Dan McGregor [Fri, 28 Feb 2025 20:32:06 +0000 (14:32 -0600)]
openssl-native(sdk): poision built in paths
Long ago, in the OpenSSL 1.1 days changing CFLAGS worked to override
hard-coded paths in the OpenSSL libraries. Even as far back as
kirkstone this was no longer working.
Override make variables instead to poision the paths that get built
into the native (and nativesdk) libraries so they become relocatable
again.
While here, remove the -isystem<foo> compiler argument from the compiler
command line stored in the library, just like we already remove the
prefix-map and sysroot arguments.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Vijay Anusuri [Mon, 24 Feb 2025 06:30:37 +0000 (12:00 +0530)]
libtasn1: upgrade 4.19.0 -> 4.20.0
* Noteworthy changes in release 4.20.0 (2025-02-01) [stable]
- The release tarball is now reproducible.
- We publish a minimal source-only tarball generated by 'git archive'.
- Update gnulib files and various build/maintenance fixes.
- Fix CVE-2024-12133: Potential DoS in handling of numerous SEQUENCE OF or SET
OF elements
License-Update: file COPYING.LESSER renamed to COPYING.LESSERv2 & Copyright year updated to 2025
Ross Burton [Mon, 3 Mar 2025 16:15:27 +0000 (16:15 +0000)]
systemd-serialgetty: use existing unit files in systemd
Now that systemd isn't deleting the serial-getty@.service unit template
files, we can simply symlink to the files provided by systemd instead of
shipping a copy of them in this recipe.
This ensures that the getty units triggered by the systemd are identical,
be them via SERIAL_CONSOLES or the generator.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 27 Feb 2025 15:35:34 +0000 (15:35 +0000)]
ltp: don't use host objcopy
The kernel/kvm test uses the host objcopy when building a payload, but
the host objcopy might not know how to deal with target binaries:
CC testcases/kernel/kvm/lib_host.o
objcopy: Unable to recognise the format of the input file `kvm_svm03-payload.elf'
make[3]: *** [ltp/testcases/kernel/kvm/Makefile:67: kvm_svm03-payload.o] Error 1
Solve this by using the host-prefixed objcopy binary.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Previously, download-ci-llvm was set to false. However, with the following commit:
https://github.com/rust-lang/rust/commit/7d579046c80d3de3143dcb8b2db5640f95b5383c ,
which has been present from rust_1.83, it was changed to true. As a result, after
updating to rust_1.83, we encountered the following error during the build:
-------------------------------------------------------------------------------
| thread 'main' panicked at src/core/config/config.rs:2047:13:
| setting build-target.llvm-config is incompatible with download-ci-llvm.
| note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
-------------------------------------------------------------------------------
To resolve this issue, we are setting download-ci-llvm back to false.
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rust stable version updated to 1.83.0.
https://blog.rust-lang.org/2024/11/28/Rust-1.83.0.html
Renamed and modified the below patch to adapt the new version.
rv32-cargo-rustix-0.38.34-fix.patch->rv32-cargo-rustix-0.38.37-fix.patch
Modified the below patches to adapt the new version.
repro-issue-fix-with-cc-crate-hashmap.patch
revert-link-std-statically-in-rustc_driver-feature.patch
Because of the following commit ,
https://github.com/rust-lang/rust/commit/68034f837a39387e49fc7d7c5b088f5372a1127e
when we enable lib32, getting build failure because there is a check for target
support for "-Zdual-proc-macros" flag not functioning properly when lib32 is
enabled in the build environment. So for now reverting this commit and bring
back the previous behavior, where the "-Zdual-proc-macros" flag is always
added for building proc macros, regardless of the target architecture's support.
This would bypass the check introduced in the patch, allowing the build to
proceed without error, even when building for a 64-bit architecture with lib32 enabled.
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 7 Jan 2025 14:18:12 +0000 (14:18 +0000)]
bitbake.conf: Start to separate out gcc related variable definitions
To be able to switch toolchains, we need to separate out the gcc definitions
into seperate include files. This patch starts that process. Whilst the
include is still hardcoded for now, it allows developers to start experimenting
with this locally more easily and stops people reinventing this patch. A
sample clang configuruation is also included which I was using for experimentation.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 3 Mar 2025 13:13:31 +0000 (13:13 +0000)]
qemurunner: Fix a bug with fork/exit handling
If you send this forked process a SIGTERM, it will execute all of the
parent's exit code leading to two sets of console/exit output which is
extremely confusing. Wrap the code in a try/finally to ensure we always
call os._exit() to avoid this.
