Tim Orling [Tue, 24 Jun 2025 23:13:56 +0000 (16:13 -0700)]
python3-pytest-subtests: upgrade 0.14.1 -> 0.14.2
Highlights from commit logs:
* Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 (#177)
* Bump hynek/build-and-inspect-python-package from 2.10 to 2.11 (#178)
* Consistently use raw strings for line-matching regexes (#180)
* Ensure advertised pytest 7.4 compatibility (#182)
* Bump pypa/gh-action-pypi-publish from 1.12.3 to 1.12.4 (#185)
* Bump hynek/build-and-inspect-python-package from 2.11 to 2.12 (#186)
* Print output "dots" for successful unittest subtests (#164) (#190)
* Improve reporting in case of xfail (#194)
Comparing changes from 0.14.1 -> 0.14.2:
https://github.com/pytest-dev/pytest-subtests/compare/v0.14.1...v0.14.2
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Tue, 24 Jun 2025 23:13:55 +0000 (16:13 -0700)]
python3-certifi: upgrade 2025.4.26 -> 2025.6.15
* Switch to PEP-517 backend with inherit python_setuptools_build_meta
Commit log highlights:
* Declare setuptools as the build backend in pyproject.toml (#350)
* remove code that's no longer required that 3.7 is our minimum (#351)
Comparing changes from 2025.4.26 -> 2025.6.15:
https://github.com/certifi/python-certifi/compare/2025.04.26...2025.06.15
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
45.0.4 - 2025-06-09
Fixed decrypting PKCS#8 files encrypted with SHA1-RC4. (This is not
considered secure, and is supported only for backwards compatibility.)
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Tue, 24 Jun 2025 23:13:53 +0000 (16:13 -0700)]
python3-maturin: upgrade 1.8.7 -> 1.9.0
* Update crates
1.9.0
* Add full PEP 639 support for project.license and project.license-files
in #2647.
* Add --compatiblity pypi to only build wheels with platform tags that can
also be uploaded to PyPI. This blocks e.g. building for riscv64, which is
supported by manylinux, but not by PyPI.
Comparing changes from v1.8.7 -> v1.9.0:
https://github.com/pyo3/maturin/compare/v1.8.7...v1.9.0
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
1.8.7
Allow specifying compression method and level, in both build and develop modes, in #2625.
Fix Windows free-threaded builds on Python 3.14 in #2632
Comparing changes from v1.8.6 to v1.8.7:
https://github.com/PyO3/maturin/compare/v1.8.6...v1.8.7
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are multiple problems with the sstate creation tests. They currently both execute
twice, once to check one set of files, then another. We can do this together in one
test which makes the code easier to follow.
The common test function also has parameters which were always the same value, so
those can be simplified.
We can use the umask context manager from bb.utils to simplfy the umask code.
The badperms test was actually broken, it was detecting bad permissions, then
ignoring them. This patch fixes that regression too and allows the check to
operate (relying on a separate fix to sstate umask handling).
The result should be an easier to understand couple of test cases which should
also function correctly and be more reliable.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 25 Jun 2025 13:39:30 +0000 (14:39 +0100)]
oeqa/sstatetests: Fix NATIVELSBSTRING handling
The NATIVELSBSTRING variable changes value once a BuildStarted event occurs in a build
directory. This meant running some of the tests directly in a fresh build directory
would fail but they'd pass when run as a group of tests. This is clearly suboptimal.
Move the NATIVELSBSTRING handling to a location where the value is consistent
and a comment about the interesting behaviour of the variable so it hopefully doesn't
catch out others in future.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sstate: apply proper umask when fetching from SSTATE_MIRROR
Currently, files and directories created under ${SSTATE_DIR} when
fetching from an sstate mirror are not created with group write,
unlike when the sstate artifacts are generated locally. That's
inconsistent, and problematic when the local sstate dir is shared
among multiple users.
Wrap the fetching in a bb.utils.umask() context manager, and for simplicity
move the mkdir of SSTATE_DIR inside that.
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yash Shinde [Wed, 25 Jun 2025 10:20:13 +0000 (03:20 -0700)]
rust: Upgrade 1.86.0 -> 1.87.0
Rust stable version updated to 1.87.0.
https://blog.rust-lang.org/2025/05/15/Rust-1.87.0/
* Update LLVM data-layout for arm64.
LLVM requires matching data layouts and
the aarch64 llvm data-layout was updated to to allow using
32-bit signed/unsigned pointers when building 64-bit targets
using 270, 271 and 272 address spaces.
* Two tests from the `ui` and `codegen` modules now fail only on riscv64.
