From 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf Mon Sep 17 00:00:00 2001 From: takeshi_hoshina Date: Mon, 2 Nov 2020 11:07:33 +0900 Subject: basesystem-jj recipes --- .../recipes-core/glibc/glibc/CVE-2019-7309.patch | 207 --------------------- 1 file changed, 207 deletions(-) delete mode 100644 external/poky/meta/recipes-core/glibc/glibc/CVE-2019-7309.patch (limited to 'external/poky/meta/recipes-core/glibc/glibc/CVE-2019-7309.patch') diff --git a/external/poky/meta/recipes-core/glibc/glibc/CVE-2019-7309.patch b/external/poky/meta/recipes-core/glibc/glibc/CVE-2019-7309.patch deleted file mode 100644 index 04963c29..00000000 --- a/external/poky/meta/recipes-core/glibc/glibc/CVE-2019-7309.patch +++ /dev/null @@ -1,207 +0,0 @@ -From af7f46c45a60e6df754fb6258b546917e61ae6f1 Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" -Date: Mon, 4 Feb 2019 08:55:52 -0800 -Subject: [PATCH] x86-64 memcmp: Use unsigned Jcc instructions on size [BZ - #24155] -Reply-To: muislam@microsoft.com - -Since the size argument is unsigned. we should use unsigned Jcc -instructions, instead of signed, to check size. - -Tested on x86-64 and x32, with and without --disable-multi-arch. - - [BZ #24155] - CVE-2019-7309 - * NEWS: Updated for CVE-2019-7309. - * sysdeps/x86_64/memcmp.S: Use RDX_LP for size. Clear the - upper 32 bits of RDX register for x32. Use unsigned Jcc - instructions, instead of signed. - * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-memcmp-2. - * sysdeps/x86_64/x32/tst-size_t-memcmp-2.c: New test. - -(cherry picked from commit 3f635fb43389b54f682fc9ed2acc0b2aaf4a923d) - -Signed-off-by: Muminul Islam - -CVE: CVE-2019-7309 - -Upstream-Status: Backport ---- - sysdeps/x86_64/memcmp.S | 20 +++--- - sysdeps/x86_64/x32/Makefile | 2 +- - sysdeps/x86_64/x32/tst-size_t-memcmp-2.c | 79 ++++++++++++++++++++++++ - 3 files changed, 92 insertions(+), 9 deletions(-) - create mode 100644 sysdeps/x86_64/x32/tst-size_t-memcmp-2.c - -diff --git a/sysdeps/x86_64/memcmp.S b/sysdeps/x86_64/memcmp.S -index bcb4a2e88d..45918d375a 100644 ---- a/sysdeps/x86_64/memcmp.S -+++ b/sysdeps/x86_64/memcmp.S -@@ -21,14 +21,18 @@ - - .text - ENTRY (memcmp) -- test %rdx, %rdx -+#ifdef __ILP32__ -+ /* Clear the upper 32 bits. */ -+ movl %edx, %edx -+#endif -+ test %RDX_LP, %RDX_LP - jz L(finz) - cmpq $1, %rdx -- jle L(finr1b) -+ jbe L(finr1b) - subq %rdi, %rsi - movq %rdx, %r10 - cmpq $32, %r10 -- jge L(gt32) -+ jae L(gt32) - /* Handle small chunks and last block of less than 32 bytes. */ - L(small): - testq $1, %r10 -@@ -156,7 +160,7 @@ L(A32): - movq %r11, %r10 - andq $-32, %r10 - cmpq %r10, %rdi -- jge L(mt16) -+ jae L(mt16) - /* Pre-unroll to be ready for unrolled 64B loop. */ - testq $32, %rdi - jz L(A64) -@@ -178,7 +182,7 @@ L(A64): - movq %r11, %r10 - andq $-64, %r10 - cmpq %r10, %rdi -- jge L(mt32) -+ jae L(mt32) - - L(A64main): - movdqu (%rdi,%rsi), %xmm0 -@@ -216,7 +220,7 @@ L(mt32): - movq %r11, %r10 - andq $-32, %r10 - cmpq %r10, %rdi -- jge L(mt16) -+ jae L(mt16) - - L(A32main): - movdqu (%rdi,%rsi), %xmm0 -@@ -254,7 +258,7 @@ L(ATR): - movq %r11, %r10 - andq $-32, %r10 - cmpq %r10, %rdi -- jge L(mt16) -+ jae L(mt16) - testq $16, %rdi - jz L(ATR32) - -@@ -325,7 +329,7 @@ L(ATR64main): - movq %r11, %r10 - andq $-32, %r10 - cmpq %r10, %rdi -- jge L(mt16) -+ jae L(mt16) - - L(ATR32res): - movdqa (%rdi,%rsi), %xmm0 -diff --git a/sysdeps/x86_64/x32/Makefile b/sysdeps/x86_64/x32/Makefile -index 7d528889c6..c9850beeb5 100644 ---- a/sysdeps/x86_64/x32/Makefile -+++ b/sysdeps/x86_64/x32/Makefile -@@ -6,7 +6,7 @@ CFLAGS-s_llround.c += -fno-builtin-lround - endif - - ifeq ($(subdir),string) --tests += tst-size_t-memchr -+tests += tst-size_t-memchr tst-size_t-memcmp-2 - endif - - ifeq ($(subdir),wcsmbs) -diff --git a/sysdeps/x86_64/x32/tst-size_t-memcmp-2.c b/sysdeps/x86_64/x32/tst-size_t-memcmp-2.c -new file mode 100644 -index 0000000000..d8ae1a0813 ---- /dev/null -+++ b/sysdeps/x86_64/x32/tst-size_t-memcmp-2.c -@@ -0,0 +1,79 @@ -+/* Test memcmp with size_t in the lower 32 bits of 64-bit register. -+ Copyright (C) 2019 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#define TEST_MAIN -+#ifdef WIDE -+# define TEST_NAME "wmemcmp" -+#else -+# define TEST_NAME "memcmp" -+#endif -+ -+#include "test-size_t.h" -+ -+#ifdef WIDE -+# include -+# include -+ -+# define MEMCMP wmemcmp -+# define CHAR wchar_t -+#else -+# define MEMCMP memcmp -+# define CHAR char -+#endif -+ -+IMPL (MEMCMP, 1) -+ -+typedef int (*proto_t) (const CHAR *, const CHAR *, size_t); -+ -+static int -+__attribute__ ((noinline, noclone)) -+do_memcmp (parameter_t a, parameter_t b) -+{ -+ return CALL (&b, a.p, b.p, a.len); -+} -+ -+static int -+test_main (void) -+{ -+ test_init (); -+ -+ parameter_t dest = { { page_size / sizeof (CHAR) }, buf1 }; -+ parameter_t src = { { 0 }, buf2 }; -+ -+ memcpy (buf1, buf2, page_size); -+ -+ CHAR *p = (CHAR *) buf1; -+ p[page_size / sizeof (CHAR) - 1] = (CHAR) 1; -+ -+ int ret = 0; -+ FOR_EACH_IMPL (impl, 0) -+ { -+ src.fn = impl->fn; -+ int res = do_memcmp (dest, src); -+ if (res >= 0) -+ { -+ error (0, 0, "Wrong result in function %s: %i >= 0", -+ impl->name, res); -+ ret = 1; -+ } -+ } -+ -+ return ret ? EXIT_FAILURE : EXIT_SUCCESS; -+} -+ -+#include --- -2.23.0 - -- cgit 1.2.3-korg