Mikko Rapeli [Fri, 20 Dec 2024 09:12:32 +0000 (11:12 +0200)]
systemd: add fido to PACKAGECONFIG options
To enable FIDO support.
meta-oe can provide libfido2 but it depends on udev
which creates a dependency loop between systemd (provider of udev)
and libfido2 which is currently unresolved. systemd recipe
could split udev to a separate recipe to solve this, or libfido2
could be compiled in systemd source tree after udev but before
rest of systemd.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Disable the build of the unused tests. Also drop the xwayland
dependency on xcb-util-cursor since it is a specific requirement
for the xwayland test build.
Signed-off-by: Tom Hochstein <tom.hochstein@oss.nxp.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tom Hochstein [Sun, 22 Dec 2024 16:22:32 +0000 (10:22 -0600)]
weston: Fix wayland-protocols dependency
An SDK build of weston fails:
```
Run-time dependency wayland-protocols found: NO (tried pkgconfig and cmake)
```
The file wayland-protocols.pc is missing in the SDK. This is traced to
the upgrade of wayland-protocols to 1.38 [1], which re-enables the dev
package, which moves wayland-protocols.pc to wayland-protocols-dev.
The upgrade to 1.38 re-enables the dev package [1]. With the dev
package enabled, the file wayland-protocol.pc is filtered by default
into the dev package, and the override adding it to the main package
does nothing and is not needed.
Tom Hochstein [Sun, 22 Dec 2024 16:22:30 +0000 (10:22 -0600)]
pkgconfig: Add pkg-config-native to SDK
Building weston with an SDK fails to find pkg-config-native:
```
Did not find pkg-config by name 'pkg-config-native'
Found pkg-config: NO
Found CMake: /opt/poky/5.1/sysroots/x86_64-pokysdk-linux/usr/bin/cmake (3.31.0)
Build-time dependency wayland-scanner found: NO (tried cmake)
protocol/meson.build:1:14: ERROR: Dependency lookup for wayland-scanner with method 'pkgconfig' failed: Pkg-config for machine build machine not found. Giving up.
```
Fix the problem by extending the pkg-config-native wrapper install to
class-nativesdk.
Signed-off-by: Tom Hochstein <tom.hochstein@oss.nxp.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Thu, 19 Dec 2024 04:24:22 +0000 (20:24 -0800)]
webkitgtk: Fix build on 32bit arches with 64bit time_t only
This is a fix needed in angle module which is vendored in webkit repo.
glibc does not define SYS_futex on 32bit arches with 64bit time_t only
e.g. riscv32
Khem Raj [Wed, 18 Dec 2024 23:08:50 +0000 (15:08 -0800)]
musl: Upgrade to latest
Brings following changes
* 61399d4b loongarch64: add TLSDESC support
* 9b6a24f9 wire up vdso clock_gettime for riscv32 and riscv64
* f2375aac wire up vdso clock_gettime for powerpc, powerpc64, and s390x
* bc5f816a mips: use preferred asm mnemomic jr for better assembler compatibility
* 4e6c827c mntent: exclude trailing newline from parsed field
* 9929a571 arm: fix _init/_fini alignment in crti.o
Ross Burton [Thu, 19 Dec 2024 14:11:51 +0000 (14:11 +0000)]
expect: cleanup do_install
Clean up the do_install append, and remove a long-standing unused
variable that appears to be intending to not install the scripts but
would have never actually done that as the relevant override since 2008
has been task-install. As we've been installing the scripts, keep
instaling them.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 19 Dec 2024 14:11:47 +0000 (14:11 +0000)]
subversion: refactor do_configure
Upstream has an autogen.sh which constructs a hand-written aclocal.m4
and manually copies libtool into place. Instead of working around the
bad interaction between these expectations and our autotools class we
can just disable the execution of aclocal in autoreconf and copy files
as autogen.sh does.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 19 Dec 2024 14:11:45 +0000 (14:11 +0000)]
bash: remove aclocal workarounds
Instead of patching configure.ac to not load m4 directly and working
around what aclocal and the autotools class do, just exclude the running
of aclocal entirely.
