Bruce Ashfield [Thu, 23 Apr 2026 15:32:10 +0000 (11:32 -0400)]
linux-yocto/6.18: update to v6.18.21
Updating linux-yocto/6.18 to the latest korg -stable release that comprises
the following commits:
44c944a67997 Linux 6.18.21 e75a5c054d49 Bluetooth: L2CAP: Fix regressions caused by reusing ident 853f70c67d1b futex: Fix UaF between futex_key_to_node_opt() and vma_replace_policy() 18b7d09c2b79 futex: Require sys_futex_requeue() to have identical flags a7df91375471 irqchip/renesas-rzv2h: Fix error path in rzv2h_icu_probe_common() f0035858dfb2 netfs: Fix the handling of stream->front by removing it e7ba52b38766 xen/privcmd: unregister xenstore notifier on module exit 806d40421a59 btrfs: fix lost error when running device stats on multiple devices fs 3c844d01f987 btrfs: fix leak of kobject name for sub-group space_info c1677817b906 btrfs: fix super block offset in error message in btrfs_validate_super() 3e5fd8f53b57 netfs: Fix read abandonment during retry 0c9256f31003 selftests/mount_setattr: increase tmpfs size for idmapped mount tests 285a2602bf37 dmaengine: xilinx_dma: Fix reset related timeout with two-channel AXIDMA ec48fb2f5936 dmaengine: xilinx: xilinx_dma: Fix unmasked residue subtraction e75f5f76be90 dmaengine: xilinx: xilinx_dma: Fix residue calculation for cyclic DMA e9a6eba5f0c0 dmaengine: xilinx: xilinx_dma: Fix dma_device directions 82656e8daf8d dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() a4d1b4ba9754 netfs: Fix NULL pointer dereference in netfs_unbuffered_write() on retry 4bc2d72c7695 netfs: Fix kernel BUG in netfs_limit_iter() for ITER_KVEC iterators f27197ccfd2e dmaengine: xilinx: xdma: Fix regmap init error handling e1d0d0080bab dmaengine: dw-edma: Fix multiple times setting of the CYCLE_STATE and CYCLE_BIT bits for HDMA. eb048d11fa2a phy: ti: j721e-wiz: Fix device node reference leak in wiz_get_lane_phy_types() facd0012708e dmaengine: idxd: Fix leaking event log memory a18e809e22d3 dmaengine: idxd: Fix freeing the allocated ida too late a9e7815d3862 dmaengine: idxd: Fix memory leak when a wq is reset 958e96533ddb dmaengine: idxd: Fix not releasing workqueue on .release() 504c0e675100 dmaengine: idxd: Fix possible invalid memory access after FLR aa0ffc6d3990 dmaengine: idxd: Fix crash when the event log is disabled 40b3f4700e55 mm/mseal: update VMA end correctly on merge a5c6f6d6ceef ksmbd: fix use-after-free and NULL deref in smb_grant_oplock() 7ad1997b9bc8 mm/huge_memory: fix folio isn't locked in softleaf_to_folio() e9de9f3ce06b mm/damon/sysfs: fix param_ctx leak on damon_sysfs_new_test_ctx() failure 9c495f9d3781 mm/damon/core: avoid use of half-online-committed context 9cf7588aa578 mm/damon/stat: monitor all System RAM resources 5eeba3a7bf49 drm/amd/pm: fix amdgpu_irq enabled counter unbalanced on smu v11.0 e1cd6e0251ef rust: pin-init: internal: init: document load-bearing fact of field accessors 6b60e35a7fdb unwind_user/x86: Fix arch=um build 41fc9825ac25 powerpc64/bpf: do not increment tailcall count when prog is NULL b159111cdd8a arm64: dts: imx8mn-tqma8mqnl: fix LDO5 power off 812b6a7cd3e7 ext4: always drain queued discard work in ext4_mb_release() f7817ad399d6 ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths 12624c5b724a ext4: handle wraparound when searching for blocks for indirect mapped blocks 0652ab1bd814 ext4: fix the might_sleep() warnings in kvfree() c97e282f7bfd ext4: fix use-after-free in update_super_work when racing with umount ad1f6d608f33 ext4: reject mount if bigalloc with s_first_data_block != 0 1895f7904be7 ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() 416c86f30f91 ext4: avoid infinite loops caused by residual data 93f2e975ed65 ext4: validate p_idx bounds in ext4_ext_correct_indexes b44fc445b3b7 ext4: test if inode's all dirty pages are submitted to disk 4855a59e2178 ext4: publish jinode after initialization 823849a26af0 ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio f49a14810dfe ext4: make recently_deleted() properly work with lazy itable initialization 1d4460f33ce8 ext4: fix fsync(2) for nojournal mode 16041a808b50 ext4: do not check fast symlink during orphan recovery 95de75794cd9 ext4: fix stale xarray tags after writeback 93cb2d103e5c ext4: convert inline data to extents when truncate exceeds inline size 69835472c726 ext4: fix journal credit check when setting fscrypt context 2c2db09b9043 xfs: remove file_path tracepoint data a1a5df1038f0 xfs: don't irele after failing to iget in xfs_attri_recover_work 68d80f35ea62 xfs: fix ri_total validation in xlog_recover_attri_commit_pass2 3b0c3414b308 xfs: scrub: unlock dquot before early return in quota scrub 95fb5d643cc7 xfs: avoid dereferencing log items after push callbacks 50f5f056807b xfs: save ailp before dropping the AIL lock in push callbacks 8147e304d7d3 xfs: stop reclaim before pushing AIL during unmount 38ec58670a0c mm/pagewalk: fix race between concurrent split and refault 3527e9fdc385 mm/damon/sysfs: check contexts->nr in repeat_call_fn 708033c231bd mm/damon/sysfs: check contexts->nr before accessing contexts_arr[0] 54c143028eb4 drm/amd/pm: Return -EOPNOTSUPP for unsupported OD_MCLK on smu_v13_0_6 126053d0a685 LoongArch: KVM: Handle the case that EIOINTC's coremap is empty 878cf6acb4fd LoongArch: KVM: Make kvm_get_vcpu_by_cpuid() more robust 70fb63c5d36c LoongArch: Workaround LS2K/LS7A GPU DMA hang bug 53a27c09850b LoongArch: vDSO: Emit GNU_EH_FRAME correctly a1da957c25cf LoongArch: Fix missing NULL checks for kstrdup() 70e2eb91cb63 drm/i915: Unlink NV12 planes earlier 859b14e0be9e drm/i915: Order OP vs. timeout correctly in __wait_for() 8581466b827f drm/i915/dp_tunnel: Fix error handling when clearing stream BW in atomic state eb95595194e4 drm/amd/display: Fix drm_edid leak in amdgpu_dm 51ccaf0e30c3 drm/amdgpu: prevent immediate PASID reuse case b6a468966347 dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock 2b2518b1abb3 dmaengine: sh: rz-dmac: Protect the driver specific lists 79d2151a7c30 dmaengine: fsl-edma: fix channel parameter config for fixed channel requests 20768be1734c i2c: imx: ensure no clock is generated after last read dca0e38ecfd0 i2c: imx: fix i2c issue when reading multiple messages 