Ross Burton [Tue, 10 Feb 2026 14:49:20 +0000 (14:49 +0000)]
python3-packaging: upgrade 25.0 -> 26.0
Skip the testcase test_pylock.py as this depends on tomli_w, which isn't
currently part of core.
Upstream changelog:
Features:
* PEP 751: support pylock
* PEP 794: import name metadata
* Support for writing metadata to a file
* Support __replace__ on Version
* Support positional pattern matching for Version and SpecifierSet
Behavior adaptations:
* PEP 440 handling of prereleases for Specifier.contains,
SpecifierSet.contains, and SpecifierSet.filter
* Handle PEP 440 edge case in SpecifierSet.filter
* Adjust arbitrary equality intersection preservation in SpecifierSet
* Return False instead of raising for .contains with invalid version
* Support arbitrary equality on arbitrary strings for Specifier and
SpecifierSet's filter and contains method.
* Only try to parse as Version on certain marker keys, return False on
unequal ordered comparisons
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Fri, 6 Feb 2026 20:27:25 +0000 (15:27 -0500)]
linux-yocto/6.18: beaglebone black: boot and graphics fixes
Integrating the following commit(s) to linux-yocto/6.18:
1/2 [
Author: Kevin Hao
Email: haokexin@gmail.com
Subject: net: cpsw_new: Execute ndo_set_rx_mode callback in a work queue
Date: Wed, 4 Feb 2026 14:27:57 +0800
Commit 1767bb2d47b7 ("ipv6: mcast: Don't hold RTNL for
IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP.") removed the RTNL lock for
IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP operations. However, this
change triggered the following call trace on my BeagleBone Black board:
WARNING: net/8021q/vlan_core.c:236 at vlan_for_each+0x120/0x124, CPU#0: rpcbind/496
RTNL: assertion failed at net/8021q/vlan_core.c (236)
Modules linked in:
CPU: 0 UID: 997 PID: 496 Comm: rpcbind Not tainted 6.19.0-rc6-next-20260122-yocto-standard+ #8 PREEMPT
Hardware name: Generic AM33XX (Flattened Device Tree)
Call trace:
unwind_backtrace from show_stack+0x28/0x2c
show_stack from dump_stack_lvl+0x30/0x38
dump_stack_lvl from __warn+0xb8/0x11c
__warn from warn_slowpath_fmt+0x130/0x194
warn_slowpath_fmt from vlan_for_each+0x120/0x124
vlan_for_each from cpsw_add_mc_addr+0x54/0xd8
cpsw_add_mc_addr from __hw_addr_ref_sync_dev+0xc4/0xec
__hw_addr_ref_sync_dev from __dev_mc_add+0x78/0x88
__dev_mc_add from igmp6_group_added+0x84/0xec
igmp6_group_added from __ipv6_dev_mc_inc+0x1fc/0x2f0
__ipv6_dev_mc_inc from __ipv6_sock_mc_join+0x124/0x1b4
__ipv6_sock_mc_join from do_ipv6_setsockopt+0x84c/0x1168
do_ipv6_setsockopt from ipv6_setsockopt+0x88/0xc8
ipv6_setsockopt from do_sock_setsockopt+0xe8/0x19c
do_sock_setsockopt from __sys_setsockopt+0x84/0xac
__sys_setsockopt from ret_fast_syscall+0x0/0x5
This trace occurs because vlan_for_each() is called within
cpsw_ndo_set_rx_mode(), which expects the RTNL lock to be held.
Since modifying vlan_for_each() to operate without the RTNL lock is not
straightforward, and because ndo_set_rx_mode() is invoked both with and
without the RTNL lock across different code paths, simply adding
rtnl_lock() in cpsw_ndo_set_rx_mode() is not a viable solution.
To resolve this issue, we opt to execute the actual processing within
a work queue, following the approach used by the icssg-prueth driver.
Fixes: 1767bb2d47b7 ("ipv6: mcast: Don't hold RTNL for IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP.") Signed-off-by: Kevin Hao <haokexin@gmail.com> Cc: stable@vger.kernel.org Link: https://patch.msgid.link/20260203-bbb-v5-1-ea0ea217a85c@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
2/2 [
Author: Kevin Hao
Email: haokexin@gmail.com
Subject: drm/tilcdc: Set preferred depth
Date: Wed, 4 Feb 2026 14:27:58 +0800
The commit c91acda3a380 ("drm/gem: Check for valid formats") adds a
check for valid pixel formats on drm_gem_fb_create(), but this breaks
the X server on the beaglebone black board.
We have set 'DefaultDepth' to 16 in our xorg.conf. In the X modesetting
driver, the drmmode_get_default_bpp() is used to guess the default
depth/bpp. First it tries to get them via DRM_CAP_DUMB_PREFERRED_DEPTH
ioctl, and if it fail, then try to create a FB with 'depth = 24' and
'bpp = 32' to check whether this depth/dpp is a valid combo. Before the
kernel commit c91acda3a380, the FB always can be created successfully.
This will avoid the bpp to be set to 24 forcibly. But after kernel
commit c91acda3a380, the FB will not be created successfully due to the
check of the valid pixel format. Then the bpp is set to 24, but the
'depth = 16' and 'bpp = 24' combo is not a valid pixel format.
Fix this issue by explicitly setting the preferred_depth in this driver.
With this change, the modesetting driver would choose the correct
depth/bpp combo based on our setting in xorg.conf.
Bruce Ashfield [Fri, 6 Feb 2026 20:27:21 +0000 (15:27 -0500)]
linux-yocto/6.12: drop reference recipes
We are going to release the LTS with only 6.18 as the versioned
reference kernel. 6.12 will continue to be updated and used in
previous release branches.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The OpenSSL legacy provider supplies algorithms that are either used
infrequently or have been deemed insecure by modern standards. The
Python3 cryptography module can optionally support this provider via the
openssl-ossl-module-legacy package.
