+as grub.cfg may contain non-secured plain-text passwords.
+
+This patch restores the missing umask and sets the creation file mode
+to 0600 preventing unprivileged access.
+
+Fixes: CVE-2021-3981
+
+Signed-off-by: Michael Chang <mchang@suse.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+
+Upstream-Status: Backport
+CVE: CVE-2021-3981
+
+Reference to upstream patch:
+https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0adec29674561034771c13e446069b41ef41e4d4
+
+Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
+---
+ util/grub-mkconfig.in | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
+index c3ea7612e..62335d027 100644
+--- a/util/grub-mkconfig.in
++++ b/util/grub-mkconfig.in
+@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with
+ exit 1
+ else
+ # none of the children aborted with error, install the new grub.cfg
++ oldumask=$(umask)
++ umask 077
+ cat ${grub_cfg}.new > ${grub_cfg}
++ umask $oldumask
+ rm -f ${grub_cfg}.new
+ fi
+ fi
+--
+2.31.1
+
diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc
index 3c6b434c2d..a70754e346 100644
--- a/meta/recipes-bsp/grub/grub2.inc
+++ b/meta/recipes-bsp/grub/grub2.inc
@@ -20,6 +20,7 @@ SRC_URI = "https://alpha.gnu.org/gnu/grub/grub-${REALPV}.tar.xz \
file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \
file://determinism.patch \
file://0001-RISC-V-Restore-the-typcast-to-long.patch \
+ file://CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch \
"
SRC_URI[sha256sum] = "2c87f1f21e2ab50043e6cd9163c08f1b6c3a6171556bf23ff9ed65b074145484"
diff --git a/meta/recipes-bsp/opensbi/opensbi_0.9.bb b/meta/recipes-bsp/opensbi/opensbi_0.9.bb
index cb1c3f2ebf..e01491c9b7 100644
--- a/meta/recipes-bsp/opensbi/opensbi_0.9.bb
+++ b/meta/recipes-bsp/opensbi/opensbi_0.9.bb
@@ -9,7 +9,7 @@ require opensbi-payloads.inc
inherit autotools-brokensep deploy
SRCREV = "234ed8e427f4d92903123199f6590d144e0d9351"
-SRC_URI = "git://github.com/riscv/opensbi.git;branch=master \
+SRC_URI = "git://github.com/riscv/opensbi.git;branch=master;protocol=https \
file://0001-Makefile-Don-t-specify-mabi-or-march.patch \
"
diff --git a/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb b/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb
index 613e3161fb..8234b86162 100644
--- a/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb
+++ b/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb
@@ -10,7 +10,7 @@ LICENSE = "LGPL-2.1"
LIC_FILES_CHKSUM = "file://Licenses/lgpl-2.1.txt;md5=4fbd65380cdd255951079008b364516c"
SECTION = "libs"
-SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https"
+SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https;branch=master"
SRCREV = "824551ac77bab1d0f7ae34d7a7c77b155240e754"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-bsp/u-boot/u-boot-common.inc b/meta/recipes-bsp/u-boot/u-boot-common.inc
index 993478a73b..17c6140216 100644
--- a/meta/recipes-bsp/u-boot/u-boot-common.inc
+++ b/meta/recipes-bsp/u-boot/u-boot-common.inc
@@ -14,7 +14,7 @@ PE = "1"
# repo during parse
SRCREV = "c4fddedc48f336eabc4ce3f74940e6aa372de18c"
-SRC_URI = "git://git.denx.de/u-boot.git \
+SRC_URI = "git://git.denx.de/u-boot.git;branch=master \
file://0001-add-valid-fdt-check.patch \
file://CVE-2021-27097-1.patch \
file://CVE-2021-27097-2.patch \
diff --git a/meta/recipes-connectivity/avahi/files/local-ping.patch b/meta/recipes-connectivity/avahi/files/local-ping.patch
index 94116ad1f3..29c192d296 100644
--- a/meta/recipes-connectivity/avahi/files/local-ping.patch
+++ b/meta/recipes-connectivity/avahi/files/local-ping.patch
@@ -1,4 +1,5 @@
CVE: CVE-2021-36217
+CVE: CVE-2021-3502
Upstream-Status: Backport
Signed-off-by: Ross Burton <ross.burton@arm.com>
diff --git a/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch
new file mode 100644
index 0000000000..f63c333264
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch
@@ -0,0 +1,76 @@
+From 011e9418ce9bb25675de6ac8d47536efedeeb312 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org>
+Date: Fri, 24 Sep 2021 09:35:11 +0200
+Subject: [PATCH] Disable lame-ttl cache
+
+The lame-ttl cache is implemented in ADB as per-server locked
+linked-list "indexed" with <qname,qtype>. This list has to be walked
+every time there's a new query or new record added into the lame cache.
+Determined attacker can use this to degrade performance of the resolver.
+
+Resolver testing has shown that disabling the lame cache has little
+impact on the resolver performance and it's a minimal viable defense
+against this kind of attack.
+
+CVE: CVE-2021-25219
+
+Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/8fe18c0566c41228a568157287f5a44f96d37662]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ bin/named/config.c | 2 +-
+ bin/named/server.c | 7 +++++--
+ doc/arm/reference.rst | 6 +++---
+ 3 files changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/bin/named/config.c b/bin/named/config.c
+index fa8473db7c..b6453b814e 100644
+--- a/bin/named/config.c
++++ b/bin/named/config.c
+@@ -151,7 +151,7 @@ options {\n\
+ fetches-per-server 0;\n\
+ fetches-per-zone 0;\n\
+ glue-cache yes;\n\
+- lame-ttl 600;\n"
++ lame-ttl 0;\n"
+ #ifdef HAVE_LMDB
+ " lmdb-mapsize 32M;\n"
+ #endif /* ifdef HAVE_LMDB */
+diff --git a/bin/named/server.c b/bin/named/server.c
+index 638703e8c2..35ad6a0b7f 100644
+--- a/bin/named/server.c
++++ b/bin/named/server.c
+@@ -4806,8 +4806,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
+ result = named_config_get(maps, "lame-ttl", &obj);
+ INSIST(result == ISC_R_SUCCESS);
+ lame_ttl = cfg_obj_asduration(obj);
+- if (lame_ttl > 1800) {
+- lame_ttl = 1800;
++ if (lame_ttl > 0) {
++ cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING,
++ "disabling lame cache despite lame-ttl > 0 as it "
++ "may cause performance issues");
++ lame_ttl = 0;
+ }
+ dns_resolver_setlamettl(view->resolver, lame_ttl);
+
+diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst
+index 3bc4439745..fea854f3d1 100644
+--- a/doc/arm/reference.rst
++++ b/doc/arm/reference.rst
+@@ -3358,9 +3358,9 @@ Tuning
+ ^^^^^^
+
+ ``lame-ttl``
+- This sets the number of seconds to cache a lame server indication. 0
+- disables caching. (This is **NOT** recommended.) The default is
+- ``600`` (10 minutes) and the maximum value is ``1800`` (30 minutes).
++ This is always set to 0. More information is available in the
++ `security advisory for CVE-2021-25219
++ <https://kb.isc.org/docs/cve-2021-25219>`_.
+
+ ``servfail-ttl``
+ This sets the number of seconds to cache a SERVFAIL response due to DNSSEC
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch
new file mode 100644
index 0000000000..1217f7f186
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch
@@ -0,0 +1,65 @@
+From 117cf776a7add27ac6d236b4062258da0d068486 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org>
+Date: Mon, 15 Nov 2021 16:26:52 +0800
+Subject: [PATCH] Enable lame response detection even with disabled lame cache
+
+Previously, when lame cache would be disabled by setting lame-ttl to 0,
+it would also disable lame answer detection. In this commit, we enable
+the lame response detection even when the lame cache is disabled. This
+enables stopping answer processing early rather than going through the
+whole answer processing flow.
+
+CVE: CVE-2021-25219
+
+Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/e4931584a34bdd0a0d18e4d918fb853bf5296787]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ lib/dns/resolver.c | 23 ++++++++++++-----------
+ 1 file changed, 12 insertions(+), 11 deletions(-)
+
+diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
+index 50fadc0..9291bd4 100644
+--- a/lib/dns/resolver.c
++++ b/lib/dns/resolver.c
+@@ -10217,25 +10217,26 @@ rctx_badserver(respctx_t *rctx, isc_result_t result) {
+ */
+ static isc_result_t
+ rctx_lameserver(respctx_t *rctx) {
+- isc_result_t result;
++ isc_result_t result = ISC_R_SUCCESS;
+ fetchctx_t *fctx = rctx->fctx;
+ resquery_t *query = rctx->query;
+
+- if (fctx->res->lame_ttl == 0 || ISFORWARDER(query->addrinfo) ||
+- !is_lame(fctx, query->rmessage))
+- {
++ if (ISFORWARDER(query->addrinfo) || !is_lame(fctx, query->rmessage)) {
+ return (ISC_R_SUCCESS);
+ }
+
+ inc_stats(fctx->res, dns_resstatscounter_lame);
+ log_lame(fctx, query->addrinfo);
+- result = dns_adb_marklame(fctx->adb, query->addrinfo, &fctx->name,
+- fctx->type, rctx->now + fctx->res->lame_ttl);
+- if (result != ISC_R_SUCCESS) {
+- isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER,
+- DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR,
+- "could not mark server as lame: %s",
+- isc_result_totext(result));
++ if (fctx->res->lame_ttl != 0) {
++ result = dns_adb_marklame(fctx->adb, query->addrinfo,
++ &fctx->name, fctx->type,
++ rctx->now + fctx->res->lame_ttl);
++ if (result != ISC_R_SUCCESS) {
++ isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER,
++ DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR,
++ "could not mark server as lame: %s",
++ isc_result_totext(result));
++ }
+ }
+ rctx->broken_server = DNS_R_LAME;
+ rctx->next_server = true;
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/bind/bind_9.16.16.bb b/meta/recipes-connectivity/bind/bind_9.16.16.bb
index b152598402..4bfdeca9ce 100644
--- a/meta/recipes-connectivity/bind/bind_9.16.16.bb
+++ b/meta/recipes-connectivity/bind/bind_9.16.16.bb
@@ -18,6 +18,8 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
file://0001-avoid-start-failure-with-bind-user.patch \
+ file://CVE-2021-25219-1.patch \
+ file://CVE-2021-25219-2.patch \
"
SRC_URI[sha256sum] = "6c913902adf878e7dc5e229cea94faefc9d40f44775a30213edd08860f761d7b"
diff --git a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb
index af986c4eab..e4eeb3c726 100644
--- a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb
+++ b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb
@@ -10,7 +10,7 @@ DEPENDS = "gtk+3 dbus-glib dbus-glib-native intltool-native gettext-native"
# 0.7 tag
SRCREV = "cf3c325b23dae843c5499a113591cfbc98acb143"
-SRC_URI = "git://github.com/connectivity/connman-gnome.git \
+SRC_URI = "git://github.com/connectivity/connman-gnome.git;branch=master;protocol=https \
file://0001-Removed-icon-from-connman-gnome-about-applet.patch \
file://null_check_for_ipv4_config.patch \
file://images/ \
diff --git a/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch b/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch
new file mode 100644
index 0000000000..f05c696929
--- /dev/null
+++ b/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch
@@ -0,0 +1,67 @@
+From 98ccabf68e5b3f0a177bd1925581753d10041448 Mon Sep 17 00:00:00 2001
+From: Simon Josefsson <simon@josefsson.org>
+Date: Wed, 1 Sep 2021 09:09:50 +0200
+Subject: [PATCH] ftp: check that PASV/LSPV addresses match.
+
+* NEWS: Mention change.
+* ftp/ftp.c (initconn): Validate returned addresses.
+
+CVE: CVE-2021-40491
+
+Upstream-Status: Backport
+[https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ ftp/ftp.c | 21 +++++++++++++++++++++
+ 1 files changed, 21 insertions(+)
+
+diff --git a/ftp/ftp.c b/ftp/ftp.c
+index d21dbdd..7513539 100644
+--- a/ftp/ftp.c
++++ b/ftp/ftp.c
+@@ -1365,6 +1365,13 @@ initconn (void)
+ uint32_t *pu32 = (uint32_t *) &data_addr_sa4->sin_addr.s_addr;
+ pu32[0] = htonl ( (h[0] << 24) | (h[1] << 16) | (h[2] << 8) | h[3]);
+ }
++ if (data_addr_sa4->sin_addr.s_addr
++ != ((struct sockaddr_in *) &hisctladdr)->sin_addr.s_addr)
++ {
++ printf ("Passive mode address mismatch.\n");
++ (void) command ("ABOR"); /* Cancel any open connection. */
++ goto bad;
++ }
+ } /* LPSV IPv4 */
+ else /* IPv6 */
+ {
+@@ -1395,6 +1402,13 @@ initconn (void)
+ pu32[2] = htonl ( (h[8] << 24) | (h[9] << 16) | (h[10] << 8) | h[11]);
+ pu32[3] = htonl ( (h[12] << 24) | (h[13] << 16) | (h[14] << 8) | h[15]);
+ }
++ if (data_addr_sa6->sin6_addr.s6_addr
++ != ((struct sockaddr_in6 *) &hisctladdr)->sin6_addr.s6_addr)
++ {
++ printf ("Passive mode address mismatch.\n");
++ (void) command ("ABOR"); /* Cancel any open connection. */
++ goto bad;
++ }
+ } /* LPSV IPv6 */
+ }
+ else /* !EPSV && !LPSV */
+@@ -1415,6 +1429,13 @@ initconn (void)
+ | ((a2 & 0xff) << 8) | (a3 & 0xff) );
+ data_addr_sa4->sin_port =
+ htons (((p0 & 0xff) << 8) | (p1 & 0xff));
++ if (data_addr_sa4->sin_addr.s_addr
++ != ((struct sockaddr_in *) &hisctladdr)->sin_addr.s_addr)
++ {
++ printf ("Passive mode address mismatch.\n");
++ (void) command ("ABOR"); /* Cancel any open connection. */
++ goto bad;
++ }
+ } /* PASV */
+ else
+ {
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.0.bb b/meta/recipes-connectivity/inetutils/inetutils_2.0.bb
index a4d05b0542..d299bc359e 100644
--- a/meta/recipes-connectivity/inetutils/inetutils_2.0.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_2.0.bb
@@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
file://tftpd.xinetd.inetutils \
file://inetutils-1.9-PATH_PROCNET_DEV.patch \
file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \
+ file://CVE-2021-40491.patch \
"
SRC_URI[md5sum] = "5e1018502cd131ed8e42339f6b5c98aa"
diff --git a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
index 9a83898e52..5213b28345 100644
--- a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
+++ b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1"
DEPENDS = "avahi"
-SRC_URI = "git://github.com/lathiat/nss-mdns \
+SRC_URI = "git://github.com/lathiat/nss-mdns;branch=master;protocol=https \
"
SRCREV = "41c9c5e78f287ed4b41ac438c1873fa71bfa70ae"
diff --git a/meta/recipes-connectivity/libuv/libuv_1.41.0.bb b/meta/recipes-connectivity/libuv/libuv_1.41.0.bb
index 4987331dc8..e15d338941 100644
--- a/meta/recipes-connectivity/libuv/libuv_1.41.0.bb
+++ b/meta/recipes-connectivity/libuv/libuv_1.41.0.bb
@@ -6,7 +6,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=a68902a430e32200263d182d44924d47"
SRCREV = "1dff88e5161cba5c59276d2070d2e304e4dcb242"
-SRC_URI = "git://github.com/libuv/libuv;branch=v1.x"
+SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index f170cf4650..781b9216c5 100644
--- a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -4,11 +4,12 @@ DESCRIPTION = "Mobile Broadband Service Provider Database stores service provide
SECTION = "network"
LICENSE = "PD"
LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04"
-SRCREV = "90f3fe28aa25135b7e4a54a7816388913bfd4a2a"
-PV = "20201225"
+
+SRCREV = "4cbb44a9fe26aa6f0b28beb79f9488b37c097b5e"
+PV = "20220315"
PE = "1"
-SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https"
+SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main"
S = "${WORKDIR}/git"
inherit autotools
diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch
new file mode 100644
index 0000000000..9ca7c2f202
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch
@@ -0,0 +1,49 @@
+From 1f0707e8e78ef290fd0f229df3fcd2236f29db89 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 28 Oct 2021 11:11:05 +0800
+Subject: [PATCH] upstream: need initgroups() before setresgid(); reported by
+ anton@,
+
+ok deraadt@
+
+OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce
+
+CVE: CVE-2021-41617
+Upstream-Status: [Backport]
+https://github.com/openssh/openssh-portable/commit/f3cbe43e28fe71427d41cfe3a17125b972710455
+https://github.com/openssh/openssh-portable/commit/bf944e3794eff5413f2df1ef37cddf96918c6bde
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ misc.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/misc.c b/misc.c
+index d988ce3..33eca1c 100644
+--- a/misc.c
++++ b/misc.c
+@@ -56,6 +56,7 @@
+ #ifdef HAVE_PATHS_H
+ # include <paths.h>
+ #include <pwd.h>
++#include <grp.h>
+ #endif
+ #ifdef SSH_TUN_OPENBSD
+ #include <net/if.h>
+@@ -2629,6 +2630,13 @@ subprocess(const char *tag, const char *command,
+ }
+ closefrom(STDERR_FILENO + 1);
+
++ if (geteuid() == 0 &&
++ initgroups(pw->pw_name, pw->pw_gid) == -1) {
++ error("%s: initgroups(%s, %u): %s", tag,
++ pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
++ _exit(1);
++ }
++
+ if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
+ error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
+ strerror(errno));
+--
+2.17.1
+
diff --git a/meta/recipes-connectivity/openssh/openssh_8.5p1.bb b/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
index c6de519884..9a5f37bc39 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.5p1.bb
@@ -24,6 +24,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
file://sshd_check_keys \
file://add-test-support-for-busybox.patch \
+ file://CVE-2021-41617.patch \
"
SRC_URI[sha256sum] = "f52f3f41d429aa9918e38cf200af225ccdd8e66f052da572870c89737646ec25"
diff --git a/meta/recipes-connectivity/openssl/openssl/reproducibility.patch b/meta/recipes-connectivity/openssl/openssl/reproducibility.patch
new file mode 100644
index 0000000000..8accbc9df2
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/reproducibility.patch
@@ -0,0 +1,22 @@
+Using localtime() means the output can depend on the timezone of the build machine.
+Using gmtime() is safer. For complete reproducibility use SOURCE_DATE_EPOCH if set.
+
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Upstream-Status: Pending [should be suitable]
+
+Index: openssl-3.0.1/apps/progs.pl
+===================================================================
+--- openssl-3.0.1.orig/apps/progs.pl
++++ openssl-3.0.1/apps/progs.pl
+@@ -21,7 +21,10 @@ die "Unrecognised option, must be -C or
+ my %commands = ();
+ my $cmdre = qr/^\s*int\s+([a-z_][a-z0-9_]*)_main\(\s*int\s+argc\s*,/;
+ my $apps_openssl = shift @ARGV;
+-my $YEAR = [localtime()]->[5] + 1900;
++my $YEAR = [gmtime()]->[5] + 1900;
++if (defined($ENV{SOURCE_DATE_EPOCH}) && $ENV{SOURCE_DATE_EPOCH} !~ /\D/) {
++ $YEAR = [gmtime($ENV{SOURCE_DATE_EPOCH})]->[5] + 1900;
++}
+
+ # because the program apps/openssl has object files as sources, and
+ # they then have the corresponding C files as source, we need to chain
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1n.bb
index 9ea5c4c81f..df13abf54e 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1n.bb
@@ -17,6 +17,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
file://afalg.patch \
file://reproducible.patch \
+ file://reproducibility.patch \
"
SRC_URI_append_class-nativesdk = " \
@@ -28,7 +29,7 @@ SRC_URI_append_riscv32 = " \
file://0004-Fixup-support-for-io_pgetevents_time64-syscall.patch \
"
-SRC_URI[sha256sum] = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1"
+SRC_URI[sha256sum] = "40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a"
inherit lib_package multilib_header multilib_script ptest
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
@@ -203,6 +204,7 @@ do_install_ptest () {
install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps
install -d ${D}${PTEST_PATH}/engines
+ install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines
install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines
# seems to be needed with perl 5.32.1
diff --git a/meta/recipes-connectivity/socat/socat_1.7.4.1.bb b/meta/recipes-connectivity/socat/socat_1.7.4.1.bb
index 5a13af91bc..0a1b65a8ca 100644
--- a/meta/recipes-connectivity/socat/socat_1.7.4.1.bb
+++ b/meta/recipes-connectivity/socat/socat_1.7.4.1.bb
@@ -9,7 +9,7 @@ LICENSE = "GPL-2.0-with-OpenSSL-exception"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://README;beginline=257;endline=287;md5=82520b052f322ac2b5b3dfdc7c7eea86"
-SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \
+SRC_URI = "http://www.dest-unreach.org/socat/download/Archive/socat-${PV}.tar.bz2 \
"
SRC_URI[md5sum] = "36cad050ecf4981ab044c3fbd75c643f"
diff --git a/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb b/meta/recipes-core/busybox/busybox-inittab_1.33.2.bb
index 3804f4f7b2..3804f4f7b2 100644
--- a/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb
+++ b/meta/recipes-core/busybox/busybox-inittab_1.33.2.bb
diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch
new file mode 100644
index 0000000000..c07b53ebfd
--- /dev/null
+++ b/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch
@@ -0,0 +1,3266 @@
+From cf542caeed195af05fa6205341f829ccee53f8c2 Mon Sep 17 00:00:00 2001
+From: Chen Qi <Qi.Chen@windriver.com>
+Date: Tue, 4 Jan 2022 17:48:03 -0800
+Subject: [PATCH] awk: fix CVEs
+
+The awk CVEs is hard to be separated, thus we use the following method
+to format the current patch.
+git rev-list --reverse 1_33_2..1_34_1 -- editors/awk.c | xargs git cherry-pick
+git reset HEAD~66 && git add . && git commit
+
+CVE: CVE-2021-42378
+CVE: CVE-2021-42379
+CVE: CVE-2021-42380
+CVE: CVE-2021-42381
+CVE: CVE-2021-42382
+CVE: CVE-2021-42383
+CVE: CVE-2021-42384
+CVE: CVE-2021-42385
+CVE: CVE-2021-42386
+
+Upstream-Status: Backport
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ editors/awk.c | 2060 +++++++++++++++++++++++-----------------
+ testsuite/awk.tests | 62 +-
+ testsuite/printf.tests | 5 +
+ 3 files changed, 1264 insertions(+), 863 deletions(-)
+
+diff --git a/editors/awk.c b/editors/awk.c
+index 2c15f9e4e..f6314ac72 100644
+--- a/editors/awk.c
++++ b/editors/awk.c
+@@ -66,6 +66,8 @@
+ #endif
+ #ifndef debug_printf_parse
+ # define debug_printf_parse(...) (fprintf(stderr, __VA_ARGS__))
++#else
++# define debug_parse_print_tc(...) ((void)0)
+ #endif
+
+
+@@ -91,7 +93,6 @@ enum {
+ };
+
+ #define MAXVARFMT 240
+-#define MINNVBLOCK 64
+
+ /* variable flags */
+ #define VF_NUMBER 0x0001 /* 1 = primary type is number */
+@@ -101,7 +102,7 @@ enum {
+ #define VF_USER 0x0200 /* 1 = user input (may be numeric string) */
+ #define VF_SPECIAL 0x0400 /* 1 = requires extra handling when changed */
+ #define VF_WALK 0x0800 /* 1 = variable has alloc'd x.walker list */
+-#define VF_FSTR 0x1000 /* 1 = var::string points to fstring buffer */
++#define VF_FSTR 0x1000 /* 1 = don't free() var::string (not malloced, or is owned by something else) */
+ #define VF_CHILD 0x2000 /* 1 = function arg; x.parent points to source */
+ #define VF_DIRTY 0x4000 /* 1 = variable was set explicitly */
+
+@@ -118,8 +119,8 @@ typedef struct walker_list {
+ /* Variable */
+ typedef struct var_s {
+ unsigned type; /* flags */
+- double number;
+ char *string;
++ double number;
+ union {
+ int aidx; /* func arg idx (for compilation stage) */
+ struct xhash_s *array; /* array ptr */
+@@ -138,6 +139,7 @@ typedef struct chain_s {
+ /* Function */
+ typedef struct func_s {
+ unsigned nargs;
++ smallint defined;
+ struct chain_s body;
+ } func;
+
+@@ -177,7 +179,7 @@ typedef struct node_s {
+ struct node_s *n;
+ var *v;
+ int aidx;
+- char *new_progname;
++ const char *new_progname;
+ regex_t *re;
+ } l;
+ union {
+@@ -190,91 +192,120 @@ typedef struct node_s {
+ } a;
+ } node;
+
+-/* Block of temporary variables */
+-typedef struct nvblock_s {
+- int size;
+- var *pos;
+- struct nvblock_s *prev;
+- struct nvblock_s *next;
+- var nv[];
+-} nvblock;
+-
+ typedef struct tsplitter_s {
+ node n;
+ regex_t re[2];
+ } tsplitter;
+
+ /* simple token classes */
+-/* Order and hex values are very important!!! See next_token() */
+-#define TC_SEQSTART (1 << 0) /* ( */
+-#define TC_SEQTERM (1 << 1) /* ) */
+-#define TC_REGEXP (1 << 2) /* /.../ */
+-#define TC_OUTRDR (1 << 3) /* | > >> */
+-#define TC_UOPPOST (1 << 4) /* unary postfix operator */
+-#define TC_UOPPRE1 (1 << 5) /* unary prefix operator */
+-#define TC_BINOPX (1 << 6) /* two-opnd operator */
+-#define TC_IN (1 << 7)
+-#define TC_COMMA (1 << 8)
+-#define TC_PIPE (1 << 9) /* input redirection pipe */
+-#define TC_UOPPRE2 (1 << 10) /* unary prefix operator */
+-#define TC_ARRTERM (1 << 11) /* ] */
+-#define TC_GRPSTART (1 << 12) /* { */
+-#define TC_GRPTERM (1 << 13) /* } */
+-#define TC_SEMICOL (1 << 14)
+-#define TC_NEWLINE (1 << 15)
+-#define TC_STATX (1 << 16) /* ctl statement (for, next...) */
+-#define TC_WHILE (1 << 17)
+-#define TC_ELSE (1 << 18)
+-#define TC_BUILTIN (1 << 19)
++/* order and hex values are very important!!! See next_token() */
++#define TC_LPAREN (1 << 0) /* ( */
++#define TC_RPAREN (1 << 1) /* ) */
++#define TC_REGEXP (1 << 2) /* /.../ */
++#define TC_OUTRDR (1 << 3) /* | > >> */
++#define TC_UOPPOST (1 << 4) /* unary postfix operator ++ -- */
++#define TC_UOPPRE1 (1 << 5) /* unary prefix operator ++ -- $ */
++#define TC_BINOPX (1 << 6) /* two-opnd operator */
++#define TC_IN (1 << 7) /* 'in' */
++#define TC_COMMA (1 << 8) /* , */
++#define TC_PIPE (1 << 9) /* input redirection pipe | */
++#define TC_UOPPRE2 (1 << 10) /* unary prefix operator + - ! */
++#define TC_ARRTERM (1 << 11) /* ] */
++#define TC_LBRACE (1 << 12) /* { */
++#define TC_RBRACE (1 << 13) /* } */
++#define TC_SEMICOL (1 << 14) /* ; */
++#define TC_NEWLINE (1 << 15)
++#define TC_STATX (1 << 16) /* ctl statement (for, next...) */
++#define TC_WHILE (1 << 17) /* 'while' */
++#define TC_ELSE (1 << 18) /* 'else' */
++#define TC_BUILTIN (1 << 19)
+ /* This costs ~50 bytes of code.
+ * A separate class to support deprecated "length" form. If we don't need that
+ * (i.e. if we demand that only "length()" with () is valid), then TC_LENGTH
+ * can be merged with TC_BUILTIN:
+ */
+-#define TC_LENGTH (1 << 20)
+-#define TC_GETLINE (1 << 21)
+-#define TC_FUNCDECL (1 << 22) /* 'function' 'func' */
+-#define TC_BEGIN (1 << 23)
+-#define TC_END (1 << 24)
+-#define TC_EOF (1 << 25)
+-#define TC_VARIABLE (1 << 26)
+-#define TC_ARRAY (1 << 27)
+-#define TC_FUNCTION (1 << 28)
+-#define TC_STRING (1 << 29)
+-#define TC_NUMBER (1 << 30)
+-
+-#define TC_UOPPRE (TC_UOPPRE1 | TC_UOPPRE2)
+-
+-/* combined token classes */
+-#define TC_BINOP (TC_BINOPX | TC_COMMA | TC_PIPE | TC_IN)
+-//#define TC_UNARYOP (TC_UOPPRE | TC_UOPPOST)
+-#define TC_OPERAND (TC_VARIABLE | TC_ARRAY | TC_FUNCTION \
+- | TC_BUILTIN | TC_LENGTH | TC_GETLINE \
+- | TC_SEQSTART | TC_STRING | TC_NUMBER)
+-
+-#define TC_STATEMNT (TC_STATX | TC_WHILE)
+-#define TC_OPTERM (TC_SEMICOL | TC_NEWLINE)
++#define TC_LENGTH (1 << 20) /* 'length' */
++#define TC_GETLINE (1 << 21) /* 'getline' */
++#define TC_FUNCDECL (1 << 22) /* 'function' 'func' */
++#define TC_BEGIN (1 << 23) /* 'BEGIN' */
++#define TC_END (1 << 24) /* 'END' */
++#define TC_EOF (1 << 25)
++#define TC_VARIABLE (1 << 26) /* name */
++#define TC_ARRAY (1 << 27) /* name[ */
++#define TC_FUNCTION (1 << 28) /* name( */
++#define TC_STRING (1 << 29) /* "..." */
++#define TC_NUMBER (1 << 30)
++
++#ifndef debug_parse_print_tc
++static void debug_parse_print_tc(uint32_t n)
++{
++ if (n & TC_LPAREN ) debug_printf_parse(" LPAREN" );
++ if (n & TC_RPAREN ) debug_printf_parse(" RPAREN" );
++ if (n & TC_REGEXP ) debug_printf_parse(" REGEXP" );
++ if (n & TC_OUTRDR ) debug_printf_parse(" OUTRDR" );
++ if (n & TC_UOPPOST ) debug_printf_parse(" UOPPOST" );
++ if (n & TC_UOPPRE1 ) debug_printf_parse(" UOPPRE1" );
++ if (n & TC_BINOPX ) debug_printf_parse(" BINOPX" );
++ if (n & TC_IN ) debug_printf_parse(" IN" );
++ if (n & TC_COMMA ) debug_printf_parse(" COMMA" );
++ if (n & TC_PIPE ) debug_printf_parse(" PIPE" );
++ if (n & TC_UOPPRE2 ) debug_printf_parse(" UOPPRE2" );
++ if (n & TC_ARRTERM ) debug_printf_parse(" ARRTERM" );
++ if (n & TC_LBRACE ) debug_printf_parse(" LBRACE" );
++ if (n & TC_RBRACE ) debug_printf_parse(" RBRACE" );
++ if (n & TC_SEMICOL ) debug_printf_parse(" SEMICOL" );
++ if (n & TC_NEWLINE ) debug_printf_parse(" NEWLINE" );
++ if (n & TC_STATX ) debug_printf_parse(" STATX" );
++ if (n & TC_WHILE ) debug_printf_parse(" WHILE" );
++ if (n & TC_ELSE ) debug_printf_parse(" ELSE" );
++ if (n & TC_BUILTIN ) debug_printf_parse(" BUILTIN" );
++ if (n & TC_LENGTH ) debug_printf_parse(" LENGTH" );
++ if (n & TC_GETLINE ) debug_printf_parse(" GETLINE" );
++ if (n & TC_FUNCDECL) debug_printf_parse(" FUNCDECL");
++ if (n & TC_BEGIN ) debug_printf_parse(" BEGIN" );
++ if (n & TC_END ) debug_printf_parse(" END" );
++ if (n & TC_EOF ) debug_printf_parse(" EOF" );
++ if (n & TC_VARIABLE) debug_printf_parse(" VARIABLE");
++ if (n & TC_ARRAY ) debug_printf_parse(" ARRAY" );
++ if (n & TC_FUNCTION) debug_printf_parse(" FUNCTION");
++ if (n & TC_STRING ) debug_printf_parse(" STRING" );
++ if (n & TC_NUMBER ) debug_printf_parse(" NUMBER" );
++}
++#endif
++
++/* combined token classes ("token [class] sets") */
++#define TS_UOPPRE (TC_UOPPRE1 | TC_UOPPRE2)
++
++#define TS_BINOP (TC_BINOPX | TC_COMMA | TC_PIPE | TC_IN)
++//#define TS_UNARYOP (TS_UOPPRE | TC_UOPPOST)
++#define TS_OPERAND (TC_VARIABLE | TC_ARRAY | TC_FUNCTION \
++ | TC_BUILTIN | TC_LENGTH | TC_GETLINE \
++ | TC_LPAREN | TC_STRING | TC_NUMBER)
++
++#define TS_LVALUE (TC_VARIABLE | TC_ARRAY)
++#define TS_STATEMNT (TC_STATX | TC_WHILE)
+
+ /* word tokens, cannot mean something else if not expected */
+-#define TC_WORD (TC_IN | TC_STATEMNT | TC_ELSE \
+- | TC_BUILTIN | TC_LENGTH | TC_GETLINE \
+- | TC_FUNCDECL | TC_BEGIN | TC_END)
++#define TS_WORD (TC_IN | TS_STATEMNT | TC_ELSE \
++ | TC_BUILTIN | TC_LENGTH | TC_GETLINE \
++ | TC_FUNCDECL | TC_BEGIN | TC_END)
+
+ /* discard newlines after these */
+-#define TC_NOTERM (TC_COMMA | TC_GRPSTART | TC_GRPTERM \
+- | TC_BINOP | TC_OPTERM)
++#define TS_NOTERM (TS_BINOP | TC_COMMA | TC_LBRACE | TC_RBRACE \
++ | TC_SEMICOL | TC_NEWLINE)
+
+ /* what can expression begin with */
+-#define TC_OPSEQ (TC_OPERAND | TC_UOPPRE | TC_REGEXP)
++#define TS_OPSEQ (TS_OPERAND | TS_UOPPRE | TC_REGEXP)
+ /* what can group begin with */
+-#define TC_GRPSEQ (TC_OPSEQ | TC_OPTERM | TC_STATEMNT | TC_GRPSTART)
++#define TS_GRPSEQ (TS_OPSEQ | TS_STATEMNT \
++ | TC_SEMICOL | TC_NEWLINE | TC_LBRACE)
+
+-/* if previous token class is CONCAT1 and next is CONCAT2, concatenation */
++/* if previous token class is CONCAT_L and next is CONCAT_R, concatenation */
+ /* operator is inserted between them */
+-#define TC_CONCAT1 (TC_VARIABLE | TC_ARRTERM | TC_SEQTERM \
++#define TS_CONCAT_L (TC_VARIABLE | TC_ARRTERM | TC_RPAREN \
+ | TC_STRING | TC_NUMBER | TC_UOPPOST \
+ | TC_LENGTH)
+-#define TC_CONCAT2 (TC_OPERAND | TC_UOPPRE)
++#define TS_CONCAT_R (TS_OPERAND | TS_UOPPRE)
+
+ #define OF_RES1 0x010000
+ #define OF_RES2 0x020000
+@@ -284,13 +315,12 @@ typedef struct tsplitter_s {
+ #define OF_CHECKED 0x200000
+ #define OF_REQUIRED 0x400000
+
+-
+ /* combined operator flags */
+ #define xx 0
+ #define xV OF_RES2
+ #define xS (OF_RES2 | OF_STR2)
+ #define Vx OF_RES1
+-#define Rx (OF_RES1 | OF_NUM1 | OF_REQUIRED)
++#define Rx OF_REQUIRED
+ #define VV (OF_RES1 | OF_RES2)
+ #define Nx (OF_RES1 | OF_NUM1)
+ #define NV (OF_RES1 | OF_NUM1 | OF_RES2)
+@@ -302,8 +332,7 @@ typedef struct tsplitter_s {
+ #define OPNMASK 0x007F
+
+ /* operator priority is a highest byte (even: r->l, odd: l->r grouping)
+- * For builtins it has different meaning: n n s3 s2 s1 v3 v2 v1,
+- * n - min. number of args, vN - resolve Nth arg to var, sN - resolve to string
++ * (for builtins it has different meaning)
+ */
+ #undef P
+ #undef PRIMASK
+@@ -313,10 +342,8 @@ typedef struct tsplitter_s {
+ #define PRIMASK2 0x7E000000
+
+ /* Operation classes */
+-
+ #define SHIFT_TIL_THIS 0x0600
+ #define RECUR_FROM_THIS 0x1000
+-
+ enum {
+ OC_DELETE = 0x0100, OC_EXEC = 0x0200, OC_NEWSOURCE = 0x0300,
+ OC_PRINT = 0x0400, OC_PRINTF = 0x0500, OC_WALKINIT = 0x0600,
+@@ -358,8 +385,8 @@ enum {
+ #define NTCC '\377'
+
+ static const char tokenlist[] ALIGN1 =
+- "\1(" NTC /* TC_SEQSTART */
+- "\1)" NTC /* TC_SEQTERM */
++ "\1(" NTC /* TC_LPAREN */
++ "\1)" NTC /* TC_RPAREN */
+ "\1/" NTC /* TC_REGEXP */
+ "\2>>" "\1>" "\1|" NTC /* TC_OUTRDR */
+ "\2++" "\2--" NTC /* TC_UOPPOST */
+@@ -376,8 +403,8 @@ static const char tokenlist[] ALIGN1 =
+ "\1|" NTC /* TC_PIPE */
+ "\1+" "\1-" "\1!" NTC /* TC_UOPPRE2 */
+ "\1]" NTC /* TC_ARRTERM */
+- "\1{" NTC /* TC_GRPSTART */
+- "\1}" NTC /* TC_GRPTERM */
++ "\1{" NTC /* TC_LBRACE */
++ "\1}" NTC /* TC_RBRACE */
+ "\1;" NTC /* TC_SEMICOL */
+ "\1\n" NTC /* TC_NEWLINE */
+ "\2if" "\2do" "\3for" "\5break" /* TC_STATX */
+@@ -391,7 +418,7 @@ static const char tokenlist[] ALIGN1 =
+ "\5close" "\6system" "\6fflush" "\5atan2"
+ "\3cos" "\3exp" "\3int" "\3log"
+ "\4rand" "\3sin" "\4sqrt" "\5srand"
+- "\6gensub" "\4gsub" "\5index" /* "\6length" was here */
++ "\6gensub" "\4gsub" "\5index" /* "\6length" was here */
+ "\5match" "\5split" "\7sprintf" "\3sub"
+ "\6substr" "\7systime" "\10strftime" "\6mktime"
+ "\7tolower" "\7toupper" NTC
+@@ -403,25 +430,32 @@ static const char tokenlist[] ALIGN1 =
+ /* compiler adds trailing "\0" */
+ ;
+
+-#define OC_B OC_BUILTIN
+-
+ static const uint32_t tokeninfo[] ALIGN4 = {
+ 0,
+ 0,
+- OC_REGEXP,
++#define TI_REGEXP OC_REGEXP
++ TI_REGEXP,
+ xS|'a', xS|'w', xS|'|',
+ OC_UNARY|xV|P(9)|'p', OC_UNARY|xV|P(9)|'m',
+- OC_UNARY|xV|P(9)|'P', OC_UNARY|xV|P(9)|'M', OC_FIELD|xV|P(5),
++#define TI_PREINC (OC_UNARY|xV|P(9)|'P')
++#define TI_PREDEC (OC_UNARY|xV|P(9)|'M')
++ TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5),
+ OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(74), OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-',
+ OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&',
+ OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&',
+ OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*',
+ OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1,
+- OC_COMPARE|VV|P(39)|2, OC_MATCH|Sx|P(45)|'!', OC_MATCH|Sx|P(45)|'~', OC_LAND|Vx|P(55),
+- OC_LOR|Vx|P(59), OC_TERNARY|Vx|P(64)|'?', OC_COLON|xx|P(67)|':',
+- OC_IN|SV|P(49), /* TC_IN */
+- OC_COMMA|SS|P(80),
+- OC_PGETLINE|SV|P(37),
++#define TI_LESS (OC_COMPARE|VV|P(39)|2)
++ TI_LESS, OC_MATCH|Sx|P(45)|'!', OC_MATCH|Sx|P(45)|'~', OC_LAND|Vx|P(55),
++#define TI_TERNARY (OC_TERNARY|Vx|P(64)|'?')
++#define TI_COLON (OC_COLON|xx|P(67)|':')
++ OC_LOR|Vx|P(59), TI_TERNARY, TI_COLON,
++#define TI_IN (OC_IN|SV|P(49))
++ TI_IN,
++#define TI_COMMA (OC_COMMA|SS|P(80))
++ TI_COMMA,
++#define TI_PGETLINE (OC_PGETLINE|SV|P(37))
++ TI_PGETLINE,
+ OC_UNARY|xV|P(19)|'+', OC_UNARY|xV|P(19)|'-', OC_UNARY|xV|P(19)|'!',
+ 0, /* ] */
+ 0,
+@@ -434,20 +468,45 @@ static const uint32_t tokeninfo[] ALIGN4 = {
+ OC_RETURN|Vx, OC_EXIT|Nx,
+ ST_WHILE,
+ 0, /* else */
+- OC_B|B_an|P(0x83), OC_B|B_co|P(0x41), OC_B|B_ls|P(0x83), OC_B|B_or|P(0x83),
+- OC_B|B_rs|P(0x83), OC_B|B_xo|P(0x83),
+- OC_FBLTIN|Sx|F_cl, OC_FBLTIN|Sx|F_sy, OC_FBLTIN|Sx|F_ff, OC_B|B_a2|P(0x83),
+- OC_FBLTIN|Nx|F_co, OC_FBLTIN|Nx|F_ex, OC_FBLTIN|Nx|F_in, OC_FBLTIN|Nx|F_lg,
+- OC_FBLTIN|F_rn, OC_FBLTIN|Nx|F_si, OC_FBLTIN|Nx|F_sq, OC_FBLTIN|Nx|F_sr,
+- OC_B|B_ge|P(0xd6), OC_B|B_gs|P(0xb6), OC_B|B_ix|P(0x9b), /* OC_FBLTIN|Sx|F_le, was here */
+- OC_B|B_ma|P(0x89), OC_B|B_sp|P(0x8b), OC_SPRINTF, OC_B|B_su|P(0xb6),
+- OC_B|B_ss|P(0x8f), OC_FBLTIN|F_ti, OC_B|B_ti|P(0x0b), OC_B|B_mt|P(0x0b),
+- OC_B|B_lo|P(0x49), OC_B|B_up|P(0x49),
+- OC_FBLTIN|Sx|F_le, /* TC_LENGTH */
+- OC_GETLINE|SV|P(0),
+- 0, 0,
+- 0,
+- 0 /* TC_END */
++// OC_B's are builtins with enforced minimum number of arguments (two upper bits).
++// Highest byte bit pattern: nn s3s2s1 v3v2v1
++// nn - min. number of args, sN - resolve Nth arg to string, vN - resolve to var
++// OC_F's are builtins with zero or one argument.
++// |Rx| enforces that arg is present for: system, close, cos, sin, exp, int, log, sqrt
++// Check for no args is present in builtins' code (not in this table): rand, systime
++// Have one _optional_ arg: fflush, srand, length
++#define OC_B OC_BUILTIN
++#define OC_F OC_FBLTIN
++#define A1 P(0x40) /*one arg*/
++#define A2 P(0x80) /*two args*/
++#define A3 P(0xc0) /*three args*/
++#define __v P(1)
++#define _vv P(3)
++#define __s__v P(9)
++#define __s_vv P(0x0b)
++#define __svvv P(0x0f)
++#define _ss_vv P(0x1b)
++#define _s_vv_ P(0x16)
++#define ss_vv_ P(0x36)
++ OC_B|B_an|_vv|A2, OC_B|B_co|__v|A1, OC_B|B_ls|_vv|A2, OC_B|B_or|_vv|A2, // and compl lshift or
++ OC_B|B_rs|_vv|A2, OC_B|B_xo|_vv|A2, // rshift xor
++ OC_F|F_cl|Sx|Rx, OC_F|F_sy|Sx|Rx, OC_F|F_ff|Sx, OC_B|B_a2|_vv|A2, // close system fflush atan2
++ OC_F|F_co|Nx|Rx, OC_F|F_ex|Nx|Rx, OC_F|F_in|Nx|Rx, OC_F|F_lg|Nx|Rx, // cos exp int log
++ OC_F|F_rn, OC_F|F_si|Nx|Rx, OC_F|F_sq|Nx|Rx, OC_F|F_sr|Nx, // rand sin sqrt srand
++ OC_B|B_ge|_s_vv_|A3,OC_B|B_gs|ss_vv_|A2,OC_B|B_ix|_ss_vv|A2, // gensub gsub index /*length was here*/
++ OC_B|B_ma|__s__v|A2,OC_B|B_sp|__s_vv|A2,OC_SPRINTF, OC_B|B_su|ss_vv_|A2,// match split sprintf sub
++ OC_B|B_ss|__svvv|A2,OC_F|F_ti, OC_B|B_ti|__s_vv, OC_B|B_mt|__s_vv, // substr systime strftime mktime
++ OC_B|B_lo|__s__v|A1,OC_B|B_up|__s__v|A1, // tolower toupper
++ OC_F|F_le|Sx, // length
++ OC_GETLINE|SV, // getline
++ 0, 0, // func function
++ 0, // BEGIN
++ 0 // END
++#undef A1
++#undef A2
++#undef A3
++#undef OC_B
++#undef OC_F
+ };
+
+ /* internal variable names and their initial values */
+@@ -488,21 +547,29 @@ struct globals {
+ chain *seq;
+ node *break_ptr, *continue_ptr;
+ rstream *iF;
+- xhash *vhash, *ahash, *fdhash, *fnhash;
++ xhash *ahash; /* argument names, used only while parsing function bodies */
++ xhash *fnhash; /* function names, used only in parsing stage */
++ xhash *vhash; /* variables and arrays */
++ //xhash *fdhash; /* file objects, used only in execution stage */
++ //we are reusing ahash as fdhash, via define (see later)
+ const char *g_progname;
+ int g_lineno;
+ int nfields;
+ int maxfields; /* used in fsrealloc() only */
+ var *Fields;
+- nvblock *g_cb;
+ char *g_pos;
+- char *g_buf;
++ char g_saved_ch;
+ smallint icase;
+ smallint exiting;
+ smallint nextrec;
+ smallint nextfile;
+ smallint is_f0_split;
+ smallint t_rollback;
++
++ /* former statics from various functions */
++ smallint next_token__concat_inserted;
++ uint32_t next_token__save_tclass;
++ uint32_t next_token__save_info;
+ };
+ struct globals2 {
+ uint32_t t_info; /* often used */
+@@ -515,32 +582,35 @@ struct globals2 {
+ /* former statics from various functions */
+ char *split_f0__fstrings;
+
+- uint32_t next_token__save_tclass;
+- uint32_t next_token__save_info;
+- uint32_t next_token__ltclass;
+- smallint next_token__concat_inserted;
+-
+- smallint next_input_file__files_happen;
+ rstream next_input_file__rsm;
++ smallint next_input_file__files_happen;
++
++ smalluint exitcode;
+
+- var *evaluate__fnargs;
+ unsigned evaluate__seed;
++ var *evaluate__fnargs;
+ regex_t evaluate__sreg;
+
+- var ptest__v;
++ var ptest__tmpvar;
++ var awk_printf__tmpvar;
++ var as_regex__tmpvar;
++ var exit__tmpvar;
++ var main__tmpvar;
+
+ tsplitter exec_builtin__tspl;
+
+ /* biggest and least used members go last */
+ tsplitter fsplitter, rsplitter;
++
++ char g_buf[MAXVARFMT + 1];
+ };
+ #define G1 (ptr_to_globals[-1])
+ #define G (*(struct globals2 *)ptr_to_globals)
+ /* For debug. nm --size-sort awk.o | grep -vi ' [tr] ' */
+-/*char G1size[sizeof(G1)]; - 0x74 */
+-/*char Gsize[sizeof(G)]; - 0x1c4 */
++//char G1size[sizeof(G1)]; // 0x70
++//char Gsize[sizeof(G)]; // 0x2f8
+ /* Trying to keep most of members accessible with short offsets: */
+-/*char Gofs_seed[offsetof(struct globals2, evaluate__seed)]; - 0x90 */
++//char Gofs_seed[offsetof(struct globals2, evaluate__seed)]; // 0x7c
+ #define t_double (G1.t_double )
+ #define beginseq (G1.beginseq )
+ #define mainseq (G1.mainseq )
+@@ -549,18 +619,20 @@ struct globals2 {
+ #define break_ptr (G1.break_ptr )
+ #define continue_ptr (G1.continue_ptr)
+ #define iF (G1.iF )
+-#define vhash (G1.vhash )
+ #define ahash (G1.ahash )
+-#define fdhash (G1.fdhash )
+ #define fnhash (G1.fnhash )
++#define vhash (G1.vhash )
++#define fdhash ahash
++//^^^^^^^^^^^^^^^^^^ ahash is cleared after every function parsing,
++// and ends up empty after parsing phase. Thus, we can simply reuse it
++// for fdhash in execution stage.
+ #define g_progname (G1.g_progname )
+ #define g_lineno (G1.g_lineno )
+ #define nfields (G1.nfields )
+ #define maxfields (G1.maxfields )
+ #define Fields (G1.Fields )
+-#define g_cb (G1.g_cb )
+ #define g_pos (G1.g_pos )
+-#define g_buf (G1.g_buf )
++#define g_saved_ch (G1.g_saved_ch )
+ #define icase (G1.icase )
+ #define exiting (G1.exiting )
+ #define nextrec (G1.nextrec )
+@@ -574,25 +646,13 @@ struct globals2 {
+ #define intvar (G.intvar )
+ #define fsplitter (G.fsplitter )
+ #define rsplitter (G.rsplitter )
++#define g_buf (G.g_buf )
+ #define INIT_G() do { \
+ SET_PTR_TO_GLOBALS((char*)xzalloc(sizeof(G1)+sizeof(G)) + sizeof(G1)); \
+- G.next_token__ltclass = TC_OPTERM; \
++ t_tclass = TC_NEWLINE; \
+ G.evaluate__seed = 1; \
+ } while (0)
+
+-
+-/* function prototypes */
+-static void handle_special(var *);
+-static node *parse_expr(uint32_t);
+-static void chain_group(void);
+-static var *evaluate(node *, var *);
+-static rstream *next_input_file(void);
+-static int fmt_num(char *, int, const char *, double, int);
+-static int awk_exit(int) NORETURN;
+-
+-/* ---- error handling ---- */
+-
+-static const char EMSG_INTERNAL_ERROR[] ALIGN1 = "Internal error";
+ static const char EMSG_UNEXP_EOS[] ALIGN1 = "Unexpected end of string";
+ static const char EMSG_UNEXP_TOKEN[] ALIGN1 = "Unexpected token";
+ static const char EMSG_DIV_BY_ZERO[] ALIGN1 = "Division by zero";
+@@ -604,10 +664,7 @@ static const char EMSG_UNDEF_FUNC[] ALIGN1 = "Call to undefined function";
+ static const char EMSG_NO_MATH[] ALIGN1 = "Math support is not compiled in";
+ static const char EMSG_NEGATIVE_FIELD[] ALIGN1 = "Access to negative field";
+
+-static void zero_out_var(var *vp)
+-{
+- memset(vp, 0, sizeof(*vp));
+-}
++static int awk_exit(void) NORETURN;
+
+ static void syntax_error(const char *message) NORETURN;
+ static void syntax_error(const char *message)
+@@ -638,12 +695,40 @@ static xhash *hash_init(void)
+ return newhash;
+ }
+
++static void hash_clear(xhash *hash)
++{
++ unsigned i;
++ hash_item *hi, *thi;
++
++ for (i = 0; i < hash->csize; i++) {
++ hi = hash->items[i];
++ while (hi) {
++ thi = hi;
++ hi = hi->next;
++//FIXME: this assumes that it's a hash of *variables*:
++ free(thi->data.v.string);
++ free(thi);
++ }
++ hash->items[i] = NULL;
++ }
++ hash->glen = hash->nel = 0;
++}
++
++#if 0 //UNUSED
++static void hash_free(xhash *hash)
++{
++ hash_clear(hash);
++ free(hash->items);
++ free(hash);
++}
++#endif
++
+ /* find item in hash, return ptr to data, NULL if not found */
+-static void *hash_search(xhash *hash, const char *name)
++static NOINLINE void *hash_search3(xhash *hash, const char *name, unsigned idx)
+ {
+ hash_item *hi;
+
+- hi = hash->items[hashidx(name) % hash->csize];
++ hi = hash->items[idx % hash->csize];
+ while (hi) {
+ if (strcmp(hi->name, name) == 0)
+ return &hi->data;
+@@ -652,6 +737,11 @@ static void *hash_search(xhash *hash, const char *name)
+ return NULL;
+ }
+
++static void *hash_search(xhash *hash, const char *name)
++{
++ return hash_search3(hash, name, hashidx(name));
++}
++
+ /* grow hash if it becomes too big */
+ static void hash_rebuild(xhash *hash)
+ {
+@@ -687,16 +777,17 @@ static void *hash_find(xhash *hash, const char *name)
+ unsigned idx;
+ int l;
+
+- hi = hash_search(hash, name);
++ idx = hashidx(name);
++ hi = hash_search3(hash, name, idx);
+ if (!hi) {
+- if (++hash->nel / hash->csize > 10)
++ if (++hash->nel > hash->csize * 8)
+ hash_rebuild(hash);
+
+ l = strlen(name) + 1;
+ hi = xzalloc(sizeof(*hi) + l);
+ strcpy(hi->name, name);
+
+- idx = hashidx(name) % hash->csize;
++ idx = idx % hash->csize;
+ hi->next = hash->items[idx];
+ hash->items[idx] = hi;
+ hash->glen += l;
+@@ -731,7 +822,7 @@ static void hash_remove(xhash *hash, const char *name)
+
+ static char *skip_spaces(char *p)
+ {
+- while (1) {
++ for (;;) {
+ if (*p == '\\' && p[1] == '\n') {
+ p++;
+ t_lineno++;
+@@ -747,8 +838,10 @@ static char *skip_spaces(char *p)
+ static char *nextword(char **s)
+ {
+ char *p = *s;
+- while (*(*s)++ != '\0')
++ char *q = p;
++ while (*q++ != '\0')
+ continue;
++ *s = q;
+ return p;
+ }
+
+@@ -811,10 +904,27 @@ static double my_strtod(char **pp)
+
+ /* -------- working with variables (set/get/copy/etc) -------- */
+
+-static xhash *iamarray(var *v)
++static void fmt_num(const char *format, double n)
+ {
+- var *a = v;
++ if (n == (long long)n) {
++ snprintf(g_buf, MAXVARFMT, "%lld", (long long)n);
++ } else {
++ const char *s = format;
++ char c;
++
++ do { c = *s; } while (c && *++s);
++ if (strchr("diouxX", c)) {
++ snprintf(g_buf, MAXVARFMT, format, (int)n);
++ } else if (strchr("eEfFgGaA", c)) {
++ snprintf(g_buf, MAXVARFMT, format, n);
++ } else {
++ syntax_error(EMSG_INV_FMT);
++ }
++ }
++}
+
++static xhash *iamarray(var *a)
++{
+ while (a->type & VF_CHILD)
+ a = a->x.parent;
+
+@@ -825,23 +935,7 @@ static xhash *iamarray(var *v)
+ return a->x.array;
+ }
+
+-static void clear_array(xhash *array)
+-{
+- unsigned i;
+- hash_item *hi, *thi;
+-
+- for (i = 0; i < array->csize; i++) {
+- hi = array->items[i];
+- while (hi) {
+- thi = hi;
+- hi = hi->next;
+- free(thi->data.v.string);
+- free(thi);
+- }
+- array->items[i] = NULL;
+- }
+- array->glen = array->nel = 0;
+-}
++#define clear_array(array) hash_clear(array)
+
+ /* clear a variable */
+ static var *clrvar(var *v)
+@@ -855,6 +949,8 @@ static var *clrvar(var *v)
+ return v;
+ }
+
++static void handle_special(var *);
++
+ /* assign string value to variable */
+ static var *setvar_p(var *v, char *value)
+ {
+@@ -901,7 +997,7 @@ static const char *getvar_s(var *v)
+ {
+ /* if v is numeric and has no cached string, convert it to string */
+ if ((v->type & (VF_NUMBER | VF_CACHED)) == VF_NUMBER) {
+- fmt_num(g_buf, MAXVARFMT, getvar_s(intvar[CONVFMT]), v->number, TRUE);
++ fmt_num(getvar_s(intvar[CONVFMT]), v->number);
+ v->string = xstrdup(g_buf);
+ v->type |= VF_CACHED;
+ }
+@@ -920,6 +1016,7 @@ static double getvar_i(var *v)
+ v->number = my_strtod(&s);
+ debug_printf_eval("%f (s:'%s')\n", v->number, s);
+ if (v->type & VF_USER) {
++//TODO: skip_spaces() also skips backslash+newline, is it intended here?
+ s = skip_spaces(s);
+ if (*s != '\0')
+ v->type &= ~VF_USER;
+@@ -981,94 +1078,28 @@ static int istrue(var *v)
+ return (v->string && v->string[0]);
+ }
+
+-/* temporary variables allocator. Last allocated should be first freed */
+-static var *nvalloc(int n)
+-{
+- nvblock *pb = NULL;
+- var *v, *r;
+- int size;
+-
+- while (g_cb) {
+- pb = g_cb;
+- if ((g_cb->pos - g_cb->nv) + n <= g_cb->size)
+- break;
+- g_cb = g_cb->next;
+- }
+-
+- if (!g_cb) {
+- size = (n <= MINNVBLOCK) ? MINNVBLOCK : n;
+- g_cb = xzalloc(sizeof(nvblock) + size * sizeof(var));
+- g_cb->size = size;
+- g_cb->pos = g_cb->nv;
+- g_cb->prev = pb;
+- /*g_cb->next = NULL; - xzalloc did it */
+- if (pb)
+- pb->next = g_cb;
+- }
+-
+- v = r = g_cb->pos;
+- g_cb->pos += n;
+-
+- while (v < g_cb->pos) {
+- v->type = 0;
+- v->string = NULL;
+- v++;
+- }
+-
+- return r;
+-}
+-
+-static void nvfree(var *v)
+-{
+- var *p;
+-
+- if (v < g_cb->nv || v >= g_cb->pos)
+- syntax_error(EMSG_INTERNAL_ERROR);
+-
+- for (p = v; p < g_cb->pos; p++) {
+- if ((p->type & (VF_ARRAY | VF_CHILD)) == VF_ARRAY) {
+- clear_array(iamarray(p));
+- free(p->x.array->items);
+- free(p->x.array);
+- }
+- if (p->type & VF_WALK) {
+- walker_list *n;
+- walker_list *w = p->x.walker;
+- debug_printf_walker("nvfree: freeing walker @%p\n", &p->x.walker);
+- p->x.walker = NULL;
+- while (w) {
+- n = w->prev;
+- debug_printf_walker(" free(%p)\n", w);
+- free(w);
+- w = n;
+- }
+- }
+- clrvar(p);
+- }
+-
+- g_cb->pos = v;
+- while (g_cb->prev && g_cb->pos == g_cb->nv) {
+- g_cb = g_cb->prev;
+- }
+-}
+-
+ /* ------- awk program text parsing ------- */
+
+-/* Parse next token pointed by global pos, place results into global ttt.
+- * If token isn't expected, give away. Return token class
++/* Parse next token pointed by global pos, place results into global t_XYZ variables.
++ * If token isn't expected, print error message and die.
++ * Return token class (also store it in t_tclass).
+ */
+ static uint32_t next_token(uint32_t expected)
+ {
+-#define concat_inserted (G.next_token__concat_inserted)
+-#define save_tclass (G.next_token__save_tclass)
+-#define save_info (G.next_token__save_info)
+-/* Initialized to TC_OPTERM: */
+-#define ltclass (G.next_token__ltclass)
++#define concat_inserted (G1.next_token__concat_inserted)
++#define save_tclass (G1.next_token__save_tclass)
++#define save_info (G1.next_token__save_info)
+
+- char *p, *s;
++ char *p;
+ const char *tl;
+- uint32_t tc;
+ const uint32_t *ti;
++ uint32_t tc, last_token_class;
++
++ last_token_class = t_tclass; /* t_tclass is initialized to TC_NEWLINE */
++
++ debug_printf_parse("%s() expected(%x):", __func__, expected);
++ debug_parse_print_tc(expected);
++ debug_printf_parse("\n");
+
+ if (t_rollback) {
+ debug_printf_parse("%s: using rolled-back token\n", __func__);
+@@ -1080,6 +1111,10 @@ static uint32_t next_token(uint32_t expected)
+ t_info = save_info;
+ } else {
+ p = g_pos;
++ if (g_saved_ch != '\0') {
++ *p = g_saved_ch;
++ g_saved_ch = '\0';
++ }
+ readnext:
+ p = skip_spaces(p);
+ g_lineno = t_lineno;
+@@ -1087,15 +1122,12 @@ static uint32_t next_token(uint32_t expected)
+ while (*p != '\n' && *p != '\0')
+ p++;
+
+- if (*p == '\n')
+- t_lineno++;
+-
+ if (*p == '\0') {
+ tc = TC_EOF;
+ debug_printf_parse("%s: token found: TC_EOF\n", __func__);
+ } else if (*p == '\"') {
+ /* it's a string */
+- t_string = s = ++p;
++ char *s = t_string = ++p;
+ while (*p != '\"') {
+ char *pp;
+ if (*p == '\0' || *p == '\n')
+@@ -1110,7 +1142,7 @@ static uint32_t next_token(uint32_t expected)
+ debug_printf_parse("%s: token found:'%s' TC_STRING\n", __func__, t_string);
+ } else if ((expected & TC_REGEXP) && *p == '/') {
+ /* it's regexp */
+- t_string = s = ++p;
++ char *s = t_string = ++p;
+ while (*p != '/') {
+ if (*p == '\0' || *p == '\n')
+ syntax_error(EMSG_UNEXP_EOS);
+@@ -1141,6 +1173,11 @@ static uint32_t next_token(uint32_t expected)
+ tc = TC_NUMBER;
+ debug_printf_parse("%s: token found:%f TC_NUMBER\n", __func__, t_double);
+ } else {
++ char *end_of_name;
++
++ if (*p == '\n')
++ t_lineno++;
++
+ /* search for something known */
+ tl = tokenlist;
+ tc = 0x00000001;
+@@ -1155,9 +1192,9 @@ static uint32_t next_token(uint32_t expected)
+ * token matches,
+ * and it's not a longer word,
+ */
+- if ((tc & (expected | TC_WORD | TC_NEWLINE))
++ if ((tc & (expected | TS_WORD | TC_NEWLINE))
+ && strncmp(p, tl, l) == 0
+- && !((tc & TC_WORD) && isalnum_(p[l]))
++ && !((tc & TS_WORD) && isalnum_(p[l]))
+ ) {
+ /* then this is what we are looking for */
+ t_info = *ti;
+@@ -1174,67 +1211,94 @@ static uint32_t next_token(uint32_t expected)
+ if (!isalnum_(*p))
+ syntax_error(EMSG_UNEXP_TOKEN); /* no */
+ /* yes */
+- t_string = --p;
+- while (isalnum_(*++p)) {
+- p[-1] = *p;
+- }
+- p[-1] = '\0';
+- tc = TC_VARIABLE;
+- /* also consume whitespace between functionname and bracket */
+- if (!(expected & TC_VARIABLE) || (expected & TC_ARRAY))
++ t_string = p;
++ while (isalnum_(*p))
++ p++;
++ end_of_name = p;
++
++ if (last_token_class == TC_FUNCDECL)
++ /* eat space in "function FUNC (...) {...}" declaration */
+ p = skip_spaces(p);
++ else if (expected & TC_ARRAY) {
++ /* eat space between array name and [ */
++ char *s = skip_spaces(p);
++ if (*s == '[') /* array ref, not just a name? */
++ p = s;
++ }
++ /* else: do NOT consume whitespace after variable name!
++ * gawk allows definition "function FUNC (p) {...}" - note space,
++ * but disallows the call "FUNC (p)" because it isn't one -
++ * expression "v (a)" should NOT be parsed as TC_FUNCTION:
++ * it is a valid concatenation if "v" is a variable,
++ * not a function name (and type of name is not known at parse time).
++ */
++
+ if (*p == '(') {
++ p++;
+ tc = TC_FUNCTION;
+ debug_printf_parse("%s: token found:'%s' TC_FUNCTION\n", __func__, t_string);
++ } else if (*p == '[') {
++ p++;
++ tc = TC_ARRAY;
++ debug_printf_parse("%s: token found:'%s' TC_ARRAY\n", __func__, t_string);
+ } else {
+- if (*p == '[') {
+- p++;
+- tc = TC_ARRAY;
+- debug_printf_parse("%s: token found:'%s' TC_ARRAY\n", __func__, t_string);
+- } else
+- debug_printf_parse("%s: token found:'%s' TC_VARIABLE\n", __func__, t_string);
++ tc = TC_VARIABLE;
++ debug_printf_parse("%s: token found:'%s' TC_VARIABLE\n", __func__, t_string);
++ if (end_of_name == p) {
++ /* there is no space for trailing NUL in t_string!
++ * We need to save the char we are going to NUL.
++ * (we'll use it in future call to next_token())
++ */
++ g_saved_ch = *end_of_name;
++// especially pathological example is V="abc"; V.2 - it's V concatenated to .2
++// (it evaluates to "abc0.2"). Because of this case, we can't simply cache
++// '.' and analyze it later: we also have to *store it back* in next
++// next_token(), in order to give my_strtod() the undamaged ".2" string.
++ }
+ }
++ *end_of_name = '\0'; /* terminate t_string */
+ }
+ token_found:
+ g_pos = p;
+
+ /* skipping newlines in some cases */
+- if ((ltclass & TC_NOTERM) && (tc & TC_NEWLINE))
++ if ((last_token_class & TS_NOTERM) && (tc & TC_NEWLINE))
+ goto readnext;
+
+ /* insert concatenation operator when needed */
+- debug_printf_parse("%s: %x %x %x concat_inserted?\n", __func__,
+- (ltclass & TC_CONCAT1), (tc & TC_CONCAT2), (expected & TC_BINOP));
+- if ((ltclass & TC_CONCAT1) && (tc & TC_CONCAT2) && (expected & TC_BINOP)
+- && !(ltclass == TC_LENGTH && tc == TC_SEQSTART) /* but not for "length(..." */
++ debug_printf_parse("%s: concat_inserted if all nonzero: %x %x %x %x\n", __func__,
++ (last_token_class & TS_CONCAT_L), (tc & TS_CONCAT_R), (expected & TS_BINOP),
++ !(last_token_class == TC_LENGTH && tc == TC_LPAREN));
++ if ((last_token_class & TS_CONCAT_L) && (tc & TS_CONCAT_R) && (expected & TS_BINOP)
++ && !(last_token_class == TC_LENGTH && tc == TC_LPAREN) /* but not for "length(..." */
+ ) {
+ concat_inserted = TRUE;
+ save_tclass = tc;
+ save_info = t_info;
+- tc = TC_BINOP;
++ tc = TC_BINOPX;
+ t_info = OC_CONCAT | SS | P(35);
+ }
+
+- debug_printf_parse("%s: t_tclass=tc=%x\n", __func__, t_tclass);
+ t_tclass = tc;
++ debug_printf_parse("%s: t_tclass=tc=%x\n", __func__, tc);
+ }
+- ltclass = t_tclass;
+-
+ /* Are we ready for this? */
+- if (!(ltclass & expected)) {
+- syntax_error((ltclass & (TC_NEWLINE | TC_EOF)) ?
++ if (!(t_tclass & expected)) {
++ syntax_error((last_token_class & (TC_NEWLINE | TC_EOF)) ?
+ EMSG_UNEXP_EOS : EMSG_UNEXP_TOKEN);
+ }
+
+- debug_printf_parse("%s: returning, ltclass:%x t_double:%f\n", __func__, ltclass, t_double);
+- return ltclass;
++ debug_printf_parse("%s: returning, t_double:%f t_tclass:", __func__, t_double);
++ debug_parse_print_tc(t_tclass);
++ debug_printf_parse("\n");
++
++ return t_tclass;
+ #undef concat_inserted
+ #undef save_tclass
+ #undef save_info
+-#undef ltclass
+ }
+
+-static void rollback_token(void)
++static ALWAYS_INLINE void rollback_token(void)
+ {
+ t_rollback = TRUE;
+ }
+@@ -1251,169 +1315,188 @@ static node *new_node(uint32_t info)
+
+ static void mk_re_node(const char *s, node *n, regex_t *re)
+ {
+- n->info = OC_REGEXP;
++ n->info = TI_REGEXP;
+ n->l.re = re;
+ n->r.ire = re + 1;
+ xregcomp(re, s, REG_EXTENDED);
+ xregcomp(re + 1, s, REG_EXTENDED | REG_ICASE);
+ }
+
+-static node *condition(void)
++static node *parse_expr(uint32_t);
++
++static node *parse_lrparen_list(void)
+ {
+- next_token(TC_SEQSTART);
+- return parse_expr(TC_SEQTERM);
++ next_token(TC_LPAREN);
++ return parse_expr(TC_RPAREN);
+ }
+
+ /* parse expression terminated by given argument, return ptr
+ * to built subtree. Terminator is eaten by parse_expr */
+-static node *parse_expr(uint32_t iexp)
++static node *parse_expr(uint32_t term_tc)
+ {
+ node sn;
+ node *cn = &sn;
+ node *vn, *glptr;
+- uint32_t tc, xtc;
++ uint32_t tc, expected_tc;
+ var *v;
+
+- debug_printf_parse("%s(%x)\n", __func__, iexp);
++ debug_printf_parse("%s() term_tc(%x):", __func__, term_tc);
++ debug_parse_print_tc(term_tc);
++ debug_printf_parse("\n");
+
+ sn.info = PRIMASK;
+ sn.r.n = sn.a.n = glptr = NULL;
+- xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP | iexp;
++ expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP | term_tc;
+
+- while (!((tc = next_token(xtc)) & iexp)) {
++ while (!((tc = next_token(expected_tc)) & term_tc)) {
+
+- if (glptr && (t_info == (OC_COMPARE | VV | P(39) | 2))) {
++ if (glptr && (t_info == TI_LESS)) {
+ /* input redirection (<) attached to glptr node */
+ debug_printf_parse("%s: input redir\n", __func__);
+ cn = glptr->l.n = new_node(OC_CONCAT | SS | P(37));
+ cn->a.n = glptr;
+- xtc = TC_OPERAND | TC_UOPPRE;
++ expected_tc = TS_OPERAND | TS_UOPPRE;
+ glptr = NULL;
+-
+- } else if (tc & (TC_BINOP | TC_UOPPOST)) {
+- debug_printf_parse("%s: TC_BINOP | TC_UOPPOST tc:%x\n", __func__, tc);
++ continue;
++ }
++ if (tc & (TS_BINOP | TC_UOPPOST)) {
++ debug_printf_parse("%s: TS_BINOP | TC_UOPPOST tc:%x\n", __func__, tc);
+ /* for binary and postfix-unary operators, jump back over
+ * previous operators with higher priority */
+ vn = cn;
+ while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2))
+- || ((t_info == vn->info) && ((t_info & OPCLSMASK) == OC_COLON))
++ || ((t_info == vn->info) && t_info == TI_COLON)
+ ) {
+ vn = vn->a.n;
+ if (!vn->a.n) syntax_error(EMSG_UNEXP_TOKEN);
+ }
+- if ((t_info & OPCLSMASK) == OC_TERNARY)
++ if (t_info == TI_TERNARY)
++//TODO: why?
+ t_info += P(6);
+ cn = vn->a.n->r.n = new_node(t_info);
+ cn->a.n = vn->a.n;
+- if (tc & TC_BINOP) {
++ if (tc & TS_BINOP) {
+ cn->l.n = vn;
+- xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP;
+- if ((t_info & OPCLSMASK) == OC_PGETLINE) {
++//FIXME: this is the place to detect and reject assignments to non-lvalues.
++//Currently we allow "assignments" to consts and temporaries, nonsense like this:
++// awk 'BEGIN { "qwe" = 1 }'
++// awk 'BEGIN { 7 *= 7 }'
++// awk 'BEGIN { length("qwe") = 1 }'
++// awk 'BEGIN { (1+1) += 3 }'
++ expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP;
++ if (t_info == TI_PGETLINE) {
+ /* it's a pipe */
+ next_token(TC_GETLINE);
+ /* give maximum priority to this pipe */
+ cn->info &= ~PRIMASK;
+- xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp;
++ expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc;
+ }
+ } else {
+ cn->r.n = vn;
+- xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp;
++ expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc;
+ }
+ vn->a.n = cn;
++ continue;
++ }
+
+- } else {
+- debug_printf_parse("%s: other\n", __func__);
+- /* for operands and prefix-unary operators, attach them
+- * to last node */
+- vn = cn;
+- cn = vn->r.n = new_node(t_info);
+- cn->a.n = vn;
+- xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP;
+- if (tc & (TC_OPERAND | TC_REGEXP)) {
+- debug_printf_parse("%s: TC_OPERAND | TC_REGEXP\n", __func__);
+- xtc = TC_UOPPRE | TC_UOPPOST | TC_BINOP | TC_OPERAND | iexp;
+- /* one should be very careful with switch on tclass -
+- * only simple tclasses should be used! */
+- switch (tc) {
+- case TC_VARIABLE:
+- case TC_ARRAY:
+- debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__);
+- cn->info = OC_VAR;
+- v = hash_search(ahash, t_string);
+- if (v != NULL) {
+- cn->info = OC_FNARG;
+- cn->l.aidx = v->x.aidx;
+- } else {
+- cn->l.v = newvar(t_string);
+- }
+- if (tc & TC_ARRAY) {
+- cn->info |= xS;
+- cn->r.n = parse_expr(TC_ARRTERM);
+- }
+- break;
++ debug_printf_parse("%s: other, t_info:%x\n", __func__, t_info);
++ /* for operands and prefix-unary operators, attach them
++ * to last node */
++ vn = cn;
++ cn = vn->r.n = new_node(t_info);
++ cn->a.n = vn;
+
+- case TC_NUMBER:
+- case TC_STRING:
+- debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__);
+- cn->info = OC_VAR;
+- v = cn->l.v = xzalloc(sizeof(var));
+- if (tc & TC_NUMBER)
+- setvar_i(v, t_double);
+- else {
+- setvar_s(v, t_string);
+- xtc &= ~TC_UOPPOST; /* "str"++ is not allowed */
+- }
+- break;
++ expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP;
++ if (t_info == TI_PREINC || t_info == TI_PREDEC)
++ expected_tc = TS_LVALUE | TC_UOPPRE1;
+
+- case TC_REGEXP:
+- debug_printf_parse("%s: TC_REGEXP\n", __func__);
+- mk_re_node(t_string, cn, xzalloc(sizeof(regex_t)*2));
+- break;
++ if (!(tc & (TS_OPERAND | TC_REGEXP)))
++ continue;
+
+- case TC_FUNCTION:
+- debug_printf_parse("%s: TC_FUNCTION\n", __func__);
+- cn->info = OC_FUNC;
+- cn->r.f = newfunc(t_string);
+- cn->l.n = condition();
+- break;
++ debug_printf_parse("%s: TS_OPERAND | TC_REGEXP\n", __func__);
++ expected_tc = TS_UOPPRE | TC_UOPPOST | TS_BINOP | TS_OPERAND | term_tc;
++ /* one should be very careful with switch on tclass -
++ * only simple tclasses should be used (TC_xyz, not TS_xyz) */
++ switch (tc) {
++ case TC_VARIABLE:
++ case TC_ARRAY:
++ debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__);
++ cn->info = OC_VAR;
++ v = hash_search(ahash, t_string);
++ if (v != NULL) {
++ cn->info = OC_FNARG;
++ cn->l.aidx = v->x.aidx;
++ } else {
++ cn->l.v = newvar(t_string);
++ }
++ if (tc & TC_ARRAY) {
++ cn->info |= xS;
++ cn->r.n = parse_expr(TC_ARRTERM);
++ }
++ break;
+
+- case TC_SEQSTART:
+- debug_printf_parse("%s: TC_SEQSTART\n", __func__);
+- cn = vn->r.n = parse_expr(TC_SEQTERM);
+- if (!cn)
+- syntax_error("Empty sequence");
+- cn->a.n = vn;
+- break;
++ case TC_NUMBER:
++ case TC_STRING:
++ debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__);
++ cn->info = OC_VAR;
++ v = cn->l.v = xzalloc(sizeof(var));
++ if (tc & TC_NUMBER)
++ setvar_i(v, t_double);
++ else {
++ setvar_s(v, t_string);
++ expected_tc &= ~TC_UOPPOST; /* "str"++ is not allowed */
++ }
++ break;
+
+- case TC_GETLINE:
+- debug_printf_parse("%s: TC_GETLINE\n", __func__);
+- glptr = cn;
+- xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp;
+- break;
++ case TC_REGEXP:
++ debug_printf_parse("%s: TC_REGEXP\n", __func__);
++ mk_re_node(t_string, cn, xzalloc(sizeof(regex_t)*2));
++ break;
+
+- case TC_BUILTIN:
+- debug_printf_parse("%s: TC_BUILTIN\n", __func__);
+- cn->l.n = condition();
+- break;
++ case TC_FUNCTION:
++ debug_printf_parse("%s: TC_FUNCTION\n", __func__);
++ cn->info = OC_FUNC;
++ cn->r.f = newfunc(t_string);
++ cn->l.n = parse_expr(TC_RPAREN);
++ break;
+
+- case TC_LENGTH:
+- debug_printf_parse("%s: TC_LENGTH\n", __func__);
+- next_token(TC_SEQSTART /* length(...) */
+- | TC_OPTERM /* length; (or newline)*/
+- | TC_GRPTERM /* length } */
+- | TC_BINOPX /* length <op> NUM */
+- | TC_COMMA /* print length, 1 */
+- );
+- rollback_token();
+- if (t_tclass & TC_SEQSTART) {
+- /* It was a "(" token. Handle just like TC_BUILTIN */
+- cn->l.n = condition();
+- }
+- break;
+- }
++ case TC_LPAREN:
++ debug_printf_parse("%s: TC_LPAREN\n", __func__);
++ cn = vn->r.n = parse_expr(TC_RPAREN);
++ if (!cn)
++ syntax_error("Empty sequence");
++ cn->a.n = vn;
++ break;
++
++ case TC_GETLINE:
++ debug_printf_parse("%s: TC_GETLINE\n", __func__);
++ glptr = cn;
++ expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc;
++ break;
++
++ case TC_BUILTIN:
++ debug_printf_parse("%s: TC_BUILTIN\n", __func__);
++ cn->l.n = parse_lrparen_list();
++ break;
++
++ case TC_LENGTH:
++ debug_printf_parse("%s: TC_LENGTH\n", __func__);
++ tc = next_token(TC_LPAREN /* length(...) */
++ | TC_SEMICOL /* length; */
++ | TC_NEWLINE /* length<newline> */
++ | TC_RBRACE /* length } */
++ | TC_BINOPX /* length <op> NUM */
++ | TC_COMMA /* print length, 1 */
++ );
++ if (tc != TC_LPAREN)
++ rollback_token();
++ else {
++ /* It was a "(" token. Handle just like TC_BUILTIN */
++ cn->l.n = parse_expr(TC_RPAREN);
+ }
++ break;
+ }
+- }
++ } /* while() */
+
+ debug_printf_parse("%s() returns %p\n", __func__, sn.r.n);
+ return sn.r.n;
+@@ -1430,7 +1513,7 @@ static node *chain_node(uint32_t info)
+ if (seq->programname != g_progname) {
+ seq->programname = g_progname;
+ n = chain_node(OC_NEWSOURCE);
+- n->l.new_progname = xstrdup(g_progname);
++ n->l.new_progname = g_progname;
+ }
+
+ n = seq->last;
+@@ -1446,14 +1529,16 @@ static void chain_expr(uint32_t info)
+
+ n = chain_node(info);
+
+- n->l.n = parse_expr(TC_OPTERM | TC_GRPTERM);
++ n->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_RBRACE);
+ if ((info & OF_REQUIRED) && !n->l.n)
+ syntax_error(EMSG_TOO_FEW_ARGS);
+
+- if (t_tclass & TC_GRPTERM)
++ if (t_tclass & TC_RBRACE)
+ rollback_token();
+ }
+
++static void chain_group(void);
++
+ static node *chain_loop(node *nn)
+ {
+ node *n, *n2, *save_brk, *save_cont;
+@@ -1477,207 +1562,284 @@ static node *chain_loop(node *nn)
+ return n;
+ }
+
++static void chain_until_rbrace(void)
++{
++ uint32_t tc;
++ while ((tc = next_token(TS_GRPSEQ | TC_RBRACE)) != TC_RBRACE) {
++ debug_printf_parse("%s: !TC_RBRACE\n", __func__);
++ if (tc == TC_NEWLINE)
++ continue;
++ rollback_token();
++ chain_group();
++ }
++ debug_printf_parse("%s: TC_RBRACE\n", __func__);
++}
++
+ /* parse group and attach it to chain */
+ static void chain_group(void)
+ {
+- uint32_t c;
++ uint32_t tc;
+ node *n, *n2, *n3;
+
+ do {
+- c = next_token(TC_GRPSEQ);
+- } while (c & TC_NEWLINE);
+-
+- if (c & TC_GRPSTART) {
+- debug_printf_parse("%s: TC_GRPSTART\n", __func__);
+- while (next_token(TC_GRPSEQ | TC_GRPTERM) != TC_GRPTERM) {
+- debug_printf_parse("%s: !TC_GRPTERM\n", __func__);
+- if (t_tclass & TC_NEWLINE)
+- continue;
+- rollback_token();
+- chain_group();
+- }
+- debug_printf_parse("%s: TC_GRPTERM\n", __func__);
+- } else if (c & (TC_OPSEQ | TC_OPTERM)) {
+- debug_printf_parse("%s: TC_OPSEQ | TC_OPTERM\n", __func__);
++ tc = next_token(TS_GRPSEQ);
++ } while (tc == TC_NEWLINE);
++
++ if (tc == TC_LBRACE) {
++ debug_printf_parse("%s: TC_LBRACE\n", __func__);
++ chain_until_rbrace();
++ return;
++ }
++ if (tc & (TS_OPSEQ | TC_SEMICOL)) {
++ debug_printf_parse("%s: TS_OPSEQ | TC_SEMICOL\n", __func__);
+ rollback_token();
+ chain_expr(OC_EXEC | Vx);
+- } else {
+- /* TC_STATEMNT */
+- debug_printf_parse("%s: TC_STATEMNT(?)\n", __func__);
+- switch (t_info & OPCLSMASK) {
+- case ST_IF:
+- debug_printf_parse("%s: ST_IF\n", __func__);
+- n = chain_node(OC_BR | Vx);
+- n->l.n = condition();
++ return;
++ }
++
++ /* TS_STATEMNT */
++ debug_printf_parse("%s: TS_STATEMNT(?)\n", __func__);
++ switch (t_info & OPCLSMASK) {
++ case ST_IF:
++ debug_printf_parse("%s: ST_IF\n", __func__);
++ n = chain_node(OC_BR | Vx);
++ n->l.n = parse_lrparen_list();
++ chain_group();
++ n2 = chain_node(OC_EXEC);
++ n->r.n = seq->last;
++ if (next_token(TS_GRPSEQ | TC_RBRACE | TC_ELSE) == TC_ELSE) {
+ chain_group();
+- n2 = chain_node(OC_EXEC);
+- n->r.n = seq->last;
+- if (next_token(TC_GRPSEQ | TC_GRPTERM | TC_ELSE) == TC_ELSE) {
+- chain_group();
+- n2->a.n = seq->last;
+- } else {
+- rollback_token();
+- }
+- break;
++ n2->a.n = seq->last;
++ } else {
++ rollback_token();
++ }
++ break;
+
+- case ST_WHILE:
+- debug_printf_parse("%s: ST_WHILE\n", __func__);
+- n2 = condition();
+- n = chain_loop(NULL);
+- n->l.n = n2;
+- break;
++ case ST_WHILE:
++ debug_printf_parse("%s: ST_WHILE\n", __func__);
++ n2 = parse_lrparen_list();
++ n = chain_loop(NULL);
++ n->l.n = n2;
++ break;
+
+- case ST_DO:
+- debug_printf_parse("%s: ST_DO\n", __func__);
+- n2 = chain_node(OC_EXEC);
+- n = chain_loop(NULL);
+- n2->a.n = n->a.n;
+- next_token(TC_WHILE);
+- n->l.n = condition();
+- break;
++ case ST_DO:
++ debug_printf_parse("%s: ST_DO\n", __func__);
++ n2 = chain_node(OC_EXEC);
++ n = chain_loop(NULL);
++ n2->a.n = n->a.n;
++ next_token(TC_WHILE);
++ n->l.n = parse_lrparen_list();
++ break;
+
+- case ST_FOR:
+- debug_printf_parse("%s: ST_FOR\n", __func__);
+- next_token(TC_SEQSTART);
+- n2 = parse_expr(TC_SEMICOL | TC_SEQTERM);
+- if (t_tclass & TC_SEQTERM) { /* for-in */
+- if (!n2 || (n2->info & OPCLSMASK) != OC_IN)
+- syntax_error(EMSG_UNEXP_TOKEN);
+- n = chain_node(OC_WALKINIT | VV);
+- n->l.n = n2->l.n;
+- n->r.n = n2->r.n;
+- n = chain_loop(NULL);
+- n->info = OC_WALKNEXT | Vx;
+- n->l.n = n2->l.n;
+- } else { /* for (;;) */
+- n = chain_node(OC_EXEC | Vx);
+- n->l.n = n2;
+- n2 = parse_expr(TC_SEMICOL);
+- n3 = parse_expr(TC_SEQTERM);
+- n = chain_loop(n3);
+- n->l.n = n2;
+- if (!n2)
+- n->info = OC_EXEC;
+- }
+- break;
++ case ST_FOR:
++ debug_printf_parse("%s: ST_FOR\n", __func__);
++ next_token(TC_LPAREN);
++ n2 = parse_expr(TC_SEMICOL | TC_RPAREN);
++ if (t_tclass & TC_RPAREN) { /* for (I in ARRAY) */
++ if (!n2 || n2->info != TI_IN)
++ syntax_error(EMSG_UNEXP_TOKEN);
++ n = chain_node(OC_WALKINIT | VV);
++ n->l.n = n2->l.n;
++ n->r.n = n2->r.n;
++ n = chain_loop(NULL);
++ n->info = OC_WALKNEXT | Vx;
++ n->l.n = n2->l.n;
++ } else { /* for (;;) */
++ n = chain_node(OC_EXEC | Vx);
++ n->l.n = n2;
++ n2 = parse_expr(TC_SEMICOL);
++ n3 = parse_expr(TC_RPAREN);
++ n = chain_loop(n3);
++ n->l.n = n2;
++ if (!n2)
++ n->info = OC_EXEC;
++ }
++ break;
+
+- case OC_PRINT:
+- case OC_PRINTF:
+- debug_printf_parse("%s: OC_PRINT[F]\n", __func__);
+- n = chain_node(t_info);
+- n->l.n = parse_expr(TC_OPTERM | TC_OUTRDR | TC_GRPTERM);
+- if (t_tclass & TC_OUTRDR) {
+- n->info |= t_info;
+- n->r.n = parse_expr(TC_OPTERM | TC_GRPTERM);
+- }
+- if (t_tclass & TC_GRPTERM)
+- rollback_token();
+- break;
++ case OC_PRINT:
++ case OC_PRINTF:
++ debug_printf_parse("%s: OC_PRINT[F]\n", __func__);
++ n = chain_node(t_info);
++ n->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_OUTRDR | TC_RBRACE);
++ if (t_tclass & TC_OUTRDR) {
++ n->info |= t_info;
++ n->r.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_RBRACE);
++ }
++ if (t_tclass & TC_RBRACE)
++ rollback_token();
++ break;
+
+- case OC_BREAK:
+- debug_printf_parse("%s: OC_BREAK\n", __func__);
+- n = chain_node(OC_EXEC);
+- n->a.n = break_ptr;
+- chain_expr(t_info);
+- break;
++ case OC_BREAK:
++ debug_printf_parse("%s: OC_BREAK\n", __func__);
++ n = chain_node(OC_EXEC);
++ if (!break_ptr)
++ syntax_error("'break' not in a loop");
++ n->a.n = break_ptr;
++ chain_expr(t_info);
++ break;
+
+- case OC_CONTINUE:
+- debug_printf_parse("%s: OC_CONTINUE\n", __func__);
+- n = chain_node(OC_EXEC);
+- n->a.n = continue_ptr;
+- chain_expr(t_info);
+- break;
++ case OC_CONTINUE:
++ debug_printf_parse("%s: OC_CONTINUE\n", __func__);
++ n = chain_node(OC_EXEC);
++ if (!continue_ptr)
++ syntax_error("'continue' not in a loop");
++ n->a.n = continue_ptr;
++ chain_expr(t_info);
++ break;
+
+- /* delete, next, nextfile, return, exit */
+- default:
+- debug_printf_parse("%s: default\n", __func__);
+- chain_expr(t_info);
+- }
++ /* delete, next, nextfile, return, exit */
++ default:
++ debug_printf_parse("%s: default\n", __func__);
++ chain_expr(t_info);
+ }
+ }
+
+ static void parse_program(char *p)
+ {
+- uint32_t tclass;
+- node *cn;
+- func *f;
+- var *v;
++ debug_printf_parse("%s()\n", __func__);
+
+ g_pos = p;
+ t_lineno = 1;
+- while ((tclass = next_token(TC_EOF | TC_OPSEQ | TC_GRPSTART |
+- TC_OPTERM | TC_BEGIN | TC_END | TC_FUNCDECL)) != TC_EOF) {
++ for (;;) {
++ uint32_t tclass;
+
+- if (tclass & TC_OPTERM) {
+- debug_printf_parse("%s: TC_OPTERM\n", __func__);
++ tclass = next_token(TS_OPSEQ | TC_LBRACE | TC_BEGIN | TC_END | TC_FUNCDECL
++ | TC_EOF | TC_NEWLINE /* but not TC_SEMICOL */);
++ got_tok:
++ if (tclass == TC_EOF) {
++ debug_printf_parse("%s: TC_EOF\n", __func__);
++ break;
++ }
++ if (tclass == TC_NEWLINE) {
++ debug_printf_parse("%s: TC_NEWLINE\n", __func__);
+ continue;
+ }
+-
+- seq = &mainseq;
+- if (tclass & TC_BEGIN) {
++ if (tclass == TC_BEGIN) {
+ debug_printf_parse("%s: TC_BEGIN\n", __func__);
+ seq = &beginseq;
+- chain_group();
+- } else if (tclass & TC_END) {
++ /* ensure there is no newline between BEGIN and { */
++ next_token(TC_LBRACE);
++ chain_until_rbrace();
++ goto next_tok;
++ }
++ if (tclass == TC_END) {
+ debug_printf_parse("%s: TC_END\n", __func__);
+ seq = &endseq;
+- chain_group();
+- } else if (tclass & TC_FUNCDECL) {
++ /* ensure there is no newline between END and { */
++ next_token(TC_LBRACE);
++ chain_until_rbrace();
++ goto next_tok;
++ }
++ if (tclass == TC_FUNCDECL) {
++ func *f;
++
+ debug_printf_parse("%s: TC_FUNCDECL\n", __func__);
+ next_token(TC_FUNCTION);
+- g_pos++;
+ f = newfunc(t_string);
+- f->body.first = NULL;
+- f->nargs = 0;
+- /* Match func arg list: a comma sep list of >= 0 args, and a close paren */
+- while (next_token(TC_VARIABLE | TC_SEQTERM | TC_COMMA)) {
+- /* Either an empty arg list, or trailing comma from prev iter
+- * must be followed by an arg */
+- if (f->nargs == 0 && t_tclass == TC_SEQTERM)
+- break;
+-
+- /* TC_SEQSTART/TC_COMMA must be followed by TC_VARIABLE */
+- if (t_tclass != TC_VARIABLE)
++ if (f->defined)
++ syntax_error("Duplicate function");
++ f->defined = 1;
++ //f->body.first = NULL; - already is
++ //f->nargs = 0; - already is
++ /* func arg list: comma sep list of args, and a close paren */
++ for (;;) {
++ var *v;
++ if (next_token(TC_VARIABLE | TC_RPAREN) == TC_RPAREN) {
++ if (f->nargs == 0)
++ break; /* func() is ok */
++ /* func(a,) is not ok */
+ syntax_error(EMSG_UNEXP_TOKEN);
+-
++ }
+ v = findvar(ahash, t_string);
+ v->x.aidx = f->nargs++;
+-
+ /* Arg followed either by end of arg list or 1 comma */
+- if (next_token(TC_COMMA | TC_SEQTERM) & TC_SEQTERM)
++ if (next_token(TC_COMMA | TC_RPAREN) == TC_RPAREN)
+ break;
+- if (t_tclass != TC_COMMA)
+- syntax_error(EMSG_UNEXP_TOKEN);
++ /* it was a comma, we ate it */
+ }
+ seq = &f->body;
+- chain_group();
+- clear_array(ahash);
+- } else if (tclass & TC_OPSEQ) {
+- debug_printf_parse("%s: TC_OPSEQ\n", __func__);
++ /* ensure there is { after "func F(...)" - but newlines are allowed */
++ while (next_token(TC_LBRACE | TC_NEWLINE) == TC_NEWLINE)
++ continue;
++ chain_until_rbrace();
++ hash_clear(ahash);
++ goto next_tok;
++ }
++ seq = &mainseq;
++ if (tclass & TS_OPSEQ) {
++ node *cn;
++
++ debug_printf_parse("%s: TS_OPSEQ\n", __func__);
+ rollback_token();
+ cn = chain_node(OC_TEST);
+- cn->l.n = parse_expr(TC_OPTERM | TC_EOF | TC_GRPSTART);
+- if (t_tclass & TC_GRPSTART) {
+- debug_printf_parse("%s: TC_GRPSTART\n", __func__);
+- rollback_token();
+- chain_group();
++ cn->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_EOF | TC_LBRACE);
++ if (t_tclass == TC_LBRACE) {
++ debug_printf_parse("%s: TC_LBRACE\n", __func__);
++ chain_until_rbrace();
+ } else {
+- debug_printf_parse("%s: !TC_GRPSTART\n", __func__);
++ /* no action, assume default "{ print }" */
++ debug_printf_parse("%s: !TC_LBRACE\n", __func__);
+ chain_node(OC_PRINT);
+ }
+ cn->r.n = mainseq.last;
+- } else /* if (tclass & TC_GRPSTART) */ {
+- debug_printf_parse("%s: TC_GRPSTART(?)\n", __func__);
+- rollback_token();
+- chain_group();
++ goto next_tok;
+ }
+- }
+- debug_printf_parse("%s: TC_EOF\n", __func__);
++ /* tclass == TC_LBRACE */
++ debug_printf_parse("%s: TC_LBRACE(?)\n", __func__);
++ chain_until_rbrace();
++ next_tok:
++ /* Same as next_token() at the top of the loop, + TC_SEMICOL */
++ tclass = next_token(TS_OPSEQ | TC_LBRACE | TC_BEGIN | TC_END | TC_FUNCDECL
++ | TC_EOF | TC_NEWLINE | TC_SEMICOL);
++ /* gawk allows many newlines, but does not allow more than one semicolon:
++ * BEGIN {...}<newline>;<newline>;
++ * would complain "each rule must have a pattern or an action part".
++ * Same message for
++ * ; BEGIN {...}
++ */
++ if (tclass != TC_SEMICOL)
++ goto got_tok; /* use this token */
++ /* else: loop back - ate the semicolon, get and use _next_ token */
++ } /* for (;;) */
+ }
+
+-
+ /* -------- program execution part -------- */
+
++/* temporary variables allocator */
++static var *nvalloc(int sz)
++{
++ return xzalloc(sz * sizeof(var));
++}
++
++static void nvfree(var *v, int sz)
++{
++ var *p = v;
++
++ while (--sz >= 0) {
++ if ((p->type & (VF_ARRAY | VF_CHILD)) == VF_ARRAY) {
++ clear_array(iamarray(p));
++ free(p->x.array->items);
++ free(p->x.array);
++ }
++ if (p->type & VF_WALK) {
++ walker_list *n;
++ walker_list *w = p->x.walker;
++ debug_printf_walker("nvfree: freeing walker @%p\n", &p->x.walker);
++ p->x.walker = NULL;
++ while (w) {
++ n = w->prev;
++ debug_printf_walker(" free(%p)\n", w);
++ free(w);
++ w = n;
++ }
++ }
++ clrvar(p);
++ p++;
++ }
++
++ free(v);
++}
++
+ static node *mk_splitter(const char *s, tsplitter *spl)
+ {
+ regex_t *re, *ire;
+@@ -1686,7 +1848,7 @@ static node *mk_splitter(const char *s, tsplitter *spl)
+ re = &spl->re[0];
+ ire = &spl->re[1];
+ n = &spl->n;
+- if ((n->info & OPCLSMASK) == OC_REGEXP) {
++ if (n->info == TI_REGEXP) {
+ regfree(re);
+ regfree(ire); // TODO: nuke ire, use re+1?
+ }
+@@ -1699,21 +1861,28 @@ static node *mk_splitter(const char *s, tsplitter *spl)
+ return n;
+ }
+
+-/* use node as a regular expression. Supplied with node ptr and regex_t
++static var *evaluate(node *, var *);
++
++/* Use node as a regular expression. Supplied with node ptr and regex_t
+ * storage space. Return ptr to regex (if result points to preg, it should
+- * be later regfree'd manually
++ * be later regfree'd manually).
+ */
+ static regex_t *as_regex(node *op, regex_t *preg)
+ {
+ int cflags;
+- var *v;
+ const char *s;
+
+- if ((op->info & OPCLSMASK) == OC_REGEXP) {
++ if (op->info == TI_REGEXP) {
+ return icase ? op->r.ire : op->l.re;
+ }
+- v = nvalloc(1);
+- s = getvar_s(evaluate(op, v));
++
++ //tmpvar = nvalloc(1);
++#define TMPVAR (&G.as_regex__tmpvar)
++ // We use a single "static" tmpvar (instead of on-stack or malloced one)
++ // to decrease memory consumption in deeply-recursive awk programs.
++ // The rule to work safely is to never call evaluate() while our static
++ // TMPVAR's value is still needed.
++ s = getvar_s(evaluate(op, TMPVAR));
+
+ cflags = icase ? REG_EXTENDED | REG_ICASE : REG_EXTENDED;
+ /* Testcase where REG_EXTENDED fails (unpaired '{'):
+@@ -1725,7 +1894,8 @@ static regex_t *as_regex(node *op, regex_t *preg)
+ cflags &= ~REG_EXTENDED;
+ xregcomp(preg, s, cflags);
+ }
+- nvfree(v);
++ //nvfree(tmpvar, 1);
++#undef TMPVAR
+ return preg;
+ }
+
+@@ -1745,12 +1915,22 @@ static char* qrealloc(char *b, int n, int *size)
+ /* resize field storage space */
+ static void fsrealloc(int size)
+ {
+- int i;
++ int i, newsize;
+
+ if (size >= maxfields) {
++ /* Sanity cap, easier than catering for overflows */
++ if (size > 0xffffff)
++ bb_die_memory_exhausted();
++
+ i = maxfields;
+ maxfields = size + 16;
+- Fields = xrealloc(Fields, maxfields * sizeof(Fields[0]));
++
++ newsize = maxfields * sizeof(Fields[0]);
++ debug_printf_eval("fsrealloc: xrealloc(%p, %u)\n", Fields, newsize);
++ Fields = xrealloc(Fields, newsize);
++ debug_printf_eval("fsrealloc: Fields=%p..%p\n", Fields, (char*)Fields + newsize - 1);
++ /* ^^^ did Fields[] move? debug aid for L.v getting "upstaged" by R.v in evaluate() */
++
+ for (; i < maxfields; i++) {
+ Fields[i].type = VF_SPECIAL;
+ Fields[i].string = NULL;
+@@ -1802,13 +1982,13 @@ static int awk_split(const char *s, node *spl, char **slist)
+ c[2] = '\n';
+
+ n = 0;
+- if ((spl->info & OPCLSMASK) == OC_REGEXP) { /* regex split */
++ if (spl->info == TI_REGEXP) { /* regex split */
+ if (!*s)
+ return n; /* "": zero fields */
+ n++; /* at least one field will be there */
+ do {
+ int l;
+- regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough...
++ regmatch_t pmatch[1];
+
+ l = strcspn(s, c+2); /* len till next NUL or \n */
+ if (regexec1_nonempty(icase ? spl->r.ire : spl->l.re, s, pmatch) == 0
+@@ -1969,7 +2149,7 @@ static node *nextarg(node **pn)
+ node *n;
+
+ n = *pn;
+- if (n && (n->info & OPCLSMASK) == OC_COMMA) {
++ if (n && n->info == TI_COMMA) {
+ *pn = n->r.n;
+ n = n->l.n;
+ } else {
+@@ -2000,8 +2180,7 @@ static void hashwalk_init(var *v, xhash *array)
+ for (i = 0; i < array->csize; i++) {
+ hi = array->items[i];
+ while (hi) {
+- strcpy(w->end, hi->name);
+- nextword(&w->end);
++ w->end = stpcpy(w->end, hi->name) + 1;
+ hi = hi->next;
+ }
+ }
+@@ -2027,15 +2206,18 @@ static int hashwalk_next(var *v)
+ /* evaluate node, return 1 when result is true, 0 otherwise */
+ static int ptest(node *pattern)
+ {
+- /* ptest__v is "static": to save stack space? */
+- return istrue(evaluate(pattern, &G.ptest__v));
++ // We use a single "static" tmpvar (instead of on-stack or malloced one)
++ // to decrease memory consumption in deeply-recursive awk programs.
++ // The rule to work safely is to never call evaluate() while our static
++ // TMPVAR's value is still needed.
++ return istrue(evaluate(pattern, &G.ptest__tmpvar));
+ }
+
+ /* read next record from stream rsm into a variable v */
+ static int awk_getline(rstream *rsm, var *v)
+ {
+ char *b;
+- regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough...
++ regmatch_t pmatch[1];
+ int size, a, p, pp = 0;
+ int fd, so, eo, r, rp;
+ char c, *m, *s;
+@@ -2061,7 +2243,7 @@ static int awk_getline(rstream *rsm, var *v)
+ so = eo = p;
+ r = 1;
+ if (p > 0) {
+- if ((rsplitter.n.info & OPCLSMASK) == OC_REGEXP) {
++ if (rsplitter.n.info == TI_REGEXP) {
+ if (regexec(icase ? rsplitter.n.r.ire : rsplitter.n.l.re,
+ b, 1, pmatch, 0) == 0) {
+ so = pmatch[0].rm_so;
+@@ -2133,82 +2315,126 @@ static int awk_getline(rstream *rsm, var *v)
+ return r;
+ }
+
+-static int fmt_num(char *b, int size, const char *format, double n, int int_as_int)
+-{
+- int r = 0;
+- char c;
+- const char *s = format;
+-
+- if (int_as_int && n == (long long)n) {
+- r = snprintf(b, size, "%lld", (long long)n);
+- } else {
+- do { c = *s; } while (c && *++s);
+- if (strchr("diouxX", c)) {
+- r = snprintf(b, size, format, (int)n);
+- } else if (strchr("eEfgG", c)) {
+- r = snprintf(b, size, format, n);
+- } else {
+- syntax_error(EMSG_INV_FMT);
+- }
+- }
+- return r;
+-}
+-
+ /* formatted output into an allocated buffer, return ptr to buffer */
+-static char *awk_printf(node *n)
++#if !ENABLE_FEATURE_AWK_GNU_EXTENSIONS
++# define awk_printf(a, b) awk_printf(a)
++#endif
++static char *awk_printf(node *n, size_t *len)
+ {
+- char *b = NULL;
+- char *fmt, *s, *f;
+- const char *s1;
+- int i, j, incr, bsize;
+- char c, c1;
+- var *v, *arg;
+-
+- v = nvalloc(1);
+- fmt = f = xstrdup(getvar_s(evaluate(nextarg(&n), v)));
+-
++ char *b;
++ char *fmt, *f;
++ size_t i;
++
++ //tmpvar = nvalloc(1);
++#define TMPVAR (&G.awk_printf__tmpvar)
++ // We use a single "static" tmpvar (instead of on-stack or malloced one)
++ // to decrease memory consumption in deeply-recursive awk programs.
++ // The rule to work safely is to never call evaluate() while our static
++ // TMPVAR's value is still needed.
++ fmt = f = xstrdup(getvar_s(evaluate(nextarg(&n), TMPVAR)));
++ // ^^^^^^^^^ here we immediately strdup() the value, so the later call
++ // to evaluate() potentially recursing into another awk_printf() can't
++ // mangle the value.
++
++ b = NULL;
+ i = 0;
+- while (*f) {
++ while (1) { /* "print one format spec" loop */
++ char *s;
++ char c;
++ char sv;
++ var *arg;
++ size_t slen;
++
++ /* Find end of the next format spec, or end of line */
+ s = f;
+- while (*f && (*f != '%' || *++f == '%'))
+- f++;
+- while (*f && !isalpha(*f)) {
+- if (*f == '*')
+- syntax_error("%*x formats are not supported");
++ while (1) {
++ c = *f;
++ if (!c) /* no percent chars found at all */
++ goto nul;
+ f++;
++ if (c == '%')
++ break;
+ }
+-
+- incr = (f - s) + MAXVARFMT;
+- b = qrealloc(b, incr + i, &bsize);
++ /* we are past % in "....%..." */
+ c = *f;
+- if (c != '\0')
++ if (!c) /* "....%" */
++ goto nul;
++ if (c == '%') { /* "....%%...." */
++ slen = f - s;
++ s = xstrndup(s, slen);
+ f++;
+- c1 = *f;
++ goto append; /* print "....%" part verbatim */
++ }
++ while (1) {
++ if (isalpha(c))
++ break;
++ if (c == '*')
++ syntax_error("%*x formats are not supported");
++ c = *++f;
++ if (!c) { /* "....%...." and no letter found after % */
++ /* Example: awk 'BEGIN { printf "^^^%^^^\n"; }' */
++ nul:
++ slen = f - s;
++ goto tail; /* print remaining string, exit loop */
++ }
++ }
++ /* we are at A in "....%...A..." */
++
++ arg = evaluate(nextarg(&n), TMPVAR);
++
++ /* Result can be arbitrarily long. Example:
++ * printf "%99999s", "BOOM"
++ */
++ sv = *++f;
+ *f = '\0';
+- arg = evaluate(nextarg(&n), v);
+-
+- j = i;
+- if (c == 'c' || !c) {
+- i += sprintf(b+i, s, is_numeric(arg) ?
+- (char)getvar_i(arg) : *getvar_s(arg));
+- } else if (c == 's') {
+- s1 = getvar_s(arg);
+- b = qrealloc(b, incr+i+strlen(s1), &bsize);
+- i += sprintf(b+i, s, s1);
++ if (c == 'c') {
++ char cc = is_numeric(arg) ? getvar_i(arg) : *getvar_s(arg);
++ char *r = xasprintf(s, cc ? cc : '^' /* else strlen will be wrong */);
++ slen = strlen(r);
++ if (cc == '\0') /* if cc is NUL, re-format the string with it */
++ sprintf(r, s, cc);
++ s = r;
+ } else {
+- i += fmt_num(b+i, incr, s, getvar_i(arg), FALSE);
++ if (c == 's') {
++ s = xasprintf(s, getvar_s(arg));
++ } else {
++ double d = getvar_i(arg);
++ if (strchr("diouxX", c)) {
++//TODO: make it wider here (%x -> %llx etc)?
++ s = xasprintf(s, (int)d);
++ } else if (strchr("eEfFgGaA", c)) {
++ s = xasprintf(s, d);
++ } else {
++//TODO: GNU Awk 5.0.1: printf "%W" prints "%W", does not error out
++ syntax_error(EMSG_INV_FMT);
++ }
++ }
++ slen = strlen(s);
+ }
+- *f = c1;
+-
+- /* if there was an error while sprintf, return value is negative */
+- if (i < j)
+- i = j;
++ *f = sv;
++ append:
++ if (i == 0) {
++ b = s;
++ i = slen;
++ continue;
++ }
++ tail:
++ b = xrealloc(b, i + slen + 1);
++ strcpy(b + i, s);
++ i += slen;
++ if (!c) /* s is NOT allocated and this is the last part of string? */
++ break;
++ free(s);
+ }
+
+ free(fmt);
+- nvfree(v);
+- b = xrealloc(b, i + 1);
+- b[i] = '\0';
++ //nvfree(tmpvar, 1);
++#undef TMPVAR
++
++#if ENABLE_FEATURE_AWK_GNU_EXTENSIONS
++ if (len)
++ *len = i;
++#endif
+ return b;
+ }
+
+@@ -2338,33 +2564,59 @@ static NOINLINE int do_mktime(const char *ds)
+ return mktime(&then);
+ }
+
++/* Reduce stack usage in exec_builtin() by keeping match() code separate */
++static NOINLINE var *do_match(node *an1, const char *as0)
++{
++ regmatch_t pmatch[1];
++ regex_t sreg, *re;
++ int n, start, len;
++
++ re = as_regex(an1, &sreg);
++ n = regexec(re, as0, 1, pmatch, 0);
++ if (re == &sreg)
++ regfree(re);
++ start = 0;
++ len = -1;
++ if (n == 0) {
++ start = pmatch[0].rm_so + 1;
++ len = pmatch[0].rm_eo - pmatch[0].rm_so;
++ }
++ setvar_i(newvar("RLENGTH"), len);
++ return setvar_i(newvar("RSTART"), start);
++}
++
++/* Reduce stack usage in evaluate() by keeping builtins' code separate */
+ static NOINLINE var *exec_builtin(node *op, var *res)
+ {
+ #define tspl (G.exec_builtin__tspl)
+
+- var *tv;
++ var *tmpvars;
+ node *an[4];
+ var *av[4];
+ const char *as[4];
+- regmatch_t pmatch[2];
+- regex_t sreg, *re;
+ node *spl;
+ uint32_t isr, info;
+ int nargs;
+ time_t tt;
+ int i, l, ll, n;
+
+- tv = nvalloc(4);
++ tmpvars = nvalloc(4);
++#define TMPVAR0 (tmpvars)
++#define TMPVAR1 (tmpvars + 1)
++#define TMPVAR2 (tmpvars + 2)
++#define TMPVAR3 (tmpvars + 3)
++#define TMPVAR(i) (tmpvars + (i))
+ isr = info = op->info;
+ op = op->l.n;
+
+ av[2] = av[3] = NULL;
+ for (i = 0; i < 4 && op; i++) {
+ an[i] = nextarg(&op);
+- if (isr & 0x09000000)
+- av[i] = evaluate(an[i], &tv[i]);
+- if (isr & 0x08000000)
+- as[i] = getvar_s(av[i]);
++ if (isr & 0x09000000) {
++ av[i] = evaluate(an[i], TMPVAR(i));
++ if (isr & 0x08000000)
++ as[i] = getvar_s(av[i]);
++ }
+ isr >>= 1;
+ }
+
+@@ -2386,8 +2638,8 @@ static NOINLINE var *exec_builtin(node *op, var *res)
+ char *s, *s1;
+
+ if (nargs > 2) {
+- spl = (an[2]->info & OPCLSMASK) == OC_REGEXP ?
+- an[2] : mk_splitter(getvar_s(evaluate(an[2], &tv[2])), &tspl);
++ spl = (an[2]->info == TI_REGEXP) ? an[2]
++ : mk_splitter(getvar_s(evaluate(an[2], TMPVAR2)), &tspl);
+ } else {
+ spl = &fsplitter.n;
+ }
+@@ -2501,20 +2753,7 @@ static NOINLINE var *exec_builtin(node *op, var *res)
+ break;
+
+ case B_ma:
+- re = as_regex(an[1], &sreg);
+- n = regexec(re, as[0], 1, pmatch, 0);
+- if (n == 0) {
+- pmatch[0].rm_so++;
+- pmatch[0].rm_eo++;
+- } else {
+- pmatch[0].rm_so = 0;
+- pmatch[0].rm_eo = -1;
+- }
+- setvar_i(newvar("RSTART"), pmatch[0].rm_so);
+- setvar_i(newvar("RLENGTH"), pmatch[0].rm_eo - pmatch[0].rm_so);
+- setvar_i(res, pmatch[0].rm_so);
+- if (re == &sreg)
+- regfree(re);
++ res = do_match(an[1], as[0]);
+ break;
+
+ case B_ge:
+@@ -2530,14 +2769,79 @@ static NOINLINE var *exec_builtin(node *op, var *res)
+ break;
+ }
+
+- nvfree(tv);
++ nvfree(tmpvars, 4);
++#undef TMPVAR0
++#undef TMPVAR1
++#undef TMPVAR2
++#undef TMPVAR3
++#undef TMPVAR
++
+ return res;
+ #undef tspl
+ }
+
++/* if expr looks like "var=value", perform assignment and return 1,
++ * otherwise return 0 */
++static int is_assignment(const char *expr)
++{
++ char *exprc, *val;
++
++ val = (char*)endofname(expr);
++ if (val == (char*)expr || *val != '=') {
++ return FALSE;
++ }
++
++ exprc = xstrdup(expr);
++ val = exprc + (val - expr);
++ *val++ = '\0';
++
++ unescape_string_in_place(val);
++ setvar_u(newvar(exprc), val);
++ free(exprc);
++ return TRUE;
++}
++
++/* switch to next input file */
++static rstream *next_input_file(void)
++{
++#define rsm (G.next_input_file__rsm)
++#define files_happen (G.next_input_file__files_happen)
++
++ const char *fname, *ind;
++
++ if (rsm.F)
++ fclose(rsm.F);
++ rsm.F = NULL;
++ rsm.pos = rsm.adv = 0;
++
++ for (;;) {
++ if (getvar_i(intvar[ARGIND])+1 >= getvar_i(intvar[ARGC])) {
++ if (files_happen)
++ return NULL;
++ fname = "-";
++ rsm.F = stdin;
++ break;
++ }
++ ind = getvar_s(incvar(intvar[ARGIND]));
++ fname = getvar_s(findvar(iamarray(intvar[ARGV]), ind));
++ if (fname && *fname && !is_assignment(fname)) {
++ rsm.F = xfopen_stdin(fname);
++ break;
++ }
++ }
++
++ files_happen = TRUE;
++ setvar_s(intvar[FILENAME], fname);
++ return &rsm;
++#undef rsm
++#undef files_happen
++}
++
+ /*
+ * Evaluate node - the heart of the program. Supplied with subtree
+- * and place where to store result. returns ptr to result.
++ * and "res" variable to assign the result to if we evaluate an expression.
++ * If node refers to e.g. a variable or a field, no assignment happens.
++ * Return ptr to the result (which may or may not be the "res" variable!)
+ */
+ #define XC(n) ((n) >> 8)
+
+@@ -2549,14 +2853,16 @@ static var *evaluate(node *op, var *res)
+ #define seed (G.evaluate__seed)
+ #define sreg (G.evaluate__sreg)
+
+- var *v1;
++ var *tmpvars;
+
+ if (!op)
+ return setvar_s(res, NULL);
+
+ debug_printf_eval("entered %s()\n", __func__);
+
+- v1 = nvalloc(2);
++ tmpvars = nvalloc(2);
++#define TMPVAR0 (tmpvars)
++#define TMPVAR1 (tmpvars + 1)
+
+ while (op) {
+ struct {
+@@ -2578,48 +2884,35 @@ static var *evaluate(node *op, var *res)
+ op1 = op->l.n;
+ debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn);
+
+- /* "delete" is special:
+- * "delete array[var--]" must evaluate index expr only once,
+- * must not evaluate it in "execute inevitable things" part.
+- */
+- if (XC(opinfo & OPCLSMASK) == XC(OC_DELETE)) {
+- uint32_t info = op1->info & OPCLSMASK;
+- var *v;
+-
+- debug_printf_eval("DELETE\n");
+- if (info == OC_VAR) {
+- v = op1->l.v;
+- } else if (info == OC_FNARG) {
+- v = &fnargs[op1->l.aidx];
+- } else {
+- syntax_error(EMSG_NOT_ARRAY);
++ /* execute inevitable things */
++ if (opinfo & OF_RES1) {
++ if ((opinfo & OF_REQUIRED) && !op1)
++ syntax_error(EMSG_TOO_FEW_ARGS);
++ L.v = evaluate(op1, TMPVAR0);
++ if (opinfo & OF_STR1) {
++ L.s = getvar_s(L.v);
++ debug_printf_eval("L.s:'%s'\n", L.s);
+ }
+- if (op1->r.n) { /* array ref? */
+- const char *s;
+- s = getvar_s(evaluate(op1->r.n, v1));
+- hash_remove(iamarray(v), s);
+- } else {
+- clear_array(iamarray(v));
++ if (opinfo & OF_NUM1) {
++ L_d = getvar_i(L.v);
++ debug_printf_eval("L_d:%f\n", L_d);
+ }
+- goto next;
+ }
+-
+- /* execute inevitable things */
+- if (opinfo & OF_RES1)
+- L.v = evaluate(op1, v1);
+- if (opinfo & OF_RES2)
+- R.v = evaluate(op->r.n, v1+1);
+- if (opinfo & OF_STR1) {
+- L.s = getvar_s(L.v);
+- debug_printf_eval("L.s:'%s'\n", L.s);
+- }
+- if (opinfo & OF_STR2) {
+- R.s = getvar_s(R.v);
+- debug_printf_eval("R.s:'%s'\n", R.s);
+- }
+- if (opinfo & OF_NUM1) {
+- L_d = getvar_i(L.v);
+- debug_printf_eval("L_d:%f\n", L_d);
++ /* NB: Must get string/numeric values of L (done above)
++ * _before_ evaluate()'ing R.v: if both L and R are $NNNs,
++ * and right one is large, then L.v points to Fields[NNN1],
++ * second evaluate() reallocates and moves (!) Fields[],
++ * R.v points to Fields[NNN2] but L.v now points to freed mem!
++ * (Seen trying to evaluate "$444 $44444")
++ */
++ if (opinfo & OF_RES2) {
++ R.v = evaluate(op->r.n, TMPVAR1);
++ //TODO: L.v may be invalid now, set L.v to NULL to catch bugs?
++ //L.v = NULL;
++ if (opinfo & OF_STR2) {
++ R.s = getvar_s(R.v);
++ debug_printf_eval("R.s:'%s'\n", R.s);
++ }
+ }
+
+ debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK));
+@@ -2629,7 +2922,8 @@ static var *evaluate(node *op, var *res)
+
+ /* test pattern */
+ case XC( OC_TEST ):
+- if ((op1->info & OPCLSMASK) == OC_COMMA) {
++ debug_printf_eval("TEST\n");
++ if (op1->info == TI_COMMA) {
+ /* it's range pattern */
+ if ((opinfo & OF_CHECKED) || ptest(op1->l.n)) {
+ op->info |= OF_CHECKED;
+@@ -2646,25 +2940,32 @@ static var *evaluate(node *op, var *res)
+
+ /* just evaluate an expression, also used as unconditional jump */
+ case XC( OC_EXEC ):
++ debug_printf_eval("EXEC\n");
+ break;
+
+ /* branch, used in if-else and various loops */
+ case XC( OC_BR ):
++ debug_printf_eval("BR\n");
+ op = istrue(L.v) ? op->a.n : op->r.n;
+ break;
+
+ /* initialize for-in loop */
+ case XC( OC_WALKINIT ):
++ debug_printf_eval("WALKINIT\n");
+ hashwalk_init(L.v, iamarray(R.v));
+ break;
+
+ /* get next array item */
+ case XC( OC_WALKNEXT ):
++ debug_printf_eval("WALKNEXT\n");
+ op = hashwalk_next(L.v) ? op->a.n : op->r.n;
+ break;
+
+ case XC( OC_PRINT ):
+- case XC( OC_PRINTF ): {
++ debug_printf_eval("PRINT /\n");
++ case XC( OC_PRINTF ):
++ debug_printf_eval("PRINTF\n");
++ {
+ FILE *F = stdout;
+
+ if (op->r.n) {
+@@ -2682,55 +2983,94 @@ static var *evaluate(node *op, var *res)
+ F = rsm->F;
+ }
+
++ /* Can't just check 'opinfo == OC_PRINT' here, parser ORs
++ * additional bits to opinfos of print/printf with redirects
++ */
+ if ((opinfo & OPCLSMASK) == OC_PRINT) {
+ if (!op1) {
+ fputs(getvar_s(intvar[F0]), F);
+ } else {
+- while (op1) {
+- var *v = evaluate(nextarg(&op1), v1);
++ for (;;) {
++ var *v = evaluate(nextarg(&op1), TMPVAR0);
+ if (v->type & VF_NUMBER) {
+- fmt_num(g_buf, MAXVARFMT, getvar_s(intvar[OFMT]),
+- getvar_i(v), TRUE);
++ fmt_num(getvar_s(intvar[OFMT]),
++ getvar_i(v));
+ fputs(g_buf, F);
+ } else {
+ fputs(getvar_s(v), F);
+ }
+-
+- if (op1)
+- fputs(getvar_s(intvar[OFS]), F);
++ if (!op1)
++ break;
++ fputs(getvar_s(intvar[OFS]), F);
+ }
+ }
+ fputs(getvar_s(intvar[ORS]), F);
+-
+- } else { /* OC_PRINTF */
+- char *s = awk_printf(op1);
++ } else { /* PRINTF */
++ IF_FEATURE_AWK_GNU_EXTENSIONS(size_t len;)
++ char *s = awk_printf(op1, &len);
++#if ENABLE_FEATURE_AWK_GNU_EXTENSIONS
++ fwrite(s, len, 1, F);
++#else
+ fputs(s, F);
++#endif
+ free(s);
+ }
+ fflush(F);
+ break;
+ }
+
+- /* case XC( OC_DELETE ): - moved to happen before arg evaluation */
++ case XC( OC_DELETE ):
++ debug_printf_eval("DELETE\n");
++ {
++ /* "delete" is special:
++ * "delete array[var--]" must evaluate index expr only once.
++ */
++ uint32_t info = op1->info & OPCLSMASK;
++ var *v;
++
++ if (info == OC_VAR) {
++ v = op1->l.v;
++ } else if (info == OC_FNARG) {
++ v = &fnargs[op1->l.aidx];
++ } else {
++ syntax_error(EMSG_NOT_ARRAY);
++ }
++ if (op1->r.n) { /* array ref? */
++ const char *s;
++ s = getvar_s(evaluate(op1->r.n, TMPVAR0));
++ hash_remove(iamarray(v), s);
++ } else {
++ clear_array(iamarray(v));
++ }
++ break;
++ }
+
+ case XC( OC_NEWSOURCE ):
++ debug_printf_eval("NEWSOURCE\n");
+ g_progname = op->l.new_progname;
+ break;
+
+ case XC( OC_RETURN ):
++ debug_printf_eval("RETURN\n");
+ copyvar(res, L.v);
+ break;
+
+ case XC( OC_NEXTFILE ):
++ debug_printf_eval("NEXTFILE\n");
+ nextfile = TRUE;
+ case XC( OC_NEXT ):
++ debug_printf_eval("NEXT\n");
+ nextrec = TRUE;
+ case XC( OC_DONE ):
++ debug_printf_eval("DONE\n");
+ clrvar(res);
+ break;
+
+ case XC( OC_EXIT ):
+- awk_exit(L_d);
++ debug_printf_eval("EXIT\n");
++ if (op1)
++ G.exitcode = (int)L_d;
++ awk_exit();
+
+ /* -- recursive node type -- */
+
+@@ -2749,15 +3089,18 @@ static var *evaluate(node *op, var *res)
+ break;
+
+ case XC( OC_IN ):
++ debug_printf_eval("IN\n");
+ setvar_i(res, hash_search(iamarray(R.v), L.s) ? 1 : 0);
+ break;
+
+ case XC( OC_REGEXP ):
++ debug_printf_eval("REGEXP\n");
+ op1 = op;
+ L.s = getvar_s(intvar[F0]);
+ goto re_cont;
+
+ case XC( OC_MATCH ):
++ debug_printf_eval("MATCH\n");
+ op1 = op->r.n;
+ re_cont:
+ {
+@@ -2772,61 +3115,80 @@ static var *evaluate(node *op, var *res)
+ case XC( OC_MOVE ):
+ debug_printf_eval("MOVE\n");
+ /* if source is a temporary string, jusk relink it to dest */
+-//Disabled: if R.v is numeric but happens to have cached R.v->string,
+-//then L.v ends up being a string, which is wrong
+-// if (R.v == v1+1 && R.v->string) {
+-// res = setvar_p(L.v, R.v->string);
+-// R.v->string = NULL;
+-// } else {
++ if (R.v == TMPVAR1
++ && !(R.v->type & VF_NUMBER)
++ /* Why check !NUMBER? if R.v is a number but has cached R.v->string,
++ * L.v ends up a string, which is wrong */
++ /*&& R.v->string - always not NULL (right?) */
++ ) {
++ res = setvar_p(L.v, R.v->string); /* avoids strdup */
++ R.v->string = NULL;
++ } else {
+ res = copyvar(L.v, R.v);
+-// }
++ }
+ break;
+
+ case XC( OC_TERNARY ):
+- if ((op->r.n->info & OPCLSMASK) != OC_COLON)
++ debug_printf_eval("TERNARY\n");
++ if (op->r.n->info != TI_COLON)
+ syntax_error(EMSG_POSSIBLE_ERROR);
+ res = evaluate(istrue(L.v) ? op->r.n->l.n : op->r.n->r.n, res);
+ break;
+
+ case XC( OC_FUNC ): {
+- var *vbeg, *v;
++ var *argvars, *sv_fnargs;
+ const char *sv_progname;
++ int nargs, i;
+
+- /* The body might be empty, still has to eval the args */
+- if (!op->r.n->info && !op->r.f->body.first)
++ debug_printf_eval("FUNC\n");
++
++ if (!op->r.f->defined)
+ syntax_error(EMSG_UNDEF_FUNC);
+
+- vbeg = v = nvalloc(op->r.f->nargs + 1);
++ /* The body might be empty, still has to eval the args */
++ nargs = op->r.f->nargs;
++ argvars = nvalloc(nargs);
++ i = 0;
+ while (op1) {
+- var *arg = evaluate(nextarg(&op1), v1);
+- copyvar(v, arg);
+- v->type |= VF_CHILD;
+- v->x.parent = arg;
+- if (++v - vbeg >= op->r.f->nargs)
+- break;
++ var *arg = evaluate(nextarg(&op1), TMPVAR0);
++ if (i == nargs) {
++ /* call with more arguments than function takes.
++ * (gawk warns: "warning: function 'f' called with more arguments than declared").
++ * They are still evaluated, but discarded: */
++ clrvar(arg);
++ continue;
++ }
++ copyvar(&argvars[i], arg);
++ argvars[i].type |= VF_CHILD;
++ argvars[i].x.parent = arg;
++ i++;
+ }
+
+- v = fnargs;
+- fnargs = vbeg;
++ sv_fnargs = fnargs;
+ sv_progname = g_progname;
+
++ fnargs = argvars;
+ res = evaluate(op->r.f->body.first, res);
++ nvfree(argvars, nargs);
+
+ g_progname = sv_progname;
+- nvfree(fnargs);
+- fnargs = v;
++ fnargs = sv_fnargs;
+
+ break;
+ }
+
+ case XC( OC_GETLINE ):
+- case XC( OC_PGETLINE ): {
++ debug_printf_eval("GETLINE /\n");
++ case XC( OC_PGETLINE ):
++ debug_printf_eval("PGETLINE\n");
++ {
+ rstream *rsm;
+ int i;
+
+ if (op1) {
+ rsm = newfile(L.s);
+ if (!rsm->F) {
++ /* NB: can't use "opinfo == TI_PGETLINE", would break "cmd" | getline */
+ if ((opinfo & OPCLSMASK) == OC_PGETLINE) {
+ rsm->F = popen(L.s, "r");
+ rsm->is_pipe = TRUE;
+@@ -2861,16 +3223,34 @@ static var *evaluate(node *op, var *res)
+ /* simple builtins */
+ case XC( OC_FBLTIN ): {
+ double R_d = R_d; /* for compiler */
++ debug_printf_eval("FBLTIN\n");
++
++ if (op1 && op1->info == TI_COMMA)
++ /* Simple builtins take one arg maximum */
++ syntax_error("Too many arguments");
+
+ switch (opn) {
+ case F_in:
+ R_d = (long long)L_d;
+ break;
+
+- case F_rn:
+- R_d = (double)rand() / (double)RAND_MAX;
++ case F_rn: /*rand*/
++ if (op1)
++ syntax_error("Too many arguments");
++ {
++#if RAND_MAX >= 0x7fffffff
++ uint32_t u = ((uint32_t)rand() << 16) ^ rand();
++ uint64_t v = ((uint64_t)rand() << 32) | u;
++ /* the above shift+or is optimized out on 32-bit arches */
++# if RAND_MAX > 0x7fffffff
++ v &= 0x7fffffffffffffffULL;
++# endif
++ R_d = (double)v / 0x8000000000000000ULL;
++#else
++# error Not implemented for this value of RAND_MAX
++#endif
+ break;
+-
++ }
+ case F_co:
+ if (ENABLE_FEATURE_AWK_LIBM) {
+ R_d = cos(L_d);
+@@ -2910,7 +3290,9 @@ static var *evaluate(node *op, var *res)
+ srand(seed);
+ break;
+
+- case F_ti:
++ case F_ti: /*systime*/
++ if (op1)
++ syntax_error("Too many arguments");
+ R_d = time(NULL);
+ break;
+
+@@ -2949,7 +3331,7 @@ static var *evaluate(node *op, var *res)
+ rstream *rsm;
+ int err = 0;
+ rsm = (rstream *)hash_search(fdhash, L.s);
+- debug_printf_eval("OC_FBLTIN F_cl rsm:%p\n", rsm);
++ debug_printf_eval("OC_FBLTIN close: op1:%p s:'%s' rsm:%p\n", op1, L.s, rsm);
+ if (rsm) {
+ debug_printf_eval("OC_FBLTIN F_cl "
+ "rsm->is_pipe:%d, ->F:%p\n",
+@@ -2960,6 +3342,11 @@ static var *evaluate(node *op, var *res)
+ */
+ if (rsm->F)
+ err = rsm->is_pipe ? pclose(rsm->F) : fclose(rsm->F);
++//TODO: fix this case:
++// $ awk 'BEGIN { print close(""); print ERRNO }'
++// -1
++// close of redirection that was never opened
++// (we print 0, 0)
+ free(rsm->buffer);
+ hash_remove(fdhash, L.s);
+ }
+@@ -2974,14 +3361,18 @@ static var *evaluate(node *op, var *res)
+ }
+
+ case XC( OC_BUILTIN ):
++ debug_printf_eval("BUILTIN\n");
+ res = exec_builtin(op, res);
+ break;
+
+ case XC( OC_SPRINTF ):
+- setvar_p(res, awk_printf(op1));
++ debug_printf_eval("SPRINTF\n");
++ setvar_p(res, awk_printf(op1, NULL));
+ break;
+
+- case XC( OC_UNARY ): {
++ case XC( OC_UNARY ):
++ debug_printf_eval("UNARY\n");
++ {
+ double Ld, R_d;
+
+ Ld = R_d = getvar_i(R.v);
+@@ -3011,7 +3402,9 @@ static var *evaluate(node *op, var *res)
+ break;
+ }
+
+- case XC( OC_FIELD ): {
++ case XC( OC_FIELD ):
++ debug_printf_eval("FIELD\n");
++ {
+ int i = (int)getvar_i(R.v);
+ if (i < 0)
+ syntax_error(EMSG_NEGATIVE_FIELD);
+@@ -3028,26 +3421,33 @@ static var *evaluate(node *op, var *res)
+
+ /* concatenation (" ") and index joining (",") */
+ case XC( OC_CONCAT ):
++ debug_printf_eval("CONCAT /\n");
+ case XC( OC_COMMA ): {
+ const char *sep = "";
+- if ((opinfo & OPCLSMASK) == OC_COMMA)
++ debug_printf_eval("COMMA\n");
++ if (opinfo == TI_COMMA)
+ sep = getvar_s(intvar[SUBSEP]);
+ setvar_p(res, xasprintf("%s%s%s", L.s, sep, R.s));
+ break;
+ }
+
+ case XC( OC_LAND ):
++ debug_printf_eval("LAND\n");
+ setvar_i(res, istrue(L.v) ? ptest(op->r.n) : 0);
+ break;
+
+ case XC( OC_LOR ):
++ debug_printf_eval("LOR\n");
+ setvar_i(res, istrue(L.v) ? 1 : ptest(op->r.n));
+ break;
+
+ case XC( OC_BINARY ):
+- case XC( OC_REPLACE ): {
++ debug_printf_eval("BINARY /\n");
++ case XC( OC_REPLACE ):
++ debug_printf_eval("REPLACE\n");
++ {
+ double R_d = getvar_i(R.v);
+- debug_printf_eval("BINARY/REPLACE: R_d:%f opn:%c\n", R_d, opn);
++ debug_printf_eval("R_d:%f opn:%c\n", R_d, opn);
+ switch (opn) {
+ case '+':
+ L_d += R_d;
+@@ -3083,6 +3483,7 @@ static var *evaluate(node *op, var *res)
+ case XC( OC_COMPARE ): {
+ int i = i; /* for compiler */
+ double Ld;
++ debug_printf_eval("COMPARE\n");
+
+ if (is_numeric(L.v) && is_numeric(R.v)) {
+ Ld = getvar_i(L.v) - getvar_i(R.v);
+@@ -3109,7 +3510,7 @@ static var *evaluate(node *op, var *res)
+ default:
+ syntax_error(EMSG_POSSIBLE_ERROR);
+ } /* switch */
+- next:
++
+ if ((opinfo & OPCLSMASK) <= SHIFT_TIL_THIS)
+ op = op->a.n;
+ if ((opinfo & OPCLSMASK) >= RECUR_FROM_THIS)
+@@ -3118,7 +3519,10 @@ static var *evaluate(node *op, var *res)
+ break;
+ } /* while (op) */
+
+- nvfree(v1);
++ nvfree(tmpvars, 2);
++#undef TMPVAR0
++#undef TMPVAR1
++
+ debug_printf_eval("returning from %s(): %p\n", __func__, res);
+ return res;
+ #undef fnargs
+@@ -3126,25 +3530,21 @@ static var *evaluate(node *op, var *res)
+ #undef sreg
+ }
+
+-
+ /* -------- main & co. -------- */
+
+-static int awk_exit(int r)
++static int awk_exit(void)
+ {
+- var tv;
+ unsigned i;
+- hash_item *hi;
+-
+- zero_out_var(&tv);
+
+ if (!exiting) {
+ exiting = TRUE;
+ nextrec = FALSE;
+- evaluate(endseq.first, &tv);
++ evaluate(endseq.first, &G.exit__tmpvar);
+ }
+
+ /* waiting for children */
+ for (i = 0; i < fdhash->csize; i++) {
++ hash_item *hi;
+ hi = fdhash->items[i];
+ while (hi) {
+ if (hi->data.rs.F && hi->data.rs.is_pipe)
+@@ -3153,65 +3553,7 @@ static int awk_exit(int r)
+ }
+ }
+
+- exit(r);
+-}
+-
+-/* if expr looks like "var=value", perform assignment and return 1,
+- * otherwise return 0 */
+-static int is_assignment(const char *expr)
+-{
+- char *exprc, *val;
+-
+- if (!isalnum_(*expr) || (val = strchr(expr, '=')) == NULL) {
+- return FALSE;
+- }
+-
+- exprc = xstrdup(expr);
+- val = exprc + (val - expr);
+- *val++ = '\0';
+-
+- unescape_string_in_place(val);
+- setvar_u(newvar(exprc), val);
+- free(exprc);
+- return TRUE;
+-}
+-
+-/* switch to next input file */
+-static rstream *next_input_file(void)
+-{
+-#define rsm (G.next_input_file__rsm)
+-#define files_happen (G.next_input_file__files_happen)
+-
+- FILE *F;
+- const char *fname, *ind;
+-
+- if (rsm.F)
+- fclose(rsm.F);
+- rsm.F = NULL;
+- rsm.pos = rsm.adv = 0;
+-
+- for (;;) {
+- if (getvar_i(intvar[ARGIND])+1 >= getvar_i(intvar[ARGC])) {
+- if (files_happen)
+- return NULL;
+- fname = "-";
+- F = stdin;
+- break;
+- }
+- ind = getvar_s(incvar(intvar[ARGIND]));
+- fname = getvar_s(findvar(iamarray(intvar[ARGV]), ind));
+- if (fname && *fname && !is_assignment(fname)) {
+- F = xfopen_stdin(fname);
+- break;
+- }
+- }
+-
+- files_happen = TRUE;
+- setvar_s(intvar[FILENAME], fname);
+- rsm.F = F;
+- return &rsm;
+-#undef rsm
+-#undef files_happen
++ exit(G.exitcode);
+ }
+
+ int awk_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+@@ -3224,12 +3566,7 @@ int awk_main(int argc UNUSED_PARAM, char **argv)
+ #if ENABLE_FEATURE_AWK_GNU_EXTENSIONS
+ llist_t *list_e = NULL;
+ #endif
+- int i, j;
+- var *v;
+- var tv;
+- char **envp;
+- char *vnames = (char *)vNames; /* cheat */
+- char *vvalues = (char *)vValues;
++ int i;
+
+ INIT_G();
+
+@@ -3238,48 +3575,43 @@ int awk_main(int argc UNUSED_PARAM, char **argv)
+ if (ENABLE_LOCALE_SUPPORT)
+ setlocale(LC_NUMERIC, "C");
+
+- zero_out_var(&tv);
+-
+- /* allocate global buffer */
+- g_buf = xmalloc(MAXVARFMT + 1);
+-
+- vhash = hash_init();
+- ahash = hash_init();
+- fdhash = hash_init();
+- fnhash = hash_init();
+-
+ /* initialize variables */
+- for (i = 0; *vnames; i++) {
+- intvar[i] = v = newvar(nextword(&vnames));
+- if (*vvalues != '\377')
+- setvar_s(v, nextword(&vvalues));
+- else
+- setvar_i(v, 0);
+-
+- if (*vnames == '*') {
+- v->type |= VF_SPECIAL;
+- vnames++;
++ vhash = hash_init();
++ {
++ char *vnames = (char *)vNames; /* cheat */
++ char *vvalues = (char *)vValues;
++ for (i = 0; *vnames; i++) {
++ var *v;
++ intvar[i] = v = newvar(nextword(&vnames));
++ if (*vvalues != '\377')
++ setvar_s(v, nextword(&vvalues));
++ else
++ setvar_i(v, 0);
++
++ if (*vnames == '*') {
++ v->type |= VF_SPECIAL;
++ vnames++;
++ }
+ }
+ }
+
+ handle_special(intvar[FS]);
+ handle_special(intvar[RS]);
+
+- newfile("/dev/stdin")->F = stdin;
+- newfile("/dev/stdout")->F = stdout;
+- newfile("/dev/stderr")->F = stderr;
+-
+ /* Huh, people report that sometimes environ is NULL. Oh well. */
+- if (environ) for (envp = environ; *envp; envp++) {
+- /* environ is writable, thus we don't strdup it needlessly */
+- char *s = *envp;
+- char *s1 = strchr(s, '=');
+- if (s1) {
+- *s1 = '\0';
+- /* Both findvar and setvar_u take const char*
+- * as 2nd arg -> environment is not trashed */
+- setvar_u(findvar(iamarray(intvar[ENVIRON]), s), s1 + 1);
+- *s1 = '=';
++ if (environ) {
++ char **envp;
++ for (envp = environ; *envp; envp++) {
++ /* environ is writable, thus we don't strdup it needlessly */
++ char *s = *envp;
++ char *s1 = strchr(s, '=');
++ if (s1) {
++ *s1 = '\0';
++ /* Both findvar and setvar_u take const char*
++ * as 2nd arg -> environment is not trashed */
++ setvar_u(findvar(iamarray(intvar[ENVIRON]), s), s1 + 1);
++ *s1 = '=';
++ }
+ }
+ }
+ opt = getopt32(argv, OPTSTR_AWK, &opt_F, &list_v, &list_f, IF_FEATURE_AWK_GNU_EXTENSIONS(&list_e,) NULL);
+@@ -3295,20 +3627,19 @@ int awk_main(int argc UNUSED_PARAM, char **argv)
+ if (!is_assignment(llist_pop(&list_v)))
+ bb_show_usage();
+ }
++
++ /* Parse all supplied programs */
++ fnhash = hash_init();
++ ahash = hash_init();
+ while (list_f) {
+- char *s = NULL;
+- FILE *from_file;
++ int fd;
++ char *s;
+
+ g_progname = llist_pop(&list_f);
+- from_file = xfopen_stdin(g_progname);
+- /* one byte is reserved for some trick in next_token */
+- for (i = j = 1; j > 0; i += j) {
+- s = xrealloc(s, i + 4096);
+- j = fread(s + i, 1, 4094, from_file);
+- }
+- s[i] = '\0';
+- fclose(from_file);
+- parse_program(s + 1);
++ fd = xopen_stdin(g_progname);
++ s = xmalloc_read(fd, NULL); /* it's NUL-terminated */
++ close(fd);
++ parse_program(s);
+ free(s);
+ }
+ g_progname = "cmd. line";
+@@ -3317,11 +3648,23 @@ int awk_main(int argc UNUSED_PARAM, char **argv)
+ parse_program(llist_pop(&list_e));
+ }
+ #endif
++//FIXME: preserve order of -e and -f
++//TODO: implement -i LIBRARY and -E FILE too, they are easy-ish
+ if (!(opt & (OPT_f | OPT_e))) {
+ if (!*argv)
+ bb_show_usage();
+ parse_program(*argv++);
+ }
++ /* Free unused parse structures */
++ //hash_free(fnhash); // ~250 bytes when empty, used only for function names
++ //^^^^^^^^^^^^^^^^^ does not work, hash_clear() inside SEGVs
++ // (IOW: hash_clear() assumes it's a hash of variables. fnhash is not).
++ free(fnhash->items);
++ free(fnhash);
++ fnhash = NULL; // debug
++ //hash_free(ahash); // empty after parsing, will reuse as fdhash instead of freeing
++
++ /* Parsing done, on to executing */
+
+ /* fill in ARGV array */
+ setari_u(intvar[ARGV], 0, "awk");
+@@ -3330,9 +3673,14 @@ int awk_main(int argc UNUSED_PARAM, char **argv)
+ setari_u(intvar[ARGV], ++i, *argv++);
+ setvar_i(intvar[ARGC], i + 1);
+
+- evaluate(beginseq.first, &tv);
++ //fdhash = ahash; // done via define
++ newfile("/dev/stdin")->F = stdin;
++ newfile("/dev/stdout")->F = stdout;
++ newfile("/dev/stderr")->F = stderr;
++
++ evaluate(beginseq.first, &G.main__tmpvar);
+ if (!mainseq.first && !endseq.first)
+- awk_exit(EXIT_SUCCESS);
++ awk_exit();
+
+ /* input file could already be opened in BEGIN block */
+ if (!iF)
+@@ -3347,7 +3695,7 @@ int awk_main(int argc UNUSED_PARAM, char **argv)
+ nextrec = FALSE;
+ incvar(intvar[NR]);
+ incvar(intvar[FNR]);
+- evaluate(mainseq.first, &tv);
++ evaluate(mainseq.first, &G.main__tmpvar);
+
+ if (nextfile)
+ break;
+@@ -3359,6 +3707,6 @@ int awk_main(int argc UNUSED_PARAM, char **argv)
+ iF = next_input_file();
+ }
+
+- awk_exit(EXIT_SUCCESS);
++ awk_exit();
+ /*return 0;*/
+ }
+diff --git a/testsuite/awk.tests b/testsuite/awk.tests
+index 92c83d719..4a7a01245 100755
+--- a/testsuite/awk.tests
++++ b/testsuite/awk.tests
+@@ -44,6 +44,16 @@ testing "awk handles empty function f(arg){}" \
+ "L1\n\nL2\n\n" \
+ "" ""
+
++prg='
++function empty_fun(){}
++END {empty_fun()
++ print "Ok"
++}'
++testing "awk handles empty function f(){}" \
++ "awk '$prg'" \
++ "Ok\n" \
++ "" ""
++
+ prg='
+ function outer_fun() {
+ return 1
+@@ -71,6 +81,23 @@ testing "awk properly handles undefined function" \
+ "L1\n\nawk: cmd. line:5: Call to undefined function\n" \
+ "" ""
+
++prg='
++BEGIN {
++ v=1
++ a=2
++ print v (a)
++}'
++testing "awk 'v (a)' is not a function call, it is a concatenation" \
++ "awk '$prg' 2>&1" \
++ "12\n" \
++ "" ""
++
++prg='func f(){print"F"};func g(){print"G"};BEGIN{f(g(),g())}'
++testing "awk unused function args are evaluated" \
++ "awk '$prg' 2>&1" \
++ "G\nG\nF\n" \
++ "" ""
++
+
+ optional DESKTOP
+ testing "awk hex const 1" "awk '{ print or(0xffffffff,1) }'" "4294967295\n" "" "\n"
+@@ -352,19 +379,14 @@ testing "awk -e and ARGC" \
+ ""
+ SKIP=
+
+-# The examples are in fact not valid awk programs (break/continue
+-# can only be used inside loops).
+-# But we do accept them outside of loops.
+-# We had a bug with misparsing "break ; else" sequence.
