Changes relevant to the build:
* One patch file is dropped.
* /etc/bluetooth is now installed with 555 permission bits when systemd
is not enabled. The do_install function was edited to change it back to
755. This was causing test failure when testing SDK packaging
* Added a few missing PACKAGECONFIGs which are enabled by default.
- asha-profiles: new in BlueZ 5.77
- ccp-profiles: new in BlueZ 5.73
- micp-profiles: new in BlueZ 5.70
- csip-profiles: new in BlueZ 5.67
- bass-profiles: new in BlueZ 5.67
- vcp-profiles: new in BlueZ 5.66
- mcp-profiles: new in BlueZ 5.66
- bap-profiles: new in BlueZ 5.66
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Sun, 14 Jul 2024 09:36:28 +0000 (11:36 +0200)]
libstd-rs,rust-cross-canadian: set CVE_PRODUCT to rust
These recipes come from rust sources and CVEs are reported for them
under rust-lang:rust vendor:product touple.
Especially libstd-rs needs correct CVE_PRODUCT as is it installed on
target devices (being statically linked to rust compiled binaries).
6.105.1 - 2024-07-07
- This patch iterates on our experimental support for alternative backends (Alternative backends for Hypothesis). See pull request #4029 for details.
6.105.0 - 2024-07-04
- This release improves support for Django 5.0, and drops support for end-of-life Django versions (< 4.2).
- Thanks to Joshua Munn for this contribution.
6.104.4 - 2024-07-04
- Clean up internal cache implementation.
6.104.3 - 2024-07-04
- This patch updates our autoformatting tools, improving our code style without any API changes.
6.104.2 - 2024-06-29
- This patch fixes an issue when realizing symbolics with our experimental backend setting.
6.104.1 - 2024-06-25
- Improves internal test coverage.
6.104.0 - 2024-06-24
- This release adds strategies for Django’s ModelChoiceField and ModelMultipleChoiceField (issue #4010).
- Thanks to Joshua Munn for this contribution.
6.103.5 - 2024-06-24
- Fixes and reinstates full coverage of internal tests, which was accidentally disabled in pull request #3935.
- Closes issue #4003.
6.103.4 - 2024-06-24
- This release prevents a race condition inside internal cache implementation.
6.103.3 - 2024-06-24
- This patch updates our vendored list of top-level domains, which is used by the provisional domains() strategy.
Ross Burton [Tue, 9 Jul 2024 16:51:04 +0000 (17:51 +0100)]
glibc: add task to list exported symbols
When upgrading glibc it's important to know if there are any new symbols
that pseudo needs to wrap. In the future a generalised ABI comparison tool
would be good, but to solve the immediate need we can simply list the
exported symbols to files in WORKDIR.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Niko Mauno [Tue, 9 Jul 2024 12:22:11 +0000 (12:22 +0000)]
systemd: Mitigate /var/log type mismatch issue
When VOLATILE_LOG_DIR evaluates as True, the base-files recipe provides
/var/log -> /var/volatile/log symlink which is in conflict with systemd
upstream tmpfiles.d/var.conf.in which defines it as a directory.
This generates following error in journal:
Jul 03 14:28:00 qemux86-64 systemd-tmpfiles[165]: "/var/log" already exists and is not a directory.
Mitigate the issue by defining /var/log as symlink corresponding to
the one created by base-files, when appropriate.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:53 +0000 (17:43 +0800)]
sysstat: upgrade 12.7.5 -> 12.7.6
Changelog:
==========
* sar/sadf: [A_NET_ETCP]: Rename retrans/s field to retrseg/s
because it was already used in A_NET_NFS report.
* sadf: SVG: Fix oversized SVG canvas height.
* sadf: Don't cap SVG graph output at 100%.
* sadf: A_NET_SOFT: Don't display graphs for offline CPU.
* sadf: SVG: Don't ignore other views when one has to be skipped.
* sadf: Make sure structures will be alloacated for every installed CPU.
* sadf: Define MIN_CANVAS_HEIGHT constant.
* sar: Display min/max values only when available.
* Define macros for CPU manipulation.
* SREALLOC() macro: Make sure size is not zero.
* Fix a warning given by gcc v13 with -fanalyzer option.
* [Eli Schwartz]: configure.ac: fix erroneous bashisms.
* sar manual page updated.
* DTD and XSD documents updated.
