date:20171118

[OE-core] [PATCH v2] libepoxy: Fix build break for EGL_CAST dependency

2017-11-18 Thread Tom Hochstein

This is a backport [1] to fix the following build error:

| In file included from 
/home/r60874/upstream/xwayland/tmp/work/armv7at2hf-neon-mx6qdl-fslc-linux-gnueabi/gtk+3/3.22.17-r0/recipe-sysroot/usr/include/epoxy/egl.h:46:0,
|  from 
../../../gtk+-3.22.17/gdk/wayland/gdkglcontext-wayland.h:32,
|  from 
../../../gtk+-3.22.17/gdk/wayland/gdkglcontext-wayland.c:24:
| ../../../gtk+-3.22.17/gdk/wayland/gdkglcontext-wayland.c: In function 
'gdk_wayland_gl_context_realize':
| ../../../gtk+-3.22.17/gdk/wayland/gdkglcontext-wayland.c:179:43: error: 
expected expression before 'EGLContext'
|  : EGL_NO_CONTEXT,
|^

[1] 
https://github.com/anholt/libepoxy/commit/ebe3a53db1c0bb34e1ca963b95d1f222115f93f8

Signed-off-by: Tom Hochstein 
---
 .../Add-fallback-definition-for-EGL-CAST.patch | 33 ++
 meta/recipes-graphics/libepoxy/libepoxy_1.4.3.bb   |  3 +-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-graphics/libepoxy/libepoxy/Add-fallback-definition-for-EGL-CAST.patch

diff --git 
a/meta/recipes-graphics/libepoxy/libepoxy/Add-fallback-definition-for-EGL-CAST.patch
 
b/meta/recipes-graphics/libepoxy/libepoxy/Add-fallback-definition-for-EGL-CAST.patch
new file mode 100644
index 000..b929725
--- /dev/null
+++ 
b/meta/recipes-graphics/libepoxy/libepoxy/Add-fallback-definition-for-EGL-CAST.patch
@@ -0,0 +1,33 @@
+Add fallback definition for EGL_CAST
+
+The EGL API update from d11104f introduced a dependency on the
+EGL_CAST() macro, provided by an updated eglplatform.h. Given that we
+don't provide eglplatform.h, add a fallback definition for if we're
+building against Mesa 17.0.x or similar.
+
+https://bugs.gentoo.org/show_bug.cgi?id=623926
+
+Upstream-Status: Backport 
[https://github.com/anholt/libepoxy/commit/ebe3a53db1c0bb34e1ca963b95d1f222115f93f8]
+
+Signed-off-by: Tom Hochstein 
+
+Index: libepoxy-1.4.3/src/gen_dispatch.py
+===
+--- libepoxy-1.4.3.orig/src/gen_dispatch.py2017-06-06 04:24:13.0 
-0500
 libepoxy-1.4.3/src/gen_dispatch.py 2017-11-06 12:45:43.594966473 -0600
+@@ -491,6 +491,15 @@
+ self.outln('#include "epoxy/gl.h"')
+ if self.target == "egl":
+ self.outln('#include "EGL/eglplatform.h"')
++# Account for older eglplatform.h, which doesn't define
++# the EGL_CAST macro.
++self.outln('#ifndef EGL_CAST')
++self.outln('#if defined(__cplusplus)')
++self.outln('#define EGL_CAST(type, value) 
(static_cast(value))')
++self.outln('#else')
++self.outln('#define EGL_CAST(type, value) ((type) (value))')
++self.outln('#endif')
++self.outln('#endif')
+ else:
+ # Add some ridiculous inttypes.h redefinitions that are
+ # from khrplatform.h and not included in the XML.  We
diff --git a/meta/recipes-graphics/libepoxy/libepoxy_1.4.3.bb 
b/meta/recipes-graphics/libepoxy/libepoxy_1.4.3.bb
index c8b398f..0172322 100644
--- a/meta/recipes-graphics/libepoxy/libepoxy_1.4.3.bb
+++ b/meta/recipes-graphics/libepoxy/libepoxy_1.4.3.bb
@@ -5,7 +5,8 @@ SECTION = "libs"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://COPYING;md5=58ef4c80d401e07bd9ee8b6b58cf464b"
 
-SRC_URI = 
"https://github.com/anholt/${BPN}/releases/download/${PV}/${BP}.tar.xz;
+SRC_URI = 
"https://github.com/anholt/${BPN}/releases/download/${PV}/${BP}.tar.xz \
+   file://Add-fallback-definition-for-EGL-CAST.patch"
 SRC_URI[md5sum] = "af4c3ce0fb1143bdc4e43f85695a9bed"
 SRC_URI[sha256sum] = 
"0b808a06c9685a62fca34b680abb8bc7fb2fda074478e329b063c1f872b826f6"
 UPSTREAM_CHECK_URI = "https://github.com/anholt/libepoxy/releases;
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] u-boot: Upgrade to 2017.11 release