This stops the class removing the existing aclocal.m4 and autoreconf
running aclocal.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 16 Dec 2024 23:44:29 +0000 (23:44 +0000)]
cve-update-nvd2-native: Tweak to work better with NFS DL_DIR
After much debugging, the corruption issues on the autobuilder appear to
be due to the way sqlite accesses database files. It doesn't change the
file timestamp after making changes, which for reasons unknown, confuses
NFS. As soon as the file is touched, NFS becomes fine again accross the
whole cluster, as if by magic.
We could try and debug further but putting a "touch" call into the code
is easy and harmless. Lets hope this removes this annoying source of
errors.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bin Lan [Tue, 17 Dec 2024 10:47:29 +0000 (18:47 +0800)]
gcc: backport patch to fix data relocation to !ENDBR: stpcpy
There is the following warning when building linux-yocto with
default configuration on x86-64 with gcc-14.2:
AR built-in.a
AR vmlinux.a
LD vmlinux.o
vmlinux.o: warning: objtool: .export_symbol+0x332a0: data relocation to !ENDBR: stpcpy+0x0
Otherwise the tool simply prints what went wrong and exits without error,
which makes it impossible for tools like bitbake-setup to determine that
the requested operation did not succeed.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:58:05 +0000 (16:58 +0800)]
re2c: upgrade 4.0.1 -> 4.0.2
Changelog:
===========
- CMake build system: fixed bug
`#515 <https://github.com/skvadrik/re2c/issues/515>`_ where language-specific
binaries erroneously defaulted to generating code for C.
- Playground: address bar now reflects navigation between examples, editors use
a more high-contrast CSS theme.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:58:03 +0000 (16:58 +0800)]
ofono: upgrade 2.13 -> 2.14
Changelog:
===========
- Fix issue with STK and buffer length checks.
- Fix issue with SMS and buffer length checks.
- Fix issue with QMI and handling RAT detection.
- Fix issue with QMI and handling call forwarding.
- Add support for handling MHI network interfaces.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:58:01 +0000 (16:58 +0800)]
mpg123: upgrade 1.32.9 -> 1.32.10
Changelog:
==========
- scripts/tag_lyrics.py: fix for python3
- libout123: Use strtok_r() to avoid conflicts multithreaded contexts
- libmpg123: Un-break DLL builds that need I/O functions defined in libmpg123.c
- ports/cmake: More fixup to also produce .pc files with Libs.private.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:58:00 +0000 (16:58 +0800)]
libxxf86vm: upgrade 1.1.5 -> 1.1.6
Changelog:
===========
- Add -no-undefined flag to LDFLAGS to fix Windows builds
- Add X.Org's standard C warning flags to AM_CFLAGS
- configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
- Remove "All rights reserved" from Oracle copyright notices
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:57:59 +0000 (16:57 +0800)]
libxv: upgrade 1.0.12 -> 1.0.13
Changelog:
===========
- XvQueryAdaptors: avoid NULL deref if length is 0, but num_adaptors is not
- XvQueryEncodings: avoid NULL deref if length is 0, but num_encodings is not
- Use calloc instead of malloc and manual loops to zero array contents
- configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
- Remove "All rights reserved" from Oracle copyright notices
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:57:56 +0000 (16:57 +0800)]
libxau: upgrade 1.0.11 -> 1.0.12
Changelog:
===========
- XauDisposeAuth: remove void casts from functions that return void
- unifdef hpux
- Autest.c includes Xauth.h that depends on other headers.
