Daniel McGregor [Wed, 29 Jan 2025 16:29:38 +0000 (10:29 -0600)]
util-linux-libuuid: use util-linux's CVE_PRODUCT value
util-linux and util-linux-libuuid should use the same CVE_PRODUCT
since they're the same product. They're just split off for package
dependency reasons. Prior to this patch the libuuid recipe gave the
wrong CVE_PRODUCT value, causing some CVE check tools to fail on it.
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Pedro Ferreira [Wed, 29 Jan 2025 11:33:24 +0000 (11:33 +0000)]
rust-common.bbclass: soft assignment for RUSTLIB path
As a user i want to override `RUSTLIB` path on a bbclass, lets
call it `XYZ.bbclass`.
If a certain recipe inherits `cargo.bbclass` and `XYZ.bbclass` the
value of `RUSTLIB` is dependent on the order of the inherit.
If `cargo.bbclass` is inherit before `XYZ.bbclass` this will reflect
the desired value of `RUSTLIB`, on the oposite, if the `XYZ.bbclass`
is inherit before `cargo.bbclass` then the `RUSTLIB` defined on
`rust-common.bbclass` will prevail.
Changed definition of `RUSTLIB` to soft assignment to make it overridable.
Signed-off-by: Pedro Silva Ferreira <Pedro.Silva.Ferreira@criticaltechworks.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Sean Nyekjaer [Thu, 23 Jan 2025 18:38:08 +0000 (19:38 +0100)]
rust-cross-canadian: set CC_<triple> for nativesdk
This fixes build errors when building rust bindings for C dependencies
for the sdk host.
This will allow us to build and run rust programs on the sdk host.
Harish Sadineni [Thu, 23 Jan 2025 15:47:55 +0000 (07:47 -0800)]
oeqa/sdk/context: fix for gtk3 test failure during do_testsdk
The do_testsdk for lib32-core-image-sato aborts with below error:
configure: error: Package requirements (gtk+-3.0) were not met:
No package 'gtk+-3.0' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix.
This causes due to an absolute path name in 'sdk_env', which is now stripped to have only the environment name.
Harish Sadineni [Thu, 23 Jan 2025 15:47:54 +0000 (07:47 -0800)]
rust: remove redundant cargo config file
YOCTO [#15061]
The rust target and linker are getting setting from the sdk environment and
so the config file is not needed. The redundant config file geneartion is removed.
Harish Sadineni [Thu, 23 Jan 2025 15:47:53 +0000 (07:47 -0800)]
rust: fix for rust multilib sdk configuration
YOCTO [#15061]
The rust sdk installs both 'rust.sh' and 'cargo.sh' for lib32 and lib64 in the same location.
This causes below error while installing the lib32 & lib64 binaries:
Error: Transaction test error:
file /usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-pokysdk-linux/environment-setup.d/cargo.sh
conflicts between attempted installs of rust-cross-canadian-arm-1.67.1-r0.x86_64_nativesdk and
rust-cross-canadian-aarch64-1.67.1-r0.x86_64_nativesdk
file /usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-pokysdk-linux/environment-setup.d/rust.sh
conflicts between attempted installs of rust-cross-canadian-arm-1.67.1-r0.x86_64_nativesdk and
rust-cross-canadian-aarch64-1.67.1-r0.x86_64_nativesdk
ERROR: Task (virtual:multilib:lib32:/media/build/poky/meta/recipes-sato/images/core-image-sato.bb:do_populate_sdk)
failed with exit code '1'
The change includes:
- Prepending '${RUST_TARGET_SYS}' to 'rust.sh' to differentiate between target systems.
- Moving the non-target-specific environment variables to 'nativesdk-cargo' and 'nativesdk-rust',
instead of being managed by the cross-canadian recipe.
Alessio Cascone [Wed, 29 Jan 2025 07:31:29 +0000 (08:31 +0100)]
tzcode-native: Fix compiler setting from 2023d version
Starting from 2023d version, tzcode makefile does not use anymore "cc"
variable for C compiler, due to Makefile refactoring.
Replacing "cc" with "CC" fixes the issue.
Marc Ferland [Mon, 27 Jan 2025 16:24:40 +0000 (11:24 -0500)]
linux-firmware: split qca firmwares in separate packages
This patch introduces the following packages for firmwares under qca/:
- linux-firmware-qca-qca61x4
- linux-firmware-qca-wcn3988
- linux-firmware-qca-wcn399x
- linux-firmware-qca-wcn6750
- linux-firmware-qca-qca2066
- linux-firmware-qca-wcn7850
- linux-firmware-qca-misc: catches all firmwares that are not already
included in the other -qca- packages (currently empty).
linux-firmware-qca is now a meta package that depends on all of the
split-out qca packages.
Note: Content of the FILES:${PN}-qca* variables taken from WHENCE.
