]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/log
thirdparty/openembedded/openembedded-core.git
12 months agobusybox: CVE-2023-42364 and CVE-2023-42365 fixes
Khem Raj [Sun, 14 Jul 2024 18:51:45 +0000 (11:51 -0700)] 
busybox: CVE-2023-42364 and CVE-2023-42365 fixes

backport upstream fix for CVEs and fix the regression that introduced [1]

[1] http://lists.busybox.net/pipermail/busybox/2024-May/090766.html

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
12 months agobusybox: Fix tc applet build when using kernel 6.8+
Khem Raj [Sun, 14 Jul 2024 16:59:04 +0000 (09:59 -0700)] 
busybox: Fix tc applet build when using kernel 6.8+

We now have 6.9 kernel headers in master which means
busybox builds with CONFIG_TC will fail to build due
to CBQ being dropped in kernel 6.8+

Apply a fix which is reported upstream

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobuild-appliance-image: Update to master head revision
Richard Purdie [Tue, 16 Jul 2024 14:58:10 +0000 (15:58 +0100)] 
build-appliance-image: Update to master head revision

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoSwitch default spdx version to 3.0
Joshua Watt [Fri, 12 Jul 2024 15:58:22 +0000 (09:58 -0600)] 
Switch default spdx version to 3.0

Changes the default SPDX version to 3.0

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses/create-spdx-3.0: Move tasks to library
Joshua Watt [Fri, 12 Jul 2024 15:58:20 +0000 (09:58 -0600)] 
classes/create-spdx-3.0: Move tasks to library

Move the bulk of the python code in the SPDX 3.0 classes into a library
file

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses/spdx-common: Move to library
Joshua Watt [Fri, 12 Jul 2024 15:58:19 +0000 (09:58 -0600)] 
classes/spdx-common: Move to library

Moves the bulk of the code in the spdx-common bbclass into library code

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoselftest: spdx: Add SPDX 3.0 test cases
Joshua Watt [Fri, 12 Jul 2024 15:58:16 +0000 (09:58 -0600)] 
selftest: spdx: Add SPDX 3.0 test cases

Adds test cases for SPDX 3.0. Reworks the SPDX 2.2 test setup so it can
also be run even if the default is SPDX 3.0

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses/create-spdx-3.0: Add classes
Joshua Watt [Fri, 12 Jul 2024 15:58:13 +0000 (09:58 -0600)] 
classes/create-spdx-3.0: Add classes

Adds a class to generate SPDX 3.0 output and an image class that is used
when generating images

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobluez5: upgrade 5.72 -> 5.77
gudnimg [Thu, 11 Jul 2024 19:12:53 +0000 (19:12 +0000)] 
bluez5: upgrade 5.72 -> 5.77

Changelog:
* https://github.com/bluez/bluez/releases/tag/5.77
* https://github.com/bluez/bluez/releases/tag/5.76
* https://github.com/bluez/bluez/releases/tag/5.75
* https://github.com/bluez/bluez/releases/tag/5.74
* https://github.com/bluez/bluez/releases/tag/5.73

Changes relevant to the build:
* One patch file is dropped.
* /etc/bluetooth is now installed with 555 permission bits when systemd
is not enabled. The do_install function was edited to change it back to
755. This was causing test failure when testing SDK packaging
* Added a few missing PACKAGECONFIGs which are enabled by default.
- asha-profiles: new in BlueZ 5.77
- ccp-profiles: new in BlueZ 5.73
- micp-profiles: new in BlueZ 5.70
- csip-profiles: new in BlueZ 5.67
- bass-profiles: new in BlueZ 5.67
- vcp-profiles: new in BlueZ 5.66
- mcp-profiles: new in BlueZ 5.66
- bap-profiles: new in BlueZ 5.66

Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibstd-rs,rust-cross-canadian: set CVE_PRODUCT to rust
Peter Marko [Sun, 14 Jul 2024 09:36:28 +0000 (11:36 +0200)] 
libstd-rs,rust-cross-canadian: set CVE_PRODUCT to rust

These recipes come from rust sources and CVEs are reported for them
under rust-lang:rust vendor:product touple.
Especially libstd-rs needs correct CVE_PRODUCT as is it installed on
target devices (being statically linked to rust compiled binaries).

before:
cargo: CVE_PRODUCT="cargo"
cargo-c-native: CVE_PRODUCT="cargo-c"
libstd-rs: CVE_PRODUCT="libstd-rs"
rust: CVE_PRODUCT="rust"
rust-cross-canadian: CVE_PRODUCT="rust-cross-canadian-<arch>"
rust-llvm: CVE_PRODUCT="rust-llvm"

after:
cargo: CVE_PRODUCT="cargo"
cargo-c-native: CVE_PRODUCT="cargo-c"
libstd-rs: CVE_PRODUCT="rust"
rust: CVE_PRODUCT="rust"
rust-cross-canadian-x86-64: CVE_PRODUCT="rust"
rust-llvm: CVE_PRODUCT="rust-llvm"

Product for rust-llvm is uncertain and, should be handled in another
commit if it is desired to align it, too.

sqlite> select vendor, product, count(product) from products where vendor="rust-lang" group by product;
rust-lang|async-h1|2
rust-lang|cargo|5
rust-lang|future-utils|2
rust-lang|futures-task|2
rust-lang|mdbook|1
rust-lang|regex|2
rust-lang|rsa|2
rust-lang|rust|45
rust-lang|socket2|1

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoinsane: skip unimplemented-ptest checks if disabled
Yoann Congal [Tue, 9 Jul 2024 22:42:33 +0000 (00:42 +0200)] 
insane: skip unimplemented-ptest checks if disabled

This avoids searching through ${S} multiple times if unimplemented-ptest
QA check is disabled (the default case).

Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3-hypothesis: upgrade 6.103.2 -> 6.105.1
Trevor Gamblin [Tue, 9 Jul 2024 18:20:46 +0000 (14:20 -0400)] 
python3-hypothesis: upgrade 6.103.2 -> 6.105.1

Changelog (https://hypothesis.readthedocs.io/en/latest/changes.html):

6.105.1 - 2024-07-07
- This patch iterates on our experimental support for alternative backends (Alternative backends for Hypothesis). See pull request #4029 for details.

6.105.0 - 2024-07-04
- This release improves support for Django 5.0, and drops support for end-of-life Django versions (< 4.2).
- Thanks to Joshua Munn for this contribution.

6.104.4 - 2024-07-04
- Clean up internal cache implementation.

6.104.3 - 2024-07-04
- This patch updates our autoformatting tools, improving our code style without any API changes.

6.104.2 - 2024-06-29
- This patch fixes an issue when realizing symbolics with our experimental backend setting.

6.104.1 - 2024-06-25
- Improves internal test coverage.

6.104.0 - 2024-06-24
- This release adds strategies for Django’s ModelChoiceField and ModelMultipleChoiceField (issue #4010).
- Thanks to Joshua Munn for this contribution.

6.103.5 - 2024-06-24
- Fixes and reinstates full coverage of internal tests, which was accidentally disabled in pull request #3935.
- Closes issue #4003.

6.103.4 - 2024-06-24
- This release prevents a race condition inside internal cache implementation.

6.103.3 - 2024-06-24
- This patch updates our vendored list of top-level domains, which is used by the provisional domains() strategy.

Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoRevert "insane: skip unimplemented-ptest on S=WORKDIR recipes"
Yoann Congal [Tue, 9 Jul 2024 13:26:13 +0000 (15:26 +0200)] 
Revert "insane: skip unimplemented-ptest on S=WORKDIR recipes"

S=WORKDIR is not supported anymore, so the check is now redundant.

