[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: d2a5c15046bab11f3e70927d6b053ab98870acf0 Author: Alfredo Tupone gentoo org> AuthorDate: Wed Apr 5 19:35:41 2023 + Commit: Alfredo Tupone gentoo org> CommitDate: Wed Apr 5 19:35:58 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d2a5c150 sci-libs/pytorch: add 2.0.0 Signed-off-by: Alfredo Tupone gentoo.org> sci-libs/pytorch/Manifest | 1 + sci-libs/pytorch/files/pytorch-2.0.0-emptyso.patch | 15 + .../files/pytorch-2.0.0-global-dlopen.patch| 20 +++ sci-libs/pytorch/pytorch-2.0.0.ebuild | 64 ++ 4 files changed, 100 insertions(+) diff --git a/sci-libs/pytorch/Manifest b/sci-libs/pytorch/Manifest index 616b75a49763..1424256938e9 100644 --- a/sci-libs/pytorch/Manifest +++ b/sci-libs/pytorch/Manifest @@ -1 +1,2 @@ DIST pytorch-1.13.1.tar.gz 108279745 BLAKE2B 75de03b74dfdaf8d8fb5ea743fcc0c1b0e408a714ad4160c487921220a7b1755e5fa6e587e6bbc8c9f34dd75e096d2e6dd69c80d24821835fff6c833314434d3 SHA512 f16f89d027efade11d057245cad5b69a390e88b458398310ae30de2dbff7c8fd7f1165be7b8da7ea989c81ac3f5a66c5cb9050610e441a97c83fb8aa28c0bd62 +DIST pytorch-2.0.0.tar.gz 111327292 BLAKE2B 6d593a975c0ade714f0b189f7e3c4ff704b9a9a2377b5e441a9cefc202fa22779966d08948e63671912c6ea5a0eee124042155f4f57a654db34e19e42f013cc9 SHA512 4dd76160711c0d87f3026c8b7fa3ed149dd86b8ac0ee9ecea0eaf80d2e6ce8c29368392e77b9466d90b60634087b462b782495997a5d33367cc8ca9fe14c8a14 diff --git a/sci-libs/pytorch/files/pytorch-2.0.0-emptyso.patch b/sci-libs/pytorch/files/pytorch-2.0.0-emptyso.patch new file mode 100644 index ..e4703894308a --- /dev/null +++ b/sci-libs/pytorch/files/pytorch-2.0.0-emptyso.patch @@ -0,0 +1,15 @@ +--- a/setup.py 2023-04-05 11:23:00.713405789 +0200 b/setup.py 2023-04-05 11:23:36.900876249 +0200 +@@ -960,12 +960,6 @@ + name=str('caffe2.python.caffe2_pybind11_state_hip'), + sources=[]), + ) +-if cmake_cache_vars['BUILD_FUNCTORCH']: +-extensions.append( +-Extension( +-name=str('functorch._C'), +-sources=[]), +-) + if cmake_cache_vars['BUILD_NVFUSER']: + extensions.append( + Extension( diff --git a/sci-libs/pytorch/files/pytorch-2.0.0-global-dlopen.patch b/sci-libs/pytorch/files/pytorch-2.0.0-global-dlopen.patch new file mode 100644 index ..0f1b400e234d --- /dev/null +++ b/sci-libs/pytorch/files/pytorch-2.0.0-global-dlopen.patch @@ -0,0 +1,20 @@ +--- a/torch/__init__.py2023-04-05 11:12:25.682681130 +0200 b/torch/__init__.py2023-04-05 11:13:00.640170307 +0200 +@@ -165,7 +165,7 @@ + lib_path = os.path.join(os.path.dirname(here), 'lib', lib_name) + + try: +-ctypes.CDLL(lib_path, mode=ctypes.RTLD_GLOBAL) ++ctypes.CDLL(lib_name, mode=ctypes.RTLD_GLOBAL) + except OSError as err: + # Can only happen for wheel with cuda libs as PYPI deps + # As PyTorch is not purelib, but nvidia-*-cu11 is +@@ -187,7 +187,7 @@ + raise err + for lib_folder, lib_name in