Currently, the cryptography module builds with legacy provider support
enabled by default, regardless of whether the legacy modules are
actually included in the system. This patch makes that dependency
explicit by introducing a legacy-openssl packageconfig option that:
* Ensures runtime dependency on openssl-ossl-module-legacy when enabled
* Allows users to disable legacy algorithm support via build configuration
* Aligns python3-cryptography's defaults with OpenSSL's current defaults
The packageconfig option defaults to enabled for consistency with
OpenSSL's current configuration and to avoid breaking existing
deployments. A future security improvement will disable legacy modules
by default in OpenSSL, at which point this packageconfig can also
default to disabled.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Max Krummenacher [Mon, 26 Jan 2026 09:36:55 +0000 (10:36 +0100)]
alsa-utils: fix packaging of alsabat
If bat is in PACKAGECONFIG two additional binaries are created which
by the dynamic package split creates two additional packages.
However due to explicitely adding the file alsabat-test.sh to the
alsabat package the alsa-utils-alsabat-test package now is empty
and not created.
Complete commit 4c6d5f96990d ("alsa-utils: fix packaging") which fixed
the same issue for all other affected packages.
Fixes: 26a28ee79350 ("alsa-utils: dynamically split the packages instead of doing it manually") Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jörg Sommer [Tue, 3 Feb 2026 18:59:54 +0000 (19:59 +0100)]
create-spdx-2.2.bbclass: Add CVE_CHECK_IGNORE to fixed CVEs
The list of CVEs fixed by patches goes to the field *sourceInfo* in the
SBOM. But this list does not contain the CVEs marked for ignoring with the
Bitbake variable *CVE_CHECK_IGNORE*. Many recipes (e.g. openssh, glibc,
python) contain such entries and these are missing in the SBOM. Therefore,
add them to the list.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Tue, 3 Feb 2026 10:07:13 +0000 (11:07 +0100)]
systemd: properly package new container files
Since last systemd upgrade these files are packaged in systemd package
and thus systemd-container is unconditionally installed in all images as
dependency of systemd package.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Pratik Farkase [Mon, 2 Feb 2026 22:36:06 +0000 (23:36 +0100)]
libsolv: add ptest support
Add ptest support to enable automated testing of libsolv
using ptest-runner.
The implementation uses upstream's test infrastructure:
testsolv binary, runtestcases.sh script, and testcase data.
The test suite runs 28 test categories covering solver
functionality, package dependencies, and repository handling.
mark.yang [Fri, 30 Jan 2026 09:54:52 +0000 (18:54 +0900)]
lto.inc: introduce LTO_DEFAULT variable to support per-package overrides with Clang
Currently, LTO variable is set with a toolchain-clang override directly.
This causes priority issues where package-specific overrides (e.g., LTO:pn-perl = "")
are ignored when the Clang toolchain is active, making it difficult to disable LTO
for specific failing recipes.
This patch refactors the logic by introducing an intermediate `LTO_DEFAULT` variable.
- `LTO_DEFAULT` handles the toolchain-specific flags (GCC vs Clang).
- `LTO` is assigned `LTO_DEFAULT` as a default value.
This structure allows `LTO` to be cleanly overridden by recipe-specific overrides
(like `pn-${PN}`) regardless of the active toolchain.
Added a toolchain-gcc override for alsa-lib because -flto-partition=none is not
supported by Clang.
Signed-off-by: mark.yang <mark.yang@lge.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dmitry Baryshkov [Tue, 20 Jan 2026 02:43:13 +0000 (04:43 +0200)]
uki.bbclass: fix building of UKI images with multiple initramfs fstypes
If INITRAMFS_FSTYPES contains more than one entry, ukify build command
will fail as INITRD_ARCHIVE will contain extra strings. Use only the
first initramfs type, letting the user to specify other fstypes in
INITRAMFS_FSTYPES.
The INITRD_ARCHIVE variable is removed and merged into the code to
resolve the issue as we don't need a separate variable.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In a custom u-boot recipe that requires u-boot-common.inc, the config
fragments end up in SRC_URI. However, the custom recipe's FILESPATH does
not contain the path to oe-core's u-boot directory (as expected), which
leads to the error below:
ERROR: .../build/../meta-custom/recipes-bsp/u-boot/u-boot-custom_2025.10.bb:
Unable to get checksum for u-boot-custom SRC_URI entry u-boot-riscv-isa_clear.cfg: file could not be found
The following paths were searched:
(...)
Move SRC_URI_RISCV - along with the appends - out of the common
definitions.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The current extra_partition plugin uses predictable variable names (the
configuration must predict the image partition label or uuid). This has two
inconveniences:
- an extra partition that has a specific label (or uuid) is doomed with the
associated variable. The partition cannot be configured unless the label
(or uuid) is changed.
- two partitions with same label from distincts .wks cannot have different
content.
This allows the new suffix _name_%s to be appended to
IMAGE_EXTRA_PARTITION_FILES. This variable will be preferred whenever the
.wks specifies a name in the --sourceparams option.
For example:
an image may define:
IMAGE_EXTRA_PARTITION_FILES_name_foo = "bar.conf"
and the .wks line have line:
part --source extra_partition --sourceparams "name=foo"
Signed-off-by: Louis Rannou <louis.rannou@non.se.com> Reviewed-by: Pierre-Loup GOSSE <pierre-loup.gosse@smile.fr> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Stefano Tondo [Wed, 7 Jan 2026 18:15:41 +0000 (19:15 +0100)]
spdx30_tasks: Add concluded license support with SPDX_CONCLUDED_LICENSE
Add hasConcludedLicense relationship to SBOM packages with support for
manual license conclusion override via SPDX_CONCLUDED_LICENSE variable.
The concluded license represents the license determination after manual
or external license analysis. This should be set manually in recipes or
layers when:
1. Manual license review identifies differences from the declared LICENSE
2. External license scanning tools detect additional license information
3. Legal review concludes a different license applies
The hasConcludedLicense relationship is ONLY added to the SBOM when
SPDX_CONCLUDED_LICENSE is explicitly set. When unset or empty, no
concluded license is included in the SBOM, correctly indicating that
no license analysis was performed (per SPDX semantics).
When differences from the declared LICENSE are found, users should:
1. Preferably: Correct the LICENSE field in the recipe and contribute
the fix upstream to OpenEmbedded
2. Alternatively: Set SPDX_CONCLUDED_LICENSE locally in your layer when
upstream contribution is not immediately possible or when the license
conclusion is environment-specific
The implementation checks both package-specific overrides
(SPDX_CONCLUDED_LICENSE:${PN}) and the global variable, allowing
per-package license conclusions when needed.