* Year updated in copyright messages.
* Other cosmetic changes in code.
* FAQ and README files updated.
* Non regression tests updated. New tests added.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:52 +0000 (17:43 +0800)]
repo: upgrade 2.45 -> 2.46
Changelog:
==========
- project: ignore more curl failure modes
- logging: Fix log formatting with colored output
- upload: add a --topic option for setting topic explicitly
- sync: Abort rebase in progress if force-checkout is set
- ssh: Set git protocol version 2 on SSH ControlMaster
- upload: drop check for uncommitted local changes
- git: raise hard version to 1.9.1
- release: update-hooks: helper for automatically syncing hooks
- gitc: delete a few more dead references
- man: regenerate man pages
- Remove platform_utils.realpath
- Fix drive mounted directory on Windows
- git_command: unify soft/hard versions with requirements.json
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:50 +0000 (17:43 +0800)]
python3-pycairo: upgrade 1.26.0 -> 1.26.1
Changelog:
==========
- Fix Surface.set_mime_data() with Python 3.13
- Fix the test suite with Python 3.13b2.
- Update vendored Windows wheel dependencies
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:49 +0000 (17:43 +0800)]
python3-maturin: upgrade 1.6.0 -> 1.7.0
Changelog:
============
- Initial iOS support
- Remove old import hook in #2105, use maturin-import-hook instead
- Bump MSRV to 1.74.0
- Add support for overriding wheel tag with _PYTHON_HOST_PLATFORM
- Don't add files to an archive more than once
- Only use base python executable when MATURIN_PEP517_USE_BASE_PYTHON is set
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=============
- Message.__getitem__ now raises a KeyError on missing keys.
- Removed deprecated support for Distribution subclasses not implementing
abstract methods.
- When reading installed files from an egg, use relative_to(walk_up=True) to
honor files installed outside of the installation root.
- Deferred select imports in for speedup (python/cpython#109829).
- Updated fixtures for python/cpython#120801.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:47 +0000 (17:43 +0800)]
python3-hatchling: upgrade 1.24.2 -> 1.25.0
Changelog:
==========
- The macos-max-compat option for the wheel target is now disabled by default
and will be removed in a future release
- Artifacts for the wheel and sdist targets now have their permission bits
normalized
- Ignore manylinux/musllinux tags for the wheel target artifact name when
enabling the infer_tag build data
- The wheel target build data infer_tag when enabled now respects the
MACOSX_DEPLOYMENT_TARGET environment variable
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:46 +0000 (17:43 +0800)]
python3-certifi: upgrade 2024.6.2 -> 2024.7.4
Changelog:
==========
- Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0
- Bump actions/checkout from 4.1.6 to 4.1.7
- Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:45 +0000 (17:43 +0800)]
pinentry: upgrade 1.3.0 -> 1.3.1
libassuan_pkgconf.patch
refreshed for 1.3.1
Changelog
===========
* qt: Install and use pinentry icon.
* qt: Small fix for Qt5.
* qt: Fix Windows build of Qt6.
* New envvar PINENTRY_KDE_USE_WALLET to enable the secret storage
integration on KDE.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:41 +0000 (17:43 +0800)]
libsdl2: upgrade 2.30.4 -> 2.30.5
Changelog:
=============
- Respect SDL_HINT_RENDER_DRIVER when creating an accelerated window surface
- Clean up any accelerated renderer in SDL_DestroyWindowSurface()
- Disable low level USB controller support on Android by default
- Fixed USB permissions dialog on Android 14
- Fixed controller mapping matching when one entry has a CRC specified and another doesn't
- Enable joystick support on FreeBSD when building using CMake
- Reduced input latency when using an fcitx IME on Linux
- Fixed graphical corruption on Raspberry Pi
- Fixed crash when using an unstable sort function in SDL_qsort
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:37 +0000 (17:43 +0800)]
libdnf: upgrade 0.73.1 -> 0.73.2
Changelog:
==========
- context: use rpmtsAddReinstallElement() when doing a reinstall
- MergedTransaction: Fix invalid memory access when dropping items
- ConfigParser: fix use-out-of-scope leaks
- Since we use rpmtsAddReinstallElement rpm also uninstalls the package
- Fix countme bucket calculation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:35 +0000 (17:43 +0800)]
harfbuzz: upgrade 8.5.0 -> 9.0.0
Changelog:
============
- HarfBuzz now the supports the proposed new OpenType "VARC" table. This
replaces the previously supported "Variable Composites" experimental feature.
