New Features:
Support for new instructions added to AMD, ARM and RISC-V architectures.
Support for version 3 of the SFrame standard.
The readelf program can now display the contents of Global Offset Tables.
Improved linker tagging support.
Dropped patches:
0001-aarch64-constify-BTI-and-GCS-report-functions.patch
Since the fix is already included in binutils 2.46.
CVE patches: CVE-2025-11081,CVE-2025-11082,CVE-2025-11083,
CVE-2025-11839,CVE-2025-11840,CVE-2025-11412,CVE-2025-11413,
CVE-2025-11414,CVE-2025-11494,CVE-2025-11495.
These were dropped because they are already addressed in binutils 2.46.
Drop CVE_STATUS:
binutils 2.46 has needed fixes for CVE-2025-7545 and CVE-2025-7546.
Peter Marko [Fri, 20 Feb 2026 20:53:15 +0000 (21:53 +0100)]
alsa-lib: patch CVE-2026-25068
Pick patch mentioned in NVD report.
It also includes CVE ID in commit message.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Wed, 18 Feb 2026 22:53:25 +0000 (23:53 +0100)]
glib-2.0: upgrade 2.86.3 -> 2.86.4
Fixes CVE-2026-1484, CVE-2026-1485 and CVE-2026-1489.
Release notes [1]:
Overview of changes in GLib 2.86.4, 2026-02-13
* Fix several security vulnerabilities of varying severity (see below
for details)
* Bugs fixed:
* #3858 (closed) glib-compile-resources: Incorrect compiler detection
on Windows when building GTK causes a DoS (L. E. Segovia)
* #3863 (closed) Iterating over a short (preallocated) GVariant
bytestring invalidly refs a NULL GBytes (Christian Hergert)
* #3870 (closed) (CVE-2026-1484) (YWH-PGM9867-168) Integer Overflow ->
Buffer Underflow on Glib through glib/gbase64.c via
g_base64_encode_close() leads to OOB Write (Marco Trevisan)
* #3871 (closed) (CVE-2026-1485) (#YWH-PGM9867-169) Buffer underflow
on Glib through gio/gcontenttype-fdo.c via parse_header() lead to
OOB Read/Write (Marco Trevisan)
* #3872 (closed) (CVE-2026-1489) (#YWH-PGM9867-171) Integer Overflow
on Glib through glib/guniprop.c via output_marks() lead to OOB Write
in glib/gutf8.c:g_unichar_to_utf8() (Marco Trevisan (Treviño))
* !4946 (merged) Update Romanian translation glib-2-86
* !4955 (merged) Backport !4954 (merged) “glib-compile-resources:
Always assume MSVC compiler if VCINSTALLDIR is set” to glib-2-86
* !4961 (merged) Backport !4960 (merged) “glib/gvariant: add failing
test for bytestring and fix it” to glib-2-86
* !4979 (merged) [glib-2-86] gbase64: Use gsize to prevent potential
overflow
* !4981 (merged) [glib-2-86] gio/gcontenttype-fdo: Do not overflow if
header is longer than MAXINT
* !4984 (merged) [glib-2-86] guniprop: Use size_t for output_marks
length
* !5010 (merged) Update Kazakh translation
* Translation updates:
* Kazakh (Baurzhan Muftakhidinov)
* Romanian (Antonio Marin)
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 16 Feb 2026 13:48:35 +0000 (13:48 +0000)]
cmake: remove obsolete patches
0001-Disable-use-of-ext2fs-ext2_fs.h-by-cmake-s-internal.patch can be
replaced with two variable assignments to seed the results we want.
0002-CMakeLists.txt-disable-USE_NGHTTP2.patch is not needed anymore as
the vendored curl will disable the use of nghttp2 automatically if it
isn't found.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 21 Feb 2026 08:42:30 +0000 (08:42 +0000)]
distro/defaultsetup: Enable space optimization tweaks
This enables a collection of tweaks which reudce build output size where
the output has been found to be particularly problematic.
This reduces sstate object size as well as on disk build footprint, it
also helps memory usage for linking some of the recipes. This in turn
improves built speed and the smaller sstate objects are faster to compress,
decompress and transfer over the network.
This change has been tested in poky for a long time.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 21 Feb 2026 08:42:29 +0000 (08:42 +0000)]
distro/defaultsetup: Enable security flags by default
This defaults to including our security flags which use stack-protector-strong
and D_FORTIFY_SOURCE=2 by default, as aids to improve detection of security issues.
This change has been tested in poky for a long time and allows us to align
our default compilation flags and environment.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 21 Feb 2026 08:42:28 +0000 (08:42 +0000)]
distro/defaultsetup: Enable no-static-libs by default
In general, few people use statlic libraries. They are however large and take up a lot
of space on disk as well as taking time to compress/decompress and tranfser in sstate
objects.