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marc Ferland [Mon, 27 Jan 2025 16:24:39 +0000 (11:24 -0500)]
linux-firmware: split ath12k firmwares in separate packages
This patch introduces the following packages for ath12k based chips:
- linux-firmware-ath12k-qcn9274
- linux-firmware-ath12k-wcn7850
- linux-firmware-ath12k-misc: catches all firmwares that are not
already included in the other -ath12k- packages (currently empty).
linux-firmware-ath12k is now a meta package that depends on all of the
split-out ath11k packages.
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Igor Opaniuk [Wed, 15 Jan 2025 13:07:02 +0000 (14:07 +0100)]
lib/spdx30_tasks: support directories deployed by image recipes
create_image_spdx() implementation assumes that image is indeed a file.
If image recipe deploys a directory (for example, which contains an
hierarchy of flash artifacts, that is used by SoC vendor-specific
flashing tool) which follows ${IMAGE_NAME}.${IMAGE_TYPE} naming scheme,
create_image_spdx() function will fail after trying to hash a directory:
*** 0002:do_create_image_spdx(d)
0003:
File: '.../meta/classes-recipe/create-spdx-image-3.0.bbclass', lineno: 48, function: do_create_image_spdx
0044:addtask do_create_rootfs_spdx_setscene
0045:
0046:python do_create_image_spdx() {
0047: import oe.spdx30_tasks
*** 0048: oe.spdx30_tasks.create_image_spdx(d)
0049:}
0050:addtask do_create_image_spdx after do_image_complete do_create_rootfs_spdx before do_build
0051:SSTATETASKS += "do_create_image_spdx"
...
File: '.../bitbake/lib/bb/utils.py', lineno: 536, function: _hasher
0532:
0533:def _hasher(method, filename):
0534: import mmap
0535:
*** 0536: with open(filename, "rb") as f:
0537: try:
0538: with mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ) as mm:
0539: for chunk in iter(lambda: mm.read(8192), b''):
0540: method.update(chunk)
Exception: IsADirectoryError: [Errno 21] Is a directory: '...'
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Omri Sarig [Tue, 28 Jan 2025 11:50:44 +0000 (12:50 +0100)]
python3: Update stringold summary
The string package in python currently contains common string
operations. This package is still in full use.
However, the old summary line of the package marked it as deprecated. As
this is not the case, this commit updates the summary line to better
represent this Python package.
The new summary line was taken from Python's documentation for the
package (https://docs.python.org/3.13/library/string.html).
In the past, the string library used to contain functionality that later
was moved to the str object in Python. The assumption is that during
this change, this library was marked as deprecated here. However, as
this package contains more functionality, which is still relevant and
used by python, the package itself should not be marked as deprecated.
This commit changes the description of the package, but does not change
the name of the package. The proper name for this package should be
"string" (instead of "stringold"). However, changing the package's name
will break compatibility with anyone using the string package in their
project. As this is a big change, it is decided not to be done yet.
The change in description, as well as this commit message, should be
enough to let users understand that the string package in python is
still valid, and should not be treated as deprecated.
Ross Burton [Mon, 27 Jan 2025 13:58:12 +0000 (13:58 +0000)]
meson: upgrade to 1.7.0
Summary of changes:
- New custom dependency for atomic
- --cap-lints allow used for Cargo subprojects
- Cargo features are resolved globally
- Meson can run "clippy" on Rust projects
- Devenv support in external project module
- Fixed sizeof and find_library methods for Fortran compilers
- format command now accept stdin argument
- "machine" entry in target introspection data
- Add new language Linear Asm
- Control the number of child processes with an environment variable
- Support for Rust 2024
- Support TASKING VX-Toolset
- Test targets no longer built by default
- Install vcs_tag() output
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Christos Gavros [Sun, 26 Jan 2025 10:02:25 +0000 (11:02 +0100)]
sanity: Add test for functional c++ toolchain
Users reported issues caused by missing the right libstdc++-version-dev.
A new function 'check_cpp_toolchain' added in sanity.bbclass to test linking libstdc++
[YOCTO #15712]
Signed-off-by: Christos Gavros <gavrosc@yahoo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bastian Germann [Fri, 24 Jan 2025 20:07:23 +0000 (21:07 +0100)]
busybox: Correct SPDX license reference
Commit 6238ee3ecd (recipes-core/busybox: fixup licensing information)
claims that there is no applicable license identifier in SPDX, so a
bzip2-1.0.4 is made up.
There is no bzip2-1.0.4 license defined in SPDX. However, bzip2-1.0.6 is
the same license.
License-Update: wrong SPDX identifier
Signed-off-by: Bastian Germann <bage@debian.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marek Vasut [Fri, 24 Jan 2025 23:21:47 +0000 (00:21 +0100)]
base-files: Drop /bin/sh dependency
Remove /bin/sh from bash RPROVIDES as this has a side-effect which
confuses rpm package manager when also busybox provides /bin/sh and
base-files depend on /bin/sh . The problem is broken down below.
