Richard Purdie [Wed, 24 Dec 2025 13:01:29 +0000 (13:01 +0000)]
oeqa/selftest/glibc: Increase VM memory
We're seeing OOM killer issues when testing glibc on KVM system mode testing
which leads to hanging selftests on the autobuilder. The processes killed in
the images are semi-random.
Increase the memory size to avoid these hanging builds.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Tue, 23 Dec 2025 04:14:53 +0000 (12:14 +0800)]
qemu: disable libkeyutils
When package keyutils-devel is installed on host and gcc in extend buildtools
is used, qemu-system-native do_compile failed with error:
../qemu-9.2.0/backends/cryptodev-lkcf.c:36:10: fatal error: keyutils.h: No such file or directory*
36 #include <keyutils.h>
^~~~~~~~~~~~
gcc in extend buildtools can find libkeyutil on the host, but it will not
search the headers on the host cause above issue. add PACKAGECONFIG
libkeyutils, and disable libkeyutils by default to fix the issue
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
08644db Fix build for Linux 6.18-rc1 ccf3ce9 Fixed compiler optimisation bug in tests 277d457 Fix uninitialized session pointers 3a93756 Exclude unused struct since Linux >= 6.5 d481e97 Fix cryptodev_verbosity sysctl for Linux 6.11-rc1 135cbff Release version 1.14
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 18 Dec 2025 20:22:38 +0000 (15:22 -0500)]
linux-yocto/6.18: rust kernel configs
Integrating the following commit(s) to linux-yocto/.:
1/3 [
Author: Harish Sadineni
Email: Harish.Sadineni@windriver.com
Subject: features/kernel-rust: Add feature to enable Rust kernel support
Date: Thu, 11 Dec 2025 04:42:31 -0800
Add a new kernel feature that enables Rust support in the kernel. This
introduces kernel-rust.cfg to set Rust-related Kconfig options and
kernel-rust.scc to define the feature metadata.
The feature enables:
- CONFIG_RUST
- CONFIG_RUST_OVERFLOW_CHECKS
- CONFIG_RUST_BUILD_ASSERT_ALLOW
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Extend the existing kernel-sample feature by adding support for the Rust
sample modules provided by the kernel. This adds a new kernel-rust-sample.cfg
and corresponding .scc entry alongside the existing kernel-samples.cfg.
The new configuration enables:
- CONFIG_SAMPLES_RUST
- CONFIG_SAMPLE_RUST_MINIMAL
- CONFIG_SAMPLE_RUST_PRINT
- CONFIG_SAMPLE_RUST_HOSTPROGS
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Add a new debug feature to enable Rust-related kernel debugging support.
This introduces debug-kernel-rust.scc along with its associated Kconfig
file debug-kernel-rust.cfg.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 18 Dec 2025 20:22:35 +0000 (15:22 -0500)]
linux-yocto/6.17: drop recipes
The 6.17 recipes were provided to bridge supported kernel
versions between 6.16 and 6.18. We now have 6.18 being
introduced, so we can delete these recipes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 18 Dec 2025 20:22:34 +0000 (15:22 -0500)]
linux-yocto/6.17: rust kernel configs
Integrating the following commit(s) to linux-yocto/.:
1/3 [
Author: Harish Sadineni
Email: Harish.Sadineni@windriver.com
Subject: features/kernel-rust: Add feature to enable Rust kernel support
Date: Thu, 11 Dec 2025 04:42:31 -0800
Add a new kernel feature that enables Rust support in the kernel. This
introduces kernel-rust.cfg to set Rust-related Kconfig options and
kernel-rust.scc to define the feature metadata.
The feature enables:
- CONFIG_RUST
- CONFIG_RUST_OVERFLOW_CHECKS
- CONFIG_RUST_BUILD_ASSERT_ALLOW
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Extend the existing kernel-sample feature by adding support for the Rust
sample modules provided by the kernel. This adds a new kernel-rust-sample.cfg
and corresponding .scc entry alongside the existing kernel-samples.cfg.