The concluded license expression is automatically de-duplicated by
add_license_expression() to avoid redundant license objects in the SBOM.
The variable is initialized in spdx-common.bbclass with comprehensive
documentation explaining its purpose, usage guidelines, and examples.
Example usage in recipe or layer:
SPDX_CONCLUDED_LICENSE = "MIT & Apache-2.0"
SPDX_CONCLUDED_LICENSE:${PN} = "MIT & Apache-2.0"
Signed-off-by: Stefano Tondo <stefano.tondo.ext@siemens.com> Reviewed-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Schwan [Wed, 17 Dec 2025 13:06:43 +0000 (14:06 +0100)]
cargo-update-recipe-crates: Don't fail for partially empty Cargo.lock
Do not fail if only some Cargo.lock files are empty. Only fail, if there
are absolutely no dependencies found in any Cargo.lock.
This fixes the following error message, which would occur with "bitbake
-c update_crates python3-orjson":
ERROR: python3-orjson-3.10.17-r0 do_update_crates: Execution of '.../python3-orjson/3.10.17/temp/run.do_update_crates.70693' failed with exit code 1
ERROR: Logfile of failure stored in: .../python3-orjson/3.10.17/temp/log.do_update_crates.70693
Log data follows:
| DEBUG: Executing python function extend_recipe_sysroot
| NOTE: Direct dependencies are ['.../sources/oe-core/../oe-core/meta/recipes-devtools/quilt/quilt-native_0.69.bb:do_populate_sysroot', 'virtual:native:.../sources/oe-core/../oe-core/meta/recipes-devtools/patch/patch_2.8.bb:do_populate_sysroot', 'virtual:native:.../sources/oe-core/../oe-core/meta/recipes-devtools/python/python3_3.13.9.bb:do_populate_sysroot']
| NOTE: Installed into sysroot: []
| NOTE: Skipping as already exists in sysroot: ['gettext-minimal-native', 'cmake-native', 'libtool-native', 'quilt-native', 'texinfo-dummy-native', 'openssl-native', 'expat-native', 'ncurses-native', 'util-linux-libuuid-native', 'zlib-native', 'libedit-native', 'make-native', 'patch-native', 'perl-native', 'python3-native', 'bzip2-native', 'xz-native', 'zstd-native', 'attr-native', 'gdbm-native', 'libffi-native', 'sqlite3-native']
| DEBUG: Python function extend_recipe_sysroot finished
| DEBUG: Executing shell function do_update_crates
| Traceback (most recent call last):
| File "<stdin>", line 41, in <module>
| File "<stdin>", line 12, in get_crates
| ValueError: Unable to find any candidate crates that use crates.io
|
| The above exception was the direct cause of the following exception:
|
| Traceback (most recent call last):
| File "<stdin>", line 43, in <module>
| ValueError: Cannot parse '.../python3-orjson/3.10.17/sources/orjson-3.10.17/include/cargo/simdutf8-0.1.5/Cargo.lock'
| WARNING: exit code 1 from a shell command.
ERROR: Task (.../sources/oe-core/../meta-openembedded/meta-python/recipes-devtools/python/python3-orjson_3.10.17.bb:do_update_crates) failed with exit code '1'
Signed-off-by: Martin Schwan <m.schwan@phytec.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Samuli Piippo [Wed, 4 Feb 2026 06:42:05 +0000 (06:42 +0000)]
oe/utils: filter license packages
The packages_filter_out_system() function is used in PACKAGESPLITFUNCS
to filter out "system" packages (-dbg, -dev). The filtered packages
should include license packages (-lic) as well, when they are generated
with LICENSE_CREATE_PACKAGE = "1", otherwise the license packages will
get pulled into images unintentionally.
Peter Marko [Tue, 3 Feb 2026 22:40:22 +0000 (23:40 +0100)]
ffmpeg: ignore 10 CVEs
First group of CVEs got a bogus cpe update listing all tags since v7.0.
All CVEs were fixed in v7.0 except CVE-2025-22921 fixed in v8.0.
Second group has date CPE (2025-01-13) instead of version (v8.0).
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Tue, 3 Feb 2026 21:47:17 +0000 (22:47 +0100)]
libsndfile1: patch CVE-2025-56226
Pick patches from both PRs linked in issue mentioned in NVD report.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Tue, 3 Feb 2026 21:11:42 +0000 (22:11 +0100)]
vim: upgrade 9.1.1683 -> 9.1.2128
Removes CVE-2025-66476 from CVE metrics.
It's fixed in 9.1.1947, but only affects Vim for Windows.
Rebased patches and resolved conflicts.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Mon, 2 Feb 2026 06:47:34 +0000 (14:47 +0800)]
qemu: fix regression for ppc64
The qemu upstream commit, fcac98d0 (linux-user: Remove ELF_HWCAP2),
accidently introduced a regression. It used get_elf_hwcap where
get_elf_hwcap2 should be used.
With recent qemu upgrade in Yocto (10.1.3 -> 10.2.0), qemuppc64 build
is basically broken. There are a lot of do_configure failures with error
message like below:
Fatal glibc error: CPU lacks ISA 3.00 support (POWER9 or later required)
Backport a patch to fix this issue.
Note that although the problem was only revealed for qemuppc64, some arm
and arm64 machines will also likely get the same issue, as in qemu source
we have:
linux-user/aarch64/target_elf.h:#define HAVE_ELF_HWCAP2 1
linux-user/arm/target_elf.h:#define HAVE_ELF_HWCAP2 1
linux-user/ppc/target_elf.h:#define HAVE_ELF_HWCAP2 1
Replaced 0001-restripe.c-Use-_FILE_OFFSET_BITS-to-enable-largefile.patch
with 0001-raid6check.c-restripe.c-Use-64-bit-off_t-across-both.patch as
partial changes from first patch are part of the upstream version[1].
Dropped patches that are part of upstream version
- xmalloc.patch [2]
- 0001-Makefile-install-mdcheck.patch [3]
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/files/layers.schema.json: use URI shortcut for some remotes
Among the three sources, only two have a single remote. So we can replace
their entire structure 'remote' -> 'origin' -> 'uri' with a shorter one
(property 'uri' only).
