oeqa/selftest/tinfoil: Add tests that parse virtual recipes
Running `devtool search gcc` would result in errors for virtual recipes.
The reason was the newly introduced :layer-<layername> override.
When tinfoil parsed the recipes using the parseRecipeFile() function, it
failed to properly identify the layername for virtual recipes, which
resulted in the errors.
Add tests that exercise these code paths through parseRecipeFile().
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Richard Purdie [Wed, 22 Nov 2023 09:35:01 +0000 (09:35 +0000)]
package_ipk: Fix Source: field variable dependency
The Source: variable is generated from FILE but this is excluded from checksums
normally which results in a reproduciubility issue when the filename changes.
Add in a dependency by reworking the code a little to avoid this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 10 Nov 2023 17:57:56 +0000 (17:57 +0000)]
bitbake.conf: Log events by default using BB_DEFAULT_EVENTLOG
By setting this, event data from during the build is saved out. This can
be used for analytic including toaster to allow builds to be examined
later. This will use some disk space but it is worth it for the ability
to look into what happened during the build. Users can set the value to
something else in local.conf to override if they wish.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 21 Nov 2023 13:19:24 +0000 (13:19 +0000)]
oeqa/selftest/debuginfod: improve selftest
This test was occasionally failing for no obvious reason, so refactor
and improve:
- While waiting for the daemon, check that it is still running and
explicitly timeout after 10s when making the HTTP call.
- While waiting for the daemon to be ready, log the current state of the
daemon so we can tell if we're timing out as it is still scanning.
- This was in fact the cause of the intermittant failures, because the
TMPDIR is reused between tests and may contain a large number of
packages. Do the tests in an isolated TMPDIR to hopefully mitigate this
issue and increase the timeout to two minutes.
- Decorate the test using runqemu as such so that can be skipped in
environments without runqemu
- Add a second test that doesn't use runqemu or images, which is faster
but less realistic.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adrian Freihofer [Mon, 20 Nov 2023 14:57:02 +0000 (15:57 +0100)]
vscode: add minimal configuration
It is essential to configure VSCode indexer plugins to ignore the build
folder of bitbake. Otherwise, the indexer plugins run with 100% CPU load
until an OOM exception occurs. In practice, this makes VSCode more or
less unusable for working with Yocto until a file like the one added by
this commit is deployed before VSCode starts. From the user's point of
view, it is not obvious why the system runs at 100% CPU load and
eventually crashes.
It is even more misleading that VSCode starts the indexers immediately,
but does not stop or reconfigure them when the ignore list is updated.
In practice, this means that every time the ignore list is changed,
VSCode immediately starts indexing the build folder until the OOM
exception stops it. Depending on the system's OOM handler, the entire
build machine may crash.
Particularly annoying is the Python plugin that ignores the general
ignore list and requires an extra ignore section.
The settings are suitable for workflows like bitbake, devtool modify,
devtool reset. The settings are not intended to work on the source code
of a recipe. It is assumed that a separate instance of VSCode is used
per workspace folder. These per workspace instances can have different
settings depending on the details of the sources that come with the
recipe.
VSCode can change the contents of the .vscode folder, which often leads
to a dirty git status. Normally, these changes are not added to git.
Otherwise, -f can be used to add them explicitly. It is not perfect if
the folder is listed in .gitignore. But it is also not better if it is
not.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Steve Sakoman [Tue, 21 Nov 2023 13:55:42 +0000 (03:55 -1000)]
vim: use upstream generated .po files
A previous commit attempted to fix reproducibility errors by forcing
regeneration of .po files. Unfortunately this triggered a different
type of reproducibility issue.
Work around this by adjusting the timestamps of the troublesome .po
files so they are not regenerated and we use the shipped upstream
versions of the files.
The shipped version of ru.cp1251.po doesn't seem to have been created
with the vim tooling and specifies CP1251 instead of cp1251, fix that.
Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6.89.0 - 2023-11-16
This release teaches from_type() to handle constraints implied by the
annotated-types package - as used by e.g. Pydantic. This is usually
efficient, but falls back to filtering in a few remaining cases.
Thanks to Viicos for pull request #3780!
6.88.4 - 2023-11-13
This patch adds a warning when @st.composite wraps a function annotated
as returning a SearchStrategy, since this is usually an error (issue #3786).
The function should return a value, and the decorator will convert it to a
function which returns a strategy.
Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Martin Jansa [Thu, 16 Nov 2023 22:48:25 +0000 (23:48 +0100)]
bitbake.conf: drop ${PE} and ${PR} from -f{file,macro,debug}-prefix-map
* ${EXTENDPE} and ${PR} was already dropped from ${WORKDIR} in:
https://lists.openembedded.org/g/openembedded-core/message/185818
adjust -fmacro-prefix-map and -fdebug-prefix-map similarly.
As we don't depend on PR in WORKDIR maybe we don't need it in
/usr/src/debug paths as well anymore.
* add TARGET_DBGSRC_DIR variable with "/usr/src/debug/${PN}/${PV}"
because there is quite a few places where this location is being
used in various recipes
* The interesting side-effect of this is that for DISTROs which still
use PR (e.g. webOS OSE), the difference in -fdebug-prefix-map causes
all binaries to be slightly different when rebuilt with different PR
(due to this path, even when otherwise they are binary reproducible)
and when the number of digits in PR changes (e.g. from r9 to r10) it
also results in slightly bigger binaries (and more unnecessary changes
in buildhistory diffs).
