Qiu, Zheng [Wed, 2 Nov 2022 14:41:59 +0000 (10:41 -0400)]
valgrind: update to 3.20.0
Changes in this update includes:
* The option "--vgdb-stop-at=event1,event2,..." accepts the new value
abexit. This indicates to invoke gdbserver when your program exits
abnormally (i.e. with a non zero exit code).
* Fix Rust v0 name demangling.
* The Linux rseq syscall is now implemented as (silently) returning
ENOSYS.
* Add FreeBSD syscall wrappers for __specialfd and __realpathat.
* Remove FreeBSD dependencies on COMPAT10, which fixes compatibility
with HardenedBSD
* The option --enable-debuginfod=<no|yes> [default: yes] has been added
on Linux.
* More DWARF5 support as generated by clang14.
Drop the patch 0001-Fix-drd-tests-shared_timed_mutex.cpp.patch which was
merged upstream.
ptest result:
System Pass Fail Skip
x86-64 717 0 20
- Continued work on color management infrastructure:
In Weston 11, if you enable the tentative, experimental and WIP color
management option, Weston will not only blend in linear light, but
you can also set up a monitor ICC profile and Weston will do some
kind of color mapping from sRGB to that profile. Furthermore, you can
configure a monitor into HDR mode and deliver HDR characteristics from
weston.ini to the monitor, but Weston will *not* produce proper HDR
content yet, meaning the display is incorrect.
- Various RDP improvements.
- Performance improvements in the DRM backend.
- Support for the wp_single_pixel_buffer_v1 protocol.
- weston_buffer refactoring.
- Groundwork for running multiple backends at the same time (e.g. KMS + RDP)
and for multi-GPU support in the DRM backend. This is not supported
yet, but may be in a future release.
Breaking changes for users:
- The cms-static and cms-colord plugins are now deprecated.
- A number of features have been removed from desktop-shell: multiple
workspaces, zoom, exposay.
- wl_shell support has been removed (superseded by xdg-shell).
- The fbdev backend has been removed (superseded by KMS).
- weston-launch and launcher-direct have been removed (superseded by libseat).
- The weston-info and weston-gears clients have been removed (weston-info is
superseded by wayland-info).
- The KMS max-bpc property is now set by default. If you experience black
screens with (faulty) monitors, try lowering it in weston.ini.
- Weston will now abort when running out of memory. Weston is not suitable
for memory constrained environments.
Martin Jansa [Wed, 2 Nov 2022 08:12:07 +0000 (09:12 +0100)]
cargo-update-recipe-crates: small improvements
* use 4 spaces
* avoid trailing space
* add CARGO_LOCK_SRC_DIR to allow searching outside ${S}
* use BPN in output filename
* First I've used CARGO_LOCK_SRC_DIR as relative to ${S}, because that's what CARGO_SRC_DIR
in cargo.bbclass is using:
meta/classes-recipe/cargo.bbclass:CARGO_SRC_DIR ??= ""
meta/classes-recipe/cargo.bbclass:MANIFEST_PATH ??= "${S}/${CARGO_SRC_DIR}/Cargo.toml"
but change to absolute path (defaulting to ${S}) as requested by Alex:
11:44 < kanavin> JaMa, would prefer CARGO_LOCK_SRC_DIR ??= "${S}"
11:46 < kanavin> otherwise looks good
* I've resolved my usecase for CARGO_LOCK_SRC_DIR by changing
S back to ${WORKDIR}/git and using CARGO_SRC_DIR to select
the right subdirectory to be built, because the Cargo.toml
in this subdirectory was also referencing other subdirectories
with relative path:
https://github.com/solana-labs/solana-program-library/blob/88b147506d5b9515f3a4762421a0b8c309188dc9/token/cli/Cargo.toml#L30
so including all Cargo.lock files in whole ${WORKDIR}/git
seems like reasonable approach
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
* #10759: LaTeX: add latex_table_style and support the 'booktabs',
'borderless', and 'colorrows' styles. (thanks to Stefan
Wiehler for initial pull requests #6666, #6671)
* #10840: One can cross-reference including an option value like
`--module=foobar`, `--module[=foobar]` or `--module foobar`.
Patch by Martin Liska.
* #10881: autosectionlabel: Record the generated section label to the
debug log.
* #10268: Correctly URI-escape image filenames.
* #10887: domains: Allow sections in all the content of all object
description directives (e.g. py:function). Patch by Adam
Turner
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
* Potentially breaking changes
- `grouper` no longer accepts an integer as its first
argument. Previously this raised a DeprecationWarning.
- `collate` has been removed. Use the built-in
`heapq.merge` instead.