92e47ad03e03 futex: Clear stale exiting pointer in futex_lock_pi() retry path 83bcea9da919 i2c: designware: amdisp: Fix resume-probe race condition issue 7319d57db908 irqchip/qcom-mpm: Add missing mailbox TX done acknowledgment 1d896b408646 jbd2: gracefully abort on checkpointing state corruptions bab090e8fd56 KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE 695320de6ead KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE f4bc91398b57 net: macb: Use dev_consume_skb_any() to free TX SKBs 33eeb5471a8b net: macb: Protect access to net_device::ip_ptr with RCU lock 99405131d6ed net: macb: Move devm_{free,request}_irq() out of spin lock area 4771b85954be scsi: ses: Handle positive SCSI error from ses_recv_diag() 786f10b1966e scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() e02685511282 ovl: fix wrong detection of 32bit inode numbers ebbac99bb666 ovl: make fsync after metadata copy-up opt-in mount option db08e8c32090 phy: qcom: qmp-ufs: Fix SM8650 PCS table for Gear 4 4cce3cd5ed79 x86/fred: Fix early boot failures on SEV-ES/SNP guests a6e14114684d x86/cpu: Remove X86_CR4_FRED from the CR4 pinned bits mask 5433c7ac4bc8 x86/cpu: Enable FSGSBASE early in cpu_init_exception_handling() 83800f8ef358 writeback: don't block sync for filesystems with no data integrity guarantees e54c8863ba33 alarmtimer: Fix argument order in alarm_timer_forward() da4046406459 erofs: add GFP_NOIO in the bio completion if needed 9a18629f2525 virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false 6f3c8795ae9b virt: tdx-guest: Fix handling of host controlled 'quote' buffer length 371a43c4ac70 xfrm: iptfs: only publish mode_data after clone setup de6d8e8ce518 xfrm: iptfs: validate inner IPv4 header length in IPTFS payload 72b9e81e0203 media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex 529a3f3c49d3 hwmon: (peci/cputemp) Fix off-by-one in cputemp_is_visible() d640ef7117a1 hwmon: (peci/cputemp) Fix crit_hyst returning delta instead of absolute temperature 67fd1e71f768 hwmon: (pmbus/isl68137) Add mutex protection for AVS enable sysfs attributes bf28ab8bed18 hwmon: (pmbus/ina233) Fix error handling and sign extension in shunt voltage read 8e209d882b67 KVM: arm64: Discard PC update state on vcpu reset 4cf2cc6bc1cd platform/x86: ISST: Correct locked bit width fdaf61f2831a RDMA/ionic: Preserve and set Ethernet source MAC after ib_ud_header_init() ab839325a41c thermal: intel: int340x: soc_slider: Set offset only for balanced mode 8def1e51df14 kbuild: Delete .builtin-dtbs.S when running make clean e2f7e4d83ab8 cpufreq: conservative: Reset requested_freq on limits change f162aa749a40 can: netlink: can_changelink(): add missing error handling to call can_ctrlmode_changelink() eec8a1b18a79 can: isotp: fix tx.buf use-after-free in isotp_sendmsg() 84f8b76d2427 can: gw: fix OOB heap access in cgw_csum_crc8_rel() cab361aa6404 ASoC: SOF: ipc4-topology: Allow bytes controls without initial payload d472d1a52985 ASoC: sma1307: fix double free of devm_kzalloc() memory 6ab27f2dc76d ASoC: codecs: wcd934x: fix typo in dt parsing c215d25cf050 ALSA: firewire-lib: fix uninitialized local variable 61aff3c1edc3 ALSA: hda/realtek: add quirk for ASUS Strix G16 G615JMR 47c459a6c9b6 Revert "ALSA: hda/intel: Add MSI X870E Tomahawk to denylist" a897064a4570 ksmbd: do not expire session on binding failure 3cdacd11b415 ksmbd: fix memory leaks and NULL deref in smb2_lock() b0cd9725fe2b ksmbd: fix potencial OOB in get_file_all_info() for compound requests 80824c7e527b ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len() 5eda8001ebb5 drm/xe: always keep track of remap prev/next f278b8ebf7eb tracing: Fix potential deadlock in cpu hotplug with osnoise 7f4e3233faa8 s390/entry: Scrub r12 register on kernel entry 3d39a4ec6380 s390/barrier: Make array_index_mask_nospec() __always_inline 87776f02449e s390/syscalls: Add spectre boundary for syscall dispatch table 449005087718 ALSA: usb-audio: Exclude Scarlett 2i4 1st Gen from SKIP_IFACE_SETUP e89e2b97253c spi: spi-fsl-lpspi: fix teardown order issue (UAF) efb07062d95c ASoC: adau1372: Fix clock leak on PLL lock failure 02709ae51f93 ASoC: adau1372: Fix unchecked clk_prepare_enable() return value 01d5711be772 sysctl: fix uninitialized variable in proc_do_large_bitmap 4e9d723d9f19 hwmon: (pmbus/core) Protect regulator operations with mutex cdf31cf5ca4a hwmon: (pmbus) Introduce the concept of "write-only" attributes 34479e52f1e9 hwmon: (pmbus) Mark lowest/average/highest/rated attributes as read-only 8b476d95e98b hwmon: (adm1177) fix sysfs ABI violation and current unit conversion 39820864eacd drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib d04c007047c8 ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() c73a58661a76 spi: use generic driver_override infrastructure 15da4f5e1001 drm/xe: Implement recent spec updates to Wa_16025250150 4e96a8440e74 rust: regulator: do not assume that regulator_get() returns non-null 8f3226f00cb1 ASoC: dt-bindings: stm32: Fix incorrect compatible string in stm32h7-sai match 8a5edc97fd9c drm/amd/display: Do not skip unrelated mode changes in DSC validation da06a104f048 spi: meson-spicc: Fix double-put in remove path 7af2d06ec25b ASoC: Intel: catpt: Fix the device initialization 234a82a13886 spi: sn-f-ospi: Fix resource leak in f_ospi_probe() 3025ca5daa9d PM: sleep: Drop spurious WARN_ON() from pm_restore_gfp_mask() 13a6af01c1e3 PM: hibernate: Drain trailing zero pages on userspace restore 842aa6103b6f drm/i915/gmbus: fix spurious timeout on 512-byte burst reads 9a709b7e3632 drm/mediatek: dsi: Store driver data before invoking mipi_dsi_host_register f8afc292d4bc x86/efi: efi_unmap_boot_services: fix calculation of ranges_to_free size a8b66cf9ba3c scsi: scsi_transport_sas: Fix the maximum channel scanning issue 6140239d4518 ASoC: fsl: imx-card: initialize playback_only and capture_only 3f08351de5ca RDMA/irdma: Harden depth calculation functions 0e04f3f2dca4 RDMA/irdma: Return EINVAL for invalid arp index error cd8bcec2de5e RDMA/irdma: Fix deadlock during netdev reset with active connections 8203f295b4bc RDMA/irdma: Remove reset check from irdma_modify_qp_to_err() 30d9491bbb69 RDMA/irdma: Clean up unnecessary