2017-11-18 Thread Marek Vasut

On 11/18/2017 03:14 PM, Tom Rini wrote:
> On Sat, Nov 18, 2017 at 11:19:13AM +0100, Marek Vasut wrote:
>> On 11/17/2017 09:59 PM, Tom Rini wrote:
>>> On Fri, Nov 17, 2017 at 08:19:07PM +0100, Marek Vasut wrote:
 On 11/14/2017 07:32 PM, Otavio Salvador wrote:
> This upgrades the U-Boot from 2017.09 to 2017.11 release.
>
> Signed-off-by: Otavio Salvador 
> ---
>
>  .../u-boot/{u-boot-common_2017.09.inc => u-boot-common_2017.11.inc} 
> | 2 +-
>  .../u-boot/{u-boot-fw-utils_2017.09.bb => u-boot-fw-utils_2017.11.bb}   
> | 0
>  .../u-boot/{u-boot-mkimage_2017.09.bb => u-boot-mkimage_2017.11.bb} 
> | 0
>  meta/recipes-bsp/u-boot/{u-boot_2017.09.bb => u-boot_2017.11.bb}
> | 0
>  4 files changed, 1 insertion(+), 1 deletion(-)
>  rename meta/recipes-bsp/u-boot/{u-boot-common_2017.09.inc => 
> u-boot-common_2017.11.inc} (89%)
>  rename meta/recipes-bsp/u-boot/{u-boot-fw-utils_2017.09.bb => 
> u-boot-fw-utils_2017.11.bb} (100%)
>  rename meta/recipes-bsp/u-boot/{u-boot-mkimage_2017.09.bb => 
> u-boot-mkimage_2017.11.bb} (100%)
>  rename meta/recipes-bsp/u-boot/{u-boot_2017.09.bb => u-boot_2017.11.bb} 
> (100%)
>
> diff --git a/meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc 
> b/meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
> similarity index 89%
> rename from meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc
> rename to meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
> index 02e51242cb..bfdf1a0d8f 100644
> --- a/meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc
> +++ b/meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
> @@ -7,7 +7,7 @@ PE = "1"
>  
>  # We use the revision in order to avoid having to fetch it from the
>  # repo during parse
> -SRCREV = "c98ac3487e413c71e5d36322ef3324b21c6f60f9"
> +SRCREV = "c253573f3e269fd9a24ee6684d87dd91106018a5"
>  
>  SRC_URI = "git://git.denx.de/u-boot.git \
>  file://MPC8315ERDB-enable-DHCP.patch \

 This patch ^ could use a refresh , since it applies with Fuzz now.
>>>
>>> Honestly, just enable DISTRO_DEFAULTS for the board and post that
>>> upstream instead.
>>
>> Or that, but someone would have to test that first and the patch author
>> does not respond for some reason.
> 
> Adding in Ed..
> 
> Yes, it would be good if the MPC8315 got run-time tested more often, but
> no, a build test is sufficient I think for changing a few options like
> this.

I didn't have very good experience with changing such stuff for random
board and not actually testing it thus far ...

-- 
Best regards,
Marek Vasut
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] u-boot: Upgrade to 2017.11 release

2017-11-18 Thread Tom Rini

On Sat, Nov 18, 2017 at 11:19:13AM +0100, Marek Vasut wrote:
> On 11/17/2017 09:59 PM, Tom Rini wrote:
> > On Fri, Nov 17, 2017 at 08:19:07PM +0100, Marek Vasut wrote:
> >> On 11/14/2017 07:32 PM, Otavio Salvador wrote:
> >>> This upgrades the U-Boot from 2017.09 to 2017.11 release.
> >>>
> >>> Signed-off-by: Otavio Salvador 
> >>> ---
> >>>
> >>>  .../u-boot/{u-boot-common_2017.09.inc => u-boot-common_2017.11.inc} 
> >>> | 2 +-
> >>>  .../u-boot/{u-boot-fw-utils_2017.09.bb => u-boot-fw-utils_2017.11.bb}   
> >>> | 0
> >>>  .../u-boot/{u-boot-mkimage_2017.09.bb => u-boot-mkimage_2017.11.bb} 
> >>> | 0
> >>>  meta/recipes-bsp/u-boot/{u-boot_2017.09.bb => u-boot_2017.11.bb}
> >>> | 0
> >>>  4 files changed, 1 insertion(+), 1 deletion(-)
> >>>  rename meta/recipes-bsp/u-boot/{u-boot-common_2017.09.inc => 
> >>> u-boot-common_2017.11.inc} (89%)
> >>>  rename meta/recipes-bsp/u-boot/{u-boot-fw-utils_2017.09.bb => 
> >>> u-boot-fw-utils_2017.11.bb} (100%)
> >>>  rename meta/recipes-bsp/u-boot/{u-boot-mkimage_2017.09.bb => 
> >>> u-boot-mkimage_2017.11.bb} (100%)
> >>>  rename meta/recipes-bsp/u-boot/{u-boot_2017.09.bb => u-boot_2017.11.bb} 
> >>> (100%)
> >>>
> >>> diff --git a/meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc 
> >>> b/meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
> >>> similarity index 89%
> >>> rename from meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc
> >>> rename to meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
> >>> index 02e51242cb..bfdf1a0d8f 100644
> >>> --- a/meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc
> >>> +++ b/meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
> >>> @@ -7,7 +7,7 @@ PE = "1"
> >>>  
> >>>  # We use the revision in order to avoid having to fetch it from the
> >>>  # repo during parse
> >>> -SRCREV = "c98ac3487e413c71e5d36322ef3324b21c6f60f9"
> >>> +SRCREV = "c253573f3e269fd9a24ee6684d87dd91106018a5"
> >>>  
> >>>  SRC_URI = "git://git.denx.de/u-boot.git \
> >>>  file://MPC8315ERDB-enable-DHCP.patch \
> >>
> >> This patch ^ could use a refresh , since it applies with Fuzz now.
> > 
> > Honestly, just enable DISTRO_DEFAULTS for the board and post that
> > upstream instead.
> 
> Or that, but someone would have to test that first and the patch author
> does not respond for some reason.