First, bash depends on base-files and bash pkg_postinst must run
after base-files was installed, because it requires /etc/shells
provided by base-files to be in place.
Second, base-files depends on /bin/sh, which is provided by either
bash or busybox in this case. This is the actual problem here, if
bash is selected as /bin/sh provider, then there is cyclic dependency
between bash and base-files, and that confuses dnf which may install
the packages in the wrong order, bash first and base-files second .
To make this worse, if busybox is also /bin/sh provider, it can and
does happen that some systems pick busybox as the /bin/sh provider,
while others pick bash as the /bin/sh provider, and that cyclic
dependency does not always appear.
Attempt to break this dependency, remove pre-inst script from the
base-files recipe, which removes its dependency on /bin/sh and
allows it to be installed very early, and always before bash.
Signed-off-by: Marek Vasut <marex@denx.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bastian Germann [Fri, 24 Jan 2025 16:17:51 +0000 (17:17 +0100)]
util-linux: Document more specific BSD-4-Clause-UC
LIC_FILES_CHKSUM in the util-linux recipe already contains the more
specific license reference BSD-4-Clause-UC that takes a copyright
addendum by University of California into account.
License-Update: reference can be more specific
Signed-off-by: Bastian Germann <bage@debian.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bastian Germann [Fri, 24 Jan 2025 16:17:50 +0000 (17:17 +0100)]
man-pages: Document more specific BSD-4-Clause-UC
LIC_FILES_CHKSUM in the man-pages recipe already contains the more
specific license reference BSD-4-Clause-UC that takes a copyright
addendum by University of California into account.
License-Update: reference can be more specific
Signed-off-by: Bastian Germann <bage@debian.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bastian Germann [Fri, 24 Jan 2025 16:17:49 +0000 (17:17 +0100)]
libxfont2: Document more specific BSD-4-Clause-UC
COPYING in libxfont2 upstream contains only one BSD-4-Clause text variant,
which is explicitly covered by the copyright addendum by University of
California. Change the SPDX license reference to BSD-4-Clause-UC.
License-Update: reference can be more specific
Signed-off-by: Bastian Germann <bage@debian.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alexander Yurkov [Thu, 23 Jan 2025 18:47:39 +0000 (18:47 +0000)]
oeqa/selftest/recipetool: Update create_go test.
Adjust test_recipetool_go_create test to a smaller repository.
Combine test_recipetool_go_create and test_recipetool_go_replace_modules
tests into test_recipetool_go_create, the new test performs both tests.
Signed-off-by: Alexander Yurkov <alexander.v.yurkov@gmail.com> Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes bug when LLVM is cross-compiled for AAarch64 but it
was getting built with the triple of native build system instead of
the TARGET_SYS (aarch64-oe-linux) in my case.
`No available targets are compatible with triple "x86_64-unknown-linux-gnu"`
Signed-off-by: Haseeb Ashraf <haseeb.ashraf@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 24 Jan 2025 16:13:06 +0000 (16:13 +0000)]
bitbake.conf: Handle empty BB_CURRENT_MC
Bitbake is about to change the default value of this from "default" to "". The
original reason for this was to make this kind of include file usage easier.
Instead we were going to complicate bitbake code having to map one value into
the other.
Instead, stop using "default" and put a slightly horrible bit of code in bitbake.conf
as an alternative.
This means a "default.conf" in the multiconfig directory will stop working but this
was never something anyone was expected to use.
The eSDK code also needs updating for this change.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 24 Jan 2025 15:26:25 +0000 (15:26 +0000)]
oeqa/sshcontrol: Handle empty reads
Looking at some of the autobuilder failures, it seems that somehow empty
reads might be possible despite not being EOF. Tweak the code to be a little
more robust in handling this.
In theory this shouldn't be possible but python does handle signals a bit
differently (e.g. transparrently retrying syscalls for EINTR) so adding this
check and a bit of code safety at least rules out this problem.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enrico Scholz [Mon, 20 Jan 2025 16:45:04 +0000 (17:45 +0100)]
rust-common: add LDFLAGS to 'build-rust-cc' wrapper
Although rust differs between compiling (--> 'rust-cc' wrapper) and
linking (--> 'rust-ccld' wrapper), some core crates are using only the
'rust-cc' wrapper to check for available compiler options [1] and
libraries [2].
Not having LDFLAGS can break the build in subtle ways. E.g. 'cargo-native'
can fail to build with
| = note: .../hosttools/ld: .../liblibz_sys-....rlib(deflate.o):
| relocation R_X86_64_32S against hidden symbol `_length_code' can not be used when making a PIE object
because it does not find '-lz' (added by "DEPENDS = zlib") and builds
a static libz.a with missing PIC flags.
