Khem Raj [Wed, 21 May 2025 06:19:46 +0000 (23:19 -0700)]
systemd-boot: Remove -mfpmath=sse option from cflags
EFI sources in systemd uses -mgeneral-regs-only which conflicts
with -mfpmath=sse specified by OE via tune arguments. It needs to
be removed, clang errors about it and fails the build
Fixes
error: the 'sse' unit is not supported with this instruction set
Khem Raj [Wed, 21 May 2025 06:19:43 +0000 (23:19 -0700)]
pulseaudio: Treat -Wunused-command-line-argument as error
This ensures that it does not enble SSE when -msse flag is passed, clang
warns about unused option on non-x86 targets but it must be flagged as
error for configure to notice and fail the check to enable SSE on non-x86
machines
Yoann Congal [Fri, 23 May 2025 19:24:29 +0000 (21:24 +0200)]
selftest/reproducible: Limit memory used by diffoscope
When working on large diffs (eg in meta-oe's repro test) diffoscope may
use a huge amount of memory and trigger OOM kills on parallel builds.
Use the max_diff_block_lines_saved option to limit to 1024 the number of
diff lines saved in a block. Also, limit the number of line in the
report to generate a report even when the limit is reached.
The chosen default 1024 comes from diffoscope default for a diff block.
For a random 10MB binary (packaged in ipk, deb and rpm), this does
decrease the "Maximum resident set size" of diffoscope from 1.3GB to
400MB.
As an added bonus, this also make diffoscope bail out earlier, on the
same example: execution time goes from 30 minutes down to 7.
Fixes [YOCTO #15876]
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Gyorgy Sarvari [Fri, 23 May 2025 18:18:13 +0000 (20:18 +0200)]
ca-certificates: fix on-target postinstall script
When the package is installed directly on the machine (instead of
installing it in the rootfs directly), the postinstall script fails with
the following error:
/usr/sbin/update-ca-certificates: line 75: shift: shift count out of range
The reason is that the "update-ca-certificates" script is executed with
the "--sysroot" argument, and as the sysroot $D is passed. However on the
target system this variable doesn't exist, so the argument is passed without
this mandatory value, and the execution fails.
To avoid this error, check if the $D variable exists, and pass the --sysroot
argument only when it does.
Notably:
- There was a temporary removal of the LICENSE file (restored in
v80.8.0);
- The easy_install module has been mostly removed; what remains is a
temporary stub for compatibility purposes.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Markus Volk [Thu, 22 May 2025 06:30:21 +0000 (08:30 +0200)]
boost: add process library
This fixes an error seen with current wesnoth:
| ../build/tmp/work/corei7-64-poky-linux/wesnoth/1.19.12/recipe-sysroot-native/usr/bin/x86_64-poky-linux/../../libexec/x86_64-poky-linux/gcc/x86_64-poky-linux/15.1.0/ld: src/libwesnoth-common.a(filesystem.cpp.o): in function `boost::process::v2::environment::detail::is_executable(boost::filesystem::path const&, boost::system::error_code&)':
| /usr/include/boost/process/v2/detail/environment_posix.hpp:81:(.text._ZN5boost7process2v211environment15find_executableINS2_12current_viewEEENS_10filesystem4pathES6_OT_[_ZN5boost7process2v211environment15find_executableINS2_12current_viewEEENS_10filesystem4pathES6_OT_]+0x24c): undefined reference to `boost::process::v2::environment::detail::has_x_access(char const*)'
| collect2: error: ld returned 1 exit status
| ninja: build stopped: subcommand failed.
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 21 May 2025 19:14:49 +0000 (20:14 +0100)]
rust: remove file-native DEPENDS
It's unclear what this was for: there's no use of "file" or libmagic in
the recipe, and the guide to building Rust from source doesn't list file
as a dependency[1].
GNU patch 2.8 released: http://savannah.gnu.org/news/?id=10741
NEWS since v2.7.6 (2018-02-03):
The --follow-symlinks option now applies to output files as well as input.
'patch' now supports file timestamps after 2038 even on traditional
GNU/Linux platforms where time_t defaults to 32 bits.
'patch' no longer creates files with names containing newlines,
as encouraged by POSIX.1-2024.
Patches can no longer contain NUL ('\0') bytes in diff directive lines.
These bytes would otherwise cause unpredictable behavior.
Patches can now contain sequences of spaces and tabs around line numbers
and in other places where POSIX requires support for these sequences.
