objcopy: Don't extend the output section size
Since the output section contents are copied from the input, don't
extend the output section size beyond the input section size.
Backport a patch from upstream to fix CVE-2025-7545
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944]
(From OE-Core rev: 4f461ed46b7694fc4815c7f0504b9cefe5da8e19)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commit on binutils-2.38 stable branch are updated.
9bee8d65d32 x86: Check MODRM for call and jmp in binutils older than 2.45
Before After Diff
No. of expected passes 280 280 0
No. of unexpected failures 2 2 0
No. of untested testcases 1 1 0
No. of unsupported tests 7 7 0
Testing was done and there were no regressions found
(From OE-Core rev: 7ac807166dfb6723f4e0b53c21f434e21d25563e)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Forgot to add CVE-2025-1182 patch file to SRC_URI in the following commit
https://lists.openembedded.org/g/openembedded-core/message/217350
After rebasing the CVE-2025-1180.patch, we encountered hunk errors while applying the
CVE-2025-1182.patch, so I have modified the patch accordingly.
(From OE-Core rev: 131f93b8efcddac984965a250b5391c43ca54ac8)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Backporting the fix from PR 32636 to fix PR 32642 (ld SEGV (illegal read access)
in _bfd_elf_write_section_eh_frame (bfd/elf-eh-frame.c:2234:29) with
--gc-sections --gc-keep-exported option)
https://nvd.nist.gov/vuln/detail/CVE-2025-1180 is associated with
PR32642 which will get fixed with commit from PR 32636.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=f9978defb6fab0bd8583942d97c112b0932ac814]
CVE: CVE-2025-1180
(From OE-Core rev: 8178f44f18777b2c8acc0afb9fd43921a9a8e76e)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Prevent an abort in the bfd linker when attempting to
generate dynamic relocs for a corrupt input file.
PR 32638
Backport a patch from upstream to fix CVE-2025-1178
Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0]
(From OE-Core rev: e820e5364c4b3ec52796a77842b480fea8bc7967)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE-2022-38126 has been marked "REJECT" in the CVE List by NVD.
Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-38126
As commit changes in 0016-CVE-2022-38126.patch fixes CVE-2022-35205.
Hence renamed the patch.
Link: https://ubuntu.com/security/CVE-2022-35205
(From OE-Core rev: d91af23e4fef0f1999c18fc3a43085b70e98dfd5)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Currently binutils in buildtools is searching for /etc/etc/ld.so.conf
which makes no sense. ld_sysconfdir already contains /etc so we need to
drop the /etc from the fixed string.
(From OE-Core rev: 47528fa2aa590b3e04e4cc2b66704143419a92d1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ccd28c418ab8390118d738fbe914395b5c2a1f75)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Below commits on Binutils-2.38 development branch are updated.
5c0b4ee4060 i386: Don't allow GOTOFF relocation against IFUNC symbol for PIC
19892fedb7b x86: Properly check invalid relocation against protected symbol
b8a2baa80b1 libctf: tests: prune warnings from compiler output
7f9a495a167 libctf: fix linking together multiple objects derived from the same source
97dd8079feb PowerPC64: fix assertion in ppc_build_one_stub with -Os code
(From OE-Core rev: 4eb53b33bc46a8131653354bd077229ee7ee42ed)
Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes Qt build with GCC 12.1.
Brings following fixes
* 3d549e5ccc0 PR29142, segv in ar with empty archive and libdeps specified
* c473aa1b9d8 M68K: avoid quadratic slowdlow in label alignment check
* 8d1187516e3 Adjust ld ctf test for 32-bit targets
* 9c67f6382ac x86: Properly handle function pointer reference
* 9a01457e02e s390: Add DT_JMPREL pointing to .rela.[i]plt with static-pie
* 82a5bb730a1 s390: Avoid dynamic TLS relocs in PIE
* d54081c642a LoongArch: Update ABI eflag in elf header.
* fb4d148004f IBM zSystems: Add support for z16 as CPU name.
* 975b5540232 libctf, ld: diagnose corrupted CTF header cth_strlen
* 99852365513 dlltool: Use the output name as basis for deterministic temp prefixes
* 210bf1d6225 Updated Serbian (for binutils/) and Russian (for gprof/) translations
* fcf60fe8482 PR28959, obdump doesn't disassemble mftb instruction
* e4a35c73196 PowerPC64 DT_RELR relative reloc addresses
* 7183434818e Work around gcc-4 warnings in elf64-ppc.c
(From OE-Core rev: cefc45625535972d20b252ed0a2f497dff7d5fe5)
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c007a7251e697836a29bd1aebe49d4f2433a5e6e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes building ppc32 kernels
Brings following fixes
* 2d92604cd30 Revert "Check thin archive element file size against archive header"
* ed9b2e40ebf binutils 2.38 vs. ppc32 linux kernel
* 40d32f56f63 Updated Serbian translations for the bfd, gold, ld and opcodes directories
* 6aa1b7df2fc ld: Keep indirect symbol from IR if referenced from shared object
* ae1cab7d3f3 i386: Update I386_NEED_DYNAMIC_RELOC_TYPE_P for DT_TEXTREL
* df9071487a8 PR28882, build failure with gcc-4.2 due to use of 0b literals
* caa6172de4b x86: Disallow invalid relocation against protected symbol
(From OE-Core rev: f5fb73ea3d868997f2fc3744ddb0647ab3284218)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This reverts commit b5a595a4be09756b88e91f3353e3b221b165ab44,
gold linker can now be built correctly for mingw SDKs.
(From OE-Core rev: b2ab9ff4050ebd5efb273f44e62174efb22a214f)
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a fix for CVE-2021-45078.
(From OE-Core rev: f3128fd1b2e5cbf3683dc69eabc56fbc0bd0e7d5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>