- `windowed` now yields nothing when its iterable is
empty.
* This library now advertises support for Python 3.7+.
* New functions
- `constrained_batches`
- `batched` (from the Python itertools docs)
- `polynomial_from_roots` (from the Python itertools
docs)
-`sieve` (from the Python itertools docs)
* Other changes
- Some documentation issues were fixed (thanks to nanouasyn)
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
* This patch updates some docs, and depends on exceptiongroup 1.0.0 final
to avoid a bug in the previous version.
6.56.3 - 2022-10-17
* This patch teaches text() to rewrite a few more filter predicates (issue
#3134). You’re unlikely to notice any change.
6.56.2 - 2022-10-10
* This patch updates our vendored list of top-level domains, which is used
by the provisional domains() strategy, and fixes some incorrect examples
in the docs for mutually_broadcastable_shapes().
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
* #10012: Update pytest.PytestUnhandledCoroutineWarning to a
deprecation; it will raise an error in pytest 8.
* #10396: pytest no longer depends on the py library. pytest provides
a vendored copy of py.error and py.path modules but will use
the py library if it is installed. If you need other py.* modules,
continue to install the deprecated py library separately, otherwise it
can usually be removed as a dependency.
* #4562: Deprecate configuring hook specs/impls using
attributes/marks.
Instead use pytest.hookimpl() and pytest.hookspec(). For more
details, see the docs.
* #9886: The functionality for running tests written for nose has been
officially deprecated.
This includes:
Plain setup and teardown functions and methods: this might catch
users by surprise, as setup() and teardown() are not pytest idioms, but
part of the nose support.
Setup/teardown using the @with_setup decorator.
For more details, consult the deprecation docs.
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
* 2040, [macOS]: provide wheels for arm64 architecture. (patch by
Matthieu Darbois)
Bug fixes
* 2116, [macOS], [critical]: `psutil.net_connections`_ fails with
RuntimeError.
* 2135, [macOS]: Process.environ() may contain garbage data. Fix
out-of-bounds read around sysctl_procargs. (patch by Bernhard
Urban-Forster)
* 2138, [Linux], [critical]: can't compile psutil on Android due to
undefined ethtool_cmd_speed symbol.
* 2142, [POSIX]: net_if_stats() 's flags on Python 2 returned unicode
instead of str. (patch by Matthieu Darbois)
* 2147, [macOS] Fix disk usage report on macOS 12+. (patch by Matthieu
Darbois)
* 2150, [Linux] Process.threads() may raise NoSuchProcess. Fix race
condition. (patch by Daniel Li)
* 2153, [macOS] Fix race condition in
test_posix.TestProcess.test_cmdline. (patch by Matthieu Darbois)
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Tim Orling [Wed, 2 Nov 2022 03:18:20 +0000 (20:18 -0700)]
python3-bcrypt: upgrade 4.0.0 -> 4.0.1
* Refresh python3-bcrypt-crates.inc
Upstream release notes[1]:
* We now build PyPy manylinux wheels.
* Fixed a bug where passing an invalid salt to checkpw could result in
a pyo3_runtime.PanicException. It now correctly raises a ValueError.
[1] https://github.com/pyca/bcrypt/#401
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Marek Vasut [Tue, 1 Nov 2022 21:34:46 +0000 (22:34 +0100)]
bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware
Currently the hciattach bcm43xx firmware loader looks up the firmware
blob in /etc/firmware . Change this to /lib/firmware instead, so that
the path is consistent with Linux kernel which also looks up firmware
for the WiFi part in /lib/firmware .
Signed-off-by: Marek Vasut <marex@denx.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
| oe-selftest - INFO - test_archiver_multiconfig_shared_unpack_and_patch (archiver.Archiver)
| oe-selftest - INFO - ... ok
| oe-selftest - INFO - ----------------------------------------------------------------------
| oe-selftest - INFO - Ran 1 test in 52.948s
| oe-selftest - INFO - OK
| oe-selftest - INFO - RESULTS:
| oe-selftest - INFO - RESULTS - archiver.Archiver.test_archiver_multiconfig_shared_unpack_and_patch: PASSED (49.98s)
| oe-selftest - INFO - SUMMARY:
| oe-selftest - INFO - oe-selftest () - Ran 1 test in 52.948s
| oe-selftest - INFO - oe-selftest - OK - All required tests passed (successes=1, skipped=0, failures=0, errors=0)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rust-common.bbclass: use built-in rust targets for -native builds
Rust targets have the form of 'arch-unknown-linux-gnu' while
oe's native targets are 'arch-linux-gnu', e.g. omit the vendor.