Enable them on arm32/64 and x86-32/64 targets, while restricting
them on riscv64 via `only-<target_arch>` tags.
* Backport triagebot.patch to skip tidy linkcheck when triagebot.toml
is not present. Distribution tarballs won't include triagebot.toml,
which causes tidy checks to fail.
This backport ensures tidy checks can still run successfully
even when the file is missing.
* During rust installation, some binaries were installed from
'stage2-tools' built path to '${D}${bindir}'. However, from
v1.87 the stage2-tools are no longer built by default.
Update logic to install from `stage1-tools` instead.
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yash Shinde [Wed, 25 Jun 2025 10:20:12 +0000 (03:20 -0700)]
rust: Drop obsolete rust-lld and extended tools dependencies
Some dependencies introduced during the v1.86 upgrade
were needed only for rust-lld and certain LLVM extended tools,
not for the Rust compiler itself.
Since rust-lld and the extended tools are now disabled, these
dependencies have become obsolete. Additionally, related tasks
such as packaging zsh files and removing cargo binaries are no longer relevant.
They can be re-enabled later if needed.
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Victor Kamensky [Tue, 17 Jun 2025 05:25:40 +0000 (22:25 -0700)]
oeqa/runtime/stap: fix script logic problem
Looks as a typo introduced by "6cf4d23a2d26c2767edd93f2eb317ff759b5a992
(oeqa/runtime/stap: improve systemtap test)" - when original command was
split into two parts 'self.target.run' was missed for the second part.
Note this and previos commit issues were masked because mentioned
commit has try/except around tests, so failures that normally are
reported when test assertEqual throw an exception never reached oeqa
infra.
Effectively, this test was broken for the last 3 years. I will leave
blanket try/except around test for now, so this test will pass all
the time as long as dmesg is working. But at least with the fixes
one can inspect log.do_testimage output and check that all steps
are successful or not.
Signed-off-by: Victor Kamensky <victor.kamensky7@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Systemtap refuses modules names like stap-hello, it says:
> ERROR: Safety pattern mismatch for -m parameter ('stap-hello' vs. '^[a-z0-9_]+$') rc=1
'stap-hello' was introduced by: 6cf4d23a2d26c2767edd93f2eb317ff759b5a992 (oeqa/runtime/stap: improve systemtap test)
and '-m parameter' regexp check was in SystemTap from 2010,
not sure how this test case ever passed after mentioned change.
Signed-off-by: Victor Kamensky <victor.kamensky7@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Victor Kamensky [Tue, 17 Jun 2025 05:25:38 +0000 (22:25 -0700)]
systemtap: upgrade 5.2 -> 5.3
* fixed patch fuzz issue
[RP: Set tag in SRC_URI to match version] Signed-off-by: Victor Kamensky <victor.kamensky7@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de> CC: richard.purdie@linuxfoundation.org Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Moritz Haase [Mon, 23 Jun 2025 09:56:01 +0000 (11:56 +0200)]
json-c: Don't build unneeded apps to unblock builds with CMake 4+
Disable build of the apps, as we don't seem to package them (upstream says they
aren't ready, see [0]). They are the only part of the code that doesn't build
yet with CMake 4+. One alternative would be to apply [1], but the PR hasn't been
merged yet by upstream, so we keep it simple.
Hongxu Jia [Mon, 23 Jun 2025 08:03:06 +0000 (16:03 +0800)]
wic-image-minimal, oeqa/selftest/wic: run 'wic ls/cp/rm' in bitbake task
Due to commit [2255f28b57 wic: add WIC_SECTOR_SIZE variable][1] applied,
call `wic ls|cp|rm|write' in bitbake task will hung, but we have no scenario
case to cover it
After commit [scripts/wic: fix calling wic ls|cp|rm|write hung in bitbake task] applied,
this commit run `wic cp|ls|rm' in case wic.Wic2.test_wic_image_type and wic.Wic2.test_qemu,
at post function of with do_image_wic in image wic-image-minimal, and
check if file is there
$ echo 'SANITY_TESTED_DISTROS = ""' >> conf/local.conf
$ oe-selftest -r wic.Wic2.test_wic_image_type wic.Wic2.test_qemu
...