dereference of event->cm_node 4c2b2ea802bc RDMA/irdma: Remove a NOP wait_event() in irdma_modify_qp_roce() feeabfc936d7 RDMA/irdma: Update ibqp state to error if QP is already in error state 3cb88c12461b RDMA/irdma: Initialize free_qp completion before using it 9d4fe0d7586e ALSA: usb-audio: Exclude Scarlett 2i2 1st Gen from SKIP_IFACE_SETUP f9433abfcf83 RDMA/efa: Fix possible deadlock 21ae8790e5a8 RDMA/rw: Fall back to direct SGE on MR pool exhaustion a1dc886137ab ALSA: hda/realtek: Sequence GPIO2 on Star Labs StarFighter f710129df9fc regmap: Synchronize cache for the page selector 0dd98aea1c0c RDMA/efa: Fix use of completion ctx after free 97da0d993d7c RDMA/efa: Improve admin completion context state machine 26bd3a77c5ff RDMA/efa: Check stored completion CTX command ID with received one 7ff87da09921 net: macb: use the current queue number for stats c6cb41eaae87 netfilter: ctnetlink: use netlink policy range checks 01f34a80ac23 netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp 9ca8c7452493 netfilter: nf_conntrack_expect: skip expectations in other netns via proc 53d8899452d9 netfilter: nft_set_rbtree: revisit array resize logic d8795fde1f78 netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() c9f6c51d3648 netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD 9f557c7eae12 tls: Purge async_hold in tls_decrypt_async_wait() 1019028eb124 Bluetooth: btusb: clamp SCO altsetting table indices 900e4db5385e Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop 3f26ecbd9cde Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() ea6cf86167b3 Bluetooth: L2CAP: Fix not tracking outstanding TX ident 66696648af47 Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock 5c7cd74673bc Bluetooth: L2CAP: Fix send LE flow credits in ACL link 4f23cceb3500 dma-mapping: add missing `inline` for `dma_free_attrs` 064fede3ae78 rtnetlink: fix leak of SRCU struct in rtnl_link_register 4e27807943b1 net: lan743x: fix duplex configuration in mac_link_up 0a7468ed49a6 team: fix header_ops type confusion with non-Ethernet ports a72891444623 virtio-net: correct hdr_len handling for tunnel gso 5f217e718236 virtio-net: correct hdr_len handling for VIRTIO_NET_F_GUEST_HDRLEN 2fefa595d484 net: enetc: fix the output issue of 'ethtool --show-ring' 18d84c45def3 udp: Fix wildcard bind conflict check when using hash2 966937039e07 net: airoha: add RCU lock around dev_fill_forward_path d0c7cdc15fdf net: fix fanout UAF in packet_release() via NETDEV_UP race 103931f6fdbb ipv6: Don't remove permanent routes with exceptions from tb6_gc_hlist. edf57ce04bc1 ipv6: Remove permanent routes from tb6_gc_hlist when all exceptions expire. bb85741d2dc2 iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() 22c117745495 ice: use ice_update_eth_stats() for representor stats 218609e1e466 ice: fix inverted ready check for VF representors fe1ed519210a platform/x86: intel-hid: disable wakeup_mode during hibernation a825ab202533 platform/olpc: olpc-xo175-ec: Fix overflow error message to print inlen eaa3dae239f2 platform/x86: lenovo: wmi-gamezone: Drop gz_chain_head e29850b0faa8 platform/x86: ISST: Check HWP support before MSR access d57cf5c770c0 net: bcmasp: fix double disable of clk 9e5f5c07cc7d net: bcmasp: fix double free of WoL irq aba90ae2379f net: bcmasp: streamline early exit in probe 60ed7fa717b1 rtnetlink: count IFLA_INFO_SLAVE_KIND in if_nlmsg_size 6fa3f2764f49 rtnetlink: count IFLA_PARENT_DEV_{NAME,BUS_NAME} in if_nlmsg_size 54c87a730157 net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer bd50c7484c3b openvswitch: validate MPLS set/set_masked payload length 98b726ab5e2a openvswitch: defer tunnel netdev_put to RCU release 95265232b497 net: openvswitch: Avoid releasing netdev before teardown completes d89b74bf08f0 nfc: nci: fix circular locking dependency in nci_close_device 097b16ffa61e ionic: fix persistent MAC address override on PF 936a3c0c10e2 pinctrl: mediatek: common: Fix probe failure for devices without EINT 1dc6db047919 Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb 9ecbfd93cd6d Bluetooth: hci_ll: Fix firmware leak on error path bafec9325d4d Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete 7197462e90b8 Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold 8c96f3bd4ae0 Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() 5b35f8211a91 Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req 46737243be21 pinctrl: stm32: fix HDP driver dependency on GPIO_GENERIC 1500005f286f can: statistics: add missing atomic access in hot path 5cf3972c8221 erofs: set fileio bio failed in short read case f4b4debc0b73 dma: swiotlb: add KMSAN annotations to swiotlb_bounce() 83f644ea9298 af_key: validate families in pfkey_send_migrate() 8854e9367465 xfrm: prevent policy_hthresh.work from racing with netns teardown 2255ed6adbc3 xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() ee0e3521f806 pinctrl: renesas: rza1: Normalize return value of gpio_get() 33a7b3626893 xfrm: iptfs: fix skb_put() panic on non-linear skb during reassembly 7068aaa1cef4 pinctrl: renesas: rzt2h: Fix device node leak in rzt2h_gpio_register() 88d386243ed3 esp: fix skb leak with espintcp and async crypto af834169a410 xfrm: call xdo_dev_state_delete during state update ecb02f949e3e xfrm: fix the condition on x->pcpu_num in xfrm_sa_len 88467620fa4a xfrm: add missing extack for XFRMA_SA_PCPU in add_acquire and allocspi b4a1e07944fe i3c: master: dw-i3c: Fix missing of_node for virtual I2C adapter 6eee692c4204 ALSA: hda/realtek: add quirk for ASUS UM6702RC 72969a102f93 spi: intel-pci: Add support for Nova Lake mobile SPI flash cbc467b4d9f3 usb: core: new quirk to handle devices with zero configurations ad696758a45c drm/amdgpu: fix gpu idle power consumption issue for gfx v12 ca111c9d8d6c nvmet: move async event work off nvmet-wq 17c9ad5aa46c objtool: Handle Clang RSP musical chairs 90420418e622 ALSA: hda/realtek: Add headset jack quirk for Thinkpad X390 f93b6da04ec7 ALSA: hda/realtek: Add quirk for Gigabyte Technology to fix headphone bee43f7b9bc6 ALSA: hda/realtek: add HP Laptop 14s-dr5xxx mute LED quirk ed97a37b00d9 powerpc64/ftrace: fix OOL stub count with clang 2ec578e64521 btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create 91608747a8d2 sched_ext: Use WRITE_ONCE() for the write side of dsq->seq update be1a341c1614 HID: apple: avoid memory leak in apple_report_fixup() 74b1b0d84697 bpf: Fix u32/s32 bounds when ranges cross min/max boundary b4770c2e70e6 ASoC: amd: acp: Add ACP6.3 match entries for Cirrus Logic parts be0c2255d717 drm/ttm/tests: Fix build failure on PREEMPT_RT 34f0790eb712 ALSA: hda/senary: Ensure EAPD is enabled during init 5cf83b76f738 block: break pcpu_alloc_mutex dependency on freeze_lock e33c0c59f1f4 dma-buf: Include ioctl.h in UAPI header 9924fd289901 ASoC: cs35l56: Only patch ASP registers if the DAI is part of a DAIlink 1e68eeada7b0 ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() 77759925aeb6 ALSA: hda/hdmi: Add Tegra238 HDA codec device ID 3d5f63d86720 ASoC: Intel: sof_sdw: Add quirk for Alienware Area 51 (2025) 0CCD SKU 74b25178943f scsi: devinfo: Add BLIST_SKIP_IO_HINTS for Iomega ZIP 09293aecd479 ASoC: rt1321: fix DMIC ch2/3 mask issue 99c9a684b22d scsi: mpi3mr: Clear reset history on ready and recheck state after timeout f927555140c7 ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() ef75dc1401d8 module: Fix kernel panic when a symbol st_shndx is out of bounds 4ebc4d48fca9 HID: asus: add xg mobile 2023 external hardware support bf0ffc028f82 HID: mcp2221: cancel last I2C command on read error 0a4e44eb4b0c platform/x86: oxpec: Add support for OneXPlayer X1 Air ba6af12e600b platform/x86: oxpec: Add support for Aokzoe A2 Pro 6ea6cfdbd646 kbuild: install-extmod-build: Package resolve_btfids if necessary 4121e616c08a net: usb: r8152: add TRENDnet TUC-ET2G 1faaa81aabab platform/x86: oxpec: Add support for OneXPlayer X1z b06021c3cfd8 HID: apple: Add EPOMAKER TH87 to the non-apple keyboards list 43c40bfb8503 platform/x86: oxpec: Add support for OneXPlayer APEX f061affafb59 HID: intel-ish-hid: ipc: Add Nova Lake-H/S PCI device IDs 136f605e246b HID: magicmouse: avoid memory leak in magicmouse_report_fixup() 4101a437c236 HID: magicmouse: fix battery reporting for Apple Magic Trackpad 2 b96c7b25eb1b nvme-pci: ensure we're polling a polled queue 4877461104f2 platform/x86: touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10 05bc9939b501 platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1 94b2a56fd4b1 platform/x86: hp-wmi: Add Omen 16-xd0xxx fan and thermal support 470e01ae896c nvme-fabrics: use kfree_sensitive() for DHCHAP secrets 2e9b4ca982d8 nvme-pci: cap queue creation to used queues 47910033f542 platform/x86: intel-hid: Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list a41cc7c1668e HID: asus: avoid memory leak in asus_report_fixup() c6a021ae84aa platform/x86: hp-wmi: Add Omen 16-wf0xxx fan and thermal support 61415d080d43 tracing: Revert "tracing: Remove pid in task_rename tracing output" 58bd87d0e692 bpf: Fix unsound scalar forking in maybe_fork_scalars() for BPF_OR f14ca604c0ff bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN c0281da1f2aa bpf: Fix exception exit lock checking for subprogs a85bbd9ef8a0 cxl: Adjust the startup priority of cxl_pmem to be higher than that of cxl_acpi a446dbcb3877 bpf: Release module BTF IDR before module unload 7c02a9bd7d14 driver core: platform: use generic driver_override infrastructure ad9465ca3444 driver core: generalize driver_override in struct device 1b1f570444dc sh: platform_early: remove pdev->driver_override check 1f11dc6dc792 hwmon: axi-fan: don't use driver_override as IRQ name e85f446e82aa cxl/hdm: Avoid incorrect DVSEC fallback when HDM decoders are enabled b36b0e804aee s390/mm: Add missing secure storage access fixups for donated memory 35f7914e54fe perf: Make sure to use pmu_ctx->pmu for groups d94e6989e26c x86/perf: Make sure to program the counter value for stopped events on migration ccbf29b28b55 bpf: Fix constant blinding for PROBE_MEM32 stores a17443af8742 bpf: Reset register ID for BPF_END value tracking 2c3214146204 cxl/port: Fix use after free of parent_port in cxl_detach_ep()
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Keep both the older deprecated debian:apt alias and the active
debian:advanced_package_tool identity in CVE_PRODUCT.
- This preserves completeness and avoids missing CVEs in case older
aliases are still used in NVD records.
Signed-off-by: Himanshu Jadon <hjadon@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 22 Apr 2026 19:44:43 +0000 (20:44 +0100)]
vim: disable GTK+3 UI by default
Disable the GTK+ UI by default. By having vim be always built with GTK+
by default installing vim results in the entire GTK+/X11 stack being
pulled into images, even if they would otherwise be non-graphical.
Also, real vim users run it in a terminal.
The PACKAGECONFIG remains and can be enabled. Maybe a future improvement
would be to split the recipe into non-X vim and GTK+-based gvim recipes.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Franz Schnyder [Wed, 8 Apr 2026 13:05:53 +0000 (15:05 +0200)]
gnutls: Add p11-kit for native builds
U-Boot mkeficapsule host tool now uses pkcs11 related gnutls symbols.
If gnutls-native is built without p11-kit support, linking
mkeficapsule will fail.
Enable p11-kit for gnutls-native.
Signed-off-by: Franz Schnyder <franz.schnyder@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a new PACKAGECONFIG to give users the choice of whether to
have /etc/profile.d/80-systemd-osc-context.sh file or not.
This is because the /etc/profile.d/80-systemd-osc-context.sh[1] is setting
PS0 with OSC 3008 standard[2]. If a terminal (e.g., minicom) cannot
deal with this OSC 3008 standard, it will just output the whole contents.
This is quite annoying. See example output below:
Below are steps of how to reproduce the issue with qemu:
1. IMAGE_INSTALL:append = " bash"
2. bitbake core-image-minimal
3. runqemu snapshot kvm nographic qemuparams="-serial pty"
4. minicom -D /dev/pts/X -b 115200 (/dev/pts/X is the one printed in the step 3)
5. [In minicom] type any command or just type "Enter" key
A new PR is also created for systemd upstream:
https://github.com/systemd/systemd/pull/41647
If systemd accepts the PR, we can then use the new option. Otherwise, we'll need
to keep the way it is now.