This reverts commit 9a2d2f7c2b7236667a6d80355f73db4c27e6582e (in OE-Core).

Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoglibc: add task to list exported symbols
Ross Burton [Tue, 9 Jul 2024 16:51:04 +0000 (17:51 +0100)] 
glibc: add task to list exported symbols

When upgrading glibc it's important to know if there are any new symbols
that pseudo needs to wrap. In the future a generalised ABI comparison tool
would be good, but to solve the immediate need we can simply list the
exported symbols to files in WORKDIR.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agosystemd: Mitigate /var/log type mismatch issue
Niko Mauno [Tue, 9 Jul 2024 12:22:11 +0000 (12:22 +0000)] 
systemd: Mitigate /var/log type mismatch issue

When VOLATILE_LOG_DIR evaluates as True, the base-files recipe provides
/var/log -> /var/volatile/log symlink which is in conflict with systemd
upstream tmpfiles.d/var.conf.in which defines it as a directory.

This generates following error in journal:

  Jul 03 14:28:00 qemux86-64 systemd-tmpfiles[165]: "/var/log" already exists and is not a directory.

Mitigate the issue by defining /var/log as symlink corresponding to
the one created by base-files, when appropriate.

Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooeqa/selftest/oescripts: pinentry update to 1.3.1
Alexandre Belloni [Thu, 11 Jul 2024 16:35:14 +0000 (18:35 +0200)] 
oeqa/selftest/oescripts: pinentry update to 1.3.1

Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agowireless-regdb: upgrade 2024.05.08 -> 2024.07.04
Wang Mingyu [Wed, 10 Jul 2024 09:43:54 +0000 (17:43 +0800)] 
wireless-regdb: upgrade 2024.05.08 -> 2024.07.04

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agosysstat: upgrade 12.7.5 -> 12.7.6
Wang Mingyu [Wed, 10 Jul 2024 09:43:53 +0000 (17:43 +0800)] 
sysstat: upgrade 12.7.5 -> 12.7.6

Changelog:
==========
* sar/sadf: [A_NET_ETCP]: Rename retrans/s field to retrseg/s
  because it was already used in A_NET_NFS report.
* sadf: SVG: Fix oversized SVG canvas height.
* sadf: Don't cap SVG graph output at 100%.
* sadf: A_NET_SOFT: Don't display graphs for offline CPU.
* sadf: SVG: Don't ignore other views when one has to be skipped.
* sadf: Make sure structures will be alloacated for every installed CPU.
* sadf: Define MIN_CANVAS_HEIGHT constant.
* sar: Display min/max values only when available.
* Define macros for CPU manipulation.
* SREALLOC() macro: Make sure size is not zero.
* Fix a warning given by gcc v13 with -fanalyzer option.
* [Eli Schwartz]: configure.ac: fix erroneous bashisms.
* sar manual page updated.
* DTD and XSD documents updated.
* Year updated in copyright messages.
* Other cosmetic changes in code.
* FAQ and README files updated.
* Non regression tests updated. New tests added.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agorepo: upgrade 2.45 -> 2.46
Wang Mingyu [Wed, 10 Jul 2024 09:43:52 +0000 (17:43 +0800)] 
repo: upgrade 2.45 -> 2.46

Changelog:
==========
- project: ignore more curl failure modes
- logging: Fix log formatting with colored output
- upload: add a --topic option for setting topic explicitly
- sync: Abort rebase in progress if force-checkout is set
- ssh: Set git protocol version 2 on SSH ControlMaster
- upload: drop check for uncommitted local changes
- git: raise hard version to 1.9.1
- release: update-hooks: helper for automatically syncing hooks
- gitc: delete a few more dead references
- man: regenerate man pages
- Remove platform_utils.realpath
- Fix drive mounted directory on Windows
- git_command: unify soft/hard versions with requirements.json

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3-trove-classifiers: upgrade 2024.5.22 -> 2024.7.2
Wang Mingyu [Wed, 10 Jul 2024 09:43:51 +0000 (17:43 +0800)] 
python3-trove-classifiers: upgrade 2024.5.22 -> 2024.7.2

Changelog:
 Add CUDA 12.3-12.5 classifiers

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3-pycairo: upgrade 1.26.0 -> 1.26.1
Wang Mingyu [Wed, 10 Jul 2024 09:43:50 +0000 (17:43 +0800)] 
python3-pycairo: upgrade 1.26.0 -> 1.26.1

Changelog:
==========
- Fix Surface.set_mime_data() with Python 3.13
- Fix the test suite with Python 3.13b2.
- Update vendored Windows wheel dependencies

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3-maturin: upgrade 1.6.0 -> 1.7.0
Wang Mingyu [Wed, 10 Jul 2024 09:43:49 +0000 (17:43 +0800)] 
python3-maturin: upgrade 1.6.0 -> 1.7.0

Changelog:
============
- Initial iOS support
- Remove old import hook in #2105, use maturin-import-hook instead
- Bump MSRV to 1.74.0
- Add support for overriding wheel tag with _PYTHON_HOST_PLATFORM
- Don't add files to an archive more than once
- Only use base python executable when MATURIN_PEP517_USE_BASE_PYTHON is set

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3-importlib-metadata: upgrade 7.1.0 -> 8.0.0
Wang Mingyu [Wed, 10 Jul 2024 09:43:48 +0000 (17:43 +0800)] 
python3-importlib-metadata: upgrade 7.1.0 -> 8.0.0

Changelog:
=============
- Message.__getitem__ now raises a KeyError on missing keys.
- Removed deprecated support for Distribution subclasses not implementing
  abstract methods.
- When reading installed files from an egg, use relative_to(walk_up=True) to
  honor files installed outside of the installation root.
- Deferred select imports in for speedup (python/cpython#109829).
- Updated fixtures for python/cpython#120801.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3-hatchling: upgrade 1.24.2 -> 1.25.0
Wang Mingyu [Wed, 10 Jul 2024 09:43:47 +0000 (17:43 +0800)] 
python3-hatchling: upgrade 1.24.2 -> 1.25.0

Changelog:
==========
- The macos-max-compat option for the wheel target is now disabled by default
  and will be removed in a future release
- Artifacts for the wheel and sdist targets now have their permission bits
  normalized
- Ignore manylinux/musllinux tags for the wheel target artifact name when
  enabling the infer_tag build data
- The wheel target build data infer_tag when enabled now respects the
  MACOSX_DEPLOYMENT_TARGET environment variable

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3-certifi: upgrade 2024.6.2 -> 2024.7.4
Wang Mingyu [Wed, 10 Jul 2024 09:43:46 +0000 (17:43 +0800)] 
python3-certifi: upgrade 2024.6.2 -> 2024.7.4

Changelog:
==========
- Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0
- Bump actions/checkout from 4.1.6 to 4.1.7
- Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopinentry: upgrade 1.3.0 -> 1.3.1
Wang Mingyu [Wed, 10 Jul 2024 09:43:45 +0000 (17:43 +0800)] 
pinentry: upgrade 1.3.0 -> 1.3.1

libassuan_pkgconf.patch
refreshed for 1.3.1

Changelog
===========
* qt: Install and use pinentry icon.
* qt: Small fix for Qt5.
* qt: Fix Windows build of Qt6.
* New envvar PINENTRY_KDE_USE_WALLET to enable the secret storage
  integration on KDE.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoopkg-utils: upgrade 0.6.3 -> 0.7.0
Wang Mingyu [Wed, 10 Jul 2024 09:43:44 +0000 (17:43 +0800)] 
opkg-utils: upgrade 0.6.3 -> 0.7.0