This change disables most of them by default for disk space and speed/size performance
benefits.
This change has been tested in poky for a long time.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 21 Feb 2026 08:42:27 +0000 (08:42 +0000)]
defaultsetup: Enable uninative by default
uninative allows reuse of native sstate built on one distro on another. This change
enables it by default, as has been done by default in poky for a long time.
The reason for the change is that this makes the sstate CDN much more useful
to speed up builds if good network access is available. It also standardises
the builds to our usual testing configuration, removing one key difference
which new users sometimes run into.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 21 Feb 2026 08:42:25 +0000 (08:42 +0000)]
conf: Switch to systemd by default and simplify init manager selection
This change effectively switches things to use INIT_MANAGER to select the init
system and drops the old compatibility 'none' method. The init manager selection
is now complex enough that requiring users to select it makes sense.
The new default is systemd, which reflects popular opinion. This is known to have
issues in some of our configurations such as musl but is also frequently asked for.
Anyone replacing defaultsetup.conf in their own setup will need to provide
equivalent functionality but that is execpted for any of the settings in there.
This change drops sysvinit from the default distro features backfill, meaning
we no longer need to remove it in systemd setups and places the init managers
on a more equal and equivalent standing.
This is a behaviour change for anyone using nodistro and anyone not already
setting INIT_MANAGER explictly. This does not change the default for distros
which select an init manager already (e.g. poky).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 21 Feb 2026 08:16:47 +0000 (08:16 +0000)]
conf/distro: Drop default-versions.inc
This conf file used to be useful when we had multiple versions of recipes
but we no longer do that and the file is empty. Remove it as obsolete and
not needed anymore.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 21 Feb 2026 08:16:46 +0000 (08:16 +0000)]
binutils: Drop unneeded and problematic vardeps explict value and immediate expansion
This was introduced in 0788cf349fe37ef4a36c626dbc396c97d1ab14d7 as a way of
tracking the EXTRA_OECONF changes. These should be tracked reliably by the
contains() code now so it is assumed this was working around a bug at the time.
I checked the current task hashes and that information is there.
Therefore drop this bit of code as the immediate expansion causes inaccurate
values.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Similar to native, backfilling of items from DISTRO_FEATURES when
combined with DISTRO_FEATURES_FILTER_NATIVESDK was not functioning
correctly.
Ensure the backfill is applied before filtering, then clear the value to
prevent further backfill. This makes the nativesdk and crosssdk cases
match the native code.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sunil Dora [Thu, 19 Feb 2026 12:59:18 +0000 (04:59 -0800)]
rust: Enable dynamic linking with llvm
Fixes [Yocto #16058]
A segmentation fault occurs in rustc (e.g. in
llvm::X86ReadAdvanceTable) when reusing sstate artifacts built with
different host toolchain versions.
Issue sequence:
1. llvm-native is built with a newer toolchain
(e.g. GCC 15/Binutils 2.45).
2. rust-native is later built with an older linker.
(e.g. GCC 12/Binutils 2.40).
3. The older linker statically links parts of llvm-native into
librustc_driver.
4. The resulting binary crashes at runtime inside the statically
linked LLVM code.
The corruption happens at link time when mixing static native objects
produced by different toolchain generations.
Enable dynamic LLVM linking (link-shared = true) for rust-native so rustc
links against libLLVM.so instead of static archives, avoiding host linker
incompatibilities when reusing sstate artifacts.
Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com> Suggested-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Antonin Godard [Tue, 17 Feb 2026 09:59:16 +0000 (10:59 +0100)]
python3-sphinx: backport patch to fix singlehtml URIs
The singlehtml builder creates broken links, as reported on the
yocto-docs list[1].
This issue was also reported upstream[2], and the temporary fix is to
revert commit c93723b80396 ("singlehtml: deprecate the 'fix_refuris'
helper function (#13037)") in sphinx.
