[OE-core] [PATCH v2] security_flags.inc: Add same O as in SELECTED_OPTIMIZATION

[Khem Raj]

Adding -O can be troublesome in some packages where it may override the
O specified by CFLAGS, this can be due to configure processing of
CFLAGS and munging them into new values in Makefiles, which is
contructed from CC and CFLAGS passed by bitbake environment. Problem
arises if the sequence is altered, which seems to be the case in some
packages e.g. ncurses, where the value from CC variable is added last
and thus overrides -O coming from CFLAGS,

Therefore grok the value from SELECTED_OPTIMIZATION and append the
appropriate -O flag to lcl_maybe_fortify so the level does not
change inaderdantly.

Since we do not use -O0 anymore there is no point of checking for
DEBUG_BUILD since it uses -Og now which works fine with
-D_FORTIFY_SOURCE=2, so check for optlevel O0 instead

Signed-off-by: Khem Raj 
Cc: Anuj Mittal 
---
 meta/conf/distro/include/security_flags.inc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/conf/distro/include/security_flags.inc 
b/meta/conf/distro/include/security_flags.inc
index 05253b2df9..f996ca9be2 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -10,7 +10,9 @@ GCCPIE ?= "--enable-default-pie"
 
 # _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds as they 
use
 # -O0 which then results in a compiler warning.
-lcl_maybe_fortify ?= "${@oe.utils.conditional('DEBUG_BUILD','1','','-O 
-D_FORTIFY_SOURCE=2',d)}"
+OPTLEVEL = "${@bb.utils.filter('SELECTED_OPTIMIZATION', '-O0 -O1 -O2 -O3 
-Ofast -Og -Os -Oz -O', d)}"
+
+lcl_maybe_fortify ?= "${@oe.utils.conditional('OPTLEVEL','-O0','','${OPTLEVEL} 
-D_FORTIFY_SOURCE=2',d)}"
 
 # Error on use of format strings that represent possible security problems
 SECURITY_STRINGFORMAT ?= "-Wformat -Wformat-security -Werror=format-security"
-- 
2.30.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147920): 
https://lists.openembedded.org/g/openembedded-core/message/147920
Mute This Topic: https://lists.openembedded.org/mt/80526790/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] security_flags.inc: Use -O with -D_FORTIFY_SOURCE

[Khem Raj]

On Tue, Feb 9, 2021 at 8:47 PM Mittal, Anuj  wrote:
>
> On Fri, 2021-02-05 at 22:31 -0800, Khem Raj wrote:
> > compiler can only use fortify options when some level of optimization
> > is
> > on, otherwise it ends up sending some warnings.
> >
> > warning: _FORTIFY_SOURCE requires compiling with optimization (-O) [-
> > W#warnings]
> >
> > this is usually OK, since -O would be added via CFLAGS to
> > compiler cmdline in normal compile stages, however during configure
> > there are problems when CC,CPP,CXX are probed alone in configure
> > tests
> > which results in above warning, which confuses the configure results
> > and
> > autotools 2.70+ detects it as error e.g.
> >
> > configure:17292: error: C preprocessor "riscv32-yoe-linux-clang -
> > target riscv32-yoe-linux  -mlittle-endian -mno-relax -Qunused-
> > arguments -fstack-protector-strong  -D_FORTIFY_SOURCE=2 -Wformat -
> > Wformat-security -Werror=format-security --
> > sysroot=/mnt/b/yoe/master/build/tmp/work/riscv32-yoe-linux/ndpi/3.4-
> > r0/recipe-sysroot -E" fails sanity check
> > See `config.log' for more details
> >
> > therefore adding a -O ( which actually is -O1 ) to lcl_maybe_fortify
> > means we can properly test these configure tests and real -O
> > will
> > still override -O added here, so overrall behavior improves
>
> gcc man page says that the last specified O option will take effect.
>
> In case of ncurses for example using poky:
>
> x86_64-poky-linux-gcc -m64 -march=skylake -mtune=generic -mavx2 -
> mfpmath=sse --sysroot=/home/anmitta2/work/poky/build/tmp/work/skylake-
> 64-poky-linux/ncurses/6.2-r0/recipe-sysroot -DHAVE_CONFIG_H -
> I../ncurses -I. -I../../../git/ncurses -I../include -
> I../../../git/ncurses/../include -D_FORTIFY_SOURCE=2 -D_DEFAULT_SOURCE
> -D_XOPEN_SOURCE=600 -DNDEBUG -O2 -pipe -g -feliminate-unused-debug-
> types -fmacro-prefix-
> map=/home/anmitta2/work/poky/build/tmp/work/skylake-64-poky-
> linux/ncurses/6.2-r0=/usr/src/debug/ncurses/6.2-r0
> -fdebug-prefix-map=/home/anmitta2/work/poky/build/tmp/work/skylake-64-
> poky-linux/ncurses/6.2-r0=/usr/src/debug/ncurses/6.2-r0
> -fdebug-prefix-map=/home/anmitta2/work/poky/build/tmp/work/skylake-64-
> poky-linux/ncurses/6.2-r0/recipe-sysroot=  -fdebug-
> prefix-map=/home/anmitta2/work/poky/build/tmp/work/skylake-64-poky-
> linux/ncurses/6.2-r0/recipe-sysroot-native=  -fstack-protector-strong -
> O -Wformat -Wformat-security -Werror=format-security --param max-
> inline-insns-single=1200 -fPIC -DUSE_TERMLIB -c
> ../../../git/ncurses/tinfo/doalloc.c -o ../obj_s/doalloc.o
>
> I see -O after -O2 so is O2 really taking effect?

In this case -O  will take effect sadly. and it seems to be that
autconf munges the compiler cmdline
while generating CFLAGS in generated Makefiles and appends the value
of -On coming from CC
variable last.

I think right solution would be to add same -O as specified in
SELECTED_OPTIMIZATION so it remains
in sync always, I have sent a patch to ml. Could you test it out and
let me know if it works for you as well.

>
> Thanks,
>
> Anuj
>
> >
> > Signed-off-by: Khem Raj 
> > ---
> >  meta/conf/distro/include/security_flags.inc | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/meta/conf/distro/include/security_flags.inc
> > b/meta/conf/distro/include/security_flags.inc
> > index 4e64eb99f9..05253b2df9 100644
> > --- a/meta/conf/distro/include/security_flags.inc
> > +++ b/meta/conf/distro/include/security_flags.inc
> > @@ -10,7 +10,7 @@ GCCPIE ?= "--enable-default-pie"
> >
> >  # _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds
> > as they use
> >  # -O0 which then results in a compiler warning.
> > -lcl_maybe_fortify ?=
> > "${@oe.utils.conditional('DEBUG_BUILD','1','','-
> > D_FORTIFY_SOURCE=2',d)}"
> > +lcl_maybe_fortify ?=
> > "${@oe.utils.conditional('DEBUG_BUILD','1','','-O -
> > D_FORTIFY_SOURCE=2',d)}"
> >
> >  # Error on use of format strings that represent possible security
> > problems
> >  SECURITY_STRINGFORMAT ?= "-Wformat -Wformat-security -Werror=format-
> > security"
> >
> > 
> >
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147919): 
https://lists.openembedded.org/g/openembedded-core/message/147919
Mute This Topic: https://lists.openembedded.org/mt/80425803/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] security_flags.inc: Add same O as in SELECTED_OPTIMIZATION

[Khem Raj]

Adding -O can be troublesome in some packages where it may override the
O specified by CFLAGS, this can be due to configure processing of
CFLAGS and munging them into new values in Makefiles, which is
contructed from CC and CFLAGS passed by bitbake environment. Problem
arises if the sequence is altered, which seems to be the case in some
packages e.g. ncurses, where the value from CC variable is added last
and thus overrides -O coming from CFLAGS,

Therefore grok the value from SELECTED_OPTIMIZATION and append the
appropriate -O flag to lcl_maybe_fortify so the level does not
change inaderdantly.

Signed-off-by: Khem Raj 
Cc: Anuj Mittal 
---
 meta/conf/distro/include/security_flags.inc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/conf/distro/include/security_flags.inc 
b/meta/conf/distro/include/security_flags.inc
index 05253b2df9..d5332614a9 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -10,7 +10,9 @@ GCCPIE ?= "--enable-default-pie"
 
 # _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds as they 
use
 # -O0 which then results in a compiler warning.
-lcl_maybe_fortify ?= "${@oe.utils.conditional('DEBUG_BUILD','1','','-O 
-D_FORTIFY_SOURCE=2',d)}"
+OPTLEVEL = "${@bb.utils.filter('SELECTED_OPTIMIZATION', '-O0 -O1 -O2 -O3 
-Ofast -Og -Os -Oz -O', d)}"
+
+lcl_maybe_fortify ?= "${@oe.utils.conditional('OPTLEVEL','O0','','${OPTLEVEL} 
-D_FORTIFY_SOURCE=2',d)}"
 
 # Error on use of format strings that represent possible security problems
 SECURITY_STRINGFORMAT ?= "-Wformat -Wformat-security -Werror=format-security"
-- 
2.30.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147918): 
https://lists.openembedded.org/g/openembedded-core/message/147918
Mute This Topic: https://lists.openembedded.org/mt/80526745/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] security_flags.inc: Use -O with -D_FORTIFY_SOURCE

[Anuj Mittal]

On Fri, 2021-02-05 at 22:31 -0800, Khem Raj wrote:
> compiler can only use fortify options when some level of optimization
> is
> on, otherwise it ends up sending some warnings.
> 
> warning: _FORTIFY_SOURCE requires compiling with optimization (-O) [-
> W#warnings]
> 
> this is usually OK, since -O would be added via CFLAGS to
> compiler cmdline in normal compile stages, however during configure
> there are problems when CC,CPP,CXX are probed alone in configure
> tests
> which results in above warning, which confuses the configure results
> and
> autotools 2.70+ detects it as error e.g.
> 
> configure:17292: error: C preprocessor "riscv32-yoe-linux-clang -
> target riscv32-yoe-linux  -mlittle-endian -mno-relax -Qunused-
> arguments -fstack-protector-strong  -D_FORTIFY_SOURCE=2 -Wformat -
> Wformat-security -Werror=format-security --
> sysroot=/mnt/b/yoe/master/build/tmp/work/riscv32-yoe-linux/ndpi/3.4-
> r0/recipe-sysroot -E" fails sanity check
> See `config.log' for more details
> 
> therefore adding a -O ( which actually is -O1 ) to lcl_maybe_fortify
> means we can properly test these configure tests and real -O
> will
> still override -O added here, so overrall behavior improves

gcc man page says that the last specified O option will take effect.

In case of ncurses for example using poky:

x86_64-poky-linux-gcc -m64 -march=skylake -mtune=generic -mavx2 -
mfpmath=sse --sysroot=/home/anmitta2/work/poky/build/tmp/work/skylake-
64-poky-linux/ncurses/6.2-r0/recipe-sysroot -DHAVE_CONFIG_H -
I../ncurses -I. -I../../../git/ncurses -I../include -
I../../../git/ncurses/../include -D_FORTIFY_SOURCE=2 -D_DEFAULT_SOURCE
-D_XOPEN_SOURCE=600 -DNDEBUG -O2 -pipe -g -feliminate-unused-debug-
types -fmacro-prefix-
map=/home/anmitta2/work/poky/build/tmp/work/skylake-64-poky-
linux/ncurses/6.2-r0=/usr/src/debug/ncurses/6.2-r0
-fdebug-prefix-map=/home/anmitta2/work/poky/build/tmp/work/skylake-64-
poky-linux/ncurses/6.2-r0=/usr/src/debug/ncurses/6.2-r0   
-fdebug-prefix-map=/home/anmitta2/work/poky/build/tmp/work/skylake-64-
poky-linux/ncurses/6.2-r0/recipe-sysroot=  -fdebug-
prefix-map=/home/anmitta2/work/poky/build/tmp/work/skylake-64-poky-
linux/ncurses/6.2-r0/recipe-sysroot-native=  -fstack-protector-strong -
O -Wformat -Wformat-security -Werror=format-security --param max-
inline-insns-single=1200 -fPIC -DUSE_TERMLIB -c
../../../git/ncurses/tinfo/doalloc.c -o ../obj_s/doalloc.o

I see -O after -O2 so is O2 really taking effect? 

Thanks,

Anuj

> 
> Signed-off-by: Khem Raj 
> ---
>  meta/conf/distro/include/security_flags.inc | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/meta/conf/distro/include/security_flags.inc
> b/meta/conf/distro/include/security_flags.inc
> index 4e64eb99f9..05253b2df9 100644
> --- a/meta/conf/distro/include/security_flags.inc
> +++ b/meta/conf/distro/include/security_flags.inc
> @@ -10,7 +10,7 @@ GCCPIE ?= "--enable-default-pie"
>  
>  # _FORTIFY_SOURCE requires -O1 or higher, so disable in debug builds
> as they use
>  # -O0 which then results in a compiler warning.
> -lcl_maybe_fortify ?=
> "${@oe.utils.conditional('DEBUG_BUILD','1','','-
> D_FORTIFY_SOURCE=2',d)}"
> +lcl_maybe_fortify ?=
> "${@oe.utils.conditional('DEBUG_BUILD','1','','-O -
> D_FORTIFY_SOURCE=2',d)}"
>  
>  # Error on use of format strings that represent possible security
> problems
>  SECURITY_STRINGFORMAT ?= "-Wformat -Wformat-security -Werror=format-
> security"
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147917): 
https://lists.openembedded.org/g/openembedded-core/message/147917
Mute This Topic: https://lists.openembedded.org/mt/80425803/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] connman: update to 1.39

[akuster]

[Yocto #14231]

Bug fix only and includes two security fixes:

CVE-2021-26676
CVE-2021-26676

Signed-off-by: Armin Kuster 
---
 .../connman/{connman_1.38.bb => connman_1.39.bb}   | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
 rename meta/recipes-connectivity/connman/{connman_1.38.bb => connman_1.39.bb} 
(78%)

diff --git a/meta/recipes-connectivity/connman/connman_1.38.bb 
b/meta/recipes-connectivity/connman/connman_1.39.bb
similarity index 78%
rename from meta/recipes-connectivity/connman/connman_1.38.bb
rename to meta/recipes-connectivity/connman/connman_1.39.bb
index 027c41e9afa..df42e9ffb8a 100644
--- a/meta/recipes-connectivity/connman/connman_1.38.bb
+++ b/meta/recipes-connectivity/connman/connman_1.39.bb
@@ -9,8 +9,7 @@ SRC_URI = 
"${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
 
 SRC_URI_append_libc-musl = " 
file://0002-resolve-musl-does-not-implement-res_ninit.patch"
 
-SRC_URI[md5sum] = "1ed8745354c7254bdfd4def54833ee94"
-SRC_URI[sha256sum] = 
"cb30aca97c2f79ccaed8802aa2909ac5100a3969de74c0af8a9d73b85fc4932b"
+SRC_URI[sha256sum] = 
"9f62a7169b7491c670a1ff2e335b0d966308fb2f62e285c781105eb90f181af3"
 
 RRECOMMENDS_${PN} = "connman-conf"
 RCONFLICTS_${PN} = "networkmanager"
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147916): 
https://lists.openembedded.org/g/openembedded-core/message/147916
Mute This Topic: https://lists.openembedded.org/mt/80524901/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] sanity.bbclass: improve the network connectivity check message

[Yu, Mingli]

From: Mingli Yu 

The network connectivity check via checking www.example.com by default
and also can customized by CONNECTIVITY_CHECK_URIS if desired.

Improve the check message to let the user know if the network is actually
unaccessible or the checked URIs is wrongly set.

[YOCTO #12708]

Signed-off-by: Mingli Yu 
---
 meta/classes/sanity.bbclass | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass
index 485173ab48..ebf0a559a2 100644
--- a/meta/classes/sanity.bbclass
+++ b/meta/classes/sanity.bbclass
@@ -389,13 +389,17 @@ def check_connectivity(d):
 except Exception as err:
 # Allow the message to be configured so that users can be
 # pointed to a support mechanism.
+urlmsg = "Check network connectivity via the below tested URIs\n"
+urlmsg += "please make sure the below tested URIs accessible\n"
+for test_uri in test_uris:
+urlmsg = "%s\n" % test_uri.strip()
 msg = data.getVar('CONNECTIVITY_CHECK_MSG') or ""
 if len(msg) == 0:
 msg = "%s.\n" % err
 msg += "Please ensure your host's network is configured 
correctly,\n"
 msg += "or set BB_NO_NETWORK = \"1\" to disable network 
access if\n"
 msg += "all required sources are on local disk.\n"
-retval = msg
+retval = urlmsg + msg
 
 return retval
 
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147915): 
https://lists.openembedded.org/g/openembedded-core/message/147915
Mute This Topic: https://lists.openembedded.org/mt/80523455/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [oe] [bitbake-devel] Backport changes for _PYTHON_SYSCONFIGDATA_NAME to Gatesgarth and Dunfell

[Steve Sakoman]

On Tue, Feb 9, 2021 at 4:11 AM Steve Sakoman  wrote:
>
> On Mon, Feb 8, 2021 at 1:45 PM Peter Kjellerstedt
>  wrote:
> >
> > As agreed upon on the Yocto Project Technical Team Meeting a week ago, I 
> > have created branches for both Gatesgarth and Dunfell in 
> > openembedded-core-contrib and meta-openembedded-contrib with the required 
> > patches. The branches are called pkj/_PYTHON_SYSCONFIGDATA_NAME-gatesgarth 
> > and pkj/_PYTHON_SYSCONFIGDATA_NAME-dunfell (ok, horrible names, but they 
> > should be easy to spot). There is one additional patch for bitbake, but I 
> > forgot to ask for access to bitbake-contrib, so you will have to 
> > cherry-pick it from commit 47b64cfa (it is not strictly necessary as it is 
> > just clean up made possible after the changes in OE-Core).
> >
> >
> >
> > @jansa, @akuster: I have included the two extra patches in 
> > meta-openembedded that Martin mentioned, which were lacking from my 
> > original mail. There were other patches mentioned, which fixed missing 
> > spaces related to the use of _append. However, as they were not necessary 
> > (they changed other variables than DEPENDS for target), I did not include 
> > them.
> >
> >
> >
> > I have not done any excessive testing of these branches. I have verified 
> > that I can run `devtool modify libxml2`, which I could not do before, and I 
> > have run `bitbake core-image-minimal`.
>
> Thanks Peter!  I'll start testing with dunfell this morning.

I did an autobuilder run with your meta-openembedded branch, my
stable/dunfell-nut branch with the 6 patches, and my bitbake
stable/1.46-nut branch with the single patch:

https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/921

All was fine except for an error in sysdig: do_compile, which doesn't
appear to be related:

https://errors.yoctoproject.org/Errors/Details/570303/

Unless someone has an objection I'll add the oe-core and bitbake
patches to my next set of review patches.

Steve


> > From: Martin Jansa 
> > Sent: den 7 februari 2021 12:15
> > To: Martin Jansa 
> > Cc: akuster808 ; Peter Kjellerstedt 
> > ; Steve Sakoman ; Mittal, 
> > Anuj ; OE Core 
> > (openembedded-core@lists.openembedded.org) 
> > ; OE Development 
> > (openembedded-de...@lists.openembedded.org) 
> > ; BitBake Development 
> > (bitbake-de...@lists.openembedded.org) 
> > 
> > Subject: Re: [oe] [bitbake-devel] Backport changes for 
> > _PYTHON_SYSCONFIGDATA_NAME to Gatesgarth and Dunfell
> >
> >
> >
> > On Sun, Feb 7, 2021 at 12:15 AM Martin Jansa via lists.openembedded.org 
> >  wrote:
> >
> > On Sat, Jan 16, 2021 at 6:52 PM akuster808  wrote:
> >
> >
> >
> > On 1/16/21 9:44 AM, Martin Jansa wrote:
> > > Aren't the missing spaces in appends fixes also needed for meta-oe
> > > recipes?
> >
> >
> > >
> > > I think at least top 5 commits from:
> > > https://git.openembedded.org/meta-openembedded/log/?qt=grep=space.*append
> > > were also follow-up from these changes in oe-core.
> > >
> > Do you mean something beyond the meta-openembedded commits mentioned
> > near the bottom of the email?
> >
> >
> >
> > Yes I mean these 5 commits at least.
> >
> >
> >
> > 50bbf80abf python3-pykwalify: Do not unset _PYTHON_SYSCONFIGDATA_NAME
> >
> > 6b3e3bdaf8 python-grpcio-tools: Add missing space for append
> >
> >
> >
> > The first one is just an additional cleanup, but without the 2nd one and 
> > with the cherry-picks from the first e-mail applied you would get:
> >
> > ERROR: Nothing PROVIDES 'python3python3-grpcio' (but 
> > meta-oe/meta-python/recipes-devtools/python/python3-grpcio-tools_1.14.1.bb 
> > DEPENDS on or otherwise requires it). Close matches:
> >   python-grpcio
> >   python3-grpcio
> >
> >
> >
> > my world build is still running..
> >
> >
> >
> >
> >
> > with c99bb790 DEPENDS variable doesn't end with a space, so the missing 
> > leading space in these appends (which was fine until now because of 
> > trailing space from DEPENDS set in bbclass) is now causing wrong dependency 
> > (should be easily reproducible with the patches backported, just by parsing 
> > the recipes).
> >
> >
> >
> > I need clarity so I can open an issue in gitlab for tracking purposes as
> > I am sure I will forget this
> >
> >
> >
> > we're using gitlab?
> >
> >
> >
> >
> >
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147914): 
https://lists.openembedded.org/g/openembedded-core/message/147914
Mute This Topic: https://lists.openembedded.org/mt/80450390/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] Build libpwquality without distutils3

[Richard Purdie]

On Tue, 2021-02-09 at 15:27 -0600, Joseph Reynolds wrote:
> Dear openembedded-core members,
> 
> How can I avoid bringing Python into my image via libpwquality?  I need 
> to keep my image size small.  My bbappend uses EXTRA_OECONF += 
> "--enable-python-bindings=no" to take advantage of the source project's 
> configuration option [1], but because libpwquality_1.4.4.bb [2] imports 
> distutil3-base, my image gets Python.  I built a working proof of 
> concept that libpwquality does not need Python here: [3].
> 
> I tried enhancing libpwquality_1.4.4.bb with PACKAGECONFIG 
> "python-bindings" (so my bbappend can use 
> PACKAGECONFIG_remove="python-bindings") but can't find a way to get the 
> final value of PACKAGECONFIG to conditionally `inherit 
> distutils3-base`.  So I am asking for help.
> 
> How can I avoid bringing in Python via libpwquality?

distutils3-base looks rather simple. Offhand, you could:

a) remove python3-core from RDEPENDS when the appropriate PACKAGECONFIG
is set using the remove operator

b) replace the distutils3-base with the other inherits directly and
rewrite the RDEPENDS code to be conditions

c) propose a patch to allow the RDEPENDS to be indirected via another
variable?

