[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: d2a5c15046bab11f3e70927d6b053ab98870acf0
Author: Alfredo Tupone gentoo org>
AuthorDate: Wed Apr 5 19:35:41 2023 +
Commit: Alfredo Tupone gentoo org>
CommitDate: Wed Apr 5 19:35:58 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d2a5c150
sci-libs/pytorch: add 2.0.0
Signed-off-by: Alfredo Tupone gentoo.org>
sci-libs/pytorch/Manifest | 1 +
sci-libs/pytorch/files/pytorch-2.0.0-emptyso.patch | 15 +
.../files/pytorch-2.0.0-global-dlopen.patch| 20 +++
sci-libs/pytorch/pytorch-2.0.0.ebuild | 64 ++
4 files changed, 100 insertions(+)
diff --git a/sci-libs/pytorch/Manifest b/sci-libs/pytorch/Manifest
index 616b75a49763..1424256938e9 100644
--- a/sci-libs/pytorch/Manifest
+++ b/sci-libs/pytorch/Manifest
@@ -1 +1,2 @@
DIST pytorch-1.13.1.tar.gz 108279745 BLAKE2B
75de03b74dfdaf8d8fb5ea743fcc0c1b0e408a714ad4160c487921220a7b1755e5fa6e587e6bbc8c9f34dd75e096d2e6dd69c80d24821835fff6c833314434d3
SHA512
f16f89d027efade11d057245cad5b69a390e88b458398310ae30de2dbff7c8fd7f1165be7b8da7ea989c81ac3f5a66c5cb9050610e441a97c83fb8aa28c0bd62
+DIST pytorch-2.0.0.tar.gz 111327292 BLAKE2B
6d593a975c0ade714f0b189f7e3c4ff704b9a9a2377b5e441a9cefc202fa22779966d08948e63671912c6ea5a0eee124042155f4f57a654db34e19e42f013cc9
SHA512
4dd76160711c0d87f3026c8b7fa3ed149dd86b8ac0ee9ecea0eaf80d2e6ce8c29368392e77b9466d90b60634087b462b782495997a5d33367cc8ca9fe14c8a14
diff --git a/sci-libs/pytorch/files/pytorch-2.0.0-emptyso.patch
b/sci-libs/pytorch/files/pytorch-2.0.0-emptyso.patch
new file mode 100644
index ..e4703894308a
--- /dev/null
+++ b/sci-libs/pytorch/files/pytorch-2.0.0-emptyso.patch
@@ -0,0 +1,15 @@
+--- a/setup.py 2023-04-05 11:23:00.713405789 +0200
b/setup.py 2023-04-05 11:23:36.900876249 +0200
+@@ -960,12 +960,6 @@
+ name=str('caffe2.python.caffe2_pybind11_state_hip'),
+ sources=[]),
+ )
+-if cmake_cache_vars['BUILD_FUNCTORCH']:
+-extensions.append(
+-Extension(
+-name=str('functorch._C'),
+-sources=[]),
+-)
+ if cmake_cache_vars['BUILD_NVFUSER']:
+ extensions.append(
+ Extension(
diff --git a/sci-libs/pytorch/files/pytorch-2.0.0-global-dlopen.patch
b/sci-libs/pytorch/files/pytorch-2.0.0-global-dlopen.patch
new file mode 100644
index ..0f1b400e234d
--- /dev/null
+++ b/sci-libs/pytorch/files/pytorch-2.0.0-global-dlopen.patch
@@ -0,0 +1,20 @@
+--- a/torch/__init__.py2023-04-05 11:12:25.682681130 +0200
b/torch/__init__.py2023-04-05 11:13:00.640170307 +0200
+@@ -165,7 +165,7 @@
+ lib_path = os.path.join(os.path.dirname(here), 'lib', lib_name)
+
+ try:
+-ctypes.CDLL(lib_path, mode=ctypes.RTLD_GLOBAL)
++ctypes.CDLL(lib_name, mode=ctypes.RTLD_GLOBAL)
+ except OSError as err:
+ # Can only happen for wheel with cuda libs as PYPI deps
+ # As PyTorch is not purelib, but nvidia-*-cu11 is
+@@ -187,7 +187,7 @@
+ raise err
+ for lib_folder, lib_name in cuda_libs.items():