cuda_libs.items(): + _preload_cuda_deps(lib_folder, lib_name) +-ctypes.CDLL(lib_path, mode=ctypes.RTLD_GLOBAL) ++ctypes.CDLL(lib_name, mode=ctypes.RTLD_GLOBAL) + + + if (USE_RTLD_GLOBAL_WITH_LIBTORCH or os.getenv('TORCH_USE_RTLD_GLOBAL')) and \ diff --git a/sci-libs/pytorch/pytorch-2.0.0.ebuild b/sci-libs/pytorch/pytorch-2.0.0.ebuild new file mode 100644 index ..506f1889b280 --- /dev/null +++ b/sci-libs/pytorch/pytorch-2.0.0.ebuild @@ -0,0 +1,64 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_USE_PEP517=setuptools +PYTHON_COMPAT=( python3_{9..11} ) +DISTUTILS_SINGLE_IMPL=1 +inherit distutils-r1 + +DESCRIPTION="Tensors and Dynamic neural networks in Python" +HOMEPAGE="https://pytorch.org/; +SRC_URI="https://github.com/pytorch/${PN}/archive/refs/tags/v${PV}.tar.gz + -> ${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64" +RESTRICT="test" + +REQUIRED_USE=${PYTHON_REQUIRED_USE} +RDEPEND=" + ${PYTHON_DEPS} + ~sci-libs/caffe2-${PV}[${PYTHON_SINGLE_USEDEP}] + $(python_gen_cond_dep ' + dev-python/typing-extensions[${PYTHON_USEDEP}] + dev-python/sympy[${PYTHON_USEDEP}] + ') +" +DEPEND="${RDEPEND} + $(python_gen_cond_dep ' + dev-python/pyyaml[${PYTHON_USEDEP}] + ') +" + +src_prepare() { + eapply \ + "${FILESDIR}"/0002-Don-t-build-libtorch-again-for-PyTorch-1.7.1.patch \ + "${FILESDIR}"/pytorch-1.9.0-Change-library-directory-according-to-CMake-build.patch \ + "${FILESDIR}"/${P}-global-dlopen.patch \ + "${FILESDIR}"/pytorch-1.7.1-torch_shm_manager.patch \ + "${FILESDIR}"/${PN}-1.13.0-setup.patch \ +
[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: f4836af254dee6b81c749b3df569d7c5bd6faa98 Author: Alfredo Tupone gentoo org> AuthorDate: Fri Mar 24 21:40:49 2023 + Commit: Alfredo Tupone gentoo org> CommitDate: Fri Mar 24 21:41:36 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4836af2 sci-libs/pytorch: drop building an empty .so Closes: https://bugs.gentoo.org/902727 Signed-off-by: Alfredo Tupone gentoo.org> sci-libs/pytorch/files/pytorch-1.13.1-emptyso.patch | 15 +++ ...{pytorch-1.13.1-r1.ebuild => pytorch-1.13.1-r2.ebuild} | 1 + 2 files changed, 16 insertions(+) diff --git a/sci-libs/pytorch/files/pytorch-1.13.1-emptyso.patch b/sci-libs/pytorch/files/pytorch-1.13.1-emptyso.patch new file mode 100644 index ..1479354b7f7a --- /dev/null +++ b/sci-libs/pytorch/files/pytorch-1.13.1-emptyso.patch @@ -0,0 +1,15 @@ +--- a/setup.py 2023-03-24 22:36:50.361860100 +0100 b/setup.py 2023-03-24 22:36:57.384752383 +0100 +@@ -922,12 +922,6 @@ + name=str('caffe2.python.caffe2_pybind11_state_hip'), + sources=[]), + ) +-if cmake_cache_vars['BUILD_FUNCTORCH']: +-extensions.append( +-Extension( +-name=str('functorch._C'), +-sources=[]), +-) + + cmdclass = { + 'bdist_wheel': wheel_concatenate, diff --git a/sci-libs/pytorch/pytorch-1.13.1-r1.ebuild b/sci-libs/pytorch/pytorch-1.13.1-r2.ebuild