Some of these work from bbappends, some are more neater but take a bit
more work to sort out.

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147913): 
https://lists.openembedded.org/g/openembedded-core/message/147913
Mute This Topic: https://lists.openembedded.org/mt/80516859/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Build libpwquality without distutils3

[Joseph Reynolds]

Dear openembedded-core members,

How can I avoid bringing Python into my image via libpwquality?  I need 
to keep my image size small.  My bbappend uses EXTRA_OECONF += 
"--enable-python-bindings=no" to take advantage of the source project's 
configuration option [1], but because libpwquality_1.4.4.bb [2] imports 
distutil3-base, my image gets Python.  I built a working proof of 
concept that libpwquality does not need Python here: [3].


I tried enhancing libpwquality_1.4.4.bb with PACKAGECONFIG 
"python-bindings" (so my bbappend can use 
PACKAGECONFIG_remove="python-bindings") but can't find a way to get the 
final value of PACKAGECONFIG to conditionally `inherit 
distutils3-base`.  So I am asking for help.


How can I avoid bringing in Python via libpwquality?

I am also curious if anyone else is interested in changing the default 
install location for libpwquality.so to /lib/security/ (where Yocto/Poky 
defaults to /usr/lib/security).


- Joseph

[1]: 
https://github.com/libpwquality/libpwquality/blob/master/configure.ac#L119
[2]: 
https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-extended/libpwquality/libpwquality_1.4.4.bb
[3]: 
https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/40102/4..5/meta-openembedded/meta-oe/recipes-extended/libpwquality/libpwquality_1.4.4.bb#21



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147912): 
https://lists.openembedded.org/g/openembedded-core/message/147912
Mute This Topic: https://lists.openembedded.org/mt/80516859/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] mpg123: Add support for FPU-less targets

[Khem Raj]

is --with-cpu=generic_nofpu applicable for all soft fpu machines or
just arm ? I wonder if it will improve or regress other nofpu
machines. Do you have any data

On Tue, Feb 9, 2021 at 6:16 AM  wrote:
>
> From: Robert Rosengren 
>
> Support added to configure mpg123 for FPU-less targets. Building for
> fixed-point arithmetic increases performance on such devices.
>
> Signed-off-by: Robert Rosengren 
> ---
>  meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb 
> b/meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb
> index c9bbcd30ff..35cad6ffc4 100644
> --- a/meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb
> +++ b/meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb
> @@ -40,6 +40,7 @@ EXTRA_OECONF = " \
>  --with-audio='${AUDIOMODS}' \
>  ${@bb.utils.contains('TUNE_FEATURES', 'neon', '--with-cpu=neon', '', d)} 
> \
>  ${@bb.utils.contains('TUNE_FEATURES', 'altivec', '--with-cpu=altivec', 
> '', d)} \
> +${@bb.utils.contains('TARGET_FPU', 'soft', '--with-cpu=generic_nofpu', 
> '', d)} \
>  "
>  # Fails to build with thumb-1 (qemuarm)
>  #| {standard input}: Assembler messages:
> --
> 2.20.1
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147911): 
https://lists.openembedded.org/g/openembedded-core/message/147911
Mute This Topic: https://lists.openembedded.org/mt/80504939/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] tcf-agent: Fix build on riscv32

[Khem Raj]

LCL_STOP_SERVICES needs tcf/cpudefs-mdep.h ported

Signed-off-by: Khem Raj 
---
 meta/recipes-devtools/tcf-agent/tcf-agent_git.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb 
b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
index ed14fe66b1..c1b05691b8 100644
--- a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
+++ b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb
@@ -48,6 +48,7 @@ CFLAGS_append_libc-musl = " ${LCL_STOP_SERVICES}"
 CFLAGS_append_powerpc64 = " ${LCL_STOP_SERVICES}"
 CFLAGS_append_powerpc64le = " ${LCL_STOP_SERVICES}"
 CFLAGS_append_riscv64 = " ${LCL_STOP_SERVICES}"
+CFLAGS_append_riscv32 = " ${LCL_STOP_SERVICES}"
 
 do_install() {
oe_runmake install INSTALLROOT=${D}
-- 
2.30.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147910): 
https://lists.openembedded.org/g/openembedded-core/message/147910
Mute This Topic: https://lists.openembedded.org/mt/80512993/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] recipes-kernel: add libbpf

[Matteo Croce]

On Tue, Feb 9, 2021 at 5:44 PM Khem Raj  wrote:
>
> fails to build for rpi4 here
>
> https://errors.yoctoproject.org/Errors/Details/570276/
>
> On Mon, Feb 8, 2021 at 1:34 PM Bruce Ashfield  
> wrote:
> >
> > On Mon, Feb 8, 2021 at 4:22 PM Matteo Croce  
> > wrote:
> > >
> > > On Mon, Feb 8, 2021 at 9:13 PM Bruce Ashfield  
> > > wrote:
> > > >
> > > > On Mon, Feb 8, 2021 at 1:18 PM Matteo Croce 
> > > >  wrote:
> > > > >
> > > > > From: Matteo Croce 
> > > > >
> > > > > Add a recipe to build libbpf from https://github.com/libbpf/libbpf
> > > > > The only patch fixes a build issue, and it's already merged upstream.
> > > >
> > > > Thanks for the submission! I have a few comments / questions.
> > > >
> > > > To get this into oe-core, we should be commenting / documenting why it
> > > > should be in core, versus another layer. The standard criteria is that
> > > > there are enough varied users and that the functionality is common
> > > > enough, that it belongs in core.
> > > >
> > >
> > > For sure bcc and bpftrace can use it, and maybe also perf.
> > > In future even iproute2 will use it, as it has been ported to libbpf 
> > > recently.
> > > Feel free to propose another layer, in case you know a better one.
> >
> > That's not for me to propose . that's for you to sort out.
> >
> > A quick check of the layer index would show that other bpf tools are
> > in meta-oe.
> >
> > >
> > >
> > > > There should also be some sort of oe-selftest for the functionality,
> > > > otherwise, it is hard to detect breakages. Some sort of application
> > > > that uses the library and that can be executed in qemu would be
> > > > enough.
> > > >
> > >
> > > That's doable.
> > >
> > > > What are the kernel requirements ? CONFIG_BPF is selected by other
> > > > kernel configs (it has no menu entry, so it must be), is it that, or
> > > > something else that is the requirement (classic BFP?). If that option
> > > > is now always on, is that true for the reference kernel versions in
> > > > master (5.4 and 5.10).
> > > >
> > >
> > > I'd say BPF_SYSCALL, which is the single entry point for al the eBPF 
> > > routines.
> >
> > Yes, that's the core support, and a selftest would ensure that the
> > reference kernels can support the package (they can, but we still need
> > the test) and implicitly document that requirement.
> >
> > >
> > > > Finally, does this work across all the supported architectures ? if
> > > > not, we'll need compatibility settings.
> > > >
> > >
> > > I tested it only x86 and aarch64, but it should be arch independent.
> >
> > Then it should be limited to where it has been tested, otherwise, the
> > burden falls to the oe-core maintainer, which we don't want.
> >
> > Bruce
> >
> > >
> > > Thanks!
> > > --
> > > per aspera ad upstream
> >
> >
> >
> > --
> > - Thou shalt not follow the NULL pointer, for chaos and madness await
> > thee at its end
> > - "Use the force Harry" - Gandalf, Star Trek II
> >
> > 
> >

Hi,

to let bcc use the libbpf dynamic library, you need to backport some
commits from upstream:

This one which I recently pushed:
https://github.com/iovisor/bcc/commit/6b4222cd41b3f5e833307aeff2b10c6b084d3f4f

And these from Luca:
https://github.com/iovisor/bcc/commit/e46997e9a43d512b6a5d01aae1a4566fd147b7b9
https://github.com/iovisor/bcc/commit/300296a598613912df5dc61f4b327b7102e52011
https://github.com/iovisor/bcc/commit/1cb5026e6f1d8dc7ca115cae579be4c53bec0c9e

And you need to pass to cmake some extra flags.
I have both bcc and bpftraf working with dynamic libbpf, I will share
my changes to the bcc recipes once libbpf is merged.

Regards,
-- 
per aspera ad upstream

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147909): 
https://lists.openembedded.org/g/openembedded-core/message/147909
Mute This Topic: https://lists.openembedded.org/mt/80484584/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] opkg: Fix patch glitches

[Alex Stewart]

Hey Richard,

On 2/9/21 9:23 AM, Richard Purdie wrote:

Well spotted. I somehow grabbed a half complete version, trying to
juggle too many things at once I think. I've fixed it on the branch,
third time lucky :/.


The new patch on master-next looks good. Could you submit it to the 
opkg-devel ML, so that I can pull it from there?


Thanks!

--
Alex Stewart
Software Engineer - NI Real-Time OS
NI (National Instruments)

alex.stew...@ni.com


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147908): 
https://lists.openembedded.org/g/openembedded-core/message/147908
Mute This Topic: https://lists.openembedded.org/mt/80505499/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] libsystemd is missing ?

[Ramon Fried]

> Did you try putting "systemd" in the DEPENDS of the recipe ?
Yes, that was the problem. thanks !.
Ramon.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147907): 
https://lists.openembedded.org/g/openembedded-core/message/147907
Mute This Topic: https://lists.openembedded.org/mt/80499989/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] recipes-kernel: add libbpf

[Khem Raj]

fails to build for rpi4 here

https://errors.yoctoproject.org/Errors/Details/570276/

On Mon, Feb 8, 2021 at 1:34 PM Bruce Ashfield  wrote:
>
> On Mon, Feb 8, 2021 at 4:22 PM Matteo Croce  
> wrote:
> >
> > On Mon, Feb 8, 2021 at 9:13 PM Bruce Ashfield  
> > wrote:
> > >
> > > On Mon, Feb 8, 2021 at 1:18 PM Matteo Croce  
> > > wrote:
> > > >
> > > > From: Matteo Croce 
> > > >
> > > > Add a recipe to build libbpf from https://github.com/libbpf/libbpf
> > > > The only patch fixes a build issue, and it's already merged upstream.
> > >
> > > Thanks for the submission! I have a few comments / questions.
> > >
> > > To get this into oe-core, we should be commenting / documenting why it
> > > should be in core, versus another layer. The standard criteria is that
> > > there are enough varied users and that the functionality is common
> > > enough, that it belongs in core.
> > >
> >
> > For sure bcc and bpftrace can use it, and maybe also perf.
> > In future even iproute2 will use it, as it has been ported to libbpf 
> > recently.
> > Feel free to propose another layer, in case you know a better one.
>
> That's not for me to propose . that's for you to sort out.
>
> A quick check of the layer index would show that other bpf tools are
> in meta-oe.
>
> >
> >
> > > There should also be some sort of oe-selftest for the functionality,
> > > otherwise, it is hard to detect breakages. Some sort of application
> > > that uses the library and that can be executed in qemu would be
> > > enough.
> > >
> >
> > That's doable.
> >
> > > What are the kernel requirements ? CONFIG_BPF is selected by other
> > > kernel configs (it has no menu entry, so it must be), is it that, or
> > > something else that is the requirement (classic BFP?). If that option
> > > is now always on, is that true for the reference kernel versions in
> > > master (5.4 and 5.10).
> > >
> >
> > I'd say BPF_SYSCALL, which is the single entry point for al the eBPF 
> > routines.
>
> Yes, that's the core support, and a selftest would ensure that the
> reference kernels can support the package (they can, but we still need
> the test) and implicitly document that requirement.
>
> >
> > > Finally, does this work across all the supported architectures ? if
> > > not, we'll need compatibility settings.
> > >
> >
> > I tested it only x86 and aarch64, but it should be arch independent.
>
> Then it should be limited to where it has been tested, otherwise, the
> burden falls to the oe-core maintainer, which we don't want.
>
> Bruce
>
> >
> > Thanks!
> > --
> > per aspera ad upstream
>
>
>
> --
> - Thou shalt not follow the NULL pointer, for chaos and madness await
> thee at its end
> - "Use the force Harry" - Gandalf, Star Trek II
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147906): 
https://lists.openembedded.org/g/openembedded-core/message/147906
Mute This Topic: https://lists.openembedded.org/mt/80484584/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [meta][PATCHv2] npm.bbclass: avoid building target nodejs for native npm recipes

[Yoann Congal]

Le mar. 9 févr. 2021 à 16:42, Yoann CONGAL  a écrit :

> Le lun. 8 févr. 2021 à 20:11, Martin Jansa  a
> écrit :
>
>> You need the override after the append/prepend operator and append is
>> more common than prepend (order of RDEPENDS isn't important) so I would use:
>>
>> RDEPENDS_${PN}_append_class-target = " nodejs"
>>
>
> Thanks! I already sent a v2 here :
> https://lists.openembedded.org/g/openembedded-core/message/147833
> ... with _prepend though : I respected the original line as much as
> possible. I would have used _append as well.
>

... I was not aware that you answered to the v2. Sorry about that.

I sent a v3 with append :
https://lists.openembedded.org/g/openembedded-core/message/147904

Thank you for your review.

-- 
Yoann

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147905): 
https://lists.openembedded.org/g/openembedded-core/message/147905
Mute This Topic: https://lists.openembedded.org/mt/80484352/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [meta][PATCHv3] npm.bbclass: avoid building target nodejs for native npm recipes

[Yoann Congal]

The current recipe unconditionally RDEPENDS on nodejs (the target one).
When building on the "-native recipe" of "BBCLASSEXTEND native" recipe,
the target nodejs is unnecessarily built.

This patch fixes this by only RDEPENDS on nodejs when building for the target.

Signed-off-by: Yoann Congal 
---
 meta/classes/npm.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/npm.bbclass b/meta/classes/npm.bbclass
index 79f55febcc..55a6985fb0 100644
--- a/meta/classes/npm.bbclass
+++ b/meta/classes/npm.bbclass
@@ -20,7 +20,7 @@
 inherit python3native
 
 DEPENDS_prepend = "nodejs-native "
-RDEPENDS_${PN}_prepend = "nodejs "
+RDEPENDS_${PN}_append_class-target = " nodejs"
 
 NPM_INSTALL_DEV ?= "0"
 
-- 
2.20.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147904): 
https://lists.openembedded.org/g/openembedded-core/message/147904
Mute This Topic: https://lists.openembedded.org/mt/80507744/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 35/35] python3targetconfig.bbclass: Make py3 dep and tasks only for target recipes

[Anuj Mittal]

From: Khem Raj 

python3targetconfig append target python3 to dependencies
unconditionally, and here its inherited unconditionally too but
distutils3-base is inherited in BBCLASSEXTEND'ed recipes and other not-target
recipes as well. Hence the change added via 
9c8f666097802cb594a759989edcf01603a22df3
is now bridging the native dependencies with target python3 and thats
resulting all sorts of rebuilds for multimachine builds e.g.

MACHINE=qemuarm bitbake python3-scons-native
MACHINE=qemumips bitbake python3-scons-native

results in rebuilds for python3-scons-native

bitbake-diffsigs shows

Hash for dependent task 
python/python3-scons-native_3.1.2.bb:do_populate_sysroot changed from 
1cdb93193b416477df6faa137e83a967b433c7aa29033146b405153f73f36933 to 
3cea1e7cbedd121ecb768fbc291cc4e4d7d3b5c0442897
0e3b97bd058d162065
Hash for dependent task python/python3-scons-native_3.1.2.bb:do_install 
changed from 8d6018fd03ffc6060a04532dc39a5b7ccca1be026a69d069cb4fb11aef86dd89 
to c5f1d173596a8e910f45a2b6e0b4dab96cd0102be4d62bd3156
229cb0f5ebb11
Hash for dependent task python/python3-scons-native_3.1.2.bb:do_compile 
changed from e3ee4b52a15267e6ae7853ec19a666b2fb62608a597608793336382d1c45f8a0 
to 1e582043dfe6b3e00aaa532f363ce6afb37652abe837dac
7cc9769194c43eae1
Hash for dependent task 
python/python3-scons-native_3.1.2.bb:do_configure changed from 
770a4d5a77a96ebd9e1e7368f710bca3f88e3b1266dffa3b2d0360b1e3a81e27 to 
a366982778b03eee5165c3117ee778f848acdfaa2
b346650fbdf114ac70ab57b
Hash for dependent task 
python/python3-scons-native_3.1.2.bb:do_prepare_recipe_sysroot changed from 
958910037856ff5d5eb2b5162b3cdd02a3a710fc543b933cfeba771ee095cb72 to 
474333fb565f908992fd3716
4935aaecf31a79e867826fe634cde4f44171d8e7
Hash for dependent task 
python/python3_3.9.0.bb:do_populate_sysroot changed from 
7ac1c4fcbb2eacf98d2c32d991751bd2f3c7d55e2e32f2c9e485e7f5975fecf8 to 
25dcfe74a95af19cce8df7c29311cc5edbbf6ad
08777e46a6fa6e417c0445018

...

Therefore limit effects of this class only for target recipes.

Signed-off-by: Khem Raj 
Cc: Alexander Kanavin 
Cc: Martin Jansa 
Cc: Jose Quaresma 
Signed-off-by: Richard Purdie 
(cherry picked from commit 59cc148de3fd19f5041727f072f087f741c506f6)
Signed-off-by: Anuj Mittal 
---
 meta/classes/python3targetconfig.bbclass | 10 ++
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/meta/classes/python3targetconfig.bbclass 
b/meta/classes/python3targetconfig.bbclass
index 640d0c97b6..fc1025c207 100644
--- a/meta/classes/python3targetconfig.bbclass
+++ b/meta/classes/python3targetconfig.bbclass
@@ -1,15 +1,17 @@
 inherit python3native
 
-DEPENDS_append = " python3"
+EXTRA_PYTHON_DEPENDS ?= ""
+EXTRA_PYTHON_DEPENDS_class-target = "python3"
+DEPENDS_append = " ${EXTRA_PYTHON_DEPENDS}"
 
-do_configure_prepend() {
+do_configure_prepend_class-target() {
 export _PYTHON_SYSCONFIGDATA_NAME="_sysconfigdata"
 }
 
-do_compile_prepend() {
+do_compile_prepend_class-target() {
 export _PYTHON_SYSCONFIGDATA_NAME="_sysconfigdata"
 }
 
-do_install_prepend() {
+do_install_prepend_class-target() {
 export _PYTHON_SYSCONFIGDATA_NAME="_sysconfigdata"
 }
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147903): 
https://lists.openembedded.org/g/openembedded-core/message/147903
Mute This Topic: https://lists.openembedded.org/mt/80507712/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 34/35] gpgme: use python3targetconfig

[Anuj Mittal]

From: Alexander Kanavin 

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit 375d13fcb362b48e57ba8851b03f2b72dd44da11)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-support/gpgme/gpgme_1.14.0.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-support/gpgme/gpgme_1.14.0.bb 
b/meta/recipes-support/gpgme/gpgme_1.14.0.bb
index 9fa8212808..fb7215381c 100644
--- a/meta/recipes-support/gpgme/gpgme_1.14.0.bb
+++ b/meta/recipes-support/gpgme/gpgme_1.14.0.bb
@@ -48,7 +48,7 @@ DEFAULT_LANGUAGES_class-target = "cpp"
 LANGUAGES ?= "${DEFAULT_LANGUAGES} python"
 
 PYTHON_INHERIT = "${@bb.utils.contains('PACKAGECONFIG', 'python2', 
'pythonnative', '', d)}"
-PYTHON_INHERIT .= "${@bb.utils.contains('PACKAGECONFIG', 'python3', 
'python3native', '', d)}"
+PYTHON_INHERIT .= "${@bb.utils.contains('PACKAGECONFIG', 'python3', 
'python3native python3targetconfig', '', d)}"
 
 EXTRA_OECONF += '--enable-languages="${LANGUAGES}" \
  --disable-gpgconf-test \
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147902): 
https://lists.openembedded.org/g/openembedded-core/message/147902
Mute This Topic: https://lists.openembedded.org/mt/80507711/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 33/35] meta: drop _PYTHON_SYSCONFIGDATA_NAME hacks

[Anuj Mittal]

From: Alexander Kanavin 

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit 7901859e38de06c56b8535a8425e76cb114c57dc)
Signed-off-by: Anuj Mittal 
---
 meta/classes/scons.bbclass  | 3 ---
 meta/lib/oe/prservice.py| 4 
 meta/recipes-core/glib-2.0/glib.inc | 4 
 meta/recipes-graphics/mesa/mesa.inc | 5 -
 4 files changed, 16 deletions(-)

diff --git a/meta/classes/scons.bbclass b/meta/classes/scons.bbclass
index 6b171ca8df..4f3ae502ef 100644
--- a/meta/classes/scons.bbclass
+++ b/meta/classes/scons.bbclass
@@ -5,7 +5,6 @@ DEPENDS += "python3-scons-native"
 EXTRA_OESCONS ?= ""
 
 do_configure() {
-   unset _PYTHON_SYSCONFIGDATA_NAME
if [ -n "${CONFIGURESTAMPFILE}" ]; then
if [ -e "${CONFIGURESTAMPFILE}" -a "`cat 
${CONFIGURESTAMPFILE}`" != "${BB_TASKHASH}" -a "${CLEANBROKEN}" != "1" ]; then
${STAGING_BINDIR_NATIVE}/scons --clean PREFIX=${prefix} 
prefix=${prefix} ${EXTRA_OESCONS}
@@ -17,13 +16,11 @@ do_configure() {
 }
 
 scons_do_compile() {
-   unset _PYTHON_SYSCONFIGDATA_NAME
${STAGING_BINDIR_NATIVE}/scons ${PARALLEL_MAKE} PREFIX=${prefix} 
prefix=${prefix} ${EXTRA_OESCONS} || \
die "scons build execution failed."
 }
 
 scons_do_install() {
-   unset _PYTHON_SYSCONFIGDATA_NAME
${STAGING_BINDIR_NATIVE}/scons install_root=${D}${prefix} 
PREFIX=${prefix} prefix=${prefix} ${EXTRA_OESCONS} install || \
die "scons install execution failed."
 }
diff --git a/meta/lib/oe/prservice.py b/meta/lib/oe/prservice.py
index 2d3c9c7e50..fcdbe66c19 100644
--- a/meta/lib/oe/prservice.py
+++ b/meta/lib/oe/prservice.py
@@ -3,10 +3,6 @@
 #
 
 def prserv_make_conn(d, check = False):
-# Otherwise this fails when called from recipes which e.g. inherit 
python3native (which sets _PYTHON_SYSCONFIGDATA_NAME) with:
-# No module named '_sysconfigdata'
-if '_PYTHON_SYSCONFIGDATA_NAME' in os.environ:
-del os.environ['_PYTHON_SYSCONFIGDATA_NAME']
 import prserv.serv
 host_params = list([_f for _f in (d.getVar("PRSERV_HOST") or 
'').split(':') if _f])
 try:
diff --git a/meta/recipes-core/glib-2.0/glib.inc 
b/meta/recipes-core/glib-2.0/glib.inc
index e48b5cb67b..71777bc459 100644
--- a/meta/recipes-core/glib-2.0/glib.inc
+++ b/meta/recipes-core/glib-2.0/glib.inc
@@ -34,10 +34,6 @@ DEPENDS_append_class-target = "${@' gtk-doc' if 
d.getVar('GTKDOC_ENABLED') == 'T
 