+ _preload_cuda_deps(lib_folder, lib_name)
+-ctypes.CDLL(lib_path, mode=ctypes.RTLD_GLOBAL)
++ctypes.CDLL(lib_name, mode=ctypes.RTLD_GLOBAL)
+
+
+ if (USE_RTLD_GLOBAL_WITH_LIBTORCH or os.getenv('TORCH_USE_RTLD_GLOBAL')) and \
diff --git a/sci-libs/pytorch/pytorch-2.0.0.ebuild
b/sci-libs/pytorch/pytorch-2.0.0.ebuild
new file mode 100644
index ..506f1889b280
--- /dev/null
+++ b/sci-libs/pytorch/pytorch-2.0.0.ebuild
@@ -0,0 +1,64 @@
+# Copyright 2022-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{9..11} )
+DISTUTILS_SINGLE_IMPL=1
+inherit distutils-r1
+
+DESCRIPTION="Tensors and Dynamic neural networks in Python"
+HOMEPAGE="https://pytorch.org/;
+SRC_URI="https://github.com/pytorch/${PN}/archive/refs/tags/v${PV}.tar.gz
+ -> ${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64"
+RESTRICT="test"
+
+REQUIRED_USE=${PYTHON_REQUIRED_USE}
+RDEPEND="
+ ${PYTHON_DEPS}
+ ~sci-libs/caffe2-${PV}[${PYTHON_SINGLE_USEDEP}]
+ $(python_gen_cond_dep '
+ dev-python/typing-extensions[${PYTHON_USEDEP}]
+ dev-python/sympy[${PYTHON_USEDEP}]
+ ')
+"
+DEPEND="${RDEPEND}
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+"
+
+src_prepare() {
+ eapply \
+
"${FILESDIR}"/0002-Don-t-build-libtorch-again-for-PyTorch-1.7.1.patch \
+
"${FILESDIR}"/pytorch-1.9.0-Change-library-directory-according-to-CMake-build.patch
\
+ "${FILESDIR}"/${P}-global-dlopen.patch \
+ "${FILESDIR}"/pytorch-1.7.1-torch_shm_manager.patch \
+ "${FILESDIR}"/${PN}-1.13.0-setup.patch \
+
[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: f4836af254dee6b81c749b3df569d7c5bd6faa98
Author: Alfredo Tupone gentoo org>
AuthorDate: Fri Mar 24 21:40:49 2023 +
Commit: Alfredo Tupone gentoo org>
CommitDate: Fri Mar 24 21:41:36 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4836af2
sci-libs/pytorch: drop building an empty .so
Closes: https://bugs.gentoo.org/902727
Signed-off-by: Alfredo Tupone gentoo.org>
sci-libs/pytorch/files/pytorch-1.13.1-emptyso.patch | 15 +++
...{pytorch-1.13.1-r1.ebuild => pytorch-1.13.1-r2.ebuild} | 1 +
2 files changed, 16 insertions(+)
diff --git a/sci-libs/pytorch/files/pytorch-1.13.1-emptyso.patch
b/sci-libs/pytorch/files/pytorch-1.13.1-emptyso.patch
new file mode 100644
index ..1479354b7f7a
--- /dev/null
+++ b/sci-libs/pytorch/files/pytorch-1.13.1-emptyso.patch
@@ -0,0 +1,15 @@
+--- a/setup.py 2023-03-24 22:36:50.361860100 +0100
b/setup.py 2023-03-24 22:36:57.384752383 +0100
+@@ -922,12 +922,6 @@
+ name=str('caffe2.python.caffe2_pybind11_state_hip'),
+ sources=[]),
+ )
+-if cmake_cache_vars['BUILD_FUNCTORCH']:
+-extensions.append(
+-Extension(
+-name=str('functorch._C'),
+-sources=[]),
+-)
+
+ cmdclass = {
+ 'bdist_wheel': wheel_concatenate,
diff --git a/sci-libs/pytorch/pytorch-1.13.1-r1.ebuild
b/sci-libs/pytorch/pytorch-1.13.1-r2.ebuild
similarity index 97%