I spent far too long trying to work out the crazy console output from this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Marta Rybczynska <marta.rybczynska@ygreky.com> Signed-off-by: Marta Rybczynska <mrybczynska@syslinbit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Mon, 3 Mar 2025 07:25:04 +0000 (15:25 +0800)]
python3: update python3-ctypes RDEPENDS to RRECOMMENDS
ctypes.util.find_library depend on run external programs(ldconfig, gcc,
objdump or ld) to get the pathname, if none of above are installed, None
is returned. Previously, RDEPENDS to ldconfig is added to ensure it
always work when installed.
This commit change it to RRECOMMENDS, this allows user who don't use
function find_library could remove ldconfig from image by
PACKAGE_EXCLUDE
Christos Gavros [Sun, 2 Mar 2025 17:01:32 +0000 (18:01 +0100)]
go: Check if GO_IMPORT is set in recipe and error if not
Check if the variable GO_IMPORT is
set in the recipe. If not generate an error.
Test building go-helloworld when GO_IMPORT assigned
Test building go-helloworld when GO_IMPORT is not assigned, generate error about GO_IMPORT
Test building any other recipe(e.g bash) when GO_IMPORT is not assigned, generate error about GO_IMPORT
Test creating a GO recipe with recipetool (not affected)
Test selftest test_recipetool_create_go (not affected)
Test selftest test_recipetool_create_go_replace_modules (not affected)
[YOCTO #15763]
CC: Yoann Congal <yoann.congal@smile.fr> CC: Randy MacLeod <randy.macleod@windriver.com> Signed-off-by: Christos Gavros <gavrosc@yahoo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alex Kiernan [Sun, 2 Mar 2025 16:50:55 +0000 (16:50 +0000)]
boost: Use PN/BPN for naming of packages
Rework the anon Python so that it doesn't expect to find non-MLPREFIXed FILES
overrides which are then mapped into MLPREFIXed versions, this allows the
apparent hardcoding of boost-{test,serialization} to be written more naturally
(and is significantly less surprising).
With this, and a change to lookup ${BPN} when generating split package names,
generating an explicitly versioned boost package (e.g. "boost-1.82") alongside
the main boost package ("boost") can be done by copying/renaming the older
recipe. This is useful when upstream code hasn't yet been ported to newer
boost and an older version is required.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
hongxu [Sun, 2 Mar 2025 04:53:39 +0000 (12:53 +0800)]
tcmode-default: bump GOVERSION to 1.24.0
Due to we have upgraded go to 1.24.0, we should also bump GOVERSION
to fix preferred version warning
...
WARNING: preferred version 1.22% of go not available (for item go)
WARNING: versions of go available: 1.24.0
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enrico Jörns [Fri, 28 Feb 2025 07:42:27 +0000 (08:42 +0100)]
cml1.bbclass: use consistent make flags for menuconfig
The class called 'make menuconfig' without any of the make variables and
options set in EXTRA_OEMAKE, resulting in a quite different build
environment than actually intended.
For the kernel.bbclass this was fixed in commit 8c616bc0 ("kernel: Use
consistent make flags for menuconfig") by appending ${EXTRA_OEMAKE} to
KCONFIG_CONFIG_COMMAND.
Instead of fixing this individually for additional recipes, we simply
include ${EXTRA_OEMAKE} in KCONFIG_CONFIG_COMMAND by default.
For most class users, this change is directly visible in the generated
.config file:
* For barebox and u-boot, the CONFIG_GCC_VERSION erroneously reflected
the host GCC version before where it now correctly reflects the target
toolchain's GCC.
* For u-boot, also the "Compiler: " line at the beginning of the .config
now prints the target toolchain instead of the host ones.
* The kernel had this already set.
* busybox did not produce any difference.
Note that these projects might base some compile-time decisions on e.g.
the actual compiler version used. Having the wrong one in the
menuconfig-generated .config affects at least the visibility and
consistency.
Markus Volk [Thu, 27 Feb 2025 08:57:17 +0000 (09:57 +0100)]
boost: add charconv lib
In boost 1.85 a charconv implementation in c++11 was added
[https://www.boost.org/doc/libs/master/libs/charconv/doc/html/charconv.html]
This is already used in real life and e.g. building the current wesnoth release fails with:
| /usr/src/debug/wesnoth/1.19.9/src/utils/charconv.hpp:57:(.text+0x238b): undefined reference to `boost::charconv::to_chars(char*, char*, double, boost::charconv::chars_format)'
Add charconv to BOOST_LIBS to provide the library
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
After the removal of BSD-4-Clause from LICENSE in commit 362435b0aec
(libbsd: Drop licenses that were removed upstream), the licenses for all
packages match the licenses for the recipe. Thus there is no longer any
reason to explicitly specify the package licenses.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It does not seem to fix the issue it was supposed to fix.
