| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
| |
Drop our sd-notify patch and switch to the upstream standalone
implementation that does not depend on libsystemd.
(From OE-Core rev: 07522f85a987b673b0a3c98690c3c17ab0c4b608)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
* Add support for QRTR based devices (MHI bus and SoC).
(From OE-Core rev: 5f8024cf45f4b8dbaf1134d61c3ba73075dde23f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rewrite (again) the openssl test suite installation.
Depend on and reuse already installed libraries and modules instead of
installing them twice.
Be more selective when installing from the build tree so we don't install
intermediate .c .d .o files.
This further reduces the size of openssl-dbg from ~120MB to ~18MB.
(From OE-Core rev: 8baa0ce7eae65026cb3a784adaf3a4fc724ce9c9)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test suite is huge because every test binary is statically linked to
libssl and/or libcrypto. This bloats the size of the -dbg package hugely,
so strip the test suite before packaging.
This reduces the size of openssl-dbg by 90% from ~1.2GB to ~120MB, and
reduces the size of the build tree from ~1.9GB to ~800MB.
(From OE-Core rev: 92f09a4269e45e09643a7e7aafd2811cfd47cb68)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Still side effects of the XZ backdoor.
Racional [1]:
License incompatibility and library bloatedness were the reasons.
Given recent events we're never going to take a dependency on libsystemd,
though we might implement the notification protocol ourselves if it isn't too much work.
[1] https://github.com/openssh/openssh-portable/pull/375#issuecomment-2027749729
(From OE-Core rev: c3403bb6254d027356b25ce3f00786e2c4545207)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Noticed in the installation logs a few paths have
double slashes '//'. Doesn't seem to do any harm, though
it is good to clean this up for consistency.
(From OE-Core rev: 36328d68b712c5267613d495c010c26c88d565f4)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All the test scripts are by now Python 3 compatible
and the shebangs are consistently set to #!/usr/bin/env python3
since BlueZ 5.73
See:
https://github.com/bluez/bluez/commit/d31f04aa928ae8fb7a4fc5b0876dd17ea65d4513
The source code was inspected to confirm there are no more
shebangs which reference 'python' (Python 2)
(From OE-Core rev: 110f14b1b1e9abd8c1b8d52e70d0ceec7eab5025)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The upstream Makefile always builds the tests unless they're explicitly
disabled. Whilst this doesn't make a difference to the final package and
sysroot output, disabling the tests for openssl-native reduces the size
of the build tree from 659M to 78M and reduces the CPU time used by 30%.
(From OE-Core rev: dfaf1cba9f30c6b07836fe217e1ebc83bc6aec8a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The rationale [1] is that C11 6.5.6.9 says:
"""
When two pointers are subtracted, both shall point to elements of the
same array object, or one past the last element of the array object; the
result is the difference of the subscripts of the two array elements.
"""
In these cases the objects are arrays of char so the result is defined,
and we believe that the compiler incorrectly trapping on defined behaviour.
I also found https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63303
("Pointer subtraction is broken when using -fsanitize=undefined") which seems to support this position.
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=2608
(From OE-Core rev: cf193ea67ca852e76b19a7997b62f043b1bca8a1)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
* https://github.com/bluez/bluez/releases/tag/5.77
* https://github.com/bluez/bluez/releases/tag/5.76
* https://github.com/bluez/bluez/releases/tag/5.75
* https://github.com/bluez/bluez/releases/tag/5.74
* https://github.com/bluez/bluez/releases/tag/5.73
Changes relevant to the build:
* One patch file is dropped.
* /etc/bluetooth is now installed with 555 permission bits when systemd
is not enabled. The do_install function was edited to change it back to
755. This was causing test failure when testing SDK packaging
* Added a few missing PACKAGECONFIGs which are enabled by default.
- asha-profiles: new in BlueZ 5.77
- ccp-profiles: new in BlueZ 5.73
- micp-profiles: new in BlueZ 5.70
- csip-profiles: new in BlueZ 5.67
- bass-profiles: new in BlueZ 5.67
- vcp-profiles: new in BlueZ 5.66
- mcp-profiles: new in BlueZ 5.66
- bap-profiles: new in BlueZ 5.66
(From OE-Core rev: ebbdb7cf5c0a3f0e6773704d4c4cc570358ec611)
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 0827c29566 (openssh: allow configuration of hostkey type) broke
our setup. We make use of the 'Include /etc/ssh/sshd_config.d/*.conf'
and put a hostkeys.conf file in there, configuring the types and
locations of the sshd host keys.