similarity index 97% rename from sci-libs/pytorch/pytorch-1.13.1-r1.ebuild rename to sci-libs/pytorch/pytorch-1.13.1-r2.ebuild index 956c5e89cbc8..f93b9a108820 100644 --- a/sci-libs/pytorch/pytorch-1.13.1-r1.ebuild +++ b/sci-libs/pytorch/pytorch-1.13.1-r2.ebuild @@ -39,6 +39,7 @@ src_prepare() { "${FILESDIR}"/${P}-global-dlopen.patch \ "${FILESDIR}"/pytorch-1.7.1-torch_shm_manager.patch \ "${FILESDIR}"/${PN}-1.13.0-setup.patch \ + "${FILESDIR}"/${P}-emptyso.patch \ # Set build dir for pytorch's setup sed -i \
[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: 32fc208629a6e23dc5c64902ab73be47a305743a Author: Alfredo Tupone gentoo org> AuthorDate: Wed Feb 22 08:03:32 2023 + Commit: Alfredo Tupone gentoo org> CommitDate: Wed Feb 22 08:03:47 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=32fc2086 sci-libs/pytorch: drop 1.12.0-r2, 1.12.1, 1.13.0 Signed-off-by: Alfredo Tupone gentoo.org> sci-libs/pytorch/Manifest | 3 -- .../files/pytorch-1.12.0-CVE-2022-45907.patch | 59 .../files/pytorch-1.6.0-global-dlopen.patch| 15 -- sci-libs/pytorch/pytorch-1.12.0-r2.ebuild | 62 - sci-libs/pytorch/pytorch-1.12.1.ebuild | 62 - sci-libs/pytorch/pytorch-1.13.0.ebuild | 63 -- 6 files changed, 264 deletions(-) diff --git a/sci-libs/pytorch/Manifest b/sci-libs/pytorch/Manifest index 7a1c9e4370ae..616b75a49763 100644 --- a/sci-libs/pytorch/Manifest +++ b/sci-libs/pytorch/Manifest @@ -1,4 +1 @@ -DIST pytorch-1.12.0.tar.gz 106286765 BLAKE2B ff9bafedb35f859f7dccb9b606299cf9c345bdaa0deb87ecfe0c0c30c3c828414d989e1d9a243d9b7cd3f376d56a2f81c241ca2e3c9a8a2b30cddcdeddd3a5c7 SHA512 c9c748a2e0047daaaf199a1ba3198d2d1aee47f664170a9b34ccacd3deeb95f2070e4035eeb900012ef48dc62cf6fb6806f1a1dfe22de8c94892963076e593b7 -DIST pytorch-1.12.1.tar.gz 106311625 BLAKE2B e8ca19d0e1987449c33ad4c36722a3a467f7f8a9f90be2a7f2de643cbd665038f6802b5ff1f1d3da09b6253d8f29e11549a24295de013d97f73affe538c84c99 SHA512 afeb551904ebd9b5901ae623a98eadbb3045115247cedf8006a940742cfad04e5ce24cfaf363336a9ed88d7ce6a4ac53dbb6a5c690aef6efdf20477c3a22c7ca -DIST pytorch-1.13.0.tar.gz 108276317 BLAKE2B 8149775dea06d8e4027b741c828169d33f768a96aef58cd2f86daa3bbad5bf36143454e26b683a992aca34e7fb52e6483c46168b698db48ff6978c9605d7a3d2 SHA512 5a0e8c589bdf552ccf682511a8860c754ab6f5844f51e568c5034793f787b97707af4340b338b9b8606dd27a6ced6ef50091f0cc514458b3021a2220409d7f20 DIST pytorch-1.13.1.tar.gz 108279745 BLAKE2B 75de03b74dfdaf8d8fb5ea743fcc0c1b0e408a714ad4160c487921220a7b1755e5fa6e587e6bbc8c9f34dd75e096d2e6dd69c80d24821835fff6c833314434d3 SHA512 f16f89d027efade11d057245cad5b69a390e88b458398310ae30de2dbff7c8fd7f1165be7b8da7ea989c81ac3f5a66c5cb9050610e441a97c83fb8aa28c0bd62 diff --git a/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch b/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch deleted file mode 100644 index 