| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$ git log --oneline 5b4c4617016d28569106549dff6f9fec73eed5ce..0c76c951620f9e12df2a89b2c684878b55bb6795
0c76c95162 ppc64le: Revert "powerpc: Optimized strcmp for power10" (CVE-2025-5702)
b48d7ab036 ppc64le: Revert "powerpc : Add optimized memchr for POWER10" (Bug 33059)
55cdcadf73 ppc64le: Revert "powerpc: Fix performance issues of strcmp power10" (CVE-2025-5702)
84bdbf8a6f ppc64le: Revert "powerpc: Optimized strncmp for power10" (CVE-2025-5745)
d952c6efaa sparc: Fix argument passing to __libc_start_main (BZ 32981)
515d4166f4 elf: Fix subprocess status handling for tst-dlopen-sgid (bug 32987)
899dd3ab2f x86_64: Fix typo in ifunc-impl-list.c.
624285af3b elf: Test case for bug 32976 (CVE-2025-4802)
2ca34d7627 support: Use const char * argument in support_capture_subprogram_self_sgid
dab44a3b2b elf: Keep using minimal malloc after early DTV resize (bug 32412)
5cf17ebc65 hurd: Fix tst-stack2 test build on Hurd
test results:
Before After Diff
FAIL 140 142 +2
PASS 5846 5846 0
UNSUPPORTED 243 243 0
XFAIL 16 16 0
XPASS 4 4 0
failed test changes:
-elf/tst-audit21
+elf/tst-audit-tlsdesc-dlopen2
+elf/tst-dlopen-sgid
-malloc/tst-free-errno-malloc-hugetlb1
+malloc/tst-free-errno
+malloc/tst-malloc-tcache-leak
-nptl/tst-mutex10
+nptl/tst-mutexpi8-static
(From OE-Core rev: 6909a0b598fdb86c0cfa1f6e9ef90ed42bb3069c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Since there are currently multiple breaking changes, update to a new
release series for the next release so layers can show compatibility
correctly.
(From OE-Core rev: 75eb26e71dba4096d5632b7f6b13db4f13aa6d7f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some of them were introduced by mass-removal of S = WORKDIR/git assignments;
rather than try to fix up (or redo) just these, I've run this sed command over
the whole tree:
sed -i -z -E 's/([ \t\f\v\r]*\n){3,}/\n\n/g' `find . -name *.bb -o -name *.inc`
The rationale is that more than one empty line is wasting vertical screen space, and
does nothing for readability.
(From OE-Core rev: cedc4ff7c9bcfb22a20e43e47f9759f4007a4f1a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Potentially there could be a grace period for fixing recipes (with warnings, etc),
on the other hand, changes to git unpacking destination would already
break various layers, so we might as well make this a hard qa error and drop
the magic at the same time.
I commit to sending fixes for layers included in autobuilder testing
(meta-oe/arm/intel/virt/agl/aws/mingw/etc).
SOURCE_BASEDIR is at the same time adjusted to be calculated relative
to UNPACKDIR (previously it only worked if S was set to
WORKDIR/something/otherthing, and that is no longer working). It is also
no longer removed from the filesystem, as content of unpackdir is managed elsewhere.
(From OE-Core rev: 53e9ea30aaf48292307b4cff6964bead74c69fff)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The checks are fatal, as this avoids rather more cryptic errors further
down the build. Example:
ERROR: gnu-config-native-20240823+git-r0 do_unpack: Recipes that set S = "${WORKDIR}/git" or S = "${UNPACKDIR}/git" should remove that assignment, as S set by bitbake.conf in oe-core now works.
ERROR: perlcross-native-1.6.2-r0 do_unpack: S should be set relative to UNPACKDIR, e.g. replace WORKDIR with UNPACKDIR in "S = ${WORKDIR}/perl-cross-${PV}"
Dropping the S = ${WORKDIR}/git assignment (addressing the first error) can be done
with a single sed command when there is a lot of recipes:
sed -i "/^S = \"\${WORKDIR}\/git\"/d" `find . -name *.bb -o -name *.inc -o -name *.bbclass`
Replacing WORKDIR with UNPACKDIR can be done similarly, but should be done after
the removals:
sed -i "s/^S = \"\${WORKDIR}\//S = \"\${UNPACKDIR}\//g" `find . -name *.bb -o -name *.inc -o -name *.bbclass`
(From OE-Core rev: 46480a5e66747a673041fe4452a0ab14a1736d5e)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that recipes default to S in UNPACKDIR, recipetool and devtool should
do the same.
