[gnome-continuous-yocto/gnomeostree-3.28-rocko: 3378/8267] glibc: fix CVE-2016-6323

[Emmanuele Bassi <ebassi src gnome org>]

commit 40ae3ae8d1c6bd8bbcebdc4b7dd06e0552710648
Author: Kai Kang <kai kang windriver com>
Date:   Thu Nov 10 15:01:24 2016 +0800

    glibc: fix CVE-2016-6323
    
    Backport patch to fix CVE-2016-6323 of glibc. And remove the section of
    file ChangeLog which can't be applied.
    
    Ref:
    https://sourceware.org/bugzilla/show_bug.cgi?id=20435
    
    (From OE-Core rev: a3c2acee40c8875e311e03bff6906e7c93c491fc)
    
    Signed-off-by: Kai Kang <kai kang windriver com>
    Signed-off-by: Ross Burton <ross burton intel com>
    Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>

 ...k-__startcontext-as-.cantunwind-bug-20435.patch |   46 ++++++++++++++++++++
 meta/recipes-core/glibc/glibc_2.24.bb              |    1 +
 2 files changed, 47 insertions(+), 0 deletions(-)
---
diff --git a/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch 
b/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch
new file mode 100644
index 0000000..95067d3
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch
@@ -0,0 +1,46 @@
+Backport patch to fix CVE-2016-6323 for glibc. And remove the section of
+ChangeLog which can't be applied.
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c]
+CVE: CVE-2016-6323
+Signed-off-by: Kai Kang <kai kang windriver com>
+---
+From 9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617 Mon Sep 17 00:00:00 2001
+From: Andreas Schwab <schwab suse de>
+Date: Mon, 8 Aug 2016 09:29:18 +0200
+Subject: [PATCH] arm: mark __startcontext as .cantunwind (bug 20435)
+
+__startcontext marks the bottom of the call stack of the contexts created
+by makecontext.
+---
+ ChangeLog                                | 6 ++++++
+ sysdeps/unix/sysv/linux/arm/setcontext.S | 7 +++++++
+ 2 files changed, 13 insertions(+)
+
+diff --git a/sysdeps/unix/sysv/linux/arm/setcontext.S b/sysdeps/unix/sysv/linux/arm/setcontext.S
+index 603e508..d1f168f 100644
+--- a/sysdeps/unix/sysv/linux/arm/setcontext.S
++++ b/sysdeps/unix/sysv/linux/arm/setcontext.S
+@@ -86,12 +86,19 @@ weak_alias(__setcontext, setcontext)
+ 
+       /* Called when a makecontext() context returns.  Start the
+          context in R4 or fall through to exit().  */
++      /* Unwind descriptors are looked up based on PC - 2, so we have to
++         make sure to mark the instruction preceding the __startcontext
++         label as .cantunwind.  */
++      .fnstart
++      .cantunwind
++      nop
+ ENTRY(__startcontext)
+       movs    r0, r4
+       bne     PLTJMP(__setcontext)
+ 
+       @ New context was 0 - exit
+       b       PLTJMP(HIDDEN_JUMPTARGET(exit))
++      .fnend
+ END(__startcontext)
+ 
+ #ifdef PIC
+-- 
+2.10.1
+
diff --git a/meta/recipes-core/glibc/glibc_2.24.bb b/meta/recipes-core/glibc/glibc_2.24.bb
index f5a21b2..475c133 100644
--- a/meta/recipes-core/glibc/glibc_2.24.bb
+++ b/meta/recipes-core/glibc/glibc_2.24.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
            file://0024-eglibc-Forward-port-cross-locale-generation-support.patch \
            file://0025-Define-DUMMY_LOCALE_T-if-not-defined.patch \
            file://0026-build_local_scope.patch \
+           file://0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch \
 "
 
 SRC_URI += "\