Re: [OE-core] [PATCH] gcc: backport a fix for ICE caused by CVE-2023-4039.patch
Hi Richard and Martin, In my knowledge CVE-2023-4039 is fixed and merged in master branch for gcc package. But still if we generate report, this CVE gets reported as "unpatched". >From my analysis it looks like that due to following suspected reason CVE is >not parsed properly * gcc package is not extracted in tmp/work/ directory * There is no do_patch task in recipe of gcc Please review the case and provide your insights, If anyone has any suggestion/comment on this please share. Thanks, Sanjay Chitroda From: openembedded-core@lists.openembedded.org on behalf of Martin Jansa via lists.openembedded.org Sent: 16 September 2023 02:12 To: openembedded-core@lists.openembedded.org Cc: Martin Jansa Subject: [External] [OE-core] [PATCH] gcc: backport a fix for ICE caused by CVE-2023-4039.patch CAUTION: This email originated from outside of the organization. This message might not be safe, use caution in opening it. If in doubt, do not open the attachment nor links in the message. * see: https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgcc.gnu.org%2Fbugzilla%2Fshow_bug.cgi%3Fid%3D111418=05%7C01%7CSANJAY.CHITRODA%40einfochips.com%7C616af282b3e44ef008dbb62c578e%7C0beb0c359cbb4feb99e5589e415c7944%7C1%7C0%7C638304073791206852%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=Kvptq0Ny6rYD0mPMROruN60EITxp1TLIzozJyAsP76w%3D=0<https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111418> https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgcc.gnu.org%2Fbugzilla%2Fshow_bug.cgi%3Fid%3D111411=05%7C01%7CSANJAY.CHITRODA%40einfochips.com%7C616af282b3e44ef008dbb62c578e%7C0beb0c359cbb4feb99e5589e415c7944%7C1%7C0%7C638304073791206852%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=gL1a4%2BXpuVnne4yARpkbSOrGpdlsC2RkEowbd6YqX4Q%3D=0<https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111411> * add git headers to 0025-gcc-testsuite-mips.patch so that it does easily apply with other patches with git am Signed-off-by: Martin Jansa --- meta/recipes-devtools/gcc/gcc-13.2.inc| 3 +- ...25-gcc-testsuite-tweaks-for-mips-OE.patch} | 148 +- ...ch64-Fix-loose-ldpstp-check-PR111411.patch | 117 ++ 3 files changed, 197 insertions(+), 71 deletions(-) rename meta/recipes-devtools/gcc/gcc/{0025-gcc-testsuite-mips.patch => 0025-gcc-testsuite-tweaks-for-mips-OE.patch} (76%) create mode 100644 meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch diff --git a/meta/recipes-devtools/gcc/gcc-13.2.inc b/meta/recipes-devtools/gcc/gcc-13.2.inc index 0922251e18..d96f3171e4 100644 --- a/meta/recipes-devtools/gcc/gcc-13.2.inc +++ b/meta/recipes-devtools/gcc/gcc-13.2.inc @@ -64,8 +64,9 @@ SRC_URI = "${BASEURI} \ file://0022-libatomic-Do-not-enforce-march-on-aarch64.patch \ file://0023-Fix-install-path-of-linux64.h.patch \ file://0024-Avoid-hardcoded-build-paths-into-ppc-libgcc.patch \ - file://0025-gcc-testsuite-mips.patch \ + file://0025-gcc-testsuite-tweaks-for-mips-OE.patch \ file://CVE-2023-4039.patch \ + file://0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch \ " SRC_URI[sha256sum] = "e275e76442a6067341a27f04c5c6b83d8613144004c0413528863dc6b5c743da" diff --git a/meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-mips.patch b/meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-tweaks-for-mips-OE.patch similarity index 76% rename from meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-mips.patch rename to meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-tweaks-for-mips-OE.patch index 49eaece923..c405d8d484 100644 --- a/meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-mips.patch +++ b/meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-tweaks-for-mips-OE.patch @@ -1,4 +1,7 @@ -gcc testsuite tweaks for mips/OE +From f12acc6a383546d48da3bdfb2f25ca2adb7976d7 Mon Sep 17 00:00:00 2001 +From: Richard Purdie +Date: Sun, 13 Aug 2023 10:24:05 +0100 +Subject: [PATCH] gcc testsuite tweaks for mips/OE Disable loongson-mmi runtine, qemu doesn't appear to fully support them even if some of the instruction decoding is there. @@ -27,12 +30,70 @@ Upstream-Status: Pending discussion. Need to investigate why qemu-user passes the 'bad' instructions'] Signed-off-by: Richard Purdie +--- + gcc/testsuite/gcc.target/mips/mips.exp | 16 + + gcc/testsuite/lib/gcc-dg.exp | 11 +++ + gcc/testsuite/lib/target-supports.exp | 45 -- + 3 files changed, 41 insertions(+), 31 deletions(-) -Index: gcc-13.2.0/gcc/testsuite/lib/target-supports.exp -=== gcc-13.2.0.orig/gcc/testsuite/lib/target-supports.exp -+++ gcc-13.2.0/gcc/testsuite/l