rename from sci-libs/pytorch/pytorch-1.13.1-r1.ebuild
rename to sci-libs/pytorch/pytorch-1.13.1-r2.ebuild
index 956c5e89cbc8..f93b9a108820 100644
--- a/sci-libs/pytorch/pytorch-1.13.1-r1.ebuild
+++ b/sci-libs/pytorch/pytorch-1.13.1-r2.ebuild
@@ -39,6 +39,7 @@ src_prepare() {
"${FILESDIR}"/${P}-global-dlopen.patch \
"${FILESDIR}"/pytorch-1.7.1-torch_shm_manager.patch \
"${FILESDIR}"/${PN}-1.13.0-setup.patch \
+ "${FILESDIR}"/${P}-emptyso.patch \
# Set build dir for pytorch's setup
sed -i \
[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: 32fc208629a6e23dc5c64902ab73be47a305743a
Author: Alfredo Tupone gentoo org>
AuthorDate: Wed Feb 22 08:03:32 2023 +
Commit: Alfredo Tupone gentoo org>
CommitDate: Wed Feb 22 08:03:47 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=32fc2086
sci-libs/pytorch: drop 1.12.0-r2, 1.12.1, 1.13.0
Signed-off-by: Alfredo Tupone gentoo.org>
sci-libs/pytorch/Manifest | 3 --
.../files/pytorch-1.12.0-CVE-2022-45907.patch | 59
.../files/pytorch-1.6.0-global-dlopen.patch| 15 --
sci-libs/pytorch/pytorch-1.12.0-r2.ebuild | 62 -
sci-libs/pytorch/pytorch-1.12.1.ebuild | 62 -
sci-libs/pytorch/pytorch-1.13.0.ebuild | 63 --
6 files changed, 264 deletions(-)
diff --git a/sci-libs/pytorch/Manifest b/sci-libs/pytorch/Manifest
index 7a1c9e4370ae..616b75a49763 100644
--- a/sci-libs/pytorch/Manifest
+++ b/sci-libs/pytorch/Manifest
@@ -1,4 +1 @@
-DIST pytorch-1.12.0.tar.gz 106286765 BLAKE2B
ff9bafedb35f859f7dccb9b606299cf9c345bdaa0deb87ecfe0c0c30c3c828414d989e1d9a243d9b7cd3f376d56a2f81c241ca2e3c9a8a2b30cddcdeddd3a5c7
SHA512
c9c748a2e0047daaaf199a1ba3198d2d1aee47f664170a9b34ccacd3deeb95f2070e4035eeb900012ef48dc62cf6fb6806f1a1dfe22de8c94892963076e593b7
-DIST pytorch-1.12.1.tar.gz 106311625 BLAKE2B
e8ca19d0e1987449c33ad4c36722a3a467f7f8a9f90be2a7f2de643cbd665038f6802b5ff1f1d3da09b6253d8f29e11549a24295de013d97f73affe538c84c99
SHA512
afeb551904ebd9b5901ae623a98eadbb3045115247cedf8006a940742cfad04e5ce24cfaf363336a9ed88d7ce6a4ac53dbb6a5c690aef6efdf20477c3a22c7ca
-DIST pytorch-1.13.0.tar.gz 108276317 BLAKE2B
8149775dea06d8e4027b741c828169d33f768a96aef58cd2f86daa3bbad5bf36143454e26b683a992aca34e7fb52e6483c46168b698db48ff6978c9605d7a3d2
SHA512
5a0e8c589bdf552ccf682511a8860c754ab6f5844f51e568c5034793f787b97707af4340b338b9b8606dd27a6ced6ef50091f0cc514458b3021a2220409d7f20
DIST pytorch-1.13.1.tar.gz 108279745 BLAKE2B
75de03b74dfdaf8d8fb5ea743fcc0c1b0e408a714ad4160c487921220a7b1755e5fa6e587e6bbc8c9f34dd75e096d2e6dd69c80d24821835fff6c833314434d3
SHA512
f16f89d027efade11d057245cad5b69a390e88b458398310ae30de2dbff7c8fd7f1165be7b8da7ea989c81ac3f5a66c5cb9050610e441a97c83fb8aa28c0bd62
diff --git a/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch
b/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch
deleted file mode 100644
index 085b6d9ca1bb..
