| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
| |
FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library
allowing for an integer overflow, potentially resulting in a denial-of-service
(DoS) condition or other undefined behavior.
(From OE-Core rev: 5661bac10db7e20064c10660c47c361b7d2418ee)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
| |
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c
component of FFmpeg, specifically within the new_stream_audio function.
(From OE-Core rev: 051bc7afc01e72d5ef0fc14683689ab45e4eaab8)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 0e9cc7e9ad5c8bbd7f12a192bff103c118d7f7bb)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 1c848b4104ee0ba9b07cdb424bb829d14f9982d7)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Originally written by Richard Purdie, but formatted in rst syntax and
slight rephrasing.
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: 65235b647a855c0ffc8aa71e06b05b78d62ba773)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 110690bee14f7263a5a34145e91e4450ec3bf4e6)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
| |
(From yocto-docs rev: 103b6955a11d7ece345ac0169317b8a8b8e8a0d9)
Signed-off-by: "Simon A. Eugster" <simon.eu@gmail.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit e6745669cc26de8f61d5d1ccdd5a95b552eece97)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were two issues here:
- the path to native python was not included, so the test
suite was running with host python, causing failures due to
host python being given native libraries:
https://autobuilder.yoctoproject.org/typhoon/#/builders/148/builds/1711/steps/12/logs/stdio
(rust recipe uses native python throughout)
- tmp/hosttools was listead ahead of native-sysroot/usr/bin
(From OE-Core rev: 72156282059aa5a013a386eb95f89dc38726326e)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit aec96b5aec8d6b4a5ae8a719ca05bb727a6197cb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per "The rustc book"[1], mips*-unknown-linux-* are "tier 3" targets:
Tier 3 targets are those which the Rust codebase has support for, but
which the Rust project does not build or test automatically, so they
may or may not work.
We already skip qemumips in this selftest, but we're now also seeing
failures with qemumips64 so refactor the test to skip all machines where
the architecture is mips or mips64.
[1] https://doc.rust-lang.org/nightly/rustc/platform-support.html
(From OE-Core rev: 681f5ea8d6a5050aebfb1f656da9ba679433e366)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 177e268811c04260923ac4b16fa047315304add0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The do_testsdk for lib32-core-image-sato aborts with below error:
configure: error: Package requirements (gtk+-3.0) were not met:
No package 'gtk+-3.0' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix.
This causes due to an absolute path name in 'sdk_env', which is now stripped to have only the environment name.
Backport from oe-core master: https://git.openembedded.org/openembedded-core/commit/?id=386e4132a9ced75599d92610cf5c0e8fe907c3b6
(From OE-Core rev: 83c3e40e2361d771a724062e38a1349b87059c75)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
YOCTO [#15061]
The rust target and linker are getting setting from the sdk environment and
so the config file is not needed. The redundant config file geneartion is removed.
Backport from oe-core master: https://git.openembedded.org/openembedded-core/commit/?id=d5f78816d2ad0f3e43ce883eef199d1683cfcbb4
(From OE-Core rev: 12fd08cf4009d0284ab951cc48a479dcbc74db42)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
YOCTO [#15061]
The rust sdk installs both 'rust.sh' and 'cargo.sh' for lib32 and lib64 in the same location.
This causes below error while installing the lib32 & lib64 binaries:
Error: Transaction test error:
file /usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-pokysdk-linux/environment-setup.d/cargo.sh
conflicts between attempted installs of rust-cross-canadian-arm-1.67.1-r0.x86_64_nativesdk and
rust-cross-canadian-aarch64-1.67.1-r0.x86_64_nativesdk
file /usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-pokysdk-linux/environment-setup.d/rust.sh
conflicts between attempted installs of rust-cross-canadian-arm-1.67.1-r0.x86_64_nativesdk and
rust-cross-canadian-aarch64-1.67.1-r0.x86_64_nativesdk
ERROR: Task (virtual:multilib:lib32:/media/build/poky/meta/recipes-sato/images/core-image-sato.bb:do_populate_sdk)
failed with exit code '1'
The change includes:
- Prepending '${RUST_TARGET_SYS}' to 'rust.sh' to differentiate between target systems.
- Moving the non-target-specific environment variables to 'nativesdk-cargo' and 'nativesdk-rust',
instead of being managed by the cross-canadian recipe.