There was some discussion about changing devtool to simply setting
UNPACKDIR via bbappend to a workspace and running unpack task directly;
currently it has a bunch of convoluted path calculations, substitutions,
moving source trees around and and special casing (devtool-source.bbclass
in particular is an unpleasant hack).
This should definitely be done; but right now we can simply tweak existing
code which at least doesn't make it worse.
(From OE-Core rev: c326ca8aeb2bf0f7719e43921d10efd5dedc7b2a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is no need to have two assignments; also setting S from
UNPACKDIR (and not vice versa) is more logical as unpack
task comes first, and tasks that come after unpack use S to access
unpack results.
Also adjust reference test data in selftest/recipeutils to reflect changes in test recipes.
(From OE-Core rev: f64b7e5fb3181734c8dde87b27e872a026261a74)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 7321cc17ae5483f17fe9cdffea7b62acd9d9c3a2)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This and some further commits allows removing the 'backwards
compatibility magic' in do_unpack that moves unpacked sources
to where S is set to.
(From OE-Core rev: 6b2f14cd2d110113f1065bdc818ec4e9dbd4b054)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This transitions most of the recipes to have their sources
in UNPACKDIR, which over time will allow more simple and logical
source code handling in various pieces of the Yocto project.
(From OE-Core rev: 50439f56b2d94769de928c70eebdfd4b47794fb4)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This is shorter and doesn't include the unnecessary task name, just the
result of it: source trees and files.
(From OE-Core rev: f19ea21c8ebf8ce211b14e69b27c82faf080185a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BB_GIT_DEFAULT_DESTSUFFIX
Removing all the S = ${WORKDIR}/git assignments works because BB_GIT_DEFAULT_DESTSUFFIX
is set to match S from bitbake.conf (which itself is set to match typical tarball
releases).
A few recipes are setting S to a sub-directory of the git tree and need
to be adjusted accordingly.
bzip2 recipe is fetching a tarball and separately cloning tests;
adjust the recipe to put the latter into 'bzip2-tests', instead of 'git'.
devupstream.bbclass no longer needs to rewrite S, and is adjusted accordingly.
Adjust scripts/lib/recipetool/append.py to not hardcode 'git' as unpack
destination.
Adjust kernel-yocto.bbclass to use the git unpack variable instead
of hardcoding 'git' (there's also removal of repetition of
string constants and a correction of workdir/unpackdir mismatch in
one of the if-else branches).
Ensure build-appliance-image recipe does not use 'git' as checkout directory for
poky repo, but rather explicitly name it 'poky'.
Ensure reproducible.py code that looks for git repositories does not
hardcode 'git' but uses the destination set by BB_GIT_DEFAULT_DESTSUFFIX.
Ensure recipetool does not write out unneeded S settings into newly
created recipes that fetch from git.
Adjust selftest to not hardcode 'git' as unpack directory.
(From OE-Core rev: f80c07019ddadaf9c5fb890faabfda7920ecd15e)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
built-in fragments
Sample output:
$ bitbake-config-build enable-fragment machine/qemuarm
Fragment machine/qemuarm added to /srv/storage/alex/yocto/build-64-alt/conf/auto.conf.
$ bitbake-config-build list-fragments
Available built-in fragments:
machine/... Sets MACHINE = ...
distro/... Sets DISTRO = ...
Enabled built-in fragments:
machine/qemuarm Sets MACHINE = "qemuarm"
... (standard on-disk fragments output follows)
(From OE-Core rev: 47cb11db810bef36e791af84be1d680fd99301c7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Please see the patch for bitbake for rationale. With this
setting in place, it's possible to set
OE_FRAGMENTS += "distro/poky machine/qemuarm"
and bitbake will interpret that as
DISTRO = "poky"
MACHINE = "qemuarm"
(From OE-Core rev: e959f916b4d2bb8af2e6a04116de9430bbde0c9f)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
get_bb_var() currently end up calling 'bitbake -e' and parsing the whole
output. However if postconfig isn't set then we can speed this up by
just calling bitbake-getvar.