 GTKDOC_MESON_OPTION = "gtk_doc"
 
-# This avoids the need to depend on target python3, which in case of mingw is 
not even possible.
-# meson's python configuration pokes into python3 configuration, so this 
provides the native config to it.
-unset _PYTHON_SYSCONFIGDATA_NAME
-
 S = "${WORKDIR}/glib-${PV}"
 
 PACKAGECONFIG ??= "system-pcre libmount \
diff --git a/meta/recipes-graphics/mesa/mesa.inc 
b/meta/recipes-graphics/mesa/mesa.inc
index 9fc62e95e1..a4c7007157 100644
--- a/meta/recipes-graphics/mesa/mesa.inc
+++ b/meta/recipes-graphics/mesa/mesa.inc
@@ -48,11 +48,6 @@ PROVIDES = " \
 
 inherit meson pkgconfig python3native gettext features_check
 
-# Unset these to stop python trying to report the target Python setup
-_PYTHON_SYSCONFIGDATA_NAME[unexport] = "1"
-STAGING_INCDIR[unexport] = "1"
-STAGING_LIBDIR[unexport] = "1"
-
 BBCLASSEXTEND = "native nativesdk"
 
 ANY_OF_DISTRO_FEATURES_class-target = "opengl vulkan"
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147901): 
https://lists.openembedded.org/g/openembedded-core/message/147901
Mute This Topic: https://lists.openembedded.org/mt/80507710/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 32/35] distutils3-base.bbclass: use python3targetconfig

[Anuj Mittal]

From: Alexander Kanavin 

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit 10cdc26748e64394e829d919a15e899812bb2fe2)
Signed-off-by: Anuj Mittal 
---
 meta/classes/distutils3-base.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/distutils3-base.bbclass 
b/meta/classes/distutils3-base.bbclass
index 7dbf07ac4b..a277d1c7bc 100644
--- a/meta/classes/distutils3-base.bbclass
+++ b/meta/classes/distutils3-base.bbclass
@@ -1,5 +1,5 @@
 DEPENDS  += "${@["${PYTHON_PN}-native ${PYTHON_PN}", ""][(d.getVar('PACKAGES') 
== '')]}"
 RDEPENDS_${PN} += "${@['', '${PYTHON_PN}-core']['${CLASSOVERRIDE}' == 
'class-target']}"
 
-inherit distutils-common-base python3native
+inherit distutils-common-base python3native python3targetconfig
 
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147900): 
https://lists.openembedded.org/g/openembedded-core/message/147900
Mute This Topic: https://lists.openembedded.org/mt/80507709/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 29/35] yocto-uninative.inc: version 2.11 updates glibc to 2.33

[Anuj Mittal]

From: Michael Halstead 

Support glibc 2.33.

Signed-off-by: Michael Halstead 
Signed-off-by: Richard Purdie 
(cherry picked from commit 5c7f963d395aa4a94d78c37883488baac471ea43)
Signed-off-by: Anuj Mittal 
---
 meta/conf/distro/include/yocto-uninative.inc | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/meta/conf/distro/include/yocto-uninative.inc 
b/meta/conf/distro/include/yocto-uninative.inc
index 85336014b1..bc47083978 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,9 +6,9 @@
 # to the distro running on the build machine.
 #
 
-UNINATIVE_MAXGLIBCVERSION = "2.32"
+UNINATIVE_MAXGLIBCVERSION = "2.33"
 
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.10/;
-UNINATIVE_CHECKSUM[aarch64] ?= 
"645e5c50b2b48aabb8b10f783a9f94b4b7c5ddc7cfceb5386d43b86d30253202"
-UNINATIVE_CHECKSUM[i686] ?= 
"233e09b5ff30e15341232a0c16fa8448ff31dccb8f3f3e2ad3948cdac8c4a598"
-UNINATIVE_CHECKSUM[x86_64] ?= 
"04333677f81990ce2cf55c3bc256cd84a66085d18fc95ccddfab8581e4aec014"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.11/;
+UNINATIVE_CHECKSUM[aarch64] ?= 
"fa703e25c26eaebb1afd895337b92a24cc5077818e093af74912e53846a117fe"
+UNINATIVE_CHECKSUM[i686] ?= 
"638901c990ffbe716a34400134a2ad49a1c3104e3b48cdafd6fcd28e9b133294"
+UNINATIVE_CHECKSUM[x86_64] ?= 
"047ddd78d6b5cabd2a102120e27755a9eaa1d5724c6a8f4007daa3f10ecb6871"
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147896): 
https://lists.openembedded.org/g/openembedded-core/message/147896
Mute This Topic: https://lists.openembedded.org/mt/80507704/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 31/35] python3-pycairo: use python3targetconfig

[Anuj Mittal]

From: Alexander Kanavin 

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit 27d1dcf065ac2ccb57229eef54dd63b45d0fc5f9)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-devtools/python/python3-pycairo_1.19.1.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/python/python3-pycairo_1.19.1.bb 
b/meta/recipes-devtools/python/python3-pycairo_1.19.1.bb
index 34c8543bce..1734610d12 100644
--- a/meta/recipes-devtools/python/python3-pycairo_1.19.1.bb
+++ b/meta/recipes-devtools/python/python3-pycairo_1.19.1.bb
@@ -18,7 +18,7 @@ SRC_URI[sha256sum] = 
"2c143183280feb67f5beb4e543fd49990c28e7df427301ede04fc550d3
 
 S = "${WORKDIR}/pycairo-${PV}"
 
-inherit meson pkgconfig
+inherit meson pkgconfig python3targetconfig
 
 CFLAGS += "-fPIC"
 
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147899): 
https://lists.openembedded.org/g/openembedded-core/message/147899
Mute This Topic: https://lists.openembedded.org/mt/80507707/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 28/35] uninative: Upgrade to 2.10

[Anuj Mittal]

From: Michael Halstead 

Final glibc 2.32 based uninative.

Signed-off-by: Michael Halstead 
Signed-off-by: Richard Purdie 
(cherry picked from commit 8b5d932a42ce9e3e801837bea9cf319c455d9ae5)
Signed-off-by: Anuj Mittal 
---
 meta/conf/distro/include/yocto-uninative.inc | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta/conf/distro/include/yocto-uninative.inc 
b/meta/conf/distro/include/yocto-uninative.inc
index 69b6edee5f..85336014b1 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -8,7 +8,7 @@
 
 UNINATIVE_MAXGLIBCVERSION = "2.32"
 
-UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.9/;
-UNINATIVE_CHECKSUM[aarch64] ?= 
"9f25a667aee225b1dd65c4aea73e01983e825b1cb9b56937932a1ee328b45f81"
-UNINATIVE_CHECKSUM[i686] ?= 
"cae5d73245d95b07cf133b780ba3f6c8d0adca3ffc4e7e7fab61d5e24d36"
-UNINATIVE_CHECKSUM[x86_64] ?= 
"d07916b95c419c81541a19c8ef0ed8cbd78ae18437ff28a4c8a60ef40518e423"
+UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/2.10/;
+UNINATIVE_CHECKSUM[aarch64] ?= 
"645e5c50b2b48aabb8b10f783a9f94b4b7c5ddc7cfceb5386d43b86d30253202"
+UNINATIVE_CHECKSUM[i686] ?= 
"233e09b5ff30e15341232a0c16fa8448ff31dccb8f3f3e2ad3948cdac8c4a598"
+UNINATIVE_CHECKSUM[x86_64] ?= 
"04333677f81990ce2cf55c3bc256cd84a66085d18fc95ccddfab8581e4aec014"
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147897): 
https://lists.openembedded.org/g/openembedded-core/message/147897
Mute This Topic: https://lists.openembedded.org/mt/80507705/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 30/35] python3: split python target configuration into own class

[Anuj Mittal]

From: Alexander Kanavin 

Setting _PYTHON_SYSCONFIGDATA_NAME in python3native class globally was
problematic as it was leaking into host python environment, which
was causing tracebacks depending on host distro and action
(typically anything involving importing sysconfig module).

The new class sets the variable only in specific tasks where it is needed,
and should be inherited explicitly:
- use python3native to run scripts with native python
- use python3targetconfig to run scripts with native python
if those scripts need to access target config data (such
as correct installation directories). This also adds a dependency
on target python, so should be used carefully to avoid lengthening builds.

Signed-off-by: Alexander Kanavin 
Signed-off-by: Richard Purdie 
(cherry picked from commit 823cbf815d6984e813f0ae812f6a14469150eeff)
Signed-off-by: Anuj Mittal 
---
 meta/classes/python3native.bbclass   |  2 --
 meta/classes/python3targetconfig.bbclass | 15 +++
 2 files changed, 15 insertions(+), 2 deletions(-)
 create mode 100644 meta/classes/python3targetconfig.bbclass

diff --git a/meta/classes/python3native.bbclass 
b/meta/classes/python3native.bbclass
index d98fb4c758..2e3a88c126 100644
--- a/meta/classes/python3native.bbclass
+++ b/meta/classes/python3native.bbclass
@@ -17,8 +17,6 @@ export STAGING_LIBDIR
 export PYTHON_LIBRARY="${STAGING_LIBDIR}/lib${PYTHON_DIR}${PYTHON_ABI}.so"
 export PYTHON_INCLUDE_DIR="${STAGING_INCDIR}/${PYTHON_DIR}${PYTHON_ABI}"
 
-export _PYTHON_SYSCONFIGDATA_NAME="_sysconfigdata"
-
 # suppress host user's site-packages dirs.
 export PYTHONNOUSERSITE = "1"
 
diff --git a/meta/classes/python3targetconfig.bbclass 
b/meta/classes/python3targetconfig.bbclass
new file mode 100644
index 00..640d0c97b6
--- /dev/null
+++ b/meta/classes/python3targetconfig.bbclass
@@ -0,0 +1,15 @@
+inherit python3native
+
+DEPENDS_append = " python3"
+
+do_configure_prepend() {
+export _PYTHON_SYSCONFIGDATA_NAME="_sysconfigdata"
+}
+
+do_compile_prepend() {
+export _PYTHON_SYSCONFIGDATA_NAME="_sysconfigdata"
+}
+
+do_install_prepend() {
+export _PYTHON_SYSCONFIGDATA_NAME="_sysconfigdata"
+}
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147898): 
https://lists.openembedded.org/g/openembedded-core/message/147898
Mute This Topic: https://lists.openembedded.org/mt/80507706/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 26/35] openssh: Backport a fix to fix with glibc 2.33 on some platforms

[Anuj Mittal]

From: Richard Purdie 

This fixes openssh failing to work on qemux86 with glibc 2.33 due to
seccomp and the fact new syscalls are used. Also likely fixes issues
on other platforms.

Signed-off-by: Richard Purdie 
(cherry picked from commit 22f8ce6e6d998c0539a40b2776b1a2abb4f44bb3)
Signed-off-by: Anuj Mittal 
---
 ...440ca70abab947acbd77795e9f130967956c.patch | 28 +++
 .../openssh/openssh_8.3p1.bb  |  1 +
 2 files changed, 29 insertions(+)
 create mode 100644 
meta/recipes-connectivity/openssh/openssh/0f90440ca70abab947acbd77795e9f130967956c.patch

diff --git 
a/meta/recipes-connectivity/openssh/openssh/0f90440ca70abab947acbd77795e9f130967956c.patch
 
b/meta/recipes-connectivity/openssh/openssh/0f90440ca70abab947acbd77795e9f130967956c.patch
new file mode 100644
index 00..b88bc18f12
--- /dev/null
+++ 
b/meta/recipes-connectivity/openssh/openssh/0f90440ca70abab947acbd77795e9f130967956c.patch
@@ -0,0 +1,28 @@
+From 0f90440ca70abab947acbd77795e9f130967956c Mon Sep 17 00:00:00 2001
+From: Darren Tucker 
+Date: Fri, 20 Nov 2020 13:37:54 +1100
+Subject: [PATCH] Add new pselect6_time64 syscall on ARM.
+
+This is apparently needed on armhfp/armv7hl.  bz#3232, patch from
+jjelen at redhat.com.
+---
+ sandbox-seccomp-filter.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+Upstream-Status: Backport
+[fixes issues on 32bit IA and probably other 32 bit platforms too with glibc 
2.33]
+
+diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
+index e0768c063..5065ae7ef 100644
+--- a/sandbox-seccomp-filter.c
 b/sandbox-seccomp-filter.c
+@@ -267,6 +267,9 @@ static const struct sock_filter preauth_insns[] = {
+ #ifdef __NR_pselect6
+   SC_ALLOW(__NR_pselect6),
+ #endif
++#ifdef __NR_pselect6_time64
++  SC_ALLOW(__NR_pselect6_time64),
++#endif
+ #ifdef __NR_read
+   SC_ALLOW(__NR_read),
+ #endif
diff --git a/meta/recipes-connectivity/openssh/openssh_8.3p1.bb 
b/meta/recipes-connectivity/openssh/openssh_8.3p1.bb
index 2aa1df20bd..3061ed2975 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.3p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.3p1.bb
@@ -24,6 +24,7 @@ SRC_URI = 
"http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
file://sshd_check_keys \
file://add-test-support-for-busybox.patch \
+   file://0f90440ca70abab947acbd77795e9f130967956c.patch \
"
 SRC_URI[sha256sum] = 
"f2befbe0472fe7eb75d23340eb17531cb6b3aac24075e2066b41f814e12387b2"
 
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147892): 
https://lists.openembedded.org/g/openembedded-core/message/147892
Mute This Topic: https://lists.openembedded.org/mt/80507698/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 25/35] systemd: change /bin/nologin to /sbin/nologin

[Anuj Mittal]

From: Chen Qi 

Our nologin path is /sbin/nologin instead of /bin/nologin.

Signed-off-by: Chen Qi 
Signed-off-by: Richard Purdie 
(cherry picked from commit cd7f55e960e759d946d8b619b0a306e610f66356)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-core/systemd/systemd_246.9.bb | 16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/meta/recipes-core/systemd/systemd_246.9.bb 
b/meta/recipes-core/systemd/systemd_246.9.bb
index 9215adf8dc..2f460e9bee 100644
--- a/meta/recipes-core/systemd/systemd_246.9.bb
+++ b/meta/recipes-core/systemd/systemd_246.9.bb
@@ -357,15 +357,15 @@ USERADD_PACKAGES = "${PN} ${PN}-extra-utils \
 ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', 
'${PN}-journal-upload', '', d)} \
 "
 GROUPADD_PARAM_${PN} = "-r systemd-journal"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', 
'--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', 
'--system -d / -M --shell /bin/nologin systemd-network;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', 
'--system -d / -M --shell /sbin/nologin systemd-coredump;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', 
'--system -d / -M --shell /sbin/nologin systemd-network;', '', d)}"
 USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', 
'--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 
polkitd;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', 
'--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}"
-USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', 
'--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}"
-USERADD_PARAM_${PN}-extra-utils = "--system -d / -M --shell /bin/nologin 
systemd-bus-proxy"
-USERADD_PARAM_${PN}-journal-gateway = "--system -d / -M --shell /bin/nologin 
systemd-journal-gateway"
-USERADD_PARAM_${PN}-journal-remote = "--system -d / -M --shell /bin/nologin 
systemd-journal-remote"
-USERADD_PARAM_${PN}-journal-upload = "--system -d / -M --shell /bin/nologin 
systemd-journal-upload"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', 
'--system -d / -M --shell /sbin/nologin systemd-resolve;', '', d)}"
+USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', 
'--system -d / -M --shell /sbin/nologin systemd-timesync;', '', d)}"
+USERADD_PARAM_${PN}-extra-utils = "--system -d / -M --shell /sbin/nologin 
systemd-bus-proxy"
+USERADD_PARAM_${PN}-journal-gateway = "--system -d / -M --shell /sbin/nologin 
systemd-journal-gateway"
+USERADD_PARAM_${PN}-journal-remote = "--system -d / -M --shell /sbin/nologin 
systemd-journal-remote"
+USERADD_PARAM_${PN}-journal-upload = "--system -d / -M --shell /sbin/nologin 
systemd-journal-upload"
 
 FILES_${PN}-analyze = "${bindir}/systemd-analyze"
 
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147891): 
https://lists.openembedded.org/g/openembedded-core/message/147891
Mute This Topic: https://lists.openembedded.org/mt/80507697/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 19/35] sudo: fix CVE-2021-23240

[Anuj Mittal]

Signed-off-by: Anuj Mittal 
---
 .../sudo/files/CVE-2021-23240.patch   | 419 ++
 meta/recipes-extended/sudo/sudo_1.9.3.bb  |   1 +
 2 files changed, 420 insertions(+)
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2021-23240.patch

diff --git a/meta/recipes-extended/sudo/files/CVE-2021-23240.patch 
b/meta/recipes-extended/sudo/files/CVE-2021-23240.patch
new file mode 100644
index 00..740a13cd90
--- /dev/null
+++ b/meta/recipes-extended/sudo/files/CVE-2021-23240.patch
@@ -0,0 +1,419 @@
+Upstream-Status: Backport [https://www.sudo.ws/repos/sudo/rev/8fcb36ef422a]
+Signed-off-by: Anuj Mittal 
+CVE: CVE-2021-23240
+
+# HG changeset patch
+# User Todd C. Miller 
+# Date 1609953360 25200
+# Node ID 8fcb36ef422a251fe33738a347551439944a4a37
+# Parent  ea19d0073c02951bbbf35342dd63304da83edce8
+Add security checks before using temp files for SELinux RBAC sudoedit.
+Otherwise, it may be possible for the user running sudoedit to
+replace the newly-created temporary files with a symbolic link and
+have sudoedit set the owner of an arbitrary file.
+Problem reported by Matthias Gerstner of SUSE.
+
+diff -r ea19d0073c02 -r 8fcb36ef422a src/copy_file.c
+--- a/src/copy_file.c  Wed Jan 06 10:16:00 2021 -0700
 b/src/copy_file.c  Wed Jan 06 10:16:00 2021 -0700
+@@ -1,7 +1,7 @@
+ /*
+  * SPDX-License-Identifier: ISC
+  *
+- * Copyright (c) 2020 Todd C. Miller 
++ * Copyright (c) 2020-2021 Todd C. Miller 
+  *
+  * Permission to use, copy, modify, and distribute this software for any
+  * purpose with or without fee is hereby granted, provided that the above
+@@ -23,6 +23,8 @@
+ 
+ #include 
+ 
++#include 
++
+ #include 
+ #include 
+ #include 
+@@ -134,3 +136,34 @@
+ sudo_warn(U_("unable to write to %s"), dst);
+ debug_return_int(-1);
+ }
++
++#ifdef HAVE_SELINUX
++bool
++sudo_check_temp_file(int tfd, const char *tfile, uid_t uid, struct stat *sb)
++{
++struct stat sbuf;
++debug_decl(sudo_check_temp_file, SUDO_DEBUG_UTIL);
++
++if (sb == NULL)
++  sb = 
++
++if (fstat(tfd, sb) == -1) {
++  sudo_warn(U_("unable to stat %s"), tfile);
++  debug_return_bool(false);
++}
++if (!S_ISREG(sb->st_mode)) {
++  sudo_warnx(U_("%s: not a regular file"), tfile);
++  debug_return_bool(false);
++}
++if ((sb->st_mode & ALLPERMS) != (S_IRUSR|S_IWUSR)) {
++  sudo_warnx(U_("%s: bad file mode: 0%o"), tfile, sb->st_mode & ALLPERMS);
++  debug_return_bool(false);
++}
++if (sb->st_uid != uid) {
++  sudo_warnx(U_("%s is owned by uid %u, should be %u"),
++  tfile, (unsigned int)sb->st_uid, (unsigned int)uid);
++  debug_return_bool(false);
++}
++debug_return_bool(true);
++}
++#endif /* SELINUX */
+diff -r ea19d0073c02 -r 8fcb36ef422a src/sesh.c
+--- a/src/sesh.c   Wed Jan 06 10:16:00 2021 -0700
 b/src/sesh.c   Wed Jan 06 10:16:00 2021 -0700
+@@ -1,7 +1,7 @@
+ /*
+  * SPDX-License-Identifier: ISC
+  *
+- * Copyright (c) 2008, 2010-2018, 2020 Todd C. Miller 
++ * Copyright (c) 2008, 2010-2018, 2020-2021 Todd C. Miller 

+  *
+  * Permission to use, copy, modify, and distribute this software for any
+  * purpose with or without fee is hereby granted, provided that the above
+@@ -132,7 +132,7 @@
+ static int
+ sesh_sudoedit(int argc, char *argv[])
+ {
+-int i, oflags_dst, post, ret = SESH_ERR_FAILURE;
++int i, oflags_src, oflags_dst, post, ret = SESH_ERR_FAILURE;
+ int fd_src = -1, fd_dst = -1, follow = 0;
+ struct stat sb;
+ struct timespec times[2];
+@@ -174,10 +174,12 @@
+   debug_return_int(SESH_ERR_BAD_PATHS);
+ 
+ /*
+- * Use O_EXCL if we are not in the post editing stage
+- * so that it's ensured that the temporary files are
+- * created by us and that we are not opening any symlinks.
++ * In the pre-editing stage, use O_EXCL to ensure that the temporary
++ * files are created by us and that we are not opening any symlinks.
++ * In the post-editing stage, use O_NOFOLLOW so we don't follow symlinks
++ * when opening the temporary files.
+  */
++oflags_src = O_RDONLY|(post ? O_NONBLOCK|O_NOFOLLOW : follow);
+ oflags_dst = O_WRONLY|O_CREAT|(post ? follow : O_EXCL);
+ for (i = 0; i < argc - 1; i += 2) {
+   const char *path_src = argv[i];
+@@ -187,7 +189,7 @@
+* doesn't exist, that's OK, we'll create an empty
+* destination file.
+*/
+-  if ((fd_src = open(path_src, O_RDONLY|follow, S_IRUSR|S_IWUSR)) < 0) {
++  if ((fd_src = open(path_src, oflags_src, S_IRUSR|S_IWUSR)) < 0) {
+   if (errno != ENOENT) {
+   sudo_warn("%s", path_src);
+   if (post) {
+@@ -197,6 +199,14 @@
+   goto cleanup_0;
+   }
+   }
++  if (post) {
++  /* Make sure the temporary file is safe and has the proper owner. */
++  if (!sudo_check_temp_file(fd_src, path_src, geteuid(), )) {
++  ret = SESH_ERR_SOME_FILES;
++  

[OE-core] [gatesgarth][PATCH 27/35] pseudo: Update to work with glibc 2.33

[Anuj Mittal]

From: Richard Purdie 

Update to a pseudo version which contains some heqader fixes for
glibc 2.33.