- Allow to use POSIX.2 compliant sed(1)
- Also test for explicit_memset(3) support
- Gcc < 11 doesn't allow opt. deallocator arg for __attribute((malloc))
- gitlab CI: run meson build with both gcc & clang compilers
- Allow building with clang after aec9d7266777e0b9243ef0f112fe0e07256bd446
- Xauth.h: add access & malloc attributes to function prototypes add Meson build system
- Set close-on-exec when opening files
- Require LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:57:55 +0000 (16:57 +0800)]
libsm: upgrade 1.2.4 -> 1.2.5
License-Update:
Remove "All rights reserved" from Oracle copyright notices,
since oracle no longer includes this term in our copyright & license notices.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:57:54 +0000 (16:57 +0800)]
libjitterentropy: upgrade 3.6.0 -> 3.6.1
Changelog:
===========
* Add more test code
* Add support for SunPRO compiler
* Fix compilation on OpenBSD by replacing sed with tr
* internal timer: Add support for Apple
* Various small fixes to compilation to imporve portability
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:57:51 +0000 (16:57 +0800)]
igt-gpu-tools: upgrade 1.29 -> 1.30
Changelog:
===========
General changes:
- New meson options xe_eudebug and vmtb.
Library changes:
- Added PantherLake (PTL) support, unified PCI IDs into one
common header pciids.h
- Added BMG support for OA (Observability Architecture) for Xe driver.
- Added support for Xe3 platforms in GPGPU shader.
- Added 6k resolution support for a single CRTC.
- Added support for MTL platform in GPGPU compute.
Runner changes:
- Set option PRUNE_KEEP_ALL as default.
- Allow to dynamically ignore dmesg warn messages when generating
results, usefull when driver is using kernel fault injection.
Test changes:
- Added sanity checks for KMS properties.
- Improved GPGPU tests for i915 and Xe.
- New SRIOV test for Functional Level Reset (FLR) for Xe.
- Added test that draws triangle without using 3d commands for vmwgfx.
- Added subtest for fallback for DP connector.
- Added async flips suspend resume subtest.
- New test for error handling of Xe at probe time.
- Added testing SIZE_HINTS property in KMS cursor test.
- Added KMS testing for ultrajoiner.
- New test for TLB invalidation in Xe.
- New test for timeslice duration in Xe.
- Display brightness test during DPMS on and off.
- New tests for EU debugging for Xe.
Tools changes:
- New power tool for power/energy measurement.
- New VM Testbench (VMTB) - SR-IOV Virtual Machine testing tool.
- Fixes in amd_hdmi_compliance.
- Fixes in intel_reg.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:57:50 +0000 (16:57 +0800)]
erofs-utils: upgrade 1.8.2 -> 1.8.3
Changelog:
==========
- (mkfs.erofs) Fix multi-threaded compression with '-Eall-fragments';
- (mkfs.erofs) Fix large chunk-based image generation;
- (mkfs.erofs) Avoid large arrays on the stack
- (mkfs.erofs) Fix PAX format parsing in headerball mode
- (mkfs.erofs) Several fixes for incremental builds
- (mkfs.erofs) Fix reproducible builds due to 'i_ino'
- Use pkg-config for liblz4 configuration;
- Get rid of pthread_cancel() dependencies;
- (mkfs.erofs) Add '-U <clear|random>' support;
- (mkfs.erofs) Add '--hard-dereference' for NixOS reproducibility
- Several minor random fixes.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 17 Dec 2024 08:57:47 +0000 (16:57 +0800)]
appstream: upgrade 1.0.3 -> 1.0.4
0001-remove-hardcoded-path.patch
0002-Do-not-build-qt-tests.patch
refreshed for 1.0.4
Changelog:
===========
Features:
* bundle: Add AS_BUNDLE_KIND_SYSUPDATE
* desktop-style-ids: Add dark support for Plasma
* desktop-style-ids: add pantheon:dark
* qt: Expose branding color
* sysinfo: Add memory size detection support for Illumos and Solaris
* sysinfo: Add memory size detection support for GNU/Hurd
* validator: Don't fail validation if a snapshot release is missing a time
Specification:
* docs: Note that support for some legacy path was dropped in 1.0
* docs: Update fd.o spec URLs
* docs: Better explain desktop applications
* Update ESRA website URL
Bugfixes:
* validator: Make sure we read an initialised variable
* qt: Specify utc as the dates' timezone
* tests: Ignore some tests on Windows
* sysinfo: make uname() usage POSIX compliant
* Only emit legacy compat tag developer_name for catalog data
* compose: Allow file discovery even in symlinked directories
* Avoid a race condition when loading GResource data
* validator: Mention length limit in summary length warning message
* utils: Explicitly set permissions on installed metadata files
* as-vercmp: Fix gtkdoc to not start with '>'
Miscellaneous:
* desktop-style-ids: Remove Endless
* ci: Fix FreeBSD build (update 'py-gi-docgen')
* ci: Update to Ubuntu 24.04 for Debian Testing builds
* utils: Assume 64px as size when installing an icon tarball of unknown size
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Markus Volk [Sun, 15 Dec 2024 11:17:35 +0000 (12:17 +0100)]
glib-2.0: update 2.82.2 -> 2.82.4
- remove backported patches
Overview of changes in GLib 2.82.4, 2024-12-11
==============================================
* Fix a double-unref crash which affects many apps which use pygobject to
export objects on D-Bus (#3559, work by Sebastian Dröge, Philip Withnall)
* Bugs fixed:
- #3559 2.82.3 regression: lollypop crashes on startup (Philip Withnall)
- !4430 Backport !4427 “Revert "gdbus: Fix leak of method invocation when
registering an object with closures"” to glib-2-82
- !4434 Backport !4432 and !4433 “ci: Add release component to automate
tarball publishing” to glib-2-82
Overview of changes in GLib 2.82.3, 2024-12-09
==============================================
* Fix compatibility with tzdata 2024b (#3502, work by Rebecca N. Palmer and
Simon McVittie)
* Bugs fixed:
- #3502 Test regressions with tzdata 2024b (Rebecca N. Palmer)
- !4357 Backport !4356 “gdatetime test: Do not assume PST8PDT was always
exactly -8/-7” to glib-2-82
- !4370 Backport !4350 “glib: Don't require GLIB_DOMAIN to be a NUL-terminated
string” to glib-2-82
- !4380 Backport !4378 “gio: Fix GFileEnumerator leaks in gio tools” to
glib-2-82
- !4381 Backport !4373 “macos: Remove extraous space from type identifier” to
glib-2-82
- !4388 Backport !4232 “refstring: Fix race between releasing and re-acquiring
an interned GRefString” to glib-2-82
- !4397 Backport !4395 “appmonitor: Fix warning building test” to glib-2-82
- !4400 Backport !4398 “grefstring: Mark a variable as potentially unused” to
glib-2-82
- !4417 Backport !4415 “gdbus: Fix leak of method invocation when registering
an object with closures” to glib-2-82
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Justin Bronder [Mon, 16 Dec 2024 19:51:32 +0000 (14:51 -0500)]
scripts: wrap lz4c and convert to lz4
Commit fe167e082cbde1c6d186ecdda531abef610ac2ac switched to requiring
lz4 instead of lz4c which allows us to support distros dropping lz4c.
However, it wasn't only OE that was still using the legacy lz4c, there's
a number of upstreams as well. For instance, it's only in the 6.13
kernel that CONFIG_KERNEL_LZ4 makes the switch from lz4c to lz4.
So, while this all gets ironed out, simply intercept calls to lz4c and
convert them to use lz4. This was picked instead of adding lz4c to
HOSTTOOLS_NONFATAL due to concerns about builds becoming
non-deterministic and failing late:
https://lore.kernel.org/openembedded-core/9c3143ebb7f9e17cfbd318ef0e17994aae7264be.camel@linuxfoundation.org/
Signed-off-by: Justin Bronder <jsbronder@cold-front.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Mon, 16 Dec 2024 17:43:05 +0000 (18:43 +0100)]
devtool: ide-sdk recommend DEBUG_BUILD
The debug_build_config function was never called. Compiling with debug
optimized compiler flags was not working. Even with the
--debug-build-config flag set, the build configuration from the recipe
was used.