--enable-gcc-warnings no longer uses expensive static checking.
Use --enable-gcc-warnings=expensive if you still want it.
Fix undefined or ill-defined behavior in unusual cases, such as very
large sizes, possible stack overflow, I/O errors, memory exhaustion,
races with other processes, and signals arriving at inopportune moments.
Remove old "Plan B" code, designed for machines with 16-bit pointers.
Assume C99 or later; previously it assumed C89 or later.
Port to current GCC, Autoconf, Gnulib, etc.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Prevent an abort in the bfd linker when attempting to
generate dynamic relocs for a corrupt input file.
PR 32638
Backport a patch from upstream to fix CVE-2025-1178
Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0]
Liu Yiding [Wed, 21 May 2025 03:40:03 +0000 (11:40 +0800)]
libunwind: disable installation of tests dir
fix the issue that:
| Error: Transaction test error:
| file /usr/libexec/libunwind/check-namespace.sh conflicts between attempted installs of libunwind-1.8.1-r0.core2_64 and lib32-libunwind-1.8.1-r0.core2_32
| file /usr/libexec/libunwind/test-runner conflicts between attempted installs of libunwind-1.8.1-r0.core2_64 and lib32-libunwind-1.8.1-r0.core2_32
By default, test suite from srcdir/tests/* will be installed to /usr/libexec/libunwind, here pass --disable-tests to not install test suite.
Test suite can be added to libunwind-ptest in the future if needed
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dmitry Baryshkov [Tue, 20 May 2025 11:01:11 +0000 (14:01 +0300)]
clang: build-depend on spirv-llvm-translator-native
Building of spirv-mesa and spirv64-mesa CLC targets (which are required
for Mesa to work) requires a working llvm-spirv tool (provided by the
spirv-llvm-translator-native package). Make clang build-depend on the
corresponding recipe in order to be able to build requried targets.
Fixes: 4178fe97371b ("clang: split SPIRV-LLVM-Translator to its own recipe") Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jamin Lin [Wed, 21 May 2025 01:21:21 +0000 (09:21 +0800)]
uboot-sign: Add support for setting firmware property in FIT configuration
Add the ability to set the "firmware" property in the FIT configuration node
by introducing the UBOOT_FIT_CONF_FIRMWARE variable.
This property defines the primary image to be executed during boot. If it is
set, its value will be written into the FIT configuration under the "firmware"
field. If not set, the bootloader will fall back to using the first entry in
the "loadables" list.
Using this property improves control over the boot sequence, especially in
multi-binary boot scenarios.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jamin Lin [Wed, 21 May 2025 01:21:20 +0000 (09:21 +0800)]
uboot-sign: Fix unintended "-e" written into ITS
An unintended "-e" string may be written into the generated ITS file when users
set the UBOOT_FIT_USER_SETTINGS variable to include custom binaries in the U-Boot
image.
This issue is caused by the use of 'echo -e', which behaves inconsistently across
different shells. While bash interprets '-e' as enabling escape sequences
(e.g., \n, \t), dash—the default /bin/sh on many systems—does not recognize
'-e' and treats it as a literal string. As a result, "-e" can be mistakenly
injected into the ITS file under certain build environments.
To ensure consistent and shell-agnostic behavior, replace 'echo -e' with
'printf', which is well-defined by POSIX and behaves reliably across all common
shells.
This change improves portability and prevents malformed ITS files caused by unintended
string injection.
Fixes: c12e013 ("uboot-sign: support to add users specific image tree source") Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Randy MacLeod [Tue, 20 May 2025 20:18:28 +0000 (16:18 -0400)]
valgrind: Upgrade from 3.25.0 to 3.25.1
The following bugs have been fixed or resolved in this point release:
503098 Incorrect NAN-boxing for float registers in RISC-V
503641 close_range syscalls started failing with 3.25.0
503914 mount syscall param filesystemtype may be NULL
504177 FILE DESCRIPTORS banner shows when closing some inherited fds
504265 FreeBSD: missing syscall wrappers for fchroot and setcred
504466 Double close causes SEGV
To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed above.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Mon, 19 May 2025 22:51:54 +0000 (15:51 -0700)]
rust: Use patchelf in place of chrpath to edit rpaths
chrpath has limitations e.g. the original rpath in ELF have to bigger in size
than the one being edited into it by chrpath, some toolchains do not use RPATH
but emit the RUNPATHs into ELF files and chrpath is not able to handle the
runpaths, this is the case with mips and pp32 build of rust, especially
when using clang compiler to build them.
patchelf can do more:
Modify RUNPATH entries
Add RPATH/RUNPATH where none existed
Set longer paths than the original
Convert between RPATH and RUNPATH
Yogesh Tyagi [Mon, 19 May 2025 11:08:17 +0000 (19:08 +0800)]
ltp: backport patch to fix compilation error for Skylake -march=x86-64-v3
When the input compiler enables AVX, stack realignment requirements
causes gcc to fail to omit %rbp use, due to which the test fails to
clobber %rbp in inline asm. Disable AVX to build the test on x86_64 so
that the test continues working.
