Exercise paths containing spaces and glob metacharacters, leading-dash
filenames, mv overwrite behavior, an empty relocation directory, and a
source copy failure which leaves the prefix-specific destination
uncreated.
AI-Generated: Claude Opus 4.6
Signed-off-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Anders Heimer [Fri, 26 Jun 2026 15:04:45 +0000 (17:04 +0200)]
package: replace copydebugsources shell pipelines
Replace the sort/grep/sed parts of copydebugsources with Python
filtering on the NUL-separated source list. Keep cpio since it is
faster than doing it in python.
Use an explicit prefix + "/" match before stripping the prefix so source
selection is limited to files in the mapped debug source directory.
Replace the find/sed symlink fixup pipeline with os.walk() plus cpio,
use an argv-list mv for the externalsrc relocation, and pass the
empty-directory find command as an argv list.
The first cpio copy pass continues to ignore failures as before since
some inputs are expected to fail. The symlink fixup copy still reports
cpio failures.
Signed-off-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Replace PATH-based llvm-config discovery with explicit sysroot-native
resolution and simplify the target llvm-config wrapper to act as a pure
pass-through while preserving Yocto alternate path handling.
The previous implementation relied on:
* `which -a llvm-config | sed -n 2p`
which is unreliable in cross-build environments because it only
searches executables present in $PATH. Native sysroot tools
(e.g. recipe-sysroot-native llvm-config) are not guaranteed to be
exposed via PATH, so they may not be discovered at all.
* `echo $base_libdir | sed -n '/lib64/p'`
which depends on a BitBake variable that may be empty or unset
in certain build contexts, leading to incorrect libdir selection.
Update the wrapper to:
* Use an @LLVM_CONFIG_PATH@ placeholder that is replaced during the
build with the appropriate native llvm-config path.
* Detect libdir using filesystem inspection rather than variable
parsing.
* Preserve `YOCTO_ALTERNATE_EXE_PATH` and
`YOCTO_ALTERNATE_LIBDIR` handling.
* Delegate all arguments directly to the native llvm-config.
Update rust and mesa recipes to replace the placeholder with the native
llvm-config path during target and nativesdk builds.
Also remove the native llvm-config copy logic and lib/lib64 symlink
workarounds, relying instead on explicit native tool resolution.
Dmitry Baryshkov [Fri, 26 Jun 2026 20:06:16 +0000 (23:06 +0300)]
bitbake.conf: drop opencl from DISTRO_FEATURES_FILTER_NATIVE/_NATIVESDK
Since the commit ac5e0160df78 ("mesa: depend on mesa-tools-native for
less expensive libclc dependency"), there is no mesa -> mesa-native
dependency anymore, thus there is no need to propagate the opencl
DISTRO_FEATURE. Drop it from DISTRO_FEATURES_FILTER_NATIVE and
_NATIVESDK.
Ross Burton [Fri, 26 Jun 2026 15:13:24 +0000 (16:13 +0100)]
shared-mime-info: remove python3native dependency
This was added in the shared-mime-info 1.15 upgrade[1] with no rationale,
I suspect it was for itstool-native which is no longer used[2]. At least,
none of the dependencies would need python3-native over the host python3.
[1] oe-core 09ef7f8e4b9 ("shared-mime-info: upgrade 1.10 -> 1.15")
[2] oe-core 8ca8687b336 ("shared-mime-info: drop itstool-native from DEPENDS")
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Fri, 26 Jun 2026 13:42:21 +0000 (14:42 +0100)]
lib/sstatesig: use the SHA256 fastpath in bitbake/utils.py
Instead of iterating through a file by hand to hash it, call into the
hashing code in bitbake's utils.py. This uses mmap() instead of plain
file operations which is ~30% faster in benchmarks[1], and will speed
up hash calculations when writing sstate.
[1] On my build machine, hashing a 300MB kernel image 100 times takes
34s with open() and 26s with mmap()
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Eric Meyers [Fri, 26 Jun 2026 13:16:30 +0000 (08:16 -0500)]
create-spdx-image-3.0: correct SSTATE_SKIP_CREATION key for do_create_image_sbom_spdx
The override was "task-create-image-sbom" but BitBake derives it as
"task-create-image-sbom-spdx" (do_ stripped, underscores to hyphens), so
the skip was never applied. The task then cached an ${IMAGE_NAME}-stamped
SBOM in sstate, letting a stale spdx.json be restored via setscene. A
later do_sbom_cve_check would compute the current IMAGE_NAME and fail with
"No such file or directory" on the missing timestamped SBOM. Correct the
key so the image SBOM is always regenerated, never restored from sstate.
Signed-off-by: Eric Meyers <eric.meyers@arthrex.com> Cc: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Daniel Turull [Fri, 26 Jun 2026 07:38:07 +0000 (09:38 +0200)]
dlopen-deps.inc: treat soname list as ordered alternatives
The .note.dlopen format defines the soname array as a list of
alternatives (e.g. ["libcrypt.so.2", "libcrypt.so.1"]). The previous
code warned for every soname that was not found, even when an earlier
entry in the list already satisfied the dependency.
Select the first available provider and only warn when no alternative
can be resolved.