Additionally it breaks code which decides in full/partial update,
because it manipulates timestamp that code is relying on.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mikko Rapeli [Thu, 27 Feb 2025 09:12:32 +0000 (11:12 +0200)]
psplash: ignore startup errors in psplash-systemd.service
psplash-systemd.service depends on FIFO created by psplash-start@fb0.service.
This FIFO can be removed due to signals or /dev/fb0 related errors
when psplash-start@fb0.service exits. This exit can happen
when psplash-systemd.service is being started. Thus ignore
all errors in psplash-systemd.service startup.
There are too many ways things can go wrong and all of them
leave open race conditions unless a single process handles
all of the psplash usecases including progress bar updates.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The current code for multiple argument passing is horrible. Tweak the
multiprocess_launch function to only convert to a tuple if it isn't already
one, which means we can then use function arguments in a standard way.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
classes/insane: do not leak host uid/gid into package_qa sstate signatures
This prevented package_qa sstate from being reusable unless host uid/gid
values would match exactly (and they unfortunately do on the yocto autobuilder
worker machines which all share a 'pokybuild' user).
I noticed this when testing CDN sstate reuse, which otherwise works well.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Gamblin [Wed, 26 Feb 2025 17:39:50 +0000 (12:39 -0500)]
python3-roman-numerals-py: add recipe
roman-numerals-py is a module providing utilities for working with
well-formed Roman numerals. python3-sphinx relies on this now, so add it
as a recipe.
Enrico Jörns [Wed, 26 Feb 2025 13:39:20 +0000 (14:39 +0100)]
barebox: upgrade 2024.12.0 -> 2025.02.0
Due to some musl build issues with 2025.01.0, we skip this version and
move forward to 2025.02.0 directly.
Changes in 2025.01.0
--------------------
* Added LLVM/Clang support for the sandbox architecture.
* Enabled command execution from the sandbox command line.
* Improved TFTP with dentry caching and default-disabled window size.
* Introduced hardening features: register zeroing, stack variable
initialization, and malloc buffer zeroing.
* Enhanced AM625 support with network support, watchdog driver, and
bootsource detection.
* Several memory overflow fixes for different filesystems.
* Added 'Security Considerations' guideline:
https://www.barebox.org/doc/latest/user/security.html
* Added FIT image build target for booting barebox 2nd stage from a
U-Boot with the bootm command (for development purpose).
* AM625 1st stage support including DDR, clock and power domain drivers.
* Added support for the AM625-SK board
* Added support for the Pine64 PineTab 2 (Rockchip)
* CVE's fixed:
- CVE-2025-26721
- CVE-2025-26722
- CVE-2025-26723
- CVE-2025-26724
- CVE-2025-26725
The zstd library will be automatically linked by detecting the feature
libzstd. It is no need to explicitly link it for static builds, so
remove the redundant linkage.
It is contradictory to detect the feature libelf-zstd while the build
configuration NO_LIBZSTD is set. Report an error for reminding users
not to set NO_LIBZSTD.
Signed-off-by: Leo Yan <leo.yan@arm.com> Tested-by: Namhyung Kim <namhyung@kernel.org> Acked-by: Andrii Nakryiko <andrii@kernel.org> Cc: Adrian Hunter <adrian.hunter@intel.com> Cc: Alexei Starovoitov <ast@kernel.org> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Eduard Zingerman <eddyz87@gmail.com> Cc: Guilherme Amadio <amadio@gentoo.org> Cc: Hao Luo <haoluo@google.com> Cc: Ian Rogers <irogers@google.com> Cc: James Clark <james.clark@linaro.org> Cc: Jiri Olsa <jolsa@kernel.org> Cc: John Fastabend <john.fastabend@gmail.com> Cc: KP Singh <kpsingh@kernel.org> Cc: Kan Liang <kan.liang@linux.intel.com> Cc: Martin KaFai Lau <martin.lau@linux.dev> Cc: Nick Terrell <terrelln@fb.com> Cc: Quentin Monnet <qmo@kernel.org> Cc: Song Liu <song@kernel.org> Cc: Stanislav Fomichev <sdf@google.com> Cc: Yonghong Song <yonghong.song@linux.dev> Link: https://lore.kernel.org/r/20241215221223.293205-3-leo.yan@arm.com Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Enforces that zstd must be enabled if libelfstd is detected.
Our build of perf and the other default features lead to libelf-zstd
being detected, and hence the build aborts when the features are
checked.