time64.inc: add links to "Y2038 in Yocto" slides and video
I'm not sure if placing conference slides and video links
here is okay, but I believe this is the best starting point
for anyone dealing with the Y2038 problem. It will help and
provide important context and action points for those needing
to support 32 bit products beyond Y2038.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
time64.inc: clean up and add upstream tickets where issues remain
Most issues were resolved via upstream version updates that bring in
needed fixes:
glib-2.0 update to 2.78.0 that includes:
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3547
https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3550
curl update to 8.3.0 that includes
https://github.com/curl/curl/pull/11610
util-linux update to 2.39 that includes
https://github.com/util-linux/util-linux/pull/2430
https://github.com/util-linux/util-linux/commit/3ab9e699a8d90f55e0447516b7e05a8686180467
https://github.com/util-linux/util-linux/pull/2435
glib-networking update to 2.78.0 that includes
https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/241
python3-cryptography update to 42.0.0 which resolves
https://github.com/pyca/cryptography/issues/9370 via
https://github.com/pyca/cryptography/pull/9964
perl update to 5.40.0 which includes
https://github.com/Perl/perl5/pull/21379
python3 update to 3.13.0 which includes
https://github.com/python/cpython/pull/118425
python3 update to 3.13.1 which includes
https://github.com/python/cpython/pull/124972
python3 update to 3.14.0 which includes
https://github.com/python/cpython/pull/119401
https://github.com/python/cpython/pull/125045
https://github.com/python/cpython/pull/107594
https://github.com/python/cpython/pull/125104
dbus update to 1.16.0 which includes
https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/444
https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/289
openssh update to 10.0p1 which includes
https://github.com/openssh/openssh-portable/pull/425
https://bugzilla.mindrot.org/show_bug.cgi?id=3684
https://marc.info/?l=openbsd-bugs&m=172561736524815&w=2
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-October/041621.html
(all reporting the same issue)
gcc update to 15.1 which includes
https://github.com/llvm/llvm-project/pull/99699
via https://github.com/gcc-mirror/gcc/commit/fa321004f3f6288d3ee2eefa6b02177131882dca
and allows dropping special flags and exceptions for gcc-sanitizers.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lttng-tools: install .expect test files with a wildcard
Otherwise, there will be failures on 32 bit hosts. Note
that the needed files are erroneously absent from upstream
release tarballs:
https://bugs.lttng.org/issues/1436
but once that is resolved, this commit will be effective.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lttng-tools: ensure that ptest errors are not suppressed
At some recent point lttng-tools ptests have quietly regressed,
and most of them aren't executed anymore. Errors are printed
on the console, but aren't reported as exit code from run-ptest.
The reason is that exitcode was set to what sed returned, not make.
The original reason for piping through sed was to unify /tmp/tmp.xxxx outputs
for easier results comparison, but (after fixing the tests) I don't
see such lines anymore, and in any case ensuring such regressions
are caught is more important.
With this fix, run-ptest and testimage starts to fail as it should.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Sun, 15 Feb 2026 22:10:57 +0000 (14:10 -0800)]
checklayer: fix get_depgraph() hang when command fails
The get_depgraph() function hangs indefinitely when a layer causes
command failures (e.g. meta-virtualization) because:
1. bb.command.CommandFailed was not included in the event mask passed
to set_event_mask(), so the failure event was silently dropped and
the while True loop never received a terminating event.
2. There was no timeout handling for the case where wait_event()
repeatedly returns None, leaving no escape from the loop.
Add CommandFailed to the event mask so failure events are properly
received and handled. Also add a timeout counter that raises
RuntimeError after 300 consecutive seconds of no events, preventing
an infinite hang.
Fixes [YOCTO #16170]
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Tue, 17 Feb 2026 14:59:35 +0000 (15:59 +0100)]
iproute2: update link to homepage
The old link redirects here now.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 18 Feb 2026 14:41:07 +0000 (14:41 +0000)]
native: Use dynamic filtering for PROVIDES
Currently, PROVIDES is one of the few variables left which isn't handled by
filter code dynamically. This lead to bugs if for example you have a
PACKAGECONFIG value which references DISTRO_FEATURES, and DISTRO_FEATURES
is being set in the the native case late by backfill. The early expansion
of the value means it can use an incorrect DISTRO_FEATURES value leading to
confusing errors.
Convert the code to use a filter in common with the other code in the class.
This does lead to some behaviour differences outside OE-Core in meta-oe for
example where the PROVIDES of gd-native changed:
"gd-native gd-native-tools"
to
"gd-native gd-tools-native"
where the change is a clear improvement in correctness.
This fixes issues when DISTRO_FEATURES has backfill options in place in
the native case.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 18 Feb 2026 14:41:06 +0000 (14:41 +0000)]
native: Fix DISTRO_FEATURES backfill handling in native case
Currently, features listed in DISTRO_FEATURES_FILTER_NATIVE are not supported
for DISTRO_FEATURES_BACKFILL as the two variables interact badly. We now have
need to add some features to backfill which are in the filter_native case.
This patch fixes the handling by appuing the backfill, then zeroing the variable
once they are applied. This leads to them being correctly filtered.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Tue, 17 Feb 2026 22:44:34 +0000 (23:44 +0100)]
python3: upgrade 3.14.2 -> 3.14.3
>From release notes [1]:
Security
* gh-144125: BytesGenerator will now refuse to serialize (write)
headers that are unsafely folded or delimited; see
verify_generated_headers. (Contributed by Bas Bloemsaat and Petr
Viktorin in gh-121650).
* gh-143935: Fixed a bug in the folding of comments when flattening an
email message using a modern email policy. Comments consisting of a
very long sequence of non-foldable characters could trigger a forced
line wrap that omitted the required leading space on the continuation
line, causing the remainder of the comment to be interpreted as a new
header field. This enabled header injection with carefully crafted
inputs.
