Bruce Ashfield [Thu, 7 Nov 2024 02:29:11 +0000 (21:29 -0500)]
linux-yocto/6.6: update to v6.6.56
Updating linux-yocto/6.6 to the latest korg -stable release that comprises
the following commits:
d4576c567009 Linux 6.6.56 1e0f696469d6 Revert "perf callchain: Fix stitch LBR memory leaks" 9b15f68c4127 Linux 6.6.55 e334ae4a0cd5 perf python: Allow checking for the existence of warning options in clang 3faea7810e2b Revert "ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path" e0aba0c6d521 null_blk: Fix return value of nullb_device_power_store() e0b065ec636d drm/amd/display: enable_hpo_dp_link_output: Check link_res->hpo_dp_link_enc before using it 776ebdeee65b perf report: Fix segfault when 'sym' sort key is not used eada63e6e337 drm/amd/display: Revert Avoid overflow assignment de4841fca84f crypto: octeontx* - Select CRYPTO_AUTHENC 25613e6d9841 vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() cdf4bbbdb956 rxrpc: Fix a race between socket set up and I/O thread creation b538fefeb102 net: stmmac: move the EST lock to struct stmmac_priv aaadb755f2d6 null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' b2b02202f87d null_blk: Remove usage of the deprecated ida_simple_xx() API 2deb10a99671 platform/x86: think-lmi: Fix password opcode ordering for workstations e115c1b5de55 efi/unaccepted: touch soft lockup during memory accept 50f4b57e9a9d drm/bridge: adv7511: fix crash on irq during probe fd4d5cd7a2e8 iommufd: Fix protection fault in iommufd_test_syz_conv_iova 69a1e2d938db net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events 164936b2fc88 netfilter: nf_tables: restore set elements when delete set fails a1bd2a38a1c6 netfilter: nf_tables: fix memleak in map from abort path b90778973293 ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path 1428da2f4a33 Revert "drm/amd/display: Skip Recompute DSC Params if no Stream on Link" d253f71605e4 drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066 907717eea14c btrfs: drop the backref cache during relocation if we commit 4dc6ea8b4d9d btrfs: relocation: constify parameters where possible 5ae94c639777 btrfs: relocation: return bool from btrfs_should_ignore_reloc_root ce31847f109c ACPI: battery: Fix possible crash when unregistering a battery hook 2deeb3c748da ACPI: battery: Simplify battery hook locking 712d30f9a505 clk: qcom: gcc-sc8180x: Add GPLL9 support 1c723d785adb r8169: add tally counter fields added with RTL8125 f02fcb7283b1 r8169: Fix spelling mistake: "tx_underun" -> "tx_underrun" 736da4240815 iio: pressure: bmp280: Fix waiting time for BMP3xx configuration ae6724f9f13e iio: pressure: bmp280: Fix regmap for BMP280 device 5da669d9ee26 iio: pressure: bmp280: Use BME prefix for BME280 specifics b71b2d704a93 iio: pressure: bmp280: Improve indentation and line wrapping afe335a6c5e2 iio: pressure: bmp280: Allow multiple chips id per family of devices c059a2661a1d dt-bindings: clock: qcom: Add GPLL9 support on gcc-sc8180x 65e71cffb833 dt-bindings: clock: qcom: Add missing UFS QREF clocks fc1ed6f791e3 remoteproc: k3-r5: Delay notification of wakeup event e1df6bbf4771 remoteproc: k3-r5: Acquire mailbox handle during probe routine 9eac174a9b89 media: imx335: Fix reset-gpio handling 2b00bc1d7d40 media: i2c: imx335: Enable regulator supplies e6be95592c9f RDMA/mana_ib: use the correct page table index based on hardware page size 6c95c700f2b6 net: mana: Add support for page sizes other than 4KB on ARM64 86b6cf7e253b net: mana: Enable MANA driver on ARM64 with 4K page size 1f997b1d13e0 sched: psi: fix bogus pressure spikes from aggregation race c83a80d8b84f lib/buildid: harden build ID parsing logic f941d779622b build-id: require program headers to be right after ELF header a94ec40b9405 drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` 54ad9c760854 mm: z3fold: deprecate CONFIG_Z3FOLD 5b981d8335e1 uprobes: fix kernel info leak via "[uprobes]" vma 24f7989ed2e1 io_uring/net: harden multishot termination case for recv 3c38faa39e6c arm64: errata: Expand speculative SSBS workaround once more 9a3e9aab606d arm64: cputype: Add Neoverse-N3 definitions c7e0da744932 i2c: synquacer: Deal with optional PCLK correctly 6109f5319bfd i2c: synquacer: Remove a clk reference from struct synquacer_i2c 316be4911f63 i2c: core: Lock address during client device instantiation 4a2be5a72865 i2c: create debugfs entry per adapter aac871e493fc platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors 2dbc42f554b3 platform/x86: x86-android-tablets: Create a platform_device from module_init() ce5ec367994d kconfig: qconf: fix buffer overflow in debug links eebc10e92477 cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock 68d603f467a7 drm/amd/display: Fix system hang while resume with TBT monitor 487f6450bcb9 drm/amd/display: Add HDR workaround for specific eDP 579a0a84e3c0 drm/sched: Add locking to drm_sched_entity_modify_sched 451c87d21db6 drm/i915/gem: fix bitwise and logical AND mixup a8023f8b5598 close_range(): fix the logics in descriptor table trimming 310d95316791 rtla: Fix the help text in osnoise and timerlat top tools 8b0f0a268ddb tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline a6e9849063a6 tracing/timerlat: Fix a race during cpuhp processing a4a05ceffe8f tracing/timerlat: Drop interface_lock in stop_kthread() 79250decc9ab tracing/hwlat: Fix a race during cpuhp processing b8c118c2a2ad ceph: fix cap ref leak via netfs init_request e676e4ea76bb mac802154: Fix potential RCU dereference issue in mac802154_scan_worker 830c03e58beb Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE 2f4e3926bc50 net: pcs: xpcs: fix the wrong register that was written back 7c5cd531d093 gpio: davinci: fix lazy disable 0f41f383b5a6 cpufreq: Avoid a bad reference count on CPU node ed87190e9d9c btrfs: wait for fixup workers before stopping cleaner kthread during umount 521cfe23fbcb btrfs: send: fix invalid clone operation for file that got its size decreased 7ad0c5868f2f btrfs: fix a NULL pointer dereference when failed to start a new trasacntion d7674ed0dcd4 ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] 27ec4a380bc1 ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] c7d10fa7d769 cachefiles: fix dentry leak in cachefiles_open_file() 195e42c9a92f Input: adp5589-keys - fix adp5589_gpio_get_value() 7c3f04223aaf Input: adp5589-keys - fix NULL pointer dereference cda7d597245f rtc: at91sam9: fix OF node leak in probe() error path 03582f475242 net: stmmac: Fix zero-division error when disabling tc cbs cd9ce830facd tomoyo: fallback to realpath if symlink's pathname does not exist af3122f5fdc0 gso: fix udp gso fraglist segmentation after pull from frag_list 718a752bd746 vrf: revert "vrf: Remove unnecessary RCU-bh critical section" 73328d2af5aa iio: magnetometer: ak8975: Fix reading for ak099xx sensors 3374f06f9544 smb3: fix incorrect mode displayed for read-only files 472973229cb0 smb: client: use actual path when queryfs 868e843e522d clk: qcom: clk-alpha-pll: Fix CAL_L_VAL override for LUCID EVO PLL 5bdb3cc0cced clk: qcom: gcc-sc8180x: Fix the sdcc2 and sdcc4 clocks freq table ea3a6938cb9b media: qcom: camss: Fix ordering of pm_runtime_enable c2218a82f795 media: qcom: camss: Remove use_count guard in stop_streaming 8c860f35867a clk: qcom: gcc-sm8250: Do not turn off PCIe GDSCs during gdsc_disable() b0686aedc5f1 media: venus: fix use after free bug in venus_remove due to race condition 56770d1e01d6 clk: qcom: gcc-sm8150: De-register gcc_cpuss_ahb_clk_src 7e21770654f5 clk: samsung: exynos7885: Update CLKS_NR_FSYS after bindings fix 8cf5c85d5edf clk: qcom: clk-rpmh: Fix overflow in BCM vote 1229485abfce media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags e6f63d04c03e clk: qcom: gcc-sm8450: Do not turn off PCIe GDSCs during gdsc_disable() 6fa24b41d3b5 media: sun4i_csi: Implement link validate for sun4i_csi subdev fb2867420e4e clk: qcom: dispcc-sm8250: use CLK_SET_RATE_PARENT for branch clocks fc71c2395893 remoteproc: k3-r5: Fix error handling when power-up failed bd588d52562a clk: rockchip: fix error for unknown clocks eb4df5e36a6e media: ov5675: Fix power on/off delay timings acc5103a0a8c aoe: fix the potential use-after-free problem in more places 1587db113004 riscv: Fix kernel stack size when KASAN is enabled 83b39493cd00 RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page 4ac637122930 i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition 6b17072c7db5 NFSD: Fix NFSv4's PUTPUBFH operation f7d8ee9db943 nfsd: map the EBADMSG to nfserr_io to avoid warning 33658acea064 nfsd: fix delegation_blocked() to block correctly for at least 30 seconds be8d32ebfa0b perf hist: Update hist symbol when updating maps bebb4c240500 perf python: Disable -Wno-cast-function-type-mismatch if present on clang bf0b3b352594 exfat: fix memory leak in exfat_load_bitmap() 9a2585ad17cd riscv: define ILLEGAL_POINTER_VALUE for 64bit 8f91116f3682 arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 5f5ec16bd14d arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS d52c5652e7dc ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate 86a89e75e9e4 ocfs2: fix null-ptr-deref when journal load failed. 