+-# Test that *that* bug is fixed, using simplest possible scripts:
+ testing "awk break" \
+ "awk -f - 2>&1; echo \$?" \
+- "0\n" \
++ "awk: -:1: 'break' not in a loop\n1\n" \
+ "" \
+ 'BEGIN { if (1) break; else a = 1 }'
+ testing "awk continue" \
+ "awk -f - 2>&1; echo \$?" \
+- "0\n" \
++ "awk: -:1: 'continue' not in a loop\n1\n" \
+ "" \
+ 'BEGIN { if (1) continue; else a = 1 }'
+
+@@ -383,6 +405,11 @@ testing "awk errors on missing delete arg" \
+ "awk -e '{delete}' 2>&1" "awk: cmd. line:1: Too few arguments\n" "" ""
+ SKIP=
+
++optional FEATURE_AWK_GNU_EXTENSIONS
++testing "awk printf('%c') can output NUL" \
++ "awk '{printf(\"hello%c null\n\", 0)}'" "hello\0 null\n" "" "\n"
++SKIP=
++
+ # testing "description" "command" "result" "infile" "stdin"
+ testing 'awk negative field access' \
+ 'awk 2>&1 -- '\''{ $(-1) }'\' \
+@@ -413,4 +440,25 @@ testing 'awk $NF is empty' \
+ '' \
+ 'a=====123='
+
++testing "awk exit N propagates through END's exit" \
++ "awk 'BEGIN { exit 42 } END { exit }'; echo \$?" \
++ "42\n" \
++ '' ''
++
++testing "awk print + redirect" \
++ "awk 'BEGIN { print \"STDERR %s\" >\"/dev/stderr\" }' 2>&1" \
++ "STDERR %s\n" \
++ '' ''
++
++testing "awk \"cmd\" | getline" \
++ "awk 'BEGIN { \"echo HELLO\" | getline; print }'" \
++ "HELLO\n" \
++ '' ''
++
++# printf %% should print one % (had a bug where it didn't)
++testing 'awk printf %% prints one %' \
++ "awk 'BEGIN { printf \"%%\n\" }'" \
++ "%\n" \
++ '' ''
++
+ exit $FAILCOUNT
+diff --git a/testsuite/printf.tests b/testsuite/printf.tests
+index 34a65926e..050edef71 100755
+--- a/testsuite/printf.tests
++++ b/testsuite/printf.tests
+@@ -79,6 +79,11 @@ testing "printf understands %Ld" \
+ "-5\n""0\n" \
+ "" ""
+
++testing "printf understands %%" \
++ "${bb}printf '%%\n' 2>&1; echo \$?" \
++ "%\n""0\n" \
++ "" ""
++
+ testing "printf handles positive numbers for %d" \
+ "${bb}printf '%d\n' 3 +3 ' 3' ' +3' 2>&1; echo \$?" \
+ "3\n"\
+--
+2.33.0
+
diff --git a/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch b/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch
new file mode 100644
index 0000000000..4a930b7b6f
--- /dev/null
+++ b/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch
@@ -0,0 +1,30 @@
+From 4975cace9bf96bfde174f8bb5cc4068d2ea294d4 Mon Sep 17 00:00:00 2001
+From: Denys Vlasenko <vda.linux@googlemail.com>
+Date: Tue, 15 Jun 2021 14:47:46 +0200
+Subject: [PATCH] man: fix segfault in "man 1"
+
+function old new delta
+man_main 942 954 +12
+
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+
+Upstream-Status: Backport [4d4fc5ca5ee4f]
+CVE: CVE-2021-42373
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ miscutils/man.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/miscutils/man.c b/miscutils/man.c
+index 722f6641e..d319e8bba 100644
+--- a/miscutils/man.c
++++ b/miscutils/man.c
+@@ -324,7 +324,7 @@ int man_main(int argc UNUSED_PARAM, char **argv)
+
+ /* is 1st ARG a SECTION? */
+ sec_list = conf_sec_list;
+- if (is_section_name(conf_sec_list, *argv)) {
++ if (is_section_name(conf_sec_list, *argv) && argv[1]) {
+ /* yes */
+ sec_list = *argv++;
+ }
diff --git a/meta/recipes-core/busybox/busybox_1.33.1.bb b/meta/recipes-core/busybox/busybox_1.33.2.bb
index 4002d6a5c6..4a0d3b4556 100644
--- a/meta/recipes-core/busybox/busybox_1.33.1.bb
+++ b/meta/recipes-core/busybox/busybox_1.33.2.bb
@@ -48,7 +48,9 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \
file://0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch \
file://0001-mktemp-add-tmpdir-option.patch \
+ file://0001-awk-fix-CVEs.patch \
+ file://0002-man-fix-segfault-in-man-1.patch \
"
SRC_URI_append_libc-musl = " file://musl.cfg "
-SRC_URI[tarball.sha256sum] = "12cec6bd2b16d8a9446dd16130f2b92982f1819f6e1c5f5887b6db03f5660d28"
+SRC_URI[tarball.sha256sum] = "6843ba7977081e735fa0fdb05893e3c002c8c5ad7c9c80da206e603cc0ac47e7"
diff --git a/meta/recipes-core/dbus-wait/dbus-wait_git.bb b/meta/recipes-core/dbus-wait/dbus-wait_git.bb
index 677768d35a..b39f7523c0 100644
--- a/meta/recipes-core/dbus-wait/dbus-wait_git.bb
+++ b/meta/recipes-core/dbus-wait/dbus-wait_git.bb
@@ -11,7 +11,7 @@ SRCREV = "6cc6077a36fe2648a5f993fe7c16c9632f946517"
PV = "0.1+git${SRCPV}"
PR = "r2"
-SRC_URI = "git://git.yoctoproject.org/${BPN}"
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master"
UPSTREAM_CHECK_COMMITS = "1"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/expat/expat/CVE-2021-45960.patch b/meta/recipes-core/expat/expat/CVE-2021-45960.patch
new file mode 100644
index 0000000000..523449e22c
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2021-45960.patch
@@ -0,0 +1,65 @@
+From 0adcb34c49bee5b19bd29b16a578c510c23597ea Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Mon, 27 Dec 2021 20:15:02 +0100
+Subject: [PATCH] lib: Detect and prevent troublesome left shifts in function
+ storeAtts (CVE-2021-45960)
+
+Upstream-Status: Backport:
+https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
+
+CVE: CVE-2021-45960
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+
+---
+ expat/lib/xmlparse.c | 31 +++++++++++++++++++++++++++++--
+ 1 file changed, 29 insertions(+), 2 deletions(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index d730f41c3..b47c31b05 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -3414,7 +3414,13 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+ if (nPrefixes) {
+ int j; /* hash table index */
+ unsigned long version = parser->m_nsAttsVersion;
+- int nsAttsSize = (int)1 << parser->m_nsAttsPower;
++
++ /* Detect and prevent invalid shift */
++ if (parser->m_nsAttsPower >= sizeof(unsigned int) * 8 /* bits per byte */) {
++ return XML_ERROR_NO_MEMORY;
++ }
++
++ unsigned int nsAttsSize = 1u << parser->m_nsAttsPower;
+ unsigned char oldNsAttsPower = parser->m_nsAttsPower;
+ /* size of hash table must be at least 2 * (# of prefixed attributes) */
+ if ((nPrefixes << 1)
+@@ -3425,7 +3431,28 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+ ;
+ if (parser->m_nsAttsPower < 3)
+ parser->m_nsAttsPower = 3;
+- nsAttsSize = (int)1 << parser->m_nsAttsPower;
++
++ /* Detect and prevent invalid shift */
++ if (parser->m_nsAttsPower >= sizeof(nsAttsSize) * 8 /* bits per byte */) {
++ /* Restore actual size of memory in m_nsAtts */
++ parser->m_nsAttsPower = oldNsAttsPower;
++ return XML_ERROR_NO_MEMORY;
++ }
++
++ nsAttsSize = 1u << parser->m_nsAttsPower;
++
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if (nsAttsSize > (size_t)(-1) / sizeof(NS_ATT)) {
++ /* Restore actual size of memory in m_nsAtts */
++ parser->m_nsAttsPower = oldNsAttsPower;
++ return XML_ERROR_NO_MEMORY;
++ }
++#endif
++
+ temp = (NS_ATT *)REALLOC(parser, parser->m_nsAtts,
+ nsAttsSize * sizeof(NS_ATT));
+ if (! temp) {
diff --git a/meta/recipes-core/expat/expat/CVE-2021-46143.patch b/meta/recipes-core/expat/expat/CVE-2021-46143.patch
new file mode 100644
index 0000000000..b1a726d9a8
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2021-46143.patch
@@ -0,0 +1,49 @@
+From 85ae9a2d7d0e9358f356b33977b842df8ebaec2b Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Sat, 25 Dec 2021 20:52:08 +0100
+Subject: [PATCH] lib: Prevent integer overflow on m_groupSize in function
+ doProlog (CVE-2021-46143)
+
+Upstream-Status: Backport:
+https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b
+
+CVE: CVE-2021-46143
+
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+---
+ expat/lib/xmlparse.c | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index b47c31b0..8f243126 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -5046,6 +5046,11 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end,
+ if (parser->m_prologState.level >= parser->m_groupSize) {
+ if (parser->m_groupSize) {
+ {
++ /* Detect and prevent integer overflow */
++ if (parser->m_groupSize > (unsigned int)(-1) / 2u) {
++ return XML_ERROR_NO_MEMORY;
++ }
++
+ char *const new_connector = (char *)REALLOC(
+ parser, parser->m_groupConnector, parser->m_groupSize *= 2);
+ if (new_connector == NULL) {
+@@ -5056,6 +5061,16 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end,
+ }
+
+ if (dtd->scaffIndex) {
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if (parser->m_groupSize > (size_t)(-1) / sizeof(int)) {
++ return XML_ERROR_NO_MEMORY;
++ }
++#endif
++
+ int *const new_scaff_index = (int *)REALLOC(
+ parser, dtd->scaffIndex, parser->m_groupSize * sizeof(int));
+ if (new_scaff_index == NULL)
diff --git a/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch b/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch
new file mode 100644
index 0000000000..e569fbc7ab
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch
@@ -0,0 +1,257 @@
+From 9f93e8036e842329863bf20395b8fb8f73834d9e Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Thu, 30 Dec 2021 22:46:03 +0100
+Subject: [PATCH] lib: Prevent integer overflow at multiple places
+ (CVE-2022-22822 to CVE-2022-22827)
+
+The involved functions are:
+- addBinding (CVE-2022-22822)
+- build_model (CVE-2022-22823)
+- defineAttribute (CVE-2022-22824)
+- lookup (CVE-2022-22825)
+- nextScaffoldPart (CVE-2022-22826)
+- storeAtts (CVE-2022-22827)
+
+Upstream-Status: Backport:
+https://github.com/libexpat/libexpat/pull/539/commits/9f93e8036e842329863bf20395b8fb8f73834d9e
+
+CVE: CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+
+---
+ expat/lib/xmlparse.c | 153 ++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 151 insertions(+), 2 deletions(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index 8f243126..575e73ee 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -3261,13 +3261,38 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+
+ /* get the attributes from the tokenizer */
+ n = XmlGetAttributes(enc, attStr, parser->m_attsSize, parser->m_atts);
++
++ /* Detect and prevent integer overflow */
++ if (n > INT_MAX - nDefaultAtts) {
++ return XML_ERROR_NO_MEMORY;
++ }
++
+ if (n + nDefaultAtts > parser->m_attsSize) {
+ int oldAttsSize = parser->m_attsSize;
+ ATTRIBUTE *temp;
+ #ifdef XML_ATTR_INFO
+ XML_AttrInfo *temp2;
+ #endif
++
++ /* Detect and prevent integer overflow */
++ if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE)
++ || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) {
++ return XML_ERROR_NO_MEMORY;
++ }
++
+ parser->m_attsSize = n + nDefaultAtts + INIT_ATTS_SIZE;
++
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) {
++ parser->m_attsSize = oldAttsSize;
++ return XML_ERROR_NO_MEMORY;
++ }
++#endif
++
+ temp = (ATTRIBUTE *)REALLOC(parser, (void *)parser->m_atts,
+ parser->m_attsSize * sizeof(ATTRIBUTE));
+ if (temp == NULL) {
+@@ -3276,6 +3301,17 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+ }
+ parser->m_atts = temp;
+ #ifdef XML_ATTR_INFO
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++# if UINT_MAX >= SIZE_MAX
++ if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(XML_AttrInfo)) {
++ parser->m_attsSize = oldAttsSize;
++ return XML_ERROR_NO_MEMORY;
++ }
++# endif
++
+ temp2 = (XML_AttrInfo *)REALLOC(parser, (void *)parser->m_attInfo,
+ parser->m_attsSize * sizeof(XML_AttrInfo));
+ if (temp2 == NULL) {
+@@ -3610,9 +3646,31 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+ tagNamePtr->prefixLen = prefixLen;
+ for (i = 0; localPart[i++];)
+ ; /* i includes null terminator */
++
++ /* Detect and prevent integer overflow */
++ if (binding->uriLen > INT_MAX - prefixLen
++ || i > INT_MAX - (binding->uriLen + prefixLen)) {
++ return XML_ERROR_NO_MEMORY;
++ }
++
+ n = i + binding->uriLen + prefixLen;
+ if (n > binding->uriAlloc) {
+ TAG *p;
++
++ /* Detect and prevent integer overflow */
++ if (n > INT_MAX - EXPAND_SPARE) {
++ return XML_ERROR_NO_MEMORY;
++ }
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++ return XML_ERROR_NO_MEMORY;
++ }
++#endif
++
+ uri = (XML_Char *)MALLOC(parser, (n + EXPAND_SPARE) * sizeof(XML_Char));
+ if (! uri)
+ return XML_ERROR_NO_MEMORY;
+@@ -3708,6 +3766,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+ if (parser->m_freeBindingList) {
+ b = parser->m_freeBindingList;
+ if (len > b->uriAlloc) {
++ /* Detect and prevent integer overflow */
++ if (len > INT_MAX - EXPAND_SPARE) {
++ return XML_ERROR_NO_MEMORY;
++ }
++
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++ return XML_ERROR_NO_MEMORY;
++ }
++#endif
++
+ XML_Char *temp = (XML_Char *)REALLOC(
+ parser, b->uri, sizeof(XML_Char) * (len + EXPAND_SPARE));
+ if (temp == NULL)
+@@ -3720,6 +3793,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+ b = (BINDING *)MALLOC(parser, sizeof(BINDING));
+ if (! b)
+ return XML_ERROR_NO_MEMORY;
++
++ /* Detect and prevent integer overflow */
++ if (len > INT_MAX - EXPAND_SPARE) {
++ return XML_ERROR_NO_MEMORY;
++ }
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++ return XML_ERROR_NO_MEMORY;
++ }
++#endif
++
+ b->uri
+ = (XML_Char *)MALLOC(parser, sizeof(XML_Char) * (len + EXPAND_SPARE));
+ if (! b->uri) {
+@@ -6141,7 +6229,24 @@ defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *attId, XML_Bool isCdata,
+ }
+ } else {
+ DEFAULT_ATTRIBUTE *temp;
++
++ /* Detect and prevent integer overflow */
++ if (type->allocDefaultAtts > INT_MAX / 2) {
++ return 0;
++ }
++
+ int count = type->allocDefaultAtts * 2;
++
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if ((unsigned)count > (size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE)) {
++ return 0;
++ }
++#endif
++
+ temp = (DEFAULT_ATTRIBUTE *)REALLOC(parser, type->defaultAtts,
+ (count * sizeof(DEFAULT_ATTRIBUTE)));
+ if (temp == NULL)
+@@ -6792,8 +6897,20 @@ lookup(XML_Parser parser, HASH_TABLE *table, KEY name, size_t createSize) {
+ /* check for overflow (table is half full) */
+ if (table->used >> (table->power - 1)) {
+ unsigned char newPower = table->power + 1;
++
++ /* Detect and prevent invalid shift */
++ if (newPower >= sizeof(unsigned long) * 8 /* bits per byte */) {
++ return NULL;
++ }
++
+ size_t newSize = (size_t)1 << newPower;
+ unsigned long newMask = (unsigned long)newSize - 1;
++
++ /* Detect and prevent integer overflow */
++ if (newSize > (size_t)(-1) / sizeof(NAMED *)) {
++ return NULL;
++ }
++
+ size_t tsize = newSize * sizeof(NAMED *);
+ NAMED **newV = (NAMED **)table->mem->malloc_fcn(tsize);
+ if (! newV)
+@@ -7143,6 +7260,20 @@ nextScaffoldPart(XML_Parser parser) {
+ if (dtd->scaffCount >= dtd->scaffSize) {
+ CONTENT_SCAFFOLD *temp;
+ if (dtd->scaffold) {
++ /* Detect and prevent integer overflow */
++ if (dtd->scaffSize > UINT_MAX / 2u) {
++ return -1;
++ }
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if (dtd->scaffSize > (size_t)(-1) / 2u / sizeof(CONTENT_SCAFFOLD)) {
++ return -1;
++ }
++#endif
++
+ temp = (CONTENT_SCAFFOLD *)REALLOC(
+ parser, dtd->scaffold, dtd->scaffSize * 2 * sizeof(CONTENT_SCAFFOLD));
+ if (temp == NULL)
+@@ -7212,8 +7343,26 @@ build_model(XML_Parser parser) {
+ XML_Content *ret;
+ XML_Content *cpos;
+ XML_Char *str;
+- int allocsize = (dtd->scaffCount * sizeof(XML_Content)
+- + (dtd->contentStringLen * sizeof(XML_Char)));
++
++ /* Detect and prevent integer overflow.
++ * The preprocessor guard addresses the "always false" warning
++ * from -Wtype-limits on platforms where
++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++ if (dtd->scaffCount > (size_t)(-1) / sizeof(XML_Content)) {
++ return NULL;
++ }
++ if (dtd->contentStringLen > (size_t)(-1) / sizeof(XML_Char)) {
++ return NULL;
++ }
++#endif
++ if (dtd->scaffCount * sizeof(XML_Content)
++ > (size_t)(-1) - dtd->contentStringLen * sizeof(XML_Char)) {
++ return NULL;
++ }
++
++ const size_t allocsize = (dtd->scaffCount * sizeof(XML_Content)
++ + (dtd->contentStringLen * sizeof(XML_Char)));
+
+ ret = (XML_Content *)MALLOC(parser, allocsize);
+ if (! ret)
diff --git a/meta/recipes-core/expat/expat/CVE-2022-23852.patch b/meta/recipes-core/expat/expat/CVE-2022-23852.patch
new file mode 100644
index 0000000000..41425c108b
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2022-23852.patch
@@ -0,0 +1,33 @@
+From 847a645152f5ebc10ac63b74b604d0c1a79fae40 Mon Sep 17 00:00:00 2001
+From: Samanta Navarro <ferivoz@riseup.net>
+Date: Sat, 22 Jan 2022 17:48:00 +0100
+Subject: [PATCH] lib: Detect and prevent integer overflow in XML_GetBuffer
+ (CVE-2022-23852)
+
+Upstream-Status: Backport:
+https://github.com/libexpat/libexpat/commit/847a645152f5ebc10ac63b74b604d0c1a79fae40
+
+CVE: CVE-2022-23852
+
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+
+---
+ expat/lib/xmlparse.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index d54af683..5ce31402 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -2067,6 +2067,11 @@ XML_GetBuffer(XML_Parser parser, int len) {
+ keep = (int)EXPAT_SAFE_PTR_DIFF(parser->m_bufferPtr, parser->m_buffer);
+ if (keep > XML_CONTEXT_BYTES)
+ keep = XML_CONTEXT_BYTES;
++ /* Detect and prevent integer overflow */
++ if (keep > INT_MAX - neededSize) {
++ parser->m_errorCode = XML_ERROR_NO_MEMORY;
++ return NULL;
++ }
+ neededSize += keep;
+ #endif /* defined XML_CONTEXT_BYTES */
+ if (neededSize
diff --git a/meta/recipes-core/expat/expat/CVE-2022-23990.patch b/meta/recipes-core/expat/expat/CVE-2022-23990.patch
new file mode 100644
index 0000000000..c599517b3e
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2022-23990.patch
@@ -0,0 +1,49 @@
+From ede41d1e186ed2aba88a06e84cac839b770af3a1 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Wed, 26 Jan 2022 02:36:43 +0100
+Subject: [PATCH] lib: Prevent integer overflow in doProlog (CVE-2022-23990)
+
+The change from "int nameLen" to "size_t nameLen"
+addresses the overflow on "nameLen++" in code
+"for (; name[nameLen++];)" right above the second
+change in the patch.
+
+Upstream-Status: Backport:
+https://github.com/libexpat/libexpat/pull/551/commits/ede41d1e186ed2aba88a06e84cac839b770af3a1
+
+CVE: CVE-2022-23990
+
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+
+---
+ lib/xmlparse.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/lib/xmlparse.c b/expat/lib/xmlparse.c
+index 5ce31402..d1d17005 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -5372,7 +5372,7 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end,
+ if (dtd->in_eldecl) {
+ ELEMENT_TYPE *el;
+ const XML_Char *name;
+- int nameLen;
++ size_t nameLen;
+ const char *nxt
+ = (quant == XML_CQUANT_NONE ? next : next - enc->minBytesPerChar);
+ int myindex = nextScaffoldPart(parser);
+@@ -5388,7 +5388,13 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end,
+ nameLen = 0;
+ for (; name[nameLen++];)
+ ;
+- dtd->contentStringLen += nameLen;
++
++ /* Detect and prevent integer overflow */
++ if (nameLen > UINT_MAX - dtd->contentStringLen) {
++ return XML_ERROR_NO_MEMORY;
++ }
++
++ dtd->contentStringLen += (unsigned)nameLen;
+ if (parser->m_elementDeclHandler)
+ handleDefault = XML_FALSE;
+ }
diff --git a/meta/recipes-core/expat/expat/CVE-2022-25235.patch b/meta/recipes-core/expat/expat/CVE-2022-25235.patch
new file mode 100644
index 0000000000..9febeae609
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2022-25235.patch
@@ -0,0 +1,261 @@
+Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/306b721]
+CVE: CVE-2022-25235
+
+The commit is a merge commit, and this patch is created by:
+
+$ git show -m -p --stat 306b72134f157bbfd1637b20a22cabf4acfa136a
+
+Remove modification for expat/Changes which fails to be applied.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+commit 306b72134f157bbfd1637b20a22cabf4acfa136a (from 2cc97e875ef84da4bcf55156c83599116f7523b4)
+Merge: 2cc97e87 c16300f0
+Author: Sebastian Pipping <sebastian@pipping.org>
+Date: Fri Feb 18 20:12:32 2022 +0100
+
+ Merge pull request #562 from libexpat/utf8-security
+
+ [CVE-2022-25235] lib: Protect against malformed encoding (e.g. malformed UTF-8)
+---
+ expat/Changes | 7 ++++
+ expat/lib/xmltok.c | 5 ---
+ expat/lib/xmltok_impl.c | 18 ++++----
+ expat/tests/runtests.c | 109 ++++++++++++++++++++++++++++++++++++++++++++++++
+ 4 files changed, 127 insertions(+), 12 deletions(-)
+
+diff --git a/lib/xmltok.c b/lib/xmltok.c
+index a72200e8..3bddf125 100644
+--- a/lib/xmltok.c
++++ b/lib/xmltok.c
+@@ -98,11 +98,6 @@
+ + ((((byte)[1]) & 3) << 1) + ((((byte)[2]) >> 5) & 1)] \
+ & (1u << (((byte)[2]) & 0x1F)))
+
+-#define UTF8_GET_NAMING(pages, p, n) \
+- ((n) == 2 \
+- ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \
+- : ((n) == 3 ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) : 0))
+-
+ /* Detection of invalid UTF-8 sequences is based on Table 3.1B
+ of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/
+ with the additional restriction of not allowing the Unicode
+diff --git a/lib/xmltok_impl.c b/lib/xmltok_impl.c
+index 0430591b..84ff35f9 100644
+--- a/lib/xmltok_impl.c
++++ b/lib/xmltok_impl.c
+@@ -69,7 +69,7 @@
+ case BT_LEAD##n: \
+ if (end - ptr < n) \
+ return XML_TOK_PARTIAL_CHAR; \
+- if (! IS_NAME_CHAR(enc, ptr, n)) { \
++ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NAME_CHAR(enc, ptr, n)) { \
+ *nextTokPtr = ptr; \
+ return XML_TOK_INVALID; \
+ } \
+@@ -98,7 +98,7 @@
+ case BT_LEAD##n: \
+ if (end - ptr < n) \
+ return XML_TOK_PARTIAL_CHAR; \
+- if (! IS_NMSTRT_CHAR(enc, ptr, n)) { \
++ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \
+ *nextTokPtr = ptr; \
+ return XML_TOK_INVALID; \
+ } \
+@@ -1142,6 +1142,10 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end,
+ case BT_LEAD##n: \
+ if (end - ptr < n) \
+ return XML_TOK_PARTIAL_CHAR; \
++ if (IS_INVALID_CHAR(enc, ptr, n)) { \
++ *nextTokPtr = ptr; \
++ return XML_TOK_INVALID; \
++ } \
+ if (IS_NMSTRT_CHAR(enc, ptr, n)) { \
+ ptr += n; \
+ tok = XML_TOK_NAME; \
+@@ -1270,7 +1274,7 @@ PREFIX(attributeValueTok)(const ENCODING *enc, const char *ptr, const char *end,
+ switch (BYTE_TYPE(enc, ptr)) {
+ # define LEAD_CASE(n) \
+ case BT_LEAD##n: \
+- ptr += n; \
++ ptr += n; /* NOTE: The encoding has already been validated. */ \
+ break;
+ LEAD_CASE(2)
+ LEAD_CASE(3)
+@@ -1339,7 +1343,7 @@ PREFIX(entityValueTok)(const ENCODING *enc, const char *ptr, const char *end,
+ switch (BYTE_TYPE(enc, ptr)) {
+ # define LEAD_CASE(n) \
+ case BT_LEAD##n: \
+- ptr += n; \
++ ptr += n; /* NOTE: The encoding has already been validated. */ \
+ break;
+ LEAD_CASE(2)
+ LEAD_CASE(3)
+@@ -1518,7 +1522,7 @@ PREFIX(getAtts)(const ENCODING *enc, const char *ptr, int attsMax,
+ state = inName; \
+ }
+ # define LEAD_CASE(n) \
+- case BT_LEAD##n: \
++ case BT_LEAD##n: /* NOTE: The encoding has already been validated. */ \
+ START_NAME ptr += (n - MINBPC(enc)); \
+ break;
+ LEAD_CASE(2)
+@@ -1730,7 +1734,7 @@ PREFIX(nameLength)(const ENCODING *enc, const char *ptr) {
+ switch (BYTE_TYPE(enc, ptr)) {
+ # define LEAD_CASE(n) \
+ case BT_LEAD##n: \
+- ptr += n; \
++ ptr += n; /* NOTE: The encoding has already been validated. */ \
+ break;
+ LEAD_CASE(2)
+ LEAD_CASE(3)
+@@ -1775,7 +1779,7 @@ PREFIX(updatePosition)(const ENCODING *enc, const char *ptr, const char *end,
+ switch (BYTE_TYPE(enc, ptr)) {
+ # define LEAD_CASE(n) \
+ case BT_LEAD##n: \
+- ptr += n; \
++ ptr += n; /* NOTE: The encoding has already been validated. */ \
+ pos->columnNumber++; \
+ break;
+ LEAD_CASE(2)
+diff --git a/tests/runtests.c b/tests/runtests.c
+index bc5344b1..9b155b82 100644
+--- a/tests/runtests.c
++++ b/tests/runtests.c
+@@ -5998,6 +5998,105 @@ START_TEST(test_utf8_in_cdata_section_2) {
+ }
+ END_TEST
+
++START_TEST(test_utf8_in_start_tags) {
++ struct test_case {
++ bool goodName;
++ bool goodNameStart;
++ const char *tagName;
++ };
++
++ // The idea with the tests below is this:
++ // We want to cover 1-, 2- and 3-byte sequences, 4-byte sequences
++ // go to isNever and are hence not a concern.
++ //
++ // We start with a character that is a valid name character
++ // (or even name-start character, see XML 1.0r4 spec) and then we flip
++ // single bits at places where (1) the result leaves the UTF-8 encoding space
++ // and (2) we stay in the same n-byte sequence family.
++ //
++ // The flipped bits are highlighted in angle brackets in comments,
++ // e.g. "[<1>011 1001]" means we had [0011 1001] but we now flipped
++ // the most significant bit to 1 to leave UTF-8 encoding space.
++ struct test_case cases[] = {
++ // 1-byte UTF-8: [0xxx xxxx]
++ {true, true, "\x3A"}, // [0011 1010] = ASCII colon ':'
++ {false, false, "\xBA"}, // [<1>011 1010]
++ {true, false, "\x39"}, // [0011 1001] = ASCII nine '9'
++ {false, false, "\xB9"}, // [<1>011 1001]
++
++ // 2-byte UTF-8: [110x xxxx] [10xx xxxx]
++ {true, true, "\xDB\xA5"}, // [1101 1011] [1010 0101] =
++ // Arabic small waw U+06E5
++ {false, false, "\x9B\xA5"}, // [1<0>01 1011] [1010 0101]
++ {false, false, "\xDB\x25"}, // [1101 1011] [<0>010 0101]
++ {false, false, "\xDB\xE5"}, // [1101 1011] [1<1>10 0101]
++ {true, false, "\xCC\x81"}, // [1100 1100] [1000 0001] =
++ // combining char U+0301
++ {false, false, "\x8C\x81"}, // [1<0>00 1100] [1000 0001]
++ {false, false, "\xCC\x01"}, // [1100 1100] [<0>000 0001]
++ {false, false, "\xCC\xC1"}, // [1100 1100] [1<1>00 0001]
++
++ // 3-byte UTF-8: [1110 xxxx] [10xx xxxx] [10xxxxxx]
++ {true, true, "\xE0\xA4\x85"}, // [1110 0000] [1010 0100] [1000 0101] =
++ // Devanagari Letter A U+0905
++ {false, false, "\xA0\xA4\x85"}, // [1<0>10 0000] [1010 0100] [1000 0101]
++ {false, false, "\xE0\x24\x85"}, // [1110 0000] [<0>010 0100] [1000 0101]
++ {false, false, "\xE0\xE4\x85"}, // [1110 0000] [1<1>10 0100] [1000 0101]
++ {false, false, "\xE0\xA4\x05"}, // [1110 0000] [1010 0100] [<0>000 0101]
++ {false, false, "\xE0\xA4\xC5"}, // [1110 0000] [1010 0100] [1<1>00 0101]
++ {true, false, "\xE0\xA4\x81"}, // [1110 0000] [1010 0100] [1000 0001] =
++ // combining char U+0901
++ {false, false, "\xA0\xA4\x81"}, // [1<0>10 0000] [1010 0100] [1000 0001]
++ {false, false, "\xE0\x24\x81"}, // [1110 0000] [<0>010 0100] [1000 0001]
++ {false, false, "\xE0\xE4\x81"}, // [1110 0000] [1<1>10 0100] [1000 0001]
++ {false, false, "\xE0\xA4\x01"}, // [1110 0000] [1010 0100] [<0>000 0001]
++ {false, false, "\xE0\xA4\xC1"}, // [1110 0000] [1010 0100] [1<1>00 0001]
++ };
++ const bool atNameStart[] = {true, false};
++
++ size_t i = 0;
++ char doc[1024];
++ size_t failCount = 0;
++
++ for (; i < sizeof(cases) / sizeof(cases[0]); i++) {
++ size_t j = 0;
++ for (; j < sizeof(atNameStart) / sizeof(atNameStart[0]); j++) {
++ const bool expectedSuccess
++ = atNameStart[j] ? cases[i].goodNameStart : cases[i].goodName;
++ sprintf(doc, "<%s%s><!--", atNameStart[j] ? "" : "a", cases[i].tagName);
++ XML_Parser parser = XML_ParserCreate(NULL);
++
++ const enum XML_Status status
++ = XML_Parse(parser, doc, (int)strlen(doc), /*isFinal=*/XML_FALSE);
++
++ bool success = true;
++ if ((status == XML_STATUS_OK) != expectedSuccess) {
++ success = false;
++ }
++ if ((status == XML_STATUS_ERROR)
++ && (XML_GetErrorCode(parser) != XML_ERROR_INVALID_TOKEN)) {
++ success = false;
++ }
++
++ if (! success) {
++ fprintf(
++ stderr,
++ "FAIL case %2u (%sat name start, %u-byte sequence, error code %d)\n",
++ (unsigned)i + 1u, atNameStart[j] ? " " : "not ",
++ (unsigned)strlen(cases[i].tagName), XML_GetErrorCode(parser));
++ failCount++;
++ }
++
++ XML_ParserFree(parser);
++ }
++ }
++
++ if (failCount > 0) {
++ fail("UTF-8 regression detected");
++ }
++}
++END_TEST
++
+ /* Test trailing spaces in elements are accepted */
+ static void XMLCALL
+ record_element_end_handler(void *userData, const XML_Char *name) {
+@@ -6175,6 +6274,14 @@ START_TEST(test_bad_doctype) {
+ }
+ END_TEST
+
++START_TEST(test_bad_doctype_utf8) {
++ const char *text = "<!DOCTYPE \xDB\x25"
++ "doc><doc/>"; // [1101 1011] [<0>010 0101]
++ expect_failure(text, XML_ERROR_INVALID_TOKEN,
++ "Invalid UTF-8 in DOCTYPE not faulted");
++}
++END_TEST
++
+ START_TEST(test_bad_doctype_utf16) {
+ const char text[] =
+ /* <!DOCTYPE doc [ \x06f2 ]><doc/>
+@@ -11870,6 +11977,7 @@ make_suite(void) {
+ tcase_add_test(tc_basic, test_ext_entity_utf8_non_bom);
+ tcase_add_test(tc_basic, test_utf8_in_cdata_section);
+ tcase_add_test(tc_basic, test_utf8_in_cdata_section_2);
++ tcase_add_test(tc_basic, test_utf8_in_start_tags);
+ tcase_add_test(tc_basic, test_trailing_spaces_in_elements);
+ tcase_add_test(tc_basic, test_utf16_attribute);
+ tcase_add_test(tc_basic, test_utf16_second_attr);
+@@ -11878,6 +11986,7 @@ make_suite(void) {
+ tcase_add_test(tc_basic, test_bad_attr_desc_keyword);
+ tcase_add_test(tc_basic, test_bad_attr_desc_keyword_utf16);
+ tcase_add_test(tc_basic, test_bad_doctype);
++ tcase_add_test(tc_basic, test_bad_doctype_utf8);
+ tcase_add_test(tc_basic, test_bad_doctype_utf16);
+ tcase_add_test(tc_basic, test_bad_doctype_plus);
+ tcase_add_test(tc_basic, test_bad_doctype_star);
diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch
new file mode 100644
index 0000000000..ab53d99c8f
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch
@@ -0,0 +1,116 @@
+Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/2cc97e87]
+CVE: CVE-2022-25236
+
+The commit is a merge commit, and this patch is created by:
+
+$ git diff -p --stat 2cc97e87~ 2cc97e87
+
+Remove modification for expat/Changes which fails to be applied.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+commit 2cc97e875ef84da4bcf55156c83599116f7523b4 (from d477fdd284468f2ab822024e75702f2c1b254f42)
+Merge: d477fdd2 e4d7e497
+Author: Sebastian Pipping <sebastian@pipping.org>
+Date: Fri Feb 18 18:01:27 2022 +0100
+
+ Merge pull request #561 from libexpat/namesep-security
+
+ [CVE-2022-25236] lib: Protect against insertion of namesep characters into namespace URIs
+
+---
+ expat/Changes | 16 ++++++++++++++++
+ expat/lib/xmlparse.c | 17 +++++++++++++----
+ expat/tests/runtests.c | 30 ++++++++++++++++++++++++++++++
+ 3 files changed, 59 insertions(+), 4 deletions(-)
+
+diff --git a/lib/xmlparse.c b/lib/xmlparse.c
+index 7376aab1..c98e2e9f 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -718,8 +718,7 @@ XML_ParserCreate(const XML_Char *encodingName) {
+
+ XML_Parser XMLCALL
+ XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep) {
+- XML_Char tmp[2];
+- *tmp = nsSep;
++ XML_Char tmp[2] = {nsSep, 0};
+ return XML_ParserCreate_MM(encodingName, NULL, tmp);
+ }
+
+@@ -1344,8 +1343,7 @@ XML_ExternalEntityParserCreate(XML_Parser oldParser, const XML_Char *context,
+ would be otherwise.
+ */
+ if (parser->m_ns) {
+- XML_Char tmp[2];
+- *tmp = parser->m_namespaceSeparator;
++ XML_Char tmp[2] = {parser->m_namespaceSeparator, 0};
+ parser = parserCreate(encodingName, &parser->m_mem, tmp, newDtd);
+ } else {
+ parser = parserCreate(encodingName, &parser->m_mem, NULL, newDtd);
+@@ -3761,6 +3759,17 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+ if (! mustBeXML && isXMLNS
+ && (len > xmlnsLen || uri[len] != xmlnsNamespace[len]))
+ isXMLNS = XML_FALSE;
++
++ // NOTE: While Expat does not validate namespace URIs against RFC 3986,
++ // we have to at least make sure that the XML processor on top of
++ // Expat (that is splitting tag names by namespace separator into
++ // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused
++ // by an attacker putting additional namespace separator characters
++ // into namespace declarations. That would be ambiguous and not to
++ // be expected.
++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) {
++ return XML_ERROR_SYNTAX;
++ }
+ }
+ isXML = isXML && len == xmlLen;
+ isXMLNS = isXMLNS && len == xmlnsLen;
+diff --git a/tests/runtests.c b/tests/runtests.c
+index d07203f2..bc5344b1 100644
+--- a/tests/runtests.c
++++ b/tests/runtests.c
+@@ -7220,6 +7220,35 @@ START_TEST(test_ns_double_colon_doctype) {
+ }
+ END_TEST
+
++START_TEST(test_ns_separator_in_uri) {
++ struct test_case {
++ enum XML_Status expectedStatus;
++ const char *doc;
++ };
++ struct test_case cases[] = {
++ {XML_STATUS_OK, "<doc xmlns='one_two' />"},
++ {XML_STATUS_ERROR, "<doc xmlns='one&#x0A;two' />"},
++ };
++
++ size_t i = 0;
++ size_t failCount = 0;
++ for (; i < sizeof(cases) / sizeof(cases[0]); i++) {
++ XML_Parser parser = XML_ParserCreateNS(NULL, '\n');
++ XML_SetElementHandler(parser, dummy_start_element, dummy_end_element);
++ if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc),
++ /*isFinal*/ XML_TRUE)
++ != cases[i].expectedStatus) {
++ failCount++;
++ }
++ XML_ParserFree(parser);
++ }
++
++ if (failCount) {
++ fail("Namespace separator handling is broken");
++ }
++}
++END_TEST
++
+ /* Control variable; the number of times duff_allocator() will successfully
+ * allocate */
+ #define ALLOC_ALWAYS_SUCCEED (-1)
+@@ -11905,6 +11934,7 @@ make_suite(void) {
+ tcase_add_test(tc_namespace, test_ns_utf16_doctype);
+ tcase_add_test(tc_namespace, test_ns_invalid_doctype);
+ tcase_add_test(tc_namespace, test_ns_double_colon_doctype);
++ tcase_add_test(tc_namespace, test_ns_separator_in_uri);
+
+ suite_add_tcase(s, tc_misc);
+ tcase_add_checked_fixture(tc_misc, NULL, basic_teardown);
diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch
new file mode 100644
index 0000000000..0f14c9631b
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch
@@ -0,0 +1,232 @@
+Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/f178826b]
+CVE: CVE-2022-25236
+
+The commit is a merge commit, and this patch is created by:
+
+$ git show -m -p --stat f178826b
+
+Remove changes for expat/Changes and reference.html which fail to be applied.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+commit f178826bb1e9c8ee23202f1be55ad4ac7b649e84 (from c99e0e7f2b15b48848038992ecbb4480f957cfe9)
+Merge: c99e0e7f 9579f7ea
+Author: Sebastian Pipping <sebastian@pipping.org>
+Date: Fri Mar 4 18:43:39 2022 +0100
+
+ Merge pull request #577 from libexpat/namesep
+
+ lib: Relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters (fixes #572)
+---
+ expat/Changes | 16 ++++++
+ expat/doc/reference.html | 8 +++
+ expat/lib/expat.h | 11 ++++
+ expat/lib/xmlparse.c | 139 ++++++++++++++++++++++++++++++++++++++++++++---
+ expat/tests/runtests.c | 8 ++-
+ 5 files changed, 171 insertions(+), 11 deletions(-)
+
+diff --git a/lib/expat.h b/lib/expat.h
+index 5ab493f7..181fc960 100644
+--- a/lib/expat.h
++++ b/lib/expat.h
+@@ -239,6 +239,17 @@ XML_ParserCreate(const XML_Char *encoding);
+ and the local part will be concatenated without any separator.
+ It is a programming error to use the separator '\0' with namespace
+ triplets (see XML_SetReturnNSTriplet).
++ If a namespace separator is chosen that can be part of a URI or
++ part of an XML name, splitting an expanded name back into its
++ 1, 2 or 3 original parts on application level in the element handler
++ may end up vulnerable, so these are advised against; sane choices for
++ a namespace separator are e.g. '\n' (line feed) and '|' (pipe).
++
++ Note that Expat does not validate namespace URIs (beyond encoding)
++ against RFC 3986 today (and is not required to do so with regard to
++ the XML 1.0 namespaces specification) but it may start doing that
++ in future releases. Before that, an application using Expat must
++ be ready to receive namespace URIs containing non-URI characters.
+ */
+ XMLPARSEAPI(XML_Parser)
+ XML_ParserCreateNS(const XML_Char *encoding, XML_Char namespaceSeparator);
+diff --git a/lib/xmlparse.c b/lib/xmlparse.c
+index 59da19c8..6fe2cf1e 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -3705,6 +3705,117 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+ return XML_ERROR_NONE;
+ }
+
++static XML_Bool
++is_rfc3986_uri_char(XML_Char candidate) {
++ // For the RFC 3986 ANBF grammar see
++ // https://datatracker.ietf.org/doc/html/rfc3986#appendix-A
++
++ switch (candidate) {
++ // From rule "ALPHA" (uppercase half)
++ case 'A':
++ case 'B':
++ case 'C':
++ case 'D':
++ case 'E':
++ case 'F':
++ case 'G':
++ case 'H':
++ case 'I':
++ case 'J':
++ case 'K':
++ case 'L':
++ case 'M':
++ case 'N':
++ case 'O':
++ case 'P':
++ case 'Q':
++ case 'R':
++ case 'S':
++ case 'T':
++ case 'U':
++ case 'V':
++ case 'W':
++ case 'X':
++ case 'Y':
++ case 'Z':
++
++ // From rule "ALPHA" (lowercase half)
++ case 'a':
++ case 'b':
++ case 'c':
++ case 'd':
++ case 'e':
++ case 'f':
++ case 'g':
++ case 'h':
++ case 'i':
++ case 'j':
++ case 'k':
++ case 'l':
++ case 'm':
++ case 'n':
++ case 'o':
++ case 'p':
++ case 'q':
++ case 'r':
++ case 's':
++ case 't':
++ case 'u':
++ case 'v':
++ case 'w':
++ case 'x':
++ case 'y':
++ case 'z':
++
++ // From rule "DIGIT"
++ case '0':
++ case '1':
++ case '2':
++ case '3':
++ case '4':
++ case '5':
++ case '6':
++ case '7':
++ case '8':
++ case '9':
++
++ // From rule "pct-encoded"
++ case '%':
++
++ // From rule "unreserved"
++ case '-':
++ case '.':
++ case '_':
++ case '~':
++
++ // From rule "gen-delims"
++ case ':':
++ case '/':
++ case '?':
++ case '#':
++ case '[':
++ case ']':
++ case '@':
++
++ // From rule "sub-delims"
++ case '!':
++ case '$':
++ case '&':
++ case '\'':
++ case '(':
++ case ')':
++ case '*':
++ case '+':
++ case ',':
++ case ';':
++ case '=':
++ return XML_TRUE;
++
++ default:
++ return XML_FALSE;
++ }
++}
++
+ /* addBinding() overwrites the value of prefix->binding without checking.
+ Therefore one must keep track of the old value outside of addBinding().
+ */
+@@ -3763,14 +3874,26 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+ && (len > xmlnsLen || uri[len] != xmlnsNamespace[len]))
+ isXMLNS = XML_FALSE;
+
+- // NOTE: While Expat does not validate namespace URIs against RFC 3986,
+- // we have to at least make sure that the XML processor on top of
+- // Expat (that is splitting tag names by namespace separator into
+- // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused
+- // by an attacker putting additional namespace separator characters
+- // into namespace declarations. That would be ambiguous and not to
+- // be expected.
+- if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) {
++ // NOTE: While Expat does not validate namespace URIs against RFC 3986
++ // today (and is not REQUIRED to do so with regard to the XML 1.0
++ // namespaces specification) we have to at least make sure, that
++ // the application on top of Expat (that is likely splitting expanded
++ // element names ("qualified names") of form
++ // "[uri sep] local [sep prefix] '\0'" back into 1, 2 or 3 pieces
++ // in its element handler code) cannot be confused by an attacker
++ // putting additional namespace separator characters into namespace
++ // declarations. That would be ambiguous and not to be expected.
++ //
++ // While the HTML API docs of function XML_ParserCreateNS have been
++ // advising against use of a namespace separator character that can
++ // appear in a URI for >20 years now, some widespread applications
++ // are using URI characters (':' (colon) in particular) for a
++ // namespace separator, in practice. To keep these applications
++ // functional, we only reject namespaces URIs containing the
++ // application-chosen namespace separator if the chosen separator
++ // is a non-URI character with regard to RFC 3986.
++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)
++ && ! is_rfc3986_uri_char(uri[len])) {
+ return XML_ERROR_SYNTAX;
+ }
+ }
+diff --git a/tests/runtests.c b/tests/runtests.c
+index 60da868e..712706c4 100644
+--- a/tests/runtests.c
++++ b/tests/runtests.c
+@@ -7406,16 +7406,18 @@ START_TEST(test_ns_separator_in_uri) {
+ struct test_case {
+ enum XML_Status expectedStatus;
+ const char *doc;
++ XML_Char namesep;
+ };
+ struct test_case cases[] = {
+- {XML_STATUS_OK, "<doc xmlns='one_two' />"},
+- {XML_STATUS_ERROR, "<doc xmlns='one&#x0A;two' />"},
++ {XML_STATUS_OK, "<doc xmlns='one_two' />", XCS('\n')},
++ {XML_STATUS_ERROR, "<doc xmlns='one&#x0A;two' />", XCS('\n')},
++ {XML_STATUS_OK, "<doc xmlns='one:two' />", XCS(':')},
+ };
+
+ size_t i = 0;
+ size_t failCount = 0;
+ for (; i < sizeof(cases) / sizeof(cases[0]); i++) {
+- XML_Parser parser = XML_ParserCreateNS(NULL, '\n');
++ XML_Parser parser = XML_ParserCreateNS(NULL, cases[i].namesep);
+ XML_SetElementHandler(parser, dummy_start_element, dummy_end_element);
+ if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc),
+ /*isFinal*/ XML_TRUE)
diff --git a/meta/recipes-core/expat/expat_2.2.10.bb b/meta/recipes-core/expat/expat_2.2.10.bb
index 08e8ff1cea..f99fa7edb6 100644
--- a/meta/recipes-core/expat/expat_2.2.10.bb
+++ b/meta/recipes-core/expat/expat_2.2.10.bb
@@ -10,9 +10,17 @@ VERSION_TAG = "${@d.getVar('PV').replace('.', '_')}"
SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2 \
file://libtool-tag.patch \
- file://run-ptest \
- file://0001-Add-output-of-tests-result.patch \
- "
+ file://run-ptest \
+ file://0001-Add-output-of-tests-result.patch \
+ file://CVE-2022-22822-27.patch \
+ file://CVE-2021-45960.patch \
+ file://CVE-2021-46143.patch \
+ file://CVE-2022-23852.patch \
+ file://CVE-2022-23990.patch \
+ file://CVE-2022-25235.patch \
+ file://CVE-2022-25236-1.patch \
+ file://CVE-2022-25236-2.patch \
+ "
UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/"
diff --git a/meta/recipes-core/fts/fts_1.2.7.bb b/meta/recipes-core/fts/fts_1.2.7.bb
index ea820cb0c3..d3b0f31eda 100644
--- a/meta/recipes-core/fts/fts_1.2.7.bb
+++ b/meta/recipes-core/fts/fts_1.2.7.bb
@@ -10,7 +10,7 @@ SECTION = "libs"
SRCREV = "0bde52df588e8969879a2cae51c3a4774ec62472"
-SRC_URI = "git://github.com/pullmoll/musl-fts.git"
+SRC_URI = "git://github.com/pullmoll/musl-fts.git;branch=master;protocol=https"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/glibc/cross-localedef-native_2.33.bb b/meta/recipes-core/glibc/cross-localedef-native_2.33.bb
index ec59c6ba10..22d3f96c09 100644
--- a/meta/recipes-core/glibc/cross-localedef-native_2.33.bb
+++ b/meta/recipes-core/glibc/cross-localedef-native_2.33.bb
@@ -20,7 +20,7 @@ inherit native
FILESEXTRAPATHS =. "${FILE_DIRNAME}/${PN}:${FILE_DIRNAME}/glibc:"
SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
- git://github.com/kraj/localedef;branch=master;name=localedef;destsuffix=git/localedef \
+ git://github.com/kraj/localedef;branch=master;name=localedef;destsuffix=git/localedef;protocol=https \
\
file://0001-localedef-Add-hardlink-resolver-from-util-linux.patch \
file://0002-localedef-fix-ups-hardlink-to-make-it-compile.patch \
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 3a95173175..e1eefdee49 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.33/master"
PV = "2.33"
-SRCREV_glibc ?= "9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3"
+SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323"
SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
deleted file mode 100644
index 8a52ac957c..0000000000
--- a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17 00:00:00 2001
-From: Nikita Popov <npv1310@gmail.com>
-Date: Mon, 9 Aug 2021 20:17:34 +0530
-Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213)
-
-Helper thread frees copied attribute on NOTIFY_REMOVED message
-received from the OS kernel. Unfortunately, it fails to check whether
-copied attribute actually exists (data.attr != NULL). This worked
-earlier because free() checks passed pointer before actually
-attempting to release corresponding memory. But
-__pthread_attr_destroy assumes pointer is not NULL.
-
-So passing NULL pointer to __pthread_attr_destroy will result in
-segmentation fault. This scenario is possible if
-notification->sigev_notify_attributes == NULL (which means default
-thread attributes should be used).
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8]
-CVE: CVE-2021-38604
-
-Signed-off-by: Nikita Popov <npv1310@gmail.com>
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- sysdeps/unix/sysv/linux/mq_notify.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
-index 6f46d29d1d..1714e1cc5f 100644
---- a/sysdeps/unix/sysv/linux/mq_notify.c
-+++ b/sysdeps/unix/sysv/linux/mq_notify.c
-@@ -132,7 +132,7 @@ helper_thread (void *arg)
- to wait until it is done with it. */
- (void) __pthread_barrier_wait (&notify_barrier);
- }
-- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
-+ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED && data.attr != NULL)
- {
- /* The only state we keep is the copy of the thread attributes. */
- pthread_attr_destroy (data.attr);
diff --git a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch b/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
deleted file mode 100644
index 39fde5b785..0000000000
--- a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From c4ad832276f4dadfa40904109b26a521468f66bc Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Thu, 4 Feb 2021 15:00:20 +0100
-Subject: [PATCH] nptl: Remove private futex optimization [BZ #27304]
-
-It is effectively used, unexcept for pthread_cond_destroy, where we do
-not want it; see bug 27304. The internal locks do not support a
-process-shared mode.
-
-This fixes commit dc6cfdc934db9997c33728082d63552b9eee4563 ("nptl:
-Move pthread_cond_destroy implementation into libc").
-
-Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
-
-Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27304]
-Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
----
- sysdeps/nptl/lowlevellock-futex.h | 14 +-------------
- 1 file changed, 1 insertion(+), 13 deletions(-)
-
-diff --git a/sysdeps/nptl/lowlevellock-futex.h b/sysdeps/nptl/lowlevellock-futex.h
-index ecb729da6b..ca96397a4a 100644
---- a/sysdeps/nptl/lowlevellock-futex.h
-+++ b/sysdeps/nptl/lowlevellock-futex.h
-@@ -50,20 +50,8 @@
- #define LLL_SHARED FUTEX_PRIVATE_FLAG
-
- #ifndef __ASSEMBLER__
--
--# if IS_IN (libc) || IS_IN (rtld)
--/* In libc.so or ld.so all futexes are private. */
--# define __lll_private_flag(fl, private) \
-- ({ \
-- /* Prevent warnings in callers of this macro. */ \
-- int __lll_private_flag_priv __attribute__ ((unused)); \
-- __lll_private_flag_priv = (private); \
-- ((fl) | FUTEX_PRIVATE_FLAG); \
-- })
--# else
--# define __lll_private_flag(fl, private) \
-+# define __lll_private_flag(fl, private) \
- (((fl) | FUTEX_PRIVATE_FLAG) ^ (private))
--# endif
-
- # define lll_futex_syscall(nargs, futexp, op, ...) \
- ({ \
---
-2.27.0
-
diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
deleted file mode 100644
index b654cdfecb..0000000000
--- a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch
+++ /dev/null
@@ -1,147 +0,0 @@
-From 4cc79c217744743077bf7a0ec5e0a4318f1e6641 Mon Sep 17 00:00:00 2001
-From: Nikita Popov <npv1310@gmail.com>
-Date: Thu, 12 Aug 2021 16:09:50 +0530
-Subject: [PATCH] librt: add test (bug 28213)
-
-This test implements following logic:
-1) Create POSIX message queue.
- Register a notification with mq_notify (using NULL attributes).
- Then immediately unregister the notification with mq_notify.
- Helper thread in a vulnerable version of glibc
- should cause NULL pointer dereference after these steps.
-2) Once again, register the same notification.
- Try to send a dummy message.
- Test is considered successfulif the dummy message
- is successfully received by the callback function.
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641]
-CVE: CVE-2021-38604
-
-Signed-off-by: Nikita Popov <npv1310@gmail.com>
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- rt/Makefile | 1 +
- rt/tst-bz28213.c | 101 +++++++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 102 insertions(+)
- create mode 100644 rt/tst-bz28213.c
-
-diff --git a/rt/Makefile b/rt/Makefile
-index 7b374f2073..c87d95793a 100644
---- a/rt/Makefile
-+++ b/rt/Makefile
-@@ -44,6 +44,7 @@ tests := tst-shm tst-timer tst-timer2 \
- tst-aio7 tst-aio8 tst-aio9 tst-aio10 \
- tst-mqueue1 tst-mqueue2 tst-mqueue3 tst-mqueue4 \
- tst-mqueue5 tst-mqueue6 tst-mqueue7 tst-mqueue8 tst-mqueue9 \
-+ tst-bz28213 \
- tst-timer3 tst-timer4 tst-timer5 \
- tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3 \
- tst-shm-cancel
-diff --git a/rt/tst-bz28213.c b/rt/tst-bz28213.c
-new file mode 100644
-index 0000000000..0c096b5a0a
---- /dev/null
-+++ b/rt/tst-bz28213.c
-@@ -0,0 +1,101 @@
-+/* Bug 28213: test for NULL pointer dereference in mq_notify.
-+ Copyright (C) The GNU Toolchain Authors.
-+ This file is part of the GNU C Library.
-+
-+ The GNU C Library is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU Lesser General Public
-+ License as published by the Free Software Foundation; either
-+ version 2.1 of the License, or (at your option) any later version.
-+
-+ The GNU C Library is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-+ Lesser General Public License for more details.
-+
-+ You should have received a copy of the GNU Lesser General Public
-+ License along with the GNU C Library; if not, see
-+ <https://www.gnu.org/licenses/>. */
-+
-+#include <errno.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <mqueue.h>
-+#include <signal.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <support/check.h>
-+
-+static mqd_t m = -1;
-+static const char msg[] = "hello";
-+
-+static void
-+check_bz28213_cb (union sigval sv)
-+{
-+ char buf[sizeof (msg)];
-+
-+ (void) sv;
-+
-+ TEST_VERIFY_EXIT ((size_t) mq_receive (m, buf, sizeof (buf), NULL)
-+ == sizeof (buf));
-+ TEST_VERIFY_EXIT (memcmp (buf, msg, sizeof (buf)) == 0);
-+
-+ exit (0);
-+}
-+
-+static void
-+check_bz28213 (void)
-+{
-+ struct sigevent sev;
-+
-+ memset (&sev, '\0', sizeof (sev));
-+ sev.sigev_notify = SIGEV_THREAD;
-+ sev.sigev_notify_function = check_bz28213_cb;
-+
-+ /* Step 1: Register & unregister notifier.
-+ Helper thread should receive NOTIFY_REMOVED notification.
-+ In a vulnerable version of glibc, NULL pointer dereference follows. */
-+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
-+ TEST_VERIFY_EXIT (mq_notify (m, NULL) == 0);
-+
-+ /* Step 2: Once again, register notification.
-+ Try to send one message.
-+ Test is considered successful, if the callback does exit (0). */
-+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0);
-+ TEST_VERIFY_EXIT (mq_send (m, msg, sizeof (msg), 1) == 0);
-+
-+ /* Wait... */
-+ pause ();
-+}
-+
-+static int
-+do_test (void)
-+{
-+ static const char m_name[] = "/bz28213_queue";
-+ struct mq_attr m_attr;
-+
-+ memset (&m_attr, '\0', sizeof (m_attr));
-+ m_attr.mq_maxmsg = 1;
-+ m_attr.mq_msgsize = sizeof (msg);
-+
-+ m = mq_open (m_name,
-+ O_RDWR | O_CREAT | O_EXCL,
-+ 0600,
-+ &m_attr);
-+
-+ if (m < 0)
-+ {
-+ if (errno == ENOSYS)
-+ FAIL_UNSUPPORTED ("POSIX message queues are not implemented\n");
-+ FAIL_EXIT1 ("Failed to create POSIX message queue: %m\n");
-+ }
-+
-+ TEST_VERIFY_EXIT (mq_unlink (m_name) == 0);
-+
-+ check_bz28213 ();
-+
-+ return 0;
-+}
-+
-+#include <support/test-driver.c>
diff --git a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch b/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
deleted file mode 100644
index 3cb60b2e55..0000000000
--- a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch
+++ /dev/null
@@ -1,116 +0,0 @@
-From b1971f6f1331d738d1d6b376b4741668a7546125 Mon Sep 17 00:00:00 2001
-From: "H.J. Lu" <hjl.tools@gmail.com>
-Date: Tue, 2 Feb 2021 13:45:58 -0800
-Subject: [PATCH] x86: Require full ISA support for x86-64 level marker [BZ #27318]
-
-Since -march=sandybridge enables ISAs in x86-64 ISA level v3, the v3
-marker is set on libc.so. We couldn't set the needed ISA marker to v2
-since this libc won't run on all v2 machines. Technically, the v3 marker
-is correct. But the resulting libc.so won't run on Sandy Brigde, which
-is a v2 machine, even when libc is compiled with -march=sandybridge:
-
-$ ./elf/ld.so ./libc.so
-./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
-
-Instead, we require full ISA support for x86-64 level marker and disable
-x86-64 level marker for -march=sandybridge which enables ISAs between v2
-and v3.
-
-Upstream-Status: Submitted [https://sourceware.org/pipermail/libc-alpha/2021-February/122297.html]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
-
- sysdeps/x86/configure | 7 ++++++-
- sysdeps/x86/configure.ac | 2 +-
- sysdeps/x86/isa-level.c | 21 ++++++++++++++++++++-
- 3 files changed, 27 insertions(+), 3 deletions(-)
-
-diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
-index 5e32dc62b3..5b20646843 100644
---- a/sysdeps/x86/configure
-+++ b/sysdeps/x86/configure
-@@ -133,7 +133,12 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest c
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; }; then
- count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
-- if test "$count" = 1; then
-+ if test "$count" = 1 && { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c'
-+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
-+ (eval $ac_try) 2>&5
-+ ac_status=$?
-+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-+ test $ac_status = 0; }; }; then
- libc_cv_include_x86_isa_level=yes
- fi
- fi
-diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
-index f94088f377..54ecd33d2c 100644
---- a/sysdeps/x86/configure.ac
-+++ b/sysdeps/x86/configure.ac
-@@ -100,7 +100,7 @@ EOF
- libc_cv_include_x86_isa_level=no
- if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then
- count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
-- if test "$count" = 1; then
-+ if test "$count" = 1 && AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c); then
- libc_cv_include_x86_isa_level=yes
- fi
- fi
-diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
-index aaf524cb56..7f83449061 100644
---- a/sysdeps/x86/isa-level.c
-+++ b/sysdeps/x86/isa-level.c
-@@ -25,12 +25,17 @@
- License along with the GNU C Library; if not, see
- <https://www.gnu.org/licenses/>. */
-
--#include <elf.h>
-+#ifdef _LIBC
-+# include <elf.h>
-+#endif
-
- /* ELF program property for x86 ISA level. */
- #ifdef INCLUDE_X86_ISA_LEVEL
- # if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
- || defined __MMX__ || defined __SSE__ || defined __SSE2__
-+# if !defined __SSE__ || !defined __SSE2__
-+# error "Missing ISAs for x86-64 ISA level baseline"
-+# endif
- # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
- # else
- # define ISA_BASELINE 0
-@@ -40,6 +45,11 @@
- || (defined __x86_64__ && defined __LAHF_SAHF__) \
- || defined __POPCNT__ || defined __SSE3__ \
- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
-+# if !defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
-+ || !defined __POPCNT__ || !defined __SSE3__ \
-+ || !defined __SSSE3__ || !defined __SSE4_1__ || !defined __SSE4_2__
-+# error "Missing ISAs for x86-64 ISA level v2"
-+# endif
- # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
- # else
- # define ISA_V2 0
-@@ -48,6 +58,10 @@
- # if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
- || defined __XSAVE__
-+# if !defined __AVX__ || !defined __AVX2__ || !defined __F16C__ \
-+ || !defined __FMA__ || !defined __LZCNT__
-+# error "Missing ISAs for x86-64 ISA level v3"
-+# endif
- # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
- # else
- # define ISA_V3 0
-@@ -55,6 +69,11 @@
-
- # if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \
- || defined __AVX512DQ__ || defined __AVX512VL__
-+# if !defined __AVX512F__ || !defined __AVX512BW__ \
-+ || !defined __AVX512CD__ || !defined __AVX512DQ__ \
-+ || !defined __AVX512VL__
-+# error "Missing ISAs for x86-64 ISA level v4"
-+# endif
- # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
- # else
- # define ISA_V4 0
diff --git a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch b/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
deleted file mode 100644
index e904b28a05..0000000000
--- a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 044e603b698093cf48f6e6229e0b66acf05227e4 Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Fri, 19 Feb 2021 13:29:00 +0100
-Subject: [PATCH] string: Work around GCC PR 98512 in rawmemchr
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=044e603b698093cf48f6e6229e0b66acf05227e4]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- string/rawmemchr.c | 26 +++++++++++++++-----------
- 1 file changed, 15 insertions(+), 11 deletions(-)
-
-diff --git a/string/rawmemchr.c b/string/rawmemchr.c
-index 59bbeeaa42..b8523118e5 100644
---- a/string/rawmemchr.c
-+++ b/string/rawmemchr.c
-@@ -22,24 +22,28 @@
- # define RAWMEMCHR __rawmemchr
- #endif
-
--/* Find the first occurrence of C in S. */
--void *
--RAWMEMCHR (const void *s, int c)
--{
-- DIAG_PUSH_NEEDS_COMMENT;
-+/* The pragmata should be nested inside RAWMEMCHR below, but that
-+ triggers GCC PR 98512. */
-+DIAG_PUSH_NEEDS_COMMENT;
- #if __GNUC_PREREQ (7, 0)
-- /* GCC 8 warns about the size passed to memchr being larger than
-- PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
-- DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
-+/* GCC 8 warns about the size passed to memchr being larger than
-+ PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */
-+DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow=");
- #endif
- #if __GNUC_PREREQ (11, 0)
-- /* Likewise GCC 11, with a different warning option. */
-- DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
-+/* Likewise GCC 11, with a different warning option. */
-+DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread");
- #endif
-+
-+/* Find the first occurrence of C in S. */
-+void *
-+RAWMEMCHR (const void *s, int c)
-+{
- if (c != '\0')
- return memchr (s, c, (size_t)-1);
-- DIAG_POP_NEEDS_COMMENT;
- return (char *)s + strlen (s);
- }
- libc_hidden_def (__rawmemchr)
- weak_alias (__rawmemchr, rawmemchr)
-+
-+DIAG_POP_NEEDS_COMMENT;
---
-2.30.1
-
diff --git a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch b/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
deleted file mode 100644
index 3a004e227f..0000000000
--- a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch
+++ /dev/null
@@ -1,185 +0,0 @@
-From 750b00a1ddae220403fd892a6fd4e0791ffd154a Mon Sep 17 00:00:00 2001
-From: "H.J. Lu" <hjl.tools@gmail.com>
-Date: Fri, 18 Sep 2020 07:55:14 -0700
-Subject: [PATCH] x86: Handle _SC_LEVEL1_ICACHE_LINESIZE [BZ #27444]
-
- x86: Move x86 processor cache info to cpu_features
-
-missed _SC_LEVEL1_ICACHE_LINESIZE.
-
-1. Add level1_icache_linesize to struct cpu_features.
-2. Initialize level1_icache_linesize by calling handle_intel,
-handle_zhaoxin and handle_amd with _SC_LEVEL1_ICACHE_LINESIZE.
-3. Return level1_icache_linesize for _SC_LEVEL1_ICACHE_LINESIZE.
-
-Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27444]
-Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
----
- sysdeps/x86/Makefile | 8 +++
- sysdeps/x86/cacheinfo.c | 3 +
- sysdeps/x86/dl-cacheinfo.h | 6 ++
- sysdeps/x86/include/cpu-features.h | 2 +
- .../x86/tst-sysconf-cache-linesize-static.c | 1 +
- sysdeps/x86/tst-sysconf-cache-linesize.c | 57 +++++++++++++++++++
- 6 files changed, 77 insertions(+)
- create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize-static.c
- create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize.c
-
-diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
-index dd82674342..d231263051 100644
---- a/sysdeps/x86/Makefile
-+++ b/sysdeps/x86/Makefile
-@@ -208,3 +208,11 @@ $(objpfx)check-cet.out: $(..)sysdeps/x86/check-cet.awk \
- generated += check-cet.out
- endif
- endif
-+
-+ifeq ($(subdir),posix)
-+tests += \
-+ tst-sysconf-cache-linesize \
-+ tst-sysconf-cache-linesize-static
-+tests-static += \
-+ tst-sysconf-cache-linesize-static
-+endif
-diff --git a/sysdeps/x86/cacheinfo.c b/sysdeps/x86/cacheinfo.c
-index 7b8df45e3b..5ea4723ca6 100644
---- a/sysdeps/x86/cacheinfo.c
-+++ b/sysdeps/x86/cacheinfo.c
-@@ -32,6 +32,9 @@ __cache_sysconf (int name)
- case _SC_LEVEL1_ICACHE_SIZE:
- return cpu_features->level1_icache_size;
-
-+ case _SC_LEVEL1_ICACHE_LINESIZE:
-+ return cpu_features->level1_icache_linesize;
-+
- case _SC_LEVEL1_DCACHE_SIZE:
- return cpu_features->level1_dcache_size;
-
-diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h
-index a31fa0783a..7cd00b92f1 100644
---- a/sysdeps/x86/dl-cacheinfo.h
-+++ b/sysdeps/x86/dl-cacheinfo.h
-@@ -707,6 +707,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- long int core;
- unsigned int threads = 0;
- unsigned long int level1_icache_size = -1;
-+ unsigned long int level1_icache_linesize = -1;
- unsigned long int level1_dcache_size = -1;
- unsigned long int level1_dcache_assoc = -1;
- unsigned long int level1_dcache_linesize = -1;
-@@ -726,6 +727,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
-
- level1_icache_size
- = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features);
-+ level1_icache_linesize
-+ = handle_intel (_SC_LEVEL1_ICACHE_LINESIZE, cpu_features);
- level1_dcache_size = data;
- level1_dcache_assoc
- = handle_intel (_SC_LEVEL1_DCACHE_ASSOC, cpu_features);
-@@ -753,6 +756,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE);
-
- level1_icache_size = handle_zhaoxin (_SC_LEVEL1_ICACHE_SIZE);
-+ level1_icache_linesize = handle_zhaoxin (_SC_LEVEL1_ICACHE_LINESIZE);
- level1_dcache_size = data;
- level1_dcache_assoc = handle_zhaoxin (_SC_LEVEL1_DCACHE_ASSOC);
- level1_dcache_linesize = handle_zhaoxin (_SC_LEVEL1_DCACHE_LINESIZE);
-@@ -772,6 +776,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- shared = handle_amd (_SC_LEVEL3_CACHE_SIZE);
-
- level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE);
-+ level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE);
- level1_dcache_size = data;
- level1_dcache_assoc = handle_amd (_SC_LEVEL1_DCACHE_ASSOC);
- level1_dcache_linesize = handle_amd (_SC_LEVEL1_DCACHE_LINESIZE);
-@@ -833,6 +838,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features)
- }
-
- cpu_features->level1_icache_size = level1_icache_size;
-+ cpu_features->level1_icache_linesize = level1_icache_linesize;
- cpu_features->level1_dcache_size = level1_dcache_size;
- cpu_features->level1_dcache_assoc = level1_dcache_assoc;
- cpu_features->level1_dcache_linesize = level1_dcache_linesize;
-diff --git a/sysdeps/x86/include/cpu-features.h b/sysdeps/x86/include/cpu-features.h
-index 624736b40e..39a3f4f311 100644
---- a/sysdeps/x86/include/cpu-features.h
-+++ b/sysdeps/x86/include/cpu-features.h
-@@ -874,6 +874,8 @@ struct cpu_features
- unsigned long int rep_stosb_threshold;
- /* _SC_LEVEL1_ICACHE_SIZE. */
- unsigned long int level1_icache_size;
-+ /* _SC_LEVEL1_ICACHE_LINESIZE. */
-+ unsigned long int level1_icache_linesize;
- /* _SC_LEVEL1_DCACHE_SIZE. */
- unsigned long int level1_dcache_size;
- /* _SC_LEVEL1_DCACHE_ASSOC. */
-diff --git a/sysdeps/x86/tst-sysconf-cache-linesize-static.c b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
-new file mode 100644
-index 0000000000..152ae68821
---- /dev/null
-+++ b/sysdeps/x86/tst-sysconf-cache-linesize-static.c
-@@ -0,0 +1 @@
-+#include "tst-sysconf-cache-linesize.c"
-diff --git a/sysdeps/x86/tst-sysconf-cache-linesize.c b/sysdeps/x86/tst-sysconf-cache-linesize.c
-new file mode 100644
-index 0000000000..642dbde5d2
---- /dev/null
-+++ b/sysdeps/x86/tst-sysconf-cache-linesize.c
-@@ -0,0 +1,57 @@
-+/* Test system cache line sizes.
-+ Copyright (C) 2021 Free Software Foundation, Inc.
-+ This file is part of the GNU C Library.
-+
-+ The GNU C Library is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU Lesser General Public
-+ License as published by the Free Software Foundation; either
-+ version 2.1 of the License, or (at your option) any later version.
-+
-+ The GNU C Library is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-+ Lesser General Public License for more details.
-+
-+ You should have received a copy of the GNU Lesser General Public
-+ License along with the GNU C Library; if not, see
-+ <https://www.gnu.org/licenses/>. */
-+
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <unistd.h>
-+#include <array_length.h>
-+
-+static struct
-+{
-+ const char *name;
-+ int _SC_val;
-+} sc_options[] =
-+ {
-+#define N(name) { "_SC_"#name, _SC_##name }
-+ N (LEVEL1_ICACHE_LINESIZE),
-+ N (LEVEL1_DCACHE_LINESIZE),
-+ N (LEVEL2_CACHE_LINESIZE)
-+ };
-+
-+static int
-+do_test (void)
-+{
-+ int result = EXIT_SUCCESS;
-+
-+ for (int i = 0; i < array_length (sc_options); ++i)
-+ {
-+ long int scret = sysconf (sc_options[i]._SC_val);
-+ if (scret < 0)
-+ {
-+ printf ("sysconf (%s) returned < 0 (%ld)\n",
-+ sc_options[i].name, scret);
-+ result = EXIT_FAILURE;
-+ }
-+ else
-+ printf ("sysconf (%s): %ld\n", sc_options[i].name, scret);
-+ }
-+
-+ return result;
-+}
-+
-+#include <support/test-driver.c>
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
new file mode 100644
index 0000000000..2f08a90dd0
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch
@@ -0,0 +1,174 @@
+Since the full ISA set used in an ELF binary is unknown to compiler,
+an x86-64 ISA level marker indicates the minimum, not maximum, ISA set
+required to run such an ELF binary. We never guarantee a library with
+an x86-64 ISA level v3 marker doesn't contain other ISAs beyond x86-64
+ISA level v3, like AVX VNNI. We check the x86-64 ISA level marker for
+the minimum ISA set. Since -march=sandybridge enables only some ISAs
+in x86-64 ISA level v3, we should set the needed ISA marker to v2.
+Otherwise, libc is compiled with -march=sandybridge will fail to run on
+Sandy Bridge:
+
+$ ./elf/ld.so ./libc.so
+./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3
+
+Set the minimum, instead of maximum, x86-64 ISA level marker should have
+no impact on the b-hwcaps directory assignment logic in ldconfig nor
+ld.so.
+
+(cherry picked from commit 339bf918ea4830fb35614632e96f3aab3237adce)
+---
+ config.h.in | 6 ++++++
+ sysdeps/x86/configure | 28 ++++++++++++++++++++++++++++
+ sysdeps/x86/configure.ac | 16 ++++++++++++++++
+ sysdeps/x86/isa-level.c | 25 ++++++++++++++-----------
+ 4 files changed, 64 insertions(+), 11 deletions(-)
+
+diff --git a/config.h.in b/config.h.in
+--- a/config.h.in 2021-10-16 03:28:49.447573081 -0700
++++ b/config.h.in 2021-10-16 03:29:38.626741181 -0700
+@@ -275,4 +275,10 @@
+ /* Define if x86 ISA level should be included in shared libraries. */
+ #undef INCLUDE_X86_ISA_LEVEL
+
++/* Define if -msahf is enabled by default on x86. */
++#undef HAVE_X86_LAHF_SAHF
++
++/* Define if -mmovbe is enabled by default on x86. */
++#undef HAVE_X86_MOVBE
++
+ #endif
+diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure
+--- a/sysdeps/x86/configure 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/configure 2021-10-16 03:29:39.330729277 -0700
+@@ -126,6 +126,8 @@ cat > conftest2.S <<EOF
+ 4:
+ EOF
+ libc_cv_include_x86_isa_level=no
++libc_cv_have_x86_lahf_sahf=no
++libc_cv_have_x86_movbe=no
+ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S'
+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
+ (eval $ac_try) 2>&5
+@@ -135,6 +137,24 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS
+ count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
+ if test "$count" = 1; then
+ libc_cv_include_x86_isa_level=yes
++ cat > conftest.c <<EOF
++EOF
++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c'
++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++ test $ac_status = 0; }; } | grep -q "\-msahf"; then
++ libc_cv_have_x86_lahf_sahf=yes
++ fi
++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c'
++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5
++ (eval $ac_try) 2>&5
++ ac_status=$?
++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++ test $ac_status = 0; }; } | grep -q "\-mmovbe"; then
++ libc_cv_have_x86_movbe=yes
++ fi
+ fi
+ fi
+ rm -f conftest*
+@@ -145,5 +165,13 @@ if test $libc_cv_include_x86_isa_level =
+ $as_echo "#define INCLUDE_X86_ISA_LEVEL 1" >>confdefs.h
+
+ fi
++if test $libc_cv_have_x86_lahf_sahf = yes; then
++ $as_echo "#define HAVE_X86_LAHF_SAHF 1" >>confdefs.h
++
++fi
++if test $libc_cv_have_x86_movbe = yes; then
++ $as_echo "#define HAVE_X86_MOVBE 1" >>confdefs.h
++
++fi
+ config_vars="$config_vars
+ enable-x86-isa-level = $libc_cv_include_x86_isa_level"
+diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac
+--- a/sysdeps/x86/configure.ac 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/configure.ac 2021-10-16 03:29:40.038717306 -0700
+@@ -98,14 +98,30 @@ cat > conftest2.S <<EOF
+ 4:
+ EOF
+ libc_cv_include_x86_isa_level=no
++libc_cv_have_x86_lahf_sahf=no
++libc_cv_have_x86_movbe=no
+ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then
+ count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l`
+ if test "$count" = 1; then
+ libc_cv_include_x86_isa_level=yes
++ cat > conftest.c <<EOF
++EOF
++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-msahf"; then
++ libc_cv_have_x86_lahf_sahf=yes
++ fi
++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-mmovbe"; then
++ libc_cv_have_x86_movbe=yes
++ fi
+ fi
+ fi
+ rm -f conftest*])
+ if test $libc_cv_include_x86_isa_level = yes; then
+ AC_DEFINE(INCLUDE_X86_ISA_LEVEL)
+ fi
++if test $libc_cv_have_x86_lahf_sahf = yes; then
++ AC_DEFINE(HAVE_X86_LAHF_SAHF)
++fi
++if test $libc_cv_have_x86_movbe = yes; then
++ AC_DEFINE(HAVE_X86_MOVBE)
++fi
+ LIBC_CONFIG_VAR([enable-x86-isa-level], [$libc_cv_include_x86_isa_level])
+diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c
+--- a/sysdeps/x86/isa-level.c 2021-10-16 03:28:49.587570713 -0700
++++ b/sysdeps/x86/isa-level.c 2021-10-16 03:29:40.766704997 -0700
+@@ -29,32 +29,35 @@
+
+ /* ELF program property for x86 ISA level. */
+ #ifdef INCLUDE_X86_ISA_LEVEL
+-# if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \
+- || defined __MMX__ || defined __SSE__ || defined __SSE2__
++# if defined __SSE__ && defined __SSE2__
++/* NB: ISAs, excluding MMX, in x86-64 ISA level baseline are used. */
+ # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE
+ # else
+ # define ISA_BASELINE 0
+ # endif
+
+-# if defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
+- || (defined __x86_64__ && defined __LAHF_SAHF__) \
+- || defined __POPCNT__ || defined __SSE3__ \
+- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__
++# if ISA_BASELINE && defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \
++ && defined HAVE_X86_LAHF_SAHF && defined __POPCNT__ \
++ && defined __SSE3__ && defined __SSSE3__ && defined __SSE4_1__ \
++ && defined __SSE4_2__
++/* NB: ISAs in x86-64 ISA level v2 are used. */
+ # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2
+ # else
+ # define ISA_V2 0
+ # endif
+
+-# if defined __AVX__ || defined __AVX2__ || defined __F16C__ \
+- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \
+- || defined __XSAVE__
++# if ISA_V2 && defined __AVX__ && defined __AVX2__ && defined __F16C__ \
++ && defined __FMA__ && defined __LZCNT__ && defined HAVE_X86_MOVBE
++/* NB: ISAs in x86-64 ISA level v3 are used. */
+ # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3
+ # else
+ # define ISA_V3 0
+ # endif
+
+-# if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \
+- || defined __AVX512DQ__ || defined __AVX512VL__
++# if ISA_V3 && defined __AVX512F__ && defined __AVX512BW__ \
++ && defined __AVX512CD__ && defined __AVX512DQ__ \
++ && defined __AVX512VL__
++/* NB: ISAs in x86-64 ISA level v4 are used. */
+ # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4
+ # else
+ # define ISA_V4 0
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
deleted file mode 100644
index 26c5c0d2a9..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From dca565886b5e8bd7966e15f0ca42ee5cff686673 Mon Sep 17 00:00:00 2001
-From: DJ Delorie <dj@redhat.com>
-Date: Thu, 25 Feb 2021 16:08:21 -0500
-Subject: [PATCH] nscd: Fix double free in netgroupcache [BZ #27462]
-
-In commit 745664bd798ec8fd50438605948eea594179fba1 a use-after-free
-was fixed, but this led to an occasional double-free. This patch
-tracks the "live" allocation better.
-
-Tested manually by a third party.
-
-Related: RHBZ 1927877
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Reviewed-by: Carlos O'Donell <carlos@redhat.com>
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=dca565886b5e8bd7966e15f0ca42ee5cff686673]
-
-CVE: CVE-2021-27645
-
-Reviewed-by: Carlos O'Donell <carlos@redhat.com>
-Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
----
- nscd/netgroupcache.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
-index dba6ceec1b..ad2daddafd 100644
---- a/nscd/netgroupcache.c
-+++ b/nscd/netgroupcache.c
-@@ -248,7 +248,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
- : NULL);
- ndomain = (ndomain ? newbuf + ndomaindiff
- : NULL);
-- buffer = newbuf;
-+ *tofreep = buffer = newbuf;
- }
-
- nhost = memcpy (buffer + bufused,
-@@ -319,7 +319,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
- else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE)
- {
- buflen *= 2;
-- buffer = xrealloc (buffer, buflen);
-+ *tofreep = buffer = xrealloc (buffer, buflen);
- }
- else if (status == NSS_STATUS_RETURN
- || status == NSS_STATUS_NOTFOUND
---
-2.27.0
-
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
deleted file mode 100644
index 21f07ac303..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 709674ec86c3c6da4f0995897f6b0205c16d049d Mon Sep 17 00:00:00 2001
-From: Andreas Schwab <schwab@linux-m68k.org>
-Date: Thu, 27 May 2021 12:49:47 +0200
-Subject: [PATCH] Use __pthread_attr_copy in mq_notify (bug 27896)
-
-Make a deep copy of the pthread attribute object to remove a potential
-use-after-free issue.
-
-Upstream-Status: Backport
-[https://sourceware.org/git/?p=glibc.git;a=commit;h=42d359350510506b87101cf77202fefcbfc790cb]
-
-CVE:
-CVE-2021-33574
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
----
- NEWS | 4 ++++
- sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++-----
- 2 files changed, 14 insertions(+), 5 deletions(-)
-
-diff --git a/NEWS b/NEWS
-index 71f5d20324..017d656433 100644
---- a/NEWS
-+++ b/NEWS
-@@ -118,6 +118,10 @@ Security related changes:
- CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
- invoked with EUC-KR input containing invalid multibyte input sequences.
-
-+ CVE-2021-33574: The mq_notify function has a potential use-after-free
-+ issue when using a notification type of SIGEV_THREAD and a thread
-+ attribute with a non-default affinity mask.
-+
- The following bugs are resolved with this release:
-
- [10635] libc: realpath portability patches
-diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
-index cc575a0cdd..f7ddfe5a6c 100644
---- a/sysdeps/unix/sysv/linux/mq_notify.c
-+++ b/sysdeps/unix/sysv/linux/mq_notify.c
-@@ -133,8 +133,11 @@ helper_thread (void *arg)
- (void) __pthread_barrier_wait (&notify_barrier);
- }
- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED)
-- /* The only state we keep is the copy of the thread attributes. */
-- free (data.attr);
-+ {
-+ /* The only state we keep is the copy of the thread attributes. */
-+ pthread_attr_destroy (data.attr);
-+ free (data.attr);
-+ }
- }
- return NULL;
- }
-@@ -255,8 +258,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
- if (data.attr == NULL)
- return -1;
-
-- memcpy (data.attr, notification->sigev_notify_attributes,
-- sizeof (pthread_attr_t));
-+ __pthread_attr_copy (data.attr, notification->sigev_notify_attributes);
- }
-
- /* Construct the new request. */
-@@ -270,7 +272,10 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
-
- /* If it failed, free the allocated memory. */
- if (__glibc_unlikely (retval != 0))
-- free (data.attr);
-+ {
-+ pthread_attr_destroy (data.attr);
-+ free (data.attr);
-+ }
-
- return retval;
- }
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
deleted file mode 100644
index befccd7ac7..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 217b6dc298156bdb0d6aea9ea93e7e394a5ff091 Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Tue, 1 Jun 2021 17:51:41 +0200
-Subject: [PATCH] Fix use of __pthread_attr_copy in mq_notify (bug 27896)
-
-__pthread_attr_copy can fail and does not initialize the attribute
-structure in that case.
-
-If __pthread_attr_copy is never called and there is no allocated
-attribute, pthread_attr_destroy should not be called, otherwise
-there is a null pointer dereference in rt/tst-mqueue6.
-
-Fixes commit 42d359350510506b87101cf77202fefcbfc790cb
-("Use __pthread_attr_copy in mq_notify (bug 27896)").
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-
-Upstream-Status: Backport
-[https://sourceware.org/git/?p=glibc.git;a=commit;h=217b6dc298156bdb0d6aea9ea93e7e394a5ff091]
-
-CVE:
-CVE-2021-33574
-
-Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
-Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
----
- sysdeps/unix/sysv/linux/mq_notify.c | 11 +++++++++--
- 1 file changed, 9 insertions(+), 2 deletions(-)
-
-diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c
-index f7ddfe5a6c..6f46d29d1d 100644
---- a/sysdeps/unix/sysv/linux/mq_notify.c
-+++ b/sysdeps/unix/sysv/linux/mq_notify.c
-@@ -258,7 +258,14 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
- if (data.attr == NULL)
- return -1;
-
-- __pthread_attr_copy (data.attr, notification->sigev_notify_attributes);
-+ int ret = __pthread_attr_copy (data.attr,
-+ notification->sigev_notify_attributes);
-+ if (ret != 0)
-+ {
-+ free (data.attr);
-+ __set_errno (ret);
-+ return -1;
-+ }
- }
-
- /* Construct the new request. */
-@@ -271,7 +278,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification)
- int retval = INLINE_SYSCALL (mq_notify, 2, mqdes, &se);
-
- /* If it failed, free the allocated memory. */
-- if (__glibc_unlikely (retval != 0))
-+ if (retval != 0 && data.attr != NULL)
- {
- pthread_attr_destroy (data.attr);
- free (data.attr);
---
-2.27.0
-
diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch b/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
deleted file mode 100644
index 5cae1bc91c..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17 00:00:00 2001
-From: Andreas Schwab <schwab@linux-m68k.org>
-Date: Fri, 25 Jun 2021 15:02:47 +0200
-Subject: [PATCH] wordexp: handle overflow in positional parameter number (bug
- 28011)
-
-Use strtoul instead of atoi so that overflow can be detected.
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c]
-CVE: CVE-2021-35942
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- posix/wordexp-test.c | 1 +
- posix/wordexp.c | 2 +-
- 2 files changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
-index f93a546d7e..9df02dbbb3 100644
---- a/posix/wordexp-test.c
-+++ b/posix/wordexp-test.c
-@@ -183,6 +183,7 @@ struct test_case_struct
- { 0, NULL, "$var", 0, 0, { NULL, }, IFS },
- { 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS },
- { 0, NULL, "", 0, 0, { NULL, }, IFS },
-+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS },
-
- /* Flags not already covered (testit() has special handling for these) */
- { 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS },
-diff --git a/posix/wordexp.c b/posix/wordexp.c
-index bcbe96e48d..1f3b09f721 100644
---- a/posix/wordexp.c
-+++ b/posix/wordexp.c
-@@ -1399,7 +1399,7 @@ envsubst:
- /* Is it a numeric parameter? */
- else if (isdigit (env[0]))
- {
-- int n = atoi (env);
-+ unsigned long n = strtoul (env, NULL, 10);
-
- if (n >= __libc_argc)
- /* Substitute NULL. */
---
-2.17.1
-
diff --git a/meta/recipes-core/glibc/glibc_2.33.bb b/meta/recipes-core/glibc/glibc_2.33.bb
index 57a60cb9d8..a1e9eb3a16 100644
--- a/meta/recipes-core/glibc/glibc_2.33.bb
+++ b/meta/recipes-core/glibc/glibc_2.33.bb
@@ -56,16 +56,6 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \
file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \
file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \
- file://0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch \
- file://0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch \
- file://0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch \
- file://CVE-2021-27645.patch \
- file://0001-nptl-Remove-private-futex-optimization-BZ-27304.patch \
- file://CVE-2021-33574_1.patch \
- file://CVE-2021-33574_2.patch \
- file://CVE-2021-35942.patch \
- file://0001-CVE-2021-38604.patch \
- file://0002-CVE-2021-38604.patch \
"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build-${TARGET_SYS}"
@@ -98,7 +88,7 @@ EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \
EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}"
-EXTRA_OECONF_append_x86 = " --enable-cet"
+EXTRA_OECONF_append_x86 = " ${@bb.utils.contains_any('TUNE_FEATURES', 'i586 c3', '--disable-cet', '--enable-cet', d)}"
EXTRA_OECONF_append_x86-64 = " --enable-cet"
PACKAGECONFIG ??= "nscd"
diff --git a/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb b/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb
index 0daf50acab..afc3196620 100644
--- a/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb
+++ b/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb
@@ -7,7 +7,7 @@ the file /etc/network/interfaces."
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
-SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https \
+SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https;branch=master \
file://defn2-c-man-don-t-rely-on-dpkg-architecture-to-set-a.patch \
file://99_network \
file://0001-Define-FNM_EXTMATCH-for-musl.patch \
diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
index a13422490f..5631cd8ae6 100644
--- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx"
inherit core-image setuptools3
-SRCREV ?= "45fb2254f6961377ae0ad0c5c00735459fdcb182"
+SRCREV ?= "2954fa87a4d325f1a3c722d6fb8bf13b17f9e7a0"
SRC_URI = "git://git.yoctoproject.org/poky;branch=hardknott \
file://Yocto_Build_Appliance.vmx \
file://Yocto_Build_Appliance.vmxf \
diff --git a/meta/recipes-core/initrdscripts/initramfs-framework/finish b/meta/recipes-core/initrdscripts/initramfs-framework/finish
index 717383ebac..f08a920867 100755
--- a/meta/recipes-core/initrdscripts/initramfs-framework/finish
+++ b/meta/recipes-core/initrdscripts/initramfs-framework/finish
@@ -12,6 +12,18 @@ finish_run() {
fatal "ERROR: There's no '/dev' on rootfs."
fi
+ # Unmount anything that was automounted by busybox via mdev-mount.sh.
+ # We're about to switch_root, and leaving anything mounted will prevent
+ # the next rootfs from modifying the block device. Ignore ROOT_DISK,
+ # if it was set by setup-live, because it'll be mounted over loopback
+ # to ROOTFS_DIR.
+ local dev
+ for dev in /run/media/*; do
+ if mountpoint -q "${dev}" && [ "${dev##*/}" != "${ROOT_DISK}" ]; then
+ umount -f "${dev}" || debug "Failed to unmount ${dev}"
+ fi
+ done
+
info "Switching root to '$ROOTFS_DIR'..."
debug "Moving /dev, /proc and /sys onto rootfs..."
diff --git a/meta/recipes-core/initscripts/init-system-helpers_1.60.bb b/meta/recipes-core/initscripts/init-system-helpers_1.60.bb
index 33977e66c1..98f45e1355 100644
--- a/meta/recipes-core/initscripts/init-system-helpers_1.60.bb
+++ b/meta/recipes-core/initscripts/init-system-helpers_1.60.bb
@@ -17,7 +17,7 @@ LICENSE = "BSD-3-Clause & GPLv2"
LIC_FILES_CHKSUM = "file://debian/copyright;md5=ee2b1830fcfead84d07bc060ec43e072"
SRCREV = "dbd9197569c0935029acd5c9b02b84c68fd937ee"
-SRC_URI = "git://salsa.debian.org/debian/init-system-helpers.git;protocol=https"
+SRC_URI = "git://salsa.debian.org/debian/init-system-helpers.git;protocol=https;branch=master"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/libxcrypt/libxcrypt.inc b/meta/recipes-core/libxcrypt/libxcrypt.inc
index b5ca863d54..8008ba2d38 100644
--- a/meta/recipes-core/libxcrypt/libxcrypt.inc
+++ b/meta/recipes-core/libxcrypt/libxcrypt.inc
@@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSING;md5=bd5d9777dfe7076c4f2928f12fed226a \
inherit autotools pkgconfig
-SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH} \
+SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH};protocol=https \
file://0001-configure.ac-do-not-use-compute-symver-floor.patch \
"
SRCREV = "94d84f92ca123d851586016c4678eb1f21c19029"
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
new file mode 100644
index 0000000000..eefecb9adb
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
@@ -0,0 +1,99 @@
+From 646fe48d1c8a74310c409ddf81fe7df6700052af Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Tue, 22 Feb 2022 11:51:08 +0100
+Subject: [PATCH] Fix --without-valid build
+
+Regressed in commit 652dd12a.
+---
+ valid.c | 58 ++++++++++++++++++++++++++++-----------------------------
+ 1 file changed, 29 insertions(+), 29 deletions(-)
+---
+
+From https://github.com/GNOME/libxml2.git
+ commit 646fe48d1c8a74310c409ddf81fe7df6700052af
+
+CVE: CVE-2022-23308
+Upstream-status: Backport
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+
+diff --git a/valid.c b/valid.c
+index 8e596f1d..9684683a 100644
+--- a/valid.c
++++ b/valid.c
+@@ -479,35 +479,6 @@ nodeVPop(xmlValidCtxtPtr ctxt)
+ return (ret);
+ }
+
+-/**
+- * xmlValidNormalizeString:
+- * @str: a string
+- *
+- * Normalize a string in-place.
+- */
+-static void
+-xmlValidNormalizeString(xmlChar *str) {
+- xmlChar *dst;
+- const xmlChar *src;
+-
+- if (str == NULL)
+- return;
+- src = str;
+- dst = str;
+-
+- while (*src == 0x20) src++;
+- while (*src != 0) {
+- if (*src == 0x20) {
+- while (*src == 0x20) src++;
+- if (*src != 0)
+- *dst++ = 0x20;
+- } else {
+- *dst++ = *src++;
+- }
+- }
+- *dst = 0;
+-}
+-
+ #ifdef DEBUG_VALID_ALGO
+ static void
+ xmlValidPrintNode(xmlNodePtr cur) {
+@@ -2636,6 +2607,35 @@ xmlDumpNotationTable(xmlBufferPtr buf, xmlNotationTablePtr table) {
+ (xmlDictOwns(dict, (const xmlChar *)(str)) == 0))) \
+ xmlFree((char *)(str));
+
++/**
++ * xmlValidNormalizeString:
++ * @str: a string
++ *
++ * Normalize a string in-place.
++ */
++static void
++xmlValidNormalizeString(xmlChar *str) {
++ xmlChar *dst;
++ const xmlChar *src;
++
++ if (str == NULL)
++ return;
++ src = str;
++ dst = str;
++
++ while (*src == 0x20) src++;
++ while (*src != 0) {
++ if (*src == 0x20) {
++ while (*src == 0x20) src++;
++ if (*src != 0)
++ *dst++ = 0x20;
++ } else {
++ *dst++ = *src++;
++ }
++ }
++ *dst = 0;
++}
++
+ static int
+ xmlIsStreaming(xmlValidCtxtPtr ctxt) {
+ xmlParserCtxtPtr pctxt;
+--
+2.35.1
+
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch
new file mode 100644
index 0000000000..708a98b45a
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch
@@ -0,0 +1,209 @@
+From 652dd12a858989b14eed4e84e453059cd3ba340e Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Tue, 8 Feb 2022 03:29:24 +0100
+Subject: [PATCH] [CVE-2022-23308] Use-after-free of ID and IDREF attributes
+
+If a document is parsed with XML_PARSE_DTDVALID and without
+XML_PARSE_NOENT, the value of ID attributes has to be normalized after
+potentially expanding entities in xmlRemoveID. Otherwise, later calls
+to xmlGetID can return a pointer to previously freed memory.
+
+ID attributes which are empty or contain only whitespace after
+entity expansion are affected in a similar way. This is fixed by
+not storing such attributes in the ID table.
+
+The test to detect streaming mode when validating against a DTD was
+broken. In connection with the defects above, this could result in a
+use-after-free when using the xmlReader interface with validation.
+Fix detection of streaming mode to avoid similar issues. (This changes
+the expected result of a test case. But as far as I can tell, using the
+XML reader with XIncludes referencing the root document never worked
+properly, anyway.)
+
+All of these issues can result in denial of service. Using xmlReader
+with validation could result in disclosure of memory via the error
+channel, typically stderr. The security impact of xmlGetID returning
+a pointer to freed memory depends on the application. The typical use
+case of calling xmlGetID on an unmodified document is not affected.
+---
+ result/XInclude/ns1.xml.rdr | 2 +-
+ valid.c | 88 +++++++++++++++++++++++--------------
+ 2 files changed, 56 insertions(+), 34 deletions(-)
+ ---
+
+From https://github.com/GNOME/libxml2.git
+ commit 652dd12a858989b14eed4e84e453059cd3ba340e
+
+Remove patch to ns1.xml.rdr which does not exist in version 2.9.10.
+
+CVE: CVE-2022-23308
+Upstream-status: Backport
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+
+diff --git a/valid.c b/valid.c
+index 5ee391c0..8e596f1d 100644
+--- a/valid.c
++++ b/valid.c
+@@ -479,6 +479,35 @@ nodeVPop(xmlValidCtxtPtr ctxt)
+ return (ret);
+ }
+
++/**
++ * xmlValidNormalizeString:
++ * @str: a string
++ *
++ * Normalize a string in-place.
++ */
++static void
++xmlValidNormalizeString(xmlChar *str) {
++ xmlChar *dst;
++ const xmlChar *src;
++
++ if (str == NULL)
++ return;
++ src = str;
++ dst = str;
++
++ while (*src == 0x20) src++;
++ while (*src != 0) {
++ if (*src == 0x20) {
++ while (*src == 0x20) src++;
++ if (*src != 0)
++ *dst++ = 0x20;
++ } else {
++ *dst++ = *src++;
++ }
++ }
++ *dst = 0;
++}
++
+ #ifdef DEBUG_VALID_ALGO
+ static void
+ xmlValidPrintNode(xmlNodePtr cur) {
+@@ -2607,6 +2636,24 @@ xmlDumpNotationTable(xmlBufferPtr buf, xmlNotationTablePtr table) {
+ (xmlDictOwns(dict, (const xmlChar *)(str)) == 0))) \
+ xmlFree((char *)(str));
+
++static int
++xmlIsStreaming(xmlValidCtxtPtr ctxt) {
++ xmlParserCtxtPtr pctxt;
++
++ if (ctxt == NULL)
++ return(0);
++ /*
++ * These magic values are also abused to detect whether we're validating
++ * while parsing a document. In this case, userData points to the parser
++ * context.
++ */
++ if ((ctxt->finishDtd != XML_CTXT_FINISH_DTD_0) &&
++ (ctxt->finishDtd != XML_CTXT_FINISH_DTD_1))
++ return(0);
++ pctxt = ctxt->userData;
++ return(pctxt->parseMode == XML_PARSE_READER);
++}
++
+ /**
+ * xmlFreeID:
+ * @not: A id
+@@ -2650,7 +2697,7 @@ xmlAddID(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value,
+ if (doc == NULL) {
+ return(NULL);
+ }
+- if (value == NULL) {
++ if ((value == NULL) || (value[0] == 0)) {
+ return(NULL);
+ }
+ if (attr == NULL) {
+@@ -2681,7 +2728,7 @@ xmlAddID(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value,
+ */
+ ret->value = xmlStrdup(value);
+ ret->doc = doc;
+- if ((ctxt != NULL) && (ctxt->vstateNr != 0)) {
++ if (xmlIsStreaming(ctxt)) {
+ /*
+ * Operating in streaming mode, attr is gonna disappear
+ */
+@@ -2820,6 +2867,7 @@ xmlRemoveID(xmlDocPtr doc, xmlAttrPtr attr) {
+ ID = xmlNodeListGetString(doc, attr->children, 1);
+ if (ID == NULL)
+ return(-1);
++ xmlValidNormalizeString(ID);
+
+ id = xmlHashLookup(table, ID);
+ if (id == NULL || id->attr != attr) {
+@@ -3009,7 +3057,7 @@ xmlAddRef(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value,
+ * fill the structure.
+ */
+ ret->value = xmlStrdup(value);
+- if ((ctxt != NULL) && (ctxt->vstateNr != 0)) {
++ if (xmlIsStreaming(ctxt)) {
+ /*
+ * Operating in streaming mode, attr is gonna disappear
+ */
+@@ -4028,8 +4076,7 @@ xmlValidateAttributeValue2(xmlValidCtxtPtr ctxt, xmlDocPtr doc,
+ xmlChar *
+ xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc,
+ xmlNodePtr elem, const xmlChar *name, const xmlChar *value) {
+- xmlChar *ret, *dst;
+- const xmlChar *src;
++ xmlChar *ret;
+ xmlAttributePtr attrDecl = NULL;
+ int extsubset = 0;
+
+@@ -4070,19 +4117,7 @@ xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc,
+ ret = xmlStrdup(value);
+ if (ret == NULL)
+ return(NULL);
+- src = value;
+- dst = ret;
+- while (*src == 0x20) src++;
+- while (*src != 0) {
+- if (*src == 0x20) {
+- while (*src == 0x20) src++;
+- if (*src != 0)
+- *dst++ = 0x20;
+- } else {
+- *dst++ = *src++;
+- }
+- }
+- *dst = 0;
++ xmlValidNormalizeString(ret);
+ if ((doc->standalone) && (extsubset == 1) && (!xmlStrEqual(value, ret))) {
+ xmlErrValidNode(ctxt, elem, XML_DTD_NOT_STANDALONE,
+ "standalone: %s on %s value had to be normalized based on external subset declaration\n",
+@@ -4114,8 +4149,7 @@ xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc,
+ xmlChar *
+ xmlValidNormalizeAttributeValue(xmlDocPtr doc, xmlNodePtr elem,
+ const xmlChar *name, const xmlChar *value) {
+- xmlChar *ret, *dst;
+- const xmlChar *src;
++ xmlChar *ret;
+ xmlAttributePtr attrDecl = NULL;
+
+ if (doc == NULL) return(NULL);
+@@ -4145,19 +4179,7 @@ xmlValidNormalizeAttributeValue(xmlDocPtr doc, xmlNodePtr elem,
+ ret = xmlStrdup(value);
+ if (ret == NULL)
+ return(NULL);
+- src = value;
+- dst = ret;
+- while (*src == 0x20) src++;
+- while (*src != 0) {
+- if (*src == 0x20) {
+- while (*src == 0x20) src++;
+- if (*src != 0)
+- *dst++ = 0x20;
+- } else {
+- *dst++ = *src++;
+- }
+- }
+- *dst = 0;
++ xmlValidNormalizeString(ret);
+ return(ret);
+ }
+
+--
+2.25.1
+
diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb
index ce4f9a3340..778312f662 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.10.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb
@@ -30,6 +30,8 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
file://CVE-2021-3518-0002.patch \
file://CVE-2021-3537.patch \
file://CVE-2021-3541.patch \
+ file://CVE-2022-23308.patch \
+ file://CVE-2022-23308-fix-regression.patch \
"
SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5"
@@ -47,7 +49,7 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
inherit autotools pkgconfig binconfig-disabled ptest
-inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3native', '', d)}
+inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3targetconfig', '', d)}
RDEPENDS_${PN}-ptest += "make ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}"
diff --git a/meta/recipes-core/musl/libucontext_git.bb b/meta/recipes-core/musl/libucontext_git.bb
index 11affebb49..87946b7ec3 100644
--- a/meta/recipes-core/musl/libucontext_git.bb
+++ b/meta/recipes-core/musl/libucontext_git.bb
@@ -10,7 +10,7 @@ DEPENDS = ""
PV = "0.10+${SRCPV}"
SRCREV = "19fa1bbfc26efb92147b5e85cc0ca02a0e837561"
-SRC_URI = "git://github.com/kaniini/libucontext \
+SRC_URI = "git://github.com/kaniini/libucontext;branch=master;protocol=https \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/musl/musl-obstack.bb b/meta/recipes-core/musl/musl-obstack.bb
index 3003935fe5..74de48c2cd 100644
--- a/meta/recipes-core/musl/musl-obstack.bb
+++ b/meta/recipes-core/musl/musl-obstack.bb
@@ -10,7 +10,7 @@ SECTION = "libs"
PV = "1.1"
SRCREV = "d2ad66b0df44a4b784956f7f7f2717131ddc05f4"
-SRC_URI = "git://github.com/pullmoll/musl-obstack"
+SRC_URI = "git://github.com/pullmoll/musl-obstack;branch=master;protocol=https"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-core/musl/musl-utils.bb b/meta/recipes-core/musl/musl-utils.bb
index dd0ce33061..c30509469c 100644
--- a/meta/recipes-core/musl/musl-utils.bb
+++ b/meta/recipes-core/musl/musl-utils.bb
@@ -11,7 +11,7 @@ SECTION = "utils"
PV = "20170421"
SRCREV = "fb5630138ccabbbc14a19d372096a04e42573c7d"
-SRC_URI = "git://github.com/boltlinux/musl-utils"
+SRC_URI = "git://github.com/boltlinux/musl-utils;branch=master;protocol=https"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-core/musl/musl_git.bb b/meta/recipes-core/musl/musl_git.bb
index e6f9e2441e..a241a2fbbd 100644
--- a/meta/recipes-core/musl/musl_git.bb
+++ b/meta/recipes-core/musl/musl_git.bb
@@ -12,7 +12,7 @@ PV = "${BASEVER}+git${SRCPV}"
# mirror is at git://github.com/kraj/musl.git
-SRC_URI = "git://git.musl-libc.org/musl \
+SRC_URI = "git://git.musl-libc.org/musl;branch=master \
file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \
file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \
"
diff --git a/meta/recipes-core/ncurses/files/CVE-2021-39537.patch b/meta/recipes-core/ncurses/files/CVE-2021-39537.patch
new file mode 100644
index 0000000000..d63bf57e8d
--- /dev/null
+++ b/meta/recipes-core/ncurses/files/CVE-2021-39537.patch
@@ -0,0 +1,65 @@
+From e83ecbd26252bac163fc4377ef30edbd4acb0bad Mon Sep 17 00:00:00 2001
+From: Sven Joachim <svenjoac@gmx.de>
+Date: Mon, 1 Jun 2020 08:03:52 +0200
+Subject: [PATCH] Import upstream patch 20200531
+
+20200531
+ + correct configure version-check/warnng for g++ to allow for 10.x
+ + re-enable "bel" in konsole-base (report by Nia Huang)
+ + add linux-s entry (patch by Alexandre Montaron).
+ + drop long-obsolete convert_configure.pl
+ + add test/test_parm.c, for checking tparm changes.
+ + improve parameter-checking for tparm, adding function _nc_tiparm() to
+ handle the most-used case, which accepts only numeric parameters
+ (report/testcase by "puppet-meteor").
+ + use a more conservative estimate of the buffer-size in lib_tparm.c's
+ save_text() and save_number(), in case the sprintf() function
+ passes-through unexpected characters from a format specifier
+ (report/testcase by "puppet-meteor").
+ + add a check for end-of-string in cvtchar to handle a malformed
+ string in infotocap (report/testcase by "puppet-meteor").
+
+CVE: CVE-2021-39537
+
+Upstream-Status: Backport [https://github.com/mirror/ncurses/commit/790a85dbd4a81d5f5d8dd02a44d84f01512ef443]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ ncurses/tinfo/captoinfo.c | 11 +-
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/ncurses/tinfo/captoinfo.c b/ncurses/tinfo/captoinfo.c
+index 8b3b83d1..9362105a 100644
+--- a/ncurses/tinfo/captoinfo.c
++++ b/ncurses/tinfo/captoinfo.c
+@@ -98,7 +98,7 @@
+ #include <ctype.h>
+ #include <tic.h>
+
+-MODULE_ID("$Id: captoinfo.c,v 1.98 2020/02/02 23:34:34 tom Exp $")
++MODULE_ID("$Id: captoinfo.c,v 1.99 2020/05/25 21:28:29 tom Exp $")
+
+ #if 0
+ #define DEBUG_THIS(p) DEBUG(9, p)
+@@ -216,12 +216,15 @@ cvtchar(register const char *sp)
+ }
+ break;
+ case '^':
++ len = 2;
+ c = UChar(*++sp);
+- if (c == '?')
++ if (c == '?') {
+ c = 127;
+- else
++ } else if (c == '\0') {
++ len = 1;
++ } else {
+ c &= 0x1f;
+- len = 2;
++ }
+ break;
+ default:
+ c = UChar(*sp);
+--
+2.17.1
+
diff --git a/meta/recipes-core/ncurses/ncurses.inc b/meta/recipes-core/ncurses/ncurses.inc
index ef59bc3b0a..9c74d2ec36 100644
--- a/meta/recipes-core/ncurses/ncurses.inc
+++ b/meta/recipes-core/ncurses/ncurses.inc
@@ -13,7 +13,7 @@ BINCONFIG = "${bindir}/ncurses5-config ${bindir}/ncursesw5-config \
inherit autotools binconfig-disabled multilib_header pkgconfig
# Upstream has useful patches at times at ftp://invisible-island.net/ncurses/
-SRC_URI = "git://salsa.debian.org/debian/ncurses.git;protocol=https"
+SRC_URI = "git://salsa.debian.org/debian/ncurses.git;protocol=https;branch=master"
EXTRA_AUTORECONF = "-I m4"
diff --git a/meta/recipes-core/ncurses/ncurses_6.2.bb b/meta/recipes-core/ncurses/ncurses_6.2.bb
index e7d7396a20..598c51b00b 100644
--- a/meta/recipes-core/ncurses/ncurses_6.2.bb
+++ b/meta/recipes-core/ncurses/ncurses_6.2.bb
@@ -3,6 +3,7 @@ require ncurses.inc
SRC_URI += "file://0001-tic-hang.patch \
file://0002-configure-reproducible.patch \
file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \
+ file://CVE-2021-39537.patch \
"
# commit id corresponds to the revision in package version
SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4"
diff --git a/meta/recipes-core/netbase/netbase_6.2.bb b/meta/recipes-core/netbase/netbase_6.2.bb
index c016d32dd3..ad7e9becde 100644
--- a/meta/recipes-core/netbase/netbase_6.2.bb
+++ b/meta/recipes-core/netbase/netbase_6.2.bb
@@ -6,7 +6,7 @@ LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://debian/copyright;md5=3dd6192d306f582dee7687da3d8748ab"
PE = "1"
-SRC_URI = "git://salsa.debian.org/md/netbase.git;protocol=https"
+SRC_URI = "git://salsa.debian.org/md/netbase.git;protocol=https;branch=master"
SRCREV = "1c892c96a078ef28ec1a94681b3a0da7a3d545f7"
inherit allarch
diff --git a/meta/recipes-core/os-release/os-release.bb b/meta/recipes-core/os-release/os-release.bb
index a29d678125..33f75e39b8 100644
--- a/meta/recipes-core/os-release/os-release.bb
+++ b/meta/recipes-core/os-release/os-release.bb
@@ -12,7 +12,9 @@ do_configure[noexec] = "1"
# Other valid fields: BUILD_ID ID_LIKE ANSI_COLOR CPE_NAME
# HOME_URL SUPPORT_URL BUG_REPORT_URL
-OS_RELEASE_FIELDS = "ID ID_LIKE NAME VERSION VERSION_ID PRETTY_NAME"
+OS_RELEASE_FIELDS = "\
+ ID ID_LIKE NAME VERSION VERSION_ID PRETTY_NAME DISTRO_CODENAME \
+"
OS_RELEASE_UNQUOTED_FIELDS = "ID VERSION_ID VARIANT_ID"
ID = "${DISTRO}"
diff --git a/meta/recipes-core/psplash/psplash_git.bb b/meta/recipes-core/psplash/psplash_git.bb
index 59e1e3f194..e1236475fc 100644
--- a/meta/recipes-core/psplash/psplash_git.bb
+++ b/meta/recipes-core/psplash/psplash_git.bb
@@ -10,7 +10,7 @@ SRCREV = "0a902f7cd875ccf018456451be369f05fa55f962"
PV = "0.1+git${SRCPV}"
PR = "r15"
-SRC_URI = "git://git.yoctoproject.org/${BPN} \
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \
file://psplash-init \
file://psplash-start.service \
file://psplash-systemd.service \
diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc
index 7d3b3064ba..b11ab112af 100644
--- a/meta/recipes-core/systemd/systemd.inc
+++ b/meta/recipes-core/systemd/systemd.inc
@@ -16,6 +16,6 @@ LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
SRCREV = "17472dca0160cbe7b807ca648475fd70d0d62fe5"
SRCBRANCH = "v247-stable"
-SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}"
+SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb b/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
index da716674c3..daee5c224b 100644
--- a/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
+++ b/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb
@@ -6,7 +6,7 @@ SECTION = "base"
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://update-rc.d;beginline=5;endline=15;md5=d40a07c27f535425934bb5001f2037d9"
-SRC_URI = "git://git.yoctoproject.org/update-rc.d"
+SRC_URI = "git://git.yoctoproject.org/update-rc.d;branch=master"
SRCREV = "8636cf478d426b568c1be11dbd9346f67e03adac"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-core/util-linux/util-linux_2.36.2.bb b/meta/recipes-core/util-linux/util-linux_2.36.2.bb
index c79cf782d1..82cc8a3dbf 100644
--- a/meta/recipes-core/util-linux/util-linux_2.36.2.bb
+++ b/meta/recipes-core/util-linux/util-linux_2.36.2.bb
@@ -73,7 +73,7 @@ EXTRA_OECONF = "\
\
--disable-bfs --disable-chfn-chsh --disable-login \
--disable-makeinstall-chown --disable-minix --disable-newgrp \
- --disable-use-tty-group --disable-vipw \
+ --disable-use-tty-group --disable-vipw --disable-raw \
\
--without-udev \
\
diff --git a/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch b/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
new file mode 100644
index 0000000000..5cb6183641
--- /dev/null
+++ b/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
@@ -0,0 +1,347 @@
+CVE: CVE-2018-25032
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 5c44459c3b28a9bd3283aaceab7c615f8020c531 Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Tue, 17 Apr 2018 22:09:22 -0700
+Subject: [PATCH] Fix a bug that can crash deflate on some input when using
+ Z_FIXED.
+
+This bug was reported by Danilo Ramos of Eideticom, Inc. It has
+lain in wait 13 years before being found! The bug was introduced
+in zlib 1.2.2.2, with the addition of the Z_FIXED option. That
+option forces the use of fixed Huffman codes. For rare inputs with
+a large number of distant matches, the pending buffer into which
+the compressed data is written can overwrite the distance symbol
+table which it overlays. That results in corrupted output due to
+invalid distances, and can result in out-of-bound accesses,
+crashing the application.
+
+The fix here combines the distance buffer and literal/length
+buffers into a single symbol buffer. Now three bytes of pending
+buffer space are opened up for each literal or length/distance
+pair consumed, instead of the previous two bytes. This assures
+that the pending buffer cannot overwrite the symbol table, since
+the maximum fixed code compressed length/distance is 31 bits, and
+since there are four bytes of pending space for every three bytes
+of symbol space.
+---
+ deflate.c | 74 ++++++++++++++++++++++++++++++++++++++++---------------
+ deflate.h | 25 +++++++++----------
+ trees.c | 50 +++++++++++--------------------------
+ 3 files changed, 79 insertions(+), 70 deletions(-)
+
+diff --git a/deflate.c b/deflate.c
+index 425babc00..19cba873a 100644
+--- a/deflate.c
++++ b/deflate.c
+@@ -255,11 +255,6 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+ int wrap = 1;
+ static const char my_version[] = ZLIB_VERSION;
+
+- ushf *overlay;
+- /* We overlay pending_buf and d_buf+l_buf. This works since the average
+- * output size for (length,distance) codes is <= 24 bits.
+- */
+-
+ if (version == Z_NULL || version[0] != my_version[0] ||
+ stream_size != sizeof(z_stream)) {
+ return Z_VERSION_ERROR;
+@@ -329,9 +324,47 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+
+ s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
+
+- overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
+- s->pending_buf = (uchf *) overlay;
+- s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
++ /* We overlay pending_buf and sym_buf. This works since the average size
++ * for length/distance pairs over any compressed block is assured to be 31
++ * bits or less.
++ *
++ * Analysis: The longest fixed codes are a length code of 8 bits plus 5
++ * extra bits, for lengths 131 to 257. The longest fixed distance codes are
++ * 5 bits plus 13 extra bits, for distances 16385 to 32768. The longest
++ * possible fixed-codes length/distance pair is then 31 bits total.
++ *
++ * sym_buf starts one-fourth of the way into pending_buf. So there are
++ * three bytes in sym_buf for every four bytes in pending_buf. Each symbol
++ * in sym_buf is three bytes -- two for the distance and one for the
++ * literal/length. As each symbol is consumed, the pointer to the next
++ * sym_buf value to read moves forward three bytes. From that symbol, up to
++ * 31 bits are written to pending_buf. The closest the written pending_buf
++ * bits gets to the next sym_buf symbol to read is just before the last
++ * code is written. At that time, 31*(n-2) bits have been written, just
++ * after 24*(n-2) bits have been consumed from sym_buf. sym_buf starts at
++ * 8*n bits into pending_buf. (Note that the symbol buffer fills when n-1
++ * symbols are written.) The closest the writing gets to what is unread is
++ * then n+14 bits. Here n is lit_bufsize, which is 16384 by default, and
++ * can range from 128 to 32768.
++ *
++ * Therefore, at a minimum, there are 142 bits of space between what is
++ * written and what is read in the overlain buffers, so the symbols cannot
++ * be overwritten by the compressed data. That space is actually 139 bits,
++ * due to the three-bit fixed-code block header.
++ *
++ * That covers the case where either Z_FIXED is specified, forcing fixed
++ * codes, or when the use of fixed codes is chosen, because that choice
++ * results in a smaller compressed block than dynamic codes. That latter
++ * condition then assures that the above analysis also covers all dynamic
++ * blocks. A dynamic-code block will only be chosen to be emitted if it has
++ * fewer bits than a fixed-code block would for the same set of symbols.
++ * Therefore its average symbol length is assured to be less than 31. So
++ * the compressed data for a dynamic block also cannot overwrite the
++ * symbols from which it is being constructed.
++ */
++
++ s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, 4);
++ s->pending_buf_size = (ulg)s->lit_bufsize * 4;
+
+ if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
+ s->pending_buf == Z_NULL) {
+@@ -340,8 +373,12 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+ deflateEnd (strm);
+ return Z_MEM_ERROR;
+ }
+- s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
+- s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
++ s->sym_buf = s->pending_buf + s->lit_bufsize;
++ s->sym_end = (s->lit_bufsize - 1) * 3;
++ /* We avoid equality with lit_bufsize*3 because of wraparound at 64K
++ * on 16 bit machines and because stored blocks are restricted to
++ * 64K-1 bytes.
++ */
+
+ s->level = level;
+ s->strategy = strategy;
+@@ -552,7 +589,7 @@ int ZEXPORT deflatePrime (strm, bits, value)
+
+ if (deflateStateCheck(strm)) return Z_STREAM_ERROR;
+ s = strm->state;
+- if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3))
++ if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
+ return Z_BUF_ERROR;
+ do {
+ put = Buf_size - s->bi_valid;
+@@ -1113,7 +1150,6 @@ int ZEXPORT deflateCopy (dest, source)
+ #else
+ deflate_state *ds;
+ deflate_state *ss;
+- ushf *overlay;
+
+
+ if (deflateStateCheck(source) || dest == Z_NULL) {
+@@ -1133,8 +1169,7 @@ int ZEXPORT deflateCopy (dest, source)
+ ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
+ ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos));
+ ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos));
+- overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
+- ds->pending_buf = (uchf *) overlay;
++ ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, 4);
+
+ if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
+ ds->pending_buf == Z_NULL) {
+@@ -1148,8 +1183,7 @@ int ZEXPORT deflateCopy (dest, source)
+ zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
+
+ ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
+- ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
+- ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
++ ds->sym_buf = ds->pending_buf + ds->lit_bufsize;
+
+ ds->l_desc.dyn_tree = ds->dyn_ltree;
+ ds->d_desc.dyn_tree = ds->dyn_dtree;
+@@ -1925,7 +1959,7 @@ local block_state deflate_fast(s, flush)
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+- if (s->last_lit)
++ if (s->sym_next)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+ }
+@@ -2056,7 +2090,7 @@ local block_state deflate_slow(s, flush)
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+- if (s->last_lit)
++ if (s->sym_next)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+ }
+@@ -2131,7 +2165,7 @@ local block_state deflate_rle(s, flush)
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+- if (s->last_lit)
++ if (s->sym_next)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+ }
+@@ -2170,7 +2204,7 @@ local block_state deflate_huff(s, flush)
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+- if (s->last_lit)
++ if (s->sym_next)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+ }
+diff --git a/deflate.h b/deflate.h
+index 23ecdd312..d4cf1a98b 100644
+--- a/deflate.h
++++ b/deflate.h
+@@ -217,7 +217,7 @@ typedef struct internal_state {
+ /* Depth of each subtree used as tie breaker for trees of equal frequency
+ */
+
+- uchf *l_buf; /* buffer for literals or lengths */
++ uchf *sym_buf; /* buffer for distances and literals/lengths */
+
+ uInt lit_bufsize;
+ /* Size of match buffer for literals/lengths. There are 4 reasons for
+@@ -239,13 +239,8 @@ typedef struct internal_state {
+ * - I can't count above 4
+ */
+
+- uInt last_lit; /* running index in l_buf */
+-
+- ushf *d_buf;
+- /* Buffer for distances. To simplify the code, d_buf and l_buf have
+- * the same number of elements. To use different lengths, an extra flag
+- * array would be necessary.
+- */
++ uInt sym_next; /* running index in sym_buf */
++ uInt sym_end; /* symbol table full when sym_next reaches this */
+
+ ulg opt_len; /* bit length of current block with optimal trees */
+ ulg static_len; /* bit length of current block with static trees */
+@@ -325,20 +320,22 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
+
+ # define _tr_tally_lit(s, c, flush) \
+ { uch cc = (c); \
+- s->d_buf[s->last_lit] = 0; \
+- s->l_buf[s->last_lit++] = cc; \
++ s->sym_buf[s->sym_next++] = 0; \
++ s->sym_buf[s->sym_next++] = 0; \
++ s->sym_buf[s->sym_next++] = cc; \
+ s->dyn_ltree[cc].Freq++; \
+- flush = (s->last_lit == s->lit_bufsize-1); \
++ flush = (s->sym_next == s->sym_end); \
+ }
+ # define _tr_tally_dist(s, distance, length, flush) \
+ { uch len = (uch)(length); \
+ ush dist = (ush)(distance); \
+- s->d_buf[s->last_lit] = dist; \
+- s->l_buf[s->last_lit++] = len; \
++ s->sym_buf[s->sym_next++] = dist; \
++ s->sym_buf[s->sym_next++] = dist >> 8; \
++ s->sym_buf[s->sym_next++] = len; \
+ dist--; \
+ s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
+ s->dyn_dtree[d_code(dist)].Freq++; \
+- flush = (s->last_lit == s->lit_bufsize-1); \
++ flush = (s->sym_next == s->sym_end); \
+ }
+ #else
+ # define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
+diff --git a/trees.c b/trees.c
+index 4f4a65011..decaeb7c3 100644
+--- a/trees.c
++++ b/trees.c
+@@ -416,7 +416,7 @@ local void init_block(s)
+
+ s->dyn_ltree[END_BLOCK].Freq = 1;
+ s->opt_len = s->static_len = 0L;
+- s->last_lit = s->matches = 0;
++ s->sym_next = s->matches = 0;
+ }
+
+ #define SMALLEST 1
+@@ -948,7 +948,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last)
+
+ Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
+ opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
+- s->last_lit));
++ s->sym_next / 3));
+
+ if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
+
+@@ -1017,8 +1017,9 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+ unsigned dist; /* distance of matched string */
+ unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
+ {
+- s->d_buf[s->last_lit] = (ush)dist;
+- s->l_buf[s->last_lit++] = (uch)lc;
++ s->sym_buf[s->sym_next++] = dist;
++ s->sym_buf[s->sym_next++] = dist >> 8;
++ s->sym_buf[s->sym_next++] = lc;
+ if (dist == 0) {
+ /* lc is the unmatched char */
+ s->dyn_ltree[lc].Freq++;
+@@ -1033,30 +1034,7 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+ s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
+ s->dyn_dtree[d_code(dist)].Freq++;
+ }
+-
+-#ifdef TRUNCATE_BLOCK
+- /* Try to guess if it is profitable to stop the current block here */
+- if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
+- /* Compute an upper bound for the compressed length */
+- ulg out_length = (ulg)s->last_lit*8L;
+- ulg in_length = (ulg)((long)s->strstart - s->block_start);
+- int dcode;
+- for (dcode = 0; dcode < D_CODES; dcode++) {
+- out_length += (ulg)s->dyn_dtree[dcode].Freq *
+- (5L+extra_dbits[dcode]);
+- }
+- out_length >>= 3;
+- Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
+- s->last_lit, in_length, out_length,
+- 100L - out_length*100L/in_length));
+- if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
+- }
+-#endif
+- return (s->last_lit == s->lit_bufsize-1);
+- /* We avoid equality with lit_bufsize because of wraparound at 64K
+- * on 16 bit machines and because stored blocks are restricted to
+- * 64K-1 bytes.
+- */
++ return (s->sym_next == s->sym_end);
+ }
+
+ /* ===========================================================================
+@@ -1069,13 +1047,14 @@ local void compress_block(s, ltree, dtree)
+ {
+ unsigned dist; /* distance of matched string */
+ int lc; /* match length or unmatched char (if dist == 0) */
+- unsigned lx = 0; /* running index in l_buf */
++ unsigned sx = 0; /* running index in sym_buf */
+ unsigned code; /* the code to send */
+ int extra; /* number of extra bits to send */
+
+- if (s->last_lit != 0) do {
+- dist = s->d_buf[lx];
+- lc = s->l_buf[lx++];
++ if (s->sym_next != 0) do {
++ dist = s->sym_buf[sx++] & 0xff;
++ dist += (unsigned)(s->sym_buf[sx++] & 0xff) << 8;
++ lc = s->sym_buf[sx++];
+ if (dist == 0) {
+ send_code(s, lc, ltree); /* send a literal byte */
+ Tracecv(isgraph(lc), (stderr," '%c' ", lc));
+@@ -1100,11 +1079,10 @@ local void compress_block(s, ltree, dtree)
+ }
+ } /* literal or match pair ? */
+
+- /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
+- Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
+- "pendingBuf overflow");
++ /* Check that the overlay between pending_buf and sym_buf is ok: */
++ Assert(s->pending < s->lit_bufsize + sx, "pendingBuf overflow");
+
+- } while (lx < s->last_lit);
++ } while (sx < s->sym_next);
+
+ send_code(s, END_BLOCK, ltree);
+ }
diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb
index ef9431ae47..bc42cd64e9 100644
--- a/meta/recipes-core/zlib/zlib_1.2.11.bb
+++ b/meta/recipes-core/zlib/zlib_1.2.11.bb
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://zlib.h;beginline=6;endline=23;md5=5377232268e952e9ef6
SRC_URI = "${SOURCEFORGE_MIRROR}/libpng/${BPN}/${PV}/${BPN}-${PV}.tar.xz \
file://ldflags-tests.patch \
+ file://CVE-2018-25032.patch \
file://run-ptest \
"
UPSTREAM_CHECK_URI = "http://zlib.net/"
diff --git a/meta/recipes-devtools/binutils/binutils-2.36.inc b/meta/recipes-devtools/binutils/binutils-2.36.inc
index 9d770db5a8..fa28358c2d 100644
--- a/meta/recipes-devtools/binutils/binutils-2.36.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.36.inc
@@ -24,7 +24,7 @@ BRANCH ?= "binutils-2_36-branch"
UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"
-SRCREV ?= "7651a4871c225925ffdfda0a8c91a6ed370cd9a1"
+SRCREV ?= "a281816c8aeb12619d34eec8959a43dfa5c6b4ec"
BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${BRANCH};protocol=git"
SRC_URI = "\
${BINUTILS_GIT_URI} \
@@ -41,8 +41,9 @@ SRC_URI = "\
file://0014-Fix-rpath-in-libtool-when-sysroot-is-enabled.patch \
file://0015-sync-with-OE-libtool-changes.patch \
file://0016-Check-for-clang-before-checking-gcc-version.patch \
- file://0001-CVE-2021-20197.patch \
- file://0002-CVE-2021-20197.patch \
- file://0003-CVE-2021-20197.patch \
+ file://0017-CVE-2021-3530.patch \
+ file://0018-CVE-2021-3530.patch \
+ file://0001-CVE-2021-42574.patch \
+ file://0001-CVE-2021-45078.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch
deleted file mode 100644
index 2b4eaba26d..0000000000
--- a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch
+++ /dev/null
@@ -1,201 +0,0 @@
-From 8e03235147a9e774d3ba084e93c2da1aa94d1cec Mon Sep 17 00:00:00 2001
-From: Siddhesh Poyarekar <siddhesh@gotplt.org>
-Date: Mon, 22 Feb 2021 20:45:50 +0530
-Subject: [PATCH] binutils: Avoid renaming over existing files
-
-Renaming over existing files needs additional care to restore
-permissions and ownership, which may not always succeed.
-Additionally, other properties of the file such as extended attributes
-may be lost, making the operation flaky.
-
-For predictable results, resort to rename() only if the file does not
-exist, otherwise copy the file contents into the existing file. This
-ensures that no additional tricks are needed to retain file
-properties.
-
-This also allows dropping of the redundant set_times on the tmpfile in
-objcopy/strip since now we no longer rename over existing files.
-
-binutils/
-
- * ar.c (write_archive): Adjust call to SMART_RENAME.
- * arsup.c (ar_save): Likewise.
- * objcopy (strip_main): Don't set times on temporary file and
- adjust call to SMART_RENAME.
- (copy_main): Likewise.
- * rename.c [!S_ISLNK]: Remove definitions.
- (try_preserve_permissions): Remove function.
- (smart_rename): Replace PRESERVE_DATES argument with
- TARGET_STAT. Use rename system call only if TO does not exist.
- * bucomm.h (smart_rename): Adjust declaration.
-
-(cherry picked from commit 3685de750e6a091663a0abe42528cad29e960e35)
-
-Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8e03235147a9e774d3ba084e93c2da1aa94d1cec]
-CVE: CVE-2021-20197
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- binutils/ar.c | 2 +-
- binutils/arsup.c | 2 +-
- binutils/bucomm.h | 3 ++-
- binutils/objcopy.c | 8 ++-----
- binutils/rename.c | 55 +++++++++-------------------------------------
- 6 files changed, 29 insertions(+), 54 deletions(-)
-
-diff --git a/binutils/ar.c b/binutils/ar.c
-index 45a34e3a6cf..3a91708b51c 100644
---- a/binutils/ar.c
-+++ b/binutils/ar.c
-@@ -1308,7 +1308,7 @@ write_archive (bfd *iarch)
- /* We don't care if this fails; we might be creating the archive. */
- bfd_close (iarch);
-
-- if (smart_rename (new_name, old_name, 0) != 0)
-+ if (smart_rename (new_name, old_name, NULL) != 0)
- xexit (1);
- free (old_name);
- free (new_name);
-diff --git a/binutils/arsup.c b/binutils/arsup.c
-index 5403a0c5d74..0a1f63f6456 100644
---- a/binutils/arsup.c
-+++ b/binutils/arsup.c
-@@ -351,7 +351,7 @@ ar_save (void)
-
- bfd_close (obfd);
-
-- smart_rename (ofilename, real_name, 0);
-+ smart_rename (ofilename, real_name, NULL);
- obfd = 0;
- free (ofilename);
- }
-diff --git a/binutils/bucomm.h b/binutils/bucomm.h
-index 91f6a5b228f..aa7e33d8cd1 100644
---- a/binutils/bucomm.h
-+++ b/binutils/bucomm.h
-@@ -71,7 +71,8 @@ extern void print_version (const char *);
- /* In rename.c. */
- extern void set_times (const char *, const struct stat *);
-
--extern int smart_rename (const char *, const char *, int);
-+extern int smart_rename (const char *, const char *, struct stat *);
-+
-
- /* In libiberty. */
- void *xmalloc (size_t);
-diff --git a/binutils/objcopy.c b/binutils/objcopy.c
-index eab3b6db585..07a872b5a80 100644
---- a/binutils/objcopy.c
-+++ b/binutils/objcopy.c
-@@ -4861,12 +4861,10 @@ strip_main (int argc, char *argv[])
- output_target, NULL);
- if (status == 0)
- {
-- if (preserve_dates)
-- set_times (tmpname, &statbuf);
- if (output_file != tmpname)
- status = (smart_rename (tmpname,
- output_file ? output_file : argv[i],
-- preserve_dates) != 0);
-+ preserve_dates ? &statbuf : NULL) != 0);
- if (status == 0)
- status = hold_status;
- }
-@@ -5931,11 +5929,9 @@ copy_main (int argc, char *argv[])
- output_target, input_arch);
- if (status == 0)
- {
-- if (preserve_dates)
-- set_times (tmpname, &statbuf);
- if (tmpname != output_filename)
- status = (smart_rename (tmpname, input_filename,
-- preserve_dates) != 0);
-+ preserve_dates ? &statbuf : NULL) != 0);
- }
- else
- unlink_if_ordinary (tmpname);
-diff --git a/binutils/rename.c b/binutils/rename.c
-index 65ad5bf52c4..f471b45fd3f 100644
---- a/binutils/rename.c
-+++ b/binutils/rename.c
-@@ -122,20 +122,13 @@ set_times (const char *destination, const struct stat *statbuf)
- non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno));
- }
-
--#ifndef S_ISLNK
--#ifdef S_IFLNK
--#define S_ISLNK(m) (((m) & S_IFMT) == S_IFLNK)
--#else
--#define S_ISLNK(m) 0
--#define lstat stat
--#endif
--#endif
--
--/* Rename FROM to TO, copying if TO is a link.
-- Return 0 if ok, -1 if error. */
-+/* Rename FROM to TO, copying if TO exists. TARGET_STAT has the file status
-+ that, if non-NULL, is used to fix up timestamps after rename. Return 0 if
-+ ok, -1 if error. */
-
- int
--smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNUSED)
-+smart_rename (const char *from, const char *to,
-+ struct stat *target_stat ATTRIBUTE_UNUSED)
- {
- bfd_boolean exists;
- struct stat s;
-@@ -158,38 +151,10 @@ smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNU
- unlink (from);
- }
- #else
-- /* Use rename only if TO is not a symbolic link and has
-- only one hard link, and we have permission to write to it. */
-- if (! exists
-- || (!S_ISLNK (s.st_mode)
-- && S_ISREG (s.st_mode)
-- && (s.st_mode & S_IWUSR)
-- && s.st_nlink == 1)
-- )
-+ /* Avoid a full copy and use rename if TO does not exist. */
-+ if (!exists)
- {
-- ret = rename (from, to);
-- if (ret == 0)
-- {
-- if (exists)
-- {
-- /* Try to preserve the permission bits and ownership of
-- TO. First get the mode right except for the setuid
-- bit. Then change the ownership. Then fix the setuid
-- bit. We do the chmod before the chown because if the
-- chown succeeds, and we are a normal user, we won't be
-- able to do the chmod afterward. We don't bother to
-- fix the setuid bit first because that might introduce
-- a fleeting security problem, and because the chown
-- will clear the setuid bit anyhow. We only fix the
-- setuid bit if the chown succeeds, because we don't
-- want to introduce an unexpected setuid file owned by
-- the user running objcopy. */
-- chmod (to, s.st_mode & 0777);
-- if (chown (to, s.st_uid, s.st_gid) >= 0)
-- chmod (to, s.st_mode & 07777);
-- }
-- }
-- else
-+ if ((ret = rename (from, to)) != 0)
- {
- /* We have to clean up here. */
- non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno));
-@@ -202,8 +167,8 @@ smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNU
- if (ret != 0)
- non_fatal (_("unable to copy file '%s'; reason: %s"), to, strerror (errno));
-
-- if (preserve_dates)
-- set_times (to, &s);
-+ if (target_stat != NULL)
-+ set_times (to, target_stat);
- unlink (from);
- }
- #endif /* _WIN32 && !__CYGWIN32__ */
---
-2.31.1
-
diff --git a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch
new file mode 100644
index 0000000000..6adc438b5c
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch
@@ -0,0 +1,2006 @@
+From b3aa80b45c4f46029efeb204bb9f2d2c4278a0e5 Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Tue, 9 Nov 2021 13:25:42 +0000
+Subject: [PATCH] Add --unicode option to control how unicode characters are
+ handled by display tools.
+
+ * nm.c: Add --unicode option to control how unicode characters are
+ handled.
+ * objdump.c: Likewise.
+ * readelf.c: Likewise.
+ * strings.c: Likewise.
+ * binutils.texi: Document the new feature.
+ * NEWS: Document the new feature.
+ * testsuite/binutils-all/unicode.exp: New file.
+ * testsuite/binutils-all/nm.hex.unicode
+ * testsuite/binutils-all/strings.escape.unicode
+ * testsuite/binutils-all/objdump.highlight.unicode
+ * testsuite/binutils-all/readelf.invalid.unicode
+
+CVE: CVE-2021-42574
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=b3aa80b45c4f46029efeb204bb9f2d2c4278a0e5]
+
+Signed-off-by: pgowda <pgowda.cve@gmail.com>
+---
+ binutils/ChangeLog | 15 +
+ binutils/NEWS | 9 +
+ binutils/doc/binutils.texi | 78 ++++
+ binutils/nm.c | 228 ++++++++++-
+ binutils/objdump.c | 235 ++++++++++--
+ binutils/readelf.c | 190 +++++++++-
+ binutils/strings.c | 757 ++++++++++++++++++++++++++++++++++---
+ 7 files changed, 1409 insertions(+), 103 deletions(-)
+
+diff --git a/binutils/ChangeLog b/binutils/ChangeLog
+--- a/binutils/ChangeLog 2021-12-23 03:23:38.425843662 -0800
++++ b/binutils/ChangeLog 2021-12-23 03:30:31.094968942 -0800
+@@ -1,3 +1,18 @@
++2021-11-09 Nick Clifton <nickc@redhat.com>
++
++ * nm.c: Add --unicode option to control how unicode characters are
++ handled.
++ * objdump.c: Likewise.
++ * readelf.c: Likewise.
++ * strings.c: Likewise.
++ * binutils.texi: Document the new feature.
++ * NEWS: Document the new feature.
++ * testsuite/binutils-all/unicode.exp: New file.
++ * testsuite/binutils-all/nm.hex.unicode
++ * testsuite/binutils-all/strings.escape.unicode
++ * testsuite/binutils-all/objdump.highlight.unicode
++ * testsuite/binutils-all/readelf.invalid.unicode
++
+ 2021-04-15 Alan Modra <amodra@gmail.com>
+
+ PR 27456
+diff --git a/binutils/doc/binutils.texi b/binutils/doc/binutils.texi
+--- a/binutils/doc/binutils.texi 2021-12-23 03:23:38.441843395 -0800
++++ b/binutils/doc/binutils.texi 2021-12-23 03:30:31.094968942 -0800
+@@ -805,6 +805,7 @@ nm [@option{-A}|@option{-o}|@option{--pr
+ [@option{-s}|@option{--print-armap}] [@option{-t} @var{radix}|@option{--radix=}@var{radix}]
+ [@option{-u}|@option{--undefined-only}] [@option{-V}|@option{--version}]
+ [@option{-X 32_64}] [@option{--defined-only}] [@option{--no-demangle}]
++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}]
+ [@option{--plugin} @var{name}]
+ [@option{--no-recurse-limit}|@option{--recurse-limit}]]
+ [@option{--size-sort}] [@option{--special-syms}]
+@@ -1114,6 +1115,21 @@ Use @var{radix} as the radix for printin
+ @cindex undefined symbols
+ Display only undefined symbols (those external to each object file).
+
++@item -U @var{[d|i|l|e|x|h]}
++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]}
++Controls the display of UTF-8 encoded mulibyte characters in strings.
++The default (@option{--unicode=default}) is to give them no special
++treatment. The @option{--unicode=locale} option displays the sequence
++in the current locale, which may or may not support them. The options
++@option{--unicode=hex} and @option{--unicode=invalid} display them as
++hex byte sequences enclosed by either angle brackets or curly braces.
++
++The @option{--unicode=escape} option displays them as escape sequences
++(@var{\uxxxx}) and the @option{--unicode=highlight} option displays
++them as escape sequences highlighted in red (if supported by the
++output device). The colouring is intended to draw attention to the
++presence of unicode sequences where they might not be expected.
++
+ @item -V
+ @itemx --version
+ Show the version number of @command{nm} and exit.
+@@ -2210,6 +2226,7 @@ objdump [@option{-a}|@option{--archive-h
+ [@option{--prefix-strip=}@var{level}]
+ [@option{--insn-width=}@var{width}]
+ [@option{--visualize-jumps[=color|=extended-color|=off]}
++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}]
+ [@option{-V}|@option{--version}]
+ [@option{-H}|@option{--help}]
+ @var{objfile}@dots{}
+@@ -2877,6 +2894,21 @@ When displaying symbols include those wh
+ special in some way and which would not normally be of interest to the
+ user.
+
++@item -U @var{[d|i|l|e|x|h]}
++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]}
++Controls the display of UTF-8 encoded mulibyte characters in strings.
++The default (@option{--unicode=default}) is to give them no special
++treatment. The @option{--unicode=locale} option displays the sequence
++in the current locale, which may or may not support them. The options
++@option{--unicode=hex} and @option{--unicode=invalid} display them as
++hex byte sequences enclosed by either angle brackets or curly braces.
++
++The @option{--unicode=escape} option displays them as escape sequences
++(@var{\uxxxx}) and the @option{--unicode=highlight} option displays
++them as escape sequences highlighted in red (if supported by the
++output device). The colouring is intended to draw attention to the
++presence of unicode sequences where they might not be expected.
++
+ @item -V
+ @itemx --version
+ Print the version number of @command{objdump} and exit.
+@@ -3153,6 +3185,7 @@ strings [@option{-afovV}] [@option{-}@va
+ [@option{-n} @var{min-len}] [@option{--bytes=}@var{min-len}]
+ [@option{-t} @var{radix}] [@option{--radix=}@var{radix}]
+ [@option{-e} @var{encoding}] [@option{--encoding=}@var{encoding}]
++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}]
+ [@option{-}] [@option{--all}] [@option{--print-file-name}]
+ [@option{-T} @var{bfdname}] [@option{--target=}@var{bfdname}]
+ [@option{-w}] [@option{--include-all-whitespace}]
+@@ -3244,6 +3277,28 @@ single-8-bit-byte characters, @samp{b} =
+ littleendian. Useful for finding wide character strings. (@samp{l}
+ and @samp{b} apply to, for example, Unicode UTF-16/UCS-2 encodings).
+
++@item -U @var{[d|i|l|e|x|h]}
++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]}
++Controls the display of UTF-8 encoded mulibyte characters in strings.
++The default (@option{--unicode=default}) is to give them no special
++treatment, and instead rely upon the setting of the
++@option{--encoding} option. The other values for this option
++automatically enable @option{--encoding=S}.
++
++The @option{--unicode=invalid} option treats them as non-graphic
++characters and hence not part of a valid string. All the remaining
++options treat them as valid string characters.
++
++The @option{--unicode=locale} option displays them in the current
++locale, which may or may not support UTF-8 encoding. The
++@option{--unicode=hex} option displays them as hex byte sequences
++enclosed between @var{<>} characters. The @option{--unicode=escape}
++option displays them as escape sequences (@var{\uxxxx}) and the
++@option{--unicode=highlight} option displays them as escape sequences
++highlighted in red (if supported by the output device). The colouring
++is intended to draw attention to the presence of unicode sequences
++where they might not be expected.
++
+ @item -T @var{bfdname}
+ @itemx --target=@var{bfdname}
+ @cindex object code format
+@@ -4740,6 +4795,7 @@ readelf [@option{-a}|@option{--all}]
+ [@option{--dyn-syms}|@option{--lto-syms}]
+ [@option{--demangle@var{=style}}|@option{--no-demangle}]
+ [@option{--recurse-limit}|@option{--no-recurse-limit}]
++ [@option{-U} @var{method}|@option{--unicode=}@var{method}]
+ [@option{-n}|@option{--notes}]
+ [@option{-r}|@option{--relocs}]
+ [@option{-u}|@option{--unwind}]
+@@ -4887,6 +4943,28 @@ necessary in order to demangle truly com
+ that if the recursion limit is disabled then stack exhaustion is
+ possible and any bug reports about such an event will be rejected.
+
++@item -U @var{[d|i|l|e|x|h]}
++@itemx --unicode=[default|invalid|locale|escape|hex|highlight]
++Controls the display of non-ASCII characters in identifier names.
++The default (@option{--unicode=locale} or @option{--unicode=default}) is
++to treat them as multibyte characters and display them in the current
++locale. All other versions of this option treat the bytes as UTF-8
++encoded values and attempt to interpret them. If they cannot be
++interpreted or if the @option{--unicode=invalid} option is used then
++they are displayed as a sequence of hex bytes, encloses in curly
++parethesis characters.
++
++Using the @option{--unicode=escape} option will display the characters
++as as unicode escape sequences (@var{\uxxxx}). Using the
++@option{--unicode=hex} will display the characters as hex byte
++sequences enclosed between angle brackets.
++
++Using the @option{--unicode=highlight} will display the characters as
++unicode escape sequences but it will also highlighted them in red,
++assuming that colouring is supported by the output device. The
++colouring is intended to draw attention to the presence of unicode
++sequences when they might not be expected.
++
+ @item -e
+ @itemx --headers
+ Display all the headers in the file. Equivalent to @option{-h -l -S}.
+diff --git a/binutils/NEWS b/binutils/NEWS
+--- a/binutils/NEWS 2021-12-23 03:23:38.433843528 -0800
++++ b/binutils/NEWS 2021-12-23 03:30:31.094968942 -0800
+@@ -1,5 +1,14 @@
+ -*- text -*-
+
++* Tools which display symbols or strings (readelf, strings, nm, objdump)
++ have a new command line option which controls how unicode characters are
++ handled. By default they are treated as normal for the tool. Using
++ --unicode=locale will display them according to the current locale.
++ Using --unicode=hex will display them as hex byte values, whilst
++ --unicode=escape will display them as escape sequences. In addition
++ using --unicode=highlight will display them as unicode escape sequences
++ highlighted in red (if supported by the output device).
++
+ Changes in 2.36:
+
+ * Update elfedit and readelf with LAM_U48 and LAM_U57 support.
