openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
sources/poky/meta/recipes-bsp/acpid/acpid.inc Normal file
View File

@@ -0,0 +1,39 @@
SUMMARY = "A daemon for delivering ACPI events"
DESCRIPTION = "ACPID is a completely flexible, totally extensible daemon for \
delivering ACPI events. It listens on netlink interface (or on the \
deprecated file /proc/acpi/event), and when an event occurs, executes programs \
to handle the event. The programs it executes are configured through a set of \
configuration files, which can be dropped into place by packages or by the \
admin."
HOMEPAGE = "http://sourceforge.net/projects/acpid2"
BUGTRACKER = "http://sourceforge.net/p/acpid2/tickets/?source=navbar"
SECTION = "base"
LICENSE = "GPL-2.0-or-later"
SRC_URI = "${SOURCEFORGE_MIRROR}/acpid2/acpid-${PV}.tar.xz \
file://init \
file://acpid.service \
file://0001-Replace-stat64-with-stat.patch \
"
CVE_PRODUCT = "acpid2"
inherit autotools update-rc.d systemd
INITSCRIPT_NAME = "acpid"
INITSCRIPT_PARAMS = "defaults"
SYSTEMD_SERVICE:${PN} = "acpid.service"
do_install:append () {
install -d ${D}${sysconfdir}/init.d
sed -e 's,/usr/sbin,${sbindir},g' ${WORKDIR}/init > ${D}${sysconfdir}/init.d/acpid
chmod 755 ${D}${sysconfdir}/init.d/acpid
install -d ${D}${sysconfdir}/acpi
install -d ${D}${sysconfdir}/acpi/events
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${WORKDIR}/acpid.service ${D}${systemd_system_unitdir}
sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_system_unitdir}/acpid.service
}

31
sources/poky/meta/recipes-bsp/acpid/acpid/0001-Replace-stat64-with-stat.patch Normal file
View File

@@ -0,0 +1,31 @@
From 4b729235a9e96f120feee7e3746818aad0f3b924 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 14 Dec 2022 15:04:30 -0800
Subject: [PATCH] Replace stat64 with stat
It already checks for largefile support in configure.ac via
AC_SYS_LARGEFILE macro, which will ensure that 64bit elements
are correctly setup for stat APIs on platforms needing large
file support.
Upstream-Status: Submitted [https://sourceforge.net/p/acpid2/code/merge-requests/5/]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
sock.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sock.c b/sock.c
index 9e04501..3121fb7 100644
--- a/sock.c
+++ b/sock.c
@@ -54,8 +54,8 @@ int non_root_clients;
static int
isfdtype(int fd, int fdtype)
{
- struct stat64 st;
- if (fstat64(fd, &st) != 0)
+ struct stat st;
+ if (fstat(fd, &st) != 0)
return -1;
return ((st.st_mode & S_IFMT) == (mode_t)fdtype);
}

10
sources/poky/meta/recipes-bsp/acpid/acpid/acpid.service Normal file
View File

@@ -0,0 +1,10 @@
[Unit]
Description=ACPI Event Daemon
After=syslog.target
[Service]
Type=forking
ExecStart=@SBINDIR@/acpid
[Install]
WantedBy=multi-user.target

31
sources/poky/meta/recipes-bsp/acpid/acpid/init Executable file
View File

@@ -0,0 +1,31 @@
#! /bin/sh -e
test -x /usr/sbin/acpid || exit 0
test -d /proc/acpi || exit 0
mkdir -p /etc/acpi/events
case "$1" in
start)
echo -n "Starting Advanced Configuration and Power Interface daemon: "
if [ ! -d /etc/acpi/events ]; then
echo "There is not any rule configuration file."
else
start-stop-daemon -o -S -x /usr/sbin/acpid -- -c /etc/acpi/events
echo "acpid."
fi
;;
stop)
echo -n "Stopping Advanced Configuration and Power Interface daemon: "
start-stop-daemon -o -K -x /usr/sbin/acpid
echo "acpid."
;;
restart|force-reload)
$0 stop
$0 start
;;
*)
echo "Usage: /etc/init.d/acpid {start|stop|restart|force-reload}"
exit 1
esac
exit 0

6
sources/poky/meta/recipes-bsp/acpid/acpid_2.0.34.bb Normal file
View File

@@ -0,0 +1,6 @@
require acpid.inc
LIC_FILES_CHKSUM = "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b \
file://acpid.h;endline=24;md5=324a9cf225ae69ddaad1bf9d942115b5"
SRC_URI[sha256sum] = "2d095c8cfcbc847caec746d62cdc8d0bff1ec1bc72ef7c674c721e04da6ab333"

70
sources/poky/meta/recipes-bsp/alsa-state/alsa-state.bb Normal file
View File

@@ -0,0 +1,70 @@
# Copyright Matthias Hentges <devel@hentges.net> (c) 2007
# License: MIT (see http://www.opensource.org/licenses/mit-license.php
# for a copy of the license)
#
# Filename: alsa-state.bb
SUMMARY = "Alsa scenario files to enable alsa state restoration"
HOMEPAGE = "http://www.alsa-project.org/"
DESCRIPTION = "Alsa Scenario Files - an init script and state files to restore \
sound state at system boot and save it at system shut down."
LICENSE = "MIT & GPL-2.0-or-later"
LIC_FILES_CHKSUM = " \
file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420 \
file://alsa-state-init;beginline=3;endline=4;md5=3ff7ecbf534d7d503941abe8e268ef50 \
"
PV = "0.2.0"
SRC_URI = "\
file://asound.conf \
file://asound.state \
file://alsa-state-init \
"
S = "${WORKDIR}"
# As the recipe doesn't inherit systemd.bbclass, we need to set this variable
# manually to avoid unnecessary postinst/preinst generated.
python __anonymous() {
if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d):
d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1")
}
inherit update-rc.d
INITSCRIPT_NAME = "alsa-state"
INITSCRIPT_PARAMS = "start 39 S . stop 31 0 6 ."
do_install() {
# Only install the init script when 'sysvinit' is in DISTRO_FEATURES.
if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then
sed -i -e "s:#STATEDIR#:${localstatedir}/lib/alsa:g" ${WORKDIR}/alsa-state-init
install -d ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/alsa-state-init ${D}${sysconfdir}/init.d/alsa-state
fi
install -d ${D}/${localstatedir}/lib/alsa
install -d ${D}${sysconfdir}
install -m 0644 ${WORKDIR}/asound.conf ${D}${sysconfdir}
install -m 0644 ${WORKDIR}/*.state ${D}${localstatedir}/lib/alsa
}
PACKAGES += "alsa-states"
RRECOMMENDS:alsa-state = "alsa-states"
RDEPENDS:${PN} = "alsa-utils-alsactl"
FILES:${PN} = "${sysconfdir}/init.d ${sysconfdir}/asound.conf"
CONFFILES:${PN} = "${sysconfdir}/asound.conf"
FILES:alsa-states = "${localstatedir}/lib/alsa/*.state"
pkg_postinst:${PN}() {
if test -z "$D"
then
if test -x ${sbindir}/alsactl
then
${sbindir}/alsactl -g -f ${localstatedir}/lib/alsa/asound.state restore
fi
fi
}

38
sources/poky/meta/recipes-bsp/alsa-state/alsa-state/alsa-state-init Executable file
View File

@@ -0,0 +1,38 @@
#! /bin/sh
#
# Copyright Matthias Hentges <devel@hentges.net> (c) 2007
# SPDX-License-Identifier: GPL-2.0-or-later
#
# Filename: alsa-state
# source function library
. /etc/init.d/functions
asound_restore(){
echo "ALSA: Restoring mixer settings..."
if test -x /usr/sbin/alsactl -a -e #STATEDIR#/asound.state
then
/usr/sbin/alsactl -f #STATEDIR#/asound.state restore &
fi
}
asound_store(){
echo "ALSA: Storing mixer settings..."
if test -x /usr/sbin/alsactl
then
/usr/sbin/alsactl -f #STATEDIR#/asound.state store
fi
}
case "$1" in
start) asound_restore ;;
stop) asound_store ;;
status)
status /usr/sbin/alsactl;
exit $?
;;
*)
echo "Usage: /etc/init.d/alsa-state {start|stop|status}"
exit 1
;;
esac

1
sources/poky/meta/recipes-bsp/alsa-state/alsa-state/asound.conf Normal file
View File

@@ -0,0 +1 @@
# Global alsa-lib configuration

1
sources/poky/meta/recipes-bsp/alsa-state/alsa-state/asound.state Normal file
View File

@@ -0,0 +1 @@
# Dummy file, do not delete

32
sources/poky/meta/recipes-bsp/efibootmgr/efibootmgr_18.bb Normal file
View File

@@ -0,0 +1,32 @@
DESCRIPTION = "Linux user-space application to modify the EFI Boot Manager."
SUMMARY = "EFI Boot Manager"
HOMEPAGE = "https://github.com/rhboot/efibootmgr"
SECTION = "base"
LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3"
DEPENDS = "efivar popt"
COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https;branch=main"
SRCREV = "c3f9f0534e32158f62c43564036878b93b9e0fd6"
S = "${WORKDIR}/git"
inherit pkgconfig
# The directory under the ESP that the default bootloader is found in. When
# wic uses a subdirectory, this should use the same one too.
EFIDIR ?= "/"
EXTRA_OEMAKE += "'EFIDIR=${EFIDIR}'"
CFLAGS += " -Wno-error"
do_install () {
oe_runmake install DESTDIR="${D}"
}
CLEANBROKEN = "1"

26
sources/poky/meta/recipes-bsp/efivar/efivar/0001-docs-do-not-build-efisecdb-manpage.patch Normal file
View File

@@ -0,0 +1,26 @@
From f39a1481a9e465387901d52b07ae56dedcc3838b Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex@linutronix.de>
Date: Sun, 16 Jan 2022 18:25:33 +0100
Subject: [PATCH] docs: do not build efisecdb manpage
It requires mandoc, which oe-core does not have.
Upstream-Status: Inappropriate [oe-core specific]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
---
docs/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/Makefile b/docs/Makefile
index c9bf585..91a6078 100644
--- a/docs/Makefile
+++ b/docs/Makefile
@@ -5,7 +5,7 @@ include $(TOPDIR)/src/include/version.mk
include $(TOPDIR)/src/include/rules.mk
include $(TOPDIR)/src/include/defaults.mk
-MAN1TARGETS = efisecdb.1 \
+MAN1TARGETS = \
efivar.1
MAN3TARGETS = efi_append_variable.3 \

34
sources/poky/meta/recipes-bsp/efivar/efivar_39.bb Normal file
View File

@@ -0,0 +1,34 @@
SUMMARY = "Tools to manipulate UEFI variables"
DESCRIPTION = "efivar provides a simple command line interface to the UEFI variable facility"
HOMEPAGE = "https://github.com/rhboot/efivar"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=6626bb1e20189cfa95f2c508ba286393"
COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
SRC_URI = "git://github.com/rhinstaller/efivar.git;branch=main;protocol=https \
file://0001-docs-do-not-build-efisecdb-manpage.patch \
"
SRCREV = "c47820c37ac26286559ec004de07d48d05f3308c"
PV .= "+39+git"
S = "${WORKDIR}/git"
inherit pkgconfig
export CCLD_FOR_BUILD = "${BUILD_CCLD}"
do_compile() {
oe_runmake ERRORS= HOST_CFLAGS="${BUILD_CFLAGS}" HOST_LDFLAGS="${BUILD_LDFLAGS}"
}
do_install() {
oe_runmake install DESTDIR=${D}
}
BBCLASSEXTEND = "native"
RRECOMMENDS:${PN}:class-target = "kernel-module-efivarfs"
CLEANBROKEN = "1"

50
sources/poky/meta/recipes-bsp/formfactor/files/config Executable file
View File

@@ -0,0 +1,50 @@
#!/bin/sh
if [ -e /etc/formfactor/machconfig ]; then
. /etc/formfactor/machconfig
fi
if [ -z "$HAVE_TOUCHSCREEN" ]; then
HAVE_TOUCHSCREEN=0
fi
if [ -z "$HAVE_KEYBOARD" ]; then
HAVE_KEYBOARD=1
fi
if [ -z "$HAVE_KEYBOARD_PORTRAIT" ]; then
HAVE_KEYBOARD_PORTRAIT=0
fi
if [ -z "$HAVE_KEYBOARD_LANDSCAPE" ]; then
HAVE_KEYBOARD_LANDSCAPE=0
fi
if [ -z "$DISPLAY_CAN_ROTATE" ]; then
DISPLAY_CAN_ROTATE=0
fi
if [ -z "$DISPLAY_ORIENTATION" ]; then
DISPLAY_ORIENTATION=0
fi
if [ -e "/dev/fb" ]; then
if [ -z "$DISPLAY_WIDTH_PIXELS" ]; then
DISPLAY_WIDTH_PIXELS=`/usr/sbin/fbset | grep geometry | awk '{ print $2 }'`
fi
if [ -z "$DISPLAY_HEIGHT_PIXELS" ]; then
DISPLAY_HEIGHT_PIXELS=`/usr/sbin/fbset | grep geometry | awk '{ print $3 }'`
fi
if [ -z "$DISPLAY_BPP" ]; then
DISPLAY_BPP=`/usr/sbin/fbset | grep geometry | awk '{ print $6 }'`
fi
fi
#
# No way to guess these or have any defaults
#
#DISPLAY_WIDTH_MM
#DISPLAY_HEIGHT_MM
#DISPLAY_SUBPIXEL_ORDER=

0
sources/poky/meta/recipes-bsp/formfactor/files/machconfig Executable file
View File

10
sources/poky/meta/recipes-bsp/formfactor/files/qemuarm/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=1
HAVE_KEYBOARD=1
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
#DISPLAY_WIDTH_PIXELS=640
#DISPLAY_HEIGHT_PIXELS=480
#DISPLAY_BPP=16
DISPLAY_DPI=150
DISPLAY_SUBPIXEL_ORDER=vrgb

10
sources/poky/meta/recipes-bsp/formfactor/files/qemuarmv6/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=1
HAVE_KEYBOARD=1
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
#DISPLAY_WIDTH_PIXELS=640
#DISPLAY_HEIGHT_PIXELS=480
#DISPLAY_BPP=16
DISPLAY_DPI=150
DISPLAY_SUBPIXEL_ORDER=vrgb

10
sources/poky/meta/recipes-bsp/formfactor/files/qemuarmv7/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=1
HAVE_KEYBOARD=1
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
#DISPLAY_WIDTH_PIXELS=640
#DISPLAY_HEIGHT_PIXELS=480
#DISPLAY_BPP=16
DISPLAY_DPI=150
DISPLAY_SUBPIXEL_ORDER=vrgb

10
sources/poky/meta/recipes-bsp/formfactor/files/qemumips/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=1
HAVE_KEYBOARD=1
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
DISPLAY_WIDTH_PIXELS=640
DISPLAY_HEIGHT_PIXELS=480
DISPLAY_BPP=16
DISPLAY_DPI=150
#DISPLAY_SUBPIXEL_ORDER=vrgb

10
sources/poky/meta/recipes-bsp/formfactor/files/qemumips64/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=1
HAVE_KEYBOARD=1
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
DISPLAY_WIDTH_PIXELS=640
DISPLAY_HEIGHT_PIXELS=480
DISPLAY_BPP=16
DISPLAY_DPI=150
#DISPLAY_SUBPIXEL_ORDER=vrgb

10
sources/poky/meta/recipes-bsp/formfactor/files/qemuppc/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=1
HAVE_KEYBOARD=1
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
DISPLAY_WIDTH_PIXELS=800
DISPLAY_HEIGHT_PIXELS=600
DISPLAY_BPP=16
DISPLAY_DPI=150
DISPLAY_SUBPIXEL_ORDER=vrgb

10
sources/poky/meta/recipes-bsp/formfactor/files/qemuppc64/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=0
HAVE_KEYBOARD=0
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
#DISPLAY_WIDTH_PIXELS=640
#DISPLAY_HEIGHT_PIXELS=480
#DISPLAY_BPP=16
DISPLAY_DPI=150
DISPLAY_SUBPIXEL_ORDER=vrgb

10
sources/poky/meta/recipes-bsp/formfactor/files/qemux86-64/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=1
HAVE_KEYBOARD=1
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
#DISPLAY_WIDTH_PIXELS=640
#DISPLAY_HEIGHT_PIXELS=480
#DISPLAY_BPP=16
DISPLAY_DPI=150
DISPLAY_SUBPIXEL_ORDER=vrgb

10
sources/poky/meta/recipes-bsp/formfactor/files/qemux86/machconfig Executable file
View File

@@ -0,0 +1,10 @@
HAVE_TOUCHSCREEN=1
HAVE_KEYBOARD=1
DISPLAY_CAN_ROTATE=0
DISPLAY_ORIENTATION=0
#DISPLAY_WIDTH_PIXELS=640
#DISPLAY_HEIGHT_PIXELS=480
#DISPLAY_BPP=16
DISPLAY_DPI=150
DISPLAY_SUBPIXEL_ORDER=vrgb

22
sources/poky/meta/recipes-bsp/formfactor/formfactor_0.0.bb Normal file
View File

@@ -0,0 +1,22 @@
SUMMARY = "Device formfactor information"
DESCRIPTION = "A formfactor configuration file provides information about the \
target hardware for which the image is being built and information that the \
build system cannot obtain from other sources such as the kernel."
SECTION = "base"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
SRC_URI = "file://config file://machconfig"
S = "${WORKDIR}"
PACKAGE_ARCH = "${MACHINE_ARCH}"
INHIBIT_DEFAULT_DEPS = "1"
do_install() {
# Install file only if it has contents
install -d ${D}${sysconfdir}/formfactor/
install -m 0644 ${S}/config ${D}${sysconfdir}/formfactor/
if [ -s "${S}/machconfig" ]; then
install -m 0644 ${S}/machconfig ${D}${sysconfdir}/formfactor/
fi
}

34
sources/poky/meta/recipes-bsp/gnu-efi/gnu-efi/0001-riscv64-adjust-type-definitions.patch Normal file
View File

@@ -0,0 +1,34 @@
From 1de509497826faa0ad84b82f5e2c3d21ee613459 Mon Sep 17 00:00:00 2001
From: Moody Liu <mooodyhunter@outlook.com>
Date: Sat, 13 May 2023 17:39:16 +0100
Subject: [PATCH] riscv64: adjust type definitions
CHAR8 needs to be defined while BOOLEAN should be removed
here to prevent typedef conflicts
Upstream-Status: Backport [https://sourceforge.net/p/gnu-efi/code/ci/1de509497826faa0ad84b82f5e2c3d21ee613459/]
Signed-off-by: Moody Liu <mooodyhunter@outlook.com>
---
inc/riscv64/efibind.h | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/inc/riscv64/efibind.h b/inc/riscv64/efibind.h
index 4fdf81d..d8b4f39 100644
--- a/inc/riscv64/efibind.h
+++ b/inc/riscv64/efibind.h
@@ -32,11 +32,9 @@ typedef uint16_t UINT16;
typedef int16_t INT16;
typedef uint8_t UINT8;
typedef int8_t INT8;
+typedef char CHAR8;
typedef wchar_t CHAR16;
#define WCHAR CHAR16
-#ifndef BOOLEAN
-typedef uint8_t BOOLEAN;
-#endif
#undef VOID
typedef void VOID;
typedef int64_t INTN;
--
2.41.0

32
sources/poky/meta/recipes-bsp/gnu-efi/gnu-efi/0001-riscv64-ignore-unknown-relocs.patch Normal file
View File

@@ -0,0 +1,32 @@
From 708f66acfec9a86f237726d45095cbd380fd83ca Mon Sep 17 00:00:00 2001
From: Callum Farmer <gmbr3@opensuse.org>
Date: Wed, 21 Jun 2023 11:32:28 +0100
Subject: [PATCH] riscv64: ignore unknown relocs
Sometimes ld emits relocs such as R_RISCV_64 for unwind symbols
these don't need to be handled yet so just can be skipped otherwise
the binary will never load
Upstream-Status: Backport [https://sourceforge.net/p/gnu-efi/code/ci/708f66acfec9a86f237726d45095cbd380fd83ca/]
Signed-off-by: Callum Farmer <gmbr3@opensuse.org>
---
gnuefi/reloc_riscv64.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/gnuefi/reloc_riscv64.c b/gnuefi/reloc_riscv64.c
index 0b02d83..e429602 100644
--- a/gnuefi/reloc_riscv64.c
+++ b/gnuefi/reloc_riscv64.c
@@ -81,8 +81,7 @@ EFI_STATUS EFIAPI _relocate(long ldbase, Elf_Dyn *dyn)
*addr = ldbase + rel->r_addend;
break;
default:
- /* Panic */
- while (1) ;
+ break;
}
rel = (Elf_Rela *)((char *)rel + relent);
relsz -= relent;
--
2.41.0

24
sources/poky/meta/recipes-bsp/gnu-efi/gnu-efi/gnu-efi-3.0.9-fix-clang-build.patch Normal file
View File

@@ -0,0 +1,24 @@
Fix building with CLANG-9.0.0
Fixes
clang-9: error: unknown argument: '-maccumulate-outgoing-args'
Upstream-Status: Submitted [https://sourceforge.net/p/gnu-efi/patches/70/]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
--- a/Make.defaults
+++ b/Make.defaults
@@ -110,10 +110,10 @@
|| ( [ $(GCCVERSION) -eq "4" ] \
&& [ $(GCCMINOR) -ge "7" ] ) ) \
&& echo 1)
- ifeq ($(GCCNEWENOUGH),1)
- CPPFLAGS += -DGNU_EFI_USE_MS_ABI -maccumulate-outgoing-args --std=c11
- else ifeq ($(USING_CLANG),clang)
+ ifeq ($(USING_CLANG),clang)
CPPFLAGS += -DGNU_EFI_USE_MS_ABI --std=c11
+ else ifeq ($(GCCNEWENOUGH),1)
+ CPPFLAGS += -DGNU_EFI_USE_MS_ABI -maccumulate-outgoing-args --std=c11
endif
CFLAGS += -mno-red-zone

19
sources/poky/meta/recipes-bsp/gnu-efi/gnu-efi/no-werror.patch Normal file
View File