Adding in Ed..

Yes, it would be good if the MPC8315 got run-time tested more often, but
no, a build test is sufficient I think for changing a few options like
this.

-- 
Tom


signature.asc
Description: PGP signature
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] u-boot: Upgrade to 2017.11 release

2017-11-18 Thread Marek Vasut

On 11/17/2017 09:59 PM, Tom Rini wrote:
> On Fri, Nov 17, 2017 at 08:19:07PM +0100, Marek Vasut wrote:
>> On 11/14/2017 07:32 PM, Otavio Salvador wrote:
>>> This upgrades the U-Boot from 2017.09 to 2017.11 release.
>>>
>>> Signed-off-by: Otavio Salvador 
>>> ---
>>>
>>>  .../u-boot/{u-boot-common_2017.09.inc => u-boot-common_2017.11.inc} | 
>>> 2 +-
>>>  .../u-boot/{u-boot-fw-utils_2017.09.bb => u-boot-fw-utils_2017.11.bb}   | 0
>>>  .../u-boot/{u-boot-mkimage_2017.09.bb => u-boot-mkimage_2017.11.bb} | 0
>>>  meta/recipes-bsp/u-boot/{u-boot_2017.09.bb => u-boot_2017.11.bb}| 0
>>>  4 files changed, 1 insertion(+), 1 deletion(-)
>>>  rename meta/recipes-bsp/u-boot/{u-boot-common_2017.09.inc => 
>>> u-boot-common_2017.11.inc} (89%)
>>>  rename meta/recipes-bsp/u-boot/{u-boot-fw-utils_2017.09.bb => 
>>> u-boot-fw-utils_2017.11.bb} (100%)
>>>  rename meta/recipes-bsp/u-boot/{u-boot-mkimage_2017.09.bb => 
>>> u-boot-mkimage_2017.11.bb} (100%)
>>>  rename meta/recipes-bsp/u-boot/{u-boot_2017.09.bb => u-boot_2017.11.bb} 
>>> (100%)
>>>
>>> diff --git a/meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc 
>>> b/meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
>>> similarity index 89%
>>> rename from meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc
>>> rename to meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
>>> index 02e51242cb..bfdf1a0d8f 100644
>>> --- a/meta/recipes-bsp/u-boot/u-boot-common_2017.09.inc
>>> +++ b/meta/recipes-bsp/u-boot/u-boot-common_2017.11.inc
>>> @@ -7,7 +7,7 @@ PE = "1"
>>>  
>>>  # We use the revision in order to avoid having to fetch it from the
>>>  # repo during parse
>>> -SRCREV = "c98ac3487e413c71e5d36322ef3324b21c6f60f9"
>>> +SRCREV = "c253573f3e269fd9a24ee6684d87dd91106018a5"
>>>  
>>>  SRC_URI = "git://git.denx.de/u-boot.git \
>>>  file://MPC8315ERDB-enable-DHCP.patch \
>>
>> This patch ^ could use a refresh , since it applies with Fuzz now.
> 
> Honestly, just enable DISTRO_DEFAULTS for the board and post that
> upstream instead.

Or that, but someone would have to test that first and the patch author
does not respond for some reason.

-- 
Best regards,
Marek Vasut
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] ✗ patchtest: failure for "[rocko,v2] openssl10: Upgrade ..." and 3 more

2017-11-18 Thread Patchwork

== Series Details ==

Series: "[rocko,v2] openssl10: Upgrade ..." and 3 more
Revision: 1
URL   : https://patchwork.openembedded.org/series/9869/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Issue Series does not apply on top of target branch 
[test_series_merge_on_head] 
  Suggested fixRebase your series on top of targeted branch
  Targeted branch  master (currently at a17f3ec910)

* Patch[rocko,v2,1/4] openssl10: Upgrade 1.0.2l -> 1.0.2m
 Issue Missing or incorrectly formatted CVE tag in included patch 
file [test_cve_tag_format] 
  Suggested fixCorrect or include the CVE tag on cve patch with format: 
"CVE: CVE--"



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Guidelines: 
https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] ✗ patchtest: failure for "[v2] openssl10: Upgrade 1.0.2l..." and 3 more

2017-11-18 Thread Stefan Agner

On 2017-11-18 10:03, Patchwork wrote:
> == Series Details ==
> 
> Series: "[v2] openssl10: Upgrade 1.0.2l..." and 3 more
> Revision: 1
> URL   : https://patchwork.openembedded.org/series/9868/
> State : failure
> 
> == Summary ==
> 
> 
> Thank you for submitting this patch series to OpenEmbedded Core. This is
> an automated response. Several tests have been executed on the proposed
> series by patchtest resulting in the following failures:
> 
> 
> 
> * Patch[v2,1/4] openssl10: Upgrade 1.0.2l -> 1.0.2m
>  Issue Missing or incorrectly formatted CVE tag in
> included patch file [test_cve_tag_format]
>   Suggested fixCorrect or include the CVE tag on cve patch with
> format: "CVE: CVE--"

I did not add any new patches which address CVE, hence I think this is a
false positive/not applicable.