+diff --git a/binutils/nm.c b/binutils/nm.c
+--- a/binutils/nm.c 2021-12-23 03:23:38.441843395 -0800
++++ b/binutils/nm.c 2021-12-23 03:30:31.098968875 -0800
+@@ -38,6 +38,11 @@
+ #include "bucomm.h"
+ #include "plugin-api.h"
+ #include "plugin.h"
++#include "safe-ctype.h"
++
++#ifndef streq
++#define streq(a,b) (strcmp ((a),(b)) == 0)
++#endif
+
+ /* When sorting by size, we use this structure to hold the size and a
+ pointer to the minisymbol. */
+@@ -192,6 +197,18 @@ static const char *plugin_target = NULL;
+ static bfd *lineno_cache_bfd;
+ static bfd *lineno_cache_rel_bfd;
+
++typedef enum unicode_display_type
++{
++ unicode_default = 0,
++ unicode_locale,
++ unicode_escape,
++ unicode_hex,
++ unicode_highlight,
++ unicode_invalid
++} unicode_display_type;
++
++static unicode_display_type unicode_display = unicode_default;
++
+ enum long_option_values
+ {
+ OPTION_TARGET = 200,
+@@ -234,6 +251,7 @@ static struct option long_options[] =
+ {"target", required_argument, 0, OPTION_TARGET},
+ {"defined-only", no_argument, &defined_only, 1},
+ {"undefined-only", no_argument, &undefined_only, 1},
++ {"unicode", required_argument, NULL, 'U'},
+ {"version", no_argument, &show_version, 1},
+ {"with-symbol-versions", no_argument, NULL,
+ OPTION_WITH_SYMBOL_VERSIONS},
+@@ -285,6 +303,8 @@ usage (FILE *stream, int status)
+ -t, --radix=RADIX Use RADIX for printing symbol values\n\
+ --target=BFDNAME Specify the target object format as BFDNAME\n\
+ -u, --undefined-only Display only undefined symbols\n\
++ -U {d|s|i|x|e|h} Specify how to treat UTF-8 encoded unicode characters\n\
++ --unicode={default|show|invalid|hex|escape|highlight}\n\
+ --with-symbol-versions Display version strings after symbol names\n\
+ -X 32_64 (ignored)\n\
+ @FILE Read options from FILE\n\
+@@ -399,6 +419,188 @@ get_coff_symbol_type (const struct inter
+ fatal ("%s", xstrerror (errno));
+ return bufp;
+ }
++
++/* Convert a potential UTF-8 encoded sequence in IN into characters in OUT.
++ The conversion format is controlled by the unicode_display variable.
++ Returns the number of characters added to OUT.
++ Returns the number of bytes consumed from IN in CONSUMED.
++ Always consumes at least one byte and displays at least one character. */
++
++static unsigned int
++display_utf8 (const unsigned char * in, char * out, unsigned int * consumed)
++{
++ char * orig_out = out;
++ unsigned int nchars = 0;
++ unsigned int j;
++
++ if (unicode_display == unicode_default)
++ goto invalid;
++
++ if (in[0] < 0xc0)
++ goto invalid;
++
++ if ((in[1] & 0xc0) != 0x80)
++ goto invalid;
++
++ if ((in[0] & 0x20) == 0)
++ {
++ nchars = 2;
++ goto valid;
++ }
++
++ if ((in[2] & 0xc0) != 0x80)
++ goto invalid;
++
++ if ((in[0] & 0x10) == 0)
++ {
++ nchars = 3;
++ goto valid;
++ }
++
++ if ((in[3] & 0xc0) != 0x80)
++ goto invalid;
++
++ nchars = 4;
++
++ valid:
++ switch (unicode_display)
++ {
++ case unicode_locale:
++ /* Copy the bytes into the output buffer as is. */
++ memcpy (out, in, nchars);
++ out += nchars;
++ break;
++
++ case unicode_invalid:
++ case unicode_hex:
++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '<' : '{');
++ out += sprintf (out, "0x");
++ for (j = 0; j < nchars; j++)
++ out += sprintf (out, "%02x", in [j]);
++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '>' : '}');
++ break;
++
++ case unicode_highlight:
++ if (isatty (1))
++ out += sprintf (out, "\x1B[31;47m"); /* Red. */
++ /* Fall through. */
++ case unicode_escape:
++ switch (nchars)
++ {
++ case 2:
++ out += sprintf (out, "\\u%02x%02x",
++ ((in[0] & 0x1c) >> 2),
++ ((in[0] & 0x03) << 6) | (in[1] & 0x3f));
++ break;
++
++ case 3:
++ out += sprintf (out, "\\u%02x%02x",
++ ((in[0] & 0x0f) << 4) | ((in[1] & 0x3c) >> 2),
++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3f)));
++ break;
++
++ case 4:
++ out += sprintf (out, "\\u%02x%02x%02x",
++ ((in[0] & 0x07) << 6) | ((in[1] & 0x3c) >> 2),
++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3c) >> 2),
++ ((in[2] & 0x03) << 6) | ((in[3] & 0x3f)));
++ break;
++ default:
++ /* URG. */
++ break;
++ }
++
++ if (unicode_display == unicode_highlight && isatty (1))
++ out += sprintf (out, "\033[0m"); /* Default colour. */
++ break;
++
++ default:
++ /* URG */
++ break;
++ }
++
++ * consumed = nchars;
++ return out - orig_out;
++
++ invalid:
++ /* Not a valid UTF-8 sequence. */
++ *out = *in;
++ * consumed = 1;
++ return 1;
++}
++
++/* Convert any UTF-8 encoded characters in NAME into the form specified by
++ unicode_display. Also converts control characters. Returns a static
++ buffer if conversion was necessary.
++ Code stolen from objdump.c:sanitize_string(). */
++
++static const char *
++convert_utf8 (const char * in)
++{
++ static char * buffer = NULL;
++ static size_t buffer_len = 0;
++ const char * original = in;
++ char * out;
++
++ /* Paranoia. */
++ if (in == NULL)
++ return "";
++
++ /* See if any conversion is necessary.
++ In the majority of cases it will not be needed. */
++ do
++ {
++ unsigned char c = *in++;
++
++ if (c == 0)
++ return original;
++
++ if (ISCNTRL (c))
++ break;
++
++ if (unicode_display != unicode_default && c >= 0xc0)
++ break;
++ }
++ while (1);
++
++ /* Copy the input, translating as needed. */
++ in = original;
++ if (buffer_len < (strlen (in) * 9))
++ {
++ free ((void *) buffer);
++ buffer_len = strlen (in) * 9;
++ buffer = xmalloc (buffer_len + 1);
++ }
++
++ out = buffer;
++ do
++ {
++ unsigned char c = *in++;
++
++ if (c == 0)
++ break;
++
++ if (ISCNTRL (c))
++ {
++ *out++ = '^';
++ *out++ = c + 0x40;
++ }
++ else if (unicode_display != unicode_default && c >= 0xc0)
++ {
++ unsigned int num_consumed;
++
++ out += display_utf8 ((const unsigned char *)(in - 1), out, & num_consumed);
++ in += num_consumed - 1;
++ }
++ else
++ *out++ = c;
++ }
++ while (1);
++
++ *out = 0;
++ return buffer;
++}
++
+
+ /* Print symbol name NAME, read from ABFD, with printf format FORM,
+ demangling it if requested. */
+@@ -418,6 +620,11 @@ print_symname (const char *form, struct
+ name = alloc;
+ }
+
++ if (unicode_display != unicode_default)
++ {
++ name = convert_utf8 (name);
++ }
++
+ if (info != NULL && info->elfinfo)
+ {
+ const char *version_string;
+@@ -1738,7 +1945,7 @@ main (int argc, char **argv)
+ fatal (_("fatal error: libbfd ABI mismatch"));
+ set_default_bfd_target ();
+
+- while ((c = getopt_long (argc, argv, "aABCDef:gHhlnopPrSst:uvVvX:",
++ while ((c = getopt_long (argc, argv, "aABCDef:gHhlnopPrSst:uU:vVvX:",
+ long_options, (int *) 0)) != EOF)
+ {
+ switch (c)
+@@ -1828,6 +2035,24 @@ main (int argc, char **argv)
+ case 'u':
+ undefined_only = 1;
+ break;
++
++ case 'U':
++ if (streq (optarg, "default") || streq (optarg, "d"))
++ unicode_display = unicode_default;
++ else if (streq (optarg, "locale") || streq (optarg, "l"))
++ unicode_display = unicode_locale;
++ else if (streq (optarg, "escape") || streq (optarg, "e"))
++ unicode_display = unicode_escape;
++ else if (streq (optarg, "invalid") || streq (optarg, "i"))
++ unicode_display = unicode_invalid;
++ else if (streq (optarg, "hex") || streq (optarg, "x"))
++ unicode_display = unicode_hex;
++ else if (streq (optarg, "highlight") || streq (optarg, "h"))
++ unicode_display = unicode_highlight;
++ else
++ fatal (_("invalid argument to -U/--unicode: %s"), optarg);
++ break;
++
+ case 'V':
+ show_version = 1;
+ break;
+diff --git a/binutils/objdump.c b/binutils/objdump.c
+--- a/binutils/objdump.c 2021-12-23 03:23:38.445843329 -0800
++++ b/binutils/objdump.c 2021-12-23 03:30:31.098968875 -0800
+@@ -205,6 +205,19 @@ static const struct objdump_private_desc
+
+ /* The list of detected jumps inside a function. */
+ static struct jump_info *detected_jumps = NULL;
++
++typedef enum unicode_display_type
++{
++ unicode_default = 0,
++ unicode_locale,
++ unicode_escape,
++ unicode_hex,
++ unicode_highlight,
++ unicode_invalid
++} unicode_display_type;
++
++static unicode_display_type unicode_display = unicode_default;
++
+
+ static void usage (FILE *, int) ATTRIBUTE_NORETURN;
+ static void
+@@ -274,6 +287,8 @@ usage (FILE *stream, int status)
+ --recurse-limit Enable a limit on recursion whilst demangling. [Default]\n\
+ --no-recurse-limit Disable a limit on recursion whilst demangling\n\
+ -w, --wide Format output for more than 80 columns\n\
++ -U[d|l|i|x|e|h] Controls the display of UTF-8 unicode characters\n\
++ --unicode=[default|locale|invalid|hex|escape|highlight]\n\
+ -z, --disassemble-zeroes Do not skip blocks of zeroes when disassembling\n\
+ --start-address=ADDR Only process data whose address is >= ADDR\n\
+ --stop-address=ADDR Only process data whose address is < ADDR\n\
+@@ -348,17 +363,23 @@ static struct option long_options[]=
+ {
+ {"adjust-vma", required_argument, NULL, OPTION_ADJUST_VMA},
+ {"all-headers", no_argument, NULL, 'x'},
+- {"private-headers", no_argument, NULL, 'p'},
+- {"private", required_argument, NULL, 'P'},
+ {"architecture", required_argument, NULL, 'm'},
+ {"archive-headers", no_argument, NULL, 'a'},
++#ifdef ENABLE_LIBCTF
++ {"ctf", required_argument, NULL, OPTION_CTF},
++ {"ctf-parent", required_argument, NULL, OPTION_CTF_PARENT},
++#endif
+ {"debugging", no_argument, NULL, 'g'},
+ {"debugging-tags", no_argument, NULL, 'e'},
+ {"demangle", optional_argument, NULL, 'C'},
+ {"disassemble", optional_argument, NULL, 'd'},
+ {"disassemble-all", no_argument, NULL, 'D'},
+- {"disassembler-options", required_argument, NULL, 'M'},
+ {"disassemble-zeroes", no_argument, NULL, 'z'},
++ {"disassembler-options", required_argument, NULL, 'M'},
++ {"dwarf", optional_argument, NULL, OPTION_DWARF},
++ {"dwarf-check", no_argument, 0, OPTION_DWARF_CHECK},
++ {"dwarf-depth", required_argument, 0, OPTION_DWARF_DEPTH},
++ {"dwarf-start", required_argument, 0, OPTION_DWARF_START},
+ {"dynamic-reloc", no_argument, NULL, 'R'},
+ {"dynamic-syms", no_argument, NULL, 'T'},
+ {"endian", required_argument, NULL, OPTION_ENDIAN},
+@@ -368,15 +389,22 @@ static struct option long_options[]=
+ {"full-contents", no_argument, NULL, 's'},
+ {"headers", no_argument, NULL, 'h'},
+ {"help", no_argument, NULL, 'H'},
++ {"include", required_argument, NULL, 'I'},
+ {"info", no_argument, NULL, 'i'},
++ {"inlines", no_argument, 0, OPTION_INLINES},
++ {"insn-width", required_argument, NULL, OPTION_INSN_WIDTH},
+ {"line-numbers", no_argument, NULL, 'l'},
+- {"no-show-raw-insn", no_argument, &show_raw_insn, -1},
+ {"no-addresses", no_argument, &no_addresses, 1},
++ {"no-recurse-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT},
++ {"no-recursion-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT},
++ {"no-show-raw-insn", no_argument, &show_raw_insn, -1},
++ {"prefix", required_argument, NULL, OPTION_PREFIX},
+ {"prefix-addresses", no_argument, &prefix_addresses, 1},
++ {"prefix-strip", required_argument, NULL, OPTION_PREFIX_STRIP},
++ {"private", required_argument, NULL, 'P'},
++ {"private-headers", no_argument, NULL, 'p'},
+ {"recurse-limit", no_argument, NULL, OPTION_RECURSE_LIMIT},
+ {"recursion-limit", no_argument, NULL, OPTION_RECURSE_LIMIT},
+- {"no-recurse-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT},
+- {"no-recursion-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT},
+ {"reloc", no_argument, NULL, 'r'},
+ {"section", required_argument, NULL, 'j'},
+ {"section-headers", no_argument, NULL, 'h'},
+@@ -384,28 +412,16 @@ static struct option long_options[]=
+ {"source", no_argument, NULL, 'S'},
+ {"source-comment", optional_argument, NULL, OPTION_SOURCE_COMMENT},
+ {"special-syms", no_argument, &dump_special_syms, 1},
+- {"include", required_argument, NULL, 'I'},
+- {"dwarf", optional_argument, NULL, OPTION_DWARF},
+-#ifdef ENABLE_LIBCTF
+- {"ctf", required_argument, NULL, OPTION_CTF},
+- {"ctf-parent", required_argument, NULL, OPTION_CTF_PARENT},
+-#endif
+ {"stabs", no_argument, NULL, 'G'},
+ {"start-address", required_argument, NULL, OPTION_START_ADDRESS},
+ {"stop-address", required_argument, NULL, OPTION_STOP_ADDRESS},
+ {"syms", no_argument, NULL, 't'},
+ {"target", required_argument, NULL, 'b'},
++ {"unicode", required_argument, NULL, 'U'},
+ {"version", no_argument, NULL, 'V'},
+- {"wide", no_argument, NULL, 'w'},
+- {"prefix", required_argument, NULL, OPTION_PREFIX},
+- {"prefix-strip", required_argument, NULL, OPTION_PREFIX_STRIP},
+- {"insn-width", required_argument, NULL, OPTION_INSN_WIDTH},
+- {"dwarf-depth", required_argument, 0, OPTION_DWARF_DEPTH},
+- {"dwarf-start", required_argument, 0, OPTION_DWARF_START},
+- {"dwarf-check", no_argument, 0, OPTION_DWARF_CHECK},
+- {"inlines", no_argument, 0, OPTION_INLINES},
+ {"visualize-jumps", optional_argument, 0, OPTION_VISUALIZE_JUMPS},
+- {0, no_argument, 0, 0}
++ {"wide", no_argument, NULL, 'w'},
++ {NULL, no_argument, NULL, 0}
+ };
+
+ static void
+@@ -415,9 +431,121 @@ nonfatal (const char *msg)
+ exit_status = 1;
+ }
+
++/* Convert a potential UTF-8 encoded sequence in IN into characters in OUT.
++ The conversion format is controlled by the unicode_display variable.
++ Returns the number of characters added to OUT.
++ Returns the number of bytes consumed from IN in CONSUMED.
++ Always consumes at least one byte and displays at least one character. */
++
++static unsigned int
++display_utf8 (const unsigned char * in, char * out, unsigned int * consumed)
++{
++ char * orig_out = out;
++ unsigned int nchars = 0;
++ unsigned int j;
++
++ if (unicode_display == unicode_default)
++ goto invalid;
++
++ if (in[0] < 0xc0)
++ goto invalid;
++
++ if ((in[1] & 0xc0) != 0x80)
++ goto invalid;
++
++ if ((in[0] & 0x20) == 0)
++ {
++ nchars = 2;
++ goto valid;
++ }
++
++ if ((in[2] & 0xc0) != 0x80)
++ goto invalid;
++
++ if ((in[0] & 0x10) == 0)
++ {
++ nchars = 3;
++ goto valid;
++ }
++
++ if ((in[3] & 0xc0) != 0x80)
++ goto invalid;
++
++ nchars = 4;
++
++ valid:
++ switch (unicode_display)
++ {
++ case unicode_locale:
++ /* Copy the bytes into the output buffer as is. */
++ memcpy (out, in, nchars);
++ out += nchars;
++ break;
++
++ case unicode_invalid:
++ case unicode_hex:
++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '<' : '{');
++ out += sprintf (out, "0x");
++ for (j = 0; j < nchars; j++)
++ out += sprintf (out, "%02x", in [j]);
++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '>' : '}');
++ break;
++
++ case unicode_highlight:
++ if (isatty (1))
++ out += sprintf (out, "\x1B[31;47m"); /* Red. */
++ /* Fall through. */
++ case unicode_escape:
++ switch (nchars)
++ {
++ case 2:
++ out += sprintf (out, "\\u%02x%02x",
++ ((in[0] & 0x1c) >> 2),
++ ((in[0] & 0x03) << 6) | (in[1] & 0x3f));
++ break;
++
++ case 3:
++ out += sprintf (out, "\\u%02x%02x",
++ ((in[0] & 0x0f) << 4) | ((in[1] & 0x3c) >> 2),
++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3f)));
++ break;
++
++ case 4:
++ out += sprintf (out, "\\u%02x%02x%02x",
++ ((in[0] & 0x07) << 6) | ((in[1] & 0x3c) >> 2),
++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3c) >> 2),
++ ((in[2] & 0x03) << 6) | ((in[3] & 0x3f)));
++ break;
++ default:
++ /* URG. */
++ break;
++ }
++
++ if (unicode_display == unicode_highlight && isatty (1))
++ out += sprintf (out, "\033[0m"); /* Default colour. */
++ break;
++
++ default:
++ /* URG */
++ break;
++ }
++
++ * consumed = nchars;
++ return out - orig_out;
++
++ invalid:
++ /* Not a valid UTF-8 sequence. */
++ *out = *in;
++ * consumed = 1;
++ return 1;
++}
++
+ /* Returns a version of IN with any control characters
+ replaced by escape sequences. Uses a static buffer
+- if necessary. */
++ if necessary.
++
++ If unicode display is enabled, then also handles the
++ conversion of unicode characters. */
+
+ static const char *
+ sanitize_string (const char * in)
+@@ -435,40 +563,50 @@ sanitize_string (const char * in)
+ of cases it will not be needed. */
+ do
+ {
+- char c = *in++;
++ unsigned char c = *in++;
+
+ if (c == 0)
+ return original;
+
+ if (ISCNTRL (c))
+ break;
++
++ if (unicode_display != unicode_default && c >= 0xc0)
++ break;
+ }
+ while (1);
+
+ /* Copy the input, translating as needed. */
+ in = original;
+- if (buffer_len < (strlen (in) * 2))
++ if (buffer_len < (strlen (in) * 9))
+ {
+ free ((void *) buffer);
+- buffer_len = strlen (in) * 2;
++ buffer_len = strlen (in) * 9;
+ buffer = xmalloc (buffer_len + 1);
+ }
+
+ out = buffer;
+ do
+ {
+- char c = *in++;
++ unsigned char c = *in++;
+
+ if (c == 0)
+ break;
+
+- if (!ISCNTRL (c))
+- *out++ = c;
+- else
++ if (ISCNTRL (c))
+ {
+ *out++ = '^';
+ *out++ = c + 0x40;
+ }
++ else if (unicode_display != unicode_default && c >= 0xc0)
++ {
++ unsigned int num_consumed;
++
++ out += display_utf8 ((const unsigned char *)(in - 1), out, & num_consumed);
++ in += num_consumed - 1;
++ }
++ else
++ *out++ = c;
+ }
+ while (1);
+
+@@ -4481,6 +4619,24 @@ dump_symbols (bfd *abfd ATTRIBUTE_UNUSED
+ free (alloc);
+ }
+ }
++ else if (unicode_display != unicode_default
++ && name != NULL && *name != '\0')
++ {
++ const char * sanitized_name;
++
++ /* If we want to sanitize the name, we do it here, and
++ temporarily clobber it while calling bfd_print_symbol.
++ FIXME: This is a gross hack. */
++ sanitized_name = sanitize_string (name);
++ if (sanitized_name != name)
++ (*current)->name = sanitized_name;
++ else
++ sanitized_name = NULL;
++ bfd_print_symbol (cur_bfd, stdout, *current,
++ bfd_print_symbol_all);
++ if (sanitized_name != NULL)
++ (*current)->name = name;
++ }
+ else
+ bfd_print_symbol (cur_bfd, stdout, *current,
+ bfd_print_symbol_all);
+@@ -5162,7 +5318,7 @@ main (int argc, char **argv)
+ set_default_bfd_target ();
+
+ while ((c = getopt_long (argc, argv,
+- "pP:ib:m:M:VvCdDlfFaHhrRtTxsSI:j:wE:zgeGW::",
++ "pP:ib:m:U:M:VvCdDlfFaHhrRtTxsSI:j:wE:zgeGW::",
+ long_options, (int *) 0))
+ != EOF)
+ {
+@@ -5441,6 +5597,23 @@ main (int argc, char **argv)
+ seenflag = TRUE;
+ break;
+
++ case 'U':
++ if (streq (optarg, "default") || streq (optarg, "d"))
++ unicode_display = unicode_default;
++ else if (streq (optarg, "locale") || streq (optarg, "l"))
++ unicode_display = unicode_locale;
++ else if (streq (optarg, "escape") || streq (optarg, "e"))
++ unicode_display = unicode_escape;
++ else if (streq (optarg, "invalid") || streq (optarg, "i"))
++ unicode_display = unicode_invalid;
++ else if (streq (optarg, "hex") || streq (optarg, "x"))
++ unicode_display = unicode_hex;
++ else if (streq (optarg, "highlight") || streq (optarg, "h"))
++ unicode_display = unicode_highlight;
++ else
++ fatal (_("invalid argument to -U/--unicode: %s"), optarg);
++ break;
++
+ case 'H':
+ usage (stdout, 0);
+ /* No need to set seenflag or to break - usage() does not return. */
+diff --git a/binutils/readelf.c b/binutils/readelf.c
+--- a/binutils/readelf.c 2021-12-23 03:23:42.065783023 -0800
++++ b/binutils/readelf.c 2021-12-23 03:30:36.582877519 -0800
+@@ -321,6 +321,19 @@ typedef enum print_mode
+ }
+ print_mode;
+
++typedef enum unicode_display_type
++{
++ unicode_default = 0,
++ unicode_locale,
++ unicode_escape,
++ unicode_hex,
++ unicode_highlight,
++ unicode_invalid
++} unicode_display_type;
++
++static unicode_display_type unicode_display = unicode_default;
++
++
+ /* Versioned symbol info. */
+ enum versioned_symbol_info
+ {
+@@ -613,11 +626,18 @@ print_symbol (signed int width, const ch
+ if (c == 0)
+ break;
+
+- /* Do not print control characters directly as they can affect terminal
+- settings. Such characters usually appear in the names generated
+- by the assembler for local labels. */
+- if (ISCNTRL (c))
++ if (ISPRINT (c))
++ {
++ putchar (c);
++ width_remaining --;
++ num_printed ++;
++ }
++ else if (ISCNTRL (c))
+ {
++ /* Do not print control characters directly as they can affect terminal
++ settings. Such characters usually appear in the names generated
++ by the assembler for local labels. */
++
+ if (width_remaining < 2)
+ break;
+
+@@ -625,11 +645,137 @@ print_symbol (signed int width, const ch
+ width_remaining -= 2;
+ num_printed += 2;
+ }
+- else if (ISPRINT (c))
++ else if (c == 0x7f)
+ {
+- putchar (c);
+- width_remaining --;
+- num_printed ++;
++ if (width_remaining < 5)
++ break;
++ printf ("<DEL>");
++ width_remaining -= 5;
++ num_printed += 5;
++ }
++ else if (unicode_display != unicode_locale
++ && unicode_display != unicode_default)
++ {
++ /* Display unicode characters as something else. */
++ unsigned char bytes[4];
++ bfd_boolean is_utf8;
++ unsigned int nbytes;
++
++ bytes[0] = c;
++
++ if (bytes[0] < 0xc0)
++ {
++ nbytes = 1;
++ is_utf8 = FALSE;
++ }
++ else
++ {
++ bytes[1] = *symbol++;
++
++ if ((bytes[1] & 0xc0) != 0x80)
++ {
++ is_utf8 = FALSE;
++ /* Do not consume this character. It may only
++ be the first byte in the sequence that was
++ corrupt. */
++ --symbol;
++ nbytes = 1;
++ }
++ else if ((bytes[0] & 0x20) == 0)
++ {
++ is_utf8 = TRUE;
++ nbytes = 2;
++ }
++ else
++ {
++ bytes[2] = *symbol++;
++
++ if ((bytes[2] & 0xc0) != 0x80)
++ {
++ is_utf8 = FALSE;
++ symbol -= 2;
++ nbytes = 1;
++ }
++ else if ((bytes[0] & 0x10) == 0)
++ {
++ is_utf8 = TRUE;
++ nbytes = 3;
++ }
++ else
++ {
++ bytes[3] = *symbol++;
++
++ nbytes = 4;
++
++ if ((bytes[3] & 0xc0) != 0x80)
++ {
++ is_utf8 = FALSE;
++ symbol -= 3;
++ nbytes = 1;
++ }
++ else
++ is_utf8 = TRUE;
++ }
++ }
++ }
++
++ if (unicode_display == unicode_invalid)
++ is_utf8 = FALSE;
++
++ if (unicode_display == unicode_hex || ! is_utf8)
++ {
++ unsigned int i;
++
++ if (width_remaining < (nbytes * 2) + 2)
++ break;
++
++ putchar (is_utf8 ? '<' : '{');
++ printf ("0x");
++ for (i = 0; i < nbytes; i++)
++ printf ("%02x", bytes[i]);
++ putchar (is_utf8 ? '>' : '}');
++ }
++ else
++ {
++ if (unicode_display == unicode_highlight && isatty (1))
++ printf ("\x1B[31;47m"); /* Red. */
++
++ switch (nbytes)
++ {
++ case 2:
++ if (width_remaining < 6)
++ break;
++ printf ("\\u%02x%02x",
++ (bytes[0] & 0x1c) >> 2,
++ ((bytes[0] & 0x03) << 6) | (bytes[1] & 0x3f));
++ break;
++ case 3:
++ if (width_remaining < 6)
++ break;
++ printf ("\\u%02x%02x",
++ ((bytes[0] & 0x0f) << 4) | ((bytes[1] & 0x3c) >> 2),
++ ((bytes[1] & 0x03) << 6) | (bytes[2] & 0x3f));
++ break;
++ case 4:
++ if (width_remaining < 8)
++ break;
++ printf ("\\u%02x%02x%02x",
++ ((bytes[0] & 0x07) << 6) | ((bytes[1] & 0x3c) >> 2),
++ ((bytes[1] & 0x03) << 6) | ((bytes[2] & 0x3c) >> 2),
++ ((bytes[2] & 0x03) << 6) | (bytes[3] & 0x3f));
++
++ break;
++ default:
++ /* URG. */
++ break;
++ }
++
++ if (unicode_display == unicode_highlight && isatty (1))
++ printf ("\033[0m"); /* Default colour. */
++ }
++
++ if (bytes[nbytes - 1] == 0)
++ break;
+ }
+ else
+ {
+@@ -4556,6 +4702,7 @@ static struct option options[] =
+ {"syms", no_argument, 0, 's'},
+ {"silent-truncation",no_argument, 0, 'T'},
+ {"section-details", no_argument, 0, 't'},
++ {"unicode", required_argument, NULL, 'U'},
+ {"unwind", no_argument, 0, 'u'},
+ {"version-info", no_argument, 0, 'V'},
+ {"version", no_argument, 0, 'v'},
+@@ -4609,6 +4756,11 @@ usage (FILE * stream)
+ --no-demangle Do not demangle low-level symbol names. (This is the default)\n\
+ --recurse-limit Enable a demangling recursion limit. (This is the default)\n\
+ --no-recurse-limit Disable a demangling recursion limit\n\
++ -U[dlexhi] --unicode=[default|locale|escape|hex|highlight|invalid]\n\
++ Display unicode characters as determined by the current locale\n\
++ (default), escape sequences, \"<hex sequences>\", highlighted\n\
++ escape sequences, or treat them as invalid and display as\n\
++ \"{hex sequences}\"\n\
+ -n --notes Display the core notes (if present)\n\
+ -r --relocs Display the relocations (if present)\n\
+ -u --unwind Display the unwind info (if present)\n\
+@@ -4749,7 +4901,7 @@ parse_args (struct dump_data *dumpdata,
+ usage (stderr);
+
+ while ((c = getopt_long
+- (argc, argv, "ACDHILNR:STVWacdeghi:lnp:rstuvw::x:z", options, NULL)) != EOF)
++ (argc, argv, "ACDHILNR:STU:VWacdeghi:lnp:rstuvw::x:z", options, NULL)) != EOF)
+ {
+ switch (c)
+ {
+@@ -4943,6 +5095,24 @@ parse_args (struct dump_data *dumpdata,
+ case OPTION_WITH_SYMBOL_VERSIONS:
+ /* Ignored for backward compatibility. */
+ break;
++ case 'U':
++ if (optarg == NULL)
++ error (_("Missing arg to -U/--unicode")); /* Can this happen ? */
++ else if (streq (optarg, "default") || streq (optarg, "d"))
++ unicode_display = unicode_default;
++ else if (streq (optarg, "locale") || streq (optarg, "l"))
++ unicode_display = unicode_locale;
++ else if (streq (optarg, "escape") || streq (optarg, "e"))
++ unicode_display = unicode_escape;
++ else if (streq (optarg, "invalid") || streq (optarg, "i"))
++ unicode_display = unicode_invalid;
++ else if (streq (optarg, "hex") || streq (optarg, "x"))
++ unicode_display = unicode_hex;
++ else if (streq (optarg, "highlight") || streq (optarg, "h"))
++ unicode_display = unicode_highlight;
++ else
++ error (_("invalid argument to -U/--unicode: %s"), optarg);
++ break;
+
+ default:
+ /* xgettext:c-format */
+diff --git a/binutils/strings.c b/binutils/strings.c
+--- a/binutils/strings.c 2021-12-23 03:23:38.485842662 -0800
++++ b/binutils/strings.c 2021-12-23 03:30:36.586877452 -0800
+@@ -55,6 +55,19 @@
+ -T {bfdname}
+ Specify a non-default object file format.
+
++ --unicode={default|locale|invalid|hex|escape|highlight}
++ -u {d|l|i|x|e|h}
++ Determine how to handle UTF-8 unicode characters. The default
++ is no special treatment. All other versions of this option
++ only apply if the encoding is valid and enabling the option
++ implies --encoding=S.
++ The 'locale' option displays the characters according to the
++ current locale. The 'invalid' option treats them as
++ non-string characters. The 'hex' option displays them as hex
++ byte sequences. The 'escape' option displays them as escape
++ sequences and the 'highlight' option displays them as
++ coloured escape sequences.
++
+ --output-separator=sep_string
+ -s sep_string String used to separate parsed strings in output.
+ Default is newline.
+@@ -76,6 +89,22 @@
+ #include "safe-ctype.h"
+ #include "bucomm.h"
+
++#ifndef streq
++#define streq(a,b) (strcmp ((a),(b)) == 0)
++#endif
++
++typedef enum unicode_display_type
++{
++ unicode_default = 0,
++ unicode_locale,
++ unicode_escape,
++ unicode_hex,
++ unicode_highlight,
++ unicode_invalid
++} unicode_display_type;
++
++static unicode_display_type unicode_display = unicode_default;
++
+ #define STRING_ISGRAPHIC(c) \
+ ( (c) >= 0 \
+ && (c) <= 255 \
+@@ -94,7 +123,7 @@ extern int errno;
+ static int address_radix;
+
+ /* Minimum length of sequence of graphic chars to trigger output. */
+-static int string_min;
++static unsigned int string_min;
+
+ /* Whether or not we include all whitespace as a graphic char. */
+ static bfd_boolean include_all_whitespace;
+@@ -121,21 +150,22 @@ static char *output_separator;
+ static struct option long_options[] =
+ {
+ {"all", no_argument, NULL, 'a'},
++ {"bytes", required_argument, NULL, 'n'},
+ {"data", no_argument, NULL, 'd'},
++ {"encoding", required_argument, NULL, 'e'},
++ {"help", no_argument, NULL, 'h'},
++ {"include-all-whitespace", no_argument, NULL, 'w'},
++ {"output-separator", required_argument, NULL, 's'},
+ {"print-file-name", no_argument, NULL, 'f'},
+- {"bytes", required_argument, NULL, 'n'},
+ {"radix", required_argument, NULL, 't'},
+- {"include-all-whitespace", no_argument, NULL, 'w'},
+- {"encoding", required_argument, NULL, 'e'},
+ {"target", required_argument, NULL, 'T'},
+- {"output-separator", required_argument, NULL, 's'},
+- {"help", no_argument, NULL, 'h'},
++ {"unicode", required_argument, NULL, 'U'},
+ {"version", no_argument, NULL, 'v'},
+ {NULL, 0, NULL, 0}
+ };
+
+ static bfd_boolean strings_file (char *);
+-static void print_strings (const char *, FILE *, file_ptr, int, int, char *);
++static void print_strings (const char *, FILE *, file_ptr, int, char *);
+ static void usage (FILE *, int) ATTRIBUTE_NORETURN;
+
+ int main (int, char **);
+@@ -173,7 +203,7 @@ main (int argc, char **argv)
+ encoding = 's';
+ output_separator = NULL;
+
+- while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:s:Vv0123456789",
++ while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:s:U:Vv0123456789",
+ long_options, (int *) 0)) != EOF)
+ {
+ switch (optc)
+@@ -244,7 +274,24 @@ main (int argc, char **argv)
+
+ case 's':
+ output_separator = optarg;
+- break;
++ break;
++
++ case 'U':
++ if (streq (optarg, "default") || streq (optarg, "d"))
++ unicode_display = unicode_default;
++ else if (streq (optarg, "locale") || streq (optarg, "l"))
++ unicode_display = unicode_locale;
++ else if (streq (optarg, "escape") || streq (optarg, "e"))
++ unicode_display = unicode_escape;
++ else if (streq (optarg, "invalid") || streq (optarg, "i"))
++ unicode_display = unicode_invalid;
++ else if (streq (optarg, "hex") || streq (optarg, "x"))
++ unicode_display = unicode_hex;
++ else if (streq (optarg, "highlight") || streq (optarg, "h"))
++ unicode_display = unicode_highlight;
++ else
++ fatal (_("invalid argument to -U/--unicode: %s"), optarg);
++ break;
+
+ case 'V':
+ case 'v':
+@@ -260,6 +307,9 @@ main (int argc, char **argv)
+ }
+ }
+
++ if (unicode_display != unicode_default)
++ encoding = 'S';
++
+ if (numeric_opt != 0)
+ {
+ string_min = (int) strtoul (argv[numeric_opt - 1] + 1, &s, 0);
+@@ -295,14 +345,14 @@ main (int argc, char **argv)
+ {
+ datasection_only = FALSE;
+ SET_BINARY (fileno (stdin));
+- print_strings ("{standard input}", stdin, 0, 0, 0, (char *) NULL);
++ print_strings ("{standard input}", stdin, 0, 0, (char *) NULL);
+ files_given = TRUE;
+ }
+ else
+ {
+ for (; optind < argc; ++optind)
+ {
+- if (strcmp (argv[optind], "-") == 0)
++ if (streq (argv[optind], "-"))
+ datasection_only = FALSE;
+ else
+ {
+@@ -344,7 +394,7 @@ strings_a_section (bfd *abfd, asection *
+ }
+
+ *got_a_section = TRUE;
+- print_strings (filename, NULL, sect->filepos, 0, sectsize, (char *) mem);
++ print_strings (filename, NULL, sect->filepos, sectsize, (char *) mem);
+ free (mem);
+ }
+
+@@ -429,7 +479,7 @@ strings_file (char *file)
+ return FALSE;
+ }
+
+- print_strings (file, stream, (file_ptr) 0, 0, 0, (char *) 0);
++ print_strings (file, stream, (file_ptr) 0, 0, (char *) NULL);
+
+ if (fclose (stream) == EOF)
+ {
+@@ -553,11 +603,632 @@ unget_part_char (long c, file_ptr *addre
+ }
+ }
+ }
++
++
++static void
++print_filename_and_address (const char * filename, file_ptr address)
++{
++ if (print_filenames)
++ printf ("%s: ", filename);
++
++ if (! print_addresses)
++ return;
++
++ switch (address_radix)
++ {
++ case 8:
++ if (sizeof (address) > sizeof (long))
++ {
++#ifndef __MSVCRT__
++ printf ("%7llo ", (unsigned long long) address);
++#else
++ printf ("%7I64o ", (unsigned long long) address);
++#endif
++ }
++ else
++ printf ("%7lo ", (unsigned long) address);
++ break;
++
++ case 10:
++ if (sizeof (address) > sizeof (long))
++ {
++#ifndef __MSVCRT__
++ printf ("%7llu ", (unsigned long long) address);
++#else
++ printf ("%7I64d ", (unsigned long long) address);
++#endif
++ }
++ else
++ printf ("%7ld ", (long) address);
++ break;
++
++ case 16:
++ if (sizeof (address) > sizeof (long))
++ {
++#ifndef __MSVCRT__
++ printf ("%7llx ", (unsigned long long) address);
++#else
++ printf ("%7I64x ", (unsigned long long) address);
++#endif
++ }
++ else
++ printf ("%7lx ", (unsigned long) address);
++ break;
++ }
++}
++
++/* Return non-zero if the bytes starting at BUFFER form a valid UTF-8 encoding.
++ If the encoding is valid then returns the number of bytes it uses. */
++
++static unsigned int
++is_valid_utf8 (const unsigned char * buffer, unsigned long buflen)
++{
++ if (buffer[0] < 0xc0)
++ return 0;
++
++ if (buflen < 2)
++ return 0;
++
++ if ((buffer[1] & 0xc0) != 0x80)
++ return 0;
++
++ if ((buffer[0] & 0x20) == 0)
++ return 2;
++
++ if (buflen < 3)
++ return 0;
++
++ if ((buffer[2] & 0xc0) != 0x80)
++ return 0;
++
++ if ((buffer[0] & 0x10) == 0)
++ return 3;
++
++ if (buflen < 4)
++ return 0;
++
++ if ((buffer[3] & 0xc0) != 0x80)
++ return 0;
++
++ return 4;
++}
++
++/* Display a UTF-8 encoded character in BUFFER according to the setting
++ of unicode_display. The character is known to be valid.
++ Returns the number of bytes consumed. */
++
++static unsigned int
++display_utf8_char (const unsigned char * buffer)
++{
++ unsigned int j;
++ unsigned int utf8_len;
++
++ switch (buffer[0] & 0x30)
++ {
++ case 0x00:
++ case 0x10:
++ utf8_len = 2;
++ break;
++ case 0x20:
++ utf8_len = 3;
++ break;
++ default:
++ utf8_len = 4;
++ }
++
++ switch (unicode_display)
++ {
++ default:
++ fprintf (stderr, "ICE: unexpected unicode display type\n");
++ break;
++
++ case unicode_escape:
++ case unicode_highlight:
++ if (unicode_display == unicode_highlight && isatty (1))
++ printf ("\x1B[31;47m"); /* Red. */
++
++ switch (utf8_len)
++ {
++ case 2:
++ printf ("\\u%02x%02x",
++ ((buffer[0] & 0x1c) >> 2),
++ ((buffer[0] & 0x03) << 6) | (buffer[1] & 0x3f));
++ break;
++
++ case 3:
++ printf ("\\u%02x%02x",
++ ((buffer[0] & 0x0f) << 4) | ((buffer[1] & 0x3c) >> 2),
++ ((buffer[1] & 0x03) << 6) | ((buffer[2] & 0x3f)));
++ break;
++
++ case 4:
++ printf ("\\u%02x%02x%02x",
++ ((buffer[0] & 0x07) << 6) | ((buffer[1] & 0x3c) >> 2),
++ ((buffer[1] & 0x03) << 6) | ((buffer[2] & 0x3c) >> 2),
++ ((buffer[2] & 0x03) << 6) | ((buffer[3] & 0x3f)));
++ break;
++ default:
++ /* URG. */
++ break;
++ }
++
++ if (unicode_display == unicode_highlight && isatty (1))
++ printf ("\033[0m"); /* Default colour. */
++ break;
++
++ case unicode_hex:
++ putchar ('<');
++ printf ("0x");
++ for (j = 0; j < utf8_len; j++)
++ printf ("%02x", buffer [j]);
++ putchar ('>');
++ break;
++
++ case unicode_locale:
++ printf ("%.1s", buffer);
++ break;
++ }
++
++ return utf8_len;
++}
++
++/* Display strings in BUFFER. Treat any UTF-8 encoded characters encountered
++ according to the setting of the unicode_display variable. The buffer
++ contains BUFLEN bytes.
++
++ Display the characters as if they started at ADDRESS and are contained in
++ FILENAME. */
++
++static void
++print_unicode_buffer (const char * filename,
++ file_ptr address,
++ const unsigned char * buffer,
++ unsigned long buflen)
++{
++ /* Paranoia checks... */
++ if (filename == NULL
++ || buffer == NULL
++ || unicode_display == unicode_default
++ || encoding != 'S'
++ || encoding_bytes != 1)
++ {
++ fprintf (stderr, "ICE: bad arguments to print_unicode_buffer\n");
++ return;
++ }
++
++ if (buflen == 0)
++ return;
++
++ /* We must only display strings that are at least string_min *characters*
++ long. So we scan the buffer in two stages. First we locate the start
++ of a potential string. Then we walk along it until we have found
++ string_min characters. Then we go back to the start point and start
++ displaying characters according to the unicode_display setting. */
++
++ unsigned long start_point = 0;
++ unsigned long i = 0;
++ unsigned int char_len = 1;
++ unsigned int num_found = 0;
++
++ for (i = 0; i < buflen; i += char_len)
++ {
++ int c = buffer[i];
++
++ char_len = 1;
++
++ /* Find the first potential character of a string. */
++ if (! STRING_ISGRAPHIC (c))
++ {
++ num_found = 0;
++ continue;
++ }
++
++ if (c > 126)
++ {
++ if (c < 0xc0)
++ {
++ num_found = 0;
++ continue;
++ }
++
++ if ((char_len = is_valid_utf8 (buffer + i, buflen - i)) == 0)
++ {
++ char_len = 1;
++ num_found = 0;
++ continue;
++ }
++
++ if (unicode_display == unicode_invalid)
++ {
++ /* We have found a valid UTF-8 character, but we treat it as non-graphic. */
++ num_found = 0;
++ continue;
++ }
++ }
++
++ if (num_found == 0)
++ /* We have found a potential starting point for a string. */
++ start_point = i;
++
++ ++ num_found;
++
++ if (num_found >= string_min)
++ break;
++ }
++
++ if (num_found < string_min)
++ return;
++
++ print_filename_and_address (filename, address + start_point);
++
++ /* We have found string_min characters. Display them and any
++ more that follow. */
++ for (i = start_point; i < buflen; i += char_len)
++ {
++ int c = buffer[i];
++
++ char_len = 1;
++
++ if (! STRING_ISGRAPHIC (c))
++ break;
++ else if (c < 127)
++ putchar (c);
++ else if (! is_valid_utf8 (buffer + i, buflen - i))
++ break;
++ else if (unicode_display == unicode_invalid)
++ break;
++ else
++ char_len = display_utf8_char (buffer + i);
++ }
++
++ if (output_separator)
++ fputs (output_separator, stdout);
++ else
++ putchar ('\n');
++
++ /* FIXME: Using tail recursion here is lazy programming... */
++ print_unicode_buffer (filename, address + i, buffer + i, buflen - i);
++}
++
++static int
++get_unicode_byte (FILE * stream,
++ unsigned char * putback,
++ unsigned int * num_putback,
++ unsigned int * num_read)
++{
++ if (* num_putback > 0)
++ {
++ * num_putback = * num_putback - 1;
++ return putback [* num_putback];
++ }
++
++ * num_read = * num_read + 1;
++
++#if defined(HAVE_GETC_UNLOCKED) && HAVE_DECL_GETC_UNLOCKED
++ return getc_unlocked (stream);
++#else
++ return getc (stream);
++#endif
++}
++
++/* Helper function for print_unicode_stream. */
++
++static void
++print_unicode_stream_body (const char * filename,
++ file_ptr address,
++ FILE * stream,
++ unsigned char * putback_buf,
++ unsigned int num_putback,
++ unsigned char * print_buf)
++{
++ /* It would be nice if we could just read the stream into a buffer
++ and then process if with print_unicode_buffer. But the input
++ might be huge or it might time-locked (eg stdin). So instead
++ we go one byte at a time... */
++
++ file_ptr start_point = 0;
++ unsigned int num_read = 0;
++ unsigned int num_chars = 0;
++ unsigned int num_print = 0;
++ int c;
++
++ /* Find a series of string_min characters. Put them into print_buf. */
++ do
++ {
++ if (num_chars >= string_min)
++ break;
++
++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
++ if (c == EOF)
++ break;
++
++ if (! STRING_ISGRAPHIC (c))
++ {
++ num_chars = num_print = 0;
++ continue;
++ }
++
++ if (num_chars == 0)
++ start_point = num_read - 1;
++
++ if (c < 127)
++ {
++ print_buf[num_print] = c;
++ num_chars ++;
++ num_print ++;
++ continue;
++ }
++
++ if (c < 0xc0)
++ {
++ num_chars = num_print = 0;
++ continue;
++ }
++
++ /* We *might* have a UTF-8 sequence. Time to start peeking. */
++ char utf8[4];
++
++ utf8[0] = c;
++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
++ if (c == EOF)
++ break;
++ utf8[1] = c;
++
++ if ((utf8[1] & 0xc0) != 0x80)
++ {
++ /* Invalid UTF-8. */
++ putback_buf[num_putback++] = utf8[1];
++ num_chars = num_print = 0;
++ continue;
++ }
++ else if ((utf8[0] & 0x20) == 0)
++ {
++ /* A valid 2-byte UTF-8 encoding. */
++ if (unicode_display == unicode_invalid)
++ {
++ putback_buf[num_putback++] = utf8[1];
++ num_chars = num_print = 0;
++ }
++ else
++ {
++ print_buf[num_print ++] = utf8[0];
++ print_buf[num_print ++] = utf8[1];
++ num_chars ++;
++ }
++ continue;
++ }
++
++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
++ if (c == EOF)
++ break;
++ utf8[2] = c;
++
++ if ((utf8[2] & 0xc0) != 0x80)
++ {
++ /* Invalid UTF-8. */
++ putback_buf[num_putback++] = utf8[2];
++ putback_buf[num_putback++] = utf8[1];
++ num_chars = num_print = 0;
++ continue;
++ }
++ else if ((utf8[0] & 0x10) == 0)
++ {
++ /* A valid 3-byte UTF-8 encoding. */
++ if (unicode_display == unicode_invalid)
++ {
++ putback_buf[num_putback++] = utf8[2];
++ putback_buf[num_putback++] = utf8[1];
++ num_chars = num_print = 0;
++ }
++ else
++ {
++ print_buf[num_print ++] = utf8[0];
++ print_buf[num_print ++] = utf8[1];
++ print_buf[num_print ++] = utf8[2];
++ num_chars ++;
++ }
++ continue;
++ }
++
++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
++ if (c == EOF)
++ break;
++ utf8[3] = c;
++
++ if ((utf8[3] & 0xc0) != 0x80)
++ {
++ /* Invalid UTF-8. */
++ putback_buf[num_putback++] = utf8[3];
++ putback_buf[num_putback++] = utf8[2];
++ putback_buf[num_putback++] = utf8[1];
++ num_chars = num_print = 0;
++ }
++ /* We have a valid 4-byte UTF-8 encoding. */
++ else if (unicode_display == unicode_invalid)
++ {
++ putback_buf[num_putback++] = utf8[3];
++ putback_buf[num_putback++] = utf8[1];
++ putback_buf[num_putback++] = utf8[2];
++ num_chars = num_print = 0;
++ }
++ else
++ {
++ print_buf[num_print ++] = utf8[0];
++ print_buf[num_print ++] = utf8[1];
++ print_buf[num_print ++] = utf8[2];
++ print_buf[num_print ++] = utf8[3];
++ num_chars ++;
++ }
++ }
++ while (1);
++
++ if (num_chars >= string_min)
++ {
++ /* We know that we have string_min valid characters in print_buf,
++ and there may be more to come in the stream. Start displaying
++ them. */
++
++ print_filename_and_address (filename, address + start_point);
++
++ unsigned int i;
++ for (i = 0; i < num_print;)
++ {
++ if (print_buf[i] < 127)
++ putchar (print_buf[i++]);
++ else
++ i += display_utf8_char (print_buf + i);
++ }
++
++ /* OK so now we have to start read unchecked bytes. */
++
++ /* Find a series of string_min characters. Put them into print_buf. */
++ do
++ {
++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
++ if (c == EOF)
++ break;
++
++ if (! STRING_ISGRAPHIC (c))
++ break;
++
++ if (c < 127)
++ {
++ putchar (c);
++ continue;
++ }
++
++ if (c < 0xc0)
++ break;
++
++ /* We *might* have a UTF-8 sequence. Time to start peeking. */
++ unsigned char utf8[4];
++
++ utf8[0] = c;
++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
++ if (c == EOF)
++ break;
++ utf8[1] = c;
++
++ if ((utf8[1] & 0xc0) != 0x80)
++ {
++ /* Invalid UTF-8. */
++ putback_buf[num_putback++] = utf8[1];
++ break;
++ }
++ else if ((utf8[0] & 0x20) == 0)
++ {
++ /* Valid 2-byte UTF-8. */
++ if (unicode_display == unicode_invalid)
++ {
++ putback_buf[num_putback++] = utf8[1];
++ break;
++ }
++ else
++ {
++ (void) display_utf8_char (utf8);
++ continue;
++ }
++ }
++
++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
++ if (c == EOF)
++ break;
++ utf8[2] = c;
++
++ if ((utf8[2] & 0xc0) != 0x80)
++ {
++ /* Invalid UTF-8. */
++ putback_buf[num_putback++] = utf8[2];
++ putback_buf[num_putback++] = utf8[1];
++ break;
++ }
++ else if ((utf8[0] & 0x10) == 0)
++ {
++ /* Valid 3-byte UTF-8. */
++ if (unicode_display == unicode_invalid)
++ {
++ putback_buf[num_putback++] = utf8[2];
++ putback_buf[num_putback++] = utf8[1];
++ break;
++ }
++ else
++ {
++ (void) display_utf8_char (utf8);
++ continue;
++ }
++ }
++
++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
++ if (c == EOF)
++ break;
++ utf8[3] = c;
++
++ if ((utf8[3] & 0xc0) != 0x80)
++ {
++ /* Invalid UTF-8. */
++ putback_buf[num_putback++] = utf8[3];
++ putback_buf[num_putback++] = utf8[2];
++ putback_buf[num_putback++] = utf8[1];
++ break;
++ }
++ else if (unicode_display == unicode_invalid)
++ {
++ putback_buf[num_putback++] = utf8[3];
++ putback_buf[num_putback++] = utf8[2];
++ putback_buf[num_putback++] = utf8[1];
++ break;
++ }
++ else
++ /* A valid 4-byte UTF-8 encoding. */
++ (void) display_utf8_char (utf8);
++ }
++ while (1);
++
++ if (output_separator)
++ fputs (output_separator, stdout);
++ else
++ putchar ('\n');
++ }
++
++ if (c != EOF)
++ /* FIXME: Using tail recursion here is lazy, but it works. */
++ print_unicode_stream_body (filename, address + num_read, stream, putback_buf, num_putback, print_buf);
++}
++
++/* Display strings read in from STREAM. Treat any UTF-8 encoded characters
++ encountered according to the setting of the unicode_display variable.
++ The stream is positioned at ADDRESS and is attached to FILENAME. */
++
++static void
++print_unicode_stream (const char * filename,
++ file_ptr address,
++ FILE * stream)
++{
++ /* Paranoia checks... */
++ if (filename == NULL
++ || stream == NULL
++ || unicode_display == unicode_default
++ || encoding != 'S'
++ || encoding_bytes != 1)
++ {
++ fprintf (stderr, "ICE: bad arguments to print_unicode_stream\n");
++ return;
++ }
++
++ /* Allocate space for string_min 4-byte utf-8 characters. */
++ unsigned char * print_buf = xmalloc ((4 * string_min) + 1);
++ /* We should never have to put back more than 4 bytes. */
++ unsigned char putback_buf[5];
++ unsigned int num_putback = 0;
++
++ print_unicode_stream_body (filename, address, stream, putback_buf, num_putback, print_buf);
++ free (print_buf);
++}
++
+
+ /* Find the strings in file FILENAME, read from STREAM.
+ Assume that STREAM is positioned so that the next byte read
+ is at address ADDRESS in the file.
+- Stop reading at address STOP_POINT in the file, if nonzero.
+
+ If STREAM is NULL, do not read from it.
+ The caller can supply a buffer of characters
+@@ -568,20 +1239,29 @@ unget_part_char (long c, file_ptr *addre
+
+ static void
+ print_strings (const char *filename, FILE *stream, file_ptr address,
+- int stop_point, int magiccount, char *magic)
++ int magiccount, char *magic)
+ {
++ if (unicode_display != unicode_default)
++ {
++ if (magic != NULL)
++ print_unicode_buffer (filename, address,
++ (const unsigned char *) magic, magiccount);
++
++ if (stream != NULL)
++ print_unicode_stream (filename, address, stream);
++ return;
++ }
++
+ char *buf = (char *) xmalloc (sizeof (char) * (string_min + 1));
+
+ while (1)
+ {
+ file_ptr start;
+- int i;
++ unsigned int i;
+ long c;
+
+ /* See if the next `string_min' chars are all graphic chars. */
+ tryline:
+- if (stop_point && address >= stop_point)
+- break;
+ start = address;
+ for (i = 0; i < string_min; i++)
+ {
+@@ -604,69 +1284,7 @@ print_strings (const char *filename, FIL
+ /* We found a run of `string_min' graphic characters. Print up
+ to the next non-graphic character. */
+
+- if (print_filenames)
+- printf ("%s: ", filename);
+- if (print_addresses)
+- switch (address_radix)
+- {
+- case 8:
+-#ifdef HAVE_LONG_LONG
+- if (sizeof (start) > sizeof (long))
+- {
+-# ifndef __MSVCRT__
+- printf ("%7llo ", (unsigned long long) start);
+-# else
+- printf ("%7I64o ", (unsigned long long) start);
+-# endif
+- }
+- else
+-#elif !BFD_HOST_64BIT_LONG
+- if (start != (unsigned long) start)
+- printf ("++%7lo ", (unsigned long) start);
+- else
+-#endif
+- printf ("%7lo ", (unsigned long) start);
+- break;
+-
+- case 10:
+-#ifdef HAVE_LONG_LONG
+- if (sizeof (start) > sizeof (long))
+- {
+-# ifndef __MSVCRT__
+- printf ("%7llu ", (unsigned long long) start);
+-# else
+- printf ("%7I64d ", (unsigned long long) start);
+-# endif
+- }
+- else
+-#elif !BFD_HOST_64BIT_LONG
+- if (start != (unsigned long) start)
+- printf ("++%7lu ", (unsigned long) start);
+- else
+-#endif
+- printf ("%7ld ", (long) start);
+- break;
+-
+- case 16:
+-#ifdef HAVE_LONG_LONG
+- if (sizeof (start) > sizeof (long))
+- {
+-# ifndef __MSVCRT__
+- printf ("%7llx ", (unsigned long long) start);
+-# else
+- printf ("%7I64x ", (unsigned long long) start);
+-# endif
+- }
+- else
+-#elif !BFD_HOST_64BIT_LONG
+- if (start != (unsigned long) start)
+- printf ("%lx%8.8lx ", (unsigned long) (start >> 32),
+- (unsigned long) (start & 0xffffffff));
+- else
+-#endif
+- printf ("%7lx ", (unsigned long) start);
+- break;
+- }
++ print_filename_and_address (filename, start);
+
+ buf[i] = '\0';
+ fputs (buf, stdout);
+@@ -718,6 +1336,8 @@ usage (FILE *stream, int status)
+ -T --target=<BFDNAME> Specify the binary file format\n\
+ -e --encoding={s,S,b,l,B,L} Select character size and endianness:\n\
+ s = 7-bit, S = 8-bit, {b,l} = 16-bit, {B,L} = 32-bit\n\
++ --unicode={default|show|invalid|hex|escape|highlight}\n\
++ -u {d|s|i|x|e|h} Specify how to treat UTF-8 encoded unicode characters\n\
+ -s --output-separator=<string> String used to separate strings in output.\n\
+ @<file> Read options from <file>\n\
+ -h --help Display this information\n\
diff --git a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch
new file mode 100644
index 0000000000..f118e2599b
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch
@@ -0,0 +1,255 @@
+From 161e87d12167b1e36193385485c1f6ce92f74f02 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Wed, 15 Dec 2021 11:48:42 +1030
+Subject: [PATCH] PR28694, Out-of-bounds write in stab_xcoff_builtin_type
+
+ PR 28694
+ * stabs.c (stab_xcoff_builtin_type): Make typenum unsigned.
+ Negate typenum earlier, simplifying bounds checking. Correct
+ off-by-one indexing. Adjust switch cases.
+
+
+CVE: CVE-2021-45078
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=161e87d12167b1e36193385485c1f6ce92f74f02]
+
+Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com>
+---
+ binutils/stabs.c | 87 ++++++++++++++++++++++++------------------------
+ 1 file changed, 43 insertions(+), 44 deletions(-)
+
+
+diff --git a/binutils/stabs.c b/binutils/stabs.c
+index 274bfb0e7fa..83ee3ea5fa4 100644
+--- a/binutils/stabs.c
++++ b/binutils/stabs.c
+@@ -202,7 +202,7 @@ static debug_type stab_find_type (void *, struct stab_handle *, const int *);
+ static bfd_boolean stab_record_type
+ (void *, struct stab_handle *, const int *, debug_type);
+ static debug_type stab_xcoff_builtin_type
+- (void *, struct stab_handle *, int);
++ (void *, struct stab_handle *, unsigned int);
+ static debug_type stab_find_tagged_type
+ (void *, struct stab_handle *, const char *, int, enum debug_type_kind);
+ static debug_type *stab_demangle_argtypes
+@@ -3496,166 +3496,167 @@ stab_record_type (void *dhandle ATTRIBUTE_UNUSED, struct stab_handle *info,
+
+ static debug_type
+ stab_xcoff_builtin_type (void *dhandle, struct stab_handle *info,
+- int typenum)
++ unsigned int typenum)
+ {
+ debug_type rettype;
+ const char *name;
+
+- if (typenum >= 0 || typenum < -XCOFF_TYPE_COUNT)
++ typenum = -typenum - 1;
++ if (typenum >= XCOFF_TYPE_COUNT)
+ {
+- fprintf (stderr, _("Unrecognized XCOFF type %d\n"), typenum);
++ fprintf (stderr, _("Unrecognized XCOFF type %d\n"), -typenum - 1);
+ return DEBUG_TYPE_NULL;
+ }
+- if (info->xcoff_types[-typenum] != NULL)
+- return info->xcoff_types[-typenum];
++ if (info->xcoff_types[typenum] != NULL)
++ return info->xcoff_types[typenum];
+
+- switch (-typenum)
++ switch (typenum)
+ {
+- case 1:
++ case 0:
+ /* The size of this and all the other types are fixed, defined
+ by the debugging format. */
+ name = "int";
+ rettype = debug_make_int_type (dhandle, 4, FALSE);
+ break;
+- case 2:
++ case 1:
+ name = "char";
+ rettype = debug_make_int_type (dhandle, 1, FALSE);
+ break;
+- case 3:
++ case 2:
+ name = "short";
+ rettype = debug_make_int_type (dhandle, 2, FALSE);
+ break;
+- case 4:
++ case 3:
+ name = "long";
+ rettype = debug_make_int_type (dhandle, 4, FALSE);
+ break;
+- case 5:
++ case 4:
+ name = "unsigned char";
+ rettype = debug_make_int_type (dhandle, 1, TRUE);
+ break;
+- case 6:
++ case 5:
+ name = "signed char";
+ rettype = debug_make_int_type (dhandle, 1, FALSE);
+ break;
+- case 7:
++ case 6:
+ name = "unsigned short";
+ rettype = debug_make_int_type (dhandle, 2, TRUE);
+ break;
+- case 8:
++ case 7:
+ name = "unsigned int";
+ rettype = debug_make_int_type (dhandle, 4, TRUE);
+ break;
+- case 9:
++ case 8:
+ name = "unsigned";
+ rettype = debug_make_int_type (dhandle, 4, TRUE);
+ break;
+- case 10:
++ case 9:
+ name = "unsigned long";
+ rettype = debug_make_int_type (dhandle, 4, TRUE);
+ break;
+- case 11:
++ case 10:
+ name = "void";
+ rettype = debug_make_void_type (dhandle);
+ break;
+- case 12:
++ case 11:
+ /* IEEE single precision (32 bit). */
+ name = "float";
+ rettype = debug_make_float_type (dhandle, 4);
+ break;
+- case 13:
++ case 12:
+ /* IEEE double precision (64 bit). */
+ name = "double";
+ rettype = debug_make_float_type (dhandle, 8);
+ break;
+- case 14:
++ case 13:
+ /* This is an IEEE double on the RS/6000, and different machines
+ with different sizes for "long double" should use different
+ negative type numbers. See stabs.texinfo. */
+ name = "long double";
+ rettype = debug_make_float_type (dhandle, 8);
+ break;
+- case 15:
++ case 14:
+ name = "integer";
+ rettype = debug_make_int_type (dhandle, 4, FALSE);
+ break;
+- case 16:
++ case 15:
+ name = "boolean";
+ rettype = debug_make_bool_type (dhandle, 4);
+ break;
+- case 17:
++ case 16:
+ name = "short real";
+ rettype = debug_make_float_type (dhandle, 4);
+ break;
+- case 18:
++ case 17:
+ name = "real";
+ rettype = debug_make_float_type (dhandle, 8);
+ break;
+- case 19:
++ case 18:
+ /* FIXME */
+ name = "stringptr";
+ rettype = NULL;
+ break;
+- case 20:
++ case 19:
+ /* FIXME */
+ name = "character";
+ rettype = debug_make_int_type (dhandle, 1, TRUE);
+ break;
+- case 21:
++ case 20:
+ name = "logical*1";
+ rettype = debug_make_bool_type (dhandle, 1);
+ break;
+- case 22:
++ case 21:
+ name = "logical*2";
+ rettype = debug_make_bool_type (dhandle, 2);
+ break;
+- case 23:
++ case 22:
+ name = "logical*4";
+ rettype = debug_make_bool_type (dhandle, 4);
+ break;
+- case 24:
++ case 23:
+ name = "logical";
+ rettype = debug_make_bool_type (dhandle, 4);
+ break;
+- case 25:
++ case 24:
+ /* Complex type consisting of two IEEE single precision values. */
+ name = "complex";
+ rettype = debug_make_complex_type (dhandle, 8);
+ break;
+- case 26:
++ case 25:
+ /* Complex type consisting of two IEEE double precision values. */
+ name = "double complex";
+ rettype = debug_make_complex_type (dhandle, 16);
+ break;
+- case 27:
++ case 26:
+ name = "integer*1";
+ rettype = debug_make_int_type (dhandle, 1, FALSE);
+ break;
+- case 28:
++ case 27:
+ name = "integer*2";
+ rettype = debug_make_int_type (dhandle, 2, FALSE);
+ break;
+- case 29:
++ case 28:
+ name = "integer*4";
+ rettype = debug_make_int_type (dhandle, 4, FALSE);
+ break;
+- case 30:
++ case 29:
+ /* FIXME */
+ name = "wchar";
+ rettype = debug_make_int_type (dhandle, 2, FALSE);
+ break;
+- case 31:
++ case 30:
+ name = "long long";
+ rettype = debug_make_int_type (dhandle, 8, FALSE);
+ break;
+- case 32:
++ case 31:
+ name = "unsigned long long";
+ rettype = debug_make_int_type (dhandle, 8, TRUE);
+ break;
+- case 33:
++ case 32:
+ name = "logical*8";
+ rettype = debug_make_bool_type (dhandle, 8);
+ break;
+- case 34:
++ case 33:
+ name = "integer*8";
+ rettype = debug_make_int_type (dhandle, 8, FALSE);
+ break;
+@@ -3664,9 +3665,7 @@ stab_xcoff_builtin_type (void *dhandle, struct stab_handle *info,
+ }
+
+ rettype = debug_name_type (dhandle, name, rettype);
+-
+- info->xcoff_types[-typenum] = rettype;
+-
++ info->xcoff_types[typenum] = rettype;
+ return rettype;
+ }
+
+--
+2.27.0
+
diff --git a/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch
deleted file mode 100644
index 3771f571eb..0000000000
--- a/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch
+++ /dev/null
@@ -1,170 +0,0 @@
-From d3edaa91d4cf7202ec14342410194841e2f67f12 Mon Sep 17 00:00:00 2001
-From: Alan Modra <amodra@gmail.com>
-Date: Fri, 26 Feb 2021 11:30:32 +1030
-Subject: [PATCH] Reinstate various pieces backed out from smart_rename changes
-
-In the interests of a stable release various last minute smart_rename
-patches were backed out of the 2.36 branch. The main reason to
-reinstate some of those backed out changes here is to make necessary
-followup fixes to commit 8e03235147a9 simple cherry-picks from
-mainline. A secondary reason is that ar -M support isn't fixed for
-pr26945 without this patch.
-
- PR 26945
- * ar.c: Don't include libbfd.h.
- (write_archive): Replace xmalloc+strcpy with xstrdup.
- * arsup.c (temp_name, real_ofd): New static variables.
- (ar_open): Use make_tempname and bfd_fdopenw.
- (ar_save): Adjust to suit ar_open changes.
- * objcopy.c: Don't include libbfd.h.
- * rename.c: Rename and reorder variables.
-
-(cherry picked from commit 95b91a043aeaeb546d2fea556d84a2de1e917770)
-
-Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3edaa91d4cf7202ec14342410194841e2f67f12]
-CVE: CVE-2021-20197
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- binutils/ar.c | 4 +---
- binutils/arsup.c | 37 +++++++++++++++++++++++++------------
- binutils/objcopy.c | 1 -
- binutils/rename.c | 6 +++---
- 5 files changed, 42 insertions(+), 19 deletions(-)
-
-diff --git a/binutils/ar.c b/binutils/ar.c
-index 3a91708b51c..44df48c5c67 100644
---- a/binutils/ar.c
-+++ b/binutils/ar.c
-@@ -25,7 +25,6 @@
-
- #include "sysdep.h"
- #include "bfd.h"
--#include "libbfd.h"
- #include "libiberty.h"
- #include "progress.h"
- #include "getopt.h"
-@@ -1255,8 +1254,7 @@ write_archive (bfd *iarch)
- bfd *contents_head = iarch->archive_next;
- int ofd = -1;
-
-- old_name = (char *) xmalloc (strlen (bfd_get_filename (iarch)) + 1);
-- strcpy (old_name, bfd_get_filename (iarch));
-+ old_name = xstrdup (bfd_get_filename (iarch));
- new_name = make_tempname (old_name, &ofd);
-
- if (new_name == NULL)
-diff --git a/binutils/arsup.c b/binutils/arsup.c
-index 0a1f63f6456..f7ce8f0bc82 100644
---- a/binutils/arsup.c
-+++ b/binutils/arsup.c
-@@ -42,6 +42,8 @@ extern int deterministic;
-
- static bfd *obfd;
- static char *real_name;
-+static char *temp_name;
-+static int real_ofd;
- static FILE *outfile;
-
- static void
-@@ -149,27 +151,24 @@ maybequit (void)
- void
- ar_open (char *name, int t)
- {
-- char *tname;
-- const char *bname = lbasename (name);
-- real_name = name;
-+ real_name = xstrdup (name);
-+ temp_name = make_tempname (real_name, &real_ofd);
-
-- /* Prepend tmp- to the beginning, to avoid file-name clashes after
-- truncation on filesystems with limited namespaces (DOS). */
-- if (asprintf (&tname, "%.*stmp-%s", (int) (bname - name), name, bname) == -1)
-+ if (temp_name == NULL)
- {
-- fprintf (stderr, _("%s: Can't allocate memory for temp name (%s)\n"),
-+ fprintf (stderr, _("%s: Can't open temporary file (%s)\n"),
- program_name, strerror(errno));
- maybequit ();
- return;
- }
-
-- obfd = bfd_openw (tname, NULL);
-+ obfd = bfd_fdopenw (temp_name, NULL, real_ofd);
-
- if (!obfd)
- {
- fprintf (stderr,
- _("%s: Can't open output archive %s\n"),
-- program_name, tname);
-+ program_name, temp_name);
-
- maybequit ();
- }
-@@ -344,16 +343,30 @@ ar_save (void)
- }
- else
- {
-- char *ofilename = xstrdup (bfd_get_filename (obfd));
-+ struct stat target_stat;
-
- if (deterministic > 0)
- obfd->flags |= BFD_DETERMINISTIC_OUTPUT;
-
- bfd_close (obfd);
-
-- smart_rename (ofilename, real_name, NULL);
-+ if (stat (real_name, &target_stat) != 0)
-+ {
-+ /* The temp file created in ar_open has mode 0600 as per mkstemp.
-+ Create the real empty output file here so smart_rename will
-+ update the mode according to the process umask. */
-+ obfd = bfd_openw (real_name, NULL);
-+ if (obfd != NULL)
-+ {
-+ bfd_set_format (obfd, bfd_archive);
-+ bfd_close (obfd);
-+ }
-+ }
-+
-+ smart_rename (temp_name, real_name, NULL);
- obfd = 0;
-- free (ofilename);
-+ free (temp_name);
-+ free (real_name);
- }
- }
-
-diff --git a/binutils/objcopy.c b/binutils/objcopy.c
-index 07a872b5a80..73aa8bc2514 100644
---- a/binutils/objcopy.c
-+++ b/binutils/objcopy.c
-@@ -20,7 +20,6 @@
-
- #include "sysdep.h"
- #include "bfd.h"
--#include "libbfd.h"
- #include "progress.h"
- #include "getopt.h"
- #include "libiberty.h"
-diff --git a/binutils/rename.c b/binutils/rename.c
-index f471b45fd3f..2ff092ee22b 100644
---- a/binutils/rename.c
-+++ b/binutils/rename.c
-@@ -130,11 +130,11 @@ int
- smart_rename (const char *from, const char *to,
- struct stat *target_stat ATTRIBUTE_UNUSED)
- {
-- bfd_boolean exists;
-- struct stat s;
- int ret = 0;
-+ struct stat to_stat;
-+ bfd_boolean exists;
-
-- exists = lstat (to, &s) == 0;
-+ exists = lstat (to, &to_stat) == 0;
-
- #if defined (_WIN32) && !defined (__CYGWIN32__)
- /* Win32, unlike unix, will not erase `to' in `rename(from, to)' but
---
-2.31.1
-
diff --git a/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch
deleted file mode 100644
index 082b28b29c..0000000000
--- a/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch
+++ /dev/null
@@ -1,171 +0,0 @@
-From 8b69e61d4be276bb862698aaafddc3e779d23c8f Mon Sep 17 00:00:00 2001
-From: Alan Modra <amodra@gmail.com>
-Date: Tue, 23 Feb 2021 09:37:39 +1030
-Subject: [PATCH] PR27456, lstat in rename.c on MinGW
-
- PR 27456
- * rename.c: Tidy throughout.
- (smart_rename): Always copy. Remove windows specific code.
-
-(cherry picked from commit cca8873dd5a6015d5557ea44bc1ea9c252435a29)
-
-Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8b69e61d4be276bb862698aaafddc3e779d23c8f]
-CVE: CVE-2021-20197
-Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
----
- binutils/rename.c | 111 ++++++++++++++-------------------------------
- 2 files changed, 40 insertions(+), 76 deletions(-)
-
-diff --git a/binutils/rename.c b/binutils/rename.c
-index 2ff092ee22b..72a9323d72c 100644
---- a/binutils/rename.c
-+++ b/binutils/rename.c
-@@ -24,14 +24,9 @@
-
- #ifdef HAVE_GOOD_UTIME_H
- #include <utime.h>
--#else /* ! HAVE_GOOD_UTIME_H */
--#ifdef HAVE_UTIMES
-+#elif defined HAVE_UTIMES
- #include <sys/time.h>
--#endif /* HAVE_UTIMES */
--#endif /* ! HAVE_GOOD_UTIME_H */
--
--#if ! defined (_WIN32) || defined (__CYGWIN32__)
--static int simple_copy (const char *, const char *);
-+#endif
-
- /* The number of bytes to copy at once. */
- #define COPY_BUF 8192
-@@ -82,7 +77,6 @@ simple_copy (const char *from, const char *to)
- }
- return 0;
- }
--#endif /* __CYGWIN32__ or not _WIN32 */
-
- /* Set the times of the file DESTINATION to be the same as those in
- STATBUF. */
-@@ -91,87 +85,52 @@ void
- set_times (const char *destination, const struct stat *statbuf)
- {
- int result;
--
-- {
- #ifdef HAVE_GOOD_UTIME_H
-- struct utimbuf tb;
--
-- tb.actime = statbuf->st_atime;
-- tb.modtime = statbuf->st_mtime;
-- result = utime (destination, &tb);
--#else /* ! HAVE_GOOD_UTIME_H */
--#ifndef HAVE_UTIMES
-- long tb[2];
--
-- tb[0] = statbuf->st_atime;
-- tb[1] = statbuf->st_mtime;
-- result = utime (destination, tb);
--#else /* HAVE_UTIMES */
-- struct timeval tv[2];
--
-- tv[0].tv_sec = statbuf->st_atime;
-- tv[0].tv_usec = 0;
-- tv[1].tv_sec = statbuf->st_mtime;
-- tv[1].tv_usec = 0;
-- result = utimes (destination, tv);
--#endif /* HAVE_UTIMES */
--#endif /* ! HAVE_GOOD_UTIME_H */
-- }
-+ struct utimbuf tb;
-+
-+ tb.actime = statbuf->st_atime;
-+ tb.modtime = statbuf->st_mtime;
-+ result = utime (destination, &tb);
-+#elif defined HAVE_UTIMES
-+ struct timeval tv[2];
-+
-+ tv[0].tv_sec = statbuf->st_atime;
-+ tv[0].tv_usec = 0;
-+ tv[1].tv_sec = statbuf->st_mtime;
-+ tv[1].tv_usec = 0;
-+ result = utimes (destination, tv);
-+#else
-+ long tb[2];
-+
-+ tb[0] = statbuf->st_atime;
-+ tb[1] = statbuf->st_mtime;
-+ result = utime (destination, tb);
-+#endif
-
- if (result != 0)
- non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno));
- }
-
--/* Rename FROM to TO, copying if TO exists. TARGET_STAT has the file status
-- that, if non-NULL, is used to fix up timestamps after rename. Return 0 if
-- ok, -1 if error. */
-+/* Copy FROM to TO. TARGET_STAT has the file status that, if non-NULL,
-+ is used to fix up timestamps. Return 0 if ok, -1 if error.
-+ At one time this function renamed files, but file permissions are
-+ tricky to update given the number of different schemes used by
-+ various systems. So now we just copy. */
-
- int
- smart_rename (const char *from, const char *to,
-- struct stat *target_stat ATTRIBUTE_UNUSED)
-+ struct stat *target_stat)
- {
-- int ret = 0;
-- struct stat to_stat;
-- bfd_boolean exists;
--
-- exists = lstat (to, &to_stat) == 0;
--
--#if defined (_WIN32) && !defined (__CYGWIN32__)
-- /* Win32, unlike unix, will not erase `to' in `rename(from, to)' but
-- fail instead. Also, chown is not present. */
--
-- if (exists)
-- remove (to);
-+ int ret;
-
-- ret = rename (from, to);
-+ ret = simple_copy (from, to);
- if (ret != 0)
-- {
-- /* We have to clean up here. */
-- non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno));
-- unlink (from);
-- }
--#else
-- /* Avoid a full copy and use rename if TO does not exist. */
-- if (!exists)
-- {
-- if ((ret = rename (from, to)) != 0)
-- {
-- /* We have to clean up here. */
-- non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno));
-- unlink (from);
-- }
-- }
-- else
-- {
-- ret = simple_copy (from, to);
-- if (ret != 0)
-- non_fatal (_("unable to copy file '%s'; reason: %s"), to, strerror (errno));
-+ non_fatal (_("unable to copy file '%s'; reason: %s"),
-+ to, strerror (errno));
-
-- if (target_stat != NULL)
-- set_times (to, target_stat);
-- unlink (from);
-- }
--#endif /* _WIN32 && !__CYGWIN32__ */
-+ if (target_stat != NULL)
-+ set_times (to, target_stat);
-+ unlink (from);
-
- return ret;
- }
---
-2.31.1
-
diff --git a/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch b/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch
new file mode 100644
index 0000000000..fa10a6c99a
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch
@@ -0,0 +1,102 @@
+From 25162c795b1a2becf936bb3581d86a307ea491eb Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 15 Jul 2021 16:51:56 +0100
+Subject: [PATCH] Fix a stack exhaustion problem in the Rust demangling code in
+ the libiberty library.
+
+ PR 99935
+ * rust-demangle.c: Add recursion limit.
+
+CVE: CVE-2021-3530
+Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=25162c795b1a2becf936bb3581d86a307ea491eb]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ libiberty/ChangeLog | 5 +++++
+ libiberty/rust-demangle.c | 31 +++++++++++++++++++++++++------
+ 2 files changed, 30 insertions(+), 6 deletions(-)
+
+diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog
+index bc1b35b97c4..8e39fd28eba 100644
+--- a/libiberty/ChangeLog
++++ b/libiberty/ChangeLog
+@@ -1,3 +1,8 @@
++2021-07-15 Nick Clifton <nickc@redhat.com>
++
++ PR 99935
++ * rust-demangle.c: Add recursion limit.
++
+ 2021-01-04 Martin Liska <mliska@suse.cz>
+
+ * strverscmp.c: Convert to utf8 from iso8859.
+diff --git a/libiberty/rust-demangle.c b/libiberty/rust-demangle.c
+index 449941b56dc..df09b7b8fdd 100644
+--- a/libiberty/rust-demangle.c
++++ b/libiberty/rust-demangle.c
+@@ -74,6 +74,12 @@ struct rust_demangler
+ /* Rust mangling version, with legacy mangling being -1. */
+ int version;
+
++ /* Recursion depth. */
++ uint recursion;
++ /* Maximum number of times demangle_path may be called recursively. */
++#define RUST_MAX_RECURSION_COUNT 1024
++#define RUST_NO_RECURSION_LIMIT ((uint) -1)
++
+ uint64_t bound_lifetime_depth;
+ };
+
+@@ -671,6 +677,15 @@ demangle_path (struct rust_demangler *rd
+ if (rdm->errored)
+ return;
+
++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT)
++ {
++ ++ rdm->recursion;
++ if (rdm->recursion > RUST_MAX_RECURSION_COUNT)
++ /* FIXME: There ought to be a way to report
++ that the recursion limit has been reached. */
++ goto fail_return;
++ }
++
+ switch (tag = next (rdm))
+ {
+ case 'C':
+@@ -688,10 +703,7 @@ demangle_path (struct rust_demangler *rd
+ case 'N':
+ ns = next (rdm);
+ if (!ISLOWER (ns) && !ISUPPER (ns))
+- {
+- rdm->errored = 1;
+- return;
+- }
++ goto fail_return;
+
+ demangle_path (rdm, in_value);
+
+@@ -776,9 +788,15 @@ demangle_path (struct rust_demangler *rd
+ }
+ break;
+ default:
+- rdm->errored = 1;
+- return;
++ goto fail_return;
+ }
++ goto pass_return;
++
++ fail_return:
++ rdm->errored = 1;
++ pass_return:
++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT)
++ -- rdm->recursion;
+ }
+
+ static void
+@@ -1317,6 +1335,7 @@ rust_demangle_callback (const char *mang
+ rdm.skipping_printing = 0;
+ rdm.verbose = (options & DMGL_VERBOSE) != 0;
+ rdm.version = 0;
++ rdm.recursion = (options & DMGL_NO_RECURSE_LIMIT) ? RUST_NO_RECURSION_LIMIT : 0;
+ rdm.bound_lifetime_depth = 0;
+
+ /* Rust symbols always start with _R (v0) or _ZN (legacy). */
diff --git a/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch b/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch
new file mode 100644
index 0000000000..e569a6bc47
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch
@@ -0,0 +1,64 @@
+From 999566402e3d7c69032bbf47e28b44fc0926fe62 Mon Sep 17 00:00:00 2001
+From: Christopher Wellons <wellons@nullprogram.com>
+Date: Sun, 18 Jul 2021 16:57:19 -0400
+Subject: [PATCH] Change "uint" to "unsigned"
+
+This fixes a defect introduced in 25162c795. The "uint" type has not
+been explicitly defined here on mingw, causing compilation to fail.
+
+On linux we have this in /usr/include/sys/types.h
+
+/* Old compatibility names for C types. */
+typedef unsigned long int ulong;
+typedef unsigned short int ushort;
+typedef unsigned int uint;
+
+So it's easy to see how such bugs can creep in.
+
+ * rust-demangle.c (struct rust_demangler): Change type of
+ "recursion" to unsigned.
+ (RUST_NO_RECURSION_LIMIT): Similarly in cast.
+
+CVE: CVE-2021-3530
+Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=999566402e3]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ libiberty/ChangeLog | 6 ++++++
+ libiberty/rust-demangle.c | 4 ++--
+ 2 files changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog
+index 8e39fd28eba..3f749455f05 100644
+--- a/libiberty/ChangeLog
++++ b/libiberty/ChangeLog
+@@ -1,3 +1,9 @@
++2021-07-19 Christopher Wellons <wellons@nullprogram.com>
++
++ * rust-demangle.c (struct rust_demangler): Change type of
++ "recursion" to unsigned.
++ (RUST_NO_RECURSION_LIMIT): Similarly in cast.
++
+ 2021-07-15 Nick Clifton <nickc@redhat.com>
+
+ PR 99935
+diff --git a/libiberty/rust-demangle.c b/libiberty/rust-demangle.c
+index df09b7b8fdd..ac1eb8eb02c 100644
+--- a/libiberty/rust-demangle.c
++++ b/libiberty/rust-demangle.c
+@@ -75,10 +75,10 @@ struct rust_demangler
+ int version;
+
+ /* Recursion depth. */
+- uint recursion;
++ unsigned recursion;
+ /* Maximum number of times demangle_path may be called recursively. */
+ #define RUST_MAX_RECURSION_COUNT 1024
+-#define RUST_NO_RECURSION_LIMIT ((uint) -1)
++#define RUST_NO_RECURSION_LIMIT ((unsigned) -1)
+
+ uint64_t bound_lifetime_depth;
+ };
+--
+2.27.0
+
diff --git a/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb b/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb
index f6a77b4606..02a286c396 100644
--- a/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb
+++ b/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb
@@ -90,7 +90,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=44ac4678311254db62edf8fd39cb8124"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+(\.\d+)*)"
-SRC_URI = "git://github.com/xrmx/bootchart.git \
+SRC_URI = "git://github.com/xrmx/bootchart.git;branch=master;protocol=https \
file://bootchartd_stop.sh \
file://0001-collector-Allocate-space-on-heap-for-chunks.patch \
file://0001-bootchart2-support-usrmerge.patch \
@@ -99,6 +99,10 @@ SRC_URI = "git://github.com/xrmx/bootchart.git \
S = "${WORKDIR}/git"
SRCREV = "868a2afab9da34f32c007d773b77253c93104636"
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
+
inherit systemd update-rc.d python3native update-alternatives
ALTERNATIVE_${PN} = "bootchartd"
@@ -131,7 +135,7 @@ do_install () {
export PKGLIBDIR="${base_libdir}/bootchart"
export SYSTEMD_UNIT_DIR="${systemd_unitdir}/system"
- oe_runmake install
+ oe_runmake install NO_PYTHON_COMPILE=1
install -d ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/bootchartd_stop.sh ${D}${sysconfdir}/init.d
diff --git a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb b/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb
index fca010d4ae..7f51c799cd 100644
--- a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb
+++ b/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb
@@ -15,7 +15,7 @@ DEPENDS_append_class-target = " udev"
RDEPENDS_${PN} = "libgcc"
SRCREV = "f2ffce38b9c1477a7350bfe165f0e34b9bde40f5"
-SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git \
+SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git;branch=master \
file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \
"
diff --git a/meta/recipes-devtools/ccache/ccache_4.2.bb b/meta/recipes-devtools/ccache/ccache_4.2.1.bb
index b76bf043f0..99bbe0eca2 100644
--- a/meta/recipes-devtools/ccache/ccache_4.2.bb
+++ b/meta/recipes-devtools/ccache/ccache_4.2.1.bb
@@ -7,14 +7,14 @@ HOMEPAGE = "http://ccache.samba.org"
SECTION = "devel"
LICENSE = "GPLv3+"
-LIC_FILES_CHKSUM = "file://LICENSE.adoc;md5=28afb89f649f309e7ac1aab554564637"
+LIC_FILES_CHKSUM = "file://LICENSE.adoc;md5=698a26b57e513d678e1e7727bf56395b"
DEPENDS = "zstd"
SRC_URI = "https://github.com/ccache/ccache/releases/download/v${PV}/${BP}.tar.gz"
SRC_URI += "file://0001-CMake-make-build-of-documentation-optional-842.patch"
-SRC_URI[sha256sum] = "dbf139ff32031b54cb47f2d7983269f328df14b5a427882f89f7721e5c411b7e"
+SRC_URI[sha256sum] = "320d2b17d2f76393e5d4bb28c8dee5ca783248e9cd23dff0654694d60f8a4b62"
UPSTREAM_CHECK_URI = "https://github.com/ccache/ccache/releases/"
diff --git a/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb b/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
index 7480affbc0..29f3866079 100644
--- a/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
+++ b/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb
@@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/rpm-software-management/createrepo_c/wiki"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "git://github.com/rpm-software-management/createrepo_c \
+SRC_URI = "git://github.com/rpm-software-management/createrepo_c;branch=master;protocol=https \
file://0001-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \
"
diff --git a/meta/recipes-devtools/distcc/distcc_3.3.5.bb b/meta/recipes-devtools/distcc/distcc_3.3.5.bb
index 5c2644199e..defea99c95 100644
--- a/meta/recipes-devtools/distcc/distcc_3.3.5.bb
+++ b/meta/recipes-devtools/distcc/distcc_3.3.5.bb
@@ -15,7 +15,7 @@ PACKAGECONFIG[popt] = "--without-included-popt,--with-included-popt,popt"
RRECOMMENDS_${PN}-server = "avahi-daemon"
-SRC_URI = "git://github.com/distcc/distcc.git \
+SRC_URI = "git://github.com/distcc/distcc.git;branch=master;protocol=https \
file://default \
file://distcc \
file://distcc.service \
diff --git a/meta/recipes-devtools/dnf/dnf_4.6.0.bb b/meta/recipes-devtools/dnf/dnf_4.6.0.bb
index 6651e64352..f2cb6db89b 100644
--- a/meta/recipes-devtools/dnf/dnf_4.6.0.bb
+++ b/meta/recipes-devtools/dnf/dnf_4.6.0.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://PACKAGE-LICENSING;md5=4a0548e303dbc77f067335b4d688e745 \
"
-SRC_URI = "git://github.com/rpm-software-management/dnf.git \
+SRC_URI = "git://github.com/rpm-software-management/dnf.git;branch=master;protocol=https \
file://0001-Corretly-install-tmpfiles.d-configuration.patch \
file://0001-Do-not-hardcode-etc-and-systemd-unit-directories.patch \
file://0005-Do-not-prepend-installroot-to-logdir.patch \
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc b/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc
index 2f113c5e8d..1250a9b99c 100644
--- a/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc
@@ -19,7 +19,8 @@ LIC_FILES_CHKSUM = "file://NOTICE;md5=d50be0580c0b0a7fbc7a4830bbe6c12b \
SECTION = "base"
DEPENDS = "util-linux attr autoconf-archive"
-SRC_URI = "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git"
+SRC_URI = "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git;branch=master \
+ file://0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch"
S = "${WORKDIR}/git"
inherit autotools gettext texinfo pkgconfig multilib_header update-alternatives ptest
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch b/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch
new file mode 100644
index 0000000000..d679b25b1d
--- /dev/null
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch
@@ -0,0 +1,66 @@
+From 2c69c94217b6db083d601d4fd62d6ab6c1628fee Mon Sep 17 00:00:00 2001
+From: Lukas Czerner <lczerner@redhat.com>
+Date: Mon, 14 Jun 2021 15:27:25 +0200
+Subject: [PATCH] e2fsck: fix last mount/write time when e2fsck is forced
+
+With commit c52d930f e2fsck is no longer able to fix bad last
+mount/write time by default because it is conditioned on s_checkinterval
+not being zero, which it is by default.
+
+One place where it matters is when other e2fsprogs tools require to run
+full file system check before a certain operation. If the last mount
+time is for any reason in future, it will not allow it to run even if
+full e2fsck is ran.
+
+Fix it by checking the last mount/write time when the e2fsck is forced,
+except for the case where we know the system clock is broken.
+
+[ Reworked the conditionals so error messages claiming that the last
+ write/mount time were corrupted wouldn't be always printed when the
+ e2fsck was run with the -f option, thus causing 299 out of 372
+ regression tests to fail. -- TYT ]
+
+Fixes: c52d930f ("e2fsck: don't check for future superblock times if checkinterval == 0")
+Reported-by: Dusty Mabe <dustymabe@redhat.com>
+Signed-off-by: Lukas Czerner <lczerner@redhat.com>
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+
+Upstream-Status: Backport [https://github.com/tytso/e2fsprogs/commit/2c69c94217b6db083d601d4fd62d6ab6c1628fee]
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ e2fsck/super.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/e2fsck/super.c b/e2fsck/super.c
+index e1c3f935..31e2ffb2 100644
+--- a/e2fsck/super.c
++++ b/e2fsck/super.c
+@@ -1038,9 +1038,9 @@ void check_super_block(e2fsck_t ctx)
+ * Check to see if the superblock last mount time or last
+ * write time is in the future.
+ */
+- if (!broken_system_clock && fs->super->s_checkinterval &&
+- !(ctx->flags & E2F_FLAG_TIME_INSANE) &&
+- fs->super->s_mtime > (__u32) ctx->now) {
++ if (((ctx->options & E2F_OPT_FORCE) || fs->super->s_checkinterval) &&
++ !broken_system_clock && !(ctx->flags & E2F_FLAG_TIME_INSANE) &&
++ (fs->super->s_mtime > (__u32) ctx->now)) {
+ pctx.num = fs->super->s_mtime;
+ problem = PR_0_FUTURE_SB_LAST_MOUNT;
+ if (fs->super->s_mtime <= (__u32) ctx->now + ctx->time_fudge)
+@@ -1050,9 +1050,9 @@ void check_super_block(e2fsck_t ctx)
+ fs->flags |= EXT2_FLAG_DIRTY;
+ }
+ }
+- if (!broken_system_clock && fs->super->s_checkinterval &&
+- !(ctx->flags & E2F_FLAG_TIME_INSANE) &&
+- fs->super->s_wtime > (__u32) ctx->now) {
++ if (((ctx->options & E2F_OPT_FORCE) || fs->super->s_checkinterval) &&
++ !broken_system_clock && !(ctx->flags & E2F_FLAG_TIME_INSANE) &&
++ (fs->super->s_wtime > (__u32) ctx->now)) {
+ pctx.num = fs->super->s_wtime;
+ problem = PR_0_FUTURE_SB_LAST_WRITE;
+ if (fs->super->s_wtime <= (__u32) ctx->now + ctx->time_fudge)
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/file/file_5.39.bb b/meta/recipes-devtools/file/file_5.39.bb
index c0c7253688..234440e493 100644
--- a/meta/recipes-devtools/file/file_5.39.bb
+++ b/meta/recipes-devtools/file/file_5.39.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=2;md5=0251eaec1188b20d9a72c502ecfdd
DEPENDS = "file-replacement-native"
DEPENDS_class-native = "bzip2-replacement-native"
-SRC_URI = "git://github.com/file/file.git \
+SRC_URI = "git://github.com/file/file.git;branch=master;protocol=https \
file://0001-src-compress.c-correct-header-define-for-xz-lzma.patch \
file://0001-Fix-close_on_exec-multithreaded-decompression-issue.patch"
diff --git a/meta/recipes-devtools/gcc/gcc-10.2.inc b/meta/recipes-devtools/gcc/gcc-10.3.inc
index c0cd8b31d5..1fdfcced8e 100644
--- a/meta/recipes-devtools/gcc/gcc-10.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-10.3.inc
@@ -2,11 +2,11 @@ require gcc-common.inc
# Third digit in PV should be incremented after a minor release
-PV = "10.2.0"
+PV = "10.3.0"
# BINV should be incremented to a revision after a minor gcc release
-BINV = "10.2.0"
+BINV = "10.3.0"
FILESEXTRAPATHS =. "${FILE_DIRNAME}/gcc:${FILE_DIRNAME}/gcc/backport:"
@@ -65,13 +65,18 @@ SRC_URI = "\
file://0035-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch \
file://0036-mingw32-Enable-operation_not_supported.patch \
file://0037-libatomic-Do-not-enforce-march-on-aarch64.patch \
- file://0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch \
- file://0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch \
- file://0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch \
- file://0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch \
file://0001-libatomic-libgomp-libitc-Fix-bootstrap-PR70454.patch \
+ file://0001-CVE-2021-35465.patch \
+ file://0002-CVE-2021-35465.patch \
+ file://0003-CVE-2021-35465.patch \
+ file://0004-CVE-2021-35465.patch \
+ file://0001-CVE-2021-42574.patch \
+ file://0002-CVE-2021-42574.patch \
+ file://0003-CVE-2021-42574.patch \
+ file://0004-CVE-2021-42574.patch \
+ file://0005-CVE-2021-42574.patch \
"
-SRC_URI[sha256sum] = "b8dd4368bb9c7f0b98188317ee0254dd8cc99d1e3a18d0ff146c855fe16c1d8c"
+SRC_URI[sha256sum] = "64f404c1a650f27fc33da242e1f2df54952e3963a49e06e73f6940f3223ac344"
S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}"
# For dev release snapshotting
@@ -118,3 +123,6 @@ EXTRA_OECONF_PATHS = "\
--with-sysroot=/not/exist \
--with-build-sysroot=${STAGING_DIR_TARGET} \
"
+
+# Is a binutils 2.26 issue, not gcc
+CVE_CHECK_WHITELIST += "CVE-2021-37322"
diff --git a/meta/recipes-devtools/gcc/gcc-cross-canadian_10.2.bb b/meta/recipes-devtools/gcc/gcc-cross-canadian_10.3.bb
index bf53c5cd78..bf53c5cd78 100644
--- a/meta/recipes-devtools/gcc/gcc-cross-canadian_10.2.bb
+++ b/meta/recipes-devtools/gcc/gcc-cross-canadian_10.3.bb
diff --git a/meta/recipes-devtools/gcc/gcc-cross_10.2.bb b/meta/recipes-devtools/gcc/gcc-cross_10.3.bb
index b43cca0c52..b43cca0c52 100644
--- a/meta/recipes-devtools/gcc/gcc-cross_10.2.bb
+++ b/meta/recipes-devtools/gcc/gcc-cross_10.3.bb
diff --git a/meta/recipes-devtools/gcc/gcc-crosssdk_10.2.bb b/meta/recipes-devtools/gcc/gcc-crosssdk_10.3.bb
index 40a6c4feff..40a6c4feff 100644
--- a/meta/recipes-devtools/gcc/gcc-crosssdk_10.2.bb
+++ b/meta/recipes-devtools/gcc/gcc-crosssdk_10.3.bb
diff --git a/meta/recipes-devtools/gcc/gcc-runtime_10.2.bb b/meta/recipes-devtools/gcc/gcc-runtime_10.3.bb
index dd430b57eb..dd430b57eb 100644
--- a/meta/recipes-devtools/gcc/gcc-runtime_10.2.bb
+++ b/meta/recipes-devtools/gcc/gcc-runtime_10.3.bb
diff --git a/meta/recipes-devtools/gcc/gcc-sanitizers_10.2.bb b/meta/recipes-devtools/gcc/gcc-sanitizers_10.3.bb
index f3c7058114..f3c7058114 100644
--- a/meta/recipes-devtools/gcc/gcc-sanitizers_10.2.bb
+++ b/meta/recipes-devtools/gcc/gcc-sanitizers_10.3.bb
diff --git a/meta/recipes-devtools/gcc/gcc-source_10.2.bb b/meta/recipes-devtools/gcc/gcc-source_10.3.bb
index b890fa33ea..b890fa33ea 100644
--- a/meta/recipes-devtools/gcc/gcc-source_10.2.bb
+++ b/meta/recipes-devtools/gcc/gcc-source_10.3.bb
diff --git a/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
new file mode 100644
index 0000000000..4d7c7e3f18
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
@@ -0,0 +1,138 @@
+From 3929bca9ca95de9d35e82ae8828b188029e3eb70 Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Fri, 11 Jun 2021 16:02:05 +0100
+Subject: [PATCH] arm: Add command-line option for enabling CVE-2021-35465
+ mitigation [PR102035]
+
+Add a new option, -mfix-cmse-cve-2021-35465 and document it. Enable it
+automatically for cortex-m33, cortex-m35p and cortex-m55.
+
+gcc:
+ PR target/102035
+ * config/arm/arm.opt (mfix-cmse-cve-2021-35465): New option.
+ * doc/invoke.texi (Arm Options): Document it.
+ * config/arm/arm-cpus.in (quirk_vlldm): New feature bit.
+ (ALL_QUIRKS): Add quirk_vlldm.
+ (cortex-m33): Add quirk_vlldm.
+ (cortex-m35p, cortex-m55): Likewise.
+ * config/arm/arm.c (arm_option_override): Enable fix_vlldm if
+ targetting an affected CPU and not explicitly controlled on
+ the command line.
+
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ gcc/config/arm/arm-cpus.in | 9 +++++++--
+ gcc/config/arm/arm.c | 9 +++++++++
+ gcc/config/arm/arm.opt | 4 ++++
+ gcc/doc/invoke.texi | 9 +++++++++
+ 4 files changed, 29 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/config/arm/arm.c b/gcc/config/arm/arm.c
+--- a/gcc/config/arm/arm.c 2020-07-22 23:35:17.344384552 -0700
++++ b/gcc/config/arm/arm.c 2021-11-11 20:16:19.761241867 -0800
+@@ -3610,6 +3610,15 @@ arm_option_override (void)
+ fix_cm3_ldrd = 0;
+ }
+
++ /* Enable fix_vlldm by default if required. */
++ if (fix_vlldm == 2)
++ {
++ if (bitmap_bit_p (arm_active_target.isa, isa_bit_quirk_vlldm))
++ fix_vlldm = 1;
++ else
++ fix_vlldm = 0;
++ }
++
+ /* Hot/Cold partitioning is not currently supported, since we can't
+ handle literal pool placement in that case. */
+ if (flag_reorder_blocks_and_partition)
+diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in
+--- a/gcc/config/arm/arm-cpus.in 2020-07-22 23:35:17.340384509 -0700
++++ b/gcc/config/arm/arm-cpus.in 2021-11-11 20:17:01.364573561 -0800
+@@ -186,6 +186,9 @@ define feature quirk_armv6kz
+ # Cortex-M3 LDRD quirk.
+ define feature quirk_cm3_ldrd
+
++# v8-m/v8.1-m VLLDM errata.
++define feature quirk_vlldm
++
+ # Don't use .cpu assembly directive
+ define feature quirk_no_asmcpu
+
+@@ -322,7 +325,7 @@ define implied vfp_base MVE MVE_FP ALL_F
+ # architectures.
+ # xscale isn't really a 'quirk', but it isn't an architecture either and we
+ # need to ignore it for matching purposes.
+-define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd xscale quirk_no_asmcpu
++define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu
+
+ # Architecture entries
+ # format:
+@@ -1524,6 +1527,7 @@ begin cpu cortex-m33
+ architecture armv8-m.main+dsp+fp
+ option nofp remove ALL_FP
+ option nodsp remove armv7em
++ isa quirk_vlldm
+ costs v7m
+ end cpu cortex-m33
+
+@@ -1533,6 +1537,7 @@ begin cpu cortex-m35p
+ architecture armv8-m.main+dsp+fp
+ option nofp remove ALL_FP
+ option nodsp remove armv7em
++ isa quirk_vlldm
+ costs v7m
+ end cpu cortex-m35p
+
+@@ -1544,7 +1549,7 @@ begin cpu cortex-m55
+ option nomve remove mve mve_float
+ option nofp remove ALL_FP mve_float
+ option nodsp remove MVE mve_float
+- isa quirk_no_asmcpu
++ isa quirk_no_asmcpu quirk_vlldm
+ costs v7m
+ vendor 41
+ end cpu cortex-m55
+diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt
+--- a/gcc/config/arm/arm.opt 2020-07-22 23:35:17.344384552 -0700
++++ b/gcc/config/arm/arm.opt 2021-11-11 20:16:19.761241867 -0800
+@@ -271,6 +271,10 @@ Target Report Var(fix_cm3_ldrd) Init(2)
+ Avoid overlapping destination and address registers on LDRD instructions
+ that may trigger Cortex-M3 errata.
+
++mfix-cmse-cve-2021-35465
++Target Var(fix_vlldm) Init(2)
++Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
++
+ munaligned-access
+ Target Report Var(unaligned_access) Init(2) Save
+ Enable unaligned word and halfword accesses to packed data.
+diff -upr a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
+--- a/gcc/doc/invoke.texi 2021-11-11 19:30:56.264523105 -0800
++++ b/gcc/doc/invoke.texi 2021-11-11 20:16:19.769241739 -0800
+@@ -774,6 +774,7 @@ Objective-C and Objective-C++ Dialects}.
+ -mverbose-cost-dump @gol
+ -mpure-code @gol
+ -mcmse @gol
++-mfix-cmse-cve-2021-35465 @gol
+ -mfdpic}
+
+ @emph{AVR Options}
+@@ -21266,6 +21267,14 @@ Use multiply and add/subtract instructio
+
+ Do not use multiply and add/subtract instructions.
+
++@item -mfix-cmse-cve-2021-35465
++@opindex mfix-cmse-cve-2021-35465
++Mitigate against a potential security issue with the @code{VLLDM} instruction
++in some M-profile devices when using CMSE (CVE-2021-365465). This option is
++enabled by default when the option @option{-mcpu=} is used with
++@code{cortex-m33}, @code{cortex-m35p} or @code{cortex-m55}. The option
++@option{-mno-fix-cmse-cve-2021-35465} can be used to disable the mitigation.
++
+ @item -mfdpic
+ @opindex mfdpic
+
diff --git a/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch
new file mode 100644
index 0000000000..e0f4f7d32f
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch
@@ -0,0 +1,2906 @@
+From 004bb936d6d5f177af26ad4905595e843d5665a5 Mon Sep 17 00:00:00 2001
+From: Lewis Hyatt <lhyatt@gmail.com>
+Date: Tue, 14 Jul 2020 12:05:56 -0400
+Subject: [PATCH] diagnostics: Support conversion of tabs to spaces [PR49973]
+ [PR86904]
+
+Supports conversion of tabs to spaces when outputting diagnostics. Also
+adds -fdiagnostics-column-unit and -fdiagnostics-column-origin options to
+control how the column number is output, thereby resolving the two PRs.
+
+gcc/c-family/ChangeLog:
+
+ PR other/86904
+ * c-indentation.c (should_warn_for_misleading_indentation): Get
+ global tabstop from the new source.
+ * c-opts.c (c_common_handle_option): Remove handling of -ftabstop, which
+ is now a common option.
+ * c.opt: Likewise.
+
+gcc/ChangeLog:
+
+ PR preprocessor/49973
+ PR other/86904
+ * common.opt: Handle -ftabstop here instead of in c-family
+ options. Add -fdiagnostics-column-unit= and
+ -fdiagnostics-column-origin= options.
+ * opts.c (common_handle_option): Handle the new options.
+ * diagnostic-format-json.cc (json_from_expanded_location): Add
+ diagnostic_context argument. Use it to convert column numbers as per
+ the new options.
+ (json_from_location_range): Likewise.
+ (json_from_fixit_hint): Likewise.
+ (json_end_diagnostic): Pass the new context argument to helper
+ functions above. Add "column-origin" field to the output.
+ (test_unknown_location): Add the new context argument to calls to
+ helper functions.
+ (test_bad_endpoints): Likewise.
+ * diagnostic-show-locus.c
+ (exploc_with_display_col::exploc_with_display_col): Support
+ tabstop parameter.
+ (layout_point::layout_point): Make use of class
+ exploc_with_display_col.
+ (layout_range::layout_range): Likewise.
+ (struct line_bounds): Clarify that the units are now always
+ display columns. Rename members accordingly. Add constructor.
+ (layout::print_source_line): Add support for tab expansion.
+ (make_range): Adapt to class layout_range changes.
+ (layout::maybe_add_location_range): Likewise.
+ (layout::layout): Adapt to class exploc_with_display_col changes.
+ (layout::calculate_x_offset_display): Support tabstop parameter.
+ (layout::print_annotation_line): Adapt to struct line_bounds changes.
+ (layout::print_line): Likewise.
+ (line_label::line_label): Add diagnostic_context argument.
+ (get_affected_range): Likewise.
+ (get_printed_columns): Likewise.
+ (layout::print_any_labels): Adapt to struct line_label changes.
+ (class correction): Add m_tabstop member.
+ (correction::correction): Add tabstop argument.
+ (correction::compute_display_cols): Use m_tabstop.
+ (class line_corrections): Add m_context member.
+ (line_corrections::line_corrections): Add diagnostic_context argument.
+ (line_corrections::add_hint): Use m_context to handle tabstops.
+ (layout::print_trailing_fixits): Adapt to class line_corrections
+ changes.
+ (test_layout_x_offset_display_utf8): Support tabstop parameter.
+ (test_layout_x_offset_display_tab): New selftest.
+ (test_one_liner_colorized_utf8): Likewise.
+ (test_tab_expansion): Likewise.
+ (test_diagnostic_show_locus_one_liner_utf8): Call the new tests.
+ (diagnostic_show_locus_c_tests): Likewise.
+ (test_overlapped_fixit_printing): Adapt to helper class and
+ function changes.
+ (test_overlapped_fixit_printing_utf8): Likewise.
+ (test_overlapped_fixit_printing_2): Likewise.
+ * diagnostic.h (enum diagnostics_column_unit): New enum.
+ (struct diagnostic_context): Add members for the new options.
+ (diagnostic_converted_column): Declare.
+ (json_from_expanded_location): Add new context argument.
+ * diagnostic.c (diagnostic_initialize): Initialize new members.
+ (diagnostic_converted_column): New function.
+ (maybe_line_and_column): Be willing to output a column of 0.
+ (diagnostic_get_location_text): Convert column number as per the new
+ options.
+ (diagnostic_report_current_module): Likewise.
+ (assert_location_text): Add origin and column_unit arguments for
+ testing the new functionality.
+ (test_diagnostic_get_location_text): Test the new functionality.
+ * doc/invoke.texi: Document the new options and behavior.
+ * input.h (location_compute_display_column): Add tabstop argument.
+ * input.c (location_compute_display_column): Likewise.
+ (test_cpp_utf8): Add selftests for tab expansion.
+ * tree-diagnostic-path.cc (default_tree_make_json_for_path): Pass the
+ new context argument to json_from_expanded_location().
+
+libcpp/ChangeLog:
+
+ PR preprocessor/49973
+ PR other/86904
+ * include/cpplib.h (struct cpp_options): Removed support for -ftabstop,
+ which is now handled by diagnostic_context.
+ (class cpp_display_width_computation): New class.
+ (cpp_byte_column_to_display_column): Add optional tabstop argument.
+ (cpp_display_width): Likewise.
+ (cpp_display_column_to_byte_column): Likewise.
+ * charset.c
+ (cpp_display_width_computation::cpp_display_width_computation): New
+ function.
+ (cpp_display_width_computation::advance_display_cols): Likewise.
+ (compute_next_display_width): Removed and implemented this
+ functionality in a new function...
+ (cpp_display_width_computation::process_next_codepoint): ...here.
+ (cpp_byte_column_to_display_column): Added tabstop argument.
+ Reimplemented in terms of class cpp_display_width_computation.
+ (cpp_display_column_to_byte_column): Likewise.
+ * init.c (cpp_create_reader): Remove handling of -ftabstop, which is now
+ handled by diagnostic_context.
+
+gcc/testsuite/ChangeLog:
+
+ PR preprocessor/49973
+ PR other/86904
+ * c-c++-common/Wmisleading-indentation-3.c: Adjust expected output
+ for new defaults.
+ * c-c++-common/Wmisleading-indentation.c: Likewise.
+ * c-c++-common/diagnostic-format-json-1.c: Likewise.
+ * c-c++-common/diagnostic-format-json-2.c: Likewise.
+ * c-c++-common/diagnostic-format-json-3.c: Likewise.
+ * c-c++-common/diagnostic-format-json-4.c: Likewise.
+ * c-c++-common/diagnostic-format-json-5.c: Likewise.
+ * c-c++-common/missing-close-symbol.c: Likewise.
+ * g++.dg/diagnostic/bad-binary-ops.C: Likewise.
+ * g++.dg/parse/error4.C: Likewise.
+ * g++.old-deja/g++.brendan/crash11.C: Likewise.
+ * g++.old-deja/g++.pt/overload2.C: Likewise.
+ * g++.old-deja/g++.robertl/eb109.C: Likewise.
+ * gcc.dg/analyzer/malloc-paths-9.c: Likewise.
+ * gcc.dg/bad-binary-ops.c: Likewise.
+ * gcc.dg/format/branch-1.c: Likewise.
+ * gcc.dg/format/pr79210.c: Likewise.
+ * gcc.dg/plugin/diagnostic-test-expressions-1.c: Likewise.
+ * gcc.dg/plugin/diagnostic-test-string-literals-1.c: Likewise.
+ * gcc.dg/redecl-4.c: Likewise.
+ * gfortran.dg/diagnostic-format-json-1.F90: Likewise.
+ * gfortran.dg/diagnostic-format-json-2.F90: Likewise.
+ * gfortran.dg/diagnostic-format-json-3.F90: Likewise.
+ * go.dg/arrayclear.go: Add a comment explaining why adding a
+ comment was necessary to work around a dejagnu bug.
+ * c-c++-common/diagnostic-units-1.c: New test.
+ * c-c++-common/diagnostic-units-2.c: New test.
+ * c-c++-common/diagnostic-units-3.c: New test.
+ * c-c++-common/diagnostic-units-4.c: New test.
+ * c-c++-common/diagnostic-units-5.c: New test.
+ * c-c++-common/diagnostic-units-6.c: New test.
+ * c-c++-common/diagnostic-units-7.c: New test.
+ * c-c++-common/diagnostic-units-8.c: New test.
+
+CVE: CVE-2021-42574
+Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=004bb936d6d5f177af26ad4905595e843d5665a5]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+---
+ gcc/c-family/c-indentation.c | 5 +-
+ gcc/c-family/c-opts.c | 6 -
+ gcc/c-family/c.opt | 4 -
+ gcc/common.opt | 21 +
+ gcc/diagnostic-format-json.cc | 55 +-
+ gcc/diagnostic-show-locus.c | 504 +++++++++++++-----
+ gcc/diagnostic.c | 113 +++-
+ gcc/diagnostic.h | 28 +-
+ gcc/doc/invoke.texi | 68 ++-
+ gcc/input.c | 72 ++-
+ gcc/input.h | 4 +-
+ gcc/opts.c | 14 +
+ .../c-c++-common/Wmisleading-indentation-3.c | 12 +-
+ .../c-c++-common/Wmisleading-indentation.c | 6 +-
+ .../c-c++-common/diagnostic-format-json-1.c | 5 +
+ .../c-c++-common/diagnostic-format-json-2.c | 5 +
+ .../c-c++-common/diagnostic-format-json-3.c | 5 +
+ .../c-c++-common/diagnostic-format-json-4.c | 9 +
+ .../c-c++-common/diagnostic-format-json-5.c | 9 +
+ .../c-c++-common/diagnostic-units-1.c | 28 +
+ .../c-c++-common/diagnostic-units-2.c | 28 +
+ .../c-c++-common/diagnostic-units-3.c | 28 +
+ .../c-c++-common/diagnostic-units-4.c | 28 +
+ .../c-c++-common/diagnostic-units-5.c | 28 +
+ .../c-c++-common/diagnostic-units-6.c | 28 +
+ .../c-c++-common/diagnostic-units-7.c | 28 +
+ .../c-c++-common/diagnostic-units-8.c | 28 +
+ .../c-c++-common/missing-close-symbol.c | 6 +-
+ .../g++.dg/diagnostic/bad-binary-ops.C | 8 +-
+ gcc/testsuite/g++.dg/parse/error4.C | 2 +-
+ .../g++.old-deja/g++.brendan/crash11.C | 4 +-
+ gcc/testsuite/g++.old-deja/g++.pt/overload2.C | 2 +-
+ .../g++.old-deja/g++.robertl/eb109.C | 4 +-
+ .../gcc.dg/analyzer/malloc-paths-9.c | 2 +-
+ gcc/testsuite/gcc.dg/bad-binary-ops.c | 8 +-
+ gcc/testsuite/gcc.dg/format/branch-1.c | 2 +-
+ gcc/testsuite/gcc.dg/format/pr79210.c | 2 +-
+ .../plugin/diagnostic-test-expressions-1.c | 16 +-
+ .../diagnostic-test-string-literals-1.c | 4 +-
+ gcc/testsuite/gcc.dg/redecl-4.c | 2 +-
+ .../gfortran.dg/diagnostic-format-json-1.F90 | 5 +
+ .../gfortran.dg/diagnostic-format-json-2.F90 | 5 +
+ .../gfortran.dg/diagnostic-format-json-3.F90 | 5 +
+ gcc/testsuite/go.dg/arrayclear.go | 3 +
+ gcc/tree-diagnostic-path.cc | 5 +-
+ libcpp/charset.c | 98 ++--
+ libcpp/include/cpplib.h | 40 +-
+ libcpp/init.c | 1 -
+ 48 files changed, 1106 insertions(+), 287 deletions(-)
+ create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-1.c
+ create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-2.c
+ create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-3.c
+ create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-4.c
+ create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-5.c
+ create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-6.c
+ create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-7.c
+ create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-8.c
+
+diff --git a/gcc/c-family/c-indentation.c b/gcc/c-family/c-indentation.c
+--- a/gcc/c-family/c-indentation.c 2020-07-22 23:35:17.296384022 -0700
++++ b/gcc/c-family/c-indentation.c 2021-12-25 01:20:53.475636694 -0800
+@@ -24,8 +24,7 @@ along with GCC; see the file COPYING3.
+ #include "c-common.h"
+ #include "c-indentation.h"
+ #include "selftest.h"
+-
+-extern cpp_options *cpp_opts;
++#include "diagnostic.h"
+
+ /* Round up VIS_COLUMN to nearest tab stop. */
+
+@@ -294,7 +293,7 @@ should_warn_for_misleading_indentation (
+ expanded_location next_stmt_exploc = expand_location (next_stmt_loc);
+ expanded_location guard_exploc = expand_location (guard_loc);
+
+- const unsigned int tab_width = cpp_opts->tabstop;
++ const unsigned int tab_width = global_dc->tabstop;
+
+ /* They must be in the same file. */
+ if (next_stmt_exploc.file != body_exploc.file)
+diff --git a/gcc/c-family/c.opt b/gcc/c-family/c.opt
+--- a/gcc/c-family/c.opt 2021-12-24 20:23:42.816809230 -0800
++++ b/gcc/c-family/c.opt 2021-12-25 01:20:53.475636694 -0800
+@@ -1876,10 +1876,6 @@ Enum(strong_eval_order) String(some) Val
+ EnumValue
+ Enum(strong_eval_order) String(all) Value(2)
+
+-ftabstop=
+-C ObjC C++ ObjC++ Joined RejectNegative UInteger
+--ftabstop=<number> Distance between tab stops for column reporting.
+-
+ ftemplate-backtrace-limit=
+ C++ ObjC++ Joined RejectNegative UInteger Var(template_backtrace_limit) Init(10)
+ Set the maximum number of template instantiation notes for a single warning or error.
+diff --git a/gcc/c-family/c-opts.c b/gcc/c-family/c-opts.c
+--- a/gcc/c-family/c-opts.c 2021-12-24 20:23:44.824774786 -0800
++++ b/gcc/c-family/c-opts.c 2021-12-25 01:20:53.475636694 -0800
+@@ -504,12 +504,6 @@ c_common_handle_option (size_t scode, co
+ cpp_opts->track_macro_expansion = 2;
+ break;
+
+- case OPT_ftabstop_:
+- /* It is documented that we silently ignore silly values. */
+- if (value >= 1 && value <= 100)
+- cpp_opts->tabstop = value;
+- break;
+-
+ case OPT_fexec_charset_:
+ cpp_opts->narrow_charset = arg;
+ break;
+diff --git a/gcc/common.opt b/gcc/common.opt
+--- a/gcc/common.opt 2021-12-24 20:23:42.480814993 -0800
++++ b/gcc/common.opt 2021-12-25 01:20:53.475636694 -0800
+@@ -1325,6 +1325,14 @@ Enum(diagnostic_url_rule) String(always)
+ EnumValue
+ Enum(diagnostic_url_rule) String(auto) Value(DIAGNOSTICS_URL_AUTO)
+
++fdiagnostics-column-unit=
++Common Joined RejectNegative Enum(diagnostics_column_unit)
++-fdiagnostics-column-unit=[display|byte] Select whether column numbers are output as display columns (default) or raw bytes.
++
++fdiagnostics-column-origin=
++Common Joined RejectNegative UInteger
++-fdiagnostics-column-origin=<number> Set the number of the first column. The default is 1-based as per GNU style, but some utilities may expect 0-based, for example.
++
+ fdiagnostics-format=
+ Common Joined RejectNegative Enum(diagnostics_output_format)
+ -fdiagnostics-format=[text|json] Select output format.
+@@ -1334,6 +1342,15 @@ SourceInclude
+ diagnostic.h
+
+ Enum
++Name(diagnostics_column_unit) Type(int)
++
++EnumValue
++Enum(diagnostics_column_unit) String(display) Value(DIAGNOSTICS_COLUMN_UNIT_DISPLAY)
++
++EnumValue
++Enum(diagnostics_column_unit) String(byte) Value(DIAGNOSTICS_COLUMN_UNIT_BYTE)
++
++Enum
+ Name(diagnostics_output_format) Type(int)
+
+ EnumValue
+@@ -1362,6 +1379,10 @@ fdiagnostics-path-format=
+ Common Joined RejectNegative Var(flag_diagnostics_path_format) Enum(diagnostic_path_format) Init(DPF_INLINE_EVENTS)
+ Specify how to print any control-flow path associated with a diagnostic.
+
++ftabstop=
++Common Joined RejectNegative UInteger
++-ftabstop=<number> Distance between tab stops for column reporting.
++
+ Enum
+ Name(diagnostic_path_format) Type(int)
+
+diff --git a/gcc/diagnostic.c b/gcc/diagnostic.c
+--- a/gcc/diagnostic.c 2020-07-22 23:35:17.556386887 -0700
++++ b/gcc/diagnostic.c 2021-12-25 01:23:41.300841207 -0800
+@@ -38,6 +38,7 @@ along with GCC; see the file COPYING3.
+ #include "selftest.h"
+ #include "selftest-diagnostic.h"
+ #include "opts.h"
++#include "cpplib.h"
+
+ #ifdef HAVE_TERMIOS_H
+ # include <termios.h>
+@@ -219,6 +220,9 @@ diagnostic_initialize (diagnostic_contex
+ context->min_margin_width = 0;
+ context->show_ruler_p = false;
+ context->parseable_fixits_p = false;
++ context->column_unit = DIAGNOSTICS_COLUMN_UNIT_DISPLAY;
++ context->column_origin = 1;
++ context->tabstop = 8;
+ context->edit_context_ptr = NULL;
+ context->diagnostic_group_nesting_depth = 0;
+ context->diagnostic_group_emission_count = 0;
+@@ -353,8 +357,51 @@ diagnostic_get_color_for_kind (diagnosti
+ return diagnostic_kind_color[kind];
+ }
+
++/* Given an expanded_location, convert the column (which is in 1-based bytes)
++ to the requested units, without converting the origin.
++ Return -1 if the column is invalid (<= 0). */
++
++static int
++convert_column_unit (enum diagnostics_column_unit column_unit,
++ int tabstop,
++ expanded_location s)
++{
++ if (s.column <= 0)
++ return -1;
++
++ switch (column_unit)
++ {
++ default:
++ gcc_unreachable ();
++
++ case DIAGNOSTICS_COLUMN_UNIT_DISPLAY:
++ {
++ cpp_char_column_policy policy (tabstop, cpp_wcwidth);
++ return location_compute_display_column (s, policy);
++ }
++
++ case DIAGNOSTICS_COLUMN_UNIT_BYTE:
++ return s.column;
++ }
++}
++
++/* Given an expanded_location, convert the column (which is in 1-based bytes)
++ to the requested units and origin. Return -1 if the column is
++ invalid (<= 0). */
++int
++diagnostic_converted_column (diagnostic_context *context, expanded_location s)
++{
++ int one_based_col
++ = convert_column_unit (context->column_unit, context->tabstop, s);
++ if (one_based_col <= 0)
++ return -1;
++ return one_based_col + (context->column_origin - 1);
++}
++
+ /* Return a formatted line and column ':%line:%column'. Elided if
+- zero. The result is a statically allocated buffer. */
++ line == 0 or col < 0. (A column of 0 may be valid due to the
++ -fdiagnostics-column-origin option.)
++ The result is a statically allocated buffer. */
+
+ static const char *
+ maybe_line_and_column (int line, int col)
+@@ -363,8 +410,9 @@ maybe_line_and_column (int line, int col
+
+ if (line)
+ {
+- size_t l = snprintf (result, sizeof (result),
+- col ? ":%d:%d" : ":%d", line, col);
++ size_t l
++ = snprintf (result, sizeof (result),
++ col >= 0 ? ":%d:%d" : ":%d", line, col);
+ gcc_checking_assert (l < sizeof (result));
+ }
+ else
+@@ -383,8 +431,14 @@ diagnostic_get_location_text (diagnostic
+ const char *locus_cs = colorize_start (pp_show_color (pp), "locus");
+ const char *locus_ce = colorize_stop (pp_show_color (pp));
+ const char *file = s.file ? s.file : progname;
+- int line = strcmp (file, N_("<built-in>")) ? s.line : 0;
+- int col = context->show_column ? s.column : 0;
++ int line = 0;
++ int col = -1;
++ if (strcmp (file, N_("<built-in>")))
++ {
++ line = s.line;
++ if (context->show_column)
++ col = diagnostic_converted_column (context, s);
++ }
+
+ const char *line_col = maybe_line_and_column (line, col);
+ return build_message_string ("%s%s%s:%s", locus_cs, file,
+@@ -650,14 +704,20 @@ diagnostic_report_current_module (diagno
+ if (! MAIN_FILE_P (map))
+ {
+ bool first = true;
++ expanded_location s = {};
+ do
+ {
+ where = linemap_included_from (map);
+ map = linemap_included_from_linemap (line_table, map);
+- const char *line_col
+- = maybe_line_and_column (SOURCE_LINE (map, where),
+- first && context->show_column
+- ? SOURCE_COLUMN (map, where) : 0);
++ s.file = LINEMAP_FILE (map);
++ s.line = SOURCE_LINE (map, where);
++ int col = -1;
++ if (first && context->show_column)
++ {
++ s.column = SOURCE_COLUMN (map, where);
++ col = diagnostic_converted_column (context, s);
++ }
++ const char *line_col = maybe_line_and_column (s.line, col);
+ static const char *const msgs[] =
+ {
+ N_("In file included from"),
+@@ -666,7 +726,7 @@ diagnostic_report_current_module (diagno
+ unsigned index = !first;
+ pp_verbatim (context->printer, "%s%s %r%s%s%R",
+ first ? "" : ",\n", _(msgs[index]),
+- "locus", LINEMAP_FILE (map), line_col);
++ "locus", s.file, line_col);
+ first = false;
+ }
+ while (! MAIN_FILE_P (map));
+@@ -2042,10 +2102,15 @@ test_print_parseable_fixits_replace ()
+ static void
+ assert_location_text (const char *expected_loc_text,
+ const char *filename, int line, int column,
+- bool show_column)
++ bool show_column,
++ int origin = 1,
++ enum diagnostics_column_unit column_unit
++ = DIAGNOSTICS_COLUMN_UNIT_BYTE)
+ {
+ test_diagnostic_context dc;
+ dc.show_column = show_column;
++ dc.column_unit = column_unit;
++ dc.column_origin = origin;
+
+ expanded_location xloc;
+ xloc.file = filename;
+@@ -2069,7 +2134,10 @@ test_diagnostic_get_location_text ()
+ assert_location_text ("PROGNAME:", NULL, 0, 0, true);
+ assert_location_text ("<built-in>:", "<built-in>", 42, 10, true);
+ assert_location_text ("foo.c:42:10:", "foo.c", 42, 10, true);
+- assert_location_text ("foo.c:42:", "foo.c", 42, 0, true);
++ assert_location_text ("foo.c:42:9:", "foo.c", 42, 10, true, 0);
++ assert_location_text ("foo.c:42:1010:", "foo.c", 42, 10, true, 1001);
++ for (int origin = 0; origin != 2; ++origin)
++ assert_location_text ("foo.c:42:", "foo.c", 42, 0, true, origin);
+ assert_location_text ("foo.c:", "foo.c", 0, 10, true);
+ assert_location_text ("foo.c:42:", "foo.c", 42, 10, false);
+ assert_location_text ("foo.c:", "foo.c", 0, 10, false);
+@@ -2077,6 +2145,41 @@ test_diagnostic_get_location_text ()
+ maybe_line_and_column (INT_MAX, INT_MAX);
+ maybe_line_and_column (INT_MIN, INT_MIN);
+
++ {
++ /* In order to test display columns vs byte columns, we need to create a
++ file for location_get_source_line() to read. */
++
++ const char *const content = "smile \xf0\x9f\x98\x82\n";
++ const int line_bytes = strlen (content) - 1;
++ const int def_tabstop = 8;
++ const int display_width = cpp_display_width (content, line_bytes,
++ def_tabstop);
++ ASSERT_EQ (line_bytes - 2, display_width);
++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content);
++ const char *const fname = tmp.get_filename ();
++ const int buf_len = strlen (fname) + 16;
++ char *const expected = XNEWVEC (char, buf_len);
++
++ snprintf (expected, buf_len, "%s:1:%d:", fname, line_bytes);
++ assert_location_text (expected, fname, 1, line_bytes, true,
++ 1, DIAGNOSTICS_COLUMN_UNIT_BYTE);
++
++ snprintf (expected, buf_len, "%s:1:%d:", fname, line_bytes - 1);
++ assert_location_text (expected, fname, 1, line_bytes, true,
++ 0, DIAGNOSTICS_COLUMN_UNIT_BYTE);
++
++ snprintf (expected, buf_len, "%s:1:%d:", fname, display_width);
++ assert_location_text (expected, fname, 1, line_bytes, true,
++ 1, DIAGNOSTICS_COLUMN_UNIT_DISPLAY);
++
++ snprintf (expected, buf_len, "%s:1:%d:", fname, display_width - 1);
++ assert_location_text (expected, fname, 1, line_bytes, true,
++ 0, DIAGNOSTICS_COLUMN_UNIT_DISPLAY);
++
++ XDELETEVEC (expected);
++ }
++
++
+ progname = old_progname;
+ }
+
+diff --git a/gcc/diagnostic-format-json.cc b/gcc/diagnostic-format-json.cc
+--- a/gcc/diagnostic-format-json.cc 2020-07-22 23:35:17.556386887 -0700
++++ b/gcc/diagnostic-format-json.cc 2021-12-25 01:20:53.475636694 -0800
+@@ -23,6 +23,7 @@ along with GCC; see the file COPYING3.
+ #include "system.h"
+ #include "coretypes.h"
+ #include "diagnostic.h"
++#include "selftest-diagnostic.h"
+ #include "diagnostic-metadata.h"
+ #include "json.h"
+ #include "selftest.h"
+@@ -43,21 +44,43 @@ static json::array *cur_children_array;
+ /* Generate a JSON object for LOC. */
+
+ json::value *
+-json_from_expanded_location (location_t loc)
++json_from_expanded_location (diagnostic_context *context, location_t loc)
+ {
+ expanded_location exploc = expand_location (loc);
+ json::object *result = new json::object ();
+ if (exploc.file)
+ result->set ("file", new json::string (exploc.file));
+ result->set ("line", new json::integer_number (exploc.line));
+- result->set ("column", new json::integer_number (exploc.column));
++
++ const enum diagnostics_column_unit orig_unit = context->column_unit;
++ struct
++ {
++ const char *name;
++ enum diagnostics_column_unit unit;
++ } column_fields[] = {
++ {"display-column", DIAGNOSTICS_COLUMN_UNIT_DISPLAY},
++ {"byte-column", DIAGNOSTICS_COLUMN_UNIT_BYTE}
++ };
++ int the_column = INT_MIN;
++ for (int i = 0; i != sizeof column_fields / sizeof (*column_fields); ++i)
++ {
++ context->column_unit = column_fields[i].unit;
++ const int col = diagnostic_converted_column (context, exploc);
++ result->set (column_fields[i].name, new json::integer_number (col));
++ if (column_fields[i].unit == orig_unit)
++ the_column = col;
++ }
++ gcc_assert (the_column != INT_MIN);
++ result->set ("column", new json::integer_number (the_column));
++ context->column_unit = orig_unit;
+ return result;
+ }
+
+ /* Generate a JSON object for LOC_RANGE. */
+
+ static json::object *
+-json_from_location_range (const location_range *loc_range, unsigned range_idx)
++json_from_location_range (diagnostic_context *context,
++ const location_range *loc_range, unsigned range_idx)
+ {
+ location_t caret_loc = get_pure_location (loc_range->m_loc);
+
+@@ -68,13 +91,13 @@ json_from_location_range (const location
+ location_t finish_loc = get_finish (loc_range->m_loc);
+
+ json::object *result = new json::object ();
+- result->set ("caret", json_from_expanded_location (caret_loc));
++ result->set ("caret", json_from_expanded_location (context, caret_loc));
+ if (start_loc != caret_loc
+ && start_loc != UNKNOWN_LOCATION)
+- result->set ("start", json_from_expanded_location (start_loc));
++ result->set ("start", json_from_expanded_location (context, start_loc));
+ if (finish_loc != caret_loc
+ && finish_loc != UNKNOWN_LOCATION)
+- result->set ("finish", json_from_expanded_location (finish_loc));
++ result->set ("finish", json_from_expanded_location (context, finish_loc));
+
+ if (loc_range->m_label)
+ {
+@@ -91,14 +114,14 @@ json_from_location_range (const location
+ /* Generate a JSON object for HINT. */
+
+ static json::object *
+-json_from_fixit_hint (const fixit_hint *hint)
++json_from_fixit_hint (diagnostic_context *context, const fixit_hint *hint)
+ {
+ json::object *fixit_obj = new json::object ();
+
+ location_t start_loc = hint->get_start_loc ();
+- fixit_obj->set ("start", json_from_expanded_location (start_loc));
++ fixit_obj->set ("start", json_from_expanded_location (context, start_loc));
+ location_t next_loc = hint->get_next_loc ();
+- fixit_obj->set ("next", json_from_expanded_location (next_loc));
++ fixit_obj->set ("next", json_from_expanded_location (context, next_loc));
+ fixit_obj->set ("string", new json::string (hint->get_string ()));
+
+ return fixit_obj;
+@@ -190,11 +213,13 @@ json_end_diagnostic (diagnostic_context
+ else
+ {
+ /* Otherwise, make diag_obj be the top-level object within the group;
+- add a "children" array. */
++ add a "children" array and record the column origin. */
+ toplevel_array->append (diag_obj);
+ cur_group = diag_obj;
+ cur_children_array = new json::array ();
+ diag_obj->set ("children", cur_children_array);
++ diag_obj->set ("column-origin",
++ new json::integer_number (context->column_origin));
+ }
+
+ const rich_location *richloc = diagnostic->richloc;
+@@ -205,7 +230,7 @@ json_end_diagnostic (diagnostic_context
+ for (unsigned int i = 0; i < richloc->get_num_locations (); i++)
+ {
+ const location_range *loc_range = richloc->get_range (i);
+- json::object *loc_obj = json_from_location_range (loc_range, i);
++ json::object *loc_obj = json_from_location_range (context, loc_range, i);
+ if (loc_obj)
+ loc_array->append (loc_obj);
+ }
+@@ -217,7 +242,7 @@ json_end_diagnostic (diagnostic_context
+ for (unsigned int i = 0; i < richloc->get_num_fixit_hints (); i++)
+ {
+ const fixit_hint *hint = richloc->get_fixit_hint (i);
+- json::object *fixit_obj = json_from_fixit_hint (hint);
++ json::object *fixit_obj = json_from_fixit_hint (context, hint);
+ fixit_array->append (fixit_obj);
+ }
+ }
+@@ -320,7 +345,8 @@ namespace selftest {
+ static void
+ test_unknown_location ()
+ {
+- delete json_from_expanded_location (UNKNOWN_LOCATION);
++ test_diagnostic_context dc;
++ delete json_from_expanded_location (&dc, UNKNOWN_LOCATION);
+ }
+
+ /* Verify that we gracefully handle attempts to serialize bad
+@@ -338,7 +364,8 @@ test_bad_endpoints ()
+ loc_range.m_range_display_kind = SHOW_RANGE_WITH_CARET;
+ loc_range.m_label = NULL;
+
+- json::object *obj = json_from_location_range (&loc_range, 0);
++ test_diagnostic_context dc;
++ json::object *obj = json_from_location_range (&dc, &loc_range, 0);
+ /* We should have a "caret" value, but no "start" or "finish" values. */
+ ASSERT_TRUE (obj != NULL);
+ ASSERT_TRUE (obj->get ("caret") != NULL);
+diff --git a/gcc/diagnostic.h b/gcc/diagnostic.h
+--- a/gcc/diagnostic.h 2020-07-22 23:35:17.556386887 -0700
++++ b/gcc/diagnostic.h 2021-12-25 01:20:53.479636627 -0800
+@@ -24,6 +24,20 @@ along with GCC; see the file COPYING3.
+ #include "pretty-print.h"
+ #include "diagnostic-core.h"
+
++/* An enum for controlling what units to use for the column number
++ when diagnostics are output, used by the -fdiagnostics-column-unit option.
++ Tabs will be expanded or not according to the value of -ftabstop. The origin
++ (default 1) is controlled by -fdiagnostics-column-origin. */
++
++enum diagnostics_column_unit
++{
++ /* The default from GCC 11 onwards: display columns. */
++ DIAGNOSTICS_COLUMN_UNIT_DISPLAY,
++
++ /* The behavior in GCC 10 and earlier: simple bytes. */
++ DIAGNOSTICS_COLUMN_UNIT_BYTE
++};
++
+ /* Enum for overriding the standard output format. */
+
+ enum diagnostics_output_format
+@@ -280,6 +294,15 @@ struct diagnostic_context
+ rest of the diagnostic. */
+ bool parseable_fixits_p;
+
++ /* What units to use when outputting the column number. */
++ enum diagnostics_column_unit column_unit;
++
++ /* The origin for the column number (1-based or 0-based typically). */
++ int column_origin;
++
++ /* The size of the tabstop for tab expansion. */
++ int tabstop;
++
+ /* If non-NULL, an edit_context to which fix-it hints should be
+ applied, for generating patches. */
+ edit_context *edit_context_ptr;
+@@ -458,6 +481,8 @@ diagnostic_same_line (const diagnostic_c
+ }
+
+ extern const char *diagnostic_get_color_for_kind (diagnostic_t kind);
++extern int diagnostic_converted_column (diagnostic_context *context,
++ expanded_location s);
+
+ /* Pure text formatting support functions. */
+ extern char *file_name_as_prefix (diagnostic_context *, const char *);
+@@ -470,6 +495,7 @@ extern void diagnostic_output_format_ini
+ /* Compute the number of digits in the decimal representation of an integer. */
+ extern int num_digits (int);
+
+-extern json::value *json_from_expanded_location (location_t loc);
++extern json::value *json_from_expanded_location (diagnostic_context *context,
++ location_t loc);
+
+ #endif /* ! GCC_DIAGNOSTIC_H */
+diff --git a/gcc/diagnostic-show-locus.c b/gcc/diagnostic-show-locus.c
+--- a/gcc/diagnostic-show-locus.c 2020-07-22 23:35:17.556386887 -0700
++++ b/gcc/diagnostic-show-locus.c 2021-12-25 01:20:53.479636627 -0800
+@@ -175,9 +175,10 @@ enum column_unit {
+ class exploc_with_display_col : public expanded_location
+ {
+ public:
+- exploc_with_display_col (const expanded_location &exploc)
++ exploc_with_display_col (const expanded_location &exploc, int tabstop)
+ : expanded_location (exploc),
+- m_display_col (location_compute_display_column (exploc)) {}
++ m_display_col (location_compute_display_column (exploc, tabstop))
++ {}
+
+ int m_display_col;
+ };
+@@ -189,11 +190,11 @@ class exploc_with_display_col : public e
+ class layout_point
+ {
+ public:
+- layout_point (const expanded_location &exploc)
++ layout_point (const exploc_with_display_col &exploc)
+ : m_line (exploc.line)
+ {
+ m_columns[CU_BYTES] = exploc.column;
+- m_columns[CU_DISPLAY_COLS] = location_compute_display_column (exploc);
++ m_columns[CU_DISPLAY_COLS] = exploc.m_display_col;
+ }
+
+ linenum_type m_line;
+@@ -205,10 +206,10 @@ class layout_point
+ class layout_range
+ {
+ public:
+- layout_range (const expanded_location *start_exploc,
+- const expanded_location *finish_exploc,
++ layout_range (const exploc_with_display_col &start_exploc,
++ const exploc_with_display_col &finish_exploc,
+ enum range_display_kind range_display_kind,
+- const expanded_location *caret_exploc,
++ const exploc_with_display_col &caret_exploc,
+ unsigned original_idx,
+ const range_label *label);
+
+@@ -226,22 +227,18 @@ class layout_range
+
+ /* A struct for use by layout::print_source_line for telling
+ layout::print_annotation_line the extents of the source line that
+- it printed, so that underlines can be clipped appropriately. */
++ it printed, so that underlines can be clipped appropriately. Units
++ are 1-based display columns. */
+
+ struct line_bounds
+ {
+- int m_first_non_ws;
+- int m_last_non_ws;
++ int m_first_non_ws_disp_col;
++ int m_last_non_ws_disp_col;
+
+- void convert_to_display_cols (char_span line)
++ line_bounds ()
+ {
+- m_first_non_ws = cpp_byte_column_to_display_column (line.get_buffer (),
+- line.length (),
+- m_first_non_ws);
+-
+- m_last_non_ws = cpp_byte_column_to_display_column (line.get_buffer (),
+- line.length (),
+- m_last_non_ws);
++ m_first_non_ws_disp_col = INT_MAX;
++ m_last_non_ws_disp_col = 0;
+ }
+ };
+
+@@ -351,8 +348,8 @@ class layout
+ private:
+ bool will_show_line_p (linenum_type row) const;
+ void print_leading_fixits (linenum_type row);
+- void print_source_line (linenum_type row, const char *line, int line_bytes,
+- line_bounds *lbounds_out);
++ line_bounds print_source_line (linenum_type row, const char *line,
++ int line_bytes);
+ bool should_print_annotation_line_p (linenum_type row) const;
+ void start_annotation_line (char margin_char = ' ') const;
+ void print_annotation_line (linenum_type row, const line_bounds lbounds);
+@@ -513,16 +510,16 @@ colorizer::get_color_by_name (const char
+ Initialize various layout_point fields from expanded_location
+ equivalents; we've already filtered on file. */
+
+-layout_range::layout_range (const expanded_location *start_exploc,
+- const expanded_location *finish_exploc,
++layout_range::layout_range (const exploc_with_display_col &start_exploc,
++ const exploc_with_display_col &finish_exploc,
+ enum range_display_kind range_display_kind,
+- const expanded_location *caret_exploc,
++ const exploc_with_display_col &caret_exploc,
+ unsigned original_idx,
+ const range_label *label)
+-: m_start (*start_exploc),
+- m_finish (*finish_exploc),
++: m_start (start_exploc),
++ m_finish (finish_exploc),
+ m_range_display_kind (range_display_kind),
+- m_caret (*caret_exploc),
++ m_caret (caret_exploc),
+ m_original_idx (original_idx),
+ m_label (label)
+ {
+@@ -646,6 +643,9 @@ layout_range::intersects_line_p (linenum
+
+ #if CHECKING_P
+
++/* Default for when we don't care what the tab expansion is set to. */
++static const int def_tabstop = 8;
++
+ /* Create some expanded locations for testing layout_range. The filename
+ member of the explocs is set to the empty string. This member will only be
+ inspected by the calls to location_compute_display_column() made from the
+@@ -662,8 +662,11 @@ make_range (int start_line, int start_co
+ = {"", start_line, start_col, NULL, false};
+ const expanded_location finish_exploc
+ = {"", end_line, end_col, NULL, false};
+- return layout_range (&start_exploc, &finish_exploc, SHOW_RANGE_WITHOUT_CARET,
+- &start_exploc, 0, NULL);
++ return layout_range (exploc_with_display_col (start_exploc, def_tabstop),
++ exploc_with_display_col (finish_exploc, def_tabstop),
++ SHOW_RANGE_WITHOUT_CARET,
++ exploc_with_display_col (start_exploc, def_tabstop),
++ 0, NULL);
+ }
+
+ /* Selftests for layout_range::contains_point and
+@@ -964,7 +967,7 @@ layout::layout (diagnostic_context * con
+ : m_context (context),
+ m_pp (context->printer),
+ m_primary_loc (richloc->get_range (0)->m_loc),
+- m_exploc (richloc->get_expanded_location (0)),
++ m_exploc (richloc->get_expanded_location (0), context->tabstop),
+ m_colorizer (context, diagnostic_kind),
+ m_colorize_source_p (context->colorize_source_p),
+ m_show_labels_p (context->show_labels_p),
+@@ -1060,7 +1063,10 @@ layout::maybe_add_location_range (const
+
+ /* Everything is now known to be in the correct source file,
+ but it may require further sanitization. */
+- layout_range ri (&start, &finish, loc_range->m_range_display_kind, &caret,
++ layout_range ri (exploc_with_display_col (start, m_context->tabstop),
++ exploc_with_display_col (finish, m_context->tabstop),
++ loc_range->m_range_display_kind,
++ exploc_with_display_col (caret, m_context->tabstop),
+ original_idx, loc_range->m_label);
+
+ /* If we have a range that finishes before it starts (perhaps
+@@ -1394,7 +1400,7 @@ layout::calculate_x_offset_display ()
+ = get_line_bytes_without_trailing_whitespace (line.get_buffer (),
+ line.length ());
+ int eol_display_column
+- = cpp_display_width (line.get_buffer (), line_bytes);
++ = cpp_display_width (line.get_buffer (), line_bytes, m_context->tabstop);
+ if (caret_display_column > eol_display_column
+ || !caret_display_column)
+ {
+@@ -1445,16 +1451,13 @@ layout::calculate_x_offset_display ()
+ }
+
+ /* Print line ROW of source code, potentially colorized at any ranges, and
+- populate *LBOUNDS_OUT.
+- LINE is the source line (not necessarily 0-terminated) and LINE_BYTES
+- is its length in bytes.
+- This function deals only with byte offsets, not display columns, so
+- m_x_offset_display must be converted from display to byte units. In
+- particular, LINE_BYTES and LBOUNDS_OUT are in bytes. */
++ return the line bounds. LINE is the source line (not necessarily
++ 0-terminated) and LINE_BYTES is its length in bytes. In order to handle both
++ colorization and tab expansion, this function tracks the line position in
++ both byte and display column units. */
+
+-void
+-layout::print_source_line (linenum_type row, const char *line, int line_bytes,
+- line_bounds *lbounds_out)
++line_bounds
++layout::print_source_line (linenum_type row, const char *line, int line_bytes)
+ {
+ m_colorizer.set_normal_text ();
+
+@@ -1469,30 +1472,29 @@ layout::print_source_line (linenum_type
+ else
+ pp_space (m_pp);
+
+- /* We will stop printing the source line at any trailing whitespace, and start
+- printing it as per m_x_offset_display. */
++ /* We will stop printing the source line at any trailing whitespace. */
+ line_bytes = get_line_bytes_without_trailing_whitespace (line,
+ line_bytes);
+- int x_offset_bytes = 0;
+- if (m_x_offset_display)
+- {
+- x_offset_bytes = cpp_display_column_to_byte_column (line, line_bytes,
+- m_x_offset_display);
+- /* In case the leading portion of the line that will be skipped over ends
+- with a character with wcwidth > 1, then it is possible we skipped too
+- much, so account for that by padding with spaces. */
+- const int overage
+- = cpp_byte_column_to_display_column (line, line_bytes, x_offset_bytes)
+- - m_x_offset_display;
+- for (int column = 0; column < overage; ++column)
+- pp_space (m_pp);
+- line += x_offset_bytes;
+- }
+
+- /* Print the line. */
+- int first_non_ws = INT_MAX;
+- int last_non_ws = 0;
+- for (int col_byte = 1 + x_offset_bytes; col_byte <= line_bytes; col_byte++)
++ /* This object helps to keep track of which display column we are at, which is
++ necessary for computing the line bounds in display units, for doing
++ tab expansion, and for implementing m_x_offset_display. */
++ cpp_display_width_computation dw (line, line_bytes, m_context->tabstop);
++
++ /* Skip the first m_x_offset_display display columns. In case the leading
++ portion that will be skipped ends with a character with wcwidth > 1, then
++ it is possible we skipped too much, so account for that by padding with
++ spaces. Note that this does the right thing too in case a tab was the last
++ character to be skipped over; the tab is effectively replaced by the
++ correct number of trailing spaces needed to offset by the desired number of
++ display columns. */
++ for (int skipped_display_cols = dw.advance_display_cols (m_x_offset_display);
++ skipped_display_cols > m_x_offset_display; --skipped_display_cols)
++ pp_space (m_pp);
++
++ /* Print the line and compute the line_bounds. */
++ line_bounds lbounds;
++ while (!dw.done ())
+ {
+ /* Assuming colorization is enabled for the caret and underline
+ characters, we may also colorize the associated characters
+@@ -1510,7 +1512,8 @@ layout::print_source_line (linenum_type
+ {
+ bool in_range_p;
+ point_state state;
+- in_range_p = get_state_at_point (row, col_byte,
++ const int start_byte_col = dw.bytes_processed () + 1;
++ in_range_p = get_state_at_point (row, start_byte_col,
+ 0, INT_MAX,
+ CU_BYTES,
+ &state);
+@@ -1519,22 +1522,44 @@ layout::print_source_line (linenum_type
+ else
+ m_colorizer.set_normal_text ();
+ }
+- char c = *line;
+- if (c == '\0' || c == '\t' || c == '\r')
+- c = ' ';
+- if (c != ' ')
++
++ /* Get the display width of the next character to be output, expanding
++ tabs and replacing some control bytes with spaces as necessary. */
++ const char *c = dw.next_byte ();
++ const int start_disp_col = dw.display_cols_processed () + 1;
++ const int this_display_width = dw.process_next_codepoint ();
++ if (*c == '\t')
++ {
++ /* The returned display width is the number of spaces into which the
++ tab should be expanded. */
++ for (int i = 0; i != this_display_width; ++i)
++ pp_space (m_pp);
++ continue;
++ }
++ if (*c == '\0' || *c == '\r')
+ {
+- last_non_ws = col_byte;
+- if (first_non_ws == INT_MAX)
+- first_non_ws = col_byte;
++ /* cpp_wcwidth() promises to return 1 for all control bytes, and we
++ want to output these as a single space too, so this case is
++ actually the same as the '\t' case. */
++ gcc_assert (this_display_width == 1);
++ pp_space (m_pp);
++ continue;
+ }
+- pp_character (m_pp, c);
+- line++;
++
++ /* We have a (possibly multibyte) character to output; update the line
++ bounds if it is not whitespace. */
++ if (*c != ' ')
++ {
++ lbounds.m_last_non_ws_disp_col = dw.display_cols_processed ();
++ if (lbounds.m_first_non_ws_disp_col == INT_MAX)
++ lbounds.m_first_non_ws_disp_col = start_disp_col;
++ }
++
++ /* Output the character. */
++ while (c != dw.next_byte ()) pp_character (m_pp, *c++);
+ }
+ print_newline ();
+-
+- lbounds_out->m_first_non_ws = first_non_ws;
+- lbounds_out->m_last_non_ws = last_non_ws;
++ return lbounds;
+ }
+
+ /* Determine if we should print an annotation line for ROW.