It is cauding package_qa and reproducibility issues:
ERROR: lib32-libconfig-1.8.2-r0 do_package_qa: QA Issue: File /usr/lib/libconfig/ptest/tests/libconfig_tests in package lib32-libconfig-ptest contains reference to TMPDIR [buildpaths]
ERROR: lib32-libconfig-1.8.2-r0 do_package_qa: QA Issue: /usr/lib/libconfig/ptest/tests/libconfig_tests contained in package lib32-libconfig-ptest requires /bin/bash, but no providers found in RDEPENDS:lib32-libconfig-ptest? [file-rdeps]
Peter Marko [Sat, 31 Jan 2026 14:53:06 +0000 (15:53 +0100)]
expat: upgrade 2.7.3 -> 2.7.4
Changelog [1]:
Security fixes:
#1131 CVE-2026-24515 -- Function XML_ExternalEntityParserCreate
failed to copy the encoding handler data passed to
XML_SetUnknownEncodingHandler from the parent to the new
subparser. This can cause a NULL dereference (CWE-476) from
external entities that declare use of an unknown encoding.
The expected impact is denial of service. It takes use of
both functions XML_ExternalEntityParserCreate and
XML_SetUnknownEncodingHandler for an application to be
vulnerable.
#1075 CVE-2026-25210 -- Add missing check for integer overflow
related to buffer size determination in function doContent
Bug fixes:
#1073 lib: Fix missing undoing of group size expansion in doProlog
failure cases
#1107 xmlwf: Fix a memory leak
#1104 WASI: Fix format specifiers for 32bit WASI SDK
Other changes:
#1105 lib: Fix strict aliasing
#1106 lib: Leverage feature "flexible array member" of C99
#1051 lib: Swap (size_t)(-1) for C99 equivalent SIZE_MAX
#1109 lib|xmlwf: Return NULL instead of 0 for pointers
#1068 lib|Windows: Clean up use of macro _MSC_EXTENSIONS with MSVC
#1112 lib: Remove unused import
#1110 xmlwf: Warn about XXE in --help output (and man page)
#1102 #1103 WASI: Stop using getpid
... and additional docs/autotools/cmake/infrastructure changes
Pratik Farkase [Thu, 29 Jan 2026 08:30:47 +0000 (09:30 +0100)]
libconfig: add ptest support
Add ptest support to enable automated testing of libconfig
using ptest-runner.
The implementation uses libtool --mode=install to properly
install test binaries, avoiding issues with libtool wrapper
scripts. Tests are built via 'make check TESTS=' to compile
without running during the build phase.
The test suite includes 16 tests covering parsing, formatting,
binary/hex values, escaped strings, and various edge cases.
All tests pass successfully on qemux86-64 :
START: ptest-runner
BEGIN: /usr/lib/libconfig/ptest
[TEST] ParsingAndFormatting
parsing testdata/input_0.cfg
parsing testdata/input_1.cfg
parsing testdata/input_2.cfg
parsing testdata/input_3.cfg
parsing testdata/input_4.cfg
parsing testdata/input_5.cfg
parsing testdata/input_6.cfg
parsing testdata/input_7.cfg
[ OK ] ParsingAndFormatting
[TEST] ParseInvalidFiles
[ OK ] ParseInvalidFiles
[TEST] ParseInvalidStrings
[ OK ] ParseInvalidStrings
[TEST] BigInt1
[ OK ] BigInt1
[TEST] BigInt2
[ OK ] BigInt2
[TEST] BigInt3
[ OK ] BigInt3
[TEST] BigInt4
[ OK ] BigInt4
[TEST] BigInt5
[ OK ] BigInt5
[TEST] BigInt6
[ OK ] BigInt6
[TEST] BigInt7
[ OK ] BigInt7
[TEST] RemoveSetting
[ OK ] RemoveSetting
[TEST] EscapedStrings
[ OK ] EscapedStrings
[TEST] OverrideSetting
[ OK ] OverrideSetting
[TEST] SettingLookups
[ OK ] SettingLookups
[TEST] ReadStream
[ OK ] ReadStream
[TEST] BinaryAndHex
some auto big hex: 4294967296
some auto big bin: 8589934591
negativehex: -1430532899
[ OK ] BinaryAndHex
Ryan Eatmon [Fri, 23 Jan 2026 23:08:19 +0000 (17:08 -0600)]
lttng-modules: Fix CONFIG_TRACEPOINTS patch
The check for CONFIG_TRACEPOINTS is guarded by a check for
CONFIG_LOCALVERSION. But what happens if your .config has
CONFIG_LOCALVERSION="" ? Then the check never runs and you try and
build the module even though CONFIG_TRACEPOINTS is missing.
Update the guard to check for either CONFIG_LOCALVERSION or
CONFIG_LOCALVERSION_AUTO.
Signed-off-by: Ryan Eatmon <reatmon@ti.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ryan Eatmon [Tue, 27 Jan 2026 22:34:33 +0000 (16:34 -0600)]
uboot: Deprecate legacy UBOOT_CONFIG flow
Mark the legacy flow for settings the UBOOT_CONFIG options in a comma
separated list. This code will still work through wrynose, but will be
removed once wrynose is released.
Add warnings to point people in the right direction for fixing their
configs:
WARNING: Legacy use of UBOOT_CONFIG[foo] = "foo_config,foo_image,foo_binary" is deprecated. Please move to using UBOOT_CONFIG_* variables:
WARNING: UBOOT_CONFIG[foo] = "foo_config"
WARNING: UBOOT_CONFIG_IMAGE_FSTYPES[foo] = "foo_image"
WARNING: UBOOT_CONFIG_BINARY[foo] = "foo_binary"
WARNING: Legacy use of UBOOT_CONFIG[bar] = "bar_config,bar_image" is deprecated. Please move to using UBOOT_CONFIG_* variables:
WARNING: UBOOT_CONFIG[bar] = "bar_config"
WARNING: UBOOT_CONFIG_IMAGE_FSTYPES[bar] = "bar_image"
WARNING: Legacy use of UBOOT_CONFIG[bing] = "bing_config,,bing_binary" is deprecated. Please move to using UBOOT_CONFIG_* variables:
WARNING: UBOOT_CONFIG[bing] = "bing_config"
WARNING: UBOOT_CONFIG_BINARY[bing] = "bing_binary"
Signed-off-by: Ryan Eatmon <reatmon@ti.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Tue, 27 Jan 2026 18:36:41 +0000 (19:36 +0100)]
openssl: upgrade 3.5.4 -> 3.5.5
Resolved patch conflicts.