* gh-143925: Reject control characters in data: URL media types.
* gh-143919: Reject control characters in http.cookies.Morsel fields
and values.
* gh-143916: Reject C0 control characters within wsgiref.headers.Headers
fields, values, and parameters.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Tue, 17 Feb 2026 17:41:44 +0000 (18:41 +0100)]
zlib: upgrade 1.3.1 -> 1.3.2
Delete patch included in this version.
Remove CVE_STATUS for CVE resolved in this release.
Release information: [1]
More details on homepage: [2]
Audit details: [3]
Version 1.3.2 has these key updates from 1.3.1:
* Address findings of the 7ASecurity audit of zlib.
* Check for negative lengths in crc32_combine functions.
* Copy only the initialized window contents in inflateCopy.
* Prevent the use of insecure functions without an explicit request.
* Add compressBound_z and deflateBound_z functions for large values.
* Use atomics to build inflate fixed tables once.
* Add --undefined option to ./configure for UBSan checker.
* Copy only the initialized deflate state in deflateCopy.
* Zero inflate state on allocation.
* Add compress_z and uncompress_z functions.
* Complete rewrite of cmake support.
* Remove untgz from contrib.
* Vectorize the CRC-32 calculation on the s390x.
* Remove vstudio projects in lieu of cmake-generated projects.
* Add zipAlreadyThere() to minizip zip.c to help avoid duplicates.
* Add deflateUsed() function to get the used bits in the last byte.
* Fix bug in inflatePrime() for 16-bit ints.
* Add a "G" option to force gzip, disabling transparency in gzread().
* Return all available uncompressed data on error in gzread.c.
* Support non-blocking devices in the gz* routines.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 13 Feb 2026 17:56:18 +0000 (17:56 +0000)]
systemd: Stop supporting sysvinit compatibility
Systemd has worked with sysvinit compatibility but upstream plans to remove
this and hence we will no longer be able to support it. We need to remove this
before the LTS since the support will certainly not be there for the lifetime
of the LTS.
This patch disables that usage mode and removes some of the compatibility logic.
There is more that can be removed, this is meant just to signal to people it is
no longer supported and start that process. Further cleanup can be made over time
in later commits.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add packageconfig option to enable legacy support (disabled by default).
The legacy module includes deprecated and unmaintained OpenSSL
components. Drops openssl-oss-module-legacy from a runtime depends to a
runtime recommends for ptest.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
TLS 1.0 and TLS 1.1 have been deprecated by the IETF since 2021.
Disables support by default in packageconfig, requiring users to
explicitly opt-in for these deprecated protocols.
Signed-off-by: Colin Pinnell McAllister <colinmca242@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Fix issue with number of retries on authentication failures.
- Fix issue with G.722 @ 16 kHz codec ID value reported by transport.
- Add support for Telephony interface.
- Add support for Ranging profile.
- Add support for GMAP service.
- Add support for TMAP service.
Full changelog:
https://github.com/bluez/bluez/compare/5.85...5.86
Changes relevant for the build:
- mcaptest tool has been removed
- sap and health profiles have been removed from the code base
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 13 Feb 2026 17:45:55 +0000 (17:45 +0000)]
mirrors: Drop obsolete/inappropriate OE/YP mirror entries
These fetchers aren't used by code that would end up on these mirrors and are about
to be removed anyway in some cases. Drop the pointless/obsolete entries.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Zhang Peng [Fri, 13 Feb 2026 08:10:03 +0000 (16:10 +0800)]
libxkbfile: upgrade 1.1.3 -> 1.2.0
Changelog:
- libxkbfile is used by the X servers and utilities to parse the XKB
configuration data files.
- This release adds a new XkbRF_FreeVarDefs() API, and brings over many
fixes from the other copies of XKB code in the various X.Org repos.
- Since no complaints were received about the added meson build system
in the 1.1.3 release (February 2024), the autoconf build system has been
removed in this release.
Het Patel [Thu, 22 Jan 2026 14:59:18 +0000 (14:59 +0000)]
cve-update-nvd2-native: Use maximum CVSS score from all sources
The CVE check system was incorrectly reporting lower CVSS scores when
multiple scoring sources were available in the NVD database. This
occurred because the code only extracted the first element from the
metrics arrays, which could be a "Secondary" source with a lower score
rather than the "Primary" source or the highest available vendor score.
According to the CVSS v4.0 User Guide, "In situations where multiple
CVSS-B scores are applicable but only one is provided, the highest
CVSS-B score must be utilized." This follows the "reasonable worst-case"
principle established by the CVSS SIG.
This fix iterates through all available sources (v2, v3.0, v3.1, and
v4.0) and selects the maximum CVSS score to ensure the highest severity
is reported.