84543da867c9 ocfs2: remove unreasonable unlock in ocfs2_read_blocks ef768020366f ocfs2: cancel dqi_sync_work before freeing oinfo 637c00e06564 ocfs2: reserve space for inline xattr before attaching reflink tree 8d176ca5d915 ocfs2: fix uninit-value in ocfs2_get_block() e7a801014726 ocfs2: fix the la space leak when unmounting an ocfs2 volume e3a9fc1520a6 mm: krealloc: consider spare memory for __GFP_ZERO fd3496243409 jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit 1c62dc0d82c6 jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error 393331e16ce2 resource: fix region_intersects() vs add_memory_driver_managed() b57b53e8ffcd drm: omapdrm: Add missing check for alloc_ordered_workqueue 0022085f11c6 of/irq: Support #msi-cells=<0> in of_msi_get_domain d657d28641ec of: address: Report error on resource bounds overflow 25b7a6703728 drm/rockchip: vop: clear DMA stop bit on RK3066 a17dfde57704 parisc: Fix stack start for ADDR_NO_RANDOMIZE personality 62f3e58c4e39 parisc: Allow mmap(MAP_STACK) memory to automatically expand upwards 42451ba0d6e1 parisc: Fix 64-bit userspace syscall path 89bbc55d6b16 ext4: mark fc as ineligible using an handle in ext4_xattr_set() c5771f1c484c ext4: use handle to mark fc as ineligible in __track_dentry_update() d13a3558e824 ext4: fix fast commit inode enqueueing during a full journal commit 1552199ace59 ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() 80dccb81b7db ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() f55ecc58d07a ext4: update orig_path in ext4_find_extent() 9203817ba46e ext4: fix timer use-after-free on failed mount 68a69cf60660 ext4: fix double brelse() the buffer of the extents path 8162ee5d94b8 ext4: aovid use-after-free in ext4_ext_insert_extent() 1b558006d98b ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free 93051d16b312 ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() 5efccdee4a7d ext4: dax: fix overflowing extents beyond inode size when partially writing 8c762b4e1921 ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() f4308d8ee384 ext4: propagate errors from ext4_find_extent() in ext4_insert_range() 8fe117790b37 ext4: fix slab-use-after-free in ext4_split_extent_at() a56e5f389d42 ext4: correct encrypted dentry name hash when not casefolded 2d64e7dada22 ext4: no need to continue when the number of entries is 1 9cdf65c6c311 ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 762650cd5e7f ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 3624416ab149 ALSA: line6: add hw monitor volume control to POD HD500X 228a8b952cf4 ALSA: usb-audio: Add native DSD support for Luxman D-08u 9d125aab4c47 ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET aba1be9a804f ALSA: core: add isascii() check to card ID generator 633d3456849d ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop c923bc874659 drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS 6e6f89549c66 drm/mediatek: ovl_adaptor: Add missing of_node_put() 3eff30f2c315 parisc: Fix itlb miss handler for 64-bit programs 9fca08c06a8d perf/core: Fix small negative period being ignored 888f728d81f8 power: supply: hwmon: Fix missing temp1_max_alarm attribute 7febcf11742f spi: bcm63xx: Fix missing pm_runtime_disable() f2d0b351e03f spi: bcm63xx: Fix module autoloading 0a42f6360798 dt-bindings: clock: exynos7885: Fix duplicated binding ff580d01301e memory: tegra186-emc: drop unused to_tegra186_emc() 028258156f65 firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() bf47be5479b3 ovl: fail if trusted xattrs are needed but caller lacks permission 6fcd6feaf132 rust: sync: require `T: Sync` for `LockedBy::access` d6c159c066d2 i2c: designware: fix controller is holding SCL low while ENABLE bit is disabled b80dc74c386f i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled 625a77b68c96 media: i2c: ar0521: Use cansleep version of gpiod_set_value() c0e00163f804 i2c: xiic: Wait for TX empty to avoid missed TX NAKs 7e263fd6efba i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() 22a1f8a5b56b i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume 8176d4878ed2 platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug b8c0aee7c2a5 Revert "ALSA: hda: Conditionally use snooping for AMD HDMI" 2c74d33dbfd9 selftests: vDSO: fix vdso_config for s390 0fe35c473713 selftests: vDSO: fix ELF hash table entry size for s390x 676727021dbd powerpc/vdso: Fix VDSO data access when running in a non-root time namespace dfb569762ce7 selftests/mm: fix charge_reserved_hugetlb.sh test b88842a9f1b8 selftests: vDSO: fix vDSO symbols lookup for powerpc64 d3b90ed9a08d selftests: vDSO: fix vdso_config for powerpc 6c8aff20229f selftests: vDSO: fix vDSO name for powerpc 9629c0c3e876 perf: Really fix event_function_call() locking 42cd165b4cf8 perf callchain: Fix stitch LBR memory leaks e2955fbe08b0 spi: rpc-if: Add missing MODULE_DEVICE_TABLE 106f10fef0b9 accel/ivpu: Add missing MODULE_FIRMWARE metadata 4019391dfe37 selftests: breakpoints: use remaining time to check if suspend succeed c2aa41032872 spi: s3c64xx: fix timeout counters in flush_fifo dbda70bbe421 selftest: hid: add missing run-hid-tools-tests.sh 494380a4e4c0 spi: spi-cadence: Fix missing spi_controller_is_target() check 97aa3293db69 spi: spi-cadence: Fix pm_runtime_set_suspended() with runtime pm enabled 97f76711a90e spi: spi-cadence: Use helper function devm_clk_get_enabled() d6e3898d62a8 spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled c2d9f9a7837a bpftool: Fix undefined behavior in qsort(NULL, 0, ...) 390b9e54cdfd iomap: handle a post-direct I/O invalidate race in iomap_write_delalloc_release ad762c520471 bpftool: Fix undefined behavior caused by shifting into the sign bit d43776b90765 ext4: fix i_data_sem unlock order in ext4_ind_migrate() 34b2096380ba ext4: avoid use-after-free in ext4_ext_show_leaf() 1fe2852720cd ext4: ext4_search_dir should return a proper error b111ae42bbfd bpf: Make the pointer returned by iter next method valid 18f06bacc197 ksmbd: add refcnt to ksmbd_conn struct f5e30a30fce7 platform/x86: lenovo-ymc: Ignore the 0x0 state 4298813a43f7 drm/amdgpu/gfx10: use rlc safe mode for soft recovery c20cd3d6d261 drm/amdgpu/gfx11: use rlc safe mode for soft recovery e16a6d1a3357 powerpc/pseries: Use correct data types from pseries_hp_errorlog struct fe2c86e1927e of/irq: Refer to actual buffer size in of_irq_parse_one() b511474f4958 drm/amd/pm: ensure the fw_info is not null before using it 3ffbdc977d80 drm/amdgpu/gfx9: use rlc safe mode for soft recovery 8361e3f78828 drm/amdgpu: Block MMR_READ IOCTL in reset c474a1a75599 drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() ee5d547006d3 scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers 66a403d89b73 perf: Fix event_function_call() locking deb78dc859dd drm/amdgpu: fix unchecked return value warning for amdgpu_gfx 5e0e1a941e57 scsi: lpfc: Update PRLO handling in direct attached topology 55119faf5abc scsi: aacraid: Rearrange order of struct aac_srb_unit adf290fe434c perf,x86: avoid missing caller address in stack traces captured in uprobe 4ee08b4a7201 drm/printer: Allow NULL data in devcoredump printer c7630935d9a4 drm/amd/display: Initialize get_bytes_per_element's default to 1 a1495acc6234 drm/amd/display: Avoid overflow assignment in link_dp_cts 929506d56714 drm/amd/display: Fix index out of bounds in DCN30 color transformation 122e3a7a8c7b drm/amd/display: Fix index out of bounds in degamma hardware format translation 0d38a0751143 drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation be2ca7a2c156 drm/amd/display: Check link_res->hpo_dp_link_enc before using it 42d31a336438 drm/amd/display: Check stream before comparing them fb557a36b0b9 drm/stm: ltdc: reset plane transparency after plane disable 64f38c08b592 platform/x86: touchscreen_dmi: add nanote-next quirk 651ba62c255f HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio 71cfb54e0f0c drm/amdkfd: Fix resource leak in criu restore queue fe90214179d5 drm/amdgpu: enable gfxoff quirk on HP 705G4 a3c8cbefce38 drm/amdgpu: add raven1 gfxoff quirk c076b3746224 jfs: Fix uninit-value access of new_ea in ea_buffer 9288a9676c52 drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs 4155dff76a8c scsi: smartpqi: correct stream detection 7fff9a9f866e jfs: check if leafidx greater than num leaves per dmap tree 4218b31ecc7a jfs: Fix uaf in dbFreeBits f04925a02ea2 jfs: UBSAN: shift-out-of-bounds in dbFindBits cf6f3ebd6312 drm/amd/display: fix double free issue during amdgpu module unload 75839e2365b6 drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) 9641bc4adf84 drm/amd/display: Check null pointers before using dc->clk_mgr 4778982c73d6 drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' 6ec7c739346c HID: Ignore battery for all ELAN I2C-HID devices 29d2d5eda393 ata: sata_sil: Rename sil_blacklist to sil_quirks 8fcf85196adc ata: pata_serverworks: Do not use the term blacklist e47e563c6f0d drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream 30ceb873cc2e drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer 44e4aeaef96b drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit 0a1741d10da2 drm/stm: Avoid use-after-free issues with crtc and plane dfdbc5ba10fb iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count 54e86bfec010 iommu/vt-d: Always reserve a