Alex Kiernan [Tue, 12 Apr 2022 13:03:13 +0000 (14:03 +0100)]
wpa-supplicant: Use upstream defconfig
The copy of defconfig we were carrying was from 2014 and very out of
date; drop it and use the upstream version with appropriate edits for
our PACKAGECONFIG.
Switch PACKAGECONFIG to using a default (?=) rather than weak default
(??=) as per current recommendation.
Signed-off-by: Alex Kiernan <alexk@zuma.ai> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These settings are good for developers/maintainers but for distributions
generally disabling them turns out to be better especially when there is
a knob to do so. This fixes build with gcc-12 which find additional
warnings
inlined from 'bt_ctf_object_set_parent' at ../../../git/src/ctf-writer/object.h:120:6,
inlined from 'bt_ctf_trace_common_add_stream_class' at ../../../git/src/ctf-writer/trace.c:1243:3:
../../../git/src/ctf-writer/object.h:141:26: error: null pointer dereference [-Werror=null-dereference]
141 | if (child->parent) {
| ~~~~~^~~~~~~~
../../../git/src/ctf-writer/object.h:141:26: error: null pointer dereference [-Werror=null-dereference]
cc1: all warnings being treated as errors
Paulo Neves [Sun, 6 Feb 2022 13:45:07 +0000 (14:45 +0100)]
selftest/lic_checksum: Add test for filename containing space
A fix is being added to bitbake to correctly handle spaces inside
checksum filenames. Add a test to oe-selftest to ensure this is
tested and doesn't regress in future.
Signed-off-by: Paulo Neves <ptsneves@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
This release changes the implementation of "infer" to be an alias for
"Ellipsis". E.g. "@given(a=infer)" is now equivalent to
"@given(a=...)". Furthermore, "@given(...)" can now be specified so
that "@given" will infer the strategies for all arguments of the
decorated function based on its annotations.
Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jon Mason [Fri, 8 Apr 2022 19:25:18 +0000 (15:25 -0400)]
qemuarm64: use virtio pci interfaces
The virtio PCI devices seemed to be required for this machine for some
versions of qemu (based on errors from running qemu saying that the
devices don't exist). Changes to the entries here is all that is needed
to get it working.
Signed-off-by: Jon Mason <jdmason@kudzu.us> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There was a very brittle sed hack against cpp source code
that allowed installing multiple llvm versions into the same
target/sysroot. Patching with sed is prone to silent
regressions as it can change both too little and too much,
and it indeed it broke with llvm 14. It's also difficult to tell
what the 'right' change should look like.
If this feature is actually needed somewhere, please do it properly:
proper patch and upstream first.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
llvm-config no longer links with libLLVM, so there is no need
to install it in -native (and it isn't built in the first place).
This also significantly speeds up llvm-native build.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
- Deprecations and Removals
Drop the doctype check, that presented a warning for index pages that use
non-compliant HTML 5.
- Vendored Libraries
Downgrade distlib to 0.3.3.
Signed-off-by: Xu Huan <xuhuan.fnst@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream has replaced gtk-doc with gi-docgen however it is not possible to
configure. So it's disabled until the merge request to do so lands:
https://gitlab.gnome.org/GNOME/librsvg/-/merge_requests/687
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The cmjsoncpp license changes are only whitespaces while the cmlibuv
license dropped:
"""
- android-ifaddrs.h, android-ifaddrs.c, copyright Berkeley Software Design
Inc, Kenneth MacKay and Emergya (Cloud4all, FP7/2007-2013, grant agreement
n° 289016). Three clause BSD license.