--- a/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From 78cad998e505b667d25ac42f8aaa24409f5031e1 Mon Sep 17 00:00:00 2001
-From: Nikita Shulga
-Date: Thu, 17 Nov 2022 22:05:27 +
-Subject: [PATCH] [JIT][Security] Do not blindly eval input string (#89189)
-
-Introduce `_eval_no_call` method, that evaluates statement only if it
-does not contain any calls(done by examining the bytecode), thus preventing
command injection exploit
-
-Added simple unit test to check for that
-`torch.jit.annotations.get_signature` would not result in calling random
-code.
-
-Although, this code path exists for Python-2 compatibility, and perhaps
-should be simply removed.
-
-diff --git a/torch/jit/annotations.py b/torch/jit/annotations.py
-index a4a36ce36a5e8..a6ff2d04d2076 100644
a/torch/jit/annotations.py
-+++ b/torch/jit/annotations.py
-@@ -1,4 +1,5 @@
- import ast
-+import dis
- import enum
- import inspect
- import re
-@@ -144,6 +145,15 @@ def check_fn(fn, loc):
- raise torch.jit.frontend.FrontendError(loc, "Expected a single
top-level function")
-
-
-+def _eval_no_call(stmt, glob, loc):
-+"""Evaluate statement as long as it does not contain any method/function
calls"""
-+bytecode = compile(stmt, "", mode="eval")
-+for insn in dis.get_instructions(bytecode):
-+if "CALL" in insn.opname:
-+raise RuntimeError(f"Type annotation should not contain calls,
but '{stmt}' does")
-+return eval(bytecode, glob, loc) # type: ignore[arg-type] # noqa: P204
-+
-+
- def parse_type_line(type_line, rcb, loc):
- """Parses a type annotation specified as a comment.
-
-@@ -154,7 +164,7 @@ def parse_type_line(type_line, rcb, loc):
- arg_ann_str, ret_ann_str = split_type_line(type_line)
-
- try:
--arg_ann = eval(arg_ann_str, {}, EvalEnv(rcb)) # type:
ignore[arg-type] # noqa: P204
-+arg_ann = _eval_no_call(arg_ann_str, {}, EvalEnv(rcb))
- except (NameError, SyntaxError) as e:
- raise RuntimeError("Failed to parse the argument list of a type
annotation") from e
-
-@@ -162,7 +172,7 @@ def parse_type_line(type_line, rcb, loc):
- arg_ann = (arg_ann,)
-
- try:
--ret_ann = eval(ret_ann_str, {}, EvalEnv(rcb)) # type:
ignore[arg-type] # noqa: P204
-+ret_ann = _eval_no_call(ret_ann_str, {}, EvalEnv(rcb))
- except (NameError, SyntaxError) as e:
- raise RuntimeError("Failed to parse the return type of a type
[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: de632cbceb0e91127bcaefb47e3538ca48477b15
Author: Alfredo Tupone gentoo org>
AuthorDate: Wed Feb 15 19:40:24 2023 +
Commit: Alfredo Tupone gentoo org>
CommitDate: Wed Feb 15 19:40:24 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=de632cbc
sci-libs/pytorch: add 1.13.1
Closes: https://bugs.gentoo.org/893594
Signed-off-by: Alfredo Tupone gentoo.org>
sci-libs/pytorch/Manifest | 1 +
.../files/pytorch-1.13.1-global-dlopen.patch | 23
sci-libs/pytorch/pytorch-1.13.1.ebuild | 62 ++
3 files changed, 86 insertions(+)
diff --git a/sci-libs/pytorch/Manifest b/sci-libs/pytorch/Manifest
index fba79e4a9a24..7a1c9e4370ae 100644
--- a/sci-libs/pytorch/Manifest