Michal Sieron [Tue, 29 Apr 2025 13:20:36 +0000 (15:20 +0200)]
kernel-module-split: Allow for external conf files
Some recipes might provide conf files produced during build phase or
simply tracked in the VCS instead of generating them with Yocto.
In such cases those conf files wouldn't be assigned to correct packages.
With this change, if user wants to generate a conf file they still can,
but not generating them won't prevent assigning the file to proper
package given the file exists.
Signed-off-by: Michal Sieron <michalwsieron@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Markus Volk [Sun, 18 May 2025 16:10:09 +0000 (18:10 +0200)]
mesa: update 25.0.5 -> 25.1.0
- drop two merged patches
- clover frontend is always compiled, even if not enabled
clover is deprecated and was removed in master branch
add a patch to fix that
- install gbm_backend_abi.h
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Khem Raj [Sat, 17 May 2025 08:17:47 +0000 (01:17 -0700)]
m4: Upgrade to 1.4.20 release
This has been 4 years in making, it has fixes to build with gcc-15
and some patches are upstream [1] [2]
This release collects several years of portability improvements, as
well as a couple of minor optimizations to performance. Notable
improvements in this release include faster execution of the 'eval'
builtin. More details [3]
Ines KCHELFI [Fri, 16 May 2025 09:09:11 +0000 (11:09 +0200)]
insane.bbclass: Add unimplemented-ptest detection for cargo-based tests
Extend unimplemented-ptest QA check to detect Rust tests.
Note: To enable this QA check, add the following to your local.conf:
WARN_QA += "unimplemented-ptest"
Examples of Rust-based meta-oe packages triggering unimplemented-ptest:
Randy MacLeod [Thu, 15 May 2025 19:05:23 +0000 (15:05 -0400)]
linux: add CVE_STATUS for a chrome* bug
This is not a linux-yocto CVE yet it shows up in the reports as:
linux-yocto-custom CVE-2023-3079 0.0 8.8 Unpatched https://nvd.nist.gov/vuln/detail/CVE-2023-3079
For reference, the CPE says:
Affects cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
So affects all Linux systems,
Running on/with cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
[ YOCTO #15780 ]
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Yi Zhao [Fri, 16 May 2025 01:33:57 +0000 (09:33 +0800)]
iputils: Security fix for CVE-2025-47268
CVE-2025-47268
ping in iputils through 20240905 allows a denial of service (application
error or incorrect data collection) via a crafted ICMP Echo Reply
packet, because of a signed 64-bit integer overflow in timestamp
multiplication.
Praveen Kumar [Thu, 15 May 2025 06:08:08 +0000 (11:38 +0530)]
connman: Fix CVE-2025-32366
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length
that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen)
and memcpy(response+offset,*end,*rdlen) without a check for whether
the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be
larger than the amount of remaining packet data in the current state
of parsing. Values of stack memory locations may be sent over the
network in a response.
Richard Purdie [Wed, 14 May 2025 14:29:16 +0000 (15:29 +0100)]
gcc: Fix riscv multilib issues in plain toolchains
RISC-V multilib currently doesn't work at all. We could disable multilib for
the riscv platform but that would then behave differently to all our others.
Instead, copy the non-multilib config over the multilib config for now for
riscv, meaning we can keep the platforms similar.
This isn't quite enough as the triplet specific c++ headers are in the wrong
place leading to compiler issues and testimage failures. Work around that too
until someone adds full multilib support for the platform (if desired).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Wed, 14 May 2025 19:14:38 +0000 (21:14 +0200)]
dropbear: upgrade 2024.86 -> dropbear_2025.88
Handles CVE-2025-47203
SHA1 algorithms were removed by default, so patch for disabling it was
removed together with its package option. Doing it with conditional
patch was anyway a bad design. If someone still needs it, it should be
done via sed command on the config file.