Ross Burton [Tue, 21 Apr 2026 15:12:47 +0000 (16:12 +0100)]
quilt: remove bzip2 RDEPENDS
quilt has support for compressed patches but for some reason we only
listed bzip2 explicitly, despite it also supporting gzip/xz/lzma/lz/zst.
We don't have any recipes that use compressed patches and there's
nothing special about bzip2, so if a recipe does want to use compressed
patches then it can add the required dependency itself.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Barker [Tue, 21 Apr 2026 20:10:20 +0000 (21:10 +0100)]
image_types_wic: Introduce wicenv image type
Now that wic is an external tool, using it outside of the normal Yocto
build workflow will become more common. So, we need a way for users to
specify that they want the .env file used by wic to be placed into
${DEPLOY_DIR_IMAGE}.
With this change, if you intend to use wic externally, you should
specify:
IMAGE_FSTYPES += "wicenv"
As we now have a separate IMAGE_CMD for this, we no longer need to
deploy the .env file in do_rootfs_wicenv.
[YOCTO #16246]
Signed-off-by: Paul Barker <paul@pbarker.dev> Cc: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sbom-cve-check-common: print warnings on unpatched CVEs
The now removed cve-check class used to print warnings when CVEs with
status "Unpatched" were found. Add this feature to the
sbom-cve-check class with the same default value (enabled).
For now it only does so when the cvecheck report type is enabled. It may
be possible to do the same for the SPDX report type.
Sample output:
WARNING: core-image-minimal-1.0-r0 do_sbom_cve_check: busybox-1.37.0: Found unpatched CVEs: CVE-2024-58251
WARNING: core-image-minimal-1.0-r0 do_sbom_cve_check: expat-2.7.5: Found unpatched CVEs: CVE-2025-66382, CVE-2026-41080
WARNING: core-image-minimal-1.0-r0 do_sbom_cve_check: glibc-2.43+git: Found unpatched CVEs: CVE-2010-4756, CVE-2026-4046
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sunil Dora [Mon, 20 Apr 2026 22:27:42 +0000 (15:27 -0700)]
libcxx: fix libunwind collision with musl builds
Commit 75409c60 (rust: enable fully static linking with TCLIBC=musl)
used install-unwind for musl builds which also installs libunwind.so
and libunwind.h, causing a file collision with the libunwind recipe.
Only libunwind.a is needed for Rust static musl linking. Since no
other recipe in oe-core builds LLVM libunwind, compile it
unconditionally for musl and use do_install to install only the
static library.
Reported-by: Ross Burton <ross.burton@arm.com> Suggested-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Sunil Dora <sunilkumar.dora@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 21 Apr 2026 10:39:05 +0000 (11:39 +0100)]
shadow: Drop 'pointless' patch
As far as I can tell, this patch is a no-op and doens't change the code.
As such, I think it just complicates things and can be removed.
[After testing we found this is working around a pseudo issue where we
were missing an intercept call for __open_2. The correct thing to do is
add that intercept, then we can drop this work around. The workaround
changed the function calls the headers map this into, resulting in ones
pseudo could intercept]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 20 Apr 2026 22:26:02 +0000 (23:26 +0100)]
pseudo: Upgrade to 1.9.4
Update to pull in a full openat2 wrapper which works on Fedora 44.
This update includes the commits:
* Makefile.in: Bump version to 1.9.4
* test: Add renameat2 test cases
* test: Add openat2 test cases
* makewrappers/openat2: Add preserve_path option
* openat2: Implement openat2 wrapper
* ports/linux/guts/renameat2.c: Add comment why this isn't implemented
* Add b4 configuration
* pseudo_setupenvp: Handle malloc failure safely
* pseudo_setupenvp: Allocate space for new env vars if needed
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ahmad Fatoum [Sun, 19 Apr 2026 20:30:14 +0000 (22:30 +0200)]
barebox: upgrade 2026.03.1 -> 2026.04.0
Main highlight of this release is the new devboot mechanism, which
allows overriding any combination of kernel, device tree and
initramfs in an existing boot flow with network-hosted files,
simplifying iterative development:
This release also restores compatibility with new TF-A versions acting
as SCMI clock provider, after TF-A v2.14 broke the SCMI v2.0 clock
protocol used by earlier barebox (and Linux <= v6.6).
Ross Burton [Mon, 20 Apr 2026 19:07:49 +0000 (20:07 +0100)]
util-linux: fix CVE-2026-27456
Backport a patch from upstream to fix CVE-2026-27456:
Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use)
vulnerability has been identified in the SUID binary /usr/bin/mount
from util-linux. The mount binary, when setting up loop devices,
validates the source file path with user privileges via fork() +
setuid() + realpath(), but subsequently re-canonicalizes and opens it
with root privileges (euid=0) without verifying that the path has not
been replaced between both operations. Neither O_NOFOLLOW, nor inode
comparison, nor post-open fstat() are employed. This allows a local
unprivileged user to replace the source file with a symlink pointing
to any root-owned file or device during the race window, causing the
SUID binary to open and mount it as root. Exploitation requires an
/etc/fstab entry with user,loop options whose path points to a
directory where the attacker has write permission, and that
/usr/bin/mount has the SUID bit set (the default configuration on
virtually all Linux distributions). The impact is unauthorized read
access to root-protected files and block devices, including backup
images, disk volumes, and any file containing a valid filesystem.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 20 Apr 2026 19:07:48 +0000 (20:07 +0100)]
xz: fix CVE-2026-34743
Backport a fix from upstream to resolve CVE-2026-34743:
Prior to version 5.8.3, if lzma_index_decoder() was used to decode an
Index that contained no Records, the resulting lzma_index was left in
a state where where a subsequent lzma_index_append() would allocate
too little memory, and a buffer overflow would occur.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 20 Apr 2026 19:07:47 +0000 (20:07 +0100)]
xz: mark several CVEs as fixed
- CVE-2024-47611 was fixed in 5.6.3 and is Windows-specific.
- CVE-2025-31115 was fixed in 5.8.1.
- CVE-2025-58058 is specific to the Go xz module, not this recipe.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Michael Arndt [Fri, 17 Apr 2026 20:07:09 +0000 (22:07 +0200)]
sstate: Fail on file systems without hard link support
The sstate can only work reliably when the file system has support for hard
links. Previously this error was silenced, now the build fails and the user is
informed about the problem.
Signed-off-by: Michael Arndt <michael@rndt.dev> CC: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Peter Marko [Thu, 16 Apr 2026 22:25:26 +0000 (00:25 +0200)]
cve-exclusions: set status for CVE-2025-71145
cvelistV5 tracks hashes instead of versions.