AI-Generated: Claude-opus-4.6 Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jaipaul Cheernam [Thu, 25 Jun 2026 17:06:20 +0000 (19:06 +0200)]
install-buildtools: add --local-file option
Add --local-file so that bitbake-setup (or any other caller that
already fetched and verified the installer) can pass a local path
directly without re-downloading.
Signed-off-by: Jaipaul Cheernam <jaipaul.cheernam@est.tech> Reviewed-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Thu, 25 Jun 2026 16:53:17 +0000 (09:53 -0700)]
python3-certifi: upgrade 2026.5.20 -> 2026.6.17
d46de62 Bump actions/checkout from 6.0.2 to 6.0.3 (#417) 6c183ec fix: update Requests docs link to canonical URL (#415) 36e3568 Bump dessant/lock-threads from 6.0.0 to 6.0.2
Luca Fancellu [Thu, 25 Jun 2026 13:31:06 +0000 (14:31 +0100)]
ncurses: fix split wide library and pkg-config installs
Add a patch which makes generated install/install.libs targets depend
on the installed shared-library set. Without this, a wide install after
a narrow install can install libticw and the secondary wide libraries
while leaving libncursesw.so missing.
Also patch the misc install rule to regenerate pkg-config files during
install.libs instead of relying on the pc-files stamp. The stamp is not
one of the generated .pc files, so an existing build tree can contain a
stale stamp while the .pc files that must be installed into a clean
DESTDIR are missing.
Recipes such as procps use pkg-config to detect ncurses, so missing
ncursesw.pc makes configure fail with errors like
`ncurses support missing/incomplete`.
Fixing the misc Makefile keeps the install target self-contained and
avoids a recipe-side workaround that deletes ncurses' internal pc-files
stamp before rerunning the misc install.
Luca Fancellu [Thu, 25 Jun 2026 13:30:39 +0000 (14:30 +0100)]
e2fsprogs: fix parallel library build ordering
Add a patch which fixes ordering problems in parallel e2fsprogs builds
with --enable-elf-shlibs.
Library subdirectories can otherwise return from "make all" before both
the static archive and the ELF shared library image have been created.
Consumers from other subdirectories can then link against incomplete or
incorrect artifacts.
On x86-64 this can make libext2fs.so fall back to the non-PIC
libcom_err.a and fail on R_X86_64_TPOFF32 relocations from
lib/et/error_message.o.
The patch also tightens lib/ss ordering so generated files and install
directories are present before parallel consumers use them.
Robert P. J. Day [Thu, 25 Jun 2026 08:15:56 +0000 (04:15 -0400)]
cpio_2.15.bb: delete unnecessary RDEPENDS of "ptest-runner"
Since all ptest-enabled recipes already have an RRECOMMENDS of
ptest-runner, there is no value in listing it in RDEPENDS as well.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Wed, 24 Jun 2026 23:21:19 +0000 (16:21 -0700)]
jansson: Fix build with lld linker
jansson hard-codes -Wl,--default-symver on glibc, which ld.lld does not
understand. Probe the linker for the option before using it so the recipe
builds with the clang/lld toolchain as well as GNU ld.
sbom-cve-check-update-nvd-native: update to version 2026.06.24-000003
Update fkie-cad/nvd-json-data-feeds to the CVE database from 2026-06-24.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sbom-cve-check-update-cvelist-native: update to version 2026-06-24
Update cvelistV5 to the CVE database from 2026-06-24.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
For details on this new release, see:
https://github.com/bootlin/sbom-cve-check/releases/tag/v1.3.2
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Wed, 24 Jun 2026 16:28:36 +0000 (09:28 -0700)]
python3-maturin: upgrade 1.14.0 -> 1.14.1
Upstream release notes [1]:
1.14.1
* Bump uraimo/run-on-arch-action to v3 to fix pytest job (#3221)
* Fix platform tag logic to generate the same as cpython on AIX (#3220)
* Bump pyo3-introspection (#3227)
* Upgrade cargo-zigbuild & cargo-xwin (#3228)
* Fix issues around crates enabling abi3 and abi3t features (#3226)
* Add PEP 740 publish attestations to PyPI releases (#3230)
* Set PYO3_PYTHON to run scripts for stable ABI builds (#3233)
* Fix shell quoting in CI scripts (#3231)
Michael Tretter [Wed, 24 Jun 2026 14:31:34 +0000 (16:31 +0200)]
busybox: fdisk: enable GPT support
busybox' fdisk has optional support for GPT partitions. Since GPT
support is currently disabled in openembedded-core, fdisk cannot be used
to inspect the GPT partition table on block devices on the target.
Make fdisk useful on systems with GPT partitions by enabling
CONFIG_FEATURE_GPT_LABEL.
Signed-off-by: Michael Tretter <m.tretter@pengutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Markus Volk [Wed, 24 Jun 2026 12:46:39 +0000 (14:46 +0200)]
curl: update 8.20.0 -> 8.21.0
After updating oe-core and meta-openembedded I see this error in curl build:
| configure: detected GnuTLS version 3.8.13
| checking for nettle_MD5Init in -lgnutls... no
| checking for x86_64-oe-linux-pkg-config... (cached) /home/flk/bitbake/bitbake-builds/oe/build/tmp/work/corei7-64-oe-linux/curl/8.20.0/recipe-sysroot-native/usr/bin/pkg-config
| checking for nettle options with pkg-config... found
| checking for nettle_MD5Init in -lnettle... no
| configure: error: GnuTLS found, but nettle was not found
This issue has already been fixed upstream and a new curl version was released today -> update to fix build
Anders Heimer [Wed, 24 Jun 2026 12:44:07 +0000 (14:44 +0200)]
oeqa/oelib: test patch command argv handling
Exercise fallback patch metadata with an author, date and committer name
containing spaces so direct argv execution passes those values to Git
without shell quoting.