Add LDFLAGS to the 'build-rust-cc' wrapper as it is done already for
the target one.
Commit f82d9c997ba (systemd: enable create-log-dirs) removed the
creation of the /var/log/README symbolic link by using sed. However, the
update to 257 changed the target line and the sed expression no longer
matches. Rather than correcting the sed expression, use a patch to
remove /var/log/README so that any future changes do not go unnoticed.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com>
Many other firmware packages could be created out of what is in
-misc. Looking at the different commits in the linux-firmware
repository gives a very good idea of which firmware goes with each
chip.
Note: Altough this patch might break some installations that assumed
that _all_ firmwares where installed by the linux-firmware-amdgpu
package, I think it is a step in the right direction as the number of
firmwares under amdgpu is constantly increasing (currently ~103MB).
Tested with a renoir gpu.
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com>
Marc Ferland [Mon, 20 Jan 2025 15:46:04 +0000 (10:46 -0500)]
linux-firmware: split ath11k firmwares in separate packages
This patch introduces the following packages for ath11k based chips:
- linux-firmware-ath11k-ipq5018
- linux-firmware-ath11k-ipq6018
- linux-firmware-ath11k-ipq8074
- linux-firmware-ath11k-qca2066
- linux-firmware-ath11k-qca6390
- linux-firmware-ath11k-qcn9074
- linux-firmware-ath11k-wcn6750
- linux-firmware-ath11k-wcn6855
- linux-firmware-ath11k-misc: catches all firmwares that are not
already included in the other -ath11k- packages (currently empty).
linux-firmware-ath11k is now a meta package that depends on all of the
split-out ath11k packages.
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com>
Marc Ferland [Mon, 20 Jan 2025 15:46:03 +0000 (10:46 -0500)]
linux-firmware: split ath10k firmwares in separate packages
This patch introduces the following packages for ath10k based chips:
- linux-firmware-ath10k-qca4019
- linux-firmware-ath10k-qca6174
- linux-firmware-ath10k-qca9377
- linux-firmware-ath10k-qca9887
- linux-firmware-ath10k-qca9888
- linux-firmware-ath10k-qca988x
- linux-firmware-ath10k-qca9984
- linux-firmware-ath10k-qca99x0
- linux-firmware-ath10k-misc: catches all firmwares that are not
already included in the other -ath10k- packages (currently empty).
linux-firmware-ath10k is now a meta package that depends on all of the
split-out ath10k packages.
Signed-off-by: Marc Ferland <marc.ferland@sonatest.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com>
LIC_FILES_CHKSUM supports begin-/endline for licenses included in
for instance header files. This patch adds support for line numbers
to NO_GENERIC_LICENSE, too.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com>
Esben Haabendal [Sat, 18 Jan 2025 18:49:55 +0000 (19:49 +0100)]
files: overlayfs-create-dirs: Improve mount unit dependency
The RequiresMountsFor configuration option of systemd.unit (added in
systemd version 201) not only adds the Requires and After options for
the required mount unit, but it adds them for all mount units required
to access the specified path.
So this change is both a simplification, and an improvement.
Not only will all needed mount units be added to Requires and After, but
the overlay path does not have to be a mountpoint, but can be at any
directory level beneath a mountpoint.
Ross Burton [Wed, 22 Jan 2025 15:28:17 +0000 (15:28 +0000)]
man-db: fix broken requirement for flex
Normally flex-native in the sysroot via the toolchain, but different
toolchains may not depend on flex-native (eg, external-arm-toolchain).
This results in a configure error:
checking for flex... no
configure: error: flex is required when building from revision control
Now we're not building from revision control, but the configure script
is broken with out-of-tree builds and checks the (empty) build tree for
pre-generated sources. Apply a fix to look in the source tree instead.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ross Burton <ross.burton@arm.com>
Thomas Roos [Wed, 22 Jan 2025 12:44:07 +0000 (13:44 +0100)]
gcc-sanitizers.inc: Workaround for aarch64
When using the -fsanitize=address CXX_FLAG for a program compiled for
aarch64 / arm64
This is happing:
MemorySanitizer: CHECK failed: sanitizer_allocator_primary64.h:133 "((kSpaceBeg))
== ((address_range.Init(TotalSpaceSize, PrimaryAllocatorName, kSpaceBeg)))"
(0xe00000000000, 0xfffffffffffffff4) (tid=51745)
With -DSANITIZER_CAN_USE_ALLOCATOR64=0 this is not happening and
potenial bugs are detected.
ARM32 does not require this patch.