"VARC" support is still experimental and it is not enabled unless HarfBuzz is
built with experimental APIs enabled:
https://github.com/harfbuzz/boring-expansion-spec/blob/main/VARC.md
- Autotools build system have been dropped. Meson is the only supported build
system in HarfBuzz going forward.
- Speed up "AAT" shaping for short words by up to 4%.
- Ignore unknown "CFF" operators.
- "hb_subset_input_keep_everything()" now keeps also non-unicode "name" table
records.
- Update the IANA and OpenType language tag registries.
- Support composite glyphs with very large number of points in hb-draw API.
- Various build fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:33 +0000 (17:43 +0800)]
gdbm: upgrade 1.23 -> 1.24
ptest.patch
refreshed for 1.24.
Changelog:
===========
* New gdbm_load option: --update
* Fix semantics of gdbm_load -r
* Use getline in gdbmtool shell.
* New function: gdbm_load_from_file_ext
* Fix binary dump format for key and/or data of zero size.
* Fix location tracking and recover command in gdbtool.
* Fix possible buffer underflow in gdbmload.
* Ensure any padding bytes in avail_elem structure are filled with 0.
* Improve the documentation.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:32 +0000 (17:43 +0800)]
dnf: upgrade 4.20.0 -> 4.21.0
0005-Do-not-prepend-installroot-to-logdir.patch
refreshed for 4.21.0
Changelog:
===========
- Add detection for ostree-based systems and warn users about losing changes
- Fix: No traceback when Python interpreter is running with -P, allow -P in shebang lines
- man: Improve upgrade-minimal command docs (RHEL-6417)
- Limit queries to nevra forms when provided by command
- Update the man page entry for the countme option
- Drop collect file for ABRT
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:31 +0000 (17:43 +0800)]
diffoscope: upgrade 271 -> 272
Changelog:
==========
* Move away from using DSA OpenSSH keys in tests; support has been removed
in OpenSSH 9.8p1.
* Move to assert_diff helper in test_openssh_pub_key.py
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:29 +0000 (17:43 +0800)]
cups: upgrade 2.4.9 -> 2.4.10
Changelog:
===========
- Fixed error handling when reading a mixed "1setOf" attribute.
- Fixed scheduler start if there is only domain socket to listen on
0001-use-echo-only-in-init.patch
0002-don-t-try-to-run-generated-binaries.patch
0004-cups-fix-multilib-install-file-conflicts.patch
refreshed for 2.4.10.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 10 Jul 2024 09:43:27 +0000 (17:43 +0800)]
ccache: upgrade 4.10 -> 4.10.1
License-Update: Bundle Fmt again
Changelog:
===========
- Fixed prefix command lookup from PATH.
- Fixed detection and usage of system blake3.
- Find CppHttplib named libhttplib.so as well.
- Removed Xcode assembly workaround for zstd.
- Added bundled subset of Fmt again for convenience.
- Removed no longer needed workaround when building downloaded Zstd.
- Documentation improvements
- Clarified that --set-config writes to the configuration file.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 15 Jul 2024 12:10:46 +0000 (13:10 +0100)]
selftest/fortran-helloworld: Fix buildpaths error
There is a buildpaths QA error in the test recipe that somehow didn't show up
in earlier testing. Use a source directory and tweak the build command to
avoid embedding build paths in the generated binary.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 11 Jul 2024 09:37:37 +0000 (10:37 +0100)]
insane: Promote long standing warnings to errors
Most of these warnings have been around and enabled for a long time. In particular,
buildpaths has been like this for two years. I'm aware some layers still have not
been able to resolve all the warnings but I believe that regardless, it is still
time to raise the bar. If the warnings don't get fixed, it is probably a sign
that nobody cares about the recipe and it should be dropped.
For anyone coming here to find out what changed and how to disable it, if
you are going to remove from ERROR_QA and add back to WARN_QA (or just ignore
the warnings), please do it with a layer specific override rather than making
it global. We have fixed these issues in core and intend to keep them all fixed.
If you globally disable the errors, it just means we get patches which end up
regressing things.
You can do things like:
ERROR_QA:remove:layer-mylayername = "buildpaths"
not that I'd recommend it.