Daniel Dragomir [Wed, 11 Feb 2026 13:11:20 +0000 (15:11 +0200)]
wic/engine: error on old host debugfs for standalone directory copy
When wic is used in standalone mode, it relies on host tools such as
debugfs. For directory host->image copies into ext* partitions, wic
uses scripted debugfs "-f" input with multiple mkdir/write commands.
Older host debugfs versions (< 1.46.5) may behave unreliably in this
mode and can silently miss files. This does not affect builds using
debugfs from OE where the version is known to be sufficiently new.
Add a debugfs version check and emit an error when an older host
debugfs is detected. The error is shown once per run and halts execution.
Changes in v2:
- adjust the last working debugfs version to 1.46.5
Changes in v3:
- switch debugfs check from warning to error
Signed-off-by: Daniel Dragomir <daniel.dragomir@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Pratik Farkase [Wed, 11 Feb 2026 16:35:14 +0000 (17:35 +0100)]
libsolv: ptest: remove conditional checks
Simplify run-ptest and do_install_ptest by removing conditional
checks. If upstream renames or relocates test files, the build should
fail explicitly rather than silently skipping tests, ensuring the
recipe is updated appropriately.
Changes:
- Use testcases/* glob to automatically discover all test suites
- Remove file existence checks from run-ptest
- Remove file existence checks from do_install_ptest
Zhang Peng [Wed, 11 Feb 2026 03:22:13 +0000 (11:22 +0800)]
libx11-compose-data: upgrade 1.8.4 -> 1.8.12
- upgrade libx11-compose-data to 1.8.12 as it is part of libx11, and
libx11 already upgrade to 1.8.12
- refresh the patch 0001-Drop-x11-dependencies.patch
Kai Kang [Wed, 11 Feb 2026 03:04:21 +0000 (11:04 +0800)]
lttng-platforms.inc: set LTTNGMODULES with ?=
Set LTTNGMODULES with ?= in lttng-platforms.inc, then it could be set in
.conf files to override it.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hongxu Jia [Wed, 11 Feb 2026 02:43:30 +0000 (10:43 +0800)]
gnupg: 2.5.14 -> 2.5.17
Release-info: https://dev.gnupg.org/T7996
Compare commits updates:
$ git clone https://github.com/gpg/gnupg.git
$ git log --oneline gnupg-2.5.14..gnupg-2.5.17 17b514596 (tag: gnupg-2.5.17) Release 2.5.17 f2f89dc82 po: msgmerge 11b7e4139 gpg: Fix possible NULL-deref with overlong signature packets. 93fa34d9a tpm: Fix possible buffer overflow in PKDECRYPT c3e387427 po: Update Swedish translation eba28eeaa agent: Add accelerator keys for "Wrong" and "Correct". 2438271ab agent: Fix stack buffer overflow when using gpgsm and KEM c7770b0a7 gpgsm: Make multiple search patterns work with keyboxd. 71570012e gpg: Remove a dead statement. 0bcd9be9a gpg: New export-option "keep-expired-subkeys" 0e37a6779 doc: Improve the "Programmatic use of GnuPG" section. 5f4ad39b1 doc: Rename an internal function to clarity the purpose. 8d4fc7667 dirmngr: Help detection of bad keyserver configurations. d97e52cc7 scd:openpgp: register vendor 4d52 916982b8c Post release updates 7d38a23b8 (tag: gnupg-2.5.16) Release 2.5.16 a9da315fb Revert "misc: Validate the value on the use of strtol." 26c422e5b Post release updates 7ee523ac2 (tag: gnupg-2.5.15) Release 2.5.15 947ea3c41 gpg: Deprecate the option --not-dash-escaped. abe9bddaa gpg: Fix for a recently claimed harmless keyboxd change. 4ec86dca3 po: msgmerge 691fa4ecb po: Update German translation 81bb94975 keyboxd: Fix database schema migration. 267f6db56 doc: Document default symmetric algo as AES-256 5d0ba97c8 Prepare NEWS 1b3bb7dde po: Enable Georgian translation. 6c1d13ac6 gpg: Implement skip function for keyboxd to fix a validation bug. 01eaa386e keybox: Fix the not yet used uid and pk keyblock index return values. c7472b1b9 po: Update Georgian Translation. 4350fc192 Avoid the function name thread_init. 674aa5424 dirmngr: Add a compatibility flag for use with newer Libksba versions. 32a3e5f83 common:dotlock: Escalate a warning message up to INFO from DEBUG. aab29b128 kbx:sqlite: Don't call dotlock_release. d4e40e2a8 common:dotlock: Comment fixes. 68dcfec91 common:dotlock:w32: Minor fixes for Windows. e4f20ba10 commond:dotlock: Remove support of use with glib. 493276a20 po: Update Portuguese translation 216a695ce agent: Use SHADOW_INFO to silence warnings. 57affc4e9 common,agent,dirmngr,kbx:w32: Synchronous spawning daemon process. cad79e542 agent,common,dirmngr,tests: Silence warnings of a compiler. bcd87ea2b misc: Validate the value on the use of strtol. ce44fde23 Post release updates
Pratik Farkase [Tue, 10 Feb 2026 20:39:05 +0000 (21:39 +0100)]
libconfig: add ptest support
Add ptest support to enable automated testing of libconfig
using ptest-runner.