+@@ -1576,14 +1601,13 @@ layout::start_annotation_line (char marg
+ }
+
+ /* Print a line consisting of the caret/underlines for the given
+- source line. This function works with display columns, rather than byte
+- counts; in particular, LBOUNDS should be in display column units. */
++ source line. */
+
+ void
+ layout::print_annotation_line (linenum_type row, const line_bounds lbounds)
+ {
+ int x_bound = get_x_bound_for_row (row, m_exploc.m_display_col,
+- lbounds.m_last_non_ws);
++ lbounds.m_last_non_ws_disp_col);
+
+ start_annotation_line ();
+ pp_space (m_pp);
+@@ -1593,8 +1617,8 @@ layout::print_annotation_line (linenum_t
+ bool in_range_p;
+ point_state state;
+ in_range_p = get_state_at_point (row, column,
+- lbounds.m_first_non_ws,
+- lbounds.m_last_non_ws,
++ lbounds.m_first_non_ws_disp_col,
++ lbounds.m_last_non_ws_disp_col,
+ CU_DISPLAY_COLS,
+ &state);
+ if (in_range_p)
+@@ -1631,12 +1655,14 @@ layout::print_annotation_line (linenum_t
+ class line_label
+ {
+ public:
+- line_label (int state_idx, int column, label_text text)
++ line_label (diagnostic_context *context, int state_idx, int column,
++ label_text text)
+ : m_state_idx (state_idx), m_column (column),
+ m_text (text), m_label_line (0), m_has_vbar (true)
+ {
+ const int bytes = strlen (text.m_buffer);
+- m_display_width = cpp_display_width (text.m_buffer, bytes);
++ m_display_width
++ = cpp_display_width (text.m_buffer, bytes, context->tabstop);
+ }
+
+ /* Sorting is primarily by column, then by state index. */
+@@ -1696,7 +1722,7 @@ layout::print_any_labels (linenum_type r
+ if (text.m_buffer == NULL)
+ continue;
+
+- labels.safe_push (line_label (i, disp_col, text));
++ labels.safe_push (line_label (m_context, i, disp_col, text));
+ }
+ }
+
+@@ -1976,7 +2002,8 @@ public:
+
+ /* Get the range of bytes or display columns that HINT would affect. */
+ static column_range
+-get_affected_range (const fixit_hint *hint, enum column_unit col_unit)
++get_affected_range (diagnostic_context *context,
++ const fixit_hint *hint, enum column_unit col_unit)
+ {
+ expanded_location exploc_start = expand_location (hint->get_start_loc ());
+ expanded_location exploc_finish = expand_location (hint->get_next_loc ());
+@@ -1986,11 +2013,13 @@ get_affected_range (const fixit_hint *hi
+ int finish_column;
+ if (col_unit == CU_DISPLAY_COLS)
+ {
+- start_column = location_compute_display_column (exploc_start);
++ start_column
++ = location_compute_display_column (exploc_start, context->tabstop);
+ if (hint->insertion_p ())
+ finish_column = start_column - 1;
+ else
+- finish_column = location_compute_display_column (exploc_finish);
++ finish_column
++ = location_compute_display_column (exploc_finish, context->tabstop);
+ }
+ else
+ {
+@@ -2003,12 +2032,12 @@ get_affected_range (const fixit_hint *hi
+ /* Get the range of display columns that would be printed for HINT. */
+
+ static column_range
+-get_printed_columns (const fixit_hint *hint)
++get_printed_columns (diagnostic_context *context, const fixit_hint *hint)
+ {
+ expanded_location exploc = expand_location (hint->get_start_loc ());
+- int start_column = location_compute_display_column (exploc);
+- int hint_width = cpp_display_width (hint->get_string (),
+- hint->get_length ());
++ int start_column = location_compute_display_column (exploc, context->tabstop);
++ int hint_width = cpp_display_width (hint->get_string (), hint->get_length (),
++ context->tabstop);
+ int final_hint_column = start_column + hint_width - 1;
+ if (hint->insertion_p ())
+ {
+@@ -2018,7 +2047,8 @@ get_printed_columns (const fixit_hint *h
+ {
+ exploc = expand_location (hint->get_next_loc ());
+ --exploc.column;
+- int finish_column = location_compute_display_column (exploc);
++ int finish_column
++ = location_compute_display_column (exploc, context->tabstop);
+ return column_range (start_column,
+ MAX (finish_column, final_hint_column));
+ }
+@@ -2035,12 +2065,14 @@ public:
+ correction (column_range affected_bytes,
+ column_range affected_columns,
+ column_range printed_columns,
+- const char *new_text, size_t new_text_len)
++ const char *new_text, size_t new_text_len,
++ int tabstop)
+ : m_affected_bytes (affected_bytes),
+ m_affected_columns (affected_columns),
+ m_printed_columns (printed_columns),
+ m_text (xstrdup (new_text)),
+ m_byte_length (new_text_len),
++ m_tabstop (tabstop),
+ m_alloc_sz (new_text_len + 1)
+ {
+ compute_display_cols ();
+@@ -2058,7 +2090,7 @@ public:
+
+ void compute_display_cols ()
+ {
+- m_display_cols = cpp_display_width (m_text, m_byte_length);
++ m_display_cols = cpp_display_width (m_text, m_byte_length, m_tabstop);
+ }
+
+ void overwrite (int dst_offset, const char_span &src_span)
+@@ -2086,6 +2118,7 @@ public:
+ char *m_text;
+ size_t m_byte_length; /* Not including null-terminator. */
+ int m_display_cols;
++ int m_tabstop;
+ size_t m_alloc_sz;
+ };
+
+@@ -2121,13 +2154,15 @@ correction::ensure_terminated ()
+ class line_corrections
+ {
+ public:
+- line_corrections (const char *filename, linenum_type row)
+- : m_filename (filename), m_row (row)
++ line_corrections (diagnostic_context *context, const char *filename,
++ linenum_type row)
++ : m_context (context), m_filename (filename), m_row (row)
+ {}
+ ~line_corrections ();
+
+ void add_hint (const fixit_hint *hint);
+
++ diagnostic_context *m_context;
+ const char *m_filename;
+ linenum_type m_row;
+ auto_vec <correction *> m_corrections;
+@@ -2173,9 +2208,10 @@ source_line::source_line (const char *fi
+ void
+ line_corrections::add_hint (const fixit_hint *hint)
+ {
+- column_range affected_bytes = get_affected_range (hint, CU_BYTES);
+- column_range affected_columns = get_affected_range (hint, CU_DISPLAY_COLS);
+- column_range printed_columns = get_printed_columns (hint);
++ column_range affected_bytes = get_affected_range (m_context, hint, CU_BYTES);
++ column_range affected_columns = get_affected_range (m_context, hint,
++ CU_DISPLAY_COLS);
++ column_range printed_columns = get_printed_columns (m_context, hint);
+
+ /* Potentially consolidate. */
+ if (!m_corrections.is_empty ())
+@@ -2243,7 +2279,8 @@ line_corrections::add_hint (const fixit_
+ affected_columns,
+ printed_columns,
+ hint->get_string (),
+- hint->get_length ()));
++ hint->get_length (),
++ m_context->tabstop));
+ }
+
+ /* If there are any fixit hints on source line ROW, print them.
+@@ -2257,7 +2294,7 @@ layout::print_trailing_fixits (linenum_t
+ {
+ /* Build a list of correction instances for the line,
+ potentially consolidating hints (for the sake of readability). */
+- line_corrections corrections (m_exploc.file, row);
++ line_corrections corrections (m_context, m_exploc.file, row);
+ for (unsigned int i = 0; i < m_fixit_hints.length (); i++)
+ {
+ const fixit_hint *hint = m_fixit_hints[i];
+@@ -2499,15 +2536,11 @@ layout::print_line (linenum_type row)
+ if (!line)
+ return;
+
+- line_bounds lbounds;
+ print_leading_fixits (row);
+- print_source_line (row, line.get_buffer (), line.length (), &lbounds);
++ const line_bounds lbounds
++ = print_source_line (row, line.get_buffer (), line.length ());
+ if (should_print_annotation_line_p (row))
+- {
+- if (lbounds.m_first_non_ws != INT_MAX)
+- lbounds.convert_to_display_cols (line);
+- print_annotation_line (row, lbounds);
+- }
++ print_annotation_line (row, lbounds);
+ if (m_show_labels_p)
+ print_any_labels (row);
+ print_trailing_fixits (row);
+@@ -2670,9 +2703,11 @@ test_layout_x_offset_display_utf8 (const
+
+ char_span lspan = location_get_source_line (tmp.get_filename (), 1);
+ ASSERT_EQ (line_display_cols,
+- cpp_display_width (lspan.get_buffer (), lspan.length ()));
++ cpp_display_width (lspan.get_buffer (), lspan.length (),
++ def_tabstop));
+ ASSERT_EQ (line_display_cols,
+- location_compute_display_column (expand_location (line_end)));
++ location_compute_display_column (expand_location (line_end),
++ def_tabstop));
+ ASSERT_EQ (0, memcmp (lspan.get_buffer () + (emoji_col - 1),
+ "\xf0\x9f\x98\x82\xf0\x9f\x98\x82", 8));
+
+@@ -2774,6 +2809,111 @@ test_layout_x_offset_display_utf8 (const
+
+ }
+
++static void
++test_layout_x_offset_display_tab (const line_table_case &case_)
++{
++ const char *content
++ = "This line is very long, so that we can use it to test the logic for "
++ "clipping long lines. Also this: `\t' is a tab that occupies 1 byte and "
++ "a variable number of display columns, starting at column #103.\n";
++
++ /* Number of bytes in the line, subtracting one to remove the newline. */
++ const int line_bytes = strlen (content) - 1;
++
++ /* The column where the tab begins. Byte or display is the same as there are
++ no multibyte characters earlier on the line. */
++ const int tab_col = 103;
++
++ /* Effective extra size of the tab beyond what a single space would have taken
++ up, indexed by tabstop. */
++ static const int num_tabstops = 11;
++ int extra_width[num_tabstops];
++ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop)
++ {
++ const int this_tab_size = tabstop - (tab_col - 1) % tabstop;
++ extra_width[tabstop] = this_tab_size - 1;
++ }
++ /* Example of this calculation: if tabstop is 10, the tab starting at column
++ #103 has to expand into 8 spaces, covering columns 103-110, so that the
++ next character is at column #111. So it takes up 7 more columns than
++ a space would have taken up. */
++ ASSERT_EQ (7, extra_width[10]);
++
++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content);
++ line_table_test ltt (case_);
++
++ linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 1);
++
++ location_t line_end = linemap_position_for_column (line_table, line_bytes);
++
++ /* Don't attempt to run the tests if column data might be unavailable. */
++ if (line_end > LINE_MAP_MAX_LOCATION_WITH_COLS)
++ return;
++
++ /* Check that cpp_display_width handles the tabs as expected. */
++ char_span lspan = location_get_source_line (tmp.get_filename (), 1);
++ ASSERT_EQ ('\t', *(lspan.get_buffer () + (tab_col - 1)));
++ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop)
++ {
++ ASSERT_EQ (line_bytes + extra_width[tabstop],
++ cpp_display_width (lspan.get_buffer (), lspan.length (),
++ tabstop));
++ ASSERT_EQ (line_bytes + extra_width[tabstop],
++ location_compute_display_column (expand_location (line_end),
++ tabstop));
++ }
++
++ /* Check that the tab is expanded to the expected number of spaces. */
++ rich_location richloc (line_table,
++ linemap_position_for_column (line_table,
++ tab_col + 1));
++ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop)
++ {
++ test_diagnostic_context dc;
++ dc.tabstop = tabstop;
++ layout test_layout (&dc, &richloc, DK_ERROR);
++ test_layout.print_line (1);
++ const char *out = pp_formatted_text (dc.printer);
++ ASSERT_EQ (NULL, strchr (out, '\t'));
++ const char *left_quote = strchr (out, '`');
++ const char *right_quote = strchr (out, '\'');
++ ASSERT_NE (NULL, left_quote);
++ ASSERT_NE (NULL, right_quote);
++ ASSERT_EQ (right_quote - left_quote, extra_width[tabstop] + 2);
++ }
++
++ /* Check that the line is offset properly and that the tab is broken up
++ into the expected number of spaces when it is the last character skipped
++ over. */
++ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop)
++ {
++ test_diagnostic_context dc;
++ dc.tabstop = tabstop;
++ static const int small_width = 24;
++ dc.caret_max_width = small_width - 4;
++ dc.min_margin_width = test_left_margin - test_linenum_sep + 1;
++ dc.show_line_numbers_p = true;
++ layout test_layout (&dc, &richloc, DK_ERROR);
++ test_layout.print_line (1);
++
++ /* We have arranged things so that two columns will be printed before
++ the caret. If the tab results in more than one space, this should
++ produce two spaces in the output; otherwise, it will be a single space
++ preceded by the opening quote before the tab character. */
++ const char *output1
++ = " 1 | ' is a tab that occupies 1 byte and a variable number of "
++ "display columns, starting at column #103.\n"
++ " | ^\n\n";
++ const char *output2
++ = " 1 | ` ' is a tab that occupies 1 byte and a variable number of "
++ "display columns, starting at column #103.\n"
++ " | ^\n\n";
++ const char *expected_output = (extra_width[tabstop] ? output1 : output2);
++ ASSERT_STREQ (expected_output, pp_formatted_text (dc.printer));
++ }
++}
++
++
+ /* Verify that diagnostic_show_locus works sanely on UNKNOWN_LOCATION. */
+
+ static void
+@@ -3854,6 +3994,27 @@ test_one_liner_labels_utf8 ()
+ }
+ }
+
++/* Make sure that colorization codes don't interrupt a multibyte
++ sequence, which would corrupt it. */
++static void
++test_one_liner_colorized_utf8 ()
++{
++ test_diagnostic_context dc;
++ dc.colorize_source_p = true;
++ diagnostic_color_init (&dc, DIAGNOSTICS_COLOR_YES);
++ const location_t pi = linemap_position_for_column (line_table, 12);
++ rich_location richloc (line_table, pi);
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++
++ /* In order to avoid having the test depend on exactly how the colorization
++ was effected, just confirm there are two pi characters in the output. */
++ const char *result = pp_formatted_text (dc.printer);
++ const char *null_term = result + strlen (result);
++ const char *first_pi = strstr (result, "\xcf\x80");
++ ASSERT_TRUE (first_pi && first_pi <= null_term - 2);
++ ASSERT_STR_CONTAINS (first_pi + 2, "\xcf\x80");
++}
++
+ /* Run the various one-liner tests. */
+
+ static void
+@@ -3884,8 +4045,10 @@ test_diagnostic_show_locus_one_liner_utf
+ ASSERT_EQ (31, LOCATION_COLUMN (line_end));
+
+ char_span lspan = location_get_source_line (tmp.get_filename (), 1);
+- ASSERT_EQ (25, cpp_display_width (lspan.get_buffer (), lspan.length ()));
+- ASSERT_EQ (25, location_compute_display_column (expand_location (line_end)));
++ ASSERT_EQ (25, cpp_display_width (lspan.get_buffer (), lspan.length (),
++ def_tabstop));
++ ASSERT_EQ (25, location_compute_display_column (expand_location (line_end),
++ def_tabstop));
+
+ test_one_liner_simple_caret_utf8 ();
+ test_one_liner_caret_and_range_utf8 ();
+@@ -3900,6 +4063,7 @@ test_diagnostic_show_locus_one_liner_utf
+ test_one_liner_many_fixits_1_utf8 ();
+ test_one_liner_many_fixits_2_utf8 ();
+ test_one_liner_labels_utf8 ();
++ test_one_liner_colorized_utf8 ();
+ }
+
+ /* Verify that gcc_rich_location::add_location_if_nearby works. */
+@@ -4272,25 +4436,28 @@ test_overlapped_fixit_printing (const li
+ /* Unit-test the line_corrections machinery. */
+ ASSERT_EQ (3, richloc.get_num_fixit_hints ());
+ const fixit_hint *hint_0 = richloc.get_fixit_hint (0);
+- ASSERT_EQ (column_range (12, 12), get_affected_range (hint_0, CU_BYTES));
+ ASSERT_EQ (column_range (12, 12),
+- get_affected_range (hint_0, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (12, 22), get_printed_columns (hint_0));
++ get_affected_range (&dc, hint_0, CU_BYTES));
++ ASSERT_EQ (column_range (12, 12),
++ get_affected_range (&dc, hint_0, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0));
+ const fixit_hint *hint_1 = richloc.get_fixit_hint (1);
+- ASSERT_EQ (column_range (18, 18), get_affected_range (hint_1, CU_BYTES));
+ ASSERT_EQ (column_range (18, 18),
+- get_affected_range (hint_1, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (18, 20), get_printed_columns (hint_1));
++ get_affected_range (&dc, hint_1, CU_BYTES));
++ ASSERT_EQ (column_range (18, 18),
++ get_affected_range (&dc, hint_1, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1));
+ const fixit_hint *hint_2 = richloc.get_fixit_hint (2);
+- ASSERT_EQ (column_range (29, 28), get_affected_range (hint_2, CU_BYTES));
+ ASSERT_EQ (column_range (29, 28),
+- get_affected_range (hint_2, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (29, 29), get_printed_columns (hint_2));
++ get_affected_range (&dc, hint_2, CU_BYTES));
++ ASSERT_EQ (column_range (29, 28),
++ get_affected_range (&dc, hint_2, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (29, 29), get_printed_columns (&dc, hint_2));
+
+ /* Add each hint in turn to a line_corrections instance,
+ and verify that they are consolidated into one correction instance
+ as expected. */
+- line_corrections lc (tmp.get_filename (), 1);
++ line_corrections lc (&dc, tmp.get_filename (), 1);
+
+ /* The first replace hint by itself. */
+ lc.add_hint (hint_0);
+@@ -4484,25 +4651,28 @@ test_overlapped_fixit_printing_utf8 (con
+ /* Unit-test the line_corrections machinery. */
+ ASSERT_EQ (3, richloc.get_num_fixit_hints ());
+ const fixit_hint *hint_0 = richloc.get_fixit_hint (0);
+- ASSERT_EQ (column_range (14, 14), get_affected_range (hint_0, CU_BYTES));
++ ASSERT_EQ (column_range (14, 14),
++ get_affected_range (&dc, hint_0, CU_BYTES));
+ ASSERT_EQ (column_range (12, 12),
+- get_affected_range (hint_0, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (12, 22), get_printed_columns (hint_0));
++ get_affected_range (&dc, hint_0, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0));
+ const fixit_hint *hint_1 = richloc.get_fixit_hint (1);
+- ASSERT_EQ (column_range (22, 22), get_affected_range (hint_1, CU_BYTES));
++ ASSERT_EQ (column_range (22, 22),
++ get_affected_range (&dc, hint_1, CU_BYTES));
+ ASSERT_EQ (column_range (18, 18),
+- get_affected_range (hint_1, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (18, 20), get_printed_columns (hint_1));
++ get_affected_range (&dc, hint_1, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1));
+ const fixit_hint *hint_2 = richloc.get_fixit_hint (2);
+- ASSERT_EQ (column_range (35, 34), get_affected_range (hint_2, CU_BYTES));
++ ASSERT_EQ (column_range (35, 34),
++ get_affected_range (&dc, hint_2, CU_BYTES));
+ ASSERT_EQ (column_range (30, 29),
+- get_affected_range (hint_2, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (30, 30), get_printed_columns (hint_2));
++ get_affected_range (&dc, hint_2, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (30, 30), get_printed_columns (&dc, hint_2));
+
+ /* Add each hint in turn to a line_corrections instance,
+ and verify that they are consolidated into one correction instance
+ as expected. */
+- line_corrections lc (tmp.get_filename (), 1);
++ line_corrections lc (&dc, tmp.get_filename (), 1);
+
+ /* The first replace hint by itself. */
+ lc.add_hint (hint_0);
+@@ -4689,6 +4859,8 @@ test_overlapped_fixit_printing_2 (const
+
+ /* Two insertions, in the wrong order. */
+ {
++ test_diagnostic_context dc;
++
+ rich_location richloc (line_table, col_20);
+ richloc.add_fixit_insert_before (col_23, "{");
+ richloc.add_fixit_insert_before (col_21, "}");
+@@ -4696,14 +4868,15 @@ test_overlapped_fixit_printing_2 (const
+ /* These fixits should be accepted; they can't be consolidated. */
+ ASSERT_EQ (2, richloc.get_num_fixit_hints ());
+ const fixit_hint *hint_0 = richloc.get_fixit_hint (0);
+- ASSERT_EQ (column_range (23, 22), get_affected_range (hint_0, CU_BYTES));
+- ASSERT_EQ (column_range (23, 23), get_printed_columns (hint_0));
++ ASSERT_EQ (column_range (23, 22),
++ get_affected_range (&dc, hint_0, CU_BYTES));
++ ASSERT_EQ (column_range (23, 23), get_printed_columns (&dc, hint_0));
+ const fixit_hint *hint_1 = richloc.get_fixit_hint (1);
+- ASSERT_EQ (column_range (21, 20), get_affected_range (hint_1, CU_BYTES));
+- ASSERT_EQ (column_range (21, 21), get_printed_columns (hint_1));
++ ASSERT_EQ (column_range (21, 20),
++ get_affected_range (&dc, hint_1, CU_BYTES));
++ ASSERT_EQ (column_range (21, 21), get_printed_columns (&dc, hint_1));
+
+ /* Verify that they're printed correctly. */
+- test_diagnostic_context dc;
+ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
+ ASSERT_STREQ (" int a5[][0][0] = { 1, 2 };\n"
+ " ^\n"
+@@ -4955,6 +5128,65 @@ test_fixit_deletion_affecting_newline (c
+ pp_formatted_text (dc.printer));
+ }
+
++static void
++test_tab_expansion (const line_table_case &case_)
++{
++ /* Create a tempfile and write some text to it. This example uses a tabstop
++ of 8, as the column numbers attempt to indicate:
++
++ .....................000.01111111111.22222333333 display
++ .....................123.90123456789.56789012345 columns */
++ const char *content = " \t This: `\t' is a tab.\n";
++ /* ....................000 00000011111 11111222222 byte
++ ....................123 45678901234 56789012345 columns */
++
++ const int tabstop = 8;
++ const int first_non_ws_byte_col = 7;
++ const int right_quote_byte_col = 15;
++ const int last_byte_col = 25;
++ ASSERT_EQ (35, cpp_display_width (content, last_byte_col, tabstop));
++
++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content);
++ line_table_test ltt (case_);
++ linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 1);
++
++ /* Don't attempt to run the tests if column data might be unavailable. */
++ location_t line_end = linemap_position_for_column (line_table, last_byte_col);
++ if (line_end > LINE_MAP_MAX_LOCATION_WITH_COLS)
++ return;
++
++ /* Check that the leading whitespace with mixed tabs and spaces is expanded
++ into 11 spaces. Recall that print_line() also puts one space before
++ everything too. */
++ {
++ test_diagnostic_context dc;
++ dc.tabstop = tabstop;
++ rich_location richloc (line_table,
++ linemap_position_for_column (line_table,
++ first_non_ws_byte_col));
++ layout test_layout (&dc, &richloc, DK_ERROR);
++ test_layout.print_line (1);
++ ASSERT_STREQ (" This: ` ' is a tab.\n"
++ " ^\n",
++ pp_formatted_text (dc.printer));
++ }
++
++ /* Confirm the display width was tracked correctly across the internal tab
++ as well. */
++ {
++ test_diagnostic_context dc;
++ dc.tabstop = tabstop;
++ rich_location richloc (line_table,
++ linemap_position_for_column (line_table,
++ right_quote_byte_col));
++ layout test_layout (&dc, &richloc, DK_ERROR);
++ test_layout.print_line (1);
++ ASSERT_STREQ (" This: ` ' is a tab.\n"
++ " ^\n",
++ pp_formatted_text (dc.printer));
++ }
++}
++
+ /* Verify that line numbers are correctly printed for the case of
+ a multiline range in which the width of the line numbers changes
+ (e.g. from "9" to "10"). */
+@@ -5012,6 +5244,7 @@ diagnostic_show_locus_c_tests ()
+ test_layout_range_for_multiple_lines ();
+
+ for_each_line_table_case (test_layout_x_offset_display_utf8);
++ for_each_line_table_case (test_layout_x_offset_display_tab);
+
+ test_get_line_bytes_without_trailing_whitespace ();
+
+@@ -5029,6 +5262,7 @@ diagnostic_show_locus_c_tests ()
+ for_each_line_table_case (test_fixit_insert_containing_newline_2);
+ for_each_line_table_case (test_fixit_replace_containing_newline);
+ for_each_line_table_case (test_fixit_deletion_affecting_newline);
++ for_each_line_table_case (test_tab_expansion);
+
+ test_line_numbers_multiline_range ();
+ }
+diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
+--- a/gcc/doc/invoke.texi 2021-12-24 20:23:46.876739587 -0800
++++ b/gcc/doc/invoke.texi 2021-12-25 01:20:53.487636494 -0800
+@@ -293,7 +293,9 @@ Objective-C and Objective-C++ Dialects}.
+ -fdiagnostics-show-template-tree -fno-elide-type @gol
+ -fdiagnostics-path-format=@r{[}none@r{|}separate-events@r{|}inline-events@r{]} @gol
+ -fdiagnostics-show-path-depths @gol
+--fno-show-column}
++-fno-show-column @gol
++-fdiagnostics-column-unit=@r{[}display@r{|}byte@r{]} @gol
++-fdiagnostics-column-origin=@var{origin}}
+
+ @item Warning Options
+ @xref{Warning Options,,Options to Request or Suppress Warnings}.
+@@ -4424,6 +4426,31 @@ Do not print column numbers in diagnosti
+ diagnostics are being scanned by a program that does not understand the
+ column numbers, such as @command{dejagnu}.
+
++@item -fdiagnostics-column-unit=@var{UNIT}
++@opindex fdiagnostics-column-unit
++Select the units for the column number. This affects traditional diagnostics
++(in the absence of @option{-fno-show-column}), as well as JSON format
++diagnostics if requested.
++
++The default @var{UNIT}, @samp{display}, considers the number of display
++columns occupied by each character. This may be larger than the number
++of bytes required to encode the character, in the case of tab
++characters, or it may be smaller, in the case of multibyte characters.
++For example, the character ``GREEK SMALL LETTER PI (U+03C0)'' occupies one
++display column, and its UTF-8 encoding requires two bytes; the character
++``SLIGHTLY SMILING FACE (U+1F642)'' occupies two display columns, and
++its UTF-8 encoding requires four bytes.
++
++Setting @var{UNIT} to @samp{byte} changes the column number to the raw byte
++count in all cases, as was traditionally output by GCC prior to version 11.1.0.
++
++@item -fdiagnostics-column-origin=@var{ORIGIN}
++@opindex fdiagnostics-column-origin
++Select the origin for column numbers, i.e. the column number assigned to the
++first column. The default value of 1 corresponds to traditional GCC
++behavior and to the GNU style guide. Some utilities may perform better with an
++origin of 0; any non-negative value may be specified.
++
+ @item -fdiagnostics-format=@var{FORMAT}
+ @opindex fdiagnostics-format
+ Select a different format for printing diagnostics.
+@@ -4459,11 +4486,15 @@ might be printed in JSON form (after for
+ "locations": [
+ @{
+ "caret": @{
++ "display-column": 3,
++ "byte-column": 3,
+ "column": 3,
+ "file": "misleading-indentation.c",
+ "line": 15
+ @},
+ "finish": @{
++ "display-column": 4,
++ "byte-column": 4,
+ "column": 4,
+ "file": "misleading-indentation.c",
+ "line": 15
+@@ -4479,6 +4510,8 @@ might be printed in JSON form (after for
+ "locations": [
+ @{
+ "caret": @{
++ "display-column": 5,
++ "byte-column": 5,
+ "column": 5,
+ "file": "misleading-indentation.c",
+ "line": 17
+@@ -4488,6 +4521,7 @@ might be printed in JSON form (after for
+ "message": "...this statement, but the latter is @dots{}"
+ @}
+ ]
++ "column-origin": 1,
+ @},
+ @dots{}
+ ]
+@@ -4500,10 +4534,34 @@ A diagnostic has a @code{kind}. If this
+ an @code{option} key describing the command-line option controlling the
+ warning.
+
+-A diagnostic can contain zero or more locations. Each location has up
+-to three positions within it: a @code{caret} position and optional
+-@code{start} and @code{finish} positions. A location can also have
+-an optional @code{label} string. For example, this error:
++A diagnostic can contain zero or more locations. Each location has an
++optional @code{label} string and up to three positions within it: a
++@code{caret} position and optional @code{start} and @code{finish} positions.
++A position is described by a @code{file} name, a @code{line} number, and
++three numbers indicating a column position:
++@itemize @bullet
++
++@item
++@code{display-column} counts display columns, accounting for tabs and
++multibyte characters.
++
++@item
++@code{byte-column} counts raw bytes.
++
++@item
++@code{column} is equal to one of
++the previous two, as dictated by the @option{-fdiagnostics-column-unit}
++option.
++
++@end itemize
++All three columns are relative to the origin specified by
++@option{-fdiagnostics-column-origin}, which is typically equal to 1 but may
++be set, for instance, to 0 for compatibility with other utilities that
++number columns from 0. The column origin is recorded in the JSON output in
++the @code{column-origin} tag. In the remaining examples below, the extra
++column number outputs have been omitted for brevity.
++
++For example, this error:
+
+ @smallexample
+ bad-binary-ops.c:64:23: error: invalid operands to binary + (have 'S' @{aka
+diff --git a/gcc/input.c b/gcc/input.c
+--- a/gcc/input.c 2020-07-22 23:35:17.664388078 -0700
++++ b/gcc/input.c 2021-12-25 01:20:53.487636494 -0800
+@@ -913,7 +913,7 @@ make_location (location_t caret, source_
+ source line in order to calculate the display width. If that cannot be done
+ for any reason, then returns the byte column as a fallback. */
+ int
+-location_compute_display_column (expanded_location exploc)
++location_compute_display_column (expanded_location exploc, int tabstop)
+ {
+ if (!(exploc.file && *exploc.file && exploc.line && exploc.column))
+ return exploc.column;
+@@ -921,7 +921,7 @@ location_compute_display_column (expande
+ /* If line is NULL, this function returns exploc.column which is the
+ desired fallback. */
+ return cpp_byte_column_to_display_column (line.get_buffer (), line.length (),
+- exploc.column);
++ exploc.column, tabstop);
+ }
+
+ /* Dump statistics to stderr about the memory usage of the line_table
+@@ -3608,33 +3608,46 @@ test_line_offset_overflow ()
+
+ void test_cpp_utf8 ()
+ {
++ const int def_tabstop = 8;
+ /* Verify that wcwidth of invalid UTF-8 or control bytes is 1. */
+ {
+- int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8);
++ int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8, def_tabstop);
+ ASSERT_EQ (8, w_bad);
+- int w_ctrl = cpp_display_width ("\r\t\n\v\0\1", 6);
+- ASSERT_EQ (6, w_ctrl);
++ int w_ctrl = cpp_display_width ("\r\n\v\0\1", 5, def_tabstop);
++ ASSERT_EQ (5, w_ctrl);
+ }
+
+ /* Verify that wcwidth of valid UTF-8 is as expected. */
+ {
+- const int w_pi = cpp_display_width ("\xcf\x80", 2);
++ const int w_pi = cpp_display_width ("\xcf\x80", 2, def_tabstop);
+ ASSERT_EQ (1, w_pi);
+- const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4);
++ const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4, def_tabstop);
+ ASSERT_EQ (2, w_emoji);
+- const int w_umlaut_precomposed = cpp_display_width ("\xc3\xbf", 2);
++ const int w_umlaut_precomposed = cpp_display_width ("\xc3\xbf", 2,
++ def_tabstop);
+ ASSERT_EQ (1, w_umlaut_precomposed);
+- const int w_umlaut_combining = cpp_display_width ("y\xcc\x88", 3);
++ const int w_umlaut_combining = cpp_display_width ("y\xcc\x88", 3,
++ def_tabstop);
+ ASSERT_EQ (1, w_umlaut_combining);
+- const int w_han = cpp_display_width ("\xe4\xb8\xba", 3);
++ const int w_han = cpp_display_width ("\xe4\xb8\xba", 3, def_tabstop);
+ ASSERT_EQ (2, w_han);
+- const int w_ascii = cpp_display_width ("GCC", 3);
++ const int w_ascii = cpp_display_width ("GCC", 3, def_tabstop);
+ ASSERT_EQ (3, w_ascii);
+ const int w_mixed = cpp_display_width ("\xcf\x80 = 3.14 \xf0\x9f\x98\x82"
+- "\x9f! \xe4\xb8\xba y\xcc\x88", 24);
++ "\x9f! \xe4\xb8\xba y\xcc\x88",
++ 24, def_tabstop);
+ ASSERT_EQ (18, w_mixed);
+ }
+
++ /* Verify that display width properly expands tabs. */
++ {
++ const char *tstr = "\tabc\td";
++ ASSERT_EQ (6, cpp_display_width (tstr, 6, 1));
++ ASSERT_EQ (10, cpp_display_width (tstr, 6, 3));
++ ASSERT_EQ (17, cpp_display_width (tstr, 6, 8));
++ ASSERT_EQ (1, cpp_display_column_to_byte_column (tstr, 6, 7, 8));
++ }
++
+ /* Verify that cpp_byte_column_to_display_column can go past the end,
+ and similar edge cases. */
+ {
+@@ -3645,10 +3658,13 @@ void test_cpp_utf8 ()
+ /* 111122223456
+ Byte columns. */
+
+- ASSERT_EQ (5, cpp_display_width (str, 6));
+- ASSERT_EQ (105, cpp_byte_column_to_display_column (str, 6, 106));
+- ASSERT_EQ (10000, cpp_byte_column_to_display_column (NULL, 0, 10000));
+- ASSERT_EQ (0, cpp_byte_column_to_display_column (NULL, 10000, 0));
++ ASSERT_EQ (5, cpp_display_width (str, 6, def_tabstop));
++ ASSERT_EQ (105,
++ cpp_byte_column_to_display_column (str, 6, 106, def_tabstop));
++ ASSERT_EQ (10000,
++ cpp_byte_column_to_display_column (NULL, 0, 10000, def_tabstop));
++ ASSERT_EQ (0,
++ cpp_byte_column_to_display_column (NULL, 10000, 0, def_tabstop));
+ }
+
+ /* Verify that cpp_display_column_to_byte_column can go past the end,
+@@ -3662,21 +3678,25 @@ void test_cpp_utf8 ()
+ /* 000000000000000000000000000000000111111
+ 111122223333444456666777788889999012345
+ Byte columns. */
+- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2));
+- ASSERT_EQ (15, cpp_display_column_to_byte_column (str, 15, 11));
+- ASSERT_EQ (115, cpp_display_column_to_byte_column (str, 15, 111));
+- ASSERT_EQ (10000, cpp_display_column_to_byte_column (NULL, 0, 10000));
+- ASSERT_EQ (0, cpp_display_column_to_byte_column (NULL, 10000, 0));
++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2, def_tabstop));
++ ASSERT_EQ (15,
++ cpp_display_column_to_byte_column (str, 15, 11, def_tabstop));
++ ASSERT_EQ (115,
++ cpp_display_column_to_byte_column (str, 15, 111, def_tabstop));
++ ASSERT_EQ (10000,
++ cpp_display_column_to_byte_column (NULL, 0, 10000, def_tabstop));
++ ASSERT_EQ (0,
++ cpp_display_column_to_byte_column (NULL, 10000, 0, def_tabstop));
+
+ /* Verify that we do not interrupt a UTF-8 sequence. */
+- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1));
++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1, def_tabstop));
+
+ for (int byte_col = 1; byte_col <= 15; ++byte_col)
+ {
+- const int disp_col = cpp_byte_column_to_display_column (str, 15,
+- byte_col);
+- const int byte_col2 = cpp_display_column_to_byte_column (str, 15,
+- disp_col);
++ const int disp_col
++ = cpp_byte_column_to_display_column (str, 15, byte_col, def_tabstop);
++ const int byte_col2
++ = cpp_display_column_to_byte_column (str, 15, disp_col, def_tabstop);
+
+ /* If we ask for the display column in the middle of a UTF-8
+ sequence, it will return the length of the partial sequence,
+diff --git a/gcc/input.h b/gcc/input.h
+--- a/gcc/input.h 2020-07-22 23:35:17.664388078 -0700
++++ b/gcc/input.h 2021-12-25 01:20:53.487636494 -0800
+@@ -38,7 +38,9 @@ STATIC_ASSERT (BUILTINS_LOCATION < RESER
+
+ extern bool is_location_from_builtin_token (location_t);
+ extern expanded_location expand_location (location_t);
+-extern int location_compute_display_column (expanded_location);
++
++extern int location_compute_display_column (expanded_location exploc,
++ int tabstop);
+
+ /* A class capturing the bounds of a buffer, to allow for run-time
+ bounds-checking in a checked build. */
+diff --git a/gcc/opts.c b/gcc/opts.c
+--- a/gcc/opts.c 2020-07-22 23:35:17.708388562 -0700
++++ b/gcc/opts.c 2021-12-25 01:20:53.487636494 -0800
+@@ -2439,6 +2439,14 @@ common_handle_option (struct gcc_options
+ dc->parseable_fixits_p = value;
+ break;
+
++ case OPT_fdiagnostics_column_unit_:
++ dc->column_unit = (enum diagnostics_column_unit)value;
++ break;
++
++ case OPT_fdiagnostics_column_origin_:
++ dc->column_origin = value;
++ break;
++
+ case OPT_fdiagnostics_show_cwe:
+ dc->show_cwe = value;
+ break;
+@@ -2825,6 +2833,12 @@ common_handle_option (struct gcc_options
+ check_alignment_argument (loc, arg, "functions");
+ break;
+
++ case OPT_ftabstop_:
++ /* It is documented that we silently ignore silly values. */
++ if (value >= 1 && value <= 100)
++ dc->tabstop = value;
++ break;
++
+ default:
+ /* If the flag was handled in a standard way, assume the lack of
+ processing here is intentional. */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2020-07-22 23:35:17.908390765 -0700
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2021-12-25 01:20:53.487636494 -0800
+@@ -8,17 +8,22 @@
+ We can't rely on any ordering of the keys. */
+
+ /* { dg-regexp "\"kind\": \"error\"" } */
++/* { dg-regexp "\"column-origin\": 1" } */
+ /* { dg-regexp "\"message\": \"#error message\"" } */
+
+ /* { dg-regexp "\"caret\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-1.c\"" } */
+ /* { dg-regexp "\"line\": 4" } */
+ /* { dg-regexp "\"column\": 2" } */
++/* { dg-regexp "\"display-column\": 2" } */
++/* { dg-regexp "\"byte-column\": 2" } */
+
+ /* { dg-regexp "\"finish\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-1.c\"" } */
+ /* { dg-regexp "\"line\": 4" } */
+ /* { dg-regexp "\"column\": 6" } */
++/* { dg-regexp "\"display-column\": 6" } */
++/* { dg-regexp "\"byte-column\": 6" } */
+
+ /* { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } */
+ /* { dg-regexp "\"children\": \[\[\]\[\]\]" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2020-07-22 23:35:17.908390765 -0700
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2021-12-25 01:20:53.487636494 -0800
+@@ -8,6 +8,7 @@
+ We can't rely on any ordering of the keys. */
+
+ /* { dg-regexp "\"kind\": \"warning\"" } */
++/* { dg-regexp "\"column-origin\": 1" } */
+ /* { dg-regexp "\"message\": \"#warning message\"" } */
+ /* { dg-regexp "\"option\": \"-Wcpp\"" } */
+ /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */
+@@ -16,11 +17,15 @@
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-2.c\"" } */
+ /* { dg-regexp "\"line\": 4" } */
+ /* { dg-regexp "\"column\": 2" } */
++/* { dg-regexp "\"display-column\": 2" } */
++/* { dg-regexp "\"byte-column\": 2" } */
+
+ /* { dg-regexp "\"finish\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-2.c\"" } */
+ /* { dg-regexp "\"line\": 4" } */
+ /* { dg-regexp "\"column\": 8" } */
++/* { dg-regexp "\"display-column\": 8" } */
++/* { dg-regexp "\"byte-column\": 8" } */
+
+ /* { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } */
+ /* { dg-regexp "\"children\": \[\[\]\[\]\]" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2020-07-22 23:35:17.908390765 -0700
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2021-12-25 01:20:53.487636494 -0800
+@@ -8,6 +8,7 @@
+ We can't rely on any ordering of the keys. */
+
+ /* { dg-regexp "\"kind\": \"error\"" } */
++/* { dg-regexp "\"column-origin\": 1" } */
+ /* { dg-regexp "\"message\": \"#warning message\"" } */
+ /* { dg-regexp "\"option\": \"-Werror=cpp\"" } */
+ /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */
+@@ -16,11 +17,15 @@
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-3.c\"" } */
+ /* { dg-regexp "\"line\": 4" } */
+ /* { dg-regexp "\"column\": 2" } */
++/* { dg-regexp "\"display-column\": 2" } */
++/* { dg-regexp "\"byte-column\": 2" } */
+
+ /* { dg-regexp "\"finish\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-3.c\"" } */
+ /* { dg-regexp "\"line\": 4" } */
+ /* { dg-regexp "\"column\": 8" } */
++/* { dg-regexp "\"display-column\": 8" } */
++/* { dg-regexp "\"byte-column\": 8" } */
+
+ /* { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } */
+ /* { dg-regexp "\"children\": \[\[\]\[\]\]" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2020-07-22 23:35:17.908390765 -0700
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2021-12-25 01:20:53.487636494 -0800
+@@ -24,15 +24,20 @@ int test (void)
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */
+ /* { dg-regexp "\"line\": 8" } */
+ /* { dg-regexp "\"column\": 5" } */
++/* { dg-regexp "\"display-column\": 5" } */
++/* { dg-regexp "\"byte-column\": 5" } */
+
+ /* { dg-regexp "\"finish\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */
+ /* { dg-regexp "\"line\": 8" } */
+ /* { dg-regexp "\"column\": 10" } */
++/* { dg-regexp "\"display-column\": 10" } */
++/* { dg-regexp "\"byte-column\": 10" } */
+
+ /* The outer diagnostic. */
+
+ /* { dg-regexp "\"kind\": \"warning\"" } */
++/* { dg-regexp "\"column-origin\": 1" } */
+ /* { dg-regexp "\"message\": \"this 'if' clause does not guard...\"" } */
+ /* { dg-regexp "\"option\": \"-Wmisleading-indentation\"" } */
+ /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wmisleading-indentation\"" } */
+@@ -41,11 +46,15 @@ int test (void)
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */
+ /* { dg-regexp "\"line\": 6" } */
+ /* { dg-regexp "\"column\": 3" } */
++/* { dg-regexp "\"display-column\": 3" } */
++/* { dg-regexp "\"byte-column\": 3" } */
+
+ /* { dg-regexp "\"finish\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */
+ /* { dg-regexp "\"line\": 6" } */
+ /* { dg-regexp "\"column\": 4" } */
++/* { dg-regexp "\"display-column\": 4" } */
++/* { dg-regexp "\"byte-column\": 4" } */
+
+ /* More from the nested diagnostic (we can't guarantee what order the
+ "file" keys are consumed). */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2020-07-22 23:35:17.908390765 -0700
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2021-12-25 01:20:53.487636494 -0800
+@@ -13,6 +13,7 @@ int test (struct s *ptr)
+ We can't rely on any ordering of the keys. */
+
+ /* { dg-regexp "\"kind\": \"error\"" } */
++/* { dg-regexp "\"column-origin\": 1" } */
+ /* { dg-regexp "\"message\": \".*\"" } */
+
+ /* Verify fix-it hints. */
+@@ -23,11 +24,15 @@ int test (struct s *ptr)
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-5.c\"" } */
+ /* { dg-regexp "\"line\": 8" } */
+ /* { dg-regexp "\"column\": 15" } */
++/* { dg-regexp "\"display-column\": 15" } */
++/* { dg-regexp "\"byte-column\": 15" } */
+
+ /* { dg-regexp "\"next\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-5.c\"" } */
+ /* { dg-regexp "\"line\": 8" } */
+ /* { dg-regexp "\"column\": 21" } */
++/* { dg-regexp "\"display-column\": 21" } */
++/* { dg-regexp "\"byte-column\": 21" } */
+
+ /* { dg-regexp "\"fixits\": \[\[\{\}, \]*\]" } */
+
+@@ -35,11 +40,15 @@ int test (struct s *ptr)
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-5.c\"" } */
+ /* { dg-regexp "\"line\": 8" } */
+ /* { dg-regexp "\"column\": 15" } */
++/* { dg-regexp "\"display-column\": 15" } */
++/* { dg-regexp "\"byte-column\": 15" } */
+
+ /* { dg-regexp "\"finish\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-5.c\"" } */
+ /* { dg-regexp "\"line\": 8" } */
+ /* { dg-regexp "\"column\": 20" } */
++/* { dg-regexp "\"display-column\": 20" } */
++/* { dg-regexp "\"byte-column\": 20" } */
+
+ /* { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } */
+ /* { dg-regexp "\"children\": \[\[\]\[\]\]" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-1.c b/gcc/testsuite/c-c++-common/diagnostic-units-1.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-units-1.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-units-1.c 2021-12-25 01:20:53.487636494 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -Wmultichar" } */
++
++/* column units: bytes (via arg)
++ column origin: 1 (via default)
++ tabstop: 8 (via default) */
++
++/* This line starts with a tab. */
++ int c1 = 'c1'; /* { dg-warning "11: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c1 = 'c1';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces. */
++ int c2 = 'c2'; /* { dg-warning "18: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c2 = 'c2';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces and has an internal tab after
++ a space. */
++ int c3 = 'c3'; /* { dg-warning "19: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c3 = 'c3';
++ ^~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-2.c b/gcc/testsuite/c-c++-common/diagnostic-units-2.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-units-2.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-units-2.c 2021-12-25 01:20:53.487636494 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-additional-options "-fdiagnostics-column-unit=display -fshow-column -fdiagnostics-show-caret -Wmultichar" } */
++
++/* column units: display (via arg)
++ column origin: 1 (via default)
++ tabstop: 8 (via default) */
++
++/* This line starts with a tab. */
++ int c1 = 'c1'; /* { dg-warning "18: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c1 = 'c1';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces. */
++ int c2 = 'c2'; /* { dg-warning "18: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c2 = 'c2';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces and has an internal tab after
++ a space. */
++ int c3 = 'c3'; /* { dg-warning "25: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c3 = 'c3';
++ ^~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-3.c b/gcc/testsuite/c-c++-common/diagnostic-units-3.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-units-3.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-units-3.c 2021-12-25 01:20:53.487636494 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -ftabstop=200 -Wmultichar" } */
++
++/* column units: bytes (via arg)
++ column origin: 1 (via fallback from overly large argument)
++ tabstop: 8 (via default) */
++
++/* This line starts with a tab. */
++ int c1 = 'c1'; /* { dg-warning "11: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c1 = 'c1';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces. */
++ int c2 = 'c2'; /* { dg-warning "18: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c2 = 'c2';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces and has an internal tab after
++ a space. */
++ int c3 = 'c3'; /* { dg-warning "19: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c3 = 'c3';
++ ^~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-4.c b/gcc/testsuite/c-c++-common/diagnostic-units-4.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-units-4.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-units-4.c 2021-12-25 01:20:53.487636494 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -fdiagnostics-column-origin=0 -Wmultichar" } */
++
++/* column units: bytes (via arg)
++ column origin: 0 (via arg)
++ tabstop: 8 (via default) */
++
++/* This line starts with a tab. */
++ int c1 = 'c1'; /* { dg-warning "10: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c1 = 'c1';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces. */
++ int c2 = 'c2'; /* { dg-warning "17: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c2 = 'c2';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces and has an internal tab after
++ a space. */
++ int c3 = 'c3'; /* { dg-warning "18: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c3 = 'c3';
++ ^~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-5.c b/gcc/testsuite/c-c++-common/diagnostic-units-5.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-units-5.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-units-5.c 2021-12-25 01:20:53.491636427 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-additional-options "-fdiagnostics-column-unit=display -fshow-column -fdiagnostics-show-caret -fdiagnostics-column-origin=0 -Wmultichar" } */
++
++/* column units: display (via arg)
++ column origin: 0 (via arg)
++ tabstop: 8 (via default) */
++
++/* This line starts with a tab. */
++ int c1 = 'c1'; /* { dg-warning "17: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c1 = 'c1';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces. */
++ int c2 = 'c2'; /* { dg-warning "17: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c2 = 'c2';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces and has an internal tab after
++ a space. */
++ int c3 = 'c3'; /* { dg-warning "24: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c3 = 'c3';
++ ^~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-6.c b/gcc/testsuite/c-c++-common/diagnostic-units-6.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-units-6.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-units-6.c 2021-12-25 01:20:53.491636427 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -fdiagnostics-column-origin=100 -Wmultichar" } */
++
++/* column units: bytes (via arg)
++ column origin: 100 (via arg)
++ tabstop: 8 (via default) */
++
++/* This line starts with a tab. */
++ int c1 = 'c1'; /* { dg-warning "110: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c1 = 'c1';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces. */
++ int c2 = 'c2'; /* { dg-warning "117: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c2 = 'c2';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces and has an internal tab after
++ a space. */
++ int c3 = 'c3'; /* { dg-warning "118: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c3 = 'c3';
++ ^~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-7.c b/gcc/testsuite/c-c++-common/diagnostic-units-7.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-units-7.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-units-7.c 2021-12-25 01:20:53.491636427 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -ftabstop=9 -Wmultichar" } */
++
++/* column units: bytes (via arg)
++ column origin: 1 (via default)
++ tabstop: 9 (via arg) */
++
++/* This line starts with a tab. */
++ int c1 = 'c1'; /* { dg-warning "11: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c1 = 'c1';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces. */
++ int c2 = 'c2'; /* { dg-warning "19: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c2 = 'c2';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces and has an internal tab after
++ a space. */
++ int c3 = 'c3'; /* { dg-warning "20: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c3 = 'c3';
++ ^~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-8.c b/gcc/testsuite/c-c++-common/diagnostic-units-8.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-units-8.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-units-8.c 2021-12-25 01:20:53.491636427 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-additional-options "-fshow-column -fdiagnostics-show-caret -ftabstop=9 -Wmultichar" } */
++
++/* column units: display (via default)
++ column origin: 1 (via default)
++ tabstop: 9 (via arg) */
++
++/* This line starts with a tab. */
++ int c1 = 'c1'; /* { dg-warning "19: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c1 = 'c1';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces. */
++ int c2 = 'c2'; /* { dg-warning "19: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c2 = 'c2';
++ ^~~~
++ { dg-end-multiline-output "" } */
++
++/* This line starts with <tabstop> spaces and has an internal tab after
++ a space. */
++ int c3 = 'c3'; /* { dg-warning "28: multi-character character constant" } */
++/* { dg-begin-multiline-output "" }
++ int c3 = 'c3';
++ ^~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/c-c++-common/missing-close-symbol.c b/gcc/testsuite/c-c++-common/missing-close-symbol.c
+--- a/gcc/testsuite/c-c++-common/missing-close-symbol.c 2020-07-22 23:35:17.912390810 -0700
++++ b/gcc/testsuite/c-c++-common/missing-close-symbol.c 2021-12-25 01:20:53.491636427 -0800
+@@ -24,9 +24,9 @@ void test_static_assert_different_line (
+ _Static_assert(sizeof(int) >= sizeof(char), /* { dg-message "to match this '\\('" } */
+ "msg"; /* { dg-error "expected '\\)' before ';' token" } */
+ /* { dg-begin-multiline-output "" }
+- "msg";
+- ^
+- )
++ "msg";
++ ^
++ )
+ { dg-end-multiline-output "" } */
+ /* { dg-begin-multiline-output "" }
+ _Static_assert(sizeof(int) >= sizeof(char),
+diff --git a/gcc/testsuite/c-c++-common/Wmisleading-indentation-3.c b/gcc/testsuite/c-c++-common/Wmisleading-indentation-3.c
+--- a/gcc/testsuite/c-c++-common/Wmisleading-indentation-3.c 2020-07-22 23:35:17.904390722 -0700
++++ b/gcc/testsuite/c-c++-common/Wmisleading-indentation-3.c 2021-12-25 01:20:53.487636494 -0800
+@@ -36,20 +36,20 @@ int fn_6 (int a, int b, int c)
+ /* ... */
+ if ((err = foo (a)) != 0)
+ goto fail;
+- if ((err = foo (b)) != 0) /* { dg-message "2: this 'if' clause does not guard..." } */
++ if ((err = foo (b)) != 0) /* { dg-message "9: this 'if' clause does not guard..." } */
+ goto fail;
+- goto fail; /* { dg-message "3: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */
++ goto fail; /* { dg-message "17: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */
+ if ((err = foo (c)) != 0)
+ goto fail;
+ /* ... */
+
+ /* { dg-begin-multiline-output "" }
+- if ((err = foo (b)) != 0)
+- ^~
++ if ((err = foo (b)) != 0)
++ ^~
+ { dg-end-multiline-output "" } */
+ /* { dg-begin-multiline-output "" }
+- goto fail;
+- ^~~~
++ goto fail;
++ ^~~~
+ { dg-end-multiline-output "" } */
+
+ fail:
+diff --git a/gcc/testsuite/c-c++-common/Wmisleading-indentation.c b/gcc/testsuite/c-c++-common/Wmisleading-indentation.c
+--- a/gcc/testsuite/c-c++-common/Wmisleading-indentation.c 2020-07-22 23:35:17.904390722 -0700
++++ b/gcc/testsuite/c-c++-common/Wmisleading-indentation.c 2021-12-25 01:20:53.487636494 -0800
+@@ -65,9 +65,9 @@ int fn_6 (int a, int b, int c)
+ /* ... */
+ if ((err = foo (a)) != 0)
+ goto fail;
+- if ((err = foo (b)) != 0) /* { dg-message "2: this 'if' clause does not guard..." } */
++ if ((err = foo (b)) != 0) /* { dg-message "9: this 'if' clause does not guard..." } */
+ goto fail;
+- goto fail; /* { dg-message "3: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */
++ goto fail; /* { dg-message "17: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */
+ if ((err = foo (c)) != 0)
+ goto fail;
+ /* ... */
+@@ -178,7 +178,7 @@ void fn_16_tabs (void)
+ while (flagA)
+ if (flagB) /* { dg-message "7: this 'if' clause does not guard..." } */
+ foo (0);
+- foo (1);/* { dg-message "2: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */
++ foo (1);/* { dg-message "9: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */
+ }
+
+ void fn_17_spaces (void)
+diff --git a/gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c b/gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c
+--- a/gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c 2020-07-22 23:35:18.124393144 -0700
++++ b/gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c 2021-12-25 01:20:53.491636427 -0800
+@@ -288,7 +288,7 @@ int test_3 (int x, int y)
+ | | ~~~~~~~~~~
+ | | |
+ | | (4) ...to here
+- | NN | to dereference it above
++ | NN | to dereference it above
+ | NN | return *ptr;
+ | | ~~~~
+ | | |
+diff --git a/gcc/testsuite/gcc.dg/bad-binary-ops.c b/gcc/testsuite/gcc.dg/bad-binary-ops.c
+--- a/gcc/testsuite/gcc.dg/bad-binary-ops.c 2020-07-22 23:35:18.128393190 -0700
++++ b/gcc/testsuite/gcc.dg/bad-binary-ops.c 2021-12-25 01:20:53.491636427 -0800
+@@ -35,10 +35,10 @@ int test_2 (void)
+ ~~~~~~~~~~~~~~~~
+ |
+ struct s
+- + some_other_function ());
+- ^ ~~~~~~~~~~~~~~~~~~~~~~
+- |
+- struct t
++ + some_other_function ());
++ ^ ~~~~~~~~~~~~~~~~~~~~~~
++ |
++ struct t
+ { dg-end-multiline-output "" } */
+ }
+
+diff --git a/gcc/testsuite/gcc.dg/format/branch-1.c b/gcc/testsuite/gcc.dg/format/branch-1.c
+--- a/gcc/testsuite/gcc.dg/format/branch-1.c 2020-07-22 23:35:18.152393454 -0700
++++ b/gcc/testsuite/gcc.dg/format/branch-1.c 2021-12-25 01:20:53.491636427 -0800
+@@ -10,7 +10,7 @@ foo (long l, int nfoo)
+ {
+ printf ((nfoo > 1) ? "%d foos" : "%d foo", nfoo);
+ printf ((l > 1) ? "%d foos" /* { dg-warning "23:int" "wrong type in conditional expr" } */
+- : "%d foo", l); /* { dg-warning "16:int" "wrong type in conditional expr" } */
++ : "%d foo", l); /* { dg-warning "23:int" "wrong type in conditional expr" } */
+ printf ((l > 1) ? "%ld foos" : "%d foo", l); /* { dg-warning "36:int" "wrong type in conditional expr" } */
+ printf ((l > 1) ? "%d foos" : "%ld foo", l); /* { dg-warning "23:int" "wrong type in conditional expr" } */
+ /* Should allow one case to have extra arguments. */
+diff --git a/gcc/testsuite/gcc.dg/format/pr79210.c b/gcc/testsuite/gcc.dg/format/pr79210.c
+--- a/gcc/testsuite/gcc.dg/format/pr79210.c 2020-07-22 23:35:18.152393454 -0700
++++ b/gcc/testsuite/gcc.dg/format/pr79210.c 2021-12-25 01:20:53.491636427 -0800
+@@ -20,4 +20,4 @@ LPFC_VPORT_ATTR_R(peer_port_login,
+ "Allow peer ports on the same physical port to login to each "
+ "other.");
+
+-/* { dg-warning "6: format .%d. expects argument of type .int., but argument 4 has type .unsigned int. " "" { target *-*-* } .-12 } */
++/* { dg-warning "20: format .%d. expects argument of type .int., but argument 4 has type .unsigned int. " "" { target *-*-* } .-12 } */
+diff --git a/gcc/testsuite/gcc.dg/plugin/diagnostic-test-expressions-1.c b/gcc/testsuite/gcc.dg/plugin/diagnostic-test-expressions-1.c
+--- a/gcc/testsuite/gcc.dg/plugin/diagnostic-test-expressions-1.c 2020-07-22 23:35:18.172393674 -0700
++++ b/gcc/testsuite/gcc.dg/plugin/diagnostic-test-expressions-1.c 2021-12-25 01:20:53.491636427 -0800
+@@ -540,15 +540,15 @@ void test_builtin_types_compatible_p (un
+ __emit_expression_range (0,
+ f (i) + __builtin_types_compatible_p (long, int)); /* { dg-warning "range" } */
+ /* { dg-begin-multiline-output "" }
+- f (i) + __builtin_types_compatible_p (long, int));
+- ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
++ f (i) + __builtin_types_compatible_p (long, int));
++ ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ { dg-end-multiline-output "" } */
+
+ __emit_expression_range (0,
+ __builtin_types_compatible_p (long, int) + f (i)); /* { dg-warning "range" } */
+ /* { dg-begin-multiline-output "" }
+- __builtin_types_compatible_p (long, int) + f (i));
+- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~
++ __builtin_types_compatible_p (long, int) + f (i));
++ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~
+ { dg-end-multiline-output "" } */
+ }
+
+@@ -671,8 +671,8 @@ void test_multiple_ordinary_maps (void)
+ /* { dg-begin-multiline-output "" }
+ __emit_expression_range (0, foo (0,
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+- "0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789"));
+- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
++ "0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789"));
++ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ { dg-end-multiline-output "" } */
+
+ /* Another expression that transitions between ordinary maps; this
+@@ -685,8 +685,8 @@ void test_multiple_ordinary_maps (void)
+ /* { dg-begin-multiline-output "" }
+ __emit_expression_range (0, foo (0, "01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789",
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+- 0));
+- ~~
++ 0));
++ ~~
+ { dg-end-multiline-output "" } */
+ }
+
+diff --git a/gcc/testsuite/gcc.dg/plugin/diagnostic-test-string-literals-1.c b/gcc/testsuite/gcc.dg/plugin/diagnostic-test-string-literals-1.c
+--- a/gcc/testsuite/gcc.dg/plugin/diagnostic-test-string-literals-1.c 2020-07-22 23:35:18.172393674 -0700
++++ b/gcc/testsuite/gcc.dg/plugin/diagnostic-test-string-literals-1.c 2021-12-25 01:20:53.491636427 -0800
+@@ -335,11 +335,11 @@ pr87652 (const char *stem, int counter)
+ /* { dg-error "unable to read substring location: unable to read source line" "" { target c } 329 } */
+ /* { dg-error "unable to read substring location: failed to get ordinary maps" "" { target c++ } 329 } */
+ /* { dg-begin-multiline-output "" }
+- __emit_string_literal_range(__FILE__":%5d: " format, \
++ __emit_string_literal_range(__FILE__":%5d: " format, \
+ ^~~~~~~~
+ { dg-end-multiline-output "" { target c } } */
+ /* { dg-begin-multiline-output "" }
+- __emit_string_literal_range(__FILE__":%5d: " format, \
++ __emit_string_literal_range(__FILE__":%5d: " format, \
+ ^
+ { dg-end-multiline-output "" { target c++ } } */
+
+diff --git a/gcc/testsuite/gcc.dg/redecl-4.c b/gcc/testsuite/gcc.dg/redecl-4.c
+--- a/gcc/testsuite/gcc.dg/redecl-4.c 2020-07-22 23:35:18.192393895 -0700
++++ b/gcc/testsuite/gcc.dg/redecl-4.c 2021-12-25 01:20:53.491636427 -0800
+@@ -15,7 +15,7 @@ f (void)
+ /* Should get format warnings even though the built-in declaration
+ isn't "visible". */
+ printf (
+- "%s", 1); /* { dg-warning "8:format" } */
++ "%s", 1); /* { dg-warning "15:format" } */
+ /* The type of strcmp here should have no prototype. */
+ if (0)
+ strcmp (1);
+diff --git a/gcc/testsuite/g++.dg/diagnostic/bad-binary-ops.C b/gcc/testsuite/g++.dg/diagnostic/bad-binary-ops.C
+--- a/gcc/testsuite/g++.dg/diagnostic/bad-binary-ops.C 2020-07-22 23:35:17.972391472 -0700
++++ b/gcc/testsuite/g++.dg/diagnostic/bad-binary-ops.C 2021-12-25 01:20:53.491636427 -0800
+@@ -33,10 +33,10 @@ int test_2 (void)
+ ~~~~~~~~~~~~~~~~
+ |
+ s
+- + some_other_function ());
+- ^ ~~~~~~~~~~~~~~~~~~~~~~
+- |
+- t
++ + some_other_function ());
++ ^ ~~~~~~~~~~~~~~~~~~~~~~
++ |
++ t
+ { dg-end-multiline-output "" } */
+ }
+
+diff --git a/gcc/testsuite/g++.dg/parse/error4.C b/gcc/testsuite/g++.dg/parse/error4.C
+--- a/gcc/testsuite/g++.dg/parse/error4.C 2020-07-22 23:35:18.012391910 -0700
++++ b/gcc/testsuite/g++.dg/parse/error4.C 2021-12-25 01:20:53.491636427 -0800
+@@ -7,4 +7,4 @@ struct X {
+ int);
+ };
+
+-// { dg-error "4:'itn' has not been declared" "" { target *-*-* } 6 }
++// { dg-error "18:'itn' has not been declared" "" { target *-*-* } 6 }
+diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90
+--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2020-07-22 23:35:18.512397420 -0700
++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2021-12-25 01:20:53.491636427 -0800
+@@ -8,17 +8,22 @@
+ ! We can't rely on any ordering of the keys.
+
+ ! { dg-regexp "\"kind\": \"error\"" }
++! { dg-regexp "\"column-origin\": 1" }
+ ! { dg-regexp "\"message\": \"#error message\"" }
+
+ ! { dg-regexp "\"caret\": \{" }
+ ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-1.F90\"" }
+ ! { dg-regexp "\"line\": 4" }
+ ! { dg-regexp "\"column\": 2" }
++! { dg-regexp "\"display-column\": 2" }
++! { dg-regexp "\"byte-column\": 2" }
+
+ ! { dg-regexp "\"finish\": \{" }
+ ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-1.F90\"" }
+ ! { dg-regexp "\"line\": 4" }
+ ! { dg-regexp "\"column\": 6" }
++! { dg-regexp "\"display-column\": 6" }
++! { dg-regexp "\"byte-column\": 6" }
+
+ ! { dg-regexp "\"locations\": \[\[\{\}, \]*\]" }
+ ! { dg-regexp "\"children\": \[\[\]\[\]\]" }
+diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90
+--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2020-07-22 23:35:18.512397420 -0700
++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2021-12-25 01:20:53.491636427 -0800
+@@ -8,6 +8,7 @@
+ ! We can't rely on any ordering of the keys.
+
+ ! { dg-regexp "\"kind\": \"warning\"" }
++! { dg-regexp "\"column-origin\": 1" }
+ ! { dg-regexp "\"message\": \"#warning message\"" }
+ ! { dg-regexp "\"option\": \"-Wcpp\"" }
+ ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" }
+@@ -16,11 +17,15 @@
+ ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-2.F90\"" }
+ ! { dg-regexp "\"line\": 4" }
+ ! { dg-regexp "\"column\": 2" }
++! { dg-regexp "\"display-column\": 2" }
++! { dg-regexp "\"byte-column\": 2" }
+
+ ! { dg-regexp "\"finish\": \{" }
+ ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-2.F90\"" }
+ ! { dg-regexp "\"line\": 4" }
+ ! { dg-regexp "\"column\": 8" }
++! { dg-regexp "\"display-column\": 8" }
++! { dg-regexp "\"byte-column\": 8" }
+
+ ! { dg-regexp "\"locations\": \[\[\{\}, \]*\]" }
+ ! { dg-regexp "\"children\": \[\[\]\[\]\]" }
+diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90
+--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2020-07-22 23:35:18.512397420 -0700
++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2021-12-25 01:20:53.491636427 -0800
+@@ -8,6 +8,7 @@
+ ! We can't rely on any ordering of the keys.
+
+ ! { dg-regexp "\"kind\": \"error\"" }
++! { dg-regexp "\"column-origin\": 1" }
+ ! { dg-regexp "\"message\": \"#warning message\"" }
+ ! { dg-regexp "\"option\": \"-Werror=cpp\"" }
+ ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" }
+@@ -16,11 +17,15 @@
+ ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-3.F90\"" }
+ ! { dg-regexp "\"line\": 4" }
+ ! { dg-regexp "\"column\": 2" }
++! { dg-regexp "\"display-column\": 2" }
++! { dg-regexp "\"byte-column\": 2" }
+
+ ! { dg-regexp "\"finish\": \{" }
+ ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-3.F90\"" }
+ ! { dg-regexp "\"line\": 4" }
+ ! { dg-regexp "\"column\": 8" }
++! { dg-regexp "\"display-column\": 8" }
++! { dg-regexp "\"byte-column\": 8" }
+
+ ! { dg-regexp "\"locations\": \[\[\{\}, \]*\]" }
+ ! { dg-regexp "\"children\": \[\[\]\[\]\]" }
+diff --git a/gcc/testsuite/go.dg/arrayclear.go b/gcc/testsuite/go.dg/arrayclear.go
+--- a/gcc/testsuite/go.dg/arrayclear.go 2020-07-22 23:35:18.588398257 -0700
++++ b/gcc/testsuite/go.dg/arrayclear.go 2021-12-25 01:20:53.491636427 -0800
+@@ -1,5 +1,8 @@
+ // { dg-do compile }
+ // { dg-options "-fgo-debug-optimization" }
++// This comment is necessary to work around a dejagnu bug. Otherwise, the
++// column of the second error message would equal the row of the first one, and
++// since the errors are also identical, dejagnu is not able to distinguish them.
+
+ package p
+
+diff --git a/gcc/testsuite/g++.old-deja/g++.brendan/crash11.C b/gcc/testsuite/g++.old-deja/g++.brendan/crash11.C
+--- a/gcc/testsuite/g++.old-deja/g++.brendan/crash11.C 2020-07-22 23:35:18.048392308 -0700
++++ b/gcc/testsuite/g++.old-deja/g++.brendan/crash11.C 2021-12-25 01:20:53.491636427 -0800
+@@ -9,13 +9,13 @@ class A {
+ int h;
+ A() { i=10; j=20; }
+ virtual void f1() { printf("i=%d j=%d\n",i,j); }
+- friend virtual void f2() { printf("i=%d j=%d\n",i,j); } // { dg-error "9:virtual functions cannot be friends" }
++ friend virtual void f2() { printf("i=%d j=%d\n",i,j); } // { dg-error "16:virtual functions cannot be friends" }
+ };
+
+ class B : public A {
+ public:
+ virtual void f1() { printf("i=%d j=%d\n",i,j); }// { dg-error "" } member.*// ERROR - member.*
+- friend virtual void f2() { printf("i=%d j=%d\n",i,j); } // { dg-error "9:virtual functions cannot be friends" }
++ friend virtual void f2() { printf("i=%d j=%d\n",i,j); } // { dg-error "16:virtual functions cannot be friends" }
+ // { dg-error "private" "" { target *-*-* } .-1 }
+ };
+
+diff --git a/gcc/testsuite/g++.old-deja/g++.pt/overload2.C b/gcc/testsuite/g++.old-deja/g++.pt/overload2.C
+--- a/gcc/testsuite/g++.old-deja/g++.pt/overload2.C 2020-07-22 23:35:18.072392572 -0700
++++ b/gcc/testsuite/g++.old-deja/g++.pt/overload2.C 2021-12-25 01:20:53.491636427 -0800
+@@ -12,5 +12,5 @@ int
+ main()
+ {
+ C<char*> c;
+- char* p = Z(c.O); //{ dg-error "13:'Z' was not declared" } ambiguous c.O
++ char* p = Z(c.O); //{ dg-error "29:'Z' was not declared" } ambiguous c.O
+ }
+diff --git a/gcc/testsuite/g++.old-deja/g++.robertl/eb109.C b/gcc/testsuite/g++.old-deja/g++.robertl/eb109.C
+--- a/gcc/testsuite/g++.old-deja/g++.robertl/eb109.C 2020-07-22 23:35:18.076392617 -0700
++++ b/gcc/testsuite/g++.old-deja/g++.robertl/eb109.C 2021-12-25 01:20:53.491636427 -0800
+@@ -48,8 +48,8 @@ ostream& operator<<(ostream& os, Graph<V
+
+ // The compiler does not like this line!!!!!!
+ typename Graph<VertexType, EdgeType>::Successor::iterator
+- startN = G[i].second.begin(), // { dg-error "14:no match" } no index operator
+- endN = G[i].second.end(); // { dg-error "14:no match" } no index operator
++ startN = G[i].second.begin(), // { dg-error "21:no match" } no index operator
++ endN = G[i].second.end(); // { dg-error "21:no match" } no index operator
+
+ while(startN != endN)
+ {
+diff --git a/gcc/tree-diagnostic-path.cc b/gcc/tree-diagnostic-path.cc
+--- a/gcc/tree-diagnostic-path.cc 2020-07-22 23:35:18.628398698 -0700
++++ b/gcc/tree-diagnostic-path.cc 2021-12-25 01:20:53.491636427 -0800
+@@ -493,7 +493,7 @@ default_tree_diagnostic_path_printer (di
+ doesn't have access to trees (for m_fndecl). */
+
+ json::value *
+-default_tree_make_json_for_path (diagnostic_context *,
++default_tree_make_json_for_path (diagnostic_context *context,
+ const diagnostic_path *path)
+ {
+ json::array *path_array = new json::array ();
+@@ -504,7 +504,8 @@ default_tree_make_json_for_path (diagnos
+ json::object *event_obj = new json::object ();
+ if (event.get_location ())
+ event_obj->set ("location",
+- json_from_expanded_location (event.get_location ()));
++ json_from_expanded_location (context,
++ event.get_location ()));
+ label_text event_text (event.get_desc (false));
+ event_obj->set ("description", new json::string (event_text.m_buffer));
+ event_text.maybe_free ();
+diff --git a/libcpp/charset.c b/libcpp/charset.c
+--- a/libcpp/charset.c 2020-07-22 23:35:18.712399623 -0700
++++ b/libcpp/charset.c 2021-12-25 01:20:53.491636427 -0800
+@@ -2276,49 +2276,90 @@ cpp_string_location_reader::get_next ()
+ return result;
+ }
+
+-/* Helper for cpp_byte_column_to_display_column and its inverse. Given a
+- pointer to a UTF-8-encoded character, compute its display width. *INBUFP
+- points on entry to the start of the UTF-8 encoding of the character, and
+- is updated to point just after the last byte of the encoding. *INBYTESLEFTP
+- contains on entry the remaining size of the buffer into which *INBUFP
+- points, and this is also updated accordingly. If *INBUFP does not
++cpp_display_width_computation::
++cpp_display_width_computation (const char *data, int data_length, int tabstop) :
++ m_begin (data),
++ m_next (m_begin),
++ m_bytes_left (data_length),
++ m_tabstop (tabstop),
++ m_display_cols (0)
++{
++ gcc_assert (m_tabstop > 0);
++}
++
++
++/* The main implementation function for class cpp_display_width_computation.
++ m_next points on entry to the start of the UTF-8 encoding of the next
++ character, and is updated to point just after the last byte of the encoding.
++ m_bytes_left contains on entry the remaining size of the buffer into which
++ m_next points, and this is also updated accordingly. If m_next does not
+ point to a valid UTF-8-encoded sequence, then it will be treated as a single
+- byte with display width 1. */
++ byte with display width 1. m_cur_display_col is the current display column,
++ relative to which tab stops should be expanded. Returns the display width of
++ the codepoint just processed. */
+
+-static inline int
+-compute_next_display_width (const uchar **inbufp, size_t *inbytesleftp)
++int
++cpp_display_width_computation::process_next_codepoint ()
+ {
+ cppchar_t c;
+- if (one_utf8_to_cppchar (inbufp, inbytesleftp, &c) != 0)
++ int next_width;
++
++ if (*m_next == '\t')
++ {
++ ++m_next;
++ --m_bytes_left;
++ next_width = m_tabstop - (m_display_cols % m_tabstop);
++ }
++ else if (one_utf8_to_cppchar ((const uchar **) &m_next, &m_bytes_left, &c)
++ != 0)
+ {
+ /* Input is not convertible to UTF-8. This could be fine, e.g. in a
+ string literal, so don't complain. Just treat it as if it has a width
+ of one. */
+- ++*inbufp;
+- --*inbytesleftp;
+- return 1;
++ ++m_next;
++ --m_bytes_left;
++ next_width = 1;
++ }
++ else
++ {
++ /* one_utf8_to_cppchar() has updated m_next and m_bytes_left for us. */
++ next_width = cpp_wcwidth (c);
+ }
+
+- /* one_utf8_to_cppchar() has updated inbufp and inbytesleftp for us. */
+- return cpp_wcwidth (c);
++ m_display_cols += next_width;
++ return next_width;
++}
++
++/* Utility to advance the byte stream by the minimum amount needed to consume
++ N display columns. Returns the number of display columns that were
++ actually skipped. This could be less than N, if there was not enough data,
++ or more than N, if the last character to be skipped had a sufficiently large
++ display width. */
++int
++cpp_display_width_computation::advance_display_cols (int n)
++{
++ const int start = m_display_cols;
++ const int target = start + n;
++ while (m_display_cols < target && !done ())
++ process_next_codepoint ();
++ return m_display_cols - start;
+ }
+
+ /* For the string of length DATA_LENGTH bytes that begins at DATA, compute
+ how many display columns are occupied by the first COLUMN bytes. COLUMN
+ may exceed DATA_LENGTH, in which case the phantom bytes at the end are
+- treated as if they have display width 1. */
++ treated as if they have display width 1. Tabs are expanded to the next tab
++ stop, relative to the start of DATA. */
+
+ int
+ cpp_byte_column_to_display_column (const char *data, int data_length,
+- int column)
++ int column, int tabstop)
+ {
+- int display_col = 0;
+- const uchar *udata = (const uchar *) data;
+ const int offset = MAX (0, column - data_length);
+- size_t inbytesleft = column - offset;
+- while (inbytesleft)
+- display_col += compute_next_display_width (&udata, &inbytesleft);
+- return display_col + offset;
++ cpp_display_width_computation dw (data, column - offset, tabstop);
++ while (!dw.done ())
++ dw.process_next_codepoint ();
++ return dw.display_cols_processed () + offset;
+ }
+
+ /* For the string of length DATA_LENGTH bytes that begins at DATA, compute
+@@ -2328,14 +2369,11 @@ cpp_byte_column_to_display_column (const
+
+ int
+ cpp_display_column_to_byte_column (const char *data, int data_length,
+- int display_col)
++ int display_col, int tabstop)
+ {
+- int column = 0;
+- const uchar *udata = (const uchar *) data;
+- size_t inbytesleft = data_length;
+- while (column < display_col && inbytesleft)
+- column += compute_next_display_width (&udata, &inbytesleft);
+- return data_length - inbytesleft + MAX (0, display_col - column);
++ cpp_display_width_computation dw (data, data_length, tabstop);
++ const int avail_display = dw.advance_display_cols (display_col);
++ return dw.bytes_processed () + MAX (0, display_col - avail_display);
+ }
+
+ /* Our own version of wcwidth(). We don't use the actual wcwidth() in glibc,
+diff --git a/libcpp/include/cpplib.h b/libcpp/include/cpplib.h
+--- a/libcpp/include/cpplib.h 2020-07-22 23:35:18.712399623 -0700
++++ b/libcpp/include/cpplib.h 2021-12-25 01:20:53.491636427 -0800
+@@ -312,9 +312,6 @@ enum cpp_normalize_level {
+ carries all the options visible to the command line. */
+ struct cpp_options
+ {
+- /* Characters between tab stops. */
+- unsigned int tabstop;
+-
+ /* The language we're preprocessing. */
+ enum c_lang lang;
+
+@@ -1322,14 +1319,43 @@ extern const char * cpp_get_userdef_suff
+ (const cpp_token *);
+
+ /* In charset.c */
++
++/* A class to manage the state while converting a UTF-8 sequence to cppchar_t
++ and computing the display width one character at a time. */
++class cpp_display_width_computation {
++ public:
++ cpp_display_width_computation (const char *data, int data_length,
++ int tabstop);
++ const char *next_byte () const { return m_next; }
++ int bytes_processed () const { return m_next - m_begin; }
++ int bytes_left () const { return m_bytes_left; }
++ bool done () const { return !bytes_left (); }
++ int display_cols_processed () const { return m_display_cols; }
++
++ int process_next_codepoint ();
++ int advance_display_cols (int n);
++
++ private:
++ const char *const m_begin;
++ const char *m_next;
++ size_t m_bytes_left;
++ const int m_tabstop;
++ int m_display_cols;
++};
++
++/* Convenience functions that are simple use cases for class
++ cpp_display_width_computation. Tab characters will be expanded to spaces
++ as determined by TABSTOP. */
+ int cpp_byte_column_to_display_column (const char *data, int data_length,
+- int column);
+-inline int cpp_display_width (const char *data, int data_length)
++ int column, int tabstop);
++inline int cpp_display_width (const char *data, int data_length,
++ int tabstop)
+ {
+- return cpp_byte_column_to_display_column (data, data_length, data_length);
++ return cpp_byte_column_to_display_column (data, data_length, data_length,
++ tabstop);
+ }
+ int cpp_display_column_to_byte_column (const char *data, int data_length,
+- int display_col);
++ int display_col, int tabstop);
+ int cpp_wcwidth (cppchar_t c);
+
+ #endif /* ! LIBCPP_CPPLIB_H */
+diff --git a/libcpp/init.c b/libcpp/init.c
+--- a/libcpp/init.c 2020-07-22 23:35:18.712399623 -0700
++++ b/libcpp/init.c 2021-12-25 01:20:53.491636427 -0800
+@@ -190,7 +190,6 @@ cpp_create_reader (enum c_lang lang, cpp
+ CPP_OPTION (pfile, discard_comments) = 1;
+ CPP_OPTION (pfile, discard_comments_in_macro_exp) = 1;
+ CPP_OPTION (pfile, max_include_depth) = 200;
+- CPP_OPTION (pfile, tabstop) = 8;
+ CPP_OPTION (pfile, operator_names) = 1;
+ CPP_OPTION (pfile, warn_trigraphs) = 2;
+ CPP_OPTION (pfile, warn_endif_labels) = 1;
diff --git a/meta/recipes-devtools/gcc/gcc/0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch b/meta/recipes-devtools/gcc/gcc/0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch
deleted file mode 100644
index c060accd99..0000000000
--- a/meta/recipes-devtools/gcc/gcc/0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From fd2ec4542fd2975e6d3f2f1c1a2639945a84f9e1 Mon Sep 17 00:00:00 2001
-From: Jakub Jelinek <jakub@redhat.com>
-Date: Mon, 3 Aug 2020 22:55:28 +0200
-Subject: [PATCH] aarch64: Fix up __aarch64_cas16_acq_rel fallback
-
-As mentioned in the PR, the fallback path when LSE is unavailable writes
-incorrect registers to the memory if the previous content compares equal
-to x0, x1 - it writes copy of x0, x1 from the start of function, but it
-should write x2, x3.
-
-2020-08-03 Jakub Jelinek <jakub@redhat.com>
-
- PR target/96402
- * config/aarch64/lse.S (__aarch64_cas16_acq_rel): Use x2, x3 instead
- of x(tmp0), x(tmp1) in STXP arguments.
-
- * gcc.target/aarch64/pr96402.c: New test.
-
-(cherry picked from commit 90b43856fdff7d96d93d22970eca8a86c56e0ddc)
----
- gcc/testsuite/gcc.target/aarch64/pr96402.c | 16 ++++++++++++++++
- libgcc/config/aarch64/lse.S | 2 +-
- 2 files changed, 17 insertions(+), 1 deletion(-)
- create mode 100644 gcc/testsuite/gcc.target/aarch64/pr96402.c
-
-diff --git a/gcc/testsuite/gcc.target/aarch64/pr96402.c b/gcc/testsuite/gcc.target/aarch64/pr96402.c
-new file mode 100644
-index 00000000000..fa2dddfac15
---- /dev/null
-+++ b/gcc/testsuite/gcc.target/aarch64/pr96402.c
-@@ -0,0 +1,16 @@
-+/* PR target/96402 */
-+/* { dg-do run { target int128 } } */
-+/* { dg-options "-moutline-atomics" } */
-+
-+int
-+main ()
-+{
-+ __int128 a = 0;
-+ __sync_val_compare_and_swap (&a, (__int128) 0, (__int128) 1);
-+ if (a != 1)
-+ __builtin_abort ();
-+ __sync_val_compare_and_swap (&a, (__int128) 1, (((__int128) 0xdeadbeeffeedbac1ULL) << 64) | 0xabadcafe00c0ffeeULL);
-+ if (a != ((((__int128) 0xdeadbeeffeedbac1ULL) << 64) | 0xabadcafe00c0ffeeULL))
-+ __builtin_abort ();
-+ return 0;
-+}
-diff --git a/libgcc/config/aarch64/lse.S b/libgcc/config/aarch64/lse.S
-index 64691c601c1..c8fbfbce4fd 100644
---- a/libgcc/config/aarch64/lse.S
-+++ b/libgcc/config/aarch64/lse.S
-@@ -203,7 +203,7 @@ STARTFN NAME(cas)
- cmp x0, x(tmp0)
- ccmp x1, x(tmp1), #0, eq
- bne 1f
-- STXP w(tmp2), x(tmp0), x(tmp1), [x4]
-+ STXP w(tmp2), x2, x3, [x4]
- cbnz w(tmp2), 0b
- 1: ret
-
---
-2.26.2
-
diff --git a/meta/recipes-devtools/gcc/gcc/0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch b/meta/recipes-devtools/gcc/gcc/0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch
deleted file mode 100644
index 73de4c7590..0000000000
--- a/meta/recipes-devtools/gcc/gcc/0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch
+++ /dev/null
@@ -1,202 +0,0 @@
-CVE: CVE-2020-13844
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 1ff243934ac443b5f58cd02a5012ce58ecc31fb2 Mon Sep 17 00:00:00 2001
-From: Matthew Malcomson <matthew.malcomson@arm.com>
-Date: Thu, 9 Jul 2020 09:11:58 +0100
-Subject: [PATCH 1/3] aarch64: New Straight Line Speculation (SLS) mitigation
- flags
-
-Here we introduce the flags that will be used for straight line speculation.
-
-The new flag introduced is `-mharden-sls=`.
-This flag can take arguments of `none`, `all`, or a comma seperated list of one
-or more of `retbr` or `blr`.
-`none` indicates no special mitigation of the straight line speculation
-vulnerability.
-`all` requests all mitigations currently implemented.
-`retbr` requests that the RET and BR instructions have a speculation barrier
-inserted after them.
-`blr` requests that BLR instructions are replaced by a BL to a function stub
-using a BR with a speculation barrier after it.
-
-Setting this on a per-function basis using attributes or the like is not
-enabled, but may be in the future.
-
-gcc/ChangeLog:
-
-2020-06-02 Matthew Malcomson <matthew.malcomson@arm.com>
-
- * config/aarch64/aarch64-protos.h (aarch64_harden_sls_retbr_p):
- New.
- (aarch64_harden_sls_blr_p): New.
- * config/aarch64/aarch64.c (enum aarch64_sls_hardening_type):
- New.
- (aarch64_harden_sls_retbr_p): New.
- (aarch64_harden_sls_blr_p): New.
- (aarch64_validate_sls_mitigation): New.
- (aarch64_override_options): Parse options for SLS mitigation.
- * config/aarch64/aarch64.opt (-mharden-sls): New option.
- * doc/invoke.texi: Document new option.
----
- gcc/config/aarch64/aarch64-protos.h | 3 ++
- gcc/config/aarch64/aarch64.c | 76 +++++++++++++++++++++++++++++++++++++
- gcc/config/aarch64/aarch64.opt | 4 ++
- gcc/doc/invoke.texi | 12 ++++++
- 4 files changed, 95 insertions(+)
-
-diff --git a/gcc/config/aarch64/aarch64-protos.h b/gcc/config/aarch64/aarch64-protos.h
-index 723d9ba..eb5f4b4 100644
---- a/gcc/config/aarch64/aarch64-protos.h
-+++ b/gcc/config/aarch64/aarch64-protos.h
-@@ -781,4 +781,7 @@ extern const atomic_ool_names aarch64_ool_ldeor_names;
-
- tree aarch64_resolve_overloaded_builtin_general (location_t, tree, void *);
-
-+extern bool aarch64_harden_sls_retbr_p (void);
-+extern bool aarch64_harden_sls_blr_p (void);
-+
- #endif /* GCC_AARCH64_PROTOS_H */
-diff --git a/gcc/config/aarch64/aarch64.c b/gcc/config/aarch64/aarch64.c
-index b86434a..437a9cf 100644
---- a/gcc/config/aarch64/aarch64.c
-+++ b/gcc/config/aarch64/aarch64.c
-@@ -14494,6 +14494,79 @@ aarch64_validate_mcpu (const char *str, const struct processor **res,
- return false;
- }
-
-+/* Straight line speculation indicators. */
-+enum aarch64_sls_hardening_type
-+{
-+ SLS_NONE = 0,
-+ SLS_RETBR = 1,
-+ SLS_BLR = 2,
-+ SLS_ALL = 3,
-+};
-+static enum aarch64_sls_hardening_type aarch64_sls_hardening;
-+
-+/* Return whether we should mitigatate Straight Line Speculation for the RET
-+ and BR instructions. */
-+bool
-+aarch64_harden_sls_retbr_p (void)
-+{
-+ return aarch64_sls_hardening & SLS_RETBR;
-+}
-+
-+/* Return whether we should mitigatate Straight Line Speculation for the BLR
-+ instruction. */
-+bool
-+aarch64_harden_sls_blr_p (void)
-+{
-+ return aarch64_sls_hardening & SLS_BLR;
-+}
-+
-+/* As of yet we only allow setting these options globally, in the future we may
-+ allow setting them per function. */
-+static void
-+aarch64_validate_sls_mitigation (const char *const_str)
-+{
-+ char *token_save = NULL;
-+ char *str = NULL;
-+
-+ if (strcmp (const_str, "none") == 0)
-+ {
-+ aarch64_sls_hardening = SLS_NONE;
-+ return;
-+ }
-+ if (strcmp (const_str, "all") == 0)
-+ {
-+ aarch64_sls_hardening = SLS_ALL;
-+ return;
-+ }
-+
-+ char *str_root = xstrdup (const_str);
-+ str = strtok_r (str_root, ",", &token_save);
-+ if (!str)
-+ error ("invalid argument given to %<-mharden-sls=%>");
-+
-+ int temp = SLS_NONE;
-+ while (str)
-+ {
-+ if (strcmp (str, "blr") == 0)
-+ temp |= SLS_BLR;
-+ else if (strcmp (str, "retbr") == 0)
-+ temp |= SLS_RETBR;
-+ else if (strcmp (str, "none") == 0 || strcmp (str, "all") == 0)
-+ {
-+ error ("%<%s%> must be by itself for %<-mharden-sls=%>", str);
-+ break;
-+ }
-+ else
-+ {
-+ error ("invalid argument %<%s%> for %<-mharden-sls=%>", str);
-+ break;
-+ }
-+ str = strtok_r (NULL, ",", &token_save);
-+ }
-+ aarch64_sls_hardening = (aarch64_sls_hardening_type) temp;
-+ free (str_root);
-+}
-+
- /* Parses CONST_STR for branch protection features specified in
- aarch64_branch_protect_types, and set any global variables required. Returns
- the parsing result and assigns LAST_STR to the last processed token from
-@@ -14738,6 +14811,9 @@ aarch64_override_options (void)
- selected_arch = NULL;
- selected_tune = NULL;
-
-+ if (aarch64_harden_sls_string)
-+ aarch64_validate_sls_mitigation (aarch64_harden_sls_string);
-+
- if (aarch64_branch_protection_string)
- aarch64_validate_mbranch_protection (aarch64_branch_protection_string);
-
-diff --git a/gcc/config/aarch64/aarch64.opt b/gcc/config/aarch64/aarch64.opt
-index d99d14c..5170361 100644
---- a/gcc/config/aarch64/aarch64.opt
-+++ b/gcc/config/aarch64/aarch64.opt
-@@ -71,6 +71,10 @@ mgeneral-regs-only
- Target Report RejectNegative Mask(GENERAL_REGS_ONLY) Save
- Generate code which uses only the general registers.
-
-+mharden-sls=
-+Target RejectNegative Joined Var(aarch64_harden_sls_string)
-+Generate code to mitigate against straight line speculation.
-+
- mfix-cortex-a53-835769
- Target Report Var(aarch64_fix_a53_err835769) Init(2) Save
- Workaround for ARM Cortex-A53 Erratum number 835769.
-diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
-index a2794a6..bd5b77a 100644
---- a/gcc/doc/invoke.texi
-+++ b/gcc/doc/invoke.texi
-@@ -696,6 +696,7 @@ Objective-C and Objective-C++ Dialects}.
- -msign-return-address=@var{scope} @gol
- -mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}
- +@var{b-key}]|@var{bti} @gol
-+-mharden-sls=@var{opts} @gol
- -march=@var{name} -mcpu=@var{name} -mtune=@var{name} @gol
- -moverride=@var{string} -mverbose-cost-dump @gol
- -mstack-protector-guard=@var{guard} -mstack-protector-guard-reg=@var{sysreg} @gol
-@@ -17065,6 +17066,17 @@ functions. The optional argument @samp{b-key} can be used to sign the functions
- with the B-key instead of the A-key.
- @samp{bti} turns on branch target identification mechanism.
-
-+@item -mharden-sls=@var{opts}
-+@opindex mharden-sls
-+Enable compiler hardening against straight line speculation (SLS).
-+@var{opts} is a comma-separated list of the following options:
-+@table @samp
-+@item retbr
-+@item blr
-+@end table
-+In addition, @samp{-mharden-sls=all} enables all SLS hardening while
-+@samp{-mharden-sls=none} disables all SLS hardening.
-+
- @item -msve-vector-bits=@var{bits}
- @opindex msve-vector-bits
- Specify the number of bits in an SVE vector register. This option only has
---
-2.7.4
-
diff --git a/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch
new file mode 100644
index 0000000000..38d02dc770
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch
@@ -0,0 +1,40 @@
+From 574e7950bd6b34e9e2cacce18c802b45505d1d0a Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Fri, 18 Jun 2021 17:16:25 +0100
+Subject: [PATCH] arm: add erratum mitigation to __gnu_cmse_nonsecure_call
+ [PR102035]
+
+Add the recommended erratum mitigation sequence to
+__gnu_cmse_nonsecure_call for use on Armv8-m.main devices. Since this
+is in the library code we cannot know in advance whether the core we
+are running on will be affected by this, so always enable it.
+
+libgcc:
+ PR target/102035
+ * config/arm/cmse_nonsecure_call.S (__gnu_cmse_nonsecure_call):
+ Add vlldm erratum work-around.
+
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ libgcc/config/arm/cmse_nonsecure_call.S | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libgcc/config/arm/cmse_nonsecure_call.S b/libgcc/config/arm/cmse_nonsecure_call.S
+index 00830ade98e..c8e0fbbe665 100644
+--- a/libgcc/config/arm/cmse_nonsecure_call.S
++++ b/libgcc/config/arm/cmse_nonsecure_call.S
+@@ -102,6 +102,11 @@ blxns r4
+ #ifdef __ARM_PCS_VFP
+ vpop.f64 {d8-d15}
+ #else
++/* VLLDM erratum mitigation sequence. */
++mrs r5, control
++tst r5, #8 /* CONTROL_S.SFPA */
++it ne
++.inst.w 0xeeb00a40 /* vmovne s0, s0 */
+ vlldm sp /* Lazy restore of d0-d16 and FPSCR. */
+ add sp, sp, #0x88 /* Free space used to save floating point registers. */
+ #endif /* __ARM_PCS_VFP */
diff --git a/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch
new file mode 100644
index 0000000000..5b1896ed69
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch
@@ -0,0 +1,2270 @@
+From bd5e882cf6e0def3dd1bc106075d59a303fe0d1e Mon Sep 17 00:00:00 2001
+From: David Malcolm <dmalcolm@redhat.com>
+Date: Mon, 18 Oct 2021 18:55:31 -0400
+Subject: [PATCH] diagnostics: escape non-ASCII source bytes for certain
+ diagnostics
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+This patch adds support to GCC's diagnostic subsystem for escaping certain
+bytes and Unicode characters when quoting source code.
+
+Specifically, this patch adds a new flag rich_location::m_escape_on_output
+which is a hint from a diagnostic that non-ASCII bytes in the pertinent
+lines of the user's source code should be escaped when printed.
+
+The patch sets this for the following diagnostics:
+- when complaining about stray bytes in the program (when these
+are non-printable)
+- when complaining about "null character(s) ignored");
+- for -Wnormalized= (and generate source ranges for such warnings)
+
+The escaping is controlled by a new option:
+ -fdiagnostics-escape-format=[unicode|bytes]
+
+For example, consider a diagnostic involing a source line containing the
+string "before" followed by the Unicode character U+03C0 ("GREEK SMALL
+LETTER PI", with UTF-8 encoding 0xCF 0x80) followed by the byte 0xBF
+(a stray UTF-8 trailing byte), followed by the string "after", where the
+diagnostic highlights the U+03C0 character.
+
+By default, this line will be printed verbatim to the user when
+reporting a diagnostic at it, as:
+
+ beforeÏXafter
+ ^
+
+(using X for the stray byte to avoid putting invalid UTF-8 in this
+commit message)
+
+If the diagnostic sets the "escape" flag, it will be printed as:
+
+ before<U+03C0><BF>after
+ ^~~~~~~~
+
+with -fdiagnostics-escape-format=unicode (the default), or as:
+
+ before<CF><80><BF>after
+ ^~~~~~~~
+
+if the user supplies -fdiagnostics-escape-format=bytes.
+
+This only affects how the source is printed; it does not affect
+how column numbers that are printed (as per -fdiagnostics-column-unit=
+and -fdiagnostics-column-origin=).
+
+gcc/c-family/ChangeLog:
+ * c-lex.c (c_lex_with_flags): When complaining about non-printable
+ CPP_OTHER tokens, set the "escape on output" flag.
+
+gcc/ChangeLog:
+ * common.opt (fdiagnostics-escape-format=): New.
+ (diagnostics_escape_format): New enum.
+ (DIAGNOSTICS_ESCAPE_FORMAT_UNICODE): New enum value.
+ (DIAGNOSTICS_ESCAPE_FORMAT_BYTES): Likewise.
+ * diagnostic-format-json.cc (json_end_diagnostic): Add
+ "escape-source" attribute.
+ * diagnostic-show-locus.c
+ (exploc_with_display_col::exploc_with_display_col): Replace
+ "tabstop" param with a cpp_char_column_policy and add an "aspect"
+ param. Use these to compute m_display_col accordingly.
+ (struct char_display_policy): New struct.
+ (layout::m_policy): New field.
+ (layout::m_escape_on_output): New field.
+ (def_policy): New function.
+ (make_range): Update for changes to exploc_with_display_col ctor.
+ (default_print_decoded_ch): New.
+ (width_per_escaped_byte): New.
+ (escape_as_bytes_width): New.
+ (escape_as_bytes_print): New.
+ (escape_as_unicode_width): New.
+ (escape_as_unicode_print): New.
+ (make_policy): New.
+ (layout::layout): Initialize new fields. Update m_exploc ctor
+ call for above change to ctor.
+ (layout::maybe_add_location_range): Update for changes to
+ exploc_with_display_col ctor.
+ (layout::calculate_x_offset_display): Update for change to
+ cpp_display_width.
+ (layout::print_source_line): Pass policy
+ to cpp_display_width_computation. Capture cpp_decoded_char when
+ calling process_next_codepoint. Move printing of source code to
+ m_policy.m_print_cb.
+ (line_label::line_label): Pass in policy rather than context.
+ (layout::print_any_labels): Update for change to line_label ctor.
+ (get_affected_range): Pass in policy rather than context, updating
+ calls to location_compute_display_column accordingly.
+ (get_printed_columns): Likewise, also for cpp_display_width.
+ (correction::correction): Pass in policy rather than tabstop.
+ (correction::compute_display_cols): Pass m_policy rather than
+ m_tabstop to cpp_display_width.
+ (correction::m_tabstop): Replace with...
+ (correction::m_policy): ...this.
+ (line_corrections::line_corrections): Pass in policy rather than
+ context.
+ (line_corrections::m_context): Replace with...
+ (line_corrections::m_policy): ...this.
+ (line_corrections::add_hint): Update to use m_policy rather than
+ m_context.
+ (line_corrections::add_hint): Likewise.
+ (layout::print_trailing_fixits): Likewise.
+ (selftest::test_display_widths): New.
+ (selftest::test_layout_x_offset_display_utf8): Update to use
+ policy rather than tabstop.
+ (selftest::test_one_liner_labels_utf8): Add test of escaping
+ source lines.
+ (selftest::test_diagnostic_show_locus_one_liner_utf8): Update to
+ use policy rather than tabstop.
+ (selftest::test_overlapped_fixit_printing): Likewise.
+ (selftest::test_overlapped_fixit_printing_utf8): Likewise.
+ (selftest::test_overlapped_fixit_printing_2): Likewise.
+ (selftest::test_tab_expansion): Likewise.
+ (selftest::test_escaping_bytes_1): New.
+ (selftest::test_escaping_bytes_2): New.
+ (selftest::diagnostic_show_locus_c_tests): Call the new tests.
+ * diagnostic.c (diagnostic_initialize): Initialize
+ context->escape_format.
+ (convert_column_unit): Update to use default character width policy.
+ (selftest::test_diagnostic_get_location_text): Likewise.
+ * diagnostic.h (enum diagnostics_escape_format): New enum.
+ (diagnostic_context::escape_format): New field.
+ * doc/invoke.texi (-fdiagnostics-escape-format=): New option.
+ (-fdiagnostics-format=): Add "escape-source" attribute to examples
+ of JSON output, and document it.
+ * input.c (location_compute_display_column): Pass in "policy"
+ rather than "tabstop", passing to
+ cpp_byte_column_to_display_column.
+ (selftest::test_cpp_utf8): Update to use cpp_char_column_policy.
+ * input.h (class cpp_char_column_policy): New forward decl.
+ (location_compute_display_column): Pass in "policy" rather than
+ "tabstop".
+ * opts.c (common_handle_option): Handle
+ OPT_fdiagnostics_escape_format_.
+ * selftest.c (temp_source_file::temp_source_file): New ctor
+ overload taking a size_t.
+ * selftest.h (temp_source_file::temp_source_file): Likewise.
+
+gcc/testsuite/ChangeLog:
+ * c-c++-common/diagnostic-format-json-1.c: Add regexp to consume
+ "escape-source" attribute.
+ * c-c++-common/diagnostic-format-json-2.c: Likewise.
+ * c-c++-common/diagnostic-format-json-3.c: Likewise.
+ * c-c++-common/diagnostic-format-json-4.c: Likewise, twice.
+ * c-c++-common/diagnostic-format-json-5.c: Likewise.
+ * gcc.dg/cpp/warn-normalized-4-bytes.c: New test.
+ * gcc.dg/cpp/warn-normalized-4-unicode.c: New test.
+ * gcc.dg/encoding-issues-bytes.c: New test.
+ * gcc.dg/encoding-issues-unicode.c: New test.
+ * gfortran.dg/diagnostic-format-json-1.F90: Add regexp to consume
+ "escape-source" attribute.
+ * gfortran.dg/diagnostic-format-json-2.F90: Likewise.
+ * gfortran.dg/diagnostic-format-json-3.F90: Likewise.
+
+libcpp/ChangeLog:
+ * charset.c (convert_escape): Use encoding_rich_location when
+ complaining about nonprintable unknown escape sequences.
+ (cpp_display_width_computation::::cpp_display_width_computation):
+ Pass in policy rather than tabstop.
+ (cpp_display_width_computation::process_next_codepoint): Add "out"
+ param and populate *out if non-NULL.
+ (cpp_display_width_computation::advance_display_cols): Pass NULL
+ to process_next_codepoint.
+ (cpp_byte_column_to_display_column): Pass in policy rather than
+ tabstop. Pass NULL to process_next_codepoint.
+ (cpp_display_column_to_byte_column): Pass in policy rather than
+ tabstop.
+ * errors.c (cpp_diagnostic_get_current_location): New function,
+ splitting out the logic from...
+ (cpp_diagnostic): ...here.
+ (cpp_warning_at): New function.
+ (cpp_pedwarning_at): New function.
+ * include/cpplib.h (cpp_warning_at): New decl for rich_location.
+ (cpp_pedwarning_at): Likewise.
+ (struct cpp_decoded_char): New.
+ (struct cpp_char_column_policy): New.
+ (cpp_display_width_computation::cpp_display_width_computation):
+ Replace "tabstop" param with "policy".
+ (cpp_display_width_computation::process_next_codepoint): Add "out"
+ param.
+ (cpp_display_width_computation::m_tabstop): Replace with...
+ (cpp_display_width_computation::m_policy): ...this.
+ (cpp_byte_column_to_display_column): Replace "tabstop" param with
+ "policy".
+ (cpp_display_width): Likewise.
+ (cpp_display_column_to_byte_column): Likewise.
+ * include/line-map.h (rich_location::escape_on_output_p): New.
+ (rich_location::set_escape_on_output): New.
+ (rich_location::m_escape_on_output): New.
+ * internal.h (cpp_diagnostic_get_current_location): New decl.
+ (class encoding_rich_location): New.
+ * lex.c (skip_whitespace): Use encoding_rich_location when
+ complaining about null characters.
+ (warn_about_normalization): Generate a source range when
+ complaining about improperly normalized tokens, rather than just a
+ point, and use encoding_rich_location so that the source code
+ is escaped on printing.
+ * line-map.c (rich_location::rich_location): Initialize
+ m_escape_on_output.
+
+Signed-off-by: David Malcolm <dmalcolm@redhat.com>
+
+CVE: CVE-2021-42574
+Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=bd5e882cf6e0def3dd1bc106075d59a303fe0d1e]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ gcc/c-family/c-lex.c | 6 +-
+ gcc/common.opt | 13 +
+ gcc/diagnostic-format-json.cc | 3 +
+ gcc/diagnostic-show-locus.c | 580 +++++++++++++++---
+ gcc/diagnostic.c | 10 +-
+ gcc/diagnostic.h | 18 +
+ gcc/doc/invoke.texi | 43 +-
+ gcc/input.c | 62 +-
+ gcc/input.h | 7 +-
+ gcc/opts.c | 4 +
+ gcc/selftest.c | 15 +
+ gcc/selftest.h | 2 +
+ .../c-c++-common/diagnostic-format-json-1.c | 1 +
+ .../c-c++-common/diagnostic-format-json-2.c | 1 +
+ .../c-c++-common/diagnostic-format-json-3.c | 1 +
+ .../c-c++-common/diagnostic-format-json-4.c | 2 +
+ .../c-c++-common/diagnostic-format-json-5.c | 1 +
+ .../gcc.dg/cpp/warn-normalized-4-bytes.c | 21 +
+ .../gcc.dg/cpp/warn-normalized-4-unicode.c | 19 +
+ gcc/testsuite/gcc.dg/encoding-issues-bytes.c | Bin 0 -> 595 bytes
+ .../gcc.dg/encoding-issues-unicode.c | Bin 0 -> 613 bytes
+ .../gfortran.dg/diagnostic-format-json-1.F90 | 1 +
+ .../gfortran.dg/diagnostic-format-json-2.F90 | 1 +
+ .../gfortran.dg/diagnostic-format-json-3.F90 | 1 +
+ libcpp/charset.c | 63 +-
+ libcpp/errors.c | 82 ++-
+ libcpp/include/cpplib.h | 76 ++-
+ libcpp/include/line-map.h | 13 +
+ libcpp/internal.h | 23 +
+ libcpp/lex.c | 38 +-
+ libcpp/line-map.c | 3 +-
+ 31 files changed, 942 insertions(+), 168 deletions(-)
+ create mode 100644 gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c
+ create mode 100644 gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c
+ create mode 100644 gcc/testsuite/gcc.dg/encoding-issues-bytes.c
+ create mode 100644 gcc/testsuite/gcc.dg/encoding-issues-unicode.c
+
+diff --git a/gcc/c-family/c-lex.c b/gcc/c-family/c-lex.c
+--- a/gcc/c-family/c-lex.c 2020-07-22 23:35:17.296384022 -0700
++++ b/gcc/c-family/c-lex.c 2021-12-25 01:30:50.669689023 -0800
+@@ -587,7 +587,11 @@ c_lex_with_flags (tree *value, location_
+ else if (ISGRAPH (c))
+ error_at (*loc, "stray %qc in program", (int) c);
+ else
+- error_at (*loc, "stray %<\\%o%> in program", (int) c);
++ {
++ rich_location rich_loc (line_table, *loc);
++ rich_loc.set_escape_on_output (true);
++ error_at (&rich_loc, "stray %<\\%o%> in program", (int) c);
++ }
+ }
+ goto retry;
+
+diff --git a/gcc/common.opt b/gcc/common.opt
+--- a/gcc/common.opt 2021-12-25 01:29:12.915317374 -0800
++++ b/gcc/common.opt 2021-12-25 01:30:50.669689023 -0800
+@@ -1337,6 +1337,10 @@ fdiagnostics-format=
+ Common Joined RejectNegative Enum(diagnostics_output_format)
+ -fdiagnostics-format=[text|json] Select output format.
+
++fdiagnostics-escape-format=
++Common Joined RejectNegative Enum(diagnostics_escape_format)
++-fdiagnostics-escape-format=[unicode|bytes] Select how to escape non-printable-ASCII bytes in the source for diagnostics that suggest it.
++
+ ; Required for these enum values.
+ SourceInclude
+ diagnostic.h
+@@ -1351,6 +1355,15 @@ EnumValue
+ Enum(diagnostics_column_unit) String(byte) Value(DIAGNOSTICS_COLUMN_UNIT_BYTE)
+
+ Enum
++Name(diagnostics_escape_format) Type(int)
++
++EnumValue
++Enum(diagnostics_escape_format) String(unicode) Value(DIAGNOSTICS_ESCAPE_FORMAT_UNICODE)
++
++EnumValue
++Enum(diagnostics_escape_format) String(bytes) Value(DIAGNOSTICS_ESCAPE_FORMAT_BYTES)
++
++Enum
+ Name(diagnostics_output_format) Type(int)
+
+ EnumValue
+diff --git a/gcc/diagnostic.c b/gcc/diagnostic.c
+--- a/gcc/diagnostic.c 2021-12-25 01:29:12.915317374 -0800
++++ b/gcc/diagnostic.c 2021-12-25 01:30:50.669689023 -0800
+@@ -223,6 +223,7 @@ diagnostic_initialize (diagnostic_contex
+ context->column_unit = DIAGNOSTICS_COLUMN_UNIT_DISPLAY;
+ context->column_origin = 1;
+ context->tabstop = 8;
++ context->escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE;
+ context->edit_context_ptr = NULL;
+ context->diagnostic_group_nesting_depth = 0;
+ context->diagnostic_group_emission_count = 0;
+@@ -2152,8 +2153,8 @@ test_diagnostic_get_location_text ()
+ const char *const content = "smile \xf0\x9f\x98\x82\n";
+ const int line_bytes = strlen (content) - 1;
+ const int def_tabstop = 8;
+- const int display_width = cpp_display_width (content, line_bytes,
+- def_tabstop);
++ const cpp_char_column_policy policy (def_tabstop, cpp_wcwidth);
++ const int display_width = cpp_display_width (content, line_bytes, policy);
+ ASSERT_EQ (line_bytes - 2, display_width);
+ temp_source_file tmp (SELFTEST_LOCATION, ".c", content);
+ const char *const fname = tmp.get_filename ();
+diff --git a/gcc/diagnostic-format-json.cc b/gcc/diagnostic-format-json.cc
+--- a/gcc/diagnostic-format-json.cc 2021-12-25 01:29:12.915317374 -0800
++++ b/gcc/diagnostic-format-json.cc 2021-12-25 01:30:50.669689023 -0800
+@@ -264,6 +264,9 @@ json_end_diagnostic (diagnostic_context
+ json::value *path_value = context->make_json_for_path (context, path);
+ diag_obj->set ("path", path_value);
+ }
++
++ diag_obj->set ("escape-source",
++ new json::literal (richloc->escape_on_output_p ()));
+ }
+
+ /* No-op implementation of "begin_group_cb" for JSON output. */
+diff --git a/gcc/diagnostic.h b/gcc/diagnostic.h
+--- a/gcc/diagnostic.h 2021-12-25 01:29:12.919317307 -0800
++++ b/gcc/diagnostic.h 2021-12-25 01:30:50.669689023 -0800
+@@ -38,6 +38,20 @@ enum diagnostics_column_unit
+ DIAGNOSTICS_COLUMN_UNIT_BYTE
+ };
+
++/* An enum for controlling how to print non-ASCII characters/bytes when
++ a diagnostic suggests escaping the source code on output. */
++
++enum diagnostics_escape_format
++{
++ /* Escape non-ASCII Unicode characters in the form <U+XXXX> and
++ non-UTF-8 bytes in the form <XX>. */
++ DIAGNOSTICS_ESCAPE_FORMAT_UNICODE,
++
++ /* Escape non-ASCII bytes in the form <XX> (thus showing the underlying
++ encoding of non-ASCII Unicode characters). */
++ DIAGNOSTICS_ESCAPE_FORMAT_BYTES
++};
++
+ /* Enum for overriding the standard output format. */
+
+ enum diagnostics_output_format
+@@ -303,6 +317,10 @@ struct diagnostic_context
+ /* The size of the tabstop for tab expansion. */
+ int tabstop;
+
++ /* How should non-ASCII/non-printable bytes be escaped when
++ a diagnostic suggests escaping the source code on output. */
++ enum diagnostics_escape_format escape_format;
++
+ /* If non-NULL, an edit_context to which fix-it hints should be
+ applied, for generating patches. */
+ edit_context *edit_context_ptr;
+diff --git a/gcc/diagnostic-show-locus.c b/gcc/diagnostic-show-locus.c
+--- a/gcc/diagnostic-show-locus.c 2021-12-25 01:29:12.919317307 -0800
++++ b/gcc/diagnostic-show-locus.c 2021-12-25 01:30:50.673688956 -0800
+@@ -175,10 +175,26 @@ enum column_unit {
+ class exploc_with_display_col : public expanded_location
+ {
+ public:
+- exploc_with_display_col (const expanded_location &exploc, int tabstop)
+- : expanded_location (exploc),
+- m_display_col (location_compute_display_column (exploc, tabstop))
+- {}
++ exploc_with_display_col (const expanded_location &exploc,
++ const cpp_char_column_policy &policy,
++ enum location_aspect aspect)
++ : expanded_location (exploc),
++ m_display_col (location_compute_display_column (exploc, policy))
++ {
++ if (exploc.column > 0)
++ {
++ /* m_display_col is now the final column of the byte.
++ If escaping has happened, we may want the first column instead. */
++ if (aspect != LOCATION_ASPECT_FINISH)
++ {
++ expanded_location prev_exploc (exploc);
++ prev_exploc.column--;
++ int prev_display_col
++ = (location_compute_display_column (prev_exploc, policy));
++ m_display_col = prev_display_col + 1;
++ }
++ }
++ }
+
+ int m_display_col;
+ };
+@@ -313,6 +329,31 @@ test_line_span ()
+
+ #endif /* #if CHECKING_P */
+
++/* A bundle of information containing how to print unicode
++ characters and bytes when quoting source code.
++
++ Provides a unified place to support escaping some subset
++ of characters to some format.
++
++ Extends char_column_policy; printing is split out to avoid
++ libcpp having to know about pretty_printer. */
++
++struct char_display_policy : public cpp_char_column_policy
++{
++ public:
++ char_display_policy (int tabstop,
++ int (*width_cb) (cppchar_t c),
++ void (*print_cb) (pretty_printer *pp,
++ const cpp_decoded_char &cp))
++ : cpp_char_column_policy (tabstop, width_cb),
++ m_print_cb (print_cb)
++ {
++ }
++
++ void (*m_print_cb) (pretty_printer *pp,
++ const cpp_decoded_char &cp);
++};
++
+ /* A class to control the overall layout when printing a diagnostic.
+
+ The layout is determined within the constructor.
+@@ -345,6 +386,8 @@ class layout
+
+ void print_line (linenum_type row);
+
++ void on_bad_codepoint (const char *ptr, cppchar_t ch, size_t ch_sz);
++
+ private:
+ bool will_show_line_p (linenum_type row) const;
+ void print_leading_fixits (linenum_type row);
+@@ -386,6 +429,7 @@ class layout
+ private:
+ diagnostic_context *m_context;
+ pretty_printer *m_pp;
++ char_display_policy m_policy;
+ location_t m_primary_loc;
+ exploc_with_display_col m_exploc;
+ colorizer m_colorizer;
+@@ -398,6 +442,7 @@ class layout
+ auto_vec <line_span> m_line_spans;
+ int m_linenum_width;
+ int m_x_offset_display;
++ bool m_escape_on_output;
+ };
+
+ /* Implementation of "class colorizer". */
+@@ -646,6 +691,11 @@ layout_range::intersects_line_p (linenum
+ /* Default for when we don't care what the tab expansion is set to. */
+ static const int def_tabstop = 8;
+
++static cpp_char_column_policy def_policy ()
++{
++ return cpp_char_column_policy (8, cpp_wcwidth);
++}
++
+ /* Create some expanded locations for testing layout_range. The filename
+ member of the explocs is set to the empty string. This member will only be
+ inspected by the calls to location_compute_display_column() made from the
+@@ -662,10 +712,13 @@ make_range (int start_line, int start_co
+ = {"", start_line, start_col, NULL, false};
+ const expanded_location finish_exploc
+ = {"", end_line, end_col, NULL, false};
+- return layout_range (exploc_with_display_col (start_exploc, def_tabstop),
+- exploc_with_display_col (finish_exploc, def_tabstop),
++ return layout_range (exploc_with_display_col (start_exploc, def_policy (),
++ LOCATION_ASPECT_START),
++ exploc_with_display_col (finish_exploc, def_policy (),
++ LOCATION_ASPECT_FINISH),
+ SHOW_RANGE_WITHOUT_CARET,
+- exploc_with_display_col (start_exploc, def_tabstop),
++ exploc_with_display_col (start_exploc, def_policy (),
++ LOCATION_ASPECT_CARET),
+ 0, NULL);
+ }
+
+@@ -950,6 +1003,164 @@ fixit_cmp (const void *p_a, const void *
+ return hint_a->get_start_loc () - hint_b->get_start_loc ();
+ }
+
++/* Callbacks for use when not escaping the source. */
++
++/* The default callback for char_column_policy::m_width_cb is cpp_wcwidth. */
++
++/* Callback for char_display_policy::m_print_cb for printing source chars
++ when not escaping the source. */
++
++static void
++default_print_decoded_ch (pretty_printer *pp,
++ const cpp_decoded_char &decoded_ch)
++{
++ for (const char *ptr = decoded_ch.m_start_byte;
++ ptr != decoded_ch.m_next_byte; ptr++)
++ {
++ if (*ptr == '\0' || *ptr == '\r')
++ {
++ pp_space (pp);
++ continue;
++ }
++
++ pp_character (pp, *ptr);
++ }
++}
++
++/* Callbacks for use with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */
++
++static const int width_per_escaped_byte = 4;
++
++/* Callback for char_column_policy::m_width_cb for determining the
++ display width when escaping with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */
++
++static int
++escape_as_bytes_width (cppchar_t ch)
++{
++ if (ch < 0x80 && ISPRINT (ch))
++ return cpp_wcwidth (ch);
++ else
++ {
++ if (ch <= 0x7F) return 1 * width_per_escaped_byte;
++ if (ch <= 0x7FF) return 2 * width_per_escaped_byte;
++ if (ch <= 0xFFFF) return 3 * width_per_escaped_byte;
++ return 4 * width_per_escaped_byte;
++ }
++}
++
++/* Callback for char_display_policy::m_print_cb for printing source chars
++ when escaping with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */
++
++static void
++escape_as_bytes_print (pretty_printer *pp,
++ const cpp_decoded_char &decoded_ch)
++{
++ if (!decoded_ch.m_valid_ch)
++ {
++ for (const char *iter = decoded_ch.m_start_byte;
++ iter != decoded_ch.m_next_byte; ++iter)
++ {
++ char buf[16];
++ sprintf (buf, "<%02x>", (unsigned char)*iter);
++ pp_string (pp, buf);
++ }
++ return;
++ }
++
++ cppchar_t ch = decoded_ch.m_ch;
++ if (ch < 0x80 && ISPRINT (ch))
++ pp_character (pp, ch);
++ else
++ {
++ for (const char *iter = decoded_ch.m_start_byte;
++ iter < decoded_ch.m_next_byte; ++iter)
++ {
++ char buf[16];
++ sprintf (buf, "<%02x>", (unsigned char)*iter);
++ pp_string (pp, buf);
++ }
++ }
++}
++
++/* Callbacks for use with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */
++
++/* Callback for char_column_policy::m_width_cb for determining the
++ display width when escaping with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */
++
++static int
++escape_as_unicode_width (cppchar_t ch)
++{
++ if (ch < 0x80 && ISPRINT (ch))
++ return cpp_wcwidth (ch);
++ else
++ {
++ // Width of "<U+%04x>"
++ if (ch > 0xfffff)
++ return 10;
++ else if (ch > 0xffff)
++ return 9;
++ else
++ return 8;
++ }
++}
++
++/* Callback for char_display_policy::m_print_cb for printing source chars
++ when escaping with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */
++
++static void
++escape_as_unicode_print (pretty_printer *pp,
++ const cpp_decoded_char &decoded_ch)
++{
++ if (!decoded_ch.m_valid_ch)
++ {
++ escape_as_bytes_print (pp, decoded_ch);
++ return;
++ }
++
++ cppchar_t ch = decoded_ch.m_ch;
++ if (ch < 0x80 && ISPRINT (ch))
++ pp_character (pp, ch);
++ else
++ {
++ char buf[16];
++ sprintf (buf, "<U+%04X>", ch);
++ pp_string (pp, buf);
++ }
++}
++
++/* Populate a char_display_policy based on DC and RICHLOC. */
++
++static char_display_policy
++make_policy (const diagnostic_context &dc,
++ const rich_location &richloc)
++{
++ /* The default is to not escape non-ASCII bytes. */
++ char_display_policy result
++ (dc.tabstop, cpp_wcwidth, default_print_decoded_ch);
++
++ /* If the diagnostic suggests escaping non-ASCII bytes, then
++ use policy from user-supplied options. */
++ if (richloc.escape_on_output_p ())
++ {
++ result.m_undecoded_byte_width = width_per_escaped_byte;
++ switch (dc.escape_format)
++ {
++ default:
++ gcc_unreachable ();
++ case DIAGNOSTICS_ESCAPE_FORMAT_UNICODE:
++ result.m_width_cb = escape_as_unicode_width;
++ result.m_print_cb = escape_as_unicode_print;
++ break;
++ case DIAGNOSTICS_ESCAPE_FORMAT_BYTES:
++ result.m_width_cb = escape_as_bytes_width;
++ result.m_print_cb = escape_as_bytes_print;
++ break;
++ }
++ }
++
++ return result;
++}
++
+ /* Implementation of class layout. */
+
+ /* Constructor for class layout.
+@@ -966,8 +1177,10 @@ layout::layout (diagnostic_context * con
+ diagnostic_t diagnostic_kind)
+ : m_context (context),
+ m_pp (context->printer),
++ m_policy (make_policy (*context, *richloc)),
+ m_primary_loc (richloc->get_range (0)->m_loc),
+- m_exploc (richloc->get_expanded_location (0), context->tabstop),
++ m_exploc (richloc->get_expanded_location (0), m_policy,
++ LOCATION_ASPECT_CARET),
+ m_colorizer (context, diagnostic_kind),
+ m_colorize_source_p (context->colorize_source_p),
+ m_show_labels_p (context->show_labels_p),
+@@ -977,7 +1190,8 @@ layout::layout (diagnostic_context * con
+ m_fixit_hints (richloc->get_num_fixit_hints ()),
+ m_line_spans (1 + richloc->get_num_locations ()),
+ m_linenum_width (0),
+- m_x_offset_display (0)
++ m_x_offset_display (0),
++ m_escape_on_output (richloc->escape_on_output_p ())
+ {
+ for (unsigned int idx = 0; idx < richloc->get_num_locations (); idx++)
+ {
+@@ -1063,10 +1277,13 @@ layout::maybe_add_location_range (const
+
+ /* Everything is now known to be in the correct source file,
+ but it may require further sanitization. */
+- layout_range ri (exploc_with_display_col (start, m_context->tabstop),
+- exploc_with_display_col (finish, m_context->tabstop),
++ layout_range ri (exploc_with_display_col (start, m_policy,
++ LOCATION_ASPECT_START),
++ exploc_with_display_col (finish, m_policy,
++ LOCATION_ASPECT_FINISH),
+ loc_range->m_range_display_kind,
+- exploc_with_display_col (caret, m_context->tabstop),
++ exploc_with_display_col (caret, m_policy,
++ LOCATION_ASPECT_CARET),
+ original_idx, loc_range->m_label);
+
+ /* If we have a range that finishes before it starts (perhaps
+@@ -1400,7 +1617,7 @@ layout::calculate_x_offset_display ()
+ = get_line_bytes_without_trailing_whitespace (line.get_buffer (),
+ line.length ());
+ int eol_display_column
+- = cpp_display_width (line.get_buffer (), line_bytes, m_context->tabstop);
++ = cpp_display_width (line.get_buffer (), line_bytes, m_policy);
+ if (caret_display_column > eol_display_column
+ || !caret_display_column)
+ {
+@@ -1479,7 +1696,7 @@ layout::print_source_line (linenum_type
+ /* This object helps to keep track of which display column we are at, which is
+ necessary for computing the line bounds in display units, for doing
+ tab expansion, and for implementing m_x_offset_display. */
+- cpp_display_width_computation dw (line, line_bytes, m_context->tabstop);
++ cpp_display_width_computation dw (line, line_bytes, m_policy);
+
+ /* Skip the first m_x_offset_display display columns. In case the leading
+ portion that will be skipped ends with a character with wcwidth > 1, then
+@@ -1527,7 +1744,8 @@ layout::print_source_line (linenum_type
+ tabs and replacing some control bytes with spaces as necessary. */
+ const char *c = dw.next_byte ();
+ const int start_disp_col = dw.display_cols_processed () + 1;
+- const int this_display_width = dw.process_next_codepoint ();
++ cpp_decoded_char cp;
++ const int this_display_width = dw.process_next_codepoint (&cp);
+ if (*c == '\t')
+ {
+ /* The returned display width is the number of spaces into which the
+@@ -1536,15 +1754,6 @@ layout::print_source_line (linenum_type
+ pp_space (m_pp);
+ continue;
+ }
+- if (*c == '\0' || *c == '\r')
+- {
+- /* cpp_wcwidth() promises to return 1 for all control bytes, and we
+- want to output these as a single space too, so this case is
+- actually the same as the '\t' case. */
+- gcc_assert (this_display_width == 1);
+- pp_space (m_pp);
+- continue;
+- }
+
+ /* We have a (possibly multibyte) character to output; update the line
+ bounds if it is not whitespace. */
+@@ -1556,7 +1765,8 @@ layout::print_source_line (linenum_type
+ }
+
+ /* Output the character. */
+- while (c != dw.next_byte ()) pp_character (m_pp, *c++);
++ m_policy.m_print_cb (m_pp, cp);
++ c = dw.next_byte ();
+ }
+ print_newline ();
+ return lbounds;
+@@ -1655,14 +1865,14 @@ layout::print_annotation_line (linenum_t
+ class line_label
+ {
+ public:
+- line_label (diagnostic_context *context, int state_idx, int column,
++ line_label (const cpp_char_column_policy &policy,
++ int state_idx, int column,
+ label_text text)
+ : m_state_idx (state_idx), m_column (column),
+ m_text (text), m_label_line (0), m_has_vbar (true)
+ {
+ const int bytes = strlen (text.m_buffer);
+- m_display_width
+- = cpp_display_width (text.m_buffer, bytes, context->tabstop);
++ m_display_width = cpp_display_width (text.m_buffer, bytes, policy);
+ }
+
+ /* Sorting is primarily by column, then by state index. */
+@@ -1722,7 +1932,7 @@ layout::print_any_labels (linenum_type r
+ if (text.m_buffer == NULL)
+ continue;
+
+- labels.safe_push (line_label (m_context, i, disp_col, text));
++ labels.safe_push (line_label (m_policy, i, disp_col, text));
+ }
+ }
+
+@@ -2002,7 +2212,7 @@ public:
+
+ /* Get the range of bytes or display columns that HINT would affect. */
+ static column_range
+-get_affected_range (diagnostic_context *context,
++get_affected_range (const cpp_char_column_policy &policy,
+ const fixit_hint *hint, enum column_unit col_unit)
+ {
+ expanded_location exploc_start = expand_location (hint->get_start_loc ());
+@@ -2013,13 +2223,11 @@ get_affected_range (diagnostic_context *
+ int finish_column;
+ if (col_unit == CU_DISPLAY_COLS)
+ {
+- start_column
+- = location_compute_display_column (exploc_start, context->tabstop);
++ start_column = location_compute_display_column (exploc_start, policy);
+ if (hint->insertion_p ())
+ finish_column = start_column - 1;
+ else
+- finish_column
+- = location_compute_display_column (exploc_finish, context->tabstop);
++ finish_column = location_compute_display_column (exploc_finish, policy);
+ }
+ else
+ {
+@@ -2032,12 +2240,13 @@ get_affected_range (diagnostic_context *
+ /* Get the range of display columns that would be printed for HINT. */
+
+ static column_range
+-get_printed_columns (diagnostic_context *context, const fixit_hint *hint)
++get_printed_columns (const cpp_char_column_policy &policy,
++ const fixit_hint *hint)
+ {
+ expanded_location exploc = expand_location (hint->get_start_loc ());
+- int start_column = location_compute_display_column (exploc, context->tabstop);
++ int start_column = location_compute_display_column (exploc, policy);
+ int hint_width = cpp_display_width (hint->get_string (), hint->get_length (),
+- context->tabstop);
++ policy);
+ int final_hint_column = start_column + hint_width - 1;
+ if (hint->insertion_p ())
+ {
+@@ -2047,8 +2256,7 @@ get_printed_columns (diagnostic_context
+ {
+ exploc = expand_location (hint->get_next_loc ());
+ --exploc.column;
+- int finish_column
+- = location_compute_display_column (exploc, context->tabstop);
++ int finish_column = location_compute_display_column (exploc, policy);
+ return column_range (start_column,
+ MAX (finish_column, final_hint_column));
+ }
+@@ -2066,13 +2274,13 @@ public:
+ column_range affected_columns,
+ column_range printed_columns,
+ const char *new_text, size_t new_text_len,
+- int tabstop)
++ const cpp_char_column_policy &policy)
+ : m_affected_bytes (affected_bytes),
+ m_affected_columns (affected_columns),
+ m_printed_columns (printed_columns),
+ m_text (xstrdup (new_text)),
+ m_byte_length (new_text_len),
+- m_tabstop (tabstop),
++ m_policy (policy),
+ m_alloc_sz (new_text_len + 1)
+ {
+ compute_display_cols ();
+@@ -2090,7 +2298,7 @@ public:
+
+ void compute_display_cols ()
+ {
+- m_display_cols = cpp_display_width (m_text, m_byte_length, m_tabstop);
++ m_display_cols = cpp_display_width (m_text, m_byte_length, m_policy);
+ }
+
+ void overwrite (int dst_offset, const char_span &src_span)
+@@ -2118,7 +2326,7 @@ public:
+ char *m_text;
+ size_t m_byte_length; /* Not including null-terminator. */
+ int m_display_cols;
+- int m_tabstop;
++ const cpp_char_column_policy &m_policy;
+ size_t m_alloc_sz;
+ };
+
+@@ -2154,15 +2362,16 @@ correction::ensure_terminated ()
+ class line_corrections
+ {
+ public:
+- line_corrections (diagnostic_context *context, const char *filename,
++ line_corrections (const char_display_policy &policy,
++ const char *filename,
+ linenum_type row)
+- : m_context (context), m_filename (filename), m_row (row)
++ : m_policy (policy), m_filename (filename), m_row (row)
+ {}
+ ~line_corrections ();
+
+ void add_hint (const fixit_hint *hint);
+
+- diagnostic_context *m_context;
++ const char_display_policy &m_policy;
+ const char *m_filename;
+ linenum_type m_row;
+ auto_vec <correction *> m_corrections;
+@@ -2208,10 +2417,10 @@ source_line::source_line (const char *fi
+ void
+ line_corrections::add_hint (const fixit_hint *hint)
+ {
+- column_range affected_bytes = get_affected_range (m_context, hint, CU_BYTES);
+- column_range affected_columns = get_affected_range (m_context, hint,
++ column_range affected_bytes = get_affected_range (m_policy, hint, CU_BYTES);
++ column_range affected_columns = get_affected_range (m_policy, hint,
+ CU_DISPLAY_COLS);
+- column_range printed_columns = get_printed_columns (m_context, hint);
++ column_range printed_columns = get_printed_columns (m_policy, hint);
+
+ /* Potentially consolidate. */
+ if (!m_corrections.is_empty ())
+@@ -2280,7 +2489,7 @@ line_corrections::add_hint (const fixit_
+ printed_columns,
+ hint->get_string (),
+ hint->get_length (),
+- m_context->tabstop));
++ m_policy));
+ }
+
+ /* If there are any fixit hints on source line ROW, print them.
+@@ -2294,7 +2503,7 @@ layout::print_trailing_fixits (linenum_t
+ {
+ /* Build a list of correction instances for the line,
+ potentially consolidating hints (for the sake of readability). */
+- line_corrections corrections (m_context, m_exploc.file, row);
++ line_corrections corrections (m_policy, m_exploc.file, row);
+ for (unsigned int i = 0; i < m_fixit_hints.length (); i++)
+ {
+ const fixit_hint *hint = m_fixit_hints[i];
+@@ -2635,6 +2844,59 @@ namespace selftest {
+
+ /* Selftests for diagnostic_show_locus. */
+
++/* Verify that cpp_display_width correctly handles escaping. */
++
++static void
++test_display_widths ()
++{
++ gcc_rich_location richloc (UNKNOWN_LOCATION);
++
++ /* U+03C0 "GREEK SMALL LETTER PI". */
++ const char *pi = "\xCF\x80";
++ /* U+1F642 "SLIGHTLY SMILING FACE". */
++ const char *emoji = "\xF0\x9F\x99\x82";
++ /* Stray trailing byte of a UTF-8 character. */
++ const char *stray = "\xBF";
++ /* U+10FFFF. */
++ const char *max_codepoint = "\xF4\x8F\xBF\xBF";
++
++ /* No escaping. */
++ {
++ test_diagnostic_context dc;
++ char_display_policy policy (make_policy (dc, richloc));
++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 1);
++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 2);
++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 1);
++ /* Don't check width of U+10FFFF; it's in a private use plane. */
++ }
++
++ richloc.set_escape_on_output (true);
++
++ {
++ test_diagnostic_context dc;
++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE;
++ char_display_policy policy (make_policy (dc, richloc));
++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 8);
++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 9);
++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 4);
++ ASSERT_EQ (cpp_display_width (max_codepoint, strlen (max_codepoint),
++ policy),
++ strlen ("<U+10FFFF>"));
++ }
++
++ {
++ test_diagnostic_context dc;
++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES;
++ char_display_policy policy (make_policy (dc, richloc));
++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 8);
++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 16);
++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 4);
++ ASSERT_EQ (cpp_display_width (max_codepoint, strlen (max_codepoint),
++ policy),
++ 16);
++ }
++}
++
+ /* For precise tests of the layout, make clear where the source line will
+ start. test_left_margin sets the total byte count from the left side of the
+ screen to the start of source lines, after the line number and the separator,
+@@ -2704,10 +2966,10 @@ test_layout_x_offset_display_utf8 (const
+ char_span lspan = location_get_source_line (tmp.get_filename (), 1);
+ ASSERT_EQ (line_display_cols,
+ cpp_display_width (lspan.get_buffer (), lspan.length (),
+- def_tabstop));
++ def_policy ()));
+ ASSERT_EQ (line_display_cols,
+ location_compute_display_column (expand_location (line_end),
+- def_tabstop));
++ def_policy ()));
+ ASSERT_EQ (0, memcmp (lspan.get_buffer () + (emoji_col - 1),
+ "\xf0\x9f\x98\x82\xf0\x9f\x98\x82", 8));
+
+@@ -2855,12 +3117,13 @@ test_layout_x_offset_display_tab (const
+ ASSERT_EQ ('\t', *(lspan.get_buffer () + (tab_col - 1)));
+ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop)
+ {
++ cpp_char_column_policy policy (tabstop, cpp_wcwidth);
+ ASSERT_EQ (line_bytes + extra_width[tabstop],
+ cpp_display_width (lspan.get_buffer (), lspan.length (),
+- tabstop));
++ policy));
+ ASSERT_EQ (line_bytes + extra_width[tabstop],
+ location_compute_display_column (expand_location (line_end),
+- tabstop));
++ policy));
+ }
+
+ /* Check that the tab is expanded to the expected number of spaces. */
+@@ -3992,6 +4255,43 @@ test_one_liner_labels_utf8 ()
+ " bb\xf0\x9f\x98\x82\xf0\x9f\x98\x82\n",
+ pp_formatted_text (dc.printer));
+ }
++
++ /* Example of escaping the source lines. */
++ {
++ text_range_label label0 ("label 0\xf0\x9f\x98\x82");
++ text_range_label label1 ("label 1\xcf\x80");
++ text_range_label label2 ("label 2\xcf\x80");
++ gcc_rich_location richloc (foo, &label0);
++ richloc.add_range (bar, SHOW_RANGE_WITHOUT_CARET, &label1);
++ richloc.add_range (field, SHOW_RANGE_WITHOUT_CARET, &label2);
++ richloc.set_escape_on_output (true);
++
++ {
++ test_diagnostic_context dc;
++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE;
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++ ASSERT_STREQ (" <U+1F602>_foo = <U+03C0>_bar.<U+1F602>_field<U+03C0>;\n"
++ " ^~~~~~~~~~~~~ ~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~\n"
++ " | | |\n"
++ " | | label 2\xcf\x80\n"
++ " | label 1\xcf\x80\n"
++ " label 0\xf0\x9f\x98\x82\n",
++ pp_formatted_text (dc.printer));
++ }
++ {
++ test_diagnostic_context dc;
++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES;
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++ ASSERT_STREQ
++ (" <f0><9f><98><82>_foo = <cf><80>_bar.<f0><9f><98><82>_field<cf><80>;\n"
++ " ^~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"
++ " | | |\n"
++ " | | label 2\xcf\x80\n"
++ " | label 1\xcf\x80\n"
++ " label 0\xf0\x9f\x98\x82\n",
++ pp_formatted_text (dc.printer));
++ }
++ }
+ }
+
+ /* Make sure that colorization codes don't interrupt a multibyte
+@@ -4046,9 +4346,9 @@ test_diagnostic_show_locus_one_liner_utf
+
+ char_span lspan = location_get_source_line (tmp.get_filename (), 1);
+ ASSERT_EQ (25, cpp_display_width (lspan.get_buffer (), lspan.length (),
+- def_tabstop));
++ def_policy ()));
+ ASSERT_EQ (25, location_compute_display_column (expand_location (line_end),
+- def_tabstop));
++ def_policy ()));
+
+ test_one_liner_simple_caret_utf8 ();
+ test_one_liner_caret_and_range_utf8 ();
+@@ -4434,30 +4734,31 @@ test_overlapped_fixit_printing (const li
+ pp_formatted_text (dc.printer));
+
+ /* Unit-test the line_corrections machinery. */
++ char_display_policy policy (make_policy (dc, richloc));
+ ASSERT_EQ (3, richloc.get_num_fixit_hints ());
+ const fixit_hint *hint_0 = richloc.get_fixit_hint (0);
+ ASSERT_EQ (column_range (12, 12),
+- get_affected_range (&dc, hint_0, CU_BYTES));
++ get_affected_range (policy, hint_0, CU_BYTES));
+ ASSERT_EQ (column_range (12, 12),
+- get_affected_range (&dc, hint_0, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0));
++ get_affected_range (policy, hint_0, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (12, 22), get_printed_columns (policy, hint_0));
+ const fixit_hint *hint_1 = richloc.get_fixit_hint (1);
+ ASSERT_EQ (column_range (18, 18),
+- get_affected_range (&dc, hint_1, CU_BYTES));
++ get_affected_range (policy, hint_1, CU_BYTES));
+ ASSERT_EQ (column_range (18, 18),
+- get_affected_range (&dc, hint_1, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1));
++ get_affected_range (policy, hint_1, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (18, 20), get_printed_columns (policy, hint_1));
+ const fixit_hint *hint_2 = richloc.get_fixit_hint (2);
+ ASSERT_EQ (column_range (29, 28),
+- get_affected_range (&dc, hint_2, CU_BYTES));
++ get_affected_range (policy, hint_2, CU_BYTES));
+ ASSERT_EQ (column_range (29, 28),
+- get_affected_range (&dc, hint_2, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (29, 29), get_printed_columns (&dc, hint_2));
++ get_affected_range (policy, hint_2, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (29, 29), get_printed_columns (policy, hint_2));
+
+ /* Add each hint in turn to a line_corrections instance,
+ and verify that they are consolidated into one correction instance
+ as expected. */
+- line_corrections lc (&dc, tmp.get_filename (), 1);
++ line_corrections lc (policy, tmp.get_filename (), 1);
+
+ /* The first replace hint by itself. */
+ lc.add_hint (hint_0);
+@@ -4649,30 +4950,31 @@ test_overlapped_fixit_printing_utf8 (con
+ pp_formatted_text (dc.printer));
+
+ /* Unit-test the line_corrections machinery. */
++ char_display_policy policy (make_policy (dc, richloc));
+ ASSERT_EQ (3, richloc.get_num_fixit_hints ());
+ const fixit_hint *hint_0 = richloc.get_fixit_hint (0);
+ ASSERT_EQ (column_range (14, 14),
+- get_affected_range (&dc, hint_0, CU_BYTES));
++ get_affected_range (policy, hint_0, CU_BYTES));
+ ASSERT_EQ (column_range (12, 12),
+- get_affected_range (&dc, hint_0, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0));
++ get_affected_range (policy, hint_0, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (12, 22), get_printed_columns (policy, hint_0));
+ const fixit_hint *hint_1 = richloc.get_fixit_hint (1);
+ ASSERT_EQ (column_range (22, 22),
+- get_affected_range (&dc, hint_1, CU_BYTES));
++ get_affected_range (policy, hint_1, CU_BYTES));
+ ASSERT_EQ (column_range (18, 18),
+- get_affected_range (&dc, hint_1, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1));
++ get_affected_range (policy, hint_1, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (18, 20), get_printed_columns (policy, hint_1));
+ const fixit_hint *hint_2 = richloc.get_fixit_hint (2);
+ ASSERT_EQ (column_range (35, 34),
+- get_affected_range (&dc, hint_2, CU_BYTES));
++ get_affected_range (policy, hint_2, CU_BYTES));
+ ASSERT_EQ (column_range (30, 29),
+- get_affected_range (&dc, hint_2, CU_DISPLAY_COLS));
+- ASSERT_EQ (column_range (30, 30), get_printed_columns (&dc, hint_2));
++ get_affected_range (policy, hint_2, CU_DISPLAY_COLS));
++ ASSERT_EQ (column_range (30, 30), get_printed_columns (policy, hint_2));
+
+ /* Add each hint in turn to a line_corrections instance,
+ and verify that they are consolidated into one correction instance
+ as expected. */
+- line_corrections lc (&dc, tmp.get_filename (), 1);
++ line_corrections lc (policy, tmp.get_filename (), 1);
+
+ /* The first replace hint by itself. */
+ lc.add_hint (hint_0);
+@@ -4866,15 +5168,16 @@ test_overlapped_fixit_printing_2 (const
+ richloc.add_fixit_insert_before (col_21, "}");
+
+ /* These fixits should be accepted; they can't be consolidated. */
++ char_display_policy policy (make_policy (dc, richloc));
+ ASSERT_EQ (2, richloc.get_num_fixit_hints ());
+ const fixit_hint *hint_0 = richloc.get_fixit_hint (0);
+ ASSERT_EQ (column_range (23, 22),
+- get_affected_range (&dc, hint_0, CU_BYTES));
+- ASSERT_EQ (column_range (23, 23), get_printed_columns (&dc, hint_0));
++ get_affected_range (policy, hint_0, CU_BYTES));
++ ASSERT_EQ (column_range (23, 23), get_printed_columns (policy, hint_0));
+ const fixit_hint *hint_1 = richloc.get_fixit_hint (1);
+ ASSERT_EQ (column_range (21, 20),
+- get_affected_range (&dc, hint_1, CU_BYTES));
+- ASSERT_EQ (column_range (21, 21), get_printed_columns (&dc, hint_1));
++ get_affected_range (policy, hint_1, CU_BYTES));
++ ASSERT_EQ (column_range (21, 21), get_printed_columns (policy, hint_1));
+
+ /* Verify that they're printed correctly. */
+ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
+@@ -5141,10 +5444,11 @@ test_tab_expansion (const line_table_cas
+ ....................123 45678901234 56789012345 columns */
+
+ const int tabstop = 8;
++ cpp_char_column_policy policy (tabstop, cpp_wcwidth);
+ const int first_non_ws_byte_col = 7;
+ const int right_quote_byte_col = 15;
+ const int last_byte_col = 25;
+- ASSERT_EQ (35, cpp_display_width (content, last_byte_col, tabstop));
++ ASSERT_EQ (35, cpp_display_width (content, last_byte_col, policy));
+
+ temp_source_file tmp (SELFTEST_LOCATION, ".c", content);
+ line_table_test ltt (case_);
+@@ -5187,6 +5491,114 @@ test_tab_expansion (const line_table_cas
+ }
+ }
+
++/* Verify that the escaping machinery can cope with a variety of different
++ invalid bytes. */
++
++static void
++test_escaping_bytes_1 (const line_table_case &case_)
++{
++ const char content[] = "before\0\1\2\3\r\x80\xff""after\n";
++ const size_t sz = sizeof (content);
++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content, sz);
++ line_table_test ltt (case_);
++ const line_map_ordinary *ord_map = linemap_check_ordinary
++ (linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 0));
++ linemap_line_start (line_table, 1, 100);
++
++ location_t finish
++ = linemap_position_for_line_and_column (line_table, ord_map, 1,
++ strlen (content));
++
++ if (finish > LINE_MAP_MAX_LOCATION_WITH_COLS)
++ return;
++
++ /* Locations of the NUL and \r bytes. */
++ location_t nul_loc
++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 7);
++ location_t r_loc
++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 11);
++ gcc_rich_location richloc (nul_loc);
++ richloc.add_range (r_loc);
++
++ {
++ test_diagnostic_context dc;
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++ ASSERT_STREQ (" before \1\2\3 \x80\xff""after\n"
++ " ^ ~\n",
++ pp_formatted_text (dc.printer));
++ }
++ richloc.set_escape_on_output (true);
++ {
++ test_diagnostic_context dc;
++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE;
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++ ASSERT_STREQ
++ (" before<U+0000><U+0001><U+0002><U+0003><U+000D><80><ff>after\n"
++ " ^~~~~~~~ ~~~~~~~~\n",
++ pp_formatted_text (dc.printer));
++ }
++ {
++ test_diagnostic_context dc;
++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES;
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++ ASSERT_STREQ (" before<00><01><02><03><0d><80><ff>after\n"
++ " ^~~~ ~~~~\n",
++ pp_formatted_text (dc.printer));
++ }
++}
++
++/* As above, but verify that we handle the initial byte of a line
++ correctly. */
++
++static void
++test_escaping_bytes_2 (const line_table_case &case_)
++{
++ const char content[] = "\0after\n";
++ const size_t sz = sizeof (content);
++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content, sz);
++ line_table_test ltt (case_);
++ const line_map_ordinary *ord_map = linemap_check_ordinary
++ (linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 0));
++ linemap_line_start (line_table, 1, 100);
++
++ location_t finish
++ = linemap_position_for_line_and_column (line_table, ord_map, 1,
++ strlen (content));
++
++ if (finish > LINE_MAP_MAX_LOCATION_WITH_COLS)
++ return;
++
++ /* Location of the NUL byte. */
++ location_t nul_loc
++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 1);
++ gcc_rich_location richloc (nul_loc);
++
++ {
++ test_diagnostic_context dc;
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++ ASSERT_STREQ (" after\n"
++ " ^\n",
++ pp_formatted_text (dc.printer));
++ }
++ richloc.set_escape_on_output (true);
++ {
++ test_diagnostic_context dc;
++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE;
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++ ASSERT_STREQ (" <U+0000>after\n"
++ " ^~~~~~~~\n",
++ pp_formatted_text (dc.printer));
++ }
++ {
++ test_diagnostic_context dc;
++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES;
++ diagnostic_show_locus (&dc, &richloc, DK_ERROR);
++ ASSERT_STREQ (" <00>after\n"
++ " ^~~~\n",
++ pp_formatted_text (dc.printer));
++ }
++}
++
+ /* Verify that line numbers are correctly printed for the case of
+ a multiline range in which the width of the line numbers changes
+ (e.g. from "9" to "10"). */
+@@ -5243,6 +5655,8 @@ diagnostic_show_locus_c_tests ()
+ test_layout_range_for_single_line ();
+ test_layout_range_for_multiple_lines ();
+
++ test_display_widths ();
++
+ for_each_line_table_case (test_layout_x_offset_display_utf8);
+ for_each_line_table_case (test_layout_x_offset_display_tab);
+
+@@ -5263,6 +5677,8 @@ diagnostic_show_locus_c_tests ()
+ for_each_line_table_case (test_fixit_replace_containing_newline);
+ for_each_line_table_case (test_fixit_deletion_affecting_newline);
+ for_each_line_table_case (test_tab_expansion);
++ for_each_line_table_case (test_escaping_bytes_1);
++ for_each_line_table_case (test_escaping_bytes_2);
+
+ test_line_numbers_multiline_range ();
+ }
+diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
+--- a/gcc/doc/invoke.texi 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/doc/invoke.texi 2021-12-25 01:30:50.681688823 -0800
+@@ -295,7 +295,8 @@ Objective-C and Objective-C++ Dialects}.