0001-opkg-build-remove-numeric-owner-parameter-overzealou.patch
removed since it's included in 0.7.0

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoopkg: upgrade 0.6.3 -> 0.7.0
Wang Mingyu [Wed, 10 Jul 2024 09:43:43 +0000 (17:43 +0800)] 
opkg: upgrade 0.6.3 -> 0.7.0

0001-libopkg-Use-libgen.h-to-provide-basename-API.patch
removed since it's included in 0.7.0

0001-opkg_conf-create-opkg.lock-in-run-instead-of-var-run.patch
refreshed for 0.7.0

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibsdl2: upgrade 2.30.4 -> 2.30.5
Wang Mingyu [Wed, 10 Jul 2024 09:43:41 +0000 (17:43 +0800)] 
libsdl2: upgrade 2.30.4 -> 2.30.5

Changelog:
=============
- Respect SDL_HINT_RENDER_DRIVER when creating an accelerated window surface
- Clean up any accelerated renderer in SDL_DestroyWindowSurface()
- Disable low level USB controller support on Android by default
- Fixed USB permissions dialog on Android 14
- Fixed controller mapping matching when one entry has a CRC specified and another doesn't
- Enable joystick support on FreeBSD when building using CMake
- Reduced input latency when using an fcitx IME on Linux
- Fixed graphical corruption on Raspberry Pi
- Fixed crash when using an unstable sort function in SDL_qsort

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibrsvg: upgrade 2.57.3 -> 2.58.1
Wang Mingyu [Wed, 10 Jul 2024 09:43:40 +0000 (17:43 +0800)] 
librsvg: upgrade 2.57.3 -> 2.58.1

0001-Makefile.am-pass-rust-target-to-cargo-also-when-not-.patch
refreshed for 2.58.1

Changelog:
- Fix failing test with Pango 1.52.1.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibproxy: upgrade 0.5.6 -> 0.5.7
Wang Mingyu [Wed, 10 Jul 2024 09:43:39 +0000 (17:43 +0800)] 
libproxy: upgrade 0.5.6 -> 0.5.7

Changelog:
=============
- Update github actions
- Handle empty ignore settings

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibdrm: upgrade 2.4.120 -> 2.4.122
Wang Mingyu [Wed, 10 Jul 2024 09:43:38 +0000 (17:43 +0800)] 
libdrm: upgrade 2.4.120 -> 2.4.122

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibdnf: upgrade 0.73.1 -> 0.73.2
Wang Mingyu [Wed, 10 Jul 2024 09:43:37 +0000 (17:43 +0800)] 
libdnf: upgrade 0.73.1 -> 0.73.2

Changelog:
==========
- context: use rpmtsAddReinstallElement() when doing a reinstall
- MergedTransaction: Fix invalid memory access when dropping items
- ConfigParser: fix use-out-of-scope leaks
- Since we use rpmtsAddReinstallElement rpm also uninstalls the package
- Fix countme bucket calculation

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibadwaita: upgrade 1.5.1 -> 1.5.2
Wang Mingyu [Wed, 10 Jul 2024 09:43:36 +0000 (17:43 +0800)] 
libadwaita: upgrade 1.5.1 -> 1.5.2

Changelog:
==========
- AdwAlertDialog
  - Fix unmatched va_start()
  - Fix setting default widget when removing a response
- AdwBreakpointCondition
  - Fix leaks when parsing
- AdwBreakpointBin
  - Fix a leak
- AdwDialog
  - Fix toggling presentation mode
  - Fix close button ignoring :can-close
  - Fix ::close-attempt not emitting in some cases
  - Fix swipe area for bottom sheets
  - Leak fixes
- AdwHeaderBar
  - Fix initial focus for the back button
  - Fix split view links in docs
- AdwMessageDialog
  - Fix unmatched va_start()
- AdwSpinRow
  - Fix ::input handling
- AdwTabButton
  - Fix needs-attention badge on RTL
- AdwTabView
  - Accessibility fixes
- AdwViewStack
  - Accessibility fixes
- Translation updates
  - Nepali

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoharfbuzz: upgrade 8.5.0 -> 9.0.0
Wang Mingyu [Wed, 10 Jul 2024 09:43:35 +0000 (17:43 +0800)] 
harfbuzz: upgrade 8.5.0 -> 9.0.0

Changelog:
============
- HarfBuzz now the supports the proposed new OpenType "VARC" table. This
  replaces the previously supported "Variable Composites" experimental feature.
  "VARC" support is still experimental and it is not enabled unless HarfBuzz is
  built with experimental APIs enabled:
  https://github.com/harfbuzz/boring-expansion-spec/blob/main/VARC.md
- Autotools build system have been dropped. Meson is the only supported build
  system in HarfBuzz going forward.
- Speed up "AAT" shaping for short words by up to 4%.
- Ignore unknown "CFF" operators.
- "hb_subset_input_keep_everything()" now keeps also non-unicode "name" table
  records.
- Update the IANA and OpenType language tag registries.
- Support composite glyphs with very large number of points in hb-draw API.
- Various build fixes.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agogstreamer: upgrade 1.24.4 -> 1.24.5
Wang Mingyu [Wed, 10 Jul 2024 09:43:34 +0000 (17:43 +0800)] 
gstreamer: upgrade 1.24.4 -> 1.24.5

0001-uvcgadget-Use-g_path_get_basename-instead-of-libc-ba.patch
0002-tests-add-support-for-install-the-tests.patch
refreshed for 1.24.5

Changelog:
 https://gstreamer.freedesktop.org/releases/1.24

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agogdbm: upgrade 1.23 -> 1.24
Wang Mingyu [Wed, 10 Jul 2024 09:43:33 +0000 (17:43 +0800)] 
gdbm: upgrade 1.23 -> 1.24

ptest.patch
refreshed for 1.24.

Changelog:
===========
* New gdbm_load option: --update
* Fix semantics of gdbm_load -r
* Use getline in gdbmtool shell.
* New function: gdbm_load_from_file_ext
* Fix binary dump format for key and/or data of zero size.
* Fix location tracking and recover command in gdbtool.
* Fix possible buffer underflow in gdbmload.
* Ensure any padding bytes in avail_elem structure are filled with 0.
* Improve the documentation.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agodnf: upgrade 4.20.0 -> 4.21.0
Wang Mingyu [Wed, 10 Jul 2024 09:43:32 +0000 (17:43 +0800)] 
dnf: upgrade 4.20.0 -> 4.21.0

0005-Do-not-prepend-installroot-to-logdir.patch
refreshed for 4.21.0

Changelog:
===========
- Add detection for ostree-based systems and warn users about losing changes
- Fix: No traceback when Python interpreter is running with -P, allow -P in shebang lines
- man: Improve upgrade-minimal command docs (RHEL-6417)
- Limit queries to nevra forms when provided by command
- Update the man page entry for the countme option
- Drop collect file for ABRT

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agodiffoscope: upgrade 271 -> 272
Wang Mingyu [Wed, 10 Jul 2024 09:43:31 +0000 (17:43 +0800)] 
diffoscope: upgrade 271 -> 272

Changelog:
==========
* Move away from using DSA OpenSSH keys in tests; support has been removed
  in OpenSSH 9.8p1.
* Move to assert_diff helper in test_openssh_pub_key.py

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agodebianutils: upgrade 5.19 -> 5.20
Wang Mingyu [Wed, 10 Jul 2024 09:43:30 +0000 (17:43 +0800)] 
debianutils: upgrade 5.19 -> 5.20