--
Stefan

> 
> 
> 
> If you believe any of these test results are incorrect, please reply to the
> mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
> Otherwise we would appreciate you correcting the issues and submitting a new
> version of the patchset if applicable. Please ensure you add/increment the
> version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
> [PATCH v3] -> ...).
> 
> ---
> Guidelines:
> https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
> Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
> Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] ✗ patchtest: failure for "[v2] openssl10: Upgrade 1.0.2l..." and 3 more

2017-11-18 Thread Patchwork

== Series Details ==

Series: "[v2] openssl10: Upgrade 1.0.2l..." and 3 more
Revision: 1
URL   : https://patchwork.openembedded.org/series/9868/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Patch[v2,1/4] openssl10: Upgrade 1.0.2l -> 1.0.2m
 Issue Missing or incorrectly formatted CVE tag in included patch 
file [test_cve_tag_format] 
  Suggested fixCorrect or include the CVE tag on cve patch with format: 
"CVE: CVE--"



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Guidelines: 
https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [rocko][PATCH v2 1/4] openssl10: Upgrade 1.0.2l -> 1.0.2m

2017-11-18 Thread Stefan Agner

From: Stefan Agner 

Deals with two CVEs:
* bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

Signed-off-by: Stefan Agner 
Acked-by: Otavio Salvador 
---
 .../0001-Fix-build-with-clang-using-external-assembler.patch  | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/Makefiles-ptest.patch  | 0
 .../Use-SHA256-not-MD5-as-default-digest.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/configure-musl-target.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/configure-targets.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/c_rehash-compat.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/debian/ca.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/debian-targets.patch| 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/debian/man-dir.patch   | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/man-section.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/debian/no-rpath.patch  | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/no-symbolic.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/debian/pic.patch   | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/version-script.patch| 0
 .../debian1.0.2/block_digicert_malaysia.patch | 0
 .../debian1.0.2/block_diginotar.patch | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian1.0.2/soname.patch   | 0
 .../debian1.0.2/version-script.patch  | 0
 .../engines-install-in-libdir-ssl.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/find.pl| 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/oe-ldflags.patch   | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/openssl-1.0.2a-x32-asm.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/openssl-c_rehash.sh| 0
 .../openssl-fix-des.pod-error.patch   | 0
 .../openssl-util-perlpath.pl-cwd.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/openssl_fix_for_x32.patch  | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/parallel.patch | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/ptest-deps.patch   | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/ptest_makefile_deps.patch  | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/run-ptest  | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/shared-libs.patch  | 0
 .../openssl/{openssl_1.0.2l.bb => openssl_1.0.2m.bb}  | 4 ++--
 32 files changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/0001-Fix-build-with-clang-using-external-assembler.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/Makefiles-ptest.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/Use-SHA256-not-MD5-as-default-digest.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/configure-musl-target.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/configure-targets.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/c_rehash-compat.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/ca.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/debian-targets.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/man-dir.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/man-section.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/no-rpath.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/no-symbolic.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/pic.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/version-script.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian1.0.2/block_digicert_malaysia.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian1.0.2/block_diginotar.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian1.0.2/soname.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian1.0.2/version-script.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/engines-install-in-libdir-ssl.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l =>

[OE-core] [rocko][PATCH v2 3/4] openssl: Upgrade 1.1.0f -> 1.1.0g

2017-11-18 Thread Stefan Agner

From: Stefan Agner 

Deals with two CVEs:
* bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

Signed-off-by: Stefan Agner 
Acked-by: Otavio Salvador 
---
 .../openssl/{openssl_1.1.0f.bb => openssl_1.1.0g.bb}  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_1.1.0f.bb => 
openssl_1.1.0g.bb} (96%)

diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0f.bb 
b/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
similarity index 96%
rename from meta/recipes-connectivity/openssl/openssl_1.1.0f.bb
rename to meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
index 711a95985a..5f3e9a9dfa 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.0f.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
@@ -10,8 +10,8 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;md5=cae6da10f4ffd9703214776d2aabce32"
 
 BBCLASSEXTEND = "native nativesdk"
 
-SRC_URI[md5sum] = "7b521dea79ab159e8ec879d269fa"
-SRC_URI[sha256sum] = 
"12f746f3f2493b2f39da7ecf63d7ee19c6ac9ec6a4fcd8c229da8a522cb12765"
+SRC_URI[md5sum] = "ba5f1b8b835b88cadbce9b35ed9531a6"
+SRC_URI[sha256sum] = 
"de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af"
 
 SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://run-ptest \
-- 
2.13.6

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [rocko][PATCH v2 4/4] openssl: fix runtime errors with Thumb2 when using binutils 2.29

2017-11-18 Thread Stefan Agner

From: Stefan Agner 

When compiling OpenSSL with binutils 2.29 for ARM with Thumb2 enabled
crashes and unexpected behavior occurs. E.g. connecting to a OpenSSH
server using the affected binary fails with:
  ssh_dispatch_run_fatal: Connection to 192.168.10.171 port 22: incorrect 
signature

Backport upstream bugfix:
https://github.com/openssl/openssl/issues/4659

Signed-off-by: Stefan Agner 
Acked-by: Otavio Salvador 
---
 ...-armv4-bsaes-armv7-.pl-make-it-work-with-.patch | 88 ++
 .../recipes-connectivity/openssl/openssl_1.1.0g.bb |  1 +
 2 files changed, 89 insertions(+)
 create mode 100644 
meta/recipes-connectivity/openssl/openssl/0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch

diff --git 
a/meta/recipes-connectivity/openssl/openssl/0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch
 