The new configuration enables:
- CONFIG_SAMPLES_RUST
- CONFIG_SAMPLE_RUST_MINIMAL
- CONFIG_SAMPLE_RUST_PRINT
- CONFIG_SAMPLE_RUST_HOSTPROGS
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Add a new debug feature to enable Rust-related kernel debugging support.
This introduces debug-kernel-rust.scc along with its associated Kconfig
file debug-kernel-rust.cfg.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 18 Dec 2025 20:22:31 +0000 (15:22 -0500)]
linux-yocto/6.16: rust kernel configs
Integrating the following commit(s) to linux-yocto/.:
1/3 [
Author: Harish Sadineni
Email: Harish.Sadineni@windriver.com
Subject: features/kernel-rust: Add feature to enable Rust kernel support
Date: Thu, 11 Dec 2025 04:42:31 -0800
Add a new kernel feature that enables Rust support in the kernel. This
introduces kernel-rust.cfg to set Rust-related Kconfig options and
kernel-rust.scc to define the feature metadata.
The feature enables:
- CONFIG_RUST
- CONFIG_RUST_OVERFLOW_CHECKS
- CONFIG_RUST_BUILD_ASSERT_ALLOW
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Extend the existing kernel-sample feature by adding support for the Rust
sample modules provided by the kernel. This adds a new kernel-rust-sample.cfg
and corresponding .scc entry alongside the existing kernel-samples.cfg.
The new configuration enables:
- CONFIG_SAMPLES_RUST
- CONFIG_SAMPLE_RUST_MINIMAL
- CONFIG_SAMPLE_RUST_PRINT
- CONFIG_SAMPLE_RUST_HOSTPROGS
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Add a new debug feature to enable Rust-related kernel debugging support.
This introduces debug-kernel-rust.scc along with its associated Kconfig
file debug-kernel-rust.cfg.
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 18 Dec 2025 20:22:29 +0000 (15:22 -0500)]
linux-yocto/6.12: update to v6.12.62
Updating linux-yocto/6.12 to the latest korg -stable release that comprises
the following commits:
53d3c6ddbb974 Linux 6.12.62 7bce22989c7b7 bus: mhi: host: pci_generic: Add Telit FN990B40 modem support 4e3297ec0c469 bus: mhi: host: pci_generic: Add Telit FN920C04 modem support d1ab7f9cee22e staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing 61871c83259a5 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing a54e2b2db1b7d staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser f6e629dfe6f59 comedi: check device's attached status in compat ioctls 8952bc1973cd5 comedi: multiq3: sanitize config options in multiq3_attach() 9fd8c8ad35c8d comedi: c6xdigio: Fix invalid PNP driver unregistration ff100f869c2e6 wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1 2f6ea894eba4c wifi: rtl8xxxu: Add USB ID 2001:3328 for D-Link AN3U rev. A1 68852305e967c samples: work around glibc redefining some of our defines wrong 4d9fb5428568f LoongArch: Mask all interrupts during kexec/kdump 898c0794e7997 HID: elecom: Add support for ELECOM M-XT3URBK (018F) 15bfd5b946a0c platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally 84c2898ad1412 platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list 9fc36198989e6 platform/x86: huawei-wmi: add keys for HONOR models b22703f8b5b37 HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list 6e55ee83b1426 platform/x86: acer-wmi: Ignore backlight event a71677392ca53 pinctrl: qcom: msm: Fix deadlock in pinmux configuration e8061d02b49c5 nvme: fix admin request_queue lifetime 573bccc5c2fcc HID: hid-input: Extend Elan ignore battery quirk to USB 77899444d4616 bfs: Reconstruct file type when loading from disk 002c4d2d8482b ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series e71a1bafe6f68 drm/amdkfd: Fix GPU mappings for APU after prefetch ef9b1e6b8f902 smb: fix invalid username check in smb3_fs_context_parse_param() 4c5b89f381543 Bluetooth: btrtl: Avoid loading the config file on security chips f09812f4dcb13 drm/vmwgfx: Use kref in vmw_bo_dirty 5daaca0150db8 spi: imx: keep dma request disabled before dma transfer setup