085b6d9ca1bb.. --- a/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 78cad998e505b667d25ac42f8aaa24409f5031e1 Mon Sep 17 00:00:00 2001 -From: Nikita Shulga -Date: Thu, 17 Nov 2022 22:05:27 + -Subject: [PATCH] [JIT][Security] Do not blindly eval input string (#89189) - -Introduce `_eval_no_call` method, that evaluates statement only if it -does not contain any calls(done by examining the bytecode), thus preventing command injection exploit - -Added simple unit test to check for that -`torch.jit.annotations.get_signature` would not result in calling random -code. - -Although, this code path exists for Python-2 compatibility, and perhaps -should be simply removed. - -diff --git a/torch/jit/annotations.py b/torch/jit/annotations.py -index a4a36ce36a5e8..a6ff2d04d2076 100644 a/torch/jit/annotations.py -+++ b/torch/jit/annotations.py -@@ -1,4 +1,5 @@ - import ast -+import dis - import enum - import inspect - import re -@@ -144,6 +145,15 @@ def check_fn(fn, loc): - raise torch.jit.frontend.FrontendError(loc, "Expected a single top-level function") - - -+def _eval_no_call(stmt, glob, loc): -+"""Evaluate statement as long as it does not contain any method/function calls""" -+bytecode = compile(stmt, "", mode="eval") -+for insn in dis.get_instructions(bytecode): -+if "CALL" in insn.opname: -+raise RuntimeError(f"Type annotation should not contain calls, but '{stmt}' does") -+return eval(bytecode, glob, loc) # type: ignore[arg-type] # noqa: P204 -+ -+ - def parse_type_line(type_line, rcb, loc): - """Parses a type annotation specified as a comment. - -@@ -154,7 +164,7 @@ def parse_type_line(type_line, rcb, loc): - arg_ann_str, ret_ann_str = split_type_line(type_line) - - try: --arg_ann = eval(arg_ann_str, {}, EvalEnv(rcb)) # type: ignore[arg-type] # noqa: P204 -+arg_ann = _eval_no_call(arg_ann_str, {}, EvalEnv(rcb)) - except (NameError, SyntaxError) as e: - raise RuntimeError("Failed to parse the argument list of a type annotation") from e - -@@ -162,7 +172,7 @@ def parse_type_line(type_line, rcb, loc): - arg_ann = (arg_ann,) - - try: --ret_ann = eval(ret_ann_str, {}, EvalEnv(rcb)) # type: ignore[arg-type] # noqa: P204 -+ret_ann = _eval_no_call(ret_ann_str, {}, EvalEnv(rcb)) - except (NameError, SyntaxError) as e: - raise RuntimeError("Failed to parse the return type of a type
[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: de632cbceb0e91127bcaefb47e3538ca48477b15 Author: Alfredo Tupone gentoo org> AuthorDate: Wed Feb 15 19:40:24 2023 + Commit: Alfredo Tupone gentoo org> CommitDate: Wed Feb 15 19:40:24 2023 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=de632cbc sci-libs/pytorch: add 1.13.1 Closes: https://bugs.gentoo.org/893594 Signed-off-by: Alfredo Tupone gentoo.org> sci-libs/pytorch/Manifest | 1 + .../files/pytorch-1.13.1-global-dlopen.patch | 23 