summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* linux-yocto/6.6: update to v6.6.36Bruce Ashfield2024-08-033-20/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating linux-yocto/6.6 to the latest korg -stable release that comprises the following commits: f71bb11887ba cpu/amd: inhibit SMP check for qemux86 61945f2f69d0 Linux 6.6.36 b3f7525556fb Revert "mm: mmap: allow for the maximum number of bits for randomizing mmap_base by default" 9de62e88310c hid: asus: asus_report_fixup: fix potential read out of bounds 25f8b9a7811a kprobe/ftrace: fix build error due to bad function definition a08936934676 net/sched: unregister lockdep keys in qdisc_create/qdisc_alloc error path b552a47cc81b ASoC: Intel: sof-sdw: really remove FOUR_SPEAKER quirk 56aa62ff36f3 drm/amd/display: revert Exit idle optimizations before HDCP execution 988a03e31e07 LoongArch: Fix entry point in kernel image header eae6e7dbd1b6 efi/loongarch: Directly position the loaded image file d9a5d5c49306 vgacon: rework screen_info #ifdef checks 05f263c166ad riscv: force PAGE_SIZE linear mapping if debug_pagealloc is enabled 5f03d4f286b8 riscv: Don't use PGD entries for the linear mapping 65ac09c96588 x86/cpu: Fix x86_match_cpu() to match just X86_VENDOR_INTEL 71cf8cfd1906 x86/cpu/vfm: Add new macros to work with (vendor/family/model) values 6408fcfea4c3 tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test 7261d27bcc09 nbd: Fix signal handling 193820ee0c1c nbd: Improve the documentation of the locking assumptions afcd1a3ac37d ocfs2: update inode fsync transaction id in ocfs2_unlink and ocfs2_link 10fc3a1813ea ocfs2: convert to new timestamp accessors 1dbb1a3181d8 wifi: rtl8xxxu: enable MFP support with security flag of RX descriptor b30c9b111837 perf script: Show also errors for --insn-trace option 0ea11a112408 perf: script: add raw|disasm arguments to --insn-trace option 23b1940096b6 spi: stm32: qspi: Clamp stm32_qspi_get_mode() output to CCR_BUSWIDTH_4 299c0cb3aaab arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc 6e77a7c0bdfc spi: stm32: qspi: Fix dual flash mode sanity test in stm32_qspi_setup() 211deb3e31ed dt-bindings: i2c: google,cros-ec-i2c-tunnel: correct path to i2c-controller schema f712670a91fc dt-bindings: i2c: atmel,at91sam: correct path to i2c-controller schema 391251d496e2 i2c: ocores: set IACK bit after core is enabled 84d3549d54f5 mm/page_table_check: fix crash on ZONE_DEVICE 250fad18b0c9 tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() 856cf3305f11 mm: mmap: allow for the maximum number of bits for randomizing mmap_base by default 08cfaa12171d serial: 8250_dw: Revert "Move definitions to the shared header" 231f18e8e93c efi/x86: Free EFI memory map only when installing a new one. 637619b02cc3 kcov: don't lose track of remote references during softirqs ae30200eccd4 gcov: add support for GCC 14 67bcecd78060 ocfs2: fix NULL pointer dereference in ocfs2_abort_trigger() 0550ad87711f ocfs2: fix NULL pointer dereference in ocfs2_journal_dirty() 63f894de08e1 dt-bindings: dma: fsl-edma: fix dma-channels constraints b065d79ed06a drm/amdgpu: fix UBSAN warning in kv_dpm.c 9e57611182a8 drm/radeon: fix UBSAN warning in kv_dpm.c e7bda1f8ba84 drm/i915/mso: using joiner is not possible with eDP MSO 9f3b02cc05df ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14AHP9 b03d8b4a646f ALSA: hda/realtek: Limit mic boost on N14AP7 dd3068d81d1c ALSA: hda/realtek: fix mute/micmute LEDs don't work for ProBook 445/465 G11. 10252816227c ovl: fix encoding fid for lower only root cd2f51797607 RDMA/mlx5: Follow rb_key.ats when creating new mkeys 637a3bebcd57 RDMA/mlx5: Remove extra unlock on error path 94646324833d RDMA/rxe: Fix data copy for IB_SEND_INLINE 72040b4f9934 KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes 48bb62859d47 KVM: arm64: Disassociate vcpus from redistributor region on teardown a937ef951bba KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() 32a62a6b1052 LoongArch: Fix multiple hardware watchpoint issues 75ecfab9bf9c LoongArch: Trigger user-space watchpoints correctly 4b26f9ace31f LoongArch: Fix watchpoint setting error 450df994f32a cifs: fix typo in module parameter enable_gcm_256 eacfd7f07eb0 scsi: ufs: core: Free memory allocated for model before reinit bf1e8c21f2be btrfs: retry block group reclaim without infinite loop 454c454ed645 net: do not leave a dangling sk pointer, when socket creation fails f08e079bdde1 net: usb: ax88179_178a: improve reset check 78a6136e949f net: stmmac: Assign configured channel value to EXTTS event 555672188053 locking/atomic: scripts: fix ${atomic}_sub_and_test() kerneldoc 677ff4589f15 ext4: fix slab-out-of-bounds in ext4_mb_find_good_group_avg_frag_lists() 82d5a4ba46b3 ext4: avoid overflow when setting values via sysfs db3d39869e53 arm64: defconfig: enable the vf610 gpio driver 17095b1d79ae ACPI: EC: Evaluate orphan _REG under EC device d63c635e226d RDMA/mana_ib: Ignore optional access flags for MRs e0deb0e9c967 RDMA/mlx5: Add check for srq max_sge attribute 3b733016d878 RDMA/mlx5: Fix unwind flow as part of mlx5_ib_stage_init_init a6d6332a005e firmware: psci: Fix return value from psci_system_suspend() 2a215410cf59 io_uring/rsrc: fix incorrect assignment of iter->nr_segs in io_import_fixed 87e0621a6b36 spi: spi-imx: imx51: revert burst length calculation back to bits_per_word 434c6b924e1f ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." 83936d4ecd0a arm64: dts: freescale: imx8mm-verdin: enable hysteresis on slow input pin 563788af0767 arm64: dts: imx93-11x11-evk: Remove the 'no-sdio' property c41f973a68f3 arm64: dts: freescale: imx8mp-venice-gw73xx-2x: fix BT shutdown GPIO 625c4fda1188 arm64: dts: imx8mp: Fix TC9595 input clock on DH i.MX8M Plus DHCOM SoM 332af18d1ab1 arm64: dts: imx8mp: Fix TC9595 reset GPIO on DH i.MX8M Plus DHCOM SoM 90d29da11445 thermal/drivers/mediatek/lvts_thermal: Return error in case of invalid efuse data 47a0fe77b6c8 regulator: bd71815: fix ramp values 79cee58de38f dmaengine: ioatdma: Fix missing kmem_cache_destroy() 6f47c1e98700 dmaengine: fsl-edma: avoid linking both modules 30d2259c5ebb dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe() fb6e3d4d43ac dmaengine: ioatdma: Fix error path in ioat3_dma_probe() ab9501ecaac9 dmaengine: ioatdma: Fix leaking on version mismatch faa35db78b05 dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list 186d77852555 regulator: core: Fix modpost error "regulator_get_regmap" undefined 163868ec1f6c RDMA/rxe: Fix responder length checking for UD request packets 9f06731c4eca spi: cs42l43: Correct SPI root clock speed 5f338cb5ca96 RDMA/bnxt_re: Fix the max msix vectors macro 7bcca7108c5b net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings ad22071b8e0e bnxt_en: Restore PTP tx_avail count in case of skb_pad() error 714782d58099 ice: Fix VSI list rule with ICE_SW_LKUP_LAST type 325f8ab7765d netfilter: move the sysctl nf_hooks_lwtunnel into the netfilter core d62df86c1720 seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors 94dd411c18d7 netfilter: ipset: Fix suspicious rcu_dereference_protected() 3ee9c732d672 octeontx2-pf: Fix linking objects into multiple modules 096a93e1c46e octeontx2-pf: Add error handling to VLAN unoffload handling 3ef2a16a1d17 virtio_net: fixing XDP for fully checksummed packets handling ef609fd73433 virtio_net: checksum offloading handling fix a71b686418ee net: stmmac: No need to calculate speed divider when offload is disabled a674424c23db selftests: openvswitch: Use bash as interpreter 666e934d749e ptp: fix integer overflow in max_vclocks_store 9126fd82e9ed sched: act_ct: add netns into the key of tcf_ct_flow_table b57a4a2dc874 tipc: force a dst refcount before doing decryption 5f926aa96b08 net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() 284fd7e97b92 net/sched: act_api: rely on rcu in tcf_idr_check_alloc 123eaaf63602 net: phy: mxl-gpy: Remove interrupt mask clearing from config_init de4fc1091af1 net: lan743x: Support WOL at both the PHY and MAC appropriately 41805c46d550 net: lan743x: disable WOL upon resume to restore full data path operation 6b2dfc4ff3f6 qca_spi: Make interrupt remembering atomic ef0394ca2595 netns: Make get_net_ns() handle zero refcount net f897d7171652 xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() 73e7c8ca6ad7 ipv6: prevent possible NULL dereference in rt6_probe() b6947723c9ea ipv6: prevent possible NULL deref in fib6_nh_init() b6ebe4fed73e netrom: Fix a memory leak in nr_heartbeat_expiry() d940be596b28 ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM 7f9644782c55 bpf: Avoid splat in pskb_pull_reason 5a24f876b5ce ALSA: hda: tas2781: Component should be unbound before deconstruction 8be82acd4ee3 ALSA: hda: cs35l56: Component should be unbound before deconstruction 08fa10b26592 cipso: fix total option length computation 23a52ca69c4b net: mvpp2: use slab_build_skb for oversized frames 082b3d4e7889 btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes 823e42971f8f ice: avoid IRQ collision to fix init failure on ACPI S3 resume 83de3ace795b ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option 590f9d97cd31 ALSA: hda/realtek: Remove Framework Laptop 16 from quirks 55d5d0817436 tracing: Build event generation tests only as modules 2cd4854ef14a mips: bmips: BCM6358: make sure CBR is correctly set fe5a1bfad443 MIPS: Routerboard 532: Fix vendor retry check code b89c2c56a010 ALSA: seq: ump: Fix missing System Reset message handling ff27bd8e1788 ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() fae0e055d01d PCI: Do not wait for disconnected devices when resuming 96a0e06dfe0c ACPI: EC: Install address space handler at the namespace root 448efb7ea0bf cpufreq: amd-pstate: fix memory leak on CPU EPP exit 618fbf4c910a vfio/pci: Collect hot-reset devices to local buffer 287b569a5b91 tty: add the option to have a tty reject a new ldisc a94a56004082 usb: gadget: function: Remove usage of the deprecated ida_simple_xx() API 404fb6c4c842 serial: exar: adding missing CTI and Exar PCI ids 982ae3376c4c serial: imx: Introduce timeout when waiting on transmitter empty 1c33fd17383f MIPS: Octeon: Add PCIe link status check 1036d3ea7a32 f2fs: don't set RO when shutting down f2fs 7196289190d5 PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports 6f999660a621 udf: udftime: prevent overflow in udf_disk_stamp_to_time() 38e6a5296615 usb: typec: ucsi_glink: drop special handling for CCI_BUSY eba944dffe0b usb: dwc3: pci: Don't set "linux,phy_charger_detect" property on Lenovo Yoga Tab2 1380 e151ae1ee065 Avoid hw_desc array overrun in dw-axi-dmac 10132ccf99f4 usb: misc: uss720: check for incompatible versions of the Belkin F5U002 eddeb8d941d5 f2fs: remove clear SB_INLINECRYPT flag in default_options 971c3be5dbf6 usb: gadget: uvc: configfs: ensure guid to be valid before set ae0d1ea3e8cd kprobe/ftrace: bail out if ftrace was killed 23afcd52af06 ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() 54f514a03676 iommu/arm-smmu-v3: Free MSIs in case of ENOMEM 89bed5c84450 power: supply: cros_usbpd: provide ID table for avoiding fallback match 4569c9641e76 platform/x86: p2sb: Don't init until unassigned resources have been assigned 2ff4b9a2f016 powerpc/io: Avoid clang null pointer arithmetic warnings f066882293b5 media: mtk-vcodec: potential null pointer deference in SCP 23d3c898d584 media: intel/ipu6: Fix build with !ACPI 3ad0034910a5 powerpc/pseries: Enforce hcall result buffer validity and size ff1de429c2b5 ALSA: hda/realtek: Add quirks for Lenovo 13X bdbc4ca77f5e drm/lima: mask irqs in timeout path before hard reset 022db5d6a8bd drm/lima: add mask irq callback to gp and pp 171f438a878e ASoC: Intel: sof_sdw: add quirk for Dell SKU 0C0F 38bf3b41b628 ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14 a63054e677fd platform/x86: toshiba_acpi: Add quirk for buttons on Z830 8f3ade4b60b6 drm/amd/display: Exit idle optimizations before HDCP execution d7b8159dddc8 Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl 810e6a1da6f5 ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 18fa9a90a0ae HID: asus: fix more n-key report descriptors if n-key quirked a956f64ca8d1 HID: Add quirk for Logitech Casa touchpad 85edd783f453 wifi: mt76: mt7921s: fix potential hung tasks during chip recovery 3f1a155950a1 netpoll: Fix race condition in netpoll_owner_active 4882e92c8881 net: dsa: realtek: keep default LED state in rtl8366rb c4dbe5501ff9 kselftest: arm64: Add a null pointer check 6d8b2c5206dd net/sched: fix false lockdep warning on qdisc root lock 2f037b28a7bf net: sfp: add quirk for ATS SFP-GE-T 1000Base-TX module fa85b016a56b scsi: qedi: Fix crash while reading debugfs attribute 76ce2f912524 drop_monitor: replace spin_lock by raw_spin_lock 2d42aacea8cb ACPI: x86: Add PNP_UART1_SKIP quirk for Lenovo Blade2 tablets c572d3a92023 af_packet: avoid a false positive