The effect this has on rust-native builds is that rust first builds
itself as stage0 for arch-unknown-linux-gnu, then builds itself
again for arch-unknown-linux-gnu, then finally uses the compiler
from second step to 'cross-compile' a compiler for 'arch-linux-gnu'.
This last step is really not necessary, and we could save 4 minutes
out of 12 if it is eliminated. Which is what this patch does
by setting the target directly to 'arch-unknown-linux-gnu'; rust's
build system then shortcuts the build process after the second step.
Given a working rust-native will be needed as early as possible in a
typical yocto build (e.g. when in a not too distant future making a
useful kernel will not be possible without rust), producing it faster
is important.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This test doesn't get exercised on the autobuilder and so it was broken:
specifically some of the ln commands silently fail and the chroot isn't
usable.
Rewrite the test case to correctly construct a chroot so the test can
pass.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 1 Nov 2022 16:29:04 +0000 (16:29 +0000)]
oeqa/target/ssh: add ignore_status argument to run()
The underlying _run() method has an ignore_status argument and can
either return the exit code or raise an exception if it is non-zero.
Add the same argument to the run() method so that test cases can change
this value. It currently defaults to True as that is the existing
behaviour, but a follow-up patch will change this to False as test cases
should fail on errors unless told otherwise.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Tue, 1 Nov 2022 15:08:57 +0000 (08:08 -0700)]
python3-mako: upgrade 1.2.2 -> 1.2.3
Released: Thu Sep 22 2022
* bug
- [bug] [lexer]
* Fixed issue in lexer in the same category as that of #366 where the regexp
used to match an end tag didn’t correctly organize for matching characters
surrounded by whitespace, leading to high memory / interpreter hang if a
closing tag incorrectly had a large amount of unterminated space in it.
Credit to Sebastian Chnelik for locating the issue.
As Mako templates inherently render and directly invoke arbitrary Python
code from the template source, it is never appropriate to create templates
that contain untrusted input.
Peter Bergin [Mon, 31 Oct 2022 21:10:12 +0000 (22:10 +0100)]
gptfdisk: remove warning message from target system
A recent change in libuuid made warning when running
sgdisk. Backport patch from upstream to silent warning.
The warning:
"Warning! Unable to generate a proper UUID! Creating an improper one as a last
resort! Windows 7 may crash if you save this partition table!"
Signed-off-by: Peter Bergin <peter@berginkonsult.se> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
cargo-update-recipe-crates.bbclass: add a class to generate SRC_URI crate lists from Cargo.lock
For better or worse, more and more rust components are appearing that do
not include their dependencies in tarballs (or git trees), and rely on cargo
to fetch them. On the other hand, bitbake does not use cargo (and quite possible
won't ever be able to), and relies on having each item explicitly listed in SRC_URI
with a crate:// prefix. This however creates a problem of both making such lists in
the first place and updating them when a recipe is updated to a newer version.
So this class can be used to perform such updates by implementing a task that does it;
the next commit shows the outcome for python3-bcrypt (which has been tested to work
and produce a successful build).
Note: the python script relies on tomllib library, which appears in Python 3.11 and
does not exist in earlier versions - I've tested this by first updating python to 3.11-rc2
in oe-core.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Fri, 28 Oct 2022 15:23:53 +0000 (16:23 +0100)]
sanity: check for GNU tar specifically
We need the system tar to be GNU tar, as we reply on --xattrs. Some
distributions may be using libarchive's tar binary, which is definitely
not as featureful, so check for this and abort early with a clear
message instead of later with mysterious errors.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
[v2 hopefully fixes the From: mangling by the ML, no functional changes]
Trying to build cmake-native on a host system where curl was built with cmake
(resulting in CURLConfig.cmake and friends, which do not use the same naming
schemes expected by cmake-native's build process, being installed to a system
wide cmake directory like /usr/lib64/cmake/CURL) results in undefined
references to all libcurl symbols.
The problem is that cmake-native sees and uses the system wide
/usr/lib64/cmake/CURL/CURLConfig.cmake, which defines CURL::libcurl and
CURL::curl as opposed to setting ${CURL_LIBRARIES} as expected by
cmake-native.
find_package(CURL) (cmake-native's CMakeLists.txt, line 478) succeeds, but
incorrectly uses the system wide CURLConfig.cmake, resulting
CMAKE_CURL_LIBRARIES to be set to an empty string (cmake-native's
CMakeLists.txt, line 484), causing the cmake-native build to miss -lcurl.
The simplest fix is to let cmake know the right value for
CURL_LIBRARIES. Making it -lcurl should always work with libcurl-native
in recipe-sysroot-native.