@@ -0,0 +1,19 @@
Do not treat warnings as errors
There are additional warnings found with musl which are
treated as errors and fails the build, we have more combinations
then upstream supports to handle
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upstream-Status: Inappropriate [OE specific]
--- a/Make.defaults
+++ b/Make.defaults
@@ -187,7 +187,7 @@ CFLAGS += $(ARCH3264) -g -O2 -Wall -Wex
-funsigned-char -fshort-wchar -fno-strict-aliasing \
-ffreestanding -fno-stack-protector
else
-CFLAGS += $(ARCH3264) -g -O2 -Wall -Wextra -Wno-pointer-sign -Werror \
+CFLAGS += $(ARCH3264) -g -O2 -Wall -Wextra -Wno-pointer-sign \
-funsigned-char -fshort-wchar -fno-strict-aliasing \
-ffreestanding -fno-stack-protector -fno-stack-check \
-fno-stack-check \

39
sources/poky/meta/recipes-bsp/gnu-efi/gnu-efi/parallel-make-archives.patch Normal file
View File

@@ -0,0 +1,39 @@
From f56ddb00a656af2e84f839738fad19909ac65047 Mon Sep 17 00:00:00 2001
From: Saul Wold <sgw@linux.intel.com>
Date: Sun, 9 Mar 2014 15:22:15 +0200
Subject: [PATCH] Fix parallel make failure for archives
Upstream-Status: Pending
The lib and gnuefi makefiles were using the lib.a() form which compiles
and ar's as a pair instead of compiling all and then ar'ing which can
parallelize better. This was resulting in build failures on larger values
of -j.
See http://www.chemie.fu-berlin.de/chemnet/use/info/make/make_toc.html#TOC105
for details.
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Darren Hart <dvhart@linux.intel.com>
[Rebased for 3.0.6]
Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
[Rebased for 3.0.8]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
lib/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/Makefile b/lib/Makefile
index 1fc6a47..54b0ca7 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -77,7 +77,7 @@ libsubdirs:
$(OBJS): libsubdirs
libefi.a: $(OBJS)
- $(AR) $(ARFLAGS) $@ $^
+ $(AR) $(ARFLAGS) $@ $(OBJS)
clean:
rm -f libefi.a *~ $(OBJS) */*.o

75
sources/poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.17.bb Normal file
View File

@@ -0,0 +1,75 @@
SUMMARY = "Libraries for producing EFI binaries"
HOMEPAGE = "http://sourceforge.net/projects/gnu-efi/"
DESCRIPTION = "GNU-EFI aims to Develop EFI applications for ARM-64, ARM-32, x86_64, IA-64 (IPF), IA-32 (x86), and MIPS platforms using the GNU toolchain and the EFI development environment."
SECTION = "devel"
LICENSE = "GPL-2.0-or-later | BSD-2-Clause"
LIC_FILES_CHKSUM = "file://gnuefi/crt0-efi-arm.S;beginline=4;endline=16;md5=e582764a4776e60c95bf9ab617343d36 \
file://gnuefi/crt0-efi-aarch64.S;beginline=4;endline=16;md5=e582764a4776e60c95bf9ab617343d36 \
file://inc/efishellintf.h;beginline=13;endline=20;md5=202766b79d708eff3cc70fce15fb80c7 \
file://lib/arm/math.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \
file://lib/arm/initplat.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \
file://lib/aarch64/math.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \
file://lib/aarch64/initplat.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \
"
SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/files/${BP}.tar.bz2 \
file://parallel-make-archives.patch \
file://gnu-efi-3.0.9-fix-clang-build.patch \
file://0001-riscv64-adjust-type-definitions.patch \
file://0001-riscv64-ignore-unknown-relocs.patch \
file://no-werror.patch \
"
SRC_URI[sha256sum] = "7807e903349343a7a142ebb934703a2872235e89688cf586c032b0a1087bcaf4"
COMPATIBLE_HOST = "(x86_64.*|i.86.*|aarch64.*|arm.*|riscv64.*)-linux"
COMPATIBLE_HOST:armv4 = 'null'
do_configure:linux-gnux32:prepend() {
cp ${STAGING_INCDIR}/gnu/stubs-x32.h ${STAGING_INCDIR}/gnu/stubs-64.h
cp ${STAGING_INCDIR}/bits/long-double-32.h ${STAGING_INCDIR}/bits/long-double-64.h
}
def gnu_efi_arch(d):
import re
tarch = d.getVar("TARGET_ARCH")
if re.match("i[3456789]86", tarch):
return "ia32"
return tarch
do_compile:prepend() {
unset LDFLAGS
}
EXTRA_OEMAKE = "'ARCH=${@gnu_efi_arch(d)}' 'CC=${CC}' 'AS=${AS}' 'LD=${LD}' 'AR=${AR}' \
'RANLIB=${RANLIB}' 'OBJCOPY=${OBJCOPY}' 'PREFIX=${prefix}' 'LIBDIR=${libdir}' \
"
# gnu-efi's Makefile treats prefix as toolchain prefix, so don't
# export it.
prefix[unexport] = "1"
do_install() {
oe_runmake install INSTALLROOT="${D}"
}
FILES:${PN} += "${libdir}/*.lds ${libdir}/gnuefi/apps"
# 64-bit binaries are expected for EFI when targeting X32
INSANE_SKIP:${PN}-dev:append:linux-gnux32 = " arch"
INSANE_SKIP:${PN}-dev:append:linux-muslx32 = " arch"
BBCLASSEXTEND = "native"
# It doesn't support sse, its make.defaults sets:
# CFLAGS += -mno-mmx -mno-sse
# So also remove -mfpmath=sse from TUNE_CCARGS
TUNE_CCARGS:remove = "-mfpmath=sse"
python () {
ccargs = d.getVar('TUNE_CCARGS').split()
if '-mx32' in ccargs:
# use x86_64 EFI ABI
ccargs.remove('-mx32')
ccargs.append('-m64')
d.setVar('TUNE_CCARGS', ' '.join(ccargs))
}

44
sources/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch Normal file
View File

@@ -0,0 +1,44 @@
From 006799e9c4babe8a8340a24501b253e759614a2d Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 13 Jan 2016 19:17:31 +0000
Subject: [PATCH] Disable -mfpmath=sse as well when SSE is disabled
Fixes
configure:20574: i586-poky-linux-gcc -m32 -march=core2 -msse3
-mtune=generic -mfpmath=sse
--sysroot=/usr/local/dev/yocto/grubtest2/build/tmp/sysroots/emenlow -o
conftest -O2 -pipe -g -feliminate-unused-debug-types -Wall -W -Wshadow
-Wpointer-arith -Wmissing-prototypes -Wundef -Wstrict-prototypes -g
-falign-jumps=1 -falign-loops=1 -falign-functions=1 -mno-mmx -mno-sse
-mno-sse2 -mno-3dnow -fno-dwarf2-cfi-asm -m32 -fno-stack-protector
-mno-stack-arg-probe -Werror -nostdlib -Wl,--defsym,___main=0x8100
-Wall -W -I$(top_srcdir)/include -I$(top_builddir)/include
-DGRUB_MACHINE_PCBIOS=1 -DGRUB_MACHINE=I386_PC -Wl,-O1
-Wl,--hash-style=gnu -Wl,--as-needed conftest.c >&5
conftest.c:1:0: error: SSE instruction set disabled, using 387
arithmetics [-Werror]
cc1: all warnings being treated as errors
Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upstream-Status: Pending
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index cd667a2..8263876 100644
--- a/configure.ac
+++ b/configure.ac
@@ -846,7 +846,7 @@ fi
if ( test "x$target_cpu" = xi386 || test "x$target_cpu" = xx86_64 ) && test "x$platform" != xemu; then
# Some toolchains enable these features by default, but they need
# registers that aren't set up properly in GRUB.
- TARGET_CFLAGS="$TARGET_CFLAGS -mno-mmx -mno-sse -mno-sse2 -mno-sse3 -mno-3dnow"
+ TARGET_CFLAGS="$TARGET_CFLAGS -mno-mmx -mno-sse -mno-sse2 -mno-sse3 -mno-3dnow -mfpmath=387"
fi
if ( test "x$target_cpu" = xi386 || test "x$target_cpu" = xx86_64 ); then

37
sources/poky/meta/recipes-bsp/grub/files/0001-RISC-V-Restore-the-typcast-to-long.patch Normal file
View File

@@ -0,0 +1,37 @@
From b47029e8e582d17c6874d2622fe1a5b834377dbb Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 26 Mar 2021 11:59:43 -0700
Subject: [PATCH] RISC-V: Restore the typcast to 64bit type
this makes the type promotions clear and explicit
It was already typecasted to long but was accidentally dropped in [1]
which stated to cause failures on riscv32 as reported in [2]
[1] https://git.savannah.gnu.org/cgit/grub.git/commit/?id=2bf40e9e5be9808b17852e688eead87acff14420
[2] https://savannah.gnu.org/bugs/index.php?60283
Upstream-Status: Submitted
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Andreas Schwab <schwab@suse.de>
Cc: Daniel Kiper <daniel.kiper@oracle.com>
Cc: Chester Lin <clin@suse.com>
Cc: Nikita Ermakov <arei@altlinux.org>
Cc: Alistair Francis <alistair.francis@wdc.com>
---
util/grub-mkimagexx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c
index e50b295..2f09255 100644
--- a/util/grub-mkimagexx.c
+++ b/util/grub-mkimagexx.c
@@ -1310,7 +1310,7 @@ SUFFIX (relocate_addrs) (Elf_Ehdr *e, struct section_metadata *smd,
*/
sym_addr += addend;
- off = sym_addr - target_section_addr - offset - image_target->vaddr_offset;
+ off = (grub_int64_t)sym_addr - target_section_addr - offset - image_target->vaddr_offset;
switch (ELF_R_TYPE (info))
{

54
sources/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch Normal file
View File

@@ -0,0 +1,54 @@
From a80592e20f6c4b928a22862f52f268ab9d9908b2 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 13 Jan 2016 19:28:00 +0000
Subject: [PATCH] grub.d/10_linux.in: add oe's kernel name
Our kernel's name is bzImage, we need add it to grub.d/10_linux.in so
that the grub-mkconfig and grub-install can work correctly.
We only need add the bzImage to util/grub.d/10_linux.in, but also add it
to util/grub.d/20_linux_xen.in to keep compatibility.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upstream-Status: Inappropriate [OE specific]
---
util/grub.d/10_linux.in | 6 +++---
util/grub.d/20_linux_xen.in | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
index cc393be..8545cb6 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
@@ -166,12 +166,12 @@ machine=`uname -m`
case "x$machine" in
xi?86 | xx86_64)
list=
- for i in /boot/vmlinuz-* /vmlinuz-* /boot/kernel-* ; do
+ for i in /boot/bzImage-* /bzImage-* /boot/vmlinuz-* /vmlinuz-* /boot/kernel-* ; do
if grub_file_is_not_garbage "$i" ; then list="$list $i" ; fi
done ;;
- *)
+ *)
list=
- for i in /boot/vmlinuz-* /boot/vmlinux-* /vmlinuz-* /vmlinux-* /boot/kernel-* ; do
+ for i in /boot/bzImage-* /boot/vmlinuz-* /boot/vmlinux-* /bzImage-* /vmlinuz-* /vmlinux-* /boot/kernel-* ; do
if grub_file_is_not_garbage "$i" ; then list="$list $i" ; fi
done ;;
esac
diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in
index 94dd8be..36cd554 100644
--- a/util/grub.d/20_linux_xen.in
+++ b/util/grub.d/20_linux_xen.in
@@ -181,7 +181,7 @@ EOF
}
linux_list=
-for i in /boot/vmlinu[xz]-* /vmlinu[xz]-* /boot/kernel-*; do
+for i in /boot/bzImage[xz]-* /bzImage[xz]-* /boot/vmlinu[xz]-* /vmlinu[xz]-* /boot/kernel-*; do
if grub_file_is_not_garbage "$i"; then
basename=$(basename $i)
version=$(echo $basename | sed -e "s,^[^0-9]*-,,g")

68
sources/poky/meta/recipes-bsp/grub/files/0001-misc-Implement-grub_strlcpy.patch Normal file
View File

@@ -0,0 +1,68 @@
From ea703528a8581a2ea7e0bad424a70fdf0aec7d8f Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Sat, 15 Jun 2024 02:33:08 +0100
Subject: [PATCH 1/2] misc: Implement grub_strlcpy()
grub_strlcpy() acts the same way as strlcpy() does on most *NIX,
returning the length of src and ensuring dest is always NUL
terminated except when size is 0.
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=ea703528a8581a2ea7e0bad424a70fdf0aec7d8f]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
include/grub/misc.h | 39 +++++++++++++++++++++++++++++++++++++++
1 file changed, 39 insertions(+)
diff --git a/include/grub/misc.h b/include/grub/misc.h
index 1578f36c3..14d8f37ac 100644
--- a/include/grub/misc.h
+++ b/include/grub/misc.h
@@ -64,6 +64,45 @@ grub_stpcpy (char *dest, const char *src)
return d - 1;
}
+static inline grub_size_t
+grub_strlcpy (char *dest, const char *src, grub_size_t size)
+{
+ char *d = dest;
+ grub_size_t res = 0;
+ /*
+ * We do not subtract one from size here to avoid dealing with underflowing
+ * the value, which is why to_copy is always checked to be greater than one
+ * throughout this function.
+ */
+ grub_size_t to_copy = size;
+
+ /* Copy size - 1 bytes to dest. */
+ if (to_copy > 1)
+ while ((*d++ = *src++) != '\0' && ++res && --to_copy > 1)
+ ;
+
+ /*
+ * NUL terminate if size != 0. The previous step may have copied a NUL byte
+ * if it reached the end of the string, but we know dest[size - 1] must always
+ * be a NUL byte.
+ */
+ if (size != 0)
+ dest[size - 1] = '\0';
+
+ /* If there is still space in dest, but are here, we reached the end of src. */
+ if (to_copy > 1)
+ return res;
+
+ /*
+ * If we haven't reached the end of the string, iterate through to determine
+ * the strings total length.
+ */
+ while (*src++ != '\0' && ++res)
+ ;
+
+ return res;
+}
+
/* XXX: If grub_memmove is too slow, we must implement grub_memcpy. */
static inline void *
grub_memcpy (void *dest, const void *src, grub_size_t n)

37
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45774.patch Normal file
View File

@@ -0,0 +1,37 @@
From 2c34af908ebf4856051ed29e46d88abd2b20387f Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Fri, 8 Mar 2024 22:47:20 +1100
Subject: [PATCH] video/readers/jpeg: Do not permit duplicate SOF0 markers in
JPEG
Otherwise a subsequent header could change the height and width
allowing future OOB writes.
Fixes: CVE-2024-45774
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2024-45774
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=2c34af908ebf4856051ed29e46d88abd2b20387f]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/video/readers/jpeg.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c
index ae634fd41..631a89356 100644
--- a/grub-core/video/readers/jpeg.c
+++ b/grub-core/video/readers/jpeg.c
@@ -339,6 +339,10 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data)
if (grub_errno != GRUB_ERR_NONE)
return grub_errno;
+ if (data->image_height != 0 || data->image_width != 0)
+ return grub_error (GRUB_ERR_BAD_FILE_TYPE,
+ "jpeg: cannot have duplicate SOF0 markers");
+
if (grub_jpeg_get_byte (data) != 8)
return grub_error (GRUB_ERR_BAD_FILE_TYPE,
"jpeg: only 8-bit precision is supported");

38
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45775.patch Normal file
View File

@@ -0,0 +1,38 @@
From 05be856a8c3aae41f5df90cab7796ab7ee34b872 Mon Sep 17 00:00:00 2001
From: Lidong Chen <lidong.chen@oracle.com>
Date: Fri, 22 Nov 2024 06:27:55 +0000
Subject: [PATCH] commands/extcmd: Missing check for failed allocation
The grub_extcmd_dispatcher() calls grub_arg_list_alloc() to allocate
a grub_arg_list struct but it does not verify the allocation was successful.
In case of failed allocation the NULL state pointer can be accessed in
parse_option() through grub_arg_parse() which may lead to a security issue.
Fixes: CVE-2024-45775
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
CVE: CVE-2024-45775
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=05be856a8c3aae41f5df90cab7796ab7ee34b872]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/commands/extcmd.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/grub-core/commands/extcmd.c b/grub-core/commands/extcmd.c
index 90a5ca24a..c236be13a 100644
--- a/grub-core/commands/extcmd.c
+++ b/grub-core/commands/extcmd.c
@@ -49,6 +49,9 @@ grub_extcmd_dispatcher (struct grub_command *cmd, int argc, char **args,
}
state = grub_arg_list_alloc (ext, argc, args);
+ if (state == NULL)
+ return grub_errno;
+
if (grub_arg_parse (ext, argc, args, state, &new_args, &new_argc))
{
context.state = state;

39
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45776.patch Normal file
View File

@@ -0,0 +1,39 @@
From 09bd6eb58b0f71ec273916070fa1e2de16897a91 Mon Sep 17 00:00:00 2001
From: Lidong Chen <lidong.chen@oracle.com>
Date: Fri, 22 Nov 2024 06:27:56 +0000
Subject: [PATCH] gettext: Integer overflow leads to heap OOB write or read
Calculation of ctx->grub_gettext_msg_list size in grub_mofile_open() may
overflow leading to subsequent OOB write or read. This patch fixes the
issue by replacing grub_zalloc() and explicit multiplication with
grub_calloc() which does the same thing in safe manner.
Fixes: CVE-2024-45776
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
CVE: CVE-2024-45776
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=09bd6eb58b0f71ec273916070fa1e2de16897a91]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/gettext/gettext.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
index e4f4f8ee6..63bb1ab73 100644
--- a/grub-core/gettext/gettext.c
+++ b/grub-core/gettext/gettext.c
@@ -323,8 +323,8 @@ grub_mofile_open (struct grub_gettext_context *ctx,
for (ctx->grub_gettext_max_log = 0; ctx->grub_gettext_max >> ctx->grub_gettext_max_log;
ctx->grub_gettext_max_log++);
- ctx->grub_gettext_msg_list = grub_zalloc (ctx->grub_gettext_max
- * sizeof (ctx->grub_gettext_msg_list[0]));
+ ctx->grub_gettext_msg_list = grub_calloc (ctx->grub_gettext_max,
+ sizeof (ctx->grub_gettext_msg_list[0]));
if (!ctx->grub_gettext_msg_list)
{
grub_file_close (fd);

57
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45777.patch Normal file
View File

@@ -0,0 +1,57 @@
From b970a5ed967816bbca8225994cd0ee2557bad515 Mon Sep 17 00:00:00 2001
From: Lidong Chen <lidong.chen@oracle.com>
Date: Fri, 22 Nov 2024 06:27:57 +0000
Subject: [PATCH] gettext: Integer overflow leads to heap OOB write
The size calculation of the translation buffer in
grub_gettext_getstr_from_position() may overflow
to 0 leading to heap OOB write. This patch fixes
the issue by using grub_add() and checking for
an overflow.
Fixes: CVE-2024-45777
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
CVE: CVE-2024-45777
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b970a5ed967816bbca8225994cd0ee2557bad515]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/gettext/gettext.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
index 63bb1ab73..9ffc73428 100644
--- a/grub-core/gettext/gettext.c
+++ b/grub-core/gettext/gettext.c
@@ -26,6 +26,7 @@
#include <grub/file.h>
#include <grub/kernel.h>
#include <grub/i18n.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -99,6 +100,7 @@ grub_gettext_getstr_from_position (struct grub_gettext_context *ctx,
char *translation;
struct string_descriptor desc;
grub_err_t err;
+ grub_size_t alloc_sz;
internal_position = (off + position * sizeof (desc));
@@ -109,7 +111,10 @@ grub_gettext_getstr_from_position (struct grub_gettext_context *ctx,
length = grub_cpu_to_le32 (desc.length);
offset = grub_cpu_to_le32 (desc.offset);
- translation = grub_malloc (length + 1);
+ if (grub_add (length, 1, &alloc_sz))
+ return NULL;
+
+ translation = grub_malloc (alloc_sz);
if (!translation)
return NULL;

55
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45778_CVE-2024-45779.patch Normal file
View File

@@ -0,0 +1,55 @@
From 26db6605036bd9e5b16d9068a8cc75be63b8b630 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Sat, 23 Mar 2024 15:59:43 +1100
Subject: [PATCH] fs/bfs: Disable under lockdown
The BFS is not fuzz-clean. Don't allow it to be loaded under lockdown.
This will also disable the AFS.
Fixes: CVE-2024-45778
Fixes: CVE-2024-45779
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2024-45778
CVE: CVE-2024-45779
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/fs/bfs.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/grub-core/fs/bfs.c b/grub-core/fs/bfs.c
index 022f69fe2..78aeb051f 100644
--- a/grub-core/fs/bfs.c
+++ b/grub-core/fs/bfs.c
@@ -30,6 +30,7 @@
#include <grub/types.h>
#include <grub/i18n.h>
#include <grub/fshelp.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -1106,7 +1107,10 @@ GRUB_MOD_INIT (bfs)
{
COMPILE_TIME_ASSERT (1 << LOG_EXTENT_SIZE ==
sizeof (struct grub_bfs_extent));
- grub_fs_register (&grub_bfs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_bfs_fs);
+ }
}
#ifdef MODE_AFS
@@ -1115,5 +1119,6 @@ GRUB_MOD_FINI (afs)
GRUB_MOD_FINI (bfs)
#endif
{
- grub_fs_unregister (&grub_bfs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_bfs_fs);
}

93
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45780.patch Normal file
View File