Also cover the GitApplyTree and PatchTree run=False paths so
manual-resolution command generation continues to return argv lists
without applying the patch. Use patch filenames with spaces to verify
the paths remain single argv elements.
AI-Generated: Claude Opus 4.6
Reviewed-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Anders Heimer [Wed, 24 Jun 2026 12:44:06 +0000 (14:44 +0200)]
oe/patch: return manual-resolution commands as argv lists
PatchTree and GitApplyTree now generate patch commands as argv lists
when run=False.
Pass run through when pushing one patch and return the command without
advancing the current patch state. Use shlex.join() when writing the
command to the manual resolver's shell startup file.
Reviewed-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Anders Heimer [Wed, 24 Jun 2026 12:44:05 +0000 (14:44 +0200)]
oe/patch: pass GitApplyTree commands as argv lists
After removing PATCHFILE from the git-am command, the GitApplyTree apply
and commit commands no longer need shell syntax. Build the commands as
argv lists and pass them directly to runcmd().
Remove shell quoting from git -c, --author and --date arguments now that
those values are passed directly to Git instead of through sh -c. Update
the devtool upgrade caller to use shlex.join() when it still embeds
those options in a shell command string.
Keep run=False command generation as argv lists and avoid adding notes or
committing fallback changes when no command was run. Run the dirty-tree
status check from self.dir so it inspects the patch tree consistently.
Reviewed-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Anders Heimer [Wed, 24 Jun 2026 12:44:04 +0000 (14:44 +0200)]
oeqa/oelib: test GitApplyTree patch names
Exercise both the git-am path and the fallback commit path through
GitApplyTree.Import() and Push(). Verify that refs/notes/devtool records
the original patch filename and that extractPatches() recreates patches
with that name.
Anders Heimer [Wed, 24 Jun 2026 12:44:03 +0000 (14:44 +0200)]
oe/patch: remove obsolete PATCHFILE assignment
PATCHFILE was used by an older Git hook to preserve the original
patch filename. Current GitApplyTree records that filename in
refs/notes/devtool and extractPatches() reads the note when recreating
patches.
No current OE-Core, BitBake or installed hook consumer remains, so
remove the unused environment assignment. This to simplify the runcmd
argv-list changes.
Reviewed-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Himanshu Jadon [Fri, 19 Jun 2026 04:02:50 +0000 (21:02 -0700)]
tar: Fix CVE-2026-5704
Backport the upstream 3-commit fix chain for CVE-2026-5704.
The final CVE fix is [1], which depends on the earlier cleanup in [2]
and the behavioral change in [3]. Keep this patch order so the final
fix applies cleanly and preserves the upstream logic.
Also include upstream follow-up [4] to fix the --no-overwrite-dir ptest
regression caused by the CVE backport. Without this follow-up, tar can
temporarily chmod an existing directory even when --no-overwrite-dir is
used, which breaks the upstream --no-overwrite-dir ptest.
Kris Gavvala [Tue, 16 Jun 2026 02:35:45 +0000 (19:35 -0700)]
libcap: add ptest support
These ptests include a subset of upstream
tests that provide functional coverage of core libcap and libpsx
behavior across target systems.
This approach is preferred instead of using libcap's quicktest.sh
script because the later assumes the upstream build-tree layout and
has too many dependencies not available after installation.
Quicktest exercises a wide range of kernel capability features and
environment-specific functionality that is too comprehensive for ptests.
The ptests include the following from libcap/tests:
uns_test, psx_test, libcap_launch_test, exploit and
noexploit. cap_test from libcap/libcap is also included.
These provide coverage for capability manipulation, libpsx
integration, launch handling, and basic security validation.
Zheng Ruoqin [Mon, 22 Jun 2026 06:32:18 +0000 (14:32 +0800)]
vim-tiny: bugfix for lack of defaults.vim
When vim-tiny was used in image, it lacks defaults.vim file which will cause following error
root@qemux86-64:~# vi
E1187: Failed to source defaults.vim
Press ENTER or type command to continue
So add a new patch to fix this issue.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/selftest/devtool: add regression test for kernel cfg in subdirs
Add test_devtool_modify_kernel_cfg_subdirs which exercises a
kernel-yocto recipe whose .scc file and the .cfg fragments it
references (via "kconf"/"patch" lines) live in separate
FILESEXTRAPATHS subdirectories (bsp/ and cfg/). This reproduces the
layout from [YOCTO #15169], where devtool modify previously failed
with FileNotFoundError while trying to copy the .cfg files: the path
was computed as dirname(<.scc file>) + <cfg filename>, which broke
whenever the .cfg file was not in the same directory as the .scc file
that references it.
The offending copy logic was removed in ce8190c519 ("devtool: Drop
oe-local-files and simplify"); this test guards against a regression.
