1 files changed, 39 insertions, 0 deletions

diff --git a/import-layers/yocto-poky/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch b/import-layers/yocto-poky/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch
new file mode 100644
index 000000000..f9b9fa50d
--- /dev/null
+++ b/import-layers/yocto-poky/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch
@@ -0,0 +1,39 @@
+glibc-2.24: Fix CVE-2016-6323
+
+[No upstream tracking] -- https://sourceware.org/bugzilla/show_bug.cgi?id=20435
+
+arm: mark __startcontext as .cantunwind, GNU
+
+Glibc bug where the makecontext function would create
+an execution context which is incompatible with the unwinder,
+causing it to hang when the generation of a backtrace is attempted.
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617]
+CVE: CVE-2016-6323
+Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
+Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
+
+diff --git a/sysdeps/unix/sysv/linux/arm/setcontext.S b/sysdeps/unix/sysv/linux/arm/setcontext.S
+index 603e508..d1f168f 100644
+--- a/sysdeps/unix/sysv/linux/arm/setcontext.S
++++ b/sysdeps/unix/sysv/linux/arm/setcontext.S
+@@ -86,12 +86,19 @@ weak_alias(__setcontext, setcontext)
+ 
+ 	/* Called when a makecontext() context returns.  Start the
+ 	   context in R4 or fall through to exit().  */
++	/* Unwind descriptors are looked up based on PC - 2, so we have to
++	   make sure to mark the instruction preceding the __startcontext
++	   label as .cantunwind.  */
++	.fnstart
++	.cantunwind
++	nop
+ ENTRY(__startcontext)
+ 	movs    r0, r4
+ 	bne     PLTJMP(__setcontext)
+ 
+ 	@ New context was 0 - exit
+ 	b       PLTJMP(HIDDEN_JUMPTARGET(exit))
++	.fnend
+ END(__startcontext)
+ 
+ #ifdef PIC