The devtool ide-sdk --debug-build-config approach didn't work very well
anyway. The problem is that changing the bbappend file doesn't work
while bitbake uses the bbappend file. As a workaround, it would be
possible to parse the recipe, get DEBUG_BUILD and the path to the append
file, exit tinfoil, change the bbappend file, reopen tinfoil and do what
ide-sdk is supposed to do. Such an implementation would be complicated
and slow.
Therefore, the code that was originally supposed to implement this is
removed from ide-sdk and the new --debug-build function of devtool
modify is used instead. Additionally, a hint should be given on how to
manually add DEBUG_BUILD = '1' to bbappend.
This is compatible with the VSCode Bitbake plug-in, which does not
support this parameter anyway.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Mon, 16 Dec 2024 17:43:03 +0000 (18:43 +0100)]
devtool: modify support debug-builds
Add a new option --debug-builds to automatically add DEBUG_BUILD = “1”
to the bbappend file of this recipe. This is especially useful when
invoking devtool modify before invoking devtool ide-sdk to perform a
remote debugging session.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Derek Straka [Fri, 13 Dec 2024 19:48:02 +0000 (19:48 +0000)]
python3-*: Update recipes to correctly check the upstream packages
With the upstream check migrated to the simple repo API, a number of the
recipes required updates to:
1. Remove outdated UPSTREAM_CHECK_REGEX checks
2. Add recipe specific UPSTREAM_CHECK_PYPI_PACKAGE definitions for
packages that use '_', CamelCase, or other deviations from PEP625 in
the source archive
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Derek Straka [Fri, 13 Dec 2024 19:48:01 +0000 (19:48 +0000)]
classes/pypi: update the default UPSTREAM_CHECK_URI to use the simple repo API
Update the UPSTREAM_CHECK_URI to leverage the simple repo API. The
project URLs require javascript which breaks the version checking fetch
and subsequent logic. The simple repo API provides similar
functionality with a well defined spec which is used by tools such as
pip. Also update the UPSTREAM_CHECK_REGEX to be compatible with the
information retrieved via the API
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mikko Rapeli [Fri, 13 Dec 2024 12:33:29 +0000 (14:33 +0200)]
systemd: set CVE_PRODUCT
systemd.inc is used by systemd, systemd-boot and
systemd-tools-native recipes so make sure all
match to "systemd" product in CVE database. The
split between systemd, systemd-boot and
systemd-tools-native is specific to oe-core and
upstream just refers to systemd. Not limiting
to "systemd_project" vendor since multiple
vendor names have been used in the past.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Thu, 12 Dec 2024 15:55:26 +0000 (16:55 +0100)]
systemd: split networkd into its own package
Support of images with different network management implementations
without having to recompile systemd and other components.
Fedora does this as well since systemd version 246.6-2:
https://src.fedoraproject.org/rpms/systemd/blob/rawhide/f/systemd.spec#_578
This proves that it is technically possible and officially supported by
systemd.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Thu, 12 Dec 2024 15:55:25 +0000 (16:55 +0100)]
systemd.bbclass: do not automatically add Also services
Starting a systemd service “Also” does not mean that both services
must be in the same package. However, the systemd.bbclass enforces
this.
Example:
a.service:
[Install]
Also=b.service
If a.service is packed in package A, b.service is automatically packed
into package A as well. This happens even if b.service is explicitly
added to package B using FILES and SYSTEMD_SERVICE variables.
The automatic packing of socket files with the corresponding service
files is probably a widely used feature of systemd.bbclass. This bahavior
does not change.
Adding regular service files to a package just because it is another
service in the same package that "Also" uses the service is a bug that
this commit fixes.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Thu, 12 Dec 2024 15:55:24 +0000 (16:55 +0100)]
systemd.bbclass: refactor adding files
The keys variable was intended as an array of keys. But it looks like
this has not been used for more than 10 years now. Adding files
automatically to packages needs probably anyway very specific code
rather than a generic loop. Lets simplify this a bit.
Using python code should also not be slower for these usually small
files.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
That's why dropbearkey.service got automatically added to FILES.