warning in packet_setsockopt() 946a635b1a2e wifi: ath9k: work around memset overflow warning 2685008a5f9a batman-adv: bypass empty buckets in batadv_purge_orig_ref() ef063f0f5c79 selftests/bpf: Fix flaky test btf_map_in_map/lookup_update 5270950a3bc1 selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh c5dc2d8eb398 ssb: Fix potential NULL pointer dereference in ssb_device_uevent() fd841ee01fb4 block/ioctl: prefer different overflow check 3afcca7bccd0 rcutorture: Fix invalid context warning when enable srcu barrier testing 93b7d5820296 rcutorture: Make stall-tasks directly exit when rcutorture tests end 2e5ed1130eda rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment 9e810bd99582 io_uring/sqpoll: work around a potential audit memory leak b101f0bfb637 crypto: hisilicon/qm - Add the err memory release process to qm uninit 9f21886370db crypto: hisilicon/sec - Fix memory leak for sec resource release 7220b9795dab padata: Disable BH when taking works lock on MT path 0eeb28d7e136 fs/writeback: bail out if there is no more inodes for IO and queued once c31365597a17 powerpc/uaccess: Fix build errors seen with GCC 13/14 64ebf485c56b usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock 7c76aad68f6d kselftest: Add a ksft_perror() helper 06644f0d7193 drm/tilcdc: Set preferred depth ff7ae7b32324 crypto: jitter - add RCT/APT support for different OSRs 50cd24ddb6f0 arm64: defconfig: remove CONFIG_IPQ_APSS_5018 58e5c91d6701 x86/alternatives: Disable interrupts and sync when optimizing NOPs in place c878fd2d4c79 x86/alternatives: Sync core before enabling interrupts c2d64b9f52b6 qemux86: add configuration symbol to select values 630c33229e6d sched/isolation: really align nohz_full with rcu_nocbs 0e5e0f68e2e6 clear_warn_once: add a clear_warn_once= boot parameter 46934791b902 clear_warn_once: bind a timer to written reset value cdee9e38ff32 clear_warn_once: expand debugfs to include read support 82b562b81841 tools: Remove some options from CLANG_CROSS_FLAGS 36dc380b776b libbpf: Fix build warning on ref_ctr_off 9e3e1fe20982 perf: perf can not parser the backtrace of app in the 32bit system and 64bit kernel. e497a4a5da65 perf: x86-32: explicitly include <errno.h> 7b57ddd89565 perf: mips64: Convert __u64 to unsigned long long 1cfc19423dc7 perf: fix bench numa compilation 98bc2815fade perf: add SLANG_INC for slang.h 17209a70b9b3 perf: add sgidefs.h to for mips builds 9cd4258d910a perf: change --root to --prefix for python install 8110a4f26628 perf: add 'libperl not found' warning bc89d5e08f77 perf: force include of <stdbool.h> 4f6c760cc876 fat: Replace prandom_u32() with get_random_u32() bc53117b12b2 fat: don't use obsolete random32 call in namei_vfat 30b2236ab378 FAT: Added FAT_NO_83NAME cef98d22b4ed FAT: Add CONFIG_VFAT_NO_CREATE_WITH_LONGNAMES option 0bbd7daba9e1 FAT: Add CONFIG_VFAT_FS_NO_DUALNAMES option 5883fc340084 aufs6: adapt to v6.6 i_op->ctime changes c4342d979bf2 aufs6: fix magic.mk include path 35266bc2dc81 aufs6: adapt to v6.6 8edede4e98be aufs6: core 712248233ebe aufs6: standalone 3b71a8a848d8 aufs6: mmap 3e2924871f37 aufs6: base 7f4907a93101 aufs6: kbuild d2f7b03e4aa7 yaffs2: update VFS ctime operations to 6.6+ bcd6cfcd1aa0 yaffs2: v6.5 fixups cc615704b5f5 yaffs2: Fix miscalculation of devname buffer length 8ef2e22dcf91 yaffs2: convert user_namespace to mnt_idmap c9c749f9f7d3 yaffs2: replace bdevname call with sprintf 395b01cdc39d yaffs2: convert read_page -> readfolio d98b07e43ba6 yaffs: replace IS_ERR with IS_ERR_OR_NULL to check both ERR and NULL 613c6d50fdbe yaffs: fix -Wstringop-overread compile warning in yaffs_fix_null_name 622c4648936f yaffs2: v5.12+ build fixups (not runtime tested) 7562133d4090 yaffs: include blkdev.h dbd44252cd59 yaffs: fix misplaced variable declaration c223a10b1ac0 yaffs2: v5.6 build fixups 90f6007cfbf4 yaffs2: fix memory leak when /proc/yaffs is read 37ee169c5ea1 yaffs: add strict check when call yaffs_internal_read_super b6e007b8abb6 yaffs: repair yaffs_get_mtd_device fb98f65a466a yaffs: Fix build failure by handling inode i_version with proper atomic API 51e0aac75ea2 yaffs2: fix memory leak in mount/umount 2b74a0cae7b0 yaffs: Avoid setting any ACL releated xattr ff4130a9c376 Yaffs:check oob size before auto selecting Yaffs1 ba95b409c67c fs: yaffs2: replace CURRENT_TIME by other appropriate apis 8fa35eba9056 yaffs2: adjust to proper location of MS_RDONLY 1eb5deaad8c4 yaffs2: import git revision b4ce1bb (jan, 2020) 4dce67c1e8c8 initramfs: allow an optional wrapper script around initramfs generation 2f603d83fcc4 pnmtologo: use relocatable file name 664a6a0a484b tools: use basename to identify file in gen-mach-types 9de64bc0c185 lib/build_OID_registry: fix reproducibility issues ae9b80797295 vt/conmakehash: improve reproducibility a972323151bd iwlwifi: select MAC80211_LEDS conditionally 15d2adcc0198 net/dccp: make it depend on CONFIG_BROKEN (CVE-2020-16119) 5556a6c04b19 arm64/perf: Fix wrong cast that may cause wrong truncation 5552dc768ffc defconfigs: drop obselete options 00fe4152df31 arm64/perf: fix backtrace for AAPCS with FP enabled 3888d0652edf linux-yocto: Handle /bin/awk issues 3d55d299f23a uvesafb: provide option to specify timeout for task completion 23c068c080be uvesafb: print error message when task timeout occurs edbfc939266e compiler.h: Undef before redefining __attribute_const__ c99ae7e2a19a vmware: include jiffies.h 572d84d928c8 Resolve jiffies wrapping about arp fdcd47cac843 nfs: Allow default io size to be configured. 927d48801098 check console device file on fs when booting 57cc27f821dd mount_root: clarify error messages for when no rootfs found 1b53d82a8152 mconf: fix output of cflags and libraries 1811da09f42c menuconfig,mconf-cfg: Allow specification of ncurses location 83c2e0c6eb1f modpost: mask trivial warnings 6de673039484 kbuild: exclude meta directory from distclean processing 6decd32815f5 powerpc: serialize image targets f6b683b38318 arm: serialize build targets e798b09ebf57 mtd_blkdevs: add mtd_table_mutex lock back to blktrans_{open, release} to avoid race condition dc8a1e5a88f8 x86_64_defconfig: Fix warnings 68491e5f72b6 powerpc/ptrace: Disable array-bounds warning with gcc8 d71ebfce3004 powerpc: Disable attribute-alias warnings from gcc8 62f50884b8b1 powerpc: kexec fix for powerpc64 da6871c62c37 powerpc: Add unwind information for SPE registers of E500 core f161c880c11d mips: make current_cpu_data preempt safe 5e94a8247ce7 mips: vdso: fix 'jalr $t9' crash in vdso code 19e36714b1c7 mips: Kconfig: add QEMUMIPS64 option e2e537db3cbd 4kc cache tlb hazard: tlbp cache coherency aee9870611e5 malta uhci quirks: make allowance for slow 4k(e)c 881948cd1517 drm/fb-helper: move zeroing code to drm_fb_helper_fill_var 98ec1963fcb7 arm64: defconfig: cleanup config options f1727c537ba8 vexpress: Pass LOADADDR to Makefile 4474c32dc24a arm: ARM EABI socketcall 75e31a2b70fd ARM: LPAE: Invalidate the TLB for module addresses during translation fault (From OE-Core rev: 728e00206b70d9fcd2d00ad86c28cc4c86c21f4b) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libyaml: Amend CVE status as 'upstream-wontfix'Niko Mauno2024-08-011-1/+1