domain ID for identity setup 1c36eb173249 power: reset: brcmstb: Do not go into infinite loop if reset fails 2d56271fce96 rcuscale: Provide clear error when async specified without primitives fdda354f60a5 fbdev: pxafb: Fix possible use after free in pxafb_task() 36bfefb6baaa fbdev: efifb: Register sysfs groups through driver core 4b101d2f40df hwmon: (nct6775) add G15CF to ASUS WMI monitoring list 2de5fd836bd6 x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() e9df4c61079e selftests/nolibc: avoid passing NULL to printf("%s") fc975b8daba2 tools/nolibc: powerpc: limit stack-protector workaround to GCC 6cc4e5eaadae ALSA: hdsp: Break infinite MIDI input flush loop 7a5574099670 ALSA: asihpi: Fix potential OOB array access ddd52c9fe992 x86/kexec: Add EFI config table identity mapping for kexec kernel 407abc7e0c7f x86/pkeys: Restore altstack access in sigreturn() 19059128205f x86/pkeys: Add PKRU as a parameter in signal handling functions ef6c1ed5887f tools/x86/kcpuid: Protect against faulty "max subleaf" values 71faa656b8e7 ASoC: codecs: wsa883x: Handle reading version failure 70d5e30b0a3c ALSA: usb-audio: Add logitech Audio profile quirk fb2ed616af7e ALSA: usb-audio: Replace complex quirk lines with macros 0bf9779cd954 ALSA: usb-audio: Define macros for quirk table entries 077e1b7cd521 x86/ioapic: Handle allocation failures gracefully 864f68a24293 ALSA: usb-audio: Add input value sanity checks for standard types f888741fcfab nfp: Use IRQF_NO_AUTOEN flag in request_irq() fef7b51f22cf wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() 0a630d690b7f wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker 833ebae26663 wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation b4f8240bc389 can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode b017f4f6709a drivers/perf: arm_spe: Use perf_allow_kernel() for permissions 8552508033b2 proc: add config & param to block forcing mem writes 8b2906e1349a ACPICA: iasl: handle empty connection_node f37319609335 wifi: mac80211: fix RCU list iterations 6dcadb2ed3b7 wifi: iwlwifi: mvm: avoid NULL pointer dereference 324116255492 wifi: iwlwifi: mvm: use correct key iteration 5cce1c07bf89 tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process 27fe713c62a1 netpoll: Ensure clean state on setup failures b60d2bc676e4 crypto: simd - Do not call crypto_alloc_tfm during registration 0f6dab0b79f1 net: atlantic: Avoid warning about potential string truncation f989162f55ed ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family 239ac7faeaea wifi: rtw89: correct base HT rate mask for firmware d4c4653b60de ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR). 0d6255e512b3 bnxt_en: Extend maximum length of version string by 1 byte 74834f4a6c19 net: mvpp2: Increase size of queue_name buffer 12d26aa7fd3c tipc: guard against string buffer overrun 4588ea78d390 ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() 93d065b704bd ACPI: EC: Do not release locks during operation region accesses 90ec583a85c4 wifi: rtw88: select WANT_DEV_COREDUMP 7a552bc2f3ef wifi: ath11k: fix array out-of-bound access in SoC stats d0e4274d9dc9 wifi: ath12k: fix array out-of-bound access in SoC stats 1ab2cfe19700 blk_iocost: fix more out of bound shifts 29dbea4c56df ACPI: CPPC: Add support for setting EPP register in FFH 716dae9686fe ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 cc026a7f9be6 Bluetooth: btrtl: Set msft ext address filter quirk for RTL8852B 18ed567ad0aa Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 37a6fc0d8fca net: sched: consistently use rcu_replace_pointer() in taprio_change() 3f5625e9e92b wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable 1c6db07811fb e1000e: avoid failing the system during pm_suspend 13ca2b3568fb ACPICA: Fix memory leak if acpi_ps_get_next_field() fails 0b02303431a3 ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails 68a8e45743d6 ACPI: PAD: fix crash in exit_round_robin() 0a94777ba4ca net: hisilicon: hns_mdio: fix OF node leak in probe() 359a218ce1a9 net: hisilicon: hns_dsaf_mac: fix OF node leak in hns_mac_get_info() f62bf4ffeba5 net: hisilicon: hip04: fix OF node leak in probe() 143edf098b80 net/xen-netback: prevent UAF in xenvif_flush_hash() 04053e55dd50 wifi: cfg80211: Set correct chandef when starting CAC d76360adabd6 wifi: iwlwifi: mvm: drop wrong STA selection in TX 191e8d525620 wifi: iwlwifi: mvm: Fix a race in scan abort flow 82465e05ca6f ice: Adjust over allocation of memory in ice_sched_add_root_node() and ice_sched_add_node() 21ba7132a911 crypto: octeontx2 - Fix authenc setkey 0ac97b001cce crypto: octeontx - Fix authenc setkey 6300199be334 crypto: x86/sha256 - Add parentheses around macros' single arguments e37e34883503 wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit fdc73f2cfbe8 wifi: rtw89: avoid to add interface to list twice when SER e6e4cfb5f6d6 wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() 40346cbb19ad ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin b0f3c6a2d0bd ALSA: gus: Fix some error handling paths related to get_bpos() usage 2c3c1f87cf7e cifs: Do not convert delimiter when parsing NFS-style symlinks c6db81c550ce cifs: Fix buffer overflow when parsing NFS reparse points 92e71ccd8fd4 ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m f8f081578b5b ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs e4c886dd24a3 cifs: Remove intermediate object of failed create reparse call fa72abf31bd0 ALSA: hda/realtek: Fix the push button function for the ALC257 466129e3d0ad ALSA: mixer_oss: Remove some incorrect kfree_const() usages 0152c81f61fa ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized 28234f8ab69c Bluetooth: L2CAP: Fix not validating setsockopt user input 6a6baa1ee7a9 Bluetooth: ISO: Fix not validating setsockopt user input dea46e246ef0 media: usbtv: Remove useless locks in usbtv_video_free() 0c18a64039aa Bluetooth: hci_sock: Fix not validating setsockopt user input b66ff9a3fc90 loop: don't set QUEUE_FLAG_NOMERGES 3000f3a86dd0 i2c: xiic: Try re-initialization on bus busy timeout 7c48b5a6c32c i2c: xiic: improve error message when transfer fails to start 7f64cb5b4d8c sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start 25a54df40841 dt-bindings: net: xlnx,axi-ethernet: Add missing reg minItems 1372c7579ec5 iomap: constrain the file range passed to iomap_file_unshare f9620e2a665a ppp: do not assume bh is held in ppp_channel_bridge_input() d9dfd41e32cc net: test for not too small csum_start in virtio_net_hdr_to_skb() ea8cad4ca5e0 ipv4: ip_gre: Fix drops of small packets in ipgre_xmit a9ad307c0dde net: stmmac: dwmac4: extend timeout for VLAN Tag register busy bit check 9b0ee571d20a net: add more sanity checks to qdisc_pkt_len_init() 25ab0b87dbd8 net: avoid potential underflow in qdisc_pkt_len_init() with UFO da143240028c net: fec: Reload PTP registers after link-state change dc5fb264168c net: fec: Restart PPS after link state change e66e38d07b31 net: ethernet: lantiq_etop: fix memory disclosure 718b66340364 net: Fix gso_features_check to check for both dev->gso_{ipv4_,}max_size dae9b99bd21f net: Add netif_get_gro_max_size helper for GRO f0a84ad84d98 Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() b90907696c30 Bluetooth: L2CAP: Fix uaf in l2cap_connect 4883296505aa Bluetooth: MGMT: Fix possible crash on mgmt_index_removed 4e3542f40f3a netfilter: nf_tables: prevent nf_skb_duplicated corruption fe9ccbf1b749 selftests: netfilter: Fix nft_audit.sh for newer nft binaries 271b4904727b net: wwan: qcom_bam_dmux: Fix missing pm_runtime_disable() 96858258de2f net: ieee802154: mcr20a: Use IRQF_NO_AUTOEN flag in request_irq() 8691a82abf0c netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED fab615ac9fcb net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice 0168ab6fbd9e net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() 1c252d64652e net/mlx5: Added cond_resched() to crdump collection 26fad69b34fc net/mlx5: Fix error path in multi-packet WQE transmit 70db858273c7 net: sparx5: Fix invalid timestamps d6c4c0867086 ieee802154: Fix build error 11ab19d48ab8 ceph: remove the incorrect Fw reference check when dirtying pages 10a58555e0bb mailbox: bcm2835: Fix timeout during suspend mode b372b484d232 mailbox: rockchip: fix a typo in module autoloading 7879ad0aa996 drm/amdgpu: Fix get each xcp macro f42595fb8fdb scsi: pm8001: Do not overwrite PCI queue mapping 6b63cda2d4f4 scsi: st: Fix input/output error on empty drive reset 86fdd1806461 jump_label: Fix static_key_slow_dec() yet again 33f3e832275e jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() e67534bd31d7 static_call: Replace pointless WARN_ON() in static_call_module_notify() c0abbbe8c98c static_call: Handle module init failure correctly in static_call_del_module() 18abb2787b53 x86/syscall: Mark exit[_group] syscall handlers __noreturn 2879d995e569 pnmtologo: sync with 6.6 43ea1c5e6eb3 lib/build_OID_registry: take -stable reproducibility changes 35046aea43c8 bpftool: Fix undefined bpf macro for unix socket 9a558d4b8621 tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids 42b2eec2e503 bpftool: Query only cgroup-related attach types f71bb11887ba cpu/amd: inhibit SMP check for qemux86 c31365597a17 