Refreshed remaining patches.
Added patch to fix regression of the CVE fix.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Erick Shepherd [Tue, 13 May 2025 19:47:42 +0000 (14:47 -0500)]
kernel-devsrc.bb: Replace extra System.map file with symlink
Currently there are two .map files being copied to $kerneldir/build.
One of the files is System.map and the other is
System.map-<kernel version>. Each .map file takes up about 5MB and
have identical sha256sum hashes. This change will make it so only
System.map-<kernel version> is copied in order to save disk space.
It also recreates System.map as a symlink to that .map file.
Markus Volk [Tue, 13 May 2025 06:27:17 +0000 (08:27 +0200)]
libxcvt: allow native build
'mutter' requires the 'cvt' binary at compile time to build the native backend
For this it depends on xserver-xorg-cvt-native, which is currently broken and
also deprecated.
[https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/637]
This commit would allow to use libxcvt-native to provide the needed binary
instead.
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
$ bitbake coreutils
ERROR: coreutils-9.6-r0 do_package_qa: QA Issue: /usr/lib/coreutils/ptest/src/yes contained in package coreutils-ptest requires /path/to//tmp/work/core2-64-poky-linux/coreutils/9.6/build/src/coreutils, but no providers found in RDEPENDS:coreutils-ptest? [file-rdeps]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Tue, 13 May 2025 07:41:57 +0000 (09:41 +0200)]
testimage: get real os-release file
/etc/os-release is a symlink to /usr/lib.
Symlink is retrieved as a dead link which points to nowhere if also the
original file is not accompanying it.
Fetch the real file in addition to this link.
Alternative could be to use "tar -h" (supported also by busybox tar),
however that could lose some important information if links are relevant
for failure analysis.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rust: re-enable the unit tests that are previously ignored
Some unit tests were previously marked as ignored due to failures in earlier
versions of Rust. With the upgrade to Rust 1.85.1, these tests are now passing
consistently. They've been re-enabled and verified to run successfully on the
latest version.
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 13 May 2025 12:43:42 +0000 (13:43 +0100)]
libsoup-2.4: Drop recipe as obsolete
The last user in OE-Core was gst-examples. This has been upgraded and the dependency
dropped, all other users can use libsoup3 instead. Therefore remove the obsolete and
deprecated version.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
to ensure the kernel FIT image signing keys are available when creating
the U-Boot DTB. This is done only if the signing of the kernel FIT image
is enabled (UBOOT_SIGN_ENABLE="1").
The lack of the dependency causes build errors when executing a build
with no kernel FIT keys initially present in the keys directory. In such
cases one would see an output like this in the Bitbake logs:
Log data follows:
| DEBUG: Executing shell function do_uboot_assemble_fitimage
| Couldn't open RSA private key: '/workdir/build/keys/fit/dev.key': No such file or directory
| Failed to sign 'signature' signature node in 'conf-1' conf node
| FIT description: Kernel Image image with one or more FDT blobs
| ...
This issue was introduced by commit 259bfa86f384 where the dependency
between U-Boot and the kernel was removed (for good reasons). Before
that commit the dependency was set via DEPENDS so that, in terms of
tasks, one had:
With the removal of the first dependency, no more guarantees exist that
the keys would be present when assembling the U-Boot FIT image. That's
the situation we are solving with the present commit.
Fixes: 259bfa86f384 ("u-boot: kernel-fitimage: Fix dependency loop if UBOOT_SIGN_ENABLE and UBOOT_ENV enabled") Signed-off-by: Rogerio Guerra Borin <rogerio.borin@toradex.com> Cc: Marek Vasut <marex@denx.de> Cc: Sean Anderson <sean.anderson@seco.com> Cc: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ines KCHELFI [Mon, 12 May 2025 14:44:09 +0000 (16:44 +0200)]
rpm-sequoia: add ptest
In rpm-sequoia, some default paths in test code (OUT_DIR,
CARGO_MANIFEST_DIR) are invalid at runtime and cause test failures.
To fix this, patch the test code (symbols.rs) to support overriding these
paths via optional environment variables: FORCE_RUNTIME_PATH_LIB and
FORCE_RUNTIME_PATH_SRC.
Also make -ptest package RDEPEND on -dev package.