Backport from oe-core master: https://git.openembedded.org/openembedded-core/commit/?id=40eb4bfe2f100ba5301046ca25110fcc55a640bb
(From OE-Core rev: 889cda30baccd43e5c82b38752b462aef4ce626c)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As a user i want to override `RUSTLIB` path on a bbclass, lets
call it `XYZ.bbclass`.
If a certain recipe inherits `cargo.bbclass` and `XYZ.bbclass` the
value of `RUSTLIB` is dependent on the order of the inherit.
If `cargo.bbclass` is inherit before `XYZ.bbclass` this will reflect
the desired value of `RUSTLIB`, on the oposite, if the `XYZ.bbclass`
is inherit before `cargo.bbclass` then the `RUSTLIB` defined on
`rust-common.bbclass` will prevail.
Changed definition of `RUSTLIB` to soft assignment to make it overridable.
(From OE-Core rev: b71da7dd831d768d829c74f6137152f2ca6141b0)
Signed-off-by: Pedro Silva Ferreira <Pedro.Silva.Ferreira@criticaltechworks.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
(cherry picked from commit 6eeb832f73ffb48f5f05dc47191f60e4599e640f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$EXTRA_NATIVE_PKGCONFIG_PATH
This was prompted by working on librsvg update: the new meson-driven
version wants to query values from .pc files residing in its own
build directory, and modifies PKG_CONFIG_PATH accordingly.
When using the pkg-config-native wrapper such modifications
have no effect, and we have to pass them in manually
from the recipe via EXTRA_NATIVE_PKGCONFIG_PATH variable.
This variable is already defined (with an empty value) and
appended to PKG_CONFIG_PATH export in the native class, so this
simply extends its use to the wrapper.
(Appending to PKG_CONFIG_PATH in the wrapper, instead of resetting it,
is not an option as that can lead to contamination with the cross values).
(From OE-Core rev: 2bc050146d47b14d890a1b0db2b55f9057a08b65)
(From OE-Core rev: 104737073bd553b9cf93db7ed9575fd50ba6c973)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Chris Laplante <chris.laplante@agilent.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dlltool
During the execution of the command: i686-w64-mingw32-dlltool
--input-def $def_filepath --output-delaylib $filepath --dllname qemu.exe
An error occurred:
i686-w64-mingw32-dlltool: failed to open temporary head file: ..._w64_mingw32_nativesdk_qemu_8_2_2_build_plugins_libqemu_plugin_api_a_h.s
Due to the path length exceeding the Linux system's file name length
limit (NAME_MAX=255), the temporary file name generated by the
i686-w64-mingw32-dlltool command becomes too long to open. To address
this, a new temporary file name prefix is generated using tmp_prefix =
prefix_encode ("d", getpid()), ensuring that the file name does not
exceed the system's length limit.
Allow for "snnnnn.o" suffix when testing against NAME_MAX, and tidy
TMP_STUB handling by overwriting a prior nnnnn.o string rather than
copying the entire name.
(From OE-Core rev: 617df4ee1d6523ded43f156af8206dfca2c0c8ee)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The RequiresMountsFor configuration option of systemd.unit (added in
systemd version 201) not only adds the Requires and After options for
the required mount unit, but it adds them for all mount units required
to access the specified path.
So this change is both a simplification, and an improvement.
Not only will all needed mount units be added to Requires and After, but
the overlay path does not have to be a mountpoint, but can be at any
directory level beneath a mountpoint.
(From OE-Core rev: e00920c55a44058e8d2b063bf865df11e59a6185)
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
(cherry picked from commit fa2422232a143b21aeea3728abca82100946dbc4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Having something like
Starting Overlayfs directories setup /home...
Starting Overlayfs directories setup /root...
Finished Overlayfs directories setup /home.
Finished Overlayfs directories setup /root.
Mounting Overlayfs mount unit /home...
Mounting Overlayfs mount unit /root...
Mounted Overlayfs mount unit /root.
Mounted Overlayfs mount unit /home.
is much more informative than
Starting Overlayfs directories setup...
Starting Overlayfs directories setup...
Finished Overlayfs directories setup.
Finished Overlayfs directories setup.
Mounting Overlayfs mount unit...
Mounting Overlayfs mount unit...
Mounted Overlayfs mount unit.
Mounted Overlayfs mount unit.
Especially as the number of overlayfs mount units increase.