2025-06-23 15:46:22,157 - oe-selftest - INFO - Adding: "include selftest.inc" in /buildarea5/hjia/poky/build-st/conf/local.conf
2025-06-23 15:46:22,157 - oe-selftest - INFO - Adding: "include bblayers.inc" in bblayers.conf
2025-06-23 15:46:22,157 - oe-selftest - INFO - test_qemu (wic.Wic2)
The variable 'TEST_RUNQEMUPARAMS' is not defined
2025-06-23 15:56:46,319 - oe-selftest - INFO - ... ok
2025-06-23 15:56:46,324 - oe-selftest - INFO - test_wic_image_type (wic.Wic2)
2025-06-23 15:57:17,780 - oe-selftest - INFO - ... ok
2025-06-23 15:57:17,781 - oe-selftest - INFO - ----------------------------------------------------------------------
2025-06-23 15:57:17,781 - oe-selftest - INFO - Ran 2 tests in 655.792s
2025-06-23 15:57:17,781 - oe-selftest - INFO - OK
2025-06-23 15:57:25,743 - oe-selftest - INFO - RESULTS:
2025-06-23 15:57:25,743 - oe-selftest - INFO - RESULTS - wic.Wic2.test_qemu: PASSED (624.16s)
2025-06-23 15:57:25,744 - oe-selftest - INFO - RESULTS - wic.Wic2.test_wic_image_type: PASSED (31.46s)
2025-06-23 15:57:25,746 - oe-selftest - INFO - SUMMARY:
2025-06-23 15:57:25,746 - oe-selftest - INFO - oe-selftest () - Ran 2 tests in 655.793s
2025-06-23 15:57:25,746 - oe-selftest - INFO - oe-selftest - OK - All required tests passed (successes=2, skipped=0, failures=0, errors=0)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hongxu Jia [Mon, 16 Jun 2025 08:12:45 +0000 (16:12 +0800)]
scripts/wic: fix calling wic ls|cp|rm|write hung in bitbake task
While calling wic ls/cp/rm/write in bitbake task along with do_image_wic,
it hung without return.
Due to commit [2255f28b57 wic: add WIC_SECTOR_SIZE variable][1] applied,
It calls get_bitbake_var in `wic ls|cp|rm|write' to define sector size.
By default, get_bitbake_var starts a `bitbake -e' to get variables which
triggers nested bitbake in this situation
Refer `wic create', adds option --vars and --image-name to support to
read bitbake variables from <image>.env files
NOTE: This commit does not add -e for `wic write' to avoid confliction
with existed option -e/--expand
Richard Purdie [Wed, 15 Jan 2025 15:31:49 +0000 (15:31 +0000)]
buildhistory: Drop BUILDHISTORY_RESET due to reliability issues
The implementation of BUILDHISTORY_RESET is problematic, particlarly given that
people are trying to create an API with it alongside BUILDHISTORY_PRESERVE
which simply doesn't exist and can't work reliably. Worse, the code paths with
this bolted on implementation are convoluted and near impossible to follow.
BUILDHISTORY_PRESERVE is effectively internal API, used to stop buildhistory
removing some files which are needed for data, or are created at different
parts of the build. Add a comment to explain what it is doing and why these files
are listed.
Commit 9f68a45aa238ae5fcdfaca71ba0e7015e9cb720e tried to "fix" preserve support
with the reset functionality but it didn't fully work and has just exposed futher
issues. There is a further fix however I can brely follow the code and in reviewing
it, I've concluded we shouldn't be doing this at all.
Due to the way BUILDHISTORY_RESET was implemented, horrible races were introduced
making it unclear what happens to the data if builds fail for example, or how sstate
interacts with the build since things get reset but stamps do not and tasks may not
rerun. It also interacts badly with any additions to the preserve list, due to
misunderstandings on what that variable does.
Having stared long and hard at the code, and really struggled to understand it, I',
of the view that "reset" for CI purposes should be done by the CI itself. The CI can
choose to remove some files or all files and decide how to handle failures. It has
to handle the buildhistory directory anyway.
Therefore drop BUILDHISTORY_RESET support, allowing the "old" codepaths to be dropped.
BUILDHISTORY_PRESERVE is better documented to hint that it is internal API and to
show what it is really for.
If we really do want some functionality list this, it needs to be implemented in a
way you can follow the code, and have tests.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 23 Jun 2025 14:23:51 +0000 (15:23 +0100)]
image_types_wic: Fix file-checksums for missing files in search path
When we tell bitbake about file-checksums, we need to tell it both the files
we look at that exist, but also the ones we looked for but aren't present.
This means that if files appear earlier in the search path, bitbake can then
do the correct things like updating the taskhash and re-running the recipe/task.
In this case, wic was only signalling file presence. This patch adds in the
files it looked at but didn't find too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dmitry Baryshkov [Fri, 20 Jun 2025 19:14:55 +0000 (22:14 +0300)]
libglvnd: migrate from meta-oe
libglvnd is a vendor-neutral approach to handling OpenGL / OpenGL ES /
EGL / GLX libraries. It has been proposed and initially implemented by
NVIDIA in order to simplify coinstallation of GL drivers provided by
different vendors. Major Linux distributions (Debian, Ubuntu, Fedora,
etc.) have already switched to libglvnd.
