Wang Mingyu [Mon, 12 May 2025 09:03:23 +0000 (17:03 +0800)]
python3-lxml: upgrade 5.3.2 -> 5.4.0
Bugfix:
-Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to resolve several CVEs.
(Binary wheels for Windows continue to use a patched libxml2 2.11.9 and libxslt 1.1.39.)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:03:13 +0000 (17:03 +0800)]
libxft: upgrade 2.3.8 -> 2.3.9
Changelog:
==========
- manpage formatting-fixes
- meson: Add option to build with meson
- Require xproto >= 7.0.22 for _X_UNUSED
- Remove support for building with pre-C89 versions of C
- Remove support for building with pre-X11R7 versions of X
- fix potential buffer overrun in _XftGlyphDefault
- issue 21: remove redundant/out-of-place prototype for XftNameUnparse
- build-fix for older versions of freetype2: FT_HAS_SVG was added late in 2021
- issue 19: Problem loading "SourceCodePro-Regular" font in Fedora
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:03:12 +0000 (17:03 +0800)]
libuv: upgrade 1.50.0 -> 1.51.0
Changelog:
===========
* win: fix leak in uv_os_tmpdir
* docs: fix RTD build
* win: lazy-load [GS]etThreadDescription symbols
* linux: try preadv64/pwritev64 before preadv/pwritev
* win: check cwd length before spawning a child process
* macos,bsd: handle missing /dev/null in chroot env
* doc: fix README link text
* win: fix order of FILE_STAT_BASIC_INFORMATION struct fields
* macos: increase child process stdio buffer size
* doc: add C3 bindings to LINKS.md
* unix: remove unnecessary errno.h include in poll.c
* win: fix the inconsistency in volume serial number
* unix: add thread affinity support on openharmony
* unix: enable getrusage for SunOS
* unix,win: accept NAN/INFINITY as file timestamps
* win: add ENABLE_VIRTUAL_TERMINAL_INPUT raw tty mode
* test: handle UV_ENOTSUP in platform_output
* doc: fix rendering of threading.html
* unix,sunos: enable use of sendmmsg on Solaris and Illumos
* unix: handle out of memory in iface name copy
* openbsd: do not error out if cpuspeed is not available
* test: skip thread_name_threadpool on AIX/IBMi
* aix,ibmi: fix undeclared identifiers
* unix,sunos: prefer SO_REUSEPORT for load balancing
* doc: free lib pointer before function return
* test: link with libm
* style: rename parameter to match definition
* test: support partial output lines in test runner
* build: switch from c90 to c11
* linux: allow nul bytes in abstract socket address
* sunos: use pipe2 on solaris and illumos
* unix: remove TOCTOU issues from uv_pipe_chmod
* unix: use pipe_fname if getsockname returns nothing
* haiku: use uint32 instead of uint32_t
* doc: update thread pool stack size comment
* unix: improve uv_loop_init OOM handling
* test: merge uv_tcp_connect callbacks
* test: skip multievent tests on macOS with TSAN enabled
* linux: align CPU quota calculation with Rust
* kqueue: improve fs event watcher OOM handling
* sunos: improve fs event watcher OOM handling
* build: shorten instructions for cmake build
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:03:11 +0000 (17:03 +0800)]
liburcu: upgrade 0.15.1 -> 0.15.2
Changelog:
==========
* fix: __atomic_always_lock_free() not a constant expression on g++ < 5.1
* fix: urcu assert fallback for pre-C11 builds
* doc: update uatomic-api for static assert
* Add uatomic size static assert for 's390'
* Add uatomic size static assert for 'sparc64'
* Add uatomic size static assert for 'ppc'
* Add uatomic size static assert for 'x86'
* Add uatomic size static assert for 'generic'
* Add uatomic size static assert
* Use UATOMIC_HAS_ATOMIC_INT/LLONG in generic implementation
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for x86
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for tile
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for sparc64
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for s390
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for riscv
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for ppc
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for nios2
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for mips
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for m68k
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for loongarch
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for ia64
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for hppa
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for 'gcc' arch
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for arm
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for alpha
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for aarch64
* Add UATOMIC_HAS_ATOMIC_INT/LLONG for atomic builtins
* Add builtin atomics size static asserts
* cleanup: use URCU_GCC_VERSION from compiler.h
* fix: atomic builtins defines for type support
* Move back CMM_LOAD/STORE_SHARED to volatile access
* Add cmm_annotate_mem_acquire() to URCU_DEREFERENCE_USE_VOLATILE rcu_dereference
* Use uatomic_load CMM_RELAXED in URCU_DEREFERENCE_USE_VOLATILE
* Fix: Re-introduce URCU_DEREFERENCE_USE_VOLATILE read barrier depends for alpha
* Tree-wide: Rename to uatomic_load/uatomic_store
* src: Use __*__ for attribute names
* API: Use __*__ for attribute names
* Fix Changelog 0.15.1 date
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:03:09 +0000 (17:03 +0800)]
libpng: upgrade 1.6.47 -> 1.6.48
Changelog:
============
- Fixed the floating-point version of the mDCv setter 'png_set_mDCv'.