The complication with failing bitbake-getvar calls is because we need to
be careful to return None instead of the empty string when the variable
doesn't exist.
(From OE-Core rev: fafe77879aa6225aa8b5187ff590bb4998cbf987)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the new TUNE_FEATURES to the 'features:' list, based on matching output
with:
rustc --target=riscv32i-unknown-none-elf -Ctarget-feature=help
Use the TUNE_RISCV_ABI instead of guessing for the ABI.
Pass the arch "as-is", since it should now be riscv32 or riscv64.
(From OE-Core rev: 88b59db87d2c65e5be0f3fee1ebf4ee64ef05f18)
Signed-off-by: Mark Hatle <mark.hatle@amd.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This implements the following base ISAs:
* rv32i, rv64i
* rv32e, rv64i
The following ABIs:
* ilp32, ilp32e, ilp32f, ilp32d
* lp64, lp64e, lp64f, lp64d
The following ISA extension are also implemented:
* M - Integer Multiplication and Division Extension
* A - Atomic Memory Extension
* F - Single-Precision Floating-Point Extension
* D - Double-Precision Floating-Point Extension
* C - Compressed Extension
* B - Bit Manipulation Extension (implies Zba, Zbb, Zbs)
* V - Vector Operations Extension
* Zicsr - Control and Status Register Access Extension
* Zifencei - Instruction-Fetch Fence Extension
* Zba - Address bit manipulation extension
* Zbb - Basic bit manipulation extension
* Zbc - Carry-less multiplication extension
* Zbs - Single-bit manipulation extension
* Zicbom - Cache-block management extension
The existing processors tunes are preserved:
* riscv64 (rv64gc)
* riscv32 (rv32gc)
* riscv64nf (rv64imac_zicsr_zifencei)
* riscv32nf (rv32imac_zicsr_zifencei)
* riscv64nc (rv64imafd_zicsr_zifencei)
Previously defined feature 'big-endian' has been removed as it was not used.
(From OE-Core rev: bcaf298a146dfd10e4c8f44223ea083bc4baf45c)
Signed-off-by: Mark Hatle <mark.hatle@amd.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVD ([1]) tracks this as:
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
Running on/with
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Yocto cve-check ignores the "Running on/with", so it needs to be ignored
explicitly.
[1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566
(From OE-Core rev: c8ce6710d864d237fdf67d2c3d3aa0f0970a2a05)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog for 8.4.0: https://docs.pytest.org/en/stable/changelog.html#pytest-8-4-0-2025-06-02
Add colorama (moved to oe-core from meta-python) and pygments to
RDEPENDS.
Note that 8.4.0 accidentally removed pytest.PytestReturnNotNoneWarning,
which seems to have broken some tests (e.g. python3-pytz). See:
https://github.com/pytest-dev/pytest/releases/tag/8.4.1
(From OE-Core rev: 908c5535506592af654e7efac5b4a28a05da23f6)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
There are a small number of these that are out of place, so re-sort the
entire list to clean it up.
(From OE-Core rev: 76d681c4b17c9169238c571bae7e25df2040960c)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog: https://docs.python.org/3/whatsnew/changelog.html#python-3-13-5-final
ptests look OK:
|443 tests OK.