Having libglvnd in OE-Core simplifies integration of this ABI into
distro and BSP layers (e.g. it will help meta-tegra, which currently
provides its own version of the recipe).
Import recipe for libglvnd from the meta-oe layer (changes: fix virtual
package names, add add the SUMMARY data, drop git@ from SRC_URI, require
glvnd DISTRO_FEATURE).
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dmitry Baryshkov [Fri, 20 Jun 2025 19:14:51 +0000 (22:14 +0300)]
default-providers: fix GLVND providers to be selected at runtime
The virtual-{libegl,libglx}-icd names are RPROVIDES, not PROVIDES,
because they are a runtime dependency of libglvnd. Make
default-providers follow that and specify PREFERRED_RPROVIDER instead of
PREFERRED_PROVIDER for those names.
Fixes: 9d3b4c9bc403 ("mesa: sort out PROVIDES for the glvnd case") Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dmitry Baryshkov [Fri, 20 Jun 2025 19:14:50 +0000 (22:14 +0300)]
mesa: fix RPROVIDEd package names
The BCP for virtual runtime package names is virtual-foo. Make mesa
follow the established convention and change the names of the provied
packages to virtual-foo-icd.
Fixes: 9d3b4c9bc403 ("mesa: sort out PROVIDES for the glvnd case") Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ryan Eatmon [Mon, 23 Jun 2025 21:05:47 +0000 (16:05 -0500)]
u-boot: Allow for customizing installed/deployed file names
When assembling all of the various filenames that are installed/deployed
from u-boot, we have been including the PV and PR in the filenames. This
change introduces a single variable to replace these two in the
filenames.
This change should not be disruptive since the default value for the new
UBOOT_VERSION variable is "${PV}-${PR}".
In one case (UBOOT_EXTLINUX_SYMLINK [1]), PR was used without PV, this
patch assumes this was a mistake and corrects it as PR would not be of
much use alone.
Richard Purdie [Fri, 20 Jun 2025 14:06:28 +0000 (15:06 +0100)]
selftest/buildhistory: Move test cases to common location
Having the test cases split in different places makes no sense. Move them
all to the place you'd expect to find them. Drop the base class as it
is no longer needed.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 4 Jun 2025 08:45:00 +0000 (16:45 +0800)]
libarchive: upgrade 3.7.9 -> 3.8.1
Includes bugfixes for issues introduced in 3.8.0
License-Update: Public Domain file changed from libarchive/archive_getdate.c
to libarchive/archive_parse_date.c
https://github.com/libarchive/libarchive/commit/c26f0377457db392bd57a640e8fe25506120f810
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enrico Jörns [Thu, 19 Jun 2025 11:14:51 +0000 (13:14 +0200)]
barebox: upgrade 2025.04.0 -> 2025.06.0
Changes in 2025.06.0
--------------------
* Fixed FIT image decompression regression introduced in 2025.05.0
* Fixed filesystem unmount issues caused by incorrect reference counting
* Fixed unmount failures after using findmnt
* Added eMMC HS200 support for i.MX with generic SDHCI/MCI rework
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some of them were introduced by mass-removal of S = WORKDIR/git assignments;
rather than try to fix up (or redo) just these, I've run this sed command over
the whole tree:
base.bbclass: drop compatibility moving of sources into workdir
Potentially there could be a grace period for fixing recipes (with warnings, etc),
on the other hand, changes to git unpacking destination would already
break various layers, so we might as well make this a hard qa error and drop
the magic at the same time.
I commit to sending fixes for layers included in autobuilder testing
(meta-oe/arm/intel/virt/agl/aws/mingw/etc).
SOURCE_BASEDIR is at the same time adjusted to be calculated relative
to UNPACKDIR (previously it only worked if S was set to
WORKDIR/something/otherthing, and that is no longer working). It is also
no longer removed from the filesystem, as content of unpackdir is managed elsewhere.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
insane/do_qa_unpack: add checks that ensure S is set correctly
The checks are fatal, as this avoids rather more cryptic errors further
down the build. Example:
ERROR: gnu-config-native-20240823+git-r0 do_unpack: Recipes that set S = "${WORKDIR}/git" or S = "${UNPACKDIR}/git" should remove that assignment, as S set by bitbake.conf in oe-core now works.