+++ b/sci-libs/pytorch/Manifest
@@ -1,3 +1,4 @@
DIST pytorch-1.12.0.tar.gz 106286765 BLAKE2B
ff9bafedb35f859f7dccb9b606299cf9c345bdaa0deb87ecfe0c0c30c3c828414d989e1d9a243d9b7cd3f376d56a2f81c241ca2e3c9a8a2b30cddcdeddd3a5c7
SHA512
c9c748a2e0047daaaf199a1ba3198d2d1aee47f664170a9b34ccacd3deeb95f2070e4035eeb900012ef48dc62cf6fb6806f1a1dfe22de8c94892963076e593b7
DIST pytorch-1.12.1.tar.gz 106311625 BLAKE2B
e8ca19d0e1987449c33ad4c36722a3a467f7f8a9f90be2a7f2de643cbd665038f6802b5ff1f1d3da09b6253d8f29e11549a24295de013d97f73affe538c84c99
SHA512
afeb551904ebd9b5901ae623a98eadbb3045115247cedf8006a940742cfad04e5ce24cfaf363336a9ed88d7ce6a4ac53dbb6a5c690aef6efdf20477c3a22c7ca
DIST pytorch-1.13.0.tar.gz 108276317 BLAKE2B
8149775dea06d8e4027b741c828169d33f768a96aef58cd2f86daa3bbad5bf36143454e26b683a992aca34e7fb52e6483c46168b698db48ff6978c9605d7a3d2
SHA512
5a0e8c589bdf552ccf682511a8860c754ab6f5844f51e568c5034793f787b97707af4340b338b9b8606dd27a6ced6ef50091f0cc514458b3021a2220409d7f20
+DIST pytorch-1.13.1.tar.gz 108279745 BLAKE2B
75de03b74dfdaf8d8fb5ea743fcc0c1b0e408a714ad4160c487921220a7b1755e5fa6e587e6bbc8c9f34dd75e096d2e6dd69c80d24821835fff6c833314434d3
SHA512
f16f89d027efade11d057245cad5b69a390e88b458398310ae30de2dbff7c8fd7f1165be7b8da7ea989c81ac3f5a66c5cb9050610e441a97c83fb8aa28c0bd62
diff --git a/sci-libs/pytorch/files/pytorch-1.13.1-global-dlopen.patch
b/sci-libs/pytorch/files/pytorch-1.13.1-global-dlopen.patch
new file mode 100644
index ..4f414be67a29
--- /dev/null
+++ b/sci-libs/pytorch/files/pytorch-1.13.1-global-dlopen.patch
@@ -0,0 +1,23 @@
+Don't hardcode the library path. Leave it to the dynamic loader.
+
+Index: pytorch-1.13.1/torch/__init__.py
+===
+--- a/torch/__init__.py2023-02-15 20:27:51.747853677 +0100
b/torch/__init__.py2023-02-15 20:28:23.506341918 +0100
+@@ -169,14 +169,14 @@
+ lib_path = os.path.join(os.path.dirname(here), 'lib', lib_name)
+
+ try:
+-ctypes.CDLL(lib_path, mode=ctypes.RTLD_GLOBAL)
++ctypes.CDLL(lib_name, mode=ctypes.RTLD_GLOBAL)
+ except OSError as err:
+ # Can only happen of wheel with cublas as PYPI deps
+ # As PyTorch is not purelib, but nvidia-cublas-cu11 is
+ if 'libcublas.so.11' not in err.args[0]:
+ raise err
+ _preload_cuda_deps()
+-ctypes.CDLL(lib_path, mode=ctypes.RTLD_GLOBAL)
++ctypes.CDLL(lib_name, mode=ctypes.RTLD_GLOBAL)
+
+
+ if (USE_RTLD_GLOBAL_WITH_LIBTORCH or os.getenv('TORCH_USE_RTLD_GLOBAL')) and \
diff --git a/sci-libs/pytorch/pytorch-1.13.1.ebuild
b/sci-libs/pytorch/pytorch-1.13.1.ebuild
new file mode 100644
index ..898c43a39ba9
--- /dev/null
+++ b/sci-libs/pytorch/pytorch-1.13.1.ebuild
@@ -0,0 +1,62 @@
+# Copyright 2022-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{9,10} )
+DISTUTILS_SINGLE_IMPL=1
+inherit distutils-r1
+
+DESCRIPTION="Tensors and Dynamic neural networks in Python"
+HOMEPAGE="https://pytorch.org/;
+SRC_URI="https://github.com/pytorch/${PN}/archive/refs/tags/v${PV}.tar.gz
+ -> ${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64"
+RESTRICT="test"
+
+REQUIRED_USE=${PYTHON_REQUIRED_USE}