We can't condionally enable this for 6.14+ kernels due to the way that
the perf recipe works. The feature is minor and probably should have
already been in the defaults. To keep things simple, we just enable it
and will watch for any fallout.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Jamin Lin [Mon, 17 Feb 2025 08:52:33 +0000 (16:52 +0800)]
oe-selftest: fitimage: add testcases to test ATF and TEE
Add "test_uboot_atf_tee_fit_image" test caste to check u-boot FIT image and
Image Tree Source(ITS) are built and the ITS has the correct fields.
Add "test_sign_standalone_uboot_atf_tee_fit_image" test case to check if u-boot
FIT image and Image Tree Source (ITS) are created and signed correctly for the
scenario where only the u-boot proper fitImage is being created and signed.
Currently, ATF and TEE(optee-os) recipes are placed in meta-arm layer.
OpenEmbedded-Core is a basic and core meta layer. To avoid OpenEmbedded-core
depends meta-arm, both test cases are used dummy images for testing.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Jamin Lin [Mon, 17 Feb 2025 08:52:32 +0000 (16:52 +0800)]
uboot-sign: support to add users specific image tree source
Currently, uboot-sign.bbclass only supports to create Image Tree Source(ITS)
for "u-boot" and "flat_dt". However, users may want to add their private
images into u-boot FIT image for specific application and purpose.
To make this bbclass more flexible and support to add users specific snippet
ITS, creates a new "UBOOT_FIT_USER_SETTINGS" variable. Users can add their
specific snippet ITS into this variable.
Jamin Lin [Mon, 17 Feb 2025 08:52:31 +0000 (16:52 +0800)]
uboot-sign: support to create TEE and ATF image tree source
Currently, uboot-sign.bbclass only supports to create Image Tree Source(ITS)
for "u-boot" and "flat_dt". However, users may want to support multiple images
such as ARM Trusted Firmware(ATF), Trusted Execution Environment(TEE) and
users private images for specific application and purpose.
To make this bbclass more flexible and support ATF and TEE, creates new
functions which are "uboot_fitimage_atf" and "uboot_fitimage_tee"
for ATF and TEE ITS file creation, respectively.
Add a variable "UBOOT_FIT_ARM_TRUSTED_FIRMWARE" to
enable ATF ITS generation and it is disable by default.
Add a variable "UBOOT_FIT_TEE" to enable TEE ITS generation
and it is disable by default.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Trevor Gamblin [Wed, 26 Feb 2025 02:54:35 +0000 (21:54 -0500)]
python3-flit-core: upgrade 3.10.1 -> 3.11.0
This update is required for latest versions of packages such as sphinx
to build with flit, otherwise you encounter errors like:
| File "/home/tgamblin/workspace/yocto/poky/build/tmp/work/core2-64-poky-linux/python3-sphinx/8.2.1/recipe-sysroot-native/usr/lib/python3.13/site-packages/flit_core/config.py", line 444, in _check_type
| raise ConfigError(
| "{} field should be {}, not {}".format(field_name, cls, type(d[field_name]))
| )
| flit_core.config.ConfigError: license field should be <class 'dict'>, not <class 'str'>
|
| ERROR Backend subprocess exited when trying to invoke get_requires_for_build_wheel
For now, only a single license identifier is allowed. More complex
expressions describing multiple licenses & expressions may be
supported in a future version.
- The metadata format in produced packages is now version 2.4, to
support the expanded license information.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rasmus Villemoes [Mon, 24 Feb 2025 21:22:08 +0000 (22:22 +0100)]
openssl: honour calling environment's values in wrapper script
When using openssl with some pkcs#11 plugin module, one (usually)
needs to set the OPENSSL_CONF environment variable
appropriately, and e.g. invoke openssl as
openssl dgst -engine pkcs11 -keyform engine ...
However, when putting that logic in a bitbake recipe and depending on
openssl-native (and the recipe providing the pkcs#11 engine and the
associated configuration file), the value of OPENSSL_CONF is
unconditionally overridden by the wrapper script.
If openssl was invoked directly in the task function, I could probably
call "openssl.real" instead, but then I miss the proper settings of
the other four variables, which I'd then also have to repeat in my
recipe. Moreover, sometimes openssl is only called via some helper
script (for example rpi-eeprom-digest for signing bootloader images
for RPi), and it's not reasonable to patch every such script to call
openssl.real.
So rewrite the wrapper such that if a variable is already set in the
environment before openssl is invoked, preserve its value.
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rasmus Villemoes [Mon, 24 Feb 2025 21:16:03 +0000 (22:16 +0100)]
openssl: fold result of sed invocation into environment file
A long time ago, the environment.d-openssl.sh file was shared between
openssl 1.0 and openssl 1.1 recipes, and sed was used to make the path
right for the 1.1 version. Nowadays, with only a single recipe, this
is a bit roundabout, so just use the proper path in the file directly.