[YOCTO #14951]
Signed-off-by: Bernhard Rosenkränzer <bero@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
mirrors.bbclass: use shallow tarball for binutils-native
This is useful e.g. when using meta-clang, which introduces a dependency to binutils-native, and then a
full tarball of binutils is fetched additionally to a shallow tarball.
The original BB_GIT_SHALLOW lines were added because of https://www.mail-archive.com/yocto@lists.yoctoproject.org/msg08752.html
Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ahmad Fatoum [Wed, 26 Oct 2022 13:22:19 +0000 (15:22 +0200)]
kernel-fitimage: skip FDT section creation for applicable symlinks
When building a FIT image with device trees, each device tree lands in a
FIT section and is referenced by a FIT configuration node.
FIT images however also allow referencing the same device tree from
multiple configurations. This can be useful to reduce FIT image size
while staying compatible with existing bootloaders. Allow
kernel-fitimage.bbclass users to take advantage of this by mapping
each symlink to a regular device tree included in the FIT to a
configuration that references a common device tree section.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ahmad Fatoum [Wed, 26 Oct 2022 13:22:18 +0000 (15:22 +0200)]
kernel-fitimage: mangle slashes to underscores as late as possible
This introduces no functional change, but will come in handy in a later
commit where a file lookup will have us using the device tree name. If
we keep it like it's now, we will lose the information whether an
underscore is an original underscore or a mangled slash.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
wangmy [Tue, 11 Oct 2022 08:58:49 +0000 (16:58 +0800)]
lighttpd: upgrade 1.4.66 -> 1.4.67
Changelog:
=============
* Update comment about TCP_INFO on OpenBSD
* [mod_ajp13] fix crash with bad response headers (fixes #3170)
* [core] handle RDHUP when collecting chunked body
* [core] tweak streaming request body to backends
* [core] handle ENOSPC with pwritev() (#3171)
* [core] manually calculate off_t max (fixes #3171)
* [autoconf] force large file support (#3171)
* [multiple] quiet coverity warnings using casts
* [meson] add license keyword to project declaration
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rust-target-config: match riscv target names with what rust expects
Official rust risc-v targets are prefixed with riscv32gc- and riscv64gc-:
https://doc.rust-lang.org/nightly/rustc/platform-support.html
Particularly crossbeam-utils make important build time decisions
for atomics based on those names, and so we need to match ours
with official targets.
On the other hand, the actual definitions for those targets do not
use the 'gc' suffix in 'arch' and 'llvm-target' fields, and so we
need to follow that too, to avoid cryptic mismatch errors from rust-llvm:
https://github.com/rust-lang/rust/blob/master/compiler/rustc_target/src/spec/riscv32gc_unknown_linux_gnu.rs
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 26 Oct 2022 21:03:29 +0000 (22:03 +0100)]
openssl: Fix SSL_CERT_FILE to match ca-certs location
In OE-Core d6b15d1e70b99185cf245d829ada5b6fb99ec1af,
"openssl: export necessary env vars in SDK", the value added for
SSL_CERT_FILE was in conflict with the value used elsewhere, such as
in buildtools. This makes them match and fixes buildtools testsdk
failures.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sean Anderson [Fri, 21 Oct 2022 23:37:26 +0000 (19:37 -0400)]
u-boot: Rework signing to remove interdependencies
The U-Boot signing code is a bit of a mess. The problem is that mkimage
determines the public keys to embed into a device tree based on an image
that it is signing. This results in all sorts of contortions: U-Boot has to
be available to the kernel recipe so that it can have the correct public
keys embedded. Then, the signed U-Boot has to be made available to U-Boot's
do_deploy. This same dance is then repeated for SPL. To complicate matters,
signing for U-Boot and U-Boot SPL is optional, so the whole process must be
seamlessly integrated with a non-signed build.
The complexity and interdependency of this process makes it difficult to
extend. For example, it is not possible to install a signed U-Boot binary
into the root filesystem. This is first because u-boot:do_install must run
before linux:do_assemble_fitimage, which must run before u-boot:do_deploy.
But aside from infrastructure issues, installing a signed U-Boot also can't
happen, because the kernel image might have an embedded initramfs
(containing the signed U-Boot).
However, all of this complexity is accidental. It is not necessary to embed
the public keys into U-Boot and sign the kernel in one fell swoop. Instead,
we can sign the kernel, stage it, and sign the staged kernel again to embed
the public keys into U-Boot [1]. This twice-signed kernel serves only to
provide the correct parameters to mkimage, and does not have to be
installed or deployed. By cutting the dependency of
linux:do_assemble_fitimage on u-boot:do_install, we can drastically
simplify the build process, making it much more extensible.