Verified the test fails on d9328e3b0b (pre-fix, FileNotFoundError)
and passes on current master.
Signed-off-by: Siva Balasubramanian <sivakumar.bs@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
llvm-project-source.inc: fix end of line in triple variable
After the return statement, a "," is present while a ";" is expected.
This leads to something like:
...return "x86_64-poky-linux",
Fix this syntax error by replacing "," with a ";".
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
and they are supposed to be replaced by a couple of sed commands in
do_preconfigure. However, sed looks for CLANG_EXTRA_OE_DISTRO_CASES (and
CLANG_EXTRA_OE_DISTRO_TRIPLES) and since none is found, the code is left
with the dangling comment like so:
Fix that by removing the 'S' in the end of ..._CASES and ..._TRIPLES.
Another way to fix this would be to directly change the patch, but
simply changing do_preconfigure feels cleaner.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
John Ripple [Mon, 22 Jun 2026 23:03:30 +0000 (17:03 -0600)]
go-vendor.bbclass: Remove vendor symlink
The go-vendor class creates a symlink at the end of do_go_vendor between
the vendor.fetch location and the vendor folder used by go to find
vendored sources. The do_vendor_unlink task originally removed the
symlink created in the S directory but only after it had already been
copied to the D directory.
The do_go_vendor and do_vendor_unlink tasks were never tied together.
This caused file not found errors on subsequent builds where the
do_vendor_unlink task was re-run without the do_go_vendor task being
re-run. Leaving the symlink in S and only deleting the symlink copied to
D fixes this issue.
Signed-off-by: John Ripple <john.ripple@keysight.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
John Ripple [Mon, 22 Jun 2026 23:03:29 +0000 (17:03 -0600)]
go-vendor.bbclass: Unpack into BP for destsuffix
The go-vendor class has a hardcoded destsuffix variable used to unpack
sources fetched with the go_src_uri function. This was causing a conflict
with insane.bbclass which prohibts setting S = "${UNPACKDIR}/git" which
was needed to find the vendored sources in the hardcoded location.
Changing this unpack location to use the standard base package name (BP)
fixes the previous issue and no longer requires manually setting S in the
recipes that use go-vendor.
Signed-off-by: John Ripple <john.ripple@keysight.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ricardo Salveti [Mon, 22 Jun 2026 18:09:09 +0000 (18:09 +0000)]
uboot-sign: allow customizing the FIT configuration description
The U-Boot fitImage configuration node description was hardcoded to
"Boot with signed U-Boot FIT". Some targets need a board/hardware
specific configuration description so the correct configuration can be
identified when the SPL loads the U-Boot FIT (SPL -> u-boot.itb).
When CONFIG_SPL_LOAD_FIT is enabled, the SPL selects a U-Boot FIT
configuration via fit_find_config_node(), which matches each
configuration node's "description" property against the board's
board_fit_config_name_match() hook. Boards that override this hook
(e.g. CZ.NIC Turris MOX matching "armada-3720-turris-mox", Engicam
i.CoreM6 matching "imx6q-icore", StarFive VisionFive2 and Siemens
IOT2050) require the description to be a specific board/DT-derived
string. The previously hardcoded "Boot with signed U-Boot FIT" can
never match such a hook; it only works by falling through to the
default configuration and breaks when the right configuration must be
selected by name.
Introduce UBOOT_FIT_CONF_DESC to make the configuration node
description overridable, mirroring the existing UBOOT_FIT_DESC variable
used for the root node description. The default value preserves the
previous behaviour, so existing layers are unaffected.
Signed-off-by: Ricardo Salveti <ricardo.salveti@oss.qualcomm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joshua Watt [Mon, 22 Jun 2026 16:01:24 +0000 (10:01 -0600)]
spdx: Add custom annotations to recipe packages
In addition to adding custom annotations to the build, add them to the
recipe as well.
Historically in the SPDX 2.2 implementation, there was no concept of a
"build" and instead just a "recipe" SPDX package that represented both
the recipe itself and the build that produced the runtime packages. The
custom annotations were attached to this package. When SPDX 3 was first
introduced, this unified recipe package was not kept and instead only a
build object was created to represent the production of the runtime
packages; as such the custom annotations were attached to this build.
Later, it was desired to re-introduce a package to represent the recipe
itself for various reasons, however the custom annotations were not
attached to the recipe object at that time.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marek Vasut [Thu, 18 Jun 2026 19:04:21 +0000 (21:04 +0200)]
kernel-fit-image.bbclass: Fix operation with KERNEL_DTBVENDORED = "1"
In the case KERNEL_DTBVENDORED = "1" , the fitImage configuration
subnode names used to contain the vendor prefix in OE 5.0 , e.g.:
"
$ mkimage -l fitImage
...
Configuration 0 (conf-freescale_imx8mn-board.dtb)
^^^^^^^^^^
...
"
With OE 6.0 this is no longer the case and KERNEL_DTBVENDORED = "1"
and KERNEL_DTBVENDORED = "0" behave exactly the same way:
"
$ mkimage -l fitImage
...
Configuration 0 (conf-imx8mn-board.dtb)
...
"
Users depend on the correct configuration subnode names as those
are used in the U-Boot "bootm" command when booting fitImages.