Release information [1]:
OpenSSL 3.5.5 is a security patch release. The most severe CVE fixed in this release is High.
This release incorporates the following bug fixes and mitigations:
* Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification. (CVE-2025-11187)
* Fixed Stack buffer overflow in CMS AuthEnvelopedData parsing. (CVE-2025-15467)
* Fixed NULL dereference in SSL_CIPHER_find() function on unknown cipher ID. (CVE-2025-15468)
* Fixed openssl dgst one-shot codepath silently truncates inputs >16 MiB. (CVE-2025-15469)
* Fixed TLS 1.3 CompressedCertificate excessive memory allocation. (CVE-2025-66199)
* Fixed Heap out-of-bounds write in BIO_f_linebuffer on short writes. (CVE-2025-68160)
* Fixed Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. (CVE-2025-69418)
* Fixed Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion. (CVE-2025-69419)
* Fixed Missing ASN1_TYPE validation in TS_RESP_verify_response() function. (CVE-2025-69420)
* Fixed NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex() function. (CVE-2025-69421)
* Fixed Missing ASN1_TYPE validation in PKCS#12 parsing. (CVE-2026-22795)
* Fixed ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function. (CVE-2026-22796)
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Leon Anavi [Fri, 23 Jan 2026 08:43:35 +0000 (10:43 +0200)]
python3-wcwidth: Upgrade 0.2.14 -> 0.3.1
Upgrade to release 0.3.1:
Add benchmarking using codspeed.io
improve width() performance
>From release 0.3.0:
- Migrate from setup.py + setuptools to pyproject.toml + hatchling
- Small improvements to update-tables.py and wcwidth-browser.py
- New: iter_graphemes()
- New: width() terminal-aware string measurement
- New: ljust(), rjust(), center() justify text
- New: wrap()
- improve wcswidth() performance ~30%
- New ambigous_width=1 argument
- New strip_sequences() and cut() functions
- Width 0 for Default_Ignorable_Code_Point characters
- Bugfix for Prepended_Concatenation_Mark characters
Fixes:
WARNING: python3-wcwidth-0.3.1-r0 do_check_backend: QA Issue:
inherits setuptools3 but has pyproject.toml with hatchling.build,
use the correct class [pep517-backend]
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Sun, 25 Jan 2026 16:22:41 +0000 (17:22 +0100)]
glibc: mark CVE-2025-15281, CVE-2026-0861 and CVE-2026-0915 as patched
These were fixed with last hash update and start to appearing in CVE
reports.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jaeyoon Jung [Fri, 30 Jan 2026 10:09:15 +0000 (19:09 +0900)]
apt: Set gid to nogroup
Without --no-user-group, it tries to assign "_apt" gid which ends up
with an error as shown below when using static gid values and "_apt" is
not defined in USERADD_GID_TABLES.
| apt was skipped: Recipe apt, package apt: normal groupname "_apt" does not have a static ID defined.
Conventionally "_apt" does not have its own gid but rather uses
"nogroup". For that reason '_apt' gid is also removed from
meta-selftest/files/static-group.
Adrian Freihofer [Fri, 30 Jan 2026 07:52:32 +0000 (08:52 +0100)]
build-sysroots: Add sysroot tasks to default build and remove warning
Add both do_build_native_sysroot and do_build_target_sysroot to the
do_build dependency chain, allowing "bitbake build-sysroots" to populate
both sysroots automatically.
This is now safe to do since the previous commit added lockfiles to
serialize these tasks, preventing the race condition where they could
interfere with each other when run concurrently.
Remove the do_build_warn task which instructed users to call the tasks
explicitly, as this is no longer necessary. The warning was not clear.
For somebody who knwos about the race condition, it was obvious that
they should call the tasks explicitly, but for all other users this
was just confusing.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
can fail with errors like:
Exception: subprocess.CalledProcessError:
Command '.../tmp/sysroots/qemux86-64/usr/bin/postinst-base-passwd'
returned non-zero exit status 1.
Subprocess output:
.../tmp/sysroots/x86_64/usr/sbin/useradd
Running groupadd commands...
NOTE: cmake-example: Performing groupadd with
[--root ../tmp/sysroots/qemux86-64 --system cmake-example]
awk: error while loading shared libraries: libtinfo.so.5: cannot open
shared object file: No such file or directory
ERROR: cmake-example: groupadd command did not succeed.
The root cause is a race condition between do_build_target_sysroot and
do_build_native_sysroot. When run in parallel, do_build_target_sysroot
executes postinstall scripts (e.g., useradd) that invoke awk, while
do_build_native_sysroot is concurrently installing gawk-native into the
shared native sysroot (which is in PATH for do_build_target_sysroot).
Since sstate artifact installation is not atomic, awk binaries can be
installed before their dependent libraries. If do_build_target_sysroot
picks up the newly installed but incomplete awk, it fails with missing
library errors.
The situation is created by a mix of:
- gawk-native in ASSUME_PROVIDED (use host awk)
- glibc depending on gawk-replacement-native (builds gawk-native)
- Both tasks populating the same shared native sysroot directory
Fix this by adding a lockfile to both tasks, ensuring they cannot run
concurrently and avoiding the race condition where partially installed
native tools are accessed. While lockfiles are generally avoided in
BitBake due to performance concerns, this is acceptable here since these
tasks are not on a critical performance path.
[YOCTO #16135]
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Barker [Tue, 6 Jan 2026 16:03:33 +0000 (16:03 +0000)]
devtool: deploy: Reset PATH after strip_execs
We need to modify os.environ so that strip_execs() finds the correct
binaries to run. We shouldn't leave this modification in place for the
rest of the program execution though.
Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Barker [Tue, 6 Jan 2026 16:03:32 +0000 (16:03 +0000)]
devtool: deploy: Run pseudo with correct PATH
When running FAKEROOTCMD (i.e. pseudo), we need to use the same PATH as
we would use if we were running inside bitbake instead of the host
environment's PATH. This ensures that we don't pick up any host
executables that may have problems with pseudo (such as the uutils
implementations of common system utilities used in Ubuntu 25.10).
Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ming Liu [Mon, 26 Jan 2026 12:36:15 +0000 (13:36 +0100)]
busybox: fix a incomplete condition check
When deleting syslog sysvinit related config files, also check if
'systemd' is being enabled, after the change, it behaves same with the
check logic in rm_sysvinit_initddir.
${sysconfdir}/syslog.conf is also a sysvinit related config file, also
delete it.
Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Patrick Vogelaar [Sun, 25 Jan 2026 09:15:40 +0000 (10:15 +0100)]
openssh: add variable for key path
This patch adds a variable for the key directory path. This is especially
useful when working with a read-only file system where you want to
specify the location e.g. on a r/w partition. To be consistent, the
change was also done for the read write path.
For changing the path simply create a bbappend and override the
variable.
Signed-off-by: Patrick Vogelaar <patrick.vogelaar.dev@mailbox.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Dmitry Baryshkov [Fri, 23 Jan 2026 16:33:05 +0000 (18:33 +0200)]
linux-firmware: correct wil6210 dependency
The LICENSE.QualcommAtheros_ath10k is already packages as
linux-firmware-ath10k-license package, making OE skip
linux-firmware-qualcommatheros-ath10k-license (because it's now empty)
and thus making linux-firmware-wil6210 uninstallable.
Drop the duplicate licence package and use linux-firmware-ath10k-license
instead.
Trevor Gamblin [Fri, 23 Jan 2026 16:28:58 +0000 (11:28 -0500)]
qemurunner.py: replace 'codecs.open()' with 'open()'
With newer Python versions, codecs.open() is deprecated, leading to the
following warning:
|Stderr:
|/srv/pokybuild/tgamblin-qemux86/openembedded-core/meta/lib/oeqa/utils/qemurunner.py:133: DeprecationWarning: codecs.open() is deprecated. Use open() instead.
| with codecs.open(self.logfile + extension, "ab") as f:
Note that if we try to be explicit and make the 'errors' keyword
'strict' (as the codecs.open() call defaulted to), we see other
warnings:
|ValueError: binary mode doesn't take an errors argument
Theo GAIGE [Fri, 23 Jan 2026 10:46:49 +0000 (11:46 +0100)]
python3-pyelftools: add python3-logging to RDEPENDS
python3-logging is needed as a runtime dependency of python3-pyelftools
else the readelf.py script run into the following error :
```
Traceback (most recent call last):
File "/usr/bin/readelf.py", line 31, in <module>
from elftools.elf.elffile import ELFFile
File "/usr/lib/python3.12/site-packages/elftools/elf/elffile.py", line 29, in <module>
from ..dwarf.dwarfinfo import DWARFInfo, DebugSectionDescriptor, DwarfConfig
File "/usr/lib/python3.12/site-packages/elftools/dwarf/dwarfinfo.py", line 17, in <module>
from .structs import DWARFStructs
File "/usr/lib/python3.12/site-packages/elftools/dwarf/structs.py", line 10, in <module>
from logging.config import valid_ident
ModuleNotFoundError: No module named 'logging'
```
Signed-off-by: Theo GAIGE <tgaige.opensource@witekio.com> Reviewed-by: Louis Rannou <louis.rannou@non.se.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Randolph Sapp [Thu, 22 Jan 2026 19:50:00 +0000 (13:50 -0600)]
bitbake.conf: remove DEBUG_PREFIX_MAP from TARGET_LDFLAGS
Now that the previous bug affecting binary reproducibility has been
addressed [1], we can revert this patch. This will resolve issues with
cgo applications becoming unreprodcible.
Currently go considers link arguments to be sacred, meaning any change
should produce a different binary output. They ensure this by baking
link arguments into the intermediary output, changing the content ID of
that step. As such, the marco prefixes inadvertently end up adding build
paths to the output binary instead of removing them if they are passed
as link arguments to cgo applications.
These paths are later stripped out again, but at this point the content
ID of the dependency has changed and thus the build ID of the end
application will be affected by the cascade of hash changes. See the
upstream bug for more information [2].
Bruce Ashfield [Mon, 26 Jan 2026 15:23:49 +0000 (10:23 -0500)]
linux-yocto/6.12: update to v6.12.66
Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:
f6044d1fd846 Linux 6.12.66 9e3f8fa53348 bpf: test_run: Fix ctx leak in bpf_prog_test_run_xdp error path f8b406198778 ALSA: hda: intel-dsp-config: Prefer legacy driver as fallback 47e676ce4d68 tpm2-sessions: Fix out of range indexing in name_size 42440155fe27 spi: cadence-quadspi: Prevent lost complete() call during indirect read 3762535fbbc0 scsi: sg: Fix occasional bogus elapsed time that exceeds timeout 0810c8e94d6b ASoC: fsl_sai: Add missing registers to cache default 1d2a10913089 ALSA: hda/realtek: enable woofer speakers on Medion NM14LNL 8072299bf13f ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 44ed8fae346f ALSA: usb-audio: Update for native DSD support quirks ba6f0d1832ee can: j1939: make j1939_session_activate() fail if device is no longer registered 47206d70d1fb drm/amdkfd: Fix improper NULL termination of queue restore SMI event string 1c06d85c3d51 spi: mt65xx: Use IRQF_ONESHOT with threaded IRQ f609041424d5 drm/amd/display: Fix DP no audio issue 9f6cf07687be ata: libata-core: Disable LPM on ST2000DM008-2FR102 