@@ -0,0 +1,93 @@
From 0087bc6902182fe5cedce2d034c75a79cf6dd4f3 Mon Sep 17 00:00:00 2001
From: Lidong Chen <lidong.chen@oracle.com>
Date: Fri, 22 Nov 2024 06:27:58 +0000
Subject: [PATCH] fs/tar: Integer overflow leads to heap OOB write
Both namesize and linksize are derived from hd.size, a 12-digit octal
number parsed by read_number(). Later direct arithmetic calculation like
"namesize + 1" and "linksize + 1" may exceed the maximum value of
grub_size_t leading to heap OOB write. This patch fixes the issue by
using grub_add() and checking for an overflow.
Fixes: CVE-2024-45780
Reported-by: Nils Langius <nils@langius.de>
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
CVE: CVE-2024-45780
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0087bc6902182fe5cedce2d034c75a79cf6dd4f3]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/fs/tar.c | 23 ++++++++++++++++++-----
1 file changed, 18 insertions(+), 5 deletions(-)
diff --git a/grub-core/fs/tar.c b/grub-core/fs/tar.c
index 646bce5eb..386c09022 100644
--- a/grub-core/fs/tar.c
+++ b/grub-core/fs/tar.c
@@ -25,6 +25,7 @@
#include <grub/mm.h>
#include <grub/dl.h>
#include <grub/i18n.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -76,6 +77,7 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name,
{
struct head hd;
int reread = 0, have_longname = 0, have_longlink = 0;
+ grub_size_t sz;
data->hofs = data->next_hofs;
@@ -97,7 +99,11 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name,
{
grub_err_t err;
grub_size_t namesize = read_number (hd.size, sizeof (hd.size));
- *name = grub_malloc (namesize + 1);
+
+ if (grub_add (namesize, 1, &sz))
+ return grub_error (GRUB_ERR_BAD_FS, N_("name size overflow"));
+
+ *name = grub_malloc (sz);
if (*name == NULL)
return grub_errno;
err = grub_disk_read (data->disk, 0,
@@ -117,15 +123,19 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name,
{
grub_err_t err;
grub_size_t linksize = read_number (hd.size, sizeof (hd.size));
- if (data->linkname_alloc < linksize + 1)
+
+ if (grub_add (linksize, 1, &sz))
+ return grub_error (GRUB_ERR_BAD_FS, N_("link size overflow"));
+
+ if (data->linkname_alloc < sz)
{
char *n;
- n = grub_calloc (2, linksize + 1);
+ n = grub_calloc (2, sz);
if (!n)
return grub_errno;
grub_free (data->linkname);
data->linkname = n;
- data->linkname_alloc = 2 * (linksize + 1);
+ data->linkname_alloc = 2 * (sz);
}
err = grub_disk_read (data->disk, 0,
@@ -148,7 +158,10 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name,
while (extra_size < sizeof (hd.prefix)
&& hd.prefix[extra_size])
extra_size++;
- *name = grub_malloc (sizeof (hd.name) + extra_size + 2);
+
+ if (grub_add (sizeof (hd.name) + 2, extra_size, &sz))
+ return grub_error (GRUB_ERR_BAD_FS, N_("long name size overflow"));
+ *name = grub_malloc (sz);
if (*name == NULL)
return grub_errno;
if (hd.prefix[0])

35
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45781.patch Normal file
View File

@@ -0,0 +1,35 @@
From c1a291b01f4f1dcd6a22b61f1c81a45a966d16ba Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Sun, 12 May 2024 02:03:33 +0100
Subject: [PATCH 2/2] fs/ufs: Fix a heap OOB write
grub_strcpy() was used to copy a symlink name from the filesystem
image to a heap allocated buffer. This led to a OOB write to adjacent
heap allocations. Fix by using grub_strlcpy().
Fixes: CVE-2024-45781
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2024-45781
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=c1a291b01f4f1dcd6a22b61f1c81a45a966d16ba]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/fs/ufs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/fs/ufs.c b/grub-core/fs/ufs.c
index a354c92d9..01235101b 100644
--- a/grub-core/fs/ufs.c
+++ b/grub-core/fs/ufs.c
@@ -463,7 +463,7 @@ grub_ufs_lookup_symlink (struct grub_ufs_data *data, int ino)
/* Check against zero is paylindromic, no need to swap. */
if (data->inode.nblocks == 0
&& INODE_SIZE (data) <= sizeof (data->inode.symlink))
- grub_strcpy (symlink, (char *) data->inode.symlink);
+ grub_strlcpy (symlink, (char *) data->inode.symlink, sz);
else
{
if (grub_ufs_read_file (data, 0, 0, 0, sz, symlink) < 0)

36
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45782_CVE-2024-56737.patch Normal file
View File

@@ -0,0 +1,36 @@
From 417547c10410b714e43f08f74137c24015f8f4c3 Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Sun, 12 May 2024 02:48:33 +0100
Subject: [PATCH] fs/hfs: Fix stack OOB write with grub_strcpy()
Replaced with grub_strlcpy().
Fixes: CVE-2024-45782
Fixes: CVE-2024-56737
Fixes: https://savannah.gnu.org/bugs/?66599
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2024-45782
CVE: CVE-2024-56737
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=417547c10410b714e43f08f74137c24015f8f4c3]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/fs/hfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/fs/hfs.c b/grub-core/fs/hfs.c
index 91dc0e69c..920112b03 100644
--- a/grub-core/fs/hfs.c
+++ b/grub-core/fs/hfs.c
@@ -379,7 +379,7 @@ grub_hfs_mount (grub_disk_t disk)
volume name. */
key.parent_dir = grub_cpu_to_be32_compile_time (1);
key.strlen = data->sblock.volname[0];
- grub_strcpy ((char *) key.str, (char *) (data->sblock.volname + 1));
+ grub_strlcpy ((char *) key.str, (char *) (data->sblock.volname + 1), sizeof (key.str));
if (grub_hfs_find_node (data, (char *) &key, data->cat_root,
0, (char *) &dir, sizeof (dir)) == 0)

39
sources/poky/meta/recipes-bsp/grub/files/CVE-2024-45783.patch Normal file
View File

@@ -0,0 +1,39 @@
From f7c070a2e28dfab7137db0739fb8db1dc02d8898 Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Sun, 12 May 2024 06:22:51 +0100
Subject: [PATCH] fs/hfsplus: Set a grub_errno if mount fails
It was possible for mount to fail but not set grub_errno. This led to
a possible double decrement of the module reference count if the NULL
page was mapped.
Fixing in general as a similar bug was fixed in commit 61b13c187
(fs/hfsplus: Set grub_errno to prevent NULL pointer access) and there
are likely more variants around.
Fixes: CVE-2024-45783
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2024-45783
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=f7c070a2e28dfab7137db0739fb8db1dc02d8898]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/fs/hfsplus.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c
index 295822f69..de71fd486 100644
--- a/grub-core/fs/hfsplus.c
+++ b/grub-core/fs/hfsplus.c
@@ -405,7 +405,7 @@ grub_hfsplus_mount (grub_disk_t disk)
fail:
- if (grub_errno == GRUB_ERR_OUT_OF_RANGE)
+ if (grub_errno == GRUB_ERR_OUT_OF_RANGE || grub_errno == GRUB_ERR_NONE)
grub_error (GRUB_ERR_BAD_FS, "not a HFS+ filesystem");
grub_free (data);

35
sources/poky/meta/recipes-bsp/grub/files/CVE-2025-0622-01.patch Normal file
View File

@@ -0,0 +1,35 @@
From 2123c5bca7e21fbeb0263df4597ddd7054700726 Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Fri, 1 Nov 2024 19:24:29 +0000
Subject: [PATCH 1/3] commands/pgp: Unregister the "check_signatures" hooks on
module unload
If the hooks are not removed they can be called after the module has
been unloaded leading to an use-after-free.
Fixes: CVE-2025-0622
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2025-0622
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=2123c5bca7e21fbeb0263df4597ddd7054700726]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/commands/pgp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/grub-core/commands/pgp.c b/grub-core/commands/pgp.c
index c6766f044..5fadc33c4 100644
--- a/grub-core/commands/pgp.c
+++ b/grub-core/commands/pgp.c
@@ -1010,6 +1010,8 @@ GRUB_MOD_INIT(pgp)
GRUB_MOD_FINI(pgp)
{
+ grub_register_variable_hook ("check_signatures", NULL, NULL);
+ grub_env_unset ("check_signatures");
grub_verifier_unregister (&grub_pubkey_verifier);
grub_unregister_extcmd (cmd);
grub_unregister_extcmd (cmd_trust);

41
sources/poky/meta/recipes-bsp/grub/files/CVE-2025-0622-02.patch Normal file
View File

@@ -0,0 +1,41 @@
From 9c16197734ada8d0838407eebe081117799bfe67 Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Fri, 1 Nov 2024 23:46:55 +0000
Subject: [PATCH 2/3] normal: Remove variables hooks on module unload
The normal module does not entirely cleanup after itself in
its GRUB_MOD_FINI() leaving a few variables hooks in place.
It is not possible to unload normal module now but fix the
issues for completeness.
On the occasion replace 0s with NULLs for "pager" variable
hooks unregister.
Fixes: CVE-2025-0622
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2025-0622
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9c16197734ada8d0838407eebe081117799bfe67]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/normal/main.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index 838f57fa5..04d058f55 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -582,7 +582,9 @@ GRUB_MOD_FINI(normal)
grub_xputs = grub_xputs_saved;
grub_set_history (0);
- grub_register_variable_hook ("pager", 0, 0);
+ grub_register_variable_hook ("pager", NULL, NULL);
+ grub_register_variable_hook ("color_normal", NULL, NULL);
+ grub_register_variable_hook ("color_highlight", NULL, NULL);
grub_fs_autoload_hook = 0;
grub_unregister_command (cmd_clear);
}

38
sources/poky/meta/recipes-bsp/grub/files/CVE-2025-0622-03.patch Normal file
View File

@@ -0,0 +1,38 @@
From 7580addfc8c94cedb0cdfd7a1fd65b539215e637 Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Fri, 1 Nov 2024 23:52:06 +0000
Subject: [PATCH 3/3] gettext: Remove variables hooks on module unload
The gettext module does not entirely cleanup after itself in
its GRUB_MOD_FINI() leaving a few variables hooks in place.
It is not possible to unload gettext module because normal
module depends on it. Though fix the issues for completeness.
Fixes: CVE-2025-0622
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2025-0622
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=7580addfc8c94cedb0cdfd7a1fd65b539215e637]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/gettext/gettext.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
index 7a1c14e4f..e4f4f8ee6 100644
--- a/grub-core/gettext/gettext.c
+++ b/grub-core/gettext/gettext.c
@@ -535,6 +535,10 @@ GRUB_MOD_INIT (gettext)
GRUB_MOD_FINI (gettext)
{
+ grub_register_variable_hook ("locale_dir", NULL, NULL);
+ grub_register_variable_hook ("secondary_locale_dir", NULL, NULL);
+ grub_register_variable_hook ("lang", NULL, NULL);
+
grub_gettext_delete_list (&main_context);
grub_gettext_delete_list (&secondary_context);

84
sources/poky/meta/recipes-bsp/grub/files/CVE-2025-0624.patch Normal file
View File

@@ -0,0 +1,84 @@
From 5eef88152833062a3f7e017535372d64ac8ef7e1 Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Fri, 15 Nov 2024 13:12:09 +0000
Subject: [PATCH] net: Fix OOB write in grub_net_search_config_file()
The function included a call to grub_strcpy() which copied data from an
environment variable to a buffer allocated in grub_cmd_normal(). The
grub_cmd_normal() didn't consider the length of the environment variable.
So, the copy operation could exceed the allocation and lead to an OOB
write. Fix the issue by replacing grub_strcpy() with grub_strlcpy() and
pass the underlying buffers size to the grub_net_search_config_file().
Fixes: CVE-2025-0624
Reported-by: B Horn <b@horn.uk>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2025-0624
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=5eef88152833062a3f7e017535372d64ac8ef7e1]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/net/net.c | 7 ++++---
grub-core/normal/main.c | 2 +-
include/grub/net.h | 2 +-
3 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/grub-core/net/net.c b/grub-core/net/net.c
index 0e41e21a5..9939ff601 100644
--- a/grub-core/net/net.c
+++ b/grub-core/net/net.c
@@ -1909,14 +1909,15 @@ grub_config_search_through (char *config, char *suffix,
}
grub_err_t
-grub_net_search_config_file (char *config)
+grub_net_search_config_file (char *config, grub_size_t config_buf_len)
{
- grub_size_t config_len;
+ grub_size_t config_len, suffix_len;
char *suffix;
config_len = grub_strlen (config);
config[config_len] = '-';
suffix = config + config_len + 1;
+ suffix_len = config_buf_len - (config_len + 1);
struct grub_net_network_level_interface *inf;
FOR_NET_NETWORK_LEVEL_INTERFACES (inf)
@@ -1942,7 +1943,7 @@ grub_net_search_config_file (char *config)
if (client_uuid)
{
- grub_strcpy (suffix, client_uuid);
+ grub_strlcpy (suffix, client_uuid, suffix_len);
if (grub_config_search_through (config, suffix, 1, 0) == 0)
return GRUB_ERR_NONE;
}
diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c
index 90879dc21..838f57fa5 100644
--- a/grub-core/normal/main.c
+++ b/grub-core/normal/main.c
@@ -344,7 +344,7 @@ grub_cmd_normal (struct grub_command *cmd __attribute__ ((unused)),
if (grub_strncmp (prefix + 1, "tftp", sizeof ("tftp") - 1) == 0 &&
!disable_net_search)
- grub_net_search_config_file (config);
+ grub_net_search_config_file (config, config_len);
grub_enter_normal_mode (config);
grub_free (config);
diff --git a/include/grub/net.h b/include/grub/net.h
index 228d04963..58a4f83fc 100644
--- a/include/grub/net.h
+++ b/include/grub/net.h
@@ -579,7 +579,7 @@ void
grub_net_remove_dns_server (const struct grub_net_network_level_address *s);
grub_err_t
-grub_net_search_config_file (char *config);
+grub_net_search_config_file (char *config, grub_size_t config_buf_len);
extern char *grub_net_default_server;

377
sources/poky/meta/recipes-bsp/grub/files/CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch Normal file
View File

@@ -0,0 +1,377 @@
From 47b2dfc7953f70f98ddf35dfdd6e7f4f20283b10 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Sat, 23 Mar 2024 16:20:45 +1100
Subject: [PATCH] fs: Disable many filesystems under lockdown
The idea is to permit the following: btrfs, cpio, exfat, ext, f2fs, fat,
hfsplus, iso9660, squash4, tar, xfs and zfs.
The JFS, ReiserFS, romfs, UDF and UFS security vulnerabilities were
reported by Jonathan Bar Or <jonathanbaror@gmail.com>.
Fixes: CVE-2025-0677
Fixes: CVE-2025-0684
Fixes: CVE-2025-0685
Fixes: CVE-2025-0686
Fixes: CVE-2025-0689
Suggested-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2025-0677
CVE: CVE-2025-0684
CVE: CVE-2025-0685
CVE: CVE-2025-0686
CVE: CVE-2025-0689
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=47b2dfc7953f70f98ddf35dfdd6e7f4f20283b10]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/fs/affs.c | 9 +++++++--
grub-core/fs/cbfs.c | 9 +++++++--
grub-core/fs/jfs.c | 9 +++++++--
grub-core/fs/minix.c | 9 +++++++--
grub-core/fs/nilfs2.c | 9 +++++++--
grub-core/fs/ntfs.c | 9 +++++++--
grub-core/fs/reiserfs.c | 9 +++++++--
grub-core/fs/romfs.c | 9 +++++++--
grub-core/fs/sfs.c | 9 +++++++--
grub-core/fs/udf.c | 9 +++++++--
grub-core/fs/ufs.c | 9 +++++++--
11 files changed, 77 insertions(+), 22 deletions(-)
diff --git a/grub-core/fs/affs.c b/grub-core/fs/affs.c
index ed606b3f1..352f5d232 100644
--- a/grub-core/fs/affs.c
+++ b/grub-core/fs/affs.c
@@ -26,6 +26,7 @@
#include <grub/types.h>
#include <grub/fshelp.h>
#include <grub/charset.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -703,11 +704,15 @@ static struct grub_fs grub_affs_fs =
GRUB_MOD_INIT(affs)
{
- grub_fs_register (&grub_affs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_affs_fs);
+ }
my_mod = mod;
}
GRUB_MOD_FINI(affs)
{
- grub_fs_unregister (&grub_affs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_affs_fs);
}
diff --git a/grub-core/fs/cbfs.c b/grub-core/fs/cbfs.c
index 8ab7106af..f6349df34 100644
--- a/grub-core/fs/cbfs.c
+++ b/grub-core/fs/cbfs.c
@@ -26,6 +26,7 @@
#include <grub/dl.h>
#include <grub/i18n.h>
#include <grub/cbfs_core.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -390,12 +391,16 @@ GRUB_MOD_INIT (cbfs)
#if (defined (__i386__) || defined (__x86_64__)) && !defined (GRUB_UTIL) && !defined (GRUB_MACHINE_EMU) && !defined (GRUB_MACHINE_XEN)
init_cbfsdisk ();
#endif
- grub_fs_register (&grub_cbfs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_cbfs_fs);
+ }
}
GRUB_MOD_FINI (cbfs)
{
- grub_fs_unregister (&grub_cbfs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_cbfs_fs);
#if (defined (__i386__) || defined (__x86_64__)) && !defined (GRUB_UTIL) && !defined (GRUB_MACHINE_EMU) && !defined (GRUB_MACHINE_XEN)
fini_cbfsdisk ();
#endif
diff --git a/grub-core/fs/jfs.c b/grub-core/fs/jfs.c
index 6f7c43904..c0bbab8a9 100644
--- a/grub-core/fs/jfs.c
+++ b/grub-core/fs/jfs.c
@@ -26,6 +26,7 @@
#include <grub/types.h>
#include <grub/charset.h>
#include <grub/i18n.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -963,11 +964,15 @@ static struct grub_fs grub_jfs_fs =
GRUB_MOD_INIT(jfs)
{
- grub_fs_register (&grub_jfs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_jfs_fs);
+ }
my_mod = mod;
}
GRUB_MOD_FINI(jfs)
{
- grub_fs_unregister (&grub_jfs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_jfs_fs);
}
diff --git a/grub-core/fs/minix.c b/grub-core/fs/minix.c
index 5354951d1..c267298b5 100644
--- a/grub-core/fs/minix.c
+++ b/grub-core/fs/minix.c
@@ -25,6 +25,7 @@
#include <grub/dl.h>
#include <grub/types.h>
#include <grub/i18n.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -734,7 +735,10 @@ GRUB_MOD_INIT(minix)
#endif
#endif
{
- grub_fs_register (&grub_minix_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_minix_fs);
+ }
my_mod = mod;
}
@@ -756,5 +760,6 @@ GRUB_MOD_FINI(minix)
#endif
#endif
{
- grub_fs_unregister (&grub_minix_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_minix_fs);
}
diff --git a/grub-core/fs/nilfs2.c b/grub-core/fs/nilfs2.c
index fc7374ead..08abf173f 100644
--- a/grub-core/fs/nilfs2.c
+++ b/grub-core/fs/nilfs2.c
@@ -34,6 +34,7 @@
#include <grub/dl.h>
#include <grub/types.h>
#include <grub/fshelp.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -1231,11 +1232,15 @@ GRUB_MOD_INIT (nilfs2)
grub_nilfs2_dat_entry));
COMPILE_TIME_ASSERT (1 << LOG_INODE_SIZE
== sizeof (struct grub_nilfs2_inode));
- grub_fs_register (&grub_nilfs2_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_nilfs2_fs);
+ }
my_mod = mod;
}
GRUB_MOD_FINI (nilfs2)
{
- grub_fs_unregister (&grub_nilfs2_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_nilfs2_fs);
}
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
index de435aa14..8cc2ba3d5 100644
--- a/grub-core/fs/ntfs.c
+++ b/grub-core/fs/ntfs.c
@@ -27,6 +27,7 @@
#include <grub/fshelp.h>
#include <grub/ntfs.h>
#include <grub/charset.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -1320,11 +1321,15 @@ static struct grub_fs grub_ntfs_fs =
GRUB_MOD_INIT (ntfs)
{
- grub_fs_register (&grub_ntfs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_ntfs_fs);
+ }
my_mod = mod;
}
GRUB_MOD_FINI (ntfs)
{
- grub_fs_unregister (&grub_ntfs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_ntfs_fs);
}
diff --git a/grub-core/fs/reiserfs.c b/grub-core/fs/reiserfs.c
index 36b26ac98..cdef2eba0 100644
--- a/grub-core/fs/reiserfs.c
+++ b/grub-core/fs/reiserfs.c
@@ -39,6 +39,7 @@
#include <grub/types.h>
#include <grub/fshelp.h>
#include <grub/i18n.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -1417,11 +1418,15 @@ static struct grub_fs grub_reiserfs_fs =
GRUB_MOD_INIT(reiserfs)
{
- grub_fs_register (&grub_reiserfs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_reiserfs_fs);
+ }
my_mod = mod;
}
GRUB_MOD_FINI(reiserfs)
{
- grub_fs_unregister (&grub_reiserfs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_reiserfs_fs);
}
diff --git a/grub-core/fs/romfs.c b/grub-core/fs/romfs.c
index 1f7dcfca1..acf8dd21e 100644
--- a/grub-core/fs/romfs.c
+++ b/grub-core/fs/romfs.c
@@ -23,6 +23,7 @@
#include <grub/disk.h>
#include <grub/fs.h>
#include <grub/fshelp.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -475,10 +476,14 @@ static struct grub_fs grub_romfs_fs =
GRUB_MOD_INIT(romfs)
{
- grub_fs_register (&grub_romfs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_romfs_fs);
+ }
}
GRUB_MOD_FINI(romfs)
{
- grub_fs_unregister (&grub_romfs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_romfs_fs);
}
diff --git a/grub-core/fs/sfs.c b/grub-core/fs/sfs.c
index 983e88008..f64bdd2df 100644
--- a/grub-core/fs/sfs.c
+++ b/grub-core/fs/sfs.c
@@ -26,6 +26,7 @@
#include <grub/types.h>
#include <grub/fshelp.h>
#include <grub/charset.h>
+#include <grub/lockdown.h>
#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -779,11 +780,15 @@ static struct grub_fs grub_sfs_fs =
GRUB_MOD_INIT(sfs)
{
- grub_fs_register (&grub_sfs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_sfs_fs);
+ }
my_mod = mod;
}
GRUB_MOD_FINI(sfs)
{
- grub_fs_unregister (&grub_sfs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_sfs_fs);
}
diff --git a/grub-core/fs/udf.c b/grub-core/fs/udf.c
index b836e6107..a60643be1 100644
--- a/grub-core/fs/udf.c
+++ b/grub-core/fs/udf.c
@@ -27,6 +27,7 @@
#include <grub/fshelp.h>
#include <grub/charset.h>
#include <grub/datetime.h>
+#include <grub/lockdown.h>
#include <grub/udf.h>
#include <grub/safemath.h>
@@ -1455,11 +1456,15 @@ static struct grub_fs grub_udf_fs = {
GRUB_MOD_INIT (udf)
{
- grub_fs_register (&grub_udf_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_udf_fs);
+ }
my_mod = mod;
}
GRUB_MOD_FINI (udf)
{
- grub_fs_unregister (&grub_udf_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_udf_fs);
}
diff --git a/grub-core/fs/ufs.c b/grub-core/fs/ufs.c
index 01235101b..6b496e7b8 100644
--- a/grub-core/fs/ufs.c
+++ b/grub-core/fs/ufs.c
@@ -25,6 +25,7 @@
#include <grub/dl.h>
#include <grub/types.h>
#include <grub/i18n.h>
+#include <grub/lockdown.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -899,7 +900,10 @@ GRUB_MOD_INIT(ufs1)
#endif
#endif
{
- grub_fs_register (&grub_ufs_fs);
+ if (!grub_is_lockdown ())
+ {
+ grub_fs_register (&grub_ufs_fs);
+ }
my_mod = mod;
}
@@ -913,6 +917,7 @@ GRUB_MOD_FINI(ufs1)
#endif
#endif
{
- grub_fs_unregister (&grub_ufs_fs);
+ if (!grub_is_lockdown ())
+ grub_fs_unregister (&grub_ufs_fs);
}