a215b8db00b51 spi: xilinx: increase number of retries before declaring stall deff7dfc4dc4e ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct() 700d4d1e785d8 USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC 2ceb2b5813b29 USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC 0423aaa295cee serial: add support of CPCI cards ccf6e31b91ae6 USB: serial: ftdi_sio: match on interface number for jtag 31dea5e1c28ce USB: serial: option: move Telit 0x10c7 composition in the right place b38c151b4aaf6 USB: serial: option: add Telit Cinterion FE910C04 new compositions 1f39939fbe2ef USB: serial: option: add Foxconn T99W760 87cc1622c88a4 KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced 5caa40e7c6a43 comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() 22a76b0861ae6 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() b163a5e8c7032 locking/spinlock/debug: Fix data-race in do_raw_write_lock 5ac763713a1ef ksmbd: ipc: fix use-after-free in ipc_msg_send_request 210ac60a86a3a ext4: refresh inline data size before write operations a2a7f854d154a jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted 432cb68e4555c Documentation: process: Also mention Sasha Levin as stable tree maintainer f68ffd58d444c xfrm: flush all states in xfrm_state_fini f7d879c19d306 xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added 13b32a7e544c0 Revert "xfrm: destroy xfrm_state synchronously on net exit path" dc3636912d417 xfrm: delete x->tunnel as we delete x
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 18 Dec 2025 20:22:26 +0000 (15:22 -0500)]
kern-tools: fix commit SHA reproducibility with raw diffs
Integrating the following commit:
commit a4a362d9f4f0abc8ab145a8673166b9bd875731a (HEAD -> master, origin/master, origin/HEAD)
Author: Hubert Wiśniewski <hubert.wisniewski.25632@gmail.com>
Date: Sat Nov 22 15:23:02 2025 +0100
kgit-s2q: fix commit SHA reproducibility with raw diffs
In case of git-am failure, kgit-s2q tries to read the date from the
patch. Unfortunately, if the patch does not have a date (e.g. raw diff),
no date is set and git uses the current system time.
This patch makes kgit-s2q use SOURCE_DATE_EPOCH as the last resort or emit
a warning if it's not available. Additionally, GIT_COMMITTER_DATE is set
to GIT_AUTHOR_DATE if requested with --commit-sha option (same behavior as
with git-am).
Signed-off-by: Hubert Wiśniewski <hubert.wisniewski.25632@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Luka Krstic [Thu, 18 Dec 2025 09:11:38 +0000 (10:11 +0100)]
patchtest: reject Upstream-Status after scissors
Upstream-Status must be placed in the patch header before the
scissors line. patchtest currently accepts tags that appear
only after the scissors, which means the tag is lost when the
patch is refreshed by git or devtool.
Update test_upstream_status_presence_format() to distinguish
between tags in the header and tags after the scissors, and
reject the latter.
Fixes: [YOCTO #15940] Signed-off-by: Luka Krstic <lukakrstic031@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Koen Kooi [Fri, 19 Dec 2025 12:01:07 +0000 (13:01 +0100)]
systemd: package 'ukify' seperately
The upgrade to 258.x started shipping 'ukify' by default, but didn't
adjust the runtime dependencies. Add the python modules 'ukify' imports
and split out the package to avoid dragging in gigabytes of python just
plain systemd.
Succesfully tested at runtime on:
* RB1-core-kit, using u-boot EFI mode + systemd-boot
* RB3gen2-core-kit, using Qualcomm UEFI + systemd-boot
* Rubikpi3, using Qualcomm UEFI and type 2 boot
* Beagleboneblack using u-boot UFI mode + systemd-boot
Koen Kooi [Fri, 19 Dec 2025 12:01:06 +0000 (13:01 +0100)]
python3-pyzstd: import 0.17.0 from meta-python
>From the upstream website:
Pyzstd module provides classes and functions for compressing and
decompressing data, using Facebook's Zstandard (or zstd as short name)
algorithm.