+RDEPEND="
+ ${PYTHON_DEPS}
+ ~sci-libs/caffe2-${PV}[${PYTHON_SINGLE_USEDEP}]
+ $(python_gen_cond_dep '
+ dev-python/typing-extensions[${PYTHON_USEDEP}]
+ ')
+"
+DEPEND="${RDEPEND}
+ $(python_gen_cond_dep '
+ dev-python/pyyaml[${PYTHON_USEDEP}]
+ ')
+"
+
+src_prepare() {
+ eapply \
+
"${FILESDIR}"/0002-Don-t-build-libtorch-again-for-PyTorch-1.7.1.patch \
+
"${FILESDIR}"/pytorch-1.9.0-Change-library-directory-according-to-CMake-build.patch
\
+ "${FILESDIR}"/${P}-global-dlopen.patch \
+ "${FILESDIR}"/pytorch-1.7.1-torch_shm_manager.patch \
+ "${FILESDIR}"/${PN}-1.13.0-setup.patch \
+
+ # Set build dir for pytorch's setup
+ sed -i \
+ -e "/BUILD_DIR/s|build|/var/lib/caffe2/|" \
+
[gentoo-commits] repo/gentoo:master commit in: sci-libs/pytorch/files/, sci-libs/pytorch/
commit: 1b1b577bb33b34295e8cad2294c5486ee50200cf
Author: Alfredo Tupone gentoo org>
AuthorDate: Wed Nov 30 18:12:11 2022 +
Commit: Alfredo Tupone gentoo org>
CommitDate: Wed Nov 30 18:13:03 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1b1b577b
sci-libs/pytorch: fix CVE-2022-45907
Bug: https://bugs.gentoo.org/883381
Signed-off-by: Alfredo Tupone gentoo.org>
sci-libs/pytorch/Manifest | 1 -
.../files/pytorch-1.12.0-CVE-2022-45907.patch | 59 ++
sci-libs/pytorch/metadata.xml | 11
sci-libs/pytorch/pytorch-1.11.0.ebuild | 58 -
...orch-1.12.0.ebuild => pytorch-1.12.0-r1.ebuild} | 3 +-
5 files changed, 61 insertions(+), 71 deletions(-)
diff --git a/sci-libs/pytorch/Manifest b/sci-libs/pytorch/Manifest
index 0d28654e641f..013309cd70ce 100644
--- a/sci-libs/pytorch/Manifest
+++ b/sci-libs/pytorch/Manifest
@@ -1,2 +1 @@
-DIST pytorch-1.11.0.tar.gz 20719323 BLAKE2B
24e7aaa2c26821d36f8092542de9d8d5ac85a619fb9fffb5131987958842afb1cad395780662d15f3411a7cc6ff83a445871960eca1e469fcbf0b9895d83d6e0
SHA512
2342eb7a1a241f5855a7cf12e11f62bc4baaa78d1d0864e53bfc946e783eb4addd05ca154a814d2376cd602098b5547e61c158d6eddb7cad5a9f3b0c1357adca
DIST pytorch-1.12.0.tar.gz 106286765 BLAKE2B
ff9bafedb35f859f7dccb9b606299cf9c345bdaa0deb87ecfe0c0c30c3c828414d989e1d9a243d9b7cd3f376d56a2f81c241ca2e3c9a8a2b30cddcdeddd3a5c7
SHA512
c9c748a2e0047daaaf199a1ba3198d2d1aee47f664170a9b34ccacd3deeb95f2070e4035eeb900012ef48dc62cf6fb6806f1a1dfe22de8c94892963076e593b7
diff --git a/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch
b/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch
new file mode 100644
index ..085b6d9ca1bb
--- /dev/null
+++ b/sci-libs/pytorch/files/pytorch-1.12.0-CVE-2022-45907.patch
@@ -0,0 +1,59 @@
+From 78cad998e505b667d25ac42f8aaa24409f5031e1 Mon Sep 17 00:00:00 2001
+From: Nikita Shulga
+Date: Thu, 17 Nov 2022 22:05:27 +
+Subject: [PATCH] [JIT][Security] Do not blindly eval input string (#89189)
+
+Introduce `_eval_no_call` method, that evaluates statement only if it
+does not contain any calls(done by examining the bytecode), thus preventing
command injection exploit
+
+Added simple unit test to check for that
+`torch.jit.annotations.get_signature` would not result in calling random
+code.