Since this incorrect auto adding feature gets dropped from
systemd.bbclass this needs to be added explicitly.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
That's why busybox-klog.service got automatically added to
FILES:busybox-syslog. Since this incorrect auto adding feature gets
dropped from systemd.bbclass this needs to be added explicitly.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yash Shinde [Thu, 12 Dec 2024 14:30:29 +0000 (06:30 -0800)]
binutils: Fix CVE-2024-53589
A buffer overflow vulnerability exists in GNU Binutils’ objdump utility
when processing tekhex format files. The vulnerability occurs in the
Binary File Descriptor (BFD) library’s tekhex parser during format identification.
Specifically, the issue manifests when attempting to read 8 bytes at an address
that precedes the global variable ‘_bfd_std_section’, resulting in an out-of-bounds read.
Backport a patch from upstream to fix CVE-2024-53589.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e0323071916878e0634a6e24d8250e4faff67e88]
Peter Marko [Wed, 11 Dec 2024 18:09:53 +0000 (19:09 +0100)]
curl: upgrade 8.11.0 -> 8.11.1
Bugfix release for 8.11.0 regressions.
Solves CVE-2024-11053
Drop patch which was done differently upstream.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Wed, 11 Dec 2024 18:09:52 +0000 (19:09 +0100)]
curl: upgrade 8.10.1 -> 8.11.0
Solves CVE-2024-9681
* refresh patch
* add patch for buildpaths issue
* add new options for ipfs and websockets, keep them configure as they
were previously configures
* drop notexists.pl from ptest install as it was removed and code was
integrated into the test framework in [1]
* add ptest dependency on perl-module-i18n-langinfo due to [2]
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sunil Dora [Wed, 11 Dec 2024 18:16:53 +0000 (10:16 -0800)]
gcc: Fix c++: tweak for Wrange-loop-construct
This commit updates the warning to use a check for "trivially constructible" instead of
"trivially copyable." The original check was incorrect, as "trivially copyable" only applies
to types that can be copied trivially, whereas "trivially constructible" is the correct check
for types that can be trivially default-constructed.
This change ensures the warning is more accurate and aligns with the proper type traits.
LLVM accepted a similar fix:
https://github.com/llvm/llvm-project/issues/47355
Marco Felsch [Wed, 11 Dec 2024 18:03:47 +0000 (19:03 +0100)]
icecc: don't use KERNEL_CC during set_icecc_env
The KERNEL_CC variable usage was introduced by commit d2fcaeb153fd
("icecc: Don't generate recipe-sysroot symlinks at recipe-parsing time,
2018-12-20") and is set once a recipe pulls the kernel-arch.bbclass.
There are a few packages, e.g. u-boot, barebox, devicetree, perf which
pull this class and for such packages the get_cross_kernel_cc() return
None because icecc_is_kernel() fail.
Fix this for now by replacing the KERNEL_CC check with the
icecc_is_kernel() helper, which is also used by the
get_cross_kernel_cc().
That said it's still not very robust to determine a compiler based on
a variable or inherited class but at least it fixes the issue for now.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marco Felsch [Wed, 11 Dec 2024 18:03:46 +0000 (19:03 +0100)]
icecc: convert set_icecc_env to python prefuncs
Since bitbake commit f24bbaaddb36 ("data: Add support for new
BB_HASH_CODEPARSER_VALS for cache optimisation") the icecc fails with [1]:
ERROR: /Yocto/poky/meta/recipes-core/meta/target-sdk-provides-dummy.bb: no-pn NULL prefix
WARNING: /Yocto/poky/meta/recipes-core/meta/target-sdk-provides-dummy.bb: Exception during build_dependencies for set_icecc_env
The reason for this is the bb.fatal() within the icecc_version().
icecc_version() is called during the "${@}" python variable expansion
while bitbake is running the build_dependencies() for the
set_icecc_env() function.