Signed-off-by: Rasmus Villemoes <ravi@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 25 Feb 2025 14:26:36 +0000 (14:26 +0000)]
freetype: pass missing include paths to autoreconf
Now that autotools isn't searching for every m4 file the configure fails.
This is because freetype only uses autoconf and has a manual autogen.sh
script that passes -I. itself.
As we don't call that script, pass -I . to autoreconf ourselves.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 25 Feb 2025 14:26:34 +0000 (14:26 +0000)]
recipes/*: remove obsolete use of acpaths
The bulk of these recipes used acpaths to work around argument list
limits as we passed the full path to every directory. As this behaviour
no longer happens we can remove these workarounds.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 25 Feb 2025 14:26:33 +0000 (14:26 +0000)]
autotools: don't try and find in-tree macros
autotools has improved a lot since this class was written, and there's
now no need to search the source tree for m4 files and add them to the
include path.
If packages have macros in subdirectories the idiom is to tell aclocal
via an assignment in Makefile.am:
ACLOCAL_AMFLAGS = -I gl/m4 -I m4
If, for example, a package isn't autoreconfable out of the box (because
it has a non-trivial autogen.sh or similar, say) then the required -I
statements can be added to EXTRA_AUTORECONF.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hongxu Jia [Mon, 24 Feb 2025 07:52:27 +0000 (15:52 +0800)]
socat: upgrade 1.8.0.2 -> 1.8.0.3
According to [1]:
2025-02-21: Socat version 1.8.0.3 has been released. It fixes a lot of minor
issues and provides some minor improvements, see file CHANGES [2]. The
experimental POSIXMQ feature has been improved, got a few new options,
and is now considered stable.
Hongxu Jia [Mon, 17 Feb 2025 08:22:14 +0000 (00:22 -0800)]
gpgme: upgrade 1.24.1 -> 1.24.2
Noteworthy changes in version 1.24.2 (2025-02-10)
-------------------------------------------------
Take care: This version is from a legacy branch of gpgme created
just before we split out the C++, Qt, and Python bindings to
separate repositories and bumped the version number up to 2.0.
* Fix regression for RSA in gpgme_pubkey_algo_string. [T7508]
* Prevent failing tests after 2027-05-15. [T7471]
[c=C44/A33/R2 cpp=C27/A21/R2 qt=C21/A6/R2]
Release-info: https://dev.gnupg.org/T7524
See NEWS in https://www.gnupg.org/ftp/gcrypt/gpgme/gpgme-1.24.2.tar.bz2 for details
Hongxu Jia [Mon, 17 Feb 2025 07:14:32 +0000 (15:14 +0800)]
man-pages: upgrade 6.9.1 -> 6.11
1. Due to upstream commit [GNUmakefile: Require the user to specify
'-R' if their make(1) is too old][1], add option -R to make
2. Due to upstream commit [src/bin/pdfman, scripts/bash_aliases,
pdfman.1: Make pdfman a standalone program, and add a manual page][2],
inherit bbclass lib_package to use package ${PN}-bin to collect newly
added scripts and runtime depends on bash
Fabio Berton [Sun, 23 Feb 2025 10:19:14 +0000 (10:19 +0000)]
ccache.conf: Add include_file_ctime to sloppiness
When multiple recipes are built in parallel, Ccache sometimes refuses to
lookup some objects in cache, leading to undesired cache misses. The
root cause of this is an interaction between the way how bitbake
constructs a recipe sysroot and Ccache's `include_file_ctime` check.
Whenever bitbake creates a recipe's sysroot it hardlinks the files
provided by a recipes dependencies. Adding a hardlink to a file changes
it's ctime which in turn leads Ccache to believe that the file was
modified thus aborting the cache lookup.
To avoid this situation, add `include_file_ctime` to the list of checks
that should be ignored using the Ccache sloppiness configuration option
[1].
Example of a log entry that Ccache ignores a file:
/
|recipe-sysroot/usr/include/bits/pthread_stack_min.h had status change
|near or after invocation (ctime 1739822508.107677255, invocation time
|1739822507.970071107)
\
OE FIT_SIGN_INDIVIDUAL is implemented in an unusual manner,
where the resulting signed fitImage contains both signed
images and signed configurations, possibly using different
keys. This kind of signing of images is redundant, but so is
the behavior of FIT_SIGN_INDIVIDUAL="1" and that is here to
stay.
Adjust the process of public key insertion into u-boot.dtb
such that if FIT_SIGN_INDIVIDUAL==1, the image signing key
is inserted into u-boot.dtb first, and in any case the
configuration signing key is inserted into u-boot.dtb last.