14fa3d1927f1 netfilter: nf_tables: avoid chain re-validation if possible feb28b6827ec powercap: fix sscanf() error return value handling 3835d59f6999 powercap: fix race condition in register_control_type() 7b60aed82db1 net: sfp: extend Potron XGSPON quirk to cover additional EEPROM variant fb9ef40cccdb bpf: Fix reference count leak in bpf_prog_test_run_xdp() 6447e697cfa8 bpf, test_run: Subtract size of xdp_frame from allowed metadata size 6611a73b2991 bpf: Support specifying linear xdp packet data size for BPF_PROG_TEST_RUN 0eb6e9d3b724 bpf: Make variables in bpf_prog_test_run_xdp less confusing 202c5b915e22 bpf: Fix an issue in bpf_prog_test_run_xdp when page size greater than 4K 5c647749bce3 btrfs: fix beyond-EOF write handling afbb57899612 btrfs: use variable for end offset in extent_writepage_io() a915072e5ac3 btrfs: truncate ordered extent when skipping writeback past i_size 7216d78ca34f btrfs: remove btrfs_fs_info::sectors_per_page ced5459df05a btrfs: add extra error messages for delalloc range related errors fb4fa3f9012b btrfs: subpage: dump the involved bitmap when ASSERT() failed 9ed14c3b787b btrfs: fix error handling of submit_uncompressed_range() fcc04c92cbb5 ALSA: ac97: fix a double free in snd_ac97_controller_register() 71138011dc01 ALSA: ac97bus: Use guard() for mutex locks 7388ba6e5ccd erofs: fix file-backed mounts no longer working on EROFS partitions d47b03775d55 erofs: don't bother with s_stack_depth increasing for now dd6ccec088ad arp: do not assume dev_hard_header() does not change skb->head de77d2cd178a net: enetc: fix build warning when PAGE_SIZE is greater than 128K 471dfb97599e net: usb: pegasus: fix memory leak in update_eth_regs_async() 43497313d0da net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset 3d67e8c22685 HID: quirks: work around VID/PID conflict for appledisplay 4969d6fa61af net: netdevsim: fix inconsistent carrier state after link/unlink d916df47a031 idpf: cap maximum Rx buffer size a4212d6732e3 idpf: fix memory leak in idpf_vport_rel() be3d31276199 idpf: keep the netdev when a reset fails 3264881431e3 net: fix memory leak in skb_segment_list for GRO packets 92ff65c660eb riscv: pgtable: Cleanup useless VA_USER_XXX definitions 1eeaaeceafcf btrfs: only enforce free space tree if v1 cache is required for bs < ps cases 6762937a8b45 vsock: Make accept()ed sockets use custom setsockopt() f1029391e604 bnxt_en: Fix potential data corruption with HW GRO/LRO 57f1dd8fa966 net: wwan: iosm: Fix memory leak in ipc_mux_deinit() 9e0f54294fae net/mlx5e: Don't print error message due to invalid module b71d08b96864 netdev: preserve NETIF_F_ALL_FOR_ALL across TSO updates 005671c60fcf net: sock: fix hardened usercopy panic in sock_recv_errqueue 50f65526b33d inet: ping: Fix icmp out counting 03fb1708b7d1 net: mscc: ocelot: Fix crash when adding interface under a lag 269c9283ff7f bridge: fix C-VLAN preservation in 802.1ad vlan_tunnel egress 3950054c9512 net: marvell: prestera: fix NULL dereference on devlink_alloc() failure 26a82dce2bee netfilter: nf_conncount: update last_gc only when GC has been performed e1a436981ac9 netfilter: nf_tables: fix memory leak in nf_tables_newrule() cdafa52ad39b gpio: pca953x: handle short interrupt pulses on PCAL devices d4f333a0155d gpio: pca953x: Add support for level-triggered interrupts dd42e23b6d9e netfilter: nft_synproxy: avoid possible data-race on update operation 16b4508e8717 netfilter: nft_set_pipapo: fix range overlap detection b397bb9c34ac arm64: dts: mba8mx: Fix Ethernet PHY IRQ support 97fdde3189b6 arm64: dts: imx8qm-ss-dma: correct the dma channels of lpuart 35b38dd6a792 arm64: dts: imx8mp: Fix LAN8740Ai PHY reference clock on DH electronics i.MX8M Plus DHCOM 88d60cff3000 ARM: dts: imx6q-ba16: fix RTC interrupt level 3e458210ee2c arm64: dts: add off-on-delay-us for usdhc2 regulator 06b1dfa40090 crypto: qat - fix duplicate restarting msg during AER error 8f6afb166402 arm64: dts: ti: k3-am62-lp-sk-nand: Rename pinctrls to fix schema warnings 75e2bc2985f4 drm/amd/display: Apply e4479aecf658 to dml 163df8d79a0d drm/amd/display: Respect user's CONFIG_FRAME_WARN more for dml files 582ba48e4a4c btrfs: fix NULL dereference on root when tracing inode eviction ec3695dd0acd btrfs: tracepoints: use btrfs_root_id() to get the id of a root 53df7a4c3a56 btrfs: qgroup: update all parent qgroups when doing quick inherit b9b19fecad7d btrfs: fix qgroup_snapshot_quick_inherit() squota bug dedec6e6b421 scsi: Revert "scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed" 496ca70a15f4 scsi: ufs: core: Fix EH failure after W-LUN resume error f373695d62e0 scsi: ipr: Enable/disable IRQD_NO_BALANCING during reset 261233f765d2 smb/client: fix NT_STATUS_NO_DATA_DETECTED value 596d1b968660 smb/client: fix NT_STATUS_DEVICE_DOOR_OPEN value b1dd68601676 smb/client: fix NT_STATUS_UNABLE_TO_FREE_VM value e83af97d5c39 drm/amd/display: shrink struct members a8559efcd576 NFS: Fix up the automount fs_context to use the correct cred 71029266093b ASoC: rockchip: Fix Wvoid-pointer-to-enum-cast warning (again) e1df03e293a0 NFSv4: ensure the open stateid seqid doesn't go backwards 6a1099604b0c dm-snapshot: fix 'scheduling while atomic' on real-time kernels f002df3a3305 alpha: don't reference obsolete termio struct for TC* constants 1b645cd729ef ARM: 9461/1: Disable HIGHPTE on PREEMPT_RT kernels 7010683101b5 csky: fix csky_cmpxchg_fixup not working 32dc49f49ea0 drm/xe: Ensure GT is in C0 during resumes e724d0261b7c drm/xe: make xe_gt_idle_disable_c6() handle the forcewake internally f09cd209359a tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). 