More info about the issue in this thread:
https://github.com/llvm/llvm-project/issues/65144
Signed-off-by: Thomas Roos <throos@amazon.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ross Burton <ross.burton@arm.com>
selftest/virgl: add a link to RHEL merge request to address the missing vgem module
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ross Burton <ross.burton@arm.com>
tcl8: add a patch to address Y2038 issues (tcl 9.x doesn't need it)
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ross Burton <ross.burton@arm.com>
zipfs is a new facility in tcl 9.x where various data files are bundled
into a zip archive, rather being separately installed.
Then that zip is embedded into libtcl.so from Makefile, thusly:
cat ${TCL_ZIP_FILE} >> ${LIB_FILE}
This is a major case of face meeting palm: any binary object
processing on the resulting .so file discards the extra data
at the end, and that's exactly what happens in do_package(),
resulting in a tcl installation without any language libraries.
This is not caught by ptest because it runs against a private
copy of the source tree.
Additionally, it helps to have data files on target systems
as files that can be viewed and edited.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ross Burton <ross.burton@arm.com>
Marek Vasut [Tue, 21 Jan 2025 21:20:52 +0000 (22:20 +0100)]
u-boot: kernel-fitimage: Fix dependency loop if UBOOT_SIGN_ENABLE and UBOOT_ENV enabled
In case both UBOOT_SIGN_ENABLE and UBOOT_ENV are enabled and
kernel-fitimage.bbclass is in use to generate signed kernel
fitImage, there is a circular dependency between uboot-sign
and kernel-fitimage bbclasses . The loop looks like this:
kernel-fitimage.bbclass:
- do_populate_sysroot depends on do_assemble_fitimage
- do_assemble_fitimage depends on virtual/bootloader:do_populate_sysroot
- virtual/bootloader:do_populate_sysroot depends on virtual/bootloader:do_install
=> The virtual/bootloader:do_install installs and the
virtual/bootloader:do_populate_sysroot places into
sysroot an U-Boot environment script embedded into
kernel fitImage during do_assemble_fitimage run .
uboot-sign.bbclass:
- DEPENDS on KERNEL_PN, which is really virtual/kernel. More accurately
- do_deploy depends on do_uboot_assemble_fitimage
- do_install depends on do_uboot_assemble_fitimage
- do_uboot_assemble_fitimage depends on virtual/kernel:do_populate_sysroot
=> do_install depends on virtual/kernel:do_populate_sysroot
=> virtual/bootloader:do_install depends on virtual/kernel:do_populate_sysroot
virtual/kernel:do_populate_sysroot depends on virtual/bootloader:do_install
Attempt to resolve the loop. Pull fitimage configuration options into separate
new configuration file image-fitimage.conf so these configuration options can
be shared by both uboot-sign.bbclass and kernel-fitimage.bbclass, and make use
of mkimage -f auto-conf / mkimage -f auto option to insert /signature node key-*
subnode into U-Boot control DT without depending on the layout of kernel fitImage
itself. This is perfectly valid to do, because the U-Boot /signature node key-*
subnodes 'required' property can contain either of two values, 'conf' or 'image'
to authenticate either selected configuration or all of images when booting the
fitImage.
For details of the U-Boot fitImage signing process, see:
https://docs.u-boot.org/en/latest/usage/fit/signature.html
For details of mkimage -f auto-conf and -f auto, see:
https://manpages.debian.org/experimental/u-boot-tools/mkimage.1.en.html#EXAMPLES
Fixes: 5e12dc911d0c ("u-boot: Rework signing to remove interdependencies") Reviewed-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Marek Vasut <marex@denx.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 21 Jan 2025 18:23:09 +0000 (18:23 +0000)]
gcc: make include poisoning fatal again in gcc/g++
We have a patch to allow us to 'poison' system include directories,
which are warnings by default but we make them fatal in cross builds.
However, in the 13.1 upgrade[1] the patch to make the warnings fatal was
dropped in the compiler invocation, so it only took effect for pure
preprocessor calls. This was not noticed at the time as the test case
was flawed, but this has now been fixed.
Add back the fatal poisoning, and restructure the patch slightly so it
is less invasive.
[RP: Tweak to fix gcc/gcc-cross-canadian failure] Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 21 Jan 2025 18:23:08 +0000 (18:23 +0000)]
oeqa/poisoning: fix gcc include poisoning test
The test code in poison was flawed: as long as one CPP/CC/CXX has fatal
poisoning enabled then the test passes. However, at the moment due to
a bad rebase only CPP has fatal poisoning and CC/CXX do not.
Rewrite the do_compile() task to more carefully check the output so the
test harness itself just has to bitbake the recipe.
Note that this results in the test failing:
ERROR: poison-1.0-r0 do_compile: C Compiler is not poisoned.
Exit status 0, output: cc1: warning: include location "/usr/include" is unsafe for cross-compilation [-Wpoison-system-directories]
ERROR: poison-1.0-r0 do_compile: C++ Compiler is not poisoned.