The verification of the keys inserted into u-boot.dtb against
unused.itb is performed only for FIT_SIGN_INDIVIDUAL!=1 due to
mkimage limitation, which does not allow mkimage -f auto-conf
to update the generated unused.itb, and instead rewrites it.
Fixes: 259bfa86f384 ("u-boot: kernel-fitimage: Fix dependency loop if UBOOT_SIGN_ENABLE and UBOOT_ENV enabled") Signed-off-by: Marek Vasut <marex@denx.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enrico Scholz [Fri, 21 Feb 2025 13:58:38 +0000 (14:58 +0100)]
cargo_common: use 'config.toml' instead of plain 'config'
cargo configuration has been renamed from plain 'config' to
'config.toml' in rust-1.38.
Using the old name is still supported but creates warnings like
| $ cargo
| warning: `/sdk.../home/cargo/config` is deprecated in favor of `config.toml`
| note: if you need to support cargo 1.38 or earlier, you can symlink `config` to `config.toml`
Yi Zhao [Fri, 21 Feb 2025 08:12:06 +0000 (16:12 +0800)]
kea: make kea environment available to lfc process
If the location of the log lock file is changed using the environment
variable KEA_LOCKFILE_DIR, the kea-dhcp process will work properly, but
the lfc (lease file cleanup) process spawned by it will not inherit this
value and use the default path[1], which will cause the kea server to
print the following message when running:
kea-dhcp4[6767]: Unable to use interprocess sync lockfile (No such file or directory): /var/run/kea/logger_lockfile
Robert Yang [Fri, 21 Feb 2025 03:23:43 +0000 (19:23 -0800)]
runqemu: Set target to rootfs when target is empty
Fixed:
$ runqemu qemux86-64 core-image-minimal
runqemu - ERROR - IMAGE_LINK_NAME wasn't set to find corresponding .qemuboot.conf file
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Fri, 21 Feb 2025 02:30:08 +0000 (10:30 +0800)]
pango: upgrade 1.55.5 -> 1.56.1
Add python3-docutils-native to provide rst2html5
Changelog:
==========
- Avoid criticals when there are no fonts
- fontconfig: Handle lack of FC_FONT_WRAPPER in font cache
- fontconfig: Prefer application fonts even if they are older
- Support setting font features in font descriptions
- serialization: Document the tab array format
- serialization: Accept attributes without range
- win32: Improve the pango_font_map_reload_implementation
- win32: Take variations into account for caching
- layout: Fix measuring ellipsis runs with shapes
- build: Require C11
- build: Require GLib 2.80
- build: Require cairo 1.18
[RP: Use += instead of :append for DEPENDS] Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sebastian Zenker [Tue, 18 Feb 2025 13:54:23 +0000 (14:54 +0100)]
kernel.bbclass: Handle possible multiconfig.
When specifying the dependencies of do_bundle_initramfs the current
multiconfig might not be the default. This fixes the dependencies between
the multiconfigs if the current differs to default.
Signed-off-by: Mueller, Daniel <daniel.mueller@karlstorz.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Thu, 20 Feb 2025 03:57:24 +0000 (11:57 +0800)]
Revert "python3-ctypes: depend on ldconfig only if distro-feature set"
In oe-core, function ldconfig_postinst_fragment use exist of
/sbin/ldconfig to decide if ldconfig is runned to generate the cache,
and function _run_ldconfig will run ldconfig to generate cache during
generate rootfs. ldconfig.service is actually not used since we have
generate ld.so.cache during do_rootfs, refer[1][2][3]. ldconfig
dependency is necessary when ldconfig not in DISTRO_FEATURES.
The reverted commit causes regression when ldconfig not in
DISTRO_FEATURES, before, without ldconfig in DISTRO_FEATURES,
ctypes.util.find_library(name) can find the lib if it is installed, now,
since ldconfig is not installed, ctypes.util.find_library(name) cannot
find the lib even if it is installed.
Here is one usecase(gtk+3 lib is installed, ctypes.util.find_library
used to find the lib):
import wx.lib.wxcairo as wxcairo
File "/usr/lib/python3.13/site-packages/wx/lib/wxcairo/{}init{}.py", line 59, in <module>
from .wx_cairocffi import _ContextFromDC, _FontFaceFromFont
File "/usr/lib/python3.13/site-packages/wx/lib/wxcairo/wx_cairocffi.py", line 189, in <module>
gdkLib = _findGDKLib()
File "/usr/lib/python3.13/site-packages/wx/lib/wxcairo/wx_cairocffi.py", line 181, in _findGDKLib
return _findHelper([libname], 'gdk',
"Unable to find the GDK shared library")
File "/usr/lib/python3.13/site-packages/wx/lib/wxcairo/wx_cairocffi.py", line 170, in _findHelper
raise RuntimeError(msg)
RuntimeError: Unable to find the GDK shared library
Chen Qi [Thu, 20 Feb 2025 13:24:19 +0000 (05:24 -0800)]
debugedit: fix build failure when enabling DEBUG_BUILD
When DEBUG_BUILD is enabled, we use "-Og" gcc options. In such
case, the xxhash functions are considered not inline, yet debugedit.c
defined XXH_INLINE_ALL to force inline, thus causing build failure.
