summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
...
* perf: Do not treat maybe-uninitialized warnings as errorsKhem Raj2025-05-221-0/+10
| | | | | | | | | | | Clang finds more warnings in kernel code, make clang happy to not treat these extra warnings as errors (From OE-Core rev: c587f473a4581d1640aa227a23d517c51b7ec3cc) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: Fix build on architectures without SYS_settimeofdayKhem Raj2025-05-222-0/+53
| | | | | | | | | | | | | | | Fixes following errors on riscv32/musl | util-linux/hwclock.c:143:20: error: use of undeclared identifier 'SYS_settimeofday' | 143 | int ret = syscall(SYS_settimeofday, NULL, tz); | | ^ | 1 error generated. (From OE-Core rev: 2d19a43c18c2c5b87e9a99f4c672ca7c6a202b80) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Always use gcc compilerKhem Raj2025-05-221-0/+4
| | | | | | | | | | | | | | clang can build it ok but the openmp directives get emitted with full paths into binaries [1] until thats fixed in clang/openmp stick to gcc [1] https://github.com/llvm/llvm-project/issues/82541 (From OE-Core rev: 89d2401ab0484478aa582fbdda21fd1d287605c4) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Pin to using GCC compilerKhem Raj2025-05-221-0/+7
| | | | | | | | | | It uses compiler built-ins which clang does not provide (From OE-Core rev: 0b8ce7e7f5e04fc078014cdfb25cf3502dbf4d49) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* syslinux: Pin to using GCC toolchainKhem Raj2025-05-221-0/+5
| | | | | | | | | | | It does not compile with clang due to include_next stdarg.h not working as the system expects to match gcc behavior (From OE-Core rev: 4ef959f37816f23e4ed57a71cb9a42fd818aa1fb) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub,grub-efi: Pin to using gcc on aarch64Khem Raj2025-05-221-0/+4
| | | | | | | | | | It needs porting to work with clang (From OE-Core rev: 18ebddf859c9baa4048601ebd968f6b8b02881ed) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: Always use GCC toolchainKhem Raj2025-05-221-0/+2
| | | | | | | | | | Glibc is not yet buildable with non-gcc compilers e.g. clang (From OE-Core rev: c822caf008be2311be3402a74826c6dcf99ce0a4) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Always use GCC toolchainKhem Raj2025-05-221-0/+2
| | | | | | | | | | GCC is not yet compilable with clang e.g. (From OE-Core rev: 28e84b252eb6c01956cad554e9c453412b45e51f) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix CVE-2025-1178Deepesh Varatharajan2025-05-222-0/+34
| | | | | | | | | | | | | | | | Prevent an abort in the bfd linker when attempting to generate dynamic relocs for a corrupt input file. PR 32638 Backport a patch from upstream to fix CVE-2025-1178 Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0] (From OE-Core rev: f58f174daa7e30baa18abe4db9eda9c1b1c425cc) Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libunwind: disable installation of tests dirLiu Yiding2025-05-221-1/+1
| | | | | | | | | | | | | | | | fix the issue that: | Error: Transaction test error: | file /usr/libexec/libunwind/check-namespace.sh conflicts between attempted installs of libunwind-1.8.1-r0.core2_64 and lib32-libunwind-1.8.1-r0.core2_32 | file /usr/libexec/libunwind/test-runner conflicts between attempted installs of libunwind-1.8.1-r0.core2_64 and lib32-libunwind-1.8.1-r0.core2_32 By default, test suite from srcdir/tests/* will be installed to /usr/libexec/libunwind, here pass --disable-tests to not install test suite. Test suite can be added to libunwind-ptest in the future if needed (From OE-Core rev: 9d9c36cd5fc59e88bcd8a08ba70ced996c7d74be) Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* clang: build-depend on spirv-llvm-translator-nativeDmitry Baryshkov2025-05-221-1/+1