Same hashes are also present in NVD links.
Checking those hashes, fix is already available in linux-yocto.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
devtool-source: set S variable to a sub dir of UNPACKDIR
If a recipe set UNPACKDIR to a directory that is not contained within
WORKDIR, before this modification, this generates the following error:
"S should be set relative to UNPACKDIR."
S should not be updated, otherwise the recipe may not find the extracted
sources. In all recipes, S should reference the UNPACKDIR variable.
There is an exception for the kernel to prevent infinite recursion
when expanding the STAGING_KERNEL_DIR variable.
So, only updates UNPACKDIR to be within the DEVTOOL_TEMPDIR directory.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Peter Marko [Wed, 15 Apr 2026 12:43:06 +0000 (14:43 +0200)]
go: skip recipe instead of throwing fatal error on unknown architectures
Current code means that layer which contains a golang recipe cannot be
even parsed for machine which is not in supported golang architectures.
Skipping the golang recipes instead of throwing fatal error is much
friendlier and let machines without golang support co-exist in a layer
with golang recipes.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Ross Burton [Fri, 17 Apr 2026 16:06:55 +0000 (17:06 +0100)]
python3: prefer valid dists when searching for entry points
When bitbake regenerates a sysroot due to upgrades it will remove any
previously installed files but keep the directories. This can result in
site-packages containing:
setuptools/ <-- the actual Python code
setuptools-82.0.0.dist-info <-- empty metadata directory
setuptools-82.0.1.dist-info <-- populated metadata directory
When importlib_metadata.entry_points() iterates the distributions it
will take the list of dists *in on-disk order* and then remove
duplicates. If the empty directory comes first in the unsorted directory
listing then that is the only one that is returned.
This eventually results in mysterious errors from setuptools:
error: invalid command 'egg_info'
Solve this by sorting the distribution list so that valid dists are
first.
[ YOCTO #16235 ]
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
image_types: catch exception if no CONVERSION_CMD is defined
When new conversion type is defined, BitBake assumes
that CONVERSION_CMD: is defined for the type, so it gets
the variable which returns NoneType if it is not defined.
That generates the following exception which may not be clear
for some:
--
ERROR: /../techleef-image.bb: Error executing a python function in <code>:
The stack trace of python calls that resulted in this exception/failure was:
File: '<code>', lineno: 16, function: <module>
0012:__anon_117__.._recipe_populate_sdk_base_bbclass(d)
0013:__anon_427__.._recipe_populate_sdk_base_bbclass(d)
0014:__anon_131__.._recipe_image_bbclass(d)
0015:__anon_187__.._recipe_image_bbclass(d)
*** 0016:__anon_535__.._recipe_image_bbclass(d)
0017:__anon_44__.._recipe_rootfs_ipk_bbclass(d)
0018:__anon_191__.._recipe_siteinfo_bbclass(d)
0019:__anon_17__.._recipe_license_image_bbclass(d)
0020:__anon_206__.._recipe_image_types_wic_bbclass(d)
File: '/../image.bbclass', lineno: 501, function: __anon_535__.._recipe_image_bbclass
0497: if original_type not in alltypes:
0498: rm_tmp_images.add(localdata.expand("${IMAGE_NAME}.${type}"))
0499:
0500: for bt in basetypes[t]:
*** 0501: gen_conversion_cmds(bt)
0502:
0503: localdata.setVar('type', realt)
0504: if t not in alltypes:
0505: rm_tmp_images.add(localdata.expand("${IMAGE_NAME}.${type}"))
File: '/../image.bbclass', lineno: 490, function: gen_conversion_cmds
0486: type = type[8:]
0487: # Create input image first.
0488: gen_conversion_cmds(type)
0489: localdata.setVar('type', type)
*** 0490: cmd = "\t" + localdata.getVar("CONVERSION_CMD:" + ctype)
0491: if cmd not in cmds:
0492: cmds.append(cmd)
0493: vardeps.add('CONVERSION_CMD:' + ctype)
0494: subimage = type + "." + ctype
Exception: TypeError: can only concatenate str (not "NoneType") to str
ERROR: Parsing halted due to errors, see error messages above
--
Fail with human readable error if no CONVERSION_CMD is defined for
any defined subtype.
Signed-off-by: Talel BELHAJ SALEM <bhstalel@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Fri, 17 Apr 2026 17:28:57 +0000 (19:28 +0200)]
create-spdx-3.0: rerun do_create_recipe_spdx on patch changes
Valkyrie patchmetrics from 2026-04-17 is showing two CVEs where patches
were merged the day before (2026-04-16) - inetutils/CVE-2026-32746 and
re2c/CVE-2026-2903.
Root-cause is that the CVE patches are evaluated in task
do_create_recipe_spdx which does not have any dependency on SRC_URI nor
content of the patches, so it is taken from sstate-cache which contains
old (stale) data.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oe/spdx30_task: Prevent duplication of sources in hasInput rel
If the debug_sources are already inside the build_inputs, we must not
add them again, otherwise, the source files are going to be referenced
multiple times inside the hasInput relationship.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oe/spdx30_task: Add status notes to VEX relationship
Without the status note, we are losing the reason why the CVE is
considered vulnerable or fixed.
The information provided in CVE_STATUS is otherwise lost.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oe/sbom30: Remove unneeded oe.sbom30. to reference local symbol
The class OEDocumentExtension is declared within the sbom30.py file.
There is no need to use its full package path to reference it.
Same for get_element_link_id() function.
Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 16 Apr 2026 10:30:57 +0000 (11:30 +0100)]
glib-networking: backport fix for CVE-2026-2574
CVE-2026-2574:
Affected versions of this package are vulnerable to Out-of-bounds Read
via improper handling of certificate authority data in the OpenSSL
backend. An attacker can cause application crashes and potentially
disclose limited heap memory by enticing a client to connect to a
malicious TLS server that advertises a specially crafted client-CA
list.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jörg Sommer [Thu, 16 Apr 2026 16:38:13 +0000 (18:38 +0200)]
run-postinsts: Replace which by command -v
The command *which* can be provided by the packages which, debianutils,
busybox, or zsh. But if none of these are installed, the call fails. The
POSIX way to check for a command is `command -v` and suppress the output in
case of success.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Haiqing Bai [Wed, 15 Apr 2026 06:51:04 +0000 (06:51 +0000)]
libxml-parser-perl: patch CVE-2006-10003
XML::Parser versions through 2.47 for Perl has an off-by-one
heap buffer overflow in st_serial_stack. In the case
(stackptr == stacksize - 1), the stack will NOT be expanded.
Then the new value will be written at location (++stackptr),
which equals stacksize and therefore falls just outside the
allocated buffer. The bug can be observed when parsing an
XML file with very deep element nesting.
oeqa/sdk: Default to https git protocol for YP/OE repos
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/files/layers.example.json: switch to https clone URIs
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/selftest/devtool-test-git-gitsm: Default to https git protocol for YP/OE repos
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Use ";protocol=https" for the parent git submodule and, also, update the
SRCREV to point to a commit where submodules are reference through a
https:// URL instead of a git:// one.