With that commit, we now get an extra "HostKey
/etc/ssh/ssh_host_ecdsa_key" line in the sshd_config. And while we
could avoid that by removing all hostkey-* items from PACKAGECONFIG,
other people providing their own sshd_config via a .bbappend now have
their HostKey settings unconditionally removed by the 'sed'
invocations, regardless of PACKAGECONFIG.
To make it easier for downstream layers and BSPs to define (and
preserve) their own logic for placement and type of sshd host keys,
factor out the new logic to a separate shell function. Downstream
layers can then simply override that by an empty function and keep the
behaviour they used to have.
(From OE-Core rev: 09dd5cceecfaa2046f7ed070690b000181723fd2)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sshd(8) in Portable OpenSSH versions 8.5p1 to 9.7p1 (inclusive).
Race condition resulting in potential remote code execution.
A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD systems.
This attack could be prevented by disabling the login grace timeout (LoginGraceTime=0 in sshd_config)
though this makes denial-of service against sshd(8) considerably easier.
For more information, please refer to the release notes [1] and the
report from the Qualys Security Advisory Team [2] who discovered the bug.
[1] https://www.openssh.com/txt/release-9.8
[2] https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
References:
https://www.openssh.com/security.html
(From OE-Core rev: 7ba7c96f31bd81c5d1352136e405e99c3df29ea7)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow selection of host key types used by openssh via PACKAGECONFIG.
Any combination of hostkey-rsa, hostkey-ecdsa and hostkey-ed25519 can be
specified. Default to just generating ecdsa keys.
The current default generates all three keys. This can take a
significant amount of time on first boot. Having all three keys does not
significantly increase compatability. Also RSA keys are being deprecated
as they are no longer considered secure. Using just an ecdsa key reduces
key generation time by roughly 75%.
(From OE-Core rev: 0827c29566f3ea63715a9f9e4ee2639f4eabe0bd)
Signed-off-by: Matthew Bullock <mbullock@thegoodpenguin.co.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We're currently encouraging an "arms race" with the FLAGS variables since
a recipe might want to set a specific flag for all variants but to do so,
+= won't work due to the assignment in the native/nativesdk class files. This
means recipes are using append.
Since the default variables are constructed out of TARGET_XXX variables and
we redefine these, there is no need to re-define the un-prefixed variables. If
we drop that, the += appends and similar work and recipes don't have to resort
to append.
Change the classes and cleanup a number of recipes to adapt to the change. This
change will result in some flags appearing to some native/nativesdk variants
but that is probably what was originally expected anyway.
(From OE-Core rev: a157b2f9d93428ca21265cc860a3b58b3698b3aa)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the bump to OpenSSL 3.3.1, riscv32 doesn't build anymore due to
the folowing error:
crypto/riscv32cpuid.s:77: Error: symbol `riscv_vlen_asm' is already
defined
This is due to the patch beeing already applied upstream:
Commit: 8702320db98d1346c230aff1282ade3ecdca681a
(From OE-Core rev: 06c4168c7bd6a32cb7de3e003793c8e232714fad)
Signed-off-by: Clément Péron <peron.clem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog (https://github.com/NetworkConfiguration/dhcpcd/releases):
10.0.8:
- Fixed compile without ARP
- Fixed closefrom test for glibc
- Fixed spelling of ADVERTISEMENT
10.0.7:
- DHCP: use request_time, fallback_time and ipv4ll_time rather than reboot timeout
- DHCP6: Wait for IRT to elapse before requesting advertisments
- DHCPv6: Don't re-INFORM if the RA changes
- privsep: Reduce fd use
- dhcpcd: Add support for arp persist defence by @pradeep-brightsign in #273
- Move dhcp(v4) packet size check earlier by @pemensik in #295
- Define the Azure Endpoint and other site-specific options by @lparkes in #299
- add RFC4191 support by @goertzenator in #297
- dhcpcd: Respect IPV6_PREFERRED_ONLY flag regardless of state by @taoyl-g in #307
- Fix time_offset to be int to match RFC-2132 by @ColinMcInnes in #319
- hooks/30-hostname: Exit with 0 if setting hostname is not needed by @bdrung in #320
(From OE-Core rev: ab134edc9b7a17a7919f91060f3058467abe011c)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The ptest package is nowadays depending on coreutils
so busybox tweaks are both incomplete and unneeded.