(From OE-Core rev: 9eb6c41e1c5411193a19e73af81f628171b01407)
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7308b4fc6f51bdf2b8f3b7899ff3758c5968e418)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
* gpg,gpgv: New option --assert-pubkey-algo.
* gpg: Emit status lines for errors in the compression layer.
* gpg: Fix invocation with --trusted-keys and --no-options.
* gpgsm: Allow for a longer salt in PKCS#12 files.
* gpgtar: Make --status-fd=2 work on Windows.
* scd: Support for the ACR-122U NFC reader.
* scd: Suport D-TRUST ECC cards.
* scd: Allow auto detaching of kernel drivers; can be disabled with
the new compatibility-flag ccid-no-auto-detach.
* scd: Allow setting a PIN length of 6 also with a reset code for
openpgp cards.
* agent: Allow GET_PASSPHRASE in restricted mode.
* dirmngr: Trust system's root CAs for checking CRL issuers.
* dirmngr: Fix regression in 2.4.4 in fetching keys via hkps.
* gpg-wks-client: Make option --mirror work properly w/o specifying
domains.
* g13,gpg-wks-client: Allow command style options as in "g13 mount
foo".
* Allow tilde expansion for the foo-program options.
* Make the getswdb.sh tool usable outside the GnuPG tree.
(From OE-Core rev: a596d0e3802486dce9eeee2a9cbfdc6372a182d5)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Solves CVE-2025-0395
git log:
662516aca8 stdlib: Test using setenv with updated environ [BZ #32588]
1432850ad8 malloc: obscure calloc use in tst-calloc
c1f7bfbe08 Hide all malloc functions from compiler [BZ #32366]
808a84a8b8 Fix underallocation of abort_msg_s struct (CVE-2025-0395)
994b129a35 x86/string: Fixup alignment of main loop in str{n}cmp-evex [BZ #32212]
61daaa7639 x86: Improve large memset perf with non-temporal stores [RHEL-29312]
2c8a7f14fa x86: Avoid integer truncation with large cache sizes (bug 32470)
2c882bf9c1 math: Exclude internal math symbols for tests [BZ #32414]
51da74a97e malloc: add indirection for malloc(-like) functions in tests [BZ #32366]
aa8768999e Pass -nostdlib -nostartfiles together with -r [BZ #31753]
350db28393 nptl: initialize cpu_id_start prior to rseq registration
9a0e174a39 nptl: initialize rseq area prior to registration
test results:
Before After Diff
FAIL 208 210 +2
PASS 4906 4905 -1
UNSUPPORTED 230 230 0
XFAIL 16 16 0
XPASS 4 4 0
failed test changes:
- nptl/tst-mutexpi8-static
- stdlib/tst-qsort4
+ malloc/tst-dynarray-fail-mem
+ malloc/tst-malloc_info
+ malloc/tst-malloc_info-malloc-check
+ malloc/tst-malloc_info-malloc-hugetlb2
(From OE-Core rev: 54181d6ca63a720dcebb241892e76e9cdd75260c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Below commits on binutils-2.42 stable branch are updated.
758a2290dbd PR32387 ppc64 TLS optimization bug with -fno-plt code
ed489bf1574 s390: Add arch15 Concurrent-Functions Facility insns
64e8e16a906 s390: Add arch15 instruction names
Tested on qemux86_64.
There were no additional PASS or FAIL after the update
(From OE-Core rev: 6ce232df15834cae44f3eda0f786132086afb76e)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[ YOCTO #14747 ]
Adding a initramfs is a common task, and the way oe-core offers to do so
is by using the initramfs-framework recipe and companion modules. There
was already documentation on adding an initramfs but the documentation
was lacking details on this framework. Add it before the multiconfig
section because it is a bit more important IMO.
Reported-by: Alejandro <alejandro@enedino.org>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: e1aa69d00e20a5d3c948c430ed10eb01e7baa574)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit caedbca4eced4cf5bc74aaae64e4ad2887c2fc65)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We document how to add ptest support for a recipe by inheriting the
ptest class. We may as well tell the user to inherit a ptest class for a
common framework which does most of the job for you.
Suggested-by: Quentin Schulz <quentin.schulz@cherry.de>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: 96645900c93abb95419f81e1553d988f3f68dc6a)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 411b18e489a97ea4cde05613cdd4c86deb0cb8cb)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The devtool ide-sdk section is reformulated to be independent of the
eSDK installer. In fact, ide-sdk does not even support the execution
of an installer-based setup.