+ -fdiagnostics-show-path-depths @gol
+ -fno-show-column @gol
+ -fdiagnostics-column-unit=@r{[}display@r{|}byte@r{]} @gol
+--fdiagnostics-column-origin=@var{origin}}
++-fdiagnostics-column-origin=@var{origin} @gol
++-fdiagnostics-escape-format=@r{[}unicode@r{|}bytes@r{]}}
+
+ @item Warning Options
+ @xref{Warning Options,,Options to Request or Suppress Warnings}.
+@@ -4451,6 +4452,38 @@ first column. The default value of 1 co
+ behavior and to the GNU style guide. Some utilities may perform better with an
+ origin of 0; any non-negative value may be specified.
+
++@item -fdiagnostics-escape-format=@var{FORMAT}
++@opindex fdiagnostics-escape-format
++When GCC prints pertinent source lines for a diagnostic it normally attempts
++to print the source bytes directly. However, some diagnostics relate to encoding
++issues in the source file, such as malformed UTF-8, or issues with Unicode
++normalization. These diagnostics are flagged so that GCC will escape bytes
++that are not printable ASCII when printing their pertinent source lines.
++
++This option controls how such bytes should be escaped.
++
++The default @var{FORMAT}, @samp{unicode} displays Unicode characters that
++are not printable ASCII in the form @samp{<U+XXXX>}, and bytes that do not
++correspond to a Unicode character validly-encoded in UTF-8-encoded will be
++displayed as hexadecimal in the form @samp{<XX>}.
++
++For example, a source line containing the string @samp{before} followed by the
++Unicode character U+03C0 (``GREEK SMALL LETTER PI'', with UTF-8 encoding
++0xCF 0x80) followed by the byte 0xBF (a stray UTF-8 trailing byte), followed by
++the string @samp{after} will be printed for such a diagnostic as:
++
++@smallexample
++ before<U+03C0><BF>after
++@end smallexample
++
++Setting @var{FORMAT} to @samp{bytes} will display all non-printable-ASCII bytes
++in the form @samp{<XX>}, thus showing the underlying encoding of non-ASCII
++Unicode characters. For the example above, the following will be printed:
++
++@smallexample
++ before<CF><80><BF>after
++@end smallexample
++
+ @item -fdiagnostics-format=@var{FORMAT}
+ @opindex fdiagnostics-format
+ Select a different format for printing diagnostics.
+@@ -4518,9 +4551,11 @@ might be printed in JSON form (after for
+ @}
+ @}
+ ],
++ "escape-source": false,
+ "message": "...this statement, but the latter is @dots{}"
+ @}
+ ]
++ "escape-source": false,
+ "column-origin": 1,
+ @},
+ @dots{}
+@@ -4607,6 +4642,7 @@ of the expression, which have labels. I
+ "label": "T @{aka struct t@}"
+ @}
+ ],
++ "escape-source": false,
+ "message": "invalid operands to binary + @dots{}"
+ @}
+ @end smallexample
+@@ -4660,6 +4696,7 @@ might be printed in JSON form as:
+ @}
+ @}
+ ],
++ "escape-source": false,
+ "message": "\u2018struct s\u2019 has no member named @dots{}"
+ @}
+ @end smallexample
+@@ -4717,6 +4754,10 @@ For example, the intraprocedural example
+ ]
+ @end smallexample
+
++Diagnostics have a boolean attribute @code{escape-source}, hinting whether
++non-ASCII bytes should be escaped when printing the pertinent lines of
++source code (@code{true} for diagnostics involving source encoding issues).
++
+ @end table
+
+ @node Warning Options
+diff --git a/gcc/input.c b/gcc/input.c
+--- a/gcc/input.c 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/input.c 2021-12-25 01:30:50.681688823 -0800
+@@ -913,7 +913,8 @@ make_location (location_t caret, source_
+ source line in order to calculate the display width. If that cannot be done
+ for any reason, then returns the byte column as a fallback. */
+ int
+-location_compute_display_column (expanded_location exploc, int tabstop)
++location_compute_display_column (expanded_location exploc,
++ const cpp_char_column_policy &policy)
+ {
+ if (!(exploc.file && *exploc.file && exploc.line && exploc.column))
+ return exploc.column;
+@@ -921,7 +922,7 @@ location_compute_display_column (expande
+ /* If line is NULL, this function returns exploc.column which is the
+ desired fallback. */
+ return cpp_byte_column_to_display_column (line.get_buffer (), line.length (),
+- exploc.column, tabstop);
++ exploc.column, policy);
+ }
+
+ /* Dump statistics to stderr about the memory usage of the line_table
+@@ -3609,43 +3610,50 @@ test_line_offset_overflow ()
+ void test_cpp_utf8 ()
+ {
+ const int def_tabstop = 8;
++ cpp_char_column_policy policy (def_tabstop, cpp_wcwidth);
++
+ /* Verify that wcwidth of invalid UTF-8 or control bytes is 1. */
+ {
+- int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8, def_tabstop);
++ int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8, policy);
+ ASSERT_EQ (8, w_bad);
+- int w_ctrl = cpp_display_width ("\r\n\v\0\1", 5, def_tabstop);
++ int w_ctrl = cpp_display_width ("\r\n\v\0\1", 5, policy);
+ ASSERT_EQ (5, w_ctrl);
+ }
+
+ /* Verify that wcwidth of valid UTF-8 is as expected. */
+ {
+- const int w_pi = cpp_display_width ("\xcf\x80", 2, def_tabstop);
++ const int w_pi = cpp_display_width ("\xcf\x80", 2, policy);
+ ASSERT_EQ (1, w_pi);
+- const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4, def_tabstop);
++ const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4, policy);
+ ASSERT_EQ (2, w_emoji);
+ const int w_umlaut_precomposed = cpp_display_width ("\xc3\xbf", 2,
+- def_tabstop);
++ policy);
+ ASSERT_EQ (1, w_umlaut_precomposed);
+ const int w_umlaut_combining = cpp_display_width ("y\xcc\x88", 3,
+- def_tabstop);
++ policy);
+ ASSERT_EQ (1, w_umlaut_combining);
+- const int w_han = cpp_display_width ("\xe4\xb8\xba", 3, def_tabstop);
++ const int w_han = cpp_display_width ("\xe4\xb8\xba", 3, policy);
+ ASSERT_EQ (2, w_han);
+- const int w_ascii = cpp_display_width ("GCC", 3, def_tabstop);
++ const int w_ascii = cpp_display_width ("GCC", 3, policy);
+ ASSERT_EQ (3, w_ascii);
+ const int w_mixed = cpp_display_width ("\xcf\x80 = 3.14 \xf0\x9f\x98\x82"
+ "\x9f! \xe4\xb8\xba y\xcc\x88",
+- 24, def_tabstop);
++ 24, policy);
+ ASSERT_EQ (18, w_mixed);
+ }
+
+ /* Verify that display width properly expands tabs. */
+ {
+ const char *tstr = "\tabc\td";
+- ASSERT_EQ (6, cpp_display_width (tstr, 6, 1));
+- ASSERT_EQ (10, cpp_display_width (tstr, 6, 3));
+- ASSERT_EQ (17, cpp_display_width (tstr, 6, 8));
+- ASSERT_EQ (1, cpp_display_column_to_byte_column (tstr, 6, 7, 8));
++ ASSERT_EQ (6, cpp_display_width (tstr, 6,
++ cpp_char_column_policy (1, cpp_wcwidth)));
++ ASSERT_EQ (10, cpp_display_width (tstr, 6,
++ cpp_char_column_policy (3, cpp_wcwidth)));
++ ASSERT_EQ (17, cpp_display_width (tstr, 6,
++ cpp_char_column_policy (8, cpp_wcwidth)));
++ ASSERT_EQ (1,
++ cpp_display_column_to_byte_column
++ (tstr, 6, 7, cpp_char_column_policy (8, cpp_wcwidth)));
+ }
+
+ /* Verify that cpp_byte_column_to_display_column can go past the end,
+@@ -3658,13 +3666,13 @@ void test_cpp_utf8 ()
+ /* 111122223456
+ Byte columns. */
+
+- ASSERT_EQ (5, cpp_display_width (str, 6, def_tabstop));
++ ASSERT_EQ (5, cpp_display_width (str, 6, policy));
+ ASSERT_EQ (105,
+- cpp_byte_column_to_display_column (str, 6, 106, def_tabstop));
++ cpp_byte_column_to_display_column (str, 6, 106, policy));
+ ASSERT_EQ (10000,
+- cpp_byte_column_to_display_column (NULL, 0, 10000, def_tabstop));
++ cpp_byte_column_to_display_column (NULL, 0, 10000, policy));
+ ASSERT_EQ (0,
+- cpp_byte_column_to_display_column (NULL, 10000, 0, def_tabstop));
++ cpp_byte_column_to_display_column (NULL, 10000, 0, policy));
+ }
+
+ /* Verify that cpp_display_column_to_byte_column can go past the end,
+@@ -3678,25 +3686,25 @@ void test_cpp_utf8 ()
+ /* 000000000000000000000000000000000111111
+ 111122223333444456666777788889999012345
+ Byte columns. */
+- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2, def_tabstop));
++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2, policy));
+ ASSERT_EQ (15,
+- cpp_display_column_to_byte_column (str, 15, 11, def_tabstop));
++ cpp_display_column_to_byte_column (str, 15, 11, policy));
+ ASSERT_EQ (115,
+- cpp_display_column_to_byte_column (str, 15, 111, def_tabstop));
++ cpp_display_column_to_byte_column (str, 15, 111, policy));
+ ASSERT_EQ (10000,
+- cpp_display_column_to_byte_column (NULL, 0, 10000, def_tabstop));
++ cpp_display_column_to_byte_column (NULL, 0, 10000, policy));
+ ASSERT_EQ (0,
+- cpp_display_column_to_byte_column (NULL, 10000, 0, def_tabstop));
++ cpp_display_column_to_byte_column (NULL, 10000, 0, policy));
+
+ /* Verify that we do not interrupt a UTF-8 sequence. */
+- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1, def_tabstop));
++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1, policy));
+
+ for (int byte_col = 1; byte_col <= 15; ++byte_col)
+ {
+ const int disp_col
+- = cpp_byte_column_to_display_column (str, 15, byte_col, def_tabstop);
++ = cpp_byte_column_to_display_column (str, 15, byte_col, policy);
+ const int byte_col2
+- = cpp_display_column_to_byte_column (str, 15, disp_col, def_tabstop);
++ = cpp_display_column_to_byte_column (str, 15, disp_col, policy);
+
+ /* If we ask for the display column in the middle of a UTF-8
+ sequence, it will return the length of the partial sequence,
+diff --git a/gcc/input.h b/gcc/input.h
+--- a/gcc/input.h 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/input.h 2021-12-25 01:30:50.681688823 -0800
+@@ -39,8 +39,11 @@ STATIC_ASSERT (BUILTINS_LOCATION < RESER
+ extern bool is_location_from_builtin_token (location_t);
+ extern expanded_location expand_location (location_t);
+
+-extern int location_compute_display_column (expanded_location exploc,
+- int tabstop);
++class cpp_char_column_policy;
++
++extern int
++location_compute_display_column (expanded_location exploc,
++ const cpp_char_column_policy &policy);
+
+ /* A class capturing the bounds of a buffer, to allow for run-time
+ bounds-checking in a checked build. */
+diff --git a/gcc/opts.c b/gcc/opts.c
+--- a/gcc/opts.c 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/opts.c 2021-12-25 01:30:50.681688823 -0800
+@@ -2447,6 +2447,10 @@ common_handle_option (struct gcc_options
+ dc->column_origin = value;
+ break;
+
++ case OPT_fdiagnostics_escape_format_:
++ dc->escape_format = (enum diagnostics_escape_format)value;
++ break;
++
+ case OPT_fdiagnostics_show_cwe:
+ dc->show_cwe = value;
+ break;
+diff --git a/gcc/selftest.c b/gcc/selftest.c
+--- a/gcc/selftest.c 2020-07-22 23:35:17.820389797 -0700
++++ b/gcc/selftest.c 2021-12-25 01:30:50.681688823 -0800
+@@ -193,6 +193,21 @@ temp_source_file::temp_source_file (cons
+ fclose (out);
+ }
+
++/* As above, but with a size, to allow for NUL bytes in CONTENT. */
++
++temp_source_file::temp_source_file (const location &loc,
++ const char *suffix,
++ const char *content,
++ size_t sz)
++: named_temp_file (suffix)
++{
++ FILE *out = fopen (get_filename (), "w");
++ if (!out)
++ fail_formatted (loc, "unable to open tempfile: %s", get_filename ());
++ fwrite (content, sz, 1, out);
++ fclose (out);
++}
++
+ /* Avoid introducing locale-specific differences in the results
+ by hardcoding open_quote and close_quote. */
+
+diff --git a/gcc/selftest.h b/gcc/selftest.h
+--- a/gcc/selftest.h 2020-07-22 23:35:17.820389797 -0700
++++ b/gcc/selftest.h 2021-12-25 01:30:50.681688823 -0800
+@@ -112,6 +112,8 @@ class temp_source_file : public named_te
+ public:
+ temp_source_file (const location &loc, const char *suffix,
+ const char *content);
++ temp_source_file (const location &loc, const char *suffix,
++ const char *content, size_t sz);
+ };
+
+ /* RAII-style class for avoiding introducing locale-specific differences
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2021-12-25 01:30:50.681688823 -0800
+@@ -9,6 +9,7 @@
+
+ /* { dg-regexp "\"kind\": \"error\"" } */
+ /* { dg-regexp "\"column-origin\": 1" } */
++/* { dg-regexp "\"escape-source\": false" } */
+ /* { dg-regexp "\"message\": \"#error message\"" } */
+
+ /* { dg-regexp "\"caret\": \{" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2021-12-25 01:30:50.681688823 -0800
+@@ -9,6 +9,7 @@
+
+ /* { dg-regexp "\"kind\": \"warning\"" } */
+ /* { dg-regexp "\"column-origin\": 1" } */
++/* { dg-regexp "\"escape-source\": false" } */
+ /* { dg-regexp "\"message\": \"#warning message\"" } */
+ /* { dg-regexp "\"option\": \"-Wcpp\"" } */
+ /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2021-12-25 01:30:50.681688823 -0800
+@@ -9,6 +9,7 @@
+
+ /* { dg-regexp "\"kind\": \"error\"" } */
+ /* { dg-regexp "\"column-origin\": 1" } */
++/* { dg-regexp "\"escape-source\": false" } */
+ /* { dg-regexp "\"message\": \"#warning message\"" } */
+ /* { dg-regexp "\"option\": \"-Werror=cpp\"" } */
+ /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2021-12-25 01:30:50.681688823 -0800
+@@ -19,6 +19,7 @@ int test (void)
+
+ /* { dg-regexp "\"kind\": \"note\"" } */
+ /* { dg-regexp "\"message\": \"...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'\"" } */
++/* { dg-regexp "\"escape-source\": false" } */
+
+ /* { dg-regexp "\"caret\": \{" } */
+ /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */
+@@ -39,6 +40,7 @@ int test (void)
+ /* { dg-regexp "\"kind\": \"warning\"" } */
+ /* { dg-regexp "\"column-origin\": 1" } */
+ /* { dg-regexp "\"message\": \"this 'if' clause does not guard...\"" } */
++/* { dg-regexp "\"escape-source\": false" } */
+ /* { dg-regexp "\"option\": \"-Wmisleading-indentation\"" } */
+ /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wmisleading-indentation\"" } */
+
+diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c
+--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2021-12-25 01:29:12.927317174 -0800
++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2021-12-25 01:30:50.681688823 -0800
+@@ -14,6 +14,7 @@ int test (struct s *ptr)
+
+ /* { dg-regexp "\"kind\": \"error\"" } */
+ /* { dg-regexp "\"column-origin\": 1" } */
++/* { dg-regexp "\"escape-source\": false" } */
+ /* { dg-regexp "\"message\": \".*\"" } */
+
+ /* Verify fix-it hints. */
+diff --git a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c
+--- a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c 2021-12-25 01:30:50.681688823 -0800
+@@ -0,0 +1,21 @@
++// { dg-do preprocess }
++// { dg-options "-std=gnu99 -Werror=normalized=nfc -fdiagnostics-show-caret -fdiagnostics-escape-format=bytes" }
++/* { dg-message "some warnings being treated as errors" "" {target "*-*-*"} 0 } */
++
++/* འ= U+0F43 TIBETAN LETTER GHA, which has decomposition "0F42 0FB7" i.e.
++ U+0F42 TIBETAN LETTER GA: à½
++ U+0FB7 TIBETAN SUBJOINED LETTER HA: ྷ
++
++ The UTF-8 encoding of U+0F43 TIBETAN LETTER GHA is: E0 BD 83. */
++
++foo before_\u0F43_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." }
++/* { dg-begin-multiline-output "" }
++ foo before_\u0F43_after bar
++ ^~~~~~~~~~~~~~~~~~~
++ { dg-end-multiline-output "" } */
++
++foo before_à½_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." }
++/* { dg-begin-multiline-output "" }
++ foo before_<e0><bd><83>_after bar
++ ^~~~~~~~~~~~~~~~~~~~~~~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c
+--- a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c 2021-12-25 01:30:50.681688823 -0800
+@@ -0,0 +1,19 @@
++// { dg-do preprocess }
++// { dg-options "-std=gnu99 -Werror=normalized=nfc -fdiagnostics-show-caret -fdiagnostics-escape-format=unicode" }
++/* { dg-message "some warnings being treated as errors" "" {target "*-*-*"} 0 } */
++
++/* འ= U+0F43 TIBETAN LETTER GHA, which has decomposition "0F42 0FB7" i.e.
++ U+0F42 TIBETAN LETTER GA: à½
++ U+0FB7 TIBETAN SUBJOINED LETTER HA: ྷ */
++
++foo before_\u0F43_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." }
++/* { dg-begin-multiline-output "" }
++ foo before_\u0F43_after bar
++ ^~~~~~~~~~~~~~~~~~~
++ { dg-end-multiline-output "" } */
++
++foo before_à½_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." }
++/* { dg-begin-multiline-output "" }
++ foo before_<U+0F43>_after bar
++ ^~~~~~~~~~~~~~~~~~~~~
++ { dg-end-multiline-output "" } */
+diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90
+--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2021-12-25 01:29:12.931317107 -0800
++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2021-12-25 01:30:50.681688823 -0800
+@@ -9,6 +9,7 @@
+
+ ! { dg-regexp "\"kind\": \"error\"" }
+ ! { dg-regexp "\"column-origin\": 1" }
++! { dg-regexp "\"escape-source\": false" }
+ ! { dg-regexp "\"message\": \"#error message\"" }
+
+ ! { dg-regexp "\"caret\": \{" }
+diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90
+--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2021-12-25 01:29:12.931317107 -0800
++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2021-12-25 01:30:50.681688823 -0800
+@@ -9,6 +9,7 @@
+
+ ! { dg-regexp "\"kind\": \"warning\"" }
+ ! { dg-regexp "\"column-origin\": 1" }
++! { dg-regexp "\"escape-source\": false" }
+ ! { dg-regexp "\"message\": \"#warning message\"" }
+ ! { dg-regexp "\"option\": \"-Wcpp\"" }
+ ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" }
+diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90
+--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2021-12-25 01:29:12.931317107 -0800
++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2021-12-25 01:30:50.681688823 -0800
+@@ -9,6 +9,7 @@
+
+ ! { dg-regexp "\"kind\": \"error\"" }
+ ! { dg-regexp "\"column-origin\": 1" }
++! { dg-regexp "\"escape-source\": false" }
+ ! { dg-regexp "\"message\": \"#warning message\"" }
+ ! { dg-regexp "\"option\": \"-Werror=cpp\"" }
+ ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" }
+diff --git a/libcpp/charset.c b/libcpp/charset.c
+--- a/libcpp/charset.c 2021-12-25 01:29:12.931317107 -0800
++++ b/libcpp/charset.c 2021-12-25 01:30:50.681688823 -0800
+@@ -1549,12 +1549,14 @@ convert_escape (cpp_reader *pfile, const
+ "unknown escape sequence: '\\%c'", (int) c);
+ else
+ {
++ encoding_rich_location rich_loc (pfile);
++
+ /* diagnostic.c does not support "%03o". When it does, this
+ code can use %03o directly in the diagnostic again. */
+ char buf[32];
+ sprintf(buf, "%03o", (int) c);
+- cpp_error (pfile, CPP_DL_PEDWARN,
+- "unknown escape sequence: '\\%s'", buf);
++ cpp_error_at (pfile, CPP_DL_PEDWARN, &rich_loc,
++ "unknown escape sequence: '\\%s'", buf);
+ }
+ }
+
+@@ -2277,14 +2279,16 @@ cpp_string_location_reader::get_next ()
+ }
+
+ cpp_display_width_computation::
+-cpp_display_width_computation (const char *data, int data_length, int tabstop) :
++cpp_display_width_computation (const char *data, int data_length,
++ const cpp_char_column_policy &policy) :
+ m_begin (data),
+ m_next (m_begin),
+ m_bytes_left (data_length),
+- m_tabstop (tabstop),
++ m_policy (policy),
+ m_display_cols (0)
+ {
+- gcc_assert (m_tabstop > 0);
++ gcc_assert (policy.m_tabstop > 0);
++ gcc_assert (policy.m_width_cb);
+ }
+
+
+@@ -2296,19 +2300,28 @@ cpp_display_width_computation (const cha
+ point to a valid UTF-8-encoded sequence, then it will be treated as a single
+ byte with display width 1. m_cur_display_col is the current display column,
+ relative to which tab stops should be expanded. Returns the display width of
+- the codepoint just processed. */
++ the codepoint just processed.
++ If OUT is non-NULL, it is populated. */
+
+ int
+-cpp_display_width_computation::process_next_codepoint ()
++cpp_display_width_computation::process_next_codepoint (cpp_decoded_char *out)
+ {
+ cppchar_t c;
+ int next_width;
+
++ if (out)
++ out->m_start_byte = m_next;
++
+ if (*m_next == '\t')
+ {
+ ++m_next;
+ --m_bytes_left;
+- next_width = m_tabstop - (m_display_cols % m_tabstop);
++ next_width = m_policy.m_tabstop - (m_display_cols % m_policy.m_tabstop);
++ if (out)
++ {
++ out->m_ch = '\t';
++ out->m_valid_ch = true;
++ }
+ }
+ else if (one_utf8_to_cppchar ((const uchar **) &m_next, &m_bytes_left, &c)
+ != 0)
+@@ -2318,14 +2331,24 @@ cpp_display_width_computation::process_n
+ of one. */
+ ++m_next;
+ --m_bytes_left;
+- next_width = 1;
++ next_width = m_policy.m_undecoded_byte_width;
++ if (out)
++ out->m_valid_ch = false;
+ }
+ else
+ {
+ /* one_utf8_to_cppchar() has updated m_next and m_bytes_left for us. */
+- next_width = cpp_wcwidth (c);
++ next_width = m_policy.m_width_cb (c);
++ if (out)
++ {
++ out->m_ch = c;
++ out->m_valid_ch = true;
++ }
+ }
+
++ if (out)
++ out->m_next_byte = m_next;
++
+ m_display_cols += next_width;
+ return next_width;
+ }
+@@ -2341,7 +2364,7 @@ cpp_display_width_computation::advance_d
+ const int start = m_display_cols;
+ const int target = start + n;
+ while (m_display_cols < target && !done ())
+- process_next_codepoint ();
++ process_next_codepoint (NULL);
+ return m_display_cols - start;
+ }
+
+@@ -2349,29 +2372,33 @@ cpp_display_width_computation::advance_d
+ how many display columns are occupied by the first COLUMN bytes. COLUMN
+ may exceed DATA_LENGTH, in which case the phantom bytes at the end are
+ treated as if they have display width 1. Tabs are expanded to the next tab
+- stop, relative to the start of DATA. */
++ stop, relative to the start of DATA, and non-printable-ASCII characters
++ will be escaped as per POLICY. */
+
+ int
+ cpp_byte_column_to_display_column (const char *data, int data_length,
+- int column, int tabstop)
++ int column,
++ const cpp_char_column_policy &policy)
+ {
+ const int offset = MAX (0, column - data_length);
+- cpp_display_width_computation dw (data, column - offset, tabstop);
++ cpp_display_width_computation dw (data, column - offset, policy);
+ while (!dw.done ())
+- dw.process_next_codepoint ();
++ dw.process_next_codepoint (NULL);
+ return dw.display_cols_processed () + offset;
+ }
+
+ /* For the string of length DATA_LENGTH bytes that begins at DATA, compute
+ the least number of bytes that will result in at least DISPLAY_COL display
+ columns. The return value may exceed DATA_LENGTH if the entire string does
+- not occupy enough display columns. */
++ not occupy enough display columns. Non-printable-ASCII characters
++ will be escaped as per POLICY. */
+
+ int
+ cpp_display_column_to_byte_column (const char *data, int data_length,
+- int display_col, int tabstop)
++ int display_col,
++ const cpp_char_column_policy &policy)
+ {
+- cpp_display_width_computation dw (data, data_length, tabstop);
++ cpp_display_width_computation dw (data, data_length, policy);
+ const int avail_display = dw.advance_display_cols (display_col);
+ return dw.bytes_processed () + MAX (0, display_col - avail_display);
+ }
+diff --git a/libcpp/errors.c b/libcpp/errors.c
+--- a/libcpp/errors.c 2020-07-22 23:35:18.712399623 -0700
++++ b/libcpp/errors.c 2021-12-25 01:30:50.681688823 -0800
+@@ -27,6 +27,31 @@ along with this program; see the file CO
+ #include "cpplib.h"
+ #include "internal.h"
+
++/* Get a location_t for the current location in PFILE,
++ generally that of the previously lexed token. */
++
++location_t
++cpp_diagnostic_get_current_location (cpp_reader *pfile)
++{
++ if (CPP_OPTION (pfile, traditional))
++ {
++ if (pfile->state.in_directive)
++ return pfile->directive_line;
++ else
++ return pfile->line_table->highest_line;
++ }
++ /* We don't want to refer to a token before the beginning of the
++ current run -- that is invalid. */
++ else if (pfile->cur_token == pfile->cur_run->base)
++ {
++ return 0;
++ }
++ else
++ {
++ return pfile->cur_token[-1].src_loc;
++ }
++}
++
+ /* Print a diagnostic at the given location. */
+
+ ATTRIBUTE_FPTR_PRINTF(5,0)
+@@ -52,25 +77,7 @@ cpp_diagnostic (cpp_reader * pfile, enum
+ enum cpp_warning_reason reason,
+ const char *msgid, va_list *ap)
+ {
+- location_t src_loc;
+-
+- if (CPP_OPTION (pfile, traditional))
+- {
+- if (pfile->state.in_directive)
+- src_loc = pfile->directive_line;
+- else
+- src_loc = pfile->line_table->highest_line;
+- }
+- /* We don't want to refer to a token before the beginning of the
+- current run -- that is invalid. */
+- else if (pfile->cur_token == pfile->cur_run->base)
+- {
+- src_loc = 0;
+- }
+- else
+- {
+- src_loc = pfile->cur_token[-1].src_loc;
+- }
++ location_t src_loc = cpp_diagnostic_get_current_location (pfile);
+ rich_location richloc (pfile->line_table, src_loc);
+ return cpp_diagnostic_at (pfile, level, reason, &richloc, msgid, ap);
+ }
+@@ -142,6 +149,43 @@ cpp_warning_syshdr (cpp_reader * pfile,
+
+ va_end (ap);
+ return ret;
++}
++
++/* As cpp_warning above, but use RICHLOC as the location of the diagnostic. */
++
++bool cpp_warning_at (cpp_reader *pfile, enum cpp_warning_reason reason,
++ rich_location *richloc, const char *msgid, ...)
++{
++ va_list ap;
++ bool ret;
++
++ va_start (ap, msgid);
++
++ ret = cpp_diagnostic_at (pfile, CPP_DL_WARNING, reason, richloc,
++ msgid, &ap);
++
++ va_end (ap);
++ return ret;
++
++}
++
++/* As cpp_pedwarning above, but use RICHLOC as the location of the
++ diagnostic. */
++
++bool
++cpp_pedwarning_at (cpp_reader * pfile, enum cpp_warning_reason reason,
++ rich_location *richloc, const char *msgid, ...)
++{
++ va_list ap;
++ bool ret;
++
++ va_start (ap, msgid);
++
++ ret = cpp_diagnostic_at (pfile, CPP_DL_PEDWARN, reason, richloc,
++ msgid, &ap);
++
++ va_end (ap);
++ return ret;
+ }
+
+ /* Print a diagnostic at a specific location. */
+diff --git a/libcpp/include/cpplib.h b/libcpp/include/cpplib.h
+--- a/libcpp/include/cpplib.h 2021-12-25 01:29:12.931317107 -0800
++++ b/libcpp/include/cpplib.h 2021-12-25 01:30:50.685688757 -0800
+@@ -1176,6 +1176,14 @@ extern bool cpp_warning_syshdr (cpp_read
+ const char *msgid, ...)
+ ATTRIBUTE_PRINTF_3;
+
++/* As their counterparts above, but use RICHLOC. */
++extern bool cpp_warning_at (cpp_reader *, enum cpp_warning_reason,
++ rich_location *richloc, const char *msgid, ...)
++ ATTRIBUTE_PRINTF_4;
++extern bool cpp_pedwarning_at (cpp_reader *, enum cpp_warning_reason,
++ rich_location *richloc, const char *msgid, ...)
++ ATTRIBUTE_PRINTF_4;
++
+ /* Output a diagnostic with "MSGID: " preceding the
+ error string of errno. No location is printed. */
+ extern bool cpp_errno (cpp_reader *, enum cpp_diagnostic_level,
+@@ -1320,42 +1328,95 @@ extern const char * cpp_get_userdef_suff
+
+ /* In charset.c */
+
++/* The result of attempting to decode a run of UTF-8 bytes. */
++
++struct cpp_decoded_char
++{
++ const char *m_start_byte;
++ const char *m_next_byte;
++
++ bool m_valid_ch;
++ cppchar_t m_ch;
++};
++
++/* Information for mapping between code points and display columns.
++
++ This is a tabstop value, along with a callback for getting the
++ widths of characters. Normally this callback is cpp_wcwidth, but we
++ support other schemes for escaping non-ASCII unicode as a series of
++ ASCII chars when printing the user's source code in diagnostic-show-locus.c
++
++ For example, consider:
++ - the Unicode character U+03C0 "GREEK SMALL LETTER PI" (UTF-8: 0xCF 0x80)
++ - the Unicode character U+1F642 "SLIGHTLY SMILING FACE"
++ (UTF-8: 0xF0 0x9F 0x99 0x82)
++ - the byte 0xBF (a stray trailing byte of a UTF-8 character)
++ Normally U+03C0 would occupy one display column, U+1F642
++ would occupy two display columns, and the stray byte would be
++ printed verbatim as one display column.
++
++ However when escaping them as unicode code points as "<U+03C0>"
++ and "<U+1F642>" they occupy 8 and 9 display columns respectively,
++ and when escaping them as bytes as "<CF><80>" and "<F0><9F><99><82>"
++ they occupy 8 and 16 display columns respectively. In both cases
++ the stray byte is escaped to <BF> as 4 display columns. */
++
++struct cpp_char_column_policy
++{
++ cpp_char_column_policy (int tabstop,
++ int (*width_cb) (cppchar_t c))
++ : m_tabstop (tabstop),
++ m_undecoded_byte_width (1),
++ m_width_cb (width_cb)
++ {}
++
++ int m_tabstop;
++ /* Width in display columns of a stray byte that isn't decodable
++ as UTF-8. */
++ int m_undecoded_byte_width;
++ int (*m_width_cb) (cppchar_t c);
++};
++
+ /* A class to manage the state while converting a UTF-8 sequence to cppchar_t
+ and computing the display width one character at a time. */
+ class cpp_display_width_computation {
+ public:
+ cpp_display_width_computation (const char *data, int data_length,
+- int tabstop);
++ const cpp_char_column_policy &policy);
+ const char *next_byte () const { return m_next; }
+ int bytes_processed () const { return m_next - m_begin; }
+ int bytes_left () const { return m_bytes_left; }
+ bool done () const { return !bytes_left (); }
+ int display_cols_processed () const { return m_display_cols; }
+
+- int process_next_codepoint ();
++ int process_next_codepoint (cpp_decoded_char *out);
+ int advance_display_cols (int n);
+
+ private:
+ const char *const m_begin;
+ const char *m_next;
+ size_t m_bytes_left;
+- const int m_tabstop;
++ const cpp_char_column_policy &m_policy;
+ int m_display_cols;
+ };
+
+ /* Convenience functions that are simple use cases for class
+ cpp_display_width_computation. Tab characters will be expanded to spaces
+- as determined by TABSTOP. */
++ as determined by POLICY.m_tabstop, and non-printable-ASCII characters
++ will be escaped as per POLICY. */
++
+ int cpp_byte_column_to_display_column (const char *data, int data_length,
+- int column, int tabstop);
++ int column,
++ const cpp_char_column_policy &policy);
+ inline int cpp_display_width (const char *data, int data_length,
+- int tabstop)
++ const cpp_char_column_policy &policy)
+ {
+ return cpp_byte_column_to_display_column (data, data_length, data_length,
+- tabstop);
++ policy);
+ }
+ int cpp_display_column_to_byte_column (const char *data, int data_length,
+- int display_col, int tabstop);
++ int display_col,
++ const cpp_char_column_policy &policy);
+ int cpp_wcwidth (cppchar_t c);
+
+ #endif /* ! LIBCPP_CPPLIB_H */
+diff --git a/libcpp/include/line-map.h b/libcpp/include/line-map.h
+--- a/libcpp/include/line-map.h 2020-07-22 23:35:18.712399623 -0700
++++ b/libcpp/include/line-map.h 2021-12-25 01:30:50.685688757 -0800
+@@ -1732,6 +1732,18 @@ class rich_location
+ const diagnostic_path *get_path () const { return m_path; }
+ void set_path (const diagnostic_path *path) { m_path = path; }
+
++ /* A flag for hinting that the diagnostic involves character encoding
++ issues, and thus that it will be helpful to the user if we show some
++ representation of how the characters in the pertinent source lines
++ are encoded.
++ The default is false (i.e. do not escape).
++ When set to true, non-ASCII bytes in the pertinent source lines will
++ be escaped in a manner controlled by the user-supplied option
++ -fdiagnostics-escape-format=, so that the user can better understand
++ what's going on with the encoding in their source file. */
++ bool escape_on_output_p () const { return m_escape_on_output; }
++ void set_escape_on_output (bool flag) { m_escape_on_output = flag; }
++
+ private:
+ bool reject_impossible_fixit (location_t where);
+ void stop_supporting_fixits ();
+@@ -1758,6 +1770,7 @@ protected:
+ bool m_fixits_cannot_be_auto_applied;
+
+ const diagnostic_path *m_path;
++ bool m_escape_on_output;
+ };
+
+ /* A struct for the result of range_label::get_text: a NUL-terminated buffer
+diff --git a/libcpp/internal.h b/libcpp/internal.h
+--- a/libcpp/internal.h 2020-07-22 23:35:18.712399623 -0700
++++ b/libcpp/internal.h 2021-12-25 01:30:50.685688757 -0800
+@@ -758,6 +758,9 @@ struct _cpp_dir_only_callbacks
+ extern void _cpp_preprocess_dir_only (cpp_reader *,
+ const struct _cpp_dir_only_callbacks *);
+
++/* In errors.c */
++extern location_t cpp_diagnostic_get_current_location (cpp_reader *);
++
+ /* In traditional.c. */
+ extern bool _cpp_scan_out_logical_line (cpp_reader *, cpp_macro *, bool);
+ extern bool _cpp_read_logical_line_trad (cpp_reader *);
+@@ -946,6 +949,26 @@ int linemap_get_expansion_line (class li
+ const char* linemap_get_expansion_filename (class line_maps *,
+ location_t);
+
++/* A subclass of rich_location for emitting a diagnostic
++ at the current location of the reader, but flagging
++ it with set_escape_on_output (true). */
++class encoding_rich_location : public rich_location
++{
++ public:
++ encoding_rich_location (cpp_reader *pfile)
++ : rich_location (pfile->line_table,
++ cpp_diagnostic_get_current_location (pfile))
++ {
++ set_escape_on_output (true);
++ }
++
++ encoding_rich_location (cpp_reader *pfile, location_t loc)
++ : rich_location (pfile->line_table, loc)
++ {
++ set_escape_on_output (true);
++ }
++};
++
+ #ifdef __cplusplus
+ }
+ #endif
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+--- a/libcpp/lex.c 2021-12-24 20:23:45.568762024 -0800
++++ b/libcpp/lex.c 2021-12-25 01:30:50.685688757 -0800
+@@ -1268,7 +1268,11 @@ skip_whitespace (cpp_reader *pfile, cppc
+ while (is_nvspace (c));
+
+ if (saw_NUL)
+- cpp_error (pfile, CPP_DL_WARNING, "null character(s) ignored");
++ {
++ encoding_rich_location rich_loc (pfile);
++ cpp_error_at (pfile, CPP_DL_WARNING, &rich_loc,
++ "null character(s) ignored");
++ }
+
+ buffer->cur--;
+ }
+@@ -1297,6 +1301,28 @@ warn_about_normalization (cpp_reader *pf
+ if (CPP_OPTION (pfile, warn_normalize) < NORMALIZE_STATE_RESULT (s)
+ && !pfile->state.skipping)
+ {
++ location_t loc = token->src_loc;
++
++ /* If possible, create a location range for the token. */
++ if (loc >= RESERVED_LOCATION_COUNT
++ && token->type != CPP_EOF
++ /* There must be no line notes to process. */
++ && (!(pfile->buffer->cur
++ >= pfile->buffer->notes[pfile->buffer->cur_note].pos
++ && !pfile->overlaid_buffer)))
++ {
++ source_range tok_range;
++ tok_range.m_start = loc;
++ tok_range.m_finish
++ = linemap_position_for_column (pfile->line_table,
++ CPP_BUF_COLUMN (pfile->buffer,
++ pfile->buffer->cur));
++ loc = COMBINE_LOCATION_DATA (pfile->line_table,
++ loc, tok_range, NULL);
++ }
++
++ encoding_rich_location rich_loc (pfile, loc);
++
+ /* Make sure that the token is printed using UCNs, even
+ if we'd otherwise happily print UTF-8. */
+ unsigned char *buf = XNEWVEC (unsigned char, cpp_token_len (token));
+@@ -1304,11 +1330,11 @@ warn_about_normalization (cpp_reader *pf
+
+ sz = cpp_spell_token (pfile, token, buf, false) - buf;
+ if (NORMALIZE_STATE_RESULT (s) == normalized_C)
+- cpp_warning_with_line (pfile, CPP_W_NORMALIZE, token->src_loc, 0,
+- "`%.*s' is not in NFKC", (int) sz, buf);
++ cpp_warning_at (pfile, CPP_W_NORMALIZE, &rich_loc,
++ "`%.*s' is not in NFKC", (int) sz, buf);
+ else
+- cpp_warning_with_line (pfile, CPP_W_NORMALIZE, token->src_loc, 0,
+- "`%.*s' is not in NFC", (int) sz, buf);
++ cpp_warning_at (pfile, CPP_W_NORMALIZE, &rich_loc,
++ "`%.*s' is not in NFC", (int) sz, buf);
+ free (buf);
+ }
+ }
+diff --git a/libcpp/line-map.c b/libcpp/line-map.c
+--- a/libcpp/line-map.c 2020-07-22 23:35:18.712399623 -0700
++++ b/libcpp/line-map.c 2021-12-25 01:30:50.685688757 -0800
+@@ -2007,7 +2007,8 @@ rich_location::rich_location (line_maps
+ m_fixit_hints (),
+ m_seen_impossible_fixit (false),
+ m_fixits_cannot_be_auto_applied (false),
+- m_path (NULL)
++ m_path (NULL),
++ m_escape_on_output (false)
+ {
+ add_range (loc, SHOW_RANGE_WITH_CARET, label);
+ }
diff --git a/meta/recipes-devtools/gcc/gcc/0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch b/meta/recipes-devtools/gcc/gcc/0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch
deleted file mode 100644
index 823cc8b668..0000000000
--- a/meta/recipes-devtools/gcc/gcc/0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch
+++ /dev/null
@@ -1,607 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From b1204d16e1ec96a4aa89e44de8990e2499ffdb22 Mon Sep 17 00:00:00 2001
-From: Matthew Malcomson <matthew.malcomson@arm.com>
-Date: Thu, 9 Jul 2020 09:11:59 +0100
-Subject: [PATCH 2/3] aarch64: Introduce SLS mitigation for RET and BR
- instructions
-
-Instructions following RET or BR are not necessarily executed. In order
-to avoid speculation past RET and BR we can simply append a speculation
-barrier.
-
-Since these speculation barriers will not be architecturally executed,
-they are not expected to add a high performance penalty.
-
-The speculation barrier is to be SB when targeting architectures which
-have this enabled, and DSB SY + ISB otherwise.
-
-We add tests for each of the cases where such an instruction was seen.
-
-This is implemented by modifying each machine description pattern that
-emits either a RET or a BR instruction. We choose not to use something
-like `TARGET_ASM_FUNCTION_EPILOGUE` since it does not affect the
-`indirect_jump`, `jump`, `sibcall_insn` and `sibcall_value_insn`
-patterns and we find it preferable to implement the functionality in the
-same way for every pattern.
-
-There is one particular case which is slightly tricky. The
-implementation of TARGET_ASM_TRAMPOLINE_TEMPLATE uses a BR which needs
-to be mitigated against. The trampoline template is used *once* per
-compilation unit, and the TRAMPOLINE_SIZE is exposed to the user via the
-builtin macro __LIBGCC_TRAMPOLINE_SIZE__.
-In the future we may implement function specific attributes to turn on
-and off hardening on a per-function basis.
-The fixed nature of the trampoline described above implies it will be
-safer to ensure this speculation barrier is always used.
-
-Testing:
- Bootstrap and regtest done on aarch64-none-linux
- Used a temporary hack(1) to use these options on every test in the
- testsuite and a script to check that the output never emitted an
- unmitigated RET or BR.
-
-1) Temporary hack was a change to the testsuite to always use
-`-save-temps` and run a script on the assembly output of those
-compilations which produced one to ensure every RET or BR is immediately
-followed by a speculation barrier.
-
-gcc/ChangeLog:
-
- * config/aarch64/aarch64-protos.h (aarch64_sls_barrier): New.
- * config/aarch64/aarch64.c (aarch64_output_casesi): Emit
- speculation barrier after BR instruction if needs be.
- (aarch64_trampoline_init): Handle ptr_mode value & adjust size
- of code copied.
- (aarch64_sls_barrier): New.
- (aarch64_asm_trampoline_template): Add needed barriers.
- * config/aarch64/aarch64.h (AARCH64_ISA_SB): New.
- (TARGET_SB): New.
- (TRAMPOLINE_SIZE): Account for barrier.
- * config/aarch64/aarch64.md (indirect_jump, *casesi_dispatch,
- simple_return, *do_return, *sibcall_insn, *sibcall_value_insn):
- Emit barrier if needs be, also account for possible barrier using
- "sls_length" attribute.
- (sls_length): New attribute.
- (length): Determine default using any non-default sls_length
- value.
-
-gcc/testsuite/ChangeLog:
-
- * gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c: New test.
- * gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c:
- New test.
- * gcc.target/aarch64/sls-mitigation/sls-mitigation.exp: New file.
- * lib/target-supports.exp (check_effective_target_aarch64_asm_sb_ok):
- New proc.
----
- gcc/config/aarch64/aarch64-protos.h | 1 +
- gcc/config/aarch64/aarch64.c | 41 ++++++-
- gcc/config/aarch64/aarch64.h | 10 +-
- gcc/config/aarch64/aarch64.md | 76 +++++++++----
- .../aarch64/sls-mitigation/sls-miti-retbr-pacret.c | 21 ++++
- .../aarch64/sls-mitigation/sls-miti-retbr.c | 119 +++++++++++++++++++++
- .../aarch64/sls-mitigation/sls-mitigation.exp | 73 +++++++++++++
- gcc/testsuite/lib/target-supports.exp | 2 +-
- 8 files changed, 318 insertions(+), 25 deletions(-)
- create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c
- create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c
- create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-mitigation.exp
-
-diff --git a/gcc/config/aarch64/aarch64-protos.h b/gcc/config/aarch64/aarch64-protos.h
-index eb5f4b4..ee0ffde 100644
---- a/gcc/config/aarch64/aarch64-protos.h
-+++ b/gcc/config/aarch64/aarch64-protos.h
-@@ -781,6 +781,7 @@ extern const atomic_ool_names aarch64_ool_ldeor_names;
-
- tree aarch64_resolve_overloaded_builtin_general (location_t, tree, void *);
-
-+const char *aarch64_sls_barrier (int);
- extern bool aarch64_harden_sls_retbr_p (void);
- extern bool aarch64_harden_sls_blr_p (void);
-
-diff --git a/gcc/config/aarch64/aarch64.c b/gcc/config/aarch64/aarch64.c
-index 437a9cf..44e3d1f 100644
---- a/gcc/config/aarch64/aarch64.c
-+++ b/gcc/config/aarch64/aarch64.c
-@@ -10852,8 +10852,8 @@ aarch64_return_addr (int count, rtx frame ATTRIBUTE_UNUSED)
- static void
- aarch64_asm_trampoline_template (FILE *f)
- {
-- int offset1 = 16;
-- int offset2 = 20;
-+ int offset1 = 24;
-+ int offset2 = 28;
-
- if (aarch64_bti_enabled ())
- {
-@@ -10876,6 +10876,17 @@ aarch64_asm_trampoline_template (FILE *f)
- }
- asm_fprintf (f, "\tbr\t%s\n", reg_names [IP1_REGNUM]);
-
-+ /* We always emit a speculation barrier.
-+ This is because the same trampoline template is used for every nested
-+ function. Since nested functions are not particularly common or
-+ performant we don't worry too much about the extra instructions to copy
-+ around.
-+ This is not yet a problem, since we have not yet implemented function
-+ specific attributes to choose between hardening against straight line
-+ speculation or not, but such function specific attributes are likely to
-+ happen in the future. */
-+ asm_fprintf (f, "\tdsb\tsy\n\tisb\n");
-+
- /* The trampoline needs an extra padding instruction. In case if BTI is
- enabled the padding instruction is replaced by the BTI instruction at
- the beginning. */
-@@ -10890,10 +10901,14 @@ static void
- aarch64_trampoline_init (rtx m_tramp, tree fndecl, rtx chain_value)
- {
- rtx fnaddr, mem, a_tramp;
-- const int tramp_code_sz = 16;
-+ const int tramp_code_sz = 24;
-
- /* Don't need to copy the trailing D-words, we fill those in below. */
-- emit_block_move (m_tramp, assemble_trampoline_template (),
-+ /* We create our own memory address in Pmode so that `emit_block_move` can
-+ use parts of the backend which expect Pmode addresses. */
-+ rtx temp = convert_memory_address (Pmode, XEXP (m_tramp, 0));
-+ emit_block_move (gen_rtx_MEM (BLKmode, temp),
-+ assemble_trampoline_template (),
- GEN_INT (tramp_code_sz), BLOCK_OP_NORMAL);
- mem = adjust_address (m_tramp, ptr_mode, tramp_code_sz);
- fnaddr = XEXP (DECL_RTL (fndecl), 0);
-@@ -11084,6 +11099,8 @@ aarch64_output_casesi (rtx *operands)
- output_asm_insn (buf, operands);
- output_asm_insn (patterns[index][1], operands);
- output_asm_insn ("br\t%3", operands);
-+ output_asm_insn (aarch64_sls_barrier (aarch64_harden_sls_retbr_p ()),
-+ operands);
- assemble_label (asm_out_file, label);
- return "";
- }
-@@ -22924,6 +22941,22 @@ aarch64_file_end_indicate_exec_stack ()
- #undef GNU_PROPERTY_AARCH64_FEATURE_1_BTI
- #undef GNU_PROPERTY_AARCH64_FEATURE_1_AND
-
-+/* Helper function for straight line speculation.
-+ Return what barrier should be emitted for straight line speculation
-+ mitigation.
-+ When not mitigating against straight line speculation this function returns
-+ an empty string.
-+ When mitigating against straight line speculation, use:
-+ * SB when the v8.5-A SB extension is enabled.
-+ * DSB+ISB otherwise. */
-+const char *
-+aarch64_sls_barrier (int mitigation_required)
-+{
-+ return mitigation_required
-+ ? (TARGET_SB ? "sb" : "dsb\tsy\n\tisb")
-+ : "";
-+}
-+
- /* Target-specific selftests. */
-
- #if CHECKING_P
-diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h
-index 1ce23c6..c21015f 100644
---- a/gcc/config/aarch64/aarch64.h
-+++ b/gcc/config/aarch64/aarch64.h
-@@ -281,6 +281,7 @@ extern unsigned aarch64_architecture_version;
- #define AARCH64_ISA_F32MM (aarch64_isa_flags & AARCH64_FL_F32MM)
- #define AARCH64_ISA_F64MM (aarch64_isa_flags & AARCH64_FL_F64MM)
- #define AARCH64_ISA_BF16 (aarch64_isa_flags & AARCH64_FL_BF16)
-+#define AARCH64_ISA_SB (aarch64_isa_flags & AARCH64_FL_SB)
-
- /* Crypto is an optional extension to AdvSIMD. */
- #define TARGET_CRYPTO (TARGET_SIMD && AARCH64_ISA_CRYPTO)
-@@ -378,6 +379,9 @@ extern unsigned aarch64_architecture_version;
- #define TARGET_FIX_ERR_A53_835769_DEFAULT 1
- #endif
-
-+/* SB instruction is enabled through +sb. */
-+#define TARGET_SB (AARCH64_ISA_SB)
-+
- /* Apply the workaround for Cortex-A53 erratum 835769. */
- #define TARGET_FIX_ERR_A53_835769 \
- ((aarch64_fix_a53_err835769 == 2) \
-@@ -1058,8 +1062,10 @@ typedef struct
-
- #define RETURN_ADDR_RTX aarch64_return_addr
-
--/* BTI c + 3 insns + 2 pointer-sized entries. */
--#define TRAMPOLINE_SIZE (TARGET_ILP32 ? 24 : 32)
-+/* BTI c + 3 insns
-+ + sls barrier of DSB + ISB.
-+ + 2 pointer-sized entries. */
-+#define TRAMPOLINE_SIZE (24 + (TARGET_ILP32 ? 8 : 16))
-
- /* Trampolines contain dwords, so must be dword aligned. */
- #define TRAMPOLINE_ALIGNMENT 64
-diff --git a/gcc/config/aarch64/aarch64.md b/gcc/config/aarch64/aarch64.md
-index 8c8be3c..dda04ee 100644
---- a/gcc/config/aarch64/aarch64.md
-+++ b/gcc/config/aarch64/aarch64.md
-@@ -407,10 +407,25 @@
- ;; Attribute that specifies whether the alternative uses MOVPRFX.
- (define_attr "movprfx" "no,yes" (const_string "no"))
-
-+;; Attribute to specify that an alternative has the length of a single
-+;; instruction plus a speculation barrier.
-+(define_attr "sls_length" "none,retbr,casesi" (const_string "none"))
-+
- (define_attr "length" ""
- (cond [(eq_attr "movprfx" "yes")
- (const_int 8)
-- ] (const_int 4)))
-+
-+ (eq_attr "sls_length" "retbr")
-+ (cond [(match_test "!aarch64_harden_sls_retbr_p ()") (const_int 4)
-+ (match_test "TARGET_SB") (const_int 8)]
-+ (const_int 12))
-+
-+ (eq_attr "sls_length" "casesi")
-+ (cond [(match_test "!aarch64_harden_sls_retbr_p ()") (const_int 16)
-+ (match_test "TARGET_SB") (const_int 20)]
-+ (const_int 24))
-+ ]
-+ (const_int 4)))
-
- ;; Strictly for compatibility with AArch32 in pipeline models, since AArch64 has
- ;; no predicated insns.
-@@ -447,8 +462,12 @@
- (define_insn "indirect_jump"
- [(set (pc) (match_operand:DI 0 "register_operand" "r"))]
- ""
-- "br\\t%0"
-- [(set_attr "type" "branch")]
-+ {
-+ output_asm_insn ("br\\t%0", operands);
-+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ());
-+ }
-+ [(set_attr "type" "branch")
-+ (set_attr "sls_length" "retbr")]
- )
-
- (define_insn "jump"
-@@ -765,7 +784,7 @@
- "*
- return aarch64_output_casesi (operands);
- "
-- [(set_attr "length" "16")
-+ [(set_attr "sls_length" "casesi")
- (set_attr "type" "branch")]
- )
-
-@@ -844,18 +863,23 @@
- [(return)]
- ""
- {
-+ const char *ret = NULL;
- if (aarch64_return_address_signing_enabled ()
- && TARGET_ARMV8_3
- && !crtl->calls_eh_return)
- {
- if (aarch64_ra_sign_key == AARCH64_KEY_B)
-- return "retab";
-+ ret = "retab";
- else
-- return "retaa";
-+ ret = "retaa";
- }
-- return "ret";
-+ else
-+ ret = "ret";
-+ output_asm_insn (ret, operands);
-+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ());
- }
-- [(set_attr "type" "branch")]
-+ [(set_attr "type" "branch")
-+ (set_attr "sls_length" "retbr")]
- )
-
- (define_expand "return"
-@@ -867,8 +891,12 @@
- (define_insn "simple_return"
- [(simple_return)]
- ""
-- "ret"
-- [(set_attr "type" "branch")]
-+ {
-+ output_asm_insn ("ret", operands);
-+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ());
-+ }
-+ [(set_attr "type" "branch")
-+ (set_attr "sls_length" "retbr")]
- )
-
- (define_insn "*cb<optab><mode>1"
-@@ -1066,10 +1094,16 @@
- (unspec:DI [(match_operand:DI 2 "const_int_operand")] UNSPEC_CALLEE_ABI)
- (return)]
- "SIBLING_CALL_P (insn)"
-- "@
-- br\\t%0
-- b\\t%c0"
-- [(set_attr "type" "branch, branch")]
-+ {
-+ if (which_alternative == 0)
-+ {
-+ output_asm_insn ("br\\t%0", operands);
-+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ());
-+ }
-+ return "b\\t%c0";
-+ }
-+ [(set_attr "type" "branch, branch")
-+ (set_attr "sls_length" "retbr,none")]
- )
-
- (define_insn "*sibcall_value_insn"
-@@ -1080,10 +1114,16 @@
- (unspec:DI [(match_operand:DI 3 "const_int_operand")] UNSPEC_CALLEE_ABI)
- (return)]
- "SIBLING_CALL_P (insn)"
-- "@
-- br\\t%1
-- b\\t%c1"
-- [(set_attr "type" "branch, branch")]
-+ {
-+ if (which_alternative == 0)
-+ {
-+ output_asm_insn ("br\\t%1", operands);
-+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ());
-+ }
-+ return "b\\t%c1";
-+ }
-+ [(set_attr "type" "branch, branch")
-+ (set_attr "sls_length" "retbr,none")]
- )
-
- ;; Call subroutine returning any type.
-diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c
-new file mode 100644
-index 0000000..fa1887a
---- /dev/null
-+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c
-@@ -0,0 +1,21 @@
-+/* Avoid ILP32 since pacret is only available for LP64 */
-+/* { dg-do compile { target { ! ilp32 } } } */
-+/* { dg-additional-options "-mharden-sls=retbr -mbranch-protection=pac-ret -march=armv8.3-a" } */
-+
-+/* Testing the do_return pattern for retaa and retab. */
-+long retbr_subcall(void);
-+long retbr_do_return_retaa(void)
-+{
-+ return retbr_subcall()+1;
-+}
-+
-+__attribute__((target("branch-protection=pac-ret+b-key")))
-+long retbr_do_return_retab(void)
-+{
-+ return retbr_subcall()+1;
-+}
-+
-+/* Ensure there are no BR or RET instructions which are not directly followed
-+ by a speculation barrier. */
-+/* { dg-final { scan-assembler-not {\t(br|ret|retaa|retab)\tx[0-9][0-9]?\n\t(?!dsb\tsy\n\tisb)} } } */
-+/* { dg-final { scan-assembler-not {ret\t} } } */
-diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c
-new file mode 100644
-index 0000000..76b8d03
---- /dev/null
-+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c
-@@ -0,0 +1,119 @@
-+/* We ensure that -Wpedantic is off since it complains about the trampolines
-+ we explicitly want to test. */
-+/* { dg-additional-options "-mharden-sls=retbr -Wno-pedantic " } */
-+/*
-+ Ensure that the SLS hardening of RET and BR leaves no unprotected RET/BR
-+ instructions.
-+ */
-+typedef int (foo) (int, int);
-+typedef void (bar) (int, int);
-+struct sls_testclass {
-+ foo *x;
-+ bar *y;
-+ int left;
-+ int right;
-+};
-+
-+int
-+retbr_sibcall_value_insn (struct sls_testclass x)
-+{
-+ return x.x(x.left, x.right);
-+}
-+
-+void
-+retbr_sibcall_insn (struct sls_testclass x)
-+{
-+ x.y(x.left, x.right);
-+}
-+
-+/* Aim to test two different returns.
-+ One that introduces a tail call in the middle of the function, and one that
-+ has a normal return. */
-+int
-+retbr_multiple_returns (struct sls_testclass x)
-+{
-+ int temp;
-+ if (x.left % 10)
-+ return x.x(x.left, 100);
-+ else if (x.right % 20)
-+ {
-+ return x.x(x.left * x.right, 100);
-+ }
-+ temp = x.left % x.right;
-+ temp *= 100;
-+ temp /= 2;
-+ return temp % 3;
-+}
-+
-+void
-+retbr_multiple_returns_void (struct sls_testclass x)
-+{
-+ if (x.left % 10)
-+ {
-+ x.y(x.left, 100);
-+ }
-+ else if (x.right % 20)
-+ {
-+ x.y(x.left * x.right, 100);
-+ }
-+ return;
-+}
-+
-+/* Testing the casesi jump via register. */
-+__attribute__ ((optimize ("Os")))
-+int
-+retbr_casesi_dispatch (struct sls_testclass x)
-+{
-+ switch (x.left)
-+ {
-+ case -5:
-+ return -2;
-+ case -3:
-+ return -1;
-+ case 0:
-+ return 0;
-+ case 3:
-+ return 1;
-+ case 5:
-+ break;
-+ default:
-+ __builtin_unreachable ();
-+ }
-+ return x.right;
-+}
-+
-+/* Testing the BR in trampolines is mitigated against. */
-+void f1 (void *);
-+void f3 (void *, void (*)(void *));
-+void f2 (void *);
-+
-+int
-+retbr_trampolines (void *a, int b)
-+{
-+ if (!b)
-+ {
-+ f1 (a);
-+ return 1;
-+ }
-+ if (b)
-+ {
-+ void retbr_tramp_internal (void *c)
-+ {
-+ if (c == a)
-+ f2 (c);
-+ }
-+ f3 (a, retbr_tramp_internal);
-+ }
-+ return 0;
-+}
-+
-+/* Testing the indirect_jump pattern. */
-+void
-+retbr_indirect_jump (int *buf)
-+{
-+ __builtin_longjmp(buf, 1);
-+}
-+
-+/* Ensure there are no BR or RET instructions which are not directly followed
-+ by a speculation barrier. */
-+/* { dg-final { scan-assembler-not {\t(br|ret|retaa|retab)\tx[0-9][0-9]?\n\t(?!dsb\tsy\n\tisb|sb)} } } */
-diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-mitigation.exp b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-mitigation.exp
-new file mode 100644
-index 0000000..8122503
---- /dev/null
-+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-mitigation.exp
-@@ -0,0 +1,73 @@
-+# Regression driver for SLS mitigation on AArch64.
-+# Copyright (C) 2020 Free Software Foundation, Inc.
-+# Contributed by ARM Ltd.
-+#
-+# This file is part of GCC.
-+#
-+# GCC is free software; you can redistribute it and/or modify it
-+# under the terms of the GNU General Public License as published by
-+# the Free Software Foundation; either version 3, or (at your option)
-+# any later version.
-+#
-+# GCC is distributed in the hope that it will be useful, but
-+# WITHOUT ANY WARRANTY; without even the implied warranty of
-+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-+# General Public License for more details.
-+#
-+# You should have received a copy of the GNU General Public License
-+# along with GCC; see the file COPYING3. If not see
-+# <http://www.gnu.org/licenses/>. */
-+
-+# Exit immediately if this isn't an AArch64 target.
-+if {![istarget aarch64*-*-*] } then {
-+ return
-+}
-+
-+# Load support procs.
-+load_lib gcc-dg.exp
-+load_lib torture-options.exp
-+
-+# If a testcase doesn't have special options, use these.
-+global DEFAULT_CFLAGS
-+if ![info exists DEFAULT_CFLAGS] then {
-+ set DEFAULT_CFLAGS " "
-+}
-+
-+# Initialize `dg'.
-+dg-init
-+torture-init
-+
-+# Use different architectures as well as the normal optimisation options.
-+# (i.e. use both SB and DSB+ISB barriers).
-+
-+set save-dg-do-what-default ${dg-do-what-default}
-+# Main loop.
-+# Run with torture tests (i.e. a bunch of different optimisation levels) just
-+# to increase test coverage.
-+set dg-do-what-default assemble
-+gcc-dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.\[cCS\]]] \
-+ "-save-temps" $DEFAULT_CFLAGS
-+
-+# Run the same tests but this time with SB extension.
-+# Since not all supported assemblers will support that extension we decide
-+# whether to assemble or just compile based on whether the extension is
-+# supported for the available assembler.
-+
-+set templist {}
-+foreach x $DG_TORTURE_OPTIONS {
-+ lappend templist "$x -march=armv8.3-a+sb "
-+ lappend templist "$x -march=armv8-a+sb "
-+}
-+set-torture-options $templist
-+if { [check_effective_target_aarch64_asm_sb_ok] } {
-+ set dg-do-what-default assemble
-+} else {
-+ set dg-do-what-default compile
-+}
-+gcc-dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.\[cCS\]]] \
-+ "-save-temps" $DEFAULT_CFLAGS
-+set dg-do-what-default ${save-dg-do-what-default}
-+
-+# All done.
-+torture-finish
-+dg-finish
-diff --git a/gcc/testsuite/lib/target-supports.exp b/gcc/testsuite/lib/target-supports.exp
-index 8a186dd..9d2e093 100644
---- a/gcc/testsuite/lib/target-supports.exp
-+++ b/gcc/testsuite/lib/target-supports.exp
-@@ -9432,7 +9432,7 @@ proc check_effective_target_aarch64_tiny { } {
- # various architecture extensions via the .arch_extension pseudo-op.
-
- foreach { aarch64_ext } { "fp" "simd" "crypto" "crc" "lse" "dotprod" "sve"
-- "i8mm" "f32mm" "f64mm" "bf16" } {
-+ "i8mm" "f32mm" "f64mm" "bf16" "sb" } {
- eval [string map [list FUNC $aarch64_ext] {
- proc check_effective_target_aarch64_asm_FUNC_ok { } {
- if { [istarget aarch64*-*-*] } {
---
-2.7.4
-
diff --git a/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch
new file mode 100644
index 0000000000..d87be19866
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch
@@ -0,0 +1,103 @@
+From 30461cf8dba3d3adb15a125e4da48800eb2b9b8f Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Fri, 18 Jun 2021 17:18:37 +0100
+Subject: [PATCH] arm: fix vlldm erratum for Armv8.1-m [PR102035]
+
+For Armv8.1-m we generate code that emits VLLDM directly and do not
+rely on support code in the library, so emit the mitigation directly
+as well, when required. In this case, we can use the compiler options
+to determine when to apply the fix and when it is safe to omit it.
+
+gcc:
+ PR target/102035
+ * config/arm/arm.md (attribute arch): Add fix_vlldm.
+ (arch_enabled): Use it.
+ * config/arm/vfp.md (lazy_store_multiple_insn): Add alternative to
+ use when erratum mitigation is needed.
+
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=30461cf8dba3d3adb15a125e4da48800eb2b9b8f]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ gcc/config/arm/arm.md | 11 +++++++++--
+ gcc/config/arm/vfp.md | 10 +++++++---
+ 2 files changed, 16 insertions(+), 5 deletions(-)
+
+diff -upr a/gcc/config/arm/arm.md b/gcc/config/arm/arm.md
+--- a/gcc/config/arm/arm.md 2020-07-22 23:35:17.344384552 -0700
++++ b/gcc/config/arm/arm.md 2021-11-11 20:33:58.431543947 -0800
+@@ -132,9 +132,12 @@
+ ; TARGET_32BIT, "t1" or "t2" to specify a specific Thumb mode. "v6"
+ ; for ARM or Thumb-2 with arm_arch6, and nov6 for ARM without
+ ; arm_arch6. "v6t2" for Thumb-2 with arm_arch6 and "v8mb" for ARMv8-M
+-; Baseline. This attribute is used to compute attribute "enabled",
++; Baseline. "fix_vlldm" is for fixing the v8-m/v8.1-m VLLDM erratum.
++; This attribute is used to compute attribute "enabled",
+ ; use type "any" to enable an alternative in all cases.
+-(define_attr "arch" "any,a,t,32,t1,t2,v6,nov6,v6t2,v8mb,iwmmxt,iwmmxt2,armv6_or_vfpv3,neon,mve"
++(define_attr "arch" "any, a, t, 32, t1, t2, v6,nov6, v6t2, \
++ v8mb, fix_vlldm, iwmmxt, iwmmxt2, armv6_or_vfpv3, \
++ neon, mve"
+ (const_string "any"))
+
+ (define_attr "arch_enabled" "no,yes"
+@@ -177,6 +180,10 @@
+ (match_test "TARGET_THUMB1 && arm_arch8"))
+ (const_string "yes")
+
++ (and (eq_attr "arch" "fix_vlldm")
++ (match_test "fix_vlldm"))
++ (const_string "yes")
++
+ (and (eq_attr "arch" "iwmmxt2")
+ (match_test "TARGET_REALLY_IWMMXT2"))
+ (const_string "yes")
+diff -upr a/gcc/config/arm/vfp.md b/gcc/config/arm/vfp.md
+--- a/gcc/config/arm/vfp.md 2020-07-22 23:35:17.356384684 -0700
++++ b/gcc/config/arm/vfp.md 2021-11-11 20:33:58.431543947 -0800
+@@ -1703,12 +1703,15 @@
+ (set_attr "type" "mov_reg")]
+ )
+
++;; Both this and the next instruction are treated by GCC in the same
++;; way as a blockage pattern. That's perhaps stronger than it needs
++;; to be, but we do not want accesses to the VFP register bank to be
++;; moved across either instruction.
++
+ (define_insn "lazy_store_multiple_insn"
+- [(set (match_operand:SI 0 "s_register_operand" "+&rk")
+- (post_dec:SI (match_dup 0)))
+- (unspec_volatile [(const_int 0)
+- (mem:SI (post_dec:SI (match_dup 0)))]
+- VUNSPEC_VLSTM)]
++ [(unspec_volatile
++ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk"))]
++ VUNSPEC_VLSTM)]
+ "use_cmse && reload_completed"
+ "vlstm%?\\t%0"
+ [(set_attr "predicable" "yes")
+@@ -1716,14 +1719,16 @@
+ )
+
+ (define_insn "lazy_load_multiple_insn"
+- [(set (match_operand:SI 0 "s_register_operand" "+&rk")
+- (post_inc:SI (match_dup 0)))
+- (unspec_volatile:SI [(const_int 0)
+- (mem:SI (match_dup 0))]
+- VUNSPEC_VLLDM)]
++ [(unspec_volatile
++ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk,rk"))]
++ VUNSPEC_VLLDM)]
+ "use_cmse && reload_completed"
+- "vlldm%?\\t%0"
+- [(set_attr "predicable" "yes")
++ "@
++ vscclrm\\t{vpr}\;vlldm\\t%0
++ vlldm\\t%0"
++ [(set_attr "arch" "fix_vlldm,*")
++ (set_attr "predicable" "no")
++ (set_attr "length" "8,4")
+ (set_attr "type" "load_4")]
+ )
+
diff --git a/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch
new file mode 100644
index 0000000000..6bfaf8402d
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch
@@ -0,0 +1,1724 @@
+From 51c500269bf53749b107807d84271385fad35628 Mon Sep 17 00:00:00 2001
+From: Marek Polacek <polacek@redhat.com>
+Date: Wed, 6 Oct 2021 14:33:59 -0400
+Subject: [PATCH] libcpp: Implement -Wbidi-chars for CVE-2021-42574 [PR103026]
+
+From a link below:
+"An issue was discovered in the Bidirectional Algorithm in the Unicode
+Specification through 14.0. It permits the visual reordering of
+characters via control sequences, which can be used to craft source code
+that renders different logic than the logical ordering of tokens
+ingested by compilers and interpreters. Adversaries can leverage this to
+encode source code for compilers accepting Unicode such that targeted
+vulnerabilities are introduced invisibly to human reviewers."
+
+More info:
+https://nvd.nist.gov/vuln/detail/CVE-2021-42574
+https://trojansource.codes/
+
+This is not a compiler bug. However, to mitigate the problem, this patch
+implements -Wbidi-chars=[none|unpaired|any] to warn about possibly
+misleading Unicode bidirectional control characters the preprocessor may
+encounter.
+
+The default is =unpaired, which warns about improperly terminated
+bidirectional control characters; e.g. a LRE without its corresponding PDF.
+The level =any warns about any use of bidirectional control characters.
+
+This patch handles both UCNs and UTF-8 characters. UCNs designating
+bidi characters in identifiers are accepted since r204886. Then r217144
+enabled -fextended-identifiers by default. Extended characters in C/C++
+identifiers have been accepted since r275979. However, this patch still
+warns about mixing UTF-8 and UCN bidi characters; there seems to be no
+good reason to allow mixing them.
+
+We warn in different contexts: comments (both C and C++-style), string
+literals, character constants, and identifiers. Expectedly, UCNs are ignored
+in comments and raw string literals. The bidirectional control characters
+can nest so this patch handles that as well.
+
+I have not included nor tested this at all with Fortran (which also has
+string literals and line comments).
+
+Dave M. posted patches improving diagnostic involving Unicode characters.
+This patch does not make use of this new infrastructure yet.
+
+ PR preprocessor/103026
+
+gcc/c-family/ChangeLog:
+
+ * c.opt (Wbidi-chars, Wbidi-chars=): New option.
+
+gcc/ChangeLog:
+
+ * doc/invoke.texi: Document -Wbidi-chars.
+
+libcpp/ChangeLog:
+
+ * include/cpplib.h (enum cpp_bidirectional_level): New.
+ (struct cpp_options): Add cpp_warn_bidirectional.
+ (enum cpp_warning_reason): Add CPP_W_BIDIRECTIONAL.
+ * internal.h (struct cpp_reader): Add warn_bidi_p member
+ function.
+ * init.c (cpp_create_reader): Set cpp_warn_bidirectional.
+ * lex.c (bidi): New namespace.
+ (get_bidi_utf8): New function.
+ (get_bidi_ucn): Likewise.
+ (maybe_warn_bidi_on_close): Likewise.
+ (maybe_warn_bidi_on_char): Likewise.
+ (_cpp_skip_block_comment): Implement warning about bidirectional
+ control characters.
+ (skip_line_comment): Likewise.
+ (forms_identifier_p): Likewise.
+ (lex_identifier): Likewise.
+ (lex_string): Likewise.
+ (lex_raw_string): Likewise.
+
+gcc/testsuite/ChangeLog:
+
+ * c-c++-common/Wbidi-chars-1.c: New test.
+ * c-c++-common/Wbidi-chars-2.c: New test.
+ * c-c++-common/Wbidi-chars-3.c: New test.
+ * c-c++-common/Wbidi-chars-4.c: New test.
+ * c-c++-common/Wbidi-chars-5.c: New test.
+ * c-c++-common/Wbidi-chars-6.c: New test.
+ * c-c++-common/Wbidi-chars-7.c: New test.
+ * c-c++-common/Wbidi-chars-8.c: New test.
+ * c-c++-common/Wbidi-chars-9.c: New test.
+ * c-c++-common/Wbidi-chars-10.c: New test.
+ * c-c++-common/Wbidi-chars-11.c: New test.
+ * c-c++-common/Wbidi-chars-12.c: New test.
+ * c-c++-common/Wbidi-chars-13.c: New test.
+ * c-c++-common/Wbidi-chars-14.c: New test.
+ * c-c++-common/Wbidi-chars-15.c: New test.
+ * c-c++-common/Wbidi-chars-16.c: New test.
+ * c-c++-common/Wbidi-chars-17.c: New test.
+
+CVE: CVE-2021-42574
+Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=51c500269bf53749b107807d84271385fad35628]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ gcc/c-family/c.opt | 24 ++
+ gcc/doc/invoke.texi | 21 +-
+ gcc/testsuite/c-c++-common/Wbidi-chars-1.c | 12 +
+ gcc/testsuite/c-c++-common/Wbidi-chars-10.c | 27 ++
+ gcc/testsuite/c-c++-common/Wbidi-chars-11.c | 13 +
+ gcc/testsuite/c-c++-common/Wbidi-chars-12.c | 19 +
+ gcc/testsuite/c-c++-common/Wbidi-chars-13.c | 17 +
+ gcc/testsuite/c-c++-common/Wbidi-chars-14.c | 38 ++
+ gcc/testsuite/c-c++-common/Wbidi-chars-15.c | 59 +++
+ gcc/testsuite/c-c++-common/Wbidi-chars-16.c | 26 ++
+ gcc/testsuite/c-c++-common/Wbidi-chars-17.c | 30 ++
+ gcc/testsuite/c-c++-common/Wbidi-chars-2.c | 9 +
+ gcc/testsuite/c-c++-common/Wbidi-chars-3.c | 11 +
+ gcc/testsuite/c-c++-common/Wbidi-chars-4.c | 188 +++++++++
+ gcc/testsuite/c-c++-common/Wbidi-chars-5.c | 188 +++++++++
+ gcc/testsuite/c-c++-common/Wbidi-chars-6.c | 155 ++++++++
+ gcc/testsuite/c-c++-common/Wbidi-chars-7.c | 9 +
+ gcc/testsuite/c-c++-common/Wbidi-chars-8.c | 13 +
+ gcc/testsuite/c-c++-common/Wbidi-chars-9.c | 29 ++
+ libcpp/include/cpplib.h | 18 +-
+ libcpp/init.c | 1 +
+ libcpp/internal.h | 7 +
+ libcpp/lex.c | 408 +++++++++++++++++++-
+ 23 files changed, 1315 insertions(+), 7 deletions(-)
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-1.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-10.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-11.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-12.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-13.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-14.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-15.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-16.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-17.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-2.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-3.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-4.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-5.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-6.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-7.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-8.c
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-9.c
+
+diff --git a/gcc/c-family/c.opt b/gcc/c-family/c.opt
+--- a/gcc/c-family/c.opt 2021-12-25 01:29:12.915317374 -0800
++++ b/gcc/c-family/c.opt 2021-12-25 01:36:22.040018701 -0800
+@@ -350,6 +350,30 @@ Wbad-function-cast
+ C ObjC Var(warn_bad_function_cast) Warning
+ Warn about casting functions to incompatible types.
+
++Wbidi-chars
++C ObjC C++ ObjC++ Warning Alias(Wbidi-chars=,any,none)
++;
++
++Wbidi-chars=
++C ObjC C++ ObjC++ RejectNegative Joined Warning CPP(cpp_warn_bidirectional) CppReason(CPP_W_BIDIRECTIONAL) Var(warn_bidirectional) Init(bidirectional_unpaired) Enum(cpp_bidirectional_level)
++-Wbidi-chars=[none|unpaired|any] Warn about UTF-8 bidirectional control characters.
++
++; Required for these enum values.
++SourceInclude
++cpplib.h
++
++Enum
++Name(cpp_bidirectional_level) Type(int) UnknownError(argument %qs to %<-Wbidi-chars%> not recognized)
++
++EnumValue
++Enum(cpp_bidirectional_level) String(none) Value(bidirectional_none)
++
++EnumValue
++Enum(cpp_bidirectional_level) String(unpaired) Value(bidirectional_unpaired)
++
++EnumValue
++Enum(cpp_bidirectional_level) String(any) Value(bidirectional_any)
++
+ Wbool-compare
+ C ObjC C++ ObjC++ Var(warn_bool_compare) Warning LangEnabledBy(C ObjC C++ ObjC++,Wall)
+ Warn about boolean expression compared with an integer value different from true/false.
+diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
+--- a/gcc/doc/invoke.texi 2021-12-25 01:35:33.284883488 -0800
++++ b/gcc/doc/invoke.texi 2021-12-25 01:36:22.048018559 -0800
+@@ -310,7 +310,9 @@ Objective-C and Objective-C++ Dialects}.
+ -Warith-conversion @gol
+ -Warray-bounds -Warray-bounds=@var{n} @gol
+ -Wno-attributes -Wattribute-alias=@var{n} -Wno-attribute-alias @gol
+--Wno-attribute-warning -Wbool-compare -Wbool-operation @gol
++-Wno-attribute-warning @gol
++-Wbidi-chars=@r{[}none@r{|}unpaired@r{|}any@r{]} @gol
++-Wbool-compare -Wbool-operation @gol
+ -Wno-builtin-declaration-mismatch @gol
+ -Wno-builtin-macro-redefined -Wc90-c99-compat -Wc99-c11-compat @gol
+ -Wc11-c2x-compat @gol
+@@ -6860,6 +6862,23 @@ Attributes considered include @code{allo
+ This is the default. You can disable these warnings with either
+ @option{-Wno-attribute-alias} or @option{-Wattribute-alias=0}.
+
++@item -Wbidi-chars=@r{[}none@r{|}unpaired@r{|}any@r{]}
++@opindex Wbidi-chars=
++@opindex Wbidi-chars
++@opindex Wno-bidi-chars
++Warn about possibly misleading UTF-8 bidirectional control characters in
++comments, string literals, character constants, and identifiers. Such
++characters can change left-to-right writing direction into right-to-left
++(and vice versa), which can cause confusion between the logical order and
++visual order. This may be dangerous; for instance, it may seem that a piece
++of code is not commented out, whereas it in fact is.
++
++There are three levels of warning supported by GCC@. The default is
++@option{-Wbidi-chars=unpaired}, which warns about improperly terminated
++bidi contexts. @option{-Wbidi-chars=none} turns the warning off.
++@option{-Wbidi-chars=any} warns about any use of bidirectional control
++characters.
++
+ @item -Wbool-compare
+ @opindex Wno-bool-compare
+ @opindex Wbool-compare
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-10.c b/gcc/testsuite/c-c++-common/Wbidi-chars-10.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-10.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-10.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,27 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired" } */
++/* More nesting testing. */
++
++/* RLE‫ LRI⁦ PDF‬ PDI⁩*/
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int LRE_\u202a_PDF_\u202c;
++int LRE_\u202a_PDF_\u202c_LRE_\u202a_PDF_\u202c;
++int LRE_\u202a_LRI_\u2066_PDF_\u202c_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int RLE_\u202b_RLI_\u2067_PDF_\u202c_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int RLE_\u202b_RLI_\u2067_PDI_\u2069_PDF_\u202c;
++int FSI_\u2068_LRO_\u202d_PDI_\u2069_PDF_\u202c;
++int FSI_\u2068;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int FSI_\u2068_PDI_\u2069;
++int FSI_\u2068_FSI_\u2068_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069;
++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDF_\u202c;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_FSI_\u2068_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-11.c b/gcc/testsuite/c-c++-common/Wbidi-chars-11.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-11.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-11.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,13 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired" } */
++/* Test that we warn when mixing UCN and UTF-8. */
++
++int LRE_‪_PDF_\u202c;
++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */
++int LRE_\u202a_PDF_‬_;
++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */
++const char *s1 = "LRE_‪_PDF_\u202c";
++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */
++const char *s2 = "LRE_\u202a_PDF_‬";
++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-12.c b/gcc/testsuite/c-c++-common/Wbidi-chars-12.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-12.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-12.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,19 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile { target { c || c++11 } } } */
++/* { dg-options "-Wbidi-chars=any" } */
++/* Test raw strings. */
++
++const char *s1 = R"(a b c LRE‪ 1 2 3 PDF‬ x y z)";
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++const char *s2 = R"(a b c RLE‫ 1 2 3 PDF‬ x y z)";
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++const char *s3 = R"(a b c LRO‭ 1 2 3 PDF‬ x y z)";
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++const char *s4 = R"(a b c RLO‮ 1 2 3 PDF‬ x y z)";
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++const char *s7 = R"(a b c FSI⁨ 1 2 3 PDI⁩ x y) z";
++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */
++const char *s8 = R"(a b c PDI⁩ x y )z";
++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */
++const char *s9 = R"(a b c PDF‬ x y z)";
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-13.c b/gcc/testsuite/c-c++-common/Wbidi-chars-13.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-13.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-13.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,17 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile { target { c || c++11 } } } */
++/* { dg-options "-Wbidi-chars=unpaired" } */
++/* Test raw strings. */
++
++const char *s1 = R"(a b c LRE‪ 1 2 3)";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++const char *s2 = R"(a b c RLE‫ 1 2 3)";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++const char *s3 = R"(a b c LRO‭ 1 2 3)";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++const char *s4 = R"(a b c FSI⁨ 1 2 3)";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++const char *s5 = R"(a b c LRI⁦ 1 2 3)";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++const char *s6 = R"(a b c RLI⁧ 1 2 3)";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-14.c b/gcc/testsuite/c-c++-common/Wbidi-chars-14.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-14.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-14.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,38 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired" } */
++/* Test PDI handling, which also pops any subsequent LREs, RLEs, LROs,
++ or RLOs. */
++
++/* LRI_⁦_LRI_⁦_RLE_‫_RLE_‫_RLE_‫_PDI_⁩*/
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++// LRI_⁦_RLE_‫_RLE_‫_RLE_‫_PDI_⁩
++// LRI_⁦_RLO_‮_RLE_‫_RLE_‫_PDI_⁩
++// LRI_⁦_RLO_‮_RLE_‫_PDI_⁩
++// FSI_⁨_RLO_‮_PDI_⁩
++// FSI_⁨_FSI_⁨_RLO_‮_PDI_⁩
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++
++int LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069_PDI_\u2069;
++int LRI_\u2066_LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int PDI_\u2069;
++int LRI_\u2066_PDI_\u2069;
++int RLI_\u2067_PDI_\u2069;
++int LRE_\u202a_LRI_\u2066_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int LRI_\u2066_LRE_\u202a_PDF_\u202c_PDI_\u2069;
++int LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069;
++int RLI_\u2067_LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int FSI_\u2068_LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int RLO_\u202e_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int RLI_\u2067_PDI_\u2069_RLI_\u2067;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int FSI_\u2068_PDF_\u202c_PDI_\u2069;
++int FSI_\u2068_FSI_\u2068_PDF_\u202c_PDI_\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-15.c b/gcc/testsuite/c-c++-common/Wbidi-chars-15.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-15.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-15.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,59 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired" } */
++/* Test unpaired bidi control chars in multiline comments. */
++
++/*
++ * LRE‪ end
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++/*
++ * RLE‫ end
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++/*
++ * LRO‭ end
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++/*
++ * RLO‮ end
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++/*
++ * LRI⁦ end
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++/*
++ * RLI⁧ end
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++/*
++ * FSI⁨ end
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++/* LRE‪
++ PDF‬ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++/* FSI⁨
++ PDI⁩ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++
++/* LRE<‪>
++ *
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-3 } */
++
++/*
++ * LRE<‪>
++ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++
++/*
++ *
++ * LRE<‪> */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++
++/* RLI<⁧> */ /* PDI<⁩> */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* LRE<‪> */ /* PDF<‬> */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-16.c b/gcc/testsuite/c-c++-common/Wbidi-chars-16.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-16.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-16.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,26 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=any" } */
++/* Test LTR/RTL chars. */
++
++/* LTR<‎> */
++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */
++// LTR<‎>
++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */
++/* RTL<‏> */
++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */
++// RTL<‏>
++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */
++
++const char *s1 = "LTR<‎>";
++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */
++const char *s2 = "LTR\u200e";
++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */
++const char *s3 = "LTR\u200E";
++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */
++const char *s4 = "RTL<‏>";
++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */
++const char *s5 = "RTL\u200f";
++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */
++const char *s6 = "RTL\u200F";
++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-17.c b/gcc/testsuite/c-c++-common/Wbidi-chars-17.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-17.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-17.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,30 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired" } */
++/* Test LTR/RTL chars. */
++
++/* LTR<‎> */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// LTR<‎>
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* RTL<‏> */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// RTL<‏>
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int ltr_\u200e;
++/* { dg-error "universal character " "" { target *-*-* } .-1 } */
++int rtl_\u200f;
++/* { dg-error "universal character " "" { target *-*-* } .-1 } */
++
++const char *s1 = "LTR<‎>";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++const char *s2 = "LTR\u200e";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++const char *s3 = "LTR\u200E";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++const char *s4 = "RTL<‏>";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++const char *s5 = "RTL\u200f";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++const char *s6 = "RTL\u200F";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-1.c b/gcc/testsuite/c-c++-common/Wbidi-chars-1.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-1.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-1.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,12 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++
++int main() {
++ int isAdmin = 0;
++ /*‮ } ⁦if (isAdmin)⁩ ⁦ begin admins only */
++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */
++ __builtin_printf("You are an admin.\n");
++ /* end admins only ‮ { ⁦*/
++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */
++ return 0;
++}
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-2.c b/gcc/testsuite/c-c++-common/Wbidi-chars-2.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-2.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-2.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,9 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++
++int main() {
++ /* Say hello; newline⁧/*/ return 0 ;
++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */
++ __builtin_printf("Hello world.\n");
++ return 0;
++}
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-3.c b/gcc/testsuite/c-c++-common/Wbidi-chars-3.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-3.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-3.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,11 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++
++int main() {
++ const char* access_level = "user";
++ if (__builtin_strcmp(access_level, "user‮ ⁦// Check if admin⁩ ⁦")) {
++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */
++ __builtin_printf("You are an admin.\n");
++ }
++ return 0;
++}
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-4.c b/gcc/testsuite/c-c++-common/Wbidi-chars-4.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-4.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-4.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,188 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=any -Wno-multichar -Wno-overflow" } */
++/* Test all bidi chars in various contexts (identifiers, comments,
++ string literals, character constants), both UCN and UTF-8. The bidi
++ chars here are properly terminated, except for the character constants. */
++
++/* a b c LRE‪ 1 2 3 PDF‬ x y z */
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++/* a b c RLE‫ 1 2 3 PDF‬ x y z */
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++/* a b c LRO‭ 1 2 3 PDF‬ x y z */
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++/* a b c RLO‮ 1 2 3 PDF‬ x y z */
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++/* a b c LRI⁦ 1 2 3 PDI⁩ x y z */
++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */
++/* a b c RLI⁧ 1 2 3 PDI⁩ x y */
++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */
++/* a b c FSI⁨ 1 2 3 PDI⁩ x y z */
++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */
++
++/* Same but C++ comments instead. */
++// a b c LRE‪ 1 2 3 PDF‬ x y z
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++// a b c RLE‫ 1 2 3 PDF‬ x y z
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++// a b c LRO‭ 1 2 3 PDF‬ x y z
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++// a b c RLO‮ 1 2 3 PDF‬ x y z
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++// a b c LRI⁦ 1 2 3 PDI⁩ x y z
++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */
++// a b c RLI⁧ 1 2 3 PDI⁩ x y
++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */
++// a b c FSI⁨ 1 2 3 PDI⁩ x y z
++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */
++
++/* Here we're closing an unopened context, warn when =any. */
++/* a b c PDI⁩ x y z */
++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */
++/* a b c PDF‬ x y z */
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */
++// a b c PDI⁩ x y z
++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */
++// a b c PDF‬ x y z
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */
++
++/* Multiline comments. */
++/* a b c PDI⁩ x y z
++ */
++/* { dg-warning "U\\+2069" "" { target *-*-* } .-2 } */
++/* a b c PDF‬ x y z
++ */
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-2 } */
++/* first
++ a b c PDI⁩ x y z
++ */
++/* { dg-warning "U\\+2069" "" { target *-*-* } .-2 } */
++/* first
++ a b c PDF‬ x y z
++ */
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-2 } */
++/* first
++ a b c PDI⁩ x y z */
++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */
++/* first
++ a b c PDF‬ x y z */
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */
++
++void
++g1 ()
++{
++ const char *s1 = "a b c LRE‪ 1 2 3 PDF‬ x y z";
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++ const char *s2 = "a b c RLE‫ 1 2 3 PDF‬ x y z";
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++ const char *s3 = "a b c LRO‭ 1 2 3 PDF‬ x y z";
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++ const char *s4 = "a b c RLO‮ 1 2 3 PDF‬ x y z";
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++ const char *s5 = "a b c LRI⁦ 1 2 3 PDI⁩ x y z";
++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */
++ const char *s6 = "a b c RLI⁧ 1 2 3 PDI⁩ x y z";
++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */
++ const char *s7 = "a b c FSI⁨ 1 2 3 PDI⁩ x y z";
++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */
++ const char *s8 = "a b c PDI⁩ x y z";
++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */
++ const char *s9 = "a b c PDF‬ x y z";
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */
++
++ const char *s10 = "a b c LRE\u202a 1 2 3 PDF\u202c x y z";
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++ const char *s11 = "a b c LRE\u202A 1 2 3 PDF\u202c x y z";
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++ const char *s12 = "a b c RLE\u202b 1 2 3 PDF\u202c x y z";
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++ const char *s13 = "a b c RLE\u202B 1 2 3 PDF\u202c x y z";
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++ const char *s14 = "a b c LRO\u202d 1 2 3 PDF\u202c x y z";
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++ const char *s15 = "a b c LRO\u202D 1 2 3 PDF\u202c x y z";
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++ const char *s16 = "a b c RLO\u202e 1 2 3 PDF\u202c x y z";
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++ const char *s17 = "a b c RLO\u202E 1 2 3 PDF\u202c x y z";
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++ const char *s18 = "a b c LRI\u2066 1 2 3 PDI\u2069 x y z";
++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */
++ const char *s19 = "a b c RLI\u2067 1 2 3 PDI\u2069 x y z";
++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */
++ const char *s20 = "a b c FSI\u2068 1 2 3 PDI\u2069 x y z";
++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */
++}
++
++void
++g2 ()
++{
++ const char c1 = '\u202a';
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++ const char c2 = '\u202A';
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++ const char c3 = '\u202b';
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++ const char c4 = '\u202B';
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++ const char c5 = '\u202d';
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++ const char c6 = '\u202D';
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++ const char c7 = '\u202e';
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++ const char c8 = '\u202E';
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++ const char c9 = '\u2066';
++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */
++ const char c10 = '\u2067';
++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */
++ const char c11 = '\u2068';
++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */
++}
++
++int a‪b‬c;
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++int a‫b‬c;
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++int a‭b‬c;
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++int a‮b‬c;
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++int a⁦b⁩c;
++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */
++int a⁧b⁩c;
++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */
++int a⁨b⁩c;
++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */
++int A‬X;
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */
++int A\u202cY;
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */
++int A\u202CY2;
++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */
++
++int d\u202ae\u202cf;
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++int d\u202Ae\u202cf2;
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++int d\u202be\u202cf;
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++int d\u202Be\u202cf2;
++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */
++int d\u202de\u202cf;
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++int d\u202De\u202cf2;
++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */
++int d\u202ee\u202cf;
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++int d\u202Ee\u202cf2;
++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */
++int d\u2066e\u2069f;
++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */
++int d\u2067e\u2069f;
++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */
++int d\u2068e\u2069f;
++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */
++int X\u2069;
++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-5.c b/gcc/testsuite/c-c++-common/Wbidi-chars-5.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-5.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-5.c 2021-12-25 01:36:22.048018559 -0800
+@@ -0,0 +1,188 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired -Wno-multichar -Wno-overflow" } */
++/* Test all bidi chars in various contexts (identifiers, comments,
++ string literals, character constants), both UCN and UTF-8. The bidi
++ chars here are properly terminated, except for the character constants. */
++
++/* a b c LRE‪ 1 2 3 PDF‬ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* a b c RLE‫ 1 2 3 PDF‬ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* a b c LRO‭ 1 2 3 PDF‬ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* a b c RLO‮ 1 2 3 PDF‬ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* a b c LRI⁦ 1 2 3 PDI⁩ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* a b c RLI⁧ 1 2 3 PDI⁩ x y */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* a b c FSI⁨ 1 2 3 PDI⁩ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++
++/* Same but C++ comments instead. */
++// a b c LRE‪ 1 2 3 PDF‬ x y z
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// a b c RLE‫ 1 2 3 PDF‬ x y z
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// a b c LRO‭ 1 2 3 PDF‬ x y z
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// a b c RLO‮ 1 2 3 PDF‬ x y z
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// a b c LRI⁦ 1 2 3 PDI⁩ x y z
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// a b c RLI⁧ 1 2 3 PDI⁩ x y
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// a b c FSI⁨ 1 2 3 PDI⁩ x y z
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++
++/* Here we're closing an unopened context, warn when =any. */
++/* a b c PDI⁩ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* a b c PDF‬ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// a b c PDI⁩ x y z
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++// a b c PDF‬ x y z
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++
++/* Multiline comments. */
++/* a b c PDI⁩ x y z
++ */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */
++/* a b c PDF‬ x y z
++ */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */
++/* first
++ a b c PDI⁩ x y z
++ */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */
++/* first
++ a b c PDF‬ x y z
++ */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */
++/* first
++ a b c PDI⁩ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++/* first
++ a b c PDF‬ x y z */
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++
++void
++g1 ()
++{
++ const char *s1 = "a b c LRE‪ 1 2 3 PDF‬ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s2 = "a b c RLE‫ 1 2 3 PDF‬ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s3 = "a b c LRO‭ 1 2 3 PDF‬ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s4 = "a b c RLO‮ 1 2 3 PDF‬ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s5 = "a b c LRI⁦ 1 2 3 PDI⁩ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s6 = "a b c RLI⁧ 1 2 3 PDI⁩ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s7 = "a b c FSI⁨ 1 2 3 PDI⁩ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s8 = "a b c PDI⁩ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s9 = "a b c PDF‬ x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++
++ const char *s10 = "a b c LRE\u202a 1 2 3 PDF\u202c x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s11 = "a b c LRE\u202A 1 2 3 PDF\u202c x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s12 = "a b c RLE\u202b 1 2 3 PDF\u202c x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s13 = "a b c RLE\u202B 1 2 3 PDF\u202c x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s14 = "a b c LRO\u202d 1 2 3 PDF\u202c x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s15 = "a b c LRO\u202D 1 2 3 PDF\u202c x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s16 = "a b c RLO\u202e 1 2 3 PDF\u202c x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s17 = "a b c RLO\u202E 1 2 3 PDF\u202c x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s18 = "a b c LRI\u2066 1 2 3 PDI\u2069 x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s19 = "a b c RLI\u2067 1 2 3 PDI\u2069 x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++ const char *s20 = "a b c FSI\u2068 1 2 3 PDI\u2069 x y z";
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++}
++
++void
++g2 ()
++{
++ const char c1 = '\u202a';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c2 = '\u202A';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c3 = '\u202b';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c4 = '\u202B';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c5 = '\u202d';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c6 = '\u202D';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c7 = '\u202e';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c8 = '\u202E';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c9 = '\u2066';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c10 = '\u2067';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char c11 = '\u2068';
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++}
++
++int a‪b‬c;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int a‫b‬c;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int a‭b‬c;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int a‮b‬c;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int a⁦b⁩c;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int a⁧b⁩c;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int a⁨b⁩c;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int A‬X;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int A\u202cY;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int A\u202CY2;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++
++int d\u202ae\u202cf;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u202Ae\u202cf2;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u202be\u202cf;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u202Be\u202cf2;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u202de\u202cf;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u202De\u202cf2;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u202ee\u202cf;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u202Ee\u202cf2;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u2066e\u2069f;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u2067e\u2069f;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int d\u2068e\u2069f;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
++int X\u2069;
++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-6.c b/gcc/testsuite/c-c++-common/Wbidi-chars-6.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-6.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-6.c 2021-12-25 01:36:22.052018489 -0800
+@@ -0,0 +1,155 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired" } */
++/* Test nesting of bidi chars in various contexts. */
++
++/* Terminated by the wrong char: */
++/* a b c LRE‪ 1 2 3 PDI⁩ x y z */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* a b c RLE‫ 1 2 3 PDI⁩ x y z*/
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* a b c LRO‭ 1 2 3 PDI⁩ x y z */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* a b c RLO‮ 1 2 3 PDI⁩ x y z */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* a b c LRI⁦ 1 2 3 PDF‬ x y z */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* a b c RLI⁧ 1 2 3 PDF‬ x y z */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* a b c FSI⁨ 1 2 3 PDF‬ x y z*/
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++
++/* LRE‪ PDF‬ */
++/* LRE‪ LRE‪ PDF‬ PDF‬ */
++/* PDF‬ LRE‪ PDF‬ */
++/* LRE‪ PDF‬ LRE‪ PDF‬ */
++/* LRE‪ LRE‪ PDF‬ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* PDF‬ LRE‪ */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++
++// a b c LRE‪ 1 2 3 PDI⁩ x y z
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++// a b c RLE‫ 1 2 3 PDI⁩ x y z*/
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++// a b c LRO‭ 1 2 3 PDI⁩ x y z
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++// a b c RLO‮ 1 2 3 PDI⁩ x y z
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++// a b c LRI⁦ 1 2 3 PDF‬ x y z
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++// a b c RLI⁧ 1 2 3 PDF‬ x y z
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++// a b c FSI⁨ 1 2 3 PDF‬ x y z
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++
++// LRE‪ PDF‬
++// LRE‪ LRE‪ PDF‬ PDF‬
++// PDF‬ LRE‪ PDF‬
++// LRE‪ PDF‬ LRE‪ PDF‬
++// LRE‪ LRE‪ PDF‬
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++// PDF‬ LRE‪
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++
++void
++g1 ()
++{
++ const char *s1 = "a b c LRE‪ 1 2 3 PDI⁩ x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s2 = "a b c LRE\u202a 1 2 3 PDI\u2069 x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s3 = "a b c RLE‫ 1 2 3 PDI⁩ x y ";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s4 = "a b c RLE\u202b 1 2 3 PDI\u2069 x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s5 = "a b c LRO‭ 1 2 3 PDI⁩ x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s6 = "a b c LRO\u202d 1 2 3 PDI\u2069 x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s7 = "a b c RLO‮ 1 2 3 PDI⁩ x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s8 = "a b c RLO\u202e 1 2 3 PDI\u2069 x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s9 = "a b c LRI⁦ 1 2 3 PDF‬ x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s10 = "a b c LRI\u2066 1 2 3 PDF\u202c x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s11 = "a b c RLI⁧ 1 2 3 PDF‬ x y z\
++ ";
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++ const char *s12 = "a b c RLI\u2067 1 2 3 PDF\u202c x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s13 = "a b c FSI⁨ 1 2 3 PDF‬ x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s14 = "a b c FSI\u2068 1 2 3 PDF\u202c x y z";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s15 = "PDF‬ LRE‪";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s16 = "PDF\u202c LRE\u202a";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s17 = "LRE‪ PDF‬";
++ const char *s18 = "LRE\u202a PDF\u202c";
++ const char *s19 = "LRE‪ LRE‪ PDF‬ PDF‬";
++ const char *s20 = "LRE\u202a LRE\u202a PDF\u202c PDF\u202c";
++ const char *s21 = "PDF‬ LRE‪ PDF‬";
++ const char *s22 = "PDF\u202c LRE\u202a PDF\u202c";
++ const char *s23 = "LRE‪ LRE‪ PDF‬";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s24 = "LRE\u202a LRE\u202a PDF\u202c";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s25 = "PDF‬ LRE‪";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s26 = "PDF\u202c LRE\u202a";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s27 = "PDF‬ LRE\u202a";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++ const char *s28 = "PDF\u202c LRE‪";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++}
++
++int aLRE‪bPDI⁩;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int A\u202aB\u2069C;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aRLE‫bPDI⁩;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int a\u202bB\u2069c;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aLRO‭bPDI⁩;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int a\u202db\u2069c2;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aRLO‮bPDI⁩;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int a\u202eb\u2069;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aLRI⁦bPDF‬;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int a\u2066b\u202c;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aRLI⁧bPDF‬c
++;
++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */
++int a\u2067b\u202c;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aFSI⁨bPDF‬;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int a\u2068b\u202c;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aFSI⁨bPD\u202C;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aFSI\u2068bPDF‬_;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int aLRE‪bPDF‬b;
++int A\u202aB\u202c;
++int a_LRE‪_LRE‪_b_PDF‬_PDF‬;
++int A\u202aA\u202aB\u202cB\u202c;
++int aPDF‬bLREadPDF‬;
++int a_\u202C_\u202a_\u202c;
++int a_LRE‪_b_PDF‬_c_LRE‪_PDF‬;
++int a_\u202a_\u202c_\u202a_\u202c_;
++int a_LRE‪_b_PDF‬_c_LRE‪;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int a_\u202a_\u202c_\u202a_;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-7.c b/gcc/testsuite/c-c++-common/Wbidi-chars-7.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-7.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-7.c 2021-12-25 01:36:22.052018489 -0800
+@@ -0,0 +1,9 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=any" } */
++/* Test we ignore UCNs in comments. */
++
++// a b c \u202a 1 2 3
++// a b c \u202A 1 2 3
++/* a b c \u202a 1 2 3 */
++/* a b c \u202A 1 2 3 */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-8.c b/gcc/testsuite/c-c++-common/Wbidi-chars-8.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-8.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-8.c 2021-12-25 01:36:22.052018489 -0800
+@@ -0,0 +1,13 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=any" } */
++/* Test \u vs \U. */
++
++int a_\u202A;
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++int a_\u202a_2;
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++int a_\U0000202A_3;
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
++int a_\U0000202a_4;
++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-9.c b/gcc/testsuite/c-c++-common/Wbidi-chars-9.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-9.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-9.c 2021-12-25 01:36:22.052018489 -0800
+@@ -0,0 +1,29 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired" } */
++/* Test that we properly separate bidi contexts (comment/identifier/character
++ constant/string literal). */
++
++/* LRE ->‪<- */ int pdf_\u202c_1;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* RLE ->‫<- */ int pdf_\u202c_2;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* LRO ->‭<- */ int pdf_\u202c_3;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* RLO ->‮<- */ int pdf_\u202c_4;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* LRI ->⁦<-*/ int pdi_\u2069_1;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* RLI ->⁧<- */ int pdi_\u2069_12;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* FSI ->⁨<- */ int pdi_\u2069_3;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++
++const char *s1 = "LRE\u202a"; /* PDF ->‬<- */
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++/* LRE ->‪<- */ const char *s2 = "PDF\u202c";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++const char *s3 = "LRE\u202a"; int pdf_\u202c_5;
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
++int lre_\u202a; const char *s4 = "PDF\u202c";
++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */
+diff --git a/libcpp/include/cpplib.h b/libcpp/include/cpplib.h
+--- a/libcpp/include/cpplib.h 2021-12-25 01:35:33.288883417 -0800
++++ b/libcpp/include/cpplib.h 2021-12-25 01:36:22.052018489 -0800
+@@ -308,6 +308,17 @@ enum cpp_normalize_level {
+ normalized_none
+ };
+
++/* The possible bidirectional control characters checking levels, from least
++ restrictive to most. */
++enum cpp_bidirectional_level {
++ /* No checking. */
++ bidirectional_none,
++ /* Only detect unpaired uses of bidirectional control characters. */
++ bidirectional_unpaired,
++ /* Detect any use of bidirectional control characters. */
++ bidirectional_any
++};
++
+ /* This structure is nested inside struct cpp_reader, and
+ carries all the options visible to the command line. */
+ struct cpp_options
+@@ -515,6 +526,10 @@ struct cpp_options
+ /* True if warn about differences between C++98 and C++11. */
+ bool cpp_warn_cxx11_compat;
+
++ /* Nonzero if bidirectional control characters checking is on. See enum
++ cpp_bidirectional_level. */
++ unsigned char cpp_warn_bidirectional;
++
+ /* Dependency generation. */
+ struct
+ {
+@@ -613,7 +628,8 @@ enum cpp_warning_reason {
+ CPP_W_C90_C99_COMPAT,
+ CPP_W_C11_C2X_COMPAT,
+ CPP_W_CXX11_COMPAT,
+- CPP_W_EXPANSION_TO_DEFINED
++ CPP_W_EXPANSION_TO_DEFINED,
++ CPP_W_BIDIRECTIONAL
+ };
+
+ /* Callback for header lookup for HEADER, which is the name of a
+diff --git a/libcpp/init.c b/libcpp/init.c
+--- a/libcpp/init.c 2021-12-25 01:29:12.931317107 -0800
++++ b/libcpp/init.c 2021-12-25 01:36:22.052018489 -0800
+@@ -215,6 +215,7 @@ cpp_create_reader (enum c_lang lang, cpp
+ = ENABLE_CANONICAL_SYSTEM_HEADERS;
+ CPP_OPTION (pfile, ext_numeric_literals) = 1;
+ CPP_OPTION (pfile, warn_date_time) = 0;
++ CPP_OPTION (pfile, cpp_warn_bidirectional) = bidirectional_unpaired;
+
+ /* Default CPP arithmetic to something sensible for the host for the
+ benefit of dumb users like fix-header. */
+diff --git a/libcpp/internal.h b/libcpp/internal.h
+--- a/libcpp/internal.h 2021-12-25 01:35:33.288883417 -0800
++++ b/libcpp/internal.h 2021-12-25 01:36:22.052018489 -0800
+@@ -581,6 +581,10 @@ struct cpp_reader
+ /* If non-zero, the lexer will use this location for the next token
+ instead of getting a location from the linemap. */
+ location_t forced_token_location;
++ bool warn_bidi_p () const
++ {
++ return CPP_OPTION (this, cpp_warn_bidirectional) != bidirectional_none;
++ }
+ };
+
+ /* Character classes. Based on the more primitive macros in safe-ctype.h.
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+--- a/libcpp/lex.c 2021-12-25 01:35:33.288883417 -0800
++++ b/libcpp/lex.c 2021-12-25 01:36:22.052018489 -0800
+@@ -1164,6 +1164,324 @@ _cpp_process_line_notes (cpp_reader *pfi
+ }
+ }
+
++namespace bidi {
++ enum class kind {
++ NONE, LRE, RLE, LRO, RLO, LRI, RLI, FSI, PDF, PDI, LTR, RTL
++ };
++
++ /* All the UTF-8 encodings of bidi characters start with E2. */
++ constexpr uchar utf8_start = 0xe2;
++
++ /* A vector holding currently open bidi contexts. We use a char for
++ each context, its LSB is 1 if it represents a PDF context, 0 if it
++ represents a PDI context. The next bit is 1 if this context was open
++ by a bidi character written as a UCN, and 0 when it was UTF-8. */
++ semi_embedded_vec <unsigned char, 16> vec;
++
++ /* Close the whole comment/identifier/string literal/character constant
++ context. */
++ void on_close ()
++ {
++ vec.truncate (0);
++ }
++
++ /* Pop the last element in the vector. */
++ void pop ()
++ {
++ unsigned int len = vec.count ();
++ gcc_checking_assert (len > 0);
++ vec.truncate (len - 1);
++ }
++
++ /* Return the context of the Ith element. */
++ kind ctx_at (unsigned int i)
++ {
++ return (vec[i] & 1) ? kind::PDF : kind::PDI;
++ }
++
++ /* Return which context is currently opened. */
++ kind current_ctx ()
++ {
++ unsigned int len = vec.count ();
++ if (len == 0)
++ return kind::NONE;
++ return ctx_at (len - 1);
++ }
++
++ /* Return true if the current context comes from a UCN origin, that is,
++ the bidi char which started this bidi context was written as a UCN. */
++ bool current_ctx_ucn_p ()
++ {
++ unsigned int len = vec.count ();
++ gcc_checking_assert (len > 0);
++ return (vec[len - 1] >> 1) & 1;
++ }
++
++ /* We've read a bidi char, update the current vector as necessary. */
++ void on_char (kind k, bool ucn_p)
++ {
++ switch (k)
++ {
++ case kind::LRE:
++ case kind::RLE:
++ case kind::LRO:
++ case kind::RLO:
++ vec.push (ucn_p ? 3u : 1u);
++ break;
++ case kind::LRI:
++ case kind::RLI:
++ case kind::FSI:
++ vec.push (ucn_p ? 2u : 0u);
++ break;
++ /* PDF terminates the scope of the last LRE, RLE, LRO, or RLO
++ whose scope has not yet been terminated. */
++ case kind::PDF:
++ if (current_ctx () == kind::PDF)
++ pop ();
++ break;
++ /* PDI terminates the scope of the last LRI, RLI, or FSI whose
++ scope has not yet been terminated, as well as the scopes of
++ any subsequent LREs, RLEs, LROs, or RLOs whose scopes have not
++ yet been terminated. */
++ case kind::PDI:
++ for (int i = vec.count () - 1; i >= 0; --i)
++ if (ctx_at (i) == kind::PDI)
++ {
++ vec.truncate (i);
++ break;
++ }
++ break;
++ case kind::LTR:
++ case kind::RTL:
++ /* These aren't popped by a PDF/PDI. */
++ break;
++ [[likely]] case kind::NONE:
++ break;
++ default:
++ abort ();
++ }
++ }
++
++ /* Return a descriptive string for K. */
++ const char *to_str (kind k)
++ {
++ switch (k)
++ {
++ case kind::LRE:
++ return "U+202A (LEFT-TO-RIGHT EMBEDDING)";
++ case kind::RLE:
++ return "U+202B (RIGHT-TO-LEFT EMBEDDING)";
++ case kind::LRO:
++ return "U+202D (LEFT-TO-RIGHT OVERRIDE)";
++ case kind::RLO:
++ return "U+202E (RIGHT-TO-LEFT OVERRIDE)";
++ case kind::LRI:
++ return "U+2066 (LEFT-TO-RIGHT ISOLATE)";
++ case kind::RLI:
++ return "U+2067 (RIGHT-TO-LEFT ISOLATE)";
++ case kind::FSI:
++ return "U+2068 (FIRST STRONG ISOLATE)";
++ case kind::PDF:
++ return "U+202C (POP DIRECTIONAL FORMATTING)";
++ case kind::PDI:
++ return "U+2069 (POP DIRECTIONAL ISOLATE)";
++ case kind::LTR:
++ return "U+200E (LEFT-TO-RIGHT MARK)";
++ case kind::RTL:
++ return "U+200F (RIGHT-TO-LEFT MARK)";
++ default:
++ abort ();
++ }
++ }
++}
++
++/* Parse a sequence of 3 bytes starting with P and return its bidi code. */
++
++static bidi::kind
++get_bidi_utf8 (const unsigned char *const p)
++{
++ gcc_checking_assert (p[0] == bidi::utf8_start);
++
++ if (p[1] == 0x80)
++ switch (p[2])
++ {
++ case 0xaa:
++ return bidi::kind::LRE;
++ case 0xab:
++ return bidi::kind::RLE;
++ case 0xac:
++ return bidi::kind::PDF;
++ case 0xad:
++ return bidi::kind::LRO;
++ case 0xae:
++ return bidi::kind::RLO;
++ case 0x8e:
++ return bidi::kind::LTR;
++ case 0x8f:
++ return bidi::kind::RTL;
++ default:
++ break;
++ }
++ else if (p[1] == 0x81)
++ switch (p[2])
++ {
++ case 0xa6:
++ return bidi::kind::LRI;
++ case 0xa7:
++ return bidi::kind::RLI;
++ case 0xa8:
++ return bidi::kind::FSI;
++ case 0xa9:
++ return bidi::kind::PDI;
++ default:
++ break;
++ }
++
++ return bidi::kind::NONE;
++}
++
++/* Parse a UCN where P points just past \u or \U and return its bidi code. */
++
++static bidi::kind
++get_bidi_ucn (const unsigned char *p, bool is_U)
++{
++ /* 6.4.3 Universal Character Names
++ \u hex-quad
++ \U hex-quad hex-quad
++ where \unnnn means \U0000nnnn. */
++
++ if (is_U)
++ {
++ if (p[0] != '0' || p[1] != '0' || p[2] != '0' || p[3] != '0')
++ return bidi::kind::NONE;
++ /* Skip 4B so we can treat \u and \U the same below. */
++ p += 4;
++ }
++
++ /* All code points we are looking for start with 20xx. */
++ if (p[0] != '2' || p[1] != '0')
++ return bidi::kind::NONE;
++ else if (p[2] == '2')
++ switch (p[3])
++ {
++ case 'a':
++ case 'A':
++ return bidi::kind::LRE;
++ case 'b':
++ case 'B':
++ return bidi::kind::RLE;
++ case 'c':
++ case 'C':
++ return bidi::kind::PDF;
++ case 'd':
++ case 'D':
++ return bidi::kind::LRO;
++ case 'e':
++ case 'E':
++ return bidi::kind::RLO;
++ default:
++ break;
++ }
++ else if (p[2] == '6')
++ switch (p[3])
++ {
++ case '6':
++ return bidi::kind::LRI;
++ case '7':
++ return bidi::kind::RLI;
++ case '8':
++ return bidi::kind::FSI;
++ case '9':
++ return bidi::kind::PDI;
++ default:
++ break;
++ }
++ else if (p[2] == '0')
++ switch (p[3])
++ {
++ case 'e':
++ case 'E':
++ return bidi::kind::LTR;
++ case 'f':
++ case 'F':
++ return bidi::kind::RTL;
++ default:
++ break;
++ }
++
++ return bidi::kind::NONE;
++}
++
++/* We're closing a bidi context, that is, we've encountered a newline,
++ are closing a C-style comment, or are at the end of a string literal,
++ character constant, or identifier. Warn if this context was not
++ properly terminated by a PDI or PDF. P points to the last character
++ in this context. */
++
++static void
++maybe_warn_bidi_on_close (cpp_reader *pfile, const uchar *p)
++{
++ if (CPP_OPTION (pfile, cpp_warn_bidirectional) == bidirectional_unpaired
++ && bidi::vec.count () > 0)
++ {
++ const location_t loc
++ = linemap_position_for_column (pfile->line_table,
++ CPP_BUF_COLUMN (pfile->buffer, p));
++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0,
++ "unpaired UTF-8 bidirectional control character "
++ "detected");
++ }
++ /* We're done with this context. */
++ bidi::on_close ();
++}
++
++/* We're at the beginning or in the middle of an identifier/comment/string
++ literal/character constant. Warn if we've encountered a bidi character.
++ KIND says which bidi character it was; P points to it in the character
++ stream. UCN_P is true iff this bidi character was written as a UCN. */
++
++static void
++maybe_warn_bidi_on_char (cpp_reader *pfile, const uchar *p, bidi::kind kind,
++ bool ucn_p)
++{
++ if (__builtin_expect (kind == bidi::kind::NONE, 1))
++ return;
++
++ const auto warn_bidi = CPP_OPTION (pfile, cpp_warn_bidirectional);
++
++ if (warn_bidi != bidirectional_none)
++ {
++ const location_t loc
++ = linemap_position_for_column (pfile->line_table,
++ CPP_BUF_COLUMN (pfile->buffer, p));
++ /* It seems excessive to warn about a PDI/PDF that is closing
++ an opened context because we've already warned about the
++ opening character. Except warn when we have a UCN x UTF-8
++ mismatch. */
++ if (kind == bidi::current_ctx ())
++ {
++ if (warn_bidi == bidirectional_unpaired
++ && bidi::current_ctx_ucn_p () != ucn_p)
++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0,
++ "UTF-8 vs UCN mismatch when closing "
++ "a context by \"%s\"", bidi::to_str (kind));
++ }
++ else if (warn_bidi == bidirectional_any)
++ {
++ if (kind == bidi::kind::PDF || kind == bidi::kind::PDI)
++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0,
++ "\"%s\" is closing an unopened context",
++ bidi::to_str (kind));
++ else
++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0,
++ "found problematic Unicode character \"%s\"",
++ bidi::to_str (kind));
++ }
++ }
++ /* We're done with this context. */
++ bidi::on_char (kind, ucn_p);
++}
++
+ /* Skip a C-style block comment. We find the end of the comment by
+ seeing if an asterisk is before every '/' we encounter. Returns
+ nonzero if comment terminated by EOF, zero otherwise.
+@@ -1175,6 +1493,7 @@ _cpp_skip_block_comment (cpp_reader *pfi
+ cpp_buffer *buffer = pfile->buffer;
+ const uchar *cur = buffer->cur;
+ uchar c;
++ const bool warn_bidi_p = pfile->warn_bidi_p ();
+
+ cur++;
+ if (*cur == '/')
+@@ -1189,7 +1508,11 @@ _cpp_skip_block_comment (cpp_reader *pfi
+ if (c == '/')
+ {
+ if (cur[-2] == '*')
+- break;
++ {
++ if (warn_bidi_p)
++ maybe_warn_bidi_on_close (pfile, cur);
++ break;
++ }
+
+ /* Warn about potential nested comments, but not if the '/'
+ comes immediately before the true comment delimiter.
+@@ -1208,6 +1531,8 @@ _cpp_skip_block_comment (cpp_reader *pfi
+ {
+ unsigned int cols;
+ buffer->cur = cur - 1;
++ if (warn_bidi_p)
++ maybe_warn_bidi_on_close (pfile, cur);
+ _cpp_process_line_notes (pfile, true);
+ if (buffer->next_line >= buffer->rlimit)
+ return true;
+@@ -1218,6 +1543,13 @@ _cpp_skip_block_comment (cpp_reader *pfi
+
+ cur = buffer->cur;
+ }
++ /* If this is a beginning of a UTF-8 encoding, it might be
++ a bidirectional control character. */
++ else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p)
++ {
++ bidi::kind kind = get_bidi_utf8 (cur - 1);
++ maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/false);
++ }
+ }
+
+ buffer->cur = cur;
+@@ -1233,9 +1565,31 @@ skip_line_comment (cpp_reader *pfile)
+ {
+ cpp_buffer *buffer = pfile->buffer;
+ location_t orig_line = pfile->line_table->highest_line;
++ const bool warn_bidi_p = pfile->warn_bidi_p ();
+
+- while (*buffer->cur != '\n')
+- buffer->cur++;
++ if (!warn_bidi_p)
++ while (*buffer->cur != '\n')
++ buffer->cur++;
++ else
++ {
++ while (*buffer->cur != '\n'
++ && *buffer->cur != bidi::utf8_start)
++ buffer->cur++;
++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0))
++ {
++ while (*buffer->cur != '\n')
++ {
++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0))
++ {
++ bidi::kind kind = get_bidi_utf8 (buffer->cur);
++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind,
++ /*ucn_p=*/false);
++ }
++ buffer->cur++;
++ }
++ maybe_warn_bidi_on_close (pfile, buffer->cur);
++ }
++ }
+
+ _cpp_process_line_notes (pfile, true);
+ return orig_line != pfile->line_table->highest_line;
+@@ -1343,11 +1697,13 @@ static const cppchar_t utf8_signifier =
+
+ /* Returns TRUE if the sequence starting at buffer->cur is valid in
+ an identifier. FIRST is TRUE if this starts an identifier. */
++
+ static bool
+ forms_identifier_p (cpp_reader *pfile, int first,
+ struct normalize_state *state)
+ {
+ cpp_buffer *buffer = pfile->buffer;
++ const bool warn_bidi_p = pfile->warn_bidi_p ();
+
+ if (*buffer->cur == '$')
+ {
+@@ -1370,6 +1726,13 @@ forms_identifier_p (cpp_reader *pfile, i
+ cppchar_t s;
+ if (*buffer->cur >= utf8_signifier)
+ {
++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0)
++ && warn_bidi_p)
++ {
++ bidi::kind kind = get_bidi_utf8 (buffer->cur);
++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind,
++ /*ucn_p=*/false);
++ }
+ if (_cpp_valid_utf8 (pfile, &buffer->cur, buffer->rlimit, 1 + !first,
+ state, &s))
+ return true;
+@@ -1378,6 +1741,13 @@ forms_identifier_p (cpp_reader *pfile, i
+ && (buffer->cur[1] == 'u' || buffer->cur[1] == 'U'))
+ {
+ buffer->cur += 2;
++ if (warn_bidi_p)
++ {
++ bidi::kind kind = get_bidi_ucn (buffer->cur,
++ buffer->cur[-1] == 'U');
++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind,
++ /*ucn_p=*/true);
++ }
+ if (_cpp_valid_ucn (pfile, &buffer->cur, buffer->rlimit, 1 + !first,
+ state, &s, NULL, NULL))
+ return true;
+@@ -1486,6 +1856,7 @@ lex_identifier (cpp_reader *pfile, const
+ const uchar *cur;
+ unsigned int len;
+ unsigned int hash = HT_HASHSTEP (0, *base);
++ const bool warn_bidi_p = pfile->warn_bidi_p ();
+
+ cur = pfile->buffer->cur;
+ if (! starts_ucn)
+@@ -1509,6 +1880,8 @@ lex_identifier (cpp_reader *pfile, const
+ pfile->buffer->cur++;
+ }
+ } while (forms_identifier_p (pfile, false, nst));
++ if (warn_bidi_p)
++ maybe_warn_bidi_on_close (pfile, pfile->buffer->cur);
+ result = _cpp_interpret_identifier (pfile, base,
+ pfile->buffer->cur - base);
+ *spelling = cpp_lookup (pfile, base, pfile->buffer->cur - base);
+@@ -1697,6 +2070,7 @@ lex_raw_string (cpp_reader *pfile, cpp_t
+ {
+ uchar raw_prefix[17];
+ uchar temp_buffer[18];
++ const bool warn_bidi_p = pfile->warn_bidi_p ();
+ const uchar *orig_base;
+ unsigned int raw_prefix_len = 0, raw_suffix_len = 0;
+ enum raw_str_phase { RAW_STR_PREFIX, RAW_STR, RAW_STR_SUFFIX };
+@@ -1946,8 +2320,15 @@ lex_raw_string (cpp_reader *pfile, cpp_t
+ cur = base = pfile->buffer->cur;
+ note = &pfile->buffer->notes[pfile->buffer->cur_note];
+ }
++ else if (__builtin_expect ((unsigned char) c == bidi::utf8_start, 0)
++ && warn_bidi_p)
++ maybe_warn_bidi_on_char (pfile, pos - 1, get_bidi_utf8 (pos - 1),
++ /*ucn_p=*/false);
+ }
+
++ if (warn_bidi_p)
++ maybe_warn_bidi_on_close (pfile, pos);
++
+ if (CPP_OPTION (pfile, user_literals))
+ {
+ /* If a string format macro, say from inttypes.h, is placed touching
+@@ -2042,15 +2423,27 @@ lex_string (cpp_reader *pfile, cpp_token
+ else
+ terminator = '>', type = CPP_HEADER_NAME;
+
++ const bool warn_bidi_p = pfile->warn_bidi_p ();
+ for (;;)
+ {
+ cppchar_t c = *cur++;
+
+ /* In #include-style directives, terminators are not escapable. */
+ if (c == '\\' && !pfile->state.angled_headers && *cur != '\n')
+- cur++;
++ {
++ if ((cur[0] == 'u' || cur[0] == 'U') && warn_bidi_p)
++ {
++ bidi::kind kind = get_bidi_ucn (cur + 1, cur[0] == 'U');
++ maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/true);
++ }
++ cur++;
++ }
+ else if (c == terminator)
+- break;
++ {
++ if (warn_bidi_p)
++ maybe_warn_bidi_on_close (pfile, cur - 1);
++ break;
++ }
+ else if (c == '\n')
+ {
+ cur--;
+@@ -2067,6 +2460,11 @@ lex_string (cpp_reader *pfile, cpp_token
+ }
+ else if (c == '\0')
+ saw_NUL = true;
++ else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p)
++ {
++ bidi::kind kind = get_bidi_utf8 (cur - 1);
++ maybe_warn_bidi_on_char (pfile, cur - 1, kind, /*ucn_p=*/false);
++ }
+ }
+
+ if (saw_NUL && !pfile->state.skipping)
diff --git a/meta/recipes-devtools/gcc/gcc/0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch b/meta/recipes-devtools/gcc/gcc/0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch
deleted file mode 100644
index 716a367172..0000000000
--- a/meta/recipes-devtools/gcc/gcc/0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch
+++ /dev/null
@@ -1,658 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From a5e7efc40ed841934c1d913f39476afa17d8e5f7 Mon Sep 17 00:00:00 2001
-From: Matthew Malcomson <matthew.malcomson@arm.com>
-Date: Thu, 9 Jul 2020 09:11:59 +0100
-Subject: [PATCH 3/3] aarch64: Mitigate SLS for BLR instruction
-
-This patch introduces the mitigation for Straight Line Speculation past
-the BLR instruction.
-
-This mitigation replaces BLR instructions with a BL to a stub which uses
-a BR to jump to the original value. These function stubs are then
-appended with a speculation barrier to ensure no straight line
-speculation happens after these jumps.
-
-When optimising for speed we use a set of stubs for each function since
-this should help the branch predictor make more accurate predictions
-about where a stub should branch.
-
-When optimising for size we use one set of stubs for all functions.
-This set of stubs can have human readable names, and we are using
-`__call_indirect_x<N>` for register x<N>.
-
-When BTI branch protection is enabled the BLR instruction can jump to a
-`BTI c` instruction using any register, while the BR instruction can
-only jump to a `BTI c` instruction using the x16 or x17 registers.
-Hence, in order to ensure this transformation is safe we mov the value
-of the original register into x16 and use x16 for the BR.
-
-As an example when optimising for size:
-a
- BLR x0
-instruction would get transformed to something like
- BL __call_indirect_x0
-where __call_indirect_x0 labels a thunk that contains
-__call_indirect_x0:
- MOV X16, X0
- BR X16
- <speculation barrier>
-
-The first version of this patch used local symbols specific to a
-compilation unit to try and avoid relocations.
-This was mistaken since functions coming from the same compilation unit
-can still be in different sections, and the assembler will insert
-relocations at jumps between sections.
-
-On any relocation the linker is permitted to emit a veneer to handle
-jumps between symbols that are very far apart. The registers x16 and
-x17 may be clobbered by these veneers.
-Hence the function stubs cannot rely on the values of x16 and x17 being
-the same as just before the function stub is called.
-
-Similar can be said for the hot/cold partitioning of single functions,
-so function-local stubs have the same restriction.
-
-This updated version of the patch never emits function stubs for x16 and
-x17, and instead forces other registers to be used.
-
-Given the above, there is now no benefit to local symbols (since they
-are not enough to avoid dealing with linker intricacies). This patch
-now uses global symbols with hidden visibility each stored in their own
-COMDAT section. This means stubs can be shared between compilation
-units while still avoiding the PLT indirection.
-
-This patch also removes the `__call_indirect_x30` stub (and
-function-local equivalent) which would simply jump back to the original
-location.
-
-The function-local stubs are emitted to the assembly output file in one
-chunk, which means we need not add the speculation barrier directly
-after each one.
-This is because we know for certain that the instructions directly after
-the BR in all but the last function stub will be from another one of
-these stubs and hence will not contain a speculation gadget.
-Instead we add a speculation barrier at the end of the sequence of
-stubs.
-
-The global stubs are emitted in COMDAT/.linkonce sections by
-themselves so that the linker can remove duplicates from multiple object
-files. This means they are not emitted in one chunk, and each one must
-include the speculation barrier.
-
-Another difference is that since the global stubs are shared across
-compilation units we do not know that all functions will be targeting an
-architecture supporting the SB instruction.
-Rather than provide multiple stubs for each architecture, we provide a
-stub that will work for all architectures -- using the DSB+ISB barrier.
-
-This mitigation does not apply for BLR instructions in the following
-places:
-- Some accesses to thread-local variables use a code sequence with a BLR
- instruction. This code sequence is part of the binary interface between
- compiler and linker. If this BLR instruction needs to be mitigated, it'd
- probably be best to do so in the linker. It seems that the code sequence
- for thread-local variable access is unlikely to lead to a Spectre Revalation
- Gadget.
-- PLT stubs are produced by the linker and each contain a BLR instruction.
- It seems that at most only after the last PLT stub a Spectre Revalation
- Gadget might appear.
-
-Testing:
- Bootstrap and regtest on AArch64
- (with BOOT_CFLAGS="-mharden-sls=retbr,blr")
- Used a temporary hack(1) in gcc-dg.exp to use these options on every
- test in the testsuite, a slight modification to emit the speculation
- barrier after every function stub, and a script to check that the
- output never emitted a BLR, or unmitigated BR or RET instruction.
- Similar on an aarch64-none-elf cross-compiler.
-
-1) Temporary hack emitted a speculation barrier at the end of every stub
-function, and used a script to ensure that:
- a) Every RET or BR is immediately followed by a speculation barrier.
- b) No BLR instruction is emitted by compiler.
-
-gcc/ChangeLog:
-
- * config/aarch64/aarch64-protos.h (aarch64_indirect_call_asm):
- New declaration.
- * config/aarch64/aarch64.c (aarch64_regno_regclass): Handle new
- stub registers class.
- (aarch64_class_max_nregs): Likewise.
- (aarch64_register_move_cost): Likewise.
- (aarch64_sls_shared_thunks): Global array to store stub labels.
- (aarch64_sls_emit_function_stub): New.
- (aarch64_create_blr_label): New.
- (aarch64_sls_emit_blr_function_thunks): New.
- (aarch64_sls_emit_shared_blr_thunks): New.
- (aarch64_asm_file_end): New.
- (aarch64_indirect_call_asm): New.
- (TARGET_ASM_FILE_END): Use aarch64_asm_file_end.
- (TARGET_ASM_FUNCTION_EPILOGUE): Use
- aarch64_sls_emit_blr_function_thunks.
- * config/aarch64/aarch64.h (STB_REGNUM_P): New.
- (enum reg_class): Add STUB_REGS class.
- (machine_function): Introduce `call_via` array for
- function-local stub labels.
- * config/aarch64/aarch64.md (*call_insn, *call_value_insn): Use
- aarch64_indirect_call_asm to emit code when hardening BLR
- instructions.
- * config/aarch64/constraints.md (Ucr): New constraint
- representing registers for indirect calls. Is GENERAL_REGS
- usually, and STUB_REGS when hardening BLR instruction against
- SLS.
- * config/aarch64/predicates.md (aarch64_general_reg): STUB_REGS class
- is also a general register.
-
-gcc/testsuite/ChangeLog:
-
- * gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c: New test.
- * gcc.target/aarch64/sls-mitigation/sls-miti-blr.c: New test.
----
- gcc/config/aarch64/aarch64-protos.h | 1 +
- gcc/config/aarch64/aarch64.c | 225 ++++++++++++++++++++-
- gcc/config/aarch64/aarch64.h | 15 ++
- gcc/config/aarch64/aarch64.md | 11 +-
- gcc/config/aarch64/constraints.md | 9 +
- gcc/config/aarch64/predicates.md | 3 +-
- .../aarch64/sls-mitigation/sls-miti-blr-bti.c | 40 ++++
- .../aarch64/sls-mitigation/sls-miti-blr.c | 33 +++
- 8 files changed, 328 insertions(+), 9 deletions(-)
- create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c
- create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr.c
-
-diff --git a/gcc/config/aarch64/aarch64-protos.h b/gcc/config/aarch64/aarch64-protos.h
-index ee0ffde..839f801 100644
---- a/gcc/config/aarch64/aarch64-protos.h
-+++ b/gcc/config/aarch64/aarch64-protos.h
-@@ -782,6 +782,7 @@ extern const atomic_ool_names aarch64_ool_ldeor_names;
- tree aarch64_resolve_overloaded_builtin_general (location_t, tree, void *);
-
- const char *aarch64_sls_barrier (int);
-+const char *aarch64_indirect_call_asm (rtx);
- extern bool aarch64_harden_sls_retbr_p (void);
- extern bool aarch64_harden_sls_blr_p (void);
-
-diff --git a/gcc/config/aarch64/aarch64.c b/gcc/config/aarch64/aarch64.c
-index 2389d49..0f7bba3 100644
---- a/gcc/config/aarch64/aarch64.c
-+++ b/gcc/config/aarch64/aarch64.c
-@@ -10605,6 +10605,9 @@ aarch64_label_mentioned_p (rtx x)
- enum reg_class
- aarch64_regno_regclass (unsigned regno)
- {
-+ if (STUB_REGNUM_P (regno))
-+ return STUB_REGS;
-+
- if (GP_REGNUM_P (regno))
- return GENERAL_REGS;
-
-@@ -10939,6 +10942,7 @@ aarch64_class_max_nregs (reg_class_t regclass, machine_mode mode)
- unsigned int nregs, vec_flags;
- switch (regclass)
- {
-+ case STUB_REGS:
- case TAILCALL_ADDR_REGS:
- case POINTER_REGS:
- case GENERAL_REGS:
-@@ -13155,10 +13159,12 @@ aarch64_register_move_cost (machine_mode mode,
- = aarch64_tune_params.regmove_cost;
-
- /* Caller save and pointer regs are equivalent to GENERAL_REGS. */
-- if (to == TAILCALL_ADDR_REGS || to == POINTER_REGS)
-+ if (to == TAILCALL_ADDR_REGS || to == POINTER_REGS
-+ || to == STUB_REGS)
- to = GENERAL_REGS;
-
-- if (from == TAILCALL_ADDR_REGS || from == POINTER_REGS)
-+ if (from == TAILCALL_ADDR_REGS || from == POINTER_REGS
-+ || from == STUB_REGS)
- from = GENERAL_REGS;
-
- /* Make RDFFR very expensive. In particular, if we know that the FFR
-@@ -22957,6 +22963,215 @@ aarch64_sls_barrier (int mitigation_required)
- : "";
- }
-
-+static GTY (()) tree aarch64_sls_shared_thunks[30];
-+static GTY (()) bool aarch64_sls_shared_thunks_needed = false;
-+const char *indirect_symbol_names[30] = {
-+ "__call_indirect_x0",
-+ "__call_indirect_x1",
-+ "__call_indirect_x2",
-+ "__call_indirect_x3",
-+ "__call_indirect_x4",
-+ "__call_indirect_x5",
-+ "__call_indirect_x6",
-+ "__call_indirect_x7",
-+ "__call_indirect_x8",
-+ "__call_indirect_x9",
-+ "__call_indirect_x10",
-+ "__call_indirect_x11",
-+ "__call_indirect_x12",
-+ "__call_indirect_x13",
-+ "__call_indirect_x14",
-+ "__call_indirect_x15",
-+ "", /* "__call_indirect_x16", */
-+ "", /* "__call_indirect_x17", */
-+ "__call_indirect_x18",
-+ "__call_indirect_x19",
-+ "__call_indirect_x20",
-+ "__call_indirect_x21",
-+ "__call_indirect_x22",
-+ "__call_indirect_x23",
-+ "__call_indirect_x24",
-+ "__call_indirect_x25",
-+ "__call_indirect_x26",
-+ "__call_indirect_x27",
-+ "__call_indirect_x28",
-+ "__call_indirect_x29",
-+};
-+
-+/* Function to create a BLR thunk. This thunk is used to mitigate straight
-+ line speculation. Instead of a simple BLR that can be speculated past,
-+ we emit a BL to this thunk, and this thunk contains a BR to the relevant
-+ register. These thunks have the relevant speculation barries put after
-+ their indirect branch so that speculation is blocked.
-+
-+ We use such a thunk so the speculation barriers are kept off the
-+ architecturally executed path in order to reduce the performance overhead.
-+
-+ When optimizing for size we use stubs shared by the linked object.
-+ When optimizing for performance we emit stubs for each function in the hope
-+ that the branch predictor can better train on jumps specific for a given
-+ function. */
-+rtx
-+aarch64_sls_create_blr_label (int regnum)
-+{
-+ gcc_assert (STUB_REGNUM_P (regnum));
-+ if (optimize_function_for_size_p (cfun))
-+ {
-+ /* For the thunks shared between different functions in this compilation
-+ unit we use a named symbol -- this is just for users to more easily
-+ understand the generated assembly. */
-+ aarch64_sls_shared_thunks_needed = true;
-+ const char *thunk_name = indirect_symbol_names[regnum];
-+ if (aarch64_sls_shared_thunks[regnum] == NULL)
-+ {
-+ /* Build a decl representing this function stub and record it for
-+ later. We build a decl here so we can use the GCC machinery for
-+ handling sections automatically (through `get_named_section` and
-+ `make_decl_one_only`). That saves us a lot of trouble handling
-+ the specifics of different output file formats. */
-+ tree decl = build_decl (BUILTINS_LOCATION, FUNCTION_DECL,
-+ get_identifier (thunk_name),
-+ build_function_type_list (void_type_node,
-+ NULL_TREE));
-+ DECL_RESULT (decl) = build_decl (BUILTINS_LOCATION, RESULT_DECL,
-+ NULL_TREE, void_type_node);
-+ TREE_PUBLIC (decl) = 1;
-+ TREE_STATIC (decl) = 1;
-+ DECL_IGNORED_P (decl) = 1;
-+ DECL_ARTIFICIAL (decl) = 1;
-+ make_decl_one_only (decl, DECL_ASSEMBLER_NAME (decl));
-+ resolve_unique_section (decl, 0, false);
-+ aarch64_sls_shared_thunks[regnum] = decl;
-+ }
-+
-+ return gen_rtx_SYMBOL_REF (Pmode, thunk_name);
-+ }
-+
-+ if (cfun->machine->call_via[regnum] == NULL)
-+ cfun->machine->call_via[regnum]
-+ = gen_rtx_LABEL_REF (Pmode, gen_label_rtx ());
-+ return cfun->machine->call_via[regnum];
-+}
-+
-+/* Helper function for aarch64_sls_emit_blr_function_thunks and
-+ aarch64_sls_emit_shared_blr_thunks below. */
-+static void
-+aarch64_sls_emit_function_stub (FILE *out_file, int regnum)
-+{
-+ /* Save in x16 and branch to that function so this transformation does
-+ not prevent jumping to `BTI c` instructions. */
-+ asm_fprintf (out_file, "\tmov\tx16, x%d\n", regnum);
-+ asm_fprintf (out_file, "\tbr\tx16\n");
-+}
-+
-+/* Emit all BLR stubs for this particular function.
-+ Here we emit all the BLR stubs needed for the current function. Since we
-+ emit these stubs in a consecutive block we know there will be no speculation
-+ gadgets between each stub, and hence we only emit a speculation barrier at
-+ the end of the stub sequences.
-+
-+ This is called in the TARGET_ASM_FUNCTION_EPILOGUE hook. */
-+void
-+aarch64_sls_emit_blr_function_thunks (FILE *out_file)
-+{
-+ if (! aarch64_harden_sls_blr_p ())
-+ return;
-+
-+ bool any_functions_emitted = false;
-+ /* We must save and restore the current function section since this assembly
-+ is emitted at the end of the function. This means it can be emitted *just
-+ after* the cold section of a function. That cold part would be emitted in
-+ a different section. That switch would trigger a `.cfi_endproc` directive
-+ to be emitted in the original section and a `.cfi_startproc` directive to
-+ be emitted in the new section. Switching to the original section without
-+ restoring would mean that the `.cfi_endproc` emitted as a function ends
-+ would happen in a different section -- leaving an unmatched
-+ `.cfi_startproc` in the cold text section and an unmatched `.cfi_endproc`
-+ in the standard text section. */
-+ section *save_text_section = in_section;
-+ switch_to_section (function_section (current_function_decl));
-+ for (int regnum = 0; regnum < 30; ++regnum)
-+ {
-+ rtx specu_label = cfun->machine->call_via[regnum];
-+ if (specu_label == NULL)
-+ continue;
-+
-+ targetm.asm_out.print_operand (out_file, specu_label, 0);
-+ asm_fprintf (out_file, ":\n");
-+ aarch64_sls_emit_function_stub (out_file, regnum);
-+ any_functions_emitted = true;
-+ }
-+ if (any_functions_emitted)
-+ /* Can use the SB if needs be here, since this stub will only be used
-+ by the current function, and hence for the current target. */
-+ asm_fprintf (out_file, "\t%s\n", aarch64_sls_barrier (true));
-+ switch_to_section (save_text_section);
-+}
-+
-+/* Emit shared BLR stubs for the current compilation unit.
-+ Over the course of compiling this unit we may have converted some BLR
-+ instructions to a BL to a shared stub function. This is where we emit those
-+ stub functions.
-+ This function is for the stubs shared between different functions in this
-+ compilation unit. We share when optimizing for size instead of speed.