(From OE-Core rev: 2408b0b5ea3090fd151de22c91420210fd7ff48f)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
* Release 2.8
* build: Require at least version 0.66 when building with external ELL
* qmi: Remove unused shutdown members in qmi_device_qrtr
* drivers: Use the new license header format
* plugins: Use the new license header format
* isimodem: Use the new license header format
* rilmodem: Use the new license header format
* mbimmodem: Use the new license header format
* unit: Use the new license header format
* tools: Use the new license header format
* include: Use the new license header format
* dundee: Use the new license header format
* core: Use the new license header format
* qmimodem: Use the new license header format
* atmodem: Use the new license header format
* build: Add notifylist.[ch] from ell
* udevng: Fix detection of USB attached tty devices
* udevng: Don't crash for non-QMI devices
* qmimodem: Remove the create exclusive service API
* voicecall: Fix use after free
* atmodem: gprs-context: use default PPP ACCM for Quectel serial modems
* atmodem: sim: Fix CRSM result handling
* qmi: gprs-context: support bind_mux for pcie devices
* udevng: Add mhi subsystem detection
* udevng: add and use get_ifname() for netdev nodes
* gobi: ensure required properties are provided
* gobi: Rename KernelDriver to NetworkInterfaceDriver
* gobi: add / use DeviceProtocol property
* qmi: Use l_basename instead of basename
* log: Use l_basename instead of basename
* build: link dundee with ell
* log: Handle dladdr failure
License-Update: license header replaced with spdx identifier
(From OE-Core rev: fda6b3ff67b56828f5088667a2e3af0a5ffa6ae5)
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handles CVE-2024-4741
Removed included backports.
Release information:
https://github.com/openssl/openssl/blob/openssl-3.3/NEWS.md#major-changes-between-openssl-330-and-openssl-331-4-jun-2024
(From OE-Core rev: 3c7f8f87741702d50e29a5858802f74c5f4aab49)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that bitbake uses websockets over SSL as hashserv and is correctly
limiting hash equivalence only to things in the orginal SDK, bitbake builds
from buildtools can fail due to broken SSL from buildtools.
The issue is that the relocation variables are being removed from the
environment. This could be fixed within bitbake or it could be fixed
within the SDK environment. This patch does the latter for now. We
really need to improve openssl relocation within the SDK in general.
Fixing this has become more urgent to fix failing builds in automated
testing.
(From OE-Core rev: 6a20667c166fa3d7e2b6e8e8b442dec0fc75f349)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Convert to meson.
(From OE-Core rev: 643c7c2219886253857fdc7618d5db12ddc0e9de)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: c1e109eac0c7fa729ca8751c351306cba5f58564)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 27261cda1232ef1a84d1b0d8ba52dc9eb578db81)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: f516215f213d809cf89bc8e2e3b36119a80bee63)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=========
* Skip to next RRSIG if signature has expired or is in
the future rather than failing immediately.
* Implement signature jitter for dnssec-policy.
(From OE-Core rev: ccf45d3cbd06abd48ca2c82a790587457021e6e3)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove 0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch as
TEMP_FAILURE_RETRY usage has been removed in upstream commit 765c6655
("treewide: Use L_TFR macro").
Remove 0002-mbim-Fix-build-with-ell-0.39-by-restoring-unlikely-m.patch
as likely()/unlikely() has been removed in upstream commit dbbbebf9
("mbimmodem: Remove usage of likely and unlikely").
Remove the do_configure:prepend() that purges the bundled ell directory,
as it isn't needed when passing --enable-external-ell in EXTRA_OECONF.