| | | | | | | | | | | | | Use an existing defined CVE_CHECK_STATUSMAP key in meta/lib/oe/cve_check.py in order to avoid following complaint from BitBake: WARNING: libyaml-native-0.2.5-r0 do_create_spdx: Invalid detail "wontfix" for CVE_STATUS[CVE-2024-35328] = "wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302", fallback to Unpatched (From OE-Core rev: c66d9a2a0d197498fa21ee8ca51a4afb59f75473) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libyaml: Change CVE status to wontfixKhem Raj2024-08-011-1/+1
| | | | | | | | | This has not yet been disputed officially (From OE-Core rev: 7ec7384837f3e3fb68b25a6108ed7ec0f261a4aa) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: move gpgme-tool to own sub-packagePatrick Wicki2024-07-301-3/+13
| | | | | | | | | | | The gpgme-tool binary is licensed GPL-3.0-or-later. Split it out into its own package that can be opted out of. (From OE-Core rev: bbcd56bace90f4a148960a7108dc8d0e6c364903) Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ethtool: upgrade 6.7 -> 6.9Changhyeok Bae2024-07-302-2/+2
| | | | | | | | | | | | | | Release notes: * Feature: support for rx-flow-hash gtp (-N) * Feature: support for RSS input transformation (-X) * Fix: typo in coalescing output (-c) * Fix: document all debugging flags in man page (From OE-Core rev: 302bbd0fdb1b41ec98e281cacbb77a54ce8d689d) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: Add comment for provenance of SRCREVTheodore A. Roth2024-07-301-0/+7
| | | | | | | | | | | Provide references for how the SRCREV was arrived at for the 20240203 release. (From OE-Core rev: 6916cdb0f05f6644edb1e432a9421595abb9f0ca) Signed-off-by: Theodore A. Roth <troth@openavr.org> Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rt-tests: rt_bmark.py: fix TypeErrorChangqing Li2024-07-301-1/+1
| | | | | | | | | | | | | Fix following error: File "/usr/lib64/rt-tests/ptest/./rt_bmark.py", line 287, in run_cyclictest_once m = rex.search(line) ^^^^^^^^^^^^^^^^ TypeError: cannot use a string pattern on a bytes-like object (From OE-Core rev: c5108da4009ccd3dfc92632171d6bc4dae4507db) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libyaml: Update status of CVE-2024-35328Khem Raj2024-07-301-0/+2
| | | | | | | | | This is open yet but seems to be disputed (From OE-Core rev: 4cba8ad405b1728afda3873f99ac88711ab85644) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* insane: remove obsolete QA errorsMichal Sieron2024-07-301-4/+4
| | | | | | | | | | | | Those were removed quite some time ago: - perms: 5da7ad1a483d0840a9a2e3b95fa62a1901be73f2 - split-strip: bcc03ea19e103f6aa93bada2f49fcc5cc7bc0790 - (compile|install)-host-path: a67e9ebfd5b8002fd4a7d8d27ff0d997817f76e1 (From OE-Core rev: 068d3821430734132c3eb70fd95461e0917fd1e8) Signed-off-by: Michal Sieron <michalwsieron@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rust: rustdoc reproducibility issue fixSundeep KOKKONDA2024-07-304-2/+28
| | | | | | | | | | | | | | The 'codegen-units' option split the crate into multiple compilation units for parallel compilation. Currently, this split is causing the rustdoc to generate differnt binary between the builds. To fix this the codegen-units & the lto options are disabled. More info about options: https://doc.rust-lang.org/cargo/reference/profiles.html#codegen-units https://doc.rust-lang.org/rustc/codegen-options/index.html#lto (From OE-Core rev: 0c00875de10b171f4ff2990af351a8124ec7e972) Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* create-spdx-3.0/populate_sdk_base: Add SDK_CLASSES inherit mechanism to fix ↵Richard Purdie2024-07-266-68/+79
| | | | | | | | | | | | | | | | | | | | | | | tarball SPDX manifests Currently, "tarball" sdk based recipes don't generate SPDX manifests as they don't include the rootfs generation classes. Split the SPDX 3.0 image class into two so the SDK components can be included where needed. To do this, introduce an SDK_CLASSES variable similar to IMAGE_CLASSES which the SDK code can use. Migrate testsdk usage to this. Also move the image/sdk spdx classes to classes-recipe rather than the general classes directory since they'd never be included on a global level. For buildtools-tarball, it has its own testsdk functions so disable the class there as a deferred inherit would overwrite it. (From OE-Core rev: 662396533177b72cc1d83e95841b27f7e42dcb20) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Update to include open symlink handling bugfixRichard Purdie2024-07-261-1/+1
| | | | | | | | Update to a new revision which includes "Bugfix for Linux open(O_CREAT|O_EXCL)" (From OE-Core rev: 92a9710ec88c8729fa3d83baa2e63dd74d95cdf8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa sdk cases: Skip SDK test cases when TCLIBC is newlibMark Hatle2024-07-266-0/+28
| | | | | | | | | | | Newlib generally requires additional components to function. Skip the cases where newlib is known to not work. (From OE-Core rev: b9934755554e40d9980b90c3d541f4c702203561) Signed-off-by: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: cleanup old cve statusPeter Marko2024-07-261-2/+0
| | | | | | | | | | This CVE status should have been removed on version update. CPE says >=2.34 and <2.39 while our version is already 2.40. (From OE-Core rev: b568a8f428e76f75bb8c374983f62822325ebe8a) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bmaptool: temporarily silence the pep517-backend warningRoss Burton2024-07-261-0/+3
| | | | | | | | | | | Whilst bmaptool has a pyproject.toml that uses poetry, the setuptools build path appears to be more complete. Upstream has moved to hatch and removed setup.py entirely so the next release can drop this. (From OE-Core rev: 824009560776933922a92a00c2199c28c9c8379c) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-numpy: ignore pep517-backend warningsRoss Burton2024-07-261-0/+3