| | | | | | | | | | | | | | Building of spirv-mesa and spirv64-mesa CLC targets (which are required for Mesa to work) requires a working llvm-spirv tool (provided by the spirv-llvm-translator-native package). Make clang build-depend on the corresponding recipe in order to be able to build requried targets. Fixes: 4178fe97371b ("clang: split SPIRV-LLVM-Translator to its own recipe") (From OE-Core rev: 177aaa7912f317da4a17a57081eb4f5667ef2c02) Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uboot-sign: Add support for setting firmware property in FIT configurationJamin Lin2025-05-221-0/+10
| | | | | | | | | | | | | | | | | | | Add the ability to set the "firmware" property in the FIT configuration node by introducing the UBOOT_FIT_CONF_FIRMWARE variable. This property defines the primary image to be executed during boot. If it is set, its value will be written into the FIT configuration under the "firmware" field. If not set, the bootloader will fall back to using the first entry in the "loadables" list. Using this property improves control over the boot sequence, especially in multi-binary boot scenarios. (From OE-Core rev: 82e1d7cbc855dbe4bec93f9b049851cbe376ea5e) Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uboot-sign: Fix unintended "-e" written into ITSJamin Lin2025-05-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | An unintended "-e" string may be written into the generated ITS file when users set the UBOOT_FIT_USER_SETTINGS variable to include custom binaries in the U-Boot image. This issue is caused by the use of 'echo -e', which behaves inconsistently across different shells. While bash interprets '-e' as enabling escape sequences (e.g., \n, \t), dash—the default /bin/sh on many systems—does not recognize '-e' and treats it as a literal string. As a result, "-e" can be mistakenly injected into the ITS file under certain build environments. To ensure consistent and shell-agnostic behavior, replace 'echo -e' with 'printf', which is well-defined by POSIX and behaves reliably across all common shells. This change improves portability and prevents malformed ITS files caused by unintended string injection. Fixes: c12e013 ("uboot-sign: support to add users specific image tree source") (From OE-Core rev: 1d5d22a38188f2c879e289a9732b620b0a6f7a6e) Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* valgrind: Upgrade from 3.25.0 to 3.25.1Randy MacLeod2025-05-221-1/+1
| | | | | | | | | | | | | | | | | | | | | The following bugs have been fixed or resolved in this point release: 503098 Incorrect NAN-boxing for float registers in RISC-V 503641 close_range syscalls started failing with 3.25.0 503914 mount syscall param filesystemtype may be NULL 504177 FILE DESCRIPTORS banner shows when closing some inherited fds 504265 FreeBSD: missing syscall wrappers for fchroot and setcred 504466 Double close causes SEGV To see details of a given bug, visit https://bugs.kde.org/show_bug.cgi?id=XXXXXX where XXXXXX is the bug number as listed above. (From OE-Core rev: 582e832634d5f1fa4ff9c89d095c10eaffcb3582) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* newlib: Upgrade 4.4.0 -> 4.5.0Alejandro Hernandez Samaniego2025-05-222-6/+10
| | | | | | | | | | | | Licence changes: - Adds BSD-2 for libm ld128 functions on 5c5ae2c08 - Adds Synopsys arc-*-* targets on 820dd50 (From OE-Core rev: 0ab6ac79b9f9519d9ee2b2c8d5b217a7e665e6f3) Signed-off-by: Alejandro Hernandez Samaniego <alejandro@enedino.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rust: Use patchelf in place of chrpath to edit rpathsKhem Raj2025-05-221-5/+6
| | | | | | | | | | | | | | | | | | | | | chrpath has limitations e.g. the original rpath in ELF have to bigger in size than the one being edited into it by chrpath, some toolchains do not use RPATH but emit the RUNPATHs into ELF files and chrpath is not able to handle the runpaths, this is the case with mips and pp32 build of rust, especially when using clang compiler to build them. patchelf can do more: Modify RUNPATH entries Add RPATH/RUNPATH where none existed Set longer paths than the original Convert between RPATH and RUNPATH (From OE-Core rev: 22b903f6620455e142e836412d3f7f6a4f03bea7) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: backport patch to fix compilation error for Skylake -march=x86-64-v3Yogesh Tyagi2025-05-222-0/+43