The implementation uses libtool --mode=install to properly
install test binaries, avoiding issues with libtool wrapper
scripts. Tests are built via 'make check TESTS=' to compile
without running during the build phase.
The test suite includes 16 tests covering parsing, formatting,
binary/hex values, escaped strings, and various edge cases.
All tests pass successfully on qemux86-64 :
START: ptest-runner
BEGIN: /usr/lib/libconfig/ptest
[TEST] ParsingAndFormatting
parsing testdata/input_0.cfg
parsing testdata/input_1.cfg
parsing testdata/input_2.cfg
parsing testdata/input_3.cfg
parsing testdata/input_4.cfg
parsing testdata/input_5.cfg
parsing testdata/input_6.cfg
parsing testdata/input_7.cfg
[ OK ] ParsingAndFormatting
[TEST] ParseInvalidFiles
[ OK ] ParseInvalidFiles
[TEST] ParseInvalidStrings
[ OK ] ParseInvalidStrings
[TEST] BigInt1
[ OK ] BigInt1
[TEST] BigInt2
[ OK ] BigInt2
[TEST] BigInt3
[ OK ] BigInt3
[TEST] BigInt4
[ OK ] BigInt4
[TEST] BigInt5
[ OK ] BigInt5
[TEST] BigInt6
[ OK ] BigInt6
[TEST] BigInt7
[ OK ] BigInt7
[TEST] RemoveSetting
[ OK ] RemoveSetting
[TEST] EscapedStrings
[ OK ] EscapedStrings
[TEST] OverrideSetting
[ OK ] OverrideSetting
[TEST] SettingLookups
[ OK ] SettingLookups
[TEST] ReadStream
[ OK ] ReadStream
[TEST] BinaryAndHex
some auto big hex: 4294967296
some auto big bin: 8589934591
negativehex: -1430532899
[ OK ] BinaryAndHex
Pratik Farkase [Tue, 10 Feb 2026 19:50:41 +0000 (20:50 +0100)]
libassuan: add ptest support
Add ptest support to enable automated testing of libassuan
using ptest-runner.
The implementation installs test programs (version, pipeconnect,
fdpassing) and the shell script test (fdpassing-socket.sh).
All 4 tests pass on qemux86-64:
START: ptest-runner
BEGIN: /usr/lib/libassuan/ptest
PASS: version
Received data `Your lucky number is 3552664958674928. Watch for it everywhere.'
PASS: pipeconnect
PASS: fdpassing
PASS: fdpassing-socket.sh
END: /usr/lib/libassuan/ptest
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Pratik Farkase [Tue, 10 Feb 2026 19:33:28 +0000 (20:33 +0100)]
libarchive: add ptest support
Add ptest support to enable automated testing of libarchive
using ptest-runner.
The implementation builds and installs five test suites:
libarchive_test, bsdtar_test, bsdcpio_test, bsdcat_test, and
bsdunzip_test, along with their test data files.
Test executables for bsdtar, bsdcpio, bsdcat, and bsdunzip are
provided via symlinks to the installed binaries.
All tests on qemux86-64 pass:
libarchive_test: 689 tests
bsdtar_test: 76 tests
bsdcpio_test: 49 tests
bsdcat_test: 18 tests
bsdunzip_test: 8 tests
Logan Gallois [Tue, 10 Feb 2026 17:39:49 +0000 (18:39 +0100)]
oe-setup-build: TEMPLATECONF were not applied correctly
Since a recent change to support dash, cmd_base is a set of several
commands, separated by newlines.
TEMPLATECONF was only effective for the first command in that set,
which is not where it's needed.
Putting it on its own line will ensure that it's present for
everything in cmd_base.
Ross Burton [Mon, 9 Feb 2026 12:56:22 +0000 (12:56 +0000)]
classes/pkgconfig: move variable exports to the class
All recipes that use pkg-config should be inheriting the class so this
is a no-op change for those, and for recipes that do not use pkg-config
will no longer need to rebuild if these variables are changed.
Any recipes that use pkg-config but do not inherit the class will fail
to build, and this is intentional: those recipes should inherit the class.
This commit is simply the move of the exports, the values do not change.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 9 Feb 2026 12:56:21 +0000 (12:56 +0000)]
python3-numpy: backport a Meson patch to fix pkg-config lookups
When Meson uses pkg-config to introspect the Python install it resets
PKG_CONFIG_PATH and PKG_CONFIG_LIBDIR to the location that the running
python3 says is the library directory. However, when it writes to
PKG_CONFIG_LIBDIR it uses the _target_ library directory without
prefixing this with the sysroot, which breaks the build if _LIBDIR is
the primary search path.