ERROR: perlcross-native-1.6.2-r0 do_unpack: S should be set relative to UNPACKDIR, e.g. replace WORKDIR with UNPACKDIR in "S = ${WORKDIR}/perl-cross-${PV}"
Dropping the S = ${WORKDIR}/git assignment (addressing the first error) can be done
with a single sed command when there is a lot of recipes:
recipetool/devtool: calculate source paths relative to UNPACKDIR
Now that recipes default to S in UNPACKDIR, recipetool and devtool should
do the same.
There was some discussion about changing devtool to simply setting
UNPACKDIR via bbappend to a workspace and running unpack task directly;
currently it has a bunch of convoluted path calculations, substitutions,
moving source trees around and and special casing (devtool-source.bbclass
in particular is an unpleasant hack).
This should definitely be done; but right now we can simply tweak existing
code which at least doesn't make it worse.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta: set S from UNPACKDIR in recipes that use only local files
There is no need to have two assignments; also setting S from
UNPACKDIR (and not vice versa) is more logical as unpack
task comes first, and tasks that come after unpack use S to access
unpack results.
Also adjust reference test data in selftest/recipeutils to reflect changes in test recipes.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bitbake.conf: set S to be in UNPACKDIR rather than WORKDIR
This transitions most of the recipes to have their sources
in UNPACKDIR, which over time will allow more simple and logical
source code handling in various pieces of the Yocto project.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta: remove S in recipes that fetch from git via setting BB_GIT_DEFAULT_DESTSUFFIX
Removing all the S = ${WORKDIR}/git assignments works because BB_GIT_DEFAULT_DESTSUFFIX
is set to match S from bitbake.conf (which itself is set to match typical tarball
releases).
A few recipes are setting S to a sub-directory of the git tree and need
to be adjusted accordingly.
bzip2 recipe is fetching a tarball and separately cloning tests;
adjust the recipe to put the latter into 'bzip2-tests', instead of 'git'.
devupstream.bbclass no longer needs to rewrite S, and is adjusted accordingly.
Adjust scripts/lib/recipetool/append.py to not hardcode 'git' as unpack
destination.
Adjust kernel-yocto.bbclass to use the git unpack variable instead
of hardcoding 'git' (there's also removal of repetition of
string constants and a correction of workdir/unpackdir mismatch in
one of the if-else branches).
Ensure build-appliance-image recipe does not use 'git' as checkout directory for
poky repo, but rather explicitly name it 'poky'.
Ensure reproducible.py code that looks for git repositories does not
hardcode 'git' but uses the destination set by BB_GIT_DEFAULT_DESTSUFFIX.
Ensure recipetool does not write out unneeded S settings into newly
created recipes that fetch from git.
Adjust selftest to not hardcode 'git' as unpack directory.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 19 Jun 2025 13:20:42 +0000 (14:20 +0100)]
oeqa/utils/command: fast-path get_bb_var()
get_bb_var() currently end up calling 'bitbake -e' and parsing the whole
output. However if postconfig isn't set then we can speed this up by
just calling bitbake-getvar.
The complication with failing bitbake-getvar calls is because we need to
be careful to return None instead of the empty string when the variable
doesn't exist.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Gamblin [Wed, 18 Jun 2025 13:59:33 +0000 (09:59 -0400)]
python3-pytest: upgrade 8.3.5 -> 8.4.1
Changelog for 8.4.0: https://docs.pytest.org/en/stable/changelog.html#pytest-8-4-0-2025-06-02
Add colorama (moved to oe-core from meta-python) and pygments to
RDEPENDS.
Note that 8.4.0 accidentally removed pytest.PytestReturnNotNoneWarning,
which seems to have broken some tests (e.g. python3-pytz). See:
https://github.com/pytest-dev/pytest/releases/tag/8.4.1
Ross Burton [Thu, 19 Jun 2025 13:20:45 +0000 (14:20 +0100)]
oeqa/selftest: add new test for toolchain switching
Add a basic test for the toolchain switching code: set the
toolchain to GCC by default but Clang for a specific recipe, and verify
that two recipes are built with the expected compiler.
This works because before we strip the installed binaries there is a
.comment segment that contains the list of toolchains used.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 19 Jun 2025 13:20:44 +0000 (14:20 +0100)]
oeqa/selftest/esdk: remove postconfig argument
Discovered when looking for users of get_bb_var()'s postconfig argument,
this wrapper around runCmd() has a postconfig argument that has odd
behaviour: it _appends_ the new configuration to local.conf instead of
having them used for this specific run (unlike the other functions in
commands.py)
None of the eSDK tests use this functionality, so remove it. Future test
cases that need to write further configuration should do so directly.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Moritz Haase [Tue, 17 Jun 2025 09:24:56 +0000 (11:24 +0200)]
cmake: Correctly handle cost data of tests with arbitrary chars in name
ctest automatically optimizes the order of (parallel) test execution based on
historic test case runtime via the COST property (see [0]), which can have a
significant impact on overall test run times. Sadly this feature is broken in
CMake < 4.0.0 for test cases that have spaces in their name (see [1]).