For example this foo binary, the difference between "new" and "old" is
extra patch applied in SRC_URI (which doesn't affect the foo binary,
but was the reason for PR bump).
And the binary is bigger with r10, identical with r6 and slightly
different due to debug-prefix-map between r6 and r7:
$ ls -la 1.0.0-175-*/image/usr/sbin/foo
-rwxr-xr-x 1 bitbake bitbake 30182460 Nov 8 08:29 1.0.0-175-new-r10/image/usr/sbin/foo
-rwxr-xr-x 1 bitbake bitbake 30182224 Nov 8 08:02 1.0.0-175-new-r6/image/usr/sbin/foo
-rwxr-xr-x 1 bitbake bitbake 30182224 Nov 8 07:49 1.0.0-175-new-r7/image/usr/sbin/foo
-rwxr-xr-x 1 bitbake bitbake 30182224 Nov 8 07:39 1.0.0-175-old-r6/image/usr/sbin/foo
Richard Purdie [Thu, 16 Nov 2023 16:52:50 +0000 (16:52 +0000)]
bitbake.conf: Drop oldincludedir
Autoconf defines this as:
"The directory for installing C header files for non-GCC compilers."
Whilst this is something autoconf does allow changing, I find it hard
to believe it has much use in the wild now and that headers don't get
split like this in reality, it would probably only be useful on really
old unixes.. The values are the same in our configuration anyway.
Drop the value and just use includedir everywhere.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Julien Stephan [Thu, 16 Nov 2023 16:46:21 +0000 (17:46 +0100)]
oeqa/selftest/devtool: fix test_devtool_modify_overrides test
This test fails for machines qemuarm and qemux86 because when doing
devtool modify, the default devtool branch contains the patch that match
the current configuration, so for both qemuarm and qemux86 machines the
corresponding override patch is applied and we get the following error
(for qemuarm machine):
AssertionError: 'This is a test for qemuarm\n' != 'This is a test for something\n'
- This is a test for qemuarm
? ^ ^^^^^
+ This is a test for something
? ^^^ ^^^^^
Fix the test by looking at the correct value depending on the current
machine configuration
Signed-off-by: Julien Stephan <jstephan@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
The documentation of systemd states that /etc/tmpfiles.d should be
reserved for the local administrator and packages should put their files
in /usr/lib/tmpfiles.d [1].
Malte Schmidt [Thu, 16 Nov 2023 11:54:56 +0000 (12:54 +0100)]
sysstat: use nonarch libdir for tmpfiles.d
The documentation of systemd states that /etc/tmpfiles.d should be
reserved for the local administrator and packages should put their files
in /usr/lib/tmpfiles.d [1].
Malte Schmidt [Thu, 16 Nov 2023 11:54:55 +0000 (12:54 +0100)]
pam: use nonarch libdir for tmpfiles.d
The documentation of systemd states that /etc/tmpfiles.d should be
reserved for the local administrator and packages should put their files
in /usr/lib/tmpfiles.d [1].
Malte Schmidt [Thu, 16 Nov 2023 12:50:59 +0000 (13:50 +0100)]
systemd: use nonarch libdir for tmpfiles.d
The documentation of systemd states that /etc/tmpfiles.d should be
reserved for the local administrator and packages should put their files
in /usr/lib/tmpfiles.d [1].
Wang Mingyu [Wed, 15 Nov 2023 08:41:59 +0000 (16:41 +0800)]
shared-mime-info: upgrade 2.3 -> 2.4
0001-Fix-string-literal-concatenation.patch
0001-Fix-literal-as-per-c-11.patch
removed since they're included in 2.4
Changelog:
==========
* Restore mimetype name for *.bz2 and *.tar.bz2
* Improve detection of application/mac-binhex40
* Add application/x-msdownload and subtypes
* Add Windows app store types
* Give Windows Installer packages the package icon
* Lower priority for text/x-mpsub's magic, so it doesn't match pcb-drillFile.drl
* Add application/x-powershell
* Add application/wasm
* Change comment of text/x-mpsub
* Change comment of text/x-mpl2
* Add text/x-component
* Give higher priority to the more specific image/apng magic
* Recognize *.jfif as image/jpeg
* Add application/its+xml
* Add text/x-vb
* Add text/x-basic
* Add new group "chemical" in update-mime-database
* Add mimetype for Protein Data Bank (pdb) files
* Remove too generic magic from application/x-pak
* Add application/json5
* Add text/vbscript.encode
* Add text/jscript.encode
* Add text/jscript as synonym of text/javascript
* Fix backwards relationship between text/javascript and application/ecmascript
* Add application/vnd.cups-ppd
* Add application/x-ms-shortcut
* Give application/x-mswinurl the link icon
* Fix missing sentinel warning with clang
* Fix false positive fdatasync detection on darwin
* Fix string literal concatenation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Wed, 15 Nov 2023 08:39:58 +0000 (16:39 +0800)]
python3-testtools: upgrade 2.7.0 -> 2.7.1
Changelog:
============
* Remove various unused imports.
* Fix build backend. This should prevent version from being set to 0.0.0
when building wheels.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Wed, 15 Nov 2023 08:35:58 +0000 (16:35 +0800)]
python3-hypothesis: upgrade 6.88.1 -> 6.88.3
Changelog:
============
-refactors from_type(typing.Tuple), allowing register_type_strategy() to take
effect for tuples instead of being silently ignored (issue #3750).