Tests take less than a second so this is added to PTEST_FAST.
ptest result:
|root@qemux86-64:~# ptest-runner rpm-sequoia
|START: ptest-runner
|2025-05-02T15:57
|BEGIN: /usr/lib/rpm-sequoia/ptest
|
|running 1 test
|test symbols ... ok
|
|test result: ok. 1 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s
|
|
|running 2 tests
|test tests::merge_certs_mismatch ... ok
|test tests::merge_certs ... ok
|
|test result: ok. 2 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.01s
|
|DURATION: 0
|END: /usr/lib/rpm-sequoia/ptest
|2025-05-02T15:57
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
Ines KCHELFI [Mon, 12 May 2025 14:44:11 +0000 (16:44 +0200)]
ptest-cargo: fix tests output format for testimage
In testimage, the ptest-runner output parser expects test results to follow
a specific format,with lines beginning with PASS:, FAIL:, or SKIP:. ptest-cargo,
currently, does not emit any of those lines and the parser treats the test
section as having no results, causing a test failure with :
AssertionError:
ptests which had no test results:
['<package>']
This patch ensures that the recipes using ptest-cargo class explicitly emits
PASS: or FAIL: lines, making the results compatible with the test parser and
preventing test failures.
Trevor Gamblin [Mon, 12 May 2025 14:43:51 +0000 (10:43 -0400)]
python3-cython: upgrade 3.0.12 -> 3.1.0
Many changes are included with this release, including support for
freethreading builds of CPython 3.13, cleanup of legacy code, and many
other features and bug fixes.
Modify 0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch
to remove 'test_types' from the pgo-wrapper call, since that fails now
under qemu.
Khem Raj [Mon, 12 May 2025 04:10:47 +0000 (21:10 -0700)]
compile-rt: Fix building compiler-native on aarch64 build hosts.
Using target triple confuses the native system compiler to find
libgcc and C runtime during compiler-rt-native build
Fixes
| /home/khem/yoe/build/tmp/hosttools/ld: cannot find crtbeginS.o: No such file or directory
| /home/khem/yoe/build/tmp/hosttools/ld: cannot find -lgcc: No such file or directory
| /home/khem/yoe/build/tmp/hosttools/ld: cannot find -lgcc_s: No such file or directory
| clang: error: linker command failed with exit code 1 (use -v to see invocation)
| ninja: build stopped: subcommand failed.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yi Zhao [Fri, 9 May 2025 14:55:00 +0000 (22:55 +0800)]
openssl: add fips support
* Add PACKAGECONFIG[fips] to enable fips build.
* Split a new package openssl-ossl-module-fips for fips.so.
* Add pkg_postinst_ontarget for openssl-ossl-module-fips to ensure the
config file fipsmodule.cnf is created on target. This is because we
should not use the same fipsmodule.cnf on different machines.
The 'openssl fipsinstall' commandline in pkg_postinst_ontarget will do
the following things:
1. Run the FIPS module self tests on target.
2. Generate config file fipsmodule.conf containing information about
the FIPS module such as the calculated MAC of the module.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:03:34 +0000 (17:03 +0800)]
python3-yamllint: upgrade 1.37.0 -> 1.37.1
Changelog:
=============
- Rule comments: tell how many spaces are expected
- Rule quoted-strings: Fix only-when-needed on multiline with backslash
- Config: Report if rules is not a dict
- Fix test_codec_built_in_equivalent() test when run with pytest
- CI: Fix TestPyPI "dev0" versions for master commits on tags
- Docs: Add links to GitHub repository and releases
- Docs: Fix GitLab integration example
- Docs: Fix GitLab integration link
- Fix the tests badge link on the README
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=============
- Fix TypeError when taking the union of typing_extensions.TypeAliasType and a
typing.TypeAliasType on Python 3.12 and 3.13.
- Backport from CPython PR #132160 to avoid having user arguments shadowed in
generated __new__ by @typing_extensions.deprecated.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 12 May 2025 09:03:30 +0000 (17:03 +0800)]
python3-poetry-core: upgrade 2.1.2 -> 2.1.3
Changed
----------
- Update list of supported licenses
Fixed
--------
- Fix an issue where the union of specific inverse or partially inverse markers
was not simplified
- Fix an issue where optional dependencies defined in the project section were
treated as non-optional when a source was defined for them in the tool.poetry
section
- Fix an issue where markers with === were not parsed correctly
- Fix an issue where local versions with upper case letters caused an error
- Fix an issue where extra markers with a value starting with "in" were not
validated correctly
- Fix an issue where inheriting from WheelBuilder was unnecessarily difficult
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