This recipe is being moved over for systemd 258.x, the 'ukify' tool
depends on this.
Yash Shinde [Fri, 19 Dec 2025 09:27:54 +0000 (01:27 -0800)]
binutils: fix CVE-2025-11840
CVE-2025-11840
PR 33455
[BUG] A SEGV in vfinfo at ldmisc.c:527
A reloc howto set up with EMPTY_HOWTO has a NULL name. More than one
place emitting diagnostics assumes a reloc howto won't have a NULL
name.
Yash Shinde [Fri, 19 Dec 2025 09:27:53 +0000 (01:27 -0800)]
binutils: fix CVE-2025-11839
CVE-2025-11839
PR 33448
[BUG] Aborted in tg_tag_type at prdbg.c:2452
Remove call to abort in the DGB debug format printing code, thus allowing
the display of a fuzzed input file to complete without triggering an abort.
Ross Burton [Thu, 18 Dec 2025 20:53:18 +0000 (20:53 +0000)]
kea: remove more host paths
If ccache is in use then the full path to ccache is resolved, and ends
up in both config.report and then config_report.cc. This results in
build paths in libkea-cfgrpt.so.3.0.0, so we should also remove
HOSTTOOLS_DIR from these files to ensure both reproducibility and no
host contamination.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 18 Dec 2025 17:42:47 +0000 (17:42 +0000)]
libexif: rewrite ptest handling
What started as replacing the installation of libtool wrapper scripts
ended up being a rewrite of the ptest integration.
There are only ~15 tests so we can install the binaries with libtool,
extract the test names from the Makefile, and just run them with a few
lines of shell.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Sat, 6 Dec 2025 20:48:24 +0000 (21:48 +0100)]
libpng: upgrade 1.6.51 -> 1.6.52
Handles CVE-2025-66293
>From Release Notes [1]:
Fixed CVE-2025-66293 (high severity):
Out-of-bounds read in `png_image_read_composite`.
(Reported by flyfish101 <flyfish101@users.noreply.github.com>.)
Fixed the Paeth filter handling in the RISC-V RVV implementation.
(Reported by Filip Wasil; fixed by Liang Junzhao.)
Improved the performance of the RISC-V RVV implementation.
(Contributed by Liang Junzhao.)
Added allocation failure fuzzing to oss-fuzz.
(Contributed by Philippe Antoine.)
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Bergin [Thu, 18 Dec 2025 10:46:34 +0000 (11:46 +0100)]
go.bbclass: disable workspaces
go has a feature of workspaces [1]. If there is a file called go.work
in your working directory on any of its parent directories that will
be read and used during build. For OE where the builds shall
be sandboxed this is bad as a workspace file outside of the build
environment can be picked up. This commit wil disable that feature
according to the instruction in [1].
This was found and introduced build failures when a file go.work was
in the parent directory outside of OE build directory.
[1] https://go.dev/ref/mod#workspaces
Signed-off-by: Peter Bergin <peter@berginkonsult.se> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Liyin Zhang [Thu, 18 Dec 2025 07:57:57 +0000 (15:57 +0800)]
rsync: fix CVE-2025-10158
CVE-2025-10158:
A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue.
Miaoqing Pan [Thu, 18 Dec 2025 03:04:48 +0000 (11:04 +0800)]
wpa-supplicant: enable 802.11be support
wpa_supplicant has supported IEEE 802.11be (Wi-Fi 7) for over three
years. With growing market demand for Wi-Fi 7, it is now an
appropriate time to enable IEEE 802.11be Extremely High Throughput
(EHT) support, mainly for AP mode.
This implementation conforms to IEEE Std 802.11be-2024, which was
approved by the IEEE SA Standards Board on September 26, 2024 and
officially published on July 22, 2025.