powerpc/uaccess: Fix build errors seen with GCC 13/14 64ebf485c56b usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock 7c76aad68f6d kselftest: Add a ksft_perror() helper 06644f0d7193 drm/tilcdc: Set preferred depth ff7ae7b32324 crypto: jitter - add RCT/APT support for different OSRs 50cd24ddb6f0 arm64: defconfig: remove CONFIG_IPQ_APSS_5018 58e5c91d6701 x86/alternatives: Disable interrupts and sync when optimizing NOPs in place c878fd2d4c79 x86/alternatives: Sync core before enabling interrupts c2d64b9f52b6 qemux86: add configuration symbol to select values 630c33229e6d sched/isolation: really align nohz_full with rcu_nocbs 0e5e0f68e2e6 clear_warn_once: add a clear_warn_once= boot parameter 46934791b902 clear_warn_once: bind a timer to written reset value cdee9e38ff32 clear_warn_once: expand debugfs to include read support 82b562b81841 tools: Remove some options from CLANG_CROSS_FLAGS 36dc380b776b libbpf: Fix build warning on ref_ctr_off 9e3e1fe20982 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel. e497a4a5da65 perf: x86-32: explicitly include <errno.h> 7b57ddd89565 perf: mips64: Convert __u64 to unsigned long long 1cfc19423dc7 perf: fix bench numa compilation 98bc2815fade perf: add SLANG_INC for slang.h 17209a70b9b3 perf: add sgidefs.h to for mips builds 9cd4258d910a perf: change --root to --prefix for python install 8110a4f26628 perf: add 'libperl not found' warning bc89d5e08f77 perf: force include of <stdbool.h> 4f6c760cc876 fat: Replace prandom_u32() with get_random_u32() bc53117b12b2 fat: don't use obsolete random32 call in namei_vfat 30b2236ab378 FAT: Added FAT_NO_83NAME cef98d22b4ed FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option 0bbd7daba9e1 FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option 5883fc340084 aufs6: adapt to v6.6 i_op->ctime changes c4342d979bf2 aufs6: fix magic.mk include path 35266bc2dc81 aufs6: adapt to v6.6 8edede4e98be aufs6: core 712248233ebe aufs6: standalone 3b71a8a848d8 aufs6: mmap 3e2924871f37 aufs6: base 7f4907a93101 aufs6: kbuild d2f7b03e4aa7 yaffs2: update VFS ctime operations to 6.6+ bcd6cfcd1aa0 yaffs2: v6.5 fixups cc615704b5f5 yaffs2: Fix miscalculation of devname buffer length 8ef2e22dcf91 yaffs2: convert user_namespace to mnt_idmap c9c749f9f7d3 yaffs2: replace bdevname call with sprintf 395b01cdc39d yaffs2: convert read_page -> readfolio d98b07e43ba6 yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL 613c6d50fdbe yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name 622c4648936f yaffs2: v5.12+ build fixups (not runtime tested) 7562133d4090 yaffs: include blkdev.h dbd44252cd59 yaffs: fix misplaced variable declaration c223a10b1ac0 yaffs2: v5.6 build fixups 90f6007cfbf4 yaffs2: fix memory leak when /proc/yaffs is read 37ee169c5ea1 yaffs: add strict check when call yaffs_internal_read_super b6e007b8abb6 yaffs: repair yaffs_get_mtd_device fb98f65a466a yaffs: Fix build failure by handling inode i_version with proper atomic API 51e0aac75ea2 yaffs2: fix memory leak in mount/umount 2b74a0cae7b0 yaffs: Avoid setting any ACL releated xattr ff4130a9c376 Yaffs:check oob size before auto selecting Yaffs1 ba95b409c67c fs: yaffs2: replace CURRENT_TIME by other appropriate apis 8fa35eba9056 yaffs2: adjust to proper location of MS_RDONLY 1eb5deaad8c4 yaffs2: import git revision b4ce1bb (jan, 2020) 4dce67c1e8c8 initramfs: allow an optional wrapper script around initramfs generation 2f603d83fcc4 pnmtologo: use relocatable file name 664a6a0a484b tools: use basename to identify file in gen-mach-types 9de64bc0c185 lib/build_OID_registry: fix reproducibility issues ae9b80797295 vt/conmakehash: improve reproducibility a972323151bd iwlwifi: select MAC80211_LEDS conditionally 15d2adcc0198 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119) 5556a6c04b19 arm64/perf: Fix wrong cast that may cause wrong truncation 5552dc768ffc defconfigs: drop obselete options 00fe4152df31 arm64/perf: fix backtrace for AAPCS with FP enabled 3888d0652edf linux-yocto: Handle /bin/awk issues 3d55d299f23a uvesafb: provide option to specify timeout for task completion 23c068c080be uvesafb: print error message when task timeout occurs edbfc939266e compiler.h: Undef before redefining __attribute_const__ c99ae7e2a19a vmware: include jiffies.h 572d84d928c8 Resolve jiffies wrapping about arp fdcd47cac843 nfs: Allow default io size to be configured. 927d48801098 check console device file on fs when booting 57cc27f821dd mount_root: clarify error messages for when no rootfs found 1b53d82a8152 mconf: fix output of cflags and libraries 1811da09f42c menuconfig,mconf-cfg: Allow specification of ncurses location 83c2e0c6eb1f modpost: mask trivial warnings 6de673039484 kbuild: exclude meta directory from distclean processing 6decd32815f5 powerpc: serialize image targets f6b683b38318 arm: serialize build targets e798b09ebf57 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition dc8a1e5a88f8 x86_64_defconfig: Fix warnings 68491e5f72b6 powerpc/ptrace: Disable array-bounds warning with gcc8 d71ebfce3004 powerpc: Disable attribute-alias warnings from gcc8 62f50884b8b1 powerpc: kexec fix for powerpc64 da6871c62c37 powerpc: Add unwind information for SPE registers of E500 core f161c880c11d mips: make current_cpu_data preempt safe 5e94a8247ce7 mips: vdso: fix 'jalr $t9' crash in vdso code 19e36714b1c7 mips: Kconfig: add QEMUMIPS64 option e2e537db3cbd 4kc cache tlb hazard: tlbp cache coherency aee9870611e5 malta uhci quirks: make allowance for slow 4k(e)c 881948cd1517 drm/fb-helper: move zeroing code to drm_fb_helper_fill_var 98ec1963fcb7 arm64: defconfig: cleanup config options f1727c537ba8 vexpress: Pass LOADADDR to Makefile 4474c32dc24a arm: ARM EABI socketcall 75e31a2b70fd ARM: LPAE: Invalidate the TLB for module addresses during translation fault
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7829fdb1f05cf04d55d25db2d3ff705626008105) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Deepthi Hemraj [Tue, 12 Nov 2024 12:28:09 +0000 (04:28 -0800)]
binutils: stable 2.43.1 branch update
Below commit on binutils-2.43.1 stable branch are updated. b82e2250574 Automatic date update in version.in 280374309b1 PR32300, --dependency-file: link dependencies are not all collected 263e116833e s390: Add arch15 instructions 645da6d426e s390: Relax risbg[n]z, risb{h|l}gz, {rns|ros|rxs}bgt operand constraints 7f7047a9c6c s390: Simplify (dis)assembly of insn operands with const bits e7592364504 s390: Align opcodes to lower-case d6ab1d2efdc s390: Document syntax to omit base register operand c40337b1784 LoongArch: Add elfNN_loongarch_mkobject to initialize LoongArch tdata 95ed7cf1be2 segv in bfd_elf_get_str_section 0a71d78f6a6 ld: Don't explicitly add .note.gnu.build-id in elf.sc ad2ce1e6457 x86: Turn PLT32 to PC32 only for PC-relative relocations 238493e7f09 x86-64: Disable PIE on PR gas/32189 test 68d5dbd315d x86-64: Never make R_X86_64_GOT64 section relative d77d08180d1 x86/APX: Don't promote AVX/AVX2 instructions out of APX spec f307db3d8b7 bfd: Pass true to ld_plugin_object_p cd3e2b58f2c PR32109, aborting at bfd/bfd.c:1236 in int _bfd_doprnt 2d37b890e56 lto: Add a test for PR ld/32083 d16a1893c44 ld: Add an LTO test for common symbol override e4cfe6dab3e Re-enable development changes on the 2_43 branch
Testing was done and there were no regressions found
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4950a2d67a85b3f4a643a46fdc54d348abce5ed6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Peter Marko [Mon, 11 Nov 2024 19:04:36 +0000 (20:04 +0100)]
expat: upgrade 2.6.3 -> 2.6.4
Handle CVE-2024-50602
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5dc22afe3d2ea767f084b7c6e3625cb6edd66522) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Mark Hatle [Tue, 12 Nov 2024 21:23:11 +0000 (15:23 -0600)]
cve-update-nvd2-native: Handle BB_NO_NETWORK and missing db
The custom do_fetch routine is ignoring BB_NO_NETWORK, add a check for this
as the correct behavior for the user is to set:
CVE_DB_UPDATE_INTERVAL = "-1"
If CVE_DB_UPDATE_INTERNAL is set to -1, check that a DB file exists, if not
we need to error so the user can deal with this.
Note, MIRRORs are NOT handled by this code.
Signed-off-by: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 337c0806d2784d74bee8d6420fb8b4d48795d5fa) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Exception: NameError: name 'shutil' is not defined, Did you forget to import 'shutil'
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b64263a43b4d82f1ebba13815bccb8a8cd3127f9) Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Sat, 28 Dec 2024 20:49:06 +0000 (21:49 +0100)]
gstreamer1.0: run ptests in parallel
Run the ptests in four parallel jobs (reduces runtime from ~80s to ~20s
on my machine), and also pass any arguments in the scripts to make it
easier to run individual tests.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Yash Shinde [Thu, 12 Dec 2024 14:35:05 +0000 (06:35 -0800)]
binutils: Fix CVE-2024-53589
A buffer overflow vulnerability exists in GNU Binutils’ objdump utility
when processing tekhex format files. The vulnerability occurs in the
Binary File Descriptor (BFD) library’s tekhex parser during format identification.