- Added #error directives to discourage the inclusion of private
libpng implementation header files in PNG-supporting applications.
- Added the CMake build option 'PNG_LIBCONF_HEADER', to be used as an
alternative to 'DFA_XTRA'.
- Removed the Travis CI configuration files
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:03:00 +0000 (17:03 +0800)]
harfbuzz: upgrade 11.1.0 -> 11.2.0
Changelog:
============
- Painting of COLRv1 fonts without clip boxes is now about 10 times faster.
- Synthetic bold/slant of a sub font is now respected, instead of using the parent's.
- Glyph extents for fonts synthetic bold/slant are now accurately calculated.
- Various build fixes
- New API:
+hb_font_is_synthetic()
+hb_font_draw_glyph_or_fail_func_t
+hb_font_paint_glyph_or_fail_func_t
+hb_font_funcs_set_draw_glyph_or_fail_func()
+hb_font_funcs_set_paint_glyph_or_fail_func()
+hb_font_draw_glyph_or_fail()
+hb_font_paint_glyph_or_fail()
- Deprecated API:
-hb_font_draw_glyph_func_t
-hb_font_paint_glyph_func_t
-hb_font_funcs_set_draw_glyph_func()
-hb_font_funcs_set_paint_glyph_func()
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:02:57 +0000 (17:02 +0800)]
fmt: upgrade 11.1.4 -> 11.2.0
Changelog:
============
- Added the 's' specifier for 'std::error_code'. It allows formatting an error
message as a string.
- Fixed formatting of 'std::chrono::local_time' and 'tm'
- Added diagnostics for cases when timezone information is not available.
- Deprecated 'fmt::localtime' in favor of 'std::localtime'.
- Fixed compilation with GCC 15 and C++20 modules enabled
- Fixed handling of named arguments in format specs
- Added error reporting for duplicate named arguments
- Fixed formatting of 'long' with 'FMT_BUILTIN_TYPES=0'
- Optimized 'text_style' using bit packing
- Added support for incomplete types
- Fixed a flush issue in 'fmt::print' when using libstdc++
- Fixed 'fmt::println' usage with 'FMT_ENFORCE_COMPILE_STRING' and legacy
- Removed legacy header 'fmt/core.h' from docs
- Worked around limitations of '__builtin_strlen' during constant evaluation
- Worked around a bug in MSVC v141
- Removed the 'fmt_detail' namespace
- Removed specializations of 'std::is_floating_point' in tests
- Fixed a CMake error when setting 'CMAKE_MODULE_PATH' in the pedantic mode
- Updated the Bazel config
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:02:56 +0000 (17:02 +0800)]
epiphany: upgrade 48.0 -> 48.3
Changelog:
===========
- Fix crash when opening downloaded file
- Fix crash when opening incognito window
- Fix Crash when trying to select download location
- Fix Crash in escape_csv_field() when exporting passwords
- Fix Adding WhatsApp as a web app crashes
- Fix Pressing Escape key in addressbar resets the cursor to beginning of
the widget
- Fix Epiphay shouldn't show the privacy dialog in incognito mode
- Fix (CVE-2025-3839) Require user interaction before opening URL in
external application
- Fix Code cleanup
- Fix window: fix crash when force closing window without session
- Fix Several fixes for password export
- Fix Remove Granite support from Tech Preview and Canary
- Fix find-toolbar: fix crash on load-changed
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:02:52 +0000 (17:02 +0800)]
cups: upgrade 2.4.11 -> 2.4.12
Changelog:
===========
- GnuTLS follows system crypto policies now
- Added 'NoSystem' SSLOptions value
- Now we raise alert for certificate issues
- Added Kyocera USB quirk
- The scheduler now logs a job's debugging history if the backend fails
- Fixed a potential timing issue with 'cupsEnumDests'
- Fixed a potential "lost PPD" condition in the scheduler
- Fixed a compressed file error handling bug
- Fixed a bug in the make-and-model whitespace trimming code
- Fixed a removal of IPP Everywhere permanent queue if installation failed
- Fixed 'ServerToken None' in scheduler
- Fixed invalid IPP keyword values created from PPD option names
- Fixed handling of "media" and "PageSize" in the same print request
- Fixed client raster printing from macOS
- Fixed the default User-Agent string.