Also note that the next version of Yocto Project Compatible will only be
available to layers which are not disabling some set of these errors.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 11 Jul 2024 15:34:17 +0000 (16:34 +0100)]
icu/perf: Drop SPDX_S variable
These were used by external layers and were needed before we had better
unpack instrumenation and the recent unpack directory changes. Drop
them as obsolete.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
SPDX 3.0 introduces a bunch of new SPDX tasks. Instead of explicitly
enumerating them all, modify the regex to match 'create_.*spdx' which
will cover all of the SPDX 2.0 and SPDX 3.0 tasks
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Downstream tasks may want to know what image files were written so write
out a manifest in do_image_complete. The format of the manifest is the
same as the one in image.bbclass
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
classes-global/staging: Exclude do_create_spdx from automatic sysroot extension
do_create_spdx is a outlier in that it doesn't need the RSS to be
extended just because it depends on do_populate_sysroot. In fact, it
only depends on do_populate_sysroot so it can see the actual recipes
sysroot, and attempting to extend the sysroot can cause problems for
some recipes (e.g. if a recipe does do_populate_sysroot[noexec] = "1")
As such, explicitly exclude do_create_spdx from extending the sysroot
just because it depends on do_populate_sysroot.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Downstream tasks may want to know what image files were written by the
do_image family of tasks (e.g. SPDX) so have each task write out a
manifest file that describes the files it produced, then aggregate them
in do_image_complete
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 12 Jul 2024 13:48:02 +0000 (14:48 +0100)]
busybox: reconfigure wget https support by default for security
The default busybox wget https support is suboptimal, it silently ignores
checking certificate validity which isn't great for security.
Switch our defaults to disable the internal busybox tls code and the
https support using it and configure the openssl backend instead.
This this is done by spawning an openssl command, we don't need
dependencies on openssl for build. For runtime, we can assume
people would install openssl if they need/want this.
These changes put our default busybox configuration in a more secure
initial set of settings.
[YOCTO #14125]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 12 Jul 2024 12:49:04 +0000 (13:49 +0100)]
meson: Fix native meson config
When the optimization flags were reduced to a single option, a different
and clearly untested codepath was used where the output was unquoted. This
caused errors when testing meson in the SDK.
Use repr() in the single item case as per the multiple item case to correctly
quote the output and fix build failures.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 12 Jul 2024 11:40:52 +0000 (12:40 +0100)]
oeqa/selftest/locale: Ensure tests work with ERROR_QA changes
The recent ERROR_QA changes adding build_deps exposed what were warnings in thi
test as it restricts the locales, then builds recipes with locale requirements
that were not met (in bash, gawk and python3).
Increase the list of generated locales to ensure this patches the recipes
being built and hence allowing the build to succeed.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 12 Jul 2024 11:40:35 +0000 (12:40 +0100)]
oeqa/selftest/incompatible_lic: Ensure tests work with ERROR_QA changes
Recent changes to ERROR_QA meant that the build was failing in ways the test
wasn't expecting. Tweak the tests to ensure those failures don't impact the test.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Fri, 12 Jul 2024 04:46:11 +0000 (12:46 +0800)]
multilib.conf: remove appending to PKG_CONFIG_PATH
* Since commit [a23c482cab allarch: only enable allarch when multilib is
not used], allarch recipes will also be installed into
${MLPREFIX}recipe-sysroot, so this appending is not needed.
* This appending also causes some QA errors. Eg: for lib32-php, the
recipe will use 's@${RECIPE_SYSROOT}@@g' to remove host specific path,
this appending makes not all the host specific path are matched.
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 12 Jul 2024 06:23:40 +0000 (07:23 +0100)]
bitbake.conf: Drop obsolete debug compiler options
eliminate-unused-debug-types is a compiler default so we no longer
need to specify this. Drop the option. Also drop an obsolete comment
about another debug flag.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
openssh: factor out sshd hostkey setup to separate function
Commit 0827c29566 (openssh: allow configuration of hostkey type) broke
our setup. We make use of the 'Include /etc/ssh/sshd_config.d/*.conf'
and put a hostkeys.conf file in there, configuring the types and
locations of the sshd host keys.
With that commit, we now get an extra "HostKey
/etc/ssh/ssh_host_ecdsa_key" line in the sshd_config. And while we
could avoid that by removing all hostkey-* items from PACKAGECONFIG,
other people providing their own sshd_config via a .bbappend now have
their HostKey settings unconditionally removed by the 'sed'
invocations, regardless of PACKAGECONFIG.