This commit backports the upstream fix. As repeated test runs are expected to
mainly take place inside the SDK, the patch is only applied to 'nativesdk'
builds.
Andrej Valek [Wed, 18 Jun 2025 08:04:39 +0000 (10:04 +0200)]
dropbear: add xauth runtime recommends dependency on x11 DISTRO_FEATURE
Change enable-x11-forwarding PACKAGECONFIG to x11, while we can rely
directly on X11 DISTRO_FEATURE. Previously when enable-x11-forwarding was
used, the XAUTH_COMMAND failed due to missing xauth. So add xauth to
runtime recommends dependency and enable this behavior as default.
Signed-off-by: Andrej Valek <andrej.v@skyrain.eu> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jamin Lin [Tue, 17 Jun 2025 08:10:52 +0000 (16:10 +0800)]
oe-selftest: fitimage: Add test for signing U-Boot FIT image without SPL
This adds a new selftest case `test_sign_uboot_fit_image_without_spl` to verify
that the build can correctly generate and sign a U-Boot FIT image in a scenario
where no SPL is used.
Background:
- Some boards build only the U-Boot proper FIT image and do not require an SPL.
- The signing flow must handle this case gracefully: generate the ITS, sign
the FIT image, and skip signing/injecting a key into the SPL DTB.
What this test does:
1) Enables `UBOOT_FITIMAGE_ENABLE` and `SPL_SIGN_ENABLE` but explicitly sets
`SPL_DTB_BINARY` to an empty string to indicate that no SPL is present.
2) Verifies that the U-Boot ITS and FIT image are built successfully.
3) Confirms that the generated ITS file includes signature metadata as requested.
4) Dumps the FIT image to ensure that the signature nodes exist.
5) Confirms that the log for `do_uboot_assemble_fitimage` shows the expected
mkimage/mkimage_sign invocation.
This ensures that signing works correctly even when only the U-Boot proper is built,
which matches real-world configurations that do not require an SPL.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jamin Lin [Tue, 17 Jun 2025 08:10:51 +0000 (16:10 +0800)]
uboot-sign.bbclass: Refactor condition checks to use && and || instead of -a and -o
This commit cleans up and modernizes the shell condition expressions in
`uboot-sign.bbclass` to follow best practices for portable and reliable shell usage.
Key changes:
- Replace legacy `[ -a ]` and `[ -o ]` with explicit `[ ] && [ ]` and `[ ] || [ ]`.
Modern POSIX and busybox sh recommend using `&&` and `||` instead of `-a` and `-o`
because `-a` and `-o` are less robust and can cause parsing ambiguities in some shells.
- Simplify `concat_dtb()` by moving the DTB existence check to the top and using
early `return` to avoid deep nesting.
- Remove redundant fallback `else` blocks; use clearer control flow with direct checks.
This improves maintainability, reduces shell syntax pitfalls, and aligns with
current shell scripting best practices.
References:
- POSIX recommends avoiding `-a` and `-o` in `[ ]` and using explicit `&&` and `||`:
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jamin Lin [Tue, 17 Jun 2025 08:10:50 +0000 (16:10 +0800)]
uboot-sign: Support signing U-Boot FIT image without SPL
Previously, the signing flow in "uboot-sign.bbclass" assumed that SPL was always
present and that the FIT signing process must inject the public key into the
SPL DTB. This made it inflexible for use cases where only the U-Boot proper
FIT image is built and signed, with no SPL binary at all.
This change introduces the following adjustments:
- The `SPL_DTB_BINARY` variable can be explicitly set to an empty string
to indicate that no SPL is present.
- The signing logic checks `SPL_DTB_BINARY` and skips injecting the
key or verifying the SPL DTB if it is empty.
- The FIT image generation and deployment are always performed if
`UBOOT_FITIMAGE_ENABLE` is enabled, regardless of the SPL settings.
- The deploy helper now uses a single check on `SPL_DTB_BINARY` to decide
whether to deploy the signed SPL DTB.
Now the sign step checks if SPL_DTB_BINARY is empty:
If present, it signs the FIT image and injects the public key into the SPL DTB,
then verifies both.
If empty, it only signs the FIT image and generates the ITS with the signature
node, but does not attempt to verify or add the key to a non-existent SPL DTB.
Key Behavior Explained
If SPL_DTB_BINARY is empty, we assume there is no SPL.
If UBOOT_FITIMAGE_ENABLE=1, we always create the FIT image and ITS.