-+
-+ This function is called through the TARGET_ASM_FILE_END hook. */
-+void
-+aarch64_sls_emit_shared_blr_thunks (FILE *out_file)
-+{
-+ if (! aarch64_sls_shared_thunks_needed)
-+ return;
-+
-+ for (int regnum = 0; regnum < 30; ++regnum)
-+ {
-+ tree decl = aarch64_sls_shared_thunks[regnum];
-+ if (!decl)
-+ continue;
-+
-+ const char *name = indirect_symbol_names[regnum];
-+ switch_to_section (get_named_section (decl, NULL, 0));
-+ ASM_OUTPUT_ALIGN (out_file, 2);
-+ targetm.asm_out.globalize_label (out_file, name);
-+ /* Only emits if the compiler is configured for an assembler that can
-+ handle visibility directives. */
-+ targetm.asm_out.assemble_visibility (decl, VISIBILITY_HIDDEN);
-+ ASM_OUTPUT_TYPE_DIRECTIVE (out_file, name, "function");
-+ ASM_OUTPUT_LABEL (out_file, name);
-+ aarch64_sls_emit_function_stub (out_file, regnum);
-+ /* Use the most conservative target to ensure it can always be used by any
-+ function in the translation unit. */
-+ asm_fprintf (out_file, "\tdsb\tsy\n\tisb\n");
-+ ASM_DECLARE_FUNCTION_SIZE (out_file, name, decl);
-+ }
-+}
-+
-+/* Implement TARGET_ASM_FILE_END. */
-+void
-+aarch64_asm_file_end ()
-+{
-+ aarch64_sls_emit_shared_blr_thunks (asm_out_file);
-+ /* Since this function will be called for the ASM_FILE_END hook, we ensure
-+ that what would be called otherwise (e.g. `file_end_indicate_exec_stack`
-+ for FreeBSD) still gets called. */
-+#ifdef TARGET_ASM_FILE_END
-+ TARGET_ASM_FILE_END ();
-+#endif
-+}
-+
-+const char *
-+aarch64_indirect_call_asm (rtx addr)
-+{
-+ gcc_assert (REG_P (addr));
-+ if (aarch64_harden_sls_blr_p ())
-+ {
-+ rtx stub_label = aarch64_sls_create_blr_label (REGNO (addr));
-+ output_asm_insn ("bl\t%0", &stub_label);
-+ }
-+ else
-+ output_asm_insn ("blr\t%0", &addr);
-+ return "";
-+}
-+
- /* Target-specific selftests. */
-
- #if CHECKING_P
-@@ -23507,6 +23722,12 @@ aarch64_libgcc_floating_mode_supported_p
- #undef TARGET_MD_ASM_ADJUST
- #define TARGET_MD_ASM_ADJUST arm_md_asm_adjust
-
-+#undef TARGET_ASM_FILE_END
-+#define TARGET_ASM_FILE_END aarch64_asm_file_end
-+
-+#undef TARGET_ASM_FUNCTION_EPILOGUE
-+#define TARGET_ASM_FUNCTION_EPILOGUE aarch64_sls_emit_blr_function_thunks
-+
- struct gcc_target targetm = TARGET_INITIALIZER;
-
- #include "gt-aarch64.h"
-diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h
-index 8e0fc37..7331450 100644
---- a/gcc/config/aarch64/aarch64.h
-+++ b/gcc/config/aarch64/aarch64.h
-@@ -643,6 +643,16 @@ extern unsigned aarch64_architecture_version;
- #define GP_REGNUM_P(REGNO) \
- (((unsigned) (REGNO - R0_REGNUM)) <= (R30_REGNUM - R0_REGNUM))
-
-+/* Registers known to be preserved over a BL instruction. This consists of the
-+ GENERAL_REGS without x16, x17, and x30. The x30 register is changed by the
-+ BL instruction itself, while the x16 and x17 registers may be used by
-+ veneers which can be inserted by the linker. */
-+#define STUB_REGNUM_P(REGNO) \
-+ (GP_REGNUM_P (REGNO) \
-+ && (REGNO) != R16_REGNUM \
-+ && (REGNO) != R17_REGNUM \
-+ && (REGNO) != R30_REGNUM) \
-+
- #define FP_REGNUM_P(REGNO) \
- (((unsigned) (REGNO - V0_REGNUM)) <= (V31_REGNUM - V0_REGNUM))
-
-@@ -667,6 +677,7 @@ enum reg_class
- {
- NO_REGS,
- TAILCALL_ADDR_REGS,
-+ STUB_REGS,
- GENERAL_REGS,
- STACK_REG,
- POINTER_REGS,
-@@ -689,6 +700,7 @@ enum reg_class
- { \
- "NO_REGS", \
- "TAILCALL_ADDR_REGS", \
-+ "STUB_REGS", \
- "GENERAL_REGS", \
- "STACK_REG", \
- "POINTER_REGS", \
-@@ -708,6 +720,7 @@ enum reg_class
- { \
- { 0x00000000, 0x00000000, 0x00000000 }, /* NO_REGS */ \
- { 0x00030000, 0x00000000, 0x00000000 }, /* TAILCALL_ADDR_REGS */\
-+ { 0x3ffcffff, 0x00000000, 0x00000000 }, /* STUB_REGS */ \
- { 0x7fffffff, 0x00000000, 0x00000003 }, /* GENERAL_REGS */ \
- { 0x80000000, 0x00000000, 0x00000000 }, /* STACK_REG */ \
- { 0xffffffff, 0x00000000, 0x00000003 }, /* POINTER_REGS */ \
-@@ -862,6 +875,8 @@ typedef struct GTY (()) machine_function
- struct aarch64_frame frame;
- /* One entry for each hard register. */
- bool reg_is_wrapped_separately[LAST_SAVED_REGNUM];
-+ /* One entry for each general purpose register. */
-+ rtx call_via[SP_REGNUM];
- bool label_is_assembled;
- } machine_function;
- #endif
-diff --git a/gcc/config/aarch64/aarch64.md b/gcc/config/aarch64/aarch64.md
-index dda04ee..43da754 100644
---- a/gcc/config/aarch64/aarch64.md
-+++ b/gcc/config/aarch64/aarch64.md
-@@ -1022,16 +1022,15 @@
- )
-
- (define_insn "*call_insn"
-- [(call (mem:DI (match_operand:DI 0 "aarch64_call_insn_operand" "r, Usf"))
-+ [(call (mem:DI (match_operand:DI 0 "aarch64_call_insn_operand" "Ucr, Usf"))
- (match_operand 1 "" ""))
- (unspec:DI [(match_operand:DI 2 "const_int_operand")] UNSPEC_CALLEE_ABI)
- (clobber (reg:DI LR_REGNUM))]
- ""
- "@
-- blr\\t%0
-+ * return aarch64_indirect_call_asm (operands[0]);
- bl\\t%c0"
-- [(set_attr "type" "call, call")]
--)
-+ [(set_attr "type" "call, call")])
-
- (define_expand "call_value"
- [(parallel
-@@ -1050,13 +1049,13 @@
-
- (define_insn "*call_value_insn"
- [(set (match_operand 0 "" "")
-- (call (mem:DI (match_operand:DI 1 "aarch64_call_insn_operand" "r, Usf"))
-+ (call (mem:DI (match_operand:DI 1 "aarch64_call_insn_operand" "Ucr, Usf"))
- (match_operand 2 "" "")))
- (unspec:DI [(match_operand:DI 3 "const_int_operand")] UNSPEC_CALLEE_ABI)
- (clobber (reg:DI LR_REGNUM))]
- ""
- "@
-- blr\\t%1
-+ * return aarch64_indirect_call_asm (operands[1]);
- bl\\t%c1"
- [(set_attr "type" "call, call")]
- )
-diff --git a/gcc/config/aarch64/constraints.md b/gcc/config/aarch64/constraints.md
-index d993268..8cc6f50 100644
---- a/gcc/config/aarch64/constraints.md
-+++ b/gcc/config/aarch64/constraints.md
-@@ -24,6 +24,15 @@
- (define_register_constraint "Ucs" "TAILCALL_ADDR_REGS"
- "@internal Registers suitable for an indirect tail call")
-
-+(define_register_constraint "Ucr"
-+ "aarch64_harden_sls_blr_p () ? STUB_REGS : GENERAL_REGS"
-+ "@internal Registers to be used for an indirect call.
-+ This is usually the general registers, but when we are hardening against
-+ Straight Line Speculation we disallow x16, x17, and x30 so we can use
-+ indirection stubs. These indirection stubs cannot use the above registers
-+ since they will be reached by a BL that may have to go through a linker
-+ veneer.")
-+
- (define_register_constraint "w" "FP_REGS"
- "Floating point and SIMD vector registers.")
-
-diff --git a/gcc/config/aarch64/predicates.md b/gcc/config/aarch64/predicates.md
-index 215fcec..1754b1e 100644
---- a/gcc/config/aarch64/predicates.md
-+++ b/gcc/config/aarch64/predicates.md
-@@ -32,7 +32,8 @@
-
- (define_predicate "aarch64_general_reg"
- (and (match_operand 0 "register_operand")
-- (match_test "REGNO_REG_CLASS (REGNO (op)) == GENERAL_REGS")))
-+ (match_test "REGNO_REG_CLASS (REGNO (op)) == STUB_REGS
-+ || REGNO_REG_CLASS (REGNO (op)) == GENERAL_REGS")))
-
- ;; Return true if OP a (const_int 0) operand.
- (define_predicate "const0_operand"
-diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c
-new file mode 100644
-index 0000000..b1fb754
---- /dev/null
-+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c
-@@ -0,0 +1,40 @@
-+/* { dg-do compile } */
-+/* { dg-additional-options "-mharden-sls=blr -mbranch-protection=bti" } */
-+/*
-+ Ensure that the SLS hardening of BLR leaves no BLR instructions.
-+ Here we also check that there are no BR instructions with anything except an
-+ x16 or x17 register. This is because a `BTI c` instruction can be branched
-+ to using a BLR instruction using any register, but can only be branched to
-+ with a BR using an x16 or x17 register.
-+ */
-+typedef int (foo) (int, int);
-+typedef void (bar) (int, int);
-+struct sls_testclass {
-+ foo *x;
-+ bar *y;
-+ int left;
-+ int right;
-+};
-+
-+/* We test both RTL patterns for a call which returns a value and a call which
-+ does not. */
-+int blr_call_value (struct sls_testclass x)
-+{
-+ int retval = x.x(x.left, x.right);
-+ if (retval % 10)
-+ return 100;
-+ return 9;
-+}
-+
-+int blr_call (struct sls_testclass x)
-+{
-+ x.y(x.left, x.right);
-+ if (x.left % 10)
-+ return 100;
-+ return 9;
-+}
-+
-+/* { dg-final { scan-assembler-not {\tblr\t} } } */
-+/* { dg-final { scan-assembler-not {\tbr\tx(?!16|17)} } } */
-+/* { dg-final { scan-assembler {\tbr\tx(16|17)} } } */
-+
-diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr.c b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr.c
-new file mode 100644
-index 0000000..88bafff
---- /dev/null
-+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr.c
-@@ -0,0 +1,33 @@
-+/* { dg-additional-options "-mharden-sls=blr -save-temps" } */
-+/* Ensure that the SLS hardening of BLR leaves no BLR instructions.
-+ We only test that all BLR instructions have been removed, not that the
-+ resulting code makes sense. */
-+typedef int (foo) (int, int);
-+typedef void (bar) (int, int);
-+struct sls_testclass {
-+ foo *x;
-+ bar *y;
-+ int left;
-+ int right;
-+};
-+
-+/* We test both RTL patterns for a call which returns a value and a call which
-+ does not. */
-+int blr_call_value (struct sls_testclass x)
-+{
-+ int retval = x.x(x.left, x.right);
-+ if (retval % 10)
-+ return 100;
-+ return 9;
-+}
-+
-+int blr_call (struct sls_testclass x)
-+{
-+ x.y(x.left, x.right);
-+ if (x.left % 10)
-+ return 100;
-+ return 9;
-+}
-+
-+/* { dg-final { scan-assembler-not {\tblr\t} } } */
-+/* { dg-final { scan-assembler {\tbr\tx[0-9][0-9]?} } } */
---
-2.7.4
-
diff --git a/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch
new file mode 100644
index 0000000000..9f7a38ed2e
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch
@@ -0,0 +1,304 @@
+From 809330ab8450261e05919b472783bf15e4b000f7 Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Tue, 6 Jul 2021 15:10:18 +0100
+Subject: [PATCH] arm: Add tests for VLLDM mitigation [PR102035]
+
+New tests for the erratum mitigation.
+
+gcc/testsuite:
+ PR target/102035
+ * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c: New test.
+ * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c: Likewise.
+ * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c: Likewise.
+
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=809330ab8450261e05919b472783bf15e4b000f7]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ .../arm/cmse/mainline/8_1m/soft/cmse-13a.c | 31 +++++++++++++++++++
+ .../arm/cmse/mainline/8_1m/soft/cmse-7a.c | 28 +++++++++++++++++
+ .../arm/cmse/mainline/8_1m/soft/cmse-8a.c | 30 ++++++++++++++++++
+ .../cmse/mainline/8_1m/softfp-sp/cmse-7a.c | 27 ++++++++++++++++
+ .../cmse/mainline/8_1m/softfp-sp/cmse-8a.c | 29 +++++++++++++++++
+ .../arm/cmse/mainline/8_1m/softfp/cmse-13a.c | 30 ++++++++++++++++++
+ .../arm/cmse/mainline/8_1m/softfp/cmse-7a.c | 27 ++++++++++++++++
+ .../arm/cmse/mainline/8_1m/softfp/cmse-8a.c | 29 +++++++++++++++++
+ 8 files changed, 231 insertions(+)
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c
+ create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c
+
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,31 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
++
++#include "../../../cmse-13.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler-not "vmov" } } */
++/* { dg-final { scan-assembler-not "vmsr" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,28 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
++
++#include "../../../cmse-7.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler-not "vmov" } } */
++/* { dg-final { scan-assembler-not "vmsr" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,30 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */
++
++#include "../../../cmse-8.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler-not "vmov" } } */
++/* { dg-final { scan-assembler-not "vmsr" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,30 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
++
++#include "../../../cmse-13.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,27 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
++
++#include "../../../cmse-7.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 2021-11-11 20:38:44.290766017 -0800
+@@ -0,0 +1,29 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */
++
++#include "../../../cmse-8.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,27 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */
++
++#include "../../../cmse-7.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
+diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c
+--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 2021-11-11 20:38:44.286766084 -0800
+@@ -0,0 +1,29 @@
++/* { dg-do compile } */
++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */
++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */
++/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */
++
++#include "../../../cmse-8.x"
++
++/* Checks for saving and clearing prior to function call. */
++/* Shift on the same register as blxns. */
++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */
++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */
++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */
++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++/* { dg-final { scan-assembler "vlstm\tsp" } } */
++/* Check the right registers are cleared and none appears twice. */
++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */
++/* Check that the right number of registers is cleared and thus only one
++ register is missing. */
++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */
++/* Check that no cleared register is used for blxns. */
++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */
++/* Check for v8.1-m variant of erratum work-around. */
++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */
++/* { dg-final { scan-assembler "vlldm\tsp" } } */
++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */
++
++/* Now we check that we use the correct intrinsic to call. */
++/* { dg-final { scan-assembler "blxns" } } */
diff --git a/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch
new file mode 100644
index 0000000000..877b8a6452
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch
@@ -0,0 +1,138 @@
+From 1a7f2c0774129750fdf73e9f1b78f0ce983c9ab3 Mon Sep 17 00:00:00 2001
+From: David Malcolm <dmalcolm@redhat.com>
+Date: Tue, 2 Nov 2021 09:54:32 -0400
+Subject: [PATCH] libcpp: escape non-ASCII source bytes in -Wbidi-chars=
+ [PR103026]
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+This flags rich_locations associated with -Wbidi-chars= so that
+non-ASCII bytes will be escaped when printing the source lines
+(using the diagnostics support I added in
+r12-4825-gbd5e882cf6e0def3dd1bc106075d59a303fe0d1e).
+
+In particular, this ensures that the printed source lines will
+be pure ASCII, and thus the visual ordering of the characters
+will be the same as the logical ordering.
+
+Before:
+
+ Wbidi-chars-1.c: In function âmainâ:
+ Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=]
+ 6 | /*â® } â¦if (isAdmin)⩠⦠begin admins only */
+ | ^
+ Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=]
+ 9 | /* end admins only â® { â¦*/
+ | ^
+
+ Wbidi-chars-11.c:6:15: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=]
+ 6 | int LRE_âª_PDF_\u202c;
+ | ^
+ Wbidi-chars-11.c:8:19: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=]
+ 8 | int LRE_\u202a_PDF_â¬_;
+ | ^
+ Wbidi-chars-11.c:10:28: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=]
+ 10 | const char *s1 = "LRE_âª_PDF_\u202c";
+ | ^
+ Wbidi-chars-11.c:12:33: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=]
+ 12 | const char *s2 = "LRE_\u202a_PDF_â¬";
+ | ^
+
+After:
+
+ Wbidi-chars-1.c: In function âmainâ:
+ Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=]
+ 6 | /*<U+202E> } <U+2066>if (isAdmin)<U+2069> <U+2066> begin admins only */
+ | ^
+ Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=]
+ 9 | /* end admins only <U+202E> { <U+2066>*/
+ | ^
+
+ Wbidi-chars-11.c:6:15: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=]
+ 6 | int LRE_<U+202A>_PDF_\u202c;
+ | ^
+ Wbidi-chars-11.c:8:19: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=]
+ 8 | int LRE_\u202a_PDF_<U+202C>_;
+ | ^
+ Wbidi-chars-11.c:10:28: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=]
+ 10 | const char *s1 = "LRE_<U+202A>_PDF_\u202c";
+ | ^
+ Wbidi-chars-11.c:12:33: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=]
+ 12 | const char *s2 = "LRE_\u202a_PDF_<U+202C>";
+ | ^
+
+libcpp/ChangeLog:
+ PR preprocessor/103026
+ * lex.c (maybe_warn_bidi_on_close): Use a rich_location
+ and call set_escape_on_output (true) on it.
+ (maybe_warn_bidi_on_char): Likewise.
+
+Signed-off-by: David Malcolm <dmalcolm@redhat.com>
+
+CVE: CVE-2021-42574
+Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a7f2c0774129750fdf73e9f1b78f0ce983c9ab3]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ libcpp/lex.c | 29 +++++++++++++++++------------
+ 1 file changed, 17 insertions(+), 12 deletions(-)
+
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+--- a/libcpp/lex.c 2021-12-14 20:44:11.647815287 -0800
++++ b/libcpp/lex.c 2021-12-14 20:43:38.008383220 -0800
+@@ -1427,9 +1427,11 @@ maybe_warn_bidi_on_close (cpp_reader *pf
+ const location_t loc
+ = linemap_position_for_column (pfile->line_table,
+ CPP_BUF_COLUMN (pfile->buffer, p));
+- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0,
+- "unpaired UTF-8 bidirectional control character "
+- "detected");
++ rich_location rich_loc (pfile->line_table, loc);
++ rich_loc.set_escape_on_output (true);
++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
++ "unpaired UTF-8 bidirectional control character "
++ "detected");
+ }
+ /* We're done with this context. */
+ bidi::on_close ();
+@@ -1454,6 +1456,9 @@ maybe_warn_bidi_on_char (cpp_reader *pfi
+ const location_t loc
+ = linemap_position_for_column (pfile->line_table,
+ CPP_BUF_COLUMN (pfile->buffer, p));
++ rich_location rich_loc (pfile->line_table, loc);
++ rich_loc.set_escape_on_output (true);
++
+ /* It seems excessive to warn about a PDI/PDF that is closing
+ an opened context because we've already warned about the
+ opening character. Except warn when we have a UCN x UTF-8
+@@ -1462,20 +1467,20 @@ maybe_warn_bidi_on_char (cpp_reader *pfi
+ {
+ if (warn_bidi == bidirectional_unpaired
+ && bidi::current_ctx_ucn_p () != ucn_p)
+- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0,
+- "UTF-8 vs UCN mismatch when closing "
+- "a context by \"%s\"", bidi::to_str (kind));
++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
++ "UTF-8 vs UCN mismatch when closing "
++ "a context by \"%s\"", bidi::to_str (kind));
+ }
+ else if (warn_bidi == bidirectional_any)
+ {
+ if (kind == bidi::kind::PDF || kind == bidi::kind::PDI)
+- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0,
+- "\"%s\" is closing an unopened context",
+- bidi::to_str (kind));
++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
++ "\"%s\" is closing an unopened context",
++ bidi::to_str (kind));
+ else
+- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0,
+- "found problematic Unicode character \"%s\"",
+- bidi::to_str (kind));
++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
++ "found problematic Unicode character \"%s\"",
++ bidi::to_str (kind));
+ }
+ }
+ /* We're done with this context. */
diff --git a/meta/recipes-devtools/gcc/gcc/0005-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0005-CVE-2021-42574.patch
new file mode 100644
index 0000000000..6e983a67b6
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0005-CVE-2021-42574.patch
@@ -0,0 +1,575 @@
+From bef32d4a28595e933f24fef378cf052a30b674a7 Mon Sep 17 00:00:00 2001
+From: David Malcolm <dmalcolm@redhat.com>
+Date: Tue, 2 Nov 2021 15:45:22 -0400
+Subject: [PATCH] libcpp: capture and underline ranges in -Wbidi-chars=
+ [PR103026]
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+This patch converts the bidi::vec to use a struct so that we can
+capture location_t values for the bidirectional control characters.
+
+Before:
+
+ Wbidi-chars-1.c: In function âmainâ:
+ Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=]
+ 6 | /*<U+202E> } <U+2066>if (isAdmin)<U+2069> <U+2066> begin admins only */
+ | ^
+ Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=]
+ 9 | /* end admins only <U+202E> { <U+2066>*/
+ | ^
+
+After:
+
+ Wbidi-chars-1.c: In function âmainâ:
+ Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control characters detected [-Wbidi-chars=]
+ 6 | /*<U+202E> } <U+2066>if (isAdmin)<U+2069> <U+2066> begin admins only */
+ | ~~~~~~~~ ~~~~~~~~ ^
+ | | | |
+ | | | end of bidirectional context
+ | U+202E (RIGHT-TO-LEFT OVERRIDE) U+2066 (LEFT-TO-RIGHT ISOLATE)
+ Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control characters detected [-Wbidi-chars=]
+ 9 | /* end admins only <U+202E> { <U+2066>*/
+ | ~~~~~~~~ ~~~~~~~~ ^
+ | | | |
+ | | | end of bidirectional context
+ | | U+2066 (LEFT-TO-RIGHT ISOLATE)
+ | U+202E (RIGHT-TO-LEFT OVERRIDE)
+
+Signed-off-by: David Malcolm <dmalcolm@redhat.com>
+
+gcc/testsuite/ChangeLog:
+ PR preprocessor/103026
+ * c-c++-common/Wbidi-chars-ranges.c: New test.
+
+libcpp/ChangeLog:
+ PR preprocessor/103026
+ * lex.c (struct bidi::context): New.
+ (bidi::vec): Convert to a vec of context rather than unsigned
+ char.
+ (bidi::ctx_at): Rename to...
+ (bidi::pop_kind_at): ...this and reimplement for above change.
+ (bidi::current_ctx): Update for change to vec.
+ (bidi::current_ctx_ucn_p): Likewise.
+ (bidi::current_ctx_loc): New.
+ (bidi::on_char): Update for usage of context struct. Add "loc"
+ param and pass it when pushing contexts.
+ (get_location_for_byte_range_in_cur_line): New.
+ (get_bidi_utf8): Rename to...
+ (get_bidi_utf8_1): ...this, reintroducing...
+ (get_bidi_utf8): ...as a wrapper, setting *OUT when the result is
+ not NONE.
+ (get_bidi_ucn): Rename to...
+ (get_bidi_ucn_1): ...this, reintroducing...
+ (get_bidi_ucn): ...as a wrapper, setting *OUT when the result is
+ not NONE.
+ (class unpaired_bidi_rich_location): New.
+ (maybe_warn_bidi_on_close): Use unpaired_bidi_rich_location when
+ reporting on unpaired bidi chars. Split into singular vs plural
+ spellings.
+ (maybe_warn_bidi_on_char): Pass in a location_t rather than a
+ const uchar * and use it when emitting warnings, and when calling
+ bidi::on_char.
+ (_cpp_skip_block_comment): Capture location when kind is not NONE
+ and pass it to maybe_warn_bidi_on_char.
+ (skip_line_comment): Likewise.
+ (forms_identifier_p): Likewise.
+ (lex_raw_string): Likewise.
+ (lex_string): Likewise.
+
+Signed-off-by: David Malcolm <dmalcolm@redhat.com>
+
+CVE: CVE-2021-42574
+Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=bef32d4a28595e933f24fef378cf052a30b674a7]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+
+---
+ .../c-c++-common/Wbidi-chars-ranges.c | 54 ++++
+ libcpp/lex.c | 251 ++++++++++++++----
+ 2 files changed, 257 insertions(+), 48 deletions(-)
+ create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c
+
+diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c b/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c
+--- a/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c 1969-12-31 16:00:00.000000000 -0800
++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c 2021-12-25 01:39:55.116281847 -0800
+@@ -0,0 +1,54 @@
++/* PR preprocessor/103026 */
++/* { dg-do compile } */
++/* { dg-options "-Wbidi-chars=unpaired -fdiagnostics-show-caret" } */
++/* Verify that we escape and underline pertinent bidirectional
++ control characters when quoting the source. */
++
++int test_unpaired_bidi () {
++ int isAdmin = 0;
++ /*‮ } ⁦if (isAdmin)⁩ ⁦ begin admins only */
++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */
++#if 0
++ { dg-begin-multiline-output "" }
++ /*<U+202E> } <U+2066>if (isAdmin)<U+2069> <U+2066> begin admins only */
++ ~~~~~~~~ ~~~~~~~~ ^
++ | | |
++ | | end of bidirectional context
++ U+202E (RIGHT-TO-LEFT OVERRIDE) U+2066 (LEFT-TO-RIGHT ISOLATE)
++ { dg-end-multiline-output "" }
++#endif
++
++ __builtin_printf("You are an admin.\n");
++ /* end admins only ‮ { ⁦*/
++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */
++#if 0
++ { dg-begin-multiline-output "" }
++ /* end admins only <U+202E> { <U+2066>*/
++ ~~~~~~~~ ~~~~~~~~ ^
++ | | |
++ | | end of bidirectional context
++ | U+2066 (LEFT-TO-RIGHT ISOLATE)
++ U+202E (RIGHT-TO-LEFT OVERRIDE)
++ { dg-end-multiline-output "" }
++#endif
++
++ return 0;
++}
++
++int LRE_‪_PDF_\u202c;
++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */
++#if 0
++ { dg-begin-multiline-output "" }
++ int LRE_<U+202A>_PDF_\u202c;
++ ~~~~~~~~ ^~~~~~
++ { dg-end-multiline-output "" }
++#endif
++
++const char *s1 = "LRE_‪_PDF_\u202c";
++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */
++#if 0
++ { dg-begin-multiline-output "" }
++ const char *s1 = "LRE_<U+202A>_PDF_\u202c";
++ ~~~~~~~~ ^~~~~~
++ { dg-end-multiline-output "" }
++#endif
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+--- a/libcpp/lex.c 2021-12-25 01:41:16.522868808 -0800
++++ b/libcpp/lex.c 2021-12-25 06:28:58.530680302 -0800
+@@ -1172,11 +1172,34 @@ namespace bidi {
+ /* All the UTF-8 encodings of bidi characters start with E2. */
+ constexpr uchar utf8_start = 0xe2;
+
++ struct context
++ {
++ context () {}
++ context (location_t loc, kind k, bool pdf, bool ucn)
++ : m_loc (loc), m_kind (k), m_pdf (pdf), m_ucn (ucn)
++ {
++ }
++
++ kind get_pop_kind () const
++ {
++ return m_pdf ? kind::PDF : kind::PDI;
++ }
++ bool ucn_p () const
++ {
++ return m_ucn;
++ }
++
++ location_t m_loc;
++ kind m_kind;
++ unsigned m_pdf : 1;
++ unsigned m_ucn : 1;
++ };
++
+ /* A vector holding currently open bidi contexts. We use a char for
+ each context, its LSB is 1 if it represents a PDF context, 0 if it
+ represents a PDI context. The next bit is 1 if this context was open
+ by a bidi character written as a UCN, and 0 when it was UTF-8. */
+- semi_embedded_vec <unsigned char, 16> vec;
++ semi_embedded_vec <context, 16> vec;
+
+ /* Close the whole comment/identifier/string literal/character constant
+ context. */
+@@ -1193,19 +1216,19 @@ namespace bidi {
+ vec.truncate (len - 1);
+ }
+
+- /* Return the context of the Ith element. */
+- kind ctx_at (unsigned int i)
++ /* Return the pop kind of the context of the Ith element. */
++ kind pop_kind_at (unsigned int i)
+ {
+- return (vec[i] & 1) ? kind::PDF : kind::PDI;
++ return vec[i].get_pop_kind ();
+ }
+
+- /* Return which context is currently opened. */
++ /* Return the pop kind of the context that is currently opened. */
+ kind current_ctx ()
+ {
+ unsigned int len = vec.count ();
+ if (len == 0)
+ return kind::NONE;
+- return ctx_at (len - 1);
++ return vec[len - 1].get_pop_kind ();
+ }
+
+ /* Return true if the current context comes from a UCN origin, that is,
+@@ -1214,11 +1237,19 @@ namespace bidi {
+ {
+ unsigned int len = vec.count ();
+ gcc_checking_assert (len > 0);
+- return (vec[len - 1] >> 1) & 1;
++ return vec[len - 1].m_ucn;
+ }
+
+- /* We've read a bidi char, update the current vector as necessary. */
+- void on_char (kind k, bool ucn_p)
++ location_t current_ctx_loc ()
++ {
++ unsigned int len = vec.count ();
++ gcc_checking_assert (len > 0);
++ return vec[len - 1].m_loc;
++ }
++
++ /* We've read a bidi char, update the current vector as necessary.
++ LOC is only valid when K is not kind::NONE. */
++ void on_char (kind k, bool ucn_p, location_t loc)
+ {
+ switch (k)
+ {
+@@ -1226,12 +1257,12 @@ namespace bidi {
+ case kind::RLE:
+ case kind::LRO:
+ case kind::RLO:
+- vec.push (ucn_p ? 3u : 1u);
++ vec.push (context (loc, k, true, ucn_p));
+ break;
+ case kind::LRI:
+ case kind::RLI:
+ case kind::FSI:
+- vec.push (ucn_p ? 2u : 0u);
++ vec.push (context (loc, k, false, ucn_p));
+ break;
+ /* PDF terminates the scope of the last LRE, RLE, LRO, or RLO
+ whose scope has not yet been terminated. */
+@@ -1245,7 +1276,7 @@ namespace bidi {
+ yet been terminated. */
+ case kind::PDI:
+ for (int i = vec.count () - 1; i >= 0; --i)
+- if (ctx_at (i) == kind::PDI)
++ if (pop_kind_at (i) == kind::PDI)
+ {
+ vec.truncate (i);
+ break;
+@@ -1295,10 +1326,47 @@ namespace bidi {
+ }
+ }
+
++/* Get location_t for the range of bytes [START, START + NUM_BYTES)
++ within the current line in FILE, with the caret at START. */
++
++static location_t
++get_location_for_byte_range_in_cur_line (cpp_reader *pfile,
++ const unsigned char *const start,
++ size_t num_bytes)
++{
++ gcc_checking_assert (num_bytes > 0);
++
++ /* CPP_BUF_COLUMN and linemap_position_for_column both refer
++ to offsets in bytes, but CPP_BUF_COLUMN is 0-based,
++ whereas linemap_position_for_column is 1-based. */
++
++ /* Get 0-based offsets within the line. */
++ size_t start_offset = CPP_BUF_COLUMN (pfile->buffer, start);
++ size_t end_offset = start_offset + num_bytes - 1;
++
++ /* Now convert to location_t, where "columns" are 1-based byte offsets. */
++ location_t start_loc = linemap_position_for_column (pfile->line_table,
++ start_offset + 1);
++ location_t end_loc = linemap_position_for_column (pfile->line_table,
++ end_offset + 1);
++
++ if (start_loc == end_loc)
++ return start_loc;
++
++ source_range src_range;
++ src_range.m_start = start_loc;
++ src_range.m_finish = end_loc;
++ location_t combined_loc = COMBINE_LOCATION_DATA (pfile->line_table,
++ start_loc,
++ src_range,
++ NULL);
++ return combined_loc;
++}
++
+ /* Parse a sequence of 3 bytes starting with P and return its bidi code. */
+
+ static bidi::kind
+-get_bidi_utf8 (const unsigned char *const p)
++get_bidi_utf8_1 (const unsigned char *const p)
+ {
+ gcc_checking_assert (p[0] == bidi::utf8_start);
+
+@@ -1340,10 +1408,25 @@ get_bidi_utf8 (const unsigned char *cons
+ return bidi::kind::NONE;
+ }
+
++/* Parse a sequence of 3 bytes starting with P and return its bidi code.
++ If the kind is not NONE, write the location to *OUT.*/
++
++static bidi::kind
++get_bidi_utf8 (cpp_reader *pfile, const unsigned char *const p, location_t *out)
++{
++ bidi::kind result = get_bidi_utf8_1 (p);
++ if (result != bidi::kind::NONE)
++ {
++ /* We have a sequence of 3 bytes starting at P. */
++ *out = get_location_for_byte_range_in_cur_line (pfile, p, 3);
++ }
++ return result;
++}
++
+ /* Parse a UCN where P points just past \u or \U and return its bidi code. */
+
+ static bidi::kind
+-get_bidi_ucn (const unsigned char *p, bool is_U)
++get_bidi_ucn_1 (const unsigned char *p, bool is_U)
+ {
+ /* 6.4.3 Universal Character Names
+ \u hex-quad
+@@ -1412,6 +1495,62 @@ get_bidi_ucn (const unsigned char *p, bo
+ return bidi::kind::NONE;
+ }
+
++/* Parse a UCN where P points just past \u or \U and return its bidi code.
++ If the kind is not NONE, write the location to *OUT.*/
++
++static bidi::kind
++get_bidi_ucn (cpp_reader *pfile, const unsigned char *p, bool is_U,
++ location_t *out)
++{
++ bidi::kind result = get_bidi_ucn_1 (p, is_U);
++ if (result != bidi::kind::NONE)
++ {
++ const unsigned char *start = p - 2;
++ size_t num_bytes = 2 + (is_U ? 8 : 4);
++ *out = get_location_for_byte_range_in_cur_line (pfile, start, num_bytes);
++ }
++ return result;
++}
++
++/* Subclass of rich_location for reporting on unpaired UTF-8
++ bidirectional control character(s).
++ Escape the source lines on output, and show all unclosed
++ bidi context, labelling everything. */
++
++class unpaired_bidi_rich_location : public rich_location
++{
++ public:
++ class custom_range_label : public range_label
++ {
++ public:
++ label_text get_text (unsigned range_idx) const FINAL OVERRIDE
++ {
++ /* range 0 is the primary location; each subsequent range i + 1
++ is for bidi::vec[i]. */
++ if (range_idx > 0)
++ {
++ const bidi::context &ctxt (bidi::vec[range_idx - 1]);
++ return label_text::borrow (bidi::to_str (ctxt.m_kind));
++ }
++ else
++ return label_text::borrow (_("end of bidirectional context"));
++ }
++ };
++
++ unpaired_bidi_rich_location (cpp_reader *pfile, location_t loc)
++ : rich_location (pfile->line_table, loc, &m_custom_label)
++ {
++ set_escape_on_output (true);
++ for (unsigned i = 0; i < bidi::vec.count (); i++)
++ add_range (bidi::vec[i].m_loc,
++ SHOW_RANGE_WITHOUT_CARET,
++ &m_custom_label);
++ }
++
++ private:
++ custom_range_label m_custom_label;
++};
++
+ /* We're closing a bidi context, that is, we've encountered a newline,
+ are closing a C-style comment, or are at the end of a string literal,
+ character constant, or identifier. Warn if this context was not
+@@ -1427,11 +1566,17 @@ maybe_warn_bidi_on_close (cpp_reader *pf
+ const location_t loc
+ = linemap_position_for_column (pfile->line_table,
+ CPP_BUF_COLUMN (pfile->buffer, p));
+- rich_location rich_loc (pfile->line_table, loc);
+- rich_loc.set_escape_on_output (true);
+- cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
+- "unpaired UTF-8 bidirectional control character "
+- "detected");
++ unpaired_bidi_rich_location rich_loc (pfile, loc);
++ /* cpp_callbacks doesn't yet have a way to handle singular vs plural
++ forms of a diagnostic, so fake it for now. */
++ if (bidi::vec.count () > 1)
++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
++ "unpaired UTF-8 bidirectional control characters "
++ "detected");
++ else
++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
++ "unpaired UTF-8 bidirectional control character "
++ "detected");
+ }
+ /* We're done with this context. */
+ bidi::on_close ();
+@@ -1439,12 +1584,13 @@ maybe_warn_bidi_on_close (cpp_reader *pf
+
+ /* We're at the beginning or in the middle of an identifier/comment/string
+ literal/character constant. Warn if we've encountered a bidi character.
+- KIND says which bidi character it was; P points to it in the character
+- stream. UCN_P is true iff this bidi character was written as a UCN. */
++ KIND says which bidi control character it was; UCN_P is true iff this bidi
++ control character was written as a UCN. LOC is the location of the
++ character, but is only valid if KIND != bidi::kind::NONE. */
+
+ static void
+-maybe_warn_bidi_on_char (cpp_reader *pfile, const uchar *p, bidi::kind kind,
+- bool ucn_p)
++maybe_warn_bidi_on_char (cpp_reader *pfile, bidi::kind kind,
++ bool ucn_p, location_t loc)
+ {
+ if (__builtin_expect (kind == bidi::kind::NONE, 1))
+ return;
+@@ -1453,9 +1599,6 @@ maybe_warn_bidi_on_char (cpp_reader *pfi
+
+ if (warn_bidi != bidirectional_none)
+ {
+- const location_t loc
+- = linemap_position_for_column (pfile->line_table,
+- CPP_BUF_COLUMN (pfile->buffer, p));
+ rich_location rich_loc (pfile->line_table, loc);
+ rich_loc.set_escape_on_output (true);
+
+@@ -1467,9 +1610,12 @@ maybe_warn_bidi_on_char (cpp_reader *pfi
+ {
+ if (warn_bidi == bidirectional_unpaired
+ && bidi::current_ctx_ucn_p () != ucn_p)
+- cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
+- "UTF-8 vs UCN mismatch when closing "
+- "a context by \"%s\"", bidi::to_str (kind));
++ {
++ rich_loc.add_range (bidi::current_ctx_loc ());
++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc,
++ "UTF-8 vs UCN mismatch when closing "
++ "a context by \"%s\"", bidi::to_str (kind));
++ }
+ }
+ else if (warn_bidi == bidirectional_any)
+ {
+@@ -1484,7 +1630,7 @@ maybe_warn_bidi_on_char (cpp_reader *pfi
+ }
+ }
+ /* We're done with this context. */
+- bidi::on_char (kind, ucn_p);
++ bidi::on_char (kind, ucn_p, loc);
+ }
+
+ /* Skip a C-style block comment. We find the end of the comment by
+@@ -1552,8 +1698,9 @@ _cpp_skip_block_comment (cpp_reader *pfi
+ a bidirectional control character. */
+ else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p)
+ {
+- bidi::kind kind = get_bidi_utf8 (cur - 1);
+- maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/false);
++ location_t loc;
++ bidi::kind kind = get_bidi_utf8 (pfile, cur - 1, &loc);
++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc);
+ }
+ }
+
+@@ -1586,9 +1733,9 @@ skip_line_comment (cpp_reader *pfile)
+ {
+ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0))
+ {
+- bidi::kind kind = get_bidi_utf8 (buffer->cur);
+- maybe_warn_bidi_on_char (pfile, buffer->cur, kind,
+- /*ucn_p=*/false);
++ location_t loc;
++ bidi::kind kind = get_bidi_utf8 (pfile, buffer->cur, &loc);
++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc);
+ }
+ buffer->cur++;
+ }
+@@ -1734,9 +1881,9 @@ forms_identifier_p (cpp_reader *pfile, i
+ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0)
+ && warn_bidi_p)
+ {
+- bidi::kind kind = get_bidi_utf8 (buffer->cur);
+- maybe_warn_bidi_on_char (pfile, buffer->cur, kind,
+- /*ucn_p=*/false);
++ location_t loc;
++ bidi::kind kind = get_bidi_utf8 (pfile, buffer->cur, &loc);
++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc);
+ }
+ if (_cpp_valid_utf8 (pfile, &buffer->cur, buffer->rlimit, 1 + !first,
+ state, &s))
+@@ -1748,10 +1895,12 @@ forms_identifier_p (cpp_reader *pfile, i
+ buffer->cur += 2;
+ if (warn_bidi_p)
+ {
+- bidi::kind kind = get_bidi_ucn (buffer->cur,
+- buffer->cur[-1] == 'U');
+- maybe_warn_bidi_on_char (pfile, buffer->cur, kind,
+- /*ucn_p=*/true);
++ location_t loc;
++ bidi::kind kind = get_bidi_ucn (pfile,
++ buffer->cur,
++ buffer->cur[-1] == 'U',
++ &loc);
++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/true, loc);
+ }
+ if (_cpp_valid_ucn (pfile, &buffer->cur, buffer->rlimit, 1 + !first,
+ state, &s, NULL, NULL))
+@@ -2327,12 +2476,15 @@ lex_raw_string (cpp_reader *pfile, cpp_t
+ }
+ else if (__builtin_expect ((unsigned char) c == bidi::utf8_start, 0)
+ && warn_bidi_p)
+- maybe_warn_bidi_on_char (pfile, pos - 1, get_bidi_utf8 (pos - 1),
+- /*ucn_p=*/false);
++ {
++ location_t loc;
++ bidi::kind kind = get_bidi_utf8 (pfile, cur - 1, &loc);
++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc);
++ }
+ }
+
+ if (warn_bidi_p)
+- maybe_warn_bidi_on_close (pfile, pos);
++ maybe_warn_bidi_on_close (pfile, cur);
+
+ if (CPP_OPTION (pfile, user_literals))
+ {
+@@ -2438,8 +2590,10 @@ lex_string (cpp_reader *pfile, cpp_token
+ {
+ if ((cur[0] == 'u' || cur[0] == 'U') && warn_bidi_p)
+ {
+- bidi::kind kind = get_bidi_ucn (cur + 1, cur[0] == 'U');
+- maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/true);
++ location_t loc;
++ bidi::kind kind = get_bidi_ucn (pfile, cur + 1, cur[0] == 'U',
++ &loc);
++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/true, loc);
+ }
+ cur++;
+ }
+@@ -2467,8 +2621,9 @@ lex_string (cpp_reader *pfile, cpp_token
+ saw_NUL = true;
+ else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p)
+ {
+- bidi::kind kind = get_bidi_utf8 (cur - 1);
+- maybe_warn_bidi_on_char (pfile, cur - 1, kind, /*ucn_p=*/false);
++ location_t loc;
++ bidi::kind kind = get_bidi_utf8 (pfile, cur - 1, &loc);
++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc);
+ }
+ }
+
diff --git a/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch b/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch
index 88e1715b5c..03d7a41633 100644
--- a/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch
+++ b/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch
@@ -30,9 +30,8 @@ diff --git a/gcc/Makefile.in b/gcc/Makefile.in
index a67d2cc18d6..480c9366418 100644
--- a/gcc/Makefile.in
+++ b/gcc/Makefile.in
-@@ -3606,7 +3606,7 @@ install-plugin: installdirs lang.install-plugin s-header-vars install-gengtype
- # We keep the directory structure for files in config or c-family and .def
- # files. All other files are flattened to a single directory.
+ # We keep the directory structure for files in config, common/config or
+ # c-family and .def files. All other files are flattened to a single directory.
$(mkinstalldirs) $(DESTDIR)$(plugin_includedir)
- headers=`echo $(PLUGIN_HEADERS) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \
+ headers=`echo $(sort $(PLUGIN_HEADERS)) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \
diff --git a/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch b/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch
index ba7c2b8fd5..43d881fa5e 100644
--- a/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch
+++ b/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch
@@ -33,6 +33,6 @@ index f95b8279270..0e52d51409d 100644
+Target RejectNegative Var(rs6000_spe_abi, 0)
+Do not use the SPE ABI extensions.
+
+ ; Altivec ABI
mabi=altivec
Target RejectNegative Var(rs6000_altivec_abi) Save
- Use the AltiVec ABI extensions.
diff --git a/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch b/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch
index de82a3a539..4db3d15554 100644
--- a/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch
+++ b/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch
@@ -16,11 +16,11 @@ index 68ac72a78fb..71cd5815b81 100644
--- a/libstdc++-v3/config/os/mingw32/error_constants.h
+++ b/libstdc++-v3/config/os/mingw32/error_constants.h
@@ -107,7 +107,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION
- #ifdef _GLIBCXX_HAVE_EPERM
+ #ifdef EPERM
operation_not_permitted = EPERM,
#endif
-// operation_not_supported = EOPNOTSUPP,
+ operation_not_supported = EOPNOTSUPP,
- #ifdef _GLIBCXX_HAVE_EWOULDBLOCK
+ #ifdef EWOULDBLOCK
operation_would_block = EWOULDBLOCK,
#endif
diff --git a/meta/recipes-devtools/gcc/gcc_10.2.bb b/meta/recipes-devtools/gcc/gcc_10.3.bb
index 7d93590588..7d93590588 100644
--- a/meta/recipes-devtools/gcc/gcc_10.2.bb
+++ b/meta/recipes-devtools/gcc/gcc_10.3.bb
diff --git a/meta/recipes-devtools/gcc/libgcc-initial_10.2.bb b/meta/recipes-devtools/gcc/libgcc-initial_10.3.bb
index 0c698c26ec..0c698c26ec 100644
--- a/meta/recipes-devtools/gcc/libgcc-initial_10.2.bb
+++ b/meta/recipes-devtools/gcc/libgcc-initial_10.3.bb
diff --git a/meta/recipes-devtools/gcc/libgcc_10.2.bb b/meta/recipes-devtools/gcc/libgcc_10.3.bb
index ea210a1130..ea210a1130 100644
--- a/meta/recipes-devtools/gcc/libgcc_10.2.bb
+++ b/meta/recipes-devtools/gcc/libgcc_10.3.bb
diff --git a/meta/recipes-devtools/gcc/libgfortran_10.2.bb b/meta/recipes-devtools/gcc/libgfortran_10.3.bb
index 71dd8b4bdc..71dd8b4bdc 100644
--- a/meta/recipes-devtools/gcc/libgfortran_10.2.bb
+++ b/meta/recipes-devtools/gcc/libgfortran_10.3.bb
diff --git a/meta/recipes-devtools/glide/glide_0.13.3.bb b/meta/recipes-devtools/glide/glide_0.13.3.bb
index 6eb87df7c3..1a5c760cb3 100644
--- a/meta/recipes-devtools/glide/glide_0.13.3.bb
+++ b/meta/recipes-devtools/glide/glide_0.13.3.bb
@@ -5,7 +5,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=54905cf894f8cc416a92f4fc350c35b2"
GO_IMPORT = "github.com/Masterminds/glide"
-SRC_URI = "git://${GO_IMPORT}"
+SRC_URI = "git://${GO_IMPORT};branch=master;protocol=https"
SRCREV = "8ed5b9292379d86c39592a7e6a58eb9c903877cf"
inherit go
diff --git a/meta/recipes-devtools/gnu-config/gnu-config_git.bb b/meta/recipes-devtools/gnu-config/gnu-config_git.bb
index c41177c72b..da52c943f5 100644
--- a/meta/recipes-devtools/gnu-config/gnu-config_git.bb
+++ b/meta/recipes-devtools/gnu-config/gnu-config_git.bb
@@ -12,7 +12,7 @@ INHIBIT_DEFAULT_DEPS = "1"
SRCREV = "6faca61810d335c7837f320733fe8e15a1431fc2"
PV = "20210125+git${SRCPV}"
-SRC_URI = "git://git.savannah.gnu.org/config.git \
+SRC_URI = "git://git.savannah.gnu.org/git/config.git;protocol=https;branch=master \
file://gnu-configize.in"
S = "${WORKDIR}/git"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-devtools/go/go-1.16.7.inc b/meta/recipes-devtools/go/go-1.16.15.inc
index 9eca1caeeb..8b1ad22bcc 100644
--- a/meta/recipes-devtools/go/go-1.16.7.inc
+++ b/meta/recipes-devtools/go/go-1.16.15.inc
@@ -1,8 +1,8 @@
require go-common.inc
GO_BASEVERSION = "1.16"
-PV = "1.16.7"
-FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
+PV = "1.16.15"
+FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
@@ -18,7 +18,7 @@ SRC_URI += "\
file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
file://0001-encoding-xml-handle-leading-trailing-or-double-colon.patch \
"
-SRC_URI[main.sha256sum] = "1a9f2894d3d878729f7045072f30becebe243524cf2fce4e0a7b248b1e0654ac"
+SRC_URI[main.sha256sum] = "90a08c689279e35f3865ba510998c33a63255c36089b3ec206c912fc0568c3d3"
# Upstream don't believe it is a signifiant real world issue and will only
# fix in 1.17 onwards where we can drop this.
diff --git a/meta/recipes-devtools/go/go-binary-native_1.16.7.bb b/meta/recipes-devtools/go/go-binary-native_1.16.15.bb
index cb54c2868e..ba11ee5695 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.16.7.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.16.15.bb
@@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
PROVIDES = "go-native"
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "7fe7a73f55ba3e2285da36f8b085e5c0159e9564ef5f63ee0ed6b818ade8ef04"
-SRC_URI[go_linux_arm64.sha256sum] = "63d6b53ecbd2b05c1f0e9903c92042663f2f68afdbb67f4d0d12700156869bac"
+SRC_URI[go_linux_amd64.sha256sum] = "77c782a633186d78c384f972fb113a43c24be0234c42fef22c2d8c4c4c8e7475"
+SRC_URI[go_linux_arm64.sha256sum] = "c2f27f0ce5620a9bc2ff3446165d1974ef94e9b885ec12dbfa3c07e0e198b7ce"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.16.7.bb b/meta/recipes-devtools/go/go-cross-canadian_1.16.15.bb
index 7ac9449e47..7ac9449e47 100644
--- a/meta/recipes-devtools/go/go-cross-canadian_1.16.7.bb
+++ b/meta/recipes-devtools/go/go-cross-canadian_1.16.15.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.16.7.bb b/meta/recipes-devtools/go/go-cross_1.16.15.bb
index 80b5a03f6c..80b5a03f6c 100644
--- a/meta/recipes-devtools/go/go-cross_1.16.7.bb
+++ b/meta/recipes-devtools/go/go-cross_1.16.15.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.16.7.bb b/meta/recipes-devtools/go/go-crosssdk_1.16.15.bb
index 1857c8a577..1857c8a577 100644
--- a/meta/recipes-devtools/go/go-crosssdk_1.16.7.bb
+++ b/meta/recipes-devtools/go/go-crosssdk_1.16.15.bb
diff --git a/meta/recipes-devtools/go/go-native_1.16.7.bb b/meta/recipes-devtools/go/go-native_1.16.15.bb
index f14892cdb0..f14892cdb0 100644
--- a/meta/recipes-devtools/go/go-native_1.16.7.bb
+++ b/meta/recipes-devtools/go/go-native_1.16.15.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.16.7.bb b/meta/recipes-devtools/go/go-runtime_1.16.15.bb
index 63464a1501..63464a1501 100644
--- a/meta/recipes-devtools/go/go-runtime_1.16.7.bb
+++ b/meta/recipes-devtools/go/go-runtime_1.16.15.bb
diff --git a/meta/recipes-devtools/go/go_1.16.7.bb b/meta/recipes-devtools/go/go_1.16.15.bb
index 4e9e0ebec8..4e9e0ebec8 100644
--- a/meta/recipes-devtools/go/go_1.16.7.bb
+++ b/meta/recipes-devtools/go/go_1.16.15.bb
diff --git a/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb b/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
index 58d2dee897..d9e712f74a 100644
--- a/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
+++ b/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb
@@ -4,7 +4,7 @@ DESCRIPTION = "Libcomps is alternative for yum.comps library. It's written in pu
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "git://github.com/rpm-software-management/libcomps.git \
+SRC_URI = "git://github.com/rpm-software-management/libcomps.git;branch=master;protocol=https \
file://0001-Add-crc32.c-to-sources-list.patch \
file://0002-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \
"
diff --git a/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb b/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb
index dbe68d5a15..30b96bd81d 100644
--- a/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb
+++ b/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb
@@ -4,7 +4,7 @@ DESCRIPTION = "This library provides a high level package-manager. It's core lib
LICENSE = "LGPLv2.1+"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
-SRC_URI = "git://github.com/rpm-software-management/libdnf;branch=dnf-4-master \
+SRC_URI = "git://github.com/rpm-software-management/libdnf;branch=dnf-4-master;protocol=https \
file://0001-FindGtkDoc.cmake-drop-the-requirement-for-GTKDOC_SCA.patch \
file://0004-Set-libsolv-variables-with-pkg-config-cmake-s-own-mo.patch \
file://0001-Get-parameters-for-both-libsolv-and-libsolvext-libdn.patch \
diff --git a/meta/recipes-devtools/librepo/librepo_1.13.0.bb b/meta/recipes-devtools/librepo/librepo_1.13.0.bb
index 0a68e0ac4f..3f5919d0a2 100644
--- a/meta/recipes-devtools/librepo/librepo_1.13.0.bb
+++ b/meta/recipes-devtools/librepo/librepo_1.13.0.bb
@@ -5,7 +5,7 @@ DESCRIPTION = "${SUMMARY}"
LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
-SRC_URI = "git://github.com/rpm-software-management/librepo.git \
+SRC_URI = "git://github.com/rpm-software-management/librepo.git;branch=master;protocol=https \
file://0002-Do-not-try-to-obtain-PYTHON_INSTALL_DIR-by-running-p.patch \
file://0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch \
"
diff --git a/meta/recipes-devtools/llvm/llvm_git.bb b/meta/recipes-devtools/llvm/llvm_git.bb
index db6694339c..58cdaaa5a9 100644
--- a/meta/recipes-devtools/llvm/llvm_git.bb
+++ b/meta/recipes-devtools/llvm/llvm_git.bb
@@ -30,13 +30,17 @@ LLVM_DIR = "llvm${LLVM_RELEASE}"
BRANCH = "release/${MAJOR_VERSION}.x"
SRCREV = "1fdec59bffc11ae37eb51a1b9869f0696bfd5312"
-SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH} \
+SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH};protocol=https \
file://0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch;striplevel=2 \
file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \
file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \
file://0001-nfc-Fix-missing-include.patch;striplevel=2 \
"
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
+
UPSTREAM_CHECK_GITTAGREGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)"
S = "${WORKDIR}/git/llvm"
diff --git a/meta/recipes-devtools/m4/m4-1.4.18.inc b/meta/recipes-devtools/m4/m4-1.4.18.inc
index a9b63c1bf6..6475b02f8b 100644
--- a/meta/recipes-devtools/m4/m4-1.4.18.inc
+++ b/meta/recipes-devtools/m4/m4-1.4.18.inc
@@ -9,6 +9,7 @@ inherit autotools texinfo ptest
SRC_URI = "${GNU_MIRROR}/m4/m4-${PV}.tar.gz \
file://ac_config_links.patch \
file://m4-1.4.18-glibc-change-work-around.patch \
+ file://0001-c-stack-stop-using-SIGSTKSZ.patch \
"
SRC_URI_append_class-target = " file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
file://run-ptest \
diff --git a/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch b/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch
new file mode 100644
index 0000000000..883b8a2075
--- /dev/null
+++ b/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch
@@ -0,0 +1,84 @@
+From 69238f15129f35eb4756ad8e2004e0d7907cb175 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 30 Apr 2021 17:40:36 -0700
+Subject: [PATCH] c-stack: stop using SIGSTKSZ
+
+This patch is required with glibc 2.34+
+based on gnulib [1]
+
+[1] https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=f9e2b20a12a230efa30f1d479563ae07d276a94b
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ lib/c-stack.c | 22 +++++++++++++---------
+ 1 file changed, 13 insertions(+), 9 deletions(-)
+
+diff --git a/lib/c-stack.c b/lib/c-stack.c
+index 5353c08..863f764 100644
+--- a/lib/c-stack.c
++++ b/lib/c-stack.c
+@@ -51,13 +51,14 @@
+ typedef struct sigaltstack stack_t;
+ #endif
+ #ifndef SIGSTKSZ
+-# define SIGSTKSZ 16384
+-#elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384
++#define get_sigstksz() (16384)
++#elif HAVE_LIBSIGSEGV
+ /* libsigsegv 2.6 through 2.8 have a bug where some architectures use
+ more than the Linux default of an 8k alternate stack when deciding
+ if a fault was caused by stack overflow. */
+-# undef SIGSTKSZ
+-# define SIGSTKSZ 16384
++#define get_sigstksz() ((SIGSTKSZ) < 16384 ? 16384 : (SIGSTKSZ))
++#else
++#define get_sigstksz() ((SIGSTKSZ))
+ #endif
+
+ #include <stdlib.h>
+@@ -131,7 +132,8 @@ die (int signo)
+ /* Storage for the alternate signal stack. */
+ static union
+ {
+- char buffer[SIGSTKSZ];
++ /* allocate buffer with size from get_sigstksz() */
++ char *buffer;
+
+ /* These other members are for proper alignment. There's no
+ standard way to guarantee stack alignment, but this seems enough
+@@ -203,10 +205,11 @@ c_stack_action (void (*action) (int))
+ program_error_message = _("program error");
+ stack_overflow_message = _("stack overflow");
+
++ alternate_signal_stack.buffer = malloc(get_sigstksz());
+ /* Always install the overflow handler. */
+ if (stackoverflow_install_handler (overflow_handler,
+ alternate_signal_stack.buffer,
+- sizeof alternate_signal_stack.buffer))
++ get_sigstksz()))
+ {
+ errno = ENOTSUP;
+ return -1;
+@@ -279,14 +282,15 @@ c_stack_action (void (*action) (int))
+ stack_t st;
+ struct sigaction act;
+ st.ss_flags = 0;
++ alternate_signal_stack.buffer = malloc(get_sigstksz());
+ # if SIGALTSTACK_SS_REVERSED
+ /* Irix mistakenly treats ss_sp as the upper bound, rather than
+ lower bound, of the alternate stack. */
+- st.ss_sp = alternate_signal_stack.buffer + SIGSTKSZ - sizeof (void *);
+- st.ss_size = sizeof alternate_signal_stack.buffer - sizeof (void *);
++ st.ss_sp = alternate_signal_stack.buffer + get_sigstksz() - sizeof (void *);
++ st.ss_size = get_sigstksz() - sizeof (void *);
+ # else
+ st.ss_sp = alternate_signal_stack.buffer;
+- st.ss_size = sizeof alternate_signal_stack.buffer;
++ st.ss_size = get_sigstksz();
+ # endif
+ r = sigaltstack (&st, NULL);
+ if (r != 0)
+--
+2.31.1
+
diff --git a/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch b/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch
new file mode 100644
index 0000000000..f96cc7d302
--- /dev/null
+++ b/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch
@@ -0,0 +1,431 @@
+From 597c7a8333df84a87cc48fb8477b603ffbf372a6 Mon Sep 17 00:00:00 2001
+From: Andrej Valek <andrej.valek@siemens.com>
+Date: Mon, 23 Aug 2021 12:45:11 +0200
+Subject: [PATCH] feat(cpp17): remove deprecated exception specifications for
+ C++ 17
+
+Upstream-Status: Submitted [https://salsa.debian.org/installer-team/mklibs/-/merge_requests/2]
+
+based on: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html
+
+Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
+---
+ src/mklibs-readelf/elf.cpp | 48 ++++++++++++++++++++---------------------
+ src/mklibs-readelf/elf.hpp | 18 ++++++++--------
+ src/mklibs-readelf/elf_data.hpp | 36 +++++++++++++++----------------
+ 3 files changed, 51 insertions(+), 51 deletions(-)
+
+diff --git a/src/mklibs-readelf/elf.cpp b/src/mklibs-readelf/elf.cpp
+index 0e4c0f3..2e6d0f6 100644
+--- a/src/mklibs-readelf/elf.cpp
++++ b/src/mklibs-readelf/elf.cpp
+@@ -36,7 +36,7 @@ file::~file () throw ()
+ delete *it;
+ }
+
+-file *file::open (const char *filename) throw (std::bad_alloc, std::runtime_error)
++file *file::open (const char *filename) throw ()
+ {
+ struct stat buf;
+ int fd;
+@@ -72,7 +72,7 @@ file *file::open (const char *filename) throw (std::bad_alloc, std::runtime_erro
+ }
+
+ template<typename _class>
+-file *file::open_class(uint8_t *mem, size_t len) throw (std::bad_alloc, std::runtime_error)
++file *file::open_class(uint8_t *mem, size_t len) throw ()
+ {
+ switch (mem[EI_DATA])
+ {
+@@ -86,7 +86,7 @@ file *file::open_class(uint8_t *mem, size_t len) throw (std::bad_alloc, std::run
+ }
+
+ template <typename _class, typename _data>
+-file_data<_class, _data>::file_data(uint8_t *mem, size_t len) throw (std::bad_alloc, std::runtime_error)
++file_data<_class, _data>::file_data(uint8_t *mem, size_t len) throw ()
+ : file(mem, len)
+ {
+ if (mem[EI_CLASS] != _class::id)
+@@ -190,7 +190,7 @@ section_data<_class, _data>::section_data(Shdr *shdr, uint8_t *mem) throw ()
+ }
+
+ template <typename _class, typename _data>
+-void section_data<_class, _data>::update(const file &file) throw (std::bad_alloc)
++void section_data<_class, _data>::update(const file &file) throw ()
+ {
+ const section_type<section_type_STRTAB> &section =
+ dynamic_cast<const section_type<section_type_STRTAB> &>(file.get_section(file.get_shstrndx()));
+@@ -204,7 +204,7 @@ section_type<section_type_DYNAMIC>::~section_type() throw ()
+ }
+
+ template <typename _class, typename _data>
+-section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data>(header, mem)
+ {
+ if (this->type != SHT_DYNAMIC)
+@@ -221,7 +221,7 @@ section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, ui
+ }
+
+ template <typename _class, typename _data>
+-void section_real<_class, _data, section_type_DYNAMIC>::update(const file &file) throw (std::bad_alloc)
++void section_real<_class, _data, section_type_DYNAMIC>::update(const file &file) throw ()
+ {
+ section_data<_class, _data>::update(file);
+
+@@ -243,7 +243,7 @@ section_type<section_type_DYNSYM>::~section_type() throw ()
+ }
+
+ template <typename _class, typename _data>
+-section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data>(header, mem)
+ {
+ if (this->type != SHT_DYNSYM)
+@@ -260,7 +260,7 @@ section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uin
+ }
+
+ template <typename _class, typename _data>
+-void section_real<_class, _data, section_type_DYNSYM>::update(const file &file) throw (std::bad_alloc)
++void section_real<_class, _data, section_type_DYNSYM>::update(const file &file) throw ()
+ {
+ section_data<_class, _data>::update (file);
+
+@@ -285,7 +285,7 @@ const version_definition *section_type<section_type_GNU_VERDEF>::get_version_def
+ }
+
+ template <typename _class, typename _data>
+-section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data>(header, mem)
+ {
+ if (this->type != SHT_GNU_verdef)
+@@ -307,7 +307,7 @@ section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header,
+ }
+
+ template <typename _class, typename _data>
+-void section_real<_class, _data, section_type_GNU_VERDEF>::update(const file &file) throw (std::bad_alloc)
++void section_real<_class, _data, section_type_GNU_VERDEF>::update(const file &file) throw ()
+ {
+ section_data<_class, _data>::update(file);
+
+@@ -333,7 +333,7 @@ const version_requirement_entry *section_type<section_type_GNU_VERNEED>::get_ver
+
+ template <typename _class, typename _data>
+ section_real<_class, _data, section_type_GNU_VERNEED>::
+-section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real(Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data> (header, mem)
+ {
+ if (this->type != SHT_GNU_verneed)
+@@ -355,7 +355,7 @@ section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc)
+ }
+
+ template <typename _class, typename _data>
+-void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &file) throw (std::bad_alloc)
++void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &file) throw ()
+ {
+ section_data<_class, _data>::update(file);
+
+@@ -372,7 +372,7 @@ void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &f
+
+ template <typename _class, typename _data>
+ section_real<_class, _data, section_type_GNU_VERSYM>::
+-section_real (Shdr *header, uint8_t *mem) throw (std::bad_alloc)
++section_real (Shdr *header, uint8_t *mem) throw ()
+ : section_data<_class, _data> (header, mem)
+ {
+ if (this->type != SHT_GNU_versym)
+@@ -399,7 +399,7 @@ segment_data<_class, _data>::segment_data (Phdr *phdr, uint8_t *mem) throw ()
+ }
+
+ template <typename _class, typename _data>
+-segment_real<_class, _data, segment_type_INTERP>::segment_real (Phdr *header, uint8_t *mem) throw (std::bad_alloc)
++segment_real<_class, _data, segment_type_INTERP>::segment_real (Phdr *header, uint8_t *mem) throw ()
+ : segment_data<_class, _data> (header, mem)
+ {
+ if (this->type != PT_INTERP)
+@@ -429,13 +429,13 @@ dynamic_data<_class, _data>::dynamic_data (Dyn *dyn) throw ()
+ }
+
+ template <typename _class, typename _data>
+-void dynamic_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++void dynamic_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ if (is_string)
+ val_string = section.get_string(val);
+ }
+
+-std::string symbol::get_version () const throw (std::bad_alloc)
++std::string symbol::get_version () const throw ()
+ {
+ if (verneed)
+ return verneed->get_name();
+@@ -445,7 +445,7 @@ std::string symbol::get_version () const throw (std::bad_alloc)
+ return "Base";
+ }
+
+-std::string symbol::get_version_file () const throw (std::bad_alloc)
++std::string symbol::get_version_file () const throw ()
+ {
+ if (verneed)
+ return verneed->get_file();
+@@ -453,7 +453,7 @@ std::string symbol::get_version_file () const throw (std::bad_alloc)
+ return "None";
+ }
+
+-std::string symbol::get_name_version () const throw (std::bad_alloc)
++std::string symbol::get_name_version () const throw ()
+ {
+ std::string ver;
+
+@@ -478,13 +478,13 @@ symbol_data<_class, _data>::symbol_data (Sym *sym) throw ()
+ }
+
+ template <typename _class, typename _data>
+-void symbol_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++void symbol_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ name_string = section.get_string(name);
+ }
+
+ template <typename _class, typename _data>
+-void symbol_data<_class, _data>::update_version(const file &file, uint16_t index) throw (std::bad_alloc)
++void symbol_data<_class, _data>::update_version(const file &file, uint16_t index) throw ()
+ {
+ if (!file.get_section_GNU_VERSYM())
+ return;
+@@ -531,13 +531,13 @@ version_definition_data<_class, _data>::version_definition_data (Verdef *verdef)
+ }
+
+ template <typename _class, typename _data>
+-void version_definition_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++void version_definition_data<_class, _data>::update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ for (std::vector<uint32_t>::iterator it = names.begin(); it != names.end(); ++it)
+ names_string.push_back(section.get_string(*it));
+ }
+
+-version_requirement::version_requirement() throw (std::bad_alloc)
++version_requirement::version_requirement() throw ()
+ : file_string("None")
+ { }
+
+@@ -561,7 +561,7 @@ version_requirement_data<_class, _data>::version_requirement_data (Verneed *vern
+
+ template <typename _class, typename _data>
+ void version_requirement_data<_class, _data>::
+-update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ file_string = section.get_string(file);
+
+@@ -596,7 +596,7 @@ version_requirement_entry_data(Vernaux *vna, const version_requirement &verneed)
+
+ template <typename _class, typename _data>
+ void version_requirement_entry_data<_class, _data>::
+-update_string(const section_type<section_type_STRTAB> &section) throw (std::bad_alloc)
++update_string(const section_type<section_type_STRTAB> &section) throw ()
+ {
+ name_string = section.get_string(name);
+ }
+diff --git a/src/mklibs-readelf/elf.hpp b/src/mklibs-readelf/elf.hpp
+index 70e61cd..afb0c9e 100644
+--- a/src/mklibs-readelf/elf.hpp
++++ b/src/mklibs-readelf/elf.hpp
+@@ -49,7 +49,7 @@ namespace Elf
+ const uint16_t get_shstrndx() const throw () { return shstrndx; }
+
+ const std::vector<section *> get_sections() const throw () { return sections; };
+- const section &get_section(unsigned int i) const throw (std::out_of_range) { return *sections.at(i); };
++ const section &get_section(unsigned int i) const throw () { return *sections.at(i); };
+ const section_type<section_type_DYNAMIC> *get_section_DYNAMIC() const throw () { return section_DYNAMIC; };
+ const section_type<section_type_DYNSYM> *get_section_DYNSYM() const throw () { return section_DYNSYM; };
+ const section_type<section_type_GNU_VERDEF> *get_section_GNU_VERDEF() const throw () { return section_GNU_VERDEF; };
+@@ -59,13 +59,13 @@ namespace Elf
+ const std::vector<segment *> get_segments() const throw () { return segments; };
+ const segment_type<segment_type_INTERP> *get_segment_INTERP() const throw () { return segment_INTERP; };
+
+- static file *open(const char *filename) throw (std::bad_alloc, std::runtime_error);
++ static file *open(const char *filename) throw ();
+
+ protected:
+- file(uint8_t *mem, size_t len) throw (std::bad_alloc) : mem(mem), len(len) { }
++ file(uint8_t *mem, size_t len) throw () : mem(mem), len(len) { }
+
+ template<typename _class>
+- static file *open_class(uint8_t *, size_t) throw (std::bad_alloc, std::runtime_error);
++ static file *open_class(uint8_t *, size_t) throw ();
+
+ uint16_t type;
+ uint16_t machine;
+@@ -128,7 +128,7 @@ namespace Elf
+ class section_type<section_type_STRTAB> : public virtual section
+ {
+ public:
+- std::string get_string(uint32_t offset) const throw (std::bad_alloc)
++ std::string get_string(uint32_t offset) const throw ()
+ {
+ return std::string(reinterpret_cast<const char *> (mem + offset));
+ }
+@@ -263,10 +263,10 @@ namespace Elf
+ uint8_t get_bind () const throw () { return bind; }
+ uint8_t get_type () const throw () { return type; }
+ const std::string &get_name_string() const throw () { return name_string; }
+- std::string get_version() const throw (std::bad_alloc);
+- std::string get_version_file() const throw (std::bad_alloc);
++ std::string get_version() const throw ();
++ std::string get_version_file() const throw ();
+ uint16_t get_version_data() const throw () { return versym; }
+- std::string get_name_version() const throw (std::bad_alloc);
++ std::string get_name_version() const throw ();
+
+ protected:
+ uint32_t name;
+@@ -305,7 +305,7 @@ namespace Elf
+ class version_requirement
+ {
+ public:
+- version_requirement() throw (std::bad_alloc);
++ version_requirement() throw ();
+ virtual ~version_requirement () throw () { }
+
+ const std::string &get_file() const throw () { return file_string; }
+diff --git a/src/mklibs-readelf/elf_data.hpp b/src/mklibs-readelf/elf_data.hpp
+index 05effee..3871982 100644
+--- a/src/mklibs-readelf/elf_data.hpp
++++ b/src/mklibs-readelf/elf_data.hpp
+@@ -94,7 +94,7 @@ namespace Elf
+ class file_data : public file
+ {
+ public:
+- file_data(uint8_t *, size_t len) throw (std::bad_alloc, std::runtime_error);
++ file_data(uint8_t *, size_t len) throw ();
+
+ const uint8_t get_class() const throw () { return _class::id; }
+ const uint8_t get_data() const throw () { return _data::id; }
+@@ -109,7 +109,7 @@ namespace Elf
+ public:
+ section_data(Shdr *, uint8_t *) throw ();
+
+- virtual void update(const file &) throw (std::bad_alloc);
++ virtual void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data, typename _type>
+@@ -133,9 +133,9 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+
+- void update(const file &) throw (std::bad_alloc);
++ void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -147,9 +147,9 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+
+- void update(const file &) throw (std::bad_alloc);
++ void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -161,9 +161,9 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+
+- void update(const file &) throw (std::bad_alloc);
++ void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -175,9 +175,9 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+
+- void update(const file &) throw (std::bad_alloc);
++ void update(const file &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -189,7 +189,7 @@ namespace Elf
+ typedef typename _elfdef<_class>::Shdr Shdr;
+
+ public:
+- section_real(Shdr *, uint8_t *) throw (std::bad_alloc);
++ section_real(Shdr *, uint8_t *) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -220,7 +220,7 @@ namespace Elf
+ typedef typename _elfdef<_class>::Phdr Phdr;
+
+ public:
+- segment_real (Phdr *, uint8_t *) throw (std::bad_alloc);
++ segment_real (Phdr *, uint8_t *) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -232,7 +232,7 @@ namespace Elf
+ public:
+ dynamic_data (Dyn *) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -244,8 +244,8 @@ namespace Elf
+ public:
+ symbol_data (Sym *) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
+- virtual void update_version (const file &, uint16_t) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
++ virtual void update_version (const file &, uint16_t) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -257,7 +257,7 @@ namespace Elf
+
+ version_definition_data (Verdef *) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -269,7 +269,7 @@ namespace Elf
+
+ version_requirement_data (Verneed *) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
+ };
+
+ template <typename _class, typename _data>
+@@ -280,7 +280,7 @@ namespace Elf
+
+ version_requirement_entry_data (Vernaux *, const version_requirement &) throw ();
+
+- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc);
++ void update_string(const section_type<section_type_STRTAB> &) throw ();
+ };
+ }
+
+--
+2.11.0
+
diff --git a/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb b/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb
index 1784af1f4c..07142e57e0 100644
--- a/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb
+++ b/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb
@@ -12,6 +12,7 @@ SRC_URI = "http://snapshot.debian.org/archive/debian/20180828T214102Z/pool/main/
file://avoid-failure-on-symbol-provided-by-application.patch \
file://show-GNU-unique-symbols-as-provided-symbols.patch \
file://fix_cross_compile.patch \
+ file://remove-deprecated-exception-specification-cpp17.patch \
"
SRC_URI[md5sum] = "6b6eeb9b4016c6a7317acc28c89e32cc"
diff --git a/meta/recipes-devtools/mtd/mtd-utils_git.bb b/meta/recipes-devtools/mtd/mtd-utils_git.bb
index 105a68dad8..de7bdcd969 100644
--- a/meta/recipes-devtools/mtd/mtd-utils_git.bb
+++ b/meta/recipes-devtools/mtd/mtd-utils_git.bb
@@ -14,7 +14,7 @@ RDEPENDS_mtd-utils-tests += "bash"
PV = "2.1.2"
SRCREV = "7b986779342021bda87c04da3bf729718736d8ab"
-SRC_URI = "git://git.infradead.org/mtd-utils.git \
+SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master \
file://add-exclusion-to-mkfs-jffs2-git-2.patch \
"
diff --git a/meta/recipes-devtools/ninja/ninja_1.10.2.bb b/meta/recipes-devtools/ninja/ninja_1.10.2.bb
index 2a39b2d216..79328583ee 100644
--- a/meta/recipes-devtools/ninja/ninja_1.10.2.bb
+++ b/meta/recipes-devtools/ninja/ninja_1.10.2.bb
@@ -8,7 +8,7 @@ DEPENDS = "re2c-native ninja-native"
SRCREV = "e72d1d581c945c158ed68d9bc48911063022a2c6"
-SRC_URI = "git://github.com/ninja-build/ninja.git;branch=release"
+SRC_URI = "git://github.com/ninja-build/ninja.git;branch=release;protocol=https"
UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/patchelf/patchelf/0001-merge-from-PR243.patch b/meta/recipes-devtools/patchelf/patchelf/0001-merge-from-PR243.patch
new file mode 100644
index 0000000000..a5322f0375
--- /dev/null
+++ b/meta/recipes-devtools/patchelf/patchelf/0001-merge-from-PR243.patch
@@ -0,0 +1,47 @@
+From 6ac5c1350834b9da81ab90ab5ba4e5bf507c6c0d Mon Sep 17 00:00:00 2001
+From: Satadru Pramanik <satadru@gmail.com>
+Date: Thu, 20 May 2021 16:52:21 -0400
+Subject: [PATCH] merge from PR243
+
+Upstream-Status: Backport
+
+Reference to upstream patch:
+https://github.com/NixOS/patchelf/commit/4efbce410d00c8cb43f134181d07b364bcf78022
+
+[OP: tweak patch to apply to patchelf v0.10]
+Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
+[OP: tweak patch to apply to patchelf v0.12]
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/patchelf.cc | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/patchelf.cc b/src/patchelf.cc
+index 1854cfa..73a3a86 100644
+--- a/src/patchelf.cc
++++ b/src/patchelf.cc
+@@ -774,12 +774,15 @@ void ElfFile<ElfFileParamNames>::rewriteSectionsLibrary()
+ PT_LOAD segment located directly after the last virtual address
+ page of other segments. */
+ Elf_Addr startPage = 0;
++ Elf_Addr firstPage = 0;
+ for (unsigned int i = 0; i < phdrs.size(); ++i) {
+ Elf_Addr thisPage = roundUp(rdi(phdrs[i].p_vaddr) + rdi(phdrs[i].p_memsz), getPageSize());
+ if (thisPage > startPage) startPage = thisPage;
++ if (rdi(phdrs[i].p_type) == PT_PHDR) firstPage = rdi(phdrs[i].p_vaddr) - rdi(phdrs[i].p_offset);
+ }
+
+ debug("last page is 0x%llx\n", (unsigned long long) startPage);
++ debug("first page is 0x%llx\n", (unsigned long long) firstPage);
+
+ /* When normalizing note segments we will in the worst case be adding
+ 1 program header for each SHT_NOTE section. */
+@@ -852,7 +855,7 @@ void ElfFile<ElfFileParamNames>::rewriteSectionsLibrary()
+ assert(curOff == startOffset + neededSpace);
+
+ /* Write out the updated program and section headers */
+- rewriteHeaders(hdr->e_phoff);
++ rewriteHeaders(firstPage + hdr->e_phoff);
+ }
+
+
diff --git a/meta/recipes-devtools/patchelf/patchelf_0.12.bb b/meta/recipes-devtools/patchelf/patchelf_0.12.bb
index 7c97ea0789..007435a719 100644
--- a/meta/recipes-devtools/patchelf/patchelf_0.12.bb
+++ b/meta/recipes-devtools/patchelf/patchelf_0.12.bb
@@ -4,10 +4,11 @@ HOMEPAGE = "https://github.com/NixOS/patchelf"
LICENSE = "GPLv3"
-SRC_URI = "git://github.com/NixOS/patchelf;protocol=https \
+SRC_URI = "git://github.com/NixOS/patchelf;protocol=https;branch=master \
file://handle-read-only-files.patch \
file://6edec83653ce1b5fc201ff6db93b966394766814.patch \
file://alignmentfix.patch \
+ file://0001-merge-from-PR243.patch \
"
SRCREV = "8d3a16e97294e3c5521c61b4c8835499c9918264"
diff --git a/meta/recipes-devtools/pseudo/files/build-oldlibc b/meta/recipes-devtools/pseudo/files/build-oldlibc
new file mode 100755
index 0000000000..85c438de4e
--- /dev/null
+++ b/meta/recipes-devtools/pseudo/files/build-oldlibc
@@ -0,0 +1,20 @@
+#!/bin/sh
+#
+# Script to re-generate pseudo-prebuilt-2.33.tar.xz
+#
+# Copyright (C) 2021 Richard Purdie
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+for i in x86_64 aarch64 i686; do
+ if [ ! -e $i-nativesdk-libc.tar.xz ]; then
+ wget http://downloads.yoctoproject.org/releases/uninative/3.2/$i-nativesdk-libc.tar.xz
+ fi
+ tar -xf $i-nativesdk-libc.tar.xz --wildcards \*/lib/libpthread\* \*/lib/libdl\*
+ cd $i-linux/lib
+ ln -s libdl.so.2 libdl.so
+ ln -s libpthread.so.0 libpthread.so
+ cd ../..
+done
+tar -cJf pseudo-prebuilt-2.33.tar.xz *-linux \ No newline at end of file
diff --git a/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch b/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch
new file mode 100644
index 0000000000..c453b5f735
--- /dev/null
+++ b/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch
@@ -0,0 +1,57 @@
+If we link against a newer glibc 2.34 and then try and our LD_PRELOAD is run against a
+binary on a host with an older libc, we see symbol errors since in glibc 2.34, pthread
+and dl are merged into libc itself.
+
+We need to use the older form of linking so use glibc binaries from an older release
+to force this. We only use minimal symbols from these anyway.
+
+pthread_atfork is problematic, particularly on arm so use the internal glibc routine
+it maps too. This was always present in the main libc from 2.3.2 onwards.
+
+Yes this is horrible. Better solutions welcome.
+
+There is more info in the bug: [YOCTO #14521]
+
+Upstream-Status: Inappropriate [this patch is native and nativesdk]
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+Tweak library search order, make prebuilt lib ahead of recipe lib
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ Makefile.in | 2 +-
+ pseudo_wrappers.c | 5 ++++-
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.in b/Makefile.in
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -120,7 +120,7 @@ $(PSEUDODB): pseudodb.o $(SHOBJS) $(DBOBJS) pseudo_ipc.o | $(BIN)
+ libpseudo: $(LIBPSEUDO)
+
+ $(LIBPSEUDO): $(WRAPOBJS) pseudo_client.o pseudo_ipc.o $(SHOBJS) | $(LIB)
+- $(CC) $(CFLAGS) $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \
++ $(CC) $(CFLAGS) -Lprebuilt/$(shell uname -m)-linux/lib/ $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \
+ pseudo_client.o pseudo_ipc.o \
+ $(WRAPOBJS) $(SHOBJS) $(LDFLAGS) $(CLIENT_LDFLAGS)
+
+diff --git a/pseudo_wrappers.c b/pseudo_wrappers.c
+--- a/pseudo_wrappers.c
++++ b/pseudo_wrappers.c
+@@ -100,10 +100,13 @@ static void libpseudo_atfork_child(void)
+ pseudo_mutex_holder = 0;
+ }
+
++extern void *__dso_handle;
++extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *);
++
+ static void
+ _libpseudo_init(void) {
+ if (!_libpseudo_initted)
+- pthread_atfork(NULL, NULL, libpseudo_atfork_child);
++ __register_atfork (NULL, NULL, libpseudo_atfork_child, &__dso_handle == NULL ? NULL : __dso_handle);
+
+ pseudo_getlock();
+ pseudo_antimagic();
+--
+2.27.0
+
diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb
index 0ba460f3e6..1a5d230c69 100644
--- a/meta/recipes-devtools/pseudo/pseudo_git.bb
+++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
@@ -5,8 +5,15 @@ SRC_URI = "git://git.yoctoproject.org/pseudo;branch=oe-core \
file://fallback-passwd \
file://fallback-group \
"
+SRC_URI:append:class-native = " \
+ http://downloads.yoctoproject.org/mirror/sources/pseudo-prebuilt-2.33.tar.xz;subdir=git/prebuilt;name=prebuilt \
+ file://older-glibc-symbols.patch"
+SRC_URI:append:class-nativesdk = " \
+ http://downloads.yoctoproject.org/mirror/sources/pseudo-prebuilt-2.33.tar.xz;subdir=git/prebuilt;name=prebuilt \
+ file://older-glibc-symbols.patch"
+SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa"
-SRCREV = "b988b0a6b8afd8d459bc9a2528e834f63a3d59b2"
+SRCREV = "d34f2f6cedccf8488730001bcbde6bb7499f8814"
S = "${WORKDIR}/git"
PV = "1.9.0+git${SRCPV}"
diff --git a/meta/recipes-devtools/python-numpy/files/CVE-2021-41496.patch b/meta/recipes-devtools/python-numpy/files/CVE-2021-41496.patch
new file mode 100644
index 0000000000..0afc79ae0d
--- /dev/null
+++ b/meta/recipes-devtools/python-numpy/files/CVE-2021-41496.patch
@@ -0,0 +1,64 @@
+From 86d81322c5c0ab67f89d64f56f6e77d4fe185910 Mon Sep 17 00:00:00 2001
+From: Warren Weckesser <warren.weckesser@gmail.com>
+Date: Tue, 29 Mar 2022 15:58:00 +0800
+Subject: [PATCH] BUG: f2py: Simplify creation of an exception message. Closes
+ gh-19000.
+
+CVE: CVE-2021-41496
+
+Upstream-Status: Backport [https://github.com/numpy/numpy/commit/271010f1037150e95017f803f4214b8861e528f2]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ numpy/f2py/src/fortranobject.c | 26 ++++++++++++--------------
+ 1 file changed, 12 insertions(+), 14 deletions(-)
+
+diff --git a/numpy/f2py/src/fortranobject.c b/numpy/f2py/src/fortranobject.c
+index 3275f90..85c9c7f 100644
+--- a/numpy/f2py/src/fortranobject.c
++++ b/numpy/f2py/src/fortranobject.c
+@@ -637,14 +637,14 @@ static int check_and_fix_dimensions(const PyArrayObject* arr,
+ npy_intp *dims);
+
+ static int
+-count_negative_dimensions(const int rank,
++find_first_negative_dimension(const int rank,
+ const npy_intp *dims) {
+- int i=0,r=0;
+- while (i<rank) {
+- if (dims[i] < 0) ++r;
+- ++i;
++ for (int i = 0; i < rank; ++i) {
++ if (dims[i] < 0) {
++ return i;
++ }
+ }
+- return r;
++ return -1;
+ }
+
+ #ifdef DEBUG_COPY_ND_ARRAY
+@@ -721,14 +721,12 @@ PyArrayObject* array_from_pyobj(const int type_num,
+ || ((intent & F2PY_OPTIONAL) && (obj==Py_None))
+ ) {
+ /* intent(cache), optional, intent(hide) */
+- if (count_negative_dimensions(rank,dims) > 0) {
+- int i;
+- strcpy(mess, "failed to create intent(cache|hide)|optional array"
+- "-- must have defined dimensions but got (");
+- for(i=0;i<rank;++i)
+- sprintf(mess+strlen(mess),"%" NPY_INTP_FMT ",",dims[i]);
+- strcat(mess, ")");
+- PyErr_SetString(PyExc_ValueError,mess);
++ int i = find_first_negative_dimension(rank, dims);
++ if (i >= 0) {
++ PyErr_Format(PyExc_ValueError,
++ "failed to create intent(cache|hide)|optional array"
++ " -- must have defined dimensions, but dims[%d] = %"
++ NPY_INTP_FMT, i, dims[i]);
+ return NULL;
+ }
+ arr = (PyArrayObject *)
+--
+2.25.1
+
diff --git a/meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb b/meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb
index 6c3b886782..9e55e74d2c 100644
--- a/meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb
+++ b/meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb
@@ -10,6 +10,7 @@ SRCNAME = "numpy"
SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${SRCNAME}-${PV}.tar.gz \
file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \
file://0001-numpy-core-Define-RISCV-32-support.patch \
+ file://CVE-2021-41496.patch \
file://run-ptest \
"
SRC_URI[sha256sum] = "9bf51d69ebb4ca9239e55bedc2185fe2c0ec222da0adee7ece4125414676846d"
diff --git a/meta/recipes-devtools/python/python3-pyelftools_0.27.bb b/meta/recipes-devtools/python/python3-pyelftools_0.27.bb
index 0cfd99504b..f8b9d420a5 100644
--- a/meta/recipes-devtools/python/python3-pyelftools_0.27.bb
+++ b/meta/recipes-devtools/python/python3-pyelftools_0.27.bb
@@ -11,3 +11,5 @@ PYPI_PACKAGE = "pyelftools"
inherit pypi setuptools3
BBCLASSEXTEND = "native"
+
+RDEPENDS_${PN} += "${PYTHON_PN}-debugger ${PYTHON_PN}-pprint"
diff --git a/meta/recipes-devtools/python/python3/0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch b/meta/recipes-devtools/python/python3/0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch
deleted file mode 100644
index 237645bc60..0000000000
--- a/meta/recipes-devtools/python/python3/0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 840fda32c82550259d02a7a56a78a9c05162b1a1 Mon Sep 17 00:00:00 2001
-From: Changqing Li <changqing.li@windriver.com>
-Date: Wed, 8 May 2019 16:10:29 +0800
-Subject: [PATCH] Makefile: fix Issue36464 (parallel build race problem)
-
-When using make -j with the 'install' target, it's possible for altbininstall
-(which normally creates BINDIR) and libainstall (which doesn't, though it
-installs python-config there) to race, resulting in a failure due to
-attempting to install python-config into a nonexistent BINDIR. Ensure it also
-exists in the libainstall target.
-
-Upstream-Status: Submitted [https://github.com/python/cpython/pull/13186]
-
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
----
- Makefile.pre.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Makefile.pre.in b/Makefile.pre.in
-index 15f3687..7e9f173 100644
---- a/Makefile.pre.in
-+++ b/Makefile.pre.in
-@@ -1456,7 +1456,7 @@ LIBPL= @LIBPL@
- LIBPC= $(LIBDIR)/pkgconfig
-
- libainstall: @DEF_MAKE_RULE@ python-config
-- @for i in $(LIBDIR) $(LIBPL) $(LIBPC); \
-+ @for i in $(LIBDIR) $(LIBPL) $(LIBPC) $(BINDIR); \
- do \
- if test ! -d $(DESTDIR)$$i; then \
- echo "Creating directory $$i"; \
---
-2.7.4
-
diff --git a/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch b/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch
index c4fae09a5b..99968b81de 100644
--- a/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch
+++ b/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch
@@ -1,7 +1,8 @@
-From 1ad771d86728ee2ed30e202e9768d8d825f96467 Mon Sep 17 00:00:00 2001
+From d9eb634b3d2e6ba831e864c50f6a37c48edfc4f3 Mon Sep 17 00:00:00 2001
From: Matthias Schoepfer <matthias.schoepfer@ithinx.io>
Date: Fri, 31 May 2019 15:34:34 +0200
Subject: [PATCH] bpo-36852: proper detection of mips architecture for soft
+
float
When (cross) compiling for softfloat mips, __mips_hard_float will not be
@@ -13,18 +14,18 @@ to do this in a more autoconf/autotools manner.
Upstream-Status: Submitted [https://github.com/python/cpython/pull/13196]
Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io>
-%% original patch: 0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch
+
---
configure.ac | 175 +++++++--------------------------------------------
1 file changed, 21 insertions(+), 154 deletions(-)
diff --git a/configure.ac b/configure.ac
-index ede710e..bc81b0b 100644
+index e2979a8..337182d 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -710,160 +710,27 @@ fi
- MULTIARCH=$($CC --print-multiarch 2>/dev/null)
- AC_SUBST(MULTIARCH)
+@@ -728,160 +728,27 @@ then
+ fi
+
-AC_MSG_CHECKING([for the platform triplet based on compiler characteristics])
-cat >> conftest.c <<EOF
@@ -202,8 +203,5 @@ index ede710e..bc81b0b 100644
+ ;;
+esac
- if test x$PLATFORM_TRIPLET != x && test x$MULTIARCH != x; then
- if test x$PLATFORM_TRIPLET != x$MULTIARCH; then
---
-2.24.1
-
+ if test x$PLATFORM_TRIPLET != xdarwin; then
+ MULTIARCH=$($CC --print-multiarch 2>/dev/null)
diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch
new file mode 100644
index 0000000000..96744cb557
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/makerace.patch
@@ -0,0 +1,23 @@
+libainstall installs python-config.py but the .pyc cache files are generated
+by the libinstall target. This means some builds may not generate the pyc files
+for python-config.py depending on the order things happen in. This means builds
+are not always reproducible.
+
+Add a dependency to avoid the race.
+
+Upstream-Status: Pending
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+Index: Python-3.9.6/Makefile.pre.in
+===================================================================
+--- Python-3.9.6.orig/Makefile.pre.in
++++ Python-3.9.6/Makefile.pre.in
+@@ -1486,7 +1486,7 @@ LIBSUBDIRS= tkinter tkinter/test tkinter
+ venv venv/scripts venv/scripts/common venv/scripts/posix \
+ curses pydoc_data \
+ zoneinfo
+-libinstall: build_all $(srcdir)/Modules/xxmodule.c
++libinstall: build_all $(srcdir)/Modules/xxmodule.c libainstall
+ @for i in $(SCRIPTDIR) $(LIBDEST); \
+ do \
+ if test ! -d $(DESTDIR)$$i; then \
diff --git a/meta/recipes-devtools/python/python3_3.9.5.bb b/meta/recipes-devtools/python/python3_3.9.9.bb
index 82177f4a18..f41529833c 100644
--- a/meta/recipes-devtools/python/python3_3.9.5.bb
+++ b/meta/recipes-devtools/python/python3_3.9.9.bb
@@ -20,7 +20,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://python-config.patch \
file://0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch \
file://0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch \
- file://0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch \
file://0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch \
file://crosspythonpath.patch \
file://0001-Use-FLAG_REF-always-for-interned-strings.patch \
@@ -31,6 +30,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \
file://0001-Lib-sysconfig.py-use-libdir-values-from-configuratio.patch \
file://0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch \
+ file://makerace.patch \
"
SRC_URI_append_class-native = " \
@@ -38,7 +38,7 @@ SRC_URI_append_class-native = " \
file://12-distutils-prefix-is-inside-staging-area.patch \
file://0001-Don-t-search-system-for-headers-libraries.patch \
"
-SRC_URI[sha256sum] = "0c5a140665436ec3dbfbb79e2dfb6d192655f26ef4a29aeffcb6d1820d716d83"
+SRC_URI[sha256sum] = "06828c04a573c073a4e51c4292a27c1be4ae26621c3edc7cf9318418ce3b6d27"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 463339e42b..568ef1be94 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -70,6 +70,11 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2021-3607.patch \
file://CVE-2021-3608.patch \
file://CVE-2021-3682.patch \
+ file://CVE-2021-3713.patch \
+ file://CVE-2021-3748.patch \
+ file://CVE-2021-3930.patch \
+ file://CVE-2021-20196_1.patch \
+ file://CVE-2021-20196_2.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_1.patch
new file mode 100644
index 0000000000..8b1ad0423b
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_1.patch
@@ -0,0 +1,54 @@
+From e907ff3d4cb7fd20d402f45355059e67d0dc93e7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
+Date: Wed, 24 Nov 2021 17:15:34 +0100
+Subject: [PATCH 11/12] hw/block/fdc: Extract blk_create_empty_drive()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+We are going to re-use this code in the next commit,
+so extract it as a new blk_create_empty_drive() function.
+
+Inspired-by: Hanna Reitz <hreitz@redhat.com>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Message-id: 20211124161536.631563-2-philmd@redhat.com
+Signed-off-by: John Snow <jsnow@redhat.com>
+
+Upstream-Status: Backport [b154791e7b6d4ca5cdcd54443484d97360bd7ad2]
+CVE: CVE-2021-20196
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/block/fdc.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/hw/block/fdc.c b/hw/block/fdc.c
+index 4c2c35e22..854b4f172 100644
+--- a/hw/block/fdc.c
++++ b/hw/block/fdc.c
+@@ -61,6 +61,12 @@
+ } while (0)
+
+
++/* Anonymous BlockBackend for empty drive */
++static BlockBackend *blk_create_empty_drive(void)
++{
++ return blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL);
++}
++
+ /********************************************************/
+ /* qdev floppy bus */
+
+@@ -543,8 +549,7 @@ static void floppy_drive_realize(DeviceState *qdev, Error **errp)
+ }
+
+ if (!dev->conf.blk) {
+- /* Anonymous BlockBackend for an empty drive */
+- dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL);
++ dev->conf.blk = blk_create_empty_drive();
+ ret = blk_attach_dev(dev->conf.blk, qdev);
+ assert(ret == 0);
+
+--
+2.31.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_2.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_2.patch
new file mode 100644
index 0000000000..dd442ccb8f
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_2.patch
@@ -0,0 +1,67 @@
+From 1d48445a951fd5504190a38abeda70ea9372cf77 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
+Date: Wed, 24 Nov 2021 17:15:35 +0100
+Subject: [PATCH 12/12] hw/block/fdc: Kludge missing floppy drive to fix
+ CVE-2021-20196
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Guest might select another drive on the bus by setting the
+DRIVE_SEL bit of the DIGITAL OUTPUT REGISTER (DOR).
+The current controller model doesn't expect a BlockBackend
+to be NULL. A simple way to fix CVE-2021-20196 is to create
+an empty BlockBackend when it is missing. All further
+accesses will be safely handled, and the controller state
+machines keep behaving correctly.
+
+Cc: qemu-stable@nongnu.org
+Fixes: CVE-2021-20196
+Reported-by: Gaoning Pan (Ant Security Light-Year Lab) <pgn@zju.edu.cn>
+Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
+Reviewed-by: Hanna Reitz <hreitz@redhat.com>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Message-id: 20211124161536.631563-3-philmd@redhat.com
+BugLink: https://bugs.launchpad.net/qemu/+bug/1912780
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/338
+Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
+Reviewed-by: Hanna Reitz <hreitz@redhat.com>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Signed-off-by: John Snow <jsnow@redhat.com>
+
+Upstream-Status: Backport [1ab95af033a419e7a64e2d58e67dd96b20af5233]
+CVE: CVE-2021-20196
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/block/fdc.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/hw/block/fdc.c b/hw/block/fdc.c
+index 854b4f172..a736c4d14 100644
+--- a/hw/block/fdc.c
++++ b/hw/block/fdc.c
+@@ -1365,7 +1365,19 @@ static FDrive *get_drv(FDCtrl *fdctrl, int unit)
+
+ static FDrive *get_cur_drv(FDCtrl *fdctrl)
+ {
+- return get_drv(fdctrl, fdctrl->cur_drv);
++ FDrive *cur_drv = get_drv(fdctrl, fdctrl->cur_drv);
++
++ if (!cur_drv->blk) {
++ /*
++ * Kludge: empty drive line selected. Create an anonymous
++ * BlockBackend to avoid NULL deref with various BlockBackend
++ * API calls within this model (CVE-2021-20196).
++ * Due to the controller QOM model limitations, we don't
++ * attach the created to the controller device.
++ */
++ cur_drv->blk = blk_create_empty_drive();
++ }
++ return cur_drv;
+ }
+
+ /* Status A register : 0x00 (read-only) */
+--
+2.31.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch
new file mode 100644
index 0000000000..33fca66d3d
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch
@@ -0,0 +1,68 @@
+From 9a8f71ec660e67c51cc5905dd9d2a12ff78ce743 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Wed, 18 Aug 2021 14:05:05 +0200
+Subject: [PATCH 08/12] uas: add stream number sanity checks.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The device uses the guest-supplied stream number unchecked, which can
+lead to guest-triggered out-of-band access to the UASDevice->data3 and
+UASDevice->status3 fields. Add the missing checks.
+
+Fixes: CVE-2021-3713
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Reported-by: Chen Zhe <chenzhe@huawei.com>
+Reported-by: Tan Jingguo <tanjingguo@huawei.com>
+Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Message-Id: <20210818120505.1258262-2-kraxel@redhat.com>
+(cherry picked from commit 13b250b12ad3c59114a6a17d59caf073ce45b33a)
+Signed-off-by: Michael Roth <michael.roth@amd.com>
+
+Upstream-Status: Backport [36403e8788a264dc96174f52584681ebcb4f54b1]
+CVE: CVE-2021-3713
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/usb/dev-uas.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/hw/usb/dev-uas.c b/hw/usb/dev-uas.c
+index cec071d96..157734eb0 100644
+--- a/hw/usb/dev-uas.c
++++ b/hw/usb/dev-uas.c
+@@ -831,6 +831,9 @@ static void usb_uas_handle_data(USBDevice *dev, USBPacket *p)
+ }
+ break;
+ case UAS_PIPE_ID_STATUS:
++ if (p->stream > UAS_MAX_STREAMS) {
++ goto err_stream;
++ }
+ if (p->stream) {
+ QTAILQ_FOREACH(st, &uas->results, next) {
+ if (st->stream == p->stream) {
+@@ -858,6 +861,9 @@ static void usb_uas_handle_data(USBDevice *dev, USBPacket *p)
+ break;
+ case UAS_PIPE_ID_DATA_IN:
+ case UAS_PIPE_ID_DATA_OUT:
++ if (p->stream > UAS_MAX_STREAMS) {
++ goto err_stream;
++ }
+ if (p->stream) {
+ req = usb_uas_find_request(uas, p->stream);
+ } else {
+@@ -893,6 +899,11 @@ static void usb_uas_handle_data(USBDevice *dev, USBPacket *p)
+ p->status = USB_RET_STALL;
+ break;
+ }
++
++err_stream:
++ error_report("%s: invalid stream %d", __func__, p->stream);
++ p->status = USB_RET_STALL;
++ return;
+ }
+
+ static void usb_uas_unrealize(USBDevice *dev)
+--
+2.31.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch
new file mode 100644
index 0000000000..4765f24739
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch
@@ -0,0 +1,127 @@
+From bacc200f623647632258f7efc0f098ac30dd4225 Mon Sep 17 00:00:00 2001
+From: Jason Wang <jasowang@redhat.com>
+Date: Thu, 2 Sep 2021 13:44:12 +0800
+Subject: [PATCH 09/12] virtio-net: fix use after unmap/free for sg
+
+When mergeable buffer is enabled, we try to set the num_buffers after
+the virtqueue elem has been unmapped. This will lead several issues,
+E.g a use after free when the descriptor has an address which belongs
+to the non direct access region. In this case we use bounce buffer
+that is allocated during address_space_map() and freed during
+address_space_unmap().
+
+Fixing this by storing the elems temporarily in an array and delay the
+unmap after we set the the num_buffers.
+
+This addresses CVE-2021-3748.
+
+Reported-by: Alexander Bulekov <alxndr@bu.edu>
+Fixes: fbe78f4f55c6 ("virtio-net support")
+Cc: qemu-stable@nongnu.org
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+
+Upstream-Status: Backport [bedd7e93d01961fcb16a97ae45d93acf357e11f6]
+CVE: CVE-2021-3748
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/net/virtio-net.c | 39 ++++++++++++++++++++++++++++++++-------
+ 1 file changed, 32 insertions(+), 7 deletions(-)
+
+diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
+index 9179013ac..df1d30e2c 100644
+--- a/hw/net/virtio-net.c
++++ b/hw/net/virtio-net.c
+@@ -1665,10 +1665,13 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf,
+ VirtIONet *n = qemu_get_nic_opaque(nc);
+ VirtIONetQueue *q = virtio_net_get_subqueue(nc);
+ VirtIODevice *vdev = VIRTIO_DEVICE(n);
++ VirtQueueElement *elems[VIRTQUEUE_MAX_SIZE];
++ size_t lens[VIRTQUEUE_MAX_SIZE];
+ struct iovec mhdr_sg[VIRTQUEUE_MAX_SIZE];
+ struct virtio_net_hdr_mrg_rxbuf mhdr;
+ unsigned mhdr_cnt = 0;
+- size_t offset, i, guest_offset;
++ size_t offset, i, guest_offset, j;
++ ssize_t err;
+
+ if (!virtio_net_can_receive(nc)) {
+ return -1;
+@@ -1699,6 +1702,12 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf,
+
+ total = 0;
+
++ if (i == VIRTQUEUE_MAX_SIZE) {
++ virtio_error(vdev, "virtio-net unexpected long buffer chain");
++ err = size;
++ goto err;
++ }
++
+ elem = virtqueue_pop(q->rx_vq, sizeof(VirtQueueElement));
+ if (!elem) {
+ if (i) {
+@@ -1710,7 +1719,8 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf,
+ n->guest_hdr_len, n->host_hdr_len,
+ vdev->guest_features);
+ }
+- return -1;
++ err = -1;
++ goto err;
+ }
+
+ if (elem->in_num < 1) {
+@@ -1718,7 +1728,8 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf,
+ "virtio-net receive queue contains no in buffers");
+ virtqueue_detach_element(q->rx_vq, elem, 0);
+ g_free(elem);
+- return -1;
++ err = -1;
++ goto err;
+ }
+
+ sg = elem->in_sg;
+@@ -1755,12 +1766,13 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf,
+ if (!n->mergeable_rx_bufs && offset < size) {
+ virtqueue_unpop(q->rx_vq, elem, total);
+ g_free(elem);
+- return size;
++ err = size;
++ goto err;
+ }
+
+- /* signal other side */
+- virtqueue_fill(q->rx_vq, elem, total, i++);
+- g_free(elem);
++ elems[i] = elem;
++ lens[i] = total;
++ i++;
+ }
+
+ if (mhdr_cnt) {
+@@ -1770,10 +1782,23 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf,
+ &mhdr.num_buffers, sizeof mhdr.num_buffers);
+ }
+
++ for (j = 0; j < i; j++) {
++ /* signal other side */
++ virtqueue_fill(q->rx_vq, elems[j], lens[j], j);
++ g_free(elems[j]);
++ }
++
+ virtqueue_flush(q->rx_vq, i);
+ virtio_notify(vdev, q->rx_vq);
+
+ return size;
++
++err:
++ for (j = 0; j < i; j++) {
++ g_free(elems[j]);
++ }
++
++ return err;
+ }
+
+ static ssize_t virtio_net_do_receive(NetClientState *nc, const uint8_t *buf,
+--
+2.31.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch
new file mode 100644
index 0000000000..bfbe5cee33
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch
@@ -0,0 +1,53 @@
+From cdca50eff9c38367be54f92839734ab490c8b0f7 Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella <mcascell@redhat.com>
+Date: Thu, 4 Nov 2021 17:31:38 +0100
+Subject: [PATCH 10/12] hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE
+ SELECT commands
+
+This avoids an off-by-one read of 'mode_sense_valid' buffer in
+hw/scsi/scsi-disk.c:mode_sense_page().
+
+Fixes: CVE-2021-3930
+Cc: qemu-stable@nongnu.org
+Reported-by: Alexander Bulekov <alxndr@bu.edu>
+Fixes: a8f4bbe2900 ("scsi-disk: store valid mode pages in a table")
+Fixes: #546
+Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com>
+Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+
+Upstream-Status: Backport [b3af7fdf9cc537f8f0dd3e2423d83f5c99a457e8]
+CVE: CVE-2021-3930
+
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ hw/scsi/scsi-disk.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
+index 90841ad79..5b44ed7d8 100644
+--- a/hw/scsi/scsi-disk.c
++++ b/hw/scsi/scsi-disk.c
+@@ -1100,6 +1100,7 @@ static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
+ uint8_t *p = *p_outbuf + 2;
+ int length;
+
++ assert(page < ARRAY_SIZE(mode_sense_valid));
+ if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
+ return -1;
+ }
+@@ -1441,6 +1442,11 @@ static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
+ return -1;
+ }
+
++ /* MODE_PAGE_ALLS is only valid for MODE SENSE commands */
++ if (page == MODE_PAGE_ALLS) {
++ return -1;
++ }
++
+ p = mode_current;
+ memset(mode_current, 0, inlen + 2);
+ len = mode_sense_page(s, page, &p, 0);
+--
+2.31.1
+
diff --git a/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch
new file mode 100644
index 0000000000..b374583017
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch
@@ -0,0 +1,57 @@
+From 9a6871126f472feea057d5f803505ec8cc78f083 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Thu, 30 Sep 2021 09:56:20 +0300
+Subject: [PATCH 1/3] Refactor pgpDigParams construction to helper function
+
+No functional changes, just to reduce code duplication and needed by
+the following commits.
+
+CVE: CVE-2021-3521
+Upstream-Staus: Backport[https://github.com/rpm-software-management/rpm/commit/9f03f42e2]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ rpmio/rpmpgp.c | 13 +++++++++----
+ 1 file changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
+index d0688ebe9a..e472b5320f 100644
+--- a/rpmio/rpmpgp.c
++++ b/rpmio/rpmpgp.c
+@@ -1041,6 +1041,13 @@ unsigned int pgpDigParamsAlgo(pgpDigParams digp, unsigned int algotype)
+ return algo;
+ }
+
++static pgpDigParams pgpDigParamsNew(uint8_t tag)
++{
++ pgpDigParams digp = xcalloc(1, sizeof(*digp));
++ digp->tag = tag;
++ return digp;
++}
++
+ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
+ pgpDigParams * ret)
+ {
+@@ -1058,8 +1065,7 @@ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
+ if (pkttype && pkt.tag != pkttype) {
+ break;
+ } else {
+- digp = xcalloc(1, sizeof(*digp));
+- digp->tag = pkt.tag;
++ digp = pgpDigParamsNew(pkt.tag);
+ }
+ }
+
+@@ -1105,8 +1111,7 @@ int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
+ digps = xrealloc(digps, alloced * sizeof(*digps));
+ }
+
+- digps[count] = xcalloc(1, sizeof(**digps));
+- digps[count]->tag = PGPTAG_PUBLIC_SUBKEY;
++ digps[count] = pgpDigParamsNew(PGPTAG_PUBLIC_SUBKEY);
+ /* Copy UID from main key to subkey */
+ digps[count]->userid = xstrdup(mainkey->userid);
+
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch b/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch
new file mode 100644
index 0000000000..79b168257e
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch
@@ -0,0 +1,28 @@
+From 2d351c666f09cc1b9e368422653fb42ac8b86249 Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex@linutronix.de>
+Date: Tue, 31 Aug 2021 10:37:05 +0200
+Subject: [PATCH] build/pack.c: do not insert payloadflags into .rpm metadata
+
+The flags look like '19T56' where 19 is the compression level
+(deterministic), and 56 is the amount of threads (varies from one
+host to the next and breaks reproducibility for .rpm).
+
+Upstream-Status: Inappropriate [oe-core specific]
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ build/pack.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/build/pack.c b/build/pack.c
+index 932cb213e..b45d0726f 100644
+--- a/build/pack.c
++++ b/build/pack.c
+@@ -328,7 +328,7 @@ static char *getIOFlags(Package pkg)
+ headerPutString(pkg->header, RPMTAG_PAYLOADCOMPRESSOR, compr);
+ buf = xstrdup(rpmio_flags);
+ buf[s - rpmio_flags] = '\0';
+- headerPutString(pkg->header, RPMTAG_PAYLOADFLAGS, buf+1);
++ headerPutString(pkg->header, RPMTAG_PAYLOADFLAGS, "");
+ free(buf);
+ }
+ exit:
diff --git a/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch
new file mode 100644
index 0000000000..a8ff98fa26
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch
@@ -0,0 +1,62 @@
+From c4b1bee51bbdd732b94b431a951481af99117703 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Thu, 30 Sep 2021 09:51:10 +0300
+Subject: [PATCH 2/3] Process MPI's from all kinds of signatures
+
+No immediate effect but needed by the following commits.
+
+CVE: CVE-2021-3521
+Upstream-Status: Backport[https://github.com/rpm-software-management/rpm/commit/b5e8bc74b]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ rpmio/rpmpgp.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
+index e472b5320f..57d411d1e0 100644
+--- a/rpmio/rpmpgp.c
++++ b/rpmio/rpmpgp.c
+@@ -515,7 +515,7 @@ pgpDigAlg pgpDigAlgFree(pgpDigAlg alg)
+ return NULL;
+ }
+
+-static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype,
++static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo,
+ const uint8_t *p, const uint8_t *h, size_t hlen,
+ pgpDigParams sigp)
+ {
+@@ -528,10 +528,8 @@ static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype,
+ int mpil = pgpMpiLen(p);
+ if (p + mpil > pend)
+ break;
+- if (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT) {
+- if (sigalg->setmpi(sigalg, i, p))
+- break;
+- }
++ if (sigalg->setmpi(sigalg, i, p))
++ break;
+ p += mpil;
+ }
+
+@@ -604,7 +602,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,
+ }
+
+ p = ((uint8_t *)v) + sizeof(*v);
+- rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp);
++ rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp);
+ } break;
+ case 4:
+ { pgpPktSigV4 v = (pgpPktSigV4)h;
+@@ -662,7 +660,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,
+ if (p > (h + hlen))
+ return 1;
+
+- rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp);
++ rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp);
+ } break;
+ default:
+ rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), version);
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch
new file mode 100644
index 0000000000..d39ea7dacd
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch
@@ -0,0 +1,332 @@
+From 07676ca03ad8afcf1ca95a2353c83fbb1d970b9b Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Thu, 30 Sep 2021 09:59:30 +0300
+Subject: [PATCH 3/3] Validate and require subkey binding signatures on PGP
+ public keys
+
+All subkeys must be followed by a binding signature by the primary key
+as per the OpenPGP RFC, enforce the presence and validity in the parser.
+
+The implementation is as kludgey as they come to work around our
+simple-minded parser structure without touching API, to maximise
+backportability. Store all the raw packets internally as we decode them
+to be able to access previous elements at will, needed to validate ordering
+and access the actual data. Add testcases for manipulated keys whose
+import previously would succeed.
+
+Depends on the two previous commits:
+7b399fcb8f52566e6f3b4327197a85facd08db91 and
+236b802a4aa48711823a191d1b7f753c82a89ec5
+
+Fixes CVE-2021-3521.
+
+Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/bd36c5dc9]
+CVE:CVE-2021-3521
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ rpmio/rpmpgp.c | 100 ++++++++++++++++--
+ tests/Makefile.am | 3 +
+ tests/data/keys/CVE-2021-3521-badbind.asc | 25 +++++
+ .../data/keys/CVE-2021-3521-nosubsig-last.asc | 25 +++++
+ tests/data/keys/CVE-2021-3521-nosubsig.asc | 37 +++++++
+ tests/rpmsigdig.at | 28 +++++
+ 6 files changed, 211 insertions(+), 7 deletions(-)
+ create mode 100644 tests/data/keys/CVE-2021-3521-badbind.asc
+ create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig-last.asc
+ create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig.asc
+
+diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
+index 57d411d1e0..b12410d671 100644
+--- a/rpmio/rpmpgp.c
++++ b/rpmio/rpmpgp.c
+@@ -1046,35 +1046,121 @@ static pgpDigParams pgpDigParamsNew(uint8_t tag)
+ return digp;
+ }
+
++static int hashKey(DIGEST_CTX hash, const struct pgpPkt *pkt, int exptag)
++{
++ int rc = -1;
++ if (pkt->tag == exptag) {
++ uint8_t head[] = {
++ 0x99,
++ (pkt->blen >> 8),
++ (pkt->blen ),
++ };
++
++ rpmDigestUpdate(hash, head, 3);
++ rpmDigestUpdate(hash, pkt->body, pkt->blen);
++ rc = 0;
++ }
++ return rc;
++}
++
++static int pgpVerifySelf(pgpDigParams key, pgpDigParams selfsig,
++ const struct pgpPkt *all, int i)
++{
++ int rc = -1;
++ DIGEST_CTX hash = NULL;
++
++ switch (selfsig->sigtype) {
++ case PGPSIGTYPE_SUBKEY_BINDING:
++ hash = rpmDigestInit(selfsig->hash_algo, 0);
++ if (hash) {
++ rc = hashKey(hash, &all[0], PGPTAG_PUBLIC_KEY);
++ if (!rc)
++ rc = hashKey(hash, &all[i-1], PGPTAG_PUBLIC_SUBKEY);
++ }
++ break;
++ default:
++ /* ignore types we can't handle */
++ rc = 0;
++ break;
++ }
++
++ if (hash && rc == 0)
++ rc = pgpVerifySignature(key, selfsig, hash);
++
++ rpmDigestFinal(hash, NULL, NULL, 0);
++
++ return rc;
++}
++
+ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
+ pgpDigParams * ret)
+ {
+ const uint8_t *p = pkts;
+ const uint8_t *pend = pkts + pktlen;
+ pgpDigParams digp = NULL;
+- struct pgpPkt pkt;
++ pgpDigParams selfsig = NULL;
++ int i = 0;
++ int alloced = 16; /* plenty for normal cases */
++ struct pgpPkt *all = xmalloc(alloced * sizeof(*all));
+ int rc = -1; /* assume failure */
++ int expect = 0;
++ int prevtag = 0;
+
+ while (p < pend) {
+- if (decodePkt(p, (pend - p), &pkt))
++ struct pgpPkt *pkt = &all[i];
++ if (decodePkt(p, (pend - p), pkt))
+ break;
+
+ if (digp == NULL) {
+- if (pkttype && pkt.tag != pkttype) {
++ if (pkttype && pkt->tag != pkttype) {
+ break;
+ } else {
+- digp = pgpDigParamsNew(pkt.tag);
++ digp = pgpDigParamsNew(pkt->tag);
+ }
+ }
+
+- if (pgpPrtPkt(&pkt, digp))
++ if (expect) {
++ if (pkt->tag != expect)
++ break;
++ selfsig = pgpDigParamsNew(pkt->tag);
++ }
++
++ if (pgpPrtPkt(pkt, selfsig ? selfsig : digp))
+ break;
+
+- p += (pkt.body - pkt.head) + pkt.blen;
++ if (selfsig) {
++ /* subkeys must be followed by binding signature */
++ if (prevtag == PGPTAG_PUBLIC_SUBKEY) {
++ if (selfsig->sigtype != PGPSIGTYPE_SUBKEY_BINDING)
++ break;
++ }
++
++ int xx = pgpVerifySelf(digp, selfsig, all, i);
++
++ selfsig = pgpDigParamsFree(selfsig);
++ if (xx)
++ break;
++ expect = 0;
++ }
++
++ if (pkt->tag == PGPTAG_PUBLIC_SUBKEY)
++ expect = PGPTAG_SIGNATURE;
++ prevtag = pkt->tag;
++
++ i++;
++ p += (pkt->body - pkt->head) + pkt->blen;
++ if (pkttype == PGPTAG_SIGNATURE)
++ break;
++
++ if (alloced <= i) {
++ alloced *= 2;
++ all = xrealloc(all, alloced * sizeof(*all));
++ }
+ }
+
+- rc = (digp && (p == pend)) ? 0 : -1;
++ rc = (digp && (p == pend) && expect == 0) ? 0 : -1;
+
++ free(all);
+ if (ret && rc == 0) {
+ *ret = digp;
+ } else {
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index f742a9e1d2..328234278a 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -107,6 +107,9 @@ EXTRA_DIST += data/SPECS/hello-config-buildid.spec
+ EXTRA_DIST += data/SPECS/hello-cd.spec
+ EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.pub
+ EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.secret
++EXTRA_DIST += data/keys/CVE-2021-3521-badbind.asc
++EXTRA_DIST += data/keys/CVE-2021-3521-nosubsig.asc
++EXTRA_DIST += data/keys/CVE-2021-3521-nosubsig-last.asc
+ EXTRA_DIST += data/macros.testfile
+ EXTRA_DIST += data/macros.debug
+ EXTRA_DIST += data/SOURCES/foo.c
+diff --git a/tests/data/keys/CVE-2021-3521-badbind.asc b/tests/data/keys/CVE-2021-3521-badbind.asc
+new file mode 100644
+index 0000000000..aea00f9d7a
+--- /dev/null
++++ b/tests/data/keys/CVE-2021-3521-badbind.asc
+@@ -0,0 +1,25 @@
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++Version: rpm-4.17.90 (NSS-3)
++
++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
+++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE=
++=WCfs
++-----END PGP PUBLIC KEY BLOCK-----
++
+diff --git a/tests/data/keys/CVE-2021-3521-nosubsig-last.asc b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc
+new file mode 100644
+index 0000000000..aea00f9d7a
+--- /dev/null
++++ b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc
+@@ -0,0 +1,25 @@
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++Version: rpm-4.17.90 (NSS-3)
++
++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
+++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE=
++=WCfs
++-----END PGP PUBLIC KEY BLOCK-----
++
+diff --git a/tests/data/keys/CVE-2021-3521-nosubsig.asc b/tests/data/keys/CVE-2021-3521-nosubsig.asc
+new file mode 100644
+index 0000000000..3a2e7417f8
+--- /dev/null
++++ b/tests/data/keys/CVE-2021-3521-nosubsig.asc
+@@ -0,0 +1,37 @@
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++Version: rpm-4.17.90 (NSS-3)
++
++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
+++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAG5AQ0EWOY5GAEIAKT68NmshdC4
++VcRhOhlXBvZq23NtskkKoPvW+ZlMuxbRDG48pGBtxhjOngriVUGceEWsXww5Q7En
++uRBYglkxkW34ENym0Ji6tsPYfhbbG+dZWKIL4vMIzPOIwlPrXrm558vgkdMM/ELZ
++8WIz3KtzvYubKUk2Qz+96lPXbwnlC/SBFRpBseJC5LoOb/5ZGdR/HeLz1JXiacHF
++v9Nr3cZWqg5yJbDNZKfASdZgC85v3kkvhTtzknl//5wqdAMexbuwiIh2xyxbO+B/
++qqzZFrVmu3sV2Tj5lLZ/9p1qAuEM7ULbixd/ld8yTmYvQ4bBlKv2bmzXtVfF+ymB
++Tm6BzyQEl/MAEQEAAYkBHwQYAQgACQUCWOY5GAIbDAAKCRBDRFkeGWTF/PANB/9j
++mifmj6z/EPe0PJFhrpISt9PjiUQCt0IPtiL5zKAkWjHePIzyi+0kCTBF6DDLFxos
++3vN4bWnVKT1kBhZAQlPqpJTg+m74JUYeDGCdNx9SK7oRllATqyu+5rncgxjWVPnQ
++zu/HRPlWJwcVFYEVXYL8xzfantwQTqefjmcRmBRdA2XJITK+hGWwAmrqAWx+q5xX
++Pa8wkNMxVzNS2rUKO9SoVuJ/wlUvfoShkJ/VJ5HDp3qzUqncADfdGN35TDzscngQ
++gHvnMwVBfYfSCABV1hNByoZcc/kxkrWMmsd/EnIyLd1Q1baKqc3cEDuC6E6/o4yJ
++E4XX4jtDmdZPreZALsiB
++=rRop
++-----END PGP PUBLIC KEY BLOCK-----
++
+diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
+index e1a3ab062a..705fc58705 100644
+--- a/tests/rpmsigdig.at
++++ b/tests/rpmsigdig.at
+@@ -240,6 +240,34 @@ gpg(185e6146f00650f8) = 4:185e6146f00650f8-58e63918
+ [])
+ AT_CLEANUP
+
++AT_SETUP([rpmkeys --import invalid keys])
++AT_KEYWORDS([rpmkeys import])
++RPMDB_INIT
++
++AT_CHECK([
++runroot rpmkeys --import /data/keys/CVE-2021-3521-badbind.asc
++],
++[1],
++[],
++[error: /data/keys/CVE-2021-3521-badbind.asc: key 1 import failed.]
++)
++AT_CHECK([
++runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig.asc
++],
++[1],
++[],
++[error: /data/keys/CVE-2021-3521-nosubsig.asc: key 1 import failed.]
++)
++
++AT_CHECK([
++runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig-last.asc
++],
++[1],
++[],
++[error: /data/keys/CVE-2021-3521-nosubsig-last.asc: key 1 import failed.]
++)
++AT_CLEANUP
++
+ # ------------------------------
+ # Test pre-built package verification
+ AT_SETUP([rpmkeys -K <signed> 1])
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
index 7c03b41fc8..5a347953fa 100644
--- a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
+++ b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb
@@ -24,7 +24,7 @@ HOMEPAGE = "http://www.rpm.org"
LICENSE = "GPL-2.0"
LIC_FILES_CHKSUM = "file://COPYING;md5=c4eec0c20c6034b9407a09945b48a43f"
-SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x \
+SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x;protocol=https \
file://environment.d-rpm.sh \
file://0001-Do-not-add-an-unsatisfiable-dependency-when-building.patch \
file://0001-Do-not-read-config-files-from-HOME.patch \
@@ -40,6 +40,10 @@ SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x \
file://0016-rpmscript.c-change-logging-level-around-scriptlets-t.patch \
file://0001-lib-transaction.c-fix-file-conflicts-for-MIPS64-N32.patch \
file://0001-tools-Add-error.h-for-non-glibc-case.patch \
+ file://0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch \
+ file://0001-CVE-2021-3521.patch \
+ file://0002-CVE-2021-3521.patch \
+ file://0003-CVE-2021-3521.patch \
"
PE = "1"
@@ -58,7 +62,8 @@ AUTOTOOLS_AUXDIR = "${S}/build-aux"
# OE-core patches autoreconf to additionally run gnu-configize, which fails with this recipe
EXTRA_AUTORECONF_append = " --exclude=gnu-configize"
-EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=libgcrypt"
+# Vendor is detected differently on x86 and aarch64 hosts and can feed into target packages
+EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=libgcrypt --with-vendor=pc"
EXTRA_OECONF_append_libc-musl = " --disable-nls --disable-openmp"
# --sysconfdir prevents rpm from attempting to access machine-specific configuration in sysroot/etc; we need to have it in rootfs
diff --git a/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch b/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch
new file mode 100644
index 0000000000..f92f0e1ba6
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch
@@ -0,0 +1,35 @@
+From: Christian Hofstaedtler <zeha@debian.org>
+Date: Tue, 10 Oct 2017 15:04:34 -0300
+Subject: rdoc: build reproducible documentation
+
+- provide a fixed timestamp to the gzip compression
+
+Upstream-Status: Backport [debian]
+
+Signed-off-by: Antonio Terceiro <terceiro@debian.org>
+Signed-off-by: Christian Hofstaedtler <zeha@debian.org>
+---
+ lib/rdoc/generator/json_index.rb | 4 ++--
+ lib/rdoc/rdoc.rb | 2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/lib/rdoc/generator/json_index.rb
++++ b/lib/rdoc/generator/json_index.rb
+@@ -178,7 +178,7 @@
+ debug_msg "Writing gzipped search index to %s" % outfile
+
+ Zlib::GzipWriter.open(outfile) do |gz|
+- gz.mtime = File.mtime(search_index_file)
++ gz.mtime = -1
+ gz.orig_name = search_index_file.basename.to_s
+ gz.write search_index
+ gz.close
+@@ -196,7 +196,7 @@
+ debug_msg "Writing gzipped file to %s" % outfile
+
+ Zlib::GzipWriter.open(outfile) do |gz|
+- gz.mtime = File.mtime(dest)
++ gz.mtime = -1
+ gz.orig_name = dest.basename.to_s
+ gz.write data
+ gz.close
diff --git a/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch b/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch
new file mode 100644
index 0000000000..e0aca0dcfc
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch
@@ -0,0 +1,28 @@
+From: Reiner Herrmann <reiner@reiner-h.de>
+Date: Tue, 10 Oct 2017 15:06:13 -0300
+Subject: lib/mkmf.rb: sort list of object files in generated Makefile
+
+Without sorting the list explicitly, its order is indeterministic,
+because readdir() is also not deterministic.
+When the list of object files varies between builds, they are linked
+in a different order, which results in an unreproducible build.
+
+Upstream-Status: Backport [debian]
+
+Signed-off-by: Antonio Terceiro <terceiro@debian.org>
+Signed-off-by: Reiner Herrmann <reiner@reiner-h.de>
+---
+ lib/mkmf.rb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/lib/mkmf.rb
++++ b/lib/mkmf.rb
+@@ -2315,7 +2315,7 @@
+ LIBS = #{$LIBRUBYARG} #{$libs} #{$LIBS}
+ ORIG_SRCS = #{orig_srcs.collect(&File.method(:basename)).join(' ')}
+ SRCS = $(ORIG_SRCS) #{(srcs - orig_srcs).collect(&File.method(:basename)).join(' ')}
+-OBJS = #{$objs.join(" ")}
++OBJS = #{$objs.sort.join(" ")}
+ HDRS = #{hdrs.map{|h| '$(srcdir)/' + File.basename(h)}.join(' ')}
+ LOCAL_HDRS = #{$headers.join(' ')}
+ TARGET = #{target}
diff --git a/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
new file mode 100644
index 0000000000..b7faa58655
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
@@ -0,0 +1,28 @@
+From: Christian Hofstaedtler <zeha@debian.org>
+Date: Tue, 10 Oct 2017 15:07:11 -0300
+Subject: Mark Gemspec-reproducible change fixing #784225, too
+
+I think the UTC date change will fix the Multi-Arch not-same file issue,
+too.
+
+Upstream-Status: Backport [debian]
+
+Signed-off-by: Antonio Terceiro <terceiro@debian.org>
+Signed-off-by: Christian Hofstaedtler <zeha@debian.org>
+---
+ lib/rubygems/specification.rb | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/lib/rubygems/specification.rb
++++ b/lib/rubygems/specification.rb
+@@ -1695,7 +1695,9 @@
+ raise(Gem::InvalidSpecificationException,
+ "invalid date format in specification: #{date.inspect}")
+ end
+- when Time, DateLike then
++ when Time then
++ Time.utc(date.utc.year, date.utc.month, date.utc.day)
++ when DateLike then
+ Time.utc(date.year, date.month, date.day)
+ else
+ TODAY
diff --git a/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch b/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch
new file mode 100644
index 0000000000..504893b4b4
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch
@@ -0,0 +1,67 @@
+From: Lucas Kanashiro <kanashiro@debian.org>
+Date: Fri, 1 Nov 2019 15:25:17 -0300
+Subject: Make gemspecs reproducible
+
+Without an explicit date, they will get the current date and make the
+build unreproducible
+
+Upstream-Status: Backport [debian]
+
+---
+ ext/bigdecimal/bigdecimal.gemspec | 1 +
+ ext/fiddle/fiddle.gemspec | 1 +
+ ext/io/console/io-console.gemspec | 2 +-
+ lib/ipaddr.gemspec | 1 +
+ lib/rdoc/rdoc.gemspec | 1 +
+ 5 files changed, 5 insertions(+), 1 deletion(-)
+
+--- a/ext/bigdecimal/bigdecimal.gemspec
++++ b/ext/bigdecimal/bigdecimal.gemspec
+@@ -6,6 +6,7 @@
+ s.name = "bigdecimal"
+ s.version = bigdecimal_version
+ s.authors = ["Kenta Murata", "Zachary Scott", "Shigeo Kobayashi"]
++ s.date = RUBY_RELEASE_DATE
+ s.email = ["mrkn@mrkn.jp"]
+
+ s.summary = "Arbitrary-precision decimal floating-point number library."
+--- a/ext/fiddle/fiddle.gemspec
++++ b/ext/fiddle/fiddle.gemspec
+@@ -8,6 +8,7 @@
+ Gem::Specification.new do |spec|
+ spec.name = "fiddle"
+ spec.version = version_module::Fiddle::VERSION
++ spec.date = RUBY_RELEASE_DATE
+ spec.authors = ["Aaron Patterson", "SHIBATA Hiroshi"]
+ spec.email = ["aaron@tenderlovemaking.com", "hsbt@ruby-lang.org"]
+
+--- a/ext/io/console/io-console.gemspec
++++ b/ext/io/console/io-console.gemspec
+@@ -4,6 +4,7 @@
+ Gem::Specification.new do |s|
+ s.name = "io-console"
+ s.version = _VERSION
++ s.date = RUBY_RELEASE_DATE
+ s.summary = "Console interface"
+ s.email = "nobu@ruby-lang.org"
+ s.description = "add console capabilities to IO instances."
+--- a/lib/ipaddr.gemspec
++++ b/lib/ipaddr.gemspec
+@@ -6,6 +6,7 @@
+ Gem::Specification.new do |spec|
+ spec.name = "ipaddr"
+ spec.version = "1.2.2"
++ spec.date = RUBY_RELEASE_DATE
+ spec.authors = ["Akinori MUSHA", "Hajimu UMEMOTO"]
+ spec.email = ["knu@idaemons.org", "ume@mahoroba.org"]
+
+--- a/lib/rdoc/rdoc.gemspec
++++ b/lib/rdoc/rdoc.gemspec
+@@ -7,6 +7,7 @@
+
+ Gem::Specification.new do |s|
+ s.name = "rdoc"
++ s.date = RUBY_RELEASE_DATE
+ s.version = RDoc::VERSION
+
+ s.authors = [
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch
deleted file mode 100644
index 83064e85ab..0000000000
--- a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From b1c73f239fe9af97de837331849f55d67c27561e Mon Sep 17 00:00:00 2001
-From: aycabta <aycabta@gmail.com>
-Date: Sun, 2 May 2021 20:52:23 +0900
-Subject: [PATCH] [ruby/rdoc] Use File.open to fix the OS Command Injection
- vulnerability in CVE-2021-31799
-
-https://github.com/ruby/rdoc/commit/a7f5d6ab88
-
-CVE: CVE-2021-31799
-
-Upstream-Status: Backport[https://github.com/ruby/ruby/commit/b1c73f239fe9af97de837331849f55d67c27561e]
-
-Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
----
- lib/rdoc/rdoc.rb | 2 +-
- test/rdoc/test_rdoc_rdoc.rb | 12 ++++++++++++
- 2 files changed, 13 insertions(+), 1 deletion(-)
-
-diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
-index 680a8612f7..904625f105 100644
---- a/lib/rdoc/rdoc.rb
-+++ b/lib/rdoc/rdoc.rb
-@@ -444,7 +444,7 @@ def remove_unparseable files
- files.reject do |file, *|
- file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or
- (file =~ /tags$/i and
-- open(file, 'rb') { |io|
-+ File.open(file, 'rb') { |io|
- io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/
- })
- end
-diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb
-index 3910dd4656..a83d5a1b88 100644
---- a/test/rdoc/test_rdoc_rdoc.rb
-+++ b/test/rdoc/test_rdoc_rdoc.rb
-@@ -456,6 +456,18 @@ def test_remove_unparseable_tags_vim
- end
- end
-
-+ def test_remove_unparseable_CVE_2021_31799
-+ temp_dir do
-+ file_list = ['| touch evil.txt && echo tags']
-+ file_list.each do |f|
-+ FileUtils.touch f
-+ end
-+
-+ assert_equal file_list, @rdoc.remove_unparseable(file_list)
-+ assert_equal file_list, Dir.children('.')
-+ end
-+ end
-+
- def test_setup_output_dir
- Dir.mktmpdir {|d|
- path = File.join d, 'testdir'
---
-2.17.1
-
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch
deleted file mode 100644
index 69d774e0b7..0000000000
--- a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch
+++ /dev/null
@@ -1,258 +0,0 @@
-From 8cebc092cd18f4cfb669f66018ea8ffc6f408584 Mon Sep 17 00:00:00 2001
-From: Yusuke Endoh <mame@ruby-lang.org>
-Date: Wed, 7 Jul 2021 11:57:15 +0900
-Subject: [PATCH] Ignore IP addresses in PASV responses by default, and add new
- option use_pasv_ip
-
-This fixes CVE-2021-31810.
-Reported by Alexandr Savca.
-
-Co-authored-by: Shugo Maeda <shugo@ruby-lang.org>
-
-CVE: CVE-2021-31810
-
-Upstream-Status: Backport
-[https://github.com/ruby/ruby/commit/bf4d05173c7cf04d8892e4b64508ecf7902717cd]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- lib/net/ftp.rb | 15 +++-
- test/net/ftp/test_ftp.rb | 159 ++++++++++++++++++++++++++++++++++++++-
- 2 files changed, 170 insertions(+), 4 deletions(-)
-
-diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb
-index 88e8655..d6f5cc3 100644
---- a/lib/net/ftp.rb
-+++ b/lib/net/ftp.rb
-@@ -98,6 +98,10 @@ module Net
- # When +true+, the connection is in passive mode. Default: +true+.
- attr_accessor :passive
-
-+ # When +true+, use the IP address in PASV responses. Otherwise, it uses
-+ # the same IP address for the control connection. Default: +false+.
-+ attr_accessor :use_pasv_ip
-+
- # When +true+, all traffic to and from the server is written
- # to +$stdout+. Default: +false+.
- attr_accessor :debug_mode
-@@ -206,6 +210,9 @@ module Net
- # handshake.
- # See Net::FTP#ssl_handshake_timeout for
- # details. Default: +nil+.
-+ # use_pasv_ip:: When +true+, use the IP address in PASV responses.
-+ # Otherwise, it uses the same IP address for the control
-+ # connection. Default: +false+.
- # debug_mode:: When +true+, all traffic to and from the server is
- # written to +$stdout+. Default: +false+.
- #
-@@ -266,6 +273,7 @@ module Net
- @open_timeout = options[:open_timeout]
- @ssl_handshake_timeout = options[:ssl_handshake_timeout]
- @read_timeout = options[:read_timeout] || 60
-+ @use_pasv_ip = options[:use_pasv_ip] || false
- if host
- connect(host, options[:port] || FTP_PORT)
- if options[:username]
-@@ -1371,7 +1379,12 @@ module Net
- raise FTPReplyError, resp
- end
- if m = /\((?<host>\d+(?:,\d+){3}),(?<port>\d+,\d+)\)/.match(resp)
-- return parse_pasv_ipv4_host(m["host"]), parse_pasv_port(m["port"])
-+ if @use_pasv_ip
-+ host = parse_pasv_ipv4_host(m["host"])
-+ else
-+ host = @bare_sock.remote_address.ip_address
-+ end
-+ return host, parse_pasv_port(m["port"])
- else
- raise FTPProtoError, resp
- end
-diff --git a/test/net/ftp/test_ftp.rb b/test/net/ftp/test_ftp.rb
-index 023e794..243d4ad 100644
---- a/test/net/ftp/test_ftp.rb
-+++ b/test/net/ftp/test_ftp.rb
-@@ -61,7 +61,7 @@ class FTPTest < Test::Unit::TestCase
- end
-
- def test_parse227
-- ftp = Net::FTP.new
-+ ftp = Net::FTP.new(nil, use_pasv_ip: true)
- host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
- assert_equal("192.168.0.1", host)
- assert_equal(3106, port)
-@@ -80,6 +80,14 @@ class FTPTest < Test::Unit::TestCase
- assert_raise(Net::FTPProtoError) do
- ftp.send(:parse227, "227 ) foo bar (")
- end
-+
-+ ftp = Net::FTP.new
-+ sock = OpenStruct.new
-+ sock.remote_address = OpenStruct.new
-+ sock.remote_address.ip_address = "10.0.0.1"
-+ ftp.instance_variable_set(:@bare_sock, sock)
-+ host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
-+ assert_equal("10.0.0.1", host)
- end
-
- def test_parse228
-@@ -2474,10 +2482,155 @@ EOF
- end
- end
-
-+ def test_ignore_pasv_ip
-+ commands = []
-+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
-+ server = create_ftp_server(nil, "127.0.0.1") { |sock|
-+ sock.print("220 (test_ftp).\r\n")
-+ commands.push(sock.gets)
-+ sock.print("331 Please specify the password.\r\n")
-+ commands.push(sock.gets)
-+ sock.print("230 Login successful.\r\n")
-+ commands.push(sock.gets)
-+ sock.print("200 Switching to Binary mode.\r\n")
-+ line = sock.gets
-+ commands.push(line)
-+ data_server = TCPServer.new("127.0.0.1", 0)
-+ port = data_server.local_address.ip_port
-+ sock.printf("227 Entering Passive Mode (999,0,0,1,%s).\r\n",
-+ port.divmod(256).join(","))
-+ commands.push(sock.gets)
-+ sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n")
-+ conn = data_server.accept
-+ binary_data.scan(/.{1,1024}/nm) do |s|
-+ conn.print(s)
-+ end
-+ conn.shutdown(Socket::SHUT_WR)
-+ conn.read
-+ conn.close
-+ data_server.close
-+ sock.print("226 Transfer complete.\r\n")
-+ }
-+ begin
-+ begin
-+ ftp = Net::FTP.new
-+ ftp.passive = true
-+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
-+ ftp.connect("127.0.0.1", server.port)
-+ ftp.login
-+ assert_match(/\AUSER /, commands.shift)
-+ assert_match(/\APASS /, commands.shift)
-+ assert_equal("TYPE I\r\n", commands.shift)
-+ buf = ftp.getbinaryfile("foo", nil)
-+ assert_equal(binary_data, buf)
-+ assert_equal(Encoding::ASCII_8BIT, buf.encoding)
-+ assert_equal("PASV\r\n", commands.shift)
-+ assert_equal("RETR foo\r\n", commands.shift)
-+ assert_equal(nil, commands.shift)
-+ ensure
-+ ftp.close if ftp
-+ end
-+ ensure
-+ server.close
-+ end
-+ end
-+
-+ def test_use_pasv_ip
-+ commands = []
-+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
-+ server = create_ftp_server(nil, "127.0.0.1") { |sock|
-+ sock.print("220 (test_ftp).\r\n")
-+ commands.push(sock.gets)
-+ sock.print("331 Please specify the password.\r\n")
-+ commands.push(sock.gets)
-+ sock.print("230 Login successful.\r\n")
-+ commands.push(sock.gets)
-+ sock.print("200 Switching to Binary mode.\r\n")
-+ line = sock.gets
-+ commands.push(line)
-+ data_server = TCPServer.new("127.0.0.1", 0)
-+ port = data_server.local_address.ip_port
-+ sock.printf("227 Entering Passive Mode (127,0,0,1,%s).\r\n",
-+ port.divmod(256).join(","))
-+ commands.push(sock.gets)
-+ sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n")
-+ conn = data_server.accept
-+ binary_data.scan(/.{1,1024}/nm) do |s|
-+ conn.print(s)
-+ end
-+ conn.shutdown(Socket::SHUT_WR)
-+ conn.read
-+ conn.close
-+ data_server.close
-+ sock.print("226 Transfer complete.\r\n")
-+ }
-+ begin
-+ begin
-+ ftp = Net::FTP.new
-+ ftp.passive = true
-+ ftp.use_pasv_ip = true
-+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
-+ ftp.connect("127.0.0.1", server.port)
-+ ftp.login
-+ assert_match(/\AUSER /, commands.shift)
-+ assert_match(/\APASS /, commands.shift)
-+ assert_equal("TYPE I\r\n", commands.shift)
-+ buf = ftp.getbinaryfile("foo", nil)
-+ assert_equal(binary_data, buf)
-+ assert_equal(Encoding::ASCII_8BIT, buf.encoding)
-+ assert_equal("PASV\r\n", commands.shift)
-+ assert_equal("RETR foo\r\n", commands.shift)
-+ assert_equal(nil, commands.shift)
-+ ensure
-+ ftp.close if ftp
-+ end
-+ ensure
-+ server.close
-+ end
-+ end
-+
-+ def test_use_pasv_invalid_ip
-+ commands = []
-+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
-+ server = create_ftp_server(nil, "127.0.0.1") { |sock|
-+ sock.print("220 (test_ftp).\r\n")
-+ commands.push(sock.gets)
-+ sock.print("331 Please specify the password.\r\n")
-+ commands.push(sock.gets)
-+ sock.print("230 Login successful.\r\n")
-+ commands.push(sock.gets)
-+ sock.print("200 Switching to Binary mode.\r\n")
-+ line = sock.gets
-+ commands.push(line)
-+ sock.print("227 Entering Passive Mode (999,0,0,1,48,57).\r\n")
-+ commands.push(sock.gets)
-+ }
-+ begin
-+ begin
-+ ftp = Net::FTP.new
-+ ftp.passive = true
-+ ftp.use_pasv_ip = true
-+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
-+ ftp.connect("127.0.0.1", server.port)
-+ ftp.login
-+ assert_match(/\AUSER /, commands.shift)
-+ assert_match(/\APASS /, commands.shift)
-+ assert_equal("TYPE I\r\n", commands.shift)
-+ assert_raise(SocketError) do
-+ ftp.getbinaryfile("foo", nil)
-+ end
-+ ensure
-+ ftp.close if ftp
-+ end
-+ ensure
-+ server.close
-+ end
-+ end
-+
- private
-
-- def create_ftp_server(sleep_time = nil)
-- server = TCPServer.new(SERVER_ADDR, 0)
-+ def create_ftp_server(sleep_time = nil, addr = SERVER_ADDR)
-+ server = TCPServer.new(addr, 0)
- @thread = Thread.start do
- if sleep_time
- sleep(sleep_time)
---
-2.17.1
-
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch
deleted file mode 100644
index b78a74a4b5..0000000000
--- a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-From e2ac25d0eb66de99f098d6669cf4f06796aa6256 Mon Sep 17 00:00:00 2001
-From: Shugo Maeda <shugo@ruby-lang.org>
-Date: Tue, 11 May 2021 10:31:27 +0900
-Subject: [PATCH] Fix StartTLS stripping vulnerability
-
-This fixes CVE-2021-32066.
-Reported by Alexandr Savca in <https://hackerone.com/reports/1178562>.
-
-CVE: CVE-2021-32066
-
-Upstream-Status: Backport
-[https://github.com/ruby/ruby/commit/e2ac25d0eb66de99f098d6669cf4f06796aa6256]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- lib/net/imap.rb | 8 +++++++-
- test/net/imap/test_imap.rb | 31 +++++++++++++++++++++++++++++++
- 2 files changed, 38 insertions(+), 1 deletion(-)
-
-diff --git a/lib/net/imap.rb b/lib/net/imap.rb
-index 505b4c8950..d45304f289 100644
---- a/lib/net/imap.rb
-+++ b/lib/net/imap.rb
-@@ -1218,12 +1218,14 @@ def get_tagged_response(tag, cmd)
- end
- resp = @tagged_responses.delete(tag)
- case resp.name
-+ when /\A(?:OK)\z/ni
-+ return resp
- when /\A(?:NO)\z/ni
- raise NoResponseError, resp
- when /\A(?:BAD)\z/ni
- raise BadResponseError, resp
- else
-- return resp
-+ raise UnknownResponseError, resp
- end
- end
-
-@@ -3719,6 +3721,10 @@ class BadResponseError < ResponseError
- class ByeResponseError < ResponseError
- end
-
-+ # Error raised upon an unknown response from the server.
-+ class UnknownResponseError < ResponseError
-+ end
-+
- RESPONSE_ERRORS = Hash.new(ResponseError)
- RESPONSE_ERRORS["NO"] = NoResponseError
- RESPONSE_ERRORS["BAD"] = BadResponseError
-diff --git a/test/net/imap/test_imap.rb b/test/net/imap/test_imap.rb
-index 8b924b524e..85fb71d440 100644
---- a/test/net/imap/test_imap.rb
-+++ b/test/net/imap/test_imap.rb
-@@ -127,6 +127,16 @@ def test_starttls
- imap.disconnect
- end
- end
-+
-+ def test_starttls_stripping
-+ starttls_stripping_test do |port|
-+ imap = Net::IMAP.new("localhost", :port => port)
-+ assert_raise(Net::IMAP::UnknownResponseError) do
-+ imap.starttls(:ca_file => CA_FILE)
-+ end
-+ imap
-+ end
-+ end
- end
-
- def start_server
-@@ -834,6 +844,27 @@ def starttls_test
- end
- end
-
-+ def starttls_stripping_test
-+ server = create_tcp_server
-+ port = server.addr[1]
-+ start_server do
-+ sock = server.accept
-+ begin
-+ sock.print("* OK test server\r\n")
-+ sock.gets
-+ sock.print("RUBY0001 BUG unhandled command\r\n")
-+ ensure
-+ sock.close
-+ server.close
-+ end
-+ end
-+ begin
-+ imap = yield(port)
-+ ensure
-+ imap.disconnect if imap && !imap.disconnected?
-+ end
-+ end
-+
- def create_tcp_server
- return TCPServer.new(server_addr, 0)
- end
---
-2.25.1
-
diff --git a/meta/recipes-devtools/ruby/ruby_3.0.1.bb b/meta/recipes-devtools/ruby/ruby_3.0.3.bb
index 4ac7383a97..a781f69534 100644
--- a/meta/recipes-devtools/ruby/ruby_3.0.1.bb
+++ b/meta/recipes-devtools/ruby/ruby_3.0.3.bb
@@ -6,12 +6,13 @@ SRC_URI += " \
file://remove_has_include_macros.patch \
file://run-ptest \
file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \
- file://CVE-2021-31810.patch \
- file://CVE-2021-32066.patch \
- file://CVE-2021-31799.patch \
+ file://0003-rdoc-build-reproducible-documentation.patch \
+ file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \
+ file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \
+ file://0006-Make-gemspecs-reproducible.patch \
"
-SRC_URI[sha256sum] = "369825db2199f6aeef16b408df6a04ebaddb664fb9af0ec8c686b0ce7ab77727"
+SRC_URI[sha256sum] = "3586861cb2df56970287f0fd83f274bd92058872d830d15570b36def7f1a92ac"
PACKAGECONFIG ??= ""
PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
@@ -77,8 +78,6 @@ do_install_ptest () {
-i ${D}${PTEST_PATH}/test/erb/test_erb_command.rb
cp -r ${S}/include ${D}/${libdir}/ruby/
- test_case_rb=`grep rubygems/test_case.rb ${B}/.installed.list`
- sed -i -e 's:../../../test/:../../../ptest/test/:g' ${D}/$test_case_rb
}
PACKAGES =+ "${PN}-ri-docs ${PN}-rdoc"
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch
new file mode 100644
index 0000000000..d01b5c6871
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch
@@ -0,0 +1,135 @@
+The commit is required by the fix for CVE-2021-41072.