To make it easier for downstream layers and BSPs to define (and
preserve) their own logic for placement and type of sshd host keys,
factor out the new logic to a separate shell function. Downstream
layers can then simply override that by an empty function and keep the
behaviour they used to have.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building an image including iptable built with the libnftnl
PACKAGECONFIG, one hits
Downloading file:.../oe-rootfs-repo/armv8a/libkmod2 * check_data_file_clashes: Package iptables wants to install file .../rootfs/etc/ethertypes
But that file is already provided by package * netbase
This used to be handled by
0003-Makefile.am-do-not-install-etc-ethertypes.patch, but that patch
got removed with the 1.8.9->1.8.10 upgrade (commit 4616ada82e70).
I think the rationale for dropping the patch was wrong; the commit log
talks about xtables.conf, which is indeed gone from upstream, but said
patch didn't change anything about xtables.conf, it did
However, instead of patching iptables to not install ethertypes, and
having to forward-port that patch, it is much simpler to just remove
the file in this do_install:append.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 11 Jul 2024 11:22:50 +0000 (12:22 +0100)]
python3: Drop generating a static libpython
This currently puts a 60MB binary into the recipe sysroots in the native
case as well as the implications for the target. Since as far as I know,
we don't need/use this, stop generating it by adding a PACKAGECONFIG. It
can be enabled by anyone who does actually need to use it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libssh2: remove util-linux-col from ptest dependencies
After util-linux upgrade to 2.40.1, we got the following QA issue
on musl:
WARNING: libssh2-1.11.0-r0 do_package_qa: QA Issue: libssh2-ptest
rdepends on util-linux-col, but it isn't a build dependency? [build-deps]
The issue appeared because new version util-linux has disabled
building out col on musl[1]. In short, the reason is that col in
util-linux requires something that musl does not provide.
This 'util-linux-col' dependency was added in 2021, at that time
the libssh2's version is 1.9.0. Now the version is 1.11.0 and I tested
its ptest, it does not require util-linux-col to succeed.
Other existing patches are refreshed to avoid patch-fuzz error.
A new PACKAGECONFIG, lastlog2, is added, which serves as a switch to build Y2038
safe lastlog pam module. This is a new functionality added in 2.40.
This 2.40.1 version has the problem of unnecessary remake, causing
intermmittent errors at parallel make. The do_compile:prepend is a
workaround for this. Upstream issue and PR are:
https://github.com/util-linux/util-linux/issues/3061
https://github.com/util-linux/util-linux/pull/3064
do_install is changed to do_install:append, the legacy codes are
removed. They've been there since the born of oe-core. I tested
with ccache, there's no error.
A new dependency, diffutils, is added to ptest. Because the mkswap-offset
test case needs 'cmp' from diffutils.
The tests/ts/misc/enosys test case is deleted for musl. This is because
the test case is comparing error description output and that's libc
specific. Results below can demonstrate the case.
'''
root@qemux86-64:/usr/lib/util-linux/ptest# cat /usr/lib/util-linux/ptest/tests/expected/misc/enosys-ioctl
test_enosys: ioctl r=0 errno=Success
test_enosys: ioctl r=-1 errno=Function not implemented
test_enosys: ioctl r=-1 errno=Inappropriate ioctl for device
test_enosys: ioctl r=-1 errno=Inappropriate ioctl for device
test_enosys: ioctl r=-1 errno=Function not implemented
root@qemux86-64:/usr/lib/util-linux/ptest# cat /usr/lib/util-linux/ptest/tests/output/misc/enosys-ioctl
test_enosys: ioctl r=0 errno=No error information
test_enosys: ioctl r=-1 errno=Function not implemented
test_enosys: ioctl r=-1 errno=Not a tty
test_enosys: ioctl r=-1 errno=Not a tty
test_enosys: ioctl r=-1 errno=Function not implemented
'''
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 'cgroupv2' PACKAGECONFIG is dropped as systemd now only supports
cgroupv2.
The 'kmod' PACKAGECONFIG is now added 'libkmod' as a runtime dependency.
This is because systemd 256 uses dlopen to make use of libkmod, and there's
no way for our library detection codes to know this and add such dependency
automatically. So we add it explicitly.
mime is now inherited because ${datadir}/mime/packages/io.systemd.xml
is a mime type file.