Changelog:
==========
- acinclude.m4: Bump DEBIANUTILS_VERSION from 5.18 to 5.20.
- installkernel: Recognize "Image" as an uncompressed image basename

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agocups: upgrade 2.4.9 -> 2.4.10
Wang Mingyu [Wed, 10 Jul 2024 09:43:29 +0000 (17:43 +0800)] 
cups: upgrade 2.4.9 -> 2.4.10

Changelog:
===========
- Fixed error handling when reading a mixed "1setOf" attribute.
- Fixed scheduler start if there is only domain socket to listen on

0001-use-echo-only-in-init.patch
0002-don-t-try-to-run-generated-binaries.patch
0004-cups-fix-multilib-install-file-conflicts.patch
refreshed for 2.4.10.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agocreaterepo-c: upgrade 1.1.2 -> 1.1.3
Wang Mingyu [Wed, 10 Jul 2024 09:43:28 +0000 (17:43 +0800)] 
createrepo-c: upgrade 1.1.2 -> 1.1.3

Changelog:
 spec: Package Python examples

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoccache: upgrade 4.10 -> 4.10.1
Wang Mingyu [Wed, 10 Jul 2024 09:43:27 +0000 (17:43 +0800)] 
ccache: upgrade 4.10 -> 4.10.1

License-Update: Bundle Fmt again

Changelog:
===========
- Fixed prefix command lookup from PATH.
- Fixed detection and usage of system blake3.
- Find CppHttplib named libhttplib.so as well.
- Removed Xcode assembly workaround for zstd.
- Added bundled subset of Fmt again for convenience.
- Removed no longer needed workaround when building downloaded Zstd.
- Documentation improvements
- Clarified that --set-config writes to the configuration file.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobtrfs-tools: upgrade 6.8.1 -> 6.9.2
Wang Mingyu [Wed, 10 Jul 2024 09:43:26 +0000 (17:43 +0800)] 
btrfs-tools: upgrade 6.8.1 -> 6.9.2

0001-Add-a-possibility-to-specify-where-python-modules-ar.patch
removed since it's included in 6.9.2

Changelog:
==========
* subvol list: fix accidental trimming of subvolume name
* check: revert checking file extent item 'ram_bytes'
* libbtrfsutil:
   * patchlevel version update 1.3.2
   * fix accidentally closing fd passed to subvolume iterator

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobase-passwd: upgrade 3.6.3 -> 3.6.4
Wang Mingyu [Wed, 10 Jul 2024 09:43:25 +0000 (17:43 +0800)] 
base-passwd: upgrade 3.6.3 -> 3.6.4

0001-Add-a-shutdown-group.patch
0005-Add-kvm-group.patch
refreshed for 3.6.4

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agogdb: Upgrade to 15.1 release
Khem Raj [Wed, 10 Jul 2024 05:49:44 +0000 (22:49 -0700)] 
gdb: Upgrade to 15.1 release

Improved python support and needs c++17 std in compiler to build

Detailed Release Notee [1]

[1] https://sourceware.org/pipermail/gdb-announce/2024/000140.html

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoselftest/fortran-helloworld: Fix buildpaths error
Richard Purdie [Mon, 15 Jul 2024 12:10:46 +0000 (13:10 +0100)] 
selftest/fortran-helloworld: Fix buildpaths error

There is a buildpaths QA error in the test recipe that somehow didn't show up
in earlier testing. Use a source directory and tweak the build command to
avoid embedding build paths in the generated binary.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoinsane: Promote long standing warnings to errors
Richard Purdie [Thu, 11 Jul 2024 09:37:37 +0000 (10:37 +0100)] 
insane: Promote long standing warnings to errors

Most of these warnings have been around and enabled for a long time. In particular,
buildpaths has been like this for two years. I'm aware some layers still have not
been able to resolve all the warnings but I believe that regardless, it is still
time to raise the bar. If the warnings don't get fixed, it is probably a sign
that nobody cares about the recipe and it should be dropped.

For anyone coming here to find out what changed and how to disable it, if
you are going to remove from ERROR_QA and add back to WARN_QA (or just ignore
the warnings), please do it with a layer specific override rather than making
it global. We have fixed these issues in core and intend to keep them all fixed.
If you globally disable the errors, it just means we get patches which end up
regressing things.

You can do things like:

ERROR_QA:remove:layer-mylayername = "buildpaths"

not that I'd recommend it.

Also note that the next version of Yocto Project Compatible will only be
available to layers which are not disabling some set of these errors.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoicu/perf: Drop SPDX_S variable
Richard Purdie [Thu, 11 Jul 2024 15:34:17 +0000 (16:34 +0100)] 
icu/perf: Drop SPDX_S variable

These were used by external layers and were needed before we had better
unpack instrumenation and the recent unpack directory changes. Drop
them as obsolete.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobusybox: Patch CVE-2023-42363
Peter Marko [Fri, 12 Jul 2024 21:38:54 +0000 (23:38 +0200)] 
busybox: Patch CVE-2023-42363

Backport patch for CVE-2023-42363.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobusybox: Patch CVE-2021-42380
Peter Marko [Fri, 12 Jul 2024 21:38:53 +0000 (23:38 +0200)] 
busybox: Patch CVE-2021-42380

Backport patch for CVE-2021-42380.
Additionally backport clang regression fix caused by this patch.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoicu: remove host references in nativesdk to fix reproducibility
Oleksandr Hnatiuk [Fri, 12 Jul 2024 18:58:21 +0000 (11:58 -0700)] 
icu: remove host references in nativesdk to fix reproducibility

Fix is only done for target. Use same code for nativesdk.

Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com>
Signed-off-by: Oleksandr Hnatiuk <ohnatiuk@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses/create-spdx-2.2: Handle empty packages
Joshua Watt [Fri, 12 Jul 2024 15:58:21 +0000 (09:58 -0600)] 
classes/create-spdx-2.2: Handle empty packages

When combining an SPDX document, the package list might be empty (e.g.
a baremetal image). Handle this case instead of erroring out

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoselftest: sstatetests: Exclude all SPDX tasks
Joshua Watt [Fri, 12 Jul 2024 15:58:18 +0000 (09:58 -0600)] 
selftest: sstatetests: Exclude all SPDX tasks

SPDX 3.0 introduces a bunch of new SPDX tasks. Instead of explicitly
enumerating them all, modify the regex to match 'create_.*spdx' which
will cover all of the SPDX 2.0 and SPDX 3.0 tasks

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses-recipe/baremetal-image: Add image file manifest
Joshua Watt [Fri, 12 Jul 2024 15:58:12 +0000 (09:58 -0600)] 
classes-recipe/baremetal-image: Add image file manifest

Downstream tasks may want to know what image files were written so write
out a manifest in do_image_complete. The format of the manifest is the
same as the one in image.bbclass

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses-recipe: nospdx: Add class
Joshua Watt [Wed, 3 Jul 2024 13:59:22 +0000 (07:59 -0600)] 
classes-recipe: nospdx: Add class

Adds a class that allows recipes to opt out of generating SPDX

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images
Joshua Watt [Wed, 3 Jul 2024 13:59:20 +0000 (07:59 -0600)] 
classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images

Adds the variable overrides to set the SPDX image purpose for various
image types

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses-global/staging: Exclude do_create_spdx from automatic sysroot extension
Joshua Watt [Wed, 3 Jul 2024 13:59:19 +0000 (07:59 -0600)] 
classes-global/staging: Exclude do_create_spdx from automatic sysroot extension

do_create_spdx is a outlier in that it doesn't need the RSS to be
extended just because it depends on do_populate_sysroot. In fact, it
only depends on do_populate_sysroot so it can see the actual recipes
sysroot, and attempting to extend the sysroot can cause problems for
some recipes (e.g. if a recipe does do_populate_sysroot[noexec] = "1")

As such, explicitly exclude do_create_spdx from extending the sysroot
just because it depends on do_populate_sysroot.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoclasses-recipe/image: Add image file manifest
Joshua Watt [Wed, 3 Jul 2024 13:59:16 +0000 (07:59 -0600)] 
classes-recipe/image: Add image file manifest

Downstream tasks may want to know what image files were written by the
do_image family of tasks (e.g. SPDX) so have each task write out a
manifest file that describes the files it produced, then aggregate them
in do_image_complete

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobusybox: reconfigure wget https support by default for security
Richard Purdie [Fri, 12 Jul 2024 13:48:02 +0000 (14:48 +0100)] 
busybox: reconfigure wget https support by default for security

The default busybox wget https support is suboptimal, it silently ignores
checking certificate validity which isn't great for security.