Exit status 0, output: cc1plus: warning: include location "/usr/include" is unsafe for cross-compilation [-Wpoison-system-directories]
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 22 Jan 2025 11:22:59 +0000 (11:22 +0000)]
python3-cffi: Add missing pkgconfig dependency
With gcc posioning fixed, this recipe showed errors, using an incorrect include
path looking at the host system. If pkgconfig is present, the correct include
paths are used. Therefore add the missing dependency.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 13 Jan 2025 17:55:52 +0000 (17:55 +0000)]
base: Switch virtual/cross-XXX to be under recipe specific providers
Currently, providers are set on a global config basis. This change allows
for a select set of providers to be configured using BB_RECIPE_VIRTUAL_PROVIDERS
on a per recipe basis. This would allow for the selection of virtual/cross-cc
as gcc or clang for example.
The PROVIDERS are removed from the recipes so that if a version of the
dependency accidentally slips through, the build will fail and the user
can correct the issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 10 Jan 2025 14:45:57 +0000 (14:45 +0000)]
classes/recipes: Switch virtual/XXX-gcc to virtual/cross-cc (and c++/binutils)
The idea of the base class dependency is to say "yes, I need a C cross compiler"
and this was never meant to be gcc specific. Looking at the codebase, whilst we
code triplets into this, it does overcomplicate things as there are only ever
limited, "target", "sdk" and the class extended versions like mutlilib.
After much thought, we can simplify this to virtual/cross-cc and virtual/nativesdk-cross-cc.
This lets us remove the "gcc" specific element as well as removing the over
complicated triplet usage.
At the same time, change the much less widely used "g++" variant to "c++" for
similar reasons and remove the triplet from virtual/XXX-binutils too.
Backwards compatibility mappings could be left but are just going to confuse
things in future so we'll just require users to update.
This simplification, whilst disruptive for any toolchain focused layers, will
make improved toolchain selection in the future much easier.
Since we no longer have overlapping variables, some code for that can just
be removed. The class extension code does need to start remapping some variables
but not the crosssdk target recipe names.
This patch is in two pieces, this one handles the renaming with the functional
changes separate in a second for easier review even if this breaks bisection.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enrico Jörns [Mon, 20 Jan 2025 06:55:15 +0000 (07:55 +0100)]
kernel-yocto: make kernel commits reproducible
The git commit hashes for the kernel checkout are not reproducible under
certain conditions:
- If the git repository is initialized on an archive (rather than a
git), the initial git commit not only has the current user name set,
it also uses the current system time as committer and author date.
This will affect the initial git hash and thus all subsequent ones.
- The patches applied by the kern-tools have a valid author and date.
However, their committer again depends on the user building the BSP.
This is an issue, for example, if one compiles a kernel with
CONFIG_LOCALVERSION_AUTO enabled where the commit hash lands into the
kernel and thus the package version. This not only makes the package
version non-reproducible, but also leads to version mismatches between
kernel modules built against a fresh kernel checkout and the kernel
retrieved from the sstate cache.
The class uses 'check_git_config' from utils.bbclass, but this only sets
the git user and only if none existed before. Thus it doesn't really
help here.
Since in Git the committer information can be set only from the
environment variables GIT_COMMITTER_NAME, GIT_COMMITTER_EMAIL, and
GIT_COMMITTER_DATE, we introduce a helper function to set those and
apply the author settings in the same way.
As values simply use PATCH_GIT_USER_NAME, PATCH_GIT_USER_EMAIL (from
patch.bbclass) and SOURCE_DATE_EPOCH.
For convenience, put the new helper 'reproducible_git_committer_author'
into utils.bbclass next to 'check_git_config' so others can use it, too.
Using this helper in kernel-yocto.bbclass makes the committer and author
date/name/email for the initial commit reproducible, as well as the
committer name/email for the patches applied with kern-tools.
For debugging purpose, allow disabling the reproducibility features by
setting KERNEL_DEBUG_TIMESTAMPS to "1".
Suggested-by: Felix Klöckner <F.Kloeckner@weinmann-emt.de> Signed-off-by: Enrico Jörns <ejo@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The linux-firmware now requires GNU Parallel in order to run parallel
builds. As the GNU Parallel is not a part of oe-core (the recipe is
present in meta-oe) disable parallel builds.
Artur Kowalski [Mon, 20 Jan 2025 12:46:05 +0000 (13:46 +0100)]
systemd.bbclass: support user units in postinst and prerm hooks
Handle user units in a manner similar to system units where possible.
Not everything is supported by systemd, but systemd limitations only
affect runtime package management - during update user services are not
reloaded/restart and each user must re-login or manually restart
services.