-improves the speed of the explain phase on python 3.12+, by using the new
sys.monitoring module to collect coverage, instead of sys.settrace.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Wed, 15 Nov 2023 08:27:13 +0000 (16:27 +0800)]
libuv: upgrade 1.46.0 -> 1.47.0
Changelog:
===========
* test: fix license blurb
* linux: fix harmless warn_unused_result warning
* darwin: fix build warnings
* linux: don't use io_uring on pre-5.10.186 kernels
* fs: fix WTF-8 decoding issue
* test: enable disabled tcp_connect6_error_fault
* test: enable disabled fs_link
* test: enable disabled spawn_same_stdout_stderr
* linux: handle UNAME26 personality
* build: move cmake_minimum_required version to 3.9
* unix: set ipv6 scope id for link-local addresses
* unix: match kqueue and epoll code
* win,spawn: allow `%PATH%` to be unset
* doc: switch to Furo, a more modern Sphinx theme
* darwin: make TCP_KEEPINTVL and TCP_KEEPCNT available
* win,fs: avoid winapi macro redefinition
* linux: add missing riscv syscall numbers
* doc: fix broken "Shared library" Wikipedia link
* unix: get mainline kernel version in Ubuntu
* unix: get mainline kernel version in Debian
* build: fix qemu install in CI-unix workflow
* unix: disable io_uring close on selected kernels
* test: skip tests when ipv6 is not available
* ibmi: implement ifaddrs, getifaddrs, freeifaddrs
* unix: reset signal counters after fork
* win,process: avoid assert after spawning Store app
* unix: remove pread/preadv conditionals
* unix: remove pwrite/pwritev conditionals
* darwin: remove workaround for data corruption bug
* src: default to stream=stderr in handle printer
* test: switch to new-style ASSERT_EQ macros
* zos: correctly get cpu model in uv_cpu_info
* test: fix get_passwd2 on IBM i
* unix: don't malloc on sync uv_fs_read
* freebsd: get fs event path with fcntl
* test: switch from ASSERT_* to ASSERT_PTR_*
* darwin: workaround apple pthread_cond_wait bug
* doc: uv_close should be called after exit callback
* test: 192.0.2.0/24 is the actual -TEST-NET-1
* unix: add back preadv/pwritev fallback
* unix: rename variable for consistency
* unix: merge read/write code into single functions
* doc: filename arg to uv_fs_event_cb can be NULL
* build,win: we need to link against shell32.lib
* unix: no preadv/pwritev workaround if not needed
* build: add CI for Windows ARM64
* linux: disable io_uring on 32 bits arm systems
* build: run sanitizers on macos ci
* misc: export WTF8 conversion utilities
* build: fix libuv.a file name for cmake
* build: add windows ubsan and clang ci
* win: improve accuracy of ProductName between arch
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Wed, 15 Nov 2023 08:25:31 +0000 (16:25 +0800)]
libsdl2: upgrade 2.28.4 -> 2.28.5
Changelog:
============
Added support for the HP HyperX Clutch Gladiate controller
Fixed a crash if a controller is disconnected while SDL is opening it
Fixed a crash on Linux if XInput2 isn't available at runtime
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Wang Mingyu [Wed, 15 Nov 2023 08:09:05 +0000 (16:09 +0800)]
dhcpcd: upgrade 10.0.4 -> 10.0.5
Changelog:
==========
DHCP: re-enter DISCOVER phase if server doesn't reply to our REQUEST
privsep: Allow __NR_dup3 syscall as some libc's use that instead of the dup2 dhcpcd uses
dev: Fix an issue where not opening the dev plugin folder if configured returned the wrong fd
privsep: Harden the launcher process detecting daemonisation.
compat: arc4random uses explicit_bzero if available
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Xiangyu Chen [Wed, 15 Nov 2023 05:05:07 +0000 (13:05 +0800)]
openssh: add systemd readiness notification support
The sshd keeps on terminating and restarting in servel minutes, we can observe
log from journalctl that the sshd was killed by systemd with signal 15:
systemd[1]: sshd.service start operation timed out. Terminating.
sshd[374]: Received signal 15; terminating.
When the sshd as a systemd service, it need to tell systemd with a "READY" status,
and when it is restarted, it need to tell systemd with a "RELOADING" status, otherwise,
systemd would treat it as failing service and restart it again.
Taken a patch from openssh upstream PR[1], that after using a signal to tell systemd
it is ready or reload now.
Khem Raj [Tue, 14 Nov 2023 19:24:09 +0000 (11:24 -0800)]
llvm: Upgrade to 17.0.5
Brings following changes
* 98bfdac5ce82 [BranchFolding] Remove dubious assert from operator< (#71639)
* 12c6ee8fd204 [GlobalOpt] Cache whether CC is changeable (#71381)
* 0a1274224ef8 [libc++] Fix UB in <expected> related to "has value" flag (#68552) (#68733)
* 42f8800b720f [clang] fix test PR69717.cpp (#72134)
* e666be92b44b [clang] Run test on x86 only
* aebee698ef16 [clang] Do not clear FP pragma stack when instantiating functions (#70646)
* 529aa6eadb27 [SLP]Fix PR70004: Do not change insert point for reduction gather nodes.