Fix this by converting each entry in the KERNEL_DEVICETREE list
into the configuration subnode name by replacing all of its path
separators with underscores.
Fixes: 05d0c7342d76 ("kernel-fit-image.bbclass: add a new FIT image implementation") Signed-off-by: Marek Vasut <marek.vasut@mailbox.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marek Vasut [Tue, 16 Jun 2026 22:06:38 +0000 (00:06 +0200)]
kernel-fit-image.bbclass: Do not include kernel property in DTBO config subnodes
The OE 5.0 implementation of fitImage generation did not include the
kernel property in DTBO configuration node subnodes, while the current
OE 6.0 implementation does. The previous implementation was correct,
because kernel together with only a DTBO overlay can not form bootable
result. The kernel property should only be part of the configuration
subnode which includes both kernel and DTB. Fix this.
Fixes: 05d0c7342d76 ("kernel-fit-image.bbclass: add a new FIT image implementation") Signed-off-by: Marek Vasut <marek.vasut@mailbox.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Sun, 21 Jun 2026 10:11:59 +0000 (12:11 +0200)]
oe-selftest: fitimage: Do not expect kernel property in DTBO config subnodes
A DTBO overlay together with only a kernel cannot form a bootable result,
so DTBO configuration subnodes should not include the kernel property.
Update _get_req_its_fields() accordingly: skip appending
'kernel = "kernel-1"' for .dtbo files, aligning it with
_get_req_sections() which already handles this correctly.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Fri, 19 Jun 2026 11:17:14 +0000 (13:17 +0200)]
oe-selftest: fitimage: stop hardcoding MACHINE and DISTRO in tests
Several fitimage selftests hardcoded DISTRO = "poky" and
MACHINE:forcevariable = "beaglebone-yocto". That is wrong for two
reasons:
- poky is not part of OE-core
- a non-weak MACHINE assignment conflicts with environments that set the
machine via OE_FRAGMENTS (bitbake fatal()s when both are present)
Replace both patterns with a machine-aware approach built on the
_MACHINE_SETTINGS table introduced by the previous commit:
- Tests that need machine-specific variables (KERNEL_DEVICETREE,
UBOOT_MACHINE, UBOOT_DTB_BINARY, FIT_CONF_DEFAULT_DTB, …) now call
_get_machine_or_skip() at the start. This reads the current MACHINE
from the build environment. When the machine is not listed in
_MACHINE_SETTINGS the test is skipped rather than failed, keeping the
suite green on machines that have not been enumerated yet. Also not
all architectures are used with fitimage, so skipping is the right
behavior for machines that do not support it. Maybe we can add more
machines later.
- The required variables are then injected into the bitbake config string
via _config_add_machine_settings(), passing only the subset of keys
each test actually needs.
- Tests that require an optional board capability (ATF/TEE, SPL with
device-tree) call _require_machine_capability(), which also skips the
test automatically when the machine does not advertise that capability.
- DISTRO = "poky" is removed; the tests run under whatever distro the
caller has configured.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Fri, 19 Jun 2026 11:17:13 +0000 (13:17 +0200)]
oe-selftest: fitimage: add machine settings table and skip helpers
Add a _MACHINE_SETTINGS class-level dict to FitImageTestCase that maps
each supported MACHINE name to the bitbake variables its tests need:
KERNEL_DEVICETREE, FIT_CONF_DEFAULT_DTB, UBOOT_MACHINE, UBOOT_DTB_BINARY,
UBOOT_ARCH, SPL_BINARY and optional capability sub-dicts (_cap_spl_dtb,
_cap_atf_tee, _bl31_image).
Add five helpers that tests will call in subsequent commits:
- _get_machine_settings(machine): return the settings dict.
- _config_add_machine_settings(config, machine, keys=None): append
a requested subset of settings to a config string.
- _get_machine_capability(machine, cap_name): return a capability
sub-dict, or None if absent.
- _require_machine_capability(self, config, machine, cap_name): append
a capability's variables or call self.skipTest() when absent.
- _get_machine_or_skip(self): read MACHINE at runtime and skip the test
gracefully when the machine is not listed in _MACHINE_SETTINGS.
Add extra variables to both _fit_get_bb_vars implementations:
- KernelFitImageBase: add UBOOT_FIT_ARM_TRUSTED_FIRMWARE*, UBOOT_FIT_TEE*
so that _gen_atf_tee_dummy_images() can resolve image paths for any
machine that has ATF/TEE in its FIT image.
- UBootFitImageTests: add TOPDIR (needed to resolve ${TOPDIR} in
_bl31_image paths), UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE, and
UBOOT_FIT_TEE_IMAGE (needed by _gen_atf_tee_dummy_images).
Add BL31 injection logic to UBootFitImageTests._bitbake_fit_image():
when _MACHINE_SETTINGS declares a '_bl31_image' path for the active
machine, generate a minimal ELF64 dummy at that path and inject it via
EXTRA_OEMAKE:append before calling bitbake. This is needed for sunxi/
Allwinner arm64 boards where binman parses BL31 as ELF at build time.