This has been fixed in Meson since 1.10.0[1] but numpy has a vendored
fork of Meson that is currently at 1.9.2, so backport the specific fix
to solve this problem.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 9 Feb 2026 12:56:19 +0000 (12:56 +0000)]
pkgconfig: inherit the pkgconfig class
Building target pkgconfig needs pkgconfig-native because pkgconfig uses
pkgconfig to find libglib. Inherit the pkgconfig class so that the
pkgconfig recipe does not need to know the details of how pkgconfig is
integrated.
Native builds use an internal copy of glib to avoid the circular
dependency, and the self-dependency on pkgconfig-native is automatically
pruned.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Quentin Schulz [Fri, 13 Feb 2026 13:22:55 +0000 (14:22 +0100)]
mesa: upgrade 25.3.5 -> 26.0.0
See https://docs.mesa3d.org/relnotes/26.0.0.html for the changelog and
sha256sum.
This removes:
- 0001-ethosu-drop-file-names-from-the-generated-file.patch, as it is
merged in commit cdb6468c53ef ("ethosu: drop file names from the
generated file"),
- 0001-gfxstream-don-t-dump-genvk.py-args-to-generated-file.patch, as it
is merged in commit 4315c28739dc ("gfxstream: don't dump genvk.py args
to generated files"),
- 0002-rocket-drop-file-names-from-the-generated-file.patch, as it is
merged in commit 7a3bfd1f7913 ("rocket: drop file names from the
generated file"),
0001-freedreno-don-t-encode-build-path-into-binaries.patch is updated to
latest version in the merge request. Unfortunately, the do_patch task
with the patch file directly downloaded from the merge request fails to
apply it due to patch-fuzz. Instead, I downloaded the file locally and
applied it with git-am and use git-format-patch to generate one that
do_patch doesn't complain about.
Since commit b72d347d1c3b ("meson: crocus and intel_hasvk now require
clc"), both crocus and intel_hasvk require clc, so let's make this
dependency explicit by requiring libclc PACKAGECONFIG to enable those
drivers.
KosmicKrisp is a new driver but my understanding is it's for MacOS only
and we're not generated that OS, so skip adding a PACKAGECONFIG for it.
r600 now doesn't require LLVM anymore since commit ebf14544102e ("r600:
remove LLVM dependency") but for some reason we never added the
dependency so no need to remove something that isn't there.
There's a new option vulkan-manifest-per-architecture (default true)
which controls whether the target machine architecture must be part of
the Vulkan ICD filenames. The meson feature description states:
If false, all architectures share a single JSON manifest for example
lvp_icd.json, referencing the library by its basename. (Recommended for
Unix OS distros installing into /usr.)
Considering we install the Vulkan ICDs into /usr/share, let's make this
false by default. Also, we're only building for one architecture so this
probably doesn't change much except renaming.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Quentin Schulz [Fri, 13 Feb 2026 13:22:54 +0000 (14:22 +0100)]
mesa: fix missing llvm dependency for i915
i915 requires llvm at least explicitly since commit b8b38d38b1c1
("meson: reinstate LLVM requirement for r300 and enforce it for i915
too") in mesa (available since 25.3.0).
By default, Intel machines are built with gallium-llvm (see the various
PACKAGECONFIG:append: in mesa.bb), so the dependencies would be met.
It seems like Intel Arc discrete GPU may be supported by i915, so I'm
assuming it could be possible to have a non-Intel machine have the need
for the i915 driver.
In any case, this is highlighting the actual dependencies so let's add
gallium-llvm as a dependency for i915, as it should.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 13 Feb 2026 12:22:45 +0000 (12:22 +0000)]
pseudo: Update to include an openat2 fix
We're seeing occasional autobuilder failures with tar issues related to openat2.
It appears there are definitions missing on debian 11 and opensuse 15.5 systems
which mean the openat2 syscall intercept isn't compiled in. This then triggers
on systems using the openat2 syscall, such as alma9 where it is used in a tar
CVE fix.
This updates to include the fix from upstream pseudo (along with a compile warning
fix).
This was tested by taking sstate for pseudo-native from a debian 11 system and using
it in a build of "bitbake nativesdk-git -c install" on a alma9 system where that task
failed. After this fix, it completes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 9 Feb 2026 14:30:33 +0000 (14:30 +0000)]
populate_sdk_ext: Ensure BB_BASHSERBVE_DB_DIR is handled correctly
The new BB_BASHSERBVE_DB_DIR variable needs to be filtered when creating eSDK
local.conf files since we use tricks with the hashserve DB in the eSDK to
create a local cache file as part of eSDK creation.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
devtool: ide-sdk: Support GDB pretty-printing for C++ STL types
GDB requires Python scripts provided by GCC to properly display C++ STL
types. This commit adds support for configuring GDB to use these
pretty-printers in the ide-sdk, covering both the ide_none and ide_code
plugins.