sci-libs/pytorch/pytorch-1.13.1.ebuild | 62 ++ 3 files changed, 86 insertions(+) diff --git a/sci-libs/pytorch/Manifest b/sci-libs/pytorch/Manifest index fba79e4a9a24..7a1c9e4370ae 100644 --- a/sci-libs/pytorch/Manifest +++ b/sci-libs/pytorch/Manifest @@ -1,3 +1,4 @@ DIST pytorch-1.12.0.tar.gz 106286765 BLAKE2B ff9bafedb35f859f7dccb9b606299cf9c345bdaa0deb87ecfe0c0c30c3c828414d989e1d9a243d9b7cd3f376d56a2f81c241ca2e3c9a8a2b30cddcdeddd3a5c7 SHA512 c9c748a2e0047daaaf199a1ba3198d2d1aee47f664170a9b34ccacd3deeb95f2070e4035eeb900012ef48dc62cf6fb6806f1a1dfe22de8c94892963076e593b7 DIST pytorch-1.12.1.tar.gz 106311625 BLAKE2B e8ca19d0e1987449c33ad4c36722a3a467f7f8a9f90be2a7f2de643cbd665038f6802b5ff1f1d3da09b6253d8f29e11549a24295de013d97f73affe538c84c99 SHA512 afeb551904ebd9b5901ae623a98eadbb3045115247cedf8006a940742cfad04e5ce24cfaf363336a9ed88d7ce6a4ac53dbb6a5c690aef6efdf20477c3a22c7ca DIST pytorch-1.13.0.tar.gz 108276317 BLAKE2B 8149775dea06d8e4027b741c828169d33f768a96aef58cd2f86daa3bbad5bf36143454e26b683a992aca34e7fb52e6483c46168b698db48ff6978c9605d7a3d2 SHA512 5a0e8c589bdf552ccf682511a8860c754ab6f5844f51e568c5034793f787b97707af4340b338b9b8606dd27a6ced6ef50091f0cc514458b3021a2220409d7f20 +DIST pytorch-1.13.1.tar.gz 108279745 BLAKE2B 75de03b74dfdaf8d8fb5ea743fcc0c1b0e408a714ad4160c487921220a7b1755e5fa6e587e6bbc8c9f34dd75e096d2e6dd69c80d24821835fff6c833314434d3 SHA512 f16f89d027efade11d057245cad5b69a390e88b458398310ae30de2dbff7c8fd7f1165be7b8da7ea989c81ac3f5a66c5cb9050610e441a97c83fb8aa28c0bd62 diff --git a/sci-libs/pytorch/files/pytorch-1.13.1-global-dlopen.patch b/sci-libs/pytorch/files/pytorch-1.13.1-global-dlopen.patch new file mode 100644 index ..4f414be67a29 --- /dev/null +++ b/sci-libs/pytorch/files/pytorch-1.13.1-global-dlopen.patch @@ -0,0 +1,23 @@ +Don't hardcode the library path. Leave it to the dynamic loader. + +Index: pytorch-1.13.1/torch/__init__.py +=== +--- a/torch/__init__.py2023-02-15 20:27:51.747853677 +0100 b/torch/__init__.py2023-02-15 20:28:23.506341918 +0100 +@@ -169,14 +169,14 @@ + lib_path = os.path.join(os.path.dirname(here), 'lib', lib_name) + + try: +-ctypes.CDLL(lib_path, mode=ctypes.RTLD_GLOBAL) ++ctypes.CDLL(lib_name, mode=ctypes.RTLD_GLOBAL) + except OSError as err: + # Can only happen of wheel with cublas as PYPI deps + # As PyTorch is not purelib, but nvidia-cublas-cu11 is + if 'libcublas.so.11' not in err.args[0]: + raise err + _preload_cuda_deps() +-ctypes.CDLL(lib_path, mode=ctypes.RTLD_GLOBAL) ++ctypes.CDLL(lib_name, mode=ctypes.RTLD_GLOBAL) + + + if (USE_RTLD_GLOBAL_WITH_LIBTORCH or os.getenv('TORCH_USE_RTLD_GLOBAL')) and \ diff --git a/sci-libs/pytorch/pytorch-1.13.1.ebuild b/sci-libs/pytorch/pytorch-1.13.1.ebuild new file mode 100644 index ..898c43a39ba9 --- /dev/null +++ b/sci-libs/pytorch/pytorch-1.13.1.ebuild @@ -0,0 +1,62 