No test code is changed in this commit; all new helpers are dead code
until the following commit wires them in.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Fri, 19 Jun 2026 11:17:12 +0000 (13:17 +0200)]
oe-selftest: fitimage: replace MACHINE==qemux86-64 guards with KERNEL_SETUP_BIN
On x86, the kernel build produces setup.bin which is packed as a separate
section in the FIT image. The existing code used MACHINE == "qemux86-64"
as a proxy to detect this, which is fragile and non-composable.
Replace all such guards with a KERNEL_SETUP_BIN variable that is set to
the filename ("setup.bin") when the artifact is present, or left empty
otherwise.
Also fix the signing verification helpers for machines without DTBs
(e.g. qemux86-64 that uses conf-1 instead of conf-<dtb>.dtb):
- _get_req_sigvalues_config(): make "fdt" conditional in sign-images;
x86 FIT images have no DTB sections, so the ITS only signs "kernel".
- _check_signing(): when conf-1 has no matching DTB filename, fall back
to UBOOT_DTB_IMAGE as the key-holding DTB for fit_check_sign; if that
is also absent, skip the cryptographic check and log a debug message.
- _fit_get_bb_vars(): fetch UBOOT_DTB_IMAGE needed by the above.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Fri, 19 Jun 2026 11:17:11 +0000 (13:17 +0200)]
oe-selftest: fitimage: replace bbb-dtbs-as-ext with test-dtbs-as-ext
bbb-dtbs-as-ext is tightly coupled to the beaglebone-yocto BSP: it
requires kernel sources from that machine to compile the TI DTS files and
is restricted to COMPATIBLE_MACHINE = "^(beaglebone-yocto)$". This makes
the external-DTB FIT image selftests impossible to run on any other
machine. The beaglebone-yocto BSP is not part of oe-core.
Replace it with the machine-agnostic test-dtbs-as-ext recipe added in the
previous commit. test-dtbs-as-ext ships self-contained DTS files with no
kernel source dependencies and sets COMPATIBLE_MACHINE = ".*".
Changes:
- Delete bbb-dtbs-as-ext.bb and its DTS source files (am335x-bonegreen-ext.dts,
BBORG_RELAY-00A2.dts).
- Update _get_dtb_files() to recognise test-dtbs-as-ext as the virtual/dtb
provider and return the new filenames (test-ext.dtb, test-overlay.dtbo,
test-ext-alias.dtb).
- Update test_get_compatible_from_dtb() to build test-dtbs-as-ext, check for
the new compatible string "oe-selftest,test-ext", and drop the
beaglebone-yocto MACHINE / poky DISTRO overrides that were only needed
for the old recipe.
- Update test_fit_image_ext_dtb_dtbo() to set
PREFERRED_PROVIDER_virtual/dtb = "test-dtbs-as-ext".
- Update test_fitimage_py_conf_mappings_with_alias() to use the new DTB and
symlink names.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a minimal, fully standalone device-tree recipe for use by the
fitimage selftests. The two source files have no kernel-source
dependencies, so the recipe builds on any OE-core machine without
requiring a BSP layer.
test-ext.dts -- a tiny /dts-v1/ tree with a single aliases node and
an oe-selftest,test-ext compatible string.
test-overlay.dts -- a /plugin/ overlay referencing the root node.
COMPATIBLE_MACHINE = ".*" so the recipe is accepted on every target.
A test-ext-alias.dtb symlink is created in both do_install and
do_deploy (mirroring the alias pattern used by the external-DTB
fitimage tests) so that the configuration-node alias code path is
exercised.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Fri, 19 Jun 2026 11:17:09 +0000 (13:17 +0200)]
oe-selftest: fitimage: replace _gen_random_file with _gen_elf64_dummy
Some boards (e.g. RK3399 with evb-rk3399_defconfig) use binman to build
U-Boot and require BL31 to be a structurally valid ELF file so binman can
parse the load/entry addresses. A plain random-byte file fails with
"Magic number does not match".
Add _gen_atf_tee_dummy_images(bb_vars) which generates both the ATF and
TEE dummy binaries when the corresponding bb_vars keys are set. Tests
will call this helper instead of duplicating the generate-and-path logic.
So far this is a refactoring without functional changes, but it will be
used in a follow-up commit when we are going to replace the beaglebone
MACHINE by other MACHINEs which require a structurally valid ELF for
BL31.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Gamblin [Thu, 18 Jun 2026 20:36:32 +0000 (16:36 -0400)]
scripts/patchtest: check for meta-selftest
The patchtest suite (in particular, the selftests) makes use of the
meta-selftest layer for full operation. Make sure that the layer is
added to bblayers.conf before kicking off any test runs.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Gamblin [Thu, 18 Jun 2026 20:36:31 +0000 (16:36 -0400)]
scripts/patchtest: clean up main()
- Reference PatchtestParser members directly instead of setting local
variables
- Remove unused variables
- Declare 'ret' just before where it gets used
- Use subprocess.run() instead of os.popen() for a cleaner 'git status'
call
- Remove unnecessary square brackets in the status_matches if block
- Remove unneeded try-finally block
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We currently use the logging module to wrap tracebacks when a failure
occurs. The traceback module is sufficient for this task, so use it
directly. Also remove a redundant import of the traceback module, and
fix some whitespace in the getResult class that was missed previously.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Gamblin [Thu, 18 Jun 2026 20:36:28 +0000 (16:36 -0400)]
scripts/patchtest: simplify _runner()
- Use the test suite's countTestCases() method directly instead of
creating a variable
- Simplify return logic - we still want to fail early if there are no
test suites to use, but otherwise we can reduce it to a single return
value determination based on the result of runner.run()
- Add a newline above where the 'runner' variable is initialized
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Gamblin [Thu, 18 Jun 2026 20:36:26 +0000 (16:36 -0400)]
scripts/patchtest: refactor results methods
The add{Error,Failure,Success,Skip} methods used by the inner
PatchTestResult class re-use a lot of nearly-identical code. Encapsulate
the logic used into two new functions:
1. _format_test_description(), which includes all of the original
syntax/tag cleanup logic
2. _write_patchtest_result(), which formats the actual result lines that
patchtest ultimately emits (to console and/or file)
qemuboot.bbclass: add missing task dependency on kernel deploy
do_write_qemuboot_conf had no dependency on the kernel deploy task,
so if the kernel was rebuilt without invalidating the rootfs sstate,
the task was skipped and .qemuboot.conf was left stale while new
image artifacts were deployed with a new timestamp suffix.