- Fixed a recursion issue in 'ippReadIO'.
- Fixed handling incorrect radix in 'scan_ps()'
- Fixed validation of dateTime values with time zones more than UTC+11
- Fixed attributes returned by the Create-Xxx-Subscriptions requests
- Fixed 'ippDateToTime' when using a non GMT/UTC timezone
- Fixed 'job-completed' event notifications for jobs that are cancelled before
started
- Fixed DNS-SD discovery with 'ippfind'
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:02:46 +0000 (17:02 +0800)]
babeltrace2: upgrade 2.1.0 -> 2.1.1
Changelog:
===========
* src.ctf.lttng-live: remove lttng_live_lazy_msg_init function
* src.ctf.lttng-live: fix comment formatting
* README.adoc: Update working version to 2.1
* fix: export bt_component_class_sink_simple_borrow
* fix: building from the release tarball without flex
* doc/api/libbabeltrace2: use '<code>' i.o. '<span>' in '<dt>'
* Fix: doc/api/libbabeltrace2/Doxyfile.in: set version to 2.1
* babeltrace2-sink.text.pretty(7): add missing default param. value
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:02:44 +0000 (17:02 +0800)]
appstream: upgrade 1.0.4 -> 1.0.5
Changelog:
============
Features:
* qt: Expose markup conversion utils
* desktop-styles: Add android and iOS
* validator: Check for xml:lang="en" being used on description template elements
* validator: Flag cases of raw text in "description" elements
* metadata: Add more known extensions into as_metadata_file_guess_style()
Specification:
* docs: Clarify that the style segment of a screenshot environment is optional
* docs: Explain consequences of defining an icon for desktop-app metainfo
* docs: Clarify that description content must be in p/li elements
Bugfixes:
* validator: mark as_validator_issue_tag_list static
* docs: Add workaround for gi-docgen misnaming devhelp files
* compose: Do not permit SVG images as screenshots
* compose: Don't "forget" to scan remaining paths when re-encountering a dir
* pool: Try explicit singular term match if we only have low-quality tokens
* utils: Provide compatibility with Fedora icon tarballs when installing them
* utils: Remove leftover g_chmod()
* zstd-decompressor: Pass output/written data when decompression finished
* utils: Expect a dash in icons file name
* utils: Recognize .yml* and .yaml* file extension variants, and .zst extension
* utils: Rename the appstream file when re-saving it on install
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 10 May 2025 15:54:21 +0000 (16:54 +0100)]
bitbake.conf/pseudo: Switch from exclusion list to inclusion list
Currently, pseudo tracks all files referenced within its presence unless
they're listed in an exclusion list. The exclusion list has grown to be
fairly unwieldy.
This patch swaps PSEUDO_IGNORE_PATHS for PSEUDO_INCLUDE_PATHS which in
theory should be easier and more explicit to maintain.
This change does drop many directories from pseudo coverage including
/home and /tmp. There may be adapatations needed for recipes/classes
using pseudo in specific ways.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Thu, 8 May 2025 19:13:18 +0000 (12:13 -0700)]
compiler-rt: Rename the rt libraries if compiled with arm hardfloat ABI
OE does not rely on tuple to deduce hardfloat ABI, but clang/llvm does
arm-yoe-linux-gnueabi is used for both soft and softfp and hardfp float
ABIs in OE, LLVM expects arm-yoe-linux-gnueabihf for it to be treated as
hardfloat ABI, and look for correct name for rt libraries.