The process of doing this conversion is a bit involved, since the U-Boot
and Linux recipes are so intertwined at the moment. The most major change
is that uboot-sign is no longer inherited by kernel-fitimage. Similarly,
all U-Boot-related tasks have been removed from kernel-fitimage. We add a
new step to the install task to stage the kernel in /sysroot-only. The
logic to disable assemble_fitimage has been removed. We always assemble it,
even if the final fitImage will use a bundled initramfs, because U-Boot
will need it.
On the U-Boot side, much of the churn stems from multiple config support.
Previously, we took a fairly ad-hoc approach to UBOOT_CONFIG and
UBOOT_MACHINE, introducing for loops wherever we needed to deal with them.
However, I have chosen to use a much more structured approach. Each task
which needs to use the build directory uses the following pseudocode:
do_mytask() {
if ${UBOOT_CONFIG}; then
for config, type in zip(${UBOOT_CONFIG}, ${UBOOT_MACHINE}); do
cd ${config}
mytask_helper ${type}
done
else
cd ${B}
mytask_helper ""
fi
}
By explicitly placing the work in mytask_helper, we make it easier to
ensure that everything is covered, and we also allow bbappends files to
more easily extend the task (as otherwise they would need to reimplement
the loop themselves).
[1] It doesn't particularly matter what we sign. Any FIT will do, but I
chose the kernel's because we already went to the trouble of setting it up
with the correct hashes and signatures. In the future, we could create a
"dummy" image and sign that instead, but it would probably have to happen
in the kernel recipe anyway (so we have access to the appropriate
variables).
Signed-off-by: Sean Anderson <sean.anderson@seco.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Sean Anderson [Fri, 21 Oct 2022 23:37:24 +0000 (19:37 -0400)]
uboot-sign: Use bitbake variables directly
uboot_fitimage_assemble is called from one place with the same
arguments. Instead of using shell variables as intermediaries, simplify
the function by using the bitbake variables directly. Removing a layer
of indirection makes it easier to determine what values are being
substituted in. Some variables can't be fully converted, but they will
be addressed in the a few commits.
Signed-off-by: Sean Anderson <sean.anderson@seco.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Sean Anderson [Fri, 21 Oct 2022 23:37:22 +0000 (19:37 -0400)]
kernel: Clear SYSROOT_DIRS instead of replacing sysroot_stage_all
Replacing sysroot_stage_all by a no-op recipe makes it difficult for
bbappends to stage files intentionally. Instead, just clear
SYSROOT_DIRS, allowing other bbappends to easily add new directories.
Signed-off-by: Sean Anderson <sean.anderson@seco.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Sean Anderson [Fri, 21 Oct 2022 23:37:21 +0000 (19:37 -0400)]
uboot-sign: Fix using wrong KEY_REQ_ARGS
When generating our SPL-verifying certificate, we use FIT_KEY_REQ_ARGS,
which is intended for the U-Boot-verifying certificate. Instead, use
UBOOT_FIT_KEY_REQ_ARGS.
Fixes: 0e6b0fefa0 ("u-boot: Use a different Key for SPL signing") Signed-off-by: Sean Anderson <sean.anderson@seco.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
This release merges the security fix that appears in v2.30.6; see
the release notes for that version for details.
Excerpt from 2.30.6 release notes:
* CVE-2022-39260:
An overly-long command string given to `git shell` can result in
overflow in `split_cmdline()`, leading to arbitrary heap writes and
remote code execution when `git shell` is exposed and the directory
`$HOME/git-shell-commands` exists.
`git shell` is taught to refuse interactive commands that are
longer than 4MiB in size. `split_cmdline()` is hardened to reject
inputs larger than 2GiB.
Credit for finding CVE-2022-39260 goes to Kevin Backhouse of GitHub.
The fix was authored by Kevin Backhouse, Jeff King, and Taylor Blau.
For 2.38.0 changes, see:
https://github.com/git/git/blob/master/Documentation/RelNotes/2.38.0.txt
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Jose Quaresma [Mon, 24 Oct 2022 11:32:16 +0000 (11:32 +0000)]
kernel-yocto: improve fatal error messages of symbol_why.py
Improve the fatal error message of the yocto-kernel-tools symbol_why.py
and shows the command that generate the error as it can help understand
the root cause of the error.
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Mikko Rapeli [Mon, 24 Oct 2022 09:32:24 +0000 (12:32 +0300)]
os-release: add HOMEPAGE and link to documentation
It's important to use standard variable names in the
/etc/os-release file. Otherwise reporting version etc
details requires custom modifications in various tools.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
projects / thirdparty / openembedded / openembedded-core.git / log