Signed-off-by: Richard Purdie 
(cherry picked from commit c897ac317926b132547578b1f6bd347fe5677dfc)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-devtools/pseudo/pseudo_git.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb 
b/meta/recipes-devtools/pseudo/pseudo_git.bb
index 0ba7b50355..0072e0558b 100644
--- a/meta/recipes-devtools/pseudo/pseudo_git.bb
+++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
@@ -6,7 +6,7 @@ SRC_URI = "git://git.yoctoproject.org/pseudo;branch=oe-core \
file://fallback-group \
"
 
-SRCREV = "8317c0ab172db47dabcef909bae02cd77b1f1010"
+SRCREV = "f332f5633b5dd73fa2b6e5d605eb33e4a446d7ad"
 S = "${WORKDIR}/git"
 PV = "1.9.0+git${SRCPV}"
 
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147895): 
https://lists.openembedded.org/g/openembedded-core/message/147895
Mute This Topic: https://lists.openembedded.org/mt/80507702/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 18/35] qemu.inc: Should depend on qemu-system-native, not qemu-native

[Anuj Mittal]

From: Richard Purdie 

This looks like it was from before the recipe was split, we'd expect
the system qemu mode for running the images so the dependency should be
updated.

Signed-off-by: Richard Purdie 
(cherry picked from commit 3a4fed4ae0e8a0d1bd62ea5fa1ef12925e1f20f5)
Signed-off-by: Anuj Mittal 
---
 meta/conf/machine/include/qemu.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/conf/machine/include/qemu.inc 
b/meta/conf/machine/include/qemu.inc
index 8dedb1a42d..7d0a6fe458 100644
--- a/meta/conf/machine/include/qemu.inc
+++ b/meta/conf/machine/include/qemu.inc
@@ -21,7 +21,7 @@ RDEPENDS_${KERNEL_PACKAGE_NAME}-base = ""
 # Use a common kernel recipe for all QEMU machines
 PREFERRED_PROVIDER_virtual/kernel ??= "linux-yocto"
 
-EXTRA_IMAGEDEPENDS += "qemu-native qemu-helper-native"
+EXTRA_IMAGEDEPENDS += "qemu-system-native qemu-helper-native"
 
 # Provide the nfs server kernel module for all qemu images
 KERNEL_FEATURES_append_pn-linux-yocto = " features/nfsd/nfsd-enable.scc"
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147893): 
https://lists.openembedded.org/g/openembedded-core/message/147893
Mute This Topic: https://lists.openembedded.org/mt/80507699/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 23/35] image_types.bbclass: tar: use posix format instead of gnu

[Anuj Mittal]

From: Martin Jansa 

* gnu isn't compatible with  --xattrs used e.g. here:
https://github.com/advancedtelematic/meta-updater/blob/d3a832f66e8802cb45536ff278d5c77f946d341d/classes/image_types_ostree.bbclass#L16
causing do_image_tar failing with:

| tar: --xattrs can be used only on POSIX archives
| Try 'tar --help' or 'tar --usage' for more information.

* https://www.gnu.org/software/tar/manual/html_chapter/tar_8.html
  says about posix format:

  This is the most flexible and feature-rich format.
  It does not impose any restrictions on file sizes or file name lengths.
  This format is quite recent, so not all tar implementations are able to 
handle it properly.
  However, this format is designed in such a way that any tar implementation 
able to read `ustar'
  archives will be able to read most `posix' archives as well, with the only 
exception that any
  additional information (such as long file names etc.) will in such case be 
extracted as plain
  text files along with the files it refers to.

  This archive format will be the default format for future versions of GNU tar.

  and:

  The default format for GNU tar is defined at compilation time.
  You may check it by running tar --help, and examining the last lines of its 
output.
  Usually, GNU tar is configured to create archives in `gnu' format, however, 
future version will switch to `posix'.

* I've compared tar on centos7 and ubuntu-18.04:

bash-4.2$ cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)

bash-4.2$ tar --version
tar (GNU tar) 1.26
...

bash-4.2$ tar --help | tail -n 5
*This* tar defaults to:
--format=gnu -f- -b20 --quoting-style=escape --rmt-command=/etc/rmt
--rsh-command=/usr/bin/ssh
...

bitbake@e0ee76f81c2f:/$ grep VERSION /etc/os-release
VERSION="18.04.5 LTS (Bionic Beaver)"
VERSION_ID="18.04"
VERSION_CODENAME=bionic

bitbake@e0ee76f81c2f:/$ tar --version
tar (GNU tar) 1.29
...

bitbake@e0ee76f81c2f:/$ tar --help | tail -n 5
...
*This* tar defaults to:
--format=gnu -f- -b20 --quoting-style=escape --rmt-command=/usr/lib/tar/rmt
--rsh-command=/usr/bin/rsh

Both support posix format (as pax POSIX 1003.1-2001). But centos7 version is
already too old anyway, because it doesn't support --sort=name used since:
https://git.openembedded.org/openembedded-core/commit/?id=4fa68626bbcfd9795577e1426c27d00f4d9d1c17
and
https://git.openembedded.org/openembedded-core/commit/?id=f19e43dec63a86c200e04ba14393583588550380
says that 1.28 is the minium version now and
https://git.openembedded.org/openembedded-core/commit/?id=7a66434cf11b7f051699b774e4fccd6738351368
recommends to use install-buildtools for hosts with tar < 1.28

On the other side latest tumbleweed from:
https://hub.docker.com/r/opensuse/tumbleweed
with tar-1.33 alredy defaults to posix format:

b99dbb3d86dd:/ # head -n 3 /etc/os-release
NAME="openSUSE Tumbleweed"
ID="opensuse-tumbleweed"

b99dbb3d86dd:/ # tar --version
tar (GNU tar) 1.33
...

b99dbb3d86dd:/ # tar --help | tail -n 3
*This* tar defaults to:
--format=posix -f- -b20 --quoting-style=escape --rmt-command=/usr/bin/rmt
--rsh-command=/usr/bin/ssh

I've packaged some sample rootfs directory with both tars and the result is
identical (with --format=gnu as well as --format=posix).

with ubuntu:
tar --sort=name --format=gnu --numeric-owner -cf rootfs.ubuntu.gnu.tar -C 
rootfs .
tar --xattrs --xattrs-include=* --sort=name --format=posix --numeric-owner -cf 
rootfs.ubuntu.posix.tar -C rootfs .
tumbleweed:
tar --sort=name --format=gnu --numeric-owner -cf rootfs.tumbleweed.gnu.tar -C 
rootfs .
tar --xattrs --xattrs-include=* --sort=name --format=posix --numeric-owner -cf 
rootfs.tumbleweed.posix.tar -C rootfs .
centos7 (without --sort=name):
tar --format=gnu --numeric-owner -cf rootfs.centos7.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --format=posix --numeric-owner -cf 
rootfs.centos7.posix.tar -C rootfs .

size is identical:
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb  5 09:19 rootfs.ubuntu.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb  5 10:17 rootfs.centos7.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb  5 10:26 rootfs.tumbleweed.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb  5 10:15 rootfs.ubuntu.posix.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb  5 10:16 rootfs.centos7.posix.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb  5 10:26 rootfs.tumbleweed.posix.tar

but md5s aren't:
5e3880283379dd773ac054e20562fdea  rootfs.centos7.gnu.tar
abeaf992c780aa780a27be01365d26f5  rootfs.centos7.posix.tar
0c6ee59d87ab56583293262de110bca4  rootfs.tumbleweed.gnu.tar
1555bc7276eaba924bf82a13a010fd6d  rootfs.tumbleweed.posix.tar
553d802bba351e273191bd5b2a621b66  rootfs.ubuntu.gnu.tar
b6d7b43b30174686f6625ba3c7aefdc6  rootfs.ubuntu.posix.tar

diffoscope shows some differences when using gnu format:

$ diffoscope rootfs.tumbleweed.gnu.tar rootfs.ubuntu.gnu.tar
...
-00239890: 3030 3000 3030 3737 3637 0020 4b00   000.007767. K...
+00239890: 3030 3000 3031 3135 3737 0020 4b00   000.011577. K...
...
-00239900: 0075 7374 

[OE-core] [gatesgarth][PATCH 24/35] license_image.bbclass: Don't attempt to symlink to the same file

[Anuj Mittal]

From: Mike Looijmans 

Sometimes (that is, in all my builds) the lic_manifest_dir and
lic_manifest_symlink_dir end up pointing to the same file, resulting
in an error like this:
  Exception: FileExistsError: [Errno 17] File exists: 
'/.../tmp-glibc/deploy/licenses/my-image-tdkz15' -> 
'/.../tmp-glibc/deploy/licenses/my-image-tdkz15'

First check to see if this is the case before attempting to create
the link.

Signed-off-by: Mike Looijmans 
Signed-off-by: Richard Purdie 
(cherry picked from commit 50f83fb542065eaf7a20ac07b63ae06441ada180)
Signed-off-by: Anuj Mittal 
---
 meta/classes/license_image.bbclass | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/classes/license_image.bbclass 
b/meta/classes/license_image.bbclass
index 119c8dfc86..6f478ce22c 100644
--- a/meta/classes/license_image.bbclass
+++ b/meta/classes/license_image.bbclass
@@ -210,7 +210,8 @@ def license_deployed_manifest(d):
 os.unlink(lic_manifest_symlink_dir)
 
 # create the image dir symlink
-os.symlink(lic_manifest_dir, lic_manifest_symlink_dir)
+if lic_manifest_dir != lic_manifest_symlink_dir:
+os.symlink(lic_manifest_dir, lic_manifest_symlink_dir)
 
 def get_deployed_dependencies(d):
 """
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147890): 
https://lists.openembedded.org/g/openembedded-core/message/147890
Mute This Topic: https://lists.openembedded.org/mt/80507696/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 22/35] libcroco: Added CVE

[Anuj Mittal]

From: saloni 

Added below CVE:
CVE-2020-12825
Link: CVE-2020-12825 
[https://gitlab.gnome.org/Archive/libcroco/-/commit/6eb257e5c731c691eb137fca94e916ca73941a5a]
Link: https://gitlab.gnome.org/Archive/libcroco/-/issues/8

Signed-off-by: Saloni Jain 
Signed-off-by: Richard Purdie 
(cherry picked from commit f8cee7386c556e1c5adb07a0aee385642b7a5568)
Signed-off-by: Anuj Mittal 
---
 .../libcroco/files/CVE-2020-12825.patch   | 192 ++
 .../libcroco/libcroco_0.6.13.bb   |   3 +
 2 files changed, 195 insertions(+)
 create mode 100644 meta/recipes-support/libcroco/files/CVE-2020-12825.patch

diff --git a/meta/recipes-support/libcroco/files/CVE-2020-12825.patch 
b/meta/recipes-support/libcroco/files/CVE-2020-12825.patch
new file mode 100644
index 00..42f92e3607
--- /dev/null
+++ b/meta/recipes-support/libcroco/files/CVE-2020-12825.patch
@@ -0,0 +1,192 @@
+From fdf78a4877afa987ba646a8779b513f258e6d04c Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro 
+Date: Fri, 31 Jul 2020 15:21:53 -0500
+Subject: [PATCH] libcroco: Limit recursion in block and any productions
+
+ (CVE-2020-12825)
+
+If we don't have any limits, we can recurse forever and overflow the
+stack.
+
+Fixes #8
+This is per https://gitlab.gnome.org/Archive/libcroco/-/issues/8
+
+https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1404
+
+CVE: CVE-2020-12825
+Upstream-Status: Backport 
[https://gitlab.gnome.org/Archive/libcroco/-/commit/6eb257e5c731c691eb137fca94e916ca73941a5a]
+Comment: No refreshing changes done.
+Signed-off-by: Saloni Jain 
+
+---
+ src/cr-parser.c | 44 +---
+ 1 file changed, 29 insertions(+), 15 deletions(-)
+
+diff --git a/src/cr-parser.c b/src/cr-parser.c
+index 18c9a01..f4a62e3 100644
+--- a/src/cr-parser.c
 b/src/cr-parser.c
+@@ -136,6 +136,8 @@ struct _CRParserPriv {
+ 
+ #define CHARS_TAB_SIZE 12
+ 
++#define RECURSIVE_CALLERS_LIMIT 100
++
+ /**
+  * IS_NUM:
+  *@a_char: the char to test.
+@@ -344,9 +346,11 @@ static enum CRStatus cr_parser_parse_selector_core 
(CRParser * a_this);
+ 
+ static enum CRStatus cr_parser_parse_declaration_core (CRParser * a_this);
+ 
+-static enum CRStatus cr_parser_parse_any_core (CRParser * a_this);
++static enum CRStatus cr_parser_parse_any_core (CRParser * a_this,
++   guint  n_calls);
+ 
+-static enum CRStatus cr_parser_parse_block_core (CRParser * a_this);
++static enum CRStatus cr_parser_parse_block_core (CRParser * a_this,
++ guint  n_calls);
+ 
+ static enum CRStatus cr_parser_parse_value_core (CRParser * a_this);
+ 
+@@ -784,7 +788,7 @@ cr_parser_parse_atrule_core (CRParser * a_this)
+ cr_parser_try_to_skip_spaces_and_comments (a_this);
+ 
+ do {
+-status = cr_parser_parse_any_core (a_this);
++status = cr_parser_parse_any_core (a_this, 0);
+ } while (status == CR_OK);
+ 
+ status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr,
+@@ -795,7 +799,7 @@ cr_parser_parse_atrule_core (CRParser * a_this)
+ cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, 
+   token);
+ token = NULL;
+-status = cr_parser_parse_block_core (a_this);
++status = cr_parser_parse_block_core (a_this, 0);
+ CHECK_PARSING_STATUS (status,
+   FALSE);
+ goto done;
+@@ -930,11 +934,11 @@ cr_parser_parse_selector_core (CRParser * a_this)
+ 
+ RECORD_INITIAL_POS (a_this, _pos);
+ 
+-status = cr_parser_parse_any_core (a_this);
++status = cr_parser_parse_any_core (a_this, 0);
+ CHECK_PARSING_STATUS (status, FALSE);
+ 
+ do {
+-status = cr_parser_parse_any_core (a_this);
++status = cr_parser_parse_any_core (a_this, 0);
+ 
+ } while (status == CR_OK);
+ 
+@@ -956,10 +960,12 @@ cr_parser_parse_selector_core (CRParser * a_this)
+  *in chapter 4.1 of the css2 spec.
+  *block ::= '{' S* [ any | block | ATKEYWORD S* | ';' ]* '}' S*;
+  *@param a_this the current instance of #CRParser.
++ *@param n_calls used to limit recursion depth
+  *FIXME: code this function.
+  */
+ static enum CRStatus
+-cr_parser_parse_block_core (CRParser * a_this)
++cr_parser_parse_block_core (CRParser * a_this,
++guint  n_calls)
+ {
+ CRToken *token = NULL;
+ CRInputPos init_pos;
+@@ -967,6 +973,9 @@ cr_parser_parse_block_core (CRParser * a_this)
+ 
+ g_return_val_if_fail (a_this && PRIVATE (a_this), CR_BAD_PARAM_ERROR);
+ 
++if (n_calls > RECURSIVE_CALLERS_LIMIT)
++return CR_ERROR;
++
+ RECORD_INITIAL_POS (a_this, _pos);
+ 
+ status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, );
+@@ -996,13 +1005,13 @@ cr_parser_parse_block_core (CRParser * a_this)
+ } 

[OE-core] [gatesgarth][PATCH 16/35] package: Ensure do_packagedata is cleaned correctly

[Anuj Mittal]

From: Richard Purdie 

In an earlier commit, libprocps was split into a separate package leaving
no shlibs in the main package. A bug was seen where igt-gpu-tools wouldn't
build correctly in some cases as it thought the librbary was still in the
main package, throwing qa errors as a result.

The issue was due to an extra file being left in the sstate output of
the do_packagedata task in the shlibs2/ folder which contained the bad
shlibs information.

The reason for this was that the temporary directory used in this
task wasn't being cleaned so files which were deleted were not handled
correctly. Add a missing cleandirs entry to fix this.

Signed-off-by: Richard Purdie 
(cherry picked from commit 50f17d0a655a3a2556f9fcad67259101c2814a36)
Signed-off-by: Anuj Mittal 
---
 meta/classes/package.bbclass | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
index 247bdc7bbf..5a32e5c2e3 100644
--- a/meta/classes/package.bbclass
+++ b/meta/classes/package.bbclass
@@ -2446,6 +2446,7 @@ python do_packagedata () {
 
 bb.build.exec_func("packagedata_translate_pr_autoinc", d)
 }
+do_packagedata[cleandirs] += "${WORKDIR}/pkgdata-pdata-input"
 
 # Translate the EXTENDPRAUTO and AUTOINC to the final values
 packagedata_translate_pr_autoinc() {
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147884): 
https://lists.openembedded.org/g/openembedded-core/message/147884
Mute This Topic: https://lists.openembedded.org/mt/80507685/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 21/35] libgcrypt: Whitelisted CVEs

[Anuj Mittal]

From: saloni 

Whitelisted below CVEs:

1. CVE-2018-12433
Link: https://security-tracker.debian.org/tracker/CVE-2018-12433
Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433
CVE-2018-12433 is marked disputed and ignored by NVD as it does
not impact crypt libraries for any distros and hence, can be safely
marked whitelisted.

2. CVE-2018-12438
Link: https://security-tracker.debian.org/tracker/CVE-2018-12438
Link: https://ubuntu.com/security/CVE-2018-12438
CVE-2018-12438 was reported for affecting openjdk crypt libraries
but there are no details available on which openjdk versions are
affected and does not directly affect libgcrypt or any specific
yocto distributions, hence, can be whitelisted.

Signed-off-by: Saloni Jain 
Signed-off-by: Richard Purdie 
(cherry picked from commit 2943efe3f56d394308f9364b439c25f6a7613288)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-support/libgcrypt/libgcrypt_1.8.6.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.8.6.bb 
b/meta/recipes-support/libgcrypt/libgcrypt_1.8.6.bb
index ac09417e89..832d07d515 100644
--- a/meta/recipes-support/libgcrypt/libgcrypt_1.8.6.bb
+++ b/meta/recipes-support/libgcrypt/libgcrypt_1.8.6.bb
@@ -28,6 +28,9 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \
 "
 SRC_URI[sha256sum] = 
"0cba2700617b99fc33864a0c16b1fa7fdf9781d9ed3509f5d767178e5fd7b975"
 
+# Below whitelisted CVEs are disputed and not affecting crypto libraries for 
any distro.
+CVE_CHECK_WHITELIST += "CVE-2018-12433 CVE-2018-12438"
+
 BINCONFIG = "${bindir}/libgcrypt-config"
 
 inherit autotools texinfo binconfig-disabled pkgconfig
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147887): 
https://lists.openembedded.org/g/openembedded-core/message/147887
Mute This Topic: https://lists.openembedded.org/mt/80507693/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 20/35] sudo: fix CVE-2021-3156

[Anuj Mittal]