87
sources/poky/meta/recipes-bsp/grub/files/CVE-2025-0678_CVE-2025-1125.patch Normal file
View File

@@ -0,0 +1,87 @@
From 84bc0a9a68835952ae69165c11709811dae7634e Mon Sep 17 00:00:00 2001
From: Lidong Chen <lidong.chen@oracle.com>
Date: Tue, 21 Jan 2025 19:02:37 +0000
Subject: [PATCH] fs: Prevent overflows when allocating memory for arrays
Use grub_calloc() when allocating memory for arrays to ensure proper
overflow checks are in place.
The HFS+ and squash4 security vulnerabilities were reported by
Jonathan Bar Or <jonathanbaror@gmail.com>.
Fixes: CVE-2025-0678
Fixes: CVE-2025-1125
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2025-0678
CVE: CVE-2025-1125
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=84bc0a9a68835952ae69165c11709811dae7634e]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/fs/btrfs.c | 4 ++--
grub-core/fs/hfspluscomp.c | 9 +++++++--
grub-core/fs/squash4.c | 8 ++++----
3 files changed, 13 insertions(+), 8 deletions(-)
diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c
index 0625b1166..9c1e925c9 100644
--- a/grub-core/fs/btrfs.c
+++ b/grub-core/fs/btrfs.c
@@ -1276,8 +1276,8 @@ grub_btrfs_mount (grub_device_t dev)
}
data->n_devices_allocated = 16;
- data->devices_attached = grub_malloc (sizeof (data->devices_attached[0])
- * data->n_devices_allocated);
+ data->devices_attached = grub_calloc (data->n_devices_allocated,
+ sizeof (data->devices_attached[0]));
if (!data->devices_attached)
{
grub_free (data);
diff --git a/grub-core/fs/hfspluscomp.c b/grub-core/fs/hfspluscomp.c
index 48ae438d8..a80954ee6 100644
--- a/grub-core/fs/hfspluscomp.c
+++ b/grub-core/fs/hfspluscomp.c
@@ -244,14 +244,19 @@ hfsplus_open_compressed_real (struct grub_hfsplus_file *node)
return 0;
}
node->compress_index_size = grub_le_to_cpu32 (index_size);
- node->compress_index = grub_malloc (node->compress_index_size
- * sizeof (node->compress_index[0]));
+ node->compress_index = grub_calloc (node->compress_index_size,
+ sizeof (node->compress_index[0]));
if (!node->compress_index)
{
node->compressed = 0;
grub_free (attr_node);
return grub_errno;
}
+
+ /*
+ * The node->compress_index_size * sizeof (node->compress_index[0]) is safe here
+ * due to relevant checks done in grub_calloc() above.
+ */
if (grub_hfsplus_read_file (node, 0, 0,
0x104 + sizeof (index_size),
node->compress_index_size
diff --git a/grub-core/fs/squash4.c b/grub-core/fs/squash4.c
index f91ff3bfa..cf2bca822 100644
--- a/grub-core/fs/squash4.c
+++ b/grub-core/fs/squash4.c
@@ -816,10 +816,10 @@ direct_read (struct grub_squash_data *data,
break;
}
total_blocks = ((total_size + data->blksz - 1) >> data->log2_blksz);
- ino->block_sizes = grub_malloc (total_blocks
- * sizeof (ino->block_sizes[0]));
- ino->cumulated_block_sizes = grub_malloc (total_blocks
- * sizeof (ino->cumulated_block_sizes[0]));
+ ino->block_sizes = grub_calloc (total_blocks,
+ sizeof (ino->block_sizes[0]));
+ ino->cumulated_block_sizes = grub_calloc (total_blocks,
+ sizeof (ino->cumulated_block_sizes[0]));
if (!ino->block_sizes || !ino->cumulated_block_sizes)
{
grub_free (ino->block_sizes);

73
sources/poky/meta/recipes-bsp/grub/files/CVE-2025-0690.patch Normal file
View File

@@ -0,0 +1,73 @@
From dad8f502974ed9ad0a70ae6820d17b4b142558fc Mon Sep 17 00:00:00 2001
From: Jonathan Bar Or <jonathanbaror@gmail.com>
Date: Thu, 23 Jan 2025 19:17:05 +0100
Subject: [PATCH] commands/read: Fix an integer overflow when supplying more
than 2^31 characters
The grub_getline() function currently has a signed integer variable "i"
that can be overflown when user supplies more than 2^31 characters.
It results in a memory corruption of the allocated line buffer as well
as supplying large negative values to grub_realloc().
Fixes: CVE-2025-0690
Reported-by: Jonathan Bar Or <jonathanbaror@gmail.com>
Signed-off-by: Jonathan Bar Or <jonathanbaror@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2025-0690
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=dad8f502974ed9ad0a70ae6820d17b4b142558fc]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/commands/read.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/grub-core/commands/read.c b/grub-core/commands/read.c
index 597c90706..8d72e45c9 100644
--- a/grub-core/commands/read.c
+++ b/grub-core/commands/read.c
@@ -25,6 +25,7 @@
#include <grub/types.h>
#include <grub/extcmd.h>
#include <grub/i18n.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -37,13 +38,14 @@ static const struct grub_arg_option options[] =
static char *
grub_getline (int silent)
{
- int i;
+ grub_size_t i;
char *line;
char *tmp;
int c;
+ grub_size_t alloc_size;
i = 0;
- line = grub_malloc (1 + i + sizeof('\0'));
+ line = grub_malloc (1 + sizeof('\0'));
if (! line)
return NULL;
@@ -59,8 +61,17 @@ grub_getline (int silent)
line[i] = (char) c;
if (!silent)
grub_printf ("%c", c);
- i++;
- tmp = grub_realloc (line, 1 + i + sizeof('\0'));
+ if (grub_add (i, 1, &i))
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+ return NULL;
+ }
+ if (grub_add (i, 1 + sizeof('\0'), &alloc_size))
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+ return NULL;
+ }
+ tmp = grub_realloc (line, alloc_size);
if (! tmp)
{
grub_free (line);

37
sources/poky/meta/recipes-bsp/grub/files/CVE-2025-1118.patch Normal file
View File

@@ -0,0 +1,37 @@
From 34824806ac6302f91e8cabaa41308eaced25725f Mon Sep 17 00:00:00 2001
From: B Horn <b@horn.uk>
Date: Thu, 18 Apr 2024 20:29:39 +0100
Subject: [PATCH] commands/minicmd: Block the dump command in lockdown mode
The dump enables a user to read memory which should not be possible
in lockdown mode.
Fixes: CVE-2025-1118
Reported-by: B Horn <b@horn.uk>
Reported-by: Jonathan Bar Or <jonathanbaror@gmail.com>
Signed-off-by: B Horn <b@horn.uk>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
CVE: CVE-2025-1118
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=34824806ac6302f91e8cabaa41308eaced25725f]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
grub-core/commands/minicmd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/commands/minicmd.c b/grub-core/commands/minicmd.c
index 286290866..8c5ee3e60 100644
--- a/grub-core/commands/minicmd.c
+++ b/grub-core/commands/minicmd.c
@@ -203,8 +203,8 @@ GRUB_MOD_INIT(minicmd)
grub_register_command ("help", grub_mini_cmd_help,
0, N_("Show this message."));
cmd_dump =
- grub_register_command ("dump", grub_mini_cmd_dump,
- N_("ADDR [SIZE]"), N_("Show memory contents."));
+ grub_register_command_lockdown ("dump", grub_mini_cmd_dump,
+ N_("ADDR [SIZE]"), N_("Show memory contents."));
cmd_rmmod =
grub_register_command ("rmmod", grub_mini_cmd_rmmod,
N_("MODULE"), N_("Remove a module."));

34
sources/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch Normal file
View File

@@ -0,0 +1,34 @@
From 14c1d0459fb3561e627d3a5f6e91a0d2f7b4aa45 Mon Sep 17 00:00:00 2001
From: Naveen Saini <naveen.kumar.saini@intel.com>
Date: Mon, 15 Mar 2021 14:44:15 +0800
Subject: [PATCH] autogen.sh: exclude .pc from po/POTFILES.in
Exclude the .pc from po/POTFILES.in since quilt uses "patch --backup",
which will create the backup file under .pc, this may cause unexpected
errors, for example, on CentOS 5.x, if the backup file is null
(newfile), it's mode will be 000, then we will get errors when xgettext
try to read it.
Upstream-Status: Inappropriate [OE specific]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com>
---
autogen.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/autogen.sh b/autogen.sh
index 195daa5..773b7b4 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -26,7 +26,7 @@ fi
export LC_COLLATE=C
unset LC_ALL
-find . -iname '*.[ch]' ! -ipath './grub-core/lib/libgcrypt-grub/*' ! -ipath './build-aux/*' ! -ipath './grub-core/lib/libgcrypt/src/misc.c' ! -ipath './grub-core/lib/libgcrypt/src/global.c' ! -ipath './grub-core/lib/libgcrypt/src/secmem.c' ! -ipath './util/grub-gen-widthspec.c' ! -ipath './util/grub-gen-asciih.c' ! -ipath './gnulib/*' ! -ipath './grub-core/lib/gnulib/*' |sort > po/POTFILES.in
+find . -iname '*.[ch]' ! -ipath './grub-core/lib/libgcrypt-grub/*' ! -ipath './build-aux/*' ! -ipath './grub-core/lib/libgcrypt/src/misc.c' ! -ipath './grub-core/lib/libgcrypt/src/global.c' ! -ipath './grub-core/lib/libgcrypt/src/secmem.c' ! -ipath './util/grub-gen-widthspec.c' ! -ipath './util/grub-gen-asciih.c' ! -ipath './gnulib/*' ! -ipath './grub-core/lib/gnulib/*' ! -path './.pc/*' |sort > po/POTFILES.in
find util -iname '*.in' ! -name Makefile.in |sort > po/POTFILES-shell.in
echo "Importing unicode..."

2
sources/poky/meta/recipes-bsp/grub/files/cfg Normal file
View File

@@ -0,0 +1,2 @@
search.file ($cmdpath)/EFI/BOOT/grub.cfg root
set prefix=($root)/EFI/BOOT

60
sources/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch Normal file
View File

@@ -0,0 +1,60 @@
From b316ed326bd492106006d78f5bfcd767b49a4f2e Mon Sep 17 00:00:00 2001
From: Hongxu Jia <hongxu.jia@windriver.com>
Date: Wed, 17 Aug 2016 04:06:34 -0400
Subject: [PATCH] grub module explicitly keeps symbole .module_license
While using oe-core toolchain to strip grub module 'all_video.mod',
it stripped symbol table:
---------------
root@localhost:~# objdump -t all_video.mod
all_video.mod: file format elf64-x86-64
SYMBOL TABLE:
no symbols
--------------
It caused grub to load module all_video failed.
--------------
grub> insmod all_video
error: no symbol table.
--------------
Tweak strip option to keep symbol .module_license could workaround
the issue.
--------------
root@localhost:~# objdump -t all_video.mod
all_video.mod: file format elf64-x86-64
SYMBOL TABLE:
0000000000000000 l d .text 0000000000000000 .text
0000000000000000 l d .data 0000000000000000 .data
0000000000000000 l d .module_license 0000000000000000 .module_license
0000000000000000 l d .bss 0000000000000000 .bss
0000000000000000 l d .moddeps 0000000000000000 .moddeps
0000000000000000 l d .modname 0000000000000000 .modname
--------------
Upstream-Status: Inappropriate [workaround that needs investigation into @TARGET_STRIP@ behaviour in oe-core vs toolchain used by upstream]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
grub-core/genmod.sh.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/genmod.sh.in b/grub-core/genmod.sh.in
index e57c4d9..42bb1ba 100644
--- a/grub-core/genmod.sh.in
+++ b/grub-core/genmod.sh.in
@@ -56,7 +56,7 @@ if test x@TARGET_APPLE_LINKER@ != x1; then
if test x@platform@ != xemu; then
@TARGET_STRIP@ --strip-unneeded \
-K grub_mod_init -K grub_mod_fini \
- -K _grub_mod_init -K _grub_mod_fini \
+ -K _grub_mod_init -K _grub_mod_fini -K .module_license \
-R .note.gnu.gold-version -R .note.GNU-stack \
-R .gnu.build.attributes \
-R .rel.gnu.build.attributes \

32
sources/poky/meta/recipes-bsp/grub/grub-bootconf_1.00.bb Normal file
View File

@@ -0,0 +1,32 @@
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
SUMMARY = "Basic grub.cfg for use in EFI systems"
DESCRIPTION = "Grub might require different configuration file for \
different machines."
HOMEPAGE = "https://www.gnu.org/software/grub/manual/grub/grub.html#Configuration"
RPROVIDES:${PN} += "virtual-grub-bootconf"
inherit grub-efi-cfg
require conf/image-uefi.conf
S = "${WORKDIR}"
GRUB_CFG = "${S}/grub-bootconf"
LABELS = "boot"
ROOT ?= "root=/dev/sda2"
python do_configure() {
bb.build.exec_func('build_efi_cfg', d)
}
do_configure[vardeps] += "APPEND ROOT"
do_install() {
install -d ${D}${EFI_FILES_PATH}
install grub-bootconf ${D}${EFI_FILES_PATH}/grub.cfg
}
FILES:${PN} = "${EFI_FILES_PATH}/grub.cfg"

105
sources/poky/meta/recipes-bsp/grub/grub-efi_2.12.bb Normal file
View File

@@ -0,0 +1,105 @@
require grub2.inc
require conf/image-uefi.conf
GRUBPLATFORM = "efi"
DEPENDS:append = " grub-native"
RDEPENDS:${PN} = "grub-common virtual-grub-bootconf"
SRC_URI += " \
file://cfg \
"
S = "${WORKDIR}/grub-${PV}"
# Determine the target arch for the grub modules
python __anonymous () {
import re
target = d.getVar('TARGET_ARCH')
prefix = "" if d.getVar('EFI_PROVIDER') == "grub-efi" else "grub-efi-"
if target == "x86_64":
grubtarget = 'x86_64'
elif re.match('i.86', target):
grubtarget = 'i386'
elif re.match('aarch64', target):
grubtarget = 'arm64'
elif re.match('arm', target):
grubtarget = 'arm'
elif re.match('riscv64', target):
grubtarget = 'riscv64'
elif re.match('riscv32', target):
grubtarget = 'riscv32'
else:
raise bb.parse.SkipRecipe("grub-efi is incompatible with target %s" % target)
grubimage = prefix + d.getVar("EFI_BOOT_IMAGE")
d.setVar("GRUB_TARGET", grubtarget)
d.setVar("GRUB_IMAGE", grubimage)
prefix = "grub-efi-" if prefix == "" else ""
d.setVar("GRUB_IMAGE_PREFIX", prefix)
}
inherit deploy
CACHED_CONFIGUREVARS += "ac_cv_path_HELP2MAN="
EXTRA_OECONF += "--enable-efiemu=no"
do_mkimage() {
cd ${B}
GRUB_MKIMAGE_MODULES="${GRUB_BUILDIN}"
# If 'all' is included in GRUB_BUILDIN we will include all available grub2 modules
if [ "${@ bb.utils.contains('GRUB_BUILDIN', 'all', 'True', 'False', d)}" = "True" ]; then
bbdebug 1 "Including all available modules"
# Get the list of all .mod files in grub-core build directory
GRUB_MKIMAGE_MODULES=$(find ${B}/grub-core/ -type f -name "*.mod" -exec basename {} .mod \;)
fi
# Search for the grub.cfg on the local boot media by using the
# built in cfg file provided via this recipe
grub-mkimage -v -c ../cfg -p ${EFIDIR} -d ./grub-core/ \
-O ${GRUB_TARGET}-efi -o ./${GRUB_IMAGE_PREFIX}${GRUB_IMAGE} \
${GRUB_MKIMAGE_MODULES}
}
addtask mkimage before do_install after do_compile
do_install() {
oe_runmake 'DESTDIR=${D}' -C grub-core install
# Remove build host references...
find "${D}" -name modinfo.sh -type f -exec \
sed -i \
-e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
-e 's|${DEBUG_PREFIX_MAP}||g' \
-e 's:${RECIPE_SYSROOT_NATIVE}::g' \
{} +
install -d ${D}${EFI_FILES_PATH}
install -m 644 ${B}/${GRUB_IMAGE_PREFIX}${GRUB_IMAGE} ${D}${EFI_FILES_PATH}/${GRUB_IMAGE}
}
# To include all available modules, add 'all' to GRUB_BUILDIN
GRUB_BUILDIN ?= "boot linux ext2 fat serial part_msdos part_gpt normal \
efi_gop iso9660 configfile search loadenv test"
# 'xen_boot' is a module valid only for aarch64
GRUB_BUILDIN:append:aarch64 = "${@bb.utils.contains('DISTRO_FEATURES', 'xen', ' xen_boot', '', d)}"
do_deploy() {
install -m 644 ${B}/${GRUB_IMAGE_PREFIX}${GRUB_IMAGE} ${DEPLOYDIR}
}
addtask deploy after do_install before do_build
FILES:${PN} = "${libdir}/grub/${GRUB_TARGET}-efi \
${datadir}/grub \
${EFI_FILES_PATH}/${GRUB_IMAGE} \
"
# 64-bit binaries are expected for the bootloader with an x32 userland
INSANE_SKIP:${PN}:append:linux-gnux32 = " arch"
INSANE_SKIP:${PN}-dbg:append:linux-gnux32 = " arch"
INSANE_SKIP:${PN}:append:linux-muslx32 = " arch"
INSANE_SKIP:${PN}-dbg:append:linux-muslx32 = " arch"

108
sources/poky/meta/recipes-bsp/grub/grub2.inc Normal file
View File

@@ -0,0 +1,108 @@
SUMMARY = "GRUB2 is the next-generation GRand Unified Bootloader"
DESCRIPTION = "GRUB2 is the next generaion of a GPLed bootloader \
intended to unify bootloading across x86 operating systems. In \
addition to loading the Linux kernel, it implements the Multiboot \
standard, which allows for flexible loading of multiple boot images."
HOMEPAGE = "http://www.gnu.org/software/grub/"
SECTION = "bootloaders"
LICENSE = "GPL-3.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
CVE_PRODUCT = "grub2"
SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
file://0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch \
file://autogen.sh-exclude-pc.patch \
file://grub-module-explicitly-keeps-symbole-.module_license.patch \
file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \
file://0001-RISC-V-Restore-the-typcast-to-long.patch \
file://0001-misc-Implement-grub_strlcpy.patch \
file://CVE-2024-45781.patch \
file://CVE-2024-45782_CVE-2024-56737.patch \
file://CVE-2024-45780.patch \
file://CVE-2024-45783.patch \
file://CVE-2025-0624.patch \
file://CVE-2024-45774.patch \
file://CVE-2024-45775.patch \
file://CVE-2025-0622-01.patch \
file://CVE-2025-0622-02.patch \
file://CVE-2025-0622-03.patch \
file://CVE-2024-45776.patch \
file://CVE-2024-45777.patch \
file://CVE-2025-0690.patch \
file://CVE-2025-1118.patch \
file://CVE-2024-45778_CVE-2024-45779.patch \
file://CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch \
file://CVE-2025-0678_CVE-2025-1125.patch \
"
SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91"
CVE_STATUS[CVE-2019-14865] = "not-applicable-platform: applies only to RHEL"
CVE_STATUS[CVE-2023-4001] = "not-applicable-platform: Applies only to RHEL/Fedora"
CVE_STATUS[CVE-2024-1048] = "not-applicable-platform: Applies only to RHEL/Fedora"
DEPENDS = "flex-native bison-native gettext-native"
GRUB_COMPATIBLE_HOST = '(x86_64.*|i.86.*|arm.*|aarch64.*|riscv.*)-(linux.*|freebsd.*)'
COMPATIBLE_HOST = "${GRUB_COMPATIBLE_HOST}"
# Grub doesn't support hard float toolchain and won't be able to forcefully
# disable it on some of the target CPUs. See 'configure.ac' for
# supported/unsupported CPUs in hardfp.
COMPATIBLE_HOST:armv7a = "${@'null' if bb.utils.contains('TUNE_CCARGS_MFLOAT', 'hard', True, False, d) else d.getVar('GRUB_COMPATIBLE_HOST')}"
COMPATIBLE_HOST:armv7ve = "${@'null' if bb.utils.contains('TUNE_CCARGS_MFLOAT', 'hard', True, False, d) else d.getVar('GRUB_COMPATIBLE_HOST')}"
# configure.ac has code to set this automagically from the target tuple
# but the OE freeform one (core2-foo-bar-linux) don't work with that.
GRUBPLATFORM:arm = "efi"
GRUBPLATFORM:aarch64 = "efi"
GRUBPLATFORM:riscv32 = "efi"
GRUBPLATFORM:riscv64 = "efi"
GRUBPLATFORM ??= "pc"
inherit autotools gettext texinfo pkgconfig
CFLAGS:remove = "-O2"
# It doesn't support sse, its make.defaults sets:
# CFLAGS += -mno-mmx -mno-sse
# So also remove -mfpmath=sse from TUNE_CCARGS
TUNE_CCARGS:remove = "-mfpmath=sse"
EXTRA_OECONF = "--with-platform=${GRUBPLATFORM} \
--disable-grub-mkfont \
--program-prefix="" \
--enable-liblzma=no \
--enable-libzfs=no \
--enable-largefile \
--disable-werror \
"
PACKAGECONFIG ??= ""
PACKAGECONFIG[grub-mount] = "--enable-grub-mount,--disable-grub-mount,fuse"
PACKAGECONFIG[device-mapper] = "--enable-device-mapper,--disable-device-mapper,libdevmapper"
# grub2 creates its own set of -nostdinc / -isystem / -ffreestanding CFLAGS and
# OE's default BUILD_CFLAGS (assigned to CFLAGS for native builds) etc, conflict
# with that. Note that since BUILD_CFLAGS etc are not used by grub2 target
# builds, it's safe to clear them unconditionally for both target and native.
BUILD_CPPFLAGS = ""
BUILD_CFLAGS = ""
BUILD_CXXFLAGS = ""
BUILD_LDFLAGS = ""
export PYTHON = "python3"
do_configure:prepend() {
cd ${S}
# Remove in next version.
# See: https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b835601c7639ed1890f2d3db91900a8506011a8e
echo "depends bli part_gpt" > ${S}/grub-core/extra_deps.lst
FROM_BOOTSTRAP=1 ${S}/autogen.sh
cd ${B}
}