Specifically, the issue manifests when attempting to read 8 bytes at an address
that precedes the global variable ‘_bfd_std_section’, resulting in an out-of-bounds read.
Backport a patch from upstream to fix CVE-2024-53589.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e0323071916878e0634a6e24d8250e4faff67e88]
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Sunil Dora [Wed, 11 Dec 2024 18:15:12 +0000 (10:15 -0800)]
gcc: Fix c++: tweak for Wrange-loop-construct
This commit updates the warning to use a check for "trivially constructible" instead of
"trivially copyable." The original check was incorrect, as "trivially copyable" only applies
to types that can be copied trivially, whereas "trivially constructible" is the correct check
for types that can be trivially default-constructed.
This change ensures the warning is more accurate and aligns with the proper type traits.
LLVM accepted a similar fix:
https://github.com/llvm/llvm-project/issues/47355
Signed-off-by: Marek Polacek <polacek@redhat.com> Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Wed, 18 Dec 2024 11:56:34 +0000 (11:56 +0000)]
cve-update-nvd2-native: Tweak to work better with NFS DL_DIR
After much debugging, the corruption issues on the autobuilder appear to
be due to the way sqlite accesses database files. It doesn't change the
file timestamp after making changes, which for reasons unknown, confuses
NFS. As soon as the file is touched, NFS becomes fine again accross the
whole cluster, as if by magic.
We could try and debug further but putting a "touch" call into the code
is easy and harmless. Lets hope this removes this annoying source of
errors.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Sid-Ali [Fri, 6 Dec 2024 07:47:33 +0000 (08:47 +0100)]
shadow: use update-alternatives to handle su.1 and nologin.8
This patch fixes the following error at do_rootfs:
update-alternatives: Error: not linking
/PATH/TO/rootfs/usr/share/man/man1/su.1
to /usr/share/man/man1/su.1.util-linux since
/PATH/TO/rootfs/usr/share/man/man1/su.1
exists and is not a link
update-alternatives: Error: not linking
/PATH/TO/rootfs/usr/share/man/man8/nologin.8
to /usr/share/man/man8/nologin.8.util-linux since
/PATH/TO/rootfs/usr/share/man/man8/nologin.8
exists and is not a link
The problem can be reproduced by adding the following lines to local.conf
and then building an image:
dnf: drop python3-iniparse from DEPENDS and RDEPENDS
python3-iniparse dependency was dropped 2019, see the
following commit as reference:
https://github.com/rpm-software-management/dnf/pull/1329/commits/d7d0e0e2f9d8c7d021c794821ad0b56a39ebc01f
When looking at the Git history, this happened around tag 4.2.1
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
intltool was dropped as a dependency in v236
See commit for reference:
https://github.com/systemd/systemd/pull/7313/commits/c81217920effddc93fb780cf8f9eb699d6fe1319
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
intltool was dropped as a dependency in v236
See commit for reference:
https://github.com/systemd/systemd/pull/7313/commits/c81217920effddc93fb780cf8f9eb699d6fe1319
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
avoid-host-contamination.patch
refreshed for 10.04.0
Changelog:
===========
- addresses CVEs: CVE-2024-46951, CVE-2024-46952, CVE-2024-46953, CVE-2024-46954, CVE-2024-46955, CVE-2024-46956
- add protection for device selection from PostScript input.
- efforts in code hygiene and maintainability continue.
- The usual round of bug fixes, compatibility changes, and incremental improvements.
- add the capability to build with the Tesseract OCR engine.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Peter Marko [Thu, 5 Dec 2024 23:41:39 +0000 (00:41 +0100)]
builder: set CVE_PRODUCT
Builder is a common word and there are many other builder components
which makes us to ignore CVEs for all of them.
There is already 1 ignored and currently 3 new ones.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 22 Nov 2024 16:18:51 +0000 (16:18 +0000)]
resulttool: Improve repo layout for oeselftest results
Having all oe-selftest results on top of each other results in a large 640MB
json file which is hard to use. Split the results out per machine and test type.
This also stops the toolchain raw logs from overwriting each other meaning more
than one MACHINE is preserved.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4b890f04bc7d147b4a11b824a84f3d2abd75ac54) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 22 Nov 2024 16:17:19 +0000 (16:17 +0000)]
resulttool: Trim the precision of duration information
The duration values have pointless amounts of precision. Removing some of the
least significant digits reduces result size and makes the results easier to read.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a789a2e6d97bb8efd663226a17db8d1ca6c1e40f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 22 Nov 2024 16:15:46 +0000 (16:15 +0000)]
resulttool: Clean up repoducible build logs
We've improved the data stored for reproduicible builds. Teach resulttool how
to apply those cleanups when reprocessing data so we can reduce results file
sizes and make the data easier to process.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b799c57ae6d61c1b1c7035c8a2c4ba6ee08d1a81) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 22 Nov 2024 16:14:37 +0000 (16:14 +0000)]
resulttool: Handle ltp rawlogs as well as ptest
Improve the rawlogs handling to include ltp logs as well as the ptest ones to
reduce the size of the results git repos.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a0a1954d559609c2c1ca16936d0d68eb3c4c6b45) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 22 Nov 2024 16:11:43 +0000 (16:11 +0000)]
resulttool: Add --logfile-archive option to store mode
Storing the log files inside the testresults git repo isn't scaling and isn't
really appropriate use of a git repository. Allow these to be optionally stored
in a separate filesystem location so the git repo can remain managable.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1afc0f3d7e93fa8496be241e9622d3b9a6904bd5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 22 Nov 2024 16:09:41 +0000 (16:09 +0000)]
resulttool: Fix passthrough of --all files in store mode
When using store mode, --all was broken as not all files were being preserved.
Fix this by limiting the scope of the git rm command.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9604561d2022b6c76b1cb4186d40800d1affdd2b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 22 Nov 2024 16:06:23 +0000 (16:06 +0000)]
oeqa/utils/gitarchive: Return tag name and improve exclude handling
Tweak the gitarchive exclude handling not to error if excluded files
don't match.
Also return the tagname created so that other code can then use it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1adba3430faffdf6217b6a00533a3b48a9388abc) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 21 Nov 2024 11:46:08 +0000 (11:46 +0000)]
resulttool: Use single space indentation in json output
Using 4 space indentation in resulted in hundreds of megabytes of extra file size
in general use. Reduce this to make filesizes more managable and reduce the processing
cost. Some level of indentation and spacing does make the files more readable and allows
use of git diff so we need to retain some of it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a274cdcaf852cca9497f0358f44dda99c06aacbe) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Wed, 13 Nov 2024 21:36:57 +0000 (21:36 +0000)]
resulttool: Allow store to filter to specific revisions
We have a challenge on the autobuilder where test results from both OE-Core
and poky are being mixed together during result storage which is confusing the
data. Add a way to filter to specific revisions as the least worst way to fix
the various issues this is causing.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3f276a0dc65341668788853be2cf27ab6aa12b13) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 21 Nov 2024 14:55:59 +0000 (14:55 +0000)]
selftest/reproducible: Clean up pathnames
There are several problems with these paths. Firstly they contain full
system paths which depend upon where the test was run. These are pretty
pointless and just take up a lot of space making the results files large.
Secondly, they contain the same path twice. The reference and target path
will always be the same thing in two different locations.
Strip off the prefix and remove the duplication. This does change the output
data but that can't really be avoided. It does shrink the results data and makes
it more readable.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 81a44de36e864b08687451fd85aeba7c529fd7f7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 21 Nov 2024 14:55:44 +0000 (14:55 +0000)]
selftest/reproducible: Drop rawlogs
The "rawlogs" data consists of a long string of results data which is
already in a structured data format. I can't see this is adding much
value in duplciating the data but it does create a huge string with a
lot of long problematic pathnames and inflates the results data size.
I suggest we drop this data as obsolete and not necessary.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5b2c70fab2ffa409b861d83f048b65d458d03a90) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 25 Oct 2024 13:31:52 +0000 (14:31 +0100)]
do_package/sstate/sstatesig: Change timestamp clamping to hash output only
The code was changing the timestamps of the files in the do_package output,
particularly the files added for debug sources. This was to do two things:
a) make do_package sstate more reproducible
b) ensure better hash equivalence matching
Unfortuately the debug source files are hardlinks into the source tree for
efficiency so touching these, touches a lot of files in ${B} and ${S}. This
causes unpredictable effects if compile is run again for example, or could
cause compiling in the install task.
The hash equivalence matching is of key importance but we can mimic that
using clamping of the file timestamps in the depsig output used to generate
the hashes.
This patch drops the global timestamp clamping, instead allowing the files
to retain their creation timestamps into sstate. This makes do_package sstate
slightly less reproducibile. We could clamp the sstate timestamps but that
would lead to two different sets of timestamps depending on whether the
data came from sstate or not. I'd prefer to have consistent code behaviour,
rather than differing behavhour depending on whether data came from sstate
or not.
If we wanted to have reproducibiliy and fix the "corruption" of S/B and have
consistent codepaths, the only other option would be two copies of the
sources, which could end up huge and seems the least desireable option.
This patch therefore drops the timestamp clamping in the sstate files
and tweaks the depsig data generation to clamp the timestamps for do_package
instead since this seems the best compromise.
I validated that rpm/deb/ipk files still generate correctly as before.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 475759fdab7200488b2a568b2ba1aa31a456d113) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changqing Li [Thu, 21 Nov 2024 06:02:56 +0000 (14:02 +0800)]
rxvt-unicode.inc: disable the terminfo installation by setting TIC to :
Without this change, TIC is the native tic in recipe-sysroot-native.