Signed-off-by: Anuj Mittal 
---
 .../sudo/files/CVE-2021-3156-1.patch  | 100 ++
 .../sudo/files/CVE-2021-3156-2.patch  |  53 ++
 .../sudo/files/CVE-2021-3156-3.patch  |  73 +
 .../sudo/files/CVE-2021-3156-4.patch  |  29 +
 .../sudo/files/CVE-2021-3156-5.patch  |  41 +++
 meta/recipes-extended/sudo/sudo_1.9.3.bb  |   5 +
 6 files changed, 301 insertions(+)
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2021-3156-1.patch
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2021-3156-2.patch
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2021-3156-3.patch
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2021-3156-4.patch
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2021-3156-5.patch

diff --git a/meta/recipes-extended/sudo/files/CVE-2021-3156-1.patch 
b/meta/recipes-extended/sudo/files/CVE-2021-3156-1.patch
new file mode 100644
index 00..83c277575e
--- /dev/null
+++ b/meta/recipes-extended/sudo/files/CVE-2021-3156-1.patch
@@ -0,0 +1,100 @@
+Upstream-Status: Backport[https://www.sudo.ws/repos/sudo/rev/9b97f1787804]
+Signed-off-by: Anuj Mittal 
+CVE: CVE-2021-3156
+
+# HG changeset patch
+# User Todd C. Miller 
+# Date 1611416639 25200
+# Node ID 9b97f1787804aedccaec63c379053b1a91a0e409
+# Parent  90aba6ba6e03f3bc33b4eabf16358396ed83642d
+Reset valid_flags to MODE_NONINTERACTIVE for sudoedit.
+This is consistent with how the -e option is handled.
+Also reject -H and -P flags for sudoedit as was done in sudo 1.7.
+Found by Qualys, this is part of the fix for CVE-2021-3156.
+
+diff -r 90aba6ba6e03 -r 9b97f1787804 src/parse_args.c
+--- a/src/parse_args.c Mon Jan 18 12:30:52 2021 +0100
 b/src/parse_args.c Sat Jan 23 08:43:59 2021 -0700
+@@ -117,7 +117,10 @@
+ /*
+  * Default flags allowed when running a command.
+  */
+-#define DEFAULT_VALID_FLAGS   
(MODE_BACKGROUND|MODE_PRESERVE_ENV|MODE_RESET_HOME|MODE_LOGIN_SHELL|MODE_NONINTERACTIVE|MODE_SHELL)
++#define DEFAULT_VALID_FLAGS   
(MODE_BACKGROUND|MODE_PRESERVE_ENV|MODE_RESET_HOME|MODE_LOGIN_SHELL|MODE_NONINTERACTIVE|MODE_PRESERVE_GROUPS|MODE_SHELL)
++#define EDIT_VALID_FLAGS  MODE_NONINTERACTIVE
++#define LIST_VALID_FLAGS  (MODE_NONINTERACTIVE|MODE_LONG_LIST)
++#define VALIDATE_VALID_FLAGS  MODE_NONINTERACTIVE
+ 
+ /* Option number for the --host long option due to ambiguity of the -h flag. 
*/
+ #define OPT_HOSTNAME  256
+@@ -262,6 +265,7 @@
+   progname = "sudoedit";
+   mode = MODE_EDIT;
+   sudo_settings[ARG_SUDOEDIT].value = "true";
++  valid_flags = EDIT_VALID_FLAGS;
+ }
+ 
+ /* Load local IP addresses and masks. */
+@@ -365,7 +369,7 @@
+   usage_excl();
+   mode = MODE_EDIT;
+   sudo_settings[ARG_SUDOEDIT].value = "true";
+-  valid_flags = MODE_NONINTERACTIVE;
++  valid_flags = EDIT_VALID_FLAGS;
+   break;
+   case 'g':
+   assert(optarg != NULL);
+@@ -377,6 +381,7 @@
+   break;
+   case 'H':
+   sudo_settings[ARG_SET_HOME].value = "true";
++  SET(flags, MODE_RESET_HOME);
+   break;
+   case 'h':
+   if (optarg == NULL) {
+@@ -431,7 +436,7 @@
+   usage_excl();
+   }
+   mode = MODE_LIST;
+-  valid_flags = MODE_NONINTERACTIVE|MODE_LONG_LIST;
++  valid_flags = LIST_VALID_FLAGS;
+   break;
+   case 'n':
+   SET(flags, MODE_NONINTERACTIVE);
+@@ -439,6 +444,7 @@
+   break;
+   case 'P':
+   sudo_settings[ARG_PRESERVE_GROUPS].value = "true";
++  SET(flags, MODE_PRESERVE_GROUPS);
+   break;
+   case 'p':
+   /* An empty prompt is allowed. */
+@@ -505,7 +511,7 @@
+   if (mode && mode != MODE_VALIDATE)
+   usage_excl();
+   mode = MODE_VALIDATE;
+-  valid_flags = MODE_NONINTERACTIVE;
++  valid_flags = VALIDATE_VALID_FLAGS;
+   break;
+   case 'V':
+   if (mode && mode != MODE_VERSION)
+@@ -533,7 +539,7 @@
+ if (!mode) {
+   /* Defer -k mode setting until we know whether it is a flag or not */
+   if (sudo_settings[ARG_IGNORE_TICKET].value != NULL) {
+-  if (argc == 0 && !(flags & (MODE_SHELL|MODE_LOGIN_SHELL))) {
++  if (argc == 0 && !ISSET(flags, MODE_SHELL|MODE_LOGIN_SHELL)) {
+   mode = MODE_INVALIDATE; /* -k by itself */
+   sudo_settings[ARG_IGNORE_TICKET].value = NULL;
+   valid_flags = 0;
+@@ -601,7 +607,7 @@
+ /*
+  * For shell mode we need to rewrite argv
+  */
+-if (ISSET(mode, MODE_RUN) && ISSET(flags, MODE_SHELL)) {

[OE-core] [gatesgarth][PATCH 13/35] sstatesig: Add descriptive error message to getpwuid/getgrgid "uid/gid not found" KeyError

[Anuj Mittal]

From: Tomasz Dziendzielski 

If path is not owned by any user installed on target it gives
insufficient error "getpwuid(): uid not found" which may be misleading.
This exception occurs if uid/gid of path was not found in PSEUDO_PASSWD
files, which simply means the path is owned by host user and there is
host user contamination.

Add more information to the exception message to make it easier for user
to debug.

[YOCTO #14031]

Signed-off-by: Tomasz Dziendzielski 
Signed-off-by: Richard Purdie 
(cherry picked from commit 38540b59ed4ec8632e30a5fd6364b010d9da8470)
Signed-off-by: Anuj Mittal 
---
 meta/lib/oe/sstatesig.py | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py
index 34558a6672..31a6140984 100644
--- a/meta/lib/oe/sstatesig.py
+++ b/meta/lib/oe/sstatesig.py
@@ -557,9 +557,11 @@ def OEOuthashBasic(path, sigfile, task, d):
 try:
 update_hash(" %10s" % pwd.getpwuid(s.st_uid).pw_name)
 update_hash(" %10s" % grp.getgrgid(s.st_gid).gr_name)
-except KeyError:
+except KeyError as e:
 bb.warn("KeyError in %s" % path)
-raise
+msg = ("KeyError: %s\nPath %s is owned by uid %d, gid 
%d, which doesn't match "
+"any user/group on target. This may be due to host 
contamination." % (e, path, s.st_uid, s.st_gid))
+raise Exception(msg).with_traceback(e.__traceback__)
 
 if include_timestamps:
 update_hash(" %10d" % s.st_mtime)
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147881): 
https://lists.openembedded.org/g/openembedded-core/message/147881
Mute This Topic: https://lists.openembedded.org/mt/80507681/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 15/35] wic/selftest: test_permissions also test bitbake image

[Anuj Mittal]

From: Lee Chee Yang 

existing test case test_permissions use Wic command as standalone
tools to create wic image and check that wic image for permissions.

add extra steps to the test case to also check against image build
using bitbake do_image_wic.

Signed-off-by: Lee Chee Yang 
Signed-off-by: Richard Purdie 
(cherry picked from commit 551ce73a90757ba43501fe5cf9ac84a7b77de549)
Signed-off-by: Anuj Mittal 
---
 meta/lib/oeqa/selftest/cases/wic.py | 16 
 1 file changed, 16 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/wic.py 
b/meta/lib/oeqa/selftest/cases/wic.py
index 714637ec1e..9f4a9db444 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -588,6 +588,9 @@ part / --source rootfs  --fstype=ext4 --include-path %s 
--include-path core-imag
 def test_permissions(self):
 """Test permissions are respected"""
 
+# prepare wicenv and rootfs
+bitbake('core-image-minimal core-image-minimal-mtdutils -c 
do_rootfs_wicenv')
+
 oldpath = os.environ['PATH']
 os.environ['PATH'] = get_bb_var("PATH", "wic-tools")
 
@@ -621,6 +624,19 @@ part /etc --source rootfs --fstype=ext4 
--change-directory=etc
 res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % (part))
 self.assertEqual(True, files_own_by_root(res.output))
 
+config = 'IMAGE_FSTYPES += "wic"\nWKS_FILE = "%s"\n' % wks_file
+self.append_config(config)
+bitbake('core-image-minimal')
+tmpdir = os.path.join(get_bb_var('WORKDIR', 
'core-image-minimal'),'build-wic')
+
+# check each partition for permission
+for part in glob(os.path.join(tmpdir, 'temp-*.direct.p*')):
+res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % (part))
+self.assertTrue(files_own_by_root(res.output)
+,msg='Files permission incorrect using wks set "%s"' % 
test)
+
+# clean config and result directory for next cases
+self.remove_config(config)
 rmtree(self.resultdir, ignore_errors=True)
 
 finally:
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147883): 
https://lists.openembedded.org/g/openembedded-core/message/147883
Mute This Topic: https://lists.openembedded.org/mt/80507684/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 17/35] kernel.bbclass: fix deployment for initramfs images

[Anuj Mittal]

From: Awais Belal 

The do_bundle_initramfs() only processes kernel image
types that are found in KERNEL_IMAGETYPE_FOR_MAKE whereas
the build system can generate other types that are not
directly supported by the kernel build system. In which
case when we come to the deploy phase not all the images
mentioned in KERNEL_IMAGETYPES would have a respective
initramfs bundled image. An example is using vmlinux.gz
in KERNEL_IMAGETYPES and enabling initramfs and then we
see

install: cannot stat 'arch/arm64/boot/vmlinux.gz.initramfs': No such file or 
directory

So we align the deploy phase with bundle initramfs phase
and pick up relevant initramfs bundled images using
KERNEL_IMAGETYPE_FOR_MAKE instead of KERNEL_IMAGETYPES.

Signed-off-by: Awais Belal 
Signed-off-by: Richard Purdie 
(cherry picked from commit 526bdd88ccd758204452579333ba188e29270bde)
Signed-off-by: Anuj Mittal 
---
 meta/classes/kernel.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
index 1a444efabf..f405b6e523 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -743,7 +743,7 @@ kernel_do_deploy() {
fi
 
if [ ! -z "${INITRAMFS_IMAGE}" -a x"${INITRAMFS_IMAGE_BUNDLE}" = x1 ]; 
then
-   for imageType in ${KERNEL_IMAGETYPES} ; do
+   for imageType in ${KERNEL_IMAGETYPE_FOR_MAKE} ; do
if [ "$imageType" = "fitImage" ] ; then
continue
fi
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147885): 
https://lists.openembedded.org/g/openembedded-core/message/147885
Mute This Topic: https://lists.openembedded.org/mt/80507687/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 14/35] openssl: set CVE_VERSION_SUFFIX

[Anuj Mittal]

From: Lee Chee Yang 

Signed-off-by: Lee Chee Yang 
Signed-off-by: Richard Purdie 
(cherry picked from commit 17df664a32a74f17baaef8c31ac23adec2d6255f)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-connectivity/openssl/openssl_1.1.1i.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb 
b/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
index c2db596f03..5d22c511aa 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
@@ -210,6 +210,8 @@ BBCLASSEXTEND = "native nativesdk"
 
 CVE_PRODUCT = "openssl:openssl"
 
+CVE_VERSION_SUFFIX = "alphabetical"
+
 # Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37
 # Apache in meta-webserver is already recent enough
 CVE_CHECK_WHITELIST += "CVE-2019-0190"
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147882): 
https://lists.openembedded.org/g/openembedded-core/message/147882
Mute This Topic: https://lists.openembedded.org/mt/80507683/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 09/35] linux-yocto/5.4: update to v5.4.90

[Anuj Mittal]

From: Bruce Ashfield 

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

ceed81a883dc Linux 5.4.90
6f484096196b regmap: debugfs: Fix a reversed if statement in 
regmap_debugfs_init()
bbb2fee395e9 net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond 
end of trimmed packet
bd0051a5cb05 block: fix use-after-free in disk_part_iter_next
c5fe50e18fcb KVM: arm64: Don't access PMCR_EL0 when no PMU is available
f595e44b161a net: mvpp2: disable force link UP during port init procedure
5b8d3c3a9fcb regulator: qcom-rpmh-regulator: correct hfsmps515 definition
3582406b9c04 wan: ds26522: select CONFIG_BITREVERSE
480c5e9c7e4c regmap: debugfs: Fix a memory leak when calling 
regmap_attach_dev
c3c774886790 net/mlx5e: Fix two double free cases
ce74b5a0689d net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups
a2b2ae3812e5 bpftool: Fix compilation failure for net.o with older glibc
2992e3371a3a iommu/intel: Fix memleak in intel_irq_remapping_alloc
006319327d21 lightnvm: select CONFIG_CRC32
46c15eeb0a8a block: rsxx: select CONFIG_CRC32
4834a984e456 wil6210: select CONFIG_CRC32
b28378bc91d0 qed: select CONFIG_CRC32
cc196d4604c9 dmaengine: xilinx_dma: fix mixed_enum_type coverity warning
d0eaf8a8eff8 dmaengine: xilinx_dma: fix incompatible param warning in 
_child_probe()
e6f247a5f927 dmaengine: xilinx_dma: check dma_async_device_register return 
value
c15556cb344a dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the 
error handling path of the probe function
55503711adff i2c: i801: Fix the i2c-mux gpiod_lookup_table not being 
properly terminated
12e8bcaef61a spi: stm32: FIFO threshold level - fix align packet size
9ff4796e6fd9 cpufreq: powernow-k8: pass policy rather than use 
cpufreq_cpu_get()
4dd15f9bc881 can: kvaser_pciefd: select CONFIG_CRC32
82adac5ad13b can: m_can: m_can_class_unregister(): remove erroneous 
m_can_clk_stop()
3b68980596fb can: tcan4x5x: fix bittiming const, use common bittiming from 
m_can driver
b77e0283efdc dmaengine: dw-edma: Fix use after free in dw_edma_alloc_chunk()
f6dd8c259ab8 i2c: sprd: use a specific timeout to avoid system hang up issue
8d0cadc2ea64 ARM: OMAP2+: omap_device: fix idling of devices during probe
003280bd8845 HID: wacom: Fix memory leakage caused by kfifo_alloc
6f367fb1b7ee iio: imu: st_lsm6dsx: fix edge-trigger interrupts
87ea51c90280 vmlinux.lds.h: Add PGO and AutoFDO input sections
099340d3e758 exfat: Month timestamp metadata accidentally incremented
bb039d45ebc5 x86/resctrl: Don't move a task to the same resource group
628af07fc5cd x86/resctrl: Use an IPI instead of task_work_add() to update 
PQR_ASSOC MSR
96fb3d28c885 chtls: Fix chtls resources release sequence
fac9b53cfacb chtls: Added a check to avoid NULL pointer dereference
38768ea1127d chtls: Replace skb_dequeue with skb_peek
dcce456b2843 chtls: Fix panic when route to peer not configured
44bed66b2be9 chtls: Remove invalid set_tcb call
266ee00f402b chtls: Fix hardware tid leak
ed62af62da41 net/mlx5e: ethtool, Fix restriction of autoneg with 56G
cf59803ce4b3 net/mlx5: Use port_num 1 instead of 0 when delete a RoCE 
address
3008c639c081 net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 
GbE
fc1c907da5a1 s390/qeth: fix L2 header access in qeth_l3_osa_features_check()
e6931e3eb084 nexthop: Unlink nexthop group entry in error path
3cecab93f271 nexthop: Fix off-by-one error in error path
f03b81e61ef5 octeontx2-af: fix memory leak of lmac and lmac->name
12e10b12124c net: ip: always refragment ip defragmented packets
41bfd4111257 net: fix pmtu check in nopmtudisc mode
98fc9692ac3d tools: selftests: add test for changing routes with PTMU 
exceptions
7694654168bb net: ipv6: fib: flush exceptions when purging route
1cba7e270b16 net/sonic: Fix some resource leaks in error handling paths
37e6368a8de6 net: vlan: avoid leaks on register_vlan_dev() failures
4ff0737ebc76 net: stmmac: dwmac-sun8i: Balance internal PHY power
5698f0921c9b net: stmmac: dwmac-sun8i: Balance internal PHY resource 
references
fa020a28896c net: hns3: fix a phy loopback fail issue
bddaf51d116c net: hns3: fix the number of queues actually used by ARQ
d73f7e757526 net: cdc_ncm: correct overhead in delayed_ndp_size
5597557244d4 vfio iommu: Add dma available capability
335104082c21 x86/asm/32: Add ENDs to some functions and relabel with 
SYM_CODE_*
a829146c3fdc Linux 5.4.89
485e21729b1e scsi: target: Fix XCOPY NAA identifier lookup
7795afa0d7a9 KVM: x86: fix shift out of bounds reported by UBSAN
a9d49da7edf8 x86/mtrr: Correct the range check before performing MTRR type 
lookups
a798b367a066 netfilter: nft_dynset: report EOPNOTSUPP on missing set feature
5e401ea71676 netfilter: xt_RATEEST: reject non-null terminated string 

[OE-core] [gatesgarth][PATCH 11/35] linux-yocto/5.4: update to v5.4.94

[Anuj Mittal]

From: Bruce Ashfield 

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

0fbca6ce4174 Linux 5.4.94
315cd8fc2ad2 fs: fix lazytime expiration handling in 
__writeback_single_inode()
5f8b8fccdfbc writeback: Drop I_DIRTY_TIME_EXPIRE
2d8848edc96b dm integrity: conditionally disable "recalculate" feature
43546b74ce6c tools: Factor HOSTCC, HOSTLD, HOSTAR definitions
ab85b382dcf7 SMB3.1.1: do not log warning message if server doesn't 
populate salt
0edc78af73d0 arm64: mm: use single quantity to represent the PA to VA 
translation
b899d5b2a42a tracing: Fix race in trace_open and buffer resize call
c4a23c852e80 io_uring: Fix current->fs handling in io_sq_wq_submit_work()
336bb7dc5a1c HID: wacom: Correct NULL dereference on AES pen proximity
ecd62d2e9ab4 futex: Handle faults correctly for PI futexes
55ea172ce3eb futex: Simplify fixup_pi_state_owner()
a3155c362ca0 futex: Use pi_state_update_owner() in put_pi_state()
ceb83cf9ed67 rtmutex: Remove unused argument from rt_mutex_proxy_unlock()
015b6a4c2564 futex: Provide and use pi_state_update_owner()
65aad57cac8d futex: Replace pointless printk in fixup_owner()
0dae88a92596 futex: Ensure the correct return value from futex_lock_pi()
c27a2a1ecf69 Revert "mm/slub: fix a memory leak in sysfs_slab_add()"
4afd772371d9 gpio: mvebu: fix pwm .get_state period calculation
131f8d8a889a Linux 5.4.93
f7020c437e13 tcp: fix TCP_USER_TIMEOUT with zero window
945d182a046f tcp: do not mess with cloned skbs in tcp_add_backlog()
ccc248b6444a net: dsa: b53: fix an off by one in checking "vlan->vid"
ff64094dc718 net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled
3e5b335a55e9 net: mscc: ocelot: allow offloading of bridge on top of LAG
b47a3c32c4c2 ipv6: set multicast flag on the multicast route
b778940f2ab9 net_sched: reject silly cell_log in qdisc_get_rtab()
4ed347901f08 net_sched: avoid shift-out-of-bounds in tcindex_set_parms()
bc757ba6dc75 ipv6: create multicast route with RTPROT_KERNEL
60fb547a3d5d udp: mask TOS bits in udp_v4_early_demux()
da3711f42c68 kasan: fix incorrect arguments passing in kasan_add_zero_shadow
0d190f53fa2f kasan: fix unaligned address is unhandled in 
kasan_remove_zero_shadow
5a3890bad3a4 skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() 
too
49aaf012c478 lightnvm: fix memory leak when submit fails
0ff55fc4d6a1 sh_eth: Fix power down vs. is_opened flag ordering
fd2f5130ae98 net: dsa: mv88e6xxx: also read STU state in 
mv88e6250_g1_vtu_getnext
4e1d17a1f73b sh: dma: fix kconfig dependency for G2_DMA
8a0b8e26f79f netfilter: rpfilter: mask ecn bits before fib lookup
99328b4b4408 x86/cpu/amd: Set __max_die_per_package on AMD
6f8ba0ada139 pinctrl: ingenic: Fix JZ4760 support
382ffe786647 driver core: Extend device_is_dependent()
4e749a28c909 xhci: tegra: Delay for disabling LFPS detector
a6a5d08170c2 xhci: make sure TRB is fully written before giving it to the 
controller
7f3cfc7e378d usb: bdc: Make bdc pci driver depend on BROKEN
f764f90b0c77 usb: udc: core: Use lock when write to soft_connect
564f3c532642 usb: gadget: aspeed: fix stop dma register setting.
f89a193fd9d3 USB: ehci: fix an interrupt calltrace error
9a660760299b ehci: fix EHCI host controller initialization sequence
5eda5db39e28 serial: mvebu-uart: fix tx lost characters at power off
a8fade59466c stm class: Fix module init return on allocation failure
5e4bacea58ca intel_th: pci: Add Alder Lake-P support
c5885886c72c x86/mmx: Use KFPU_387 for MMX string operations
d1a9cd1dc53c x86/topology: Make __max_die_per_package available 
unconditionally
cdb4ce96fdd2 x86/fpu: Add kernel_fpu_begin_mask() to selectively initialize 
state
cd1c4882ab43 irqchip/mips-cpu: Set IPI domain parent chip
9a2f6007a228 cifs: do not fail __smb_send_rqst if non-fatal signals are 
pending
745229c90301 iio: ad5504: Fix setting power-down state
ddd1416f4413 can: peak_usb: fix use after free bugs
a24476b37167 can: vxcan: vxcan_xmit: fix use after free bug
ac48ef15826e can: dev: can_restart: fix use after free bug
391187744436 selftests: net: fib_tests: remove duplicate log test
237375005739 platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 
11 from allow-list
57f0f0ddf9e4 i2c: octeon: check correct size of maximum RECV_LEN packet
485e0255c19e powerpc: Fix alignment bug within the init sections
cfea5cddeb71 scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression
da3324ec5497 pinctrl: aspeed: g6: Fix PWMG0 pinctrl setting
5625c3da7167 powerpc: Use the common INIT_DATA_SECTION macro in 
vmlinux.lds.S
73a229119983 drm/nouveau/kms/nv50-: fix case where notifier buffer is at 
offset 0
af91a2e7fb5e drm/nouveau/mmu: fix vram heap sizing
ee2c9e58f430 drm/nouveau/i2c/gm200: increase width of aux 

[OE-core] [gatesgarth][PATCH 12/35] sanity.bbclass: Check if PSEUDO_IGNORE_PATHS and paths under pseudo control overlap

[Anuj Mittal]

From: Dorinda 

Added a sanity check for when PSEUDO_IGNORE_PATHS and paths under pseudo 
control overlap to avoid random failures generated.