[OE-core] [PATCH] gcc: backport a fix for ICE caused by CVE-2023-4039.patch
* see: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111418 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111411 * add git headers to 0025-gcc-testsuite-mips.patch so that it does easily apply with other patches with git am Signed-off-by: Martin Jansa --- meta/recipes-devtools/gcc/gcc-13.2.inc| 3 +- ...25-gcc-testsuite-tweaks-for-mips-OE.patch} | 148 +- ...ch64-Fix-loose-ldpstp-check-PR111411.patch | 117 ++ 3 files changed, 197 insertions(+), 71 deletions(-) rename meta/recipes-devtools/gcc/gcc/{0025-gcc-testsuite-mips.patch => 0025-gcc-testsuite-tweaks-for-mips-OE.patch} (76%) create mode 100644 meta/recipes-devtools/gcc/gcc/0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch diff --git a/meta/recipes-devtools/gcc/gcc-13.2.inc b/meta/recipes-devtools/gcc/gcc-13.2.inc index 0922251e18..d96f3171e4 100644 --- a/meta/recipes-devtools/gcc/gcc-13.2.inc +++ b/meta/recipes-devtools/gcc/gcc-13.2.inc @@ -64,8 +64,9 @@ SRC_URI = "${BASEURI} \ file://0022-libatomic-Do-not-enforce-march-on-aarch64.patch \ file://0023-Fix-install-path-of-linux64.h.patch \ file://0024-Avoid-hardcoded-build-paths-into-ppc-libgcc.patch \ - file://0025-gcc-testsuite-mips.patch \ + file://0025-gcc-testsuite-tweaks-for-mips-OE.patch \ file://CVE-2023-4039.patch \ + file://0026-aarch64-Fix-loose-ldpstp-check-PR111411.patch \ " SRC_URI[sha256sum] = "e275e76442a6067341a27f04c5c6b83d8613144004c0413528863dc6b5c743da" diff --git a/meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-mips.patch b/meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-tweaks-for-mips-OE.patch similarity index 76% rename from meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-mips.patch rename to meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-tweaks-for-mips-OE.patch index 49eaece923..c405d8d484 100644 --- a/meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-mips.patch +++ b/meta/recipes-devtools/gcc/gcc/0025-gcc-testsuite-tweaks-for-mips-OE.patch @@ -1,4 +1,7 @@ -gcc testsuite tweaks for mips/OE +From f12acc6a383546d48da3bdfb2f25ca2adb7976d7 Mon Sep 17 00:00:00 2001 +From: Richard Purdie +Date: Sun, 13 Aug 2023 10:24:05 +0100 +Subject: [PATCH] gcc testsuite tweaks for mips/OE Disable loongson-mmi runtine, qemu doesn't appear to fully support them even if some of the instruction decoding is there. @@ -27,12 +30,70 @@ Upstream-Status: Pending discussion. Need to investigate why qemu-user passes the 'bad' instructions'] Signed-off-by: Richard Purdie +--- + gcc/testsuite/gcc.target/mips/mips.exp | 16 + + gcc/testsuite/lib/gcc-dg.exp | 11 +++ + gcc/testsuite/lib/target-supports.exp | 45 -- + 3 files changed, 41 insertions(+), 31 deletions(-) -Index: gcc-13.2.0/gcc/testsuite/lib/target-supports.exp -=== gcc-13.2.0.orig/gcc/testsuite/lib/target-supports.exp -+++ gcc-13.2.0/gcc/testsuite/lib/target-supports.exp -@@ -2155,14 +2155,7 @@ proc check_mips_loongson_mmi_hw_availabl +diff --git a/gcc/testsuite/gcc.target/mips/mips.exp b/gcc/testsuite/gcc.target/mips/mips.exp +index 15d574202d3..2cef9709774 100644 +--- a/gcc/testsuite/gcc.target/mips/mips.exp b/gcc/testsuite/gcc.target/mips/mips.exp +@@ -709,7 +709,23 @@ proc mips_first_unsupported_option { upstatus } { + global mips_option_tests + upvar $upstatus status + ++if { [mips_have_test_option_p status "-mmsa"] } { ++verbose -log "Found -mmsa" ++ if { ![check_mips_msa_hw_available] } { ++ verbose -log "No MSA avail" ++ return "-mmsa" ++ } ++} ++if { [mips_have_test_option_p status "-mloongson-mmi"] } { ++verbose -log "Found -mloonson-mmi" ++if { ![check_mips_loongson_mmi_hw_available] } { ++ verbose -log "No MMI avail" ++ return "-mloonson-mmi" ++ } ++} ++ + foreach { option code } [array get mips_option_tests] { ++ + if { [mips_have_test_option_p status $option] } { + regsub -all "\n" $code "\\n\\\n" asm + # Use check_runtime from target-supports.exp, which caches +diff --git a/gcc/testsuite/lib/gcc-dg.exp b/gcc/testsuite/lib/gcc-dg.exp +index 9d79b9402e9..e0e5cbb1af8 100644 +--- a/gcc/testsuite/lib/gcc-dg.exp b/gcc/testsuite/lib/gcc-dg.exp +@@ -240,9 +240,20 @@ proc schedule-cleanups { opts } { + + proc gcc-dg-test-1 { target_compile prog do_what extra_tool_flags } { + # Set up the compiler flags, based on what we're going to do. ++global do-what-limit + + set options [list] + ++if [info exists do-what-limit] then { ++# Demote run tests to $do-what-limit if set ++ switch $do_what { ++ run { ++ set do_what $do-what-limit ++ set dg-do-what $do-what-limit ++ } ++} ++} ++ + switch $do_what { + "preprocess" { + set compile_type