For musl specific patches, most are refreshed. One old patch is dropped,
and four new ones are added.
Newly added:
build-path.c: avoid boot time segfault for musl
adjust header inclusion order to avoid redeclaration
undef stdin for references using stdin as a struct member
include signal.h to avoid the 'undeclared' error
Dropped:
src/basic/missing.h: check for missing strndupa
(drop reason: systemd does not use strndupa any more)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It looks like most of the assertions of this tests were by-passed
because of combinations of invalid regexes and inverted assert
statement. Try to fix.
Use the variables from the kernel recipe instead of potentially invalid
values from get_bb_vars with undefined recipe. Use one get_bb_vars
statement instead of many seaparate calls mainly to improve the duration
of this test case.
Make the test working for an its file with an absolute path to the
kernel binary. This will be needed with one of the following commits and
does not harm in general.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rather than writing hints into log files and verify the hints can be
found, the tests should verify that the artifacts in the deploy folder
are correctly signed. This is a much better test.
u-boot-tools provide a utility fit_check_sign which can verify the
signatures in fit images. Lets use it.
grepping in temp/run. or temp/log. files also does not work if the tasks
runs from sstate and the corresponding run file is not even generated.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Tue, 9 Jul 2024 07:31:58 +0000 (15:31 +0800)]
vulkan-samples: fix do_compile error when -Og enabled
When debug build is enabled(-Og is used), vulkan-samples do_compile
failed with error:
In function 'ZSTD_compressBlock_lazy_generic',
inlined from 'ZSTD_compressBlock_greedy' at TOPDIR/tmp-glibc/work/core2-32-wrs-linux/vulkan-samples/git/git/third_party/ktx/lib/basisu/zstd/zstd.c:21914:12:
TOPDIR/tmp-glibc/work/core2-32-wrs-linux/vulkan-samples/git/git/third_party/ktx/lib/basisu/zstd/zstd.c:21551:30: error: inlining failed in call to 'always_inline' 'ZSTD_HcFindBestMatch_selectMLS': function not considered for inlining
| FORCE_INLINE_TEMPLATE size_t ZSTD_HcFindBestMatch_selectMLS (
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TOPDIR/tmp-glibc/work/core2-32-wrs-linux/vulkan-samples/git/git/third_party/ktx/lib/basisu/zstd/zstd.c:21736:32: note: called from here
| size_t const ml2 = searchMax(ms, ip, iend, &offsetFound);
Refer [1], always_inline is not suggested to use with indirect function
call, replace always_inline with inline to fix the issue
Richard Purdie [Mon, 8 Jul 2024 16:54:31 +0000 (17:54 +0100)]
testimage/postactions: Allow artifact collection to be skipped
It does not always make sense to collect artifacts and data from the
target on failure, e.g. if testing firmware or if the target is not
running an SSH server.
Allow this by setting TESTIMAGE_FAILED_QA_ARTIFACTS to an empty
value.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
and now the NO_GENERIC_LICENSE was causing:
ERROR: hdparm-9.65-r0 do_populate_lic: QA Issue: hdparm: hdparm is a generic license, please don't use NO_GENERIC_LICENSE for it. [license-no-generic]
Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/utils/postactions: transfer whole archive over ssh instead of doing individual copies
Fixes [YOCTO 15536]
The postactions retrieval actions currently rely on scp executed
individually on any file or directory expanded from
TESTIMAGE_FAILED_QA_ARTIFACTS. Unfortunately, symlinks are not preserved
with this mechanism, which lead to big storage space consumption. Things
may go even worse if those symlinks create some circular chains. This
mechanism then needs to be updated to preserve symlinks instead of
following them during copy. There are multiple ways to do it:
- create a local archive on the target and execute scp on this file
- use rsync instead of scp for all files
- create an archive and pipe it to ssh instead of storing it onto the
target
The first solution may create pressure on targets storage space, while the
second assumes that rsync is installed on the target, which may not be
true. So the third one is a compromise: tar is very likely present, at
least through busybox, and no disk space is used on the target.
Replace the current per-file scp call by a single call to tar run on the
target. Retrieve the generated compressed archive directly from SSH output,
and feed it to another tar process but on host, to uncompress and extract
it at the same place as before.