[YOCTO #14193]

Signed-off-by: Dorinda Bassey 
Signed-off-by: Richard Purdie 
(cherry picked from commit 6e4bd8cabcdedf4b52345ef5eb421f71d0f19b1d)
Signed-off-by: Anuj Mittal 
---
 meta/classes/sanity.bbclass | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass
index 16275b2ea5..01c5434f0d 100644
--- a/meta/classes/sanity.bbclass
+++ b/meta/classes/sanity.bbclass
@@ -710,6 +710,16 @@ def check_sanity_version_change(status, d):
 if i and workdir.startswith(i):
 status.addresult("You are building in a path included in 
PSEUDO_IGNORE_PATHS " + str(i) + " please locate the build outside this 
path.\n")
 
+# Check if PSEUDO_IGNORE_PATHS and and paths under pseudo control overlap
+pseudoignorepaths = d.getVar('PSEUDO_IGNORE_PATHS', expand=True).split(",")
+pseudo_control_dir = "${D},${PKGD},${PKGDEST},${IMAGEROOTFS},${SDK_OUTPUT}"
+pseudocontroldir = d.expand(pseudo_control_dir).split(",")
+for i in pseudoignorepaths:
+for j in pseudocontroldir:
+if i and j:
+if j.startswith(i):
+status.addresult("A path included in PSEUDO_IGNORE_PATHS " 
+ str(i) + " and the path " + str(j) + " overlap and this will break pseudo 
permission and ownership tracking. Please set the path " + str(j) + " to a 
different directory which does not overlap with pseudo controlled directories. 
\n")
+
 # Some third-party software apparently relies on chmod etc. being suid 
root (!!)
 import stat
 suid_check_bins = "chown chmod mknod".split()
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147880): 
https://lists.openembedded.org/g/openembedded-core/message/147880
Mute This Topic: https://lists.openembedded.org/mt/80507680/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 10/35] linux-yocto-rt/5.4: fix 5.4-stable caused build breakage

[Anuj Mittal]

From: Bruce Ashfield 

5.4-stable included a backport of:

   Author: Eric W. Biederman 
   Date:   Thu Dec 3 14:11:13 2020 -0600

 rwsem: Implement down_read_interruptible

 [ Upstream commit 31784cff7ee073b34d6eddabb95e3be2880a425c ]

 In preparation for converting exec_update_mutex to a rwsem so that
 multiple readers can execute in parallel and not deadlock, add
 down_read_interruptible.  This is needed for perf_event_open to be
 converted (with no semantic changes) from working on a mutex to
 wroking on a rwsem.

 Signed-off-by: Eric W. Biederman 
 Signed-off-by: Peter Zijlstra (Intel) 
 Link: https://lkml.kernel.org/r/87k0tybqfy@x220.int.ebiederm.org
 Signed-off-by: Sasha Levin 

We implement a -rt variant to fix the build issues.

Signed-off-by: Bruce Ashfield 
Signed-off-by: Richard Purdie 
(cherry picked from commit e610fb7cc22447441f18a9b1bffe58aadb6aaab6)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 4 ++--
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb 
b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 9588c57c39..8a320b3113 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,8 +11,8 @@ python () {
 raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to 
linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "06c752971a7cb66123ab2b3731044103fc5662e0"
-SRCREV_meta ?= "70cec8c033a6f5c48f0a93374f0bfc25240f14fd"
+SRCREV_machine ?= "6b0893e9fddb5473b181b29059fe64980f353c83"
+SRCREV_meta ?= "d676bf5ff7b7071e14f44498d2482c0a596f14cd"
 
 SRC_URI = 
"git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \

git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb 
b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 8dfa5357bd..32fbf9dc55 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "c65142e64f3d705d0b978b44394d274165d872b2"
 SRCREV_machine ?= "d4bbfa0e2416ced1a3b4d05fa853e3171f034c57"
-SRCREV_meta ?= "70cec8c033a6f5c48f0a93374f0bfc25240f14fd"
+SRCREV_meta ?= "d676bf5ff7b7071e14f44498d2482c0a596f14cd"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb 
b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 71762dd615..5dbfbc1ae9 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= 
"d4bbfa0e2416ced1a3b4d05fa853e3171f034c57"
 SRCREV_machine_qemux86-64 ?= "d4bbfa0e2416ced1a3b4d05fa853e3171f034c57"
 SRCREV_machine_qemumips64 ?= "e4714b9bb683cf08909e6dc2e91fd508e56bfbc2"
 SRCREV_machine ?= "d4bbfa0e2416ced1a3b4d05fa853e3171f034c57"
-SRCREV_meta ?= "70cec8c033a6f5c48f0a93374f0bfc25240f14fd"
+SRCREV_meta ?= "d676bf5ff7b7071e14f44498d2482c0a596f14cd"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147878): 
https://lists.openembedded.org/g/openembedded-core/message/147878
Mute This Topic: https://lists.openembedded.org/mt/80507677/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 08/35] staging: Clean up files installed into the sysroot

[Anuj Mittal]

From: Richard Purdie 

There are a variety of files being installed into $datadir which we
don't need. Pick the top "offenders" which amount of thousands of files
and simply don't install them. These include things like test data,
terminfo data, locale data for native tools and so on. This saves
copying these files into native and target sysroots and should improve
performance (smaller sstate, fewer files to copy around).

With this and the python recipe change, alsa-tools went from:

recipe-sysroot: 18357
recipe-sysroot-native: 14129

to

recipe-sysroot: 10809
recipe-sysroot-native: 8079

which is a decent improvement.

Signed-off-by: Richard Purdie 
(cherry picked from commit 366c72941fe1c24d0b1d96df46e13cb9eb4e79d6)
Signed-off-by: Anuj Mittal 
---
 meta/classes/staging.bbclass | 4 
 1 file changed, 4 insertions(+)

diff --git a/meta/classes/staging.bbclass b/meta/classes/staging.bbclass
index f0a619b35b..8165ab268e 100644
--- a/meta/classes/staging.bbclass
+++ b/meta/classes/staging.bbclass
@@ -27,11 +27,15 @@ SYSROOT_DIRS_BLACKLIST = " \
 ${mandir} \
 ${docdir} \
 ${infodir} \
+${datadir}/X11/locale \
 ${datadir}/applications \
+${datadir}/bash-completion \
 ${datadir}/fonts \
 ${datadir}/gtk-doc/html \
+${datadir}/installed-tests \
 ${datadir}/locale \
 ${datadir}/pixmaps \
+${datadir}/terminfo \
 ${libdir}/${BPN}/ptest \
 "
 
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147876): 
https://lists.openembedded.org/g/openembedded-core/message/147876
Mute This Topic: https://lists.openembedded.org/mt/80507675/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 07/35] python3: Avoid installing test data into recipe-sysroot

[Anuj Mittal]

From: Richard Purdie 

There are several thousand files in the test directory which we don't need.
Adding these for the native and target sysroots is a crazy amount of files
to be throwing around needlessly. Delete the files from the sysroot side
of things to tidy up the sysroots and improve performance.

Signed-off-by: Richard Purdie 
(cherry picked from commit f6bced03011ad1663d68b0322a2f8aeb4d836646)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-devtools/python/python3_3.8.5.bb | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/meta/recipes-devtools/python/python3_3.8.5.bb 
b/meta/recipes-devtools/python/python3_3.8.5.bb
index 0e588d7e4c..fb066084bf 100644
--- a/meta/recipes-devtools/python/python3_3.8.5.bb
+++ b/meta/recipes-devtools/python/python3_3.8.5.bb
@@ -361,3 +361,9 @@ RDEPENDS_${PN}-dev = ""
 
 RDEPENDS_${PN}-tests_append_class-target = " ${MLPREFIX}bash"
 RDEPENDS_${PN}-tests_append_class-nativesdk = " ${MLPREFIX}bash"
+
+# Python's tests contain large numbers of files we don't need in the recipe 
sysroots
+SYSROOT_PREPROCESS_FUNCS += " py3_sysroot_cleanup"
+py3_sysroot_cleanup () {
+   rm -rf ${SYSROOT_DESTDIR}${libdir}/python${PYTHON_MAJMIN}/test
+}
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147875): 
https://lists.openembedded.org/g/openembedded-core/message/147875
Mute This Topic: https://lists.openembedded.org/mt/80507674/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 06/35] ncurses: Don't put terminfo into the sysroot

[Anuj Mittal]

From: Richard Purdie 

This recudes the file count from ~2850 to ~100 which is a huge win
for reducing build directory clutter, its unlikely anything uses the
terminfo data or man pages in the sysroot. This is especially helpful
as we usually end up with two copies of these sets of files.

Signed-off-by: Richard Purdie 
(cherry picked from commit 443633dfc20177ef88a388d96745675817510c99)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-core/ncurses/ncurses.inc | 5 +
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-core/ncurses/ncurses.inc 
b/meta/recipes-core/ncurses/ncurses.inc
index fe4e8a5d6e..ef59bc3b0a 100644
--- a/meta/recipes-core/ncurses/ncurses.inc
+++ b/meta/recipes-core/ncurses/ncurses.inc
@@ -324,3 +324,8 @@ FILES_${PN}-terminfo-base = "\
 
 RSUGGESTS_${PN}-libtinfo = "${PN}-terminfo"
 RRECOMMENDS_${PN}-libtinfo = "${PN}-terminfo-base"
+
+# Putting terminfo into the sysroot adds around 2800 files to
+# each recipe specific sysroot. We can live without this, particularly
+# as many recipes may have native and target copies.
+SYSROOT_DIRS_remove = "${datadir}"
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147874): 
https://lists.openembedded.org/g/openembedded-core/message/147874
Mute This Topic: https://lists.openembedded.org/mt/80507673/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 05/35] glibc: update to latest release/2.32/master branch

[Anuj Mittal]

From: Steve Sakoman 

Remove patches for CVE-2019-25013 and CVE-2020-27618 since they are
present in the branch now. Add both CVEs to CVE_CHECK_WHITELIST.

760e1d28782 gconv: Fix assertion failure in ISO-2022-JP-3 module (bug 27256)
d3cb8f6222a aarch64: fix static PIE start code for BTI [BZ #27068]
082798622d8 __vfscanf_internal: fix aliasing violation (bug 26690)
33dc30bc838 aarch64: Use mmap to add PROT_BTI instead of mprotect [BZ #26831]
46e1e64fe3e elf: Pass the fd to note processing
b6eae83717d elf: Move note processing after l_phdr is updated
c6090dcebd1 aarch64: align address for BTI protection [BZ #26988]
610e2c51504 aarch64: Fix missing BTI protection from dependencies [BZ #26926]
4c619b3eed5 x86: Check IFUNC definition in unrelocated executable [BZ #20019]
87450ecf8a8 x86: Set header.feature_1 in TCB for always-on CET [BZ #27177]
2b4f67c2b33 Update for [BZ #27130] fix
1a24bbd43e4 x86-64: Avoid rep movsb with short distance [BZ #27130]
0d9793e82a1 Fix buffer overrun in EUC-KR conversion module (bz #24973)
1d49bede4d8 tests-mcheck: New variable to run tests with MALLOC_CHECK_=3
050022910be iconv: Accept redundant shift sequences in IBM1364 [BZ #26224]
ac0a6929c5d sh: Add sh4 fpu Implies folder
3ea24955bff struct _Unwind_Exception alignment should not depend on compiler 
flags
5c36293f067 resolv: Serialize processing in resolv/tst-resolv-txnid-collision
2dfa659a66f resolv: Handle transaction ID collisions in parallel queries (bug 
26600)
05c025abca1 support: Provide a way to clear the RA bit in DNS server responses
f688bcd83de support: Provide a way to reorder responses within the DNS test 
server
eba0ce60588 Remove __warndecl
5337b2af4b8 Remove __warn_memset_zero_len [BZ #25399]
c6e794640c3 aarch64: Add unwind information to _start (bug 26853)
70ee5e8b573 aarch64: Fix DT_AARCH64_VARIANT_PCS handling [BZ #26798]
8813b2682e4 x86: Optimizing memcpy for AMD Zen architecture.
e61a8fd8fad Reversing calculation of __x86_shared_non_temporal_threshold
0b9460d22e2 sysvipc: Fix IPC_INFO and SHM_INFO handling [BZ #26636]
c4aeedea598 sysvipc: Fix IPC_INFO and MSG_INFO handling [BZ #26639]
9b139b6b81a sysvipc: Fix SEM_STAT_ANY kernel argument pass [BZ #26637]
81c5484d93a AArch64: Use __memcpy_simd on Neoverse N2/V1
0f8f0ed25c1 AArch64: Improve backwards memmove performance
23482f78866 Set version.h RELEASE to "stable" (Bug 26700)
69beb5cbf85 string: Fix strerrorname_np return value [BZ #26555]
fe62c4d173f intl: Handle translation output codesets with suffixes [BZ #26383]
386543bc449 NEWS: Update for [BZ #26534] fix
cebc01cbfd6 x86-64: Fix FMA4 detection in ifunc [BZ #26534]

Signed-off-by: Steve Sakoman 
Signed-off-by: Richard Purdie 
(cherry picked from commit 8d05c277c5350c4d968eb488788eac7978968ef7)
Signed-off-by: Anuj Mittal 
---
 meta/recipes-core/glibc/glibc-version.inc |   2 +-
 .../glibc/glibc/CVE-2019-25013.patch  | 137 --
 meta/recipes-core/glibc/glibc_2.32.bb |   4 +-
 3 files changed, 3 insertions(+), 140 deletions(-)
 delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2019-25013.patch

diff --git a/meta/recipes-core/glibc/glibc-version.inc 
b/meta/recipes-core/glibc/glibc-version.inc
index 1566056297..586b2e207e 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.32/master"
 PV = "2.32"
-SRCREV_glibc ?= "3de512be7ea6053255afed6154db9ee31d4e557a"
+SRCREV_glibc ?= "760e1d287825fa91d4d5a0cc921340c740d803e2"
 SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch 
b/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch
deleted file mode 100644
index 987e959db2..00
--- a/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch
+++ /dev/null
@@ -1,137 +0,0 @@
-From ee7a3144c9922808181009b7b3e50e852fb4999b Mon Sep 17 00:00:00 2001
-From: Andreas Schwab 
-Date: Mon, 21 Dec 2020 08:56:43 +0530
-Subject: [PATCH] Fix buffer overrun in EUC-KR conversion module (bz #24973)
-
-The byte 0xfe as input to the EUC-KR conversion denotes a user-defined
-area and is not allowed.  The from_euc_kr function used to skip two bytes
-when told to skip over the unknown designation, potentially running over
-the buffer end.
-
-Upstream-Status: Backport 
[https://sourceware.org/git/?p=glibc.git;a=patch;h=ee7a3144c9922808181009b7b3e50e852fb4999b]
-CVE: CVE-2019-25013
-Signed-off-by: Scott Murray 

- iconvdata/Makefile  |  3 ++-
- iconvdata/bug-iconv13.c | 53 +
- iconvdata/euc-kr.c  |  6 +
- iconvdata/ksc5601.h |  6 ++---
- 4 files changed, 59 insertions(+), 9 deletions(-)
- create mode 100644 iconvdata/bug-iconv13.c
-
-diff --git a/iconvdata/Makefile b/iconvdata/Makefile
-index 4ec2741cdc..85009f3390 100644
 a/iconvdata/Makefile
-+++ b/iconvdata/Makefile
-@@ -73,7 +73,8 @@ modules.so := $(addsuffix .so, 

[OE-core] [gatesgarth][PATCH 02/35] npm.bbclass: make shrinkwrap file optional

[Anuj Mittal]

From: Kamel Bouhara 

Some packages don't have shrinkwrap file which
means no npmsw uri is provided in the recipe.

Signed-off-by: Kamel Bouhara 
Signed-off-by: Richard Purdie 
(cherry picked from commit 47760b0d7d66b2b68ee197d359f0b7b17374d742)
Signed-off-by: Anuj Mittal 
---
 meta/classes/npm.bbclass | 31 +--
 1 file changed, 21 insertions(+), 10 deletions(-)

diff --git a/meta/classes/npm.bbclass b/meta/classes/npm.bbclass
index 068032a1e5..d3dd1a9ab8 100644
--- a/meta/classes/npm.bbclass
+++ b/meta/classes/npm.bbclass
@@ -130,11 +130,17 @@ python npm_do_configure() {
 cached_manifest.pop("dependencies", None)
 cached_manifest.pop("devDependencies", None)
 
-with open(orig_shrinkwrap_file, "r") as f:
-orig_shrinkwrap = json.load(f)
+has_shrinkwrap_file = True
 
-cached_shrinkwrap = copy.deepcopy(orig_shrinkwrap)
-cached_shrinkwrap.pop("dependencies", None)
+try:
+with open(orig_shrinkwrap_file, "r") as f:
+orig_shrinkwrap = json.load(f)
+except IOError:
+has_shrinkwrap_file = False
+
+if has_shrinkwrap_file:
+   cached_shrinkwrap = copy.deepcopy(orig_shrinkwrap)
+   cached_shrinkwrap.pop("dependencies", None)
 
 # Manage the dependencies
 progress = OutOfProgressHandler(d, r"^(\d+)/(\d+)$")
@@ -165,8 +171,10 @@ python npm_do_configure() {
 progress.write("%d/%d" % (progress_done, progress_total))
 
 dev = bb.utils.to_boolean(d.getVar("NPM_INSTALL_DEV"), False)
-foreach_dependencies(orig_shrinkwrap, _count_dependency, dev)
-foreach_dependencies(orig_shrinkwrap, _cache_dependency, dev)
+
+if has_shrinkwrap_file:
+foreach_dependencies(orig_shrinkwrap, _count_dependency, dev)
+foreach_dependencies(orig_shrinkwrap, _cache_dependency, dev)
 
 # Configure the main package
 with tempfile.TemporaryDirectory() as tmpdir:
@@ -181,16 +189,19 @@ python npm_do_configure() {
 cached_manifest[depkey] = {}
 cached_manifest[depkey][name] = version
 
-_update_manifest("dependencies")
+if has_shrinkwrap_file:
+_update_manifest("dependencies")
 
 if dev:
-_update_manifest("devDependencies")
+if has_shrinkwrap_file:
+_update_manifest("devDependencies")
 
 with open(cached_manifest_file, "w") as f:
 json.dump(cached_manifest, f, indent=2)
 
-with open(cached_shrinkwrap_file, "w") as f:
-json.dump(cached_shrinkwrap, f, indent=2)
+if has_shrinkwrap_file:
+with open(cached_shrinkwrap_file, "w") as f:
+json.dump(cached_shrinkwrap, f, indent=2)
 }
 
 python npm_do_compile() {
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147870): 
https://lists.openembedded.org/g/openembedded-core/message/147870
Mute This Topic: https://lists.openembedded.org/mt/80507665/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 00/35] review request

[Anuj Mittal]

Please review these next set of changes for gatesgarth. Builds cleanly
on autobuilder except for a known intermittent issue while executing a
tinfoil selftest.

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/1842

Thanks,

Anuj

The following changes since commit c63feb7e062750ef9d1fcfd6ee16f1d220f8a369:

  strace: increase ptest timeout duration 120->240s (2021-02-05 23:34:49 +)

are available in the Git repository at:

  git://push.openembedded.org/openembedded-core-contrib anujm/gatesgarth

Alexander Kanavin (5):
  python3: split python target configuration into own class
  python3-pycairo: use python3targetconfig
  distutils3-base.bbclass: use python3targetconfig
  meta: drop _PYTHON_SYSCONFIGDATA_NAME hacks
  gpgme: use python3targetconfig

Anuj Mittal (2):
  sudo: fix CVE-2021-23240
  sudo: fix CVE-2021-3156

Awais Belal (1):
  kernel.bbclass: fix deployment for initramfs images

Bruce Ashfield (3):
  linux-yocto/5.4: update to v5.4.90
  linux-yocto-rt/5.4: fix 5.4-stable caused build breakage
  linux-yocto/5.4: update to v5.4.94

Chen Qi (1):
  systemd: change /bin/nologin to /sbin/nologin

Dorinda (1):
  sanity.bbclass: Check if PSEUDO_IGNORE_PATHS and paths under pseudo
control overlap

Kamel Bouhara (2):
  npm.bbclass: make shrinkwrap file optional
  recipetool: create: only add npmsw url if required

Khem Raj (1):
  python3targetconfig.bbclass: Make py3 dep and tasks only for target
recipes

Lee Chee Yang (2):
  openssl: set CVE_VERSION_SUFFIX
  wic/selftest: test_permissions also test bitbake image

Martin Jansa (1):
  image_types.bbclass: tar: use posix format instead of gnu

Michael Halstead (2):
  uninative: Upgrade to 2.10
  yocto-uninative.inc: version 2.11 updates glibc to 2.33

Mike Looijmans (1):
  license_image.bbclass: Don't attempt to symlink to the same file

Richard Purdie (8):
  image_types: Ensure tar archives are reproducible
  ncurses: Don't put terminfo into the sysroot
  python3: Avoid installing test data into recipe-sysroot
  staging: Clean up files installed into the sysroot
  package: Ensure do_packagedata is cleaned correctly
  qemu.inc: Should depend on qemu-system-native, not qemu-native
  openssh: Backport a fix to fix with glibc 2.33 on some platforms
  pseudo: Update to work with glibc 2.33

Steve Sakoman (1):
  glibc: update to latest release/2.32/master branch

Tomasz Dziendzielski (1):
  sstatesig: Add descriptive error message to getpwuid/getgrgid "uid/gid
not found" KeyError

Vyacheslav Yurkov (1):
  npm.bbclass: use python3 for npm config

saloni (2):
  libgcrypt: Whitelisted CVEs
  libcroco: Added CVE

 meta/classes/distutils3-base.bbclass  |   2 +-
 meta/classes/image_types.bbclass  |   2 +-
 meta/classes/kernel.bbclass   |   2 +-
 meta/classes/license_image.bbclass|   3 +-
 meta/classes/npm.bbclass  |  37 +-
 meta/classes/package.bbclass  |   1 +
 meta/classes/python3native.bbclass|   2 -
 meta/classes/python3targetconfig.bbclass  |  17 +
 meta/classes/sanity.bbclass   |  10 +
 meta/classes/scons.bbclass|   3 -
 meta/classes/staging.bbclass  |   4 +
 meta/conf/distro/include/yocto-uninative.inc  |  10 +-
 meta/conf/machine/include/qemu.inc|   2 +-
 meta/lib/oe/prservice.py  |   4 -
 meta/lib/oe/sstatesig.py  |   6 +-
 meta/lib/oeqa/selftest/cases/wic.py   |  16 +
 ...440ca70abab947acbd77795e9f130967956c.patch |  28 ++
 .../openssh/openssh_8.3p1.bb  |   1 +
 .../openssl/openssl_1.1.1i.bb |   2 +
 meta/recipes-core/glib-2.0/glib.inc   |   4 -
 meta/recipes-core/glibc/glibc-version.inc |   2 +-
 .../glibc/glibc/CVE-2019-25013.patch  | 137 --
 meta/recipes-core/glibc/glibc_2.32.bb |   4 +-
 meta/recipes-core/ncurses/ncurses.inc |   5 +
 meta/recipes-core/systemd/systemd_246.9.bb|  16 +-
 meta/recipes-devtools/pseudo/pseudo_git.bb|   2 +-
 .../python/python3-pycairo_1.19.1.bb  |   2 +-
 meta/recipes-devtools/python/python3_3.8.5.bb |   6 +
 .../sudo/files/CVE-2021-23240.patch   | 419 ++
 .../sudo/files/CVE-2021-3156-1.patch  | 100 +
 .../sudo/files/CVE-2021-3156-2.patch  |  53 +++
 .../sudo/files/CVE-2021-3156-3.patch  |  73 +++
 .../sudo/files/CVE-2021-3156-4.patch  |  29 ++
 .../sudo/files/CVE-2021-3156-5.patch  |  41 ++
 meta/recipes-extended/sudo/sudo_1.9.3.bb  |   6 +
 meta/recipes-graphics/mesa/mesa.inc   |   5 -
 .../linux/linux-yocto-rt_5.4.bb   |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 meta/recipes-support/gpgme/gpgme_1.14.0.bb|   2 +-
 .../libcroco/files/CVE-2020-12825.patch   | 192 
 .../libcroco/libcroco_0.6.13.bb   |   3 +
 

[OE-core] [gatesgarth][PATCH 04/35] npm.bbclass: use python3 for npm config

[Anuj Mittal]

From: Vyacheslav Yurkov 

python2-native executable is not available in sysroot anymore, which
causes compilation of some nodejs modules to fail. Switch to python3 as a
default python version.