(From OE-Core rev: 9e018a52ab325dd15f129666fcf8a728fc7c7ec0)
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
GCC-14 unearths this bug which is already fixed upstream so backport it
(From OE-Core rev: 0d5c61a1f5099639acf58b33288f466ce47847b5)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Advisory: https://github.com/advisories/GHSA-85xr-ghj6-6m46
(From OE-Core rev: f136006676750ac653cd7804396614210d1e5120)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Several recipes have S pointing at a directory that does not exist.
Set S in these cases to somethig valid making the metadata and
recipe behaviour more consistent.
Tweak one of the QA test diff offsets to match the changed recipe.
(From OE-Core rev: 22f1f5849a9a3bf287dbe8933546e52e39ddc86e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Where recipes use S = ${WORKDIR}, change them to set UNPACKDIR to
a subdir of WORKDIR and make S point at this instead.
I've chosen not to force S into any standard UNPACKDIR we may pick in
future just so the S = UNPACKDIR case is clearly visible by the
directory naming under WORKDIR as that should aid usability.
(From OE-Core rev: d9328e3b0b062f0621de3d114584b44f384a1c02)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Replace references of WORKDIR with UNPACKDIR where it makes sense to do
so in preparation for changing the default value of UNPACKDIR.
(From OE-Core rev: 1f18b9a512800860d5153d89eb82b56388efad6f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are potential security issues from using pre-generated host keys. We made
the recipe available for autobuilder testing purposes but concerns remain about
how easily this could end up in production.
I thought we'd already done this, but limit the recipe to qemu* machines,
which means any real hardware trying to use it will need to be a bit more
explicit about it and specifically enable it.
(From OE-Core rev: b0405972d4fd6fa12f90afea5ecb9a50c01c21c6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 127df0ac9b55fa2a7f3269934854f805843d01cc)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
work arounds for:
oe-core/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb:do_compile
oe-core/meta/recipes-connectivity/connman/connman-gnome_0.7.bb:do_compile
oe-core/meta/recipes-support/libfm/libfm_1.3.2.bb:do_compile
http://errors.yoctoproject.org/Errors/Build/183127/
More fixes on ML (especially for -native with gcc-14 on host)
cdrtools: https://lists.openembedded.org/g/openembedded-core/message/198899
syslinux: https://lists.openembedded.org/g/openembedded-core/message/198901
(From OE-Core rev: 856ffc7d0893c1dc549baf401899947f70d31896)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 3.3.0 introduced new pkgconfig generators which interact badly
with our incorrect setting of --libdir, which is documented as being
the name of the directory _under $prefix_, not an absolute path. This
resulted in the pkgconfig files have libdir=/usr which mostly works as
the actual library directory is on the search path, but can break other
recipes (such as tpm2-openssl).
Pass the correct value for --libdir, and also remove the odd handling of
an empty ${prefix} which is very historical[1] and can't happen anymore
as all build variations have a prefix.
[1] Added in oe-classic f725a81c, 2009
(From OE-Core rev: f5e931c5e5932e35113d13ba053419283f472f43)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes build with gcc-14, where default visibility is extended to
inline functions and getAll() function now falls into this category
and functions are marked hidden resulting in linking errors
Fixes
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/kea/2.5.8/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/14.0.1/ld: ./.libs/libdhcp4.a(dhcp4_srv.o): in function `isc::dhcp::Dhcpv4Srv::appendRequestedVendorOptions(isc::dhcp::Dhcpv4Exchange&)':
/usr/src/debug/kea/2.5.8/src/bin/dhcp4/dhcp4_srv.cc:2356:(.text+0xaac2): undefined reference to `isc::dhcp::CfgOption::getAll(unsigned int) const'
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/kea/2.5.8/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/14.0.1/ld: ./.libs/libdhcp4.a(dhcp4_srv.o): in function `isc::dhcp::OptionDescriptor isc::dhcp::CfgOption::get<unsigned int>(unsigned int const&, unsigned short) const':