* 69b3baf9b87e [DAG] WidenVectorOperand - add basic handling for *_EXTEND_VECTOR_INREG nodes
* e7dc53b94212 [Mips] In LowerShift*Parts, xor with bits-1 instead of -1. (#71149)
* a6cbdae98272 [clang-format] Correctly annotate keyword operator function name (#66904)
* 094cfd14c813 Bump version to 17.0.5
* 05422e1dcf94 [Driver] Fix linking with -lm on Solaris (#65632)
* 910748f4ec5a [clang-repl] Fix BUILD_SHARED_LIBS symbols from libclangInterpreter on MinGW (#71393)
* 582f0469dae1 [CGExprConstant] stop calling into ConstExprEmitter for Reference type destinations (#70366)
Markus Volk [Mon, 13 Nov 2023 20:31:57 +0000 (21:31 +0100)]
cups: Upgrade 2.4.6 -> 2.4.7
- enable tls by default to fix:
| hash.c:16:12: fatal error: gnutls/crypto.h: No such file or directory
| 16 | # include <gnutls/crypto.h>
Changes in CUPS v2.4.7 (2023-09-20)
-----------------------------------
- CVE-2023-4504 - Fixed Heap-based buffer overflow when reading Postscript
in PPD files
- Added OpenSSL support for cupsHashData (Issue #762)
- Fixed delays in lpd backend (Issue #741)
- Fixed extensive logging in scheduler (Issue #604)
- Fixed hanging of `lpstat` on IBM AIX (Issue #773)
- Fixed hanging of `lpstat` on Solaris (Issue #156)
- Fixed printing to stderr if we can't open cups-files.conf (Issue #777)
- Fixed purging job files via `cancel -x` (Issue #742)
- Fixed RFC 1179 port reserving behavior in LPD backend (Issue #743)
- Fixed a bug in the PPD command interpretation code (Issue #768)
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Martin Jansa [Mon, 13 Nov 2023 07:08:43 +0000 (08:08 +0100)]
staging.bbclass: process installed dependencies in deterministic order as well
* similarly as direct dependencies before
* this doesn't fix any issue (at least AFAIK),
just keeps the log files more deterministic to avoid unnecessary churn like in:
Richard Purdie [Wed, 15 Nov 2023 08:44:41 +0000 (09:44 +0100)]
selftest/reproducible: Allow packages exclusion via config
OEQA_REPRODUCIBLE_EXCLUDED_PACKAGES can be used to prevent known
not-reproducible packages to make the reproducible test fail.
For example, in local.conf:
OEQA_REPRODUCIBLE_EXCLUDED_PACKAGES = "example-not-reproducible"
To quote the original exclusion commit (4864764667097b32a3ee1935e2c52df732d55632)
> selftest/reproducible: add an exclusion list for items that are not yet reproducible
> [...]
> Non-reproducible excluded packages are not given to diffoscope and do not cause a
> failure, but still saved side-by-side with non-reproducible failing ones to make
> investigation easier.
NB: Patch was written by Richard with small fixes and a commit message
from Yoann. Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 13 Nov 2023 16:44:00 +0000 (16:44 +0000)]
vim: Improve locale handling
When making checkouts from git, the timestamps can vary and occasionally two files
can end up with the same stamp. This triggers make to regenerate ru.cp1251.po from
ru.po for example. If it isn't regenerated, the output isn't quite the same leading
to reproducibility issues (CP1251 vs cp1251).
Since we added all locales to buildtools tarball now, we can drop the locale
restrictions too. We need to generate a native binary for the sjis conversion
tool so also tweak that.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Markus Volk [Fri, 10 Nov 2023 11:18:51 +0000 (12:18 +0100)]
gnomebase.bbclass: Use meson as default buildsystem
The vast majority of gnome recipes uses meson. Set it as default
and override the few recipes that still use autotools.
This way we can remove a lot of lines in meta-oe and more important
it would not be needed to explicitly set GNOMEBASEBUILDCLASS = "meson" for newly
created gnome recipe anymore.
Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Xiangyu Chen [Fri, 10 Nov 2023 03:47:12 +0000 (11:47 +0800)]
sudo: upgrade 1.9.14p3 -> 1.9.15p2
Changelog:
===========
1.9.15p2:
- Fixed a bug on BSD systems where sudo would not restore the
terminal settings on exit if the terminal had parity enabled.
1.9.15p1:
- Fixed a bug introduced in sudo 1.9.15 that prevented LDAP-based
sudoers from being able to read the ldap.conf file.
1.9.15:
- Fixed an undefined symbol problem on older versions of macOS
when "intercept" or "log_subcmds" are enabled in sudoers.
- Fixed "make check" failure related to getpwent(3) wrapping
on NetBSD.
- Fixed the warning message for "sudo -l command" when the command
is not permitted. There was a missing space between "list" and
the actual command due to changes in sudo 1.9.14.
- Fixed a bug where output could go to the wrong terminal if
"use_pty" is enabled (the default) and the standard input, output
or error is redirected to a different terminal. Bug #1056.
- The visudo utility will no longer create an empty file when the
specified sudoers file does not exist and the user exits the
editor without making any changes. GitHub issue #294.
- The AIX and Solaris sudo packages on www.sudo.ws now support
"log_subcmds" and "intercept" with both 32-bit and 64-bit
binaries. Previously, they only worked when running binaries
with the same word size as the sudo binary. GitHub issue #289.
- The sudoers source is now logged in the JSON event log. This
makes it possible to tell which rule resulted in a match.
Running "sudo -ll command" now produces verbose output that
includes matching rule as well as the path to the sudoers file
the matching rule came from. For LDAP sudoers, the name of the
matching sudoRole is printed instead.
- The embedded copy of zlib has been updated to version 1.3.
- The sudoers plugin has been modified to make it more resilient
to ROWHAMMER attacks on authentication and policy matching.