Signed-off-by: Vyacheslav Yurkov 
Signed-off-by: Richard Purdie 
(cherry picked from commit d21f50ecf8e8683a92b7d234fa8225c2c1470595)
Signed-off-by: Anuj Mittal 
---
 meta/classes/npm.bbclass | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/classes/npm.bbclass b/meta/classes/npm.bbclass
index d3dd1a9ab8..79f55febcc 100644
--- a/meta/classes/npm.bbclass
+++ b/meta/classes/npm.bbclass
@@ -17,6 +17,8 @@
 #  NPM_INSTALL_DEV:
 #   Set to 1 to also install devDependencies.
 
+inherit python3native
+
 DEPENDS_prepend = "nodejs-native "
 RDEPENDS_${PN}_prepend = "nodejs "
 
@@ -248,9 +250,7 @@ python npm_do_compile() {
 sysroot = d.getVar("RECIPE_SYSROOT_NATIVE")
 nodedir = os.path.join(sysroot, d.getVar("prefix_native").strip("/"))
 configs.append(("nodedir", nodedir))
-bindir = os.path.join(sysroot, d.getVar("bindir_native").strip("/"))
-pythondir = os.path.join(bindir, "python-native", "python")
-configs.append(("python", pythondir))
+configs.append(("python", d.getVar("PYTHON")))
 
 # Add node-pre-gyp configuration
 args.append(("target_arch", d.getVar("NPM_ARCH")))
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147872): 
https://lists.openembedded.org/g/openembedded-core/message/147872
Mute This Topic: https://lists.openembedded.org/mt/80507668/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 03/35] recipetool: create: only add npmsw url if required

[Anuj Mittal]

From: Kamel Bouhara 

Before adding a npmsw fetcher to a recipe we
should first check if the generated shrinkwrap file
contains dependencies.

Signed-off-by: Kamel Bouhara 
Signed-off-by: Richard Purdie 
(cherry picked from commit ef153ad36d0299e83a03af8f207686d0d8a238b3)
Signed-off-by: Anuj Mittal 
---
 scripts/lib/recipetool/create_npm.py | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/scripts/lib/recipetool/create_npm.py 
b/scripts/lib/recipetool/create_npm.py
index 579b7ae48a..2bcae91dfa 100644
--- a/scripts/lib/recipetool/create_npm.py
+++ b/scripts/lib/recipetool/create_npm.py
@@ -204,6 +204,9 @@ class NpmRecipeHandler(RecipeHandler):
 self._run_npm_install(d, srctree, registry, dev)
 shrinkwrap_file = self._generate_shrinkwrap(d, srctree, dev)
 
+with open(shrinkwrap_file, "r") as f:
+shrinkwrap = json.load(f)
+
 if os.path.exists(lock_copy):
 bb.utils.movefile(lock_copy, lock_file)
 
@@ -226,7 +229,8 @@ class NpmRecipeHandler(RecipeHandler):
 value = origvalue.replace("version=" + data["version"], 
"version=${PV}")
 value = value.replace("version=latest", "version=${PV}")
 values = [line.strip() for line in value.strip('\n').splitlines()]
-values.append(url_recipe)
+if "dependencies" in shrinkwrap:
+values.append(url_recipe)
 return values, None, 4, False
 
 (_, newlines) = bb.utils.edit_metadata(lines_before, ["SRC_URI"], 
_handle_srcuri)
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147871): 
https://lists.openembedded.org/g/openembedded-core/message/147871
Mute This Topic: https://lists.openembedded.org/mt/80507666/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [gatesgarth][PATCH 01/35] image_types: Ensure tar archives are reproducible

[Anuj Mittal]

From: Richard Purdie 

The tar output seems to vary depending on the version of tar used and distro
configuration. Be explict about the output format to avoid this and be
determinstic.

(From OE-Core rev: c56f3c9febc1732aa1302524c6c4da36f16bd1f7)

Signed-off-by: Richard Purdie 
(cherry picked from commit 9dbe0f69f874d3687ae1accc19116570bad86c04)
Signed-off-by: Anuj Mittal 
---
 meta/classes/image_types.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/image_types.bbclass b/meta/classes/image_types.bbclass
index 286009057e..85d619ca89 100644
--- a/meta/classes/image_types.bbclass
+++ b/meta/classes/image_types.bbclass
@@ -110,7 +110,7 @@ IMAGE_CMD_squashfs-lz4 = "mksquashfs ${IMAGE_ROOTFS} 
${IMGDEPLOYDIR}/${IMAGE_NAM
 
 IMAGE_CMD_TAR ?= "tar"
 # ignore return code 1 "file changed as we read it" as other tasks(e.g. 
do_image_wic) may be hardlinking rootfs
-IMAGE_CMD_tar = "${IMAGE_CMD_TAR} --sort=name --numeric-owner -cf 
${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.tar -C ${IMAGE_ROOTFS} . || [ 
$? -eq 1 ]"
+IMAGE_CMD_tar = "${IMAGE_CMD_TAR} --sort=name --format=gnu --numeric-owner -cf 
${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.tar -C ${IMAGE_ROOTFS} . || [ 
$? -eq 1 ]"
 
 do_image_cpio[cleandirs] += "${WORKDIR}/cpio_append"
 IMAGE_CMD_cpio () {
-- 
2.29.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147868): 
https://lists.openembedded.org/g/openembedded-core/message/147868
Mute This Topic: https://lists.openembedded.org/mt/80507662/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][PATCH] Fix up bitbake logging compatibility

[Joshua Watt]

Bitbake changed the debug() logging call to make it compatible with
standard python logging by no longer including a debug level as the
first argument. Fix up the few places this was being used and remove the
make_logger_bitbake_compatible() API, as it is no longer needed

Signed-off-by: Joshua Watt 
---
 meta/classes/testimage.bbclass |  3 +--
 meta/lib/oe/terminal.py|  4 ++--
 meta/lib/oeqa/sdk/testsdk.py   |  3 +--
 meta/lib/oeqa/utils/__init__.py| 30 --
 meta/lib/oeqa/utils/package_manager.py |  4 ++--
 5 files changed, 6 insertions(+), 38 deletions(-)

diff --git a/meta/classes/testimage.bbclass b/meta/classes/testimage.bbclass
index 78da4b09bd..374171f2f5 100644
--- a/meta/classes/testimage.bbclass
+++ b/meta/classes/testimage.bbclass
@@ -202,7 +202,6 @@ def testimage_main(d):
 from oeqa.runtime.context import OERuntimeTestContextExecutor
 from oeqa.core.target.qemu import supported_fstypes
 from oeqa.core.utils.test import getSuiteCases
-from oeqa.utils import make_logger_bitbake_compatible
 
 def sigterm_exception(signum, stackframe):
 """
@@ -220,7 +219,7 @@ def testimage_main(d):
and ('dnf' in d.getVar('TEST_SUITES') or 'auto' in 
d.getVar('TEST_SUITES'))):
 create_rpm_index(d)
 
-logger = make_logger_bitbake_compatible(logging.getLogger("BitBake"))
+logger = logging.getLogger("BitBake")
 pn = d.getVar("PN")
 
 bb.utils.mkdirhier(d.getVar("TEST_LOG_DIR"))
diff --git a/meta/lib/oe/terminal.py b/meta/lib/oe/terminal.py
index eb10a6e33e..61c2687ef4 100644
--- a/meta/lib/oe/terminal.py
+++ b/meta/lib/oe/terminal.py
@@ -185,7 +185,7 @@ class Custom(Terminal):
 Terminal.__init__(self, sh_cmd, title, env, d)
 logger.warning('Custom terminal was started.')
 else:
-logger.debug(1, 'No custom terminal (OE_TERMINAL_CUSTOMCMD) set')
+logger.debug('No custom terminal (OE_TERMINAL_CUSTOMCMD) set')
 raise UnsupportedTerminal('OE_TERMINAL_CUSTOMCMD not set')
 
 
@@ -216,7 +216,7 @@ def spawn_preferred(sh_cmd, title=None, env=None, d=None):
 
 def spawn(name, sh_cmd, title=None, env=None, d=None):
 """Spawn the specified terminal, by name"""
-logger.debug(1, 'Attempting to spawn terminal "%s"', name)
+logger.debug('Attempting to spawn terminal "%s"', name)
 try:
 terminal = Registry.registry[name]
 except KeyError:
diff --git a/meta/lib/oeqa/sdk/testsdk.py b/meta/lib/oeqa/sdk/testsdk.py
index 35e40187bc..04eb109dd4 100644
--- a/meta/lib/oeqa/sdk/testsdk.py
+++ b/meta/lib/oeqa/sdk/testsdk.py
@@ -71,10 +71,9 @@ class TestSDK(TestSDKBase):
 import logging
 
 from bb.utils import export_proxies
-from oeqa.utils import make_logger_bitbake_compatible
 
 pn = d.getVar("PN")
-logger = make_logger_bitbake_compatible(logging.getLogger("BitBake"))
+logger = logging.getLogger("BitBake")
 
 # sdk use network for download projects for build
 export_proxies(d)
diff --git a/meta/lib/oeqa/utils/__init__.py b/meta/lib/oeqa/utils/__init__.py
index 70fbe7b552..39dde8d05c 100644
--- a/meta/lib/oeqa/utils/__init__.py
+++ b/meta/lib/oeqa/utils/__init__.py
@@ -39,36 +39,6 @@ def avoid_paths_in_environ(paths):
 new_path = new_path[:-1]
 return new_path
 
-def make_logger_bitbake_compatible(logger):
-import logging
-
-""" 
-Bitbake logger redifines debug() in order to
-set a level within debug, this breaks compatibility
-with vainilla logging, so we neeed to redifine debug()
-method again also add info() method with INFO + 1 level.
-"""
-def _bitbake_log_debug(*args, **kwargs):
-lvl = logging.DEBUG
-
-if isinstance(args[0], int):
-lvl = args[0]
-msg = args[1]
-args = args[2:]
-else:
-msg = args[0]
-args = args[1:]
-
-logger.log(lvl, msg, *args, **kwargs)
-
-def _bitbake_log_info(msg, *args, **kwargs):
-logger.log(logging.INFO + 1, msg, *args, **kwargs)
-
-logger.debug = _bitbake_log_debug
-logger.info = _bitbake_log_info
-
-return logger
-
 def load_test_components(logger, executor):
 import sys
 import os
diff --git a/meta/lib/oeqa/utils/package_manager.py 
b/meta/lib/oeqa/utils/package_manager.py
index 3623299295..6b67f22fdd 100644
--- a/meta/lib/oeqa/utils/package_manager.py
+++ b/meta/lib/oeqa/utils/package_manager.py
@@ -117,7 +117,7 @@ def extract_packages(d, needed_packages):
 extract = package.get('extract', True)
 
 if extract:
-#logger.debug(1, 'Extracting %s' % pkg)
+#logger.debug('Extracting %s' % pkg)
 dst_dir = os.path.join(extracted_path, pkg)
 # Same package used for more than one test,
 # don't need to extract again.
@@ -130,7 +130,7 @@ def extract_packages(d, 

Re: [OE-core] [PATCH] license_image: Introduce SKIP_LICENSE_MANIFEST_RECIPES variable to prevent from trying to use license recipeinfo file from image recipes

[Richard Purdie]

On Tue, 2021-02-09 at 16:37 +0100, Tomasz Dziendzielski wrote:
> 
> Thanks for the answer.
> 
> > I've been giving this some thought and I really don't like having
> > to
> > remember to manually add special cases like this, it sounds/looks
> > like
> > something we should really fix in a better way.
> 
> The other way that comes to my mind would be to loop over all
> dependencies and check if they inherit image.bbclass which would
> increase build time. Another problem is that we don't have direct
> access to other recipes' metadata, so we would need to prepare such
> mechanism.

That isn't something we want to support.

> > Perhaps we should just skip license files if they don't exist? We
> > could
> > perhaps show a warning if the match isn't for a recipe called *-
> > image?
> 
> There might be recipes inheriting image.bbclass that don't have
> "image" in its name (which is also my case). I can prepare the change
> to just print a warning instead of error if the recipe can't find a
> license manifest for any recipe, not only the ones called *-image.
> Unfortunately that way we could not catch missing manifests with
> recipes that should provide them. Would such change be accepted?

I think the warn/error issue isn't the real solution, "good" builds
shouldn't show warnings and this case would.

I guess the other option is to enable populate_lic for image recipes
rather than deleting the task, then there would be some kind of license
information available. Not sure whether that makes sense or not (and
whether it should be the image recipe license or the sum of the
licences making up that image is a secondary difficult question)...

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147866): 
https://lists.openembedded.org/g/openembedded-core/message/147866
Mute This Topic: https://lists.openembedded.org/mt/80377785/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [meta][PATCHv2] npm.bbclass: avoid building target nodejs for native npm recipes

[Yoann Congal]

Le lun. 8 févr. 2021 à 20:11, Martin Jansa  a
écrit :

> You need the override after the append/prepend operator and append is more
> common than prepend (order of RDEPENDS isn't important) so I would use:
>
> RDEPENDS_${PN}_append_class-target = " nodejs"
>

Hi !

Thanks! I already sent a v2 here :
https://lists.openembedded.org/g/openembedded-core/message/147833

... with _prepend though : I respected the original line as much as
possible. I would have used _append as well.

Regards,
-- 
Yoann

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147865): 
https://lists.openembedded.org/g/openembedded-core/message/147865
Mute This Topic: https://lists.openembedded.org/mt/80484352/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Yocto Project Status WW06`21

[Stephen Jolley]

Current Dev Position: YP 3.3 M3 development

Next Deadline: 1st March 2021 YP 3.3 M3 build 

 

Next Team Meetings:

*   Bug Triage meeting Thursday Feb. 11th at 7:30am PDT (

https://zoom.us/j/454367603?pwd=ZGxoa2ZXL3FkM3Y0bFd5aVpHVVZ6dz09)
*   Monthly Project Meeting Tuesday Mar. 2nd at 8am PDT (

https://zoom.us/j/990892712?pwd=cHU1MjhoM2x6ck81bkcrYjRrcmJsUT09
 )
*   Weekly Engineering Sync Tuesday Feb. 9th at 8am PDT (

https://zoom.us/j/990892712?pwd=cHU1MjhoM2x6ck81bkcrYjRrcmJsUT09
 )
*   Twitch -  See https://www.twitch.tv/theyoctojester

 

Key Status/Updates:

*   We've merged a number of key upgrades to glibc, binutils and
autoconf in particular which has caused some issues in other layers. Thanks
to everyone helping work through those issues.
*   We've upgraded uninative, with a final 2.32 version containing an
upstream fix and then a version with 2.33. There are early reports there may
be a build issue with kernels and 2.33.
*   Intermittent autobuilder issues continue to occur. You can see the
list of failures we're continuing to see by searching for the "AB-INT" tag
in bugzilla:

https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=AB-INT
*   There are some interesting insights from the SWAT status reports
that are now being generated, in particular they show the frequency that
some bugs are occurring which should help us try and target the most
problematic failures:

 

https://lists.yoctoproject.org/g/swat/topic/swat_statistics_for_week_05/8046
6229

The reports can be seen on the swat mailing list (which anyone can join).

 

Ways to contribute:

*   There are bugs identified as possible for newcomers to the project:

https://wiki.yoctoproject.org/wiki/Newcomers
*   There are bugs that are currently unassigned for YP 3.3. See:

https://wiki.yoctoproject.org/wiki/Bug_Triage#Medium.2B_3.3_Unassigned_Enhan
cements.2FBugs
*   We'd welcome new maintainers for recipes in OE-Core. Please see the
list at:

http://git.yoctoproject.org/cgit.cgi/poky/tree/meta/conf/distro/include/main
tainers.inc and discuss with the existing maintainer, or ask on the OE-Core
mailing list. We will likely move a chunk of these to "Unassigned" soon to
help facilitate this.

 

YP 3.3 Milestone Dates:

*   YP 3.3 M3 build date 2021/03/01
*   YP 3.3 M3 Release date 2021/03/12
*   YP 3.3 M4 build date 2021/04/05
*   YP 3.3 M4 Release date 2021/04/30

 

Planned upcoming dot releases:

*   YP 3.2.2 build date 2021/02/08
*   YP 3.2.2 release date 2021/02/19
*   YP 3.1.6 build date 2021/02/22
*   YP 3.1.6 release date 2021/03/05
*   YP 3.2.3 build date 2021/03/15
*   YP 3.2.3 release date 2021/03/26
*   YP 3.1.7 build date 2021/03/29
*   YP 3.1.7 release date 2021/04/09

 

Tracking Metrics:

*   WDD 2639 (last week 2597) (

https://wiki.yoctoproject.org/charts/combo.html)
*   Poky Patch Metrics  

*   Total patches found: 1278 (last week 1290)
*   Patches in the Pending State: 495 (39%) [last week 504 (39%)]

 

The Yocto Project's technical governance is through its Technical Steering
Committee, more information is available at:

 
https://wiki.yoctoproject.org/wiki/TSC

 

The Status reports are now stored on the wiki at:

https://wiki.yoctoproject.org/wiki/Weekly_Status

 

[If anyone has suggestions for other information you'd like to see on this
weekly status update, let us know!]

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147864): 
https://lists.openembedded.org/g/openembedded-core/message/147864
Mute This Topic: https://lists.openembedded.org/mt/80507394/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] license_image: Introduce SKIP_LICENSE_MANIFEST_RECIPES variable to prevent from trying to use license recipeinfo file from image recipes

[Tomasz Dziendzielski]

Thanks for the answer.

>I've been giving this some thought and I really don't like having to
>remember to manually add special cases like this, it sounds/looks like
>something we should really fix in a better way.

The other way that comes to my mind would be to loop over all dependencies
and check if they inherit image.bbclass which would increase build time.
Another problem is that we don't have direct access to other recipes'
metadata, so we would need to prepare such mechanism.

>Perhaps we should just skip license files if they don't exist? We could
>perhaps show a warning if the match isn't for a recipe called *-image?

There might be recipes inheriting image.bbclass that don't have "image" in
its name (which is also my case). I can prepare the change to just print a
warning instead of error if the recipe can't find a license manifest for
any recipe, not only the ones called *-image. Unfortunately that way we
could not catch missing manifests with recipes that should provide them.
Would such change be accepted?

Best regards,
Tomasz Dziendzielski

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147863): 
https://lists.openembedded.org/g/openembedded-core/message/147863
Mute This Topic: https://lists.openembedded.org/mt/80377785/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] opkg: Fix patch glitches

[Richard Purdie]

On Tue, 2021-02-09 at 07:16 -0800, Matt Madison wrote:
> 
> 
> On Tue, Feb 9, 2021 at 6:34 AM Richard Purdie
>  wrote:
> > The original patch contained some text which shouldn't have been
> > there
> > and used brackets in configure which isn't a great idea. Tweak the
> > patch
> > to resolve this.
> > 
> > Signed-off-by: Richard Purdie 
> > ---
> >  meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch | 5 ++---
> >  1 file changed, 2 insertions(+), 3 deletions(-)
> > 
> > diff --git a/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
> > b/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
> > index 285d258c635..6d0b1486ad3 100644
> > --- a/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
> > +++ b/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
> > @@ -9,13 +9,12 @@ Index: opkg-0.4.4/configure.ac
> >  ==
> > =
> >  --- opkg-0.4.4.orig/configure.ac
> >  +++ opkg-0.4.4/configure.ac
> > -@@ -281,7 +281,12 @@ AC_FUNC_UTIME_NULL
> > +@@ -281,7 +281,11 @@ AC_FUNC_UTIME_NULL
> >   AC_FUNC_VPRINTF
> >   AC_CHECK_FUNCS([memmove memset mkdir regcomp strchr strcspn
> > strdup strerror strndup strrchr strstr strtol strtoul sysinfo
> > utime])
> > 
> >  -CLEAN_DATE=`date +"%B %Y" | tr -d '\n'`
> > -+1607446883
> > -+if [ ! -z "$SOURCE_DATE_EPOCH" ]; then
> > ++if ! -z "$SOURCE_DATE_EPOCH" ; then
> > 
> 
> This doesn't look like valid shell syntax - there should be a 'test'
> command before the '!', right?
> Or change the whole thing to use AS_IF.

Well spotted. I somehow grabbed a half complete version, trying to
juggle too many things at once I think. I've fixed it on the branch,
third time lucky :/.