/usr/src/debug/kea/2.5.8/src/lib/dhcpsrv/cfg_option.h:609:(.text+0xb288): undefined reference to `isc::dhcp::CfgOption::getAll(unsigned int) const'
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/kea/2.5.8/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/14.0.1/ld: ./.libs/libdhcp4.a(dhcp4_srv.o): in function `isc::dhcp::Dhcpv4Srv::appendRequestedOptions(isc::dhcp::Dhcpv4Exchange&)':
/usr/src/debug/kea/2.5.8/src/bin/dhcp4/dhcp4_srv.cc:2128:(.text+0xc556): undefined reference to `isc::dhcp::CfgOption::getAll(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) const'
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/kea/2.5.8/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/14.0.1/ld: ./.libs/libdhcp4.a(dhcp4_srv.o): in function `std::vector<isc::dhcp::OptionDescriptor, std::allocator<isc::dhcp::OptionDescriptor> > isc::dhcp::CfgOption::getList<char [6]>(char const (&) [6], unsigned short) const':
/usr/src/debug/kea/2.5.8/src/lib/dhcpsrv/cfg_option.h:641:(.text._ZNK3isc4dhcp9CfgOption7getListIA6_cEESt6vectorINS0_16OptionDescriptorESaIS5_EERKT_t[_ZNK3isc4dhcp9CfgOption7getListIA6_cEESt6vectorINS0_16OptionDescriptorESaIS5_EERKT_t]+0x86): undefined reference to `isc::dhcp::CfgOption::getAll(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) const'
/OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/kea/2.5.8/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/14.0.1/ld: ./.libs/libdhcp4.a(dhcp4_srv.o): in function `isc::dhcp::OptionDescriptor isc::dhcp::CfgOption::get<char [6]>(char const (&) [6], unsigned short) const':
/usr/src/debug/kea/2.5.8/src/lib/dhcpsrv/cfg_option.h:609:(.text._ZNK3isc4dhcp9CfgOption3getIA6_cEENS0_16OptionDescriptorERKT_t[_ZNK3isc4dhcp9CfgOption3getIA6_cEENS0_16OptionDescriptorERKT_t]+0x77): undefined reference to `isc::dhcp::CfgOption::getAll(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) const'
collect2: error: ld returned 1 exit status
make[5]: *** [Makefile:651: kea-dhcp4] Error 1
(From OE-Core rev: 584940c2f3234bfaf579429e162e683934e86538)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Since we want to be able to stop unpacking to WORKDIR, correct the WORKDIR
references in recipe do_compile/do_install tasks to use UNPACKDIR in the
appropraite places instead.
(From OE-Core rev: d73595df69667fe9d12ecd407b77a0b8dae2109c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Where recipes use S = ${WORKDIR}, ensure they are referencing ${S} correctly
to access files as soon we want to stop doing this in WORKDIR at which point
they would break unless corrected.
(From OE-Core rev: f25dd633fffe6560f191526d1869e657e129bad9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Release Note *
This is regular release of iproute2 corresponding to the 6.8 kernel.
In addition to the usual round of documentation fixes, many
small changes to ss utility. Most of the work to have full JSON
support in traffic control (TC) is done, only a few leftovers.
Remove support fot ipt and xt in tc.
(From OE-Core rev: f0a26644b620dea3f8ca82714cfa3249b13b01b1)
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
libc-compat.h fix for musl was obsolete after 4.16.0 release of iproute2.
Drop it.
(From OE-Core rev: ad57a1e124a1de7af7ef8479ed779230e923d3af)
Signed-off-by: Maxin John <maxin.john@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ppp package has "RSA Data Security" license text in
Message-Digest Algorithm source file ppp-md5.c and ppp-md4.c
Add RSA-MD in LICENSE field for ppp package
(From OE-Core rev: 9c58193c898b0ea28c3931a57dca5bb829a44051)
Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Quoting 'man systemd.special':
nss-user-lookup.target
A target that should be used as synchronization point for all
regular UNIX user/group name service lookups. [...] All services
for which the availability of the full user/group database is
essential should be ordered after this target, but not pull it
in. All services which provide parts of the user/group database
should be ordered before this target, and pull it in.
When no service providing parts of the user/group database exists and
thus pulls in the nss-user-lookup.target, this added dependency is a
no-op.
However, when such a service does exist, and e.g. modifies /etc/shadow
to change password or enable/disable certain accounts, it is essential
that no ssh connections are accepted until those changes are made.