To avoid this behaviour set_icecc_env() should be converted into a
python function which gets called during task[prefuncs] [2], which is
done by this commit.
bitbake-config-build: add a plugin for config fragments
This allows fine-tuning local configurations with pre-frabricated
configuration snippets in a structured, controlled way. It's also
an important building block for bitbake-setup.
The tool requires that each fragment contains a one-line summary, and one or more
lines of description, as BB_CONF_FRAGMENT_SUMMARY style metadata.
There are three (and a half) operations (list/enable/disable/disable all), and here's the 'list' output:
alex@Zen2:/srv/storage/alex/yocto/build-64$ bitbake-config-build list-fragments
NOTE: Starting bitbake server...
Available fragments in selftest layer located in /srv/work/alex/poky/meta-selftest:
Enabled fragments:
selftest/test-fragment This is a configuration fragment intended for testing in oe-selftest context
Unused fragments:
selftest/more-fragments-here/test-another-fragment This is a second configuration fragment intended for testing in oe-selftest context
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 12 Dec 2024 17:18:42 +0000 (17:18 +0000)]
pixman: remove long-obsolete patch
This patch from the Nokia/Scratchbox days[1] was obsoleted by qemu
improvements, specifically "linux-user: fake /proc/self/auxv"[2] which
was integrated into qemu 1.1.0 in 2011.
Bruce Ashfield [Thu, 12 Dec 2024 17:49:47 +0000 (12:49 -0500)]
linux-yocto: tweak cve exclusions files
-tiny and -rt were updated to a 6.12 specific inclusion, but
the -standard kernel was missed.
This commit also creates a 6.12 exclusion file, that is populated
with the last updates for the 6.10 kernel. Although it is no
longer updated automatically, that may change in the future and
it still provides value as a place to manually add CVE exclusions.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
systemd: actively disable Predictable Network Interface Names if !pni-names
Currently pni-names PACKAGECONFIG option adds "mac" names policy if
selected, but nothing otherwise. In systemd Predictable Network Interface
Names are applied by default which leads to inconsistend behaviour.
One could think that pni-names in DISTRO_FEATURES would enable or disable
Predictable Network Interface Names, but currently if not present it's
only actively disabled for QEMU via kernel command line
(commit 9e9c33d51e40
("qemuboot/runqemu: Fix 6.2 and later kernel network device naming")).
It has no effect on the real HW. If the option is present, it merely adds
"mac" into default NamePolicy, which may or may not have observable
effects.
Make pni-names semantics more consistent by actively suppressing
Predictable Network Interface Names if the feature is not present.
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
This was prompted by sstatetests.SStateHashSameSigs2.test_sstate_allarch_samesigs
where adwaita-icon-theme would fail due to new librsvg introducing
cargo-c-native into dependency path.
Rather than look into why is that, I simply converted the recipe
into the standard 'target + BBCLASSEXTEND' approach.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With this release, as expected, deprecated openpgp support
has been fully removed and replaced with sequoia:
https://github.com/rpm-software-management/rpm-sequoia/
Alas, it's written in rust, and has no recipe, so for now
signing rpm packages has to be disabled.
Remove package name parameter to %prep in source archiving, as it's
been dropped in the new rpm, and wasn't needed to begin with.
Drop 0001-perl-disable-auto-reqs.patch
(files removed upstream).
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is a race here where postinst relies on existence of
various files from other packages on the target rootfs to
operate properly, but doesn't ensure that it runs after all
of those packages have been installed. Adding dependencies
on those packages is not a solution as the recipe
is not supposed to bring them into rootfs, only make
adjustments if they are present.
This commit moves postinst execution to the first boot; another
solution would be to replace the whole recipe with ROOTFS_POSTPROCESS_COMMAND.