The implementation locates the GCC Python helper scripts in the sysroot
and injects the necessary commands into the GDB initialization files and
IDE debug configurations. This ensures that when debugging C++
applications, STL containers and other complex types are displayed in a
readable format.
Without this:
(gdb) print numbers
$1 = {<std::_Vector_base<int, std::allocator<int> >> = {
_M_impl = {<std::allocator<int>> = {<std::__new_allocator<int>> =
{<No data fields>}, <No data fields>}, <std::_Vector_base<int,
std::allocator<int> >::_Vector_impl_data> =
{_M_start = 0x55555556c370, _M_finish = 0x55555556c37c,
_M_end_of_storage = 0x55555556c37c}, <No data fields>}},
<No data fields>}
With this:
(gdb) print numbers
$1 = std::vector of length 3, capacity 3 = {1, 2, 3}
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a standard container (std::vector) to the C++ example program to
demonstrate the debugger's capability to inspect and traverse STL
containers during a debugging session. This requires enabling GDB's
pretty-printing feature, which depends on Python scripts shipped with
the compiler.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Improve the reverse mapping for searching the source files for remote
debugging by taking the details from DEBUG_PREFIX_MAP into account when
generating GDB's debug-file-directory mappings. This allows settings
such as DEBUG_PREFIX_MAP = "" for modified recipes to be used to avoid
any path remapping.
Background:
For packaged debug-symbols, the references to the source code need to be
relocated to paths which are valid on the target system. By default,
devtool ide-sdk tries to keep the relocated paths and configures the
debugger to reverse map them back to the original source paths. The goal
is to provide a debug setup which is a close as possible to a regular
build.
Usually this works well, but there are situations where the reverse
mapping is not unambiguous. For example the default DEBUG_PREFIX_MAP
adds two different source paths (${S} and ${B}) to the same target path
(${TARGET_DBGSRC_DIR}). If both source paths contain files with the same
name, the debugger cannot determine which source file to use. For this
example it is usually sufficient to only map ${S} to the target path.
The source files in ${B} are probably a few generated files which are
not that interesting for debugging. But depending on the project, the
files in ${B} might also be relevant for debugging.
Also add a hint to the generated local.conf snippet to use
DEBUG_PREFIX_MAP = "" if the user wants to optimize the build for
debugging.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This adds more test coverage for devtool ide-sdk, with VSCode. The cmake
test case has now a full remote debugging test on Qemu. The test checks
the generated launch.json and tasks.json files, starts gdbserver and
connects to it. The test verifies breakpoints, variables and source file
listing.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Write the ssh command to start gdbserver on target directly into the
tasks.json. This avoids the need to create one more script file on the
host. It also simplifies manual modifications of VSCode's standard
tasks.json which is much more handy than modifying multiple proprietary
scripts used to launch gdbserver.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
devtool: ide-sdk: make install_and_deploy script pass target arg
Previously, the target was hardcoded in the install_and_deploy script,
limiting flexibility. This change allows passing the target as a
command-line argument, enabling IDEs to configure the target dynamically
rather than only at IDE configuration generation time.
This is a first step towards making the target configurable from the IDE.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
devtool: ide-sdk: add gdbserver attach mode support
Enhance remote debugging configuration to support multiple modes
per executable binary. This adds support for gdbserver's attach
mode as an additional debug configuration.
When the binary is detected to run as a systemd service or SysV
init script, an attach debug configuration is generated alongside
the regular configuration that starts the process via gdbserver.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oe-selftest: devtool: check example services are running
When running the devtool ide-sdk test with qemu, verify that the example
services are actually running on the target by using pgrep to check for
the example executable names.
Also verify that the configuration files in /etc are owned by the proper
user and group, both before and after the install_and_deploy scripts
have run. This is also a check that the install_and_deploy scripts
are working correctly with pseudo.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Extend the C++ example to run as systemd/SysV services
This change adds service capability to the existing C++ example without
modifying its original behavior. The example can now run either as:
- One-shot executables (existing behavior)
- Long-running services via systemd or SysV init
The service runs as an unprivileged user/group, demonstrating security
best practices for service development. This introduces additional
complexity to the build process, particularly around proper pseudo usage
in development builds. The implementation includes:
- Service configuration files (systemd .service and SysV init script)
- Dedicated user/group creation with appropriate permissions
- JSON configuration file for runtime customization, owned by the
service user
- Command-line --endless flag to enable service mode
- Full support for both CMake and Meson build systems
This enhancement enables testing debugger configurations that attach to
running processes, expanding the examples' utility for development tools.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