| | | | | | | | | | | Upstream has a pyproject.toml but it's marked as experimental and does not currently work at all with the meson-python release we currently have. (From OE-Core rev: a09ad3838a00d2b4781850759ca857822ba330e1) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* insane: add pep517-backend to WARN_QARoss Burton2024-07-261-1/+1
| | | | | | | | | | Enable the new pep517-backend warning from setuptools3, initially as a warning so as not to break builds straight away. (From OE-Core rev: 27597d986ad7b3a6c2d36150a163951be7c640f1) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* setuptools3: check for a PEP517 build system selectionRoss Burton2024-07-261-0/+14
| | | | | | | | | | | | | | | | | | | | Some recipes use setuptools3 but should be using a PEP517-compliant backend, be it the setuptools itself via python_setuptools_build_meta or an alternative backend such as flit/hatch/poetry. As we can't currently assume Python 3.11 on the build host we need to parse the pyproject.toml manually, but this should be sufficient for the limited parsing needed. This task emits a QA error if a build backend is set, and can be ignored by using INSANE_SKIP if needed. [ YOCTO #14736 ] (From OE-Core rev: a9d800f6cdfcedbe3de8366d935ee5f0c8557c06) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: upgrade 9.7p1 -> 9.8p1Jose Quaresma2024-07-267-261/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - drop the CVE-2024-6387 [backported patch] - drop systemd notify [backported patch] - fix musl build [backported patch] - fix ptest regression [submited patch] - sshd now had the sshd-session Release notes at https://www.openssh.com/txt/release-9.8 Security ======== This release contains fixes for two security problems, one critical and one minor. 1) Race condition in sshd(8) A critical vulnerability in sshd(8) was present in Portable OpenSSH versions between 8.5p1 and 9.7p1 (inclusive) that may allow arbitrary code execution with root privileges. Successful exploitation has been demonstrated on 32-bit Linux/glibc systems with ASLR. Under lab conditions, the attack requires on average 6-8 hours of continuous connections up to the maximum the server will accept. Exploitation on 64-bit systems is believed to be possible but has not been demonstrated at this time. It's likely that these attacks will be improved upon. Exploitation on non-glibc systems is conceivable but has not been examined. Systems that lack ASLR or users of downstream Linux distributions that have modified OpenSSH to disable per-connection ASLR re-randomisation (yes - this is a thing, no - we don't understand why) may potentially have an easier path to exploitation. OpenBSD is not vulnerable. We thank the Qualys Security Advisory Team for discovering, reporting and demonstrating exploitability of this problem, and for providing detailed feedback on additional mitigation measures. 2) Logic error in ssh(1) ObscureKeystrokeTiming In OpenSSH version 9.5 through 9.7 (inclusive), when connected to an OpenSSH server version 9.5 or later, a logic error in the ssh(1) ObscureKeystrokeTiming feature (on by default) rendered this feature ineffective - a passive observer could still detect which network packets contained real keystrokes when the countermeasure was active because both fake and real keystroke packets were being sent unconditionally. This bug was found by Philippos Giavridis and also independently by Jacky Wei En Kung, Daniel Hugenroth and Alastair Beresford of the University of Cambridge Computer Lab. Worse, the unconditional sending of both fake and real keystroke packets broke another long-standing timing attack mitigation. Since OpenSSH 2.9.9 sshd(8) has sent fake keystoke echo packets for traffic received on TTYs in echo-off mode, such as when entering a password into su(8) or sudo(8). This bug rendered these fake keystroke echoes ineffective and could allow a passive observer of a SSH session to once again detect when echo was off and obtain fairly limited timing information about keystrokes in this situation (20ms granularity by default). This additional implication of the bug was identified by Jacky Wei En Kung, Daniel Hugenroth and Alastair Beresford and we thank them for their detailed analysis. This bug does not affect connections when ObscureKeystrokeTiming was disabled or sessions where no TTY was requested. Future deprecation notice ========================= OpenSSH plans to remove support for the DSA signature algorithm in early 2025. This release disables DSA by default at compile time. DSA, as specified in the SSHv2 protocol, is inherently weak - being limited to a 160 bit private key and use of the SHA1 digest. Its estimated security level is only 80 bits symmetric equivalent. OpenSSH has disabled DSA keys by default since 2015 but has retained run-time optional support for them. DSA was the only mandatory-to- implement algorithm in the SSHv2 RFCs, mostly because alternative algorithms were encumbered by patents when the SSHv2 protocol was specified. This has not been the case for decades at this point and better algorithms are well supported by all actively-maintained SSH implementations. We do not consider the costs of maintaining DSA in OpenSSH to be justified and hope that removing it from OpenSSH can accelerate its wider deprecation in supporting cryptography libraries. This release, and its deactivation of DSA by default at compile-time, marks the second step in our timeline to finally deprecate DSA. The final step of removing DSA support entirely is planned for the first OpenSSH release of 2025. DSA support may be re-enabled in OpenBSD by setting "DSAKEY=yes" in Makefile.inc. To enable DSA support in portable OpenSSH, pass the "--enable-dsa-keys" option to configure. Potentially-incompatible changes -------------------------------- * all: as mentioned above, the DSA signature algorithm is now disabled at compile time. * sshd(8): the server will now block client addresses that repeatedly fail authentication, repeatedly connect without ever completing authentication or that crash the server. See the discussion of PerSourcePenalties below for more information. Operators of servers that accept connections from many users, or servers that accept