If SPL_SIGN_ENABLE=1, we always sign the FIT image, but only inject the key into
the SPL DTB if it exists.
Poonam Jadhav [Mon, 16 Jun 2025 04:36:57 +0000 (10:06 +0530)]
libpng: Add ptest
Install libpng test-suite to run it as a ptest.
As the test-suite takes more than 30 seconds to run,
add libpng-ptest to PTESTS_SLOW in ptest-packagelists.inc
Daniel Turull [Tue, 10 Jun 2025 15:24:43 +0000 (17:24 +0200)]
improve_kernel_cve_report: add script for postprocesing of kernel CVE data
Adding postprocessing script to process data from linux CNA that includes more accurate metadata and it is updated directly by the source.
Example of enhanced CVE from a report from cve-check:
{
"id": "CVE-2024-26710",
"status": "Ignored",
"link": "https://nvd.nist.gov/vuln/detail/CVE-2024-26710",
"summary": "In the Linux kernel, the following vulnerability [...]",
"scorev2": "0.0",
"scorev3": "5.5",
"scorev4": "0.0",
"modified": "2025-03-17T15:36:11.620",
"vector": "LOCAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"detail": "not-applicable-config",
"description": "Source code not compiled by config. ['arch/powerpc/include/asm/thread_info.h']"
},
And same from a report generated with vex:
{
"id": "CVE-2024-26710",
"status": "Ignored",
"link": "https://nvd.nist.gov/vuln/detail/CVE-2024-26710",
"detail": "not-applicable-config",
"description": "Source code not compiled by config. ['arch/powerpc/include/asm/thread_info.h']"
},
For unpatched CVEs, provide more context in the description:
Tested with 6.12.22 kernel
{
"id": "CVE-2025-39728",
"status": "Unpatched",
"link": "https://nvd.nist.gov/vuln/detail/CVE-2025-39728",
"summary": "In the Linux kernel, the following vulnerability has been [...],
"scorev2": "0.0",
"scorev3": "0.0",
"scorev4": "0.0",
"modified": "2025-04-21T14:23:45.950",
"vector": "UNKNOWN",
"vectorString": "UNKNOWN",
"detail": "version-in-range",
"description": "Needs backporting (fixed from 6.12.23)"
},
CC: Peter Marko <peter.marko@siemens.com> CC: Marta Rybczynska <rybczynska@gmail.com> Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 17 Jun 2025 14:16:48 +0000 (15:16 +0100)]
libcheck: disable subunit support
We don't have a recipe for subunit in core (or any layer in the layer
index), and unfortunately a bug in the CMakeLists means that the native
build can detect subunit on the host (so host contamination) and only
half-enable it, so the build fails.
Take a patch from upstream's github to add an option for subunit, and
explicitly disable it.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 6 Jun 2025 13:31:57 +0000 (14:31 +0100)]
toolchain/gcc/clang: Update PREFERRED_PROVIDER to work with multilibs
As currently written, the PREFERRED_PROVIDER entries don't work with multilib
since they are added after the manipulations by multilib_global at ConfigParsed
time. We therefore need to spell out the configs correctly for multilib.
To avoid variable overwritten warnings from the expansion, we then have to
expand out the nativesdk providers usng class overrides.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 23 May 2025 03:52:35 +0000 (20:52 -0700)]
toolchain: Provide abstraction for recipe specific toolchain selection
This change implements a toolchain selection mechanism. Selection is
made using a set of variables, primarily PREFERRED_TOOLCHAIN_TARGET which
defaults to gcc.
It uses the familiar name for toolchain e.g. "gcc" which selects GNU
compiler + binutils as default C/C++ toolchain or "clang" which will
use LLVM/Clang Compiler. Layers an add their own toolchain definitions
too.
There are also PREFERRED_TOOLCHAIN_NATIVE and PREFERRED_TOOLCHAIN_SDK
which will ulitmately allow selection of the toolchain used for the
native/cross and nativesdk/crosssdk compilers. This currently isn't
functional but is essential to the patch to ensure things are set
to the existing gcc support in those cases.
Users would most commonly want to set:
PREFERRED_TOOLCHAIN_TARGET ?= "clang"
in local.conf or other distro specific global configuration metadata.
It is also selectable at recipe scope, since not all packages are
buildable with either clang or gcc, a recipe can explicitly require
a given toolchain using the TOOLCAHIN variable, e.g. glibc can not
be built with clang therefore glibc recipe sets:
TOOLCHAIN = "gcc"
The TOOLCHAIN variable is distinct from the user preference so recipes
with specific requirements can be identified. This also allows different
polcies to be be specified for native/SDK cases in the future.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 6 Jun 2025 10:46:46 +0000 (11:46 +0100)]
base: Add deferred class event handler
Use the new deferred class event to set the class overrides earlier.