b/meta/recipes-connectivity/openssl/openssl/0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch
new file mode 100644
index 00..bb0a1689ed
--- /dev/null
+++ 
b/meta/recipes-connectivity/openssl/openssl/0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch
@@ -0,0 +1,88 @@
+From bcc096a50811bf0f0c4fd34b2993fed7a7015972 Mon Sep 17 00:00:00 2001
+From: Andy Polyakov 
+Date: Fri, 3 Nov 2017 23:30:01 +0100
+Subject: [PATCH] aes/asm/{aes-armv4|bsaes-armv7}.pl: make it work with
+ binutils-2.29.
+
+It's not clear if it's a feature or bug, but binutils-2.29[.1]
+interprets 'adr' instruction with Thumb2 code reference differently,
+in a way that affects calculation of addresses of constants' tables.
+
+Upstream-Status: Backport
+
+Reviewed-by: Tim Hudson 
+Reviewed-by: Bernd Edlinger 
+Signed-off-by: Stefan Agner 
+(Merged from https://github.com/openssl/openssl/pull/4669)
+
+(cherry picked from commit b82acc3c1a7f304c9df31841753a0fa76b5b3cda)
+---
+ crypto/aes/asm/aes-armv4.pl   | 6 +++---
+ crypto/aes/asm/bsaes-armv7.pl | 6 +++---
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/crypto/aes/asm/aes-armv4.pl b/crypto/aes/asm/aes-armv4.pl
+index 16d79aae53..c6474b8aad 100644
+--- a/crypto/aes/asm/aes-armv4.pl
 b/crypto/aes/asm/aes-armv4.pl
+@@ -200,7 +200,7 @@ AES_encrypt:
+ #ifndef   __thumb2__
+   sub r3,pc,#8@ AES_encrypt
+ #else
+-  adr r3,AES_encrypt
++  adr r3,.
+ #endif
+   stmdb   sp!,{r1,r4-r12,lr}
+ #ifdef__APPLE__
+@@ -450,7 +450,7 @@ _armv4_AES_set_encrypt_key:
+ #ifndef   __thumb2__
+   sub r3,pc,#8@ AES_set_encrypt_key
+ #else
+-  adr r3,AES_set_encrypt_key
++  adr r3,.
+ #endif
+   teq r0,#0
+ #ifdef__thumb2__
+@@ -976,7 +976,7 @@ AES_decrypt:
+ #ifndef   __thumb2__
+   sub r3,pc,#8@ AES_decrypt
+ #else
+-  adr r3,AES_decrypt
++  adr r3,.
+ #endif
+   stmdb   sp!,{r1,r4-r12,lr}
+ #ifdef__APPLE__
+diff --git a/crypto/aes/asm/bsaes-armv7.pl b/crypto/aes/asm/bsaes-armv7.pl
+index 9f288660ef..a27bb4a179 100644
+--- a/crypto/aes/asm/bsaes-armv7.pl
 b/crypto/aes/asm/bsaes-armv7.pl
+@@ -744,7 +744,7 @@ $code.=<<___;
+ .type _bsaes_decrypt8,%function
+ .align4
+ _bsaes_decrypt8:
+-  adr $const,_bsaes_decrypt8
++  adr $const,.
+   vldmia  $key!, {@XMM[9]}@ round 0 key
+ #ifdef__APPLE__
+   adr $const,.LM0ISR
+@@ -843,7 +843,7 @@ _bsaes_const:
+ .type _bsaes_encrypt8,%function
+ .align4
+ _bsaes_encrypt8:
+-  adr $const,_bsaes_encrypt8
++  adr $const,.
+   vldmia  $key!, {@XMM[9]}@ round 0 key
+ #ifdef__APPLE__
+   adr $const,.LM0SR
+@@ -951,7 +951,7 @@ $code.=<<___;
+ .type _bsaes_key_convert,%function
+ .align4
+ _bsaes_key_convert:
+-  adr $const,_bsaes_key_convert
++  adr $const,.
+   vld1.8  {@XMM[7]},  [$inp]! @ load round 0 key
+ #ifdef__APPLE__
+   adr $const,.LM0
+-- 
+2.15.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb 
b/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
index 5f3e9a9dfa..1649bffaa1 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
@@ -18,6 +18,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz 
\
file://openssl-c_rehash.sh \
file://0001-Take-linking-flags-from-LDFLAGS-env-var.patch \
file://0001-Remove-test-that-requires-running-as-non-root.patch \
+   
file://0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch \
   "
 
 S = "${WORKDIR}/openssl-${PV}"
-- 
2.13.6

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org

[OE-core] [rocko][PATCH v2 2/4] openssl10: fix runtime errors with Thumb2 when using binutils 2.29

2017-11-18 Thread Stefan Agner

From: Stefan Agner 

When compiling OpenSSL with binutils 2.29 for ARM with Thumb2 enabled
crashes and unexpected behavior occurs. E.g. connecting to a OpenSSH
server using the affected binary fails with:
  ssh_dispatch_run_fatal: Connection to 192.168.10.171 port 22: incorrect 
signature