"""
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
Other changes:
#587 pkg-config: Move "-lm" to section "Libs.private"
#587 CMake|MSVC: Fix pkg-config section "Libs"
#55 #582 CMake|macOS: Start using linker arguments
"-compatibility_version <version>" and
"-current_version <version>" in a way compatible with
GNU Libtool
#590 #591 Version info bumped from 9:7:8 to 9:8:8;
see https://verbump.de/ for what these numbers do
Infrastructure:
#589 CI: Upgrade Clang from 13 to 14
0001-migrate-from-custom-itstool-to-builtin-msgfmt-for-cr.patch
removed since it's included in 2.2
Changelog:
=========
* model/3mf: new
* Match shared libraries with version suffix
* model/obj: add mtllib and Blender comment based magic
* model/mtl: add Blender comment magic, increase newmtl range
* model/obj, model/mtl: new types
* Add Electron Archive Format type application/x-asar
* text/x-qml: Lower match priority to avoid conflicts with Python
* Move '*.blend' to top of Blender glob list
* Adding SPARQL media types
* application/zip: Add '*.zipx' glob and test fixture
* Added DSD mime type
* Differentiate comic book archives
* FITS: Add missing 'application/fits' and legacy globs
* Add Godot engine files
* Add FlashForge "xgcode" mime-type
* text/x-objc++src: new type
* image/heif: test .hif extension too
* image/hif: add *.hif glob
* image/heif: add another test case
* image/heif: add magics
* Add a build-tools option to allow installing only the mime data
* Add compressed SVG glob pattern '*.svg.gz'
* Add Apple Wallet pass type application/vnd.apple.pkpass
* migrate from custom itstool to builtin msgfmt for creating translated XML
* Make the remaining plain text types subclasses of text/plain
* audio/mobile-xmf: separate from audio/x-xmf
* Adding ZIM file
* Make text/x-mrml a subclass of application/xml
* image/avif: move acronym and expansion to separate fields from comment
* freedesktop_generate.sh: Don't hardcode ninja
* Add text/x-mpl2
* application/x-apple-systemprofiler+xml: require _SPCommandLineArguments in plist
* image/jpeg: add test case with embedded property list XML
* audio/vnd.dts.hd: include parent type magic in magic match
* model/gltf+json: new type
* model/gltf-binary: new type
* application/x-object: add *.mod and a test case
* application/x-mod: add some ProTracker magics and a test case
* image/jxl: include test files in test list
* tests: add trailing linefeed to mime-detection list
* Make application/x-mswinurl a subclass of text/plain
* Change description for *.desktop files to "desktop entry"
* application/x-x509-ca-cert: add magics and test cases
* application/pkix-cert: add BEGIN/END X509 CERTIFICATE magic
* application/pkix-crl: add magic and test case
* application/pkix-cert: add magic and test case
* image/jxl: new type
* Added .sc filename extension for Scala source code, as it is occasionally used
* application/schema+json: new type
* Add text/x-crystal
* application/x-krita: remove stray period from comment
* adding org-mode
* Add Elixir source code mime type
* Add two new offsets for .kra and .krz
* text/x-python3: add *.pyi glob (Python stub files)
* image/x-canon-cr3: new
* image/x-xpixmap: make XPM3 magic more specific
* image/x-xpixmap: add XPM2 magic
* application/x-troff-man: add *.[1-9] glob
* application/toml: new type
* Lower priority of "BEGIN {" for perl, awk uses that too
* Add Smacker video type video/vnd.radgamettools.smacker
* Clarify database license
* meson: make xmlto optional, build spec only if found
* application/x-7z-compressed: add *.7z.001 glob
* Add Bink video type video/vnd.radgamettools.bink
* image/x-nikon-nrw: add test case
* image/x-nikon-nrw: new type
* application/x-vhdx-disk: improve acronym and its expansion
* application/ovf: new
* application/x-qed-disk: new
* application/x-vdi-disk: new
* application/x-vmdk-disk: new
* application/x-vhd-disk, /x-vhdx-disk: new
* application/vnd.apple.numbers, .pages: add older magics and test cases
* Add text/x-dart
* application/vnd.apple.numbers, /vnd.apple.pages: new types
* xdgmime: configure as submodule
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 29 Mar 2022 13:45:23 +0000 (14:45 +0100)]
zlib: upgrade to 1.2.12
First upstream release since 2017!
- Fix a deflate bug when using the Z_FIXED strategy that can result in out-of-bound accesses.
- Fix a deflate bug when the window is full in deflate_stored().
- Speed up CRC-32 computations by a factor of 1.5 to 3.
- Use the hardware CRC-32 instruction on ARMv8 processors.
- Speed up crc32_combine() with powers of x tables.
- Add crc32_combine_gen() and crc32_combine_op() for fast combines.
Drop CVE-2018-25032 as this is in the .12 release.
Rebase 0001-configure-Pass-LDFLAGS-to-link-tests.patch to apply cleanly.