+
+Although, this code path exists for Python-2 compatibility, and perhaps
+should be simply removed.
+
+diff --git a/torch/jit/annotations.py b/torch/jit/annotations.py
+index a4a36ce36a5e8..a6ff2d04d2076 100644
+--- a/torch/jit/annotations.py
b/torch/jit/annotations.py
+@@ -1,4 +1,5 @@
+ import ast
++import dis
+ import enum
+ import inspect
+ import re
+@@ -144,6 +145,15 @@ def check_fn(fn, loc):
+ raise torch.jit.frontend.FrontendError(loc, "Expected a single
top-level function")
+
+
++def _eval_no_call(stmt, glob, loc):
++"""Evaluate statement as long as it does not contain any method/function
calls"""
++bytecode = compile(stmt, "", mode="eval")
++for insn in dis.get_instructions(bytecode):
++if "CALL" in insn.opname:
++raise RuntimeError(f"Type annotation should not contain calls,
but '{stmt}' does")
++return eval(bytecode, glob, loc) # type: ignore[arg-type] # noqa: P204
++
++
+ def parse_type_line(type_line, rcb, loc):
+ """Parses a type annotation specified as a comment.
+
+@@ -154,7 +164,7 @@ def parse_type_line(type_line, rcb, loc):
+ arg_ann_str, ret_ann_str = split_type_line(type_line)
+
+ try:
+-arg_ann = eval(arg_ann_str, {}, EvalEnv(rcb)) # type:
ignore[arg-type] # noqa: P204
++arg_ann = _eval_no_call(arg_ann_str, {}, EvalEnv(rcb))
+ except (NameError, SyntaxError) as e:
+ raise RuntimeError("Failed to parse the argument list of a type
annotation") from e
+
+@@ -162,7 +172,7 @@ def parse_type_line(type_line, rcb, loc):
+ arg_ann = (arg_ann,)
+
+ try:
+-ret_ann = eval(ret_ann_str, {}, EvalEnv(rcb)) # type:
ignore[arg-type] # noqa: P204
++ret_ann = _eval_no_call(ret_ann_str, {}, EvalEnv(rcb))
+ except (NameError, SyntaxError) as e:
+ raise RuntimeError("Failed to parse the return type of a type
annotation") from e
+
diff --git a/sci-libs/pytorch/metadata.xml b/sci-libs/pytorch/metadata.xml
index bc2785e5f6db..d12749aa5c21 100644
--- a/sci-libs/pytorch/metadata.xml
+++ b/sci-libs/pytorch/metadata.xml
@@ -5,17 +5,6 @@
tup...@gentoo.org
Tupone Alfredo
-
- Add support for CUDA processing
- Add support for video processing
operators
- Use NNPACK
- Add support for math operations through
numpy
- Use OpenCL
- Add support for image processing
operators
- Use OpenMP for parallel code
- Use QNNPACK
- Use XNNPACK
-