This addresses CVE-2023-42465.
- The sudoers plugin now constructs the user time stamp file path
name using the user-ID instead of the user name. This avoids a
potential problem with user names that contain a path separator
('/') being interpreted as part of the path name. A similar
issue in sudo-rs has been assigned CVE-2023-42456.
- A path separator ('/') in a user, group or host name is now
replaced with an underbar character ('_') when expanding escapes
in @include and @includedir directives as well as the "iolog_file"
and "iolog_dir" sudoers Default settings.
- The "intercept_verify" sudoers option is now only applied when
the "intercept" option is set in sudoers. Previously, it was
also applied when "log_subcmds" was enabled. Sudo 1.9.14
contained an incorrect fix for this. Bug #1058.
- Changes to terminal settings are now performed atomically, where
possible. If the command is being run in a pseudo-terminal and
the user's terminal is already in raw mode, sudo will not change
the user's terminal settings. This prevents concurrent sudo
processes from restoring the terminal settings to the wrong values.
GitHub issue #312.
- Reverted a change from sudo 1.9.4 that resulted in PAM session
modules being called with the environment of the command to be
run instead of the environment of the invoking user.
GitHub issue #318.
- New Indonesian translation from translationproject.org.
- The sudo_logsrvd server will now raise its open file descriptor
limit to the maximum allowed value when it starts up. Each
connection can require up to nine open file descriptors so the
default soft limit may be too low.
- Better log message when rejecting a command if the "intercept"
option is enabled and the "intercept_allow_setid" option is
disabled. Previously, "command not allowed" would be logged and
the user had no way of knowing what the actual problem was.
- Sudo will now log the invoking user's environment as "submitenv"
in the JSON logs. The command's environment ("runenv") is no
longer logged for commands rejected by the sudoers file or an
approval plugin.
luca fancellu [Thu, 9 Nov 2023 14:36:31 +0000 (14:36 +0000)]
oeqa/ssh: Handle SSHCall timeout error code
The current code in ssh.py is terminating the ssh process that
does not finish its computation in a given timeout (when timeout
is passed), the SSHCall function is returning the process error
code.
The Openssl ssh before version 8.6_p1 is returning 0 when it is
terminated, from commit 8a9520836e71830f4fccca066dba73fea3d16bda
onwards (version >= 8.6_p1) ssh is returning 255 instead.
So for version of ssh older than 8.6_p1 when the SSHCall time out,
the return code will be 0, meaning success, which is wrong.
Fix this issue checking if the process has timeout (hence it's been
terminated) and checking if the returned code is 0, in that case
set it to 255 to advertise that an error occurred.
Add a test case excercising the timeout in the SSHTest, test_ssh
test function.
Khem Raj [Thu, 9 Nov 2023 05:22:56 +0000 (21:22 -0800)]
libarchive: Add packageconfig knob for libb2
automatic detection could result in inconsistent host dependencies
since it will be enabled for libarchive-native if the build host has
libb2 installed and this can then fail on hosts which do not have
this library installed
Fixes errors like
recipe-sysroot-native/usr/bin/opkg: error while loading shared libraries: libb2.so.1: cannot open shared object file: No such file or directory
There an out-of-bounds read at fs/ntfs.c, a physically present attacker
may leverage that by presenting a specially crafted NTFS file system
image to read arbitrary memory locations. A successful attack may allow
sensitive data cached in memory or EFI variables values to be leaked
presenting a high Confidentiality risk.
systemd defines a default set of fallback NTP servers in
https://github.com/systemd/systemd/blob/v254/meson_options.txt#L343-L345
A no-dns-fallback option was added previously to comfortably allow to
disable the default set of DNS fallback servers. This patch does the
same for the default set of NTP servers.
Signed-off-by: Markus Fuchs <mklntf@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Lukas Funke [Wed, 8 Nov 2023 09:40:59 +0000 (10:40 +0100)]
udev-extraconf: mount.sh: check if filesystem is supported before mounting
Check if the filesystem is supported by the kernel before trying to
mount it. Systemd-mount will mount the directories asynchronously
resulting in stale directories if the devices filesystem is not
supported.
Ross Burton [Tue, 7 Nov 2023 16:52:28 +0000 (16:52 +0000)]
xwayland: upgrade to 23.2.2
e4487cae1 Bump version to 23.2.2 1e8478455 Xi/randr: fix handling of PropModeAppend/Prepend (CVE-2023-5367) 829a99117 Switch to libbsd-overlay 4f8a851b6 xwayland: Cancel the EI disconnect timer when freed cc79b2a83 glamor: xv: Fix invalid accessing of plane attributes for NV12 07c18c90e xwayland: Give up on EI on setup failure 10353a01a xwayland: Add an option to enable EI portal support 4f8e209d2 xwayland/glamor/gbm: Set GBM_BO_USE_LINEAR if only LINEAR modifier is supported c9a842e60 xwayland/present: Handle NULL window_priv in xwl_present_cleanup 2bd43be92 glamor: fixes GL_INVALID_ENUM errors on ES if there is no quads
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As stated in the LICENSES/README.md "Unless otherwise noted, the systemd
project sources are licensed under the terms and conditions of the GNU
Lesser General Public License v2.1 or later", so replace LGPL-2.1-only
with LGPL-2.1-or-later.