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/ssh: allow to retrieve raw, unformatted ouput
The ssh target is currently well tailored to easily retrieve textual output
from a command run on a remote target. It could also be used to retrieve
raw data from a command run onto a remote target (for example, to feed this
data directly to another program), but it currently suffers two minor
issues preventing such use case:
- stderr is piped to stdout, so any error log will be mixed in the program
output
- the final output is decoded as utf-8 and stripped
Allow to return the raw, unmodified output by adding an optional "raw"
parameter. Keep it to False by default to preserve the current behavior.
When enabled, do not return a string but the raw output as bytes.
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Fri, 5 Jul 2024 09:41:36 +0000 (17:41 +0800)]
pixman: fix do_compile error
When debug build is enabled(-Og is used), pixman-native do_compile
failed with error:
In function ‘combine_inner’,
inlined from ‘combine_soft_light_ca_float’ at ../pixman-0.42.2/pixman/pixman-combine-float.c:655:1:
../pixman-0.42.2/pixman/pixman-combine-float.c:370:5: error: inlining failed in call to ‘always_inline’ ‘combine_soft_light_c’: function not considered for inlining
370 | combine_ ## name ## _c (float sa, float s, float da, float d)
Refer [1], always_inline is not suggested to use with indirect function
call, replace always_inline with __inline__ to fix the issue
Konrad Weihmann [Wed, 3 Jul 2024 04:47:10 +0000 (04:47 +0000)]
testexport: fallback for empty IMAGE_LINK_NAME
if IMAGE_LINK_NAME is set empty to disable the symlinking
for image artifacts in deploy, testexport fails, as the path assembly
is incorrect.
In that case fallback to IMAGE_NAME
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jose Quaresma [Thu, 4 Jul 2024 17:05:57 +0000 (18:05 +0100)]
go: upgrade 1.22.4 -> 1.22.5
- refresh patches with devtool
Upgrade to latest 1.22.x release [1]:
$ git --no-pager log --oneline go1.22.4..go1.22.5 8e1fdea831 (tag: go1.22.5, origin/release-branch.go1.22) [release-branch.go1.22] go1.22.5 c2d4f852ce [release-branch.go1.22] cmd/link: handle dynamic import variables on Darwin in plugin mode 3222951439 [release-branch.go1.22] net/http: send body or close connection on expect-100-continue requests ceaf26ecce [release-branch.go1.22] cmd/compile: mark pointer to noalg type as noalg dfe4dbf8c0 [release-branch.go1.22] os/exec: on Windows look for extensions in Run if not already done 3560cf0afb [release-branch.go1.22] runtime: always update stack bounds on cgocallback 5159a7193a [release-branch.go1.22] cmd/compile: put constants before variables in initialization order 11b861e459 [release-branch.go1.22] go/types, types2: report error for floating-point iteration variable 81fc616267 [release-branch.go1.22] crypto/tls: don't call tlsrsakex.IncNonDefault with FIPS 14f0251867 [release-branch.go1.22] cmd/cgo/internal/swig: force use of lld for LTO tests on the builders ab60a7bc18 [release-branch.go1.22] cmd/cgo/internal/testsanitizers: make the libfuzzer tests all short 4c97e883b5 [release-branch.go1.22] cmd/link: put runtime.end in the last section of data segment 179ccb7042 [release-branch.go1.22] cmd/go: fix go list -u -m all with too new retractions dependency fe9b3c3399 [release-branch.go1.22] net: add GODEBUG=netedns0=0 to disable sending EDNS0 header b515c5208b [release-branch.go1.22] go/internal/gccgoimporter: recognize "any" as a builtin type
Jon Mason [Thu, 4 Jul 2024 20:31:56 +0000 (16:31 -0400)]
oeqa/runtime/ssh: check for all errors at the end
With the retry for the -SIGTERM, it is possible to still see that error
after the 5th attempt and mark the run a success. Check for any
non-zero status in the final check and error out to close the gap.
While there, make the error print match the one above and be a little
more verbose. Also, I'm seeing it take roughly 6 attempts on my local
(very slow) system to pass. So, increasing the number of attempts to
10.
Signed-off-by: Jon Mason <jdmason@kudzu.us> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 5 Jul 2024 09:21:20 +0000 (10:21 +0100)]
abi_version/package: Bump hashequiv version and package class version
The recent pkgconfig change and subsqeuent fixes have left the hash equivalence
server in a corrupted state with hashes linking the changes beofore and after
the pkgconfig change, breaking reproducibile builds.