| | | | | | | | | | | | | When the input compiler enables AVX, stack realignment requirements causes gcc to fail to omit %rbp use, due to which the test fails to clobber %rbp in inline asm. Disable AVX to build the test on x86_64 so that the test continues working. (From OE-Core rev: bbd3e7886e2ec5ab3578d618b28d007a80d917aa) Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade 1.11.0 -> 1.11.1Hongxu Jia2025-05-226-66/+23
| | | | | | | | (From OE-Core rev: 73bcdedc80a83e241d2162b10a2244a8dbd0e403) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* man-pages: upgrade 6.13 -> 6.14Hongxu Jia2025-05-221-1/+1
| | | | | | | | (From OE-Core rev: e80a5a0d06d0d89d1e9a6bc45307a5f173f4592b) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-module-split: Allow for external conf filesMichal Sieron2025-05-201-7/+18
| | | | | | | | | | | | | | | Some recipes might provide conf files produced during build phase or simply tracked in the VCS instead of generating them with Yocto. In such cases those conf files wouldn't be assigned to correct packages. With this change, if user wants to generate a conf file they still can, but not generating them won't prevent assigning the file to proper package given the file exists. (From OE-Core rev: c7faf141592d1e2a5cab32a83f7e1498ee498d65) Signed-off-by: Michal Sieron <michalwsieron@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mesa: add support for asahi driversMarkus Volk2025-05-191-2/+6
| | | | | | | | (From OE-Core rev: 9bd16b398ff40d6172b33fb0a0f369a2c79ea03a) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mesa: update 25.0.5 -> 25.1.0Markus Volk2025-05-195-240/+33
| | | | | | | | | | | | | | - drop two merged patches - clover frontend is always compiled, even if not enabled clover is deprecated and was removed in master branch add a patch to fix that - install gbm_backend_abi.h (From OE-Core rev: 3d334e5b1e0e152178afce73f01cd1a3ded30677) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kexec-tools: Fix ppc buildKhem Raj2025-05-192-0/+35
| | | | | | | | | | | Compiler can analyse function pointer parameters now a days and it reports the mismatches, hence fixed. (From OE-Core rev: 99c62c5d26e9a046276f4ccd9df307c7a25cd393) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libvorbis: Ignore -mfused-madd as well for clangKhem Raj2025-05-191-5/+17
| | | | | | | | | | This option is not universal for all compilers (From OE-Core rev: 2d3b08b4327b3b6b2e16f6a19f1f9a2f951fc027) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ovmf: Upgrade to 202502 releaseKhem Raj2025-05-193-32/+16
| | | | | | | | | | Refresh patches (From OE-Core rev: 903f5855135980eef0ba8e6cd9d64ee7f53d6096) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* m4: Upgrade to 1.4.20 releaseKhem Raj2025-05-198-143/+9
| | | | | | | | | | | | | | | | | | | | This has been 4 years in making, it has fixes to build with gcc-15 and some patches are upstream [1] [2] This release collects several years of portability improvements, as well as a couple of minor optimizations to performance. Notable improvements in this release include faster execution of the 'eval' builtin. More details [3] [1] https://github.com/coreutils/gnulib/commit/2d830e4a792fcd9f614ed08a7f18584b8b21d23b [2] https://git.savannah.gnu.org/gitweb/?p=libsigsegv.git;a=commitdiff;h=a6ff69873110c0a8ba6f7fd90532dbc11224828c [3] https://lists.gnu.org/archive/html/m4-announce/2025-05/msg00000.html (From OE-Core rev: b30b952d82af8d505728123023344aac3d9204b8) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* zip: fix a buffer overflow detected issueMing Liu2025-05-192-0/+39
| | | | | | | | | | | | | | | | | | A "buffer overflow detected" issue was observed as follows: | *** buffer overflow detected ***: terminated | | zip error: Interrupted (aborting) This issue is addressed by: https://bugzilla.redhat.com/show_bug.cgi?id=2165653 Port the fix. (From OE-Core rev: e2f3eeaedc0ea896f5f5b23f756056331b1647cf) Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "xserver-xorg: mark CVEs fixed in 21.1.16 as fixed"Ross Burton2025-05-191-4/+0