This reformulation is also a preparation for moving the devtool
documentation to a dedicated devtool section which is independent from
the eSDK documentation.
It should be clarified that devtool ide-sdk starts the SDK directly
from the bitbake environment. It is therefore an alternative to
bitbake -c populate_sdk_ext and installing an SDK installer.
A warning is added that explains some workarounds for some nasty
behavior of VSCode when running it in a bitbake environment.
(From yocto-docs rev: 87b37eabd1db05d9cb3f689cf43f1e6f4d649a97)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Reviewed-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 287817f33688d61f7a71c056bfa5c645edb4fc4e)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
How to reproduce:
- UBOOT_CONFIG must be used. With UBOOT_MACHINE it works fine.
A simple example based on oe-core is to modify the
beaglebone-yocto.conf file like this:
-UBOOT_MACHINE = "am335x_evm_defconfig"
+UBOOT_CONFIG = "foo"
+UBOOT_CONFIG[foo] = "am335x_evm_defconfig"
- A build configuration which inherits the kernel-fitimage.bbclass is
needed. For example:
MACHINE = "beaglebone-yocto"
KERNEL_IMAGETYPE = "Image"
KERNEL_IMAGETYPES += " fitImage "
KERNEL_CLASSES = " kernel-fitimage "
devtool modify linux-yocto
devtool build linux-yocto
...
| cp: cannot stat '.../linux-yocto-6.6.21+git/am335x_evm_defconfig/.config':
No such file or directory
| WARNING: .../linux-yocto/6.6.21+git/temp/run.do_configure.2081673:172 exit 1
from 'cp .../linux-yocto-6.6.21+git/am335x_evm_defconfig/.config
.../build/workspace/sources/linux-yocto/.config.baseline'
The reason for this problem is that the uboot-config.bbclass sets the
variable KCONFIG_CONFIG_ROOTDIR to a path that makes sense for u-boot,
but not for other recipes. However, the kernel-fitimage.bbclasse, for
example, inherits the uboot-config.bbclass, which brings the
u-boot-specific path into the kernel build context.
This change removes the uboot-specific KCONFIG_CONFIG_ROOTDIR path from
recipes other than u-boot itself.
(From OE-Core rev: 37835788d0772568f3551532eacbf810a4a6e47b)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from b23581a22619c52724c8e078f29e871e2ee74259)
Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ide-sdk command bootstraps the SDK from the bitbake environment
before the IDE configuration is generated. In the case of the eSDK
installer, the bootstrapping is performed during the installation of
the eSDK installer. Running the ide-sdk plugin from an eSDK installer
based setup would require skipping the bootstrapping and probably taking
some other differences into account when generating the IDE
configurations.
This would be possible. But it will probably never be implemented, as
running devtool ide-sdk directly from the bitbake environment is much
more flexible.
Also, some of the recent improvements that have made it into the core
have the potential to make the eSDK installer obsolete at some point in
the future:
- bitbake-layers create-layers-setup replicates the layers
- bitbake-config-build replicates the build configuration
- The new sstate mirror features replicate the sstate
- bblock locks the sstate more flexible than the eSDK installer
- devtool ide-sdk bootstraps the SDK directly from the bitbake
environment. The same environment-setup... file is provided with
--mode=shared.
The devtool modify based workflow is supported since always by devtool
and also the default --mode of devtool ide-sdk.
These functions essentially cover what the eSDK installer does without
a need for the current implementation of the eSDK installer and the
populate_sdk_ext, which is hard to maintain and takes a lot of time to
build.
This means that instead of making the ide-sdk plugin compatible with the
eSDK installer, we should rather replace the current implementation of
the eSDK installer and populate_sdk_ext with an implementation that can
replicate a normal bitbake environment in a convenient way where the
ide-sdk plugin also just works without additional complexity.
(From OE-Core rev: f50306ea3e174b8db46b20b68a7ac4299a69f50d)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 1528d6aa060811402eaecb1a9fe16bfec0417c98)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The debug_build_config function was never called. Compiling with debug
optimized compiler flags was not working. Even with the
--debug-build-config flag set, the build configuration from the recipe
was used.
The devtool ide-sdk --debug-build-config approach didn't work very well
anyway. The problem is that changing the bbappend file doesn't work
while bitbake uses the bbappend file. As a workaround, it would be
possible to parse the recipe, get DEBUG_BUILD and the path to the append
file, exit tinfoil, change the bbappend file, reopen tinfoil and do what
ide-sdk is supposed to do. Such an implementation would be complicated
and slow.