Signed-off-by: Artur Kowalski <arturkow2000@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Artur Kowalski [Mon, 20 Jan 2025 12:46:04 +0000 (13:46 +0100)]
systemd.bbclass: update postinst and prerm hooks
Since SYSTEMD_SERVICE_ESCAPED may contain both system and user services
we need to filter out user services in call to systemctl. Introduce
helper systemd_filter_services() which takes space-separated list of
services and returns services of requested type.
Signed-off-by: Artur Kowalski <arturkow2000@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Artur Kowalski [Mon, 20 Jan 2025 12:46:03 +0000 (13:46 +0100)]
systemd.bbclass: properly handle user units in systemd_create_presets
Previously user units were handled the same way as system units, that
is all preset files were created in system-preset directory, but user
presets should be in user-preset directory.
Signed-off-by: Artur Kowalski <arturkow2000@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
systemd_service_searchpaths accepts boolean value indicating whether we
are dealing with system or user units and returns search paths
accordingly.
Previously search path list was created in systemd_check_services() but
following commits will introduce additional places. The
systemd_service_searchpaths helper function is meant to reduce code
duplication.
Signed-off-by: Artur Kowalski <arturkow2000@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Artur Kowalski [Mon, 20 Jan 2025 12:46:00 +0000 (13:46 +0100)]
systemd.bbclass: add ${sysconfdir}/systemd/user to search path
We already search for system units ${sysconfdir}/systemd/system but we
don't search for user units in corresponding directory under ${sysconfdir}.
Keep the behaviour consistent so that both unit types are searched in
${systemd_{system,user}_unitdir} and ${sysconfdir}/systemd/{system,user}.
Signed-off-by: Artur Kowalski <arturkow2000@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Artur Kowalski [Mon, 20 Jan 2025 12:45:59 +0000 (13:45 +0100)]
systemd-systemctl: add support for --global flag
The flag is similar to --user flag as it causes systemctl to operate on
user units, but it performs operations globally for all users. This is
required for user presets support.
Signed-off-by: Artur Kowalski <arturkow2000@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hiago De Franco [Mon, 13 Jan 2025 23:31:40 +0000 (20:31 -0300)]
eudev: backport patch to fix udevd hanging while trying to access /dev/urandom
Linux kernel commit 48bff1053c17 ("random: opportunistically initialize
on /dev/urandom reads") introduced a change where /dev/urandom blocks if
the random pool is insufficiently initialized during hardware boot. This
behavior causes /dev/urandom reads to hang for approximately 5 seconds,
delaying the boot process with eudev init script (when it calls udevd).
This issue has already been solved upstream, therefore backport the
upstream patch to fix this.
Signed-off-by: Hiago De Franco <hiago.franco@toradex.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Quentin Schulz [Fri, 17 Jan 2025 16:50:54 +0000 (17:50 +0100)]
uboot-extlinux-config.bbclass: invalidate do_create_extlinux_config on changes to UBOOT_EXTLINUX_FDTOVERLAYS:x
do_create_extlinux_config is using a bit of an odd mechanism which
doesn't work well with sstate cache invalidation.
BitBake will detect changes to UBOOT_EXTLINUX_FDTOVERLAYS because it's
explicitly mentioned in the task, but it'll miss changes to
UBOOT_EXTLINUX_FDTOVERLAYS:label because this OVERRIDES is set within
the task, so the value of UBOOT_EXTLINUX_FDTOVERLAYS for the label
OVERRIDES will only ever change from within the task, while it is
running, much later than during parsing.
For that to work properly, we need to add the entire variable (including
the OVERRIDES part) to the vardeps varflag of the task so that its value
is monitored. This is already done for all possible label variables but
FDTOVERLAYS was forgotten.
Fixes: 3ac21b32b5f5 ("uboot-extlinux-config.bbclass: add support for DTBOs") Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Simon A. Eugster [Wed, 15 Jan 2025 08:55:21 +0000 (09:55 +0100)]
grub-efi-cfg: Add GRUB_TITLE for custom GRUB titles
Until now, the default title of a boot entry is its label. The label is
a variable which determines the script to run during an early boot stage
and is not necessarily human readable.
This patch allows to provide a human-readable title for each boot entry.
Signed-off-by: Simon A. Eugster <simon.eu@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 15 Jan 2025 16:33:18 +0000 (16:33 +0000)]
autoconf: rename autotools_aclocals and only run in do_configure
Despite the name, autotools_aclocals() doesn't actually do anything with
aclocal. Instead it reads all of the available autoconf site default
files[1] and sets CONFIG_SITE appropriately. Rename the function to
autotools_sitefiles to make this clear.
Also there's no need to do this before do_configure or do_install, as
the variable is only checked when configure runs.