|
|Total duration: 2 min 43 sec
|Total tests: run=44,050 skipped=2,309
|Total test files: run=471/480 skipped=28 resource_denied=9
|Result: SUCCESS
|DURATION: 164
|END: /usr/lib/python3/ptest
|2025-06-17T14:05
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
Reproducibility OK:
|2025-06-17 10:34:28,071 - oe-selftest - INFO - ... ok
|2025-06-17 10:35:04,539 - oe-selftest - INFO - ----------------------------------------------------------------------
|2025-06-17 10:35:04,539 - oe-selftest - INFO - Ran 1 test in 1429.952s
|2025-06-17 10:35:04,539 - oe-selftest - INFO - OK
|2025-06-17 10:35:08,924 - oe-selftest - INFO - RESULTS:
|2025-06-17 10:35:08,924 - oe-selftest - INFO - RESULTS - reproducible.ReproducibleTests.test_reproducible_builds: PASSED (1393.34s)
|2025-06-17 10:35:08,925 - oe-selftest - INFO - SUMMARY:
|2025-06-17 10:35:08,925 - oe-selftest - INFO - oe-selftest () - Ran 1 test in 1429.952s
|2025-06-17 10:35:08,925 - oe-selftest - INFO - oe-selftest - OK - All required tests passed (successes=1, skipped=0, failures=0, errors=0)
(From OE-Core rev: 10a6b07637ac818a28da5117b1f46f9563453486)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog: https://github.com/pypa/setuptools-scm/compare/v8.3.0...v8.3.1
(From OE-Core rev: 7ebc8e0b7a18ec28c9c89e3986bd479085abe9dd)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add existing recipe from meta-python, since pytest lists it as a
dependency. This also puts it in maintainers.inc with myself as
maintainer.
[RP: Switch to use hatching directly]
(From OE-Core rev: 8c06239fdcf983dac759c7d80d6326807c993622)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a basic test for the toolchain switching code: set the
toolchain to GCC by default but Clang for a specific recipe, and verify
that two recipes are built with the expected compiler.
This works because before we strip the installed binaries there is a
.comment segment that contains the list of toolchains used.
(From OE-Core rev: 7988c32191927f1c6db422c959eab7a03dfeda04)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Discovered when looking for users of get_bb_var()'s postconfig argument,
this wrapper around runCmd() has a postconfig argument that has odd
behaviour: it _appends_ the new configuration to local.conf instead of
having them used for this specific run (unlike the other functions in
commands.py)
None of the eSDK tests use this functionality, so remove it. Future test
cases that need to write further configuration should do so directly.
(From OE-Core rev: 6196d096b95b36f8b72b4049d5479f8f23e7891d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ctest automatically optimizes the order of (parallel) test execution based on
historic test case runtime via the COST property (see [0]), which can have a
significant impact on overall test run times. Sadly this feature is broken in
CMake < 4.0.0 for test cases that have spaces in their name (see [1]).
This commit backports the upstream fix. As repeated test runs are expected to
mainly take place inside the SDK, the patch is only applied to 'nativesdk'
builds.
[0]: https://cmake.org/cmake/help/latest/prop_test/COST.html
[1]: https://gitlab.kitware.com/cmake/cmake/-/issues/26594
Reported-By: John Drouhard <john@drouhard.dev>
(From OE-Core rev: dcbaf42dd74cc0bda7254856589613718ed3f057)
Signed-off-by: Moritz Haase <Moritz.Haase@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Change enable-x11-forwarding PACKAGECONFIG to x11, while we can rely
directly on X11 DISTRO_FEATURE. Previously when enable-x11-forwarding was
used, the XAUTH_COMMAND failed due to missing xauth. So add xauth to
runtime recommends dependency and enable this behavior as default.
(From OE-Core rev: f0d2374b94a0e5d60ceed17998cd97f85b0486f6)
Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
If start-of-line is not enforced, then bogus tag 'gstreamer-sharp-1.13.0.1' would
match as 13.0.1.
(From OE-Core rev: 094cbd4f6a9f57eb146207355a921eaae44012ab)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a new selftest case `test_sign_uboot_fit_image_without_spl` to verify
that the build can correctly generate and sign a U-Boot FIT image in a scenario
where no SPL is used.
Background:
- Some boards build only the U-Boot proper FIT image and do not require an SPL.
- The signing flow must handle this case gracefully: generate the ITS, sign
the FIT image, and skip signing/injecting a key into the SPL DTB.
What this test does:
1) Enables `UBOOT_FITIMAGE_ENABLE` and `SPL_SIGN_ENABLE` but explicitly sets
`SPL_DTB_BINARY` to an empty string to indicate that no SPL is present.
2) Verifies that the U-Boot ITS and FIT image are built successfully.
3) Confirms that the generated ITS file includes signature metadata as requested.
4) Dumps the FIT image to ensure that the signature nodes exist.
5) Confirms that the log for `do_uboot_assemble_fitimage` shows the expected
mkimage/mkimage_sign invocation.