| | | | | | | | | | | | | The CPE data in the NVD database is now complete, so these overrides are no longer needed. This reverts commit e3419fbaf2999a821e1890a12ab27285cc25b577. (From OE-Core rev: 252b52ce3fd51acda6ab9108ea6354cb0885a4f7) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "xwayland: mark CVEs fixed in 24.1.6 as fixed"Ross Burton2025-05-191-4/+0
| | | | | | | | | | | | | The CPE data in the NVD database is now complete, so these overrides are no longer needed. This reverts commit 76c7bb2b9c1b5300f957f11e1601816f8f90b501. (From OE-Core rev: 693f79b94edb6793d718f97457b6ebd4fa4bfb43) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* insane.bbclass: Add unimplemented-ptest detection for cargo-based testsInes KCHELFI2025-05-191-0/+7
| | | | | | | | | | | | | | | | | | | | | | Extend unimplemented-ptest QA check to detect Rust tests. Note: To enable this QA check, add the following to your local.conf: WARN_QA += "unimplemented-ptest" Examples of Rust-based meta-oe packages triggering unimplemented-ptest: WARNING: cbindgen-0.28.0-r0 do_patch: QA Issue: cbindgen: cargo-based tests detected [unimplemented-ptest] WARNING: fdfindd-10.2-r0 do_patch: QA Issue: fdfindd: cargo-based tests detected [unimplemented-ptest] WARNING: deqp-runner-0.20.3-r0 do_patch: QA Issue: deqp-runner: cargo-based tests detected [unimplemented-ptest] WARNING: bindgen-cli-0.71.1-r0 do_patch: QA Issue: bindgen-cli: cargo-based tests detected [unimplemented-ptest] WARNING: python3-maturin-1.8.3-r0 do_patch: QA Issue: python3-maturin: cargo-based tests detected [unimplemented-ptest] WARNING: uutils-coreutils-0.0.30-r0 do_patch: QA Issue: uutils-coreutils: cargo-based tests detected [unimplemented-ptest] (From OE-Core rev: c3c10f00b1f4d4a092e5d3834ec0ba6abd6ac969) Signed-off-by: Ines KCHELFI <ines.kchelfi@smile.fr> Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux: add CVE_STATUS for a chrome* bugRandy MacLeod2025-05-191-0/+2
| | | | | | | | | | | | | | | | | | This is not a linux-yocto CVE yet it shows up in the reports as: linux-yocto-custom CVE-2023-3079 0.0 8.8 Unpatched https://nvd.nist.gov/vuln/detail/CVE-2023-3079 For reference, the CPE says: Affects cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* So affects all Linux systems, Running on/with cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* [ YOCTO #15780 ] (From OE-Core rev: 22ef4d2d116afb9d603a05fb107dd9da0e74558b) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cryptodev-linux: clean up do_installRoss Burton2025-05-191-2/+1
| | | | | | | | | | | | The upstream Makefile now supports installing the headers directly[1], so use the target instead of calling install manually. [1] https://github.com/cryptodev-linux/cryptodev-linux/commit/e3962fea4e1816df420c36ad72845f90dfcfb611 (From OE-Core rev: 749de43ccc13488c0ec74e4a4257cc25cbf89370) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* opensbi: Pass CROSS_COMPILE and REPRODUCIBLE flagsKhem Raj2025-05-192-3/+54
| | | | | | | | | | When using clang pass LLVM=y to makefile so it can select needed bits using clang (From OE-Core rev: 9f95660886db562669d064f380d963353eef524c) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iputils: Security fix for CVE-2025-47268Yi Zhao2025-05-192-1/+146
| | | | | | | | | | | | | | | | | | | CVE-2025-47268 ping in iputils through 20240905 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-47268 Patch from: https://github.com/iputils/iputils/commit/070cfacd7348386173231fb16fad4983d4e6ae40 (From OE-Core rev: a4a58d3f6cd49a54a8c271abaad8098958d4f27f) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: Fix CVE-2025-32366Praveen Kumar2025-05-192-0/+42