We know when we compile them with Hard-float ABI so rename them in such
case so clang can find it when using -rtlib=compiler-rt it needs to
has 'armhf' suffix
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Thu, 8 May 2025 19:13:16 +0000 (12:13 -0700)]
compiler-rt: Consolidate and fix cmake arguments
Specify CMAKE_C_COMPILER_TARGET and COMPILER_RT_DEFAULT_TARGET_ARCH
in common for native/target/nativesdk
set COMPILER_RT_DEFAULT_TARGET_ARCH to use HOST_ARCH across all recipe
variants
It is not needed to set COMPILER_RT_DEFAULT_TARGET_ARCH for powerpc anymore
as it is already fixed by setting COMPILER_RT_DEFAULT_TARGET_ARCH to
HOST_ARCH
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Thu, 8 May 2025 09:54:28 +0000 (17:54 +0800)]
libsoup-2.4: fix CVE-2024-52532
CVE-2024-52532:
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption.
during the reading of certain patterns of WebSocket data from clients.
Praveen Kumar [Wed, 7 May 2025 06:48:23 +0000 (06:48 +0000)]
connman: Fix CVE-2025-32743
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c
can be NULL or an empty string when the TC (Truncated) bit is set in
a DNS response. This allows attackers to cause a denial of service
(application crash) or possibly execute arbitrary code, because those
lookup values lead to incorrect length calculations and incorrect
memcpy operations.
Yi Zhao [Thu, 8 May 2025 01:27:35 +0000 (09:27 +0800)]
python3-pygobject: RDEPENDS on gobject-introspection
Since 3.51.0, python3-pygobject depends on libgirepository 2.0 provided
by glib-2.0 instead of libgirepository 1.0 provided by
gobject-introspection[1]. It still needs the typelib files from
libgirepository-1.0 package. Add gobject-introspection as a runtime
dependency.
Fixes:
$ python3
Python 3.13.2 (main, Feb 4 2025, 14:51:09) [GCC 14.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import gi
>>> from gi.repository import Gtk
Traceback (most recent call last):
File "/usr/lib64/python3.13/site-packages/gi/importer.py", line 139, in create_module
introspection_module = get_introspection_module(namespace)
File "/usr/lib64/python3.13/site-packages/gi/module.py", line 243, in get_introspection_module
module = IntrospectionModule(namespace, version)
File "/usr/lib64/python3.13/site-packages/gi/module.py", line 111, in __init__
repository.require(namespace, version)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^
gi.RepositoryError: Typelib file for namespace 'xlib', version '2.0' not found
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "<python-input-1>", line 1, in <module>
from gi.repository import Gtk
File "/usr/lib64/python3.13/site-packages/gi/importer.py", line 141, in create_module
raise ImportError(e) from e
ImportError: Typelib file for namespace 'xlib', version '2.0' not found
Ross Burton [Sat, 10 May 2025 08:43:56 +0000 (09:43 +0100)]
meson: clean up the native template in nativesdk builds
In a nativesdk build, the native build template should be minimal as it
just needs to ensure that Meson can link with libraries in the SDK's
native sysroot.
Specifically, it shouldn't be passing BUILD_* flags to Meson as these
are for the Yocto build host, not the SDK user.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tom Hochstein [Sat, 10 May 2025 08:43:53 +0000 (09:43 +0100)]
meson: Fix host_machine setting for native cross-file
For native and nativesdk, the meson cross-file settings for
`host_machine` are incorrectly set for the build machine, not the
"machine on which the compiled binary will run". See
https://mesonbuild.com/Cross-compilation.html.
Tom Hochstein [Sat, 10 May 2025 08:43:52 +0000 (09:43 +0100)]
toolchain-scripts: Export meson settings for SDK builds
Create a new set of exports for the Meson `host_machine` cross settings.
This allows the target cross file to be created correctly from
meson.cross.template and aligns with meson.bbclass.