This ensures that signing works correctly even when only the U-Boot proper is built,
which matches real-world configurations that do not require an SPL.
(From OE-Core rev: cdb4f4249a386113bebc65918a1b088c64e59182)
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and -o
This commit cleans up and modernizes the shell condition expressions in
`uboot-sign.bbclass` to follow best practices for portable and reliable shell usage.
Key changes:
- Replace legacy `[ -a ]` and `[ -o ]` with explicit `[ ] && [ ]` and `[ ] || [ ]`.
Modern POSIX and busybox sh recommend using `&&` and `||` instead of `-a` and `-o`
because `-a` and `-o` are less robust and can cause parsing ambiguities in some shells.
- Simplify `concat_dtb()` by moving the DTB existence check to the top and using
early `return` to avoid deep nesting.
- Remove redundant fallback `else` blocks; use clearer control flow with direct checks.
This improves maintainability, reduces shell syntax pitfalls, and aligns with
current shell scripting best practices.
References:
- POSIX recommends avoiding `-a` and `-o` in `[ ]` and using explicit `&&` and `||`:
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html
(From OE-Core rev: d2740e39800a044d557b620e38ca0ac1b8c6d030)
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the signing flow in "uboot-sign.bbclass" assumed that SPL was always
present and that the FIT signing process must inject the public key into the
SPL DTB. This made it inflexible for use cases where only the U-Boot proper
FIT image is built and signed, with no SPL binary at all.
This change introduces the following adjustments:
- The `SPL_DTB_BINARY` variable can be explicitly set to an empty string
to indicate that no SPL is present.
- The signing logic checks `SPL_DTB_BINARY` and skips injecting the
key or verifying the SPL DTB if it is empty.
- The FIT image generation and deployment are always performed if
`UBOOT_FITIMAGE_ENABLE` is enabled, regardless of the SPL settings.
- The deploy helper now uses a single check on `SPL_DTB_BINARY` to decide
whether to deploy the signed SPL DTB.
Now the sign step checks if SPL_DTB_BINARY is empty:
If present, it signs the FIT image and injects the public key into the SPL DTB,
then verifies both.
If empty, it only signs the FIT image and generates the ITS with the signature
node, but does not attempt to verify or add the key to a non-existent SPL DTB.
Key Behavior Explained
If SPL_DTB_BINARY is empty, we assume there is no SPL.
If UBOOT_FITIMAGE_ENABLE=1, we always create the FIT image and ITS.
If SPL_SIGN_ENABLE=1, we always sign the FIT image, but only inject the key into
the SPL DTB if it exists.
Example usage:
UBOOT_FITIMAGE_ENABLE = "1"
SPL_SIGN_ENABLE = "1"
SPL_DTB_BINARY = ""
This means:
- Generate and sign the FIT image.
- Do not attempt to sign or deploy an SPL DTB.
This aligns the implementation with real scenarios where some boards do not
require an SPL.
(From OE-Core rev: 7ad6acd8841752a5b75b8e2666bca5b609347cc1)
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Install libpng test-suite to run it as a ptest.
As the test-suite takes more than 30 seconds to run,
add libpng-ptest to PTESTS_SLOW in ptest-packagelists.inc
(From OE-Core rev: 8dca5305c950e6a06b3f344ffdbbb7386d802095)
Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 826ab8dde34882c3ef705f715d8808e46bbedcde)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't have a recipe for subunit in core (or any layer in the layer
index), and unfortunately a bug in the CMakeLists means that the native
build can detect subunit on the host (so host contamination) and only
half-enable it, so the build fails.
Take a patch from upstream's github to add an option for subunit, and
explicitly disable it.
(From OE-Core rev: 155f0f65fa0f08a4586d3c9a02976f43a10b08aa)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This patch is specific to the autotools build of libcheck, but we use
CMake now.
(From OE-Core rev: 98091331829bd88b57fef5b811a4117b8db16032)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2025-5278.
(From OE-Core rev: 1bada55b3e76d9e5e7989f7229d5f25c8fd5ea89)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When SPDX_INCLUDE_COMPILED_SOURCES is enabled, only include the
source code files that are used during compilation.