Switch our defaults to disable the internal busybox tls code and the
https support using it and configure the openssl backend instead.

This this is done by spawning an openssl command, we don't need
dependencies on openssl for build. For runtime, we can assume
people would install openssl if they need/want this.

These changes put our default busybox configuration in a more secure
initial set of settings.

[YOCTO #14125]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agomeson: Fix native meson config
Richard Purdie [Fri, 12 Jul 2024 12:49:04 +0000 (13:49 +0100)] 
meson: Fix native meson config

When the optimization flags were reduced to a single option, a different
and clearly untested codepath was used where the output was unquoted. This
caused errors when testing meson in the SDK.

Use repr() in the single item case as per the multiple item case to correctly
quote the output and fix build failures.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooeqa/selftest/locale: Ensure tests work with ERROR_QA changes
Richard Purdie [Fri, 12 Jul 2024 11:40:52 +0000 (12:40 +0100)] 
oeqa/selftest/locale: Ensure tests work with ERROR_QA changes

The recent ERROR_QA changes adding build_deps exposed what were warnings in thi
test as it restricts the locales, then builds recipes with locale requirements
that were not met (in bash, gawk and python3).

Increase the list of generated locales to ensure this patches the recipes
being built and hence allowing the build to succeed.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooeqa/selftest/incompatible_lic: Ensure tests work with ERROR_QA changes
Richard Purdie [Fri, 12 Jul 2024 11:40:35 +0000 (12:40 +0100)] 
oeqa/selftest/incompatible_lic: Ensure tests work with ERROR_QA changes

Recent changes to ERROR_QA meant that the build was failing in ways the test
wasn't expecting. Tweak the tests to ensure those failures don't impact the test.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agomesa: Add packageconfig knob to control tegra gallium driver
Khem Raj [Thu, 11 Jul 2024 23:42:02 +0000 (16:42 -0700)] 
mesa: Add packageconfig knob to control tegra gallium driver

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agomultilib.conf: remove appending to PKG_CONFIG_PATH
Changqing Li [Fri, 12 Jul 2024 04:46:11 +0000 (12:46 +0800)] 
multilib.conf: remove appending to PKG_CONFIG_PATH

* Since commit [a23c482cab allarch: only enable allarch when multilib is
not used], allarch recipes will also be installed into
${MLPREFIX}recipe-sysroot, so this appending is not needed.

* This appending also causes some QA errors. Eg: for lib32-php, the
recipe will use 's@${RECIPE_SYSROOT}@@g' to remove host specific path,
this appending makes not all the host specific path are matched.

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobitbake.conf: Further cleanup compiler optimization flags
Richard Purdie [Fri, 12 Jul 2024 06:35:48 +0000 (07:35 +0100)] 
bitbake.conf: Further cleanup compiler optimization flags

Move the -pipe option out of the optimization flags and directly into
the flags variables since we always use it now.

Also move the debug prefix mapping there to match the nativesdk case
which already does this.

Fix the documentation and two recipe usages to match the change.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agobitbake.conf: Drop obsolete debug compiler options
Richard Purdie [Fri, 12 Jul 2024 06:23:40 +0000 (07:23 +0100)] 
bitbake.conf: Drop obsolete debug compiler options

eliminate-unused-debug-types is a compiler default so we no longer
need to specify this. Drop the option. Also drop an obsolete comment
about another debug flag.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3-pytest-subtests: upgrade 0.12.1 -> 0.13.0
Trevor Gamblin [Thu, 11 Jul 2024 16:08:16 +0000 (12:08 -0400)] 
python3-pytest-subtests: upgrade 0.12.1 -> 0.13.0

Changelog (https://github.com/pytest-dev/pytest-subtests/blob/main/CHANGELOG.rst):

- Dropped support for EOL Python 3.7.
- Added support for -x/--exitfirst (#134).
- Hide the traceback inside the SubTests.test() method (#131).

The tarball changed to use an underscore instead of a dash, so use
PYPI_PACKAGE to account for it.

Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoopenssh: factor out sshd hostkey setup to separate function
Rasmus Villemoes [Wed, 10 Jul 2024 21:01:01 +0000 (23:01 +0200)] 
openssh: factor out sshd hostkey setup to separate function

Commit 0827c29566 (openssh: allow configuration of hostkey type) broke
our setup. We make use of the 'Include /etc/ssh/sshd_config.d/*.conf'
and put a hostkeys.conf file in there, configuring the types and
locations of the sshd host keys.

With that commit, we now get an extra "HostKey
/etc/ssh/ssh_host_ecdsa_key" line in the sshd_config. And while we
could avoid that by removing all hostkey-* items from PACKAGECONFIG,
other people providing their own sshd_config via a .bbappend now have
their HostKey settings unconditionally removed by the 'sed'
invocations, regardless of PACKAGECONFIG.

To make it easier for downstream layers and BSPs to define (and
preserve) their own logic for placement and type of sshd host keys,
factor out the new logic to a separate shell function. Downstream
layers can then simply override that by an empty function and keep the
behaviour they used to have.

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoiptables: remove /etc/ethertypes
Rasmus Villemoes [Wed, 10 Jul 2024 20:02:28 +0000 (22:02 +0200)] 
iptables: remove /etc/ethertypes

When building an image including iptable built with the libnftnl
PACKAGECONFIG, one hits

Downloading file:.../oe-rootfs-repo/armv8a/libkmod2 * check_data_file_clashes: Package iptables wants to install file .../rootfs/etc/ethertypes
        But that file is already provided by package  * netbase

This used to be handled by
0003-Makefile.am-do-not-install-etc-ethertypes.patch, but that patch
got removed with the 1.8.9->1.8.10 upgrade (commit 4616ada82e70).

I think the rationale for dropping the patch was wrong; the commit log
talks about xtables.conf, which is indeed gone from upstream, but said
patch didn't change anything about xtables.conf, it did

-dist_conf_DATA        = etc/ethertypes etc/xtables.conf
+dist_conf_DATA        = etc/xtables.conf

However, instead of patching iptables to not install ethertypes, and
having to forward-port that patch, it is much simpler to just remove
the file in this do_install:append.