This improves interaction of the override with PACKAGECONFIG values
that control conditional inherits (such as python support).
This also allows toolchain configuration in an easier and more user
friendly way.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 13 Jun 2025 16:20:52 +0000 (17:20 +0100)]
wic: Avoid problems with "-" characters in plugin names
Remap "-" characters in plugin names to "_" so wic plugins
can be extended using standard python class inheritance.
This change means wic files can be incrementally updated over time
to the correct name rather than breaking everything. Actual plugin
module files will need to be renamed as done in previous patches.
Also remove a double call to get_plugins() which isn't needed.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Anibal Limon [Wed, 11 Jun 2025 15:33:18 +0000 (15:33 +0000)]
wic: pluginbase ensure layer order when load plugins
To support extensions on wic plugins, the load order needs
to be grauntee matching BBLAYERS variable.
Fix cases when try to import a plugin from another layer,
example of the case to fix,
```
Traceback (most recent call last):
File "/workspaces/ls/linux/layers/openembedded-core/scripts/wic",line
547, in <module>
sys.exit(main(sys.argv[1:]))
^^^^^^^^^^^^^^^^^^
...
File "/workspaces/ls/linux/layers/openembedded-core/scripts/lib/wic/
engine.py", line 137, in list_source_plugins
plugins = PluginMgr.get_plugins('source')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/workspaces/ls/linux/layers/openembedded-core/scripts/lib/wic/
pluginbase.py", line 73, in get_plugins
spec.loader.exec_module(module)
File "<frozen importlib._bootstrap_external>", line 940, in exec_module
File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
File "/workspaces/ls/linux/limonsoftware/bsp/scripts/lib/wic/plugins/
source/bootimg_rpi_autoboot_partition.py", line 1, in <module>
from wic.plugins.source.bootimg_partition import BootimgPartitionPlugin
ModuleNotFoundError: No module named 'wic.plugins.source.bootimg_partition'
```
Signed-off-by: Anibal Limon <anibal@limonsoftware.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 16 Jun 2025 09:16:36 +0000 (17:16 +0800)]
python3-pdm: upgrade 2.24.2 -> 2.25.1
Changelog:
=============
- Fix duplicated dependencies added to the lock file when the same dependency with extras is requested.
- Stabilize order of the extras and dependency-groups fields in pylock output.
- Fix Windows 11 install pdm error, which is because of msgpack install failure.
- Change the return type of array_of_inline_tables to list[dict] from list[str]
- Ensure uv resolver to include hash for package files.
- Avoid infinite recursion when reading pyproject.toml with circular file dependencies.
- Support pylock as alternative lock format and make it opt-in by config.
- Search for package metadata in lock file first when reuse strategy is used.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 16 Jun 2025 09:16:33 +0000 (17:16 +0800)]
python3-dtschema: upgrade 2025.2 -> 2025.6.1
Changelog:
===========
- Fix a longstanding ordering issue with extracting type information
from properties which have a reference to another property. 'mac-mode'
is the one in the Linux kernel.
- Fix a false positive warning about missing
unevaluatedProperties/additionalProperties
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Mon, 16 Jun 2025 09:16:32 +0000 (17:16 +0800)]
python3-cython: upgrade 3.1.1 -> 3.1.2
Bugs fixed
----------
* Attribute lookups failed on the "bool" builtin type.
* Type checks on or-ed union types could incorrectly return false.
* Negative list indexing could accidentally wrap around twice in PyPy and the Limited API.
* Iterating over literal sequences with starred (unpacked) items could infer a wrong
type for the loop variable and fail to assign the values.
* Calls to C functions taking exception types failed to check for a 'None' argument.
* Fused functions had an incorrect "__module__" attribute.
* The type of Cython implemented functions had an incorrect "__module__" attribute.
* Errors while indexing into "bytearray" or "str" in "nogil" sections could crash.
* "bytearray.append()" could silently accept some invalid character numbers.
* The C++11 "<type_traits>" header was included regardless of the C++ version.
* "PyDict_GetItemStringRef()" was accidentally used in older Limited API versions.
* "abort()" was used but not always available in the Limited API.
* Some dependencies were missing from the "depfile".
* Embedded function signatures were not always separated from the existing docstring.
* "numpy.math" was missing from "Cython/Includes/" and could not be cimported.
* Some tests were adapted for NumPy 2.x.
* Some C compiler warnings were fixed.
* "Cython.Build" was not officially exposing the "cythonize" function.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