Signed-off-by: Miaoqing Pan <miaoqing.pan@oss.qualcomm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Thu, 18 Dec 2025 02:53:51 +0000 (10:53 +0800)]
insane.bbclass: avoid unnecessary rerun of do_patch
When toggling ptest for DISTRO_FEATURES, the do_patch function
gets rerun.
The dependency chain is:
do_patch -> do_qa_patch -> DISTRO_FEATURES{ptest}
Such rerun is not necessary. And it's kind of annoying because everything
gets rebuilt, including cross toolchain and recipes not using ptest.
The ERROR_QA and WARN_QA should be enough to trigger the re-run
if unimplemented-ptest is added to one of them. So remove the first
check of DISTRO_FEATURES on ptest to avoid these unnecessary reruns.
fragments/autobuilder: Add back PTEST_EXPECT_FAILURE
The PTEST_EXPECT_FAILURE option setting was recently dropped from
core-image-ptest [1]. This is probably the right thing to do, but we
still want to use it on the autobuilder.
Note, this will now be enabled on all images and not just the ptest
ones, but this should not change the whole behaviour.
Chen Qi [Tue, 9 Dec 2025 02:00:39 +0000 (02:00 +0000)]
core-image-ptest: drop PTEST_EXPECT_FAILURE
This variable setting is not helping people now. Because in practice,
ptest failure warnings on autobuilder are still catched and reported
back to developer.
In addition, setting this value to 1 is sometimes causing confusion for
developers.
As an example, I used 'bitbake core-image-ptest-util-linux:do_testimage'.
It succeeded with warning message. I didn't notice the warning message.
I saw the command succeeded and I tought util-linux ptest is OK. But
in actual fact, the ptest failed. It's the PTEST_EXPECT_FAILURE setting
in this core-image-ptest.bb that is not giving me error.
In summary, a simple erroring out action should be clearer.
Khem Raj [Sat, 13 Dec 2025 18:35:22 +0000 (10:35 -0800)]
kexec-tools: Upgrade to 2.0.32
License-Update: Update with current text for GPLv2 [1]
* This version has support for riscv64 so enable it in COMPATIBLE_HOSTS
* LoongArch support and other fixes
* Drop patch already upstream in 2.0.32 release
Hongxu Jia [Wed, 17 Dec 2025 11:08:03 +0000 (19:08 +0800)]
webkitgtk: workaround compile failure for large debug symbols
Originally, we move space optimize from recipe webkitgtk to
yocto-space-optimize.inc [1], it caused multiple build failures
if not include yocto-space-optimize.inc
For qemux86-64: "relocation truncated to fit: R_X86_64_32 against `.debug_info'"
For qemuarm64: "relocation truncated to fit: R_AARCH64_ABS32 against `.debug_info'"
According to the suggestion of gcc [2], pass -g1 to massively reduce the size of
the debug symbols to workaround the errors
Remove duplicate setting from yocto-space-optimize.inc at the same time.
It's possible that users use EXTRA_USERS_PARAMS to set password
for root or explicitly expire root password. So we need to check
these two cases to ensure the 'no password' banner is not misleading.
As an example, below are configurations to make an image requiring
setting a root password on first boot, but without having to first enter
a static initial password:
In conf/toolcfg.cfg:
OE_FRAGMENTS += "distro/poky core/yocto/root-login-with-empty-password
In local.conf:
INHERIT += "extrausers"
EXTRA_USERS_PARAMS += " passwd-expire root;"
Adding such banner is only meaningful when base-passwd and baes-files are
installed. In case of container image, they might not be installed (e.g.,
container-test-image). So add extra checking for it. With the above logic,
we avoid breaking the following oe-selftest test case:
containerimage.ContainerImageTests.test_expected_files
Chen Qi [Wed, 17 Dec 2025 05:22:39 +0000 (05:22 +0000)]
extrausers.bbclass: use '+=' for ROOTFS_POSTPROCESS_COMMAND
This is the only place in oe-core that still uses apppend for
ROOTFS_POSTPROCESS_COMMAND. It's modifying users and groups and
such behavior does not need to run as the last step. So change
to use '+='.