Bump the appropriate version numbers to allow us to move on and avoid
build failures and corrupt equivalence data now the underlying issue
was fixed.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Markus Volk [Thu, 4 Jul 2024 11:29:48 +0000 (13:29 +0200)]
libinput: update 1.25.0 -> 1.26.1
Release notes
libinput 1.26.1 is now available. A few semi-exciting things, the rest the usual bugfixes you'd expect for a point release.
Touchpads now special-case Shift for disable-while-typing, so typing keys with shift down will trigger DWT.
Tablets can now be calibrated if libwacom says the tablet is a display tablet. The hid-uclogic kernel driver doesn't
set INPUT_PROP_DIRECT so any device handled by that driver didn't have calibration available. Fixed now, provided
your tablet is recognised by libwacom.
The direction of the first tablet pad relative dial was fixed, it was upside-down.
Our debugging tools now support --set-pressure-range for the new tablet tool pressure range configuration added in
1.26 and --set-calibration for the calibration matrix that's been around for a while. The libinput debug-tablet tool
now also supports all commandline options that debug-events and debug-gui support.
And of course a varied assortment of device specific quirks and fixes.
Release notes
libinput 1.26.0 is now available. It's been a while since the last release but we have a few notable changes in here:
Touchpads can now configure a clickfinger button map, so you can change whether two- or three-finger click means a
right or middle click. See libinput_device_config_click_set_clickfinger_button_map
Tablet pads now have an API for relative dials. These are typically wheel-like (e.g. Huion Inspiroy 2) or ring-like
(e.g. Huion Inspiroy Dial 2) physical devices that send REL_WHEEL and REL_HWHEEL. libinput now provides these via
libinput_event_tablet_pad_get_dial_delta_v120() in much the same manner as the v120-based scroll wheel API.
A new configuration option for tablet tools allow reducing the available logical range. This is useful for users that
want the tool to register only when some physical pressure value is reached, or to reduce the maximum amount of pressure
needed to reach the logical maximum pressure. See libinput_tablet_tool_config_pressure_range_set() and friends.
Tablet tools can now use BTN_STYLUS3 too and tablet pad strip support should now work for non-Wacom devices, where the
kernel driver implements it.
Huion tablets (well, and all vendors that use the 256C vendor id) now have a fallback resolution set. This is going to
be wrong on most devices but at least it will make those tablets work out of the box, instead of failing with the "missing
tablet capabilities: resolution" log message.
And of course a varied assortment of device specific quirks and fixes.
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 4 Jul 2024 16:18:06 +0000 (17:18 +0100)]
oeqa/selftest/reproducibile: Explicitly list virtual targets
We're seeing reproducibility failures where some packages don't appear
in the "from sstate" builds. The common factor is these are all recipes
with PROVIDES = "virtual/XXX".
In a full build from scratch, these are build but in a build from sstate,
there are situations where they aren't. For now, to try and keep builds
working, work around the problem until we can better look into the problem.
It is likely recent taskhash imrovements have caused this to occur more
regularly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jose Quaresma [Thu, 4 Jul 2024 10:56:17 +0000 (11:56 +0100)]
openssh: fix CVE-2024-6387
sshd(8) in Portable OpenSSH versions 8.5p1 to 9.7p1 (inclusive).
Race condition resulting in potential remote code execution.
A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD systems.
This attack could be prevented by disabling the login grace timeout (LoginGraceTime=0 in sshd_config)
though this makes denial-of service against sshd(8) considerably easier.
For more information, please refer to the release notes [1] and the
report from the Qualys Security Advisory Team [2] who discovered the bug.
qemuboot: Trigger write_qemuboot_conf task on changes of kernel image realpath
The qemuboot.conf file contains the realpath of the kernel image
referenced by QB_DEFAULT_KERNEL. So, it must be recreated in case the
realpath of the referenced kernel image changes.
The variables KERNEL_IMAGE_NAME and KERNEL_IMAGE_BIN_EXT determine the
realpath of the kernel image relative to DEPLOY_DIR_IMAGE. Adding both of
them to the vardeps of the write_qemuboot_conf task triggers the
write_qemuboot_conf task in case the realpath of the kernel image
referenced by QB_DEFAULT_KERNEL changes.