By default, native tic has set its default terminfo path to native path:
${datadir}/terminfo; $HOME/.terminfo
When sstate cache is used, the cached native tic's terminfo path could
be a path not exist on current host, then native tic will try to install
terminfo to HOME dir, cause host contamination.
Disable the terminfo installation by setting TIC to :
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fe35ead2c3135a18c346e7baa31d34b15c3e2d95) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Deepthi Hemraj [Tue, 3 Dec 2024 05:30:10 +0000 (21:30 -0800)]
glibc: stable 2.40 branch updates.
Below commits on glibc-2.40 stable branch are updated. 626c048f32 elf: handle addition overflow in _dl_find_object_update_1 [BZ #32245] efb710034e linux: sparc: Fix clone for LEON/sparcv8 (BZ 31394) 2344580243 Mitigation for "clone on sparc might fail with -EFAULT for no valid reason" (bz 31394) 3a34851103 elf: Change ldconfig auxcache magic number (bug 32231) 85e5850f2f Make tst-strtod-underflow type-generic 5c06c6e0b5 libio: Set _vtable_offset before calling _IO_link_in [BZ #32148] cc256952ec Add tests of more strtod special cases 8f40dfbe2a Add more tests of strtod end pointer 4a9b6cdc88 Make tst-strtod2 and tst-strtod5 type-generic 5a10d05c39 powerpc64le: Build new strtod tests with long double ABI flags (bug 32145) c4cc72d2ef Do not set errno for overflowing NaN payload in strtod/nan (bug 32045) ad93c2047d Improve NaN payload testing cac10d88c6 Make __strtod_internal tests type-generic d0c1792ad2 Fix strtod subnormal rounding (bug 30220) e06153665f More thoroughly test underflow / errno in tst-strtod-round 9bc76c7ca4 Test errno setting on strtod overflow in tst-strtod-round 61b6464f8d Add tests of fread 77018fd9f9 stdio-common: Add new test for fdopen
with this, and the previous compression level changes
I am seeing drastic speedups in package_write_rpm completion times:
webkitgtk goes from 78 seconds to 37 seconds
glibc-locale goes from 399 seconds to 58 seconds (!)
The long version:
rpm uses multithreading for two purposes:
- spawning compressors (which are nowadays themselves
multi-threaded, so the feature is not as useful as it once
was)
- parallel file classification
While the former behaves well on massively parallel CPUs
(it was written and verified here :), the latter was then added
by upstream and only benchmarked on their very old, slow laptop,
apparently:
https://github.com/rpm-software-management/rpm/commit/41f0e214f2266f02d6185ba11f797716de8125d4
On anything more capable it starts showing pathologic behavior,
presumably from spawning massive amount of very short-lived threads,
and then having to synchronize them. For example classifying glibc-locale
takes
5m20s with 256 threads (default on my machine!)
1m49s with 64 threads
59s with 16 threads
48s with 8 threads
Even a more typical recipe like webkitgtk is affected:
47s with 256 threads
32s with 64 threads
27s with 16 or 8 threads
I have found that the optimal amount is actually four: this also
means that only four compressors are running at a time, but
as they're themselves using threads, and typical recipes are dominated
by just two or three large packages, this does not affect overall
completion time.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Steve Sakoman <steve@sakoman.com>
zstd uses 3 by default, while 19 is the highest and slowest.
It's not clear why 19 was picked to begin with, possibly
I copy-pasted it from rpm's examples without thinking:
https://git.yoctoproject.org/poky/commit/?h=master-next&id=4a4d5f78a6962dda5f63e9891825c80a8a87bf66
This brings significant speedups in rpm's compression step:
for example compressing webkitgtk takes 11s instead of 36s.
The rpm size increases from 175648k to 234860k. I think it's
a worthy default tradeoff.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Markus Volk [Fri, 22 Nov 2024 12:27:05 +0000 (13:27 +0100)]
gcc: add a backport patch to fix an issue with tzdata 2024b
There is an issue in the std::chrono::tzdb parser that causes problems
since the tzdata-2024b release started using %z in the main format.
As a real world problem I encounter an issue with the waybar clock module,
which ignores the timezone setting and only shows system time.
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 39018429f05511053ab12e23e7f4487ea25ee529) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Kai Kang [Fri, 1 Nov 2024 08:29:43 +0000 (16:29 +0800)]
kexec-tools: update COMPATIBLE_HOST because of makedumpfile
makedumpfile is not compatible with mipsarcho32 and riscv32, so set for
kexec-tools accordingly.
And update packagegroup-core-tools-testapps too.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9107d9c09c7dab385c6034778cefadca3613be9c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
selftest/sstatetests: run CDN mirror check only once
The first no-fail check was an attempt to work around the old
CDN's instability (and it didn't really help); it should not be necessary
with the new CDN, and only delays a-full completion.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7f75c42b7fcf60a9ca58d3ded9047df675d76dc2) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 31 Oct 2024 07:52:17 +0000 (07:52 +0000)]
openssl: Fix SDK environment script to avoid unbound variable
Avoid errors like:
buildtools/sysroots/x86_64-pokysdk-linux/environment-setup.d/openssl.sh: line 6: BB_ENV_PASSTHROUGH_ADDITIONS: unbound variable
by setting an explicit empty default value.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5a2a4910a22668f25679a47deaa9e2ed28665efa) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Chen Qi [Fri, 25 Oct 2024 06:44:37 +0000 (23:44 -0700)]
shadow: use update-alternatives to handle groups.1
This patch fixes the following error at do_rootfs:
update-alternatives: Error: not linking /PATH/TO/rootfs/usr/share
/man/man1/groups.1 to /usr/share/man/man1/groups.1.coreutils since
/PATH/TO/rootfs/usr/share/man/man1/groups.1 exists and is not a link
The problem can be reproduced by adding the following lines to local.conf
and then building an image:
Martin Jansa [Sun, 27 Oct 2024 17:13:52 +0000 (18:13 +0100)]
ffmpeg: fix packaging examples
* I've noticed that ffmpeg package isn't created in my builds, due
to --disable-programs in EXTRA_OECONF added by our .bbappend, but
was surprised that lib32-ffmpeg is created.
* lib32-ffmpeg was created only because it contained the examples
which are installed in /usr/share/ffmpeg even when PN is lib32-ffmpeg
as we pass --datadir=${datadir}/ffmpeg in EXTRA_OECONF here
* --disable-programs controls ${bindir}/ffprobe ${bindir}/ffmpeg and
${datadir}/ffmpeg/ffprobe.xsd ${datadir}/ffmpeg/libvpx-*.ffpreset
Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d7bf828b6431a254201675e41047f53da47912f5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Yi Zhao [Sat, 26 Oct 2024 05:49:46 +0000 (13:49 +0800)]
systemd: fix broken links for sysvinit-compatible commands
Since commit[1], PACKAGECONFIG[sysvinit] is not enabled by default when
sysvinit is not in DISTRO_FEATURES, which causes the following
sysvinit-compatible commands/services to not be built and installed:
Although support for SME was merged in v5.19, we've since uncovered a
number of issues with the implementation, including issues which might
corrupt the FPSIMD/SVE/SME state of arbitrary tasks. While there are
patches to address some of these issues, ongoing review has highlighted
additional functional problems, and more time is necessary to analyse
and fix these.
For now, mark SME as BROKEN in the hope that we can fix things properly
in the near future. As SME is an OPTIONAL part of ARMv9.2+, and there is
very little extant hardware, this should not adversely affect the vast
majority of users.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 022f9814cb9d6d420e9d89a746f4c67b452c498f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Thu, 21 Nov 2024 04:13:18 +0000 (23:13 -0500)]
linux-yocto/6.10: cfg: gpio: allow to re-enable the deprecated GPIO sysfs interface
Integrating the following commit(s) to linux-yocto/.:
1/1 [
Author: Bartosz Golaszewski
Email: bartosz.golaszewski@linaro.org
Subject: gpio: allow to re-enable the deprecated GPIO sysfs interface
Date: Mon, 11 Nov 2024 14:08:23 +0100
The GPIO sysfs interface is disabled in standard linux config and in
general users should use the character device instead but there are still
programs out there that depend on it so for the time being add a kernel
feature allowing to enable it.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ae19861bfc336d869a7a84b13ab3e7b318e1b560) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Integrating the following commit(s) to linux-yocto/.:
1/1 [
Author: Mikko Rapeli
Email: mikko.rapeli@linaro.org
Subject: genericarm64.cfg: enable CONFIG_DMA_CMA
Date: Thu, 24 Oct 2024 08:49:29 +0300
It's needed for graphics on AMD KV260.
Cc: Bill Mills <bill.mills@linaro.org> Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7d1572bce914ff67c3e08f95dfd8504b00b9a8e0) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Wang Mingyu [Wed, 9 Oct 2024 05:49:14 +0000 (13:49 +0800)]
xwayland: upgrade 24.1.2 -> 24.1.3
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b42744482d5b883c04e81b4be56ef19bc27caa3f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Jinfeng Wang [Mon, 4 Nov 2024 07:35:22 +0000 (15:35 +0800)]
tzdata/tzcode-native: upgrade 2024a -> 2024b
Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b84b29b1827624270cc1698feda2ee87d55c01e4) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Peter Marko [Wed, 30 Oct 2024 18:49:51 +0000 (19:49 +0100)]
cve-check: fix malformed cve status description with : characters
When CPE is not provided and character ":" is in cve status description,
current code takes only last part of split function.
This works only if there is no ":" in description, otherwise it drops
the other split parts.
Do a new split of the original string to take the whole description unchanged.