41
sources/poky/meta/recipes-bsp/grub/grub_2.12.bb Normal file
View File

@@ -0,0 +1,41 @@
require grub2.inc
RDEPENDS:${PN}-common += "${PN}-editenv"
RDEPENDS:${PN} += "${PN}-common"
RDEPENDS:${PN}:class-native = ""
RPROVIDES:${PN}-editenv += "${PN}-efi-editenv"
PROVIDES:append:class-native = " grub-efi-native"
PACKAGES =+ "${PN}-editenv ${PN}-common"
FILES:${PN}-editenv = "${bindir}/grub-editenv"
FILES:${PN}-common = " \
${bindir} \
${sysconfdir} \
${sbindir} \
${datadir}/grub \
"
ALLOW_EMPTY:${PN} = "1"
do_install:append () {
# Avoid conflicts with the EFI package for systems such as arm64 where we
# need to build grub and grub-efi but only EFI is supported by removing EFI
# from this package.
rm -rf ${D}${libdir}/grub/*-efi/
rmdir --ignore-fail-on-non-empty ${D}${libdir}/grub ${D}${libdir}
install -d ${D}${sysconfdir}/grub.d
# Remove build host references...
find "${D}" -name modinfo.sh -type f -exec \
sed -i \
-e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
-e 's|${DEBUG_PREFIX_MAP}||g' \
-e 's:${RECIPE_SYSROOT_NATIVE}::g' \
{} +
}
INSANE_SKIP:${PN} = "arch"
INSANE_SKIP:${PN}-dbg = "arch"
BBCLASSEXTEND = "native nativesdk"

19
sources/poky/meta/recipes-bsp/keymaps/files/keymap.sh Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/sh
#
# load keymap, if existing
#
# SPDX-License-Identifier: GPL-2.0-only
#
KERNEL_MAJMIN=`uname -r | cut -d '.' -f 1,2`
if [ -e /etc/keymap-$KERNEL_MAJMIN.map ]; then
loadkeys /etc/keymap-$KERNEL_MAJMIN.map
fi
if ( ls "/etc" | grep -q "keymap-extension-${KERNEL_MAJMIN}" )
then
for extension in `ls -1 /etc/keymap-extension-$KERNEL_MAJMIN*`
do
loadkeys "$extension"
done
fi

48
sources/poky/meta/recipes-bsp/keymaps/keymaps_1.0.bb Normal file
View File

@@ -0,0 +1,48 @@
SUMMARY = "Keyboard maps"
DESCRIPTION = "Keymaps and initscript to set the keymap on bootup."
SECTION = "base"
RDEPENDS:${PN} = "kbd"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://keymap.sh;beginline=5;endline=5;md5=829e563511c9a1d6d41f17a7a4989d6a"
PACKAGE_ARCH = "${MACHINE_ARCH}"
INHIBIT_DEFAULT_DEPS = "1"
# As the recipe doesn't inherit systemd.bbclass, we need to set this variable
# manually to avoid unnecessary postinst/preinst generated.
python __anonymous() {
if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d):
d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1")
}
inherit update-rc.d
SRC_URI = "file://keymap.sh"
INITSCRIPT_NAME = "keymap.sh"
INITSCRIPT_PARAMS = "start 01 S ."
S = "${WORKDIR}"
do_install () {
# Only install the script if 'sysvinit' is in DISTRO_FEATURES
# THe ulitity this script provides could be achieved by systemd-vconsole-setup.service
if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then
install -d ${D}${sysconfdir}/init.d/
install -m 0755 ${WORKDIR}/keymap.sh ${D}${sysconfdir}/init.d/
fi
}
PACKAGE_WRITE_DEPS:append = " ${@bb.utils.contains('DISTRO_FEATURES','systemd sysvinit','systemd-systemctl-native','',d)}"
pkg_postinst:${PN} () {
if ${@bb.utils.contains('DISTRO_FEATURES','systemd sysvinit','true','false',d)}; then
if [ -n "$D" ]; then
OPTS="--root=$D"
fi
systemctl $OPTS mask keymap.service
fi
}
ALLOW_EMPTY:${PN} = "1"

68
sources/poky/meta/recipes-bsp/libacpi/files/0001-libacpi-Fix-build-witth-fno-commom.patch Normal file
View File

@@ -0,0 +1,68 @@
From 9839c169f513e65fc711646257b3e8588cce623c Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 5 Aug 2020 12:06:01 -0700
Subject: [PATCH] libacpi: Fix build witth -fno-commom
Upstream-Status: Inactive-Upstream [last release before 2008, no vcs]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
libacpi.c | 16 ++++++++++++++++
libacpi.h | 6 +++---
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/libacpi.c b/libacpi.c
index 4e34725..9344ea4 100644
--- a/libacpi.c
+++ b/libacpi.c
@@ -14,6 +14,22 @@
#include "libacpi.h"
#include "list.h"
+/**
+ * Array for existing batteries, loop until
+ * globals->battery_count
+ */
+battery_t batteries[MAX_ITEMS];
+/**
+ * Array for existing thermal zones, loop until
+ * globals->thermal_count
+ */
+thermal_t thermals[MAX_ITEMS];
+/**
+ * Array for existing fans, loop until
+ * globals->fan_count
+ */
+fan_t fans[MAX_ITEMS];
+
static int read_acpi_battinfo(const int num);
static int read_acpi_battalarm(const int num);
static int read_acpi_battstate(const int num);
diff --git a/libacpi.h b/libacpi.h
index 9334b79..5242d3d 100644
--- a/libacpi.h
+++ b/libacpi.h
@@ -183,17 +183,17 @@ typedef struct {
* Array for existing batteries, loop until
* globals->battery_count
*/
-battery_t batteries[MAX_ITEMS];
+extern battery_t batteries[MAX_ITEMS];
/**
* Array for existing thermal zones, loop until
* globals->thermal_count
*/
-thermal_t thermals[MAX_ITEMS];
+extern thermal_t thermals[MAX_ITEMS];
/**
* Array for existing fans, loop until
* globals->fan_count
*/
-fan_t fans[MAX_ITEMS];
+extern fan_t fans[MAX_ITEMS];
/**
* Finds existing batteries and fills the
* corresponding batteries structures with the paths
--
2.28.0

40
sources/poky/meta/recipes-bsp/libacpi/files/ldflags.patch Normal file
View File

@@ -0,0 +1,40 @@
libacpi: Remove QA warning: No GNU_HASH in the elf binary
Upstream-Status: Inactive-Upstream [last release before 2008, no vcs]
Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
---
Makefile | 3 ++-
config.mk | 1 +
2 files changed, 3 insertions(+), 1 deletion(-)
--- libacpi-0.2.orig/Makefile
+++ libacpi-0.2/Makefile
@@ -19,6 +19,7 @@ options:
@echo "CFLAGS = ${CFLAGS}"
@echo "CC = ${CC}"
@echo "SOFLAGS = ${SOFLAGS}"
+ @echo "LDFLAGS = ${LDFLAGS}"
@echo "LD = ${LD}"
.c.o:
@@ -34,7 +35,7 @@ libacpi.a: ${OBJ}
libacpi.so: ${OBJ}
@echo LD $@
- @${CC} ${SOFLAGS} -o $@.${SOVERSION} ${OBJ}
+ @${CC} ${SOFLAGS} ${LDFLAGS} -o $@.${SOVERSION} ${OBJ}
test-libacpi: ${OBJ_test}
@echo LD $@
--- libacpi-0.2.orig/config.mk
+++ libacpi-0.2/config.mk
@@ -10,6 +10,7 @@ MANPREFIX = ${PREFIX}/share/man
SOFLAGS = -shared -Wl,-soname,${SONAME}
CFLAGS += -fPIC -g --pedantic -Wall -Wextra
ARFLAGS = cr
+LDFLAGS =
# Compiler and linker
CC = cc

37
sources/poky/meta/recipes-bsp/libacpi/files/libacpi_fix_for_x32.patch Normal file
View File

@@ -0,0 +1,37 @@
Upstream-Status: Inactive-Upstream [last release before 2008, no vcs]
Fix libacpi for x32
libacpi doesn't use base_libdir for install. This patch adds
libdir support so that x32 libraries are installed properly.
Patch Received from: H.J. Lu <hjl.tools@gmail.com>
Updated by: Ricardo Salveti <ricardo@opensourcefoundries.com> 2018/02/03
Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/05
Index: libacpi-0.2/Makefile
===================================================================
--- libacpi-0.2.orig/Makefile
+++ libacpi-0.2/Makefile
@@ -42,13 +42,13 @@ install: all
@mkdir -p ${DESTDIR}${PREFIX}/include
@cp -f libacpi.h ${DESTDIR}${PREFIX}/include
@chmod 644 ${DESTDIR}${PREFIX}/include/libacpi.h
- @echo installing library to ${DESTDIR}${PREFIX}/lib
- @mkdir -p ${DESTDIR}${PREFIX}/lib
- @cp -f libacpi.a ${DESTDIR}${PREFIX}/lib
- @chmod 644 ${DESTDIR}${PREFIX}/lib/libacpi.a
- @cp -f ${SONAME} ${DESTDIR}${PREFIX}/lib/
- @chmod 644 ${DESTDIR}${PREFIX}/lib/${SONAME}
- @ln -s ${SONAME} ${DESTDIR}${PREFIX}/lib/libacpi.so
+ @echo installing library to ${DESTDIR}${LIBDIR}
+ @mkdir -p ${DESTDIR}${LIBDIR}
+ @cp -f libacpi.a ${DESTDIR}${LIBDIR}
+ @chmod 644 ${DESTDIR}${LIBDIR}/libacpi.a
+ @cp -f ${SONAME} ${DESTDIR}${LIBDIR}/
+ @chmod 644 ${DESTDIR}${LIBDIR}/${SONAME}
+ @ln -s ${SONAME} ${DESTDIR}${LIBDIR}/libacpi.so
@echo installing test-libacpi to ${DESTDIR}${PREFIX}/bin
@mkdir -p ${DESTDIR}${PREFIX}/bin
@cp -f test-libacpi ${DESTDIR}${PREFIX}/bin

47
sources/poky/meta/recipes-bsp/libacpi/files/makefile-fix.patch Normal file
View File

@@ -0,0 +1,47 @@
Upstream-Status: Inactive-Upstream [last release before 2008, no vcs]
---
Makefile | 6 +++---
config.mk | 3 ++-
2 files changed, 5 insertions(+), 4 deletions(-)
Index: libacpi-0.2/Makefile
===================================================================
--- libacpi-0.2.orig/Makefile 2007-07-29 14:09:34.000000000 +0200
+++ libacpi-0.2/Makefile 2008-09-26 10:34:53.000000000 +0200
@@ -25,16 +25,16 @@ ${OBJ}: config.mk libacpi.h
libacpi.a: ${OBJ}
@echo AR $@
- @${AR} $@ ${OBJ}
+ ${AR} ${ARFLAGS} $@ ${OBJ}
@${RANLIB} $@
libacpi.so: ${OBJ}
@echo LD $@
- @${LD} ${SOFLAGS} -o $@.${SOVERSION} ${OBJ}
+ @${CC} ${SOFLAGS} -o $@.${SOVERSION} ${OBJ}
test-libacpi: ${OBJ_test}
@echo LD $@
- @${LD} -o $@ ${OBJ_test} ${LDFLAGS}
+ @${CC} -o $@ ${OBJ_test} ${LDFLAGS}
@strip $@
install: all
Index: libacpi-0.2/config.mk
===================================================================
--- libacpi-0.2.orig/config.mk 2007-07-29 14:09:34.000000000 +0200
+++ libacpi-0.2/config.mk 2008-09-26 10:34:33.000000000 +0200
@@ -9,9 +9,10 @@ MANPREFIX = ${PREFIX}/share/man
# flags
SOFLAGS = -shared -Wl,-soname,${SONAME}
CFLAGS += -fPIC -g --pedantic -Wall -Wextra
+ARFLAGS = cr
# Compiler and linker
CC = cc
LD = ${CC}
-AR = ar cr
+AR = ar
RANLIB = ranlib

23
sources/poky/meta/recipes-bsp/libacpi/files/use_correct_strip_in_cross_environment.patch Normal file
View File

@@ -0,0 +1,23 @@
Upstream-Status: Inactive-Upstream [last release before 2008, no vcs]
Used the cross strip instead of host strip to avoid this build error:
| strip: Unable to recognise the format of the input file `test-libacpi'
| make: *** [test-libacpi] Error 1
| ERROR: oe_runmake failed
Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/07
Index: libacpi-0.2/Makefile
===================================================================
--- libacpi-0.2.orig/Makefile
+++ libacpi-0.2/Makefile
@@ -39,7 +39,7 @@ libacpi.so: ${OBJ}
test-libacpi: ${OBJ_test}
@echo LD $@
@${CC} -o $@ ${OBJ_test} ${LDFLAGS}
- @strip $@
+ @${STRIP} $@
install: all
@echo installing header to ${DESTDIR}${PREFIX}/include

33
sources/poky/meta/recipes-bsp/libacpi/libacpi_0.2.bb Normal file
View File

@@ -0,0 +1,33 @@
SUMMARY = "ACPI data gathering library"
DESCRIPTION = "General purpose shared library for programs gathering ACPI data on Linux. \
Thermal zones, battery infomration, fan information and AC states are implemented."
SECTION = "base"
HOMEPAGE = "http://www.ngolde.de/libacpi.html"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=fec17f82f16630adf2dfb7d2a46f21c5"
SRC_URI = "http://www.ngolde.de/download/libacpi-${PV}.tar.gz \
file://makefile-fix.patch \
file://libacpi_fix_for_x32.patch \
file://use_correct_strip_in_cross_environment.patch \
file://ldflags.patch \
file://0001-libacpi-Fix-build-witth-fno-commom.patch \
"
SRC_URI[md5sum] = "05b53dd7bead66dda35fec502b91066c"
SRC_URI[sha256sum] = "13086e31d428b9c125954d48ac497b754bbbce2ef34ea29ecd903e82e25bad29"
UPSTREAM_CHECK_URI = "http://www.ngolde.de/libacpi.html"
inherit lib_package
COMPATIBLE_HOST = '(x86_64|i.86|aarch64).*-(linux|freebsd.*)'
CFLAGS += "-fPIC"
EXTRA_OEMAKE = '-e MAKEFLAGS= STRIP="echo"'
TARGET_CC_ARCH += "${LDFLAGS}"
do_install() {
oe_runmake install DESTDIR=${D} PREFIX=${exec_prefix} LIBDIR=${libdir}
}

36
sources/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/0001-Fix-cross-compilation-using-autoconf-detected-AR.patch Normal file
View File

@@ -0,0 +1,36 @@
From ecdcf0df6c28c65ca6d1e5638726e13e373c76c5 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 11 Nov 2020 22:58:55 -0800
Subject: [PATCH] Fix cross compilation using autoconf detected AR
currently its using 'ar' program from build host, which is not expected,
we need to respect AR passed in environment
Upstream-Status: Inappropriate [upstream hasn't been active since 1998]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
configure.in | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/configure.in b/configure.in
index 4ddbe8b..b7c3c31 100644
--- a/configure.in
+++ b/configure.in
@@ -84,6 +84,13 @@ AC_ARG_ENABLE(syslog,
])
dnl Checks for programs.
+m4_ifndef([AC_PROG_AR],[dnl
+ AN_MAKEVAR([AR], [AC_PROG_AR])
+ AN_PROGRAM([ar], [AC_PROG_AR])
+ AC_DEFUN([AC_PROG_AR],
+ [AC_CHECK_TOOL(AR, ar, :)])
+])
+AC_PROG_AR
AC_PROG_CC
AC_PROG_GCC_TRADITIONAL
dnl AC_PROG_INSTALL included in AM_INIT_AUTOMAKE
--
2.29.2

5749
sources/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/autotools-update.patch Normal file
View File

File diff suppressed because it is too large Load Diff

39
sources/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/autotools.patch Normal file
View File

@@ -0,0 +1,39 @@
Upstream-Status: Inappropriate [configuration]
--- lrzsz-0.12.20/acinclude.m4~autotools 1998-12-27 17:08:59.000000000 -0500
+++ lrzsz-0.12.20/acinclude.m4 2004-05-09 22:26:19.000000000 -0400
@@ -1,12 +1,11 @@
dnl AC_REPLACE_GNU_GETOPT
-AC_DEFUN(AC_REPLACE_GNU_GETOPT,
-[AC_CHECK_FUNC(getopt_long, , [LIBOBJS="$LIBOBJS getopt1.o getopt.o"])
-AC_SUBST(LIBOBJS)dnl
-])
+AC_DEFUN([AC_REPLACE_GNU_GETOPT],
+[AC_CHECK_FUNC(getopt_long, , [AC_LIBOBJ([getopt1])
+AC_LIBOBJ([getopt])dnl])])
dnl
dnl taken from taylor uucp
-AC_DEFUN(LRZSZ_ERRNO_DECL,[
+AC_DEFUN([LRZSZ_ERRNO_DECL],[
AC_MSG_CHECKING(for errno declaration)
AC_CACHE_VAL(lrzsz_cv_decl_errno,
[AC_TRY_COMPILE([#include <errno.h>], [int i = errno; errno = 1;],
@@ -23,7 +21,7 @@
])
dnl LRZSZ_TYPE_SPEED_T
-AC_DEFUN(LRZSZ_TYPE_SPEED_T,[
+AC_DEFUN([LRZSZ_TYPE_SPEED_T],[
AC_REQUIRE([AC_HEADER_STDC])dnl
AC_REQUIRE([LRZSZ_HEADERS_TERM_IO])dnl
AC_MSG_CHECKING(for speed_t)
@@ -61,7 +59,7 @@
fi
])
-AC_DEFUN(lrzsz_HEADER_SYS_SELECT,
+AC_DEFUN([lrzsz_HEADER_SYS_SELECT],
[AC_CACHE_CHECK([whether sys/time.h and sys/select.h may both be included],
lrzsz_cv_header_sys_select,
[AC_TRY_COMPILE([#include <sys/types.h>

28
sources/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/cve-2018-10195.patch Normal file
View File

@@ -0,0 +1,28 @@
Integer overflow in src/zm.c:zsdata() causes crash in sz and can leak information to receiver.
Patch taken from Fedora.
CVE: CVE-2018-10195
Upstream-Status: Inappropriate (dead upstream)
Signed-off-by: Ross Burton <ross.burton@intel.com>
diff -urN lrzsz-0.12.20/src/zm.c lrzsz-0.12.20.new/src/zm.c
--- lrzsz-0.12.20/src/zm.c Tue Dec 29 09:48:38 1998
+++ lrzsz-0.12.20.new/src/zm.c Tue Oct 8 12:46:58 2002
@@ -431,10 +431,12 @@
VPRINTF(3,("zsdata: %lu %s", (unsigned long) length,
Zendnames[(frameend-ZCRCE)&3]));
crc = 0;
- do {
- zsendline(*buf); crc = updcrc((0377 & *buf), crc);
- buf++;
- } while (--length>0);
+
+ for( ; length; length--) {
+ zsendline(*buf); crc = updcrc((0377 & *buf), crc);
+ buf++;
+ }
+
xsendline(ZDLE); xsendline(frameend);
crc = updcrc(frameend, crc);

25
sources/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/include.patch Normal file
View File

@@ -0,0 +1,25 @@
Implicit declaration compile warning fixes from Debian
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Upstream-Status: Inappropriate [upstream is dead]
--- lrzsz-0.12.21.orig/lib/long-options.c
+++ lrzsz-0.12.21/lib/long-options.c
@@ -22,6 +22,7 @@
#endif
#include <stdio.h>
+#include <stdlib.h>
#include <getopt.h>
#include "long-options.h"
--- lrzsz-0.12.21.orig/src/lsyslog.c
+++ lrzsz-0.12.21/src/lsyslog.c
@@ -22,6 +22,7 @@
#ifdef ENABLE_SYSLOG
#include "zglobal.h"
#include <pwd.h>
+#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#endif

32
sources/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/lrzsz-check-locale.h.patch Normal file
View File

@@ -0,0 +1,32 @@
From 28b473c3c96682a820e292cc1be006e19aee11bc Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Fri, 24 May 2013 01:07:24 -0400
Subject: [PATCH] lrzsz check locale.h
fix the build failure when using -O0 in a debug build:
lrz.c:284:13: error: 'LC_ALL' undeclared (first use in this function)
Upstream-Status: Submitted [uwe@ohse.de]
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
---
configure.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.in b/configure.in
index 6e2064c..c10460c 100644
--- a/configure.in
+++ b/configure.in
@@ -130,7 +130,7 @@ AC_CHECK_HEADERS(fcntl.h limits.h sys/ioctl.h sys/time.h unistd.h sys/times.h)
LRZSZ_HEADERS_TERM_IO
AC_CHECK_HEADERS(termios.h sys/termios.h termio.h sys/termio.h sgtty.h)
AC_CHECK_HEADERS(sys/mman.h utime.h syslog.h sys/syslog.h sys/param.h)
-AC_CHECK_HEADERS(sys/select.h strings.h arpa/inet.h)
+AC_CHECK_HEADERS(sys/select.h strings.h locale.h arpa/inet.h)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_TYPE_SIZE_T
--
1.7.9.5

22
sources/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/makefile.patch Normal file
View File