With the exception of some udev sources that are licensed under
GPL-2.0-or-later (but are packaged separately), the project is licensed
under LGPL, and all the components are LGPL or under LGPL compatible
licenses. The package libsystemd is currently under the main package
license, which can cause problems when scanning for GPL software linked
to CLOSED one. Add more granularity by setting a license for libsystemd
to LGPL-2.1-or-later.
Signed-off-by: Massimiliano Minella <massimiliano.minella@se.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Kernel 6.7-rc1 commit 02e85f74668e ("tools: arm64: Add a Makefile for
generating sysreg-defs.h") uses files from arch/arm64/tools/,
gen-sysreg.awk and sysreg.
Without the files the build of perf fails independent of the used
architecture (confirmed with armv7 and qemux86_64).
As arch/arm64/tools/ has been added with 5.13 allow perf to build
even it that directory does not exist.
Add arch/arm64/tools/ to PERF_SRC.
Fixes:
| make[3]: *** No rule to make target '.../qemux86_64-tdx-linux/perf/1.0/perf-1.0/arch/arm64/tools/gen-sysreg.awk', needed by '.../qemux86_64-tdx-linux/perf/1.0/perf-1.0/tools/arch/arm64/include/generated/asm/sysreg-defs.h'. Stop.
| make[2]: *** [Makefile.perf:456: arm64-sysreg-defs] Error 2
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Wed, 8 Nov 2023 14:16:29 +0000 (09:16 -0500)]
linux-yocto/6.5: update to v6.5.10
Updating to the latest korg -stable release that comprises
the following commits:
43a868577dfc Linux 6.5.10 062c1ba88b4f accel/ivpu/37xx: Fix missing VPUIP interrupts cdb4daffc2d4 mm/damon/sysfs: check DAMOS regions update progress from before_terminate() a5c9f6289625 platform/x86: Add s2idle quirk for more Lenovo laptops adebf494e425 clk: stm32: Fix a signedness issue in clk_stm32_composite_determine_rate() 302479e2d4c4 clk: socfpga: gate: Account for the divider in determine_rate 5193aec42c45 clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name d1e039180f81 sparc32: fix a braino in fault handling in csum_and_copy_..._user() 516177805997 perf/core: Fix potential NULL deref 25de47d0d6e7 x86/cpu: Add model number for Intel Arrow Lake mobile processor 3256ad9bb4ce x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility 7f864ab94da3 x86/tsc: Defer marking TSC unstable to a worker cfa5aa4a5ea2 nvmem: imx: correct nregs for i.MX6UL 4f6c3da9a978 nvmem: imx: correct nregs for i.MX6SLL 3e325ac1eec9 nvmem: imx: correct nregs for i.MX6ULL bc0991e8e1fb misc: fastrpc: Unmap only if buffer is unmapped from DSP 8e4afa8598d9 misc: fastrpc: Clean buffers on remote invocation failures c2400bfd8ce4 misc: fastrpc: Free DMA handles for RPC calls with no arguments 0351f86266f6 misc: fastrpc: Reset metadata buffer to avoid incorrect free 96790d33261c tracing/kprobes: Fix the description of variable length arguments 63de22fdf851 tracing/kprobes: Fix symbol counting logic by looking at modules as well 001b2dc822d3 i2c: aspeed: Fix i2c bus hang in slave read 20062e7a248f i2c: stm32f7: Fix PEC handling in case of SMBUS transfers e505ca5d9ac0 i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() 135e2858ab78 i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() 2f7671a14960 i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() 5f6dc4a12d79 iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale f763aa29992d iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds f2bd3c005aba iio: exynos-adc: request second interupt only when touchscreen mode is used 0a9bb3fa6870 iio: afe: rescale: Accept only offset channels 56e08ccc9697 io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid 1c43576ac2d1 kasan: print the original fault addr when access invalid shadow 6cf937305199 blk-throttle: check for overflow in calculate_bytes_allowed c031d9a8383d scsi: sd: Introduce manage_shutdown device flag 927c770488fe iavf: in iavf_down, disable queues when removing the driver de306715bc3f drm/i915/mcr: Hold GT forcewake during steering operations a90e92e77bb6 drm/logicvc: Kconfig: select REGMAP and REGMAP_MMIO 180069f6b8e8 net/sched: act_ct: additional checks for outdated flows 533c24b368d7 netfilter: flowtable: GC pushes back packets to classic path 36cf7d1d79ec i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR 4c898bdfc6a1 drm/i915/perf: Determine context valid in OA reports 9ba154363a09 gtp: fix fragmentation needed check with gso 62376a558db3 gtp: uapi: fix GTPA_MAX 450d6bf74c28 net/handshake: fix file ref count in handshake_nl_accept_doit() 8279cd3af8bf wifi: mac80211: don't drop all unprotected public action frames 943431ee2a17 wifi: cfg80211: fix assoc response warning on failed links 989ac939b1a5 wifi: cfg80211: pass correct pointer to rdev_inform_bss() 9617c77f0c0e tcp: fix wrong RTO timeout when received SACK reneging a22e19386109 r8152: Release firmware if we have an error in probe 0fd9553632fd r8152: Cancel hw_phy_work if we have an error in probe 56e8946e1a25 r8152: Run the unload routine if we have errors during probe 90b49a273de0 r8152: Increase USB control msg timeout to 5000ms as per spec c11f5c496f65 net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg 0d3295a43c63 