6f468f6ff233 libceph: make calc_target() set t->paused, not just clear it e94075e950a6 libceph: reset sparse-read state in osd_fault() d2c4a5f69966 libceph: return the handler error from mon_handle_auth_done() c4c2152a858c libceph: make free_choose_arg_map() resilient to partial allocation 6c6cec3db3b4 libceph: replace overzealous BUG_ON in osdmap_apply_incremental() 2802ef3380fa libceph: prevent potential out-of-bounds reads in handle_auth_done() f94f95b81736 wifi: mac80211: restore non-chanctx injection behaviour 024f71a57d56 wifi: avoid kernel-infoleak from struct iw_point fcb7500bfa24 pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping 321e17ff3142 gpio: rockchip: mark the GPIO controller as sleeping 7500ab83bad2 drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] bc96db7051cc drm/pl111: Fix error handling in pl111_amba_probe 90b4b130a20d drm/amdgpu: Fix query for VPE block_type and ip_count 49a66829dd36 counter: interrupt-cnt: Drop IRQF_NO_THREAD flag c61440f1e741 counter: 104-quad-8: Fix incorrect return value in IRQ handler 196e8fd7424b lib/crypto: aes: Fix missing MMU protection for AES S-box 97130283b83f mei: me: add nova lake point S DID 0c2413c69129 btrfs: always detect conflicting inodes when logging inode refs 8b402146e3a8 arm64: Fix cleared E0POE bit after cpu_suspend()/resume() 2f05f7737e16 net: 3com: 3c59x: fix possible null dereference in vortex_probe1() 1320d94a4df1 atm: Fix dma_free_coherent() size 3f5d7f3865c6 NFSD: Remove NFSERR_EAGAIN 8c1cf63ed465 NFSD: net ref data still needs to be freed even if net hasn't startup d95499900fe5 nfsd: check that server is running in unlock_filesystem 03c68f94fad1 nfsd: use correct loop termination in nfsd4_revoke_states() ba4811c8b433 nfsd: provide locking for v4_end_grace 6b7ad17f4dd5 NFSD: Fix permission check for read access to executable-only files
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 22 Jan 2026 15:34:38 +0000 (15:34 +0000)]
gpgme: ensure manpage generation is deterministic
In a similar way to the previous commits with pod2man, gpgme will not
generate manpages on a clean build but will on rebuilds due to
do_package -> rpm-native -> ... -> libgpg-error-native, where the
libgpg-error-native recipe provides the yat2m tool.
To ensure that we generate manpages deterministicly, depend on this
recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 22 Jan 2026 15:34:34 +0000 (15:34 +0000)]
perl: provide pod2man
Many recipes uses pod2man to generate manpages from an almost
human-readable source format, which is part of the perl recipe.
This means that we have recipes that don't install manpages, or more
accurately don't install manpages if built from clean but _do_ if they
are a rebuild (because do_package -> rpm-native -> perl-native means the
sysroot now has pod2man in).
The obvious fix here is to DEPEND on perl-native but that an often look
like a redundant dependency that can be removed as removing it doesn't
cause problems (I'm fairly confident I'm responsible for patches like
this).
So, add a PROVIDES of pod2man to perl, so that recipes can DEPEND on
pod2man-native and this dependency is both obvious as to it's purpose
and easily removed if the manpages change source format.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
453e6b8dba (HEAD, origin/release/2.42/master) resolv: Fix NSS DNS backend for getnetbyaddr (CVE-2026-0915) b0ec8fb689 memalign: reinstate alignment overflow check (CVE-2026-0861) f122d0b4d1 nptl: Optimize trylock for high cache contention workloads (BZ #33704) a1d3294a5b support: Exit on consistency check failure in resolv_response_add_name 8dfb84ad4e support: Fix FILE * leak in check_for_unshare_hints in test-container 2a0873aa81 sprof: fix -Wformat warnings on 32-bit hosts efdf4c0c87 sprof: check pread size and offset for overflow b11411fe2e posix: Fix invalid flags test for p{write,read}v2 8aaf4b732d ppc64le: Power 10 rawmemchr clobbers v20 (bug #33091) 2dbf973fe0 ppc64le: Restore optimized strncmp for power10 6b2957cfe8 ppc64le: Restore optimized strcmp for power10 828b8d23f3 AArch64: Fix and improve SVE pow(f) special cases 710d7a2e83 AArch64: fix SVE tanpi(f) [BZ #33642] 0c9430ed97 AArch64: Fix instability in AdvSIMD sinh ec041b1f53 AArch64: Fix instability in AdvSIMD tan 97297120ce AArch64: Optimise SVE scalar callbacks 17c3eab387 aarch64: fix includes in SME tests de1fe81f47 aarch64: fix cfi directives around __libc_arm_za_disable bf499c2a49 x86: fix wmemset ifunc stray '!' (bug 33542) 71874f167a aarch64: tests for SME 256030b984 aarch64: clear ZA state of SME before clone and clone3 syscalls 6de12fc9ad aarch64: define macro for calling __libc_arm_za_disable ab8c1b5d62 x86: Detect Intel Nova Lake Processor bf48b17a28 x86: Detect Intel Wildcat Lake Processor 18fd689cdc nptl: Fix MADV_GUARD_INSTALL logic for thread without guard page (BZ 33356) 46b4e37c9e nss: Group merge does not react to ERANGE during merge (bug 33361) 1166170d95 libio: Define AT_RENAME_* with the same tokens as Linux
Signed-off-by: Hemanth Kumar M D <Hemanth.KumarMD@windriver.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
mark.yang [Thu, 22 Jan 2026 05:51:43 +0000 (14:51 +0900)]
lto.inc: add clang specific LTO configuration
This commit adds support for Clang-specific LTO options.
1. -fuse-linker-plugin is not supported by Clang.
2. -ffat-lto-objects is used to ensure that object files (.o) are generated as ELF
even when LTO is applied. During the dwarfsrcfiles process, if LTO is used
with the Clang toolchain, static library object files are skipped if they are
LLVM bitcode instead of ELF. Therefore, it is recommended to add this to
LTOEXTRA if necessary.
3. Adding 'thin-lto' to DISTRO_FEATURES enables -flto=thin.
projects / thirdparty / openembedded / openembedded-core.git / log