| | | | | | | | | | | | | | | | | | | | | In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-32366 Upstream-patch: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4 (From OE-Core rev: 548eddd84f23c6cb0352b9a692144050da8ba37a) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* babeltrace2: Update patch to upstreamed version of patchKhem Raj2025-05-191-11/+12
| | | | | | | | | Update to the version of patch that landed upstream (From OE-Core rev: 916dceb531d4bf5a852864af30913c972ea31cf0) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemtap: Remove unneeded -Wno-dangling-pointerKhem Raj2025-05-191-3/+0
| | | | | | | | | | | | This was added by me in below commit [1] to overcome a RISCV build failure with gcc 13, the issue is gone with gcc-15 [1] https://git.yoctoproject.org/poky/commit/?id=4f09a93611134351381415d69228317d8a779014 (From OE-Core rev: 46a6fedf368c77a06d9a18d7c84a3f2e079c8f49) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ptest-packagelists: Add riscv64 exclusions so we can add testingRichard Purdie2025-05-151-0/+4
| | | | | | | | | | | Add failing tests to the list of broken tests for riscv64 so we can then start running the working tests and spot regressions. We can them aim to remove these over time as they start working. (From OE-Core rev: 22736c5281892dcd6b2134c62f33ae13ed14650c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest/rust: Add exclusion to fix riscv64 buildsRichard Purdie2025-05-151-0/+1
| | | | | | | | | There was one failure occurring in rust testing for qemuriscv64. Exclude that test so we can enable in automated testing. (From OE-Core rev: a7f6ea5b20aa91e4a1b00dbea7a6447effb9220d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Fix riscv multilib issues in plain toolchainsRichard Purdie2025-05-152-0/+11
| | | | | | | | | | | | | | | RISC-V multilib currently doesn't work at all. We could disable multilib for the riscv platform but that would then behave differently to all our others. Instead, copy the non-multilib config over the multilib config for now for riscv, meaning we can keep the platforms similar. This isn't quite enough as the triplet specific c++ headers are in the wrong place leading to compiler issues and testimage failures. Work around that too until someone adds full multilib support for the platform (if desired). (From OE-Core rev: 3081f62c18fcee642ab43efa717c8f71d51ae587) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dropbear: upgrade 2024.86 -> dropbear_2025.88Peter Marko2025-05-154-33/+78
| | | | | | | | | | | | | | | | | | Handles CVE-2025-47203 SHA1 algorithms were removed by default, so patch for disabling it was removed together with its package option. Doing it with conditional patch was anyway a bad design. If someone still needs it, it should be done via sed command on the config file. Refreshed remaining patches. Added patch to fix regression of the CVE fix. (From OE-Core rev: c01205e7a4816d78e99d01f86a396ab23d9bde34) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dropbear: add mirrorPeter Marko2025-05-151-0/+1
| | | | | | | | | | Main download page is currently unavailable, switch to mirror listed in README file of the dropbear repository and release tarballs. (From OE-Core rev: 49e1947dfcb24afe6ffca129ce38602d3d6a6a64) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* valgrind: Fix build with clangKhem Raj2025-05-152-0/+32
| | | | | | | (From OE-Core rev: fbf60d5077bcf37df96b7b6358db8c30e073a656) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-devsrc.bb: Replace extra System.map file with symlinkErick Shepherd2025-05-151-1/+2
| | | | | | | | | | | | | | | Currently there are two .map files being copied to $kerneldir/build. One of the files is System.map and the other is System.map-<kernel version>. Each .map file takes up about 5MB and have identical sha256sum hashes. This change will make it so only System.map-<kernel version> is copied in order to save disk space. It also recreates System.map as a symlink to that .map file. (From OE-Core rev: cc971fffb134aa6af9edeabb7a5f4143dee2151e) Signed-off-by: Erick Shepherd <erick.shepherd@ni.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxcvt: allow native buildMarkus Volk2025-05-151-0/+2