@@ -0,0 +1,22 @@
Upstream-Status: Inappropriate [configuration]
diff -ruN lrzsz-0.12.20_org/src/Makefile.in lrzsz-0.12.20_patch/src/Makefile.in
--- lrzsz-0.12.20_org/src/Makefile.in 1998-12-30 17:31:46.000000000 +0100
+++ lrzsz-0.12.20_patch/src/Makefile.in 2004-04-29 13:57:33.434909656 +0200
@@ -372,13 +372,13 @@
rm -f $(DESTDIR)/$(bindir)/`echo lsb | sed -e '$(transform)'`
ln $(DESTDIR)/$(bindir)/`echo lsz |sed -e '$(transform)'` \
$(DESTDIR)/$(bindir)/`echo lsb |sed -e '$(transform)'`
- rm -f $(bindir)/`echo lsx | sed -e '$(transform)'`
+ rm -f $(DESTDIR)/$(bindir)/`echo lsx | sed -e '$(transform)'`
ln $(DESTDIR)/$(bindir)/`echo lsz |sed -e '$(transform)'` \
$(DESTDIR)/$(bindir)/`echo lsx |sed -e '$(transform)'`
- rm -f $(bindir)/`echo lrb | sed -e '$(transform)'`
+ rm -f $(DESTDIR)/$(bindir)/`echo lrb | sed -e '$(transform)'`
ln $(DESTDIR)/$(bindir)/`echo lrz |sed -e '$(transform)'` \
$(DESTDIR)/$(bindir)/`echo lrb |sed -e '$(transform)'`
- rm -f $(bindir)/`echo lrx | sed -e '$(transform)'`
+ rm -f $(DESTDIR)/$(bindir)/`echo lrx | sed -e '$(transform)'`
ln $(DESTDIR)/$(bindir)/`echo lrz |sed -e '$(transform)'` \
$(DESTDIR)/$(bindir)/`echo lrx |sed -e '$(transform)'`
# rm -f $(bindir)/`echo lrzszbug | sed -e '$(transform)'`

54
sources/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb Normal file
View File

@@ -0,0 +1,54 @@
SUMMARY = "Tools for zmodem/xmodem/ymodem file transfer"
DESCRIPTION = "Lrzsz is a cosmetically modified zmodem/ymodem/xmodem package built from \
the public-domain version of Chuck Forsberg's rzsz package. \
These programs use error correcting protocols ({z,x,y}modem) to send (sz, sx, sb) and \
receive (rz, rx, rb) files over a dial-in serial port from a variety of programs \
running under various operating systems. "
HOMEPAGE = "http://www.ohse.de/uwe/software/lrzsz.html"
LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3 \
file://src/lrz.c;beginline=1;endline=10;md5=5276956373ff7d8758837f6399a1045f"
SECTION = "console/network"
DEPENDS = ""
SRC_URI = "http://www.ohse.de/uwe/releases/lrzsz-${PV}.tar.gz \
file://autotools-update.patch \
file://autotools.patch \
file://makefile.patch \
file://lrzsz-check-locale.h.patch \
file://cve-2018-10195.patch \
file://include.patch \
file://0001-Fix-cross-compilation-using-autoconf-detected-AR.patch \
"
SRC_URI[md5sum] = "b5ce6a74abc9b9eb2af94dffdfd372a4"
SRC_URI[sha256sum] = "c28b36b14bddb014d9e9c97c52459852f97bd405f89113f30bee45ed92728ff1"
UPSTREAM_CHECK_URI = "http://ohse.de/uwe/software/lrzsz.html"
inherit autotools gettext
do_install() {
install -d ${D}${bindir}/
install -m 0755 src/lrz src/lsz ${D}${bindir}/
}
inherit update-alternatives
ALTERNATIVE_PRIORITY = "100"
ALTERNATIVE:${PN} = "rz rx rb sz sx sb"
ALTERNATIVE_TARGET[rz] = "${bindir}/lrz"
ALTERNATIVE_TARGET[rx] = "${bindir}/lrz"
ALTERNATIVE_TARGET[rb] = "${bindir}/lrz"
ALTERNATIVE_TARGET[sz] = "${bindir}/lsz"
ALTERNATIVE_TARGET[sx] = "${bindir}/lsz"
ALTERNATIVE_TARGET[sb] = "${bindir}/lsz"
# http://errors.yoctoproject.org/Errors/Details/766929/
# lrzsz-0.12.20/src/tcp.c:75:56: error: passing argument 3 of 'getsockname' from incompatible pointer type [-Wincompatible-pointer-types]
# lrzsz-0.12.20/src/tcp.c:83:52: error: passing argument 3 of 'getsockname' from incompatible pointer type [-Wincompatible-pointer-types]
# lrzsz-0.12.20/src/tcp.c:103:51: error: passing argument 3 of 'accept' from incompatible pointer type [-Wincompatible-pointer-types]
CFLAGS += "-Wno-error=incompatible-pointer-types"

38
sources/poky/meta/recipes-bsp/opensbi/opensbi-payloads.inc Normal file
View File

@@ -0,0 +1,38 @@
def riscv_get_extra_oemake_image(d):
sbi_payload = d.getVar('RISCV_SBI_PAYLOAD')
if sbi_payload is None:
return ""
deploy_dir = d.getVar('DEPLOY_DIR_IMAGE')
return "FW_PAYLOAD_PATH=" + deploy_dir + "/" + sbi_payload
def riscv_get_extra_oemake_fdt(d):
if d.getVar('RISCV_SBI_PAYLOAD') is None:
return ""
sbi_fdt = d.getVar('RISCV_SBI_FDT')
deploy_dir = d.getVar('DEPLOY_DIR_IMAGE')
if sbi_fdt is None:
return ""
return "FW_FDT_PATH=" + deploy_dir + "/" + sbi_fdt
def riscv_get_do_compile_depends(d):
sbi_payload = d.getVar('RISCV_SBI_PAYLOAD') or ""
if sbi_payload == "":
return ""
sbi_fdt = d.getVar('RISCV_SBI_FDT') or ""
if sbi_fdt != "" and 'u-boot.bin' in sbi_payload:
return "virtual/kernel:do_deploy virtual/bootloader:do_deploy"
if 'linux' in sbi_payload or 'Image' in sbi_payload:
return "virtual/kernel:do_deploy"
if 'u-boot.bin' in sbi_payload:
return "virtual/bootloader:do_deploy"
if sbi_fdt != "":
return "virtual/kernel:do_deploy"
return ""

47
sources/poky/meta/recipes-bsp/opensbi/opensbi_1.4.bb Normal file
View File

@@ -0,0 +1,47 @@
SUMMARY = "RISC-V Open Source Supervisor Binary Interface (OpenSBI)"
DESCRIPTION = "OpenSBI aims to provide an open-source and extensible implementation of the RISC-V SBI specification for a platform specific firmware (M-mode) and a general purpose OS, hypervisor or bootloader (S-mode or HS-mode). OpenSBI implementation can be easily extended by RISC-V platform or System-on-Chip vendors to fit a particular hadware configuration."
HOMEPAGE = "https://github.com/riscv/opensbi"
LICENSE = "BSD-2-Clause"
LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=42dd9555eb177f35150cf9aa240b61e5"
require opensbi-payloads.inc
inherit autotools-brokensep deploy
SRCREV = "a2b255b88918715173942f2c5e1f97ac9e90c877"
SRC_URI = "git://github.com/riscv/opensbi.git;branch=master;protocol=https"
S = "${WORKDIR}/git"
TARGET_CC_ARCH += "${LDFLAGS}"
EXTRA_OEMAKE += "PLATFORM=${RISCV_SBI_PLAT} I=${D} FW_PIC=y CLANG_TARGET= "
# If RISCV_SBI_PAYLOAD is set then include it as a payload
EXTRA_OEMAKE:append = " ${@riscv_get_extra_oemake_image(d)}"
EXTRA_OEMAKE:append = " ${@riscv_get_extra_oemake_fdt(d)}"
# Required if specifying a custom payload
do_compile[depends] += "${@riscv_get_do_compile_depends(d)}"
do_install:append() {
# In the future these might be required as a dependency for other packages.
# At the moment just delete them to avoid warnings
rm -r ${D}/include
rm -r ${D}/lib*
rm -r ${D}/share/opensbi/*/${RISCV_SBI_PLAT}/firmware/payloads
}
do_deploy () {
install -m 755 ${D}/share/opensbi/*/${RISCV_SBI_PLAT}/firmware/fw_payload.* ${DEPLOYDIR}/
install -m 755 ${D}/share/opensbi/*/${RISCV_SBI_PLAT}/firmware/fw_jump.* ${DEPLOYDIR}/
install -m 755 ${D}/share/opensbi/*/${RISCV_SBI_PLAT}/firmware/fw_dynamic.* ${DEPLOYDIR}/
}
addtask deploy before do_build after do_install
FILES:${PN} += "/share/opensbi/*/${RISCV_SBI_PLAT}/firmware/fw_jump.*"
FILES:${PN} += "/share/opensbi/*/${RISCV_SBI_PLAT}/firmware/fw_payload.*"
FILES:${PN} += "/share/opensbi/*/${RISCV_SBI_PLAT}/firmware/fw_dynamic.*"
COMPATIBLE_HOST = "(riscv64|riscv32).*"
INHIBIT_PACKAGE_STRIP = "1"

90
sources/poky/meta/recipes-bsp/pciutils/pciutils/configure.patch Normal file
View File

@@ -0,0 +1,90 @@
From 561216c8cbc280aaa9aecf30cb11835a4a0a78ed Mon Sep 17 00:00:00 2001
From: Richard Purdie <rpurdie@linux.intel.com>
Date: Wed, 31 Dec 2008 17:20:38 +0000
Subject: [PATCH] pciutils: Upgarde 2.2.4 -> 3.0.3
This patch:
* ensures we link correctly
* allows us to optionally pass target information to configure rather than using uname
* select linux as the platform in most cases we care about
This is a merge of various tweaks to allow us to build pciutils including
work from:
7/30/2010 - Qing He <qing.he@intel.com>
1/22/2012 - Shane Wang <shane.wang@intel.com>
Ionut Radu <ionutx.radu@intel.com>
2017/6/15 - RP - Cleanups and merging patches
Upstream-Status: Inappropriate [embedded specific]
---
Makefile | 2 +-
lib/configure | 14 ++++++++++----
2 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/Makefile b/Makefile
index aaec04e..9c1dab0 100644
--- a/Makefile
+++ b/Makefile
@@ -123,7 +123,7 @@ pcilmr$(EXEEXT): pcilmr.o $(LMROBJS) $(COMMON) lib/$(PCIIMPLIB)
pcilmr.o: pcilmr.c $(LMRINC)
%$(EXEEXT): %.o
- $(CC) $(LDFLAGS) $(TARGET_ARCH) $^ $(LDLIBS) -o $@
+ $(CC) $(LDFLAGS) $(TARGET_ARCH) $^ $(LIB_LDLIBS) $(LDLIBS) -o $@
ifdef PCI_OS_WINDOWS
comma := ,
diff --git a/lib/configure b/lib/configure
index 3df057a..c87e71c 100755
--- a/lib/configure
+++ b/lib/configure
@@ -9,6 +9,10 @@ echo_n() {
printf '%s' "$*"
}
+VERSION=$1
+IDSDIR=$2
+DNS=yes
+
if [ -z "$VERSION" ] ; then
echo >&2 "Please run the configure script from the top-level Makefile"
exit 1
@@ -16,8 +20,8 @@ fi
echo_n "Configuring libpci for your system..."
if [ -z "$HOST" ] ; then
- sys=`uname -s`
- rel=`uname -r`
+ sys=${3:-`uname -s`}
+ rel=
realsys="$sys"
if [ "$sys" = "AIX" -a -x /usr/bin/oslevel -a -x /usr/sbin/lsattr ]
then
@@ -25,7 +29,7 @@ if [ -z "$HOST" ] ; then
proc=`/usr/sbin/lsdev -C -c processor -S available -F name | head -1`
cpu=`/usr/sbin/lsattr -F value -l $proc -a type | sed 's/_.*//'`
else
- cpu=`uname -m | sed 's/^i.86-AT386/i386/;s/^i.86$/i386/;s/^sun4u$/sparc64/;s/^i86pc$/i386/;s/^BePC$/i386/;s/^BeMac$/powerpc/;s/^BeBox$/powerpc/'`
+ cpu=${4:-`uname -m | sed 's/^i.86-AT386/i386/;s/^i.86$/i386/;s/^sun4u$/sparc64/;s/^i86pc$/i386/;s/^BePC$/i386/;s/^BeMac$/powerpc/;s/^BeBox$/powerpc/'`}
fi
if [ "$sys" = "DragonFly" ]
then
@@ -43,7 +47,7 @@ if [ -z "$HOST" ] ; then
then
sys=cygwin
fi
- HOST=${3:-$cpu-$sys}
+ HOST=$cpu-$sys
fi
[ -n "$RELEASE" ] && rel="${RELEASE}"
# CAVEAT: tr on Solaris is a bit weird and the extra [] is otherwise harmless.
@@ -52,6 +56,8 @@ cpu=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
sys=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
echo " $host $rel $cpu $sys"
+{ echo "$host" | grep linux; } && sys=linux
+
c=config.h
m=config.mk
echo >$c '#define PCI_CONFIG_H'

64
sources/poky/meta/recipes-bsp/pciutils/pciutils_3.11.1.bb Normal file
View File

@@ -0,0 +1,64 @@
SUMMARY = "PCI utilities"
DESCRIPTION = 'The PCI Utilities package contains a library for portable access \
to PCI bus configuration space and several utilities based on this library.'
HOMEPAGE = "http://atrey.karlin.mff.cuni.cz/~mj/pciutils.shtml"
SECTION = "console/utils"
LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
# Can drop make-native when all systems have make 4.3
# https://git.savannah.gnu.org/cgit/make.git/commit/?id=b90fabc8d6f34fb37d428dc0fb1b8b1951a9fbed
# causes space issues in lib/libpci.pc
DEPENDS = "zlib kmod make-native"
SRC_URI = "${KERNELORG_MIRROR}/software/utils/pciutils/pciutils-${PV}.tar.xz \
file://configure.patch"
SRC_URI[sha256sum] = "3f472ad864473de5ba17f765cc96ef5f33e1b730918d3adda6f945a2a9290df4"
inherit multilib_header pkgconfig update-alternatives
PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'hwdb', '', d)}"
PACKAGECONFIG[hwdb] = "HWDB=yes,HWDB=no,udev"
PCI_CONF_FLAG = "ZLIB=yes DNS=yes SHARED=yes STRIP= LIBDIR=${libdir}"
# see configure.patch
do_configure () {
(
cd lib && \
# PACKAGECONFIG_CONFARGS for this recipe could only possibly contain 'HWDB=yes/no',
# so we put it before ./configure
${PCI_CONF_FLAG} ${PACKAGECONFIG_CONFARGS} ./configure ${PV} ${datadir} ${TARGET_OS} ${TARGET_ARCH}
)
}
export PREFIX = "${prefix}"
export SBINDIR = "${sbindir}"
export SHAREDIR = "${datadir}"
export MANDIR = "${mandir}"
EXTRA_OEMAKE = "-e MAKEFLAGS= ${PCI_CONF_FLAG}"
ASNEEDED = ""
# The configure script breaks if the HOST variable is set
HOST[unexport] = "1"
do_install () {
oe_runmake DESTDIR=${D} install install-lib
install -d ${D}${bindir}
oe_multilib_header pci/config.h
}
PACKAGES =+ "${PN}-ids libpci"
FILES:${PN}-ids = "${datadir}/pci.ids*"
FILES:libpci = "${libdir}/libpci.so.*"
SUMMARY:${PN}-ids = "PCI utilities - device ID database"
DESCRIPTION:${PN}-ids = "Package providing the PCI device ID database for pciutils."
RDEPENDS:${PN} += "${PN}-ids"
ALTERNATIVE:${PN} = "lspci"
ALTERNATIVE_PRIORITY = "100"

29
sources/poky/meta/recipes-bsp/pm-utils/pm-utils_1.4.1.bb Normal file
View File

@@ -0,0 +1,29 @@
SECTION = "base"
SUMMARY = "Utilities and scripts for power management"
DESCRIPTION = "Simple shell command line tools to suspend and hibernate."
HOMEPAGE = "http://pm-utils.freedesktop.org/wiki/"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
file://src/pm-pmu.c;beginline=1;endline=22;md5=3c1ddbc54e735fb4a0386e14c78a3147"
SRC_URI = "http://pm-utils.freedesktop.org/releases/pm-utils-${PV}.tar.gz"
SRC_URI[md5sum] = "1742a556089c36c3a89eb1b957da5a60"
SRC_URI[sha256sum] = "8ed899032866d88b2933a1d34cc75e8ae42dcde20e1cc21836baaae3d4370c0b"
inherit pkgconfig autotools manpages
PACKAGECONFIG[manpages] = "--enable-doc, --disable-doc, libxslt-native xmlto-native"
RDEPENDS:${PN} = "bash"
EXTRA_OECONF = "--libdir=${nonarch_libdir}"
do_configure:prepend () {
( cd ${S}; autoreconf -f -i -s )
}
FILES:${PN} += "${nonarch_libdir}/${BPN}/*"
FILES:${PN}-dbg += "${datadir}/doc/pm-utils/README.debugging"
FILES:${PN}-dev += "${nonarch_libdir}/pkgconfig/pm-utils.pc"

41
sources/poky/meta/recipes-bsp/setserial/setserial/0001-setserial.c-Add-needed-system-headers-for-ioctl-and-.patch Normal file
View File

@@ -0,0 +1,41 @@
From 9bbb342f5d9ad5dc75486fd35ada8e287ba19299 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 15 Aug 2022 13:03:17 -0700
Subject: [PATCH] setserial.c: Add needed system headers for ioctl() and
close() calls
Add int return type for main() function
Fixes
error: type specifier missing, defaults to 'int'; ISO C99 and later do not support implicit int [-Wimplicit-int]
error: call to undeclared function 'close'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declarat
ion]
Upstream-Status: Submitted [https://sourceforge.net/p/setserial/discussion/7060/thread/95d874c12c/]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
setserial.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/setserial.c b/setserial.c
index bfda8fd..6a95513 100644
--- a/setserial.c
+++ b/setserial.c
@@ -16,6 +16,8 @@
#include <termios.h>
#include <string.h>
#include <errno.h>
+#include <unistd.h>
+#include <sys/ioctl.h>
#ifdef HAVE_ASM_IOCTLS_H
#include <asm/ioctls.h>
@@ -715,7 +717,7 @@ fprintf(stderr, "\t* port\t\tset the I/O port\n");
exit(1);
}
-main(int argc, char **argv)
+int main(int argc, char **argv)
{
int get_flag = 0, wild_intr_flag = 0;
int c;

18
sources/poky/meta/recipes-bsp/setserial/setserial/add_stdlib.patch Normal file
View File

@@ -0,0 +1,18 @@
# This patch addes stdlib.h to fix compiler warnings due to the exit
# built-in not being defined and getting an incorrect implicit definition
Upstream-Status: Pending
Created-by: Saul Wold <saul.wold@intel.com>
--- setserial-2.17/setserial.c 2010-09-02 14:11:27.569763088 -0700
+++ setserial-2.17_fixed/setserial.c 2010-09-02 14:11:08.546264139 -0700
@@ -11,6 +11,7 @@
*/
#include <stdio.h>
+#include <stdlib.h>
#include <fcntl.h>
#include <termios.h>
#include <string.h>

24
sources/poky/meta/recipes-bsp/setserial/setserial/ldflags.patch Normal file
View File

@@ -0,0 +1,24 @@
Obey LDFLAGS
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Upstream-Status: Pending
--- setserial-2.17.orig/Makefile.in
+++ setserial-2.17/Makefile.in
@@ -13,6 +13,7 @@ STRIP = @STRIP@
CC = @CC@
RM = rm -f
CFLAGS = @CFLAGS@
+LDFLAGS = @LDFLAGS@
DEFS = @DEFS@
INCS = -I.
TAR = tar
@@ -20,7 +21,7 @@ TAR = tar
all: setserial setserial.cat
setserial: setserial.c
- $(CC) $(CFLAGS) $(DEFS) $(INCS) setserial.c -o setserial
+ $(CC) $(CFLAGS) $(LDFLAGS) $(DEFS) $(INCS) setserial.c -o setserial
setserial.cat: setserial.8
nroff -man setserial.8 > setserial.cat

28
sources/poky/meta/recipes-bsp/setserial/setserial_2.17.bb Normal file
View File

@@ -0,0 +1,28 @@
SUMMARY = "Controls the configuration of serial ports"
DESCRIPTION = "setserial is a program designed to set and/or report the configuration information associated with a serial port"
HOMEPAGE = "http://setserial.sourceforge.net"
SECTION = "console/utils"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://version.h;beginline=1;endline=6;md5=2e7c59cb9e57e356ae81f50f4e4dfd99"
DEPENDS += "groff-native"
inherit autotools-brokensep
SRC_URI = "${SOURCEFORGE_MIRROR}/setserial/${BPN}-${PV}.tar.gz \
file://add_stdlib.patch \
file://ldflags.patch \
file://0001-setserial.c-Add-needed-system-headers-for-ioctl-and-.patch \
"
SRC_URI[md5sum] = "c4867d72c41564318e0107745eb7a0f2"
SRC_URI[sha256sum] = "7e4487d320ac31558563424189435d396ddf77953bb23111a17a3d1487b5794a"
do_install() {
install -d ${D}${bindir}
install -d ${D}${mandir}/man8
install -m 0755 ${S}/setserial ${D}${bindir}
install -m 0644 ${S}/setserial.8 ${D}${mandir}/man8
}

47
sources/poky/meta/recipes-bsp/u-boot/files/CVE-2024-57254.patch Normal file
View File

@@ -0,0 +1,47 @@
From 3f9deb424ecd6ecd50f165b42f0b0290d83853f5 Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Fri, 2 Aug 2024 18:36:45 +0200
Subject: [PATCH 1/8] squashfs: Fix integer overflow in sqfs_inode_size()
A carefully crafted squashfs filesystem can exhibit an extremly large
inode size and overflow the calculation in sqfs_inode_size().
As a consequence, the squashfs driver will read from wrong locations.
Fix by using __builtin_add_overflow() to detect the overflow.
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
CVE: CVE-2024-57254
Upstream-Status: Backport [https://source.denx.de/u-boot/u-boot/-/commit/c8e929e5758999933f9e905049ef2bf3fe6b140d]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
fs/squashfs/sqfs_inode.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/fs/squashfs/sqfs_inode.c b/fs/squashfs/sqfs_inode.c
index d25cfb53..bb3ccd37 100644
--- a/fs/squashfs/sqfs_inode.c
+++ b/fs/squashfs/sqfs_inode.c
@@ -78,11 +78,16 @@ int sqfs_inode_size(struct squashfs_base_inode *inode, u32 blk_size)
case SQFS_SYMLINK_TYPE:
case SQFS_LSYMLINK_TYPE: {
+ int size;
+
struct squashfs_symlink_inode *symlink =
(struct squashfs_symlink_inode *)inode;
- return sizeof(*symlink) +
- get_unaligned_le32(&symlink->symlink_size);
+ if (__builtin_add_overflow(sizeof(*symlink),
+ get_unaligned_le32(&symlink->symlink_size), &size))
+ return -EINVAL;
+
+ return size;
}
case SQFS_BLKDEV_TYPE:
--
2.34.1