Backport upstream bugfix:
https://github.com/openssl/openssl/issues/4659

Signed-off-by: Stefan Agner 
Acked-by: Otavio Salvador 
---
 ...saes-armv7-sha256-armv4-.pl-make-it-work-.patch | 100 +
 .../recipes-connectivity/openssl/openssl_1.0.2m.bb |   1 +
 2 files changed, 101 insertions(+)
 create mode 100644 
meta/recipes-connectivity/openssl/openssl-1.0.2m/0001-aes-armv4-bsaes-armv7-sha256-armv4-.pl-make-it-work-.patch

diff --git 
a/meta/recipes-connectivity/openssl/openssl-1.0.2m/0001-aes-armv4-bsaes-armv7-sha256-armv4-.pl-make-it-work-.patch
 
b/meta/recipes-connectivity/openssl/openssl-1.0.2m/0001-aes-armv4-bsaes-armv7-sha256-armv4-.pl-make-it-work-.patch
new file mode 100644
index 00..2ce0320c49
--- /dev/null
+++ 
b/meta/recipes-connectivity/openssl/openssl-1.0.2m/0001-aes-armv4-bsaes-armv7-sha256-armv4-.pl-make-it-work-.patch
@@ -0,0 +1,100 @@
+From d1d6c69b6fd25e71dbae67fad17b2c7737f6b2dc Mon Sep 17 00:00:00 2001
+From: Andy Polyakov 
+Date: Sun, 5 Nov 2017 17:08:16 +0100
+Subject: [PATCH] {aes-armv4|bsaes-armv7|sha256-armv4}.pl: make it work with
+ binutils-2.29
+
+It's not clear if it's a feature or bug, but binutils-2.29[.1]
+interprets 'adr' instruction with Thumb2 code reference differently,
+in a way that affects calculation of addresses of constants' tables.
+
+Upstream-Status: Backport
+
+Reviewed-by: Bernd Edlinger 
+Reviewed-by: Kurt Roeckx 
+Signed-off-by: Stefan Agner 
+(Merged from https://github.com/openssl/openssl/pull/4673)
+---
+ crypto/aes/asm/aes-armv4.pl| 6 +++---
+ crypto/aes/asm/bsaes-armv7.pl  | 6 +++---
+ crypto/sha/asm/sha256-armv4.pl | 2 +-
+ 3 files changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/crypto/aes/asm/aes-armv4.pl b/crypto/aes/asm/aes-armv4.pl
+index 4f8917089f..c1b5e352d7 100644
+--- a/crypto/aes/asm/aes-armv4.pl
 b/crypto/aes/asm/aes-armv4.pl
+@@ -184,7 +184,7 @@ AES_encrypt:
+ #if __ARM_ARCH__<7
+   sub r3,pc,#8@ AES_encrypt
+ #else
+-  adr r3,AES_encrypt
++  adr r3,.
+ #endif
+   stmdb   sp!,{r1,r4-r12,lr}
+   mov $rounds,r0  @ inp
+@@ -430,7 +430,7 @@ _armv4_AES_set_encrypt_key:
+ #if __ARM_ARCH__<7
+   sub r3,pc,#8@ AES_set_encrypt_key
+ #else
+-  adr r3,private_AES_set_encrypt_key
++  adr r3,.
+ #endif
+   teq r0,#0
+ #if __ARM_ARCH__>=7
+@@ -952,7 +952,7 @@ AES_decrypt:
+ #if __ARM_ARCH__<7
+   sub r3,pc,#8@ AES_decrypt
+ #else
+-  adr r3,AES_decrypt
++  adr r3,.
+ #endif
+   stmdb   sp!,{r1,r4-r12,lr}
+   mov $rounds,r0  @ inp
+diff --git a/crypto/aes/asm/bsaes-armv7.pl b/crypto/aes/asm/bsaes-armv7.pl
+index 70b3f9656f..ec66b0502a 100644
+--- a/crypto/aes/asm/bsaes-armv7.pl
 b/crypto/aes/asm/bsaes-armv7.pl
+@@ -724,7 +724,7 @@ $code.=<<___;
+ .type _bsaes_decrypt8,%function
+ .align4
+ _bsaes_decrypt8:
+-  adr $const,_bsaes_decrypt8
++  adr $const,.
+   vldmia  $key!, {@XMM[9]}@ round 0 key
+   add $const,$const,#.LM0ISR-_bsaes_decrypt8
+ 
+@@ -819,7 +819,7 @@ _bsaes_const:
+ .type _bsaes_encrypt8,%function
+ .align4
+ _bsaes_encrypt8:
+-  adr $const,_bsaes_encrypt8
++  adr $const,.
+   vldmia  $key!, {@XMM[9]}@ round 0 key
+   sub $const,$const,#_bsaes_encrypt8-.LM0SR
+ 
+@@ -923,7 +923,7 @@ $code.=<<___;
+ .type _bsaes_key_convert,%function
+ .align4
+ _bsaes_key_convert:
+-  adr $const,_bsaes_key_convert
++  adr $const,.
+   vld1.8  {@XMM[7]},  [$inp]! @ load round 0 key
+   sub $const,$const,#_bsaes_key_convert-.LM0
+   vld1.8  {@XMM[15]}, [$inp]! @ load round 1 key
+diff --git a/crypto/sha/asm/sha256-armv4.pl b/crypto/sha/asm/sha256-armv4.pl
+index 4fee74d832..750216eb42 100644
+--- a/crypto/sha/asm/sha256-armv4.pl
 b/crypto/sha/asm/sha256-armv4.pl
+@@ -205,7 +205,7 @@ sha256_block_data_order:
+ #if __ARM_ARCH__<7
+   sub r3,pc,#8@ sha256_block_data_order
+ #else
+-  adr r3,sha256_block_data_order
++  adr r3,.
+ #endif
+ #if __ARM_MAX_ARCH__>=7 && !defined(__KERNEL__)
+   ldr r12,.LOPENSSL_armcap
+-- 
+2.15.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2m.bb 
b/meta/recipes-connectivity/openssl/openssl_1.0.2m.bb
index b28420b075..72862fedda 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2m.bb
+++