net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() 8e0e94bf5b4a net: ethernet: adi: adin1110: Fix uninitialized variable fdba00877119 igc: Fix ambiguity in the ethtool advertising cf6fd6e0a831 neighbour: fix various data-races 5f9d1995d040 net: do not leave an empty skb in write queue 7462118b2083 igb: Fix potential memory leak in igb_add_ethtool_nfc_entry fd9d5ad3c865 treewide: Spelling fix in comment 7e5beb46db3a i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value f927602db213 iavf: initialize waitqueues before starting watchdog_task bcbf3f442903 r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 03599d8d353a r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 23473ffd3aec r8169: fix the KCSAN reported data-race in rtl_tx() while reading tp->cur_tx 3dacf771d6e4 clk: ti: Fix missing omap5 mcbsp functional clock and aliases 202f0a4266ca clk: ti: Fix missing omap4 mcbsp functional clock and aliases 7e6cde9455e1 firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels() ec4a1eed8259 ARM: OMAP: timer32K: fix all kernel-doc warnings 0bc72b967d82 btrfs: fix unwritten extent buffer after snapshotting a new subvolume ca9cd8fb3454 btrfs: remove v0 extent handling 1df7ca358099 drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() ed93977857fd drm/amd: Disable ASPM for VI w/ all Intel systems 5692e4e09f0a drm/i915/pmu: Check if pmu is closed before stopping event 7c05a73c3893 accel/ivpu: Don't enter d0i3 during FLR 4bb5ed32bf06 ARM: dts: rockchip: Fix timer clocks for RK3128 6d6e82fb8a94 ARM: dts: rockchip: Add missing quirk for RK3128's dma engine 835fdd9a36cc ARM: dts: rockchip: Add missing arm timer interrupt for RK3128 568192da05cb ARM: dts: rockchip: Fix i2c0 register address for RK3128 f4b8ef292ec6 ARM: OMAP1: ams-delta: Fix MODEM initialization failure 0a411c59897e vdpa/mlx5: Fix double release of debugfs entry 37509b77aeeb vdpa_sim_blk: Fix the potential leak of mgmt_dev a3e7e0de21cf nfsd: lock_rename() needs both directories to live on the same fs 11bc9f5c70bb maple_tree: add GFP_KERNEL to allocations in mas_expected_entries() 257931b5d8b1 hugetlbfs: extend hugetlb_vma_lock to private VMAs a6d2f04abe6a mm/mempolicy: fix set_mempolicy_home_node() previous VMA pointer c0ade01d5369 selftests/mm: include mman header to access MREMAP_DONTUNMAP identifier 941f6af9946e mm/migrate: fix do_pages_move for compat pointers 5d6ea592222a mm/page_alloc: correct start page when guard page debug is enabled 92c5ddea6a6c hugetlbfs: clear resv_map pointer if mmap fails e3f64e0bb2fa mm: fix vm_brk_flags() to not bail out while holding lock 5ee66af50c41 i40e: sync next_to_clean and next_to_process for programming status desc 6ba04d5dfd00 arm64: dts: rockchip: Fix i2s0 pin conflict on ROCK Pi 4 boards 7bc99864cb91 arm64: dts: rockchip: Add i2s0-2ch-bus-bclk-off pins to RK3399 7c5934f90db6 arm64: dts: qcom: sa8775p: correct PMIC GPIO label in gpio-ranges 7f5d458012fa arm64: dts: rockchip: set codec system-clock-fixed on px30-ringneck-haikou 51b3ef53fa5d arm64: dts: rockchip: use codec as clock master on px30-ringneck-haikou aa7df1844910 arm64: dts: qcom: msm8996-xiaomi: fix missing clock populate d8b34f309f36 arm64: dts: qcom: apq8096-db820c: fix missing clock populate 368b3c788e99 vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE e83bce65ae80 vsock/virtio: initialize the_virtio_vsock before using VQs 7efb5418f8cb virtio_pci: fix the common cfg map size 91dacc7d5dbd virtio-crypto: handle config changed by work queue 5f8c38e9538f virtio-mmio: fix memory leak of vm_dev 84a50412e433 virtio_balloon: Fix endless deflation and inflation on arm64 436be190fbf8 smb: client: prevent new fids from being removed by laundromat f806b7e98cb9 smb: client: make laundromat a delayed worker b8c0ab226fee smb: client: do not start laundromat thread on nohandlecache b483b64677a1 smb3: do not start laundromat thread when dir leases disabled 3027d3064c71 smb3: allow controlling maximum number of cached directories 9cb2ea5d7d2a smb3: allow controlling length of time directory entries are cached with dir leases c3b054a86347 vdpa/mlx5: Fix firmware error on creation of 1k VQs
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Wed, 8 Nov 2023 14:16:30 +0000 (09:16 -0500)]
linux-yocto/6.1: update to v6.1.61
Updating to the latest korg -stable release that comprises
the following commits:
4a61839152cc Linux 6.1.61 5926b0886d0c objtool/x86: add missing embedded_insn check 2afa9f7eb15c ext4: avoid overlapping preallocations due to overflow fcefddf3a151 ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow 495c4c58d684 ext4: add two helper functions extent_logical_end() and pa_logical_end() d022e4ea9c2f platform/x86: Add s2idle quirk for more Lenovo laptops 48ebeab0eda1 clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name 65e5a9890e03 sparc32: fix a braino in fault handling in csum_and_copy_..._user() 8b8cde8ebb87 perf/core: Fix potential NULL deref 5e232f2205f2 x86/cpu: Add model number for Intel Arrow Lake mobile processor 63cc3d5d343d x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility 37495846b1ef nvmem: imx: correct nregs for i.MX6UL 116671d25915 nvmem: imx: correct nregs for i.MX6SLL b90b8633ef62 