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_USE_PEP517=setuptools +PYTHON_COMPAT=( python3_{9,10} ) +DISTUTILS_SINGLE_IMPL=1 +inherit distutils-r1 + +DESCRIPTION="Tensors and Dynamic neural networks in Python" +HOMEPAGE="https://pytorch.org/; +SRC_URI="https://github.com/pytorch/${PN}/archive/refs/tags/v${PV}.tar.gz + -> ${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64" +RESTRICT="test" + +REQUIRED_USE=${PYTHON_REQUIRED_USE} +RDEPEND=" + ${PYTHON_DEPS} + ~sci-libs/caffe2-${PV}[${PYTHON_SINGLE_USEDEP}] + $(python_gen_cond_dep ' + dev-python/typing-extensions[${PYTHON_USEDEP}] + ') +" +DEPEND="${RDEPEND} + $(python_gen_cond_dep ' + dev-python/pyyaml[${PYTHON_USEDEP}] + ') +" + +src_prepare() { + eapply \ + "${FILESDIR}"/0002-Don-t-build-libtorch-again-for-PyTorch-1.7.1.patch \ + "${FILESDIR}"/pytorch-1.9.0-Change-library-directory-according-to-CMake-build.patch \ + "${FILESDIR}"/${P}-global-dlopen.patch \ + "${FILESDIR}"/pytorch-1.7.1-torch_shm_manager.patch \ + "${FILESDIR}"/${PN}-1.13.0-setup.patch \ + + # Set build dir for pytorch's setup + sed -i \ + -e "/BUILD_DIR/s|build|/var/lib/caffe2/|" \ +
[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: 1b1b577bb33b34295e8cad2294c5486ee50200cf Author: Alfredo Tupone gentoo org> AuthorDate: Wed Nov 30 18:12:11 2022 + Commit: Alfredo Tupone gentoo org> CommitDate: Wed Nov 30 18:13:03 2022 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1b1b577b sci-libs/pytorch: fix CVE-2022-45907 Bug: https://bugs.gentoo.org/883381 Signed-off-by: Alfredo Tupone gentoo.org> sci-libs/pytorch/Manifest | 1 - .../files/pytorch-1.12.0-CVE-2022-45907.patch | 59 ++ sci-libs/pytorch/metadata.xml | 11 sci-libs/pytorch/pytorch-1.11.0.ebuild | 58 - ...orch-1.12.0.ebuild => pytorch-1.12.0-r1.ebuild} | 3 +- 5 files changed, 61 insertions(+), 71 deletions(-) diff --git a/sci-libs/pytorch/Manifest b/sci-libs/pytorch/Manifest index 0d28654e641f..013309cd70ce 100644 --- a/sci-libs/pytorch/Manifest +++ b/sci-libs/pytorch/Manifest @@ -1,2 +1 @@ -DIST pytorch-1.11.0.tar.gz 20719323 BLAKE2B 24e7aaa2c26821d36f8092542de9d8d5ac85a619fb9fffb5131987958842afb1cad395780662d15f3411a7cc6ff83a445871960eca1e469fcbf0b9895d83d6e0 SHA512 2342eb7a1a241f5855a7cf12e11f62bc4baaa78d1d0864e53bfc946e783eb4addd05ca154a814d2376cd602098b5547e61c158d6eddb7cad5a9f3b0c1357adca DIST pytorch-1.12.0.tar.gz 106286765 BLAKE2B ff9bafedb35f859f7dccb9b606299cf9c345bdaa0deb87ecfe0c0c30c3c828414d989e1d9a243d9b7cd3f376d56a2f81c241ca2e3c9a8a2b30cddcdeddd3a5c7 SHA512 c9c748a2e0047daaaf199a1ba3198d2d1aee47f664170a9b34ccacd3deeb95f2070e4035eeb900012ef48dc62cf6fb6806f1a1dfe22de8c94892963076e593b7 diff --git a/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch b/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch new file mode 100644 index ..085b6d9ca1bb --- /dev/null +++ b/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch @@ -0,0 +1,59 @@ +From 78cad998e505b667d25ac42f8aaa24409f5031e1 Mon Sep 17 00:00:00 2001 +From: Nikita Shulga +Date: Thu, 17 Nov 2022 22:05:27 + +Subject: [PATCH] [JIT][Security] Do not blindly eval input string (#89189) + +Introduce `_eval_no_call` method, that evaluates statement only if it +does not contain any calls(done by examining the bytecode), thus preventing command injection exploit + +Added simple unit test to check for that +`torch.jit.annotations.get_signature` would not result in calling random +code. + +Although, this code path exists for Python-2 compatibility, and perhaps +should be simply removed. + +diff --git a/torch/jit/annotations.py b/torch/jit/annotations.py +index a4a36ce36a5e8..a6ff2d04d2076 100644 +--- a/torch/jit/annotations.py b/torch/jit/annotations.py +@@ -1,4 +1,5 @@ + import ast ++import dis + import enum + import inspect + import re +@@ -144,6 +145,15 @@ def check_fn(fn, loc): + raise torch.jit.frontend.FrontendError(loc, "Expected a single top-level function") + + ++def _eval_no_call(stmt, glob, loc): ++"""Evaluate statement as long as it does not contain any method/function calls""" ++bytecode = compile(stmt, "", mode="eval") ++for insn in dis.get_instructions(bytecode): ++if "CALL" in insn.opname: ++raise RuntimeError(f"Type annotation should not contain calls, but '{stmt}' does") ++return eval(bytecode, glob, loc) # type: ignore[arg-type] # noqa: P204 ++ ++ + def parse_type_line(type_line, rcb, loc): + """Parses a type annotation specified as a comment. + +@@ -154,7 +164,7 @@ def parse_type_line(type_line, rcb, loc): + arg_ann_str, ret_ann_str = split_type_line(type_line) + + try: +-arg_ann = eval(arg_ann_str, {}, EvalEnv(rcb)) # type: ignore[arg-type] # noqa: P204 ++arg_ann = _eval_no_call(arg_ann_str, {}, EvalEnv(rcb)) + except (NameError, SyntaxError) as e: + raise RuntimeError("Failed to parse the argument list of a type annotation") from e + +@@ -162,7 +172,7 @@ def parse_type_line(type_line, rcb, loc): + arg_ann = (arg_ann,) + + try: +-ret_ann = eval(ret_ann_str, {}, EvalEnv(rcb)) # type: ignore[arg-type] # noqa: P204 ++ret_ann = _eval_no_call(ret_ann_str, {}, EvalEnv(rcb)) + except (NameError, SyntaxError) as e: + raise RuntimeError("Failed to parse the return type of a type annotation") from e + diff --git a/sci-libs/pytorch/metadata.xml b/sci-libs/pytorch/metadata.xml index bc2785e5f6db..d12749aa5c21 100644 --- a/sci-libs/pytorch/metadata.xml +++ b/sci-libs/pytorch/metadata.xml @@ -5,17 +5,6 @@ tup...@gentoo.org Tupone Alfredo - - Add support for CUDA processing - Add support for video processing operators - Use NNPACK - Add support for math operations through numpy - Use OpenCL - Add support for image processing operators - Use OpenMP for parallel code - Use QNNPACK - Use XNNPACK -