[OE-core] [PATCH v2 3/4] openssl: Upgrade 1.1.0f -> 1.1.0g

2017-11-18 Thread Stefan Agner

From: Stefan Agner 

Deals with two CVEs:
* bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

Signed-off-by: Stefan Agner 
Acked-by: Otavio Salvador 
---
 .../openssl/{openssl_1.1.0f.bb => openssl_1.1.0g.bb}  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_1.1.0f.bb => 
openssl_1.1.0g.bb} (96%)

diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0f.bb 
b/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
similarity index 96%
rename from meta/recipes-connectivity/openssl/openssl_1.1.0f.bb
rename to meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
index 4517f8734a..c85a1d27a2 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.0f.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
@@ -10,8 +10,8 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;md5=cae6da10f4ffd9703214776d2aabce32"
 
 BBCLASSEXTEND = "native nativesdk"
 
-SRC_URI[md5sum] = "7b521dea79ab159e8ec879d269fa"
-SRC_URI[sha256sum] = 
"12f746f3f2493b2f39da7ecf63d7ee19c6ac9ec6a4fcd8c229da8a522cb12765"
+SRC_URI[md5sum] = "ba5f1b8b835b88cadbce9b35ed9531a6"
+SRC_URI[sha256sum] = 
"de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af"
 
 SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://run-ptest \
-- 
2.13.6

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2 1/4] openssl10: Upgrade 1.0.2l -> 1.0.2m

2017-11-18 Thread Stefan Agner

From: Stefan Agner 

Deals with two CVEs:
* bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

Signed-off-by: Stefan Agner 
Acked-by: Otavio Salvador 
---
 .../0001-Fix-build-with-clang-using-external-assembler.patch  | 0
 .../0001-openssl-force-soft-link-to-avoid-rare-race.patch | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/Makefiles-ptest.patch  | 0
 .../Use-SHA256-not-MD5-as-default-digest.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/configure-musl-target.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/configure-targets.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/c_rehash-compat.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/debian/ca.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/debian-targets.patch| 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/debian/man-dir.patch   | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/man-section.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/debian/no-rpath.patch  | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/no-symbolic.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/debian/pic.patch   | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian/version-script.patch| 0
 .../debian1.0.2/block_digicert_malaysia.patch | 0
 .../debian1.0.2/block_diginotar.patch | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/debian1.0.2/soname.patch   | 0
 .../debian1.0.2/version-script.patch  | 0
 .../engines-install-in-libdir-ssl.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/find.pl| 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/oe-ldflags.patch   | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/openssl-1.0.2a-x32-asm.patch   | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/openssl-c_rehash.sh| 0
 .../openssl-fix-des.pod-error.patch   | 0
 .../openssl-util-perlpath.pl-cwd.patch| 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/openssl_fix_for_x32.patch  | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/parallel.patch | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/ptest-deps.patch   | 0
 .../{openssl-1.0.2l => openssl-1.0.2m}/ptest_makefile_deps.patch  | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/run-ptest  | 0
 .../openssl/{openssl-1.0.2l => openssl-1.0.2m}/shared-libs.patch  | 0
 .../openssl/{openssl_1.0.2l.bb => openssl_1.0.2m.bb}  | 4 ++--
 33 files changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/0001-Fix-build-with-clang-using-external-assembler.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/0001-openssl-force-soft-link-to-avoid-rare-race.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/Makefiles-ptest.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/Use-SHA256-not-MD5-as-default-digest.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/configure-musl-target.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/configure-targets.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/c_rehash-compat.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/ca.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/debian-targets.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/man-dir.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/man-section.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/no-rpath.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/no-symbolic.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/pic.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian/version-script.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian1.0.2/block_digicert_malaysia.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian1.0.2/block_diginotar.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l => 
openssl-1.0.2m}/debian1.0.2/soname.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.2l =>

[OE-core] [PATCH v2 4/4] openssl: fix runtime errors with Thumb2 when using binutils 2.29

2017-11-18 Thread Stefan Agner

From: Stefan Agner 

When compiling OpenSSL with binutils 2.29 for ARM with Thumb2 enabled
crashes and unexpected behavior occurs. E.g. connecting to a OpenSSH
server using the affected binary fails with:
  ssh_dispatch_run_fatal: Connection to 192.168.10.171 port 22: incorrect 
signature

Backport upstream bugfix:
https://github.com/openssl/openssl/issues/4659

Signed-off-by: Stefan Agner 
Acked-by: Otavio Salvador 
---
 ...-armv4-bsaes-armv7-.pl-make-it-work-with-.patch | 88 ++
 .../recipes-connectivity/openssl/openssl_1.1.0g.bb |  1 +
 2 files changed, 89 insertions(+)
 create mode 100644 
meta/recipes-connectivity/openssl/openssl/0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch

diff --git 
a/meta/recipes-connectivity/openssl/openssl/0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch
 