53
sources/poky/meta/recipes-bsp/u-boot/files/CVE-2024-57255.patch Normal file
View File

@@ -0,0 +1,53 @@
From 5d7ca74388544bf8c95e104517a9120e94bfe40d Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Fri, 2 Aug 2024 18:36:44 +0200
Subject: [PATCH 2/8] squashfs: Fix integer overflow in sqfs_resolve_symlink()
A carefully crafted squashfs filesystem can exhibit an inode size of 0xffffffff,
as a consequence malloc() will do a zero allocation.
Later in the function the inode size is again used for copying data.
So an attacker can overwrite memory.
Avoid the overflow by using the __builtin_add_overflow() helper.
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
CVE: CVE-2024-57255
Upstream-Status: Backport [https://source.denx.de/u-boot/u-boot/-/commit/233945eba63e24061dffeeaeb7cd6fe985278356]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
fs/squashfs/sqfs.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c
index 1430e671..16a07c06 100644
--- a/fs/squashfs/sqfs.c
+++ b/fs/squashfs/sqfs.c
@@ -422,8 +422,10 @@ static char *sqfs_resolve_symlink(struct squashfs_symlink_inode *sym,
char *resolved, *target;
u32 sz;
- sz = get_unaligned_le32(&sym->symlink_size);
- target = malloc(sz + 1);
+ if (__builtin_add_overflow(get_unaligned_le32(&sym->symlink_size), 1, &sz))
+ return NULL;
+
+ target = malloc(sz);
if (!target)
return NULL;
@@ -431,9 +433,9 @@ static char *sqfs_resolve_symlink(struct squashfs_symlink_inode *sym,
* There is no trailling null byte in the symlink's target path, so a
* copy is made and a '\0' is added at its end.
*/
- target[sz] = '\0';
+ target[sz - 1] = '\0';
/* Get target name (relative path) */
- strncpy(target, sym->symlink, sz);
+ strncpy(target, sym->symlink, sz - 1);
/* Relative -> absolute path conversion */
resolved = sqfs_get_abs_path(base_path, target);
--
2.34.1

51
sources/poky/meta/recipes-bsp/u-boot/files/CVE-2024-57256.patch Normal file
View File

@@ -0,0 +1,51 @@
From 49cab731abe7a98db4ac16666e3b5ab3bc799282 Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Fri, 9 Aug 2024 11:54:28 +0200
Subject: [PATCH 3/8] ext4: Fix integer overflow in ext4fs_read_symlink()
While zalloc() takes a size_t type, adding 1 to the le32 variable
will overflow.
A carefully crafted ext4 filesystem can exhibit an inode size of 0xffffffff
and as consequence zalloc() will do a zero allocation.
Later in the function the inode size is again used for copying data.
So an attacker can overwrite memory.
Avoid the overflow by using the __builtin_add_overflow() helper.
Signed-off-by: Richard Weinberger <richard@nod.at>
CVE: CVE-2024-57256
Upstream-Status: Backport [https://source.denx.de/u-boot/u-boot/-/commit/35f75d2a46e5859138c83a75cd2f4141c5479ab9]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
fs/ext4/ext4_common.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/fs/ext4/ext4_common.c b/fs/ext4/ext4_common.c
index f50de7c0..a7798296 100644
--- a/fs/ext4/ext4_common.c
+++ b/fs/ext4/ext4_common.c
@@ -2188,13 +2188,18 @@ static char *ext4fs_read_symlink(struct ext2fs_node *node)
struct ext2fs_node *diro = node;
int status;
loff_t actread;
+ size_t alloc_size;
if (!diro->inode_read) {
status = ext4fs_read_inode(diro->data, diro->ino, &diro->inode);
if (status == 0)
return NULL;
}
- symlink = zalloc(le32_to_cpu(diro->inode.size) + 1);
+
+ if (__builtin_add_overflow(le32_to_cpu(diro->inode.size), 1, &alloc_size))
+ return NULL;
+
+ symlink = zalloc(alloc_size);
if (!symlink)
return NULL;
--
2.34.1

227
sources/poky/meta/recipes-bsp/u-boot/files/CVE-2024-57257.patch Normal file
View File

@@ -0,0 +1,227 @@
From 4eb527c473068953f90ea65b33046a25140e0a89 Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Fri, 2 Aug 2024 18:36:47 +0200
Subject: [PATCH 4/8] squashfs: Fix stack overflow while symlink resolving
The squashfs driver blindly follows symlinks, and calls sqfs_size()
recursively. So an attacker can create a crafted filesystem and with
a deep enough nesting level a stack overflow can be achieved.
Fix by limiting the nesting level to 8.
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
CVE: CVE-2024-57257
Upstream-Status: Backport [https://source.denx.de/u-boot/u-boot/-/commit/4f5cc096bfd0a591f8a11e86999e3d90a9484c34]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
fs/squashfs/sqfs.c | 76 +++++++++++++++++++++++++++++++++++++---------
1 file changed, 61 insertions(+), 15 deletions(-)
diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c
index 16a07c06..a5b7890e 100644
--- a/fs/squashfs/sqfs.c
+++ b/fs/squashfs/sqfs.c
@@ -24,7 +24,12 @@
#include "sqfs_filesystem.h"
#include "sqfs_utils.h"
+#define MAX_SYMLINK_NEST 8
+
static struct squashfs_ctxt ctxt;
+static int symlinknest;
+
+static int sqfs_readdir_nest(struct fs_dir_stream *fs_dirs, struct fs_dirent **dentp);
static int sqfs_disk_read(__u32 block, __u32 nr_blocks, void *buf)
{
@@ -508,7 +513,7 @@ static int sqfs_search_dir(struct squashfs_dir_stream *dirs, char **token_list,
goto out;
}
- while (!sqfs_readdir(dirsp, &dent)) {
+ while (!sqfs_readdir_nest(dirsp, &dent)) {
ret = strcmp(dent->name, token_list[j]);
if (!ret)
break;
@@ -533,6 +538,11 @@ static int sqfs_search_dir(struct squashfs_dir_stream *dirs, char **token_list,
/* Check for symbolic link and inode type sanity */
if (get_unaligned_le16(&dir->inode_type) == SQFS_SYMLINK_TYPE) {
+ if (++symlinknest == MAX_SYMLINK_NEST) {
+ ret = -ELOOP;
+ goto out;
+ }
+
sym = (struct squashfs_symlink_inode *)table;
/* Get first j + 1 tokens */
path = sqfs_concat_tokens(token_list, j + 1);
@@ -880,7 +890,7 @@ out:
return metablks_count;
}
-int sqfs_opendir(const char *filename, struct fs_dir_stream **dirsp)
+static int sqfs_opendir_nest(const char *filename, struct fs_dir_stream **dirsp)
{
unsigned char *inode_table = NULL, *dir_table = NULL;
int j, token_count = 0, ret = 0, metablks_count;
@@ -975,7 +985,19 @@ out:
return ret;
}
+int sqfs_opendir(const char *filename, struct fs_dir_stream **dirsp)
+{
+ symlinknest = 0;
+ return sqfs_opendir_nest(filename, dirsp);
+}
+
int sqfs_readdir(struct fs_dir_stream *fs_dirs, struct fs_dirent **dentp)
+{
+ symlinknest = 0;
+ return sqfs_readdir_nest(fs_dirs, dentp);
+}
+
+static int sqfs_readdir_nest(struct fs_dir_stream *fs_dirs, struct fs_dirent **dentp)
{
struct squashfs_super_block *sblk = ctxt.sblk;
struct squashfs_dir_stream *dirs;
@@ -1319,8 +1341,8 @@ static int sqfs_get_lregfile_info(struct squashfs_lreg_inode *lreg,
return datablk_count;
}
-int sqfs_read(const char *filename, void *buf, loff_t offset, loff_t len,
- loff_t *actread)
+static int sqfs_read_nest(const char *filename, void *buf, loff_t offset,
+ loff_t len, loff_t *actread)
{
char *dir = NULL, *fragment_block, *datablock = NULL;
char *fragment = NULL, *file = NULL, *resolved, *data;
@@ -1350,11 +1372,11 @@ int sqfs_read(const char *filename, void *buf, loff_t offset, loff_t len,
}
/*
- * sqfs_opendir will uncompress inode and directory tables, and will
+ * sqfs_opendir_nest will uncompress inode and directory tables, and will
* return a pointer to the directory that contains the requested file.
*/
sqfs_split_path(&file, &dir, filename);
- ret = sqfs_opendir(dir, &dirsp);
+ ret = sqfs_opendir_nest(dir, &dirsp);
if (ret) {
goto out;
}
@@ -1362,7 +1384,7 @@ int sqfs_read(const char *filename, void *buf, loff_t offset, loff_t len,
dirs = (struct squashfs_dir_stream *)dirsp;
/* For now, only regular files are able to be loaded */
- while (!sqfs_readdir(dirsp, &dent)) {
+ while (!sqfs_readdir_nest(dirsp, &dent)) {
ret = strcmp(dent->name, file);
if (!ret)
break;
@@ -1411,9 +1433,14 @@ int sqfs_read(const char *filename, void *buf, loff_t offset, loff_t len,
break;
case SQFS_SYMLINK_TYPE:
case SQFS_LSYMLINK_TYPE:
+ if (++symlinknest == MAX_SYMLINK_NEST) {
+ ret = -ELOOP;
+ goto out;
+ }
+
symlink = (struct squashfs_symlink_inode *)ipos;
resolved = sqfs_resolve_symlink(symlink, filename);
- ret = sqfs_read(resolved, buf, offset, len, actread);
+ ret = sqfs_read_nest(resolved, buf, offset, len, actread);
free(resolved);
goto out;
case SQFS_BLKDEV_TYPE:
@@ -1584,7 +1611,14 @@ out:
return ret;
}
-int sqfs_size(const char *filename, loff_t *size)
+int sqfs_read(const char *filename, void *buf, loff_t offset, loff_t len,
+ loff_t *actread)
+{
+ symlinknest = 0;
+ return sqfs_read_nest(filename, buf, offset, len, actread);
+}
+
+static int sqfs_size_nest(const char *filename, loff_t *size)
{
struct squashfs_super_block *sblk = ctxt.sblk;
struct squashfs_symlink_inode *symlink;
@@ -1600,10 +1634,10 @@ int sqfs_size(const char *filename, loff_t *size)
sqfs_split_path(&file, &dir, filename);
/*
- * sqfs_opendir will uncompress inode and directory tables, and will
+ * sqfs_opendir_nest will uncompress inode and directory tables, and will
* return a pointer to the directory that contains the requested file.
*/
- ret = sqfs_opendir(dir, &dirsp);
+ ret = sqfs_opendir_nest(dir, &dirsp);
if (ret) {
ret = -EINVAL;
goto free_strings;
@@ -1611,7 +1645,7 @@ int sqfs_size(const char *filename, loff_t *size)
dirs = (struct squashfs_dir_stream *)dirsp;
- while (!sqfs_readdir(dirsp, &dent)) {
+ while (!sqfs_readdir_nest(dirsp, &dent)) {
ret = strcmp(dent->name, file);
if (!ret)
break;
@@ -1644,6 +1678,11 @@ int sqfs_size(const char *filename, loff_t *size)
break;
case SQFS_SYMLINK_TYPE:
case SQFS_LSYMLINK_TYPE:
+ if (++symlinknest == MAX_SYMLINK_NEST) {
+ *size = 0;
+ return -ELOOP;
+ }
+
symlink = (struct squashfs_symlink_inode *)ipos;
resolved = sqfs_resolve_symlink(symlink, filename);
ret = sqfs_size(resolved, size);
@@ -1683,10 +1722,11 @@ int sqfs_exists(const char *filename)
sqfs_split_path(&file, &dir, filename);
/*
- * sqfs_opendir will uncompress inode and directory tables, and will
+ * sqfs_opendir_nest will uncompress inode and directory tables, and will
* return a pointer to the directory that contains the requested file.
*/
- ret = sqfs_opendir(dir, &dirsp);
+ symlinknest = 0;
+ ret = sqfs_opendir_nest(dir, &dirsp);
if (ret) {
ret = -EINVAL;
goto free_strings;
@@ -1694,7 +1734,7 @@ int sqfs_exists(const char *filename)
dirs = (struct squashfs_dir_stream *)dirsp;
- while (!sqfs_readdir(dirsp, &dent)) {
+ while (!sqfs_readdir_nest(dirsp, &dent)) {
ret = strcmp(dent->name, file);
if (!ret)
break;
@@ -1711,6 +1751,12 @@ free_strings:
return ret == 0;
}
+int sqfs_size(const char *filename, loff_t *size)
+{
+ symlinknest = 0;
+ return sqfs_size_nest(filename, size);
+}
+
void sqfs_close(void)
{
sqfs_decompressor_cleanup(&ctxt);
--
2.34.1

47
sources/poky/meta/recipes-bsp/u-boot/files/CVE-2024-57258-1.patch Normal file
View File

@@ -0,0 +1,47 @@
From 50ab41c3628dedeca1a331dd86dd203b73faea74 Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Fri, 2 Aug 2024 12:08:45 +0200
Subject: [PATCH 5/8] dlmalloc: Fix integer overflow in sbrk()
Make sure that the new break is within mem_malloc_start
and mem_malloc_end before making progress.
ulong new = old + increment; can overflow for extremely large
increment values and memset() can get wrongly called.
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Simon Glass <sjg@chromium.org>
CVE: CVE-2024-57258
Upstream-Status: Backport [https://source.denx.de/u-boot/u-boot/-/commit/0a10b49206a29b4aa2f80233a3e53ca0466bb0b3]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
common/dlmalloc.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/common/dlmalloc.c b/common/dlmalloc.c
index de3f0422..bae2a27c 100644
--- a/common/dlmalloc.c
+++ b/common/dlmalloc.c
@@ -591,6 +591,9 @@ void *sbrk(ptrdiff_t increment)
ulong old = mem_malloc_brk;
ulong new = old + increment;
+ if ((new < mem_malloc_start) || (new > mem_malloc_end))
+ return (void *)MORECORE_FAILURE;
+
/*
* if we are giving memory back make sure we clear it out since
* we set MORECORE_CLEARS to 1
@@ -598,9 +601,6 @@ void *sbrk(ptrdiff_t increment)
if (increment < 0)
memset((void *)new, 0, -increment);
- if ((new < mem_malloc_start) || (new > mem_malloc_end))
- return (void *)MORECORE_FAILURE;
-
mem_malloc_brk = new;
return (void *)old;
--
2.34.1

43
sources/poky/meta/recipes-bsp/u-boot/files/CVE-2024-57258-2.patch Normal file
View File

@@ -0,0 +1,43 @@
From db7c626204f488a802a2e58b7a788b11fde6be7d Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Fri, 2 Aug 2024 12:08:44 +0200
Subject: [PATCH 6/8] dlmalloc: Fix integer overflow in request2size()
req is of type size_t, casting it to long opens the door
for an integer overflow.
Values between LONG_MAX - (SIZE_SZ + MALLOC_ALIGN_MASK) - 1 and LONG_MAX
cause and overflow such that request2size() returns MINSIZE.
Fix by removing the cast.
The origin of the cast is unclear, it's in u-boot and ppcboot since ever
and predates the CVS history.
Doug Lea's original dlmalloc implementation also doesn't have it.
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Simon Glass <sjg@chromium.org>
CVE: CVE-2024-57258
Upstream-Status: Backport [https://source.denx.de/u-boot/u-boot/-/commit/8642b2178d2c4002c99a0b69a845a48f2ae2706f]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
common/dlmalloc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/common/dlmalloc.c b/common/dlmalloc.c
index bae2a27c..1ac4ee9f 100644
--- a/common/dlmalloc.c
+++ b/common/dlmalloc.c
@@ -379,8 +379,8 @@ nextchunk-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/* pad request bytes into a usable size */
#define request2size(req) \
- (((long)((req) + (SIZE_SZ + MALLOC_ALIGN_MASK)) < \
- (long)(MINSIZE + MALLOC_ALIGN_MASK)) ? MINSIZE : \
+ ((((req) + (SIZE_SZ + MALLOC_ALIGN_MASK)) < \
+ (MINSIZE + MALLOC_ALIGN_MASK)) ? MINSIZE : \
(((req) + (SIZE_SZ + MALLOC_ALIGN_MASK)) & ~(MALLOC_ALIGN_MASK)))
/* Check if m has acceptable alignment */
--
2.34.1

40
sources/poky/meta/recipes-bsp/u-boot/files/CVE-2024-57258-3.patch Normal file
View File

@@ -0,0 +1,40 @@
From 37095a204127b60b5e00c4c5d435d6e48a6a1c51 Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Fri, 2 Aug 2024 12:08:43 +0200
Subject: [PATCH 7/8] x86: Fix ptrdiff_t for x86_64
sbrk() assumes ptrdiff_t is large enough to enlarge/shrink the heap
by LONG_MIN/LONG_MAX.
So, use the long type, also to match the rest of the Linux ecosystem.
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Simon Glass <sjg@chromium.org>
CVE: CVE-2024-57258
Upstream-Status: Backport [https://source.denx.de/u-boot/u-boot/-/commit/c17b2a05dd50a3ba437e6373093a0d6a359cdee0]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
arch/x86/include/asm/posix_types.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/posix_types.h b/arch/x86/include/asm/posix_types.h
index dbcea7f4..e1ed9bca 100644
--- a/arch/x86/include/asm/posix_types.h
+++ b/arch/x86/include/asm/posix_types.h
@@ -20,11 +20,12 @@ typedef unsigned short __kernel_gid_t;
#if defined(__x86_64__)
typedef unsigned long __kernel_size_t;
typedef long __kernel_ssize_t;
+typedef long __kernel_ptrdiff_t;
#else
typedef unsigned int __kernel_size_t;
typedef int __kernel_ssize_t;
-#endif
typedef int __kernel_ptrdiff_t;
+#endif
typedef long __kernel_time_t;
typedef long __kernel_suseconds_t;
typedef long __kernel_clock_t;
--
2.34.1

41
sources/poky/meta/recipes-bsp/u-boot/files/CVE-2024-57259.patch Normal file
View File

@@ -0,0 +1,41 @@
From 2c08fe306c6cbc60ec4beb434c71e56bb7abb678 Mon Sep 17 00:00:00 2001
From: Richard Weinberger <richard@nod.at>
Date: Fri, 2 Aug 2024 22:05:09 +0200
Subject: [PATCH 8/8] squashfs: Fix heap corruption in sqfs_search_dir()
res needs to be large enough to store both strings rem and target,
plus the path separator and the terminator.
Currently the space for the path separator is not accounted, so
the heap is corrupted by one byte.
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
CVE: CVE-2024-57259
Upstream-Status: Backport [https://source.denx.de/u-boot/u-boot/-/commit/048d795bb5b3d9c5701b4855f5e74bcf6849bf5e]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
fs/squashfs/sqfs.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c
index a5b7890e..1bd9b2a4 100644
--- a/fs/squashfs/sqfs.c
+++ b/fs/squashfs/sqfs.c
@@ -563,8 +563,11 @@ static int sqfs_search_dir(struct squashfs_dir_stream *dirs, char **token_list,
ret = -ENOMEM;
goto out;
}
- /* Concatenate remaining tokens and symlink's target */
- res = malloc(strlen(rem) + strlen(target) + 1);
+ /*
+ * Concatenate remaining tokens and symlink's target.
+ * Allocate enough space for rem, target, '/' and '\0'.
+ */
+ res = malloc(strlen(rem) + strlen(target) + 2);
if (!res) {
ret = -ENOMEM;
goto out;
--
2.34.1

26
sources/poky/meta/recipes-bsp/u-boot/libubootenv_0.3.5.bb Normal file
View File

@@ -0,0 +1,26 @@
SUMMARY = "U-Boot libraries and tools to access environment"
DESCRIPTION = "This package contains tools and libraries to read \
and modify U-Boot environment. \
It provides a hardware-independent replacement for fw_printenv/setenv utilities \
provided by U-Boot"
HOMEPAGE = "https://github.com/sbabic/libubootenv"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://LICENSES/LGPL-2.1-or-later.txt;md5=4fbd65380cdd255951079008b364516c"
SECTION = "libs"
SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https;branch=master"
SRCREV = "3f4d15e36ceb58085b08dd13f3f2788e9299877b"
S = "${WORKDIR}/git"
inherit cmake lib_package
EXTRA_OECMAKE = "-DCMAKE_BUILD_TYPE=Release"
DEPENDS = "zlib libyaml"
PROVIDES += "u-boot-fw-utils"
RPROVIDES:${PN}-bin += "u-boot-fw-utils"
BBCLASSEXTEND = "native"

33
sources/poky/meta/recipes-bsp/u-boot/u-boot-common.inc Normal file
View File

@@ -0,0 +1,33 @@
HOMEPAGE = "http://www.denx.de/wiki/U-Boot/WebHome"
DESCRIPTION = "U-Boot, a boot loader for Embedded boards based on PowerPC, \
ARM, MIPS and several other processors, which can be installed in a boot \
ROM and used to initialize and test the hardware or to download and run \
application code."
SECTION = "bootloaders"
DEPENDS += "flex-native bison-native python3-setuptools-native"
LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://Licenses/README;md5=2ca5f2c35c8cc335f0a19756634782f1"
PE = "1"
# We use the revision in order to avoid having to fetch it from the
# repo during parse
SRCREV = "866ca972d6c3cabeaf6dbac431e8e08bb30b3c8e"
SRC_URI = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=master \
file://CVE-2024-57254.patch \
file://CVE-2024-57255.patch \
file://CVE-2024-57256.patch \
file://CVE-2024-57257.patch \
file://CVE-2024-57258-1.patch \
file://CVE-2024-57258-2.patch \
file://CVE-2024-57258-3.patch \
file://CVE-2024-57259.patch \
"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build"
inherit pkgconfig
do_configure[cleandirs] = "${B}"