Update the expected output of the archiver test.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/selftest/git-submodule-test: Default to https git protocol for YP/OE repos
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Use ";protocol=https" for the parent git submodule and, also, update the
SRCREV to point to a commit where submodules are reference through a
https:// URL instead of a git:// one.
Update the expected output of the archiver test.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
scripts: Default to https git protocol for YP/OE repos
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
build-appliance-image: switch SRC_URI to https protocol
Following up on commit 139102a73d41 ("recipes: Default to https git protocol where possible"),
> The recommendation from server maintainers is that the https protocol
> is both faster and more reliable than the dedicated git protocol at this point.
> Switch to it where possible.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/selftest/incompatible_lic: add wayland feature check for test needing it
When run with a distro without 'wayland' DISTRO_FEATURES:
2026-04-14 17:42:00,568 - oe-selftest - INFO - FAIL: test_core_image_full_cmdline_weston (incompatible_lic.NoGPL3InImagesTests.test_core_image_full_cmdline_weston)
2026-04-14 17:42:00,568 - oe-selftest - INFO - ----------------------------------------------------------------------
2026-04-14 17:42:00,568 - oe-selftest - INFO - Traceback (most recent call last):
File ".../openembedded-core/meta/lib/oeqa/selftest/cases/incompatible_lic.py", line 153, in test_core_image_full_cmdline_weston
bitbake('core-image-full-cmdline core-image-weston')
~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...
AssertionError: Command 'bitbake core-image-full-cmdline core-image-weston' returned non-zero exit status 1:
...
ERROR: Nothing PROVIDES 'core-image-weston'
core-image-weston was skipped: using DISTRO 'nodistro', which is missing required DISTRO_FEATURES: 'wayland'
This is caused by core-image-weston being skipped because it needs the
wayland DISTRO_FEATURES.
Note that this is not seen in testing because nodistro has wayland
enabled by default since 2e1e7c86064 (bitbake.conf: Enable opengl ptest multiarch wayland vulkan in DISTRO_FEATURES by default, 2026-02-21)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 16 Apr 2026 10:30:59 +0000 (11:30 +0100)]
libsoup: mark CVEs which have been resolved upstream
These issues have all been fixed in the 3.6.6 release that we have, but
the CPEs are unversioned. I've contacted NIST to update the database but
until that happens we can mark them as fixed.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 16 Apr 2026 10:30:58 +0000 (11:30 +0100)]
libsoup: actually apply patches for CVE-2025-32049 and CVE-2026-1539
The patches were added to SRC_URI before inheriting gnomebase, which
does SRC_URI = "...". This means the patches were never actually part of
SRC_URI, so never applied.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade the firmware package to latest release. Add qupv3fw
firmware for qcs615 and shikra, add adreno, audio and compute
package for DELL XPS13 9345, add audioreach firmware for Glymur
and arduino monza, add ISH firmware for Intel Wildcat Lake platform,
add lenovo ish firmware for X9-15 2025, X1 Carbon (Gen 14) and
X1 2-in-1 (Gen 11).
oeqa/selftest/sstatetests: add wayland feature check for test needing it
When run with a distro without 'wayland' DISTRO_FEATURES:
2026-04-14 17:42:00,568 - oe-selftest - INFO - FAIL: test_sstate_32_64_same_hash (sstatetests.SStateHashSameSigs.test_sstate_32_64_same_hash)
2026-04-14 17:42:00,568 - oe-selftest - INFO - ----------------------------------------------------------------------
2026-04-14 17:42:00,568 - oe-selftest - INFO - Traceback (most recent call last):
File ".../openembedded-core/meta/lib/oeqa/selftest/cases/sstatetests.py", line 407, in test_sstate_32_64_same_hash
self.sstate_hashtest("i686")
~~~~~~~~~~~~~~~~~~~~^^^^^^^^
File ".../openembedded-core/meta/lib/oeqa/core/decorator/__init__.py", line 35, in wrapped_f
return func(*args, **kwargs)
File ".../openembedded-core/meta/lib/oeqa/selftest/cases/sstatetests.py", line 371, in sstate_hashtest
bitbake("core-image-weston -S none")
~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...
AssertionError: Command 'bitbake core-image-weston -S none' returned non-zero exit status 1:
...
ERROR: Nothing PROVIDES 'core-image-weston'
core-image-weston was skipped: using DISTRO 'nodistro', which is missing required DISTRO_FEATURES: 'wayland'
This is caused by core-image-weston being skipped because it needs the
wayland DISTRO_FEATURES.
Note that this is not seen in testing because nodistro has wayland
enabled by default since 2e1e7c86064 (bitbake.conf: Enable opengl ptest multiarch wayland vulkan in DISTRO_FEATURES by default, 2026-02-21)
Ross Burton [Tue, 14 Apr 2026 16:15:30 +0000 (17:15 +0100)]
glib-networking: backport fixes for CVE-2025-60018 and CVE-2025-60019
CVE-2025-60018:
glib-networking's OpenSSL backend fails to properly check the return
value of a call to BIO_write(), resulting in an out of bounds read.
CVE-2205-60019:
glib-networking's OpenSSL backend fails to properly check the return
value of memory allocation routines. An out of memory condition could
potentially result in writing to an invalid memory location.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns_gethostbyaddr_r' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns_gethostbyaddr_r' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns4_gethostbyaddr_r' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns6_gethostbyaddr_r' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'NSSMDNS_0' to symbol '_nss_mdns_minimal_gethostbyaddr_r' failed: symbol not defined
weston-init: set require-outputs=none to allow startup without connected display
By default, Weston exits at startup if no output connector is reported
as connected by the DRM subsystem. On platforms where displays are
connected after boot via HPD (Hot Plug Detect), this causes the weston
service to be killed during early boot and remain down until manually
restarted.
Setting require-outputs=none in the [core] section instructs Weston to
start and remain running even when no connector is active at boot time.
When a display is subsequently hotplugged and HPD is asserted, Weston
automatically picks up the new connector and brings up the output without
requiring a service restart.
kernel-fit-image: Fix support for initramfs multiconfig
In the transition from kernel-fitimage.bbclass a fix for initramfs
multiconfig was partly reverted, maybe because the default value for
INITRAMFS_DEPLOY_DIR_IMAGE is only set in kernel.bbclass and therefore
not accessible in kernel-fit-image.bbclass.
This fix introduces INITRAMFS_DEPLOY_DIR_IMAGE in kernel-fit-image.bbclass,
so initramfs multiconfig works as expected.
LLD is stricter with version scripts
This is a classic LLD vs GNU ld compatibility issue with
version scripts. LLD is stricter than GNU ld — by default
it treats unmatched version script symbols as hard
errors, whereas GNU ld silently ignores them.