nvmem: imx: correct nregs for i.MX6ULL cc87c73eac2d misc: fastrpc: Unmap only if buffer is unmapped from DSP 38c5faf2a984 misc: fastrpc: Clean buffers on remote invocation failures 7737e9384e2d misc: fastrpc: Free DMA handles for RPC calls with no arguments 1e8851b51300 misc: fastrpc: Reset metadata buffer to avoid incorrect free 5a35fc1c0091 tracing/kprobes: Fix the description of variable length arguments 91b95e3b4ac8 i2c: aspeed: Fix i2c bus hang in slave read 11602cadc9b4 i2c: stm32f7: Fix PEC handling in case of SMBUS transfers ff0312a156cf i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() f9a7b3b33c84 i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() 48a365ae4f31 i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() 6ec84059b5e1 iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale e26fd381bf11 iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds cb01837e0f7a iio: exynos-adc: request second interupt only when touchscreen mode is used 7a641bc52f00 iio: afe: rescale: Accept only offset channels 9236d2ea6465 io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid 1684909df3f4 kasan: print the original fault addr when access invalid shadow 6a5b845b57b1 blk-throttle: check for overflow in calculate_bytes_allowed bb20a245df9c scsi: sd: Introduce manage_shutdown device flag 93fa5786f972 iavf: in iavf_down, disable queues when removing the driver f7f660df65a1 drm/logicvc: Kconfig: select REGMAP and REGMAP_MMIO cb115b6688b6 i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR 144f93c62239 gtp: fix fragmentation needed check with gso 039a050740fc gtp: uapi: fix GTPA_MAX 664a358b7966 tcp: fix wrong RTO timeout when received SACK reneging 5b100bb0449c r8152: Release firmware if we have an error in probe ecb51a434e3d r8152: Cancel hw_phy_work if we have an error in probe 87376143df3f r8152: Run the unload routine if we have errors during probe ee73f937c5e9 r8152: Increase USB control msg timeout to 5000ms as per spec 9eb275fec602 net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg 7c799bc32232 net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() 55b01c5a847e net: ethernet: adi: adin1110: Fix uninitialized variable 9d2b588fae86 igc: Fix ambiguity in the ethtool advertising fa28949c72db neighbour: fix various data-races c166dd51b628 igb: Fix potential memory leak in igb_add_ethtool_nfc_entry 9a194064fab6 treewide: Spelling fix in comment b1ad0a147d08 i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value d8ac13acfbf7 iavf: initialize waitqueues before starting watchdog_task 66e879507b12 r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 d10140916e6f r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 4138a02c8953 r8169: fix the KCSAN reported data-race in rtl_tx() while reading tp->cur_tx 29f365f4c3b8 clk: ti: Fix missing omap5 mcbsp functional clock and aliases 2ba943c6d9eb clk: ti: Fix missing omap4 mcbsp functional clock and aliases 8d8346ed3968 firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels() df4169fc9b8a ARM: OMAP: timer32K: fix all kernel-doc warnings 6c668e2f338b drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() 024251bab25d drm/amd: Disable ASPM for VI w/ all Intel systems eded5f5261b8 drm/i915/pmu: Check if pmu is closed before stopping event 4f46c177c03d nfsd: lock_rename() needs both directories to live on the same fs 3262ff5826e1 maple_tree: add GFP_KERNEL to allocations in mas_expected_entries() b1b2750de123 hugetlbfs: extend hugetlb_vma_lock to private VMAs c9b066f6920d mm/migrate: fix do_pages_move for compat pointers a6fbf025e3cf mm/page_alloc: correct start page when guard page debug is enabled 0aa7b24c068c hugetlbfs: clear resv_map pointer if mmap fails 38d0d1c44255 mm: fix vm_brk_flags() to not bail out while holding lock 38930ec7670a arm64: dts: rockchip: Fix i2s0 pin conflict on ROCK Pi 4 boards 9d72254c2b7a arm64: dts: rockchip: Add i2s0-2ch-bus-bclk-off pins to RK3399 08e6b680f264 vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE 1f14ded0f165 vsock/virtio: initialize the_virtio_vsock before using VQs 534487cc3eb8 virtio_pci: fix the common cfg map size 86f467d3582e virtio-crypto: handle config changed by work queue a9d4a1ea6709 virtio-mmio: fix memory leak of vm_dev 19b30a879065 virtio_balloon: Fix endless deflation and inflation on arm64 bede8b4b5175 mcb-lpc: Reallocate memory region to avoid memory overlapping c9efc3efe450 mcb: Return actual parsed size when reading chameleon table e58ab834e48f pinctrl: qcom: lpass-lpi: fix concurrent register updates 018b11ecba76 ASoC: codecs: wcd938x: fix runtime PM imbalance on remove 508c3353fed8 ASoC: codecs: wcd938x: fix regulator leaks on probe errors 877fc75d2cf7 ASoC: codecs: wcd938x: Simplify with dev_err_probe 629ba75200a1 ASoC: codecs: wcd938x: Convert to platform remove callback returning void 1fae817d3ecb mmc: core: Fix error propagation for some ioctl commands 719c01f28130 mmc: block: ioctl: do write error check for spi 651e66d20b59 mmc: core: Align to common busy polling behaviour for mmc ioctls d3466ce4f42e KVM: x86/pmu: Truncate counter value to allowed width on write
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