This fixes following entries from world build of poky+meta-oe+meta-python:
tiff-4.6.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2015-7313
CVE_STATUS: fixed-version: Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue
description: //security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue
corrected: Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue
gnupg-2.5.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2022-3219
CVE_STATUS: upstream-wontfix: Upstream doesn't seem to be keen on merging the proposed commit - https://dev.gnupg.org/T5993
description: //dev.gnupg.org/T5993
corrected: Upstream doesn't seem to be keen on merging the proposed commit - https://dev.gnupg.org/T5993
libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35325
CVE_STATUS: upstream-wontfix: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303
description: //github.com/yaml/libyaml/issues/303
corrected: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303
libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35326
CVE_STATUS: upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302
description: //github.com/yaml/libyaml/issues/302
corrected: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302
libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35328
CVE_STATUS: upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302
description: //github.com/yaml/libyaml/issues/302
corrected: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302
cpio-2.15-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2023-7216
CVE_STATUS: disputed: intended behaviour, see https://lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html
description: //lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html
corrected: intended behaviour, see https://lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html
openssh-9.9p1-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2023-51767
CVE_STATUS: upstream-wontfix: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1.
description: //bugzilla.mindrot.org/show_bug.cgi?id=3656#c1.
corrected: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1.
cups-2.4.10-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2021-25317
CVE_STATUS: not-applicable-config: This concerns /var/log/cups having lp ownership, our /var/log/cups is root:root, so this doesn't apply.
description: root, so this doesn't apply.
corrected: This concerns /var/log/cups having lp ownership, our /var/log/cups is root:root, so this doesn't apply.
unzip-1_6.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2008-0888
CVE_STATUS: fixed-version: Patch from https://bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source
description: //bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source
corrected: Patch from https://bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source
syslog-ng-4.7.0-r0 do_cve_check: CVE_STATUS with 6 parts for CVE-2022-38725
CVE_STATUS: cpe-incorrect: cve-check wrongly matches cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32
description: syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32
corrected: cve-check wrongly matches cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cc33dd9176726cb4b2d2f142ed1bc655da8e0a9f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3c4d8ca41ac0b429af92bf0ea84f1dfd0cda9e1f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Aditya Tayade [Mon, 21 Oct 2024 11:50:26 +0000 (17:20 +0530)]
e2fsprogs: removed 'sed -u' option
In embedded box, sed might be provided another providers like Busybox,
hence use generic options whenever possible.
/bin/sed -> /etc/alternatives/sed
/etc/alternatives/sed -> /bin/busybox.nosuid
Here used 'sed -u' option is not necessary, hence removed it.
Fixes below error:
sed: invalid option -- 'u'
Also added 'set -eux' option which halts execution of the script
on any failures.
Signed-off-by: Aditya Tayade <Aditya.Tayade@kpit.com> Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 07caee1829d2a61bc018fe0e37ecd482922179ee) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c8f87d5d4ec9f286b1e85d114cb9a728c1ff64b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Tom Hochstein [Fri, 18 Oct 2024 19:34:27 +0000 (14:34 -0500)]
weston: Add missing runtime dependency on freerdp
With rdp enabled, nothing from freerdp is installed in the rootfs, and
rdp is not usable. It seems there is no actual build time dependency
other than the meson check itself, so add an explicit runtime
dependency.
Signed-off-by: Tom Hochstein <tom.hochstein@oss.nxp.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 23271a1f908a223b4eb56d6034cbb1ac23da14fe) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Regis Dargent [Fri, 18 Oct 2024 13:32:38 +0000 (15:32 +0200)]
udev-extraconf: fix network.sh script did not configure hotplugged interfaces
Udev script network.sh is called when a new ethernet interface is plugged (eg. USB).
Due to some (old) missing files, this script does nothing, instead of configuring the
interfaces with ifup.
I just commented the corresponding lines to allow the script to reach the part where
it calls ifup.
Signed-off-by: Regis Dargent <regis.dargent@gmail.com>
Fixes [YOCTO 15616]
network.sh relies on (long) missing files (eg. /etc/network/options,
/etc/init.d/network) to decide if it should configure the new network
interface (ifup) or put its name in /etc/udev_network_queue for future
initialization by /etc/init.d/network service.
The actual result was that the new hotplugged interface was never
automatically configured.
Removing the obsolete tests allows the script to do its intended job.
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 160f7139172ffdf510a0d7d4e85f7fbaac7fd000) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Chen Qi [Fri, 18 Oct 2024 08:31:34 +0000 (01:31 -0700)]
libgfortran: fix buildpath QA issue
The '-fdebug-prefix-map' options are used to map source files locations,
otherwise, DW_AT_comp_dir will contain buildpath.
The '-gno-record-gcc-switches' option is used to fix the buildpath introduced
by '-fintrinsic-modules-path' option, which is automatically added by fortran.
Here's some output from 'readelf --debug-dump libgfortran.so.5.0.0' when this
option is not added:
"""
<0><1a37d3>: Abbrev Number: 4 (DW_TAG_compile_unit)
<1a37d4> DW_AT_producer : (indirect string, offset: 0xd653): GNU Fortran2008 14.2.0 -m64
-march=core2 -mtune=core2 -msse3
-mfpmath=sse -mshstk -g -O2 -O2 -fstack-protector-strong -fimplicit-none
-fno-repack-arrays -fno-underscoring -fcf-protection=full
-fallow-leading-underscore -fbuilding-libgfortran -fPIC
-fintrinsic-modules-path /ala-lpggp72/qichen/Yocto/builds/build-poky/tmp/work/
core2-64-poky-linux/libgfortran/14.2.0/recipe-sysroot-native/usr/bin/x86_64-poky-linux
/../../lib/x86_64-poky-linux/gcc/x86_64-poky-linux/14.2.0/finclude
-fpre-include=../../../../recipe-sysroot/usr/include/finclude/math-vector-fortran.h
"""
See https://gcc.gnu.org/pipermail/fortran/2024-October/061204.html for more
detailed information.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1eb084956bcba83782bc2b24cf8cc89459a57e34) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Mon, 14 Oct 2024 12:24:48 +0000 (13:24 +0100)]
groff: fix rare build race in hdtbl
It's possible to build the hdtbl examples before grn has been build:
groff: error: couldn't exec grn: No such file or directory
Backport a dependency fix from upstream.
[ YOCTO #15610 ]
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d590a32423d05cefc4e7282f971f633b3fa0b941) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Mon, 14 Oct 2024 12:24:47 +0000 (13:24 +0100)]
tcl: skip io-13.6 test case
---- Result was:
{abcdefghj
01234} 0
---- Result should have been (exact matching):
{abcdefghj
} 1 01234 0
==== io-13.6 FAILED
This test is documented as failing on slow machines, so just skip it.
[ YOCTO #15407 ]
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f69183586655294c9aed6687cebe57767c2f3eb8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Mikko Rapeli [Mon, 14 Oct 2024 10:28:16 +0000 (13:28 +0300)]
ovmf-native: remove .pyc files from install
They break builds which share sstate files on different
machines and paths:
ERROR: ovmf-edk2-stable202408-r0 do_prepare_recipe_sysroot: Error executing a python function in exec_func_python() autogenerated:
The stack trace of python calls that resulted in this exception/failure was:
File: 'exec_func_python() autogenerated', lineno: 2, function: <module>
0001:
*** 0002:extend_recipe_sysroot(d)
0003:
File: '/srv/pokybuild/yocto-worker/oe-selftest-fedora/build/meta/classes-global/staging.bbclass', lineno: 624, function: extend_recipe_sysroot
0620:
0621: # Handle deferred binfiles
0622: for l in binfiles:
0623: (targetdir, dest) = binfiles[l]
*** 0624: staging_copyfile(l, targetdir, dest, postinsts, seendirs)
0625:
0626: bb.note("Installed into sysroot: %s" % str(msg_adding))
0627: bb.note("Skipping as already exists in sysroot: %s" % str(msg_exists))
0628:
File: '/srv/pokybuild/yocto-worker/oe-selftest-fedora/build/meta/classes-global/staging.bbclass', lineno: 165, function: staging_copyfile
0161: os.symlink(linkto, dest)
0162: #bb.warn(c)
0163: else:
0164: try:
*** 0165: os.link(c, dest)
0166: except OSError as err:
0167: if err.errno == errno.EXDEV:
0168: bb.utils.copyfile(c, dest)
0169: else:
Exception: FileExistsError: [Errno 17] File exists: '/srv/pokybuild/yocto-worker/oe-selftest-fedora/build/build-st-667282/tmp/sysroots-components/x86_64/ovmf-native/usr/bin/edk2_basetools/BaseTools/Source/Python/AutoGen/__pycache__/WorkspaceAutoGen.cpython-312.pyc' -> '/srv/pokybuild/yocto-worker/oe-selftest-fedora/build/build-st-667282/tmp/work/core2-64-poky-linux/ovmf/edk2-stable202408/recipe-sysroot-native/usr/bin/edk2_basetools/BaseTools/Source/Python/AutoGen/__pycache__/WorkspaceAutoGen.cpython-312.pyc'
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit facd9e17fa53e2fb3a828b3f179cfb659be75d37) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 13 Oct 2024 07:37:07 +0000 (08:37 +0100)]
qemurunner: Clean up serial_lock handling
Avoid "RuntimeError: release unlocked lock" since the lock shouldn't
be locked even in the error path. Add a try/finally path to ensure
this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b0732ee009ca47580d1d2ad75334f4aa50e6efd5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Claus Stovgaard [Mon, 7 Oct 2024 20:39:46 +0000 (22:39 +0200)]
lib/oe/package-manager: skip processing installed-pkgs with empty globs
We can skip processing the installed-pkgs file if globs is empty.
This is the case if self.d.getVar for IMAGE_INSTALL_COMPLEMENTARY
returns an empty string. If globs is an empty string the result from
processing with empty glob in oe-pkgdata-util will always be 0 packages
to install.