connections from addresses behind NAT or proxies may need to consider these settings. * sshd(8): the server has been split into a listener binary, sshd(8), and a per-session binary "sshd-session". This allows for a much smaller listener binary, as it no longer needs to support the SSH protocol. As part of this work, support for disabling privilege separation (which previously required code changes to disable) and disabling re-execution of sshd(8) has been removed. Further separation of sshd-session into additional, minimal binaries is planned for the future. * sshd(8): several log messages have changed. In particular, some log messages will be tagged with as originating from a process named "sshd-session" rather than "sshd". * ssh-keyscan(1): this tool previously emitted comment lines containing the hostname and SSH protocol banner to standard error. This release now emits them to standard output, but adds a new "-q" flag to silence them altogether. * sshd(8): (portable OpenSSH only) sshd will no longer use argv[0] as the PAM service name. A new "PAMServiceName" sshd_config(5) directive allows selecting the service name at runtime. This defaults to "sshd". bz2101 * (portable OpenSSH only) Automatically-generated files, such as configure, config.h.in, etc will now be checked in to the portable OpenSSH git release branch (e.g. V_9_8). This should ensure that the contents of the signed release branch exactly match the contents of the signed release tarball. Changes since OpenSSH 9.7 ========================= This release contains mostly bugfixes. New features ------------ * sshd(8): as described above, sshd(8) will now penalise client addresses that, for various reasons, do not successfully complete authentication. This feature is controlled by a new sshd_config(5) PerSourcePenalties option and is on by default. sshd(8) will now identify situations where the session did not authenticate as expected. These conditions include when the client repeatedly attempted authentication unsucessfully (possibly indicating an attack against one or more accounts, e.g. password guessing), or when client behaviour caused sshd to crash (possibly indicating attempts to exploit bugs in sshd). When such a condition is observed, sshd will record a penalty of some duration (e.g. 30 seconds) against the client's address. If this time is above a minimum configurable threshold, then all connections from the client address will be refused (along with any others in the same PerSourceNetBlockSize CIDR range) until the penalty expire. Repeated offenses by the same client address will accrue greater penalties, up to a configurable maximum. Address ranges may be fully exempted from penalties, e.g. to guarantee access from a set of trusted management addresses, using the new sshd_config(5) PerSourcePenaltyExemptList option. We hope these options will make it significantly more difficult for attackers to find accounts with weak/guessable passwords or exploit bugs in sshd(8) itself. This option is enabled by default. * ssh(8): allow the HostkeyAlgorithms directive to disable the implicit fallback from certificate host key to plain host keys. Bugfixes -------- * misc: fix a number of inaccuracies in the PROTOCOL.* documentation files. GHPR430 GHPR487 * all: switch to strtonum(3) for more robust integer parsing in most places. * ssh(1), sshd(8): correctly restore sigprocmask around ppoll() * ssh-keysign(8): stricter validation of messaging socket fd GHPR492 * sftp(1): flush stdout after writing "sftp>" prompt when not using editline. GHPR480 * sftp-server(8): fix home-directory extension implementation, it previously always returned the current user's home directory contrary to the spec. GHPR477 * ssh-keyscan(1): do not close stdin to prevent error messages when stdin is read multiple times. E.g. echo localhost | ssh-keyscan -f - -f - * regression tests: fix rekey test that was testing the same KEX algorithm repeatedly instead of testing all of them. bz3692 * ssh_config(5), sshd_config(5): clarify the KEXAlgorithms directive documentation, especially around what is supported vs available. bz3701. Portability ----------- * sshd(8): expose SSH_AUTH_INFO_0 always to PAM auth modules unconditionally. The previous behaviour was to expose it only when particular authentication methods were in use. * build: fix OpenSSL ED25519 support detection. An incorrect function signature in configure.ac previously prevented enabling the recently added support for ED25519 private keys in PEM PKCS8 format. * ssh(1), ssh-agent(8): allow the presence of the WAYLAND_DISPLAY environment variable to enable SSH_ASKPASS, similarly to the X11 DISPLAY environment variable. GHPR479 * build: improve detection of the -fzero-call-used-regs compiler flag. bz3673. * build: relax OpenSSL version check to accept all OpenSSL 3.x versions. * sshd(8): add support for notifying systemd on server listen and reload, using a standalone implementation that doesn't depend on libsystemd. bz2641 (From OE-Core rev: 4e2834f67d32894d1cac5fc9ac5234816765245e) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: systemd notification was implemented upstreamJose Quaresma2024-07-264-100/+227
| | | | | | | | | | Drop our sd-notify patch and switch to the upstream standalone implementation that does not depend on libsystemd. (From OE-Core rev: 07522f85a987b673b0a3c98690c3c17ab0c4b608) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libssh2: fix ptest regression with openssh 9.8p1Jose Quaresma2024-07-262-0/+31