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopython3: Drop generating a static libpython
Richard Purdie [Thu, 11 Jul 2024 11:22:50 +0000 (12:22 +0100)] 
python3: Drop generating a static libpython

This currently puts a 60MB binary into the recipe sysroots in the native
case as well as the implications for the target. Since as far as I know,
we don't need/use this, stop generating it by adding a PACKAGECONFIG. It
can be enabled by anyone who does actually need to use it.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibssh2: remove util-linux-col from ptest dependencies
Chen Qi [Thu, 11 Jul 2024 07:56:36 +0000 (00:56 -0700)] 
libssh2: remove util-linux-col from ptest dependencies

After util-linux upgrade to 2.40.1, we got the following QA issue
on musl:

  WARNING: libssh2-1.11.0-r0 do_package_qa: QA Issue: libssh2-ptest
  rdepends on util-linux-col, but it isn't a build dependency? [build-deps]

The issue appeared because new version util-linux has disabled
building out col on musl[1]. In short, the reason is that col in
util-linux requires something that musl does not provide.

This 'util-linux-col' dependency was added in 2021, at that time
the libssh2's version is 1.9.0. Now the version is 1.11.0 and I tested
its ptest, it does not require util-linux-col to succeed.

[1] https://github.com/util-linux/util-linux/commit/8886d84e25a457702b45194d69a47313f76dc6bc

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoutil-linux/util-linux-libuuid: upgrade from 2.39.3 to 2.40.1
Chen Qi [Thu, 11 Jul 2024 07:56:35 +0000 (00:56 -0700)] 
util-linux/util-linux-libuuid: upgrade from 2.39.3 to 2.40.1

License-Update:
===============
GPL-2.0 is changed to GPL-2.0-only in README.licensing.

The following two patches are removed as they've been there in new release:

  0001-login-utils-include-libgen.h-for-basename-API.patch
  mit-license.patch

Other existing patches are refreshed to avoid patch-fuzz error.

A new PACKAGECONFIG, lastlog2, is added, which serves as a switch to build Y2038
safe lastlog pam module. This is a new functionality added in 2.40.

This 2.40.1 version has the problem of unnecessary remake, causing
intermmittent errors at parallel make. The do_compile:prepend is a
workaround for this. Upstream issue and PR are:
https://github.com/util-linux/util-linux/issues/3061
https://github.com/util-linux/util-linux/pull/3064

do_install is changed to do_install:append, the legacy codes are
removed. They've been there since the born of oe-core. I tested
with ccache, there's no error.

A new dependency, diffutils, is added to ptest. Because the mkswap-offset
test case needs 'cmp' from diffutils.

The tests/ts/misc/enosys test case is deleted for musl. This is because
the test case is comparing error description output and that's libc
specific. Results below can demonstrate the case.
'''
root@qemux86-64:/usr/lib/util-linux/ptest# cat /usr/lib/util-linux/ptest/tests/expected/misc/enosys-ioctl
test_enosys: ioctl r=0 errno=Success
test_enosys: ioctl r=-1 errno=Function not implemented
test_enosys: ioctl r=-1 errno=Inappropriate ioctl for device
test_enosys: ioctl r=-1 errno=Inappropriate ioctl for device
test_enosys: ioctl r=-1 errno=Function not implemented
root@qemux86-64:/usr/lib/util-linux/ptest# cat /usr/lib/util-linux/ptest/tests/output/misc/enosys-ioctl
test_enosys: ioctl r=0 errno=No error information
test_enosys: ioctl r=-1 errno=Function not implemented
test_enosys: ioctl r=-1 errno=Not a tty
test_enosys: ioctl r=-1 errno=Not a tty
test_enosys: ioctl r=-1 errno=Function not implemented
'''

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agosystemd-boot: upgrade from 255.6 to 256
Chen Qi [Thu, 11 Jul 2024 07:56:34 +0000 (00:56 -0700)] 
systemd-boot: upgrade from 255.6 to 256

Patch 0001-src-boot-efi-meson.build-ensure-VERSION_TAG-exists-i.patch
is added to resolve build time error.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agosystemd: upgrade from 255.6 to 256
Chen Qi [Thu, 11 Jul 2024 07:56:33 +0000 (00:56 -0700)] 
systemd: upgrade from 255.6 to 256

The 'cgroupv2' PACKAGECONFIG is dropped as systemd now only supports
cgroupv2.

The 'kmod' PACKAGECONFIG is now added 'libkmod' as a runtime dependency.
This is because systemd 256 uses dlopen to make use of libkmod, and there's
no way for our library detection codes to know this and add such dependency
automatically. So we add it explicitly.

mime is now inherited because ${datadir}/mime/packages/io.systemd.xml
is a mime type file.

For musl specific patches, most are refreshed. One old patch is dropped,
and four new ones are added.
Newly added:
  build-path.c: avoid boot time segfault for musl
  adjust header inclusion order to avoid redeclaration
  undef stdin for references using stdin as a struct member
  include signal.h to avoid the 'undeclared' error
Dropped:
  src/basic/missing.h: check for missing strndupa
  (drop reason: systemd does not use strndupa any more)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agokernel-fitimage: fix handling of empty default dtb
Adrian Freihofer [Thu, 4 Jul 2024 07:09:42 +0000 (09:09 +0200)] 
kernel-fitimage: fix handling of empty default dtb

Fix error in run.do_assemble_fitimage_initramfs.2779256:
             line 238: [: =: unary operator expected
if FIT_CONF_DEFAULT_DTB is empty.

Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooe-selftest: fitimage fix test_initramfs_bundle
Adrian Freihofer [Thu, 4 Jul 2024 07:09:41 +0000 (09:09 +0200)] 
oe-selftest: fitimage fix test_initramfs_bundle

It looks like most of the assertions of this tests were by-passed
because of combinations of invalid regexes and inverted assert
statement. Try to fix.

Use the variables from the kernel recipe instead of potentially invalid
values from get_bb_vars with undefined recipe. Use one get_bb_vars
statement instead of many seaparate calls mainly to improve the duration
of this test case.

Make the test working for an its file with an absolute path to the
kernel binary. This will be needed with one of the following commits and
does not harm in general.

Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooe-selftest: fitimage cleanup asserts
Adrian Freihofer [Thu, 4 Jul 2024 07:09:40 +0000 (09:09 +0200)] 
oe-selftest: fitimage cleanup asserts

Use more specific assert statements to make the code more readable and
the error messages more verbose.

Cleanup the asserts of the test case test_initramfs_bundle.

Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooe-selftest: fitimage drop test-mkimage-wrapper
Adrian Freihofer [Thu, 4 Jul 2024 07:09:39 +0000 (09:09 +0200)] 
oe-selftest: fitimage drop test-mkimage-wrapper

Rather than writing hints into log files and verify the hints can be
found, the tests should verify that the artifacts in the deploy folder
are correctly signed. This is a much better test.
u-boot-tools provide a utility fit_check_sign which can verify the
signatures in fit images. Lets use it.

grepping in temp/run. or temp/log. files also does not work if the tasks
runs from sstate and the corresponding run file is not even generated.

Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooe-selftest: fitimage refactor u-boot-tools-native
Adrian Freihofer [Thu, 4 Jul 2024 07:09:38 +0000 (09:09 +0200)] 
oe-selftest: fitimage refactor u-boot-tools-native

Eliminate code duplication with a new function.
Use get_bb_var instead of bitbake -e | grep.

Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agovulkan-samples: fix do_compile error when -Og enabled
Changqing Li [Tue, 9 Jul 2024 07:31:58 +0000 (15:31 +0800)] 
vulkan-samples: fix do_compile error when -Og enabled

When debug build is enabled(-Og is used), vulkan-samples do_compile
failed with error:
In function 'ZSTD_compressBlock_lazy_generic',
    inlined from 'ZSTD_compressBlock_greedy' at TOPDIR/tmp-glibc/work/core2-32-wrs-linux/vulkan-samples/git/git/third_party/ktx/lib/basisu/zstd/zstd.c:21914:12:
TOPDIR/tmp-glibc/work/core2-32-wrs-linux/vulkan-samples/git/git/third_party/ktx/lib/basisu/zstd/zstd.c:21551:30: error: inlining failed in call to 'always_inline' 'ZSTD_HcFindBestMatch_selectMLS': function not considered for inlining
 | FORCE_INLINE_TEMPLATE size_t ZSTD_HcFindBestMatch_selectMLS (
      |                              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TOPDIR/tmp-glibc/work/core2-32-wrs-linux/vulkan-samples/git/git/third_party/ktx/lib/basisu/zstd/zstd.c:21736:32: note: called from here
|             size_t const ml2 = searchMax(ms, ip, iend, &offsetFound);

Refer [1], always_inline is not suggested to use with indirect function
call, replace always_inline with inline to fix the issue

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107931

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoicu: fix make-icudata package config
Stefan Mueller-Klieser [Tue, 9 Jul 2024 06:25:39 +0000 (08:25 +0200)] 
icu: fix make-icudata package config

The location of files changed during unpackdir transition. Adapt dirs
to fix custom icu data generation.

Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopciutils: remove textrel INSANE_SKIP
Chen Qi [Thu, 4 Jul 2024 08:24:42 +0000 (01:24 -0700)] 
pciutils: remove textrel INSANE_SKIP

The current pciutils does not have this textrel problem any more.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agotestimage/postactions: Allow artifact collection to be skipped
Richard Purdie [Mon, 8 Jul 2024 16:54:31 +0000 (17:54 +0100)] 
testimage/postactions: Allow artifact collection to be skipped

It does not always make sense to collect artifacts and data from the
target on failure, e.g. if testing firmware or if the target is not
running an SSH server.

Allow this by setting TESTIMAGE_FAILED_QA_ARTIFACTS to an empty
value.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agohdparm: drop NO_GENERIC_LICENSE[hdparm]
Martin Jansa [Mon, 8 Jul 2024 08:31:46 +0000 (10:31 +0200)] 
hdparm: drop NO_GENERIC_LICENSE[hdparm]

* the hdparm license text was added in:
  https://git.openembedded.org/openembedded-core/commit/?id=e9c1f48af10ccb58251ecc7e041babb99b94d6df

  and now the NO_GENERIC_LICENSE was causing:
  ERROR: hdparm-9.65-r0 do_populate_lic: QA Issue: hdparm: hdparm is a generic license, please don't use NO_GENERIC_LICENSE for it. [license-no-generic]

Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agomc: fix source URL
Benjamin Szőke [Sun, 7 Jul 2024 14:29:10 +0000 (16:29 +0200)] 
mc: fix source URL

new URL for sources: http://ftp.midnight-commander.org/

Signed-off-by: Benjamin Szőke <egyszeregy@freemail.hu>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agodnf/mesa: Fix missing leading whitespace with ':append'
Niko Mauno [Tue, 9 Jul 2024 12:02:09 +0000 (15:02 +0300)] 
dnf/mesa: Fix missing leading whitespace with ':append'

Mitigate occurrences where ':append' operator is used and leading
whitespace character is obviously missing, risking inadvertent
string concatenation.

Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooeqa/utils/postactions: transfer whole archive over ssh instead of doing individual...
Alexis Lothoré [Fri, 5 Jul 2024 14:46:38 +0000 (16:46 +0200)] 
oeqa/utils/postactions: transfer whole archive over ssh instead of doing individual copies

Fixes [YOCTO 15536]

The postactions retrieval actions currently rely on scp executed
individually on any file or directory expanded from
TESTIMAGE_FAILED_QA_ARTIFACTS. Unfortunately, symlinks are not preserved
with this mechanism, which lead to big storage space consumption. Things
may go even worse if those symlinks create some circular chains. This
mechanism then needs to be updated to preserve symlinks instead of
following them during copy. There are multiple ways to do it:
- create a local archive on the target and execute scp on this file
- use rsync instead of scp for all files
- create an archive and pipe it to ssh instead of storing it onto the
  target

The first solution may create pressure on targets storage space, while the
second assumes that rsync is installed on the target, which may not be
true. So the third one is a compromise: tar is very likely present, at
least through busybox, and no disk space is used on the target.

Replace the current per-file scp call by a single call to tar run on the
target. Retrieve the generated compressed archive directly from SSH output,
and feed it to another tar process but on host, to uncompress and extract
it at the same place as before.

Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooeqa/ssh: allow to retrieve raw, unformatted ouput
Alexis Lothoré [Fri, 5 Jul 2024 14:46:37 +0000 (16:46 +0200)] 
oeqa/ssh: allow to retrieve raw, unformatted ouput

The ssh target is currently well tailored to easily retrieve textual output
from a command run on a remote target. It could also be used to retrieve
raw data from a command run onto a remote target (for example, to feed this
data directly to another program), but it currently suffers two minor
issues preventing such use case:
- stderr is piped to stdout, so any error log will be mixed in the program
  output
- the final output is decoded as utf-8 and stripped

Allow to return the raw, unmodified output by adding an optional "raw"
parameter. Keep it to False by default to preserve the current behavior.
When enabled, do not return a string but the raw output as bytes.

Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agopixman: fix do_compile error
Changqing Li [Fri, 5 Jul 2024 09:41:36 +0000 (17:41 +0800)] 
pixman: fix do_compile error

When debug build is enabled(-Og is used), pixman-native do_compile
failed with error:
In function ‘combine_inner’,
    inlined from ‘combine_soft_light_ca_float’ at ../pixman-0.42.2/pixman/pixman-combine-float.c:655:1:
../pixman-0.42.2/pixman/pixman-combine-float.c:370:5: error: inlining failed in call to ‘always_inline’ ‘combine_soft_light_c’: function not considered for inlining
  370 |     combine_ ## name ## _c (float sa, float s, float da, float d)

Refer [1], always_inline is not suggested to use with indirect function
call, replace always_inline with __inline__ to fix the issue

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107931

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agotestexport: fallback for empty IMAGE_LINK_NAME
Konrad Weihmann [Wed, 3 Jul 2024 04:47:10 +0000 (04:47 +0000)] 
testexport: fallback for empty IMAGE_LINK_NAME

if IMAGE_LINK_NAME is set empty to disable the symlinking
for image artifacts in deploy, testexport fails, as the path assembly
is incorrect.
In that case fallback to IMAGE_NAME

Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agogo: upgrade 1.22.4 -> 1.22.5
Jose Quaresma [Thu, 4 Jul 2024 17:05:57 +0000 (18:05 +0100)] 
go: upgrade 1.22.4 -> 1.22.5

- refresh patches with devtool

Upgrade to latest 1.22.x release [1]:

$ git --no-pager log --oneline go1.22.4..go1.22.5
8e1fdea831 (tag: go1.22.5, origin/release-branch.go1.22) [release-branch.go1.22] go1.22.5
c2d4f852ce [release-branch.go1.22] cmd/link: handle dynamic import variables on Darwin in plugin mode
3222951439 [release-branch.go1.22] net/http: send body or close connection on expect-100-continue requests
ceaf26ecce [release-branch.go1.22] cmd/compile: mark pointer to noalg type as noalg
dfe4dbf8c0 [release-branch.go1.22] os/exec: on Windows look for extensions in Run if not already done
3560cf0afb [release-branch.go1.22] runtime: always update stack bounds on cgocallback
5159a7193a [release-branch.go1.22] cmd/compile: put constants before variables in initialization order
11b861e459 [release-branch.go1.22] go/types, types2: report error for floating-point iteration variable
81fc616267 [release-branch.go1.22] crypto/tls: don't call tlsrsakex.IncNonDefault with FIPS
14f0251867 [release-branch.go1.22] cmd/cgo/internal/swig: force use of lld for LTO tests on the builders
ab60a7bc18 [release-branch.go1.22] cmd/cgo/internal/testsanitizers: make the libfuzzer tests all short
4c97e883b5 [release-branch.go1.22] cmd/link: put runtime.end in the last section of data segment
179ccb7042 [release-branch.go1.22] cmd/go: fix go list -u -m all with too new retractions dependency
fe9b3c3399 [release-branch.go1.22] net: add GODEBUG=netedns0=0 to disable sending EDNS0 header
b515c5208b [release-branch.go1.22] go/internal/gccgoimporter: recognize "any" as a builtin type