Add do_write_qemuboot_conf[depends] on KERNEL_DEPLOY_DEPEND using a
Python inline expression that skips the dependency when
INITRAMFS_IMAGE_BUNDLE=1. When the initramfs is bundled into the
kernel, linux-yocto:do_deploy depends on the initramfs image
completing first, so an unconditional kernel deploy dependency on
do_write_qemuboot_conf would create a circular dependency.
KERNEL_DEPLOY_DEPEND is defined with ?= in image.bbclass and is
already used by do_build[depends] for the same reason.
Fixes: https://bugzilla.yoctoproject.org/show_bug.cgi?id=14520 Signed-off-by: Siva Balasubramanian <sivakumar.bs@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Antoine Gouby [Wed, 24 Jun 2026 09:56:58 +0000 (11:56 +0200)]
mesa: fix INSANE_SKIP package name for mesa-gl
mesa.inc is shared by both mesa.bb and mesa-gl.bb. The variable
INSANE_SKIP:${PN}-megadriver expands to mesa-gl-megadriver when
included by mesa-gl.bb, but the package is always named mesa-megadriver
(hardcoded via PACKAGES =+). The skip therefore had no effect for
mesa-gl builds.
This was hidden until mesa 26.1.0 removed the with_gbm condition from
the dril subdir build, causing mesa-gl to now install DRI driver
symlinks into mesa-megadriver for the first time.
Use ${MLPREFIX}mesa-megadriver to correctly handle both mesa-gl builds
(where MLPREFIX is empty) and multilib variants (where it expands to
e.g. "lib32-").
Signed-off-by: Antoine Gouby <antoine.gouby@toradex.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Zhixiong Chi [Wed, 24 Jun 2026 04:58:16 +0000 (12:58 +0800)]
python3-cython: make generated _cyutility.c be reproducible
While python3 module use cython to build shared moudle utility library,
the generated source file _cyutility.c is not stable at each build and
made the generated library not be reproducible.
When the option "--generated-shared" is used to generated __cyutility as the
link https://github.com/scikit-learn/scikit-learn/pull/31151/files, the path
for filename_table in the generated pyx/c file contains tmp dir which is not
predictable though it has been updated to the relative path, and it caused
the generated output file is not stable at each build and made the generated
library is not reproducible [1] between builds.
example as python3_pandas:
vim build/_cyutility.c
......
/* #### Code section: filename_table ### */
This commit use SharedUtilitySourceDescriptor instead of unpredictable
temporary directory unpredictable tmpdir in the generated source file
to assure the file _cyutility.c should be reproducible.
[1] https://reproducible-builds.org/
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert P. J. Day [Tue, 23 Jun 2026 08:22:41 +0000 (04:22 -0400)]
recipes.txt: correct misspelled "utilties"
Fix "utilties" to "utilities".
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wei Gao [Mon, 22 Jun 2026 07:00:50 +0000 (15:00 +0800)]
dmidecode: fix x86-only tools being installed on ARM targets
The dmidecode Makefile uses $(shell uname -m) to detect architecture, which
returns the build host's arch (x86_64) during cross-compilation. This causes
x86-only utilities (biosdecode, vpddecode, ownership) to be incorrectly built
and installed on ARM targets.
On NVIDIA Tegra234, running biosdecode triggers a flood of CBB fabric
DECODE_ERR interrupts (23,568+ printk messages dropped) by scanning
non-existent x86 BIOS memory at 0xF0000-0xFFFFF.
Fix by passing TARGET_ARCH to the Makefile's MACHINE variable, so it correctly
detects the target architecture and skips x86-only tools on ARM builds.
Signed-off-by: Wei Gao <wei.gao@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jaipaul Cheernam [Thu, 18 Jun 2026 07:54:05 +0000 (09:54 +0200)]
cmake-native: prevent host libidn2 contamination
The bundled cmcurl in CMake 4.3.x unconditionally enables USE_LIBIDN2
and calls find_package(Libidn2). On hosts with libidn2-devel installed
(common on RHEL/EL8), this detects the host library during configure
but the compile fails because the compiler is correctly restricted to
the native sysroot:
fatal error: idn2.h: No such file or directory
This was introduced in the upgrade from CMake 3.28.x to 4.3.x, where
the bundled cmcurl added find_package(Libidn2) for IDN support.
cmake-native does not need IDN support in its internal curl usage.