| | | | | | | | | | | | | | | | 'mutter' requires the 'cvt' binary at compile time to build the native backend For this it depends on xserver-xorg-cvt-native, which is currently broken and also deprecated. [https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/637] This commit would allow to use libxcvt-native to provide the needed binary instead. (From OE-Core rev: 4b06a88a2c1cc704dad1aacfecc9bab662f3dc7d) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* coreutils: Drop 0001-local.mk-fix-cross-compiling-problem.patchRobert Yang2025-05-152-29/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The patch is used for fixing: | Makefile:3418: *** Recursive variable 'INSTALL' references itself (eventually). Stop. Now the code and check and set that correctly: if CROSS_COMPILING cu_install_program = @INSTALL@ else cu_install_program = src/ginstall endif So just drop the patch. And also remove the ginstall hack to fix ptest case failure when single-binary is enabled, I can't find the reason on why it was needed from git log. Fixed: install: missing file operand Try 'install --help' for more information. * Reproducer: DISTRO_FEATURES:append = " ptest" EXTRA_IMAGE_FEATURES:append = " ptest-pkgs" IMAGE_INSTALL:append = " coreutils" PACKAGECONFIG:append:pn-coreutils = " single-binary" $ bitbake core-image-sato $ runqemu tmp/deploy/images/qemux86-64/ nographic kvm On target: $ cd /usr/lib/coreutils/ptest $ ./run-ptest ============================================================================ Testsuite summary for GNU coreutils 9.6 ============================================================================ TOTAL: 655 PASS: 529 SKIP: 126 XFAIL: 0 FAIL: 0 XPASS: 0 ERROR: 0 ============================================================================ make[1]: Leaving directory '/usr/lib/coreutils/ptest' (From OE-Core rev: 8728815f74f73723e86ba25b56a66b3fb46d6596) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* coreutils: Fix file-rdeps for single-binaryRobert Yang2025-05-151-1/+8
| | | | | | | | | | | | | | Fixed: DISTRO_FEATURES:append = " ptest" PACKAGECONFIG:append:pn-coreutils = " single-binary" $ bitbake coreutils ERROR: coreutils-9.6-r0 do_package_qa: QA Issue: /usr/lib/coreutils/ptest/src/yes contained in package coreutils-ptest requires /path/to//tmp/work/core2-64-poky-linux/coreutils/9.6/build/src/coreutils, but no providers found in RDEPENDS:coreutils-ptest? [file-rdeps] (From OE-Core rev: 5174ec4a82a66b49ff7a8988ab52731b775bffb6) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* testimage: get real os-release filePeter Marko2025-05-151-1/+3
| | | | | | | | | | | | | | | | /etc/os-release is a symlink to /usr/lib. Symlink is retrieved as a dead link which points to nowhere if also the original file is not accompanying it. Fetch the real file in addition to this link. Alternative could be to use "tar -h" (supported also by busybox tar), however that could lose some important information if links are relevant for failure analysis. (From OE-Core rev: ed43f9ccb3c08845259e24440912631afd780d12) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rust: re-enable the unit tests that are previously ignoredDeepesh Varatharajan2025-05-151-44/+0
| | | | | | | | | | | | Some unit tests were previously marked as ignored due to failures in earlier versions of Rust. With the upgrade to Rust 1.85.1, these tests are now passing consistently. They've been re-enabled and verified to run successfully on the latest version. (From OE-Core rev: 56149c8c2108973666251e21609a7210a91984cf) Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Upgrade 9.9p2 -> 10.0p1Richard Purdie2025-05-152-5/+5
| | | | | | | | | | | Fix sshd by ensuring the agent daemon is included. Internally, this release is versioned as 10.0p2 but upstream don't plan to change this or re-release. (From OE-Core rev: 2a4dd93e98ca9e61644213aa00c1cb837fb27316) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-09 18:17:14 +0000