[1] https://github.com/golang/go/compare/go1.22.4...go1.22.5

Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooeqa/runtime/ssh: check for all errors at the end
Jon Mason [Thu, 4 Jul 2024 20:31:56 +0000 (16:31 -0400)] 
oeqa/runtime/ssh: check for all errors at the end

With the retry for the -SIGTERM, it is possible to still see that error
after the 5th attempt and mark the run a success.  Check for any
non-zero status in the final check and error out to close the gap.
While there, make the error print match the one above and be a little
more verbose.  Also, I'm seeing it take roughly 6 attempts on my local
(very slow) system to pass.  So, increasing the number of attempts to
10.

Signed-off-by: Jon Mason <jdmason@kudzu.us>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoabi_version/package: Bump hashequiv version and package class version
Richard Purdie [Fri, 5 Jul 2024 09:21:20 +0000 (10:21 +0100)] 
abi_version/package: Bump hashequiv version and package class version

The recent pkgconfig change and subsqeuent fixes have left the hash equivalence
server in a corrupted state with hashes linking the changes beofore and after
the pkgconfig change, breaking reproducibile builds.

Bump the appropriate version numbers to allow us to move on and avoid
build failures and corrupt equivalence data now the underlying issue
was fixed.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agolibinput: update 1.25.0 -> 1.26.1
Markus Volk [Thu, 4 Jul 2024 11:29:48 +0000 (13:29 +0200)] 
libinput: update 1.25.0 -> 1.26.1

Release notes
libinput 1.26.1 is now available. A few semi-exciting things, the rest the usual bugfixes you'd expect for a point release.

Touchpads now special-case Shift for disable-while-typing, so typing keys with shift down will trigger DWT.

Tablets can now be calibrated if libwacom says the tablet is a display tablet. The hid-uclogic kernel driver doesn't
set INPUT_PROP_DIRECT so any device handled by that driver didn't have calibration available. Fixed now, provided
your tablet is recognised by libwacom.

The direction of the first tablet pad relative dial was fixed, it was upside-down.

Our debugging tools now support --set-pressure-range for the new tablet tool pressure range configuration added in
1.26 and --set-calibration for the calibration matrix that's been around for a while. The libinput debug-tablet tool
now also supports all commandline options that debug-events and debug-gui support.

And of course a varied assortment of device specific quirks and fixes.

Release notes
libinput 1.26.0 is now available. It's been a while since the last release but we have a few notable changes in here:

Touchpads can now configure a clickfinger button map, so you can change whether two- or three-finger click means a
right or middle click. See libinput_device_config_click_set_clickfinger_button_map

Tablet pads now have an API for relative dials. These are typically wheel-like (e.g. Huion Inspiroy 2) or ring-like
(e.g. Huion Inspiroy Dial 2) physical devices that send REL_WHEEL and REL_HWHEEL. libinput now provides these via
libinput_event_tablet_pad_get_dial_delta_v120() in much the same manner as the v120-based scroll wheel API.

A new configuration option for tablet tools allow reducing the available logical range. This is useful for users that
want the tool to register only when some physical pressure value is reached, or to reduce the maximum amount of pressure
needed to reach the logical maximum pressure. See libinput_tablet_tool_config_pressure_range_set() and friends.

Tablet tools can now use BTN_STYLUS3 too and tablet pad strip support should now work for non-Wacom devices, where the
kernel driver implements it.

Huion tablets (well, and all vendors that use the 256C vendor id) now have a fallback resolution set. This is going to
be wrong on most devices but at least it will make those tablets work out of the box, instead of failing with the "missing
tablet capabilities: resolution" log message.

And of course a varied assortment of device specific quirks and fixes.

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooeqa/selftest/reproducibile: Explicitly list virtual targets
Richard Purdie [Thu, 4 Jul 2024 16:18:06 +0000 (17:18 +0100)] 
oeqa/selftest/reproducibile: Explicitly list virtual targets

We're seeing reproducibility failures where some packages don't appear
in the "from sstate" builds. The common factor is these are all recipes
with PROVIDES = "virtual/XXX".

In a full build from scratch, these are build but in a build from sstate,
there are situations where they aren't. For now, to try and keep builds
working, work around the problem until we can better look into the problem.
It is likely recent taskhash imrovements have caused this to occur more
regularly.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoopenssh: fix CVE-2024-6387
Jose Quaresma [Thu, 4 Jul 2024 10:56:17 +0000 (11:56 +0100)] 
openssh: fix CVE-2024-6387

sshd(8) in Portable OpenSSH versions 8.5p1 to 9.7p1 (inclusive).
Race condition resulting in potential remote code execution.
A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD systems.
This attack could be prevented by disabling the login grace timeout (LoginGraceTime=0 in sshd_config)
though this makes denial-of service against sshd(8) considerably easier.
For more information, please refer to the release notes [1] and the
report from the Qualys Security Advisory Team [2] who discovered the bug.

[1] https://www.openssh.com/txt/release-9.8
[2] https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

References:
https://www.openssh.com/security.html

Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agooeqa/runtime/ssh: In case of failure, show exit code and handle -15 (SIGTERM)
Richard Purdie [Thu, 4 Jul 2024 10:10:38 +0000 (11:10 +0100)] 
oeqa/runtime/ssh: In case of failure, show exit code and handle -15 (SIGTERM)

Ensure we show the failing exit code in case of failures.

We're seeing autobuilder failures with -15 (SIGTERM) which is probably from
slow boot/init. Retry in these cases for now.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoqemuboot: Trigger write_qemuboot_conf task on changes of kernel image realpath
Weisser, Pascal.ext [Wed, 3 Jul 2024 10:56:03 +0000 (12:56 +0200)] 
qemuboot: Trigger write_qemuboot_conf task on changes of kernel image realpath

The qemuboot.conf file contains the realpath of the kernel image
referenced by QB_DEFAULT_KERNEL. So, it must be recreated in case the
realpath of the referenced kernel image changes.

The variables KERNEL_IMAGE_NAME and KERNEL_IMAGE_BIN_EXT determine the
realpath of the kernel image relative to DEPLOY_DIR_IMAGE. Adding both of
them to the vardeps of the write_qemuboot_conf task triggers the
write_qemuboot_conf task in case the realpath of the kernel image
referenced by QB_DEFAULT_KERNEL changes.

Fixes: [YOCTO 15525]
Signed-off-by: "Weisser, Pascal" <pascal.weisser.ext@karlstorz.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
13 months agoless: upgrade 643 -> 661
Yi Zhao [Thu, 4 Jul 2024 06:07:06 +0000 (14:07 +0800)] 
less: upgrade 643 -> 661

ChangeLog:
https://www.greenwoodsoftware.com/less/news.661.html

License-Update: Update copyright year to 2024

Add perl-module-file-basename to ptest runtime dependency.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>