Favazza, Samuele [Tue, 16 Dec 2025 14:33:31 +0000 (14:33 +0000)]
run-postinsts: fix post-install-script output in log file
When the POSTINST_LOGGING is enabled the output of the post-install
script is not stored in the 'postinstall.log' file. This probably
happened since commit 706410c847ac9c89317d098de5d5c580736edbbb.
Fix the post-install script execution statement to honor the
stdout/stderr redirection to the 'postinstall.log' file.
Ross Burton [Tue, 16 Dec 2025 16:10:01 +0000 (16:10 +0000)]
gdk-pixbuf: upgrade 2.42.12 -> 2.44.4
Upstream changes (subset):
- Add glycin loader (a sandboxed rust image loading framework)
- Deprecate the XPM-related API
- The animation-related APIs have been deprecated
- jpeg: Fix a crash related to icc data (CVE-2025-7345)
- Prefer builtin modules
Explicitly disable the glycin plugin for now, as we don't have a recipe
for glycin yet.
Explicitly disable the thumbnailer for now, this hasn't been built since
2.38[2] and would need more integration to work in cross builds.
Use 'documentation' for the gi-docgen option[1].
[1] gdk-pixbuf ee5a35665 ("build: Add "documentation" configuration option")
[2] gdk-pixbuf fc3770831 ("meson: don't build tests or the thumbnailer if cross building")
since 2.38
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 16 Dec 2025 13:36:00 +0000 (13:36 +0000)]
freetype: use meson instead of autotools
Port the options to Meson, and drop all of the autoconf tweaking.
Enable Harfbuzz support using dynamic loading by default. If Harfbuzz is
present at runtime then FreeType will use it for improved hinting. Do
not RDEPENDS on harfbuzz so that it's only used if already present in
the rendering stack.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 16 Dec 2025 13:35:59 +0000 (13:35 +0000)]
freetype: upgrade 2.13.3 -> 2.14.1
Important upstream changes:
- A new configuration macro `FT_CONFIG_OPTION_USE_HARFBUZZ_DYNAMIC`
is available to load the HarfBuzz library dynamically.
- The auto-hinter got new abilities.
- Bitmap-only TrueType fonts now ignore the `FT_LOAD_NO_BITMAP` flag.
Update the home page and bug tracker links.
License-Update: wording, nothing relevant.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 16 Dec 2025 13:35:57 +0000 (13:35 +0000)]
ruby: upgrade 3.4.5 -> 3.4.7
Upstream changes:
- Merge URI-1.0.4 for Ruby 3.4 by hsbt
- Bug #21313: it in rescue/ensure on prism
- [3.4] compile.c: Handle anonymous variables in outer_variable_cmp by byroot
- Bug #21610: Use ec->interrupt_mask to prevent interrupts.
- Bug #21611: Ruby 3.4.6 can't be built with GCC 15.2.1
- Bug #21342: Segfault: invalid keeping_mutexes when using Mutex in Thread then Fiber after GC
- Bug #21569: [armv7, musl] SIGBUS in ibf_load_object_float due to unaligned VFP double load when reading IBF
- Bug #21568: Requiring core libraries when already requiring multiple user defined libraries with the same name can error
- Bug #21514: Rust deprecation warning building ruby-3.4.5/yjit/src/codegen.rs
- Bug #21259: The Prism compiler wrongly creates a line number of zero
- Bug #21188: PRISM does not end reading from tty with ^D twice
- Bug #21546: prefix in ruby.pc is wrong when --enable-load-relative
- Bug #21402: ruby2_keywords affects methods/procs with post arguments
- Bug #19417: Regexp \p{Word} and [[:word:]] do not match Unicode Other_Number character
- Bug #21535: NoMethodError becomes NameErrorwhen using ... delegation and method call indirection
- YJIT: Add more information to an assert message by k0kubun
- Bug #21567: Crash when $LOADED_FEATURES is modified during require
- Bug #21561: Wrong encoding for File.dirname result on Windows
- Bump Prism version to 1.5.1 by k0kubun
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 16 Dec 2025 13:35:56 +0000 (13:35 +0000)]
python3-hatchling: upgrade 1.27.0 -> 1.28.0
Upstream changes:
- Drop support for Python 3.9
- Add sbom-files option and sbom_files build data to the wheel build