Backport a patch which add "--disable-inlined-xxhash" option and
make debugedit use that option when DEBUG_BUILD is enabled.
The 0003-Makefile.am-do-not-update-manual.patch is moved from musl
specific patch to SRC_URI, because we now have a patch to modify debugedit.c
and this will cause manual to be generated again. This is unnecessary and
will report help2man missing.
Dmitry Baryshkov [Thu, 20 Feb 2025 09:03:17 +0000 (11:03 +0200)]
linux-firmware: make linux-firmware-qcom-qcm6490-wifi provide -qcs6490-
The package linux-firmware-qcom-qcm6490-wifi also provides a symlink
qcom/qcs6490/wpss.mbn. Follow the pattern established by
linux-firmware-qcom-qcm6490-audio and -compute packages and make this
package RPROVIDE the qcs6490 name.
Peter Marko [Wed, 19 Feb 2025 17:40:28 +0000 (18:40 +0100)]
libsass: fix fetched commit hash
Old commit hash is for v3.6.5, not v3.6.6.
https://github.com/sass/libsass/tags
Old version contains several vulnerabilities.
Note that exact recipe copy of recipe introduced in oe-core was never
present in oe.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Wed, 19 Feb 2025 17:40:27 +0000 (18:40 +0100)]
sassc: set status of CVE-2022-43357
When this recipe was copied from oe, last commit was missing.
https://git.openembedded.org/meta-openembedded/commit/?id=576b84263bac4dda26d84d116a9e7628a126f866
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Wed, 19 Feb 2025 06:53:34 +0000 (22:53 -0800)]
python3: Skip test_write_read_append
We use editline by default and test_write_read_append also fails especially on musl
since this needs to be fixed upstream, extend the skip for test_write_read_append along
with other history manipulation tests being skipped.
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[CVE-2025-24928] Fix stack-buffer-overflow in xmlSnprintfElements
[CVE-2024-56171] Fix use-after-free after xmlSchemaItemListAdd
pattern: Fix compilation of explicit child axis
Regressions
xmllint: Support compressed input from stdin
uri: Fix handling of Windows drive letters
reader: Fix return value of xmlTextReaderReadString again
SAX2: Fix xmlSAX2ResolveEntity if systemId is NULL
Portability
dict: Handle ENOSYS from getentropy gracefully
Fix compilation with uclibc (Dario Binacchi)
python: Declare init func with PyMODINIT_FUNC
tests: Fix sanitizer version check on old Apple clang
cmake: Work around broken sys/random.h in old macOS SDKs
Build
autotools: Set AC_CONFIG_AUX_DIR
cmake: Always build Python module as shared library
cmake: add missing Bcrypt link on Windows (Saleem Abdulrasool)
cmake: Fix compatibility in package version file
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Wed, 19 Feb 2025 02:39:43 +0000 (10:39 +0800)]
libpcre2: upgrade 10.44 -> 10.45
License-Update:
- LICENCE renamed to LICENCE.md
- format changed
- add "SPDX-License-Identifier: BSD-3-Clause WITH PCRE2-exception" to the top of LICENCE file
- add contribution information
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sofiane HAMAM [Wed, 19 Feb 2025 12:31:03 +0000 (13:31 +0100)]
sanity: Check for non ascii chars in TOPDIR
Some modules (like Perl's MakeMaker) do not support non ASCII
characters in build folder's path, this would cause build failures
of software that does not support non ASCII.
A sanity check is added to warn the user.
Fixes [YOCTO #15764]
Signed-off-by: Sofiane HAMAM <sofiane.hamam@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A new feature "Link std statically in rustc_driver" was introduced
in rust_1.82 [https://github.com/rust-lang/rust/pull/122362],and
which is causing the below failure in oe-selftest.