| | | | | | | (From OE-Core rev: 1a2fef1d70c8083e65325dfa8a5cae7d8443951b) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* time64.inc: Simplify GLIBC_64BIT_TIME_FLAGS usageTom Hochstein2024-07-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | The implementation uses the append operator to include GLIBC_64BIT_TIME_FLAGS in TARGET_CC_ARCH, but it places the space in the GLIBC_64BIT_TIME_FLAGS assignment in order to avoid a 'spurious space' when the value is empty. 68b50d3 time64: Remove leading whitespace from GLIBC_64BIT_TIME_FLAGS The problem with this is it requires anyone wishing to assign a value to GLIBC_64BIT_TIME_FLAGS to add the leading space, otherwise this is the error: cc1: error: '-Werror=format-security-D_TIME_BITS=64': no option '-Wformat-security-D_TIME_BITS=64' Add a new constant variable to capture the value needed for the 32-bit special case, including the space. (From OE-Core rev: e8177827f92e71c80c5b63453d8bbd1defbe1fbc) Signed-off-by: Tom Hochstein <tom.hochstein@oss.nxp.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* create-spdx-*: Support multilibs via SPDX_MULTILIB_SSTATE_ARCHSMark Hatle2024-07-265-9/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | When a create-spdx-* classes is processing documents, it needs to find the document in a path that is related to the SSTATE_ARCH when a packge is generated. The SSTATE_ARCH can be affected by multilib configurations, resulting is something like armv8a-mlib. When the image (or SDK) is being generated and the components are collected, the system has no knowledge of the multilib arch and will fail to find it, such as: ERROR: meta-toolchain-1.0-r0 do_populate_sdk: No SPDX file found for package libilp32-libgcc-dbg, False sstate:libilp32-libgcc:armv8a-ilp32-mllibilp32-elf:14.1.0:r0:armv8a-ilp32:12: sstate:libilp32-libgcc::14.1.0:r0::12: Adding in the new SPDX_MULTILIB_SSTATE_ARCHS will provide a full set of SSTATE_ARCHS including ones that contain the multilib extension which will allow create-spdx-* to correctly find the document it is looking for. This would also be valuable to any other function doing a similar search through SSTATE_ARCH that may have been extended with multilib configurations. (From OE-Core rev: f1499c36c1054fc90f7b7268cc95285f2eca72f7) Signed-off-by: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* spdx30_tasks.py: switch from exists to isfile checking debugsrcMark Hatle2024-07-261-1/+2
| | | | | | | | | | | | | Same change as previously made to the create-spdx-2.2.bbclass, while debugsrc is almost always a file (or link), there are apparently cases where a directory could be returned from the dwarfsrcfiles processing. When this happens, the hashing fails and an error results when building the SPDX documents. (From OE-Core rev: 5262f9bbf86c4e529ff988d465ddad2d1db0b073) Signed-off-by: Mark Hatle <mark.hatle@amd.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tclibc-picolibc: Adds a new TCLIBC variant to build with picolibc as C libraryAlejandro Hernandez Samaniego2024-07-2616-5/+296
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enables usage of TCLIBC=picolibc extending OE functionality to build and use picolibc based toolchains to build baremetal applications. Picolibc is a set of standard C libraries, both libc and libm, designed for smaller embedded systems with limited ROM and RAM. Picolibc includes code from Newlib and AVR Libc, but adresses some of newlibs concerns, it retains newlibs directory structure, math, string and locale implementations, but removed the GPL bits used to build the library, swiches old C style code for C18 and replaces autotools with meson. This patch adds a picolibc recipe for the C library, a picolibc-helloworld recipe that contains an example application and a testcase that builds it. Picolibc can be built for ARM and RISCV architectures, its been tested both for 32 and 64 bits, the provided example recipe produces the following output: hello, world Runqemu does not automatically show any output since it hides QEMU stderr which is where the QEMU monitors output is directed to when using semihosting, but, manually running the same QEMU command does work properly. (From OE-Core rev: c7535ecaccb72ef21a61f9aec5c68e61fb4f6fb6) Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandro@enedino.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: update 20211016 -> 20240203Theodore A. Roth2024-07-263-9/+9
| | | | | | | | | | | The 20240203 version is the same as used in Ubuntu >= 24.04 and Debian Trixie (testing). (From OE-Core rev: ce19168885a04b0d77e81c1fd1c4262b195a47d4) Signed-off-by: Theodore A. Roth <troth@openavr.org> Signed-off-by: Theodore A. Roth <theodore_roth@trimble.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-idna: enable ptestRoss Burton2024-07-263-1/+12
| | | | | | | (From OE-Core rev: 4b15fd105f8f84f55f1da1724a0ea2f06a88c4b5) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-packaging: enable ptestRoss Burton2024-07-263-1/+24
| | | | | | | (From OE-Core rev: df1e2e5bbf675f2b2582179fe28b25b840bb4790) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cffi: enable ptestRoss Burton2024-07-263-1/+29
| | | | | | | (From OE-Core rev: 5beb30cdf389490aa00f63a1c377680deb747bbc) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cffi: generalise RDEPENDSRoss Burton2024-07-261-1/+1
| | | | | | | | | There's no need to mark these RDEPENDS as target-only. (From OE-Core rev: 8b2332c355d603027e965e9a6a5045f9eb1f024c) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ptest-packagelists: sort entriesRoss Burton2024-07-261-7/+7
| | | | | | | | | Sort the entries for OCD reasons. (From OE-Core rev: ca34cbec26baca91689e205a43787745db2caedb) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-jsonpointer: upgrade 2.4 -> 3.0.0Ross Burton2024-07-261-9/+9
| | | | | | | | | Also re-arrange the recipe to match conventional order. (From OE-Core rev: 8083d5d1732d805a2172ae6df1d2ae51c476f9cf) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-idna: generalise RDEPENDSRoss Burton2024-07-261-3/+1
| | | | | | | (From OE-Core rev: ffdea890710aa11ab819bb7d23e18a5f01447292) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-unittest-automake-output: add dependency on unittestRoss Burton2024-07-261-0/+2
| | | | | | | | | | | | This module can be used as a wrapper around unittest, so depend on that. Don't also depend on pytest as that's a much larger dependency, and in ptest images we want as little pulled in as possible. (From OE-Core rev: 98343c8fa3572ccd04964c988d55cd31f2ad8d9f) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-fitimage: fix external dtb checkAdrian Freihofer2024-07-261-1/+1
| | | | | | | | | | | | If EXTERNAL_KERNEL_DEVICETREE and dtb_image_sect are empty variables dtb_path ends up as "/" which is available on most Unix systems but probably not the dtb_path which is needed here. Checking for a file makes more sense and also solves the issue with the "/". (From OE-Core rev: c8f629b6991449cc6726f48a607d9e1bd50807ee) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-fitimage: fix intentationAdrian Freihofer2024-07-261-32/+32