Use CMAKE_DISABLE_FIND_PACKAGE_Libidn2 to prevent the host package
from being found without patching the source.
Signed-off-by: Jaipaul Cheernam <jaipaul.cheernam@est.tech> Reviewed-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hiago De Franco [Fri, 19 Jun 2026 18:34:06 +0000 (15:34 -0300)]
nospdx: also drop do_create_recipe_sbom
create-spdx-3.0 adds do_create_recipe_sbom, which assembles the recipe
SBOM from the SPDX document produced by do_create_recipe_spdx.
nospdx deletes do_create_recipe_spdx but leaves do_create_recipe_sbom
in, so on a recipe that inherits nospdx it has no SPDX document to read
and, if executed, fails with:
ERROR: meta-world-pkgdata-1.0-r0 do_create_recipe_sbom: Could not find
a static SPDX document named static-meta-world-pkgdata
do_create_recipe_sbom is reachable via sbom-cve-check-recipe.bbclass or
explicit "bitbake -c create_recipe_sbom". In those cases nospdx recipes
such as meta-world-pkgdata break. Delete it alongside the other recipe
SPDX task.
Signed-off-by: Hiago De Franco <hfranco@baylibre.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert P. J. Day [Fri, 19 Jun 2026 17:56:20 +0000 (13:56 -0400)]
packagegroup-core-base-utils.bb: delete duplicate "PACKAGE_ARCH" line
Given that this assignment:
PACKAGE_ARCH = "${MACHINE_ARCH}"
is immediately before the line:
inherit packagegroup
it's pointless to also have it afterwards.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
They also happen when musl is enabled, but not only.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 22 Jun 2026 14:28:35 +0000 (15:28 +0100)]
libjitterentropy: fix license statement
LICENSE clearly states the alternative to BSD is GPL-2.0-only:
ALTERNATIVELY, this product may be distributed under the terms of the
GNU General Public License, in which case the provisions of the GPL2
are required INSTEAD OF the above restrictions.
Use GPL-2.0-only, and reorder to match.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reviewed-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reviewed-by: Anders Heimer <anders.heimer@est.tech> Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Nate Kent [Thu, 18 Jun 2026 11:50:01 +0000 (13:50 +0200)]
sudo: fix pam-wheel sed for sudo 1.9.17p2 sudoers
[YOCTO #16321]
In version 1.9.17p2, the line that the recipe uses to add the 'wheel'
group to the sudoers file does not exist. This updates the sed usage to
the actual line in question.
Signed-off-by: Nate Kent <nathan@otiv.ai> Tested-by: Siva Balasubramanian <sivakumar.bs@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade the firmware package to latest release. Add RCA firmware for
tas257x, add firmware for NXP IW61x SDIO WiFi device, bluetooth firmware
for NFA725B (QCA2066), add BCS calibration firmware for QCC2072. Add gpu,
audio and modem packages for QCOM shikra board.
Firmware licenses and few that are not at the top level (qca/NOTICE.txt,
qcom/NOTICE.txt, wfx/LICENCE.wf200) are moved to a LICENSES directory as
per the REUSE specification. Update LIC_FILES_CHKSUM, NO_GENERIC_LICENSE
and do_install accordingly. Remove REMOVE_UNLICENSED entries for firmware
files that were deleted upstream.
Signed-off-by: Vivek Puar <vpuar@qti.qualcomm.com> Cc: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Tue, 23 Jun 2026 01:28:04 +0000 (21:28 -0400)]
kern-tools: bump SRCREV for conditional 'depends on X if Y' support
Pull in the yocto-kernel-tools fix for the kernel's conditional Kconfig
dependency syntax (kernel commit 76df6815dab7, first in v7.0). Without it,
do_kernel_configcheck fails on v7.0+ trees once a config uses the syntax
(drivers/hv MSHV_ROOT):
drivers/hv/Kconfig:77: error: couldn't parse
'depends on HYPERV_VMBUS if HYPERV_VMBUS': extra tokens at end of line
This SRCREV also carries the symbol_why.py/kconf_check audit hardening
(surface parse failures instead of swallowing them) and the new hermetic
Kconfiglib self-test.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Leon Anavi [Mon, 22 Jun 2026 08:17:56 +0000 (11:17 +0300)]
python3-numpy: Upgrade 2.4.6 -> 2.5.0
Upgrade to release 2.5.0:
Numpy 2.5.0 is a transitional release. It drops support for Python 3.11,
marking the end of distutils, and expires a large number of deprecations
made in the 2.0.x release. It also improves free threading and brings
sorting into compliance with the array-api standard with the addition of
descending sorts. There is also a fair amount of preparation for Python
3.15, which will be supported starting with the first rc.
- Distutils has been removed
- Many expired deprecations
- Many new deprecations
- Many static typing improvements
- Improved support for free threading
- Support for descending sorts
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add warnings disabling as upstream does something custom that clashes
with oe's flags:
| cc1: error: '-Wformat-security' ignored without '-Wformat' [-Werror=format-security]
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core.git / log