Therefore, the code that was originally supposed to implement this is
removed from ide-sdk and the new --debug-build function of devtool
modify is used instead. Additionally, a hint should be given on how to
manually add DEBUG_BUILD = '1' to bbappend.
This is compatible with the VSCode Bitbake plug-in, which does not
support this parameter anyway.
(From OE-Core rev: 23795962683c792347a17854fb0521734497d4a8)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Sort the keys of the generated CMakeUserPreset.json file to make it
easier to search and compare.
(From OE-Core rev: b12dbde1ea30dd0fc1dd9352de948b8377c347fa)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new option --debug-builds to automatically add DEBUG_BUILD = “1”
to the bbappend file of this recipe. This is especially useful when
invoking devtool modify before invoking devtool ide-sdk to perform a
remote debugging session.
(From OE-Core rev: fa30d8dd71393e10aa678c6e938c23d486b336c6)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
UBOOT_ENV enabled
In case both UBOOT_SIGN_ENABLE and UBOOT_ENV are enabled and
kernel-fitimage.bbclass is in use to generate signed kernel
fitImage, there is a circular dependency between uboot-sign
and kernel-fitimage bbclasses . The loop looks like this:
kernel-fitimage.bbclass:
- do_populate_sysroot depends on do_assemble_fitimage
- do_assemble_fitimage depends on virtual/bootloader:do_populate_sysroot
- virtual/bootloader:do_populate_sysroot depends on virtual/bootloader:do_install
=> The virtual/bootloader:do_install installs and the
virtual/bootloader:do_populate_sysroot places into
sysroot an U-Boot environment script embedded into
kernel fitImage during do_assemble_fitimage run .
uboot-sign.bbclass:
- DEPENDS on KERNEL_PN, which is really virtual/kernel. More accurately
- do_deploy depends on do_uboot_assemble_fitimage
- do_install depends on do_uboot_assemble_fitimage
- do_uboot_assemble_fitimage depends on virtual/kernel:do_populate_sysroot
=> do_install depends on virtual/kernel:do_populate_sysroot
=> virtual/bootloader:do_install depends on virtual/kernel:do_populate_sysroot
virtual/kernel:do_populate_sysroot depends on virtual/bootloader:do_install
Attempt to resolve the loop. Pull fitimage configuration options into separate
new configuration file image-fitimage.conf so these configuration options can
be shared by both uboot-sign.bbclass and kernel-fitimage.bbclass, and make use
of mkimage -f auto-conf / mkimage -f auto option to insert /signature node key-*
subnode into U-Boot control DT without depending on the layout of kernel fitImage
itself. This is perfectly valid to do, because the U-Boot /signature node key-*
subnodes 'required' property can contain either of two values, 'conf' or 'image'
to authenticate either selected configuration or all of images when booting the
fitImage.
For details of the U-Boot fitImage signing process, see:
https://docs.u-boot.org/en/latest/usage/fit/signature.html
For details of mkimage -f auto-conf and -f auto, see:
https://manpages.debian.org/experimental/u-boot-tools/mkimage.1.en.html#EXAMPLES
(From OE-Core rev: 259bfa86f384206f0d0a96a5b84887186c5f689e)
Fixes: 5e12dc911d0c ("u-boot: Rework signing to remove interdependencies")
Reviewed-by: Adrian Freihofer <adrian.freihofer@siemens.com>
(From OE-Core rev: d7bd9c6276611c8c8de0c2a24947783eae5d932a)
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to latest 1.22.x release [1]:
$ git --no-pager log --oneline go1.22.10..go1.22.11
f072884354 (tag: go1.22.11) [release-branch.go1.22] go1.22.11
b72d56f98d [release-branch.go1.22] net/http: persist header stripping across repeated redirects
19d2103415 [release-branch.go1.22] crypto/x509: properly check for IPv6 hosts in URIs
ae9996f965 [release-branch.go1.22] runtime: hold traceAcquire across casgstatus in injectglist
223260bc63 [release-branch.go1.22] crypto/tls: fix Config.Time in tests using expired certificates
Fixes CVE-2024-45336 and CVE-2024-45341
[1] https://github.com/golang/go/compare/go1.22.10...go1.22.11
(From OE-Core rev: 4589986602319f9ed61e381b333bb53b731eb8d8)
(From OE-Core rev: 35bf053cd41d53a764ef3a2de3e7cb1e6c81109f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to latest 1.22.x release [1]:
$ git --no-pager log --oneline go1.22.9..go1.22.10
8f3f22eef8 (tag: go1.22.10) [release-branch.go1.22] go1.22.10
6d7a95abca [release-branch.go1.22] runtime: reserve 4kB for system stack on windows-386
6f05fa7a4f [release-branch.go1.22] syscall: mark SyscallN as noescape
3355db9690 [release-branch.go1.22] time: accept "+01" in TestLoadFixed on OpenBSD
[1] https://github.com/golang/go/compare/go1.22.9...go1.22.10
(From OE-Core rev: e357c93b39df938dc36195dbd779a58b2951b8e6)
(From OE-Core rev: 4d35279eed634f5e2b25c23dddbfb213c4943c30)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to latest 1.22.x release [1]:
$ git --no-pager log --oneline go1.22.8..go1.22.9
8af39d30a4 (tag: go1.22.9) [release-branch.go1.22] go1.22.9
c19e5887f4 [release-branch.go1.22] cmd/cgo/internal/testcarchive: remove 1-minute timeout
e3fd4ba7f9 [release-branch.go1.22] cmd/link: generate Mach-O UUID when -B flag is specified
29252e4c5a [release-branch.go1.22] runtime: fix TestGdbAutotmpTypes on gdb version 15
[1] https://github.com/golang/go/compare/go1.22.8...go1.22.9
(From OE-Core rev: 4f2f202506bcefb4d6c46a11738e159e261a4a4b)
(From OE-Core rev: a424422df978e267f21938bb290f35035e658d0a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The update includes 156 commits. Full list of changes can be found on Github [1]
All patches were refreshed with devtool. One patch had to be manually
rebased to resolve a merge conflict introduced with 255.14 [2].
[1] https://github.com/systemd/systemd-stable/compare/v255.13...v255.17
[2] 0003-src-basic-missing.h-check-for-missing-strndupa.patch
(From OE-Core rev: 57ca5a2c912fcc4836f263ff2b98c9de2130f324)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Picked [1] per link in [2]
[1] https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65
[2] https://nvd.nist.gov/vuln/detail/CVE-2024-13176
(From OE-Core rev: 7f9bb49394185fea268397db4fc7d96afae53f28)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
| |
(From OE-Core rev: 62cb12967391db709315820d48853ffa4c6b4740)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This does not seem to be used in regular builds, but is beneficial
in rust selftest, where it allows dropping a custom patch
that is unsuitable for upstream (and was rejected by them).
Also remove an obsolete comment that seems related to the code
but describes something that was resolved long time ago.
I have confirmed that the rust selftest continues to pass with just
this one commit on top of master (as the following changes do break
the selftest).
(From OE-Core rev: 9b23f995fbc1886c36f02b0c6e1ccaf2ee0f6daa)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bf5732e2b235ce06fa1f24fe8f0dbcbc068500e3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise, use rust-native and cargo-native binaries as that allows
our native tweaks in them to be used for target/nativesdk rust -
same as for everything else written in rust.
In particular, this allows building target rust with
cargo-native that includes important reproducibility tweaks.
Unfortunately, this also breaks rust selftest, and that
is partially addressed by the following commit.
[YOCTO #15185]
(From OE-Core rev: d592bc02b0846411796c1d481c09833559d1d29f)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8f2230cb51fe22ef4711a56fecfab4858c04e35b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Setting it explicitly replaces rust's default choice which is rustdoc
(needed for example in selftests and otherwise expected to be present
in typical rust installations):
https://github.com/rust-lang/rust/blob/master/config.example.toml#L320
This addresses some of the rust selftest failures but not all. Help
is appreciate to restore the selftest.
Unfortunately, this also breaks rust reproducibility (or rather exposes
that it was never properly fixed, as explained here:
https://lists.openembedded.org/g/openembedded-core/message/199288
)
(From OE-Core rev: 4d739fe248d1023eb2c3c040fc4d33273dd16bc1)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 58eaf2ee6c0809bf0a0d3c1d177e62bda7241651)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
| |
This reverts commit 136a25567499191b23a4d000a06bf83a473224ca.