Note, one might think that HOST_OS and HOST_ARCH would be appropriate as
inputs here, aligning nicely with the Meson naming. That turns out to be
incorrect since the script is generated in a native/nativesdk build with
HOST_OS and HOST_ARCH set for the "build machine", not the "host
machine", using the Meson terminology. See
https://mesonbuild.com/Cross-compilation.html.
Ross Burton [Sat, 10 May 2025 08:43:48 +0000 (09:43 +0100)]
oeqa/sdk/maturin: be less picky in the list_python test
The test assumed that maturin would only find a single Python binary, in
/usr/bin/python3*.
However in eSDKs with buildtools a Python is shipped with the SDK, so
the test failed.
Generalise the test so that it runs python3 and obtains its path and
version, and then verifies that path and and version are found by
Maturin. This means we're not assuming a single Python, or the paths, or
that the Python is CPython.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 10 May 2025 08:43:46 +0000 (09:43 +0100)]
oeqa/sdk/gtk3: build libhandy instead of galculator
galculator hasn't been touched for a decade now[1] and fails to compile
under GCC 15.
Switch to building libhandy, which is the GTK+3 precursor to libadwaita
in the Gnome stack. Whilst this is in low-maintainence mode, will be
updated if it breaks.
[1] https://github.com/galculator/galculator/
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 10 May 2025 08:43:44 +0000 (09:43 +0100)]
oeqa/sdk/meson: generalise test case
Refactor this test case so the generic "build a meson project" code is
separated out and can be reused.
Also currently meson inside eSDKs only works with fully populated eSDKs,
but our testing uses minimal eSDKS, so skip the test if the eSDK is a
minimal build. A bug has been filed to resolve this.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 10 May 2025 08:43:41 +0000 (09:43 +0100)]
oeqa/sdk: add helpers to check for and install packages
The existing tests simply look at the manifest to determine if a test
should be ran or not based on dependencies. Whilst this works for
Traditional SDKs, it fails for Extensible SDKs if they've been built in
minimal mode, where the manifest will be empty. However, minimal eSDKs
might well have available sstate to install the missing dependencies.
Add a pair of helper functions to ensure that a package is available, or
skip the test. This handles nativesdk- vs -native (SDK vs eSDK) and
will try to sdk-install missing dependencies into an eSDK if they're not
already installed.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 10 May 2025 08:43:37 +0000 (09:43 +0100)]
oeqa/sdk/context: fix multilib handling bug in hasTargetPackage
hasTargetPackage has some logic to automatically multilibify package
names if needed (for example, so that gtk+3 becomes lib32-gtk+3).
Due to a logic bug if multilib was True but there were no multilibs
configured then this prepended "-" to the package name, which won't
exist. This resulted in tests being skipped as the dependent packages
are not installed.
Solve this by only prepending to the package name if requested and if a
multilib environment has been detected.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Sat, 10 May 2025 08:43:36 +0000 (09:43 +0100)]
oe/sdk: fix empty SDK manifests
The SDK manifests are generated by listing the sstate was that used, but
it hardcodes that the sstate data filenames end in .tgz.
This has not been the case since sstate switched to Zstd[1] in 2021,
which meant that all of the tests which checked for packages existing
were being skipped as the manifests were empty. For example, see a
representative core-image-sato eSDK test run[2]:
Ross Burton [Sat, 10 May 2025 08:43:35 +0000 (09:43 +0100)]
testsdk: allow user to specify which tests to run
Following the usage of TEST_SUITES in testimage, add TESTSDK_SUITES to
specify the list of tests to execute. By default the variable is empty,
which means to run all discovered tests.
This makes it easier to work on a single test without having to run all
of the tests.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Woerner [Wed, 7 May 2025 19:26:34 +0000 (15:26 -0400)]
systemd: disable linker GCS warning on aarch64
openssl has some assembler code that has PAC and BTI hints but not GCS. The
systemd recipe then links to libcrypto from openssl with GCS enabled (as
that is a distro-wide setting) and it - correctly - warns that it is being
told to use GCS but one of the inputs does not have GCS. This would not
be a problem but systemd also links with —fatal-warnings, so the build
explodes.
libcrypto.so: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
| collect2: error: ld returned 1 exit status
Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