(From OE-Core rev: 365b5490f3b12772ed57a6bcfd1e0e8a91185afc)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 3e38999c60a58cace97357585271c0b62e5b7de7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The patch is reworked to take musl-specific path only if the functions are
undefined by libc (which can be checked via __RES, as explained in
https://www.openwall.com/lists/musl/2020/10/23/16 ).
This should make it more suitable for upstream submission.
(From OE-Core rev: 8579ae324c69cd278c2bdb08187b27f15c2d9c67)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Rather, adjust the sed invocation to do the correct thing directly.
(From OE-Core rev: 804afb2eb9cc2b5650faa80816f377fa5b72fb38)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2024-2511.patch
revmoed since it's included in 3.3.0
Changelog:
https://github.com/openssl/openssl/blob/openssl-3.3.0/NEWS.md
(From OE-Core rev: 1d6cb1592d6883cc504ff0776810312f732664ae)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
- Add RESOLVER.ARPA to the built in empty zones.
- dig/mdig +ednsflags=<non-zero-value> did not re-enable
EDNS if it had been disabled.
- Some invalid ISO 8601 durations were accepted
erroneously.
- Don't return static-stub synthesised NS RRset.
- Fix bug in Depends (keymgr_dep) function.
- Support for the RESINFO record type has been added.
- Cleaned up several minor bugs in the RBTDB dbiterator
implementation.
- Added missing dns_rdataset_disassociate calls in
validator.c:findnsec3proofs.
- Fix incorrectly reported errors when running tests
with `make test` on platforms with older pytest.
- Optimize slabheader placement, so the infrastructure
records are put in the beginning of the slabheader
linked list.
- Improve ARM parental-agents definition.
- Fix the DNS_GETDB_STALEFIRST flag, which was defined
incorrectly in lib/ns/query.c.
- Update ZSK minimum lifetime documentation in ARM, also
depends on signing delay.
- Add workaround to enforce dynamic linker to pull
jemalloc earlier than libc to ensure all memory
allocations are done via jemalloc.
- Changes to "listen-on" statements were ignored on
reconfiguration unless the port or interface address was
changed, making it impossible to change a related
listener transport type. Thanks to Thomas Amgarten.
- Expose the TCP client count in statistics channel.
- Fix a possible crash in 'dig +nssearch +nofail' and
'host -C' commands when one of the name servers returns
SERVFAIL.
- When dnssec-policy is in effect the DNSKEY's TTLs in
the zone where not being updated to match the policy.
This lead to failures when DNSKEYs where updated as the
TTLs mismatched.
(From OE-Core rev: 9dc097f240c5ab7703179f480f538be8e21defce)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Add package for using the bridge tool.
(From OE-Core rev: 21689b8984fd426f4e21d729d82444d3a8e230b7)
Signed-off-by: Michael Haener <michael.haener@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-systemd-Add-optional-support-for-systemd-sd_notify.patch
refresh for 9.7p1
Changelog:
============
New features
------------
* ssh(1), sshd(8): add a "global" ChannelTimeout type that watches
all open channels and will close all open channels if there is no
traffic on any of them for the specified interval. This is in
addition to the existing per-channel timeouts added recently.
* All: make DSA key support compile-time optional, defaulting to on.
Bugfixes
--------
* sshd(8): don't append an unnecessary space to the end of subsystem
arguments
* ssh(1): fix the multiplexing "channel proxy" mode, broken when
keystroke timing obfuscation was added.
* ssh(1), sshd(8): fix spurious configuration parsing errors when
options that accept array arguments are overridden
* ssh-agent(1): fix potential spin in signal handler
* Many fixes to manual pages and other documentation
* Greatly improve interop testing against PuTTY.
(From OE-Core rev: e409b8ceb514d67d6472b4433cc9869c43401b94)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
-Create the pruning task in the dns_cache_flush(), so
the cache pruning still works after the flush.
-Improve the TTL-based cleaning by removing the expired
headers from the heap, so they don't block the next
cleaning round and clean more than a single item for
each new addition to the RBTDB.
-Revert change 6319 and decrease lock contention during
RBTDB tree pruning by not cleaning up nodes recursively
within a single prune_tree() call.
-Address use after free in expire_lru_headers.
(From OE-Core rev: 17cecd0d9d0d734d408701d861692ca5987f4ad9)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