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
| |
(From OE-Core rev: 3c31639dd53e32e57af64d50ad168f5c3911c299)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
| |
(From meta-yocto rev: 03c7935bcdb15fd903d26828085d49c00267b8d9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
| |
Change the SRC_URI to the correct value due to the following error:
WARNING: boost-native-1.84.0-r0 do_fetch: Checksum failure encountered with download of https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.bz2 - will attempt other sources if available
(From OE-Core rev: 7ecd0d5584b7692b58ac8039b4107c4e0836d553)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[YOCTO #15600]
The TARGET_C_INT_WIDTH value was incorrectly set to 64 instead of 32.
It is updated for PPC, Mips, and riscv64 architectures.
Discussion links for solution:
https://lists.openembedded.org/g/openembedded-core/message/207486
https://lists.openembedded.org/g/openembedded-core/message/207496
(From OE-Core rev: 0e02d0feba8bd48a27c41db875dcd33d46e4dc0d)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b9df8cd8b29064d115dab3bfd1ea14f94a5c0238)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in rsync. This vulnerability arises from a race condition during
rsync's handling of symbolic links. Rsync's default behavior when encountering
symbolic links is to skip them. If an attacker replaced a regular file with a
symbolic link at the right time, it was possible to bypass the default behavior
and traverse symbolic links. Depending on the privileges of the rsync process,
an attacker could leak sensitive information, potentially leading to privilege escalation.
(From OE-Core rev: e85beb88add5e94567d7221e00cabfb3d5010be7)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in rsync. When using the `--safe-links` option, rsync fails to
properly verify if a symbolic link destination contains another symbolic link within it.
This results in a path traversal vulnerability, which may lead to arbitrary file write
outside the desired directory.
(From OE-Core rev: dad4a83c011310872cce07fc4141e66a98439cb1)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A path traversal vulnerability exists in rsync. It stems from behavior enabled
by the `--inc-recursive` option, a default-enabled option for many client options
and can be enabled by the server even if not explicitly enabled by the client.
When using the `--inc-recursive` option, a lack of proper symlink verification
coupled with deduplication checks occurring on a per-file-list basis could allow
a server to write files outside of the client's intended destination directory.
A malicious server could write malicious files to arbitrary locations named after
valid directories/paths on the client.
(From OE-Core rev: c34cbef572e18c60bb7600fda370d6c46688c7b3)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in rsync. It could allow a server to enumerate the contents of an
arbitrary file from the client's machine. This issue occurs when files are being
copied from a client to a server. During this process, the rsync server will send
checksums of local data to the client to compare with in order to determine what
data needs to be sent to the server. By sending specially constructed checksum values
for arbitrary files, an attacker may be able to reconstruct the data of those files
byte-by-byte based on the responses from the client.
(From OE-Core rev: 19f4e7bd965c63f19cc756e6e2bf8f58d9e1dc8d)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the rsync daemon which could be triggered when rsync compares
file checksums. This flaw allows an attacker to manipulate the checksum length
(s2length) to cause a comparison between a checksum and uninitialized memory and
leak one byte of uninitialized stack data at a time.
(From OE-Core rev: fb8439e856d5ea10d12180020a14442c3b101e56)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due
to improper handling of attacker-controlled checksum lengths (s2length) in the code.
When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write
out of bounds in the sum2 buffer.
(From OE-Core rev: ad0e13912b17ca19ffbd7ea6a366f7c968517fb2)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
>From git 2.48 release notes:
"""
When "git fetch $remote" notices that refs/remotes/$remote/HEAD is
missing and discovers what branch the other side points with its
HEAD, refs/remotes/$remote/HEAD is updated to point to it.
"""
This means with git 2.48 onwards, there is a mystery "HEAD" revision
appearing in some of our shallow clone tests. We can avoid this by
using the same canonicalization as used for the reference revisions.
This resolves autobuilder failures on the Fedora 40 workers.
(Bitbake rev: aa0e540fc31a1c26839efd2c7785a751ce24ebfb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c83444d1210740e27b1744d3aa7c5cad4e28db2f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't run reproducible-builds on specific distros anymore, but on a
distro at random depending on what is available on the Autobuilder. Fix
the link to this builder and remove distro specific ones.
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(From yocto-docs rev: bb9e018adcc10c642f87d0b95432783b5eb8057b)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
(cherry picked from commit 8bd2bc3c00ca80f4c000a2a8d618a9f8ea3aa54b)
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|