| | | | | | | | | | | white space changes only. - python part should be 4 spaces, not 8. - use tabs for shell (From OE-Core rev: 000079a973e8c97d496ca721259437880a7ea70d) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iptables: fix memory corruption when parsing nft rulesChristian Taedcke2024-07-262-0/+38
| | | | | | | | | | | | | | | | | | | | | | | | This commit fixes a memory corruption issue when iptables (with enabled PACKAGECONFIG libnftnl) is used to access rules created by nft. To reproduce the issue: nft add chain ip filter TESTCHAIN { meta mark set 123 \;} iptables -t filter -n -L TESTCHAIN This produced the following output: Chain TESTCHAIN (0 references) target prot opt source destination MARK 0 -- 0.0.0.0/0 0.0.0.0/0 MARK set 0x7b malloc(): corrupted top size Aborted (core dumped) This commit fixes this issue. (From OE-Core rev: 461d6333dabacdc181c91f31a8dd4ad6682cc0e4) Signed-off-by: Christian Taedcke <christian.taedcke@weidmueller.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade 1.10.3 -> 1.11.0simit.ghane2024-07-264-54/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== https://lists.gnu.org/archive/html/info-gnu/2024-06/msg00004.html License-Update: -Add 3-clause BSD license for poly1305-amd64-avx512.S. -cipher/Makefile.am: Add 'poly1305-amd64-avx512.S'. -cipher/poly1305-amd64-avx512.S: New. -cipher/poly1305-internal.h (POLY1305_USE_AVX512): New. -Add 'cipher/keccak-amd64-avx512.S'. -Update license docs for FSF new address and update gcrypt.texi. Apart from upgrade also refreshed the patches like 0001-libgcrypt-fix-m4-file-for-oe-core.patch 0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch no-bench-slope.patch In 0002-libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch reverted back the change in cipher/Makefile.am related to o_flag_munging (From OE-Core rev: aa50e6bc8dcb3f5870e1fa285ec5ab997a7a59cf) Signed-off-by: simit.ghane <simit.ghane@lge.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib-networking: upgrade 2.78.1 -> 2.80.0Ross Burton2024-07-262-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 2.80.0 - March 14, 2024 ======================= - Mark plugin functions as exports on Windows (!250, Amyspark) - Updated translations 2.80.rc - February 29, 2024 =========================== - GnuTLS: fix improper use of IP address in SNI extension (!247, MARTINSONS Frederic) - GnuTLS: major performance improvement: reduce unnecessary trust list creation (!249) - OpenSSL: properly handle BIO_CTRL_EOF (!248) - Updated translations 2.80.alpha - January 5, 2024 ============================ - GnuTLS: Add warning when system has no trusted certificates (!243) - OpenSSL: Fix bug when populating trust store (!244, Alessandro Bono) - Fix license on dtls-connection.c test (!245, David King) - Updated translations As exposed by the warning when there are no trusted certificates, we should RDEPEND on ca-certificates if either of the crypto backends are enabled so that cryptography is usable. (From OE-Core rev: 0e52a74bcf08cfdd879c74bff9b241a5007c7ef5) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcap-ng: clean up recipeRoss Burton2024-07-263-17/+7
| | | | | | | | | | | | | | | | This package is split into two recipes, one of the actual C library and one for the Python bindings. - Move common inherits into the common .inc. - Clean up install in the python recipe - Remove obsolete setuptools dependency - Remove obsolete explicit .debug packaging - Update homepage as freecode.com redirects to the top of SourceForge (From OE-Core rev: 0ccd7429aabfe5c1c9246477acf1af84a147715c) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pytest: clean up RDEPENDSRoss Burton2024-07-241-9/+1
| | | | | | | | | | | | | | | | | | | | | | These dependencies are only used in development: - attrs - setuptools These dependencies are obsolete: - atomicwrites removed 7.2.0 - importlib-metadata removed in 5.1.0 - more-itertools removed 6.1.0 - pathlib2 removed 6.2.2 - py removed in 7.2 - six removed in 5.0.0 - wcwidth removed in 6.0.0 This removals now means that python3-xml has to be added explicitly. (From OE-Core rev: 0aee9aa7b70667fefe898f6a9019a82b004da391) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gi-docgen: upgrade to 2024.1Ross Burton2024-07-241-1/+1
| | | | | | | (From OE-Core rev: af136ae469f051f584e8953cc45224b7a2b7df98) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-uritools: enable ptestRoss Burton2024-07-243-1/+16
| | | | | | | | | Install the test suite and run it in core-image-ptest-fast. (From OE-Core rev: 579675d773f52c877e50aafc59b5571ac5d6a0ba) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-mako: add dependency on python3-misc for timeitRoss Burton2024-07-241-0/+1
| | | | | | | (From OE-Core rev: 901e43978eb2cb36f7da52b11319ff5ead084098) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-yamllint: use python_setuptools_build_meta build classRoss Burton2024-07-241-2/+1
| | | | | | | | | | | | This package can be built using pep517 classes now. yamlint appears to have never used setuptools-scm, so remove the dependency. (From OE-Core rev: c3b51900326dbadb83b3853419f5c92bac12ba50) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-uritools: use python_setuptools_build_meta build classRoss Burton2024-07-241-1/+1
| | | | | | | | | This package can be built using pep517 classes now. (From OE-Core rev: 4baa8e36e1ee788ed3f66a0546498e892cd69b83) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-subunit: use python_setuptools_build_meta build classRoss Burton2024-07-241-1/+1
| | | | | | | | | This package can be built using pep517 classes now. (From OE-Core rev: 02e635a898b209ed023ad41e9a09b7807d327d0e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-spdx-tools: use python_setuptools_build_meta build classRoss Burton2024-07-241-1/+3
| | | | | | | | | This package can be built using pep517 classes now. (From OE-Core rev: 1deca862432ddca0d10a712f7bf159816d0ae130) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-setuptools-scm: remove python3-tomli dependencyRoss Burton2024-07-241-1/+1
| | | | | | | | | We have Python 3.11+ so setuptools-scm can use tomllib. (From OE-Core rev: 5c8a0a26d3f63d90bc97eec4b115d51dfb1b3995) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-websockets: use python_setuptools_build_meta build classRoss Burton2024-07-241-1/+1
| | | | | | | | | This package can be built using pep517 classes now. (From OE-Core rev: c3943c81f22f8dce2f279e91b0fd516fa3e8e408) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>