Running unittests src/main.rs (build/x86_64-unknown-linux-gnu/stage1-rustc/
x86_64-poky-linux-gnu/release/deps/rustc_main-92223b15c9f2d827)
uploaded ".../build/x86_64-unknown-linux-gnu/stage1-rustc/x86_64-poky-linux-gnu/
release/deps/rustc_main-92223b15c9f2d827", waiting for result
/tmp/work/test4056/rustc_main-92223b15c9f2d827: error while loading shared
libraries: librustc_driver-fb0866b1cd913c20.so: cannot open shared object file: No
such file or directory
The rustc_main binary depends on the librustc_driver-*.so file. However,
this file has not been copied to QEMU. If we manually copy the file into
QEMU and export the LD_LIBRARY_PATH, the issue does not occur. Issue
reprorted to upstream and reverted the buggy code as a workaround.
Upstream-Status: Inappropriate [reported at https://github.com/rust-lang/rust/issues/136237]
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enrico Jörns [Sun, 26 Jan 2025 11:51:04 +0000 (12:51 +0100)]
busybox: drop net-tools from defconfig
The 'net-tools' have been deprecated 15 years ago! [1]
Let's remove their busybox pendants from the defconfig to prevent people
from accidentally starting projects with ancient technology.
Richard Purdie [Tue, 18 Feb 2025 10:12:51 +0000 (10:12 +0000)]
gdb: Include xz support by default and clean up PACKAGECONFIG
Firstly, just include xz support in all gdb configurations to simplify config.
Most systems would already have the shared library so this isn't a big problem
for a larger debugging tool.
The PACKAGECONFIG duplication is also confusing. The only PACKAGECONFIG which
needs special handking is the python one due to the differing modules needed
in the nativesdk case. Remove all the other duplicate entries which should work
through our usual class extension code.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 18 Feb 2025 15:15:07 +0000 (15:15 +0000)]
base: Fix PACKAGECONFIG handling for cross recipes
We don't have many cross recipes that use PACKAGECONFIG but gdb-cross does,
so correctly remap dependencies for that case allowing the gdb recipe to be
simplified.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 18 Feb 2025 10:43:04 +0000 (10:43 +0000)]
oeqa/runtime/connman: Drop unused test
This test checks for an IP address and then tests if interface aliases work. We
don't run it on any of our automated testing as it only applies for non-qemu.
The connectivity test is unrealted to connman and pretty pointless as it depends
on ssh being working, so networking is probably ok.
The alias interface test is unrelated to commman and a general networking test
but seems out of place.
The code uses obsolete ifconfig calls and overall, the value of the test we're
never using seems low. Delete it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Mon, 17 Feb 2025 19:21:41 +0000 (20:21 +0100)]
gnutls: upgrade 3.8.8 -> 3.8.9
Solves CVE-2024-12243
Refreshed patches
License-Update: multiple changes
* https://gitlab.com/gnutls/gnutls/-/commit/a8727cdb076287d0a2098ba49d76899b4e70160e
COPYING.LESSER updated wording to latest FSF version
* https://gitlab.com/gnutls/gnutls/-/commit/75f5ea80738156b81de30ae9b482a69cf4e77e9d
LICENSE file merged to README.md
COPYING and COPYING.LESSERv2 moved to top-level directory
** libgnutls: leancrypto was added as an interim option for PQC
The library can now be built with leancrypto instead of liboqs for
post-quantum cryptography (PQC), when configured with
--with-leancrypto option instead of --with-liboqs.
** libgnutls: Experimental support for ML-DSA signature algorithm
The library and certtool now support ML-DSA signature algorithm as
defined in FIPS 204 and based on
draft-ietf-lamps-dilithium-certificates-04. This feature is
currently marked as experimental and can only be enabled when
compiled with --with-leancrypto or --with-liboqs.
Contributed by David Dudas.
** libgnutls: Support for ML-KEM-1024 key encapsulation mechanism
The support for ML-KEM post-quantum key encapsulation mechanisms
has been extended to cover ML-KEM-1024, in addition to ML-KEM-768.
MLKEM1024 is only offered as SecP384r1MLKEM1024 hybrid as per
draft-kwiatkowski-tls-ecdhe-mlkem-03.
** libgnutls: Fix potential DoS in handling certificates with numerous name
constraints, as a follow-up of CVE-2024-12133 in libtasn1. The
bundled copy of libtasn1 has also been updated to the latest 4.20.0
release to complete the fix. Reported by Bing Shi (#1553).
[GNUTLS-SA-2025-02-07, CVSS: medium] [CVE-2024-12243]
** API and ABI modifications:
GNUTLS_PK_MLDSA44: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA65: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA87: New enum member of gnutls_pk_algorithm_t
GNUTLS_SIGN_MLDSA44: New enum member of gnutls_sign_algorithm_t
GNUTLS_SIGN_MLDSA65: New enum member of gnutls_sign_algorithm_t
GNUTLS_SIGN_MLDSA87: New enum member of gnutls_sign_algorithm_t
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