target for including Software Bill of Materials files.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 16 Dec 2025 13:35:55 +0000 (13:35 +0000)]
ofono: upgrade 2.18 -> 2.19
Upstream changes:
- gobi: Support raw-ip only devices
- Revert "atmodem: let +COPS: report access technology for SIMCom"
- atmodem: report cell technology capability for SIMCom A76XX
- atmodem: also handle EUTRAN networks in creg_notify()
- atmodem: add explicit handling for netreg status in creg_notify()
- sim7100: Update to handle broader A76XX modem series
- sim7100: enable ppp-reset workaround
- plugins: drop droid and use gobi for droid4 modem instead
- gobi: Add "OfflineOperatingMode" property
- gobi: do not assume LTE is supported, detect it
- ofono.conf: enable D-Bus use with PipeWire
- gobi: If WDA unsupported, skip data format logic
- gobi: request PDS service if supported
- gobi: fix start_service_requests() return type
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Update many existing ACPI tables to follow the ACPI 6.6 Specification
changes and/or newly approved ASWG ECRs
- Add a few new ACPI tables: IOVT, SWFT, KEYP
- Add many new UUIDs, Hardware/PnP/ACPI IDs
- Support a few new special methods (_xxx format) and modify few
existing ones to stay compliant with the latest ACPI Specification
changes
- Improve existing tools/utilities and fix/clean up some problematic
usages along with patching certain vulnerabilities
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since x86 .eh_frame section may reference _GLOBAL_OFFSET_TABLE_, keep
_GLOBAL_OFFSET_TABLE_ if there is dynamic section and the output
.eh_frame section is non-empty.
Backport a patch from upstream to fix CVE-2025-11494
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a]
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oe-selftest: uboot: add test for building U-Boot initial env binary
This adds two new selftest cases `test_uboot_initial_env_binary` and
`test_uboot_config_initial_env_binary` to verify the build of the U-Boot
initial env binary with the mkimage tool.
Build the U-Boot initial environment binary image if
UBOOT_INITIAL_ENV_BINARY is set to "1". The environment partition size
(in bytes, hexadecimal or decimal) must be defined using
UBOOT_INITIAL_ENV_BINARY_SIZE.
If U-Boot environment redundancy is enabled,
UBOOT_INITIAL_ENV_BINARY_REDUND must be set to "1".
The resulting binary can be flashed using WIC at the environment offset,
overriding any existing environment if present, for example:
part --source rawcopy --sourceparams="file=u-boot-initial-env-sd.bin" --ondisk sda --no-table --offset 4096
Signed-off-by: Pierre-Loup GOSSE <pierre-loup.gosse@smile.fr> Reviewed-by: Martin Schwan <m.schwan@phytec.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 11 Dec 2025 15:29:36 +0000 (15:29 +0000)]
oelint: Remove obsolete class
Most of the checks in this class are covered by other areas of the code now.
If there is anyting important missing, it should be added elsewhere. The
code hasn't had meaningful changes since 2014. Drop it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Barker [Wed, 17 Dec 2025 15:05:34 +0000 (15:05 +0000)]
cve-update: Avoid NFS caching issues
When moving the updated CVE database file to the downloads directory,
ensure that it has a different inode number to the previous version of
this file.
We have seen "sqlite3.DatabaseError: database disk image is malformed"
exceptions on our autobuilder when trying to read the CVE database in
do_cve_check tasks. The context here is that the downloads directory
(where the updated database file is copied to) is shared between workers
as an NFS mount. Different autobuilder workers were seeing different
checksums for the database file, which indicates that a mix of both new
and stale data was being read. Forcing each new version of the database
file to have a different inode number will prevent stale data from being
read from local caches.
This should fix [YOCTO #16086].
Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core.git / log