+
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/80b8441]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 80b8441a37fcf8bf07dacf24d9d6c6459a0f6e36 Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sun, 12 Sep 2021 19:58:19 +0100
+Subject: [PATCH] unsquashfs: use squashfs_closedir() to delete directory
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/unsquash-1.c | 3 +--
+ squashfs-tools/unsquash-1234.c | 11 +++++++++--
+ squashfs-tools/unsquash-2.c | 3 +--
+ squashfs-tools/unsquash-3.c | 3 +--
+ squashfs-tools/unsquash-4.c | 3 +--
+ squashfs-tools/unsquashfs.c | 7 -------
+ squashfs-tools/unsquashfs.h | 1 +
+ 7 files changed, 14 insertions(+), 17 deletions(-)
+
+diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c
+index acba821..7598499 100644
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -373,8 +373,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ return dir;
+
+ corrupted:
+- free(dir->dirs);
+- free(dir);
++ squashfs_closedir(dir);
+ return NULL;
+ }
+
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+index c2d4f42..0c8dfbb 100644
+--- a/squashfs-tools/unsquash-1234.c
++++ b/squashfs-tools/unsquash-1234.c
+@@ -25,8 +25,8 @@
+ * unsquash-4.
+ */
+
+-#define TRUE 1
+-#define FALSE 0
++#include "unsquashfs.h"
++
+ /*
+ * Check name for validity, name should not
+ * - be ".", "./", or
+@@ -56,3 +56,10 @@ int check_name(char *name, int size)
+
+ return TRUE;
+ }
++
++
++void squashfs_closedir(struct dir *dir)
++{
++ free(dir->dirs);
++ free(dir);
++}
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index 0746b3d..86f62ba 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -465,8 +465,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ return dir;
+
+ corrupted:
+- free(dir->dirs);
+- free(dir);
++ squashfs_closedir(dir);
+ return NULL;
+ }
+
+diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c
+index 094caaa..c04aa9e 100644
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -499,8 +499,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ return dir;
+
+ corrupted:
+- free(dir->dirs);
+- free(dir);
++ squashfs_closedir(dir);
+ return NULL;
+ }
+
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index 3a1b9e1..ff62dcc 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -436,8 +436,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse
+ return dir;
+
+ corrupted:
+- free(dir->dirs);
+- free(dir);
++ squashfs_closedir(dir);
+ return NULL;
+ }
+
+diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
+index 7b590bd..04be53c 100644
+--- a/squashfs-tools/unsquashfs.c
++++ b/squashfs-tools/unsquashfs.c
+@@ -1350,13 +1350,6 @@ unsigned int *offset, unsigned int *type)
+ }
+
+
+-void squashfs_closedir(struct dir *dir)
+-{
+- free(dir->dirs);
+- free(dir);
+-}
+-
+-
+ char *get_component(char *target, char **targname)
+ {
+ char *start;
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index 2e9201c..5ecb2ab 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -291,4 +291,5 @@ extern long long *alloc_index_table(int);
+
+ /* unsquash-1234.c */
+ extern int check_name(char *, int);
++extern void squashfs_closedir(struct dir *);
+ #endif
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch
new file mode 100644
index 0000000000..0b80d07b3b
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch
@@ -0,0 +1,109 @@
+The commit is required by the fix for CVE-2021-41072. Update context for
+version 4.4.
+
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/1993a4e]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 1993a4e7aeda04962bf26e84c15fba8b58837e10 Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sun, 12 Sep 2021 20:09:13 +0100
+Subject: [PATCH] unsquashfs: dynamically allocate name
+
+Dynamically allocate name rather than store it
+directly in structure.
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/unsquash-1.c | 2 +-
+ squashfs-tools/unsquash-1234.c | 5 +++++
+ squashfs-tools/unsquash-2.c | 2 +-
+ squashfs-tools/unsquash-3.c | 2 +-
+ squashfs-tools/unsquash-4.c | 2 +-
+ squashfs-tools/unsquashfs.h | 2 +-
+ 6 files changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c
+index 7598499..d0121c6 100644
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -303,7 +303,7 @@ static struct dir *squashfs_opendir(unsi
+ "realloc failed!\n");
+ dir->dirs = new_dir;
+ }
+- strcpy(dir->dirs[dir->dir_count].name, dire->name);
++ dir->dirs[dir->dir_count].name = strdup(dire->name);
+ dir->dirs[dir->dir_count].start_block =
+ dirh.start_block;
+ dir->dirs[dir->dir_count].offset = dire->offset;
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+index 0c8dfbb..ac46d9d 100644
+--- a/squashfs-tools/unsquash-1234.c
++++ b/squashfs-tools/unsquash-1234.c
+@@ -60,6 +60,11 @@ int check_name(char *name, int size)
+
+ void squashfs_closedir(struct dir *dir)
+ {
++ int i;
++
++ for(i = 0; i < dir->dir_count; i++)
++ free(dir->dirs[i].name);
++
+ free(dir->dirs);
+ free(dir);
+ }
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index 86f62ba..e847980 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -404,7 +404,7 @@ static struct dir *squashfs_opendir(unsi
+ "realloc failed!\n");
+ dir->dirs = new_dir;
+ }
+- strcpy(dir->dirs[dir->dir_count].name, dire->name);
++ dir->dirs[dir->dir_count].name = strdup(dire->name);
+ dir->dirs[dir->dir_count].start_block =
+ dirh.start_block;
+ dir->dirs[dir->dir_count].offset = dire->offset;
+diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c
+index c04aa9e..8223f27 100644
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -431,7 +431,7 @@ static struct dir *squashfs_opendir(unsi
+ "realloc failed!\n");
+ dir->dirs = new_dir;
+ }
+- strcpy(dir->dirs[dir->dir_count].name, dire->name);
++ dir->dirs[dir->dir_count].name = strdup(dire->name);
+ dir->dirs[dir->dir_count].start_block =
+ dirh.start_block;
+ dir->dirs[dir->dir_count].offset = dire->offset;
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index ff62dcc..1e199a7 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -367,7 +367,7 @@ static struct dir *squashfs_opendir(unsi
+ "realloc failed!\n");
+ dir->dirs = new_dir;
+ }
+- strcpy(dir->dirs[dir->dir_count].name, dire->name);
++ dir->dirs[dir->dir_count].name = strdup(dire->name);
+ dir->dirs[dir->dir_count].start_block =
+ dirh.start_block;
+ dir->dirs[dir->dir_count].offset = dire->offset;
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index 5ecb2ab..583fbe4 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -165,7 +165,7 @@ struct queue {
+ #define DIR_ENT_SIZE 16
+
+ struct dir_ent {
+- char name[SQUASHFS_NAME_LEN + 1];
++ char *name;
+ unsigned int start_block;
+ unsigned int offset;
+ unsigned int type;
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch
new file mode 100644
index 0000000000..fad5898f13
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch
@@ -0,0 +1,330 @@
+The commit is required by the fix for CVE-2021-41072. Update context for
+version 4.4.
+
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/9938154]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 9938154174756ee48a94ea0b076397a2944b028d Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sun, 12 Sep 2021 22:58:11 +0100
+Subject: [PATCH] unsquashfs: use linked list to store directory names
+
+This should bring higher performance, and it allows sorting
+if necessary (1.x and 2.0 filesystems).
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/unsquash-1.c | 30 +++++++++++++++---------------
+ squashfs-tools/unsquash-1234.c | 12 ++++++++----
+ squashfs-tools/unsquash-2.c | 29 +++++++++++++++--------------
+ squashfs-tools/unsquash-3.c | 29 +++++++++++++++--------------
+ squashfs-tools/unsquash-4.c | 29 +++++++++++++++--------------
+ squashfs-tools/unsquashfs.c | 16 ++++++++++------
+ squashfs-tools/unsquashfs.h | 3 ++-
+ 7 files changed, 80 insertions(+), 68 deletions(-)
+
+diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c
+index d0121c6..b604434 100644
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -207,7 +207,7 @@ static struct dir *squashfs_opendir(unsi
+ long long start;
+ int bytes;
+ int dir_count, size;
+- struct dir_ent *new_dir;
++ struct dir_ent *ent, *cur_ent = NULL;
+ struct dir *dir;
+
+ TRACE("squashfs_opendir: inode start block %d, offset %d\n",
+@@ -220,7 +220,7 @@ static struct dir *squashfs_opendir(unsi
+ EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n");
+
+ dir->dir_count = 0;
+- dir->cur_entry = 0;
++ dir->cur_entry = NULL;
+ dir->mode = (*i)->mode;
+ dir->uid = (*i)->uid;
+ dir->guid = (*i)->gid;
+@@ -295,19 +295,20 @@ static struct dir *squashfs_opendir(unsi
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+- if((dir->dir_count % DIR_ENT_SIZE) == 0) {
+- new_dir = realloc(dir->dirs, (dir->dir_count +
+- DIR_ENT_SIZE) * sizeof(struct dir_ent));
+- if(new_dir == NULL)
+- EXIT_UNSQUASH("squashfs_opendir: "
+- "realloc failed!\n");
+- dir->dirs = new_dir;
+- }
+- dir->dirs[dir->dir_count].name = strdup(dire->name);
+- dir->dirs[dir->dir_count].start_block =
+- dirh.start_block;
+- dir->dirs[dir->dir_count].offset = dire->offset;
+- dir->dirs[dir->dir_count].type = dire->type;
++ ent = malloc(sizeof(struct dir_ent));
++ if(ent == NULL)
++ MEM_ERROR();
++
++ ent->name = strdup(dire->name);
++ ent->start_block = dirh.start_block;
++ ent->offset = dire->offset;
++ ent->type = dire->type;
++ ent->next = NULL;
++ if(cur_ent == NULL)
++ dir->dirs = ent;
++ else
++ cur_ent->next = ent;
++ cur_ent = ent;
+ dir->dir_count ++;
+ bytes += dire->size + 1;
+ }
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+index ac46d9d..e389f8d 100644
+--- a/squashfs-tools/unsquash-1234.c
++++ b/squashfs-tools/unsquash-1234.c
+@@ -60,11 +60,15 @@ int check_name(char *name, int size)
+
+ void squashfs_closedir(struct dir *dir)
+ {
+- int i;
++ struct dir_ent *ent = dir->dirs;
+
+- for(i = 0; i < dir->dir_count; i++)
+- free(dir->dirs[i].name);
++ while(ent) {
++ struct dir_ent *tmp = ent;
++
++ ent = ent->next;
++ free(tmp->name);
++ free(tmp);
++ }
+
+- free(dir->dirs);
+ free(dir);
+ }
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index e847980..956f96f 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -308,7 +308,7 @@ static struct dir *squashfs_opendir(unsi
+ long long start;
+ int bytes;
+ int dir_count, size;
+- struct dir_ent *new_dir;
++ struct dir_ent *ent, *cur_ent = NULL;
+ struct dir *dir;
+
+ TRACE("squashfs_opendir: inode start block %d, offset %d\n",
+@@ -321,7 +321,7 @@ static struct dir *squashfs_opendir(unsi
+ EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n");
+
+ dir->dir_count = 0;
+- dir->cur_entry = 0;
++ dir->cur_entry = NULL;
+ dir->mode = (*i)->mode;
+ dir->uid = (*i)->uid;
+ dir->guid = (*i)->gid;
+@@ -396,19 +396,20 @@ static struct dir *squashfs_opendir(unsi
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+- if((dir->dir_count % DIR_ENT_SIZE) == 0) {
+- new_dir = realloc(dir->dirs, (dir->dir_count +
+- DIR_ENT_SIZE) * sizeof(struct dir_ent));
+- if(new_dir == NULL)
+- EXIT_UNSQUASH("squashfs_opendir: "
+- "realloc failed!\n");
+- dir->dirs = new_dir;
+- }
+- dir->dirs[dir->dir_count].name = strdup(dire->name);
+- dir->dirs[dir->dir_count].start_block =
+- dirh.start_block;
+- dir->dirs[dir->dir_count].offset = dire->offset;
+- dir->dirs[dir->dir_count].type = dire->type;
++ ent = malloc(sizeof(struct dir_ent));
++ if(ent == NULL)
++ MEM_ERROR();
++
++ ent->name = strdup(dire->name);
++ ent->start_block = dirh.start_block;
++ ent->offset = dire->offset;
++ ent->type = dire->type;
++ ent->next = NULL;
++ if(cur_ent == NULL)
++ dir->dirs = ent;
++ else
++ cur_ent->next = ent;
++ cur_ent = ent;
+ dir->dir_count ++;
+ bytes += dire->size + 1;
+ }
+diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c
+index 8223f27..835a574 100644
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -334,7 +334,7 @@ static struct dir *squashfs_opendir(unsi
+ long long start;
+ int bytes;
+ int dir_count, size;
+- struct dir_ent *new_dir;
++ struct dir_ent *ent, *cur_ent = NULL;
+ struct dir *dir;
+
+ TRACE("squashfs_opendir: inode start block %d, offset %d\n",
+@@ -347,7 +347,7 @@ static struct dir *squashfs_opendir(unsi
+ EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n");
+
+ dir->dir_count = 0;
+- dir->cur_entry = 0;
++ dir->cur_entry = NULL;
+ dir->mode = (*i)->mode;
+ dir->uid = (*i)->uid;
+ dir->guid = (*i)->gid;
+@@ -423,19 +423,20 @@ static struct dir *squashfs_opendir(unsi
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+- if((dir->dir_count % DIR_ENT_SIZE) == 0) {
+- new_dir = realloc(dir->dirs, (dir->dir_count +
+- DIR_ENT_SIZE) * sizeof(struct dir_ent));
+- if(new_dir == NULL)
+- EXIT_UNSQUASH("squashfs_opendir: "
+- "realloc failed!\n");
+- dir->dirs = new_dir;
+- }
+- dir->dirs[dir->dir_count].name = strdup(dire->name);
+- dir->dirs[dir->dir_count].start_block =
+- dirh.start_block;
+- dir->dirs[dir->dir_count].offset = dire->offset;
+- dir->dirs[dir->dir_count].type = dire->type;
++ ent = malloc(sizeof(struct dir_ent));
++ if(ent == NULL)
++ MEM_ERROR();
++
++ ent->name = strdup(dire->name);
++ ent->start_block = dirh.start_block;
++ ent->offset = dire->offset;
++ ent->type = dire->type;
++ ent->next = NULL;
++ if(cur_ent == NULL)
++ dir->dirs = ent;
++ else
++ cur_ent->next = ent;
++ cur_ent = ent;
+ dir->dir_count ++;
+ bytes += dire->size + 1;
+ }
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index 1e199a7..694783d 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -281,7 +281,7 @@ static struct dir *squashfs_opendir(unsi
+ long long start;
+ long long bytes;
+ int dir_count, size;
+- struct dir_ent *new_dir;
++ struct dir_ent *ent, *cur_ent = NULL;
+ struct dir *dir;
+
+ TRACE("squashfs_opendir: inode start block %d, offset %d\n",
+@@ -294,7 +294,7 @@ static struct dir *squashfs_opendir(unsi
+ EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n");
+
+ dir->dir_count = 0;
+- dir->cur_entry = 0;
++ dir->cur_entry = NULL;
+ dir->mode = (*i)->mode;
+ dir->uid = (*i)->uid;
+ dir->guid = (*i)->gid;
+@@ -359,19 +359,20 @@ static struct dir *squashfs_opendir(unsi
+ TRACE("squashfs_opendir: directory entry %s, inode "
+ "%d:%d, type %d\n", dire->name,
+ dirh.start_block, dire->offset, dire->type);
+- if((dir->dir_count % DIR_ENT_SIZE) == 0) {
+- new_dir = realloc(dir->dirs, (dir->dir_count +
+- DIR_ENT_SIZE) * sizeof(struct dir_ent));
+- if(new_dir == NULL)
+- EXIT_UNSQUASH("squashfs_opendir: "
+- "realloc failed!\n");
+- dir->dirs = new_dir;
+- }
+- dir->dirs[dir->dir_count].name = strdup(dire->name);
+- dir->dirs[dir->dir_count].start_block =
+- dirh.start_block;
+- dir->dirs[dir->dir_count].offset = dire->offset;
+- dir->dirs[dir->dir_count].type = dire->type;
++ ent = malloc(sizeof(struct dir_ent));
++ if(ent == NULL)
++ MEM_ERROR();
++
++ ent->name = strdup(dire->name);
++ ent->start_block = dirh.start_block;
++ ent->offset = dire->offset;
++ ent->type = dire->type;
++ ent->next = NULL;
++ if(cur_ent == NULL)
++ dir->dirs = ent;
++ else
++ cur_ent->next = ent;
++ cur_ent = ent;
+ dir->dir_count ++;
+ bytes += dire->size + 1;
+ }
+diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
+index 04be53c..fee28ec 100644
+--- a/squashfs-tools/unsquashfs.c
++++ b/squashfs-tools/unsquashfs.c
+@@ -1277,14 +1277,18 @@ failed:
+ int squashfs_readdir(struct dir *dir, char **name, unsigned int *start_block,
+ unsigned int *offset, unsigned int *type)
+ {
+- if(dir->cur_entry == dir->dir_count)
++ if(dir->cur_entry == NULL)
++ dir->cur_entry = dir->dirs;
++ else
++ dir->cur_entry = dir->cur_entry->next;
++
++ if(dir->cur_entry == NULL)
+ return FALSE;
+
+- *name = dir->dirs[dir->cur_entry].name;
+- *start_block = dir->dirs[dir->cur_entry].start_block;
+- *offset = dir->dirs[dir->cur_entry].offset;
+- *type = dir->dirs[dir->cur_entry].type;
+- dir->cur_entry ++;
++ *name = dir->cur_entry->name;
++ *start_block = dir->cur_entry->start_block;
++ *offset = dir->cur_entry->offset;
++ *type = dir->cur_entry->type;
+
+ return TRUE;
+ }
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index 583fbe4..f8cf78c 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -169,17 +169,18 @@ struct dir_ent {
+ unsigned int start_block;
+ unsigned int offset;
+ unsigned int type;
++ struct dir_ent *next;
+ };
+
+ struct dir {
+ int dir_count;
+- int cur_entry;
+ unsigned int mode;
+ uid_t uid;
+ gid_t guid;
+ unsigned int mtime;
+ unsigned int xattr;
+ struct dir_ent *dirs;
++ struct dir_ent *cur_entry;
+ };
+
+ struct file_entry {
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch
new file mode 100644
index 0000000000..29ec3bbeab
--- /dev/null
+++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch
@@ -0,0 +1,316 @@
+CVE: CVE-2021-41072
+Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/e048580]
+
+Backport commit to fix CVE-2021-41072. And squash a follow-up fix for
+CVE-2021-41072 from upstream:
+https://github.com/plougher/squashfs-tools/commit/19fcc93
+
+Update context for version 4.4.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From e0485802ec72996c20026da320650d8362f555bd Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <phillip@squashfs.org.uk>
+Date: Sun, 12 Sep 2021 23:50:06 +0100
+Subject: [PATCH] Unsquashfs: additional write outside destination directory
+ exploit fix
+
+An issue on github (https://github.com/plougher/squashfs-tools/issues/72)
+showed how some specially crafted Squashfs filesystems containing
+invalid file names (with '/' and '..') can cause Unsquashfs to write
+files outside of the destination directory.
+
+Since then it has been shown that specially crafted Squashfs filesystems
+that contain a symbolic link pointing outside of the destination directory,
+coupled with an identically named file within the same directory, can
+cause Unsquashfs to write files outside of the destination directory.
+
+Specifically the symbolic link produces a pathname pointing outside
+of the destination directory, which is then followed when writing the
+duplicate identically named file within the directory.
+
+This commit fixes this exploit by explictly checking for duplicate
+filenames within a directory. As directories in v2.1, v3.x, and v4.0
+filesystems are sorted, this is achieved by checking for consecutively
+identical filenames. Additionally directories are checked to
+ensure they are sorted, to avoid attempts to evade the duplicate
+check.
+
+Version 1.x and 2.0 filesystems (where the directories were unsorted)
+are sorted and then the above duplicate filename check is applied.
+
+Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
+---
+ squashfs-tools/Makefile | 6 +-
+ squashfs-tools/unsquash-1.c | 6 ++
+ squashfs-tools/unsquash-12.c | 110 +++++++++++++++++++++++++++++++++
+ squashfs-tools/unsquash-1234.c | 21 +++++++
+ squashfs-tools/unsquash-2.c | 16 +++++
+ squashfs-tools/unsquash-3.c | 6 ++
+ squashfs-tools/unsquash-4.c | 6 ++
+ squashfs-tools/unsquashfs.h | 4 ++
+ 8 files changed, 173 insertions(+), 2 deletions(-)
+ create mode 100644 squashfs-tools/unsquash-12.c
+
+diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile
+index 7262a2e..1b544ed 100755
+--- a/squashfs-tools/Makefile
++++ b/squashfs-tools/Makefile
+@@ -156,8 +156,8 @@ MKSQUASHFS_OBJS = mksquashfs.o read_fs.o
+ caches-queues-lists.o
+
+ UNSQUASHFS_OBJS = unsquashfs.o unsquash-1.o unsquash-2.o unsquash-3.o \
+- unsquash-4.o unsquash-123.o unsquash-34.o unsquash-1234.o swap.o \
+- compressor.o unsquashfs_info.o
++ unsquash-4.o unsquash-123.o unsquash-34.o unsquash-1234.o unsquash-12.o \
++ swap.o compressor.o unsquashfs_info.o
+
+ CFLAGS ?= -O2
+ CFLAGS += $(EXTRA_CFLAGS) $(INCLUDEDIR) -D_FILE_OFFSET_BITS=64 \
+@@ -353,6 +353,8 @@ unsquash-34.o: unsquashfs.h unsquash-34.c unsquashfs_error.h
+
+ unsquash-1234.o: unsquash-1234.c
+
++unsquash-12.o: unsquash-12.c unsquashfs.h
++
+ unsquashfs_xattr.o: unsquashfs_xattr.c unsquashfs.h squashfs_fs.h xattr.h
+
+ unsquashfs_info.o: unsquashfs.h squashfs_fs.h
+--- a/squashfs-tools/unsquash-1.c
++++ b/squashfs-tools/unsquash-1.c
+@@ -314,6 +314,12 @@ static struct dir *squashfs_opendir(unsi
+ }
+ }
+
++ /* check directory for duplicate names. Need to sort directory first */
++ sort_directory(dir);
++ if(check_directory(dir) == FALSE) {
++ ERROR("File system corrupted: directory has duplicate names\n");
++ goto corrupted;
++ }
+ return dir;
+
+ corrupted:
+diff --git a/squashfs-tools/unsquash-12.c b/squashfs-tools/unsquash-12.c
+new file mode 100644
+index 0000000..61bf128
+--- /dev/null
++++ b/squashfs-tools/unsquash-12.c
+@@ -0,0 +1,110 @@
++/*
++ * Unsquash a squashfs filesystem. This is a highly compressed read only
++ * filesystem.
++ *
++ * Copyright (c) 2021
++ * Phillip Lougher <phillip@squashfs.org.uk>
++ *
++ * This program is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU General Public License
++ * as published by the Free Software Foundation; either version 2,
++ * or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
++ *
++ * unsquash-12.c
++ *
++ * Helper functions used by unsquash-1 and unsquash-2.
++ */
++
++#include "unsquashfs.h"
++
++/*
++ * Bottom up linked list merge sort.
++ *
++ */
++void sort_directory(struct dir *dir)
++{
++ struct dir_ent *cur, *l1, *l2, *next;
++ int len1, len2, stride = 1;
++
++ if(dir->dir_count < 2)
++ return;
++
++ /*
++ * We can consider our linked-list to be made up of stride length
++ * sublists. Eacn iteration around this loop merges adjacent
++ * stride length sublists into larger 2*stride sublists. We stop
++ * when stride becomes equal to the entire list.
++ *
++ * Initially stride = 1 (by definition a sublist of 1 is sorted), and
++ * these 1 element sublists are merged into 2 element sublists, which
++ * are then merged into 4 element sublists and so on.
++ */
++ do {
++ l2 = dir->dirs; /* head of current linked list */
++ cur = NULL; /* empty output list */
++
++ /*
++ * Iterate through the linked list, merging adjacent sublists.
++ * On each interation l2 points to the next sublist pair to be
++ * merged (if there's only one sublist left this is simply added
++ * to the output list)
++ */
++ while(l2) {
++ l1 = l2;
++ for(len1 = 0; l2 && len1 < stride; len1 ++, l2 = l2->next);
++ len2 = stride;
++
++ /*
++ * l1 points to first sublist.
++ * l2 points to second sublist.
++ * Merge them onto the output list
++ */
++ while(len1 && l2 && len2) {
++ if(strcmp(l1->name, l2->name) <= 0) {
++ next = l1;
++ l1 = l1->next;
++ len1 --;
++ } else {
++ next = l2;
++ l2 = l2->next;
++ len2 --;
++ }
++
++ if(cur) {
++ cur->next = next;
++ cur = next;
++ } else
++ dir->dirs = cur = next;
++ }
++ /*
++ * One sublist is now empty, copy the other one onto the
++ * output list
++ */
++ for(; len1; len1 --, l1 = l1->next) {
++ if(cur) {
++ cur->next = l1;
++ cur = l1;
++ } else
++ dir->dirs = cur = l1;
++ }
++ for(; l2 && len2; len2 --, l2 = l2->next) {
++ if(cur) {
++ cur->next = l2;
++ cur = l2;
++ } else
++ dir->dirs = cur = l2;
++ }
++ }
++ cur->next = NULL;
++ stride = stride << 1;
++ } while(stride < dir->dir_count);
++}
+diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
+index e389f8d..98a81ed 100644
+--- a/squashfs-tools/unsquash-1234.c
++++ b/squashfs-tools/unsquash-1234.c
+@@ -72,3 +72,24 @@ void squashfs_closedir(struct dir *dir)
+
+ free(dir);
+ }
++
++
++/*
++ * Check directory for duplicate names. As the directory should be sorted,
++ * duplicates will be consecutive. Obviously we also need to check if the
++ * directory has been deliberately unsorted, to evade this check.
++ */
++int check_directory(struct dir *dir)
++{
++ int i;
++ struct dir_ent *ent;
++
++ if(dir->dir_count < 2)
++ return TRUE;
++
++ for(ent = dir->dirs, i = 0; i < dir->dir_count - 1; ent = ent->next, i++)
++ if(strcmp(ent->name, ent->next->name) >= 0)
++ return FALSE;
++
++ return TRUE;
++}
+diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c
+index 956f96f..0e36f7d 100644
+--- a/squashfs-tools/unsquash-2.c
++++ b/squashfs-tools/unsquash-2.c
+@@ -29,6 +29,7 @@ static squashfs_fragment_entry_2 *fragme
+ static unsigned int *uid_table, *guid_table;
+ static char *inode_table, *directory_table;
+ static squashfs_operations ops;
++static int needs_sorting = FALSE;
+
+ static void read_block_list(unsigned int *block_list, char *block_ptr, int blocks)
+ {
+@@ -415,6 +416,17 @@ static struct dir *squashfs_opendir(unsi
+ }
+ }
+
++ if(needs_sorting)
++ sort_directory(dir);
++
++ /* check directory for duplicate names and sorting */
++ if(check_directory(dir) == FALSE) {
++ if(needs_sorting)
++ ERROR("File system corrupted: directory has duplicate names\n");
++ else
++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n");
++ goto corrupted;
++ }
+ return dir;
+
+ corrupted:
+--- a/squashfs-tools/unsquash-3.c
++++ b/squashfs-tools/unsquash-3.c
+@@ -442,6 +442,12 @@ static struct dir *squashfs_opendir(unsi
+ }
+ }
+
++ /* check directory for duplicate names and sorting */
++ if(check_directory(dir) == FALSE) {
++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n");
++ goto corrupted;
++ }
++
+ return dir;
+
+ corrupted:
+diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
+index 694783d..c615bb8 100644
+--- a/squashfs-tools/unsquash-4.c
++++ b/squashfs-tools/unsquash-4.c
+@@ -378,6 +378,12 @@ static struct dir *squashfs_opendir(unsi
+ }
+ }
+
++ /* check directory for duplicate names and sorting */
++ if(check_directory(dir) == FALSE) {
++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n");
++ goto corrupted;
++ }
++
+ return dir;
+
+ corrupted:
+diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
+index f8cf78c..bf2a80d 100644
+--- a/squashfs-tools/unsquashfs.h
++++ b/squashfs-tools/unsquashfs.h
+@@ -266,4 +266,8 @@ extern long long *alloc_index_table(int)
+ /* unsquash-1234.c */
+ extern int check_name(char *, int);
+ extern void squashfs_closedir(struct dir *);
++extern int check_directory(struct dir *);
++
++/* unsquash-12.c */
++extern void sort_directory(struct dir *);
+ #endif
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
index 083e597b03..caa5417ed0 100644
--- a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
+++ b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb
@@ -9,9 +9,13 @@ LIC_FILES_CHKSUM = "file://../COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
PV = "4.4"
SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67"
-SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \
+SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https;branch=master \
file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2 \
file://CVE-2021-40153.patch;striplevel=2 \
+ file://CVE-2021-41072-requisite-1.patch;striplevel=2 \
+ file://CVE-2021-41072-requisite-2.patch;striplevel=2 \
+ file://CVE-2021-41072-requisite-3.patch;striplevel=2 \
+ file://CVE-2021-41072.patch;striplevel=2 \
"
S = "${WORKDIR}/git/squashfs-tools"
diff --git a/meta/recipes-devtools/strace/strace/run-ptest b/meta/recipes-devtools/strace/strace/run-ptest
index 3a51fb0be9..02bb91e07f 100755
--- a/meta/recipes-devtools/strace/strace/run-ptest
+++ b/meta/recipes-devtools/strace/strace/run-ptest
@@ -1,6 +1,15 @@
#!/bin/sh
+
+set -u
+
export TIMEOUT_DURATION=240
chown nobody tests
chown nobody tests/*
chown nobody ../ptest
+
su nobody -c "make -B -C tests -k test-suite.log"
+res=$?
+if [ $res -ne 0 ]; then
+ cat tests/test-suite.log
+fi
+exit $res
diff --git a/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb b/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb
index 905a0cbb72..44f0c8c8f2 100644
--- a/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb
+++ b/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb
@@ -8,7 +8,7 @@ LICENSE = "LGPLv2.1 & GPLv2"
LIC_FILES_CHKSUM = "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c \
file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe"
-SRC_URI = "git://github.com/systemd/systemd-bootchart.git;protocol=https \
+SRC_URI = "git://github.com/systemd/systemd-bootchart.git;protocol=https;branch=master \
file://0001-architecture-Recognise-RISCV-32-RISCV-64.patch \
file://mips64.patch \
file://no_lto.patch \
diff --git a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
index a143b09656..7f790c9dbb 100644
--- a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
+++ b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
@@ -10,7 +10,7 @@ SRCREV = "a022ef2f1acfd9209a1bf792dda14ae4b0d1b60f"
PV = "1.7.0+git${SRCPV}"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))"
-SRC_URI = "git://git.eclipse.org/r/tcf/org.eclipse.tcf.agent.git;protocol=https \
+SRC_URI = "git://git.eclipse.org/r/tcf/org.eclipse.tcf.agent.git;protocol=https;branch=master \
file://fix_ranlib.patch \
file://ldflags.patch \
file://tcf-agent.init \
diff --git a/meta/recipes-devtools/unfs3/unfs3_git.bb b/meta/recipes-devtools/unfs3/unfs3_git.bb
index a21fb58397..06148005cf 100644
--- a/meta/recipes-devtools/unfs3/unfs3_git.bb
+++ b/meta/recipes-devtools/unfs3/unfs3_git.bb
@@ -14,7 +14,7 @@ DEPENDS_append_class-nativesdk = " flex-nativesdk"
ASNEEDED = ""
S = "${WORKDIR}/git"
-SRC_URI = "git://github.com/unfs3/unfs3.git;protocol=https \
+SRC_URI = "git://github.com/unfs3/unfs3.git;protocol=https;branch=master \
file://unfs3_parallel_build.patch \
file://alternate_rpc_ports.patch \
file://fix_pid_race_parent_writes_child_pid.patch \
@@ -37,7 +37,7 @@ BBCLASSEXTEND = "native nativesdk"
inherit autotools
EXTRA_OECONF_append_class-native = " --sbindir=${bindir}"
CFLAGS_append = " -I${STAGING_INCDIR}/tirpc"
-LDFLAGS_append = " -ltirpc"
+EXTRA_OECONF_append = " LIBS=-ltirpc"
# Turn off these header detects else the inode search
# will walk entire file systems and this is a real problem
diff --git a/meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb b/meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb
index 523bf33f42..3869abee59 100644
--- a/meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb
+++ b/meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb
@@ -8,7 +8,7 @@ LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=4e5d1baf6f20559e3bec172226a47e4e \
file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 "
-SRC_URI = "git://github.com/asciidoc/asciidoc-py3;protocol=https;branch=9.x"
+SRC_URI = "git://github.com/asciidoc/asciidoc-py;protocol=https;branch=9.x"
SRCREV = "9705d428439530104ce55d0ba12e8ef9d1b57ad1"
DEPENDS = "libxml2-native libxslt-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native"
diff --git a/meta/recipes-extended/bzip2/bzip2_1.0.8.bb b/meta/recipes-extended/bzip2/bzip2_1.0.8.bb
index 70eb67f1f2..d2f34449b3 100644
--- a/meta/recipes-extended/bzip2/bzip2_1.0.8.bb
+++ b/meta/recipes-extended/bzip2/bzip2_1.0.8.bb
@@ -22,7 +22,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;endline=37;md5=600af43c50f1fcb82e
"
SRC_URI = "https://sourceware.org/pub/${BPN}/${BPN}-${PV}.tar.gz \
- git://sourceware.org/git/bzip2-tests.git;name=bzip2-tests \
+ git://sourceware.org/git/bzip2-tests.git;name=bzip2-tests;branch=master \
file://configure.ac;subdir=${BP} \
file://Makefile.am;subdir=${BP} \
file://run-ptest \
diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index beee614828..a667d1a142 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -44,7 +44,7 @@ PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'zeroconf', 'avahi',
PACKAGECONFIG[avahi] = "--enable-avahi,--disable-avahi,avahi"
PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl"
PACKAGECONFIG[pam] = "--enable-pam --with-pam-module=unix, --disable-pam, libpam"
-PACKAGECONFIG[systemd] = "--with-systemd=${systemd_system_unitdir},--without-systemd,systemd"
+PACKAGECONFIG[systemd] = "--with-systemd=${systemd_system_unitdir},--disable-systemd,systemd"
PACKAGECONFIG[xinetd] = "--with-xinetd=${sysconfdir}/xinetd.d,--without-xinetd,xinetd"
EXTRA_OECONF = " \
diff --git a/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch b/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch
new file mode 100644
index 0000000000..44bdfbba35
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch
@@ -0,0 +1,238 @@
+From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Tue, 7 Sep 2021 20:36:12 +0100
+Subject: [PATCH] Bug 704342: Include device specifier strings in access
+ validation
+
+for the "%pipe%", %handle%" and %printer% io devices.
+
+We previously validated only the part after the "%pipe%" Postscript device
+specifier, but this proved insufficient.
+
+This rebuilds the original file name string, and validates it complete. The
+slight complication for "%pipe%" is it can be reached implicitly using
+"|" so we have to check both prefixes.
+
+Addresses CVE-2021-3781
+
+CVE: CVE-2021-3781
+
+Upstream-Status: Backport (http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a9bd3dec9fde03327a4a2c69dad1036bf9632e20)
+
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+---
+ base/gdevpipe.c | 22 +++++++++++++++-
+ base/gp_mshdl.c | 11 +++++++-
+ base/gp_msprn.c | 10 ++++++-
+ base/gp_os2pr.c | 13 +++++++++-
+ base/gslibctx.c | 69 ++++++++++---------------------------------------
+ 5 files changed, 65 insertions(+), 60 deletions(-)
+
+diff --git a/base/gdevpipe.c b/base/gdevpipe.c
+index 96d71f5d8..5bdc485be 100644
+--- a/base/gdevpipe.c
++++ b/base/gdevpipe.c
+@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
+ #else
+ gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
+ gs_fs_list_t *fs = ctx->core->fs;
++ /* The pipe device can be reached in two ways, explicltly with %pipe%
++ or implicitly with "|", so we have to check for both
++ */
++ char f[gp_file_name_sizeof];
++ const char *pipestr = "|";
++ const size_t pipestrlen = strlen(pipestr);
++ const size_t preflen = strlen(iodev->dname);
++ const size_t nlen = strlen(fname);
++ int code1;
++
++ if (preflen + nlen >= gp_file_name_sizeof)
++ return_error(gs_error_invalidaccess);
++
++ memcpy(f, iodev->dname, preflen);
++ memcpy(f + preflen, fname, nlen + 1);
++
++ code1 = gp_validate_path(mem, f, access);
++
++ memcpy(f, pipestr, pipestrlen);
++ memcpy(f + pipestrlen, fname, nlen + 1);
+
+- if (gp_validate_path(mem, fname, access) != 0)
++ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
+ return gs_error_invalidfileaccess;
+
+ /*
+diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
+index 2b964ed74..8d87ceadc 100644
+--- a/base/gp_mshdl.c
++++ b/base/gp_mshdl.c
+@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
+ long hfile; /* Correct for Win32, may be wrong for Win64 */
+ gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
+ gs_fs_list_t *fs = ctx->core->fs;
++ char f[gp_file_name_sizeof];
++ const size_t preflen = strlen(iodev->dname);
++ const size_t nlen = strlen(fname);
+
+- if (gp_validate_path(mem, fname, access) != 0)
++ if (preflen + nlen >= gp_file_name_sizeof)
++ return_error(gs_error_invalidaccess);
++
++ memcpy(f, iodev->dname, preflen);
++ memcpy(f + preflen, fname, nlen + 1);
++
++ if (gp_validate_path(mem, f, access) != 0)
+ return gs_error_invalidfileaccess;
+
+ /* First we try the open_handle method. */
+diff --git a/base/gp_msprn.c b/base/gp_msprn.c
+index ed4827968..746a974f7 100644
+--- a/base/gp_msprn.c
++++ b/base/gp_msprn.c
+@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
+ uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
+ gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
+ gs_fs_list_t *fs = ctx->core->fs;
++ const size_t preflen = strlen(iodev->dname);
++ const size_t nlen = strlen(fname);
+
+- if (gp_validate_path(mem, fname, access) != 0)
++ if (preflen + nlen >= gp_file_name_sizeof)
++ return_error(gs_error_invalidaccess);
++
++ memcpy(pname, iodev->dname, preflen);
++ memcpy(pname + preflen, fname, nlen + 1);
++
++ if (gp_validate_path(mem, pname, access) != 0)
+ return gs_error_invalidfileaccess;
+
+ /* First we try the open_printer method. */
+diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
+index f852c71fc..ba54cde66 100644
+--- a/base/gp_os2pr.c
++++ b/base/gp_os2pr.c
+@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
+ FILE ** pfile, char *rfname, uint rnamelen)
+ {
+ os2_printer_t *pr = (os2_printer_t *)iodev->state;
+- char driver_name[256];
++ char driver_name[gp_file_name_sizeof];
+ gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
+ gs_fs_list_t *fs = ctx->core->fs;
++ const size_t preflen = strlen(iodev->dname);
++ const int size_t = strlen(fname);
++
++ if (preflen + nlen >= gp_file_name_sizeof)
++ return_error(gs_error_invalidaccess);
++
++ memcpy(driver_name, iodev->dname, preflen);
++ memcpy(driver_name + preflen, fname, nlen + 1);
++
++ if (gp_validate_path(mem, driver_name, access) != 0)
++ return gs_error_invalidfileaccess;
+
+ /* First we try the open_printer method. */
+ /* Note that the loop condition here ensures we don't
+diff --git a/base/gslibctx.c b/base/gslibctx.c
+index 6dfed6cd5..318039fad 100644
+--- a/base/gslibctx.c
++++ b/base/gslibctx.c
+@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
+ int
+ gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
+ {
+- char *fp, f[gp_file_name_sizeof];
+- const int pipe = 124; /* ASCII code for '|' */
+- const int len = strlen(fname);
+- int i, code;
++ char f[gp_file_name_sizeof];
++ int code;
+
+ /* Be sure the string copy will fit */
+- if (len >= gp_file_name_sizeof)
++ if (strlen(fname) >= gp_file_name_sizeof)
+ return gs_error_rangecheck;
+ strcpy(f, fname);
+- fp = f;
+ /* Try to rewrite any %d (or similar) in the string */
+ rewrite_percent_specifiers(f);
+- for (i = 0; i < len; i++) {
+- if (f[i] == pipe) {
+- fp = &f[i + 1];
+- /* Because we potentially have to check file permissions at two levels
+- for the output file (gx_device_open_output_file and the low level
+- fopen API, if we're using a pipe, we have to add both the full string,
+- (including the '|', and just the command to which we pipe - since at
+- the pipe_fopen(), the leading '|' has been stripped.
+- */
+- code = gs_add_control_path(mem, gs_permit_file_writing, f);
+- if (code < 0)
+- return code;
+- code = gs_add_control_path(mem, gs_permit_file_control, f);
+- if (code < 0)
+- return code;
+- break;
+- }
+- if (!IS_WHITESPACE(f[i]))
+- break;
+- }
+- code = gs_add_control_path(mem, gs_permit_file_control, fp);
++
++ code = gs_add_control_path(mem, gs_permit_file_control, f);
+ if (code < 0)
+ return code;
+- return gs_add_control_path(mem, gs_permit_file_writing, fp);
++ return gs_add_control_path(mem, gs_permit_file_writing, f);
+ }
+
+ int
+ gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
+ {
+- char *fp, f[gp_file_name_sizeof];
+- const int pipe = 124; /* ASCII code for '|' */
+- const int len = strlen(fname);
+- int i, code;
++ char f[gp_file_name_sizeof];
++ int code;
+
+ /* Be sure the string copy will fit */
+- if (len >= gp_file_name_sizeof)
++ if (strlen(fname) >= gp_file_name_sizeof)
+ return gs_error_rangecheck;
+ strcpy(f, fname);
+- fp = f;
+ /* Try to rewrite any %d (or similar) in the string */
+- for (i = 0; i < len; i++) {
+- if (f[i] == pipe) {
+- fp = &f[i + 1];
+- /* Because we potentially have to check file permissions at two levels
+- for the output file (gx_device_open_output_file and the low level
+- fopen API, if we're using a pipe, we have to add both the full string,
+- (including the '|', and just the command to which we pipe - since at
+- the pipe_fopen(), the leading '|' has been stripped.
+- */
+- code = gs_remove_control_path(mem, gs_permit_file_writing, f);
+- if (code < 0)
+- return code;
+- code = gs_remove_control_path(mem, gs_permit_file_control, f);
+- if (code < 0)
+- return code;
+- break;
+- }
+- if (!IS_WHITESPACE(f[i]))
+- break;
+- }
+- code = gs_remove_control_path(mem, gs_permit_file_control, fp);
++ rewrite_percent_specifiers(f);
++
++ code = gs_remove_control_path(mem, gs_permit_file_control, f);
+ if (code < 0)
+ return code;
+- return gs_remove_control_path(mem, gs_permit_file_writing, fp);
++ return gs_remove_control_path(mem, gs_permit_file_writing, f);
+ }
+
+ int
+--
+2.33.0
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch
new file mode 100644
index 0000000000..f312f89e04
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch
@@ -0,0 +1,65 @@
+From 6643ff0cb837db3eade489ffff21e3e92eee2ae0 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Fri, 28 Jan 2022 08:21:19 +0000
+Subject: [PATCH] [PATCH] Bug 703902: Fix op stack management in
+ sampled_data_continue()
+
+Replace pop() (which does no checking, and doesn't handle stack extension
+blocks) with ref_stack_pop() which does do all that.
+
+We still use pop() in one case (it's faster), but we have to later use
+ref_stack_pop() before calling sampled_data_sample() which also accesses the
+op stack.
+
+Fixes:
+https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675
+
+Upstream-Status: Backported [https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=2a3129365d3bc0d4a41f107ef175920d1505d1f7]
+CVE: CVE-2021-45949
+Signed-off-by: Minjae Kim <flowergom@gmail.com>
+---
+ psi/zfsample.c | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/psi/zfsample.c b/psi/zfsample.c
+index 0023fa4..f84671f 100644
+--- a/psi/zfsample.c
++++ b/psi/zfsample.c
+@@ -534,14 +534,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ data_ptr[bps * i + j] = (byte)(cv >> ((bps - 1 - j) * 8)); /* MSB first */
+ }
+ pop(num_out); /* Move op to base of result values */
+-
++ /* From here on, we have to use ref_stack_pop() rather than pop()
++ so that it handles stack extension blocks properly, before calling
++ sampled_data_sample() which also uses the op stack.
++ */
+ /* Check if we are done collecting data. */
+
+ if (increment_cube_indexes(params, penum->indexes)) {
+ if (stack_depth_adjust == 0)
+- pop(O_STACK_PAD); /* Remove spare stack space */
++ ref_stack_pop(&o_stack, O_STACK_PAD); /* Remove spare stack space */
+ else
+- pop(stack_depth_adjust - num_out);
++ ref_stack_pop(&o_stack, stack_depth_adjust - num_out);
+ /* Execute the closing procedure, if given */
+ code = 0;
+ if (esp_finish_proc != 0)
+@@ -554,11 +557,11 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
+ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
+ check_op(stack_depth_adjust);
+- pop(stack_depth_adjust);
++ ref_stack_pop(&o_stack, stack_depth_adjust);
+ }
+ else {
+ check_ostack(O_STACK_PAD - stack_depth_adjust);
+- push(O_STACK_PAD - stack_depth_adjust);
++ ref_stack_push(&o_stack, O_STACK_PAD - stack_depth_adjust);
+ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
+ make_null(op - i);
+ }
+--
+2.17.1
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch b/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch
new file mode 100644
index 0000000000..722bab4ddb
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch
@@ -0,0 +1,51 @@
+From 7861fcad13c497728189feafb41cd57b5b50ea25 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Fri, 12 Feb 2021 10:34:23 +0000
+Subject: [PATCH] oss-fuzz 30715: Check stack limits after function evaluation.
+
+During function result sampling, after the callout to the Postscript
+interpreter, make sure there is enough stack space available before pushing
+or popping entries.
+
+In thise case, the Postscript procedure for the "function" is totally invalid
+(as a function), and leaves the op stack in an unrecoverable state (as far as
+function evaluation is concerned). We end up popping more entries off the
+stack than are available.
+
+To cope, add in stack limit checking to throw an appropriate error when this
+happens.
+
+Upstream-Status: Backported [https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=7861fcad13c497728189feafb41cd57b5b50ea25]
+Signed-off-by: Minjae Kim <flowergom@gmail.com>
+---
+ psi/zfsample.c | 14 +++++++++++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/psi/zfsample.c b/psi/zfsample.c
+index 290809405..652ae02c6 100644
+--- a/psi/zfsample.c
++++ b/psi/zfsample.c
+@@ -551,9 +551,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
+ } else {
+ if (stack_depth_adjust) {
+ stack_depth_adjust -= num_out;
+- push(O_STACK_PAD - stack_depth_adjust);
+- for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
+- make_null(op - i);
++ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
++ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
++ check_op(stack_depth_adjust);
++ pop(stack_depth_adjust);
++ }
++ else {
++ check_ostack(O_STACK_PAD - stack_depth_adjust);
++ push(O_STACK_PAD - stack_depth_adjust);
++ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
++ make_null(op - i);
++ }
+ }
+ }
+
+--
+2.25.1
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb
index 35826c2549..958a88e968 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb
@@ -33,6 +33,9 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
file://do-not-check-local-libpng-source.patch \
file://avoid-host-contamination.patch \
file://mkdir-p.patch \
+ file://0001-Bug-704342-Include-device-specifier-strings-in-acces.patch \
+ file://check-stack-limits-after-function-evalution.patch \
+ file://CVE-2021-45949.patch \
"
SRC_URI = "${SRC_URI_BASE} \
diff --git a/meta/recipes-extended/go-examples/go-helloworld_0.1.bb b/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
index c51f163e9b..3b738f82e7 100644
--- a/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
+++ b/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
@@ -5,7 +5,7 @@ HOMEPAGE = "https://golang.org/"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
-SRC_URI = "git://${GO_IMPORT}"
+SRC_URI = "git://${GO_IMPORT};branch=master;protocol=https"
SRCREV = "46695d81d1fae905a270fb7db8a4d11a334562fe"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-extended/iputils/iputils_s20200821.bb b/meta/recipes-extended/iputils/iputils_s20200821.bb
index e43abf2629..dd541d4d48 100644
--- a/meta/recipes-extended/iputils/iputils_s20200821.bb
+++ b/meta/recipes-extended/iputils/iputils_s20200821.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390"
DEPENDS = "gnutls"
-SRC_URI = "git://github.com/iputils/iputils \
+SRC_URI = "git://github.com/iputils/iputils;branch=master;protocol=https \
file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \
"
SRCREV = "23c3782ae0c7f9c6ae59dbed8ad9204f8758542b"
diff --git a/meta/recipes-extended/libaio/libaio_0.3.112.bb b/meta/recipes-extended/libaio/libaio_0.3.112.bb
index b3606474a5..3892f3244e 100644
--- a/meta/recipes-extended/libaio/libaio_0.3.112.bb
+++ b/meta/recipes-extended/libaio/libaio_0.3.112.bb
@@ -5,7 +5,7 @@ HOMEPAGE = "http://lse.sourceforge.net/io/aio.html"
LICENSE = "LGPLv2.1+"
LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499"
-SRC_URI = "git://pagure.io/libaio.git;protocol=https \
+SRC_URI = "git://pagure.io/libaio.git;protocol=https;branch=master \
file://00_arches.patch \
file://libaio_fix_for_mips_syscalls.patch \
file://system-linkage.patch \
diff --git a/meta/recipes-extended/libarchive/libarchive_3.5.1.bb b/meta/recipes-extended/libarchive/libarchive_3.5.3.bb
index 1387b69066..92bb223784 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.5.1.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.5.3.bb
@@ -34,7 +34,7 @@ EXTRA_OECONF += "--enable-largefile"
SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz"
-SRC_URI[sha256sum] = "9015d109ec00bb9ae1a384b172bf2fc1dff41e2c66e5a9eeddf933af9db37f5a"
+SRC_URI[sha256sum] = "72788e5f58d16febddfa262a5215e05fc9c79f2670f641ac039e6df44330ef51"
inherit autotools update-alternatives pkgconfig
diff --git a/meta/recipes-extended/libnsl/libnsl2_git.bb b/meta/recipes-extended/libnsl/libnsl2_git.bb
index badb71d977..0690d4cd3b 100644
--- a/meta/recipes-extended/libnsl/libnsl2_git.bb
+++ b/meta/recipes-extended/libnsl/libnsl2_git.bb
@@ -14,7 +14,7 @@ PV = "1.3.0"
SRCREV = "fbad7b36acaa89a54023930af70805649f962999"
-SRC_URI = "git://github.com/thkukuk/libnsl \
+SRC_URI = "git://github.com/thkukuk/libnsl;branch=master;protocol=https \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-extended/libnss-nis/libnss-nis.bb b/meta/recipes-extended/libnss-nis/libnss-nis.bb
index a1d914e871..984cc98fc2 100644
--- a/meta/recipes-extended/libnss-nis/libnss-nis.bb
+++ b/meta/recipes-extended/libnss-nis/libnss-nis.bb
@@ -17,7 +17,7 @@ PV = "3.1+git${SRCPV}"
SRCREV = "062f31999b35393abf7595cb89dfc9590d5a42ad"
-SRC_URI = "git://github.com/thkukuk/libnss_nis \
+SRC_URI = "git://github.com/thkukuk/libnss_nis;branch=master;protocol=https \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-extended/libsolv/libsolv_0.7.17.bb b/meta/recipes-extended/libsolv/libsolv_0.7.17.bb
index fa6e8a3c4d..2b5da4d932 100644
--- a/meta/recipes-extended/libsolv/libsolv_0.7.17.bb
+++ b/meta/recipes-extended/libsolv/libsolv_0.7.17.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.BSD;md5=62272bd11c97396d4aaf1c41bc11f7d8"
DEPENDS = "expat zlib"
-SRC_URI = "git://github.com/openSUSE/libsolv.git \
+SRC_URI = "git://github.com/openSUSE/libsolv.git;branch=master;protocol=https \
"
SRCREV = "4bc791c0d235eb14bfe4c5da607206bfdfa6983d"
diff --git a/meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch b/meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch
new file mode 100644
index 0000000000..f4e93d1065
--- /dev/null
+++ b/meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch
@@ -0,0 +1,97 @@
+Upstream-Status: Backport
+CVE: CVE-2022-22707
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From 27103f3f8b1a2857aa45b889e775435f7daf141f Mon Sep 17 00:00:00 2001
+From: povcfe <povcfe@qq.com>
+Date: Wed, 5 Jan 2022 11:11:09 +0000
+Subject: [PATCH] [mod_extforward] fix out-of-bounds (OOB) write (fixes #3134)
+
+(thx povcfe)
+
+(edited: gstrauss)
+
+There is a potential remote denial of service in lighttpd mod_extforward
+under specific, non-default and uncommon 32-bit lighttpd mod_extforward
+configurations.
+
+Under specific, non-default and uncommon lighttpd mod_extforward
+configurations, a remote attacker can trigger a 4-byte out-of-bounds
+write of value '-1' to the stack. This is not believed to be exploitable
+in any way beyond triggering a crash of the lighttpd server on systems
+where the lighttpd server has been built 32-bit and with compiler flags
+which enable a stack canary -- gcc/clang -fstack-protector-strong or
+-fstack-protector-all, but bug not visible with only -fstack-protector.
+
+With standard lighttpd builds using -O2 optimization on 64-bit x86_64,
+this bug has not been observed to cause adverse behavior, even with
+gcc/clang -fstack-protector-strong.
+
+For the bug to be reachable, the user must be using a non-default
+lighttpd configuration which enables mod_extforward and configures
+mod_extforward to accept and parse the "Forwarded" header from a trusted
+proxy. At this time, support for RFC7239 Forwarded is not common in CDN
+providers or popular web server reverse proxies. It bears repeating that
+for the user to desire to configure lighttpd mod_extforward to accept
+"Forwarded", the user must also be using a trusted proxy (in front of
+lighttpd) which understands and actively modifies the "Forwarded" header
+sent to lighttpd.
+
+lighttpd natively supports RFC7239 "Forwarded"
+hiawatha natively supports RFC7239 "Forwarded"
+
+nginx can be manually configured to add a "Forwarded" header
+https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/
+
+A 64-bit build of lighttpd on x86_64 (not known to be affected by bug)
+in front of another 32-bit lighttpd will detect and reject a malicious
+"Forwarded" request header, thereby thwarting an attempt to trigger
+this bug in an upstream 32-bit lighttpd.
+
+The following servers currently do not natively support RFC7239 Forwarded:
+nginx
+apache2
+caddy
+node.js
+haproxy
+squid
+varnish-cache
+litespeed
+
+Given the general dearth of support for RFC7239 Forwarded in popular
+CDNs and web server reverse proxies, and given the prerequisites in
+lighttpd mod_extforward needed to reach this bug, the number of lighttpd
+servers vulnerable to this bug is estimated to be vanishingly small.
+Large systems using reverse proxies are likely running 64-bit lighttpd,
+which is not known to be adversely affected by this bug.
+
+In the future, it is desirable for more servers to implement RFC7239
+Forwarded. lighttpd developers would like to thank povcfe for reporting
+this bug so that it can be fixed before more CDNs and web servers
+implement RFC7239 Forwarded.
+
+x-ref:
+ "mod_extforward plugin has out-of-bounds (OOB) write of 4-byte -1"
+ https://redmine.lighttpd.net/issues/3134
+ (not yet written or published)
+ CVE-2022-22707
+---
+ src/mod_extforward.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/mod_extforward.c b/src/mod_extforward.c
+index ba957e04..fdaef7f6 100644
+--- a/src/mod_extforward.c
++++ b/src/mod_extforward.c
+@@ -715,7 +715,7 @@ static handler_t mod_extforward_Forwarded (request_st * const r, plugin_data * c
+ while (s[i] == ' ' || s[i] == '\t') ++i;
+ if (s[i] == ';') { ++i; continue; }
+ if (s[i] == ',') {
+- if (j >= (int)(sizeof(offsets)/sizeof(int))) break;
++ if (j >= (int)(sizeof(offsets)/sizeof(int))-1) break;
+ offsets[++j] = -1; /*("offset" separating params from next proxy)*/
+ ++i;
+ continue;
+--
+2.25.1
+
diff --git a/meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb b/meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb
index cf7f478915..73443f77b4 100644
--- a/meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb
+++ b/meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb
@@ -14,6 +14,7 @@ RRECOMMENDS_${PN} = "lighttpd-module-access \
lighttpd-module-accesslog"
SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.tar.xz \
+ file://0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch \
file://index.html.lighttpd \
file://lighttpd.conf \
file://lighttpd \
diff --git a/meta/recipes-extended/ltp/ltp_20210121.bb b/meta/recipes-extended/ltp/ltp_20210121.bb
index 17adbf43f0..e816244f8c 100644
--- a/meta/recipes-extended/ltp/ltp_20210121.bb
+++ b/meta/recipes-extended/ltp/ltp_20210121.bb
@@ -33,7 +33,7 @@ SRCREV = "4d005621edd109d119627eb9210b224a63bf22cb"
PR = "r4"
HASHEQUIV_HASH_VERSION .= ".4"
-SRC_URI = "git://github.com/linux-test-project/ltp.git \
+SRC_URI = "git://github.com/linux-test-project/ltp.git;branch=master;protocol=https \
file://0001-build-Add-option-to-select-libc-implementation.patch \
file://0007-Fix-test_proc_kill-hanging.patch \
file://0001-Add-more-musl-exclusions.patch \
diff --git a/meta/recipes-extended/mc/files/0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch b/meta/recipes-extended/mc/files/0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch
new file mode 100644
index 0000000000..408473664f
--- /dev/null
+++ b/meta/recipes-extended/mc/files/0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch
@@ -0,0 +1,87 @@
+From e7bbf72544ab62db9c92bfe7bd1155227e78c621 Mon Sep 17 00:00:00 2001
+From: Andrew Borodin <aborodin@vmail.ru>
+Date: Sat, 28 Aug 2021 11:46:53 +0300
+Subject: [PATCH] Ticket #4200: fix FTBFS with ncurses build with
+ --disable-widec.
+
+Upstream-Status: Accepted [https://github.com/MidnightCommander/mc/commit/e7bbf72544]
+Signed-off-by: Andrew Borodin <aborodin@vmail.ru>
+---
+ lib/tty/tty-ncurses.c | 8 ++++++++
+ lib/tty/tty-ncurses.h | 5 +++++
+ lib/tty/tty-slang.h | 2 ++
+ src/filemanager/boxes.c | 2 ++
+ 4 files changed, 17 insertions(+)
+
+diff --git a/lib/tty/tty-ncurses.c b/lib/tty/tty-ncurses.c
+index f619c0a7bf31..13058a624208 100644
+--- a/lib/tty/tty-ncurses.c
++++ b/lib/tty/tty-ncurses.c
+@@ -560,6 +560,7 @@ tty_fill_region (int y, int x, int rows, int cols, unsigned char ch)
+ void
+ tty_colorize_area (int y, int x, int rows, int cols, int color)
+ {
++#ifdef ENABLE_SHADOWS
+ cchar_t *ctext;
+ wchar_t wch[10]; /* TODO not sure if the length is correct */
+ attr_t attrs;
+@@ -585,6 +586,13 @@ tty_colorize_area (int y, int x, int rows, int cols, int color)
+ }
+
+ g_free (ctext);
++#else
++ (void) y;
++ (void) x;
++ (void) rows;
++ (void) cols;
++ (void) color;
++#endif /* ENABLE_SHADOWS */
+ }
+
+ /* --------------------------------------------------------------------------------------------- */
+diff --git a/lib/tty/tty-ncurses.h b/lib/tty/tty-ncurses.h
+index d75df9533ab9..8feb17ccd045 100644
+--- a/lib/tty/tty-ncurses.h
++++ b/lib/tty/tty-ncurses.h
+@@ -30,6 +30,11 @@
+ #define NCURSES_CONST const
+ #endif
+
++/* do not draw shadows if NCurses is built with --disable-widec */
++#if defined(NCURSES_WIDECHAR) && NCURSES_WIDECHAR
++#define ENABLE_SHADOWS 1
++#endif
++
+ /*** typedefs(not structures) and defined constants **********************************************/
+
+ /*** enums ***************************************************************************************/
+diff --git a/lib/tty/tty-slang.h b/lib/tty/tty-slang.h
+index 5b12c6512853..eeaade388af4 100644
+--- a/lib/tty/tty-slang.h
++++ b/lib/tty/tty-slang.h
+@@ -23,6 +23,8 @@
+ #define COLS SLtt_Screen_Cols
+ #define LINES SLtt_Screen_Rows
+
++#define ENABLE_SHADOWS 1
++
+ /*** enums ***************************************************************************************/
+
+ enum
+diff --git a/src/filemanager/boxes.c b/src/filemanager/boxes.c
+index 3eb525be4a9b..98df5ff2ed9a 100644
+--- a/src/filemanager/boxes.c
++++ b/src/filemanager/boxes.c
+@@ -280,7 +280,9 @@ appearance_box_callback (Widget * w, Widget * sender, widget_msg_t msg, int parm
+ switch (msg)
+ {
+ case MSG_INIT:
++#ifdef ENABLE_SHADOWS
+ if (!tty_use_colors ())
++#endif
+ {
+ Widget *shadow;
+
+--
+2.34.1
+
diff --git a/meta/recipes-extended/mc/mc_4.8.26.bb b/meta/recipes-extended/mc/mc_4.8.26.bb
index 6bc7e6e8e1..906778400e 100644
--- a/meta/recipes-extended/mc/mc_4.8.26.bb
+++ b/meta/recipes-extended/mc/mc_4.8.26.bb
@@ -12,6 +12,7 @@ SRC_URI = "http://www.midnight-commander.org/downloads/${BPN}-${PV}.tar.bz2 \
file://0001-mc-replace-perl-w-with-use-warnings.patch \
file://nomandate.patch \
file://CVE-2021-36370.patch \
+ file://0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch \
"
SRC_URI[sha256sum] = "9d6358d0a351a455a1410aab57f33b6b48b0fcf31344b9a10b0ff497595979d1"
@@ -24,7 +25,9 @@ PACKAGECONFIG ??= ""
PACKAGECONFIG[smb] = "--enable-vfs-smb,--disable-vfs-smb,samba,"
PACKAGECONFIG[sftp] = "--enable-vfs-sftp,--disable-vfs-sftp,libssh2,"
-CFLAGS_append_libc-musl = ' -DNCURSES_WIDECHAR=1 '
+# enable NCURSES_WIDECHAR=1 only if ENABLE_WIDEC has not been explicitly disabled (e.g. by the distro config).
+# When compiling against the ncurses library, NCURSES_WIDECHAR needs to explicitly set to 0 in this case.
+CFLAGS_append_libc-musl = "${@' -DNCURSES_WIDECHAR=1' if bb.utils.to_boolean((d.getVar('ENABLE_WIDEC') or 'True')) else ' -DNCURSES_WIDECHAR=0'}"
EXTRA_OECONF = "--with-screen=ncurses --without-gpm-mouse --without-x --disable-configure-args"
CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl'"
diff --git a/meta/recipes-extended/net-tools/net-tools_2.10.bb b/meta/recipes-extended/net-tools/net-tools_2.10.bb
index de4a715971..2dafe96356 100644
--- a/meta/recipes-extended/net-tools/net-tools_2.10.bb
+++ b/meta/recipes-extended/net-tools/net-tools_2.10.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://ifconfig.c;beginline=11;endline=15;md5=d1ca372080ad5401e23ca0afc35cf9ba"
SRCREV = "80d7b95067f1f22fece9537dea6dff53081f4886"
-SRC_URI = "git://git.code.sf.net/p/net-tools/code;protocol=https \
+SRC_URI = "git://git.code.sf.net/p/net-tools/code;protocol=https;branch=master \
file://net-tools-config.h \
file://net-tools-config.make \
file://Add_missing_headers.patch \
diff --git a/meta/recipes-extended/newt/libnewt_0.52.21.bb b/meta/recipes-extended/newt/libnewt_0.52.21.bb
index 88b4cf4a03..3d35a17c92 100644
--- a/meta/recipes-extended/newt/libnewt_0.52.21.bb
+++ b/meta/recipes-extended/newt/libnewt_0.52.21.bb
@@ -29,7 +29,7 @@ SRC_URI[sha256sum] = "265eb46b55d7eaeb887fca7a1d51fe115658882dfe148164b6c49fccac
S = "${WORKDIR}/newt-${PV}"
-inherit autotools-brokensep python3native python3-dir
+inherit autotools-brokensep python3native python3-dir python3targetconfig
EXTRA_OECONF = "--without-tcl --with-python"
diff --git a/meta/recipes-extended/pigz/files/0001-Fix-bug-when-combining-l-with-d.patch b/meta/recipes-extended/pigz/files/0001-Fix-bug-when-combining-l-with-d.patch
new file mode 100644
index 0000000000..9c301f2054
--- /dev/null
+++ b/meta/recipes-extended/pigz/files/0001-Fix-bug-when-combining-l-with-d.patch
@@ -0,0 +1,50 @@
+From 65986f3d12d434b9bc428ceb6fcb1f6eeeb2c47d Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Mon, 17 Jan 2022 15:36:56 +0800
+Subject: [PATCH] Fix bug when combining -l with -d.
+
+Though it makes no sense to do pigz -ld, that is implicit when
+doing unpigz -l. This commit fixes a bug for that combination.
+
+Upstream-Status: Backport [https://github.com/madler/pigz/commit/326bba44aa102c707dd6ebcd2fc3f413b3119db0]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ pigz.c | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/pigz.c b/pigz.c
+index f90157f..d648216 100644
+--- a/pigz.c
++++ b/pigz.c
+@@ -4007,6 +4007,13 @@ local void process(char *path) {
+ }
+ SET_BINARY_MODE(g.ind);
+
++ // if requested, just list information about the input file
++ if (g.list && g.decode != 2) {
++ list_info();
++ load_end();
++ return;
++ }
++
+ // if decoding or testing, try to read gzip header
+ if (g.decode) {
+ in_init();
+@@ -4048,13 +4055,6 @@ local void process(char *path) {
+ }
+ }
+
+- // if requested, just list information about input file
+- if (g.list) {
+- list_info();
+- load_end();
+- return;
+- }
+-
+ // create output file out, descriptor outd
+ if (path == NULL || g.pipeout) {
+ // write to stdout
+--
+2.17.1
+
diff --git a/meta/recipes-extended/pigz/pigz_2.6.bb b/meta/recipes-extended/pigz/pigz_2.6.bb
index 05be9b733f..5c0aab55a7 100644
--- a/meta/recipes-extended/pigz/pigz_2.6.bb
+++ b/meta/recipes-extended/pigz/pigz_2.6.bb
@@ -8,7 +8,8 @@ SECTION = "console/utils"
LICENSE = "Zlib & Apache-2.0"
LIC_FILES_CHKSUM = "file://pigz.c;md5=9ae6dee8ceba9610596ed0ada493d142;beginline=7;endline=21"
-SRC_URI = "http://zlib.net/${BPN}/fossils/${BP}.tar.gz"
+SRC_URI = "http://zlib.net/${BPN}/fossils/${BP}.tar.gz \
+ file://0001-Fix-bug-when-combining-l-with-d.patch"
SRC_URI[sha256sum] = "2eed7b0d7449d1d70903f2a62cd6005d262eb3a8c9e98687bc8cbb5809db2a7d"
PROVIDES_class-native += "gzip-native"
diff --git a/meta/recipes-extended/procps/procps_3.3.17.bb b/meta/recipes-extended/procps/procps_3.3.17.bb
index c74a901d9a..9fd3db196d 100644
--- a/meta/recipes-extended/procps/procps_3.3.17.bb
+++ b/meta/recipes-extended/procps/procps_3.3.17.bb
@@ -12,7 +12,7 @@ DEPENDS = "ncurses"
inherit autotools gettext pkgconfig update-alternatives
-SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https \
+SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \
file://sysctl.conf \
file://0001-w.c-correct-musl-builds.patch \
file://0002-proc-escape.c-add-missing-include.patch \
diff --git a/meta/recipes-extended/psmisc/psmisc_23.4.bb b/meta/recipes-extended/psmisc/psmisc_23.4.bb
index 894443f4ef..89fe8a709c 100644
--- a/meta/recipes-extended/psmisc/psmisc_23.4.bb
+++ b/meta/recipes-extended/psmisc/psmisc_23.4.bb
@@ -2,7 +2,7 @@ require psmisc.inc
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3"
-SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https \
+SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https;branch=master \
file://0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch \
"
SRCREV = "5fab6b7ab385080f1db725d6803136ec1841a15f"
diff --git a/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb b/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb
index 5aff2b56a6..ad392138b5 100644
--- a/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb
+++ b/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb
@@ -19,7 +19,7 @@ PV = "1.4.2"
SRCREV = "6f54e54455c073d08a56ea627c6cd2355a40eb53"
-SRC_URI = "git://github.com/thkukuk/${BPN} \
+SRC_URI = "git://github.com/thkukuk/${BPN};branch=master;protocol=https \
file://0001-Use-cross-compiled-rpcgen.patch \
"
diff --git a/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb b/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb
index 5dfeca5326..01a079f041 100644
--- a/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb
+++ b/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5b4be4b2549338526758ef479c040943 \
inherit update-rc.d update-alternatives systemd autotools
-SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1 \
+SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1;protocol=https \
file://sysklogd \
"
diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc
index a89560b424..5c19e9a7f4 100644
--- a/meta/recipes-extended/timezone/timezone.inc
+++ b/meta/recipes-extended/timezone/timezone.inc
@@ -6,7 +6,7 @@ SECTION = "base"
LICENSE = "PD & BSD & BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba"
-PV = "2021a"
+PV = "2021d"
SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode \
http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata \
@@ -14,5 +14,6 @@ SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz
UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones"
-SRC_URI[tzcode.sha256sum] = "eb46bfa124b5b6bd13d61a609bfde8351bd192894708d33aa06e5c1e255802d0"
-SRC_URI[tzdata.sha256sum] = "39e7d2ba08c68cbaefc8de3227aab0dec2521be8042cf56855f7dc3a9fb14e08"
+SRC_URI[tzcode.sha256sum] = "ed0d02be79b54f4449ba1f239aeaf9315da490bf32f401d302dcbba4921f591d"
+SRC_URI[tzdata.sha256sum] = "d7c188a2b33d4a3c25ee4a9fdc68c1ff462bfdb302cf41343d84ca5942dbddf6"
+
diff --git a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb
index 69d5b2f83b..c6d356d227 100644
--- a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb
+++ b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb
@@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=55c5fdf02cfcca3fc9621b6f2ceae10f"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)"
-SRC_URI = "git://github.com/openSUSE/xinetd.git;protocol=https \
+SRC_URI = "git://github.com/openSUSE/xinetd.git;protocol=https;branch=master \
file://xinetd.init \
file://xinetd.default \
file://xinetd.service \
diff --git a/meta/recipes-extended/zip/zip-3.0/0001-configure-use-correct-CPP.patch b/meta/recipes-extended/zip/zip-3.0/0001-configure-use-correct-CPP.patch
new file mode 100644
index 0000000000..02253f968c
--- /dev/null
+++ b/meta/recipes-extended/zip/zip-3.0/0001-configure-use-correct-CPP.patch
@@ -0,0 +1,47 @@
+From 7a2729ee7f5d9b9d4a0d9b83fe641a2ab03c4ee0 Mon Sep 17 00:00:00 2001
+From: Joe Slater <joe.slater@windriver.com>
+Date: Thu, 24 Feb 2022 17:36:59 -0800
+Subject: [PATCH 1/2] configure: use correct CPP
+
+configure uses CPP to test that two assembler routines
+can be built. Unfortunately, it will use /usr/bin/cpp
+if it exists, invalidating the tests. We use the $CC
+passed to configure.
+
+Upstream-Status: Inappropriate [openembedded specific]
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+---
+ unix/configure | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/unix/configure b/unix/configure
+index 73ba803..7e21070 100644
+--- a/unix/configure
++++ b/unix/configure
+@@ -220,13 +220,16 @@ fi
+ echo Check for the C preprocessor
+ # on SVR4, cc -E does not produce correct assembler files. Need /lib/cpp.
+ CPP="${CC} -E"
++
++# We should not change CPP for yocto builds.
++#
+ # solaris as(1) needs -P, maybe others as well ?
+-[ -f /usr/ccs/lib/cpp ] && CPP="/usr/ccs/lib/cpp -P"
+-[ -f /usr/lib/cpp ] && CPP=/usr/lib/cpp
+-[ -f /lib/cpp ] && CPP=/lib/cpp
+-[ -f /usr/bin/cpp ] && CPP=/usr/bin/cpp
+-[ -f /xenix ] && CPP="${CC} -E"
+-[ -f /lynx.os ] && CPP="${CC} -E"
++# [ -f /usr/ccs/lib/cpp ] && CPP="/usr/ccs/lib/cpp -P"
++# [ -f /usr/lib/cpp ] && CPP=/usr/lib/cpp
++# [ -f /lib/cpp ] && CPP=/lib/cpp
++# [ -f /usr/bin/cpp ] && CPP=/usr/bin/cpp
++# [ -f /xenix ] && CPP="${CC} -E"
++# [ -f /lynx.os ] && CPP="${CC} -E"
+
+ echo "#include <stdio.h>" > conftest.c
+ $CPP conftest.c >/dev/null 2>/dev/null || CPP="${CC} -E"
+--
+2.24.1
+
diff --git a/meta/recipes-extended/zip/zip-3.0/0002-configure-support-PIC-code-build.patch b/meta/recipes-extended/zip/zip-3.0/0002-configure-support-PIC-code-build.patch
new file mode 100644
index 0000000000..6e0879616a
--- /dev/null
+++ b/meta/recipes-extended/zip/zip-3.0/0002-configure-support-PIC-code-build.patch
@@ -0,0 +1,34 @@
+From b0492506d2c28581193906e9d260d4f0451e2c39 Mon Sep 17 00:00:00 2001
+From: Joe Slater <joe.slater@windriver.com>
+Date: Thu, 24 Feb 2022 17:46:03 -0800
+Subject: [PATCH 2/2] configure: support PIC code build
+
+Disable building match.S. The code requires
+relocation in .text.
+
+Upstream-Status: Inappropriate [openembedded specific]
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+---
+ unix/configure | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/unix/configure b/unix/configure
+index 7e21070..1bc698b 100644
+--- a/unix/configure
++++ b/unix/configure
+@@ -242,8 +242,9 @@ if eval "$CPP match.S > _match.s 2>/dev/null"; then
+ if test ! -s _match.s || grep error < _match.s > /dev/null; then
+ :
+ elif eval "$CC -c _match.s >/dev/null 2>/dev/null" && [ -f _match.o ]; then
+- CFLAGS="${CFLAGS} -DASMV"
+- OBJA="match.o"
++ # disable match.S for PIC code
++ # CFLAGS="${CFLAGS} -DASMV"
++ # OBJA="match.o"
+ echo "int foo() { return 0;}" > conftest.c
+ $CC -c conftest.c >/dev/null 2>/dev/null
+ echo Check if compiler generates underlines
+--
+2.24.1
+
diff --git a/meta/recipes-extended/zip/zip_3.0.bb b/meta/recipes-extended/zip/zip_3.0.bb
index 18b5d8648e..f8e0b6e259 100644
--- a/meta/recipes-extended/zip/zip_3.0.bb
+++ b/meta/recipes-extended/zip/zip_3.0.bb
@@ -14,6 +14,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/Zip%203.x%20%28latest%29/3.0/zip30.tar.
file://fix-security-format.patch \
file://10-remove-build-date.patch \
file://zipnote-crashes-with-segfault.patch \
+ file://0001-configure-use-correct-CPP.patch \
+ file://0002-configure-support-PIC-code-build.patch \
"
UPSTREAM_VERSION_UNKNOWN = "1"
diff --git a/meta/recipes-extended/zstd/zstd_1.4.9.bb b/meta/recipes-extended/zstd/zstd_1.4.9.bb
index 44224ec627..b648c84093 100644
--- a/meta/recipes-extended/zstd/zstd_1.4.9.bb
+++ b/meta/recipes-extended/zstd/zstd_1.4.9.bb
@@ -9,7 +9,7 @@ LICENSE = "BSD-3-Clause & GPLv2"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c7f0b161edbe52f5f345a3d1311d0b32 \
file://COPYING;md5=39bba7d2cf0ba1036f2a6e2be52fe3f0"
-SRC_URI = "git://github.com/facebook/zstd.git;branch=release \
+SRC_URI = "git://github.com/facebook/zstd.git;branch=release;protocol=https \
file://0001-Makefile-sort-all-wildcard-file-list-expansions.patch \
"
diff --git a/meta/recipes-gnome/epiphany/epiphany_3.38.2.bb b/meta/recipes-gnome/epiphany/epiphany_3.38.2.bb
index 04f340f133..72d116da69 100644
--- a/meta/recipes-gnome/epiphany/epiphany_3.38.2.bb
+++ b/meta/recipes-gnome/epiphany/epiphany_3.38.2.bb
@@ -18,6 +18,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@gnome_verdir("${PV}")}/${GNOMEBN}-${PV}
file://0002-help-meson.build-disable-the-use-of-yelp.patch \
file://migrator.patch \
file://distributor.patch \
+ file://encode-untrusted-data.patch \
"
SRC_URI[archive.sha256sum] = "8b05f2bcc1e80ecf4a10f6f01b3285087eb4cbdf5741dffb8c0355715ef5116d"
diff --git a/meta/recipes-gnome/epiphany/files/encode-untrusted-data.patch b/meta/recipes-gnome/epiphany/files/encode-untrusted-data.patch
new file mode 100644
index 0000000000..4805ee4e6b
--- /dev/null
+++ b/meta/recipes-gnome/epiphany/files/encode-untrusted-data.patch
@@ -0,0 +1,707 @@
+From: Michael Catanzaro <mcatanzaro@redhat.com>
+Subject: Properly encode untrusted data when injecting into trusted pages
+
+CVE: CVE-2021-45085 CVE-2021-45086 CVE-2021-45087 CVE-2021-45088
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/epiphany/-/compare/c27a8180e12e6ec92292dcf53b9243815ad9aa2e...abac58c5191b7d653fbefa8d44e5c2bd4d002825?from_project_id=1906]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+Index: epiphany-browser/embed/ephy-about-handler.c
+===================================================================
+--- epiphany-browser.orig/embed/ephy-about-handler.c
++++ epiphany-browser/embed/ephy-about-handler.c
+@@ -27,6 +27,7 @@
+ #include "ephy-file-helpers.h"
+ #include "ephy-flatpak-utils.h"
+ #include "ephy-history-service.h"
++#include "ephy-output-encoding.h"
+ #include "ephy-prefs.h"
+ #include "ephy-settings.h"
+ #include "ephy-smaps.h"
+@@ -263,16 +264,34 @@ handle_applications_finished_cb (EphyAbo
+
+ for (p = applications; p; p = p->next) {
+ EphyWebApplication *app = (EphyWebApplication *)p->data;
+-
++ g_autofree char *html_encoded_id = NULL;
++ g_autofree char *encoded_icon_url = NULL;
++ g_autofree char *encoded_name = NULL;
++ g_autofree char *encoded_url = NULL;
++ g_autofree char *js_encoded_id = NULL;
++ g_autofree char *encoded_install_date = NULL;
++
++ /* Most of these fields are untrusted. The web app suggests its own title,
++ * which gets used in the app ID and icon URL. The main URL could contain
++ * anything. Install date is the only trusted field here in that it's
++ * constructed by Epiphany, but it's a freeform string and we're encoding
++ * everything else here anyway, so might as well encode this too.
++ */
++ html_encoded_id = ephy_encode_for_html_attribute (app->id);
++ encoded_icon_url = ephy_encode_for_html_attribute (app->icon_url);
++ encoded_name = ephy_encode_for_html_entity (app->name);
++ encoded_url = ephy_encode_for_html_entity (app->url);
++ js_encoded_id = ephy_encode_for_javascript (app->id);
++ encoded_install_date = ephy_encode_for_html_entity (app->install_date);
+ g_string_append_printf (data_str,
+ "<tbody><tr id =\"%s\">"
+ "<td class=\"icon\"><img width=64 height=64 src=\"file://%s\"></img></td>"
+ "<td class=\"data\"><div class=\"appname\">%s</div><div class=\"appurl\">%s</div></td>"
+ "<td class=\"input\"><input type=\"button\" value=\"%s\" onclick=\"deleteWebApp('%s');\"></td>"
+ "<td class=\"date\">%s <br /> %s</td></tr></tbody>",
+- app->id, app->icon_url, app->name, app->url, _("Delete"), app->id,
++ html_encoded_id, encoded_icon_url, encoded_name, encoded_url, _("Delete"), js_encoded_id,
+ /* Note for translators: this refers to the installation date. */
+- _("Installed on:"), app->install_date);
++ _("Installed on:"), encoded_install_date);
+ }
+
+ g_string_append (data_str, "</table></div></body></html>");
+@@ -407,7 +426,9 @@ history_service_query_urls_cb (EphyHisto
+ EphyHistoryURL *url = (EphyHistoryURL *)l->data;
+ const char *snapshot;
+ g_autofree char *thumbnail_style = NULL;
+- g_autofree char *markup = NULL;
++ g_autofree char *entity_encoded_title = NULL;
++ g_autofree char *attribute_encoded_title = NULL;
++ g_autofree char *encoded_url = NULL;
+
+ snapshot = ephy_snapshot_service_lookup_cached_snapshot_path (snapshot_service, url->url);
+ if (snapshot)
+@@ -415,15 +436,19 @@ history_service_query_urls_cb (EphyHisto
+ else
+ ephy_embed_shell_schedule_thumbnail_update (shell, url);
+
+- markup = g_markup_escape_text (url->title, -1);
++ /* Title and URL are controlled by web content and could be malicious. */
++ entity_encoded_title = ephy_encode_for_html_entity (url->title);
++ attribute_encoded_title = ephy_encode_for_html_attribute (url->title);
++ encoded_url = ephy_encode_for_html_attribute (url->url);
+ g_string_append_printf (data_str,
+ "<a class=\"overview-item\" title=\"%s\" href=\"%s\">"
+ " <div class=\"overview-close-button\" title=\"%s\"></div>"
+ " <span class=\"overview-thumbnail\"%s></span>"
+ " <span class=\"overview-title\">%s</span>"
+ "</a>",
+- markup, url->url, _("Remove from overview"),
+- thumbnail_style ? thumbnail_style : "", url->title);
++ attribute_encoded_title, encoded_url, _("Remove from overview"),
++ thumbnail_style ? thumbnail_style : "",
++ entity_encoded_title);
+ }
+
+ data_str = g_string_append (data_str,
+Index: epiphany-browser/embed/ephy-pdf-handler.c
+===================================================================
+--- epiphany-browser.orig/embed/ephy-pdf-handler.c
++++ epiphany-browser/embed/ephy-pdf-handler.c
+@@ -23,6 +23,7 @@
+
+ #include "ephy-embed-container.h"
+ #include "ephy-embed-shell.h"
++#include "ephy-output-encoding.h"
+ #include "ephy-web-view.h"
+
+ #include <gio/gio.h>
+@@ -124,8 +125,9 @@ pdf_file_loaded (GObject *source,
+ GBytes *html_file;
+ g_autoptr (GError) error = NULL;
+ g_autoptr (GString) html = NULL;
+- g_autofree gchar *b64 = NULL;
+ g_autofree char *file_data = NULL;
++ g_autofree char *encoded_file_data = NULL;
++ g_autofree char *encoded_filename = NULL;
+ gsize len = 0;
+
+ if (!g_file_load_contents_finish (G_FILE (source), res, &file_data, &len, NULL, &error)) {
+@@ -134,13 +136,13 @@ pdf_file_loaded (GObject *source,
+ return;
+ }
+
+- html_file = g_resources_lookup_data ("/org/gnome/epiphany/pdfjs/web/viewer.html", 0, NULL);
+-
+- b64 = g_base64_encode ((const guchar *)file_data, len);
+ g_file_delete_async (G_FILE (source), G_PRIORITY_DEFAULT, NULL, pdf_file_deleted, NULL);
+
+- html = g_string_new ("");
+- g_string_printf (html, g_bytes_get_data (html_file, NULL), b64, self->file_name ? self->file_name : "");
++ html = g_string_new (NULL);
++ html_file = g_resources_lookup_data ("/org/gnome/epiphany/pdfjs/web/viewer.html", 0, NULL);
++ encoded_file_data = g_base64_encode ((const guchar *)file_data, len);
++ encoded_filename = self->file_name ? ephy_encode_for_html_attribute (self->file_name) : g_strdup ("");
++ g_string_printf (html, g_bytes_get_data (html_file, NULL), encoded_file_data, encoded_filename);
+
+ finish_uri_scheme_request (self, g_strdup (html->str), NULL);
+ }
+Index: epiphany-browser/embed/ephy-reader-handler.c
+===================================================================
+--- epiphany-browser.orig/embed/ephy-reader-handler.c
++++ epiphany-browser/embed/ephy-reader-handler.c
+@@ -24,6 +24,7 @@
+ #include "ephy-embed-container.h"
+ #include "ephy-embed-shell.h"
+ #include "ephy-lib-type-builtins.h"
++#include "ephy-output-encoding.h"
+ #include "ephy-settings.h"
+ #include "ephy-web-view.h"
+
+@@ -156,7 +157,9 @@ readability_js_finish_cb (GObject *
+ g_autoptr (WebKitJavascriptResult) js_result = NULL;
+ g_autoptr (GError) error = NULL;
+ g_autofree gchar *byline = NULL;
++ g_autofree gchar *encoded_byline = NULL;
+ g_autofree gchar *content = NULL;
++ g_autofree gchar *encoded_title = NULL;
+ g_autoptr (GString) html = NULL;
+ g_autoptr (GBytes) style_css = NULL;
+ const gchar *title;
+@@ -173,10 +176,14 @@ readability_js_finish_cb (GObject *
+
+ byline = readability_get_property_string (js_result, "byline");
+ content = readability_get_property_string (js_result, "content");
++ title = webkit_web_view_get_title (web_view);
++
++ encoded_byline = byline ? ephy_encode_for_html_entity (byline) : g_strdup ("");
++ encoded_title = ephy_encode_for_html_entity (title);
+
+- html = g_string_new ("");
++ html = g_string_new (NULL);
+ style_css = g_resources_lookup_data ("/org/gnome/epiphany/readability/reader.css", G_RESOURCE_LOOKUP_FLAGS_NONE, NULL);
+- title = webkit_web_view_get_title (web_view);
++
+ font_style = enum_nick (EPHY_TYPE_PREFS_READER_FONT_STYLE,
+ g_settings_get_enum (EPHY_SETTINGS_READER,
+ EPHY_PREFS_READER_FONT_STYLE));
+@@ -186,7 +193,8 @@ readability_js_finish_cb (GObject *
+
+ g_string_append_printf (html, "<style>%s</style>"
+ "<title>%s</title>"
+- "<meta http-equiv=\"Content-Type\" content=\"text/html;\" charset=\"UTF-8\">" \
++ "<meta http-equiv='Content-Type' content='text/html;' charset='UTF-8'>" \
++ "<meta http-equiv='Content-Security-Policy' content=\"script-src 'none'\">" \
+ "<body class='%s %s'>"
+ "<article>"
+ "<h2>"
+@@ -197,13 +205,27 @@ readability_js_finish_cb (GObject *
+ "</i>"
+ "<hr>",
+ (gchar *)g_bytes_get_data (style_css, NULL),
+- title,
++ encoded_title,
+ font_style,
+ color_scheme,
+- title,
+- byline != NULL ? byline : "");
++ encoded_title,
++ encoded_byline);
++
++ /* We cannot encode the page content because it contains HTML tags inserted by
++ * Readability.js. Upstream recommends that we use an XSS sanitizer like
++ * DOMPurify plus Content-Security-Policy, but I'm not keen on adding more
++ * bundled JS dependencies, and we have an advantage over Firefox in that we
++ * don't need scripts to work at this point. So instead the above CSP
++ * completely blocks all scripts, which should hopefully obviate the need for
++ * a DOM purifier.
++ *
++ * Note the encoding for page title and byline is still required, as they're
++ * not supposed to contain markup, and Readability.js unescapes them before
++ * returning them to us.
++ */
+ g_string_append (html, content);
+ g_string_append (html, "</article>");
++ g_string_append (html, "</body>");
+
+ finish_uri_scheme_request (request, g_strdup (html->str), NULL);
+ }
+Index: epiphany-browser/embed/ephy-view-source-handler.c
+===================================================================
+--- epiphany-browser.orig/embed/ephy-view-source-handler.c
++++ epiphany-browser/embed/ephy-view-source-handler.c
+@@ -23,6 +23,7 @@
+
+ #include "ephy-embed-container.h"
+ #include "ephy-embed-shell.h"
++#include "ephy-output-encoding.h"
+ #include "ephy-web-view.h"
+
+ #include <gio/gio.h>
+@@ -109,7 +110,9 @@ web_resource_data_cb (WebKitWebResource
+ EphyViewSourceRequest *request)
+ {
+ g_autofree guchar *data = NULL;
+- g_autofree char *escaped_str = NULL;
++ g_autofree char *data_str = NULL;
++ g_autofree char *encoded_str = NULL;
++ g_autofree char *encoded_uri = NULL;
+ g_autoptr (GError) error = NULL;
+ g_autofree char *html = NULL;
+ gsize length;
+@@ -120,8 +123,13 @@ web_resource_data_cb (WebKitWebResource
+ return;
+ }
+
+- /* Warning: data is not a string, so we pass length here because it's not NUL-terminated. */
+- escaped_str = g_markup_escape_text ((const char *)data, length);
++ /* Convert data to a string */
++ data_str = g_malloc (length + 1);
++ memcpy (data_str, data, length);
++ data_str[length] = '\0';
++
++ encoded_str = ephy_encode_for_html_entity (data_str);
++ encoded_uri = ephy_encode_for_html_entity (webkit_web_resource_get_uri (resource));
+
+ html = g_strdup_printf ("<head>"
+ " <link rel='stylesheet' href='ephy-resource:///org/gnome/epiphany/highlightjs/nnfx.css' media='(prefers-color-scheme: no-preference), (prefers-color-scheme: light)'>"
+@@ -136,8 +144,8 @@ web_resource_data_cb (WebKitWebResource
+ " hljs.initLineNumbersOnLoad();</script>"
+ " <pre><code class='html'>%s</code></pre>"
+ "</body>",
+- webkit_web_resource_get_uri (resource),
+- escaped_str);
++ encoded_uri,
++ encoded_str);
+
+ finish_uri_scheme_request (request, g_steal_pointer (&html), NULL);
+ }
+Index: epiphany-browser/embed/ephy-web-view.c
+===================================================================
+--- epiphany-browser.orig/embed/ephy-web-view.c
++++ epiphany-browser/embed/ephy-web-view.c
+@@ -38,6 +38,7 @@
+ #include "ephy-gsb-utils.h"
+ #include "ephy-history-service.h"
+ #include "ephy-lib-type-builtins.h"
++#include "ephy-output-encoding.h"
+ #include "ephy-permissions-manager.h"
+ #include "ephy-prefs.h"
+ #include "ephy-reader-handler.h"
+@@ -1772,9 +1773,11 @@ format_network_error_page (const char *
+ const char **icon_name,
+ const char **style)
+ {
+- char *formatted_origin;
+- char *formatted_reason;
+- char *first_paragraph;
++ g_autofree char *encoded_uri = NULL;
++ g_autofree char *encoded_origin = NULL;
++ g_autofree char *formatted_origin = NULL;
++ g_autofree char *formatted_reason = NULL;
++ g_autofree char *first_paragraph = NULL;
+ const char *second_paragraph;
+
+ /* Page title when a site cannot be loaded due to a network error. */
+@@ -1783,7 +1786,8 @@ format_network_error_page (const char *
+ /* Message title when a site cannot be loaded due to a network error. */
+ *message_title = g_strdup (_("Unable to display this website"));
+
+- formatted_origin = g_strdup_printf ("<strong>%s</strong>", origin);
++ encoded_origin = ephy_encode_for_html_entity (origin);
++ formatted_origin = g_strdup_printf ("<strong>%s</strong>", encoded_origin);
+ /* Error details when a site cannot be loaded due to a network error. */
+ first_paragraph = g_strdup_printf (_("The site at %s seems to be "
+ "unavailable."),
+@@ -1805,16 +1809,13 @@ format_network_error_page (const char *
+
+ /* The button on the network error page. DO NOT ADD MNEMONICS HERE. */
+ *button_label = g_strdup (_("Reload"));
+- *button_action = g_strdup_printf ("window.location = '%s';", uri);
++ encoded_uri = ephy_encode_for_javascript (uri);
++ *button_action = g_strdup_printf ("window.location = '%s';", encoded_uri);
+ /* Mnemonic for the Reload button on browser error pages. */
+ *button_accesskey = C_("reload-access-key", "R");
+
+ *icon_name = "network-error-symbolic.svg";
+ *style = "default";
+-
+- g_free (formatted_origin);
+- g_free (formatted_reason);
+- g_free (first_paragraph);
+ }
+
+ static void
+@@ -1828,10 +1829,12 @@ format_crash_error_page (const char *ur
+ const char **icon_name,
+ const char **style)
+ {
+- char *formatted_uri;
+- char *formatted_distributor;
+- char *first_paragraph;
+- char *second_paragraph;
++ g_autofree char *html_encoded_uri = NULL;
++ g_autofree char *js_encoded_uri = NULL;
++ g_autofree char *formatted_uri = NULL;
++ g_autofree char *formatted_distributor = NULL;
++ g_autofree char *first_paragraph = NULL;
++ g_autofree char *second_paragraph = NULL;
+
+ /* Page title when a site cannot be loaded due to a page crash error. */
+ *page_title = g_strdup_printf (_("Problem Loading Page"));
+@@ -1839,7 +1842,8 @@ format_crash_error_page (const char *ur
+ /* Message title when a site cannot be loaded due to a page crash error. */
+ *message_title = g_strdup (_("Oops! There may be a problem"));
+
+- formatted_uri = g_strdup_printf ("<strong>%s</strong>", uri);
++ html_encoded_uri = ephy_encode_for_html_entity (uri);
++ formatted_uri = g_strdup_printf ("<strong>%s</strong>", html_encoded_uri);
+ /* Error details when a site cannot be loaded due to a page crash error. */
+ first_paragraph = g_strdup_printf (_("The page %s may have caused Web to "
+ "close unexpectedly."),
+@@ -1858,17 +1862,13 @@ format_crash_error_page (const char *ur
+
+ /* The button on the page crash error page. DO NOT ADD MNEMONICS HERE. */
+ *button_label = g_strdup (_("Reload"));
+- *button_action = g_strdup_printf ("window.location = '%s';", uri);
++ js_encoded_uri = ephy_encode_for_javascript (uri);
++ *button_action = g_strdup_printf ("window.location = '%s';", js_encoded_uri);
+ /* Mnemonic for the Reload button on browser error pages. */
+ *button_accesskey = C_("reload-access-key", "R");
+
+ *icon_name = "computer-fail-symbolic.svg";
+ *style = "default";
+-
+- g_free (formatted_uri);
+- g_free (formatted_distributor);
+- g_free (first_paragraph);
+- g_free (second_paragraph);
+ }
+
+ static void
+@@ -1882,6 +1882,7 @@ format_process_crash_error_page (const c
+ const char **icon_name,
+ const char **style)
+ {
++ g_autofree char *encoded_uri = NULL;
+ const char *first_paragraph;
+
+ /* Page title when a site cannot be loaded due to a process crash error. */
+@@ -1897,7 +1898,8 @@ format_process_crash_error_page (const c
+
+ /* The button on the process crash error page. DO NOT ADD MNEMONICS HERE. */
+ *button_label = g_strdup (_("Reload"));
+- *button_action = g_strdup_printf ("window.location = '%s';", uri);
++ encoded_uri = ephy_encode_for_javascript (uri);
++ *button_action = g_strdup_printf ("window.location = '%s';", encoded_uri);
+ /* Mnemonic for the Reload button on browser error pages. */
+ *button_accesskey = C_("reload-access-key", "R");
+
+@@ -1921,8 +1923,9 @@ format_tls_error_page (EphyWebView *vie
+ const char **icon_name,
+ const char **style)
+ {
+- char *formatted_origin;
+- char *first_paragraph;
++ g_autofree char *encoded_origin = NULL;
++ g_autofree char *formatted_origin = NULL;
++ g_autofree char *first_paragraph = NULL;
+
+ /* Page title when a site is not loaded due to an invalid TLS certificate. */
+ *page_title = g_strdup_printf (_("Security Violation"));
+@@ -1930,7 +1933,8 @@ format_tls_error_page (EphyWebView *vie
+ /* Message title when a site is not loaded due to an invalid TLS certificate. */
+ *message_title = g_strdup (_("This Connection is Not Secure"));
+
+- formatted_origin = g_strdup_printf ("<strong>%s</strong>", origin);
++ encoded_origin = ephy_encode_for_html_entity (origin);
++ formatted_origin = g_strdup_printf ("<strong>%s</strong>", encoded_origin);
+ /* Error details when a site is not loaded due to an invalid TLS certificate. */
+ first_paragraph = g_strdup_printf (_("This does not look like the real %s. "
+ "Attackers might be trying to steal or "
+@@ -1956,9 +1960,6 @@ format_tls_error_page (EphyWebView *vie
+
+ *icon_name = "channel-insecure-symbolic.svg";
+ *style = "danger";
+-
+- g_free (formatted_origin);
+- g_free (first_paragraph);
+ }
+
+ static void
+@@ -1978,8 +1979,9 @@ format_unsafe_browsing_error_page (EphyW
+ const char **icon_name,
+ const char **style)
+ {
+- char *formatted_origin;
+- char *first_paragraph;
++ g_autofree char *encoded_origin = NULL;
++ g_autofree char *formatted_origin = NULL;
++ g_autofree char *first_paragraph = NULL;
+
+ /* Page title when a site is flagged by Google Safe Browsing verification. */
+ *page_title = g_strdup_printf (_("Security Warning"));
+@@ -1987,7 +1989,8 @@ format_unsafe_browsing_error_page (EphyW
+ /* Message title on the unsafe browsing error page. */
+ *message_title = g_strdup (_("Unsafe website detected!"));
+
+- formatted_origin = g_strdup_printf ("<strong>%s</strong>", origin);
++ encoded_origin = ephy_encode_for_html_entity (origin);
++ formatted_origin = g_strdup_printf ("<strong>%s</strong>", encoded_origin);
+ /* Error details on the unsafe browsing error page.
+ * https://developers.google.com/safe-browsing/v4/usage-limits#UserWarnings
+ */
+@@ -2045,9 +2048,6 @@ format_unsafe_browsing_error_page (EphyW
+
+ *icon_name = "security-high-symbolic.svg";
+ *style = "danger";
+-
+- g_free (formatted_origin);
+- g_free (first_paragraph);
+ }
+
+ static void
+@@ -2061,7 +2061,8 @@ format_no_such_file_error_page (EphyWebV
+ const char **icon_name,
+ const char **style)
+ {
+- g_autofree gchar *formatted_origin = NULL;
++ g_autofree gchar *encoded_address = NULL;
++ g_autofree gchar *formatted_address = NULL;
+ g_autofree gchar *first_paragraph = NULL;
+ g_autofree gchar *second_paragraph = NULL;
+
+@@ -2071,10 +2072,11 @@ format_no_such_file_error_page (EphyWebV
+ /* Message title on the no such file error page. */
+ *message_title = g_strdup (_("File not found"));
+
+- formatted_origin = g_strdup_printf ("<strong>%s</strong>", view->address);
++ encoded_address = ephy_encode_for_html_entity (view->address);
++ formatted_address = g_strdup_printf ("<strong>%s</strong>", encoded_address);
+
+ first_paragraph = g_strdup_printf (_("%s could not be found."),
+- formatted_origin);
++ formatted_address);
+ second_paragraph = g_strdup_printf (_("Please check the file name for "
+ "capitalization or other typing errors. Also check if "
+ "it has been moved, renamed, or deleted."));
+@@ -2109,19 +2111,19 @@ ephy_web_view_load_error_page (EphyWebVi
+ GError *error,
+ gpointer user_data)
+ {
+- GBytes *html_file;
+- GString *html = g_string_new ("");
+- char *origin = NULL;
+- char *lang = NULL;
+- char *page_title = NULL;
+- char *msg_title = NULL;
+- char *msg_body = NULL;
+- char *msg_details = NULL;
+- char *button_label = NULL;
+- char *hidden_button_label = NULL;
+- char *button_action = NULL;
+- char *hidden_button_action = NULL;
+- char *style_sheet = NULL;
++ g_autoptr (GBytes) html_file = NULL;
++ g_autoptr (GString) html = g_string_new (NULL);
++ g_autofree char *origin = NULL;
++ g_autofree char *lang = NULL;
++ g_autofree char *page_title = NULL;
++ g_autofree char *msg_title = NULL;
++ g_autofree char *msg_body = NULL;
++ g_autofree char *msg_details = NULL;
++ g_autofree char *button_label = NULL;
++ g_autofree char *hidden_button_label = NULL;
++ g_autofree char *button_action = NULL;
++ g_autofree char *hidden_button_action = NULL;
++ g_autofree char *style_sheet = NULL;
+ const char *button_accesskey = NULL;
+ const char *hidden_button_accesskey = NULL;
+ const char *icon_name = NULL;
+@@ -2261,23 +2263,9 @@ ephy_web_view_load_error_page (EphyWebVi
+ button_accesskey, button_label);
+ #pragma GCC diagnostic pop
+
+- g_bytes_unref (html_file);
+- g_free (origin);
+- g_free (lang);
+- g_free (page_title);
+- g_free (msg_title);
+- g_free (msg_body);
+- g_free (msg_details);
+- g_free (button_label);
+- g_free (button_action);
+- g_free (hidden_button_label);
+- g_free (hidden_button_action);
+- g_free (style_sheet);
+-
+ /* Make our history backend ignore the next page load, since it will be an error page. */
+ ephy_web_view_freeze_history (view);
+ webkit_web_view_load_alternate_html (WEBKIT_WEB_VIEW (view), html->str, uri, 0);
+- g_string_free (html, TRUE);
+ }
+
+ static gboolean
+Index: epiphany-browser/lib/ephy-output-encoding.c
+===================================================================
+--- /dev/null
++++ epiphany-browser/lib/ephy-output-encoding.c
+@@ -0,0 +1,117 @@
++/* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
++/*
++ * Copyright © Red Hat Inc.
++ *
++ * This file is part of Epiphany.
++ *
++ * Epiphany is free software: you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation, either version 3 of the License, or
++ * (at your option) any later version.
++ *
++ * Epiphany is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with Epiphany. If not, see <http://www.gnu.org/licenses/>.
++ */
++
++#include "config.h"
++#include "ephy-output-encoding.h"
++
++#include <glib.h>
++
++#if !GLIB_CHECK_VERSION(2, 68, 0)
++static guint
++g_string_replace (GString *string,
++ const gchar *find,
++ const gchar *replace,
++ guint limit)
++{
++ gsize f_len, r_len, pos;
++ gchar *cur, *next;
++ guint n = 0;
++
++ g_return_val_if_fail (string != NULL, 0);
++ g_return_val_if_fail (find != NULL, 0);
++ g_return_val_if_fail (replace != NULL, 0);
++
++ f_len = strlen (find);
++ r_len = strlen (replace);
++ cur = string->str;
++
++ while ((next = strstr (cur, find)) != NULL)
++ {
++ pos = next - string->str;
++ g_string_erase (string, pos, f_len);
++ g_string_insert (string, pos, replace);
++ cur = string->str + pos + r_len;
++ n++;
++ /* Only match the empty string once at any given position, to
++ * avoid infinite loops */
++ if (f_len == 0)
++ {
++ if (cur[0] == '\0')
++ break;
++ else
++ cur++;
++ }
++ if (n == limit)
++ break;
++ }
++
++ return n;
++}
++#endif
++
++char *
++ephy_encode_for_html_entity (const char *input)
++{
++ GString *str = g_string_new (input);
++
++ g_string_replace (str, "&", "&amp;", 0);
++ g_string_replace (str, "<", "&lt;", 0);
++ g_string_replace (str, ">", "&gt;", 0);
++ g_string_replace (str, "\"", "&quot;", 0);
++ g_string_replace (str, "'", "&#x27;", 0);
++ g_string_replace (str, "/", "&#x2F;", 0);
++
++ return g_string_free (str, FALSE);
++}
++
++static char *
++encode_all_except_alnum (const char *input,
++ const char *format)
++{
++ GString *str;
++ const char *c = input;
++
++ if (!g_utf8_validate (input, -1, NULL))
++ return g_strdup ("");
++
++ str = g_string_new (NULL);
++ do {
++ gunichar u = g_utf8_get_char (c);
++ if (g_unichar_isalnum (u))
++ g_string_append_unichar (str, u);
++ else
++ g_string_append_printf (str, format, u);
++ c = g_utf8_next_char (c);
++ } while (*c);
++
++ return g_string_free (str, FALSE);
++}
++
++char *
++ephy_encode_for_html_attribute (const char *input)
++{
++ return encode_all_except_alnum (input, "&#x%02x;");
++}
++
++char *
++ephy_encode_for_javascript (const char *input)
++{
++ return encode_all_except_alnum (input, "\\u%04u;");
++}
+Index: epiphany-browser/lib/ephy-output-encoding.h
+===================================================================
+--- /dev/null
++++ epiphany-browser/lib/ephy-output-encoding.h
+@@ -0,0 +1,38 @@
++/* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
++/*
++ * Copyright © 2021 Red Hat Inc.
++ *
++ * This file is part of Epiphany.
++ *
++ * Epiphany is free software: you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation, either version 3 of the License, or
++ * (at your option) any later version.
++ *
++ * Epiphany is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with Epiphany. If not, see <http://www.gnu.org/licenses/>.
++ */
++
++#pragma once
++
++#include <glib.h>
++
++G_BEGIN_DECLS
++
++/* These functions implement the OWASP XSS prevention output encoding rules:
++ * https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html#output-encoding-rules-summary
++ *
++ * You must *carefully* read that document to safely inject untrusted data into
++ * web content. Here be dragons.
++ */
++
++char *ephy_encode_for_html_entity (const char *input);
++char *ephy_encode_for_html_attribute (const char *input);
++char *ephy_encode_for_javascript (const char *input);
++
++G_END_DECLS
+Index: epiphany-browser/lib/meson.build
+===================================================================
+--- epiphany-browser.orig/lib/meson.build
++++ epiphany-browser/lib/meson.build
+@@ -21,6 +21,7 @@ libephymisc_sources = [
+ 'ephy-langs.c',
+ 'ephy-notification.c',
+ 'ephy-notification-container.c',
++ 'ephy-output-encoding.c',
+ 'ephy-permissions-manager.c',
+ 'ephy-profile-utils.c',
+ 'ephy-search-engine-manager.c',
diff --git a/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb b/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
index 3b884f03e9..8b752f7e7d 100644
--- a/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
+++ b/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb
@@ -94,7 +94,7 @@ EOF
# from the target sysroot.
cat > ${B}/g-ir-scanner-wrapper << EOF
#!/bin/sh
-# This prevents g-ir-scanner from writing cache data to $HOME
+# This prevents g-ir-scanner from writing cache data to user's HOME dir
export GI_SCANNER_DISABLE_CACHE=1
g-ir-scanner --lib-dirs-envvar=GIR_EXTRA_LIBS_PATH --use-binary-wrapper=${STAGING_BINDIR}/g-ir-scanner-qemuwrapper --use-ldd-wrapper=${STAGING_BINDIR}/g-ir-scanner-lddwrapper --add-include-path=${STAGING_DATADIR}/gir-1.0 --add-include-path=${STAGING_LIBDIR}/gir-1.0 "\$@"
diff --git a/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb b/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb
index 74e3430528..d70265ee50 100644
--- a/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb
+++ b/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb
@@ -16,3 +16,7 @@ inherit allarch autotools
FILES_${PN} += "${datadir}/icons"
BBCLASSEXTEND = "native nativesdk"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb b/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb
index 1e37feb20a..f39cbdca5a 100644
--- a/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb
+++ b/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb
@@ -9,7 +9,7 @@ BUGTRACKER = "https://gitlab.gnome.org/GNOME/libhandy/-/issues"
LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
-SRC_URI = "git://gitlab.gnome.org/GNOME/libhandy.git;protocol=https"
+SRC_URI = "git://gitlab.gnome.org/GNOME/libhandy.git;protocol=https;branch=master"
SRCREV = "7b38a860ffcec6c2ad28153358cc3d037ddb618f"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-gnome/libportal/libportal_0.3.bb b/meta/recipes-gnome/libportal/libportal_0.3.bb
index bc4ff3784c..c24a794fc4 100644
--- a/meta/recipes-gnome/libportal/libportal_0.3.bb
+++ b/meta/recipes-gnome/libportal/libportal_0.3.bb
@@ -6,7 +6,7 @@ BUGTRACKER = "https://github.com/flatpak/libportal/issues"
LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2"
-SRC_URI = "git://github.com/flatpak/${BPN}.git;protocol=https"
+SRC_URI = "git://github.com/flatpak/${BPN}.git;protocol=https;branch=master"
SRCREV = "a609e06d0c4adc5c510cf9ac7b060db3d368e78f"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/glslang/glslang_11.2.0.bb b/meta/recipes-graphics/glslang/glslang_11.2.0.bb
index 902f7345f5..e00f73ccb7 100644
--- a/meta/recipes-graphics/glslang/glslang_11.2.0.bb
+++ b/meta/recipes-graphics/glslang/glslang_11.2.0.bb
@@ -9,7 +9,7 @@ LICENSE = "BSD-3-Clause & BSD-2-Clause & MIT & Apache-2.0 & GPL-3-with-bison-exc
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c5ce49c0456e9b413b98a4368c378229"
SRCREV = "5421877c380d5f92c1965c7a94620dac861297dd"
-SRC_URI = "git://github.com/KhronosGroup/glslang.git;protocol=https \
+SRC_URI = "git://github.com/KhronosGroup/glslang.git;protocol=https;branch=master \
file://0001-generate-glslang-pkg-config.patch"
UPSTREAM_CHECK_GITTAGREGEX = "^(?P<pver>\d+(\.\d+)+)$"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb b/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb
index 1cc94cf993..4b8630a318 100644
--- a/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb
+++ b/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb
@@ -12,7 +12,7 @@ inherit meson
SRCREV = "d16ad07e7f2a028e14d61f570931c87fa5ce404c"
PV = "1.25+git${SRCPV}"
-SRC_URI = "git://gitlab.freedesktop.org/drm/igt-gpu-tools.git;protocol=https \
+SRC_URI = "git://gitlab.freedesktop.org/drm/igt-gpu-tools.git;protocol=https;branch=master \
file://0001-lib-igt_edid-Allocate-raw-8-bytes-for-VSDB.patch \
file://reproducibility.patch"
diff --git a/meta/recipes-graphics/libfakekey/libfakekey_git.bb b/meta/recipes-graphics/libfakekey/libfakekey_git.bb
index ab6f5ac9ed..33ea6fe5a9 100644
--- a/meta/recipes-graphics/libfakekey/libfakekey_git.bb
+++ b/meta/recipes-graphics/libfakekey/libfakekey_git.bb
@@ -13,7 +13,7 @@ SECTION = "x11/wm"
SRCREV = "7ad885912efb2131e80914e964d5e635b0d07b40"
PV = "0.3+git${SRCPV}"
-SRC_URI = "git://git.yoctoproject.org/${BPN}"
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb b/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb
index 1a31677978..06bd682823 100644
--- a/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb
+++ b/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb
@@ -17,7 +17,7 @@ DEPENDS = "virtual/libx11 libxext"
#SRCREV for 1.12
SRCREV = "e846ee434f8e23d9db38af13c523f791495e0e87"
-SRC_URI = "git://git.yoctoproject.org/${BPN}"
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/libva/libva-utils_2.10.0.bb b/meta/recipes-graphics/libva/libva-utils_2.10.0.bb
index 828f4fb317..39763ba539 100644
--- a/meta/recipes-graphics/libva/libva-utils_2.10.0.bb
+++ b/meta/recipes-graphics/libva/libva-utils_2.10.0.bb
@@ -14,7 +14,7 @@ SECTION = "x11"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=b148fc8adf19dc9aec17cf9cd29a9a5e"
-SRC_URI = "git://github.com/intel/libva-utils.git;branch=v2.10-branch"
+SRC_URI = "git://github.com/intel/libva-utils.git;branch=v2.10-branch;protocol=https"
SRCREV = "f112ee75fcd1472131b20f901b93f6ac1d293fad"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb b/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb
index a08eb252ce..3ea67d09d6 100644
--- a/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb
+++ b/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb
@@ -12,7 +12,7 @@ DEPENDS = "libmatchbox virtual/libx11 libxext libxrender startup-notification ex
# SRCREV tagged 1.2.2
SRCREV = "27da947e7fbdf9659f7e5bd1e92af92af6c03970"
-SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager \
+SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager;branch=master \
file://0001-Fix-build-with-gcc-10.patch \
file://kbdconfig"
diff --git a/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch b/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch
new file mode 100644
index 0000000000..899450eb2a
--- /dev/null
+++ b/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch
@@ -0,0 +1,52 @@
+commit 8bd63cd28939d79d6681943b840627eaa3614ee4
+Author: Pablo Saavedra <psaavedra@igalia.com>
+Date: Mon Oct 18 15:48:42 2021 +0200
+
+ gallium/dri: Make YUV formats we're going to emulate external-only.
+
+ If we're going to have to bind them as separate planes with colorspace
+ conversion for sampling on the frontend, then we need to report that
+ they're only for external-image samplers, otherwise the lowering won't be
+ applied.
+
+ Fixes: 4e3a7dcf ("gallium: enable EGL_EXT_image_dma_buf_import_modifiers unconditionally")
+ Reviewed-by: Jose Maria Casanova Crespo <jmcasanova@igalia.com>
+ Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/13038>
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/13038]
+
+diff --git a/src/gallium/frontends/dri/dri2.c b/src/gallium/frontends/dri/dri2.c
+index b0c0d7e..ef8df5a 100644
+--- a/src/gallium/frontends/dri/dri2.c
++++ b/src/gallium/frontends/dri/dri2.c
+@@ -1445,16 +1445,24 @@ dri2_query_dma_buf_modifiers(__DRIscreen *_screen, int fourcc, int max,
+
+ format = map->pipe_format;
+
++ bool native_sampling = pscreen->is_format_supported(pscreen, format, screen->target, 0, 0,
++ PIPE_BIND_SAMPLER_VIEW);
+ if (pscreen->is_format_supported(pscreen, format, screen->target, 0, 0,
+- PIPE_BIND_RENDER_TARGET) ||
+- pscreen->is_format_supported(pscreen, format, screen->target, 0, 0,
+- PIPE_BIND_SAMPLER_VIEW) ||
+- dri2_yuv_dma_buf_supported(screen, map)) {
+- if (pscreen->query_dmabuf_modifiers != NULL)
++ PIPE_BIND_RENDER_TARGET) ||
++ native_sampling ||
++ dri2_yuv_dma_buf_supported(screen, map)) {
++ if (pscreen->query_dmabuf_modifiers != NULL) {
+ pscreen->query_dmabuf_modifiers(pscreen, format, max, modifiers,
+ external_only, count);
+- else
++ if (!native_sampling && external_only) {
++ /* To support it using YUV lowering, we need it to be samplerExternalOES.
++ */
++ for (int i = 0; i < *count; i++)
++ external_only[i] = true;
++ }
++ } else {
+ *count = 0;
++ }
+ return true;
+ }
+ return false;
diff --git a/meta/recipes-graphics/mesa/mesa.inc b/meta/recipes-graphics/mesa/mesa.inc
index a85f94c75e..cfc1bc1d36 100644
--- a/meta/recipes-graphics/mesa/mesa.inc
+++ b/meta/recipes-graphics/mesa/mesa.inc
@@ -19,6 +19,7 @@ SRC_URI = "https://mesa.freedesktop.org/archive/mesa-${PV}.tar.xz \
file://0002-meson.build-make-TLS-ELF-optional.patch \
file://0001-meson-misdetects-64bit-atomics-on-mips-clang.patch \
file://0001-futex.h-Define-__NR_futex-if-it-does-not-exist.patch \
+ file://0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch \
"
SRC_URI[sha256sum] = "565c6f4bd2d5747b919454fc1d439963024fc78ca56fd05158c3b2cde2f6912b"
@@ -252,7 +253,7 @@ python mesa_populate_packages() {
import re
dri_drivers_root = oe.path.join(d.getVar('PKGD'), d.getVar('libdir'), "dri")
if os.path.isdir(dri_drivers_root):
- dri_pkgs = os.listdir(dri_drivers_root)
+ dri_pkgs = sorted(os.listdir(dri_drivers_root))
lib_name = d.expand("${MLPREFIX}mesa-megadriver")
for p in dri_pkgs:
m = re.match(r'^(.*)_dri\.so$', p)
diff --git a/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb b/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb
index 58a6997ffe..88101b5dcc 100644
--- a/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb
+++ b/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb
@@ -7,7 +7,7 @@ PV = "1.4.7+git${SRCPV}"
# Exclude x.99.x versions from upstream checks
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>^\d+(\.(?!99)\d+)+)"
-SRC_URI = "git://github.com/clutter-project/mx.git;branch=mx-1.4 \
+SRC_URI = "git://github.com/clutter-project/mx.git;branch=mx-1.4;protocol=https \
file://fix-test-includes.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/piglit/piglit_git.bb b/meta/recipes-graphics/piglit/piglit_git.bb
index 14f4c75a2c..96ec93071d 100644
--- a/meta/recipes-graphics/piglit/piglit_git.bb
+++ b/meta/recipes-graphics/piglit/piglit_git.bb
@@ -6,7 +6,7 @@ BUGTRACKER = "https://gitlab.freedesktop.org/mesa/piglit/-/issues"
LICENSE = "MIT & LGPLv2+ & GPLv3 & GPLv2+ & BSD-3-Clause"
LIC_FILES_CHKSUM = "file://COPYING;md5=b2beded7103a3d8a442a2a0391d607b0"
-SRC_URI = "git://gitlab.freedesktop.org/mesa/piglit.git;protocol=https \
+SRC_URI = "git://gitlab.freedesktop.org/mesa/piglit.git;protocol=https;branch=master \
file://0001-cmake-install-bash-completions-in-the-right-place.patch \
file://0001-cmake-use-proper-WAYLAND_INCLUDE_DIRS-variable.patch \
file://0001-Add-a-missing-include-for-htobe32-definition.patch \
diff --git a/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb b/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb
index 7a43af5e6b..ea7e17305e 100644
--- a/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb
+++ b/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb
@@ -8,7 +8,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c938b85bceb8fb26c1a807f28a52ae2d"
SRCREV = "bcf55210f13a4fa3c3d0963b509ff1070e434c79"
-SRC_URI = "git://github.com/KhronosGroup/SPIRV-Headers;protocol=https"
+SRC_URI = "git://github.com/KhronosGroup/SPIRV-Headers;protocol=https;branch=master"
UPSTREAM_CHECK_GITTAGREGEX = "^(?P<pver>\d+(\.\d+)+)$"
S = "${WORKDIR}/git"
PV .= "+git${SRCPV}"
diff --git a/meta/recipes-graphics/spir/spirv-tools_2020.7.bb b/meta/recipes-graphics/spir/spirv-tools_2020.7.bb
index 8be698533a..9a06408526 100644
--- a/meta/recipes-graphics/spir/spirv-tools_2020.7.bb
+++ b/meta/recipes-graphics/spir/spirv-tools_2020.7.bb
@@ -8,7 +8,7 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
SRCREV = "2573fd781b5408cd7fe5755a78b60d767a748ff9"
-SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git \
+SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git;branch=master;protocol=https \
file://0001-fix-strncpy-bound-error.patch \
"
UPSTREAM_CHECK_GITTAGREGEX = "^v(?P<pver>\d+(\.\d+)+)$"
diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0135.patch b/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0135.patch
new file mode 100644
index 0000000000..ae42dc8f6c
--- /dev/null
+++ b/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0135.patch
@@ -0,0 +1,117 @@
+From 63aee871365f9c9e7fa9125672302a0fb250d34d Mon Sep 17 00:00:00 2001
+From: Gert Wollny <gert.wollny@collabora.com>
+Date: Tue, 30 Nov 2021 09:16:24 +0100
+Subject: [PATCH 2/2] vrend: propperly check whether the shader image range is
+ correct
+
+Also add a test to check the integer underflow.
+
+Closes: #251
+Signed-off-by: Gert Wollny <gert.wollny@collabora.com>
+Reviewed-by: Chia-I Wu <olvaffe@gmail.com>
+
+cherry-pick from anongit.freedesktop.org/virglrenderer
+commit 2aed5d4...
+
+CVE: CVE-2022-0135
+Upstream-Status: Backport
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+---
+ src/vrend_decode.c | 3 +-
+ tests/test_fuzzer_formats.c | 57 +++++++++++++++++++++++++++++++++++++
+ 2 files changed, 59 insertions(+), 1 deletion(-)
+
+diff --git a/src/vrend_decode.c b/src/vrend_decode.c
+index 91f5f24..6771b10 100644
+--- a/src/vrend_decode.c
++++ b/src/vrend_decode.c
+@@ -1249,8 +1249,9 @@ static int vrend_decode_set_shader_images(struct vrend_context *ctx, const uint3
+ if (num_images < 1) {
+ return 0;
+ }
++
+ if (start_slot > PIPE_MAX_SHADER_IMAGES ||
+- start_slot > PIPE_MAX_SHADER_IMAGES - num_images)
++ start_slot + num_images > PIPE_MAX_SHADER_IMAGES)
+ return EINVAL;
+
+ for (uint32_t i = 0; i < num_images; i++) {
+diff --git a/tests/test_fuzzer_formats.c b/tests/test_fuzzer_formats.c
+index 154a2e5..e32caf0 100644
+--- a/tests/test_fuzzer_formats.c
++++ b/tests/test_fuzzer_formats.c
+@@ -958,6 +958,61 @@ static void test_vrend_set_signle_abo_heap_overflow() {
+ virgl_renderer_submit_cmd((void *) cmd, ctx_id, 0xde);
+ }
+
++static void test_vrend_set_shader_images_overflow()
++{
++ uint32_t num_shaders = PIPE_MAX_SHADER_IMAGES + 1;
++ uint32_t size = num_shaders * VIRGL_SET_SHADER_IMAGE_ELEMENT_SIZE + 3;
++ uint32_t cmd[size];
++ int i = 0;
++ cmd[i++] = ((size - 1)<< 16) | 0 << 8 | VIRGL_CCMD_SET_SHADER_IMAGES;
++ cmd[i++] = PIPE_SHADER_FRAGMENT;
++ memset(&cmd[i], 0, size - i);
++
++ virgl_renderer_submit_cmd((void *) cmd, ctx_id, size);
++}
++
++/* Test adapted from yaojun8558363@gmail.com:
++ * https://gitlab.freedesktop.org/virgl/virglrenderer/-/issues/250
++*/
++static void test_vrend_3d_resource_overflow() {
++
++ struct virgl_renderer_resource_create_args resource;
++ resource.handle = 0x4c474572;
++ resource.target = PIPE_TEXTURE_2D_ARRAY;
++ resource.format = VIRGL_FORMAT_Z24X8_UNORM;
++ resource.nr_samples = 2;
++ resource.last_level = 0;
++ resource.array_size = 3;
++ resource.bind = VIRGL_BIND_SAMPLER_VIEW;
++ resource.depth = 1;
++ resource.width = 8;
++ resource.height = 4;
++ resource.flags = 0;
++
++ virgl_renderer_resource_create(&resource, NULL, 0);
++ virgl_renderer_ctx_attach_resource(ctx_id, resource.handle);
++
++ uint32_t size = 0x400;
++ uint32_t cmd[size];
++ int i = 0;
++ cmd[i++] = (size - 1) << 16 | 0 << 8 | VIRGL_CCMD_RESOURCE_INLINE_WRITE;
++ cmd[i++] = resource.handle;
++ cmd[i++] = 0; // level
++ cmd[i++] = 0; // usage
++ cmd[i++] = 0; // stride
++ cmd[i++] = 0; // layer_stride
++ cmd[i++] = 0; // x
++ cmd[i++] = 0; // y
++ cmd[i++] = 0; // z
++ cmd[i++] = 8; // w
++ cmd[i++] = 4; // h
++ cmd[i++] = 3; // d
++ memset(&cmd[i], 0, size - i);
++
++ virgl_renderer_submit_cmd((void *) cmd, ctx_id, size);
++}
++
++
+ int main()
+ {
+ initialize_environment();
+@@ -980,6 +1035,8 @@ int main()
+ test_cs_nullpointer_deference();
+ test_vrend_set_signle_abo_heap_overflow();
+
++ test_vrend_set_shader_images_overflow();
++ test_vrend_3d_resource_overflow();
+
+ virgl_renderer_context_destroy(ctx_id);
+ virgl_renderer_cleanup(&cookie);
+--
+2.25.1
+
diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0175.patch b/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0175.patch
new file mode 100644
index 0000000000..8bbb9eb579
--- /dev/null
+++ b/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0175.patch
@@ -0,0 +1,112 @@
+From 5ca7aca001092c557f0b6fc1ba3db7dcdab860b7 Mon Sep 17 00:00:00 2001
+From: Gert Wollny <gert.wollny@collabora.com>
+Date: Tue, 30 Nov 2021 09:29:42 +0100
+Subject: [PATCH 1/2] vrend: clear memory when allocating a host-backed memory
+ resource
+
+Closes: #249
+Signed-off-by: Gert Wollny <gert.wollny@collabora.com>
+Reviewed-by: Chia-I Wu <olvaffe@gmail.com>
+
+cherry-pick from anongit.freedesktop.org/virglrenderer
+commit b05bb61...
+
+CVE: CVE-2022-0175
+Upstream-Status: Backport
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+Patch to vrend_renderer.c modified to apply to version used by hardknott.
+Patch to test_virgl_transfer.c unchanged.
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+---
+ src/vrend_renderer.c | 2 +-
+ tests/test_virgl_transfer.c | 51 +++++++++++++++++++++++++++++++++++++
+ 2 files changed, 52 insertions(+), 1 deletion(-)
+
+diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c
+index ad7a351..d84f785 100644
+--- a/src/vrend_renderer.c
++++ b/src/vrend_renderer.c
+@@ -6646,7 +6646,7 @@ int vrend_renderer_resource_create(struct vrend_renderer_resource_create_args *a
+ if (args->bind == VIRGL_BIND_CUSTOM) {
+ /* use iovec directly when attached */
+ gr->storage_bits |= VREND_STORAGE_HOST_SYSTEM_MEMORY;
+- gr->ptr = malloc(args->width);
++ gr->ptr = calloc(1, args->width);
+ if (!gr->ptr) {
+ FREE(gr);
+ return ENOMEM;
+diff --git a/tests/test_virgl_transfer.c b/tests/test_virgl_transfer.c
+index 2c8669a..8f8e98a 100644
+--- a/tests/test_virgl_transfer.c
++++ b/tests/test_virgl_transfer.c
+@@ -952,6 +952,56 @@ START_TEST(virgl_test_transfer_near_res_bounds_with_stride_succeeds)
+ }
+ END_TEST
+
++START_TEST(test_vrend_host_backed_memory_no_data_leak)
++{
++ struct iovec iovs[1];
++ int niovs = 1;
++
++ struct virgl_context ctx = {0};
++
++ int ret = testvirgl_init_ctx_cmdbuf(&ctx);
++
++ struct virgl_renderer_resource_create_args res;
++ res.handle = 0x400;
++ res.target = PIPE_BUFFER;
++ res.format = VIRGL_FORMAT_R8_UNORM;
++ res.nr_samples = 0;
++ res.last_level = 0;
++ res.array_size = 1;
++ res.bind = VIRGL_BIND_CUSTOM;
++ res.depth = 1;
++ res.width = 32;
++ res.height = 1;
++ res.flags = 0;
++
++ uint32_t size = 32;
++ uint8_t* data = calloc(1, size);
++ memset(data, 1, 32);
++ iovs[0].iov_base = data;
++ iovs[0].iov_len = size;
++
++ struct pipe_box box = {0,0,0, size, 1,1};
++
++ virgl_renderer_resource_create(&res, NULL, 0);
++ virgl_renderer_ctx_attach_resource(ctx.ctx_id, res.handle);
++
++ ret = virgl_renderer_transfer_read_iov(res.handle, ctx.ctx_id, 0, 0, 0,
++ (struct virgl_box *)&box, 0, iovs, niovs);
++
++ ck_assert_int_eq(ret, 0);
++
++ for (int i = 0; i < 32; ++i)
++ ck_assert_int_eq(data[i], 0);
++
++ virgl_renderer_ctx_detach_resource(1, res.handle);
++
++ virgl_renderer_resource_unref(res.handle);
++ free(data);
++
++}
++END_TEST
++
++
+ static Suite *virgl_init_suite(void)
+ {
+ Suite *s;
+@@ -981,6 +1031,7 @@ static Suite *virgl_init_suite(void)
+ tcase_add_test(tc_core, virgl_test_transfer_buffer_bad_strides);
+ tcase_add_test(tc_core, virgl_test_transfer_2d_array_bad_layer_stride);
+ tcase_add_test(tc_core, virgl_test_transfer_2d_bad_level);
++ tcase_add_test(tc_core, test_vrend_host_backed_memory_no_data_leak);
+
+ tcase_add_loop_test(tc_core, virgl_test_transfer_res_read_valid, 0, PIPE_MAX_TEXTURE_TYPES);
+ tcase_add_loop_test(tc_core, virgl_test_transfer_res_write_valid, 0, PIPE_MAX_TEXTURE_TYPES);
+--
+2.31.1
+
diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb b/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
index 52821195d1..1c32a573b2 100644
--- a/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
+++ b/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb
@@ -10,9 +10,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c81c08eeefd9418fca8f88309a76db10"
DEPENDS = "libdrm virtual/libgl libepoxy"
SRCREV = "7d204f3927be65fb3365dce01dbcd04d447a4985"
-SRC_URI = "git://anongit.freedesktop.org/virglrenderer \
+SRC_URI = "git://anongit.freedesktop.org/git/virglrenderer;branch=master \
file://0001-gallium-Expand-libc-check-to-be-platform-OS-check.patch \
file://0001-meson.build-use-python3-directly-for-python.patch \
+ file://cve-2022-0135.patch \
+ file://cve-2022-0175.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/vulkan/assimp_5.0.1.bb b/meta/recipes-graphics/vulkan/assimp_5.0.1.bb
index 5a8c62e64d..295ac12fc5 100644
--- a/meta/recipes-graphics/vulkan/assimp_5.0.1.bb
+++ b/meta/recipes-graphics/vulkan/assimp_5.0.1.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2119edef0916b0bd511cb3c731076271"
DEPENDS = "zlib"
-SRC_URI = "git://github.com/assimp/assimp.git;branch=assimp_5.0_release \
+SRC_URI = "git://github.com/assimp/assimp.git;branch=assimp_5.0_release;protocol=https \
file://0001-closes-https-github.com-assimp-assimp-issues-2733-up.patch \
file://0001-Use-ASSIMP_LIB_INSTALL_DIR-to-search-library.patch \
"
diff --git a/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb
index 4c9c94f3d2..b0211432ab 100644
--- a/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb
@@ -9,7 +9,7 @@ SECTION = "libs"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57"
-SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=master"
+SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=master;protocol=https"
SRCREV = "1d99b835ec3cd5a7fb2f2a2dd9a615ee2d1f0101"
diff --git a/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb
index 6b6ed06dbb..a866f0a5cb 100644
--- a/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb
@@ -9,7 +9,7 @@ SECTION = "libs"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=7dbefed23242760aa3475ee42801c5ac"
-SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git \
+SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git;branch=master;protocol=https \
"
SRCREV = "c5678a03db383fd0dc5bfb8e9a383043bdbcb57b"
diff --git a/meta/recipes-graphics/vulkan/vulkan-samples_git.bb b/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
index b7c38f6543..07d6e9d735 100644
--- a/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-samples_git.bb
@@ -5,7 +5,7 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=48aa35cefb768436223a6e7f18dc2a2a"
-SRC_URI = "gitsm://github.com/KhronosGroup/Vulkan-Samples.git \
+SRC_URI = "gitsm://github.com/KhronosGroup/Vulkan-Samples.git;branch=master;protocol=https \
file://0001-CMakeLists.txt-do-not-hardcode-lib-as-installation-t.patch \
file://debugfix.patch \
"
diff --git a/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb
index 0c8bcaa085..d81dc14472 100644
--- a/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb
+++ b/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb
@@ -6,7 +6,7 @@ SECTION = "libs"
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57"
-SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=sdk-1.2.170"
+SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=sdk-1.2.170;protocol=https"
SRCREV = "88ea55de928a08ba5c5f65a93d1e7c8f666fc43f"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-graphics/waffle/waffle_1.6.1.bb b/meta/recipes-graphics/waffle/waffle_1.6.1.bb
index 07d7279c2b..5e5b227a40 100644
--- a/meta/recipes-graphics/waffle/waffle_1.6.1.bb
+++ b/meta/recipes-graphics/waffle/waffle_1.6.1.bb
@@ -3,17 +3,15 @@ DESCRIPTION = "A cross-platform C library that allows one to defer selection \
of an OpenGL API and window system until runtime. For example, on Linux, Waffle \
enables an application to select X11/EGL with an OpenGL 3.3 core profile, \
Wayland with OpenGL ES2, and other window system / API combinations."
-HOMEPAGE = "http://www.waffle-gl.org/"
+HOMEPAGE = "https://gitlab.freedesktop.org/mesa/waffle"
BUGTRACKER = "https://gitlab.freedesktop.org/mesa/waffle"
LICENSE = "BSD-2-Clause"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=4c5154407c2490750dd461c50ad94797 \
file://include/waffle/waffle.h;endline=24;md5=61dbf8697f61c78645e75a93c585b1bf"
-SRC_URI = "http://waffle-gl.org/files/release/${BPN}-${PV}/${BPN}-${PV}.tar.xz"
-SRC_URI[md5sum] = "c91529e579483f44fb330052872b9c73"
-SRC_URI[sha256sum] = "31565649ff0e2d8dff1b8f7f2264ab7a78452063c7e04adfc4ce03e64b655080"
-
-UPSTREAM_CHECK_URI = "http://www.waffle-gl.org/releases.html"
+SRC_URI = "git://gitlab.freedesktop.org/mesa/waffle.git;protocol=https;branch=maint-1.6"
+SRCREV = "d7e8c4759704b3c571fa3697c716279c26fd05eb"
+S = "${WORKDIR}/git"
inherit meson features_check lib_package bash-completion
diff --git a/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb b/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb
index 3fb78f658c..35a46dbb08 100644
--- a/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb
+++ b/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb
@@ -20,3 +20,7 @@ inherit allarch autotools pkgconfig
PACKAGES = "${PN}"
FILES_${PN} += "${datadir}/pkgconfig/wayland-protocols.pc"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb b/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
index d2a16643fe..e524b82dd6 100644
--- a/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
+++ b/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb
@@ -12,7 +12,7 @@ inherit autotools pkgconfig features_check
REQUIRED_DISTRO_FEATURES = "x11"
SRCREV = "18ec53f1cada39f905614ebfaffed5c7754ecf46"
-SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput \
+SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput;protocol=https \
file://30xinput_calibrate.sh \
file://Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch \
file://0001-calibrator.hh-Include-string-to-get-std-string.patch \
diff --git a/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb b/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb
index 161371b118..73c0cdc385 100644
--- a/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb
+++ b/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb
@@ -13,7 +13,7 @@ SRCREV = "f66d39544bb8339130c96d282a80f87ca1606caf"
PV = "2.99.917+git${SRCPV}"
S = "${WORKDIR}/git"
-SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-intel \
+SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-intel;branch=master \
file://0001-Sync-i915_pciids-upto-8717c6b7414f.patch \
file://0001-i810-Avoid-duplicate-definition-of-I810PatternROP.patch \
"
diff --git a/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb b/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb
index 713fcfb935..02c8cff25d 100644
--- a/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb
+++ b/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb
@@ -23,3 +23,7 @@ EXTRA_OECONF += "--with-encodingsdir=${datadir}/fonts/X11/encodings"
# postinst from .inc doesn't apply to this recipe
pkg_postinst_${PN} () {
}
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index b3e03744c0..d83cb94317 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
@@ -17,7 +17,15 @@ PE = "2"
XORG_PN = "xorg-server"
SRC_URI = "${XORG_MIRROR}/individual/xserver/${XORG_PN}-${PV}.tar.bz2"
-CVE_PRODUCT = "xorg-server"
+CVE_PRODUCT = "xorg-server x_server"
+# This is specific to Debian's xserver-wrapper.c
+CVE_CHECK_WHITELIST += "CVE-2011-4613"
+# As per upstream, exploiting this flaw is non-trivial and it requires exact
+# timing on the behalf of the attacker. Many graphical applications exit if their
+# connection to the X server is lost, so a typical desktop session is either
+# impossible or difficult to exploit. There is currently no upstream patch
+# available for this flaw.
+CVE_CHECK_WHITELIST += "CVE-2020-25697"
S = "${WORKDIR}/${XORG_PN}-${PV}"
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4008.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4008.patch
new file mode 100644
index 0000000000..3277be0185
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4008.patch
@@ -0,0 +1,59 @@
+Backport patch to fix CVE-2021-4008.
+
+CVE: CVE-2021-4008
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/ebce7e2]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60 Mon Sep 17 00:00:00 2001
+From: Povilas Kanapickas <povilas@radix.lt>
+Date: Tue, 14 Dec 2021 15:00:03 +0200
+Subject: [PATCH] render: Fix out of bounds access in
+ SProcRenderCompositeGlyphs()
+
+ZDI-CAN-14192, CVE-2021-4008
+
+This vulnerability was discovered and the fix was suggested by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
+---
+ render/render.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/render/render.c b/render/render.c
+index c376090ca..456f156d4 100644
+--- a/render/render.c
++++ b/render/render.c
+@@ -2309,6 +2309,9 @@ SProcRenderCompositeGlyphs(ClientPtr client)
+
+ i = elt->len;
+ if (i == 0xff) {
++ if (buffer + 4 > end) {
++ return BadLength;
++ }
+ swapl((int *) buffer);
+ buffer += 4;
+ }
+@@ -2319,12 +2322,18 @@ SProcRenderCompositeGlyphs(ClientPtr client)
+ buffer += i;
+ break;
+ case 2:
++ if (buffer + i * 2 > end) {
++ return BadLength;
++ }
+ while (i--) {
+ swaps((short *) buffer);
+ buffer += 2;
+ }
+ break;
+ case 4:
++ if (buffer + i * 4 > end) {
++ return BadLength;
++ }
+ while (i--) {
+ swapl((int *) buffer);
+ buffer += 4;
+--
+GitLab
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4009.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4009.patch
new file mode 100644
index 0000000000..ddfbb43ee4
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4009.patch
@@ -0,0 +1,50 @@
+Backport patch to fix CVE-2021-4009.
+
+CVE: CVE-2021-4009
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/b519675]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From b5196750099ae6ae582e1f46bd0a6dad29550e02 Mon Sep 17 00:00:00 2001
+From: Povilas Kanapickas <povilas@radix.lt>
+Date: Tue, 14 Dec 2021 15:00:01 +0200
+Subject: [PATCH] xfixes: Fix out of bounds access in
+ *ProcXFixesCreatePointerBarrier()
+
+ZDI-CAN-14950, CVE-2021-4009
+
+This vulnerability was discovered and the fix was suggested by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
+---
+ xfixes/cursor.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/xfixes/cursor.c b/xfixes/cursor.c
+index 60580b88f..c5d4554b2 100644
+--- a/xfixes/cursor.c
++++ b/xfixes/cursor.c
+@@ -1010,7 +1010,8 @@ ProcXFixesCreatePointerBarrier(ClientPtr client)
+ {
+ REQUEST(xXFixesCreatePointerBarrierReq);
+
+- REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, pad_to_int32(stuff->num_devices));
++ REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq,
++ pad_to_int32(stuff->num_devices * sizeof(CARD16)));
+ LEGAL_NEW_RESOURCE(stuff->barrier, client);
+
+ return XICreatePointerBarrier(client, stuff);
+@@ -1027,7 +1028,8 @@ SProcXFixesCreatePointerBarrier(ClientPtr client)
+
+ swaps(&stuff->length);
+ swaps(&stuff->num_devices);
+- REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, pad_to_int32(stuff->num_devices));
++ REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq,
++ pad_to_int32(stuff->num_devices * sizeof(CARD16)));
+
+ swapl(&stuff->barrier);
+ swapl(&stuff->window);
+--
+GitLab
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4010.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4010.patch
new file mode 100644
index 0000000000..06ebe7d077
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4010.patch
@@ -0,0 +1,39 @@
+Backport patch to fix CVE-2021-4010.
+
+CVE: CVE-2021-4010
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/6c4c530]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 6c4c53010772e3cb4cb8acd54950c8eec9c00d21 Mon Sep 17 00:00:00 2001
+From: Povilas Kanapickas <povilas@radix.lt>
+Date: Tue, 14 Dec 2021 15:00:02 +0200
+Subject: [PATCH] Xext: Fix out of bounds access in SProcScreenSaverSuspend()
+
+ZDI-CAN-14951, CVE-2021-4010
+
+This vulnerability was discovered and the fix was suggested by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
+---
+ Xext/saver.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Xext/saver.c b/Xext/saver.c
+index 1d7e3cadf..f813ba08d 100644
+--- a/Xext/saver.c
++++ b/Xext/saver.c
+@@ -1351,8 +1351,8 @@ SProcScreenSaverSuspend(ClientPtr client)
+ REQUEST(xScreenSaverSuspendReq);
+
+ swaps(&stuff->length);
+- swapl(&stuff->suspend);
+ REQUEST_SIZE_MATCH(xScreenSaverSuspendReq);
++ swapl(&stuff->suspend);
+ return ProcScreenSaverSuspend(client);
+ }
+
+--
+GitLab
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4011.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4011.patch
new file mode 100644
index 0000000000..c7eb03091d
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4011.patch
@@ -0,0 +1,40 @@
+Backport patch to fix CVE-2021-4011.
+
+CVE: CVE-2021-4011
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/e56f61c]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From e56f61c79fc3cee26d83cda0f84ae56d5979f768 Mon Sep 17 00:00:00 2001
+From: Povilas Kanapickas <povilas@radix.lt>
+Date: Tue, 14 Dec 2021 15:00:00 +0200
+Subject: [PATCH] record: Fix out of bounds access in SwapCreateRegister()
+
+ZDI-CAN-14952, CVE-2021-4011
+
+This vulnerability was discovered and the fix was suggested by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
+---
+ record/record.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/record/record.c b/record/record.c
+index be154525d..e123867a7 100644
+--- a/record/record.c
++++ b/record/record.c
+@@ -2516,8 +2516,8 @@ SwapCreateRegister(ClientPtr client, xRecordRegisterClientsReq * stuff)
+ swapl(pClientID);
+ }
+ if (stuff->nRanges >
+- client->req_len - bytes_to_int32(sz_xRecordRegisterClientsReq)
+- - stuff->nClients)
++ (client->req_len - bytes_to_int32(sz_xRecordRegisterClientsReq)
++ - stuff->nClients) / bytes_to_int32(sz_xRecordRange))
+ return BadLength;
+ RecordSwapRanges((xRecordRange *) pClientID, stuff->nRanges);
+ return Success;
+--
+GitLab
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
index e0551fa999..58f1eb328e 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb
@@ -9,6 +9,10 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat
file://0001-Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch \
file://CVE-2021-3472.patch \
file://0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch \
+ file://CVE-2021-4008.patch \
+ file://CVE-2021-4009.patch \
+ file://CVE-2021-4010.patch \
+ file://CVE-2021-4011.patch \
"
SRC_URI[sha256sum] = "977420c082450dc808de301ef56af4856d653eea71519a973c3490a780cb7c99"
diff --git a/meta/recipes-kernel/blktrace/blktrace_git.bb b/meta/recipes-kernel/blktrace/blktrace_git.bb
index 7ccc022b93..2110bc75fa 100644
--- a/meta/recipes-kernel/blktrace/blktrace_git.bb
+++ b/meta/recipes-kernel/blktrace/blktrace_git.bb
@@ -14,7 +14,7 @@ SRCREV = "cca113f2fe0759b91fd6a0e10fdcda2c28f18a7e"
PV = "1.2.0+git${SRCPV}"
-SRC_URI = "git://git.kernel.dk/blktrace.git \
+SRC_URI = "git://git.kernel.dk/blktrace.git;branch=master \
file://ldflags.patch \
file://CVE-2018-10689.patch \
file://make-btt-scripts-python3-ready.patch \
diff --git a/meta/recipes-kernel/cryptodev/cryptodev.inc b/meta/recipes-kernel/cryptodev/cryptodev.inc
index ae2c308911..6ada0b0295 100644
--- a/meta/recipes-kernel/cryptodev/cryptodev.inc
+++ b/meta/recipes-kernel/cryptodev/cryptodev.inc
@@ -8,7 +8,7 @@ API is compatible with OpenBSD's cryptodev userspace API (/dev/crypto)."