Backport cc.patch to fix compilation with our CC.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Steve Sakoman [Mon, 18 Apr 2022 19:04:08 +0000 (09:04 -1000)]
lua: fix CVE-2022-28805
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup
call, leading to a heap-based buffer over-read that might affect a system that
compiles untrusted Lua code.
https://nvd.nist.gov/vuln/detail/CVE-2022-28805
Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Steve Sakoman [Mon, 18 Apr 2022 19:04:07 +0000 (09:04 -1000)]
busybox: fix CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code
if netstat is used to print a DNS PTR record's value to a VT compatible
terminal. Alternatively, the attacker could choose to change the terminal's colors.
https://nvd.nist.gov/vuln/detail/CVE-2022-28391
Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 15 Apr 2022 08:43:23 +0000 (09:43 +0100)]
libxshmfence: Correct LICENSE to HPND
The license in this code is listed as MIT and whilst it is compatible with and
usable as MIT, it actually looks like HPND. Clarify the license field accordingly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 15 Apr 2022 08:09:18 +0000 (09:09 +0100)]
alsa-tools: Ensure we install correctly
With the fix for #8621, cleandirs is now applied to autotools_do_install
and this results in a lot of the install targets to be removed. Ensure
cleandirs isn't set for autotools_do_install.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Scott Murray [Thu, 14 Apr 2022 23:37:10 +0000 (19:37 -0400)]
runqemu: Do not auto detect graphics if publicvnc is specified
The graphics option auto detection logic added in 7f78bb7a was not
checking if the publicvnc option had been specified, meaning that
it would be ignored and the auto detection result used instead.
Add setting a flag variable in the argument parsing and check
it along with the ones for the other graphics backend options.
Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
shadow: Disable the use of syslog() for the native tools
An attempt to disable the use of syslog() was made in commit 8f181686
(shadow-native: Simplify and fix syslog disable patch). However,
because the code checks if USE_SYSLOG is defined rather than checking
if it evaluates to TRUE the patch did not work as intended.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 14 Apr 2022 16:10:00 +0000 (17:10 +0100)]
bluez5: Add fix for startup issues under systemd
The systemd bluetooth service failed to start. Add a workaround for this whilst the
final fix is discussed upstream, https://github.com/bluez/bluez/issues/329.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Tue, 12 Apr 2022 21:46:02 +0000 (17:46 -0400)]
lttng-modules: support kernel 5.18+
Backporting changes from lttng master to support building against
the 5.18+ kernel. No changes required to the patches. Once a new
-stable 2.13.x is released, we can drop these patches. To enable
newer kernel development against the LTS, it is worth pulling these
in while we wait for an upstream release.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 13 Apr 2022 14:45:03 +0000 (15:45 +0100)]
runqemu: Allow auto detection of the correct graphics options
Running "runqemu qemux86 kvm" when qemu is configured for sdl and/or gtk
display output currently leads to a poor user experience with no cursor
and corrupted fonts in the gtk case. This is due to no options being
passed to qemu which leads to the loss of the font envirornment variable
and the show-cursor option.
If the user hasn't specified a display type, grep the output of
"qemu-system-xxx --help" for the display types and pick the "best"
which ensures our config is passed in. That resolves the gtk font issue
and the cursor issue with both sdl and gtk.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Konrad Weihmann [Wed, 13 Apr 2022 17:08:49 +0000 (19:08 +0200)]
python3-pip: correct license
as described in src/pip/_vendor/README.rst pip ships plenty
of vendored copies of other python modules.
Correct the license of the resulting package and
reference all the vendor copy license files correctly
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Konrad Weihmann [Wed, 13 Apr 2022 15:34:53 +0000 (17:34 +0200)]
gettext: add MIT conditional as license
depending on the actual PACKAGECONFIG some
internal vendor copies of libxml, libcroco and glib will
be used.
In the case of libxml this adds MIT to the license.
Reference the license statements based on the actual choosen
PACKAGECONFIG
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Konrad Weihmann [Wed, 13 Apr 2022 15:34:51 +0000 (17:34 +0200)]
libsdl2: fix license
by default libsdl2 is build with code from src/video/yuv2rgb, which
is licensed under BSD-2-Clause.
Additional by default hidapi is build, which is licensed under
GPL3 | BSD-2-Clause | HIDAPI license, pick the least restrictive
and best matching BSD-2-Clause.
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kernel-devsrc: Check for gen_vdso_offsets.sh before copying on riscv
This file is introduced in newer kernels >= 5.15 but some RISCV machines
still use 5.13 kernels, this ensures that kernel-devsrc can build on
older kernels for RISCV
Richard Purdie [Wed, 13 Apr 2022 16:27:11 +0000 (17:27 +0100)]
sanity: Show a warning that make 4.2.1 is buggy on non-ubuntu systems
We keep seeing hangs on the autobuilder with make 4.2.1 on Centos8, Alma8
and OpenSuse workers. The hang occurs in perl and kernel builds in particular.