Ross Burton [Wed, 15 Jan 2025 16:33:16 +0000 (16:33 +0000)]
autotools: clean up aclocal/ search path assignments
We need aclocal to look in two different $datadir/aclocal/ directories:
the native (eg, for pkg.m4 from pkgconfig) and the target (eg, for
alsa.m4 from alsa-lib).
aclocal doesn't directly support this pattern, currently we use
--system-acdir to specify the target directory and then add the native
directory to the user include list.
However, since automake 1.17 there is also an --aclocal-path option to
augument the search list. As the relocated aclocal from automake-native
already knows the correct path for the native aclocal directory we can
use --aclocal-path to add the correct target aclocal directory.
For simplicity I don't bother only doing this in non-native builds as
this just adds the same path to the search twice.
This removes ACLOCALDIR and ACLOCALEXTRAPATH. Recipes using these to
add search paths should instead use EXTRA_AUTORECONF += "-I path".
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Mon, 13 Jan 2025 23:39:09 +0000 (00:39 +0100)]
devtool: ide-sdk remove the plugin from eSDK installer
The ide-sdk command bootstraps the SDK from the bitbake environment
before the IDE configuration is generated. In the case of the eSDK
installer, the bootstrapping is performed during the installation of
the eSDK installer. Running the ide-sdk plugin from an eSDK installer
based setup would require skipping the bootstrapping and probably taking
some other differences into account when generating the IDE
configurations.
This would be possible. But it will probably never be implemented, as
running devtool ide-sdk directly from the bitbake environment is much
more flexible.
Also, some of the recent improvements that have made it into the core
have the potential to make the eSDK installer obsolete at some point in
the future:
- bitbake-layers create-layers-setup replicates the layers
- bitbake-config-build replicates the build configuration
- The new sstate mirror features replicate the sstate
- bblock locks the sstate more flexible than the eSDK installer
- devtool ide-sdk bootstraps the SDK directly from the bitbake
environment. The same environment-setup... file is provided with
--mode=shared.
The devtool modify based workflow is supported since always by devtool
and also the default --mode of devtool ide-sdk.
These functions essentially cover what the eSDK installer does without
a need for the current implementation of the eSDK installer and the
populate_sdk_ext, which is hard to maintain and takes a lot of time to
build.
This means that instead of making the ide-sdk plugin compatible with the
eSDK installer, we should rather replace the current implementation of
the eSDK installer and populate_sdk_ext with an implementation that can
replicate a normal bitbake environment in a convenient way where the
ide-sdk plugin also just works without additional complexity.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hiago De Franco [Tue, 14 Jan 2025 00:25:03 +0000 (21:25 -0300)]
libxkbcommon: replace locale dependecy from RDEPENDS to RRECOMMENDS
The error described does not occur in all cases where libxkbcommon is
used. As example, a Qt application that depends on libxkbcommon might
not require any locales to be installed.
Add it to RRECOMMENDS, as libxkbcommon does not seen to have any hard
dependency on libx11-compose-data or libx11-locale. This change can help
users decide to disable it and save some space on the rootfs.
Signed-off-by: Hiago De Franco <hiago.franco@toradex.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 16 Jan 2025 12:04:29 +0000 (12:04 +0000)]
lttng-tools: disable patching our libtool.m4
Twelve years ago, libtool on Debian had a patch that meant it failed to
cross-compile lttng-tools correctly. The solution at the time was to
sed libtool.m4 whilst configure was being ran[1], which (assuming it
patches the correct file) results in a re-execution of configure during
do_compile.
This behaviour is undesired as we don't patch libtool in the way that
this fixup is needed (the sed only changes Haiku OS codepaths), so
disable it.
Adrian Freihofer [Tue, 14 Jan 2025 22:17:01 +0000 (23:17 +0100)]
rust: increase test timeout again
Fixes [YOCTO #15625]
The first attempt to get around the timeout was to double it from 5000
to 10000, which doesn't seem to be enough. Let's try to fix this by
extending the timeout by a factor of 10.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yogita Urade [Tue, 14 Jan 2025 12:51:27 +0000 (12:51 +0000)]
ofono: fix CVE-2024-7539
oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability.
This vulnerability allows local attackers to execute arbitrary code
on affected installations of oFono. An attacker must first obtain
the ability to execute code on the target modem in order to exploit
this vulnerability.
The specific flaw exists within the parsing of responses from AT+CUSD
commands. The issue results from the lack of proper validation of the
length of user-supplied data prior to copying it to a stack-based buffer.
An attacker can leverage this vulnerability to execute code in the
context of root. Was ZDI-CAN-23195.
Sunil Dora [Thu, 16 Jan 2025 09:09:44 +0000 (01:09 -0800)]
gcc: poison-system-directories patch updated for missing paths
Modified logic in gcc/incpath.cc to ensure that non-existing host system paths are
not deleted during cross-compilation. If the build system attempts to search a host
path, gcc will now issue a warning instead of silently ignoring it.
projects / thirdparty / openembedded / openembedded-core.git / log