It uses debugsource information generated during do_package.
This enables an external tool to use the SPDX information to disregard
vulnerabilities that are not compiled.
As example, when used with the default config with linux-yocto, the spdx size is
reduced from 156MB to 61MB.
Tested with bitbake world on oe-core.
CC: Quentin Schulz <quentin.schulz@cherry.de>
CC: Joshua Watt <JPEWhacker@gmail.com>
CC: Peter Marko <peter.marko@siemens.com>
(From OE-Core rev: c6a2f1fca76fae4c3ea471a0c63d0b453beea968)
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 2e568ba8607a6f65caea891df9bc9341988aaf37)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: ede97945ccabc7ace79a380be400357bbb8df80d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As currently written, the PREFERRED_PROVIDER entries don't work with multilib
since they are added after the manipulations by multilib_global at ConfigParsed
time. We therefore need to spell out the configs correctly for multilib.
To avoid variable overwritten warnings from the expansion, we then have to
expand out the nativesdk providers usng class overrides.
(From OE-Core rev: 1f69850b62d1e022055d0f3b93ad270c2980462e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change implements a toolchain selection mechanism. Selection is
made using a set of variables, primarily PREFERRED_TOOLCHAIN_TARGET which
defaults to gcc.
It uses the familiar name for toolchain e.g. "gcc" which selects GNU
compiler + binutils as default C/C++ toolchain or "clang" which will
use LLVM/Clang Compiler. Layers an add their own toolchain definitions
too.
There are also PREFERRED_TOOLCHAIN_NATIVE and PREFERRED_TOOLCHAIN_SDK
which will ulitmately allow selection of the toolchain used for the
native/cross and nativesdk/crosssdk compilers. This currently isn't
functional but is essential to the patch to ensure things are set
to the existing gcc support in those cases.
Users would most commonly want to set:
PREFERRED_TOOLCHAIN_TARGET ?= "clang"
in local.conf or other distro specific global configuration metadata.
It is also selectable at recipe scope, since not all packages are
buildable with either clang or gcc, a recipe can explicitly require
a given toolchain using the TOOLCAHIN variable, e.g. glibc can not
be built with clang therefore glibc recipe sets:
TOOLCHAIN = "gcc"
The TOOLCHAIN variable is distinct from the user preference so recipes
with specific requirements can be identified. This also allows different
polcies to be be specified for native/SDK cases in the future.
(From OE-Core rev: 45bdedd213aff8df3214b95ef2a8551c0abd93a0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Use the new deferred class event to set the class overrides earlier.
This improves interaction of the override with PACKAGECONFIG values
that control conditional inherits (such as python support).
This also allows toolchain configuration in an easier and more user
friendly way.
(From OE-Core rev: d58f94d5684332bd4fac3747688558bb261b9c63)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
This brings in the features we need to toolchain selection.
(From OE-Core rev: 78c1061dc3916677bd9c2825820a1bab7e75f28a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
Update the plugin names to account for the "-" to "_" plugin name change.
(From OE-Core rev: afa1b5c9f6ed17c021e37a54d0d6abee50a60bf9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 6d158db297a1b790fdf7f201eb3a1e47bb9bc272)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 38cd05c628b3528db360ac2d3b8f40de124cda74)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 590cac310ae962aade2bc2c8c1dcdd83d5c548b0)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: bb219001f206b437fdf862b29a403db4bb65055c)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=============
- Fix duplicated dependencies added to the lock file when the same dependency with extras is requested.
- Stabilize order of the extras and dependency-groups fields in pylock output.
- Fix Windows 11 install pdm error, which is because of msgpack install failure.
- Change the return type of array_of_inline_tables to list[dict] from list[str]
- Ensure uv resolver to include hash for package files.
- Avoid infinite recursion when reading pyproject.toml with circular file dependencies.
- Support pylock as alternative lock format and make it opt-in by config.
- Search for package metadata in lock file first when reuse strategy is used.
(From OE-Core rev: 121c609e91dd7eb72670513eef8c31a5f2271c89)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
License-Update: Copyright year updated to 2025
(From OE-Core rev: 2ac6a959f32214d958a7a0cf1973a9bc66839a9b)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