The issue is fixed in 4.3 and has been patched on Ubuntu systems:
Add a sanity test for make 4.2.1 and error for non-ubuntu systems. We're
making a buildtools-make-tarball available which can be used to
allow systems with the broken version to use the project.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 11 Apr 2022 22:02:26 +0000 (23:02 +0100)]
externalsrc/devtool: Fix to work with fixed export funcition flags handling
If we fix bitbake to correctly handle the cleandirs and fakeroot flags
for tasks handled by EXPORT_FUNCTIONS, we break devtool since it only
considers these for top level functions. Add in extra code to intercept
the cleandirs flags for commonly used sub functions too.
[YOCTO #8621]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream dropped many 'legacy' low res bitmap icons and also plans to
phase out 'generic app' icons in the svg format, saying that all apps
must carry their own icons. This breaks the icons displayed in sato
so revert for now until we have a plan to mitigate that.
[YOCTO #14782]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 12 Apr 2022 10:21:13 +0000 (11:21 +0100)]
git: Ignore CVE-2022-24975
Everyone I've talked to doesn't see this as a major issue. The CVE
asks for a documentation improvement on the --mirror option to
git clone as deleted content could be leaked into a mirror. For OE's
general users/use cases, we wouldn't build or ship docs so this wouldn't
affect us.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 12 Apr 2022 10:01:51 +0000 (11:01 +0100)]
qemu: Add fix for CVE-2022-1050
Add a fix queued upstream for the issue in this CVE:
"""
Guest driver might execute HW commands when shared buffers are not yet
allocated.
This might happen on purpose (malicious guest) or because some other
guest/host address mapping.
We need to protect againts such case.
"""
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
python3: Do not detect multiarch when cross compiling
This was a long standing problem seen on aarch64 build hosts when
compiling python3 with clang cross compiler. The issue is not seen with
gcc because native glibc headers are still compatible with gcc cross compiler
Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Ross Burton <ross.burton@arm.com> Cc: Jon Mason <jdmason@kudzu.us> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Kevin Hao [Sat, 9 Apr 2022 06:04:40 +0000 (14:04 +0800)]
kernel.bbclass: Fix the do_strip() malfunction
The BB variable can't be referenced directly in a python function,
this misusage of the variable reference causes strip function to be
always skipped.
Fixed: b9c3db4953e4 ("kernel.bbclass: Use KERNEL_IMAGEDEST instead of hardcoded boot path") Signed-off-by: Kevin Hao <kexin.hao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Just as pointed out in a previous commit:
"""
We'll continue tagging the repos contributing with SDK releases, as
that is when all the testing of the various projects is performed
together.
"""
Now the repo has updated and the 'stable' branch is forcely overriden.
We need to use the 'sdk-1.3.204' branch.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 7 Apr 2022 16:33:21 +0000 (17:33 +0100)]
package_ipk/deb: Fix specific version handling
We recently added a "xxx (= 1.2.3)" style dependency to a recipe and have
been having trouble with the opkg and debian backends with it.
The issues is that for debian, "=" really does mean equals and includes the
PR field. One bitbake recipe does not know the PR of another, nor shoud it.
In other words 1.2.3 != 1.2.3-r0. Debian defaults to a PR of "0", not our
"r0".
The only way I can think of to make this work is to change "=" dependencies
without revision information (no "-r" in the version) into things like:
"xxx (>= 1.2.3), xxx (<< 1.2.3.0)". This appears to work even if it is a
pretty horrible workaround.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 9 Apr 2022 20:26:24 +0000 (21:26 +0100)]
uninative: Upgrade to 3.6 with gcc 12 support
There are reports of issues with the new libstdc++ from gcc 12. This upgrades
to a gcc 12 version of uninative to allow builds on those systems. Gcc 12 isn't
finalised so we may need to add a new version of this if/as appropriate when it
is.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ralph Siemsen [Sat, 9 Apr 2022 02:16:44 +0000 (22:16 -0400)]
gzip: upgrade 1.11 -> 1.12
This includes a fix for CVE-2022-1271.
The existing "wrong path" patch needed to be refreshed, because the
context changed due to the following upstream change:
https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=31193bbd13cd2807d8ccaa2ba5b072303d5425e7
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