b/meta/recipes-connectivity/openssl/openssl/0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch
new file mode 100644
index 00..bb0a1689ed
--- /dev/null
+++ 
b/meta/recipes-connectivity/openssl/openssl/0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch
@@ -0,0 +1,88 @@
+From bcc096a50811bf0f0c4fd34b2993fed7a7015972 Mon Sep 17 00:00:00 2001
+From: Andy Polyakov 
+Date: Fri, 3 Nov 2017 23:30:01 +0100
+Subject: [PATCH] aes/asm/{aes-armv4|bsaes-armv7}.pl: make it work with
+ binutils-2.29.
+
+It's not clear if it's a feature or bug, but binutils-2.29[.1]
+interprets 'adr' instruction with Thumb2 code reference differently,
+in a way that affects calculation of addresses of constants' tables.
+
+Upstream-Status: Backport
+
+Reviewed-by: Tim Hudson 
+Reviewed-by: Bernd Edlinger 
+Signed-off-by: Stefan Agner 
+(Merged from https://github.com/openssl/openssl/pull/4669)
+
+(cherry picked from commit b82acc3c1a7f304c9df31841753a0fa76b5b3cda)
+---
+ crypto/aes/asm/aes-armv4.pl   | 6 +++---
+ crypto/aes/asm/bsaes-armv7.pl | 6 +++---
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/crypto/aes/asm/aes-armv4.pl b/crypto/aes/asm/aes-armv4.pl
+index 16d79aae53..c6474b8aad 100644
+--- a/crypto/aes/asm/aes-armv4.pl
 b/crypto/aes/asm/aes-armv4.pl
+@@ -200,7 +200,7 @@ AES_encrypt:
+ #ifndef   __thumb2__
+   sub r3,pc,#8@ AES_encrypt
+ #else
+-  adr r3,AES_encrypt
++  adr r3,.
+ #endif
+   stmdb   sp!,{r1,r4-r12,lr}
+ #ifdef__APPLE__
+@@ -450,7 +450,7 @@ _armv4_AES_set_encrypt_key:
+ #ifndef   __thumb2__
+   sub r3,pc,#8@ AES_set_encrypt_key
+ #else
+-  adr r3,AES_set_encrypt_key
++  adr r3,.
+ #endif
+   teq r0,#0
+ #ifdef__thumb2__
+@@ -976,7 +976,7 @@ AES_decrypt:
+ #ifndef   __thumb2__
+   sub r3,pc,#8@ AES_decrypt
+ #else
+-  adr r3,AES_decrypt
++  adr r3,.
+ #endif
+   stmdb   sp!,{r1,r4-r12,lr}
+ #ifdef__APPLE__
+diff --git a/crypto/aes/asm/bsaes-armv7.pl b/crypto/aes/asm/bsaes-armv7.pl
+index 9f288660ef..a27bb4a179 100644
+--- a/crypto/aes/asm/bsaes-armv7.pl
 b/crypto/aes/asm/bsaes-armv7.pl
+@@ -744,7 +744,7 @@ $code.=<<___;
+ .type _bsaes_decrypt8,%function
+ .align4
+ _bsaes_decrypt8:
+-  adr $const,_bsaes_decrypt8
++  adr $const,.
+   vldmia  $key!, {@XMM[9]}@ round 0 key
+ #ifdef__APPLE__
+   adr $const,.LM0ISR
+@@ -843,7 +843,7 @@ _bsaes_const:
+ .type _bsaes_encrypt8,%function
+ .align4
+ _bsaes_encrypt8:
+-  adr $const,_bsaes_encrypt8
++  adr $const,.
+   vldmia  $key!, {@XMM[9]}@ round 0 key
+ #ifdef__APPLE__
+   adr $const,.LM0SR
+@@ -951,7 +951,7 @@ $code.=<<___;
+ .type _bsaes_key_convert,%function
+ .align4
+ _bsaes_key_convert:
+-  adr $const,_bsaes_key_convert
++  adr $const,.
+   vld1.8  {@XMM[7]},  [$inp]! @ load round 0 key
+ #ifdef__APPLE__
+   adr $const,.LM0
+-- 
+2.15.0
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb 
b/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
index c85a1d27a2..53f397a3e0 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.0g.bb
@@ -18,6 +18,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz 
\
file://openssl-c_rehash.sh \
file://0001-Take-linking-flags-from-LDFLAGS-env-var.patch \
file://0001-Remove-test-that-requires-running-as-non-root.patch \
+   
file://0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch \
   "
 
 S = "${WORKDIR}/openssl-${PV}"
-- 
2.13.6

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org

[OE-core] [PATCH v2] libepoxy: Fix build break for EGL_CAST dependency

Re: [OE-core] [PATCH] u-boot: Upgrade to 2017.11 release

Re: [OE-core] [PATCH] u-boot: Upgrade to 2017.11 release

Re: [OE-core] [PATCH] u-boot: Upgrade to 2017.11 release

[OE-core] ✗ patchtest: failure for "[rocko,v2] openssl10: Upgrade ..." and 3 more

Re: [OE-core] ✗ patchtest: failure for "[v2] openssl10: Upgrade 1.0.2l..." and 3 more

[OE-core] ✗ patchtest: failure for "[v2] openssl10: Upgrade 1.0.2l..." and 3 more

[OE-core] [rocko][PATCH v2 1/4] openssl10: Upgrade 1.0.2l -> 1.0.2m

[OE-core] [rocko][PATCH v2 3/4] openssl: Upgrade 1.1.0f -> 1.1.0g

[OE-core] [rocko][PATCH v2 4/4] openssl: fix runtime errors with Thumb2 when using binutils 2.29

[OE-core] [rocko][PATCH v2 2/4] openssl10: fix runtime errors with Thumb2 when using binutils 2.29

[OE-core] [PATCH v2 3/4] openssl: Upgrade 1.1.0f -> 1.1.0g

[OE-core] [PATCH v2 1/4] openssl10: Upgrade 1.0.2l -> 1.0.2m

[OE-core] [PATCH v2 4/4] openssl: fix runtime errors with Thumb2 when using binutils 2.29

14 matches

Site Navigation

Mail list logo

Footer information