Cheers,

Richard



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147862): 
https://lists.openembedded.org/g/openembedded-core/message/147862
Mute This Topic: https://lists.openembedded.org/mt/80505499/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] opkg: Fix patch glitches

[Matt Madison]

On Tue, Feb 9, 2021 at 6:34 AM Richard Purdie <
richard.pur...@linuxfoundation.org> wrote:

> The original patch contained some text which shouldn't have been there
> and used brackets in configure which isn't a great idea. Tweak the patch
> to resolve this.
>
> Signed-off-by: Richard Purdie 
> ---
>  meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
> b/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
> index 285d258c635..6d0b1486ad3 100644
> --- a/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
> +++ b/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
> @@ -9,13 +9,12 @@ Index: opkg-0.4.4/configure.ac
>  ===
>  --- opkg-0.4.4.orig/configure.ac
>  +++ opkg-0.4.4/configure.ac
> -@@ -281,7 +281,12 @@ AC_FUNC_UTIME_NULL
> +@@ -281,7 +281,11 @@ AC_FUNC_UTIME_NULL
>   AC_FUNC_VPRINTF
>   AC_CHECK_FUNCS([memmove memset mkdir regcomp strchr strcspn strdup
> strerror strndup strrchr strstr strtol strtoul sysinfo utime])
>
>  -CLEAN_DATE=`date +"%B %Y" | tr -d '\n'`
> -+1607446883
> -+if [ ! -z "$SOURCE_DATE_EPOCH" ]; then
> ++if ! -z "$SOURCE_DATE_EPOCH" ; then
>

This doesn't look like valid shell syntax - there should be a 'test'
command before the '!', right?
Or change the whole thing to use AS_IF.

-Matt

 +CLEAN_DATE=`LC_ALL=C date -d @$SOURCE_DATE_EPOCH +"%B %Y" | tr -d
> '\n'`
>  +else
>  +CLEAN_DATE=`date +"%B %Y" | tr -d '\n'`
> --
> 2.27.0
>
>
> 
>
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147861): 
https://lists.openembedded.org/g/openembedded-core/message/147861
Mute This Topic: https://lists.openembedded.org/mt/80505499/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] license_image: Introduce SKIP_LICENSE_MANIFEST_RECIPES variable to prevent from trying to use license recipeinfo file from image recipes

[Richard Purdie]

On Thu, 2021-02-04 at 13:13 +0100, Tomasz Dziendzielski wrote:
> If image recipe depends on another image recipe it will try to use
> license recipeinfo that is not deployed. It will result in:
> > Exception: FileNotFoundError: [Errno 2] No such file or directory:
> > 'TMPDIR/deploy/licenses/foo-image/recipeinfo'
> 
> We can't determine in a simple and efficient way if dependency recipe
> inherits image.bbclass, so let's introduce SKIP_LICENSE_MANIFEST_RECIPES
> variable that will contain list of recipes that should be skipped.
> 
> Signed-off-by: Tomasz Dziendzielski 
> ---
>  meta/classes/license_image.bbclass | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/meta/classes/license_image.bbclass 
> b/meta/classes/license_image.bbclass
> index 8fd88cfb2d..e2f3178306 100644
> --- a/meta/classes/license_image.bbclass
> +++ b/meta/classes/license_image.bbclass
> @@ -223,7 +223,8 @@ def get_deployed_dependencies(d):
>  pn = d.getVar("PN", True)
>  depends = list(set([dep[0] for dep
>  in list(taskdata.values())
> -if not dep[0].endswith("-native") and not dep[0] == pn]))
> +if not dep[0].endswith("-native") and not dep[0] == pn
> +and dep[0] not in 
> (d.getVar("SKIP_LICENSE_MANIFEST_RECIPES", True) or "").split()]))
>  
> 
> 
> 

I've been giving this some thought and I really don't like having to
remember to manually add special cases like this, it sounds/looks like
something we should really fix in a better way.

Perhaps we should just skip license files if they don't exist? We could
perhaps show a warning if the match isn't for a recipe called *-image?

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147860): 
https://lists.openembedded.org/g/openembedded-core/message/147860
Mute This Topic: https://lists.openembedded.org/mt/80377785/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][dunfell 23/28] opkg: Fix build reproducibility issue

[Steve Sakoman]

On Tue, Feb 9, 2021 at 4:34 AM Richard Purdie
 wrote:
>
> On Mon, 2021-02-08 at 03:52 -1000, Steve Sakoman wrote:
> > From: Richard Purdie 
> >
> > A build date was leaking into the generated docs and makefile used for
> > ptests leading to reproducibility issues each time the month changed.
> >
> > Add a patch to use SOURCE_DATE_EPOCH to derive it if available.
> >
> > Signed-off-by: Richard Purdie 
> > (cherry picked from commit 6a9ca7aec4991eabd425e32fdf85f51bb1686b8b)
> > Signed-off-by: Steve Sakoman 
> > ---
> >  .../opkg/opkg/sourcedateepoch.patch   | 25 +++
> >  meta/recipes-devtools/opkg/opkg_0.4.2.bb  |  1 +
> >  2 files changed, 26 insertions(+)
> >  create mode 100644 meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
>
> I'd hold this one until I get the patch fixed...

Got it!  I'll remove from the pull request and wait till I see your
fix to resubmit.

Steve

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147859): 
https://lists.openembedded.org/g/openembedded-core/message/147859
Mute This Topic: https://lists.openembedded.org/mt/80477438/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] opkg: Fix patch glitches

[Richard Purdie]

The original patch contained some text which shouldn't have been there
and used brackets in configure which isn't a great idea. Tweak the patch
to resolve this.

Signed-off-by: Richard Purdie 
---
 meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch 
b/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
index 285d258c635..6d0b1486ad3 100644
--- a/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
+++ b/meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
@@ -9,13 +9,12 @@ Index: opkg-0.4.4/configure.ac
 ===
 --- opkg-0.4.4.orig/configure.ac
 +++ opkg-0.4.4/configure.ac
-@@ -281,7 +281,12 @@ AC_FUNC_UTIME_NULL
+@@ -281,7 +281,11 @@ AC_FUNC_UTIME_NULL
  AC_FUNC_VPRINTF
  AC_CHECK_FUNCS([memmove memset mkdir regcomp strchr strcspn strdup strerror 
strndup strrchr strstr strtol strtoul sysinfo utime])
  
 -CLEAN_DATE=`date +"%B %Y" | tr -d '\n'`
-+1607446883
-+if [ ! -z "$SOURCE_DATE_EPOCH" ]; then
++if ! -z "$SOURCE_DATE_EPOCH" ; then
 +CLEAN_DATE=`LC_ALL=C date -d @$SOURCE_DATE_EPOCH +"%B %Y" | tr -d '\n'`
 +else
 +CLEAN_DATE=`date +"%B %Y" | tr -d '\n'`
-- 
2.27.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147858): 
https://lists.openembedded.org/g/openembedded-core/message/147858
Mute This Topic: https://lists.openembedded.org/mt/80505499/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][dunfell 23/28] opkg: Fix build reproducibility issue

[Richard Purdie]

On Mon, 2021-02-08 at 03:52 -1000, Steve Sakoman wrote:
> From: Richard Purdie 
> 
> A build date was leaking into the generated docs and makefile used for
> ptests leading to reproducibility issues each time the month changed.
> 
> Add a patch to use SOURCE_DATE_EPOCH to derive it if available.
> 
> Signed-off-by: Richard Purdie 
> (cherry picked from commit 6a9ca7aec4991eabd425e32fdf85f51bb1686b8b)
> Signed-off-by: Steve Sakoman 
> ---
>  .../opkg/opkg/sourcedateepoch.patch   | 25 +++
>  meta/recipes-devtools/opkg/opkg_0.4.2.bb  |  1 +
>  2 files changed, 26 insertions(+)
>  create mode 100644 meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch

I'd hold this one until I get the patch fixed...

Cheers,

Richard


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147857): 
https://lists.openembedded.org/g/openembedded-core/message/147857
Mute This Topic: https://lists.openembedded.org/mt/80477438/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] qemu: CVE-2018-18438 Security Advisory

[Steve Sakoman]

On Fri, Jan 22, 2021 at 4:05 AM Richard Purdie
 wrote:
>
> On Fri, 2021-01-22 at 10:14 +, Richard Purdie via
> lists.openembedded.org wrote:
> > On Fri, 2021-01-22 at 15:15 +0800, Wang Mingyu wrote:
> > >
> > > diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2018-18438.patch 
> > > b/meta/recipes-devtools/qemu/qemu/CVE-2018-18438.patch
> > > new file mode 100644
> > > index 00..b6ce8fa57d
> > > --- /dev/null
> > > +++ b/meta/recipes-devtools/qemu/qemu/CVE-2018-18438.patch
> > > @@ -0,0 +1,697 @@
> > > +From:  Philippe Mathieu-Daudé
> > > +Subject:   [Qemu-devel] [PATCH v2 07/11] chardev: Let IOReadHandler use 
> > > unsigned type
> > > +Date:  Fri, 12 Oct 2018 02:22:13 +0200
> > > +
> > > +The number of bytes can not be negative nor zero.
> > > +
> > > +Fixed 2 format string:
> > > +- hw/char/spapr_vty.c
> > > +- hw/usb/ccid-card-passthru.c
> >
> > No Upstream-Status.
> >
> > Its also unclear what the status of these patches is upstream, they're
> > submitted, there was discussion but they weren't merged. I'm also
> > wondering whether there are more of the 11 patches in the series needed
> > to address the issue? Or perhaps the issue was ultimately addressed by
> > other patches?
>
> I went digging and was pointed to
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1609015
>
> i.e. qemu upstream and Redhat believe this is not an issue
>
> Steve: What do we do here? Whitelist? Do we report upstream somehow?

I'll email the database maintainers and see how they want to handle
this.  If they won't do anything then we should perhaps whitelist - I
don't think we should apply patches that weren't merged upstream.

Steve

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147856): 
https://lists.openembedded.org/g/openembedded-core/message/147856
Mute This Topic: https://lists.openembedded.org/mt/80025435/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] mpg123: Add support for FPU-less targets

[robert . rosengren]

From: Robert Rosengren 

Support added to configure mpg123 for FPU-less targets. Building for
fixed-point arithmetic increases performance on such devices.

Signed-off-by: Robert Rosengren 
---
 meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb 
b/meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb
index c9bbcd30ff..35cad6ffc4 100644
--- a/meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb
+++ b/meta/recipes-multimedia/mpg123/mpg123_1.26.4.bb
@@ -40,6 +40,7 @@ EXTRA_OECONF = " \
 --with-audio='${AUDIOMODS}' \
 ${@bb.utils.contains('TUNE_FEATURES', 'neon', '--with-cpu=neon', '', d)} \
 ${@bb.utils.contains('TUNE_FEATURES', 'altivec', '--with-cpu=altivec', '', 
d)} \
+${@bb.utils.contains('TARGET_FPU', 'soft', '--with-cpu=generic_nofpu', '', 
d)} \
 "
 # Fails to build with thumb-1 (qemuarm)
 #| {standard input}: Assembler messages:
-- 
2.20.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147855): 
https://lists.openembedded.org/g/openembedded-core/message/147855
Mute This Topic: https://lists.openembedded.org/mt/80504939/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [oe] [bitbake-devel] Backport changes for _PYTHON_SYSCONFIGDATA_NAME to Gatesgarth and Dunfell

[Steve Sakoman]

On Mon, Feb 8, 2021 at 1:45 PM Peter Kjellerstedt
 wrote:
>
> As agreed upon on the Yocto Project Technical Team Meeting a week ago, I have 
> created branches for both Gatesgarth and Dunfell in openembedded-core-contrib 
> and meta-openembedded-contrib with the required patches. The branches are 
> called pkj/_PYTHON_SYSCONFIGDATA_NAME-gatesgarth and 
> pkj/_PYTHON_SYSCONFIGDATA_NAME-dunfell (ok, horrible names, but they should 
> be easy to spot). There is one additional patch for bitbake, but I forgot to 
> ask for access to bitbake-contrib, so you will have to cherry-pick it from 
> commit 47b64cfa (it is not strictly necessary as it is just clean up made 
> possible after the changes in OE-Core).
>
>
>
> @jansa, @akuster: I have included the two extra patches in meta-openembedded 
> that Martin mentioned, which were lacking from my original mail. There were 
> other patches mentioned, which fixed missing spaces related to the use of 
> _append. However, as they were not necessary (they changed other variables 
> than DEPENDS for target), I did not include them.
>
>
>
> I have not done any excessive testing of these branches. I have verified that 
> I can run `devtool modify libxml2`, which I could not do before, and I have 
> run `bitbake core-image-minimal`.

Thanks Peter!  I'll start testing with dunfell this morning.

Steve

> From: Martin Jansa 
> Sent: den 7 februari 2021 12:15
> To: Martin Jansa 
> Cc: akuster808 ; Peter Kjellerstedt 
> ; Steve Sakoman ; Mittal, 
> Anuj ; OE Core 
> (openembedded-core@lists.openembedded.org) 
> ; OE Development 
> (openembedded-de...@lists.openembedded.org) 
> ; BitBake Development 
> (bitbake-de...@lists.openembedded.org) 
> Subject: Re: [oe] [bitbake-devel] Backport changes for 
> _PYTHON_SYSCONFIGDATA_NAME to Gatesgarth and Dunfell
>
>
>
> On Sun, Feb 7, 2021 at 12:15 AM Martin Jansa via lists.openembedded.org 
>  wrote:
>
> On Sat, Jan 16, 2021 at 6:52 PM akuster808  wrote:
>
>
>
> On 1/16/21 9:44 AM, Martin Jansa wrote:
> > Aren't the missing spaces in appends fixes also needed for meta-oe
> > recipes?
>
>
> >
> > I think at least top 5 commits from:
> > https://git.openembedded.org/meta-openembedded/log/?qt=grep=space.*append
> > were also follow-up from these changes in oe-core.
> >
> Do you mean something beyond the meta-openembedded commits mentioned
> near the bottom of the email?
>
>
>
> Yes I mean these 5 commits at least.
>
>
>
> 50bbf80abf python3-pykwalify: Do not unset _PYTHON_SYSCONFIGDATA_NAME
>
> 6b3e3bdaf8 python-grpcio-tools: Add missing space for append
>
>
>
> The first one is just an additional cleanup, but without the 2nd one and with 
> the cherry-picks from the first e-mail applied you would get:
>
> ERROR: Nothing PROVIDES 'python3python3-grpcio' (but 
> meta-oe/meta-python/recipes-devtools/python/python3-grpcio-tools_1.14.1.bb 
> DEPENDS on or otherwise requires it). Close matches:
>   python-grpcio
>   python3-grpcio
>
>
>
> my world build is still running..
>
>
>
>
>
> with c99bb790 DEPENDS variable doesn't end with a space, so the missing 
> leading space in these appends (which was fine until now because of trailing 
> space from DEPENDS set in bbclass) is now causing wrong dependency (should be 
> easily reproducible with the patches backported, just by parsing the recipes).
>
>
>
> I need clarity so I can open an issue in gitlab for tracking purposes as
> I am sure I will forget this
>
>
>
> we're using gitlab?
>
>
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147854): 
https://lists.openembedded.org/g/openembedded-core/message/147854
Mute This Topic: https://lists.openembedded.org/mt/80450390/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] libsystemd is missing ?

[Bruce Ashfield]

On Tue, Feb 9, 2021 at 3:29 AM Ramon Fried  wrote:
>
> Hi.
> I stumbled upon a recipe which needs libsystemd (fluentbit).
> In the configuration phase, during pkg-config, it fails finding libsystemd.
> Specifically, it fails to find the journald header file: sd-journal.h
>
> Am I missing some configuration, or systemd recipe doesn't install the
> dev libraries, only the runtime ?

Did you try putting "systemd" in the DEPENDS of the recipe ?

Bruce

>
> Thanks,
> Ramon.
>
> 
>


-- 
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147853): 
https://lists.openembedded.org/g/openembedded-core/message/147853
Mute This Topic: https://lists.openembedded.org/mt/80499989/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 2/2] cve-check: add include/exclude layers

[Richard Purdie]

On Mon, 2021-02-08 at 07:55 -0800, akuster808 wrote:
> 
> On 2/8/21 2:16 AM, Richard Purdie wrote:
> > On Mon, 2021-02-08 at 05:51 +, akuster wrote:
> > > There are times when exluding or including a layer
> > > may be desired. This provide the framwork for that via
> > > two variables. The default is all layers in bblayers.
> > > 
> > > CVE_CHECK_LAYER_INCLUDELIST
> > > CVE_CHECK_LAYER_EXCLUDELIST
> > Do we need to document these?
> Yes if and when the patches are accepted.  By doc do you mean the
> manuals or documentation.conf?

I was thinking the of the manuals but both may make sense. The patch is
in so looking forward to the docs updated, thanks! :)

Cheers,

Richard




-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147852): 
https://lists.openembedded.org/g/openembedded-core/message/147852
Mute This Topic: https://lists.openembedded.org/mt/80471477/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[PATCH] [OE-core] [PATCH] parted: upgrade 3.3 -> 3.4

[Wang Mingyu]

0001-Move-python-helper-scripts-used-only-in-tests-to-Pyt.patch
0001-libparted-fs-add-sourcedir-lib-to-include-paths.patch
0002-tests-use-skip_-rather-than-skip_test_-which-is-unde.patch
removed since they are included in 3.4

Add python3-core to RDEPENDS_parted-ptest
since /usr/lib/parted/ptest/tests/msdos-overlap contained in package 
parted-ptest requires /usr/bin/python3

Signed-off-by: Wang Mingyu 
---
 ...er-scripts-used-only-in-tests-to-Pyt.patch | 33 --
 ...s-add-sourcedir-lib-to-include-paths.patch | 26 
 ...rather-than-skip_test_-which-is-unde.patch | 66 ---
 .../parted/{parted_3.3.bb => parted_3.4.bb}   |  9 +--
 4 files changed, 3 insertions(+), 131 deletions(-)
 delete mode 100644 
meta/recipes-extended/parted/files/0001-Move-python-helper-scripts-used-only-in-tests-to-Pyt.patch
 delete mode 100644 
meta/recipes-extended/parted/files/0001-libparted-fs-add-sourcedir-lib-to-include-paths.patch
 delete mode 100644 
meta/recipes-extended/parted/files/0002-tests-use-skip_-rather-than-skip_test_-which-is-unde.patch
 rename meta/recipes-extended/parted/{parted_3.3.bb => parted_3.4.bb} (81%)

diff --git 
a/meta/recipes-extended/parted/files/0001-Move-python-helper-scripts-used-only-in-tests-to-Pyt.patch
 
b/meta/recipes-extended/parted/files/0001-Move-python-helper-scripts-used-only-in-tests-to-Pyt.patch
deleted file mode 100644
index 829c0c8b78..00
--- 
a/meta/recipes-extended/parted/files/0001-Move-python-helper-scripts-used-only-in-tests-to-Pyt.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From ddbefd80d74c3baaae328332458db447e1666240 Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin 
-Date: Thu, 27 Apr 2017 16:37:24 +0300
-Subject: [PATCH] Move python helper scripts (used only in tests) to Python 3
-
-Upstream-Status: Pending
-Signed-off-by: Alexander Kanavin 
-

- tests/gpt-header-move | 2 +-
- tests/msdos-overlap   | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/tests/gpt-header-move b/tests/gpt-header-move
-index 3dda5cb..a2b9508 100755
 a/tests/gpt-header-move
-+++ b/tests/gpt-header-move
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/env python3
- 
- # open img file, subtract 33 from altlba address, and move the last 33 sectors
- # back by 33 sectors
-diff --git a/tests/msdos-overlap b/tests/msdos-overlap
-index d6ae8d6..2c6747b 100755
 a/tests/msdos-overlap
-+++ b/tests/msdos-overlap
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/env python3
- """
- Write an overlapping partition to a msdos disk
- 
diff --git 
a/meta/recipes-extended/parted/files/0001-libparted-fs-add-sourcedir-lib-to-include-paths.patch
 
b/meta/recipes-extended/parted/files/0001-libparted-fs-add-sourcedir-lib-to-include-paths.patch
deleted file mode 100644
index 4dc2ab259d..00
--- 
a/meta/recipes-extended/parted/files/0001-libparted-fs-add-sourcedir-lib-to-include-paths.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From d60a8a86f6593738b5324ccd8fe3e6d84a1fe7bc Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin 
-Date: Wed, 11 Dec 2019 14:18:36 +0100
-Subject: [PATCH] libparted/fs: add $sourcedir/lib to include paths
-
-Otherwise, getopt-pfx-core.h won't be found.
-
-Upstream-Status: Pending
-Signed-off-by: Alexander Kanavin 

- libparted/fs/Makefile.am | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libparted/fs/Makefile.am b/libparted/fs/Makefile.am
-index 286bff6..65f45d3 100644
 a/libparted/fs/Makefile.am
-+++ b/libparted/fs/Makefile.am
-@@ -3,7 +3,7 @@
- #
- # This file may be modified and/or distributed without restriction.
- 
--partedincludedir = -I$(top_builddir)/include -I$(top_srcdir)/include
-+partedincludedir = -I$(top_builddir)/include -I$(top_srcdir)/include 
-I$(top_srcdir)/lib
- 
- AM_CFLAGS = $(WARN_CFLAGS)
- 
diff --git 
a/meta/recipes-extended/parted/files/0002-tests-use-skip_-rather-than-skip_test_-which-is-unde.patch
 
b/meta/recipes-extended/parted/files/0002-tests-use-skip_-rather-than-skip_test_-which-is-unde.patch
deleted file mode 100644
index 9524adf7b8..00
--- 
a/meta/recipes-extended/parted/files/0002-tests-use-skip_-rather-than-skip_test_-which-is-unde.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From 9f844484cedb39e301b016e9da7852c1a0fb6eea Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin 
-Date: Wed, 11 Dec 2019 16:27:48 +0100
-Subject: [PATCH] tests: use skip_ rather than skip_test_ (which is undefined)
-
-Upstream-Status: Pending
-Signed-off-by: Alexander Kanavin 

- tests/t6001-psep.sh   | 2 +-
- tests/t6004-dm-many-partitions.sh | 2 +-
- tests/t6005-dm-uuid.sh| 2 +-
- tests/t6006-dm-512b-sectors.sh| 2 +-
- 4 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/tests/t6001-psep.sh b/tests/t6001-psep.sh
-index e350bd2..67014a0 100644
 a/tests/t6001-psep.sh
-+++ b/tests/t6001-psep.sh
-@@ -21,7 +21,7 @@
- require_root_
- require_udevadm_settle_
- 
--(dmsetup --help) > /dev/null 2>&1 || skip_test_ "No dmsetup installed"
-+(dmsetup 

[OE-core] libsystemd is missing ?

[Ramon Fried]

Hi.
I stumbled upon a recipe which needs libsystemd (fluentbit).
In the configuration phase, during pkg-config, it fails finding libsystemd.
Specifically, it fails to find the journald header file: sd-journal.h

Am I missing some configuration, or systemd recipe doesn't install the
dev libraries, only the runtime ?

Thanks,
Ramon.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#147850): 
https://lists.openembedded.org/g/openembedded-core/message/147850
Mute This Topic: https://lists.openembedded.org/mt/80499989/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-