52
sources/poky/meta/recipes-bsp/u-boot/u-boot-configure.inc Normal file
View File

@@ -0,0 +1,52 @@
# This provides the logic for creating the desired u-boot config,
# accounting for any *.cfg files added to SRC_URI. It's separated
# from u-boot.inc for use by recipes that need u-boot properly
# configured but aren't doing a full build of u-boot itself (such as
# its companion tools).
inherit uboot-config cml1
DEPENDS += "kern-tools-native"
CONFIGURE_FILES = "${@d.getVar('UBOOT_MACHINE') or '.config'}"
do_configure () {
if [ -n "${UBOOT_CONFIG}" ]; then
unset i j
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
j=$(expr $j + 1);
if [ $j -eq $i ]; then
uboot_configure_config $config $type
fi
done
unset j
done
unset i
else
uboot_configure
fi
}
uboot_configure_config () {
config=$1
type=$2
oe_runmake -C ${S} O=${B}/${config} ${config}
if [ -n "${@' '.join(find_cfgs(d))}" ]; then
merge_config.sh -m -O ${B}/${config} ${B}/${config}/.config ${@" ".join(find_cfgs(d))}
oe_runmake -C ${S} O=${B}/${config} oldconfig
fi
}
uboot_configure () {
if [ -n "${UBOOT_MACHINE}" ]; then
oe_runmake -C ${S} O=${B} ${UBOOT_MACHINE}
else
oe_runmake -C ${S} O=${B} oldconfig
fi
merge_config.sh -m .config ${@" ".join(find_cfgs(d))}
cml1_do_configure
}

90
sources/poky/meta/recipes-bsp/u-boot/u-boot-tools.inc Normal file
View File

@@ -0,0 +1,90 @@
SUMMARY = "U-Boot bootloader tools"
DEPENDS += "gnutls openssl util-linux swig-native"
inherit python3native
export STAGING_INCDIR="${STAGING_INCDIR_NATIVE}"
PROVIDES = "${MLPREFIX}u-boot-mkimage ${MLPREFIX}u-boot-mkenvimage ${MLPREFIX}u-boot-mkeficapsule"
PROVIDES:class-native = "u-boot-mkimage-native u-boot-mkenvimage-native u-boot-mkeficapsule-native"
PACKAGES += "${PN}-mkimage ${PN}-mkenvimage ${PN}-mkeficapsule"
# Required for backward compatibility with "u-boot-mkimage-xxx.bb"
RPROVIDES:${PN}-mkimage = "u-boot-mkimage"
RREPLACES:${PN}-mkimage = "u-boot-mkimage"
RCONFLICTS:${PN}-mkimage = "u-boot-mkimage"
EXTRA_OEMAKE:class-target = 'CROSS_COMPILE="${TARGET_PREFIX}" CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1'
EXTRA_OEMAKE:class-native = 'CC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1'
EXTRA_OEMAKE:class-nativesdk = 'CROSS_COMPILE="${HOST_PREFIX}" CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1'
SED_CONFIG_EFI = '-e "s/CONFIG_EFI_LOADER=.*/# CONFIG_EFI_LOADER is not set/"'
SED_CONFIG_EFI:x86 = ''
SED_CONFIG_EFI:x86-64 = ''
SED_CONFIG_EFI:arm = ''
SED_CONFIG_EFI:armeb = ''
SED_CONFIG_EFI:aarch64 = ''
SED_CONFIG_EFI:loongarch64 = ''
do_compile () {
# Yes, this is crazy. If you build on a system with git < 2.14 from scratch, the tree will
# be marked as "dirty" and the version will include "-dirty", leading to a reproducibility problem.
# The issue is the inode count for Licnses/README changing due to do_populate_lic hardlinking a
# copy of the file. We avoid this by ensuring the index is updated with a "git diff" before the
# u-boot machinery tries to determine the version.
#
# build$ ../git/scripts/setlocalversion ../git
# ""
# build$ ln ../git/
# build$ ln ../git/README ../foo
# build$ ../git/scripts/setlocalversion ../git
# ""-dirty
# (i.e. creating a hardlink dirties the index)
cd ${S}; git diff; cd ${B}
oe_runmake -C ${S} tools-only_defconfig O=${B}
# Disable CONFIG_CMD_LICENSE, license.h is not used by tools and
# generating it requires bin2header tool, which for target build
# is built with target tools and thus cannot be executed on host.
sed -i -e "s/CONFIG_CMD_LICENSE=.*/# CONFIG_CMD_LICENSE is not set/" ${SED_CONFIG_EFI} ${B}/.config
oe_runmake -C ${S} cross_tools NO_SDL=1 O=${B}
}
do_install () {
install -d ${D}${bindir}
# mkimage
install -m 0755 tools/mkimage ${D}${bindir}/uboot-mkimage
ln -sf uboot-mkimage ${D}${bindir}/mkimage
# mkenvimage
install -m 0755 tools/mkenvimage ${D}${bindir}/uboot-mkenvimage
ln -sf uboot-mkenvimage ${D}${bindir}/mkenvimage
# dumpimage
install -m 0755 tools/dumpimage ${D}${bindir}/uboot-dumpimage
ln -sf uboot-dumpimage ${D}${bindir}/dumpimage
# fit_check_sign
install -m 0755 tools/fit_check_sign ${D}${bindir}/uboot-fit_check_sign
ln -sf uboot-fit_check_sign ${D}${bindir}/fit_check_sign
# mkeficapsule
install -m 0755 tools/mkeficapsule ${D}${bindir}/uboot-mkeficapsule
ln -sf uboot-mkeficapsule ${D}${bindir}/mkeficapsule
}
ALLOW_EMPTY:${PN} = "1"
FILES:${PN} = ""
FILES:${PN}-mkimage = "${bindir}/uboot-mkimage ${bindir}/mkimage ${bindir}/uboot-dumpimage ${bindir}/dumpimage ${bindir}/uboot-fit_check_sign ${bindir}/fit_check_sign"
FILES:${PN}-mkenvimage = "${bindir}/uboot-mkenvimage ${bindir}/mkenvimage"
FILES:${PN}-mkeficapsule = "${bindir}/uboot-mkeficapsule ${bindir}/mkeficapsule"
RDEPENDS:${PN}-mkimage += "dtc"
RDEPENDS:${PN} += "${PN}-mkimage ${PN}-mkenvimage ${PN}-mkeficapsule"
RDEPENDS:${PN}:class-native = ""
BBCLASSEXTEND = "native nativesdk"

2
sources/poky/meta/recipes-bsp/u-boot/u-boot-tools_2024.01.bb Normal file
View File

@@ -0,0 +1,2 @@
require u-boot-common.inc
require u-boot-tools.inc

432
sources/poky/meta/recipes-bsp/u-boot/u-boot.inc Normal file
View File

@@ -0,0 +1,432 @@
SUMMARY = "Universal Boot Loader for embedded devices"
PROVIDES = "virtual/bootloader"
PACKAGE_ARCH = "${MACHINE_ARCH}"
DEPENDS += "${@bb.utils.contains('UBOOT_ENV_SUFFIX', 'scr', 'u-boot-mkimage-native', '', d)}"
inherit uboot-config uboot-extlinux-config uboot-sign deploy python3native kernel-arch
DEPENDS += "swig-native"
EXTRA_OEMAKE = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${TARGET_PREFIX}gcc ${TOOLCHAIN_OPTIONS} ${DEBUG_PREFIX_MAP}" V=1'
EXTRA_OEMAKE += 'HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}"'
EXTRA_OEMAKE += 'STAGING_INCDIR=${STAGING_INCDIR_NATIVE} STAGING_LIBDIR=${STAGING_LIBDIR_NATIVE}'
PACKAGECONFIG ??= "openssl"
# u-boot will compile its own tools during the build, with specific
# configurations (aka when CONFIG_FIT_SIGNATURE is enabled) openssl is needed as
# a host build dependency.
PACKAGECONFIG[openssl] = ",,openssl-native"
# Allow setting an additional version string that will be picked up by the
# u-boot build system and appended to the u-boot version. If the .scmversion
# file already exists it will not be overwritten.
UBOOT_LOCALVERSION ?= ""
# Default name of u-boot initial env, but enable individual recipes to change
# this value.
UBOOT_INITIAL_ENV ?= "${PN}-initial-env"
require u-boot-configure.inc
do_savedefconfig() {
bbplain "Saving defconfig to:\n${B}/defconfig"
oe_runmake -C ${B} savedefconfig
}
do_savedefconfig[nostamp] = "1"
addtask savedefconfig after do_configure
UBOOT_ARCH_DIR = "${@'arm' if d.getVar('UBOOT_ARCH').startswith('arm') else d.getVar('UBOOT_ARCH')}"
do_compile () {
if [ "${@bb.utils.filter('DISTRO_FEATURES', 'ld-is-gold', d)}" ]; then
sed -i 's/$(CROSS_COMPILE)ld$/$(CROSS_COMPILE)ld.bfd/g' ${S}/config.mk
fi
unset LDFLAGS
unset CFLAGS
unset CPPFLAGS
if [ ! -e ${B}/.scmversion -a ! -e ${S}/.scmversion ]
then
echo ${UBOOT_LOCALVERSION} > ${B}/.scmversion
echo ${UBOOT_LOCALVERSION} > ${S}/.scmversion
fi
if [ -n "${UBOOT_CONFIG}" -o -n "${UBOOT_DELTA_CONFIG}" ]
then
unset i j
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
j=$(expr $j + 1);
if [ $j -eq $i ]
then
uboot_compile_config $i $config $type
fi
done
unset j
done
unset i
else
uboot_compile
fi
if [ -n "${UBOOT_ENV}" ] && [ "${UBOOT_ENV_SUFFIX}" = "scr" ]
then
${UBOOT_MKIMAGE} -C none -A ${UBOOT_ARCH} -T script -d ${WORKDIR}/${UBOOT_ENV_SRC} ${WORKDIR}/${UBOOT_ENV_BINARY}
fi
}
uboot_compile_config () {
i=$1
config=$2
type=$3
oe_runmake -C ${S} O=${B}/${config} ${UBOOT_MAKE_TARGET}
unset k
for binary in ${UBOOT_BINARIES}; do
k=$(expr $k + 1);
if [ $k -eq $i ]; then
uboot_compile_config_copy_binary $config $type $binary
fi
done
unset k
# Generate the uboot-initial-env
if [ -n "${UBOOT_INITIAL_ENV}" ]; then
oe_runmake -C ${S} O=${B}/${config} u-boot-initial-env
cp ${B}/${config}/u-boot-initial-env ${B}/${config}/u-boot-initial-env-${type}
fi
}
uboot_compile_config_copy_binary () {
config=$1
type=$2
binary=$3
cp ${B}/${config}/${binary} ${B}/${config}/${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX}
}
uboot_compile () {
oe_runmake -C ${S} O=${B} ${UBOOT_MAKE_TARGET}
# Generate the uboot-initial-env
if [ -n "${UBOOT_INITIAL_ENV}" ]; then
oe_runmake -C ${S} O=${B} u-boot-initial-env
fi
}
do_install () {
if [ -n "${UBOOT_CONFIG}" ]
then
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
j=$(expr $j + 1);
if [ $j -eq $i ]
then
uboot_install_config $config $type
fi
done
unset j
done
unset i
else
uboot_install
fi
if [ -n "${UBOOT_ELF}" ]
then
if [ -n "${UBOOT_CONFIG}" ]
then
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
j=$(expr $j + 1);
if [ $j -eq $i ]
then
uboot_install_elf_config $config $type
fi
done
unset j
done
unset i
else
uboot_install_elf
fi
fi
if [ -e ${WORKDIR}/fw_env.config ] ; then
install -d ${D}${sysconfdir}
install -m 644 ${WORKDIR}/fw_env.config ${D}${sysconfdir}/fw_env.config
fi
if [ -n "${SPL_BINARY}" ]
then
if [ -n "${UBOOT_CONFIG}" ]
then
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
j=$(expr $j + 1);
if [ $j -eq $i ]
then
uboot_install_spl_config $config $type
fi
done
unset j
done
unset i
else
uboot_install_spl
fi
fi
if [ -n "${UBOOT_ENV}" ]
then
install -m 644 ${WORKDIR}/${UBOOT_ENV_BINARY} ${D}/boot/${UBOOT_ENV_IMAGE}
ln -sf ${UBOOT_ENV_IMAGE} ${D}/boot/${UBOOT_ENV_BINARY}
fi
if [ "${UBOOT_EXTLINUX}" = "1" ]
then
install -Dm 0644 ${UBOOT_EXTLINUX_CONFIG} ${D}/${UBOOT_EXTLINUX_INSTALL_DIR}/${UBOOT_EXTLINUX_CONF_NAME}
fi
}
uboot_install_config () {
config=$1
type=$2
install -D -m 644 ${B}/${config}/${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX}
ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARY}-${type}
ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARY}
# Install the uboot-initial-env
if [ -n "${UBOOT_INITIAL_ENV}" ]; then
install -D -m 644 ${B}/${config}/u-boot-initial-env-${type} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${type}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}
fi
}
uboot_install () {
install -D -m 644 ${B}/${UBOOT_BINARY} ${D}/boot/${UBOOT_IMAGE}
ln -sf ${UBOOT_IMAGE} ${D}/boot/${UBOOT_BINARY}
# Install the uboot-initial-env
if [ -n "${UBOOT_INITIAL_ENV}" ]; then
install -D -m 644 ${B}/u-boot-initial-env ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}
fi
}
uboot_install_elf_config () {
config=$1
type=$2
install -m 644 ${B}/${config}/${UBOOT_ELF} ${D}/boot/u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX}
ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${D}/boot/${UBOOT_BINARY}-${type}
ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${D}/boot/${UBOOT_BINARY}
}
uboot_install_elf () {
install -m 644 ${B}/${UBOOT_ELF} ${D}/boot/${UBOOT_ELF_IMAGE}
ln -sf ${UBOOT_ELF_IMAGE} ${D}/boot/${UBOOT_ELF_BINARY}
}
uboot_install_spl_config () {
config=$1
type=$2
install -m 644 ${B}/${config}/${SPL_BINARY} ${D}/boot/${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX}
ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${D}/boot/${SPL_BINARYFILE}-${type}
ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${D}/boot/${SPL_BINARYFILE}
}
uboot_install_spl () {
install -m 644 ${B}/${SPL_BINARY} ${D}/boot/${SPL_IMAGE}
ln -sf ${SPL_IMAGE} ${D}/boot/${SPL_BINARYFILE}
}
PACKAGE_BEFORE_PN += "${PN}-env ${PN}-extlinux"
RPROVIDES:${PN}-env += "u-boot-default-env"
ALLOW_EMPTY:${PN}-env = "1"
FILES:${PN}-env = " \
${@ '${sysconfdir}/${UBOOT_INITIAL_ENV}*' if d.getVar('UBOOT_INITIAL_ENV') else ''} \
${sysconfdir}/fw_env.config \
"
FILES:${PN}-extlinux = "${UBOOT_EXTLINUX_INSTALL_DIR}/${UBOOT_EXTLINUX_CONF_NAME}"
RDEPENDS:${PN} += "${@bb.utils.contains('UBOOT_EXTLINUX', '1', '${PN}-extlinux', '', d)}"
SYSROOT_DIRS += "/boot"
FILES:${PN} = "/boot ${datadir}"
RDEPENDS:${PN} += "${PN}-env"
do_deploy () {
if [ -n "${UBOOT_CONFIG}" ]
then
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
j=$(expr $j + 1);
if [ $j -eq $i ]
then
uboot_deploy_config $config $type
fi
done
unset j
done
unset i
else
uboot_deploy
fi
if [ -e ${WORKDIR}/fw_env.config ] ; then
install -D -m 644 ${WORKDIR}/fw_env.config ${DEPLOYDIR}/fw_env.config-${MACHINE}-${UBOOT_VERSION}
cd ${DEPLOYDIR}
ln -sf fw_env.config-${MACHINE}-${UBOOT_VERSION} fw_env.config-${MACHINE}
ln -sf fw_env.config-${MACHINE}-${UBOOT_VERSION} fw_env.config
fi
if [ -n "${UBOOT_ELF}" ]
then
if [ -n "${UBOOT_CONFIG}" ]
then
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
j=$(expr $j + 1);
if [ $j -eq $i ]
then
uboot_deploy_elf_config $config $type
fi
done
unset j
done
unset i
else
uboot_deploy_elf
fi
fi
if [ -n "${SPL_BINARY}" ]
then
if [ -n "${UBOOT_CONFIG}" ]
then
for config in ${UBOOT_MACHINE}; do
i=$(expr $i + 1);
for type in ${UBOOT_CONFIG}; do
j=$(expr $j + 1);
if [ $j -eq $i ]
then
uboot_deploy_spl_config $config $type
fi
done
unset j
done
unset i
else
uboot_deploy_spl
fi
fi
if [ -n "${UBOOT_ENV}" ]
then
install -m 644 ${WORKDIR}/${UBOOT_ENV_BINARY} ${DEPLOYDIR}/${UBOOT_ENV_IMAGE}
ln -sf ${UBOOT_ENV_IMAGE} ${DEPLOYDIR}/${UBOOT_ENV_BINARY}
ln -sf ${UBOOT_ENV_IMAGE} ${DEPLOYDIR}/${UBOOT_ENV_SYMLINK}
fi
if [ "${UBOOT_EXTLINUX}" = "1" ]
then
install -m 644 ${UBOOT_EXTLINUX_CONFIG} ${DEPLOYDIR}/${UBOOT_EXTLINUX_SYMLINK}
ln -sf ${UBOOT_EXTLINUX_SYMLINK} ${DEPLOYDIR}/${UBOOT_EXTLINUX_CONF_NAME}-${MACHINE}
ln -sf ${UBOOT_EXTLINUX_SYMLINK} ${DEPLOYDIR}/${UBOOT_EXTLINUX_CONF_NAME}
fi
if [ -n "${UBOOT_DTB}" ]
then
install -m 644 ${B}/arch/${UBOOT_ARCH_DIR}/dts/${UBOOT_DTB_BINARY} ${DEPLOYDIR}/
fi
}
uboot_deploy_config () {
config=$1
type=$2
install -D -m 644 ${B}/${config}/${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} ${DEPLOYDIR}/${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX}
cd ${DEPLOYDIR}
ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${UBOOT_SYMLINK}-${type}
ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${UBOOT_SYMLINK}
ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${UBOOT_BINARY}-${type}
ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${UBOOT_BINARY}
# Deploy the uboot-initial-env
if [ -n "${UBOOT_INITIAL_ENV}" ]; then
install -D -m 644 ${B}/${config}/u-boot-initial-env-${type} ${DEPLOYDIR}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION}
cd ${DEPLOYDIR}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${UBOOT_INITIAL_ENV}-${type}
fi
}
uboot_deploy () {
install -D -m 644 ${B}/${UBOOT_BINARY} ${DEPLOYDIR}/${UBOOT_IMAGE}
cd ${DEPLOYDIR}
rm -f ${UBOOT_BINARY} ${UBOOT_SYMLINK}
ln -sf ${UBOOT_IMAGE} ${UBOOT_SYMLINK}
ln -sf ${UBOOT_IMAGE} ${UBOOT_BINARY}
# Deploy the uboot-initial-env
if [ -n "${UBOOT_INITIAL_ENV}" ]; then
install -D -m 644 ${B}/u-boot-initial-env ${DEPLOYDIR}/${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION}
cd ${DEPLOYDIR}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION} ${UBOOT_INITIAL_ENV}-${MACHINE}
ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION} ${UBOOT_INITIAL_ENV}
fi
}
uboot_deploy_elf_config () {
config=$1
type=$2
install -m 644 ${B}/${config}/${UBOOT_ELF} ${DEPLOYDIR}/u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX}
ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_BINARY}-${type}
ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_BINARY}
ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK}-${type}
ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK}
}
uboot_deploy_elf () {
install -m 644 ${B}/${UBOOT_ELF} ${DEPLOYDIR}/${UBOOT_ELF_IMAGE}
ln -sf ${UBOOT_ELF_IMAGE} ${DEPLOYDIR}/${UBOOT_ELF_BINARY}
ln -sf ${UBOOT_ELF_IMAGE} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK}
}
uboot_deploy_spl_config () {
config=$1
type=$2
install -m 644 ${B}/${config}/${SPL_BINARY} ${DEPLOYDIR}/${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX}
rm -f ${DEPLOYDIR}/${SPL_BINARYFILE} ${DEPLOYDIR}/${SPL_SYMLINK}
ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_BINARYFILE}-${type}
ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_BINARYFILE}
ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_SYMLINK}-${type}
ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_SYMLINK}
}
uboot_deploy_spl () {
install -m 644 ${B}/${SPL_BINARY} ${DEPLOYDIR}/${SPL_IMAGE}
ln -sf ${SPL_IMAGE} ${DEPLOYDIR}/${SPL_BINARYNAME}
ln -sf ${SPL_IMAGE} ${DEPLOYDIR}/${SPL_SYMLINK}
}
addtask deploy before do_build after do_compile

5
sources/poky/meta/recipes-bsp/u-boot/u-boot_2024.01.bb Normal file
View File

@@ -0,0 +1,5 @@
require u-boot-common.inc
require u-boot.inc
DEPENDS += "bc-native dtc-native python3-pyelftools-native"

24
sources/poky/meta/recipes-bsp/usbinit/usbinit.bb Normal file
View File

@@ -0,0 +1,24 @@
SUMMARY = "Initscript for enabling USB gadget Ethernet"
DESCRIPTION = "This module allows ethernet emulation over USB, allowing for \
all sorts of nifty things like SSH and NFS in one go plus charging over the \
same wire, at higher speeds than most Wifi connections."
HOMEPAGE = "http://linux-sunxi.org/USB_Gadget/Ethernet"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://${WORKDIR}/COPYING.GPL;md5=751419260aa954499f7abaabaa882bbe"
SRC_URI = "file://usb-gether \
file://COPYING.GPL"
S = "${WORKDIR}"
do_install() {
install -d ${D}${sysconfdir}
install -d ${D}${sysconfdir}/init.d
install usb-gether ${D}${sysconfdir}/init.d
}
inherit update-rc.d allarch
INITSCRIPT_NAME = "usb-gether"
INITSCRIPT_PARAMS = "start 99 5 2 . stop 20 0 1 6 ."

339
sources/poky/meta/recipes-bsp/usbinit/usbinit/COPYING.GPL Normal file
View File

@@ -0,0 +1,339 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.

Some files were not shown because too many files have changed in this diff Show More