This was exposed with rpm 4.20 which rearranges the order
in which packages are installed, and exposes the issue.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Tue, 10 Dec 2024 06:24:55 +0000 (14:24 +0800)]
base.bbclass: fix RRECOMMENDS extend issue for multilib
During handle PACKAGECONFIG, DEPENDS/RDEPENDS/RRECOMMENDS is appended by
calling function appendVar according to the PACKAGECONFIG setting:
PACKAGECONFIG[f1] = "\
--with-f1, \
--without-f1, \
build-deps-for-f1, \
runtime-deps-for-f1, \
runtime-recommends-for-f1, \
packageconfig-conflicts-for-f1"
[snip of base.bbclass]
pkgconfigflags = d.getVarFlags("PACKAGECONFIG") or {}
if pkgconfigflags:
...
appendVar('DEPENDS', extradeps)
appendVar('RDEPENDS:${PN}', extrardeps)
appendVar('RRECOMMENDS:${PN}', extrarrecs)
...
[snip of base.bbclass]
After following commit in meta-oe,
[fe3ba7ac5c cryptsetup: demote udev runtime dependency to recommendation]
'udev lvm2' changed from RDEPENDS to RRECOMMENDS, but RRECOMMENDS is not
handled in this process, and causes following error:
$bitbake lib32-cryptsetup
ERROR: QA Issue: lib32-cryptsetup package lib32-cryptsetup - suspicious values 'udev lvm2' in RRECOMMENDS [multilib]
In layer openembedded-core, we do have very few recipes that have
runtime-recommends-for-f1 in PACKAGECONFIG setting, but f1 is not
enabled in PACKAGECONFIGS, so not report error when multilib is enabled.
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/selftest: Fix failure when configuration contains BBLAYERS:append
When used with `--newbuilddir` option, it replaces relative paths in
BBLAYERS variable with absolute paths by evaluating the final value of
the variable, converting paths and saving result by assignment
(`BBLAYERS =`) at the end of bblayers.conf.
This breaks tests when bblayers.conf contains BBLAYERS:append because
:append statements are evaluated after all assignments and we end up
with the appended layer added twice - first by evaluating final value
of the variable, then again by bitbake evaluating BBLAYERS:append.
The error is as follows:
AssertionError: Command 'bitbake -e' returned non-zero exit status 1:
ERROR: Found duplicated BBFILE_COLLECTIONS 'layer-name', check bblayers.conf or layer.conf to fix it.
Signed-off-by: Oleksandr Hnatiuk <ohnatiuk@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joshua Watt [Tue, 10 Dec 2024 17:33:07 +0000 (10:33 -0700)]
spdx 3.0: Rework how SPDX aliases are linked
The SPDX code needs to be able to look up an Element by its SPDX ID,
locating the file that (should) contain the SPDX ID and opening it for
parsing. Previously, the code would do this be hashing each Element
SPDX ID and Alias, and the creating a symbolic link to the file that
contains the element with a name of the hash.
This worked well as it was possible to look up any arbitrary SPDX ID or
alias by simply hashing it and following the symbolic link to get the
file. However, the down side of this approach is that it creates a lot
of symbolic links, since it will make one or two per Element in the
document. This can be a problem when using SPDX_INCLUDE_SOURCES, for
example.
This change reworks this strategy so that the only Element that gets a
symbolic link based on the hash is the singular SpdxDocument that is
create for each file. All other Elements are assigned an alias with a
special prefix that encodes the hash of SpdxDocument alias. Thus, when
attempting to look up an arbitrary alias, the code sees the special
prefix, extract the hash, opens the file based on the symlink with that
hash name, then finds the matching Element in the file. This drastically
reduces the number of symbolic links by making only one per file.
This also means that the custom link extension can be removed since it
is now superfluous.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joshua Watt [Tue, 10 Dec 2024 17:32:19 +0000 (10:32 -0700)]
classes-global/insane: Handle case where RPROVIDER is also a provider
The check to see if a provider of a given package is listed first
checks for an exact match of the provider name. However, if this match
existed, but didn't match in the task dependencies, it would not
continue to look for other providers of package. This would manifest if
one (non-virtual) recipe package RPROVIDES the name of a package
produced by another recipe.
Fix this, and also clean up the code to make it more readable by using a
function to check if a runtime dependency is in the task dependencies.
In addition, if no provider is found, list all the possible providers
instead of the last one that was looked at.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