Instead of return early on this we just skip and still generate the
locale archive if needed.
Signed-off-by: Claus Stovgaard <claus.stovgaard@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 160c45c83d5addf01e4834cf896af871bd6fca7f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pavel Zhukov [Thu, 10 Oct 2024 17:45:45 +0000 (19:45 +0200)]
package_rpm: Check if file exists before open()
Exception handler tries to read() /etc/passwd file in sysroot
and if file doesn't exist for any reason then it raises FileNotFoundError
exception which mask the original source of the problem and makes
debugging of the issue more difficult.
Fixes:
Exception: FileNotFoundError: [Errno 2] No such file or directory:
'/codebuild/output/src1899304708/src/build/tmp-container/work/core2-64-oe-linux/emqx-bin/4.3.12/recipe-sysroot/etc/passwd'
Signed-off-by: Pavel Zhukov <pavel@zhukoff.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4ad9a0e0b11eb7bc5a3dd45fc8945e094ea949e9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Robert Yang [Tue, 8 Oct 2024 15:47:27 +0000 (08:47 -0700)]
cml1.bbclass: do_diffconfig: Don't override .config with .config.orig
Fixed:
1) $ bitbake virtual/kernel -cmenuconfig
Do some changes and save the new config to default .config.
2) $ bitbake virtual/kernel -cdiffconfig
The config fragment is dumped into ${WORKDIR}/fragment.cfg.
But the .config which was saved by step #1 is overridden by .config.orig, so
the changes will be lost if run 'bitbake virtual/kernel'
And the following comment is for subprocess.call(), not for shutil.copy(),
so move subprocess.call() to the correct location.
# No need to check the exit code as we know it's going to be
# non-zero, but that's what we expect.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6cccf6b02f92dad514e65fd779ff659b19eb6be7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 13 Oct 2024 22:02:16 +0000 (23:02 +0100)]
oeqa/runtime/ssh: Fix incorrect timeout fix
I'd meant to change the command timeout in the previous change, fix
the correct one.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bb991988cb23be2c8947171726ada321f27e6eed) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 10 Oct 2024 09:32:06 +0000 (10:32 +0100)]
oeqa/runtime/ssh: Rework ssh timeout
After the changes to improve this test, we keep seeing image testing ssh
failures, particularly on mips.
It looks like part of the problem is that on a loaded system, 5s is too short
for mips to reliably establish an ssh connection. I've seen logs where it keeps
timing out and fails to work, then the debug code successfully uses ssh later after
everything else fails.
Change the timings/retries to give slow platforms enough time to respond.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ba64ccf3ad6e40461219b72d60eb0fe5cb38fddd) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Chen Qi [Wed, 9 Oct 2024 08:56:47 +0000 (01:56 -0700)]
toolchain-shar-extract.sh: exit when post-relocate-setup.sh fails
When LD_LIBRARY_PATH is set, post-relocate-setup.sh will fail and
exit properly. But such failure is ignored and the SDK installation
will continue and tell user that things succeed. This is misleading.
So exit immediately if post-relocate-setup.sh fails.
Fixes [Yocto #15586]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c8e2dcc1f71aa33cc6e56dfdebebbe7ef010c944) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Thu, 3 Oct 2024 19:50:05 +0000 (20:50 +0100)]
strace: download release tarballs from GitHub
Switch to downloading the release tarballs from GitHub. Their CDN is
rock solid, and strace.io is hosted inside Russia which some networks
are blocking.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bbdbd6d943a64e5b0dae4c2ee705d017fb7ef80e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Wed, 2 Oct 2024 23:12:52 +0000 (00:12 +0100)]
pseudo: Fix envp bug and add posix_spawn wrapper
Fix pseudo with python 3.13 by adding a wrapper for posix_spawn and
fixing a NULL pointer dereference in envp handling it uncovered. This
fixes issues on Fedora 41.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d80e20d70d170397f9827c5a5fc75ad1f2e8cd94) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Hiago De Franco [Tue, 5 Nov 2024 17:55:13 +0000 (14:55 -0300)]
weston: backport patch to allow neatvnc < v0.9.0
Currently weston 13.0.3 with neatvnc 0.8.1 does not compile when using
VNC:
| Dependency neatvnc found: NO found 0.8.1 but need: '< 0.8.0' ;
matched: '>= 0.7.0'
However weston upstream already increased the allowed version to 0.9.0,
since neatvnc 0.8.0 does not introduce any changes that breaks API used
by the VNC backend. Therefore, backport this patch.
Signed-off-by: Hiago De Franco <hiago.franco@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8516496018a3ee9e81a67d4682bf9784d0eab2bd) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 552b9913b25107d7a34611b499b7811896b5f098) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 92d609c49c0870ca10fcc39d52a801109d65a98b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Wang Mingyu [Wed, 9 Oct 2024 05:49:12 +0000 (13:49 +0800)]
wireless-regdb: upgrade 2024.07.04 -> 2024.10.07
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f124bb09a798d94eca5e93387bc361b147ce53f9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVSS v4.0 was released in November 2023
NVD announced support for it in June 2024
Current stats are:
* cvss v4 provided, but also v3, so cve-check showed a value
sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 != 0.0;
2069
* only cvss v4 provided, so cve-check did not show any
sqlite> select count(*) from nvd where scorev4 != 0.0 and scorev3 = 0.0;
260
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 358dbfcd80ae1fa414d294c865dd293670c287f0) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Added the "modified" field to the JSON export in the
cve-check.class. This field captures the last modification date of each
CVE, providing more detailed information on changes and updates within
the exported data.
Signed-off-by: Katawann <quent_55@hotmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 740b8a0b23c4021d07c3714420e3ea8b46e61454) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ola x Nilsson [Wed, 23 Oct 2024 08:49:04 +0000 (10:49 +0200)]
glibc: Fix missing randomness in __gen_tempname
Backport the fix for glibc bug 32214.
The missing randomness in early boot may cause some systemd services
to fail when they occasionally try to create tempdirs like
/run/systemd/namespace-aaaaaa at the same time.
The error messages can contain things like
"Failed to set up mount namespacing".
Signed-off-by: Ola x Nilsson <olani@axis.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
aszh07 [Thu, 17 Oct 2024 05:31:42 +0000 (11:01 +0530)]
ffmpeg: Add "libswresample libavcodec" to CVE_PRODUCT
Currently, CVE_PRODUCT only detects vulnerabilities where the product is "ffmpeg".
However, there are also vulnerabilities where the product is "libswresample",
and "libavcodec" as shown below.
https://app.opencve.io/vendors/?vendor=ffmpeg
Therefore, add "libswresample libavcodec" to CVE_PRODUCT to detect vulnerabilities
where the product is "libswresample libavcodec" as well.
Signed-off-by: aszh07 <mail2szahir@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9684eba5c543de229108008e29afd1dd021a9799) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Tue, 8 Oct 2024 19:30:55 +0000 (20:30 +0100)]
ffmpeg: no need for textrel INSANE_SKIP
It appears in testing that modern ffmpeg no longer needs to disable PIC,
so there's no need to ignore textrel warnings.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 98d577fef75d54a59eeacaabb4a45e44b2f6832e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ross Burton [Tue, 8 Oct 2024 19:30:54 +0000 (20:30 +0100)]
ffmpeg: nasm is x86 only, so only DEPEND if x86
No need to depend on nasm if we're not going to use it.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b99ea7f130c3f945af9a09a6ecf85b6ff8f4b710) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Wang Mingyu [Wed, 25 Sep 2024 06:48:56 +0000 (14:48 +0800)]
orc: upgrade 0.4.39 -> 0.4.40
Changelog:
===========
- Security: Minor follow-up fixes for CVE-2024-40897
- powerpc: fix div255w which still used the inexact substitution
- x86: work around old GCC versions (pre 9.0) having broken xgetbv
implementations
- x86: consider MSYS2/Cygwin as Windows for ABI purposes only
- x86: handle unnatural and misaligned array pointers
- orccodemem: Assorted memory mapping fixes
- Fix include header use from C++
- Some compatibility fixes for Musl
- ppc: Disable VSX and ISA 2.07 for Apple targets
- ppc: Allow detection of ppc64 in Mac OS
- x86: Fix non-C11 typedefs
- meson: Fix detecting XSAVE on older AppleClang
- x86: try fixing AVX detection again by adding check for XSAVE
- Check return values of malloc() and realloc()
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ed7e4eb12491968c5f962b7e89d557c2c6d86a33) Signed-off-by: Steve Sakoman <steve@sakoman.com>
image.bbclass: Drop support for ImageQAFailed exceptions in image_qa
After commit 905e224849fbbed1719e0add231b00e2d570b3b4 (image_qa: fix
error handling), any unexpected exceptions in do_image_qa() would result
in a variable being set, but never used, effectively hiding the error.
Since image_qa now calls oe.qa.exit_if_errors(), remove the support for
oe.utils.ImageQAFailed and instead rely on the called functions to call
oe.qa.handle_error() themselves. This matches what do_package_qa() does.
Also update the description of do_image_qa() to explain that the called
functions are expected to call oe.qa.handle_error() themselves.
[ YOCTO #15601 ]
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c3e111c965af2bc56533633c376b70b7fa5e1de) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Niko Mauno [Tue, 22 Oct 2024 08:16:55 +0000 (08:16 +0000)]
bitbake.conf: Mark VOLATILE_TMP_DIR as obsolete
This variable was removed in
https://git.yoctoproject.org/poky/commit/?id=2f46b6f27dfa3a9d5ad177900fcecfe64c3536f1
("bitbake.conf: drop VOLATILE_TMP_DIR, use FILESYSTEM_PERMS_TABLES instead")
so ensure that distributions become aware that it no longer has any
effect.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