What's happening is that the version script
e.g. map.pa, declares symbols like pa_glib_mainloop_new
under PULSE_0, but those symbols aren't being compiled
into the current library target.
Sunil Dora [Mon, 13 Apr 2026 07:04:57 +0000 (00:04 -0700)]
rust: enable fully static linking with TCLIBC=musl
Fixes [YOCTO #16076]
Rust binaries built with TCLIBC=musl and
-C target-feature=+crt-static were still dynamically linked.
Fix this by addressing three issues:
1) Set crt-static-respected in the generated musl target spec
so rustc honors +crt-static. [1]
2) Add the target sysroot library path to the linker flags so
libunwind.a can be found.
3) Use LLVM libunwind for musl:
- GNU libunwind does not provide static libraries in OE
and lacks required _Unwind_* symbols on some architectures [2]
- libgcc_eh depends on pthread and cannot be used for fully
static linking with musl
- LLVM libunwind provides the required symbols without
additional dependencies
Install LLVM libunwind from libcxx and switch libstd-rs
to depend on libcxx for musl.
Also remove the obsolete DEPENDS:remove:riscv32/riscv64 = "libunwind"
lines added in 2021 when riscv musl support was still being patched.
LLVM libunwind supports both riscv32 and riscv64 - verified locally.
riscv32 support was upstreamed at [3].
Add a selftest to verify that produced binaries are statically linked.
Martin Jansa [Fri, 10 Apr 2026 08:26:54 +0000 (10:26 +0200)]
dbus: use ${PN} in pkg_postinst instead of 'dbus'
All pkg_postinst in oe-core where the package name matches the recipe
name use ${PN} already.
We have a bbclass used by some recipes which does:
pkg_postinst:${PN}:append()
which works reasonably well for most of the recipes, except for dbus
where it causes:
oe-pkgdata-util: improve lookup-pkg error for RPROVIDES packages
When a package is not found by 'oe-pkgdata-util lookup-pkg', the error
message provides no guidance on what went wrong or where to look.
Improve the error message by checking the runtime-rprovides directory
for the missing package. If the package exists in RPROVIDES:
- If the provider package was generated, suggest looking up the actual
package name instead.
- If the provider package was not generated (e.g. empty package or
disabled by PACKAGECONFIG), inform the user which recipe provides it
and that it was not generated.
This helps users quickly identify the correct package name or
understand why a package is missing from their build.
Before:
ERROR: The following packages could not be found: eglibc
After:
ERROR: eglibc is in the RPROVIDES of glibc (recipe: glibc), try
looking up 'glibc' instead
Peter Marko [Tue, 14 Apr 2026 14:32:54 +0000 (16:32 +0200)]
mpg123: set status for CVE-2006-3355
This CVE has only cpe version which is considered invalid:
* cpe:2.3:a:mpg123:mpg123:pre0.59s_r11:*:*:*:*:*:*:*
This means that the fixed version is unknown and thus all versions are
considered to be vulnerable.
Since the vulnerability was fixed in old version 0.59s_r11, mark it as
fixed.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/selftest/devtool: add vulkan feature check for test needing it
When run with a distro without 'vulkan' DISTRO_FEATURES:
$ oe-selftest -r devtool.DevtoolUpdateTests.test_devtool_git_submodules
2026-04-14 14:36:57,036 - oe-selftest - INFO - test_devtool_git_submodules (devtool.DevtoolUpdateTests.test_devtool_git_submodules)
vulkan-samples is unavailable:
vulkan-samples was skipped: using DISTRO 'nodistro', which is missing required DISTRO_FEATURES: 'vulkan'
2026-04-14 14:37:13,002 - oe-selftest - INFO - ... ERROR
2026-04-14 14:37:13,002 - oe-selftest - INFO - Traceback (most recent call last):
File "/.../openembedded-core/meta/lib/oeqa/selftest/cases/devtool.py", line 1695, in test_devtool_git_submodules
self.assertIn('gitsm://', src_uri, 'This test expects the %s recipe to be a git recipe with submodules' % recipe)
~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.13/unittest/case.py", line 1171, in assertIn
if member not in container:
^^^^^^^^^^^^^^^^^^^^^^^
TypeError: argument of type 'NoneType' is not iterable
This is caused by vulkan-samples being skipped because it needs the
vulkan DISTRO_FEATURES.
Note that this is not seen in testing because nodistro has vulkan
enabled by default since 2e1e7c86064 (bitbake.conf: Enable opengl ptest multiarch wayland vulkan in DISTRO_FEATURES by default, 2026-02-21)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Replace patches 0008 and 0033 with a single consolidated patch (0041)
that fixes native build breakage.
The original patches unconditionally changed the runtime library search
base from ResourceDir to SysRoot, which breaks native/standalone builds
where SysRoot is empty (e.g., PGO bootstrap fails to find
libclang_rt.profile.a). The new patch uses SysRoot-based paths only
during cross-compilation and falls back to the upstream default
ResourceDir for native builds.
Signed-off-by: mark.yang <mark.yang@lge.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Mon, 13 Apr 2026 21:14:46 +0000 (23:14 +0200)]
ovmf: set status for CVE-2024-1298
cvelistV5 uses full tag name (edk2-stable202405) while NVD uses only
version (202405).
Since NVD CPE is not yet available, cvelistV5 marks it at not patched
yet because the string sorts after the version.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Wed, 15 Apr 2026 18:09:34 +0000 (20:09 +0200)]
kea: upgrade 3.0.2 -> 3.0.3
Solves CVE-2026-3608.
License-Update: copyright years refreshed
Release notes [1]:
Welcome to Kea 3.0.3, a vulnerability release of the stable 3.0 series.
This supersedes the previous release, version 3.0.2.
1. **Vulnerability**: We addressed an issue, which was assigned
CVE-2026-3608, where a large number of bracket pairs in a JSON payload
directed to any endpoint would result in a stack overflow, due to
recursive calls when parsing the JSON [#4275, #4288, #4387]. Since the
exploit does not require the JSON request to have the full syntax of a
valid command, it bypasses RBAC and the command filters on the
High-Availability endpoints.
2. **Security**: A null dereference is now no longer possible when
configuring the Control Agent with a socket that lacks the mandatory
socket-name entry [#4388, #4365].
3. **Permissions**: UNIX sockets are now created as group-writable
[#4398, #4260]. This allows users belonging to the group to send
commands to the UNIX sockets. In particular, it allows Stork 2.4.0 and
above to detect the Kea daemon.
Ross Burton [Wed, 15 Apr 2026 15:27:41 +0000 (16:27 +0100)]
rsync: always use the system zlib
There's nothing gained by adding an option to use the vendored zlib
apart from the chance of accidentally not using it, so remove the
PACKAGECONFIG and just explicitly depend on zlib.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core.git / log