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux \
+SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux;branch=master;protocol=https \
"
SRCREV = "e0c25e289d6baf1d83c2b9cb523d3bc237d0c0c9"
diff --git a/meta/recipes-kernel/dtc/dtc.inc b/meta/recipes-kernel/dtc/dtc.inc
index 5da6c24fbf..461ab8fbd3 100644
--- a/meta/recipes-kernel/dtc/dtc.inc
+++ b/meta/recipes-kernel/dtc/dtc.inc
@@ -5,7 +5,7 @@ SECTION = "bootloader"
LICENSE = "GPLv2 | BSD"
DEPENDS = "flex-native bison-native"
-SRC_URI = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git \
+SRC_URI = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git;branch=master \
file://make_install.patch \
file://0001-dtc-Fix-Makefile-to-add-CFLAGS-not-override.patch \
"
diff --git a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
index e967f485c1..ef035aed23 100644
--- a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
+++ b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
@@ -14,7 +14,7 @@ PV = "0.2+git${SRCPV}"
inherit native
-SRC_URI = "git://git.yoctoproject.org/yocto-kernel-tools.git"
+SRC_URI = "git://git.yoctoproject.org/yocto-kernel-tools.git;branch=master"
S = "${WORKDIR}/git"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/meta/recipes-kernel/kmod/kmod.inc b/meta/recipes-kernel/kmod/kmod.inc
index ba5ec7f650..11220c5138 100644
--- a/meta/recipes-kernel/kmod/kmod.inc
+++ b/meta/recipes-kernel/kmod/kmod.inc
@@ -19,7 +19,7 @@ SRCREV = "1ccfe994287119cc6cef37a7ca4c529d89de4b95"
# Lookout for PV bump too when SRCREV is changed
PV = "28"
-SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git \
+SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git;branch=master \
file://depmod-search.conf \
file://avoid_parallel_tests.patch \
"
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20210818.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20220310.bb
index 7f6db18b69..7a6cb1903b 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20210818.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20220310.bb
@@ -72,7 +72,7 @@ LICENSE = "\
LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
file://LICENCE.adsp_sst;md5=615c45b91a5a4a9fe046d6ab9a2df728 \
file://LICENCE.agere;md5=af0133de6b4a9b2522defd5f188afd31 \
- file://LICENSE.amdgpu;md5=d357524f5099e2a3db3c1838921c593f \
+ file://LICENSE.amdgpu;md5=44c1166d052226cb2d6c8d7400090203 \
file://LICENSE.amd-ucode;md5=3c5399dc9148d7f0e1f41e34b69cf14f \
file://LICENSE.amlogic_vdec;md5=dc44f59bf64a81643e500ad3f39a468a \
file://LICENCE.atheros_firmware;md5=30a14c7823beedac9fa39c64fdd01a13 \
@@ -132,7 +132,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \
file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \
file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \
- file://WHENCE;md5=15ad289bf2359e8ecf613f3b04f72fab \
+ file://WHENCE;md5=45a9c4a92d152e9495db81e1192f2bdc \
"
# These are not common licenses, set NO_GENERIC_LICENSE for them
@@ -205,7 +205,7 @@ PE = "1"
SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "bef3d317c348d962b3a1b95cb4e19ea4f282e18112b2c669cff74f9267ce3893"
+SRC_URI[sha256sum] = "5938ee717b2023b48f6bfcf344b40ddc947e3e22c0bc36d4c3418f90fea68182"
inherit allarch
@@ -751,6 +751,7 @@ FILES_${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pc
FILES_${PN}-bcm4373 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.bin \
${nonarch_base_libdir}/firmware/brcm/brcmfmac4373.bin \
${nonarch_base_libdir}/firmware/cypress/cyfmac4373-sdio.bin \
+ ${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.clm_blob \
"
LICENSE_${PN}-bcm-0bb4-0306 = "Firmware-cypress"
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
index a27c67be1a..50e6a9f1e2 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "31e2870ebfd892708e8c5f3aced96565e2456ed9"
-SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6"
+SRCREV_machine ?= "7f96d3fd60eea0ab38afdf07b3fc7c8c9f501802"
+SRCREV_meta ?= "24ab54209a8822aad92afe2c51ea5b95f5175394"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.10.63"
+LINUX_VERSION ?= "5.10.107"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 7589d8ee1a..2134f848b2 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "7f67141bca949eff8953f965c26475286d1a20cf"
-SRCREV_meta ?= "e4ccb53f204f722583178a9249fbf5d745f0d56a"
+SRCREV_machine ?= "40423bc7ab2cc609f955a3dc16a0d854c1504ce3"
+SRCREV_meta ?= "e8c675c7e11fbd96cd812dfb9f4f6fb6f92b6abb"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.4.144"
+LINUX_VERSION ?= "5.4.178"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
index fc6accac39..8f22c89165 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.10.63"
+LINUX_VERSION ?= "5.10.107"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "96ec3026283d29493f757a077f9c51e6d698c634"
-SRCREV_machine ?= "29ff88e6cdf170fbf71e27de32c09e4f6db95078"
-SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6"
+SRCREV_machine_qemuarm ?= "d47f1b40f2f77d0c810defd853c69eb39cb84bf5"
+SRCREV_machine ?= "1ae0844c6a36151066744e43fd30db3a946bc21d"
+SRCREV_meta ?= "24ab54209a8822aad92afe2c51ea5b95f5175394"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 5ee1d359b2..35177d4f6c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.4.144"
+LINUX_VERSION ?= "5.4.178"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "08336ce8b4ebc2b21c28488c85098c6816f3d99f"
-SRCREV_machine ?= "8220749d3e8643091b118d93a857333e2c91a1eb"
-SRCREV_meta ?= "e4ccb53f204f722583178a9249fbf5d745f0d56a"
+SRCREV_machine_qemuarm ?= "f6e09845d8bf3c307da395497b21c1ff17ef575c"
+SRCREV_machine ?= "a7ba52065be4401b5d73b6b020770f7d260b7bf1"
+SRCREV_meta ?= "e8c675c7e11fbd96cd812dfb9f4f6fb6f92b6abb"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
index 49f9ef95d8..5ce504812f 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
@@ -13,17 +13,17 @@ KBRANCH_qemux86 ?= "v5.10/standard/base"
KBRANCH_qemux86-64 ?= "v5.10/standard/base"
KBRANCH_qemumips64 ?= "v5.10/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "36e0cc294f77cf72b01a1f9ea62bb13d1ab0693e"
-SRCREV_machine_qemuarm64 ?= "a1c9c936088b6cf4ec56f5180672d6f0e8e3b955"
-SRCREV_machine_qemumips ?= "4962920baaee3235448b48e992a3da0259dcfa57"
-SRCREV_machine_qemuppc ?= "57b30ad7f8a6c3be0ad8eac742476da3f97c23f3"
-SRCREV_machine_qemuriscv64 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4"
-SRCREV_machine_qemuriscv32 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4"
-SRCREV_machine_qemux86 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4"
-SRCREV_machine_qemux86-64 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4"
-SRCREV_machine_qemumips64 ?= "a615aa60bc10bea5262f2d65da7ddff4ba32146e"
-SRCREV_machine ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4"
-SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6"
+SRCREV_machine_qemuarm ?= "2ef8231651bb6a4c79b307f59a794b92238546ec"
+SRCREV_machine_qemuarm64 ?= "00684b441f15d202c5849eed164a9b3b94a5c1e8"
+SRCREV_machine_qemumips ?= "661a4f517906253e074fe301d68ff1e6b6968e9f"
+SRCREV_machine_qemuppc ?= "bff933cb7a11019c64e6034c48ab79453f75b99e"
+SRCREV_machine_qemuriscv64 ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27"
+SRCREV_machine_qemuriscv32 ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27"
+SRCREV_machine_qemux86 ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27"
+SRCREV_machine_qemux86-64 ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27"
+SRCREV_machine_qemumips64 ?= "7a89b456542ff1fa0ab71fa4a2ae6f04281f3a2d"
+SRCREV_machine ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27"
+SRCREV_meta ?= "24ab54209a8822aad92afe2c51ea5b95f5175394"
# remap qemuarm to qemuarma15 for the 5.8 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -32,11 +32,11 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.10.63"
+LINUX_VERSION ?= "5.10.107"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
-DEPENDS += "gmp-native"
+DEPENDS += "gmp-native libmpc-native"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index b600211bde..ae9dbca3af 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base"
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "78a2f9d323a755a34cdc96af4bcf61ffd32a3db0"
-SRCREV_machine_qemuarm64 ?= "aa6ec6934e35c8b0948f6b7c9bdbdef45d72be35"
-SRCREV_machine_qemumips ?= "a892524441b30e5e8c491e22e36e3473fc6a0fe0"
-SRCREV_machine_qemuppc ?= "784ca7c7837811123b5bd97cde964e45fbf5179b"
-SRCREV_machine_qemuriscv64 ?= "e3134debcf01f0aa20103e22fe2ef5fc7c201120"
-SRCREV_machine_qemux86 ?= "e3134debcf01f0aa20103e22fe2ef5fc7c201120"
-SRCREV_machine_qemux86-64 ?= "e3134debcf01f0aa20103e22fe2ef5fc7c201120"
-SRCREV_machine_qemumips64 ?= "d765ea7455bf978a9a86e8e90e032336b0baf887"
-SRCREV_machine ?= "e3134debcf01f0aa20103e22fe2ef5fc7c201120"
-SRCREV_meta ?= "e4ccb53f204f722583178a9249fbf5d745f0d56a"
+SRCREV_machine_qemuarm ?= "b3ee7c62bf5a5ce3c7e30aff6c3dd9f70a847a28"
+SRCREV_machine_qemuarm64 ?= "bf6581eba15cb43af60fda7053edaf66990c18ac"
+SRCREV_machine_qemumips ?= "05580fff716df568dc3f737b288e0e514a908572"
+SRCREV_machine_qemuppc ?= "0a016b0775980f67d686e47cc8637adec46856dc"
+SRCREV_machine_qemuriscv64 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064"
+SRCREV_machine_qemux86 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064"
+SRCREV_machine_qemux86-64 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064"
+SRCREV_machine_qemumips64 ?= "68f35eeca08d2a681495fd3a7b823ac34d9a97bc"
+SRCREV_machine ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064"
+SRCREV_meta ?= "e8c675c7e11fbd96cd812dfb9f4f6fb6f92b6abb"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.144"
+LINUX_VERSION ?= "5.4.178"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
diff --git a/meta/recipes-kernel/lttng/lttng-modules_2.12.6.bb b/meta/recipes-kernel/lttng/lttng-modules_2.12.8.bb
index 1dff2b05f7..eff97f27af 100644
--- a/meta/recipes-kernel/lttng/lttng-modules_2.12.6.bb
+++ b/meta/recipes-kernel/lttng/lttng-modules_2.12.8.bb
@@ -13,7 +13,7 @@ SRC_URI = "https://lttng.org/files/${BPN}/${BPN}-${PV}.tar.bz2 \
file://Makefile-Do-not-fail-if-CONFIG_TRACEPOINTS-is-not-en.patch \
"
-SRC_URI[sha256sum] = "95ac2a2cf92d85d23ffbdaca6a1ec0d7c167211d1e0fb850ab90004a3f475eaa"
+SRC_URI[sha256sum] = "1302005a982fd4a15cc4843866971008546939f65660023d7762aa046d4b9213"
export INSTALL_MOD_DIR="kernel/lttng-modules"
diff --git a/meta/recipes-kernel/powertop/powertop_2.13.bb b/meta/recipes-kernel/powertop/powertop_2.13.bb
index 8c7e78fd94..dc9c77f337 100644
--- a/meta/recipes-kernel/powertop/powertop_2.13.bb
+++ b/meta/recipes-kernel/powertop/powertop_2.13.bb
@@ -6,7 +6,7 @@ DEPENDS = "ncurses libnl pciutils autoconf-archive"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e"
-SRC_URI = "git://github.com/fenrus75/powertop;protocol=https \
+SRC_URI = "git://github.com/fenrus75/powertop;protocol=https;branch=master \
file://0001-wakeup_xxx.h-include-limits.h.patch \
"
SRCREV = "184cee06b2d64679bae5f806fe0a218827fdde99"
diff --git a/meta/recipes-kernel/systemtap/systemtap_git.inc b/meta/recipes-kernel/systemtap/systemtap_git.inc
index 73fba981b7..38bdbe3cfb 100644
--- a/meta/recipes-kernel/systemtap/systemtap_git.inc
+++ b/meta/recipes-kernel/systemtap/systemtap_git.inc
@@ -3,7 +3,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
SRCREV = "988f439af39a359b4387963ca4633649866d8275"
PV = "4.4"
-SRC_URI = "git://sourceware.org/git/systemtap.git \
+SRC_URI = "git://sourceware.org/git/systemtap.git;branch=master \
file://0001-Do-not-let-configure-write-a-python-location-into-th.patch \
file://0001-Install-python-modules-to-correct-library-dir.patch \
file://0001-staprun-stapbpf-don-t-support-installing-a-non-root.patch \
diff --git a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.02.18.bb
index f79c0b29ea..2d7e5dad9d 100644
--- a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb
+++ b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.02.18.bb
@@ -5,7 +5,7 @@ LICENSE = "ISC"
LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c"
SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz"
-SRC_URI[sha256sum] = "9e4c02b2a9710df4dbdb327c39612e8cbbae6495987afeddaebab28c1ea3d8fa"
+SRC_URI[sha256sum] = "8828c25a4ee25020044004f57374bb9deac852809fad70f8d3d01770bf9ac97f"
inherit bin_package allarch
@@ -41,3 +41,7 @@ do_install_append_class-native() {
RSUGGESTS_${PN} = "crda"
BBCLASSEXTEND = "native"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb b/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb
index 26542fbbbc..0d4a30a304 100644
--- a/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb
+++ b/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb
@@ -20,3 +20,7 @@ do_install() {
PACKAGES = "${PN}"
FILES_${PN} = "*"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb b/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb
index 32cf41c8fd..7787dad268 100644
--- a/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb
+++ b/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb
@@ -21,3 +21,7 @@ do_install() {
PACKAGES = "${PN}"
FILES_${PN} = "*"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch b/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch
new file mode 100644
index 0000000000..b48663ae42
--- /dev/null
+++ b/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch
@@ -0,0 +1,41 @@
+From e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be Mon Sep 17 00:00:00 2001
+From: Neelkamal Semwal <neelkamal.semwal@ittiam.com>
+Date: Fri, 18 Dec 2020 22:28:36 +0530
+Subject: [PATCH] libFlac: Exit at EOS in verify mode
+
+When verify mode is enabled, once decoder flags end of stream,
+encode processing is considered complete.
+
+CVE-2021-0561
+
+Signed-off-by: Ralph Giles <giles@thaumas.net>
+
+Upstream-Status: Backport
+CVE: CVE-2021-0561
+
+Reference to upstream patch:
+https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be
+
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ src/libFLAC/stream_encoder.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/libFLAC/stream_encoder.c b/src/libFLAC/stream_encoder.c
+index 74387ec..8bb0ef3 100644
+--- a/src/libFLAC/stream_encoder.c
++++ b/src/libFLAC/stream_encoder.c
+@@ -2610,7 +2610,9 @@ FLAC__bool write_bitbuffer_(FLAC__StreamEncoder *encoder, uint32_t samples, FLAC
+ encoder->private_->verify.needs_magic_hack = true;
+ }
+ else {
+- if(!FLAC__stream_decoder_process_single(encoder->private_->verify.decoder)) {
++ if(!FLAC__stream_decoder_process_single(encoder->private_->verify.decoder)
++ || (!is_last_block
++ && (FLAC__stream_encoder_get_verify_decoder_state(encoder) == FLAC__STREAM_DECODER_END_OF_STREAM))) {
+ FLAC__bitwriter_release_buffer(encoder->private_->frame);
+ FLAC__bitwriter_clear(encoder->private_->frame);
+ if(encoder->protected_->state != FLAC__STREAM_ENCODER_VERIFY_MISMATCH_IN_AUDIO_DATA)
+--
+2.23.0
+
diff --git a/meta/recipes-multimedia/flac/flac_1.3.3.bb b/meta/recipes-multimedia/flac/flac_1.3.3.bb
index cb6692aedf..d3c352cc44 100644
--- a/meta/recipes-multimedia/flac/flac_1.3.3.bb
+++ b/meta/recipes-multimedia/flac/flac_1.3.3.bb
@@ -15,6 +15,7 @@ LIC_FILES_CHKSUM = "file://COPYING.FDL;md5=ad1419ecc56e060eccf8184a87c4285f \
DEPENDS = "libogg"
SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz \
+ file://CVE-2021-0561.patch \
"
SRC_URI[md5sum] = "26703ed2858c1fc9ffc05136d13daa69"
diff --git a/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.6.bb
index 2a56967f7b..258a0e899c 100644
--- a/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.6.bb
@@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV}
file://0001-connect-has-a-different-signature-on-musl.patch \
"
-SRC_URI[sha256sum] = "ffbd194c40912cb5e7fca2863648bf9dd8257b7af97d3a60c4fcd4efd8526ccf"
+SRC_URI[sha256sum] = "3725622c740a635452e54b79d065f963ab7706ca2403de6c43072ae7610a0de4"
DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
RRECOMMENDS_${PN} = "git"
diff --git a/meta/recipes-multimedia/gstreamer/gst-examples_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gst-examples_1.18.6.bb
index 4670ab34db..5af43d1eda 100644
--- a/meta/recipes-multimedia/gstreamer/gst-examples_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gst-examples_1.18.6.bb
@@ -12,7 +12,7 @@ SRC_URI = "git://gitlab.freedesktop.org/gstreamer/gst-examples.git;protocol=http
file://gst-player.desktop \
"
-SRCREV = "959bb246a5b1f5f9c78557da11c3f22b42ff89c0"
+SRCREV = "70e4fcf4fc8ae19641aa990de5f37d758cdfcea4"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.6.bb
index 6a84f92f31..6229bb4d62 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.6.bb
@@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6762ed442b3822387a51c92d928ead0d \
"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
-SRC_URI[sha256sum] = "344a463badca216c2cef6ee36f9510c190862bdee48dc4591c0a430df7e8c396"
+SRC_URI[sha256sum] = "e4e50dcd5a29441ae34de60d2221057e8064ed824bb6ca4dc0fd9ee88fbe9b81"
S = "${WORKDIR}/gst-libav-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.6.bb
index d38be035f9..04b5dcc4f4 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.6.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
-SRC_URI[sha256sum] = "e35051cf891eb2f31d6fcf176ff37d985f97f33874ac31b0b3ad3b5b95035043"
+SRC_URI[sha256sum] = "b5281c938e959fd2418e989cfb6065fdd9fe5f6f87ee86236c9427166e708163"
S = "${WORKDIR}/gst-omx-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.6.bb
index ce2082ee32..63e3488e9e 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.6.bb
@@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad
file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
file://0005-msdk-fix-includedir-path.patch \
"
-SRC_URI[sha256sum] = "74e806bc5595b18c70e9ca93571e27e79dfb808e5d2e7967afa952b52e99c85f"
+SRC_URI[sha256sum] = "0b1b50ac6311f0c510248b6cd64d6d3c94369344828baa602db85ded5bc70ec9"
S = "${WORKDIR}/gst-plugins-bad-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.6.bb
index 728a99e08b..4e7fc62ec7 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.6.bb
@@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba
file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
file://0004-glimagesink-Downrank-to-marginal.patch \
"
-SRC_URI[sha256sum] = "29e53229a84d01d722f6f6db13087231cdf6113dd85c25746b9b58c3d68e8323"
+SRC_URI[sha256sum] = "56a9ff2fe9e6603b9e658cf6897d412a173d2180829fe01e92568549c6bd0f5b"
S = "${WORKDIR}/gst-plugins-base-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch
deleted file mode 100644
index 14a9fe23aa..0000000000
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From ec1949dffd931d0ec7e4f67108a08ab1e2af0cfe Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
-Date: Tue, 16 Mar 2021 19:25:36 +0200
-Subject: [PATCH] rtpjitterbuffer: Fix parsing of the mediaclk:direct= field
-
-Due to an off-by-one when parsing the string, the most significant digit
-or the clock offset was skipped when parsing the offset.
-
-Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/merge_requests/910>
-
-Upstream-Status: Backport [b5bb4ede3a42273fafc1054f9cf106ca527e3c26]
-
-Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
----
- gst/rtpmanager/gstrtpjitterbuffer.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/gst/rtpmanager/gstrtpjitterbuffer.c b/gst/rtpmanager/gstrtpjitterbuffer.c
-index 60d8ad875..02fe15adc 100644
---- a/gst/rtpmanager/gstrtpjitterbuffer.c
-+++ b/gst/rtpmanager/gstrtpjitterbuffer.c
-@@ -1534,7 +1534,7 @@ gst_jitter_buffer_sink_parse_caps (GstRtpJitterBuffer * jitterbuffer,
- GST_DEBUG_OBJECT (jitterbuffer, "Got media clock %s", mediaclk);
-
- if (!g_str_has_prefix (mediaclk, "direct=") ||
-- !g_ascii_string_to_unsigned (&mediaclk[8], 10, 0, G_MAXUINT64,
-+ !g_ascii_string_to_unsigned (&mediaclk[7], 10, 0, G_MAXUINT64,
- &clock_offset, NULL))
- GST_FIXME_OBJECT (jitterbuffer, "Unsupported media clock");
- if (strstr (mediaclk, "rate=") != NULL) {
---
-2.31.0
-
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.6.bb
index 07cacdc68a..72ad8eff08 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.6.bb
@@ -6,10 +6,9 @@ BUGTRACKER = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/issues
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-good-${PV}.tar.xz \
file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
- file://0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch \
"
-SRC_URI[sha256sum] = "b6e50e3a9bbcd56ee6ec71c33aa8332cc9c926b0c1fae995aac8b3040ebe39b0"
+SRC_URI[sha256sum] = "26723ac01fcb360ade1f41d168c7c322d8af4ceb7e55c8c12ed2690d06a76eed"
S = "${WORKDIR}/gst-plugins-good-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.6.bb
index 932fa7f6fb..4774a17c1e 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.6.bb
@@ -13,7 +13,7 @@ LICENSE_FLAGS = "commercial"
SRC_URI = " \
https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
"
-SRC_URI[sha256sum] = "218df0ce0d31e8ca9cdeb01a3b0c573172cc9c21bb3d41811c7820145623d13c"
+SRC_URI[sha256sum] = "4969c409cb6a88317d2108b8577108e18623b2333d7b587ae3f39459c70e3a7f"
S = "${WORKDIR}/gst-plugins-ugly-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.6.bb
index 49de3dac84..1a3ae5dde6 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.6.bb
@@ -8,7 +8,7 @@ LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "cb68e08a7e825e08b83a12a22dcd6e4f1b328a7b02a7ac84f42f68f4ddc7098e"
+SRC_URI[sha256sum] = "bdc0ea22fbd7335ad9decc151561aacc53c51206a9735b81eac700ce5b0bbd4a"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
RDEPENDS_${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.6.bb
index f7bfe98985..f105713f33 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.6.bb
@@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server"
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "a46bb8de40b971a048580279d2660e616796f871ad3ed00c8a95fe4d273a6c94"
+SRC_URI[sha256sum] = "826f32afbcf94b823541efcac4a0dacdb62f6145ef58f363095749f440262be9"
S = "${WORKDIR}/${PNREAL}-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.6.bb
index a268d79541..a604b5ebce 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.6.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c"
SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "92db98af86f3150d429c9ab17e88d2364f9c07a140c8f445ed739e8f10252aea"
+SRC_URI[sha256sum] = "ab6270f1e5e4546fbe6f5ea246d86ca3d196282eb863d46e6cdcc96f867449e0"
S = "${WORKDIR}/${REALPN}-${PV}"
DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch b/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch
index 96abef17b0..5121044734 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch
@@ -1,4 +1,4 @@
-From 598d108e2c438d8f2ecd3bf948fa3ebbd3681490 Mon Sep 17 00:00:00 2001
+From e275ba2bd854ac15a4b65a8f07d9f042021950da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= <tim@centricular.com>
Date: Fri, 14 Aug 2020 16:38:26 +0100
Subject: [PATCH 2/3] Remove unused valgrind detection
@@ -19,7 +19,7 @@ Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
3 files changed, 42 deletions(-)
diff --git a/gst/gst_private.h b/gst/gst_private.h
-index eefd044d9..8252ede51 100644
+index eefd044..8252ede 100644
--- a/gst/gst_private.h
+++ b/gst/gst_private.h
@@ -116,8 +116,6 @@ G_GNUC_INTERNAL gboolean _priv_plugin_deps_env_vars_changed (GstPlugin * plugin
@@ -32,12 +32,12 @@ index eefd044d9..8252ede51 100644
G_GNUC_INTERNAL void _priv_gst_quarks_initialize (void);
G_GNUC_INTERNAL void _priv_gst_mini_object_initialize (void);
diff --git a/gst/gstinfo.c b/gst/gstinfo.c
-index 5d317877b..097f8b20d 100644
+index eea1a21..d3035d6 100644
--- a/gst/gstinfo.c
+++ b/gst/gstinfo.c
@@ -305,36 +305,6 @@ static gboolean pretty_tags = PRETTY_TAGS_DEFAULT;
- static volatile gint G_GNUC_MAY_ALIAS __default_level = GST_LEVEL_DEFAULT;
- static volatile gint G_GNUC_MAY_ALIAS __use_color = GST_DEBUG_COLOR_MODE_ON;
+ static gint G_GNUC_MAY_ALIAS __default_level = GST_LEVEL_DEFAULT;
+ static gint G_GNUC_MAY_ALIAS __use_color = GST_DEBUG_COLOR_MODE_ON;
-/* FIXME: export this? */
-gboolean
@@ -82,7 +82,7 @@ index 5d317877b..097f8b20d 100644
env = g_getenv ("GST_DEBUG_OPTIONS");
if (env != NULL) {
if (strstr (env, "full_tags") || strstr (env, "full-tags"))
-@@ -2503,12 +2470,6 @@ gst_debug_construct_win_color (guint colorinfo)
+@@ -2505,12 +2472,6 @@ gst_debug_construct_win_color (guint colorinfo)
return 0;
}
@@ -96,7 +96,7 @@ index 5d317877b..097f8b20d 100644
_gst_debug_dump_mem (GstDebugCategory * cat, const gchar * file,
const gchar * func, gint line, GObject * obj, const gchar * msg,
diff --git a/meson.build b/meson.build
-index ce1921aa4..7a84d0981 100644
+index 82a1728..42ae617 100644
--- a/meson.build
+++ b/meson.build
@@ -200,7 +200,6 @@ check_headers = [
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.6.bb
index 8562070968..82fb476a47 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.4.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.6.bb
@@ -21,7 +21,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x
file://0003-meson-Add-option-for-installed-tests.patch \
file://0001-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch \
"
-SRC_URI[sha256sum] = "9aeec99b38e310817012aa2d1d76573b787af47f8a725a65b833880a094dfbc5"
+SRC_URI[sha256sum] = "4ec816010dd4d3a93cf470ad0a6f25315f52b204eb1d71dfa70ab8a1c3bd06e6"
PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
check \
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
new file mode 100644
index 0000000000..b0ff1a0885
--- /dev/null
+++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
@@ -0,0 +1,32 @@
+From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 13 Jan 2022 16:45:59 +0800
+Subject: [PATCH] flac: Fix improper buffer reusing
+
+CVE: CVE-2021-4156.patch
+Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/issues/731]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ src/flac.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/flac.c b/src/flac.c
+index 0be82ac..6548bba 100644
+--- a/src/flac.c
++++ b/src/flac.c
+@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len)
+ /* Decode some more. */
+ while (pflac->pos < pflac->len)
+ { if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
++ { psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ;
++ /* Current frame is busted, so NULL the pointer. */
++ pflac->frame = NULL ;
+ break ;
++ }
+ state = FLAC__stream_decoder_get_state (pflac->fsd) ;
+ if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
+ { psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ;
+--
+2.17.1
+
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
index 044881a859..8eb007884e 100644
--- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
+++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -20,6 +20,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
file://CVE-2017-12562.patch \
file://CVE-2018-19758.patch \
file://CVE-2019-3832.patch \
+ file://CVE-2021-4156.patch \
"
SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"
diff --git a/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch
new file mode 100644
index 0000000000..eb16e95ffc
--- /dev/null
+++ b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch
@@ -0,0 +1,30 @@
+Backport patch to fix CVE-2020-23903.
+
+CVE: CVE-2020-23903
+Upstream-Status: Backport [https://github.com/xiph/speex/commit/870ff84]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001
+From: Tristan Matthews <tmatth@videolan.org>
+Date: Mon, 13 Jul 2020 23:25:03 -0400
+Subject: [PATCH] wav_io: guard against invalid channel numbers
+
+Fixes #13
+---
+ src/wav_io.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/wav_io.c b/src/wav_io.c
+index b5183015..09d62eb0 100644
+--- a/src/wav_io.c
++++ b/src/wav_io.c
+@@ -111,7 +111,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
+ stmp = le_short(stmp);
+ *channels = stmp;
+
+- if (stmp>2)
++ if (stmp>2 || stmp<1)
+ {
+ fprintf (stderr, "Only mono and (intensity) stereo supported\n");
+ return -1;
diff --git a/meta/recipes-multimedia/speex/speex_1.2.0.bb b/meta/recipes-multimedia/speex/speex_1.2.0.bb
index 3a0911d6f8..ea475f0f1b 100644
--- a/meta/recipes-multimedia/speex/speex_1.2.0.bb
+++ b/meta/recipes-multimedia/speex/speex_1.2.0.bb
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=314649d8ba9dd7045dfb6683f298d0a8 \
file://include/speex/speex.h;beginline=1;endline=34;md5=ef8c8ea4f7198d71cf3509c6ed05ea50"
DEPENDS = "libogg speexdsp"
-SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz"
+SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz \
+ file://CVE-2020-23903.patch \
+ "
UPSTREAM_CHECK_REGEX = "speex-(?P<pver>\d+(\.\d+)+)\.tar"
SRC_URI[md5sum] = "8ab7bb2589110dfaf0ed7fa7757dc49c"
diff --git a/meta/recipes-multimedia/x264/x264_git.bb b/meta/recipes-multimedia/x264/x264_git.bb
index f95fb0c41e..448d632145 100644
--- a/meta/recipes-multimedia/x264/x264_git.bb
+++ b/meta/recipes-multimedia/x264/x264_git.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
DEPENDS = "nasm-native"
-SRC_URI = "git://github.com/mirror/x264;branch=stable \
+SRC_URI = "git://github.com/mirror/x264;branch=stable;protocol=https \
file://don-t-default-to-cortex-a9-with-neon.patch \
file://Fix-X32-build-by-disabling-asm.patch \
"
diff --git a/meta/recipes-sato/l3afpad/l3afpad_git.bb b/meta/recipes-sato/l3afpad/l3afpad_git.bb
index 85c2c500ea..4d5d299d47 100644
--- a/meta/recipes-sato/l3afpad/l3afpad_git.bb
+++ b/meta/recipes-sato/l3afpad/l3afpad_git.bb
@@ -16,7 +16,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \
DEPENDS = "gtk+3 intltool-native gettext-native"
PV = "0.8.18.1.11+git${SRCPV}"
-SRC_URI = "git://github.com/stevenhoneyman/l3afpad.git"
+SRC_URI = "git://github.com/stevenhoneyman/l3afpad.git;branch=master;protocol=https"
SRCREV ="3cdccdc9505643e50f8208171d9eee5de11a42ff"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb b/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb
index 547e851c15..5733a36b12 100644
--- a/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb
+++ b/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb
@@ -11,7 +11,7 @@ RDEPENDS_${PN} = "settings-daemon"
# SRCREV tagged 0.2
SRCREV = "ef2192ce98d9374ffdad5f78544c3f8f353c16aa"
-SRC_URI = "git://git.yoctoproject.org/${BPN} \
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \
file://no-handed.patch"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))"
diff --git a/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb b/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb
index d775b5c651..71fb238f43 100644
--- a/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb
+++ b/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb
@@ -13,7 +13,7 @@ SECTION = "x11/wm"
# SRCREV tagged 2.2
SRCREV = "6bc67d09da4147e5552fe30011a05a2c59d2f777"
-SRC_URI = "git://git.yoctoproject.org/${BPN}-2 \
+SRC_URI = "git://git.yoctoproject.org/${BPN}-2;branch=master \
file://vfolders/ \
"
diff --git a/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb b/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb
index c659964a2b..54fe578cd3 100644
--- a/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb
+++ b/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb
@@ -23,7 +23,7 @@ RPROVIDES_${PN} = "matchbox-panel"
RREPLACES_${PN} = "matchbox-panel"
RCONFLICTS_${PN} = "matchbox-panel"
-SRC_URI = "git://git.yoctoproject.org/${BPN} \
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \
file://0001-applets-systray-Allow-icons-to-be-smaller.patch \
"
diff --git a/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb b/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb
index 9f00281dde..e2e81c2905 100644
--- a/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb
+++ b/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb
@@ -11,7 +11,7 @@ SECTION = "x11/utils"
#SRCREV tagged 0.2
SRCREV = "161276d0f5d1be8187010fd0d9581a6feca70ea5"
-SRC_URI = "git://git.yoctoproject.org/${BPN}"
+SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb b/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb
index 7a043d3447..bc4024736f 100644
--- a/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb
+++ b/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb
@@ -2,7 +2,7 @@ require matchbox-theme-sato.inc
# SRCREV tagged 0.2
SRCREV = "df085ba9cdaeaf2956890b0e29d7ea1779bf6c78"
-SRC_URI = "git://git.yoctoproject.org/matchbox-sato"
+SRC_URI = "git://git.yoctoproject.org/matchbox-sato;branch=master"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb b/meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb
index e27339fb46..cfba2074f4 100644
--- a/meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb
+++ b/meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb
@@ -15,3 +15,7 @@ do_install() {
FILES_${PN} = "${sysconfdir}/pulse/client.conf.d/50-sato.conf"
CONFFILES_${PN} = "${sysconfdir}/pulse/client.conf.d/50-sato.conf"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb b/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb
index 2b1f513f1c..7e7612253d 100644
--- a/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb
+++ b/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb
@@ -11,7 +11,7 @@ DEPENDS = "matchbox-panel-2 gtk+3"
# SRCREV tagged 0.3
SRCREV = "9250fa5a012d84ff45984e8c4345ee7635227756"
-SRC_URI = "git://git.yoctoproject.org/screenshot"
+SRC_URI = "git://git.yoctoproject.org/screenshot;branch=master"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb b/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb
index d01177f9b9..19c4a73dc3 100644
--- a/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb
+++ b/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb
@@ -9,7 +9,7 @@ SECTION = "x11"
# SRCREV tagged 0.0.2
SRCREV = "b2e5da502f8c5ff75e9e6da771372ef8e40fd9a2"
-SRC_URI = "git://git.yoctoproject.org/xsettings-daemon \
+SRC_URI = "git://git.yoctoproject.org/xsettings-daemon;branch=master \
file://addsoundkeys.patch \
file://70settings-daemon.sh \
"
diff --git a/meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb b/meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb
index 28d5096023..08d3c3fe19 100644
--- a/meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb
+++ b/meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb
@@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384
SRC_URI = "file://shutdown.desktop"
-PR = "r1"
+PR = "r2"
S = "${WORKDIR}"
@@ -22,3 +22,6 @@ pkg_postinst_${PN} () {
}
inherit allarch
+
+# remove at next version upgrade or when output changes
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2021-42762.patch b/meta/recipes-sato/webkit/webkitgtk/CVE-2021-42762.patch
new file mode 100644
index 0000000000..1d012271cb
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2021-42762.patch
@@ -0,0 +1,468 @@
+Backport and rebase patch to fix CVE-2021-42762 for webkitgtk 2.30.5.
+
+CVE: CVE-2021-42762
+Upstream-Status: Backport [https://trac.webkit.org/changeset/284451/webkit]
+
+Ref:
+* https://bugs.webkit.org/show_bug.cgi?id=231479#c8
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 035ac439855c7bef0a4525897f783121e4a6055c Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@gnome.org>
+Date: Tue, 19 Oct 2021 14:27:17 +0000
+Subject: [PATCH] Update seccomp filters with latest changes from flatpak
+ https://bugs.webkit.org/show_bug.cgi?id=231479
+
+Patch by Michael Catanzaro <mcatanzaro@gnome.org> on 2021-10-19
+Reviewed by Adrian Perez de Castro.
+
+Additionally, let's fix a minor inconsistency in our error-handling code: all but one of
+our codepaths carefully free and close resources, but the process is about to crash so
+there's not really any reason to do so. The code is slightly simpler if we don't bother.
+
+The seemingly-extraneous include order changes are required to placate the style checker.
+
+* UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
+(WebKit::seccompStrerror):
+(WebKit::setupSeccomp):
+* UIProcess/Launcher/glib/Syscalls.h: Added.
+
+Canonical link: https://commits.webkit.org/243211@main
+git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284451 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+---
+ .../UIProcess/Launcher/glib/BubblewrapLauncher.cpp | 139 +++++++++-----
+ Source/WebKit/UIProcess/Launcher/glib/Syscalls.h | 200 +++++++++++++++++++++
+ 2 files changed, 293 insertions(+), 46 deletions(-)
+
+diff --git a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+index 889388ac..c2f7e502 100644
+--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
++++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+@@ -25,11 +25,18 @@
+ #include <glib.h>
+ #include <seccomp.h>
+ #include <sys/ioctl.h>
++#include <sys/mman.h>
+ #include <wtf/FileSystem.h>
+ #include <wtf/glib/GLibUtilities.h>
+ #include <wtf/glib/GRefPtr.h>
+ #include <wtf/glib/GUniquePtr.h>
+
++#if !defined(MFD_ALLOW_SEALING) && HAVE(LINUX_MEMFD_H)
++#include <linux/memfd.h>
++#endif
++
++#include "Syscalls.h"
++
+ #if PLATFORM(GTK)
+ #include "WaylandCompositor.h"
+ #endif
+@@ -40,13 +47,7 @@
+ #define BASE_DIRECTORY "wpe"
+ #endif
+
+-#include <sys/mman.h>
+-
+-#ifndef MFD_ALLOW_SEALING
+-
+-#if HAVE(LINUX_MEMFD_H)
+-
+-#include <linux/memfd.h>
++#if !defined(MFD_ALLOW_SEALING) && HAVE(LINUX_MEMFD_H)
+
+ // These defines were added in glibc 2.27, the same release that added memfd_create.
+ // But the kernel added all of this in Linux 3.17. So it's totally safe for us to
+@@ -65,9 +66,7 @@ static int memfd_create(const char* name, unsigned flags)
+ {
+ return syscall(__NR_memfd_create, name, flags);
+ }
+-#endif // #if HAVE(LINUX_MEMFD_H)
+-
+-#endif // #ifndef MFD_ALLOW_SEALING
++#endif // #if !defined(MFD_ALLOW_SEALING) && HAVE(LINUX_MEMFD_H)
+
+ namespace WebKit {
+ using namespace WebCore;
+@@ -573,6 +572,28 @@ static void bindSymlinksRealPath(Vector<CString>& args, const char* path)
+ }
+ }
+
++// Translate a libseccomp error code into an error message. libseccomp
++// mostly returns negative errno values such as -ENOMEM, but some
++// standard errno values are used for non-standard purposes where their
++// strerror() would be misleading.
++static const char* seccompStrerror(int negativeErrno)
++{
++ RELEASE_ASSERT_WITH_MESSAGE(negativeErrno < 0, "Non-negative error value from libseccomp?");
++ RELEASE_ASSERT_WITH_MESSAGE(negativeErrno > INT_MIN, "Out of range error value from libseccomp?");
++
++ switch (negativeErrno) {
++ case -EDOM:
++ return "Architecture-specific failure";
++ case -EFAULT:
++ return "Internal libseccomp failure (unknown syscall?)";
++ case -ECANCELED:
++ return "System failure beyond the control of libseccomp";
++ }
++
++ // e.g. -ENOMEM: the result of strerror() is good enough
++ return g_strerror(-negativeErrno);
++}
++
+ static int setupSeccomp()
+ {
+ // NOTE: This is shared code (flatpak-run.c - LGPLv2.1+)
+@@ -600,6 +621,10 @@ static int setupSeccomp()
+ // in common/flatpak-run.c
+ // https://git.gnome.org/browse/linux-user-chroot
+ // in src/setup-seccomp.c
++ //
++ // Other useful resources:
++ // https://github.com/systemd/systemd/blob/HEAD/src/shared/seccomp-util.c
++ // https://github.com/moby/moby/blob/HEAD/profiles/seccomp/default.json
+
+ #if defined(__s390__) || defined(__s390x__) || defined(__CRIS__)
+ // Architectures with CONFIG_CLONE_BACKWARDS2: the child stack
+@@ -613,47 +638,70 @@ static int setupSeccomp()
+ struct scmp_arg_cmp ttyArg = SCMP_A1(SCMP_CMP_MASKED_EQ, 0xFFFFFFFFu, TIOCSTI);
+ struct {
+ int scall;
++ int errnum;
+ struct scmp_arg_cmp* arg;
+ } syscallBlockList[] = {
+ // Block dmesg
+- { SCMP_SYS(syslog), nullptr },
++ { SCMP_SYS(syslog), EPERM, nullptr },
+ // Useless old syscall.
+- { SCMP_SYS(uselib), nullptr },
++ { SCMP_SYS(uselib), EPERM, nullptr },
+ // Don't allow disabling accounting.
+- { SCMP_SYS(acct), nullptr },
++ { SCMP_SYS(acct), EPERM, nullptr },
+ // 16-bit code is unnecessary in the sandbox, and modify_ldt is a
+ // historic source of interesting information leaks.
+- { SCMP_SYS(modify_ldt), nullptr },
++ { SCMP_SYS(modify_ldt), EPERM, nullptr },
+ // Don't allow reading current quota use.
+- { SCMP_SYS(quotactl), nullptr },
++ { SCMP_SYS(quotactl), EPERM, nullptr },
+
+ // Don't allow access to the kernel keyring.
+- { SCMP_SYS(add_key), nullptr },
+- { SCMP_SYS(keyctl), nullptr },
+- { SCMP_SYS(request_key), nullptr },
++ { SCMP_SYS(add_key), EPERM, nullptr },
++ { SCMP_SYS(keyctl), EPERM, nullptr },
++ { SCMP_SYS(request_key), EPERM, nullptr },
+
+ // Scary VM/NUMA ops
+- { SCMP_SYS(move_pages), nullptr },
+- { SCMP_SYS(mbind), nullptr },
+- { SCMP_SYS(get_mempolicy), nullptr },
+- { SCMP_SYS(set_mempolicy), nullptr },
+- { SCMP_SYS(migrate_pages), nullptr },
++ { SCMP_SYS(move_pages), EPERM, nullptr },
++ { SCMP_SYS(mbind), EPERM, nullptr },
++ { SCMP_SYS(get_mempolicy), EPERM, nullptr },
++ { SCMP_SYS(set_mempolicy), EPERM, nullptr },
++ { SCMP_SYS(migrate_pages), EPERM, nullptr },
+
+ // Don't allow subnamespace setups:
+- { SCMP_SYS(unshare), nullptr },
+- { SCMP_SYS(mount), nullptr },
+- { SCMP_SYS(pivot_root), nullptr },
+- { SCMP_SYS(clone), &cloneArg },
++ { SCMP_SYS(unshare), EPERM, nullptr },
++ { SCMP_SYS(setns), EPERM, nullptr },
++ { SCMP_SYS(mount), EPERM, nullptr },
++ { SCMP_SYS(umount), EPERM, nullptr },
++ { SCMP_SYS(umount2), EPERM, nullptr },
++ { SCMP_SYS(pivot_root), EPERM, nullptr },
++ { SCMP_SYS(chroot), EPERM, nullptr },
++ { SCMP_SYS(clone), EPERM, &cloneArg },
+
+ // Don't allow faking input to the controlling tty (CVE-2017-5226)
+- { SCMP_SYS(ioctl), &ttyArg },
++ { SCMP_SYS(ioctl), EPERM, &ttyArg },
++
++ // seccomp can't look into clone3()'s struct clone_args to check whether
++ // the flags are OK, so we have no choice but to block clone3().
++ // Return ENOSYS so user-space will fall back to clone().
++ // (GHSA-67h7-w3jq-vh4q; see also https://github.com/moby/moby/commit/9f6b562d)
++ { SCMP_SYS(clone3), ENOSYS, nullptr },
++
++ // New mount manipulation APIs can also change our VFS. There's no
++ // legitimate reason to do these in the sandbox, so block all of them
++ // rather than thinking about which ones might be dangerous.
++ // (GHSA-67h7-w3jq-vh4q)
++ { SCMP_SYS(open_tree), ENOSYS, nullptr },
++ { SCMP_SYS(move_mount), ENOSYS, nullptr },
++ { SCMP_SYS(fsopen), ENOSYS, nullptr },
++ { SCMP_SYS(fsconfig), ENOSYS, nullptr },
++ { SCMP_SYS(fsmount), ENOSYS, nullptr },
++ { SCMP_SYS(fspick), ENOSYS, nullptr },
++ { SCMP_SYS(mount_setattr), ENOSYS, nullptr },
+
+ // Profiling operations; we expect these to be done by tools from outside
+ // the sandbox. In particular perf has been the source of many CVEs.
+- { SCMP_SYS(perf_event_open), nullptr },
++ { SCMP_SYS(perf_event_open), EPERM, nullptr },
+ // Don't allow you to switch to bsd emulation or whatnot.
+- { SCMP_SYS(personality), nullptr },
+- { SCMP_SYS(ptrace), nullptr }
++ { SCMP_SYS(personality), EPERM, nullptr },
++ { SCMP_SYS(ptrace), EPERM, nullptr }
+ };
+
+ scmp_filter_ctx seccomp = seccomp_init(SCMP_ACT_ALLOW);
+@@ -661,29 +709,28 @@ static int setupSeccomp()
+ g_error("Failed to init seccomp");
+
+ for (auto& rule : syscallBlockList) {
+- int scall = rule.scall;
+ int r;
+ if (rule.arg)
+- r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), scall, 1, *rule.arg);
++ r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(rule.errnum), rule.scall, 1, *rule.arg);
+ else
+- r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), scall, 0);
+- if (r == -EFAULT) {
+- seccomp_release(seccomp);
+- g_error("Failed to add seccomp rule");
+- }
++ r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(rule.errnum), rule.scall, 0);
++ // EFAULT means "internal libseccomp error", but in practice we get
++ // this for syscall numbers added via Syscalls.h (flatpak-syscalls-private.h)
++ // when trying to filter them on a non-native architecture, because
++ // libseccomp cannot map the syscall number to a name and back to a
++ // number for the non-native architecture.
++ if (r == -EFAULT)
++ g_info("Unable to block syscall %d: syscall not known to libseccomp?", rule.scall);
++ else if (r < 0)
++ g_error("Failed to block syscall %d: %s", rule.scall, seccompStrerror(r));
+ }
+
+ int tmpfd = memfd_create("seccomp-bpf", 0);
+- if (tmpfd == -1) {
+- seccomp_release(seccomp);
++ if (tmpfd == -1)
+ g_error("Failed to create memfd: %s", g_strerror(errno));
+- }
+
+- if (seccomp_export_bpf(seccomp, tmpfd)) {
+- seccomp_release(seccomp);
+- close(tmpfd);
+- g_error("Failed to export seccomp bpf");
+- }
++ if (int r = seccomp_export_bpf(seccomp, tmpfd))
++ g_error("Failed to export seccomp bpf: %s", seccompStrerror(r));
+
+ if (lseek(tmpfd, 0, SEEK_SET) < 0)
+ g_error("lseek failed: %s", g_strerror(errno));
+diff --git a/Source/WebKit/UIProcess/Launcher/glib/Syscalls.h b/Source/WebKit/UIProcess/Launcher/glib/Syscalls.h
+new file mode 100644
+index 00000000..18dea9a9
+--- /dev/null
++++ b/Source/WebKit/UIProcess/Launcher/glib/Syscalls.h
+@@ -0,0 +1,200 @@
++/*
++ * Copyright 2021 Collabora Ltd.
++ * SPDX-License-Identifier: LGPL-2.1-or-later
++ *
++ * This program is free software; you can redistribute it and/or
++ * modify it under the terms of the GNU Lesser General Public
++ * License as published by the Free Software Foundation; either
++ * version 2.1 of the License, or (at your option) any later version.
++ *
++ * This library is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ * Lesser General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
++ */
++
++// This file is a copy of flatpak-syscalls-private.h, reformatted a bit to placate WebKit's style checker.
++//
++// Upstream is here:
++// https://github.com/flatpak/flatpak/blob/26b12484eb8a6219b9e7aa287b298a894b2f34ca/common/flatpak-syscalls-private.h
++
++#pragma once
++
++#include <sys/syscall.h>
++
++#if defined(_MIPS_SIM)
++# if _MIPS_SIM == _MIPS_SIM_ABI32
++# define FLATPAK_MISSING_SYSCALL_BASE 4000
++# elif _MIPS_SIM == _MIPS_SIM_ABI64
++# define FLATPAK_MISSING_SYSCALL_BASE 5000
++# elif _MIPS_SIM == _MIPS_SIM_NABI32
++# define FLATPAK_MISSING_SYSCALL_BASE 6000
++# else
++# error "Unknown MIPS ABI"
++# endif
++#endif
++
++#if defined(__ia64__)
++# define FLATPAK_MISSING_SYSCALL_BASE 1024
++#endif
++
++#if defined(__alpha__)
++# define FLATPAK_MISSING_SYSCALL_BASE 110
++#endif
++
++#if defined(__x86_64__) && defined(__ILP32__)
++# define FLATPAK_MISSING_SYSCALL_BASE 0x40000000
++#endif
++
++// FLATPAK_MISSING_SYSCALL_BASE:
++//
++// Number to add to the syscall numbers of recently-added syscalls
++// to get the appropriate syscall for the current ABI.
++#ifndef FLATPAK_MISSING_SYSCALL_BASE
++# define FLATPAK_MISSING_SYSCALL_BASE 0
++#endif
++
++#ifndef __NR_open_tree
++# define __NR_open_tree (FLATPAK_MISSING_SYSCALL_BASE + 428)
++#endif
++#ifndef __SNR_open_tree
++# define __SNR_open_tree __NR_open_tree
++#endif
++
++#ifndef __NR_move_mount
++# define __NR_move_mount (FLATPAK_MISSING_SYSCALL_BASE + 429)
++#endif
++#ifndef __SNR_move_mount
++# define __SNR_move_mount __NR_move_mount
++#endif
++
++#ifndef __NR_fsopen
++# define __NR_fsopen (FLATPAK_MISSING_SYSCALL_BASE + 430)
++#endif
++#ifndef __SNR_fsopen
++# define __SNR_fsopen __NR_fsopen
++#endif
++
++#ifndef __NR_fsconfig
++# define __NR_fsconfig (FLATPAK_MISSING_SYSCALL_BASE + 431)
++#endif
++#ifndef __SNR_fsconfig
++# define __SNR_fsconfig __NR_fsconfig
++#endif
++
++#ifndef __NR_fsmount
++# define __NR_fsmount (FLATPAK_MISSING_SYSCALL_BASE + 432)
++#endif
++#ifndef __SNR_fsmount
++# define __SNR_fsmount __NR_fsmount
++#endif
++
++#ifndef __NR_fspick
++# define __NR_fspick (FLATPAK_MISSING_SYSCALL_BASE + 433)
++#endif
++#ifndef __SNR_fspick
++# define __SNR_fspick __NR_fspick
++#endif
++
++#ifndef __NR_pidfd_open
++# define __NR_pidfd_open (FLATPAK_MISSING_SYSCALL_BASE + 434)
++#endif
++#ifndef __SNR_pidfd_open
++# define __SNR_pidfd_open __NR_pidfd_open
++#endif
++
++#ifndef __NR_clone3
++# define __NR_clone3 (FLATPAK_MISSING_SYSCALL_BASE + 435)
++#endif
++#ifndef __SNR_clone3
++# define __SNR_clone3 __NR_clone3
++#endif
++
++#ifndef __NR_close_range
++# define __NR_close_range (FLATPAK_MISSING_SYSCALL_BASE + 436)
++#endif
++#ifndef __SNR_close_range
++# define __SNR_close_range __NR_close_range
++#endif
++
++#ifndef __NR_openat2
++# define __NR_openat2 (FLATPAK_MISSING_SYSCALL_BASE + 437)
++#endif
++#ifndef __SNR_openat2
++# define __SNR_openat2 __NR_openat2
++#endif
++
++#ifndef __NR_pidfd_getfd
++# define __NR_pidfd_getfd (FLATPAK_MISSING_SYSCALL_BASE + 438)
++#endif
++#ifndef __SNR_pidfd_getfd
++# define __SNR_pidfd_getfd __NR_pidfd_getfd
++#endif
++
++#ifndef __NR_faccessat2
++# define __NR_faccessat2 (FLATPAK_MISSING_SYSCALL_BASE + 439)
++#endif
++#ifndef __SNR_faccessat2
++# define __SNR_faccessat2 __NR_faccessat2
++#endif
++
++#ifndef __NR_process_madvise
++# define __NR_process_madvise (FLATPAK_MISSING_SYSCALL_BASE + 440)
++#endif
++#ifndef __SNR_process_madvise
++# define __SNR_process_madvise __NR_process_madvise
++#endif
++
++#ifndef __NR_epoll_pwait2
++# define __NR_epoll_pwait2 (FLATPAK_MISSING_SYSCALL_BASE + 441)
++#endif
++#ifndef __SNR_epoll_pwait2
++# define __SNR_epoll_pwait2 __NR_epoll_pwait2
++#endif
++
++#ifndef __NR_mount_setattr
++# define __NR_mount_setattr (FLATPAK_MISSING_SYSCALL_BASE + 442)
++#endif
++#ifndef __SNR_mount_setattr
++# define __SNR_mount_setattr __NR_mount_setattr
++#endif
++
++#ifndef __NR_quotactl_fd
++# define __NR_quotactl_fd (FLATPAK_MISSING_SYSCALL_BASE + 443)
++#endif
++#ifndef __SNR_quotactl_fd
++# define __SNR_quotactl_fd __NR_quotactl_fd
++#endif
++
++#ifndef __NR_landlock_create_ruleset
++# define __NR_landlock_create_ruleset (FLATPAK_MISSING_SYSCALL_BASE + 444)
++#endif
++#ifndef __SNR_landlock_create_ruleset
++# define __SNR_landlock_create_ruleset __NR_landlock_create_ruleset
++#endif
++
++#ifndef __NR_landlock_add_rule
++# define __NR_landlock_add_rule (FLATPAK_MISSING_SYSCALL_BASE + 445)
++#endif
++#ifndef __SNR_landlock_add_rule
++# define __SNR_landlock_add_rule __NR_landlock_add_rule
++#endif
++
++#ifndef __NR_landlock_restrict_self
++# define __NR_landlock_restrict_self (FLATPAK_MISSING_SYSCALL_BASE + 446)
++#endif
++#ifndef __SNR_landlock_restrict_self
++# define __SNR_landlock_restrict_self __NR_landlock_restrict_self
++#endif
++
++#ifndef __NR_memfd_secret
++# define __NR_memfd_secret (FLATPAK_MISSING_SYSCALL_BASE + 447)
++#endif
++#ifndef __SNR_memfd_secret
++# define __SNR_memfd_secret __NR_memfd_secret
++#endif
++
++// Last updated: Linux 5.14, syscall numbers < 448
diff --git a/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch b/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch
new file mode 100644
index 0000000000..e866a1a193
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch
@@ -0,0 +1,22 @@
+Injection a year based on the current date isn't reproducible. Hack this
+to a specific year for now for reproducibilty and to avoid autobuilder failures.
+
+The correct fix would be to use SOURCE_DATE_EPOCH from the environment and
+then this could be submitted upstream, sadly my ruby isn't up to that.
+
+Upstream-Status: Pending [could be reworked]
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+Index: webkitgtk-2.34.2/Source/JavaScriptCore/generator/GeneratedFile.rb
+===================================================================
+--- webkitgtk-2.34.2.orig/Source/JavaScriptCore/generator/GeneratedFile.rb
++++ webkitgtk-2.34.2/Source/JavaScriptCore/generator/GeneratedFile.rb
+@@ -25,7 +25,7 @@ require 'date'
+ require 'digest'
+
+ $LICENSE = <<-EOF
+-Copyright (C) #{Date.today.year} Apple Inc. All rights reserved.
++Copyright (C) 2021 Apple Inc. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb b/meta/recipes-sato/webkit/webkitgtk_2.30.6.bb
index 1fefc75c49..1fdba611ea 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.30.6.bb
@@ -21,9 +21,11 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
file://0001-Extend-atomics-check-to-include-1-byte-CAS-test.patch \
file://musl-lower-stack-usage.patch \
file://0001-MiniBrowser-Fix-reproduciblity.patch \
+ file://reproducibility.patch \
+ file://CVE-2021-42762.patch \
"
-SRC_URI[sha256sum] = "7d0dab08e3c5ae07bec80b2822ef42e952765d5724cac86eb23999bfed5a7f1f"
+SRC_URI[sha256sum] = "50736ec7a91770b5939d715196e5fe7209b93efcdeef425b24dc51fb8e9d7c1e"
inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gtk-doc
diff --git a/meta/recipes-support/bmap-tools/bmap-tools_3.6.bb b/meta/recipes-support/bmap-tools/bmap-tools_3.6.bb
index 611c0fb680..70ce12a06f 100644
--- a/meta/recipes-support/bmap-tools/bmap-tools_3.6.bb
+++ b/meta/recipes-support/bmap-tools/bmap-tools_3.6.bb
@@ -9,7 +9,7 @@ SECTION = "console/utils"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "git://github.com/intel/${BPN}"
+SRC_URI = "git://github.com/intel/${BPN};branch=master;protocol=https"
SRCREV = "c0673962a8ec1624b5189dc1d24f33fe4f06785a"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-support/boost/boost-build-native_4.3.0.bb b/meta/recipes-support/boost/boost-build-native_4.3.0.bb
index 00f3a86dd6..f09ff484ec 100644
--- a/meta/recipes-support/boost/boost-build-native_4.3.0.bb
+++ b/meta/recipes-support/boost/boost-build-native_4.3.0.bb
@@ -6,7 +6,7 @@ SECTION = "devel"
LICENSE = "BSL-1.0"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=e4224ccaecb14d942c71d31bef20d78c"
-SRC_URI = "git://github.com/boostorg/build;protocol=https"
+SRC_URI = "git://github.com/boostorg/build;protocol=https;branch=master"
SRCREV = "632ea768f3eb225b4472c5ed6d20afee708724ad"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+){2,}))"
diff --git a/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch b/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch
new file mode 100644
index 0000000000..5c4a32f526
--- /dev/null
+++ b/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch
@@ -0,0 +1,80 @@
+From cb43ec15b700b25f3c4fe44043a1a021aaf5b768 Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex@linutronix.de>
+Date: Mon, 18 Oct 2021 12:05:49 +0200
+Subject: [PATCH] Revert "mozilla/certdata2pem.py: print a warning for expired
+ certificates."
+
+This avoids a dependency on python3-cryptography, and only checks
+for expired certs (which is upstream concern, but not ours).
+
+Upstream-Status: Inappropriate [oe-core specific]
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ debian/changelog | 1 -
+ debian/control | 2 +-
+ mozilla/certdata2pem.py | 11 -----------
+ 3 files changed, 1 insertion(+), 13 deletions(-)
+
+diff --git a/debian/changelog b/debian/changelog
+index 531e4d0..4006509 100644
+--- a/debian/changelog
++++ b/debian/changelog
+@@ -37,7 +37,6 @@ ca-certificates (20211004) unstable; urgency=low
+ - "Trustis FPS Root CA"
+ - "Staat der Nederlanden Root CA - G3"
+ * Blacklist expired root certificate "DST Root CA X3" (closes: #995432)
+- * mozilla/certdata2pem.py: print a warning for expired certificates.
+
+ -- Julien Cristau <jcristau@debian.org> Thu, 07 Oct 2021 17:12:47 +0200
+
+diff --git a/debian/control b/debian/control
+index 4434b7a..5c6ba24 100644
+--- a/debian/control
++++ b/debian/control
+@@ -3,7 +3,7 @@ Section: misc
+ Priority: optional
+ Maintainer: Julien Cristau <jcristau@debian.org>
+ Build-Depends: debhelper-compat (= 13), po-debconf
+-Build-Depends-Indep: python3, openssl, python3-cryptography
++Build-Depends-Indep: python3, openssl
+ Standards-Version: 4.5.0.2
+ Vcs-Git: https://salsa.debian.org/debian/ca-certificates.git
+ Vcs-Browser: https://salsa.debian.org/debian/ca-certificates
+diff --git a/mozilla/certdata2pem.py b/mozilla/certdata2pem.py
+index ede23d4..7d796f1 100644
+--- a/mozilla/certdata2pem.py
++++ b/mozilla/certdata2pem.py
+@@ -21,16 +21,12 @@
+ # USA.
+
+ import base64
+-import datetime
+ import os.path
+ import re
+ import sys
+ import textwrap
+ import io
+
+-from cryptography import x509
+-
+-
+ objects = []
+
+ # Dirty file parser.
+@@ -121,13 +117,6 @@ for obj in objects:
+ if obj['CKA_CLASS'] == 'CKO_CERTIFICATE':
+ if not obj['CKA_LABEL'] in trust or not trust[obj['CKA_LABEL']]:
+ continue
+-
+- cert = x509.load_der_x509_certificate(obj['CKA_VALUE'])
+- if cert.not_valid_after < datetime.datetime.now():
+- print('!'*74)
+- print('Trusted but expired certificate found: %s' % obj['CKA_LABEL'])
+- print('!'*74)
+-
+ bname = obj['CKA_LABEL'][1:-1].replace('/', '_')\
+ .replace(' ', '_')\
+ .replace('(', '=')\
+--
+2.20.1
+
diff --git a/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch b/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch
deleted file mode 100644
index f343ebf16e..0000000000
--- a/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-sbin/Makefile: Allow the sbin path to be configurable
-
-Some project sharing ca-certificates from Debian allow configuration
-of the installation location. Make the sbin location configurable.
-
-Also ensure the target directory exists
-
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-Upstream-Status: Submitted [https://salsa.debian.org/debian/ca-certificates/-/merge_requests/5]
-
---- ca-certificates-20130119.orig/sbin/Makefile
-+++ ca-certificates-20130119/sbin/Makefile
-@@ -3,9 +3,12 @@
- #
- #
-
-+SBINDIR = /usr/sbin
-+
- all:
-
- clean:
-
- install:
-- install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/
-+ install -d $(DESTDIR)$(SBINDIR)
-+ install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/
diff --git a/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch b/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch
deleted file mode 100644
index f78790923c..0000000000
--- a/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-update-ca-certificates: Replace deprecated mktemp -t with mktemp --tmpdir
-
-According to coreutils docs, mktemp -t is deprecated, switch to the
---tmpdir option instead.
-
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-Upstream-Status: Submitted [https://salsa.debian.org/debian/ca-certificates/-/merge_requests/5]
-
-[This was originally for compatibility with toybox but toybox now
-supports -t]
----
- sbin/update-ca-certificates | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates
-index 79c41bb..ae9e3f1 100755
---- a/sbin/update-ca-certificates
-+++ b/sbin/update-ca-certificates
-@@ -113,9 +113,9 @@ trap cleanup 0
-
- # Helper files. (Some of them are not simple arrays because we spawn
- # subshells later on.)
--TEMPBUNDLE="$(mktemp -t "${CERTBUNDLE}.tmp.XXXXXX")"
--ADDED="$(mktemp -t "ca-certificates.tmp.XXXXXX")"
--REMOVED="$(mktemp -t "ca-certificates.tmp.XXXXXX")"
-+TEMPBUNDLE="$(mktemp --tmpdir "${CERTBUNDLE}.tmp.XXXXXX")"
-+ADDED="$(mktemp --tmpdir "ca-certificates.tmp.XXXXXX")"
-+REMOVED="$(mktemp --tmpdir "ca-certificates.tmp.XXXXXX")"
-
- # Adds a certificate to the list of trusted ones. This includes a symlink
- # in /etc/ssl/certs to the certificate file and its inclusion into the
---
-2.1.4
diff --git a/meta/recipes-support/ca-certificates/ca-certificates_20210119.bb b/meta/recipes-support/ca-certificates/ca-certificates_20211016.bb
index 7dcc86fdc1..a54d6b458a 100644
--- a/meta/recipes-support/ca-certificates/ca-certificates_20210119.bb
+++ b/meta/recipes-support/ca-certificates/ca-certificates_20211016.bb
@@ -14,15 +14,14 @@ DEPENDS_class-nativesdk = "openssl-native"
# Need rehash from openssl and run-parts from debianutils
PACKAGE_WRITE_DEPS += "openssl-native debianutils-native"
-SRCREV = "181be7ebd169b4a6fb5d90c3e6dc791e90534144"
+SRCREV = "07de54fdcc5806bde549e1edf60738c6bccf50e8"
-SRC_URI = "git://salsa.debian.org/debian/ca-certificates.git;protocol=https \
+SRC_URI = "git://salsa.debian.org/debian/ca-certificates.git;protocol=https;branch=master \
file://0002-update-ca-certificates-use-SYSROOT.patch \
file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch \
- file://update-ca-certificates-support-Toybox.patch \
file://default-sysroot.patch \
- file://sbindir.patch \
file://0003-update-ca-certificates-use-relative-symlinks-from-ET.patch \
+ file://0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch \
"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+)"
diff --git a/meta/recipes-support/curl/curl/CVE-2021-22945.patch b/meta/recipes-support/curl/curl/CVE-2021-22945.patch
new file mode 100644
index 0000000000..44c42632ed
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2021-22945.patch
@@ -0,0 +1,35 @@
+From 43157490a5054bd24256fe12876931e8abc9df49 Mon Sep 17 00:00:00 2001
+From: z2_ on hackerone <>
+Date: Tue, 24 Aug 2021 09:50:33 +0200
+Subject: [PATCH] mqtt: clear the leftovers pointer when sending succeeds
+
+CVE-2021-22945
+
+Bug: https://curl.se/docs/CVE-2021-22945.html
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/43157490a5054bd24256fe12876931e8abc9df49]
+
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+
+---
+ lib/mqtt.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/lib/mqtt.c b/lib/mqtt.c
+index f077e6c3d..fcd40b41e 100644
+--- a/lib/mqtt.c
++++ b/lib/mqtt.c
+@@ -128,6 +128,10 @@ static CURLcode mqtt_send(struct Curl_easy *data,
+ mq->sendleftovers = sendleftovers;
+ mq->nsend = nsend;
+ }
++ else {
++ mq->sendleftovers = NULL;
++ mq->nsend = 0;
++ }
+ return result;
+ }
+
+--
+2.34.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2021-22946.patch b/meta/recipes-support/curl/curl/CVE-2021-22946.patch
new file mode 100644
index 0000000000..1cb95f0ea7
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2021-22946.patch
@@ -0,0 +1,333 @@
+From 7c6e072216001fb1280d1868adfdcb54e3372ce7 Mon Sep 17 00:00:00 2001
+From: Patrick Monnerat <patrick@monnerat.net>
+Date: Wed, 8 Sep 2021 11:56:22 +0200
+Subject: [PATCH] ftp,imap,pop3: do not ignore --ssl-reqd
+
+In imap and pop3, check if TLS is required even when capabilities
+request has failed.
+
+In ftp, ignore preauthentication (230 status of server greeting) if TLS
+is required.
+
+Bug: https://curl.se/docs/CVE-2021-22946.html
+
+CVE-2021-22946
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/364f174724ef115c63d5e5dc1d3342c8a43b1cca]
+
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+
+---
+ lib/ftp.c | 9 ++++---
+ lib/imap.c | 24 ++++++++----------
+ lib/pop3.c | 33 +++++++++++-------------
+ tests/data/Makefile.inc | 2 ++
+ tests/data/test984 | 56 +++++++++++++++++++++++++++++++++++++++++
+ tests/data/test985 | 54 +++++++++++++++++++++++++++++++++++++++
+ tests/data/test986 | 53 ++++++++++++++++++++++++++++++++++++++
+ 7 files changed, 195 insertions(+), 36 deletions(-)
+ create mode 100644 tests/data/test984
+ create mode 100644 tests/data/test985
+ create mode 100644 tests/data/test986
+
+diff --git a/lib/ftp.c b/lib/ftp.c
+index 3818a9e..8b3fe1d 100644
+--- a/lib/ftp.c
++++ b/lib/ftp.c
+@@ -2665,9 +2665,12 @@ static CURLcode ftp_statemachine(struct Curl_easy *data,
+ /* we have now received a full FTP server response */
+ switch(ftpc->state) {
+ case FTP_WAIT220:
+- if(ftpcode == 230)
+- /* 230 User logged in - already! */
+- return ftp_state_user_resp(data, ftpcode, ftpc->state);
++ if(ftpcode == 230) {
++ /* 230 User logged in - already! Take as 220 if TLS required. */
++ if(data->set.use_ssl <= CURLUSESSL_TRY ||
++ conn->bits.ftp_use_control_ssl)
++ return ftp_state_user_resp(data, ftpcode, ftpc->state);
++ }
+ else if(ftpcode != 220) {
+ failf(data, "Got a %03d ftp-server response when 220 was expected",
+ ftpcode);
+diff --git a/lib/imap.c b/lib/imap.c
+index 2d80699..b056208 100644
+--- a/lib/imap.c
++++ b/lib/imap.c
+@@ -933,22 +933,18 @@ static CURLcode imap_state_capability_resp(struct Curl_easy *data,
+ line += wordlen;
+ }
+ }
+- else if(imapcode == IMAP_RESP_OK) {
+- if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
+- /* We don't have a SSL/TLS connection yet, but SSL is requested */
+- if(imapc->tls_supported)
+- /* Switch to TLS connection now */
+- result = imap_perform_starttls(data, conn);
+- else if(data->set.use_ssl == CURLUSESSL_TRY)
+- /* Fallback and carry on with authentication */
+- result = imap_perform_authentication(data, conn);
+- else {
+- failf(data, "STARTTLS not supported.");
+- result = CURLE_USE_SSL_FAILED;
+- }
++ else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
++ /* PREAUTH is not compatible with STARTTLS. */
++ if(imapcode == IMAP_RESP_OK && imapc->tls_supported && !imapc->preauth) {
++ /* Switch to TLS connection now */
++ result = imap_perform_starttls(data, conn);
+ }
+- else
++ else if(data->set.use_ssl <= CURLUSESSL_TRY)
+ result = imap_perform_authentication(data, conn);
++ else {
++ failf(data, "STARTTLS not available.");
++ result = CURLE_USE_SSL_FAILED;
++ }
+ }
+ else
+ result = imap_perform_authentication(data, conn);
+diff --git a/lib/pop3.c b/lib/pop3.c
+index 0ed3d3e..018fda1 100644
+--- a/lib/pop3.c
++++ b/lib/pop3.c
+@@ -738,28 +738,23 @@ static CURLcode pop3_state_capa_resp(struct Curl_easy *data, int pop3code,
+ }
+ }
+ }
+- else if(pop3code == '+') {
+- if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
+- /* We don't have a SSL/TLS connection yet, but SSL is requested */
+- if(pop3c->tls_supported)
+- /* Switch to TLS connection now */
+- result = pop3_perform_starttls(data, conn);
+- else if(data->set.use_ssl == CURLUSESSL_TRY)
+- /* Fallback and carry on with authentication */
+- result = pop3_perform_authentication(data, conn);
+- else {
+- failf(data, "STLS not supported.");
+- result = CURLE_USE_SSL_FAILED;
+- }
+- }
+- else
+- result = pop3_perform_authentication(data, conn);
+- }
+ else {
+ /* Clear text is supported when CAPA isn't recognised */
+- pop3c->authtypes |= POP3_TYPE_CLEARTEXT;
++ if(pop3code != '+')
++ pop3c->authtypes |= POP3_TYPE_CLEARTEXT;
+
+- result = pop3_perform_authentication(data, conn);
++ if(!data->set.use_ssl || conn->ssl[FIRSTSOCKET].use)
++ result = pop3_perform_authentication(data, conn);
++ else if(pop3code == '+' && pop3c->tls_supported)
++ /* Switch to TLS connection now */
++ result = pop3_perform_starttls(data, conn);
++ else if(data->set.use_ssl <= CURLUSESSL_TRY)
++ /* Fallback and carry on with authentication */
++ result = pop3_perform_authentication(data, conn);
++ else {
++ failf(data, "STLS not supported.");
++ result = CURLE_USE_SSL_FAILED;
++ }
+ }
+
+ return result;
+diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
+index e08cfc7..e6e2551 100644
+--- a/tests/data/Makefile.inc
++++ b/tests/data/Makefile.inc
+@@ -115,6 +115,8 @@ test945 test946 test947 test948 test949 test950 test951 test952 test953 \
+ test954 test955 test956 test957 test958 test959 test960 test961 test962 \
+ test963 test964 test965 test966 test967 test968 test969 test970 test971 \
+ \
++test984 test985 test986 \
++\
+ test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \
+ test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \
+ test1016 test1017 test1018 test1019 test1020 test1021 test1022 test1023 \
+diff --git a/tests/data/test984 b/tests/data/test984
+new file mode 100644
+index 0000000..e573f23
+--- /dev/null
++++ b/tests/data/test984
+@@ -0,0 +1,56 @@
++<testcase>
++<info>
++<keywords>
++IMAP
++STARTTLS
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++<servercmd>
++REPLY CAPABILITY A001 BAD Not implemented
++</servercmd>
++</reply>
++
++#
++# Client-side
++<client>
++<features>
++SSL
++</features>
++<server>
++imap
++</server>
++ <name>
++IMAP require STARTTLS with failing capabilities
++ </name>
++ <command>
++imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T log/upload%TESTNUMBER -u user:secret --ssl-reqd
++</command>
++<file name="log/upload%TESTNUMBER">
++Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
++From: Fred Foobar <foobar@example.COM>
++Subject: afternoon meeting
++To: joe@example.com
++Message-Id: <B27397-0100000@example.COM>
++MIME-Version: 1.0
++Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
++
++Hello Joe, do you think we can meet at 3:30 tomorrow?
++</file>
++</client>
++
++#
++# Verify data after the test has been "shot"
++<verify>
++# 64 is CURLE_USE_SSL_FAILED
++<errorcode>
++64
++</errorcode>
++<protocol>
++A001 CAPABILITY
++</protocol>
++</verify>
++</testcase>
+diff --git a/tests/data/test985 b/tests/data/test985
+new file mode 100644
+index 0000000..d0db4aa
+--- /dev/null
++++ b/tests/data/test985
+@@ -0,0 +1,54 @@
++<testcase>
++<info>
++<keywords>
++POP3
++STARTTLS
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++<servercmd>
++REPLY CAPA -ERR Not implemented
++</servercmd>
++<data nocheck="yes">
++From: me@somewhere
++To: fake@nowhere
++
++body
++
++--
++ yours sincerely
++</data>
++</reply>
++
++#
++# Client-side
++<client>
++<features>
++SSL
++</features>
++<server>
++pop3
++</server>
++ <name>
++POP3 require STARTTLS with failing capabilities
++ </name>
++ <command>
++pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl-reqd
++ </command>
++</client>
++
++#
++# Verify data after the test has been "shot"
++<verify>
++# 64 is CURLE_USE_SSL_FAILED
++<errorcode>
++64
++</errorcode>
++<protocol>
++CAPA
++</protocol>
++</verify>
++</testcase>
+diff --git a/tests/data/test986 b/tests/data/test986
+new file mode 100644
+index 0000000..a709437
+--- /dev/null
++++ b/tests/data/test986
+@@ -0,0 +1,53 @@
++<testcase>
++<info>
++<keywords>
++FTP
++STARTTLS
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++<servercmd>
++REPLY welcome 230 Welcome
++REPLY AUTH 500 unknown command
++</servercmd>
++</reply>
++
++# Client-side
++<client>
++<features>
++SSL
++</features>
++<server>
++ftp
++</server>
++ <name>
++FTP require STARTTLS while preauthenticated
++ </name>
++<file name="log/test%TESTNUMBER.txt">
++data
++ to
++ see
++that FTPS
++works
++ so does it?
++</file>
++ <command>
++--ssl-reqd --ftp-ssl-control ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T log/test%TESTNUMBER.txt -u user:secret
++</command>
++</client>
++
++# Verify data after the test has been "shot"
++<verify>
++# 64 is CURLE_USE_SSL_FAILED
++<errorcode>
++64
++</errorcode>
++<protocol>
++AUTH SSL
++AUTH TLS
++</protocol>
++</verify>
++</testcase>
+--
+2.34.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2021-22947.patch b/meta/recipes-support/curl/curl/CVE-2021-22947.patch
new file mode 100644
index 0000000000..9bd9890d72
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2021-22947.patch
@@ -0,0 +1,357 @@
+From f3f2d2554d09ca0e13039e4915b83faaa55961c4 Mon Sep 17 00:00:00 2001
+From: Patrick Monnerat <patrick@monnerat.net>
+Date: Tue, 7 Sep 2021 13:26:42 +0200
+Subject: [PATCH] ftp,imap,pop3,smtp: reject STARTTLS server response
+
+ pipelining
+
+If a server pipelines future responses within the STARTTLS response, the
+former are preserved in the pingpong cache across TLS negotiation and
+used as responses to the encrypted commands.
+
+This fix detects pipelined STARTTLS responses and rejects them with an
+error.
+
+CVE-2021-22947
+
+Bug: https://curl.se/docs/CVE-2021-22947.html
+
+Upstream-Status: Backport [https://github.com/curl/curl/commit/8ef147c43646e91fdaad5d0e7b60351f842e5c68]
+
+Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
+
+---
+ lib/ftp.c | 3 +++
+ lib/imap.c | 4 +++
+ lib/pop3.c | 4 +++
+ lib/smtp.c | 4 +++
+ tests/data/Makefile.inc | 2 +-
+ tests/data/test980 | 52 ++++++++++++++++++++++++++++++++++++
+ tests/data/test981 | 59 +++++++++++++++++++++++++++++++++++++++++
+ tests/data/test982 | 57 +++++++++++++++++++++++++++++++++++++++
+ tests/data/test983 | 52 ++++++++++++++++++++++++++++++++++++
+ 9 files changed, 236 insertions(+), 1 deletion(-)
+ create mode 100644 tests/data/test980
+ create mode 100644 tests/data/test981
+ create mode 100644 tests/data/test982
+ create mode 100644 tests/data/test983
+
+diff --git a/lib/ftp.c b/lib/ftp.c
+index 8b3fe1d..a55566a 100644
+--- a/lib/ftp.c
++++ b/lib/ftp.c
+@@ -2727,6 +2727,9 @@ static CURLcode ftp_statemachine(struct Curl_easy *data,
+ case FTP_AUTH:
+ /* we have gotten the response to a previous AUTH command */
+
++ if(pp->cache_size)
++ return CURLE_WEIRD_SERVER_REPLY; /* Forbid pipelining in response. */
++
+ /* RFC2228 (page 5) says:
+ *
+ * If the server is willing to accept the named security mechanism,
+diff --git a/lib/imap.c b/lib/imap.c
+index b056208..9230f17 100644
+--- a/lib/imap.c
++++ b/lib/imap.c
+@@ -962,6 +962,10 @@ static CURLcode imap_state_starttls_resp(struct Curl_easy *data,
+
+ (void)instate; /* no use for this yet */
+
++ /* Pipelining in response is forbidden. */
++ if(data->conn->proto.imapc.pp.cache_size)
++ return CURLE_WEIRD_SERVER_REPLY;
++
+ if(imapcode != IMAP_RESP_OK) {
+ if(data->set.use_ssl != CURLUSESSL_TRY) {
+ failf(data, "STARTTLS denied");
+diff --git a/lib/pop3.c b/lib/pop3.c
+index 018fda1..4f953f7 100644
+--- a/lib/pop3.c
++++ b/lib/pop3.c
+@@ -769,6 +769,10 @@ static CURLcode pop3_state_starttls_resp(struct Curl_easy *data,
+ CURLcode result = CURLE_OK;
+ (void)instate; /* no use for this yet */
+
++ /* Pipelining in response is forbidden. */
++ if(data->conn->proto.pop3c.pp.cache_size)
++ return CURLE_WEIRD_SERVER_REPLY;
++
+ if(pop3code != '+') {
+ if(data->set.use_ssl != CURLUSESSL_TRY) {
+ failf(data, "STARTTLS denied");
+diff --git a/lib/smtp.c b/lib/smtp.c
+index 1fc8800..51445f6 100644
+--- a/lib/smtp.c
++++ b/lib/smtp.c
+@@ -832,6 +832,10 @@ static CURLcode smtp_state_starttls_resp(struct Curl_easy *data,
+ CURLcode result = CURLE_OK;
+ (void)instate; /* no use for this yet */
+
++ /* Pipelining in response is forbidden. */
++ if(data->conn->proto.smtpc.pp.cache_size)
++ return CURLE_WEIRD_SERVER_REPLY;
++
+ if(smtpcode != 220) {
+ if(data->set.use_ssl != CURLUSESSL_TRY) {
+ failf(data, "STARTTLS denied, code %d", smtpcode);
+diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
+index e6e2551..22d7a0b 100644
+--- a/tests/data/Makefile.inc
++++ b/tests/data/Makefile.inc
+@@ -115,7 +115,7 @@ test945 test946 test947 test948 test949 test950 test951 test952 test953 \
+ test954 test955 test956 test957 test958 test959 test960 test961 test962 \
+ test963 test964 test965 test966 test967 test968 test969 test970 test971 \
+ \
+-test984 test985 test986 \
++test980 test981 test982 test983 test984 test985 test986 \
+ \
+ test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \
+ test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \
+diff --git a/tests/data/test980 b/tests/data/test980
+new file mode 100644
+index 0000000..97567f8
+--- /dev/null
++++ b/tests/data/test980
+@@ -0,0 +1,52 @@
++<testcase>
++<info>
++<keywords>
++SMTP
++STARTTLS
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++<servercmd>
++CAPA STARTTLS
++AUTH PLAIN
++REPLY STARTTLS 454 currently unavailable\r\n235 Authenticated\r\n250 2.1.0 Sender ok\r\n250 2.1.5 Recipient ok\r\n354 Enter mail\r\n250 2.0.0 Accepted
++REPLY AUTH 535 5.7.8 Authentication credentials invalid
++</servercmd>
++</reply>
++
++#
++# Client-side
++<client>
++<features>
++SSL
++</features>
++<server>
++smtp
++</server>
++ <name>
++SMTP STARTTLS pipelined server response
++ </name>
++<stdin>
++mail body
++</stdin>
++ <command>
++smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret --ssl --sasl-ir -T -
++</command>
++</client>
++
++#
++# Verify data after the test has been "shot"
++<verify>
++# 8 is CURLE_WEIRD_SERVER_REPLY
++<errorcode>
++8
++</errorcode>
++<protocol>
++EHLO %TESTNUMBER
++STARTTLS
++</protocol>
++</verify>
++</testcase>
+diff --git a/tests/data/test981 b/tests/data/test981
+new file mode 100644
+index 0000000..2b98ce4
+--- /dev/null
++++ b/tests/data/test981
+@@ -0,0 +1,59 @@
++<testcase>
++<info>
++<keywords>
++IMAP
++STARTTLS
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++<servercmd>
++CAPA STARTTLS
++REPLY STARTTLS A002 BAD currently unavailable\r\nA003 OK Authenticated\r\nA004 OK Accepted
++REPLY LOGIN A003 BAD Authentication credentials invalid
++</servercmd>
++</reply>
++
++#
++# Client-side
++<client>
++<features>
++SSL
++</features>
++<server>
++imap
++</server>
++ <name>
++IMAP STARTTLS pipelined server response
++ </name>
++ <command>
++imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T log/upload%TESTNUMBER -u user:secret --ssl
++</command>
++<file name="log/upload%TESTNUMBER">
++Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
++From: Fred Foobar <foobar@example.COM>
++Subject: afternoon meeting
++To: joe@example.com
++Message-Id: <B27397-0100000@example.COM>
++MIME-Version: 1.0
++Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
++
++Hello Joe, do you think we can meet at 3:30 tomorrow?
++</file>
++</client>
++
++#
++# Verify data after the test has been "shot"
++<verify>
++# 8 is CURLE_WEIRD_SERVER_REPLY
++<errorcode>
++8
++</errorcode>
++<protocol>
++A001 CAPABILITY
++A002 STARTTLS
++</protocol>
++</verify>
++</testcase>
+diff --git a/tests/data/test982 b/tests/data/test982
+new file mode 100644
+index 0000000..9e07cc0
+--- /dev/null
++++ b/tests/data/test982
+@@ -0,0 +1,57 @@
++<testcase>
++<info>
++<keywords>
++POP3
++STARTTLS
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++<servercmd>
++CAPA STLS USER
++REPLY STLS -ERR currently unavailable\r\n+OK user accepted\r\n+OK authenticated
++REPLY PASS -ERR Authentication credentials invalid
++</servercmd>
++<data nocheck="yes">
++From: me@somewhere
++To: fake@nowhere
++
++body
++
++--
++ yours sincerely
++</data>
++</reply>
++
++#
++# Client-side
++<client>
++<features>
++SSL
++</features>
++<server>
++pop3
++</server>
++ <name>
++POP3 STARTTLS pipelined server response
++ </name>
++ <command>
++pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl
++ </command>
++</client>
++
++#
++# Verify data after the test has been "shot"
++<verify>
++# 8 is CURLE_WEIRD_SERVER_REPLY
++<errorcode>
++8
++</errorcode>
++<protocol>
++CAPA
++STLS
++</protocol>
++</verify>
++</testcase>
+diff --git a/tests/data/test983 b/tests/data/test983
+new file mode 100644
+index 0000000..300ec45
+--- /dev/null
++++ b/tests/data/test983
+@@ -0,0 +1,52 @@
++<testcase>
++<info>
++<keywords>
++FTP
++STARTTLS
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++<servercmd>
++REPLY AUTH 500 unknown command\r\n500 unknown command\r\n331 give password\r\n230 Authenticated\r\n257 "/"\r\n200 OK\r\n200 OK\r\n200 OK\r\n226 Transfer complete
++REPLY PASS 530 Login incorrect
++</servercmd>
++</reply>
++
++# Client-side
++<client>
++<features>
++SSL
++</features>
++<server>
++ftp
++</server>
++ <name>
++FTP STARTTLS pipelined server response
++ </name>
++<file name="log/test%TESTNUMBER.txt">
++data
++ to
++ see
++that FTPS
++works
++ so does it?
++</file>
++ <command>
++--ssl --ftp-ssl-control ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T log/test%TESTNUMBER.txt -u user:secret -P %CLIENTIP
++</command>
++</client>
++
++# Verify data after the test has been "shot"
++<verify>
++# 8 is CURLE_WEIRD_SERVER_REPLY
++<errorcode>
++8
++</errorcode>
++<protocol>
++AUTH SSL
++</protocol>
++</verify>
++</testcase>
+--
+2.34.1
+
diff --git a/meta/recipes-support/curl/curl_7.75.0.bb b/meta/recipes-support/curl/curl_7.75.0.bb
index d64e5e1f79..accede604c 100644
--- a/meta/recipes-support/curl/curl_7.75.0.bb
+++ b/meta/recipes-support/curl/curl_7.75.0.bb
@@ -21,6 +21,9 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \
file://CVE-2021-22901.patch \
file://CVE-2021-22924.patch \
file://CVE-2021-22926.patch \
+ file://CVE-2021-22945.patch \
+ file://CVE-2021-22946.patch \
+ file://CVE-2021-22947.patch \
"
SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb316d026"
@@ -28,6 +31,10 @@ SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb3
# Curl has used many names over the years...
CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"
+# These only apply when using --with-libmetalink, but --without-libmetalink is
+# set below.
+CVE_CHECK_WHITELIST += "CVE-2021-22922 CVE-2021-22923"
+
inherit autotools pkgconfig binconfig multilib_header
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib"
@@ -65,6 +72,7 @@ PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threade
PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose"
PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib"
+# Keep --without-libmetalink to mitigate CVE-2021-22922 and CVE-2021-22923
EXTRA_OECONF = " \
--disable-libcurl-option \
--disable-ntlm-wb \
diff --git a/meta/recipes-support/dos2unix/dos2unix_7.4.2.bb b/meta/recipes-support/dos2unix/dos2unix_7.4.2.bb
index 9005bdea59..e0a5499263 100644
--- a/meta/recipes-support/dos2unix/dos2unix_7.4.2.bb
+++ b/meta/recipes-support/dos2unix/dos2unix_7.4.2.bb
@@ -8,7 +8,7 @@ SECTION = "support"
LICENSE = "BSD-2-Clause"
LIC_FILES_CHKSUM = "file://COPYING.txt;md5=8a7c3499a1142df819e727253cd53a12"
-SRC_URI = "git://git.code.sf.net/p/dos2unix/dos2unix"
+SRC_URI = "git://git.code.sf.net/p/dos2unix/dos2unix;branch=master"
UPSTREAM_CHECK_GITTAGREGEX = "dos2unix-(?P<pver>(\d+(\.\d+)+))"
SRCREV = "72596f0ae21faa25a07a872d4843bc885475115d"
diff --git a/meta/recipes-support/gmp/gmp/cve-2021-43618.patch b/meta/recipes-support/gmp/gmp/cve-2021-43618.patch
new file mode 100644
index 0000000000..095fb21eaa
--- /dev/null
+++ b/meta/recipes-support/gmp/gmp/cve-2021-43618.patch
@@ -0,0 +1,27 @@
+CVE: CVE-2021-43618
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+# HG changeset patch
+# User Marco Bodrato <bodrato@mail.dm.unipi.it>
+# Date 1634836009 -7200
+# Node ID 561a9c25298e17bb01896801ff353546c6923dbd
+# Parent e1fd9db13b475209a864577237ea4b9105b3e96e
+mpz/inp_raw.c: Avoid bit size overflows
+
+diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c
+--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100
++++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200
+@@ -88,8 +88,11 @@
+
+ abs_csize = ABS (csize);
+
++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
++ return 0; /* Bit size overflows */
++
+ /* round up to a multiple of limbs */
+- abs_xsize = BITS_TO_LIMBS (abs_csize*8);
++ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);
+
+ if (abs_xsize != 0)
+ {
diff --git a/meta/recipes-support/gmp/gmp_6.2.1.bb b/meta/recipes-support/gmp/gmp_6.2.1.bb
index 3c50f928ab..f97c588c31 100644
--- a/meta/recipes-support/gmp/gmp_6.2.1.bb
+++ b/meta/recipes-support/gmp/gmp_6.2.1.bb
@@ -12,6 +12,7 @@ SRC_URI = "https://gmplib.org/download/${BPN}/${BP}${REVISION}.tar.bz2 \
file://use-includedir.patch \
file://0001-Append-the-user-provided-flags-to-the-auto-detected-.patch \
file://0001-confiure.ac-Believe-the-cflags-from-environment.patch \
+ file://cve-2021-43618.patch \
"
SRC_URI[md5sum] = "28971fc21cf028042d4897f02fd355ea"
SRC_URI[sha256sum] = "eae9326beb4158c386e39a356818031bd28f3124cf915f8c5b1dc4c7a36b4d7c"
diff --git a/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb b/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb
index e5c69c0c46..19f32e8d1f 100644
--- a/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb
+++ b/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb
@@ -9,7 +9,7 @@ LICENSE = "LGPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7 \
file://src/gnome-desktop-testing-runner.c;beginline=1;endline=20;md5=7ef3ad9da2ffcf7707dc11151fe007f4"
-SRC_URI = "git://gitlab.gnome.org/GNOME/gnome-desktop-testing.git;protocol=http"
+SRC_URI = "git://gitlab.gnome.org/GNOME/gnome-desktop-testing.git;protocol=http;branch=master"
SRCREV = "4decade67b29ad170fcf3de148e41695fc459f48"
DEPENDS = "glib-2.0"
diff --git a/meta/recipes-support/gnupg/gnupg_2.2.27.bb b/meta/recipes-support/gnupg/gnupg_2.2.27.bb
index 1181c8341b..18bb855769 100644
--- a/meta/recipes-support/gnupg/gnupg_2.2.27.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.2.27.bb
@@ -32,6 +32,7 @@ EXTRA_OECONF = "--disable-ldap \
--with-zlib=${STAGING_LIBDIR}/.. \
--with-bzip2=${STAGING_LIBDIR}/.. \
--with-readline=${STAGING_LIBDIR}/.. \
+ --with-mailprog=${sbindir}/sendmail \
--enable-gpg-is-gpg2 \
"
diff --git a/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch b/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch
new file mode 100644
index 0000000000..1c46684c6d
--- /dev/null
+++ b/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch
@@ -0,0 +1,24 @@
+From adb1d4e5498a19e9d591ac8f42f9ddfdb23a1354 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Thu, 15 Jul 2021 12:33:13 -0700
+Subject: [PATCH] use closefrom() on linux and glibc 2.34+
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/posix-io.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/posix-io.c b/src/posix-io.c
+index e712ef2..ab8ded9 100644
+--- a/src/posix-io.c
++++ b/src/posix-io.c
+@@ -570,7 +570,7 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags,
+ if (fd_list[i].fd > fd)
+ fd = fd_list[i].fd;
+ fd++;
+-#if defined(__sun) || defined(__FreeBSD__)
++#if defined(__sun) || defined(__FreeBSD__) || (defined(__GLIBC__) && __GNUC_PREREQ(2, 34))
+ closefrom (fd);
+ max_fds = fd;
+ #else /*!__sun */
diff --git a/meta/recipes-support/gpgme/gpgme_1.15.1.bb b/meta/recipes-support/gpgme/gpgme_1.15.1.bb
index dc38aa8e3c..f207e81687 100644
--- a/meta/recipes-support/gpgme/gpgme_1.15.1.bb
+++ b/meta/recipes-support/gpgme/gpgme_1.15.1.bb
@@ -20,7 +20,8 @@ SRC_URI = "${GNUPG_MIRROR}/gpgme/${BP}.tar.bz2 \
file://0006-fix-build-path-issue.patch \
file://0007-python-Add-variables-to-tests.patch \
file://0008-do-not-auto-check-var-PYTHON.patch \
- "
+ file://0001-use-closefrom-on-linux-and-glibc-2.34.patch \
+ "
SRC_URI[sha256sum] = "eebc3c1b27f1c8979896ff361ba9bb4778b508b2496c2fc10e3775a40b1de1ad"
diff --git a/meta/recipes-support/iso-codes/iso-codes_4.6.0.bb b/meta/recipes-support/iso-codes/iso-codes_4.6.0.bb
index f915716ce7..cd27fb0b70 100644
--- a/meta/recipes-support/iso-codes/iso-codes_4.6.0.bb
+++ b/meta/recipes-support/iso-codes/iso-codes_4.6.0.bb
@@ -20,3 +20,7 @@ S = "${WORKDIR}/git"
inherit allarch autotools
FILES_${PN} += "${datadir}/xml/"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb
index fd3d8e09f2..c212d02651 100644
--- a/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb
+++ b/meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb
@@ -27,7 +27,7 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \
file://0004-tests-Makefile.am-fix-undefined-reference-to-pthread.patch \
file://0001-Makefile.am-add-a-missing-space.patch \
"
-SRC_URI[sha256sum] = "97ebe4f94e2f7e35b752194ce15a0f3c66324e0ff6af26659bbfb5ff2ec328fd"
+SRC_URI[sha256sum] = "ea849c83a72454e3ed4267697e8ca03390aee972ab421e7df69dfe42b65caaf7"
# Below whitelisted CVEs are disputed and not affecting crypto libraries for any distro.
CVE_CHECK_WHITELIST += "CVE-2018-12433 CVE-2018-12438"
diff --git a/meta/recipes-support/libgit2/libgit2_1.1.0.bb b/meta/recipes-support/libgit2/libgit2_1.1.0.bb
index 2bbf59ea74..9b2eec9c9e 100644
--- a/meta/recipes-support/libgit2/libgit2_1.1.0.bb
+++ b/meta/recipes-support/libgit2/libgit2_1.1.0.bb
@@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5b002a195fb7ea2d8d583f07eaff3a8e"
DEPENDS = "curl openssl zlib libssh2 libgcrypt libpcre2"
-SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.1"
+SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.1;protocol=https"
SRCREV = "7f4fa178629d559c037a1f72f79f79af9c1ef8ce"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb b/meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb
index 197bb787ac..f335abb261 100644
--- a/meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb
+++ b/meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb
@@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c69090e97c8fd6372d03099c0a5bc382 \
file://COPYING.gplv2;md5=eb723b61539feef013de476e68b5c50a \
file://COPYING.bsd;md5=66a5cedaf62c4b2637025f049f9b826f \
"
-SRC_URI = "git://github.com/smuellerDD/jitterentropy-library.git"
+SRC_URI = "git://github.com/smuellerDD/jitterentropy-library.git;branch=master;protocol=https"
SRCREV = "747bf030b0ea9c44548b4e29bcfab7ae416675fc"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-support/libpcre/libpcre2_10.36.bb b/meta/recipes-support/libpcre/libpcre2_10.36.bb
index d8077a1224..d64822be30 100644
--- a/meta/recipes-support/libpcre/libpcre2_10.36.bb
+++ b/meta/recipes-support/libpcre/libpcre2_10.36.bb
@@ -10,7 +10,9 @@ SECTION = "devel"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENCE;md5=60c08fab1357bfe9084b333bc33362d6"
-SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2"
+SRC_URI = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PV}/pcre2-${PV}.tar.bz2"
+
+UPSTREAM_CHECK_URI = "https://github.com/PhilipHazel/pcre2/releases"
SRC_URI[sha256sum] = "a9ef39278113542968c7c73a31cfcb81aca1faa64690f400b907e8ab6b4a665c"
diff --git a/meta/recipes-support/libpcre/libpcre_8.44.bb b/meta/recipes-support/libpcre/libpcre_8.44.bb
index cd80dc7345..3267c5ad72 100644
--- a/meta/recipes-support/libpcre/libpcre_8.44.bb
+++ b/meta/recipes-support/libpcre/libpcre_8.44.bb
@@ -7,7 +7,7 @@ HOMEPAGE = "http://www.pcre.org"
SECTION = "devel"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENCE;md5=3bb381a66a5385b246d4877922e7511e"
-SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \
+SRC_URI = "${SOURCEFORGE_MIRROR}/pcre/pcre-${PV}.tar.bz2 \
file://run-ptest \
file://Makefile \
"
diff --git a/meta/recipes-support/libunistring/libunistring_0.9.10.bb b/meta/recipes-support/libunistring/libunistring_0.9.10.bb
index 0a7b18ed08..589faacb05 100644
--- a/meta/recipes-support/libunistring/libunistring_0.9.10.bb
+++ b/meta/recipes-support/libunistring/libunistring_0.9.10.bb
@@ -18,6 +18,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \
file://README;beginline=45;endline=65;md5=08287d16ba8d839faed8d2dc14d7d6a5 \
file://doc/libunistring.texi;md5=287fa6075f78a3c85c1a52b0a92547cd \
"
+DEPENDS = "gperf-native"
SRC_URI = "${GNU_MIRROR}/libunistring/libunistring-${PV}.tar.gz \
file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
diff --git a/meta/recipes-support/libusb/libusb1_1.0.24.bb b/meta/recipes-support/libusb/libusb1_1.0.24.bb
index 92e66b1b16..76a707b70f 100644
--- a/meta/recipes-support/libusb/libusb1_1.0.24.bb
+++ b/meta/recipes-support/libusb/libusb1_1.0.24.bb
@@ -1,7 +1,7 @@
SUMMARY = "Userspace library to access USB (version 1.0)"
DESCRIPTION = "A cross-platform library to access USB devices from Linux, \
macOS, Windows, OpenBSD/NetBSD, Haiku and Solaris userspace."
-HOMEPAGE = "http://libusb.sf.net"
+HOMEPAGE = "https://libusb.info"
BUGTRACKER = "http://www.libusb.org/report"
SECTION = "libs"
@@ -10,10 +10,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24"
BBCLASSEXTEND = "native nativesdk"
-SRC_URI = "${SOURCEFORGE_MIRROR}/libusb/libusb-${PV}.tar.bz2 \
+SRC_URI = "https://github.com/libusb/libusb/releases/download/v${PV}/libusb-${PV}.tar.bz2 \
file://run-ptest \
"
+UPSTREAM_CHECK_URI = "https://github.com/libusb/libusb/releases"
+
SRC_URI[sha256sum] = "7efd2685f7b327326dcfb85cee426d9b871fd70e22caa15bb68d595ce2a2b12a"
S = "${WORKDIR}/libusb-${PV}"
diff --git a/meta/recipes-support/lz4/lz4_1.9.3.bb b/meta/recipes-support/lz4/lz4_1.9.3.bb
index 9d5dc0253a..15867023c3 100644
--- a/meta/recipes-support/lz4/lz4_1.9.3.bb
+++ b/meta/recipes-support/lz4/lz4_1.9.3.bb
@@ -12,7 +12,7 @@ PE = "1"
SRCREV = "d44371841a2f1728a3f36839fd4b7e872d0927d3"
-SRC_URI = "git://github.com/lz4/lz4.git;branch=release \
+SRC_URI = "git://github.com/lz4/lz4.git;branch=release;protocol=https \
file://run-ptest \
file://CVE-2021-3520.patch \
"
diff --git a/meta/recipes-support/numactl/numactl_git.bb b/meta/recipes-support/numactl/numactl_git.bb
index 6c8a667a41..a0e72253a1 100644
--- a/meta/recipes-support/numactl/numactl_git.bb
+++ b/meta/recipes-support/numactl/numactl_git.bb
@@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://README.md;beginline=19;endline=32;md5=f8ff2391624f28e
SRCREV = "dd6de072c92c892a86e18c0fd0dfa1ba57a9a05d"
PV = "2.0.14"
-SRC_URI = "git://github.com/numactl/numactl \
+SRC_URI = "git://github.com/numactl/numactl;branch=master;protocol=https \
file://Fix-the-test-output-format.patch \
file://Makefile \
file://run-ptest \
diff --git a/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb b/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb
index 623afccb5e..5f1b73ee16 100644
--- a/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb
+++ b/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb
@@ -10,7 +10,7 @@ DEPENDS = "libtasn1 libtasn1-native libffi"
DEPENDS_append = "${@' glib-2.0' if d.getVar('GTKDOC_ENABLED') == 'True' else ''}"
-SRC_URI = "git://github.com/p11-glue/p11-kit;branch=0.23"
+SRC_URI = "git://github.com/p11-glue/p11-kit;branch=0.23;protocol=https"
SRCREV = "bd97afbfe28d5fbbde95ce36ff7a8834fc0291ee"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb b/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
index b14b947f97..6544b374c2 100644
--- a/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
+++ b/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe"
SRCREV = "bcb82804daa8f725b6add259dcef2067e61a75aa"
PV .= "+git${SRCPV}"
-SRC_URI = "git://git.yoctoproject.org/ptest-runner2 \
+SRC_URI = "git://git.yoctoproject.org/ptest-runner2;branch=master \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-support/rng-tools/rng-tools/rngd.service b/meta/recipes-support/rng-tools/rng-tools/rngd.service
index 0559b97991..568686e80e 100644
--- a/meta/recipes-support/rng-tools/rng-tools/rngd.service
+++ b/meta/recipes-support/rng-tools/rng-tools/rngd.service
@@ -3,6 +3,7 @@ Description=Hardware RNG Entropy Gatherer Daemon
DefaultDependencies=no
After=systemd-udev-settle.service
Before=sysinit.target shutdown.target
+Wants=systemd-udev-settle.service
Conflicts=shutdown.target
[Service]
diff --git a/meta/recipes-support/rng-tools/rng-tools_6.11.bb b/meta/recipes-support/rng-tools/rng-tools_6.11.bb
index 61a0cef2e0..bc98efa3c6 100644
--- a/meta/recipes-support/rng-tools/rng-tools_6.11.bb
+++ b/meta/recipes-support/rng-tools/rng-tools_6.11.bb
@@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
DEPENDS = "sysfsutils openssl"
SRC_URI = "\
- git://github.com/nhorman/rng-tools.git \
+ git://github.com/nhorman/rng-tools.git;branch=master;protocol=https \
file://init \
file://default \
file://rngd.service \
diff --git a/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb b/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb
index ff32259d8e..9eb70b7e65 100644
--- a/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb
+++ b/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
DEPENDS = "libxml2 itstool-native glib-2.0 shared-mime-info-native xmlto-native"
-SRC_URI = "git://gitlab.freedesktop.org/xdg/shared-mime-info.git;protocol=https"
+SRC_URI = "git://gitlab.freedesktop.org/xdg/shared-mime-info.git;protocol=https;branch=master"
SRCREV = "18e558fa1c8b90b86757ade09a4ba4d6a6cf8f70"
PV = "2.1"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch b/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
index 63a7b78f12..2fc11dbdc2 100644
--- a/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
+++ b/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
@@ -16,11 +16,11 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
src/Makefile | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)
-diff --git a/src/Makefile b/src/Makefile
-index f2fafa4dc..7148d4bd9 100644
---- a/src/Makefile
-+++ b/src/Makefile
-@@ -2845,16 +2845,10 @@ auto/pathdef.c: Makefile auto/config.mk
+Index: git/src/Makefile
+===================================================================
+--- git.orig/src/Makefile
++++ git/src/Makefile
+@@ -3101,16 +3101,10 @@ auto/pathdef.c: Makefile auto/config.mk
-@echo '#include "vim.h"' >> $@
-@echo 'char_u *default_vim_dir = (char_u *)"$(VIMRCLOC)";' | $(QUOTESED) >> $@
-@echo 'char_u *default_vimruntime_dir = (char_u *)"$(VIMRUNTIMEDIR)";' | $(QUOTESED) >> $@
@@ -41,6 +41,3 @@ index f2fafa4dc..7148d4bd9 100644
-@sh $(srcdir)/pathdef.sh
GUI_GTK_RES_INPUTS = \
---
-2.17.1
-
diff --git a/meta/recipes-support/vim/files/CVE-2021-3778.patch b/meta/recipes-support/vim/files/CVE-2021-3778.patch
deleted file mode 100644
index 04ac413e56..0000000000
--- a/meta/recipes-support/vim/files/CVE-2021-3778.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 9ba62f1042513fcadcc4e8fdcee171db66ef1d69 Mon Sep 17 00:00:00 2001
-From: Bram Moolenaar <Bram@vim.org>
-Date: Fri, 24 Sep 2021 15:15:24 +0800
-Subject: [PATCH] patch 8.2.3409: reading beyond end of line with invalid utf-8
- character
-
-Problem: Reading beyond end of line with invalid utf-8 character.
-Solution: Check for NUL when advancing.
-
-Upstream-Status: Backport [https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f]
-CVE: CVE-2021-3778
-
-Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
----
- src/regexp_nfa.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/regexp_nfa.c b/src/regexp_nfa.c
-index fb512f961..2806408de 100644
---- a/src/regexp_nfa.c
-+++ b/src/regexp_nfa.c
-@@ -5455,7 +5455,8 @@ find_match_text(colnr_T startcol, int regstart, char_u *match_text)
- match = FALSE;
- break;
- }
-- len2 += MB_CHAR2LEN(c2);
-+ len2 += enc_utf8 ? utf_ptr2len(rex.line + col + len2)
-+ : MB_CHAR2LEN(c2);
- }
- if (match
- // check that no composing char follows
---
-2.17.1
-
diff --git a/meta/recipes-support/vim/files/CVE-2021-3875.patch b/meta/recipes-support/vim/files/CVE-2021-3875.patch
new file mode 100644
index 0000000000..d62d875f8e
--- /dev/null
+++ b/meta/recipes-support/vim/files/CVE-2021-3875.patch
@@ -0,0 +1,37 @@
+From 40aa9802ef56d3cdbe256b4c9e58049953051a2d Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Mon, 15 Nov 2021 14:34:50 +0800
+Subject: [PATCH] patch 8.2.3489: ml_get error after search with range
+
+Problem: ml_get error after search with range.
+Solution: Limit the line number to the buffer line count.
+
+CVE: CVE-2021-3875
+
+Upstream-Status: Backport [https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ src/ex_docmd.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/ex_docmd.c b/src/ex_docmd.c
+index fb07450f8..89d33ba90 100644
+--- a/src/ex_docmd.c
++++ b/src/ex_docmd.c
+@@ -3586,8 +3586,10 @@ get_address(
+
+ // When '/' or '?' follows another address, start from
+ // there.
+- if (lnum != MAXLNUM)
+- curwin->w_cursor.lnum = lnum;
++ if (lnum > 0 && lnum != MAXLNUM)
++ curwin->w_cursor.lnum =
++ lnum > curbuf->b_ml.ml_line_count
++ ? curbuf->b_ml.ml_line_count : lnum;
+
+ // Start a forward search at the end of the line (unless
+ // before the first line).
+--
+2.17.1
+
diff --git a/meta/recipes-support/vim/files/CVE-2021-3903.patch b/meta/recipes-support/vim/files/CVE-2021-3903.patch
new file mode 100644
index 0000000000..fb45857de8
--- /dev/null
+++ b/meta/recipes-support/vim/files/CVE-2021-3903.patch
@@ -0,0 +1,38 @@
+From a366598006f4d7bf9b4fbcd334a2e5078dcb6ad8 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Fri, 12 Nov 2021 02:23:38 +0000
+Subject: [PATCH] =?UTF-8?q?patch=208.2.3564:=20invalid=20memory=20access?=
+ =?UTF-8?q?=20when=20scrolling=20without=20valid=20sc=E2=80=A6?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+…reen
+
+Problem: Invalid memory access when scrolling without a valid screen.
+Solution: Do not set VALID_BOTLINE in w_valid.
+
+CVE: CVE-2021-3903
+
+Upstream-Status: Backport [https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ src/move.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/move.c b/src/move.c
+index 8e53d8bcb..10165ef4d 100644
+--- a/src/move.c
++++ b/src/move.c
+@@ -198,7 +198,6 @@ update_topline(void)
+ {
+ curwin->w_topline = curwin->w_cursor.lnum;
+ curwin->w_botline = curwin->w_topline;
+- curwin->w_valid |= VALID_BOTLINE|VALID_BOTLINE_AP;
+ curwin->w_scbind_pos = 1;
+ return;
+ }
+--
+2.31.1
+
diff --git a/meta/recipes-support/vim/files/CVE-2021-3927.patch b/meta/recipes-support/vim/files/CVE-2021-3927.patch
new file mode 100644
index 0000000000..90b1b6b82e
--- /dev/null
+++ b/meta/recipes-support/vim/files/CVE-2021-3927.patch
@@ -0,0 +1,32 @@
+From f334a87204b4aab76536063b37b4d4a10be46a3a Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Wed, 17 Nov 2021 11:09:48 +0800
+Subject: [PATCH] patch 8.2.3581: reading character past end of line
+
+Problem: Reading character past end of line.
+Solution: Correct the cursor column.
+
+CVE: CVE-2021-3927
+
+Upstream-Status: Backport [https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ src/ex_docmd.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/ex_docmd.c b/src/ex_docmd.c
+index 89d33ba90..54d7f4cb3 100644
+--- a/src/ex_docmd.c
++++ b/src/ex_docmd.c
+@@ -6905,6 +6905,7 @@ ex_put(exarg_T *eap)
+ eap->forceit = TRUE;
+ }
+ curwin->w_cursor.lnum = eap->line2;
++ check_cursor_col();
+ do_put(eap->regname, eap->forceit ? BACKWARD : FORWARD, 1L,
+ PUT_LINE|PUT_CURSLINE);
+ }
+--
+2.17.1
+
diff --git a/meta/recipes-support/vim/files/CVE-2021-3928.patch b/meta/recipes-support/vim/files/CVE-2021-3928.patch
new file mode 100644
index 0000000000..8672367ab9
--- /dev/null
+++ b/meta/recipes-support/vim/files/CVE-2021-3928.patch
@@ -0,0 +1,34 @@
+From ad7f7a3f81077ddfac451acd33ca049b9f2a5178 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Wed, 17 Nov 2021 11:22:21 +0800
+Subject: [PATCH] patch 8.2.3582: reading uninitialized memory when giving
+ spell suggestions
+
+Problem: Reading uninitialized memory when giving spell suggestions.
+Solution: Check that preword is not empty.
+
+CVE: CVE-2021-3928
+
+Upstream-Status: Backport [https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ src/spellsuggest.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/spellsuggest.c b/src/spellsuggest.c
+index 9d6df7930..88307b203 100644
+--- a/src/spellsuggest.c
++++ b/src/spellsuggest.c
+@@ -1600,7 +1600,7 @@ suggest_trie_walk(
+ // char, e.g., "thes," -> "these".
+ p = fword + sp->ts_fidx;
+ MB_PTR_BACK(fword, p);
+- if (!spell_iswordp(p, curwin))
++ if (!spell_iswordp(p, curwin) && *preword != NUL)
+ {
+ p = preword + STRLEN(preword);
+ MB_PTR_BACK(preword, p);
+--
+2.17.1
+
diff --git a/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch b/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch
deleted file mode 100644
index 1cee759502..0000000000
--- a/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch
+++ /dev/null
@@ -1,207 +0,0 @@
-From b7081e135a16091c93f6f5f7525a5c58fb7ca9f9 Mon Sep 17 00:00:00 2001
-From: Bram Moolenaar <Bram@vim.org>
-Date: Sat, 4 Sep 2021 18:47:28 +0200
-Subject: [PATCH] patch 8.2.3402: invalid memory access when using :retab with
- large value
-
-Problem: Invalid memory access when using :retab with large value.
-Solution: Check the number is positive.
-
-CVE: CVE-2021-3770
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-Upstream-Status: Backport [https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9]
----
- src/indent.c | 34 +++++++++++++++++++++-------------
- src/option.c | 12 ++++++------
- src/optionstr.c | 4 ++--
- src/testdir/test_retab.vim | 3 +++
- src/version.c | 2 ++
- 5 files changed, 34 insertions(+), 21 deletions(-)
-
-Index: git/src/indent.c
-===================================================================
---- git.orig/src/indent.c
-+++ git/src/indent.c
-@@ -18,18 +18,19 @@
- /*
- * Set the integer values corresponding to the string setting of 'vartabstop'.
- * "array" will be set, caller must free it if needed.
-+ * Return FAIL for an error.
- */
- int
- tabstop_set(char_u *var, int **array)
- {
-- int valcount = 1;
-- int t;
-- char_u *cp;
-+ int valcount = 1;
-+ int t;
-+ char_u *cp;
-
- if (var[0] == NUL || (var[0] == '0' && var[1] == NUL))
- {
- *array = NULL;
-- return TRUE;
-+ return OK;
- }
-
- for (cp = var; *cp != NUL; ++cp)
-@@ -43,8 +44,8 @@ tabstop_set(char_u *var, int **array)
- if (cp != end)
- emsg(_(e_positive));
- else
-- emsg(_(e_invarg));
-- return FALSE;
-+ semsg(_(e_invarg2), cp);
-+ return FAIL;
- }
- }
-
-@@ -55,26 +56,33 @@ tabstop_set(char_u *var, int **array)
- ++valcount;
- continue;
- }
-- emsg(_(e_invarg));
-- return FALSE;
-+ semsg(_(e_invarg2), var);
-+ return FAIL;
- }
-
- *array = ALLOC_MULT(int, valcount + 1);
- if (*array == NULL)
-- return FALSE;
-+ return FAIL;
- (*array)[0] = valcount;
-
- t = 1;
- for (cp = var; *cp != NUL;)
- {
-- (*array)[t++] = atoi((char *)cp);
-- while (*cp != NUL && *cp != ',')
-+ int n = atoi((char *)cp);
-+
-+ if (n < 0 || n > 9999)
-+ {
-+ semsg(_(e_invarg2), cp);
-+ return FAIL;
-+ }
-+ (*array)[t++] = n;
-+ while (*cp != NUL && *cp != ',')
- ++cp;
- if (*cp != NUL)
- ++cp;
- }
-
-- return TRUE;
-+ return OK;
- }
-
- /*
-@@ -1556,7 +1564,7 @@ ex_retab(exarg_T *eap)
-
- #ifdef FEAT_VARTABS
- new_ts_str = eap->arg;
-- if (!tabstop_set(eap->arg, &new_vts_array))
-+ if (tabstop_set(eap->arg, &new_vts_array) == FAIL)
- return;
- while (vim_isdigit(*(eap->arg)) || *(eap->arg) == ',')
- ++(eap->arg);
-Index: git/src/option.c
-===================================================================
---- git.orig/src/option.c
-+++ git/src/option.c
-@@ -2292,9 +2292,9 @@ didset_options2(void)
- #endif
- #ifdef FEAT_VARTABS
- vim_free(curbuf->b_p_vsts_array);
-- tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array);
-+ (void)tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array);
- vim_free(curbuf->b_p_vts_array);
-- tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array);
-+ (void)tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array);
- #endif
- }
-
-@@ -5756,7 +5756,7 @@ buf_copy_options(buf_T *buf, int flags)
- buf->b_p_vsts = vim_strsave(p_vsts);
- COPY_OPT_SCTX(buf, BV_VSTS);
- if (p_vsts && p_vsts != empty_option)
-- tabstop_set(p_vsts, &buf->b_p_vsts_array);
-+ (void)tabstop_set(p_vsts, &buf->b_p_vsts_array);
- else
- buf->b_p_vsts_array = 0;
- buf->b_p_vsts_nopaste = p_vsts_nopaste
-@@ -5914,7 +5914,7 @@ buf_copy_options(buf_T *buf, int flags)
- buf->b_p_isk = save_p_isk;
- #ifdef FEAT_VARTABS
- if (p_vts && p_vts != empty_option && !buf->b_p_vts_array)
-- tabstop_set(p_vts, &buf->b_p_vts_array);
-+ (void)tabstop_set(p_vts, &buf->b_p_vts_array);
- else
- buf->b_p_vts_array = NULL;
- #endif
-@@ -5929,7 +5929,7 @@ buf_copy_options(buf_T *buf, int flags)
- buf->b_p_vts = vim_strsave(p_vts);
- COPY_OPT_SCTX(buf, BV_VTS);
- if (p_vts && p_vts != empty_option && !buf->b_p_vts_array)
-- tabstop_set(p_vts, &buf->b_p_vts_array);
-+ (void)tabstop_set(p_vts, &buf->b_p_vts_array);
- else
- buf->b_p_vts_array = NULL;
- #endif
-@@ -6634,7 +6634,7 @@ paste_option_changed(void)
- if (buf->b_p_vsts_array)
- vim_free(buf->b_p_vsts_array);
- if (buf->b_p_vsts && buf->b_p_vsts != empty_option)
-- tabstop_set(buf->b_p_vsts, &buf->b_p_vsts_array);
-+ (void)tabstop_set(buf->b_p_vsts, &buf->b_p_vsts_array);
- else
- buf->b_p_vsts_array = 0;
- #endif
-Index: git/src/optionstr.c
-===================================================================
---- git.orig/src/optionstr.c
-+++ git/src/optionstr.c
-@@ -2166,7 +2166,7 @@ did_set_string_option(
- if (errmsg == NULL)
- {
- int *oldarray = curbuf->b_p_vsts_array;
-- if (tabstop_set(*varp, &(curbuf->b_p_vsts_array)))
-+ if (tabstop_set(*varp, &(curbuf->b_p_vsts_array)) == OK)
- {
- if (oldarray)
- vim_free(oldarray);
-@@ -2205,7 +2205,7 @@ did_set_string_option(
- {
- int *oldarray = curbuf->b_p_vts_array;
-
-- if (tabstop_set(*varp, &(curbuf->b_p_vts_array)))
-+ if (tabstop_set(*varp, &(curbuf->b_p_vts_array)) == OK)
- {
- vim_free(oldarray);
- #ifdef FEAT_FOLDING
-Index: git/src/testdir/test_retab.vim
-===================================================================
---- git.orig/src/testdir/test_retab.vim
-+++ git/src/testdir/test_retab.vim
-@@ -74,4 +74,7 @@ endfunc
- func Test_retab_error()
- call assert_fails('retab -1', 'E487:')
- call assert_fails('retab! -1', 'E487:')
-+ call assert_fails('ret -1000', 'E487:')
-+ call assert_fails('ret 10000', 'E475:')
-+ call assert_fails('ret 80000000000000000000', 'E475:')
- endfunc
-Index: git/src/version.c
-===================================================================
---- git.orig/src/version.c
-+++ git/src/version.c
-@@ -743,6 +743,8 @@ static char *(features[]) =
- static int included_patches[] =
- { /* Add new patch number below this line */
- /**/
-+ 3402,
-+/**/
- 0
- };
-
diff --git a/meta/recipes-support/vim/files/disable_acl_header_check.patch b/meta/recipes-support/vim/files/disable_acl_header_check.patch
index 33089162b4..533138245d 100644
--- a/meta/recipes-support/vim/files/disable_acl_header_check.patch
+++ b/meta/recipes-support/vim/files/disable_acl_header_check.patch
@@ -13,11 +13,11 @@ Signed-off-by: Changqing Li <changqing.li@windriver.com>
src/configure.ac | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
-diff --git a/src/configure.ac b/src/configure.ac
-index 2d409b3ca06a..dbcaf6140263 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -3257,7 +3257,7 @@ AC_CHECK_HEADERS(stdint.h stdlib.h string.h \
+Index: git/src/configure.ac
+===================================================================
+--- git.orig/src/configure.ac
++++ git/src/configure.ac
+@@ -3292,7 +3292,7 @@ AC_CHECK_HEADERS(stdint.h stdlib.h strin
sys/systeminfo.h locale.h sys/stream.h termios.h \
libc.h sys/statfs.h poll.h sys/poll.h pwd.h \
utime.h sys/param.h sys/ptms.h libintl.h libgen.h \
@@ -26,7 +26,7 @@ index 2d409b3ca06a..dbcaf6140263 100644
sys/access.h sys/sysinfo.h wchar.h wctype.h)
dnl sys/ptem.h depends on sys/stream.h on Solaris
-@@ -3886,6 +3886,7 @@ AC_ARG_ENABLE(acl,
+@@ -3974,6 +3974,7 @@ AC_ARG_ENABLE(acl,
, [enable_acl="yes"])
if test "$enable_acl" = "yes"; then
AC_MSG_RESULT(no)
@@ -34,6 +34,3 @@ index 2d409b3ca06a..dbcaf6140263 100644
AC_CHECK_LIB(posix1e, acl_get_file, [LIBS="$LIBS -lposix1e"],
AC_CHECK_LIB(acl, acl_get_file, [LIBS="$LIBS -lacl"
AC_CHECK_LIB(attr, fgetxattr, LIBS="$LIBS -lattr",,)],,),)
---
-2.7.4
-
diff --git a/meta/recipes-support/vim/files/no-path-adjust.patch b/meta/recipes-support/vim/files/no-path-adjust.patch
index 05c2d803f6..9d6da80913 100644
--- a/meta/recipes-support/vim/files/no-path-adjust.patch
+++ b/meta/recipes-support/vim/files/no-path-adjust.patch
@@ -7,9 +7,11 @@ Upstream-Status: Pending
Signed-off-by: Joe Slater <joe.slater@windriver.com>
---- a/src/Makefile
-+++ b/src/Makefile
-@@ -2507,11 +2507,14 @@ installtools: $(TOOLS) $(DESTDIR)$(exec_
+Index: git/src/Makefile
+===================================================================
+--- git.orig/src/Makefile
++++ git/src/Makefile
+@@ -2565,11 +2565,14 @@ installtools: $(TOOLS) $(DESTDIR)$(exec_
rm -rf $$cvs; \
fi
-chmod $(FILEMOD) $(DEST_TOOLS)/*
diff --git a/meta/recipes-support/vim/files/racefix.patch b/meta/recipes-support/vim/files/racefix.patch
index 48dca44cad..1cb8fb442f 100644
--- a/meta/recipes-support/vim/files/racefix.patch
+++ b/meta/recipes-support/vim/files/racefix.patch
@@ -9,9 +9,9 @@ Index: git/src/po/Makefile
===================================================================
--- git.orig/src/po/Makefile
+++ git/src/po/Makefile
-@@ -165,17 +165,16 @@ $(PACKAGE).pot: ../*.c ../if_perl.xs ../
- po/gvim.desktop.in po/vim.desktop.in
- mv -f ../$(PACKAGE).po $(PACKAGE).pot
+@@ -207,17 +207,16 @@ $(PACKAGE).pot: $(PO_INPUTLIST) $(PO_VIM
+ # Delete the temporary files
+ rm *.js
-vim.desktop: vim.desktop.in $(POFILES)
+LINGUAS:
diff --git a/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch b/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch
index 37914d4cd9..5284ba45b6 100644
--- a/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch
+++ b/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch
@@ -14,11 +14,11 @@ Signed-off-by: Changqing Li <changqing.li@windriver.com>
src/configure.ac | 7 +++++++
1 file changed, 7 insertions(+)
-diff --git a/src/configure.ac b/src/configure.ac
-index 0ee86ad..64736f0 100644
---- a/src/configure.ac
-+++ b/src/configure.ac
-@@ -3192,11 +3192,18 @@ AC_TRY_COMPILE([#include <stdio.h>], [int x __attribute__((unused));],
+Index: git/src/configure.ac
+===================================================================
+--- git.orig/src/configure.ac
++++ git/src/configure.ac
+@@ -3264,11 +3264,18 @@ AC_TRY_COMPILE([#include <stdio.h>], [in
AC_MSG_RESULT(no))
dnl Checks for header files.
@@ -37,6 +37,3 @@ index 0ee86ad..64736f0 100644
AC_HEADER_DIRENT
---
-2.7.4
-
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index e04c653fe3..c124596e8d 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -8,21 +8,21 @@ BUGTRACKER = "https://github.com/vim/vim/issues"
DEPENDS = "ncurses gettext-native"
# vimdiff doesn't like busybox diff
RSUGGESTS_${PN} = "diffutils"
+
LICENSE = "vim"
-LIC_FILES_CHKSUM = "file://runtime/doc/uganda.txt;endline=287;md5=a19edd7ec70d573a005d9e509375a99a"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=6b30ea4fa660c483b619924bc709ef99 \
+ file://runtime/doc/uganda.txt;md5=a3f193c20c6faff93c69185d5d070535"
-SRC_URI = "git://github.com/vim/vim.git \
+SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
file://disable_acl_header_check.patch \
file://vim-add-knob-whether-elf.h-are-checked.patch \
file://0001-src-Makefile-improve-reproducibility.patch \
file://no-path-adjust.patch \
file://racefix.patch \
- file://CVE-2021-3778.patch \
- file://CVE-2021-3796.patch \
- file://b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch \
"
-SRCREV = "98056533b96b6b5d8849641de93185dd7bcadc44"
+PV .= ".4524"
+SRCREV = "d8f8629b1bf566e1dada7515e9b146c69e5d9757"
# Do not consider .z in x.y.z, as that is updated with every commit
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0"
diff --git a/meta/recipes-support/xxhash/xxhash_0.8.0.bb b/meta/recipes-support/xxhash/xxhash_0.8.0.bb
index 9e38872361..daa1bc26de 100644
--- a/meta/recipes-support/xxhash/xxhash_0.8.0.bb
+++ b/meta/recipes-support/xxhash/xxhash_0.8.0.bb
@@ -5,7 +5,7 @@ HOMEPAGE = "http://www.xxhash.com/"
LICENSE = "BSD-2-Clause & GPL-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=b335320506abb0505437e39295e799cb"
-SRC_URI = "git://github.com/Cyan4973/xxHash.git;branch=release;protocol=git"
+SRC_URI = "git://github.com/Cyan4973/xxHash.git;branch=release;protocol=https"
UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"
SRCREV = "94e5f23e736f2bb67ebdf90727353e65344f9fc0"
diff --git a/scripts/buildhistory-diff b/scripts/buildhistory-diff
index 3bd40a2a1e..a6e785aa23 100755
--- a/scripts/buildhistory-diff
+++ b/scripts/buildhistory-diff
@@ -11,7 +11,6 @@
import sys
import os
import argparse
-from distutils.version import LooseVersion
# Ensure PythonGit is installed (buildhistory_analysis needs it)
try:
@@ -73,10 +72,6 @@ def main():
parser = get_args_parser()
args = parser.parse_args()
- if LooseVersion(git.__version__) < '0.3.1':
- sys.stderr.write("Version of GitPython is too old, please install GitPython (python-git) 0.3.1 or later in order to use this script\n")
- sys.exit(1)
-
if len(args.revisions) > 2:
sys.stderr.write('Invalid argument(s) specified: %s\n\n' % ' '.join(args.revisions[2:]))
parser.print_help()
diff --git a/scripts/contrib/convert-srcuri.py b/scripts/contrib/convert-srcuri.py
new file mode 100755
index 0000000000..587392334f
--- /dev/null
+++ b/scripts/contrib/convert-srcuri.py
@@ -0,0 +1,77 @@
+#!/usr/bin/env python3
+#
+# Conversion script to update SRC_URI to add branch to git urls
+#
+# Copyright (C) 2021 Richard Purdie
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import re
+import os
+import sys
+import tempfile
+import shutil
+import mimetypes
+
+if len(sys.argv) < 2:
+ print("Please specify a directory to run the conversion script against.")
+ sys.exit(1)
+
+def processfile(fn):
+ def matchline(line):
+ if "MIRROR" in line or ".*" in line or "GNOME_GIT" in line:
+ return False
+ return True
+ print("processing file '%s'" % fn)
+ try:
+ if "distro_alias.inc" in fn or "linux-yocto-custom.bb" in fn:
+ return
+ fh, abs_path = tempfile.mkstemp()
+ modified = False
+ with os.fdopen(fh, 'w') as new_file:
+ with open(fn, "r") as old_file:
+ for line in old_file:
+ if ("git://" in line or "gitsm://" in line) and "branch=" not in line and matchline(line):
+ if line.endswith('"\n'):
+ line = line.replace('"\n', ';branch=master"\n')
+ elif re.search('\s*\\\\$', line):
+ line = re.sub('\s*\\\\$', ';branch=master \\\\', line)
+ modified = True
+ if ("git://" in line or "gitsm://" in line) and "github.com" in line and "protocol=https" not in line and matchline(line):
+ if "protocol=git" in line:
+ line = line.replace('protocol=git', 'protocol=https')
+ elif line.endswith('"\n'):
+ line = line.replace('"\n', ';protocol=https"\n')
+ elif re.search('\s*\\\\$', line):
+ line = re.sub('\s*\\\\$', ';protocol=https \\\\', line)
+ modified = True
+ new_file.write(line)
+ if modified:
+ shutil.copymode(fn, abs_path)
+ os.remove(fn)
+ shutil.move(abs_path, fn)
+ except UnicodeDecodeError:
+ pass
+
+ourname = os.path.basename(sys.argv[0])
+ourversion = "0.1"
+
+if os.path.isfile(sys.argv[1]):
+ processfile(sys.argv[1])
+ sys.exit(0)
+
+for targetdir in sys.argv[1:]:
+ print("processing directory '%s'" % targetdir)
+ for root, dirs, files in os.walk(targetdir):
+ for name in files:
+ if name == ourname:
+ continue
+ fn = os.path.join(root, name)
+ if os.path.islink(fn):
+ continue
+ if "/.git/" in fn or fn.endswith(".html") or fn.endswith(".patch") or fn.endswith(".m4") or fn.endswith(".diff"):
+ continue
+ processfile(fn)
+
+print("All files processed with version %s" % ourversion)
diff --git a/scripts/lib/checklayer/cases/common.py b/scripts/lib/checklayer/cases/common.py
index b82304e361..4495f71b24 100644
--- a/scripts/lib/checklayer/cases/common.py
+++ b/scripts/lib/checklayer/cases/common.py
@@ -14,7 +14,7 @@ class CommonCheckLayer(OECheckLayerTestCase):
# The top-level README file may have a suffix (like README.rst or README.txt).
readme_files = glob.glob(os.path.join(self.tc.layer['path'], '[Rr][Ee][Aa][Dd][Mm][Ee]*'))
self.assertTrue(len(readme_files) > 0,
- msg="Layer doesn't contains README file.")
+ msg="Layer doesn't contain a README file.")
# There might be more than one file matching the file pattern above
# (for example, README.rst and README-COPYING.rst). The one with the shortest
diff --git a/scripts/lib/devtool/deploy.py b/scripts/lib/devtool/deploy.py
index 833322571f..e14a587417 100644
--- a/scripts/lib/devtool/deploy.py
+++ b/scripts/lib/devtool/deploy.py
@@ -170,7 +170,7 @@ def deploy(args, config, basepath, workspace):
srcdir = recipe_outdir
recipe_outdir = os.path.join(rd.getVar('WORKDIR'), 'devtool-deploy-target-stripped')
if os.path.isdir(recipe_outdir):
- bb.utils.remove(recipe_outdir, True)
+ exec_fakeroot(rd, "rm -rf %s" % recipe_outdir, shell=True)
exec_fakeroot(rd, "cp -af %s %s" % (os.path.join(srcdir, '.'), recipe_outdir), shell=True)
os.environ['PATH'] = ':'.join([os.environ['PATH'], rd.getVar('PATH') or ''])
oe.package.strip_execs(args.recipename, recipe_outdir, rd.getVar('STRIP'), rd.getVar('libdir'),
diff --git a/scripts/lib/recipetool/create.py b/scripts/lib/recipetool/create.py
index 566c75369a..b9f9c80367 100644
--- a/scripts/lib/recipetool/create.py
+++ b/scripts/lib/recipetool/create.py
@@ -366,7 +366,7 @@ def supports_srcrev(uri):
def reformat_git_uri(uri):
'''Convert any http[s]://....git URI into git://...;protocol=http[s]'''
checkuri = uri.split(';', 1)[0]
- if checkuri.endswith('.git') or '/git/' in checkuri or re.match('https?://github.com/[^/]+/[^/]+/?$', checkuri):
+ if checkuri.endswith('.git') or '/git/' in checkuri or re.match('https?://git(hub|lab).com/[^/]+/[^/]+/?$', checkuri):
# Appends scheme if the scheme is missing
if not '://' in uri:
uri = 'git://' + uri
@@ -435,7 +435,7 @@ def create_recipe(args):
if args.binary:
# Assume the archive contains the directory structure verbatim
# so we need to extract to a subdirectory
- fetchuri += ';subdir=${BP}'
+ fetchuri += ';subdir=${BPN}'
srcuri = fetchuri
rev_re = re.compile(';rev=([^;]+)')
res = rev_re.search(srcuri)
@@ -478,6 +478,9 @@ def create_recipe(args):
storeTagName = params['tag']
params['nobranch'] = '1'
del params['tag']
+ # Assume 'master' branch if not set
+ if scheme in ['git', 'gitsm'] and 'branch' not in params and 'nobranch' not in params:
+ params['branch'] = 'master'
fetchuri = bb.fetch2.encodeurl((scheme, network, path, user, passwd, params))
tmpparent = tinfoil.config_data.getVar('BASE_WORKDIR')
@@ -527,10 +530,9 @@ def create_recipe(args):
# Remove HEAD reference point and drop remote prefix
get_branch = [x.split('/', 1)[1] for x in get_branch if not x.startswith('origin/HEAD')]
if 'master' in get_branch:
- # If it is master, we do not need to append 'branch=master' as this is default.
# Even with the case where get_branch has multiple objects, if 'master' is one
# of them, we should default take from 'master'
- srcbranch = ''
+ srcbranch = 'master'
elif len(get_branch) == 1:
# If 'master' isn't in get_branch and get_branch contains only ONE object, then store result into 'srcbranch'
srcbranch = get_branch[0]
@@ -543,8 +545,8 @@ def create_recipe(args):
# Since we might have a value in srcbranch, we need to
# recontruct the srcuri to include 'branch' in params.
scheme, network, path, user, passwd, params = bb.fetch2.decodeurl(srcuri)
- if srcbranch:
- params['branch'] = srcbranch
+ if scheme in ['git', 'gitsm']:
+ params['branch'] = srcbranch or 'master'
if storeTagName and scheme in ['git', 'gitsm']:
# Check srcrev using tag and check validity of the tag
@@ -603,7 +605,7 @@ def create_recipe(args):
splitline = line.split()
if len(splitline) > 1:
if splitline[0] == 'origin' and scriptutils.is_src_url(splitline[1]):
- srcuri = reformat_git_uri(splitline[1])
+ srcuri = reformat_git_uri(splitline[1]) + ';branch=master'
srcsubdir = 'git'
break
diff --git a/scripts/lib/recipetool/create_buildsys.py b/scripts/lib/recipetool/create_buildsys.py
index 35a97c9345..5015634476 100644
--- a/scripts/lib/recipetool/create_buildsys.py
+++ b/scripts/lib/recipetool/create_buildsys.py
@@ -545,7 +545,7 @@ class AutotoolsRecipeHandler(RecipeHandler):
deps.append('zlib')
elif keyword in ('AX_CHECK_OPENSSL', 'AX_LIB_CRYPTO'):
deps.append('openssl')
- elif keyword == 'AX_LIB_CURL':
+ elif keyword in ('AX_LIB_CURL', 'LIBCURL_CHECK_CONFIG'):
deps.append('curl')
elif keyword == 'AX_LIB_BEECRYPT':
deps.append('beecrypt')
@@ -624,6 +624,7 @@ class AutotoolsRecipeHandler(RecipeHandler):
'AX_CHECK_OPENSSL',
'AX_LIB_CRYPTO',
'AX_LIB_CURL',
+ 'LIBCURL_CHECK_CONFIG',
'AX_LIB_BEECRYPT',
'AX_LIB_EXPAT',
'AX_LIB_GCRYPT',
diff --git a/scripts/lib/scriptutils.py b/scripts/lib/scriptutils.py
index f92255d8dc..47a08194d0 100644
--- a/scripts/lib/scriptutils.py
+++ b/scripts/lib/scriptutils.py
@@ -18,7 +18,8 @@ import sys
import tempfile
import threading
import importlib
-from importlib import machinery
+import importlib.machinery
+import importlib.util
class KeepAliveStreamHandler(logging.StreamHandler):
def __init__(self, keepalive=True, **kwargs):
@@ -82,7 +83,9 @@ def load_plugins(logger, plugins, pluginpath):
logger.debug('Loading plugin %s' % name)
spec = importlib.machinery.PathFinder.find_spec(name, path=[pluginpath] )
if spec:
- return spec.loader.load_module()
+ mod = importlib.util.module_from_spec(spec)
+ spec.loader.exec_module(mod)
+ return mod
def plugin_name(filename):
return os.path.splitext(os.path.basename(filename))[0]
@@ -215,7 +218,8 @@ def fetch_url(tinfoil, srcuri, srcrev, destdir, logger, preserve_tmp=False, mirr
pathvars = ['T', 'RECIPE_SYSROOT', 'RECIPE_SYSROOT_NATIVE']
for pathvar in pathvars:
path = rd.getVar(pathvar)
- shutil.rmtree(path)
+ if os.path.exists(path):
+ shutil.rmtree(path)
finally:
if fetchrecipe:
try:
diff --git a/scripts/lib/wic/engine.py b/scripts/lib/wic/engine.py
index 018815b966..674ccfc244 100644
--- a/scripts/lib/wic/engine.py
+++ b/scripts/lib/wic/engine.py
@@ -19,10 +19,10 @@ import os
import tempfile
import json
import subprocess
+import shutil
import re
from collections import namedtuple, OrderedDict
-from distutils.spawn import find_executable
from wic import WicError
from wic.filemap import sparse_copy
@@ -245,7 +245,7 @@ class Disk:
for path in pathlist.split(':'):
self.paths = "%s%s:%s" % (native_sysroot, path, self.paths)
- self.parted = find_executable("parted", self.paths)
+ self.parted = shutil.which("parted", path=self.paths)
if not self.parted:
raise WicError("Can't find executable parted")
@@ -283,7 +283,7 @@ class Disk:
"resize2fs", "mkswap", "mkdosfs", "debugfs","blkid"):
aname = "_%s" % name
if aname not in self.__dict__:
- setattr(self, aname, find_executable(name, self.paths))
+ setattr(self, aname, shutil.which(name, path=self.paths))
if aname not in self.__dict__ or self.__dict__[aname] is None:
raise WicError("Can't find executable '{}'".format(name))
return self.__dict__[aname]
diff --git a/scripts/lib/wic/help.py b/scripts/lib/wic/help.py
index bd3a2b97df..9c2d6991a9 100644
--- a/scripts/lib/wic/help.py
+++ b/scripts/lib/wic/help.py
@@ -840,8 +840,8 @@ DESCRIPTION
meanings. The commands are based on the Fedora kickstart
documentation but with modifications to reflect wic capabilities.
- http://fedoraproject.org/wiki/Anaconda/Kickstart#part_or_partition
- http://fedoraproject.org/wiki/Anaconda/Kickstart#bootloader
+ https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#part-or-partition
+ https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#bootloader
Commands
diff --git a/scripts/lib/wic/misc.py b/scripts/lib/wic/misc.py
index 57c042c503..3e11822996 100644
--- a/scripts/lib/wic/misc.py
+++ b/scripts/lib/wic/misc.py
@@ -16,9 +16,9 @@ import logging
import os
import re
import subprocess
+import shutil
from collections import defaultdict
-from distutils import spawn
from wic import WicError
@@ -122,7 +122,7 @@ def find_executable(cmd, paths):
if provided and "%s-native" % recipe in provided:
return True
- return spawn.find_executable(cmd, paths)
+ return shutil.which(cmd, path=paths)
def exec_native_cmd(cmd_and_args, native_sysroot, pseudo=""):
"""
diff --git a/scripts/lib/wic/pluginbase.py b/scripts/lib/wic/pluginbase.py
index d9b4e57747..b64568339b 100644
--- a/scripts/lib/wic/pluginbase.py
+++ b/scripts/lib/wic/pluginbase.py
@@ -9,9 +9,11 @@ __all__ = ['ImagerPlugin', 'SourcePlugin']
import os
import logging
+import types
from collections import defaultdict
-from importlib.machinery import SourceFileLoader
+import importlib
+import importlib.util
from wic import WicError
from wic.misc import get_bitbake_var
@@ -54,7 +56,9 @@ class PluginMgr:
mname = fname[:-3]
mpath = os.path.join(ppath, fname)
logger.debug("loading plugin module %s", mpath)
- SourceFileLoader(mname, mpath).load_module()
+ spec = importlib.util.spec_from_file_location(mname, mpath)
+ module = importlib.util.module_from_spec(spec)
+ spec.loader.exec_module(module)
return PLUGINS.get(ptype)
diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py
index ea709e8c54..2c5d5efe0e 100644
--- a/scripts/lib/wic/plugins/imager/direct.py
+++ b/scripts/lib/wic/plugins/imager/direct.py
@@ -258,6 +258,8 @@ class DirectPlugin(ImagerPlugin):
if part.mountpoint == "/":
if part.uuid:
return "PARTUUID=%s" % part.uuid
+ elif part.label:
+ return "PARTLABEL=%s" % part.label
else:
suffix = 'p' if part.disk.startswith('mmcblk') else ''
return "/dev/%s%s%-d" % (part.disk, suffix, part.realnum)
diff --git a/scripts/oe-pkgdata-browser b/scripts/oe-pkgdata-browser
index 8d223185a4..65a6ee956e 100755
--- a/scripts/oe-pkgdata-browser
+++ b/scripts/oe-pkgdata-browser
@@ -236,6 +236,8 @@ class PkgUi():
update_deps("RPROVIDES", "Provides: ", self.provides_label, clickable=False)
def load_recipes(self):
+ if not os.path.exists(pkgdata):
+ sys.exit("Error: Please ensure %s exists by generating packages before using this tool." % pkgdata)
for recipe in sorted(os.listdir(pkgdata)):
if os.path.isfile(os.path.join(pkgdata, recipe)):
self.recipe_iters[recipe] = self.recipe_store.append([recipe])
diff --git a/scripts/runqemu b/scripts/runqemu
index f3527a4412..f9a1a0da32 100755
--- a/scripts/runqemu
+++ b/scripts/runqemu
@@ -1573,7 +1573,8 @@ def main():
def sigterm_handler(signum, frame):
logger.info("SIGTERM received")
- os.kill(config.qemupid, signal.SIGTERM)
+ if config.qemupid:
+ os.kill(config.qemupid, signal.SIGTERM)
config.cleanup()
# Deliberately ignore the return code of 'tput smam'.
subprocess.call(["tput", "smam"])
diff --git a/scripts/runqemu-ifdown b/scripts/runqemu-ifdown
index a104c37bf8..e0eb5344c6 100755
--- a/scripts/runqemu-ifdown
+++ b/scripts/runqemu-ifdown
@@ -64,3 +64,4 @@ n=$[ (`echo $TAP | sed 's/tap//'` * 2) + 1 ]
dest=$[ (`echo $TAP | sed 's/tap//'` * 2) + 2 ]
$IPTABLES -D POSTROUTING -t nat -j MASQUERADE -s 192.168.7.$n/32
$IPTABLES -D POSTROUTING -t nat -j MASQUERADE -s 192.168.7.$dest/32
+true
diff --git a/scripts/wic b/scripts/wic
index a741aed364..c0bc0e6fe8 100755
--- a/scripts/wic
+++ b/scripts/wic
@@ -22,9 +22,9 @@ import sys
import argparse
import logging
import subprocess
+import shutil
from collections import namedtuple
-from distutils import spawn
# External modules
scripts_path = os.path.dirname(os.path.realpath(__file__))
@@ -47,7 +47,7 @@ if os.environ.get('SDKTARGETSYSROOT'):
break
sdkroot = os.path.dirname(sdkroot)
-bitbake_exe = spawn.find_executable('bitbake')
+bitbake_exe = shutil.which('bitbake')
if bitbake_exe:
bitbake_path = scriptpath.add_bitbake_lib_path()
import bb
@@ -159,6 +159,9 @@ def wic_create_subcommand(options, usage_str):
"(Use -e/--image-name to specify it)")
native_sysroot = options.native_sysroot
+ if options.kernel_dir:
+ kernel_dir = options.kernel_dir
+
if not options.vars_dir and (not native_sysroot or not os.path.isdir(native_sysroot)):
logger.info("Building wic-tools...\n")
subprocess.check_call(["bitbake", "wic-tools"])
diff --git a/scripts/yocto-check-layer b/scripts/yocto-check-layer
index 6975b09502..00a16d18fc 100755
--- a/scripts/yocto-check-layer
+++ b/scripts/yocto-check-layer
@@ -41,6 +41,12 @@ def test_layer(td, layer, test_software_layer_signatures):
tc.loadTests(CASES_PATHS)
return tc.runTests()
+def dump_layer_debug(layer):
+ logger.debug("Found layer %s (%s)" % (layer["name"], layer["path"]))
+ collections = layer.get("collections", {})
+ if collections:
+ logger.debug("%s collections: %s" % (layer["name"], ", ".join(collections)))
+
def main():
parser = argparse.ArgumentParser(
description="Yocto Project layer checking tool",
@@ -106,6 +112,13 @@ def main():
else:
dep_layers = layers
+ logger.debug("Found additional layers:")
+ for l in additional_layers:
+ dump_layer_debug(l)
+ logger.debug("Found dependency layers:")
+ for l in dep_layers:
+ dump_layer_debug(l)
+
logger.info("Detected layers:")
for layer in layers:
if layer['type'] == LayerType.ERROR_BSP_DISTRO: